Additional scan result of Farbar Recovery Scan Tool (x64) Version:05-07-2015 Ran by Kuba at 2015-07-08 22:45:10 Running from C:\Users\Kuba\Desktop\Nowy folder Boot Mode: Normal ========================================================== ==================== Accounts: ============================= Administrator (S-1-5-21-4210197690-3277502692-2936419266-500 - Administrator - Disabled) ASPNET (S-1-5-21-4210197690-3277502692-2936419266-1004 - Limited - Enabled) Gość (S-1-5-21-4210197690-3277502692-2936419266-501 - Limited - Enabled) => C:\Users\Gość HomeGroupUser$ (S-1-5-21-4210197690-3277502692-2936419266-1002 - Limited - Enabled) Kuba (S-1-5-21-4210197690-3277502692-2936419266-1001 - Administrator - Enabled) => C:\Users\Kuba ==================== Security Center ======================== (If an entry is included in the fixlist, it will be removed.) AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B} AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736} FW: (Disabled) {F20EB802-E8F1-2672-C701-E680BB11EFAB} ==================== Installed Programs ====================== (Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.) 7-Zip 9.22 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0922-000001000000}) (Version: 9.22.00.0 - Igor Pavlov) Accent RAR Password Recovery (HKLM\...\{DFAF45CA-0089-4AB9-AFD5-FBB9610F48AB}) (Version: 3.0.48.2927 - Passcovery Co. Ltd.) Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 18.0.0.180 - Adobe Systems Incorporated) Adobe Flash Player 18 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 18.0.0.194 - Adobe Systems Incorporated) Adobe Flash Player 18 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 18.0.0.194 - Adobe Systems Incorporated) Adobe Reader XI (11.0.10) - Polish (HKLM-x32\...\{AC76BA86-7AD7-1045-7B44-AB0000000001}) (Version: 11.0.10 - Adobe Systems Incorporated) Aktualizacja produktu Microsoft Office Excel 2007 Help (KB963678) (HKLM-x32\...\{90120000-0016-0415-0000-0000000FF1CE}_HOMESTUDENTR_{04E205D6-88B1-4652-B162-42DF2C3B1228}) (Version: - Microsoft) Aktualizacja produktu Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM-x32\...\{90120000-0018-0415-0000-0000000FF1CE}_HOMESTUDENTR_{442ECBCF-94A7-48CC-8CD9-D31FFFD5FA86}) (Version: - Microsoft) Aktualizacja produktu Microsoft Office Word 2007 Help (KB963665) (HKLM-x32\...\{90120000-001B-0415-0000-0000000FF1CE}_HOMESTUDENTR_{128A36ED-21BE-4547-9FFE-5B85AEC735DD}) (Version: - Microsoft) AnyProtect (HKLM-x32\...\AnyProtect) (Version: 1.0.0.4 - CMI Limited) <==== ATTENTION Avast Free Antivirus (HKLM-x32\...\Avast) (Version: 10.2.2218 - AVAST Software) Cheat Engine 6.4 (HKLM-x32\...\Cheat Engine 6.4_is1) (Version: - Cheat Engine) Cities Skylines (HKLM-x32\...\Cities Skylines_is1) (Version: - ) Cortex Command (HKLM-x32\...\Steam App 209670) (Version: - Data Realms) CraftTheWorld 1.0 (HKLM-x32\...\CraftTheWorld 1.0) (Version: 1.0 - Čăđű íŕ Cat-A-Cat.NET) Detektor Winampa (HKU\S-1-5-21-4210197690-3277502692-2936419266-1001\...\Winamp Detect) (Version: 1.0.0.1 - Nullsoft, Inc) Earth 2160 (HKLM-x32\...\Earth 2160) (Version: 1.01 Eng - Zuxxez Entertainment AG) Factorio version 0.11.22 (HKLM\...\Factorio_is1) (Version: - ) Fotogalerija Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Galeria de Fotografias do Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Galería fotográfica de Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Galeria fotogràfica del Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Galeria fotografii usługi Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Galerie de photos Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Galerie foto Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden GamesDesktop 008.005010025 (HKLM-x32\...\gmsd_pl_005010025_is1) (Version: - GAMESDESKTOP) <==== ATTENTION Gear Up (HKLM-x32\...\Steam App 214420) (Version: - Doctor Entertainment AB) Google Chrome (HKLM-x32\...\Google Chrome) (Version: 43.0.2357.132 - Google Inc.) Google Update Helper (x32 Version: 1.3.21.169 - Google Inc.) Hidden Google Update Helper (x32 Version: 1.3.27.5 - Google Inc.) Hidden Hellgate: London (HKLM\...\{A2B4455D-1046-4732-BFBC-0821BEFC07BC}) (Version: 1.10.180.3416 - Flagship Studios) HF pAppLoc version 1.1.1 (HKLM-x32\...\{9143B17E-BBDE-4EA7-A4E3-20D384D9C8A5}_is1) (Version: 1.1.1 - Inquisitor) istartsurf uninstall (HKLM-x32\...\istartsurf uninstall) (Version: - istartsurf) <==== ATTENTION Java 8 Update 45 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86418045F0}) (Version: 8.0.450 - Oracle Corporation) Java 8 Update 45 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218045F0}) (Version: 8.0.450 - Oracle Corporation) McAfee Security Scan Plus (HKLM\...\McAfee Security Scan) (Version: 3.8.150.1 - McAfee, Inc.) Metric Collection SDK 35 (x32 Version: 1.2.0006.00 - Lenovo Group Limited) Hidden Microsoft .NET Framework 1.1 (HKLM-x32\...\{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}) (Version: 1.1.4322 - Microsoft) Microsoft .NET Framework 4.5.1 (Polski) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1045) (Version: 4.5.50938 - Microsoft Corporation) Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation) Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{D1B01DC9-CBAF-45F9-A387-7D00C11B630E}) (Version: 1.2.0238 - Microsoft Corporation) Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft) Microsoft Office 2010 (HKLM-x32\...\{95140000-0070-0000-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation) Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation) Microsoft Office Home and Student 2007 (HKLM-x32\...\HOMESTUDENTR) (Version: 12.0.6612.1000 - Microsoft Corporation) Microsoft Office Starter 2010 - Polski (HKLM-x32\...\{90140011-0066-0415-0000-0000000FF1CE}) (Version: 14.0.5131.5000 - Microsoft Corporation) Microsoft PowerPoint Packages (HKU\S-1-5-21-4210197690-3277502692-2936419266-1001\...