Additional scan result of Farbar Recovery Scan Tool (x64) Version: 07-01-2015 Ran by ADMIN at 2015-01-09 15:34:29 Running from C:\Users\ADMIN\Downloads Boot Mode: Normal ========================================================== ==================== Security Center ======================== (If an entry is included in the fixlist, it will be removed.) AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B} AS: Windows Defender (Enabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736} ==================== Installed Programs ====================== (Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.) µTorrent (HKLM-x32\...\uTorrent) (Version: 3.2.0 - BitTorrent Inc.) µTorrent (HKU\S-1-5-21-4169363632-389216348-3168489708-1000\...\uTorrent) (Version: 3.4.2.35702 - BitTorrent Inc.) Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 4.0.0.1390 - Adobe Systems Incorporated) Adobe Anchor Service x64 CS4 (Version: 2.0 - Adobe Systems Incorporated) Hidden Adobe CMaps x64 CS4 (Version: 2.0 - Adobe Systems Incorporated) Hidden Adobe CSI CS4 x64 (Version: 1 - Adobe Systems Incorporated) Hidden Adobe Drive CS4 x64 (Version: 1 - Adobe Systems Incorporated) Hidden Adobe Flash Player 15 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 15.0.0.246 - Adobe Systems Incorporated) Adobe Flash Player 15 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 15.0.0.246 - Adobe Systems Incorporated) Adobe Fonts All x64 (Version: 2.0 - Adobe Systems Incorporated) Hidden Adobe Linguistics CS4 x64 (Version: 4.0.0 - Adobe Systems Incorporated) Hidden Adobe Media Player (HKLM-x32\...\com.adobe.amp.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 1.1 - Adobe Systems Incorporated) Adobe PDF Library Files x64 CS4 (Version: 9.0 - Adobe Systems Incorporated) Hidden Adobe Photoshop CS4 (64 Bit) (Version: 11.0 - Adobe Systems Incorporated) Hidden Adobe Photoshop CS4 (HKLM-x32\...\Adobe_faf656ef605427ee2f42989c3ad31b8) (Version: 11.0 - Adobe Systems Incorporated) Adobe Reader XI (11.0.10) - Polish (HKLM-x32\...\{AC76BA86-7AD7-1045-7B44-AB0000000001}) (Version: 11.0.10 - Adobe Systems Incorporated) Adobe Type Support x64 CS4 (Version: 9.0 - Adobe Systems Incorporated) Hidden Adobe WinSoft Linguistics Plugin x64 (Version: 1.1 - Adobe Systems Incorporated) Hidden ALLPlayer V3.X (HKLM-x32\...\ALLPlayer V3.4.6.2_is1) (Version: - ALLPlayer Sp. z o.o.) Apple Mobile Device Support (HKLM\...\{787136D2-F0F8-4625-AA3F-72D7795AC842}) (Version: 7.1.1.3 - Apple Inc.) Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.) Audacity 2.0.5 (HKLM-x32\...\Audacity_is1) (Version: 2.0.5 - Audacity Team) Avast Free Antivirus (HKLM-x32\...\Avast) (Version: 10.0.2208 - AVAST Software) Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.) Broadcom Gigabit NetLink Controller (HKLM\...\{96F70DF8-160F-4F9C-9B9E-2A9B439B4EB9}) (Version: 12.26.01 - Broadcom Corporation) ChomikBox (HKLM-x32\...\{C7B52FAF-58D8-438C-B810-F78C3C927504}) (Version: 2.0.8.0 - Chomikuj.pl) Combined Community Codec Pack 2012-12-30 (HKLM-x32\...\Combined Community Codec Pack_is1) (Version: 2012.12.30.0 - CCCP Project) Connect (x32 Version: 1.0.0.1 - Adobe Systems Incorporated) Hidden Cool Edit Pro 2.1 (HKLM-x32\...\Cool Edit Pro 2.1) (Version: - ) DAEMON Tools Lite (HKLM-x32\...\DAEMON Tools Lite) (Version: 4.48.1.0347 - Disc Soft Ltd) Dolby Control Center (HKLM\...\{20387B45-18A4-4D48-ABD9-A23D2CBE42B3}) (Version: 2.2.1 - Dolby) Dropbox (HKU\S-1-5-21-4169363632-389216348-3168489708-1000\...\Dropbox) (Version: 3.0.4 - Dropbox, Inc.) Dziobas Rar Player 0.009.52 (HKLM-x32\...\Dziobas Rar Player_is1) (Version: - Kamil Dzióbek) ENE CIR Receiver Driver (HKLM\...\FFE7D41DF3C645075BB149E21988B63996C34187) (Version: 2.7.4.0 - ENE) Energy Management (HKLM-x32\...\{AE1E24C2-E720-42D5-B8E1-48F71A97B4DB}) (Version: 4.4.0.8 - Lenovo) File Type Advisor 1.4 (HKLM-x32\...