Additional scan result of Farbar Recovery Scan Tool (x64) Version: 06-12-2014 02 Ran by Tomasz at 2014-12-06 20:50:11 Running from C:\Users\Tomasz\Downloads Boot Mode: Normal ========================================================== ==================== Security Center ======================== (If an entry is included in the fixlist, it will be removed.) AV: Ad-Aware Antivirus (Enabled - Up to date) {D87B6541-12A1-DAEA-0033-9B8057AAB996} AS: Ad-Aware Antivirus (Enabled - Up to date) {631A84A5-349B-D564-3A83-A0F22C2DF32B} AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} FW: Ad-Aware Firewall (Disabled) {E040E464-58CE-DBB2-2B6C-32B5A979FEED} ==================== Installed Programs ====================== (Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.) Ad-Aware Antivirus (HKLM\...\{E39A80AE-0CC0-43EE-AB6B-BE11DC4F969F}_AdAwareUpdater) (Version: 11.3.6321.0 - Lavasoft) AdAwareInstaller (Version: 11.3.6321.0 - Lavasoft) Hidden AdAwareUpdater (Version: 11.3.6321.0 - Lavasoft) Hidden Adobe Flash Player 15 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 15.0.0.239 - Adobe Systems Incorporated) Adobe Reader XI (11.0.09) - Polish (HKLM-x32\...\{AC76BA86-7AD7-1045-7B44-AB0000000001}) (Version: 11.0.09 - Adobe Systems Incorporated) Aktualizacje NVIDIA 15.3.33 (Version: 15.3.33 - NVIDIA Corporation) Hidden Antares Auto-Tune 7 VST (HKLM-x32\...\{D08EEB75-E3D5-4E93-9E1D-441A261E6B9A}) (Version: 7.01.0002 - Antares Audio Technologies) Antares Auto-Tune Evo VST (HKLM-x32\...\{FFF74EC9-1FF4-4456-99E3-4F05129F4FAB}) (Version: 6.00.0009 - Antares Audio Technologies) AntimalwareEngine (Version: 3.0.0.56 - Lavasoft) Hidden AntispamEngine (Version: 2.4.2158.0 - Lavasoft) Hidden Apple Mobile Device Support (HKLM\...\{6AF2AC2A-3532-43FD-9F4D-BDC9C0D724C7}) (Version: 7.1.2.6 - Apple Inc.) Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.) Atheros Communications Inc.(R) AR81Family Gigabit/Fast Ethernet Driver (HKLM-x32\...\{3108C217-BE83-42E4-AE9E-A56A2A92E549}) (Version: 2.0.9.9 - Atheros Communications Inc.) Atheros WLAN Client Installation Program (HKLM-x32\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 9.0 - Atheros) Battlefield 1942 WWII Anthology HD (HKLM-x32\...\{41AA2A65-DC47-4A15-9EBB-7D2B1FB1A51E}_is1) (Version: 1.61 - Electronic Arts) BitComet 1.37 64-bit (HKLM-x32\...\BitComet_x64) (Version: 1.37 - CometNetwork) Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.) BroForce: October Update (HKLM-x32\...\BroForce: October Update2598) (Version: 2598 - Mariano.Silkiest) Crimsonland (HKLM-x32\...\Crimsonland_is1) (Version: - ) CrystalDiskInfo 6.2.2 (HKLM-x32\...\CrystalDiskInfo_is1) (Version: 6.2.2 - Crystal Dew World) Energy Management (HKLM-x32\...\InstallShield_{D0956C11-0F60-43FE-99AD-524E833471BB}) (Version: 7.0.3.4 - Lenovo) Energy Management (x32 Version: 7.0.3.4 - Lenovo) Hidden Facebook Video Calling 3.1.0.521 (HKLM-x32\...\{2091F234-EB58-4B80-8C96-8EB78C808CF7}) (Version: 3.1.521 - Skype Limited) FirewallEngine (Version: 1.6.0.0 - Lavasoft) Hidden Full Tilt Poker.Eu (HKLM-x32\...\{127BEFB3-24B2-4B44-8E99-AD22C2A5A8ED}) (Version: 5.22.50.WIN.FullTilt.EU - ) Google Chrome (HKLM-x32\...\Google Chrome) (Version: 39.0.2171.71 - Google Inc.) Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden HD Tune 2.55 (HKLM-x32\...\HD Tune_is1) (Version: - EFD Software) HWiNFO64 Version 4.48 (HKLM\...\HWiNFO64_is1) (Version: 4.48 - Martin Malík - REALiX) Interlok driver setup x64 (HKLM\...\{25613C10-27D2-410B-942B-D922D5C3A7BE}) (Version: 5.9.5 - PACE Anti-Piracy, Inc.) iTunes (HKLM\...\{77DE5105-D05E-448C-96CB-7FA381903753}) (Version: 11.3.1.2 - Apple Inc.) iZotope Ozone 4 (HKLM-x32\...