\Microsoft PowerPoint Packages) (Version: - ) <==== ATTENTION Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.40416.0 - Microsoft Corporation) Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{7f51bdb9-ee21-49ee-94d6-90afc321780e}) (Version: 12.0.21005.1 - Microsoft Corporation) Microsoft Windows Application Compatibility Database (HKLM\...\{deb7008b-681e-4a4a-8aae-cc833e8216ce}.sdb) (Version: - ) Microsoft XNA Framework Redistributable 4.0 Refresh (HKLM-x32\...\{D69C8EDE-BBC5-436B-8E0E-C5A6D311CF4F}) (Version: 4.0.30901.0 - Microsoft Corporation) Moduł Szybka instalacja pakietu Microsoft Office 2010 (HKLM-x32\...\Office14.Click2Run) (Version: 14.0.4763.1000 - Microsoft Corporation) Moduł Szybka instalacja pakietu Microsoft Office 2010 (Version: 14.0.4763.1000 - Microsoft Corporation) Hidden NVIDIA PhysX (HKLM-x32\...\{7B5AA67E-FEA0-40BB-BAB5-CA56645A589C}) (Version: 9.13.0725 - NVIDIA Corporation) OpenAL (HKLM-x32\...\OpenAL) (Version: - ) Outpost Firewall Pro 9.1 (HKLM\...\Agnitum Outpost Firewall Pro_is1) (Version: 9.1 - Agnitum, Ltd.) piaip AppLocale (HKLM-x32\...\{394BE3D9-7F57-4638-A8D1-1D88671913B7}) (Version: 1.0.0 - MS) Poczta usługi Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Podstawowe programy Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Pošta Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden QuickTime 7 (HKLM-x32\...\{627FFC10-CE0A-497F-BA2B-208CAC638010}) (Version: 7.77.80.95 - Apple Inc.) Raccolta foto di Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Robocraft (HKLM-x32\...\Steam App 301520) (Version: - Freejam) Robocraft version 0.3.290 (HKU\S-1-5-21-4210197690-3277502692-2936419266-1001\...\{9F101691-69D3-422E-BB5C-8CAD7110781B}_is1) (Version: 0.3.290 - Freejam) RPGツクール2000 ランタイムパッケージ (HKLM-x32\...\{33F7A957-A66D-45A1-BADF-6576083B14E2}) (Version: - ) Setup (HKLM-x32\...\{7ADF667E-E14D-4D2C-827C-B0108F0D93BC}) (Version: - ) SmartWeb (HKLM-x32\...\SmartWeb) (Version: 8.0.9 - SoftBrain Technologies Ltd.) <==== ATTENTION Sony PC Companion 2.10.251 (HKLM-x32\...\{F09EF8F2-0976-42C1-8D9D-8DF78337C6E3}) (Version: 2.10.251 - Sony) Space Rangers 2 (HKLM-x32\...\{4D279635-AB06-41F1-9653-2BAE578B1446}_is1) (Version: - 1C Company) StarDrive 2 (HKLM-x32\...\StarDrive 2_is1) (Version: - ) Terraria (HKLM-x32\...\Steam App 105600) (Version: - Re-Logic) Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft) Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3508.1109 - Microsoft Corporation) WinRAR 5.20 (64-bitowy) (HKLM\...\WinRAR archiver) (Version: 5.20.0 - win.rar GmbH) Zeus Pan Olimpu - Złota Edycja (HKLM-x32\...\{9F08B250-6805-4CBA-8014-6D927767A3F6}) (Version: 2.0 - VUGames) Συλλογή φωτογραφιών του Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Основные компоненты Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Почта Windows Live (x32 Version: 15.4.3502.0922 - Корпорация Майкрософт) Hidden Фотоальбом Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Фотогалерия на Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden גלריית התמונות של Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden بريد Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden معرض صور Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden ==================== Custom CLSID (Whitelisted): ========================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) CustomCLSID: HKU\S-1-5-21-4210197690-3277502692-2936419266-1001_Classes\CLSID\{0F22A205-CFB0-4679-8499-A6F44A80A208}\InprocServer32 -> C:\Users\Kuba\AppData\Local\Google\Update\1.3.25.5\psuser_64.dll No File CustomCLSID: HKU\S-1-5-21-4210197690-3277502692-2936419266-1001_Classes\CLSID\{355EC88A-02E2-4547-9DEE-F87426484BD1}\InprocServer32 -> C:\Users\Kuba\AppData\Local\Google\Update\1.3.23.9\psuser_64.dll No File CustomCLSID: HKU\S-1-5-21-4210197690-3277502692-2936419266-1001_Classes\CLSID\{90B3DFBF-AF6A-4EA0-8899-F332194690F8}\InprocServer32 -> C:\Users\Kuba\AppData\Local\Google\Update\1.3.24.15\psuser_64.dll No File CustomCLSID: HKU\S-1-5-21-4210197690-3277502692-2936419266-1001_Classes\CLSID\{C3BC25C0-FCD3-4F01-AFDD-41373F017C9A}\InprocServer32 -> C:\Users\Kuba\AppData\Local\Google\Update\1.3.26.9\psuser_64.dll No File CustomCLSID: HKU\S-1-5-21-4210197690-3277502692-2936419266-1001_Classes\CLSID\{D0336C0B-7919-4C04-8CCE-2EBAE2ECE8C9}\InprocServer32 -> C:\Users\Kuba\AppData\Local\Google\Update\1.3.25.11\psuser_64.dll No File CustomCLSID: HKU\S-1-5-21-4210197690-3277502692-2936419266-1001_Classes\CLSID\{FE498BAB-CB4C-4F88-AC3F-3641AAAF5E9E}\InprocServer32 -> C:\Users\Kuba\AppData\Local\Google\Update\1.3.24.7\psuser_64.dll No File ==================== Restore Points ========================= 08-07-2015 19:55:45 Zaplanowany punkt kontrolny ==================== Hosts content: =============================== (If needed Hosts: directive could be included in the fixlist to reset Hosts.) 2009-07-14 04:34 - 2013-09-03 17:19 - 00000833 ____A C:\Windows\system32\Drivers\etc\hosts ==================== Scheduled Tasks (Whitelisted) ============= (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) Task: {0EB45812-50FB-4FFC-8854-1CB507722678} - System32\Tasks\{342D25EC-1B49-42FD-B7E9-7145692D888D} => pcalua.exe -a "C:\Users\Kuba\Desktop\‌\HAC\Advanced RAR Password Recovery.exe" -d C:\Users\Kuba\Desktop\‌\HAC Task: {15955B6A-30B5-4E13-80F7-E023D08B31D4} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-07-08] (Adobe Systems Incorporated) Task: {1D9B0FD1-BBA3-4994-950F-9E0766DA6A3E} - System32\Tasks\{60938517-7198-4632-B31E-627AFFB697CF} => pcalua.exe -a "C:\Users\Kuba\AppData\Roaming\.minecraft\mods\Millienarie\Millenaire Installer\Millenaire Installer\Millenaire Installer.exe" -d "C:\Users\Kuba\AppData\Roaming\.minecraft\mods\Millienarie\Millenaire Installer\Millenaire Installer" Task: {25BFC405-B8E7-434C-88E2-15F9ABF125A4} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2012-06-22] (Piriform Ltd) Task: {262A98A8-92F6-4D21-B9F2-E9374124A7C0} - System32\Tasks\clear.fiAgent => C:\Program Files (x86)\Acer\clear.fi\MVP\clear.fiAgent.exe [2011-02-22] (CyberLink Corp.) Task: {30082EF5-A046-469C-BE97-47E3B72950FA} - System32\Tasks\Z9e8sf5IR => C:\Users\Kuba\AppData\Roaming\Z9e8sf5IR.exe [2015-04-20] () <==== ATTENTION Task: {431C336E-9C08-4958-B304-176FB64D1346} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-07-08] (Google Inc.) Task: {5B0A3B9E-4EAB-46A4-8ECC-05F7296ACABE} - System32\Tasks\{72DA383E-A4FD-4E2B-8912-E54985296802} => C:\Program Files\Alien Shooter\AlienShooter.exe Task: {5C942021-AD14-4C9F-A01F-D3D03C3D573A} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2015-07-01] (Avast Software s.r.o.) Task: {5DE3451F-7FE6-4DD6-A1A6-CED5BA2E2C5E} - System32\Tasks\{74510947-0BD2-4A19-BE4A-6FD6CD48DE17} => pcalua.exe -a C:\Users\Kuba\Desktop\‌\HAC\setup.exe -d C:\Users\Kuba\Desktop\‌\HAC Task: {7D2CD53F-E29D-4DA3-B6ED-CFBE3A304B54} - System32\Tasks\APSnotifierPP1 => C:\Program Files (x86)\AnyProtectEx\AnyProtect.exe [2015-07-08] (AnyProtect.com) <==== ATTENTION Task: {84CDA21A-FC4D-4D67-BD6E-9FB819A12ECE} - System32\Tasks\AVG-Secure-Search-Update_JUNE2013_HP_rmv => C:\Windows\TEMP\{8ED5B068-5C53-4271-BEAA-65F32721B994}.exe Task: {8D2EE920-23E2-45D3-8B2C-3F570B9F4BAD} - System32\Tasks\{AD476E19-CB3D-490E-86E7-ED7ADEFE1F4A} => C:\Program Files\Alien Shooter\AlienShooter.exe Task: {8F103A23-3D74-4175-9109-37182F7514B4} - System32\Tasks\{6ED160D8-EA14-4257-A423-A13BE338F8D3} => C:\Program Files\Alien Shooter\AlienShooter.exe Task: {97E3A1E2-848B-4157-9FB3-AE1E3FE0AAD5} - System32\Tasks\APSnotifierPP2 => C:\Program Files (x86)\AnyProtectEx\AnyProtect.exe [2015-07-08] (AnyProtect.com) <==== ATTENTION Task: {9B24897A-388A-430B-93AA-E92A9D002666} - System32\Tasks\{3722E32A-D10C-47C5-88B2-225BC15B6355} => C:\Program Files\Alien Shooter\AlienShooter.exe Task: {9C521B8D-26E6-4240-8DFC-E1793389BD07} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-07-08] (Google Inc.) Task: {B6C853E8-B6AE-4AB9-BAE4-47F39EBA84B5} - System32\Tasks\APSnotifierPP3 => C:\Program Files (x86)\AnyProtectEx\AnyProtect.exe [2015-07-08] (AnyProtect.com) <==== ATTENTION Task: {B7931374-F049-437F-BB99-FDE5DC7412C7} - System32\Tasks\clear.fi => C:\Program Files (x86)\Acer\clear.fi\MVP\clear.fi.exe [2011-05-20] (Acer Incorporated) Task: {B7EDD279-9BEE-49AE-B294-F7DD45DA9D68} - System32\Tasks\DMREngine => C:\Program Files (x86)\Acer\clear.fi\MVP\.\Kernel\DMR\DMREngine.exe [2011-05-20] (CyberLink) Task: {C38C8713-6FC8-44D9-8DF5-BA81C879A347} - System32\Tasks\{CE30E140-EF1F-48F3-A446-84A1B8B3F896} => pcalua.exe -a D:\cda_menu.exe -d D:\ Task: {CFD06470-0D42-4E4E-B747-6796C31C59F9} - System32\Tasks\AVG-Secure-Search-Update_JUNE2013_TB_rmv => C:\Windows\TEMP\{0B4E20CD-8DA2-4539-AED8-16094F3580DE}.exe Task: {E79B7989-60E0-46CA-9C28-B17F2801289C} - System32\Tasks\veVNOUyn6maUmgP => C:\Users\Kuba\AppData\Roaming\veVNOUyn6maUmgP.exe [2015-04-20] () <==== ATTENTION Task: {F63B190E-97D4-40AA-83C1-B28C10BFE297} - System32\Tasks\SmartWeb Upgrade Trigger Task => C:\Users\Kuba\AppData\Local\SmartWeb\SmartWebHelper.exe [2015-02-17] (SoftBrain Technologies Ltd.) <==== ATTENTION Task: {F79D406F-D651-42CF-906B-1AF6D5F8F58A} - System32\Tasks\Lenovo\Lenovo Customer Feedback Program 64 35 => C:\Program Files (x86)\Lenovo\Customer Feedback Program 35\Lenovo.TVT.CustomerFeedback.Agent35.exe [2014-09-10] (Lenovo) Task: {FD4D1BEE-24EA-48DA-9D6B-3A7B7CE13F07} - System32\Tasks\{C299A6C4-78B5-442E-BEF8-B6456F21055D} => pcalua.exe -a C:\Users\Kuba\Desktop\Ikony\Gry\Minecraft\Minecraft_Beta_Cracked_v1.7.3.exe -d C:\Users\Kuba\Desktop\Ikony\Gry\Minecraft Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe Task: C:\Windows\Tasks\APSnotifierPP1.job => C:\Program Files (x86)\AnyProtectEx\AnyProtect.exe <==== ATTENTION Task: C:\Windows\Tasks\APSnotifierPP2.job => C:\Program Files (x86)\AnyProtectEx\AnyProtect.exe <==== ATTENTION Task: C:\Windows\Tasks\APSnotifierPP3.job => C:\Program Files (x86)\AnyProtectEx\AnyProtect.exe <==== ATTENTION Task: C:\Windows\Tasks\AVG-Secure-Search-Update_JUNE2013_HP_rmv.job => C:\Windows\TEMP\{8ED5B068-5C53-4271-BEAA-65F32721B994}.exe <==== ATTENTION Task: C:\Windows\Tasks\AVG-Secure-Search-Update_JUNE2013_TB_rmv.job => C:\Windows\TEMP\{0B4E20CD-8DA2-4539-AED8-16094F3580DE}.exe <==== ATTENTION Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\veVNOUyn6maUmgP.job => C:\Users\Kuba\AppData\Roaming\veVNOUyn6maUmgP.exe <==== ATTENTION Task: C:\Windows\Tasks\Z9e8sf5IR.job => C:\Users\Kuba\AppData\Roaming\Z9e8sf5IR.exe <==== ATTENTION ==================== Loaded Modules (Whitelisted) ============== 2014-05-07 19:21 - 2013-11-04 11:22 - 00241232 _____ () C:\ProgramData\MobileBrServ\mbbservice.exe 2012-02-01 17:05 - 2013-12-25 21:16 - 00075136 _____ () C:\Windows\SysWOW64\PnkBstrA.exe 2015-07-06 16:05 - 2015-07-06 16:05 - 00591360 _____ () C:\Users\Kuba\AppData\Roaming\B661E556-1436193973-E011-AB32-B870F48BF876\knsr67D0.tmpfs 2015-07-06 16:46 - 2015-07-06 16:46 - 00165376 _____ () C:\Users\Kuba\AppData\Roaming\B661E556-1436193973-E011-AB32-B870F48BF876\hnsr9E62.tmp 2015-07-08 21:42 - 2015-07-08 11:03 - 03287696 _____ () C:\Users\Kuba\AppData\Local\gmsd_pl_005010025\upgmsd_pl_005010025.exe 2013-11-24 20:50 - 2013-07-26 20:21 - 00459008 _____ () C:\Program Files (x86)\4G Hostless Modem\PLAY ONLINE\CheckNDISPort_df.exe 2013-11-24 20:50 - 2013-07-26 20:21 - 00446208 _____ () C:\Program Files (x86)\4G Hostless Modem\PLAY ONLINE\CancelAutoPlay_df.exe 2014-01-10 07:26 - 2014-01-10 07:26 - 01861968 _____ () C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe 2015-07-08 21:42 - 2015-07-08 11:03 - 03988112 _____ () C:\Program Files (x86)\gmsd_pl_005010025\gmsd_pl_005010025.exe 2011-10-13 07:52 - 2011-10-13 07:52 - 00369152 _____ () C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.CrossDisplay.Graphics.Dashboard.dll 2011-03-14 14:21 - 2011-03-14 14:21 - 00016384 _____ () C:\Program Files (x86)\ATI Technologies\ATI.ACE\Branding\Branding.dll 2015-07-01 22:13 - 2015-07-01 22:13 - 00104400 _____ () C:\Program Files\AVAST