Additional scan result of Farbar Recovery Scan Tool (x64) Version: 18-02-2015 01 Ran by ALEKSANDRA at 2015-02-20 00:46:57 Running from C:\Users\ALEKSANDRA\Downloads Boot Mode: Normal ========================================================== ==================== Security Center ======================== (If an entry is included in the fixlist, it will be removed.) AV: Microsoft Security Essentials (Enabled - Up to date) {108DAC43-C256-20B7-BB05-914135DA5160} AS: Microsoft Security Essentials (Enabled - Up to date) {ABEC4DA7-E46C-2F39-81B5-AA334E5D1BDD} AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} ==================== Installed Programs ====================== (Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.) µTorrent (HKU\S-1-5-21-1941029217-1621239754-420919328-1000\...\uTorrent) (Version: 3.4.1.30888 - BitTorrent Inc.) 7-Zip 9.20 (HKLM-x32\...\7-Zip) (Version: - ) Adobe Flash Player 16 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 16.0.0.305 - Adobe Systems Incorporated) Adobe Flash Player 16 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 16.0.0.305 - Adobe Systems Incorporated) Adobe Reader 9.4.0 - Polish (HKLM-x32\...\{AC76BA86-7AD7-1045-7B44-A94000000001}) (Version: 9.4.0 - Adobe Systems Incorporated) Akamai NetSession Interface (HKU\S-1-5-21-1941029217-1621239754-420919328-1000\...\Akamai) (Version: - Akamai Technologies, Inc) Aktualizacja produktu Microsoft Office Excel 2007 Help (KB963678) (HKLM-x32\...\{90120000-0016-0415-0000-0000000FF1CE}_ENTERPRISE_{04E205D6-88B1-4652-B162-42DF2C3B1228}) (Version: - Microsoft) Aktualizacja produktu Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM-x32\...\{90120000-0018-0415-0000-0000000FF1CE}_ENTERPRISE_{442ECBCF-94A7-48CC-8CD9-D31FFFD5FA86}) (Version: - Microsoft) Aktualizacja produktu Microsoft Office Word 2007 Help (KB963665) (HKLM-x32\...\{90120000-001B-0415-0000-0000000FF1CE}_ENTERPRISE_{128A36ED-21BE-4547-9FFE-5B85AEC735DD}) (Version: - Microsoft) CDex - Open Source Digital Audio CD Extractor (HKLM-x32\...\CDex) (Version: 1.70.4.2009 - Georgy Berdyshev) ChomikBox (HKLM-x32\...\{26050F54-3928-4D9C-849A-C48A9E831E6F}) (Version: 2.0.5.0 - Chomikuj.pl) D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden DAEMON Tools Lite (HKLM-x32\...\DAEMON Tools Lite) (Version: 4.48.1.0347 - Disc Soft Ltd) Detektor Winampa (HKU\S-1-5-21-1941029217-1621239754-420919328-1000\...\Winamp Detect) (Version: 1.0.0.1 - Nullsoft, Inc) Facebook Video Calling 3.1.0.521 (HKLM-x32\...\{2091F234-EB58-4B80-8C96-8EB78C808CF7}) (Version: 3.1.521 - Skype Limited) Formant ActiveX programu Windows Live Mesh odpowiedzialny za obsługę połączeń zdalnych (HKLM-x32\...\{B04A0E2F-1E4C-4E61-B18E-3B2BD6779CA7}) (Version: 15.4.5722.2 - Microsoft Corporation) FoxTab PDF Reader (HKU\S-1-5-21-1941029217-1621239754-420919328-1000\...\FoxTab PDF Reader) (Version: - ) <==== ATTENTION Gadu-Gadu 10 (HKLM-x32\...\Gadu-Gadu 10) (Version: - GG Network S.A.) Galeria fotografii usługi Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Google Chrome (HKLM-x32\...\Google Chrome) (Version: 40.0.2214.111 - Google Inc.) Google Update Helper (x32 Version: 1.3.26.9 - Google Inc.) Hidden High-Definition Video Playback (x32 Version: 7.3.10900.8.0 - Nero AG) Hidden Intel(R) Graphics Media Accelerator Driver (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 8.15.10.2189 - Intel Corporation) Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 6.0.0.1179 - Intel Corporation) Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 9.5.7.1002 - Intel Corporation) Internet Manager (HKLM-x32\...\Internet Manager) (Version: 22.001.18.05.49 - Huawei Technologies Co.,Ltd) ipla 2.4 (HKLM-x32\...\ipla) (Version: 2.4 - Redefine Sp z o.o.) Java(TM) 6 Update 22 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83216022F0}) (Version: 6.0.220 - Oracle) Java(TM) 6 Update 31 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83216031FF}) (Version: 6.0.310 - Oracle) Java(TM) 7 Update 4 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217004FF}) (Version: 7.0.40 - Oracle) JavaFX 2.1.0 (HKLM-x32\...