Additional scan result of Farbar Recovery Scan Tool (x86) Version: 24-06-2015 Ran by pikus at 2015-06-25 08:46:40 Running from C:\Users\pikus\Desktop Boot Mode: Normal ========================================================== ==================== Accounts: ============================= Administrator (S-1-5-21-3383955824-2591044982-1744693773-500 - Administrator - Disabled) Gość (S-1-5-21-3383955824-2591044982-1744693773-501 - Limited - Disabled) pikus (S-1-5-21-3383955824-2591044982-1744693773-1000 - Administrator - Enabled) => C:\Users\pikus ==================== Security Center ======================== (If an entry is included in the fixlist, it will be removed.) AV: Emsisoft Anti-Malware (Enabled - Up to date) {2F44E1F9-850B-1C7A-0E56-EB2E0A3E20C9} AS: Emsisoft Anti-Malware (Enabled - Up to date) {9425001D-A331-13F4-34E6-D05C71B96A74} AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} ==================== Installed Programs ====================== (Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.) µTorrent (HKLM\...\uTorrent) (Version: 2.0.0 - ) 7-Zip 9.20 (HKLM\...\7-Zip) (Version: - ) Adobe Flash Player 10 ActiveX (HKLM\...\{66E3BA00-6B3D-466B-96FA-6309A7F42BB0}) (Version: 10.0.45.2 - Adobe Systems, Inc.) Adobe Flash Player 17 NPAPI (HKLM\...\Adobe Flash Player NPAPI) (Version: 17.0.0.190 - Adobe Systems Incorporated) Adobe Reader X (10.1.14) (HKLM\...\{AC76BA86-7AD7-1033-7B44-AA1000000001}) (Version: 10.1.14 - Adobe Systems Incorporated) Adobe Shockwave Player 12.1 (HKLM\...\Adobe Shockwave Player) (Version: 12.1.3.153 - Adobe Systems, Inc.) ALLPlayer V4.X (HKLM\...\ALLPlayer_is1) (Version: - ALLPlayer Sp. z o.o.) Anki (HKLM\...\Anki) (Version: - ) Any Video Converter 5 5.0.3 (HKLM\...\Any Video Converter 5_is1) (Version: - Any-Video-Converter.com) Apple Application Support (HKLM\...\{3FA365DF-2D68-45ED-8F83-8C8A33E65143}) (Version: 1.1.0 - Apple Inc.) Apple Software Update (HKLM\...\{6956856F-B6B3-4BE0-BA0B-8F495BE32033}) (Version: 2.1.1.116 - Apple Inc.) Asystent rejestracji usługi Windows Live (HKLM\...\{74CC5B4D-CBB5-46F1-82B0-3169977B1D36}) (Version: 5.000.818.6 - Microsoft Corporation) Atheros Communications Inc.(R) AR81Family Gigabit/Fast Ethernet Driver (HKLM\...\{3108C217-BE83-42E4-AE9E-A56A2A92E549}) (Version: 1.0.0.7 - Atheros Communications Inc.) Auslogics Disk Defrag (HKLM\...\{DF6A13C0-77DF-41FE-BD05-6D5201EB0CE7}_is1) (Version: version 3.1 - Auslogics Software Pty Ltd) AutoCAD 2011 - Polski (HKLM\...\AutoCAD 2011 - Polski) (Version: 18.1.49.0 - Autodesk) AutoCAD 2011 - Polski (Version: 18.1.49.0 - Autodesk) Hidden AutoCAD 2011 Language Pack - Polski (Version: 18.1.49.0 - Autodesk) Hidden Autodesk Material Library 2011 (HKLM\...\{9DEABCB6-B759-4D52-92F8-51B34A2B4D40}) (Version: 2.0.0.49 - Autodesk) Autodesk Material Library 2011 Base Image library (HKLM\...\{CD1E078C-A6B9-47DA-B035-6365C85C7832}) (Version: 2.0.0.49 - Autodesk) Autodesk Material Library 2011 Medium Image library (HKLM\...\{975951E7-14D0-49AF-A630-89680D12D7F6}) (Version: 2.0.0.49 - Autodesk) CCleaner (HKLM\...\CCleaner) (Version: - Piriform) Choice Guard (Version: 1.2.87.0 - Microsoft Corporation) Hidden ConvertHelper 2.2 (HKLM\...\{27CC6AB1-E72B-4179-AF1A-EAE507EBAF51}_is1) (Version: - DownloadHelper) Cycle-Tempo Release 5.0 (build 478) (HKLM\...\{8AEEB4CF-26E1-4EF8-8964-AA1D1BC47ACE}) (Version: 5.0.0.478 - Delft University of Technology, 3ME Faculty, Energy Technology Section) DAEMON Tools Lite (HKLM\...\DAEMON Tools Lite) (Version: 4.46.1.0327 - DT Soft Ltd) Diagram Designer (HKLM\...\{BE725DFC-550D-4C4B-BA2D-B1AE3CC0E33F}) (Version: 1.27.3 - MeeSoft) Efficient Sticky Notes 3.50 (HKLM\...\Efficient Sticky Notes_is1) (Version: - Efficient Software) EGCS 1.1.1 (GNU Fortran) (HKLM\...\{56B64431-0409-11D5-8481-0050BAC22C49}) (Version: 1.1.1 - ) eMachines Power Management (HKLM\...\{3DB0448D-AD82-4923-B305-D001E521A964}) (Version: 4.00.3006 - Acer Incorporated) eMachines Recovery Management (HKLM\...\{7F811A54-5A09-4579-90E1-C93498E230D9}) (Version: 4.00.3001 - Acer Incorporated) eMachines ScreenSaver (HKLM\...\eMachines Screensaver) (Version: 1.0.0.0309 - eMachines) Emsisoft Anti-Malware (HKLM\...\{5502032C-88C1-4303-99FE-B5CBD7684CEA}_is1) (Version: 10.0 - Emsisoft Ltd.) FARO LS 1.1.406.58 (HKLM\...\{951B0F30-9F1A-4BF6-B3DA-99EB0E917B1C}) (Version: 4.6.58.2 - FARO Scanner Production) FluidProp (HKLM\...\{91E0BD45-C7DA-40A1-8161-9638F3CE0A60}) (Version: 1.1.2.16 - Delft University of Technology, Faculty OCP, Energy Technology Section) Gadu-Gadu 10 (HKLM\...\Gadu-Gadu 10) (Version: - GG Network S.A.) Galeria fotografii usługi Windows Live (Version: 14.0.8051.1204 - Microsoft Corporation) Hidden GeoGebra 4.4 (HKLM\...\GeoGebra 4.4) (Version: 4.4.8.0 - International GeoGebra Institute) Google Chrome (HKLM\...\Google Chrome) (Version: 43.0.2357.130 - Google Inc.) Google Desktop (HKLM\...\Google Desktop) (Version: 5.9.1005.12335 - Google) Google Earth (HKLM\...\{817750FA-EC6A-485D-9901-0683AE6FFDF1}) (Version: 7.1.5.1557 - Google) Google Talk Plugin (HKLM\...\{CA3DD97D-1FD7-37A7-BD5C-FC4430C8B8E6}) (Version: 5.41.2.0 - Google) Google Update Helper (Version: 1.3.27.5 - Google Inc.) Hidden gpedt.msc 1.0 (HKLM\...\{10B9C608-BF7C-4CCF-A658-C01D969DCA21}_is1) (Version: - Richard) Heroes III Armageddon's Blade (HKLM\...\Heroes III Armageddon's Blade) (Version: - ) Heroes III The Restoration of Erathia (HKLM\...\Heroes III The Restoration of Erathia) (Version: - ) Intel(R) Graphics Media Accelerator Driver (HKLM\...\HDMI) (Version: - Intel Corporation) InterVideo WinDVD 8 (HKLM\...\InstallShield_{20471B27-D702-4FE8-8DEC-0702CC8C0A85}) (Version: 8.0-B9.574 - InterVideo Inc.) InterVideo WinDVD 8 (Version: 8.0-B9.574 - InterVideo Inc.) Hidden IrfanView (remove only) (HKLM\...\IrfanView) (Version: 4.28 - Irfan Skiljan) IsoBuster 2.6 (HKLM\...