Additional scan result of Farbar Recovery Scan Tool (x86) Version: 26-11-2014 01 Ran by boro at 2014-11-30 00:15:03 Running from C:\Users\boro\Desktop Boot Mode: Safe Mode (with Networking) ========================================================== ==================== Security Center ======================== (If an entry is included in the fixlist, it will be removed.) AV: Norton 360 (Enabled - Up to date) {D87FA2C0-F526-77B1-D6EC-0EDF3936CEDB} AS: Norton 360 (Enabled - Up to date) {631E4324-D31C-783F-EC5C-35AD42B18466} AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} FW: Norton 360 (Enabled) {E04423E5-BF49-76E9-FDB3-A7EAC7E589A0} ==================== Installed Programs ====================== (Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.) Adobe AIR (HKLM\...\Adobe AIR) (Version: 1.5.3.9120 - Adobe Systems Inc.) Adobe Community Help (HKLM\...\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 3.0.0.400 - Adobe Systems Incorporated) Adobe Flash Player 15 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 15.0.0.239 - Adobe Systems Incorporated) Adobe Flash Player 15 Plugin (HKLM\...\Adobe Flash Player Plugin) (Version: 15.0.0.239 - Adobe Systems Incorporated) Adobe Media Player (HKLM\...\com.adobe.amp.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 1.8 - Adobe Systems Incorporated) Adobe Photoshop CS5 (HKLM\...\{15FEDA5F-141C-4127-8D7E-B962D1742728}) (Version: 12.0 - Adobe Systems Incorporated) Adobe Reader XI (11.0.09) - Polish (HKLM\...\{AC76BA86-7AD7-1045-7B44-AB0000000001}) (Version: 11.0.09 - Adobe Systems Incorporated) Adobe Shockwave Player 12.0 (HKLM\...\Adobe Shockwave Player) (Version: 12.0.7.148 - Adobe Systems, Inc.) AMD Catalyst Install Manager (HKLM\...\{7C368470-3D19-24D9-4A81-697C1DEB4710}) (Version: 8.0.915.0 - Advanced Micro Devices, Inc.) Apple Application Support (HKLM\...\{EB879750-CCBD-4013-BFD5-0294D4DA5BD0}) (Version: 2.1.7 - Apple Inc.) Apple Software Update (HKLM\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.) Archiwizator WinRAR (HKLM\...\WinRAR archiver) (Version: - ) Audacity 1.2.6 (HKLM\...\Audacity_is1) (Version: - ) Canon LBP5050 (HKLM\...\Canon LBP5050) (Version: - ) CCleaner (HKLM\...\CCleaner) (Version: 3.25 - Piriform) CDDRV_Installer (Version: 4.60 - Logitech) Hidden Centrum obsługi urządzeń z systemem Windows Mobile (HKLM\...\{904CCF62-818D-4675-BC76-D37EB399F917}) (Version: 6.1.6965.0 - Microsoft Corporation) Citrix Receiver (HKLM\...\CitrixOnlinePluginPackWeb) (Version: 14.1.200.13 - Citrix Systems, Inc.) Contextual Tool Extrafind (HKLM\...\a666ceb5) (Version: - ) <==== ATTENTION Data Access Objects (DAO) 3.5 (HKLM\...\Data Access Objects (DAO) 3.5) (Version: - ) DealPly (HKU\.DEFAULT\...\DealPly) (Version: - ) <==== ATTENTION Dysk wspomnieniowy HP (HKLM\...\{B376402D-58EA-45EA-BD50-DD924EB67A70}) (Version: 1.0.4.805 - Hewlett-Packard Company) EaseUS Partition Master 9.2.2 (HKLM\...\EaseUS Partition Master_is1) (Version: - EaseUS) erLT (Version: 1.12.0117 - Logitech, Inc.) Hidden Far Cry 2 (HKLM\...\{F2835483-37F2-4123-B4FE-0E77D58447F2}) (Version: 1.00.00 - Ubisoft) FIFA 13 (HKLM\...\{A29E18C2-7AB1-4b6b-848C-5D5E2C85F0C0}) (Version: 1.1.0.0 - Electronic Arts) FileOpen Client (HKLM\...\{76A64A33-D197-4525-85EE-255D6E5F3604}) (Version: 3.0.83.920 - FileOpen Systems, Inc.) Fraps (remove only) (HKLM\...\Fraps) (Version: - ) FreeOCR 3.0 (HKLM\...\{108A39BF-4ED1-4293-B11A-06BD521FB8F7}) (Version: 3.0 - Free OCR) GameXN GO (HKU\S-1-5-21-2175693240-3727528676-118860353-1000\...\Game Organizer) (Version: - EasyBits Media) GG (HKU\S-1-5-21-2175693240-3727528676-118860353-1000\...\GG) (Version: 11 - GG Network S.A.) Google Chrome (HKLM\...\Google Chrome) (Version: 39.0.2171.71 - Google Inc.) Google Update Helper (Version: 1.3.25.11 - Google Inc.) Hidden Gżegżółka XP 7.1.2.2 (HKLM\...\GzegzolkaXP_is1) (Version: 7.1.2.2 - Piotr Sawicki) HTC Driver Installer (HKLM\...\{4CEEE5D0-F905-4688-B9F9-ECC710507796}) (Version: 4.13.0.003 - HTC Corporation) HTC Sync Manager (HKLM\...