\iZotope Ozone 4_is1) (Version: 4.00 - iZotope, Inc.) Java 7 Update 67 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F03217067FF}) (Version: 7.0.670 - Oracle) LEGO MARVEL Super Heroes (HKLM-x32\...\LEGO MARVEL Super Heroes_is1) (Version: - Warner Bros. Games) ManyCam 4.0.110 (HKLM-x32\...\ManyCam) (Version: 4.0.110 - Visicom Media Inc.) Mass Effect (HKLM-x32\...\{1B0FBB9A-995D-47cd-87CD-13E68B676E4F}) (Version: 1.00 - Electronic Arts, Inc.) M-Audio FastTrackPro Driver 6.0.2 (x64) (HKLM\...\{6FAE1C58-CF7D-4F02-9597-BC7191B810F6}) (Version: 6.0.2 - M-Audio) Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50938 - Microsoft Corporation) Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation) Microsoft .NET Framework 4.5.1 (Polski) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1045) (Version: 4.5.50938 - Microsoft Corporation) Microsoft Mouse and Keyboard Center (HKLM\...\Microsoft Mouse and Keyboard Center) (Version: 2.3.145.0 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022.218 (HKLM-x32\...\{E503B4BF-F7BB-3D5F-8BC8-F694B1CFF942}) (Version: 9.0.21022.218 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.51106 (HKLM-x32\...\{8e70e4e1-06d7-470b-9f74-a51bef21088e}) (Version: 11.0.51106.1 - Microsoft Corporation) Microsoft Xbox One Controller for Windows (HKLM\...\{DC2CB48C-FD96-48EB-A36A-7D995BB587EB}) (Version: 1.0.2 - Microsoft Corporation) mIRC (HKLM-x32\...\mIRC) (Version: 7.22 - mIRC Co. Ltd.) MotioninJoy Gamepad tool 0.7.1001 (HKLM\...\{330DAC67-5B62-452A-A0E4-6B4A5923940F}_is1) (Version: 0.7.1001 - www.motioninjoy.com) NapiProjekt (2.2.0.2399) (HKLM-x32\...\NapiProjekt_is1) (Version: - ) NVIDIA GeForce Experience 2.1.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.1.1 - NVIDIA Corporation) NVIDIA Oprogramowanie systemu PhysX 9.13.1220 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.13.1220 - NVIDIA Corporation) NVIDIA Sterownik graficzny 340.52 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 340.52 - NVIDIA Corporation) Obsługa programów Apple (HKLM-x32\...\{78002155-F025-4070-85B3-7C0453561701}) (Version: 3.0.6 - Apple Inc.) OnlineThreatsEngine (Version: 2.2.3.0 - Lavasoft) Hidden Pakiet sterowników systemu Windows - Lenovo (ACPIVPC) System (12/15/2011 7.1.0.1) (HKLM\...\99841829BE839365AA67B2AD0E50D371F59F8A1E) (Version: 12/15/2011 7.1.0.1 - Lenovo) Panel sterowania NVIDIA 340.52 (Version: 340.52 - NVIDIA Corporation) Hidden PokerStars.eu (HKLM-x32\...\PokerStars.eu) (Version: - PokerStars.eu) PowerISO (HKLM-x32\...\PowerISO) (Version: 5.0 - Power Software Ltd) Realtek USB 2.0 Reader Driver (HKLM-x32\...\{62BBB2F0-E220-4821-A564-730807D2C34D}) (Version: 6.1.7601.39016 - Realtek Semiconductor Corp.) SeaTools for Windows (HKLM-x32\...\SeaTools for Windows) (Version: - Seagate Technology) SHIELD Streaming (Version: 3.1.100 - NVIDIA Corporation) Hidden Skype Click to Call (HKLM-x32\...\{6D1221A9-17BF-4EC0-81F2-27D30EC30701}) (Version: 7.3.16540.9015 - Microsoft Corporation) Skype™ 6.21 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 6.21.104 - Skype Technologies S.A.) Southpark Stick of Truth (HKLM-x32\...\U291dGhwYXJrU3RpY2tvZlRydXRo_is1) (Version: 1 - ) Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation) Steinberg Cubase 5 (HKLM-x32\...\{4A19D6AC-ADE0-4A07-80FF-9C9812C45557}) (Version: 5.1.0 - Steinberg Media Technologies GmbH) Steinberg Drum Loop Expansion 01 (HKLM-x32\...\{490BF87E-1F75-4453-BF55-9F540543A3CA}) (Version: 1.0.0.1 - Steinberg Media Technologies GmbH) Steinberg Groove Agent ONE Content (HKLM-x32\...\{BD86F1AC-B594-46E4-85DC-1258AC9E2232}) (Version: 1.0.0.003 - Steinberg Media Technologies GmbH) Steinberg HALionOne (HKLM-x32\...\{E70E7159-93B1-470D-9FBD-D8E9EF34B538}) (Version: 1.1.0.457 - Steinberg Media Technologies GmbH) Steinberg HALionOne Additional Content Set 01 (HKLM-x32\...