Additional scan result of Farbar Recovery Scan Tool (x64) Version:16-08-2015 Ran by Mariusz (2015-08-17 13:36:37) Running from C:\Users\Mariusz\Desktop Boot Mode: Normal ========================================================== ==================== Accounts: ============================= Administrator (S-1-5-21-3923760505-3937785608-132173358-500 - Administrator - Disabled) Gość (S-1-5-21-3923760505-3937785608-132173358-501 - Limited - Disabled) HomeGroupUser$ (S-1-5-21-3923760505-3937785608-132173358-1002 - Limited - Enabled) Mariusz (S-1-5-21-3923760505-3937785608-132173358-1000 - Administrator - Enabled) => C:\Users\Mariusz ==================== Security Center ======================== (If an entry is included in the fixlist, it will be removed.) AV: avast! Antivirus (Disabled - Out of date) {17AD7D40-BA12-9C46-7131-94903A54AD8B} AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: avast! Antivirus (Disabled - Out of date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736} FW: avast! Antivirus (Disabled) {2F96FC65-F07D-9D1E-5A6E-3DA5C487EAF0} ==================== Installed Programs ====================== (Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.) 7-Zip 4.65 (HKLM-x32\...\7-Zip) (Version: - ) Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 3.8.0.870 - Adobe Systems Incorporated) Adobe Flash Player 18 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 18.0.0.232 - Adobe Systems Incorporated) Adobe Flash Player 18 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 18.0.0.232 - Adobe Systems Incorporated) Adobe Flash Player 19 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 19.0.0.142 - Adobe Systems Incorporated) Adobe Reader XI (11.0.10) - Polish (HKLM-x32\...\{AC76BA86-7AD7-1045-7B44-AB0000000001}) (Version: 11.0.10 - Adobe Systems Incorporated) Adobe Shockwave Player 11.5 (HKLM-x32\...\{3B834B54-EC4B-48E2-BFC6-03FF5DA06F62}) (Version: 11.5.8.612 - Adobe Systems, Inc) Agatha Christie - Peril at End House (x32 Version: 2.2.0.95 - WildTangent) Hidden Alcor Micro USB Card Reader (HKLM-x32\...\InstallShield_{AB71D51A-DD83-4C22-98E2-DF8CB803F65D}) (Version: 1.14.17.06729 - Alcor Micro Corp.) Alcor Micro USB Card Reader (x32 Version: 1.14.17.06729 - Alcor Micro Corp.) Hidden ATI Catalyst Install Manager (HKLM\...\{3497481A-4317-34E7-A3C7-682D6B04730F}) (Version: 3.0.790.0 - ATI Technologies, Inc.) Badanie mające na celu poprawę produktów HP Deskjet 2540 series (HKLM\...\{1832FA40-B363-41BB-863A-D3572688597D}) (Version: 32.0.1180.44630 - Hewlett-Packard Co.) Bejeweled 2 Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden Bing Bar (HKLM-x32\...\{3365E735-48A6-4194-9988-CE59AC5AE503}) (Version: 7.3.132.0 - Microsoft Corporation) BioExcess (Version: 7.0.34.0 - Egis Technology Inc.) Hidden Blackhawk Striker 2 (x32 Version: 2.2.0.95 - WildTangent) Hidden Blasterball 3 (x32 Version: 2.2.0.95 - WildTangent) Hidden Bounce Symphony (x32 Version: 2.2.0.95 - WildTangent) Hidden Broadcom 2070 Bluetooth 3.0 (HKLM\...\{436E0B79-2CFB-4E5F-9380-E17C1B25D0C5}) (Version: 6.3.0.6300 - Broadcom Corporation) Cake Mania (x32 Version: 2.2.0.95 - WildTangent) Hidden ccc-core-static (x32 Version: 2010.0909.1412.23625 - Nazwa firmy) Hidden Chuzzle Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden CyberLink DVD Suite (HKLM-x32\...\InstallShield_{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}) (Version: 7.0.3320 - CyberLink Corp.) Cyfrowy Polsat MF669 (HKLM-x32\...\{A9E5EDA7-2E6C-49E7-924B-A32B89C24A04}) (Version: PCW_PSTPOLV1.0.0B11 - ) D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden Dora's World Adventure (x32 Version: 2.2.0.95 - WildTangent) Hidden DVD Menu Pack for HP MediaSmart Video (HKLM-x32\...\InstallShield_{FB4BB287-37F9-4E27-9C4D-2D3882E08EFF}) (Version: 4.2.4412 - Hewlett-Packard) DVD Menu Pack for HP MediaSmart Video (x32 Version: 4.2.4412 - Hewlett-Packard) Hidden EA SPORTS™ FIFA 15 Demo (HKLM-x32\...\{108C0C19-6316-4944-A62F-C744488F8639}) (Version: 1.0.0.0 - Electronic Arts) Energy Star Digital Logo (HKLM-x32\...\{BD1A34C9-4764-4F79-AE1F-112F8C89D3D4}) (Version: 1.0.1 - Hewlett-Packard) ESU for Microsoft Windows 7 (HKLM-x32\...\{3877C901-7B90-4727-A639-B6ED2DD59D43}) (Version: 1.0.0 - Hewlett-Packard) Facebook Video Calling 3.1.0.521 (HKLM-x32\...\{2091F234-EB58-4B80-8C96-8EB78C808CF7}) (Version: 3.1.521 - Skype Limited) Farm Frenzy (x32 Version: 2.2.0.95 - WildTangent) Hidden FATE (x32 Version: 2.2.0.95 - WildTangent) Hidden Fences Pro (HKLM-x32\...\Fences Pro) (Version: 1.0.1.312.19219 - Stardock Corporation) Fences Pro (Version: 1.0.1.312 - Stardock Corporation) Hidden FIFA 14 (HKLM-x32\...\{AA7A2800-1E75-4240-855B-03AFF8E5171E}) (Version: 1.0.0.7 - Electronic Arts) Final Drive Nitro (x32 Version: 2.2.0.95 - WildTangent) Hidden Galeria fotografii usługi Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Ghost Recon Phantoms - EU (HKU\S-1-5-21-3923760505-3937785608-132173358-1000\...\61e5da2b7c463135) (Version: 1.36.4809.2 - Ubisoft) Google Chrome (HKLM-x32\...\Google Chrome) (Version: 44.0.2403.155 - Google Inc.) Google Update Helper (x32 Version: 1.3.23.0 - SaveSense) Hidden <==== ATTENTION Google Update Helper (x32 Version: 1.3.28.1 - Google Inc.) Hidden Hewlett-Packard ACLM.NET v1.2.2.3 (x32 Version: 1.00.0000 - Hewlett-Packard Company) Hidden HP 3D DriveGuard (HKLM\...\{618BCE93-862D-4B2C-AAAA-FA36DFBBD89A}) (Version: 4.0.10.1 - Hewlett-Packard Company) HP CloudDrive (HKLM-x32\...\ZumoDrive) (Version: - Zecter Inc.) HP Deskjet 2540 series — podstawowe oprogramowanie urządzenia (HKLM\...\{556895FC-B82D-4E5E-B225-E256439C68F1}) (Version: 32.0.1180.44630 - Hewlett-Packard Co.) HP Deskjet 2540 series Pomoc (HKLM-x32\...