\IsoBuster_is1) (Version: 2.6 - Smart Projects) Java 8 Update 31 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83218031F0}) (Version: 8.0.310 - Oracle Corporation) Junk Mail filter update (Version: 14.0.8050.1202 - Microsoft Corporation) Hidden Keil µVision4 (HKLM\...\Keil µVision4) (Version: 5.11.2.0 - ARM Ltd) K-Lite Codec Pack 8.0.0 (Full) (HKLM\...\KLiteCodecPack_is1) (Version: 8.0.0 - ) Launch Manager (HKLM\...\LManager) (Version: 2.0.00 - eMachines) LiveVDO plugin 1.3 (HKLM\...\LiveVDO plugin) (Version: 1.3 - LiveVDO.tv, Inc.) <==== ATTENTION LiveWire 2.3 (HKLM\...\{7861715C-6FDC-4FF9-BCBD-2C62A282912F}) (Version: - ) LiveWire 2.3 Unlicensed (HKLM\...\{2063A06C-726F-494A-B8F5-747474EC3901}) (Version: - ) Manitoba HVDC Research Centre Licence Manager 1.27 (HKLM\...\{102700DC-02BF-4C3E-9BDB-0050BAC22C49}) (Version: 1.27 - Manitoba HVDC Research Centre Inc.) Maxima 5.31.2 (HKLM\...\Maxima-5.31.2_is1) (Version: 5.31.2 - The Maxima Development Team) Microsoft .NET Framework 3.5 SP1 (HKLM\...\Microsoft .NET Framework 3.5 SP1) (Version: - Microsoft Corporation) Microsoft .NET Framework 4 Client Profile (HKLM\...\Microsoft .NET Framework 4 Client Profile) (Version: 4.0.30319 - Microsoft Corporation) Microsoft .NET Framework 4 Extended (HKLM\...\Microsoft .NET Framework 4 Extended) (Version: 4.0.30319 - Microsoft Corporation) Microsoft .NET Framework 4 Multi-Targeting Pack (HKLM\...\{CFEF48A8-BFB8-3EAC-8BA5-DE4F8AA267CE}) (Version: 4.0.30319 - Microsoft Corporation) Microsoft Access 2010 (HKLM\...\Office14.AccessR) (Version: 14.0.4763.1000 - Microsoft Corporation) Microsoft Help Viewer 1.0 (HKLM\...\Microsoft Help Viewer 1.0) (Version: 1.0.30319 - Microsoft Corporation) Microsoft Office Professional Edition 2003 (HKLM\...\{90110415-6000-11D3-8CFE-0150048383C9}) (Version: 11.0.8173.0 - Microsoft Corporation) Microsoft Office Suite Activation Assistant (HKLM\...\{E50AE784-FABE-46DA-A1F8-7B6B56DCB22E}) (Version: 2.9 - Microsoft Corporation) Microsoft Office Visio Professional 2007 (HKLM\...\VISPRO) (Version: 12.0.4518.1014 - Microsoft Corporation) Microsoft Office Word 2007 (HKLM\...\WORD) (Version: 12.0.4518.1014 - Microsoft Corporation) Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation) Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation) Microsoft SQL Server 2008 (HKLM\...\Microsoft SQL Server 10 Release) (Version: - Microsoft Corporation) Microsoft SQL Server 2008 Browser (HKLM\...\{C688457E-03FD-4941-923B-A27F4D42A7DD}) (Version: 10.1.2531.0 - Microsoft Corporation) Microsoft SQL Server 2008 R2 Management Objects (HKLM\...\{4E968D9C-21A7-4915-B698-F7AEB913541D}) (Version: 10.50.1447.4 - Microsoft Corporation) Microsoft SQL Server 2008 R2 Native Client (HKLM\...\{4AB6A079-178B-4144-B21F-4D1AE71666A2}) (Version: 10.50.1600.1 - Microsoft Corporation) Microsoft SQL Server 2008 R2 Setup (English) (HKLM\...\{72DE3C67-FB48-450E-8BEA-4EB1B3B5355D}) (Version: 10.50.1600.1 - Microsoft Corporation) Microsoft SQL Server 2008 Setup Support Files (HKLM\...\{D441BD04-E548-4F8E-97A4-1B66135BAAA8}) (Version: 10.1.2731.0 - Microsoft Corporation) Microsoft SQL Server Compact 3.5 SP2 ENU (HKLM\...\{3A9FC03D-C685-4831-94CF-4EDFD3749497}) (Version: 3.5.8080.0 - Microsoft Corporation) Microsoft SQL Server Database Publishing Wizard 1.3 (HKLM\...\{9A33B83D-FFC4-44CF-BEEF-632DECEF2FCD}) (Version: 10.0.1600.22 - Microsoft Corporation) Microsoft SQL Server System CLR Types (HKLM\...\{2A2F3AE8-246A-4252-BB26-1BEB45627074}) (Version: 10.50.1447.4 - Microsoft Corporation) Microsoft SQL Server VSS Writer (HKLM\...\{B857D868-F8B0-43EE-BC2B-D9E5ED21F237}) (Version: 10.1.2531.0 - Microsoft Corporation) Microsoft Text-to-Speech Engine 4.0 (English) (HKLM\...\MSTTS) (Version: - ) Microsoft Visual C++ 2005 Redistributable (HKLM\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual Studio Web Authoring Component (HKLM\...\VisualWebDeveloper) (Version: 12.0.4518.1066 - Microsoft Corporation) Microsoft Visual Web Developer 2008 Express Edition - ENU (HKLM\...\Microsoft Visual Web Developer 2008 Express Edition - ENU) (Version: - Microsoft Corporation) Microsoft Windows SDK for Visual Studio 2008 Express Tools for Web (HKLM\...\{3C7EEEC3-464F-3FE9-8795-3CC8B4EAD82A}) (Version: 3.5.21022 - Microsoft) Microsoft Works (HKLM\...\{44E42AAA-432F-4E03-8D7D-C8DB4FEE526A}) (Version: 9.7.0621 - Microsoft Corporation) Mozilla Firefox 38.0.5 (x86 pl) (HKLM\...\Mozilla Firefox 38.0.5 (x86 pl)) (Version: 38.0.5 - Mozilla) Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 34.0.5 - Mozilla) MSXML 4.0 SP2 (KB954430) (HKLM\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation) MSXML 4.0 SP2 (KB973688) (HKLM\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation) NapiProjekt (2.2.0.2399) (HKLM\...\NapiProjekt_is1) (Version: - ) Narzędzie do przekazywania usługi Windows Live (HKLM\...\{205C6BDD-7B73-42DE-8505-9A093F35A238}) (Version: 14.0.8014.1029 - Microsoft Corporation) Network Play System (Patching) (HKLM\...\Network Play System (Patching)) (Version: - ) NetWorx 5.3.2 (HKLM\...\NetWorx_is1) (Version: - Softperfect Research) NTI Backup Now 5 (HKLM\...\InstallShield_{12EFA1A4-AC3B-443C-8143-237EDE760403}) (Version: 5.1.2.616 - NewTech Infosystems) NTI Backup Now Standard (Version: 5.1.2.616 - NewTech Infosystems) Hidden NTI Media Maker 8 (HKLM\...\InstallShield_{2413930C-8309-47A6-BC61-5EF27A4222BC}) (Version: 8.0.12.6509 - Nazwa firmy) NTI Media Maker 8 (Version: 8.0.12.6509 - Nazwa firmy) Hidden Pakiet zgodności dla systemu Office 2007 (HKLM\...\{90120000-0020-0415-0000-0000000FF1CE}) (Version: 12.0.6425.1000 - Microsoft Corporation) PDF Split And Merge Basic (HKLM\...\{C91B24F6-1629-11E2-B696-21676188709B}) (Version: 2.2.2 - Andrea Vacondio) PDFCreator (HKLM\...\{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}) (Version: 1.7.2 - pdfforge) Picasa 3 (HKLM\...