Additional scan result of Farbar Recovery Scan Tool (x86) Version: 30-10-2014 Ran by Jurek at 2014-10-30 16:40:31 Running from C:\Users\Jurek\Desktop Boot Mode: Normal ========================================================== ==================== Security Center ======================== (If an entry is included in the fixlist, it will be removed.) AV: Microsoft Security Essentials (Enabled - Up to date) {641105E6-77ED-3F35-A304-765193BCB75F} AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: Microsoft Security Essentials (Enabled - Up to date) {DF70E402-51D7-30BB-99B4-4D23E83BFDE2} ==================== Installed Programs ====================== (Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.) Adobe Flash Player 15 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 15.0.0.167 - Adobe Systems Incorporated) Adobe Reader X (10.1.0) (HKLM\...\{AC76BA86-7AD7-1033-7B44-AA1000000001}) (Version: 10.1.0 - Adobe Systems Incorporated) Aktualizacja produktu Microsoft Office Excel 2007 Help (KB963678) (HKLM\...\{90120000-0016-0415-0000-0000000FF1CE}_ENTERPRISE_{04E205D6-88B1-4652-B162-42DF2C3B1228}) (Version: - Microsoft) Aktualizacja produktu Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM\...\{90120000-0018-0415-0000-0000000FF1CE}_ENTERPRISE_{442ECBCF-94A7-48CC-8CD9-D31FFFD5FA86}) (Version: - Microsoft) Aktualizacja produktu Microsoft Office Word 2007 Help (KB963665) (HKLM\...\{90120000-001B-0415-0000-0000000FF1CE}_ENTERPRISE_{128A36ED-21BE-4547-9FFE-5B85AEC735DD}) (Version: - Microsoft) ALLPlayer V4.X (HKLM\...\ALLPlayer_is1) (Version: - ALLPlayer Sp. z o.o.) Apple Mobile Device Support (HKLM\...\{D4DDFAA1-EC37-4529-AD5B-A433ADE68662}) (Version: 6.0.0.59 - Apple Inc.) Apple Software Update (HKLM\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.) ArcaVir Prerequistes (Version: 11.12.3201 - ArcaBit Sp. z o.o.) Hidden Archiwizator WinRAR (HKLM\...\WinRAR archiver) (Version: - ) AVSDK5 (Version: 5.2.9 - Authentium, Inc) Hidden Camera Center (HKLM\...\{668ACF05-E455-4932-A2D2-5822A8206FEB}) (Version: 1.0.24 - Lenovo) CCleaner (HKLM\...\CCleaner) (Version: 3.19 - Piriform) CDBurnerXP (HKLM\...\{7E265513-8CDA-4631-B696-F40D983F3B07}_is1) (Version: 4.5.4.5143 - CDBurnerXP) Centrum obsługi urządzeń z systemem Windows Mobile (HKLM\...\{904CCF62-818D-4675-BC76-D37EB399F917}) (Version: 6.1.6965.0 - Microsoft Corporation) Citrix Online Launcher (HKLM\...\{3D5F07C3-1B93-47F8-9F8A-DE8E47BF1669}) (Version: 1.0.209 - Citrix) Common Desktop Agent (Version: 1.62.0 - OEM) Hidden Conexant HD Audio (HKLM\...\CNXT_AUDIO_HDA) (Version: 4.47.0.50 - Conexant) DirectXInstallService (Version: 9.0.2 - Roxio) Hidden Dropbox (HKCU\...\Dropbox) (Version: 2.6.24 - Dropbox, Inc.) Google Chrome (HKLM\...\Google Chrome) (Version: 38.0.2125.111 - Google Inc.) Google Toolbar for Internet Explorer (Version: 1.0.0 - Google Inc.) Hidden Google Update Helper (Version: 1.3.25.5 - Google Inc.) Hidden HDAUDIO Soft Data Fax Modem with SmartCP (HKLM\...\CNXT_MODEM_HDA_HSF) (Version: 7.73.00.50 - Conexant Systems) ImagXpress (Version: 7.0.74.0 - Nero AG) Hidden Integrated Camera (HKLM\...\{399C37FB-08AF-493B-BFED-20FBD85EDF7F}) (Version: 5.8.35003.0 - Sonix) Intel(R) Graphics Media Accelerator Driver (HKLM\...\HDMI) (Version: - Intel Corporation) Java 8 Update 25 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83218025F0}) (Version: 8.0.250 - Oracle Corporation) Lenovo System Interface Driver (HKLM\...\LENOVO.SMIIF) (Version: 1.01 - ) Lenovo_ATK_Package (HKLM\...\{055B9AD2-48E1-462E-9992-814123063C46}) (Version: 0.00.04.0 - Lenovo) LibreOffice 4.3.2.2 (HKLM\...\{9C13F99C-6E1A-4126-AE91-EAA2DADE08D6}) (Version: 4.3.2.2 - The Document Foundation) Malwarebytes Anti-Malware wersja 2.0.3.1025 (HKLM\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.3.1025 - Malwarebytes Corporation) Microsoft .NET Framework 1.1 (HKLM\...\Microsoft .NET Framework 1.1 (1033)) (Version: - ) Microsoft .NET Framework 1.1 Security Update (KB2698023) (HKLM\...\M2698023) (Version: - ) Microsoft .NET Framework 1.1 Security Update (KB2833941) (HKLM\...\M2833941) (Version: - ) Microsoft .NET Framework 1.1 Security Update (KB979906) (HKLM\...\M979906) (Version: - ) Microsoft .NET Framework 3.5 SP1 (HKLM\...\Microsoft .NET Framework 3.5 SP1) (Version: - Microsoft Corporation) Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation) Microsoft .NET Framework 4.5.1 (Polski) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1045) (Version: 4.5.50938 - Microsoft Corporation) Microsoft Access 2002 Runtime (HKLM\...\{901C0409-6000-11D3-8CFE-0050048383C9}) (Version: 10.0.6626.0 - Microsoft Corporation) Microsoft Office 2007 Service Pack 3 (SP3) (HKLM\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft) Microsoft Office Enterprise 2007 (HKLM\...