Additional scan result of Farbar Recovery Scan Tool (x64) Version: 24-01-2015 01 Ran by Kuba at 2015-02-21 13:24:40 Running from C:\Users\Kuba\Desktop\logi Boot Mode: Normal ========================================================== ==================== Security Center ======================== (If an entry is included in the fixlist, it will be removed.) AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} ==================== Installed Programs ====================== (Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.) µTorrent (HKU\S-1-5-21-3839221274-3043303846-3843884880-1000\...\uTorrent) (Version: 3.4.2.35702 - BitTorrent Inc.) Adobe Flash Player 10 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 10.0.42.34 - Adobe Systems Incorporated) Adobe Flash Player 16 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 16.0.0.305 - Adobe Systems Incorporated) Adobe Reader 9.0.1 - Polish (HKLM-x32\...\{AC76BA86-7AD7-1045-7B44-A90100000001}) (Version: 9.0.1 - Adobe Systems Incorporated) ALLPlayer V5.X (HKLM-x32\...\ALLPlayer_is1) (Version: - ALLPlayer Group, Ltd.) AMD Catalyst Install Manager (HKLM\...\{F2A7CE36-57BF-5C86-952D-90DBF3746D82}) (Version: 8.0.916.0 - Advanced Micro Devices, Inc.) Apple Mobile Device Support (HKLM\...\{6AF2AC2A-3532-43FD-9F4D-BDC9C0D724C7}) (Version: 7.1.2.6 - Apple Inc.) Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.) Asystent rejestracji usługi Windows Live (HKLM-x32\...\{51958BA7-21E4-4A8B-9098-CD8375BD17B2}) (Version: 5.000.818.5 - Microsoft Corporation) AVS Media Player 4.2.3.106 (HKLM-x32\...\AVS Media Player_is1) (Version: 4.2.3.106 - Online Media Technologies Ltd.) Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.) Broadcom Gigabit NetLink Controller (HKLM\...\{A84DB02B-9C2B-4272-9D2D-A80E00A56513}) (Version: 12.52.01 - Broadcom Corporation) CCleaner (HKLM\...\CCleaner) (Version: 3.14 - Piriform) ClocX (1.5b1) (HKLM-x32\...\ClocX) (Version: - ) Codecs for Windows 7 Pack 4.0.5 (HKLM-x32\...\Codecs for Windows 7 Pack) (Version: 4.0.5 - Codecs for Windows 7 Pack) Command & Conquer Tiberian Sun (HKLM-x32\...\Tiberian Sun) (Version: - ) Counter-Strike 1.6 (HKLM-x32\...\Counter-Strike 1.6) (Version: - ) DAEMON Tools Lite (HKLM-x32\...\DAEMON Tools Lite) (Version: 4.49.1.0356 - Disc Soft Ltd) Dev-C++ (HKLM-x32\...\Dev-C++) (Version: 5.2.0.3 - ) Europa Universalis 2 (HKLM-x32\...\{84EC225B-3547-4F56-8BD3-CB6D52F81527}) (Version: 1.07 - ) Facebook Video Calling 3.1.0.521 (HKLM-x32\...\{2091F234-EB58-4B80-8C96-8EB78C808CF7}) (Version: 3.1.521 - Skype Limited) Fraps (HKLM-x32\...\Fraps) (Version: - ) Galeria fotografii usługi Windows Live (x32 Version: 14.0.8081.709 - Microsoft Corporation) Hidden GOM Player (HKLM-x32\...\GOM Player) (Version: 2.2.62.5209 - Gretech Corporation) Google Chrome (HKU\S-1-5-21-3839221274-3043303846-3843884880-1000\...\Google Chrome) (Version: 40.0.2214.115 - Google Inc.) Greenshot (HKLM-x32\...\Greenshot_is1) (Version: - ) Hearts of Iron 2 Platynowa Edycja (HKLM-x32\...\Hearts of Iron 2 Platynowa Edycja) (Version: - ) Heroes of Might and Magic® III (HKLM-x32\...\Heroes of Might and Magic® III) (Version: - ) HWiNFO64 Version 4.48 (HKLM\...\HWiNFO64_is1) (Version: 4.48 - Martin Malík - REALiX) HyperCam 2 (HKLM-x32\...\HyperCam 2) (Version: - ) Inkscape 0.48.3.1 (HKLM-x32\...\Inkscape) (Version: 0.48.3.1 - ) Intel(R) Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1007 - Intel Corporation) Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 6.0.0.1179 - Intel Corporation) Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 9.6.0.1014 - Intel Corporation) Intel(R) Turbo Boost Technology Driver (HKLM-x32\...\{D6C630BF-8DBB-4042-8562-DC9A52CB6E7E}) (Version: 01.00.01.1002 - Intel Corporation) IrfanView (remove only) (HKLM-x32\...\IrfanView) (Version: 4.38 - Irfan Skiljan) iTunes (HKLM\...\{33E28B58-7BA0-47B7-AA01-9225ABA2B8A9}) (Version: 11.3.0.54 - Apple Inc.) Java 8 Update 31 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86418031F0}) (Version: 8.0.310 - Oracle Corporation) Java SE Development Kit 8 Update 31 (64-bit) (HKLM\...