Additional scan result of Farbar Recovery Scan Tool (x86) Version: 13-11-2014 01 Ran by Sławek at 2014-11-16 11:32:31 Running from C:\Users\Sławek\Desktop Boot Mode: Normal ========================================================== ==================== Security Center ======================== (If an entry is included in the fixlist, it will be removed.) AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B} AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736} ==================== Installed Programs ====================== (Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.) 32 Bit HP CIO Components Installer (Version: 1.0.0 - Hewlett-Packard) Hidden 7-Zip 9.20 (HKLM\...\7-Zip) (Version: - ) Adobe Flash Player 15 Plugin (HKLM\...\Adobe Flash Player Plugin) (Version: 15.0.0.223 - Adobe Systems Incorporated) Adobe Reader XI (11.0.04) (HKLM\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.04 - Adobe Systems Incorporated) Adobe Shockwave Player 12.1 (HKLM\...\Adobe Shockwave Player) (Version: 12.1.3.153 - Adobe Systems, Inc.) AIO_Scan (Version: 90.0.222.000 - Hewlett-Packard) Hidden Atheros Client Utility (HKLM\...\{16E8BF9A-B419-4A44-A020-30F8CFB84B9D}) (Version: 7.7 - Atheros) Atheros Driver Installation Program (HKLM\...\{C3A32068-8AB1-4327-BB16-BED9C6219DC7}) (Version: 7.7 - Atheros) avast! Free Antivirus (HKLM\...\avast) (Version: 9.0.2021 - AVAST Software) BufferChm (Version: 90.0.146.000 - Hewlett-Packard) Hidden C4200 (Version: 90.0.222.000 - Hewlett-Packard) Hidden C4200_doccd (Version: 90.0.222.000 - Hewlett-Packard) Hidden c4200_Help (Version: 90.0.222.000 - Hewlett-Packard) Hidden CCleaner (HKLM\...\CCleaner) (Version: 4.07 - Piriform) Cisco EAP-FAST Module (HKLM\...\{9BFD5911-93E3-42BB-BFCD-50E4BA5B8D67}) (Version: 2.2.10 - Cisco Systems, Inc.) Cisco LEAP Module (HKLM\...\{99A4344A-C723-4661-A507-D9D939480358}) (Version: 1.0.16 - Cisco Systems, Inc.) Cisco PEAP Module (HKLM\...\{CD344FA5-6657-47CD-940F-8727EED35595}) (Version: 1.1.3 - Cisco Systems, Inc.) Copy (Version: 90.0.146.000 - Hewlett-Packard) Hidden CustomerResearchQFolder (Version: 1.00.0000 - Hewlett-Packard) Hidden DAEMON Tools Lite (HKLM\...\DAEMON Tools Lite) (Version: 4.48.1.0347 - Disc Soft Ltd) Destination Component (Version: 090.000.091.086 - Hewlett-Packard) Hidden DeviceDiscovery (Version: 90.0.205.000 - Hewlett-Packard) Hidden DeviceManagementQFolder (Version: 1.00.0000 - Hewlett-Packard) Hidden DocProc (Version: 9.0.0.0 - Hewlett-Packard) Hidden DocProcQFolder (Version: 1.00.0000 - Hewlett-Packard) Hidden EAGLE 7.1.0 (HKLM\...\EAGLE 7.1.0) (Version: 7.1.0 - CadSoft Computer GmbH) eSupportQFolder (Version: 1.00.0000 - Hewlett-Packard) Hidden Game Booster 3 (HKLM\...\Game Booster_is1) (Version: 3.4 - IObit) Google Chrome (HKLM\...\Google Chrome) (Version: 38.0.2125.111 - Google Inc.) Google Update Helper (Version: 1.3.23.0 - BonanzaDeals) Hidden <==== ATTENTION GTA San Andreas (HKLM\...\{D417C96A-FCC7-4590-A1BB-FAF73F5BC98E}) (Version: 1.00.00001 - Rockstar Games) HDAUDIO Soft Data Fax Modem with SmartCP (HKLM\...\CNXT_MODEM_HDA_HSF) (Version: 7.80.2.0 - Conexant Systems) HP Customer Participation Program 9.0 (HKLM\...\HPExtendedCapabilities) (Version: 9.0 - HP) HP Imaging Device Functions 9.0 (HKLM\...\HP Imaging Device Functions) (Version: 9.0 - HP) HP OCR Software 9.0 (HKLM\...