Additional scan result of Farbar Recovery Scan Tool (x64) Version: 19-01-2015 Ran by   at 2015-01-23 12:58:50 Running from C:\Users\ \Desktop Boot Mode: Normal ========================================================== ==================== Security Center ======================== (If an entry is included in the fixlist, it will be removed.) AV: F-Secure Client Security 9.00 (Enabled - Up to date) {15414183-282E-D62C-CA37-EF24860A2F17} AS: F-Secure Client Security 9.00 (Enabled - Up to date) {AE20A067-0E14-D9A2-F087-D456FD8D65AA} AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} FW: F-Secure Client Security 9.00 (Enabled) {2D7AC0A6-6241-D774-E168-461178D9686C} ==================== Installed Programs ====================== (Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.) µTorrent (HKU\S-1-5-21-4213471207-3847667108-355983222-1000\...\uTorrent) (Version: 3.4.2.37754 - BitTorrent Inc.) 64 Bit HP CIO Components Installer (Version: 6.2.2 - Hewlett-Packard) Hidden Advertising Center (x32 Version: 0.0.0.1 - Nero AG) Hidden Aktualizacja produktu Microsoft Office Excel 2007 Help (KB963678) (HKLM-x32\...\{90120000-0016-0415-0000-0000000FF1CE}_ENTERPRISE_{04E205D6-88B1-4652-B162-42DF2C3B1228}) (Version: - Microsoft) Aktualizacja produktu Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM-x32\...\{90120000-0018-0415-0000-0000000FF1CE}_ENTERPRISE_{442ECBCF-94A7-48CC-8CD9-D31FFFD5FA86}) (Version: - Microsoft) Aktualizacja produktu Microsoft Office Word 2007 Help (KB963665) (HKLM-x32\...\{90120000-001B-0415-0000-0000000FF1CE}_ENTERPRISE_{128A36ED-21BE-4547-9FFE-5B85AEC735DD}) (Version: - Microsoft) Archiwizator WinRAR (HKLM-x32\...\WinRAR archiver) (Version: - ) ASUS Power4Gear Hybrid (HKLM\...\{91EFE3A1-585E-4F66-B5F6-F118F56C4C47}) (Version: 1.1.37 - ASUS) Asystent rejestracji usługi Windows Live (HKLM-x32\...\{51958BA7-21E4-4A8B-9098-CD8375BD17B2}) (Version: 5.000.818.5 - Microsoft Corporation) ATI AVIVO64 Codecs (Version: 10.12.0.00122 - ATI Technologies Inc.) Hidden ATITool Overclocking Utility (HKLM-x32\...\ATITool) (Version: 0.26 - ) ATK Package (HKLM-x32\...\{AB5C933E-5C7D-4D30-B314-9C83A49B94BE}) (Version: 1.0.0005 - ASUS) Audacity 2.0.5 (HKLM-x32\...\Audacity_is1) (Version: 2.0.5 - Audacity Team) Bandicam (HKLM-x32\...\Bandicam) (Version: 2.0.3.674 - Bandisoft.com) Bandisoft MPEG-1 Decoder (HKLM-x32\...\BandiMPEG1) (Version: - Bandisoft.com) BlueStacks App Player (HKLM-x32\...\BlueStacks App Player) (Version: 0.9.1.4057 - BlueStack Systems, Inc.) BlueStacks Notification Center (HKLM-x32\...\{981B38A6-E4D0-4D94-98C2-75AC645755F5}) (Version: 0.9.1.4057 - BlueStack Systems, Inc.) Camtasia Studio 8 (HKLM-x32\...\{474DFABF-E55B-4905-ABAA-40791A6AC77F}) (Version: 8.4.4.1859 - TechSmith Corporation) ccc-core-static (x32 Version: 2010.0122.858.16002 - Nazwa firmy) Hidden Cheat Engine 6.4 (HKLM-x32\...\Cheat Engine 6.4_is1) (Version: - Cheat Engine) Conexant HD Audio (HKLM\...\CNXT_AUDIO_HDA) (Version: 4.98.18.65 - Conexant) Counter Strike 1.6 v23 (HKLM-x32\...\Counter Strike 1.6 v23 1.0) (Version: 1.0 - Cs-Classic) Counter-Strike (HKLM-x32\...\Steam App 10) (Version: - Valve) Counter-Strike: Global Offensive (HKLM-x32\...\Steam App 730) (Version: - Valve) DJ_AIO_06_F2400_SW_Min (x32 Version: 140.0.690.000 - Hewlett-Packard) Hidden DolbyFiles (x32 Version: 0.1 - Nero AG) Hidden ETDWare PS/2-x64 7.0.5.11_WHQL (HKLM\...\Elantech) (Version: 7.0.5.11 - ELAN Microelectronics Corp.) Facebook Video Calling 3.1.0.521 (HKLM-x32\...\{2091F234-EB58-4B80-8C96-8EB78C808CF7}) (Version: 3.1.521 - Skype Limited) FileZilla Client 3.7.4.1 (HKLM-x32\...\FileZilla Client) (Version: 3.7.4.1 - Tim Kosse) Formant ActiveX programu Windows Live Mesh odpowiedzialny za obsługę połączeń zdalnych (HKLM-x32\...