Additional scan result of Farbar Recovery Scan Tool (x64) Version:09-07-2015 Ran by Kanon at 2015-07-10 12:44:44 Running from C:\Users\Kanon\Desktop Boot Mode: Normal ========================================================== ==================== Accounts: ============================= Administrator (S-1-5-21-4258540652-3167376319-1349578961-500 - Administrator - Disabled) Gość (S-1-5-21-4258540652-3167376319-1349578961-501 - Limited - Disabled) HomeGroupUser$ (S-1-5-21-4258540652-3167376319-1349578961-1170 - Limited - Enabled) Kanon (S-1-5-21-4258540652-3167376319-1349578961-1002 - Administrator - Enabled) => C:\Users\Kanon ==================== Security Center ======================== (If an entry is included in the fixlist, it will be removed.) AV: Baidu Antivirus (Enabled - Up to date) {0B023102-4312-4570-585A-1BAAA3570E16} AS: Windows Defender (Enabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: Baidu Antivirus (Enabled - Up to date) {B063D0E6-6528-4AFE-62EA-20D8D8D044AB} ==================== Installed Programs ====================== (Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.) 7-Zip 9.20 (HKLM-x32\...\7-Zip) (Version: - ) ABBYY FineReader 9.0 Sprint (HKLM-x32\...\ABBYY FineReader 9.0 Sprint) (Version: 9.01.513.58212 - ABBYY) ABBYY FineReader 9.0 Sprint (x32 Version: 9.01.513.58212 - ABBYY) Hidden ActiveCheck component for HP Active Support Library (x32 Version: 3.0.0.3 - Hewlett-Packard) Hidden Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 2.5.1.17730 - Adobe Systems Inc.) Adobe Flash Player 17 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 17.0.0.169 - Adobe Systems Incorporated) Adobe Shockwave Player 12.0 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.0.3.133 - Adobe Systems, Inc.) Advanced ScreenSnapshot 1.0 (HKLM\...\{61FFE1F9-137D-4c31-A181-3415FCAA5946}) (Version: 1.0.1.10301 - qiusheng xie) Advanced SystemCare 8 (HKLM-x32\...\Advanced SystemCare 8_is1) (Version: 8.2.0 - IObit) Age of Wulin (HKLM-x32\...\{A1CD76EB-30CA-45EE-9946-5FC20BA62012}) (Version: 0.0.1.032 - Webzen) ArcSoft TotalMedia (HKLM-x32\...\ArcSoft TotalMedia) (Version: 1.0.23.26 - ArcSoft) ArcSoft TotalMedia (x32 Version: 1.0.43.25 - ArcSoft) Hidden ArcSoft Webcam Sharing Manager (HKLM-x32\...\{190A7D93-3823-439C-91B9-ADCE3EC2A6A2}) (Version: 1.0.0.26 - ArcSoft) Baidu Antivirus (HKLM-x32\...\Baidu Antivirus) (Version: 5.4.3.133394 - Baidu, Inc.) Baidu Browser (HKLM-x32\...\Spark) (Version: 26.5 Preview - Baidu Inc.) Baidu PC Faster (HKLM-x32\...\Baidu PC Faster 5.1.0.0) (Version: 5.1.3.126764 - Baidu, Inc.) <==== ATTENTION Bing Rewards Client Installer (x32 Version: 16.0.345.0 - Microsoft Corporation) Hidden Corel Home Office - CS Templates (x32 Version: 5.6 - 公司名称) Hidden Corel Home Office - CT Templates (x32 Version: 5.6 - 您的公司名稱) Hidden Corel Home Office - IPM (x32 Version: 5.6 - Corel Corporation) Hidden Corel Home Office - JP Templates (x32 Version: 5.6 - 会社名) Hidden Corel Home Office - KR Templates (x32 Version: 5.6 - 회사명) Hidden Corel Home Office - Launcher (x32 Version: 5.6 - Corel Corporation) Hidden Corel Home Office - Templates RU (x32 Version: 5.6 - Название организации) Hidden Corel Home Office - Templates1 (x32 Version: 5.6 - Your Company Name) Hidden Corel Home Office (HKLM-x32\...\_{36C95AD3-D330-4BAA-884A-9F3EFD15A5EA}) (Version: 5.0.85.588 - Corel Corporation) Corel Home Office (x32 Version: 5.6 - Corel Corporation) Hidden Crossfire Europe (HKLM-x32\...\Crossfire Europe) (Version: 1181 - SG INTERACTIVE) D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden Device Access Manager for HP ProtectTools (HKLM\...\{55B52830-024A-443E-AF61-61E1E71AFA1B}) (Version: 5.0.1.5 - Hewlett-Packard) Device Doctor v3.1 (HKLM-x32\...\Device Doctor_is1) (Version: 3.1 - Device Doctor Software Inc.) Drakensang Online (HKLM-x32\...\Drakensang Online) (Version: - ) Drive Encryption for HP ProtectTools (HKLM-x32\...\Drive Encryption) (Version: 5.0.4.0 - Hewlett-Packard) Drive Encryption for HP ProtectTools (Version: 5.0.4.0 - Hewlett-Packard) Hidden Driver Booster (HKLM-x32\...\Driver Booster_is1) (Version: 1.4 - IObit) Energy Star Digital Logo (HKLM-x32\...\{BD1A34C9-4764-4F79-AE1F-112F8C89D3D4}) (Version: 1.0.1 - Hewlett-Packard) Epson Connect Printer Setup (HKLM-x32\...\{D9B1D51B-EB56-410D-AEB5-1CCFAC4B6C8C}) (Version: 1.1.1 - SEIKO EPSON CORPORATION) Epson Download Navigator (HKLM-x32\...\{10F63395-157F-4B93-AB4D-702A2FF11942}) (Version: 1.0.1 - SEIKO EPSON CORPORATION) Epson Easy Photo Print 2 (HKLM-x32\...\{FFF841F3-9A15-4F61-BD16-C19F132E5A27}) (Version: 2.3.0.0 - SEIKO EPSON CORPORATION) Epson Easy Photo Print Plug-in for PMB(Picture Motion Browser) (HKLM-x32\...\{B2D55EB8-32C5-4B43-9006-9E97DECBA178}) (Version: 1.00.0000 - SEIKO EPSON CORPORATION2) Epson Event Manager (HKLM-x32\...\{8ED43F7E-A8F6-4898-AF11-B6158F2EDF94}) (Version: 2.50.0000 - SEIKO EPSON CORPORATION) EPSON Scan (HKLM-x32\...\EPSON Scanner) (Version: - Seiko Epson Corporation) EPSON SX440 Series Printer Uninstall (HKLM\...\EPSON SX440 Series) (Version: - SEIKO EPSON Corporation) EpsonNet Print (HKLM-x32\...\{3E31400D-274E-4647-916C-2CACC3741799}) (Version: 2.4j - SEIKO EPSON CORPORATION) Face Recognition for HP ProtectTools (HKLM\...\{E793990C-90BE-4B69-AC29-BF5E8FD4ED54}) (Version: 2.02.4007 - Hewlett-Packard) File Sanitizer For HP ProtectTools (HKLM-x32\...\{6D6ADF03-B257-4EA5-BBC1-1D145AF8D514}) (Version: 5.0.1.2 - Hewlett-Packard) Galeria fotografii (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden Gimnazjum klasa 2 - Puls Ziemi (HKLM-x32\...