\Picasa 3) (Version: 3.9 - Google, Inc.) PlayReady PC Runtime x86 (HKLM\...\{CCA5EAAD-92F4-4B7A-B5EE-14294C66AB61}) (Version: 1.3.0 - Microsoft Corporation) Plus Internet 2.5 (HKLM\...\Plus Internet_is1) (Version: 2.5 - Polkomtel S.A.) Plus Internet Monitor wersja 1.0 (HKLM\...\{64CFCC62-D81B-4A2B-81D6-169FBF95520A}_is1) (Version: 1.0 - Polkomtel sp. z o.o.) Poczta usługi Windows Live (Version: 14.0.8050.1202 - Microsoft Corporation) Hidden Podstawowe programy Windows Live (HKLM\...\WinLiveSuite_Wave3) (Version: 14.0.8050.1202 - Microsoft Corporation) Podstawowe programy Windows Live (Version: 14.0.8050.1202 - Microsoft Corporation) Hidden PSCAD 4.2.1 Professional/Educational (HKLM\...\{42100F86-B87D-11D8-8496-0050BAC22C49}) (Version: 4.2.1 - Manitoba HVDC Research Centre Inc.) Realtek High Definition Audio Driver (HKLM\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.5789 - Realtek Semiconductor Corp.) Realtek USB 2.0 Card Reader (HKLM\...\{DC24971E-1946-445D-8A82-CE685433FA7D}) (Version: 6.0.6000.20125 - Realtek Semiconductor Corp.) Rosetta Stone Version 3 (HKLM\...\{148E08FF-D7C4-46ED-8D4D-601C67FE0AFD}) (Version: 3.3.5.2 - Rosetta Stone Ltd.) scilab-5.4.1 (HKLM\...\scilab-5.4.1_is1) (Version: - Scilab Enterprises) Secure Download Manager (HKLM\...\{E040B65B-8683-4228-8C33-D44A141E40EA}) (Version: 3.1.60 - Kivuto Solutions Inc.) Sentinel Protection Installer 7.3.2 (HKLM\...\{EDFE2142-CFB3-44AB-A961-DE85F6408A28}) (Version: 7.3.2 - SafeNet, Inc.) Service Pack 1 for SQL Server 2008 (KB968369) (HKLM\...\KB968369) (Version: 10.1.2531.0 - Microsoft Corporation) SIMARIS design 8.0 (HKLM\...\SIMARIS design 8.0) (Version: 8.0.0 - Siemens AG) Sql Server Customer Experience Improvement Program (Version: 10.1.2531.0 - Microsoft Corporation) Hidden StrongRecovery (HKLM\...\StrongRecovery) (Version: - ) swMSM (Version: 12.0.0.1 - Adobe Systems, Inc) Hidden Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 12.1.3.1 - Synaptics) System Requirements Lab CYRI (HKLM\...\{1F77C418-2C90-459C-BD33-B56A4182B9FA}) (Version: 4.4.26.0 - Husdawg, LLC) Technic packages - Poland (HKLM\...\SIMARIS design localisation pl_PL 3.0.0) (Version: 3.0.0 - SIEMENS AG) Total Commander (Remove or Repair) (HKLM\...\Totalcmd) (Version: 8.51a - Ghisler Software GmbH) UltraISO Premium V9.62 (HKLM\...\UltraISO_is1) (Version: - ) Unity Web Player (HKU\S-1-5-21-3383955824-2591044982-1744693773-1000\...\UnityWebPlayer) (Version: 2.6.1f3_31223 - Unity Technologies ApS) VC Runtimes MSI (Version: 9.0.21022 - Microsoft) Hidden Video Web Camera (HKLM\...\{A77255C4-AFCB-44A3-BF0F-2091A71FFD9E}) (Version: 5.0.1.1 - SuYin) Winamp (HKLM\...\Winamp) (Version: 5.56 - Nullsoft, Inc) Windows 7 USB/DVD Download Tool (HKLM\...\{CCF298AF-9CE1-4B26-B251-486E98A34789}) (Version: 1.0.30 - Microsoft Corporation) Windows Live Sync (HKLM\...\{C3335EFB-008F-44DB-A87A-9EC8EE53D045}) (Version: 14.0.8050.1202 - Microsoft Corporation) Windows Media Player Firefox Plugin (HKLM\...\{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}) (Version: 1.0.0.8 - Microsoft Corp) ZipGenius 6 (6.1.0.1010) (HKLM\...\{EC3B598C-1151-4191-B5B4-A9072ADE6259}_is1) (Version: 6.1 - WinInizio.it Software) ==================== Custom CLSID (Whitelisted): ========================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) CustomCLSID: HKU\S-1-5-21-3383955824-2591044982-1744693773-1000_Classes\CLSID\{022105BD-948A-40C9-AB42-A3300DDF097F}\localserver32 -> C:\Users\pikus\AppData\Local\Google\Update\GoogleUpdate.exe (Google Inc.) CustomCLSID: HKU\S-1-5-21-3383955824-2591044982-1744693773-1000_Classes\CLSID\{0F22A205-CFB0-4679-8499-A6F44A80A208}\InprocServer32 -> C:\Users\pikus\AppData\Local\Google\Update\1.3.25.5\psuser.dll No File CustomCLSID: HKU\S-1-5-21-3383955824-2591044982-1744693773-1000_Classes\CLSID\{1423F872-3F7F-4E57-B621-8B1A9D49B448}\InprocServer32 -> C:\Users\pikus\AppData\Local\Google\Update\1.3.27.5\psuser.dll (Google Inc.) CustomCLSID: HKU\S-1-5-21-3383955824-2591044982-1744693773-1000_Classes\CLSID\{22181302-A8A6-4F84-A541-E5CBFC70CC43}\localserver32 -> C:\Users\pikus\AppData\Local\Google\Update\1.3.27.5\GoogleUpdateOnDemand.exe (Google Inc.) CustomCLSID: HKU\S-1-5-21-3383955824-2591044982-1744693773-1000_Classes\CLSID\{2F0E2680-9FF5-43C0-B76E-114A56E93598}\localserver32 -> C:\Users\pikus\AppData\Local\Google\Update\1.3.27.5\GoogleUpdateOnDemand.exe (Google Inc.) CustomCLSID: HKU\S-1-5-21-3383955824-2591044982-1744693773-1000_Classes\CLSID\{355EC88A-02E2-4547-9DEE-F87426484BD1}\InprocServer32 -> C:\Users\pikus\AppData\Local\Google\Update\1.3.23.9\psuser.dll No File CustomCLSID: HKU\S-1-5-21-3383955824-2591044982-1744693773-1000_Classes\CLSID\{39125640-8D80-11DC-A2FE-C5C455D89593}\InprocServer32 -> C:\Users\pikus\AppData\Local\Google\Google Talk Plugin\googletalkax.dll (Google) CustomCLSID: HKU\S-1-5-21-3383955824-2591044982-1744693773-1000_Classes\CLSID\{4052D303-74C5-49EA-BC6B-66099C8D4007}\InprocServer32 -> C:\Program Files\Google\Google Desktop Search\GoogleDesktopAPI2.dll (Google) CustomCLSID: HKU\S-1-5-21-3383955824-2591044982-1744693773-1000_Classes\CLSID\{444785F1-DE89-4295-863A-D46C3A781394}\InprocServer32 -> C:\Users\pikus\AppData\LocalLow\Unity\WebPlayer\loader\UnityWebPluginAX.ocx (Unity Technologies ApS) CustomCLSID: HKU\S-1-5-21-3383955824-2591044982-1744693773-1000_Classes\CLSID\{51F9E8EF-59D7-475B-A106-C7EA6F30C119}\localserver32 -> C:\Users\pikus\AppData\Local\Google\Update\1.3.27.5\GoogleUpdateOnDemand.exe (Google Inc.) CustomCLSID: HKU\S-1-5-21-3383955824-2591044982-1744693773-1000_Classes\CLSID\{6D7AE628-FF41-4CD3-91DD-34825BB1A251}\localserver32 -> C:\Program Files\Autodesk\AutoCAD 2011\acad.exe (Autodesk, Inc.) CustomCLSID: HKU\S-1-5-21-3383955824-2591044982-1744693773-1000_Classes\CLSID\{90B3DFBF-AF6A-4EA0-8899-F332194690F8}\InprocServer32 -> C:\Users\pikus\AppData\Local\Google\Update\1.3.24.15\psuser.dll No File CustomCLSID: HKU\S-1-5-21-3383955824-2591044982-1744693773-1000_Classes\CLSID\{AB9F4455-E591-4132-A386-0B91EAEDB96C}\InprocServer32 -> C:\Users\pikus\AppData\Local\Google\Google Talk Plugin\o1dax.dll (Google) CustomCLSID: HKU\S-1-5-21-3383955824-2591044982-1744693773-1000_Classes\CLSID\{C3101A8B-0EE1-4612-BFE9-41FFC1A3C19D}\InprocServer32 -> C:\Users\pikus\AppData\Local\Google\Update\1.3.27.5\npGoogleUpdate3.dll (Google Inc.) CustomCLSID: HKU\S-1-5-21-3383955824-2591044982-1744693773-1000_Classes\CLSID\{C3BC25C0-FCD3-4F01-AFDD-41373F017C9A}\InprocServer32 -> C:\Users\pikus\AppData\Local\Google\Update\1.3.26.9\psuser.dll No File CustomCLSID: HKU\S-1-5-21-3383955824-2591044982-1744693773-1000_Classes\CLSID\{C442AC41-9200-4770-8CC0-7CDB4F245C55}\InprocServer32 -> C:\Users\pikus\AppData\Local\Google\Update\1.3.27.5\npGoogleUpdate3.dll (Google Inc.) CustomCLSID: HKU\S-1-5-21-3383955824-2591044982-1744693773-1000_Classes\CLSID\{C92FB640-AD4D-498A-9979-A51A2540C977}\localserver32 -> C:\Program Files\Autodesk\AutoCAD 2011\acad.exe (Autodesk, Inc.) CustomCLSID: HKU\S-1-5-21-3383955824-2591044982-1744693773-1000_Classes\CLSID\{D0336C0B-7919-4C04-8CCE-2EBAE2ECE8C9}\InprocServer32 -> C:\Users\pikus\AppData\Local\Google\Update\1.3.25.11\psuser.dll No File CustomCLSID: HKU\S-1-5-21-3383955824-2591044982-1744693773-1000_Classes\CLSID\{D70E31AD-2614-49F2-B0FC-ACA781D81F3E}\localserver32 -> C:\Program Files\Autodesk\AutoCAD 2011\acad.exe (Autodesk, Inc.) CustomCLSID: HKU\S-1-5-21-3383955824-2591044982-1744693773-1000_Classes\CLSID\{E2C40589-DE61-11ce-BAE0-0020AF6D7005}\InprocServer32 -> C:\Program Files\Autodesk\AutoCAD 2011\acadficn.dll (Autodesk, Inc.) CustomCLSID: HKU\S-1-5-21-3383955824-2591044982-1744693773-1000_Classes\CLSID\{E67BE843-BBBE-4484-95FB-05271AE86750}\localserver32 -> C:\Users\pikus\AppData\Local\Google\Update\1.3.27.5\GoogleUpdateOnDemand.exe (Google Inc.) CustomCLSID: HKU\S-1-5-21-3383955824-2591044982-1744693773-1000_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\pikus\AppData\Local\Google\Update\1.3.27.5\psuser.dll (Google Inc.) CustomCLSID: HKU\S-1-5-21-3383955824-2591044982-1744693773-1000_Classes\CLSID\{FE498BAB-CB4C-4F88-AC3F-3641AAAF5E9E}\InprocServer32 -> C:\Users\pikus\AppData\Local\Google\Update\1.3.24.7\psuser.dll No File ==================== Restore Points ========================= ATTENTION: System Restore is disabled 31-05-2015 13:40:25 Zaplanowany punkt kontrolny 02-06-2015 14:55:00 Zaplanowany punkt kontrolny 06-06-2015 16:43:31 Zaplanowany punkt kontrolny 09-06-2015 14:44:07 Zaplanowany punkt kontrolny 10-06-2015 20:14:04 Zaplanowany punkt kontrolny 14-06-2015 12:42:47 Zaplanowany punkt kontrolny 18-06-2015 12:02:57 Zaplanowany punkt kontrolny 19-06-2015 09:25:13 Zaplanowany punkt kontrolny ==================== Hosts content: ========================== (If needed Hosts: directive could be included in the fixlist to reset Hosts.) 2006-11-02 12:23 - 2006-09-18 23:41 - 00000761 ____A C:\Windows\system32\Drivers\etc\hosts 127.0.0.1 localhost ::1 localhost ==================== Scheduled Tasks (Whitelisted) ============= (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) Task: {034BB639-96ED-442C-8ECA-BF8BADC3ED21} - System32\Tasks\Microsoft\Windows\WindowsCalendar\Reminders - pikus => C:\Program Files\Windows Calendar\WinCal.exe [2008-01-21] (Microsoft Corporation) Task: {138BF35F-7B64-4026-AA41-07A2E69D8F8A} - System32\Tasks\{213BCBDE-D11D-4E83-8C6C-5E655EAE1ECC} => pcalua.exe -a "C:\Program Files\Electronic Arts\Ojciec chrzestny® Gra\eauninstall.exe" -d "C:\Program Files\Electronic Arts\Ojciec chrzestny® Gra" Task: {2E47D8D0-7EC0-4079-BBCD-205D053B1F63} - System32\Tasks\{B3DBE16A-8745-4BB5-AE32-882DD31B8EA4} => pcalua.exe -a C:\Users\pikus\Desktop\wwp_vista_win7_fix_v1.4.exe -d "C:\Program Files\Mozilla Firefox" Task: {3A8922B4-E37E-4D3D-96D2-A2CEFCF05254} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2014-12-19] (Adobe Systems Incorporated) Task: {43423E8D-3E85-4980-A21C-FE95BB704C0D} - System32\Tasks\{1C16B1A8-DF34-4195-B363-A4C6039D05D6} => C:\Program Files\Skype\\Phone\Skype.exe Task: {4B3A195E-B658-49BA-AEFD-BBC4F8837D15} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2014-09-19] (Google Inc.) Task: {5F64E03D-927F-4219-AB9D-CFD4F56FFEF4} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2015-06-24] (Adobe Systems Incorporated) Task: {66980AAE-CD73-4FD1-B2F9-52833CE09AAA} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files\Apple Software Update\SoftwareUpdate.exe [2008-07-30] (Apple Inc.) Task: {6732330E-0DF7-449E-95CA-251961D1704E} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2014-09-19] (Google Inc.) Task: {82E20876-B7C4-40D9-9FD4-1D8870499790} - System32\Tasks\Microsoft\Windows\RestartManager\{7608630B-554C-4843-855D-8A818BF70AD7} => C:\Windows\system32\rmclient.exe [2006-11-02] (Microsoft Corporation) Task: {B7CDF4DA-9D62-40A8-BC7C-BC8710734CC7} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3383955824-2591044982-1744693773-1000UA => C:\Users\pikus\AppData\Local\Google\Update\GoogleUpdate.exe [2013-12-01] (Google Inc.) Task: {BAFDCA15-B91A-4CC4-82FE-59FD4F5B720B} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3383955824-2591044982-1744693773-1000Core => C:\Users\pikus\AppData\Local\Google\Update\GoogleUpdate.exe [2013-12-01] (Google Inc.) Task: {D1C86F4C-D993-427B-9ACA-C764CE61284C} - System32\Tasks\{0A832C90-8707-46AA-914B-82523E6F75D3} => pcalua.exe -a C:\Users\pikus\Desktop\rome\setup.exe -d C:\Users\pikus\Desktop\rome Task: {D41029F4-CA79-4809-9BFA-98C9C597CD0B} - System32\Tasks\Microsoft\Windows Defender\MP Scheduled Signature Update => c:\program files\windows defender\MpCmdRun.exe [2008-01-21] (Microsoft Corporation) Task: {D97187BC-2FB5-4BBA-86D5-D0609C5F111C} - System32\Tasks\{CE065A0B-CC64-42C4-A459-FFC9A6CCC679} => pcalua.exe -a C:\Users\pikus\Desktop\irfanview_lang_polski.exe -d C:\Users\pikus\Desktop (If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.) Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3383955824-2591044982-1744693773-1000Core.job => C:\Users\pikus\AppData\Local\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3383955824-2591044982-1744693773-1000UA.job => C:\Users\pikus\AppData\Local\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\User_Feed_Synchronization-{FD385677-FC1C-4231-BC47-D1753311A0CA}.job => C:\Windows\system32\msfeedssync.exe ==================== Loaded Modules (Whitelisted) ============== 2009-03-20 01:42 - 2010-09-01 23:16 - 00034816 _____ () C:\Program Files\Google\Google Desktop Search\gzlib.dll 2009-03-20 08:30 - 2003-06-07 07:30 - 00057344 _____ () C:\Program Files\Launch Manager\PowerUtl.dll 2009-07-01 18:37 - 2009-07-01 18:37 - 00037888 _____ () C:\Program Files\Winamp\winampa.exe ==================== Alternate Data Streams (Whitelisted) ========= (If an entry is included in the fixlist, only the ADS will be removed.) ==================== Safe Mode (Whitelisted) =================== (If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.) ==================== EXE Association (Whitelisted) =============== (If an entry is included in the fixlist, the registry item will be restored to default or removed.) ==================== Internet Explorer trusted/restricted =============== (If an entry is included in the fixlist, it will be removed from the registry.) ==================== Other Areas ============================ (Currently there is no automatic fix for this section.) HKU\S-1-5-21-3383955824-2591044982-1744693773-1000\Control Panel\Desktop\\Wallpaper -> DNS Servers: 193.203.206.1 - 91.210.245.1 ==================== MSCONFIG/TASK MANAGER disabled items == (Currently there is no automatic fix for this section.) ==================== FirewallRules (Whitelisted) =============== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) FirewallRules: [WinCollab-Out-UDP] => (Allow) %ProgramFiles%\Windows Collaboration\WinCollab.exe FirewallRules: [WinCollab-In-UDP] => (Allow) %ProgramFiles%\Windows Collaboration\WinCollab.exe FirewallRules: [WinCollab-Out-TCP] => (Allow) %ProgramFiles%\Windows Collaboration\WinCollab.exe FirewallRules: [WinCollab-In-TCP] => (Allow) %ProgramFiles%\Windows Collaboration\WinCollab.exe FirewallRules: [WinCollab-DFSR-Out-TCP] => (Allow) %SystemRoot%\system32\dfsr.exe FirewallRules: [WinCollab-DFSR-In-TCP] => (Allow) %SystemRoot%\system32\dfsr.exe FirewallRules: [{AE72AD78-B116-4C90-9335-BAB64506430E}] => (Allow) C:\Program Files\Windows Live\Messenger\msnmsgr.exe FirewallRules: [{FB55B525-B20D-404E-BF71-BE87D9F0A67D}] => (Allow) svchost.exe FirewallRules: [{8B5B1C63-88DE-4026-BD4E-758AC5C2AF80}] => (Allow) C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe FirewallRules: [{81F6BC29-56B6-4AF7-BEB7-DED9E0788991}] => (Allow) C:\Program Files\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe FirewallRules: [{82DEE76C-09D8-4A2D-83E2-868F6F90FB9E}] => (Allow) C:\Program Files\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe FirewallRules: [{72A8D00A-B6FC-44D7-A0E7-1C1D7D7D86EC}] => (Allow) C:\Program Files\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe FirewallRules: [{BEE558AE-37AC-4C17-AB40-FCDF51E88606}] => (Allow) C:\Program Files\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe FirewallRules: [TCP Query User{A99D6254-61EA-4998-9AA6-68EF017D357F}C:\program files\nowe gadu-gadu\gg.exe] => (Allow) C:\program files\nowe gadu-gadu\gg.exe FirewallRules: [UDP Query User{52403A80-B049-46A1-BC5F-1B63D1E51536}C:\program files\nowe gadu-gadu\gg.exe] => (Allow) C:\program files\nowe gadu-gadu\gg.exe FirewallRules: [TCP Query User{F45E130A-8224-42B5-A572-705E3A465041}C:\program files\mozilla firefox\firefox.exe] => (Allow) C:\program files\mozilla firefox\firefox.exe FirewallRules: [UDP Query User{F8238042-0A6B-4575-82D5-E552BB4D204F}C:\program files\mozilla firefox\firefox.exe] => (Allow) C:\program files\mozilla firefox\firefox.exe FirewallRules: [TCP Query User{36F18F6F-F30C-4483-BF79-4A797C7612AB}C:\windows\system32\dplaysvr.exe] => (Allow) C:\windows\system32\dplaysvr.exe FirewallRules: [UDP Query User{6A156E2B-AD40-443E-B1F8-72EE5BB35DF7}C:\windows\system32\dplaysvr.exe] => (Allow) C:\windows\system32\dplaysvr.exe FirewallRules: [TCP Query User{97233814-333F-425C-B400-9185B0B42AD8}C:\program files\kolekcja klasyki\twierdza\stronghold.exe] => (Allow) C:\program files\kolekcja klasyki\twierdza\stronghold.exe FirewallRules: [UDP Query User{2500F565-F08F-49E7-B0F6-64BB508E6DBF}C:\program files\kolekcja klasyki\twierdza\stronghold.exe] => (Allow) C:\program files\kolekcja klasyki\twierdza\stronghold.exe FirewallRules: [{D9E46168-71EF-4BCB-A4F6-A91E856DC0DE}] => (Allow) C:\Program Files\uTorrent\uTorrent.exe FirewallRules: [{8737F434-6585-42D4-95C7-A93364326824}] => (Allow) C:\Program Files\uTorrent\uTorrent.exe FirewallRules: [TCP Query User{E0635C4E-BB40-45F9-A1F3-FCC90E345628}C:\program files\lionhead studios ltd\black & white\runblack.exe] => (Allow) C:\program files\lionhead studios ltd\black & white\runblack.exe FirewallRules: [UDP Query User{37A433F6-FEE6-4195-BCC9-7737579C992E}C:\program files\lionhead studios ltd\black & white\runblack.exe] => (Allow) C:\program files\lionhead studios ltd\black & white\runblack.exe FirewallRules: [TCP Query User{100B17DB-4805-4712-81A4-5C1A874E195E}C:\program files\nowe gadu-gadu\gg.exe] => (Allow) C:\program files\nowe gadu-gadu\gg.exe FirewallRules: [UDP Query User{C5EE9B3C-20CE-4839-B29F-76571F7982E3}C:\program files\nowe gadu-gadu\gg.exe] => (Allow) C:\program files\nowe gadu-gadu\gg.exe FirewallRules: [TCP