Additional scan result of Farbar Recovery Scan Tool (x64) Version: 24-01-2015 01 Ran by Kuba at 2015-01-24 19:52:33 Running from C:\Users\Kuba\Desktop\logi Boot Mode: Normal ========================================================== ==================== Security Center ======================== (If an entry is included in the fixlist, it will be removed.) AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} ==================== Installed Programs ====================== (Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.) µTorrent (HKU\S-1-5-21-3839221274-3043303846-3843884880-1000\...\uTorrent) (Version: 3.4.2.35702 - BitTorrent Inc.) Adobe Flash Player 10 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 10.0.42.34 - Adobe Systems Incorporated) Adobe Flash Player 10 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 10.0.42.34 - Adobe Systems Incorporated) Adobe Reader 9.0.1 - Polish (HKLM-x32\...\{AC76BA86-7AD7-1045-7B44-A90100000001}) (Version: 9.0.1 - Adobe Systems Incorporated) Alice: Madness Returns (HKLM-x32\...\Alice: Madness Returns_is1) (Version: - ) ALLPlayer V5.X (HKLM-x32\...\ALLPlayer_is1) (Version: - ALLPlayer Group, Ltd.) AMD Catalyst Install Manager (HKLM\...\{F2A7CE36-57BF-5C86-952D-90DBF3746D82}) (Version: 8.0.916.0 - Advanced Micro Devices, Inc.) Apple Mobile Device Support (HKLM\...\{6AF2AC2A-3532-43FD-9F4D-BDC9C0D724C7}) (Version: 7.1.2.6 - Apple Inc.) Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.) Assassin's Creed (HKLM-x32\...\{8CFA9151-6404-409A-AF22-4632D04582FD}) (Version: 1.01 - Ubisoft) Asystent rejestracji usługi Windows Live (HKLM-x32\...\{51958BA7-21E4-4A8B-9098-CD8375BD17B2}) (Version: 5.000.818.5 - Microsoft Corporation) Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.) Broadcom Gigabit NetLink Controller (HKLM\...\{A84DB02B-9C2B-4272-9D2D-A80E00A56513}) (Version: 12.52.01 - Broadcom Corporation) CCleaner (HKLM\...\CCleaner) (Version: 3.14 - Piriform) ClocX (1.5b1) (HKLM-x32\...\ClocX) (Version: - ) Codecs for Windows 7 Pack 4.0.5 (HKLM-x32\...\Codecs for Windows 7 Pack) (Version: 4.0.5 - Codecs for Windows 7 Pack) Command & Conquer Tiberian Sun (HKLM-x32\...\Tiberian Sun) (Version: - ) Counter-Strike 1.6 (HKLM-x32\...\Counter-Strike 1.6) (Version: - ) CyberLink YouCam (HKLM-x32\...\InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 3.0.2603 - CyberLink Corp.) DAEMON Tools Lite (HKLM-x32\...\DAEMON Tools Lite) (Version: 4.49.1.0356 - Disc Soft Ltd) Dev-C++ (HKLM-x32\...\Dev-C++) (Version: 5.2.0.3 - ) Europa Universalis 2 (HKLM-x32\...\{84EC225B-3547-4F56-8BD3-CB6D52F81527}) (Version: 1.07 - ) Facebook Video Calling 3.1.0.521 (HKLM-x32\...\{2091F234-EB58-4B80-8C96-8EB78C808CF7}) (Version: 3.1.521 - Skype Limited) FormatFactory 3.0.1 (HKLM-x32\...\FormatFactory) (Version: 3.0.1 - Free Time) Fraps (HKLM-x32\...\Fraps) (Version: - ) Galeria fotografii usługi Windows Live (x32 Version: 14.0.8081.709 - Microsoft Corporation) Hidden GOM Player (HKLM-x32\...\GOM Player) (Version: 2.2.62.5209 - Gretech Corporation) Google Chrome (HKU\S-1-5-21-3839221274-3043303846-3843884880-1000\...\Google Chrome) (Version: 35.0.1916.153 - Google Inc.) Greenshot (HKLM-x32\...\Greenshot_is1) (Version: - ) Hearts of Iron 2 Platynowa Edycja (HKLM-x32\...\Hearts of Iron 2 Platynowa Edycja) (Version: - ) Heroes of Might and Magic® III (HKLM-x32\...\Heroes of Might and Magic® III) (Version: - ) HWiNFO64 Version 4.48 (HKLM\...\HWiNFO64_is1) (Version: 4.48 - Martin Malík - REALiX) HyperCam 2 (HKLM-x32\...\HyperCam 2) (Version: - ) Inkscape 0.48.3.1 (HKLM-x32\...\Inkscape) (Version: 0.48.3.1 - ) Intel(R) Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1007 - Intel Corporation) Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 6.0.0.1179 - Intel Corporation) Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 9.6.0.1014 - Intel Corporation) Intel(R) Turbo Boost Technology Driver (HKLM-x32\...\{D6C630BF-8DBB-4042-8562-DC9A52CB6E7E}) (Version: 01.00.01.1002 - Intel Corporation) IrfanView (remove only) (HKLM-x32\...