Additional scan result of Farbar Recovery Scan Tool (x86) Version: 12-04-2014 01 Ran by Ela at 2014-04-12 20:57:39 Running from C:\Users\Ela\Desktop\logi Boot Mode: Normal ========================================================== ==================== Security Center ======================== AS: Windows Defender (Enabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} ==================== Installed Programs ====================== µTorrent (HKLM\...\uTorrent) (Version: 3.0.0 - ) 32 Bit HP CIO Components Installer (Version: 6.1.2 - Hewlett-Packard) Hidden AC3Filter (remove only) (HKLM\...\AC3Filter) (Version: - ) Adobe Flash Player 10 ActiveX (HKLM\...\{922E8525-AC7E-4294-ACAA-43712D4423C0}) (Version: 10.0.22.87 - Adobe Systems, Inc.) Adobe Flash Player 12 Plugin (HKLM\...\Adobe Flash Player Plugin) (Version: 12.0.0.77 - Adobe Systems Incorporated) Adobe Reader 9 - Polish (HKLM\...\{AC76BA86-7AD7-1045-7B44-A90000000001}) (Version: 9.0.0 - Adobe Systems Incorporated) ALLPlayer V4.X (HKLM\...\ALLPlayer_is1) (Version: - ALLCinema Ltd.) Archiwizator WinRAR (HKLM\...\WinRAR archiver) (Version: - ) Botanicula 1.0 (HKLM\...\{66C087E0-756B-4CDA-BCA4-B50C37295D61}_is1) (Version: 1.0 - Amanita Design, s.r.o.) BufferChm (Version: 140.0.212.000 - Hewlett-Packard) Hidden Bundled software uninstaller (HKLM\...\bi_uninstaller) (Version: - ) <==== ATTENTION Compatibility Pack for the 2007 Office system (HKLM\...\{90120000-0020-0409-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation) Copy (Version: 140.0.212.000 - Hewlett-Packard) Hidden DealPly (HKCU\...\DealPly) (Version: - ) <==== ATTENTION DealPly (HKLM\...\DealPly) (Version: - DealPly) <==== ATTENTION Destinations (Version: 140.0.77.000 - Hewlett-Packard) Hidden DeviceDiscovery (Version: 140.0.212.000 - Hewlett-Packard) Hidden DJ_AIO_06_K209a-z_SW_Min (Version: 140.0.690.000 - Hewlett-Packard) Hidden Dungeon Party (HKLM\...\Steam App 215870) (Version: - Cyanide Studio) Facebook Messenger 2.1.4814.0 (HKLM\...\{7204BDEE-1A48-4D95-A964-44A9250B439E}) (Version: 2.1.4814.0 - Facebook) Facebook Video Calling 2.0.0.447 (HKLM\...\{8DF41A9F-FE13-43E8-A003-5F9B55A011EE}) (Version: 2.0.447 - Skype Limited) FilesFrog Update Checker (HKLM\...\FilesFrog Update Checker) (Version: - ) <==== ATTENTION FLV Player (HKCU\...\FLV Player) (Version: 1.0 - Somoto Ltd.) <==== ATTENTION Fujitsu OSD Utility (HKLM\...\InstallShield_{E6B28CE4-9D73-4B7D-9329-A0ED4855D686}) (Version: 1.2.1.6 - Quanta Computer Inc.) Fujitsu OSD Utility (Version: 1.2.1.6 - Quanta Computer Inc.) Hidden Gadu-Gadu 10 (HKLM\...\Gadu-Gadu 10) (Version: - GG Network S.A.) Google Chrome (HKLM\...\Google Chrome) (Version: 34.0.1847.116 - Google Inc.) Google Earth Plug-in (HKLM\...\{4AB54F11-2F8C-11E3-B09F-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google) Google Update Helper (Version: 1.3.23.9 - Google Inc.) Hidden GPBaseService2 (Version: 140.0.211.000 - Hewlett-Packard) Hidden gry Toolbar (HKLM\...\gry Toolbar) (Version: 6.9.0.16 - gry) HP Customer Participation Program 14.0 (HKLM\...\HPExtendedCapabilities) (Version: 14.0 - HP) HP Deskjet Ink Advant K209a-z All-in-One Driver Software 14.0 Rel. 6 (HKLM\...\{6051912A-F7B8-445C-A99D-81AA4C118836}) (Version: 14.0 - HP) HP Imaging Device Functions 14.0 (HKLM\...