Additional scan result of Farbar Recovery Scan Tool (x86) Version: 16-11-2014 03 Ran by Krzych at 2014-11-18 17:46:17 Running from P:\ Boot Mode: Normal ========================================================== ==================== Security Center ======================== (If an entry is included in the fixlist, it will be removed.) AV: avast! Antivirus (Disabled - Up to date) {7591DB91-41F0-48A3-B128-1A293FD8233D} ==================== Installed Programs ====================== (Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.) Adobe Flash Player 15 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 15.0.0.223 - Adobe Systems Incorporated) Adobe Flash Player 15 Plugin (HKLM\...\Adobe Flash Player Plugin) (Version: 15.0.0.223 - Adobe Systems Incorporated) Adobe Reader 9.5.5 - Polish (HKLM\...\{AC76BA86-7AD7-1045-7B44-A95000000001}) (Version: 9.5.5 - Adobe Systems Incorporated) Advanced Audio FX Engine (HKLM\...\Advanced Audio FX Engine) (Version: 1.12.05 - Creative Technology Ltd) ATI Catalyst Control Center (HKLM\...\{055EE59D-217B-43A7-ABFF-507B966405D8}) (Version: 2.010.0210.2338 - ) ATI Display Driver (HKLM\...\ATI Display Driver) (Version: 8.593.100-100210a-095952E-ATI - ) ATI HYDRAVISION (HKLM\...\{083F79E4-6FE9-46FB-A6C6-4F8862742947}) (Version: 3.25.9006 - ) ATI Parental Control & Encoder (Version: 3.0 - Nazwa firmy) Hidden ATI Problem Report Wizard (HKLM\...\{5DA6F06A-B389-407B-BF8C-1548767914D8}) (Version: 8.10 - ATI Technologies) avast! Free Antivirus (HKLM\...\avast) (Version: 9.0.2021 - AVAST Software) AVerTV (HKLM\...\InstallShield_{8DF56C91-281F-4C15-B954-F45FDC919568}) (Version: 5.3.0000 - Nazwa firmy) AVIVO (Version: 9.14.0.60504 - ATI Technologies Inc.) Hidden ccc-core-preinstall (Version: 2010.0210.2339.42455 - ATI) Hidden ccc-core-static (Version: 2010.0210.2339.42455 - ATI) Hidden CCleaner (HKLM\...\CCleaner) (Version: 4.19 - Piriform) CodeVisionAVR V1.25.5 (HKLM\...\CodeVisionAVR C Compiler_is1) (Version: - ) Informacje o systemie Creative (HKLM\...\SysInfo) (Version: 1.10 - Creative Technology Limited) Live! Cam Avatar Creator (HKLM\...\{65D0C510-D7B6-4438-9FC8-E6B91115AB0D}) (Version: 4.6.4016.1 - Creative Technology Ltd) Microsoft .NET Framework 2.0 (HKLM\...\Microsoft .NET Framework 2.0) (Version: - Microsoft Corporation) Microsoft Office Professional Edition 2003 (HKLM\...\{90110415-6000-11D3-8CFE-0150048383C9}) (Version: 11.0.5614.0 - Microsoft Corporation) Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.20125.0 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM\...\{A49F249F-0C91-497F-86DF-B2585E8E76B7}) (Version: 8.0.50727.42 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) MouScreen 2.01 (HKLM\...\MouScreen 2.01) (Version: - ) Mozilla Firefox 33.0.3 (x86 pl) (HKLM\...\Mozilla Firefox 33.0.3 (x86 pl)) (Version: 33.0.3 - Mozilla) Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 33.0.3 - Mozilla) MSXML 4.0 SP2 Parser und SDK (HKLM\...\{716E0306-8318-4364-8B8F-0CC4E9376BAC}) (Version: 4.20.9818.0 - Microsoft Corporation) Narzędzie Software Uninstall Utility firmy ATI (HKLM\...\All ATI Software) (Version: 6.14.10.1022 - ) NVIDIA nForce Drivers (HKLM\...\NVIDIA nForce Drivers) (Version: - ) PITy 2010 dla Windows kompilacja:1.2.6.20 (HKLM\...\PITy 2010_is1) (Version: - IPS Przedsiębiorstwo Informatyczne) PITy 2011 dla Windows kompilacja:1.3.3.2 (HKLM\...