Additional scan result of Farbar Recovery Scan Tool (x64) Version: 09-03-2015 01 Ran by Wojo at 2015-03-10 18:57:08 Running from C:\Users\Wojo\Desktop Boot Mode: Normal ========================================================== ==================== Security Center ======================== (If an entry is included in the fixlist, it will be removed.) AS: Windows Defender (Enabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} ==================== Installed Programs ====================== (Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.) 64 Bit HP CIO Components Installer (Version: 7.2.8 - Hewlett-Packard) Hidden Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 16.0.0.273 - Adobe Systems Incorporated) Adobe Flash Player 16 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 16.0.0.305 - Adobe Systems Incorporated) Adobe Reader XI (11.0.10) - Polish (HKLM-x32\...\{AC76BA86-7AD7-1045-7B44-AB0000000001}) (Version: 11.0.10 - Adobe Systems Incorporated) Adobe Shockwave Player 12.1 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.1.0.150 - Adobe Systems, Inc.) Aktualizacje NVIDIA 11.10.13 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 11.10.13 - NVIDIA Corporation) ASUS Product Register Program (HKLM-x32\...\{C87D79F6-F813-4812-B7A9-CCCAAB8B1188}) (Version: 1.0.020 - ASUSTek Computer Inc.) BufferChm (x32 Version: 140.0.212.000 - Hewlett-Packard) Hidden Cisco Packet Tracer 6.0.1 (HKLM-x32\...\Cisco Packet Tracer 6.0.1_is1) (Version: - Cisco Systems, Inc.) Copy (x32 Version: 140.0.212.000 - Hewlett-Packard) Hidden Counter-Strike: Global Offensive (HKLM-x32\...\Steam App 730) (Version: - Valve) Destinations (x32 Version: 140.0.77.000 - Hewlett-Packard) Hidden DeviceDiscovery (x32 Version: 140.0.212.000 - Hewlett-Packard) Hidden DJ_AIO_06_K209a-z_SW_Min (x32 Version: 140.0.690.000 - Hewlett-Packard) Hidden e-Deklaracje Desktop (HKLM-x32\...\e-Deklaracje.A1909296681C7ACEFE45687D3A64758C8659BF46.1) (Version: 7.0.1 - Ministerstwo Finansow) e-Deklaracje Desktop (x32 Version: 7.0.1 - Ministerstwo Finansow) Hidden Farma 1.0 (HKLM-x32\...\{C6F7E910-05E8-4080-BB64-5848FDFD4B23}_is1) (Version: - PLAY sp. z o.o.) FormatFactory 3.3.5.0 (HKLM-x32\...\FormatFactory) (Version: 3.3.5.0 - Format Factory) GeForce Experience NvStream Client Components (Version: 1.6.28 - NVIDIA Corporation) Hidden GIMP 2.8.14 (HKLM\...\GIMP-2_is1) (Version: 2.8.14 - The GIMP Team) Google Chrome (HKLM-x32\...\Google Chrome) (Version: 40.0.2214.115 - Google Inc.) Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden Google Update Helper (x32 Version: 1.3.26.9 - Google Inc.) Hidden GPBaseService2 (x32 Version: 140.0.211.000 - Hewlett-Packard) Hidden Heroes of Might and Magic III - Złota Edycja (HKLM-x32\...\Heroes of Might and Magic III - Złota Edycja_is1) (Version: - ) HP Customer Participation Program 14.0 (HKLM\...\HPExtendedCapabilities) (Version: 14.0 - HP) HP Deskjet Ink Advant K209a-z All-in-One Driver Software 14.0 Rel. 6 (HKLM\...\{6051912A-F7B8-445C-A99D-81AA4C118836}) (Version: 14.0 - HP) HP Imaging Device Functions 14.0 (HKLM\...\HP Imaging Device Functions) (Version: 14.0 - HP) HP Smart Web Printing 4.60 (HKLM\...\HP Smart Web Printing) (Version: 4.60 - HP) HP Solution Center 14.0 (HKLM\...