\IrfanView) (Version: 4.38 - Irfan Skiljan) iTunes (HKLM\...\{33E28B58-7BA0-47B7-AA01-9225ABA2B8A9}) (Version: 11.3.0.54 - Apple Inc.) Java 7 Update 55 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217055FF}) (Version: 7.0.550 - Oracle) Java technology allows you to work and play in a secure computing environment. Packages (HKU\S-1-5-21-3839221274-3043303846-3843884880-1000\...\Java technology allows you to work and play in a secure computing environment. Packages) (Version: - ) <==== ATTENTION Java(TM) 6 Update 26 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83216026FF}) (Version: 6.0.260 - Oracle) JMicron Flash Media Controller Driver (HKLM-x32\...\{26604C7E-A313-4D12-867F-7C6E7820BE4C}) (Version: 1.0.41.2 - JMicron Technology Corp.) Junk Mail filter update (x32 Version: 14.0.8089.726 - Microsoft Corporation) Hidden K-Lite Codec Pack 7.0.0 (Standard) (HKLM-x32\...\KLiteCodecPack_is1) (Version: 7.0.0 - ) K-Lite Codec Pack 9.3.0 (64-bit) (HKLM\...\KLiteCodecPack64_is1) (Version: 9.3.0 - ) Lenovo DirectShare (HKLM-x32\...\{B2164CCB-C002-4B80-8550-7535D80DF237}) (Version: - ArcSoft) Lenovo_Wireless_Driver (HKLM-x32\...\{28ABE740-47F3-441B-9437-852F6A64EFF8}) (Version: 1.02.01 - Lenovo) Malwarebytes Anti-Malware wersja 1.75.0.1300 (HKLM-x32\...\Malwarebytes' Anti-Malware_is1) (Version: 1.75.0.1300 - Malwarebytes Corporation) Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation) Microsoft .NET Framework 4.5.1 (Polski) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1045) (Version: 4.5.50938 - Microsoft Corporation) Microsoft Help Viewer 1.0 (HKLM\...\Microsoft Help Viewer 1.0) (Version: 1.0.30319 - Microsoft Corporation) Microsoft Office 2010 (HKLM-x32\...\{95140000-0070-0000-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation) Microsoft Office Starter 2010 - Polski (HKLM-x32\...\{90140011-0066-0415-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation) Microsoft PowerPoint Viewer (HKLM-x32\...\{95140000-00AF-0415-0000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation) Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation) Microsoft Sync Framework Runtime Native v1.0 (x86) (HKLM-x32\...\{8A74E887-8F0F-4017-AF53-CBA42211AAA5}) (Version: 1.0.1215.0 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.51106 (HKLM-x32\...\{6e8f74e0-43bd-4dce-8477-6ff6828acc07}) (Version: 11.0.51106.1 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 (HKLM-x32\...\{22154f09-719a-4619-bb71-5b3356999fbf}) (Version: 11.0.50727.1 - Microsoft Corporation) Moduł Szybka instalacja pakietu Microsoft Office 2010 (HKLM-x32\...\Office14.Click2Run) (Version: 14.0.4763.1000 - Microsoft Corporation) Moduł Szybka instalacja pakietu Microsoft Office 2010 (Version: 14.0.4763.1000 - Microsoft Corporation) Hidden Mozilla Firefox 35.0 (x86 pl) (HKLM-x32\...\Mozilla Firefox 35.0 (x86 pl)) (Version: 35.0 - Mozilla) Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 29.0.1 - Mozilla) Narzędzie do przekazywania usługi Windows Live (HKLM-x32\...\{205C6BDD-7B73-42DE-8505-9A093F35A238}) (Version: 14.0.8014.1029 - Microsoft Corporation) Obsługa programów Apple (HKLM-x32\...\{21ECABC3-40B2-42DF-8E21-ACF3A4D0D95A}) (Version: 3.0.5 - Apple Inc.) Opera 11.60 (HKLM-x32\...\Opera 11.60.1185) (Version: 11.60.1185 - Opera Software ASA) Opera Stable 26.0.1656.60 (HKLM-x32\...\Opera 26.0.1656.60) (Version: 26.0.1656.60 - Opera Software ASA) Poczta usługi Windows Live (x32 Version: 14.0.8089.0726 - Microsoft Corporation) Hidden Podstawowe programy Windows Live (HKLM-x32\...\WinLiveSuite_Wave3) (Version: 14.0.8089.0726 - Microsoft Corporation) Podstawowe programy Windows Live (x32 Version: 14.0.8089.726 - Microsoft Corporation) Hidden Polipo 1.0.4.1 (HKLM-x32\...\Polipo) (Version: - ) PX Profile Update (x32 Version: 1.00.1. - AMD) Hidden QuickTime (HKLM-x32\...\{B67BAFBA-4C9F-48FA-9496-933E3B255044}) (Version: 7.74.80.86 - Apple Inc.) Rainmeter (HKLM-x32\...\Rainmeter) (Version: 2.5 r1842 - ) Raptr (HKLM-x32\...