Additional scan result of Farbar Recovery Scan Tool (x64) Version: 27-10-2014 Ran by beka at 2014-10-27 19:43:44 Running from E:\ Boot Mode: Normal ========================================================== ==================== Security Center ======================== (If an entry is included in the fixlist, it will be removed.) AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} ==================== Installed Programs ====================== (Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.) Acrobat.com (HKLM-x32\...\{287ECFA4-719A-2143-A09B-D6A12DE54E40}) (Version: 1.6.65 - Adobe Systems Incorporated) Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 1.5.0.7220 - Adobe Systems Inc.) Adobe Flash Player 10 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 10.1.53.64 - Adobe Systems Incorporated) Adobe Reader 9.5.5 MUI (HKLM-x32\...\{AC76BA86-7AD7-FFFF-7B44-A91000000001}) (Version: 9.5.5 - Adobe Systems Incorporated) Agatha Christie - Death on the Nile (x32 Version: 2.2.0.95 - WildTangent) Hidden Asystent rejestracji usługi Windows Live (HKLM-x32\...\{51958BA7-21E4-4A8B-9098-CD8375BD17B2}) (Version: 5.000.818.5 - Microsoft Corporation) Bejeweled 2 Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden Brother DCP-365CN (HKLM-x32\...\{EE7F8F98-B75B-4E3D-B595-43DC522080A1}) (Version: 1.00 - Brother) Build-a-lot 2 (x32 Version: 2.2.0.95 - WildTangent) Hidden CCleaner (HKLM\...\CCleaner) (Version: 4.19 - Piriform) Chuzzle Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden Conexant HD Audio (HKLM\...\CNXT_AUDIO_HDA) (Version: 4.119.1.61 - Conexant) Diner Dash 2 Restaurant Rescue (x32 Version: 2.2.0.95 - WildTangent) Hidden eMachines Game Console (x32 Version: - WildTangent) Hidden eMachines Games (HKLM-x32\...\WildTangent emachines Master Uninstall) (Version: 1.0.1.3 - WildTangent) eMachines Power Management (HKLM-x32\...\{3DB0448D-AD82-4923-B305-D001E521A964}) (Version: 5.00.3005 - Acer Incorporated) eMachines Recovery Management (HKLM-x32\...\{7F811A54-5A09-4579-90E1-C93498E230D9}) (Version: 4.05.3013 - Acer Incorporated) eMachines Registration (HKLM-x32\...\eMachines Registration) (Version: 1.03.3003 - Acer Incorporated) eMachines ScreenSaver (HKLM-x32\...\eMachines Screensaver) (Version: 1.1.0705.2010 - Acer Incorporated) eMachines Updater (HKLM-x32\...\{EE171732-BEB4-4576-887D-CB62727F01CA}) (Version: 1.02.3001 - Acer Incorporated) Farm Frenzy (x32 Version: 2.2.0.95 - WildTangent) Hidden FATE (x32 Version: 2.2.0.95 - WildTangent) Hidden Final Drive Nitro (x32 Version: 2.2.0.95 - WildTangent) Hidden Galeria fotografii usługi Windows Live (x32 Version: 14.0.8081.709 - Microsoft Corporation) Hidden Google Chrome (HKLM-x32\...\Google Chrome) (Version: 38.0.2125.104 - Google Inc.) Google Update Helper (x32 Version: 1.3.25.5 - Google Inc.) Hidden Identity Card (HKLM-x32\...\Identity Card) (Version: 1.00.3003 - Acer Incorporated) Insaniquarium Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden Intel(R) Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1007 - Intel Corporation) Intel(R) Graphics Media Accelerator Driver (HKLM\...\HDMI) (Version: 8.15.10.1892 - Intel Corporation) Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 9.6.0.1014 - Intel Corporation) Internet Manager (HKLM\...\{27D28586-BEF1-4E06-8787-3B1FC3A41489}) (Version: 1.0.0.3 - ZTE CORPORATION) Jewel Quest Solitaire 2 (x32 Version: 2.2.0.95 - WildTangent) Hidden John Deere Drive Green (x32 Version: 2.2.0.95 - WildTangent) Hidden Junk Mail filter update (x32 Version: 14.0.8089.726 - Microsoft Corporation) Hidden Launch Manager (HKLM-x32\...\LManager) (Version: 3.0.01 - eMachines) Microsoft Office 2010 (HKLM-x32\...\{95140000-0070-0000-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation) Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation) Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) MSVCRT (x32 Version: 14.0.1468.721 - Microsoft) Hidden Narzędzie do przekazywania usługi Windows Live (HKLM-x32\...