Additional scan result of Farbar Recovery Scan Tool (x86) Version: 03-03-2014 Ran by Admin at 2014-03-03 09:48:35 Running from C:\Users\Admin\Desktop Boot Mode: Normal ========================================================== ==================== Security Center ======================== AV: ESET NOD32 Antivirus 4.2 (Enabled - Up to date) {77DEAFED-8149-104B-25A1-21771CA47CD1} AS: ESET NOD32 Antivirus 4.2 (Enabled - Up to date) {CCBF4E09-A773-1FC5-1F11-1A056723366C} AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} ==================== Installed Programs ====================== Update for Microsoft Office 2007 (KB2508958) (HKLM\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{0C5823AA-7B6F-44E1-8D5B-8FD1FF0E6438}) (Version: - Microsoft) 32 Bit HP CIO Components Installer (Version: 2.1.5 - Hewlett-Packard) Hidden Adobe Flash Player 12 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 12.0.0.70 - Adobe Systems Incorporated) Adobe Flash Player 12 Plugin (HKLM\...\Adobe Flash Player Plugin) (Version: 12.0.0.70 - Adobe Systems Incorporated) Adobe Shockwave Player 12.0 (HKLM\...\Adobe Shockwave Player) (Version: 12.0.7.148 - Adobe Systems, Inc.) Aktualizacja produktu Microsoft Office Excel 2007 Help (KB963678) (HKLM\...\{90120000-0016-0415-0000-0000000FF1CE}_HOMESTUDENTR_{04E205D6-88B1-4652-B162-42DF2C3B1228}) (Version: - Microsoft) Aktualizacja produktu Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM\...\{90120000-0018-0415-0000-0000000FF1CE}_HOMESTUDENTR_{442ECBCF-94A7-48CC-8CD9-D31FFFD5FA86}) (Version: - Microsoft) Aktualizacja produktu Microsoft Office Word 2007 Help (KB963665) (HKLM\...\{90120000-001B-0415-0000-0000000FF1CE}_HOMESTUDENTR_{128A36ED-21BE-4547-9FFE-5B85AEC735DD}) (Version: - Microsoft) ALTools Update (HKLM\...\ALUpdate_is1) (Version: v11.4 - ESTsoft Corp.) ALZip 8.51 (HKLM\...\ALZip_is1) (Version: v8.51 - ESTsoft Corp.) BufferChm (Version: 110.0.180.000 - Hewlett-Packard) Hidden Camera Assistant Software for Toshiba (HKLM\...\{37C866E4-AA67-4725-9E95-A39968DD7960}) (Version: 1.7.231.1126L - Chicony Electronics Co.,Ltd.) CCleaner (HKLM\...\CCleaner) (Version: 4.09 - Piriform) CD/DVD Drive Acoustic Silencer (HKLM\...\{9FE35071-CAB2-4E79-93E7-BFC6A2DC5C5D}) (Version: 2.02.01 - TOSHIBA) DJ_AIO_03_F4200_Software (Version: 110.0.238.000 - Hewlett-Packard) Hidden DJ_AIO_03_F4200_Software_Min (Version: 110.0.238.000 - Hewlett-Packard) Hidden DJ_AIO_03_F4220_ProductContext (Version: 110.0.238.000 - Hewlett-Packard) Hidden DVD MovieFactory for TOSHIBA (HKLM\...\{F214EAA4-A069-4BAF-9DA4-4DB8BEEDE485}) (Version: 5.51 - Ulead Systems, Inc.) ESET NOD32 Antivirus (HKLM\...\{B3B5F219-79E6-4307-8AC1-9B32BE37CD48}) (Version: 4.2.71.2 - ESET, spol. s r.o.) F4200 (Version: 110.0.238.000 - Nazwa firmy) Hidden F4210_Help (Version: 110.0.238.000 - Hewlett-Packard) Hidden Facebook Video Calling 2.0.0.447 (HKLM\...\{8DF41A9F-FE13-43E8-A003-5F9B55A011EE}) (Version: 2.0.447 - Skype Limited) GG (HKCU\...\GG) (Version: 12 - GG Network S.A.) GG Tools (HKLM\...\GG Tools_is1) (Version: 3 - Krzysztof Mortka / kRk Software) Google Update Helper (Version: 1.3.22.5 - Google Inc.) Hidden HEXelon MAX 6.07 (HKLM\...\HEXelon MAX_is1) (Version: 6.07 - Jerzy Znamirowski) HP Deskjet F4200 All-In-One Driver Software 11.0 Rel .3 (HKLM\...\{C3B6AEB1-390C-4792-8677-CD87F8B2C959}) (Version: 11.0 - HP) HPDiagnosticAlert (Version: 1.00.0000 - Microsoft) Hidden Intel(R) Graphics Media Accelerator Driver (HKLM\...\HDMI) (Version: - ) Intel® Matrix Storage Manager (HKLM\...\{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}) (Version: - ) Java 7 Update 51 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83217045FF}) (Version: 7.0.510 - Oracle) Java Auto Updater (Version: 2.1.9.8 - Sun Microsystems, Inc.) Hidden K-Lite Codec Pack 10.2.0 Full (HKLM\...\KLiteCodecPack_is1) (Version: 10.2.0 - ) Lager (Version: 1.0.0.0 - Hewlett-Packard) Hidden McAfee Security Scan Plus (HKLM\...\McAfee Security Scan) (Version: 3.8.141.11 - McAfee, Inc.) Microsoft .NET Framework 3.5 Language Pack SP1 - plk (Version: 3.5.30729 - Microsoft Corporation) Hidden Microsoft .NET Framework 3.5 SP1 (HKLM\...