\Raptr) (Version: - ) Real Alternative 1.9.0 Lite (HKLM-x32\...\RealAlt_is1) (Version: 1.9.0 - ) Realtek HDMI Audio Driver for ATI (HKLM-x32\...\{5449FB4F-1802-4D5B-A6D8-087DB1142147}) (Version: 6.0.1.6034 - Realtek Semiconductor Corp.) Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6110 - Realtek Semiconductor Corp.) Skype Toolbars (HKLM-x32\...\{B6CF2967-C81E-40C0-9815-C05774FEF120}) (Version: 5.5.7896 - Skype Technologies S.A.) Skype™ 6.14 (HKLM-x32\...\{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}) (Version: 6.14.104 - Skype Technologies S.A.) Sql Server Customer Experience Improvement Program (x32 Version: 10.0.1600.22 - Microsoft Corporation) Hidden StarCraft II (HKLM-x32\...\StarCraft II) (Version: - Blizzard Entertainment) SubEdit-Player (HKLM-x32\...\SubEdit-Player_is1) (Version: 4072 - Artur Sikora) Super Kulki (HKLM-x32\...\Super Kulki_is1) (Version: 5.0 - ALLCinema Ltd.) Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 15.0.19.1 - Synaptics Incorporated) TeamSpeak 3 Client (HKU\S-1-5-21-3839221274-3043303846-3843884880-1000\...\TeamSpeak 3 Client) (Version: 3.0.13.1 - TeamSpeak Systems GmbH) TeamViewer 8 (HKLM-x32\...\TeamViewer 8) (Version: 8.0.17396 - TeamViewer) Tor 0.2.2.35 (HKLM-x32\...\Tor) (Version: - ) Total Commander (Remove or Repair) (HKLM-x32\...\Totalcmd) (Version: 7.56a - Ghisler Software GmbH) UndeleteMyFiles Pro (HKLM-x32\...\UndeleteMyFiles Pro_is1) (Version: - SeriousBit) uTorrent Packages (HKU\S-1-5-21-3839221274-3043303846-3843884880-1000\...\uTorrent Packages) (Version: - ) <==== ATTENTION Vidalia 0.2.15 (HKLM-x32\...\Vidalia) (Version: - ) War Thunder Launcher 1.0.1.278 (HKLM-x32\...\{ed8deea4-29fa-3932-9612-e2122d8a62d9}}_is1) (Version: - 2013 Gaijin Entertainment Corporation) Warcraft III (HKLM-x32\...\Warcraft III) (Version: - ) Warcraft III: wszystkie elementy (HKU\S-1-5-21-3839221274-3043303846-3843884880-1000\...\Warcraft III) (Version: - ) Westwood Shared Internet Components (HKLM-x32\...\WOLAPI) (Version: - ) Windows Driver Package - Broadcom HIDClass (07/28/2009 6.2.0.9800) (HKLM\...\3BA80AB4C7E9F8497C115C844953A3D4BEB84D21) (Version: 07/28/2009 6.2.0.9800 - Broadcom) Windows Live Sync (HKLM-x32\...\{2E522ED6-01E2-4207-82D5-B3BFB31B8BD4}) (Version: 14.0.8089.726 - Microsoft Corporation) Windows Media Player Firefox Plugin (HKLM-x32\...\{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}) (Version: 1.0.0.8 - Microsoft Corp) World of Tanks (HKLM-x32\...\{1EAC1D02-C6AC-4FA6-9A44-96258C37C812EU}_is1) (Version: - Wargaming.net) WorldofTanks (HKU\S-1-5-21-3839221274-3043303846-3843884880-1000\...\WorldofTanks) (Version: - WorldofTanks) <==== ATTENTION! YDP Flash Speech Recognition Support 1.0 (HKLM-x32\...\YDP Flash Speech Recognition Support) (Version: 1.0 - YDP) ==================== Custom CLSID (selected items): ========================== (If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.) CustomCLSID: HKU\S-1-5-21-3839221274-3043303846-3843884880-1000_Classes\CLSID\{355EC88A-02E2-4547-9DEE-F87426484BD1}\InprocServer32 -> C:\Users\Kuba\AppData\Local\Google\Update\1.3.23.9\psuser_64.dll No File CustomCLSID: HKU\S-1-5-21-3839221274-3043303846-3843884880-1000_Classes\CLSID\{90B3DFBF-AF6A-4EA0-8899-F332194690F8}\InprocServer32 -> C:\Users\Kuba\AppData\Local\Google\Update\1.3.24.15\psuser_64.dll No File CustomCLSID: HKU\S-1-5-21-3839221274-3043303846-3843884880-1000_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\Kuba\AppData\Local\Google\Update\1.3.24.15\psuser_64.dll No File CustomCLSID: HKU\S-1-5-21-3839221274-3043303846-3843884880-1000_Classes\CLSID\{FE498BAB-CB4C-4F88-AC3F-3641AAAF5E9E}\InprocServer32 -> C:\Users\Kuba\AppData\Local\Google\Update\1.3.24.7\psuser_64.dll No File ==================== Restore Points ========================= 14-01-2015 15:23:48 Windows Update 15-01-2015 07:21:38 Windows Update 20-01-2015 17:39:39 Windows Update 23-01-2015 18:26:19 Windows Update ==================== Hosts content: ========================== (If needed Hosts: directive could be included in the fixlist to reset Hosts.) 