Additional scan result of Farbar Recovery Scan Tool (x64) Version: 11-03-2015
Ran by adrian at 2015-03-20 11:10:06
Running from C:\Users\adrian\Desktop
Boot Mode: Normal
==========================================================


==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AS: Windows Defender (Enabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Apple Mobile Device Support (HKLM\...\{787136D2-F0F8-4625-AA3F-72D7795AC842}) (Version: 7.1.1.3 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
CCleaner (HKLM\...\CCleaner) (Version: 5.03 - Piriform)
Counter Strike 1.6 v43 (HKU\S-1-5-21-1699041526-1260768229-1946834793-1003\...\Counter Strike 1.6 v43 1.0) (Version: 1.0 - Cs-Classic)
Cyfrowy Polsat MF821 (HKLM-x32\...\{27D28586-BEF1-4E06-8787-3B1FC3A41489}) (Version: PCW_PLSPOLLV1.0.0B12 - ZTE  Corporation)
DAEMON Tools Lite (HKLM-x32\...\DAEMON Tools Lite) (Version: 4.49.1.0356 - Disc Soft Ltd)
FIFA 14 (HKLM-x32\...\{AA7A2800-1E75-4240-855B-03AFF8E5171E}) (Version: 1.0.0.7 - Electronic Arts)
Gameo (HKU\S-1-5-21-1699041526-1260768229-1946834793-1003\...\Gameo) (Version: 0.11.6 - IronSource Ltd.) <==== ATTENTION!
Google Update Helper (x32 Version: 1.3.25.5 - Google Inc.) Hidden
GS_Sustainer 1.80 (HKLM-x32\...\{5F189DF5-2D05-472B-9091-84D9848AE48B}{4d349a54}) (Version:  - Certified Publisher) <==== ATTENTION
LogMeIn Hamachi (HKLM-x32\...\LogMeIn Hamachi) (Version: 2.2.0.319 - LogMeIn, Inc.)
LogMeIn Hamachi (x32 Version: 2.2.0.319 - LogMeIn, Inc.) Hidden
Malwarebytes Anti-Malware wersja 2.0.4.1028 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.4.1028 - Malwarebytes Corporation)
Microsoft Office Word Viewer 2003 (HKLM-x32\...\{90850415-6000-11D3-8CFE-0150048383C9}) (Version: 11.0.8173.0 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation)
Mozilla Firefox 35.0 (x86 pl) (HKU\S-1-5-21-1699041526-1260768229-1946834793-1003\...\Mozilla Firefox 35.0 (x86 pl)) (Version: 35.0 - Mozilla)
NexetCoup (HKLM-x32\...\{3D0F43D9-C1D7-733C-01F8-4A3001BF8CC3}) (Version: 1.0.0.1956 - )
Obsługa programów Apple (HKLM-x32\...\{D9DAD0FF-495A-472B-9F10-BAE430A26682}) (Version: 3.0.3 - Apple Inc.)
Odkurzacz (HKLM-x32\...\Odkurzacz 13.5_is1) (Version: 13.5.0.1911 - FranmoSoftware - Maciej Opaliński)
Origin (HKLM-x32\...\Origin) (Version: 9.5.3.636 - Electronic Arts, Inc.)
PennyBeeUpdate (HKU\S-1-5-21-1699041526-1260768229-1946834793-1003\...\PennyBee) (Version: 1.0.6.0 - PennyBeeUpdate) <==== ATTENTION!
RedApp 1.0 (HKLM-x32\...\RedApp) (Version: 1.0 - Redefine Sp z o.o.)
Skype Click to Call (HKLM-x32\...\{6D1221A9-17BF-4EC0-81F2-27D30EC30701}) (Version: 7.3.16540.9015 - Microsoft Corporation)
Skype™ 7.2 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.2.103 - Skype Technologies S.A.)
ZTE LTE Device USB Driver (HKLM\...\{00C1EF09-B5B7-4082-B1F4-C35CE7A7FCA9}) (Version:  - ZTE Corporation)

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)


==================== Restore Points  =========================

ATTENTION: System Restore is disabled.
Check "winmgmt" service or repair WMI.