\PITy 2011_is1) (Version: - IPS Przedsiębiorstwo Informatyczne) RealDownloader (Version: 1.3.0 - RealNetworks, Inc.) Hidden RealNetworks - Microsoft Visual C++ 2008 Runtime (Version: 9.0 - RealNetworks, Inc) Hidden RealNetworks - Microsoft Visual C++ 2010 Runtime (Version: 10.0 - RealNetworks, Inc) Hidden RealPlayer (HKLM\...\RealPlayer 16.0) (Version: 16.0.0 - RealNetworks) RealUpgrade 1.1 (Version: 1.1.0 - RealNetworks, Inc.) Hidden RMFon (HKLM\...\{9A958D2C-4D3D-44CD-8834-AFB85F5C4467}_is1) (Version: 1.2 - Radio Muzyka Fakty sp. z o.o.) Skins (Version: 2010.0210.2339.42455 - ATI) Hidden Skype™ 6.21 (HKLM\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 6.21.104 - Skype Technologies S.A.) TeamViewer 7 (HKLM\...\TeamViewer 7) (Version: 7.0.12299 - TeamViewer) TV (Version: 5.3.0000 - Nazwa firmy) Hidden WebFldrs XP (Version: 9.50.7523 - Microsoft Corporation) Hidden WibuKey Setup (WibuKey Remove) (HKLM\...\{00060000-0000-1004-8002-0000C06B5161}) (Version: Version 6.00a of 2009-Dec-03 (Build 129) (Setup) - WIBU-SYSTEMS AG) Windows Internet Explorer 8 (HKLM\...\ie8) (Version: 20090308.140743 - Microsoft Corporation) Windows Media Format Runtime (HKLM\...\Windows Media Format Runtime) (Version: - ) Windows Media Player 10 (HKLM\...\Windows Media Player) (Version: - ) Windows XP Service Pack 3 (HKLM\...\Windows XP Service Pack) (Version: 20080414.175805 - Microsoft Corporation) WSCAD55_PL (Version: 5.5 - WSCAD electronic GmbH) Hidden XP Codec Pack (HKLM\...\XP Codec Pack) (Version: 2.5.3 - XP Codec Pack team) ==================== Custom CLSID (selected items): ========================== (If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.) CustomCLSID: HKU\S-1-5-21-507921405-1078081533-725345543-1003_Classes\CLSID\{010833F3-751A-402F-9FCC-C365B6A12E41}\localserver32 -> E:\Programy\BESTplayer.exe (Karol Winnicki) ==================== Restore Points ========================= 14-11-2014 13:01:14 Punkt kontrolny systemu 16-11-2014 21:11:13 Punkt kontrolny systemu ==================== Hosts content: ========================== (If needed Hosts: directive could be included in the fixlist to reset Hosts.) 2001-10-26 14:45 - 2001-10-26 14:45 - 00000742 ____A C:\WINDOWS\system32\Drivers\etc\hosts 127.0.0.1 localhost ==================== Scheduled Tasks (whitelisted) ============= (If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.) Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe Task: C:\WINDOWS\Tasks\avast! Emergency Update.job => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe Task: C:\WINDOWS\Tasks\RealDownloaderDownloaderScheduledTaskS-1-5-21-507921405-1078081533-725345543-1003.job => C:\Program Files\RealNetworks\RealDownloader\recordingmanager.exe Task: C:\WINDOWS\Tasks\RealDownloaderRealUpgradeLogonTaskS-1-5-21-507921405-1078081533-725345543-1003.job => C:\Program Files\RealNetworks\RealDownloader\realupgrade.exe Task: C:\WINDOWS\Tasks\RealDownloaderRealUpgradeScheduledTaskS-1-5-21-507921405-1078081533-725345543-1003.job => C:\Program Files\RealNetworks\RealDownloader\realupgrade.exe Task: C:\WINDOWS\Tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-507921405-1078081533-725345543-1003.job => C:\Program Files\Real\RealUpgrade\realupgrade.exe Task: C:\WINDOWS\Tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-507921405-1078081533-725345543-1003.job => C:\Program Files\Real\RealUpgrade\realupgrade.exe Task: C:\WINDOWS\Tasks\ReclaimerUpdateFiles_Krzych.job => C:\Documents and Settings\Krzych\Dane aplikacji\Real\Update\UpgradeHelper\RealPlayer\11.02\agent\rnupgagent.exe Task: C:\WINDOWS\Tasks\ReclaimerUpdateXML_Krzych.job => C:\Documents and Settings\Krzych\Dane