Additional scan result of Farbar Recovery Scan Tool (x86) Version: 04-10-2014 01 Ran by Danusia i Dominik at 2014-10-05 13:54:28 Running from C:\Users\Danusia i Dominik\Desktop\fix\FRST-OlderVersion Boot Mode: Normal ========================================================== ==================== Security Center ======================== (If an entry is included in the fixlist, it will be removed.) AV: Kaspersky Internet Security (Enabled - Up to date) {179979E8-273D-D14E-0543-2861940E4886} AS: Kaspersky Internet Security (Enabled - Up to date) {ACF8980C-0107-DEC0-3FF3-1313EF89023B} AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} FW: Kaspersky Internet Security (Enabled) {2FA2F8CD-6D52-D016-2E1C-81546ADD0FFD} ==================== Installed Programs ====================== (Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.) µTorrent (HKLM\...\uTorrent) (Version: 3.2.3.28705 - BitTorrent Inc.) 7-Zip 9.20 (HKLM\...\7-Zip) (Version: - ) Adobe Anchor Service CS3 (Version: 1.0 - Adobe Systems Incorporated) Hidden Adobe Asset Services CS3 (Version: 3 - Adobe Systems Incorporated) Hidden Adobe Bridge CS3 (Version: 2 - Adobe Systems Incorporated) Hidden Adobe Bridge Start Meeting (Version: 1.0 - Adobe Systems Incorporated) Hidden Adobe Camera Raw 4.0 (Version: 4.0 - Adobe Systems Incorporated) Hidden Adobe CMaps (Version: 1.0 - Adobe Systems Incorporated) Hidden Adobe Color - Photoshop Specific (Version: 1.0 - Adobe Systems Incorporated) Hidden Adobe Color Common Settings (Version: 1.0 - Adobe Systems Incorporated) Hidden Adobe Color EU Recommended Settings (Version: 1.0 - Adobe Systems Incorporated) Hidden Adobe Color JA Extra Settings (Version: 1.0 - Adobe Systems Incorporated) Hidden Adobe Color NA Extra Settings (Version: 1.0 - Adobe Systems Incorporated) Hidden Adobe Default Language CS3 (Version: 1.0 - Adobe Systems Incorporated) Hidden Adobe Device Central CS3 (Version: 1.0 - Adobe Systems Incorporated) Hidden Adobe ExtendScript Toolkit 2 (Version: 2.0 - Adobe Systems Incorporated) Hidden Adobe Flash Player 15 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 15.0.0.167 - Adobe Systems Incorporated) Adobe Flash Player 15 Plugin (HKLM\...\Adobe Flash Player Plugin) (Version: 15.0.0.152 - Adobe Systems Incorporated) Adobe Fonts All (Version: 1.0 - Adobe Systems Incorporated) Hidden Adobe Help Viewer CS3 (Version: 1 - Adobe Systems Incorporated) Hidden Adobe Linguistics CS3 (Version: 3.0.0 - Adobe Systems Incorporated) Hidden Adobe PDF Library Files (Version: 8.0 - Adobe Systems Incorporated) Hidden Adobe Photoshop CS3 (HKLM\...\Adobe_678cd98c8365a5647f9a2e539d120a8) (Version: 10.0 - Adobe Systems Incorporated) Adobe Photoshop CS3 (Version: 10 - Adobe Systems Incorporated) Hidden Adobe Reader 9.5.5 - Polish (HKLM\...\{AC76BA86-7AD7-1045-7B44-A95000000001}) (Version: 9.5.5 - Adobe Systems Incorporated) Adobe Setup (Version: 1.0 - Adobe Systems Incorporated) Hidden Adobe Stock Photos CS3 (Version: 1.5 - Adobe Systems Incorporated) Hidden Adobe Type Support (Version: 1.0 - Adobe Systems Incorporated) Hidden Adobe Update Manager CS3 (Version: 5.1.0 - Adobe Systems Incorporated) Hidden Adobe Version Cue CS3 Client (Version: 3 - Adobe Systems Incorporated) Hidden Adobe WinSoft Linguistics Plugin (Version: 1.0 - Adobe Systems Incorporated) Hidden Adobe XMP Panels CS3 (Version: 1.0 - Adobe Systems Incorporated) Hidden ALLPlayer V4.X (HKLM\...\ALLPlayer_is1) (Version: - ALLCinema Ltd.) AnyDVD (HKLM\...\AnyDVD) (Version: - SlySoft) Archiwizator WinRAR (HKLM\...\WinRAR archiver) (Version: - ) Ares 2.1.8 (HKLM\...\Ares) (Version: 2.1.8-Build#3042 - Ares Development Group) Ashampoo Burning Studio 2013 v.11.0.5 (HKLM\...\Ashampoo Burning Studio 2013_is1) (Version: 11.0.5 - Ashampoo GmbH & Co. KG) Atheros WLAN Client (HKLM\...\{04983D37-2202-4295-94A2-8B547C66133F}) (Version: 1.00.000 - ) AVI/MPEG/RM/WMV Splitter 4.28 (HKLM\...\AVI MPEG RM WMV Splitter_is1) (Version: - boilsoft, Inc.) AviSynth 2.5 (HKLM\...\Avisynth) (Version: - ) BankBrowser (HKCU\...\BankBrowser) (Version: 3.5 - DialCom24 Sp. z o.o.) Call of Duty(R) 4 - Modern Warfare(TM) (Version: 1.00.0000 - Licomp EMPiK Multimedia) Hidden CCleaner (HKLM\...\CCleaner) (Version: 3.25 - Piriform) ChomikBox (HKLM\...\{26050F54-3928-4D9C-849A-C48A9E831E6F}) (Version: 2.0.5.0 - Chomikuj.pl) ConvertXtoDVD 4.0.12.327 (HKLM\...