==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 03:34 - 2009-06-10 22:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {021EE75A-7023-484F-8849-CB0D449150F8} - No Task path could be read. Access denied. 
Task: {196B5371-EFC1-483E-882E-42C3467171A4} - \GoogleUpdateTaskMachineCore No Task File <==== ATTENTION
Task: {3DA5A626-8E31-4918-9C6E-03094C05880D} - \CCleanerSkipUAC No Task File <==== ATTENTION
Task: {5A40E926-9E86-4B89-9CFD-B12311724371} - System32\Tasks\Microsoft\Windows\UPnP\UPnPHostConfig
Task: {72DB7465-BC54-491B-A92A-4637A28C9BBF} - System32\Tasks\Microsoft\Windows\AppID\VerifiedPublisherCertStoreCheck
Task: {790581A0-FB1A-4F6E-86B6-BF042D614C04} - \WPD\SqmUpload_S-1-5-21-1699041526-1260768229-1946834793-1001 No Task File <==== ATTENTION
Task: {A48CABBF-24C8-4B87-B00F-9261807C3B43} - System32\Tasks\Microsoft\Windows\AppID\PolicyConverter
Task: {A7C73732-9F11-4281-8D19-764D4EC9D94D} - System32\Tasks\Microsoft\Windows\Application Experience\ProgramDataUpdater
Task: {AC4E5ACF-89F7-4220-BA21-81EE183975E2} - System32\Tasks\Microsoft\Windows\Application Experience\AitAgent
Task: {CB3D64BF-C0C9-45FF-BFB0-FF1A8F680186} - System32\Tasks\Microsoft\Windows\RemoteAssistance\RemoteAssistanceTask
Task: {E3163C33-301D-4730-A266-5518C5ED3967} - System32\Tasks\Microsoft\Windows\Bluetooth\UninstallDeviceTask
Task: {EF026FAD-DBB1-4BEA-B6A3-3BA3144DB802} - \GoogleUpdateTaskMachineUA No Task File <==== ATTENTION
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => 
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => 

==================== Loaded Modules (whitelisted) ==============

2015-01-04 21:36 - 2012-05-22 07:29 - 00074096 _____ () C:\Program Files (x86)\Cyfrowy Polsat\MF821\Bin\CancelAutoPlay.exe
2015-01-04 21:36 - 2012-05-22 07:29 - 00032112 _____ () C:\Program Files (x86)\Cyfrowy Polsat\MF821\Bin\zLoggingDaemon.exe
2015-01-04 21:36 - 2012-05-22 07:29 - 00030576 _____ () C:\Program Files (x86)\Cyfrowy Polsat\MF821\Bin\Cyfrowy Polsat MF821.exe
2014-12-24 16:45 - 2014-12-24 16:45 - 42482176 _____ () C:\Users\adrian\AppData\Roaming\Gameo\gameo.exe

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)


==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Hamachi2Svc => ""="Service"

==================== EXE Association (whitelisted) ===============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-1699041526-1260768229-1946834793-1003\Control Panel\Desktop\\Wallpaper -> 
DNS Servers: 192.168.1.1

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)


==================== Accounts: =============================

Administrator (S-1-5-21-1699041526-1260768229-1946834793-500 - Administrator - Disabled)
adrian (S-1-5-21-1699041526-1260768229-1946834793-1003 - Limited - Enabled) => C:\Users\adrian
Damian (S-1-5-21-1699041526-1260768229-1946834793-1004 - Administrator - Enabled) => C:\Users\Damian
Dawid (S-1-5-21-1699041526-1260768229-1946834793-1001 - Administrator - Enabled) => C:\Users\Dawid
Gość (S-1-5-21-1699041526-1260768229-1946834793-501 - Limited - Disabled)

==================== Faulty Device Manager Devices =============

Name: Teredo Tunneling Pseudo-Interface
Description: Karta tunelowania Teredo firmy Microsoft
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.

Name: Mysz Microsoft PS/2
Description: Mysz Microsoft PS/2
Class Guid: {4d36e96f-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: i8042prt
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.

Name: Standardowa klawiatura PS/2
Description: Standardowa klawiatura PS/2
Class Guid: {4d36e96b-e325-11ce-bfc1-08002be10318}
Manufacturer: (Klawiatury standardowe)
Service: i8042prt
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.

Name: Kontroler RAID
Description: Kontroler RAID
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.


==================== Event log errors: =========================

Application errors:
==================
Error: (03/20/2015 10:57:14 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (03/20/2015 10:44:27 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (03/20/2015 10:34:59 AM) (Source: VSS) (EventID: 8194) (User: )
Description: Błąd Usługi kopiowania woluminów w tle: nieoczekiwany błąd podczas badania interfejsu IVssWriterCallback. hr = 0x80070005, Odmowa dostępu.
.
To jest często spowodowane przez niepoprawne ustawienia zabezpieczeń w procesie zapisującym lub żądającym.


