Additional scan result of Farbar Recovery Scan Tool (x86) Version: 11-03-2015 Ran by User at 2015-04-08 16:12:59 Running from C:\Documents and Settings\User\Desktop Boot Mode: Normal ========================================================== ==================== Security Center ======================== (If an entry is included in the fixlist, it will be removed.) AV: avast! Antivirus (Enabled - Up to date) {7591DB91-41F0-48A3-B128-1A293FD8233D} FW: avast! Antivirus (Disabled) {7591DB91-41F0-48A3-B128-1A293FD8233D} ==================== Installed Programs ====================== (Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.) Adobe Flash Player 17 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 17.0.0.134 - Adobe Systems Incorporated) Adobe Flash Player 17 NPAPI (HKLM\...\Adobe Flash Player NPAPI) (Version: 17.0.0.134 - Adobe Systems Incorporated) Adobe Reader XI (11.0.08) - Polish (HKLM\...\{AC76BA86-7AD7-1045-7B44-AB0000000001}) (Version: 11.0.08 - Adobe Systems Incorporated) ArcSoft Panorama Maker 3 (HKLM\...\{A5F68DC8-0278-4AD8-B413-861509B5F25B}) (Version: - ArcSoft) Auslogics Disk Defrag (HKLM\...\{DF6A13C0-77DF-41FE-BD05-6D5201EB0CE7}_is1) (Version: version 3.1 - Auslogics Software Pty Ltd) Avast Premier (HKLM\...\Avast) (Version: 10.2.2214 - AVAST Software) Broadcom Gigabit Integrated Controller (HKLM\...\{D3B3B9B2-FE73-44CB-8C0A-F737D92F991B}) (Version: 10.15.08 - Broadcom Corporation) CCleaner (HKLM\...\CCleaner) (Version: 5.03 - Piriform) Conexant HDA D330 MDC V.92 Modem (HKLM\...\CNXT_MODEM_HDAUDIO_VEN_14F1&DEV_2C06&SUBSYS_14F1000F) (Version: - ) FastStone Capture 5.3 (HKLM\...\FastStone Capture) (Version: 5.3 - FastStone Soft) FastStone Image Viewer 5.1 (HKLM\...\FastStone Image Viewer) (Version: 5.1 - FastStone Soft) Free PDF Joiner (HKLM\...\{C2C5B35E-B3C5-407B-85A5-1289048E2D06}) (Version: 1.0.0 - Free PDF Solutions) Free PDF to Word Doc Converter v1.1 (HKLM\...\Free PDF to Word Doc Converter_is1) (Version: 1.1 - www.hellopdf.com) GIMP 2.8.14 (HKLM\...\GIMP-2_is1) (Version: 2.8.14 - The GIMP Team) Google Earth (HKLM\...\{4D2A6330-2F8B-11E3-9C40-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google) Google Update Helper (Version: 1.3.25.11 - Google Inc.) Hidden Google Update Helper (Version: 1.3.26.9 - Google Inc.) Hidden High Definition Audio Driver Package - KB835221 (HKLM\...\KB835221WXP) (Version: 20040219.000000 - Microsoft Corporation) HQ-V1.4 (HKLM\...\HQ-V1.4) (Version: 1.34.6.10 - HQV1.4) Imagine (HKLM\...\Imagine) (Version: Version 2.0.0.315 - ) Intel(R) Graphics Media Accelerator Driver (HKLM\...\HDMI) (Version: - ) Intel(R) PROSet/Wireless Software (HKLM\...\ProInst) (Version: 11.5.0000 - Intel Corporation) Java 8 Update 31 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83218031F0}) (Version: 8.0.310 - Oracle Corporation) Java 8 Update 40 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83218040F0}) (Version: 8.0.400 - Oracle Corporation) LaserJet 1020 series (HKLM\...\HP-LaserJet 1020 series) (Version: - ) Live! Cam Sync HD VF0770 Driver (1.00.02.00) (HKLM\...\Creative VF0770) (Version: - Creative Technology Ltd.) mCore (Version: 11.02.0000 - Intel Corporation) Hidden mDriver (Version: 11.02.0000 - Intel) Hidden mDrWiFi (Version: 11.02.0000 - Intel Corporation) Hidden mHlpDell (Version: 11.02.0000 - Intel) Hidden Microsoft .NET Framework 1.1 (HKLM\...