\{DB6AB705-C9BD-40E3-8929-2EA57F36A4FF}_is1) (Version: 4.0.12.327 - ) CorelDRAW Graphics Suite X3 (HKLM\...\{7C5123A9-30A8-4C44-89CA-A8C87A1FCC91}) (Version: 13.0 - Corel Corporation) CPUID HWMonitor 1.24 (HKLM\...\CPUID HWMonitor_is1) (Version: - ) CyberLink PowerDVD 10 (HKLM\...\InstallShield_{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}) (Version: 10.0.1516 - CyberLink Corp.) CyberLink PowerDVD 10 (Version: 10.0.1516 - CyberLink Corp.) Hidden DVDFab (Platinum/Gold/HD Decrypter) (Option: Mobile) 5.0.9.5 Be (HKLM\...\DVDFab (Platinum/Gold/HD Decrypter) (Option: Mobile) 5_is1) (Version: - Fengtao Software Inc.) Easy Battery Manager (HKLM\...\{6F730513-8688-4C3C-90A3-6B9792CE2EF3}) (Version: 3.2.1.7 - ) Easy Display Manager (HKLM\...\{17283B95-21A8-4996-97DA-547A48DB266F}) (Version: 2.0.0.0 - Samsung) Easy Network Manager 3.0 (HKLM\...\InstallShield_{4EA8EA5D-8E46-4698-9BF7-2F2AD8E1C185}) (Version: 3.0.0.0 - Samsung) Easy Network Manager 3.0 (Version: 3.0.0.0 - Samsung) Hidden Feedback Tool (HKLM\...\{13A5E785-5197-4EAD-8EE3-D660271E49BC}) (Version: 1.2.0 - Microsoft Corporation) FontNav (Version: 5.0 - Corel Corporation) Hidden FOTOJOKER Fotoswiat (HKLM\...\FOTOJOKER Fotoswiat) (Version: 5.0.6 - CEWE COLOR AG u Co. OHG) Free WebM Video Converter version 5.0.18.1005 (HKLM\...\Free WebM Video Converter_is1) (Version: 5.0.18.1005 - DVDVideoSoft Ltd.) Google Update Helper (Version: 1.3.24.15 - Google Inc.) Hidden imagine digital freedom - Samsung (HKLM\...\{00AF10C1-44BD-4862-9D7F-24E6BA3E87FD}) (Version: 1.0.2.0 - Samsung Electronics Co., LTD) Intel PROSet Wireless (Version: - ) Hidden Intel® Matrix Storage Manager (HKLM\...\{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}) (Version: - Intel Corporation) iTunes (HKLM\...\{C4780F70-8F21-4F0C-95FE-32FF3E2F9247}) (Version: 11.1.4.62 - Apple Inc.) J2SE Runtime Environment 5.0 Update 9 (HKLM\...\{3248F0A8-6813-11D6-A77B-00B0D0150090}) (Version: 1.5.0.90 - Sun Microsystems, Inc.) Java 7 Update 9 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83217009FF}) (Version: 7.0.90 - Oracle) Java Auto Updater (Version: 2.1.9.0 - Sun Microsystems, Inc.) Hidden Java(TM) 6 Update 30 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83216030FF}) (Version: 6.0.300 - Oracle) JPEGCrops 0.7.5 beta (HKLM\...\{DEAD07C6-D070-43AB-A60D-D9ABE55E296D}_is1) (Version: - ) Kaspersky Internet Security (HKLM\...\InstallWIX_{6F6873E3-5C92-4049-B511-231A138DD090}) (Version: 14.0.0.4651 - Kaspersky Lab) Kaspersky Internet Security (Version: 14.0.0.4651 - Kaspersky Lab) Hidden K-Lite Codec Pack 10.0.0 Full (HKLM\...\KLiteCodecPack_is1) (Version: 10.0.0 - ) LightScribe System Software (HKLM\...\{705B639E-FAAF-40D7-AD58-C445321C7C3F}) (Version: 1.18.18.1 - LightScribe) LightScribe Template Labeler (HKLM\...\{8A03241E-7A3C-401D-B0CE-B3096F50AE6F}) (Version: 1.18.27.10 - LightScribe) Lizardtech DjVu Control (HKLM\...\{105CFC7C-6992-11D5-BD9D-000102C10FD8}) (Version: - ) Media Player Classic - Home Cinema v1.5.2.3456 (HKLM\...\{2624B969-7135-4EB1-B0F6-2D8C397B45F7}_is1) (Version: 1.5.2.3456 - MPC-HC Team) Microsoft .NET Framework 3.5 Language Pack SP1 - plk (Version: 3.5.30729 - Microsoft Corporation) Hidden Microsoft .NET Framework 3.5 SP1 (HKLM\...\Microsoft .NET Framework 3.5 SP1) (Version: - Microsoft Corporation) Microsoft .NET Framework 3.5 SP1 (Version: 3.5.30729 - Microsoft Corporation) Hidden Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation) Microsoft .NET Framework 4.5.1 (PLK) (Version: 4.5.50938 - Microsoft Corporation) Hidden Microsoft .NET Framework 4.5.1 (Polski) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1045) (Version: 4.5.50938 - Microsoft Corporation) Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden Microsoft Office 2003 Web Components (HKLM\...\{90A40415-6000-11D3-8CFE-0150048383C9}) (Version: 11.0.8003.0 - Microsoft Corporation) Microsoft Office Professional Edition 2003 (HKLM\...\{90110415-6000-11D3-8CFE-0150048383C9}) (Version: 11.0.8173.0 - Microsoft Corporation) Microsoft Primary Interoperability Assemblies 2005 (HKLM\...\{D24DB8B9-BB6C-4334-9619-BA1C650E13D3}) (Version: 8.0.50727.42 - Microsoft Corporation) Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation) Microsoft SOAP Toolkit 2.0 SP2 (HKLM\...