\ENTERPRISE) (Version: 12.0.6612.1000 - Microsoft Corporation) Microsoft Office File Validation Add-In (HKLM\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation) Microsoft Office PowerPoint Viewer 2007 (Polish) (HKLM\...\{95120000-00AF-0415-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation) Microsoft Office Suite Activation Assistant (HKLM\...\{E50AE784-FABE-46DA-A1F8-7B6B56DCB22E}) (Version: 2.9 - Microsoft Corporation) Microsoft Security Essentials (HKLM\...\Microsoft Security Client) (Version: 4.3.215.0 - Microsoft Corporation) Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation) Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation) Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 (HKLM\...\{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (HKLM\...\{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}) (Version: 9.0.30729.5570 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Mobile Broadband Connect (HKLM\...\{2FAAD1C5-2D9D-4EDB-BCD1-FF6573986439}) (Version: 3.1.3050 - Lenovo) Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 31.2.0 - Mozilla) Mozilla Thunderbird 31.2.0 (x86 pl) (HKLM\...\Mozilla Thunderbird 31.2.0 (x86 pl)) (Version: 31.2.0 - Mozilla) MSVC80_x86_v2 (Version: 1.0.3.0 - Nokia) Hidden MSVC90_x86 (Version: 1.0.1.2 - Nokia) Hidden MSXML 4.0 SP2 (KB954430) (HKLM\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation) MSXML 4.0 SP2 (KB973688) (HKLM\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation) Nokia Connectivity Cable Driver (HKLM\...\{2D99A593-C841-43A7-B7C9-D6F3AE70B756}) (Version: 7.1.45.0 - Nokia) Nokia Ovi Suite (HKLM\...\Nokia Ovi Suite) (Version: 3.1.1.80 - Nokia) Nokia Ovi Suite (Version: 3.1.1.80 - Nokia) Hidden Nokia Ovi Suite Software Updater (HKLM\...\{A8F7FCEF-3CA6-4CE9-8FEA-8BB18F8686F0}) (Version: 02.07.004.45780 - Nokia Corporation) Nokia PC Internet Access (HKLM\...\Nokia PC Internet Access) (Version: 2.0.1.3 - Nokia) Nokia PC Internet Access (Version: 2.0.1.3 - Nokia) Hidden Nokia PC Suite (HKLM\...\Nokia PC Suite) (Version: 7.1.62.1 - Nokia) Nokia PC Suite (Version: 7.1.62.1 - Nokia) Hidden Obsługa programów Apple (HKLM\...\{63EC2120-1742-4625-AA47-C6A8AEC9C64C}) (Version: 2.2.2 - Apple Inc.) Oprogramowanie Intel(R) PROSet/Wireless WiFi (HKLM\...\{852AFD2D-07CC-46FD-A159-671102782771}) (Version: 12.00.1000 - Intel(R) Corporation) Ovi Desktop Sync Engine (Version: 1.5.266.0 - Nokia) Hidden OviMPlatform (Version: 2.7.72.0 - Nokia) Hidden Pakiet językowy programu Microsoft .NET Framework 3.5 z dodatkiem SP1 — PLK (HKLM\...\Microsoft .NET Framework 3.5 Language Pack SP1 - plk) (Version: - Microsoft Corporation) Pakiet sterowników systemu Windows - Nokia Modem (02/25/2011 4.7) (HKLM\...\E0AC723A3DE3A04256288CADBBB011B112AED454) (Version: 02/25/2011 4.7 - Nokia) Pakiet sterowników systemu Windows - Nokia Modem (02/25/2011 7.01.0.9) (HKLM\...\72A50F48CC5601190B9C4E74D81161693133E7F7) (Version: 02/25/2011 7.01.0.9 - Nokia) Pakiet zgodności dla systemu Office 2007 (HKLM\...\{90120000-0020-0415-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation) Product Recovery Disc Burning Utility (HKLM\...\{FA62B4C2-6CFD-462F-9B59-68A730001AB3}) (Version: 1.0.0019.00 - Lenovo Group Limited) Przegląd podręcznika użytkownika (HKLM\...\View User Guide) (Version: 3.60.02.0 - ) RealNetworks - Microsoft Visual C++ 2008 Runtime (Version: 9.0 - RealNetworks, Inc) Hidden RealPlayer (HKLM\...\RealPlayer 12.0) (Version: - RealNetworks) RealUpgrade 1.1 (Version: 1.1.0 - RealNetworks, Inc.) Hidden Registry patch for Windows Vista USB S3 PM Enablement (HKLM\...\USBPMon) (Version: 1.00 - ) Registry patch of Changing Timing of IDLE IRP by Finger Print Driver for Windows Vista (HKLM\...\FPIRPOn) (Version: 1.01 - ) Registry Patch of Enabling Device Initiated Power Management(DIPM) on SATA for Windows Vista (HKLM\...\Dipmon) (Version: 1.01 - ) Registry patch to improve USB device detection on resume from sleep for Windows Vista (HKLM\...\{4AB5764A-3894-49A2-BAA8-C4665F74CD4C}) (Version: 1.01.0000 - Lenovo Group Limited) Rescue and Recovery (HKLM\...\{7E4C16B8-8F76-4940-8505-98E93C00BF19}) (Version: 4.21.0014.00 - Lenovo Group Limited) RICOH R5C83x/84x Flash Media Controller Driver Ver.3.55.01 (HKLM\...\{59F6A514-9813-47A3-948C-8A155460CC2A}) (Version: 3.55.01 - ) Roxio Creator Small Business Edition (HKLM\...\{537BF16E-7412-448C-95D8-846E85A1D817}) (Version: 10.1 - Roxio) Samsung C460 Series (HKLM\...\Samsung C460 Series) (Version: 1.02 (2013-07-11) - Samsung Electronics Co., Ltd.) Samsung Easy Document Creator (HKLM\...\Samsung Easy Document Creator) (Version: 1.05.61 (2013-04-10) - Samsung Electronics Co., Ltd.) Samsung Easy Printer Manager (HKLM\...