Additional scan result of Farbar Recovery Scan Tool (x64) Version: 14-01-2014 03 Ran by EWA at 2014-01-14 23:10:20 Running from C:\Users\EWA\Downloads Boot Mode: Normal ========================================================== ==================== Security Center ======================== AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B} AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736} ==================== Installed Programs ====================== Update for Microsoft Office 2007 (KB2508958) (x32 Version: - Microsoft) ActiveCheck component for HP Active Support Library (x32 Version: 3.0.0.1 - Hewlett-Packard) Hidden Adobe Flash Player 11 ActiveX (x32 Version: 11.9.900.170 - Adobe Systems Incorporated) Adobe Flash Player 11 Plugin (x32 Version: 11.9.900.170 - Adobe Systems Incorporated) Adobe Reader X (10.1.8) - Polish (x32 Version: 10.1.8 - Adobe Systems Incorporated) Adobe Shockwave Player (x32 Version: 11.5.1.601 - Adobe Systems, Inc.) Aktualizacja produktu Microsoft Office Excel 2007 Help (KB963678) (x32 Version: - Microsoft) Aktualizacja produktu Microsoft Office Powerpoint 2007 Help (KB963669) (x32 Version: - Microsoft) Aktualizacja produktu Microsoft Office Word 2007 Help (KB963665) (x32 Version: - Microsoft) ALLPlayer V4.X (x32 Version: - ALLCinema Ltd.) Atheros Driver Installation Program (x32 Version: 5.0 - Atheros) Avanquest update (x32 Version: 1.31 - Avanquest Software) avast! Free Antivirus (x32 Version: 9.0.2011 - Avast Software) CCleaner (Version: 4.09 - Piriform) CyberLink DVD Suite (x32 Version: 7.0.2216 - CyberLink Corp.) CyberLink DVD Suite (x32 Version: 7.0.2216 - CyberLink Corp.) Hidden CyberLink MediaShow (x32 Version: 4.1.3419 - CyberLink Corp.) CyberLink MediaShow (x32 Version: 4.1.3419 - CyberLink Corp.) Hidden CyberLink PowerDVD 8 (x32 Version: 8.0.1.1110 - CyberLink Corp.) CyberLink PowerDVD 8 (x32 Version: 8.0.1.1110 - CyberLink Corp.) Hidden CyberLink YouCam (x32 Version: 3.0.2201 - CyberLink Corp.) CyberLink YouCam (x32 Version: 3.0.2201 - CyberLink Corp.) Hidden D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden ESU for Microsoft Windows 7 (x32 Version: 1.0.0 - Hewlett-Packard) Facebook Video Calling 1.2.0.287 (x32 Version: 1.2.287 - Skype Limited) Formant ActiveX programu Windows Live Mesh odpowiedzialny za obsługę połączeń zdalnych (x32 Version: 15.4.5722.2 - Microsoft Corporation) Gadu-Gadu 10 (x32 Version: - GG Network S.A.) Galeria fotografii usługi Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Google Chrome (x32 Version: 31.0.1650.63 - Google Inc.) Google Drive (x32 Version: 1.13.5782.599 - Google, Inc.) Google Earth Plug-in (x32 Version: 7.1.2.2041 - Google) Google Update Helper (x32 Version: 1.3.22.3 - Google Inc.) Hidden HP Advisor (x32 Version: 3.3.9512.3162 - Hewlett-Packard) HP Customer Experience Enhancements (x32 Version: 6.0.1.3 - Hewlett-Packard) Hidden HP Deskjet 3070 B611 series Badanie ulepszeń produktu (Version: 25.0.571.0 - Hewlett-Packard Co.) HP Deskjet 3070 B611 series Podstawowe oprogramowanie urządzenia (Version: 25.0.571.0 - Hewlett-Packard Co.) HP Deskjet 3070 B611 series Pomoc (x32 Version: 140.0.2.2 - Hewlett Packard) HP Games (x32 Version: 1.0.0.71 - WildTangent) HP Photo Creations (x32 Version: 1.0.0.5192 - HP Photo Creations) HP Quick Launch Buttons (x32 Version: 6.50.9.1 - Hewlett-Packard) HP Setup (x32 Version: 1.2.3560.3170 - Hewlett-Packard) HP Support Assistant (x32 Version: 4.3.1.2 - Hewlett-Packard) HP Update (x32 Version: 5.003.000.004 - Hewlett-Packard) HP User Guides (x32 Version: 1.01.0000 - Hewlett-Packard) HP Wireless Assistant (x32 Version: 3.50.9.1 - Hewlett-Packard) HPAsset component for HP Active Support Library (x32 Version: 3.0.0.3 - Hewlett-Packard) Hidden Intel(R) Graphics Media Accelerator Driver (x32 Version: 8.15.10.2008 - Intel Corporation) Intel(R) Management Engine Components (x32 Version: 6.0.0.1179 - Intel Corporation) Intel® Matrix Storage Manager (Version: - Intel Corporation) ipla 2.3.4 (x32 Version: 2.3.4 - Redefine Sp z o.o.) Java 7 Update 45 (x32 Version: 7.0.450 - Oracle) Java Auto Updater (x32 Version: 2.1.9.8 - Sun Microsystems, Inc.) Hidden Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden K-Lite Codec Pack 6.2.0 (Basic) (x32 Version: 6.2.0 - ) Kyodai (x32 Version: - ) LabelPrint (x32 Version: 2.5.2215 - CyberLink Corp.) LabelPrint (x32 Version: 2.5.2215 - CyberLink Corp.) Hidden LightScribe System Software (x32 Version: 1.18.9.1 - LightScribe) Magic Desktop (x32 Version: - EasyBits Software AS) Media Go (x32 Version: 2.2.223 - Sony) Media Go Video Playback Engine 1.92.168.06150 (x32 Version: 1.92.168.06150 - Sony) Mesh Runtime (x32 Version: 15.4.5722.2 - Microsoft Corporation) Hidden Metin2 (x32 Version: - Gameforge 4D GmbH) Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319 - Microsoft Corporation) Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319 - Microsoft Corporation) Hidden Microsoft .NET Framework 4 Extended (Version: 4.0.30319 - Microsoft Corporation) Microsoft .NET Framework 4 Extended (Version: 4.0.30319 - Microsoft Corporation) Hidden Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden Microsoft Office 2007 Service Pack 3 (SP3) (x32 Version: - Microsoft) Hidden Microsoft Office Excel MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden Microsoft Office Excel MUI (Polish) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden Microsoft Office File Validation Add-In (x32 Version: 14.0.5130.5003 - Microsoft Corporation) Microsoft Office Home and Student 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Microsoft Office Home and Student 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden Microsoft Office Office 64-bit Components 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden Microsoft Office OneNote MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden Microsoft Office OneNote MUI (Polish) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden Microsoft Office PowerPoint MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden Microsoft Office PowerPoint MUI (Polish) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden Microsoft Office PowerPoint Viewer 2007 (English) (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Microsoft Office PowerPoint Viewer 2007 (Polish) (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Microsoft Office Proof (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden Microsoft Office Proof (French) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden Microsoft Office Proof (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden Microsoft Office Proof (Polish) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden Microsoft Office Proof (Spanish) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden Microsoft Office Proofing (English) 2007 (x32 Version: 12.0.4518.1014 - Microsoft Corporation) Hidden Microsoft Office Proofing (Polish) 2007 (x32 Version: 12.0.4518.1020 - Microsoft Corporation) Hidden Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) (x32 Version: - Microsoft) Hidden Microsoft Office Shared 64-bit MUI (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden Microsoft Office Shared 64-bit MUI (Polish) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden Microsoft Office Shared MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden Microsoft Office Shared MUI (Polish) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden Microsoft Office Shared Setup Metadata MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden Microsoft Office Suite Activation Assistant (x32 Version: 2.9 - Microsoft Corporation) Microsoft Office Word MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden Microsoft Office Word MUI (Polish) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden Microsoft Silverlight (Version: 5.1.20913.0 - Microsoft Corporation) Microsoft SQL Server 2005 Compact Edition [ENU] (x32 Version: 3.1.0000 - Microsoft Corporation) Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (x32 Version: 8.0.50727.4053 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.59193 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.61001 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570 (Version: 9.0.30729.5570 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (x32 Version: 9.0.30729.5570 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (x32 Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (x32 Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (x32 Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Works (x32 Version: 9.7.0621 - Microsoft Corporation) Mozilla Firefox 26.0 (x86 pl) (x32 Version: 26.0 - Mozilla) Mozilla Maintenance Service (x32 Version: 26.0 - Mozilla) MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) Hidden MSVCRT_amd64 (x32 Version: 15.4.2862.0708 - Microsoft) Hidden MSXML 4.0 SP2 (KB954430) (x32 Version: 4.20.9870.0 - Microsoft Corporation) MSXML 4.0 SP2 (KB973688) (x32 Version: 4.20.9876.0 - Microsoft Corporation) muvee Reveal (x32 Version: 7.0.43.11502 - muvee Technologies Pte Ltd) Pakiet zgodności dla systemu Office 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Pando Media Booster (x32 Version: 2.6.0.7 - Pando Networks Inc.) PhotoScape (x32 Version: - ) PlayStation(R)Network Downloader (x32 Version: 2.07.00849 - Sony Computer Entertainment Inc.) PlayStation(R)Store (x32 Version: 4.9.4.14625 - Sony Computer Entertainment Inc.) Poczta usługi Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Podstawowe programy Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Podstawowe programy Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Pomocnik Messenger (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Power2Go (x32 Version: 6.0.3415 - CyberLink Corp.) Power2Go (x32 Version: 6.0.3415 - CyberLink Corp.) Hidden PowerDirector (x32 Version: 7.0.3420 - CyberLink Corp.) PowerDirector (x32 Version: 7.0.3420 - CyberLink Corp.) Hidden QLBCASL (x32 Version: 6.40.17.2 - Hewlett-Packard) Hidden Qtrax Player (x32 Version: 1.00.0001 - Qtrax) Razer Game Booster (x32 Version: 3.5.6.0 - Razer USA Ltd.) Real Alternative 1.9.0 Lite (x32 Version: 1.9.0 - ) Realtek Ethernet Controller Driver For Windows Vista and Later (x32 Version: 1.00.0011 - Realtek) Realtek High Definition Audio Driver (x32 Version: 6.0.1.5992 - Realtek Semiconductor Corp.) Realtek USB 2.0 Card Reader (x32 Version: 6.1.7600.30105 - Realtek Semiconductor Corp.) Recovery Manager (x32 Version: 5.5.2214 - CyberLink Corp.) Hidden RonOTS 8.7 wersja 2.0 (x32 Version: 2.0 - RonOTS) SAMSUNG USB Driver for Mobile Phones (Version: 1.3.650.0 - SAMSUNG Electronics Co., Ltd.) Skype™ 6.1 (x32 Version: 6.1.129 - Skype Technologies S.A.) SweetIM for Messenger 3.7 (x32 Version: 3.7.0005 - SweetIM Technologies Ltd.) <==== ATTENTION Synaptics Pointing Device Driver (Version: 14.0.13.1 - Synaptics Incorporated) TeamSpeak 3 Client (HKCU Version: - TeamSpeak Systems GmbH) The Sims™ 2 Zwierzaki (x32 Version: - ) The Sims™ 2 Cztery pory roku (x32 Version: - ) The Sims™ 2 Double Deluxe (x32 Version: - Electronic Arts) The Sims™ Historie z bezludnej wyspy (x32 Version: - Electronic Arts) Update for 2007 Microsoft Office System (KB967642) (x32 Version: - Microsoft) Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (x32 Version: 1 - Microsoft Corporation) Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (x32 Version: 1 - Microsoft Corporation) Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (x32 Version: 1 - Microsoft Corporation) Update for Microsoft .NET Framework 4 Client Profile (KB2836939) (x32 Version: 1 - Microsoft Corporation) Update for Microsoft .NET Framework 4 Client Profile (KB2836939v3) (x32 Version: 3 - Microsoft Corporation) Update for Microsoft .NET Framework 4 Extended (KB2468871) (x32 Version: 1 - Microsoft Corporation) Update for Microsoft .NET Framework 4 Extended (KB2533523) (x32 Version: 1 - Microsoft Corporation) Update for Microsoft .NET Framework 4 Extended (KB2600217) (x32 Version: 1 - Microsoft Corporation) Update for Microsoft .NET Framework 4 Extended (KB2836939) (x32 Version: 1 - Microsoft Corporation) Update for Microsoft .NET Framework 4 Extended (KB2836939v3) (x32 Version: 3 - Microsoft Corporation) Update for Microsoft Office 2007 Help for Common Features (KB963673) (x32 Version: - Microsoft) Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition (x32 Version: - Microsoft) Update for Microsoft Office 2007 suites (KB2687493) 32-Bit Edition (x32 Version: - Microsoft) Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition (x32 Version: - Microsoft) Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition (x32 Version: - Microsoft) Update for Microsoft Office Excel 2007 Help (KB963678) (x32 Version: - Microsoft) Update for Microsoft Office OneNote 2007 Help (KB963670) (x32 Version: - Microsoft) Update for Microsoft Office Powerpoint 2007 Help (KB963669) (x32 Version: - Microsoft) Update for Microsoft Office Script Editor Help (KB963671) (x32 Version: - Microsoft) Update for Microsoft Office Word 2007 Help (KB963665) (x32 Version: - Microsoft) Update Manager for SweetPacks 1.0 (x32 Version: 1.0.0005 - SweetIM Technologies Ltd.) <==== ATTENTION Windows Live Communications Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Windows Live Family Safety (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Windows Live ID Sign-in Assistant (Version: 7.250.4225.0 - Microsoft Corporation) Hidden Windows Live Installer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Windows Live Language Selector (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Windows Live Mail (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Windows Live Mesh (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Windows Live Messenger (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Windows Live Messenger Companion Core (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Windows Live MIME IFilter (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Windows Live Movie Maker (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Windows Live Photo Common (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Windows Live Photo Gallery (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Windows Live PIMT Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Windows Live Remote Client (Version: 15.4.5722.2 - Microsoft Corporation) Hidden Windows Live Remote Client Resources (Version: 15.4.5722.2 - Microsoft Corporation) Hidden Windows Live Remote Service (Version: 15.4.5722.2 - Microsoft Corporation) Hidden Windows Live Remote Service Resources (Version: 15.4.5722.2 - Microsoft Corporation) Hidden Windows Live SOXE (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Windows Live SOXE Definitions (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Windows Live Sync (x32 Version: 14.0.8089.726 - Microsoft Corporation) Windows Live UX Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Windows Live UX Platform Language Pack (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Windows Live Writer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Windows Live Writer Resources (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden WinRAR 4.00 (32-bitowy) (x32 Version: 4.00.0 - win.rar GmbH) ==================== Restore Points ========================= 01-01-2014 12:59:35 Operacja przywracania 01-01-2014 18:14:49 Windows Update 07-01-2014 06:04:06 Windows Update 08-01-2014 08:59:00 avast! antivirus system restore point 08-01-2014 09:19:28 Removed Steam 08-01-2014 09:21:43 Removed Samsung Kies 08-01-2014 09:28:37 Usunięte League of Legends 08-01-2014 09:43:16 Installed Java 7 Update 45 08-01-2014 09:47:14 Removed Java 7 Update 45 08-01-2014 09:47:58 Installed Java 7 Update 45 08-01-2014 09:52:42 Usunięte Samsung New PC Studio 08-01-2014 09:57:17 Removed Internet Explorer Toolbar 4.6 by SweetPacks 09-01-2014 06:42:50 Operacja przywracania 09-01-2014 06:53:33 avast! antivirus system restore point 10-01-2014 06:31:10 Windows Update 12-01-2014 21:57:04 Windows Update 14-01-2014 21:09:10 Removed Java(TM) 6 Update 17 (64-bit) ==================== Hosts content: ========================== 2009-07-14 03:34 - 2011-12-22 16:11 - 00000833 ____A C:\Windows\system32\Drivers\etc\hosts ==================== Scheduled Tasks (whitelisted) ============= Task: {0F119FE7-AA7D-4798-BDF4-94386BC4C911} - System32\Tasks\{7DFCEED7-A660-41C2-8047-FE519D6AC483} => C:\Program Files (x86)\Counter-Strike\cstrike.exe Task: {1238E87F-1AD7-47A3-86EB-97C9BAEC25C7} - System32\Tasks\{6AA318A8-6506-42BE-BE01-C904D45DB17B} => C:\Users\EWA\Documents\Chicken Invaders 3 Xmas\CI3Xmaslol.exe Task: {15011BF5-2EBF-49B4-AD68-FB509C8F61CC} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2013-12-17] (Piriform Ltd) Task: {155D8F76-A95D-43C9-ACFC-BF8B17F034A0} - System32\Tasks\avast! Emergency Update => C:\Program Files\Alwil Software\Avast5\AvastEmUpdate.exe [2014-01-08] (AVAST Software) Task: {1EBBF3CB-DED2-4559-9098-514BF344FF00} - System32\Tasks\{5667FA46-6FFF-4DDF-A10B-032323DFB4B4} => C:\Users\EWA\Documents\Chicken Invaders 3 Xmas\CI3Xmaslol.exe Task: {2330F6BF-C62B-4E47-ADB0-0986D3DB7CF1} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-12-11] (Adobe Systems Incorporated) Task: {33C26D30-A1A4-45E0-B1C5-966982FF7340} - System32\Tasks\Razer_Game_Booster_AutoUpdate => C:\Program Files (x86)\Razer\Razer Game Booster\AutoUpdate.exe [2012-11-13] () Task: {383ED609-B7E5-417C-8167-F24293EC0DAD} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2010-06-19] (Google Inc.) Task: {44721CA0-CFF0-41DF-A6E9-4E222B206D47} - System32\Tasks\{6D5FF3E3-AA33-4E70-894B-A965B8C7B0D5} => C:\Users\EWA\Documents\Chicken Invaders 3 Xmas\CI3Xmaslol.exe Task: {4B4C60B7-13B7-4DF4-998B-497DADEDE53D} - System32\Tasks\{89926498-9F8F-4F08-967D-C9B726AD7185} => C:\Users\EWA\Documents\Chicken Invaders 3 Xmas\CI3Xmaslol.exe Task: {504A246A-C62E-4F5C-A262-B7D68E31572F} - System32\Tasks\Hewlett-Packard\HP Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2009-11-10] (Hewlett-Packard) Task: {51AF7EDF-A363-4585-BD65-5A1BE6551D12} - System32\Tasks\{C71C00C8-F6EC-45F2-9B7B-98319B9382E1} => C:\Program Files (x86)\Counter-Strike\cstrike.exe Task: {53232041-37D4-4854-B0A1-B4E11C8B7E80} - System32\Tasks\{C8DC4E47-F019-44F8-BDEF-FAB1DEC18CFC} => C:\Program Files (x86)\Counter-Strike\cstrike.exe Task: {5B2A42A4-94BC-4B58-B214-41048CBCC15E} - System32\Tasks\HP Photo Creations Messager => C:\ProgramData\HP Photo Creations\MessageCheck.exe [2011-02-15] () Task: {631DF975-C5AF-4569-820D-443DE53825F2} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-625775631-2830889111-2177705787-1001Core => C:\Users\EWA\AppData\Local\Facebook\Update\FacebookUpdate.exe [2013-05-28] (Facebook Inc.) Task: {64986AF9-935E-4FB5-A4F9-1B9436CC8EE5} - System32\Tasks\HPCustParticipation HP Deskjet 3070 B611 series => C:\Program Files\HP\HP Deskjet 3070 B611 series\Bin\HPCustPartic.exe [2011-06-08] (Hewlett-Packard Co.) Task: {75FD3789-99F2-4B5D-80C8-885D96B7ADD5} - System32\Tasks\{B30F7E1C-C776-4E3C-80B7-FCD32B0271C5} => C:\Program Files\Alwil Software\Avast5\AvastUI.exe [2014-01-08] (AVAST Software) Task: {7FE179B5-A45C-413C-949A-B2908FEF19FB} - System32\Tasks\Hewlett-Packard\HP Assistant\HP Total Care Tune-Up => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPTuneUp.exe [2009-10-15] (Hewlett-Packard Company) Task: {93672AA8-2301-4A44-9D1B-73821816053A} - System32\Tasks\Game_Booster_AutoUpdate => C:\Program Files (x86)\IObit\Game Booster 3\AutoUpdate.exe Task: {A5ADCED9-F076-426D-BA5A-94506F1FB6B6} - System32\Tasks\{F20CCC05-4EB7-430F-B818-8CDBAC96BB41} => Firefox.exe http://ui.skype.com/ui/0/6.1.0.129.272/pl/abandoninstall?page=tsProgressBar Task: {AAC2230E-5B2A-426C-876A-5CA9F3D8A781} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-625775631-2830889111-2177705787-1001UA => C:\Users\EWA\AppData\Local\Facebook\Update\FacebookUpdate.exe [2013-05-28] (Facebook Inc.) Task: {B154F4C9-4BC5-43D9-8187-4AD13634EEDD} - System32\Tasks\{97AEAE0B-ECB4-4FD8-84C1-16D7680152B1} => C:\Users\EWA\Downloads\Pijaczek_5.35_alfa-beta_analfabeta_hahaha_by_kurpiq.exe Task: {BED268BA-823F-4F93-82C6-64B1F576AAF3} - System32\Tasks\{06E8BF83-BD4B-4918-911A-EF763332564E} => Firefox.exe http://ui.skype.com/ui/0/6.1.0.129.272/pl/abandoninstall?page=tsProgressBar Task: {CAD8634D-B525-40AB-987D-47FEA540210B} - System32\Tasks\{716600E3-1CA9-461C-96AD-C46C0672268A} => C:\Program Files (x86)\Counter-Strike\cstrike.exe Task: {D516BC7D-1248-4A93-9606-1AE0111F0266} - System32\Tasks\{7612AA30-0C5F-48AA-BEB2-BC2607C80A37} => C:\Program Files (x86)\Counter-Strike\cstrike.exe Task: {DE56D2EB-A9C9-46E7-B343-ECCD97FEC998} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2010-06-19] (Google Inc.) Task: {DEF7A50F-5943-4654-91ED-29FF153EA028} - System32\Tasks\Hewlett-Packard\HP Assistant\PC Tuneup => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2009-11-10] (Hewlett-Packard) Task: {E2E7B8C5-856F-4773-A895-28E827A1BA19} - System32\Tasks\{8B9BED87-348F-4599-A4C7-E1F9B80B3979} => Firefox.exe Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-625775631-2830889111-2177705787-1001Core.job => C:\Users\EWA\AppData\Local\Facebook\Update\FacebookUpdate.exe Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-625775631-2830889111-2177705787-1001UA.job => C:\Users\EWA\AppData\Local\Facebook\Update\FacebookUpdate.exe Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\HP Photo Creations Messager.job => C:\ProgramData\HP Photo Creations\MessageCheck.exe ==================== Loaded Modules (whitelisted) ============= 2012-11-13 20:53 - 2012-11-13 20:53 - 00139024 _____ () C:\Program Files (x86)\Razer\Razer Game Booster\GBV3ContextMenu.dll 2014-01-14 22:40 - 2014-01-14 18:11 - 02153984 _____ () C:\Program Files\Alwil Software\Avast5\defs\14011401\algo.dll 2014-01-08 10:06 - 2014-01-08 10:06 - 19336120 _____ () C:\Program Files\Alwil Software\Avast5\libcef.dll 2013-12-21 18:18 - 2013-12-21 18:18 - 03559024 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll 2013-12-05 13:44 - 2013-12-04 03:47 - 00702416 _____ () C:\Program Files (x86)\Google\Chrome\Application\31.0.1650.63\libglesv2.dll 2013-12-05 13:44 - 2013-12-04 03:47 - 00099792 _____ () C:\Program Files (x86)\Google\Chrome\Application\31.0.1650.63\libegl.dll 2013-12-05 13:44 - 2013-12-04 03:48 - 04055504 _____ () C:\Program Files (x86)\Google\Chrome\Application\31.0.1650.63\pdf.dll 2013-12-05 13:44 - 2013-12-04 03:48 - 00399312 _____ () C:\Program Files (x86)\Google\Chrome\Application\31.0.1650.63\ppGoogleNaClPluginChrome.dll 2013-12-05 13:44 - 2013-12-04 03:47 - 01619408 _____ () C:\Program Files (x86)\Google\Chrome\Application\31.0.1650.63\ffmpegsumo.dll ==================== Alternate Data Streams (whitelisted) ========= ==================== Safe Mode (whitelisted) =================== HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys => ""="Driver" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Wdf01000.sys => ""="Driver" ==================== Faulty Device Manager Devices ============= ==================== Event log errors: ========================= Application errors: ================== Error: (01/14/2014 10:18:41 PM) (Source: Microsoft-Windows-LoadPerf) (User: ZARZĄDZANIE NT) Description: Nie można usunąć z pamięci ciągów licznika wydajności dla usługi WmiApRpl (WmiApRpl). Pierwszy wpis DWORD w sekcji danych (Data) zawiera kod błędu. Error: (01/14/2014 10:18:41 PM) (Source: Microsoft-Windows-LoadPerf) (User: ZARZĄDZANIE NT) Description: Ciągi wydajności w wartości rejestru wydajności są uszkodzone, kiedy proces wykonuje następującą operację na dostawcy licznika rozszerzeń: Performance. Wartość BaseIndex z rejestru wydajności to pierwszy wpis DWORD w sekcji danych Data, wartość LastCounter to drugi wpis DWORD, a wartość LastHelp to trzeci wpis DWORD w sekcji Data. Error: (01/14/2014 10:18:41 PM) (Source: Microsoft-Windows-LoadPerf) (User: ZARZĄDZANIE NT) Description: Ciągi wydajności w wartości rejestru wydajności są uszkodzone, kiedy proces wykonuje następującą operację na dostawcy licznika rozszerzeń: Performance. Wartość BaseIndex z rejestru wydajności to pierwszy wpis DWORD w sekcji danych Data, wartość LastCounter to drugi wpis DWORD, a wartość LastHelp to trzeci wpis DWORD w sekcji Data. Error: (01/12/2014 08:49:15 PM) (Source: Google Update) (User: EWA-haptuś) Description: Network Request Error. Error: 0x80072ee7. Http status code: 0. Url=https://www.facebook.com/omaha/update.php Trying config: source=IE, wpad=1, script=. trying CUP:WinHTTP. Send request returned 0x80072ee7. Http status code 0. trying WinHTTP. Send request returned 0x80072ee7. Http status code 0. trying CUP:iexplore. Send request returned 0x80004005. Http status code 0. Trying config: source=, direct connection. trying CUP:WinHTTP. Send request returned 0x80072ee7. Http status code 0. trying WinHTTP. Send request returned 0x80072ee7. Http status code 0. trying CUP:iexplore. Send request returned 0x80004005. Http status code 0. Trying config: source=IE, wpad=1, script=. trying