Additional scan result of Farbar Recovery Scan Tool (x86) Version:24-08-2015 Ran by Maciek (2015-08-25 00:13:37) Running from C:\Users\Maciek\Downloads Boot Mode: Normal ========================================================== ==================== Accounts: ============================= Administrator (S-1-5-21-609451506-4156903826-1265750825-500 - Administrator - Disabled) Guest (S-1-5-21-609451506-4156903826-1265750825-501 - Limited - Disabled) Maciek (S-1-5-21-609451506-4156903826-1265750825-1000 - Administrator - Enabled) => C:\Users\Maciek ==================== Security Center ======================== (If an entry is included in the fixlist, it will be removed.) AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} ==================== Installed Programs ====================== (Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.) µTorrent (HKU\S-1-5-21-609451506-4156903826-1265750825-1000\...\uTorrent) (Version: 3.4.4.40911 - BitTorrent Inc.) Adobe Flash Player 10 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 10.1.102.64 - Adobe Systems Incorporated) Google Chrome (HKLM\...\Google Chrome) (Version: 44.0.2403.157 - Google Inc.) Google Update Helper (Version: 1.3.28.5 - Google Inc.) Hidden Intel(R) PROSet/Wireless WiFi Software (HKLM\...\{1A8BA6CE-822D-4888-89E2-ACBF4308F271}) (Version: 13.02.0000 - Intel Corporation) K-Lite Codec Pack 11.3.6 Full (HKLM\...\KLiteCodecPack_is1) (Version: 11.3.6 - ) KMPlayer (remove only) (HKLM\...\The KMPlayer) (Version: 3.9.1.138 - PandoraTV) Marvell Miniport Driver (HKLM\...\Marvell Miniport Driver) (Version: 11.45.4.3 - Marvell) Microsoft Office Enterprise 2007 (HKLM\...\ENTERPRISE) (Version: 12.0.4518.1014 - Microsoft Corporation) NapiProjekt (2.2.0.2399) (HKLM\...\NapiProjekt_is1) (Version: - ) Opera Stable 31.0.1889.174 (HKLM\...\Opera 31.0.1889.174) (Version: 31.0.1889.174 - Opera Software) PRO100 ver. 4.42 Demo i Nowy Rozkrój ver. 6 Demo (HKLM\...\PRO100 i NR Demo_is1) (Version: 4.42 - Ecru Oprogramowanie) Realtek High Definition Audio Driver (HKLM\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.5948 - Realtek Semiconductor Corp.) REALTEK Wireless LAN Software (HKLM\...\{0F796312-289C-40CA-856C-9FBCF5E83342}) (Version: 0133.09.1202 - REALTEK Semiconductor Corp.) WinRAR 5.21 (32-bitowy) (HKLM\...\WinRAR archiver) (Version: 5.21.0 - win.rar GmbH) ==================== Custom CLSID (Whitelisted): ========================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) ==================== Restore Points ========================= 21-08-2015 16:12:59 Scheduled Checkpoint 21-08-2015 16:48:25 Windows Update 21-08-2015 16:54:50 Installed Intel(R) PROSet/Wireless WiFi Software. 21-08-2015 16:58:44 Windows Update 21-08-2015 17:04:40 Installed REALTEK Wireless LAN Software 21-08-2015 18:36:54 Installed Microsoft Office Enterprise 2007 23-08-2015 12:18:59 Windows Update ==================== Hosts content: ========================== (If needed Hosts: directive could be included in the fixlist to reset Hosts.) 2009-07-14 04:04 - 2009-06-10 23:39 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts ==================== Scheduled Tasks (Whitelisted) ============= (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) Task: {160418E3-25E0-4191-AC8E-FE3A61AE531D} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2015-08-21] (Google Inc.) Task: {2DE7C9FE-18B9-4716-8574-0480E829D15A} - System32\Tasks\{ABB383B5-7924-4738-9821-80A2F6FDEE45} => pcalua.exe -a C:\Users\Maciek\Downloads\SETUP.EXE -d C:\Users\Maciek\Downloads Task: {6D60C708-51F6-4569-85A9-0D39D4D4C12D} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2015-08-21] (Google Inc.) Task: {AB0CAC20-9DD0-425A-B9F7-8F24AB80F744} - System32\Tasks\Opera scheduled Autoupdate 1440372169 => C:\Program Files\Opera\launcher.exe [2015-08-17] (Opera Software) Task: {F0221792-5A26-4543-9078-E4D8B19E5EF6} - System32\Tasks\klcp_update => C:\Program Files\K-Lite Codec Pack\Tools\CodecTweakTool.exe [2015-08-03] () (If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.) Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe ==================== Loaded Modules (Whitelisted) ============== 2015-08-21 17:04 - 2015-08-21 17:04 - 00126976 _____ () C:\Program Files\REALTEK Wireless LAN Software\EnumDevLib.dll 2015-08-21 17:12 - 2015-08-18 07:23 - 01405768 _____ () C:\Program Files\Google\Chrome\Application\44.0.2403.157\libglesv2.dll 2015-08-21 17:12 - 2015-08-18 07:23 - 00081224 _____ () C:\Program Files\Google\Chrome\Application\44.0.2403.157\libegl.dll ==================== Alternate Data Streams (Whitelisted) ========= (If an entry is included in the fixlist, only the ADS will be removed.) ==================== Safe Mode (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" value will be restored.) ==================== EXE Association (Whitelisted) =============== (If an entry is included in the fixlist, the registry item will be restored to default or removed.) ==================== Internet Explorer trusted/restricted =============== (If an entry is included in the fixlist, it will be removed from the registry.) ==================== Other Areas ============================ (Currently there is no automatic fix for this section.) HKU\S-1-5-21-609451506-4156903826-1265750825-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Maciek\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg DNS Servers: 8.8.8.8 - 8.8.4.4 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1) Windows Firewall is enabled. ==================== MSCONFIG/TASK MANAGER disabled items == (Currently there is no automatic fix for this section.) ==================== FirewallRules (Whitelisted) =============== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) FirewallRules: [{9894362F-2956-4726-B111-9DB83A5DBB3D}] => (Allow) C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe FirewallRules: [{DCF28504-2492-4C14-B27F-3CCC269A6037}] => (Allow) C:\Program Files\REALTEK Wireless LAN Software\RtWLan.exe FirewallRules: [{DB65F659-A567-4F58-A04A-F28AB98AA324}] => (Allow) C:\Program Files\REALTEK Wireless LAN Software\RtWLan.exe FirewallRules: [{D0864FDB-91C2-4084-BB0E-AC703E227170}] => (Allow) LPort=1542 FirewallRules: [{D846C3E7-24DD-4D50-A426-33AE905E8CEC}] => (Allow) LPort=1542 FirewallRules: [{08241C22-BC3E-4E2F-9A4A-EF9F55517FC8}] => (Allow) LPort=53 FirewallRules: [{68BE70E6-5051-49E4-80C2-517E010E2340}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe FirewallRules: [{8F95863A-7CE1-4EF5-AC6C-75CD1F1E9183}] => (Allow) C:\Users\Maciek\AppData\Roaming\uTorrent\uTorrent.exe FirewallRules: [{21F79619-3416-4F65-AFF3-7328BC9F62EA}] => (Allow) C:\Users\Maciek\AppData\Roaming\uTorrent\uTorrent.exe FirewallRules: [{A34A60F1-09BE-492A-9B76-83A4435292D8}] => (Allow) C:\Users\Maciek\AppData\Roaming\uTorrent\uTorrent.exe FirewallRules: [{1B3F8208-8A83-46F8-A643-FFFA3C537F2C}] => (Allow) C:\Users\Maciek\AppData\Roaming\uTorrent\uTorrent.exe FirewallRules: [{0B84549C-8718-426D-AF2D-874BA6528869}] => (Allow) C:\Users\Maciek\AppData\Roaming\uTorrent\uTorrent.exe FirewallRules: [{897C7DBF-493D-4C7E-8918-77262CFAF842}] => (Allow) C:\Users\Maciek\AppData\Roaming\uTorrent\uTorrent.exe FirewallRules: [{15F01EA5-9D19-459F-AF99-A1C5B5B5CD30}] => (Allow) C:\Program Files\NapiProjekt\napisy.exe FirewallRules: [{22A2E2BE-554A-462B-8C3C-0373636F98C3}] => (Allow) C:\Program Files\NapiProjekt\napisy.exe ==================== Faulty Device Manager Devices ============= ==================== Event log errors: ========================= Application errors: ================== Error: (08/21/2015 06:42:16 PM) (Source: SideBySide) (EventID: 33) (User: ) Description: Activation context generation failed for "Microsoft.VC80.ATL,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"1". Dependent Assembly Microsoft.VC80.ATL,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0" could not be found. Please use sxstrace.exe for detailed diagnosis. Error: (08/21/2015 06:36:54 PM) (Source: VSS) (EventID: 8194) (User: ) Description: Volume