\{64A3A4F4-B792-11D6-A78A-00B0D0180310}) (Version: 8.0.310.13 - Oracle Corporation) JMicron Flash Media Controller Driver (HKLM-x32\...\{26604C7E-A313-4D12-867F-7C6E7820BE4C}) (Version: 1.0.41.2 - JMicron Technology Corp.) Junk Mail filter update (x32 Version: 14.0.8089.726 - Microsoft Corporation) Hidden K-Lite Codec Pack 7.0.0 (Standard) (HKLM-x32\...\KLiteCodecPack_is1) (Version: 7.0.0 - ) K-Lite Codec Pack 9.3.0 (64-bit) (HKLM\...\KLiteCodecPack64_is1) (Version: 9.3.0 - ) Lenovo DirectShare (HKLM-x32\...\{B2164CCB-C002-4B80-8550-7535D80DF237}) (Version: - ArcSoft) Lenovo_Wireless_Driver (HKLM-x32\...\{28ABE740-47F3-441B-9437-852F6A64EFF8}) (Version: 1.02.01 - Lenovo) Malwarebytes Anti-Malware wersja 1.75.0.1300 (HKLM-x32\...\Malwarebytes' Anti-Malware_is1) (Version: 1.75.0.1300 - Malwarebytes Corporation) Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation) Microsoft .NET Framework 4.5.1 (Polski) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1045) (Version: 4.5.50938 - Microsoft Corporation) Microsoft Help Viewer 1.0 (HKLM\...\Microsoft Help Viewer 1.0) (Version: 1.0.30319 - Microsoft Corporation) Microsoft Office 2010 (HKLM-x32\...\{95140000-0070-0000-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation) Microsoft Office Starter 2010 - Polski (HKLM-x32\...\{90140011-0066-0415-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation) Microsoft PowerPoint Viewer (HKLM-x32\...\{95140000-00AF-0415-0000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation) Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation) Microsoft Sync Framework Runtime Native v1.0 (x86) (HKLM-x32\...\{8A74E887-8F0F-4017-AF53-CBA42211AAA5}) (Version: 1.0.1215.0 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation) Moduł Szybka instalacja pakietu Microsoft Office 2010 (HKLM-x32\...\Office14.Click2Run) (Version: 14.0.4763.1000 - Microsoft Corporation) Moduł Szybka instalacja pakietu Microsoft Office 2010 (Version: 14.0.4763.1000 - Microsoft Corporation) Hidden Mozilla Firefox 35.0.1 (x86 pl) (HKLM-x32\...\Mozilla Firefox 35.0.1 (x86 pl)) (Version: 35.0.1 - Mozilla) Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 29.0.1 - Mozilla) Narzędzie do przekazywania usługi Windows Live (HKLM-x32\...\{205C6BDD-7B73-42DE-8505-9A093F35A238}) (Version: 14.0.8014.1029 - Microsoft Corporation) Obsługa programów Apple (HKLM-x32\...\{21ECABC3-40B2-42DF-8E21-ACF3A4D0D95A}) (Version: 3.0.5 - Apple Inc.) Opera 12.17 (HKLM-x32\...\Opera 12.17.1863) (Version: 12.17.1863 - Opera Software ASA) Opera Stable 27.0.1689.69 (HKLM-x32\...\Opera 27.0.1689.69) (Version: 27.0.1689.69 - Opera Software ASA) Poczta usługi Windows Live (x32 Version: 14.0.8089.0726 - Microsoft Corporation) Hidden Podstawowe programy Windows Live (HKLM-x32\...\WinLiveSuite_Wave3) (Version: 14.0.8089.0726 - Microsoft Corporation) Podstawowe programy Windows Live (x32 Version: 14.0.8089.726 - Microsoft Corporation) Hidden Polipo 1.0.4.1 (HKLM-x32\...\Polipo) (Version: - ) PX Profile Update (x32 Version: 1.00.1. - AMD) Hidden QuickTime (HKLM-x32\...\{B67BAFBA-4C9F-48FA-9496-933E3B255044}) (Version: 7.74.80.86 - Apple Inc.) Rainmeter (HKLM-x32\...\Rainmeter) (Version: 2.5 r1842 - ) Real Alternative 1.9.0 Lite (HKLM-x32\...\RealAlt_is1) (Version: 1.9.0 - ) Realtek HDMI Audio Driver for ATI (HKLM-x32\...\{5449FB4F-1802-4D5B-A6D8-087DB1142147}) (Version: 6.0.1.6034 - Realtek Semiconductor Corp.) Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6110 - Realtek Semiconductor Corp.) Skype Toolbars (HKLM-x32\...\{B6CF2967-C81E-40C0-9815-C05774FEF120}) (Version: 5.5.7896 - Skype Technologies S.A.) Skype™ 6.14 (HKLM-x32\...\{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}) (Version: 6.14.104 - Skype Technologies S.A.) Sql Server Customer Experience Improvement Program (x32 Version: 10.0.1600.22 - Microsoft Corporation) Hidden StarCraft II (HKLM-x32\...\StarCraft II) (Version: - Blizzard Entertainment) SubEdit-Player (HKLM-x32\...\SubEdit-Player_is1) (Version: 4072 - Artur Sikora) Super Kulki (HKLM-x32\...