2013-10-19 15:43 - 2013-10-19 15:45 - 00000000 ____A C:\windows\system32\Drivers\etc\hosts ==================== Scheduled Tasks (whitelisted) ============= (If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.) Task: {2B84E39A-9E12-4F6E-83E2-16F509B35920} - System32\Tasks\RealDownloaderRealUpgradeLogonTaskS-1-5-21-3839221274-3043303846-3843884880-1000 => C:\Program Files (x86)\RealNetworks\RealDownloader\realupgrade.exe Task: {35A5B8FB-2838-418A-940A-234A8C682D8A} - System32\Tasks\{57B4245E-7230-476F-AAA1-0A63869F6E05} => C:\HP Universal Print Driver\PCL5 v5.2.6.9321\win_xp_vista\Install.exe Task: {379C14F0-5CE9-4AB5-9CAD-C8E472BB313D} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-3839221274-3043303846-3843884880-1000UA => C:\Users\Kuba\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-07-12] (Facebook Inc.) Task: {589E32F9-43BE-4B64-8E19-1C2796A817D8} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-3839221274-3043303846-3843884880-1000Core => C:\Users\Kuba\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-07-12] (Facebook Inc.) Task: {64FF4900-DF11-47A9-B1DC-A3A404CEF770} - System32\Tasks\{185500A7-E25E-4606-922A-BB38B5B4BE68} => pcalua.exe -a C:\Users\Kuba\Downloads\SetupDWGTrueView2012_32bit.exe -d C:\Users\Kuba\Downloads Task: {66DCC09A-B1B6-45BB-BB9A-66412C9E22C2} - System32\Tasks\Opera scheduled Autoupdate 1419451148 => C:\Program Files (x86)\Opera\launcher.exe [2014-12-16] (Opera Software) Task: {7BFE18D4-D541-4845-9469-A549DB101C18} - System32\Tasks\{E05F641C-C744-42F9-A595-57D3B8BDA61F} => C:\HP Universal Print Driver\PCL5 v5.2.6.9321\win_xp_vista\Install.exe Task: {839EFA3E-9D7E-4C74-8B12-3FFCC3A51802} - System32\Tasks\{536E68D4-F40B-4225-80B0-CFFCFE1DF58B} => pcalua.exe -a C:\Users\Kuba\AppData\Roaming\sweet-page\UninstallManager.exe -c -ptid=cor Task: {9B4D2DDD-85E1-43D4-BB01-A1F0A1EF3E4F} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3839221274-3043303846-3843884880-1000UA => C:\Users\Kuba\AppData\Local\Google\Update\GoogleUpdate.exe Task: {9DE88BAB-3699-4BEF-A16A-7B31155264A4} - System32\Tasks\{9F77A418-EA46-426E-9B32-36D8D5D93AFF} => C:\HP Universal Print Driver\PCL5 v5.2.6.9321\win_xp_vista\Install.exe Task: {AC1E29C2-10F7-4454-B3FA-48266A31CB98} - System32\Tasks\RealDownloaderRealUpgradeScheduledTaskS-1-5-21-3839221274-3043303846-3843884880-1000 => C:\Program Files (x86)\RealNetworks\RealDownloader\realupgrade.exe Task: {AE53D8A9-1B88-4916-935B-562BCB19AADE} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3839221274-3043303846-3843884880-1000Core => C:\Users\Kuba\AppData\Local\Google\Update\GoogleUpdate.exe Task: {CA08AA02-FA27-4FEB-B488-27C2C802ADD1} - System32\Tasks\{6D18DEF1-F530-4B65-B75E-CFA14E2FE172} => C:\Program Files (x86)\Skype\\Phone\Skype.exe [2014-02-10] (Skype Technologies S.A.) Task: {DCE64F9D-2E6B-4337-B1E1-C5AEB6944A40} - System32\Tasks\{F77D6037-6CD4-4292-83FE-7AE0DD1FB09A} => pcalua.exe -a E:\setup.exe -d E:\ Task: {F4F6420B-90ED-47CD-B585-98DE08FCCD45} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.) Task: {FA75368C-4975-4E3C-93CA-07A76CB5CC23} - System32\Tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask => Sc.exe start osppsvc Task: C:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3839221274-3043303846-3843884880-1000Core.job => C:\Users\Kuba\AppData\Local\Facebook\Update\FacebookUpdate.exe Task: C:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3839221274-3043303846-3843884880-1000UA.job => C:\Users\Kuba\AppData\Local\Facebook\Update\FacebookUpdate.exe Task: C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3839221274-3043303846-3843884880-1000Core.job => C:\Users\Kuba\AppData\Local\Google\Update\GoogleUpdate.exe Task: C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3839221274-3043303846-3843884880-1000UA.job => C:\Users\Kuba\AppData\Local\Google\Update\GoogleUpdate.exe ==================== Loaded Modules (whitelisted) ============= 2011-04-14 01:41 - 2011-04-14 01:41 - 00034304 _____ () C:\windows\System32\ssb3ml6.dll 2011-07-24 21:52 - 2010-07-12 06:52 - 00548864 _____ () C:\Program Files (x86)\Greenshot\Greenshot.exe 2013-03-24 15:40 - 2013-03-24 15:40 - 00036024 _____ () C:\Program Files\Rainmeter\Rainmeter.exe 2013-03-24 15:40 - 2013-03-24 15:40 - 00731832 _____ () C:\Program Files\Rainmeter\Rainmeter.dll 2013-03-24 15:39 - 2013-03-24 15:39 - 00017408 _____ () C:\Program Files\Rainmeter\Plugins\AdvancedCPU.DLL 2013-03-24 15:38 - 2013-03-24 15:38 - 00027136 _____ () C:\Program Files\Rainmeter\Plugins\Win7AudioPlugin.DLL 2013-03-24 15:38 - 2013-03-24 15:38 - 00011776 _____ () C:\Program Files\Rainmeter\Plugins\PowerPlugin.DLL 2013-03-24 15:38 - 2013-03-24 15:38 - 00023040 _____ () C:\Program Files\Rainmeter\Plugins\WiFiStatus.DLL 2014-04-23 15:05 - 2014-04-23 15:05 - 00073544 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll 2014-04-23 15:04 - 2014-04-23 15:04 - 01044808 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll 2011-07-24 21:52 - 2010-07-12 06:52 - 00028672 _____ () C:\Program Files (x86)\Greenshot\GreenshotPlugin.dll 2014-06-12 23:21 - 2014-06-05 14:58 - 00716616 _____ () C:\Users\Kuba\AppData\Local\Google\Chrome\Application\35.0.1916.153\libglesv2.dll 2014-06-12 23:21 - 2014-06-05 14:58 - 00126280 _____ () C:\Users\Kuba\AppData\Local\Google\Chrome\Application\35.0.1916.153\libegl.dll 2014-06-12 23:21 - 2014-06-05 14:58 - 04217672 _____ () C:\Users\Kuba\AppData\Local\Google\Chrome\Application\35.0.1916.153\pdf.dll 2014-06-12 23:21 - 2014-06-05 14:58 - 00414536 _____ () C:\Users\Kuba\AppData\Local\Google\Chrome\Application\35.0.1916.153\ppGoogleNaClPluginChrome.dll 2014-06-12 23:21 - 2014-06-05 14:58 - 01732424 _____ () C:\Users\Kuba\AppData\Local\Google\Chrome\Application\35.0.1916.153\ffmpegsumo.dll 2014-07-10 12:43 - 2014-07-08 07:18 - 14663856 _____ () C:\Users\Kuba\AppData\Local\Google\Chrome\User Data\PepperFlash\14.0.0.145\pepflashplayer.dll 2010-11-03 11:15 - 2010-03-03 21:08 - 00058880 _____ () C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IsdiInterop.dll 2013-09-15 18:02 - 2014-12-17 22:37 - 00044544 _____ () C:\Games\World_of_Tanks\voip.dll 2013-09-15 18:02 - 2014-04-09 17:57 - 00323568 _____ () C:\Games\World_of_Tanks\ortp.dll 2013-09-15 18:02 - 2013-09-04 19:10 - 00270336 _____ () C:\Games\World_of_Tanks\libcurl.dll 2014-04-10 17:03 - 2015-01-09 11:31 - 00109832 _____ () C:\Games\World_of_Tanks\librsync.dll 2013-09-15 18:02 - 2013-09-04 19:10 - 00386600 _____ () C:\Games\World_of_Tanks\NxCooking.dll 2013-09-15 18:02 - 2013-09-04 19:10 - 00071208 _____ () C:\Games\World_of_Tanks\PhysXLoader.dll ==================== Alternate Data Streams (whitelisted) ========= (If an entry is included in the fixlist, only the Alternate Data Streams will be removed.) ==================== Safe Mode (whitelisted) =================== (If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.) ==================== EXE Association (whitelisted) ============= (If an entry is included in the fixlist, the default will be restored. None default entries will be removed.) ==================== MSCONFIG/TASK MANAGER disabled items ========= (Currently there is no automatic fix for this section.) MSCONFIG\startupreg: ALLUpdate => "C:\Program Files (x86)\ALLPlayer\ALLUpdate.exe" "sleep" MSCONFIG\startupreg: iTunesHelper => "C:\Program Files (x86)\iTunes\iTunesHelper.exe" ========================= Accounts: ========================== Administrator (S-1-5-21-3839221274-3043303846-3843884880-500 - Administrator - Disabled) Gość (S-1-5-21-3839221274-3043303846-3843884880-501 - Limited - Disabled) => C:\Users\Gość HomeGroupUser$ (S-1-5-21-3839221274-3043303846-3843884880-1003 - Limited - Enabled) Kuba (S-1-5-21-3839221274-3043303846-3843884880-1000 - Administrator - Enabled) => C:\Users\Kuba ==================== Faulty Device Manager Devices ============= Name: Description: Class Guid: Manufacturer: Service: Problem: : The drivers for this device are not installed. (Code 28) Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard. Name: Teredo Tunneling Pseudo-Interface Description: Karta tunelowania Teredo firmy Microsoft Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318} Manufacturer: Microsoft Service: tunnel Problem: : This device cannot start. (Code10) Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device. On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard. ==================== Event log errors: ========================= Application errors: ================== Error: (01/24/2015 04:05:21 PM) (Source: SideBySide) (EventID: 33) (User: ) Description: Nie można wygenerować kontekstu aktywacji dla "Microsoft.VC80.MFC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"1". Nie można odnaleźć zestawu zależnego Microsoft.VC80.MFC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0". Użyj narzędzia sxstrace.exe, aby uzyskać szczegółową diagnozę. Error: (01/24/2015 04:04:54 PM) (Source: SideBySide) (EventID: 33) (User: ) Description: Nie można wygenerować kontekstu aktywacji dla "Microsoft.VC80.ATL,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50727.1833"1". Nie można odnaleźć zestawu zależnego Microsoft.VC80.ATL,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50727.1833". Użyj narzędzia sxstrace.exe, aby uzyskać szczegółową diagnozę. Error: (01/24/2015 06:59:56 AM) (Source: Application Error) (EventID: 1000) (User: ) Description: Nazwa aplikacji powodującej błąd: vidalia.exe, wersja: 0.2.15.0, sygnatura czasowa: 0x4ee17c86 Nazwa modułu powodującego błąd: unknown, wersja: 0.0.0.0, sygnatura czasowa: 0x00000000 Kod wyjątku: 0xc0000005 Przesunięcie błędu: 0x00000000 Identyfikator procesu powodującego błąd: 0xc54 Godzina uruchomienia aplikacji powodującej błąd: 0xvidalia.exe0 Ścieżka aplikacji powodującej błąd: vidalia.exe1 Ścieżka modułu powodującego błąd: vidalia.exe2 Identyfikator raportu: vidalia.exe3 Error: (01/24/2015 06:46:39 AM) (Source: SideBySide) (EventID: 33) (User: ) Description: Nie można wygenerować kontekstu aktywacji dla "Microsoft.VC80.MFC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"1". Nie można odnaleźć zestawu zależnego Microsoft.VC80.MFC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0". Użyj narzędzia sxstrace.exe, aby uzyskać szczegółową diagnozę. Error: (01/24/2015 06:46:18 AM) (Source: SideBySide) (EventID: 33) (User: ) Description: Nie można wygenerować kontekstu aktywacji dla "Microsoft.VC80.ATL,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50727.1833"1". Nie można odnaleźć zestawu zależnego Microsoft.VC80.ATL,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50727.1833". Użyj narzędzia sxstrace.exe, aby uzyskać szczegółową diagnozę. Error: (01/23/2015 10:35:13 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Nazwa aplikacji powodującej błąd: Rainmeter.exe, wersja: 2.5.0.1842, sygnatura czasowa: 0x514f1009 Nazwa modułu powodującego błąd: unknown, wersja: 0.0.0.0, sygnatura czasowa: 0x00000000 Kod wyjątku: 0xc0000005 Przesunięcie błędu: 0x0000000000288270 Identyfikator procesu powodującego błąd: 0xe64 Godzina uruchomienia aplikacji powodującej błąd: 0xRainmeter.exe0 Ścieżka aplikacji powodującej błąd: Rainmeter.exe1 Ścieżka modułu powodującego błąd: Rainmeter.exe2 Identyfikator raportu: Rainmeter.exe3 Error: (01/23/2015 06:44:22 PM) (Source: SideBySide) (EventID: 33) (User: ) Description: Nie można wygenerować kontekstu aktywacji dla "Microsoft.VC80.ATL,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50727.1833"1". Nie można odnaleźć zestawu zależnego Microsoft.VC80.ATL,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50727.1833". Użyj narzędzia sxstrace.exe, aby uzyskać szczegółową diagnozę. Error: (01/23/2015 06:44:22 PM) (Source: SideBySide) (EventID: 33) (User: ) Description: Nie można wygenerować kontekstu aktywacji dla "Microsoft.VC80.ATL,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50727.1833"1". Nie można odnaleźć zestawu