\Microsoft .NET Framework 1.1 (1033)) (Version: - ) Microsoft .NET Framework 1.1 Security Update (KB2833941) (HKLM\...\M2833941) (Version: - ) Microsoft .NET Framework 2.0 Service Pack 2 (HKLM\...\{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}) (Version: 2.2.30729 - Microsoft Corporation) Microsoft .NET Framework 3.0 Service Pack 2 (HKLM\...\{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}) (Version: 3.2.30729 - Microsoft Corporation) Microsoft .NET Framework 3.5 SP1 (HKLM\...\Microsoft .NET Framework 3.5 SP1) (Version: - Microsoft Corporation) Microsoft Base Smart Card Cryptographic Service Provider Package (HKLM\...\KB909520) (Version: - Microsoft Corporation) Microsoft Compression Client Pack 1.0 for Windows XP (HKLM\...\MSCompPackV1) (Version: 1 - Microsoft Corporation) Microsoft Download Manager (HKLM\...\{654977DB-0001-0002-0001-EABD228DDE8B}) (Version: 1.2.1 - Microsoft Corporation) Microsoft Office File Validation Add-In (HKLM\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation) Microsoft Office Live Add-in 1.5 (HKLM\...\{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}) (Version: 2.0.4024.1 - Microsoft Corporation) Microsoft Office Outlook Connector (HKLM\...\{95120000-0122-0409-0000-0000000FF1CE}) (Version: 12.0.6423.1000 - Microsoft Corporation) Microsoft Office Standard Edition 2003 (HKLM\...\{91120415-6000-11D3-8CFE-0150048383C9}) (Version: 11.0.8173.0 - Microsoft Corporation) Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation) Microsoft User-Mode Driver Framework Feature Pack 1.0 (HKLM\...\Wudf01000) (Version: - Microsoft Corporation) Microsoft WinUsb 2.0 (HKLM\...\winusb0200) (Version: - Microsoft Corporation) mIWA (Version: 11.02.0000 - Intel Corporation) Hidden mLogView (Version: 11.02.0000 - Intel Corporation) Hidden mMHouse (Version: 11.02.0000 - Intel Corporation) Hidden Mozilla Firefox 36.0.4 (x86 pl) (HKLM\...\Mozilla Firefox 36.0.4 (x86 pl)) (Version: 36.0.4 - Mozilla) Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 34.0.5 - Mozilla) mPfMgr (Version: 11.02.0000 - Intel Corporation) Hidden mPfWiz (Version: 11.02.0000 - Intel Corporation) Hidden mProSafe (Version: 9.00.0000 - Intel) Hidden mSCfg (Version: 11.02.0000 - Intel Corporation) Hidden mSSO (Version: 11.02.0000 - Intel Corporation) Hidden MSXML 4.0 SP2 (KB954430) (HKLM\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation) MSXML 4.0 SP2 (KB973688) (HKLM\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation) MSXML 4.0 SP2 Parser and SDK (HKLM\...\{716E0306-8318-4364-8B8F-0CC4E9376BAC}) (Version: 4.20.9818.0 - Microsoft Corporation) MSXML 6.0 Parser (Version: 6.00.3883.8 - Microsoft Corporation) Hidden mWlsSafe (Version: 9.00.0000 - Intel) Hidden mWMI (Version: 11.02.0000 - Intel Corporation) Hidden mZConfig (Version: 11.02.0000 - Intel Corporation) Hidden Nikon FotoShare (HKLM\...\Nikon FotoShare) (Version: 1.0.1.0 - ) Nikon Message Center (HKLM\...\{D2FCC1AE-6311-47C5-8130-C6C66D77DD71}) (Version: 0.91.000 - ) Opera Stable 28.0.1750.48 (HKLM\...\Opera 28.0.1750.48) (Version: 28.0.1750.48 - Opera Software ASA) OrderReminder HP LaserJet 1020 (HKLM\...\OrderReminder HP LaserJet 1020) (Version: 2.0 - ) OZ776 SCR Driver V1.1.4.202 (HKLM\...\InstallShield_{EDC2B89F-3F72-48EA-B63E-985BC51622E4}) (Version: 1.1.4.202 - O2Micro) OZ776 SCR Driver V1.1.4.202 (Version: 1.1.4.202 - O2Micro) Hidden Pakiet zgodności dla systemu Office 2007 (HKLM\...