Software\Avast\log.dll 2015-07-01 22:13 - 2015-07-01 22:13 - 00081728 _____ () C:\Program Files\AVAST Software\Avast\JsonRpcServer.dll 2015-07-08 21:28 - 2015-07-08 21:28 - 02956288 _____ () C:\Program Files\AVAST Software\Avast\defs\15070801\algo.dll 2011-03-09 19:13 - 2011-03-09 19:13 - 00465640 _____ () C:\Program Files (x86)\NTI\Acer Backup Manager\sqlite3.dll 2011-03-09 19:12 - 2011-03-09 19:12 - 01081664 _____ () C:\Program Files (x86)\NTI\Acer Backup Manager\ACE.dll 2011-03-09 19:12 - 2011-03-09 19:12 - 00125760 _____ () C:\Program Files (x86)\NTI\Acer Backup Manager\MailConverter32.dll 2011-05-20 11:13 - 2011-05-20 11:13 - 00206216 _____ () C:\Program Files (x86)\Acer\clear.fi\MVP\Kernel\DMR\CLNetMediaDMA.dll 2014-01-10 07:28 - 2014-01-10 07:28 - 00100688 _____ () C:\Program Files (x86)\DivX\DivX Update\DivXUpdateCheck.dll 2015-07-01 22:13 - 2015-07-01 22:13 - 40540672 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll 2014-10-16 17:47 - 2014-10-16 17:47 - 00169472 _____ () C:\Windows\assembly\NativeImages_v2.0.50727_32\IsdiInterop\ba8588c3319d63350220ec2ac3eb2c36\IsdiInterop.ni.dll 2011-04-20 09:47 - 2010-09-13 18:28 - 00058880 _____ () C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IsdiInterop.dll 2012-12-05 08:33 - 2012-12-05 08:33 - 01241088 _____ () C:\Program Files (x86)\ManyCam\Bin\opencv_imgproc220.dll 2012-12-05 08:33 - 2012-12-05 08:33 - 02010624 _____ () C:\Program Files (x86)\ManyCam\Bin\opencv_core220.dll 2015-07-08 21:33 - 2015-07-07 05:49 - 01281864 _____ () C:\Program Files (x86)\Google\Chrome\Application\43.0.2357.132\libglesv2.dll 2015-07-08 21:33 - 2015-07-07 05:49 - 00080712 _____ () C:\Program Files (x86)\Google\Chrome\Application\43.0.2357.132\libegl.dll 2015-07-08 21:33 - 2015-07-07 05:49 - 16285512 _____ () C:\Program Files (x86)\Google\Chrome\Application\43.0.2357.132\PepperFlash\pepflashplayer.dll ==================== Alternate Data Streams (Whitelisted) ========= (If an entry is included in the fixlist, only the ADS will be removed.) AlternateDataStreams: C:\ProgramData\Temp:C46995DA ==================== Safe Mode (Whitelisted) =================== (If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.) HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\acssrv => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\acssrv => ""="Service" ==================== EXE Association (Whitelisted) =============== (If an entry is included in the fixlist, the registry item will be restored to default or removed.) ==================== Internet Explorer trusted/restricted =============== (If an entry is included in the fixlist, it will be removed from the registry.) ==================== Other Areas ============================ (Currently there is no automatic fix for this section.) HKU\S-1-5-21-4210197690-3277502692-2936419266-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Kuba\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg DNS Servers: 192.168.0.1 ==================== MSCONFIG/TASK MANAGER disabled items == (Currently there is no automatic fix for this section.) MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^McAfee Security Scan Plus.lnk => C:\Windows\pss\McAfee Security Scan Plus.lnk.CommonStartup MSCONFIG\startupreg: Adobe ARM => "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" MSCONFIG\startupreg: ALLUpdate => "C:\Program Files (x86)\ALLPlayer\ALLUpdate.exe" "sleep" MSCONFIG\startupreg: ArcadeMovieService => "C:\Program Files (x86)\Acer\clear.fi\Movie\clear.fiMovieService.exe" MSCONFIG\startupreg: DAEMON Tools Lite => "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun MSCONFIG\startupreg: Sony PC Companion => "C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanion.exe" /Background MSCONFIG\startupreg: WinampAgent => "C:\Program Files (x86)\Winamp\winampa.exe" ==================== FirewallRules (Whitelisted) =============== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) FirewallRules: [{00D28DA9-214B-4D40-BE5F-7CF47CF84C88}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe FirewallRules: [{CD1C5866-0FFC-4554-BFD5-8F1127A48257}] => (Allow) LPort=2869 FirewallRules: [{F20B317C-7057-4F42-AC80-E094A042834B}] => (Allow) LPort=1900 FirewallRules: [{3B184E2C-F802-4DF6-8D27-0126AE333B59}] => (Allow) C:\Program Files (x86)\Windows Live\Mesh\MOE.exe FirewallRules: [{3BB0F7D8-C698-4353-93C7-997555C5A46A}] => (Allow) C:\Program Files (x86)\Acer\clear.fi\MVP\clear.fi.exe FirewallRules: [{F0A2F786-BB70-48EE-B92D-A7A4564193DE}] => (Allow) C:\Program Files (x86)\Acer\clear.fi\MVP\clear.fiAgent.exe FirewallRules: [{A9FAABB2-EADF-4583-BCDF-CD1D7087DCE6}] => (Allow) C:\Program Files (x86)\Acer\clear.fi\MVP\Kernel\CLML\CLMLSvc.exe FirewallRules: [{66B143A8-C0B6-4F83-A92C-93256703C7B0}] => (Allow) C:\Program Files (x86)\Acer\clear.fi\MVP\Kernel\DMR\DMREngine.exe FirewallRules: [{187844DD-9FAC-4E71-9C38-E00946AB1F04}] => (Allow) C:\Program Files (x86)\Acer\clear.fi\MVP\Kernel\DMR\DMREngine.exe FirewallRules: [{F3AB6822-96A2-4B53-A108-87C3CE7187C1}] => (Block) C:\Program Files (x86)\Acer\clear.fi\MVP\Kernel\DMR\DMREngine.exe FirewallRules: [{9930FC68-5BFE-4A4B-AC1C-8A884C6960FF}] => (Allow) C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe FirewallRules: [TCP Query User{A8D61A0A-C41E-4B2A-9FC6-3E0C858B72BB}C:\program files (x86)\symantec\norton online backup\nobuclient.exe] => (Allow) C:\program files (x86)\symantec\norton online backup\nobuclient.exe FirewallRules: [UDP Query User{8F74B7CB-5DA9-4EB3-8761-C14CC5376CC6}C:\program files (x86)\symantec\norton online backup\nobuclient.exe] => (Allow) C:\program files (x86)\symantec\norton online backup\nobuclient.exe FirewallRules: [{DEAF35C3-0254-4234-86B6-4C0D589C6F3C}] => (Block) C:\program files (x86)\symantec\norton online backup\nobuclient.exe FirewallRules: [{20BB74BB-7AC9-499E-891A-227DDB6AF51C}] => (Block) C:\program files (x86)\symantec\norton online backup\nobuclient.exe FirewallRules: [{21B4549B-91C2-4055-88F4-8E95D66CA747}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe FirewallRules: [{7C0462F3-01EC-4172-B764-C31AB323E3E9}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe FirewallRules: [TCP Query User{5807805B-5255-455B-B05D-5DFE208FED87}C:\program files (x86)\gamespy\comrade\comrade.exe] => (Allow) C:\program files (x86)\gamespy\comrade\comrade.exe FirewallRules: [UDP Query User{9A2B1889-49AA-46B8-A128-EA94B0E834C1}C:\program files (x86)\gamespy\comrade\comrade.exe] => (Allow) C:\program files (x86)\gamespy\comrade\comrade.exe FirewallRules: [{6283DE2E-0C92-498A-A4F0-27373A66D0DE}] => (Allow) C:\Program Files (x86)\Deep Silver\S.T.A.L.K.E.R. - Clear Sky\bin\xrEngine.exe FirewallRules: [{4FECA1E3-1614-4586-B70A-DF5B1AB1D4C3}] => (Allow) C:\Program Files (x86)\Deep Silver\S.T.A.L.K.E.R. - Clear Sky\bin\xrEngine.exe FirewallRules: [{C8076CC4-8740-485A-9783-6917364C683F}] => (Allow) C:\Program Files (x86)\Deep Silver\S.T.A.L.K.E.R. - Clear Sky\bin\dedicated\xrEngine.exe FirewallRules: [{133F8F90-1086-4F7B-8F14-205EC0132FCE}] => (Allow) C:\Program Files (x86)\Deep Silver\S.T.A.L.K.E.R. - Clear Sky\bin\dedicated\xrEngine.exe FirewallRules: [TCP Query User{7EFFB253-5966-421C-9CCD-1E2AB3B4329F}C:\program files (x86)\sierra\empire earth\empire earth.exe] => (Block) C:\program files (x86)\sierra\empire earth\empire earth.exe FirewallRules: [UDP Query User{5EB58749-10EB-496E-B36A-9E8CFB66E506}C:\program files (x86)\sierra\empire earth\empire earth.exe] => (Block) C:\program files (x86)\sierra\empire earth\empire earth.exe FirewallRules: [TCP Query User{9278D0C6-D0B3-4F76-988D-7ADB903EC401}C:\program files (x86)\sierra\empire earth - sztuka podboju\ee-aoc.exe] => (Allow) C:\program files (x86)\sierra\empire earth - sztuka podboju\ee-aoc.exe FirewallRules: [UDP Query User{D3B4F0A0-A411-4EA0-BDBD-5678912992EA}C:\program files (x86)\sierra\empire earth - sztuka podboju\ee-aoc.exe] => (Allow) C:\program files (x86)\sierra\empire earth - sztuka podboju\ee-aoc.exe FirewallRules: [TCP Query User{3ADAEEF3-EF9E-483A-825F-D6BE9B227C4C}C:\games\world_of_tanks\wotlauncher.exe] => (Allow) C:\games\world_of_tanks\wotlauncher.exe FirewallRules: [UDP Query User{E14DBCFC-8BA6-471E-86B0-D0B9C7CA3CD4}C:\games\world_of_tanks\wotlauncher.exe] => (Allow) C:\games\world_of_tanks\wotlauncher.exe FirewallRules: [TCP Query User{BB6B72D7-0C80-4569-B363-C3791144D570}C:\games\world_of_tanks\worldoftanks.exe] => (Allow) C:\games\world_of_tanks\worldoftanks.exe FirewallRules: [UDP Query User{7B42B70C-3AE0-4B3E-88D3-8C9DBE1E9429}C:\games\world_of_tanks\worldoftanks.exe] => (Allow) C:\games\world_of_tanks\worldoftanks.exe FirewallRules: [{ACDE8480-131B-41D8-A0EB-E902B209C000}] => (Allow) C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe FirewallRules: [{948605D2-4A8E-4602-9FBA-65B4C03275AE}] => (Allow) C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe FirewallRules: [{7FAA4FD6-5C8A-4555-8AB8-3C841DD375C9}] => (Allow) C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe FirewallRules: [{05FC8F6D-0DCB-4463-9E38-BB8B455C6C9B}] => (Allow) C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe FirewallRules: [{5617356B-50C9-423F-A8F9-D9C0254AB376}] => (Allow) C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe FirewallRules: [TCP Query User{95CF1C84-5067-4F6E-A166-FA46D58B1F94}C:\unrealtournament\system\unrealtournament.exe] => (Block) C:\unrealtournament\system\unrealtournament.exe FirewallRules: [UDP Query User{37B260F8-3570-4FC3-A56C-5799A6F6055C}C:\unrealtournament\system\unrealtournament.exe] => (Block) C:\unrealtournament\system\unrealtournament.exe FirewallRules: [{93E746F9-8C97-4BDB-8C3B-B2E951E139B1}] => (Allow) C:\Program Files (x86)\YourFileDownloader\Downloader.exe FirewallRules: [{9A590A4E-A845-4834-B202-375509963671}] => (Allow) C:\Program Files (x86)\YourFileDownloader\Downloader.exe FirewallRules: [{7AF1D98F-4409-489D-A6F6-642A743256C3}] => (Allow) C:\Program Files (x86)\YourFileDownloader\YourFile.exe FirewallRules: [{885863E6-E751-49D5-81F0-E6120D343F90}] => (Allow) C:\Program Files (x86)\YourFileDownloader\YourFile.exe FirewallRules: [{3E687A34-3224-4311-8DDC-7F33B63DA641}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\UbisoftGameLauncher.exe FirewallRules: [{B8A0F947-39D4-4E1F-923B-F51CF107EC3C}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\UbisoftGameLauncher.exe FirewallRules: [TCP Query User{E38AAE58-3691-4E85-A8FE-7C8504EC0C8E}C:\program files\java\jre7\bin\java.exe] => (Allow) C:\program files\java\jre7\bin\java.exe FirewallRules: [UDP Query User{CF67C647-50A0-428E-A7B5-71660C90D9A2}C:\program files\java\jre7\bin\java.exe] => (Allow) C:\program files\java\jre7\bin\java.exe FirewallRules: [TCP Query User{3553CFA1-CF1F-44D2-ADC0-7EDFFC3F9467}C:\program files\java\jre7\bin\javaw.exe] => (Allow) C:\program files\java\jre7\bin\javaw.exe FirewallRules: [UDP Query User{A92E3A7C-A3A8-42AA-941E-3D9142F02865}C:\program files\java\jre7\bin\javaw.exe] => (Allow) C:\program files\java\jre7\bin\javaw.exe FirewallRules: [TCP Query User{7DC8A27C-BEB9-4018-B277-0BB96C3D7B0C}C:\program files (x86)\postal 10th anniversary\system\postal2.exe] => (Allow) C:\program files (x86)\postal 10th anniversary\system\postal2.exe FirewallRules: [UDP Query User{11D3ADEB-4481-4535-81F8-52D18AE329FA}C:\program files (x86)\postal 10th anniversary\system\postal2.exe] => (Allow) C:\program files (x86)\postal 10th anniversary\system\postal2.exe FirewallRules: [TCP Query User{BDB5C167-69D5-403C-9D93-22361A19E7B0}C:\users\kuba\appdata\local\apps\2.0\jx8r3tt0.ymg\zncc4jxw.zg9\laun...app_59711684aa47878d_0001.0021_dcaf1d5f83ef35d0\launcher.exe] => (Allow) C:\users\kuba\appdata\local\apps\2.0\jx8r3tt0.ymg\zncc4jxw.zg9\laun...app_59711684aa47878d_0001.0021_dcaf1d5f83ef35d0\launcher.exe FirewallRules: [UDP Query User{72B59ABC-828F-46EC-95E1-DAD0854046DA}C:\users\kuba\appdata\local\apps\2.0\jx8r3tt0.ymg\zncc4jxw.zg9\laun...app_59711684aa47878d_0001.0021_dcaf1d5f83ef35d0\launcher.exe] => (Allow) C:\users\kuba\appdata\local\apps\2.0\jx8r3tt0.ymg\zncc4jxw.zg9\laun...app_59711684aa47878d_0001.0021_dcaf1d5f83ef35d0\launcher.exe