Additional scan result of Farbar Recovery Scan Tool (x64) Version: 30-09-2014 Ran by user at 2014-10-02 19:49:50 Running from C:\FRST Boot Mode: Normal ========================================================== ==================== Security Center ======================== (If an entry is included in the fixlist, it will be removed.) AV: avast! Antivirus (Disabled - Up to date) {2B2D1395-420B-D5C9-657E-930FE358FC3C} AS: avast! Antivirus (Disabled - Up to date) {904CF271-6431-DA47-5FCE-A87D98DFB681} AS: Windows Defender (Enabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} ==================== Installed Programs ====================== (Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.) Acrobat.com (HKLM-x32\...\{287ECFA4-719A-2143-A09B-D6A12DE54E40}) (Version: 1.6.65 - Adobe Systems Incorporated) Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 4.0.0.1390 - Adobe Systems Incorporated) Adobe AIR (x32 Version: 4.0.0.1390 - Adobe Systems Incorporated) Hidden Adobe Flash Player 15 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 15.0.0.152 - Adobe Systems Incorporated) Adobe Flash Player 15 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 15.0.0.152 - Adobe Systems Incorporated) Adobe Reader XI (11.0.09) - Polish (HKLM-x32\...\{AC76BA86-7AD7-1045-7B44-AB0000000001}) (Version: 11.0.09 - Adobe Systems Incorporated) Adobe Reader XI (11.0.09) (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.09 - Adobe Systems Incorporated) AGEIA PhysX v7.07.09 (HKLM-x32\...\{65F1CF63-31E0-450B-96F3-4A88BE7361A6}) (Version: 7.07.09 - AGEIA Technologies, Inc.) ASUS AI Recovery (HKLM-x32\...\{06585B02-F20D-4AB2-9A64-86EF2AE0F8F0}) (Version: 1.0.10 - ASUS) ASUS AP Bank (HKLM-x32\...\ASUS AP Bank_is1) (Version: 1.0.0.0 - ASUSTEK) ASUS CopyProtect (HKLM-x32\...\{6B77A7F6-DD63-4F13-A6FF-83137A5AC354}) (Version: 1.0.0015 - ASUS) ASUS Data Security Manager (HKLM-x32\...\{FA2092C5-7979-412D-A962-6485274AE1EE}) (Version: 1.00.0014 - ASUS) ASUS FancyStart (HKLM-x32\...\{2B81872B-A054-48DA-BE3B-FA5C164C303A}) (Version: 1.0.8 - ASUSTeK Computer Inc.) ASUS LifeFrame3 (HKLM-x32\...\{1DBD1F12-ED93-49C0-A7CC-56CBDE488158}) (Version: 3.0.20 - ASUS) ASUS Live Update (HKLM-x32\...\{E657B243-9AD4-4ECC-BE81-4CCF8D667FD0}) (Version: 2.5.9 - ASUS) ASUS MultiFrame (HKLM-x32\...\{9D48531D-2135-49FC-BC29-ACCDA5396A76}) (Version: 1.0.0021 - ASUS) ASUS Power4Gear Hybrid (HKLM\...\{91EFE3A1-585E-4F66-B5F6-F118F56C4C47}) (Version: 1.1.37 - ASUS) ASUS SmartLogon (HKLM-x32\...\{64452561-169F-4A36-A2FF-B5E118EC65F5}) (Version: 1.0.0008 - ASUS) ASUS Splendid Video Enhancement Technology (HKLM-x32\...\{0969AF05-4FF6-4C00-9406-43599238DE0D}) (Version: 1.02.0028 - ASUS) ASUS Virtual Camera (HKLM-x32\...\{EC8BD21F-0CA0-4BBF-97D9-4A52B30041A1}) (Version: 1.0.20 - asus) Asystent rejestracji usługi Windows Live (HKLM-x32\...\{74CC5B4D-CBB5-46F1-82B0-3169977B1D36}) (Version: 5.000.818.6 - Microsoft Corporation) ATI AVIVO64 Codecs (Version: 10.12.0.00122 - ATI Technologies Inc.) Hidden ATI Catalyst Install Manager (HKLM\...\{D0528577-31BF-2ABC-D7FC-E443EBF8B40A}) (Version: 3.0.758.0 - ATI Technologies, Inc.) ATK Package (HKLM-x32\...\{AB5C933E-5C7D-4D30-B314-9C83A49B94BE}) (Version: 1.0.0005 - ASUS) avast! Free Antivirus (HKLM-x32\...\avast) (Version: 8.0.1506.0 - AVAST Software) Bezpieczeństwo rodzinne usługi Windows Live (Version: 14.0.8052.1208 - Microsoft Corporation) Hidden BitTorrent (HKCU\...\BitTorrent) (Version: 7.9.2.34026 - BitTorrent Inc.) Boingo Wi-Fi (HKLM-x32\...\{B653A2EC-D816-4498-A4FD-651047AB9DC9}) (Version: 1.7.0048 - Boingo Wireless, Inc.) Bundled software uninstaller (HKLM-x32\...