Additional scan result of Farbar Recovery Scan Tool (x64) Version: 04-01-2015 Ran by Wujo at 2015-01-06 17:04:22 Running from F:\Zawirusowania konkretne Boot Mode: Safe Mode (with Networking) ========================================================== ==================== Security Center ======================== (If an entry is included in the fixlist, it will be removed.) AV: Norton Internet Security (Disabled - Out of date) {88C95A36-8C3B-2F2C-1B8B-30FCCFDC4855} AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: Norton Internet Security (Disabled - Up to date) {33A8BBD2-AA01-20A2-213B-0B8EB45B02E8} FW: Norton Internet Security (Disabled) {B0F2DB13-C654-2E74-30D4-99C9310F0F2E} ==================== Installed Programs ====================== (Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.) Acrobat.com (HKLM-x32\...\{287ECFA4-719A-2143-A09B-D6A12DE54E40}) (Version: 1.6.65 - Adobe Systems Incorporated) Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 1.5.0.7220 - Adobe Systems Inc.) Adobe Flash Player 12 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 12.0.0.77 - Adobe Systems Incorporated) Adobe Flash Player 12 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 12.0.0.77 - Adobe Systems Incorporated) Adobe Flash Player 16 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 16.0.0.235 - Adobe Systems Incorporated) Adobe Reader X (10.1.0) - Polish (HKLM-x32\...\{AC76BA86-7AD7-1045-7B44-AA1000000001}) (Version: 10.1.0 - Adobe Systems Incorporated) Advertising Center (x32 Version: 0.0.0.2 - Nero AG) Hidden Aktualizacja produktu Microsoft Office Excel 2007 Help (KB963678) (HKLM-x32\...\{90120000-0016-0415-0000-0000000FF1CE}_OMUI.pl-pl_{04E205D6-88B1-4652-B162-42DF2C3B1228}) (Version: - Microsoft) Aktualizacja produktu Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM-x32\...\{90120000-0018-0415-0000-0000000FF1CE}_OMUI.pl-pl_{442ECBCF-94A7-48CC-8CD9-D31FFFD5FA86}) (Version: - Microsoft) Aktualizacja produktu Microsoft Office Word 2007 Help (KB963665) (HKLM-x32\...\{90120000-001B-0415-0000-0000000FF1CE}_OMUI.pl-pl_{128A36ED-21BE-4547-9FFE-5B85AEC735DD}) (Version: - Microsoft) Alice Greenfingers (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-112920767}) (Version: - Oberon Media) ALLConverter PRO 1.3 (HKLM-x32\...\{9370105C-71BB-4FF9-A85B-36D79B95457A}_is1) (Version: - ALLCinema, Inc.) ALLMediaServer (HKLM-x32\...\{FE77909E-B782-4554-A92A-4D887CEF0ACC}_is1) (Version: 0.95 - ALLCinema Ltd.) ALLPlayer V5.X (HKLM-x32\...\ALLPlayer_is1) (Version: - ALLPlayer Group, Ltd.) ALPS Touch Pad Driver (HKLM\...\{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}) (Version: 7.105.2015.1103 - Alps Electric) Amazonia (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-11273477}) (Version: - Oberon Media) Avast Premier (HKLM-x32\...\Avast) (Version: 10.0.2208 - AVAST Software) Backup Manager Basic (x32 Version: 2.0.0.22 - NewTech Infosystems) Hidden Chicken Invaders 2 (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-110209593}) (Version: - Oberon Media) Conexant HD Audio (HKLM\...\CNXT_AUDIO_HDA) (Version: 4.98.9.0 - Conexant) CWK (Czasowy Wyłącznik Komputera) (HKLM-x32\...\CWK) (Version: 2.52.3.43 - Damian Pasternak) CyberLink PowerDVD 8 (HKLM-x32\...\InstallShield_{2BF2E31F-B8BB-40A7-B650-98D28E0F7D47}) (Version: 8.0.2815m.50 - CyberLink Corp.) D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden Dairy Dash (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-115053100}) (Version: - Oberon Media) Dziobas Rar Player 0.009.39 (HKLM-x32\...\Dziobas Rar Player_is1) (Version: - Kamil Dzióbek) ESET Online Scanner v3 (HKLM-x32\...\ESET Online Scanner) (Version: - ) Farm Frenzy 2 (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-11531173}) (Version: - Oberon Media) Football Manager 2014 (HKLM-x32\...\Steam App 231670) (Version: - Sports Interactive) Galeria fotografii usługi Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Google Chrome (HKLM-x32\...