Additional scan result of Farbar Recovery Scan Tool (x64) Version: 11-05-2014 01 Ran by AM at 2014-05-14 08:03:56 Running from C:\Users\AM\Desktop\vir Boot Mode: Normal ========================================================== ==================== Security Center ======================== AV: Emsisoft Anti-Malware (Disabled - Up to date) {8504DEEF-CC04-1F76-2137-F1A5F4A659DA} AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B} AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: Emsisoft Anti-Malware (Disabled - Up to date) {3E653F0B-EA3E-10F8-1B87-CAD78F211367} AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736} ==================== Installed Programs ====================== Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 4.0.0.1390 - Adobe Systems Incorporated) Adobe AIR (x32 Version: 4.0.0.1390 - Adobe Systems Incorporated) Hidden Adobe Flash Player 13 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 13.0.0.206 - Adobe Systems Incorporated) Adobe Photoshop Lightroom 3.3 64-bit (HKLM\...\{CFFF260C-F510-45BB-8F8E-1D4AC1232786}) (Version: 3.3.1 - Adobe) Adobe Reader XI (11.0.06) - Polish (HKLM-x32\...\{AC76BA86-7AD7-1045-7B44-AB0000000001}) (Version: 11.0.06 - Adobe Systems Incorporated) AMD Accelerated Video Transcoding (Version: 13.30.100.40417 - Advanced Micro Devices, Inc.) Hidden AMD Catalyst Control Center (x32 Version: 2014.0417.2226.38446 - Nazwa firmy) Hidden AMD Catalyst Install Manager (HKLM\...\{6119B3A6-3603-9695-0398-CDF2AF0A13F8}) (Version: 8.0.916.0 - Advanced Micro Devices, Inc.) AMD Drag and Drop Transcoding (Version: 2.00.0000 - Advanced Micro Devices, Inc.) Hidden AMD Fuel (Version: 2014.0417.2226.38446 - Nazwa firmy) Hidden AMD Media Foundation Decoders (Version: 1.0.81206.1620 - Advanced Micro Devices, Inc.) Hidden AMD Wireless Display v3.0 (Version: 1.0.0.14 - Advanced Micro Devices, Inc.) Hidden AMD Wireless Display v3.0 (Version: 1.0.0.15 - Advanced Micro Devices, Inc.) Hidden Archiwizator WinRAR (HKLM\...\WinRAR archiver) (Version: - ) avast! Free Antivirus (HKLM-x32\...\Avast) (Version: 9.0.2013 - Avast Software) Avidemux 2.6 - 64bits (HKLM-x32\...\Avidemux 2.6 - 64bits (64-bit)) (Version: 2.6.7.8981 - ) Battlefield 4™ (HKLM-x32\...\{ABADE36E-EC37-413B-8179-B432AD3FACE7}) (Version: 1.1.0.1 - Electronic Arts) Battlelog Web Plugins (HKLM-x32\...\Battlelog Web Plugins) (Version: 2.3.2 - EA Digital Illusions CE AB) Canon MP550 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MP550_series) (Version: - ) Canon RAW Image Task for ZoomBrowser EX (HKLM-x32\...\RAW Image Task) (Version: 3.2.0.10 - Canon Inc.) Canon Utilities CameraWindow (HKLM-x32\...\CameraWindowLauncher) (Version: 7.1.0.2 - Canon Inc.) Canon Utilities CameraWindow DC_DV 6 for ZoomBrowser EX (HKLM-x32\...\CameraWindowDVC6) (Version: 6.4.2.16 - Canon Inc.) Canon Utilities Digital Photo Professional 3.3 (HKLM-x32\...\DPP) (Version: 3.3.0.0 - Canon Inc.) Canon Utilities EOS Utility (HKLM-x32\...\EOS Utility) (Version: 2.3.0.2 - Canon Inc.) Canon Utilities MyCamera (HKLM-x32\...\MyCamera) (Version: 6.4.0.5 - Canon Inc.) Canon Utilities PhotoStitch (HKLM-x32\...\PhotoStitch) (Version: 3.1.21.45 - Canon Inc.) Canon Utilities Picture Style Editor (HKLM-x32\...\Picture Style Editor) (Version: 1.2.0.1 - Canon Inc.) Canon Utilities RemoteCapture Task for ZoomBrowser EX (HKLM-x32\...\RemoteCaptureTask) (Version: 1.7.1.9 - Canon Inc.) Canon Utilities ZoomBrowser EX (HKLM-x32\...\ZoomBrowser EX) (Version: 6.1.1.21 - Canon Inc.) Canon ZoomBrowser EX Memory Card Utility (HKLM-x32\...