Additional scan result of Farbar Recovery Scan Tool (x64) Version: 13-12-2013 01 Ran by sony at 2013-12-13 16:36:06 Running from C:\Users\sony\Downloads Boot Mode: Normal ========================================================== ==================== Security Center ======================== AV: AVG Internet Security 2014 (Enabled - Up to date) {0E9420C4-06B3-7FA0-3AB1-6E49CB52ECD9} AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: AVG Internet Security 2014 (Enabled - Up to date) {B5F5C120-2089-702E-0001-553BB0D5A664} FW: AVG Internet Security 2014 (Enabled) {36AFA1E1-4CDC-7EF8-11EE-C77C3581ABA2} ==================== Installed Programs ====================== Adobe AIR (x32 Version: 1.5.3.9130) Adobe Flash Player 10 Plugin (x32 Version: 10.0.45.2) Adobe Flash Player 11 ActiveX 64-bit (Version: 11.1.102.55) Adobe Photoshop CS (x32 Version: CS) Adobe Photoshop Elements 8.0 (x32 Version: 8.0) Adobe Reader 9.5.1 (x32 Version: 9.5.1) Alps Pointing-device for VAIO AMR to MP3 Converter 1.4 (x32) AppsHat Mobile Apps (HKCU Version: 1.0.0.0) ArcSoft Magic-i Visual Effects 2 (x32 Version: 2.0.1.115) ArcSoft WebCam Companion 3 (x32 Version: 3.0.21.368) ATI Catalyst Install Manager (Version: 3.0.750.0) Audacity 2.0 (x32) AVG 2014 (Version: 14.0.3658) AVG 2014 (Version: 14.0.4259) AVG 2014 (Version: 2014.0.4259) AVG PC TuneUp (x32 Version: 12.0.4020.9) AVG PC TuneUp Language Pack (pl-PL) (x32 Version: 12.0.4020.9) Bentley MicroStation (V 08.00.01.19) - 1 (x32) Bing Bar (x32 Version: 7.2.241.0) Bundled software uninstaller (x32) <==== ATTENTION Business Everywhere (x32) Card Detector for ZTE MF192 (x32 Version: 1.1.2.0) Catalyst Control Center Core Implementation (x32 Version: 2010.0209.16.306) Catalyst Control Center Graphics Full Existing (x32 Version: 2010.0209.16.306) Catalyst Control Center Graphics Full New (x32 Version: 2010.0209.16.306) Catalyst Control Center Graphics Light (x32 Version: 2010.0209.16.306) Catalyst Control Center Graphics Previews Common (x32 Version: 2010.0209.16.306) Catalyst Control Center Graphics Previews Vista (x32 Version: 2010.0209.16.306) Catalyst Control Center InstallProxy (x32 Version: 2010.0209.16.306) Catalyst Control Center Localization All (x32 Version: 2010.0209.16.306) CCC Help Chinese Standard (x32 Version: 2010.0209.0015.306) CCC Help Chinese Traditional (x32 Version: 2010.0209.0015.306) CCC Help Czech (x32 Version: 2010.0209.0015.306) CCC Help Danish (x32 Version: 2010.0209.0015.306) CCC Help Dutch (x32 Version: 2010.0209.0015.306) CCC Help English (x32 Version: 2010.0209.0015.306) CCC Help Finnish (x32 Version: 2010.0209.0015.306) CCC Help French (x32 Version: 2010.0209.0015.306) CCC Help German (x32 Version: 2010.0209.0015.306) CCC Help Greek (x32 Version: 2010.0209.0015.306) CCC Help Hungarian (x32 Version: 2010.0209.0015.306) CCC Help Italian (x32 Version: 2010.0209.0015.306) CCC Help Japanese (x32 Version: 2010.0209.0015.306) CCC Help Korean (x32 Version: 2010.0209.0015.306) CCC Help Norwegian (x32 Version: 2010.0209.0015.306) CCC Help Polish (x32 Version: 2010.0209.0015.306) CCC Help Portuguese (x32 Version: 2010.0209.0015.306) CCC Help Russian (x32 Version: 2010.0209.0015.306) CCC Help Spanish (x32 Version: 2010.0209.0015.306) CCC Help Swedish (x32 Version: 2010.0209.0015.306) CCC Help Thai (x32 Version: 2010.0209.0015.306) CCC Help Turkish (x32 Version: 2010.0209.0015.306) ccc-core-static (x32 Version: 2010.0209.16.306) ccc-utility64 (Version: 2010.0209.16.306) CCleaner (Version: 3.24) Definition update for Microsoft Office 2010 (KB982726) (x32) Dropbox (HKCU Version: 2.0.26) DWG TrueView 2012 (Version: 18.2.51.0) Easy GIF Animator 5.6 (x32 Version: Easy GIF Animator 5.0) EuroGrand Casino (HKCU) Evernote (x32 Version: 3.5.4.2224) Facebook Video Calling 1.2.0.287 (x32 Version: 1.2.287) FilesFrog Update Checker (x32) <==== ATTENTION FormatFactory 3.0.1 (x32 Version: 3.0.1) Futuremark SystemInfo (x32 Version: 3.21.2.1) Gadu-Gadu 7.7 (x32) Google Chrome (x32 Version: 31.0.1650.63) Google Talk Plugin (x32 Version: 4.9.1.16010) Google Update Helper (x32 Version: 1.3.22.3) HP Deskjet Ink Adv 2060 K110 Podstawowe oprogramowanie urządzenia (Version: 22.0.334.0) HP Deskjet Ink Adv 2060 K110 Pomoc (x32 Version: 140.0.2.2) Intel(R) Control