Additional scan result of Farbar Recovery Scan Tool (x64) Version: 29-05-2015 Ran by maciej at 2015-06-03 19:49:02 Running from C:\Users\maciej\Downloads Boot Mode: Normal ========================================================== ==================== Accounts: ============================= Administrator (S-1-5-21-2619840493-2819106915-3540068395-500 - Administrator - Disabled) => C:\Users\Administrator Gość (S-1-5-21-2619840493-2819106915-3540068395-501 - Limited - Disabled) HomeGroupUser$ (S-1-5-21-2619840493-2819106915-3540068395-1018 - Limited - Enabled) maciej (S-1-5-21-2619840493-2819106915-3540068395-1001 - Administrator - Enabled) => C:\Users\maciej varicopostgres (S-1-5-21-2619840493-2819106915-3540068395-1016 - Limited - Enabled) => C:\Users\varicopostgres.maciej-Komputer ==================== Security Center ======================== (If an entry is included in the fixlist, it will be removed.) AV: ESET NOD32 Antivirus 8.0 (Enabled - Up to date) {19259FAE-8396-A113-46DB-15B0E7DFA289} AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: ESET NOD32 Antivirus 8.0 (Enabled - Up to date) {A2447E4A-A5AC-AE9D-7C6B-2EC29C58E834} ==================== Installed Programs ====================== (Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.) 4500_Help (x32 Version: 1.00.0000 - Hewlett-Packard) Hidden 64 Bit HP CIO Components Installer (Version: 6.2.1 - Hewlett-Packard) Hidden ABBYY FineReader 9.0 Professional Edition (HKLM-x32\...\{F9000000-0001-0000-0000-074957833700}) (Version: 9.00.724.5507 - ABBYY) Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 15.0.0.356 - Adobe Systems Incorporated) Adobe Community Help (HKLM-x32\...\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 3.4.980 - Adobe Systems Incorporated.) Adobe Download Assistant (HKLM-x32\...\com.adobe.downloadassistant.AdobeDownloadAssistant) (Version: 1.2.2 - Adobe Systems Incorporated) Adobe Flash Player 17 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 17.0.0.169 - Adobe Systems Incorporated) Adobe Flash Player 17 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 17.0.0.169 - Adobe Systems Incorporated) Adobe Flash Player 18 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 18.0.0.154 - Adobe Systems Incorporated) Adobe Reader X (10.1.12) - Polish (HKLM-x32\...\{AC76BA86-7AD7-1045-7B44-AA1000000001}) (Version: 10.1.12 - Adobe Systems Incorporated) Adobe Shockwave Player 11.5 (HKLM-x32\...\Adobe Shockwave Player) (Version: 11.5.9.615 - Adobe Systems, Inc.) Adobe Widget Browser (HKLM-x32\...\com.adobe.WidgetBrowser.E7BED6E5DDA59983786DD72EBFA46B1598278E07.1) (Version: 2.0 Build 230 - Adobe Systems Incorporated.) Aktualizacja produktu Microsoft Office Excel 2007 Help (KB963678) (HKLM-x32\...\{90120000-0016-0415-0000-0000000FF1CE}_ENTERPRISE_{04E205D6-88B1-4652-B162-42DF2C3B1228}) (Version: - Microsoft) Aktualizacja produktu Microsoft Office Excel 2007 Help (KB963678) (HKLM-x32\...\{90120000-0016-0415-0000-0000000FF1CE}_HOMESTUDENTR_{04E205D6-88B1-4652-B162-42DF2C3B1228}) (Version: - Microsoft) Aktualizacja produktu Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM-x32\...\{90120000-0018-0415-0000-0000000FF1CE}_ENTERPRISE_{442ECBCF-94A7-48CC-8CD9-D31FFFD5FA86}) (Version: - Microsoft) Aktualizacja produktu Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM-x32\...\{90120000-0018-0415-0000-0000000FF1CE}_HOMESTUDENTR_{442ECBCF-94A7-48CC-8CD9-D31FFFD5FA86}) (Version: - Microsoft) Aktualizacja produktu Microsoft Office Word 2007 Help (KB963665) (HKLM-x32\...\{90120000-001B-0415-0000-0000000FF1CE}_ENTERPRISE_{128A36ED-21BE-4547-9FFE-5B85AEC735DD}) (Version: - Microsoft) Aktualizacja produktu Microsoft Office Word 2007 Help (KB963665) (HKLM-x32\...\{90120000-001B-0415-0000-0000000FF1CE}_HOMESTUDENTR_{128A36ED-21BE-4547-9FFE-5B85AEC735DD}) (Version: - Microsoft) Ashampoo Snap 5 v.5.1.5 (HKLM-x32\...\{C92AB6F1-DF43-1F74-81AF-9BE56BF1D67F}_is1) (Version: 5.1.5 - Ashampoo GmbH & Co. KG) bpd_scan (x32 Version: 3.00.0000 - Hewlett-Packard) Hidden BPDSoftware (x32 Version: 50.0.165.000 - Hewlett-Packard) Hidden BPDSoftware_Ini (x32 Version: 1.00.0000 - Hewlett-Packard) Hidden Broadcom 802.11 Wireless LAN Adapter (HKLM\...\Broadcom 802.11 Wireless LAN Adapter) (Version: 5.30.21.0 - Broadcom Corporation) BufferChm (x32 Version: 130.0.331.000 - Hewlett-Packard) Hidden CCleaner (HKLM\...\CCleaner) (Version: 4.03 - Piriform) CorelDRAW Graphics Suite X3 (HKLM-x32\...\{7C5123A9-30A8-4C44-89CA-A8C87A1FCC91}) (Version: 13.0 - Corel Corporation) CustomerResearchQFolder (x32 Version: 1.00.0000 - Hewlett-Packard) Hidden CyberLink DVD Suite (HKLM-x32\...\InstallShield_{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}) (Version: 6.0.3101 - CyberLink Corp.) D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden Destinations (x32 Version: 130.0.0.0 - Hewlett-Packard) Hidden DeviceDiscovery (x32 Version: 130.0.465.000 - Hewlett-Packard) Hidden DeviceManagementQFolder (x32 Version: 1.00.0000 - Hewlett-Packard) Hidden DocMgr (x32 Version: 130.0.000.000 - Nazwa firmy) Hidden DocProc (x32 Version: 13.0.0.0 - Hewlett-Packard) Hidden DocProcQFolder (x32 Version: 1.00.0000 - Hewlett-Packard) Hidden Dodatek Zapisywanie jako PDF lub XPS firmy Microsoft dla programów pakietu Microsoft Office 2007 (HKLM-x32\...\{90120000-00B2-0415-0000-0000000FF1CE}) (Version: 12.0.4518.1020 - Microsoft Corporation) EasyLanguage (HKLM-x32\...\EasyLanguage_is1) (Version: 2.09 - 1st EasySoft) e-Deklaracje Desktop (HKLM-x32\...\e-Deklaracje.A1909296681C7ACEFE45687D3A64758C8659BF46.1) (Version: 7.0.1 - Ministerstwo Finansow) e-Deklaracje Desktop (x32 Version: 7.0.1 - Ministerstwo Finansow) Hidden ENE CIR Receiver Driver (HKLM\...\FFE7D41DF3C645075BB149E21988B63996C34187) (Version: 2.7.4.0 - ENE) ESET NOD32 Antivirus (HKLM\...\{4B14EC50-70A2-4973-BE68-50E546653134}) (Version: 8.0.312.4 - ESET, spol s r. o.) eSupportQFolder (x32 Version: 1.00.0000 - Hewlett-Packard) Hidden Fax (x32 Version: 130.0.418.000 - Hewlett-Packard) Hidden FileOpen Client (x64) (HKLM\...\{A3010F8F-DC9E-47D6-8163-D9ACFEBF0214}) (Version: 3.0.71.917 - FileOpen Systems, Inc.) FileZilla Client 3.8.0 (HKLM-x32\...\FileZilla Client) (Version: 3.8.0 - Tim Kosse) FontNav (x32 Version: 5.0 - Corel Corporation) Hidden Foxit Reader (HKLM-x32\...\Foxit Reader_is1) (Version: 6.0.2.413 - Foxit Corporation) Galeria fotografii (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden GIMP 2.8.14 (HKLM\...\GIMP-2_is1) (Version: 2.8.14 - The GIMP Team) Google Chrome (HKLM-x32\...\Google Chrome) (Version: 43.0.2357.81 - Google Inc.) Google Drive (HKLM-x32\...\{35574F09-89F9-4B16-B69B-64F3E25901B8}) (Version: 1.21.9226.6034 - Google, Inc.) Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden Google Update Helper (x32 Version: 1.3.27.5 - Google Inc.) Hidden GPBaseService (x32 Version: 100.0.187.000 - Hewlett-Packard) Hidden GPBaseService2 (x32 Version: 130.0.371.000 - Hewlett-Packard) Hidden HP 3D DriveGuard (HKLM\...\{33B18075-C7DF-4839-8517-C6E9338D84F2}) (Version: 4.0.3.1 - Hewlett-Packard) HP Advisor (HKLM-x32\...\{B53E61D7-7C80-40DF-82D2-CF5390D6D20A}) (Version: 3.2.8946.3086 - Hewlett-Packard) HP Customer Experience Enhancements (HKLM-x32\...\{5B295588-59C1-4386-9F85-BB4BEDCB0D22}) (Version: 5.7.0.3036 - Hewlett-Packard) HP Customer Participation Program 13.0 (HKLM\...\HPExtendedCapabilities) (Version: 13.0 - HP) HP Document Manager 2.0 (HKLM\...\HP Document Manager) (Version: 2.0 - HP) HP Games (HKLM-x32\...\WildTangent hp Master Uninstall) (Version: 1.0.0.71 - WildTangent) HP Imaging Device Functions 13.0 (HKLM\...\HP Imaging Device Functions) (Version: 13.0 - HP) HP Integrated Module with Bluetooth wireless technology (HKLM\...\{9E9D49A4-1DF4-4138-B7DB-5D87A893088E}) (Version: 6.2.0.9602 - Broadcom Corporation) HP MediaSmart DVD (HKLM-x32\...