Shadow Copy Service error: Unexpected error querying for the IVssWriterCallback interface. hr = 0x80070005, Access is denied. . This is often caused by incorrect security settings in either the writer or requestor process. Operation: Gathering Writer Data Context: Writer Class Id: {e8132975-6f93-4464-a53e-1050253ae220} Writer Name: System Writer Writer Instance ID: {4dddacda-2149-47f3-88f0-9090aafd1074} Error: (08/21/2015 06:35:21 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Faulting application name: demo.exe, version: 4.42.0.0, time stamp: 0x2a425e19 Faulting module name: KERNELBASE.dll, version: 6.1.7600.16385, time stamp: 0x4a5bdaae Exception code: 0x0eedfade Fault offset: 0x00009617 Faulting process id: 0xe88 Faulting application start time: 0xdemo.exe0 Faulting application path: demo.exe1 Faulting module path: demo.exe2 Report Id: demo.exe3 Error: (08/22/2015 12:34:56 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 257) (User: ) Description: The Cryptographic Services service failed to initialize the Catalog Database. The ESENT error was: -546. Error: (08/22/2015 12:34:56 AM) (Source: ESENT) (EventID: 412) (User: ) Description: Catalog Database (1084) Catalog Database: Unable to read the header of logfile C:\Windows\system32\CatRoot2\edb.log. Error -546. Error: (08/22/2015 12:34:56 AM) (Source: ESENT) (EventID: 412) (User: ) Description: Catalog Database (1084) Catalog Database: Unable to read the header of logfile C:\Windows\system32\CatRoot2\edb.log. Error -546. System errors: ============= Error: (08/25/2015 12:09:41 AM) (Source: atikmdag) (EventID: 10261) (User: ) Description: Display is not active Error: (08/25/2015 12:09:41 AM) (Source: atikmdag) (EventID: 19468) (User: ) Description: CPLIB :: General - Invalid Parameter Error: (08/24/2015 05:01:01 PM) (Source: atikmdag) (EventID: 10261) (User: ) Description: Display is not active Error: (08/24/2015 05:01:01 PM) (Source: atikmdag) (EventID: 19468) (User: ) Description: CPLIB :: General - Invalid Parameter Error: (08/24/2015 05:01:05 PM) (Source: EventLog) (EventID: 6008) (User: ) Description: The previous system shutdown at 4:58:38 PM on ‎8/‎24/‎2015 was unexpected. Error: (08/24/2015 04:52:46 PM) (Source: DCOM) (EventID: 10005) (User: ) Description: 1068BITS{4991D34B-80A1-4291-83B6-3328366B9097} Error: (08/24/2015 04:45:08 PM) (Source: Service Control Manager) (EventID: 7001) (User: ) Description: The Computer Browser service depends on the Server service which failed to start because of the following error: %%1068 Error: (08/24/2015 04:45:08 PM) (Source: Service Control Manager) (EventID: 7001) (User: ) Description: The Computer Browser service depends on the Server service which failed to start because of the following error: %%1068 Error: (08/24/2015 04:45:08 PM) (Source: Service Control Manager) (EventID: 7001) (User: ) Description: The Computer Browser service depends on the Server service which failed to start because of the following error: %%1068 Error: (08/24/2015 04:45:08 PM) (Source: Service Control Manager) (EventID: 7001) (User: ) Description: The Computer Browser service depends on the Server service which failed to start because of the following error: %%1068 Microsoft Office: ========================= ==================== Memory info =========================== Processor: Intel(R) Core(TM)2 Duo CPU T6500 @ 2.10GHz Percentage of memory in use: 36% Total physical RAM: 3036.61 MB Available physical RAM: 1929.99 MB Total Virtual: 6069.45 MB Available Virtual: 4818.34 MB ==================== Drives ================================ Drive c: () (Fixed) (Total:465.66 GB) (Free:438.48 GB) NTFS ==>[drive with boot components (obtained from BCD)] ==================== MBR & Partition Table ================== ======================================================== Disk: 0 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: B2B1B27D) Partition 1: (Active) - (Size=465.7 GB) - (Type=07 NTFS) ==================== End of FRST.txt ============================