\Microsoft .NET Framework 3.5 SP1) (Version: - Microsoft Corporation) Microsoft .NET Framework 3.5 SP1 (Version: 3.5.30729 - Microsoft Corporation) Hidden Microsoft .NET Framework 4.5.1 (PLK) (Version: 4.5.50938 - Microsoft Corporation) Hidden Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden Microsoft Office 2007 Service Pack 3 (SP3) (HKLM\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft) Microsoft Office 2007 Service Pack 3 (SP3) (Version: - Microsoft) Hidden Microsoft Office Excel MUI (Polish) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden Microsoft Office File Validation Add-In (HKLM\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation) Microsoft Office Home and Student 2007 (HKLM\...\HOMESTUDENTR) (Version: 12.0.6612.1000 - Microsoft Corporation) Microsoft Office Home and Student 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden Microsoft Office OneNote MUI (Polish) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden Microsoft Office PowerPoint MUI (Polish) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden Microsoft Office Proof (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden Microsoft Office Proof (German) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden Microsoft Office Proof (Polish) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden Microsoft Office Proofing (Polish) 2007 (Version: 12.0.4518.1020 - Microsoft Corporation) Hidden Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) (Version: - Microsoft) Hidden Microsoft Office Shared MUI (Polish) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden Microsoft Office Word MUI (Polish) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.20913.0 - Microsoft Corporation) Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft XML Parser (Version: 8.20.8730.4 - Microsoft Corporation) Hidden Mozilla Firefox 27.0.1 (x86 pl) (HKLM\...\Mozilla Firefox 27.0.1 (x86 pl)) (Version: 27.0.1 - Mozilla) Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 27.0.1 - Mozilla) MSVC80_x86_v2 (Version: 1.0.3.0 - Nokia) Hidden MSVC90_x86 (Version: 1.0.1.2 - Nokia) Hidden MSVCSetup (Version: 1.00.0000 - HP) Hidden MSXML 4.0 SP2 (KB954430) (HKLM\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation) MSXML 4.0 SP2 (KB973688) (HKLM\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation) neroxml (Version: 1.0.0 - Nero AG) Hidden Odkurzacz (HKLM\...\Odkurzacz 13.4_is1) (Version: 13.4.0.1685 - FranmoSoftware - Maciej Opaliński) Pakiet językowy programu Microsoft .NET Framework 3.5 z dodatkiem SP1 — PLK (HKLM\...\Microsoft .NET Framework 3.5 Language Pack SP1 - plk) (Version: - Microsoft Corporation) PhotoScape (HKLM\...\PhotoScape) (Version: - ) PlayReady PC Runtime x86 (HKLM\...\{CCA5EAAD-92F4-4B7A-B5EE-14294C66AB61}) (Version: 1.3.0 - Microsoft Corporation) Realtek 8169, 8168, 8101E and 8102E Ethernet Network Card Driver for Windows Vista (HKLM\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 1.00.0000 - Realtek) Realtek High Definition Audio Driver (HKLM\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.5559 - Realtek Semiconductor Corp.) Realtek USB 2.0 Card Reader (HKLM\...\{DC24971E-1946-445D-8A82-CE685433FA7D}) (Version: - Realtek Semiconductor Corp.) Scan (Version: 11.0.0.0 - Hewlett-Packard) Hidden Silvercrest OM1008 driver (HKLM\...\InstallShield_{D6ADE4A4-4AF3-4D84-80C2-AB98DC9E2EF9}) (Version: 6.1 - Targa GmbH) Silvercrest OM1008 driver (Version: 6.1 - Targa GmbH) Hidden Skype Click to Call (HKLM\...\{B6CF2967-C81E-40C0-9815-C05774FEF120}) (Version: 5.9.9216 - Skype Technologies S.A.) Skype™ 6.11 (HKLM\...\{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}) (Version: 6.11.102 - Skype Technologies S.A.) swMSM (Version: 12.0.0.1 - Adobe Systems, Inc) Hidden Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 15.2.7.0 - Synaptics Incorporated) Toolbox (Version: 110.0.180.000 - Hewlett-Packard) Hidden TOSHIBA ConfigFree (HKLM\...\{78C6A78A-8B03-48C8-A47C-78BA1FCA2307}) (Version: 7.1.27 - TOSHIBA Corporation) TOSHIBA Disc Creator (HKLM\...