Additional scan result of Farbar Recovery Scan Tool (x86) Version: 13-12-2014 Ran by Magda at 2014-12-14 12:40:08 Running from C:\Users\Magda\Downloads Boot Mode: Normal ========================================================== ==================== Security Center ======================== (If an entry is included in the fixlist, it will be removed.) AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B} AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736} ==================== Installed Programs ====================== (Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.) 7-Zip 9.22beta (HKLM\...\7-Zip) (Version: - ) Adobe Flash Player 16 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 16.0.0.235 - Adobe Systems Incorporated) Adobe Flash Player 16 NPAPI (HKLM\...\Adobe Flash Player NPAPI) (Version: 16.0.0.235 - Adobe Systems Incorporated) Adobe Photoshop CS3 (HKLM\...\Adobe_678cd98c8365a5647f9a2e539d120a8) (Version: 10.0 - Adobe Systems Incorporated) Adobe Reader XI (11.0.08) - Polish (HKLM\...\{AC76BA86-7AD7-1045-7B44-AB0000000001}) (Version: 11.0.08 - Adobe Systems Incorporated) Avast Free Antivirus (HKLM\...\Avast) (Version: 10.0.2208 - AVAST Software) Google Chrome (HKLM\...\Google Chrome) (Version: 39.0.2171.95 - Google Inc.) Google Update Helper (Version: 1.3.25.11 - Google Inc.) Hidden Java 7 Update 71 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F03217071FF}) (Version: 7.0.710 - Oracle) Malwarebytes Anti-Malware wersja 2.0.4.1028 (HKLM\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.4.1028 - Malwarebytes Corporation) Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation) Microsoft Office File Validation Add-In (HKLM\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation) Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.31211.0 - Microsoft Corporation) Mozilla Firefox 33.1 (x86 pl) (HKLM\...\Mozilla Firefox 33.1 (x86 pl)) (Version: 33.1 - Mozilla) Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 33.0 - Mozilla) PDF Settings (Version: 1.0 - Adobe Systems Incorporated) Hidden Picasa 3 (HKLM\...\Picasa 3) (Version: 3.9 - Google, Inc.) Skype™ 6.14 (HKLM\...\{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}) (Version: - ) Winamp Detector Plug-in (HKU\S-1-5-21-251121527-2021168873-2295293381-1000\...\Winamp Detect) (Version: 1.0.0.1 - Nullsoft, Inc) WinRAR 5.11 (32-bitowy) (HKLM\...\WinRAR archiver) (Version: 5.11.0 - win.rar GmbH) ==================== Custom CLSID (selected items): ========================== (If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.) CustomCLSID: HKU\S-1-5-21-251121527-2021168873-2295293381-1000_Classes\CLSID\{010833F3-751A-402F-9FCC-C365B6A12E41}\localserver32 -> C:\Users\Magda\AppData\Local\MICROS~1\Windows\TEMPOR~1\Content.IE5\LNOA2PVZ\BESTPL~1.EXE No File CustomCLSID: HKU\S-1-5-21-251121527-2021168873-2295293381-1000_Classes\CLSID\{039B2CA5-3B41-4D93-AD77-47D3293FC5CB}\InprocServer32 -> C:\Program Files\Skype\Plugin Manager\ezPMUtils.dll No File CustomCLSID: HKU\S-1-5-21-251121527-2021168873-2295293381-1000_Classes\CLSID\{42481700-CF3C-4D05-8EC6-F9A1C57E8DC0}\InprocServer32 -> C:\Program Files\Skype\Plugin Manager\ezPMUtils.dll No File CustomCLSID: HKU\S-1-5-21-251121527-2021168873-2295293381-1000_Classes\CLSID\{B6CE1A28-A831-43E4-A81F-E2B429D66231}\InprocServer32 -> C:\Users\Magda\AppData\Local\ASKTOO~1\DOWNLO~1\Nero.dll No File CustomCLSID: HKU\S-1-5-21-251121527-2021168873-2295293381-1000_Classes\CLSID\{D0D38C6E-BF64-4C42-840D-3E0019D9F7A6}\InprocServer32 -> C:\Program Files\Skype\Plugin Manager\ezPMUtils.dll No File ==================== Restore Points ========================= 02-12-2014 16:11:33 Windows Update 05-12-2014 16:02:24 Scheduled Checkpoint 05-12-2014 19:54:17 Windows Update 09-12-2014 20:35:34 Windows Update 10-12-2014 03:01:10 Windows Update 14-12-2014 03:00:14 Windows Update ==================== Hosts content: ========================== (If needed Hosts: directive could be included in the fixlist to reset Hosts.) 2006-11-02 10:23 - 2006-09-18 21:41 - 00000761 ____A C:\Windows\system32\Drivers\etc\hosts 127.0.0.1 localhost ::1 localhost ==================== Scheduled Tasks (whitelisted) ============= (If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.) Task: {00672EC0-3134-4F51-B674-0BAF7E593A32} - System32\Tasks\avast! Emergency Update => C:\Program Files\Alwil Software\Avast5\AvastEmUpdate.exe [2014-11-27] (AVAST Software) Task: {0C7C0F1F-2D9D-417E-AC36-FC392178E5CB} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2014-12-06] (Google Inc.) Task: {0D81B941-5BCB-4412-9B51-A7EB872263C2} - System32\Tasks\RealUpgradeLogonTaskS-1-5-21-251121527-2021168873-2295293381-1000 => C:\Program Files\Real\RealUpgrade\RealUpgrade.exe Task: {1EF6D30B-FA23-4E84-B30B-9622A7F601E7} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2014-12-06] (Google Inc.) Task: {40695F6B-C7D2-4821-942D-2C2138508A36} - System32\Tasks\{965B7CB1-17A7-4F48-B9D9-1D69D9E793DD} => Iexplore.exe http://ui.skype.com/ui/0/5.3.0.111/en/abandoninstall?page=tsMain&installinfo=google-toolbar:notoffered;userdeclined,google-chrome:notoffered;systemlevelpresent Task: {44E1CFD7-5443-4B12-819C-9C23D3980BEA} - System32\Tasks\{110CF5B1-6F5B-42FF-B866-2797758CB47E} => Iexplore.exe http://ui.skype.com/ui/0/6.16.0.105/pl/go/help.faq.installer?LastError=1638 Task: {46BEDFB8-2690-4677-9E96-A71AF5588D08} - System32\Tasks\{C028360A-DC07-44AC-A9CB-9FC66B828C1F} => Iexplore.exe http://ui.skype.com/ui/0/6.16.0.105/pl/go/help.faq.installer?LastError=1638 Task: {4FCBA4B1-2569-4CAF-8593-5EDFF3736229} - System32\Tasks\{CCC96478-C7F9-4A01-91B3-5D1C5DBE099D} => Iexplore.exe http://ui.skype.com/ui/0/5.5.0.113/en/abandoninstall?page=tsPlugin&installinfo=google-toolbar:notoffered;userdeclined,google-chrome:notoffered;systemlevelpresent Task: {645E6AFA-F240-42E9-BA4E-784A21FF4F6D} - System32\Tasks\{66007843-30C3-488C-8D2A-A65868C90CB1} => C:\Program Files\Skype\\Phone\Skype.exe [2014-02-10] (Skype Technologies S.A.) Task: {661CDEEE-EE33-4C0F-9F40-EEC5F7D9E060} - System32\Tasks\{C534BC0B-078B-476C-B2D0-9BA77393A598} => Iexplore.exe http://ui.skype.com/ui/0/6.16.0.105/pl/go/help.faq.installer?LastError=1638 Task: {780D0394-27C6-4092-9036-AE2A5E6F1959} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2014-12-12] (Adobe Systems Incorporated) Task: {89BCAF6F-963E-4708-9AFA-9B9AC38523B0} - \WSE_Astromenda No Task File <==== ATTENTION Task: {C6A1977F-93EB-44CD-8202-6B6FEBFFAFAB} - \WSE_Lasaoren No Task File <==== ATTENTION Task: {C9044A1C-6FD8-4700-A6E6-A595689110C2} - System32\Tasks\Microsoft\Windows\WindowsCalendar\Reminders - Magda => C:\Program Files\Windows Calendar\WinCal.exe [2009-04-10] (Microsoft Corporation) Task: {DE6D5A83-55AB-401F-A612-B68182A7C9E8} - System32\Tasks\{7BB4C0E6-C61A-4319-A4AF-795947945B81} => Iexplore.exe http://ui.skype.com/ui/0/5.1.0.112/en/abandoninstall?page=tsMain&installinfo=google-toolbar:offered-installed,google-chrome:notoffered;toolbaroffered Task: {E2E7B910-9400-492F-B96D-AE7BC13CDE86} - System32\Tasks\{8A3011FD-BDCE-4134-9D03-482975D330A9} => Iexplore.exe http://ui.skype.com/ui/0/6.3.0.107/en/abandoninstall?page=tsProgressBar Task: {F5333235-BEAA-4596-80C9-D0E96606BE7B} - System32\Tasks\{6DA37219-06DA-4329-9505-604EAE013CD7} => Iexplore.exe http://ui.skype.com/ui/0/6.16.0.105/en/go/help.faq.installer?LastError=1638 Task: {F99D3FD8-06F3-4443-BDBD-1CED0B96029F} - System32\Tasks\Installation App Launcher => C:\Program Files\Lexmark 3600-4600 Series\ezprint.exe Task: {FEAE8A46-DAE8-4BBE-9B87-56197770B2D5} - System32\Tasks\RealUpgradeScheduledTaskS-1-5-21-251121527-2021168873-2295293381-1000 => C:\Program Files\Real\RealUpgrade\RealUpgrade.exe (If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.) Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe ==================== Loaded Modules (whitelisted) ============= 2014-12-11 23:17 - 2014-12-11 23:17 - 02905600 _____ () C:\Program Files\Alwil Software\Avast5\defs\14121100\algo.dll 2014-12-14 09:09 - 2014-12-14 09:09 - 02908160 _____ () C:\Program Files\Alwil Software\Avast5\defs\14121400\algo.dll 2014-01-03 13:57 - 2014-11-27 22:43 - 38562088 _____ () C:\Program Files\Alwil Software\Avast5\libcef.dll 2011-02-11 11:43 - 2008-04-01 06:37 - 00159744 _____ () C:\Windows\system32\atitmmxx.dll 2014-12-10 21:23 - 2014-12-06 01:50 - 09009480 _____ () C:\Program Files\Google\Chrome\Application\39.0.2171.95\pdf.dll 2014-12-10 21:23 - 2014-12-06 01:50 - 01677128 _____ () C:\Program Files\Google\Chrome\Application\39.0.2171.95\ffmpegsumo.dll 2014-04-11 17:45 - 2014-02-10 12:44 - 04592128 _____ () C:\Users\Magda\AppData\Local\Google\Chrome\User Data\SwiftShader\3.2.6.45159\libglesv2.dll 2014-04-11 17:45 - 2014-02-10 12:44 - 00112128 _____ () C:\Users\Magda\AppData\Local\Google\Chrome\User Data\SwiftShader\3.2.6.45159\libegl.dll 2014-12-12 21:39 - 2014-12-12 21:39 - 00011264 _____ () C:\Users\Magda\AppData\Local\Temp\WPL8413.tmp\auth.lng 2014-12-12 21:39 - 2014-12-12 21:39 - 00066560 _____ () C:\Users\Magda\AppData\Local\Temp\WPL8413.tmp\burnlib.lng 2014-12-12 21:39 - 2014-12-12 21:39 - 00012800 _____ () C:\Users\Magda\AppData\Local\Temp\WPL8413.tmp\dsp_sps.lng 2014-12-12 21:39 - 2014-12-12 21:39 - 00006656 _____ () C:\Users\Magda\AppData\Local\Temp\WPL8413.tmp\enc_fhgaac.lng 2014-12-12 21:39 - 2014-12-12 21:39 - 00004096 _____ () C:\Users\Magda\AppData\Local\Temp\WPL8413.tmp\enc_flac.lng 2014-12-12 21:39 - 2014-12-12 21:39 - 00005632 _____ () C:\Users\Magda\AppData\Local\Temp\WPL8413.tmp\enc_lame.lng 2014-12-12 21:39 - 2014-12-12 21:39 - 00004096 _____ () C:\Users\Magda\AppData\Local\Temp\WPL8413.tmp\enc_vorbis.lng 2014-12-12 21:39 - 2014-12-12 21:39 - 00004096 _____ () C:\Users\Magda\AppData\Local\Temp\WPL8413.tmp\enc_wav.lng 2014-12-12 21:39 - 2014-12-12 21:39 - 00006144 _____ () C:\Users\Magda\AppData\Local\Temp\WPL8413.tmp\enc_wma.lng 2014-12-12 21:39 - 2014-12-12 21:39 - 00022016 _____ () C:\Users\Magda\AppData\Local\Temp\WPL8413.tmp\gen_ff.lng 2014-12-12 21:39 - 2014-12-12 21:39 - 00011776 _____ () C:\Users\Magda\AppData\Local\Temp\WPL8413.tmp\gen_hotkeys.lng 2014-12-12 21:39 - 2014-12-12 21:39 - 00040960 _____ () C:\Users\Magda\AppData\Local\Temp\WPL8413.tmp\gen_jumpex.lng 2014-12-12 21:39 - 2014-12-12 21:39 - 00021504 _____ () C:\Users\Magda\AppData\Local\Temp\WPL8413.tmp\gen_ml.lng 2014-12-12 21:39 - 2014-12-12 21:39 - 00007680 _____ () C:\Users\Magda\AppData\Local\Temp\WPL8413.tmp\gen_tray.lng 2014-12-12 21:39 - 2014-12-12 21:39 - 00005120 _____ () C:\Users\Magda\AppData\Local\Temp\WPL8413.tmp\in_avi.lng 2014-12-12 21:39 - 2014-12-12 21:39 - 00013312 _____ () C:\Users\Magda\AppData\Local\Temp\WPL8413.tmp\in_cdda.lng 2014-12-12 21:39 - 2014-12-12 21:39 - 00007168 _____ () C:\Users\Magda\AppData\Local\Temp\WPL8413.tmp\in_dshow.lng 2014-12-12 21:39 - 2014-12-12 21:39 - 00006144 _____ () C:\Users\Magda\AppData\Local\Temp\WPL8413.tmp\in_flac.lng 2014-12-12 21:39 - 2014-12-12 21:39 - 00003584 _____ () C:\Users\Magda\AppData\Local\Temp\WPL8413.tmp\in_flv.lng 2014-12-12 21:39 - 2014-12-12 21:39 - 00003584 _____ () C:\Users\Magda\AppData\Local\Temp\WPL8413.tmp\in_linein.lng 2014-12-12 21:39 - 2014-12-12 21:39 - 00020992 _____ () C:\Users\Magda\AppData\Local\Temp\WPL8413.tmp\in_midi.lng 2014-12-12 21:39 - 2014-12-12 21:39 - 00004608 _____ () C:\Users\Magda\AppData\Local\Temp\WPL8413.tmp\in_mkv.lng 2014-12-12 21:39 - 2014-12-12 21:39 - 00018432 _____ () C:\Users\Magda\AppData\Local\Temp\WPL8413.tmp\in_mod.lng 2014-12-12 21:39 - 2014-12-12 21:39 - 00022528 _____ () C:\Users\Magda\AppData\Local\Temp\WPL8413.tmp\in_mp3.lng 2014-12-12 21:39 - 2014-12-12 21:39 - 00004608 _____ () C:\Users\Magda\AppData\Local\Temp\WPL8413.tmp\in_mp4.lng 2014-12-12 21:39 - 2014-12-12 21:39 - 00011264 _____ () C:\Users\Magda\AppData\Local\Temp\WPL8413.tmp\in_nsv.lng 2014-12-12 21:39 - 2014-12-12 21:39 - 00003584 _____ () C:\Users\Magda\AppData\Local\Temp\WPL8413.tmp\in_swf.lng 2014-12-12 21:39 - 2014-12-12 21:39 - 00011264 _____ () C:\Users\Magda\AppData\Local\Temp\WPL8413.tmp\in_vorbis.lng 2014-12-12 21:39 - 2014-12-12 21:39 - 00005632 _____ () C:\Users\Magda\AppData\Local\Temp\WPL8413.tmp\in_wave.lng 2014-12-12 21:39 - 2014-12-12 21:39 - 00014848 _____ () C:\Users\Magda\AppData\Local\Temp\WPL8413.tmp\in_wm.lng 2014-12-12 21:39 - 2014-12-12 21:39 - 00003584 _____ () C:\Users\Magda\AppData\Local\Temp\WPL8413.tmp\ml_addons.lng 2014-12-12 21:39 - 2014-12-12 21:39 - 00007168 _____ () C:\Users\Magda\AppData\Local\Temp\WPL8413.tmp\ml_autotag.lng 2014-12-12 21:39 - 2014-12-12 21:39 - 00005120 _____ () C:\Users\Magda\AppData\Local\Temp\WPL8413.tmp\ml_bookmarks.lng 2014-12-12 21:39 - 2014-12-12 21:39 - 00007680 _____ () C:\Users\Magda\AppData\Local\Temp\WPL8413.tmp\ml_devices.lng 2014-12-12 21:39 - 2014-12-12 21:39 - 00047616 _____ () C:\Users\Magda\AppData\Local\Temp\WPL8413.tmp\ml_disc.lng 2014-12-12 21:39 - 2014-12-12 21:39 - 00009216 _____ () C:\Users\Magda\AppData\Local\Temp\WPL8413.tmp\ml_downloads.lng 2014-12-12 21:39 - 2014-12-12 21:39 - 00009216 _____ () C:\Users\Magda\AppData\Local\Temp\WPL8413.tmp\ml_history.lng 2014-12-12 21:39 - 2014-12-12 21:39 - 00005120 _____ () C:\Users\Magda\AppData\Local\Temp\WPL8413.tmp\ml_impex.lng 2014-12-12 21:39 - 2014-12-12 21:39 - 00054784 _____ () C:\Users\Magda\AppData\Local\Temp\WPL8413.tmp\ml_local.lng 2014-12-12 21:39 - 2014-12-12 21:39 - 00003584 _____ () C:\Users\Magda\AppData\Local\Temp\WPL8413.tmp\ml_nowplaying.lng 2014-12-12 21:39 - 2014-12-12 21:39 - 00014336 _____ () C:\Users\Magda\AppData\Local\Temp\WPL8413.tmp\ml_online.lng 2014-12-12 21:39 - 2014-12-12 21:39 - 00017920 _____ () C:\Users\Magda\AppData\Local\Temp\WPL8413.tmp\ml_playlists.lng 2014-12-12 21:39 - 2014-12-12 21:39 - 00012800 _____ () C:\Users\Magda\AppData\Local\Temp\WPL8413.tmp\ml_plg.lng 2014-12-12 21:39 - 2014-12-12 21:39 - 00057344 _____ () C:\Users\Magda\AppData\Local\Temp\WPL8413.tmp\ml_pmp.lng 2014-12-12 21:39 - 2014-12-12 21:39 - 00005120 _____ () C:\Users\Magda\AppData\Local\Temp\WPL8413.tmp\ml_rg.lng 2014-12-12 21:39 - 2014-12-12 21:39 - 00008192 _____ () C:\Users\Magda\AppData\Local\Temp\WPL8413.tmp\ml_transcode.lng 2014-12-12 21:39 - 2014-12-12 21:39 - 00014848 _____ () C:\Users\Magda\AppData\Local\Temp\WPL8413.tmp\ml_wire.lng 2014-12-12 21:39 - 2014-12-12 21:39 - 00036864 _____ () C:\Users\Magda\AppData\Local\Temp\WPL8413.tmp\ombrowser.lng 2014-12-12 21:40 - 2014-12-12 21:40 - 00006144 _____ () C:\Users\Magda\AppData\Local\Temp\WPL8413.tmp\out_disk.lng 2014-12-12 21:40 - 2014-12-12 21:40 - 00016896 _____ () C:\Users\Magda\AppData\Local\Temp\WPL8413.tmp\out_ds.lng 2014-12-12 21:40 - 2014-12-12 21:40 - 00007168 _____ () C:\Users\Magda\AppData\Local\Temp\WPL8413.tmp\out_wave.lng 2014-12-12 21:40 - 2014-12-12 21:40 - 00003072 _____ () C:\Users\Magda\AppData\Local\Temp\WPL8413.tmp\playlist.lng 2014-12-12 21:40 - 2014-12-12 21:40 - 00004608 _____ () C:\Users\Magda\AppData\Local\Temp\WPL8413.tmp\pmp_activesync.lng 2014-12-12 21:40 - 2014-12-12 21:40 - 00010752 _____ () C:\Users\Magda\AppData\Local\Temp\WPL8413.tmp\pmp_android.lng 2014-12-12 21:40 - 2014-12-12 21:40 - 00006656 _____ () C:\Users\Magda\AppData\Local\Temp\WPL8413.tmp\pmp_ipod.lng 2014-12-12 21:40 - 2014-12-12 21:40 - 00003584 _____ () C:\Users\Magda\AppData\Local\Temp\WPL8413.tmp\pmp_njb.lng 2014-12-12 21:40 - 2014-12-12 21:40 - 00004096 _____ () C:\Users\Magda\AppData\Local\Temp\WPL8413.tmp\pmp_p4s.lng 2014-12-12 21:40 - 2014-12-12 21:40 - 00010752 _____ () C:\Users\Magda\AppData\Local\Temp\WPL8413.tmp\pmp_usb.lng 2014-12-12 21:40 - 2014-12-12 21:40 - 00045056 _____ () C:\Users\Magda\AppData\Local\Temp\WPL8413.tmp\pmp_wifi.lng 2014-12-12 21:40 - 2014-12-12 21:40 - 00006144 _____ () C:\Users\Magda\AppData\Local\Temp\WPL8413.tmp\tagz.lng 2014-12-12 21:40 - 2014-12-12 21:40 - 00087552 _____ () C:\Users\Magda\AppData\Local\Temp\WPL8413.tmp\vis_avs.lng 2014-12-12 21:40 - 2014-12-12 21:40 - 00161792 _____ () C:\Users\Magda\AppData\Local\Temp\WPL8413.tmp\vis_milk2.lng 2014-12-12 21:40 - 2014-12-12 21:40 - 00007680 _____ () C:\Users\Magda\AppData\Local\Temp\WPL8413.tmp\vis_nsfs.lng 2014-12-12 21:40 - 2014-12-12 21:40 - 00333312 _____ () C:\Users\Magda\AppData\Local\Temp\WPL8413.tmp\winamp.lng 2014-12-12 21:40 - 2014-12-12 21:40 - 00003584 _____ () C:\Users\Magda\AppData\Local\Temp\WPL8413.tmp\winampa.lng 2014-12-12 21:40 - 2014-12-12 21:40 - 00003072 _____ () C:\Users\Magda\AppData\Local\Temp\WPL8413.tmp\xspf.lng 2013-06-26 20:48 - 2013-06-26 20:48 - 00340992 _____ () C:\Program