\Samsung Easy Printer Manager) (Version: 1.03.23.00(2013-05-03) - Samsung Electronics Co., Ltd.) Samsung Easy Wireless Setup (HKLM\...\Easy Wireless Setup) (Version: 3.60.25 - Samsung Electronics Co., Ltd.) Samsung Network PC Fax (HKLM\...\Samsung Network PC Fax) (Version: 1.09.14 (2013-02-05) - Samsung Electronics Co., Ltd.) Samsung Printer Live Update (HKLM\...\Samsung Printer Live Update) (Version: 1.01.00:04(2013-04-22) - Samsung Electronics Co., Ltd.) Samsung Scan Process Machine (Version: 1.00.56.01 - Samsung Electronics Co., Ltd.) Hidden Skype™ 5.10 (HKLM\...\{EE7257A2-39A2-4D2F-9DAC-F9F25B8AE1D8}) (Version: 5.10.116 - Skype Technologies S.A.) SNS Upload for Easy Document Creator (HKLM\...\{B6B5F07C-88D5-49D3-A1A7-A6D4BC37DCCC}) (Version: 1.0.0 - Samsung Electronics Co.,Ltd) Sonic CinePlayer Decoder Pack (Version: 4.3.0 - Sonic Solutions) Hidden Sonic Icons for Lenovo (HKLM\...\{B334D9AE-1393-423E-97C0-3BDC3360E692}) (Version: 2.0.0 - Lenovo) SonicStage 3.0 (HKLM\...\{A0EB195B-5876-48E6-879D-33D4B2102610}) (Version: 3.0 - Sony Corporation) Sp5 (Version: 5.1.4324.0 - Microsoft) Hidden Sp5Intl (Version: 5.1.4324.0 - Microsoft) Hidden Sp5TTInt (Version: 5.1.4324.0 - Microsoft) Hidden SpCommon (Version: 5.1.4324.0 - Microsoft) Hidden SpPhones (Version: 6.0.3122.0 - Microsoft) Hidden ThinkPad Bluetooth with Enhanced Data Rate Software 6.1.0.4500 (HKLM\...\{03D1988F-469F-4843-8E6E-E5FE9D17889D}) (Version: 6.1.0.4500 - Lenovo) ThinkPad Mobility Center Customization (HKLM\...\{90FABD40-E741-446F-839D-CEAE905D63BE}) (Version: 1.50.0000 - Lenovo) ThinkPad Power Management Driver for SL Series (HKLM\...\Power Management Driver) (Version: 1.44 - ) ThinkPad Power Manager (HKLM\...\{DAC01CEE-5BAE-42D5-81FC-B687E84E8405}) (Version: 2.33 - ) ThinkPad UltraNav Driver (HKLM\...\SynTPDeinstKey) (Version: 15.0.18.0 - ) ThinkPad UltraNav Utility (HKLM\...\{17CBC505-D1AE-459D-B445-3D2000A85842}) (Version: 2.04 - ) ThinkVantage Access Connections (HKLM\...\{4BD295B9-0190-4C54-B08E-33A6ECA922DF}) (Version: 5.01 - Lenovo) ThinkVantage Active Protection System (HKLM\...\{46A84694-59EC-48F0-964C-7E76E9F8A2ED}) (Version: 1.61 - Lenovo) ThinkVantage Fingerprint Software 5.8 (HKLM\...\{9F98C9F8-9B49-411C-AFB9-AF633249FA7C}) (Version: 5.8.2.4462 - UPEK Inc.) ThinkVantage Technologies Welcome Message (Version: 2.00 - ) Hidden TypingMaster Pro (HKLM\...\{98B6FB8A-8638-4037-AD44-CF7D0EEAB875}_is1) (Version: 7.00 - TypingMaster Inc) Update for 2007 Microsoft Office System (KB967642) (HKLM\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft) Wallpapers (Version: - ) Hidden Winamp (HKLM\...\Winamp) (Version: 5.63 - Nullsoft, Inc) WinAVI Video Converter (HKLM\...\WinAVI Video Converter 10.0_is1) (Version: - ZJ Computing,Inc.) Windows Driver Package - Lenovo 1.44 (05/14/2008 1.44) (HKLM\...\414DA9DB2E84AAFAD2D2715FD9BABFAB2D209FFD) (Version: 05/14/2008 1.44 - Lenovo) ==================== Custom CLSID (selected items): ========================== (If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.) CustomCLSID: HKU\S-1-5-21-1326293613-815195847-3214297108-1003_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Jurek\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-1326293613-815195847-3214297108-1003_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Jurek\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-1326293613-815195847-3214297108-1003_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Jurek\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-1326293613-815195847-3214297108-1003_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Jurek\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll (Dropbox, Inc.) ==================== Restore Points ========================= 29-10-2014 17:35:27 Removed Access Help 29-10-2014 17:37:08 Removed Java(TM) 6 Update 7 29-10-2014 19:00:35 Removed Help Center 29-10-2014 19:01:28 Removed Lenovo Care 29-10-2014 19:02:03 Removed Lenovo Care Supplement 29-10-2014 19:02:43 Removed Message Center 29-10-2014 19:03:46 Removed Java(TM) 6 Update 31 29-10-2014 19:06:32 Configured PartitionMagic 29-10-2014 19:08:04 Removed EasyEject Utility 29-10-2014 19:18:56 Usunięto: PC Connectivity Solution 29-10-2014 19:38:45 Removed ThinkVantage Access Connections. 29-10-2014 19:39:50 Windows Update 29-10-2014 19:41:02 Windows Update 29-10-2014 19:53:23 Windows Update 29-10-2014 20:01:33 Windows Update 29-10-2014 20:40:43 Removed ThinkVantage System Update. 29-10-2014 20:42:07 Usunięto: ThinkVantage Status Gadget 29-10-2014 20:50:59 Windows Update 29-10-2014 21:29:16 Windows Update 29-10-2014 22:54:09 Windows Update 29-10-2014 23:01:08 Usunięto: OpenOffice.org 3.1 30-10-2014 15:31:48 Windows Update ==================== Hosts content: ========================== (If needed Hosts: directive could be included in the fixlist to reset Hosts.) 