Additional scan result of Farbar Recovery Scan Tool (x86) Version:12-08-2015 Ran by Michał (2015-08-13 16:09:19) Running from C:\Users\Michał\Downloads Boot Mode: Normal ========================================================== ==================== Accounts: ============================= Administrator (S-1-5-21-716823362-3114543324-878493675-500 - Administrator - Disabled) Gość (S-1-5-21-716823362-3114543324-878493675-501 - Limited - Disabled) Michał (S-1-5-21-716823362-3114543324-878493675-1000 - Administrator - Enabled) => C:\Users\Michał ==================== Security Center ======================== (If an entry is included in the fixlist, it will be removed.) AV: ESET Smart Security 8.0 (Enabled - Up to date) {19259FAE-8396-A113-46DB-15B0E7DFA289} AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: ESET Smart Security 8.0 (Enabled - Up to date) {A2447E4A-A5AC-AE9D-7C6B-2EC29C58E834} FW: Zapora osobista ESET (Enabled) {211E1E8B-C9F9-A04B-6D84-BC85190CE5F2} ==================== Installed Programs ====================== (Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.) µTorrent (HKU\S-1-5-21-716823362-3114543324-878493675-1000\...\uTorrent) (Version: 3.4.3.40760 - BitTorrent Inc.) 32 Bit HP CIO Components Installer (Version: 7.1.8 - Hewlett-Packard) Hidden 7-Zip 9.22beta (HKLM\...\7-Zip) (Version: - ) AC3Filter 2.6.0b (HKLM\...\AC3Filter_is1) (Version: 2.6.0b - Alexander Vigovsky) Adobe AIR (HKLM\...\Adobe AIR) (Version: 18.0.0.180 - Adobe Systems Incorporated) Adobe Flash Player 18 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 18.0.0.232 - Adobe Systems Incorporated) Adobe Flash Player 18 NPAPI (HKLM\...\Adobe Flash Player NPAPI) (Version: 18.0.0.232 - Adobe Systems Incorporated) Adobe Reader XI (11.0.08) - Polish (HKLM\...\{AC76BA86-7AD7-1045-7B44-AB0000000001}) (Version: 11.0.08 - Adobe Systems Incorporated) Aktualizacje NVIDIA 10.11.15 (Version: 10.11.15 - NVIDIA Corporation) Hidden Ashampoo Burning Studio 2015 v.1.15.0 (HKLM\...\{91B33C97-21E3-DF34-9630-2EE80DDE1648}_is1) (Version: 1.15.0 - Ashampoo GmbH & Co. KG) Ashampoo Photo Commander 11 v.11.1.5 (HKLM\...\{C92AB6F1-0F9C-8526-5DF1-0A2FD0FB33D9}_is1) (Version: 11.1.5 - Ashampoo GmbH & Co. KG) Bass Audio Decoder (remove only) (HKLM\...\Bass Audio Decoder) (Version: - ) BufferChm (Version: 110.0.180.000 - Hewlett-Packard) Hidden Cards_Calendar_OrderGift_DoMorePlugout (Version: 2.03.0000 - Hewlett-Packard) Hidden CD Audio Reader Filter (remove only) (HKLM\...\CD Audio Reader Filter) (Version: - ) Copy (Version: 110.0.180.000 - Hewlett-Packard) Hidden CustomerResearchQFolder (Version: 1.00.0000 - Hewlett-Packard) Hidden D3DX10 (Version: 15.4.2368.0902 - Microsoft) Hidden DCoder Image Source (remove only) (HKLM\...\DCoder Image Source) (Version: - ) Destination Component (Version: 110.0.0.0 - Hewlett-Packard) Hidden DeviceDiscovery (Version: 110.0.180.000 - Hewlett-Packard) Hidden DeviceManagementQFolder (Version: 1.00.0000 - Hewlett-Packard) Hidden DirectVobSub (remove only) (HKLM\...\DirectVobSub) (Version: - ) DJ_AIO_04_F735_ProductContext (Version: 110.0.197.000 - Hewlett-Packard) Hidden DJ_AIO_04_F735_Software (Version: 110.0.197.000 - Hewlett-Packard) Hidden DJ_AIO_04_F735_Software_Min (Version: 110.0.197.000 - Hewlett-Packard) Hidden Driver Booster 2.4 (HKLM\...\Driver Booster_is1) (Version: 2.4 - IObit) DScaler 5 Mpeg Decoders (HKLM\...\DScaler 5 Mpeg Decoders_is1) (Version: - ) e-Deklaracje Desktop (HKLM\...\e-Deklaracje.A1909296681C7ACEFE45687D3A64758C8659BF46.1) (Version: 7.0.1 - Ministerstwo Finansow) e-Deklaracje Desktop (Version: 7.0.1 - Ministerstwo Finansow) Hidden ESET Smart Security (HKLM\...\{089E11D4-D4B0-4515-9CF7-7076BE15FC68}) (Version: 8.0.312.4 - ESET, spol s r. o.) eSupportQFolder (Version: 1.00.0000 - Hewlett-Packard) Hidden F735 (Version: 110.0.197.000 - Nazwa firmy) Hidden F735_Help (Version: 110.0.197.000 - Hewlett-Packard) Hidden ffdshow v1.3.4530 [2014-02-09] (HKLM\...