\{36BEAD11-8577-49AD-9250-E06A50AE87B0}) (Version: 623.1 - Microsoft Corporation) Microsoft SQL Server Native Client (HKLM\...\{50A0893D-47D8-48E0-A7E8-44BCD7E4422E}) (Version: 9.00.2047.00 - Microsoft Corporation) Microsoft SQL Server Setup Support Files (English) (HKLM\...\{53F5C3EE-05ED-4830-994B-50B2F0D50FCE}) (Version: 9.00.2047.00 - Microsoft Corporation) Microsoft SQL Server VSS Writer (HKLM\...\{C0D2F614-5CE5-4DCB-8678-E5C9AF7044F8}) (Version: 9.00.2047.00 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM\...\{6AFCA4E1-9B78-3640-8F72-A7BF33448200}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual Studio Tools for Applications 2.0 - ENU (HKLM\...\{AA4A4B2C-0465-3CF8-BA76-27A027D8ACAB}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual Studio Tools for Applications 2.0 Runtime (HKLM\...\{299C0434-4F4E-341F-A916-4E07AEB35E79}) (Version: 9.0.30729 - Microsoft Corporation) Mozilla Firefox 32.0.3 (x86 pl) (HKLM\...\Mozilla Firefox 32.0.3 (x86 pl)) (Version: 32.0.3 - Mozilla) Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 29.0.1 - Mozilla) MSXML 4.0 SP2 (KB954430) (HKLM\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation) MSXML 4.0 SP2 (KB973688) (HKLM\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation) NapiProjekt 2.0.0 (build 2151) (HKLM\...\NapiProjekt_is1) (Version: - ) Nowe Gadu-Gadu (HKLM\...\Nowe Gadu-Gadu) (Version: - GG Network S.A.) NVIDIA Drivers (HKLM\...\NVIDIA Drivers) (Version: 1.3 - NVIDIA Corporation) NVIDIA PhysX (HKLM\...\{1C4551A6-4743-4093-91E4-1477CD655043}) (Version: 9.09.0203 - NVIDIA Corporation) Obsługa programów Apple (HKLM\...\{21FC2093-6E43-460B-B9B0-5F5AA35BBB0F}) (Version: 3.0 - Apple Inc.) Opera 12.02 (HKLM\...\Opera 12.02.1578) (Version: 12.02.1578 - Opera Software ASA) Oprogramowanie Intel(R) PROSet/Wireless WiFi (HKLM\...\{A1D6721B-9C28-4E3F-9DE1-C6584B99465D}) (Version: 12.04.4000 - Intel(R) Corporation) Pakiet językowy programu Microsoft .NET Framework 3.5 z dodatkiem SP1 — PLK (HKLM\...\Microsoft .NET Framework 3.5 Language Pack SP1 - plk) (Version: - Microsoft Corporation) Pakiet zgodności dla systemu Office 2007 (HKLM\...\{90120000-0020-0415-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation) PDF Settings (Version: 1.0 - Adobe Systems Incorporated) Hidden Picasa 3 (HKLM\...\Picasa 3) (Version: 3.8 - Google, Inc.) PL (Version: 13.0 - Corel Corporation) Hidden Play AVStation (HKLM\...\InstallShield_{955597D8-E5E1-474D-B647-60AC44566D24}) (Version: 4.1.20.50 - Samsung Electronics Co., LTD) Play AVStation (Version: 4.1.20.50 - Samsung Electronics Co., LTD) Hidden Play Camera (HKLM\...\InstallShield_{7B46F9CF-CF60-492E-816E-95EB1A9D1BB4}) (Version: 2.0.0.13 - Samsung Electronics) Play Camera (Version: 2.0.0.13 - Samsung Electronics) Hidden Realtek High Definition Audio Driver (HKLM\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.5605 - Realtek Semiconductor Corp.) Replay Media Catcher 4 (4.3.2) (HKLM\...\Replay Media Catcher 4) (Version: 4.3.2 - Applian Technologies) Revo Uninstaller 1.94 (HKLM\...\Revo Uninstaller) (Version: 1.94 - VS Revo Group) Samsung Magic Doctor (HKLM\...\{32D6A58F-9659-446C-BBFC-E6F2B41F24DC}) (Version: 5.00 - Samsung Electronics Co., LTD) Samsung Recovery Solution III (HKLM\...\{145DE957-0679-4A2A-BB5C-1D3E9808FAB2}) (Version: 3.0.0.5 - Samsung) Samsung Update Plus (HKLM\...\InstallShield_{685707A4-911C-468D-BFC4-64A50E5E3A0C}) (Version: 1.3.0.11 - Samsung Electronics Co., LTD) Samsung Update Plus (HKLM\...\InstallShield_{A5F483F0-2D79-4FCA-AE09-D0D96E23EBF7}) (Version: 2.0 - Samsung Electronics Co., LTD) Samsung Update Plus (Version: 1.3.0.11 - Samsung Electronics Co., LTD) Hidden Samsung Update Plus (Version: 2.0 - Samsung Electronics Co., LTD) Hidden Składniki łączności pakietu Microsoft Office Small Business (HKLM\...\{A939D341-5A04-4E0A-BB55-3E65B386432D}) (Version: 2.0.7024.0 - Microsoft Corporation) Spelling Dictionaries Support For Adobe Reader 9 (HKLM\...\{AC76BA86-7AD7-5464-3428-900000000004}) (Version: 9.0.0 - Adobe Systems Incorporated) Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 10.1.2.0 - Synaptics) Teleport Pro (HKLM\...\Teleport Pro) (Version: 1.45 - Tennyson Maxwell Information Systems, Inc.) Total Uninstall 6.0.1 (HKLM\...\Total Uninstall 6_is1) (Version: 6.0.1 - Gavrila Martau) Unity Web Player (HKCU\...