Center (x32 Version: 1.2.1.1007) Intel(R) Management Engine Components (x32 Version: 6.0.0.1179) Intel(R) Rapid Storage Technology (x32 Version: 9.6.0.1014) Intel(R) Turbo Boost Technology Driver (x32 Version: 01.02.00.1002) Java 7 Update 17 (64-bit) (Version: 7.0.170) Java Auto Updater (x32 Version: 2.0.6.1) Java(TM) 6 Update 20 (64-bit) (Version: 6.0.200) Java(TM) 6 Update 29 (x32 Version: 6.0.290) Junk Mail filter update (x32 Version: 14.0.8117.416) Media Gallery (Version: 1.3.0) Media Gallery (x32 Version: 1.3.0.06230) Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319) Microsoft .NET Framework 4 Client Profile PLK Language Pack (Version: 4.0.30319) Microsoft .NET Framework 4 Extended (Version: 4.0.30319) Microsoft .NET Framework 4 Extended PLK Language Pack (Version: 4.0.30319) Microsoft Application Error Reporting (Version: 12.0.6015.5000) Microsoft Choice Guard (x32 Version: 2.0.48.0) Microsoft Office 2003 Web Components (x32 Version: 12.0.4518.1014) Microsoft Office 2010 Service Pack 1 (SP1) (x32) Microsoft Office Access MUI (Polish) 2010 (x32 Version: 14.0.6029.1000) Microsoft Office Excel MUI (Polish) 2010 (x32 Version: 14.0.6029.1000) Microsoft Office Groove MUI (Polish) 2010 (x32 Version: 14.0.6029.1000) Microsoft Office InfoPath MUI (Polish) 2010 (x32 Version: 14.0.6029.1000) Microsoft Office Office 64-bit Components 2010 (Version: 14.0.6029.1000) Microsoft Office OneNote MUI (Polish) 2010 (x32 Version: 14.0.6029.1000) Microsoft Office Outlook MUI (Polish) 2010 (x32 Version: 14.0.6029.1000) Microsoft Office PowerPoint MUI (Polish) 2010 (x32 Version: 14.0.6029.1000) Microsoft Office Professional Plus 2010 (x32 Version: 14.0.6029.1000) Microsoft Office Proof (English) 2010 (x32 Version: 14.0.6029.1000) Microsoft Office Proof (German) 2010 (x32 Version: 14.0.6029.1000) Microsoft Office Proof (Polish) 2010 (x32 Version: 14.0.6029.1000) Microsoft Office Proofing (Polish) 2010 (x32 Version: 14.0.6029.1000) Microsoft Office Publisher MUI (Polish) 2010 (x32 Version: 14.0.6029.1000) Microsoft Office Shared 64-bit MUI (Polish) 2010 (Version: 14.0.6029.1000) Microsoft Office Shared MUI (Polish) 2010 (x32 Version: 14.0.6029.1000) Microsoft Office Word MUI (Polish) 2010 (x32 Version: 14.0.6029.1000) Microsoft Silverlight (Version: 5.1.20125.0) Microsoft SQL Server 2005 Compact Edition [ENU] (x32 Version: 3.1.0000) Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053 (Version: 8.0.50727.4053) Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.56336) Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.59193) Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.61001) Microsoft Visual C++ 2005 Redistributable (x64) - KB2467175 (Version: 8.0.51011) Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.56336) Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.61000) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (Version: 9.0.30729.4148) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (x32 Version: 9.0.30729) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (x32 Version: 9.0.30729.4148) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (x32 Version: 9.0.30729.6161) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (x32 Version: 10.0.40219) Microsoft Visual Studio 2005 Remote Debugger Light (x64) - ENU Microsoft Visual Studio 2005 Remote Debugger Light (x64) - ENU (Version: 8.0.52572) Microsoft Visual Studio 2005 Tools for Applications - ENU (x32 Version: 8.0.50727.146) Microsoft Visual Studio 2005 Tools for Applications - ENU (x32) MobileWiFi (x32 Version: TOOL-ConnLaucher_WIN1.09.02.00) Moduł Szybka instalacja pakietu Microsoft Office 2010 (Version: 14.0.4763.1000) Moduł Szybka instalacja pakietu Microsoft Office 2010 (x32 Version: 14.0.4763.1000) Mozilla Firefox 23.0.1 (x86 pl) (x32 Version: 23.0.1) Mozilla Maintenance Service (x32 Version: 23.0.1) MSVCRT (x32 Version: 14.0.1468.721) MSXML 4.0 SP2 (KB954430) (x32 Version: 4.20.9870.0) MSXML 4.0 SP2 (KB973688) (x32 Version: 4.20.9876.0) MSXML 4.0 SP3 Parser (KB973685) (x32 Version: 4.30.2107.0) MSXML 4.0 SP3 Parser (x32 Version: 4.30.2100.0) Nokia Connectivity Cable Driver (x32 Version: 7.1.78.0) Nokia Software Updater (x32 Version: 3.0.655) OpenAL (x32) OptimizerPro (Version: 1.0) <==== ATTENTION Pakiet sterowników systemu Windows - Nokia pccsmcfd (08/22/2008 7.0.0.0) (Version: 08/22/2008 7.0.0.0) Pazera Free FLV to AVI Converter 1.5 (x32 Version: 1.5) PC Connectivity Solution (x32 Version: 11.5.29.0) Pdf995 (x32) PhotoFiltre 7 (HKCU) Polski pakiet językowy dla programu Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319) Polski pakiet językowy dla programu Microsoft .NET Framework 4 Extended (Version: 4.0.30319) ProModel 7.5 (x32 Version: 7.5.0.299) Real Alternative 2.0.2 (x32 Version: 2.0.2) Realtek HDMI Audio Driver for ATI (x32 Version: 6.0.1.6034) Realtek High Definition Audio Driver (x32 Version: 6.0.1.6098) Search Assistant MocaFlix 1.66 (x32) SimilarSites (x32 Version: 0.0.0.1) Skype Click to Call (x32 Version: 5.7.8524) Skype™ 6.3 (x32 Version: 6.3.105) Software Version Updater (x32 Version: 1.1.3.8) SolidWorks 2012 x64 Edition SP02 (Version: 20.120.55) SolidWorks 2012 x64 Edition SP02 (x32 Version: 20.2.0.55) SolidWorks 2012 x64 Polish Resources (Version: 20.120.55) SolidWorks eDrawings 2012 x64 Edition SP02 (Version: 12.2.110) SolidWorks Flow Simulation 2012 SP02 x64 Edition (Version: 20.20.56) SpeedUpMyComputer (x32 Version: 38.1) SweetIM Bundle by SweetPacks (x32 Version: 1.0.0.0) <==== ATTENTION SweetIM for Messenger 3.7 (x32 Version: 3.7.0007) <==== ATTENTION Tomb Raider: Underworld 1.0 (x32) Toolbar 4.7 by SweetPacks (x32 Version: 4.7.0004) <==== ATTENTION Update for Codec Pack (HKCU) Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (x32 Version: 1) Update for Microsoft .NET Framework 4 Client Profile (KB2473228) (x32 Version: 1) Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (x32 Version: 1) Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (x32 Version: 1) Update for Microsoft .NET Framework 4 Extended (KB2468871) (x32 Version: 1) Update for Microsoft .NET Framework 4 Extended (KB2533523) (x32 Version: 1) Update for Microsoft .NET Framework 4 Extended (KB2600217) (x32 Version: 1) Update Manager for SweetPacks 1.1 (x32 Version: 1.1.0008) <==== ATTENTION VAIO - Media Gallery (x32 Version: 1.3.0.06230) VAIO Care (x32 Version: 6.2.2.07150) VAIO Control Center (x32 Version: 4.3.0.05310) VAIO Data Restore Tool (x32 Version: 1.4.0.05240) VAIO DVD Menu Data (x32 Version: 2.2.00.05120) VAIO Gate (x32 Version: 2.2.0.06080) VAIO Gate Default (x32 Version: 2.2.0.07020) VAIO Hardware Diagnostics (x32 Version: 4.0.0.06230) VAIO Manual (x32 Version: 1.1.0.05280) VAIO Media plus (Version: 2.1.0) VAIO Media plus (x32 Version: 2.1.0.18210) VAIO Media plus Opening Movie (x32 Version: 2.1.0.13220) VAIO Quick Web Access (x32 Version: 1.3.4.2) VAIO Sample Contents (x32 Version: 1.3.0.06041) VAIO screensaver (x32 Version: 1.0.0.0) VAIO Smart Network (x32 Version: 3.3.0.06080) VAIO Transfer Support (x32 Version: 1.2.0.06230) VAIO Update (x32 Version: 5.2.0.05310) VBA (2720) (x32 Version: 6.01.00.1234) Visual Basic for Applications (R) Core - English (x32 Version: 6.5.10.32) Visual Basic for Applications (R) Core (x32 Version: 6.5.10.32) Visual Studio 2010 x64 Redistributables (Version: 13.0.0.1) Visual Studio 2012 x64 Redistributables (Version: 14.0.0.1) Visual Studio 2012 x86 Redistributables (x32 Version: 14.0.0.1) WIDCOMM Bluetooth Software (Version: 6.3.0.5600) Windows Live Call (x32 Version: 14.0.8117.0416) Windows Live Communications Platform (x32 Version: 14.0.8117.416) Windows Live Essentials (x32 Version: 14.0.8117.0416) Windows Live Essentials (x32 Version: 14.0.8117.416) Windows Live ID Sign-in Assistant (Version: 6.500.3165.0) Windows Live Mail (x32 Version: 14.0.8117.0416) Windows Live Photo Gallery (x32 Version: 14.0.8117.416) Windows Live Sync (x32 Version: 14.0.8117.416) Windows Live Upload Tool (x32 Version: 14.0.8014.1029) Windows Live Writer (x32 Version: 14.0.8117.0416) WinRAR 4.01 (32-bitowy) (x32 Version: 4.01.0) WinSCP 4.3.6 (x32 Version: 4.3.6) YTD Video Downloader 3.9.6 (x32 Version: 3.9.6) ==================== Restore Points ========================= 10-07-2013 18:40:19 Zainstalowane Adobe Photoshop 15-11-2013 17:12:37 Installed AVG 2014 15-11-2013 17:13:57 Installed AVG 2014 24-11-2013 12:00:48 ProModel 7.5 Installation 13-12-2013 12:37:25 ComboFix created restore point ==================== Hosts