\File Type Advisor_is1) (Version: - filetypeadvisor.com) FL Studio 11 (HKLM-x32\...\FL Studio 11) (Version: - Image-Line) FlowStone FL 3.0 (HKLM-x32\...\FlowStone) (Version: - ) foobar2000 v1.2.9 (HKLM-x32\...\foobar2000) (Version: 1.2.9 - Peter Pawlowski) Free M4a to MP3 Converter 8.1 (HKLM-x32\...\Free M4a to MP3 Converter_is1) (Version: - ManiacTools.com) Google Chrome (HKLM-x32\...\Google Chrome) (Version: 39.0.2171.95 - Google Inc.) Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden Google+ Auto Backup (HKLM-x32\...\{A50DE037-B5C0-4C8A-8049-B0C576B313D1}) (Version: 1.0.21.81 - Google) IL Shared Libraries (HKLM-x32\...\IL Shared Libraries) (Version: - Image-Line) IrfanView (remove only) (HKLM-x32\...\IrfanView) (Version: 4.38 - Irfan Skiljan) iTunes (HKLM\...\{B8BA155B-1E75-405F-9CB4-8A99615D09DC}) (Version: 11.1.5.5 - Apple Inc.) Java 7 Update 65 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F03217065FF}) (Version: 7.0.650 - Oracle) K-Lite Codec Pack 3.6.5 Full (HKLM-x32\...\KLiteCodecPack_is1) (Version: 3.6.5 - ) K-Lite Codec Pack 9.9.5 (64-bit) (HKLM\...\KLiteCodecPack64_is1) (Version: 9.9.5 - ) kuler (x32 Version: 2.0 - Adobe Systems Incorporated) Hidden LAME v3.98.3 for Audacity (HKLM-x32\...\LAME for Audacity_is1) (Version: - ) Lenovo Bluetooth with Enhanced Data Rate Software (HKLM\...\{9E9D49A4-1DF4-4138-B7DB-5D87A893088E}) (Version: 6.2.0.9600 - Broadcom Corporation) Lexicon Alpha Driver (HKLM-x32\...\Lexicon Alpha Driver) (Version: 2.7 - Lexicon) Lexicon Alpha Driver (Version: 2.7 - Lexicon) Hidden Malwarebytes Anti-Malware wersja 2.0.4.1028 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.4.1028 - Malwarebytes Corporation) Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation) Mozilla Firefox 34.0.5 (x86 pl) (HKLM-x32\...\Mozilla Firefox 34.0.5 (x86 pl)) (Version: 34.0.5 - Mozilla) Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 30.0 - Mozilla) MSVC80_x64_v2 (Version: 1.0.3.0 - Nokia) Hidden MSVC80_x86_v2 (x32 Version: 1.0.3.0 - Nokia) Hidden MSVC90_x64 (Version: 1.0.1.2 - Nokia) Hidden MSVC90_x86 (x32 Version: 1.0.1.2 - Nokia) Hidden Nokia Connectivity Cable Driver (HKLM-x32\...\{29373274-977E-413C-A4DE-DC0F8E80C429}) (Version: 7.1.172.0 - Nokia) NVIDIA Drivers (HKLM\...\NVIDIA Drivers) (Version: 1.10.61.39 - NVIDIA Corporation) Obsługa programów Apple (HKLM-x32\...\{AAC5D43E-816D-4C2D-8E51-55FFF35BE301}) (Version: 3.0.1 - Apple Inc.) Odkurzacz (HKLM-x32\...\Odkurzacz 13.5_is1) (Version: 13.5.0.1911 - FranmoSoftware - Maciej Opaliński) OpenOffice.org 3.0 (HKLM-x32\...\{31BFEC6C-1F27-45B5-839C-BCBAE327993A}) (Version: 3.0.9358 - OpenOffice.org) Opera Stable 20.0.1387.82 (HKLM-x32\...\Opera 20.0.1387.82) (Version: 20.0.1387.82 - Opera Software ASA) Pakiet sterowników systemu Windows - Lenovo (ACPIVPC) System (05/19/2009 4.4.0.1) (HKLM\...\92F4CDC794E6E4E29DC063D292D1C94F6FA1EA1E) (Version: 05/19/2009 4.4.0.1 - Lenovo) Pakiet sterowników systemu Windows - Nokia pccsmcfd LegacyDriver (05/31/2012 7.1.2.0) (HKLM\...\62BBD193ADFDBB228C7E1ADB56463F5732FF7F6F) (Version: 05/31/2012 7.1.2.0 - Nokia) PC Connectivity Solution (HKLM-x32\...\{6D01D1B1-17BD-4F10-BB11-F08F0C47D42B}) (Version: 12.0.109.0 - Nokia) PDF Settings CS4 (x32 Version: 9.0 - Adobe Systems Incorporated) Hidden PDFCreator (HKLM-x32\...\{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}) (Version: 0.9.5 - Frank Heindörfer, Philip Chinery) Photoshop Camera Raw (x32 Version: 5.0 - Adobe Systems Incorporated) Hidden Photoshop Camera Raw_x64 (Version: 5.0 - Adobe Systems Incorporated) Hidden Picasa 3 (HKLM-x32\...\Picasa 3) (Version: 3.9 - Google, Inc.) PS3 Media Server (HKLM-x32\...\PS3 Media Server) (Version: 1.90.1 - PS3 Media Server) <==== ATTENTION! QT Lite 2.7.0 (HKLM-x32\...\qt7lite_is1) (Version: 2.7.0 - ) RC-505 Driver (HKLM\...