\Google Chrome) (Version: 39.0.2171.65 - Google Inc.) Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden Granny In Paradise (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-110551697}) (Version: - Oberon Media) Heroes of Hellas (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-113786380}) (Version: - Oberon Media) Identity Card (HKLM-x32\...\Identity Card) (Version: 1.00.3001 - Packard Bell) ImagXpress (x32 Version: 7.0.74.0 - Nero AG) Hidden Intel® Matrix Storage Manager (HKLM\...\{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}) (Version: - Intel Corporation) Java 7 Update 51 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217051FF}) (Version: 7.0.510 - Oracle) Java(TM) 6 Update 37 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83216037FF}) (Version: 6.0.370 - Oracle) Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden K-Lite Codec Pack 7.0.0 (Standard) (HKLM-x32\...\KLiteCodecPack_is1) (Version: 7.0.0 - ) Launch Manager (HKLM-x32\...\LManager) (Version: 3.0.03 - Packard Bell) Malwarebytes Anti-Malware wersja 2.0.4.1028 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.4.1028 - Malwarebytes Corporation) Merriam Websters Spell Jam (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-112662477}) (Version: - Oberon Media) Microsoft .NET Framework 1.1 (HKLM-x32\...\{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}) (Version: 1.1.4322 - Microsoft) Microsoft .NET Framework 4 Client Profile (HKLM\...\Microsoft .NET Framework 4 Client Profile) (Version: 4.0.30319 - Microsoft Corporation) Microsoft Office 2003 Web Components (HKLM-x32\...\{90A40415-6000-11D3-8CFE-0150048383C9}) (Version: 11.0.8173.0 - Microsoft Corporation) Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0100-0415-0000-0000000FF1CE}_OMUI.pl-pl_{01CC3B2D-70DB-49DC-839A-A923D2A39EA4}) (Version: - Microsoft) Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation) Microsoft Office Language Pack 2007 - Polish/Polski (HKLM-x32\...\OMUI.pl-pl) (Version: 12.0.6612.1000 - Microsoft Corporation) Microsoft Office PowerPoint Viewer 2007 (Polish) (HKLM-x32\...\{95120000-00AF-0415-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation) Microsoft Office Professional Edition 2003 (HKLM-x32\...\{90110415-6000-11D3-8CFE-0150048383C9}) (Version: 11.0.8173.0 - Microsoft Corporation) Microsoft Office Suite Activation Assistant (HKLM-x32\...\{E50AE784-FABE-46DA-A1F8-7B6B56DCB22E}) (Version: 2.9 - Microsoft Corporation) Microsoft Office XP Web Components (HKLM-x32\...\{90260415-6000-11D3-8CFE-0150048383C9}) (Version: 11.0.8173.0 - Microsoft Corporation) Microsoft Report Viewer Redistributable 2005 (HKLM-x32\...\Microsoft Report Viewer Redistributable 2008 (KB971118)) (Version: - Microsoft Corporation) Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation) Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation) Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053 (HKLM\...\{B6E3757B-5E77-3915-866A-CCFC4B8D194C}) (Version: 8.0.50727.4053 - Microsoft Corporation) Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM-x32\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{A49F249F-0C91-497F-86DF-B2585E8E76B7}) (Version: 8.0.50727.42 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) - KB2467175 (HKLM\...\{aac9fcc4-dd9e-4add-901c-b5496a07ab2e}) (Version: 8.0.51011 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation) Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 (HKLM-x32\...\{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (HKLM-x32\...\{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}) (Version: 9.0.30729.5570 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319 (HKLM-x32\...\{196BB40D-1578-3D01-B289-BEFC77A11A1E}) (Version: 10.0.30319 - Microsoft Corporation) Microsoft Works (HKLM-x32\...