Operacja:
   Zbieranie danych modułu zapisującego

Kontekst:
   Identyfikator klasy modułu zapisującego: {e8132975-6f93-4464-a53e-1050253ae220}
   Nazwa modułu zapisującego: System Writer
   Identyfikator wystąpienia modułu zapisującego: {8174c119-1776-47ab-a931-eb7fff810996}

Error: (03/20/2015 10:25:51 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nazwa aplikacji powodującej błąd: US1TM6DX9lSWB1t.exe, wersja: 0.0.0.0, sygnatura czasowa: 0x54253c04
Nazwa modułu powodującego błąd: unknown, wersja: 0.0.0.0, sygnatura czasowa: 0x00000000
Kod wyjątku: 0xc0000005
Przesunięcie błędu: 0x00000000
Identyfikator procesu powodującego błąd: 0xd9c
Godzina uruchomienia aplikacji powodującej błąd: 0xUS1TM6DX9lSWB1t.exe0
Ścieżka aplikacji powodującej błąd: US1TM6DX9lSWB1t.exe1
Ścieżka modułu powodującego błąd: US1TM6DX9lSWB1t.exe2
Identyfikator raportu: US1TM6DX9lSWB1t.exe3

Error: (03/20/2015 10:22:15 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (03/20/2015 10:19:32 AM) (Source: MsiInstaller) (EventID: 11719) (User: DAWIDOSEK)
Description: Product: Java Auto Updater -- Error 1719.The Windows Installer Service could not be accessed. This can occur if the Windows Installer is not correctly installed. Contact your support personnel for assistance.

Error: (03/20/2015 10:14:14 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nazwa aplikacji powodującej błąd: US1TM6DX9lSWB1t.exe, wersja: 0.0.0.0, sygnatura czasowa: 0x54253c04
Nazwa modułu powodującego błąd: unknown, wersja: 0.0.0.0, sygnatura czasowa: 0x00000000
Kod wyjątku: 0xc0000005
Przesunięcie błędu: 0x00000000
Identyfikator procesu powodującego błąd: 0x1260
Godzina uruchomienia aplikacji powodującej błąd: 0xUS1TM6DX9lSWB1t.exe0
Ścieżka aplikacji powodującej błąd: US1TM6DX9lSWB1t.exe1
Ścieżka modułu powodującego błąd: US1TM6DX9lSWB1t.exe2
Identyfikator raportu: US1TM6DX9lSWB1t.exe3

Error: (03/20/2015 10:13:11 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nazwa aplikacji powodującej błąd: US1TM6DX9lSWB1t.exe, wersja: 0.0.0.0, sygnatura czasowa: 0x54253c04
Nazwa modułu powodującego błąd: unknown, wersja: 0.0.0.0, sygnatura czasowa: 0x00000000
Kod wyjątku: 0xc0000005
Przesunięcie błędu: 0x00000000
Identyfikator procesu powodującego błąd: 0xc8c
Godzina uruchomienia aplikacji powodującej błąd: 0xUS1TM6DX9lSWB1t.exe0
Ścieżka aplikacji powodującej błąd: US1TM6DX9lSWB1t.exe1
Ścieżka modułu powodującego błąd: US1TM6DX9lSWB1t.exe2
Identyfikator raportu: US1TM6DX9lSWB1t.exe3

Error: (03/20/2015 08:20:42 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (03/19/2015 06:42:57 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 4297


System errors:
=============
Error: (03/20/2015 10:55:22 AM) (Source: atikmdag) (EventID: 10261) (User: )
Description: Display is not active

Error: (03/20/2015 10:55:22 AM) (Source: atikmdag) (EventID: 19468) (User: )
Description: CPLIB :: General - Invalid Parameter

Error: (03/20/2015 10:55:14 AM) (Source: Microsoft-Windows-Kernel-Processor-Power) (EventID: 6) (User: ZARZĄDZANIE NT)
Description: Niektóre funkcje zarządzania energią procesora w czasie wydajności zostały wyłączone z powodu znanego problemu z oprogramowaniem układowym. Skontaktuj się z producentem komputera w celu uzyskania aktualizacji oprogramowania układowego.

