Additional scan result of Farbar Recovery Scan Tool (x86) Version: 11-03-2015 Ran by Mężczyzna at 2015-03-16 00:56:06 Running from C:\Users\Mężczyzna\Downloads Boot Mode: Normal ========================================================== ==================== Security Center ======================== (If an entry is included in the fixlist, it will be removed.) AV: Bitdefender Ochrona antywirusowa (Enabled - Up to date) {9A0813D8-CED6-F86B-072E-28D2AF25A83D} AS: Bitdefender Antyszpieg (Enabled - Up to date) {2169F23C-E8EC-F7E5-3D9E-13A0D4A2E280} AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} FW: Bitdefender Zapora sieciowa (Enabled) {A23392FD-84B9-F933-2C71-81E751F6EF46} ==================== Installed Programs ====================== (Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.) 7-Zip 9.20 (HKLM\...\7-Zip) (Version: - ) Adobe Flash Player 16 NPAPI (HKLM\...\Adobe Flash Player NPAPI) (Version: 16.0.0.296 - Adobe Systems Incorporated) Adobe Flash Player 16 PPAPI (HKLM\...\Adobe Flash Player PPAPI) (Version: 16.0.0.305 - Adobe Systems Incorporated) Adobe Flash Player 9 ActiveX (HKLM\...\{58BAA8D0-404E-4585-9FD3-ED1BB72AC2EE}) (Version: 9.0.124.0 - Adobe Systems, Inc.) Adobe Reader 8 - Polish (HKLM\...\{AC76BA86-7AD7-1045-7B44-A81200000003}) (Version: 8.1.2 - Adobe Systems Incorporated) ALLMediaServer (HKLM\...\{FE77909E-B782-4554-A92A-4D887CEF0ACC}_is1) (Version: 0.95 - ALLCinema Ltd.) ALLPlayer V5.X (HKLM\...\ALLPlayer_is1) (Version: - ALLPlayer Group, Ltd.) Bitdefender Total Security 2015 (HKLM\...\Bitdefender) (Version: 18.19.0.1369 - Bitdefender) FreeOCR v5.4 (HKLM\...\freeocr_is1) (Version: - ) Fujitsu Siemens Computers Recovery (HKLM\...\{F58B763E-9FB9-4629-AF3C-CC9744BC4BA7}) (Version: 1.3.8 - Fujitsu Siemens Computers) Java 8 Update 31 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83218031F0}) (Version: 8.0.310 - Oracle Corporation) Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation) Microsoft Office Standard Edition 2003 (HKLM\...\{91120409-6000-11D3-8CFE-0150048383C9}) (Version: 11.0.5614.0 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Mozilla Firefox 36.0.1 (x86 pl) (HKLM\...\Mozilla Firefox 36.0.1 (x86 pl)) (Version: 36.0.1 - Mozilla) Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 36.0 - Mozilla) MSXML 4.0 SP2 (KB973688) (HKLM\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation) NapiProjekt 2.0.0 (build 2151) (HKLM\...\NapiProjekt_is1) (Version: - ) Nero 8 Essentials (HKLM\...\{854C47D1-C2A0-4492-8655-C3F8D49C1045}) (Version: 8.3.161 - Nero AG) NVIDIA Drivers (HKLM\...\NVIDIA Drivers) (Version: 1.10 - NVIDIA Corporation) OpenOffice 4.1.1 (HKLM\...\{B5373BA3-BAD7-4EAC-A9D2-B66B41B82C57}) (Version: 4.11.9775 - Apache Software Foundation) Opera Stable 28.0.1750.40 (HKLM\...\Opera 28.0.1750.40) (Version: 28.0.1750.40 - Opera Software ASA) OSD_1.16 (HKLM\...\{73289228-1853-4623-982A-EB17FF0270CA}) (Version: 1.0.0 - OEM) Polski pakiet językowy dla programu Microsoft .NET Framework 4 Client Profile (HKLM\...\Microsoft .NET Framework 4 Client Profile PLK Language Pack) (Version: 4.0.30319 - Microsoft Corporation) PowerDVD (HKLM\...\{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}) (Version: 7.3.3516a.0 - CyberLink Corporation) PVSonyDll (Version: 1.00.0001 - NVIDIA Corporation) Hidden Realtek High Definition Audio Driver (HKLM\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: - Realtek Semiconductor Corp.) SystemDiagnostics (HKLM\...\{2F926AE7-9FB7-4B34-906F-9C29A6D146A7}) (Version: 2.01.0004 - Fujitsu Siemens Computers ) VCRedistSetup (Version: 1.0.0 - Nero AG) Hidden ==================== Custom CLSID (selected items): ========================== (If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.) ==================== Restore Points ========================= 13-01-2015 23:46:41 Instalacja pakietu sterownika urządzenia: BITDEFENDER S.R.L. Urządzenia systemowe 13-01-2015 23:47:51 Instalacja pakietu sterownika urządzenia: BitDefender LLC Usługa sieciowa 14-01-2015 00:27:30 Windows Update 16-01-2015 12:18:01 Windows Update 16-01-2015 17:26:51 Windows Update 17-01-2015 23:41:14 Windows Update 24-01-2015 21:50:02 Windows Update 25-01-2015 16:00:31 Windows Update 25-01-2015 16:18:21 Windows Update 25-01-2015 16:28:08 Installed Microsoft Office Standard Edition 2003 25-01-2015 16:31:20 Zainstalowano: OpenOffice 4.1.1 25-01-2015 16:39:37 Windows Update 01-03-2015 15:44:43 Zaplanowany punkt kontrolny 04-03-2015 22:39:01 Zaplanowany punkt kontrolny 05-03-2015 18:06:10 Zaplanowany punkt kontrolny 15-03-2015 16:43:17 Installed Vista Codec Package. 