\{B04A0E2F-1E4C-4E61-B18E-3B2BD6779CA7}) (Version: 15.4.5722.2 - Microsoft Corporation) Free Mouse Auto Clicker 3.4.5 (HKLM-x32\...\{7D9D583E-EC8B-4390-B3A4-017B8182C8FF}_is1) (Version: - Advanced Mouse Auto Clicker ltd.) F-Secure Client Security — DeepGuard (HKLM-x32\...\F-Secure HIPS) (Version: - ) F-Secure Client Security - Ochrona przed wirusami i szpiegami (HKLM-x32\...\F-Secure Anti-Virus) (Version: - ) F-Secure Client Security - Ochrona przeglądania (HKLM-x32\...\F-Secure ExploitShield) (Version: - ) F-Secure Client Security - Osłona internetowa (HKLM-x32\...\F-Secure Internet Shield) (Version: - ) F-Secure Client Security - Skanowanie poczty e-mail (HKLM-x32\...\F-Secure E-mail Scanning) (Version: - ) Gadu-Gadu 10 (HKLM-x32\...\Gadu-Gadu 10) (Version: - GG Network S.A.) Galeria fotografii usługi Windows Live (x32 Version: 14.0.8117.416 - Microsoft Corporation) Hidden GIMP 2.6.11 (HKLM-x32\...\WinGimp-2.0_is1) (Version: 2.6.11 - The GIMP Team) Google Chrome (HKU\S-1-5-21-4213471207-3847667108-355983222-1000\...\Google Chrome) (Version: 39.0.2171.99 - Google Inc.) HP Deskjet F2400 All-in-One Driver 14.0 Rel. 6 (HKLM\...\{819CA3BC-2FF8-4811-B42F-421F7BFD3559}) (Version: 14.0 - HP) HydraVision (x32 Version: 4.2.252.0 - Advanced Micro Devices, Inc.) Hidden ImagXpress (x32 Version: 7.0.74.0 - Nero AG) Hidden Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 6.0.0.1179 - Intel Corporation) JMicron Ethernet Adapter NDIS Driver (HKLM-x32\...\{96DCEE2F-98EE-4F80-8C0F-7C04D1FB9D7F}) (Version: 6.0.17.1 - JMicron Technology Corp.) JMicron Flash Media Controller Driver (HKLM-x32\...\{26604C7E-A313-4D12-867F-7C6E7820BE4C}) (Version: 1.0.33.2 - JMicron Technology Corp.) K-Lite Codec Pack 6.4.0 (Full) (HKLM-x32\...\KLiteCodecPack_is1) (Version: 6.4.0 - ) LAME v3.99.3 (for Windows) (HKLM-x32\...\LAME_is1) (Version: - ) Left 4 Dead 2 (HKLM-x32\...\Steam App 550) (Version: - Valve) Lightshot-5.2.0.17 (HKLM-x32\...\{30A5B3C9-2084-4063-A32A-628A98DE512B}_is1) (Version: 5.2.0.17 - Skillbrains) MailNavigator (HKLM-x32\...\MailNavigator) (Version: 1.13 - GEO Ltd) Malwarebytes Anti-Malware wersja 2.0.4.1028 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.4.1028 - Malwarebytes Corporation) Menu Templates - Starter Kit (x32 Version: 9.4.2.0 - Nero AG) Hidden Microsoft .NET Framework 4 Client Profile (HKLM\...\Microsoft .NET Framework 4 Client Profile) (Version: 4.0.30319 - Microsoft Corporation) Microsoft .NET Framework 4 Extended (HKLM\...\Microsoft .NET Framework 4 Extended) (Version: 4.0.30319 - Microsoft Corporation) Microsoft .NET Framework 4 Multi-Targeting Pack (HKLM-x32\...\{CFEF48A8-BFB8-3EAC-8BA5-DE4F8AA267CE}) (Version: 4.0.30319 - Microsoft Corporation) Microsoft Help Viewer 1.1 (HKLM\...\Microsoft Help Viewer 1.1) (Version: 1.1.40219 - Microsoft Corporation) Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft) Microsoft Office Enterprise 2007 (HKLM-x32\...\ENTERPRISE) (Version: 12.0.6612.1000 - Microsoft Corporation) Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation) Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation) Microsoft SQL Server 2008 R2 Management Objects (HKLM-x32\...\{77F1F8AD-51B8-4490-AEEC-BF480073E0FC}) (Version: 10.50.1750.9 - Microsoft Corporation) Microsoft SQL Server Compact 3.5 SP2 ENU (HKLM-x32\...\{3A9FC03D-C685-4831-94CF-4EDFD3749497}) (Version: 3.5.8080.0 - Microsoft Corporation) Microsoft SQL Server Compact 3.5 SP2 x64 ENU (HKLM\...\{D4AD39AD-091E-4D33-BB2B-59F6FCB8ADC3}) (Version: 3.5.8080.0 - Microsoft Corporation) Microsoft SQL Server System CLR Types (HKLM-x32\...\{877B76B2-F83F-4F5A-B28D-3F398641ADB6}) (Version: 10.50.1750.9 - Microsoft Corporation) Microsoft Visual Basic 2010 Express - ENU (HKLM-x32\...