Additional scan result of Farbar Recovery Scan Tool (x86) Version:25-05-2014 02 Ran by Demo at 2014-05-26 13:28:28 Running from C:\Users\Demo\Downloads\Programs Boot Mode: Normal ========================================================== ==================== Security Center ======================== AV: COMODO Antivirus (Enabled - Up to date) {B74CC7D2-B407-E1DC-1033-DD315BCDC8C8} AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: COMODO Antivirus (Enabled - Up to date) {0C2D2636-923D-EE52-2A83-E643204A8275} FW: COMODO Firewall (Enabled) {8F7746F7-FE68-E084-3B6C-7404A51E8FB3} ==================== Installed Programs ====================== µTorrent (HKCU\...\uTorrent) (Version: 3.4.1.31227 - BitTorrent Inc.) 9-lab Removal Tool (HKLM\...\9-lab Removal Tool) (Version: - ) ABBYY PDF Transformer 2.0 (HKLM\...\{FA200000-0001-0000-0000-074957833700}) (Version: 2.0.982.4931 - ABBYY Software Ltd.) Adobe AIR (HKLM\...\Adobe AIR) (Version: 2.6.0.19140 - Adobe Systems Incorporated) Adobe AIR (Version: 2.6.0.19140 - Adobe Systems Incorporated) Hidden Adobe Creative Cloud (HKLM\...\Adobe Creative Cloud) (Version: 2.2.1.260 - Adobe Systems Incorporated) Adobe Flash Player 13 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 13.0.0.214 - Adobe Systems Incorporated) Adobe Flash Player 13 Plugin (HKLM\...\Adobe Flash Player Plugin) (Version: 13.0.0.214 - Adobe Systems Incorporated) Adobe Photoshop CC (HKLM\...\{2D99B50E-431D-4AA8-85C1-172A6F8BCF09}) (Version: 14.0 - Adobe Systems Incorporated) Adobe Reader XI - Polish (HKLM\...\{AC76BA86-7AD7-1045-7B44-AB0000000001}) (Version: 11.0.00 - Adobe Systems Incorporated) ALSong (HKLM\...\ALSong_is1) (Version: 1.9 - ESTsoft Corp.) ALTools Update (HKLM\...\ALUpdate_is1) (Version: - ESTsoft Corp.) Angielski dla leniwych wersja 1 (HKLM\...\Angielski dla leniwych_is1) (Version: - Elżbieta Żółtak) Angielski dla znających podstawy (HKLM\...\Angielski_dla_znajacych_podstawy_is1) (Version: - ) Archiwizator WinRAR (HKLM\...\WinRAR archiver) (Version: 4.11.0 - win.rar GmbH) Audacity 2.0.3 (HKLM\...\Audacity_is1) (Version: 2.0.3 - Audacity Team) AVG PC TuneUp Language Pack (pl-PL) (Version: 12.0.4010.19 - AVG Technologies) Hidden calibre (HKLM\...\{1733BD75-088D-40E1-96B4-BAE75F559961}) (Version: 0.9.27 - Kovid Goyal) Camtasia Studio 7 (HKLM\...\{C0E8FE43-C35B-451D-B35F-D4BD056D70E7}) (Version: 7.1.1 - TechSmith Corporation) Canon Inkjet Printer/Scanner/Fax Extended Survey Program (HKLM\...\CANONIJPLM100) (Version: - ) Canon MP Navigator EX 4.0 (HKLM\...\MP Navigator EX 4.0) (Version: - ) Canon Solution Menu EX (HKLM\...\CanonSolutionMenuEX) (Version: - ) CanoScan LiDE 210 Scanner Driver (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_CNQ4809) (Version: - Canon Inc.) CCleaner (HKLM\...\CCleaner) (Version: 4.00 - Piriform) ChomikBox (HKLM\...\{C7B52FAF-58D8-438C-B810-F78C3C927504}) (Version: 2.0.8.0 - Chomikuj.pl) Citrix Online Launcher (HKLM\...\{AC7E7905-8C59-4806-A96D-30936A2B1FC5}) (Version: 1.0.168 - Citrix) Codecs for Windows 7 Pack 4.0.5 (HKLM\...\Codecs for Windows 7 Pack) (Version: 4.0.5 - Codecs for Windows 7 Pack) Combined Community Codec Pack 2010-10-10 (HKLM\...\Combined Community Codec Pack_is1) (Version: 2010.10.10.0 - CCCP Project) COMODO Internet Security Premium (HKLM\...\{7DB468A1-8F08-4862-8FFC-897779356715}) (Version: 6.3.39106.2972 - COMODO Security Solutions Inc.) Data Access Objects (DAO) 3.5 (HKLM\...\Data Access Objects (DAO) 3.5) (Version: - ) Daum PotPlayer 1.5.36609.0 Beta PL (HKLM\...\Daum PotPlayer_is1) (Version: 1.5.36609.0 Beta PL - Daum Communications) Digital Voice Editor 3 (HKLM\...