Additional scan result of Farbar Recovery Scan Tool (x64) Version: 16-05-2015 02 Ran by Administrator at 2015-05-17 08:30:18 Running from C:\Users\Administrator\Downloads Boot Mode: Normal ========================================================== ==================== Accounts: ============================= Administrator (S-1-5-21-3414367075-2761437599-2779418438-500 - Administrator - Enabled) => C:\Users\Administrator d (S-1-5-21-3414367075-2761437599-2779418438-1000 - Administrator - Enabled) => C:\Users\d Guest (S-1-5-21-3414367075-2761437599-2779418438-501 - Limited - Disabled) HomeGroupUser$ (S-1-5-21-3414367075-2761437599-2779418438-1002 - Limited - Enabled) ==================== Security Center ======================== (If an entry is included in the fixlist, it will be removed.) AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} ==================== Installed Programs ====================== (Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.) Intel® Matrix Storage Manager (HKLM\...\{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}) (Version: - Intel Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Opera Stable 29.0.1795.47 (HKLM-x32\...\Opera 29.0.1795.47) (Version: 29.0.1795.47 - Opera Software ASA) REALTEK GbE & FE Ethernet PCI NIC Driver (HKLM-x32\...\{ACCA20B0-C4D1-4BF5-BF21-0A0EB5EF9730}) (Version: 1.00.0000 - Realtek) ==================== Custom CLSID (selected items): ========================== (If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.) ==================== Restore Points ========================= ==================== Hosts content: ========================== (If needed Hosts: directive could be included in the fixlist to reset Hosts.) 2009-07-14 04:34 - 2015-05-17 08:03 - 00000027 ____A C:\Windows\system32\Drivers\etc\hosts 127.0.0.1 localhost ==================== Scheduled Tasks (Whitelisted) ============= (If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.) Task: {3A3438CA-D7DC-48A5-9766-E3E0BCFA5A80} - System32\Tasks\Microsoft\Windows\Setup\gwx\runappraiser => C:\Windows\system32\GWX\GWXConfigManager.exe [2015-03-25] (Microsoft Corporation) Task: {9AE6D5B5-A3B5-40D7-9736-13CDEC85D880} - System32\Tasks\Opera scheduled Autoupdate 1431768322 => C:\Program Files (x86)\Opera\launcher.exe [2015-04-17] (Opera Software) Task: {9EC3D4C0-A108-4AD2-A2BC-4EED36DBBFC9} - System32\Tasks\Microsoft\Windows\Setup\gwx\launchtrayprocess => C:\Windows\system32\GWX\GWX.exe [2015-03-25] (Microsoft Corporation) Task: {C74F7A58-041F-4382-8505-6EFFB62B3B7E} - System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxcontent => C:\Windows\system32\GWX\GWXConfigManager.exe [2015-03-25] (Microsoft Corporation) Task: {CAFB812A-D83A-45CF-B8C4-04613267B804} - System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxconfig => C:\Windows\system32\GWX\GWXConfigManager.exe [2015-03-25] (Microsoft Corporation) ==================== Loaded Modules (Whitelisted) ============== 2015-05-16 11:25 - 2015-04-17 10:01 - 00479352 _____ () C:\Program Files (x86)\Opera\29.0.1795.47\opera_crashreporter.exe ==================== Alternate Data Streams (Whitelisted) ========= (If an entry is included in the fixlist, only the Alternate Data Streams will be removed.) AlternateDataStreams: C:\Users\Administrator\Downloads\biosagentplus_875.exe:BDU AlternateDataStreams: C:\Users\Administrator\Downloads\ComboFix (1).exe:BDU AlternateDataStreams: C:\Users\Administrator\Downloads\ComboFix (2).exe:BDU AlternateDataStreams: C:\Users\Administrator\Downloads\ComboFix.exe:BDU AlternateDataStreams: C:\Users\Administrator\Downloads\cpu-z_1.72-en.exe:BDU AlternateDataStreams: C:\Users\Administrator\Downloads\driveragent-setup-1213.exe:BDU AlternateDataStreams: C:\Users\Administrator\Downloads\driveragent-setup-874 (1).exe.opdownload:BDU