Additional scan result of Farbar Recovery Scan Tool (x86) Version: 22-10-2014 Ran by Lewandowski at 2014-10-24 00:13:48 Running from C:\Documents and Settings\Lewandowski\Pulpit Boot Mode: Normal ========================================================== ==================== Security Center ======================== (If an entry is included in the fixlist, it will be removed.) ==================== Installed Programs ====================== (Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.) µTorrent (HKLM\...\uTorrent) (Version: 2.0.4 - ) Adobe Flash Player 15 Plugin (HKLM\...\Adobe Flash Player Plugin) (Version: 15.0.0.152 - Adobe Systems Incorporated) Adobe Reader XI (11.0.08) - Polish (HKLM\...\{AC76BA86-7AD7-1045-7B44-AB0000000001}) (Version: 11.0.08 - Adobe Systems Incorporated) Compatibility Pack for the 2007 Office system (HKLM\...\{90120000-0020-0409-0000-0000000FF1CE}) (Version: 12.0.6514.5001 - Microsoft Corporation) CPUID CPU-Z 1.71 (HKLM\...\CPUID CPU-Z_is1) (Version: - ) DivX PowerPack Lite 1.28 (HKLM\...\{CB3331BE-811F-4633-A391-1B6CD974D143}_is1) (Version: 1.28 - Maciej Bieniek) ffdshow v1.3.4530 [2014-02-09] (HKLM\...\ffdshow_is1) (Version: 1.3.4530.0 - ) FlashGet 1.9.6.1073 (HKLM\...\FlashGet) (Version: 1.9.6.1073 - http://www.FlashGet.com) Gadu-Gadu 7.1 (HKLM\...\Gadu-Gadu) (Version: - ) Garmin USB Drivers (HKLM\...\{65F9E1F3-A2C1-4AA9-9F33-A3AEB0255F0E}) (Version: 2.3.0.0 - Garmin Ltd or its subsidiaries) High Quality Photo Resizer 6.0 (HKLM\...\High Quality Photo Resizer_is1) (Version: - Naturpic Software) hp deskjet 3320 series (Tylko usuń) (HKLM\...\hp deskjet 3320 series) (Version: - ) Java 7 Update 67 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F03217067FF}) (Version: 7.0.670 - Oracle) Java Auto Updater (Version: 2.1.67.1 - Oracle, Inc.) Hidden Microsoft .NET Framework 2.0 Service Pack 2 (HKLM\...\{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}) (Version: 2.2.30729 - Microsoft Corporation) Microsoft .NET Framework 2.0 Service Pack 2 Language Pack - PLK (HKLM\...\{2AFF2951-86B1-3C53-B34D-B440F11E7D0A}) (Version: 2.2.30729 - Microsoft Corporation) Microsoft .NET Framework 3.0 Service Pack 2 (HKLM\...\{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}) (Version: 3.2.30729 - Microsoft Corporation) Microsoft .NET Framework 3.0 Service Pack 2 Language Pack - PLK (HKLM\...\{5A0DDC27-88E5-3CAD-BC3D-28FFD05CA6B9}) (Version: 3.2.30729 - Microsoft Corporation) Microsoft .NET Framework 3.5 SP1 (HKLM\...\Microsoft .NET Framework 3.5 SP1) (Version: - Microsoft Corporation) Microsoft .NET Framework 4 Client Profile (HKLM\...\Microsoft .NET Framework 4 Client Profile) (Version: 4.0.30319 - Microsoft Corporation) Microsoft .NET Framework 4 Extended (HKLM\...\Microsoft .NET Framework 4 Extended) (Version: 4.0.30319 - Microsoft Corporation) Microsoft Access database engine 2010 (English) (HKLM\...\{90140000-00D1-0409-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation) Microsoft Office Professional Edition 2003 (HKLM\...\{90110415-6000-11D3-8CFE-0150048383C9}) (Version: 11.0.8173.0 - Microsoft Corporation) Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.20913.0 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319 (HKLM\...\{196BB40D-1578-3D01-B289-BEFC77A11A1E}) (Version: 10.0.30319 - Microsoft Corporation) Mozilla Firefox 32.0.3 (x86 pl) (HKLM\...\Mozilla Firefox 32.0.3 (x86 pl)) (Version: 32.0.3 - Mozilla) Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 32.0.3 - Mozilla) Nero 6 Ultra Edition (HKLM\...