\bi_uninstaller) (Version: - ) <==== ATTENTION Catalyst Control Center - Branding (x32 Version: 1.00.0000 - ATI) Hidden Catalyst Control Center Core Implementation (x32 Version: 2010.0122.858.16002 - ATI) Hidden Catalyst Control Center Graphics Full Existing (x32 Version: 2010.0122.858.16002 - ATI) Hidden Catalyst Control Center Graphics Full New (x32 Version: 2010.0122.858.16002 - ATI) Hidden Catalyst Control Center Graphics Light (x32 Version: 2010.0122.858.16002 - ATI) Hidden Catalyst Control Center Graphics Previews Common (x32 Version: 2010.0122.858.16002 - ATI) Hidden Catalyst Control Center Graphics Previews Vista (x32 Version: 2010.0122.858.16002 - ATI) Hidden Catalyst Control Center InstallProxy (x32 Version: 2010.0122.858.16002 - ATI Technologies, Inc.) Hidden Catalyst Control Center Localization All (x32 Version: 2010.0122.858.16002 - ATI) Hidden CCC Help Chinese Standard (x32 Version: 2010.0122.0857.16002 - ATI) Hidden CCC Help Chinese Traditional (x32 Version: 2010.0122.0857.16002 - ATI) Hidden CCC Help Czech (x32 Version: 2010.0122.0857.16002 - ATI) Hidden CCC Help Danish (x32 Version: 2010.0122.0857.16002 - ATI) Hidden CCC Help Dutch (x32 Version: 2010.0122.0857.16002 - ATI) Hidden CCC Help English (x32 Version: 2010.0122.0857.16002 - ATI) Hidden CCC Help Finnish (x32 Version: 2010.0122.0857.16002 - ATI) Hidden CCC Help French (x32 Version: 2010.0122.0857.16002 - ATI) Hidden CCC Help German (x32 Version: 2010.0122.0857.16002 - ATI) Hidden CCC Help Greek (x32 Version: 2010.0122.0857.16002 - ATI) Hidden CCC Help Hungarian (x32 Version: 2010.0122.0857.16002 - ATI) Hidden CCC Help Italian (x32 Version: 2010.0122.0857.16002 - ATI) Hidden CCC Help Japanese (x32 Version: 2010.0122.0857.16002 - ATI) Hidden CCC Help Korean (x32 Version: 2010.0122.0857.16002 - ATI) Hidden CCC Help Norwegian (x32 Version: 2010.0122.0857.16002 - ATI) Hidden CCC Help Polish (x32 Version: 2010.0122.0857.16002 - ATI) Hidden CCC Help Portuguese (x32 Version: 2010.0122.0857.16002 - ATI) Hidden CCC Help Russian (x32 Version: 2010.0122.0857.16002 - ATI) Hidden CCC Help Spanish (x32 Version: 2010.0122.0857.16002 - ATI) Hidden CCC Help Swedish (x32 Version: 2010.0122.0857.16002 - ATI) Hidden CCC Help Thai (x32 Version: 2010.0122.0857.16002 - ATI) Hidden CCC Help Turkish (x32 Version: 2010.0122.0857.16002 - ATI) Hidden ccc-core-static (x32 Version: 2010.0122.858.16002 - ATI) Hidden ccc-utility64 (Version: 2010.0122.858.16002 - ATI) Hidden CHEMCAD 5.1.x (HKLM-x32\...\CHEMCAD 5.1.x) (Version: - ) Choice Guard (x32 Version: 1.2.87.0 - Microsoft Corporation) Hidden Conexant HD Audio (HKLM\...\CNXT_AUDIO_HDA) (Version: 4.98.18.65 - Conexant) ControlDeck (HKLM-x32\...\{5B65EF64-1DFA-414A-8C94-7BB726158E21}) (Version: 1.0.8 - ASUS) CyberLink LabelPrint (HKLM-x32\...\InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}) (Version: 2.5.1908 - CyberLink Corp.) CyberLink LabelPrint (x32 Version: 2.5.1908 - CyberLink Corp.) Hidden CyberLink Power2Go (HKLM-x32\...\InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 6.1.3602c - CyberLink Corp.) CyberLink Power2Go (x32 Version: 6.1.3602c - CyberLink Corp.) Hidden Dodatek Zapisywanie jako PDF firmy Microsoft dla programów pakietu Microsoft Office 2007 (HKLM-x32\...\{90120000-00B0-0415-0000-0000000FF1CE}) (Version: 12.0.4518.1020 - Microsoft Corporation) Dream Day Wedding Married in Manhattan (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-115233673}) (Version: - Oberon Media) DriverEasy 4.6.5 (HKLM\...\DriverEasy_is1) (Version: 4.6.5.0 - Easeware) ETDWare PS/2-x64 7.0.5.11_WHQL (HKLM\...\Elantech) (Version: 7.0.5.11 - ELAN Microelectronics Corp.) Fast Boot (HKLM\...\{13F4A7F3-EABC-4261-AF6B-1317777F0755}) (Version: 1.0.6 - ASUS) Galeria fotografii usługi Windows Live (x32 Version: 14.0.8051.1204 - Microsoft Corporation) Hidden Google Chrome (HKLM-x32\...