2006-11-02 11:23 - 2006-09-18 22:41 - 00000761 ____N C:\Windows\system32\Drivers\etc\hosts 127.0.0.1 localhost ::1 localhost ==================== Scheduled Tasks (whitelisted) ============= (If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.) Task: {10CE525B-2094-4D3D-B6CB-C1ADB6F06E84} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2014-09-24] (Adobe Systems Incorporated) Task: {155723BA-60E2-4354-93AF-84EAC8D3C2D8} - System32\Tasks\Microsoft\Windows\Wireless\GatherWirelessInfo => C:\Windows\system32\gatherWirelessInfo.vbs [2008-01-21] () Task: {22E1772E-7DFE-4C5F-841F-1C93FD5D82A4} - System32\Tasks\Microsoft\Windows\NetworkAccessProtection\NAPStatus UI Task: {2936DC4D-4C1C-4442-B561-8A2363457A53} - System32\Tasks\RealUpgradeScheduledTaskS-1-5-21-1326293613-815195847-3214297108-1003 => C:\Program Files\Real\RealUpgrade\RealUpgrade.exe [2011-03-29] (RealNetworks, Inc.) Task: {2DE18FE4-6467-484F-8431-206702EC5546} - System32\Tasks\Microsoft\Windows\RAC\RACAgent => C:\Windows\system32\RacAgent.exe [2008-01-21] (Microsoft Corporation) Task: {2E5B7D97-F14C-4CFF-864E-620AABA892D1} - System32\Tasks\Microsoft\Windows\Shell\CrawlStartPages Task: {3657F346-C05A-4948-A21D-163F2C89AEC9} - System32\Tasks\DriverDoc_UPDATES => C:\Program Files\DriverDoc\Solvusoftdd.exe Task: {4D72741E-769C-45DB-8604-CB8EBDADAA29} - System32\Tasks\Microsoft\Windows\MobilePC\TMM Task: {6FFC03AB-94D5-4B3C-A35C-EC50CBDEDE11} - System32\Tasks\{D10918E9-E2B4-49D4-B417-3C63658906ED} => C:\Program Files\Skype\Phone\Skype.exe [2012-07-13] (Skype Technologies S.A.) Task: {7CC8D0BD-1385-4AEC-9426-2CB42152D0FC} - System32\Tasks\PMTask => C:\Program Files\ThinkPad\Utilities\PWMIDTSV.EXE [2008-07-28] (Lenovo Group Limited) Task: {8B564BB2-4313-452E-AA08-1FAED19592F0} - System32\Tasks\Sprawdź aktualizacje paska narzędzi Windows Live Toolbar => C:\Program Files\Windows Live Toolbar\MSNTBUP.EXE Task: {95383781-7513-41DB-B985-6E991DC27B8F} - System32\Tasks\ParetoLogic Update Version2 => C:\Program Files\Common Files\ParetoLogic\UUS2\Pareto_Update.exe Task: {97711791-8AB3-478A-8139-85E54CCD4A15} - System32\Tasks\Microsoft\Windows\Tcpip\WSHReset => C:\Windows\system32\netsh.exe [2006-11-02] (Microsoft Corporation) Task: {B52F4B11-00AF-4ADB-9992-0DCA5E049FF0} - System32\Tasks\DriverDocRunAtStartup => C:\Program Files\DriverDoc\Solvusoftdd.exe Task: {B7EF0B8B-C549-478D-AEDF-08EDA7E16A6F} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2014-05-16] (Google Inc.) Task: {BC8B2BFD-B62F-46D8-9F63-6B8E93030D79} - System32\Tasks\AppleSoftwareUpdate => C:\Program Files\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.) Task: {D8454C1E-8FB7-4F72-A4A6-D7C22240239C} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2014-05-16] (Google Inc.) Task: {E5FC41AC-8F94-45AC-A1FF-D97891FC4B3D} - System32\Tasks\ParetoLogic Registration => Rundll32.exe "C:\Program Files\Common Files\ParetoLogic\UUS2\UUS.dll" RunUns Task: {EDC43DE8-A7BA-4F4A-8F79-33E5ED72F024} - System32\Tasks\RealUpgradeLogonTaskS-1-5-21-1326293613-815195847-3214297108-1003 => C:\Program Files\Real\RealUpgrade\RealUpgrade.exe [2011-03-29] (RealNetworks, Inc.) (If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.) Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe Task: C:\Windows\Tasks\DriverDoc_UPDATES.job => C:\Program Files\DriverDoc\Solvusoftdd.exe Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\ParetoLogic Registration.job => C:\Program Files\Common Files\ParetoLogic\UUS2\UUS.dll Task: C:\Windows\Tasks\ParetoLogic Update Version2.job => C:\Program Files\Common Files\ParetoLogic\UUS2\Pareto_Update.exe Task: C:\Windows\Tasks\Sprawdź aktualizacje paska narzędzi Windows Live Toolbar.job => C:\Program Files\Windows Live Toolbar\MSNTBUP.EXE ==================== Loaded Modules (whitelisted) ============= 2014-04-11 09:42 - 2013-05-06 07:04 - 00024064 ____N () C:\Windows\System32\sst9clm.dll 2014-04-11 09:42 - 2013-05-22 04:23 - 01021952 ____N () C:\Windows\system32\spool\DRIVERS\W32X86\3\sst9cdu.dll 2012-05-30 19:06 - 2012-05-30 19:06 - 00087912 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll 2012-05-30 19:06 - 2012-05-30 19:06 - 01242512 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll 2008-05-24 15:17 - 2008-05-24 15:17 - 00520192 ____N () C:\Program Files\Lenovo\Rescue and Recovery\rrpservice.exe 2008-05-24 15:03 - 2008-05-24 15:03 - 00139264 ____N () C:\Program Files\Lenovo\Rescue and Recovery\CDRecord.dll 2008-08-21 01:50 - 2008-07-28 18:33 - 00028672 ____N () C:\Program Files\ThinkPad\Utilities\US\PWMRT32V.DLL 2008-08-21 01:49 - 2007-03-09 15:16 - 00106496 ____R () C:\Program Files\Lenovo\ATK Hotkey\AGFNEX.dll 2008-03-17 09:25 - 2008-03-17 09:25 - 00126976 ____N () C:\Program