\ZoomBrowser EX Memory Card Utility) (Version: 1.1.0.8 - Canon Inc.) Catalyst Control Center - Branding (x32 Version: 1.00.0000 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Graphics Previews Common (x32 Version: 2014.0417.2226.38446 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center InstallProxy (x32 Version: 2014.0417.2226.38446 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Localization All (x32 Version: 2014.0417.2226.38446 - Advanced Micro Devices, Inc.) Hidden CCC Help Chinese Standard (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden CCC Help Chinese Traditional (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden CCC Help Czech (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden CCC Help Danish (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden CCC Help Dutch (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden CCC Help English (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden CCC Help Finnish (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden CCC Help French (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden CCC Help German (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden CCC Help Greek (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden CCC Help Hungarian (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden CCC Help Italian (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden CCC Help Japanese (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden CCC Help Korean (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden CCC Help Norwegian (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden CCC Help Polish (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden CCC Help Portuguese (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden CCC Help Russian (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden CCC Help Spanish (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden CCC Help Swedish (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden CCC Help Thai (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden CCC Help Turkish (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden ccc-utility64 (Version: 2014.0417.2226.38446 - Advanced Micro Devices, Inc.) Hidden CCleaner (HKLM\...\CCleaner) (Version: 3.00 - Piriform) Dead Space (HKLM-x32\...\{6E6F22D7-8AD6-4A87-9A47-733E6E996F50}) (Version: 1.0.0.222 - Electronic Arts) DRUKI Gofin 2.1.8.0 (HKLM-x32\...\{CA70661D-855B-4BEA-B554-D882033BDF11}) (Version: 2.1.8.0 - Wydawnictwo Podatkowe GOFIN sp. z o.o.) EASEUS Partition Master 7.1.1 Home Edition (HKLM-x32\...\EASEUS Partition Master Home Edition_is1) (Version: - EASEUS) e-Deklaracje Desktop (HKLM-x32\...\e-Deklaracje.A1909296681C7ACEFE45687D3A64758C8659BF46.1) (Version: 6.0.1 - Ministerstwo Finansow) e-Deklaracje Desktop (x32 Version: 6.0.1 - Ministerstwo Finansow) Hidden Emsisoft Anti-Malware (HKLM-x32\...\{BC30E5E7-047D-4232-A7E8-F2CB7CC7B2E0}_is1) (Version: 8.1 - Emsisoft GmbH) ESN Sonar (HKLM-x32\...\ESN Sonar-0.70.4) (Version: 0.70.4 - ESN Social Software AB) FastStone Image Viewer 4.9 (HKLM-x32\...\FastStone Image Viewer) (Version: 4.9 - FastStone Soft) FindRight (HKLM\...\FindRight) (Version: 2014.02.26.051729 - FindRight) <==== ATTENTION FLV Player (HKLM-x32\...\FLV Player2.0 ) (Version: 2.0 - Applian Technologies Inc.) Free YouTube to MP3 Converter version 3.12.20.1230 (HKLM-x32\...\Free YouTube to MP3 Converter_is1) (Version: 3.12.20.1230 - DVDVideoSoft Ltd.) GIMP 2.8.10 (HKLM\...\GIMP-2_is1) (Version: 2.8.10 - The GIMP Team) Google Chrome (HKLM-x32\...