\{90120000-0020-0415-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation) PDFMate Free PDF Merger 1.0.8 (HKLM\...\PDFMate Free PDF Merger_is1) (Version: - pdfmate.com) PhotoFiltre 7 (HKU\S-1-5-21-527237240-706699826-725345543-1003\...\PhotoFiltre 7) (Version: - ) PhotoScape (HKLM\...\PhotoScape) (Version: - ) Picasa 3 (HKLM\...\Picasa 3) (Version: 3.9 - Google, Inc.) PictureProject (HKLM\...\{FF3999BE-1A7B-4738-88AA-97BF14094A4A}) (Version: 1.0 - Nikon) PrimoPDF -- brought to you by Nitro PDF Software (HKLM\...\PrimoPDF) (Version: 5 - Nitro PDF Software) QuickTime (HKLM\...\InstallShield_{C21D5524-A970-42FA-AC8A-59B8C7CDCA31}) (Version: 7.1 - Apple Computer, Inc.) QuickTime (Version: 7.1 - Apple Computer, Inc.) Hidden SavePass (HKLM\...\SavePass) (Version: 1.34.6.10 - OutBrowse) <==== ATTENTION SigmaTel Audio (HKLM\...\{A462213D-EED4-42C2-9A60-7BDD4D4B0B17}) (Version: 5.10.5210.0 - SigmaTel) Skype™ 7.1 (HKLM\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.1.105 - Skype Technologies S.A.) Sony Mobile Update Engine (HKLM\...\Update Engine) (Version: 2.14.17.201412121559 - Sony Mobile Communications Inc.) Sony PC Companion 2.10.251 (HKLM\...\{F09EF8F2-0976-42C1-8D9D-8DF78337C6E3}) (Version: 2.10.251 - Sony) Trust Webcam (HKLM\...\{399C37FB-08AF-493B-BFED-20FBD85EDF7F}) (Version: 5.8.54000.106 - Sonix) VLC media player (HKLM\...\VLC media player) (Version: 2.1.5 - VideoLAN) WebFldrs XP (Version: 9.50.7523 - Microsoft Corporation) Hidden Windows Genuine Advantage Notifications (KB905474) (HKLM\...\WgaNotify) (Version: 1.9.0040.0 - Microsoft Corporation) Windows Internet Explorer 8 (HKLM\...\ie8) (Version: 20090308.140743 - Microsoft Corporation) Windows Live Sign-in Assistant (HKLM\...\{45338B07-A236-4270-9A77-EBB4115517B5}) (Version: 5.000.818.5 - Microsoft Corporation) Windows Live Upload Tool (HKLM\...\{205C6BDD-7B73-42DE-8505-9A093F35A238}) (Version: 14.0.8014.1029 - Microsoft Corporation) Windows Management Framework Core (HKLM\...\KB968930) (Version: - Microsoft Corporation) Windows Media Format 11 runtime (HKLM\...\Windows Media Format Runtime) (Version: - ) Windows Media Player 11 (HKLM\...\Windows Media Player) (Version: - ) Windows Search 4.0 (HKLM\...\KB940157) (Version: 04.00.6001.503 - Microsoft Corporation) Windows XP Service Pack 3 (HKLM\...\Windows XP Service Pack) (Version: 20080414.031525 - Microsoft Corporation) WinRAR 5.11 (32-bitowy) (HKLM\...\WinRAR archiver) (Version: 5.11.0 - win.rar GmbH) WinZip (HKLM\...\WinZip) (Version: 9.0 (6028) - WinZip Computing, Inc.) WinZipper (HKLM\...\WinZipper) (Version: 1.5.83 - Taiwan Shui Mu Chih Ching Technology Limited.) <==== ATTENTION ==================== Custom CLSID (selected items): ========================== (If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.) CustomCLSID: HKU\S-1-5-21-527237240-706699826-725345543-1003_Classes\CLSID\{97090E2F-3062-4459-855B-014F0D3CDBB1}\InprocServer32 -> C:\Program Files\Windows Desktop Search\deskbar.dll (Microsoft Corporation) ==================== Restore Points ========================= 18-03-2015 21:53:31 System Checkpoint 19-03-2015 22:15:09 System Checkpoint 21-03-2015 17:21:40 avast! antivirus system restore point 22-03-2015 21:14:22 System Checkpoint 23-03-2015 21:25:35 System Checkpoint 24-03-2015 21:33:34 System Checkpoint 25-03-2015 21:43:10 System Checkpoint 26-03-2015 22:41:27 System Checkpoint 