\Super Kulki_is1) (Version: 5.0 - ALLCinema Ltd.) Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 15.0.19.1 - Synaptics Incorporated) TeamSpeak 3 Client (HKU\S-1-5-21-3839221274-3043303846-3843884880-1000\...\TeamSpeak 3 Client) (Version: 3.0.13.1 - TeamSpeak Systems GmbH) Tor 0.2.2.35 (HKLM-x32\...\Tor) (Version: - ) Total Commander (Remove or Repair) (HKLM-x32\...\Totalcmd) (Version: 7.56a - Ghisler Software GmbH) UndeleteMyFiles Pro (HKLM-x32\...\UndeleteMyFiles Pro_is1) (Version: - SeriousBit) uTorrent Packages (HKU\S-1-5-21-3839221274-3043303846-3843884880-1000\...\uTorrent Packages) (Version: - ) <==== ATTENTION Vidalia 0.2.15 (HKLM-x32\...\Vidalia) (Version: - ) War Thunder Launcher 1.0.1.278 (HKLM-x32\...\{ed8deea4-29fa-3932-9612-e2122d8a62d9}}_is1) (Version: - 2013 Gaijin Entertainment Corporation) Warcraft III (HKLM-x32\...\Warcraft III) (Version: - ) Warcraft III: wszystkie elementy (HKU\S-1-5-21-3839221274-3043303846-3843884880-1000\...\Warcraft III) (Version: - ) Westwood Shared Internet Components (HKLM-x32\...\WOLAPI) (Version: - ) Windows Driver Package - Broadcom HIDClass (07/28/2009 6.2.0.9800) (HKLM\...\3BA80AB4C7E9F8497C115C844953A3D4BEB84D21) (Version: 07/28/2009 6.2.0.9800 - Broadcom) Windows Live Sync (HKLM-x32\...\{2E522ED6-01E2-4207-82D5-B3BFB31B8BD4}) (Version: 14.0.8089.726 - Microsoft Corporation) Windows Media Player Firefox Plugin (HKLM-x32\...\{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}) (Version: 1.0.0.8 - Microsoft Corp) World of Tanks (HKLM-x32\...\{1EAC1D02-C6AC-4FA6-9A44-96258C37C812EU}_is1) (Version: - Wargaming.net) YDP Flash Speech Recognition Support 1.0 (HKLM-x32\...\YDP Flash Speech Recognition Support) (Version: 1.0 - YDP) ==================== Custom CLSID (selected items): ========================== (If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.) CustomCLSID: HKU\S-1-5-21-3839221274-3043303846-3843884880-1000_Classes\CLSID\{355EC88A-02E2-4547-9DEE-F87426484BD1}\InprocServer32 -> C:\Users\Kuba\AppData\Local\Google\Update\1.3.23.9\psuser_64.dll No File CustomCLSID: HKU\S-1-5-21-3839221274-3043303846-3843884880-1000_Classes\CLSID\{90B3DFBF-AF6A-4EA0-8899-F332194690F8}\InprocServer32 -> C:\Users\Kuba\AppData\Local\Google\Update\1.3.24.15\psuser_64.dll No File CustomCLSID: HKU\S-1-5-21-3839221274-3043303846-3843884880-1000_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\Kuba\AppData\Local\Google\Update\1.3.24.15\psuser_64.dll No File CustomCLSID: HKU\S-1-5-21-3839221274-3043303846-3843884880-1000_Classes\CLSID\{FE498BAB-CB4C-4F88-AC3F-3641AAAF5E9E}\InprocServer32 -> C:\Users\Kuba\AppData\Local\Google\Update\1.3.24.7\psuser_64.dll No File ==================== Restore Points ========================= 17-02-2015 16:02:29 Windows Update 19-02-2015 07:00:25 Usunięte Assassin's Creed 19-02-2015 07:01:52 Removed iTunes 21-02-2015 09:39:18 Removed Java 7 Update 55 21-02-2015 09:40:56 Removed Java(TM) 6 Update 26 21-02-2015 09:41:28 Removed Java(TM) 6 Update 26 21-02-2015 09:45:59 Installed Java SE Development Kit 8 Update 31 (64-bit) 21-02-2015 10:44:18 Removed Java 8 Update 31 (64-bit) ==================== Hosts content: ========================== (If needed Hosts: directive could be included in the fixlist to reset Hosts.) 2013-10-19 15:43 - 2015-02-19 21:42 - 00001512 _RASH C:\windows\system32\Drivers\etc\hosts 127.0.0.1 localhost 212.83.161.214 www.google-analytics.com. 212.83.161.214 google-analytics.com. 212.83.161.214 connect.facebook.net. 192.95.55.231 www.google-analytics.com. 192.95.55.231 google-analytics.com. 192.95.55.231 connect.facebook.net. 158.58.173.195 www.google-analytics.com. 158.58.173.195 google-analytics.com. 158.58.173.195 connect.facebook.net. ==================== Scheduled Tasks (whitelisted) ============= (If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.) Task: {2B84E39A-9E12-4F6E-83E2-16F509B35920} - System32\Tasks\RealDownloaderRealUpgradeLogonTaskS-1-5-21-3839221274-3043303846-3843884880-1000 => C:\Program Files (x86)\RealNetworks\RealDownloader\realupgrade.exe Task: {348E0006-F45E-40B7-896B-3CC0E7297DCD} - System32\Tasks\wecutil => C:\Users\Kuba\AppData\Roaming\Microsoft\Windows\IEUpdate\wecutil.exe [2014-03-04] () Task: {35A5B8FB-2838-418A-940A-234A8C682D8A} - System32\Tasks\{57B4245E-7230-476F-AAA1-0A63869F6E05} => C:\HP Universal Print Driver\PCL5 v5.2.6.9321\win_xp_vista\Install.exe Task: {379C14F0-5CE9-4AB5-9CAD-C8E472BB313D} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-3839221274-3043303846-3843884880-1000UA => C:\Users\Kuba\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-07-12] (Facebook Inc.) Task: {5778610B-CA0A-426A-B05A-90C731A1CF60} - System32\Tasks\Opera scheduled Autoupdate 1419451148 => C:\Program Files (x86)\Opera\launcher.exe [2015-02-10] (Opera Software) Task: {589E32F9-43BE-4B64-8E19-1C2796A817D8} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-3839221274-3043303846-3843884880-1000Core => C:\Users\Kuba\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-07-12] (Facebook Inc.) Task: {64FF4900-DF11-47A9-B1DC-A3A404CEF770} - System32\Tasks\{185500A7-E25E-4606-922A-BB38B5B4BE68} => pcalua.exe -a C:\Users\Kuba\Downloads\SetupDWGTrueView2012_32bit.exe -d C:\Users\Kuba\Downloads Task: {77CE538E-D19A-47C9-929B-D39053E7D47A} - System32\Tasks\Adobe Flash Player Updater => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-02-17] (Adobe Systems Incorporated) Task: {7BFE18D4-D541-4845-9469-A549DB101C18} - System32\Tasks\{E05F641C-C744-42F9-A595-57D3B8BDA61F} => C:\HP Universal Print Driver\PCL5 v5.2.6.9321\win_xp_vista\Install.exe Task: {839EFA3E-9D7E-4C74-8B12-3FFCC3A51802} - System32\Tasks\{536E68D4-F40B-4225-80B0-CFFCFE1DF58B} => pcalua.exe -a C:\Users\Kuba\AppData\Roaming\sweet-page\UninstallManager.exe -c -ptid=cor Task: {9B4D2DDD-85E1-43D4-BB01-A1F0A1EF3E4F} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3839221274-3043303846-3843884880-1000UA => C:\Users\Kuba\AppData\Local\Google\Update\GoogleUpdate.exe [2015-02-04] (Google Inc.) Task: {9DE88BAB-3699-4BEF-A16A-7B31155264A4} - System32\Tasks\{9F77A418-EA46-426E-9B32-36D8D5D93AFF} => C:\HP Universal Print Driver\PCL5 v5.2.6.9321\win_xp_vista\Install.exe Task: {AC1E29C2-10F7-4454-B3FA-48266A31CB98} - System32\Tasks\RealDownloaderRealUpgradeScheduledTaskS-1-5-21-3839221274-3043303846-3843884880-1000 => C:\Program Files (x86)\RealNetworks\RealDownloader\realupgrade.exe Task: {AE53D8A9-1B88-4916-935B-562BCB19AADE} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3839221274-3043303846-3843884880-1000Core => C:\Users\Kuba\AppData\Local\Google\Update\GoogleUpdate.exe [2015-02-04] (Google Inc.) Task: {CA08AA02-FA27-4FEB-B488-27C2C802ADD1} - System32\Tasks\{6D18DEF1-F530-4B65-B75E-CFA14E2FE172} => C:\Program Files (x86)\Skype\\Phone\Skype.exe [2014-02-10] (Skype Technologies S.A.) Task: {DCE64F9D-2E6B-4337-B1E1-C5AEB6944A40} - System32\Tasks\{F77D6037-6CD4-4292-83FE-7AE0DD1FB09A} => pcalua.exe -a E:\setup.exe -d E:\ Task: {F4F6420B-90ED-47CD-B585-98DE08FCCD45} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.) Task: {FA75368C-4975-4E3C-93CA-07A76CB5CC23} - System32\Tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask => Sc.exe start osppsvc Task: C:\windows\Tasks\Adobe Flash Player Updater.job => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe Task: C:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3839221274-3043303846-3843884880-1000Core.job => C:\Users\Kuba\AppData\Local\Facebook\Update\FacebookUpdate.exe Task: C:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3839221274-3043303846-3843884880-1000UA.job => C:\Users\Kuba\AppData\Local\Facebook\Update\FacebookUpdate.exe Task: C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3839221274-3043303846-3843884880-1000Core.job => C:\Users\Kuba\AppData\Local\Google\Update\GoogleUpdate.exe Task: C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3839221274-3043303846-3843884880-1000UA.job => C:\Users\Kuba\AppData\Local\Google\Update\GoogleUpdate.exe ==================== Loaded Modules (whitelisted) ============= 2011-04-14 01:41 - 2011-04-14 01:41 - 00034304 _____ () C:\windows\System32\ssb3ml6.dll 2015-02-17 15:31 - 2015-02-17 15:31 - 02779648 _____ () C:\ProgramData\Microsoft\Secure\Icons\SecureIconsProvider.dll 2015-02-17 15:31 - 2015-02-17 15:31 - 02264064 _____ () C:\ProgramData\Microsoft\Secure\Icons\IconsCacheHelper.dll 2011-07-24 21:52 - 2010-07-12 06:52 - 00548864 _____ () C:\Program Files (x86)\Greenshot\Greenshot.exe 2011-12-14 15:50 - 2011-12-14 15:50 - 05407850 _____ () C:\Program Files (x86)\Vidalia Bundle\Vidalia\vidalia.exe 2015-02-21 11:20 - 2015-02-21 11:20 - 00120320 _____ () C:\Users\Kuba\AppData\Roaming\FrameworkUpdate\GoogleUpdate.exe 2014-04-09 16:00 - 2014-03-04 10:44 - 00168448 ____R () C:\Users\Kuba\AppData\Roaming\Microsoft\Windows\IEUpdate\wecutil.exe 2011-12-16 04:45 - 2011-12-16 04:45 - 02745870 _____ () C:\Program Files (x86)\Vidalia Bundle\Tor\tor.exe 2011-05-10 17:02 - 2011-05-10 17:02 - 00181248 _____ () C:\Program Files (x86)\Vidalia Bundle\Polipo\polipo.exe 2013-03-24 15:40 - 2013-03-24 15:40 - 00036024 _____ () C:\Program Files\Rainmeter\Rainmeter.exe 2013-03-24 15:40 - 2013-03-24 15:40 - 00731832 _____ () C:\Program Files\Rainmeter\Rainmeter.dll 2013-03-24 15:39 - 2013-03-24 15:39 - 00017408 _____ () C:\Program Files\Rainmeter\Plugins\AdvancedCPU.DLL 2013-03-24 15:38 - 2013-03-24 15:38 - 00027136 _____ () C:\Program Files\Rainmeter\Plugins\Win7AudioPlugin.DLL 2013-03-24 15:38 - 2013-03-24 15:38 - 00011776 _____ () C:\Program Files\Rainmeter\Plugins\PowerPlugin.DLL 2013-03-24 15:38 - 2013-03-24 15:38 - 00023040 _____ () C:\Program Files\Rainmeter\Plugins\WiFiStatus.DLL 2014-04-23 15:05 - 2014-04-23 15:05 - 00073544 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll 2014-04-23 15:04 - 2014-04-23 15:04 - 01044808 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll 2010-11-03 11:15 - 2010-03-03 21:08 - 00058880 _____ () C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IsdiInterop.dll 2011-07-24 21:52 - 2010-07-12 06:52 - 00028672 _____ () C:\Program Files (x86)\Greenshot\GreenshotPlugin.dll 2011-02-14 22:02 - 2011-02-14 22:02 - 02417664 _____ () C:\Program Files (x86)\Vidalia Bundle\Vidalia\QtCore4.dll 2010-03-07 04:31 - 2010-03-07 04:31 - 00024110 _____ () C:\Program Files (x86)\Vidalia Bundle\Vidalia\mingwm10.dll 2009-06-22 19:42 - 2009-06-22 19:42 - 00043008 _____ () C:\Program Files (x86)\Vidalia Bundle\Vidalia\libgcc_s_dw2-1.dll 2010-02-10 17:36 - 2010-02-10 17:36 - 09565184 _____ () C:\Program Files (x86)\Vidalia Bundle\Vidalia\QtGui4.dll 2010-02-10 17:11 - 2010-02-10 17:11 - 01148416 _____ () C:\Program Files (x86)\Vidalia Bundle\Vidalia\QtNetwork4.dll 2010-02-10 17:08 - 2010-02-10 17:08 - 00398336 _____ () C:\Program Files (x86)\Vidalia Bundle\Vidalia\QtXml4.dll 2015-02-21 11:29 - 2015-02-21 11:29 - 01276928 _____ () C:\Users\Kuba\AppData\Local\Ocpics\DataCD.dll 2011-05-10 17:02 - 2011-05-10 17:02 - 00076800 _____ () C:\Program Files (x86)\Vidalia Bundle\Polipo\libgnurx-0.dll 2015-02-20 19:49 - 2015-02-17 23:44 - 01117512 _____ () C:\Users\Kuba\AppData\Local\Google\Chrome\Application\40.0.2214.115\libglesv2.dll 2015-02-20 19:49 - 2015-02-17 23:44 - 00211272 _____ () C:\Users\Kuba\AppData\Local\Google\Chrome\Application\40.0.2214.115\libegl.dll 2015-02-20 19:49 - 2015-02-17 23:44 - 09171272 _____ () C:\Users\Kuba\AppData\Local\Google\Chrome\Application\40.0.2214.115\pdf.dll 2015-02-20 19:49 - 2015-02-17 23:44 - 14965064 _____ () C:\Users\Kuba\AppData\Local\Google\Chrome\Application\40.0.2214.115\PepperFlash\pepflashplayer.dll ==================== Alternate Data Streams (whitelisted) ========= (If an entry is included in the fixlist, only the Alternate Data Streams will be removed.) ==================== Safe Mode (whitelisted) =================== (If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.) ==================== EXE Association (whitelisted) ============= (If an entry is included in the fixlist, the default will be restored. None default entries will be removed.) ==================== MSCONFIG/TASK MANAGER disabled items ========= (Currently there is no automatic fix for this section.) MSCONFIG\startupreg: ALLUpdate => "C:\Program Files (x86)\ALLPlayer\ALLUpdate.exe" "sleep" MSCONFIG\startupreg: iTunesHelper => "C:\Program Files (x86)\iTunes\iTunesHelper.exe" ========================= Accounts: ========================== Administrator (S-1-5-21-3839221274-3043303846-3843884880-500 - Administrator - Disabled) Gość (S-1-5-21-3839221274-3043303846-3843884880-501 - Limited - Disabled) => C:\Users\Gość HomeGroupUser$ (S-1-5-21-3839221274-3043303846-3843884880-1003 - Limited - Enabled) Kuba (S-1-5-21-3839221274-3043303846-3843884880-1000 - Administrator - Enabled) => C:\Users\Kuba ==================== Faulty Device Manager Devices ============= Name: Description: Class Guid: Manufacturer: Service: Problem: : The drivers for this device are not installed. (Code 28) Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard. Name: Teredo Tunneling Pseudo-Interface Description: Karta tunelowania Teredo firmy Microsoft Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318} Manufacturer: Microsoft Service: tunnel Problem: : This device cannot start. (Code10) Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device. On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard. ==================== Event log errors: ========================= Application errors: ================== Error: (02/21/2015 01:19:28 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Nazwa aplikacji powodującej błąd: regsvr32.exe, wersja: 6.1.7600.16385, sygnatura czasowa: 0x4a5bca28 Nazwa modułu powodującego błąd: php_xdebug.dll, wersja: 0.0.0.0, sygnatura czasowa: 0x547b541f Kod wyjątku: 0xc0000005 Przesunięcie błędu: 0x00001039 Identyfikator procesu powodującego błąd: 0x51c Godzina uruchomienia aplikacji powodującej błąd: 0xregsvr32.exe0 Ścieżka aplikacji powodującej błąd: regsvr32.exe1 Ścieżka modułu powodującego błąd: regsvr32.exe2 Identyfikator raportu: regsvr32.exe3 Error: (02/21/2015 01:17:37 PM) (Source: CVHSVC) (EventID: 100) (User: ) Description: Tylko informacje. (Patch task for {90140011-0066-0415-0000-0000000FF1CE}): DownloadLatest Failed: Limit czasu operacji został przekroczony. Error: (02/21/2015 01:06:56 PM) (Source: Application Virtualization Client) (EventID: 3008) (User: ) Description: {hap=12:app=OfficeVirt 9014006604150000:tid=B3C} Klient nie może nawiązać połączenia z programem Application Virtualization Server (rc 00000729-00000026) Error: (02/21/2015 01:06:56 PM) (Source: Application Virtualization Client) (EventID: 5009) (User: ) Description: {hap=12:app=OfficeVirt 9014006604150000:tid=B3C} Program Application Virtualization Client nie może nawiązać połączenia z adresem URL przesyłania strumieniowego 'http://c2r.microsoft.com/ConsumerC2R/pl-pl/14.0.4763.1000/ConsumerC2R.pl-pl_14.0.6137.5006.sft' (rc 00000729-00000026, pierwotny rc 00000729-00000026). Error: (02/21/2015 00:57:24 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Nazwa aplikacji powodującej błąd: regsvr32.exe, wersja: 6.1.7600.16385, sygnatura czasowa: 0x4a5bca28 Nazwa modułu powodującego błąd: php_xdebug.dll, wersja: 0.0.0.0, sygnatura czasowa: 0x547b541f Kod wyjątku: 0xc0000005 Przesunięcie błędu: 0x00001039 Identyfikator procesu powodującego błąd: 0x530 Godzina uruchomienia aplikacji powodującej błąd: 0xregsvr32.exe0 Ścieżka aplikacji powodującej błąd: regsvr32.exe1 Ścieżka modułu powodującego błąd: regsvr32.exe2 Identyfikator raportu: regsvr32.exe3 Error: (02/21/2015 00:56:39 PM) (Source: Application Virtualization Client) (EventID: 3008) (User: ) Description: {hap=12:app=OfficeVirt 9014006604150000:tid=B28} Klient nie może nawiązać połączenia z programem Application Virtualization Server (rc 00000729-00000026) Error: (02/21/2015 00:56:39 PM) (Source: Application Virtualization Client) (EventID: 5009) (User: ) Description: {hap=12:app=OfficeVirt 9014006604150000:tid=B28} Program Application Virtualization Client nie może nawiązać połączenia z adresem URL przesyłania strumieniowego 'http://c2r.microsoft.com/ConsumerC2R/pl-pl/14.0.4763.1000/ConsumerC2R.pl-pl_14.0.6137.5006.sft' (rc 00000729-00000026, pierwotny rc 00000729-00000026). Error: (02/21/2015 11:39:00 AM) (Source: CVHSVC) (EventID: 