\Google Chrome) (Version: 34.0.1847.131 - Google Inc.) Google Earth (HKLM-x32\...\{4D2A6330-2F8B-11E3-9C40-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google) Google Update Helper (x32 Version: 1.3.24.7 - Google Inc.) Hidden iPlus manager 2.2 (HKLM-x32\...\iPlus manager_is1) (Version: - ) K-Lite Codec Pack 10.4.5 Full (HKLM-x32\...\KLiteCodecPack_is1) (Version: 10.4.5 - ) Kurier Poczty (0.4) (HKLM-x32\...\Kurier Poczty (0.4)) (Version: - ) Machinery HDR Effects (HKLM-x32\...\{9D424246-6958-4DEC-84A5-A840D567EA20}) (Version: 2.1.94 - Maszyneria) MAGIX Video easy SE (HKLM-x32\...\MAGIX_{4D5F68E5-FB4B-49E2-A744-998C76556738}) (Version: 4.0.1.89 - MAGIX AG) MAGIX Video easy SE (Version: 4.0.1.89 - MAGIX AG) Hidden Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation) Microsoft .NET Framework 4.5.1 (PLK) (Version: 4.5.50938 - Microsoft Corporation) Hidden Microsoft .NET Framework 4.5.1 (Polski) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1045) (Version: 4.5.50938 - Microsoft Corporation) Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30214.0 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (HKLM-x32\...\{15134cb0-b767-4960-a911-f2d16ae54797}) (Version: 11.0.50727.1 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 (HKLM-x32\...\{22154f09-719a-4619-bb71-5b3356999fbf}) (Version: 11.0.50727.1 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation) Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.50727 (Version: 11.0.50727 - Microsoft Corporation) Hidden Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.60610 (Version: 11.0.60610 - Microsoft Corporation) Hidden Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.50727 (Version: 11.0.50727 - Microsoft Corporation) Hidden Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.60610 (Version: 11.0.60610 - Microsoft Corporation) Hidden Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.50727 (x32 Version: 11.0.50727 - Microsoft Corporation) Hidden Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.60610 (x32 Version: 11.0.60610 - Microsoft Corporation) Hidden Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.50727 (x32 Version: 11.0.50727 - Microsoft Corporation) Hidden Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.60610 (x32 Version: 11.0.60610 - Microsoft Corporation) Hidden MP3 Cutter 1.9 (HKLM-x32\...\MP3 Cutter_is1) (Version: - Aiv Software) MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation) MSXML 4.0 SP3 Parser (KB2758694) (HKLM-x32\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation) OpenOffice.org 3.4.1 (HKLM-x32\...\{18192D3F-5537-4560-AD89-D695F72AF91D}) (Version: 3.41.9593 - Apache Software Foundation) Opera Stable 21.0.1432.57 (HKLM-x32\...\Opera 21.0.1432.57) (Version: 21.0.1432.57 - Opera Software ASA) Origin (HKLM-x32\...\Origin) (Version: 9.3.6.4639 - Electronic Arts, Inc.) PITy2013 IPS 1.5.2.0 kompilacja:1.5.3.16 (HKLM-x32\...\PITy2013IPS_is1) (Version: - IPS Przedsiębiorstwo Informatyczne) Program Pit 2013 - wersja 7.0.19.47 (HKLM-x32\...\Roczne rozliczenie podatku dochodowego - PIT Gofin 2013_is1) (Version: - Wydawnictwo Podatkowe GOFIN sp. z o.o.) PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.993 - Even Balance, Inc.) SNS-HDR Lite v1.3.13 (HKLM\...\SNS-HDR Lite_is1) (Version: - Sebastian Nibisz) TL-WN721N/TL-WN722N Driver (HKLM-x32\...\{38A1E3ED-D913-41D2-9953-A93D5ACE3ADF}) (Version: 1.0.0 - TP-LINK) Total Commander 64-bit (Remove or Repair) (HKLM\...\Totalcmd64) (Version: 8.01 - Ghisler Software GmbH) WhoCrashed 5.00 (HKLM\...