\Nero - Burning Rom!UninstallKey) (Version: - ) NVIDIA Display Driver (HKLM\...\NVIDIA Display Driver) (Version: - ) Pakiet językowy programu Microsoft .NET Framework 3.5 z dodatkiem SP1 — PLK (HKLM\...\Microsoft .NET Framework 3.5 Language Pack SP1 - plk) (Version: - Microsoft Corporation) Pakiet zgodności dla systemu Office 2007 (HKLM\...\{90120000-0020-0415-0000-0000000FF1CE}) (Version: 12.0.6021.5000 - Microsoft Corporation) Poprawka dla systemu Windows XP (KB942288-v3) (HKLM\...\KB942288-v3) (Version: 3 - Microsoft Corporation) SAPI Wrapper (Version: 1.0.0.0 - Microsoft Corporation) Hidden Sothink FLV Player (HKLM\...\{CAAB0192-5704-469F-A0BE-2D842D70E93B}_is1) (Version: 2.3 - SourceTec Software Co., LTD) swMSM (Version: 12.0.0.1 - Adobe Systems, Inc) Hidden TTS Wrapper (Version: 1.0.0.0 - Microsoft Corporation) Hidden UsbFix (HKLM\...\Usbfix) (Version: 7.183 - El Desaparecido - www.usbfix.net - www.sosvirus.net) VC80CRTRedist - 8.0.50727.6195 (Version: 1.2.0 - DivX, Inc) Hidden VIA Rhine-Family Fast-Ethernet Adapter (HKLM\...\VN_VUIns_Rhine_VIA) (Version: - ) WebFldrs XP (Version: 9.50.7523 - Microsoft Corporation) Hidden Winamp (remove only) (HKLM\...\Winamp) (Version: - ) Windows Driver Package - Garmin (grmnusb) GARMIN Devices (06/03/2009 2.3.0.0) (HKLM\...\49CF605F02C7954F4E139D18828DE298CD59217C) (Version: 06/03/2009 2.3.0.0 - Garmin) Windows Media Format 11 runtime (HKLM\...\Windows Media Format Runtime) (Version: - ) Windows Media Format 11 runtime (Version: - Microsoft Corporation) Hidden WinRAR 4.20 (32-bitowy) (HKLM\...\WinRAR archiver) (Version: 4.20.0 - win.rar GmbH) XML Paper Specification Shared Components Language Pack 1.0 (Version: - Microsoft Corporation) Hidden XML Paper Specification Shared Components Pack 1.0 (Version: - Microsoft Corporation) Hidden ==================== Custom CLSID (selected items): ========================== (If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.) ==================== Restore Points ========================= 06-10-2014 15:45:10 Installed Eraser 6.0.10.2620 06-10-2014 16:02:42 Removed Eraser 6.0.10.2620 07-10-2014 13:00:21 Zainstalowane sterowniki drukarek: Microsoft Office Document Im ==================== Hosts content: ========================== (If needed Hosts: directive could be included in the fixlist to reset Hosts.) 2001-10-26 20:45 - 2014-10-06 18:37 - 00000027 ____A C:\WINDOWS\system32\Drivers\etc\hosts 127.0.0.1 localhost ==================== Scheduled Tasks (whitelisted) ============= (If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.) Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe Task: C:\WINDOWS\Tasks\AutoKMS.job => C:\WINDOWS\AutoKMS\AutoKMS.exe ==================== Loaded Modules (whitelisted) ============= ==================== Alternate Data Streams (whitelisted) ========= (If an entry is included in the fixlist, only the Alternate Data Streams will be removed.) ==================== Safe Mode (whitelisted) =================== (If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.) ==================== EXE Association (whitelisted) ============= (If an entry is included in the fixlist, the default will be restored. None default entries will be removed.) ==================== MSCONFIG/TASK MANAGER disabled items ========= (Currently there is no automatic fix for this section.) ========================= Accounts: ========================== Administrator (S-1-5-21-1801674531-630328440-1606980848-500 - Administrator - Enabled) ASPNET (S-1-5-21-1801674531-630328440-1606980848-1004 - Limited - Enabled) Gość (S-1-5-21-1801674531-630328440-1606980848-501 - Limited - Disabled) Lewandowski (S-1-5-21-1801674531-630328440-1606980848-1003 - Administrator - Enabled) => %SystemDrive%\Documents and Settings\Lewandowski Pomocnik (S-1-5-21-1801674531-630328440-1606980848-1000 - Limited - Disabled) SUPPORT_388945a0 (S-1-5-21-1801674531-630328440-1606980848-1002 - Limited - Disabled) ==================== Faulty Device Manager Devices ============= Name: Stacja dyskietek Description: Stacja dyskietek Class Guid: {4D36E980-E325-11CE-BFC1-08002BE10318} Manufacturer: (Standardowe sterowniki stacji dyskietek) Service: flpydisk Problem: : This device is disabled. (Code 22) Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions. ==================== Event log errors: ========================= Application errors: ================== Error: (10/24/2014 00:03:20 AM) (Source: PerfNet) (EventID: 2002) (User: ) Description: Nie można otworzyć usługi przekierowania. Dane wydajności przekierowania nie zostaną zwrócone. Zwrócony kod stanu to dane DWORD 0. Error: (10/24/2014 00:03:20 AM) (Source: PerfNet) (EventID: 2004) (User: ) Description: Nie można otworzyć usługi Server. Dane wydajności usługi Server nie zostaną zwrócone. Zwrócony kod stanu to dane DWORD 0. Error: (10/24/2014 00:00:20 AM) (Source: PerfNet) (EventID: 2002) (User: ) Description: Nie można otworzyć usługi przekierowania. Dane wydajności przekierowania nie zostaną zwrócone. Zwrócony kod stanu to dane DWORD 0. Error: (10/24/2014 00:00:20 AM) (Source: PerfNet) (EventID: 2004) (User: ) Description: Nie można otworzyć usługi Server. Dane wydajności usługi Server nie zostaną zwrócone. Zwrócony kod stanu to dane DWORD 0. Error: (10/23/2014 05:00:14 PM) (Source: PerfNet) (EventID: 2002) (User: ) Description: Nie można otworzyć usługi przekierowania. Dane wydajności przekierowania nie zostaną zwrócone. Zwrócony kod stanu to dane DWORD 0. Error: (10/23/2014 05:00:14 PM) (Source: PerfNet) (EventID: 2004) (User: ) Description: Nie można otworzyć usługi Server. Dane wydajności usługi Server nie zostaną zwrócone. Zwrócony kod stanu to dane DWORD 0. Error: (10/10/2014 03:29:39 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Aplikacja powodująca błąd frst.exe, wersja 6.10.2014.1, moduł powodujący błąd unknown, wersja 0.0.0.0, adres błędu 0x00e1fddf. Przetwarzanie zdarzenia określonego nośnika dla [frst.exe!ws!] Error: (10/10/2014 03:28:06 PM) (Source: PerfNet) (EventID: 2002) (User: ) Description: Nie można otworzyć usługi przekierowania. Dane wydajności przekierowania nie zostaną zwrócone. Zwrócony kod stanu to dane DWORD 0. Error: (10/10/2014 03:28:06 PM) (Source: PerfNet) (EventID: 2004) (User: ) Description: Nie można otworzyć usługi Server. Dane wydajności usługi Server nie zostaną zwrócone. Zwrócony kod stanu to dane DWORD 0. Error: (10/10/2014 02:31:28 PM) (Source: PerfNet) (EventID: 2002) (User: ) Description: Nie można otworzyć usługi przekierowania. Dane wydajności przekierowania nie zostaną zwrócone. Zwrócony kod stanu to dane DWORD 0. System errors: ============= Error: (10/24/2014 00:03:16 AM) (Source: Service Control Manager) (EventID: 7023) (User: ) Description: Usługa IPSEC Services zakończyła działanie; wystąpił następujący błąd: %%1747 Error: (10/24/2014 00:00:16 AM) (Source: Service Control Manager) (EventID: 7023) (User: ) Description: Usługa IPSEC Services zakończyła działanie; wystąpił następujący błąd: %%1747 Error: (10/23/2014 05:00:10 PM) (Source: Service Control