\{44E42AAA-432F-4E03-8D7D-C8DB4FEE526A}) (Version: 9.7.0621 - Microsoft Corporation) MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation) MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation) NapiProjekt 2.0.0 (build 2151) (HKLM-x32\...\NapiProjekt_is1) (Version: - ) Nero 9 Essentials (HKLM-x32\...\{8ed5c8a6-2aee-40dd-8df4-26cd57921222}) (Version: - Nero AG) Nero OEM (HKLM-x32\...\Nero - Burning Rom!UninstallKey) (Version: - ) Norton Online Backup (HKLM-x32\...\{C57BCDE1-7CB9-467D-B3BA-7E119916CDC1}) (Version: 1.2.0.36 - Symantec) NVIDIA Drivers (HKLM\...\NVIDIA Drivers) (Version: 1.5 - NVIDIA Corporation) NVIDIA PhysX (HKLM-x32\...\{1C4551A6-4743-4093-91E4-1477CD655043}) (Version: 9.09.0203 - NVIDIA Corporation) Origin (HKLM-x32\...\Origin) (Version: 9.3.1.4482 - Electronic Arts, Inc.) Packard Bell GameZone Console (HKLM-x32\...\{9242564e-02e9-4ea8-9d2d-351f6f728e1c}_is1) (Version: 5.1.2.3 - Oberon Media, Inc.) Packard Bell InfoCentre (HKLM-x32\...\Packard Bell InfoCentre) (Version: 3.02.3000 - Packard Bell) Packard Bell MyBackup (HKLM-x32\...\InstallShield_{72B776E5-4530-4C4B-9453-751DF87D9D93}) (Version: 2.0.0.22 - NewTech Infosystems) Packard Bell Power Management (HKLM-x32\...\{3DB0448D-AD82-4923-B305-D001E521A964}) (Version: 4.05.3002 - Packard Bell) Packard Bell Recovery Management (HKLM-x32\...\{7F811A54-5A09-4579-90E1-C93498E230D9}) (Version: 4.05.3003 - Packard Bell) Packard Bell Registration (HKLM-x32\...\Packard Bell Registration) (Version: 1.02.3004 - Packard Bell) PackardBell ScreenSaver (HKLM-x32\...\PackardBell Screensaver) (Version: 1.0.1.0302 - PackardBell) Pakiet zgodności dla systemu Office 2007 (HKLM-x32\...\{90120000-0020-0415-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation) PlayReady PC Runtime x86 (HKLM-x32\...\{CCA5EAAD-92F4-4B7A-B5EE-14294C66AB61}) (Version: 1.3.0 - Microsoft Corporation) Poczta usługi Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Podstawowe programy Windows Live (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3502.0922 - Microsoft Corporation) Podstawowe programy Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Polski pakiet językowy dla programu Microsoft .NET Framework 4 Client Profile (HKLM\...\Microsoft .NET Framework 4 Client Profile PLK Language Pack) (Version: 4.0.30319 - Microsoft Corporation) Realtek USB 2.0 Card Reader (HKLM-x32\...\{96AE7E41-E34E-47D0-AC07-1091A8127911}) (Version: 6.1.7100.30093 - Realtek Semiconductor Corp.) ShadowExplorer 0.9 (HKLM-x32\...\ShadowExplorer_is1) (Version: 0.9.462.0 - ShadowExplorer.com) SpyHunter (HKLM-x32\...\{46B04D53-4E34-4388-B6EE-80FAB66AEF9B}) (Version: 4.12.13.4202 - Enigma Software Group USA, LLC) Star Defender 4 (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-114803710}) (Version: - Oberon Media) Steam (HKLM-x32\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve Corporation) VC80CRTRedist - 8.0.50727.6195 (x32 Version: 1.2.0 - DivX, Inc) Hidden Video Web Camera (HKLM-x32\...\{12A1B519-5934-4508-ADBD-335347B0DC87}) (Version: 1.7.10.1210 - Chicony Electronics Co.,Ltd.) Welcome Center (HKLM-x32\...\Packard Bell Welcome Center) (Version: 1.00.3005 - Packard Bell) WIDCOMM Bluetooth Software (HKLM\...\{9E9D49A4-1DF4-4138-B7DB-5D87A893088E}) (Version: 6.2.0.9700 - Broadcom Corporation) Winamp (HKLM-x32\...\Winamp) (Version: 5.622 - Nullsoft, Inc) Windows Live Sync (HKLM-x32\...\{8FDC4F3F-1DD7-433E-841E-E20C294609B4}) (Version: 14.0.8064.206 - Microsoft Corporation) WinRAR 4.01 (32-bit) (HKLM-x32\...\WinRAR archiver) (Version: 4.01.0 - win.rar GmbH) WinRAR 4.01 (64-bitowy) (HKLM\...\WinRAR archiver) (Version: 4.01.0 - win.rar GmbH) Wise Disk Cleaner 8.39 (HKLM-x32\...\Wise Disk Cleaner_is1) (Version: 8.39 - WiseCleaner.com, Inc.) Wise Registry Cleaner 8.31 (HKLM-x32\...\Wise Registry Cleaner_is1) (Version: 8.31 - WiseCleaner.com, Inc.) WPF Toolkit October 2008 (Version 3.5.31016.1) (HKLM-x32\...