\{205C6BDD-7B73-42DE-8505-9A093F35A238}) (Version: 14.0.8014.1029 - Microsoft Corporation) NTI Backup Now 5 (HKLM-x32\...\InstallShield_{12EFA1A4-AC3B-443C-8143-237EDE760403}) (Version: 5.1.2.630 - NewTech Infosystems) NTI Backup Now Standard (x32 Version: 5.1.2.630 - NewTech Infosystems) Hidden NTI Media Maker 8 (HKLM-x32\...\InstallShield_{2413930C-8309-47A6-BC61-5EF27A4222BC}) (Version: 8.0.12.6636 - NewTech Infosystems) NTI Media Maker 8 (x32 Version: 8.0.12.6636 - NewTech Infosystems) Hidden Penguins! (x32 Version: 2.2.0.95 - WildTangent) Hidden Plants vs. Zombies (x32 Version: 2.2.0.95 - WildTangent) Hidden Poczta usługi Windows Live (x32 Version: 14.0.8089.0726 - Microsoft Corporation) Hidden Podstawowe programy Windows Live (HKLM-x32\...\WinLiveSuite_Wave3) (Version: 14.0.8089.0726 - Microsoft Corporation) Podstawowe programy Windows Live (x32 Version: 14.0.8089.726 - Microsoft Corporation) Hidden Polar Bowler (x32 Version: 2.2.0.95 - WildTangent) Hidden Polar Golfer (x32 Version: 2.2.0.95 - WildTangent) Hidden Realtek USB 2.0 Card Reader (HKLM-x32\...\{96AE7E41-E34E-47D0-AC07-1091A8127911}) (Version: 6.1.7600.30122 - Realtek Semiconductor Corp.) SMPlayer 14.3.0 (HKLM-x32\...\SMPlayer) (Version: 14.3.0 - Ricardo Villalba) Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 15.0.18.0 - Synaptics Incorporated) Video Web Camera (HKLM-x32\...\{62D1C755-74C9-4BA0-841B-B7D795DEA9C7}) (Version: 1.0.3.7 - liteon) Virtual Villagers 4 - The Tree of Life (x32 Version: 2.2.0.95 - WildTangent) Hidden Welcome Center (HKLM-x32\...\eMachines Welcome Center) (Version: 1.02.3002 - Acer Incorporated) Windows Live Sync (HKLM-x32\...\{2E522ED6-01E2-4207-82D5-B3BFB31B8BD4}) (Version: 14.0.8089.726 - Microsoft Corporation) Wtyczka e-Deklaracje (HKLM-x32\...\{81BF6353-3C5B-4E6E-A566-7E162A00BF72}_is1) (Version: 4.0.0 - Ministerstwo Finansów) Zuma Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden Zuma's Revenge (x32 Version: 2.2.0.95 - WildTangent) Hidden ==================== Custom CLSID (selected items): ========================== (If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.) ==================== Restore Points ========================= 05-09-2014 10:27:27 Windows Update 11-09-2014 16:30:26 Windows Update 12-09-2014 16:22:35 Windows Update 16-09-2014 12:35:27 Windows Update 23-09-2014 19:33:18 Windows Update 28-09-2014 17:44:06 Windows Update 03-10-2014 22:35:53 Windows Update 08-10-2014 16:58:39 Windows Update 17-10-2014 12:47:56 Windows Update 21-10-2014 09:33:09 Windows Update 24-10-2014 11:42:15 Windows Update 27-10-2014 18:08:15 Removed Panda Devices Agent. ==================== Hosts content: ========================== (If needed Hosts: directive could be included in the fixlist to reset Hosts.) 2009-07-14 03:34 - 2009-06-10 22:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts ==================== Scheduled Tasks (whitelisted) ============= (If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.) Task: {6AEF19A5-DF98-49AD-B6CC-B481C06DE621} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-10-04] (Google Inc.) Task: {9B977921-951F-476E-AFFF-5C28805F6F62} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-10-04] (Google Inc.) Task: {CD8657DA-5E9F-40A2-A8DF-9C7F2D551DB0} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-10-23] (Piriform Ltd) Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe ==================== Loaded Modules (whitelisted) ============= 2014-09-16 18:42 - 2012-09-10 03:03 - 00221552 _____ () C:\Program Files (x86)\T-Mobile\InternetManager_Z\Bin\dbus-daemon.exe 2014-09-16 18:42 - 2012-09-10 03:03 - 00037232 _____ () C:\Program Files (x86)\T-Mobile\InternetManager_Z\Bin\db_daemon.exe 