\{5DA0E02F-970B-424B-BF41-513A5018E4C0}) (Version: 2.0.1.1.a - TOSHIBA Corporation) TOSHIBA DVD PLAYER (HKLM\...\{6C5F3BDC-0A1B-4436-A696-5939629D5C31}) (Version: 1.20.10 - TOSHIBA Corporation) TOSHIBA Extended Tiles for Windows Mobility Center (HKLM\...\InstallShield_{617C36FD-0CBE-4600-84B2-441CEB12FADF}) (Version: 1.01.00 - Toshiba) TOSHIBA Extended Tiles for Windows Mobility Center (Version: 1.01.00 - Toshiba) Hidden TOSHIBA Face Recognition (HKLM\...\InstallShield_{C730E42C-935A-45BB-A0C5-37E5234D111B}) (Version: 1.0.2.32 - TOSHIBA Corporation) TOSHIBA Face Recognition (Version: 1.0.2.32 - TOSHIBA Corporation) Hidden TOSHIBA Recovery Disc Creator (HKLM\...\{B65BBB06-1F8E-48F5-8A54-B024A9E15FDF}) (Version: 2.0.0.1b - TOSHIBA) TOSHIBA Software Modem (HKLM\...\TOSHIBA Software Modem) (Version: 2.1.77 (SM2177ALD04) - Agere Systems) TOSHIBA Supervisor Password (HKLM\...\{4B1E87C3-00DE-4898-8E39-E390AAEF2391}) (Version: 2.00.03 - ) TOSHIBA Value Added Package (HKLM\...\InstallShield_{FEDD27A0-B306-45EF-BF58-B527406B42C8}) (Version: 1.1.14 - TOSHIBA Corporation) TOSHIBA Value Added Package (Version: 1.1.14 - TOSHIBA Corporation) Hidden TRDCReminder (HKLM\...\InstallShield_{773970F1-5EBA-4474-ADEE-1EA3B0A59492}) (Version: 1.00.0014 - TOSHIBA) TRDCReminder (Version: 1.00.0014 - TOSHIBA) Hidden TRORDCLauncher (HKLM\...\InstallShield_{E65C7D8E-186D-484B-BEA8-DEF0331CE600}) (Version: 1.0.0.1 - TOSHIBA) TRORDCLauncher (Version: 1.0.0.1 - TOSHIBA) Hidden Update for 2007 Microsoft Office System (KB967642) (HKLM\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft) Update for Microsoft .NET Framework 3.5 SP1 (KB963707) (HKLM\...\{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}.KB963707) (Version: 1 - Microsoft Corporation) Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition (HKLM\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{A024FC7B-77DE-45DE-A058-1C049A17BFB3}) (Version: - Microsoft) Update for Microsoft Office 2007 suites (KB2687493) 32-Bit Edition (HKLM\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{6FAA03BD-2B51-4029-9AD9-64A3B8E3C84C}) (Version: - Microsoft) Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition (HKLM\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{CB68A5B0-3508-4193-AEB9-AF636DAECE0F}) (Version: - Microsoft) Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition (HKLM\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{E9A82945-BA29-4EE8-8F2A-2F49545E9CF2}) (Version: - Microsoft) WebReg (Version: 110.0.180.000 - Hewlett-Packard) Hidden Windows Media Encoder 9 Series (HKLM\...\Windows Media Encoder 9) (Version: - ) Windows Media Encoder 9 Series (Version: 9.00.3374 - Microsoft Corporation) Hidden Windows Media Player Firefox Plugin (HKLM\...\{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}) (Version: 1.0.0.8 - Microsoft Corp) ==================== Restore Points ========================= ==================== Hosts content: ========================== 2006-11-02 11:23 - 2006-09-18 22:41 - 00000736 ____A C:\Windows\system32\Drivers\etc\hosts ::1 localhost ==================== Scheduled Tasks (whitelisted) ============= Task: {04699375-5AFB-4BAF-9F2A-09D8C0497F4E} - System32\Tasks\Microsoft\Windows\Media Center\ehDRMInit => C:\Windows\ehome\ehPrivJob.exe [2008-01-19] (Microsoft Corporation) <==== ATTENTION Task: {0C3AF200-FADC-49E5-880E-DEE192C8B79A} - System32\Tasks\Microsoft\Windows\RemoteAssistance\RemoteAssistanceTask => C:\Windows\system32\RAServer.exe [2008-01-19] (Microsoft Corporation) <==== ATTENTION Task: {11893D5E-54A0-4C6B-AB0D-D9FA527334A9} - System32\Tasks\Microsoft\Windows\Windows Error Reporting\QueueReporting => C:\Windows\system32\wermgr.exe [2008-01-19] (Microsoft Corporation) <==== ATTENTION Task: {1CC81347-6204-4B83-900C-01E02F50F067} - System32\Tasks\Microsoft\Windows\MobilePC\TMM Task: {2E90599C-3BB4-4D4A-8B08-6FFFF18BD075} - System32\Tasks\Microsoft\Windows Defender\MP Scheduled Scan => c:\program files\windows defender\MpCmdRun.exe [2008-01-19] (Microsoft Corporation) <==== ATTENTION Task: {3BCDF251-CA5C-4045-A1FC-8FCEF9FBDC93} - System32\Tasks\Microsoft\Windows\Shell\CrawlStartPages Task: {44980BEE-7809-44A9-AC24-D6E578A3B7DF} - System32\Tasks\Microsoft\Windows\RAC\RACAgent => C:\Windows\system32\RacAgent.exe [2008-01-19] (Microsoft Corporation) <==== ATTENTION Task: {4D7BC85C-5A41-4963-8CDD-6D9D55F757DB} - System32\Tasks\Microsoft\Windows\Bluetooth\UninstallDeviceTask => C:\Windows\system32\BthUdTask.exe [2009-04-11] (Microsoft Corporation) <==== ATTENTION Task: {561375CB-FF5A-417B-B297-BA73DE149581} - System32\Tasks\Microsoft\Windows\Wired\GatherWiredInfo => C:\Windows\system32\gatherWiredInfo.vbs [2008-01-05] () <==== ATTENTION Task: {57030356-4699-4E1F-9939-F9D4460CD4DA} - System32\Tasks\Microsoft\Windows\Media Center\OCURDiscovery => C:\Windows\ehome\ehPrivJob.exe [2008-01-19] (Microsoft Corporation) <==== ATTENTION Task: {5936C79A-731F-4716-BE59-35B58194ECE5} - System32\Tasks\Microsoft\Windows\Media Center\OCURActivate => C:\Windows\ehome\ehPrivJob.exe [2008-01-19] (Microsoft Corporation) <==== ATTENTION Task: {593E6976-2662-4395-87D5-AC60AFA8F746} - System32\Tasks\Microsoft\Windows\MUI\LPRemove => C:\Windows\system32\lpremove.exe [2008-01-19] (Microsoft Corporation) <==== ATTENTION Task: {858BD5FB-61C3-4D83-8392-B9855BE4DF1D} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate => C:\Windows\ehome\mcupdate.exe [2009-04-11] (Microsoft Corporation) <==== ATTENTION Task: {87C79D84-F9B1-48D9-B024-2C55C633B166} - System32\Tasks\Microsoft\Windows\Tcpip\WSHReset => C:\Windows\system32\netsh.exe [2006-11-02] (Microsoft Corporation) <==== ATTENTION Task: {89194558-47E7-4A9E-B507-6C91CE4E6504} - System32\Tasks\Microsoft\Windows\Customer Experience Improvement Program\Consolidator => C:\Windows\System32\wsqmcons.exe [2008-01-19] (Microsoft Corporation) <==== ATTENTION Task: {922EDBC3-4693-4C64-8901-E1B779626419} - System32\Tasks\Microsoft\Windows\NetworkAccessProtection\NAPStatus UI Task: {99B9521C-F109-4B7B-BDDF-99CF656525E0} - System32\Tasks\Microsoft\Windows\Defrag\ScheduledDefrag => C:\Windows\system32\defrag.exe [2008-01-19] (Microsoft Corp.) <==== ATTENTION Task: {9E49BEFA-8549-4AC1-864F-944432E35135} - System32\Tasks\{A23D43F4-8BA1-498C-9FED-5B6AECDC366C} => C:\Windows\system32\pcalua.exe [2006-11-02] (Microsoft Corporation) <==== ATTENTION Task: {A61555D3-7840-45C1-A5A9-0D49851DE37A} - System32\Tasks\Microsoft\Windows\Customer Experience Improvement Program\OptinNotification => C:\Windows\System32\wsqmcons.exe [2008-01-19] (Microsoft Corporation) <==== ATTENTION Task: {ACDA409E-905C-498B-AEE4-853E0B6C9EDF} - System32\Tasks\Odkurzacz => C:\Program Files\Odkurzacz\odkurzacz.exe [2013-09-21] (FranmoSoftware) <==== ATTENTION Task: {AF97299C-E0B7-4381-A339-D902EADBF79D} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2013-12-17] (Piriform Ltd) <==== ATTENTION Task: {B0C3FDC1-6390-43BE-927C-2CCE6A3E7B91} - System32\Tasks\Microsoft\Windows\Media Center\UpdateRecordPath => C:\Windows\ehome\ehPrivJob.exe [2008-01-19] (Microsoft Corporation) <==== ATTENTION Task: {C20E0D8D-D80B-4D6F-A0F1-BBB262474D3A} - System32\Tasks\{2639C468-F938-4924-B443-8BFAD9F42A1F} => C:\Windows\system32\pcalua.exe [2006-11-02] (Microsoft Corporation) <==== ATTENTION Task: {C4EEE38B-A056-4BB8-8A98-1A337B97AB74} - System32\Tasks\{28CC9B95-425D-4582-AEA6-CD687733D21E} => C:\Windows\system32\pcalua.exe [2006-11-02] (Microsoft Corporation) <==== ATTENTION Task: {C68D6D06-F009-4E64-958B-47EDAA3B899B} - System32\Tasks\{4B9A1856-100E-4B25-9275-F6307A29A5D6} => C:\Windows\system32\pcalua.exe [2006-11-02] (Microsoft Corporation) <==== ATTENTION Task: {C6A078AF-ECA7-4A4C-97F8-C67BC45C39F4} - System32\Tasks\{F51593BD-5712-41BF-917F-011EA6479049} => Iexplore.exe http://ui.skype.com/ui/0/5.1.0.112.210/en/abandoninstall?page=tsMain&installinfo=google-toolbar:offered-installed,google-chrome:notoffered;toolbaroffered <==== ATTENTION Task: {CD2754C4-0821-4637-93A2-C809474FE133} - System32\Tasks\{4FADAC14-C835-4FE0-A117-3AB4E7B2F4F0} => C:\Windows\system32\pcalua.exe [2006-11-02] (Microsoft Corporation) <==== ATTENTION Task: {E5150B95-F9B4-4D5D-95A2-7EC1ACBA95F8} - System32\Tasks\Microsoft\Windows\Wireless\GatherWirelessInfo => C:\Windows\system32\gatherWirelessInfo.vbs [2008-01-05] () <==== ATTENTION Task: {EECF828F-4B12-4B90-97FB-56C211F5CB74} - System32\Tasks\Microsoft\Windows\Defrag\ManualDefrag => C:\Windows\system32\defrag.exe [2008-01-19] (Microsoft Corp.) <==== ATTENTION Task: {F0ACBA56-381B-42C7-A820-0272F9C90A60} - System32\Tasks\{255F20C7-13F6-49C1-9933-D3478E08205B} => C:\Windows\system32\pcalua.exe [2006-11-02] (Microsoft Corporation) <==== ATTENTION Task: {F55F85D3-8FDE-479E-82E0-A9BB339AA8E2} - System32\Tasks\Microsoft\Windows\UPnP\UPnPHostConfig => Sc.exe config upnphost start= auto <==== ATTENTION Task: {F89AEF78-211E-4D82-B681-D7D5C97B3E6A} - System32\Tasks\Microsoft\Windows\DiskDiagnostic\Microsoft-Windows-DiskDiagnosticResolver => C:\Windows\system32\DFDWiz.exe [2008-01-19] (Microsoft Corporation) <==== ATTENTION ==================== Loaded Modules (whitelisted) ============= 2008-02-29 08:17 - 2007-09-13 14:11 - 00249856 _____ () C:\Windows\system32\igfxTMM.dll ==================== Alternate Data Streams (whitelisted) ========= AlternateDataStreams: C:\ProgramData\TEMP:CB0AACC9 AlternateDataStreams: C:\ProgramData\TEMP:D1B5B4F1 ==================== Safe Mode (whitelisted) =================== ==================== Disabled items from MSCONFIG ============== MSCONFIG\Services: AdobeFlashPlayerUpdateSvc => 3 MSCONFIG\Services: AeLookupSvc => 2 MSCONFIG\Services: AgereModemAudio => 2 MSCONFIG\Services: ALG => 3 MSCONFIG\Services: AudioEndpointBuilder => 2 MSCONFIG\Services: Audiosrv => 2 MSCONFIG\Services: BFE => 2 MSCONFIG\Services: BITS => 2 MSCONFIG\Services: Browser => 2 MSCONFIG\Services: CertPropSvc => 3 MSCONFIG\Services: clr_optimization_v2.0.50727_32 => 3 MSCONFIG\Services: clr_optimization_v4.0.30319_32 => 2 MSCONFIG\Services: COMSysApp => 3 MSCONFIG\Services: ConfigFree Service => 2 MSCONFIG\Services: CryptSvc => 2 MSCONFIG\Services: DFSR => 3 MSCONFIG\Services: Dhcp => 2 MSCONFIG\Services: Dnscache => 2 MSCONFIG\Services: dot3svc => 3 MSCONFIG\Services: DPS => 2 MSCONFIG\Services: EapHost => 3 MSCONFIG\Services: ehRecvr => 3 MSCONFIG\Services: ehSched => 3 MSCONFIG\Services: ehstart => 2 MSCONFIG\Services: EhttpSrv => 3 MSCONFIG\Services: EMDMgmt => 2 MSCONFIG\Services: Eventlog => 2 MSCONFIG\Services: EventSystem => 2 MSCONFIG\Services: fdPHost => 3 MSCONFIG\Services: FDResPub => 2 MSCONFIG\Services: FontCache => 2 MSCONFIG\Services: FontCache3.0.0.0 => 2 MSCONFIG\Services: gupdate => 2 MSCONFIG\Services: gupdatem => 3 MSCONFIG\Services: gusvc => 3 MSCONFIG\Services: hidserv => 2 MSCONFIG\Services: hkmsvc => 3 MSCONFIG\Services: idsvc => 3 MSCONFIG\Services: IKEEXT => 2 MSCONFIG\Services: IPBusEnum => 3 MSCONFIG\Services: iphlpsvc => 2 MSCONFIG\Services: KeyIso => 3 MSCONFIG\Services: KMWDSERVICE => 2 MSCONFIG\Services: KtmRm => 2 MSCONFIG\Services: LanmanServer => 2 MSCONFIG\Services: LanmanWorkstation => 2 MSCONFIG\Services: lltdsvc => 3 MSCONFIG\Services: lmhosts => 2 MSCONFIG\Services: McComponentHostService => 3 MSCONFIG\Services: MMCSS => 2 MSCONFIG\Services: MozillaMaintenance => 3 MSCONFIG\Services: MpsSvc => 2 MSCONFIG\Services: MSDTC => 3 MSCONFIG\Services: MSiSCSI => 3 MSCONFIG\Services: msiserver => 3 MSCONFIG\Services: napagent => 3 MSCONFIG\Services: Net Driver HPZ12 => 2 MSCONFIG\Services: Netlogon => 3 MSCONFIG\Services: Netman => 3 MSCONFIG\Services: netprofm => 2 MSCONFIG\Services: NlaSvc => 2 MSCONFIG\Services: nsi => 2 MSCONFIG\Services: odserv => 3 MSCONFIG\Services: ose => 3 MSCONFIG\Services: p2pimsvc => 3 MSCONFIG\Services: p2psvc => 3 MSCONFIG\Services: PcaSvc => 2 MSCONFIG\Services: pla => 3 MSCONFIG\Services: Pml Driver HPZ12 => 2 MSCONFIG\Services: PNRPAutoReg => 3 MSCONFIG\Services: PNRPsvc => 3 MSCONFIG\Services: PolicyAgent => 2 MSCONFIG\Services: ProtectedStorage => 3 MSCONFIG\Services: QWAVE => 3 MSCONFIG\Services: RasAuto => 3 MSCONFIG\Services: RasMan => 3 MSCONFIG\Services: RemoteRegistry => 3 MSCONFIG\Services: RpcLocator => 3 MSCONFIG\Services: SamSs => 2 MSCONFIG\Services: SCardSvr => 3 MSCONFIG\Services: SCPolicySvc => 3 