aplikacji\Real\Update\UpgradeHelper\RealPlayer\11.02\agent\rnupgagent.exe Task: C:\WINDOWS\Tasks\RNUpgradeHelperLogonPrompt_Krzych.job => C:\Documents and Settings\Krzych\Dane aplikacji\Real\Update\UpgradeHelper\RealPlayer\11.02\agent\rnupgagent.exe ==================== Loaded Modules (whitelisted) ============= 2011-12-10 12:11 - 2014-08-02 07:04 - 00301152 _____ () C:\Program Files\AVAST Software\Avast\aswProperty.dll 2014-11-16 20:53 - 2014-11-16 20:53 - 02903040 _____ () C:\Program Files\AVAST Software\Avast\defs\14111601\algo.dll 2012-11-29 20:31 - 2012-11-29 20:31 - 00038608 _____ () C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe 2009-02-27 19:04 - 2009-02-27 19:04 - 00311296 _____ () C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\PDFShell.POL 2002-01-01 00:11 - 2014-08-02 07:04 - 19329904 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll 2014-10-23 20:19 - 2014-10-23 20:19 - 00057344 _____ () C:\Program Files\CCleaner\lang\lang-1045.dll 2004-08-03 23:44 - 2008-04-14 22:50 - 00014336 _____ () C:\WINDOWS\system32\msdmo.dll 2012-10-07 11:07 - 2012-10-07 11:07 - 00014848 _____ () C:\WINDOWS\assembly\GAC_MSIL\AxInterop.WBOCXLib\1.0.0.0__90ba9c70f846762e\AxInterop.WBOCXLib.dll 2007-01-31 20:55 - 2007-01-31 20:55 - 00102400 _____ () C:\Program Files\Common Files\ATI Technologies\Multimedia\atixcode.dll 2009-11-24 12:36 - 2009-11-24 12:36 - 00016384 ____R () C:\Program Files\ATI Technologies\ATI.ACE\Branding\Branding.dll ==================== Alternate Data Streams (whitelisted) ========= (If an entry is included in the fixlist, only the Alternate Data Streams will be removed.) ==================== Safe Mode (whitelisted) =================== (If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.) ==================== EXE Association (whitelisted) ============= (If an entry is included in the fixlist, the default will be restored. None default entries will be removed.) ==================== MSCONFIG/TASK MANAGER disabled items ========= (Currently there is no automatic fix for this section.) ========================= Accounts: ========================== Administrator (S-1-5-21-507921405-1078081533-725345543-500 - Administrator - Enabled) Gabi (S-1-5-21-507921405-1078081533-725345543-1004 - Administrator - Enabled) => %SystemDrive%\Documents and Settings\Gabi Gość (S-1-5-21-507921405-1078081533-725345543-501 - Limited - Enabled) Krzych (S-1-5-21-507921405-1078081533-725345543-1003 - Administrator - Enabled) => %SystemDrive%\Documents and Settings\Krzych Pomocnik (S-1-5-21-507921405-1078081533-725345543-1000 - Limited - Disabled) SUPPORT_388945a0 (S-1-5-21-507921405-1078081533-725345543-1002 - Limited - Disabled) ==================== Faulty Device Manager Devices ============= ==================== Event log errors: ========================= Application errors: ================== Error: (11/17/2014 07:18:01 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Aplikacja powodująca błąd m57g1hli.exe, wersja 2.1.19163.0, moduł powodujący błąd m57g1hli.exe, wersja 2.1.19163.0, adres błędu 0x00012288. Przetwarzanie zdarzenia określonego nośnika dla [m57g1hli.exe!ws!] Error: (11/17/2014 05:53:42 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Aplikacja powodująca błąd diqn0wo4.exe, wersja 2.1.19357.0, moduł powodujący błąd diqn0wo4.exe, wersja 2.1.19357.0, adres błędu 0x00012298. Przetwarzanie zdarzenia określonego nośnika dla [diqn0wo4.exe!ws!] Error: (11/14/2014 01:26:57 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Aplikacja