content: ========================== 2009-07-14 03:34 - 2013-12-13 14:16 - 00000027 ____A C:\Windows\system32\Drivers\etc\hosts 127.0.0.1 localhost ==================== Scheduled Tasks (whitelisted) ============= Task: {012F28DE-680A-411C-B7B7-385EC03F927C} - System32\Tasks\SONY\VAIO Power Management\VPM Logon Start => C:\Program Files\Sony\VAIO Power Management\SPMgr.exe [2010-06-21] (Sony Corporation) Task: {05CE80FA-9FC7-495B-AABD-009BD602AEFF} - System32\Tasks\SONY\VAIO Gate\StartExecuteProxy => C:\Program Files\Sony\VAIO Gate\ExecutionProxy.exe [2010-06-08] (Sony Corporation) Task: {0B69582E-6AA5-4565-A259-57E669702520} - System32\Tasks\VAIO Care Support => C:\Program Files\Sony\VAIO Care\VCSpt.exe [2010-05-26] (Sony Corporation) Task: {1B3F20C9-DFF5-4967-9BC6-566142905767} - System32\Tasks\HP Deskjet Ink Adv 2060 K110.exe => C:\Program Files\HP\HP Deskjet Ink Adv 2060 K110\Bin\HP Deskjet Ink Adv 2060 K110.exe [2010-06-14] (Hewlett-Packard Co.) Task: {1D1437E3-0A39-4D43-B8E4-28AFF15F2371} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2010-07-28] (Google Inc.) Task: {2CFCED60-8BEF-49D3-811E-022511D8BB00} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-4233680346-135388955-4045965603-1000Core => C:\Users\sony\AppData\Local\Facebook\Update\FacebookUpdate.exe [2013-09-26] (Facebook Inc.) Task: {41263DDF-FA58-4CC3-82FB-023869D94518} - System32\Tasks\SONY\VAIO Wallpaper Setting Tool\VAIO Wallpaper Setting Tool => C:\Program Files (x86)\Sony\VAIO Wallpaper Setting Tool\VWSet.exe Task: {574FE336-B363-41C9-8B79-22446E81C73E} - System32\Tasks\{FD094B8F-481C-48A2-80E4-DE61025336D0} => Chrome.exe http://ui.skype.com/ui/0/6.0.0.126/pl/abandoninstall?page=tsProgressBar Task: {60ED6CC4-11AB-47F8-A617-D0D684F69A2F} - System32\Tasks\SONY\VAIO Update\VAIO Update 5 => C:\Program Files\Sony\VAIO Update 5\VAIOUpdt.exe [2010-05-31] (Sony Corporation) Task: {6B589A7D-1894-4EC3-AE95-4F38650BD571} - System32\Tasks\{271AF73A-D39B-4D4F-BA04-761BA316F3FC} => Chrome.exe http://ui.skype.com/ui/0/5.9.0.115.259/pl/abandoninstall?page=tsMain Task: {6F7BAA96-3FFD-4F44-89FE-B47EE573FB1E} - System32\Tasks\{33AEF247-36F1-42EC-A120-37F3BD183076} => Chrome.exe http://ui.skype.com/ui/0/5.9.0.115/pl/abandoninstall?page=tsMain Task: {7A72B36E-2882-45CD-A7EB-8E58DC6E11AD} - System32\Tasks\Java Update Scheduler => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2011-06-09] (Sun Microsystems, Inc.) Task: {7EE799D5-EF59-442D-93D9-73DCECB7528B} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2012-10-24] (Piriform Ltd) Task: {8A856267-3A03-4176-91D9-F8B13186D233} - System32\Tasks\SONY\VAIO Power Management\VPM Unlock => C:\Program Files\Sony\VAIO Power Management\SPMgr.exe [2010-06-21] (Sony Corporation) Task: {8AD25E1D-7DC1-452F-B2B1-508436E1EDC4} - System32\Tasks\ROC_REG_JAN_DELETE => C:\ProgramData\AVG January 2013 Campaign\ROC.exe [2013-01-17] () Task: {8B81A3A0-B09D-4E29-B28A-E6BE0299AD70} - System32\Tasks\SONY\SUS-BCF\Level4Daily => C:\Program Files (x86)\Sony\Setting Utility Series\WBCBatteryCare.exe [2010-05-31] (Sony Corporation) Task: {913EE614-D056-48A4-A6C1-5847E5AAD00F} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-4233680346-135388955-4045965603-1000UA => C:\Users\sony\AppData\Local\Google\Update\GoogleUpdate.exe [2011-12-15] (Google Inc.) Task: {9443F14A-08EC-4414-8F1B-DCB7A7C2B6B1} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-4233680346-135388955-4045965603-1000Core => C:\Users\sony\AppData\Local\Google\Update\GoogleUpdate.exe [2011-12-15] (Google Inc.) Task: {98A1E1D7-3A77-40BB-AF0D-D17E3B546761} - System32\Tasks\AmiUpdXp => C:\Users\sony\AppData\Local\SwvUpdater\Updater.exe [2013-12-13] (Amonetizé Ltd) <==== ATTENTION Task: {9BDF8187-F697-4D2A-9FC1-38DA13C97A86} - System32\Tasks\{A543F058-8469-4882-BA4B-37A7F3C9ACC0} => Chrome.exe http://ui.skype.com/ui/0/5.10.0.116/pl/abandoninstall?page=tsProgressBar Task: {A185B5F1-324A-4824-A278-94646BFB1597} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2010-07-28] (Google Inc.) Task: {A40685C0-838D-433F-B626-181168C3D464} - System32\Tasks\{C2720EA8-C838-4018-8668-008B1E4DA547} => Chrome.exe http://ui.skype.com/ui/0/5.8.0.158/pl/abandoninstall?page=tsMain Task: {BD4B0946-D966-41FC-AC08-FEF71A9D409B} - System32\Tasks\SONY\VAIO