\{F3AFD063-8BAD-485E-B641-E7F5A2C5AE71}) (Version: 1.0.0.001 - Steinberg Media Technologies GmbH) Steinberg HALionOne Expression Set (HKLM-x32\...\{E22AD5D3-EB60-4A8F-835C-6C10E369DCE2}) (Version: 1.0.1.0 - Steinberg Media Technologies GmbH) Steinberg HALionOne GM Drum Set (HKLM-x32\...\{AC997F93-0757-4ED4-A701-F40C2D654D09}) (Version: 1.0.1.457 - Steinberg Media Technologies GmbH) Steinberg HALionOne GM Set (HKLM-x32\...\{F057965A-D974-4C64-ADB1-4381CD4B8956}) (Version: 1.0.1.457 - Steinberg Media Technologies GmbH) Steinberg HALionOne Pro Set (HKLM-x32\...\{D82CDA0D-C182-42C8-8FF2-5649C98D6003}) (Version: 1.0.1.457 - Steinberg Media Technologies GmbH) Steinberg HALionOne Studio Drum Set (HKLM-x32\...\{865D9ED1-EAC2-436D-AFA7-0B750EB5AAAB}) (Version: 1.0.1.457 - Steinberg Media Technologies GmbH) Steinberg HALionOne Studio Set (HKLM-x32\...\{D23CBFDA-C46B-4920-BA70-FC7878A3F05A}) (Version: 1.0.1.457 - Steinberg Media Technologies GmbH) Steinberg LoopMash Content (HKLM-x32\...\{4D454CF8-12FD-464D-B57B-B46FE27B78BB}) (Version: 1.0.0.005 - Steinberg Media Technologies GmbH) Steinberg REVerence Content 01 (HKLM-x32\...\{532B917B-8235-4FA5-BE36-643A8BB053A5}) (Version: 1.0.0.006 - Steinberg Media Technologies GmbH) Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 16.0.5.3 - Synaptics Incorporated) The Expendabros (HKLM-x32\...\Steam App 312990) (Version: - Free Lives) ThinkPad Tablet Button Driver (HKLM-x32\...\{26903C89-780A-463E-8CBD-E47A73927254}) (Version: 3.02.000 - ) Truck Dismount (remove only) (HKLM-x32\...\Rekkaturvat) (Version: - ) Unity Web Player (HKU\S-1-5-21-4127373889-184567200-978585537-1000\...\UnityWebPlayer) (Version: 4.6.0f2 - Unity Technologies ApS) Virtual DJ Pro Full - Atomix Productions (HKLM-x32\...\Virtual DJ Pro Full - Atomix Productions) (Version: - ) VLC media player (HKLM\...\VLC media player) (Version: 2.1.5 - VideoLAN) Watchmen: The End is Nigh (HKLM-x32\...\{EB644850-2B95-4D66-9C29-2B34CAC25947}_is1) (Version: - Warner Bros. Interactive Entertainment) WindowsMangerProtect20.0.0.722 (HKLM-x32\...\WindowsMangerProtect) (Version: 20.0.0.722 - WindowsProtect LIMITED) <==== ATTENTION WinRAR 5.11 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.11.0 - win.rar GmbH) YTD Video Downloader 4.8.6 (HKLM-x32\...\{1a413f37-ed88-4fec-9666-5c48dc4b7bb7}) (Version: 4.8.6 - GreenTree Applications SRL) <==== ATTENTION ==================== Custom CLSID (selected items): ========================== (If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.) CustomCLSID: HKU\S-1-5-21-4127373889-184567200-978585537-1000_Classes\CLSID\{820D63D5-8CFF-46DE-86AF-4997DEDD6DB5}\localserver32 -> C:\Windows\system32\igfxEM.exe (Intel Corporation) ==================== Restore Points ========================= 25-11-2014 11:58:57 Windows Update 02-12-2014 10:40:28 Windows Update 05-12-2014 00:06:24 Instalacja pakietu sterownika urządzenia: Visicom Media Inc. Urządzenia do obrazowania 05-12-2014 00:07:24 Instalacja pakietu sterownika urządzenia: Visicom Media Inc. Kontrolery dźwięku, wideo i gier 05-12-2014 11:12:16 Windows Update ==================== Hosts content: ========================== (If needed Hosts: directive could be included in the fixlist to reset Hosts.) 