MSCONFIG\Services: SDRSVC => 3 MSCONFIG\Services: seclogon => 2 MSCONFIG\Services: SENS => 2 MSCONFIG\Services: SessionEnv => 3 MSCONFIG\Services: ShellHWDetection => 2 MSCONFIG\Services: SkypeUpdate => 2 MSCONFIG\Services: SLUINotify => 3 MSCONFIG\Services: SNMPTRAP => 3 MSCONFIG\Services: Spooler => 2 MSCONFIG\Services: SSDPSRV => 2 MSCONFIG\Services: SstpSvc => 3 MSCONFIG\Services: stisvc => 2 MSCONFIG\Services: swprv => 3 MSCONFIG\Services: SysMain => 2 MSCONFIG\Services: TabletInputService => 2 MSCONFIG\Services: TapiSrv => 3 MSCONFIG\Services: TBS => 2 MSCONFIG\Services: TermService => 2 MSCONFIG\Services: Themes => 2 MSCONFIG\Services: THREADORDER => 3 MSCONFIG\Services: TNaviSrv => 2 MSCONFIG\Services: TODDSrv => 2 MSCONFIG\Services: TosCoSrv => 2 MSCONFIG\Services: TOSHIBA SMART Log Service => 2 MSCONFIG\Services: TrkWks => 2 MSCONFIG\Services: TrustedInstaller => 3 MSCONFIG\Services: UI0Detect => 3 MSCONFIG\Services: UleadBurningHelper => 2 MSCONFIG\Services: upnphost => 2 MSCONFIG\Services: UxSms => 2 MSCONFIG\Services: vds => 3 MSCONFIG\Services: VSS => 3 MSCONFIG\Services: W32Time => 2 MSCONFIG\Services: wcncsvc => 3 MSCONFIG\Services: WcsPlugInService => 3 MSCONFIG\Services: WdiServiceHost => 3 MSCONFIG\Services: WdiSystemHost => 3 MSCONFIG\Services: WebClient => 2 MSCONFIG\Services: Wecsvc => 3 MSCONFIG\Services: wercplsupport => 3 MSCONFIG\Services: WerSvc => 2 MSCONFIG\Services: WinDefend => 2 MSCONFIG\Services: WinHttpAutoProxySvc => 3 MSCONFIG\Services: Winmgmt => 2 MSCONFIG\Services: WinRM => 3 MSCONFIG\Services: Wlansvc => 2 MSCONFIG\Services: wmiApSrv => 3 MSCONFIG\Services: WMPNetworkSvc => 3 MSCONFIG\Services: WPCSvc => 3 MSCONFIG\Services: WPDBusEnum => 2 MSCONFIG\Services: WPFFontCache_v0400 => 3 MSCONFIG\Services: wscsvc => 2 MSCONFIG\Services: WSearch => 2 MSCONFIG\Services: wuauserv => 2 MSCONFIG\Services: wudfsvc => 2 MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Adobe Reader Synchronizer.lnk => C:\Windows\pss\Adobe Reader Synchronizer.lnk.CommonStartup MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^McAfee Security Scan Plus.lnk => C:\Windows\pss\McAfee Security Scan Plus.lnk.CommonStartup MSCONFIG\startupfolder: C:^Users^Admin^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^TRDCReminder.lnk => C:\Windows\pss\TRDCReminder.lnk.Startup MSCONFIG\startupfolder: C:^Users^Admin^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Tworzenie wycinków ekranu i uruchamianie programu OneNote 2007.lnk => C:\Windows\pss\Tworzenie wycinków ekranu i uruchamianie programu OneNote 2007.lnk.Startup MSCONFIG\startupreg: 00TCrdMain => %ProgramFiles%\TOSHIBA\FlashCards\TCrdMain.exe MSCONFIG\startupreg: Desktop SMS => C:\Program Files\IDM\Desktop SMS\DesktopSMS.exe /auto MSCONFIG\startupreg: ehTray.exe => C:\Windows\ehome\ehTray.exe MSCONFIG\startupreg: Facebook Update => "C:\Users\Admin\AppData\Local\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver MSCONFIG\startupreg: GG => "C:\Users\Admin\AppData\Local\GG\Application\gghub.exe" MSCONFIG\startupreg: GG Tools => "C:\Program Files\Krzysztof Mortka\GG Tools\GGT.exe" /tray MSCONFIG\startupreg: Google Desktop Search => "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup MSCONFIG\startupreg: HEXelon MAX => "C:\Program Files\HEXelon MAX 6\hexelon.exe" /auto MSCONFIG\startupreg: HotKeysCmds => C:\Windows\system32\hkcmd.exe MSCONFIG\startupreg: IgfxTray => C:\Windows\system32\igfxtray.exe MSCONFIG\startupreg: KMCONFIG => C:\Program Files\Silvercrest OM1008 driver\StartAutorun.exe KMConfig.exe MSCONFIG\startupreg: mcagent_exe => C:\Program Files\McAfee.com\Agent\mcagent.exe /runkey MSCONFIG\startupreg: NDSTray.exe => NDSTray.exe MSCONFIG\startupreg: Persistence => C:\Windows\system32\igfxpers.exe MSCONFIG\startupreg: RtHDVCpl => RtHDVCpl.exe MSCONFIG\startupreg: Sidebar => C:\Program Files\Windows Sidebar\sidebar.exe /autoRun MSCONFIG\startupreg: Skytel => Skytel.exe MSCONFIG\startupreg: SmoothView => %ProgramFiles%\Toshiba\SmoothView\SmoothView.exe MSCONFIG\startupreg: SunJavaUpdateSched => "C:\Program Files\Common Files\Java\Java