\HP Solution Center & Imaging Support Tools) (Version: 14.0 - HP) HP Update (HKLM-x32\...\{74DC0593-6BC6-4001-AD5F-D810AFB68D86}) (Version: 5.002.002.002 - Hewlett-Packard) HPPhotoGadget (x32 Version: 140.0.524.000 - Hewlett-Packard) Hidden HPProductAssistant (x32 Version: 140.0.212.000 - Hewlett-Packard) Hidden HPSSupply (x32 Version: 140.0.211.000 - Hewlett-Packard) Hidden Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.5.15.1730 - Intel Corporation) Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 12.8.0.1016 - Intel Corporation) Java 8 Update 31 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218031F0}) (Version: 8.0.310 - Oracle Corporation) K209a-z (x32 Version: 140.0.690.000 - Hewlett-Packard) Hidden kED 2.1.4.0 (HKLM-x32\...\kED_is1) (Version: - ) K-Lite Codec Pack 9.7.0 (Full) (HKLM-x32\...\KLiteCodecPack_is1) (Version: 9.7.0 - ) LibreOffice 4.1.3.2 (HKLM-x32\...\{4F3722AD-197D-4DBB-BDFB-D2F0D6776354}) (Version: 4.1.3.2 - The Document Foundation) Librus Świadectwa 4-6 (HKLM-x32\...\Świadectwa sp N) (Version: - ) Logomocja-Imagine Demo wersja 2.0.0.408 (HKLM-x32\...\Logomocja-Imagine Demo_is1) (Version: - ) Magiczny Świat Anny (HKLM-x32\...\{98BD617E-35F1-4DBE-B9B4-A64BEEAE64EA}_is1) (Version: - Play sp. z o.o.) MarketResearch (x32 Version: 140.0.212.000 - Hewlett-Packard) Hidden Matematyka - Prosto do matury 1 (HKLM-x32\...\Matematyka - Prosto do matury 1) (Version: - ) Microsoft Office Standard Edition 2003 (HKLM-x32\...\{91120415-6000-11D3-8CFE-0150048383C9}) (Version: 11.0.5614.0 - Microsoft Corporation) Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30214.0 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation) Mozilla Firefox 36.0.1 (x86 pl) (HKLM-x32\...\Mozilla Firefox 36.0.1 (x86 pl)) (Version: 36.0.1 - Mozilla) Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 29.0.1 - Mozilla) NVIDIA Oprogramowanie systemu PhysX 9.13.1220 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.13.1220 - NVIDIA Corporation) NVIDIA Sterownik 3D Vision 335.23 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 335.23 - NVIDIA Corporation) NVIDIA Sterownik dźwięku HD 1.3.30.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.30.1 - NVIDIA Corporation) NVIDIA Sterownik graficzny 335.23 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 335.23 - NVIDIA Corporation) NVIDIA Sterownik kontrolera 3D Vision 335.21 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 335.21 - NVIDIA Corporation) NVIDIA Virtual Audio 1.2.20 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_VirtualAudio.Driver) (Version: 1.2.20 - NVIDIA Corporation) Paint XP version 1.0 (HKLM-x32\...\{2367FAB6-055A-4923-835F-F57F7BBBA363}_is1) (Version: 1.0 - MSPAINTXP.COM) Pakiet zgodności dla systemu Office 2007 (HKLM-x32\...\{90120000-0020-0415-0000-0000000FF1CE}) (Version: 12.0.6514.5001 - Microsoft Corporation) Panel sterowania NVIDIA 335.23 (Version: 335.23 - NVIDIA Corporation) Hidden PokerStars.eu (HKLM-x32\...\PokerStars.eu) (Version: - PokerStars.eu) PokerStrategy.com Equilab (HKLM-x32\...\{86D09F48-CDAB-4B4C-8806-F6C16F17935A}) (Version: 1.2.8.0 - PokerStrategy.com) PokerTracker 4 (remove only) (HKLM-x32\...