Additional scan result of Farbar Recovery Scan Tool (x86) Version:21-08-2015 03 Ran by Mariusz (2015-08-22 07:17:08) Running from C:\Users\Mariusz\Downloads Boot Mode: Normal ========================================================== ==================== Accounts: ============================= Administrator (S-1-5-21-341662459-1698172198-1879932507-500 - Administrator - Disabled) Gość (S-1-5-21-341662459-1698172198-1879932507-501 - Limited - Disabled) Mariusz (S-1-5-21-341662459-1698172198-1879932507-1000 - Administrator - Enabled) => C:\Users\Mariusz ==================== Security Center ======================== (If an entry is included in the fixlist, it will be removed.) AV: AVG AntiVirus Free Edition 2015 (Enabled - Up to date) {4D41356F-32AD-7C42-C820-63775EE4F413} AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: AVG AntiVirus Free Edition 2015 (Enabled - Up to date) {F620D48B-1497-73CC-F290-58052563BEAE} ==================== Installed Programs ====================== (Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.) Acer Crystal Eye Webcam (HKLM\...\{A77255C4-AFCB-44A3-BF0F-2091A71FFD9E}) (Version: 5.0.7.1 - Suyin Optronics Corp) Acer eRecovery Management (HKLM\...\{7F811A54-5A09-4579-90E1-C93498E230D9}) (Version: 4.00.3008 - Acer Incorporated) Acer GridVista (HKLM\...\GridVista) (Version: 2.72.317 - ) Acer PowerSmart Manager (HKLM\...\{3DB0448D-AD82-4923-B305-D001E521A964}) (Version: 4.01.3016 - Acer Incorporated) Acer ScreenSaver (HKLM\...\Acer Screensaver) (Version: 1.0.0.0226 - Acer) Adobe Flash Player 18 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 18.0.0.232 - Adobe Systems Incorporated) Adobe Flash Player 18 NPAPI (HKLM\...\Adobe Flash Player NPAPI) (Version: 18.0.0.232 - Adobe Systems Incorporated) Adobe Reader XI (11.0.08) - Polish (HKLM\...\{AC76BA86-7AD7-1045-7B44-AB0000000001}) (Version: 11.0.08 - Adobe Systems Incorporated) Aktualizacja produktu Microsoft Office Excel 2007 Help (KB963678) (HKLM\...\{90120000-0016-0415-0000-0000000FF1CE}_ENTERPRISE_{04E205D6-88B1-4652-B162-42DF2C3B1228}) (Version: - Microsoft) Aktualizacja produktu Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM\...\{90120000-0018-0415-0000-0000000FF1CE}_ENTERPRISE_{442ECBCF-94A7-48CC-8CD9-D31FFFD5FA86}) (Version: - Microsoft) Aktualizacja produktu Microsoft Office Word 2007 Help (KB963665) (HKLM\...\{90120000-001B-0415-0000-0000000FF1CE}_ENTERPRISE_{128A36ED-21BE-4547-9FFE-5B85AEC735DD}) (Version: - Microsoft) Asystent rejestracji usługi Windows Live (HKLM\...\{74CC5B4D-CBB5-46F1-82B0-3169977B1D36}) (Version: 5.000.818.6 - Microsoft Corporation) Atheros Driver Installation Program (HKLM\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 7.7.0.356 - Atheros) AVG 2015 (HKLM\...\AVG) (Version: 2015.0.6125 - AVG Technologies) AVG 2015 (Version: 15.0.4392 - AVG Technologies) Hidden AVG 2015 (Version: 15.0.6125 - AVG Technologies) Hidden Broadcom Gigabit NetLink Controller (HKLM\...\{9AF0B106-56F1-461B-A270-95BC1682E282}) (Version: 11.34.02 - Broadcom Corporation) Cisco EAP-FAST Module (HKLM\...\{415B2719-AD3A-4944-B404-C472DB6085B3}) (Version: 2.1.6 - Cisco Systems, Inc.) Cisco LEAP Module (HKLM\...\{83770D14-21B9-44B3-8689-F7B523F94560}) (Version: 1.0.12 - Cisco Systems, Inc.) Cisco PEAP Module (HKLM\...\{669C7BD8-DAA2-49B6-966C-F1E2AAE6B17E}) (Version: 1.0.13 - Cisco Systems, Inc.) HDAUDIO Soft Data Fax Modem with SmartCP (HKLM\...\CNXT_MODEM_HDA_HSF) (Version: 7.80.2.53 - Conexant Systems) Intel(R) Graphics Media Accelerator Driver (HKLM\...\HDMI) (Version: - Intel Corporation) Launch Manager (HKLM\...\LManager) (Version: 2.0.10 - Acer Inc.) Microsoft .NET Framework 3.5 SP1 (HKLM\...\Microsoft .NET Framework 3.5 SP1) (Version: - Microsoft Corporation) Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation) Microsoft .NET Framework 4.5.2 (Polski) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1045) (Version: 4.5.51209 - Microsoft Corporation) Microsoft Office 2007 Service Pack 3 (SP3) (HKLM\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft) Microsoft Office Enterprise 2007 (HKLM\...