Files\ThinkPad\Bluetooth Software\btkeyind.dll 2009-03-11 13:49 - 2006-09-14 00:20 - 00126464 _____ () C:\Program Files\WinRAR\rarext.dll 2008-07-17 15:37 - 2008-07-17 15:37 - 00139264 ____N () c:\Program Files\Common Files\Lenovo\CDRecord.dll 2010-09-03 13:52 - 2010-09-03 13:52 - 00606208 _____ () C:\Program Files\ScreenShooter\screenshooter.exe 2009-01-10 11:32 - 2009-01-10 11:32 - 00011362 _____ () C:\Program Files\ScreenShooter\mingwm10.dll 2009-06-22 19:42 - 2009-06-22 19:42 - 00043008 _____ () C:\Program Files\ScreenShooter\libgcc_s_dw2-1.dll 2010-09-03 13:50 - 2010-09-03 13:50 - 02537472 _____ () C:\Program Files\ScreenShooter\QtCore4.dll 2010-08-31 10:49 - 2010-08-31 10:49 - 09812992 _____ () C:\Program Files\ScreenShooter\QtGui4.dll 2010-08-31 10:15 - 2010-08-31 10:15 - 01140224 _____ () C:\Program Files\ScreenShooter\QtNetwork4.dll 2010-08-31 14:36 - 2010-08-31 14:36 - 00287232 _____ () C:\Program Files\ScreenShooter\imageformats\qjpeg4.dll 2008-08-21 01:50 - 2008-07-28 18:33 - 00058368 ____N () C:\Program Files\ThinkPad\Utilities\US\PWMROV.DLL ==================== Alternate Data Streams (whitelisted) ========= (If an entry is included in the fixlist, only the Alternate Data Streams will be removed.) AlternateDataStreams: C:\ProgramData\Temp:0B4227B4 AlternateDataStreams: C:\Users\Jurek\Documents\Masaru Emoto - Wieści z Wody (Polskie Napisy) (2).mp4:TOC.WMV ==================== Safe Mode (whitelisted) =================== (If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.) ==================== EXE Association (whitelisted) ============= (If an entry is included in the fixlist, the default will be restored. None default entries will be removed.) ==================== MSCONFIG/TASK MANAGER disabled items ========= (Currently there is no automatic fix for this section.) MSCONFIG\Services: ABConfSV => 2 MSCONFIG\Services: ABMainSV => 2 MSCONFIG\Services: AdobeARMservice => 2 MSCONFIG\Services: AdobeFlashPlayerUpdateSvc => 3 MSCONFIG\Services: Application Updater => 2 MSCONFIG\Services: ArcaRemoteService => 2 MSCONFIG\Services: ASLDRService => 2 MSCONFIG\Services: ATKGFNEXSrv => 2 MSCONFIG\Services: AVBackup => 2 MSCONFIG\Services: AVTasks2 => 2 MSCONFIG\Services: AVUpdate => 2 MSCONFIG\Services: gupdate1ca79d2271fd0d0 => 2 MSCONFIG\Services: gupdatem => 3 MSCONFIG\Services: IDriverT => 3 MSCONFIG\Services: IviRegMgr => 2 MSCONFIG\Services: LFKAS => 2 MSCONFIG\Services: Roxio UPnP Renderer 10 => 3 MSCONFIG\Services: Roxio Upnp Server 10 => 2 MSCONFIG\Services: RoxLiveShare10 => 2 MSCONFIG\Services: RoxMediaDB10 => 3 MSCONFIG\Services: RoxWatch10 => 2 MSCONFIG\Services: ServiceLayer => 3 MSCONFIG\Services: TVT Backup Protection Service => 2 MSCONFIG\Services: vseamps => 2 MSCONFIG\Services: vsedsps => 2 MSCONFIG\Services: vseqrts => 2 MSCONFIG\Services: vToolbarUpdater10.2.0 => 2 MSCONFIG\startupfolder: C:^Users^Jurek^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^OpenOffice.org 3.1.lnk => C:\Windows\pss\OpenOffice.org 3.1.lnk.Startup MSCONFIG\startupfolder: C:^Users^Jurek^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Tworzenie wycinków ekranu i uruchamianie programu OneNote 2007.lnk => C:\Windows\pss\Tworzenie wycinków ekranu i uruchamianie programu OneNote 2007.lnk.Startup MSCONFIG\startupreg: Adobe ARM => "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" MSCONFIG\startupreg: AlcoholAutomount => "C:\Program Files\Alcohol Soft\Alcohol 52\axcmd.exe" /automount MSCONFIG\startupreg: ALLUpdate => "C:\Program Files\ALLPlayer\ALLUpdate.exe" "sleep" MSCONFIG\startupreg: AMSG => C:\Program Files\ThinkVantage\AMSG\Amsg.exe /startup MSCONFIG\startupreg: BLOG => rundll32 C:\PROGRA~1\ThinkPad\UTILIT~1\BTVLogEx.DLL,StartBattLog MSCONFIG\startupreg: CameraApplicationLauncher => C:\Program Files\Lenovo\Camera Center\bin\CameraApplicationLaunchpadLauncher.exe MSCONFIG\startupreg: CDAServer => C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe MSCONFIG\startupreg: MDS_Menu => "C:\Program Files\Olympus\ib\MUITransfer\MUIStartMenu.exe" "C:\Program Files\Olympus\ib" UpdateWithCreateOnce "Software\OLYMPUS\ib\1.0" MSCONFIG\startupreg: NokiaMServer => C:\Program Files\Common Files\Nokia\MPlatform\NokiaMServer /watchfiles startup MSCONFIG\startupreg: NokiaOviSuite2 => C:\Program Files\Nokia\Nokia Ovi Suite\NokiaOviSuite.exe -tray MSCONFIG\startupreg: NokiaPCInternetAccess => "C:\Program Files\Nokia\PC Internet Access\NPCIA.exe" /b MSCONFIG\startupreg: Olympus ib => "C:\Program Files\Olympus\ib\olycamdetect.exe" /Startup MSCONFIG\startupreg: Pareto_Update => C:\Program Files\Common Files\ParetoLogic\UUS2\Pareto_Update.exe MSCONFIG\startupreg: QuickPhrase => "C:\Program Files\TypingMaster\QuickPhrase\quickphrase.exe" MSCONFIG\startupreg: RadioRage Search Scope