Additional scan result of Farbar Recovery Scan Tool (x86) Version: 16-02-2014 Ran by remik at 2014-02-17 23:00:20 Running from C:\Users\remik\Desktop Boot Mode: Normal ========================================================== ==================== Security Center ======================== AV: Norton Internet Security (Disabled - Out of date) {63DF5164-9100-186D-2187-8DC619EFD8BF} AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: Norton Internet Security (Disabled - Out of date) {D8BEB080-B73A-17E3-1B37-B6B462689202} FW: Norton Internet Security (Disabled) {5BE4D041-DB6F-1935-0AD8-24F3E73C9FC4} ==================== Installed Programs ====================== µTorrent (Version: 3.2.2.28595 - BitTorrent Inc.) Absolute Uninstaller 2.9.0.722 (Version: - Glarysoft.com) Adobe AIR (Version: 2.7.1.19610 - Adobe Systems Incorporated) Adobe AIR (Version: 2.7.1.19610 - Adobe Systems Incorporated) Hidden Adobe Flash Player 12 ActiveX (Version: 12.0.0.44 - Adobe Systems Incorporated) Adobe Flash Player 12 Plugin (Version: 12.0.0.44 - Adobe Systems Incorporated) Adobe Shockwave Player 11.6 (Version: 11.6.4.634 - Adobe Systems, Inc.) Airlines 2 (Version: 1.00.0000 - Play Sp. z o.o.) Airlines 2 (Version: 1.00.0000 - Play Sp. z o.o.) Hidden Apple Mobile Device Support (Version: 6.0.0.59 - Apple Inc.) Apple Software Update (Version: 2.1.3.127 - Apple Inc.) Archiwizator WinRAR (Version: - ) AVS DVD Player version 2.4 (Version: - Online Media Technologies Ltd.) BankBrowser (HKCU Version: 3.6 - DialCom24 Sp. z o.o.) Batch PDF Stamp (Version: 1.1.0 - Dreamify Corp) Bonjour (Version: 3.0.0.10 - Apple Inc.) CCleaner (Version: 3.26 - Piriform) ChomikBox (Version: 2.0.3.0 - Chomikuj.pl) Detektor Winampa (HKCU Version: 1.0.0.1 - Nullsoft, Inc) doPDF 7.2 printer (Version: - Softland) Dropbox (HKCU Version: 2.6.2 - Dropbox, Inc.) EaseUS Partition Master 9.2.1 Home Edition (Version: - EaseUS) eReg (Version: 1.20.138.34 - Logitech, Inc.) Hidden Expressivo (Version: 1.2.2 - IVO Software Sp. z o.o.) Facebook Messenger 2.1.4814.0 (Version: 2.1.4814.0 - Facebook) FileZilla Client 3.5.3 (Version: 3.5.3 - FileZilla Project) FindRight (Version: 2014.02.05.153917 - FindRight) <==== ATTENTION FolderIco 1.0 (Version: - teorex) foobar2000 v1.1 (Version: 1.1 - Peter Pawlowski) Fotosizer 2.08 (Version: 2.08.0.545 - Fotosizer.com) Foxit PDF Editor (Version: - ) Foxit Reader (Version: 4.1.1.805 - Foxit Software Company) GG (HKCU Version: 11 - GG Network S.A.) Google Chrome (Version: 32.0.1700.107 - Google Inc.) Google Drive (Version: 1.13.5782.599 - Google, Inc.) Google Earth Plug-in (Version: 7.1.2.2041 - Google) Google Talk Plugin (Version: 3.10.2.10212 - Google) Google Update Helper (Version: 1.3.22.3 - Google Inc.) Hidden HateML 1.1 build 05 (Version: - Migajek Software) iCloud (Version: 3.0.2.163 - Apple Inc.) I-Doser Free (Version: 5.0 - I-Doser.com) Internet Download Manager (Version: - Tonec Inc.) ipla 2.6.3 (Version: 2.6.3 - Redefine Sp z o.o.) ITE 1.0 (Version: - ) iTunes (Version: 10.7.0.21 - Apple Inc.) Java 7 Update 45 (Version: 7.0.450 - Oracle) Java Auto Updater (Version: 2.1.9.8 - Sun Microsystems, Inc.) Hidden Java(TM) 6 Update 37 (Version: 6.0.370 - Oracle) KinoniDrivers 2.8.1 (Version: 2.8.1 - Kinoni) K-Lite Codec Pack 8.0.0 (Full) (Version: 8.0.0 - ) konsola (Version: - MM Studio) LastPass(uninstall only) (Version: - LastPass) Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319 - Microsoft Corporation) Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319 - Microsoft Corporation) Hidden Microsoft .NET Framework 4 Client Profile PLK Language Pack (Version: 4.0.30319 - Microsoft Corporation) Hidden Microsoft .NET Framework 4 Extended (Version: 4.0.30319 - Microsoft Corporation) Microsoft .NET Framework 4 Extended (Version: 4.0.30319 - Microsoft Corporation) Hidden Microsoft .NET Framework 4 Extended PLK Language Pack (Version: 4.0.30319 - Microsoft Corporation) Hidden Microsoft Corporation (Version: 9.1.0.0 - Microsoft Corporation) Hidden Microsoft LifeCam (Version: 3.22.270.0 - Microsoft Corporation) Microsoft Silverlight (Version: 5.1.20913.0 