\{6CCC133E-9A2F-4CAA-8866-75D029CD3AB3}) (Version: 3.3.01.11240 - Sony Corporation) EMSC (Version: 0.0.0.9C - Compal Electronics, Inc.) Hidden English Grammar in Use Extra application (HKLM\...\EnglishGrammarinUseExtra) (Version: 1.0.0 - Cambridge University Press Holdings Limited) English Grammar in Use Extra application (Version: 1.0.0 - Cambridge University Press Holdings Limited) Hidden English Grammar in Use Extra content (HKLM\...\English Grammar in Use Extra content) (Version: 1.0.0.0 - Cambridge University Press) eReg (Version: 1.20.138.34 - Logitech, Inc.) Hidden EVEREST Home Edition v2.20 (HKLM\...\EVEREST Home Edition_is1) (Version: 2.20 - Lavalys Inc) f.lux (HKCU\...\Flux) (Version: - ) Gadwin PrintScreen (HKLM\...\Gadwin PrintScreen) (Version: 4.7 - Gadwin Systems, Inc.) Google Chrome (HKLM\...\Google Chrome) (Version: 35.0.1916.114 - Google Inc.) Google Earth (HKLM\...\{4D2A6330-2F8B-11E3-9C40-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google) Google Toolbar for Internet Explorer (HKLM\...\{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version: 7.5.5111.1712 - Google Inc.) Google Toolbar for Internet Explorer (Version: 1.0.0 - Google Inc.) Hidden Google Update Helper (Version: 1.3.24.7 - Google Inc.) Hidden HP LaserJet Professional P1100-P1560-P1600 Series (HKLM\...\HP LaserJet Professional P1100-P1560-P1600 Series) (Version: - ) Internet Download Manage (HKLM\...\Internet Download Manager) (Version: - Tonec Inc.) Java 7 Update 51 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83217025FF}) (Version: 7.0.510 - Oracle) Java Auto Updater (Version: 2.1.9.8 - Sun Microsystems, Inc.) Hidden KeePass Password Safe 1.25 (HKLM\...\KeePass Password Safe_is1) (Version: 1.25 - Dominik Reichl) LAME v3.99.3 (for Windows) (HKLM\...\LAME_is1) (Version: - ) Logitech SetPoint 6.61 (HKLM\...\sp6) (Version: 6.61.15 - Logitech) Malwarebytes Anti-Malware wersja 1.75.0.1300 (HKLM\...\Malwarebytes' Anti-Malware_is1) (Version: 1.75.0.1300 - Malwarebytes Corporation) Microsoft .NET Framework 4 Extended PLK Language Pack (Version: 4.0.30319 - Microsoft Corporation) Hidden Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation) Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden Microsoft Office Access MUI (Polish) 2007 (Version: 12.0.4518.1020 - Microsoft Corporation) Hidden Microsoft Office Enterprise 2007 (HKLM\...\ENTERPRISE) (Version: 12.0.4518.1014 - Microsoft Corporation) Microsoft Office Enterprise 2007 (Version: 12.0.4518.1014 - Microsoft Corporation) Hidden Microsoft Office Excel MUI (Polish) 2007 (Version: 12.0.4518.1020 - Microsoft Corporation) Hidden Microsoft Office Groove MUI (Polish) 2007 (Version: 12.0.4518.1020 - Microsoft Corporation) Hidden Microsoft Office InfoPath MUI (Polish) 2007 (Version: 12.0.4518.1020 - Microsoft Corporation) Hidden Microsoft Office OneNote MUI (Polish) 2007 (Version: 12.0.4518.1020 - Microsoft Corporation) Hidden Microsoft Office Outlook MUI (Polish) 2007 (Version: 12.0.4518.1020 - Microsoft Corporation) Hidden Microsoft Office PowerPoint MUI (Polish) 2007 (Version: 12.0.4518.1020 - Microsoft Corporation) Hidden Microsoft Office Proof (English) 2007 (Version: 12.0.4518.1014 - Microsoft Corporation) Hidden Microsoft Office Proof (German) 2007 (Version: 12.0.4518.1014 - Microsoft Corporation) Hidden Microsoft Office Proof (Polish) 2007 (Version: 12.0.4518.1020 - Microsoft Corporation) Hidden Microsoft Office Proofing (Polish) 2007 (Version: 12.0.4518.1020 - Microsoft Corporation) Hidden Microsoft Office Publisher MUI (Polish) 2007 (Version: 12.0.4518.1020 - Microsoft Corporation) Hidden Microsoft Office Shared MUI (Polish) 2007 (Version: 12.0.4518.1020 - Microsoft Corporation) Hidden Microsoft Office Word MUI (Polish) 2007 (Version: 12.0.4518.1020 - Microsoft Corporation) Hidden Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.20125.0 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Mozilla Firefox 29.0.1 (x86 pl) (HKLM\...