\{387813C9-5DFE-453E-95AE-142F2C6E929E}) (Version: 30.0.0 - Hewlett Packard) HP Documentation (HKLM-x32\...\{264779DD-BD81-4B42-968F-71DBF32EEBD1}) (Version: 1.1.2.0 - Hewlett-Packard) HP FWUpdateEDO2 (HKLM-x32\...\{415FA9AD-DA10-4ABE-97B6-5051D4795C90}) (Version: 1.2.0.0 - Hewlett-Packard) HP Games (HKLM-x32\...\WildTangent hp Master Uninstall) (Version: 1.0.1.5 - WildTangent) HP MediaSmart DVD (HKLM-x32\...\InstallShield_{DCCAD079-F92C-44DA-B258-624FC6517A5A}) (Version: 4.2.4521 - Hewlett-Packard) HP MediaSmart Movies and TV (HKLM\...\{09BDCC02-80F2-4EFB-8F1B-A807D2C38E31}) (Version: 1.0.1.2 - Hewlett-Packard) HP MediaSmart Music (HKLM-x32\...\InstallShield_{91A34181-9FAD-43AB-A35F-E7A8945B7E1C}) (Version: 4.2.4604 - Hewlett-Packard) HP MediaSmart Photo (HKLM-x32\...\InstallShield_{6DAF8CDC-9B04-413B-A0F2-BCC13CF8A5BF}) (Version: 4.2.4513 - Hewlett-Packard) HP MediaSmart SmartMenu (HKLM\...\{BE6725F2-6D15-477C-86C6-4522B8569D62}) (Version: 3.1.2.2 - Hewlett-Packard) HP MediaSmart Video (HKLM-x32\...\InstallShield_{D12E3E7F-1B13-4933-A915-16C7DD37A095}) (Version: 4.2.4522 - Hewlett-Packard) HP MediaSmart Webcam (HKLM-x32\...\InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 4.2.3303 - Hewlett-Packard) HP Photo Creations (HKLM-x32\...\HP Photo Creations) (Version: 1.0.0.7702 - HP) HP Power Manager (HKLM-x32\...\{872B1C80-38EC-4A31-A25C-980820593900}) (Version: 1.2.3 - Hewlett-Packard Company) HP Quick Launch (HKLM-x32\...\{BB1C717E-376C-4AA1-8940-81BFC38D9778}) (Version: 2.4.4 - Hewlett-Packard Company) HP QuickWeb Installer (HKLM-x32\...\{394FA67A-FF0A-4356-BB77-D85E5A300BDE}) (Version: 1.4.6.0 - DeviceVM Inc.) HP Setup (HKLM-x32\...\{53469506-A37E-4314-A9D9-38724EC23A75}) (Version: 8.4.4400.3525 - Hewlett-Packard Company) HP Setup Manager (HKLM-x32\...\{AE856388-AFAD-4753-81DF-D96B19D0A17C}) (Version: 1.0.12844.3519 - Hewlett-Packard Company) HP SimplePass Identity Protection (HKLM-x32\...\InstallShield_{E6CB67CC-71D2-46b9-8D43-A4641A9EECB2}) (Version: 7.0.34.0 - Egis Technology Inc.) HP Software Framework (HKLM-x32\...\{9F31A79A-ABE8-472C-ACE7-A56910855511}) (Version: 4.1.6.1 - Hewlett-Packard Company) HP Support Assistant (HKLM-x32\...\{E35A3B13-78CD-4967-8AC8-AA9FDA693EDE}) (Version: 7.4.45.4 - Hewlett-Packard Company) HP Wireless Assistant (HKLM\...\{96B1204B-B5D8-47D3-9817-9D0031FD3E03}) (Version: 4.0.10.0 - Hewlett-Packard Company) HPDiagnosticAlert (x32 Version: 1.00.0001 - Microsoft) Hidden IDT Audio (HKLM-x32\...\{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}) (Version: 1.0.6300.0 - IDT) Intel(R) Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1007 - Intel Corporation) Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 6.0.0.1179 - Intel Corporation) Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 9.6.3.1001 - Intel Corporation) Intel(R) Turbo Boost Technology Driver (HKLM-x32\...\{D6C630BF-8DBB-4042-8562-DC9A52CB6E7E}) (Version: 01.02.00.1002 - Intel Corporation) Intel(R) Wireless Display (HKLM\...\{929685C0-FC01-45E1-8B39-2948E8FF861E}) (Version: 1.2.21.0 - Intel Corporation) Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden LabelPrint (HKLM-x32\...\InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}) (Version: 2.5.3220 - CyberLink Corp.) LabelPrint (x32 Version: 2.5.3220 - CyberLink Corp.) Hidden Magic Desktop (HKLM-x32\...\EasyBits Magic Desktop) (Version: 3.0 - EasyBits Software AS) Malwarebytes Anti-Malware wersja 2.1.8.1057 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.1.8.1057 - Malwarebytes Corporation) Manager polaczen (HKLM-x32\...\{23D624DA-73E3-4633-A34F-01413EFB2E3D}) (Version: 4.1.102 - OrangeBusinessServices) Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation) Microsoft .NET Framework 4.5.1 (Polski) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1045) (Version: 4.5.50938 - Microsoft Corporation) Microsoft Office 2010 (HKLM-x32\...\{95140000-0070-0000-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation) Microsoft Office Starter 2010 - Polski (HKLM-x32\...\{90140011-0066-0415-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation) Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation) Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft WSE 3.0 Runtime (HKLM-x32\...\{E3E71D07-CD27-46CB-8448-16D4FB29AA13}) (Version: 3.0.5305.0 - Microsoft Corp.) Minecraft1.5.0 (HKLM-x32\...\Minecraft1.5.0) (Version: - ) Moduł Szybka instalacja pakietu Microsoft Office 2010 (HKLM-x32\...\Office14.Click2Run) (Version: 14.0.4763.1000 - Microsoft Corporation) Moduł Szybka instalacja pakietu Microsoft Office 2010 (Version: 14.0.4763.1000 - Microsoft Corporation) Hidden Movie Theme Pack for HP MediaSmart Video (HKLM-x32\...\InstallShield_{3023EBDA-BF1B-4831-B347-E5018555F26E}) (Version: 4.2.4412 - Hewlett-Packard) Movie Theme Pack for HP MediaSmart Video (x32 Version: 4.2.4412 - Hewlett-Packard) Hidden MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation) MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation) Mystery P.I. - The London Caper (x32 Version: 2.2.0.95 - WildTangent) Hidden OpenOffice 4.1.1 (HKLM-x32\...\{B5373BA3-BAD7-4EAC-A9D2-B66B41B82C57}) (Version: 4.11.9775 - Apache Software Foundation) Opera beta 32.0.1948.4 (HKLM-x32\...\Opera 32.0.1948.4) (Version: 32.0.1948.4 - Opera Software) Oprogramowanie Intel(R) PROSet/Wireless WiFi (HKLM\...\{1A8BA6CE-822D-4888-89E2-ACBF4308F271}) (Version: 13.02.0000 - Intel Corporation) Origin (HKLM-x32\...\Origin) (Version: 9.5.3.636 - Electronic Arts, Inc.) Penguins! (x32 Version: 2.2.0.95 - WildTangent) Hidden PhotoNow! (HKLM-x32\...