\{231D0C79-98A6-4693-A366-36DE7D7346EC}) (Version: 3.1.24.5 - HTC) IPTInstaller (HKLM\...\{08208143-777D-4A06-BB54-71BF0AD1BB70}) (Version: 4.0.9 - HTC) Java 7 Update 71 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F03217071FF}) (Version: 7.0.710 - Oracle) JavaFX 2.1.1 (HKLM\...\{1111706F-666A-4037-7777-211328764D10}) (Version: 2.1.1 - Oracle Corporation) KhalInstallWrapper (Version: 4.60.122 - Logitech) Hidden KMP Service (HKLM\...\4F6D5E84-5826-4394-9F40-3A9A19165651_is1) (Version: - KMP) <==== ATTENTION Live Update 5 (HKLM\...\{009E5DF2-3F97-480B-89DA-F2D5E672E14A}_is1) (Version: 5.0.068 - MSI) Logitech Desktop Messenger (HKLM\...\{900B1197-53F5-4F46-A882-2CFFFE2EEDCB}) (Version: 2.56.102 - Logitech, Inc.) Logitech Gaming Software 5.10 (HKLM\...\{60D32CDC-E3BE-4578-BA10-29322307CDDC}) (Version: 5.10.127 - Logitech) Logitech SetPoint (HKLM\...\{F29B21BD-CAA6-445F-8EF7-A7E2B9D8B14E}) (Version: 4.60 - Logitech) Microsoft .NET Framework 4.5 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50709 - Microsoft Corporation) Microsoft Games for Windows - LIVE Redistributable (HKLM\...\{F2508213-9989-4E85-A078-72BE483917EF}) (Version: 3.5.88.0 - Microsoft Corporation) Microsoft Games for Windows Marketplace (HKLM\...\{4CB0307C-565E-4441-86BE-0DF2E4FB828C}) (Version: 3.5.50.0 - Microsoft Corporation) Microsoft Office Enterprise 2007 (HKLM\...\ENTERPRISE) (Version: 12.0.4518.1014 - Microsoft Corporation) Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.20913.0 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 (HKLM\...\{22154f09-719a-4619-bb71-5b3356999fbf}) (Version: 11.0.50727.1 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation) Mozilla Firefox 33.1 (x86 pl) (HKLM\...\Mozilla Firefox 33.1 (x86 pl)) (Version: 33.1 - Mozilla) Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 29.0 - Mozilla) MP3 Converter 4.2.306 (HKLM\...\{3F9411FC-F7D9-47EB-9430-044CD565C752}_is1) (Version: 4.2.306 - AVConverter Technologies Co.,Ltd.) MyDriveConnect 3.3.0.1756 (HKLM\...\MyDriveConnect) (Version: 3.3.0.1756 - TomTom) Need for Speed Rivals wersja 1.0 (HKLM\...\Need for Speed Rivals_is1) (Version: 1.0 - EA Games) Nero 7 Premium (HKLM\...\{91C0B95B-B83A-4828-A775-BBE2DD421045}) (Version: 7.02.9752 - Nero AG) Norton 360 (HKLM\...\N360) (Version: 21.6.0.32 - Symantec Corporation) NVIDIA PhysX (HKLM\...\{3F5C371F-8EA2-4F25-9D3D-D0B4526E3AEA}) (Version: 9.10.0513 - NVIDIA Corporation) Online Plug-in (Version: 14.1.200.13 - Citrix Systems, Inc.) Hidden Origin (HKLM\...\Origin) (Version: 9.4.22.2815 - Electronic Arts, Inc.) Pakiet sterowników systemu Windows - Hewlett-Packard hp scanjet 3600 series (01/17/2007 8.1.0.77) (HKLM\...\DAB436C4031D4395E5025EEF529E9B04643E6900) (Version: 01/17/2007 8.1.0.77 - Hewlett-Packard) PDF Settings CS5 (Version: 10.0 - Adobe Systems Incorporated) Hidden PDF-XChange Viewer (HKLM\...\{3A6F4A31-8CFD-46B4-8385-E1F384DB121E}) (Version: 2.5.214.2 - Tracker Software Products (Canada) Ltd.) Photo Toolkit 1.8 (HKLM\...\PhotoToolkit_is1) (Version: - VicMan Software) PHP 5.3.8 (HKLM\...\{363973DB-33E3-4AA9-83DB-21401F78EFB9}) (Version: 5.3.8 - The PHP Group) QuickTime (HKLM\...\{0E64B098-8018-4256-BA23-C316A43AD9B0}) (Version: 7.72.80.56 - Apple Inc.) RealNetworks - Microsoft Visual C++ 2008 Runtime (Version: 9.0 - RealNetworks, Inc) Hidden RealPlayer (HKLM\...\RealPlayer 15.0) (Version: 15.0.6 - RealNetworks) Realtek High Definition Audio Driver (HKLM\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.5821 - Realtek Semiconductor Corp.) RealUpgrade 1.1 (Version: 1.1.0 - RealNetworks, Inc.) Hidden Samsung New PC Studio (HKLM\...