\Gimnazjum klasa 2 - Puls Ziemi) (Version: - ) Google Chrome (HKLM-x32\...\Google Chrome) (Version: 35.0.1916.153 - Google Inc.) Google Toolbar for Internet Explorer (HKLM-x32\...\{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version: 7.5.5111.1712 - Google Inc.) Google Toolbar for Internet Explorer (x32 Version: 1.0.0 - Google Inc.) Hidden Google Update Helper (x32 Version: 1.3.24.7 - Google Inc.) Hidden HP 3D DriveGuard (HKLM\...\{67C090D6-109A-47D7-8DED-4160C4D96F32}) (Version: 4.0.4.1 - Hewlett-Packard) HP Advisor (HKLM-x32\...\{40FB8D7C-6FF8-4AF2-BC8B-0B1DB32AF04B}) (Version: 3.3.9512.3162 - Hewlett-Packard) HP Documentation (HKLM-x32\...\{8C3059B3-B804-42BB-909B-25864C7D33E3}) (Version: 1.6.0.0 - Hewlett-Packard) HP ESU for Microsoft Windows 7 (HKLM-x32\...\{D9989A13-B173-4048-B8A5-93C204DCB1B3}) (Version: 1.1.6.1 - Hewlett-Packard Company) HP HotKey Support (HKLM\...\{4BBA5224-C5B1-4B8C-AAA4-68DA6654B9C1}) (Version: 3.5.15.1 - Hewlett-Packard Company) HP Power Assistant (HKLM\...\{32C278B2-BC1F-4018-8FB4-2012A40D9FC1}) (Version: 1.0.9.0 - Hewlett-Packard Company) HP Power Data (HKLM\...\{F2177395-FD90-44B0-AFB8-2E0566855E5C}) (Version: 1.0.31.182 - Hewlett-Packard) HP ProtectTools Security Manager (HKLM\...\HPProtectTools) (Version: 5.03.637 - Hewlett-Packard) HP QuickLook (HKLM\...\{24FB84A7-AB9A-4CEE-B65D-5C9342211673}) (Version: 3.3.1.2 - Hewlett-Packard Company) HP QuickWeb (HKLM-x32\...\{7861911B-4270-498A-8F7A-FCF0570F487D}) (Version: 1.0.1.63 - DeviceVM, Inc.) HP Setup (HKLM-x32\...\{1E6219D4-027E-47EE-AB83-DD2F26E31A32}) (Version: 1.2.3557.3169 - Hewlett-Packard) HP SoftPaq Download Manager (HKLM-x32\...\{2DA697D7-FED3-4DE2-A174-92A2A12F9688}) (Version: 3.0.5.0 - Hewlett-Packard Company) HP Software Framework (HKLM-x32\...\{E05DB9F9-C8E7-45F2-BE9E-76D4C447CE9B}) (Version: 4.0.39.1 - Hewlett-Packard Company) HP Software Setup (HKLM-x32\...\{04801E42-B1A6-4C52-9F3D-CADB5A050433}) (Version: 7.0.1.9 - Hewlett-Packard Company) HP Webcam Driver (HKLM-x32\...\{E0A7ED39-8CD6-4351-93C3-69CCA00D12B4}) (Version: 6.1.7600.0024 - Realtek Semiconductor Corp.) HP Wireless Assistant (HKLM\...\{EC720706-3F19-4B7F-BDDD-E31D9B3921D2}) (Version: 4.0.6.0 - Hewlett-Packard) HPAsset component for HP Active Support Library (x32 Version: 3.0.0.3 - Hewlett-Packard) Hidden IDT Audio (HKLM-x32\...\{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}) (Version: 1.0.6275.0 - IDT) IePluginService12.27.0.3326 (HKLM-x32\...\IePlugins) (Version: 12.27.0.3326 - Cherished Technololgy LIMITED) <==== ATTENTION Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 6.0.0.1179 - Intel Corporation) Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 8.15.10.2827 - Intel Corporation) Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 9.6.0.1014 - Intel Corporation) IObit Uninstaller (HKLM-x32\...\IObitUninstall) (Version: 4.2.6.2 - IObit) Junk Mail filter update (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden LightScribe System Software (HKLM-x32\...\{82EF29B1-9B60-4142-A155-0599216DD053}) (Version: 1.18.6.1 - LightScribe) Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation) Microsoft .NET Framework 4.5.1 (Polski) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1045) (Version: 4.5.50938 - Microsoft Corporation) Microsoft Office Home and Student 2010 (HKLM-x32\...\Office14.SingleImage) (Version: 14.0.7015.1000 - Microsoft Corporation) Microsoft Office Outlook Connector (HKLM-x32\...\{95140000-007A-0415-0000-0000000FF1CE}) (Version: 14.0.5118.5000 - Microsoft Corporation) Microsoft OneDrive (HKU\S-1-5-21-4258540652-3167376319-1349578961-1002\...\OneDriveSetup.exe) (Version: 17.3.1171.0714 - Microsoft Corporation) Microsoft Outlook Social Connector Provider for Windows Live Messenger 32-bit (HKLM-x32\...\{95140000-007D-0409-0000-0000000FF1CE}) (Version: 14.0.5120.5000 - Microsoft Corporation) Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation) Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation) Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053 (HKLM\...\{B6E3757B-5E77-3915-866A-CCFC4B8D194C}) (Version: 8.0.50727.4053 - Microsoft Corporation) Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM-x32\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Movie Maker (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation) MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation) Norton Online Backup (HKLM-x32\...\{C57BCDE1-7CB9-467D-B3BA-7E119916CDC1}) (Version: 1.2.20.0 - Symantec) Origin (HKLM-x32\...\Origin) (Version: 9.3.1.4482 - Electronic Arts, Inc.) Pando Media Booster (HKLM-x32\...\{980A182F-E0A2-4A40-94C1-AE0C1235902E}) (Version: 2.6.0.9 - Pando Networks Inc.) PatchBeam (HKLM-x32\...\PatchBeam) (Version: 1.20 - ConeXware, Inc.) PDF Complete Special Edition (HKLM-x32\...\PDF Complete) (Version: 3.5.112 - PDF Complete, Inc) PhotoScape (HKLM-x32\...\PhotoScape) (Version: - ) Planet Horse (HKLM-x32\...\Planet Horse/PL-Polish_is1) (Version: - City Interactive) Poczta usługi Windows Live (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden Podstawowe programy Windows Live (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3508.0205 - Microsoft Corporation) Podstawowe programy Windows Live (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden PowerArchiver 2013 (HKLM-x32\...