Files\Winamp\Plugins\freeform\wacs\freetype\freetype.wac 2014-12-10 21:23 - 2014-12-06 01:50 - 14913352 _____ () C:\Program Files\Google\Chrome\Application\39.0.2171.95\PepperFlash\pepflashplayer.dll ==================== Alternate Data Streams (whitelisted) ========= (If an entry is included in the fixlist, only the Alternate Data Streams will be removed.) AlternateDataStreams: C:\Users\Magda\Downloads\brighton_color_run_2013_1280x720.mp4:TOC.WMV ==================== Safe Mode (whitelisted) =================== (If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.) ==================== EXE Association (whitelisted) ============= (If an entry is included in the fixlist, the default will be restored. None default entries will be removed.) ==================== MSCONFIG/TASK MANAGER disabled items ========= (Currently there is no automatic fix for this section.) MSCONFIG\startupfolder: C:^Users^Magda^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^OneNote 2007 Screen Clipper and Launcher.lnk => C:\Windows\pss\OneNote 2007 Screen Clipper and Launcher.lnk.Startup MSCONFIG\startupreg: Gadu-Gadu 10 => "C:\Program Files\Gadu-Gadu 10\gg.exe" MSCONFIG\startupreg: HBLiteSA => "C:\Program Files\hblite\bin\11.0.358.0\HBLiteSA.exe" MSCONFIG\startupreg: NSU_agent => "C:\Program Files\Nokia\Nokia Software Updater\nsu3ui_agent.exe" MSCONFIG\startupreg: Skype => "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized MSCONFIG\startupreg: Sony PC Companion => "C:\Program Files\Sony\Sony PC Companion\PCCompanion.exe" /Background ========================= Accounts: ========================== Administrator (S-1-5-21-251121527-2021168873-2295293381-500 - Administrator - Disabled) Guest (S-1-5-21-251121527-2021168873-2295293381-501 - Limited - Disabled) Magda (S-1-5-21-251121527-2021168873-2295293381-1000 - Administrator - Enabled) => C:\Users\Magda ==================== Faulty Device Manager Devices ============= Name: Description: Class Guid: Manufacturer: Service: Problem: : The drivers for this device are not installed. (Code 28) Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard. ==================== Event log errors: ========================= Application errors: ================== Error: (12/10/2014 03:16:36 AM) (Source: Perflib) (EventID: 1008) (User: ) Description: PNRPsvcC:\Windows\system32\pnrpperf.dll4 Error: (12/10/2014 03:16:31 AM) (Source: Perflib) (EventID: 1010) (User: ) Description: EmdCacheC:\Windows\system32\emdmgmt.dll4 System errors: ============= Error: (12/10/2014 06:23:25 AM) (Source: DCOM) (EventID: 10010) (User: ) Description: {E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E} Error: (12/10/2014 03:26:31 AM) (Source: DCOM) (EventID: 10010) (User: ) Description: {7D096C5F-AC08-4F1F-BEB7-5C22C517CE39} Error: (12/10/2014 03:26:01 AM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Windows Search%%1053 Error: (12/10/2014 03:26:01 AM) (Source: Service Control Manager) (EventID: 7009) (User: ) Description: 30000Windows Search Error: (12/10/2014 03:26:00 AM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Windows Search%%1053 Error: (12/10/2014 03:26:00 AM) (Source: Service Control Manager) (EventID: 7009) (User: ) Description: 30000Windows Search Error: (12/10/2014 03:22:58 AM) (Source: disk) (EventID: 7) (User: ) Description: The