\InstallShield_{F193FC0E-9E18-40FC-A974-509A1BDD240A}) (Version: 1.00.0000 - Samsung Electronics Co., Ltd.) Samsung New PC Studio (Version: 1.00.0000 - Samsung Electronics Co., Ltd.) Hidden Samsung PC Studio 3 (Version: 3.0.0.71009 - Samsung Electronics Co., Ltd.) Hidden SAMSUNG USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.6.0 - SAMSUNG Electronics Co., Ltd.) Self-service Plug-in (Version: 4.1.200.588 - Citrix Systems, Inc.) Hidden ShareIns (Version: 1.00.0000 - Hewlett-Packard) Hidden Skype™ 6.21 (HKLM\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 6.21.104 - Skype Technologies S.A.) swMSM (Version: 12.0.0.1 - Adobe Systems, Inc) Hidden TeraCopy 2.27 (HKLM\...\TeraCopy_is1) (Version: - Code Sector) Testy B 5.1.3.43 (HKLM\...\{2ABBBEA8-D801-46AA-9E27-C62EB2724494}_is1) (Version: 5.1.3.43 - Grupa IMAGE sp. z o.o.) Testy Bplus 5.1.3.51 (HKLM\...\{81999787-A518-4218-86D5-C5D25E6808F5}_is1) (Version: 5.1.3.51 - Grupa IMAGE sp. z o.o.) The KMPlayer (remove only) (HKLM\...\The KMPlayer) (Version: 3.8.0.121 - PandoraTV) Total Commander (Remove or Repair) (HKLM\...\Totalcmd) (Version: 7.56a - Ghisler Software GmbH) Unified Remote (HKLM\...\{C1A27237-0CCD-4F47-BFEB-14BC40097E17}) (Version: 2.9.0.0 - Unified Remote) Unity Web Player (HKU\S-1-5-21-2175693240-3727528676-118860353-1000\...\UnityWebPlayer) (Version: - Unity Technologies ApS) VGA USB Camera (2120) (HKLM\...\{5A1078DE-0570-4FA3-B57A-70004CD5AE28}) (Version: - ) Visual Studio C++ 10.0 Runtime (HKLM\...\{4412F224-3849-4461-A3E9-DEEF8D252790}) (Version: 10.0.0 - TomTom International B.V.) Windows Live ID Sign-in Assistant (HKLM\...\{0840B4D6-7DD1-4187-8523-E6FC0007EFB7}) (Version: 6.500.3165.0 - Microsoft Corporation) Windows Media Player Firefox Plugin (HKLM\...\{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}) (Version: 1.0.0.8 - Microsoft Corp) YDP Flash Speech Recognition Support 1.2 (HKLM\...\YDP Flash Speech Recognition Support) (Version: 1.2 - YDP) ==================== Custom CLSID (selected items): ========================== (If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.) CustomCLSID: HKU\S-1-5-21-2175693240-3727528676-118860353-1000_Classes\CLSID\{00B7E0AB-817A-44AD-A04B-D1148D524136}\InprocServer32 -> C:\Windows\system32\msxml4.dll (Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-2175693240-3727528676-118860353-1000_Classes\CLSID\{039B2CA5-3B41-4D93-AD77-47D3293FC5CB}\InprocServer32 -> C:\ProgramData\GameXN\ezGameXN.dll (EasyBits Media) CustomCLSID: HKU\S-1-5-21-2175693240-3727528676-118860353-1000_Classes\CLSID\{42481700-CF3C-4D05-8EC6-F9A1C57E8DC0}\InprocServer32 -> C:\ProgramData\GameXN\ezGameXN.dll (EasyBits Media) CustomCLSID: HKU\S-1-5-21-2175693240-3727528676-118860353-1000_Classes\CLSID\{444785F1-DE89-4295-863A-D46C3A781394}\InprocServer32 -> C:\Users\boro\AppData\LocalLow\Unity\WebPlayer\loader\UnityWebPluginAX.ocx (Unity Technologies ApS) CustomCLSID: HKU\S-1-5-21-2175693240-3727528676-118860353-1000_Classes\CLSID\{7C6E29BC-8B8B-4C3D-859E-AF6CD158BE0F}\InprocServer32 -> C:\Windows\system32\msxml4.dll (Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-2175693240-3727528676-118860353-1000_Classes\CLSID\{88D969C0-F192-11D4-A65F-0040963251E5}\InprocServer32 -> C:\Windows\system32\msxml4.dll (Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-2175693240-3727528676-118860353-1000_Classes\CLSID\{88D969C1-F192-11D4-A65F-0040963251E5}\InprocServer32 -> C:\Windows\system32\msxml4.dll (Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-2175693240-3727528676-118860353-1000_Classes\CLSID\{88D969C2-F192-11D4-A65F-0040963251E5}\InprocServer32 -> C:\Windows\system32\msxml4.dll (Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-2175693240-3727528676-118860353-1000_Classes\CLSID\{88D969C3-F192-11D4-A65F-0040963251E5}\InprocServer32 -> C:\Windows\system32\msxml4.dll (Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-2175693240-3727528676-118860353-1000_Classes\CLSID\{88D969C4-F192-11D4-A65F-0040963251E5}\InprocServer32 -> C:\Windows\system32\msxml4.dll (Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-2175693240-3727528676-118860353-1000_Classes\CLSID\{88D969C5-F192-11D4-A65F-0040963251E5}\InprocServer32 -> C:\Windows\system32\msxml4.dll (Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-2175693240-3727528676-118860353-1000_Classes\CLSID\{88D969C6-F192-11D4-A65F-0040963251E5}\InprocServer32 -> C:\Windows\system32\msxml4.dll (Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-2175693240-3727528676-118860353-1000_Classes\CLSID\{88D969C8-F192-11D4-A65F-0040963251E5}\InprocServer32 -> C:\Windows\system32\msxml4.dll (Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-2175693240-3727528676-118860353-1000_Classes\CLSID\{88D969C9-F192-11D4-A65F-0040963251E5}\InprocServer32 -> C:\Windows\system32\msxml4.dll (Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-2175693240-3727528676-118860353-1000_Classes\CLSID\{88D969CA-F192-11D4-A65F-0040963251E5}\InprocServer32 -> C:\Windows\system32\msxml4.dll (Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-2175693240-3727528676-118860353-1000_Classes\CLSID\{88D969D6-F192-11D4-A65F-0040963251E5}\InprocServer32 -> C:\Windows\system32\msxml4.dll (Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-2175693240-3727528676-118860353-1000_Classes\CLSID\{BB6410D8-F879-4184-9C5C-6A02D16AE0B3}\InprocServer32 -> C:\ProgramData\GameXN\ezGameXN.dll (EasyBits Media) CustomCLSID: HKU\S-1-5-21-2175693240-3727528676-118860353-1000_Classes\CLSID\{CA1073A2-5F3F-4445-8E5E-7109BDCEDDBE}\InprocServer32 -> C:\ProgramData\GameXN\ezGameXN.dll (EasyBits Media) CustomCLSID: HKU\S-1-5-21-2175693240-3727528676-118860353-1000_Classes\CLSID\{D5A55D2D-C59D-42C3-A5BF-4C08EEE74339}\InprocServer32 -> C:\ProgramData\GameXN\ezGameXN.dll (EasyBits Media) CustomCLSID: HKU\S-1-5-21-2175693240-3727528676-118860353-1000_Classes\CLSID\{E68D0A55-3C40-4712-B90D-DCFA93FF2534}\InprocServer32 -> C:\Users\boro\AppData\Roaming\GG\ggdrive\ggdrive-menu.dll (GG Network S.A.) ==================== Restore Points ========================= ==================== Hosts content: ========================== (If needed Hosts: directive could be included in the fixlist to reset Hosts.) 2009-07-14 02:04 - 2014-09-24 22:01 - 00001028 ____A C:\Windows\system32\Drivers\etc\hosts 127.0.0.1 validation.sls.microsoft.com 127.0.0.1 serial.alcohol-soft.com 127.0.0.1 www.alcohol-soft.com 127.0.0.1 images.alcohol-soft.com 127.0.0.1 trial.alcohol-soft.com 127.0.0.1 alcohol-soft.com ==================== Scheduled Tasks (whitelisted) ============= (If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.) Task: {05B6817C-3CB7-47CA-865C-B9171DF024A8} - System32\Tasks\RealUpgradeLogonTaskS-1-5-21-2175693240-3727528676-118860353-1000 => C:\Program Files\Real\RealUpgrade\RealUpgrade.exe [2012-07-27] (RealNetworks, Inc.) Task: {113274D5-80D5-4899-B92E-0F4F0A263A99} - System32\Tasks\Norton 360\Norton Error Analyzer => C:\Program Files\Norton 360\Engine\21.6.0.32\SymErr.exe [2014-01-30] (Symantec Corporation) Task: {3CEB2F37-BFE3-476E-82D6-A3A29AF95C1D} - System32\Tasks\RealCreateProcessScheduledTask5764860S-1-5-21-2175693240-3727528676-118860353-1000 => C:\Program Files\Real\RealPlayer\update\realsched.exe [2012-10-08] (RealNetworks, Inc.) Task: {41377163-D32D-4DBF-B001-9BEAABED34DF} - System32\Tasks\{2B1B4495-0D8A-4666-BCB6-C257E90BC688} => c:\program files\opera\opera.exe Task: {6515F259-1324-434F-8F39-B8BB600BADC0} - System32\Tasks\Norton WSC Integration => C:\Program Files\Norton 360\Engine\21.6.0.32\WSCStub.exe [2014-09-21] (Symantec Corporation) Task: {69178876-3E8F-4AE5-84AA-239DA28DB731} - System32\Tasks\RealCreateProcessScheduledTask35739S-1-5-21-2175693240-3727528676-118860353-1000 => C:\Program Files\Real\RealPlayer\update\realsched.exe [2012-10-08] (RealNetworks, Inc.) Task: {6B9D47AC-2EC0-4C77-BC07-0E9AA755A866} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2014-11-25] (Adobe Systems Incorporated) Task: {8224C0A1-A118-437B-9743-BAEC1EBDF86C} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2014-11-02] (Google Inc.) Task: {947C13A6-69C2-453A-824A-86AE57E4E91B} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2012-11-23] (Piriform Ltd) Task: {9A35B448-D2E6-442B-8455-FB416FF61421} - System32\Tasks\Norton Internet Security\Norton Error Analyzer => C:\Program Files\Norton Internet Security\Engine\21.0.1.3\SymErr.exe Task: {9C200E15-48B1-41AB-9C95-9509FF763390} - System32\Tasks\Norton 360\Norton Error Processor => C:\Program Files\Norton 360\Engine\21.6.0.32\SymErr.exe [2014-01-30] (Symantec Corporation) Task: {B169F9EA-5CB5-462F-8C11-4FA09D3991FF} - System32\Tasks\{F0758497-79BC-4259-AA9B-807F282CF2C3} => C:\Program Files\Skype\\Phone\Skype.exe [2014-10-01] (Skype Technologies S.A.) Task: {C033A449-0297-4A9C-B58E-FEAAA97E5ACF} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2014-11-02] (Google Inc.) Task: {C8643967-42A1-4063-B442-F0D5ED4829F0} - System32\Tasks\Norton Internet Security\Norton Error Processor => C:\Program Files\Norton Internet Security\Engine\21.0.1.3\SymErr.exe Task: {CAF9415F-2766-4468-B68F-1B34EC177932} - System32\Tasks\RealCreateProcessScheduledTask2227663S-1-5-21-2175693240-3727528676-118860353-1000 => C:\Program Files\Real\RealPlayer\update\realsched.exe [2012-10-08] (RealNetworks, Inc.) (If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.) Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\RealUpgradeScheduledTaskS-1-5-21-2175693240-3727528676-118860353-1000.job => C:\Program Files\Real\RealUpgrade\realupgrade.exe ==================== Loaded Modules (whitelisted) ============= 2014-11-11 21:21 - 2014-11-11 21:21 - 03649648 _____ () C:\Program Files\Mozilla Firefox\mozjs.dll 2014-11-25 21:27 - 2014-11-25 21:27 - 16841392 _____ () C:\Windows\system32\Macromed\Flash\NPSWF32_15_0_0_239.dll ==================== Alternate Data Streams (whitelisted) ========= (If an entry is included in the fixlist, only the Alternate Data Streams will be removed.) ==================== Safe Mode (whitelisted) =================== (If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.) HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Option => "OptionValue"="2" ==================== EXE Association (whitelisted) ============= (If an entry is included in the fixlist, the default will be restored. None default entries will be removed.) ==================== MSCONFIG/TASK MANAGER disabled items ========= (Currently there is no automatic fix for this section.) MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Logitech Desktop Messenger.lnk => C:\Windows\pss\Logitech Desktop Messenger.lnk.CommonStartup MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Logitech SetPoint.lnk => C:\Windows\pss\Logitech SetPoint.lnk.CommonStartup MSCONFIG\startupreg: Adobe ARM => "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" MSCONFIG\startupreg: AdobeAAMUpdater-1.0 => "C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" MSCONFIG\startupreg: AdobeCS5ServiceManager => "C:\Program Files\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe" -launchedbylogin MSCONFIG\startupreg: AlcoholAutomount => "C:\Program Files\Alcohol Soft\Alcohol 120\AxAutoMntSrv.exe" -automount MSCONFIG\startupreg: APSDaemon => "C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe" MSCONFIG\startupreg: AutoStartNPSAgent => C:\Program Files\Samsung\Samsung New PC Studio\NPSAgent.exe MSCONFIG\startupreg: BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA} => "C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe" MSCONFIG\startupreg: CNAP2 Launcher => C:\Windows\system32\spool\DRIVERS\W32X86\3\CNAP2LAK.EXE MSCONFIG\startupreg: EaseUS EPM tray => C:\Program Files\EaseUS\EaseUS Partition Master 9.2.2\bin\EpmNews.exe MSCONFIG\startupreg: FileOpenBroker => C:\Program Files\FileOpen\Services\FileOpenBroker32.exe MSCONFIG\startupreg: Freecorder FLV Service => "C:\Program Files\Freecorder\FLVSrvc.exe" /run MSCONFIG\startupreg: Gadu-Gadu 10 => "C:\Program Files\Gadu-Gadu 10\gg.exe" MSCONFIG\startupreg: GameXN => "C:\ProgramData\GameXN\GameXNGO.exe" /silent MSCONFIG\startupreg: GameXN (news) => "C:\ProgramData\GameXN\GameXNGO.exe" /n MSCONFIG\startupreg: GameXN (update) => "C:\ProgramData\GameXN\GameXNGO.exe" /u MSCONFIG\startupreg: Google Update => "C:\Users\boro\AppData\Local\Google\Update\GoogleUpdate.exe" /c MSCONFIG\startupreg: Kernel and Hardware Abstraction Layer => KHALMNPR.EXE MSCONFIG\startupreg: Live Update 5 => C:\Program Files\MSI\Live Update 5\LU5.exe /reminder MSCONFIG\startupreg: mobilegeni daemon => C:\Program Files\Mobogenie\DaemonProcess.exe MSCONFIG\startupreg: NeroFilterCheck => C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe MSCONFIG\startupreg: QuickTime Task => "C:\Program Files\QuickTime\QTTask.exe" -atboottime MSCONFIG\startupreg: SE => "C:\Users\boro\AppData\Roaming\SkypEmoticons\SE.exe" /minimized MSCONFIG\startupreg: Share-to-Web Namespace Daemon => C:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnd.exe MSCONFIG\startupreg: Skype => "C:\Program Files\Skype\Phone\Skype.exe" /minimized /regrun MSCONFIG\startupreg: Start WingMan Profiler => C:\Program Files\Logitech\Gaming Software\LWEMon.exe /noui MSCONFIG\startupreg: StartCCC => "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun MSCONFIG\startupreg: SwitchBoard => C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe MSCONFIG\startupreg: W7LXE => "F:\CrAcK\Windows.7.Loader.eXtreme.Edition.v3.503\w7lxe.exe" /react /days=0 /method="180+ Days" /iffailed=delete ========================= Accounts: ========================== Administrator (S-1-5-21-2175693240-3727528676-118860353-500 - Administrator - Disabled) boro (S-1-5-21-2175693240-3727528676-118860353-1000 - Administrator - Enabled) => C:\Users\boro Gość (S-1-5-21-2175693240-3727528676-118860353-501 - Limited - Disabled) HomeGroupUser$ (S-1-5-21-2175693240-3727528676-118860353-1002 - Limited - Enabled) ==================== Faulty Device Manager Devices ============= Name: Security Processor Loader Driver Description: Security Processor Loader Driver Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1} Manufacturer: Service: spldr Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24) Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed. Devices stay in this state if they have been prepared for removal. After you remove the device, this error disappears.Remove the device, and this error should be resolved. Name: sptd Description: sptd Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1} Manufacturer: Service: sptd Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24) Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed. Devices stay in this state if they have been prepared for removal. After you remove the device, this error disappears.Remove the device, and this error should be resolved. Name: Teredo Tunneling Pseudo-Interface Description: Karta tunelowania Teredo firmy Microsoft Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318} Manufacturer: Microsoft Service: tunnel Problem: : This device cannot start. (Code10) Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device. On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard. ==================== Event log errors: ========================= Application errors: ================== Error: (11/29/2014 09:30:21 PM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (11/29/2014 09:29:04 PM) (Source: Winlogon) (EventID: 4103) (User: ) Description: Aktywacja licencji systemu Windows nie powiodła się. Błąd 0x00000000. Error: (11/29/2014 09:29:03 PM) (Source: Software Protection Platform Service) (EventID: 8198) (User: ) Description: Wystąpił błąd aktywacji licencji (slui.exe), kod błędu: 0x8007043C Error: (11/29/2014 08:48:40 PM) (Source: ESENT) (EventID: 481) (User: ) Description: wuaueng.dll (1196) SUS20ClientDataStore: Próba odczytu z pliku "C:\Windows\SoftwareDistribution\DataStore\DataStore.edb" na pozycji względnej 119209984 (0x00000000071b0000) w ilości 32768 (0x00008000) bajtów zakończyła się niepomyślnie po wuaueng.dll0 s z błędem systemowym 23 (0x00000017): "Błąd danych (CRC). ". Operacja odczytu zostanie zakończona z błędem -1021 (0xfffffc03). Jeśli ta sytuacja będzie się powtarzać, plik może być uszkodzony i być może konieczne będzie przywrócenie