\InstallShield_{D36DD326-7280-11D8-97C8-000129760CBE}) (Version: 1.1.7717 - CyberLink Corp.) PhotoNow! (x32 Version: 1.1.7717 - CyberLink Corp.) Hidden Plants vs. Zombies (x32 Version: 2.2.0.95 - WildTangent) Hidden Poczta usługi Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Podstawowe programy Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Poker Superstars III (x32 Version: 2.2.0.95 - WildTangent) Hidden Polar Bowler (x32 Version: 2.2.0.95 - WildTangent) Hidden Polar Golfer (x32 Version: 2.2.0.95 - WildTangent) Hidden Power2Go (HKLM-x32\...\InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 6.1.4419 - CyberLink Corp.) Power2Go (x32 Version: 6.1.4419 - CyberLink Corp.) Hidden PowerDirector (HKLM-x32\...\InstallShield_{CB099890-1D5F-11D5-9EA9-0050BAE317E1}) (Version: 8.0.3320 - CyberLink Corp.) PowerDirector (x32 Version: 8.0.3320 - CyberLink Corp.) Hidden PX Profile Update (x32 Version: 1.00.1. - AMD) Hidden Qtrax Player (HKLM-x32\...\{A3E9BA4F-2C4C-41F7-B7E0-6F47137688A2}) (Version: 1.00.0001 - Qtrax) Recovery Manager (x32 Version: 5.5.3223 - CyberLink Corp.) Hidden RedApp 1.0 (HKLM-x32\...\RedApp) (Version: 1.0 - Redefine Sp z o.o.) Skype™ 7.0 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.0.102 - Skype Technologies S.A.) Solstice Arena (HKLM-x32\...\Steam App 240380) (Version: - Zynga) Sony PC Companion 2.10.211 (HKLM-x32\...\{F09EF8F2-0976-42C1-8D9D-8DF78337C6E3}) (Version: 2.10.211 - Sony) Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 15.1.6.64 - Synaptics Incorporated) The Sims™ 3 Wymarzone Podróże (HKLM-x32\...\{BA26FFA5-6D47-47DB-BE56-34C357B5F8CC}) (Version: 2.0.86 - Electronic Arts) The Sims™ 3 Zwierzaki (HKLM-x32\...\{C12631C6-804D-4B32-B0DD-8A496462F106}) (Version: 10.0.96 - Electronic Arts) Unity Web Player (HKU\S-1-5-21-3923760505-3937785608-132173358-1000\...\UnityWebPlayer) (Version: - Unity Technologies ApS) Validity Sensors DDK (HKLM\...\{426FAE9F-7373-496E-A215-9DB7EF4398CF}) (Version: 4.1.139.0 - Validity Sensors, Inc.) Virtual Villagers 4 - The Tree of Life (x32 Version: 2.2.0.95 - WildTangent) Hidden Win7codecs (HKLM-x32\...\{8C0CAA7A-3272-4991-A808-2C7559DE3409}) (Version: 3.4.7 - Shark007) Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3502.0922 - Microsoft Corporation) WinRAR 5.01 (32-bitowy) (HKLM-x32\...\WinRAR archiver) (Version: 5.01.0 - win.rar GmbH) WinRAR 5.10 (64-bitowy) (HKLM\...\WinRAR archiver) (Version: 5.10.0 - win.rar GmbH) World Cup Cricket 20-20 (x32 Version: 2.2.0.95 - WildTangent) Hidden Zuma Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden Zune (HKLM\...\Zune) (Version: 04.08.2345.00 - Microsoft Corporation) ==================== Custom CLSID (Whitelisted): ========================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) CustomCLSID: HKU\S-1-5-21-3923760505-3937785608-132173358-1000_Classes\CLSID\{3A999A50-AB25-4A20-90A9-08F71FCE320F}\InprocServer32 -> C:\Windows\system32\spool\DRIVERS\x64\3\HPCDMC64.DLL (HP) CustomCLSID: HKU\S-1-5-21-3923760505-3937785608-132173358-1000_Classes\CLSID\{98087D89-B93F-4BCF-A998-AE4D9F607C14}\InprocServer32 -> C:\Windows\system32\spool\DRIVERS\x64\3\HPCDMC64.DLL (HP) CustomCLSID: HKU\S-1-5-21-3923760505-3937785608-132173358-1000_Classes\CLSID\{B286F068-5B17-4AE8-989B-8F9A199C47BA}\InprocServer32 -> C:\Windows\system32\spool\DRIVERS\x64\3\HPCDMC64.DLL (HP) ==================== Restore Points ========================= 15-06-2015 05:28:18 Zaplanowany punkt kontrolny 23-06-2015 15:17:24 Zaplanowany punkt kontrolny 13-07-2015 06:28:40 Zaplanowany punkt kontrolny 23-07-2015 23:14:58 avast! antivirus system restore point 24-07-2015 04:25:58 Instalacja pakietu sterownika urządzenia: Avast Usługa sieciowa 26-07-2015 04:16:10 Operacja przywracania 13-08-2015 14:26:21 avast! antivirus system restore point 13-08-2015 15:36:18 Malwarebytes Anti-Rootkit Restore Point 16-08-2015 22:48:29 Removed Adobe Download Assistant 16-08-2015 22:49:02 Removed Java(TM) 6 Update 21 16-08-2015 22:49:58 Removed Java(TM) 6 Update 39 (64-bit) 16-08-2015 22:50:46 Removed HP Update. ==================== Hosts content: =============================== (If needed Hosts: directive could be included in the fixlist to reset Hosts.) 2009-07-14 04:34 - 2009-06-10 23:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts ==================== Scheduled Tasks (Whitelisted) ============= (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) Task: {172C5FC8-AE81-4DED-9B16-A8869B4C1072} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-11-18] (Google Inc.) Task: {17850BC9-C1FD-4E8A-BDF0-D41717B558DE} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-3923760505-3937785608-132173358-1000UA => C:\Users\Mariusz\AppData\Local\Facebook\Update\FacebookUpdate.exe [2014-08-11] (Facebook Inc.) Task: {3CE410F0-9CAB-4ECF-82F1-BB37020241FA} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HPSAObjUtilTask => C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\UtilTask.exe [2015-07-15] (Microsoft) Task: {3E5C5980-40D3-467A-80F2-6AD6F01C7F52} - System32\Tasks\Opera scheduled Autoupdate 1392505156 => C:\Program Files (x86)\Opera Next\launcher.exe [2015-08-12] (Opera Software) Task: {4FC12B6A-699C-4507-9E37-0D32AF6575C8} - System32\Tasks\{31635904-AF22-46AD-8A09-22FF077B4D5E} => c:\program files (x86)\opera\opera.exe Task: {534609DD-90CA-424F-BFCC-37BEAC6CD405} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-08-17] (Adobe Systems Incorporated) Task: {5758B950-7D55-437D-A91B-3FEA68ED6C90} - System32\Tasks\ServicePlan => C:\Program Files (x86)\Hewlett-Packard\HP Setup\RemEngine.exe [2010-09-27] () Task: {57DD8A94-C97D-44E8-B151-1AED498C1D06} - System32\Tasks\{B33EF62E-9161-40B2-A4DB-0E315AC0291A} => c:\program files (x86)\opera\opera.exe Task: {6A8CEA32-AE31-4E44-A239-C0F4FD95AC51} - System32\Tasks\HPCustParticipation