\ffdshow_is1) (Version: 1.3.4530.0 - ) FFMPEG Core Files (remove only) (HKLM\...\FFMPEG Core Files) (Version: - ) Formant ActiveX programu Windows Live Mesh odpowiedzialny za obsługę połączeń zdalnych (HKLM\...\{B04A0E2F-1E4C-4E61-B18E-3B2BD6779CA7}) (Version: 15.4.5722.2 - Microsoft Corporation) Gabest MPEG Splitter (remove only) (HKLM\...\Gabest MPEG Splitter) (Version: - ) Galeria fotografii usługi Windows Live (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden GG (HKU\S-1-5-21-716823362-3114543324-878493675-1000\...\GG) (Version: 12 - GG Network S.A.) Google Chrome (HKLM\...\Google Chrome) (Version: 44.0.2403.130 - Google Inc.) Google Update Helper (Version: 1.3.25.11 - Google Inc.) Hidden Google Update Helper (Version: 1.3.28.1 - Google Inc.) Hidden GPBaseService (Version: 110.0.180.000 - Hewlett-Packard) Hidden HP Update (HKLM\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard) HPProductAssistant (Version: 110.0.180.000 - Hewlett-Packard) Hidden Java 8 Update 51 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83218051F0}) (Version: 8.0.510 - Oracle Corporation) Junk Mail filter update (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden K-Lite Codec Pack 10.4.5 Basic (HKLM\...\KLiteCodecPack_is1) (Version: 10.4.5 - ) LAV Filters 0.62.0 (HKLM\...\lavfilters_is1) (Version: 0.62.0 - Hendrik Leppkes) MadVR (remove only) (HKLM\...\MadVR) (Version: - ) Malwarebytes Anti-Malware wersja 2.1.8.1057 (HKLM\...\Malwarebytes Anti-Malware_is1) (Version: 2.1.8.1057 - Malwarebytes Corporation) MarketResearch (Version: 110.0.180.000 - Hewlett-Packard) Hidden Mesh Runtime (Version: 15.4.5722.2 - Microsoft Corporation) Hidden Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation) Microsoft .NET Framework 4.5.2 (Polski) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1045) (Version: 4.5.51209 - Microsoft Corporation) Microsoft Office 2007 Service Pack 3 (SP3) (HKLM\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft) Microsoft Office File Validation Add-In (HKLM\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation) Microsoft Office Home and Student 2007 (HKLM\...\HOMESTUDENTR) (Version: 12.0.6612.1000 - Microsoft Corporation) Microsoft Office Word Viewer 2003 (HKLM\...\{90850415-6000-11D3-8CFE-0150048383C9}) (Version: 11.0.8173.0 - Microsoft Corporation) Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.40728.0 - Microsoft Corporation) Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation) MSXML 4.0 SP2 (KB927978) (HKLM\...\{37477865-A3F1-4772-AD43-AAFC6BCFF99F}) (Version: 4.20.9841.0 - Microsoft Corporation) MSXML 4.0 SP2 (KB954430) (HKLM\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation) MSXML 4.0 SP2 (KB973688) (HKLM\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation) MSXML 4.0 SP2 Parser and SDK (HKLM\...\{716E0306-8318-4364-8B8F-0CC4E9376BAC}) (Version: 4.20.9818.0 - Microsoft Corporation) NVIDIA GeForce Experience 1.8.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 1.8.1 - NVIDIA Corporation) NVIDIA PhysX (HKLM\...\{B455E95A-B804-439F-B533-336B1635AE97}) (Version: 9.14.0702 - NVIDIA Corporation) NVIDIA Sterownik kontrolera 3D Vision 332.21 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 332.21 - NVIDIA Corporation) OpenSource AVI Splitter (remove only) (HKLM\...\OpenSource AVI Splitter) (Version: - ) OpenSource DTS/AC3/DD+ Source Filter (remove only) (HKLM\...\OpenSource DTS/AC3/DD+ Source Filter) (Version: - ) OpenSource Flash Video Splitter (remove only) (HKLM\...\OpenSource Flash Video Splitter) (Version: - ) Origin (HKLM\...\Origin) (Version: 9.4.11.2806 - Electronic Arts, Inc.) Panel sterowania NVIDIA 341.44 (Version: 341.44 - NVIDIA Corporation) Hidden PlayReady PC Runtime x86 (HKLM\...