\PowerArchiver 2013 14.05.11) (Version: 14.05.11 - ConeXware, Inc.) PowerArchiver 2013 (x32 Version: 14.05.11 - ConeXware, Inc.) Hidden Pre-Boot Security for HP ProtectTools (Version: 5.0.7.1 - Hewlett-Packard) Hidden Privacy Manager for HP ProtectTools (HKLM\...\{04255D34-6C6D-4F63-A218-EE8FD2D13AF0}) (Version: 5.10.796 - Hewlett-Packard) Protected Search 1.1 (HKLM-x32\...\Protected Search_is1) (Version: - Protected Search) Przewodnik po podstawowych funkcjach EPSON SX440 Series (HKLM-x32\...\EPSON SX440 Series Bog) (Version: - ) Przewodnik pracy w sieci EPSON SX440 Series (HKLM-x32\...\EPSON SX440 Series Netg) (Version: - ) Przewodnik użytkownika EPSON SX440 Series (HKLM-x32\...\EPSON SX440 Series Useg) (Version: - ) Ralink RT3090 802.11b/g/n WiFi Adapter (HKLM-x32\...\{8FC4F1DD-F7FD-4766-804D-3C8FF1D309B0}) (Version: 1.2.0.27 - Ralink) Realtek Ethernet Controller All-In-One Windows Driver (HKLM-x32\...\{F7E7F0CB-AA41-4D5A-B6F2-8E6738EB063F}) (Version: 1.12.0011 - Realtek) Realtek USB 2.0 Card Reader (HKLM-x32\...\{96AE7E41-E34E-47D0-AC07-1091A8127911}) (Version: 6.1.7600.30109 - Realtek Semiconductor Corp.) Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version: - Microsoft) Skype™ 6.16 (HKLM-x32\...\{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}) (Version: 6.16.105 - Skype Technologies S.A.) SlimDrivers (HKLM-x32\...\{5AD12E7A-D739-4451-9BD1-3610EC56D8F5}) (Version: 2.2.45206 - SlimWare Utilities, Inc.) Smart Defrag 4 (HKLM-x32\...\Smart Defrag 4_is1) (Version: 4.0 - IObit) Sprawdziany 4-6 (HKLM-x32\...\sierant.nowaEra.PotrojnaWersjaKsiazki2) (Version: 1.9.26_03 - Nowa Era Sp. z o.o.) Sprawdziany 4-6 (x32 Version: 1.9.26 - Nowa Era Sp. z o.o.) Hidden Steam (HKLM-x32\...\Steam) (Version: - Valve Corporation) Surfing Protection (HKLM-x32\...\IObit Surfing Protection_is1) (Version: 1.2 - IObit) swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 15.0.24.0 - Synaptics Incorporated) The Sims 2: Ultimate Collection (HKLM-x32\...\{04450C18-F039-4B81-A621-70C3B0F523D5}) (Version: 1.0.0.0 - Electronic Arts) Theft Recovery (HKLM-x32\...\InstallShield_{33C9F24B-1D92-4632-A915-81E3BB1D5D6B}) (Version: 5.1.0.18 - Hewlett-Packard) Theft Recovery (x32 Version: 5.1.0.18 - Hewlett-Packard) Hidden Tools Update Platform (HKLM-x32\...\{6A128791-4857-4484-9BB2-71D4C1257200}) (Version: 1.1.0.15707 - Beijing Zhihuimen Techology co,.Ltd) Validity Fingerprint Driver (HKLM\...\{516DA517-73A0-40F8-8CD9-E5ED4EC383E5}) (Version: 4.0.10.0 - Validity Sensors, Inc.) Windows 7 Default Setting (HKLM-x32\...\{5BF8E079-D6E2-4323-B794-75152371122A}) (Version: 1.0.1.6 - Hewlett-Packard Company) Windows Movie Maker 2.6 (HKLM-x32\...\{B3DAF54F-DB25-4586-9EF1-96D24BB14088}) (Version: 2.6.4037.0 - Microsoft Corporation) WinRAR 5.11 (32-bitowy) (HKLM-x32\...\WinRAR archiver) (Version: 5.11.0 - win.rar GmbH) WinZipper (HKLM-x32\...\WinZipper) (Version: 1.5.29 - Taiwan Shui Mu Chih Ching Technology Limited.) <==== ATTENTION World of Tanks (HKLM-x32\...\{1EAC1D02-C6AC-4FA6-9A44-96258C37C812EU}_is1) (Version: - Wargaming.net) ==================== Custom CLSID (Whitelisted): ========================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) CustomCLSID: HKU\S-1-5-21-4258540652-3167376319-1349578961-1002_Classes\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}\InprocServer32 -> C:\Users\Kanon\AppData\Local\Microsoft\SkyDrive\17.3.1171.0714\amd64\SkyDriveShell64.dll (Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-4258540652-3167376319-1349578961-1002_Classes\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}\InprocServer32 -> C:\Users\Kanon\AppData\Local\Microsoft\SkyDrive\17.3.1171.0714\amd64\SkyDriveShell64.dll (Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-4258540652-3167376319-1349578961-1002_Classes\CLSID\{CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B}\InprocServer32 -> C:\Users\Kanon\AppData\Local\Microsoft\SkyDrive\17.3.1171.0714\amd64\SkyDriveShell64.dll (Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-4258540652-3167376319-1349578961-1002_Classes\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}\InprocServer32 -> C:\Users\Kanon\AppData\Local\Microsoft\SkyDrive\17.3.1171.0714\amd64\SkyDriveShell64.dll (Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-4258540652-3167376319-1349578961-1002_Classes\CLSID\{F8071786-1FD0-4A66-81A1-3CBE29274458}\InprocServer32 -> C:\Users\Kanon\AppData\Local\Microsoft\SkyDrive\17.3.1171.0714\amd64\FileSyncApi64.dll (Microsoft Corporation) ==================== Restore Points ========================= 03-06-2015 07:04:44 Windows Update 06-06-2015 09:11:52 Windows Update 06-06-2015 13:20:03 Windows Update 09-06-2015 14:47:15 Windows Update 11-06-2015 18:10:52 Zainstalowane Sitecom Wireless High-gain Network Adapter Driver x˙ŃK 11-06-2015 19:04:31 Windows Update 19-06-2015 21:16:11 Zaplanowany punkt kontrolny 28-06-2015 11:32:59 Zaplanowany punkt kontrolny 05-07-2015 11:40:17 Zaplanowany punkt kontrolny ==================== Hosts content: =============================== (If needed Hosts: directive could be included in the fixlist to reset Hosts.) 