2009-07-14 03:34 - 2009-06-10 22:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts ==================== Scheduled Tasks (whitelisted) ============= (If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.) Task: {0928A1C7-ED15-4BF0-AEE7-8F4D2BB2320E} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-11-26] (Adobe Systems Incorporated) Task: {22A0FBD2-2C24-4354-A6F4-945F49CF3548} - System32\Tasks\Java Update Scheduler => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2014-07-25] (Oracle Corporation) Task: {31EB2061-3D9B-4C96-8AB3-BD22EFCEDB14} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.) Task: {446F9B31-50DA-4853-8816-BC3008BC9F36} - System32\Tasks\GoogleUpdateTaskMachineUA1cffec2a6b7b40d => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-08-24] (Google Inc.) Task: {54FF59E9-5E58-43EA-B629-F95665D932CD} - System32\Tasks\Microsoft_MKC_Logon_Task_itype.exe => C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [2013-09-04] (Microsoft Corporation) Task: {6BDB289C-B2F3-4325-9EE2-1398039E79B0} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-4127373889-184567200-978585537-1000Core => C:\Users\Tomasz\AppData\Local\Facebook\Update\FacebookUpdate.exe [2014-10-13] (Facebook Inc.) Task: {9E1F24AD-4F4D-4A4B-A633-98E20F0E2DD0} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-08-24] (Google Inc.) Task: {A1AB0411-B6D6-421E-8DD9-B1D559823017} - System32\Tasks\Microsoft_Hardware_Launch_mousekeyboardcenter_exe => C:\Program Files\Microsoft Mouse and Keyboard Center\mousekeyboardcenter.exe [2013-09-04] (Microsoft) Task: {AB12FD8E-950B-4E7C-8EDB-000688075DDA} - System32\Tasks\Microsoft_MKC_Logon_Task_ipoint.exe => C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2013-09-04] (Microsoft Corporation) Task: {AC6B19B4-98D5-47C3-BBF5-4521EAEC98CD} - System32\Tasks\GoogleUpdateTaskMachineCore1cffec2a4e1dbbb => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-08-24] (Google Inc.) Task: {DB103200-63A2-4F26-9029-C6B9B5EDFEA0} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-08-24] (Google Inc.) Task: {E36168DF-9ABF-496D-9BC8-CB7B1D6DF1BE} - System32\Tasks\Microsoft_Hardware_Launch_ipoint_exe => C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2013-09-04] (Microsoft Corporation) Task: {EB02381F-D652-4B1C-894A-712498C62C51} - \Microsoft\Windows\MUI\LPRemove No Task File <==== ATTENTION Task: {ED12BE4E-7CD8-48F8-9010-00265C1710D3} - System32\Tasks\Microsoft_Hardware_Launch_itype_exe => C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [2013-09-04] (Microsoft Corporation) Task: {F61FB9E2-7439-46EF-A78F-E0EB69F111C7} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-4127373889-184567200-978585537-1000UA => C:\Users\Tomasz\AppData\Local\Facebook\Update\FacebookUpdate.exe [2014-10-13] (Facebook Inc.) Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-4127373889-184567200-978585537-1000Core.job => C:\Users\Tomasz\AppData\Local\Facebook\Update\FacebookUpdate.exe Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-4127373889-184567200-978585537-1000UA.job => C:\Users\Tomasz\AppData\Local\Facebook\Update\FacebookUpdate.exe Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore1cffec2a4e1dbbb.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA1cffec2a6b7b40d.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe ==================== Loaded Modules (whitelisted) ============= 2014-08-24 19:18 - 2014-07-02 21:48 - 00013088 _____ () C:\Program Files\NVIDIA Corporation\CoProcManager\detoured.dll 2014-08-24 19:25 - 2014-07-02 19:55 - 00116568 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll 2008-12-20 02:20 - 2014-08-26 18:29 - 00054088 _____ () C:\Program Files (x86)\Lenovo\Energy Management\HookLib.dll 2012-03-10 15:30 - 2014-08-26 18:29 - 01509936 _____ () C:\Program Files (x86)\Lenovo\Energy Management\EMWpfUI.dll 2012-03-08 14:40 - 2014-08-26 18:29 - 00011096 _____ () C:\Program Files (x86)\Lenovo\Energy Management\pl-PL\EMWpfUI.resources.dll 2014-08-27 11:32 - 2014-08-27 11:32 - 00706864 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.3.6321.0\AdAwareService.exe 2014-08-27 11:53 - 2014-08-27 11:53 - 00103768 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.3.6321.0\boost_thread-vc100-mt-1_55.dll 2014-08-27 11:53 - 2014-08-27 11:53 - 00024408 