\InstallShield_{DCCAD079-F92C-44DA-B258-624FC6517A5A}) (Version: 3.0.3123 - Hewlett-Packard) HP MediaSmart Internet TV (HKLM-x32\...\InstallShield_{E553760D-D7F7-48BF-BD8B-C7E23BA04CB5}) (Version: 3.0.1916 - Hewlett-Packard) HP MediaSmart Live TV (HKLM-x32\...\InstallShield_{67626E09-5366-4480-8F1E-93FADF50CA15}) (Version: 3.0.1924 - Hewlett-Packard) HP MediaSmart Movie Themes (HKLM-x32\...\InstallShield_{3023EBDA-BF1B-4831-B347-E5018555F26E}) (Version: 3.0.3102 - Hewlett-Packard) HP MediaSmart Music/Photo/Video (HKLM-x32\...\InstallShield_{B2EE25B9-5B00-4ACF-94F0-92433C28C39E}) (Version: 3.0.3123 - Hewlett-Packard) HP MediaSmart SmartMenu (HKLM\...\{88E60521-1E4E-4785-B9F1-1798A4BD0C30}) (Version: 3.0.30.1 - Hewlett-Packard) HP MediaSmart Webcam (HKLM-x32\...\InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 3.0.1913 - Hewlett-Packard) HP Photo Creations (HKLM-x32\...\HP Photo Creations) (Version: 1.0.0.3781 - HP Photo Creations Powered by RocketLife) HP Quick Launch Buttons (HKLM-x32\...\{34D2AB40-150D-475D-AE32-BD23FB5EE355}) (Version: 6.50.3.1 - Hewlett-Packard) HP Setup (HKLM-x32\...\{F3B912F5-EB57-45AA-B3D1-EB532BCF6EF8}) (Version: 1.2.3220.3079 - Hewlett-Packard) HP Smart Web Printing 4.51 (HKLM\...\HP Smart Web Printing) (Version: 4.51 - HP) HP Solution Center 13.0 (HKLM\...\HP Solution Center & Imaging Support Tools) (Version: 13.0 - HP) HP Support Assistant (HKLM-x32\...\{495A8A3C-8FD0-4C46-9979-95C26181A1AB}) (Version: 4.3.1.2 - Hewlett-Packard) HP Update (HKLM-x32\...\{B0069CFA-5BB9-4C03-B1C6-89CE290E5AFE}) (Version: 5.002.006.003 - Hewlett-Packard) HP User Guides 0154 (HKLM-x32\...\{B51605BF-6326-4553-AE96-6D7F1813D5F5}) (Version: 1.01.0001 - Hewlett-Packard) HP Wireless Assistant (HKLM-x32\...\{54CC7901-804D-4155-B353-21F0CC9112AB}) (Version: 3.50.9.1 - Hewlett-Packard) HPProductAssistant (x32 Version: 130.0.371.000 - Hewlett-Packard) Hidden HPSSupply (x32 Version: 130.0.371.000 - Hewlett-Packard) Hidden HyperCam 2 (HKLM\...\HyperCam 2) (Version: 2.27.01 - Hyperionics Technology LLC) IDT Audio (HKLM-x32\...\{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}) (Version: 1.0.6225.0 - IDT) J4500 (x32 Version: 50.0.165.000 - Hewlett-Packard) Hidden JMicron Flash Media Controller Driver (HKLM-x32\...\{26604C7E-A313-4D12-867F-7C6E7820BE4C}) (Version: 1.0.32.1 - JMicron Technology Corp.) Junk Mail filter update (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden LabelPrint (HKLM-x32\...\InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}) (Version: 2.5.1913 - CyberLink Corp.) LabelPrint (x32 Version: 2.5.1913 - CyberLink Corp.) Hidden LightScribe System Software (HKLM-x32\...\{82EF29B1-9B60-4142-A155-0599216DD053}) (Version: 1.18.6.1 - LightScribe) MarketResearch (x32 Version: 130.0.374.000 - Hewlett-Packard) Hidden Metric Collection SDK 35 (x32 Version: 1.2.0006.00 - Lenovo Group Limited) Hidden Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation) Microsoft .NET Framework 4.5.1 (Polski) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1045) (Version: 4.5.50938 - Microsoft Corporation) Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft) Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft) Microsoft Office Enterprise 2007 (HKLM-x32\...\ENTERPRISE) (Version: 12.0.6612.1000 - Microsoft Corporation) Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation) Microsoft Office Home and Student 2007 (HKLM-x32\...\HOMESTUDENTR) (Version: 12.0.6612.1000 - Microsoft Corporation) Microsoft Office Outlook Connector (HKLM-x32\...\{95140000-007A-0415-0000-0000000FF1CE}) (Version: 14.0.5118.5000 - Microsoft Corporation) Microsoft Office PowerPoint Viewer 2007 (Polish) (HKLM-x32\...\{95120000-00AF-0415-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation) Microsoft Office Suite Activation Assistant (HKLM-x32\...\{E50AE784-FABE-46DA-A1F8-7B6B56DCB22E}) (Version: 2.9 - Microsoft Corporation) Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.40416.0 - Microsoft Corporation) Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation) Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053 (HKLM\...\{B6E3757B-5E77-3915-866A-CCFC4B8D194C}) (Version: 8.0.50727.4053 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation) Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 (HKLM-x32\...\{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319 (HKLM\...\{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}) (Version: 10.0.30319 - Microsoft Corporation) Microsoft Works (HKLM-x32\...\{306B39C9-3AB1-4161-8567-9C7E50B41AE3}) (Version: 9.7.0621 - Microsoft Corporation) Mobile Partner (HKLM-x32\...\Mobile Partner) (Version: 21.005.15.02.382 - Huawei Technologies Co.,Ltd) Movie Maker (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 24.6.0 - Mozilla) Mozilla Thunderbird 31.6.0 (x86 pl) (HKLM-x32\...\Mozilla Thunderbird 31.6.0 (x86 pl)) (Version: 31.6.0 - Mozilla) MSVC80_x64_v2 (Version: 1.0.3.0 - Nokia) Hidden MSVC80_x86_v2 (x32 Version: 1.0.3.0 - Nokia) Hidden MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation) MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation) Niemiecki - Mówisz i rozumiesz (HKLM-x32\...\Niemiecki_MiR_is1) (Version: - ) OCR Software by I.R.I.S. 13.0 (HKLM\...\HPOCR) (Version: 13.0 - HP) Officejet J4500 Series (HKLM\...\{E11448F2-0B44-4239-B04E-D88FE743E929}) (Version: 13.0 - HP) Opera Stable 27.0.1689.76 (HKLM-x32\...\Opera 27.0.1689.76) (Version: 27.0.1689.76 - Opera Software ASA) Opera Stable 29.0.1795.60 (HKLM-x32\...\Opera 29.0.1795.60) (Version: 29.0.1795.60 - Opera Software ASA) Pakiet sterowników systemu Windows - Nokia pccsmcfd (08/22/2008 7.0.0.0) (HKLM\...\FCEC33AD40CEA5E0FC4CEE6E42041A0DA189652D) (Version: 08/22/2008 7.0.0.0 - Nokia) Pakiet sterowników systemu Windows - OLYMPUS IMAGING CORP. (VNUSB) VNUSB (09/29/2009 2.0.0.0) (HKLM\...\75BD84FDFF77342C2A347F729669CBD84CE11B04) (Version: 09/29/2009 2.0.0.0 - OLYMPUS IMAGING CORP.) Pakiet zgodności dla systemu Office 2007 (HKLM-x32\...\{90120000-0020-0415-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation) Pasek narzędzi AOL 5.0 (HKLM-x32\...\AOL Toolbar) (Version: 5.2.78.2 - AOL LLC) PC Connectivity Solution (HKLM-x32\...\{D4AEC53C-1720-41D9-B6D7-6A60DE62D444}) (Version: 10.50.2.0 - Nokia) PDF Reader (HKU\S-1-5-21-2619840493-2819106915-3540068395-1001\...\PDF Reader) (Version: - ) PIT Format 2013 (HKLM-x32\...\PIT Format 2013_is1) (Version: - Biuro Informatyki Stosowanej FORMAT) PL (x32 Version: 13.0 - Corel Corporation) Hidden Poczta usługi Windows Live (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden Podstawowe programy Windows Live (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation) Podstawowe programy Windows Live (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden Power2Go (HKLM-x32\...\InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 6.0.3101 - CyberLink Corp.) Power2Go (x32 Version: 6.0.3101 - CyberLink Corp.) Hidden PowerDirector (HKLM-x32\...\InstallShield_{CB099890-1D5F-11D5-9EA9-0050BAE317E1}) (Version: 7.0.3101 - CyberLink Corp.) PowerDirector (x32 Version: 7.0.3101 - CyberLink Corp.) Hidden PowerISO (HKLM-x32\...\PowerISO) (Version: 4.7 - PowerISO Computing, Inc.) PowerRecover (x32 Version: 5.5.1923 - CyberLink Corp.) Hidden ProductContext (x32 Version: 50.0.165.000 - Hewlett-Packard) Hidden QLBCASL (x32 Version: 6.40.17.2 - Hewlett-Packard) Hidden Realtek 8136 8168 8169 Ethernet Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 1.00.0007 - Realtek) RealWorld Cursor Editor (HKLM-x32\...\{4B2DEF0C-51B4-4250-A082-7C3CD4FB2828}) (Version: 7.1.0 - RealWorld Graphics) RegHunter (HKLM-x32\...\RegHunter) (Version: 1.3.3.1613 - Enigma Software Group, LLC) Scan (x32 Version: 13.0.0.0 - Hewlett-Packard) Hidden Shop for HP Supplies (HKLM\...