2009-07-14 04:34 - 2009-06-10 23:00 - 00000824 ____A C:\windows\system32\Drivers\etc\hosts ==================== Scheduled Tasks (Whitelisted) ============= (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) Task: {07C8580C-D1F3-43F2-BD8A-6BD7248200FC} - System32\Tasks\Driver Booster Scan => C:\Program Files (x86)\IObit\Driver Booster\Scheduler.exe [2014-03-07] (IObit) Task: {11755512-7295-40B5-B75B-B5E04B255D20} - System32\Tasks\Uninstaller_SkipUac_Kanon => C:\Program Files (x86)\IObit\IObit Uninstaller\IObitUninstaler.exe [2015-01-20] (IObit) Task: {1364877E-9030-400E-B535-DB60E9398428} - System32\Tasks\Driver Booster Update => C:\Program Files (x86)\IObit\Driver Booster\AutoUpdate.exe [2014-06-19] (IObit) Task: {13827737-85DE-4AC2-B1F9-DEF19B5AD7BA} - System32\Tasks\SparkUpdater => C:\Program Files (x86)\baidu\Spark\SparkUpdate.exe [2015-05-07] (Baidu.com, Inc.) Task: {1C27C96D-7A15-4CEA-983D-CB31B15CFD2C} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe Task: {51861C82-641D-485D-8799-5601CAE547C1} - System32\Tasks\Baidu PC Faster Update => C:\Program Files (x86)\PC Faster\5.1.0.0\Updater.exe [2015-05-13] (Baidu, Inc.) Task: {540E2183-1E8B-4AF2-9B06-85F01E1DA4F8} - System32\Tasks\Registration => C:\Program Files (x86)\Hewlett-Packard\HP Setup\RemEngine.exe [2009-10-06] () Task: {5C54FFA7-6551-4E01-B9BA-5AC9CBC71155} - System32\Tasks\060184C3-9766-46a0-B258-F4518A0B2633 => Cscript.exe "C:\ProgramData\Baidu Security\Duplicaterecord.js" <==== ATTENTION Task: {6D7BFCEE-6888-4FC0-AE74-C8A8F3BF6D15} - System32\Tasks\ASC8_PerformanceMonitor => C:\Program Files (x86)\IObit\Advanced SystemCare 8\Monitor.exe [2015-04-09] (IObit) Task: {728F3938-5794-46D5-B5ED-A6824FB9D953} - System32\Tasks\ProtectedSearch\Protected Search => C:\Program Files (x86)\Protected Search\ProtectedSearch.exe [2013-01-14] (Simplygen) <==== ATTENTION Task: {7307526A-EB02-4E23-868C-B924AA5E136C} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: {7D85D883-7144-4A70-A8C5-AD20479B8823} - System32\Tasks\Driver Booster SkipUAC (Kanon) => C:\Program Files (x86)\IObit\Driver Booster\DriverBooster.exe [2014-06-19] (IObit) Task: {959432B3-B686-4F47-96A1-173125D965C6} - System32\Tasks\Baidu PC Faster Service => C:\Program Files (x86)\PC Faster\5.1.0.0\PCFasterSvc.exe [2015-05-13] (Baidu, Inc.) Task: {ABA5BFA0-6DF0-42BD-9934-5E8445980C6F} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Tuneup => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2010-07-01] (Hewlett-Packard Company) Task: {ABF1DB88-C7B3-4BC4-BA64-A86606122E35} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: {B047D52E-1CF4-4368-9EC6-A23671F85EEC} - System32\Tasks\{5D7B4AB3-B79A-4805-AD1B-6AAA7B6A16C8} => pcalua.exe -a F:\eFilmLt.exe -d F:\ Task: {B6CCBCF7-16A7-4147-9816-6B60E92BBBBF} - System32\Tasks\{D1FD752A-A9A7-474E-B2E1-39EF3C18C0A6} => Chrome.exe http://ui.skype.com/ui/0/6.6.0.106/pl/abandoninstall?page=tsProgressBar Task: {C0E697CE-59A1-4B05-BB14-4E6087519B6E} - System32\Tasks\{17C61C70-09B5-429D-B5CC-1EE488D6D0B0} => pcalua.exe -a "C:\Program Files\AVAST Software\Avast\aswRunDll.exe" -c "C:\Program Files\AVAST Software\Avast\Setup\setiface.dll" RunSetup Task: {C8A30609-3136-4BAC-B632-AEFFB7A3C888} - System32\Tasks\SlimDrivers Startup => C:\Program Files (x86)\SlimDrivers\SlimDrivers.exe [2015-02-27] (SlimWare Utilities, Inc.) Task: {D2C7F035-DEE0-4219-AA58-AA1DB7942E75} - System32\Tasks\SmartDefrag4_Startup => C:\Program Files (x86)\IObit\Smart Defrag 4\SmartDefrag.exe [2015-04-23] (IObit) Task: {E486BFCC-C898-4716-9F29-C7574AEDC68E} - System32\Tasks\Baidu Antivirus Update => C:\Program Files (x86)\Baidu Security\Baidu Antivirus\5.4.3.122701.0\BavUpdater.exe [2015-05-15] (Baidu, Inc.) Task: {EBC80DB5-4291-44F1-A841-97A116AE2AC1} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2010-07-01] (Hewlett-Packard Company) Task: {ED68671B-4D1E-4677-9C73-10074CCEB83F} - System32\Tasks\{61FFE1F9-137D-4c31-A181-3415FCAA5946}{19F8DB95-4D78-4ddb-AC71-C610654FE37F} => C:\Program Files (x86)\ScreenSnapshotTool\1.0.1.10301\InstallHelper.exe [2015-06-15] () Task: {EDCC141B-E3E8-4211-9E62-403772ED97CC} - System32\Tasks\SmartDefrag4_Update => C:\Program Files (x86)\IObit\Smart Defrag 4\AutoUpdate.exe [2015-03-03] (IObit) Task: {EE813ECF-421A-4708-AB31-9139E12AED54} - System32\Tasks\Adobe Flash Player Updater => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-04-15] (Adobe Systems Incorporated) Task: {F27D61F7-B91E-4AA6-8334-B2A0802F80AF} - System32\Tasks\ASC8_SkipUac_Kanon => C:\Program Files (x86)\IObit\Advanced SystemCare 8\ASC.exe [2015-04-09] (IObit) Task: {F5190178-D84B-4004-9E8D-13827F9B3974} - System32\Tasks\ToolsUpdatePlatform_ScheduledTask => C:\Program Files (x86)\ToolsUpdatePlatform\UpdatePlatform.exe [2015-06-04] () Task: C:\windows\Tasks\Adobe Flash Player Updater.job => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe Task: C:\windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: C:\windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: C:\windows\Tasks\SlimDrivers Startup.job => C:\Program Files (x86)\SlimDrivers\SlimDrivers.exe Task: C:\windows\Tasks\ToolsUpdatePlatform_ScheduledTask.job => C:\Program Files (x86)\ToolsUpdatePlatform\UpdatePlatform.exe Task: C:\windows\Tasks\{61FFE1F9-137D-4c31-A181-3415FCAA5946}{19F8DB95-4D78-4ddb-AC71-C610654FE37F}.job => C:\Program Files (x86)\ScreenSnapshotTool\1.0.1.10301\InstallHelper.exev-RunCloudOPTClient C:\Program Files (x86)\ScreenSnapshotTool\1.0.1.10301\CloudOPTClient\CloudOPTClient.exe ==================== Loaded Modules (Whitelisted) ============== 2010-02-11 22:50 - 2010-02-11 22:50 - 00746256 ____N () C:\windows\system32\SUPSDK.dll 2009-11-23 18:24 - 2009-11-23 18:24 - 01412608 ____R () C:\windows\system32\LIBEAY32.dll 2009-10-29 02:57 - 2009-10-29 02:57 - 00100864 ____N () c:\Program Files\Hewlett-Packard\Pre-Boot Security for HP