\WhoCrashed_is1) (Version: - Resplendence Software Projects Sp.) Windows Mobile Device Updater Component (Version: 04.08.2345.00 - Microsoft Corporation) Hidden Zune (HKLM\...\Zune) (Version: 04.08.2345.00 - Microsoft Corporation) Zune (Version: 04.08.2345.00 - Microsoft Corporation) Hidden Zune Language Pack (CHS) (Version: 04.08.2345.00 - Microsoft Corporation) Hidden Zune Language Pack (CHT) (Version: 04.08.2345.00 - Microsoft Corporation) Hidden Zune Language Pack (CSY) (Version: 04.08.2345.00 - Microsoft Corporation) Hidden Zune Language Pack (DAN) (Version: 04.08.2345.00 - Microsoft Corporation) Hidden Zune Language Pack (DEU) (Version: 04.08.2345.00 - Microsoft Corporation) Hidden Zune Language Pack (ELL) (Version: 04.08.2345.00 - Microsoft Corporation) Hidden Zune Language Pack (ESP) (Version: 04.08.2345.00 - Microsoft Corporation) Hidden Zune Language Pack (FIN) (Version: 04.08.2345.00 - Microsoft Corporation) Hidden Zune Language Pack (FRA) (Version: 04.08.2345.00 - Microsoft Corporation) Hidden Zune Language Pack (HUN) (Version: 04.08.2345.00 - Microsoft Corporation) Hidden Zune Language Pack (IND) (Version: 04.08.2345.00 - Microsoft Corporation) Hidden Zune Language Pack (ITA) (Version: 04.08.2345.00 - Microsoft Corporation) Hidden Zune Language Pack (JPN) (Version: 04.08.2345.00 - Microsoft Corporation) Hidden Zune Language Pack (KOR) (Version: 04.08.2345.00 - Microsoft Corporation) Hidden Zune Language Pack (MSL) (Version: 04.08.2345.00 - Microsoft Corporation) Hidden Zune Language Pack (NLD) (Version: 04.08.2345.00 - Microsoft Corporation) Hidden Zune Language Pack (NOR) (Version: 04.08.2345.00 - Microsoft Corporation) Hidden Zune Language Pack (PLK) (Version: 04.08.2345.00 - Microsoft Corporation) Hidden Zune Language Pack (PTB) (Version: 04.08.2345.00 - Microsoft Corporation) Hidden Zune Language Pack (PTG) (Version: 04.08.2345.00 - Microsoft Corporation) Hidden Zune Language Pack (RUS) (Version: 04.08.2345.00 - Microsoft Corporation) Hidden Zune Language Pack (SVE) (Version: 04.08.2345.00 - Microsoft Corporation) Hidden ==================== Restore Points ========================= 27-04-2014 19:09:58 Kopia zapasowa systemu Windows 29-04-2014 13:06:54 Windows Update 02-05-2014 20:04:11 Windows Update 03-05-2014 08:22:43 Windows Update 04-05-2014 17:00:14 Kopia zapasowa systemu Windows 06-05-2014 06:50:54 Windows Update 06-05-2014 12:22:34 Kopia zapasowa systemu Windows 09-05-2014 06:51:43 Windows Update 11-05-2014 17:53:52 Kopia zapasowa systemu Windows 13-05-2014 06:55:13 Windows Update ==================== Hosts content: ========================== 2009-07-14 04:34 - 2014-03-17 10:39 - 00000027 ____A C:\Windows\system32\Drivers\etc\hosts 127.0.0.1 localhost ==================== Scheduled Tasks (whitelisted) ============= Task: {25353CDF-5403-4597-A025-279582D47CFF} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2014-02-03] (AVAST Software) Task: {319264F5-6876-451E-B82B-C1EDB2F26921} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-04-29] (Adobe Systems Incorporated) Task: {B317BC39-1BDC-4AC9-BFC2-1BC7C657E9F6} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-12-20] (Google Inc.) Task: {B85CC3B1-E73E-4B83-A968-27E87A1FA632} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-12-20] (Google Inc.) Task: {D44E0ACA-215E-413C-B4C3-D15BDAF51067} - System32\Tasks\Microsoft\Windows\WindowsBackup\AutomaticBackup => Rundll32.exe /d sdengin2.dll,ExecuteScheduledBackup Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe ==================== Loaded Modules (whitelisted) ============= 2014-04-17 22:29 - 2014-04-17 22:29 - 00214528 