\ENTERPRISE) (Version: 12.0.6612.1000 - Microsoft Corporation) Microsoft Office File Validation Add-In (HKLM\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation) Mozilla Firefox 40.0.2 (x86 pl) (HKLM\...\Mozilla Firefox 40.0.2 (x86 pl)) (Version: 40.0.2 - Mozilla) Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 40.0.2 - Mozilla) MSXML 4.0 SP2 (KB954430) (HKLM\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation) MSXML 4.0 SP2 (KB973688) (HKLM\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation) Narzędzie do przekazywania usługi Windows Live (HKLM\...\{205C6BDD-7B73-42DE-8505-9A093F35A238}) (Version: 14.0.8014.1029 - Microsoft Corporation) Pakiet językowy programu Microsoft .NET Framework 3.5 z dodatkiem SP1 — PLK (HKLM\...\Microsoft .NET Framework 3.5 Language Pack SP1 - plk) (Version: - Microsoft Corporation) Realtek USB 2.0 Card Reader (HKLM\...\{DC24971E-1946-445D-8A82-CE685433FA7D}) (Version: 6.0.6000.20113 - Realtek Semiconductor Corp.) Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 12.1.0.0 - Synaptics) Update for 2007 Microsoft Office System (KB967642) (HKLM\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft) Visual Studio 2012 x86 Redistributables (HKLM\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.) Windows Live Sync (HKLM\...\{C3335EFB-008F-44DB-A87A-9EC8EE53D045}) (Version: 14.0.8050.1202 - Microsoft Corporation) ==================== Custom CLSID (Whitelisted): ========================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) ==================== Restore Points ========================= 21-08-2015 14:14:09 Dodatek Service Pack 2 do systemu Windows Vista™ 21-08-2015 15:18:19 Windows Update 21-08-2015 17:35:44 Windows Update 21-08-2015 19:29:04 Windows Update 21-08-2015 20:14:10 Windows Update 21-08-2015 21:28:26 Windows Update 21-08-2015 22:04:06 Windows Update ==================== Hosts content: ========================== (If needed Hosts: directive could be included in the fixlist to reset Hosts.) 2006-11-02 12:23 - 2006-09-18 23:41 - 00000761 ____A C:\Windows\system32\Drivers\etc\hosts 127.0.0.1 localhost ::1 localhost ==================== Scheduled Tasks (Whitelisted) ============= (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) Task: {09EC84F0-6AD8-4F8D-BF83-9A3105121B3F} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2015-08-21] (Adobe Systems Incorporated) Task: {584659DC-2E16-403B-8ACD-548F8E178239} - System32\Tasks\Recovery Management\Burn Notification => C:\Program Files\Acer\Acer eRecovery Management\NotificationCenter\Notification.exe [2009-04-20] (Acer) Task: {8F2DF084-6D8D-4283-9E83-4159094CD116} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-07-07] (Adobe Systems Incorporated) (If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.) Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe ==================== Loaded Modules (Whitelisted) ============== 2015-08-21 07:43 - 2008-07-29 19:29 - 00200704 _____ () C:\Windows\PLFSetI.exe 2015-08-21 17:02 - 2003-06-07 23:30 - 00057344 _____ () C:\Program Files\Launch Manager\PowerUtl.dll ==================== Alternate Data Streams (Whitelisted) ========= (If an entry is included in the fixlist, only the ADS will be removed.) ==================== Safe Mode (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" value will be restored.) ==================== EXE Association (Whitelisted) =============== (If an entry is included in the fixlist, the registry item will be restored to default or removed.) ==================== Internet Explorer trusted/restricted =============== (If an entry is included in the fixlist, it will be removed from the registry.) ==================== Other Areas ============================ (Currently there is no automatic fix for this section.) HKU\S-1-5-21-341662459-1698172198-1879932507-1000\Control Panel\Desktop\\Wallpaper -> c:\Windows\Web\wallpaper\Acer01.jpg DNS Servers: 192.168.1.1 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 2) (ConsentPromptBehaviorUser: 1) (EnableLUA: 1) Windows Firewall is enabled. ==================== MSCONFIG/TASK MANAGER disabled items == (Currently there is no automatic fix for this