100) (User: ) Description: Tylko informacje. (Patch task for {90140011-0066-0415-0000-0000000FF1CE}): DownloadLatest Failed: Limit czasu operacji został przekroczony. Error: (02/21/2015 11:35:47 AM) (Source: Application Error) (EventID: 1000) (User: ) Description: Nazwa aplikacji powodującej błąd: iexplore.exe, wersja: 11.0.9600.17631, sygnatura czasowa: 0x54b31bdf Nazwa modułu powodującego błąd: unknown, wersja: 0.0.0.0, sygnatura czasowa: 0x00000000 Kod wyjątku: 0xc0000005 Przesunięcie błędu: 0x000007fefe85be90 Identyfikator procesu powodującego błąd: 0x1844 Godzina uruchomienia aplikacji powodującej błąd: 0xiexplore.exe0 Ścieżka aplikacji powodującej błąd: iexplore.exe1 Ścieżka modułu powodującego błąd: iexplore.exe2 Identyfikator raportu: iexplore.exe3 Error: (02/21/2015 11:28:53 AM) (Source: VSS) (EventID: 13) (User: ) Description: Informacje Usługi kopiowania woluminów w tle: nie można uruchomić serwera usługi COM z identyfikatorem CLSID {e579ab5f-1cc4-44b4-bed9-de0991ff0623} i nazwą Coordinator. [0x80070005, Odmowa dostępu. ] System errors: ============= Error: (02/21/2015 01:19:42 PM) (Source: Service Control Manager) (EventID: 7023) (User: ) Description: Usługa Protokół rozpoznawania nazw równorzędnych zakończyła działanie; wystąpił następujący błąd: %%-2140993535 Error: (02/21/2015 01:19:42 PM) (Source: Service Control Manager) (EventID: 7001) (User: ) Description: Usługa Grupowanie sieci równorzędnej zależy od usługi Protokół rozpoznawania nazw równorzędnych, której nie można uruchomić z powodu następującego błędu: %%-2140993535 Error: (02/21/2015 01:19:42 PM) (Source: Service Control Manager) (EventID: 7001) (User: ) Description: Usługa Grupowanie sieci równorzędnej zależy od usługi Protokół rozpoznawania nazw równorzędnych, której nie można uruchomić z powodu następującego błędu: %%-2140993535 Error: (02/21/2015 01:19:42 PM) (Source: Service Control Manager) (EventID: 7023) (User: ) Description: Usługa Protokół rozpoznawania nazw równorzędnych zakończyła działanie; wystąpił następujący błąd: %%-2140993535 Error: (02/21/2015 01:19:42 PM) (Source: PNRPSvc) (EventID: 102) (User: ) Description: 0x80630801 Error: (02/21/2015 01:19:42 PM) (Source: PNRPSvc) (EventID: 102) (User: ) Description: 0x80630801 Error: (02/21/2015 01:19:31 PM) (Source: Service Control Manager) (EventID: 7001) (User: ) Description: Usługa Grupowanie sieci równorzędnej zależy od usługi Protokół rozpoznawania nazw równorzędnych, której nie można uruchomić z powodu następującego błędu: %%-2140993535 Error: (02/21/2015 01:19:31 PM) (Source: Service Control Manager) (EventID: 7023) (User: ) Description: Usługa Protokół rozpoznawania nazw równorzędnych zakończyła działanie; wystąpił następujący błąd: %%-2140993535 Error: (02/21/2015 01:19:31 PM) (Source: PNRPSvc) (EventID: 102) (User: ) Description: 0x80630801 Error: (02/21/2015 01:06:03 PM) (Source: Service Control Manager) (EventID: 7001) (User: ) Description: Usługa Grupowanie sieci równorzędnej zależy od usługi Protokół rozpoznawania nazw równorzędnych, której nie można uruchomić z powodu następującego błędu: %%-2140993535 Microsoft Office Sessions: ========================= Error: (02/21/2015 01:19:28 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: regsvr32.exe6.1.7600.163854a5bca28php_xdebug.dll0.0.0.0547b541fc00000050000103951c01d04dd0a1824c42C:\windows\SysWOW64\regsvr32.exeC:\Users\Kuba\AppData\Local\Oprzics\php_xdebug.dlle0ee2987-b9c3-11e4-9847-18f46af4d8fb Error: (02/21/2015 01:17:37 PM) (Source: CVHSVC) (EventID: 100) (User: ) Description: (Patch task for {90140011-0066-0415-0000-0000000FF1CE}): DownloadLatest Failed: Limit czasu operacji został przekroczony. Error: (02/21/2015 01:06:56 PM) (Source: Application Virtualization Client) (EventID: 3008) (User: ) Description: {hap=12:app=OfficeVirt 9014006604150000:tid=B3C} 00000729-00000026 Error: (02/21/2015 01:06:56 PM) (Source: Application Virtualization Client) (EventID: 5009) (User: ) Description: {hap=12:app=OfficeVirt 9014006604150000:tid=B3C} http://c2r.microsoft.com/ConsumerC2R/pl-pl/14.0.4763.1000/ConsumerC2R.pl-pl_14.0.6137.5006.sft00000729-0000002600000729-00000026 