\Google Chrome) (Version: 37.0.2062.124 - Google Inc.) Google Update Helper (x32 Version: 1.3.24.15 - Google Inc.) Hidden GTA2 (HKLM-x32\...\{2987EE84-C4EE-4FF5-8160-32DE00D6ABC6}) (Version: 1.00.001 - ) Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 6.0.0.1179 - Intel Corporation) JMicron Ethernet Adapter NDIS Driver (HKLM-x32\...\{96DCEE2F-98EE-4F80-8C0F-7C04D1FB9D7F}) (Version: 6.0.33.3 - JMicron Technology Corp.) JMicron Flash Media Controller Driver (HKLM-x32\...\{26604C7E-A313-4D12-867F-7C6E7820BE4C}) (Version: 1.0.33.2 - JMicron Technology Corp.) Junk Mail filter update (x32 Version: 14.0.8050.1202 - Microsoft Corporation) Hidden K_Series_ScreenSaver_EN (HKLM-x32\...\K_Series_ScreenSaver_EN) (Version: - ) Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden Microsoft Office 2000 Premium (HKLM-x32\...\{00000415-78E1-11D2-B60F-006097C998E7}) (Version: 9.00.2720 - Microsoft Corporation) Microsoft Office Access MUI (Polish) 2007 (x32 Version: 12.0.4518.1020 - Microsoft Corporation) Hidden Microsoft Office Click-to-Run 2010 (HKLM-x32\...\Office14.Click2Run) (Version: 14.0.4763.1000 - Microsoft Corporation) Microsoft Office Click-to-Run 2010 (Version: 14.0.4763.1000 - Microsoft Corporation) Hidden Microsoft Office Enterprise 2007 (HKLM-x32\...\ENTERPRISE) (Version: 12.0.4518.1014 - Microsoft Corporation) Microsoft Office Enterprise 2007 (x32 Version: 12.0.4518.1014 - Microsoft Corporation) Hidden Microsoft Office Excel MUI (Polish) 2007 (x32 Version: 12.0.4518.1020 - Microsoft Corporation) Hidden Microsoft Office Groove MUI (Polish) 2007 (x32 Version: 12.0.4518.1020 - Microsoft Corporation) Hidden Microsoft Office InfoPath MUI (Polish) 2007 (x32 Version: 12.0.4518.1020 - Microsoft Corporation) Hidden Microsoft Office Office 64-bit Components 2007 (Version: 12.0.4518.1014 - Microsoft Corporation) Hidden Microsoft Office OneNote MUI (Polish) 2007 (x32 Version: 12.0.4518.1020 - Microsoft Corporation) Hidden Microsoft Office Outlook MUI (Polish) 2007 (x32 Version: 12.0.4518.1020 - Microsoft Corporation) Hidden Microsoft Office PowerPoint MUI (Polish) 2007 (x32 Version: 12.0.4518.1020 - Microsoft Corporation) Hidden Microsoft Office Proof (English) 2007 (x32 Version: 12.0.4518.1014 - Microsoft Corporation) Hidden Microsoft Office Proof (German) 2007 (x32 Version: 12.0.4518.1014 - Microsoft Corporation) Hidden Microsoft Office Proof (Polish) 2007 (x32 Version: 12.0.4518.1020 - Microsoft Corporation) Hidden Microsoft Office Proofing (Polish) 2007 (x32 Version: 12.0.4518.1020 - Microsoft Corporation) Hidden Microsoft Office Publisher MUI (Polish) 2007 (x32 Version: 12.0.4518.1020 - Microsoft Corporation) Hidden Microsoft Office Shared 64-bit MUI (Polish) 2007 (Version: 12.0.4518.1020 - Microsoft Corporation) Hidden Microsoft Office Shared MUI (Polish) 2007 (x32 Version: 12.0.4518.1020 - Microsoft Corporation) Hidden Microsoft Office Word MUI (Polish) 2007 (x32 Version: 12.0.4518.1020 - Microsoft Corporation) Hidden Microsoft Search Enhancement Pack (x32 Version: 1.2.121.0 - Microsoft Corporation) Hidden Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation) Microsoft Sync Framework Runtime Native v1.0 (x86) (HKLM-x32\...\{8A74E887-8F0F-4017-AF53-CBA42211AAA5}) (Version: 1.0.1215.0 - Microsoft Corporation) Microsoft Sync Framework Services Native v1.0 (x86) (HKLM-x32\...\{BD64AF4A-8C80-4152-AD77-FCDDF05208AB}) (Version: 1.0.1215.0 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{CA8A885F-E95B-3FC6-BB91-F4D9377C7686}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) MSVCRT (x32 Version: 14.0.1468.721 - Microsoft) Hidden MSXML 4.0 SP3 Parser (KB973685) (HKLM-x32\...\{859DFA95-E4A6-48CD-B88E-A3E483E89B44}) (Version: 4.30.2107.0 - Microsoft Corporation) Narzędzie do przekazywania usługi Windows Live (HKLM-x32\...