Additional scan result of Farbar Recovery Scan Tool (x64) Version: 15-02-2015 Ran by bart at 2015-02-17 19:49:05 Running from C:\Users\bart\Downloads Boot Mode: Normal ========================================================== ==================== Security Center ======================== (If an entry is included in the fixlist, it will be removed.) AV: AVG Internet Security 2015 (Enabled - Up to date) {0E9420C4-06B3-7FA0-3AB1-6E49CB52ECD9} AV: COMODO Antivirus (Enabled - Up to date) {F0BC89B2-8937-0933-021B-B17D981F2A71} AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: AVG Internet Security 2015 (Enabled - Up to date) {B5F5C120-2089-702E-0001-553BB0D5A664} AS: Comodo Defense+ (Enabled - Up to date) {4BDD6856-AF0D-06BD-38AB-8A0FE39860CC} FW: AVG Internet Security 2015 (Enabled) {36AFA1E1-4CDC-7EF8-11EE-C77C3581ABA2} ==================== Installed Programs ====================== (Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.) µTorrent (HKLM-x32\...\uTorrent) (Version: 3.1.3 - ) Adobe Reader XI (11.0.10) - Polish (HKLM-x32\...\{AC76BA86-7AD7-1045-7B44-AB0000000001}) (Version: 11.0.10 - Adobe Systems Incorporated) AVG 2015 (HKLM\...\AVG) (Version: 2015.0.5645 - AVG Technologies) AVG 2015 (Version: 15.0.4284 - AVG Technologies) Hidden AVG 2015 (Version: 15.0.5645 - AVG Technologies) Hidden COMODO Antivirus (HKLM\...\{68BE8BAB-5375-4C99-9116-1808F5968D40}) (Version: 8.1.0.4426 - COMODO Security Solutions Inc.) DAEMON Tools Lite (HKLM-x32\...\DAEMON Tools Lite) (Version: 4.49.1.0356 - Disc Soft Ltd) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319 (HKLM\...\{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}) (Version: 10.0.30319 - Microsoft Corporation) Mozilla Firefox 35.0.1 (x86 pl) (HKLM-x32\...\Mozilla Firefox 35.0.1 (x86 pl)) (Version: 35.0.1 - Mozilla) Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 31.4.0 - Mozilla) Mozilla Thunderbird 31.4.0 (x86 pl) (HKLM-x32\...\Mozilla Thunderbird 31.4.0 (x86 pl)) (Version: 31.4.0 - Mozilla) NVIDIA Sterownik dźwięku HD 1.3.30.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.30.1 - NVIDIA Corporation) NVIDIA Sterownik graficzny 340.52 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 340.52 - NVIDIA Corporation) Panel sterowania NVIDIA 340.52 (Version: 340.52 - NVIDIA Corporation) Hidden Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies) Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.) WinRAR 5.20 (64-bitowy) (HKLM\...\WinRAR archiver) (Version: 5.20.0 - win.rar GmbH) ==================== Custom CLSID (selected items): ========================== (If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.) ==================== Restore Points ========================= 09-02-2015 20:06:42 Instalacja pakietu sterownika urządzenia: TP-LINK Karty sieciowe 09-02-2015 20:10:55 Windows Update 09-02-2015 20:11:19 Installed AVG 2015 09-02-2015 20:13:02 Windows Update 09-02-2015 20:18:36 Windows Update 09-02-2015 20:36:29 Windows Update 12-02-2015 21:59:52 Instalacja pakietu sterownika urządzenia: DT Soft Ltd Urządzenia systemowe 17-02-2015 18:42:44 Installing COMODO Antivirus 17-02-2015 18:43:25 Instalacja pakietu sterownika urządzenia: COMODO Usługa sieciowa 17-02-2015 18:53:25 Removed GeekBuddy. ==================== Hosts content: ========================== (If needed Hosts: directive could be included in the fixlist to reset Hosts.) 2009-07-14 03:34 - 2009-06-10 22:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts ==================== Scheduled Tasks (whitelisted) ============= (If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.) Task: {10EC7A75-C19C-48F1-8B72-BB9D65AF8FF3} - System32\Tasks\COMODO\COMODO Signature Update {B9D5C6F9-17D2-4917-8BD0-614BAA1C6A59} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe [2015-01-30] (COMODO) Task: {9C3A666D-2C86-4748-88A4-CAB42DEECE14} - System32\Tasks\COMODO\COMODO Cache Builder {0FB77674-7905-4F34-A362-C5A9A26F8CF9} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe [2015-01-30] (COMODO) Task: {B35CE229-52AD-4AB6-86BD-C7C5F9378181} - System32\Tasks\COMODO\COMODO Autostart {D5EFF3B3-E126-4AF6-BCE9-852A72129E10} => C:\Program Files\COMODO\COMODO Internet Security\cistray.exe [2015-01-30] (COMODO) Task: {D6227FA2-B144-42A2-B6F5-E592BD81E826} - System32\Tasks\COMODO\COMODO Scan {F140D794-60B6-4F00-9235-D6457AA25B22} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe [2015-01-30] (COMODO) Task: {E3C3B14D-78FC-4B23-B88F-369DB6295EA6} - System32\Tasks\COMODO\COMODO Update {A6D52E4F-569B-4756-B3D8-DF217313DA85} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe [2015-01-30] (COMODO) ==================== Loaded Modules (whitelisted) ============== 2015-02-09 20:47 - 2014-07-02 19:55 - 00116568 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll 2015-02-15 15:26 - 2015-02-15 15:25 - 142678016 __RSH () C:\ProgramData\nvxasync\cvxasync.exe 2015-02-15 15:25 - 2015-02-15 15:25 - 142678016 __RSH () C:\Users\bart\AppData\Roaming\nvxasync\nvxasync.exe 2013-04-15 17:39 - 2013-04-15 17:39 - 00073424 _____ () C:\Program Files\COMODO\COMODO Internet Security\scanners\smart.cav 2015-02-09 20:56 - 2015-01-23 11:37 - 03925104 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll ==================== Alternate Data Streams (whitelisted) ========= (If an entry is included in the fixlist, only the Alternate Data Streams will be removed.) AlternateDataStreams: C:\Users\bart\Downloads\FRST64.exe:$CmdZnID ==================== Safe Mode (whitelisted) =================== (If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.) ==================== EXE Association (whitelisted) =============== (If an entry is included in the fixlist, the default will be restored. None default entries will be removed.) ==================== Other Areas ============================ (Currently there is no automatic fix for this section.) HKU\S-1-5-21-2725652805-2884153030-3423392268-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\bart\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg DNS Servers: 192.168.1.100 ==================== MSCONFIG/TASK MANAGER disabled items == (Currently there is no automatic fix for this section.) ==================== Accounts: ============================= Administrator (S-1-5-21-2725652805-2884153030-3423392268-500 - Administrator - Disabled) bart (S-1-5-21-2725652805-2884153030-3423392268-1000 - Administrator - Enabled) => C:\Users\bart Gość (S-1-5-21-2725652805-2884153030-3423392268-501 - Limited - Disabled) ==================== Faulty Device Manager Devices ============= ==================== Event log errors: ========================= Application errors: ================== Error: (02/17/2015 07:06:54 PM) (Source: WinMgmt) (EventID: 24) (User: ) Description: CisWmiSELECT * FROM CisStatusChangeCisStatusChange//./root/cis Error: (02/17/2015 07:06:54 PM) (Source: WinMgmt) (EventID: 24) (User: ) Description: CisWmiSELECT * FROM CisNotificationCisNotification//./root/cis Error: (02/17/2015 07:06:54 PM) (Source: WinMgmt) (EventID: 24) (User: ) Description: CisWmiSELECT * FROM FwAlertFwAlert//./root/cis Error: (02/17/2015 07:06:54 PM) (Source: WinMgmt) (EventID: 24) (User: ) Description: CisWmiSELECT * FROM DfAlertDfAlert//./root/cis Error: (02/17/2015 07:06:54 PM) (Source: WinMgmt) (EventID: 24) (User: ) Description: CisWmiSELECT * FROM AvAlertAvAlert//./root/cis Error: (02/17/2015 07:06:54 PM) (Source: WinMgmt) (EventID: 24) (User: ) Description: CisWmiSELECT * FROM CisAlertCisAlert//./root/cis Error: (02/17/2015 07:06:54 PM) (Source: WinMgmt) (EventID: 24) (User: ) Description: CisWmiSELECT * FROM CisEventCisEvent//./root/cis Error: (02/17/2015 07:06:54 PM) (Source: WinMgmt) (EventID: 24) (User: ) Description: SELECT * FROM CisStatusChangeCisStatusChange//./root/cis Error: (02/17/2015 07:06:54 PM) (Source: WinMgmt) (EventID: 24) (User: ) Description: SELECT * FROM CisNotificationCisNotification//./root/cis Error: (02/17/2015 07:06:54 PM) (Source: WinMgmt) (EventID: 24) (User: ) Description: SELECT * FROM FwAlertFwAlert//./root/cis System errors: ============= Error: (02/15/2015 07:24:00 PM) (Source: Service Control Manager) (EventID: 7026) (User: ) Description: Nie można załadować następujących sterowników startu rozruchowego lub systemowego: Avgdiska AVGIDSDriver Avgldx64 discache spldr Wanarpv6 Error: (02/15/2015 07:23:59 PM) (Source: Service Control Manager) (EventID: 7001) (User: ) Description: Usługa AVGIDSAgent zależy od usługi AVGIDSDriver, której nie można uruchomić z powodu następującego błędu: %%31 Error: (02/15/2015 07:21:30 PM) (Source: Service Control Manager) (EventID: 7026) (User: ) Description: Nie można załadować następujących sterowników startu rozruchowego lub systemowego: AFD Avgdiska Avgfwfd AVGIDSDriver Avgldx64 Avgtdia DfsC discache