Manager) (EventID: 7023) (User: ) Description: Usługa IPSEC Services zakończyła działanie; wystąpił następujący błąd: %%1747 Error: (10/23/2014 01:18:42 PM) (Source: W32Time) (EventID: 34) (User: ) Description: Usługa czas wykryła, że trzeba zmienić czas systemowy o +83602 s. Usługa czasu nie zmieni czasu systemowego o więcej niż +54000 s. Sprawdź, czy czas i strefa czasowa są poprawne i czy źródło czasu time.nist.gov (ntp.m|0x1|192.168.100.197:123->24.56.178.140:123) działa poprawnie. Error: (10/10/2014 03:28:01 PM) (Source: Service Control Manager) (EventID: 7023) (User: ) Description: Usługa IPSEC Services zakończyła działanie; wystąpił następujący błąd: %%1747 Error: (10/10/2014 02:31:24 PM) (Source: Service Control Manager) (EventID: 7023) (User: ) Description: Usługa IPSEC Services zakończyła działanie; wystąpił następujący błąd: %%1747 Error: (10/10/2014 10:32:32 AM) (Source: Service Control Manager) (EventID: 7023) (User: ) Description: Usługa IPSEC Services zakończyła działanie; wystąpił następujący błąd: %%1747 Error: (10/09/2014 08:29:50 AM) (Source: Service Control Manager) (EventID: 7023) (User: ) Description: Usługa IPSEC Services zakończyła działanie; wystąpił następujący błąd: %%1747 Error: (10/08/2014 00:17:25 PM) (Source: Service Control Manager) (EventID: 7023) (User: ) Description: Usługa IPSEC Services zakończyła działanie; wystąpił następujący błąd: %%1747 Error: (10/08/2014 00:13:45 PM) (Source: Service Control Manager) (EventID: 7023) (User: ) Description: Usługa IPSEC Services zakończyła działanie; wystąpił następujący błąd: %%1747 Microsoft Office Sessions: ========================= Error: (10/24/2014 00:03:20 AM) (Source: PerfNet) (EventID: 2002) (User: ) Description: Error: (10/24/2014 00:03:20 AM) (Source: PerfNet) (EventID: 2004) (User: ) Description: Error: (10/24/2014 00:00:20 AM) (Source: PerfNet) (EventID: 2002) (User: ) Description: Error: (10/24/2014 00:00:20 AM) (Source: PerfNet) (EventID: 2004) (User: ) Description: Error: (10/23/2014 05:00:14 PM) (Source: PerfNet) (EventID: 2002) (User: ) Description: Error: (10/23/2014 05:00:14 PM) (Source: PerfNet) (EventID: 2004) (User: ) Description: Error: (10/10/2014 03:29:39 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: frst.exe6.10.2014.1unknown0.0.0.000e1fddf Error: (10/10/2014 03:28:06 PM) (Source: PerfNet) (EventID: 2002) (User: ) Description: Error: (10/10/2014 03:28:06 PM) (Source: PerfNet) (EventID: 2004) (User: ) Description: Error: (10/10/2014 02:31:28 PM) (Source: PerfNet) (EventID: 2002) (User: ) Description: ==================== Memory info =========================== Processor: AMD Athlon(tm) XP Percentage of memory in use: 36% Total physical RAM: 511.48 MB Available physical RAM: 325.5 MB Total Pagefile: 1250.1 MB Available Pagefile: 1111.5 MB Total Virtual: 2047.88 MB Available Virtual: 1939.37 MB ==================== Drives ================================ Drive c: () (Fixed) (Total:42.64 GB) (Free:1.52 GB) NTFS ==>[Drive with boot components (Windows XP)] Drive d: () (Fixed) (Total:24.67 GB) (Free:0.65 GB) NTFS Drive e: () (Fixed) (Total:230.78 GB) (Free:3.46 GB) NTFS ==================== MBR & Partition Table ================== ======================================================== Disk: 0 (Size: 298.1 GB) (Disk ID: 00000001) Partition 1: (Active) - (Size=42.6 GB) - (Type=07 NTFS) Partition 2: (Not Active) - (Size=24.7 GB) - (Type=07 NTFS) Partition 3: (Not Active) - (Size=230.8 GB) - (Type=07 NTFS) ==================== End Of Log ============================