\{1111706F-666A-4037-7777-210328764D10}) (Version: 2.1.0 - Oracle Corporation) Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden K-Lite Codec Pack 8.6.0 (Full) (HKLM-x32\...\KLiteCodecPack_is1) (Version: 8.6.0 - ) Mesh Runtime (x32 Version: 15.4.5722.2 - Microsoft Corporation) Hidden Microsoft .NET Framework 4 Client Profile (HKLM\...\Microsoft .NET Framework 4 Client Profile) (Version: 4.0.30319 - Microsoft Corporation) Microsoft .NET Framework 4 Extended (HKLM\...\Microsoft .NET Framework 4 Extended) (Version: 4.0.30319 - Microsoft Corporation) Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft) Microsoft Office Enterprise 2007 (HKLM-x32\...\ENTERPRISE) (Version: 12.0.6612.1000 - Microsoft Corporation) Microsoft PowerPoint Viewer (HKLM-x32\...\{95140000-00AF-0415-0000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation) Microsoft Primary Interoperability Assemblies 2005 (HKLM-x32\...\{2C303EE0-A595-3543-A71A-931C7AC40EDE}) (Version: 9.0.21022 - Microsoft Corporation) Microsoft Security Essentials (HKLM\...\Microsoft Security Client) (Version: 2.1.1116.0 - Microsoft Corporation) Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation) Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Mozilla Firefox 33.1.1 (x86 pl) (HKLM-x32\...\Mozilla Firefox 33.1.1 (x86 pl)) (Version: 33.1.1 - Mozilla) Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 29.0.1 - Mozilla) MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation) MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation) NapiProjekt (2.0.0.2151) (HKLM-x32\...\NapiProjekt_is1) (Version: - ) Nero BackItUp 10 (HKLM-x32\...\{68AB6930-5BFF-4FF6-923B-516A91984FE6}) (Version: 5.8.10900.8.100 - Nero AG) Nero BurnRights 10 (HKLM-x32\...\{943CFD7D-5336-47AF-9418-E02473A5A517}) (Version: 4.4.10400.2.100 - Nero AG) Nero Express 10 (HKLM-x32\...\{70550193-1C22-445C-8FA4-564E155DB1A7}) (Version: 10.6.10700.5.100 - Nero AG) Nero Kwik Media (HKLM-x32\...\{1F7D9F37-C39C-486C-BDF8-8F440FFB3352}) (Version: 1.6.15100.59.100 - Nero AG) Nero Multimedia Suite 10 Essentials (HKLM-x32\...\{2063D199-D79F-471A-9019-9E647296394D}) (Version: 10.6.10300 - Nero AG) Nero RescueAgent 10 (HKLM-x32\...\{E337E787-CF61-4B7B-B84F-509202A54023}) (Version: 3.6.10500.3.100 - Nero AG) Nero StartSmart 10 (HKLM-x32\...\{F61D489E-6C44-49AC-AD02-7DA8ACA73A65}) (Version: 10.6.10500.3.100 - Nero AG) Nero Update (HKLM-x32\...\{65BB0407-4CC8-4DC7-952E-3EEFDF05602A}) (Version: 1.0.10900.31.0 - Nero AG) OpenOffice.org 3.3 (HKLM-x32\...\{EB87675F-5281-4767-A54B-31931794C23D}) (Version: 3.3.9567 - OpenOffice.org) PDF Creator (HKLM\...\PDF Creator) (Version: - ) PLAY ONLINE (HKLM-x32\...\PLAY ONLINE) (Version: 21.005.11.14.264 - Huawei Technologies Co.,Ltd) PlayReady PC Runtime amd64 (HKLM\...\{BCA9334F-B6C9-4F65-9A73-AC5A329A4D04}) (Version: 1.3.0 - Microsoft Corporation) Poczta usługi Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Podstawowe programy Windows Live (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3538.0513 - Microsoft Corporation) Podstawowe programy Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Program TOSHIBA HDD/SSD Alert (HKLM-x32\...\InstallShield_{D4322448-B6AF-4316-B859-D8A0E84DCB38}) (Version: 3.1.64.6 - TOSHIBA Corporation) Program TOSHIBA HDD/SSD Alert (Version: 3.1.64.6 - TOSHIBA Corporation) Hidden Program TOSHIBA HDD/SSD Alert (x32 Version: 3.1.64.6 - TOSHIBA Corporation) Hidden Realtek Ethernet Controller Driver For Windows 7 (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.23.623.2010 - Realtek) Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6167 - Realtek Semiconductor Corp.) Realtek USB 2.0 Card Reader (HKLM-x32\...\{96AE7E41-E34E-47D0-AC07-1091A8127911}) (Version: 6.1.7600.30111 - Realtek Semiconductor Corp.) Realtek WLAN Driver (HKLM-x32\...\{9D3D8C60-A55F-4fed-B2B9-173001290E16}) (Version: 2.00.0013 - REALTEK Semiconductor Corp.) Skype Click to Call (HKLM-x32\...\{6D1221A9-17BF-4EC0-81F2-27D30EC30701}) (Version: 7.3.16540.9015 - Microsoft Corporation) Skype™ 7.0 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.0.102 - Skype Technologies S.A.) Sprzęt instalacyjny TOSHIBA (HKLM-x32\...\InstallShield_{5279374D-87FE-4879-9385-F17278EBB9D3}) (Version: 1.63.0.30C - TOSHIBA CORPORATION) SpyHunter 4 (HKLM-x32\...\SpyHunter) (Version: 4.18.9.4384 - Enigma Software Group, LLC) Super Mario 3 : Mario Forever (HKLM-x32\...\Super Mario 3 : Mario Forever) (Version: - ) SweetIM for Messenger 3.6 (HKLM-x32\...\{0965F857-DAAD-4F93-8054-0E2EC3C8C5B0}) (Version: 3.6.0008 - SweetIM Technologies Ltd.) <==== ATTENTION Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 15.0.8.1 - Synaptics Incorporated) The Sims™ 3 (HKLM-x32\...\{C05D8CDB-417D-4335-A38C-A0659EDFD6B8}) (Version: 1.0.615 - Electronic Arts) TOSHIBA Assist (HKLM-x32\...\{C2A276E3-154E-44DC-AAF1-FFDD7FD30E35}) (Version: 4.01.00 - TOSHIBA CORPORATION) TOSHIBA Bulletin Board (HKLM-x32\...\InstallShield_{43DBC64B-3DD1-47E2-8788-D3C3B110C574}) (Version: 2.1.10.64 - TOSHIBA Corporation) TOSHIBA ConfigFree (HKLM-x32\...\{38C52F7D-A6CB-4CE7-A189-8AABE8774D8A}) (Version: 8.0.38 - TOSHIBA CORPORATION) TOSHIBA Disc Creator (HKLM\...\{5DA0E02F-970B-424B-BF41-513A5018E4C0}) (Version: 2.1.0.2 for x64 - TOSHIBA Corporation) TOSHIBA Face Recognition (HKLM-x32\...\InstallShield_{F67FA545-D8E5-4209-86B1-AEE045D1003F}) (Version: 3.1.3.64 - TOSHIBA Corporation) TOSHIBA Flash Cards Support Utility (HKLM-x32\...\InstallShield_{620BBA5E-F848-4D56-8BDA-584E44584C5E}) (Version: 1.63.0.11C - TOSHIBA CORPORATION) TOSHIBA Hasło administratora (HKLM-x32\...\InstallShield_{51B4E156-14A5-4904-9AE4-B1AA2A0E46BE}) (Version: 1.63.0.10C - TOSHIBA CORPORATION) Toshiba Manuals (HKLM-x32\...\{90FF4432-21B7-4AF6-BA6E-FB8C1FED9173}) (Version: 10.02 - TOSHIBA) TOSHIBA Media Controller (HKLM-x32\...\{983CD6FE-8320-4B80-A8F6-0D0366E0AA22}) (Version: 1.0.80.8.64 - TOSHIBA CORPORATION) TOSHIBA Media Controller Plug-in (HKLM-x32\...\{F26FDF57-483E-42C8-A9C9-EEE1EDB256E0}) (Version: 1.0.5.11 - TOSHIBA CORPORATION) TOSHIBA Online Product Information (HKLM-x32\...\{2290A680-4083-410A-ADCC-7092C67FC052}) (Version: 4.01.0000 - TOSHIBA) TOSHIBA Places Icon Utility (HKLM-x32\...\{461F6F0D-7173-4902-9604-AB1A29108AF2}) (Version: 1.0.2.4 - TOSHIBA) TOSHIBA Recovery Media Creator (HKLM\...\{B65BBB06-1F8E-48F5-8A54-B024A9E15FDF}) (Version: 2.1.0.5 x64 - TOSHIBA Corporation) TOSHIBA Recovery Media Creator Reminder (HKLM-x32\...\InstallShield_{773970F1-5EBA-4474-ADEE-1EA3B0A59492}) (Version: 1.00.0019 - TOSHIBA) TOSHIBA ReelTime (HKLM-x32\...\InstallShield_{24811C12-F4A9-4D0F-8494-A7B8FE46123C}) (Version: 1.7.17.64 - TOSHIBA Corporation) TOSHIBA Service Station (HKLM-x32\...\{AC6569FA-6919-442A-8552-073BE69E247A}) (Version: 2.1.40 - TOSHIBA) TOSHIBA TEMPRO (HKLM-x32\...\{F082CB11-4794-4259-99A1-D91BA762AD15}) (Version: 3.35 - Toshiba Europe GmbH) TOSHIBA Value Added Package (HKLM-x32\...\InstallShield_{066CFFF8-12BF-4390-A673-75F95EFF188E}) (Version: 1.3.19.64 - TOSHIBA Corporation) TOSHIBA Web Camera Application (HKLM-x32\...\InstallShield_{6F3C8901-EBD3-470D-87F8-AC210F6E5E02}) (Version: 2.0.1.5 - TOSHIBA Corporation) TOSHIBA Wireless LAN Indicator (HKLM-x32\...\{5BA99779-6E12-49EF-BE49-F35B1EDB4DF9}) (Version: 1.0.4 - TOSHIBA CORPORATION) TRORMCLauncher (HKLM-x32\...\InstallShield_{E65C7D8E-186D-484B-BEA8-DEF0331CE600}) (Version: - ) TRORMCLauncher (Version: 1.0.0.10 - TOSHIBA) Hidden Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft) Update Manager for SweetPacks 1.0 (HKLM-x32\...\{FB697452-8CA4-46B4-98B1-165C922A2EF3}) (Version: 1.0.0005 - SweetIM Technologies Ltd.) <==== ATTENTION Utility Common Driver (x32 Version: 1.0.52.2C - TOSHIBA) Hidden Wiedźmin 2 (HKLM-x32\...\{F0A209B7-7F85-4BDD-8F1F-B98EEAD9E04B}) (Version: 1.00.0000 - CD Projekt Red) Winamp (HKLM-x32\...\Winamp) (Version: 5.64 - Nullsoft, Inc) WinRAR 4.10 (32-bit) (HKLM-x32\...\WinRAR archiver) (Version: 4.10.0 - win.rar GmbH) World of Tanks (HKLM-x32\...