Monitor => "C:\PROGRA~1\RADIOR~2\bar\1.bin\4jsrchmn.exe" /m=2 /w /h MSCONFIG\startupreg: RadioRage_4j Browser Plugin Loader => C:\PROGRA~1\RADIOR~2\bar\1.bin\4jbrmon.exe MSCONFIG\startupreg: ROC_roc_dec12 => "C:\Program Files\AVG Secure Search\ROC_roc_dec12.exe" /PROMPT /CMPID=roc_dec12 MSCONFIG\startupreg: RoxioDragToDisc => "C:\Program Files\Lenovo\Drag-to-Disc\DrgToDsc.exe" MSCONFIG\startupreg: RoxWatchTray => "C:\Program Files\Common Files\Roxio Shared\10.0\SharedCOM\RoxWatchTray10.exe" MSCONFIG\startupreg: snp2uvc => C:\Windows\vsnp2uvc.exe MSCONFIG\startupreg: SsAAD.exe => C:\PROGRA~1\Sony\SONICS~1\SsAAD.exe MSCONFIG\startupreg: SunJavaUpdateSched => "C:\Program Files\Common Files\Java\Java Update\jusched.exe" MSCONFIG\startupreg: TkBellExe => "c:\program files\real\realplayer\Update\realsched.exe" -osboot MSCONFIG\startupreg: TPFNF7 => C:\Program Files\Lenovo\NPDIRECT\TPFNF7SP.exe /r MSCONFIG\startupreg: vProt => "C:\Program Files\AVG Secure Search\vprot.exe" MSCONFIG\startupreg: WinampAgent => C:\Program Files\Winamp\winampa.exe MSCONFIG\startupreg: Windows Defender => %ProgramFiles%\Windows Defender\MSASCui.exe -hide ========================= Accounts: ========================== Administrator (S-1-5-21-1326293613-815195847-3214297108-500 - Administrator - Enabled) => C:\Users\Administrator ASPNET (S-1-5-21-1326293613-815195847-3214297108-1005 - Limited - Enabled) Gość (S-1-5-21-1326293613-815195847-3214297108-501 - Limited - Disabled) Jurek (S-1-5-21-1326293613-815195847-3214297108-1003 - Administrator - Enabled) => C:\Users\Jurek ==================== Faulty Device Manager Devices ============= Name: Bluetooth Peripheral Device Description: Bluetooth Peripheral Device Class Guid: Manufacturer: Service: Problem: : This device is disabled. (Code 22) Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions. Name: Bluetooth Peripheral Device Description: Bluetooth Peripheral Device Class Guid: Manufacturer: Service: Problem: : This device is disabled. (Code 22) Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions. ==================== Event log errors: ========================= Application errors: ================== Error: (10/30/2014 04:31:41 PM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (10/30/2014 04:29:02 PM) (Source: EventSystem) (EventID: 4621) (User: ) Description: 80070005EventSystem.EventSubscription{F6FE5592-FCBC-44AD-A836-D37F5085ED5B}-{00000000-0000-0000-0000-000000000000}-{00000000-0000-0000-0000-000000000000} Error: (10/30/2014 04:22:41 PM) (Source: SideBySide) (EventID: 78) (User: ) Description: Nie można wygenerować kontekstu aktywacji dla „C:\Windows\WinSxS\manifests\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_50934f2ebcb7eb57.manifest1”. Błąd w pliku manifestu lub w pliku zasad „C:\Windows\WinSxS\manifests\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_50934f2ebcb7eb57.manifest2” w wierszu C:\Windows\WinSxS\manifests\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_50934f2ebcb7eb57.manifest3. Wersja składnika wymagana przez aplikację powoduje konflikt z inną wersją składnika, która jest już aktywna. Składniki powodujące konflikt: Składnik 1: C:\Windows\WinSxS\manifests\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_50934f2ebcb7eb57.manifest. Składnik 2: C:\Windows\WinSxS\manifests\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30304.0_none_d9c474bda3593bfa.manifest. Error: (10/30/2014 04:22:39 PM) (Source: SideBySide) (EventID: 78) (User: ) Description: Nie można wygenerować kontekstu aktywacji dla „C:\Windows\WinSxS\manifests\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_50934f2ebcb7eb57.manifest1”. Błąd w pliku manifestu lub w pliku zasad „C:\Windows\WinSxS\manifests\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_50934f2ebcb7eb57.manifest2” w wierszu C:\Windows\WinSxS\manifests\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_50934f2ebcb7eb57.manifest3. Wersja składnika wymagana przez aplikację powoduje konflikt z inną wersją składnika, która jest już aktywna. Składniki powodujące konflikt: Składnik 1: C:\Windows\WinSxS\manifests\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_50934f2ebcb7eb57.manifest. Składnik 2: C:\Windows\WinSxS\manifests\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30304.0_none_d9c474bda3593bfa.manifest. Error: (10/30/2014 04:21:59 PM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (10/30/2014 00:47:32 AM) (Source: EventSystem) (EventID: 4621) (User: ) Description: 80070005EventSystem.EventSubscription{F6FE5592-FCBC-44AD-A836-D37F5085ED5B}-{00000000-0000-0000-0000-000000000000}-{00000000-0000-0000-0000-000000000000} Error: (10/30/2014 00:10:54 AM) (Source: SideBySide) (EventID: 78) (User: ) Description: Nie można wygenerować kontekstu