\PokerTracker4) (Version: - ) PostgreSQL 9.0 (HKLM\...\PostgreSQL 9.0) (Version: 9.0 - PostgreSQL Global Development Group) Ralink Wireless LAN Card (HKLM-x32\...\{E91E8912-769D-42F0-8408-0E329443BABC}) (Version: 1.00.01 - RALINK) Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7071 - Realtek Semiconductor Corp.) Registry Trash Keys Finder (Freeware) (HKLM-x32\...\Registry Trash Keys Finder) (Version: 3.9.2.1 - SNC) Scan (x32 Version: 140.0.80.000 - Hewlett-Packard) Hidden Secure Download Manager (HKLM-x32\...\{E040B65B-8683-4228-8C33-D44A141E40EA}) (Version: 3.1.60 - Kivuto Solutions Inc.) SGP Baltie 3 (HKLM-x32\...\SGP Baltie_is1) (Version: - SGP Systems, s.r.o.) SGP Baltie 3.0.71.120 (HKLM-x32\...\SGP Baltie 3_is1) (Version: - SGP Systems, s.r.o.) SHIELD Streaming (Version: 1.7.321 - NVIDIA Corporation) Hidden Shop for HP Supplies (HKLM\...\Shop for HP Supplies) (Version: 14.0 - HP) SitNGo Wizard (HKLM-x32\...\SitNGoWizard) (Version: - In The Money LLC) Skype Click to Call (HKLM-x32\...\{6D1221A9-17BF-4EC0-81F2-27D30EC30701}) (Version: 7.3.16540.9015 - Microsoft Corporation) Skype™ 7.0 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.0.102 - Skype Technologies S.A.) SmartWebPrinting (x32 Version: 140.0.186.000 - Hewlett-Packard) Hidden SolutionCenter (x32 Version: 140.0.213.000 - Hewlett-Packard) Hidden Status (x32 Version: 140.0.212.000 - Hewlett-Packard) Hidden Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation) swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden Syrenka na Ślubnym Kobiercu (HKLM-x32\...\{04D296A9-236A-4CE0-BA7B-54275340FA32}_is1) (Version: - Play sp. z o.o.) Tony Hawk's Pro Skater 3® (HKLM-x32\...\Tony Hawk's Pro Skater 3®) (Version: 1.0 - Activision Publishing, Inc.) Toolbox (x32 Version: 140.0.428.000 - Hewlett-Packard) Hidden TrayApp (x32 Version: 140.0.212.000 - Hewlett-Packard) Hidden Ventrilo (HKLM-x32\...\{789289CA-F73A-4A16-A331-54D498CE069F}) (Version: 2.1.4 - Flagship Industries, Inc.) WebEx Recorder and Player (HKLM-x32\...\{159C13FA-82AF-4DD9-8BC9-5EA368613A20}) (Version: 3.17.2100 - Cisco WebEx LLC) WebReg (x32 Version: 140.0.212.017 - Hewlett-Packard) Hidden Winamp (HKLM-x32\...\Winamp) (Version: 5.63 - Nullsoft, Inc) WinRAR 5.11 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.11.0 - win.rar GmbH) Wtyczka e-Deklaracje (HKLM-x32\...\{81BF6353-3C5B-4E6E-A566-7E162A00BF72}_is1) (Version: 4.0.0 - Ministerstwo Finansów) ==================== Custom CLSID (selected items): ========================== (If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.) ==================== Restore Points ========================= 03-02-2015 17:00:28 Kopia zapasowa systemu Windows 03-02-2015 19:59:25 Zainstalowany program DirectX 04-02-2015 17:00:32 Kopia zapasowa systemu Windows 05-02-2015 17:00:31 Kopia zapasowa systemu Windows 06-02-2015 17:00:30 Kopia zapasowa systemu Windows 07-02-2015 17:00:38 Kopia zapasowa systemu Windows 07-02-2015 20:03:44 Zainstalowano: Windows XP Mode 08-02-2015 11:53:29 Usunięto: Windows XP Mode 08-02-2015 17:00:18 Kopia zapasowa systemu Windows 09-02-2015 17:00:38 Kopia zapasowa systemu Windows 10-02-2015 17:00:32 Kopia zapasowa systemu Windows 10-02-2015 20:59:26 Usunięto: Microsoft Visual C++ 2005 Redistributable 10-02-2015 21:06:48 Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 10-02-2015 21:08:07 Removed League of Legends 10-02-2015 21:15:38 Zainstalowany program DirectX 11-02-2015 14:59:00 Zainstalowany program DirectX 11-02-2015 17:00:18 Kopia zapasowa systemu Windows 12-02-2015 17:00:33 Kopia zapasowa systemu Windows 13-02-2015 17:00:30 Kopia zapasowa systemu Windows 14-02-2015 17:00:32 Kopia zapasowa systemu Windows 15-02-2015 17:00:34 Kopia zapasowa systemu Windows 16-02-2015 17:00:33 Kopia zapasowa systemu Windows 17-02-2015 17:00:37 Kopia zapasowa systemu Windows 18-02-2015 17:00:54 Kopia zapasowa systemu Windows 19-02-2015 17:00:38 Kopia zapasowa systemu Windows 20-02-2015 17:00:30 Kopia zapasowa systemu Windows 21-02-2015 12:49:10 avast! antivirus system restore point 21-02-2015 17:00:28 Kopia zapasowa systemu Windows 22-02-2015 17:00:35 Kopia zapasowa systemu Windows 23-02-2015 17:00:30 Kopia zapasowa systemu Windows 24-02-2015 17:00:32 Kopia zapasowa systemu Windows 25-02-2015 17:00:32 Kopia zapasowa systemu Windows 26-02-2015 17:00:27 Kopia zapasowa systemu Windows 27-02-2015 18:09:02 Kopia zapasowa systemu Windows 28-02-2015 17:00:28 Kopia zapasowa systemu Windows 01-03-2015 17:00:28 Kopia zapasowa systemu Windows 02-03-2015 18:19:00 Kopia zapasowa systemu Windows 03-03-2015 17:00:31 Kopia zapasowa systemu Windows 04-03-2015 17:00:31 Kopia zapasowa systemu Windows 05-03-2015 17:00:25 Kopia zapasowa systemu Windows 06-03-2015 17:00:28 Kopia zapasowa systemu Windows 07-03-2015 17:00:29 Kopia zapasowa systemu Windows 08-03-2015 17:00:26 Kopia zapasowa systemu Windows 09-03-2015 17:00:29 Kopia zapasowa systemu Windows 10-03-2015 18:04:04 Kopia zapasowa systemu Windows ==================== Hosts content: ========================== (If needed Hosts: directive could be included in the fixlist to reset Hosts.) 2009-07-14 03:34 - 2014-05-02 20:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts ==================== Scheduled Tasks (whitelisted) ============= (If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.) Task: {076D3CB0-BA6C-4D86-B83C-3CF4677E44DA} - System32\Tasks\{02057694-B25B-4A82-B7C9-0993CD20627C} => pcalua.exe -a C:\Users\Wojo\AppData\Roaming\mystartsearch\UninstallManager.exe -c -ptid=smt Task: {0C80640C-2055-4700-AB6A-01C5A4C77B76} - System32\Tasks\{E0DD9E21-2D5E-430A-A990-6BCDC33B2F4B} => C:\Users\Wojo\Desktop\CrackNocdUnsecHun.exe Task: {2AB44FEB-1C6C-46E9-B906-CD47FFAE9479} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-03-20] (Google Inc.) Task: {416059A3-FAD3-4064-B72F-B44DCBAD20EC} - System32\Tasks\avastBCLRestartS-1-5-21-2981973968-1908128720-872019283-1002 => Firefox.exe Task: {424F7718-3CF2-4B76-8CC8-7B4D4A483505} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2014-12-19] (Adobe Systems Incorporated) Task: {6BB027D4-389B-4529-A796-2BEF6E8362BA} - System32\Tasks\{4177AF11-3D01-4655-B923-7C4D3887E1EB} => C:\Users\Wojo\Desktop\CrackNocdUnsecHun.exe Task: {6BB1452A-D4CA-426B-B239-9E9C74AA9B1B} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-02-05] (Adobe Systems Incorporated) Task: {6EE8C266-BC53-48C1-B904-7FE4D94971C6} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-03-20] (Google