Error: (02/21/2015 00:57:24 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: regsvr32.exe6.1.7600.163854a5bca28php_xdebug.dll0.0.0.0547b541fc00000050000103953001d04dcd79a85cd1C:\windows\SysWOW64\regsvr32.exeC:\Users\Kuba\AppData\Local\Oprzics\php_xdebug.dllcc2f6805-b9c0-11e4-ad5f-c6cb3834b351 Error: (02/21/2015 00:56:39 PM) (Source: Application Virtualization Client) (EventID: 3008) (User: ) Description: {hap=12:app=OfficeVirt 9014006604150000:tid=B28} 00000729-00000026 Error: (02/21/2015 00:56:39 PM) (Source: Application Virtualization Client) (EventID: 5009) (User: ) Description: {hap=12:app=OfficeVirt 9014006604150000:tid=B28} http://c2r.microsoft.com/ConsumerC2R/pl-pl/14.0.4763.1000/ConsumerC2R.pl-pl_14.0.6137.5006.sft00000729-0000002600000729-00000026 Error: (02/21/2015 11:39:00 AM) (Source: CVHSVC) (EventID: 100) (User: ) Description: (Patch task for {90140011-0066-0415-0000-0000000FF1CE}): DownloadLatest Failed: Limit czasu operacji został przekroczony. Error: (02/21/2015 11:35:47 AM) (Source: Application Error) (EventID: 1000) (User: ) Description: iexplore.exe11.0.9600.1763154b31bdfunknown0.0.0.000000000c0000005000007fefe85be90184401d04dc1f7302bbeC:\Program Files\Internet Explorer\iexplore.exeunknown64f6b615-b9b5-11e4-b7dd-18f46af4d8fb Error: (02/21/2015 11:28:53 AM) (Source: VSS) (EventID: 13) (User: ) Description: {e579ab5f-1cc4-44b4-bed9-de0991ff0623}Coordinator0x80070005, Odmowa dostępu. CodeIntegrity Errors: =================================== Date: 2014-06-27 19:11:16.626 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\usbaapl64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2014-06-27 19:11:16.441 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\usbaapl64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2014-06-12 17:47:09.688 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\usbaapl64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2014-06-12 17:47:09.515 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\usbaapl64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2013-06-09 19:52:07.516 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2013-06-09 19:52:07.453 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2012-10-25 22:48:38.554 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Users\Kuba\AppData\Local\Temp\EverestDriver.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2012-10-25 22:48:38.498 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Users\Kuba\AppData\Local\Temp\EverestDriver.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2012-10-25 22:48:38.341 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\Lavalys\EVEREST Home Edition\kerneld.amd64 because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2012-10-25 22:48:38.292 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\Lavalys\EVEREST Home Edition\kerneld.amd64 because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. ==================== Memory info =========================== Processor: Intel(R) Core(TM) i5 CPU M 460 @ 2.53GHz Percentage of memory in use: 54% Total physical RAM: 3956.55 MB Available physical RAM: 1816.14 MB Total Pagefile: 7911.29 MB Available Pagefile: 4868.45 MB Total Virtual: 8192 MB Available Virtual: 8191.81 MB ==================== Drives ================================ Drive c: (OPTS UTF8 OFF) (Fixed) (Total:420.33 GB) (Free:281.54 GB) NTFS Drive d: (LENOVO) (Fixed) (Total:30.48 GB) (Free:26.24 GB) NTFS Drive e: (AOE3 Complete) (CDROM) (Total:2.43 GB) (Free:0 GB) CDFS ==================== MBR & Partition Table ================== ======================================================== Disk: 0 (MBR Code: Windows 7 or Vista) (Size: 465.8 GB) (Disk ID: C3FFC3FF) Partition 1: (Active) - (Size=200 MB) - (Type=07 NTFS) Partition 2: (Not Active) - (Size=420.3 GB) - (Type=07 NTFS) Partition 3: (Not Active) - (Size=30.5 GB) - (Type=OF Extended) Partition 4: (Not Active) - (Size=14.8 GB) - (Type=12) ==================== End Of Log ============================