ProtectTools\BIOSDomainPlugin.dll 2015-06-04 10:52 - 2015-06-04 10:52 - 00576456 _____ () C:\Program Files (x86)\ToolsUpdatePlatform\UpdatePlatform.exe 2015-06-15 11:07 - 2015-06-15 11:07 - 00143520 _____ () C:\Program Files (x86)\ScreenSnapshotTool\1.0.1.10301\ScreenShotServ.exe 2015-06-15 11:07 - 2015-06-15 11:07 - 01831584 _____ () C:\Program Files (x86)\ScreenSnapshotTool\1.0.1.10301\ScreenSnapshot.exe 2014-01-12 18:27 - 2014-01-12 18:27 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll 2013-08-09 15:53 - 2013-08-09 15:53 - 04287536 _____ () C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe 2010-04-05 20:11 - 2010-04-05 20:11 - 00030264 _____ () C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_LogicLayer.dll 2010-04-05 20:12 - 2010-04-05 20:12 - 00052280 _____ () C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HardwareAccess.dll 2015-07-10 11:40 - 2015-07-10 11:40 - 00380416 _____ () C:\Users\Kanon\Desktop\f7hp56rl.exe 2015-05-07 21:51 - 2013-10-25 12:08 - 00517408 _____ () C:\Program Files (x86)\IObit\Advanced SystemCare 8\sqlite3.dll 2015-05-07 21:51 - 2013-01-15 18:48 - 00348992 _____ () C:\Program Files (x86)\IObit\Advanced SystemCare 8\madExcept_.bpl 2015-05-07 21:51 - 2013-01-15 18:48 - 00183616 _____ () C:\Program Files (x86)\IObit\Advanced SystemCare 8\madBasic_.bpl 2015-05-07 21:51 - 2013-01-15 18:48 - 00051008 _____ () C:\Program Files (x86)\IObit\Advanced SystemCare 8\madDisAsm_.bpl 2015-04-29 16:57 - 2015-05-15 05:09 - 00297968 _____ () C:\Program Files (x86)\Baidu Security\Baidu Antivirus\5.4.3.122701.0\HipsLogger.dll 2015-04-29 16:57 - 2015-05-15 05:09 - 00198128 _____ () C:\Program Files (x86)\Baidu Security\Baidu Antivirus\5.4.3.122701.0\dark.dll 2015-04-29 16:57 - 2015-05-15 05:09 - 00540656 _____ () C:\Program Files (x86)\Baidu Security\Baidu Antivirus\5.4.3.122701.0\sqlite.dll 2015-04-29 16:57 - 2015-05-15 05:09 - 01117680 _____ () C:\Program Files (x86)\Baidu Security\Baidu Antivirus\5.4.3.122701.0\Operation.dll 2015-04-29 16:57 - 2015-05-15 05:09 - 00370672 _____ () C:\Program Files (x86)\Baidu Security\Baidu Antivirus\5.4.3.122701.0\BNetOp.dll 2015-06-15 11:07 - 2015-06-15 11:07 - 00543392 _____ () C:\Program Files (x86)\ScreenSnapshotTool\1.0.1.10301\EVPTask.dll 2015-06-15 11:07 - 2015-06-15 11:07 - 00406688 _____ () C:\Program Files (x86)\ScreenSnapshotTool\1.0.1.10301\EVPNet.dll 2015-06-15 11:07 - 2015-06-15 11:07 - 00428704 _____ () C:\Program Files (x86)\ScreenSnapshotTool\1.0.1.10301\EVPDR.dll 2015-04-29 16:57 - 2015-05-15 05:09 - 00277488 _____ () C:\Program Files (x86)\Baidu Security\Baidu Antivirus\5.4.3.122701.0\Pulgin_Dark_DeleteFileTip.dll 2014-04-15 11:51 - 2015-04-09 20:35 - 00595824 _____ () C:\Program Files (x86)\PC Faster\5.1.0.0\sqlite.dll 2014-10-16 18:57 - 2014-10-16 18:57 - 00170496 _____ () C:\windows\assembly\NativeImages_v2.0.50727_32\IsdiInterop\3d576cbc4ffc5ad06fd61510c5d8f326\IsdiInterop.ni.dll 2010-09-03 16:38 - 2010-03-04 06:08 - 00058880 _____ () C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IsdiInterop.dll 2014-06-11 15:14 - 2014-06-05 15:58 - 00716616 _____ () C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.153\libglesv2.dll 2014-06-11 15:14 - 2014-06-05 15:58 - 00126280 _____ () C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.153\libegl.dll 2014-06-11 15:14 - 2014-06-05 15:58 - 04217672 _____ () C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.153\pdf.dll 2014-06-11 15:14 - 2014-06-05 15:58 - 00414536 _____ () C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.153\ppGoogleNaClPluginChrome.dll 2014-06-11 15:14 - 2014-06-05 15:58 - 01732424 _____ () C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.153\ffmpegsumo.dll ==================== Alternate Data Streams (Whitelisted) ========= (If an entry is included in the fixlist, only the ADS will be removed.) ==================== Safe Mode (Whitelisted) =================== (If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.) HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\74624766.sys => ""="Driver" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\BavSvc => "Service"="" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\E08AE23A.sys => ""="Driver" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\74624766.sys => ""="Driver" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\BavSvc => "Service"="" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\E08AE23A.sys => ""="Driver" ==================== EXE Association (Whitelisted) =============== (If an entry is included in the fixlist, the registry item will be restored to default or removed.) ==================== Internet Explorer trusted/restricted =============== (If an entry is included in the fixlist, it will be removed from the registry.) IE restricted site: HKU\S-1-5-21-4258540652-3167376319-1349578961-1002\...\008i.com -> 008i.com IE restricted site: HKU\S-1-5-21-4258540652-3167376319-1349578961-1002\...\008k.com -> 008k.com IE restricted site: HKU\S-1-5-21-4258540652-3167376319-1349578961-1002\...\00hq.com -> 00hq.com IE restricted site: HKU\S-1-5-21-4258540652-3167376319-1349578961-1002\...\0190-dialers.com -> 0190-dialers.com IE restricted site: HKU\S-1-5-21-4258540652-3167376319-1349578961-1002\...\01i.info -> 01i.info IE restricted site: HKU\S-1-5-21-4258540652-3167376319-1349578961-1002\...\02pmnzy5eo29bfk4.com -> 02pmnzy5eo29bfk4.com IE restricted site: HKU\S-1-5-21-4258540652-3167376319-1349578961-1002\...