\RolandRDID0139) (Version: - Roland Corporation) Real Alternative 1.52 (HKLM-x32\...\RealAlt_is1) (Version: 1.52 - ) Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6002 - Realtek Semiconductor Corp.) Realtek USB 2.0 Card Reader (HKLM-x32\...\{96AE7E41-E34E-47D0-AC07-1091A8127911}) (Version: 6.1.7600.30101 - Realtek Semiconductor Corp.) Skype™ 7.0 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.0.102 - Skype Technologies S.A.) SopCast 3.9.2 (HKLM-x32\...\SopCast) (Version: 3.9.2 - www.sopcast.com) Spotify (HKU\S-1-5-21-4169363632-389216348-3168489708-1000\...\Spotify) (Version: 0.9.15.27.g87efe634 - Spotify AB) SubEdit-Player (HKLM-x32\...\SubEdit-Player_is1) (Version: 4066 - Artur Sikora) Suite Shared Configuration CS4 (x32 Version: 1.0 - Adobe Systems Incorporated) Hidden Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 13.2.7.3 - Synaptics Incorporated) tricomfi (HKLM-x32\...\{74f1e872-8d6f-4cc7-58d6-c60d8dfe43ed}) (Version: 1.0.0 - estdemin) VLC media player 2.0.8 (HKLM-x32\...\VLC media player) (Version: 2.0.8 - VideoLAN) WinRAR 4.01 (32-bitowy) (HKLM-x32\...\WinRAR archiver) (Version: 4.01.0 - win.rar GmbH) ==================== Custom CLSID (selected items): ========================== (If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.) CustomCLSID: HKU\S-1-5-21-4169363632-389216348-3168489708-1000_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\ADMIN\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-4169363632-389216348-3168489708-1000_Classes\CLSID\{56FDF344-FD6D-11d0-958A-006097C9A090}\InprocServer32 -> C:\Users\ADMIN\AppData\Roaming\tricomfi\tivesen.dll () <==== ATTENTION CustomCLSID: HKU\S-1-5-21-4169363632-389216348-3168489708-1000_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\ADMIN\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-4169363632-389216348-3168489708-1000_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\ADMIN\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-4169363632-389216348-3168489708-1000_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\ADMIN\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-4169363632-389216348-3168489708-1000_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\ADMIN\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-4169363632-389216348-3168489708-1000_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\ADMIN\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-4169363632-389216348-3168489708-1000_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\ADMIN\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-4169363632-389216348-3168489708-1000_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\ADMIN\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-4169363632-389216348-3168489708-1000_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\ADMIN\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.) ==================== Restore Points ========================= 02-01-2015 18:06:50 Zaplanowany punkt kontrolny 03-01-2015 22:13:30 avast! antivirus system restore point 04-01-2015 00:37:36 Removed Skype™ 5.10 ==================== Hosts content: ========================== (If needed Hosts: directive could be included in the fixlist to reset Hosts.) 2009-07-14 03:34 - 2009-06-10 22:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts ==================== Scheduled Tasks (whitelisted) ============= (If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.) Task: {072C16F2-6A6C-4FC1-AB9C-9A9B49076068} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-12-09] (Adobe Systems Incorporated) Task: {2079F2D4-BEF8-4102-B9F4-626ACA429C6D} - System32\Tasks\FileAdvisorCheck => C:\Program Files (x86)\File Type Advisor\file-type-advisor.exe [2013-09-04] (filetypeadvisor.com ) Task: {9A698E1A-6104-4E03-A3D6-62602202E403} - System32\Tasks\LIZ => C:\Users\ADMIN\AppData\Roaming\LIZ.exe <==== ATTENTION Task: {A5A10CC3-70AC-4677-9E25-31E76D29BB93} - System32\Tasks\Odkurzacz => C:\Program Files (x86)\Odkurzacz\odkurzacz.exe [2015-01-02] (FranmoSoftware) Task: {AEC557F7-4397-4191-BC74-E5740203D628} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-01-15] (Google Inc.) Task: {BA015F6C-CFE8-432A-98A8-D945A005D250} - System32\Tasks\WXITZAAW => C:\Users\ADMIN\AppData\Roaming\WXITZAAW.exe <==== ATTENTION Task: {C8951E3A-3100-4E80-A490-7BD1E7B3F11B} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2015-01-03] (AVAST Software) Task: {CAE367A8-E01E-4303-B08C-E8654D4A477B} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-01-15] (Google Inc.) Task: {D1C36913-E156-4168-B034-E3C812F8B9FA} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2014-12-19] (Adobe Systems Incorporated) Task: {E069D33C-70F2-413E-B75D-C57545AB6376} - \SPBIW_UpdateTask_Time_323435333333363737312d345b413455412a45235a6c6c No Task File <==== ATTENTION Task: {EA04C184-3A65-48EF-9F43-26275B0DE00B} - System32\Tasks\Microsoft\Windows\Maintenance\SMupdate2 => Rundll32.exe C:\PROGRA~1\COMMON~1\System\SysMenu.dll ,Command701 update2 <==== ATTENTION Task: {EE9A2B25-66C2-4993-A21F-28E05B54A5DE} - System32\Tasks\FileAdvisorUpdate => C:\Program Files (x86)\File Type Advisor\fileadvisor.exe [2013-09-04] (File Type Advisor) Task: {FF84937A-26A2-47E3-8376-D411F6553A51} - System32\Tasks\Microsoft\Windows\Multimedia\SMupdate3 => Rundll32.exe C:\PROGRA~1\COMMON~1\System\SysMenu.dll ,Command701 update3 <==== ATTENTION Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\LIZ.job => C:\Users\ADMIN\AppData\Roaming\LIZ.exe <==== ATTENTION Task: C:\Windows\Tasks\WXITZAAW.job => C:\Users\ADMIN\AppData\Roaming\WXITZAAW.exe <==== ATTENTION ==================== Loaded Modules (whitelisted) ============= 2009-07-01 18:54 - 2009-07-01 18:54 - 00173344 _____ () C:\Program Files\Lenovo\Bluetooth Software\btkeyind.dll 2014-12-09 15:27 - 2014-12-09 15:27 - 00157696 _____ () C:\Users\ADMIN\AppData\Roaming\tricomfi\tivesen.dll 2014-01-15 10:31 - 2005-03-12 00:07 - 00087040 _____ () C:\Windows\System32\pdfcmnnt.dll 2014-01-15 09:58 - 2008-06-18 07:35 - 00048128 _____ () C:\Program Files (x86)\Lenovo\Energy Management\kbdhook.dll 2014-01-15 09:58 - 2008-12-11 06:22 - 00048128 _____ () C:\Program Files (x86)\Lenovo\Energy Management\HookLib.dll 2015-01-06 17:43 - 2015-01-06 17:43 - 02909696 _____ () C:\Program Files\AVAST Software\Avast\defs\15010600\algo.dll 2015-01-09 13:13 - 2015-01-09 13:13 - 02909696 _____ () C:\Program Files\AVAST Software\Avast\defs\15010900\algo.dll 2014-02-12 19:58 - 2014-02-12 19:58 - 00073544 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll 2014-02-12 19:58 - 2014-02-12 19:58 - 01044808 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll 2015-01-06 08:23 - 2015-01-06 08:23 - 00133120 _____ () C:\Users\ADMIN\AppData\Roaming\jmfrfemf\colers.dll 2014-01-15 10:31 - 2007-11-28 18:59 - 03702784 _____ () C:\Program Files (x86)\PDFCreator\GS8.61\gs8.61\Bin\gsdll32.dll 2015-01-03 22:17 - 2015-01-03 22:17 - 38562088 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll 2015-01-08 02:08 - 2015-01-08 02:08 - 00133120 _____ () C:\Users\ADMIN\AppData\Roaming\zjhfyion\colers.dll 2014-12-12 12:03 - 2014-12-06 02:50 - 01077064 _____ () C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.95\libglesv2.dll 2014-12-12 12:03 - 2014-12-06 02:50 - 00211272 _____ () C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.95\libegl.dll 2014-12-12 12:03 - 2014-12-06 02:50 - 09009480 _____ () C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.95\pdf.dll 2014-12-12 12:03 - 2014-12-06 02:50 - 01677128 _____ () C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.95\ffmpegsumo.dll 2014-12-12 12:03 - 2014-12-06 02:50 - 14913352 _____ () C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.95\PepperFlash\pepflashplayer.dll ==================== Alternate Data Streams (whitelisted) ========= (If an entry is included in the fixlist, only the Alternate Data Streams will be removed.) AlternateDataStreams: C:\Users\ADMIN\Downloads\FIFA15UltimateTeamHack__11424_il123227.exe:typelib ==================== Safe Mode (whitelisted) =================== (If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.) ==================== EXE Association (whitelisted) ============= (If an entry is included in the fixlist, the default will be restored. None default entries will be removed.) ==================== MSCONFIG/TASK MANAGER disabled items ========= (Currently there is no automatic fix for this section.) ========================= Accounts: ========================== ADMIN (S-1-5-21-4169363632-389216348-3168489708-1000 - Administrator - Enabled) => C:\Users\ADMIN Administrator (S-1-5-21-4169363632-389216348-3168489708-500 - Administrator - Disabled) Gość (S-1-5-21-4169363632-389216348-3168489708-501 - Limited - Disabled) HomeGroupUser$ (S-1-5-21-4169363632-389216348-3168489708-1004 - Limited - Enabled) ==================== Faulty Device Manager Devices ============= Name: Teredo Tunneling Pseudo-Interface Description: Karta tunelowania Teredo firmy Microsoft Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318} Manufacturer: Microsoft Service: tunnel Problem: : This device cannot start. (Code10) Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device. On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard. Name: SPDRIVER_1454.0.0.0 Description: SPDRIVER_1454.0.0.0 Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1} Manufacturer: Service: SPDRIVER_1454.0.0.0 Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24) Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed. Devices stay in this state if they have been prepared for removal. After you remove the device, this error disappears.Remove the device, and this error should be resolved. ==================== Event log errors: ========================= Application errors: ================== Error: (01/09/2015 09:08:01 AM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: m->NextScheduledSPRetry 13884 Error: (01/09/2015 09:08:01 AM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: m->NextScheduledEvent 13884 Error: (01/09/2015 09:08:01 AM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: Continuously busy for more than a second Error: (01/09/2015 09:07:53 AM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: m->NextScheduledSPRetry 6287 Error: (01/09/2015 09:07:53 AM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: m->NextScheduledEvent 6287 Error: (01/09/2015 09:07:53 AM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: Continuously busy for more than a second Error: (01/09/2015 03:07:37 AM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: m->NextScheduledSPRetry 14726 Error: (01/09/2015 03:07:37 AM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: m->NextScheduledEvent 14726 Error: (01/09/2015 03:07:37 AM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: Continuously busy for more than a second Error: (01/09/2015 03:07:34 AM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: m->NextScheduledSPRetry 12199 System errors: ============= Error: (01/07/2015 01:33:48 AM) (Source: Microsoft-Windows-HAL) (EventID: 12) (User: ) Description: Oprogramowanie układowe platformy spowodowało uszkodzenie pamięci podczas poprzedniego przejścia do innego trybu zasilania systemu. Sprawdź dostępność zaktualizowanego oprogramowania układowego przeznaczonego do tego systemu. Error: (01/06/2015 11:59:41 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Nie można uruchomić usługi YTDUpdt z powodu następującego błędu: %%2 Error: (01/06/2015 11:59:41 