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (Version: 8.0.59193 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (Version: 9.0.30729.5570 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (Version: 9.0.21022 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (Version: 10.0.40219 - Microsoft Corporation) MobileMe Control Panel (Version: 3.1.6.0 - Apple Inc.) Mozilla Firefox 10.0.1 (x86 pl) (Version: 10.0.1 - Mozilla) Mozilla Firefox 27.0.1 (x86 pl) (HKCU Version: 27.0.1 - Mozilla) Mozilla Thunderbird (3.1.7) (Version: 3.1.7 (pl) - Mozilla) Mp3 Knife 3.2 (Version: - Vicky's Cool Softwares) MSXML 4.0 SP2 (KB954430) (Version: 4.20.9870.0 - Microsoft Corporation) MSXML 4.0 SP2 (KB973688) (Version: 4.20.9876.0 - Microsoft Corporation) NapiProjekt 2.0.0 (build 2151) (Version: - ) NETGEAR WG111v2 wireless USB 2.0 adapter (Version: 160136 - NETGEAR) Hidden Network Play System (Patching) (Version: - ) Norton Internet Security (Version: 21.1.0.18 - Symantec Corporation) NVIDIA PhysX (Version: 9.10.0513 - NVIDIA Corporation) Obsługa programów Apple (Version: 2.2.2 - Apple Inc.) OnLive (Version: - OnLive) OpenOffice.org 3.0 (Version: 3.0.9358 - OpenOffice.org) Opera 12.02 (Version: 12.02.1578 - Opera Software ASA) Oprogramowanie Logitech Unifying 2.10 (Version: 2.10.37 - Logitech) Oracle VM VirtualBox 4.2.4 (Version: 4.2.4 - Oracle Corporation) Pakiet sterowników: Logitech Webcam Software (Version: 12.10.1110 - Logitech Inc.) Pazera Free FLV to AVI Converter 1.7 (Version: 1.7 - Pazera Jacek) PDFCreator (Version: 1.6.0 - Frank Heindörfer, Philip Chinery) pdfFactory Pro (Version: 4.05 - FinePrint Software, LLC) PDFMate Free PDF Merger 1.03 (Version: 1.03 - www.pdfmate.com) Photo Story 3 for Windows (Version: 3.0.1115.11 - Microsoft Corporation) Picasa 3 (Version: 3.8 - Google, Inc.) PLANET WL-U356A (Version: - ) PlayReady PC Runtime x86 (Version: 1.3.0 - Microsoft Corporation) PokerStars (Version: - PokerStars) PokerStars.net (Version: - PokerStars.net) Polipo 1.0.4.1 (Version: - ) Polski pakiet językowy dla programu Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319 - Microsoft Corporation) Polski pakiet językowy dla programu Microsoft .NET Framework 4 Extended (Version: 4.0.30319 - Microsoft Corporation) QuickTime (Version: 7.71.80.42 - Apple Inc.) QuickTime Alternative 3.2.2 (Version: 3.2.2 - ) Real Alternative 2.0.2 (Version: 2.0.2 - ) RegRun Reanimator (Version: - Greatis Software, LLC.) RMFon (Version: 1.3 - Radio Muzyka Fakty sp. z o.o.) Roxio Media Manager (Version: 9.4.123 - Nazwa firmy) Hidden Seagate Manager Installer (Version: 2.02.0109 - Seagate) Seagate Manager Installer (Version: 2.02.0109 - Seagate) Hidden Shared C Run-time for x86 (Version: 10.0.0 - McAfee) Hidden Skype Click to Call (Version: 5.9.9216 - Skype Technologies S.A.) Skype™ 6.1 (Version: 6.1.129 - Skype Technologies S.A.) Spotify (HKCU Version: 0.8.5.1333.g822e0de8 - Spotify AB) Spybot - Search & Destroy (Version: 1.6.2 - Safer Networking Limited) Super Video Splitter 3.6 (Version: - Witcobber,Inc.) swMSM (Version: 12.0.0.1 - Adobe Systems, Inc) Hidden The Sims (Version: - ) Tor 0.2.2.35 (Version: - ) TOSHIBA Flash Cards Support Utility (Version: 1.63.0.3C - TOSHIBA CORPORATION) TOSHIBA Flash Cards Support Utility (Version: 1.63.0.3C - TOSHIBA CORPORATION) Hidden TOSHIBA Value Added Package (Version: 1.2.33 - TOSHIBA Corporation) TOSHIBA Value Added Package (Version: 1.2.33 - TOSHIBA Corporation) Hidden TrueCrypt (Version: 6.3a - TrueCrypt Foundation) Utility Common Driver (Version: 1.0.50.22C - TOSHIBA) Hidden Vidalia 0.2.17 (Version: - ) Visual C++ 8.0 x86 Runtime Setup Package (Version: 1.0.0.0 - McAfee Inc.) Hidden VLC media player 2.1.2 (Version: 2.1.2 - VideoLAN) Winamp (Version: 5.621 - Nullsoft, Inc) Windows Media Player Firefox Plugin (Version: 1.0.0.8 - Microsoft Corp) Xilisoft MP3 WAV Converter (Version: 6.3.0.0829 - Xilisoft) Zan Image Printer (Version: - ) Zoiper (Version: 2.30 - Attractel) ZyngaPoker (remove only) (Version: - ) ==================== Restore Points ========================= ==================== Hosts content: ========================== 2013-01-07 22:54 - 2013-01-07 22:54 - 00000000 ____N C:\Windows\system32\Drivers\etc\hosts ==================== Scheduled Tasks (whitelisted) ============= Task: {0602C9F8-BE79-4C76-A16B-95BE525E7585} - System32\Tasks\At33 => C:\Windows\system32\hj23344.com Task: {09E1FC19-88AF-40D6-9167-EA0997B58E5A} - System32\Tasks\{571CE688-9A02-4573-B66C-F8C22127F586} => D:\PROGRAMY\expressivo_ewa_full_ PL\full_expressivo_ewa_PL\full_expressivo_pl_ewa_setup.exe Task: {0CE8E66D-28F1-4C99-B704-686E7507BFCA} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2014-02-04] (Adobe Systems Incorporated) Task: {0F4F8036-C6C3-4BD5-86E9-054B306042E5} - System32\Tasks\At26 => C:\Windows\system32\hj23344.com Task: {0FF88E43-20D3-4C79-9F8C-486E8C5D1662} - System32\Tasks\{7E3CBF46-8754-419E-8DD1-79216279AE5B} => D:\PROGRAMY\Alcohol_120__1.9.7.6022_PL\Alcohol 120% 1.9.7.6022_PL\Alcohol120_retail_1.9.7.6022.exe Task: {16E1A356-C552-4935-A873-BE2E176CA43A} - System32\Tasks\At47 => C:\Windows\system32\hj23344.com Task: {18769B0D-9D44-4B14-84F0-912898F0432A} - System32\Tasks\At45 => C:\Windows\system32\hj23344.com Task: {18CDBEFC-E64B-48BF-896B-9BF68646D0E0} - System32\Tasks\At18 => C:\Windows\system32\hj23344.com Task: {19647198-CBB1-465D-9B47-021211F66348} - System32\Tasks\At24 => C:\Windows\system32\hj23344.com Task: {1D93F408-971A-489E-BECA-972DA84A61F2} - System32\Tasks\At25 => C:\Windows\system32\hj23344.com Task: {1E726D49-F97E-4915-9253-0BADC23436DA} - System32\Tasks\At5 => C:\Windows\system32\hj23344.com Task: {2530664A-ADA3-4C1F-9299-7C8E68A06CCB} - System32\Tasks\At1 => C:\Windows\system32\hj23344.com Task: {25532EF0-D4F6-43E3-B579-74335D6AFB89} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2010-10-23] (Google Inc.) Task: {28F50860-FCD6-4B31-9F64-A555ED704D54} - System32\Tasks\At40 => C:\Windows\system32\hj23344.com Task: {2C5545B6-EE69-418A-B558-FD0AEEAF3AC8} - System32\Tasks\{DD156679-AF08-4DB1-A446-3F246AA35212} => H:\instmsiw.exe Task: {3945320A-66F5-485B-9577-A0409552C02F} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2012-12-19] (Piriform Ltd) Task: {3ACC573D-891F-4495-B9BA-93263C7D8A8D} - System32\Tasks\At41 => C:\Windows\system32\hj23344.com Task: {41A6CB15-4B96-4B9C-98CA-9733D75AE423} - System32\Tasks\At17 => C:\Windows\system32\hj23344.com Task: {45367C38-538A-4D13-B90D-4AA66EAD7033} - System32\Tasks\{8410BEE9-E7F0-49DC-98D7-E11B9118284D} => C:\Program Files\NETGEAR\WG111v2\WG111v2.exe [2007-02-09] () Task: {46565292-A896-4F90-9DFD-800B8A216B28} - System32\Tasks\At2 => C:\Windows\system32\hj23344.com Task: {47EFAB74-3016-4F1B-85EC-28D331829E38} - System32\Tasks\At13 => C:\Windows\system32\hj23344.com Task: {48C3FA4D-AB90-43F8-80D4-C8948430CBE5} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2010-10-23] (Google Inc.) Task: {5291D3CD-7F47-4900-92A6-76F1C1057858} - System32\Tasks\BearShareNAG => C:\Users\remik\AppData\Local\Temp\BearShare_setup.exe <==== ATTENTION Task: {5507DE12-83E7-4568-B58A-207C9481CA74} - System32\Tasks\{66A2EE88-E8D9-4BB3-A8FD-F4970D0341A3} => C:\Windows\SYSTEM32\msiexec.exe [2010-11-20] (Microsoft Corporation) Task: {59408507-DD9B-4FF8-9B9E-B1405F0506EC} - System32\Tasks\{DA4FAEFD-A22C-4BDA-BE62-D8523095C48B} => H:\instmsiw.exe Task: {59A8FA18-A93E-4C56-BA71-AE6872AD7648} - System32\Tasks\At38 => C:\Windows\system32\hj23344.com Task: {5D8EB5CD-AC22-45EE-AFC7-A24C9C4AD03D} - System32\Tasks\At34 => C:\Windows\system32\hj23344.com Task: {643D511E-5C07-4678-A335-9FF0606D5C8C} - System32\Tasks\{D52FDE66-A369-4337-8BC6-FFC2C3DB0C84} => C:\Windows\SYSTEM32\msiexec.exe [2010-11-20] (Microsoft Corporation) Task: {6677D119-ABE5-4CA3-B865-847E217CDD10} - System32\Tasks\Norton WSC Integration => C:\Program Files\Norton Internet Security\Engine\21.1.0.18\WSCStub.exe [2013-10-08] (Symantec Corporation) Task: {66D84D15-F741-4C99-ABA3-147102DFCFC4} - System32\Tasks\At9 => C:\Windows\system32\hj23344.com Task: {6D72ABC8-07BC-493E-ACF5-77D45245A76E} - System32\Tasks\At14 => C:\Windows\system32\hj23344.com Task: {7C61C532-1BC0-4877-A0C7-6C8DB6D53D09} - System32\Tasks\task2914613 => C:\Users\remik\AppData\Local\Temp\~!