section.) ==================== FirewallRules (Whitelisted) =============== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) FirewallRules: [WinCollab-Out-UDP] => (Allow) %ProgramFiles%\Windows Collaboration\WinCollab.exe FirewallRules: [WinCollab-In-UDP] => (Allow) %ProgramFiles%\Windows Collaboration\WinCollab.exe FirewallRules: [WinCollab-Out-TCP] => (Allow) %ProgramFiles%\Windows Collaboration\WinCollab.exe FirewallRules: [WinCollab-In-TCP] => (Allow) %ProgramFiles%\Windows Collaboration\WinCollab.exe FirewallRules: [WinCollab-DFSR-Out-TCP] => (Allow) %SystemRoot%\system32\dfsr.exe FirewallRules: [WinCollab-DFSR-In-TCP] => (Allow) %SystemRoot%\system32\dfsr.exe FirewallRules: [{7768BE41-DF7B-41D1-9C19-522023FE8DB5}] => (Allow) C:\Program Files\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe FirewallRules: [{6EE432C0-614E-4ED1-8350-0186AD3233E2}] => (Allow) C:\Program Files\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe FirewallRules: [{AE00B093-53D5-47E1-8ECE-704B850A41BC}] => (Allow) C:\Program Files\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe FirewallRules: [{B020B411-FDE8-4162-9B41-5E67CFEEE481}] => (Allow) C:\Program Files\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe FirewallRules: [{3A35A4CD-764E-4998-AEA1-D0D200E48662}] => (Allow) C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe FirewallRules: [{5377508A-09DA-4147-922A-A2646C2CF301}] => (Allow) LPort=80 FirewallRules: [{51AF1F96-1E7F-411E-B76C-3CB22543DB72}] => (Allow) LPort=80 FirewallRules: [{186F76A0-B40F-4BBB-B147-4B59F8536FB4}] => (Allow) LPort=80 FirewallRules: [{43150837-5C90-4E7B-9D47-C95363F8429A}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe FirewallRules: [{E0A3D596-3C39-48CA-B8CC-2877B6DD41B8}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe FirewallRules: [{29E7CF38-481F-44BD-A775-1BE93A5D58EB}] => (Allow) C:\Program Files\AVG\AVG2015\avgdiagex.exe FirewallRules: [{39E16DD4-7B8D-41B9-97C6-875EE8B19CC2}] => (Allow) C:\Program Files\AVG\AVG2015\avgdiagex.exe FirewallRules: [{2C18FF29-5D2F-4FCE-B24B-3A57EC971A72}] => (Allow) C:\Program Files\AVG\AVG2015\avgmfapx.exe FirewallRules: [{93545176-68F5-4D5E-9D99-74DF3B905A1A}] => (Allow) C:\Program Files\AVG\AVG2015\avgmfapx.exe FirewallRules: [{291605E2-1823-4DFB-A187-12901723B0A0}] => (Allow) C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe ==================== Faulty Device Manager Devices ============= ==================== Event log errors: ========================= Application errors: ================== Error: (08/22/2015 06:40:03 AM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (08/21/2015 09:51:12 PM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (08/21/2015 09:35:02 PM) (Source: .NET Runtime Optimization Service) (EventID: 1101) (User: ) Description: .NET Runtime Optimization Service (clr_optimization_v4.0.30319_32) - 1>Failed to compile: mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089 . Error code = 0x80070003 Error: (08/21/2015 09:17:30 PM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (08/21/2015 07:16:11 PM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (08/21/2015 05:47:07 PM) (Source: MsiInstaller) (EventID: 11704) (User: ZARZĄDZANIE NT) Description: Produkt: Microsoft .NET Framework 3.5 SP1 - Error 1704.Instalacja Microsoft .NET Framework 4 Client Profile jest aktualnie wstrzymana. Aby kontynuować, musisz cofnąć zmiany wprowadzone przez tę instalację. Czy chcesz cofnąć te zmiany? Error: (08/21/2015 03:48:48 PM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (08/21/2015 03:13:30 PM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (08/21/2015 03:00:33 PM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (08/21/2015 02:54:30 PM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 System errors: ============= Error: (08/22/2015 06:57:02 AM) (Source: Service Control Manager) (EventID: 7011) (User: ) Description: 30000Netman Error: (08/22/2015 06:40:04 AM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Parallel port driver%%1058 Error: (08/21/2015 09:51:13 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Parallel port driver%%1058 