Additional scan result of Farbar Recovery Scan Tool (x86) Version: 26-10-2014 Ran by user at 2014-10-27 21:32:55 Running from C:\Users\user\Desktop\naprawa\New folder Boot Mode: Normal ========================================================== ==================== Security Center ======================== (If an entry is included in the fixlist, it will be removed.) AV: Microsoft Security Essentials (Enabled - Up to date) {4F35CFC4-45A3-FC37-EF17-759A02E39AB1} AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B} AS: Microsoft Security Essentials (Enabled - Up to date) {F4542E20-6399-F3B9-D5A7-4EE87964D00C} AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736} ==================== Installed Programs ====================== (Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.) µTorrent (HKCU\...\uTorrent) (Version: 3.4.2.34537 - BitTorrent Inc.) Adobe AIR (HKLM\...\Adobe AIR) (Version: 14.0.0.110 - Adobe Systems Incorporated) Adobe Flash Player 15 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 15.0.0.189 - Adobe Systems Incorporated) Adobe Flash Player 15 Plugin (HKLM\...\Adobe Flash Player Plugin) (Version: 15.0.0.152 - Adobe Systems Incorporated) Adobe Photoshop CS6 (HKLM\...\{74EB3499-8B95-4B5C-96EB-7B342F3FD0C6}) (Version: 13.0 - Adobe Systems Incorporated) Adobe Reader XI (11.0.08) (HKLM\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.08 - Adobe Systems Incorporated) Adobe Shockwave Player 12.1 (HKLM\...\Adobe Shockwave Player) (Version: 12.1.3.153 - Adobe Systems, Inc.) Adobe Update Management Tool (HKLM\...\{534A7A1A-7102-4AF6-23EA-7CD279C7B625}_is1) (Version: 7.1 - PainteR) Apple Application Support (HKLM\...\{46F044A5-CE8B-4196-984E-5BD6525E361D}) (Version: 2.3.6 - Apple Inc.) Apple Software Update (HKLM\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.) avast! Free Antivirus (HKLM\...\Avast) (Version: 9.0.2021 - AVAST Software) DAEMON Tools Lite (HKLM\...\DAEMON Tools Lite) (Version: 4.49.1.0356 - Disc Soft Ltd) Google Chrome (HKLM\...\Google Chrome) (Version: 37.0.2062.120 - Google Inc.) Google Update Helper (Version: 1.3.24.15 - Google Inc.) Hidden Intel(R) Rapid Storage Technology (HKLM\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 10.5.0.1029 - Intel Corporation) Java 7 Update 71 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F03217071FF}) (Version: 7.0.710 - Oracle) Java Auto Updater (Version: 2.1.71.14 - Oracle, Inc.) Hidden Lord of the Rings - War in the North (HKLM\...\Lord of the Rings - War in the North_is1) (Version: - ) Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation) Microsoft Office 2007 Service Pack 3 (SP3) (HKLM\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft) Microsoft Office Enterprise 2007 (HKLM\...\ENTERPRISE) (Version: 12.0.6612.1000 - Microsoft Corporation) Microsoft Office File Validation Add-In (HKLM\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation) Microsoft Security Essentials (HKLM\...\Microsoft Security Client) (Version: 4.6.305.0 - Microsoft Corporation) Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Mozilla Firefox 33.0 (x86 en-GB) (HKLM\...\Mozilla Firefox 33.0 (x86 en-GB)) (Version: 33.0 - Mozilla) Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 31.0 - Mozilla) PDF Settings CS6 (Version: 11.0 - Adobe Systems Incorporated) Hidden QuickTime 7 (HKLM\...\{111EE7DF-FC45-40C7-98A7-753AC46B12FB}) (Version: 7.75.80.95 - Apple Inc.) Skype™ 6.18 (HKLM\...\{1845470B-EB14-4ABC-835B-E36C693DC07D}) (Version: 6.18.106 - Skype Technologies S.A.) swMSM (Version: 12.0.0.1 - Adobe Systems, Inc) Hidden THE SETTLERS - Rise of an Empire (HKLM\...\{D3F80A98-05AB-4D8C-9272-766CCFA6A48D}) (Version: 1.00.0000 - Ubisoft) The Settlers 7 - Paths to a Kingdom (HKLM\...\{63860309-DA8A-4BAE-9EAE-CE1D6D79340C}) (Version: 1.12.1396 - Ubisoft) Ubisoft Game Launcher (HKLM\...\{888F1505-C2B3-4FDE-835D-36353EBD4754}) (Version: 1.0.0.0 - UBISOFT) Update for 2007 Microsoft Office System (KB967642) (HKLM\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft) VLC media player (HKLM\...\VLC media player) (Version: 2.1.5 - VideoLAN) WinRAR 5.10 (32-bit) (HKLM\...\WinRAR archiver) (Version: 5.10.0 - win.rar GmbH) ==================== Custom CLSID (selected items): ========================== (If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.) CustomCLSID: HKU\S-1-5-21-2961027171-815109021-3660169518-1000_Classes\CLSID\{1c492e6a-2803-5ed7-83e1-1b1d4d41eb39}\InprocServer32 -> C:\Program Files\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll (Ubisoft) ==================== Restore Points ========================= ==================== Hosts content: ========================== (If needed Hosts: directive could be included in the fixlist to reset Hosts.) 