zależnego Microsoft.VC80.ATL,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50727.1833". Użyj narzędzia sxstrace.exe, aby uzyskać szczegółową diagnozę. Error: (01/23/2015 06:43:18 PM) (Source: SideBySide) (EventID: 33) (User: ) Description: Nie można wygenerować kontekstu aktywacji dla "Microsoft.VC80.MFC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"1". Nie można odnaleźć zestawu zależnego Microsoft.VC80.MFC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0". Użyj narzędzia sxstrace.exe, aby uzyskać szczegółową diagnozę. Error: (01/23/2015 06:43:16 PM) (Source: SideBySide) (EventID: 33) (User: ) Description: Nie można wygenerować kontekstu aktywacji dla "Microsoft.VC80.MFC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"1". Nie można odnaleźć zestawu zależnego Microsoft.VC80.MFC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0". Użyj narzędzia sxstrace.exe, aby uzyskać szczegółową diagnozę. System errors: ============= Error: (01/24/2015 04:06:12 PM) (Source: Service Control Manager) (EventID: 7001) (User: ) Description: Usługa Grupowanie sieci równorzędnej zależy od usługi Protokół rozpoznawania nazw równorzędnych, której nie można uruchomić z powodu następującego błędu: %%-2140993535 Error: (01/24/2015 04:06:12 PM) (Source: Service Control Manager) (EventID: 7023) (User: ) Description: Usługa Protokół rozpoznawania nazw równorzędnych zakończyła działanie; wystąpił następujący błąd: %%-2140993535 Error: (01/24/2015 04:06:12 PM) (Source: Service Control Manager) (EventID: 7023) (User: ) Description: Usługa Protokół rozpoznawania nazw równorzędnych zakończyła działanie; wystąpił następujący błąd: %%-2140993535 Error: (01/24/2015 04:06:12 PM) (Source: Service Control Manager) (EventID: 7001) (User: ) Description: Usługa Grupowanie sieci równorzędnej zależy od usługi Protokół rozpoznawania nazw równorzędnych, której nie można uruchomić z powodu następującego błędu: %%-2140993535 Error: (01/24/2015 04:06:12 PM) (Source: PNRPSvc) (EventID: 102) (User: ) Description: 0x80630801 Error: (01/24/2015 04:06:12 PM) (Source: PNRPSvc) (EventID: 102) (User: ) Description: 0x80630801 Error: (01/24/2015 04:06:04 PM) (Source: Service Control Manager) (EventID: 7023) (User: ) Description: Usługa Protokół rozpoznawania nazw równorzędnych zakończyła działanie; wystąpił następujący błąd: %%-2140993535 Error: (01/24/2015 04:06:04 PM) (Source: Service Control Manager) (EventID: 7001) (User: ) Description: Usługa Grupowanie sieci równorzędnej zależy od usługi Protokół rozpoznawania nazw równorzędnych, której nie można uruchomić z powodu następującego błędu: %%-2140993535 Error: (01/24/2015 04:06:04 PM) (Source: PNRPSvc) (EventID: 102) (User: ) Description: 0x80630801 Error: (01/24/2015 04:04:54 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Nie można uruchomić usługi SQL Server (SQLEXPRESS) z powodu następującego błędu: %%14001 Microsoft Office Sessions: ========================= Error: (01/24/2015 04:05:21 PM) (Source: SideBySide) (EventID: 33) (User: ) Description: Microsoft.VC80.MFC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"C:\Program Files (x86)\Lenovo\YouCam\YouCamTray.exe.Manifest Error: (01/24/2015 04:04:54 PM) (Source: SideBySide) (EventID: 33) (User: ) Description: Microsoft.VC80.ATL,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50727.1833"c:\Program Files (x86)\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\sqlservr.exe Error: (01/24/2015 06:59:56 AM) (Source: Application Error) (EventID: 1000) (User: ) Description: vidalia.exe0.2.15.04ee17c86unknown0.0.0.000000000c000000500000000c5401d037991b9586fcC:\Program Files (x86)\Vidalia Bundle\Vidalia\vidalia.exeunknown384a6928-a38e-11e4-ae8f-c6cb3834b351 Error: (01/24/2015 06:46:39 AM) (Source: SideBySide) (EventID: 33) (User: ) Description: Microsoft.VC80.MFC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"C:\Program Files (x86)\Lenovo\YouCam\YouCamTray.exe.Manifest Error: (01/24/2015 06:46:18 AM) (Source: SideBySide) (EventID: 