\UnityWebPlayer) (Version: - Unity Technologies ApS) Update for Microsoft .NET Framework 3.5 SP1 (KB963707) (HKLM\...\{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}.KB963707) (Version: 1 - Microsoft Corporation) Update Manager (Version: 4.60 - Corel Corporation) Hidden USB2.0 UVC 1.3M WebCam (HKLM\...\USB2.0 UVC 1.3M WebCam) (Version: - ) USB2.0 UVC WebCam (HKLM\...\{090962E2-4BE8-4A8A-86B0-7A5ED31C1273}) (Version: 6.11.706.012 - D-MAX) User Guide (HKLM\...\{BAE68339-B0F6-4D33-9554-5A3DB2DFF5DA}) (Version: 1.0 - ) VBA (Version: 6.2 - Corel Corporation) Hidden WIDCOMM Bluetooth Software 6.0.1.6300 (HKLM\...\{03D1988F-469F-4843-8E6E-E5FE9D17889D}) (Version: 6.0.1.6300 - WIDCOMM, Inc.) Winamp (HKLM\...\Winamp) (Version: 5.56 - Nullsoft, Inc) WinPcap 4.1.1 (HKLM\...\WinPcapInst) (Version: 4.1.0.1753 - CACE Technologies) WM Recorder (HKLM\...\WM Recorder14.11.3) (Version: 14.11.3 - AllAlex, Inc) Xvid 1.3.0 (HKLM\...\Xvid_is1) (Version: 1.3.0 - Xvid Solutions) YTD Video Downloader 4.8.3 (HKLM\...\{1a413f37-ed88-4fec-9666-5c48dc4b7bb7}) (Version: 4.8.3 - GreenTree Applications SRL) ==================== Custom CLSID (selected items): ========================== (If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.) CustomCLSID: HKU\S-1-5-21-266271423-965352428-2610167932-1003_Classes\CLSID\{037FB476-15E0-4ED1-B11A-E420B750B1A8}\localserver32 -> C:\Program Files\Common Files\InstallShield\UpdateService\agent.exe (Macrovision Corporation) CustomCLSID: HKU\S-1-5-21-266271423-965352428-2610167932-1003_Classes\CLSID\{2837E0FE-686B-4CB0-BE53-0EA097EAF71B}\InprocServer32 -> C:\Windows\Downloaded Program Files\isusweb.dll (Macrovision Corporation) CustomCLSID: HKU\S-1-5-21-266271423-965352428-2610167932-1003_Classes\CLSID\{444785F1-DE89-4295-863A-D46C3A781394}\InprocServer32 -> C:\Users\Danusia i Dominik\AppData\LocalLow\Unity\WebPlayer\loader\UnityWebPluginAX.ocx (Unity Technologies ApS) CustomCLSID: HKU\S-1-5-21-266271423-965352428-2610167932-1003_Classes\CLSID\{5AFAFE48-7107-4FE5-B21A-86A4254541DD}\localserver32 -> C:\Program Files\Common Files\InstallShield\UpdateService\agent.exe (Macrovision Corporation) CustomCLSID: HKU\S-1-5-21-266271423-965352428-2610167932-1003_Classes\CLSID\{5B7524C8-2446-40E9-9474-94A779DBA224}\InprocServer32 -> C:\Windows\Downloaded Program Files\isusweb.dll (Macrovision Corporation) CustomCLSID: HKU\S-1-5-21-266271423-965352428-2610167932-1003_Classes\CLSID\{621D3650-F1D3-414C-97F9-03A02B211261}\localserver32 -> C:\Program Files\Common Files\InstallShield\UpdateService\ISDM.exe (Macrovision Corporation) CustomCLSID: HKU\S-1-5-21-266271423-965352428-2610167932-1003_Classes\CLSID\{623E415A-22EF-4DAA-A2FF-E68E77A673C9}\localserver32 -> C:\Program Files\Common Files\InstallShield\UpdateService\ISDM.exe (Macrovision Corporation) CustomCLSID: HKU\S-1-5-21-266271423-965352428-2610167932-1003_Classes\CLSID\{885BB46A-3F1E-44C3-A01B-A7D9260CC98B}\InprocServer32 -> C:\Windows\Downloaded Program Files\dwusplay.dll (InstallShield Software Corporation) CustomCLSID: HKU\S-1-5-21-266271423-965352428-2610167932-1003_Classes\CLSID\{915C2CEB-216B-4B7C-89E4-9ED3512D58D9}\localserver32 -> C:\Program Files\Common Files\InstallShield\UpdateService\ISDM.exe (Macrovision Corporation) CustomCLSID: HKU\S-1-5-21-266271423-965352428-2610167932-1003_Classes\CLSID\{92C5E738-7372-4CD6-BE57-15833624EBF3}\localserver32 -> C:\Program Files\Common Files\InstallShield\UpdateService\ISDM.exe (Macrovision Corporation) CustomCLSID: HKU\S-1-5-21-266271423-965352428-2610167932-1003_Classes\CLSID\{9CAAD2EA-177B-4D07-871F-47255B5D30F3}\localserver32 -> C:\Program Files\Common Files\InstallShield\UpdateService\ISDM.exe (Macrovision Corporation) CustomCLSID: HKU\S-1-5-21-266271423-965352428-2610167932-1003_Classes\CLSID\{B391A1DB-28C8-4506-A43C-5BD6051F16BA}\localserver32 -> C:\Program Files\Common Files\InstallShield\UpdateService\ISDM.exe (Macrovision Corporation) CustomCLSID: HKU\S-1-5-21-266271423-965352428-2610167932-1003_Classes\CLSID\{C2CFF95B-3A03-26C0-DC42-5108674D305F}\InprocServer32 -> C:\Windows\system32\ole32.dll (Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-266271423-965352428-2610167932-1003_Classes\CLSID\{E42CE23D-69F9-480A-A15F-BFF5E4D170C3}\localserver32 -> C:\Program Files\Common Files\InstallShield\UpdateService\agent.exe (Macrovision Corporation) CustomCLSID: HKU\S-1-5-21-266271423-965352428-2610167932-1003_Classes\CLSID\{E50C953D-311A-481B-8F8D-C55E65AF7417}\localserver32 -> C:\Program Files\Common Files\InstallShield\UpdateService\ISDM.exe (Macrovision Corporation) CustomCLSID: HKU\S-1-5-21-266271423-965352428-2610167932-1003_Classes\CLSID\{E9880553-B8A7-4960-A668-95C68BED571E}\InprocServer32 -> C:\Windows\Downloaded Program Files\isusweb.dll (Macrovision Corporation) CustomCLSID: HKU\S-1-5-21-266271423-965352428-2610167932-1003_Classes\CLSID\{E9A93328-79D4-4AED-A778-146E7191F8BC}\localserver32 -> C:\Program Files\Common Files\InstallShield\UpdateService\ISDM.exe (Macrovision Corporation) CustomCLSID: HKU\S-1-5-21-266271423-965352428-2610167932-1003_Classes\CLSID\{F1522EC1-F84F-4CE2-A38C-F9384B0DFD41}\localserver32 -> C:\Program Files\Common Files\InstallShield\UpdateService\agent.exe (Macrovision Corporation) CustomCLSID: HKU\S-1-5-21-266271423-965352428-2610167932-1003_Classes\CLSID\{FFF2D28F-E4EE-44D9-8104-8E71556757F6}\localserver32 -> C:\Program Files\Common Files\InstallShield\UpdateService\agent.exe (Macrovision Corporation) ==================== Restore Points ========================= 04-10-2014 18:15:44 Zaplanowany punkt kontrolny ==================== Hosts content: ========================== (If needed Hosts: directive could be included in the fixlist to reset Hosts.) 2006-11-02 12:23 - 2013-01-25 13:43 - 00000793 ____N C:\Windows\system32\Drivers\etc\hosts 127.0.0.1 localhost 127.0.0.1 secure.applian.com ==================== Scheduled Tasks (whitelisted) ============= (If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.) Task: {02358D27-CF53-43F0-AEEE-20BDF26B273C} - System32\Tasks\EasyDisplayMgr => C:\Program Files\Samsung\Easy Display Manager\dmhkcore.exe [2008-05-22] (SAMSUNG Electronics) Task: {0C6054EE-B101-4313-8D68-CBFD552486B9} - System32\Tasks\RealDownloaderDownloaderScheduledTaskS-1-5-21-266271423-965352428-2610167932-1003 => C:\Program Files\RealNetworks\RealDownloader\recordingmanager.exe Task: {1C7CE644-0CDA-4936-8E44-5B8F0B2029AB} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2014-09-24] (Adobe Systems Incorporated) Task: {1CC81347-6204-4B83-900C-01E02F50F067} - System32\Tasks\Microsoft\Windows\MobilePC\TMM Task: {24E8160F-8972-43D1-A284-94281FD148EF} - System32\Tasks\SamsungMagicDoctor => C:\Program Files\Samsung\Samsung Magic Doctor\MagicDoctorKbdHk.exe [2007-07-05] (Samsung Electronics Co., Ltd.) Task: {29A05649-FFB2-42B6-9B3C-BBE72A35E49E} - System32\Tasks\RealDownloaderRealUpgradeLogonTaskS-1-5-21-266271423-965352428-2610167932-1003 => C:\Program Files\RealNetworks\RealDownloader\realupgrade.exe Task: {2E98F871-FC35-467B-83C4-F3DA64AF2E1C} - System32\Tasks\Microsoft\Windows\Tcpip\WSHReset => C:\Windows\system32\netsh.exe [2006-11-02] (Microsoft Corporation) Task: {320124A7-D70F-41DE-A9D1-D5E8E19D5D91} - System32\Tasks\Microsoft\Windows\NetworkAccessProtection\NAPStatus UI Task: {3212B0F6-2C42-42B3-9C77-0CF9FD8DAED0} - System32\Tasks\e-pity2012_kwiecien => C:\Program Files\e-file\e-pity2012\signxml.exe Task: {3BCDF251-CA5C-4045-A1FC-8FCEF9FBDC93} - System32\Tasks\Microsoft\Windows\Shell\CrawlStartPages Task: {44980BEE-7809-44A9-AC24-D6E578A3B7DF} - System32\Tasks\Microsoft\Windows\RAC\RACAgent => C:\Windows\system32\RacAgent.exe [2008-01-21] (Microsoft Corporation) Task: {5E808DFF-12AE-4AEA-A7CF-74C32A2CB346} - System32\Tasks\Danusia i Dominik NBAgent 5 4 => C:\program files\nero\nero 10\nero backitup\NBAgent.exe Task: {5F98AC89-4719-49DB-BB4C-8D1D095CF26C} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2013-04-15] (Google Inc.) Task: {6FB0440F-BEF7-415B-98DB-1573C5E37780} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2013-04-15] (Google Inc.) Task: {7CE8CF7F-E859-4287-86A4-4E01101B9200} - System32\Tasks\e-pity2012_styczen => C:\Program Files\e-file\e-pity2012\signxml.exe Task: {95C984ED-9C0B-4F34-9878-D9ACBF985145} - System32\Tasks\EasyBatteryManager => C:\Program Files\Samsung\EBM\EasyBatteryMgr3.exe [2008-04-17] (SAMSUNG Electronics co., LTD.) Task: {A728AE6B-5AB8-4223-AD3E-E6341441A01C} - System32\Tasks\Microsoft\Windows\PLA\System\ConvertLogEntries => Rundll32.exe %windir%\system32\pla.dll,PlaConvertLogEntries Task: {B77D3614-285D-46AC-A7C6-28A569CDEF38} - System32\Tasks\Danusia