\HP Imaging Device Functions) (Version: 14.0 - HP) HP Smart Web Printing 4.60 (HKLM\...\HP Smart Web Printing) (Version: 4.60 - HP) HP Solution Center 14.0 (HKLM\...\HP Solution Center & Imaging Support Tools) (Version: 14.0 - HP) HP Update (HKLM\...\{74DC0593-6BC6-4001-AD5F-D810AFB68D86}) (Version: 5.002.002.002 - Hewlett-Packard) HPPhotoGadget (Version: 140.0.524.000 - Hewlett-Packard) Hidden HPProductAssistant (Version: 140.0.212.000 - Hewlett-Packard) Hidden HPSSupply (Version: 140.0.211.000 - Hewlett-Packard) Hidden Intel(R) Graphics Media Accelerator Driver (HKLM\...\HDMI) (Version: - ) Java 7 Update 11 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83217011FF}) (Version: 7.0.110 - Oracle) Java Auto Updater (Version: 2.1.9.0 - Sun Microsystems, Inc.) Hidden K209a-z (Version: 140.0.690.000 - Hewlett-Packard) Hidden K-Lite Codec Pack 7.6.0 (Full) (HKLM\...\KLiteCodecPack_is1) (Version: 7.6.0 - ) Malwarebytes Anti-Malware wersja 2.0.1.1004 (HKLM\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.1.1004 - Malwarebytes Corporation) MarketResearch (Version: 140.0.212.000 - Hewlett-Packard) Hidden Microsoft .NET Framework 3.5 Language Pack SP1 - plk (Version: 3.5.30729 - Microsoft Corporation) Hidden Microsoft .NET Framework 3.5 SP1 (HKLM\...\Microsoft .NET Framework 3.5 SP1) (Version: - Microsoft Corporation) Microsoft .NET Framework 3.5 SP1 (Version: 3.5.30729 - Microsoft Corporation) Hidden Microsoft .NET Framework 4 Client Profile (HKLM\...\Microsoft .NET Framework 4 Client Profile) (Version: 4.0.30320 - Microsoft Corporation) Microsoft .NET Framework 4 Client Profile (Version: 4.0.30320 - Microsoft Corporation) Hidden Microsoft .NET Framework 4 Client Profile PLK Language Pack (Version: 4.0.30320 - Microsoft Corporation) Hidden Microsoft Office XP Professional z programem FrontPage (HKLM\...\{90280415-6000-11D3-8CFE-0050048383C9}) (Version: 10.0.6626.0 - Microsoft Corporation) Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30214.0 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft WSE 3.0 Runtime (HKLM\...\{E3E71D07-CD27-46CB-8448-16D4FB29AA13}) (Version: 3.0.5305.0 - Microsoft Corp.) Movies Toolbar for Chrome (Dist. by Somoto Ltd.) (HKLM\...\somotomoviestoolbar181CR) (Version: 1.8.1.0 - IAC Search and Media) <==== ATTENTION Movies Toolbar for Internet Explorer (Dist. by Somoto Ltd.) (HKLM\...\somotomoviestoolbar181IE) (Version: 1.8.1.0 - IAC Search and Media) <==== ATTENTION Mozilla Firefox 17.0.1 (x86 pl) (HKLM\...\Mozilla Firefox 17.0.1 (x86 pl)) (Version: 17.0.1 - Mozilla) MSXML 4.0 SP2 (KB954430) (HKLM\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation) MSXML 4.0 SP2 (KB973688) (HKLM\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation) Nero 8 Essentials (HKLM\...\{B1510103-0038-4967-8975-E17D2A591045}) (Version: 8.3.562 - Nero AG) NeroVision Express 2 (HKLM\...\NeroVision!UninstallKey) (Version: - ) neroxml (Version: 1.0.0 - Nero AG) Hidden Nokia Internet Modem (HKLM\...\{AF91A56A-A775-4183-99C5-E9320263B612}) (Version: 3.8.149.40 - SmartCom) Origin (HKLM\...\Origin) (Version: 9.1.11.2678 - Electronic Arts, Inc.) Pakiet językowy programu Microsoft .NET Framework 3.5 z dodatkiem SP1 — PLK (HKLM\...\Microsoft .NET Framework 3.5 Language Pack SP1 - plk) (Version: - Microsoft Corporation) Pakiet sterowników systemu Windows - Nokia pccsmcfd (08/22/2008 7.0.0.0) (HKLM\...