2014-09-16 18:42 - 2011-05-06 04:03 - 00594944 _____ () C:\Program Files (x86)\T-Mobile\InternetManager_Z\Bin\dbus-1.dll 2014-09-16 18:42 - 2012-09-10 02:42 - 00099840 _____ () C:\Program Files (x86)\T-Mobile\InternetManager_Z\Bin\itapi.dll 2014-09-16 18:42 - 2012-09-10 02:42 - 00027648 _____ () C:\Program Files (x86)\T-Mobile\InternetManager_Z\Bin\log.dll 2014-09-16 18:42 - 2010-10-14 10:37 - 00971776 _____ () C:\Program Files (x86)\T-Mobile\InternetManager_Z\Bin\libxml2.dll 2014-09-16 18:42 - 2010-10-14 10:37 - 00080688 _____ () C:\Program Files (x86)\T-Mobile\InternetManager_Z\Bin\zlib1.dll 2014-09-16 18:42 - 2012-09-10 02:42 - 00058880 _____ () C:\Program Files (x86)\T-Mobile\InternetManager_Z\Bin\coder.dll 2014-09-16 18:42 - 2012-09-10 02:42 - 00043520 _____ () C:\Program Files (x86)\T-Mobile\InternetManager_Z\Bin\audio.dll 2014-09-16 18:42 - 2012-09-10 02:42 - 00036352 _____ () C:\Program Files (x86)\T-Mobile\InternetManager_Z\Bin\libConfig.dll 2014-09-16 18:42 - 2012-09-10 02:39 - 00021504 _____ () C:\Program Files (x86)\T-Mobile\InternetManager_Z\Bin\libctlsvr.dll 2014-09-16 18:42 - 2011-12-26 08:41 - 00090624 _____ () C:\Program Files (x86)\T-Mobile\InternetManager_Z\Bin\CaptureCrash.dll 2014-09-16 18:42 - 2007-09-09 16:07 - 00151552 _____ () C:\Program Files (x86)\T-Mobile\InternetManager_Z\Bin\libexpat.dll 2014-09-16 18:42 - 2011-05-06 04:02 - 00341504 _____ () C:\Program Files (x86)\T-Mobile\InternetManager_Z\Bin\sqlite3.dll ==================== Alternate Data Streams (whitelisted) ========= (If an entry is included in the fixlist, only the Alternate Data Streams will be removed.) ==================== Safe Mode (whitelisted) =================== (If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.) ==================== EXE Association (whitelisted) ============= (If an entry is included in the fixlist, the default will be restored. None default entries will be removed.) ==================== MSCONFIG/TASK MANAGER disabled items ========= (Currently there is no automatic fix for this section.) MSCONFIG\Services: PandaAgent => 2 ========================= Accounts: ========================== Administrator (S-1-5-21-1217994351-2649248774-3443571113-500 - Administrator - Disabled) Ala (S-1-5-21-1217994351-2649248774-3443571113-1001 - Administrator - Enabled) => C:\Users\Ala beka (S-1-5-21-1217994351-2649248774-3443571113-1000 - Administrator - Enabled) => C:\Users\beka Gość (S-1-5-21-1217994351-2649248774-3443571113-501 - Limited - Disabled) ==================== Faulty Device Manager Devices ============= Name: Description: Class Guid: Manufacturer: Service: Problem: : The drivers for this device are not installed. (Code 28) Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard. ==================== Event log errors: ========================= Application errors: ================== System errors: ============= Error: (10/27/2014 07:30:20 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Nie można uruchomić usługi Usługa udostępniania w sieci programu Windows Media Player z powodu następującego błędu: %%1053 Error: (10/27/2014 07:30:20 PM) (Source: Service Control Manager) (EventID: 7009) (User: ) Description: Upłynął limit czasu (30000 ms) podczas oczekiwania na połączenie się z usługą Usługa udostępniania w sieci programu Windows Media Player. Error: (10/27/2014 07:29:32 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Nie można uruchomić usługi Intel(R) Rapid Storage Technology z powodu następującego błędu: %%1053 Error: (10/27/2014 07:29:32 PM) (Source: Service Control Manager) (EventID: 7009) (User: ) Description: Upłynął limit czasu (30000 ms) podczas oczekiwania na połączenie się z usługą Intel(R) Rapid Storage Technology. Error: (10/27/2014 07:24:32 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Nie można uruchomić