CUP:WinHTTP. Send request returned 0x80072ee7. Http status code 0. trying WinHTTP. Send request returned 0x80072ee7. Http status code 0. trying CUP:iexplore. Send request returned 0x80004005. Http status code 0. Trying config: source=, direct connection. trying CUP:WinHTTP. Send request returned 0x80072ee7. Http s Error: (01/12/2014 05:49:16 PM) (Source: Google Update) (User: EWA-haptuś) Description: Network Request Error. Error: 0x80072ee7. Http status code: 0. Url=https://www.facebook.com/omaha/update.php Trying config: source=IE, wpad=1, script=. trying CUP:WinHTTP. Send request returned 0x80072ee7. Http status code 0. trying WinHTTP. Send request returned 0x80072ee7. Http status code 0. trying CUP:iexplore. Send request returned 0x80004005. Http status code 0. Trying config: source=, direct connection. trying CUP:WinHTTP. Send request returned 0x80072ee7. Http status code 0. trying WinHTTP. Send request returned 0x80072ee7. Http status code 0. trying CUP:iexplore. Send request returned 0x80004005. Http status code 0. Trying config: source=IE, wpad=1, script=. trying CUP:WinHTTP. Send request returned 0x80072ee7. Http status code 0. trying WinHTTP. Send request returned 0x80072ee7. Http status code 0. trying CUP:iexplore. Send request returned 0x80004005. Http status code 0. Trying config: source=, direct connection. trying CUP:WinHTTP. Send request returned 0x80072ee7. Http s Error: (01/11/2014 11:03:14 AM) (Source: Application Error) (User: ) Description: Nazwa aplikacji powodującej błąd: kyodai.exe, wersja: 0.0.0.0, sygnatura czasowa: 0x2a425e19 Nazwa modułu powodującego błąd: mciseq.dll, wersja: 6.1.7600.16385, sygnatura czasowa: 0x4a5bcb4a Kod wyjątku: 0xc0000005 Przesunięcie błędu: 0x00004d21 Identyfikator procesu powodującego błąd: 0x2278 Godzina uruchomienia aplikacji powodującej błąd: 0xkyodai.exe0 Ścieżka aplikacji powodującej błąd: kyodai.exe1 Ścieżka modułu powodującego błąd: kyodai.exe2 Identyfikator raportu: kyodai.exe3 Error: (01/11/2014 09:53:18 AM) (Source: Microsoft-Windows-LoadPerf) (User: ZARZĄDZANIE NT) Description: Nie można usunąć z pamięci ciągów licznika wydajności dla usługi WmiApRpl (WmiApRpl). Pierwszy wpis DWORD w sekcji danych (Data) zawiera kod błędu. Error: (01/11/2014 09:53:18 AM) (Source: Microsoft-Windows-LoadPerf) (User: ZARZĄDZANIE NT) Description: Ciągi wydajności w wartości rejestru wydajności są uszkodzone, kiedy proces wykonuje następującą operację na dostawcy licznika rozszerzeń: Performance. Wartość BaseIndex z rejestru wydajności to pierwszy wpis DWORD w sekcji danych Data, wartość LastCounter to drugi wpis DWORD, a wartość LastHelp to trzeci wpis DWORD w sekcji Data. Error: (01/11/2014 09:53:18 AM) (Source: Microsoft-Windows-LoadPerf) (User: ZARZĄDZANIE NT) Description: Ciągi wydajności w wartości rejestru wydajności są uszkodzone, kiedy proces wykonuje następującą operację na dostawcy licznika rozszerzeń: Performance. Wartość BaseIndex z rejestru wydajności to pierwszy wpis DWORD w sekcji danych Data, wartość LastCounter to drugi wpis DWORD, a wartość LastHelp to trzeci wpis DWORD w sekcji Data. Error: (01/09/2014 07:53:37 AM) (Source: System Restore) (User: ) Description: Wystąpił nieokreślony błąd podczas przywracania systemu: (Removed Internet Explorer Toolbar 4.6 by SweetPacks). Informacje dodatkowe: 0xc0000022. System errors: ============= Error: (01/14/2014 10:52:40 PM) (Source: Application Popup) (User: ) Description: Ładowanie sterownika \??\C:\Users\EWA\AppData\Local\Temp\mbr.sys zostało zablokowane z powodu niezgodności z tym systemem. Skontaktuj się z dostawcą oprogramowania w celu uzyskania zgodnej wersji sterownika. Error: (01/14/2014 10:52:40 PM) (Source: Application Popup) (User: ) Description: Ładowanie sterownika \??\C:\Users\EWA\AppData\Local\Temp\mbr.sys zostało zablokowane z powodu niezgodności z tym systemem. Skontaktuj się z dostawcą oprogramowania w celu uzyskania zgodnej wersji sterownika. Error: (01/14/2014 10:52:13 PM) (Source: Application Popup) (User: ) Description: Ładowanie sterownika \??