2009-07-14 02:04 - 2014-08-25 19:28 - 00001030 ____A C:\Windows\system32\Drivers\etc\hosts 127.0.0.1 na1r.services.adobe.com 127.0.0.1 hlrcv.stage.adobe.com 127.0.0.1 lmlicenses.wip4.adobe.com 127.0.0.1 lm.licenses.adobe.com 127.0.0.1 activate.adobe.com 127.0.0.1 practivate.adobe.com ==================== Scheduled Tasks (whitelisted) ============= (If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.) Task: {36F6D7B9-325B-4441-BDBF-5DD5114C06A0} - System32\Tasks\AdobeAAMUpdater-1.0-user-PC-user => C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2013-03-21] (Adobe Systems Incorporated) Task: {A17241F1-22B2-437D-9FB8-F1C1A6111F1F} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2014-08-12] (Google Inc.) Task: {BDB4580B-B691-4778-B961-E2E453DC9A47} - System32\Tasks\Apple\AppleSoftwareUpdate => c:\Program Files\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.) Task: {DC7EF4EC-9882-436C-98F5-735367B67160} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2014-10-26] (Adobe Systems Incorporated) Task: {DF02B1D4-9ADA-4D4B-B632-366D15F7F829} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2014-09-20] (AVAST Software) Task: {FAAC5781-A00D-42A9-A143-15EFF7A6A0F4} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2014-08-12] (Google Inc.) (If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.) Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe ==================== Loaded Modules (whitelisted) ============= 2014-09-20 10:39 - 2014-09-20 10:39 - 00301152 _____ () C:\Program Files\AVAST Software\Avast\aswProperty.dll 2014-10-27 13:28 - 2014-10-27 13:28 - 02898432 _____ () C:\Program Files\AVAST Software\Avast\defs\14102700\algo.dll 2014-10-27 21:14 - 2014-10-27 21:14 - 02898432 _____ () C:\Program Files\AVAST Software\Avast\defs\14102702\algo.dll 2014-09-20 10:40 - 2014-09-20 10:40 - 19329904 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll 2014-10-15 00:58 - 2014-10-15 00:58 - 03649648 _____ () C:\Program Files\Mozilla Firefox\mozjs.dll ==================== Alternate Data Streams (whitelisted) ========= (If an entry is included in the fixlist, only the Alternate Data Streams will be removed.) ==================== Safe Mode (whitelisted) =================== (If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.) ==================== EXE Association (whitelisted) ============= (If an entry is included in the fixlist, the default will be restored. None default entries will be removed.) ==================== MSCONFIG/TASK MANAGER disabled items ========= (Currently there is no automatic fix for this section.) ========================= Accounts: ========================== Administrator (S-1-5-21-2961027171-815109021-3660169518-500 - Administrator - Disabled) Guest (S-1-5-21-2961027171-815109021-3660169518-501 - Limited - Disabled) user (S-1-5-21-2961027171-815109021-3660169518-1000 - Administrator - Enabled) => C:\Users\user ==================== Faulty Device Manager Devices ============= ==================== Event log errors: ========================= Application errors: ================== Error: (10/26/2014 00:57:49 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Faulting application name: plugin-container.exe, version: 33.0.0.5397, time stamp: 0x543924b1 Faulting module name: mozalloc.dll, version: 33.0.0.5397, time stamp: 0x5438ffbb Exception code: 0x80000003 Fault offset: 0x00001425 Faulting process id: 0x8dc Faulting application start time: 0xplugin-container.exe0 Faulting application path: plugin-container.exe1 Faulting module path: plugin-container.exe2 Report Id: plugin-container.exe3 Error: (09/30/2014 01:38:42 PM) (Source: Application Hang) (EventID: 1002) (User: ) Description: The program chrome.exe version 37.0.2062.120 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel. Process ID: 1574 Start Time: 01cfdcb3b62154f0 Termination Time: 7 Application Path: C:\Program Files\Google\Chrome\Application\chrome.exe Report Id: 14ea3848-48a7-11e4-a56d-a4badbcb5eb3 Error: (09/20/2014 10:46:04 AM) (Source: Application Error) (EventID: 1000) (User: ) Description: Faulting application name: plugin-container.exe, version: 32.0.2.5373, time stamp: 0x541a8277 Faulting module name: mozalloc.dll, version: 32.0.2.5373, time stamp: 0x541a4d44 Exception code: 0x80000003 Fault offset: 0x0000141b Faulting process id: 0x2b8 Faulting application start time: 0xplugin-container.exe0 Faulting application path: plugin-container.exe1 Faulting module path: plugin-container.exe2 Report Id: plugin-container.exe3 Error: (09/16/2014 01:53:49 AM) (Source: Application Error) (EventID: 1000) (User: ) Description: Faulting application name: plugin-container.exe, version: 32.0.1.5367, time stamp: 0x541259dd Faulting module name: mozalloc.dll, version: 32.0.1.5367, time stamp: 0x541225d2 Exception code: 0x80000003 Fault offset: 0x0000141b Faulting process id: 0x420 Faulting application