NetBIOS NetBT nsiproxy Psched rdbss spldr tdx vwififlt Wanarpv6 WfpLwf Error: (02/15/2015 07:21:30 PM) (Source: Service Control Manager) (EventID: 7001) (User: ) Description: Usługa Rozpoznawanie lokalizacji w sieci zależy od usługi Usługa interfejsu magazynu sieciowego, której nie można uruchomić z powodu następującego błędu: %%1068 Error: (02/15/2015 07:21:30 PM) (Source: Service Control Manager) (EventID: 7001) (User: ) Description: Usługa Minireadresator SMB 2.0 zależy od usługi Otoka i aparat minireadresatora SMB, której nie można uruchomić z powodu następującego błędu: %%1068 Error: (02/15/2015 07:21:30 PM) (Source: Service Control Manager) (EventID: 7001) (User: ) Description: Usługa Minireadresator SMB 1.x zależy od usługi Otoka i aparat minireadresatora SMB, której nie można uruchomić z powodu następującego błędu: %%1068 Error: (02/15/2015 07:21:30 PM) (Source: Service Control Manager) (EventID: 7001) (User: ) Description: Usługa Otoka i aparat minireadresatora SMB zależy od usługi Podsystem buforowania przekierowywanych danych, której nie można uruchomić z powodu następującego błędu: %%31 Error: (02/15/2015 07:21:30 PM) (Source: Service Control Manager) (EventID: 7001) (User: ) Description: Usługa Pomoc IP zależy od usługi Usługa interfejsu magazynu sieciowego, której nie można uruchomić z powodu następującego błędu: %%1068 Error: (02/15/2015 07:21:30 PM) (Source: Service Control Manager) (EventID: 7001) (User: ) Description: Usługa AVGIDSAgent zależy od usługi AVGIDSDriver, której nie można uruchomić z powodu następującego błędu: %%31 Error: (02/15/2015 07:21:30 PM) (Source: Service Control Manager) (EventID: 7001) (User: ) Description: Usługa Stacja robocza zależy od usługi Usługa interfejsu magazynu sieciowego, której nie można uruchomić z powodu następującego błędu: %%1068 Microsoft Office Sessions: ========================= Error: (02/17/2015 07:06:54 PM) (Source: WinMgmt) (EventID: 24) (User: ) Description: CisWmiSELECT * FROM CisStatusChangeCisStatusChange//./root/cis Error: (02/17/2015 07:06:54 PM) (Source: WinMgmt) (EventID: 24) (User: ) Description: CisWmiSELECT * FROM CisNotificationCisNotification//./root/cis Error: (02/17/2015 07:06:54 PM) (Source: WinMgmt) (EventID: 24) (User: ) Description: CisWmiSELECT * FROM FwAlertFwAlert//./root/cis Error: (02/17/2015 07:06:54 PM) (Source: WinMgmt) (EventID: 24) (User: ) Description: CisWmiSELECT * FROM DfAlertDfAlert//./root/cis Error: (02/17/2015 07:06:54 PM) (Source: WinMgmt) (EventID: 24) (User: ) Description: CisWmiSELECT * FROM AvAlertAvAlert//./root/cis Error: (02/17/2015 07:06:54 PM) (Source: WinMgmt) (EventID: 24) (User: ) Description: CisWmiSELECT * FROM CisAlertCisAlert//./root/cis Error: (02/17/2015 07:06:54 PM) (Source: WinMgmt) (EventID: 24) (User: ) Description: CisWmiSELECT * FROM CisEventCisEvent//./root/cis Error: (02/17/2015 07:06:54 PM) (Source: WinMgmt) (EventID: 24) (User: ) Description: SELECT * FROM CisStatusChangeCisStatusChange//./root/cis Error: (02/17/2015 07:06:54 PM) (Source: WinMgmt) (EventID: 24) (User: ) Description: SELECT * FROM CisNotificationCisNotification//./root/cis Error: (02/17/2015 07:06:54 PM) (Source: WinMgmt) (EventID: 24) (User: ) Description: SELECT * FROM FwAlertFwAlert//./root/cis ==================== Memory info =========================== Processor: Intel(R) Core(TM)2 Quad CPU Q8300 @ 2.50GHz Percentage of memory in use: 49% Total physical RAM: 4094.49 MB Available physical RAM: 2070.26 MB Total Pagefile: 8187.13 MB Available Pagefile: 5418.94 MB Total Virtual: 8192 MB Available Virtual: 8191.8 MB ==================== Drives ================================ Drive c: () (Fixed) (Total:117.09 GB) (Free:89.65 GB) NTFS Drive d: (Dysk D) (Fixed) (Total:195.31 GB) (Free:49.5 GB) NTFS Drive e: (Dysk E) (Fixed) (Total:153.26 GB) (Free:101.44 GB) NTFS Drive g: (20130411_0057) (CDROM) (Total:3.06 GB) (Free:0 GB) CDFS ==================== MBR & Partition Table ================== ======================================================== Disk: 0 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: 352DDEAC) Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS) Partition 2: (Not Active) - (Size=117.1 GB) - (Type=07 NTFS) Partition 3: (Not Active) - (Size=195.3 GB) - (Type=07 NTFS) Partition 4: (Not Active) - (Size=153.3 GB) - (Type=07 NTFS) ==================== End Of Log ============================