\504244733D18C8F63FF584AEB290E3904E791693) (Version: 08/22/2008 7.0.0.0 - Nokia) PC Connectivity Solution (HKLM\...\{34610DE0-3C13-42CA-8E32-01FFA38AB6E8}) (Version: 8.47.7.0 - Nokia) PhotoScape (HKLM\...\PhotoScape) (Version: - ) Picasa 3 (HKLM\...\Picasa 3) (Version: 3.9 - Google, Inc.) PIT 2013 z Gazetą Wyborczą ver. 10.0.2.0 (HKCU\...\PIT 2013 z Gazetą Wyborczą_is1) (Version: - Agora Sp. z o.o.) Polski pakiet językowy dla programu Microsoft .NET Framework 4 Client Profile (HKLM\...\Microsoft .NET Framework 4 Client Profile PLK Language Pack) (Version: 4.0.30320 - Microsoft Corporation) Pory roku 3: Klątwa wiedźmy Wrony (HKLM\...\Pory roku 3: Klątwa wiedźmy Wrony) (Version: - Alawar Entertainment Inc.) Realtek High Definition Audio Driver (HKLM\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: - Realtek Semiconductor Corp.) Scan (Version: 140.0.80.000 - Hewlett-Packard) Hidden Shop for HP Supplies (HKLM\...\Shop for HP Supplies) (Version: 14.0 - HP) Siglos Karaoke Player/Recorder 2 (HKLM\...\{BD5534B1-6A9E-4491-86DC-DE13B33156AD}_is1) (Version: - Doblon) Skype™ 6.11 (HKLM\...\{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}) (Version: 6.11.102 - Skype Technologies S.A.) SmartWebPrinting (Version: 140.0.186.000 - Hewlett-Packard) Hidden SolutionCenter (Version: 140.0.213.000 - Hewlett-Packard) Hidden Status (Version: 140.0.212.000 - Hewlett-Packard) Hidden Steam (HKLM\...\Steam) (Version: - Valve Corporation) SweetIM for Messenger 3.7 (Version: 3.7.0007 - SweetIM Technologies Ltd.) Hidden <==== ATTENTION System Recovery (HKLM\...\{B7DCFAFF-D984-4A8A-96DC-A55869C37103}) (Version: 1.3.12 - Fujitsu) System Requirements Lab CYRI (HKLM\...\{943A8D28-80D6-41DC-AE94-81FEB42041BF}) (Version: 4.5.1.0 - Husdawg, LLC) SystemDiagnostics (HKLM\...\{EF59DB7F-7426-426E-B862-7031F83ED304}) (Version: 2.04.0006 - Fujitsu Technology Solutions) Świadectwa Optivum (HKLM\...\{33B7EAF2-7D1A-441F-BE50-0BE645316967}) (Version: 12.00.0004 - VULCAN) The Sims™ 3 (HKLM\...\{C05D8CDB-417D-4335-A38C-A0659EDFD6B8}) (Version: 1.48.5 - Electronic Arts) The Sims™ 3 Nowoczesny apartament Akcesoria (HKLM\...\{71828142-5A24-4BD0-97E7-976DA08CE6CF}) (Version: 3.0.38 - Electronic Arts) The Sims™ 3 Pokolenia (HKLM\...\{E6B88BD6-E4B2-4701-A648-B6DAC6E491CC}) (Version: 8.0.152 - Electronic Arts) The Sims™ 3 Wymarzone Podróże (HKLM\...\{BA26FFA5-6D47-47DB-BE56-34C357B5F8CC}) (Version: 2.0.86 - Electronic Arts) Toolbox (Version: 140.0.428.000 - Hewlett-Packard) Hidden TrayApp (Version: 140.0.212.000 - Hewlett-Packard) Hidden Tux Paint 0.9.21 (HKLM\...\Tux Paint_is1) (Version: - New Breed Software) Update for Microsoft .NET Framework 3.5 SP1 (KB963707) (HKLM\...\{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}.KB963707) (Version: 1 - Microsoft Corporation) Video Converter (HKLM\...\Video Converter) (Version: 1 - SweetPacks) <==== ATTENTION Video Converter Bundle by SweetPacks (HKLM\...\Video Converter Bundle by SweetPacks) (Version: 1.0.0.0 - SweetPacks LTD) <==== ATTENTION WD SmartWare (HKLM\...\{98D451C4-4ACA-4273-BB47-57CFE46B048E}) (Version: 1.4.1.1 - Western Digital) WebReg (Version: 140.0.212.017 - Hewlett-Packard) Hidden Winamp (HKLM\...\Winamp) (Version: 5.572 - Nullsoft, Inc) Worms 4 Mayhem (HKLM\...