Additional scan result of Farbar Recovery Scan Tool (x64) Version: 04-11-2014 Ran by KiL at 2014-11-06 20:15:48 Running from C:\Users\KiL\Downloads Boot Mode: Normal ========================================================== ==================== Security Center ======================== (If an entry is included in the fixlist, it will be removed.) AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B} AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736} ==================== Installed Programs ====================== (Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.) Adobe Flash Player 15 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 15.0.0.167 - Adobe Systems Incorporated) Adobe Flash Player 15 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 15.0.0.152 - Adobe Systems Incorporated) Adobe Reader 9.4.0 - Polish (HKLM-x32\...\{AC76BA86-7AD7-1045-7B44-A94000000001}) (Version: 9.4.0 - Adobe Systems Incorporated) Aktualizacja produktu Microsoft Office Excel 2007 Help (KB963678) (HKLM-x32\...\{90120000-0016-0415-0000-0000000FF1CE}_ENTERPRISE_{04E205D6-88B1-4652-B162-42DF2C3B1228}) (Version: - Microsoft) Aktualizacja produktu Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM-x32\...\{90120000-0018-0415-0000-0000000FF1CE}_ENTERPRISE_{442ECBCF-94A7-48CC-8CD9-D31FFFD5FA86}) (Version: - Microsoft) Aktualizacja produktu Microsoft Office Word 2007 Help (KB963665) (HKLM-x32\...\{90120000-001B-0415-0000-0000000FF1CE}_ENTERPRISE_{128A36ED-21BE-4547-9FFE-5B85AEC735DD}) (Version: - Microsoft) ALL YouTube Downloader (HKLM-x32\...\ALL YouTube Downloader_is1) (Version: 2.2 - ALLPlayer Ltd.) ALLMediaServer (HKLM-x32\...\{FE77909E-B782-4554-A92A-4D887CEF0ACC}_is1) (Version: 0.94 - ALLCinema Ltd.) ALLPlayer V5.X (HKLM-x32\...\ALLPlayer_is1) (Version: - ALLPlayer Group, Ltd.) Archiwizator WinRAR (HKLM-x32\...\WinRAR archiver) (Version: - ) Ashampoo Burning Studio 2013 v.11.0.6 (HKLM-x32\...\{91B33C97-0FBA-74AE-E802-D782F5C8AA89}_is1) (Version: 11.0.6 - Ashampoo GmbH & Co. KG) ASIO4ALL (HKLM-x32\...\ASIO4ALL) (Version: 2.10 - Michael Tippach) avast! Free Antivirus (HKLM-x32\...\Avast) (Version: 9.0.2021 - AVAST Software) Cole2k Media - Codec Pack (Advanced) 8.0.1 (HKLM-x32\...\Cole2k Media - Codec Pack) (Version: - Cole2k Media) DivX Setup (HKLM-x32\...\DivX Setup) (Version: 2.6.1.5 - DivX, LLC) Dodatek Zapisywanie jako PDF lub XPS firmy Microsoft dla programów pakietu Microsoft Office 2007 (HKLM-x32\...\{90120000-00B2-0415-0000-0000000FF1CE}) (Version: 12.0.4518.1020 - Microsoft Corporation) E-MU USB Audio (HKLM-x32\...\{1C99893D-BC98-4456-AA3E-B67AB42301A6}) (Version: 1.1 - ) foobar2000 v1.1.11 (HKLM-x32\...\foobar2000) (Version: 1.1.11 - Peter Pawlowski) Google+ Auto Backup (HKLM-x32\...\{A50DE037-B5C0-4C8A-8049-B0C576B313D1}) (Version: 1.0.21.81 - Google) herdProtect Anti-Malware Scanner (HKLM-x32\...\herdProtectScan) (Version: 1.0 - Reason Company Software Inc.) Java(TM) 6 Update 23 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83216022FF}) (Version: 6.0.230 - Oracle) JMicron JMB38X Flash Media Controller Driver (HKLM-x32\...\{26604C7E-A313-4D12-867F-7C6E7820BE4C}) (Version: 1.00.20.07 - JMicron Technology Corp.) McAfee Security Scan Plus (HKLM\...\McAfee Security Scan) (Version: 3.8.150.1 - McAfee, Inc.) Microsoft .NET Framework 4 Client Profile (HKLM\...\Microsoft .NET Framework 4 Client Profile) (Version: 4.0.30319 - Microsoft Corporation) Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft) Microsoft Office Enterprise 2007 (HKLM-x32\...\ENTERPRISE) (Version: 12.0.6612.1000 - Microsoft Corporation) Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation) NapiProjekt 2.0.0 (build 2151) (HKLM-x32\...\NapiProjekt_is1) (Version: - ) Native Instruments Audio 2 DJ Driver (HKLM-x32\...\Native Instruments Audio 2 DJ Driver) (Version: - Native Instruments) Native Instruments Audio 4 DJ Driver (HKLM-x32\...\Native Instruments Audio 4 DJ Driver) (Version: - Native Instruments) Native Instruments Controller Editor (HKLM-x32\...