\HPOCR) (Version: 9.0 - HP) HP Photosmart All-In-One Software 9.0 (HKLM\...\{B09BCBF6-87EE-4403-A336-3A9510856535}) (Version: 9.0 - HP) HP Photosmart Essential 2.01 (HKLM\...\HP Photosmart Essential) (Version: 2.01 - HP) HP Smart Web Printing (HKLM\...\{415CDA53-9100-476F-A7B2-476691E117C7}) (Version: 2.15.7.0 - Nazwa firmy) HP Solution Center 9.0 (HKLM\...\HP Solution Center & Imaging Support Tools) (Version: 9.0 - HP) HP Update (HKLM\...\{AB40272D-92AB-4F30-B36B-22EDE16F8FE5}) (Version: 4.000.006.003 - Hewlett-Packard) HPProductAssistant (Version: 90.0.146.000 - Hewlett-Packard) Hidden HPSSupply (HKLM\...\{487B0B9B-DCD4-440D-89A0-A6EDE1A545A3}) (Version: 2.2.0.0000 - Nazwa firmy) Huawei E3272 (HKLM\...\Huawei E3272) (Version: 22.001.22.00.1202 - Huawei Technologies Co.,Ltd) Intel(R) Graphics Media Accelerator Driver (HKLM\...\HDMI) (Version: - Intel Corporation) Java 7 Update 67 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F03217067FF}) (Version: 7.0.670 - Oracle) Malwarebytes Anti-Malware wersja 2.0.3.1025 (HKLM\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.3.1025 - Malwarebytes Corporation) MarketingReg (Version: 1.00.1 - Hewlett-Packard) Hidden MarketResearch (Version: 90.0.146.000 - Hewlett-Packard) Hidden Marvell Miniport Driver (HKLM\...\{C950420B-4182-49EA-850A-A6A2ABF06C6B}) (Version: 10.51.4.3 - Marvell) Media Player Codec Pack 4.2.9 (HKLM\...\Media Player - Codec Pack) (Version: 4.2.9 - Media Player Codec Pack) Microsoft .NET Framework 1.1 (HKLM\...\Microsoft .NET Framework 1.1 (1033)) (Version: - ) Microsoft .NET Framework 1.1 Polish Language Pack (HKLM\...\{64CB2553-C109-4132-AA51-1F421B515FD1}) (Version: 1.1.4322 - Microsoft) Microsoft .NET Framework 1.1 Security Update (KB2833941) (HKLM\...\M2833941) (Version: - ) Microsoft .NET Framework 3.5 SP1 (HKLM\...\Microsoft .NET Framework 3.5 SP1) (Version: - Microsoft Corporation) Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation) Microsoft .NET Framework 4.5.1 (Polski) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1045) (Version: 4.5.50938 - Microsoft Corporation) Microsoft Office Enterprise 2007 (HKLM\...\ENTERPRISE) (Version: 12.0.4518.1014 - Microsoft Corporation) Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.20913.0 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) MOTORM4X (HKLM\...\MOTORM4X) (Version: 1.0.821.1 - ) Mozilla Firefox 33.1 (x86 pl) (HKLM\...\Mozilla Firefox 33.1 (x86 pl)) (Version: 33.1 - Mozilla) Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 29.0.1 - Mozilla) MSXML 4.0 SP2 (KB954430) (HKLM\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation) MSXML 4.0 SP2 (KB973688) (HKLM\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation) NVIDIA PhysX v8.04.25 (HKLM\...\{74224F8D-4A17-4816-9EDB-7BB854DE532C}) (Version: 8.04.25 - NVIDIA Corporation) OpenAL (HKLM\...\OpenAL) (Version: - ) Pakiet językowy programu Microsoft .NET Framework 3.5 z dodatkiem SP1 — PLK (HKLM\...\Microsoft .NET Framework 3.5 Language Pack SP1 - plk) (Version: - Microsoft Corporation) PDF Architect 2 (HKLM\...\PDF Architect 2) (Version: 2.0.24.16092 - pdfforge GmbH) PDF Architect 2 View Module (HKLM\...\{D691E998-CF53-4F6C-AC20-E4284660E0E7}) (Version: 2.1.6.19758 - pdfforge GmbH) PDFCreator (HKLM\...