Query User{04A10D75-0486-4A6B-94FF-D591617B9C2C}C:\program files\lionhead studios ltd\black & white\runblack.exe] => (Allow) C:\program files\lionhead studios ltd\black & white\runblack.exe FirewallRules: [UDP Query User{58B8CCC1-C81E-47B6-868A-C6FB33D80AA2}C:\program files\lionhead studios ltd\black & white\runblack.exe] => (Allow) C:\program files\lionhead studios ltd\black & white\runblack.exe FirewallRules: [TCP Query User{E86A37A1-3273-45AD-9E78-33B4F8CB4F1C}C:\program files\java\jre6\bin\javaw.exe] => (Allow) C:\program files\java\jre6\bin\javaw.exe FirewallRules: [UDP Query User{EF51561D-2CC9-4E92-BA6E-E0C5B5C5698B}C:\program files\java\jre6\bin\javaw.exe] => (Allow) C:\program files\java\jre6\bin\javaw.exe FirewallRules: [TCP Query User{D8FD0620-6C01-460B-B0CA-AADADB4E4744}C:\program files\java\jre6\bin\javaw.exe] => (Block) C:\program files\java\jre6\bin\javaw.exe FirewallRules: [UDP Query User{E478BF1F-7051-4D99-B915-F7695FD8BFA4}C:\program files\java\jre6\bin\javaw.exe] => (Block) C:\program files\java\jre6\bin\javaw.exe FirewallRules: [TCP Query User{09DA3C9F-85AA-424D-9BEF-20EEC9258EFE}C:\windows\system32\dplaysvr.exe] => (Allow) C:\windows\system32\dplaysvr.exe FirewallRules: [UDP Query User{FA156EDB-2075-4B34-8949-2A7C5F328E49}C:\windows\system32\dplaysvr.exe] => (Allow) C:\windows\system32\dplaysvr.exe FirewallRules: [TCP Query User{BE0BEB5C-143E-4524-A584-739A95A252EA}C:\program files\sunflowers\anno1602\1602.exe] => (Allow) C:\program files\sunflowers\anno1602\1602.exe FirewallRules: [UDP Query User{7DA4B51D-5018-4304-95AF-21D110E5034B}C:\program files\sunflowers\anno1602\1602.exe] => (Allow) C:\program files\sunflowers\anno1602\1602.exe FirewallRules: [TCP Query User{4448EB21-AAAF-4F02-91F1-79E54ACDF1CA}C:\program files\electronic arts\bitwa o śródziemie ii\game.dat] => (Allow) C:\program files\electronic arts\bitwa o śródziemie ii\game.dat FirewallRules: [UDP Query User{FFD1FD23-AAFA-4E3B-ADD5-093213F53698}C:\program files\electronic arts\bitwa o śródziemie ii\game.dat] => (Allow) C:\program files\electronic arts\bitwa o śródziemie ii\game.dat FirewallRules: [{08983C54-D0C6-40AC-849E-66506236D23D}] => (Allow) C:\Program Files\Electronic Arts\Bitwa o Śródziemie II\game.dat FirewallRules: [{3F24764C-14D6-4EF8-9D84-6984895D35D1}] => (Allow) C:\Program Files\Electronic Arts\Bitwa o Śródziemie II\game.dat FirewallRules: [TCP Query User{FA33CBB4-DC40-4A91-BF4E-C0A03CA7EAE7}C:\program files\gadu-gadu 10\gg.exe] => (Allow) C:\program files\gadu-gadu 10\gg.exe FirewallRules: [UDP Query User{99F1998C-886E-4EE4-842F-9D182474AEB6}C:\program files\gadu-gadu 10\gg.exe] => (Allow) C:\program files\gadu-gadu 10\gg.exe FirewallRules: [TCP Query User{D7014AB8-7BEB-413C-8997-5CCAEED01612}C:\program files\gadu-gadu 10\gg.exe] => (Allow) C:\program files\gadu-gadu 10\gg.exe FirewallRules: [UDP Query User{B4D32D35-1FBE-42A8-849D-1EB55A6EA84A}C:\program files\gadu-gadu 10\gg.exe] => (Allow) C:\program files\gadu-gadu 10\gg.exe FirewallRules: [TCP Query User{7F301831-61B5-4550-9309-01206AA6DB96}C:\program files\google\google earth\client\googleearth.exe] => (Allow) C:\program files\google\google earth\client\googleearth.exe FirewallRules: [UDP Query User{E531935B-B271-4A92-A76E-55D42E701EA5}C:\program files\google\google earth\client\googleearth.exe] => (Allow) C:\program files\google\google earth\client\googleearth.exe FirewallRules: [TCP Query User{91A252BD-685E-4098-928A-E9F29D3F295A}C:\program files\soulseekns\slsk.exe] => (Allow) C:\program files\soulseekns\slsk.exe FirewallRules: [UDP Query User{B3EE91C8-595A-4503-95CF-AA0169B7E012}C:\program files\soulseekns\slsk.exe] => (Allow) C:\program files\soulseekns\slsk.exe FirewallRules: [TCP Query User{72876618-D45E-4AAB-A444-AD0136E4A6D1}C:\program files\google\google earth\client\googleearth.exe] => (Allow) C:\program files\google\google earth\client\googleearth.exe FirewallRules: [UDP Query User{81628112-5023-4F4E-B8EB-872DA56335A7}C:\program files\google\google earth\client\googleearth.exe] => (Allow) C:\program files\google\google earth\client\googleearth.exe FirewallRules: [TCP Query User{8B24A4E6-0B9A-4E2A-B1C2-6B5D911C142E}C:\program files\google\google earth\plugin\geplugin.exe] => (Allow) C:\program files\google\google earth\plugin\geplugin.exe FirewallRules: [UDP Query User{FE901694-EDA4-44CC-8D6D-F66CC79418C4}C:\program files\google\google earth\plugin\geplugin.exe] => (Allow) C:\program files\google\google earth\plugin\geplugin.exe FirewallRules: [{48F5A2A8-BA10-44EB-8B15-83DDF376FD3A}] => (Allow) C:\Program Files\Rosetta Stone\Rosetta Stone Version 3\RosettaStoneVersion3.exe FirewallRules: [{AC0ABDE6-C94F-4D05-8DEE-86E5C555420D}] => (Allow) C:\Program Files\Rosetta Stone\Rosetta Stone Version 3\RosettaStoneVersion3.exe FirewallRules: [{E5C2A335-AD7D-4144-9098-03A56F3923AC}] => (Allow) C:\Program Files\Rosetta Stone\Rosetta Stone Version 3\support\bin\win\RosettaStoneLtdServices.exe FirewallRules: [{D546C479-2186-436B-9573-1F1C81CFFAF6}] => (Allow) C:\Program Files\Rosetta Stone\Rosetta Stone Version 3\support\bin\win\RosettaStoneLtdServices.exe FirewallRules: [TCP Query User{535396BD-F049-4B46-B2A5-1CCA88AA1ED2}C:\windows\explorer.exe] => (Block) C:\windows\explorer.exe FirewallRules: [UDP Query User{574CC3CE-BB09-4F93-983E-9A830AD328C4}C:\windows\explorer.exe] => (Block) C:\windows\explorer.exe FirewallRules: [TCP Query User{265BED33-F8BA-4D18-8216-688BEEAE70EC}C:\windows\system32\taskeng.exe] => (Block) C:\windows\system32\taskeng.exe FirewallRules: [UDP Query User{3ED8AF1E-6F84-431E-BE36-517EDA5DE67C}C:\windows\system32\taskeng.exe] => (Block) C:\windows\system32\taskeng.exe FirewallRules: [TCP Query User{0723BC84-A36F-4319-AF8F-1CC3E28179C8}C:\program files\strategy first\etherlords ii\etherlords2.exe] => (Block) C:\program files\strategy first\etherlords