\{CCA5EAAD-92F4-4B7A-B5EE-14294C66AB61}) (Version: 1.3.0 - Microsoft Corporation) Poczta usługi Windows Live (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Podstawowe programy Windows Live (HKLM\...\WinLiveSuite) (Version: 15.4.3555.0308 - Microsoft Corporation) Podstawowe programy Windows Live (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Pomocnik Messenger (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden PrivaZer (HKLM\...\PrivaZer) (Version: 2.32.0.0 - Goversoft LLC) Process Lasso (HKLM\...\ProcessLasso) (Version: 6.6.1.0 - Bitsum) PSSWCORE (Version: 2.03.0000 - Hewlett-Packard) Hidden Realtek 8169, 8168, 8101E and 8102E Ethernet Network Card Driver for Windows Vista (HKLM\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 1.00.0000 - Realtek) Realtek High Definition Audio Driver (HKLM\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7541 - Realtek Semiconductor Corp.) Revo Uninstaller Pro 3.1.2 (HKLM\...\Revo Uninstaller Pro PREACTIVATED by .:sHaRe:. @~1067B756_is1) (Version: 3.1.2 - VS Revo Group, Ltd.) Scan (Version: 11.0.0.0 - Hewlett-Packard) Hidden Segoe UI (Version: 15.4.2271.0615 - Microsoft Corp) Hidden Skype™ 7.3 (HKLM\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.3.101 - Skype Technologies S.A.) SmartWebPrinting (Version: 110.0.182.000 - Hewlett-Packard) Hidden SolutionCenter (Version: 110.0.180.000 - Hewlett-Packard) Hidden Start Menu X wersja 5.29 (HKLM\...\{3E494002-985C-4908-B72C-5B4DD15BE090}_is1) (Version: 5.29 - OrdinarySoft) Status (Version: 110.0.180.000 - Hewlett-Packard) Hidden TeamViewer 10 (HKLM\...\TeamViewer) (Version: 10.0.45862 - TeamViewer) The Sims™ 4 (HKLM\...\{48EBEBBF-B9F8-4520-A3CF-89A730721917}) (Version: 1.10.57.1020 - Electronic Arts Inc.) Toolbox (Version: 110.0.180.000 - Hewlett-Packard) Hidden TP-LINK USB Printer Controller (HKLM\...\{3EC900B5-28EE-4472-A9FF-B11A879EC838}) (Version: 1.12.0927 - TP-LINK) TrayApp (Version: 110.0.180.000 - Hewlett-Packard) Hidden TuneUp Utilities Language Pack (pl-PL) (Version: 12.0.3600.188 - TuneUp Software) Hidden UnloadSupport (Version: 11.0.0 - Hewlett-Packard) Hidden Update for 2007 Microsoft Office System (KB967642) (HKLM\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft) VC80CRTRedist - 8.0.50727.6195 (Version: 1.2.0 - DivX, Inc) Hidden VideoToolkit01 (Version: 110.0.171.000 - Hewlett-Packard) Hidden Visual Studio 2012 x86 Redistributables (HKLM\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.) WebReg (Version: 110.0.180.000 - Hewlett-Packard) Hidden Winamp (HKLM\...\Winamp) (Version: 5.666 - Nullsoft, Inc) Windows Driver Package - Intel hdc (07/25/2013 9.1.9.1005) (HKLM\...\0AB4E7B45FBEB7D4C4155D1E8A70EEF4945B1BE9) (Version: 07/25/2013 9.1.9.1005 - Intel) Windows Driver Package - Intel System (07/25/2013 9.1.9.1005) (HKLM\...\55FC653506E73D0EF241309C7F5E3A6366568BC1) (Version: 07/25/2013 9.1.9.1005 - Intel) Windows Driver Package - Intel System (07/25/2013 9.1.9.1005) (HKLM\...\DC62CB66B4CD4497AEA49E99833B1C03F73BC8AC) (Version: 07/25/2013 9.1.9.1005 - Intel) Windows Driver Package - Intel USB (07/31/2013 9.1.9.1006) (HKLM\...\A3F7AD39265BEEC1CC0F1541DC760F6A672AAB94) (Version: 07/31/2013 9.1.9.1006 - Intel) Windows Driver Package - Realtek Net (06/25/2007 6.195.0625.2007) (HKLM\...\313A33572B81AFBC6F7709122499AC1A31186839) (Version: 06/25/2007 6.195.0625.2007 - Realtek) Windows Driver Package - Realtek Semiconductor Corp. HD Audio Driver (10/30/2012 6.0.1.6767) (HKLM\...\A0EB98A971A76CB1082522EA21CE92D408357BD2) (Version: 10/30/2012 6.0.1.6767 - Realtek Semiconductor Corp.) YoWindow (HKLM\...\yowindow) (Version: 3 - RepkaSoft) Zoom Player (remove only) (HKLM\...\ZoomPlayer) (Version: - ) Zoom Player Polish language (remove only) (HKLM\...