HP Deskjet 2540 series => C:\Program Files\HP\HP Deskjet 2540 series\Bin\HPCustPartic.exe [2013-08-13] (Hewlett-Packard Co.) Task: {6EA3649A-3F41-4572-A4F6-03718CB98B96} - System32\Tasks\MirageAgent => C:\Program Files (x86)\Hewlett-Packard\Media\Webcam\YCMMirage.exe [2010-09-03] (CyberLink) Task: {7070B6FE-4AC3-4612-9A26-C30AFDE7DDC3} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2013-11-04] (Hewlett-Packard Company) Task: {8354504C-DA1B-4A60-8372-189B5706B4BF} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2013-11-04] (Hewlett-Packard Company) Task: {87E53293-5DCF-4977-86DE-8B4AA4FF3B1A} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-3923760505-3937785608-132173358-1000Core => C:\Users\Mariusz\AppData\Local\Facebook\Update\FacebookUpdate.exe [2014-08-11] (Facebook Inc.) Task: {93EF12AB-2E46-4A4B-AB13-DA922F9F8F13} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Update Check => C:\ProgramData\Hewlett-Packard\HP Support Framework\Resources\Updater7\HPSFUpdater.exe [2014-05-12] (Hewlett-Packard Company) Task: {A2389E02-B262-471C-805E-AB0BE46D3988} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-07-07] (Adobe Systems Incorporated) Task: {BA80BE2A-CBEF-4699-8BE0-EC67146E68C5} - System32\Tasks\{6A1D0123-4ABF-466F-B095-EF780F7ABDA1} => pcalua.exe -a "C:\Program Files (x86)\InstallShield Installation Information\{BA26FFA5-6D47-47DB-BE56-34C357B5F8CC}\Sims3EP01Setup.exe" -c -runfromtemp -l0x0015 -removeonly Task: {CA6ED09E-4DBB-4BA5-9125-3C79EB5B14B1} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker_DeviceScan => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [2015-07-07] (Hewlett-Packard) Task: {D8AF6F62-921E-43A5-A3C8-DF046BC2071F} - System32\Tasks\{8BF98477-FFBB-42C1-8E23-D25B3E25E4B7} => C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe Task: {E09218B0-81FB-49EF-B301-2CE397DF69DC} - System32\Tasks\{808D1F85-31EA-4AFE-B2AB-10F6E9B6467B} => c:\program files (x86)\opera\opera.exe Task: {E308D02F-4B9B-44BC-9D2E-ECD9E6B8DDF2} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-11-18] (Google Inc.) Task: {E5CB84CD-1B95-474C-AC34-C3732547E699} - System32\Tasks\HPCeeScheduleForMARIUSZ-HP$ => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2010-09-13] (Hewlett-Packard) Task: {EB045ED7-E534-4B94-989B-8452DC795E59} - System32\Tasks\HPCeeScheduleForMariusz => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2010-09-13] (Hewlett-Packard) (If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.) Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3923760505-3937785608-132173358-1000Core.job => C:\Users\Mariusz\AppData\Local\Facebook\Update\FacebookUpdate.exe Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3923760505-3937785608-132173358-1000UA.job => C:\Users\Mariusz\AppData\Local\Facebook\Update\FacebookUpdate.exe Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\HPCeeScheduleForMARIUSZ-HP$.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe Task: C:\Windows\Tasks\HPCeeScheduleForMariusz.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe ==================== Loaded Modules (Whitelisted) ============== 2009-01-21 17:45 - 2009-01-21 17:45 - 01401856 _____ () C:\Program Files (x86)\Hewlett-Packard\HP SimplePass Identity Protection\x64\LIBEAY32.dll 2015-05-16 19:42 - 2012-05-11 09:41 - 00274720 _____ () C:\Program Files (x86)\Cyfrowy Polsat\MF669\AssistantServices.exe 2015-05-16 19:42 - 2011-12-27 09:26 - 00414544 _____ () C:\Program Files (x86)\Cyfrowy Polsat\MF669\CancelAutoPlay.exe 2015-05-16 19:42 - 2012-05-11 09:41 - 00156448 _____ () C:\Program Files (x86)\Cyfrowy Polsat\MF669\UIExec.exe 2010-09-09 16:50 - 2010-09-09 16:50 - 00016384 ____R () C:\Program Files (x86)\ATI Technologies\ATI.ACE\Branding\Branding.dll 2010-09-09 15:11 - 2010-09-09 15:11 - 00270336 _____ () C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.CrossDisplay.Graphics.Dashboard.dll 2010-07-21 15:33 - 2010-07-21 15:33 - 00267832 _____ () C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPCommon.XmlSerializers.dll 2010-07-21 15:33 - 2010-07-21 15:33 - 00030264 _____ () C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_LogicLayer.dll 2010-07-21 15:33 - 2010-07-21 15:33 - 00052280 _____ () C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HardwareAccess.dll 2014-10-19 16:47 - 2014-10-19 16:47 - 00170496 _____ () C:\Windows\assembly\NativeImages_v2.0.50727_32\IsdiInterop\fea6745cde495eb59adf7808e8475ebc\IsdiInterop.ni.dll 2012-12-18 15:09 - 2010-04-27 18:05 - 00058880 _____ () C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IsdiInterop.dll ==================== Alternate Data Streams (Whitelisted) ========= (If an entry is included in the fixlist, only the ADS will be removed.) AlternateDataStreams: C:\ProgramData\Temp:373E1720 ==================== Safe Mode (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.) ==================== EXE Association (Whitelisted) =============== (If an entry is included in the fixlist, the registry item will be restored to default or removed.) ==================== Internet Explorer trusted/restricted =============== (If an entry is included in the fixlist, it will be removed from the registry.) ==================== Other Areas ============================ (Currently there is no automatic fix for this section.) HKU\S-1-5-21-3923760505-3937785608-132173358-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Mariusz\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg DNS Servers: 192.168.1.1 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: ) mpsdrv Firewall Service is not running. MpsSvc Firewall Service is not running. ==================== MSCONFIG/TASK MANAGER disabled items == (Currently there is no automatic fix for this section.) MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Bluetooth.lnk => C:\Windows\pss\Bluetooth.lnk.CommonStartup MSCONFIG\startupreg: Adobe ARM => "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" MSCONFIG\startupreg: Adobe Reader Speed Launcher => "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe" MSCONFIG\startupreg: Easybits Recovery => C:\Program Files (x86)\EasyBits For Kids\ezRecover.exe MSCONFIG\startupreg: EgisTecPMMUpdate => "C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe" MSCONFIG\startupreg: EgisUpdate => "C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe" -d MSCONFIG\startupreg: HP Quick Launch => C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe MSCONFIG\startupreg: Microsoft Default Manager => "C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe" -resume MSCONFIG\startupreg: SmartMenu => C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe /background MSCONFIG\startupreg: VitaKeyTSR => C:\Program Files (x86)\Hewlett-Packard\HP SimplePass Identity Protection\EgisTSR.exe /run ==================== FirewallRules (Whitelisted) =============== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) FirewallRules: [{A011FE6B-2C30-49DC-B69B-17D8811B9A5B}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe FirewallRules: [{D7B5E34F-036C-44D6-B7AF-149E5F62D548}] => (Allow) LPort=2869 FirewallRules: [{A0DF6A1F-EF1B-4AB8-A0F2-C48B93C01A84}] => (Allow) LPort=1900 FirewallRules: [{F5280A29-BA9E-4DC5-834C-61669FD57E03}] => (Allow) C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe FirewallRules: [{0A53F876-41FE-4AE8-9624-B7BFBAAA62C2}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDirector\PDR8.EXE FirewallRules: [{C94B27D3-CEE4-4F1F-9532-EC897F395DA7}] => (Allow) C:\Program Files (x86)\EasyBits For Kids\Programs\My First Browser\MyFirstBrowser.exe FirewallRules: [{533E1FE7-37DE-4B97-86F7-9B304D1A64C3}] => (Allow) C:\Program Files (x86)\EasyBits For Kids\Programs\My First Browser\MyFirstBrowser.exe FirewallRules: [{71DB7FF8-E8ED-4188-8BF5-777798EE70A8}] => (Allow) C:\Program Files (x86)\Hewlett-Packard\HP CloudDrive\zumodrive.exe FirewallRules: [{4AC19BF8-618E-4869-B28D-8CC78AF71EC1}] => (Allow) C:\Program Files (x86)\Hewlett-Packard\HP CloudDrive\zumodrive.exe FirewallRules: [{72377C60-EC49-4A62-A788-872B8307F95D}] => (Allow) C:\Program Files (x86)\Hewlett-Packard\Media\DVD\HPTouchSmartMusic.exe FirewallRules: [{812E2E5B-C273-4D47-ADE9-BEA4F9B0ADE8}] => (Allow) C:\Program Files (x86)\Hewlett-Packard\Media\DVD\HPTouchSmartPhoto.exe FirewallRules: [{353DF02A-27B3-4162-AC08-1DFC5C4AB05E}] => (Allow) C:\Program Files (x86)\Hewlett-Packard\Media\DVD\HPTouchSmartVideo.exe FirewallRules: [{9706A784-626C-439C-9192-9E86C15E4549}] => (Allow) C:\Program Files (x86)\Hewlett-Packard\Media\DVD\TSMAgent.exe FirewallRules: [{897FC3D2-7D40-41AD-AB4B-2C763AD618A1}] => (Allow) C:\Program Files (x86)\Hewlett-Packard\Media\DVD\Kernel\CLML\CLMLSvc.exe FirewallRules: [{47579EEC-C3F3-4F32-9C46-A239F54727EA}] => (Allow) C:\Program Files (x86)\Hewlett-Packard\Media\DVD\HPDVDSmart.exe FirewallRules: [{3D3735BA-72CC-4E2D-A064-041DF5742DEA}] => (Allow) C:\Program Files (x86)\Hewlett-Packard\MediaSmart\Video\HPMediaSmartVideo.exe FirewallRules: [{E8D81695-0E92-415B-9F23-7858A1DB9BA0}] => (Allow) C:\Program Files (x86)\Hewlett-Packard\MediaSmart\Photo\HPMediaSmartPhoto.exe FirewallRules: [{804E18F2-8803-4DAE-A25E-36DF723853F7}] => (Allow) C:\Program Files (x86)\Hewlett-Packard\TouchSmart\Music\HPTouchSmartMusic.exe FirewallRules: [{235F531D-4757-4F2B-8DDC-E3DEB2EA8532}] => (Allow) C:\Program Files (x86)\Intel Corporation\Intel Wireless Display\WiDiApp.exe FirewallRules: [{6CA5B516-C921-4A46-B17F-92EF2CA85A50}] => (Allow) C:\Program Files (x86)\Opera\opera.exe FirewallRules: [{1B98FBFF-C791-4C1A-A333-F6E8F4F610B8}] => (Allow) C:\Program Files (x86)\Opera\opera.exe FirewallRules: [{A544E058-54DB-41B3-B2A5-F28041B2E1B4}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe FirewallRules: [{0D19DDB9-7A35-46F4-8E76-9EBCB443D0BA}] => (Allow) %ProgramFiles%\Zune\Zune.exe FirewallRules: [{F7B12AB2-DC5A-4788-BF95-67363A79EF98}] => (Allow) %ProgramFiles%\Zune\ZuneNSS.exe FirewallRules: [{5D96228F-0575-46D4-8707-28419199DC93}] => (Allow) %ProgramFiles%\Zune\ZuneNSS.exe FirewallRules: [{CC7B609D-B65D-4469-8B32-11F47F299B5D}] => (Allow) %ProgramFiles%\Zune\ZuneNSS.exe FirewallRules: [{F764F764-8D2B-40FF-9CA0-6D05B7970BC8}] => (Allow) %ProgramFiles%\Zune\ZuneNSS.exe FirewallRules: [{A0EFAE1E-3064-4FEC-B6EB-B53E1ADF36B6}] => (Allow) %ProgramFiles%\Zune\ZuneNSS.exe FirewallRules: [{407CA2F7-705E-4C55-9C84-D6CF55B2DBCB}] => (Allow) %ProgramFiles%\Zune\ZuneNSS.exe FirewallRules: [{330F0547-BFBA-4955-AC28-C8253ECF17B7}] => (Allow) %ProgramFiles%\Zune\ZuneNSS.exe FirewallRules: [{4C967E12-68D9-4B1A-AE04-537A17B910B5}] => (Allow) %ProgramFiles%\Zune\ZuneNSS.exe FirewallRules: [TCP Query User{A9875D5F-E503-460E-BD1F-4B33FF0666C8}C:\program files\java\matin\loria\metin2.bin] => (Allow) C:\program files\java\matin\loria\metin2.bin FirewallRules: [UDP Query User{9662EBBE-FD4E-4604-8DDB-AC200E665DA5}C:\program files\java\matin\loria\metin2.bin] => (Allow) C:\program files\java\matin\loria\metin2.bin FirewallRules: [TCP Query User{B56030AB-F3AF-45ED-9F2E-9CCEC74E8EA8}C:\program files\java\matin\loria\loria.exe] => (Allow) C:\program files\java\matin\loria\loria.exe FirewallRules: [UDP Query User{C78E25D7-6315-42AB-B220-F464EF1770E4}C:\program files\java\matin\loria\loria.exe] => (Allow) C:\program files\java\matin\loria\loria.exe FirewallRules: [TCP Query User{F94E8BE2-D667-4F4A-9BBB-5A11C34D6C88}C:\program