\{205C6BDD-7B73-42DE-8505-9A093F35A238}) (Version: 14.0.8014.1029 - Microsoft Corporation) Pakiet sterowników systemu Windows - AnyDATA Corporation (adusbser) Modem (12/31/2007 2.0.4.0) (HKLM\...\D46E6E09C9DFBE4319FE07FC4F249DA42CC26BF9) (Version: 12/31/2007 2.0.4.0 - AnyDATA Corporation) Pakiet sterowników systemu Windows - AnyDATA Corporation (adusbser) Ports (12/31/2007 2.0.4.0) (HKLM\...\769F36EB73566E376559B9A2BD74718E72BD4735) (Version: 12/31/2007 2.0.4.0 - AnyDATA Corporation) Poczta usługi Windows Live (x32 Version: 14.0.8050.1202 - Microsoft Corporation) Hidden Podstawowe programy Windows Live (HKLM-x32\...\WinLiveSuite_Wave3) (Version: 14.0.8050.1202 - Microsoft Corporation) Podstawowe programy Windows Live (x32 Version: 14.0.8050.1202 - Microsoft Corporation) Hidden Rayman Raving Rabbids 2 (HKLM-x32\...\{B864EBC6-9DB8-4A5E-9F08-B0CE286785EC}) (Version: 1.00.0000 - Ubisoft) Sentinel System Driver (HKLM-x32\...\Rainbow Sentinel Driver) (Version: - ) syncables desktop SE (HKLM-x32\...\{BBED4F90-7AE5-40BF-AFB7-1B495692F4AB}) (Version: 5.5.615.9518 - syncables) Ubisoft Game Launcher (HKLM-x32\...\{888F1505-C2B3-4FDE-835D-36353EBD4754}) (Version: 1.0.0.0 - UBISOFT) Unity Web Player (HKCU\...\UnityWebPlayer) (Version: 4.5.0f6 - Unity Technologies ApS) USB2.0 UVC VGA WebCam (HKLM\...\USB2.0 UVC VGA WebCam) (Version: 5.8.54000.207 - Sonix) Windows Live Communications Platform (x32 Version: 14.0.8050.1202 - Microsoft Corporation) Hidden Windows Live Messenger (x32 Version: 14.0.8050.1202 - Microsoft Corporation) Hidden Windows Live Sync (HKLM-x32\...\{C3335EFB-008F-44DB-A87A-9EC8EE53D045}) (Version: 14.0.8050.1202 - Microsoft Corporation) Windows Live Toolbar (x32 Version: 14.0.8052.1208 - Microsoft Corporation) Hidden Windows Live Writer (x32 Version: 14.0.8050.1202 - Microsoft Corporation) Hidden WinFlash (HKLM-x32\...\{8F21291E-0444-4B1D-B9F9-4370A73E346D}) (Version: 2.30.3 - ASUS) WinRAR 4.10 (32-bit) (HKLM-x32\...\WinRAR archiver) (Version: 4.10.0 - win.rar GmbH) Wireless Console 3 (HKLM-x32\...\{20FDF948-C8ED-4543-A539-F7F4AEF5AFA2}) (Version: 3.0.17 - ASUS) ==================== Custom CLSID (selected items): ========================== (If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.) ==================== Restore Points ========================= 30-09-2014 16:00:32 Kopia zapasowa systemu Windows 01-10-2014 00:44:55 Removed GTA2 02-10-2014 17:44:23 Removed Java 7 Update 51 02-10-2014 17:45:33 Removed Java(TM) 6 Update 22 02-10-2014 17:46:32 Removed Java 7 Update 51 ==================== Hosts content: ========================== (If needed Hosts: directive could be included in the fixlist to reset Hosts.) 2009-07-14 04:34 - 2014-10-01 14:42 - 00000027 ____A C:\Windows\system32\Drivers\etc\hosts 127.0.0.1 localhost ==================== Scheduled Tasks (whitelisted) ============= (If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.) Task: {08689997-385E-4C36-9EFA-7C45AE8C12E2} - System32\Tasks\P4G Sidebar => C:\Program Files\Windows Sidebar\sidebar.exe [2009-07-14] (Microsoft Corporation) Task: {0CEC22F4-6054-4039-A987-08F9311E6EF5} - System32\Tasks\DriverEasy Scheduled Scan => C:\Program Files\Easeware\DriverEasy\DriverEasy.exe [2014-01-23] (Easeware) Task: {1103C08B-0808-401F-9F05-2447D0A9B0C1} - System32\Tasks\ASUS P4G => C:\Program Files\P4G\BatteryLife.exe [2010-05-28] (ATK) Task: {14C1F338-0F3B-43E2-A6D1-D096B3FBAA2F} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2014-01-22] (AVAST Software) Task: {2ECEA790-2BD4-405E-9344-1B703C0573D7} - System32\Tasks\ASUS Live Update => C:\Program Files (x86)\ASUS\ASUS Live Update\ALU.exe [2007-11-30] () Task: {44CA9C52-320A-4C22-AAAC-CF173A769D02} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-06-16] (Google Inc.) Task: {A7E7A7CF-FA6B-4B31-AC91-6551DA71337A} - System32\Tasks\Microsoft\Windows\WindowsBackup\AutomaticBackup => Rundll32.exe /d sdengin2.dll,ExecuteScheduledBackup Task: {C6B02818-AF4D-46FA-AF0E-34D4962F7AA5} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-06-16] (Google Inc.) Task: {C8A41FEB-0541-44CF-9DA5-78D2646451F6} - System32\Tasks\ASPG => C:\Program Files (x86)\ASUS\ASUS CopyProtect\aspg.exe [2009-06-29] (ASUS) Task: {D458B083-12EF-4AE0-AD2A-7F5A942FDB44} - System32\Tasks\ASUS SmartLogon Console Sensor => C:\Program Files (x86)\ASUS\SmartLogon\sensorsrv.exe [2009-07-31] (ASUS) Task: {DBF5EA15-D5B8-4F61-B93C-F188A83F9098} - System32\Tasks\ACMON => C:\Program Files (x86)\ASUS\Splendid\ACMON.exe [2009-07-23] (ATK) Task: {E0B6AC80-34DF-4BBC-B846-1237347F1D03} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-09-11] (Adobe Systems Incorporated) Task: {EC7A6978-EEE9-4ACA-BE45-B4ECD3F3B2EB} - System32\Tasks\ASUSControlDeck => C:\Program Files (x86)\ASUS\ControlDeck\ControlDeck.exe [2010-06-09] (asus) Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe Task: C:\Windows\Tasks\DriverEasy Scheduled Scan.job => C:\Program Files\Easeware\DriverEasy\DriverEasy.exe Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe ==================== Loaded Modules (whitelisted) ============= 2007-06-15 19:28 - 2007-06-15 19:28 - 00104960 _____ () C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ShlExt\x64\OverlayIconShlExt64.dll 2007-06-02 01:52 - 2007-06-02 01:52 - 00159744 _____ () C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ShlExt\x64\OverlayIconShlExt1_64.dll 2010-07-02 22:36 - 2010-07-02 22:36 - 01597440 _____ () C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe 2008-10-23 19:21 - 2008-10-23 19:21 - 00016384 ____R () C:\Program Files (x86)\ATI Technologies\ATI.ACE\Branding\Branding.dll 2010-10-01 09:20 - 2010-10-01 09:20 - 00270336 _____ () C:\Windows\assembly\GAC_MSIL\CLI.Aspect.CrossDisplay.Graphics.Dashboard\1.0.0.0__90ba9c70f846762e\CLI.Aspect.CrossDisplay.Graphics.Dashboard.dll 2010-01-11 19:27 - 2010-01-11 19:27 - 00017920 _____ () C:\Program Files\P4G\DevMng.dll 2010-05-06 03:22 - 2010-05-06 03:22 - 00108544 _____ () C:\Program Files\P4G\OvrClk.dll 2010-10-01 09:26 - 2007-11-30 20:20 - 00051768 _____ () C:\Program Files (x86)\ASUS\ASUS Live Update\ALU.exe 2008-10-01 08:02 - 2008-10-01 08:08 - 00011264 _____ () C:\Program Files (x86)\ASUS\Splendid\GLCDdll.dll 2014-06-08 21:43 - 2014-06-08 19:33 - 02811392 _____ () C:\Program Files\AVAST Software\Avast\defs\14060801\algo.dll 2009-11-02 23:20 - 2009-11-02 23:20 - 00619816 _____ () C:\Program Files (x86)\CyberLink\Power2Go\CLMediaLibrary.dll 2009-11-02 23:23 - 2009-11-02 23:23 - 00013096 _____ () C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvcPS.dll 2010-02-24 00:14 - 2010-02-24 00:14 - 00041472 _____ () C:\Program Files (x86)\ASUS\ControlDeck\HelpFunc.dll 2010-02-24 00:14 - 2010-02-24 00:14 - 00071680 _____ () C:\Program Files (x86)\ASUS\ControlDeck\Brightness.dll 2010-02-24 00:11 - 2010-02-24 00:11 - 00076288 _____ () C:\Program Files (x86)\ASUS\ControlDeck\Volume.dll 2010-02-24 00:12 - 2010-02-24 00:12 - 00186880 _____ () C:\Program Files (x86)\ASUS\ControlDeck\Resolution.dll 2010-02-24 00:14 - 2010-02-24 00:14 - 00050688 _____ () C:\Program Files (x86)\ASUS\ControlDeck\P4GControl.dll 2014-09-25 22:11 - 2014-09-23 06:06 - 01098056 _____ () C:\Program Files (x86)\Google\Chrome\Application\37.0.2062.124\libglesv2.dll 2014-09-25 22:11 - 2014-09-23 06:06 - 00174408 _____ () C:\Program Files (x86)\Google\Chrome\Application\37.0.2062.124\libegl.dll 2014-09-25 22:11 - 2014-09-23 06:07 - 08577864 _____ () C:\Program Files (x86)\Google\Chrome\Application\37.0.2062.124\pdf.dll 2014-09-25 22:11 - 2014-09-23 06:07 - 00331592 _____ () C:\Program Files (x86)\Google\Chrome\Application\37.0.2062.124\ppGoogleNaClPluginChrome.dll 2014-09-25 22:11 - 2014-09-23 06:06 - 01660232 _____ () C:\Program Files (x86)\Google\Chrome\Application\37.0.2062.124\ffmpegsumo.dll ==================== Alternate Data Streams (whitelisted) ========= (If an entry is included in the fixlist, only the Alternate Data Streams will be removed.) ==================== Safe Mode (whitelisted) =================== (If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.) ==================== EXE Association (whitelisted) ============= (If an entry is included in the fixlist, the default will be restored. None default entries will be removed.) ==================== MSCONFIG/TASK MANAGER disabled items ========= (Currently there is no automatic fix for this section.) MSCONFIG\startupreg: Adobe Reader Speed Launcher => "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe" MSCONFIG\startupreg: ADSMTray => C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ADSMTray.exe MSCONFIG\startupreg: ASUS Screen Saver Protector => C:\Windows\AsScrPro.exe MSCONFIG\startupreg: CLMLServer => "C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe" ========================= Accounts: ========================== Administrator (S-1-5-21-1718327734-3321573858-3367372591-500 - Administrator - Disabled) Gość (S-1-5-21-1718327734-3321573858-3367372591-501 - Limited - Enabled) => C:\Users\Gość HomeGroupUser$ (S-1-5-21-1718327734-3321573858-3367372591-1002 - Limited - Enabled) user (S-1-5-21-1718327734-3321573858-3367372591-1000 - Administrator - Enabled) => C:\Users\user ==================== Faulty Device Manager Devices ============= ==================== Event log errors: ========================= Application errors: ================== Error: (10/02/2014 07:43:51 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 4107) (User: ) Description: Nie można wyodrębnić listy głównej innych firm z pliku cab automatycznej aktualizacji z: , wystąpił błąd: Wymagany certyfikat jest poza okresem ważności, co wynika z weryfikacji bieżącego zegara systemowego lub sygnatury czasowej. . Error: (10/02/2014 07:30:03 PM) (Source: System Restore) (EventID: 8193) (User: ) Description: Nie można utworzyć punktu przywracania (Proces = C:\Windows\system32\wbem\wmiprvse.exe; Opis = ComboFix created restore point; Błąd = 0x8007043c). Error: (10/02/2014 07:30:03 PM) (Source: VSS) (EventID: 8193) (User: ) Description: Błąd Usługi kopiowania woluminów w tle: nieoczekiwany błąd podczas wywoływania procedury CoCreateInstance. hr = 0x8007043c, Tej usługi nie można uruchomić w trybie awaryjnym . Operacja: Tworzenie wystąpienia serwera VSS Error: (10/02/2014 07:30:03 PM) (Source: VSS) (EventID: 18) (User: ) Description: Błąd Usługi kopiowania woluminów w tle: W trybie awaryjnym nie można uruchomić serwera usługi COM z identyfikatorem CLSID {e579ab5f-1cc4-44b4-bed9-de0991ff0623} i nazwą IVssCoordinatorEx2. W trybie awaryjnym nie można uruchomić Usługi kopiowania woluminów w tle. [0x8007043c, Tej usługi nie można uruchomić w trybie awaryjnym ] Operacja: Tworzenie wystąpienia serwera VSS Error: (10/02/2014 07:29:41 PM) (Source: VSS) (EventID: 18) (User: ) Description: Błąd Usługi kopiowania woluminów w tle: W trybie awaryjnym nie można uruchomić serwera usługi COM z identyfikatorem CLSID {e579ab5f-1cc4-44b4-bed9-de0991ff0623} i nazwą Coordinator. W trybie awaryjnym nie można uruchomić Usługi kopiowania woluminów w tle. [0x8007043c, Tej usługi nie można uruchomić w trybie awaryjnym ] Error: (10/01/2014 06:58:38 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 4107) (User: ) Description: Nie można wyodrębnić listy głównej innych firm z pliku cab automatycznej aktualizacji z: , wystąpił błąd: Wymagany certyfikat jest poza okresem ważności, co wynika z