\Mozilla Firefox 29.0.1 (x86 pl)) (Version: 29.0.1 - Mozilla) Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 29.0.1 - Mozilla) Mozilla Thunderbird 24.5.0 (x86 pl) (HKLM\...\Mozilla Thunderbird 24.5.0 (x86 pl)) (Version: 24.5.0 - Mozilla) Niemiecki 1000 najważniejszych słówek i zdań (HKLM\...\Niemiecki_1000_najwazniejszych_is1) (Version: - ) Nowe Gadu-Gadu (HKLM\...\Nowe Gadu-Gadu) (Version: - GG Network S.A.) NVIDIA Oprogramowanie systemu PhysX 9.13.0604 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.13.0604 - NVIDIA Corporation) NVIDIA PhysX (Version: 9.13.0604 - NVIDIA Corporation) Hidden NVIDIA Stereoscopic 3D Driver (Version: 7.17.13.2049 - NVIDIA Corporation) Hidden NVIDIA Sterownik 3D Vision 320.49 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 320.49 - NVIDIA Corporation) NVIDIA Sterownik graficzny 320.49 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 320.49 - NVIDIA Corporation) Octoshape add-in for Adobe Flash Player (HKCU\...\Octoshape add-in for Adobe Flash Player) (Version: - ) Panel sterowania NVIDIA 320.49 (Version: 320.49 - NVIDIA Corporation) Hidden PDF Settings CC (Version: 12.0 - Adobe Systems Incorporated) Hidden Polski pakiet językowy dla programu Microsoft .NET Framework 4 Extended (HKLM\...\Microsoft .NET Framework 4 Extended PLK Language Pack) (Version: 4.0.30319 - Microsoft Corporation) Profesor Henry 6.0 Słownictwo poziom 1 i 2 (HKLM\...\slow_12_60_is1) (Version: - ) Qtrax Player (HKCU\...\1949566467.portal.qtrax.com) (Version: - portal.qtrax.com) Qtrax Player (HKLM\...\{58C91689-85E3-4B25-ADEC-2697986DF817}) (Version: 1.00.0001 - Qtrax) Realtek High Definition Audio Driver (HKLM\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6316 - Realtek Semiconductor Corp.) RecordPad Sound Recorder (HKLM\...\Recordpad) (Version: 4.32 - NCH Software) Revo Uninstaller Pro 3.0.7 (HKLM\...\{67579783-0FB7-4F7B-B881-E5BE47C9DBE0}_is1) (Version: 3.0.7 - VS Revo Group, Ltd.) RICOH R5C83x/84x Flash Media Controller Driver Ver.3.57.01 (HKLM\...\{59F6A514-9813-47A3-948C-8A155460CC2A}) (Version: 3.57.01 - RICOH) SAMSUNG USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.3.450.0 - SAMSUNG Electronics Co., Ltd.) SearchMe Toolbar v9.2 (HKLM\...\{3EDCC104-646E-4623-A537-AFE5C2BBBD63}) (Version: 9.2 - Spigot, Inc.) <==== ATTENTION Skype™ 6.14 (HKLM\...\{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}) (Version: 6.14.104 - Skype Technologies S.A.) Slick Savings (HKLM\...\{3A787631-66A2-4634-B928-A37E73B58FB6}) (Version: 1.3 - Spigot, Inc.) <==== ATTENTION Smart Battery (HKLM\...\InstallShield_{449A16C4-83B3-426C-AA4A-00A34E80C093}) (Version: 1.0.0.12 - ) Smart Battery (Version: 1.0.0.12 - ) Hidden Sony Digital Voice Player Ver.2.1 (HKLM\...\Sony Digital Voice Player Ver.2.1) (Version: - ) SoundTap Streaming Audio Recorder (HKLM\...\SoundTap) (Version: 2.26 - NCH Software) SuperMemo Rozmówki niemieckie w miesiąc (HKLM\...\SuperMemo Rozmówki niemieckie w miesiąc) (Version: - ) SuperMemo UX - Mobilne rozmówki angielskie (HKLM\...\SuperMemo UX - Mobilne rozmówki angielskie ) (Version: 1.3.7.1 - SuperMemo World) Switch Sound File Converter (HKLM\...\Switch) (Version: - NCH Software) TrueCrypt (HKLM\...\TrueCrypt) (Version: 7.1a - TrueCrypt Foundation) Unity Web Player (HKCU\...\UnityWebPlayer) (Version: - Unity Technologies ApS) WavePad Sound Editor (HKLM\...\WavePad) (Version: 5.68 - NCH Software) Wielki słownik angielsko-polski i polsko-angielski PWN-OXFORD (HKLM\...\Wielki słownik angielsko-polski i polsko-angielski PWN-OXFORD) (Version: - ) Windows 7 Codec Pack 4.0.9 (HKLM\...