files\java\matin\luxamt2\metin2.bin] => (Allow) C:\program files\java\matin\luxamt2\metin2.bin FirewallRules: [UDP Query User{32CB0895-C705-4AAF-94BE-3911703FCC4D}C:\program files\java\matin\luxamt2\metin2.bin] => (Allow) C:\program files\java\matin\luxamt2\metin2.bin FirewallRules: [{526A093E-8A98-4C63-A695-A493EDF9ABD5}] => (Block) C:\program files\java\matin\luxamt2\metin2.bin FirewallRules: [{9AA9601A-AF37-4E91-8175-E1254C83DB71}] => (Block) C:\program files\java\matin\luxamt2\metin2.bin FirewallRules: [TCP Query User{9299F9DC-25E0-40A2-8A7A-F40E9ED184CB}C:\program files\java\matin\nextmt2\play.exe] => (Allow) C:\program files\java\matin\nextmt2\play.exe FirewallRules: [UDP Query User{0057995D-A9B4-4A44-BB1E-A99B979B79F6}C:\program files\java\matin\nextmt2\play.exe] => (Allow) C:\program files\java\matin\nextmt2\play.exe FirewallRules: [{9EA47F8D-CCB3-4DA6-BEAA-E209481234D6}] => (Block) C:\program files\java\matin\nextmt2\play.exe FirewallRules: [{117D5EAF-2353-4464-89F9-6058A0CB38FA}] => (Block) C:\program files\java\matin\nextmt2\play.exe FirewallRules: [TCP Query User{91BE5954-0CA4-44A7-8C2A-AF74D772ECE9}C:\program files\java\matin\derin\metin2.bin] => (Allow) C:\program files\java\matin\derin\metin2.bin FirewallRules: [UDP Query User{0992A6F0-3369-4B5B-859D-C5E0560EBD08}C:\program files\java\matin\derin\metin2.bin] => (Allow) C:\program files\java\matin\derin\metin2.bin FirewallRules: [{9DDA954A-DA3C-4C00-A6A5-444D3734912E}] => (Block) C:\program files\java\matin\derin\metin2.bin FirewallRules: [{49262058-96B9-40CD-B47A-D0ED12069D0E}] => (Block) C:\program files\java\matin\derin\metin2.bin FirewallRules: [TCP Query User{592B571F-4582-4787-94F8-79448BD5B38B}C:\program files\java\matin\teoden\metin2client.bin] => (Allow) C:\program files\java\matin\teoden\metin2client.bin FirewallRules: [UDP Query User{144A7721-1A2D-4B73-97DE-8EF4EAA974B5}C:\program files\java\matin\teoden\metin2client.bin] => (Allow) C:\program files\java\matin\teoden\metin2client.bin FirewallRules: [{C21E9B43-E1E1-4E48-BB57-06375D05ED06}] => (Block) C:\program files\java\matin\teoden\metin2client.bin FirewallRules: [{C6165B5D-9556-4006-B0D8-F0D5A72930EE}] => (Block) C:\program files\java\matin\teoden\metin2client.bin FirewallRules: [TCP Query User{34377B3F-382B-4BBE-955E-818DE499A039}C:\program files\java\matin\$rcoetmr\play.exe] => (Block) C:\program files\java\matin\$rcoetmr\play.exe FirewallRules: [UDP Query User{D1EA959D-E94F-462A-9014-00F5756058E6}C:\program files\java\matin\$rcoetmr\play.exe] => (Block) C:\program files\java\matin\$rcoetmr\play.exe FirewallRules: [{37B5C314-CC6F-4E16-B385-EA9D8403864C}] => (Allow) C:\Program Files\Symulator Farmy 2011\FarmingSimulator2011.exe FirewallRules: [{4AA6E207-1F03-430A-A90A-AB339A171AF2}] => (Allow) C:\Program Files\Symulator Farmy 2011\FarmingSimulator2011.exe FirewallRules: [{F4A628D6-1C8E-4A4F-B2AF-23C7D13F2A77}] => (Allow) C:\Program Files\Symulator Farmy 2011\game.exe FirewallRules: [{68682BB6-EDD2-429B-A9BA-B98D2260042C}] => (Allow) C:\Program Files\Symulator Farmy 2011\game.exe FirewallRules: [TCP Query User{94F58D92-3A04-4D2C-8746-14B1D8FF1E17}C:\program files\java\jre6\bin\javaw.exe] => (Allow) C:\program files\java\jre6\bin\javaw.exe FirewallRules: [UDP Query User{90AEE94F-2789-4C0D-AD4C-2586AE07F447}C:\program files\java\jre6\bin\javaw.exe] => (Allow) C:\program files\java\jre6\bin\javaw.exe FirewallRules: [{23174889-74BA-4FC5-AF41-FDA163DCBBDF}] => (Block) C:\program files\java\jre6\bin\javaw.exe FirewallRules: [{61704761-A3EF-48D4-8337-52912A57EF33}] => (Block) C:\program files\java\jre6\bin\javaw.exe FirewallRules: [TCP Query User{AA73213C-5000-43A3-AB00-B721EC35C463}C:\windows\system32\javaw.exe] => (Allow) C:\windows\system32\javaw.exe FirewallRules: [UDP Query User{F125F8D2-C7A7-4C58-B0A8-39526597CBEF}C:\windows\system32\javaw.exe] => (Allow) C:\windows\system32\javaw.exe FirewallRules: [{A7A5D984-6BE9-49F8-8226-796FC1DE04C2}] => (Block) C:\windows\system32\javaw.exe FirewallRules: [{7153A5C7-F920-474A-B12C-008AF4A29B73}] => (Block) C:\windows\system32\javaw.exe FirewallRules: [TCP Query User{86EC4EF4-4DB6-4AD4-B18E-A57BBF54037C}C:\program files (x86)\chivalry medieval warfare\binaries\win32\udk.exe] => (Allow) C:\program files (x86)\chivalry medieval warfare\binaries\win32\udk.exe FirewallRules: [UDP Query User{6CBE2AE9-03E2-4840-BCF7-2A20DCF8D875}C:\program files (x86)\chivalry medieval warfare\binaries\win32\udk.exe] => (Allow) C:\program files (x86)\chivalry medieval warfare\binaries\win32\udk.exe FirewallRules: [{FFF3EC02-6EBF-4760-A9BB-7C999F4CE254}] => (Block) C:\program files (x86)\chivalry medieval warfare\binaries\win32\udk.exe FirewallRules: [{D711EFD4-D35F-49A2-AEAA-A8569454F804}] => (Block) C:\program files (x86)\chivalry medieval warfare\binaries\win32\udk.exe FirewallRules: [{38FE4555-6578-45CA-BC2F-DFACAD973560}] => (Allow) C:\Program Files (x86)\Opera\opera.exe FirewallRules: [{3C5087AE-7753-433D-A51B-16A4FE578048}] => (Allow) C:\Program Files (x86)\Opera\opera.exe FirewallRules: [{561480A9-8339-4818-9B13-759D93712DAB}] => (Allow) C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe FirewallRules: [{0709FF19-5232-41D5-B6B0-3AB61C3EFCBB}] => (Allow) C:\Users\Mariusz\AppData\Local\Facebook\Video\Skype\FacebookVideoCalling.exe FirewallRules: [{011B919C-2DA5-439B-8FC5-4C5D7386E4FE}] => (Allow) C:\Program Files\HP\HP Deskjet 2540 series\Bin\DeviceSetup.exe FirewallRules: [{8497F957-F329-406C-A356-FA4465AB7183}] => (Allow) LPort=5357 FirewallRules: [{09823E4F-E152-4123-B38D-81D959EA49B2}] => (Allow) C:\Program Files\HP\HP Deskjet 2540 series\Bin\HPNetworkCommunicatorCom.exe FirewallRules: [TCP Query