FirewallRules: [TCP Query User{93599EC0-2AE3-45C8-947E-047EC2E2BB78}C:\program files (x86)\winamp\winamp.exe] => (Block) C:\program files (x86)\winamp\winamp.exe FirewallRules: [UDP Query User{BF8C0115-8632-4D63-A6BF-58588C4A58E7}C:\program files (x86)\winamp\winamp.exe] => (Block) C:\program files (x86)\winamp\winamp.exe FirewallRules: [{CFC3FD64-59F2-4A0A-91A9-CAB55D9D0AFF}] => (Allow) C:\Program Files (x86)\Sony Ericsson\Update Engine\Sony Ericsson Update Engine.exe FirewallRules: [{C9325B2C-1D29-4CBD-823E-C12C22AA1E0E}] => (Allow) C:\Program Files (x86)\Sony Ericsson\Update Engine\Sony Ericsson Update Engine.exe FirewallRules: [TCP Query User{AE7FC753-6895-471A-8D6C-1439BB45DE19}C:\users\kuba\desktop\freeware\don t staeve\dont starve\space engineers v01.003.007\spaceengineers.exe] => (Allow) C:\users\kuba\desktop\freeware\don t staeve\dont starve\space engineers v01.003.007\spaceengineers.exe FirewallRules: [UDP Query User{AEFB2324-7F6B-4DCD-B078-A8A0A043EBD4}C:\users\kuba\desktop\freeware\don t staeve\dont starve\space engineers v01.003.007\spaceengineers.exe] => (Allow) C:\users\kuba\desktop\freeware\don t staeve\dont starve\space engineers v01.003.007\spaceengineers.exe FirewallRules: [TCP Query User{E7645B11-94C5-4ADD-8CE6-15E4711258B8}C:\program files\java\jdk1.7.0_45\bin\javaw.exe] => (Allow) C:\program files\java\jdk1.7.0_45\bin\javaw.exe FirewallRules: [UDP Query User{5AD01FF7-B314-4BC3-B4FE-EB04F7A93D48}C:\program files\java\jdk1.7.0_45\bin\javaw.exe] => (Allow) C:\program files\java\jdk1.7.0_45\bin\javaw.exe FirewallRules: [{699B366F-884E-4F66-AB74-E6DDFE7BE3CF}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe FirewallRules: [{E4844141-33A1-4755-81FE-86D2617491AD}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe FirewallRules: [{1C673B11-F77C-4306-A062-7E38F10692C8}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe FirewallRules: [{C4D850B9-E812-4D5E-B2C5-7AE239629088}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe FirewallRules: [{6E231FF8-6AE1-4C02-B98E-1F0388889F27}] => (Allow) C:\Program Files\HP\HP Deskjet 3520 series\Bin\DeviceSetup.exe FirewallRules: [{FF3DC9D6-E366-4E5D-A23D-70201EC0784C}] => (Allow) C:\Program Files\HP\HP Deskjet 3520 series\Bin\HPNetworkCommunicator.exe FirewallRules: [TCP Query User{4EAA8CDC-BD2F-44C5-9D94-0DFF741638E4}C:\program files\java\jre7\bin\javaw.exe] => (Allow) C:\program files\java\jre7\bin\javaw.exe FirewallRules: [UDP Query User{39E9A93E-5DB8-4619-8797-64AF7E1E8726}C:\program files\java\jre7\bin\javaw.exe] => (Allow) C:\program files\java\jre7\bin\javaw.exe FirewallRules: [{343FB8F3-4C87-449F-A91D-61AFD4948C01}] => (Allow) C:\Program Files (x86)\THQ\Gas Powered Games\Supreme Commander\bin\SupremeCommander.exe FirewallRules: [{71891D65-026F-46EE-A527-1E1D8F2346C9}] => (Allow) C:\Program Files (x86)\THQ\Gas Powered Games\Supreme Commander\bin\SupremeCommander.exe FirewallRules: [{EF95C53B-1B2C-450E-97D0-99BDA0638B98}] => (Allow) C:\Program Files (x86)\THQ\Gas Powered Games\GPGNet\GPG.Multiplayer.Client.exe FirewallRules: [{5D4848E1-7833-4941-B619-BACCBB5F6664}] => (Allow) C:\Program Files (x86)\THQ\Gas Powered Games\GPGNet\GPG.Multiplayer.Client.exe FirewallRules: [TCP Query User{AE098212-23AA-454C-B7A5-D75E55BD9F58}C:\program files (x86)\renegade x\binaries\win32\udk.exe] => (Allow) C:\program files (x86)\renegade x\binaries\win32\udk.exe FirewallRules: [UDP Query User{F277CCBB-5E4D-4E4E-AD5E-3367B39A23BE}C:\program files (x86)\renegade x\binaries\win32\udk.exe] => (Allow) C:\program files (x86)\renegade x\binaries\win32\udk.exe FirewallRules: [TCP Query User{69AD755A-E240-498D-BE17-B93C576DD0A4}C:\westwood\renegade\game.exe] => (Allow) C:\westwood\renegade\game.exe FirewallRules: [UDP Query User{FE8D078A-E75A-41A1-8441-BE3CC4FAC037}C:\westwood\renegade\game.exe] => (Allow) C:\westwood\renegade\game.exe FirewallRules: [TCP Query User{B7EFE9C8-5047-4082-955A-DBF66E2938AE}C:\program files (x86)\wing commander saga\wcsaga_sse2.exe] => (Allow) C:\program files (x86)\wing commander saga\wcsaga_sse2.exe FirewallRules: [UDP Query User{FD8B60D8-8C38-4CA2-8686-8202B7542CA0}C:\program files (x86)\wing commander saga\wcsaga_sse2.exe] => (Allow) C:\program files (x86)\wing commander saga\wcsaga_sse2.exe FirewallRules: [{81DD883D-FB69-45C3-9AA1-9C95A2EC6C43}] => (Allow) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe FirewallRules: [{9DE3987C-0801-4247-9E07-2A7A67EC5065}] => (Allow) C:\Program Files (x86)\Microsoft Games\Age of Empires III\age3y.exe FirewallRules: [{0FAED330-945A-42CA-9ECC-DE650236F441}] => (Allow) C:\Program Files (x86)\Microsoft Games\Age of Empires III\age3y.exe FirewallRules: [{3DDF1293-FD0A-453C-BC3D-E3822FEF88B1}] => (Allow) C:\Program Files (x86)\id Software\Enemy Territory - QUAKE Wars\etqw.exe FirewallRules: [{E6384BC2-07B6-48DB-9DC6-EB5999FA33E7}] => (Allow) C:\Program Files (x86)\id Software\Enemy Territory - QUAKE Wars\etqw.exe FirewallRules: [{5ED817EC-D817-4143-80DF-B78EBBAB4099}] => (Allow) C:\Program Files (x86)\id Software\Enemy Territory - QUAKE Wars\etqwded.exe FirewallRules: [{9B771AEB-EAA5-4EFB-A59A-B9725AC1781F}] => (Allow) C:\Program Files (x86)\id Software\Enemy Territory - QUAKE Wars\etqwded.exe FirewallRules: [TCP Query User{904EF8E3-70D3-4B41-9852-38398C4E3D9A}C:\program files (x86)\forged alliance forever\faforever.exe] => (Allow) C:\program files (x86)\forged alliance forever\faforever.exe FirewallRules: [UDP Query User{8970642F-80D6-4F47-8E24-0A7B5386B674}C:\program files (x86)\forged alliance forever\faforever.exe] => (Allow) C:\program files (x86)\forged alliance forever\faforever.exe FirewallRules: [TCP Query User{B4679B44-8620-41BA-BA48-F06EF924F36C}C:\programdata\faforever\bin\forgedalliance.exe] => (Allow) C:\programdata\faforever\bin\forgedalliance.exe FirewallRules: [UDP Query