28-03-2015 13:58:20 System Checkpoint 29-03-2015 21:01:53 System Checkpoint 30-03-2015 21:46:28 System Checkpoint 31-03-2015 23:26:34 System Checkpoint 02-04-2015 00:13:20 System Checkpoint 03-04-2015 00:20:59 System Checkpoint 03-04-2015 15:43:25 Removed WinZip 19.0 04-04-2015 20:54:41 System Checkpoint 05-04-2015 21:16:55 System Checkpoint 07-04-2015 17:22:03 System Checkpoint ==================== Hosts content: ========================== (If needed Hosts: directive could be included in the fixlist to reset Hosts.) 2004-08-04 12:00 - 2014-06-29 13:46 - 00000734 ____A C:\WINDOWS\system32\Drivers\etc\hosts 127.0.0.1 localhost ==================== Scheduled Tasks (whitelisted) ============= (If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.) Task: C:\WINDOWS\Tasks\64e02fd5-38d4-4796-99b5-94f9ce61e8e9-1.job => C:\Program Files\SavePass\SavePass-codedownloader.exeE/lVhSU /rcbYrfph=task /ZpBCgxxtc='SavePass' /opKZNk=57050 /CjftjJ='001504' /JlFutVD='0' /xsGyTcGOL='0' /uEdfKzwvS=3C1D0284B59B46099EBF9B6E9B4DB9F7IE /TRIdwDGm=2a6fa4d6fca1f2f51cc66965dd418d08 /vxIZPlGJu=1_34_06_10 /vHvQAs=1.34.6.10 /nkaOBMRBi=1403270371 /YSZaXHc=http:/stats.datagenserv.com /hSYjiK=http:/errors.datagenserv.com /jpelGLu=http:/js.datagenserv.com /tQQrCEVl=opera /VLUYScLFK=http:/js.clientdemocloud.com /JKizC /bOpFcHBjn='{asw:[2, 12582980, 0]}' /JGGFP='http:/update.datagenserv.com/ie_code_agent_updates/{CAMP_ID}/update.jso <==== ATTENTION Task: C:\WINDOWS\Tasks\64e02fd5-38d4-4796-99b5-94f9ce61e8e9-4.job => C:\Program Files\SavePass\64e02fd5-38d4-4796-99b5-94f9ce61e8e9-4.exeq/yiYpEh /ZpBCgxxtc='SavePass' /fekQtsK C:\Program Files\SavePass\57050.xpi' /opKZNk=57050 /CjftjJ='001504' /JlFutVD='0' /xsGyTcGOL='0' /uEdfKzwvS=3C1D0284B59B46099EBF9B6E9B4DB9F7IE /TRIdwDGm=2a6fa4d6fca1f2f51cc66965dd418d08 /vxIZPlGJu=1_34_06_10 /vHvQAs=1.34.6.10 /nkaOBMRBi=1403270371 /YSZaXHc=http:/stats.datagenserv.com /hSYjiK=http:/errors.datagenserv.com /jTZPGdj=300 /iHOqOSqX=587fea1b-1c76-43c0-8b29-3c3da78e2485@2309207e-4ba6-42d8-b8a2-3b0a22e052b5.com /CIoZrUwqh=0.94 /rWNAvk=a587fea1b1c7643c08b293c3da78e24852309207e4ba642d8b8a23b0a22e052b5com57050 /DSfhfiuz=https:/w9u6a2p6.ssl.hwcdn.net/plugin/ff/update/57050.rdf /cIstfpesq='SavePass' /xpLdKr='Just Save!' /kRdSKzd='OutBrowse' /tQQrCEVl=opera /bOpFcHBjn='{asw:[2, 12582980, 0]}' /JKizC /SaWjDhp /eyWjDj /JGGFP='http:/update.datagenserv.com/ff_agent_updates/{CAMP_ID}/update.jso <==== ATTENTION Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe Task: C:\WINDOWS\Tasks\avast! Emergency Update.job => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe Task: C:\WINDOWS\Tasks\bench-sys.job => C:\Program Files\Bench\Updater\updater.exe <==== ATTENTION Task: C:\WINDOWS\Tasks\bench-Updater removing.job => XN EG /verysilent SYSTEM This will uninstall Updater <==== ATTENTION Task: C:\WINDOWS\Tasks\ffc1b485-31d9-46a5-a2fb-3de6a491d187-1.job => C:\Program Files\HQ-V1.4\HQ-V1.4-codedownloader.exe>/lVhSU /rcbYrfph=task /ZpBCgxxtc='HQ-V1.4' /opKZNk=58362 /CjftjJ='001553' /JlFutVD='0' /xsGyTcGOL='0' /uEdfKzwvS=9D5BD2C10EC341E3ADB65532CC207B80IE /TRIdwDGm=1c54ce95e4bfb8cc49a64f36322e09ee /vxIZPlGJu=1_34_06_10 /vHvQAs=1.34.6.10 /nkaOBMRBi=1403270331 /YSZaXHc=http:/stats.datagenserv.com /hSYjiK=http:/errors.datagenserv.com /jpelGLu=http:/js.datagenserv.com /tQQrCEVl=opera /VLUYScLFK=http:/js.clientdemocloud.com /JKizC /bOpFcHBjn='{asw:[2, 68, 