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Container.PerformanceTuning.dll 2014-02-11 07:08 - 2014-02-11 07:08 - 00817152 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Device.dll 2014-02-11 07:08 - 2014-02-11 07:08 - 03650560 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Platform.dll 2013-12-20 10:53 - 2013-12-20 10:53 - 00076888 _____ () C:\Windows\SysWOW64\PnkBstrA.exe 2014-02-26 07:19 - 2014-05-13 12:53 - 00317728 _____ () C:\Program Files (x86)\FindRight\updateFindRight.exe 2014-02-27 23:24 - 2014-05-13 08:56 - 00317728 _____ () C:\Program Files (x86)\FindRight\bin\utilFindRight.exe 2014-04-17 22:29 - 2014-04-17 22:29 - 00102400 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Proxy.Native.dll 2014-05-11 09:48 - 2010-01-04 10:30 - 03297280 _____ () C:\Program Files (x86)\iPlus\iPlusManager.exe 2014-05-06 11:09 - 2014-04-30 10:37 - 01397880 _____ () C:\Program Files (x86)\Opera\21.0.1432.57\opera_crashreporter.exe 2014-04-11 13:49 - 2014-05-10 00:16 - 00096544 _____ () C:\Program Files (x86)\FindRight\bin\FindRight.BrowserAdapter.exe 2014-05-13 19:20 - 2014-05-13 18:48 - 02253312 _____ () C:\Program Files\AVAST Software\Avast\defs\14051303\algo.dll 2014-01-29 11:00 - 2014-04-25 11:54 - 00962560 _____ () C:\Program Files (x86)\Origin\platforms\qwindows.dll 2014-01-29 11:00 - 2014-04-25 11:54 - 00024064 _____ () C:\Program Files (x86)\Origin\imageformats\qgif.dll 2014-01-29 11:00 - 2014-04-25 11:54 - 00025088 _____ () C:\Program Files (x86)\Origin\imageformats\qico.dll 2014-01-29 11:00 - 2014-04-25 11:54 - 00217088 _____ () C:\Program Files (x86)\Origin\imageformats\qjpeg.dll 2014-01-29 11:00 - 2014-04-25 11:54 - 00261632 _____ () C:\Program Files (x86)\Origin\imageformats\qmng.dll 2014-01-29 11:00 - 2014-04-25 11:54 - 00019968 _____ () C:\Program Files (x86)\Origin\imageformats\qtga.dll 2014-01-29 11:00 - 2014-04-25 11:54 - 00302592 _____ () C:\Program Files (x86)\Origin\imageformats\qtiff.dll 2014-01-29 11:00 - 2014-04-25 11:54 - 00018944 _____ () C:\Program Files (x86)\Origin\imageformats\qwbmp.dll 2013-12-29 23:47 - 2013-12-29 23:47 - 19336120 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll 2014-05-11 09:48 - 2010-01-04 10:30 - 00991232 _____ () C:\Program Files (x86)\iPlus\NDISAPI.dll 2014-04-11 13:49 - 2014-05-10 00:16 - 00183584 _____ () C:\Program Files (x86)\FindRight\bin\FindRightBAApp.dll 2014-05-06 11:09 - 2014-04-30 10:37 - 00877688 _____ () C:\Program Files (x86)\Opera\21.0.1432.57\libglesv2.dll 2014-05-06 11:09 - 2014-04-30 10:37 - 00135800 _____ () C:\Program Files (x86)\Opera\21.0.1432.57\libegl.dll 2014-05-06 11:09 - 2014-04-30 10:37 - 00957048 _____ () C:\Program Files (x86)\Opera\21.0.1432.57\ffmpegsumo.dll 2014-04-29 13:57 - 2014-04-29 13:57 - 16351920 _____ () C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_13_0_0_206.dll ==================== Alternate Data Streams (whitelisted) ========= ==================== Safe Mode (whitelisted) =================== HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CleanHlp => ""="Driver" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CleanHlp.sys => ""="Driver" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\CleanHlp => ""="Driver" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\CleanHlp.sys => ""="Driver" ==================== EXE Association (whitelisted) ============= ==================== Disabled items from MSCONFIG ============== MSCONFIG\startupreg: iPlusManager => C:\Program Files (x86)\iPlus\iPlusChecker.exe ==================== Faulty Device Manager Devices ============= Name: Teredo Tunneling Pseudo-Interface Description: Karta tunelowania Teredo firmy Microsoft Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318} Manufacturer: Microsoft Service: tunnel Problem: : This device cannot start. (Code10) Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device. On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard. ==================== Event log errors: ========================= Application errors: ================== Error: (05/06/2014 02:21:50 PM) (Source: Windows Backup) (User: ) (EventID: 4103) Description: Wykonanie kopii zapasowej nie zostało zakończone z powodu błędu zapisu w lokalizacji kopii zapasowej D:\. Błąd: Nie można odnaleźć lokalizacji kopii zapasowej lub jest ona nieprawidłowa. Przejrzyj ustawienia kopii zapasowej i sprawdź lokalizację kopii zapasowej. (0x81000006). Error: (05/06/2014 02:20:52 PM) (Source: Windows Backup) (User: ) (EventID: 4103) Description: Wykonanie kopii zapasowej nie zostało zakończone z powodu błędu zapisu w lokalizacji kopii zapasowej D:\. Błąd: Nie można odnaleźć lokalizacji kopii zapasowej lub jest ona nieprawidłowa. Przejrzyj ustawienia kopii zapasowej i sprawdź lokalizację kopii zapasowej. (0x81000006). Error: (05/06/2014 02:19:46 PM) (Source: Windows Backup) (User: ) (EventID: 4103) Description: Wykonanie kopii zapasowej nie zostało zakończone z powodu błędu zapisu w lokalizacji kopii zapasowej D:\. Błąd: Nie można odnaleźć lokalizacji kopii zapasowej lub jest ona nieprawidłowa. Przejrzyj ustawienia kopii zapasowej i sprawdź lokalizację kopii zapasowej. (0x81000006). Error: (05/04/2014 07:01:20 PM) (Source: Windows Backup) (User: ) (EventID: 4104) Description: Wykonanie kopii zapasowej nie powiodło się. Błąd: Na tym dysku jest za mało miejsca, aby zapisać kopię zapasową. Zwolnij miejsce, usuwając starsze kopie zapasowe albo niepotrzebne dane, lub zmień ustawienia kopii zapasowej. (0x81000005). Error: (04/29/2014 02:46:41 PM) (Source: Application Hang) (User: ) (EventID: 1002) Description: Program PCFormat.exe w wersji 0.0.0.0 zatrzymał interakcję z systemem Windows i został zamknięty. Aby zobaczyć, czy jest dostępnych więcej informacji dotyczących tego problemu, sprawdź historię problemu w panelu sterowania Centrum akcji. Identyfikator procesu: 684 Godzina rozpoczęcia: 01cf63a8eefdf46d Godzina zakończenia: 11 Ścieżka aplikacji: G:\PCFormat.exe Identyfikator raportu: 490630a4-cf9c-11e3-bc64-b4471b282f9a Error: (04/27/2014 09:16:35 PM) (Source: Windows Backup) (User: ) (EventID: 4104) Description: Wykonanie kopii zapasowej nie powiodło się. Błąd: Na tym dysku jest za mało miejsca, aby zapisać kopię zapasową. Zwolnij miejsce, usuwając starsze kopie zapasowe albo niepotrzebne dane, lub zmień ustawienia kopii zapasowej. (0x81000005). Error: (04/25/2014 08:06:52 AM) (Source: Application Hang) (User: ) (EventID: 1002) Description: Program opera.exe w wersji 20.0.1387.91 zatrzymał interakcję z systemem Windows i został zamknięty. Aby zobaczyć, czy jest dostępnych więcej informacji dotyczących tego problemu, sprawdź historię problemu w panelu sterowania Centrum akcji. Identyfikator procesu: f88 Godzina rozpoczęcia: 01cf604a458acdc3 Godzina zakończenia: 5 Ścieżka aplikacji: C:\Program Files (x86)\Opera\20.0.1387.91\opera.exe Identyfikator raportu: c69cd8c3-cc3f-11e3-90ee-fb8da1de2f29 Error: (04/22/2014 00:37:29 PM) (Source: Application Hang) (User: ) (EventID: 1002) Description: Program opera.exe w wersji 20.0.1387.91 zatrzymał interakcję z systemem Windows i został zamknięty. Aby zobaczyć, czy jest dostępnych więcej informacji