\Microsoft Visual Basic 2010 Express - ENU) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4974 (HKLM-x32\...\{B7E38540-E355-3503-AFD7-635B2F2F76E1}) (Version: 9.0.30729.4974 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Runtime - 10.0.40219 (HKLM\...\{1C7C8AAF-A16D-32E8-89E5-F6D165DE0BCE}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Runtime - 10.0.40219 (HKLM-x32\...\{5D9ED403-94DE-3BA0-B1D6-71F4BDA412E6}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{7f51bdb9-ee21-49ee-94d6-90afc321780e}) (Version: 12.0.21005.1 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation) Microsoft Visual Studio 2010 ADO.NET Entity Framework Tools (HKLM-x32\...\{14DD7530-CCD2-3798-B37D-3839ED6A441C}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual Studio 2010 Express Prerequisites x64 - ENU (HKLM\...\{BCA26999-EC22-3007-BB79-638913079C9A}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual Studio 2010 Service Pack 1 (HKLM-x32\...\Microsoft Visual Studio 2010 Service Pack 1) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation) Movie Templates - Starter Kit (x32 Version: 9.4.2.0 - Nero AG) Hidden MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation) MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation) NapiProjekt (2.2.0.2399) (HKLM-x32\...\NapiProjekt_is1) (Version: - ) Narzędzie do przekazywania usługi Windows Live (HKLM-x32\...\{205C6BDD-7B73-42DE-8505-9A093F35A238}) (Version: 14.0.8014.1029 - Microsoft Corporation) Nero 9 Essentials (HKLM-x32\...\{75077afd-51a4-4637-b169-a60354c56c6e}) (Version: - Nero AG) NVIDIA PhysX (HKLM-x32\...\{3F5C371F-8EA2-4F25-9D3D-D0B4526E3AEA}) (Version: 9.10.0513 - NVIDIA Corporation) Orcs Must Die! (HKLM-x32\...\Steam App 102600) (Version: - Robot Entertainment) Orcs Must Die! 2 (HKLM-x32\...\Steam App 201790) (Version: - Robot Entertainment) PIT pro 2012 (HKLM-x32\...\{D2FDD182-1367-4148-AC45-0EF1C85C16D6}) (Version: 1.3.10 - Podatnik.info Sp z o.o.) Podstawowe programy Windows Live (HKLM-x32\...\WinLiveSuite_Wave3) (Version: 14.0.8117.0416 - Microsoft Corporation) Podstawowe programy Windows Live (x32 Version: 14.0.8117.416 - Microsoft Corporation) Hidden Polski pakiet językowy dla narzędzi Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - PLK) (Version: 10.0.50903 - Microsoft Corporation) Polski pakiet językowy dla programu Microsoft .NET Framework 4 Client Profile (HKLM\...\Microsoft .NET Framework 4 Client Profile PLK Language Pack) (Version: 4.0.30319 - Microsoft Corporation) Sandboxie 4.12 (64-bit) (HKLM\...\Sandboxie) (Version: 4.12 - Sandboxie Holdings, LLC) Scan (x32 Version: 140.0.80.000 - Hewlett-Packard) Hidden screenSHU - the fastest screen capture ever. (HKLM-x32\...\screenSHU) (Version: - ) Share YouTube Videos version 1 (HKLM-x32\...\{55DAC5D1-B178-42B2-86A3-94A3E0B4F3DD}_is1) (Version: 1 - ) Skype™ 7.0 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.0.102 - Skype Technologies S.A.) Sony Vegas Pro 8.0 (HKLM-x32\...\{B7E2A724-2774-4AC2-9F0A-B58C7319B6E6}) (Version: 8.0.260 - Sony) Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation) The Binding of Isaac Rebirth 1.0 (HKLM-x32\...\The Binding of Isaac Rebirth 1.0) (Version: 1.0 - Games on Cat-A-Cat.Net) Toolbox (x32 Version: 140.0.428.000 - Hewlett-Packard) Hidden Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft) USB2.0 UVC VGA WebCam (HKLM\...\USB2.0 UVC VGA WebCam) (Version: 5.8.54000.207 - Sonix) Visual Studio 2010 Tools for SQL Server Compact 3.5 SP2 ENU (HKLM-x32\...\{112C23F2-C036-4D40-BED4-0CB47BF5555C}) (Version: 4.0.8080.0 - Microsoft Corporation) VLC media player (HKLM-x32\...\VLC media player) (Version: 2.1.5 - VideoLAN) Winamp (HKLM-x32\...