go z wcześniejszej kopii zapasowej. Error: (11/29/2014 08:48:37 PM) (Source: Application Error) (EventID: 1005) (User: ) Description: System Windows nie może uzyskać dostępu do pliku C:\Windows\SoftwareDistribution\DataStore\DataStore.edb z jednej z następujących przyczyn: problem z połączeniem sieciowym; problem z dyskiem, na którym jest przechowywany plik; problem ze sterownikami magazynu zainstalowanymi na tym komputerze; brak dysku. System Windows zamknął program Proces hosta dla usług systemu Windows z powodu tego błędu. Program: Proces hosta dla usług systemu Windows Plik: C:\Windows\SoftwareDistribution\DataStore\DataStore.edb Wartość błędu jest wyświetlona w sekcji Dodatkowe dane. Akcja użytkownika 1. Otwórz plik ponownie. Ta sytuacja może być przejściowym problemem, który sam się rozwiąże po ponownym uruchomieniu programu. 2. Jeśli nadal nie można uzyskać dostępu do pliku i - jest w sieci, administrator sieci powinien sprawdzić, czy nie ma problemu z siecią i czy można skontaktować się z serwerem. - jest na dysku wymiennym, na przykład dyskietce lub dysku CD-ROM, sprawdź, czy cały dysk jest włożony do komputera. 3. Sprawdź i napraw system plików, uruchamiając program CHKDSK. Aby uruchomić program CHKDSK, kliknij przycisk Start, kliknij polecenie Uruchom, wpisz polecenie CMD, a następnie kliknij przycisk OK. W wierszu polecenia wpisz polecenie CHKDSK /F, a następnie naciśnij klawisz ENTER. 4. Jeżeli problem nie ustąpi, przywróć plik z kopii zapasowej. 5. Ustal, czy można otworzyć inne pliki na tym samym dysku. Jeśli nie, dysk może być uszkodzony. Jeśli jest to dysk twardy, skontaktuj się z administratorem komputera lub dostawcą sprzętu komputerowego, aby uzyskać dalszą pomoc. Dodatkowe dane Wartość błędu: C000009C Typ dysku: 3 Error: (11/29/2014 08:48:37 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Nazwa aplikacji powodującej błąd: svchost.exe_wuauserv, wersja: 6.1.7600.16385, sygnatura czasowa: 0x4a5bc100 Nazwa modułu powodującego błąd: msvcrt.dll, wersja: 7.0.7600.16385, sygnatura czasowa: 0x4a5bda6f Kod wyjątku: 0xc0000006 Przesunięcie błędu: 0x00009c7f Identyfikator procesu powodującego błąd: 0x4ac Godzina uruchomienia aplikacji powodującej błąd: 0xsvchost.exe_wuauserv0 Ścieżka aplikacji powodującej błąd: svchost.exe_wuauserv1 Ścieżka modułu powodującego błąd: svchost.exe_wuauserv2 Identyfikator raportu: svchost.exe_wuauserv3 Error: (11/29/2014 08:48:23 PM) (Source: ESENT) (EventID: 481) (User: ) Description: wuaueng.dll (1196) SUS20ClientDataStore: Próba odczytu z pliku "C:\Windows\SoftwareDistribution\DataStore\DataStore.edb" na pozycji względnej 119209984 (0x00000000071b0000) w ilości 32768 (0x00008000) bajtów zakończyła się niepomyślnie po wuaueng.dll0 s z błędem systemowym 23 (0x00000017): "Błąd danych (CRC). ". Operacja odczytu zostanie zakończona z błędem -1021 (0xfffffc03). Jeśli ta sytuacja będzie się powtarzać, plik może być uszkodzony i być może konieczne będzie przywrócenie go z wcześniejszej kopii zapasowej. Error: (11/29/2014 08:48:20 PM) (Source: ESENT) (EventID: 481) (User: ) Description: wuaueng.dll (1196) SUS20ClientDataStore: Próba odczytu z pliku "C:\Windows\SoftwareDistribution\DataStore\DataStore.edb" na pozycji względnej 119209984 (0x00000000071b0000) w ilości 32768 (0x00008000) bajtów zakończyła się niepomyślnie po wuaueng.dll0 s z błędem systemowym 23 (0x00000017): "Błąd danych (CRC). ". Operacja odczytu zostanie zakończona z błędem -1021 (0xfffffc03). Jeśli ta sytuacja będzie się powtarzać, plik może być uszkodzony i być może konieczne będzie przywrócenie go z wcześniejszej kopii zapasowej. Error: (11/29/2014 08:48:17 PM) (Source: ESENT) (EventID: 481) (User: ) Description: wuaueng.dll (1196) SUS20ClientDataStore: Próba odczytu z pliku "C:\Windows\SoftwareDistribution\DataStore\DataStore.edb" na pozycji względnej 119177216 (0x00000000071a8000) w ilości 32768 (0x00008000) bajtów zakończyła się niepomyślnie po wuaueng.dll0 s z błędem systemowym 23 (0x00000017): "Błąd