\{1EAC1D02-C6AC-4FA6-9A44-96258C37C812EU}_is1) (Version: - Wargaming.net) YTD Video Downloader 4.3 (HKLM-x32\...\{1a413f37-ed88-4fec-9666-5c48dc4b7bb7}) (Version: 4.3 - GreenTree Applications SRL) <==== ATTENTION ==================== Custom CLSID (selected items): ========================== (If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.) ==================== Restore Points ========================= 18-02-2015 19:14:00 Windows Update 18-02-2015 19:15:20 Usunięto: AVG PC TuneUp 2014 18-02-2015 19:16:01 Usunięto: AVG PC TuneUp 2014 (pl-PL) 18-02-2015 19:30:25 Windows Update 19-02-2015 05:57:07 Windows Update 19-02-2015 07:04:50 Windows Update 19-02-2015 07:59:19 Windows Update 19-02-2015 19:43:15 Windows Update ==================== Hosts content: ========================== (If needed Hosts: directive could be included in the fixlist to reset Hosts.) 2009-07-14 03:34 - 2009-06-10 22:00 - 00000824 ____N C:\Windows\system32\Drivers\etc\hosts ==================== Scheduled Tasks (whitelisted) ============= (If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.) Task: {0591D8C2-1230-483F-8E07-25282BA9AD9E} - System32\Tasks\{053A3232-8627-4376-9855-ED352F3EEFA2} => Firefox.exe http://ui.skype.com/ui/0/5.10.0.116/pl/abandoninstall?page=tsProgressBar Task: {0C6CF301-F354-464D-8AD4-FDD8B3B777AE} - System32\Tasks\Microsoft\Microsoft Antimalware\MpIdleTask => C:\Program Files\Microsoft Security Client\Antimalware\MpCmdRun.exe [2011-04-27] (Microsoft Corporation) Task: {1E04E71B-0FBE-48BB-B23B-832AAD236970} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-1941029217-1621239754-420919328-1000Core => C:\Users\ALEKSANDRA\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-09-12] (Facebook Inc.) Task: {3399EEF8-75F7-4188-81E6-C956C27EBFBE} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-1941029217-1621239754-420919328-1000UA => C:\Users\ALEKSANDRA\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-09-12] (Facebook Inc.) Task: {38A75E1E-1A9D-404A-81BD-8E644A7966CE} - System32\Tasks\{0D06F980-7FB8-4AA8-A50C-FCA657668871} => pcalua.exe -a "C:\Program Files (x86)\PLAY ONLINE\uninst.exe" Task: {52DF3204-16B5-4768-BDBC-63818244E3DD} - System32\Tasks\ConfigFree Startup Programs => C:\Program Files (x86)\TOSHIBA\ConfigFree\NDSTray.exe [2010-12-03] (TOSHIBA CORPORATION) Task: {60417DCC-9FF6-48FE-9C63-1297374A88F9} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-11-09] (Google Inc.) Task: {67E41725-63D5-4770-A5D8-146A6616813D} - System32\Tasks\DealPly => C:\Users\ALEKSA~1\AppData\Roaming\Dealply\UPDATE~1\UPDATE~1.EXE <==== ATTENTION Task: {7BE620AA-0B07-47F3-A0A9-40382B4A788B} - System32\Tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask => Sc.exe start osppsvc Task: {7C32FD8E-4770-41B1-B49F-AB848053C75B} - System32\Tasks\Microsoft\Microsoft Antimalware\MP Scheduled Scan => C:\Program Files\Microsoft Security Client\Antimalware\MpCmdRun.exe [2011-04-27] (Microsoft Corporation) Task: {7DB7291E-EADC-4D4D-83B6-791B6A608B83} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-02-08] (Adobe Systems Incorporated) Task: {A3FB61EF-6C2D-4B20-B8DA-55941E3AACCE} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-11-09] (Google Inc.) Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe Task: C:\Windows\Tasks\Dealply.job => C:\Users\ALEKSA~1\AppData\Roaming\Dealply\UPDATE~1\UPDATE~1.EXE <==== ATTENTION Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1941029217-1621239754-420919328-1000Core.job => C:\Users\ALEKSANDRA\AppData\Local\Facebook\Update\FacebookUpdate.exe Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1941029217-1621239754-420919328-1000UA.job => C:\Users\ALEKSANDRA\AppData\Local\Facebook\Update\FacebookUpdate.exe Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe ==================== Loaded Modules (whitelisted) ============== 2012-04-21 13:56 - 2011-10-04 21:43 - 00087552 _____ () C:\Windows\System32\custmon64i.dll 2011-03-14 16:27 - 2011-03-14 16:27 - 00346976 _____ () C:\ProgramData\DatacardService\HWDeviceService64.exe 2012-02-22 15:37 - 2012-02-02 14:30 - 00224096 _____ () C:\ProgramData\OnlineUpdate\ouc.exe 2012-11-16 21:55 - 2012-11-16 21:53 - 00246112 _____ () C:\ProgramData\PLAY ONLINE\OnlineUpdate\ouc.exe 2012-02-11 15:47 - 2012-01-09 19:44 - 00193536 _____ () C:\Program Files (x86)\WinRAR\rarext64.dll 2010-04-07 16:07 - 2010-04-07 16:07 - 09468728 _____ () C:\Program Files\TOSHIBA\FlashCards\BlackPng.dll 2009-11-03 13:26 - 2009-11-03 13:26 - 00053560 _____ () C:\Program Files\TOSHIBA\FlashCards\Hotkey\FnZ.dll 2010-03-03 14:15 - 2010-03-03 14:15 - 00019256 _____ () C:\Program Files\TOSHIBA\FlashCards\Hotkey\FnF10.dll 2010-03-03 14:15 - 2010-03-03 14:15 - 00019256 _____ () C:\Program Files\TOSHIBA\FlashCards\Hotkey\FnF11.dll 2011-08-04 09:00 - 2010-08-31 14:21 - 00017272 _____ () C:\Program Files\TOSHIBA\TOSHIBA Assist\NotifyX.dll 2009-03-12 19:08 - 2009-03-12 19:08 - 00048640 _____ () C:\Program Files (x86)\Toshiba\PCDiag\NotifyPCD.dll 2009-07-25 16:38 - 2009-07-25 16:38 - 00017800 _____ () C:\Program Files\TOSHIBA\TOSHIBA Disc Creator\NotifyTDC.dll 2011-08-04 09:11 - 2011-02-18 13:08 - 00564600 _____ () C:\Program Files (x86)\TOSHIBA\TOSHIBA Online Product Information\pl\Humphrey.resources.dll 2011-08-04 09:26 - 2011-04-21 09:58 - 00013184 _____ () C:\Program Files\TOSHIBA\TOSHIBA Places Icon Utility\pl\TosDILangPack.resources.dll 2011-08-04 09:26 - 2011-04-21 09:57 - 00063360 _____ () C:\Program Files\TOSHIBA\TOSHIBA Places Icon Utility\TosDIInternal.XmlSerializers.dll 2010-02-05 17:44 - 2010-02-05 17:44 - 00079192 _____ () C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosIPCWraper.dll 2012-02-22 15:37 - 2012-02-02 14:30 - 00011362 _____ () C:\ProgramData\OnlineUpdate\mingwm10.dll 2012-02-22 15:37 - 2012-02-02 14:30 - 00043008 _____ () C:\ProgramData\OnlineUpdate\libgcc_s_dw2-1.dll 2012-02-22 15:37 - 2012-02-02 14:30 - 02415104 _____ () C:\ProgramData\OnlineUpdate\QtCore4.dll 2012-02-22 15:37 - 2012-02-02 14:30 - 01148416 _____ () C:\ProgramData\OnlineUpdate\QtNetwork4.dll 2012-11-16 21:55 - 2012-11-16 21:53 - 00011362 _____ () C:\ProgramData\PLAY ONLINE\OnlineUpdate\mingwm10.dll 2012-11-16 21:55 - 2012-11-16 21:53 - 00043008 _____ () C:\ProgramData\PLAY ONLINE\OnlineUpdate\libgcc_s_dw2-1.dll 2012-11-16 21:55 - 2012-11-16 21:53 - 02415104 _____ () C:\ProgramData\PLAY ONLINE\OnlineUpdate\QtCore4.dll 2012-11-16 21:55 - 2012-11-16 21:53 - 01148416 _____ () C:\ProgramData\PLAY ONLINE\OnlineUpdate\QtNetwork4.dll 2012-11-16 21:55 - 2012-11-16 21:53 - 00384512 _____ () C:\ProgramData\PLAY ONLINE\OnlineUpdate\QueryStrategy.dll 2012-11-16 21:55 - 2012-11-16 21:53 - 00398336 _____ () C:\ProgramData\PLAY ONLINE\OnlineUpdate\QtXml4.dll 2015-02-08 14:48 - 2015-02-04 10:02 - 01117512 _____ () C:\Program Files (x86)\Google\Chrome\Application\40.0.2214.111\libglesv2.dll 2015-02-08 14:48 - 2015-02-04 10:02 - 00211272 _____ () C:\Program Files (x86)\Google\Chrome\Application\40.0.2214.111\libegl.dll 2015-02-08 14:48 - 2015-02-04 10:02 - 09170760 _____ () C:\Program Files (x86)\Google\Chrome\Application\40.0.2214.111\pdf.dll ==================== Alternate Data Streams (whitelisted) ========= (If an entry is included in the fixlist, only the Alternate Data Streams will be removed.) ==================== Safe Mode (whitelisted) =================== (If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.) ==================== EXE Association (whitelisted) =============== (If an entry is included in the fixlist, the default will be restored. None default entries will be removed.) ==================== Other Areas ============================ (Currently there is no automatic fix for this section.) HKU\S-1-5-21-1941029217-1621239754-420919328-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\ALEKSANDRA\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg DNS Servers: 172.20.10.1 ==================== MSCONFIG/TASK MANAGER disabled items == (Currently there is no automatic fix for this section.) MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^McAfee Security Scan Plus.lnk => C:\Windows\pss\McAfee Security Scan Plus.lnk.CommonStartup