\ZoomPlayer_Polish) (Version: - ) ==================== Custom CLSID (Whitelisted): ========================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) CustomCLSID: HKU\S-1-5-21-716823362-3114543324-878493675-1000_Classes\CLSID\{E68D0A55-3C40-4712-B90D-DCFA93FF2534}\InprocServer32 -> C:\Users\Michał\AppData\Roaming\GG\ggdrive\ggdrive-menu.dll (GG Network S.A.) ==================== Restore Points ========================= 16-07-2015 23:23:22 Zainstalowano ESET Smart Security 17-07-2015 16:03:25 Zaplanowany punkt kontrolny 20-07-2015 16:50:23 Installed TP-LINK USB Printer Controller. 20-07-2015 16:51:05 Instalacja pakietu sterownika urządzenia: TP-LINK Corporation Kontrolery uniwersalnej magistrali szeregowej 22-07-2015 22:43:03 Revo Uninstaller Pro's restore point - AVG PC TuneUp 2015 22-07-2015 22:44:14 Usunięto: AVG PC TuneUp 2015 22-07-2015 22:47:08 Usunięto: AVG PC TuneUp 2015 (pl-PL) 22-07-2015 22:49:03 Revo Uninstaller Pro's restore point - FormatFactory 3.6.0.0 23-07-2015 16:01:18 Zaplanowany punkt kontrolny 24-07-2015 20:43:35 Driver Booster : Microsoft Visual C++ 2012 Redistributable (x86) 24-07-2015 20:46:37 Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 24-07-2015 22:07:34 Windows Update 27-07-2015 20:18:24 Zaplanowany punkt kontrolny 28-07-2015 15:54:12 Zaplanowany punkt kontrolny 29-07-2015 14:54:23 Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 30-07-2015 16:08:40 Zaplanowany punkt kontrolny 31-07-2015 21:14:39 Zaplanowany punkt kontrolny 04-08-2015 18:03:44 Zaplanowany punkt kontrolny 05-08-2015 17:28:46 Zaplanowany punkt kontrolny 06-08-2015 22:39:27 Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 08-08-2015 11:49:48 Zaplanowany punkt kontrolny 09-08-2015 20:53:45 Zaplanowany punkt kontrolny 10-08-2015 16:35:27 Zaplanowany punkt kontrolny 11-08-2015 16:13:06 Zaplanowany punkt kontrolny 12-08-2015 15:32:29 Windows Update 12-08-2015 17:48:56 Removed Adobe Reader XI (11.0.08) - Polish. 12-08-2015 17:53:29 Removed Browser Configuration Utility 12-08-2015 17:56:03 Removed Java 7 Update 72 12-08-2015 18:01:21 Installed Adobe Reader XI - Polish. ==================== Hosts content: ========================== (If needed Hosts: directive could be included in the fixlist to reset Hosts.) 2006-11-02 12:23 - 2014-12-26 00:14 - 00000832 ____N C:\Windows\system32\Drivers\etc\hosts 127.0.0.1 localhost 127.0.0.1 www.google-analytics.com 127.0.0.1 google-analytics.com ==================== Scheduled Tasks (Whitelisted) ============= (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) Task: {04D99959-FD11-42D5-B7C5-853A1E6BCB16} - System32\Tasks\Microsoft\Windows\RestartManager\{C75F8A53-DCE9-4786-B9CC-AAE749AF1DB6} => C:\Windows\system32\rmclient.exe [2006-11-02] (Microsoft Corporation) Task: {1C0C5F42-521D-4C09-B4E5-50B22EAE2241} - System32\Tasks\Norton Identity Safe\Norton Error Analyzer => C:\Program Files\Norton Identity Safe\Engine\2014.7.6.15\SymErr.exe Task: {333D72F9-F8CB-4FE7-908E-B12CCC9659CD} - System32\Tasks\Java Platform SE Auto Updater => C:\Program Files\Common Files\Java\Java Update\jusched.exe [2015-06-08] (Oracle Corporation) Task: {4D3DFE41-54B6-45AE-9675-F1CCB2C4531F} - System32\Tasks\Driver Booster SkipUAC (Michał) => C:\Program Files\IObit\Driver Booster\DriverBooster.exe [2015-07-06] (IObit) Task: {4F8F9FD8-4E3C-48E8-A3C8-E3776461AEEE} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2015-08-12] (Adobe Systems Incorporated) Task: {69AF9C48-5561-459E-8591-586B8E3D0638} - System32\Tasks\Driver Booster Update => C:\Program Files\IObit\Driver Booster\AutoUpdate.exe [2015-07-06] (IObit) Task: {6C11D6FC-7DD6-4363-AA33-7D8D10ACCF7E} - System32\Tasks\Process Lasso Management Console (GUI) => C:\Program Files\Process Lasso\processlasso.exe [2015-07-31] (Bitsum LLC) Task: {7513D518-6515-4584-B9F4-DA9F145A5353} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2015-07-15] (Google Inc.) Task: {7781B83D-68D5-4EE4-935A-3A725BAE7037} - System32\Tasks\uTorrent => C:\Users\Michał\AppData\Roaming\uTorrent\uTorrent.exe [2015-08-02] (BitTorrent Inc.) Task: {7F1A576D-871B-4905-BD50-FFD7778A57E7} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2015-07-15] (Google