Power Management\VPM Session Change => C:\Program Files\Sony\VAIO Power Management\SPMgr.exe [2010-06-21] (Sony Corporation) Task: {C5EA9200-4863-494C-92ED-AA12F71917DE} - System32\Tasks\Games\UpdateCheck_S-1-5-21-4233680346-135388955-4045965603-1000 Task: {C91F84EC-C922-4718-943B-24263B6861A7} - System32\Tasks\SONY\VAIO Gate\VAIO Gate => C:\Program Files\Sony\VAIO Gate\VAIO Gate.exe [2010-06-08] (Sony Corporation) Task: {C923E531-B958-4524-84C8-9C9C67387374} - System32\Tasks\SONY\SUS-BCF\Level4Month => C:\Program Files (x86)\Sony\Setting Utility Series\WBCBatteryCare.exe [2010-05-31] (Sony Corporation) Task: {CCE7DF43-FC2D-44A8-80B4-44495E7D0D27} - System32\Tasks\VAIO Care => C:\Program Files\Sony\VAIO Care\VCsystray.exe [2010-07-15] (Sony Corporation) Task: {D70089ED-F507-48B7-A604-AD7696944817} - System32\Tasks\TuneUpUtilities_Task_BkGndMaintenance2012 => C:\Program Files (x86)\AVG\AVG PC TuneUp\OneClick.exe [2013-10-31] (AVG) Task: {F4BEF1A9-6DFE-41F1-9BD7-DE15736AFF8B} - System32\Tasks\{ED564165-CA11-4BA7-9F3A-F5283097A277} => Chrome.exe http://ui.skype.com/ui/0/5.10.0.116/pl/abandoninstall?page=tsMain Task: {FB3A7573-DC67-4690-9EE1-D433B829F55E} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-4233680346-135388955-4045965603-1000UA => C:\Users\sony\AppData\Local\Facebook\Update\FacebookUpdate.exe [2013-09-26] (Facebook Inc.) Task: C:\Windows\Tasks\AmiUpdXp.job => C:\Users\sony\AppData\Local\SwvUpdater\Updater.exe Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-4233680346-135388955-4045965603-1000Core.job => C:\Users\sony\AppData\Local\Facebook\Update\FacebookUpdate.exe Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-4233680346-135388955-4045965603-1000UA.job => C:\Users\sony\AppData\Local\Facebook\Update\FacebookUpdate.exe Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-4233680346-135388955-4045965603-1000Core.job => C:\Users\sony\AppData\Local\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-4233680346-135388955-4045965603-1000UA.job => C:\Users\sony\AppData\Local\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\ROC_REG_JAN_DELETE.job => C:\ProgramData\AVG January 2013 Campaign\ROC.exe ==================== Loaded Modules (whitelisted) ============= 2011-03-17 00:07 - 2011-03-17 00:07 - 04297568 _____ () C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Cultures\OFFICE.ODF 2010-07-28 13:26 - 2010-05-31 19:18 - 00013824 _____ () C:\Program Files (x86)\Sony\VAIO Event Service\VESBasePS.dll 2010-07-28 13:26 - 2010-05-31 19:18 - 00013312 _____ () C:\Program Files (x86)\Sony\VAIO Event Service\VESMgrSubPS.dll 2011-03-16 23:11 - 2011-03-16 23:11 - 04297568 _____ () C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF 2013-03-13 21:48 - 2013-03-13 21:48 - 24978944 _____ () C:\Users\sony\AppData\Roaming\Dropbox\bin\libcef.dll 2012-05-13 18:13 - 2012-05-13 18:13 - 00170496 _____ () C:\Windows\assembly\NativeImages_v2.0.50727_32\IsdiInterop\8974e548fc54655fc112b538495d412a\IsdiInterop.ni.dll 2010-07-21 02:12 - 2010-03-04 04:08 - 00058880 _____ () C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IsdiInterop.dll 2013-12-06 08:25 - 2013-12-04 03:47 - 00702416 _____ () C:\Program Files (x86)\Google\Chrome\Application\31.0.1650.63\libglesv2.dll 2013-12-06 08:25 - 2013-12-04 03:47 - 00099792 _____ () C:\Program Files (x86)\Google\Chrome\Application\31.0.1650.63\libegl.dll 2013-12-06 08:25 - 2013-12-04 03:48 - 04055504 _____ () C:\Program Files (x86)\Google\Chrome\Application\31.0.1650.63\pdf.dll 2013-12-06 08:25 - 2013-12-04 03:48 - 00399312 _____ () C:\Program Files (x86)\Google\Chrome\Application\31.0.1650.63\ppGoogleNaClPluginChrome.dll 2013-12-06 08:25 - 2013-12-04 03:47 - 01619408 _____ () C:\Program Files (x86)\Google\Chrome\Application\31.0.1650.63\ffmpegsumo.dll 2013-12-06 08:25 - 2013-12-04 03:48 - 13586896 _____ () C:\Program Files (x86)\Google\Chrome\Application\31.0.1650.63\PepperFlash\pepflashplayer.dll 2006-12-21 13:31 - 2006-12-21 13:31 - 00786432 _____ () C:\Program Files (x86)\Gadu-Gadu\LIBEAY32.dll 2006-12-21 13:31 - 2006-12-21 13:31 - 00159744 _____ () C:\Program Files (x86)\Gadu-Gadu\SSLEAY32.dll 2007-03-07 16:40 - 2007-03-07 16:40 - 00135168 _____ () C:\Program Files (x86)\Gadu-Gadu\zlib1.dll 2007-04-17 12:04 - 2007-04-17 12:04 - 00106496 _____ () C:\Program Files (x86)\Gadu-Gadu\libiax2.dll 2007-04-17 12:04 - 2007-04-17 12:04 - 00061440 _____ () C:\Program Files (x86)\Gadu-Gadu\libjb.dll ==================== Alternate Data Streams (whitelisted) ========= ==================== Safe Mode (whitelisted) =================== HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS => ""="" ==================== Faulty Device Manager Devices ============= ==================== Event log errors: ========================= Application errors: ================== Error: (12/13/2013 01:57:17 PM) (Source: Google Update) (User: sony-VAIO) Description: Network Request Error. Error: 0x80072ee7. Http status code: 0. Url=https://www.facebook.com/omaha/update.php Trying config: source=IE, wpad=1, script=. trying CUP:WinHTTP. Send request returned 0x80072ee7. Http status code 0. trying WinHTTP. Send request returned 0x80072ee7. Http status code 0. trying CUP:iexplore. Send request returned 0x80004005. Http status code 0. Trying config: source=, direct connection. trying CUP:WinHTTP. Send request returned 0x80072ee7. Http status code 0. trying WinHTTP. Send request returned 0x80072ee7. Http status code 0. trying CUP:iexplore. Send request returned 0x80004005. Http status code 0. Trying config: source=IE, wpad=1, script=. trying CUP:WinHTTP. Send request returned 0x80072ee7. Http status code 0. trying WinHTTP. Send request returned 0x80072ee7. Http status code 0. trying CUP:iexplore. Send request returned 0x80004005. Http status code 0. Trying config: source=, direct connection. trying CUP:WinHTTP. Send request returned 0x80072ee7. Http s Error: (12/13/2013 01:44:56 PM) (Source: Application Error) (User: ) Description: Nazwa aplikacji powodującej błąd: mplayerc.exe, wersja: 6.4.9.1, sygnatura czasowa: 0x4b780a3b Nazwa modułu powodującego błąd: ntdll.dll, wersja: 6.1.7600.16915, sygnatura czasowa: 0x4ec49d10 Kod wyjątku: 0xc0000005 Przesunięcie błędu: 0x00037245 Identyfikator procesu powodującego błąd: 0x1684 Godzina uruchomienia aplikacji powodującej błąd: 0xmplayerc.exe0 Ścieżka aplikacji powodującej błąd: mplayerc.exe1 Ścieżka modułu powodującego błąd: mplayerc.exe2 Identyfikator raportu: mplayerc.exe3 Error: (12/12/2013 09:45:56 PM) (Source: Application Error) (User: ) Description: Nazwa aplikacji powodującej błąd: 028227~1.EXE, wersja: 6.6.116.0, sygnatura czasowa: 0x4fda21e1 Nazwa modułu powodującego błąd: unknown, wersja: 0.0.0.0, sygnatura czasowa: 0x00000000 Kod wyjątku: 0xc0000005 Przesunięcie błędu: 0x00000000 Identyfikator procesu powodującego błąd: 0x6a0 Godzina uruchomienia aplikacji powodującej błąd: 0x028227~1.EXE0 Ścieżka aplikacji powodującej błąd: 028227~1.EXE1 Ścieżka modułu powodującego błąd: 028227~1.EXE2 Identyfikator raportu: 028227~1.EXE3 Error: (12/10/2013 06:12:17 PM) (Source: Application Error) (User: ) Description: Nazwa aplikacji powodującej błąd: sldProcMon.exe, wersja: 20.2.0.55, sygnatura czasowa: 0x4f18ca3c Nazwa modułu powodującego błąd: ntdll.dll, wersja: 6.1.7600.16915, sygnatura czasowa: 0x4ec4b137 Kod wyjątku: 0xc0000008 Przesunięcie błędu: 0x00000000000d0108 Identyfikator procesu powodującego błąd: 0x298 Godzina uruchomienia aplikacji powodującej błąd: 0xsldProcMon.exe0 Ścieżka aplikacji powodującej błąd: sldProcMon.exe1 Ścieżka modułu powodującego błąd: sldProcMon.exe2 Identyfikator raportu: sldProcMon.exe3 Error: (11/24/2013 01:54:20 PM) (Source: Application Error) (User: ) Description: Nazwa aplikacji powodującej błąd: PMMAIN.EXE, wersja: 7.5.0.299, sygnatura czasowa: 0x48b72a65 Nazwa modułu powodującego błąd: pmcommon.dll, wersja: 7.5.0.299, sygnatura czasowa: 0x48b72a0a Kod wyjątku: 0xc0000005 Przesunięcie błędu: 0x00007fc0 Identyfikator procesu powodującego błąd: 0xd60 Godzina uruchomienia aplikacji powodującej błąd: 0xPMMAIN.EXE0 Ścieżka aplikacji powodującej błąd: PMMAIN.EXE1 Ścieżka modułu powodującego błąd: PMMAIN.EXE2 Identyfikator raportu: PMMAIN.EXE3 Error: (11/23/2013 09:33:40 PM) (Source: SampleCollector) (User: ) Description: init_sstates_file:CreateFile:Prev_SState: failed with error 0x20: Proces nie może uzyskać dostępu do pliku, ponieważ jest on używany przez inny proces. Error: (11/22/2013 03:35:37 