usługi GREGService z powodu następującego błędu: %%1053 Error: (10/27/2014 07:24:32 PM) (Source: Service Control Manager) (EventID: 7009) (User: ) Description: Upłynął limit czasu (30000 ms) podczas oczekiwania na połączenie się z usługą GREGService. Error: (10/27/2014 07:22:44 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Nie można uruchomić usługi Klient DNS z powodu następującego błędu: %%1053 Error: (10/27/2014 07:22:44 PM) (Source: Service Control Manager) (EventID: 7009) (User: ) Description: Upłynął limit czasu (30000 ms) podczas oczekiwania na połączenie się z usługą Klient DNS. Error: (10/27/2014 06:56:07 PM) (Source: EventLog) (EventID: 6008) (User: ) Description: Poprzednie zamknięcie systemu przy 18:49:14 na ‎2014-‎10-‎27 było nieoczekiwane. Error: (10/27/2014 04:07:51 PM) (Source: Service Control Manager) (EventID: 7022) (User: ) Description: Usługa Windows Update zawiesiła się podczas uruchamiania. Microsoft Office Sessions: ========================= CodeIntegrity Errors: =================================== Date: 2014-09-11 20:12:15.194 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files\eMachines\eMachines Power Management\SysHook.dll because the set of per-page image hashes could not be found on the system. Date: 2014-09-11 20:12:14.886 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files\eMachines\eMachines Power Management\SysHook.dll because the set of per-page image hashes could not be found on the system. Date: 2014-09-11 20:11:01.151 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files\eMachines\eMachines Power Management\SysHook.dll because the set of per-page image hashes could not be found on the system. Date: 2014-09-11 20:11:00.907 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files\eMachines\eMachines Power Management\SysHook.dll because the set of per-page image hashes could not be found on the system. Date: 2014-09-11 20:08:24.339 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files\eMachines\eMachines Power Management\SysHook.dll because the set of per-page image hashes could not be found on the system. Date: 2014-09-11 20:08:24.020 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files\eMachines\eMachines Power Management\SysHook.dll because the set of per-page image hashes could not be found on the system. Date: 2014-09-08 11:26:37.293 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files\eMachines\eMachines Power Management\SysHook.dll because the set of per-page image hashes could not be found on the system. Date: 2014-09-08 11:26:37.043 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files\eMachines\eMachines Power Management\SysHook.dll because the set of per-page image hashes could not be found on the system. ==================== Memory info =========================== Processor: Pentium(R) Dual-Core CPU T4500 @ 2.30GHz Percentage of memory in use: 58% Total physical RAM: 1976.93 MB Available physical RAM: 821.39 MB Total Pagefile: 3953.86 MB Available Pagefile: 2779.07 MB Total Virtual: 8192 MB Available Virtual: 8191.84 MB ==================== Drives ================================ Drive c: (eMachines) (Fixed) (Total:219.79 GB) (Free:172.13 GB) NTFS Drive e: () (Removable) (Total:7.48 GB) (Free:6.7 GB) FAT32 ==================== MBR & Partition Table ================== ======================================================== Disk: 0 (MBR Code: Windows 7 or 8) (Size: 232.9 GB) (Disk ID: 53EAA36D) Partition 1: (Not Active) - (Size=13 GB) - (Type=27) Partition 2: (Active) - (Size=100 MB) - (Type=07 NTFS) Partition 3: (Not Active) - (Size=219.8 GB) - (Type=07 NTFS) ======================================================== Disk: 1 (Size: 7.5 GB) (Disk ID: C3072E18) Partition 1: (Active) - (Size=7.5 GB) - (Type=0C) ==================== End Of Log ============================