\{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}) (Version: 1.7.3 - pdfforge) PS_AIO_ProductContext (Version: 90.0.222.000 - Hewlett-Packard) Hidden PS_AIO_Software (Version: 90.0.222.000 - Hewlett-Packard) Hidden PS_AIO_Software_min (Version: 90.0.222.000 - Hewlett-Packard) Hidden PSSWCORE (Version: 2.01.0000 - Hewlett-Packard) Hidden Realtek 8169 8168 8101E 8102E Ethernet Driver (HKLM\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 1.00.0000 - Realtek) Realtek High Definition Audio Driver (HKLM\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: - Realtek Semiconductor Corp.) S.T.A.L.K.E.R. - Shadow of Chernobyl (HKLM\...\S.T.A.L.K.E.R. - Shadow of Chernobyl_is1) (Version: 1.0006 - GSC Game World) Scan (Version: 9.0.0.0 - Hewlett-Packard) Hidden Schematy dźwięków systemu Windows (HKLM\...\UltSounds) (Version: - Microsoft Corporation) Skype™ 6.16 (HKLM\...\{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}) (Version: 6.16.105 - Skype Technologies S.A.) SolutionCenter (Version: 90.0.146.000 - Hewlett-Packard) Hidden Status (Version: 90.0.146.000 - Hewlett-Packard) Hidden swMSM (Version: 12.0.0.1 - Adobe Systems, Inc) Hidden Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 11.2.4.0 - Synaptics) System Requirements Lab Detection (HKLM\...\{B090204E-4752-4A6F-8671-9527F4B1F312}) (Version: 2.1.1.0 - Husdawg, LLC) The Witcher Enhanced Edition (HKLM\...\{F138762F-5A1F-4CF0-A5E1-1588EF6088A4}) (Version: 1.00.0000 - CD Projekt Red) Toolbox (Version: 90.0.146.000 - Hewlett-Packard) Hidden TOSHIBA Supervisor Password (HKLM\...\{401879D1-AC26-43CD-BDDE-E0D5D5608083}) (Version: 2.00.03PLV - ) TrayApp (Version: 90.0.146.000 - Hewlett-Packard) Hidden Ultimate Extras sounds from Microsoft® Tinker™ (HKLM\...\UltSounds2) (Version: - Microsoft Corporation) UnloadSupport (Version: 9.0.0 - Hewlett-Packard) Hidden VideoToolkit01 (Version: 90.0.146.000 - Hewlett-Packard) Hidden VLC media player (HKLM\...\VLC media player) (Version: 2.1.5 - VideoLAN) WebReg (Version: 90.0.146.000 - Hewlett-Packard) Hidden WinZipper (HKLM\...\WinZipper) (Version: 1.5.29 - Taiwan Shui Mu Chih Ching Technology Limited.) <==== ATTENTION Wise Disk Cleaner 7.99 (HKLM\...\Wise Disk Cleaner_is1) (Version: 7.99 - WiseCleaner.com, Inc.) ==================== Custom CLSID (selected items): ========================== (If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.) CustomCLSID: HKU\S-1-5-21-2720886539-1331735733-2511516463-1000_Classes\CLSID\{444785F1-DE89-4295-863A-D46C3A781394}\InprocServer32 -> C:\Users\Sławek\AppData\LocalLow\Unity\WebPlayer\loader\UnityWebPluginAX.ocx (Unity Technologies ApS) CustomCLSID: HKU\S-1-5-21-2720886539-1331735733-2511516463-1000_Classes\CLSID\{9000834c-c6c7-43ac-b8ee-dc9668f39a81}\localserver32 -> C:\Users\SAWEK~1\AppData\Local\Temp\{91814ec0-b5f0-11d2-80b9-00104b1f6cea}\IDriver.NonElevated.exe N (the data entry has 6 more characters). ==================== Restore Points ========================= 15-11-2014 18:01:13 Removed Marvell Miniport Driver 15-11-2014 18:07:31 Removed GTA San Andreas 15-11-2014 18:09:04 Installed GTA San Andreas 15-11-2014 18:34:26 Zainstalowane REALTEK GbE & FE Ethernet PCI-E NIC Driver 15-11-2014 18:35:05 Instalacja pakietu sterownika urządzenia: Realtek Semiconductor Corp. Karty sieciowe 15-11-2014 19:01:47 Zainstalowane REALTEK RTL8187B Wireless