\{5EE6E987-1B79-4A93-832B-27472C7D1579}) (Version: 3.5.31016.1 - Microsoft Corporation) Xvid Video Codec (HKLM-x32\...\Xvid Video Codec 1.3.1) (Version: 1.3.1 - Xvid Team) YouTube to ALLPlayer (HKLM-x32\...\YouTube to ALLPlayer_is1) (Version: 1.7 - ALLPlayer Co.) ==================== Custom CLSID (selected items): ========================== (If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.) ==================== Restore Points ========================= 06-01-2015 12:49:20 Installed SpyHunter ==================== Hosts content: ========================== (If needed Hosts: directive could be included in the fixlist to reset Hosts.) 2009-07-14 03:34 - 2009-06-10 22:00 - 00000824 ____N C:\Windows\system32\Drivers\etc\hosts ==================== Scheduled Tasks (whitelisted) ============= (If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.) Task: {07770E9D-F3B7-4B25-874D-3D6F3F3CBDC6} - \Funmoods No Task File <==== ATTENTION Task: {0B773F42-CF5C-40BC-9169-0AAEEAC80253} - System32\Tasks\Recovery Management\Burn Notification => C:\Program Files\Packard Bell\Packard Bell Recovery Management\NotificationCenter\Notification.exe [2009-07-09] (Acer) Task: {0CF3B116-DA65-430F-9FA1-7EAE2435E3F5} - System32\Tasks\{C26B5E61-26B9-47FD-AFE4-265FA498E912} => pcalua.exe -a "C:\z Rector\_CD\02 dotnet 01 i 02\dotnet2.0_polish_lang_pack.exe" -d "C:\z Rector\_CD\02 dotnet 01 i 02" Task: {0DAACB83-A04B-49B5-8315-0CD0A3024430} - System32\Tasks\WS.Enabler-S-71009536 => c:\programdata\setapp\ws.enabler\WS.Enabler.exe <==== ATTENTION Task: {0EE2C22D-DA95-47EE-9DEB-8D1F959A1CF3} - System32\Tasks\SidebarExecute => C:\Program Files (x86)\Windows Sidebar\sidebar.exe [2010-11-20] (Microsoft Corporation) Task: {105353A9-C15A-405A-9D8A-B889A9F5E576} - System32\Tasks\{6B62769A-FB6F-4B36-B81B-10076155899C} => pcalua.exe -a "D:\[PL] Gothic 3 Zmierzch Bogow\g3fg_106_pl.exe" -d "D:\[PL] Gothic 3 Zmierzch Bogow" Task: {14A661C3-358B-44FF-9415-0BAC9EA4E4B2} - System32\Tasks\{22116563-108C-42c0-A7CE-60161B75E508} => C:\Users\Wujo\AppData\Local\Temp\Ivj.exe <==== ATTENTION Task: {16A2D09C-C155-4D67-A276-2577E63ABA87} - System32\Tasks\nvbinif => C:\Windows\TEMP\wxsgcum.exe Task: {4C4924AA-5B89-4C79-B782-9898066DEA42} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-12-20] (Adobe Systems Incorporated) Task: {5C934816-9ABD-4E99-A2EF-A6AF9894D2D8} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2015-01-05] (AVAST Software) Task: {811D8666-AB43-4EBB-A3AF-68CBE1987A13} - System32\Tasks\GoforFilesUpdate => C:\Program Files (x86)\GoforFiles\GFFUpdater.exe <==== ATTENTION Task: {848E651E-3F94-437E-A939-3C5D9D3C3FCE} - System32\Tasks\{948FD25D-A0F4-4257-AE25-56927B4C82F3} => pcalua.exe -a D:\setup.exe -d D:\ Task: {8A50D08D-C7D8-4E89-A512-BA89703FFD7C} - System32\Tasks\YourFile Update => C:\Program Files (x86)\YourFileDownloader\YourFileUpdater.exe <==== ATTENTION Task: {92B73987-47CF-42AA-B2B0-8AAF466CBFED} - System32\Tasks\{4CE54CF7-CD67-49E1-9ABE-A168E0913C58} => pcalua.exe -a "C:\z Rector\_CD\02 dotnet 01 i 02\dotnetfx2.0.exe" -d "C:\z Rector\_CD\02 dotnet 01 i 02" Task: {B67CFFE1-7813-46ED-9F33-81F9CF1C3788} - System32\Tasks\{DC334AC1-DE93-43DE-B655-5F406268D5E4} => C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe Task: {C2A96D23-B831-4880-BB2C-1285BF313F1A} - System32\Tasks\{EBE60C5D-F0A2-4DD7-B8AA-D4CA3A683DE0} => pcalua.exe -a "C:\z Rector\_CD\02 dotnet 01 i 02\dotnetfx1.0.exe" -d "C:\z Rector\_CD\02 dotnet 01 i 02" Task: {E61AD748-BC3D-4ABD-AF8F-EA28EEB737CA} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-08-30] (Google Inc.) Task: {ECB0D957-E9D6-49CF-A4FD-063DA944264B} - System32\Tasks\SpyHunter4Startup => C:\Program Files (x86)\Enigma Software Group\SpyHunter\Spyhunter4.exe [2015-01-06] (Enigma Software Group USA, LLC.) Task: {F0A7FF05-933F-4750-8006-433AAC7661E6} - System32\Tasks\{E4DBABE4-396F-467D-BBB3-8B4B4BC021E8} => C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe Task: {F474537D-3A24-4C8E-AB4F-78874B488DE2} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-08-30] (Google Inc.) Task: {F98EDEAE-7418-499C-8EC5-4C28DEA6EE65} - System32\Tasks\RunAsStdUser Task => C:\Program Files (x86)\ClickPotatoLite\bin\11.0.19.0\ClickPotatoLiteSA.exe Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\WS.Enabler-S-71009536.job => c:\programdata\setapp\ws.enabler\WS.Enabler.exe <==== ATTENTION ==================== Loaded Modules (whitelisted) ============= ==================== Alternate Data Streams (whitelisted) ========= (If an entry is included in the fixlist, only the Alternate Data Streams will be removed.) AlternateDataStreams: C:\ProgramData\Temp:0B9176C0 AlternateDataStreams: C:\ProgramData\Temp:1D32EC29 AlternateDataStreams: C:\ProgramData\Temp:364682BC AlternateDataStreams: C:\ProgramData\Temp:4CF61E54 AlternateDataStreams: C:\ProgramData\Temp:4D066AD2 AlternateDataStreams: C:\ProgramData\Temp:5D7E5A8F AlternateDataStreams: C:\ProgramData\Temp:93DE1838 AlternateDataStreams: C:\ProgramData\Temp:AB689DEA AlternateDataStreams: C:\ProgramData\Temp:ABE89FFE AlternateDataStreams: C:\ProgramData\Temp:E1F04E8D AlternateDataStreams: C:\ProgramData\Temp:E3C56885 AlternateDataStreams: C:\Users\Wujo\Local Settings:init ==================== Safe Mode (whitelisted) =================== (If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.) HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Option => "OptionValue"="2" ==================== EXE Association (whitelisted) ============= (If an entry is included in the fixlist, the default will be restored. None default entries will be removed.) ==================== MSCONFIG/TASK MANAGER disabled items ========= (Currently there is no automatic fix for this section.) MSCONFIG\Services: AxInstSV => 3 MSCONFIG\Services: bthserv => 3 MSCONFIG\Services: btwdins => 2 MSCONFIG\Services: Nero BackItUp Scheduler 4.0 => 3 MSCONFIG\Services: Updater Service => 3 MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Bluetooth.lnk => C:\Windows\pss\Bluetooth.lnk.CommonStartup MSCONFIG\startupreg: ALLUpdate => "C:\Program Files (x86)\ALLPlayer\ALLUpdate.exe" "sleep" MSCONFIG\startupreg: Apiporopd => C:\Users\Wujo\AppData\Roaming\Fosyryg\ydkiir.exe MSCONFIG\startupreg: Apoint => C:\Program Files\Apoint2K\Apoint.exe MSCONFIG\startupreg: BackupManagerTray => "C:\Program Files (x86)\NewTech Infosystems\Packard Bell MyBackup\BackupManagerTray.exe" -h -k MSCONFIG\startupreg: Camera Assistant Software => "C:\Program Files (x86)\Video Web Camera\traybar.exe" MSCONFIG\startupreg: DAEMON Tools Lite => "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun MSCONFIG\startupreg: EADM => "C:\Program Files (x86)\Origin\Origin.exe" -AutoStart MSCONFIG\startupreg: Hiivmomineyl => C:\Users\Wujo\AppData\Roaming\Onbilo\guuztoy.exe MSCONFIG\startupreg: IAAnotif => C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\iaanotif.exe MSCONFIG\startupreg: KuhnUmmi => regsvr32.exe "C:\ProgramData\KuhnUmmi\ZuhjIgtog.yep" MSCONFIG\startupreg: LManager => C:\Program Files (x86)\Launch Manager\LManager.exe MSCONFIG\startupreg: NeroFilterCheck => C:\Windows\system32\NeroCheck.exe MSCONFIG\startupreg: NortonOnlineBackupReminder => "C:\Program Files (x86)\Symantec\Norton Online Backup\Activation\NobuActivation.exe" UNATTENDED MSCONFIG\startupreg: RemoteControl8 => "c:\Program Files (x86)\CyberLink\PowerDVD8\PDVD8Serv.exe" MSCONFIG\startupreg: WinampAgent => "C:\Program Files (x86)\Winamp\winampa.exe" MSCONFIG\startupreg: zbnakde => rundll32 "C:\Users\Wujo\AppData\Local\zbnakde.dll",zbnakde ========================= Accounts: ========================== Administrator (S-1-5-21-3326234350-4050991087-374296464-500 - Administrator - Disabled) ASPNET (S-1-5-21-3326234350-4050991087-374296464-1002 - Limited - Enabled) Gość (S-1-5-21-3326234350-4050991087-374296464-501 - Limited - Disabled) HomeGroupUser$ (S-1-5-21-3326234350-4050991087-374296464-1004 - Limited - Enabled) Wujo (S-1-5-21-3326234350-4050991087-374296464-1000 - Administrator - Enabled) => C:\Users\Wujo ==================== Faulty Device Manager Devices ============= Name: Karta wirtualnego miniportu WiFi firmy Microsoft Description: Karta wirtualnego miniportu WiFi firmy Microsoft Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318} Manufacturer: Microsoft Service: vwifimp Problem: : This device is disabled. (Code 22) Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions. Name: Security Processor Loader Driver Description: Security Processor Loader Driver Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1} Manufacturer: Service: spldr Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24) Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed. Devices stay in this state if they have been prepared for removal. After you remove the device, this error disappears.Remove the device, and this error should be resolved. Name: Karta Broadcom NetLink (TM) Gigabit Ethernet Description: Karta Broadcom NetLink (TM) Gigabit Ethernet Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318} Manufacturer: Broadcom Service: k57nd60a Problem: : This device is disabled. (Code 22) Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions. Name: avast! Revert Description: avast! Revert Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1} Manufacturer: Service: aswRvrt Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24) Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed. Devices stay in this state if they have been prepared for removal. After you remove the device, this error disappears.Remove the device, and this error should be resolved. Name: avast! VM Monitor Description: avast! VM Monitor Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1} Manufacturer: Service: aswVmm Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24) Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed. Devices stay in this state if they have been prepared for removal. After you remove the device, this error disappears.Remove the device, and this error should be resolved. ==================== Event log errors: ========================= Application errors: ================== Error: (01/06/2015 04:44:49 PM) (Source: SideBySide) (EventID: 80) (User: ) Description: Nie można wygenerować kontekstu aktywacji dla „C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1”. Błąd w pliku manifestu lub w pliku zasad „C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2” w wierszu C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3. Wersja składnika wymagana przez aplikację powoduje konflikt z inną wersją składnika, która jest już aktywna. Składniki powodujące konflikt: Składnik 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest. Składnik 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest. Error: (01/06/2015 00:48:07 PM) (Source: SideBySide) (EventID: 80) (User: ) Description: Nie można wygenerować kontekstu aktywacji dla „C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1”. Błąd w pliku manifestu lub w pliku zasad „C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2” w wierszu C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3. Wersja składnika wymagana przez aplikację powoduje konflikt z inną wersją składnika, która jest już aktywna. Składniki powodujące konflikt: Składnik 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest. Składnik 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest. Error: (01/06/2015 04:49:30 AM) (Source: SideBySide) (EventID: 33) (User: ) Description: Nie można wygenerować kontekstu aktywacji dla "msadctls,processorArchitecture="x86",type="win32",version="1.0.1801.0"1". Nie można odnaleźć zestawu zależnego msadctls,processorArchitecture="x86",type="win32",version="1.0.1801.0". Użyj narzędzia sxstrace.exe, aby uzyskać szczegółową