15-03-2015 23:32:44 Operacja przywracania 15-03-2015 23:43:15 Operacja przywracania 16-03-2015 00:06:18 Removed Vista Codec Package. ==================== Hosts content: ========================== (If needed Hosts: directive could be included in the fixlist to reset Hosts.) 2006-11-02 11:23 - 2006-09-18 22:41 - 00000761 ____A C:\Windows\system32\Drivers\etc\hosts 127.0.0.1 localhost ::1 localhost ==================== Scheduled Tasks (whitelisted) ============= (If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.) Task: {45EE06E9-0C6B-45C4-90EF-8EAEE91C2371} - System32\Tasks\Opera scheduled Autoupdate 1421776960 => C:\Program Files\Opera\launcher.exe [2015-03-10] (Opera Software) Task: {D0E66243-93A4-4993-AD7C-9BE5C85CFA08} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\Windows\system32\Macromed\Flash\FlashUtil32_16_0_0_305_pepper.exe [2015-03-01] (Adobe Systems Incorporated) (If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.) Task: C:\Windows\Tasks\Adobe Flash Player PPAPI Notifier.job => C:\Windows\system32\Macromed\Flash\FlashUtil32_16_0_0_305_pepper.exe ==================== Loaded Modules (whitelisted) ============== 2015-01-13 23:46 - 2014-08-27 16:30 - 00204280 _____ () C:\Program Files\Bitdefender\Bitdefender 2015\txmlutil.dll 2015-01-13 23:46 - 2013-09-03 14:29 - 00095088 _____ () C:\Program Files\Bitdefender\Bitdefender 2015\bdmetrics.dll 2015-01-13 23:46 - 2014-12-02 15:44 - 00003072 _____ () C:\Program Files\Bitdefender\Bitdefender 2015\UI\accessl.ui 2015-01-13 23:46 - 2012-10-29 14:22 - 00130656 _____ () C:\Program Files\Bitdefender\Bitdefender 2015\bdfwcore.dll 2015-02-07 13:02 - 2015-02-07 13:02 - 00678616 _____ () C:\Program Files\Bitdefender\Bitdefender 2015\otengines_00042_002\ashttpbr.mdl 2015-02-07 13:02 - 2015-02-07 13:02 - 00493216 _____ () C:\Program Files\Bitdefender\Bitdefender 2015\otengines_00042_002\ashttpdsp.mdl 2015-02-07 13:02 - 2015-02-07 13:02 - 02187048 _____ () C:\Program Files\Bitdefender\Bitdefender 2015\otengines_00042_002\ashttpph.mdl 2015-02-07 13:02 - 2015-02-07 13:02 - 01135424 _____ () C:\Program Files\Bitdefender\Bitdefender 2015\otengines_00042_002\ashttprbl.mdl 2015-03-16 00:37 - 2015-03-16 00:37 - 00380416 _____ () C:\Users\Mężczyzna\Downloads\qytrfx1t.exe ==================== Alternate Data Streams (whitelisted) ========= (If an entry is included in the fixlist, only the Alternate Data Streams will be removed.) AlternateDataStreams: C:\Users\Mężczyzna\Downloads\7z920(dobreprogramy.pl).exe:BDU AlternateDataStreams: C:\Users\Mężczyzna\Downloads\Apache_OpenOffice_4.1.1_Win_x86_install_pl.exe:BDU AlternateDataStreams: C:\Users\Mężczyzna\Downloads\FRST.exe:BDU AlternateDataStreams: C:\Users\Mężczyzna\Downloads\install_flashplayer16x32pp_chrd_dn_aaa_aih.exe:BDU AlternateDataStreams: C:\Users\Mężczyzna\Downloads\jxpiinstall.exe:BDU AlternateDataStreams: C:\Users\Mężczyzna\Downloads\OfficeSTD.exe:BDU AlternateDataStreams: C:\Users\Mężczyzna\Downloads\Opera_NI_stable.exe:BDU AlternateDataStreams: C:\Users\Mężczyzna\Downloads\qytrfx1t.exe:BDU AlternateDataStreams: C:\Users\Mężczyzna\Downloads\Vista-Codec-Package(13350)-dp.exe:BDU ==================== Safe Mode (whitelisted) =================== (If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.) ==================== EXE Association (whitelisted) =============== (If an entry is included in the fixlist, the default will be restored. None default entries will be removed.) ==================== Other Areas ============================ (Currently there is no automatic fix for this section.) HKU\S-1-5-21-2321440703-4263156153-367547396-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Public\Pictures\Sample Pictures\Tree.jpg DNS Servers: 