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.3.6321.0\boost_system-vc100-mt-1_55.dll 2014-08-27 11:53 - 2014-08-27 11:53 - 00033624 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.3.6321.0\boost_chrono-vc100-mt-1_55.dll 2014-08-27 11:53 - 2014-08-27 11:53 - 00055648 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.3.6321.0\boost_date_time-vc100-mt-1_55.dll 2014-08-27 11:53 - 2014-08-27 11:53 - 00123744 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.3.6321.0\boost_filesystem-vc100-mt-1_55.dll 2014-08-27 11:52 - 2014-08-27 11:52 - 11947856 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.3.6321.0\AdAwareServiceKernel.dll 2014-08-27 11:53 - 2014-08-27 11:53 - 03396400 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.3.6321.0\RCF.dll 2014-08-27 11:53 - 2014-08-27 11:53 - 00788824 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.3.6321.0\boost_regex-vc100-mt-1_55.dll 2014-08-27 11:52 - 2014-08-27 11:52 - 00734536 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.3.6321.0\AdAwareActivation.dll 2014-08-27 11:52 - 2014-08-27 11:52 - 02167640 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.3.6321.0\AdAwareApplicationUpdater.dll 2014-08-27 11:52 - 2014-08-27 11:52 - 00813896 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.3.6321.0\AdAwareGamingMode.dll 2014-08-27 11:52 - 2014-08-27 11:52 - 00098624 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.3.6321.0\AdAwareReset.dll 2014-08-27 11:53 - 2014-08-27 11:53 - 00120128 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.3.6321.0\AdAwareTime.dll 2014-08-27 11:52 - 2014-08-27 11:52 - 00943960 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.3.6321.0\AdAwareDefinitionsUpdater.dll 2014-08-27 11:52 - 2014-08-27 11:52 - 00869224 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.3.6321.0\AdAwareDefinitionsUpdaterScheduler.dll 2014-08-27 11:52 - 2014-08-27 11:52 - 01105224 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.3.6321.0\AdAwareIgnoreList.dll 2014-08-27 11:52 - 2014-08-27 11:52 - 00247624 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.3.6321.0\AdAwareQuarantine.dll 2014-08-27 11:52 - 2014-08-27 11:52 - 00988504 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.3.6321.0\AdAwareAntiMalwareEngine.dll 2014-08-27 11:52 - 2014-08-27 11:52 - 00212824 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.3.6321.0\AdAwareAntiRootkitEngine.dll 2014-08-27 11:52 - 2014-08-27 11:52 - 01172816 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.3.6321.0\AdAwareScannerHistory.dll 2014-08-27 11:52 - 2014-08-27 11:52 - 01277248 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.3.6321.0\AdAwareScanner.dll 2014-08-27 11:53 - 2014-08-27 11:53 - 00035160 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.3.6321.0\boost_timer-vc100-mt-1_55.dll 2014-08-27 11:52 - 2014-08-27 11:52 - 00975192 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.3.6321.0\AdAwareScannerScheduler.dll 2014-08-27 11:52 - 2014-08-27 11:52 - 01109336 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.3.6321.0\AdAwareRealTimeProtection.dll 2014-08-27 11:52 - 2014-08-27 11:52 - 00229200 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.3.6321.0\AdAwareIncompatibles.dll 2014-08-27 11:52 - 2014-08-27 11:52 - 00891720 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.3.6321.0\AdAwareAntiSpam.dll 2014-08-27 11:52 - 2014-08-27 11:52 - 00843088 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.3.6321.0\AdAwareAntiPhishing.dll 2014-08-27 11:52 - 2014-08-27 11:52 - 03090768 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.3.6321.0\AdAwareParentalControl.dll 2014-08-27 11:53 - 2014-08-27 11:53 - 02624848 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.3.6321.0\AdAwareWebProtection.dll 2014-08-27 11:52 - 2014-08-27 11:52 - 