Additional scan result of Farbar Recovery Scan Tool (x64) Version: 19-01-2015 Ran by user at 2015-01-23 19:17:01 Running from C:\Users\user\Desktop Boot Mode: Normal ========================================================== ==================== Security Center ======================== (If an entry is included in the fixlist, it will be removed.) AV: ESET NOD32 Antivirus 6.0 (Enabled - Up to date) {77DEAFED-8149-104B-25A1-21771CA47CD1} AS: ESET NOD32 Antivirus 6.0 (Enabled - Up to date) {CCBF4E09-A773-1FC5-1F11-1A056723366C} AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} ==================== Installed Programs ====================== (Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.) Adobe Flash Player 16 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 16.0.0.257 - Adobe Systems Incorporated) Adobe Reader 9.5.5 (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-A95000000001}) (Version: 9.5.5 - Adobe Systems Incorporated) ALLPlayer V5.X (HKLM-x32\...\ALLPlayer_is1) (Version: - ALLPlayer Group, Ltd.) AMD Catalyst Install Manager (HKLM\...\{32689ED1-3C18-98A3-DA37-3053F76699FA}) (Version: 3.0.859.0 - Advanced Micro Devices, Inc.) Audacity 2.0.4 (HKLM-x32\...\Audacity_is1) (Version: 2.0.4 - Audacity Team) Camera Recorder (HKLM-x32\...\{3BDDA587-7CDE-430C-90A4-E2C4E48D3AE9}) (Version: 1.0.909.0801 - Camera Recorder) CCleaner (HKLM\...\CCleaner) (Version: 4.03 - Piriform) Cisco EAP-FAST Module (HKLM-x32\...\{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}) (Version: 2.2.14 - Cisco Systems, Inc.) Cisco LEAP Module (HKLM-x32\...\{51C7AD07-C3F6-4635-8E8A-231306D810FE}) (Version: 1.0.19 - Cisco Systems, Inc.) Cisco PEAP Module (HKLM-x32\...\{ED5776D5-59B4-46B7-AF81-5F2D94D7C640}) (Version: 1.1.6 - Cisco Systems, Inc.) CommView for WiFi (HKLM-x32\...\{CDED9EF0-D072-11DF-2EA6-0104A00B0BB3}) (Version: 7.0 - TamoSoft) ESET NOD32 Antivirus (HKLM\...\{79B9DBC2-2B97-4C99-AEE3-D9CEF521B60D}) (Version: 6.0.316.1 - ESET, spol s r. o.) ETDWare PS/2-X64 8.0.5.4_WHQL (HKLM\...\Elantech) (Version: 8.0.5.4 - ELAN Microelectronic Corp.) Ethereal 0.99.0 (HKLM-x32\...\Ethereal) (Version: 0.99.0 - The Ethereal developer community, http://www.ethereal.com) Free Download Manager 3.9.4 (HKLM-x32\...\Free Download Manager_is1) (Version: - FreeDownloadManager.ORG) HWiNFO64 Version 4.48 (HKLM\...\HWiNFO64_is1) (Version: 4.48 - Martin Malík - REALiX) K-Lite Codec Pack 10.8.0 Full (HKLM-x32\...\KLiteCodecPack_is1) (Version: 10.8.0 - ) Malwarebytes Anti-Malware wersja 2.0.4.1028 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.4.1028 - Malwarebytes Corporation) Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation) Microsoft Office Enterprise 2007 (HKLM-x32\...\ENTERPRISE) (Version: 12.0.4518.1014 - Microsoft Corporation) Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319 (HKLM\...\{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}) (Version: 10.0.30319 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319 (HKLM-x32\...\{196BB40D-1578-3D01-B289-BEFC77A11A1E}) (Version: 10.0.30319 - Microsoft Corporation) Mozilla Firefox 35.0 (x86 pl) (HKLM-x32\...\Mozilla Firefox 35.0 (x86 pl)) (Version: 35.0 - Mozilla) Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 32.0.1 - Mozilla) MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation) MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation) MyFreeCodec (HKU\S-1-5-21-1512879373-3691502714-2910520631-1000\...\MyFreeCodec) (Version: - ) Notepad++ (HKLM-x32\...