Inc.) Task: {95904F61-F0EA-4D69-ACFA-8AFEC9B1DBEC} - System32\Tasks\YoWindow => C:\Program Files\YoWindow\yowindow.exe [2015-05-06] (Repkasoft) Task: {96DCD6B9-0A05-4189-9822-BAC9FC844A5F} - System32\Tasks\Ad Muncher => C:\Program Files\Ad Muncher\AdMunch.exe Task: {9913D792-520E-46FA-8536-69EA4FD1C277} - System32\Tasks\Process Lasso Core Engine Only => C:\Program Files\Process Lasso\processgovernor.exe [2015-07-31] (Bitsum LLC) Task: {A4684FE6-451F-4C4E-882E-F51EED00F747} - System32\Tasks\Driver Booster Scan => C:\Program Files\IObit\Driver Booster\Scheduler.exe [2015-07-06] (IObit) (If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.) Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe ==================== Loaded Modules (Whitelisted) ============== 2015-06-17 16:01 - 2015-06-17 16:01 - 03715648 _____ () C:\Users\Michał\AppData\Local\GG\Application\xulrunner\mozjs.dll 2015-06-17 16:01 - 2015-06-17 16:01 - 00122432 _____ () C:\Users\Michał\AppData\Local\GG\Application\ggdrive\ZLIB1.dll 2015-07-18 14:06 - 2015-07-26 12:36 - 01007104 _____ () C:\Program Files\Origin\platforms\qwindows.dll 2014-09-28 18:36 - 2015-07-26 12:36 - 00023552 _____ () C:\Program Files\Origin\imageformats\qgif.dll 2014-09-28 18:36 - 2015-07-26 12:36 - 00024576 _____ () C:\Program Files\Origin\imageformats\qico.dll 2014-09-28 18:36 - 2015-07-26 12:36 - 00216576 _____ () C:\Program Files\Origin\imageformats\qjpeg.dll 2014-09-28 18:36 - 2015-07-26 12:36 - 00261120 _____ () C:\Program Files\Origin\imageformats\qmng.dll 2014-09-28 18:36 - 2015-07-26 12:36 - 00019456 _____ () C:\Program Files\Origin\imageformats\qtga.dll 2014-09-28 18:36 - 2015-07-26 12:36 - 00337408 _____ () C:\Program Files\Origin\imageformats\qtiff.dll 2014-09-28 18:36 - 2015-07-26 12:36 - 00018944 _____ () C:\Program Files\Origin\imageformats\qwbmp.dll ==================== Alternate Data Streams (Whitelisted) ========= (If an entry is included in the fixlist, only the ADS will be removed.) AlternateDataStreams: C:\ProgramData\TEMP:1CE11B51 ==================== Safe Mode (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" value will be restored.) ==================== EXE Association (Whitelisted) =============== (If an entry is included in the fixlist, the registry item will be restored to default or removed.) ==================== Internet Explorer trusted/restricted =============== (If an entry is included in the fixlist, it will be removed from the registry.) IE restricted site: HKU\S-1-5-21-716823362-3114543324-878493675-1000\...\007guard.com -> install.007guard.com IE restricted site: HKU\S-1-5-21-716823362-3114543324-878493675-1000\...\008i.com -> 008i.com IE restricted site: HKU\S-1-5-21-716823362-3114543324-878493675-1000\...\008k.com -> www.008k.com IE restricted site: HKU\S-1-5-21-716823362-3114543324-878493675-1000\...\00hq.com -> www.00hq.com IE restricted site: HKU\S-1-5-21-716823362-3114543324-878493675-1000\...\010402.com -> 010402.com IE restricted site: HKU\S-1-5-21-716823362-3114543324-878493675-1000\...\0190-dialers.com -> 0190-dialers.com IE restricted site: HKU\S-1-5-21-716823362-3114543324-878493675-1000\...\01i.info -> 01i.info IE restricted site: HKU\S-1-5-21-716823362-3114543324-878493675-1000\...\02pmnzy5eo29bfk4.com -> 02pmnzy5eo29bfk4.com IE restricted site: HKU\S-1-5-21-716823362-3114543324-878493675-1000\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com IE restricted site: HKU\S-1-5-21-716823362-3114543324-878493675-1000\...\05p.com -> 05p.com IE restricted site: HKU\S-1-5-21-716823362-3114543324-878493675-1000\...\07ic5do2myz3vzpk.com -> 07ic5do2myz3vzpk.com IE restricted site: HKU\S-1-5-21-716823362-3114543324-878493675-1000\...\08nigbmwk43i01y6.com -> 08nigbmwk43i01y6.com IE restricted site: HKU\S-1-5-21-716823362-3114543324-878493675-1000\...