\{45E7C481-3EF4-4FCB-AF0B-19F70D618F0C}) (Version: 1.01.0000 - Codemasters) ==================== Restore Points ========================= 11-04-2014 13:44:58 Dodatek Service Pack 2 do systemu Windows Vista™ ==================== Hosts content: ========================== 2006-11-02 12:23 - 2006-09-18 23:41 - 00000761 ____A C:\Windows\system32\Drivers\etc\hosts 127.0.0.1 localhost ::1 localhost ==================== Scheduled Tasks (whitelisted) ============= Task: {02A97D1F-3046-462A-B7D3-813A31893AE3} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2014-03-13] (Adobe Systems Incorporated) Task: {18DFD9FC-082E-4E9B-8285-5F21D2B4EDAE} - System32\Tasks\Microsoft\Windows\MobilePC\TMM Task: {1E696BC3-66EB-4B77-BBEB-5AAB14A55E08} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-1707032505-553885810-4120097439-1002Core => C:\Users\Ela\AppData\Local\Facebook\Update\FacebookUpdate.exe [2013-09-16] (Facebook Inc.) Task: {4B337A06-2304-4294-A1C4-8BE72AE32355} - System32\Tasks\{995C96E6-02A1-4C51-8D90-B82E50962B80} => Iexplore.exe http://ui.skype.com/ui/0/6.0.0.126/pl/abandoninstall?page=tsProgressBar Task: {5916F864-469C-4391-8604-E4EA141A2699} - System32\Tasks\Microsoft\Windows\Wireless\GatherWirelessInfo => C:\Windows\system32\gatherWirelessInfo.vbs [2008-01-21] () Task: {7B456128-602C-4E41-A48A-28E9C98BDC68} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-1707032505-553885810-4120097439-1002UA => C:\Users\Ela\AppData\Local\Facebook\Update\FacebookUpdate.exe [2013-09-16] (Facebook Inc.) Task: {7C5A51E8-1AD7-48C6-8879-257A8A9609F5} - System32\Tasks\Microsoft\Windows\NetworkAccessProtection\NAPStatus UI Task: {89AC9A71-8EC9-488C-9CFC-011A8B6E2775} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2012-09-23] (Google Inc.) Task: {8B0E6FAB-F43A-4988-AF0A-A21646C212F0} - System32\Tasks\Microsoft\Windows\Shell\CrawlStartPages Task: {93850C6D-204C-41FD-ACBB-C40D422A10D8} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1707032505-553885810-4120097439-1000Core => C:\Users\Monika\AppData\Local\Google\Update\GoogleUpdate.exe Task: {96F45367-2E8A-495C-9E02-22CDA5B1DA6C} - System32\Tasks\{F45D79DF-FB09-4EE9-A549-6F46D6FB328F} => C:\Program Files\Skype\Phone\Skype.exe [2013-11-14] (Skype Technologies S.A.) Task: {9ED703A9-5FFD-40D5-895A-4385EE1509DE} - System32\Tasks\Microsoft\Windows\RAC\RACAgent => C:\Windows\system32\RacAgent.exe [2008-01-21] (Microsoft Corporation) Task: {CD31D3E0-95DA-4BC3-8AF1-EF19F28C5B06} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-1707032505-553885810-4120097439-1001Core => C:\Users\Marta\AppData\Local\Facebook\Update\FacebookUpdate.exe [2013-02-07] (Facebook Inc.) Task: {D38A30E5-85A7-4011-B4B0-A8035DD9AE2A} - System32\Tasks\{5018004A-9D03-44FA-A936-94ED7AE42008} => Chrome.exe http://ui.skype.com/ui/0/6.1.0.129.272/pl/go/help.faq.installer?LastError=1601 Task: {D4662090-A0EF-4D91-B601-9EBCF65666B4} - System32\Tasks\SomotoUpdateCheckerAutoStart => C:\Users\Ela\AppData\Local\FilesFrog Update Checker\update_checker.exe [2013-10-17] (Somoto) <==== ATTENTION Task: {DF193704-6212-433C-90AE-7E1C55400BEF} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1707032505-553885810-4120097439-1000UA => C:\Users\Monika\AppData\Local\Google\Update\GoogleUpdate.exe Task: {E77133DC-B1E4-4525-9F4B-E70E19A543E2} - System32\Tasks\DealPly => C:\Users\Ela\AppData\Roaming\DealPly\UpdateProc\UpdateTask.exe [2013-03-10] () <==== ATTENTION Task: {E7ED1E89-DD6E-4589-9BAB-969B2FD10215} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-1707032505-553885810-4120097439-1001UA => C:\Users\Marta\AppData\Local\Facebook\Update\FacebookUpdate.exe [2013-02-07] (Facebook Inc.) Task: {E8F4B497-11B1-4E15-86DB-C80DE0540036} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2012-09-23] (Google Inc.) Task: {F5C3E424-9A2B-4E18-97A7-3615EC3311C4} - System32\Tasks\DealPlyUpdate => C:\Program Files\DealPly\DealPlyUpdate.exe [2012-05-09] (DealPly) <==== ATTENTION Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1707032505-553885810-4120097439-1001Core.job => C:\Users\Marta\AppData\Local\Facebook\Update\FacebookUpdate.exe Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1707032505-553885810-4120097439-1001UA.job => C:\Users\Marta\AppData\Local\Facebook\Update\FacebookUpdate.exe Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1707032505-553885810-4120097439-1002Core.job => C:\Users\Ela\AppData\Local\Facebook\Update\FacebookUpdate.exe Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1707032505-553885810-4120097439-1002UA.job => C:\Users\Ela\AppData\Local\Facebook\Update\FacebookUpdate.exe Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1707032505-553885810-4120097439-1000Core.job => C:\Users\Monika\AppData\Local\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1707032505-553885810-4120097439-1000UA.job => C:\Users\Monika\AppData\Local\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\User_Feed_Synchronization-{7D8B24FF-76E7-4850-A0EF-B1007AA121E3}.job => C:\Windows\system32\msfeedssync.exe ==================== Loaded Modules (whitelisted) ============= 2014-02-13 17:40 - 2014-04-07 09:52 - 00490504 _____ () C:\Program Files\Movies Toolbar\SafetyNut\safetycrt.dll 2014-02-13 17:40 - 2014-04-07 09:52 - 00020488 _____ () C:\Program Files\Movies Toolbar\SafetyNut\safetyldr.dll 2013-04-06 11:45 - 2009-12-17 11:24 - 00066512 _____ () C:\Program Files\Common Files\SmartCom\DragnDropCopyHook.dll 2010-09-08 10:45 - 2010-09-08 10:45 - 01034752 _____ () C:\Program Files\Western Digital\WD SmartWare\Front Parlor\WDFME\WDFME.exe 2010-09-08 10:53 - 2010-09-08 10:53 - 00886272 _____ () C:\Program Files\Western Digital\WD SmartWare\Front Parlor\WDFME\System.Data.SQLite.dll 2010-09-08 10:44 - 2010-09-08 10:44 - 00484352 _____ () C:\Program Files\Western Digital\WD SmartWare\Front Parlor\WDSC.exe 2012-10-26 08:49 - 2012-10-26 08:49 - 00202752 _____ () C:\Users\Ela\AppData\Local\WebPlayer\FLV Player\WebPlayer.exe 2012-06-28 21:21 - 2014-04-11 14:49 - 02397152 _____ () C:\Program Files\Mozilla Firefox\mozjs.dll ==================== Alternate Data Streams (whitelisted) ========= ==================== Safe Mode (whitelisted) =================== ==================== Disabled items from MSCONFIG ============== MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^HP Digital Imaging Monitor.lnk => C:\Windows\pss\HP Digital Imaging Monitor.lnk.CommonStartup MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Microsoft Office.lnk => C:\Windows\pss\Microsoft Office.lnk.CommonStartup MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^WDDMStatus.lnk => C:\Windows\pss\WDDMStatus.lnk.CommonStartup MSCONFIG\startupreg: Adobe Reader Speed Launcher => "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe" MSCONFIG\startupreg: ALLUpdate => "C:\Program Files\ALLPlayer\ALLUpdate.exe" "sleep" MSCONFIG\startupreg: ApnUpdater => "C:\Program Files\Ask.com\Updater\Updater.exe" MSCONFIG\startupreg: EA Core => "C:\Program Files\Electronic Arts\EADM\Core.exe" -silent MSCONFIG\startupreg: Facebook Update => "C:\Users\Ela\AppData\Local\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver MSCONFIG\startupreg: FSCRecovery => c:\Program Files\Fujitsu\System Recovery\FSCRecoveryReminder.exe MSCONFIG\startupreg: Gadu-Gadu 10 => "C:\Program Files\Gadu-Gadu 10\gg.exe" MSCONFIG\startupreg: Google Desktop Search => "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup MSCONFIG\startupreg: Google EULA Launcher => c:\Program Files\Google\Google EULA\GoogleEULALauncher.exe IE PA MSCONFIG\startupreg: Google Update => "C:\Users\Monika\AppData\Local\Google\Update\GoogleUpdate.exe" /c MSCONFIG\startupreg: HP Software Update => C:\Program Files\HP\HP Software Update\HPWuSchd2.exe MSCONFIG\startupreg: IPLA! => C:\Program Files\ipla\ipla.exe /autorun MSCONFIG\startupreg: KiesHelper => C:\Program Files\Samsung\Kies\KiesHelper.exe /s MSCONFIG\startupreg: KiesPDLR => C:\Program Files\SAMSUNG\Kies\External\FirmwareUpdate\KiesPDLR.exe MSCONFIG\startupreg: KiesTrayAgent => C:\Program Files\Samsung\Kies\KiesTrayAgent.exe MSCONFIG\startupreg: Nokia Internet Modem => "C:\Program Files\Nokia\Nokia Internet Modem\WellPhone2.exe" /background MSCONFIG\startupreg: Picasa Media Detector => C:\Program Files\Picasa2\PicasaMediaDetector.exe MSCONFIG\startupreg: SearchSettings => "C:\Program Files\Common Files\Spigot\Search Settings\SearchSettings.exe" MSCONFIG\startupreg: Skype => "C:\Program Files\Skype\Phone\Skype.exe" /minimized /regrun MSCONFIG\startupreg: SunJavaUpdateSched => "C:\Program Files\Common Files\Java\Java Update\jusched.exe" MSCONFIG\startupreg: SweetIM => C:\Program Files\SweetIM\Messenger\SweetIM.exe MSCONFIG\startupreg: WinampAgent => "C:\Program Files\Winamp\winampa.exe" ==================== Faulty Device Manager Devices ============= ==================== Event log errors: ========================= Application errors: ================== Error: (04/12/2014 08:25:06 PM) (Source: Google Update) (User: Monika-PC) Description: Network Request Error. Error: 0x80072ee7. Http status code: 0. Url=https://www.facebook.com/omaha/update.php Trying config: source=IE, direct connection. trying CUP:WinHTTP. Send request returned 0x80072ee7. Http status code 0. trying WinHTTP. Send request returned 0x80072ee7. Http status code 0. trying CUP:iexplore. Send request returned 0x80004005. Http status code 0. Trying config: source=auto, wpad=1, script=. trying CUP:WinHTTP. Send request returned 0x80072ee7. Http status code 0. trying WinHTTP. Send request returned 0x80072ee7. Http status code 0. trying CUP:iexplore. Send request returned 0x80004005. Http status code 0. Trying config: source=IE, direct connection. trying CUP:WinHTTP. Send request returned 0x80072ee7. Http status code 0. trying WinHTTP. Send request returned 0x80072ee7. Http status code 0. trying CUP:iexplore. Send request returned 0x80004005. Http status code 0. Trying