aktywacji dla „C:\Windows\WinSxS\manifests\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_50934f2ebcb7eb57.manifest1”. Błąd w pliku manifestu lub w pliku zasad „C:\Windows\WinSxS\manifests\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_50934f2ebcb7eb57.manifest2” w wierszu C:\Windows\WinSxS\manifests\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_50934f2ebcb7eb57.manifest3. Wersja składnika wymagana przez aplikację powoduje konflikt z inną wersją składnika, która jest już aktywna. Składniki powodujące konflikt: Składnik 1: C:\Windows\WinSxS\manifests\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_50934f2ebcb7eb57.manifest. Składnik 2: C:\Windows\WinSxS\manifests\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30304.0_none_d9c474bda3593bfa.manifest. Error: (10/29/2014 11:40:05 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Aplikacja powodująca błąd gmer.exe, wersja 2.1.19357.0, sygnatura czasowa 0x52e7ea83, moduł powodujący błąd gmer.exe, wersja 2.1.19357.0, sygnatura czasowa 0x52e7ea83, kod wyjątku 0xc0000005, przesunięcie błędu 0x00012298, identyfikator procesu 0xf90, godzina rozpoczęcia aplikacji 0xgmer.exe0. Error: (10/29/2014 11:31:39 PM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (10/29/2014 10:35:18 PM) (Source: SideBySide) (EventID: 78) (User: ) Description: Nie można wygenerować kontekstu aktywacji dla „C:\Windows\WinSxS\manifests\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_50934f2ebcb7eb57.manifest1”. Błąd w pliku manifestu lub w pliku zasad „C:\Windows\WinSxS\manifests\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_50934f2ebcb7eb57.manifest2” w wierszu C:\Windows\WinSxS\manifests\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_50934f2ebcb7eb57.manifest3. Wersja składnika wymagana przez aplikację powoduje konflikt z inną wersją składnika, która jest już aktywna. Składniki powodujące konflikt: Składnik 1: C:\Windows\WinSxS\manifests\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_50934f2ebcb7eb57.manifest. Składnik 2: C:\Windows\WinSxS\manifests\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30304.0_none_d9c474bda3593bfa.manifest. System errors: ============= Error: (10/30/2014 04:31:42 PM) (Source: Service Control Manager) (EventID: 7026) (User: ) Description: tvtumon Error: (10/30/2014 04:31:42 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: eamonm%%2 Error: (10/30/2014 04:30:19 PM) (Source: Microsoft-Windows-LanguagePackSetup) (EventID: 1001) (User: ZARZĄDZANIE NT) Description: 0x80070032 Error: (10/30/2014 04:22:39 PM) (Source: Microsoft-Windows-LanguagePackSetup) (EventID: 1001) (User: ZARZĄDZANIE NT) Description: 0x80070032 Error: (10/30/2014 04:22:00 PM) (Source: Service Control Manager) (EventID: 7026) (User: ) Description: tvtumon Error: (10/30/2014 04:22:00 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: SessionLauncher%%3 Error: (10/30/2014 04:22:00 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: eamonm%%2 Error: (10/29/2014 11:31:39 PM) (Source: Service Control Manager) (EventID: 7026) (User: ) Description: tvtumon Error: (10/29/2014 11:31:39 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: SessionLauncher%%3 Error: (10/29/2014 11:31:39 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: eamonm%%2 Microsoft Office Sessions: ========================= Error: (09/03/2009 01:00:46 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: ) Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.4518.1014, Microsoft Office Version: 12.0.4518.1014. This session lasted 109 seconds with 60 seconds of active time. This session ended with a crash. Error: (09/03/2009 00:50:56 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: ) Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.4518.1014, Microsoft Office Version: 12.0.4518.1014. This session lasted 1723 seconds with 1680 seconds of active time. This session ended with a crash. Error: (02/02/2009 07:53:21 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: ) Description: ID: 1, Application Name: Microsoft Office Excel, Application Version: 12.0.6331.5000, Microsoft Office Version: 12.0.6215.1000. This session lasted 75 seconds with 0 seconds of active time. This session ended with a crash. Error: (02/02/2009 06:41:28 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: ) Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6331.5000, Microsoft Office Version: 12.0.6215.1000. This session lasted 31 seconds with 0 seconds of active time. This session ended with a crash. Error: (02/02/2009 06:40:39 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: ) Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6331.5000, Microsoft Office Version: 12.0.6215.1000. This session lasted 3995 seconds with 0 