#25E8.tmp <==== ATTENTION Task: {7EBADA3E-93DB-4B9D-8A6E-4EFD4FA9FC29} - System32\Tasks\At23 => C:\Windows\system32\hj23344.com Task: {7F62B517-6BA0-4DAC-8AC9-8CBFA2BADC9E} - System32\Tasks\PsCfg32 => C:\Users\remik\Desktop\różne notatki\trop\PSCFG32.EXE Task: {8437C4EB-E935-404C-ADD3-77E6955ED581} - System32\Tasks\At44 => C:\Windows\system32\hj23344.com Task: {85ED1549-9806-49C4-AD97-FF398AD21EC7} - System32\Tasks\At42 => C:\Windows\system32\hj23344.com Task: {8B8AD994-DE21-4F73-A0F2-9A8993F1D441} - System32\Tasks\At30 => C:\Windows\system32\hj23344.com Task: {8B900644-D817-4B9B-AF28-09F9BE13C4AA} - System32\Tasks\At46 => C:\Windows\system32\hj23344.com Task: {90687F87-FC8D-4510-A514-276373A194D8} - System32\Tasks\{D5366110-76A5-4B82-98C8-9CC8628D8256} => C:\Program Files\NETGEAR\WG111v2\WG111v2.exe [2007-02-09] () Task: {929CEFF4-8C7F-42E9-A412-4A0138E53C2A} - System32\Tasks\At22 => C:\Windows\system32\hj23344.com Task: {93919640-C250-4F37-BF15-FE19C872881C} - System32\Tasks\{D4CC2CE1-9367-430D-8CE7-C9A9DB76A392} => E:\Downloads\BlueStacks-SplitInstaller_native (1).exe Task: {997FEEA2-F4B3-4BB9-AAF5-44DB63D44F3F} - System32\Tasks\At35 => C:\Windows\system32\hj23344.com Task: {9A02ADD5-1B62-4453-B0B9-E30F19E8FEF9} - System32\Tasks\At29 => C:\Windows\system32\hj23344.com Task: {9C887B8C-7A4E-468B-BABB-C5C1995F557C} - System32\Tasks\At7 => C:\Windows\system32\hj23344.com Task: {A1A25017-7FF2-4A43-9853-2CF73058B155} - System32\Tasks\{630B6373-FEFA-4492-9EE4-A2B8F4987B99} => C:\Program Files\NETGEAR\WG111v2\WG111v2.exe [2007-02-09] () Task: {A29BCCFB-BC0A-4DD9-8DD0-82280E549B7A} - System32\Tasks\{56B8239E-AC22-45FE-B8C5-B4CC1836246E} => C:\Program Files\Elaborate Bytes\VirtualCloneDrive\VCDPrefs.exe Task: {A5BA724A-DD98-40AF-83B6-B4DB35159418} - System32\Tasks\At16 => C:\Windows\system32\hj23344.com Task: {A799EDCA-41E5-410A-BACC-F6EE72577867} - System32\Tasks\{9947FEE9-88AA-49C4-947B-EB810D3E4178} => C:\Users\remik\Downloads\vsk30\vsk30\Konfigurator VSK.exe Task: {A990B99D-7523-4F64-A91D-20E263270EB6} - System32\Tasks\At10 => C:\Windows\system32\hj23344.com Task: {AA51E9BB-1AC9-4768-83A1-85BEAB631B21} - System32\Tasks\Norton Internet Security\Norton Error Analyzer => C:\Program Files\Norton Internet Security\Engine\21.1.0.18\SymErr.exe [2013-08-01] (Symantec Corporation) Task: {AFC129A4-3256-4F9E-8BDF-E417FDCF0556} - System32\Tasks\At4 => C:\Windows\system32\hj23344.com Task: {B0120577-AFD0-4AE3-92D9-827362E76710} - System32\Tasks\At6 => C:\Windows\system32\hj23344.com Task: {B217A559-29E1-4B8D-9439-08A49D22C54C} - System32\Tasks\At20 => C:\Windows\system32\hj23344.com Task: {B2B10463-A3DF-4875-B44A-AC2B9486AB49} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-1385047699-1197689655-504847657-1001Core => C:\Users\remik\AppData\Local\Facebook\Update\FacebookUpdate.exe Task: {BF12023A-E0CC-45D9-BBDA-C19BA2330074} - System32\Tasks\At37 => C:\Windows\system32\hj23344.com Task: {C151660A-B73D-4FC2-B32F-F25CAE0F1CA4} - System32\Tasks\At48 => C:\Windows\system32\hj23344.com Task: {C1A3EAFE-E682-451F-85EF-AD4E0E975222} - System32\Tasks\At12 => C:\Windows\system32\hj23344.com Task: {CF4A6A4B-35CD-46A6-BF4A-BC89EADEC662} - System32\Tasks\At11 => C:\Windows\system32\hj23344.com Task: {CF5AFD62-0659-4330-8D31-169E5E1C989D} - System32\Tasks\At36 => C:\Windows\system32\hj23344.com Task: {D0C1020F-4CA8-4E05-BCE9-44E88817A32A} - System32\Tasks\Norton Internet Security\Norton Error Processor => C:\Program Files\Norton Internet Security\Engine\21.1.0.18\SymErr.exe [2013-08-01] (Symantec Corporation) Task: {D64BFFD7-89FC-4212-BF60-74430C7D1838} - System32\Tasks\At28 => C:\Windows\system32\hj23344.com Task: {D64F612E-3CCB-484D-8838-0D91943844C8} - System32\Tasks\{2EAEEE46-23F5-470F-91D0-5AFC8E21591D} => C:\Program Files\Real Spy Monitor\winrsm.exe Task: {D84367DD-6700-4E02-93A4-B9CDF7EA1CD8} - System32\Tasks\At8 => C:\Windows\system32\hj23344.com Task: {D8BFFAD7-0363-4155-A60D-5C161D4DEF61} - System32\Tasks\At32 => C:\Windows\system32\hj23344.com Task: {DCC2BE2F-26B3-43F6-B0DE-3865A98C0FB6} - System32\Tasks\At31 => C:\Windows\system32\hj23344.com Task: {E0711890-603E-406A-A679-1D2CB2BDAC88} - System32\Tasks\{308BC11D-0B52-4995-91B2-4BA1B5708099} => C:\Program Files\Skype\Phone\Skype.exe [2013-01-08] (Skype Technologies S.A.) Task: {E3596AEB-093B-4058-9135-C8DCD1F29A43} - System32\Tasks\At21 => C:\Windows\system32\hj23344.com Task: {E3774292-601D-4845-9A4A-EFE4F81198C7} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1385047699-1197689655-504847657-1001UA => C:\Users\remik\AppData\Local\Google\Update\GoogleUpdate.exe [2010-06-19] (Google Inc.) Task: {E511A069-9878-4FBE-94C0-59BA264F7341} - System32\Tasks\At19 => C:\Windows\system32\hj23344.com Task: {E78CB649-B81C-4007-865F-7A34DC04DE0E} - System32\Tasks\At3 => C:\Windows\system32\hj23344.com Task: {ECBFDC3E-FC38-4E82-AB95-361E47254097} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-1385047699-1197689655-504847657-1001UA => C:\Users\remik\AppData\Local\Facebook\Update\FacebookUpdate.exe Task: {ECDA5A5B-136F-40A4-A18F-3D186AA405B9} - System32\Tasks\At39 => C:\Windows\system32\hj23344.com Task: {ED908CFD-5DA7-4133-BB38-C89D7B3960FC} - System32\Tasks\{FC83A534-9E28-4E1D-A4CF-D87EC7471575} => C:\Program Files\InterActive Vision\Airlines 2\Airlines2.exe [2003-04-11] () Task: {F2925C9E-CCC7-4719-99DB-DB319B628346} - System32\Tasks\{B3BB1106-C72D-400D-B097-66258012C813} => D:\PROGRAMY\Alcohol_120__1.9.7.6022_PL\Alcohol 120% 1.9.7.6022_PL\Alcohol120_retail_1.9.7.6022.exe Task: {F308E6D3-449D-422A-9364-F53900E2FA3D} - System32\Tasks\At27 => C:\Windows\system32\hj23344.com Task: {F75BCE47-0504-457F-84EE-EEC827093251} - System32\Tasks\At15 => C:\Windows\system32\hj23344.com Task: {F7DA3A8D-B470-42FA-9A43-FEE51239F115} - System32\Tasks\At43 => C:\Windows\system32\hj23344.com Task: {FE213612-0D0F-4685-8762-1C80C6F83824} - System32\Tasks\{FF0FE650-BFF7-41B8-8B74-4F08B9BB4753} => C:\Users\remik\Downloads\vsk30\vsk30\Konfigurator VSK.exe Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1385047699-1197689655-504847657-1001Core.job => C:\Users\remik\AppData\Local\Facebook\Update\FacebookUpdate.exe Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1385047699-1197689655-504847657-1001UA.job => C:\Users\remik\AppData\Local\Facebook\Update\FacebookUpdate.exe Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1385047699-1197689655-504847657-1001Core1cd9d17f1a64873.job => C:\Users\remik\AppData\Local\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1385047699-1197689655-504847657-1001UA.job => C:\Users\remik\AppData\Local\Google\Update\GoogleUpdate.exe ==================== Loaded Modules (whitelisted) ============= 2012-01-08 08:41 - 2012-01-08 08:41 - 00093696 _____ () C:\Program Files\FileZilla FTP Client\fzshellext.dll 2009-10-18 08:20 - 2009-10-18 08:20 - 07980344 _____ () C:\Program Files\TOSHIBA\FlashCards\BlackPng.dll 2009-11-03 06:26 - 2009-11-03 06:26 - 00058680 _____ () C:\Program Files\TOSHIBA\FlashCards\Hotkey\FnZ.dll 2009-03-12 12:08 - 2009-03-12 12:08 - 00049152 _____ () C:\Program Files\Toshiba\PCDiag\NotifyPCD.dll 2009-07-29 08:35 - 2009-07-29 08:35 - 00014648 _____ () C:\Program Files\Toshiba\TBS\NotifyTBS.dll 2011-01-23 13:06 - 2004-10-26 10:54 - 00421888 _____ () C:\Program Files\PLANET\PLANET WL-U356A\WlanUtil.exe 2011-01-23 13:06 - 2004-09-03 10:11 - 00200704 _____ () C:\Program Files\PLANET\PLANET WL-U356A\dot1x_dll.dll 2011-01-23 13:06 - 2004-03-05 09:00 - 00155648 _____ () C:\Program Files\PLANET\PLANET WL-U356A\SSLEAY32.dll 2011-01-23 13:06 - 2004-03-05 09:00 - 00827392 _____ () C:\Program Files\PLANET\PLANET WL-U356A\LIBEAY32.dll 2011-01-23 13:06 - 2004-09-21 12:59 - 00040960 _____ () C:\Program Files\PLANET\PLANET WL-U356A\ZDWLAN.dll 2014-02-16 22:41 - 2014-02-16 22:41 - 03578992 ____C () E:\Program Files\Mozilla Firefox\mozjs.dll 2013-11-20 19:22 - 2013-11-19 22:28 - 01020928 _____ () C:\Users\remik\AppData\Roaming\Mozilla\Firefox\Profiles\q9rr7fe1.default-1363545147560\extensions\support@lastpass.com\platform\WINNT_x86-msvc\components\lpxpcom.dll 2013-09-14 00:51 - 2013-09-14 00:51 - 00087952 ____C () E:\Program Files\Common Files\Apple\Internet Services\zlib1.dll 