Error: (03/20/2015 10:42:36 AM) (Source: atikmdag) (EventID: 10261) (User: )
Description: Display is not active

Error: (03/20/2015 10:42:36 AM) (Source: atikmdag) (EventID: 19468) (User: )
Description: CPLIB :: General - Invalid Parameter

Error: (03/20/2015 10:42:29 AM) (Source: Microsoft-Windows-Kernel-Processor-Power) (EventID: 6) (User: ZARZĄDZANIE NT)
Description: Niektóre funkcje zarządzania energią procesora w czasie wydajności zostały wyłączone z powodu znanego problemu z oprogramowaniem układowym. Skontaktuj się z producentem komputera w celu uzyskania aktualizacji oprogramowania układowego.

Error: (03/20/2015 10:34:58 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Usługa Ochrona oprogramowania niespodziewanie zakończyła pracę. Wystąpiło to razy: 1. W przeciągu 120000 milisekund zostanie podjęta następująca czynność korekcyjna: Uruchom usługę ponownie.

Error: (03/20/2015 10:34:58 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Usługa Windows Search niespodziewanie zakończyła pracę. Wystąpiło to razy: 1. W przeciągu 30000 milisekund zostanie podjęta następująca czynność korekcyjna: Uruchom usługę ponownie.

Error: (03/20/2015 10:34:58 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Usługa LogMeIn Hamachi Tunneling Engine niespodziewanie zakończyła pracę. Wystąpiło to razy: 1.

Error: (03/20/2015 10:34:58 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Usługa Computer Backup (MyPC Backup) niespodziewanie zakończyła pracę. Wystąpiło to razy: 1.


Microsoft Office Sessions:
=========================
Error: (03/20/2015 10:57:14 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (03/20/2015 10:44:27 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (03/20/2015 10:34:59 AM) (Source: VSS) (EventID: 8194) (User: )
Description: 0x80070005, Odmowa dostępu.


Operacja:
   Zbieranie danych modułu zapisującego

Kontekst:
   Identyfikator klasy modułu zapisującego: {e8132975-6f93-4464-a53e-1050253ae220}
   Nazwa modułu zapisującego: System Writer
   Identyfikator wystąpienia modułu zapisującego: {8174c119-1776-47ab-a931-eb7fff810996}

Error: (03/20/2015 10:25:51 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: US1TM6DX9lSWB1t.exe0.0.0.054253c04unknown0.0.0.000000000c000000500000000d9c01d062efd94bceeaC:\ProgramData\NexetCoup\US1TM6DX9lSWB1t.exeunknown198768dc-cee3-11e4-849f-0019666031da

Error: (03/20/2015 10:22:15 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (03/20/2015 10:19:32 AM) (Source: MsiInstaller) (EventID: 11719) (User: DAWIDOSEK)
Description: Product: Java Auto Updater -- Error 1719.The Windows Installer Service could not be accessed. This can occur if the Windows Installer is not correctly installed. Contact your support personnel for assistance.(NULL)(NULL)(NULL)(NULL)(NULL)

Error: (03/20/2015 10:14:14 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: US1TM6DX9lSWB1t.exe0.0.0.054253c04unknown0.0.0.000000000c000000500000000126001d062ee3b4ba915C:\ProgramData\NexetCoup\US1TM6DX9lSWB1t.exeunknown79b99fb5-cee1-11e4-bb34-0019666031da

Error: (03/20/2015 10:13:11 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: US1TM6DX9lSWB1t.exe0.0.0.054253c04unknown0.0.0.000000000c000000500000000c8c01d062ee1517baf9C:\ProgramData\NexetCoup\US1TM6DX9lSWB1t.exeunknown54636c4b-cee1-11e4-bb34-0019666031da

Error: (03/20/2015 08:20:42 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (03/19/2015 06:42:57 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 4297


==================== Memory info =========================== 

Processor: AMD Athlon(tm) 64 X2 Dual Core Processor 4200+
Percentage of memory in use: 52%
Total physical RAM: 3071.3 MB
Available physical RAM: 1451.1 MB
Total Pagefile: 3927.94 MB
Available Pagefile: 1805.36 MB
Total Virtual: 8192 MB
Available Virtual: 8191.85 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:28.63 GB) (Free:1.14 GB) NTFS ==>[System with boot components (obtained from reading drive)]

==================== MBR & Partition Table ==================

==================== End Of Log ============================