Inc.) Task: {8243F872-5261-4F25-80FE-A0BCD26CCF59} - System32\Tasks\{C6E85C4A-E021-4552-BA85-C84C11D2335A} => C:\Users\Wojo\Desktop\CrackNocdUnsecHun.exe Task: {9C907D5D-69D1-4693-8AF1-780CD16FCFB6} - System32\Tasks\Games\UpdateCheck_S-1-5-21-2981973968-1908128720-872019283-1000 Task: {A1382A9C-C2BC-4544-ABEF-275A19A1D61E} - System32\Tasks\{3F91A4DE-A051-406E-A86A-319EA89032B9} => C:\Users\Wojo\Desktop\CrackNocdUnsecHun.exe Task: {A1493DA2-41DF-4397-A68F-BF38629D82C3} - System32\Tasks\{0AC4FED8-630C-43BA-BB2D-6E4C2CDCC3F5} => pcalua.exe -a C:\Users\Renia\AppData\Roaming\sweet-page\UninstallManager.exe -c -ptid=cor Task: {B701EB1A-7523-48AD-AEA3-CC24B8DD44CD} - System32\Tasks\Games\UpdateCheck_S-1-5-21-2981973968-1908128720-872019283-1003 Task: {C18BCE1C-D6C2-4C66-BDE6-8BA13ADEC40A} - System32\Tasks\Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan => C:\Program Files\Microsoft Security Client\MpCmdRun.exe Task: {D98FF94E-FE7A-4524-9031-0AC86C556B43} - System32\Tasks\{7AB95A84-627C-4531-9396-30D823DDA479} => C:\Users\Wojo\Desktop\CrackNocdUnsecHun.exe Task: {E54CBCA1-D677-4314-A889-91FFDDC22FE6} - System32\Tasks\{8EB6F2BF-D898-4E76-9908-7CCD90D7B6C0} => C:\Users\Wojo\Desktop\CrackNocdUnsecHun.exe Task: {F244BE5A-40AC-4B90-ABD3-15A2436D22FF} - System32\Tasks\ASUS\ASUS Product Register Service => C:\Program Files (x86)\ASUS\APRP\aprp.exe [2013-01-25] (ASUSTek Computer Inc.) Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe ==================== Loaded Modules (whitelisted) ============== 2014-03-21 00:47 - 2014-03-04 14:05 - 00116056 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll 2014-03-20 23:38 - 2013-05-07 08:45 - 00936728 _____ () C:\Program Files (x86)\ASUS\AXSP\1.01.02\atkexComSvc.exe 2014-03-29 14:37 - 2012-09-21 08:55 - 00217600 _____ () C:\Program Files\PostgreSQL\9.0\bin\LIBPQ.dll 2014-03-29 14:38 - 2012-08-14 13:02 - 02258432 _____ () C:\Program Files\PostgreSQL\9.0\bin\libxml2.dll 2014-03-20 23:38 - 2015-03-10 18:52 - 00026112 _____ () C:\Program Files (x86)\ASUS\AXSP\1.01.02\PEbiosinterface32.dll 2014-03-20 23:38 - 2013-05-07 08:45 - 00104448 _____ () C:\Program Files (x86)\ASUS\AXSP\1.01.02\ATKEX.dll 2014-03-20 23:48 - 2013-09-16 12:17 - 01242584 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll ==================== Alternate Data Streams (whitelisted) ========= (If an entry is included in the fixlist, only the Alternate Data Streams will be removed.) AlternateDataStreams: C:\ProgramData\TEMP:56E2E879 ==================== Safe Mode (whitelisted) =================== (If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.) HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\81520793.sys => ""="Driver" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\81520793.sys => ""="Driver" ==================== EXE Association (whitelisted) =============== (If an entry is included in the fixlist, the default will be restored. None default entries will be removed.) ==================== Other Areas ============================ (Currently there is no automatic fix for this section.) HKU\S-1-5-21-2981973968-1908128720-872019283-1002\Control Panel\Desktop\\Wallpaper -> C:\Users\Wojo\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg DNS Servers: 192.168.1.1 ==================== MSCONFIG/TASK MANAGER disabled items == (Currently there is no automatic fix for this section.) ==================== Accounts: ============================= Administrator (S-1-5-21-2981973968-1908128720-872019283-500 - Administrator - Disabled) ASIA (S-1-5-21-2981973968-1908128720-872019283-1005 - Limited - Enabled) => C:\Users\ASIA Gość (S-1-5-21-2981973968-1908128720-872019283-501 - Limited - Disabled) HomeGroupUser$ (S-1-5-21-2981973968-1908128720-872019283-1013 - Limited - Enabled) postgres (S-1-5-21-2981973968-1908128720-872019283-1007 - Limited - Enabled) => C:\Users\postgres Renia (S-1-5-21-2981973968-1908128720-872019283-1003 - Administrator - Enabled) => C:\Users\Renia user (S-1-5-21-2981973968-1908128720-872019283-1000 - Administrator - Enabled) => C:\Users\user Wojo (S-1-5-21-2981973968-1908128720-872019283-1002 - Administrator - Enabled) => C:\Users\Wojo ==================== Faulty Device Manager Devices ============= Name: Teredo Tunneling Pseudo-Interface Description: Karta tunelowania Teredo firmy Microsoft Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318} Manufacturer: Microsoft Service: tunnel Problem: : This device cannot start. (Code10) Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device. On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard. Name: SPDRIVER_1494.0.0.0 Description: SPDRIVER_1494.0.0.0 Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1} Manufacturer: Service: SPDRIVER_1494.0.0.0 Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24) Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed. Devices stay in this state if they have been prepared for removal. After you remove the device, this error disappears.Remove the device, and this error should be resolved. Name: ccnfd_1_10_0_5 Description: ccnfd_1_10_0_5 Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1} Manufacturer: Service: ccnfd_1_10_0_5 Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24) Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed. Devices stay in this state if they have been prepared for removal. After you remove the device, this error disappears.Remove the device, and this error should be resolved. ==================== Event log errors: ========================= Application errors: ================== Error: (03/10/2015 06:56:49 PM) (Source: ESENT) (EventID: 412) (User: ) Description: wuaueng.dll (620) SUS20ClientDataStore: Nie można odczytać nagłówka pliku dziennika C:\Windows\SoftwareDistribution\DataStore\Logs\edb.log. Błąd -546. Error: (03/10/2015 06:56:49 PM) (Source: ESENT) (EventID: 412) (User: ) Description: wuaueng.dll (620) SUS20ClientDataStore: Nie można odczytać nagłówka pliku dziennika C:\Windows\SoftwareDistribution\DataStore\Logs\edb.log. Błąd -546. Error: (03/10/2015 06:33:27 PM) (Source: ESENT) (EventID: 412) (User: ) Description: wuaueng.dll (364) SUS20ClientDataStore: Nie można odczytać nagłówka pliku dziennika C:\Windows\SoftwareDistribution\DataStore\Logs\edb.log. Błąd -546. Error: (03/10/2015 06:33:27 PM) (Source: ESENT) (EventID: 412) (User: ) Description: wuaueng.dll (364) SUS20ClientDataStore: Nie można odczytać nagłówka pliku dziennika C:\Windows\SoftwareDistribution\DataStore\Logs\edb.log. Błąd -546. Error: (03/10/2015 06:33:27 PM) (Source: ESENT) (EventID: 412) (User: ) Description: wuaueng.dll (364) SUS20ClientDataStore: Nie można odczytać nagłówka pliku dziennika C:\Windows\SoftwareDistribution\DataStore\Logs\edb.log. Błąd -546. Error: (03/10/2015 06:33:27 PM) (Source: ESENT) (EventID: 412) (User: ) Description: wuaueng.dll (364) SUS20ClientDataStore: Nie można odczytać nagłówka pliku dziennika C:\Windows\SoftwareDistribution\DataStore\Logs\edb.log. Błąd -546. Error: (03/10/2015 06:14:26 PM) (Source: Windows Backup) (EventID: 4104) (User: ) Description: Wykonanie kopii zapasowej nie powiodło się. Błąd: Za mało wolnego miejsca w lokalizacji magazynu kopii zapasowej do utworzenia kopii zapasowej danych. (0x80780048). Error: (03/10/2015 06:03:27 PM) (Source: ESENT) (EventID: 412) (User: ) Description: wuaueng.dll (364) SUS20ClientDataStore: Nie można odczytać nagłówka pliku dziennika C:\Windows\SoftwareDistribution\DataStore\Logs\edb.log. Błąd -546. Error: (03/10/2015 06:03:27 PM) (Source: ESENT) (EventID: 412) (User: ) Description: wuaueng.dll (364) SUS20ClientDataStore: Nie można odczytać nagłówka pliku dziennika C:\Windows\SoftwareDistribution\DataStore\Logs\edb.log. Błąd -546. Error: (03/10/2015 06:03:27 PM) (Source: ESENT) (EventID: 412) (User: ) Description: wuaueng.dll (364) SUS20ClientDataStore: Nie można odczytać nagłówka pliku dziennika C:\Windows\SoftwareDistribution\DataStore\Logs\edb.log. Błąd -546. System errors: ============= Error: (03/10/2015 06:54:18 PM) (Source: Service Control Manager) (EventID: 7026) (User: ) Description: Nie można załadować następujących sterowników startu rozruchowego lub systemowego: ccnfd_1_10_0_5 Error: (03/10/2015 06:54:19 PM) (Source: DCOM) (EventID: 10016) (User: ZARZĄDZANIE NT) Description: domyślne ustawienia komputeraLokalnyAktywacja{BC50CF2A-E12C-4F18-90CE-714CC8600CEE}{BC50CF2A-E12C-4F18-90CE-714CC8600CEE}ZARZĄDZANIE NTUSŁUGA LOKALNAS-1-5-19LocalHost (użycie LRPC) Error: (03/10/2015 06:52:53 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Nie można uruchomić usługi SPDRIVER_1494.0.0.0 z powodu następującego błędu: %%3 Error: (03/10/2015 06:52:47 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Nie można uruchomić usługi Nero BackItUp Scheduler 4.0 z powodu następującego błędu: %%2 Error: (03/10/2015 06:52:40 PM) (Source: BugCheck) (EventID: 1001) (User: ) Description: 0x00000109 (0xa3a039d8a00385db, 0xb3b7465ef281c169, 0xfffff80004851080, 0x0000000000000002)C:\Windows\MEMORY.DMP031015-28766-01 Error: (03/10/2015 06:52:33 PM) (Source: EventLog) (EventID: 6008) (User: ) Description: Poprzednie zamknięcie systemu przy 18:50:39 na ‎2015-‎03-‎10 było nieoczekiwane. Error: (03/10/2015 01:25:41 PM) (Source: Service Control Manager) (EventID: 7026) (User: ) Description: Nie można załadować następujących sterowników startu rozruchowego lub systemowego: ccnfd_1_10_0_5 Error: (03/10/2015 01:25:41 PM) (Source: DCOM) (EventID: 10016) (User: ZARZĄDZANIE NT) Description: domyślne ustawienia komputeraLokalnyAktywacja{BC50CF2A-E12C-4F18-90CE-714CC8600CEE}{BC50CF2A-E12C-4F18-90CE-714CC8600CEE}ZARZĄDZANIE