config: source=auto, wpad=1, script=. trying CUP:WinHTTP. Send request returned 0x80072ee7 Error: (04/12/2014 07:47:15 PM) (Source: WinMgmt) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (04/12/2014 07:31:25 PM) (Source: WinMgmt) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (04/12/2014 07:27:58 PM) (Source: WinMgmt) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (04/12/2014 07:24:49 PM) (Source: WinMgmt) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (04/11/2014 04:50:44 PM) (Source: WinMgmt) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (04/11/2014 04:18:32 PM) (Source: WinMgmt) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (04/11/2014 03:42:08 PM) (Source: Microsoft Security Client Setup) (User: Monika-PC) Description: HRESULT:0x80070643 Description:Cannot complete the Security Essentials installation. An error has prevented the Security Essentials setup wizard from completing successfully. Please restart your computer and try again. Error code:0x80070643. (null) Error: (04/11/2014 03:41:31 PM) (Source: MsiInstaller) (User: Monika-PC) Description: Product: Microsoft Security Client -- Error 1406. Could not write value ServiceID to key \SYSTEM\CurrentControlSet\Services\NisSrv\Parameters. System error . Verify that you have sufficient access to that key, or contact your support personnel. Error: (04/11/2014 03:36:42 PM) (Source: WinMgmt) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 System errors: ============= Microsoft Office Sessions: ========================= Error: (04/12/2014 08:25:06 PM) (Source: Google Update)(User: Monika-PC) Description: Network Request Error. Error: 0x80072ee7. Http status code: 0. Url=https://www.facebook.com/omaha/update.php Trying config: source=IE, direct connection. trying CUP:WinHTTP. Send request returned 0x80072ee7. Http status code 0. trying WinHTTP. Send request returned 0x80072ee7. Http status code 0. trying CUP:iexplore. Send request returned 0x80004005. Http status code 0. Trying config: source=auto, wpad=1, script=. trying CUP:WinHTTP. Send request returned 0x80072ee7. Http status code 0. trying WinHTTP. Send request returned 0x80072ee7. Http status code 0. trying CUP:iexplore. Send request returned 0x80004005. Http status code 0. Trying config: source=IE, direct connection. trying CUP:WinHTTP. Send request returned 0x80072ee7. Http status code 0. trying WinHTTP. Send request returned 0x80072ee7. Http status code 0. trying CUP:iexplore. Send request returned 0x80004005. Http status code 0. Trying config: source=auto, wpad=1, script=. trying CUP:WinHTTP. Send request returned 0x80072ee7 Error: (04/12/2014 07:47:15 PM) (Source: WinMgmt)(User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (04/12/2014 07:31:25 PM) (Source: WinMgmt)(User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (04/12/2014 07:27:58 PM) (Source: WinMgmt)(User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (04/12/2014 07:24:49 PM) (Source: WinMgmt)(User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (04/11/2014 04:50:44 PM) (Source: WinMgmt)(User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (04/11/2014 04:18:32 PM) (Source: WinMgmt)(User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (04/11/2014 03:42:08 PM) (Source: Microsoft Security Client Setup)(User: Monika-PC) Description: HRESULT:0x80070643 Description:Cannot complete the Security Essentials installation. An error has prevented the Security Essentials setup wizard from completing successfully. Please restart your computer and try again. Error code:0x80070643. (null) Error: (04/11/2014 03:41:31 PM) (Source: MsiInstaller)(User: Monika-PC) Description: Product: Microsoft Security Client -- Error 1406. Could not write value ServiceID to key \SYSTEM\CurrentControlSet\Services\NisSrv\Parameters. System error . Verify that you have sufficient access to that key, or contact your support personnel.(NULL)(NULL)(NULL)(NULL) Error: (04/11/2014 03:36:42 PM) (Source: WinMgmt)(User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 CodeIntegrity Errors: =================================== Date: 2014-04-12 20:57:10.646 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\mwac.sys because the set of per-page image hashes could not be found on the system. Date: 2014-04-12 20:57:10.381 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\mwac.sys because the set of per-page image hashes could not be found on the system. Date: 2014-04-12 20:57:10.131 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\mwac.sys because the set of per-page image hashes could not be found on the system. Date: 2014-04-12 20:57:09.866 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\mwac.sys because the set of per-page image hashes could not be found on the system. Date: 2014-04-12 20:57:09.617 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\mwac.sys because the set of per-page image hashes could not be found on the system. Date: 2014-04-12 20:57:09.351 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\mwac.sys because the set of per-page image hashes could not be found on the system. Date: 2014-04-12 20:57:09.102 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\mwac.sys because the set of per-page image hashes could not be found on the system. Date: 2014-04-12 20:57:08.852 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\mwac.sys because the set of per-page image hashes could not be found on the system. Date: 2014-04-12 20:57:08.322 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\mbamchameleon.sys because the set of per-page image hashes could not be found on the system. Date: 2014-04-12 20:57:07.947 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\mbamchameleon.sys because the set of per-page image hashes could not be found on the system. ==================== Memory info =========================== Percentage of memory in use: 43% Total physical RAM: 2907.68 MB Available physical RAM: 1652.6 MB Total Pagefile: 6049.66 MB Available Pagefile: 4856.45 MB Total Virtual: 2047.88 MB Available Virtual: 1889.41 MB ==================== Drives ================================ Drive c: (SYSTEM) (Fixed) (Total:92.21 GB) (Free:15.63 GB) NTFS ==>[Drive with boot components (obtained from BCD)] Drive e: (DATA) (Fixed) (Total:197.09 GB) (Free:58.91 GB) NTFS ==================== MBR & Partition Table ================== ======================================================== Disk: 0 (MBR Code: Windows 7 or Vista) (Size: 298 GB) (Disk ID: EFCE7C6B) Partition: GPT Partition Type. ==================== End Of Log ============================