MSCONFIG\startupfolder: C:^Users^ALEKSANDRA^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^OpenOffice.org 3.3.lnk => C:\Windows\pss\OpenOffice.org 3.3.lnk.Startup MSCONFIG\startupreg: Adobe ARM => "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" MSCONFIG\startupreg: Adobe Reader Speed Launcher => "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe" MSCONFIG\startupreg: Aeria Ignite => "C:\Program Files (x86)\Aeria Games\Ignite\aeriaignite.exe" silent MSCONFIG\startupreg: Akamai NetSession Interface => "C:\Users\ALEKSANDRA\AppData\Local\Akamai\netsession_win.exe" MSCONFIG\startupreg: ApnTBMon => "C:\Program Files (x86)\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe" MSCONFIG\startupreg: ChomikBox => C:\Program Files (x86)\ChomikBox\chomikbox.exe MSCONFIG\startupreg: DAEMON Tools Lite => "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun MSCONFIG\startupreg: EA Core => "C:\Program Files (x86)\Electronic Arts\EADM\Core.exe" -silent MSCONFIG\startupreg: Facebook Update => "C:\Users\ALEKSANDRA\AppData\Local\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver MSCONFIG\startupreg: Gadu-Gadu 10 => "C:\Program Files (x86)\Gadu-Gadu 10\gg.exe" MSCONFIG\startupreg: GrooveMonitor => "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe" MSCONFIG\startupreg: HWSetup => C:\Program Files\TOSHIBA\Utilities\HWSetup.exe hwSetUP MSCONFIG\startupreg: IPLA! => C:\Program Files (x86)\ipla\ipla.exe /autorun MSCONFIG\startupreg: KeNotify => "C:\Program Files (x86)\TOSHIBA\Utilities\KeNotify.exe" LPCM MSCONFIG\startupreg: mcui_exe => "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey MSCONFIG\startupreg: mobilegeni daemon => C:\Program Files (x86)\Mobogenie\DaemonProcess.exe MSCONFIG\startupreg: NBAgent => "c:\Program Files (x86)\Nero\Nero 10\Nero BackItUp\NBAgent.exe" /WinStart MSCONFIG\startupreg: NextLive => C:\Windows\SysWOW64\rundll32.exe "C:\Users\ALEKSANDRA\AppData\Roaming\newnext.me\nengine.dll",EntryPoint -m l MSCONFIG\startupreg: Skype => "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun MSCONFIG\startupreg: SmartFaceVWatcher => %ProgramFiles%\Toshiba\SmartFaceV\SmartFaceVWatcher.exe MSCONFIG\startupreg: SunJavaUpdateSched => "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" MSCONFIG\startupreg: SVPWUTIL => C:\Program Files (x86)\TOSHIBA\Utilities\SVPWUTIL.exe SVPwUTIL MSCONFIG\startupreg: SweetIM => C:\Program Files (x86)\SweetIM\Messenger\SweetIM.exe MSCONFIG\startupreg: Sweetpacks Communicator => C:\Program Files (x86)\SweetIM\Communicator\SweetPacksUpdateManager.exe MSCONFIG\startupreg: SynTPEnh => %ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe MSCONFIG\startupreg: Toshiba Registration => C:\Program Files\TOSHIBA\Registration\ToshibaReminder.exe MSCONFIG\startupreg: Toshiba TEMPRO => C:\Program Files (x86)\Toshiba TEMPRO\TemproTray.exe MSCONFIG\startupreg: ToshibaServiceStation => C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe /hide:60 MSCONFIG\startupreg: TosNC => %ProgramFiles%\Toshiba\BulletinBoard\TosNcCore.exe MSCONFIG\startupreg: TosReelTimeMonitor => %ProgramFiles%\TOSHIBA\ReelTime\TosReelTimeMonitor.exe MSCONFIG\startupreg: TPwrMain => %ProgramFiles%\TOSHIBA\Power Saver\TPwrMain.EXE MSCONFIG\startupreg: uTorrent => "C:\Users\ALEKSANDRA\AppData\Roaming\uTorrent\uTorrent.exe" /MINIMIZED ==================== Accounts: ============================= Administrator (S-1-5-21-1941029217-1621239754-420919328-500 - Administrator - Disabled) ALEKSANDRA (S-1-5-21-1941029217-1621239754-420919328-1000 - Administrator - Enabled) => C:\Users\ALEKSANDRA Gość (S-1-5-21-1941029217-1621239754-420919328-501 - Limited - Disabled) HomeGroupUser$ (S-1-5-21-1941029217-1621239754-420919328-1002 - Limited - Enabled) ==================== Faulty Device Manager Devices ============= Name: F06DEFF2-5B9C-490D-910F-35D3A9119622 Description: F06DEFF2-5B9C-490D-910F-35D3A9119622 Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1} Manufacturer: Service: F06DEFF2-5B9C-490D-910F-35D3A9119622 Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24) Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed. Devices stay in this state if they have been prepared for removal. After you remove the device, this error disappears.Remove the device, and this error should be resolved. Name: Teredo Tunneling Pseudo-Interface Description: Karta tunelowania Teredo firmy Microsoft Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318} Manufacturer: Microsoft Service: tunnel Problem: : This device cannot start. (Code10) Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device. On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard. ==================== Event log errors: ========================= Application errors: ================== Error: (02/20/2015 00:43:11 AM) (Source: SideBySide) (EventID: 72) (User: ) Description: Nie można wygenerować kontekstu aktywacji dla "imaging1". Błąd w pliku manifestu lub w pliku zasad "imaging2" w wierszu imaging3. Element imaging jest elementem podrzędnym elementu urn:schemas-microsoft-com:asm.v1^assembly, co nie jest obsługiwane w tej wersji systemu Windows. Error: (02/20/2015 00:38:06 AM) (Source: Microsoft-Windows-Defrag) (EventID: 257) (User: ) Description: Wolumin WINDOWS (C:) nie został zdefragmentowany, ponieważ wykryto błąd: Dla tego woluminu jest ustawiony bit zanieczyszczenia. (0x89000015) Error: (02/19/2015 11:48:10 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3011) (User: ZARZĄDZANIE NT) Description: Nie można usunąć z pamięci ciągów licznika wydajności dla usługi WmiApRpl (WmiApRpl). Pierwszy wpis DWORD w sekcji danych (Data) zawiera kod błędu. Error: (02/19/2015 11:48:10 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3012) (User: ZARZĄDZANIE NT) Description: Ciągi wydajności w wartości rejestru wydajności są uszkodzone, kiedy proces wykonuje następującą operację na dostawcy licznika rozszerzeń: Performance. Wartość BaseIndex z rejestru wydajności to pierwszy wpis DWORD w sekcji danych Data, wartość LastCounter to drugi wpis DWORD, a wartość LastHelp to trzeci wpis DWORD w sekcji Data. Error: (02/19/2015 11:48:09 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3012) (User: ZARZĄDZANIE NT) Description: Ciągi wydajności w wartości rejestru wydajności są uszkodzone, kiedy proces wykonuje następującą operację na dostawcy licznika rozszerzeń: Performance. Wartość BaseIndex z rejestru wydajności to pierwszy wpis DWORD w sekcji danych Data, wartość LastCounter to drugi wpis DWORD, a wartość LastHelp to trzeci wpis DWORD w sekcji Data. Error: (02/19/2015 11:37:50 PM) (Source: SideBySide) (EventID: 80) (User: ) Description: Nie można wygenerować kontekstu aktywacji dla „C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1”. Błąd w pliku manifestu lub w pliku zasad „C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2” w wierszu C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3. Wersja składnika wymagana przez aplikację powoduje konflikt z inną wersją składnika, która jest już aktywna. Składniki powodujące konflikt: Składnik 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest. Składnik 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest. Error: (02/19/2015 11:37:40 PM) (Source: SideBySide) (EventID: 59) (User: ) Description: Nie można wygenerować kontekstu aktywacji dla "1". Błąd w pliku manifestu lub w pliku zasad "2" w wierszu 3. Nieprawidłowa składnia XML. Error: (02/19/2015 11:35:40 PM) (Source: SideBySide) (EventID: 59) (User: ) Description: Nie można wygenerować kontekstu aktywacji dla "1". Błąd w pliku manifestu lub w pliku zasad "2" w wierszu 3. Nieprawidłowa składnia XML. Error: (02/19/2015 10:46:46 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3011) (User: ZARZĄDZANIE NT) Description: Nie można usunąć z pamięci ciągów licznika wydajności dla usługi WmiApRpl (WmiApRpl). Pierwszy wpis DWORD w sekcji danych (Data) zawiera kod błędu. Error: (02/19/2015 10:46:46 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3012) (User: ZARZĄDZANIE NT) Description: Ciągi wydajności w wartości