01067344 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.3.6321.0\AdAwareEmailProtection.dll 2014-08-27 11:52 - 2014-08-27 11:52 - 01290584 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.3.6321.0\AdAwareNetworkProtection.dll 2014-08-27 11:52 - 2014-08-27 11:52 - 01004352 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.3.6321.0\AdAwarePromo.dll 2014-08-27 11:52 - 2014-08-27 11:52 - 00343880 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.3.6321.0\AdAwareFeedback.dll 2014-08-27 11:53 - 2014-08-27 11:53 - 02787160 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.3.6321.0\AdAwareThreatWorkAlliance.dll 2014-08-27 11:52 - 2014-08-27 11:52 - 01238848 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.3.6321.0\AdAwarePinCode.dll 2014-08-27 11:52 - 2014-08-27 11:52 - 01004864 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.3.6321.0\AdAwareNotice.dll 2014-08-27 11:52 - 2014-08-27 11:52 - 00928072 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.3.6321.0\AdAwareAvcEngine.dll 2014-08-27 11:53 - 2014-08-27 11:53 - 00154944 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.3.6321.0\SecurityCenter.dll 2014-08-24 12:36 - 2014-04-22 16:28 - 00156936 _____ () C:\Windows\system32\bdfwcore.dll 2014-04-22 16:29 - 2014-08-24 15:44 - 00766976 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Online Threats Engine\2.2.3.0\definitions\loc1\ashttpbr.mdl 2014-04-22 16:29 - 2014-08-24 15:44 - 00556032 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Online Threats Engine\2.2.3.0\definitions\loc1\ashttpdsp.mdl 2014-04-22 16:29 - 2014-08-24 15:44 - 02575360 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Online Threats Engine\2.2.3.0\definitions\loc1\ashttpph.mdl 2014-04-22 16:29 - 2014-08-24 15:44 - 01306112 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Online Threats Engine\2.2.3.0\definitions\loc1\ashttprbl.mdl 2008-12-20 02:20 - 2014-08-26 18:29 - 00054088 _____ () C:\Program Files (x86)\Lenovo\Energy Management\kbdhook.dll 2014-08-27 11:53 - 2014-08-27 11:53 - 08886592 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.3.6321.0\AdAwareTray.exe 2014-08-27 11:53 - 2014-08-27 11:53 - 00500056 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.3.6321.0\boost_locale-vc100-mt-1_55.dll 2014-08-27 11:53 - 2014-08-27 11:53 - 02101568 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.3.6321.0\HtmlFramework.dll 2014-08-27 11:53 - 2014-08-27 11:53 - 00066872 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.3.6321.0\DllStorage.dll 2014-08-27 11:53 - 2014-08-27 11:53 - 00832848 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.3.6321.0\AdAwareTrayDefaultSkin.dll 2014-08-27 11:53 - 2014-08-27 11:53 - 00811328 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.3.6321.0\Localization.dll 2014-11-05 19:53 - 2014-11-05 19:53 - 00076888 _____ () C:\Windows\SysWOW64\PnkBstrA.exe 2014-11-05 19:53 - 2014-11-05 19:53 - 00189248 _____ () C:\Windows\SysWOW64\PnkBstrB.exe 2014-07-31 11:16 - 2014-07-31 11:16 - 00073544 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll 2014-07-31 11:16 - 2014-07-31 11:16 - 01044776 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll 2014-08-24 19:18 - 2014-07-02 21:48 - 00013272 _____ () C:\Program Files (x86)\NVIDIA Corporation\CoProcManager\detoured.dll 2014-11-26 16:57 - 2014-11-25 07:39 - 01077064 _____ () C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.71\libglesv2.dll 2014-11-26 16:57 - 2014-11-25 07:39 - 00211272 _____ () C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.71\libegl.dll 2014-11-26 16:57 - 2014-11-25 07:39 - 09009480 _____ () C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.71\pdf.dll 2014-11-26 16:57 - 2014-11-25 07:39 - 01677128 _____ () C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.71\ffmpegsumo.dll 