seconds of active time. This session ended with a crash. Error: (02/02/2009 06:39:07 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: ) Description: ID: 3, Application Name: Microsoft Office PowerPoint, Application Version: 12.0.6300.5000, Microsoft Office Version: 12.0.6215.1000. This session lasted 2337 seconds with 1200 seconds of active time. This session ended with a crash. Error: (02/02/2009 05:37:14 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: ) Description: ID: 3, Application Name: Microsoft Office PowerPoint, Application Version: 12.0.6300.5000, Microsoft Office Version: 12.0.6215.1000. This session lasted 66 seconds with 0 seconds of active time. This session ended with a crash. Error: (02/02/2009 05:33:46 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: ) Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6331.5000, Microsoft Office Version: 12.0.6215.1000. This session lasted 188 seconds with 0 seconds of active time. This session ended with a crash. Error: (02/02/2009 05:30:20 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: ) Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6331.5000, Microsoft Office Version: 12.0.6215.1000. This session lasted 587 seconds with 180 seconds of active time. This session ended with a crash. Error: (02/02/2009 04:58:34 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: ) Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6331.5000, Microsoft Office Version: 12.0.6215.1000. This session lasted 48 seconds with 0 seconds of active time. This session ended with a crash. CodeIntegrity Errors: =================================== Date: 2014-10-30 16:40:09.880 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\mwac.sys because the set of per-page image hashes could not be found on the system. Date: 2014-10-30 16:40:09.662 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\mwac.sys because the set of per-page image hashes could not be found on the system. Date: 2014-10-30 16:40:09.443 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\mwac.sys because the set of per-page image hashes could not be found on the system. Date: 2014-10-30 16:40:09.225 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\mwac.sys because the set of per-page image hashes could not be found on the system. Date: 2014-10-30 16:40:08.694 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\mbamchameleon.sys because the set of per-page image hashes could not be found on the system. Date: 2014-10-30 16:40:08.476 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\mbamchameleon.sys because the set of per-page image hashes could not be found on the system. Date: 2014-10-30 16:40:08.242 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\mbamchameleon.sys because the set of per-page image hashes could not be found on the system. Date: 2014-10-30 16:40:08.008 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\mbamchameleon.sys because the set of per-page image hashes could not be found on the system. Date: 2014-10-29 23:08:26.215 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\mwac.sys because the set of per-page image hashes could not be found on the system. Date: 2014-10-29 23:08:25.981 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\mwac.sys because the set of per-page image hashes could not be found on the system. ==================== Memory info =========================== Processor: Intel(R) Core(TM)2 Duo CPU T5670 @ 1.80GHz Percentage of memory in use: 55% Total physical RAM: 2012.54 MB Available physical RAM: 889.56 MB Total Pagefile: 4266.35 MB Available Pagefile: 3089.02 MB Total Virtual: 2047.88 MB Available Virtual: 1879.11 MB ==================== Drives ================================ Drive c: (SW_Preload) (Fixed) (Total:137.82 GB) (Free:53.27 GB) NTFS Drive e: (Danie) (Removable) (Total:57.62 GB) (Free:15.3 GB) NTFS Drive s: (SERVICEV003) (Fixed) (Total:1.46 GB) (Free:0.67 GB) NTFS ==>[System with boot components (obtained from reading drive)] ==================== MBR & Partition Table ================== ======================================================== Disk: 0 (Size: 149.1 GB) (Disk ID: FCEB6F98) Partition 1: (Active) - (Size=1.5 GB) - (Type=07 NTFS) Partition 2: (Not Active) - (Size=137.8 GB) - (Type=07 NTFS) Partition 3: (Not Active) - (Size=9.8 GB) - (Type=07 NTFS) ======================================================== Disk: 1 (Size: 57.6 GB) (Disk ID: 73736572) Partition 1: (Not Active) - (Size=866 GB) - (Type=72) Partition 2: (Not Active) - (Size=931.6 GB) - (Type=6C) Partition 00: (Not Active) - (Size=0) - (Type=00) ATTENTION ===> 0 byte partition bootkit. Partition 3: (Not Active) - (Size=224 KB) - (Type=00) ==================== End Of Log ============================