i Dominik => C:\Program Files\Nero\Nero 10\Nero BackItUp\NBCore.exe Task: {B792163C-55C5-49F1-AEF7-673B9F6FA08A} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2012-11-24] (Piriform Ltd) Task: {CEB6A870-8D77-4674-A705-283704DDFF16} - System32\Tasks\RealDownloaderRealUpgradeScheduledTaskS-1-5-21-266271423-965352428-2610167932-1003 => C:\Program Files\RealNetworks\RealDownloader\realupgrade.exe Task: {E5150B95-F9B4-4D5D-95A2-7EC1ACBA95F8} - System32\Tasks\Microsoft\Windows\Wireless\GatherWirelessInfo => C:\Windows\system32\gatherWirelessInfo.vbs [2008-01-21] () Task: {EC078BB5-427A-49AF-A8E1-AB90D898D100} - System32\Tasks\SupBackGroundTask => C:\Program Files\Samsung\Samsung Update Plus\SUPBackGround.exe [2010-04-20] () Task: {F1E21D68-51A3-4EBC-BFCF-E63F63A3C9C7} - System32\Tasks\Microsoft\Windows\WindowsBackup\AutomaticBackup => Rundll32.exe /d sdengin2.dll,ExecuteScheduledBackup (If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.) Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\SupBackGroundTask.job => C:\Program Files\Samsung\Samsung Update Plus\SUPBackGround.exe ==================== Loaded Modules (whitelisted) ============= 2013-06-17 12:35 - 2013-06-17 12:35 - 00478400 _____ () C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 14.0.0\dblite.dll 2013-05-08 14:52 - 2013-05-08 14:52 - 01270464 _____ () C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 14.0.0\kpcengine.2.3.dll 2009-03-15 11:26 - 2007-09-20 19:34 - 00129024 _____ () C:\Program Files\WinRAR\rarext.dll 2008-06-25 12:33 - 2006-08-12 05:48 - 00049152 _____ () C:\Program Files\Samsung\Easy Display Manager\HookDllPS2.dll 2008-06-25 12:33 - 2006-08-12 05:48 - 00049152 _____ () C:\Program Files\Samsung\Samsung Magic Doctor\HookDllPS2.dll 2014-09-19 09:20 - 2014-09-25 09:57 - 03715184 _____ () C:\Program Files\Mozilla Firefox\mozjs.dll 2014-09-10 11:59 - 2014-09-10 11:59 - 16825520 _____ () C:\Windows\system32\Macromed\Flash\NPSWF32_15_0_0_152.dll ==================== Alternate Data Streams (whitelisted) ========= (If an entry is included in the fixlist, only the Alternate Data Streams will be removed.) AlternateDataStreams: C:\Users\Danusia i Dominik\Desktop\Strach nad miastem - Scar City 1998 PL.avi:TOC.WMV ==================== Safe Mode (whitelisted) =================== (If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.) ==================== EXE Association (whitelisted) ============= (If an entry is included in the fixlist, the default will be restored. None default entries will be removed.) ==================== MSCONFIG/TASK MANAGER disabled items ========= (Currently there is no automatic fix for this section.) MSCONFIG\startupreg: Adobe Reader Speed Launcher => "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe" MSCONFIG\startupreg: BDRegion => C:\Program Files\Cyberlink\Shared files\brs.exe MSCONFIG\startupreg: iTunesHelper => "C:\Program Files\iTunes\iTunesHelper.exe" MSCONFIG\startupreg: LightScribe Control Panel => C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe -hidden MSCONFIG\startupreg: RemoteControl10 => "C:\Program Files\CyberLink\PowerDVD10\PDVD10Serv.exe" ========================= Accounts: ========================== Administrator (S-1-5-21-266271423-965352428-2610167932-500 - Administrator - Disabled) Danusia i Dominik (S-1-5-21-266271423-965352428-2610167932-1003 - Administrator - Enabled) => C:\Users\Danusia i Dominik Gość (S-1-5-21-266271423-965352428-2610167932-501 - Limited - Enabled) ==================== Faulty Device Manager Devices ============= Name: Urządzenie Bluetooth (sieć osobista) #4 Description: Urządzenie Bluetooth (sieć osobista) Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318} Manufacturer: Microsoft Service: BthPan Problem: : This device is disabled. (Code 22) Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions. ==================== Event log errors: ========================= Application errors: ================== Error: (10/05/2014 01:16:02 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Aplikacja powodująca błąd FRST.exe, wersja 4.10.2014.1, sygnatura czasowa 0x542fbc1f, moduł powodujący błąd DNSAPI.dll, wersja 6.0.6002.18881, sygnatura czasowa 0x51da3e27, kod wyjątku 0xc0000142, przesunięcie błędu 0x00009f5d, identyfikator procesu 0x1178, godzina