33) (User: ) Description: Microsoft.VC80.ATL,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50727.1833"c:\Program Files (x86)\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\sqlservr.exe Error: (01/23/2015 10:35:13 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Rainmeter.exe2.5.0.1842514f1009unknown0.0.0.000000000c00000050000000000288270e6401d037310429df9dC:\Program Files\Rainmeter\Rainmeter.exeunknownb605eaed-a347-11e4-b675-18f46af4d8fb Error: (01/23/2015 06:44:22 PM) (Source: SideBySide) (EventID: 33) (User: ) Description: Microsoft.VC80.ATL,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50727.1833"c:\Program Files (x86)\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\DCEXEC.EXE Error: (01/23/2015 06:44:22 PM) (Source: SideBySide) (EventID: 33) (User: ) Description: Microsoft.VC80.ATL,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50727.1833"c:\Program Files (x86)\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\sqlservr.exe Error: (01/23/2015 06:43:18 PM) (Source: SideBySide) (EventID: 33) (User: ) Description: Microsoft.VC80.MFC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"c:\Program Files (x86)\Lenovo\YouCam\YouCamTray.exe.Manifest Error: (01/23/2015 06:43:16 PM) (Source: SideBySide) (EventID: 33) (User: ) Description: Microsoft.VC80.MFC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"C:\Program Files (x86)\Lenovo\YouCam\YouCam.exe.Manifest CodeIntegrity Errors: =================================== Date: 2014-06-27 19:11:16.626 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\usbaapl64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2014-06-27 19:11:16.441 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\usbaapl64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2014-06-12 17:47:09.688 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\usbaapl64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2014-06-12 17:47:09.515 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\usbaapl64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2013-06-09 19:52:07.516 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2013-06-09 19:52:07.453 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2012-10-25 22:48:38.554 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Users\Kuba\AppData\Local\Temp\EverestDriver.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2012-10-25 22:48:38.498 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Users\Kuba\AppData\Local\Temp\EverestDriver.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2012-10-25 22:48:38.341 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\Lavalys\EVEREST Home Edition\kerneld.amd64 because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2012-10-25 22:48:38.292 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\Lavalys\EVEREST Home Edition\kerneld.amd64 because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. ==================== Memory info =========================== Processor: Intel(R) Core(TM) i5 CPU M 460 @ 2.53GHz Percentage of memory in use: 76% Total physical RAM: 3956.55 MB Available physical RAM: 924.95 MB Total Pagefile: 7911.29 MB Available Pagefile: 3210 MB Total Virtual: 8192 MB Available Virtual: 8191.83 MB ==================== Drives ================================ Drive c: (OPTS UTF8 OFF) (Fixed) (Total:420.33 GB) (Free:193.76 GB) NTFS Drive d: (LENOVO) (Fixed) (Total:30.48 GB) (Free:26.25 GB) NTFS Drive e: (ASSASSINS_CREED) (CDROM) (Total:7.96 GB) (Free:0 GB) UDF ==================== MBR & Partition Table ================== ======================================================== Disk: 0 (MBR Code: Windows 7 or Vista) (Size: 465.8 GB) (Disk ID: C3FFC3FF) Partition 1: (Active) - (Size=200 MB) - (Type=07 NTFS) Partition 2: (Not Active) - (Size=420.3 GB) - (Type=07 NTFS) Partition 3: (Not Active) - (Size=30.5 GB) - (Type=OF Extended) Partition 4: (Not Active) - (Size=14.8 GB) - (Type=12) ==================== End Of Log ============================