\Windows 7 - Codec Pack) (Version: 4.0.9 - Windows 7 Codec Pack) Wireless Select Switch (HKLM\...\InstallShield_{065A7AFE-195D-4DFB-A4B2-A83842C0F79F}) (Version: 2.0.0.2 - ) Wireless Select Switch (Version: 2.0.0.2 - ) Hidden YDP Flash Speech Recognition Support 1.2 (HKLM\...\YDP Flash Speech Recognition Support) (Version: 1.2 - YDP) ==================== Restore Points ========================= 25-05-2014 15:37:50 Revo Uninstaller Pro's restore point - Mobile Partner 25-05-2014 15:45:08 Revo Uninstaller Pro's restore point - Opera Stable 21.0.1432.67 25-05-2014 15:46:54 Revo Uninstaller Pro's restore point - Thread Manager 2.4.0.0 25-05-2014 15:47:51 Revo Uninstaller Pro's restore point - GoToMeeting 6.3.0.1415 25-05-2014 15:50:05 Revo Uninstaller Pro's restore point - ConvertHelper 2.2 25-05-2014 15:52:02 Revo Uninstaller Pro's restore point - PrivDog 25-05-2014 15:56:31 Revo Uninstaller Pro's restore point - MediaCaster by Ask 25-05-2014 17:01:19 Kopia zapasowa systemu Windows 26-05-2014 05:16:59 Revo Uninstaller Pro's restore point - 9-lab Removal Tool 26-05-2014 09:45:31 Revo Uninstaller Pro's restore point - DAEMON Tools Lite 26-05-2014 10:36:54 SPTD setup V1.86 ==================== Hosts content: ========================== 2009-07-14 04:04 - 2013-11-16 13:23 - 00000851 ____A C:\Windows\system32\Drivers\etc\hosts 127.0.0.1 localhost ==================== Scheduled Tasks (whitelisted) ============= Task: {0730C04C-033C-4E55-9150-C16C2AB4BA1D} - System32\Tasks\NCH Swift Sound\switchDowngrade => C:\Program Files\NCH Swift Sound\Switch\switch.exe [2014-02-27] (NCH Software) Task: {08DCA798-5F3A-492E-9595-009E03E358D7} - System32\Tasks\{8078DFFE-F910-4B16-B9FA-CE2039CDE498} => G:\autorun.exe Task: {0FB0F3C9-B5DA-4265-85CB-1928AB60F97E} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2013-03-25] (Piriform Ltd) Task: {12965472-3C56-46A2-8A66-A190A1D41F3E} - System32\Tasks\RunAsStdUser Task => C:\Program Files\ESTsoft\ALSong\ALSong.exe [2009-01-12] (ESTsoft corp.) <==== ATTENTION Task: {141712AA-830E-4523-91AF-86845DB07418} - System32\Tasks\Java Update Scheduler => C:\Program Files\Common Files\Java\Java Update\jusched.exe [2013-07-02] (Oracle Corporation) Task: {1751FA43-A93E-48DB-9D49-51B27448BB79} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2013-04-06] (Google Inc.) Task: {20DCF918-AA78-4C2D-B1A9-6F68CE69733C} - System32\Tasks\Opera D4 => C:\Program Files\Opera\launcher.exe Task: {2BEEB4E2-D44E-4825-87D9-DF0ED680F8BB} - System32\Tasks\{540982EF-754A-4E86-9051-30D0228823CA} => G:\autorun.exe Task: {51E00E75-ECA2-49F1-938B-88845857E6B0} - System32\Tasks\Microsoft\Windows\WindowsBackup\AutomaticBackup => Rundll32.exe /d sdengin2.dll,ExecuteScheduledBackup Task: {53224750-7317-43D1-9B49-28BA20801135} - System32\Tasks\{B81AE090-7592-4952-A1E6-1CB287602D45} => G:\setup\Setup.exe Task: {58EC64C6-80EE-4CA3-93AD-2E7335FD9E12} - System32\Tasks\COMODO\COMODO Update {A6D52E4F-569B-4756-B3D8-DF217313DA85} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe [2014-04-16] (COMODO) Task: {5E671DD4-5EA5-4A72-B67D-966902107F1A} - \Program aktualizacji online firmy Adobe. No Task File <==== ATTENTION Task: {613476F0-EB19-4C5C-94AC-C18A668A82AF} - System32\Tasks\{F634C49B-F04B-40F8-B139-4C458478D29A} => G:\setup\Setup.exe Task: {703207E2-6424-4E99-8316-838FD665CA74} - System32\Tasks\Opera D6 => C:\Program Files\Opera\launcher.exe Task: {78B84086-669F-43AB-AFDB-7269E29AA7B6} - System32\Tasks\{D035BA7D-1904-478E-AE21-9862A6868104} => G:\setup\Setup.exe Task: {967A503D-2543-46A6-B98B-6DFED28608CD} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2014-05-14] (Adobe Systems Incorporated) Task: {97F903DB-4EF0-44F6-84BE-4C6836F99A08} - System32\Tasks\update-sys => C:\Program Files\Skillbrains\Updater\Updater.exe [2013-09-27] () Task: {9826754A-401E-40EC-86A9-34BA847B3130} - System32\Tasks\COMODO\COMODO Signature Update {B9D5C6F9-17D2-4917-8BD0-614BAA1C6A59} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe [2014-04-16] (COMODO) Task: {9A72A5C4-819E-4294-9D79-B4F5F6849514} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2013-04-06] (Google Inc.) Task: {9E9672BD-E44C-4DDB-94BA-198082014311} - System32\Tasks\COMODO\COMODO Scan {F140D794-60B6-4F00-9235-D6457AA25B22} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe [2014-04-16] (COMODO) Task: {A1DEBD16-192B-45FA-AA88-E96AB7C6CF52} - System32\Tasks\update-S-1-5-21-3563080303-3263635683-2540059217-1000 => C:\Program Files\Skillbrains\Updater\Updater.exe [2013-09-27] () Task: {B5CAF8A4-9166-4BC3-86F7-85E972427E8F} - System32\Tasks\Opera D5 => C:\Program Files\Opera\launcher.exe Task: {B621D3AF-8228-4941-A882-4B29F4A1CEDC} - System32\Tasks\Opera D7 => C:\Program Files\Opera\launcher.exe Task: {C3C70571-C695-471E-930E-9CF3B2BF5389} - System32\Tasks\NCH Swift Sound\switchShakeIcon => C:\Program Files\NCH Swift Sound\Switch\Switch.exe [2014-02-27] (NCH Software) Task: {F8E1D815-4BF1-47C5-9509-A30F7DF65276} - System32\Tasks\TuneUpUtilities_Task_BkGndMaintenance2012 => C:\Program Files\AVG\AVG PC TuneUp\OneClick.exe Task: {FF3925B6-D256-4EB8-8E61-D0518B1E5676} - System32\Tasks\COMODO\COMODO Cache Builder {0FB77674-7905-4F34-A362-C5A9A26F8CF9} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe [2014-04-16] (COMODO) Task: {FFDF8D02-FC54-4E64-8063-045BA91EFA16} - System32\Tasks\{720E6AB2-FD9D-4B0B-8882-4680D0011E2A} => G:\setup\Setup.exe Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\update-S-1-5-21-3563080303-3263635683-2540059217-1000.job => C:\Program Files\Skillbrains\Updater\Updater.exe Task: C:\Windows\Tasks\update-sys.job => C:\Program Files\Skillbrains\Updater\Updater.exe ==================== Loaded Modules (whitelisted) ============= 2013-04-06 22:37 - 2013-06-21 11:52 - 00079648 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax.dll 2013-10-16 19:01 - 2013-10-16 19:01 - 02601328 _____ () C:\Program Files\Adobe\Adobe Creative Cloud\CoreSync\CoreSync_x86.dll 2014-01-17 03:32 - 2012-08-31 16:01 - 00151552 _____ () C:\Windows\System32\HP1100LM.DLL 2014-01-17 03:34 - 2012-08-31 16:01 - 00069632 _____ () C:\Windows\system32\spool\PRTPROCS\W32X86\HP1100PP.DLL 2014-04-03 15:16 - 2010-04-05 21:55 - 00116104 _____ () C:\Program Files\Canon\IJPLM\IJPLMSVC.EXE 2007-04-19 15:21 - 2007-04-19 15:21 - 00266240 _____ () C:\Windows\system32\EMSC.dll 2013-02-25 16:50 - 2013-02-25 16:50 - 00704520 _____ () C:\Windows\System32\C2MP\TrayMenu.exe 2013-03-16 05:49 - 2013-03-16 05:49 - 00046816 _____ () C:\Windows\System32\C2MP\UpdateChecker.exe 2014-05-23 00:21 - 2014-05-14 01:40 - 00716616 _____ () C:\Program Files\Google\Chrome\Application\35.0.1916.114\libglesv2.dll 2014-05-23 00:21 - 2014-05-14 01:40 - 00126280 _____ () C:\Program Files\Google\Chrome\Application\35.0.1916.114\libegl.dll 2014-05-23 00:21 - 2014-05-14 01:40 - 04217672 _____ () C:\Program Files\Google\Chrome\Application\35.0.1916.114\pdf.dll 2014-05-23 00:21 - 2014-05-14 01:40 - 00414536 _____ () C:\Program Files\Google\Chrome\Application\35.0.1916.114\ppGoogleNaClPluginChrome.dll 2014-05-23 00:21 - 2014-05-14 01:40 - 01732424 _____ () C:\Program Files\Google\Chrome\Application\35.0.1916.114\ffmpegsumo.dll 2013-04-15 18:39 - 2013-04-15 18:39 - 00070352 _____ () C:\Program Files\COMODO\COMODO Internet Security\scanners\smart.cav ==================== Alternate Data Streams (whitelisted) ========= ==================== Safe Mode (whitelisted) =================== ==================== EXE Association (whitelisted) ============= ==================== Disabled items from MSCONFIG ============== ==================== Faulty Device Manager Devices ============= ==================== Event log errors: ========================= Application errors: ================== Error: (05/26/2014 00:43:15 PM) (Source: Winlogon) (EventID: 4103) (User: ) Description: Aktywacja licencji systemu Windows nie powiodła się. Błąd 0x80070005. Error: (05/26/2014 00:36:53 PM) (Source: VSS) (EventID: 8194) (User: ) Description: Błąd Usługi kopiowania woluminów w tle: nieoczekiwany błąd podczas badania interfejsu IVssWriterCallback. hr = 0x80070005, Odmowa dostępu. . To jest często spowodowane przez niepoprawne ustawienia zabezpieczeń w procesie zapisującym lub żądającym. Operacja: Zbieranie danych modułu zapisującego Kontekst: Identyfikator klasy modułu zapisującego: {e8132975-6f93-4464-a53e-1050253ae220} Nazwa modułu zapisującego: System Writer Identyfikator wystąpienia modułu zapisującego: {43b14b22-6832-459b-a5df-b666538d9f81} Error: (05/26/2014 00:05:24 PM) (Source: Winlogon) (EventID: 4103) (User: ) Description: Aktywacja licencji systemu Windows nie powiodła się. Błąd 0x80070005. Error: (05/26/2014 11:52:19 AM) (Source: Winlogon) (EventID: 4103) (User: ) Description: Aktywacja licencji systemu Windows nie powiodła się. Błąd 0x80070005. Error: (05/26/2014 11:45:37 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: ) Description: Przetwarzanie wywołania OnIdentity() w obiekcie System Writer przez Usługi kryptograficzne nie powiodło się. Details: AddWin32ServiceFiles: Unable to back up image of service Application Updater since QueryServiceConfig API failed System Error: Nie można odnaleźć określonego pliku. . Error: (05/26/2014 11:38:40 AM) (Source: SideBySide) (EventID: 33) (User: ) Description: Nie można wygenerować kontekstu aktywacji dla "Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"1". Nie można odnaleźć zestawu zależnego Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0". Użyj narzędzia sxstrace.exe, aby uzyskać szczegółową diagnozę. Error: (05/26/2014 11:35:53 AM) (Source: SideBySide) (EventID: 33) (User: ) Description: Nie można wygenerować kontekstu aktywacji dla "Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"1". Nie można odnaleźć zestawu zależnego Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0". Użyj narzędzia sxstrace.exe, aby uzyskać szczegółową diagnozę. Error: (05/26/2014 07:16:56 AM) (Source: VSS) (EventID: 8194) (User: ) Description: Błąd Usługi kopiowania woluminów w tle: nieoczekiwany błąd podczas badania interfejsu IVssWriterCallback. hr = 0x80070005, Odmowa dostępu. . To jest często spowodowane przez niepoprawne ustawienia zabezpieczeń w procesie zapisującym lub żądającym. Operacja: Zbieranie danych modułu zapisującego Kontekst: Identyfikator klasy modułu zapisującego: {e8132975-6f93-4464-a53e-1050253ae220} Nazwa modułu zapisującego: System Writer Identyfikator wystąpienia modułu zapisującego: {5a2fed79-391e-4b9d-a4bb-b972973816f6} Error: (05/26/2014 06:21:25 AM) (Source: Winlogon) (EventID: 4103) (User: ) Description: Aktywacja licencji systemu Windows nie powiodła się. Błąd 0x80070005. Error: (05/25/2014 11:41:00 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Nazwa aplikacji powodującej błąd: rmtool.exe, wersja: 1.0.0.24, sygnatura czasowa: 0x5347fd81 Nazwa modułu powodującego błąd: unknown, wersja: 0.0.0.0, sygnatura czasowa: 0x00000000 Kod wyjątku: 0xc0000005 Przesunięcie błędu: 0x9aaf0b36 Identyfikator procesu powodującego błąd: 0x115c Godzina uruchomienia aplikacji powodującej błąd: 0xrmtool.exe0 Ścieżka aplikacji powodującej błąd: rmtool.exe1 Ścieżka modułu powodującego błąd: rmtool.exe2 Identyfikator raportu: rmtool.exe3 System errors: ============= Error: (05/26/2014 00:10:53 PM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: Usługa Usługa Kaspersky Security Scan niespodziewanie zakończyła pracę. Wystąpiło to razy: 1. Error: (05/26/2014 11:57:45 AM) (Source: Microsoft-Windows-HAL) (EventID: 12) (User: ) Description: Oprogramowanie układowe platformy spowodowało uszkodzenie pamięci podczas poprzedniego przejścia do innego trybu zasilania systemu. Sprawdź dostępność zaktualizowanego oprogramowania układowego przeznaczonego do tego systemu. Error: (05/26/2014 06:39:08 AM) (Source: DCOM) (EventID: 10001) (User: ) Description: C:\Windows\System32\slui.exe -Embedding5{F87B28F1-DA9A-4F35-8EC0-800EFCF26B83} Error: (05/25/2014 10:39:14 PM) (Source: EventLog) (EventID: 6008) (User: ) Description: Poprzednie zamknięcie systemu przy 22:31:55 na ‎2014-‎05-‎25 było nieoczekiwane. Error: (05/25/2014 03:51:31 PM) (Source: volsnap) (EventID: 36) (User: ) Description: Wykonywanie kopii w tle woluminu C: zostało przerwane, ponieważ nie można powiększyć magazynu kopii w tle z powodu limitu wprowadzonego przez użytkownika. Error: (05/25/2014 00:44:03 PM) (Source: DCOM) (EventID: 10001) (User: ) Description: C:\Windows\System32\slui.exe -Embedding5{F87B28F1-DA9A-4F35-8EC0-800EFCF26B83} Error: (05/25/2014 00:38:58 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Nie można uruchomić usługi AVG PC TuneUp Service z powodu następującego błędu: %%2 Error: (05/24/2014 04:09:54 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Nie można uruchomić usługi AVG PC TuneUp Service z powodu następującego błędu: %%2 Error: (05/24/2014 01:51:58 PM) (Source: Disk) (EventID: 7) (User: ) Description: W urządzeniu \Device\Harddisk0\DR0 wystąpił zły blok. Error: (05/24/2014 01:51:55 PM) (Source: Disk) (EventID: 7) (User: ) Description: W urządzeniu \Device\Harddisk0\DR0 wystąpił zły blok. Microsoft Office Sessions: ========================= Error: (12/22/2013 03:06:46 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: ) Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.4518.1014, Microsoft Office Version: 12.0.4518.1014. This session lasted 5 seconds with 0 seconds of active time. This session ended with a crash. Error: (12/22/2013 03:06:32 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: ) Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.4518.1014, Microsoft Office Version: 12.0.4518.1014. This session lasted 11 seconds with 0 seconds of active time. This session ended with a crash. Error: (12/22/2013 03:06:09 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: ) Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.4518.1014, Microsoft Office Version: 12.0.4518.1014. This session lasted 4 seconds with 0 seconds of active time. This session ended with a crash. Error: (12/22/2013 03:05:55 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: ) Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.4518.1014, Microsoft Office Version: 12.0.4518.1014. This session lasted 11 seconds with 0 seconds of active time. This session ended with a crash. Error: (12/22/2013 03:05:35 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: ) Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.4518.1014, Microsoft Office Version: 12.0.4518.1014. This session lasted 14 seconds with 0 seconds of active time. This session ended with a crash. Error: (12/05/2013 10:02:31 AM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: ) Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.4518.1014, Microsoft Office Version: 12.0.4518.1014. This session lasted 209715 seconds with 4500 seconds of active