\Notepad++) (Version: 6.6.9 - Notepad++ Team) Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.32.1111.2010 - Realtek) Realtek HDMI Audio Driver for ATI (HKLM-x32\...\{5449FB4F-1802-4D5B-A6D8-087DB1142147}) (Version: 6.0.1.6121 - Realtek Semiconductor Corp.) Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6267 - Realtek Semiconductor Corp.) Realtek USB 2.0 Reader Driver (HKLM-x32\...\{62BBB2F0-E220-4821-A564-730807D2C34D}) (Version: 6.1.7600.10010 - Realtek Semiconductor Corp.) REALTEK Wireless LAN Driver (HKLM-x32\...\{9D3D8C60-A55F-4123-B2B9-173F09590E16}) (Version: 1.00.0175 - REALTEK Semiconductor Corp.) Renesas Electronics USB 3.0 Host Controller Driver (HKLM-x32\...\InstallShield_{5442DAB8-7177-49E1-8B22-09A049EA5996}) (Version: 2.1.16.0 - Renesas Electronics Corporation) Renesas Electronics USB 3.0 Host Controller Driver (x32 Version: 2.1.16.0 - Renesas Electronics Corporation) Hidden Samsung Mobile phone USB driver Drive Software (HKLM\...\Samsung Mobile phone USB driver Drive) (Version: - ) SAMSUNG Mobile USB Modem 1.0 Software (HKLM\...\SAMSUNG Mobile USB Modem 1.0) (Version: - ) SAMSUNG Mobile USB Modem Software (HKLM\...\SAMSUNG Mobile USB Modem) (Version: - ) Samsung New PC Studio (HKLM-x32\...\InstallShield_{F193FC0E-9E18-40FC-A974-509A1BDD240A}) (Version: 1.00.0000 - Samsung Electronics Co., Ltd.) Samsung New PC Studio (x32 Version: 1.00.0000 - Samsung Electronics Co., Ltd.) Hidden Samsung PC Studio 3 (HKLM-x32\...\{C4A4722E-79F9-417C-BD72-8D359A090C97}) (Version: 3.2.1.71009 - Samsung Electronics Co., Ltd.) Samsung PC Studio 3 (x32 Version: 3.0.0.71009 - Samsung Electronics Co., Ltd.) Hidden SAMSUNG USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.45.0 - SAMSUNG Electronics Co., Ltd.) S-Bar (HKLM-x32\...\{E0194090-D359-446E-AEAE-D3CEDD46E48E}) (Version: 20.011.07112 - MSI) WinRAR archiver (HKLM-x32\...\WinRAR archiver) (Version: - ) ==================== Custom CLSID (selected items): ========================== (If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.) CustomCLSID: HKU\S-1-5-21-1512879373-3691502714-2910520631-1000_Classes\CLSID\{6d4c2238-c1b9-5d67-81d8-2cf6949997db}\InprocServer32 -> C:\EagleGet\npEagleget64.dll No File ==================== Restore Points ========================= 07-01-2015 01:53:34 Windows Update 11-01-2015 01:19:42 Windows Update 12-01-2015 04:53:30 Installed Mystery Case Files - Ravenhearst 12-01-2015 05:01:31 Installed Mystery Case Files - Ravenhearst 12-01-2015 11:10:14 Installed inSSIDer 4 13-01-2015 02:03:07 Removed inSSIDer 4 13-01-2015 08:57:58 Instalacja pakietu sterownika urządzenia: TamoSoft Usługa sieciowa 13-01-2015 22:29:05 Installed Mystery Case Files - Escape from Ravenhearst Collectors Edition 13-01-2015 22:37:14 Zainstalowany program DirectX 14-01-2015 05:33:31 Windows Update 14-01-2015 07:25:08 Windows Update 17-01-2015 07:18:06 Windows Update 20-01-2015 04:41:44 Removed Mystery Case Files - Huntsville 20-01-2015 04:43:07 Removed Mystery Case Files 2 - Prime Suspects 20-01-2015 04:46:04 Removed Mystery Case Files - Ravenhearst 20-01-2015 19:05:44 Windows Update 21-01-2015 07:13:21 Removed Mystery Case Files - Escape from Ravenhearst Collectors Edition 21-01-2015 18:57:04 Removed Samsung Kies ==================== Hosts content: ========================== (If needed Hosts: directive could be included in the fixlist to reset Hosts.) 