diagnozę. Error: (01/06/2015 04:49:29 AM) (Source: SideBySide) (EventID: 33) (User: ) Description: Nie można wygenerować kontekstu aktywacji dla "msadctls,processorArchitecture="x86",type="win32",version="1.0.1801.0"1". Nie można odnaleźć zestawu zależnego msadctls,processorArchitecture="x86",type="win32",version="1.0.1801.0". Użyj narzędzia sxstrace.exe, aby uzyskać szczegółową diagnozę. Error: (01/06/2015 04:49:29 AM) (Source: SideBySide) (EventID: 33) (User: ) Description: Nie można wygenerować kontekstu aktywacji dla "msadctls,processorArchitecture="x86",type="win32",version="1.0.1801.0"1". Nie można odnaleźć zestawu zależnego msadctls,processorArchitecture="x86",type="win32",version="1.0.1801.0". Użyj narzędzia sxstrace.exe, aby uzyskać szczegółową diagnozę. Error: (01/06/2015 04:49:29 AM) (Source: SideBySide) (EventID: 33) (User: ) Description: Nie można wygenerować kontekstu aktywacji dla "msadctls,processorArchitecture="x86",type="win32",version="1.0.1801.0"1". Nie można odnaleźć zestawu zależnego msadctls,processorArchitecture="x86",type="win32",version="1.0.1801.0". Użyj narzędzia sxstrace.exe, aby uzyskać szczegółową diagnozę. Error: (01/06/2015 04:45:41 AM) (Source: SideBySide) (EventID: 80) (User: ) Description: Nie można wygenerować kontekstu aktywacji dla „C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1”. Błąd w pliku manifestu lub w pliku zasad „C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2” w wierszu C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3. Wersja składnika wymagana przez aplikację powoduje konflikt z inną wersją składnika, która jest już aktywna. Składniki powodujące konflikt: Składnik 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest. Składnik 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest. Error: (01/06/2015 04:45:23 AM) (Source: SideBySide) (EventID: 63) (User: ) Description: Nie można wygenerować kontekstu aktywacji dla "assemblyIdentity1". Błąd w pliku manifestu lub w pliku zasad "assemblyIdentity2" w wierszu assemblyIdentity3. Wartość "MAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINOR" atrybutu "version" elementu "assemblyIdentity" jest nieprawidłowa. Error: (01/06/2015 00:06:50 AM) (Source: Greg_Service) (EventID: 0) (User: ) Description: Service failed on start: Socket Error # 10013 Access denied. Error: (01/05/2015 00:41:39 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: ) Description: Przetwarzanie wywołania OnIdentity() w obiekcie System Writer przez Usługi kryptograficzne nie powiodło się. Details: AddLegacyDriverFiles: Unable to back up image of binary Avast! Firewall Driver. System Error: Nie można odnaleźć określonego pliku. . System errors: ============= Error: (01/06/2015 04:50:42 PM) (Source: DCOM) (EventID: 10005) (User: ) Description: 1068fdPHost{D3DCB472-7261-43CE-924B-0704BD730D5F} Error: (01/06/2015 04:50:42 PM) (Source: DCOM) (EventID: 10005) (User: ) Description: 1068fdPHost{145B4335-FE2A-4927-A040-7C35AD3180EF} Error: (01/06/2015 04:39:09 PM) (Source: Ntfs) (EventID: 55) (User: ) Description: Struktura systemu plików na dysku jest uszkodzona i nie nadaje się do użytku. Uruchom narzędzie chkdsk na woluminie Packard Bell. Error: (01/06/2015 04:34:49 PM) (Source: Service Control Manager) (EventID: 7001) (User: ) Description: Usługa Dostawca grupy domowej zależy od usługi Host dostawcy odnajdowania funkcji, której nie można uruchomić z powodu następującego błędu: %%1068 Error: (01/06/2015 04:34:47 PM) (Source: DCOM) (EventID: 10005) (User: ) Description: 1084WSearch{9E175B6D-F52A-11D8-B9A5-505054503030} Error: (01/06/2015 04:34:47 PM) (Source: DCOM) (EventID: 10005) (User: ) Description: 1084WSearch{7D096C5F-AC08-4F1F-BEB7-5C22C517CE39} Error: (01/06/2015 04:34:42 PM) (Source: DCOM) (EventID: 10005) (User: ) Description: 1084EventSystem{1BE1F766-5536-11D1-B726-00C04FB926AF} Error: (01/06/2015 04:34:35 PM) (Source: DCOM) (EventID: 10005) (User: ) Description: 1084ShellHWDetection{DD522ACC-F821-461A-A407-50B198B896DC} Error: (01/06/2015 04:34:26 PM) (Source: Service Control Manager) (EventID: 7026) (User: ) Description: Nie można załadować następujących sterowników startu rozruchowego lub systemowego: aswRvrt aswSnx aswSP aswVmm discache spldr Wanarpv6 Error: (01/06/2015 04:34:23 PM) (Source: Service Control Manager) (EventID: 7001) (User: ) Description: Usługa Przeglądarka komputera zależy od usługi Serwer, której nie można uruchomić z powodu następującego błędu: %%1068 Microsoft Office Sessions: ========================= Error: (01/06/2015 04:44:49 PM) (Source: SideBySide) (EventID: 80) (User: ) Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestF:\esetsmartinstaller_plk.exe Error: (01/06/2015 00:48:07 PM) (Source: SideBySide) (EventID: 80) (User: ) Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestF:\esetsmartinstaller_plk.exe Error: (01/06/2015 04:49:30 AM) (Source: SideBySide) (EventID: 33) (User: ) Description: msadctls,processorArchitecture="x86",type="win32",version="1.0.1801.0"c:\Windows\Installer\{44E42AAA-432F-4E03-8D7D-C8DB4FEE526A}\WksCal.exe Error: (01/06/2015 04:49:29 AM) (Source: SideBySide) (EventID: 33) (User: ) Description: msadctls,processorArchitecture="x86",type="win32",version="1.0.1801.0"c:\Windows\Installer\{44E42AAA-432F-4E03-8D7D-C8DB4FEE526A}\WksWP.exe Error: (01/06/2015 04:49:29 AM) (Source: SideBySide) (EventID: 33) (User: ) Description: msadctls,processorArchitecture="x86",type="win32",version="1.0.1801.0"c:\Windows\Installer\{44E42AAA-432F-4E03-8D7D-C8DB4FEE526A}\wksdb.exe Error: (01/06/2015 04:49:29 AM) (Source: SideBySide) (EventID: 33) (User: ) Description: msadctls,processorArchitecture="x86",type="win32",version="1.0.1801.0"C:\Windows\Installer\{44E42AAA-432F-4E03-8D7D-C8DB4FEE526A}\wksss.exe Error: (01/06/2015 04:45:41 AM) (Source: SideBySide) (EventID: 80) (User: ) Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestc:\program files (x86)\ESET\eset online scanner\ESETSmartInstaller.exe Error: (01/06/2015 04:45:23 AM) (Source: SideBySide) (EventID: 63) (User: ) Description: assemblyIdentityversionMAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINORc:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dllc:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dll3 Error: (01/06/2015 00:06:50 AM) (Source: Greg_Service) (EventID: 0) (User: ) Description: Service failed on start: Socket Error # 10013 Access denied. Error: (01/05/2015 00:41:39 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: ) Description: Details: AddLegacyDriverFiles: Unable to back up image of binary Avast! Firewall Driver. System Error: Nie można odnaleźć określonego pliku. ==================== Memory info =========================== Processor: Intel(R) Core(TM)2 Duo CPU P7450 @ 2.13GHz Percentage of memory in use: 33% Total physical RAM: 4090.83 MB Available physical RAM: 2723.8 MB Total Pagefile: 8181.66 MB Available Pagefile: 6889.52 MB Total Virtual: 8192 MB Available Virtual: 8191.81 MB ==================== Drives ================================ Drive c: (Packard Bell) (Fixed) (Total:286.27 GB) (Free:97.64 GB) NTFS ==>[System with boot components (obtained from reading drive)] Drive f: (HP_TOOLS) (Removable) (Total:0.12 GB) (Free:0.01 GB) FAT ==================== MBR & Partition Table ================== ======================================================== Disk: 0 (MBR Code: Windows 7 or Vista) (Size: 298.1 GB) (Disk ID: 71E171E1) Partition 1: (Not Active) - (Size=11.7 GB) - (Type=27) Partition 2: (Active) - (Size=100 MB) - (Type=07 NTFS) Partition 3: (Not Active) - (Size=286.3 GB) - (Type=07 NTFS) ======================================================== Disk: 1 (Size: 123 MB) (Disk ID: E2B9F740) Partition 1: (Active) - (Size=122 MB) - (Type=06) ==================== End Of Log ============================