Additional scan result of Farbar Recovery Scan Tool (x86) Version: 21-10-2014 Ran by Tosia at 2014-10-21 13:23:43 Running from C:\Users\Tosia\Desktop Boot Mode: Normal ========================================================== ==================== Security Center ======================== (If an entry is included in the fixlist, it will be removed.) AV: AVG Internet Security 2015 (Enabled - Up to date) {0E9420C4-06B3-7FA0-3AB1-6E49CB52ECD9} AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: AVG Internet Security 2015 (Enabled - Up to date) {B5F5C120-2089-702E-0001-553BB0D5A664} FW: AVG Internet Security 2015 (Enabled) {36AFA1E1-4CDC-7EF8-11EE-C77C3581ABA2} ==================== Installed Programs ====================== (Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.) AIMP3 (HKLM\...\AIMP3) (Version: v3.10.1074, 24.08.2012 - AIMP DevTeam) Aktualizacja produktu Microsoft Office Excel 2007 Help (KB963678) (HKLM\...\{90120000-0016-0415-0000-0000000FF1CE}_ENTERPRISE_{04E205D6-88B1-4652-B162-42DF2C3B1228}) (Version: - Microsoft) Aktualizacja produktu Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM\...\{90120000-0018-0415-0000-0000000FF1CE}_ENTERPRISE_{442ECBCF-94A7-48CC-8CD9-D31FFFD5FA86}) (Version: - Microsoft) Aktualizacja produktu Microsoft Office Word 2007 Help (KB963665) (HKLM\...\{90120000-001B-0415-0000-0000000FF1CE}_ENTERPRISE_{128A36ED-21BE-4547-9FFE-5B85AEC735DD}) (Version: - Microsoft) AVG 2015 (HKLM\...\AVG) (Version: 2015.0.5315 - AVG Technologies) AVG 2015 (Version: 15.0.4181 - AVG Technologies) Hidden AVG 2015 (Version: 15.0.5315 - AVG Technologies) Hidden BS.Player PRO (HKLM\...\BSPlayerp) (Version: 2.51.1022 - Webteh, d.o.o.) CDBurnerXP (HKLM\...\{7E265513-8CDA-4631-B696-F40D983F3B07}_is1) (Version: 4.3.0.1991 - CDBurnerXP) HDAUDIO Soft Data Fax Modem with SmartCP (HKLM\...\CNXT_MODEM_HDAUDIO_VEN_14F1&DEV_5051&SUBSYS_1179) (Version: - ) Huawei E3272 (HKLM\...\Huawei E3272) (Version: 22.001.22.00.1202 - Huawei Technologies Co.,Ltd) Intel(R) Graphics Media Accelerator Driver (HKLM\...\HDMI) (Version: 8.15.10.1930 - Intel Corporation) Intel(R) TV Wizard (HKLM\...\TVWiz) (Version: - Intel Corporation) Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation) Microsoft .NET Framework 4.5.1 (Polski) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1045) (Version: 4.5.50938 - Microsoft Corporation) Microsoft Office 2007 Service Pack 3 (SP3) (HKLM\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft) Microsoft Office Enterprise 2007 (HKLM\...\ENTERPRISE) (Version: 12.0.6612.1000 - Microsoft Corporation) Microsoft Office File Validation Add-In (HKLM\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation) Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation) QuickTime Alternative 3.1.1 (HKLM\...\QuicktimeAlt_is1) (Version: 3.1.1 - ) Real Alternative 2.0.2 (HKLM\...\RealAlt_is1) (Version: 2.0.2 - ) UltraVnc (HKLM\...\Ultravnc2_is1) (Version: 1.2.0.3 - uvnc bvba) Update for 2007 Microsoft Office System (KB967642) (HKLM\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft) Visual Studio 2012 x86 Redistributables (HKLM\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.) WinRAR wersja 3.93 (HKLM\...\{F3041360-B312-4EB5-BE41-6BC904428A9C}_is1) (Version: 3.93 - ) ==================== Custom CLSID (selected items): ========================== (If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.) ==================== Restore Points ========================= ==================== Hosts content: ========================== (If needed Hosts: directive could be included in the fixlist to reset Hosts.) 2009-07-14 04:04 - 2013-10-14 15:21 - 00000864 ____A C:\Windows\system32\Drivers\etc\hosts 127.0.0.1 validation.sls.microsoft.com ==================== Scheduled Tasks (whitelisted) ============= (If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.) Task: {282BD8A0-101A-41D9-9F74-C4EF5873FD95} - System32\Tasks\Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan => C:\Program Files\Microsoft Security Client\MpCmdRun.exe (If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.) ==================== Loaded Modules (whitelisted) ============= 2014-05-22 21:05 - 2013-12-03 08:09 - 00240720 _____ () C:\ProgramData\MobileBrServ\mbbservice.exe 2014-10-07 00:00 - 2014-10-21 10:48 - 00117248 _____ () C:\ProgramData\2ce8e63b-5e53-4efc-b4cf-6a6e52e017a4\maintainer.exe 2013-10-14 15:34 - 2010-03-04 22:38 - 00071096 _____ () C:\Program Files\CDBurnerXP\NMSAccessU.exe ==================== Alternate Data Streams (whitelisted) ========= (If an entry is included in the fixlist, only the Alternate Data Streams will be removed.) ==================== Safe Mode (whitelisted) =================== (If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.) ==================== EXE Association (whitelisted) ============= (If an entry is included in the fixlist, the default will be restored. None default entries will be removed.) ==================== MSCONFIG/TASK MANAGER disabled items ========= (Currently there is no automatic fix for this section.) ========================= Accounts: ========================== Administrator (S-1-5-21-3540718366-3431534050-1744074-500 - Administrator - Disabled) Gość (S-1-5-21-3540718366-3431534050-1744074-501 - Limited - Disabled) Tosia (S-1-5-21-3540718366-3431534050-1744074-1000 - Administrator - Enabled) => C:\Users\Tosia ==================== Faulty Device Manager Devices ============= Name: Teredo Tunneling Pseudo-Interface Description: Karta tunelowania Teredo firmy Microsoft Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318} Manufacturer: Microsoft Service: tunnel Problem: : This device cannot start. (Code10) Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device. On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard. Name: Description: Class Guid: Manufacturer: Service: Problem: : The drivers for this device are not installed. (Code 28) Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard. ==================== Event log errors: ========================= Application errors: ================== Error: (10/21/2014 01:12:56 PM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (10/21/2014 11:52:55 AM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (10/21/2014 11:41:38 AM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (10/21/2014 11:08:48 AM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (10/21/2014 10:49:16 AM) (Source: Application Hang) (EventID: 1002) (User: ) Description: Program FRST.exe w wersji 21.10.2014.0 zatrzymał interakcję z systemem Windows i został zamknięty. Aby zobaczyć, czy jest dostępnych więcej informacji dotyczących tego problemu, sprawdź historię problemu w panelu sterowania Centrum akcji. Identyfikator procesu: 320 Godzina rozpoczęcia: 01cfed0bb049c0e6 Godzina zakończenia: 0 Ścieżka aplikacji: C:\Users\Tosia\Desktop\FRST.exe Identyfikator raportu: Error: (10/21/2014 10:17:31 AM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (10/20/2014 09:18:02 PM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (10/19/2014 04:34:28 PM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (10/18/2014 09:32:30 PM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (10/13/2014 10:26:40 PM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 System errors: ============= Error: (10/21/2014 01:06:48 PM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: Usługa Windows Search niespodziewanie zakończyła pracę. Wystąpiło to razy: 1. W przeciągu 30000 milisekund zostanie podjęta następująca czynność korekcyjna: Uruchom usługę ponownie. Error: (10/21/2014 01:06:48 PM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: Usługa Machine Debug Manager niespodziewanie zakończyła pracę. Wystąpiło to razy: 1. Error: (10/21/2014 01:06:48 PM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: Usługa Usługa udostępniania w sieci programu Windows Media Player niespodziewanie zakończyła pracę. Wystąpiło to razy: 1. W przeciągu 30000 milisekund zostanie podjęta następująca czynność korekcyjna: Uruchom usługę ponownie. Error: (10/21/2014 01:06:48 PM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: Usługa Util Jump Flip niespodziewanie zakończyła pracę. Wystąpiło to razy: 1. W przeciągu 5000 milisekund zostanie podjęta następująca czynność korekcyjna: Uruchom usługę ponownie. Error: (10/21/2014 01:06:48 PM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: Usługa XAudioService niespodziewanie zakończyła pracę. Wystąpiło to razy: 1. Error: (10/21/2014 01:06:48 PM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: Usługa Update Jump Flip niespodziewanie zakończyła pracę. Wystąpiło to razy: 1. W przeciągu 5000 milisekund zostanie podjęta następująca czynność korekcyjna: Uruchom usługę ponownie. Error: (10/21/2014 01:06:48 PM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: Usługa MaintainerSvc1.47.6049145 niespodziewanie zakończyła pracę. Wystąpiło to razy: 1. Error: (10/21/2014 01:06:48 PM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: Usługa NMSAccess niespodziewanie zakończyła pracę. Wystąpiło to razy: 1. Error: (10/21/2014 01:06:47 PM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: Usługa Huawei E3272 niespodziewanie zakończyła pracę. Wystąpiło to razy: 1. Error: (10/21/2014 01:06:47 PM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: Usługa Adobe Acrobat Update Service niespodziewanie zakończyła pracę. Wystąpiło to razy: 1. Microsoft Office Sessions: ========================= ==================== Memory info =========================== Processor: Intel(R) Core(TM)2 Duo CPU T5550 @ 1.83GHz Percentage of memory in use: 42% Total physical RAM: 2038.43 MB Available physical RAM: 1175.81 MB Total Pagefile: 4076.86 MB Available Pagefile: 3059.98 MB Total Virtual: 2047.88 MB Available Virtual: 1908.75 MB ==================== Drives ================================ Drive c: () (Fixed) (Total:117.09 GB) (Free:98.76 GB) NTFS Drive f: (Nowy) (Fixed) (Total:115.7 GB) (Free:115.59 GB) NTFS ==================== MBR & Partition Table ================== ======================================================== Disk: 0 (MBR Code: Windows 7 or 8) (Size: 232.9 GB) (Disk ID: 9C9F1ADA) Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS) Partition 2: (Not Active) - (Size=117.1 GB) - (Type=07 NTFS) Partition 3: (Not Active) - (Size=115.7 GB) - (Type=07 NTFS) ==================== End Of Log ============================