\Shop for HP Supplies) (Version: 13.0 - HP) Skype Click to Call (HKLM-x32\...\{6D1221A9-17BF-4EC0-81F2-27D30EC30701}) (Version: 7.4.0.9058 - Microsoft Corporation) Skype™ 7.3 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.3.101 - Skype Technologies S.A.) Słownik YDP (niemiecko-polski, polsko-niemiecki) (HKLM-x32\...\YdpDict200) (Version: - ) SmartWebPrinting (x32 Version: 130.0.457.000 - Hewlett-Packard) Hidden SolutionCenter (x32 Version: 130.0.373.000 - Hewlett-Packard) Hidden Status (x32 Version: 130.0.469.000 - Hewlett-Packard) Hidden Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 15.3.29.0 - Synaptics Incorporated) TeamViewer 10 (HKLM-x32\...\TeamViewer) (Version: 10.0.42849 - TeamViewer) The Bat! International Pack v5.2 (HKLM-x32\...\{9BE7AE2F-8604-4BA0-AEDB-8BF3F6820BBA}) (Version: 5.2.2.0 - Ritlabs) Toolbox (x32 Version: 130.0.648.000 - Hewlett-Packard) Hidden Translatica 5 (HKLM-x32\...\{00473C7D-1789-4873-9A75-96647FB01D27}) (Version: 1.3.0.15 - poleng) TrayApp (x32 Version: 130.0.422.000 - Hewlett-Packard) Hidden True Image 2013 (HKLM-x32\...\{2D2EC529-4261-4488-9318-34857143B3D9}Visible) (Version: 16.0.5551 - Acronis) True Image 2013 (x32 Version: 16.0.5551 - Acronis) Hidden Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft) Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft) Update Manager (x32 Version: 4.60 - Corel Corporation) Hidden Validity Sensors software (HKLM\...\{F65B8208-5221-43D9-AA12-DDEA64EC4AF6}) (Version: 2.8.120 - Validity Sensors, Inc.) VBA (x32 Version: 6.2 - Corel Corporation) Hidden WebReg (x32 Version: 130.0.132.017 - Hewlett-Packard) Hidden WinRAR 4.01 (64-bitowy) (HKLM\...\WinRAR archiver) (Version: 4.01.0 - win.rar GmbH) WinZip 17.5 (HKLM\...\{CD95F661-A5C4-44F5-A6AA-ECDD91C240DB}) (Version: 17.5.10480 - WinZip Computing, S.L. ) WMV9/VC-1 Video Playback (Version: 1.00.0000 - ATI Technologies Inc.) Hidden XSManager (HKLM-x32\...\XSManager) (Version: 3.0 - XSManager) ==================== Custom CLSID (Whitelisted): ========================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) CustomCLSID: HKU\S-1-5-21-2619840493-2819106915-3540068395-1001_Classes\CLSID\{3560575F-7C2D-48AE-AB45-DAD430A95EBE}\InprocServer32 -> C:\Program Files\WinZip\adxloader64.dll () ==================== Restore Points ========================= 03-06-2015 17:37:55 Przywracanie systemu czerwiec 2015 03-06-2015 18:32:59 SPTD setup V1.87 ==================== Hosts content: =============================== (If needed Hosts: directive could be included in the fixlist to reset Hosts.) 2009-07-14 04:34 - 2013-07-02 22:21 - 00000824 ____N C:\Windows\system32\Drivers\etc\hosts ==================== Scheduled Tasks (Whitelisted) ============= (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) Task: {01269CF1-E256-4E13-833A-DD5FD6D2E1EC} - System32\Tasks\{854AEA5E-FA71-42D6-8FA0-3E94491AACBF} => C:\Program Files (x86)\XSManager\XSManager.exe [2010-04-27] (WebToGo Mobiles Internet GmbH) Task: {036A53FF-02D3-4E48-A75B-F0C4AD69DD4E} - System32\Tasks\{0EAB3E5E-5FBF-4141-9F2A-A12C63CFB13D} => Chrome.exe http://ui.skype.com/ui/0/6.6.0.106/pl/abandoninstall?page=tsMain Task: {04EC4A57-EB06-478B-B623-549FE718A927} - System32\Tasks\{74D00EC7-5ACF-42CD-AD95-FDCFFB71D2F2} => c:\program files (x86)\opera\launcher.exe [2015-05-18] (Opera Software) Task: {05A43598-E7F5-495D-BB97-A120B25399F3} - System32\Tasks\TVAgent => c:\Program Files (x86)\Hewlett-Packard\Media\Live TV\TVAgent.exe [2009-07-24] (CyberLink Corp.) Task: {05EC5556-EA4A-4155-81C5-EB085C313EC5} - System32\Tasks\{6757FBE5-4861-4BB0-BF75-045507684843} => pcalua.exe -a C:\Users\maciej\Desktop\Installer.exe -d C:\Users\maciej\Desktop Task: {05F340DD-CC3E-4F5E-B92A-72B1FF668442} - System32\Tasks\CapSvcInst => c:\Program Files (x86)\Hewlett-Packard\Media\Live TV\Kernel\TV\CapSvcInst.exe [2009-07-24] (CL) Task: {06BD4DD1-B60F-4313-BD72-612153122F7F} - System32\Tasks\{D1F60338-6BB7-4273-AF48-CCC31F401FAD} => pcalua.exe -a C:\Users\maciej\Desktop\tibia861.exe -d C:\Users\maciej\Desktop Task: {07D24E81-E1CE-4156-BC3B-32C8E2221F91} - System32\Tasks\{41834883-CF8A-404D-9FE9-147A36BFCDA9} => pcalua.exe -a C:\Users\maciej\Desktop\olympus_voice_recorder\Setup.exe -d C:\Users\maciej\Desktop\olympus_voice_recorder Task: {09228D1F-F1A6-40CD-993E-3A3932221EA7} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B => schtasks Task: {0AC0E474-A610-4150-86A7-3A7B70C16DBC} - System32\Tasks\{9CC9641B-BA8A-4B89-ACA5-202E8829CA5B} => pcalua.exe -a E:\SETUP.EXE -d E:\ Task: {0CB213A8-6350-4B27-A3DB-00CB94B25E98} - System32\Tasks\{55CEF43B-6DA3-472C-B2F4-4E1C1BE073E3} => pcalua.exe -a "C:\Program Files (x86)\DocArena\uninstall.exe" Task: {106279A6-A0C2-4FEB-8191-869FD7500303} - System32\Tasks\{78E472CE-4443-416C-8CD1-26F993848DC4} => C:\Program Files (x86)\Hp\Digital Imaging\hpqSSupply.exe Task: {10B9333E-CBB5-4A3E-BF27-AC5197EE98E1} - System32\Tasks\{CFEFAF43-A534-4EDA-A84B-8D3E43F50E38} => pcalua.exe -a C:\Users\maciej\Desktop\darmowy-slownik-nimiecko-polski-vbactionsetup.exe -d C:\Users\maciej\Desktop Task: {16A0BF9A-98CF-4B94-AC65-1F45483ABE76} - System32\Tasks\Lenovo\Lenovo Customer Feedback Program 64 35 => C:\Program Files (x86)\Lenovo\Customer Feedback Program 35\Lenovo.TVT.CustomerFeedback.Agent35.exe [2014-09-10] (Lenovo) Task: {19943913-2F2E-418F-A8F0-6371870153D9} - System32\Tasks\{28C0A7CA-6253-4E33-B04D-D6E6BC115908} => Iexplore.exe http://ui.skype.com/ui/0/6.0.0.120/pl/abandoninstall?page=tsProgressBar Task: {2AC2B008-CFC3-45DE-8DA8-7B69EAA88F64} - System32\Tasks\{45552DF9-E306-4DD9-BC50-0B29D2939F8B} => Iexplore.exe http://ui.skype.com/ui/0/5.10.0.116/pl/abandoninstall?page=tsProgressBar Task: {2C3623DA-70FE-4FF9-9281-F961A6ED982A} - System32\Tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-2619840493-2819106915-3540068395-1001 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe Task: {2DE93709-1C03-4F34-998D-D122D006F069} - System32\Tasks\{5023615C-4116-451A-9605-00DA4E9AE752} => pcalua.exe -a C:\Windows\system32\pcwrun.exe -c "C:\Program Files (x86)\Hp\Digital Imaging\hpqSSupply.exe" Task: {2FE70878-94A0-4DDA-86F1-C3B26D592774} - System32\Tasks\{D23B6AFC-941D-42D9-8A15-AC8EE01CCDB9} => pcalua.exe -a C:\Windows\system32\pcwrun.exe -c "C:\Program Files (x86)\Hp\Digital Imaging\bin\hpqdirec.exe" Task: {32F7E402-EED8-4E18-8E38-87EDA60B9714} - System32\Tasks\{D5F100D8-49D5-4B53-9DFE-2F91B508A6B5} => Iexplore.exe http://ui.skype.com/ui/0/6.0.0.120/pl/abandoninstall?page=tsProgressBar Task: {3A83E13F-D146-402B-9D22-D0879CE38840} - System32\Tasks\{D4E70995-6241-4767-B8B2-D15D96BFC267} => pcalua.exe -a "C:\Program Files (x86)\Photodex Presenter\uninst.exe" Task: {4586FBF6-91FA-4D0B-AD8E-FE2BAD460B32} - System32\Tasks\{58F4B366-FF92-49D2-A551-BC47F596EE24} => pcalua.exe -a E:\Setup\Setup.exe -d E:\Setup Task: {47381229-A21D-4EA6-AAC8-B5197D6E49CA} - System32\Tasks\{000B4BC4-CD0A-4268-A999-0FF84F7FAAB4} => pcalua.exe -a C:\Windows\system32\pcwrun.exe -c "C:\Program Files (x86)\Hp\Digital Imaging\bin\hpqdcmgr.exe" Task: {495D6F5E-48B0-450B-9832-1F2A2CA2D4CB} - System32\Tasks\Microsoft\Windows\Windows Activation Technologies\ValidationTask => C:\Windows\system32\Wat\WatAdminSvc.exe [2010-05-20] (Microsoft Corporation) Task: {4A52C527-C0C6-4B6A-A2EC-A0239018B7A4} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\OutOfIdle => C:\Windows\system32\GWX\GWX.exe [2015-05-07] (Microsoft Corporation) Task: {4A6319C5-E451-469C-BB2A-4B948B2F9CE2} - System32\Tasks\{ACFD1FA5-26C7-4320-AECF-E9128141F76D} => Iexplore.exe http://ui.skype.com/ui/0/5.10.0.116/pl/abandoninstall?page=tsProgressBar Task: {4BB2A462-248A-4B70-9BB3-A82213FE3C4D} - System32\Tasks\{8B0E74F4-6918-425C-9CC9-5694901AD735} => pcalua.exe -a E:\setup.exe -d E:\ Task: {55571D5D-0C77-47C4-B739-BD6CA8B0203F} - System32\Tasks\{EF228D26-37CA-4A0C-BF1F-ACD575670F50} => Chrome.exe http://ui.skype.com/ui/0/6.5.0.158/pl/abandoninstall?page=tsProgressBar Task: {59E74521-275F-4C6B-B757-F837B12D316E} - System32\Tasks\{47B5CB12-6694-489A-AAAC-963D00B4D172} => pcalua.exe -a C:\Users\maciej\Downloads\Flash_Disinfector.exe -d C:\Users\maciej\Downloads Task: {5A919481-2C8E-4512-9438-195FB4FBE1AB} - System32\Tasks\{4BCBB02F-AD79-493B-8D26-9520B92CD7D4} => Iexplore.exe http://ui.skype.com/ui/0/5.10.0.116/pl/abandoninstall?page=tsProgressBar Task: {5C51AB04-2F34-4D08-B5F3-3FE0E0093706} - System32\Tasks\{DF4DE712-6FA4-4901-909F-D57FF0C28A87} => C:\Program Files (x86)\Ashampoo\Ashampoo Snap 5\ashsnap.exe [2012-08-03] (ashampoo GmbH & Co. KG) Task: {5F8B7549-F1C5-41A7-980F-E84B5E65F61D} - System32\Tasks\{319CA2DC-9F85-4FA8-AA1E-51E5794160AB} => Iexplore.exe http://ui.skype.com/ui/0/6.0.0.120/pl/abandoninstall?page=tsProgressBar Task: {62C7901D-1BD1-40CB-8E83-D14B341405A4} - \SMupdate1 No Task File <==== ATTENTION Task: {63EC6D73-9147-465D-BAE2-56ADE7E29EBE} - System32\Tasks\{7EA9CBFD-01C0-43A2-A375-BCD53A4C440C} => C:\Program Files (x86)\XSManager\XSManager.exe [2010-04-27] (WebToGo Mobiles Internet GmbH) Task: {65E30390-F2F0-4564-8037-80736F51183E} - System32\Tasks\DVDAgent => c:\Program Files (x86)\Hewlett-Packard\Media\DVD\DVDAgent.exe [2009-07-23] (CyberLink Corp.) Task: {663B44A1-F8F2-45E0-A46D-D5F83FBCE928} - System32\Tasks\{14D8A746-355B-4078-B99F-568432B9F710} => Iexplore.exe http://ui.skype.com/ui/0/5.10.0.116/pl/abandoninstall?page=tsProgressBar Task: {6C316A9D-822C-48A3-A2F4-B5D67DFE4C09} - System32\Tasks\{E6476708-F96D-4BC2-B514-34D0840DFC5C} => C:\Program Files (x86)\Skype\\Phone\Skype.exe [2015-03-25] (Skype Technologies S.A.) Task: {765AE79B-468C-4CDB-9C2A-69995F188425} - System32\Tasks\RealUpgradeScheduledTaskS-1-5-21-2619840493-2819106915-3540068395-1001 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe Task: {79CC6105-B2DF-4EA9-AA44-EAB8301B76FF} - System32\Tasks\{5C73AA20-930C-4E12-8BE6-B9411E547E82} => Chrome.exe http://www.skype.com/go/downloading?source=lightinstaller&ver=6.18.0.106&LastError=12002 Task: {850F3CBA-A914-47C8-A8C2-8014591A0A56} - System32\Tasks\{E4E4A6DC-CB33-4B21-9EAB-F5A5AFA04BAE} => Iexplore.exe http://ui.skype.com/ui/0/6.0.0.126/pl/abandoninstall?page=tsProgressBar Task: {85F3FD83-F4C3-4AC9-88EC-8464A0751924} - System32\Tasks\{FEFD2CB2-124C-4CC9-BFC9-5B139AEC1045} => Iexplore.exe http://ui.skype.com/ui/0/6.0.0.120/pl/abandoninstall?page=tsProgressBar Task: {86F2D276-3F27-4765-A758-8A15FAEAD1C9} - System32\Tasks\{D1BE8447-17EF-4CE7-B20D-C3854BDEBB00} => C:\Program Files (x86)\Hp\Digital Imaging\bin\hpqdirec.exe [2009-05-21] (Hewlett-Packard Company) Task: {8F83400C-7CA2-46B9-936A-98CCB8CB2963} - System32\Tasks\{5448DEEA-AA98-4680-A627-31E279825017} => G:\setup.exe Task: {956DE13B-3873-44C6-9B0F-965CE02DB1C4} - System32\Tasks\{E4552662-BB3B-4713-B339-AE3A555401F9} => Iexplore.exe http://ui.skype.com/ui/0/6.0.0.120/pl/abandoninstall?page=tsProgressBar Task: {95D19CAA-1B3C-4D2D-BE5C-8B460F135764} - System32\Tasks\{04CA7D16-5AD9-457C-8CB7-6FA36C4E068D} => G:\setup.exe Task: {967C6BB9-74C8-41C6-A11E-2B740CD353BA} - System32\Tasks\Microsoft\Windows\Maintenance\SMupdate2 => Rundll32.exe ,Command701 update2 <==== ATTENTION Task: {9934B784-BF3A-4094-B368-F522DD128281} - \YTDownloaderUpd No Task File <==== ATTENTION Task: {99509911-72B9-47B0-BAEA-54FD0F96E4AC} - \YTDownloader No Task File <==== ATTENTION Task: {9AB8751C-8863-49FB-BD3C-422CF042A49E} - System32\Tasks\{99857620-F49A-4909-A974-E249EDBEB6DA} => C:\Program Files (x86)\XSManager\XSManager.exe [2010-04-27] (WebToGo Mobiles Internet GmbH) Task: {9DAF47DD-0BA0-41F0-93D6-31245F717379} - System32\Tasks\{857A6DDF-BDB8-42E6-A05A-32FF39B3A3CC} => C:\Users\maciej\Desktop\ElfBot NG\loader.exe Task: {A13B9EFB-4D44-4155-9029-77CD47844841} - System32\Tasks\CLMLSvc => c:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe [2009-07-23] (CyberLink) Task: {A4CBBDA4-0965-4536-A080-70238170905F} - System32\Tasks\{EABA72B7-57A9-46D0-91A3-217E8F8DAB0B} => C:\Program Files (x86)\Hp\Digital Imaging\bin\hpqdirec.exe [2009-05-21] (Hewlett-Packard Company) Task: {A6196E98-7C6F-47B2-A242-EE51F14BA0ED} - System32\Tasks\{947ADE8D-D731-4416-A627-3C577BFDE19B} => pcalua.exe -a C:\Users\maciej\AppData\Roaming\vi-view\UninstallManager.exe -c -ptid=cor Task: {A706ED24-026D-4E03-89F7-3D8B335F3038} - System32\Tasks\RealDownloaderRealUpgradeScheduledTaskS-1-5-21-2619840493-2819106915-3540068395-1001 => C:\Program Files (x86)\RealNetworks\RealDownloader\realupgrade.exe Task: {A881F109-EF29-4B9D-9DD8-27F9CE45DC39} - System32\Tasks\{BD0E1392-9DC8-4D9F-B49A-FD4110F9FF00} => C:\Program Files (x86)\Hp\Digital Imaging\bin\hpqdirec.exe [2009-05-21] (Hewlett-Packard Company) Task: {A8850DA5-D8F7-41EA-859B-ACCC80FEFE95} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\Logon => C:\Windows\system32\GWX\GWX.exe [2015-05-07] (Microsoft Corporation) Task: {AAD1B157-67DC-4863-AD32-D3C7A3E5449D} - System32\Tasks\{19AA3697-6B78-4AF3-A38F-D34C5C9B1B5F} => pcalua.exe -a C:\Users\maciej\Desktop\ipchanger\Installer.exe -d C:\Users\maciej\Desktop\ipchanger Task: {AB18E1A0-7009-4D97-BDB0-D1A70A770D9C} - \ShopperProJSUpd No Task File <==== ATTENTION Task: {ADEE0E35-55FF-4120-88AA-5C285F5B361E} - System32\Tasks\Microsoft\Windows\Multimedia\SMupdate3 => Rundll32.exe ,Command701 update3 <==== ATTENTION Task: {AE15A924-1DF9-420E-B8D9-DB313690BE3F} - System32\Tasks\{90C65E55-9E6C-4C88-9C05-1BB7C9BBC3EC} => C:\Program Files (x86)\XSManager\XSManager.exe [2010-04-27] (WebToGo Mobiles Internet GmbH) Task: {B34EBE9A-9408-47FD-8D8B-2807B248BAF2} - System32\Tasks\Ad-Aware Antivirus Scheduled Scan => C:\PROGRA~2\AD-AWA~1\AdAwareLauncher.exe Task: {B3880DF3-4858-4715-9CEC-960CFCE79BBA} - System32\Tasks\{B6FB3399-300D-418F-B7BE-66EBDE30485E} => pcalua.exe -a "C:\Users\maciej\Desktop\wirtuozlotto v_5_4_0\wirtuozlotto v_5_4_0\setup.exe" -d "C:\Users\maciej\Desktop\wirtuozlotto v_5_4_0\wirtuozlotto v_5_4_0" Task: {B64B413C-CAA5-4181-88E8-6577693F4887} - System32\Tasks\CapUninst => c:\Program Files (x86)\Hewlett-Packard\Media\Live TV\Kernel\TV\CapUninst.exe [2009-07-24] (CL) Task: {B9D9802F-EF1C-41B5-ADA3-3606A6B3EE52} - System32\Tasks\{BF67116D-0111-4A1F-BBF0-62203FBB2E1A} => Iexplore.exe http://ui.skype.com/ui/0/6.0.0.120/pl/abandoninstall?page=tsProgressBar Task: {BDA728B9-9250-43DB-801C-48149DDB4D49} - System32\Tasks\{ABE0D35C-5A31-4E33-A6B8-68599975ADA5} => C:\Program Files (x86)\Ashampoo\Ashampoo Snap 5\ashsnap.exe [2012-08-03] (ashampoo GmbH & Co. KG) Task: {BFD7222F-3AE6-404B-AB82-28D7F9181B1C} - System32\Tasks\Microsoft\Windows\Setup\gwx\launchtrayprocess => C:\Windows\system32\GWX\GWX.exe [2015-05-07] (Microsoft Corporation) Task: {CCE6B734-5FE3-4A8F-95F6-1BD923A67BFC} - System32\Tasks\{128232F9-11AE-4118-8B24-0E869104F692} => pcalua.exe -a "C:\Gocha folder tematyczny\Photodex ProShow Producer v4.0.2549 PL\Photodex ProShow Producer v4.0.2549 PL\sPoLszczenie-Photodex-ProShow-Producer-4.0.2549.PAWJ-ShK\sPoLszczenie-Photodex-ProShow-Producer-4.0.2549.PAWJ-ShK.exe" -d "C:\Gocha folder tematyczny\Photodex ProShow Producer v4.0.2549 PL\Photodex ProShow Producer v4.0.2549 PL\sPoLszczenie-Photodex-ProShow-Producer-4.0.2549.PAWJ-ShK" Task: {CEED3CAD-D492-4575-993B-E01CF81D62BA} - System32\Tasks\{05F03C9C-F38F-47C2-B725-12BD374B818D} => C:\Users\maciej\Desktop\ElfBot NG\loader.exe Task: {CF418B44-B6C5-4EE5-88C1-F409F88A85D6} - System32\Tasks\{81E01CE8-FCAA-423C-BED8-990C7EF29D8C} => Iexplore.exe http://ui.skype.com/ui/0/6.0.0.120/pl/abandoninstall?page=tsProgressBar Task: {D1945DF9-DA33-4DDB-8637-04855F4E0545} - System32\Tasks\CapSchedInst => c:\Program Files (x86)\Hewlett-Packard\Media\Live TV\Kernel\TV\CapSchedInst.exe [2009-07-24] (CL) Task: {D83E7095-97E7-429B-9950-D4124070879D} - System32\Tasks\{F0E2A430-4C2C-4053-B39D-0AFEC7D154B2} => C:\Users\maciej\Desktop\ElfBot NG\loader.exe Task: {D9910990-3BD4-4ABA-BCDE-75BAE022839A} - System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxconfig => C:\Windows\system32\GWX\GWXConfigManager.exe [2015-05-07] (Microsoft Corporation) Task: {D9BFBF69-ED62-4A73-9C4A-FAC89361F2B8} - System32\Tasks\{353916FD-36A7-437C-8850-BA9452D8EB14} => C:\Program Files (x86)\XSManager\XSManager.exe [2010-04-27] (WebToGo Mobiles Internet GmbH) Task: {DE723ED4-0F20-427C-8AF0-1FD1A5979525} - System32\Tasks\GoogleUpdateTaskMachineUA1cf8ca83f5277aa => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-01-15] (Google Inc.) Task: {E00A8B15-2C40-4245-8C4D-4926294BDCBD} - System32\Tasks\Opera scheduled Autoupdate 1415261786 => C:\Program Files (x86)\Opera\launcher.exe [2015-05-18] (Opera Software) Task: {E1C099A7-BF32-4E29-B8E3-FDCA44D59945} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-01-15] (Google Inc.) Task: {E340978B-D7F0-4416-B393-3314F944315D} - System32\Tasks\{3E938492-DC36-4500-875B-3548C7774E9F} => Iexplore.exe http://ui.skype.com/ui/0/6.0.0.120/pl/abandoninstall?page=tsProgressBar Task: {E35671B4-1D96-436C-A819-AD139284D319} - System32\Tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-2619840493-2819106915-3540068395-1001 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe Task: {E48C90B6-7F19-49FC-B423-4602ABE1E57E} - System32\Tasks\G2MUpdateTask-S-1-5-21-2619840493-2819106915-3540068395-1001 => C:\Program Files (x86)\Citrix\GoToMeeting\1831\g2mupdate.exe Task: {E4FFDF6D-A5D3-4836-BE84-B15543764ADD} - System32\Tasks\{F6A71607-2CC9-436B-9100-5E1FDA6DE469} => c:\program files (x86)\opera\launcher.exe [2015-05-18] (Opera Software) Task: {E55CA32D-E141-40D4-B743-712447B4A4CC} - System32\Tasks\{11F56BC4-A848-4792-8AFF-3C1C535BFDBE} => Iexplore.exe http://ui.skype.com/ui/0/6.3.0.105/pl/abandoninstall?page=tsProgressBar Task: {E88E3EBC-2A89-4500-A264-F4001BD4C542} - System32\Tasks\{BFCF8066-85CF-40E6-AB4A-098EBCB780F2} => pcalua.exe -a "C:\Program Files (x86)\XSManager\InstallWTGService.exe" -d "C:\Program Files (x86)\XSManager" -c install Task: {ED103423-FD01-43B1-A73C-A144D2F2D612} - System32\Tasks\{85C29D64-0DA3-43B7-B865-D9B47B796892} => pcalua.exe -a C:\Users\maciej\AppData\Roaming\webssearches\UninstallManager.exe -c -ptid=obw <==== ATTENTION Task: {EFA0B7FB-AF48-4EAA-AE62-AE51053498BF} - System32\Tasks\{B2D212BE-A11F-4287-A927-557A3BE710F4} => Iexplore.exe http://ui.skype.com/ui/0/6.0.0.120/pl/abandoninstall?page=tsProgressBar Task: {F000A660-760E-4639-A934-FFC2B1C6301E} - System32\Tasks\RealUpgradeLogonTaskS-1-5-21-2619840493-2819106915-3540068395-1001 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe Task: {F2354AD1-857D-492C-8D6D-E2981161F6EE} - System32\Tasks\{AB4CF6BA-0C22-4DB7-8E47-A86BC905497B} => pcalua.exe -a "C:\Users\maciej\Desktop\wirtuoz_systemy v_1_2\wirtuoz_systemy v_1_2\setup.exe" -d "C:\Users\maciej\Desktop\wirtuoz_systemy v_1_2\wirtuoz_systemy v_1_2" Task: {F563D9A0-5BC4-46CE-A7CA-DB85247862BE} - System32\Tasks\{955343BE-84F9-43BA-9BD7-0C0B61B5E771} => G:\setup.exe Task: {F685DCFC-D92A-44BA-B969-A884D3C2A0E9} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-05-27] (Adobe Systems Incorporated) Task: {FB26D3AA-D0BA-4CBA-9685-AA4A27F1E836} - System32\Tasks\RealDownloaderRealUpgradeLogonTaskS-1-5-21-2619840493-2819106915-3540068395-1001 => C:\Program Files (x86)\RealNetworks\RealDownloader\realupgrade.exe Task: {FEFAAFB4-3D0B-4132-AB3D-DAF67B93965A} - System32\Tasks\{05B28EED-D2E0-43DF-9C9D-5E5F9EE417D1} => C:\Program Files (x86)\Hp\Digital Imaging\hpqSSupply.exe Task: {FF08C849-E7DB-428C-AB76-A0902BD33055} - System32\Tasks\{8C585785-2F8E-40A9-A8FA-53EF1B5D8DFE} => c:\program files (x86)\opera\launcher.exe [2015-05-18] (Opera Software) Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA1cf8ca83f5277aa.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe ==================== Loaded Modules (Whitelisted) ============== 2011-03-14 17:27 - 2011-03-14 17:27 - 00346976 _____ () C:\ProgramData\DatacardService\HWDeviceService64.exe 2012-09-20 20:56 - 2013-02-26 20:42 - 00239968 _____ () C:\ProgramData\Mobile Partner\OnlineUpdate\ouc.exe 2009-09-17 22:35 - 2009-01-21 20:47 - 00247152 ____N () C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe 2013-02-26 23:16 - 2010-04-12 19:03 - 00329168 ____N () C:\Program Files (x86)\XSManager\WTGService.exe 2015-05-20 12:21 - 2015-05-20 12:20 - 00479352 _____ () C:\Program Files (x86)\Opera\29.0.1795.60\opera_crashreporter.exe 2013-02-26 20:42 - 2013-02-26 20:42 - 00514048 _____ () C:\Program Files (x86)\Mobile Partner\Mobile Partner.exe 2012-09-20 20:56 - 2012-09-20 20:54 - 00011362 _____ () C:\ProgramData\Mobile Partner\OnlineUpdate\mingwm10.dll 2012-09-20 20:56 - 2012-09-20 20:54 - 00043008 _____ () C:\ProgramData\Mobile Partner\OnlineUpdate\libgcc_s_dw2-1.dll 2012-09-20 20:56 - 2012-09-20 20:54 - 02415104 _____ () C:\ProgramData\Mobile Partner\OnlineUpdate\QtCore4.dll 2012-09-20 20:56 - 2012-09-20 20:54 - 01148416 _____ () C:\ProgramData\Mobile Partner\OnlineUpdate\QtNetwork4.dll 2012-09-20 20:56 - 2012-09-20 20:54 - 00383488 _____ () C:\ProgramData\Mobile Partner\OnlineUpdate\QueryStrategy.dll 2012-09-20 20:56 - 2012-09-20 20:54 - 00398336 _____ () C:\ProgramData\Mobile Partner\OnlineUpdate\QtXml4.dll 2012-09-24 22:19 - 2012-09-24 22:19 - 00436104 _____ () C:\Program Files (x86)\Common Files\Acronis\Home\ulxmlrpcpp.dll 2014-03-28 11:35 - 2014-03-28 11:35 - 00093696 _____ () C:\Program Files (x86)\FileZilla FTP Client\fzshellext.dll 2015-05-20 12:21 - 2015-05-20 12:20 - 01576568 _____ () C:\Program Files (x86)\Opera\29.0.1795.60\libglesv2.dll 2015-05-20 12:21 - 2015-05-20 12:20 - 00081016 _____ () C:\Program Files (x86)\Opera\29.0.1795.60\libegl.dll 2013-02-26 20:42 - 2013-02-26 20:42 - 00427008 _____ () C:\Program Files (x86)\Mobile Partner\core.dll 2013-02-26 20:42 - 2013-02-26 20:42 - 00264192 _____ () C:\Program Files (x86)\Mobile Partner\sdk.dll 2013-02-26 20:42 - 2013-02-26 20:42 - 00011362 _____ () C:\Program Files (x86)\Mobile Partner\mingwm10.dll 2013-02-26 20:42 - 2013-02-26 20:42 - 00043008 _____ () C:\Program Files (x86)\Mobile Partner\libgcc_s_dw2-1.dll 2013-02-26 20:42 - 2013-02-26 20:42 - 02415104 _____ () C:\Program Files (x86)\Mobile Partner\QtCore4.dll 2013-02-26 20:42 - 2013-02-26 20:42 - 09515520 _____ () C:\Program Files (x86)\Mobile Partner\QtGui4.dll 2013-02-26 20:42 - 2013-02-26 20:42 - 00382464 _____ () C:\Program Files (x86)\Mobile Partner\Proxy.DLL 2013-02-26 20:42 - 2013-02-26 20:42 - 00218112 _____ () C:\Program Files (x86)\Mobile Partner\Common.dll 2013-02-26 20:42 - 2013-02-26 20:42 - 00135168 _____ () C:\Program Files (x86)\Mobile Partner\Trace.dll 2013-02-26 20:42 - 2013-02-26 20:42 - 00545280 _____ () C:\Program Files (x86)\Mobile Partner\PluginContainer.dll 2013-02-26 20:42 - 2013-02-26 20:42 - 00238080 _____ () C:\Program Files (x86)\Mobile Partner\AtCodec.dll 2013-02-26 20:42 - 2013-02-26 20:42 - 00301056 _____ () C:\Program Files (x86)\Mobile Partner\DeviceSrvPlugin.dll 2013-02-26 20:42 - 2013-02-26 20:42 - 00237568 _____ () C:\Program Files (x86)\Mobile Partner\NetSrvPlugin.dll 2013-02-26 20:42 - 2013-02-26 20:42 - 00133120 _____ () C:\Program Files (x86)\Mobile Partner\OSDialup.dll 2013-02-26 20:42 - 2013-02-26 20:42 - 00159744 _____ () C:\Program Files (x86)\Mobile Partner\XCodec.dll 2013-02-26 20:42 - 2013-02-26 20:42 - 00157184 _____ () C:\Program Files (x86)\Mobile Partner\DataServicePlugin.dll 2013-02-26 20:42 - 2013-02-26 20:42 - 00176128 _____ () C:\Program Files (x86)\Mobile