User{4E57DBE2-AD5C-4671-9256-626A99D3B838}C:\programdata\faforever\bin\forgedalliance.exe] => (Allow) C:\programdata\faforever\bin\forgedalliance.exe FirewallRules: [TCP Query User{8B6362D2-D5C6-41F0-821D-7F55B2CE371B}C:\users\kuba\desktop\supcom - forged alliance\bin\forgedalliance.exe] => (Allow) C:\users\kuba\desktop\supcom - forged alliance\bin\forgedalliance.exe FirewallRules: [UDP Query User{29EAD1D2-4E7C-4025-AFBE-A353263E557B}C:\users\kuba\desktop\supcom - forged alliance\bin\forgedalliance.exe] => (Allow) C:\users\kuba\desktop\supcom - forged alliance\bin\forgedalliance.exe FirewallRules: [{31F4F3FB-B490-4187-8513-69D93A8A1535}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe FirewallRules: [{B4794EEB-E338-4E4B-9F84-2D530BBB6B70}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe FirewallRules: [TCP Query User{BB38107F-DF6A-4502-BD74-6D467611D11A}C:\program files (x86)\renegade x\binaries\win32\udk.exe] => (Allow) C:\program files (x86)\renegade x\binaries\win32\udk.exe FirewallRules: [UDP Query User{737C7F0C-DF01-4CDF-90F9-415DB7F299D7}C:\program files (x86)\renegade x\binaries\win32\udk.exe] => (Allow) C:\program files (x86)\renegade x\binaries\win32\udk.exe FirewallRules: [{EB47B408-4169-4B76-8D84-700517C60324}] => (Allow) C:\Program Files\Flagship Studios\Hellgate London\Launcher.exe FirewallRules: [{60375AFE-FA15-4D09-BBA2-E564B265D4DD}] => (Allow) C:\Program Files\Flagship Studios\Hellgate London\Launcher.exe FirewallRules: [{174C2A2A-7D14-478A-85C0-4799E66F31CD}] => (Allow) C:\Program Files (x86)\Reality Pump\Earth 2160\Earth2160_NO_SSE.exe FirewallRules: [{12E7C508-6900-4FE4-8C87-3B20594AFAFC}] => (Allow) C:\Program Files (x86)\Reality Pump\Earth 2160\Earth2160_NO_SSE.exe FirewallRules: [{49AEFB15-90EC-409C-9BF4-E0A8067949EC}] => (Allow) C:\Program Files (x86)\Reality Pump\Earth 2160\Earth2160_SSE.exe FirewallRules: [{2243C7F4-35FE-48FA-8356-746F3ECA5500}] => (Allow) C:\Program Files (x86)\Reality Pump\Earth 2160\Earth2160_SSE.exe FirewallRules: [{B8CD5A73-161A-4E2D-9611-15F54A3ED5E1}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Robocraft\Robocraft.exe FirewallRules: [{2741107A-1772-4CA9-9ACF-B4D83174E402}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Robocraft\Robocraft.exe FirewallRules: [{0BFC2BAB-7E2A-4F35-9711-9B6C904D035B}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\GearUp\bin\Traktor.Amalgam.App.exe FirewallRules: [{0D1EE2E3-394F-4503-A3BE-F46190587934}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\GearUp\bin\Traktor.Amalgam.App.exe FirewallRules: [{21E510E4-84E7-4BDA-BD92-CCF8012CBC52}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Cortex Command\Cortex Command.exe FirewallRules: [{1C9630CE-D2B3-42A3-B02B-CF94440DF588}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Cortex Command\Cortex Command.exe FirewallRules: [{596DA264-A754-4D65-857D-0972570F5CB6}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Terraria\Terraria.exe FirewallRules: [{2F8646B8-2D81-4459-99F7-F6015850C845}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Terraria\Terraria.exe FirewallRules: [{F7D5A65F-CB84-4FD0-8DAC-F7AD9C970D7A}] => (Allow) C:\Program Files\AVAST Software\Avast\ng\vbox\aswFe.exe FirewallRules: [{415CEB8E-FB1C-44F6-A437-7264F3EF5C69}] => (Allow) C:\Program Files\AVAST Software\Avast\ng\vbox\aswFe.exe FirewallRules: [{D8ACB711-3D25-49E6-9B2A-2F810B3F4CC2}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe ==================== Faulty Device Manager Devices ============= Name: avast! Firewall NDIS Filter Miniport Description: avast! Firewall NDIS Filter Miniport Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318} Manufacturer: ALWIL Software Service: aswNdis Problem: : Windows cannot start this hardware device because its configuration information (in the registry) is incomplete or damaged. (Code 19) Resolution: A registry problem was detected. This can occur when more than one service is defined for a device, if there is a failure opening the service subkey, or if the driver name cannot be obtained from the service subkey. Try these options: On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard. Click "Uninstall", and then click "Scan for hardware changes" to load a usable driver. Name: Description: Class Guid: Manufacturer: Service: Problem: : The drivers for this device are not installed. (Code 28) Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard. Name: ManyCam Virtual Webcam Description: ManyCam Virtual Webcam Class Guid: {4d36e96c-e325-11ce-bfc1-08002be10318} Manufacturer: ManyCam LLC Service: ManyCam Problem: : Windows cannot start this hardware device because its configuration information (in the registry) is incomplete or damaged. (Code 19) Resolution: A registry problem was detected. This can occur when more than one service is defined for a device, if there is a failure opening the service subkey, or if the driver name cannot be obtained from the service subkey. Try these options: On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard. Click "Uninstall", and then click "Scan for hardware changes" to load a usable driver. Name: ManyCam Virtual Microphone Description: ManyCam Virtual Microphone Class Guid: {4d36e96c-e325-11ce-bfc1-08002be10318} Manufacturer: ManyCam LLC Service: mcaudrv_simple Problem: : Windows cannot start this hardware device because its configuration information (in the registry) is incomplete or damaged. (Code 19) Resolution: A registry problem was detected. This can occur when more than one service is defined for a device, if there is a failure opening the service subkey, or if the driver name cannot be obtained from the service subkey. Try these options: On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard. Click "Uninstall", and then click "Scan for hardware changes" to load a usable driver. Name: Teredo Tunneling Pseudo-Interface Description: Karta tunelowania Teredo firmy Microsoft Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318} Manufacturer: Microsoft Service: tunnel Problem: : This device cannot start. (Code10) Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device. On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard. Name: innfd_1_10_0_14 Description: innfd_1_10_0_14 Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1} Manufacturer: Service: innfd_1_10_0_14 Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24) Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed. Devices stay in this state if they have been prepared for removal. After you remove the device, this error disappears.Remove the device, and this error should be resolved. ==================== Event log errors: ========================= Application errors: ================== Error: (07/08/2015 10:17:20 PM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (07/08/2015 10:14:59 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Nazwa aplikacji powodującej błąd: InstallGadget.exe, wersja: 4.45.2.287, sygnatura czasowa: 0x4f184dc2 Nazwa modułu powodującego błąd: unknown, wersja: 0.0.0.0, sygnatura czasowa: 0x00000000 Kod wyjątku: 0xc0000005 Przesunięcie błędu: 0x01ee7421 Identyfikator procesu powodującego błąd: 0x1108 Godzina uruchomienia aplikacji powodującej błąd: 0xInstallGadget.exe0 Ścieżka aplikacji powodującej błąd: InstallGadget.exe1 Ścieżka modułu powodującego błąd: InstallGadget.exe2 Identyfikator raportu: InstallGadget.exe3 Error: (07/08/2015 09:44:57 PM) (Source: ESENT) (EventID: 215) (User: ) Description: WinMail (988) WindowsMail0: Tworzenie kopii zapasowej zostało zatrzymane, ponieważ zostało przerwane przez klienta lub nie można nawiązać połączenia z klientem. Error: (07/08/2015 09:20:35 PM) (Source: CVHSVC) (EventID: 100) (User: ) Description: Tylko informacje. (Patch task for {90140011-0066-0415-0000-0000000FF1CE}): DownloadLatest Failed: Error: (07/08/2015 09:10:40 PM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (07/08/2015 07:55:47 PM) (Source: VSS) (EventID: 8193) (User: ) Description: Błąd Usługi kopiowania woluminów w tle: nieoczekiwany błąd podczas wywoływania procedury ConvertStringSidToSid(S-1-5-21-4210197690-3277502692-2936419266-1001.bak). hr = 0x80070539, Struktura identyfikatora zabezpieczenia jest nieprawidłowa. . Operacja: Zdarzenie OnIdentify Zbieranie danych modułu zapisującego Kontekst: Kontekst wykonywania: Shadow Copy Optimization Writer Identyfikator klasy modułu zapisującego: {4dc3bdd4-ab48-4d07-adb0-3bee2926fd7f} Nazwa modułu zapisującego: Shadow Copy Optimization Writer Identyfikator wystąpienia modułu zapisującego: {cf64480f-9a2f-4b6f-80a4-1e7754b93866} Error: (07/08/2015 05:17:33 PM) (Source: CVHSVC) (EventID: 100) (User: ) Description: Tylko informacje. (Patch task for {90140011-0066-0415-0000-0000000FF1CE}): DownloadLatest Failed: Error: (07/08/2015 05:07:43 PM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (07/08/2015 03:58:01 PM) (Source: ESENT) (EventID: 215) (User: ) Description: WinMail (4896) WindowsMail0: Tworzenie kopii zapasowej zostało zatrzymane, ponieważ zostało przerwane przez klienta lub nie można nawiązać połączenia z klientem. Error: (07/08/2015 03:57:07 PM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 System errors: ============= Error: (07/08/2015 10:17:06 PM) (Source: Service Control Manager) (EventID: 7026) (User: ) Description: Nie można załadować następujących sterowników startu rozruchowego lub systemowego: innfd_1_10_0_14 Error: (07/08/2015 10:17:00 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Nie można uruchomić usługi atksgt z powodu następującego błędu: %%1275 Error: (07/08/2015 10:17:00 PM) (Source: Application Popup) (EventID: 875) (User: ) Description: Sterownik atksgt.sys został zablokowany dla ładowania. Error: (07/08/2015 09:10:18 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Nie można uruchomić usługi atksgt z powodu następującego błędu: %%1275 Error: (07/08/2015 09:10:18 PM) (Source: Application Popup) (EventID: 875) (User: ) Description: Sterownik atksgt.sys został zablokowany dla ładowania. Error: (07/08/2015 05:07:13 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Nie można uruchomić usługi atksgt z powodu następującego błędu: %%1275 Error: (07/08/2015 05:07:13 PM) (Source: Application Popup) (EventID: 875) (User: ) Description: Sterownik atksgt.sys został zablokowany dla ładowania. Error: (07/08/2015 05:06:31 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Nie można uruchomić usługi Usługa udostępniania w sieci programu Windows Media Player z powodu następującego błędu: %%1069 Error: (07/08/2015 05:06:31 PM) (Source: Service Control Manager) (EventID: 7038) (User: ) Description: Usługa WMPNetworkSvc nie może zalogować się jako NT AUTHORITY\NetworkService za pomocą obecnie skonfigurowanego hasła z powodu następującego błędu: %%50 Aby upewnić się, że usługa jest skonfigurowana prawidłowo, użyj przystawki Usługi w programie Microsoft Management Console (MMC). Error: (07/08/2015 05:06:31 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Nie można uruchomić usługi Windows Search z powodu następującego błędu: %%1069 Microsoft Office: ========================= ==================== Memory info =========================== Processor: Intel(R) Core(TM) i5-2410M CPU @ 2.30GHz Percentage of memory in use: 37% Total physical RAM: 6125.86 MB Available physical RAM: 3843.16 MB Total Virtual: 12249.93 MB Available Virtual: 9605.41 MB ==================== Drives ================================ Drive c: (Acer) (Fixed) (Total:580.07 GB) (Free:367.02 GB) NTFS ==================== MBR & Partition Table ================== ======================================================== Disk: 0 (MBR Code: Windows 7 or 8) (Size: 596.2 GB) (Disk ID: 007343E4) Partition 1: (Not Active) - (Size=16 GB) - (Type=27) Partition 2: (Active) - (Size=100 MB) - (Type=07 NTFS) Partition 3: (Not Active) - (Size=580.1 GB) - (Type=07 NTFS) ==================== End of log ============================