PM) (Source: SampleCollector) (User: ) Description: CreateFile:SState: failed with error 0x20: Proces nie może uzyskać dostępu do pliku, ponieważ jest on używany przez inny proces. Error: (11/21/2013 05:31:19 PM) (Source: SampleCollector) (User: ) Description: CreateFile:SState: failed with error 0x20: Proces nie może uzyskać dostępu do pliku, ponieważ jest on używany przez inny proces. Error: (11/20/2013 06:30:55 PM) (Source: Application Error) (User: ) Description: Nazwa aplikacji powodującej błąd: iexplore.exe, wersja: 8.0.7600.17006, sygnatura czasowa: 0x4f90e30b Nazwa modułu powodującego błąd: IEFRAME.dll, wersja: 8.0.7600.17006, sygnatura czasowa: 0x4f90fdfd Kod wyjątku: 0xc0000005 Przesunięcie błędu: 0x00000000000bfdf9 Identyfikator procesu powodującego błąd: 0x1e30 Godzina uruchomienia aplikacji powodującej błąd: 0xiexplore.exe0 Ścieżka aplikacji powodującej błąd: iexplore.exe1 Ścieżka modułu powodującego błąd: iexplore.exe2 Identyfikator raportu: iexplore.exe3 Error: (11/18/2013 10:17:57 PM) (Source: Application Error) (User: ) Description: Nazwa aplikacji powodującej błąd: wmprph.exe, wersja: 12.0.7600.16385, sygnatura czasowa: 0x4a5bd018 Nazwa modułu powodującego błąd: ntdll.dll, wersja: 6.1.7600.16915, sygnatura czasowa: 0x4ec4b137 Kod wyjątku: 0xc0000005 Przesunięcie błędu: 0x000000000004c8f4 Identyfikator procesu powodującego błąd: 0x2088 Godzina uruchomienia aplikacji powodującej błąd: 0xwmprph.exe0 Ścieżka aplikacji powodującej błąd: wmprph.exe1 Ścieżka modułu powodującego błąd: wmprph.exe2 Identyfikator raportu: wmprph.exe3 System errors: ============= Error: (12/13/2013 02:20:11 PM) (Source: Service Control Manager) (User: ) Description: Usługa VAIO Care Performance Service zawiesiła się podczas uruchamiania. Error: (12/13/2013 02:15:13 PM) (Source: Service Control Manager) (User: ) Description: Nie można uruchomić usługi ESET Service z powodu następującego błędu: %%2 Error: (12/13/2013 02:13:33 PM) (Source: Service Control Manager) (User: ) Description: Usługa PEVSystemStart jest oznaczona jako usługa interakcyjna. System jest jednak skonfigurowany tak, aby nie zezwalać na usługi interakcyjne, dlatego ta usługa może nie działać właściwie. Error: (12/13/2013 02:10:39 PM) (Source: Application Popup) (User: ) Description: Ładowanie sterownika \??\C:\ComboFix\catchme.sys zostało zablokowane z powodu niezgodności z tym systemem. Skontaktuj się z dostawcą oprogramowania w celu uzyskania zgodnej wersji sterownika. Error: (12/13/2013 02:04:42 PM) (Source: Service Control Manager) (User: ) Description: Usługa PEVSystemStart jest oznaczona jako usługa interakcyjna. System jest jednak skonfigurowany tak, aby nie zezwalać na usługi interakcyjne, dlatego ta usługa może nie działać właściwie. Error: (12/12/2013 09:46:08 PM) (Source: Service Control Manager) (User: ) Description: Usługa McAfee Application Installer Cleanup (0282271352730771) niespodziewanie zakończyła pracę. Wystąpiło to razy: 1. Error: (12/12/2013 09:45:58 PM) (Source: Service Control Manager) (User: ) Description: Usługa Windows Defender zakończyła działanie; wystąpił następujący błąd: %%126 Error: (12/12/2013 09:45:33 PM) (Source: Service Control Manager) (User: ) Description: Nie można uruchomić usługi ESET Service z powodu następującego błędu: %%2 Error: (12/12/2013 09:45:32 PM) (Source: Service Control Manager) (User: ) Description: Usługa Przeglądarka komputera zakończyła działanie; wystąpił następujący błąd: %%1060 Error: (12/12/2013 09:45:30 PM) (Source: EventLog) (User: ) Description: Poprzednie zamknięcie systemu przy 21:43:32 na ‎2013-‎12-‎12 było nieoczekiwane. Microsoft Office Sessions: ========================= Error: (12/13/2013 01:57:17 PM) (Source: Google Update)(User: sony-VAIO) Description: Network Request Error. Error: 0x80072ee7. Http status code: 0. Url=https://www.facebook.com/omaha/update.php Trying config: source=IE, wpad=1, script=. trying CUP:WinHTTP. Send request returned 0x80072ee7. Http status code 0. trying WinHTTP. Send request returned 0x80072ee7. Http status code 0. trying CUP:iexplore. Send request returned 0x80004005. Http status code 0. Trying config: source=, direct connection. trying CUP:WinHTTP. Send request returned 0x80072ee7. Http status code 