dotyczących tego problemu, sprawdź historię problemu w panelu sterowania Centrum akcji. Identyfikator procesu: dbc Godzina rozpoczęcia: 01cf5e161e35aa3c Godzina zakończenia: 5 Ścieżka aplikacji: C:\Program Files (x86)\Opera\20.0.1387.91\opera.exe Identyfikator raportu: Error: (04/17/2014 01:56:14 PM) (Source: Application Hang) (User: ) (EventID: 1002) Description: Program opera.exe w wersji 20.0.1387.91 zatrzymał interakcję z systemem Windows i został zamknięty. Aby zobaczyć, czy jest dostępnych więcej informacji dotyczących tego problemu, sprawdź historię problemu w panelu sterowania Centrum akcji. Identyfikator procesu: e54 Godzina rozpoczęcia: 01cf5a321852ed22 Godzina zakończenia: 8 Ścieżka aplikacji: C:\Program Files (x86)\Opera\20.0.1387.91\opera.exe Identyfikator raportu: 41b0aa71-c627-11e3-b79a-ddf96fd90d7a Error: (04/15/2014 11:41:50 AM) (Source: Application Hang) (User: ) (EventID: 1002) Description: Program opera.exe w wersji 20.0.1387.91 zatrzymał interakcję z systemem Windows i został zamknięty. Aby zobaczyć, czy jest dostępnych więcej informacji dotyczących tego problemu, sprawdź historię problemu w panelu sterowania Centrum akcji. Identyfikator procesu: 11dc Godzina rozpoczęcia: 01cf588ab161b206 Godzina zakończenia: 34 Ścieżka aplikacji: C:\Program Files (x86)\Opera\20.0.1387.91\opera.exe Identyfikator raportu: 04420f92-c482-11e3-b9da-dea798f4e27a System errors: ============= Error: (05/14/2014 07:44:47 AM) (Source: Service Control Manager) (User: ) (EventID: 7000) Description: Nie można uruchomić usługi AODDriver4.3 z powodu następującego błędu: %%2 Error: (05/13/2014 11:10:59 PM) (Source: DCOM) (User: ) (EventID: 10010) Description: {F9717507-6651-4EDB-BFF7-AE615179BCCF} Error: (05/13/2014 11:04:27 PM) (Source: Service Control Manager) (User: ) (EventID: 7000) Description: Nie można uruchomić usługi AODDriver4.3 z powodu następującego błędu: %%2 Error: (05/13/2014 07:17:37 PM) (Source: Service Control Manager) (User: ) (EventID: 7000) Description: Nie można uruchomić usługi AODDriver4.3 z powodu następującego błędu: %%2 Error: (05/13/2014 03:24:55 PM) (Source: Service Control Manager) (User: ) (EventID: 7000) Description: Nie można uruchomić usługi AODDriver4.3 z powodu następującego błędu: %%2 Error: (05/13/2014 03:13:22 PM) (Source: Service Control Manager) (User: ) (EventID: 7000) Description: Nie można uruchomić usługi AODDriver4.3 z powodu następującego błędu: %%2 Error: (05/13/2014 03:10:53 PM) (Source: Service Control Manager) (User: ) (EventID: 7000) Description: Nie można uruchomić usługi AODDriver4.3 z powodu następującego błędu: %%2 Error: (05/13/2014 02:56:45 PM) (Source: DCOM) (User: ) (EventID: 10010) Description: {F9717507-6651-4EDB-BFF7-AE615179BCCF} Error: (05/13/2014 00:17:45 PM) (Source: Service Control Manager) (User: ) (EventID: 7000) Description: Nie można uruchomić usługi AODDriver4.3 z powodu następującego błędu: %%2 Error: (05/13/2014 09:06:30 AM) (Source: DCOM) (User: ) (EventID: 10010) Description: {F9717507-6651-4EDB-BFF7-AE615179BCCF} Microsoft Office Sessions: ========================= Error: (05/06/2014 02:21:50 PM) (Source: Windows Backup) (User: ) (EventID: 4103) Description: D:\Nie można odnaleźć lokalizacji kopii zapasowej lub jest ona nieprawidłowa. Przejrzyj ustawienia kopii zapasowej i sprawdź lokalizację kopii zapasowej. (0x81000006) Error: (05/06/2014 02:20:52 PM) (Source: Windows Backup) (User: ) (EventID: 4103) Description: D:\Nie można odnaleźć lokalizacji kopii zapasowej lub jest ona nieprawidłowa. Przejrzyj ustawienia kopii zapasowej i sprawdź