weryfikacji bieżącego zegara systemowego lub sygnatury czasowej. . Error: (10/01/2014 04:13:38 PM) (Source: VSS) (EventID: 8193) (User: ) Description: Błąd Usługi kopiowania woluminów w tle: nieoczekiwany błąd podczas wywoływania procedury CoCreateInstance. hr = 0x8007043c, Tej usługi nie można uruchomić w trybie awaryjnym . Operacja: Tworzenie wystąpienia serwera VSS Error: (10/01/2014 04:13:38 PM) (Source: VSS) (EventID: 18) (User: ) Description: Błąd Usługi kopiowania woluminów w tle: W trybie awaryjnym nie można uruchomić serwera usługi COM z identyfikatorem CLSID {e579ab5f-1cc4-44b4-bed9-de0991ff0623} i nazwą IVssCoordinatorEx2. W trybie awaryjnym nie można uruchomić Usługi kopiowania woluminów w tle. [0x8007043c, Tej usługi nie można uruchomić w trybie awaryjnym ] Operacja: Tworzenie wystąpienia serwera VSS Error: (10/01/2014 02:31:33 PM) (Source: System Restore) (EventID: 8193) (User: ) Description: Nie można utworzyć punktu przywracania (Proces = C:\Windows\system32\wbem\wmiprvse.exe; Opis = ComboFix created restore point; Błąd = 0x8007043c). Error: (10/01/2014 02:31:33 PM) (Source: VSS) (EventID: 8193) (User: ) Description: Błąd Usługi kopiowania woluminów w tle: nieoczekiwany błąd podczas wywoływania procedury CoCreateInstance. hr = 0x8007043c, Tej usługi nie można uruchomić w trybie awaryjnym . Operacja: Tworzenie wystąpienia serwera VSS System errors: ============= Error: (10/02/2014 07:43:44 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Nie można uruchomić usługi atksgt z powodu następującego błędu: %%1275 Error: (10/02/2014 07:43:44 PM) (Source: Application Popup) (EventID: 875) (User: ) Description: Sterownik atksgt.sys został zablokowany dla ładowania. Error: (10/02/2014 07:40:12 PM) (Source: DCOM) (EventID: 10005) (User: ) Description: 1084MSIServer{000C101C-0000-0000-C000-000000000046} Error: (10/02/2014 07:36:09 PM) (Source: Service Control Manager) (EventID: 7001) (User: ) Description: Usługa Przeglądarka komputera zależy od usługi Serwer, której nie można uruchomić z powodu następującego błędu: %%1068 Error: (10/02/2014 07:36:09 PM) (Source: Service Control Manager) (EventID: 7001) (User: ) Description: Usługa Przeglądarka komputera zależy od usługi Serwer, której nie można uruchomić z powodu następującego błędu: %%1068 Error: (10/02/2014 07:36:09 PM) (Source: Service Control Manager) (EventID: 7001) (User: ) Description: Usługa Przeglądarka komputera zależy od usługi Serwer, której nie można uruchomić z powodu następującego błędu: %%1068 Error: (10/02/2014 07:34:03 PM) (Source: Service Control Manager) (EventID: 7001) (User: ) Description: Usługa Przeglądarka komputera zależy od usługi Serwer, której nie można uruchomić z powodu następującego błędu: %%1068 Error: (10/02/2014 07:34:03 PM) (Source: Service Control Manager) (EventID: 7001) (User: ) Description: Usługa Przeglądarka komputera zależy od usługi Serwer, której nie można uruchomić z powodu następującego błędu: %%1068 Error: (10/02/2014 07:34:03 PM) (Source: Service Control Manager) (EventID: 7001) (User: ) Description: Usługa Przeglądarka komputera zależy od usługi Serwer, której nie można uruchomić z powodu następującego błędu: %%1068 Error: (10/02/2014 07:29:41 PM) (Source: DCOM) (EventID: 10005) (User: ) Description: 1084VSS{E579AB5F-1CC4-44B4-BED9-DE0991FF0623} Microsoft Office Sessions: ========================= Error: (06/30/2014 01:52:49 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: ) Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.4518.1014, Microsoft Office Version: 12.0.4518.1014. This session lasted 35 seconds with 0 seconds of active time. This session ended with a crash. Error: (06/27/2014 09:46:46 AM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: ) Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.4518.1014, Microsoft Office Version: 12.0.4518.1014. This session lasted 37 seconds with 0 seconds of active time. This session ended with a crash. Error: (06/26/2014 09:09:49 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: ) Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.4518.1014, Microsoft Office Version: 12.0.4518.1014. This session lasted 8075 seconds with 3420 seconds of active time. This session ended with a crash. Error: (06/21/2014 09:13:50 AM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: ) Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.4518.1014, Microsoft Office Version: 12.0.4518.1014. This session lasted 3 seconds with 0 seconds of active time. This session ended with a crash. Error: (06/21/2014 01:11:54 AM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: ) Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.4518.1014, Microsoft Office Version: 12.0.4518.1014. This session lasted 1702 seconds with 1260 seconds of active time. This session ended with a crash. Error: (06/21/2014 00:41:53 AM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: ) Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.4518.1014, Microsoft Office Version: 12.0.4518.1014. This session lasted 1587 seconds with 1380 seconds of active time. This session ended with a crash. Error: (06/21/2014 00:13:47 AM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: ) Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.4518.1014, Microsoft Office Version: 12.0.4518.1014. This session lasted 328 seconds with 300 seconds of active time. This session ended with a crash. Error: (06/13/2014 03:45:35 AM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: ) Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.4518.1014, Microsoft Office Version: 12.0.4518.1014. This session lasted 865 seconds with 720 seconds of active time. This session ended with a crash. Error: (04/24/2014 00:55:27 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: ) Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.4518.1014, Microsoft Office Version: 12.0.4518.1014. This session lasted 38 seconds with 0 seconds of active time. This session ended with a crash. Error: (04/24/2014 00:53:48 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: ) Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.4518.1014, Microsoft Office Version: 12.0.4518.1014. This session lasted 1 seconds with 0 seconds of active time. This session ended with a crash. CodeIntegrity Errors: =================================== Date: 2014-10-01 14:41:58.123 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2014-10-01 14:41:58.107 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. ==================== Memory info =========================== Processor: Intel(R) Core(TM) i3 CPU M 370 @ 2.40GHz Percentage of memory in use: 48% Total physical RAM: 2988.54 MB Available physical RAM: 1546.21 MB Total Pagefile: 5975.23 MB Available Pagefile: 4126.38 MB Total Virtual: 8192 MB Available Virtual: 8191.85 MB ==================== Drives ================================ Drive c: (OS) (Fixed) (Total:74.52 GB) (Free:20.69 GB) NTFS ==>[System with boot components (obtained from reading drive)] Drive d: (DATA) (Fixed) (Total:106.38 GB) (Free:92.34 GB) NTFS Drive g: (Nowy) (Fixed) (Total:97.66 GB) (Free:59.32 GB) NTFS ==================== MBR & Partition Table ================== ======================================================== Disk: 0 (MBR Code: Windows 7 or 8) (Size: 298.1 GB) (Disk ID: E0C5913D) Partition 1: (Not Active) - (Size=19.5 GB) - (Type=1C) Partition 2: (Active) - (Size=74.5 GB) - (Type=07 NTFS) Partition 3: (Not Active) - (Size=204 GB) - (Type=OF Extended) ==================== End Of Log ============================