2009-07-14 03:34 - 2009-06-10 22:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts ==================== Scheduled Tasks (whitelisted) ============= (If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.) Task: {22D2738C-99E7-4834-92D6-D1A06DA9789C} - System32\Tasks\CCleanerSkipUAC => C:\CCleaner\CCleaner.exe [2013-06-19] (Piriform Ltd) Task: {4A279B5B-3EC5-499D-8E32-35C04E1932E8} - System32\Tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-1512879373-3691502714-2910520631-1000 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe Task: {6E948332-1D07-4A44-815E-5616C17182ED} - System32\Tasks\CommView for WiFi Update => D:\CommViewWiFi\Updater.exe [2014-04-15] (TamoSoft) Task: {8BFF8F41-EA0B-4AEE-AEFE-4A7DD12CCB90} - System32\Tasks\RealDownloaderRealUpgradeLogonTaskS-1-5-21-1512879373-3691502714-2910520631-1000 => C:\Program Files (x86)\RealNetworks\RealDownloader\realupgrade.exe Task: {ACD377C1-6AD0-4B9E-B308-CC57DB5A74FF} - System32\Tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-1512879373-3691502714-2910520631-1000 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe Task: {B2D6B6C2-44F4-4370-A98D-35B82A02CA6C} - System32\Tasks\RealDownloaderDownloaderScheduledTaskS-1-5-21-1512879373-3691502714-2910520631-1000 => C:\Program Files (x86)\RealNetworks\RealDownloader\recordingmanager.exe Task: {C7329AF5-A04F-4964-9B35-A1E2E1111B36} - System32\Tasks\{F8089686-DF1C-40C6-926D-89C94E3EDE5F} => pcalua.exe -a E:\Install\setup.exe -d E:\Install Task: {C9346CEC-559E-459A-8D7D-C86C28F57511} - System32\Tasks\RealDownloaderRealUpgradeScheduledTaskS-1-5-21-1512879373-3691502714-2910520631-1000 => C:\Program Files (x86)\RealNetworks\RealDownloader\realupgrade.exe Task: {CCF2A86D-EF4E-408B-B913-CFD1721E5421} - System32\Tasks\{CCE306F3-8B64-433D-A7F0-991182A05D18} => pcalua.exe -a C:\Windows\SysWOW64\Samsung_USB_Drivers\5\SSSDUninstall.exe ==================== Loaded Modules (whitelisted) ============= 2005-06-07 10:26 - 2005-06-07 10:26 - 00043008 _____ () C:\Program Files (x86)\WinRAR 3.61 Multi\rarext64.dll 2014-05-12 10:49 - 2014-05-12 10:49 - 00222720 _____ () C:\Notepad++\NppShell_06.dll 2011-12-05 21:15 - 2011-12-05 21:15 - 00073728 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Container.Wlan.dll 2011-12-05 21:15 - 2011-12-05 21:15 - 00103424 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Proxy.Native.dll 2011-11-09 08:55 - 2011-11-09 08:55 - 00016384 _____ () C:\Program Files (x86)\ATI Technologies\ATI.ACE\Branding\Branding.dll 2011-12-05 21:10 - 2011-12-05 21:10 - 00369152 _____ () C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.CrossDisplay.Graphics.Dashboard.dll 2015-01-20 19:44 - 2015-01-09 10:05 - 03925104 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll 2014-11-21 19:05 - 2014-07-09 07:04 - 00284160 _____ () C:\Free Download Manager\Firefox\Extension\components\vmsfdmff30.dll 2014-11-21 19:05 - 2014-11-13 11:48 - 00106496 _____ () C:\Free Download Manager\fdmumsp.dll 2015-01-20 19:46 - 2015-01-20 19:56 - 16844464 _____ () C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_16_0_0_257.dll ==================== Alternate Data Streams (whitelisted) ========= (If an entry is included in the fixlist, only the Alternate Data Streams will be removed.) ==================== Safe Mode (whitelisted) =================== (If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.) ==================== EXE Association (whitelisted) ============= (If an entry is included in the fixlist, the default will be restored. None default entries will be removed.) ==================== MSCONFIG/TASK MANAGER disabled items ========= (Currently there is no automatic fix for this section.) MSCONFIG\Services: AdobeFlashPlayerUpdateSvc => 3 MSCONFIG\Services: egGetSvc => 2 MSCONFIG\Services: ICM_UpdaterService => 2 MSCONFIG\Services: IDriverT => 3 MSCONFIG\Services: McComponentHostService => 3 MSCONFIG\Services: MozillaMaintenance => 3 MSCONFIG\Services: RealNetworks Downloader Resolver Service => 2 MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^McAfee Security Scan Plus.lnk => C:\Windows\pss\McAfee Security Scan Plus.lnk.CommonStartup MSCONFIG\startupreg: Adobe ARM => "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" MSCONFIG\startupreg: Adobe Reader Speed Launcher => "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe" MSCONFIG\startupreg: ALLUpdate => "C:\ALLPlayer\ALLUpdate.exe" "sleep" MSCONFIG\startupreg: DU Meter => "C:\DU Meter\DUMeter.exe" /autostart MSCONFIG\startupreg: KiesAirMessage => C:\Kies\KiesAirMessage.exe -startup MSCONFIG\startupreg: KiesPreload => C:\Kies\Kies.exe /preload MSCONFIG\startupreg: KiesTrayAgent => C:\Kies\KiesTrayAgent.exe MSCONFIG\startupreg: NUSB3MON => "C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe" MSCONFIG\startupreg: S-Bar => %PROGRAMFILES%\S-Bar\S-Bar.exe MSCONFIG\startupreg: TkBellExe => "C:\RealPlayer\Update\realsched.exe" -osboot ========================= Accounts: ========================== Administrator (S-1-5-21-1512879373-3691502714-2910520631-500 - Administrator - Disabled) Gość (S-1-5-21-1512879373-3691502714-2910520631-501 - Limited - Disabled) HomeGroupUser$ (S-1-5-21-1512879373-3691502714-2910520631-1004 - Limited - Enabled) user (S-1-5-21-1512879373-3691502714-2910520631-1000 - Administrator - Enabled) => C:\Users\user ==================== Faulty Device Manager Devices ============= Name: Unknown Device Description: Unknown Device Class Guid: {36fc9e60-c465-11cf-8056-444553540000} Manufacturer: (Standardowy kontroler hosta USB) Service: Problem: : Windows has stopped this device because it has reported problems. (Code 43) Resolution: One of the drivers controlling the device notified the operating system that the device failed in some manner. For more information about how to diagnose the problem, see the hardware documentation. ==================== Event log errors: ========================= Application errors: ================== Error: (01/22/2015 10:30:43 AM) (Source: Application Hang) (EventID: 1002) (User: ) Description: Program ALLPlayer.exe w wersji 5.9.2.2 zatrzymał interakcję z systemem Windows i został zamknięty. Aby zobaczyć, czy jest dostępnych więcej informacji dotyczących tego problemu, sprawdź historię problemu w panelu sterowania Centrum akcji. Identyfikator procesu: 860 Godzina rozpoczęcia: 01d03625ea41fe36 Godzina zakończenia: 94 Ścieżka aplikacji: C:\ALLPlayer\ALLPlayer.exe Identyfikator raportu: 4d284628-a219-11e4-9832-94dbc9f6d0f8 Error: (01/22/2015 07:14:42 AM) (Source: Application Hang) (EventID: 1002) (User: ) Description: Program ALLPlayer.exe w wersji 5.9.2.2 zatrzymał interakcję z systemem Windows i został zamknięty. Aby zobaczyć, czy jest dostępnych więcej informacji dotyczących tego problemu, sprawdź historię problemu w panelu sterowania Centrum akcji. Identyfikator procesu: 68c Godzina rozpoczęcia: 01d0360a9af24424 Godzina zakończenia: 170 Ścieżka aplikacji: C:\ALLPlayer\ALLPlayer.exe Identyfikator raportu: f147c4ea-a1fd-11e4-a06d-94dbc9f6d0f8 System errors: ============= Error: (01/23/2015 05:53:58 PM) (Source: Service Control Manager) (EventID: 7026) (User: ) Description: Nie można załadować następujących sterowników startu rozruchowego lub systemowego: StarOpen Error: (01/23/2015 05:53:30 PM) (Source: Application Popup) (EventID: 1060) (User: ) Description: Ładowanie sterownika \SystemRoot\SysWow64\Drivers\StarOpen.SYS zostało zablokowane z powodu niezgodności z tym systemem. Skontaktuj się z dostawcą oprogramowania w celu uzyskania zgodnej wersji sterownika. Error: (01/23/2015 05:48:56 PM) (Source: Service Control Manager) (EventID: 7026) (User: ) Description: Nie można załadować następujących sterowników startu rozruchowego lub systemowego: StarOpen Error: (01/23/2015 05:48:30 PM) (Source: Application Popup) (EventID: 1060) (User: ) Description: Ładowanie sterownika \SystemRoot\SysWow64\Drivers\StarOpen.SYS zostało zablokowane z powodu niezgodności z tym systemem. Skontaktuj się z dostawcą oprogramowania w celu uzyskania zgodnej wersji sterownika. Error: (01/23/2015 04:46:28 PM) (Source: Service Control Manager) (EventID: 7026) (User: ) Description: Nie można załadować następujących sterowników startu rozruchowego lub systemowego: StarOpen Error: (01/23/2015 04:46:05 PM) (Source: EventLog) (EventID: 6008) (User: ) Description: Poprzednie zamknięcie systemu przy 16:45:13 na ‎2015-‎01-‎23 było nieoczekiwane. Error: (01/23/2015 04:45:54 PM) (Source: Application Popup) (EventID: 1060) (User: ) Description: Ładowanie sterownika \SystemRoot\SysWow64\Drivers\StarOpen.SYS zostało zablokowane z powodu niezgodności z tym systemem. Skontaktuj się z dostawcą oprogramowania w celu uzyskania zgodnej wersji sterownika. Error: (01/23/2015 04:45:05 PM) (Source: DCOM) (EventID: 10010) (User: ) Description: {76D0CB12-7604-4048-B83C-1005C7DDC503} Error: (01/23/2015 00:37:12 PM) (Source: Service Control Manager) (EventID: 7026) (User: ) Description: Nie można załadować następujących sterowników startu rozruchowego lub systemowego: StarOpen Error: (01/23/2015 00:36:42 PM) (Source: Application Popup) (EventID: 1060) (User: ) Description: Ładowanie sterownika \SystemRoot\SysWow64\Drivers\StarOpen.SYS zostało zablokowane z powodu niezgodności z tym systemem. Skontaktuj się z dostawcą oprogramowania w celu uzyskania zgodnej wersji sterownika. Microsoft Office Sessions: ========================= CodeIntegrity Errors: =================================== Date: 2014-12-12 12:14:39.315 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\EagleGet\eagleGet_x86.sys because the set of per-page image hashes could not be found on the system. Date: 2014-12-12 12:13:07.174 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\EagleGet\eagleGet_x86.sys because the set of per-page image hashes could not be found on the system. ==================== Memory info =========================== Processor: AMD E2-1800 APU with Radeon(tm) HD Graphics Percentage of memory in use: 48% Total physical RAM: 3563.75 MB Available physical RAM: 1845.1 MB Total Pagefile: 7125.68 MB Available Pagefile: 5198.32 MB Total Virtual: 8192 MB Available Virtual: 8191.81 MB ==================== Drives ================================ Drive c: () (Fixed) (Total:201.99 GB) (Free:158.35 GB) NTFS Drive d: () (Fixed) (Total:263.67 GB) (Free:194.62 GB) NTFS ==================== MBR & Partition Table ================== ======================================================== Disk: 0 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: 86C8CB7E) Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS) Partition 2: (Not Active) - (Size=202 GB) - (Type=07 NTFS) Partition 3: (Not Active) - (Size=263.7 GB) - (Type=07 NTFS) ==================== End Of Log ============================