2013-09-14 00:50 - 2013-09-14 00:50 - 01242952 ____C () E:\Program Files\Common Files\Apple\Internet Services\libxml2.dll 2014-02-04 20:28 - 2014-02-04 20:28 - 16287624 _____ () C:\Windows\system32\Macromed\Flash\NPSWF32_12_0_0_44.dll ==================== Alternate Data Streams (whitelisted) ========= AlternateDataStreams: C:\Windows\$NtUninstallKB27523$:SummaryInformation AlternateDataStreams: C:\ProgramData\TEMP:373E1720 AlternateDataStreams: C:\ProgramData\TEMP:8D49B91E AlternateDataStreams: C:\ProgramData\TEMP:DFC5A2B2 ==================== Safe Mode (whitelisted) =================== HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\00094334.sys => ""="Driver" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MSIServer => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\00094334.sys => ""="Driver" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\McMPFSvc => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MSIServer => ""="Service" ==================== Disabled items from MSCONFIG ============== MSCONFIG\startupreg: AlcoholAutomount => "C:\Program Files\Alcohol Soft\Alcohol 120\AxAutoMntSrv.exe" -automount MSCONFIG\startupreg: ALLUpdate => "C:\Program Files\ALLPlayer\ALLUpdate.exe" "sleep" MSCONFIG\startupreg: AppleSyncNotifier => C:\Program Files\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe MSCONFIG\startupreg: APSDaemon => "C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe" MSCONFIG\startupreg: BlueStacks Agent => C:\Program Files\BlueStacks\HD-Agent.exe MSCONFIG\startupreg: e-Kiosk => "D:\Program Files\e-Kiosk Reader\eGazetaST.exe" MSCONFIG\startupreg: EaseUS EPM tray => E:\Program Files\EaseUS\EaseUS Partition Master 9.2.1 Home Edition\bin\EpmNews.exe MSCONFIG\startupreg: gbrspcontrol => "C:\Program Files\Common Files\Comodo\GeekBuddyRSP.exe" -controlservice -slave MSCONFIG\startupreg: Google Update => "C:\Users\remik\AppData\Local\Google\Update\GoogleUpdate.exe" /c MSCONFIG\startupreg: iTunesHelper => "E:\Program Files\iTunes\iTunesHelper.exe" MSCONFIG\startupreg: KeNotify => C:\Program Files\TOSHIBA\Utilities\KeNotify.exe MSCONFIG\startupreg: MaxMenuMgr => "C:\Program Files\Seagate\SeagateManager\FreeAgent Status\StxMenuMgr.exe" MSCONFIG\startupreg: Spotify Web Helper => "C:\Users\remik\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe" ==================== Faulty Device Manager Devices ============= Name: Panda File Shield Driver Description: Panda File Shield Driver Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1} Manufacturer: Service: ShldDrv Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24) Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed. Devices stay in this state if they have been prepared for removal. After you remove the device, this error disappears.Remove the device, and this error should be resolved. Name: Panda Process Protection Driver Description: Panda Process Protection Driver Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1} Manufacturer: Service: PavProc Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24) Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed. Devices stay in this state if they have been prepared for removal. After you remove the device, this error disappears.Remove the device, and this error should be resolved. Name: Karta wirtualnego miniportu WiFi firmy Microsoft Description: Karta wirtualnego miniportu WiFi firmy Microsoft Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318} Manufacturer: Microsoft Service: vwifimp Problem: : This device is disabled. (Code 22) Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions. Name: VirtualBox Host-Only Ethernet Adapter Description: VirtualBox Host-Only Ethernet Adapter Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318} Manufacturer: Oracle Corporation Service: VBoxNetAdp Problem: : This device is disabled. (Code 22) Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions. ==================== Event log errors: ========================= Application errors: ================== Error: (02/17/2014 08:11:15 PM) (Source: Bonjour Service) (User: ) Description: Client application bug: DNSServiceResolve(mobile._epoccam._tcp.local.) active for over two minutes. This places considerable burden on the network. Error: (02/17/2014 00:27:31 AM) (Source: Bonjour Service) (User: ) Description: Task Scheduling Error: m->NextScheduledSPRetry 20358 Error: (02/17/2014 00:27:31 AM) (Source: Bonjour Service) (User: ) Description: Task Scheduling Error: m->NextScheduledEvent 20358 Error: (02/17/2014 00:27:31 AM) (Source: Bonjour Service) (User: ) Description: Task Scheduling Error: Continuously busy for more than a second Error: (02/17/2014 00:27:30 AM) (Source: Bonjour Service) (User: ) Description: Task Scheduling Error: m->NextScheduledSPRetry 19360 Error: (02/17/2014 00:27:30 AM) (Source: Bonjour Service) (User: ) Description: Task Scheduling Error: m->NextScheduledEvent 19360 Error: (02/17/2014 00:27:30 AM) (Source: Bonjour Service) (User: ) Description: Task Scheduling Error: Continuously busy for more than a second Error: (02/17/2014 00:27:29 AM) (Source: Bonjour Service) (User: ) Description: Task Scheduling Error: m->NextScheduledSPRetry 18361 Error: (02/17/2014 00:27:29 AM) (Source: Bonjour Service) (User: ) Description: Task Scheduling Error: m->NextScheduledEvent 18361 Error: (02/17/2014 00:27:29 AM) (Source: Bonjour Service) (User: ) Description: Task Scheduling Error: Continuously busy for more than a second System errors: ============= Error: (02/17/2014 08:09:51 PM) (Source: Service Control Manager) (User: ) Description: Usługa Usługa nasłuchująca grup domowych zakończyła działanie; wystąpił specyficzny dla niej błąd %%-2147023143. Error: (02/17/2014 08:09:44 PM) (Source: Microsoft-Windows-WHEA-Logger) (User: ZARZĄDZANIE NT) Description: Wystąpił krytyczny błąd sprzętowy. Zgłoszone przez składnik: rdzeń procesora Źródło błędu: 3 Typ błędu: 256 Identyfikator procesora: 1 Widok szczegółów tego wpisu zawiera dodatkowe informacje. Error: (02/17/2014 08:09:44 PM) (Source: Microsoft-Windows-WHEA-Logger) (User: ZARZĄDZANIE NT) Description: Wystąpił krytyczny błąd sprzętowy. Zgłoszone przez składnik: rdzeń procesora Źródło błędu: 3 Typ błędu: 256 Identyfikator procesora: 1 Widok szczegółów tego wpisu zawiera dodatkowe informacje. Error: (02/17/2014 08:09:44 PM) (Source: Microsoft-Windows-WHEA-Logger) (User: ZARZĄDZANIE NT) Description: Wystąpił krytyczny błąd sprzętowy. Zgłoszone przez składnik: rdzeń procesora Źródło błędu: 3 Typ błędu: 256 Identyfikator procesora: 1 Widok szczegółów tego wpisu zawiera dodatkowe informacje. Error: (02/17/2014 08:09:40 PM) (Source: Service Control Manager) (User: ) Description: Nie można załadować następujących sterowników startu rozruchowego lub systemowego: sfdrv01 sfsync02 ShldDrv Error: (02/17/2014 08:09:24 PM) (Source: Service Control Manager) (User: ) Description: Upłynął limit czasu (30000 ms) podczas oczekiwania na połączenie się z usługą Roxio Hard Drive Watcher 9. Error: (02/17/2014 08:08:48 PM) (Source: Service Control Manager) (User: ) Description: Nie można uruchomić usługi Panda Process Protection Driver z powodu następującego błędu: %%2 Error: (02/17/2014 08:08:14 PM) (Source: Service Control Manager) (User: ) Description: Usługa Przeglądarka komputera zakończyła działanie; wystąpił następujący błąd: %%1060 Error: (02/17/2014 08:08:12 PM) (Source: Microsoft-Windows-TaskScheduler) (User: ZARZĄDZANIE NT) Description: Usługa Harmonogram zadań nie może załadować zadań podczas uruchamiania usługi. Dane dodatkowe: Wartość błędu: 2147549183. Error: (02/17/2014 08:07:23 PM) (Source: Application Popup) (User: ) Description: Sterownik sfdrv01.sys został zablokowany dla ładowania. Microsoft Office Sessions: ========================= Error: (02/17/2014 08:11:15 PM) (Source: Bonjour Service)(User: ) Description: Client application bug: DNSServiceResolve(mobile._epoccam._tcp.local.) active for over two minutes. This places considerable burden on the network. Error: (02/17/2014 00:27:31 AM) (Source: Bonjour Service)(User: ) Description: Task Scheduling Error: m->NextScheduledSPRetry 20358 Error: (02/17/2014 00:27:31 AM) (Source: Bonjour Service)(User: ) Description: Task Scheduling Error: m->NextScheduledEvent 20358 Error: (02/17/2014 00:27:31 AM) (Source: Bonjour Service)(User: ) Description: Task Scheduling Error: Continuously busy for more than a second Error: (02/17/2014 00:27:30 AM) (Source: Bonjour Service)(User: ) Description: Task Scheduling Error: m->NextScheduledSPRetry 19360 Error: (02/17/2014 00:27:30 AM) (Source: Bonjour Service)(User: ) Description: Task Scheduling Error: m->NextScheduledEvent 19360 Error: (02/17/2014 00:27:30 AM) (Source: Bonjour Service)(User: ) Description: Task Scheduling Error: Continuously busy for more than a second Error: (02/17/2014 00:27:29 AM) (Source: Bonjour Service)(User: ) Description: Task Scheduling Error: m->NextScheduledSPRetry 18361 Error: (02/17/2014 00:27:29 AM) (Source: Bonjour Service)(User: ) Description: Task Scheduling Error: m->NextScheduledEvent 18361 Error: (02/17/2014 00:27:29 AM) (Source: Bonjour Service)(User: ) Description: Task Scheduling Error: Continuously busy for more than a second CodeIntegrity Errors: =================================== Date: 2013-10-20 16:40:43.999 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys because the set of per-page image hashes could not be found on the system. Date: 2013-10-20 16:40:43.910 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys because the set of per-page image hashes could not be found on the system. Date: 2013-10-20 16:40:43.682 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys because the set of per-page image hashes could not be found on the system. Date: 2013-10-20 16:40:43.560 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys because the set of per-page image hashes could not be found on the system. Date: 2013-10-20 16:40:43.324 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys because the set of per-page image hashes could not be found on the system. Date: 2013-10-20 16:40:43.185 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys because the set of per-page image hashes could not be found on the system. Date: 2013-10-20 16:40:42.500 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\Kaspersky Lab\Kaspersky Internet Security 14.0.0\KLELAMX86\klelam.sys because the set of per-page image hashes could not be found on the system. Date: 2013-10-20 16:40:42.427 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\Kaspersky Lab\Kaspersky Internet Security 14.0.0\KLELAMX86\klelam.sys because the set of per-page image hashes could not be found on the system. Date: 2013-10-20 16:40:42.338 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\Kaspersky Lab\Kaspersky Internet Security 14.0.0\KLELAMX86\klelam.sys because the set of per-page image hashes could not be found on the system. Date: 2013-10-20 16:40:42.257 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\Kaspersky Lab\Kaspersky Internet Security 14.0.0\KLELAMX86\klelam.sys because the set of per-page image hashes could not be found on the system. ==================== Memory info =========================== Percentage of memory in use: 56% Total physical RAM: 1918.05 MB Available physical RAM: 836.75 MB Total Pagefile: 3836.09 MB Available Pagefile: 2266.09 MB Total Virtual: 2047.88 MB Available Virtual: 1898.46 MB ==================== Drives ================================ Drive c: () (Fixed) (Total:32.55 GB) (Free:2.73 GB) NTFS ==>[Drive with boot components (obtained from BCD)] Drive d: (Progsy) (Fixed) (Total:48.83 GB) (Free:19.05 GB) NTFS Drive e: (Duży) (Fixed) (Total:103.76 GB) (Free:30.16 GB) NTFS Drive f: (Muza itp) (Fixed) (Total:46.27 GB) (Free:0.5 GB) NTFS ==>[System with boot components (obtained from reading drive)] ==================== MBR & Partition Table ================== ======================================================== Disk: 0 (Size: 233 GB) (Disk ID: 4EB6904C) Partition 1: (Not Active) - (Size=1 GB) - (Type=27) Partition 2: (Active) - (Size=33 GB) - (Type=07 NTFS) Partition 3: (Not Active) - (Size=46 GB) - (Type=07 NTFS) Partition 4: (Not Active) - (Size=153 GB) - (Type=OF Extended) ==================== End Of Log ============================