Error: (08/21/2015 09:17:31 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Parallel port driver%%1058 Error: (08/21/2015 07:16:12 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Parallel port driver%%1058 Error: (08/21/2015 07:10:23 PM) (Source: DCOM) (EventID: 10010) (User: ) Description: {752073A1-23F2-4396-85F0-8FDB879ED0ED} Error: (08/21/2015 03:48:48 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Parallel port driver%%1058 Error: (08/21/2015 03:20:00 PM) (Source: Microsoft-Windows-Servicing) (EventID: 4385) (User: ZARZĄDZANIE NT) Description: Obsługa systemu Windows nie może ukończyć procesu zmieniania stanu aktualizacji Aux z pakietu WindowsUpdateClient-SelfUpdate-Aux-AuxComp-Package_pl-PL(Language Pack) na Przemieszczony(Staged). Error: (08/21/2015 03:20:00 PM) (Source: Microsoft-Windows-Servicing) (EventID: 4375) (User: ZARZĄDZANIE NT) Description: Obsługa systemu Windows nie może ukończyć procesu nadawania pakietowi WindowsUpdateClient-SelfUpdate-Aux-AuxComp-Package_pl-PL(Language Pack) stanu Żądana instalacja(Install Requested). Error: (08/21/2015 03:20:00 PM) (Source: Microsoft-Windows-Servicing) (EventID: 4385) (User: ZARZĄDZANIE NT) Description: Obsługa systemu Windows nie może ukończyć procesu zmieniania stanu aktualizacji AuxResourcesLP z pakietu WindowsUpdateClient-SelfUpdate-Aux-Package(Language Pack) na Przemieszczony(Staged). Microsoft Office: ========================= CodeIntegrity: =================================== Date: 2015-08-22 07:16:52.822 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\avgmfx86.sys because the set of per-page image hashes could not be found on the system. Date: 2015-08-22 07:16:52.386 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\avgmfx86.sys because the set of per-page image hashes could not be found on the system. Date: 2015-08-22 07:16:51.964 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\avgmfx86.sys because the set of per-page image hashes could not be found on the system. Date: 2015-08-22 07:16:51.528 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\avgmfx86.sys because the set of per-page image hashes could not be found on the system. Date: 2015-08-22 07:16:51.028 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\avgidsdriverx.sys because the set of per-page image hashes could not be found on the system. Date: 2015-08-22 07:16:50.623 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\avgidsdriverx.sys because the set of per-page image hashes could not be found on the system. Date: 2015-08-22 07:16:50.202 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\avgidsdriverx.sys because the set of per-page image hashes could not be found on the system. Date: 2015-08-22 07:16:49.656 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\avgidsdriverx.sys because the set of per-page image hashes could not be found on the system. Date: 2015-08-22 07:16:05.788 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\avgmfx86.sys because the set of per-page image hashes could not be found on the system. Date: 2015-08-22 07:16:05.383 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\avgmfx86.sys because the set of per-page image hashes could not be found on the system. ==================== Memory info =========================== Processor: Pentium(R) Dual-Core CPU T4200 @ 2.00GHz Percentage of memory in use: 53% Total physical RAM: 3000.09 MB Available physical RAM: 1400.81 MB Total Virtual: 6234.46 MB Available Virtual: 4932.4 MB ==================== Drives ================================ Drive c: (ACER) (Fixed) (Total:139.5 GB) (Free:92.38 GB) NTFS ==>[drive with boot components (obtained from BCD)] Drive d: (DRUGI) (Fixed) (Total:83.01 GB) (Free:64.76 GB) NTFS ==================== MBR & Partition Table ================== ======================================================== Disk: 0 (Size: 232.9 GB) (Disk ID: E6132887) Partition 1: (Not Active) - (Size=9.8 GB) - (Type=27) Partition 2: (Active) - (Size=139.5 GB) - (Type=07 NTFS) Partition 3: (Not Active) - (Size=83 GB) - (Type=OF Extended) ==================== End of log ============================