NTUSŁUGA LOKALNAS-1-5-19LocalHost (użycie LRPC) Error: (03/10/2015 01:24:17 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Nie można uruchomić usługi SPDRIVER_1494.0.0.0 z powodu następującego błędu: %%3 Error: (03/10/2015 01:24:13 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Nie można uruchomić usługi Nero BackItUp Scheduler 4.0 z powodu następującego błędu: %%2 Microsoft Office Sessions: ========================= Error: (03/10/2015 06:56:49 PM) (Source: ESENT) (EventID: 412) (User: ) Description: wuaueng.dll620SUS20ClientDataStore: C:\Windows\SoftwareDistribution\DataStore\Logs\edb.log-546 Error: (03/10/2015 06:56:49 PM) (Source: ESENT) (EventID: 412) (User: ) Description: wuaueng.dll620SUS20ClientDataStore: C:\Windows\SoftwareDistribution\DataStore\Logs\edb.log-546 Error: (03/10/2015 06:33:27 PM) (Source: ESENT) (EventID: 412) (User: ) Description: wuaueng.dll364SUS20ClientDataStore: C:\Windows\SoftwareDistribution\DataStore\Logs\edb.log-546 Error: (03/10/2015 06:33:27 PM) (Source: ESENT) (EventID: 412) (User: ) Description: wuaueng.dll364SUS20ClientDataStore: C:\Windows\SoftwareDistribution\DataStore\Logs\edb.log-546 Error: (03/10/2015 06:33:27 PM) (Source: ESENT) (EventID: 412) (User: ) Description: wuaueng.dll364SUS20ClientDataStore: C:\Windows\SoftwareDistribution\DataStore\Logs\edb.log-546 Error: (03/10/2015 06:33:27 PM) (Source: ESENT) (EventID: 412) (User: ) Description: wuaueng.dll364SUS20ClientDataStore: C:\Windows\SoftwareDistribution\DataStore\Logs\edb.log-546 Error: (03/10/2015 06:14:26 PM) (Source: Windows Backup) (EventID: 4104) (User: ) Description: Za mało wolnego miejsca w lokalizacji magazynu kopii zapasowej do utworzenia kopii zapasowej danych. (0x80780048) Error: (03/10/2015 06:03:27 PM) (Source: ESENT) (EventID: 412) (User: ) Description: wuaueng.dll364SUS20ClientDataStore: C:\Windows\SoftwareDistribution\DataStore\Logs\edb.log-546 Error: (03/10/2015 06:03:27 PM) (Source: ESENT) (EventID: 412) (User: ) Description: wuaueng.dll364SUS20ClientDataStore: C:\Windows\SoftwareDistribution\DataStore\Logs\edb.log-546 Error: (03/10/2015 06:03:27 PM) (Source: ESENT) (EventID: 412) (User: ) Description: wuaueng.dll364SUS20ClientDataStore: C:\Windows\SoftwareDistribution\DataStore\Logs\edb.log-546 ==================== Memory info =========================== Processor: Intel(R) Core(TM) i3-4130 CPU @ 3.40GHz Percentage of memory in use: 21% Total physical RAM: 8127.77 MB Available physical RAM: 6392.51 MB Total Pagefile: 16253.69 MB Available Pagefile: 12799.23 MB Total Virtual: 8192 MB Available Virtual: 8191.81 MB ==================== Drives ================================ Drive c: () (Fixed) (Total:390.63 GB) (Free:93.06 GB) NTFS ==>[Drive with boot components (obtained from BCD)] Drive d: () (Fixed) (Total:540.88 GB) (Free:41.67 GB) NTFS ==================== MBR & Partition Table ================== ======================================================== Disk: 0 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: 36D636D5) Partition 1: (Active) - (Size=390.6 GB) - (Type=07 NTFS) Partition 2: (Not Active) - (Size=540.9 GB) - (Type=OF Extended) ==================== End Of Log ============================