\05p.com -> 05p.com IE restricted site: HKU\S-1-5-21-4258540652-3167376319-1349578961-1002\...\07ic5do2myz3vzpk.com -> 07ic5do2myz3vzpk.com IE restricted site: HKU\S-1-5-21-4258540652-3167376319-1349578961-1002\...\08nigbmwk43i01y6.com -> 08nigbmwk43i01y6.com IE restricted site: HKU\S-1-5-21-4258540652-3167376319-1349578961-1002\...\093qpeuqpmz6ebfa.com -> 093qpeuqpmz6ebfa.com IE restricted site: HKU\S-1-5-21-4258540652-3167376319-1349578961-1002\...\0calories.net -> 0calories.net IE restricted site: HKU\S-1-5-21-4258540652-3167376319-1349578961-1002\...\0cj.net -> 0cj.net IE restricted site: HKU\S-1-5-21-4258540652-3167376319-1349578961-1002\...\0scan.com -> 0scan.com IE restricted site: HKU\S-1-5-21-4258540652-3167376319-1349578961-1002\...\1-britney-spears-nude.com -> 1-britney-spears-nude.com IE restricted site: HKU\S-1-5-21-4258540652-3167376319-1349578961-1002\...\1-domains-registrations.com -> 1-domains-registrations.com IE restricted site: HKU\S-1-5-21-4258540652-3167376319-1349578961-1002\...\1-se.com -> 1-se.com IE restricted site: HKU\S-1-5-21-4258540652-3167376319-1349578961-1002\...\1001movie.com -> 1001movie.com IE restricted site: HKU\S-1-5-21-4258540652-3167376319-1349578961-1002\...\1001night.biz -> 1001night.biz IE restricted site: HKU\S-1-5-21-4258540652-3167376319-1349578961-1002\...\100gal.net -> 100gal.net IE restricted site: HKU\S-1-5-21-4258540652-3167376319-1349578961-1002\...\100sexlinks.com -> 100sexlinks.com There are 4788 more restricted sites. ==================== Other Areas ============================ (Currently there is no automatic fix for this section.) HKU\S-1-5-21-4258540652-3167376319-1349578961-1002\Control Panel\Desktop\\Wallpaper -> C:\Users\Kanon\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg DNS Servers: 192.168.1.1 ==================== MSCONFIG/TASK MANAGER disabled items == (Currently there is no automatic fix for this section.) ==================== FirewallRules (Whitelisted) =============== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) FirewallRules: [{001A9B19-C376-44B7-A1F7-EFE2BF80A5F9}] => (Allow) C:\Program Files (x86)\McAfee\Managed VirusScan\Agent\myAgtSvc.exe FirewallRules: [{6DD9E6AE-8D32-429E-AB2D-D2745266F822}] => (Allow) C:\Program Files (x86)\McAfee\Managed VirusScan\Agent\myAgtSvc.exe FirewallRules: [{1D085611-BCDC-431C-A2FA-159EA6936C3A}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe FirewallRules: [{B5623336-1D25-4F4C-B6B5-2A2D20D97044}] => (Allow) C:\Program Files (x86)\Protected Search\ProtectedSearch.exe FirewallRules: [{F1A6895D-CD09-4B11-B7AF-A3F003E31658}] => (Allow) C:\Program Files (x86)\Protected Search\ProtectedSearch.exe FirewallRules: [{131714D3-267E-4136-B78C-075A3F85A6E4}] => (Allow) C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe FirewallRules: [{4CCAEE21-B870-4CB2-AAC8-B34C33324EF5}] => (Allow) C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe FirewallRules: [{0A2C8C6A-AE92-4676-8FAD-575ADCB152C8}] => (Allow) C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe FirewallRules: [{6DAF13B8-814C-4739-966F-10AA5E7A64DB}] => (Allow) C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe FirewallRules: [{17C4935F-BC4E-4038-939E-FBC7F8E2BDC9}] => (Allow) C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe FirewallRules: [{DF5FE1EA-16CA-4558-98AC-D21DE5EB74DC}] => (Allow) C:\Users\Kanon\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe FirewallRules: [{B9764ECA-9FAC-474C-8349-FA77130C669F}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe FirewallRules: [{F35D40C4-2392-46DD-ADE5-F2224FDA2A67}] => (Allow) LPort=2869 FirewallRules: [{6FF8A55E-A8A9-4E8C-9F71-ED3E6DFB0B0B}] => (Allow) LPort=1900 FirewallRules: [{A7452216-0E6B-4796-82A7-21452985C4E7}] => (Allow) C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe FirewallRules: [TCP Query User{09725A8A-D590-49AA-8604-88FB7C7B5BC6}C:\program files (x86)\epson software\event manager\eeventmanager.exe] => (Allow) C:\program files (x86)\epson software\event manager\eeventmanager.exe FirewallRules: [UDP Query User{493499B7-8E17-4739-B138-A963219AE0DA}C:\program files (x86)\epson software\event manager\eeventmanager.exe] => (Allow) C:\program files (x86)\epson software\event manager\eeventmanager.exe FirewallRules: [TCP Query User{5120D9B8-6FED-407B-9073-3C7A684EA4A6}C:\program files (x86)\epson software\event manager\eeventmanager.exe] => (Allow) C:\program files (x86)\epson software\event manager\eeventmanager.exe FirewallRules: [UDP Query User{BEE89670-24E6-41C3-886D-FDB8AF6DFB46}C:\program files (x86)\epson software\event manager\eeventmanager.exe] => (Allow) C:\program files (x86)\epson software\event manager\eeventmanager.exe FirewallRules: [{BC72ABAA-C1B1-412F-B8E4-4C2D23A811AC}] => (Allow) C:\Program Files (x86)\baidu\Spark\Spark.exe FirewallRules: [{84E22D8C-F9F7-4AD0-A58E-A8F89A68F030}] => (Allow) C:\Program Files (x86)\baidu\Spark\Spark.exe FirewallRules: [{F3915A82-534E-463E-9114-28FAC29ED822}] => (Allow) C:\Program Files (x86)\baidu\Spark\bdtray.exe FirewallRules: [{0E338550-EEF3-4AB3-8171-D064FB34EAE5}] => (Allow) C:\Program Files (x86)\baidu\Spark\bdtray.exe FirewallRules: [{38543248-C44F-46F7-8168-3659F2252208}] => (Allow) D:\steam\Steam.exe FirewallRules: [{7AE871DD-590F-4214-9F2B-757DCB344E27}] => (Allow) D:\steam\Steam.exe FirewallRules: [{32093C4D-077A-49A1-BA88-8E8E9533B1FC}] => (Allow) D:\steam\SteamApps\common\Half-Life\hl.exe FirewallRules: [{70C5198B-28AC-4FCD-B758-5B8CB636D463}] => (Allow) D:\steam\SteamApps\common\Half-Life\hl.exe FirewallRules: [{EC247004-0110-45AB-B81C-F7A680228D05}] => (Allow) D:\Program files\steam\Steam.exe FirewallRules: [{05D28613-7E14-477E-8257-17025D8B7120}] => (Allow) D:\Program files\steam\Steam.exe FirewallRules: [{4DCB0A03-4225-4629-ACED-5598181E0CA1}] => (Allow) C:\Program Files (x86)\Origin Games\The Sims 2 Ultimate Collection\Fun with Pets\SP9\TSBin\Sims2EP9.exe FirewallRules: [{83BC05AF-C608-4C6D-A498-EC49C84FECEC}] => (Allow) C:\Program Files (x86)\Origin Games\The Sims 2 Ultimate Collection\Fun with Pets\SP9\TSBin\Sims2EP9.exe ==================== Faulty Device Manager Devices ============= Name: avast! Firewall NDIS Filter Miniport Description: avast! Firewall NDIS Filter Miniport Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318} Manufacturer: ALWIL Software Service: aswNdis Problem: : Windows cannot start this hardware device because its configuration information (in the registry) is incomplete or damaged. (Code 19) Resolution: A registry problem was detected. This can occur when more than one service is defined for a device, if there is a failure opening the service subkey, or if the driver name cannot be obtained from the service subkey. Try these options: On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard. Click "Uninstall", and then click "Scan for hardware changes" to load a usable driver. ==================== Event log errors: ========================= Application errors: ================== Error: (07/10/2015 11:26:45 AM) (Source: Application Error) (EventID: 1000) (User: ) Description: Nazwa aplikacji powodującej błąd: Explorer.EXE, wersja: 6.1.7601.17567, sygnatura czasowa: 0x4d672ee4 Nazwa modułu powodującego błąd: unknown, wersja: 0.0.0.0, sygnatura czasowa: 0x00000000 Kod wyjątku: 0xc000041d Przesunięcie błędu: 0x0000000004e40fd8 Identyfikator procesu powodującego błąd: 0x1b18 Godzina uruchomienia aplikacji powodującej błąd: 0xExplorer.EXE0 Ścieżka aplikacji powodującej błąd: Explorer.EXE1 Ścieżka modułu powodującego błąd: Explorer.EXE2 Identyfikator raportu: Explorer.EXE3 Error: (07/10/2015 11:26:42 AM) (Source: Application Error) (EventID: 1000) (User: ) Description: Nazwa aplikacji powodującej błąd: Explorer.EXE, wersja: 6.1.7601.17567, sygnatura czasowa: 0x4d672ee4 Nazwa modułu powodującego błąd: unknown, wersja: 0.0.0.0, sygnatura czasowa: 0x00000000 Kod wyjątku: 0xc0000005 Przesunięcie błędu: 0x0000000004e40fd8 Identyfikator procesu powodującego błąd: 0x1b18 Godzina uruchomienia aplikacji powodującej błąd: 0xExplorer.EXE0 Ścieżka aplikacji powodującej błąd: Explorer.EXE1 Ścieżka modułu powodującego błąd: Explorer.EXE2 Identyfikator raportu: Explorer.EXE3 Error: (07/10/2015 11:25:18 AM) (Source: Application Error) (EventID: 1000) (User: ) Description: Nazwa aplikacji powodującej błąd: Explorer.EXE, wersja: 6.1.7601.17567, sygnatura czasowa: 0x4d672ee4 Nazwa modułu powodującego błąd: unknown, wersja: 0.0.0.0, sygnatura czasowa: 0x00000000 Kod wyjątku: 0xc0000005 Przesunięcie błędu: 0x0000000007dd0fd8 Identyfikator procesu powodującego błąd: 0x1a20 Godzina uruchomienia aplikacji powodującej błąd: 0xExplorer.EXE0 Ścieżka aplikacji powodującej błąd: Explorer.EXE1 Ścieżka modułu powodującego błąd: Explorer.EXE2 Identyfikator raportu: Explorer.EXE3 Error: (07/10/2015 11:18:04 AM) (Source: Application Error) (EventID: 1000) (User: ) Description: Nazwa aplikacji powodującej błąd: Explorer.EXE, wersja: 6.1.7601.17567, sygnatura czasowa: 0x4d672ee4 Nazwa modułu powodującego błąd: unknown, wersja: 0.0.0.0, sygnatura czasowa: 0x00000000 Kod wyjątku: 0xc0000005 Przesunięcie błędu: 0x0000000006660fd8 Identyfikator procesu powodującego błąd: 0x99c Godzina uruchomienia aplikacji powodującej błąd: 0xExplorer.EXE0 Ścieżka aplikacji powodującej błąd: Explorer.EXE1 Ścieżka modułu powodującego błąd: Explorer.EXE2 Identyfikator raportu: Explorer.EXE3 Error: (07/08/2015 08:16:01 PM) (Source: AdvancedSystemCareService8) (EventID: 0) (User: ) Description: Nieprawidłowe dojście Error: (07/08/2015 08:16:01 PM) (Source: AdvancedSystemCareService8) (EventID: 0) (User: ) Description: Nieprawidłowe dojście Error: (07/06/2015 11:20:00 PM) (Source: AdvancedSystemCareService8) (EventID: 0) (User: ) Description: Nieprawidłowe dojście Error: (07/06/2015 11:20:00 PM) (Source: AdvancedSystemCareService8) (EventID: 0) (User: ) Description: Nieprawidłowe dojście Error: (07/04/2015 09:14:47 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Nazwa aplikacji powodującej błąd: IEXPLORE.EXE, wersja: 11.0.9600.17840, sygnatura czasowa: 0x555fe1bb Nazwa modułu powodującego błąd: ASCPLU~1.DLL_unloaded, wersja: 0.0.0.0, sygnatura czasowa: 0x551b7fc0 Kod wyjątku: 0xc000041d Przesunięcie błędu: 0x04cfad3c Identyfikator procesu powodującego błąd: 0xd18 Godzina uruchomienia aplikacji powodującej błąd: 0xIEXPLORE.EXE0 Ścieżka aplikacji powodującej błąd: IEXPLORE.EXE1 Ścieżka modułu powodującego błąd: IEXPLORE.EXE2 Identyfikator raportu: IEXPLORE.EXE3 Error: (07/04/2015 09:14:44 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Nazwa aplikacji powodującej błąd: IEXPLORE.EXE, wersja: 11.0.9600.17840, sygnatura czasowa: 0x555fe1bb Nazwa modułu powodującego błąd: ASCPLU~1.DLL_unloaded, wersja: 0.0.0.0, sygnatura czasowa: 0x551b7fc0 Kod wyjątku: 0xc0000005 Przesunięcie błędu: 0x04cfad3c Identyfikator procesu powodującego błąd: 0xd18 Godzina uruchomienia aplikacji powodującej błąd: 0xIEXPLORE.EXE0 Ścieżka