ii\etherlords2.exe FirewallRules: [UDP Query User{8A7BF5AF-C148-4680-89F6-BF74C2654B74}C:\program files\strategy first\etherlords ii\etherlords2.exe] => (Block) C:\program files\strategy first\etherlords ii\etherlords2.exe FirewallRules: [{1E5E0A89-EBE7-45C0-9288-C4ED408B09E9}] => (Allow) C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe FirewallRules: [{CBF44C6A-EEB3-4A0D-84AF-4D502CFCF688}] => (Allow) C:\Program Files\Electronic Arts\Bitwa o Śródziemie II\game.dat FirewallRules: [{55278A7F-F7B6-4F72-B40A-A523264C11CF}] => (Allow) C:\Program Files\Electronic Arts\Bitwa o Śródziemie II\game.dat FirewallRules: [{92DDA7F4-F27E-4141-B5D3-AC1A16D9C499}] => (Allow) C:\Program Files\NapiProjekt\napisy.exe FirewallRules: [{434CB86E-328F-4A66-929B-5BBF45A02D81}] => (Allow) C:\Program Files\NapiProjekt\napisy.exe FirewallRules: [{CE0FC18E-6189-4348-8BC1-4D0542068A69}] => (Allow) C:\Program Files\PSCAD421Eval\bin\win\PSCAD.exe FirewallRules: [{A4D3C191-6B20-4FB7-8A62-2839B83CD3CD}] => (Allow) C:\Program Files\PSCAD421Eval\bin\win\PSCAD.exe FirewallRules: [{CC5A5317-E894-49BB-BA0F-1FBA0FEE8516}] => (Allow) C:\Program Files\PSCAD42\bin\win\PSCAD.exe FirewallRules: [{72D6C7C5-ADB9-40D0-B5FB-FBCCC8CB8A1D}] => (Allow) C:\Program Files\PSCAD42\bin\win\PSCAD.exe FirewallRules: [{CF8771F2-30E2-4C56-8371-4BDB986184D5}] => (Allow) C:\Program Files\HVDC Lmgr\WinNT\lmgrd-hvdc.exe FirewallRules: [{1E09AFD8-9C48-4AC2-AEC7-C6089101A479}] => (Allow) C:\Program Files\HVDC Lmgr\WinNT\lmgrd-hvdc.exe FirewallRules: [{72FC986F-A704-4905-BAF2-613329811650}] => (Allow) LPort=2053 FirewallRules: [{05CD19A2-F0D7-4486-8ED2-A7785829E8EA}] => (Allow) LPort=2053 FirewallRules: [TCP Query User{A51D1538-9DF6-4396-AF65-416354926944}C:\program files\pscad42\bin\win\pscad.exe] => (Allow) C:\program files\pscad42\bin\win\pscad.exe FirewallRules: [UDP Query User{9503A16D-0EBA-4792-B8C2-253068282991}C:\program files\pscad42\bin\win\pscad.exe] => (Allow) C:\program files\pscad42\bin\win\pscad.exe FirewallRules: [TCP Query User{874102D6-29C1-4CA3-88CF-F8736F8DDE02}C:\program files\totalcmd\totalcmd.exe] => (Allow) C:\program files\totalcmd\totalcmd.exe FirewallRules: [UDP Query User{2BCD6D2E-CD2D-48E0-9990-BAD7E45BD8C0}C:\program files\totalcmd\totalcmd.exe] => (Allow) C:\program files\totalcmd\totalcmd.exe FirewallRules: [{15955354-3B15-492F-A8D6-44D04D860BDF}] => (Allow) LPort=1433 FirewallRules: [TCP Query User{710791ED-D0A1-4D17-B26D-350339377B03}C:\program files\lg electronics\lg pc suite\smartsharera.exe] => (Block) C:\program files\lg electronics\lg pc suite\smartsharera.exe FirewallRules: [UDP Query User{D6500438-1D1A-4E56-9AD8-D1820F67767A}C:\program files\lg electronics\lg pc suite\smartsharera.exe] => (Block) C:\program files\lg electronics\lg pc suite\smartsharera.exe FirewallRules: [{4F047DF4-CC7E-4CB6-BE94-0CC01A7CDADD}] => (Allow) C:\Program Files\NetWorx\networx.exe FirewallRules: [{C0F5F322-7F10-46D2-A539-3935AFA187AD}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe FirewallRules: [{CED24486-BEDB-4893-ACCA-DE846B1AC471}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe FirewallRules: [{C41081D6-61C4-46BD-BCB3-6DD7D0A309D6}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe ==================== Faulty Device Manager Devices ============= Name: Karta Microsoft 6to4 Description: Karta Microsoft 6to4 Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318} Manufacturer: Microsoft Service: tunnel Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31) Resolution: Update the driver Name: Karta Microsoft ISATAP #21 Description: Karta Microsoft ISATAP Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318} Manufacturer: Microsoft Service: tunnel Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31) Resolution: Update the driver Name: isatap.{ABBF45D8-590C-494C-B894-BDD1DD09D3D3} Description: Karta Microsoft ISATAP Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318} Manufacturer: Microsoft Service: tunnel Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31) Resolution: Update the driver Name: Teredo Tunneling Pseudo-Interface Description: Karta Microsoft Tun Miniport Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318} Manufacturer: Microsoft Service: tunmp Problem: : This device cannot start. (Code10) Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device. On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard. Name: Video WebCam Description: Urządzenie wideo USB Class Guid: {6bdd1fc6-810f-11d0-bec7-08002be2092f} Manufacturer: Microsoft Service: usbvideo Problem: : This device is disabled. (Code 22) Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions. ==================== Event log errors: ========================= Application errors: ================== Error: (06/25/2015 08:01:51 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 11) (User: ) Description: http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cabNieprawidłowe dane. Error: (06/25/2015 08:01:20 AM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (06/24/2015 08:43:55 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 11) (User: ) Description: http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cabNieprawidłowe dane. Error: (06/24/2015 08:42:47 PM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (06/24/2015 11:33:34 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 11) (User: ) Description: http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cabNieprawidłowe dane. Error: (06/24/2015 11:33:22 AM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (06/24/2015 11:33:15 AM) (Source: SideBySide) (EventID: 33) (User: ) Description: Nie można wygenerować kontekstu aktywacji dla "msadctls,processorArchitecture="x86",type="win32",version="1.0.1801.0"1". Nie można odnaleźć zestawu zależnego