rejestru wydajności są uszkodzone, kiedy proces wykonuje następującą operację na dostawcy licznika rozszerzeń: Performance. Wartość BaseIndex z rejestru wydajności to pierwszy wpis DWORD w sekcji danych Data, wartość LastCounter to drugi wpis DWORD, a wartość LastHelp to trzeci wpis DWORD w sekcji Data. System errors: ============= Error: (02/20/2015 00:35:22 AM) (Source: Ntfs) (EventID: 55) (User: ) Description: Struktura systemu plików na dysku jest uszkodzona i nie nadaje się do użytku. Uruchom narzędzie chkdsk na woluminie WINDOWS. Error: (02/19/2015 10:53:09 PM) (Source: Microsoft Antimalware) (EventID: 2001) (User: ) Description: Program %ZARZĄDZANIE NT60 napotkał błąd podczas próby aktualizacji podpisów. Nowa wersja podpisu: Poprzednia wersja podpisu: 1.193.185.0 Źródło aktualizacji: %ZARZĄDZANIE NT59 Etap aktualizacji 3.0.8402.00 Ścieżka źródła: 3.0.8402.01 Typ podpisu: %ZARZĄDZANIE NT602 Typ aktualizacji: %ZARZĄDZANIE NT604 Użytkownik: ZARZĄDZANIE NT\SYSTEM Bieżąca wersja aparatu: %ZARZĄDZANIE NT605 Poprzednia wersja aparatu: %ZARZĄDZANIE NT606 Kod błędu: %ZARZĄDZANIE NT607 Opis błędu: %ZARZĄDZANIE NT608 Error: (02/19/2015 10:42:32 PM) (Source: Service Control Manager) (EventID: 7026) (User: ) Description: Nie można załadować następujących sterowników startu rozruchowego lub systemowego: F06DEFF2-5B9C-490D-910F-35D3A9119622 Error: (02/19/2015 10:42:31 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Nie można uruchomić usługi PLAY ONLINE. OUC z powodu następującego błędu: %%1053 Error: (02/19/2015 10:42:31 PM) (Source: Service Control Manager) (EventID: 7009) (User: ) Description: Upłynął limit czasu (30000 ms) podczas oczekiwania na połączenie się z usługą PLAY ONLINE. OUC. Error: (02/19/2015 10:42:29 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Nie można uruchomić usługi McAfee SiteAdvisor Service z powodu następującego błędu: %%2 Error: (02/19/2015 10:42:29 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Nie można uruchomić usługi Internet Manager. OUC z powodu następującego błędu: %%1053 Error: (02/19/2015 10:42:29 PM) (Source: Service Control Manager) (EventID: 7009) (User: ) Description: Upłynął limit czasu (30000 ms) podczas oczekiwania na połączenie się z usługą Internet Manager. OUC. Error: (02/19/2015 10:31:26 PM) (Source: DCOM) (EventID: 10010) (User: ) Description: {995C996E-D918-4A8C-A302-45719A6F4EA7} Error: (02/19/2015 09:59:34 PM) (Source: Microsoft Antimalware) (EventID: 2001) (User: ) Description: Program %ZARZĄDZANIE NT60 napotkał błąd podczas próby aktualizacji podpisów. Nowa wersja podpisu: Poprzednia wersja podpisu: 1.193.185.0 Źródło aktualizacji: %ZARZĄDZANIE NT59 Etap aktualizacji 3.0.8402.00 Ścieżka źródła: 3.0.8402.01 Typ podpisu: %ZARZĄDZANIE NT602 Typ aktualizacji: %ZARZĄDZANIE NT604 Użytkownik: ZARZĄDZANIE NT\SYSTEM Bieżąca wersja aparatu: %ZARZĄDZANIE NT605 Poprzednia wersja aparatu: %ZARZĄDZANIE NT606 Kod błędu: %ZARZĄDZANIE NT607 Opis błędu: %ZARZĄDZANIE NT608 Microsoft Office Sessions: ========================= ==================== Memory info =========================== Processor: Intel(R) Core(TM) i3 CPU M 380 @ 2.53GHz Percentage of memory in use: 69% Total physical RAM: 2930.67 MB Available physical RAM: 899.8 MB Total Pagefile: 5859.53 MB Available Pagefile: 3136.42 MB Total Virtual: 8192 MB Available Virtual: 8191.82 MB ==================== Drives ================================ Drive c: (WINDOWS) (Fixed) (Total:232.88 GB) (Free:70.66 GB) NTFS Drive d: (ALEKSANDRA) (Fixed) (Total:232.49 GB) (Free:98.6 GB) NTFS Drive e: (CD104A9) (CDROM) (Total:0.13 GB) (Free:0 GB) CDFS ==================== MBR & Partition Table ================== ======================================================== Disk: 0 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: FAD57A31) Partition 1: (Active) - (Size=400 MB) - (Type=27) Partition 2: (Not Active) - (Size=232.9 GB) - (Type=07 NTFS) Partition 3: (Not Active) - (Size=232.5 GB) - (Type=07 NTFS) ==================== End Of Log ============================