start time: 0xplugin-container.exe0 Faulting application path: plugin-container.exe1 Faulting module path: plugin-container.exe2 Report Id: plugin-container.exe3 Error: (08/28/2014 03:47:54 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Faulting application name: FlashPlayerPlugin_14_0_0_179.exe, version: 14.0.0.179, time stamp: 0x53dc28d1 Faulting module name: FlashPlayerPlugin_14_0_0_179.exe, version: 14.0.0.179, time stamp: 0x53dc28d1 Exception code: 0x40000015 Fault offset: 0x00017710 Faulting process id: 0x16b4 Faulting application start time: 0xFlashPlayerPlugin_14_0_0_179.exe0 Faulting application path: FlashPlayerPlugin_14_0_0_179.exe1 Faulting module path: FlashPlayerPlugin_14_0_0_179.exe2 Report Id: FlashPlayerPlugin_14_0_0_179.exe3 Error: (08/24/2014 04:15:01 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Faulting application name: plugin-container.exe, version: 31.0.0.5310, time stamp: 0x53c75e91 Faulting module name: mozalloc.dll, version: 31.0.0.5310, time stamp: 0x53c72e91 Exception code: 0x80000003 Fault offset: 0x0000141b Faulting process id: 0x9d4 Faulting application start time: 0xplugin-container.exe0 Faulting application path: plugin-container.exe1 Faulting module path: plugin-container.exe2 Report Id: plugin-container.exe3 Error: (08/21/2014 07:04:57 AM) (Source: ESENT) (EventID: 215) (User: ) Description: WinMail (2324) WindowsMail0: The backup has been stopped because it was halted by the client or the connection with the client failed. Error: (08/12/2014 02:17:24 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 4101) (User: ) Description: Failed auto update retrieval of third-party root certificate from: with error: 12029 (0x2efd). Error: (08/12/2014 00:52:07 PM) (Source: SideBySide) (EventID: 33) (User: ) Description: Activation context generation failed for "Microsoft.VC80.ATL,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"1". Dependent Assembly Microsoft.VC80.ATL,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0" could not be found. Please use sxstrace.exe for detailed diagnosis. System errors: ============= Error: (10/27/2014 09:13:20 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: The atksgt service failed to start due to the following error: %%1275 Error: (10/27/2014 09:13:20 PM) (Source: Application Popup) (EventID: 875) (User: ) Description: Driver atksgt.sys has been blocked from loading. Error: (10/27/2014 03:33:52 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: The atksgt service failed to start due to the following error: %%1275 Error: (10/27/2014 03:33:52 PM) (Source: Application Popup) (EventID: 875) (User: ) Description: Driver atksgt.sys has been blocked from loading. Error: (10/27/2014 03:02:03 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: The atksgt service failed to start due to the following error: %%1275 Error: (10/27/2014 03:02:03 PM) (Source: Application Popup) (EventID: 875) (User: ) Description: Driver atksgt.sys has been blocked from loading. Error: (10/27/2014 01:27:04 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: The atksgt service failed to start due to the following error: %%1275 Error: (10/27/2014 01:27:04 PM) (Source: Application Popup) (EventID: 875) (User: ) Description: Driver atksgt.sys has been blocked from loading. Error: (10/27/2014 09:10:11 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY) Description: Installation Failure: Windows failed to install the following update with error 0x80070308: Update for Windows 7 (KB2923545). Error: (10/27/2014 09:10:06 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY) Description: Installation Failure: Windows failed to install the following update with error 0x80070308: Security Update for Windows 7 (KB2984976). Microsoft Office Sessions: ========================= ==================== Memory info =========================== Processor: Pentium(R) Dual-Core CPU T4500 @ 2.30GHz Percentage of memory in use: 31% Total physical RAM: 3544.36 MB Available physical RAM: 2412.23 MB Total Pagefile: 7087.02 MB Available Pagefile: 5868.27 MB Total Virtual: 2047.88 MB Available Virtual: 1899.34 MB ==================== Drives ================================ Drive c: () (Fixed) (Total:297.99 GB) (Free:237.64 GB) NTFS Drive d: (LOTR_WITN) (CDROM) (Total:4.04 GB) (Free:0 GB) CDFS Drive f: (TS7PKDGE) (CDROM) (Total:6.36 GB) (Free:0 GB) CDFS Drive g: (Photoshop CS6) (CDROM) (Total:1.91 GB) (Free:0 GB) CDFS ==================== MBR & Partition Table ================== ======================================================== Disk: 0 (MBR Code: Windows 7 or 8) (Size: 298.1 GB) (Disk ID: 523D3EBD) Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS) Partition 2: (Not Active) - (Size=298 GB) - (Type=07 NTFS) ==================== End Of Log ============================