LAN Driver 15-11-2014 19:02:09 Instalacja pakietu sterownika urządzenia: Realtek Semiconductor Corp. Karty sieciowe 15-11-2014 19:02:56 Zainstalowane Realtek 8169, 8168, 8101E and 8102E Ethernet Netwoî­4 15-11-2014 19:03:26 Instalacja pakietu sterownika urządzenia: Realtek Karty sieciowe 15-11-2014 19:18:13 Zainstalowane Atheros Driver Installation Program 15-11-2014 19:19:29 Instalacja pakietu sterownika urządzenia: Atheros Communications Inc. Karty sieciowe 15-11-2014 19:25:22 Zainstalowane REALTEK RTL8187B Wireless LAN Driver 15-11-2014 19:25:55 Instalacja pakietu sterownika urządzenia: Realtek Semiconductor Corp. Karty sieciowe 15-11-2014 19:43:29 Zainstalowane REALTEK RTL8187B Wireless LAN Driver 15-11-2014 20:22:43 Zainstalowane Realtek 8169, 8168, 8101E and 8102E Ethernet NetwoLD 16-11-2014 09:26:04 Operacja przywracania 16-11-2014 09:51:13 Instalacja pakietu sterownika urządzenia: Atheros Communications Inc. Karty sieciowe ==================== Hosts content: ========================== (If needed Hosts: directive could be included in the fixlist to reset Hosts.) 2006-11-02 11:23 - 2006-09-18 22:41 - 00000761 ____A C:\Windows\system32\Drivers\etc\hosts 127.0.0.1 localhost ::1 localhost ==================== Scheduled Tasks (whitelisted) ============= (If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.) Task: {12902C28-561A-41A0-81EC-D4D830CB4D37} - \SaveSenseLiveUpdateTaskMachineCore No Task File <==== ATTENTION Task: {2230D236-8880-48E2-ADCF-45C09CBCBD78} - \7a781de1-3377-41d3-b84f-61fedd171008-4 No Task File <==== ATTENTION Task: {507F6EF4-70A2-4341-BEFA-3AA33A1D25BD} - System32\Tasks\Windows Updater => C:\Users\Sławek\AppData\Roaming\Oxy\Updater.exe [2014-06-16] () <==== ATTENTION Task: {548A8A6D-819E-41F8-A274-17FCFD1DCDE7} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2013-12-12] (Google Inc.) Task: {551B0ABB-D1B7-4DBD-89A9-9C9AC1E03D30} - \globalUpdateUpdateTaskMachineUA No Task File <==== ATTENTION Task: {55B26115-8E45-4A77-BCCB-53F5D7CBDB92} - \7a781de1-3377-41d3-b84f-61fedd171008-3 No Task File <==== ATTENTION Task: {5E82D0E9-A053-480E-8C26-F2AFCF04CE9F} - System32\Tasks\Microsoft\Windows\Customer Experience Improvement Program\VistaSP1CEIP => C:\Windows\servicing\vsp1ceip.exe [2008-01-18] (Microsoft Corporation) Task: {6D1E311B-B1D6-48D1-96B3-E8370027C727} - System32\Tasks\Game_Booster_AutoUpdate => C:\Program Files\IObit\Game Booster 3\AutoUpdate.exe [2014-04-12] () Task: {78E6367F-A758-4C60-A986-06776D565F76} - \7a781de1-3377-41d3-b84f-61fedd171008-1 No Task File <==== ATTENTION Task: {89AF4914-0ADB-4BEC-9406-AA0B4AE49A32} - System32\Tasks\Opera D5 => C:\Program Files\Opera\launcher.exe Task: {8B05BEDB-DE9E-4DA9-89EA-98C0C00AAED1} - \7a781de1-3377-41d3-b84f-61fedd171008-11 No Task File <==== ATTENTION Task: {8D3E9B97-AB30-4725-99DA-628A5F26F56C} - \7a781de1-3377-41d3-b84f-61fedd171008-5 No Task File <==== ATTENTION Task: {903A5918-FFEA-4317-9058-8C1F3C18E7F8} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2014-08-01] (AVAST Software) Task: {96BD9A69-742A-46FC-AFDE-7A37956EFDEB} - \SaveSense No Task File <==== ATTENTION Task: {A63E25E8-0078-4A14-958C-F3A921090469} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2014-11-12] (Adobe Systems Incorporated) Task: {A956FA93-343D-47C5-9467-DCBD75395700} - System32\Tasks\LuckyTab => C:\Program Files\LuckyTab\LuckyTab.exe [2014-11-02] (http://lucky-tab.com/) <==== ATTENTION Task: {B52744BF-6CC4-48ED-9326-93E653F0CAB2} - System32\Tasks\PileFile reminder => C:\Users\SAWEK~1\AppData\Local\Temp\install.exeDownload_66A5\install.exe_Downloader.exe <==== ATTENTION Task: {BC0DB3D8-87B4-4AB5-B9AF-50EA0A7A97DF} - System32\Tasks\Oxy => C:\Users\Sławek\AppData\Roaming\Oxy\Updater.exe [2014-06-16] () <==== ATTENTION Task: {C0206D6A-C726-480A-A80B-9E45299D4A64} - \7a781de1-3377-41d3-b84f-61fedd171008-6 No Task File <==== ATTENTION Task: {C3C78A75-D0D0-4579-8A39-FE8F6D521E0A} - \7a781de1-3377-41d3-b84f-61fedd171008-7 No Task File <==== ATTENTION Task: {D1BD05D2-6DA5-41DC-8D23-358A73734C97} - \SaveSenseLiveUpdateTaskMachineUA No Task File <==== ATTENTION Task: {D4DD5587-BC7F-4104-A0A8-56B0C218EFBE} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2013-12-12] (Google Inc.) Task: {DB8A769B-DBC6-4830-B78A-EC771F7C5070} - \9c58613a-4d4c-4bc2-b8c7-d8e2c5bfff38 No Task File <==== ATTENTION Task: {E44A11E3-2F0D-4D12-8231-5D6A804C277A} - \globalUpdateUpdateTaskMachineCore No Task File <==== ATTENTION Task: {FD037D97-BC83-41F0-B6EF-6E278AB072C7} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2013-10-22] (Piriform Ltd) Task: {FEB67D06-DBBA-48FD-B2E7-B609A3AB7767} - System32\Tasks\PileFile logon => C:\Users\SAWEK~1\AppData\Local\Temp\install.exeDownload_66A5\install.exe_Downloader.exe <==== ATTENTION (If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.) Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\SaveSense.job => C:\Users\SAWEK~1\AppData\Roaming\SAVESE~1\UPDATE~1\UPDATE~1.EXE <==== ATTENTION ==================== Loaded Modules (whitelisted) ============= 2013-08-27 10:34 - 2014-08-01 15:16 - 00301152 _____ () C:\Program Files\AVAST Software\Avast\aswProperty.dll 2014-11-15 18:54 - 2014-11-15 18:54 - 02903040 _____ () C:\Program Files\AVAST Software\Avast\defs\14111501\algo.dll 2014-02-26 19:52 - 2014-02-26 19:52 - 00612496 _____ () C:\Program Files\WinZipper\sqlite3.dll 2014-08-07 21:50 - 2013-12-03 07:09 - 00240720 _____ () C:\ProgramData\MobileBrServ\mbbservice.exe 2014-10-30 00:25 - 2014-11-16 11:30 - 00123680 _____ () C:\ProgramData\421e43cc-ed79-4e60-91b6-5efd8c307dd0\maintainer.exe 2014-08-09 20:39 - 2014-11-15 17:19 - 00526112 _____ () C:\Program Files\WebSpades\updateWebSpades.exe 2014-11-10 14:10 - 2014-11-15 17:20 - 00526112 _____ () C:\Program Files\WebSpades\bin\utilWebSpades.exe 2013-12-12 20:43 - 2014-08-01 15:16 - 19329904 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll 2014-11-10 18:33 - 2014-11-10 18:33 - 03649648 _____ () C:\Program Files\Mozilla Firefox\mozjs.dll ==================== Alternate Data Streams (whitelisted) ========= (If an entry is included in the fixlist, only the Alternate Data Streams will be removed.) AlternateDataStreams: C:\ProgramData\TEMP:6387AA6C AlternateDataStreams: C:\ProgramData\TEMP:85AA7074 ==================== Safe Mode (whitelisted) =================== (If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.) ==================== EXE Association (whitelisted) ============= (If an entry is included in the fixlist, the default will be restored. None default entries will be removed.) ==================== MSCONFIG/TASK MANAGER disabled items ========= (Currently there is no automatic