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Nie można uruchomić usługi SPDRIVER_1454.0.0.0 z powodu następującego błędu: %%3 Error: (01/06/2015 11:59:32 PM) (Source: BugCheck) (EventID: 1001) (User: ) Description: 0x000000d1 (0xfffffa84051a200e, 0x0000000000000002, 0x0000000000000000, 0xfffff88007772017)C:\Windows\MEMORY.DMP010615-33306-01 Error: (01/06/2015 11:59:25 PM) (Source: EventLog) (EventID: 6008) (User: ) Description: Poprzednie zamknięcie systemu przy 23:57:19 na ‎2015-‎01-‎06 było nieoczekiwane. Error: (01/04/2015 04:20:48 PM) (Source: Service Control Manager) (EventID: 7011) (User: ) Description: Upłynął limit czasu (30000 ms) podczas oczekiwania na odpowiedź transakcji z usługi Wlansvc. Error: (01/04/2015 01:00:37 PM) (Source: Service Control Manager) (EventID: 7011) (User: ) Description: Upłynął limit czasu (30000 ms) podczas oczekiwania na odpowiedź transakcji z usługi Netman. Error: (01/04/2015 04:13:14 AM) (Source: Schannel) (EventID: 4120) (User: ZARZĄDZANIE NT) Description: Został wygenerowany następujący alert krytyczny: 20. Stan błędu wewnętrznego: 960. Error: (01/02/2015 06:12:04 PM) (Source: Microsoft-Windows-HAL) (EventID: 12) (User: ) Description: Oprogramowanie układowe platformy spowodowało uszkodzenie pamięci podczas poprzedniego przejścia do innego trybu zasilania systemu. Sprawdź dostępność zaktualizowanego oprogramowania układowego przeznaczonego do tego systemu. Error: (01/02/2015 05:29:41 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Nie można uruchomić usługi YTDUpdt z powodu następującego błędu: %%2 Microsoft Office Sessions: ========================= Error: (01/09/2015 09:08:01 AM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: m->NextScheduledSPRetry 13884 Error: (01/09/2015 09:08:01 AM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: m->NextScheduledEvent 13884 Error: (01/09/2015 09:08:01 AM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: Continuously busy for more than a second Error: (01/09/2015 09:07:53 AM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: m->NextScheduledSPRetry 6287 Error: (01/09/2015 09:07:53 AM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: m->NextScheduledEvent 6287 Error: (01/09/2015 09:07:53 AM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: Continuously busy for more than a second Error: (01/09/2015 03:07:37 AM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: m->NextScheduledSPRetry 14726 Error: (01/09/2015 03:07:37 AM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: m->NextScheduledEvent 14726 Error: (01/09/2015 03:07:37 AM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: Continuously busy for more than a second Error: (01/09/2015 03:07:34 AM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: m->NextScheduledSPRetry 12199 ==================== Memory info =========================== Processor: Pentium(R) Dual-Core CPU T4300 @ 2.10GHz Percentage of memory in use: 71% Total physical RAM: 3066.6 MB Available physical RAM: 860.13 MB Total Pagefile: 6131.34 MB Available Pagefile: 2846.06 MB Total Virtual: 8192 MB Available Virtual: 8191.79 MB ==================== Drives ================================ Drive c: () (Fixed) (Total:99.9 GB) (Free:34.77 GB) NTFS Drive d: () (Fixed) (Total:182.88 GB) (Free:16.76 GB) NTFS Drive e: () (Fixed) (Total:182.88 GB) (Free:27.8 GB) NTFS ==================== MBR & Partition Table ================== ======================================================== Disk: 0 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: 6D694D02) Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS) Partition 2: (Not Active) - (Size=99.9 GB) - (Type=07 NTFS) Partition 3: (Not Active) - (Size=182.9 GB) - (Type=07 NTFS) Partition 4: (Not Active) - (Size=182.9 GB) - (Type=07 NTFS) ==================== End Of Log ============================