Update\jusched.exe" MSCONFIG\startupreg: SynTPEnh => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe MSCONFIG\startupreg: topi => C:\Program Files\TOSHIBA\Toshiba Online Product Information\topi.exe -startup MSCONFIG\startupreg: TOSCDSPD => TOSCDSPD.EXE MSCONFIG\startupreg: Toshiba Registration => C:\Program Files\Toshiba\Registration\ToshibaRegistration.exe MSCONFIG\startupreg: TPwrMain => %ProgramFiles%\TOSHIBA\Power Saver\TPwrMain.EXE MSCONFIG\startupreg: VistaStartMenu => "C:\Program Files\Vista Start Menu\VistaStartMenu.exe" MSCONFIG\startupreg: Windows Defender => %ProgramFiles%\Windows Defender\MSASCui.exe -hide ==================== Faulty Device Manager Devices ============= ==================== Event log errors: ========================= Application errors: ================== Error: (03/02/2014 00:43:20 AM) (Source: Windows Search Service) (User: ) Description: Nie można zaktualizować pozycji na mapie mieszania. Kontekst: aplikacja , wykaz SystemIndex Szczegóły: Urządzenie podłączone do komputera nie działa. (0x8007001f) Error: (03/01/2014 07:46:49 PM) (Source: Application Error) (User: ) Description: Aplikacja powodująca błąd Explorer.EXE, wersja 6.0.6002.18005, sygnatura czasowa 0x49e01da5, moduł powodujący błąd ggdrive-menu.dll_unloaded, wersja 0.0.0.0, sygnatura czasowa 0x50794495, kod wyjątku 0xc0000005, przesunięcie błędu 0x5ff81ac0, identyfikator procesu 0x170, godzina rozpoczęcia aplikacji 0xExplorer.EXE0. Error: (03/01/2014 04:56:45 PM) (Source: Windows Search Service) (User: ) Description: Nie można zaktualizować pozycji na mapie mieszania. Kontekst: aplikacja , wykaz SystemIndex Szczegóły: Urządzenie podłączone do komputera nie działa. (0x8007001f) Error: (03/01/2014 04:29:33 PM) (Source: Windows Search Service) (User: ) Description: Nie można zaktualizować pozycji na mapie mieszania. Kontekst: aplikacja , wykaz SystemIndex Szczegóły: Urządzenie podłączone do komputera nie działa. (0x8007001f) Error: (03/01/2014 03:48:36 PM) (Source: ESENT) (User: ) Description: wuaueng.dll (1200) SUS20ClientDataStore: Wystąpił błąd -1811 (0xfffff8ed) podczas otwierania pliku dziennika C:\Windows\SoftwareDistribution\DataStore\Logs\edb.log. Error: (03/01/2014 00:37:16 PM) (Source: Perflib) (User: ) Description: EmdCacheC:\Windows\system32\emdmgmt.dll4 Error: (03/01/2014 00:20:24 PM) (Source: VSS) (User: ) Description: Błąd Usługi kopiowania woluminów w tle: nieoczekiwany błąd podczas szukania interfejsu IVssWriterCallback. hr = 0x80070005. To jest często spowodowane przez niepoprawne ustawienia zabezpieczeń w procesie zapisującym lub żądającym. Operacja: Zbieranie danych modułu zapisującego Kontekst: Identyfikator klasy modułu zapisującego: {e8132975-6f93-4464-a53e-1050253ae220} Nazwa modułu zapisującego: System Writer Identyfikator wystąpienia modułu zapisującego: {8dab8030-d7d0-4cb8-85e1-ea2c4746b60a} Error: (03/01/2014 02:22:07 AM) (Source: Windows Search Service) (User: ) Description: Nie można zaktualizować pozycji na mapie mieszania. Kontekst: aplikacja , wykaz SystemIndex Szczegóły: Urządzenie podłączone do komputera nie działa. (0x8007001f) Error: (03/01/2014 02:18:05 AM) (Source: Windows Search Service) (User: ) Description: Nie można zaktualizować pozycji na mapie mieszania. Kontekst: aplikacja , wykaz SystemIndex Szczegóły: Urządzenie podłączone do komputera nie działa. (0x8007001f) Error: (03/01/2014 02:13:24 AM) (Source: Windows Search Service) (User: ) Description: Nie można zaktualizować pozycji na mapie mieszania. Kontekst: aplikacja , wykaz SystemIndex Szczegóły: Urządzenie podłączone do komputera nie działa. (0x8007001f) System errors: ============= Error: (03/03/2014 07:04:36 AM) (Source: EventLog) (User: ) Description: Poprzednie zamknięcie systemu przy 06:52:20 na 2014-03-03 było nieoczekiwane. Error: (03/03/2014 06:49:20 AM) (Source: EventLog) (User: ) Description: Poprzednie zamknięcie systemu przy 06:47:30 na 2014-03-03 było nieoczekiwane. Error: (03/03/2014 06:06:35 AM) (Source: Service Control Manager) (User: ) Description: 30000Netman Error: (03/02/2014 05:52:02 PM) (Source: EventLog) (User: ) Description: Poprzednie zamknięcie systemu przy 17:45:21 na 2014-03-02 było nieoczekiwane. Error: (03/02/2014 02:30:21 PM) (Source: EventLog) (User: ) Description: Poprzednie zamknięcie systemu przy 14:29:05 na 2014-03-02 było nieoczekiwane. Error: (03/02/2014 10:22:16 AM) (Source: EventLog) (User: ) Description: Poprzednie zamknięcie systemu przy 01:17:59 na 2014-03-02 było nieoczekiwane. Error: (03/02/2014 00:55:00 AM) (Source: Tcpip) (User: ) Description: System wykrył konflikt adresów między adresem IP 192.168.1.100 a komputerem o sieciowym adresie sprzętowym BC-F5-AC-A8-24-8C. W rezultacie mogą być zakłócone operacje sieciowe na tym komputerze. Error: (03/02/2014 00:30:48 AM) (Source: EventLog) (User: ) Description: Poprzednie zamknięcie systemu przy 23:59:28 na 2014-03-01 było nieoczekiwane. Error: (03/01/2014 11:34:24 PM) (Source: EventLog) (User: ) Description: Poprzednie zamknięcie systemu przy 22:26:00 na 2014-03-01 było nieoczekiwane. Error: (03/01/2014 05:14:23 PM) (Source: volsnap) (User: ) Description: Wykonywanie kopii w tle woluminu C: zostało przerwane, ponieważ nie można powiększyć magazynu kopii w tle z powodu limitu wprowadzonego przez użytkownika. Microsoft Office Sessions: ========================= CodeIntegrity Errors: =================================== Date: 2014-02-28 10:35:04.839 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\Vista Start Menu\VistaStartMenu.dll because the set of per-page image hashes could not be found on the system. Date: 2014-02-28 10:35:04.200 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\Vista Start Menu\VistaStartMenu.dll because the set of per-page image hashes could not be found on the system. Date: 2014-02-28 10:35:00.496 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\igdumd32.dll because the set of per-page image hashes could not be found on the system. Date: 2014-02-28 10:34:59.627 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\igdumd32.dll because the set of per-page image hashes could not be found on the system. Date: 2014-02-28 10:34:51.620 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\Vista Start Menu\VistaStartMenu.dll because the set of per-page image hashes could not be found on the system. Date: 2014-02-28 10:34:50.876 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\Vista Start Menu\VistaStartMenu.dll because the set of per-page image hashes could not be found on the system. Date: 2014-02-28 10:34:47.140 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\igdumd32.dll because the set of per-page image hashes could not be found on the system. Date: 2014-02-28 10:34:46.505 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\igdumd32.dll because the set of per-page image hashes could not be found on the system. Date: 2014-02-28 10:34:38.470 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\Vista Start Menu\VistaStartMenu.dll because the set of per-page image hashes could not be found on the system. Date: 2014-02-28 10:34:37.705 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\Vista Start Menu\VistaStartMenu.dll because the set of per-page image hashes could not be found on the system. ==================== Memory info =========================== Percentage of memory in use: 48% Total physical RAM: 3061.22 MB Available physical RAM: 1573.5 MB Total Pagefile: 6324.71 MB Available Pagefile: 4936.76 MB Total Virtual: 2047.88 MB Available Virtual: 1877.71 MB ==================== Drives ================================ Drive c: (Vista) (Fixed) (Total:74.45 GB) (Free:38.96 GB) NTFS ==>[Drive with boot components (obtained from BCD)] Drive e: (Data) (Fixed) (Total:73.13 GB) (Free:68.78 GB) NTFS ==================== MBR & Partition Table ================== ======================================================== Disk: 0 (MBR Code: Windows 7 or Vista) (Size: 149 GB) (Disk ID: 21080EAA) Partition 1: (Not Active) - (Size=1 GB) - (Type=27) Partition 2: (Active) - (Size=74 GB) - (Type=07 NTFS) Partition 3: (Not Active) - (Size=73 GB) - (Type=07 NTFS) ==================== End Of Log ============================