rozpoczęcia aplikacji 0xFRST.exe0. Error: (10/05/2014 01:15:40 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Aplikacja powodująca błąd FRST.exe, wersja 4.10.2014.1, sygnatura czasowa 0x542fbc1f, moduł powodujący błąd DNSAPI.dll, wersja 6.0.6002.18881, sygnatura czasowa 0x51da3e27, kod wyjątku 0xc0000142, przesunięcie błędu 0x00009f5d, identyfikator procesu 0xfe8, godzina rozpoczęcia aplikacji 0xFRST.exe0. Error: (10/05/2014 01:13:15 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Aplikacja powodująca błąd FRST.exe, wersja 4.10.2014.1, sygnatura czasowa 0x542fbc1f, moduł powodujący błąd DNSAPI.dll, wersja 6.0.6002.18881, sygnatura czasowa 0x51da3e27, kod wyjątku 0xc0000142, przesunięcie błędu 0x00009f5d, identyfikator procesu 0x1410, godzina rozpoczęcia aplikacji 0xFRST.exe0. Error: (10/05/2014 01:12:31 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Aplikacja powodująca błąd FRST.exe, wersja 4.10.2014.1, sygnatura czasowa 0x542fbc1f, moduł powodujący błąd DNSAPI.dll, wersja 6.0.6002.18881, sygnatura czasowa 0x51da3e27, kod wyjątku 0xc0000142, przesunięcie błędu 0x00009f5d, identyfikator procesu 0x171c, godzina rozpoczęcia aplikacji 0xFRST.exe0. Error: (10/05/2014 00:42:33 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Aplikacja powodująca błąd FRST.exe, wersja 4.10.2014.1, sygnatura czasowa 0x542fbc1f, moduł powodujący błąd DNSAPI.dll, wersja 6.0.6002.18881, sygnatura czasowa 0x51da3e27, kod wyjątku 0xc0000142, przesunięcie błędu 0x00009f5d, identyfikator procesu 0x13b8, godzina rozpoczęcia aplikacji 0xFRST.exe0. Error: (10/05/2014 00:34:03 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Aplikacja powodująca błąd FRST.exe, wersja 4.10.2014.1, sygnatura czasowa 0x542fbc1f, moduł powodujący błąd DNSAPI.dll, wersja 6.0.6002.18881, sygnatura czasowa 0x51da3e27, kod wyjątku 0xc0000142, przesunięcie błędu 0x00009f5d, identyfikator procesu 0x1504, godzina rozpoczęcia aplikacji 0xFRST.exe0. Error: (10/05/2014 00:33:21 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Aplikacja powodująca błąd FRST.exe, wersja 4.10.2014.1, sygnatura czasowa 0x542fbc1f, moduł powodujący błąd DNSAPI.dll, wersja 6.0.6002.18881, sygnatura czasowa 0x51da3e27, kod wyjątku 0xc0000142, przesunięcie błędu 0x00009f5d, identyfikator procesu 0x1398, godzina rozpoczęcia aplikacji 0xFRST.exe0. Error: (10/05/2014 09:33:35 AM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: m->NextScheduledSPRetry 999 Error: (10/05/2014 09:33:35 AM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: m->NextScheduledEvent 999 Error: (10/05/2014 09:33:35 AM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: Continuously busy for more than a second System errors: ============= Error: (10/05/2014 08:53:21 AM) (Source: Microsoft-Windows-LanguagePackSetup) (EventID: 1001) (User: ZARZĄDZANIE NT) Description: 0x80070032 Error: (10/05/2014 08:51:11 AM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Parallel port driver%%1058 Error: (10/05/2014 08:49:39 AM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10000) (User: ZARZĄDZANIE NT) Description: C:\Windows\System32\IWMSSvc.dll126 Error: (10/04/2014 10:12:32 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Usługa udostępniania w sieci programu Windows Media Player%%1053 Error: (10/04/2014 10:12:32 PM) (Source: Service Control Manager) (EventID: 7009) (User: ) Description: 30000Usługa udostępniania w sieci programu Windows Media Player Error: (10/04/2014 10:09:50 PM) (Source: Service Control Manager) (EventID: 7011) (User: ) Description: 30000PlugPlay Error: (10/04/2014 10:09:50 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Parallel port driver%%1058 Error: (10/04/2014 10:09:39 PM) (Source: Microsoft-Windows-LanguagePackSetup) (EventID: 1001) (User: ZARZĄDZANIE NT) Description: 0x80070032 Error: (10/04/2014 10:08:15 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10000) (User: ZARZĄDZANIE NT) Description: C:\Windows\System32\IWMSSvc.dll126 Error: (10/04/2014 03:45:04 PM) (Source: Dhcp) (EventID: 1001) (User: ) Description: Komputerowi nie został przypisany adres z sieci (przez serwer DHCP) dla karty sieciowej o adresie 001377AB999E. Wystąpił następujący błąd: %%121. Komputer będzie dalej próbował sam uzyskać adres z serwera adresów sieciowych (DHCP). Microsoft Office Sessions: ========================= Error: (10/05/2014 01:16:02 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: FRST.exe4.10.2014.1542fbc1fDNSAPI.dll6.0.6002.1888151da3e27c000014200009f5d117801cfe08dbe9a0850 Error: (10/05/2014 01:15:40 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: FRST.exe4.10.2014.1542fbc1fDNSAPI.dll6.0.6002.1888151da3e27c000014200009f5dfe801cfe08db12e3600 Error: (10/05/2014 01:13:15 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: FRST.exe4.10.2014.1542fbc1fDNSAPI.dll6.0.6002.1888151da3e27c000014200009f5d141001cfe08d59060110 Error: (10/05/2014 01:12:31 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: FRST.exe4.10.2014.1542fbc1fDNSAPI.dll6.0.6002.1888151da3e27c000014200009f5d171c01cfe08d3dd73bc0 Error: (10/05/2014 00:42:33 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: FRST.exe4.10.2014.1542fbc1fDNSAPI.dll6.0.6002.1888151da3e27c000014200009f5d13b801cfe088f4d88b80 Error: (10/05/2014 00:34:03 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: FRST.exe4.10.2014.1542fbc1fDNSAPI.dll6.0.6002.1888151da3e27c000014200009f5d150401cfe087dcfabb60 Error: (10/05/2014 00:33:21 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: FRST.exe4.10.2014.1542fbc1fDNSAPI.dll6.0.6002.1888151da3e27c000014200009f5d139801cfe087a57b9420 Error: (10/05/2014 09:33:35 AM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: m->NextScheduledSPRetry 999 Error: (10/05/2014 09:33:35 AM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: m->NextScheduledEvent 999 Error: (10/05/2014 09:33:35 AM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: Continuously busy for more than a second CodeIntegrity Errors: =================================== Date: 2014-10-05 13:54:02.506 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\kneps.sys because the set of per-page image hashes could not be found on the system. Date: 2014-10-05 13:54:02.255 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\kneps.sys because the set of per-page image hashes could not be found on the system. Date: 2014-10-05 13:54:02.004 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\kneps.sys because the set of per-page image hashes could not be found on the system. Date: 2014-10-05 13:54:01.753 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\kneps.sys because the set of per-page image hashes could not be found on the system. Date: 2014-10-05 13:54:01.427 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\kltdi.sys because the set of per-page image hashes could not be found on the system. Date: 2014-10-05 13:54:01.176 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\kltdi.sys because the set of per-page image hashes could not be found on the system. Date: 2014-10-05 13:54:00.926 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\kltdi.sys because the set of per-page image hashes could not be found on the system. Date: 2014-10-05 13:54:00.673 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\kltdi.sys because the set of per-page image hashes could not be found on the system. Date: 2014-10-05 13:54:00.370 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\klpd.sys because the set of per-page image hashes could not be found on the system. Date: 2014-10-05 13:54:00.118 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\klpd.sys because the set of per-page image hashes could not be found on the system. ==================== Memory info =========================== Processor: Intel(R) Core(TM)2 Duo CPU P8400 @ 2.26GHz Percentage of memory in use: 72% Total physical RAM: 3065.88 MB Available physical RAM: 857.52 MB Total Pagefile: 6334.82 MB Available Pagefile: 3677.26 MB Total Virtual: 2047.88 MB Available Virtual: 1862.39 MB ==================== Drives ================================ Drive c: () (Fixed) (Total:80.09 GB) (Free:4.2 GB) NTFS ==>[Drive with boot components (obtained from BCD)] Drive d: () (Fixed) (Total:208 GB) (Free:4.75 GB) NTFS ==================== MBR & Partition Table ================== ======================================================== Disk: 0 (Size: 298.1 GB) (Disk ID: 70ADE391) Partition 1: (Not Active) - (Size=10 GB) - (Type=27) Partition 2: (Active) - (Size=80.1 GB) - (Type=07 NTFS) Partition 3: (Not Active) - (Size=208 GB) - (Type=07 NTFS) ==================== End Of Log ============================