217.172.224.160 - 89.231.1.206 ==================== MSCONFIG/TASK MANAGER disabled items == (Currently there is no automatic fix for this section.) ==================== Accounts: ============================= Administrator (S-1-5-21-2321440703-4263156153-367547396-500 - Administrator - Disabled) Gość (S-1-5-21-2321440703-4263156153-367547396-501 - Limited - Disabled) Mężczyzna (S-1-5-21-2321440703-4263156153-367547396-1000 - Administrator - Enabled) => C:\Users\Mężczyzna ==================== Faulty Device Manager Devices ============= ==================== Event log errors: ========================= Application errors: ================== Error: (03/16/2015 00:50:45 AM) (Source: Perflib) (EventID: 1010) (User: ) Description: EmdCacheC:\Windows\system32\emdmgmt.dll4 Error: (03/16/2015 00:50:45 AM) (Source: Perflib) (EventID: 1008) (User: ) Description: BITSC:\Windows\system32\bitsperf.dll4 Error: (03/16/2015 00:42:43 AM) (Source: Application Error) (EventID: 1000) (User: ) Description: Aplikacja powodująca błąd qytrfx1t.exe, wersja 2.1.19357.0, sygnatura czasowa 0x52e7ea83, moduł powodujący błąd qytrfx1t.exe, wersja 2.1.19357.0, sygnatura czasowa 0x52e7ea83, kod wyjątku 0xc0000005, przesunięcie błędu 0x00012298, identyfikator procesu 0x1450, godzina rozpoczęcia aplikacji 0xqytrfx1t.exe0. Error: (03/16/2015 00:12:12 AM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (03/15/2015 11:55:08 PM) (Source: System Restore) (EventID: 8209) (User: ) Description: Wystąpił nieokreślony błąd podczas przywracania systemu: (Zaplanowany punkt kontrolny). Informacje dodatkowe: . Error: (03/15/2015 11:51:28 PM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (03/15/2015 11:41:09 PM) (Source: System Restore) (EventID: 8209) (User: ) Description: Wystąpił nieokreślony błąd podczas przywracania systemu: (Installed Vista Codec Package.). Informacje dodatkowe: . Error: (03/15/2015 11:36:57 PM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (03/15/2015 04:44:32 PM) (Source: SideBySide) (EventID: 33) (User: ) Description: Nie można wygenerować kontekstu aktywacji dla "Microsoft.VC80.CRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50727.4053"1". Nie można odnaleźć zestawu zależnego Microsoft.VC80.CRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50727.4053". Użyj narzędzia sxstrace.exe, aby uzyskać szczegółową diagnozę. Error: (03/15/2015 04:44:29 PM) (Source: SideBySide) (EventID: 33) (User: ) Description: Nie można wygenerować kontekstu aktywacji dla "Microsoft.VC80.CRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50727.4053"1". Nie można odnaleźć zestawu zależnego Microsoft.VC80.CRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50727.4053". Użyj narzędzia sxstrace.exe, aby uzyskać szczegółową diagnozę. System errors: ============= Error: (03/16/2015 00:14:39 AM) (Source: Microsoft-Windows-LanguagePackSetup) (EventID: 1001) (User: ZARZĄDZANIE NT) Description: 0x80070032 Error: (03/16/2015 00:12:12 AM) (Source: Service Control Manager) (EventID: 7022) (User: ) Description: Bitdefender Virus Shield Error: (03/15/2015 11:50:53 PM) (Source: Microsoft-Windows-LanguagePackSetup) (EventID: 1001) (User: ZARZĄDZANIE NT) Description: 0x80070032 Error: (03/15/2015 11:42:29 PM) (Source: Schannel) (EventID: 4108) (User: ) Description: Certyfikat odebrany od serwera zdalnego nie został poprawnie sprawdzony. Kod błędu: 0x80092013. Żądanie połączenia SSL nie powiodło się. Załączone dane zawierają certyfikat serwera. Error: (03/15/2015 11:36:26 PM) (Source: Microsoft-Windows-LanguagePackSetup) (EventID: 1001) (User: ZARZĄDZANIE NT) Description: 0x80070032 Error: (03/15/2015 04:21:57 PM) (Source: Microsoft-Windows-LanguagePackSetup) (EventID: 1001) (User: ZARZĄDZANIE NT) Description: 0x80070032 Error: (03/15/2015 04:20:53 PM) (Source: Service Control Manager) (EventID: 7022) (User: ) Description: Bitdefender Virus Shield Error: (03/14/2015 10:44:00 AM) (Source: Microsoft-Windows-LanguagePackSetup) (EventID: 1001) (User: ZARZĄDZANIE NT) Description: 0x80070032 Error: (03/13/2015 09:57:35 PM) (Source: Microsoft-Windows-LanguagePackSetup) (EventID: 1001) (User: ZARZĄDZANIE NT) Description: 