powodująca błąd iexplore.exe, wersja 8.0.6001.18702, moduł powodujący błąd mshtml.dll, wersja 8.0.6001.18702, adres błędu 0x00265067. Przetwarzanie zdarzenia określonego nośnika dla [iexplore.exe!ws!] Error: (11/14/2014 01:19:14 PM) (Source: crypt32) (EventID: 11) (User: ) Description: Nie można wyodrębnić głównej listy innych firm z pliku cab automatycznej aktualizacji z: , wystąpił błąd: Wymagany certyfikat jest poza okresem ważności, co wynika z weryfikacji bieżącego zegara systemowego lub sygnatury czasowej. Error: (11/14/2014 01:19:13 PM) (Source: crypt32) (EventID: 11) (User: ) Description: Nie można wyodrębnić głównej listy innych firm z pliku cab automatycznej aktualizacji z: , wystąpił błąd: Wymagany certyfikat jest poza okresem ważności, co wynika z weryfikacji bieżącego zegara systemowego lub sygnatury czasowej. Error: (11/10/2014 09:36:17 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Aplikacja powodująca błąd 12ae97cd_stp.exe, wersja 24.0.1558.66, moduł powodujący błąd 12ae97cd_stp.exe, wersja 24.0.1558.66, adres błędu 0x00018894. Przetwarzanie zdarzenia określonego nośnika dla [12ae97cd_stp.exe!ws!] Error: (11/10/2014 08:41:37 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Aplikacja powodująca błąd iexplore.exe, wersja 8.0.6001.18702, moduł powodujący błąd mshtml.dll, wersja 8.0.6001.18702, adres błędu 0x0020fbd7. Przetwarzanie zdarzenia określonego nośnika dla [iexplore.exe!ws!] Error: (11/10/2014 08:41:18 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Aplikacja powodująca błąd iexplore.exe, wersja 8.0.6001.18702, moduł powodujący błąd mshtml.dll, wersja 8.0.6001.18702, adres błędu 0x0020fbd7. Przetwarzanie zdarzenia określonego nośnika dla [iexplore.exe!ws!] Error: (11/10/2014 08:40:59 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Aplikacja powodująca błąd iexplore.exe, wersja 8.0.6001.18702, moduł powodujący błąd mshtml.dll, wersja 8.0.6001.18702, adres błędu 0x0020fbd7. Przetwarzanie zdarzenia określonego nośnika dla [iexplore.exe!ws!] Error: (11/10/2014 08:40:42 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Aplikacja powodująca błąd iexplore.exe, wersja 8.0.6001.18702, moduł powodujący błąd mshtml.dll, wersja 8.0.6001.18702, adres błędu 0x0020fbd7. Przetwarzanie zdarzenia określonego nośnika dla [iexplore.exe!ws!] System errors: ============= Error: (11/18/2014 05:46:27 PM) (Source: 0) (EventID: 7) (User: ) Description: \Device\Harddisk2\D Error: (11/18/2014 05:46:25 PM) (Source: 0) (EventID: 7) (User: ) Description: \Device\Harddisk2\D Error: (11/18/2014 05:46:23 PM) (Source: 0) (EventID: 55) (User: ) Description: K: Error: (11/18/2014 05:45:27 PM) (Source: 0) (EventID: 7) (User: ) Description: \Device\Harddisk2\D Error: (11/18/2014 05:45:25 PM) (Source: 0) (EventID: 7) (User: ) Description: \Device\Harddisk2\D Error: (11/18/2014 05:45:23 PM) (Source: 0) (EventID: 55) (User: ) Description: K: Error: (11/18/2014 05:44:27 PM) (Source: 0) (EventID: 7) (User: ) Description: \Device\Harddisk2\D Error: (11/18/2014 05:44:25 PM) (Source: 0) (EventID: 7) (User: ) Description: \Device\Harddisk2\D Error: (11/18/2014 05:44:22 PM) (Source: 0) (EventID: 55) (User: ) Description: K: Error: (11/18/2014 05:43:27 PM) (Source: 0) (EventID: 7) (User: ) Description: \Device\Harddisk2\D Microsoft Office Sessions: ========================= Error: (11/17/2014 07:18:01 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: m57g1hli.exe2.1.19163.0m57g1hli.exe2.1.19163.000012288 Error: (11/17/2014 05:53:42 