User{5D6E8835-A128-4A28-B17C-70E75B03EF12}C:\users\mariusz\appdata\local\apps\2.0\lao5yaxp.o2c\d5z2a71m.lal\laun...app_2e973cc213891be7_0001.0024_4052c4aaf822cd02\launcher.exe] => (Allow) C:\users\mariusz\appdata\local\apps\2.0\lao5yaxp.o2c\d5z2a71m.lal\laun...app_2e973cc213891be7_0001.0024_4052c4aaf822cd02\launcher.exe FirewallRules: [UDP Query User{C530CCCB-31BF-4449-8BC4-30A2F87CA94C}C:\users\mariusz\appdata\local\apps\2.0\lao5yaxp.o2c\d5z2a71m.lal\laun...app_2e973cc213891be7_0001.0024_4052c4aaf822cd02\launcher.exe] => (Allow) C:\users\mariusz\appdata\local\apps\2.0\lao5yaxp.o2c\d5z2a71m.lal\laun...app_2e973cc213891be7_0001.0024_4052c4aaf822cd02\launcher.exe FirewallRules: [TCP Query User{F8230328-989E-4F39-967A-99BCCA611937}C:\ghostrecon\ghost recon phantoms\pdc-live\ghostreconphantoms.exe] => (Allow) C:\ghostrecon\ghost recon phantoms\pdc-live\ghostreconphantoms.exe FirewallRules: [UDP Query User{7DBAFDD8-53DC-4115-992D-AD7464E05AE6}C:\ghostrecon\ghost recon phantoms\pdc-live\ghostreconphantoms.exe] => (Allow) C:\ghostrecon\ghost recon phantoms\pdc-live\ghostreconphantoms.exe FirewallRules: [{A8F56FB9-1662-4E62-AD1C-505CC7BF8A65}] => (Allow) C:\Fifa\FIFA 14\Game\fifa14.exe FirewallRules: [{9AAA3929-CE60-4C3E-8248-0381B9CD1A06}] => (Allow) C:\Fifa\FIFA 14\Game\fifa14.exe FirewallRules: [{70FD6DF7-EE6A-49A4-A43B-0796F4E5EA45}] => (Allow) C:\Fifa\FIFA 15 DEMO\fifasetup\fifaconfig.exe FirewallRules: [{B2FD8074-45F8-4B1F-925C-9BFC93CE005D}] => (Allow) C:\Fifa\FIFA 15 DEMO\fifasetup\fifaconfig.exe FirewallRules: [TCP Query User{6AAAE585-171F-4C05-937A-B8BEBB3CD499}C:\users\mariusz\appdata\local\apps\2.0\lao5yaxp.o2c\d5z2a71m.lal\laun...app_2e973cc213891be7_0001.0024_eafc301c6e5bc8c2\launcher.exe] => (Allow) C:\users\mariusz\appdata\local\apps\2.0\lao5yaxp.o2c\d5z2a71m.lal\laun...app_2e973cc213891be7_0001.0024_eafc301c6e5bc8c2\launcher.exe FirewallRules: [UDP Query User{E474E459-3C9C-4648-B834-9CEEC35A31E7}C:\users\mariusz\appdata\local\apps\2.0\lao5yaxp.o2c\d5z2a71m.lal\laun...app_2e973cc213891be7_0001.0024_eafc301c6e5bc8c2\launcher.exe] => (Allow) C:\users\mariusz\appdata\local\apps\2.0\lao5yaxp.o2c\d5z2a71m.lal\laun...app_2e973cc213891be7_0001.0024_eafc301c6e5bc8c2\launcher.exe FirewallRules: [{2EB7E78E-1556-4B83-865A-E026A97E4B70}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe FirewallRules: [{FF7E5C63-47D6-4024-94AF-791EF9346B9D}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe FirewallRules: [{947A3995-3D2F-493D-A1FF-ED9C97F12DFD}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe FirewallRules: [{871B46F8-0CA6-4EBD-A814-61FA6A7D98B5}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe FirewallRules: [{1136B43A-1885-4C91-897A-0CBF6B5AD45A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\SolsticeArena\SolsticeArena.exe FirewallRules: [{3CF7AE2D-74F2-49D3-A23F-171161D5115B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\SolsticeArena\SolsticeArena.exe FirewallRules: [{C4166BBF-DA41-4823-8C49-D44E333D779F}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe FirewallRules: [TCP Query User{831288AC-0777-446F-A50D-DD25AA5B1911}C:\windows\syswow64\msiexec.exe] => (Block) C:\windows\syswow64\msiexec.exe FirewallRules: [UDP Query User{1E3FBB89-2318-4728-B8F5-3F88C94493B5}C:\windows\syswow64\msiexec.exe] => (Block) C:\windows\syswow64\msiexec.exe FirewallRules: [{9EB2D31D-F7EC-4F68-BEDF-3D9EE2694E9A}] => (Allow) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPDeviceDetection3.exe ==================== Faulty Device Manager Devices ============= Name: Teredo Tunneling Pseudo-Interface Description: Karta tunelowania Teredo firmy Microsoft Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318} Manufacturer: Microsoft Service: tunnel Problem: : This device cannot start. (Code10) Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device. On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard. Could not list Devices. Check "winmgmt" service or repair WMI. ==================== Event log errors: ========================= Application errors: ================== Error: (08/17/2015 01:32:14 PM) (Source: Microsoft-Windows-EapHost) (EventID: 2002) (User: ZARZĄDZANIE NT) Description: Pomijanie: nie można zweryfikować Eap method DLL path name. Błąd: identyfikator typu=43, identyfikator autora=9, identyfikator dostawcy=0, typ dostawcy=0 Error: (08/17/2015 01:32:14 PM) (Source: Microsoft-Windows-EapHost) (EventID: 2002) (User: ZARZĄDZANIE NT) Description: Pomijanie: nie można zweryfikować Eap method DLL path name. Błąd: identyfikator typu=25, identyfikator autora=9, identyfikator dostawcy=0, typ dostawcy=0 Error: (08/17/2015 01:32:14 PM) (Source: Microsoft-Windows-EapHost) (EventID: 2002) (User: ZARZĄDZANIE NT) Description: Pomijanie: nie można zweryfikować Eap method DLL path name. Błąd: identyfikator typu=17, identyfikator autora=9, identyfikator dostawcy=0, typ dostawcy=0 Error: (08/17/2015 01:24:26 PM) (Source: Microsoft-Windows-EapHost) (EventID: 2002) (User: ZARZĄDZANIE NT) Description: Pomijanie: nie można zweryfikować Eap method DLL path name. Błąd: identyfikator typu=43, identyfikator autora=9, identyfikator dostawcy=0, typ dostawcy=0 Error: (08/17/2015 01:24:26 PM) (Source: Microsoft-Windows-EapHost) (EventID: 2002) (User: ZARZĄDZANIE NT) Description: Pomijanie: nie można zweryfikować Eap method DLL path name. Błąd: identyfikator typu=25, identyfikator autora=9, identyfikator dostawcy=0, typ dostawcy=0 Error: (08/17/2015 01:24:26 PM) (Source: Microsoft-Windows-EapHost) (EventID: 2002) (User: ZARZĄDZANIE NT) Description: Pomijanie: nie można zweryfikować Eap method DLL path name. Błąd: identyfikator typu=17, identyfikator autora=9, identyfikator dostawcy=0, typ dostawcy=0 Error: (08/17/2015 