0. trying WinHTTP. Send request returned 0x80072ee7. Http status code 0. trying CUP:iexplore. Send request returned 0x80004005. Http status code 0. Trying config: source=IE, wpad=1, script=. trying CUP:WinHTTP. Send request returned 0x80072ee7. Http status code 0. trying WinHTTP. Send request returned 0x80072ee7. Http status code 0. trying CUP:iexplore. Send request returned 0x80004005. Http status code 0. Trying config: source=, direct connection. trying CUP:WinHTTP. Send request returned 0x80072ee7. Http s Error: (12/13/2013 01:44:56 PM) (Source: Application Error)(User: ) Description: mplayerc.exe6.4.9.14b780a3bntdll.dll6.1.7600.169154ec49d10c000000500037245168401cef800fce80d4aC:\Program Files (x86)\Real Alternative\Media Player Classic\mplayerc.exeC:\Windows\SysWOW64\ntdll.dll5e786838-63f4-11e3-8eb9-0024e8a16d6a Error: (12/12/2013 09:45:56 PM) (Source: Application Error)(User: ) Description: 028227~1.EXE6.6.116.04fda21e1unknown0.0.0.000000000c0000005000000006a001cef77b19aa4ea6C:\Users\Rick\AppData\Local\Temp\028227~1.EXEunknown65ceb6b1-636e-11e3-8eb9-0024e8a16d6a Error: (12/10/2013 06:12:17 PM) (Source: Application Error)(User: ) Description: sldProcMon.exe20.2.0.554f18ca3cntdll.dll6.1.7600.169154ec4b137c000000800000000000d010829801ceed2491df59b4C:\Program Files\SolidWorks Corp\SolidWorks\sldProcMon.exeC:\Windows\SYSTEM32\ntdll.dll37dcad3e-61be-11e3-9f29-0024e8a16d6a Error: (11/24/2013 01:54:20 PM) (Source: Application Error)(User: ) Description: PMMAIN.EXE7.5.0.29948b72a65pmcommon.dll7.5.0.29948b72a0ac000000500007fc0d6001cee90f77fbdd04C:\Program Files (x86)\ProModel Corporation\ProModel\7.5\PMMAIN.EXEC:\Program Files (x86)\ProModel Corporation\ProModel\7.5\pmcommon.dll889f5629-5507-11e3-9f29-0024e8a16d6a Error: (11/23/2013 09:33:40 PM) (Source: SampleCollector)(User: ) Description: init_sstates_file:CreateFile:Prev_SState: failed with error 0x20: Proces nie może uzyskać dostępu do pliku, ponieważ jest on używany przez inny proces. Error: (11/22/2013 03:35:37 PM) (Source: SampleCollector)(User: ) Description: CreateFile:SState: failed with error 0x20: Proces nie może uzyskać dostępu do pliku, ponieważ jest on używany przez inny proces. Error: (11/21/2013 05:31:19 PM) (Source: SampleCollector)(User: ) Description: CreateFile:SState: failed with error 0x20: Proces nie może uzyskać dostępu do pliku, ponieważ jest on używany przez inny proces. Error: (11/20/2013 06:30:55 PM) (Source: Application Error)(User: ) Description: iexplore.exe8.0.7600.170064f90e30bIEFRAME.dll8.0.7600.170064f90fdfdc000000500000000000bfdf91e3001cee6155d9fbd3aC:\Program Files\Internet Explorer\iexplore.exeC:\Windows\system32\IEFRAME.dll8206fbf3-5209-11e3-9f29-0024e8a16d6a Error: (11/18/2013 10:17:57 PM) (Source: Application Error)(User: ) Description: wmprph.exe12.0.7600.163854a5bd018ntdll.dll6.1.7600.169154ec4b137c0000005000000000004c8f4208801cee4a3a4d526d0C:\Program Files\Windows Media Player\wmprph.exeC:\Windows\SYSTEM32\ntdll.dlle4a370d7-5096-11e3-9f29-0024e8a16d6a CodeIntegrity Errors: =================================== Date: 2013-12-13 14:10:39.944 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2013-12-13 14:10:39.834 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. ==================== Memory info =========================== Percentage of memory in use: 68% Total physical RAM: 3950.1 MB Available physical RAM: 1224.67 MB Total Pagefile: 7898.34 MB Available Pagefile: 4985.94 MB Total Virtual: 8192 MB Available Virtual: 8191.8 MB ==================== Drives ================================ Drive c: () (Fixed) (Total:450 GB) (Free:336.39 GB) NTFS Drive e: (NIKON D3000) (Removable) (Total:1.89 GB) (Free:1.45 GB) FAT ==================== MBR & Partition Table ================== ======================================================== Disk: 0 (MBR Code: Windows 7 or 8) (Size: 466 GB) (Disk ID: 0383C72C) Partition 1: (Not Active) - (Size=16 GB) - (Type=27) Partition 2: (Active) - (Size=100 MB) - (Type=07 NTFS) Partition 3: (Not Active) - (Size=450 GB) - (Type=07 NTFS) ======================================================== Disk: 1 (Size: 2 GB) (Disk ID: 00000000) Partition 1: (Not Active) - (Size=2 GB) - (Type=06) ==================== End Of Log ============================