lokalizację kopii zapasowej. (0x81000006) Error: (05/06/2014 02:19:46 PM) (Source: Windows Backup) (User: ) (EventID: 4103) Description: D:\Nie można odnaleźć lokalizacji kopii zapasowej lub jest ona nieprawidłowa. Przejrzyj ustawienia kopii zapasowej i sprawdź lokalizację kopii zapasowej. (0x81000006) Error: (05/04/2014 07:01:20 PM) (Source: Windows Backup) (User: ) (EventID: 4104) Description: Na tym dysku jest za mało miejsca, aby zapisać kopię zapasową. Zwolnij miejsce, usuwając starsze kopie zapasowe albo niepotrzebne dane, lub zmień ustawienia kopii zapasowej. (0x81000005) Error: (04/29/2014 02:46:41 PM) (Source: Application Hang) (User: ) (EventID: 1002) Description: PCFormat.exe0.0.0.068401cf63a8eefdf46d11G:\PCFormat.exe490630a4-cf9c-11e3-bc64-b4471b282f9a Error: (04/27/2014 09:16:35 PM) (Source: Windows Backup) (User: ) (EventID: 4104) Description: Na tym dysku jest za mało miejsca, aby zapisać kopię zapasową. Zwolnij miejsce, usuwając starsze kopie zapasowe albo niepotrzebne dane, lub zmień ustawienia kopii zapasowej. (0x81000005) Error: (04/25/2014 08:06:52 AM) (Source: Application Hang) (User: ) (EventID: 1002) Description: opera.exe20.0.1387.91f8801cf604a458acdc35C:\Program Files (x86)\Opera\20.0.1387.91\opera.exec69cd8c3-cc3f-11e3-90ee-fb8da1de2f29 Error: (04/22/2014 00:37:29 PM) (Source: Application Hang) (User: ) (EventID: 1002) Description: opera.exe20.0.1387.91dbc01cf5e161e35aa3c5C:\Program Files (x86)\Opera\20.0.1387.91\opera.exe Error: (04/17/2014 01:56:14 PM) (Source: Application Hang) (User: ) (EventID: 1002) Description: opera.exe20.0.1387.91e5401cf5a321852ed228C:\Program Files (x86)\Opera\20.0.1387.91\opera.exe41b0aa71-c627-11e3-b79a-ddf96fd90d7a Error: (04/15/2014 11:41:50 AM) (Source: Application Hang) (User: ) (EventID: 1002) Description: opera.exe20.0.1387.9111dc01cf588ab161b20634C:\Program Files (x86)\Opera\20.0.1387.91\opera.exe04420f92-c482-11e3-b9da-dea798f4e27a CodeIntegrity Errors: =================================== Date: 2014-03-17 09:39:42.466 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume5\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2014-03-17 09:39:42.262 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume5\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. ==================== Memory info =========================== Percentage of memory in use: 53% Total physical RAM: 4095.3 MB Available physical RAM: 1890.32 MB Total Pagefile: 8188.79 MB Available Pagefile: 5121.07 MB Total Virtual: 8192 MB Available Virtual: 8191.84 MB ==================== Drives ================================ Drive c: (Win7) (Fixed) (Total:111.69 GB) (Free:31.75 GB) NTFS Drive d: (kopia) (Fixed) (Total:185.76 GB) (Free:75.8 GB) NTFS Drive e: (GRY) (Fixed) (Total:99.61 GB) (Free:74.34 GB) NTFS Drive f: (FOTO) (Fixed) (Total:180.39 GB) (Free:102.32 GB) NTFS Drive h: (iPlus) (CDROM) (Total:0.02 GB) (Free:0 GB) CDFS ==================== MBR & Partition Table ================== ======================================================== Disk: 0 (MBR Code: Windows 7 or 8) (Size: 466 GB) (Disk ID: F6C2F6C2) Partition 1: (Active) - (Size=186 GB) - (Type=07 NTFS) Partition 2: (Not Active) - (Size=100 GB) - (Type=07 NTFS) Partition 3: (Not Active) - (Size=180 GB) - (Type=07 NTFS) ======================================================== Disk: 1 (MBR Code: Windows 7 or 8) (Size: 112 GB) (Disk ID: 43F4580D) Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS) Partition 2: (Not Active) - (Size=112 GB) - (Type=07 NTFS) ==================== End Of Log ============================