danych (CRC). ". Operacja odczytu zostanie zakończona z błędem -1021 (0xfffffc03). Jeśli ta sytuacja będzie się powtarzać, plik może być uszkodzony i być może konieczne będzie przywrócenie go z wcześniejszej kopii zapasowej. Error: (11/29/2014 08:48:06 PM) (Source: ESENT) (EventID: 481) (User: ) Description: wuaueng.dll (1196) SUS20ClientDataStore: Próba odczytu z pliku "C:\Windows\SoftwareDistribution\DataStore\DataStore.edb" na pozycji względnej 119177216 (0x00000000071a8000) w ilości 32768 (0x00008000) bajtów zakończyła się niepomyślnie po wuaueng.dll0 s z błędem systemowym 23 (0x00000017): "Błąd danych (CRC). ". Operacja odczytu zostanie zakończona z błędem -1021 (0xfffffc03). Jeśli ta sytuacja będzie się powtarzać, plik może być uszkodzony i być może konieczne będzie przywrócenie go z wcześniejszej kopii zapasowej. System errors: ============= Error: (11/30/2014 00:04:41 AM) (Source: DCOM) (EventID: 10005) (User: ) Description: 1084MSIServer{000C101C-0000-0000-C000-000000000046} Error: (11/29/2014 09:29:19 PM) (Source: Service Control Manager) (EventID: 7001) (User: ) Description: Usługa Przeglądarka komputera zależy od usługi Serwer, której nie można uruchomić z powodu następującego błędu: %%1068 Error: (11/29/2014 09:29:19 PM) (Source: Service Control Manager) (EventID: 7001) (User: ) Description: Usługa Przeglądarka komputera zależy od usługi Serwer, której nie można uruchomić z powodu następującego błędu: %%1068 Error: (11/29/2014 09:29:19 PM) (Source: Service Control Manager) (EventID: 7001) (User: ) Description: Usługa Przeglądarka komputera zależy od usługi Serwer, której nie można uruchomić z powodu następującego błędu: %%1068 Error: (11/29/2014 09:29:19 PM) (Source: DCOM) (EventID: 10005) (User: ) Description: 1084WSearch{9E175B6D-F52A-11D8-B9A5-505054503030} Error: (11/29/2014 09:29:18 PM) (Source: Service Control Manager) (EventID: 7001) (User: ) Description: Usługa Dostawca grupy domowej zależy od usługi Host dostawcy odnajdowania funkcji, której nie można uruchomić z powodu następującego błędu: %%1068 Error: (11/29/2014 09:29:17 PM) (Source: Service Control Manager) (EventID: 7001) (User: ) Description: Usługa Przeglądarka komputera zależy od usługi Serwer, której nie można uruchomić z powodu następującego błędu: %%1068 Error: (11/29/2014 09:29:17 PM) (Source: Service Control Manager) (EventID: 7001) (User: ) Description: Usługa Przeglądarka komputera zależy od usługi Serwer, której nie można uruchomić z powodu następującego błędu: %%1068 Error: (11/29/2014 09:29:17 PM) (Source: Service Control Manager) (EventID: 7001) (User: ) Description: Usługa Przeglądarka komputera zależy od usługi Serwer, której nie można uruchomić z powodu następującego błędu: %%1068 Error: (11/29/2014 09:29:17 PM) (Source: Service Control Manager) (EventID: 7001) (User: ) Description: Usługa Przeglądarka komputera zależy od usługi Serwer, której nie można uruchomić z powodu następującego błędu: %%1068 Microsoft Office Sessions: ========================= ==================== Memory info =========================== Processor: AMD Phenom(tm) II X4 945 Processor Percentage of memory in use: 33% Total physical RAM: 3327.18 MB Available physical RAM: 2224.4 MB Total Pagefile: 6652.64 MB Available Pagefile: 5627.93 MB Total Virtual: 2047.88 MB Available Virtual: 1873.12 MB ==================== Drives ================================ Drive c: () (Fixed) (Total:90 GB) (Free:33.55 GB) NTFS ==>[Drive with boot components (obtained from BCD)] Drive d: () (Fixed) (Total:110 GB) (Free:50.09 GB) NTFS Drive e: () (Fixed) (Total:265.75 GB) (Free:125.11 GB) NTFS ==================== MBR & Partition Table ================== ======================================================== Disk: 0 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: 22D622D5) Partition 1: (Active) - (Size=90 GB) - (Type=07 NTFS) Partition 2: (Not Active) - (Size=375.7 GB) - (Type=OF Extended) ==================== End Of Log ============================