Additional scan result of Farbar Recovery Scan Tool (x64) Version: 11-12-2014 01 Ran by LRozycki at 2014-12-11 21:41:59 Running from C:\Users\LRozycki\Downloads Boot Mode: Normal ========================================================== ==================== Security Center ======================== (If an entry is included in the fixlist, it will be removed.) AV: Avira Desktop (Enabled - Up to date) {4D041356-F94D-285F-8768-AAE50FA36859} AS: Avira Desktop (Enabled - Up to date) {F665F2B2-DF77-27D1-BDD8-9197742422E4} AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: Comodo Defense+ (Enabled - Up to date) {4BDD6856-AF0D-06BD-38AB-8A0FE39860CC} FW: COMODO Firewall (Enabled) {C8870897-C358-086B-2944-184866CC6D0A} ==================== Installed Programs ====================== (Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.) Adobe Flash Player 15 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 15.0.0.189 - Adobe Systems Incorporated) Adobe Reader XI (11.0.10) - Polish (HKLM-x32\...\{AC76BA86-7AD7-1045-7B44-AB0000000001}) (Version: 11.0.10 - Adobe Systems Incorporated) Aktualizacja produktu Microsoft Office Excel 2007 Help (KB963678) (HKLM-x32\...\{90120000-0016-0415-0000-0000000FF1CE}_HOMESTUDENTR_{04E205D6-88B1-4652-B162-42DF2C3B1228}) (Version: - Microsoft) Aktualizacja produktu Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM-x32\...\{90120000-0018-0415-0000-0000000FF1CE}_HOMESTUDENTR_{442ECBCF-94A7-48CC-8CD9-D31FFFD5FA86}) (Version: - Microsoft) Aktualizacja produktu Microsoft Office Word 2007 Help (KB963665) (HKLM-x32\...\{90120000-001B-0415-0000-0000000FF1CE}_HOMESTUDENTR_{128A36ED-21BE-4547-9FFE-5B85AEC735DD}) (Version: - Microsoft) Atheros Bluetooth Suite (64) (HKLM\...\{230D1595-57DA-4933-8C4E-375797EBB7E1}) (Version: 7.4.0.165 - Atheros) Avira (HKLM-x32\...\{9480d4af-12b9-4e56-8034-4031ef6ab39d}) (Version: 1.1.25.25607 - Avira Operations GmbH & Co. KG) Avira (x32 Version: 1.1.25.25607 - Avira Operations GmbH & Co. KG) Hidden Avira Free Antivirus (HKLM-x32\...\Avira AntiVir Desktop) (Version: 14.0.7.342 - Avira) Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment) CCleaner (HKLM\...\CCleaner) (Version: 4.12 - Piriform) COMODO Firewall (HKLM\...\{901D1D88-408D-48E5-80DD-CC3145BD8456}) (Version: 6.3.39949.2976 - COMODO Security Solutions Inc.) Conexant HD Audio (HKLM\...\CNXT_AUDIO_HDA) (Version: 8.64.49.0 - Conexant) Energy Management (HKLM-x32\...\InstallShield_{D0956C11-0F60-43FE-99AD-524E833471BB}) (Version: 7.0.3.4 - Lenovo) Energy Management (x32 Version: 7.0.3.4 - Lenovo) Hidden foobar2000 v1.3.1 (HKLM-x32\...\foobar2000) (Version: 1.3.1 - Peter Pawlowski) Hearthstone (HKLM-x32\...\Hearthstone) (Version: - Blizzard Entertainment) Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.0.0.1310 - Intel Corporation) Intel(R) USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 2.5.0.19 - Intel Corporation) Java 7 Update 60 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F06417060FF}) (Version: 7.0.600 - Oracle) K-Lite Codec Pack 10.4.0 Full (HKLM-x32\...\KLiteCodecPack_is1) (Version: 10.4.0 - ) Lenovo EasyCamera (HKLM-x32\...\{E0A7ED39-8CD6-4351-93C3-69CCA00D12B4}) (Version: 6.2.9200.10227 - Realtek Semiconductor Corp.) Malwarebytes Anti-Malware wersja 2.0.3.1025 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.3.1025 - Malwarebytes Corporation) McAfee SiteAdvisor (HKLM-x32\...\{35ED3F83-4BDC-4c44-8EC6-6A8301C7413A}) (Version: 3.7.154 - McAfee, Inc.) Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation) Microsoft .NET Framework 4.5.1 (Polski) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1045) (Version: 4.5.50938 - Microsoft Corporation) Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft) Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation) Microsoft Office Home and Student 2007 (HKLM-x32\...\HOMESTUDENTR) (Version: 12.0.6612.1000 - Microsoft Corporation) Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.31010.0 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Mozilla Firefox 34.0.5 (x86 pl) (HKLM-x32\...\Mozilla Firefox 34.0.5 (x86 pl)) (Version: 34.0.5 - Mozilla) Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 29.0.1 - Mozilla) Pakiet sterowników systemu Windows - Lenovo (ACPIVPC) System (12/15/2011 7.1.0.1) (HKLM\...\99841829BE839365AA67B2AD0E50D371F59F8A1E) (Version: 12/15/2011 7.1.0.1 - Lenovo) Qualcomm Atheros Communications Inc.(R) AR81Family Gigabit/Fast Ethernet Driver (HKLM-x32\...\{3108C217-BE83-42E4-AE9E-A56A2A92E549}) (Version: 2.1.0.12 - Qualcomm Atheros Communications Inc.) Realtek Card Reader (HKLM-x32\...\{F0A8BF4A-972F-41E0-9800-1EFE3BF28266}) (Version: 6.2.9200.39044 - Realtek Semiconductor Corp.) SopCast 3.8.3 (HKLM-x32\...\SopCast) (Version: 3.8.3 - www.sopcast.com) SpeedFan (remove only) (HKLM-x32\...\SpeedFan) (Version: - ) Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft) WinRAR 5.01 (64-bitowy) (HKLM\...\WinRAR archiver) (Version: 5.01.0 - win.rar GmbH) ==================== Custom CLSID (selected items): ========================== (If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.) ==================== Restore Points ========================= 05-12-2014 16:42:06 Windows Update 09-12-2014 23:17:57 Windows Update 10-12-2014 00:06:37 Windows Update ==================== Hosts content: ========================== (If needed Hosts: directive could be included in the fixlist to reset Hosts.) 2009-07-14 03:34 - 2009-06-10 22:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts ==================== Scheduled Tasks (whitelisted) ============= (If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.) Task: {1F7A99E9-769A-4C97-9CCA-248C75188B98} - System32\Tasks\COMODO\COMODO Signature Update {B9D5C6F9-17D2-4917-8BD0-614BAA1C6A59} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe [2014-12-09] (COMODO) Task: {7D8B7D3D-AFC2-4606-8A9F-AF6B0E63F9F8} - System32\Tasks\COMODO\COMODO Autostart {D5EFF3B3-E126-4AF6-BCE9-852A72129E10} => C:\Program Files\COMODO\COMODO Internet Security\cistray.exe [2014-12-09] (COMODO) Task: {94679D2C-16FB-4937-A89C-7509F8351109} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-03-18] (Piriform Ltd) Task: {E245EA46-039B-4079-8ACC-B451929F8317} - System32\Tasks\COMODO\COMODO Update {A6D52E4F-569B-4756-B3D8-DF217313DA85} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe [2014-12-09] (COMODO) ==================== Loaded Modules (whitelisted) ============= 2008-12-20 03:20 - 2014-01-21 09:22 - 00054088 _____ () C:\Program Files (x86)\Lenovo\Energy Management\HookLib.dll 2012-03-10 16:30 - 2014-01-21 09:22 - 01509936 _____ () C:\Program Files (x86)\Lenovo\Energy Management\EMWpfUI.dll 2012-03-08 15:40 - 2014-01-21 09:22 - 00011096 _____ () C:\Program Files (x86)\Lenovo\Energy Management\pl-PL\EMWpfUI.resources.dll 2008-12-20 03:20 - 2014-01-21 09:22 - 00054088 _____ () C:\Program Files (x86)\Lenovo\Energy Management\kbdhook.dll 2014-12-10 00:51 - 2014-12-10 00:51 - 03758192 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll ==================== Alternate Data Streams (whitelisted) ========= (If an entry is included in the fixlist, only the Alternate Data Streams will be removed.) ==================== Safe