msadctls,processorArchitecture="x86",type="win32",version="1.0.1801.0". Użyj narzędzia sxstrace.exe, aby uzyskać szczegółową diagnozę. Error: (06/24/2015 11:33:15 AM) (Source: SideBySide) (EventID: 33) (User: ) Description: Nie można wygenerować kontekstu aktywacji dla "msadctls,processorArchitecture="x86",type="win32",version="1.0.1801.0"1". Nie można odnaleźć zestawu zależnego msadctls,processorArchitecture="x86",type="win32",version="1.0.1801.0". Użyj narzędzia sxstrace.exe, aby uzyskać szczegółową diagnozę. Error: (06/24/2015 11:33:15 AM) (Source: SideBySide) (EventID: 33) (User: ) Description: Nie można wygenerować kontekstu aktywacji dla "msadctls,processorArchitecture="x86",type="win32",version="1.0.1801.0"1". Nie można odnaleźć zestawu zależnego msadctls,processorArchitecture="x86",type="win32",version="1.0.1801.0". Użyj narzędzia sxstrace.exe, aby uzyskać szczegółową diagnozę. Error: (06/24/2015 11:33:15 AM) (Source: SideBySide) (EventID: 33) (User: ) Description: Nie można wygenerować kontekstu aktywacji dla "msadctls,processorArchitecture="x86",type="win32",version="1.0.1801.0"1". Nie można odnaleźć zestawu zależnego msadctls,processorArchitecture="x86",type="win32",version="1.0.1801.0". Użyj narzędzia sxstrace.exe, aby uzyskać szczegółową diagnozę. System errors: ============= Error: (06/25/2015 08:02:56 AM) (Source: Service Control Manager) (EventID: 7009) (User: ) Description: 30000Microsoft .NET Framework NGEN v4.0.30319_X86 Error: (06/25/2015 08:01:22 AM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Avira Real-Time Protection%%3 Error: (06/25/2015 08:01:22 AM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Avira Scheduler%%3 Error: (06/25/2015 08:00:39 AM) (Source: ipnathlp) (EventID: 30013) (User: ) Description: Program przydzielania DHCP sam wyłączył się dla adresu IP 192.168.88.171, gdyż adres ten jest spoza zakresu 192.168.0.0/255.255.255.0, z którego są przydzielane adresy klientom DHCP. Aby włączyć program przydzielania DHCP dla tego adresu IP, zmień zakres, tak aby zawierał adres IP, albo zmień adres IP, tak aby mieścił się w zakresie. Error: (06/25/2015 08:00:39 AM) (Source: ipnathlp) (EventID: 1233) (User: ) Description: Usługa ICS_IPV6 nie mogła skonfigurować stosu IPv6. Error: (06/25/2015 07:59:44 AM) (Source: HTTP) (EventID: 15016) (User: ) Description: \Device\Http\ReqQueueKerberos Error: (06/24/2015 08:42:47 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Avira Real-Time Protection%%3 Error: (06/24/2015 08:42:47 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Avira Scheduler%%3 Error: (06/24/2015 08:42:14 PM) (Source: ipnathlp) (EventID: 30013) (User: ) Description: Program przydzielania DHCP sam wyłączył się dla adresu IP 192.168.88.171, gdyż adres ten jest spoza zakresu 192.168.0.0/255.255.255.0, z którego są przydzielane adresy klientom DHCP. Aby włączyć program przydzielania DHCP dla tego adresu IP, zmień zakres, tak aby zawierał adres IP, albo zmień adres IP, tak aby mieścił się w zakresie. Error: (06/24/2015 08:42:14 PM) (Source: ipnathlp) (EventID: 1233) (User: ) Description: Usługa ICS_IPV6 nie mogła skonfigurować stosu IPv6. Microsoft Office: ========================= Error: (12/14/2009 11:56:53 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: ) Description: ID: 13, Application Name: Microsoft Office OneNote, Application Version: 12.0.6211.1000, Microsoft Office Version: 12.0.6215.1000. This session lasted 30 seconds with 0 seconds of active time. This session ended with a crash. CodeIntegrity Errors: =================================== Date: 2015-06-25 08:45:54.650 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\tcpip.sys because the set of per-page image hashes could not be found on the system. Date: 2015-06-25 08:45:54.557 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\tcpip.sys because the set of per-page image hashes could not be found on the system. Date: 2015-06-25 08:45:54.458 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\tcpip.sys because the set of per-page image hashes could not be found on the system. Date: 2015-06-25 08:45:54.359 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\tcpip.sys because the set of per-page image hashes could not be found on the system. Date: 2015-06-25 08:45:54.192 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\tcpip.sys because the set of per-page image hashes could not be found on the system. Date: 2015-06-25 08:45:54.083 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\tcpip.sys because the set of per-page image hashes could not be found on the system. Date: 2015-06-25 08:45:53.976 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\tcpip.sys because the set of per-page image hashes could not be found on the system. Date: 2015-06-25 08:45:53.868 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\tcpip.sys because the set of per-page image hashes could not be found on the system. ==================== Memory info =========================== Processor: Pentium(R) Dual-Core CPU T4200 @ 2.00GHz Percentage of memory in use: 70% Total physical RAM: 1977.23 MB Available physical RAM: 579.87 MB Total Pagefile: 4197.73 MB Available Pagefile: 2119.94 MB Total Virtual: 2047.88 MB Available Virtual: 1899.25 MB ==================== Drives ================================ Drive c: (OS) (Fixed) (Total:222.88 GB) (Free:54.99 GB) NTFS ==>[Drive with boot components (obtained from BCD)] Drive f: (GSP1RMCPRXFRER_PL_DVD) (CDROM) (Total:2.98 GB) (Free:0 GB) UDF ==================== MBR & Partition Table ================== ======================================================== Disk: 0 (MBR Code: Windows 7 or Vista) (Size: 232.9 GB) (Disk ID: 61F44FB7) Partition 1: (Not Active) - (Size=10 GB) - (Type=27) Partition 2: (Active) - (Size=222.9 GB) - (Type=07 NTFS) ==================== End of log ============================