\Native Instruments Controller Editor) (Version: - Native Instruments) Native Instruments Service Center (HKLM-x32\...\Native Instruments Service Center) (Version: - Native Instruments) Native Instruments Traktor (HKLM-x32\...\Native Instruments Traktor) (Version: - Native Instruments) Native Instruments Traktor 2 (HKLM-x32\...\Native Instruments Traktor 2) (Version: - Native Instruments) Native Instruments Traktor Kontrol X1 Driver (HKLM-x32\...\Native Instruments Traktor Kontrol X1 Driver) (Version: - Native Instruments) nKreator 3.0 (HKLM-x32\...\Najlepszefoto.pl_nKreator 3.0) (Version: - ) Opera Stable 25.0.1614.68 (HKLM-x32\...\Opera 25.0.1614.68) (Version: 25.0.1614.68 - Opera Software ASA) Picasa 3 (HKLM-x32\...\Picasa 3) (Version: 3.9 - Google, Inc.) Pierwsze Kroki (HKLM-x32\...\{5A2003A7-4F23-4012-AB47-ACFB580961E7}) (Version: 3.00 - ComfyWare) SpyHunter 4 (HKLM-x32\...\SpyHunter) (Version: 4.18.9.4384 - Enigma Software Group, LLC) Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 15.0.17.4 - Synaptics Incorporated) Świat Zwierząt (HKLM-x32\...\{4B2503DF-A0C4-422E-AE6C-8F92AE1FD931}) (Version: 1.50.0000 - Comfyware) Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft) VC80CRTRedist - 8.0.50727.6195 (x32 Version: 1.2.0 - DivX, Inc) Hidden Vegas Pro 10.0 (HKLM-x32\...\{6D592E30-11EC-11E0-859C-0013D3D69929}) (Version: 10.0.469 - Sony) Vividas Player Plugin v4.1 (HKLM\...\Vividas Player Plugin 64bit_is1) (Version: 4.1 - Vividas Asia Pacific Pty Ltd) Winamp (HKLM-x32\...\Winamp) (Version: 5.581 - Nullsoft, Inc) ==================== Custom CLSID (selected items): ========================== (If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.) ==================== Restore Points ========================= 01-11-2014 19:11:32 Windows Update 02-11-2014 17:42:12 herdProtect before 5 removals 04-11-2014 19:48:34 Windows Update 06-11-2014 15:49:54 Usunięte Pierwsze Kroki ==================== Hosts content: ========================== (If needed Hosts: directive could be included in the fixlist to reset Hosts.) 2009-07-14 03:34 - 2011-07-30 11:12 - 00000921 ____N C:\Windows\system32\Drivers\etc\hosts 127.0.0.1 genuine.microsoft.com 127.0.0.1 mpa.one.microsoft.com 127.0.0.1 sls.microsoft.com ==================== Scheduled Tasks (whitelisted) ============= (If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.) Task: {26C30CA9-14D3-4C44-8D30-9B907184F857} - System32\Tasks\Opera scheduled Autoupdate 1410791113 => C:\Program Files (x86)\Opera\launcher.exe [2014-10-29] (Opera Software) Task: {A39A3FD9-0E7E-43ED-A85C-53563C7BA13E} - System32\Tasks\SpyHunter4Startup => C:\Program Files\Enigma Software Group\SpyHunter\Spyhunter4.exe [2014-11-06] (Enigma Software Group USA, LLC.) Task: {D905BBC3-DD7F-49F8-A090-D66AD2F37962} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-09-25] (Adobe Systems Incorporated) Task: {EA1D2EC3-ECC1-49E9-826F-5F1D607F9680} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2014-09-16] (AVAST Software) Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe ==================== Loaded Modules (whitelisted) ============= 2014-10-30 17:48 - 2014-10-30 17:47 - 00500344 _____ () C:\Program Files (x86)\Opera\25.0.1614.68\opera_crashreporter.exe 2014-09-16 15:16 - 2014-09-16 15:16 - 00301152 _____ () C:\Program Files\AVAST Software\Avast\aswProperty.dll 2014-11-06 13:04 - 2014-11-06 13:04 - 02899456 _____ () C:\Program Files\AVAST Software\Avast\defs\14110600\algo.dll 2014-07-10 08:19 - 2007-09-17 10:36 - 01720320 ____N () C:\Program Files (x86)\Creative Professional\E-MU USB Audio\QtCore4.dll 2014-07-10 08:19 - 2006-10-20 18:20 - 00204800 ____N () C:\Program Files (x86)\Creative Professional\E-MU USB Audio\QtXml4.dll 2014-07-10 08:19 - 2006-10-20 18:25 - 03969024 ____N () C:\Program Files (x86)\Creative Professional\E-MU USB Audio\QtGui4.dll 2014-09-16 15:16 - 2014-09-16 15:16 - 19329904 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll 2014-10-30 17:48 - 2014-10-30 17:47 - 01310328 _____ () C:\Program Files (x86)\Opera\25.0.1614.68\libglesv2.dll 2014-10-30 