fix for this section.) MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^CodecPackUpdateChecker.lnk => C:\Windows\pss\CodecPackUpdateChecker.lnk.CommonStartup MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^HP Digital Imaging Monitor.lnk => C:\Windows\pss\HP Digital Imaging Monitor.lnk.CommonStartup MSCONFIG\startupfolder: C:^Users^Sławek^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^PowerReg Scheduler.exe => C:\Windows\pss\PowerReg Scheduler.exe.Startup MSCONFIG\startupfolder: C:^Users^Sławek^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Tworzenie wycinków ekranu i uruchamianie programu OneNote 2007.lnk => C:\Windows\pss\Tworzenie wycinków ekranu i uruchamianie programu OneNote 2007.lnk.Startup MSCONFIG\startupreg: Adobe ARM => "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" MSCONFIG\startupreg: ALLUpdate => "C:\Program Files\ALLPlayer\ALLUpdate.exe" "sleep" MSCONFIG\startupreg: BEWINTERNET-PLSessionManager => "C:\Program Files\OrangeBS\BEWInternet-PL\SessionManager\SessionManager.exe" MSCONFIG\startupreg: DAEMON Tools Lite => "C:\Program Files\DAEMON Tools Lite\DTLite.exe" -autorun MSCONFIG\startupreg: mobilegeni daemon => C:\Program Files\Mobogenie\DaemonProcess.exe MSCONFIG\startupreg: NextLive => C:\Windows\system32\rundll32.exe "C:\Users\Sławek\AppData\Roaming\newnext.me\nengine.dll",EntryPoint -m l MSCONFIG\startupreg: SunJavaUpdateSched => "C:\Program Files\Common Files\Java\Java Update\jusched.exe" MSCONFIG\startupreg: SynTPEnh => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe MSCONFIG\startupreg: Torntv Downloader => C:\Program Files\TornTV.com\Torntv Downloader.exe /c=startup MSCONFIG\startupreg: uTorrent => "C:\Users\Sławek\AppData\Roaming\uTorrent\uTorrent.exe" /MINIMIZED ========================= Accounts: ========================== Administrator (S-1-5-21-2720886539-1331735733-2511516463-500 - Administrator - Disabled) ASPNET (S-1-5-21-2720886539-1331735733-2511516463-1181 - Limited - Enabled) Gość (S-1-5-21-2720886539-1331735733-2511516463-501 - Limited - Disabled) Sławek (S-1-5-21-2720886539-1331735733-2511516463-1000 - Administrator - Enabled) => C:\Users\Sławek ==================== Faulty Device Manager Devices ============= ==================== Event log errors: ========================= Application errors: ================== Error: (11/16/2014 10:37:14 AM) (Source: MsiInstaller) (EventID: 11316) (User: ZARZĄDZANIE NT) Description: Product: Google Update Helper -- Error 1316. Określone konto już istnieje. Error: (11/16/2014 10:29:35 AM) (Source: Microsoft-Windows-SpoolerSpoolss) (EventID: 1033) (User: ZARZĄDZANIE NT) Description: 0x80070006 Error: (11/16/2014 10:19:13 AM) (Source: Microsoft-Windows-SpoolerSpoolss) (EventID: 1033) (User: ZARZĄDZANIE NT) Description: 0x80070006 Error: (11/15/2014 10:37:04 PM) (Source: MsiInstaller) (EventID: 11316) (User: ZARZĄDZANIE NT) Description: Product: Google Update Helper -- Error 1316. Określone konto już istnieje. Error: (11/15/2014 10:34:38 PM) (Source: Perflib) (EventID: 1010) (User: ) Description: EmdCacheC:\Windows\system32\emdmgmt.dll4 Error: (11/15/2014 10:01:38 PM) (Source: Microsoft-Windows-SpoolerSpoolss) (EventID: 1033) (User: ZARZĄDZANIE NT) Description: 0x80070006 Error: (11/15/2014 09:22:43 PM) (Source: VSS) (EventID: 8194) (User: ) Description: Błąd Usługi kopiowania woluminów w tle: nieoczekiwany błąd podczas szukania interfejsu IVssWriterCallback. hr = 0x80070005. To jest często spowodowane przez niepoprawne ustawienia zabezpieczeń w procesie zapisującym lub żądającym. Operacja: Zbieranie danych modułu zapisującego Kontekst: Identyfikator klasy modułu zapisującego: {e8132975-6f93-4464-a53e-1050253ae220} Nazwa modułu zapisującego: System Writer Identyfikator wystąpienia modułu zapisującego: {a915a8d7-66d8-4849-9f00-cfafce3026ad} Error: (11/15/2014 08:43:26 PM) (Source: VSS) (EventID: 8194) (User: ) Description: Błąd Usługi kopiowania woluminów w tle: nieoczekiwany błąd podczas szukania interfejsu IVssWriterCallback. hr = 0x80070005. To jest często spowodowane przez niepoprawne ustawienia zabezpieczeń w procesie zapisującym lub żądającym. Operacja: Zbieranie danych modułu zapisującego Kontekst: Identyfikator klasy modułu zapisującego: {e8132975-6f93-4464-a53e-1050253ae220} Nazwa modułu zapisującego: System Writer Identyfikator wystąpienia modułu zapisującego: {a915a8d7-66d8-4849-9f00-cfafce3026ad} Error: (11/15/2014 08:37:14 PM) (Source: MsiInstaller) (EventID: 11316) (User: ZARZĄDZANIE NT) Description: Product: Google Update Helper -- Error 1316. Określone konto już istnieje. Error: (11/15/2014 08:34:24 PM) (Source: Microsoft-Windows-SpoolerSpoolss) (EventID: 1033) (User: ZARZĄDZANIE NT) Description: 0x80070006 System errors: ============= Error: (11/16/2014 11:21:38 AM) (Source: Dhcp) (EventID: 1002) (User: ) Description: Serwer DHCP 192.168.0.1 odmówił dzierżawy adresu IP 192.168.43.167 dla karty sieciowej o adresie 0024D2C01D95. (Serwer DHCP wysłał komunikat DHCPNACK). Error: (11/16/2014 10:35:44 AM) (Source: Service Control Manager) (EventID: 7022) (User: ) Description: Windows Update Error: (11/16/2014 10:18:55 AM) (Source: EventLog) (EventID: 6008) (User: ) Description: Poprzednie zamknięcie systemu przy 22:54:28 na 2014-11-15 było nieoczekiwane. Error: (11/15/2014 10:01:20 PM) (Source: EventLog) (EventID: 6008) (User: ) Description: Poprzednie zamknięcie systemu przy 21:27:39 na 2014-11-15 było nieoczekiwane. Error: (11/15/2014 09:28:05 PM) (Source: Dhcp) (EventID: 1002) (User: ) Description: Serwer DHCP 192.168.2.1 odmówił dzierżawy adresu IP 192.168.43.167 dla karty sieciowej o adresie 0024D2C01D95. (Serwer DHCP wysłał komunikat DHCPNACK). Error: (11/15/2014 08:13:52 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: avast! HardwareID%%646 Error: (11/15/2014 08:13:52 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: avast! HardwareID%%646 Error: (11/15/2014 08:13:52 PM) (Source: Service Control Manager) (EventID: 7026) (User: ) Description: aswRvrt aswSnx aswTdi aswVmm spldr Error: (11/15/2014 08:13:52 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: avast! HardwareID%%646 Error: (11/15/2014 08:13:52 PM) (Source: Service Control Manager) (EventID: 7023) (User: ) Description: Licencjonowanie oprogramowania%%2147942402 Microsoft Office Sessions: ========================= Error: (08/29/2014 08:44:19 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: ) Description: ID: 3, Application Name: Microsoft Office PowerPoint, Application Version: 12.0.4518.1014, Microsoft Office Version: 12.0.4518.1014. This session lasted 3043 seconds with 2220 seconds of active