\Winamp) (Version: 5.623 - Nullsoft, Inc) Windows Live Sync (HKLM-x32\...\{E580DFEA-3F1D-4B56-9115-984217032FF5}) (Version: 14.0.8117.416 - Microsoft Corporation) ==================== Custom CLSID (selected items): ========================== (If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.) CustomCLSID: HKU\S-1-5-21-4213471207-3847667108-355983222-1000_Classes\CLSID\{0F22A205-CFB0-4679-8499-A6F44A80A208}\InprocServer32 -> C:\Users\ \AppData\Local\Google\Update\1.3.25.5\psuser_64.dll No File CustomCLSID: HKU\S-1-5-21-4213471207-3847667108-355983222-1000_Classes\CLSID\{355EC88A-02E2-4547-9DEE-F87426484BD1}\InprocServer32 -> C:\Users\ \AppData\Local\Google\Update\1.3.23.9\psuser_64.dll No File CustomCLSID: HKU\S-1-5-21-4213471207-3847667108-355983222-1000_Classes\CLSID\{90B3DFBF-AF6A-4EA0-8899-F332194690F8}\InprocServer32 -> C:\Users\ \AppData\Local\Google\Update\1.3.24.15\psuser_64.dll No File CustomCLSID: HKU\S-1-5-21-4213471207-3847667108-355983222-1000_Classes\CLSID\{B6B9DE86-FD76-130D-B96F-E9E887014AFD}\InprocServer32 -> C:\Windows\system32\ole32.dll (Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-4213471207-3847667108-355983222-1000_Classes\CLSID\{D0336C0B-7919-4C04-8CCE-2EBAE2ECE8C9}\InprocServer32 -> C:\Users\ \AppData\Local\Google\Update\1.3.25.11\psuser_64.dll (Google Inc.) CustomCLSID: HKU\S-1-5-21-4213471207-3847667108-355983222-1000_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\ \AppData\Local\Google\Update\1.3.25.11\psuser_64.dll (Google Inc.) CustomCLSID: HKU\S-1-5-21-4213471207-3847667108-355983222-1000_Classes\CLSID\{FE498BAB-CB4C-4F88-AC3F-3641AAAF5E9E}\InprocServer32 -> C:\Users\ \AppData\Local\Google\Update\1.3.24.7\psuser_64.dll No File ==================== Restore Points ========================= 22-01-2015 16:16:15 Zainstalowany program DirectX 22-01-2015 16:20:35 Zainstalowany program DirectX 22-01-2015 16:32:01 Zainstalowany program DirectX 22-01-2015 16:35:33 Zainstalowany program DirectX 22-01-2015 16:39:51 Zainstalowany program DirectX 22-01-2015 22:38:05 Removed Adobe Download Assistant 22-01-2015 22:41:37 Removed Adobe Reader X (10.1.10) - Polish. 22-01-2015 22:45:23 Removed Java 7 Update 67 ==================== Hosts content: ========================== (If needed Hosts: directive could be included in the fixlist to reset Hosts.) 2009-07-14 03:34 - 2015-01-22 22:28 - 00000825 ____A C:\Windows\system32\Drivers\etc\hosts ==================== Scheduled Tasks (whitelisted) ============= (If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.) Task: {008683F7-4355-459F-8E46-0B50F76CDC66} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-4213471207-3847667108-355983222-1000UA1cf7016aa1aa57b => C:\Users\ \AppData\Local\Google\Update\GoogleUpdate.exe [2012-08-06] (Google Inc.) Task: {01E843F4-4DCC-45B0-97CE-502261EDB33D} - System32\Tasks\update-S-1-5-21-4213471207-3847667108-355983222-1000 => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe [2014-03-25] () Task: {13181915-BAD8-45FC-9EEC-2D577934523C} - System32\Tasks\Opera scheduled Autoupdate 1418318732 => C:\Program Files (x86)\Opera\launcher.exe Task: {401E2009-A715-49E4-8B00-FFD97CFF84EB} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-4213471207-3847667108-355983222-1000UA => C:\Users\ \AppData\Local\Facebook\Update\FacebookUpdate.exe [2014-08-20] (Facebook Inc.) Task: {586FACC8-2E34-4B99-9D74-6EAABC0B1C45} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-4213471207-3847667108-355983222-1000Core => C:\Users\ \AppData\Local\Facebook\Update\FacebookUpdate.exe [2014-08-20] (Facebook Inc.) Task: {5D1A8AB8-356C-4796-B949-2A4321B3A38D} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-4213471207-3847667108-355983222-1000Core1cf7016a9a6020e => C:\Users\ \AppData\Local\Google\Update\GoogleUpdate.exe [2012-08-06] (Google Inc.) Task: {7BC85E5C-55A3-4C24-8949-60546C4451C5} - System32\Tasks\Game_Booster_AutoUpdate => C:\Program Files (x86)\IObit\Game Booster 3\AutoUpdate.exe [2014-11-25] () Task: {D142B664-41B8-4DBB-A2D0-86A8D3BFD191} - \BackgroundContainer Startup Task No Task File <==== ATTENTION Task: {DF126CC8-7575-4A43-BD79-45A054E135FA} - System32\Tasks\update-sys => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe [2014-03-25] () Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-4213471207-3847667108-355983222-1000Core.job => C:\Users\ \AppData\Local\Facebook\Update\FacebookUpdate.exe Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-4213471207-3847667108-355983222-1000UA.job => C:\Users\ \AppData\Local\Facebook\Update\FacebookUpdate.exe Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-4213471207-3847667108-355983222-1000Core1cf7016a9a6020e.job => C:\Users\ \AppData\Local\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-4213471207-3847667108-355983222-1000UA1cf7016aa1aa57b.job => C:\Users\ \AppData\Local\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\update-S-1-5-21-4213471207-3847667108-355983222-1000.job => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe Task: C:\Windows\Tasks\update-sys.job => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe ==================== Loaded Modules (whitelisted) ============= 2010-01-02 15:42 - 2010-01-02 15:42 - 00098304 _____ () C:\Program Files (x86)\FileZilla FTP Client\fzshellext_64.dll 2012-05-28 15:54 - 2005-06-07 11:26 - 00043008 _____ () C:\Program Files (x86)\WinRAR\rarext64.dll 2013-09-04 18:21 - 2013-09-04 18:21 - 02112000 _____ () C:\Program Files (x86)\screenSHU\screenSHU.exe 2008-10-23 09:21 - 2008-10-23 09:21 - 00016384 ____R () C:\Program Files (x86)\ATI Technologies\ATI.ACE\Branding\Branding.dll 2012-05-28 15:42 - 2012-05-28 15:42 - 00270336 _____ () C:\Windows\assembly\GAC_MSIL\CLI.Aspect.CrossDisplay.Graphics.Dashboard\1.0.0.0__90ba9c70f846762e\CLI.Aspect.CrossDisplay.Graphics.Dashboard.dll ==================== Alternate Data Streams (whitelisted) ========= (If an entry is included in the fixlist, only the Alternate Data Streams will be removed.) ==================== Safe Mode (whitelisted) =================== (If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.) ==================== EXE Association (whitelisted) ============= (If an entry is included in the fixlist, the default will be restored. None default entries will be removed.) ==================== MSCONFIG/TASK MANAGER disabled items ========= (Currently there is no automatic fix for this section.) MSCONFIG\startupreg: BlueStacks Agent => C:\Program Files (x86)\BlueStacks\HD-Agent.exe MSCONFIG\startupreg: Gadu-Gadu 10 => "C:\Program Files (x86)\Gadu-Gadu 10\gg.exe" MSCONFIG\startupreg: Google Update => "C:\Users\ \AppData\Local\Google\Update\GoogleUpdate.exe" /c MSCONFIG\startupreg: HDDtoGOLaunch => C:\Users\ \AppData\Roaming\CoSoSys\HDDtoGO\HDDtoGOLaunch.exe MSCONFIG\startupreg: LightShot => C:\Users\ \AppData\Local\Skillbrains\lightshot\Lightshot.exe MSCONFIG\startupreg: ManyCam => "C:\Program Files (x86)\ManyCam\Bin\ManyCam.exe" /silent MSCONFIG\startupreg: SmartAudio => C:\Program Files\CONEXANT\SAII\SAIICpl.exe /t ========================= Accounts: ========================== Administrator (S-1-5-21-4213471207-3847667108-355983222-500 - Administrator - Disabled) Gość (S-1-5-21-4213471207-3847667108-355983222-501 - Limited - Disabled) HomeGroupUser$ (S-1-5-21-4213471207-3847667108-355983222-1002 - Limited - Enabled)   (S-1-5-21-4213471207-3847667108-355983222-1000 - Administrator - Enabled) => C:\Users\  ==================== Faulty Device Manager Devices ============= Name: HP LaserJet Professional P1102w Description: HP LaserJet Professional P1102w Class Guid: {4d36e971-e325-11ce-bfc1-08002be10318} Manufacturer: Hewlett-Packard Service: Problem: : This device is disabled. (Code 22) Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions. Name: Description: Class Guid: Manufacturer: Service: Problem: : The drivers for this device are not installed. (Code 28) Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard. ==================== Event log errors: ========================= Application errors: ================== Error: (01/23/2015 00:58:56 PM) (Source: FSecure-FSecure-F-Secure DeepGuard) (EventID: 103) (User: ) Description: 1 2015-01-23 12:58:56+02:00  -komputer SYSTEM F-Secure DeepGuard Application was blocked. This was determined to be a high-risk application by system control heuristics. Application path: \\?\c:\windows\mod_frst.exe File hash: 4bb423ae4bf7b46ba1cd43c521cf9314c03cf8c4 Error: (01/23/2015 10:06:44 AM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3011) (User: ZARZĄDZANIE NT) Description: Nie można usunąć z pamięci ciągów licznika wydajności dla usługi WmiApRpl (WmiApRpl). Pierwszy wpis DWORD w sekcji danych (Data) zawiera kod błędu. Error: (01/23/2015 10:06:44 AM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3012) (User: ZARZĄDZANIE NT) Description: Ciągi wydajności w wartości rejestru wydajności są uszkodzone, kiedy proces wykonuje następującą operację na dostawcy licznika rozszerzeń: Performance. Wartość BaseIndex z rejestru wydajności to pierwszy wpis DWORD w sekcji danych Data, wartość LastCounter to drugi wpis DWORD, a wartość LastHelp to trzeci wpis DWORD w sekcji Data. Error: (01/23/2015 10:06:44 AM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3012) (User: ZARZĄDZANIE NT) Description: Ciągi wydajności w wartości rejestru wydajności są uszkodzone, kiedy proces wykonuje następującą operację na dostawcy licznika rozszerzeń: Performance. Wartość BaseIndex z rejestru wydajności to pierwszy wpis DWORD w sekcji danych Data, wartość LastCounter to drugi wpis DWORD, a wartość LastHelp to trzeci wpis DWORD w sekcji Data. Error: (01/23/2015 10:01:10 AM) (Source: BstHdAndroidSvc) (EventID: 0) (User: ) Description: Nie można uruchomić usługi. System.ApplicationException: Cannot start service. Service did not stop gracefully the last time it was run. w BlueStacks.hyperDroid.Service.Service.OnStart(String[] args) w System.ServiceProcess.ServiceBase.ServiceQueuedMainCallback(Object state) Error: (01/22/2015 05:57:44 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3011) (User: ZARZĄDZANIE NT) Description: Nie można usunąć z pamięci ciągów licznika wydajności dla usługi WmiApRpl (WmiApRpl). Pierwszy wpis DWORD w sekcji danych (Data) zawiera kod błędu. Error: (01/22/2015 05:57:44 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3012) (User: ZARZĄDZANIE NT) Description: Ciągi wydajności w wartości rejestru wydajności są uszkodzone, kiedy proces wykonuje następującą operację na dostawcy licznika rozszerzeń: Performance. Wartość BaseIndex z rejestru wydajności to pierwszy wpis DWORD w sekcji danych Data, wartość LastCounter to drugi wpis DWORD, a wartość LastHelp to trzeci wpis DWORD w sekcji Data. Error: (01/22/2015 05:57:44 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3012) (User: ZARZĄDZANIE NT) Description: Ciągi wydajności w wartości rejestru wydajności są uszkodzone, kiedy proces wykonuje następującą operację na dostawcy licznika rozszerzeń: Performance. Wartość BaseIndex z rejestru wydajności to pierwszy wpis DWORD w sekcji danych Data, wartość LastCounter to drugi wpis DWORD, a