device, \Device\Harddisk0\DR0, has a bad block. Error: (12/10/2014 03:22:54 AM) (Source: disk) (EventID: 7) (User: ) Description: The device, \Device\Harddisk0\DR0, has a bad block. Error: (12/10/2014 03:22:41 AM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Windows Search%%1053 Error: (12/10/2014 03:22:41 AM) (Source: Service Control Manager) (EventID: 7009) (User: ) Description: 30000Windows Search Microsoft Office Sessions: ========================= CodeIntegrity Errors: =================================== Date: 2014-12-14 12:40:02.603 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\mwac.sys because the set of per-page image hashes could not be found on the system. Date: 2014-12-14 12:40:01.859 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\mwac.sys because the set of per-page image hashes could not be found on the system. Date: 2014-12-14 12:40:01.191 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\mwac.sys because the set of per-page image hashes could not be found on the system. Date: 2014-12-14 12:40:00.512 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\mwac.sys because the set of per-page image hashes could not be found on the system. Date: 2014-12-14 12:39:59.580 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\mbamchameleon.sys because the set of per-page image hashes could not be found on the system. Date: 2014-12-14 12:39:58.906 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\mbamchameleon.sys because the set of per-page image hashes could not be found on the system. Date: 2014-12-14 12:39:58.242 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\mbamchameleon.sys because the set of per-page image hashes could not be found on the system. Date: 2014-12-14 12:39:57.572 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\mbamchameleon.sys because the set of per-page image hashes could not be found on the system. Date: 2014-12-14 12:39:29.869 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\mwac.sys because the set of per-page image hashes could not be found on the system. Date: 2014-12-14 12:39:29.208 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\mwac.sys because the set of per-page image hashes could not be found on the system. ==================== Memory info =========================== Processor: AMD Athlon(tm) 64 X2 Dual-Core Processor TK-57 Percentage of memory in use: 58% Total physical RAM: 1916.89 MB Available physical RAM: 788.64 MB Total Pagefile: 4083.04 MB Available Pagefile: 1900.97 MB Total Virtual: 2047.88 MB Available Virtual: 1909.3 MB ==================== Drives ================================ Drive c: (System) (Fixed) (Total:156.76 GB) (Free:89.97 GB) NTFS ==>[Drive with boot components (obtained from BCD)] Drive d: (Media) (Fixed) (Total:102.26 GB) (Free:39.7 GB) NTFS Drive h: (Data) (Fixed) (Total:39.06 GB) (Free:28.9 GB) NTFS ==================== MBR & Partition Table ================== ======================================================== Disk: 0 (MBR Code: Windows 7 or Vista) (Size: 298.1 GB) (Disk ID: FBB7772E) Partition 1: (Active) - (Size=156.8 GB) - (Type=07 NTFS) Partition 2: (Not Active) - (Size=102.3 GB) - (Type=07 NTFS) Partition 3: (Not Active) - (Size=39.1 GB) - (Type=07 NTFS) ==================== End Of Log ============================