\093qpeuqpmz6ebfa.com -> 093qpeuqpmz6ebfa.com IE restricted site: HKU\S-1-5-21-716823362-3114543324-878493675-1000\...\0calories.net -> 0calories.net IE restricted site: HKU\S-1-5-21-716823362-3114543324-878493675-1000\...\0cj.net -> 0cj.net IE restricted site: HKU\S-1-5-21-716823362-3114543324-878493675-1000\...\0scan.com -> www.0scan.com IE restricted site: HKU\S-1-5-21-716823362-3114543324-878493675-1000\...\1-2005-search.com -> www.1-2005-search.com IE restricted site: HKU\S-1-5-21-716823362-3114543324-878493675-1000\...\1-britney-spears-nude.com -> 1-britney-spears-nude.com IE restricted site: HKU\S-1-5-21-716823362-3114543324-878493675-1000\...\1-domains-registrations.com -> www.1-domains-registrations.com IE restricted site: HKU\S-1-5-21-716823362-3114543324-878493675-1000\...\1-se.com -> 1-se.com There are 11403 more restricted sites. ==================== Other Areas ============================ (Currently there is no automatic fix for this section.) HKU\S-1-5-21-716823362-3114543324-878493675-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Michał\AppData\Roaming\Microsoft\Windows Photo Gallery\Tapeta z Galerii fotografii systemu Windows.jpg DNS Servers: 192.168.1.1 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 2) (ConsentPromptBehaviorUser: 1) (EnableLUA: 1) Windows Firewall is disabled. ==================== MSCONFIG/TASK MANAGER disabled items == (Currently there is no automatic fix for this section.) MSCONFIG\Services: iphlpsvc => 3 ==================== FirewallRules (Whitelisted) =============== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) FirewallRules: [WinCollab-Out-UDP] => (Allow) %ProgramFiles%\Windows Collaboration\WinCollab.exe FirewallRules: [WinCollab-In-UDP] => (Allow) %ProgramFiles%\Windows Collaboration\WinCollab.exe FirewallRules: [WinCollab-Out-TCP] => (Allow) %ProgramFiles%\Windows Collaboration\WinCollab.exe FirewallRules: [WinCollab-In-TCP] => (Allow) %ProgramFiles%\Windows Collaboration\WinCollab.exe FirewallRules: [WinCollab-DFSR-Out-TCP] => (Allow) %SystemRoot%\system32\dfsr.exe FirewallRules: [WinCollab-DFSR-In-TCP] => (Allow) %SystemRoot%\system32\dfsr.exe FirewallRules: [{A2DB09AF-6ED0-4642-934F-EAB59C6FB4D4}] => (Allow) LPort=80 FirewallRules: [{E338010F-A834-4E73-8D9C-0B41582EB4BA}] => (Allow) LPort=80 FirewallRules: [{49154E37-2549-4EA6-BF26-144BF8489450}] => (Allow) LPort=80 FirewallRules: [{AE6788C3-713E-421D-906D-1EBDD5C35ACE}] => (Allow) c:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe FirewallRules: [{785B5607-1F2B-4DC6-B8D7-88150C6D5010}] => (Allow) C:\Program Files\Common Files\HP\Digital Imaging\bin\hpqphotocrm.exe FirewallRules: [{F7EA370E-7695-48C6-BE7D-8555FBF95494}] => (Allow) C:\Program Files\Windows Live\Contacts\wlcomm.exe FirewallRules: [{E6946EF8-2381-44CB-8721-30BD64FAD7A7}] => (Allow) LPort=2869 FirewallRules: [{4F0E380D-EF6E-4CBF-9B12-025A16099252}] => (Allow) LPort=1900 FirewallRules: [{243CF30C-A223-4AE1-95C4-4153E66B45E4}] => (Allow) C:\Program Files\Windows Live\Mesh\MOE.exe FirewallRules: [{7C5B0F23-C628-4557-8E16-F751EF7543C4}] => (Allow) C:\Program Files\NVIDIA Corporation\NetService\NvNetworkService.exe FirewallRules: [{A3A1B9C6-C1D3-4920-8236-14F72A1A692D}] => (Allow) C:\Program Files\NVIDIA Corporation\NetService\NvNetworkService.exe FirewallRules: [{D2793CDA-7C3D-4829-8747-ED3E0BA51638}] => (Allow) C:\Program Files\Winamp\winamp.exe FirewallRules: [{38594BCF-31E3-46E2-A865-545C6B0C66E5}] => (Allow) C:\Program Files\Winamp\winamp.exe FirewallRules: [TCP Query User{1FBFBC61-C3C3-4D2B-B611-12F8E68D3215}C:\program files\java\jre7\bin\javaw.exe] => (Block) C:\program files\java\jre7\bin\javaw.exe FirewallRules: [UDP Query User{5E495989-2C39-4155-9E10-55CB91C12516}C:\program files\java\jre7\bin\javaw.exe] => (Block) C:\program files\java\jre7\bin\javaw.exe FirewallRules: [TCP Query User{4C76151E-FF47-4A70-9D53-F954E5752A7E}C:\program files\java\jre7\bin\javaw.exe] => (Allow) C:\program