Mode (whitelisted) =================== (If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.) ==================== EXE Association (whitelisted) ============= (If an entry is included in the fixlist, the default will be restored. None default entries will be removed.) ==================== MSCONFIG/TASK MANAGER disabled items ========= (Currently there is no automatic fix for this section.) MSCONFIG\startupreg: Avira Systray => C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe MSCONFIG\startupreg: SunJavaUpdateSched => "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" ========================= Accounts: ========================== Administrator (S-1-5-21-4196851609-761679857-3791608890-500 - Administrator - Disabled) Gość (S-1-5-21-4196851609-761679857-3791608890-501 - Limited - Disabled) LRozycki (S-1-5-21-4196851609-761679857-3791608890-1000 - Administrator - Enabled) => C:\Users\LRozycki User (S-1-5-21-4196851609-761679857-3791608890-1001 - Limited - Enabled) => C:\Users\User ==================== Faulty Device Manager Devices ============= ==================== Event log errors: ========================= Application errors: ================== Error: (12/11/2014 09:31:36 PM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (12/11/2014 08:52:54 PM) (Source: VSS) (EventID: 12298) (User: ) Description: Błąd usługi kopiowania woluminów w tle: Nie można wstrzymać zapisów We/Wy podczas tworzenia kopii w tle na woluminie C:\. Indeks woluminu w zestawie kopii w tle: 0. Szczegóły błędu: Otwórz[0x00000000, Operacja ukończona pomyślnie. ], Opróżnij[0x00000000, Operacja ukończona pomyślnie. ], Zwolnij[0x80042314, Przekroczono limit czasu dostawcy kopii w tle podczas wstrzymywania zapisów do woluminu będącego w trakcie kopiowania w tle. Prawdopodobną przyczyną jest nadmierna aktywność woluminu wywołana przez aplikację lub usługę systemową. Próbuj ponownie później, gdy aktywność woluminu się zmniejszy. ], PoUruchomieniu[0x00000000, Operacja ukończona pomyślnie. ]. Operacja: Wykonywanie operacji asynchronicznej Kontekst: Stan bieżący: DoSnapshotSet Error: (12/11/2014 08:52:54 PM) (Source: VSS) (EventID: 12310) (User: ) Description: Błąd usługi kopiowania woluminów w tle: Nie można zadeklarować kopii w tle - przekroczono limit czasu operacji. Kontekst błędu: DeviceIoControl(\\?\Volume{2956a8b6-b43e-11e3-9f98-806e6f6e6963} - 000000000000011C,0x0053c010,000000000034A3D0,0,0000000000347FB0,4096,[0]). Operacja: Przekazywanie kopii w tle Kontekst: Kontekst wykonywania: System Provider Error: (12/11/2014 06:11:27 PM) (Source: MsiInstaller) (EventID: 1024) (User: LR) Description: Produkt: Adobe Reader XI (11.0.09) - Polish - nie można zainstalować aktualizacji '{AC76BA86-7AD7-0000-2550-7A8C40011010}'. Kod błędu 1625. Instalator Windows może tworzyć dzienniki, aby ułatwić rozwiązywanie problemów z instalowaniem pakietów oprogramowania. Użyj następującego łącza, aby uzyskać instrukcje dotyczące włączania obsługi rejestrowania: http://go.microsoft.com/fwlink/?LinkId=23127 Error: (12/11/2014 06:10:26 PM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (12/10/2014 10:37:54 PM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (12/10/2014 08:01:16 PM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (12/10/2014 07:54:18 AM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (12/10/2014 00:08:59 AM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (12/09/2014 07:59:36 AM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 System errors: ============= Error: (12/11/2014 09:30:44 PM) (Source: Microsoft-Windows-WHEA-Logger) (EventID: 18) (User: ZARZĄDZANIE NT) Description: Wystąpił krytyczny błąd sprzętowy. Zgłoszone przez składnik: rdzeń procesora Źródło błędu: 3 Typ błędu: 9 Identyfikator procesora: 0 Widok szczegółów tego wpisu zawiera dodatkowe informacje. Error: (12/11/2014 09:30:25 PM) (Source: Service Control Manager) (EventID: 7009) (User: ) Description: Upłynął limit czasu (30000 ms) podczas oczekiwania na połączenie się z usługą Avira Service Host. Error: (12/11/2014 09:21:27 PM) (Source: DCOM) (EventID: 10010) (User: ) Description: {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5} Error: (12/11/2014 09:13:37 PM) (Source: DCOM) (EventID: 10010) (User: ) Description: {E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E} Error: (12/11/2014 08:20:38 PM) (Source: DCOM) (EventID: 10016) (User: LR) Description: domyślne ustawienia komputeraLokalnyAktywacja{9BA05972-F6A8-11CF-A442-00A0C90A8F39}{9BA05972-F6A8-11CF-A442-00A0C90A8F39}LRUserS-1-5-21-4196851609-761679857-3791608890-1001LocalHost (użycie LRPC) Error: (12/11/2014 08:20:33 PM) (Source: DCOM) (EventID: 10016) (User: LR) Description: domyślne ustawienia komputeraLokalnyAktywacja{9BA05972-F6A8-11CF-A442-00A0C90A8F39}{9BA05972-F6A8-11CF-A442-00A0C90A8F39}LRUserS-1-5-21-4196851609-761679857-3791608890-1001LocalHost (użycie LRPC) Error: (12/11/2014 06:09:01 PM) (Source: Microsoft-Windows-WHEA-Logger) (EventID: 18) (User: ZARZĄDZANIE NT) Description: Wystąpił krytyczny błąd sprzętowy. Zgłoszone przez składnik: rdzeń procesora Źródło błędu: 3 Typ błędu: 9 Identyfikator procesora: 0 Widok szczegółów tego wpisu zawiera dodatkowe informacje. Error: (12/10/2014 11:21:33 PM) (Source: DCOM) (EventID: 10010) (User: ) Description: {995C996E-D918-4A8C-A302-45719A6F4EA7} Error: (12/10/2014 10:36:44 PM) (Source: Microsoft-Windows-WHEA-Logger) (EventID: 18) (User: ZARZĄDZANIE NT) Description: Wystąpił krytyczny błąd sprzętowy. Zgłoszone przez składnik: rdzeń procesora Źródło błędu: 3 Typ błędu: 9 Identyfikator procesora: 0 Widok szczegółów tego wpisu zawiera dodatkowe informacje. Error: (12/10/2014 08:00:35 PM) (Source: Microsoft-Windows-WHEA-Logger) (EventID: 18) (User: ZARZĄDZANIE NT) Description: Wystąpił krytyczny błąd sprzętowy. Zgłoszone przez składnik: rdzeń procesora Źródło błędu: 3 Typ błędu: 9 Identyfikator procesora: 0 Widok szczegółów tego wpisu zawiera dodatkowe informacje. Microsoft Office Sessions: ========================= CodeIntegrity Errors: =================================== Date: 2014-04-02 22:38:17.580 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\guard64.dll because the set of per-page image hashes could not be found on the system. ==================== Memory info =========================== Processor: Intel(R) Core(TM) i3-4000M CPU @ 2.40GHz Percentage of memory in use: 39% Total physical RAM: 4012.36 MB Available physical RAM: 2419.67 MB Total Pagefile: 8022.9 MB Available Pagefile: 5994.09 MB Total Virtual: 8192 MB Available Virtual: 8191.81 MB ==================== Drives ================================ Drive c: (OS) (Fixed) (Total:100.08 GB) (Free:63.65 GB) NTFS ==>[Drive with boot components (obtained from BCD)] Drive d: (DATA) (Fixed) (Total:831.43 GB) (Free:696 GB) NTFS ==================== MBR & Partition Table ================== ======================================================== Disk: 0 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: FDCC1B6C) Partition 1: (Active) - (Size=100.1 GB) - (Type=07 NTFS) Partition 2: (Not Active) - (Size=831.4 GB) - (Type=07 NTFS) ==================== End Of Log ============================