0x80070032 Error: (03/12/2015 01:08:48 PM) (Source: Microsoft-Windows-LanguagePackSetup) (EventID: 1001) (User: ZARZĄDZANIE NT) Description: 0x80070032 Microsoft Office Sessions: ========================= Error: (03/16/2015 00:50:45 AM) (Source: Perflib) (EventID: 1010) (User: ) Description: EmdCacheC:\Windows\system32\emdmgmt.dll4 Error: (03/16/2015 00:50:45 AM) (Source: Perflib) (EventID: 1008) (User: ) Description: BITSC:\Windows\system32\bitsperf.dll4 Error: (03/16/2015 00:42:43 AM) (Source: Application Error) (EventID: 1000) (User: ) Description: qytrfx1t.exe2.1.19357.052e7ea83qytrfx1t.exe2.1.19357.052e7ea83c000000500012298145001d05f7913a04828 Error: (03/16/2015 00:12:12 AM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (03/15/2015 11:55:08 PM) (Source: System Restore) (EventID: 8209) (User: ) Description: Zaplanowany punkt kontrolny Error: (03/15/2015 11:51:28 PM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (03/15/2015 11:41:09 PM) (Source: System Restore) (EventID: 8209) (User: ) Description: Installed Vista Codec Package. Error: (03/15/2015 11:36:57 PM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (03/15/2015 04:44:32 PM) (Source: SideBySide) (EventID: 33) (User: ) Description: Microsoft.VC80.CRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50727.4053"C:\Program Files\VistaCodecPack\filters\DivXDecH264.ax Error: (03/15/2015 04:44:29 PM) (Source: SideBySide) (EventID: 33) (User: ) Description: Microsoft.VC80.CRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50727.4053"C:\Program Files\VistaCodecPack\filters\DivXDecH264.ax CodeIntegrity Errors: =================================== Date: 2015-01-13 23:18:07.957 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\tcpip.sys because the set of per-page image hashes could not be found on the system. Date: 2015-01-13 23:18:07.941 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\tcpip.sys because the set of per-page image hashes could not be found on the system. Date: 2015-01-13 23:18:07.925 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\tcpip.sys because the set of per-page image hashes could not be found on the system. Date: 2015-01-13 23:18:07.863 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\tcpip.sys because the set of per-page image hashes could not be found on the system. Date: 2015-01-13 23:18:07.847 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\tcpip.sys because the set of per-page image hashes could not be found on the system. Date: 2008-07-03 18:51:01.887 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\tcpip.sys because the set of per-page image hashes could not be found on the system. Date: 2008-07-03 18:51:01.871 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\tcpip.sys because the set of per-page image hashes could not be found on the system. Date: 2008-07-03 18:51:01.840 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\tcpip.sys because the set of per-page image hashes could not be found on the system. Date: 2008-07-03 18:51:01.809 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\tcpip.sys because the set of per-page image hashes could not be found on the system. ==================== Memory info =========================== Processor: Intel(R) Core(TM)2 Duo CPU T5800 @ 2.00GHz Percentage of memory in use: 47% Total physical RAM: 3065.93 MB Available physical RAM: 1597.16 MB Total Pagefile: 6334.13 MB Available Pagefile: 4822.13 MB Total Virtual: 2047.88 MB Available Virtual: 1868.68 MB ==================== Drives ================================ Drive c: (System) (Fixed) (Total:192.06 GB) (Free:136.06 GB) NTFS ==>[Drive with boot components (obtained from BCD)] Drive d: (Data) (Fixed) (Total:97.03 GB) (Free:91.02 GB) NTFS ==================== MBR & Partition Table ================== ======================================================== Disk: 0 (MBR Code: Windows 7 or Vista) (Size: 298.1 GB) (Disk ID: F9A07CF5) Partition 1: (Not Active) - (Size=9 GB) - (Type=27) Partition 2: (Active) - (Size=192.1 GB) - (Type=07 NTFS) Partition 3: (Not Active) - (Size=97 GB) - (Type=07 NTFS) ==================== End Of Log ============================