files\java\jre7\bin\javaw.exe FirewallRules: [UDP Query User{1A466BEC-06EB-40B0-9413-8CA0874AEC5D}C:\program files\java\jre7\bin\javaw.exe] => (Allow) C:\program files\java\jre7\bin\javaw.exe FirewallRules: [{074DC9C4-185B-4DCF-88BA-2A2139CEDE85}] => (Allow) C:\Program Files\TeamViewer\TeamViewer.exe FirewallRules: [{DFEB2AFC-8CF6-4441-9987-5E94D9A19FD9}] => (Allow) C:\Program Files\TeamViewer\TeamViewer.exe FirewallRules: [{702CA6D0-32E3-44A2-BC3B-C68E8DAC00C2}] => (Allow) C:\Program Files\TeamViewer\TeamViewer_Service.exe FirewallRules: [{D0FE6522-F740-47F4-9436-281262DC27C2}] => (Allow) C:\Program Files\TeamViewer\TeamViewer_Service.exe FirewallRules: [{F6F6908B-B419-49BA-85FC-E35A8D8A285F}] => (Allow) C:\Program Files\Maxthon\Bin\MxUp.exe FirewallRules: [{87FC991A-A05A-479D-B0FF-1D9F6646F594}] => (Allow) C:\Program Files\Maxthon\Bin\Maxthon.exe FirewallRules: [{13044903-1593-43CB-9841-8309E2F5AE66}] => (Allow) C:\Program Files\Maxthon\Bin\MxUp.exe FirewallRules: [{DDA8CFF2-D2EA-4B5C-AC57-8DC0852020AD}] => (Allow) C:\Program Files\Maxthon\Bin\Maxthon.exe FirewallRules: [{9181E408-D158-4A98-82B8-D6F30243202F}] => (Allow) C:\Users\Michał\AppData\Roaming\uTorrent\uTorrent.exe FirewallRules: [{9EBB9267-5C86-49EB-9C97-A4CE0F002DD9}] => (Allow) C:\Users\Michał\AppData\Roaming\uTorrent\uTorrent.exe FirewallRules: [{403158B7-20EE-4C52-9C8E-7FDDE4591887}] => (Allow) C:\Program Files\Origin Games\The Sims 4\Game\Bin\TS4.exe FirewallRules: [{3C30E8AC-F1E0-4B09-B7DF-1616D30263C8}] => (Allow) C:\Program Files\Origin Games\The Sims 4\Game\Bin\TS4.exe FirewallRules: [{C098C408-403A-4688-88D4-C8C5E0373E2C}] => (Allow) C:\Program Files\Skype\Phone\Skype.exe FirewallRules: [{B952BB0D-7A5C-450C-A7A5-44291C087AEE}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe FirewallRules: [{1477DB0E-C668-43EF-93B5-5D1A2EC0DB2B}] => (Allow) C:\Program Files\Origin Games\The Sims 4\Game\Bin\TS4.exe FirewallRules: [{623A548B-1520-4930-831A-8AE69F1F73F3}] => (Allow) C:\Program Files\Origin Games\The Sims 4\Game\Bin\TS4.exe FirewallRules: [{AE05B01E-1DE5-4537-B59D-2698879EA6B4}] => (Allow) C:\Program Files\TeamViewer\TeamViewer.exe FirewallRules: [{D06BE1CB-FFF7-4F84-A78F-65C91ABC001C}] => (Allow) C:\Program Files\TeamViewer\TeamViewer.exe FirewallRules: [{8C2B40C3-DF8F-4AAF-8D84-B673A73BECD5}] => (Allow) C:\Program Files\TeamViewer\TeamViewer_Service.exe FirewallRules: [{04F38E06-BA9D-4231-A5C1-680F9F3AF28B}] => (Allow) C:\Program Files\TeamViewer\TeamViewer_Service.exe ==================== Faulty Device Manager Devices ============= Name: isatap.home Description: Karta Microsoft ISATAP Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318} Manufacturer: Microsoft Service: tunnel Problem: : This device cannot start. (Code10) Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device. On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard. Name: Karta Microsoft ISATAP #2 Description: Karta Microsoft ISATAP Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318} Manufacturer: Microsoft Service: tunnel Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31) Resolution: Update the driver Name: isatap.{A22D0FB5-3E14-4939-A9FE-9AD00246070F} Description: Karta Microsoft ISATAP Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318} Manufacturer: Microsoft Service: tunnel Problem: : This device cannot start. (Code10) Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device. On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard. ==================== Event log errors: ========================= Application errors: ================== System errors: ============= Error: (08/13/2015 11:22:34 AM) (Source: Service Control Manager) (EventID: 7022) (User: ) Description: Usługa HP CUE DeviceDiscovery Error: (08/13/2015 11:20:57 AM) (Source: Microsoft-Windows-TaskScheduler) (EventID: 412) (User: ZARZĄDZANIE NT) Description: 