aplikacji powodującej błąd: IEXPLORE.EXE1 Ścieżka modułu powodującego błąd: IEXPLORE.EXE2 Identyfikator raportu: IEXPLORE.EXE3 System errors: ============= Error: (07/10/2015 10:32:59 AM) (Source: Disk) (EventID: 11) (User: ) Description: Sterownik wykrył błąd kontrolera na \Device\Harddisk1\DR2. Error: (07/10/2015 10:32:58 AM) (Source: Disk) (EventID: 11) (User: ) Description: Sterownik wykrył błąd kontrolera na \Device\Harddisk1\DR2. Error: (07/10/2015 10:32:58 AM) (Source: Disk) (EventID: 11) (User: ) Description: Sterownik wykrył błąd kontrolera na \Device\Harddisk1\DR2. Error: (07/10/2015 10:32:57 AM) (Source: Disk) (EventID: 11) (User: ) Description: Sterownik wykrył błąd kontrolera na \Device\Harddisk1\DR2. Error: (07/10/2015 10:32:57 AM) (Source: Disk) (EventID: 11) (User: ) Description: Sterownik wykrył błąd kontrolera na \Device\Harddisk1\DR2. Error: (07/10/2015 10:32:39 AM) (Source: Disk) (EventID: 11) (User: ) Description: Sterownik wykrył błąd kontrolera na \Device\Harddisk1\DR2. Error: (07/10/2015 08:28:40 AM) (Source: WMPNetworkSvc) (EventID: 14332) (User: ) Description: WMPNetworkSvc0x80004005 Error: (07/10/2015 08:27:03 AM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Nie można uruchomić usługi Wpm Service z powodu następującego błędu: %%3 Error: (07/10/2015 08:27:03 AM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Nie można uruchomić usługi WinZiper service z powodu następującego błędu: %%3 Error: (07/10/2015 08:27:03 AM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Nie można uruchomić usługi IePlugin Services z powodu następującego błędu: %%3 Microsoft Office: ========================= Error: (07/10/2015 11:26:45 AM) (Source: Application Error) (EventID: 1000) (User: ) Description: Explorer.EXE6.1.7601.175674d672ee4unknown0.0.0.000000000c000041d0000000004e40fd81b1801d0baf25bcf8842C:\windows\Explorer.EXEunknownc7739cdb-26e5-11e5-9bab-e02a827a1093 Error: (07/10/2015 11:26:42 AM) (Source: Application Error) (EventID: 1000) (User: ) Description: Explorer.EXE6.1.7601.175674d672ee4unknown0.0.0.000000000c00000050000000004e40fd81b1801d0baf25bcf8842C:\windows\Explorer.EXEunknownc628bd95-26e5-11e5-9bab-e02a827a1093 Error: (07/10/2015 11:25:18 AM) (Source: Application Error) (EventID: 1000) (User: ) Description: Explorer.EXE6.1.7601.175674d672ee4unknown0.0.0.000000000c00000050000000007dd0fd81a2001d0baf15c48cd7dC:\windows\Explorer.EXEunknown94092cc2-26e5-11e5-9bab-e02a827a1093 Error: (07/10/2015 11:18:04 AM) (Source: Application Error) (EventID: 1000) (User: ) Description: Explorer.EXE6.1.7601.175674d672ee4unknown0.0.0.000000000c00000050000000006660fd899c01d0bad974c61159C:\windows\Explorer.EXEunknown917a7163-26e4-11e5-9bab-e02a827a1093 Error: (07/08/2015 08:16:01 PM) (Source: AdvancedSystemCareService8) (EventID: 0) (User: ) Description: Nieprawidłowe dojście Error: (07/08/2015 08:16:01 PM) (Source: AdvancedSystemCareService8) (EventID: 0) (User: ) Description: Nieprawidłowe dojście Error: (07/06/2015 11:20:00 PM) (Source: AdvancedSystemCareService8) (EventID: 0) (User: ) Description: Nieprawidłowe dojście Error: (07/06/2015 11:20:00 PM) (Source: AdvancedSystemCareService8) (EventID: 0) (User: ) Description: Nieprawidłowe dojście Error: (07/04/2015 09:14:47 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: IEXPLORE.EXE11.0.9600.17840555fe1bbASCPLU~1.DLL_unloaded0.0.0.0551b7fc0c000041d04cfad3cd1801d0b639227aaf10C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXEASCPLU~1.DLLef3042aa-2280-11e5-9b54-64315005485f Error: (07/04/2015 09:14:44 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: IEXPLORE.EXE11.0.9600.17840555fe1bbASCPLU~1.DLL_unloaded0.0.0.0551b7fc0c000000504cfad3cd1801d0b639227aaf10C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXEASCPLU~1.DLLed6e5e96-2280-11e5-9b54-64315005485f ==================== Memory info =========================== Processor: Intel(R) Pentium(R) CPU P6200 @ 2.13GHz Percentage of memory in use: 69% Total physical RAM: 2927.43 MB Available physical RAM: 880.73 MB Total Virtual: 5853.07 MB Available Virtual: 3260.14 MB ==================== Drives ================================ Drive c: () (Fixed) (Total:280.8 GB) (Free:166.56 GB) NTFS ==>[System with boot components (obtained from reading drive)] Drive d: (TOSHIBA) (Removable) (Total:14.43 GB) (Free:13.25 GB) FAT32 Drive e: (HP_TOOLS) (Fixed) (Total:1.99 GB) (Free:1.48 GB) FAT32 Drive g: () (Removable) (Total:29.98 GB) (Free:29.6 GB) FAT32 Drive h: (KINGSTON) (Removable) (Total:14.78 GB) (Free:0.23 GB) FAT32 ==================== MBR & Partition Table ================== ======================================================== Disk: 0 (MBR Code: Windows 7 or 8) (Size: 298.1 GB) (Disk ID: DD43A43B) Partition 1: (Active) - (Size=300 MB) - (Type=07 NTFS) Partition 2: (Not Active) - (Size=280.8 GB) - (Type=07 NTFS) Partition 3: (Not Active) - (Size=15 GB) - (Type=07 NTFS) Partition 4: (Not Active) - (Size=2 GB) - (Type=0C) ======================================================== Disk: 1 (Size: 14.4 GB) (Disk ID: 4DA14CE3) Partition 1: (Not Active) - (Size=14.4 GB) - (Type=0B) ======================================================== Disk: 2 (Size: 30 GB) (Disk ID: 00000000) Partition: GPT Partition Type. ======================================================== Disk: 3 (MBR Code: Windows XP) (Size: 14.8 GB) (Disk ID: C3072E18) Partition 1: (Not Active) - (Size=14.8 GB) - (Type=0C) ==================== End of log ============================