17:48 - 2014-10-30 17:47 - 00219256 _____ () C:\Program Files (x86)\Opera\25.0.1614.68\libegl.dll 2014-10-30 17:48 - 2014-10-30 17:47 - 09218680 _____ () C:\Program Files (x86)\Opera\25.0.1614.68\pdf.dll 2014-10-30 17:48 - 2014-10-30 17:47 - 00991864 _____ () C:\Program Files (x86)\Opera\25.0.1614.68\ffmpegsumo.dll ==================== Alternate Data Streams (whitelisted) ========= (If an entry is included in the fixlist, only the Alternate Data Streams will be removed.) ==================== Safe Mode (whitelisted) =================== (If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.) ==================== EXE Association (whitelisted) ============= (If an entry is included in the fixlist, the default will be restored. None default entries will be removed.) ==================== MSCONFIG/TASK MANAGER disabled items ========= (Currently there is no automatic fix for this section.) ========================= Accounts: ========================== Administrator (S-1-5-21-719529602-3024575105-3826250098-500 - Administrator - Disabled) Guest (S-1-5-21-719529602-3024575105-3826250098-501 - Limited - Disabled) HomeGroupUser$ (S-1-5-21-719529602-3024575105-3826250098-1002 - Limited - Enabled) KiL (S-1-5-21-719529602-3024575105-3826250098-1000 - Administrator - Enabled) => C:\Users\KiL ==================== Faulty Device Manager Devices ============= Name: Teredo Tunneling Pseudo-Interface Description: Karta tunelowania Teredo firmy Microsoft Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318} Manufacturer: Microsoft Service: tunnel Problem: : This device cannot start. (Code10) Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device. On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard. Name: Description: Class Guid: Manufacturer: Service: Problem: : The drivers for this device are not installed. (Code 28) Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard. ==================== Event log errors: ========================= Application errors: ================== Error: (11/06/2014 04:57:43 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Nazwa aplikacji powodującej błąd: DivXUpdate.exe, wersja: 1.0.6.15, sygnatura czasowa: 0x4e31ebcf Nazwa modułu powodującego błąd: unknown, wersja: 0.0.0.0, sygnatura czasowa: 0x00000000 Kod wyjątku: 0xc0000005 Przesunięcie błędu: 0x00a0ca4a Identyfikator procesu powodującego błąd: 0xe80 Godzina uruchomienia aplikacji powodującej błąd: 0xDivXUpdate.exe0 Ścieżka aplikacji powodującej błąd: DivXUpdate.exe1 Ścieżka modułu powodującego błąd: DivXUpdate.exe2 Identyfikator raportu: DivXUpdate.exe3 Error: (11/06/2014 04:46:14 PM) (Source: Winlogon) (EventID: 4103) (User: ) Description: Aktywacja licencji systemu Windows nie powiodła się. Błąd 0x80070005. Error: (11/06/2014 01:40:21 PM) (Source: Winlogon) (EventID: 4103) (User: ) Description: Aktywacja licencji systemu Windows nie powiodła się. Błąd 0x80070005. Error: (11/06/2014 01:03:47 PM) (Source: Winlogon) (EventID: 4103) (User: ) Description: Aktywacja licencji systemu Windows nie powiodła się. Błąd 0x80070005. Error: (11/05/2014 07:28:08 PM) (Source: Winlogon) (EventID: 4103) (User: ) Description: Aktywacja licencji systemu Windows nie powiodła się. Błąd 0x80070005. Error: (11/05/2014 02:29:07 PM) (Source: Winlogon) (EventID: 4103) (User: ) Description: Aktywacja licencji systemu Windows nie powiodła się. Błąd 0x80070005. Error: (11/04/2014 08:42:01 PM) (Source: Winlogon) (EventID: 4103) (User: ) Description: Aktywacja licencji systemu Windows nie powiodła się. Błąd 0x80070005. Error: (11/04/2014 10:24:18 AM) (Source: Winlogon) (EventID: 4103) (User: ) Description: Aktywacja licencji systemu Windows nie powiodła się. Błąd 0x80070005. Error: (11/04/2014 01:07:21 AM) (Source: Winlogon) (EventID: 4103) (User: ) Description: Aktywacja licencji systemu Windows nie powiodła się. Błąd 0x80070005. Error: (11/03/2014 08:01:49 PM) (Source: Winlogon) (EventID: 4103) (User: ) Description: Aktywacja licencji systemu Windows nie powiodła się. Błąd 0x80070005. System errors: ============= Error: (11/06/2014 04:46:06 PM) (Source: atikmdag) (EventID: 10261) (User: ) Description: Display is not active Error: (11/06/2014 04:46:06 PM) (Source: atikmdag) (EventID: 19468) (User: ) Description: CPLIB :: General - Invalid Parameter Error: (11/06/2014 04:45:05 PM) (Source: DCOM) (EventID: 10010) (User: ) Description: {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5} Error: (11/06/2014 01:40:07 PM) (Source: atikmdag) (EventID: 10261) (User: ) Description: Display is not active Error: (11/06/2014 01:40:07 PM) (Source: atikmdag) (EventID: 19468) (User: ) Description: CPLIB :: General - Invalid Parameter Error: (11/06/2014 01:40:08 PM) (Source: EventLog) (EventID: 6008) (User: ) Description: Poprzednie zamknięcie systemu przy 13:38:26 na ‎2014-‎11-‎06 było nieoczekiwane. Error: (11/06/2014 01:03:40 PM) (Source: atikmdag) (EventID: 10261) (User: ) Description: Display is not active Error: (11/06/2014 01:03:40 PM) (Source: atikmdag) (EventID: 19468) (User: ) Description: CPLIB :: General - Invalid Parameter Error: (11/05/2014 08:47:21 PM) (Source: atikmdag) (EventID: 10261) (User: ) Description: Display is not active Error: (11/05/2014 08:43:39 PM) (Source: Microsoft-Windows-Kernel-Power) (EventID: 88) (User: NT AUTHORITY) Description: Nastąpiło przejście systemu do stanu hibernacji z powodu krytycznego zdarzenia termicznego. Czas hibernacji = 2014-11-05T19:43:39.818749600Z Strefa termiczna ACPI = ACPI\ThermalZone\THRM _HOT = 373 K Microsoft Office Sessions: ========================= CodeIntegrity Errors: =================================== Date: 2014-02-06 20:08:29.527 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\user32.dll because the set of per-page image hashes could not be found on the system. Date: 2014-02-06 20:04:13.589 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\user32.dll because the set of per-page image hashes could not be found on the system. Date: 2013-03-11 21:48:42.328 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\user32.dll because the set of per-page image hashes could not be found on the system. Date: 2013-03-10 13:44:45.482 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\user32.dll because the set of per-page image hashes could not be found on the system. Date: 2013-03-10 13:06:02.314 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\user32.dll because the set of per-page image hashes could not be found on the system. Date: 2013-03-10 12:38:10.896 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\user32.dll because the set of per-page image hashes could not be found on the system. Date: 2013-03-10 11:38:13.071 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\user32.dll because the set of per-page image hashes could not be found on the system. Date: 2013-03-10 10:10:59.969 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\user32.dll because the set of per-page image hashes could not be found on the system. Date: 2013-03-09 17:37:04.189 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\user32.dll because the set of per-page image hashes could not be found on the system. Date: 2013-03-09 15:44:13.341 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\user32.dll because the set of per-page image hashes could not be found on the system. ==================== Memory info =========================== Processor: AMD Turion(tm) X2 Dual-Core Mobile RM-70 Percentage of memory in use: 59% Total physical RAM: 3069.84 MB Available physical RAM: 1228.88 MB Total Pagefile: 6137.85 MB Available Pagefile: 3922.09 MB Total Virtual: 8192 MB Available Virtual: 8191.8 MB ==================== Drives ================================ Drive c: () (Fixed) (Total:140 GB) (Free:57.55 GB) NTFS Drive d: (HP_RECOVERY) (Fixed) (Total:8.95 GB) (Free:1.65 GB) NTFS ==>[System with boot components (obtained from reading drive)] Drive e: (First Steps) (CDROM) (Total:0.22 GB) (Free:0 GB) CDFS ==================== MBR & Partition Table ================== ==================== End Of Log ============================