2147942523 Error: (08/12/2015 09:55:59 PM) (Source: Service Control Manager) (EventID: 7022) (User: ) Description: Usługa HP CUE DeviceDiscovery Error: (08/12/2015 09:54:23 PM) (Source: Microsoft-Windows-TaskScheduler) (EventID: 412) (User: ZARZĄDZANIE NT) Description: 2147942523 Error: (08/12/2015 07:06:53 PM) (Source: Service Control Manager) (EventID: 7022) (User: ) Description: Usługa HP CUE DeviceDiscovery Error: (08/12/2015 07:05:10 PM) (Source: Microsoft-Windows-TaskScheduler) (EventID: 412) (User: ZARZĄDZANIE NT) Description: 2147942523 Error: (08/12/2015 07:03:54 PM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: Instalator modułów systemu Windows11200001Uruchom usługę ponownie Error: (08/12/2015 07:03:53 PM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: Windows Live ID Sign-in Assistant1100001Uruchom usługę ponownie Error: (08/12/2015 07:03:53 PM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: NVIDIA Network Service1 Error: (08/12/2015 07:03:52 PM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: Adobe Acrobat Update Service1 Microsoft Office: ========================= CodeIntegrity: =================================== Date: 2015-08-13 16:09:12.455 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\mwac.sys because the set of per-page image hashes could not be found on the system. Date: 2015-08-13 16:09:12.301 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\mwac.sys because the set of per-page image hashes could not be found on the system. Date: 2015-08-13 16:09:12.151 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\mwac.sys because the set of per-page image hashes could not be found on the system. Date: 2015-08-13 16:09:12.001 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\mwac.sys because the set of per-page image hashes could not be found on the system. Date: 2015-08-13 16:09:11.733 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\mbamchameleon.sys because the set of per-page image hashes could not be found on the system. Date: 2015-08-13 16:09:11.577 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\mbamchameleon.sys because the set of per-page image hashes could not be found on the system. Date: 2015-08-13 16:09:11.423 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\mbamchameleon.sys because the set of per-page image hashes could not be found on the system. Date: 2015-08-13 16:09:11.266 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\mbamchameleon.sys because the set of per-page image hashes could not be found on the system. Date: 2015-08-13 16:08:55.886 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\mwac.sys because the set of per-page image hashes could not be found on the system. Date: 2015-08-13 16:08:55.716 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\mwac.sys because the set of per-page image hashes could not be found on the system. ==================== Memory info =========================== Processor: Intel(R) Core(TM)2 Duo CPU E7400 @ 2.80GHz Percentage of memory in use: 46% Total physical RAM: 3069.77 MB Available physical RAM: 1629.2 MB Total Virtual: 6380.41 MB Available Virtual: 4554.73 MB ==================== Drives ================================ Drive c: () (Fixed) (Total:235.68 GB) (Free:105.84 GB) NTFS ==>[drive with boot components (obtained from BCD)] Drive d: (Nowy) (Fixed) (Total:103.12 GB) (Free:102.84 GB) NTFS Drive e: (Nowy) (Fixed) (Total:126.96 GB) (Free:126.65 GB) NTFS ==================== MBR & Partition Table ================== ======================================================== Disk: 0 (MBR Code: Windows 7 or Vista) (Size: 465.8 GB) (Disk ID: 0702AE71) Partition 1: (Active) - (Size=235.7 GB) - (Type=07 NTFS) Partition 2: (Not Active) - (Size=103.1 GB) - (Type=07 NTFS) Partition 3: (Not Active) - (Size=127 GB) - (Type=07 NTFS) ==================== End of log ============================