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: diqn0wo4.exe2.1.19357.0diqn0wo4.exe2.1.19357.000012298 Error: (11/14/2014 01:26:57 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: iexplore.exe8.0.6001.18702mshtml.dll8.0.6001.1870200265067 Error: (11/14/2014 01:19:14 PM) (Source: crypt32) (EventID: 11) (User: ) Description: http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cabWymagany certyfikat jest poza okresem ważności, co wynika z weryfikacji bieżącego zegara systemowego lub sygnatury czasowej. Error: (11/14/2014 01:19:13 PM) (Source: crypt32) (EventID: 11) (User: ) Description: http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cabWymagany certyfikat jest poza okresem ważności, co wynika z weryfikacji bieżącego zegara systemowego lub sygnatury czasowej. Error: (11/10/2014 09:36:17 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: 12ae97cd_stp.exe24.0.1558.6612ae97cd_stp.exe24.0.1558.6600018894 Error: (11/10/2014 08:41:37 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: iexplore.exe8.0.6001.18702mshtml.dll8.0.6001.187020020fbd7 Error: (11/10/2014 08:41:18 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: iexplore.exe8.0.6001.18702mshtml.dll8.0.6001.187020020fbd7 Error: (11/10/2014 08:40:59 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: iexplore.exe8.0.6001.18702mshtml.dll8.0.6001.187020020fbd7 Error: (11/10/2014 08:40:42 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: iexplore.exe8.0.6001.18702mshtml.dll8.0.6001.187020020fbd7 ==================== Memory info =========================== Processor: AMD Athlon(tm) XP 2500+ Percentage of memory in use: 26% Total physical RAM: 2047.49 MB Available physical RAM: 1495.29 MB Total Pagefile: 3817.66 MB Available Pagefile: 3270.88 MB Total Virtual: 2047.88 MB Available Virtual: 1936.57 MB ==================== Drives ================================ Drive c: () (Fixed) (Total:29.29 GB) (Free:14.06 GB) NTFS ==>[Drive with boot components (Windows XP)] Drive d: () (Fixed) (Total:58.59 GB) (Free:1.54 GB) NTFS Drive e: () (Fixed) (Total:58.59 GB) (Free:1.95 GB) NTFS Drive g: (Nowy) (Fixed) (Total:48.83 GB) (Free:2.08 GB) NTFS Drive i: (Stary) (Fixed) (Total:29.37 GB) (Free:1.24 GB) NTFS ==>[Drive with boot components (Windows XP)] Drive j: (Film) (Fixed) (Total:97.65 GB) (Free:28.73 GB) NTFS Drive l: () (Fixed) (Total:40.11 GB) (Free:0.71 GB) NTFS Drive m: () (Fixed) (Total:40.11 GB) (Free:3.9 GB) NTFS Drive n: () (Fixed) (Total:2.2 GB) (Free:0.03 GB) NTFS Drive p: (KINGSTON128) (Removable) (Total:0.12 GB) (Free:0.11 GB) FAT ==================== MBR & Partition Table ================== ======================================================== Disk: 0 (Size: 111.8 GB) (Disk ID: 38BF38BF) Partition 1: (Active) - (Size=29.4 GB) - (Type=07 NTFS) Partition 2: (Not Active) - (Size=82.4 GB) - (Type=OF Extended) ======================================================== Disk: 1 (Size: 149.1 GB) (Disk ID: A016A016) Partition 1: (Active) - (Size=29.3 GB) - (Type=07 NTFS) Partition 2: (Not Active) - (Size=119.7 GB) - (Type=OF Extended) ======================================================== Disk: 2 (Size: 232.9 GB) (Disk ID: 10DB10DA) Partition 1: (Active) - (Size=48.8 GB) - (Type=07 NTFS) Partition 2: (Not Active) - (Size=184 GB) - (Type=OF Extended) ======================================================== Disk: 3 (Size: 120.3 MB) (Disk ID: 00508131) Partition 1: (Active) - (Size=120 MB) - (Type=06) ==================== End Of Log ============================