12:26:40 AM) (Source: Microsoft-Windows-EapHost) (EventID: 2002) (User: ZARZĄDZANIE NT) Description: Pomijanie: nie można zweryfikować Eap method DLL path name. Błąd: identyfikator typu=43, identyfikator autora=9, identyfikator dostawcy=0, typ dostawcy=0 Error: (08/17/2015 12:26:40 AM) (Source: Microsoft-Windows-EapHost) (EventID: 2002) (User: ZARZĄDZANIE NT) Description: Pomijanie: nie można zweryfikować Eap method DLL path name. Błąd: identyfikator typu=25, identyfikator autora=9, identyfikator dostawcy=0, typ dostawcy=0 Error: (08/17/2015 12:26:40 AM) (Source: Microsoft-Windows-EapHost) (EventID: 2002) (User: ZARZĄDZANIE NT) Description: Pomijanie: nie można zweryfikować Eap method DLL path name. Błąd: identyfikator typu=17, identyfikator autora=9, identyfikator dostawcy=0, typ dostawcy=0 Error: (08/16/2015 10:54:36 PM) (Source: Microsoft-Windows-EapHost) (EventID: 2002) (User: ZARZĄDZANIE NT) Description: Pomijanie: nie można zweryfikować Eap method DLL path name. Błąd: identyfikator typu=43, identyfikator autora=9, identyfikator dostawcy=0, typ dostawcy=0 System errors: ============= Error: (08/17/2015 01:32:29 PM) (Source: Service Control Manager) (EventID: 7024) (User: ) Description: Usługa Usługa nasłuchująca grup domowych zakończyła działanie; wystąpił specyficzny dla niej błąd %%-2147023143. Error: (08/17/2015 01:32:14 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Nie można uruchomić usługi BEWConfigSrv z powodu następującego błędu: %%1053 Error: (08/17/2015 01:32:14 PM) (Source: Service Control Manager) (EventID: 7009) (User: ) Description: Upłynął limit czasu (30000 ms) podczas oczekiwania na połączenie się z usługą BEWConfigSrv. Error: (08/17/2015 01:27:13 PM) (Source: Service Control Manager) (EventID: 7024) (User: ) Description: Usługa Usługa nasłuchująca grup domowych zakończyła działanie; wystąpił specyficzny dla niej błąd %%-2147023143. Error: (08/17/2015 01:24:27 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Nie można uruchomić usługi BEWConfigSrv z powodu następującego błędu: %%1053 Error: (08/17/2015 01:24:27 PM) (Source: Service Control Manager) (EventID: 7009) (User: ) Description: Upłynął limit czasu (30000 ms) podczas oczekiwania na połączenie się z usługą BEWConfigSrv. Error: (08/17/2015 12:26:53 AM) (Source: Service Control Manager) (EventID: 7024) (User: ) Description: Usługa Usługa nasłuchująca grup domowych zakończyła działanie; wystąpił specyficzny dla niej błąd %%-2147023143. Error: (08/17/2015 12:26:40 AM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Nie można uruchomić usługi BEWConfigSrv z powodu następującego błędu: %%1053 Error: (08/17/2015 12:26:40 AM) (Source: Service Control Manager) (EventID: 7009) (User: ) Description: Upłynął limit czasu (30000 ms) podczas oczekiwania na połączenie się z usługą BEWConfigSrv. Error: (08/16/2015 10:54:49 PM) (Source: Service Control Manager) (EventID: 7024) (User: ) Description: Usługa Usługa nasłuchująca grup domowych zakończyła działanie; wystąpił specyficzny dla niej błąd %%-2147023143. Microsoft Office: ========================= Error: (08/17/2015 01:32:14 PM) (Source: Microsoft-Windows-EapHost) (EventID: 2002) (User: ZARZĄDZANIE NT) Description: Eap method DLL path name43900 Error: (08/17/2015 01:32:14 PM) (Source: Microsoft-Windows-EapHost) (EventID: 2002) (User: ZARZĄDZANIE NT) Description: Eap method DLL path name25900 Error: (08/17/2015 01:32:14 PM) (Source: Microsoft-Windows-EapHost) (EventID: 2002) (User: ZARZĄDZANIE NT) Description: Eap method DLL path name17900 Error: (08/17/2015 01:24:26 PM) (Source: Microsoft-Windows-EapHost) (EventID: 2002) (User: ZARZĄDZANIE NT) Description: Eap method DLL path name43900 Error: (08/17/2015 01:24:26 PM) (Source: Microsoft-Windows-EapHost) (EventID: 2002) (User: ZARZĄDZANIE NT) Description: Eap method DLL path name25900 Error: (08/17/2015 01:24:26 PM) (Source: Microsoft-Windows-EapHost) (EventID: 2002) (User: ZARZĄDZANIE NT) Description: Eap method DLL path name17900 Error: (08/17/2015 12:26:40 AM) (Source: Microsoft-Windows-EapHost) (EventID: 2002) (User: ZARZĄDZANIE NT) Description: Eap method DLL path name43900 Error: (08/17/2015 12:26:40 AM) (Source: Microsoft-Windows-EapHost) (EventID: 2002) (User: ZARZĄDZANIE NT) Description: Eap method DLL path name25900 Error: (08/17/2015 12:26:40 AM) (Source: Microsoft-Windows-EapHost) (EventID: 2002) (User: ZARZĄDZANIE NT) Description: Eap method DLL path name17900 Error: (08/16/2015 10:54:36 PM) (Source: Microsoft-Windows-EapHost) (EventID: 2002) (User: ZARZĄDZANIE NT) Description: Eap method DLL path name43900 ==================== Memory info =========================== Processor: Intel(R) Core(TM) i5 CPU M 460 @ 2.53GHz Percentage of memory in use: 43% Total physical RAM: 2933.86 MB Available physical RAM: 1650.67 MB Total Virtual: 5865.91 MB Available Virtual: 4353.16 MB ==================== Drives ================================ Drive c: () (Fixed) (Total:268.38 GB) (Free:166.69 GB) NTFS ==>[system with boot components (obtained from reading drive)] Drive d: (RECOVERY) (Fixed) (Total:29.42 GB) (Free:3.97 GB) NTFS ==>[system with boot components (obtained from reading drive)] Drive g: (HP_TOOLS) (Fixed) (Total:0.1 GB) (Free:0.09 GB) FAT32 ==================== MBR & Partition Table ================== ======================================================== Disk: 0 (Size: 298.1 GB) (Disk ID: 171D48E4) Partition 1: (Active) - (Size=199 MB) - (Type=07 NTFS) Partition 2: (Not Active) - (Size=268.4 GB) - (Type=07 NTFS) Partition 3: (Not Active) - (Size=29.4 GB) - (Type=07 NTFS) Partition 4: (Not Active) - (Size=103 MB) - (Type=0C) ==================== End of log ============================