wartość LastHelp to trzeci wpis DWORD w sekcji Data. Error: (01/22/2015 05:50:40 PM) (Source: BstHdAndroidSvc) (EventID: 0) (User: ) Description: Nie można uruchomić usługi. System.ApplicationException: Cannot start service. Service did not stop gracefully the last time it was run. w BlueStacks.hyperDroid.Service.Service.OnStart(String[] args) w System.ServiceProcess.ServiceBase.ServiceQueuedMainCallback(Object state) Error: (01/22/2015 00:06:08 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3011) (User: ZARZĄDZANIE NT) Description: Nie można usunąć z pamięci ciągów licznika wydajności dla usługi WmiApRpl (WmiApRpl). Pierwszy wpis DWORD w sekcji danych (Data) zawiera kod błędu. System errors: ============= Error: (01/23/2015 10:01:10 AM) (Source: Service Control Manager) (EventID: 7023) (User: ) Description: Usługa BlueStacks Android Service zakończyła działanie; wystąpił następujący błąd: %%1064 Error: (01/23/2015 10:01:02 AM) (Source: Service Control Manager) (EventID: 7022) (User: ) Description: Usługa BlueStacks Android Service zawiesiła się podczas uruchamiania. Error: (01/22/2015 05:50:40 PM) (Source: Service Control Manager) (EventID: 7023) (User: ) Description: Usługa BlueStacks Android Service zakończyła działanie; wystąpił następujący błąd: %%1064 Error: (01/22/2015 11:05:25 AM) (Source: Service Control Manager) (EventID: 7023) (User: ) Description: Usługa BlueStacks Android Service zakończyła działanie; wystąpił następujący błąd: %%1064 Error: (01/21/2015 10:30:54 PM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: Usługa Autokonfiguracja sieci WLAN niespodziewanie zakończyła pracę. Wystąpiło to razy: 1. W przeciągu 120000 milisekund zostanie podjęta następująca czynność korekcyjna: Uruchom usługę ponownie. Error: (01/21/2015 10:30:54 PM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: Usługa Menedżer sesji Menedżera okien pulpitu niespodziewanie zakończyła pracę. Wystąpiło to razy: 1. W przeciągu 120000 milisekund zostanie podjęta następująca czynność korekcyjna: Uruchom usługę ponownie. Error: (01/21/2015 10:30:54 PM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: Usługa Klient śledzenia łączy rozproszonych niespodziewanie zakończyła pracę. Wystąpiło to razy: 1. W przeciągu 120000 milisekund zostanie podjęta następująca czynność korekcyjna: Uruchom usługę ponownie. Error: (01/21/2015 10:30:54 PM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: Usługa Wstępne ładowanie do pamięci niespodziewanie zakończyła pracę. Wystąpiło to razy: 1. W przeciągu 60000 milisekund zostanie podjęta następująca czynność korekcyjna: Uruchom usługę ponownie. Error: (01/21/2015 10:30:54 PM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: Usługa Usługa Asystent zgodności programów niespodziewanie zakończyła pracę. Wystąpiło to razy: 1. W przeciągu 60000 milisekund zostanie podjęta następująca czynność korekcyjna: Uruchom usługę ponownie. Error: (01/21/2015 10:30:54 PM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: Usługa Połączenia sieciowe niespodziewanie zakończyła pracę. Wystąpiło to razy: 1. W przeciągu 100 milisekund zostanie podjęta następująca czynność korekcyjna: Uruchom usługę ponownie. Microsoft Office Sessions: ========================= Error: (08/05/2014 11:37:41 AM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: ) Description: ID: 1, Application Name: Microsoft Office Excel, Application Version: 12.0.6665.5003, Microsoft Office Version: 12.0.6612.1000. This session lasted 4889 seconds with 3420 seconds of active time. This session ended with a crash. Error: (07/04/2014 10:00:48 AM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: ) Description: ID: 1, Application Name: Microsoft Office Excel, Application