0]}' /JGGFP='http:/update.datagenserv.com/ie_code_agent_updates/{CAMP_ID}/update.jso <==== ATTENTION Task: C:\WINDOWS\Tasks\ffc1b485-31d9-46a5-a2fb-3de6a491d187-4.job => C:\Program Files\HQ-V1.4\ffc1b485-31d9-46a5-a2fb-3de6a491d187-4.exeŚ/yiYpEh /ZpBCgxxtc='HQ-V1.4' /fekQtsK C:\Program Files\HQ-V1.4\58362.xpi' /opKZNk=58362 /CjftjJ='001553' /JlFutVD='0' /xsGyTcGOL='0' /uEdfKzwvS=9D5BD2C10EC341E3ADB65532CC207B80IE /TRIdwDGm=1c54ce95e4bfb8cc49a64f36322e09ee /vxIZPlGJu=1_34_06_10 /vHvQAs=1.34.6.10 /nkaOBMRBi=1403270331 /YSZaXHc=http:/stats.datagenserv.com /hSYjiK=http:/errors.datagenserv.com /jTZPGdj=300 /iHOqOSqX=508d4e2f-a469-421d-a294-135dbb84fe1b@f7b17943-cc9e-4d4a-b223-0bd1e7cfc871.com /CIoZrUwqh=0.94 /rWNAvk=a508d4e2fa469421da294135dbb84fe1bf7b17943cc9e4d4ab2230bd1e7cfc871com58362 /DSfhfiuz=https:/w9u6a2p6.ssl.hwcdn.net/plugin/ff/update/58362.rdf /cIstfpesq='HQ-V1.4' /xpLdKr='Turn YouTube videos to High Definition by default' /kRdSKzd='HQV1.4' /tQQrCEVl=opera /bOpFcHBjn='{asw:[2, 68, 0]}' /JKizC /SaWjDhp /eyWjDj /JGGFP='http:/update.datagenserv.com/ff_agent_updates/{CAMP_ID}/update.jso <==== ATTENTION Task: C:\WINDOWS\Tasks\fun4us_notification_service.job => C:\Documents and Settings\User\Local Settings\Application Data\fun4us\fun4us_notification_service.exeâ/url='http:/cdn.selectbestopt.com/notf_sys/index.html' /crregname='fun4us' /appid='73143' /srcid='2913' /bic='c3e994a2586ba8d7cc5eb266dcb010a6' /verifier='53dccb8e06c7bee9385adaae092f10fb' /installerversion='1.50.3.10' /statsdomain='http:/stats.buildomserv.com/data.gif?' /errorsdomain='http:/stats.buildomserv.com/data.gif?' /monetizationdomain='http:/logs.buildomserv.com/monetization.gif Task: C:\WINDOWS\Tasks\fun4us_updating_service.job => C:\Documents and Settings\User\Local Settings\Application Data\fun4us\fun4us_updating_service.exe§ /campid=2913 /verid=1 /url=http:/cdn.buildomserv.com/txt/@CAMPID@/@VER@/file.txt /appid=73143 /taskname=fun4us_updating_service /funurl=http:/stats.buildomserv.com Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe Task: C:\WINDOWS\Tasks\Microsoft Windows XP End of Service Notification Monthly.job => C:\WINDOWS\system32\xp_eos.exe Task: C:\WINDOWS\Tasks\Opera scheduled Autoupdate 1403531640.job => C:\Program Files\Opera\launcher.exe ==================== Loaded Modules (whitelisted) ============== 2007-10-08 23:03 - 2007-10-08 23:03 - 00245760 _____ () C:\Program Files\Intel\Wireless\Bin\IWMSPROV.DLL 2015-03-17 21:00 - 2015-03-17 21:00 - 00104400 _____ () C:\Program Files\AVAST Software\Avast\log.dll 2015-03-17 21:00 - 2015-03-17 21:00 - 00081728 _____ () C:\Program Files\AVAST Software\Avast\JsonRpcServer.dll 2015-04-07 23:53 - 2015-04-07 23:53 - 02924544 _____ () C:\Program Files\AVAST Software\Avast\defs\15040701\algo.dll 2015-04-08 12:11 - 2015-04-08 12:11 - 02925056 _____ () C:\Program Files\AVAST Software\Avast\defs\15040801\algo.dll 2014-12-29 11:01 - 2014-12-17 04:43 - 00612528 _____ () C:\Program Files\WinZipper\sqlite3.dll 2014-09-19 13:05 - 2011-03-01 00:37 - 00180624 _____ () C:\WINDOWS\system32\Primomonnt.dll 2004-08-04 12:00 - 2014-02-05 10:55 - 00562688 _____ () C:\WINDOWS\system32\qedit.dll 2004-08-04 12:00 - 2013-01-02 08:49 - 01292288 _____ () C:\WINDOWS\system32\quartz.dll 2004-08-04 12:00 - 2008-04-14 05:41 - 00059904 _____ () C:\WINDOWS\system32\devenum.dll 2004-08-04 12:00 - 2008-04-14 05:42 - 00014336 _____ () C:\WINDOWS\system32\msdmo.dll 2015-03-13 19:21 - 2015-03-17 21:00 - 40540672 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll 2014-12-17 22:04 - 2012-04-30 11:57 - 00039936 _____ () C:\Program Files\Sony\Sony PC Companion\TMonitorAPI.dll 2014-12-17 22:04 - 2014-12-04 15:18 - 00241152 _____ () C:\Program Files\Sony\Sony PC Companion\MExplorer.dll 2011-07-07 15:54 - 2011-07-07 15:54 - 00233984 _____ () C:\Program Files\Sony\Sony PC Companion\Report.dll 2014-12-17 22:04 - 2013-05-20 12:58 - 00620718 _____ () C:\Program Files\Sony\Sony PC Companion\sqlite3.dll 2014-12-17 22:04 - 2010-01-11 16:44 - 00053248 _____ () C:\Program Files\Sony\Sony PC Companion\VObject.dll 2014-11-21 13:31 - 2014-11-21 13:31 - 00663040 _____ () C:\Program Files\Sony\Sony PC Companion\PhoneUpdate.dll 2015-02-19 23:40 - 2015-02-19 23:40 - 00057344 _____ () C:\Program Files\CCleaner\lang\lang-1045.dll 2014-12-17 22:04 - 2014-06-23 09:07 - 00113376 _____ () C:\Program Files\Sony\Sony PC Companion\PCCompanionInfo.exe 2014-06-19 08:10 - 2014-06-29 10:49 - 00318752 _____ () C:\Program Files\Greener Web\updateGreenerWeb.exe 2014-06-19 11:54 - 2014-06-29 10:48 - 00318752 _____ () C:\Program Files\Greener Web\bin\utilGreenerWeb.exe 2007-05-17 23:42 - 2007-05-17 23:42 - 01167360 _____ () C:\Program Files\Intel\Wireless\Bin\acAuth.dll ==================== Alternate Data Streams (whitelisted) ========= (If an entry is included in the fixlist, only the Alternate Data Streams will be removed.) ==================== Safe Mode (whitelisted) =================== (If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.) HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys => ""="Driver" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Wdf01000.sys => ""="Driver" ==================== EXE Association (whitelisted) =============== (If an entry is included in the fixlist, the default will be restored. None default entries will be removed.) ==================== Other Areas ============================ (Currently there is no automatic fix for this section.) HKU\S-1-5-21-527237240-706699826-725345543-1003\Control Panel\Desktop\\Wallpaper -> C:\Documents and Settings\User\Application Data\PhotoScape\Wallpaper.bmp DNS Servers: 192.168.1.1 ==================== MSCONFIG/TASK MANAGER disabled items == (Currently there is no automatic fix for this section.) ==================== Accounts: ============================= Administrator (S-1-5-21-527237240-706699826-725345543-500 - Administrator - Enabled) Ania i Grześ (S-1-5-21-527237240-706699826-725345543-1006 - Limited - Enabled) => %SystemDrive%\Documents and Settings\Ania i Grześ ASPNET (S-1-5-21-527237240-706699826-725345543-1005 - Limited - Enabled) Guest (S-1-5-21-527237240-706699826-725345543-501 - Limited - Disabled) HelpAssistant (S-1-5-21-527237240-706699826-725345543-1000 - Limited - Disabled) SUPPORT_388945a0 (S-1-5-21-527237240-706699826-725345543-1002 - Limited - Disabled) User (S-1-5-21-527237240-706699826-725345543-1003 - Administrator - Enabled) => %SystemDrive%\Documents and Settings\User ==================== Faulty Device Manager Devices ============= ==================== Event log errors: ========================= Application errors: ================== Error: (04/08/2015 04:10:00 PM) (Source: Windows Search Service) (EventID: 3079) (User: ) Description: Notifications for the volume f:\ are not active. Context: Windows