Partner\CallSrvPlugin.dll 2013-02-26 20:42 - 2013-02-26 20:42 - 00264704 _____ () C:\Program Files (x86)\Mobile Partner\AddrBookSrvPlugin.dll 2013-02-26 20:42 - 2013-02-26 20:42 - 00217600 _____ () C:\Program Files (x86)\Mobile Partner\SmsSrvPlugin.dll 2013-02-26 20:42 - 2013-02-26 20:42 - 00142336 _____ () C:\Program Files (x86)\Mobile Partner\USSDSrvPlugin.dll 2013-02-26 20:42 - 2013-02-26 20:42 - 00156672 _____ () C:\Program Files (x86)\Mobile Partner\STKSrvPlugin.dll 2013-02-26 20:42 - 2013-02-26 20:42 - 00338432 _____ () C:\Program Files (x86)\Mobile Partner\DeviceAppPlugin.dll 2013-02-26 20:42 - 2013-02-26 20:42 - 00065536 _____ () C:\Program Files (x86)\Mobile Partner\OSPowerMgr.dll 2013-02-26 20:42 - 2013-02-26 20:42 - 00114688 _____ () C:\Program Files (x86)\Mobile Partner\Win7Support.dll 2013-02-26 20:42 - 2013-02-26 20:42 - 01078272 _____ () C:\Program Files (x86)\Mobile Partner\AddrBookPlugin.dll 2013-02-26 20:42 - 2013-02-26 20:42 - 00670720 _____ () C:\Program Files (x86)\Mobile Partner\SmsAppPlugin.dll 2013-02-26 20:42 - 2013-02-26 20:42 - 00550400 _____ () C:\Program Files (x86)\Mobile Partner\CallAppPlugin.dll 2013-02-26 20:42 - 2013-02-26 20:42 - 00547840 _____ () C:\Program Files (x86)\Mobile Partner\CallLogSrvPlugin.dll 2013-02-26 20:42 - 2013-02-26 20:42 - 00158720 _____ () C:\Program Files (x86)\Mobile Partner\NetConnectSrvPlugin.dll 2013-02-26 20:42 - 2013-02-26 20:42 - 00211968 _____ () C:\Program Files (x86)\Mobile Partner\DialUpPlugin.dll 2013-02-26 20:42 - 2013-02-26 20:42 - 00101376 _____ () C:\Program Files (x86)\Mobile Partner\OSAdapt.dll 2013-02-26 20:42 - 2013-02-26 20:42 - 00180224 _____ () C:\Program Files (x86)\Mobile Partner\NDISPlugin.dll 2013-02-26 20:42 - 2013-02-26 20:42 - 00131072 _____ () C:\Program Files (x86)\Mobile Partner\OSNDIS.dll 2013-02-26 20:42 - 2013-02-26 20:42 - 01101824 _____ () C:\Program Files (x86)\Mobile Partner\NDISAPI.dll 2013-02-26 20:42 - 2013-02-26 20:42 - 00278528 _____ () C:\Program Files (x86)\Mobile Partner\NetInfoSrvPlugin.dll 2013-02-26 20:42 - 2013-02-26 20:42 - 00062976 _____ () C:\Program Files (x86)\Mobile Partner\OSCall.dll 2013-02-26 20:42 - 2013-02-26 20:42 - 00538624 _____ () C:\Program Files (x86)\Mobile Partner\DeviceMgrUIPlugin.dll 2013-02-26 20:42 - 2013-02-26 20:42 - 00398336 _____ () C:\Program Files (x86)\Mobile Partner\QtXml4.dll 2013-02-26 20:42 - 2013-02-26 20:42 - 00123392 _____ () C:\Program Files (x86)\Mobile Partner\ATR2SMgr.dll 2013-02-26 20:42 - 2013-02-26 20:42 - 00184832 _____ () C:\Program Files (x86)\Mobile Partner\XFramePlugin.dll 2013-02-26 20:42 - 2013-02-26 20:42 - 00307200 _____ () C:\Program Files (x86)\Mobile Partner\StatusBarMgrPlugin.dll 2013-02-26 20:42 - 2013-02-26 20:42 - 00117760 _____ () C:\Program Files (x86)\Mobile Partner\LayoutPlugin.dll 2013-02-26 20:42 - 2013-02-26 20:42 - 00441856 _____ () C:\Program Files (x86)\Mobile Partner\DialupUIPlugin.dll 2013-02-26 20:42 - 2013-02-26 20:42 - 00093184 _____ () C:\Program Files (x86)\Mobile Partner\NotifyServicePlugin.dll 2013-02-26 20:42 - 2013-02-26 20:42 - 00333824 _____ () C:\Program Files (x86)\Mobile Partner\NetConnectPlugin.dll 2013-02-26 20:42 - 2013-02-26 20:42 - 00295424 _____ () C:\Program Files (x86)\Mobile Partner\MenuMgrPlugin.dll 2013-02-26 20:42 - 2013-02-26 20:42 - 00391168 _____ () C:\Program Files (x86)\Mobile Partner\USSDUIPlugin.dll 2013-02-26 20:42 - 2013-02-26 20:42 - 00484352 _____ () C:\Program Files (x86)\Mobile Partner\NetInfoUIExPlugin.dll 2013-02-26 20:42 - 2013-02-26 20:42 - 00823808 _____ () C:\Program Files (x86)\Mobile Partner\SMSUIPlugin.dll 2013-02-26 20:42 - 2013-02-26 20:42 - 00771072 _____ () C:\Program Files (x86)\Mobile Partner\AddrBookUIPlugin.dll 2013-02-26 20:42 - 2013-02-26 20:42 - 00209408 _____ () C:\Program Files (x86)\Mobile Partner\ToolBarMgrPlugin.dll 2013-02-26 20:42 - 2013-02-26 20:42 - 00263168 _____ () C:\Program Files (x86)\Mobile Partner\LiveUpdateInterface.DLL 2013-02-26 20:42 - 2013-02-26 20:42 - 01148416 _____ () C:\Program Files (x86)\Mobile Partner\QtNetwork4.dll 2013-02-26 20:42 - 2013-02-26 20:42 - 00082944 _____ () C:\Program Files (x86)\Mobile Partner\plugins\imageformats\qgif4.dll 2013-02-26 20:42 - 2013-02-26 20:42 - 00081920 _____ () C:\Program Files (x86)\Mobile Partner\plugins\imageformats\qico4.dll 2013-02-26 20:42 - 2013-02-26 20:42 - 00192000 _____ () C:\Program Files (x86)\Mobile Partner\plugins\imageformats\qjpeg4.dll 2013-02-26 20:42 - 2013-02-26 20:42 - 00350720 _____ () C:\Program Files (x86)\Mobile Partner\plugins\imageformats\qmng4.dll 2013-02-26 20:42 - 2013-02-26 20:42 - 00370176 _____ () C:\Program Files (x86)\Mobile Partner\plugins\imageformats\qtiff4.dll ==================== Alternate Data Streams (Whitelisted) ========= (If an entry is included in the fixlist, only the ADS will be removed.) AlternateDataStreams: C:\3590F75ABA9E485486C100C1A9D4FF06ZZZ.ZZZ.Z.ZZZ..Z:1 AlternateDataStreams: C:\ProgramData\Temp:D8527718 ==================== Safe Mode (Whitelisted) =================== (If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.) HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys => ""="Driver" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Wdf01000.sys => ""="Driver" ==================== EXE Association (Whitelisted) =============== (If an entry is included in the fixlist, the registry item will be restored to default or removed.) ==================== Internet Explorer trusted/restricted =============== (If an entry is included in the fixlist, it will be removed from the registry.) ==================== Other Areas ============================ (Currently there is no automatic fix for this section.) HKU\S-1-5-21-2619840493-2819106915-3540068395-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\maciej\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg DNS Servers: 193.189.244.225 - 193.189.244.206 ==================== MSCONFIG/TASK MANAGER disabled items == (Currently there is no automatic fix for this section.) MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^HP Digital Imaging Monitor.lnk => C:\Windows\pss\HP Digital Imaging Monitor.lnk.CommonStartup MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^McAfee Security Scan Plus.lnk => C:\Windows\pss\McAfee Security Scan Plus.lnk.CommonStartup MSCONFIG\startupfolder: C:^Users^maciej^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Tworzenie wycinków ekranu i uruchamianie programu OneNote 2007.lnk => C:\Windows\pss\Tworzenie wycinków ekranu i uruchamianie programu OneNote 2007.lnk.Startup MSCONFIG\startupreg: AcronisTibMounterMonitor => C:\Program Files (x86)\Common Files\Acronis\TibMounter\TibMounterMonitor.exe MSCONFIG\startupreg: AshSnap => C:\Program Files (x86)\Ashampoo\Ashampoo Snap 5\ashsnap.exe MSCONFIG\startupreg: GoogleDriveSync => "C:\Program Files (x86)\Google\Drive\googledrivesync.exe" /autostart MSCONFIG\startupreg: HPADVISOR => C:\Program Files (x86)\Hewlett-Packard\HP Advisor\HPAdvisor.exe view=DOCKVIEW MSCONFIG\startupreg: LightScribe Control Panel => C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe -hidden MSCONFIG\startupreg: PrintDisp => C:\Windows\system32\PrintDisp.exe MSCONFIG\startupreg: PWRISOVM.EXE => C:\Program Files (x86)\PowerISO\PWRISOVM.EXE MSCONFIG\startupreg: QuickTime Task => "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime MSCONFIG\startupreg: SmartMenu => C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe /background MSCONFIG\startupreg: StartCCC => "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun MSCONFIG\startupreg: starter4g => C:\Windows\starter4g.exe MSCONFIG\startupreg: TkBellExe => "C:\Program Files (x86)\Real\realplayer\update\realsched.exe" -osboot MSCONFIG\startupreg: TrueImageMonitor.exe => "C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe" MSCONFIG\startupreg: UsBuga Acronis Scheduler2 Service => MSCONFIG\startupreg: YTDownloader => "C:\Program Files (x86)\YTDownloader\YTDownloader.exe" /boot ==================== FirewallRules (Whitelisted) =============== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) FirewallRules: [TCP Query User{AF11D0FC-2573-405C-99BF-245A44C820DC}C:\program files (x86)\hewlett-packard\touchsmart\media\hptouchsmartvideo.exe] => (Block) C:\program files (x86)\hewlett-packard\touchsmart\media\hptouchsmartvideo.exe FirewallRules: [UDP Query User{7C4DFC2A-8904-4535-AF00-573DDEAA55F2}C:\program files (x86)\hewlett-packard\touchsmart\media\hptouchsmartvideo.exe] => (Block) C:\program files (x86)\hewlett-packard\touchsmart\media\hptouchsmartvideo.exe FirewallRules: [{2C8CAF13-096F-4AF2-82A1-DE0DCA01537E}] => (Allow) LPort=5432 FirewallRules: [{06816A92-E170-40C8-B21D-8084C5281C25}] => (Allow) LPort=5433 FirewallRules: [{24445B56-15F9-4BE4-B8F4-910E637D40E1}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe FirewallRules: [{AE8CCBE9-D7A9-400F-96E9-4618EBFF593E}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe FirewallRules: [{F145FBB8-332B-4C31-801C-99955383DE3F}] => (Allow) LPort=2869 FirewallRules: [{464F0392-A7F3-4B48-B47A-C04337165FA8}] => (Allow) LPort=1900 FirewallRules: [{A28E1519-0279-4566-8B2E-722466ACE710}] => (Allow) C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe FirewallRules: [{D756A707-C961-4497-A07B-FCF9FBBCE44A}] => (Allow) LPort=1886 FirewallRules: [{F8677B64-AE34-4BE6-8A33-952EC43DE479}] => (Allow) LPort=1886 FirewallRules: [{62CE2FFF-8A8A-4AA6-87F7-78669460379F}] => (Allow) LPort=1886 FirewallRules: [{EDE90C3D-CD1F-4241-B42D-D380514E635D}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe FirewallRules: [{BF84BDA9-D37A-465A-8C1B-4D62BD32FFC5}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe FirewallRules: [{C1C28C93-825F-4BDB-8F74-25CCAF0F3CDB}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe FirewallRules: [{FD16291F-4EEF-4FC6-A94E-A125C27DD794}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe FirewallRules: [{7AE38292-84DC-4C29-88EB-0BB2605CBDF3}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe FirewallRules: [{6E13F1BD-50D9-4A31-88AD-1354D8D7F4D8}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe FirewallRules: [{7FBCFF01-3B7A-4AF8-80AF-914AC6E1DDB5}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe FirewallRules: [{A0BB40A6-8A51-40DB-8FEE-D67900C88A61}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe FirewallRules: [{8E07ED61-2A7E-483A-B206-8CBAB8C77CE4}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe ==================== Faulty Device Manager Devices ============= Name: SBRE Description: SBRE Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1} Manufacturer: Service: SBRE Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24) Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed. Devices stay in this state if they have been prepared for removal. After you remove the device, this error disappears.Remove the device, and this error should be resolved. Name: Zewnętrzne urządzenie Bluetooth Description: Zewnętrzne urządzenie Bluetooth Class Guid: Manufacturer: Service: Problem: : The drivers for this device are not installed. (Code 28) Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard. ==================== Event log errors: ========================= Application errors: ================== Error: (06/03/2015 06:32:59 PM) (Source: VSS) (EventID: 8194) (User: ) Description: Błąd Usługi kopiowania woluminów w tle: nieoczekiwany błąd podczas badania interfejsu IVssWriterCallback. hr = 0x80070005, Odmowa dostępu. . To jest często spowodowane przez niepoprawne ustawienia zabezpieczeń w procesie zapisującym lub żądającym. Operacja: Zbieranie danych modułu zapisującego Kontekst: Identyfikator klasy modułu zapisującego: {e8132975-6f93-4464-a53e-1050253ae220} Nazwa modułu zapisującego: System Writer Identyfikator wystąpienia modułu zapisującego: {0f092d19-2f65-4363-a9ca-03170cdafbb4} Error: (06/03/2015 05:45:36 PM) (Source: Windows Search Service) (EventID: 1019) (User: ) Description: Usługa wyszukiwania systemu Windows nie może przetworzyć listy lokalizacji dołączonych i wykluczonych. Błąd: <30, 0x80070057, „file:///I:\”>. Error: (06/03/2015 02:58:40 PM) (Source: Windows Backup) (EventID: 4104) (User: ) Description: Wykonanie kopii zapasowej nie powiodło się. Błąd: Nie można uzyskać dostępu do lokalizacji kopii zapasowej. Przejrzyj ustawienia kopii zapasowej i sprawdź lokalizację kopii zapasowej. (0x81000002). Error: (06/03/2015 08:27:26 AM) (Source: Application Hang) (EventID: 1002) (User: ) Description: Program Skype.exe w wersji 7.3.0.101 zatrzymał interakcję z systemem Windows i został zamknięty. Aby zobaczyć, czy jest dostępnych więcej informacji dotyczących tego problemu, sprawdź historię problemu w panelu sterowania Centrum akcji. Identyfikator procesu: 16bc Godzina rozpoczęcia: 01d09dc5f56f1893 Godzina zakończenia: 24 Ścieżka aplikacji: C:\Program Files (x86)\Skype\Phone\Skype.exe Identyfikator raportu: 83aaaf15-09b9-11e5-9de0-001e101fe5e1 Error: (06/03/2015 08:25:29 AM) (Source: Application Hang) (EventID: 1002) (User: ) Description: Program Skype.exe w wersji 7.3.0.101 zatrzymał interakcję z systemem Windows i został zamknięty. Aby zobaczyć, czy jest dostępnych więcej informacji dotyczących tego problemu, sprawdź historię problemu w panelu sterowania Centrum akcji. Identyfikator procesu: 58c Godzina rozpoczęcia: 01d09dc5f56f1893 Godzina zakończenia: 40 Ścieżka aplikacji: C:\Program Files (x86)\Skype\Phone\Skype.exe Identyfikator raportu: 4f079990-09b9-11e5-9de0-001e101fe5e1 Error: (06/03/2015 08:24:27 AM) (Source: Application Hang) (EventID: 1002) (User: ) Description: Program Skype.exe w wersji 7.3.0.101 zatrzymał interakcję z systemem Windows i został zamknięty. Aby zobaczyć, czy jest dostępnych więcej informacji dotyczących tego problemu, sprawdź historię problemu w panelu sterowania Centrum akcji. Identyfikator procesu: 14f8 Godzina rozpoczęcia: 01d09dc5608f0eea Godzina zakończenia: 14 Ścieżka aplikacji: C:\Program Files (x86)\Skype\Phone\Skype.exe Identyfikator raportu: 27a42550-09b9-11e5-9de0-001e101fe5e1 Error: (06/02/2015 02:23:31 PM) (Source: Application Hang) (EventID: 1002) (User: ) Description: Program Skype.exe w wersji 7.3.0.101 zatrzymał interakcję z systemem Windows i został zamknięty. Aby zobaczyć, czy jest dostępnych więcej informacji dotyczących tego problemu, sprawdź historię problemu w panelu sterowania Centrum akcji. Identyfikator procesu: 5f8 Godzina rozpoczęcia: 01d09d20498d049a Godzina zakończenia: 20 Ścieżka aplikacji: C:\Program Files (x86)\Skype\Phone\Skype.exe Identyfikator raportu: Error: (06/02/2015 10:05:27 AM) (Source: Windows Search Service) (EventID: 3007) (User: ) Description: Nie można zainicjować monitorowania wydajności dla obiektu programu zbierającego, ponieważ liczniki nie są załadowane lub nie można otworzyć obiektu pamięci współużytkowanej. Wpływa to tylko na dostępność liczników monitora wydajności. Uruchom ponownie komputer. Kontekst: aplikacja , wykaz SystemIndex Error: (06/02/2015 10:00:03 AM) (Source: Application Error) (EventID: 1000) (User: ) Description: Nazwa aplikacji powodującej błąd: hotfix.exe, wersja: 1.4.1572.0, sygnatura czasowa: 0x4919b4d5 Nazwa modułu powodującego błąd: unknown, wersja: 0.0.0.0, sygnatura czasowa: 0x00000000 Kod wyjątku: 0xc00000fd Przesunięcie błędu: 0x73a1e4a4 Identyfikator procesu powodującego błąd: 0x8964 Godzina uruchomienia aplikacji powodującej błąd: 0xhotfix.exe0 Ścieżka aplikacji powodującej błąd: hotfix.exe1 Ścieżka modułu powodującego błąd: hotfix.exe2 Identyfikator raportu: hotfix.exe3 Error: (06/02/2015 