2014-11-26 16:57 - 2014-11-25 07:39 - 14910280 _____ () C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.71\PepperFlash\pepflashplayer.dll ==================== Alternate Data Streams (whitelisted) ========= (If an entry is included in the fixlist, only the Alternate Data Streams will be removed.) AlternateDataStreams: C:\ProgramData\TEMP:55B41E6A AlternateDataStreams: C:\Users\Tomasz\AppData\Local\KcCnB2erGUUYkTW:FjXK1dyqYwsxbDJ0i5N42SHU8 AlternateDataStreams: C:\Users\Tomasz\AppData\Local\VI7QnoEIBV:Qm2tMFbGXscLHdDZqgIGK ==================== Safe Mode (whitelisted) =================== (If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.) ==================== EXE Association (whitelisted) ============= (If an entry is included in the fixlist, the default will be restored. None default entries will be removed.) ==================== MSCONFIG/TASK MANAGER disabled items ========= (Currently there is no automatic fix for this section.) ========================= Accounts: ========================== Administrator (S-1-5-21-4127373889-184567200-978585537-500 - Administrator - Disabled) Gast (S-1-5-21-4127373889-184567200-978585537-501 - Limited - Disabled) HomeGroupUser$ (S-1-5-21-4127373889-184567200-978585537-1002 - Limited - Enabled) Tomasz (S-1-5-21-4127373889-184567200-978585537-1000 - Administrator - Enabled) => C:\Users\Tomasz ==================== Faulty Device Manager Devices ============= ==================== Event log errors: ========================= Application errors: ================== Error: (12/06/2014 08:30:58 PM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (12/06/2014 06:20:57 PM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (12/06/2014 10:27:41 AM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (12/05/2014 05:01:03 PM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (12/05/2014 00:31:20 PM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: m->NextScheduledSPRetry 4071 Error: (12/05/2014 00:31:20 PM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: m->NextScheduledEvent 4071 Error: (12/05/2014 00:31:20 PM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: Continuously busy for more than a second Error: (12/05/2014 00:31:19 PM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: m->NextScheduledSPRetry 3057 Error: (12/05/2014 00:31:19 PM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: m->NextScheduledEvent 3057 Error: (12/05/2014 00:31:19 PM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: Continuously busy for more than a second System errors: ============= Error: (12/06/2014 08:29:17 PM) (Source: BTHUSB) (EventID: 17) (User: ) Description: W lokalnym adapterze Bluetooth wystąpił nieokreślony błąd. Adapter nie będzie używany. Sterownik został usunięty z pamięci. Error: (12/06/2014 06:19:13 PM) (Source: BTHUSB) (EventID: 17) (User: ) Description: W lokalnym adapterze Bluetooth wystąpił nieokreślony błąd. Adapter nie będzie używany. Sterownik został usunięty z pamięci. Error: (12/06/2014 01:14:10 PM) (Source: BTHUSB) (EventID: 17) (User: ) Description: W lokalnym adapterze Bluetooth wystąpił nieokreślony błąd. Adapter nie będzie używany. Sterownik został usunięty z pamięci. Error: (12/06/2014 10:25:53 AM) (Source: BTHUSB) (EventID: 17) (User: ) Description: W lokalnym adapterze Bluetooth wystąpił nieokreślony błąd. Adapter nie będzie używany. Sterownik został usunięty z pamięci. Error: (12/05/2014 00:36:37 PM) (Source: BTHUSB) (EventID: 17) (User: ) Description: W lokalnym adapterze Bluetooth wystąpił nieokreślony błąd. Adapter nie będzie używany. Sterownik został usunięty z pamięci. Error: (12/05/2014 00:07:40 PM) (Source: BTHUSB) (EventID: 17) (User: ) Description: W lokalnym adapterze Bluetooth