time. This session ended with a crash. Error: (12/08/2013 03:55:31 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: ) Description: ID: 3, Application Name: Microsoft Office PowerPoint, Application Version: 12.0.4518.1014, Microsoft Office Version: 12.0.4518.1014. This session lasted 7868 seconds with 1500 seconds of active time. This session ended with a crash. CodeIntegrity Errors: =================================== Date: 2014-11-16 11:32:15.756 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\mwac.sys because the set of per-page image hashes could not be found on the system. Date: 2014-11-16 11:32:15.333 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\mwac.sys because the set of per-page image hashes could not be found on the system. Date: 2014-11-16 11:32:14.915 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\mwac.sys because the set of per-page image hashes could not be found on the system. Date: 2014-11-16 11:32:14.273 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\mwac.sys because the set of per-page image hashes could not be found on the system. Date: 2014-11-16 11:32:13.279 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\mbamchameleon.sys because the set of per-page image hashes could not be found on the system. Date: 2014-11-16 11:32:12.706 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\mbamchameleon.sys because the set of per-page image hashes could not be found on the system. Date: 2014-11-16 11:32:12.245 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\mbamchameleon.sys because the set of per-page image hashes could not be found on the system. Date: 2014-11-16 11:32:11.386 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\mbamchameleon.sys because the set of per-page image hashes could not be found on the system. Date: 2014-11-16 11:10:20.892 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\mwac.sys because the set of per-page image hashes could not be found on the system. Date: 2014-11-16 11:10:20.377 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\mwac.sys because the set of per-page image hashes could not be found on the system. ==================== Memory info =========================== Processor: Intel(R) Celeron(R) CPU 900 @ 2.20GHz Percentage of memory in use: 64% Total physical RAM: 1915.26 MB Available physical RAM: 682.35 MB Total Pagefile: 4077.78 MB Available Pagefile: 2825.97 MB Total Virtual: 2047.88 MB Available Virtual: 1887.49 MB ==================== Drives ================================ Drive c: () (Fixed) (Total:116.29 GB) (Free:18.05 GB) NTFS ==>[Drive with boot components (obtained from BCD)] Drive d: (Data) (Fixed) (Total:115.13 GB) (Free:12.45 GB) NTFS Drive h: () (Removable) (Total:7.28 GB) (Free:7.11 GB) NTFS ==================== MBR & Partition Table ================== ======================================================== Disk: 0 (MBR Code: Windows 7 or Vista) (Size: 232.9 GB) (Disk ID: BE7F7C75) Partition 1: (Not Active) - (Size=1.5 GB) - (Type=27) Partition 2: (Active) - (Size=116.3 GB) - (Type=07 NTFS) Partition 3: (Not Active) - (Size=115.1 GB) - (Type=07 NTFS) ======================================================== Disk: 1 (Size: 7.3 GB) (Disk ID: 6B732052) No partition Table on disk 1. ==================== End Of Log ============================