09:59:58 AM) (Source: MsiInstaller) (EventID: 1023) (User: maciej-Komputer) Description: Produkt: Microsoft SQL Server 2005 Tools Express Edition - nie można zainstalować aktualizacji 'GDR 3077 for SQL Server Tools and Workstation Components 2005 ENU (KB960089)'. Kod błędu 1603. Dodatkowe informacje są dostępne w pliku dziennika C:\Program Files (x86)\Microsoft SQL Server\90\Setup Bootstrap\LOG\Hotfix\SQLTools9_Hotfix_KB960089_sqlrun_tools.msp.log. System errors: ============= Error: (06/03/2015 07:45:10 PM) (Source: Microsoft-Windows-BitLocker-Driver) (EventID: 24620) (User: ZARZĄDZANIE NT) Description: Sprawdzanie zaszyfrowanego woluminu: nie można odczytać informacji o woluminie . Error: (06/03/2015 06:11:05 PM) (Source: Disk) (EventID: 11) (User: ) Description: Sterownik wykrył błąd kontrolera na \Device\Harddisk2\DR18. Error: (06/03/2015 06:11:04 PM) (Source: Disk) (EventID: 11) (User: ) Description: Sterownik wykrył błąd kontrolera na \Device\Harddisk2\DR18. Error: (06/03/2015 06:11:03 PM) (Source: Disk) (EventID: 11) (User: ) Description: Sterownik wykrył błąd kontrolera na \Device\Harddisk2\DR18. Error: (06/03/2015 06:11:03 PM) (Source: Disk) (EventID: 11) (User: ) Description: Sterownik wykrył błąd kontrolera na \Device\Harddisk2\DR18. Error: (06/03/2015 06:11:02 PM) (Source: Microsoft-Windows-BitLocker-Driver) (EventID: 24620) (User: ZARZĄDZANIE NT) Description: Sprawdzanie zaszyfrowanego woluminu: nie można odczytać informacji o woluminie . Error: (06/03/2015 06:06:39 PM) (Source: Microsoft-Windows-BitLocker-Driver) (EventID: 24620) (User: ZARZĄDZANIE NT) Description: Sprawdzanie zaszyfrowanego woluminu: nie można odczytać informacji o woluminie . Error: (06/03/2015 05:59:26 PM) (Source: Microsoft-Windows-BitLocker-Driver) (EventID: 24620) (User: ZARZĄDZANIE NT) Description: Sprawdzanie zaszyfrowanego woluminu: nie można odczytać informacji o woluminie . Error: (06/03/2015 05:58:41 PM) (Source: Microsoft-Windows-BitLocker-Driver) (EventID: 24620) (User: ZARZĄDZANIE NT) Description: Sprawdzanie zaszyfrowanego woluminu: nie można odczytać informacji o woluminie . Error: (06/03/2015 04:50:40 PM) (Source: DCOM) (EventID: 10010) (User: ) Description: {1EF75F33-893B-4E8F-9655-C3D602BA4897} Microsoft Office: ========================= Error: (06/26/2014 05:01:48 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: ) Description: ID: 6, Application Name: Microsoft Office Outlook, Application Version: 12.0.4518.1014, Microsoft Office Version: 12.0.6425.1000. This session lasted 4435 seconds with 240 seconds of active time. This session ended with a crash. Error: (07/29/2013 02:31:25 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: ) Description: ID: 1, Application Name: Microsoft Office Excel, Application Version: 12.0.6535.5002, Microsoft Office Version: 12.0.6425.1000. This session lasted 6564 seconds with 0 seconds of active time. This session ended with a crash. Error: (07/21/2013 02:12:42 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: ) Description: ID: 1, Application Name: Microsoft Office Excel, Application Version: 12.0.6535.5002, Microsoft Office Version: 12.0.6425.1000. This session lasted 4826 seconds with 720 seconds of active time. This session ended with a crash. Error: (12/29/2011 06:24:05 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: ) Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6541.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 2284 seconds with 960 seconds of active time. This session ended with a crash. Error: (12/06/2011 00:56:03 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: ) Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6541.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 16142 seconds with 13440 seconds of active time. This session ended with a crash. Error: (12/05/2011 08:13:51 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: ) Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6541.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 1263 seconds with 960 seconds of active time. This session ended with a crash. Error: (11/24/2011 11:10:14 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: ) Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6541.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 1558 seconds with 1260 seconds of active time. This session ended with a crash. Error: (06/14/2011 08:40:40 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: ) Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6541.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 4452 seconds with 3240 seconds of active time. This session ended with a crash. CodeIntegrity Errors: =================================== Date: 2013-08-21 11:50:58.523 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\KLELAMX64\klelam.sys because the set of per-page image hashes could not be found on the system. Date: 2013-08-21 11:50:58.520 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\KLELAMX64\klelam.sys because the set of per-page image hashes could not be found on the system. Date: 2013-08-21 11:50:58.518 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\KLELAMX64\klelam.sys because the set of per-page image hashes could not be found on the system. Date: 2013-08-21 11:50:58.515 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\KLELAMX64\klelam.sys because the set of per-page image hashes could not be found on the system. Date: 2013-08-09 11:18:04.469 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\KLELAMX64\klelam.sys because the set of per-page image hashes could not be found on the system. Date: 2013-08-09 11:18:04.466 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\KLELAMX64\klelam.sys because the set of per-page image hashes could not be found on the system. Date: 2013-08-09 11:18:04.463 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\KLELAMX64\klelam.sys because the set of per-page image hashes could not be found on the system. Date: 2013-08-09 11:18:04.460 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\KLELAMX64\klelam.sys because the set of per-page image hashes could not be found on the system. Date: 2013-08-07 22:22:54.396 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\KLELAMX64\klelam.sys because the set of per-page image hashes could not be found on the system. Date: 2013-08-07 22:22:54.393 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\KLELAMX64\klelam.sys because the set of per-page image hashes could not be found on the system. ==================== Memory info =========================== Processor: Intel(R) Core(TM)2 Duo CPU T6600 @ 2.20GHz Percentage of memory in use: 64% Total physical RAM: 4063.19 MB Available physical RAM: 1453.63 MB Total Pagefile: 8124.57 MB Available Pagefile: 5284.39 MB Total Virtual: 8192 MB Available Virtual: 8191.79 MB ==================== Drives ================================ Drive c: () (Fixed) (Total:453.07 GB) (Free:201.81 GB) NTFS ==>[System with boot components (obtained from reading drive)] Drive d: (RECOVERY) (Fixed) (Total:12.5 GB) (Free:2.03 GB) NTFS ==>[System with boot components (obtained from reading drive)] Drive f: (Mobile Partner) (CDROM) (Total:0.03 GB) (Free:0 GB) CDFS ==================== MBR & Partition Table ================== ======================================================== Disk: 0 (Size: 465.8 GB) (Disk ID: 7A003DD7) Partition 1: (Active) - (Size=199 MB) - (Type=07 NTFS) Partition 2: (Not Active) - (Size=453.1 GB) - (Type=07 NTFS) Partition 3: (Not Active) - (Size=12.5 GB) - (Type=07 NTFS) ======================================================== Disk: 2 (Size: 596.2 GB) (Disk ID: F6381AFB) Partition 1: (Active) - (Size=596.2 GB) - (Type=0C) ==================== End of log ============================