wystąpił nieokreślony błąd. Adapter nie będzie używany. Sterownik został usunięty z pamięci. Error: (12/04/2014 03:53:34 PM) (Source: BTHUSB) (EventID: 17) (User: ) Description: W lokalnym adapterze Bluetooth wystąpił nieokreślony błąd. Adapter nie będzie używany. Sterownik został usunięty z pamięci. Error: (12/04/2014 00:29:56 PM) (Source: BTHUSB) (EventID: 17) (User: ) Description: W lokalnym adapterze Bluetooth wystąpił nieokreślony błąd. Adapter nie będzie używany. Sterownik został usunięty z pamięci. Error: (12/04/2014 04:40:21 AM) (Source: BTHUSB) (EventID: 17) (User: ) Description: W lokalnym adapterze Bluetooth wystąpił nieokreślony błąd. Adapter nie będzie używany. Sterownik został usunięty z pamięci. Error: (12/03/2014 04:22:21 PM) (Source: BTHUSB) (EventID: 17) (User: ) Description: W lokalnym adapterze Bluetooth wystąpił nieokreślony błąd. Adapter nie będzie używany. Sterownik został usunięty z pamięci. Microsoft Office Sessions: ========================= Error: (12/06/2014 08:30:58 PM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (12/06/2014 06:20:57 PM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (12/06/2014 10:27:41 AM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (12/05/2014 05:01:03 PM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (12/05/2014 00:31:20 PM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: m->NextScheduledSPRetry 4071 Error: (12/05/2014 00:31:20 PM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: m->NextScheduledEvent 4071 Error: (12/05/2014 00:31:20 PM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: Continuously busy for more than a second Error: (12/05/2014 00:31:19 PM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: m->NextScheduledSPRetry 3057 Error: (12/05/2014 00:31:19 PM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: m->NextScheduledEvent 3057 Error: (12/05/2014 00:31:19 PM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: Continuously busy for more than a second CodeIntegrity Errors: =================================== Date: 2014-08-24 19:20:18.615 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Users\Tomasz\AppData\Local\Temp\EverestDriver.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2014-08-24 19:20:18.599 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Users\Tomasz\AppData\Local\Temp\EverestDriver.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2014-08-24 19:20:18.319 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\Lavalys\EVEREST Home Edition\kerneld.amd64 because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2014-08-24 19:20:18.319 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\Lavalys\EVEREST Home Edition\kerneld.amd64 because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. ==================== Memory info =========================== Processor: Intel(R) Core(TM) i5-3230M CPU @ 2.60GHz Percentage of memory in use: 31% Total physical RAM: 8094.36 MB Available physical RAM: 5526.71 MB Total Pagefile: 16186.89 MB Available Pagefile: 13299.55 MB Total Virtual: 8192 MB Available Virtual: 8191.82 MB ==================== Drives ================================ Drive c: () (Fixed) (Total:98.5 GB) (Free:37.21 GB) NTFS Drive d: () (Fixed) (Total:831.83 GB) (Free:527.63 GB) NTFS ==================== MBR & Partition Table ================== ======================================================== Disk: 0 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: C3FFC3FF) Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS) Partition 2: (Not Active) - (Size=98.5 GB) - (Type=07 NTFS) Partition 3: (Not Active) - (Size=831.8 GB) - (Type=07 NTFS) Partition 4: (Not Active) - (Size=1.1 GB) - (Type=12) ==================== End Of Log ============================