time. This session ended with a crash. Error: (06/27/2013 06:57:06 AM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: ) Description: ID: 1, Application Name: Microsoft Office Excel, Application Version: 12.0.4518.1014, Microsoft Office Version: 12.0.4518.1014. This session lasted 168054 seconds with 60 seconds of active time. This session ended with a crash. Error: (06/25/2013 08:12:58 AM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: ) Description: ID: 1, Application Name: Microsoft Office Excel, Application Version: 12.0.4518.1014, Microsoft Office Version: 12.0.4518.1014. This session lasted 130 seconds with 120 seconds of active time. This session ended with a crash. CodeIntegrity Errors: =================================== Date: 2013-09-15 01:43:10.520 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\ELAMBKUP\klelam.sys because the set of per-page image hashes could not be found on the system. Date: 2013-09-15 01:43:10.516 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\ELAMBKUP\klelam.sys because the set of per-page image hashes could not be found on the system. Date: 2013-09-15 01:43:10.513 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\ELAMBKUP\klelam.sys because the set of per-page image hashes could not be found on the system. Date: 2013-09-15 01:43:10.490 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\ELAMBKUP\klelam.sys because the set of per-page image hashes could not be found on the system. Date: 2013-09-15 01:43:10.486 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\ELAMBKUP\klelam.sys because the set of per-page image hashes could not be found on the system. Date: 2013-09-15 01:43:10.482 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\ELAMBKUP\klelam.sys because the set of per-page image hashes could not be found on the system. Date: 2013-09-15 01:43:10.464 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Program Files\Kaspersky Lab\Kaspersky Internet Security 2013\KLELAMX86\klelam.sys because the set of per-page image hashes could not be found on the system. Date: 2013-09-15 01:43:10.459 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Program Files\Kaspersky Lab\Kaspersky Internet Security 2013\KLELAMX86\klelam.sys because the set of per-page image hashes could not be found on the system. Date: 2013-09-15 01:43:10.438 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Program Files\Kaspersky Lab\Kaspersky Internet Security 2013\KLELAMX86\klelam.sys because the set of per-page image hashes could not be found on the system. Date: 2013-09-15 01:43:10.427 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Program Files\Kaspersky Lab\Kaspersky Internet Security 2013\KLELAMX86\klelam.sys because the set of per-page image hashes could not be found on the system. ==================== Memory info =========================== Percentage of memory in use: 59% Total physical RAM: 2046.43 MB Available physical RAM: 835.24 MB Total Pagefile: 4092.86 MB Available Pagefile: 2386.23 MB Total Virtual: 2047.88 MB Available Virtual: 1889.02 MB ==================== Drives ================================ Drive c: () (Fixed) (Total:78.13 GB) (Free:30.94 GB) NTFS ==>[Drive with boot components (obtained from BCD)] Drive d: () (Fixed) (Total:73.24 GB) (Free:70.51 GB) NTFS Drive e: () (Fixed) (Total:81.51 GB) (Free:9.9 GB) NTFS ==================== MBR & Partition Table ================== ======================================================== Disk: 0 (MBR Code: Windows 7 or 8) (Size: 233 GB) (Disk ID: 1D151D15) Partition 1: (Active) - (Size=78 GB) - (Type=07 NTFS) Partition 2: (Not Active) - (Size=155 GB) - (Type=OF Extended) ==================== End Of Log ============================