Application Details: The device is not ready. (0x80070015) Error: (04/08/2015 00:28:54 PM) (Source: crypt32) (EventID: 11) (User: ) Description: Failed extract of third-party root list from auto update cab at: with error: The data is invalid. Error: (04/08/2015 11:43:32 AM) (Source: Windows Search Service) (EventID: 3013) (User: ) Description: The entry in the hash map cannot be updated. Context: Application, SystemIndex Catalog Details: A device attached to the system is not functioning. (0x8007001f) Error: (04/07/2015 08:24:57 PM) (Source: Windows Search Service) (EventID: 3013) (User: ) Description: The entry in the hash map cannot be updated. Context: Application, SystemIndex Catalog Details: A device attached to the system is not functioning. (0x8007001f) Error: (04/07/2015 08:24:56 PM) (Source: Windows Search Service) (EventID: 3013) (User: ) Description: The entry in the hash map cannot be updated. Context: Application, SystemIndex Catalog Details: A device attached to the system is not functioning. (0x8007001f) Error: (04/07/2015 08:24:56 PM) (Source: Windows Search Service) (EventID: 3013) (User: ) Description: The entry in the hash map cannot be updated. Context: Application, SystemIndex Catalog Details: A device attached to the system is not functioning. (0x8007001f) Error: (04/07/2015 08:24:25 PM) (Source: Windows Search Service) (EventID: 3013) (User: ) Description: The entry in the hash map cannot be updated. Context: Application, SystemIndex Catalog Details: A device attached to the system is not functioning. (0x8007001f) Error: (04/07/2015 08:24:25 PM) (Source: Windows Search Service) (EventID: 3013) (User: ) Description: The entry in the hash map cannot be updated. Context: Application, SystemIndex Catalog Details: A device attached to the system is not functioning. (0x8007001f) Error: (04/07/2015 07:30:54 PM) (Source: Windows Search Service) (EventID: 3013) (User: ) Description: The entry in the hash map cannot be updated. Context: Application, SystemIndex Catalog Details: A device attached to the system is not functioning. (0x8007001f) Error: (04/07/2015 06:05:12 PM) (Source: Windows Search Service) (EventID: 3013) (User: ) Description: The entry in the hash map cannot be updated. Context: Application, SystemIndex Catalog Details: A device attached to the system is not functioning. (0x8007001f) System errors: ============= Error: (04/08/2015 01:04:04 PM) (Source: 0) (EventID: 9) (User: ) Description: \Device\Ide\IdePort1 Error: (04/08/2015 01:03:27 PM) (Source: 0) (EventID: 9) (User: ) Description: \Device\Ide\IdePort1 Error: (04/08/2015 01:02:24 PM) (Source: 0) (EventID: 9) (User: ) Description: \Device\Ide\IdePort1 Error: (04/08/2015 01:02:17 PM) (Source: 0) (EventID: 9) (User: ) Description: \Device\Ide\IdePort1 Error: (04/08/2015 01:01:52 PM) (Source: 0) (EventID: 9) (User: ) Description: \Device\Ide\IdePort1 Error: (04/08/2015 01:01:33 PM) (Source: 0) (EventID: 9) (User: ) Description: \Device\Ide\IdePort1 Error: (04/08/2015 01:01:13 PM) (Source: 0) (EventID: 9) (User: ) Description: \Device\Ide\IdePort1 Error: (04/08/2015 01:00:26 PM) (Source: 0) (EventID: 9) (User: ) Description: \Device\Ide\IdePort1 Error: (04/08/2015 01:00:23 PM) (Source: 0) (EventID: 9) (User: ) Description: \Device\Ide\IdePort1 Error: (04/08/2015 01:00:11 PM) (Source: 0) (EventID: 9) (User: ) Description: \Device\Ide\IdePort1 Microsoft