\C:\Users\EWA\AppData\Local\Temp\mbr.sys zostało zablokowane z powodu niezgodności z tym systemem. Skontaktuj się z dostawcą oprogramowania w celu uzyskania zgodnej wersji sterownika. Error: (01/13/2014 07:29:06 AM) (Source: Microsoft-Windows-LanguagePackSetup) (User: ZARZĄDZANIE NT) Description: Inicjacja klienta CBS nie powiodła się. Ostatni błąd: 0x8007045b Error: (01/10/2014 08:14:33 PM) (Source: EventLog) (User: ) Description: Poprzednie zamknięcie systemu przy 20:11:42 na ‎2014-‎01-‎10 było nieoczekiwane. Error: (01/10/2014 09:44:08 AM) (Source: Microsoft-Windows-Kernel-Power) (User: ) Description: Nastąpiło przejście systemu do stanu hibernacji z powodu krytycznego zdarzenia termicznego. Czas hibernacji = 2014-01-10T08:44:08.954740800Z Strefa termiczna ACPI = ACPI\ThermalZone\TZ01 _HOT = 368 K Error: (01/10/2014 09:44:03 AM) (Source: Microsoft-Windows-Kernel-Power) (User: ZARZĄDZANIE NT) Description: Nastąpiło przejście systemu do stanu hibernacji z powodu krytycznego zdarzenia termicznego. Czas hibernacji = 2014-01-10T08:44:03.949454600Z Strefa termiczna ACPI = ACPI\ThermalZone\TZ01 _HOT = 368 K Error: (01/10/2014 09:43:59 AM) (Source: Microsoft-Windows-Kernel-Power) (User: ZARZĄDZANIE NT) Description: Nastąpiło przejście systemu do stanu hibernacji z powodu krytycznego zdarzenia termicznego. Czas hibernacji = 2014-01-10T08:43:59.091176700Z Strefa termiczna ACPI = ACPI\ThermalZone\TZ01 _HOT = 368 K Error: (01/10/2014 09:43:58 AM) (Source: Microsoft-Windows-Kernel-Power) (User: ZARZĄDZANIE NT) Description: Nastąpiło przejście systemu do stanu hibernacji z powodu krytycznego zdarzenia termicznego. Czas hibernacji = 2014-01-10T08:43:58.938167900Z Strefa termiczna ACPI = ACPI\ThermalZone\TZ01 _HOT = 368 K Error: (01/09/2014 10:23:49 PM) (Source: EventLog) (User: ) Description: Poprzednie zamknięcie systemu przy 22:22:47 na ‎2014-‎01-‎09 było nieoczekiwane. Microsoft Office Sessions: ========================= CodeIntegrity Errors: =================================== Date: 2014-01-14 22:52:40.706 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Users\EWA\AppData\Local\Temp\mbr.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2014-01-14 22:52:40.472 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Users\EWA\AppData\Local\Temp\mbr.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2014-01-14 22:52:40.238 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Users\EWA\AppData\Local\Temp\mbr.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2014-01-14 22:52:40.004 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Users\EWA\AppData\Local\Temp\mbr.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2014-01-14 22:52:13.257 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Users\EWA\AppData\Local\Temp\mbr.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2014-01-14 22:52:13.023 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Users\EWA\AppData\Local\Temp\mbr.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. ==================== Memory info =========================== Percentage of memory in use: 58% Total physical RAM: 2933.86 MB Available physical RAM: 1223.7 MB Total Pagefile: 5865.9 MB Available Pagefile: 3899.42 MB Total Virtual: 8192 MB Available Virtual: 8191.83 MB ==================== Drives ================================ Drive c: () (Fixed) (Total:285.41 GB) (Free:175.22 GB) NTFS ==>[System with boot components (obtained from reading drive)] Drive d: (RECOVERY) (Fixed) (Total:12.38 GB) (Free:1.12 GB) NTFS ==>[System with boot components (obtained from reading drive)] Drive e: (HP_TOOLS) (Fixed) (Total:0.1 GB) (Free:0.09 GB) FAT32 Drive g: (USB DISK) (Removable) (Total:0.24 GB) (Free:0.24 GB) FAT ==================== MBR & Partition Table ================== ======================================================== Disk: 0 (Size: 298 GB) (Disk ID: A2C75E72) Partition 1: (Active) - (Size=199 MB) - (Type=07 NTFS) Partition 2: (Not Active) - (Size=285 GB) - (Type=07 NTFS) Partition 3: (Not Active) - (Size=12 GB) - (Type=07 NTFS) Partition 4: (Not Active) - (Size=103 MB) - (Type=0C) ======================================================== Disk: 1 (Size: 250 MB) (Disk ID: 680A6EF8) Partition 1: (Active) - (Size=250 MB) - (Type=06) ==================== End Of Log ============================