Version: 12.0.6665.5003, Microsoft Office Version: 12.0.6612.1000. This session lasted 4476 seconds with 3000 seconds of active time. This session ended with a crash. Error: (07/03/2014 01:01:05 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: ) Description: ID: 1, Application Name: Microsoft Office Excel, Application Version: 12.0.6665.5003, Microsoft Office Version: 12.0.6612.1000. This session lasted 8781 seconds with 5280 seconds of active time. This session ended with a crash. Error: (07/03/2014 10:34:37 AM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: ) Description: ID: 1, Application Name: Microsoft Office Excel, Application Version: 12.0.6665.5003, Microsoft Office Version: 12.0.6612.1000. This session lasted 5497 seconds with 2460 seconds of active time. This session ended with a crash. Error: (07/03/2014 09:02:52 AM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: ) Description: ID: 1, Application Name: Microsoft Office Excel, Application Version: 12.0.6665.5003, Microsoft Office Version: 12.0.6612.1000. This session lasted 1217 seconds with 240 seconds of active time. This session ended with a crash. Error: (06/30/2014 05:05:44 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: ) Description: ID: 1, Application Name: Microsoft Office Excel, Application Version: 12.0.6665.5003, Microsoft Office Version: 12.0.6612.1000. This session lasted 1621 seconds with 420 seconds of active time. This session ended with a crash. Error: (06/05/2014 09:57:18 AM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: ) Description: ID: 1, Application Name: Microsoft Office Excel, Application Version: 12.0.6665.5003, Microsoft Office Version: 12.0.6612.1000. This session lasted 137593 seconds with 1020 seconds of active time. This session ended with a crash. Error: (05/19/2014 10:44:39 AM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: ) Description: ID: 1, Application Name: Microsoft Office Excel, Application Version: 12.0.6665.5003, Microsoft Office Version: 12.0.6612.1000. This session lasted 1444 seconds with 300 seconds of active time. This session ended with a crash. Error: (05/15/2014 11:43:47 AM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: ) Description: ID: 1, Application Name: Microsoft Office Excel, Application Version: 12.0.6665.5003, Microsoft Office Version: 12.0.6612.1000. This session lasted 508 seconds with 180 seconds of active time. This session ended with a crash. Error: (05/07/2014 04:32:25 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: ) Description: ID: 1, Application Name: Microsoft Office Excel, Application Version: 12.0.6665.5003, Microsoft Office Version: 12.0.6612.1000. This session lasted 22231 seconds with 4620 seconds of active time. This session ended with a crash. ==================== Memory info =========================== Processor: Intel(R) Pentium(R) CPU P6100 @ 2.00GHz Percentage of memory in use: 47% Total physical RAM: 3948.55 MB Available physical RAM: 2054.8 MB Total Pagefile: 7895.29 MB Available Pagefile: 5449.54 MB Total Virtual: 8192 MB Available Virtual: 8191.86 MB ==================== Drives ================================ Drive c: () (Fixed) (Total:99.9 GB) (Free:26.69 GB) NTFS ==>[Drive with boot components (obtained from BCD)] Drive d: () (Fixed) (Total:198.09 GB) (Free:193.43 GB) NTFS ==================== MBR & Partition Table ================== ======================================================== Disk: 0 (MBR Code: Windows 7 or 8) (Size: 298.1 GB) (Disk ID: 09648143) Partition 1: (Active) - (Size=99.9 GB) - (Type=07 NTFS) Partition 2: (Not Active) - (Size=198.1 GB) - (Type=07 NTFS) ==================== End Of Log ============================