Office Sessions: ========================= Error: (04/08/2015 04:10:00 PM) (Source: Windows Search Service) (EventID: 3079) (User: ) Description: Context: Windows Application Details: The device is not ready. (0x80070015) f:\ Error: (04/08/2015 00:28:54 PM) (Source: crypt32) (EventID: 11) (User: ) Description: http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cabThe data is invalid. Error: (04/08/2015 11:43:32 AM) (Source: Windows Search Service) (EventID: 3013) (User: ) Description: Context: Application, SystemIndex Catalog Details: A device attached to the system is not functioning. (0x8007001f) C:\DOCUMENTS AND SETTINGS\USER\MY DOCUMENTS\MY PICTURES\PHOTOTHUMB.DB-JOURNAL Error: (04/07/2015 08:24:57 PM) (Source: Windows Search Service) (EventID: 3013) (User: ) Description: Context: Application, SystemIndex Catalog Details: A device attached to the system is not functioning. (0x8007001f) F:\ZDJECIA-WSZYSTKIE\ZDJECIA-Z-TELEFONU\AAAAAAAA Error: (04/07/2015 08:24:56 PM) (Source: Windows Search Service) (EventID: 3013) (User: ) Description: Context: Application, SystemIndex Catalog Details: A device attached to the system is not functioning. (0x8007001f) F:\ZDJECIA-WSZYSTKIE\ZDJECIA-Z-TELEFONU\RRRRRRRR Error: (04/07/2015 08:24:56 PM) (Source: Windows Search Service) (EventID: 3013) (User: ) Description: Context: Application, SystemIndex Catalog Details: A device attached to the system is not functioning. (0x8007001f) F:\ZDJECIA-WSZYSTKIE\ZDJECIA-Z-TELEFONU\PPPPPPPP Error: (04/07/2015 08:24:25 PM) (Source: Windows Search Service) (EventID: 3013) (User: ) Description: Context: Application, SystemIndex Catalog Details: A device attached to the system is not functioning. (0x8007001f) F:\ZDJECIA-WSZYSTKIE\ZDJECIA-Z-TELEFONU\FFFFFFFF Error: (04/07/2015 08:24:25 PM) (Source: Windows Search Service) (EventID: 3013) (User: ) Description: Context: Application, SystemIndex Catalog Details: A device attached to the system is not functioning. (0x8007001f) F:\ZDJECIA-WSZYSTKIE\ZDJECIA-Z-TELEFONU\EEEEEEEE Error: (04/07/2015 07:30:54 PM) (Source: Windows Search Service) (EventID: 3013) (User: ) Description: Context: Application, SystemIndex Catalog Details: A device attached to the system is not functioning. (0x8007001f) F:\ZDJECIA-WSZYSTKIE\ZDJECIA\AAAAAAAAAAAAAAAAAAAAAAAAA.AAA Error: (04/07/2015 06:05:12 PM) (Source: Windows Search Service) (EventID: 3013) (User: ) Description: Context: Application, SystemIndex Catalog Details: A device attached to the system is not functioning. (0x8007001f) F:\ZDJECIA-WSZYSTKIE\MOJE-OBRAZY3\PICTURE-PROJECT\0006\UUUUUUUU.UUU ==================== Memory info =========================== Processor: Intel(R) Core(TM)2 Duo CPU T7100 @ 1.80GHz Percentage of memory in use: 35% Total physical RAM: 2549.89 MB Available physical RAM: 1648.62 MB Total Pagefile: 4438.78 MB Available Pagefile: 3551.18 MB Total Virtual: 2047.88 MB Available Virtual: 1912.53 MB ==================== Drives ================================ Drive c: () (Fixed) (Total:74.53 GB) (Free:47.9 GB) NTFS ==>[Drive with boot components (Windows XP)] ==================== MBR & Partition Table ================== ======================================================== Disk: 0 (MBR Code: Windows XP) (Size: 74.5 GB) (Disk ID: E8630495) Partition 1: (Active) - (Size=74.5 GB) - (Type=07 NTFS) ==================== End Of Log ============================