AlternateDataStreams: C:\Users\Administrator\Downloads\driveragent-setup-874.exe:BDU AlternateDataStreams: C:\Users\Administrator\Downloads\hw32_462.exe:BDU AlternateDataStreams: C:\Users\Administrator\Downloads\HWVendorDetection.exe:BDU AlternateDataStreams: C:\Users\Administrator\Downloads\kav15.0.2.361pl-pl.exe:BDU AlternateDataStreams: C:\Users\Administrator\Downloads\Opera_29.0.1795.47_Setup.exe:BDU ==================== Safe Mode (Whitelisted) =================== (If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.) ==================== EXE Association (Whitelisted) =============== (If an entry is included in the fixlist, the default will be restored. None default entries will be removed.) ==================== Internet Explorer trusted/restricted =============== (If an entry is included in the fixlist, the associated entry will be removed from the registry.) ==================== Other Areas ============================ (Currently there is no automatic fix for this section.) HKU\S-1-5-21-3414367075-2761437599-2779418438-500\Control Panel\Desktop\\Wallpaper -> C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg DNS Servers: 217.113.224.35 - 217.113.224.135 ==================== MSCONFIG/TASK MANAGER disabled items == (Currently there is no automatic fix for this section.) ==================== FirewallRules (Whitelisted) =============== (If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.) FirewallRules: [RemoteAssistance-PnrpSvc-UDP-In-EdgeScope-Active] => (Block) %systemroot%\system32\svchost.exe FirewallRules: [RemoteAssistance-SSDPSrv-In-TCP-Active] => (Block) %SystemRoot%\system32\svchost.exe FirewallRules: [RemoteAssistance-SSDPSrv-In-UDP-Active] => (Block) %SystemRoot%\system32\svchost.exe FirewallRules: [RemoteAssistance-In-TCP-EdgeScope-Active] => (Block) %SystemRoot%\system32\msra.exe FirewallRules: [RemoteAssistance-DCOM-In-TCP-NoScope-Active] => (Block) %SystemRoot%\system32\svchost.exe FirewallRules: [RemoteAssistance-RAServer-In-TCP-NoScope-Active] => (Block) %SystemRoot%\system32\raserver.exe FirewallRules: [RemoteAssistance-PnrpSvc-UDP-In-EdgeScope] => (Block) %systemroot%\system32\svchost.exe FirewallRules: [RemoteAssistance-In-TCP-EdgeScope] => (Block) %SystemRoot%\system32\msra.exe FirewallRules: [MSDTC-RPCSS-In-TCP] => (Block) %SystemRoot%\system32\svchost.exe FirewallRules: [MSDTC-In-TCP] => (Block) %SystemRoot%\system32\msdtc.exe FirewallRules: [MSDTC-RPCSS-In-TCP-NoScope] => (Block) %SystemRoot%\system32\svchost.exe FirewallRules: [MSDTC-In-TCP-NoScope] => (Block) %SystemRoot%\system32\msdtc.exe FirewallRules: [RemoteSvcAdmin-RPCSS-In-TCP] => (Block) %SystemRoot%\system32\svchost.exe FirewallRules: [RemoteSvcAdmin-RPCSS-In-TCP-NoScope] => (Block) %SystemRoot%\system32\svchost.exe FirewallRules: [WMI-ASYNC-In-TCP] => (Block) %systemroot%\system32\wbem\unsecapp.exe FirewallRules: [WMI-WINMGMT-In-TCP] => (Block) %SystemRoot%\system32\svchost.exe FirewallRules: [WMI-RPCSS-In-TCP] => (Block) %SystemRoot%\system32\svchost.exe FirewallRules: [WMI-ASYNC-In-TCP-NoScope] => (Block) %systemroot%\system32\wbem\unsecapp.exe FirewallRules: [WMI-WINMGMT-In-TCP-NoScope] => (Block) %SystemRoot%\system32\svchost.exe FirewallRules: [WMI-RPCSS-In-TCP-NoScope] => (Block) %SystemRoot%\system32\svchost.exe FirewallRules: [MsiScsi-In-TCP] => (Block) %SystemRoot%\system32\svchost.exe FirewallRules: [MsiScsi-In-TCP-NoScope] => (Block) %SystemRoot%\system32\svchost.exe FirewallRules: [CoreNet-Teredo-In] => (Block) %SystemRoot%\system32\svchost.exe FirewallRules: [CoreNet-DHCPV6-In] => (Block) %SystemRoot%\system32\svchost.exe FirewallRules: [FPS-LLMNR-In-UDP] => (Block) %SystemRoot%\system32\svchost.exe FirewallRules: [FPS-SpoolSvc-In-TCP] => (Block) %SystemRoot%\system32\spoolsv.exe FirewallRules: [FPS-SpoolSvc-In-TCP-NoScope] => (Block) %SystemRoot%\system32\spoolsv.exe FirewallRules: [Collab-PNRP-SSDPSrv-In-UDP] => (Block) %SystemRoot%\system32\svchost.exe FirewallRules: [Collab-PNRP-In-UDP] => (Block) %SystemRoot%\system32\svchost.exe FirewallRules: [Collab-P2PHost-WSD-In-UDP] => (Block) %SystemRoot%\system32\p2phost.exe FirewallRules: [Collab-P2PHost-In-TCP] => (Block) %SystemRoot%\system32\p2phost.exe FirewallRules: [RVM-RPCSS-In-TCP] => (Block) %SystemRoot%\system32\svchost.exe FirewallRules: [RVM-VDSLDR-In-TCP] => (Block) %SystemRoot%\system32\vdsldr.exe FirewallRules: [RVM-VDS-In-TCP] => (Block) %SystemRoot%\system32\vds.exe FirewallRules: [RVM-RPCSS-In-TCP-NoScope] => (Block) %SystemRoot%\system32\svchost.exe FirewallRules: [RVM-VDSLDR-In-TCP-NoScope] => (Block) %SystemRoot%\system32\vdsldr.exe FirewallRules: [RVM-VDS-In-TCP-NoScope] => (Block) %SystemRoot%\system32\vds.exe FirewallRules: [PNRPMNRS-SSDPSrv-In-UDP] => (Block) %SystemRoot%\system32\svchost.exe FirewallRules: [PNRPMNRS-PNRP-In-UDP] => (Block) %SystemRoot%\system32\svchost.exe FirewallRules: [Microsoft-Windows-HomeGroup-ProvSvc-UDP3540-In] => (Block) %systemroot%\system32\svchost.exe FirewallRules: [Microsoft-Windows-HomeGroup-ProvSvc-TCP3587-In] => (Block) %systemroot%\system32\svchost.exe FirewallRules: [WMPNSS-In-TCP] => (Block) %PROGRAMFILES%\Windows Media Player\wmpnetwk.exe FirewallRules: [WMPNSS-In-UDP] => (Block) %PROGRAMFILES%\Windows Media Player\wmpnetwk.exe FirewallRules: [WMPNSS-WMP-In-UDP] => (Block) %PROGRAMFILES%\Windows Media Player\wmplayer.exe FirewallRules: [WMPNSS-SSDPSrv-In-UDP] => (Block) %SystemRoot%\system32\svchost.exe FirewallRules: [WMPNSS-QWave-In-TCP] => (Block) %SystemRoot%\system32\svchost.exe FirewallRules: [WMPNSS-QWave-In-UDP] => (Block) %SystemRoot%\system32\svchost.exe FirewallRules: [WMPNSS-In-TCP-NoScope] => (Block) %PROGRAMFILES%\Windows Media Player\wmpnetwk.exe FirewallRules: [WMPNSS-In-UDP-NoScope] => (Block) %PROGRAMFILES%\Windows Media Player\wmpnetwk.exe FirewallRules: [WMPNSS-WMP-In-UDP-NoScope] => (Block) %PROGRAMFILES%\Windows Media Player\wmplayer.exe FirewallRules: [WMPNSS-QWave-In-TCP-NoScope] => (Block) %SystemRoot%\system32\svchost.exe FirewallRules: [WMPNSS-QWave-In-UDP-NoScope] => (Block) %SystemRoot%\system32\svchost.exe FirewallRules: [WMP-In-UDP] => (Block) %ProgramFiles%\Windows Media Player\wmplayer.exe FirewallRules: [WMP-In-UDP-x86] => (Block) %ProgramFiles(x86)%\Windows Media Player\wmplayer.exe FirewallRules: [SNMPTRAP-In-UDP-NoScope] => (Block) %SystemRoot%\system32\snmptrap.exe FirewallRules: [SNMPTRAP-In-UDP] => (Block) %SystemRoot%\system32\snmptrap.exe FirewallRules: [MCX-SSDPSrv-In-UDP] => (Block) %SystemRoot%\system32\svchost.exe FirewallRules: [MCX-In-TCP] => (Block) %SystemRoot%\ehome\ehshell.exe FirewallRules: [MCX-QWave-In-UDP] => (Block) %SystemRoot%\system32\svchost.exe FirewallRules: [MCX-QWave-In-TCP] => (Block) %SystemRoot%\system32\svchost.exe FirewallRules: [MCX-In-UDP] => (Block) %SystemRoot%\ehome\ehshell.exe FirewallRules: [WPDMTP-SSDPSrv-In-UDP] => (Block) %SystemRoot%\system32\svchost.exe FirewallRules: [NetPres-In-TCP-NoScope] => (Block) %SystemRoot%\system32\netproj.exe FirewallRules: [NetPres-WSD-In-UDP] => (Block) %SystemRoot%\system32\netproj.exe FirewallRules: [NetPres-In-TCP] => (Block) %SystemRoot%\system32\netproj.exe FirewallRules: [RemoteDesktop-UserMode-In-TCP] => (Block) %SystemRoot%\system32\svchost.exe FirewallRules: [Microsoft-Windows-PeerDist-WSD-In] => (Block) %systemroot%\system32\svchost.exe FirewallRules: [SPPSVC-In-TCP] => (Block) %SystemRoot%\system32\sppsvc.exe FirewallRules: [SPPSVC-In-TCP-NoScope] => (Block) %SystemRoot%\system32\sppsvc.exe FirewallRules: [{D29731B2-0F6A-4D6A-8B92-1795902C0509}] => (Block) %SystemRoot%\system32\svchost.exe FirewallRules: [{588C9FE2-82AF-4A22-9757-38094716D686}] => (Block) %SystemRoot%\system32\svchost.exe FirewallRules: [{26D8CE0F-480A-4225-B7A2-ADDD352468E8}] => (Block) %SystemRoot%\system32\svchost.exe FirewallRules: [{3D9F6CA1-A664-4EF4-92E6-FA4369D67E2B}] => (Block) %SystemRoot%\system32\msra.exe FirewallRules: [{1841823C-17D9-4376-8433-1777FA11D1A2}] => (Block) %SystemRoot%\system32\svchost.exe FirewallRules: [{7BBD51DD-44F7-467B-8EE0-F83E015BC96F}] => (Block) %SystemRoot%\system32\svchost.exe FirewallRules: [{27ED2AD1-53E7-43E0-834C-678BC3BFAA3E}] => (Block) %systemroot%\system32\svchost.exe ==================== Faulty Device Manager Devices ============= Name: Microsoft System Management BIOS Driver Description: Microsoft System Management BIOS Driver Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318} Manufacturer: (Standard system devices) Service: mssmbios Problem: : This device is disabled. (Code 22) Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions. Name: Intel(R) ICH10 Family USB Universal Host Controller - 3A35 Description: Intel(R) ICH10 Family USB Universal Host Controller - 3A35 Class Guid: {36fc9e60-c465-11cf-8056-444553540000} Manufacturer: Intel Service: usbuhci Problem: : This device is disabled. (Code 22) Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions. Name: Intel(R) ICH10 Family PCI Express Root Port 1 - 3A40 Description: Intel(R) ICH10 Family PCI Express Root Port 1 - 3A40 Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318} Manufacturer: Intel Service: pci Problem: : This device is disabled. (Code 22) Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions. Name: High precision event timer Description: High precision event timer Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318} Manufacturer: (Standard system devices) Service: Problem: : This device is disabled. (Code 22) Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions. Name: WAN Miniport (IKEv2) Description: WAN Miniport (IKEv2) Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318} Manufacturer: Microsoft Service: RasAgileVpn Problem: : This device is disabled. (Code 22) Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions. Name: Microsoft PS/2 Mouse Description: Microsoft PS/2 Mouse Class Guid: {4d36e96f-e325-11ce-bfc1-08002be10318} Manufacturer: Microsoft Service: i8042prt Problem: : This device is disabled. (Code 22) Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions. Name: WAN Miniport (L2TP) Description: WAN Miniport (L2TP) Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318} Manufacturer: Microsoft Service: Rasl2tp Problem: : This device is disabled. (Code 22) Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions. Name: Intel(R) ICH10 Family USB Universal Host Controller - 3A36 Description: Intel(R) ICH10 Family USB Universal Host Controller - 3A36 Class Guid: {36fc9e60-c465-11cf-8056-444553540000} Manufacturer: Intel Service: usbuhci Problem: : This device is disabled. (Code 22) Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions. Name: Intel(R) ICH10 Family PCI Express Root Port 2 - 3A42 Description: Intel(R) ICH10 Family PCI Express Root Port 2 - 3A42 Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318} Manufacturer: Intel Service: pci Problem: : This device is disabled. (Code 22) Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions. Name: Direct memory access controller Description: Direct memory access controller Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318} Manufacturer: (Standard system devices) Service: Problem: : This device is disabled. (Code 22) Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions. Name: WAN Miniport (Network Monitor) Description: WAN Miniport (Network Monitor) Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318} Manufacturer: Microsoft Service: NdisWan Problem: : This device is disabled. (Code 22) Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions. Name: WAN Miniport (IP) Description: WAN Miniport (IP) Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318} Manufacturer: Microsoft Service: NdisWan Problem: : This device is disabled. (Code 22) Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions. Name: WAN Miniport (IPv6) Description: WAN Miniport (IPv6) Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318} Manufacturer: Microsoft Service: NdisWan Problem: : This device is disabled. (Code 22) Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions. Name: Microsoft ISATAP Adapter Description: Microsoft ISATAP Adapter Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318} Manufacturer: Microsoft Service: tunnel Problem: : This device is disabled. (Code 22) Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions. Name: Microsoft ISATAP Adapter #2 Description: Microsoft ISATAP Adapter Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318} Manufacturer: Microsoft Service: tunnel Problem: : This device is disabled. (Code 22) Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions. Name: WAN Miniport (PPPOE) Description: WAN Miniport (PPPOE) Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318} Manufacturer: Microsoft Service: RasPppoe Problem: : This device is disabled. (Code 22) Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions. Name: Microsoft ISATAP Adapter #3 Description: Microsoft ISATAP Adapter Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318} Manufacturer: Microsoft Service: tunnel Problem: : This device is disabled. (Code 22) Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions. Name: System speaker Description: System speaker Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318} Manufacturer: (Standard system devices) Service: Problem: : This device is disabled. (Code 22) Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions. Name: WAN Miniport (PPTP) Description: WAN Miniport (PPTP) Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318} Manufacturer: Microsoft Service: PptpMiniport Problem: : This device is disabled. (Code 22) Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions. Name: Microsoft ISATAP Adapter #4 Description: Microsoft ISATAP Adapter Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318} Manufacturer: Microsoft Service: tunnel Problem: : This device is disabled. (Code 22) Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions. Name: Intel(R) ICH10 Family USB Universal Host Controller - 3A38 Description: Intel(R) ICH10 Family USB Universal Host Controller - 3A38 Class Guid: {36fc9e60-c465-11cf-8056-444553540000} Manufacturer: Intel Service: usbuhci Problem: : This device is disabled. (Code 22) Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions. Name: Microsoft ISATAP Adapter #5 Description: Microsoft ISATAP Adapter Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318} Manufacturer: Microsoft Service: tunnel Problem: : This device is disabled. (Code 22) Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions. Name: WAN Miniport (SSTP) Description: WAN Miniport (SSTP) Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318} Manufacturer: Microsoft Service: RasSstp Problem: : This device is disabled. (Code 22) Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions. Name: Video Controller Description: Video Controller Class Guid: Manufacturer: Service: Problem: : This device is disabled. (Code 22) Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions. Name: Intel(R) ICH10 Family USB Universal Host Controller - 3A39 Description: Intel(R) ICH10 Family USB Universal Host Controller - 3A39 Class Guid: {36fc9e60-c465-11cf-8056-444553540000} Manufacturer: Intel Service: usbuhci Problem: : This device is disabled. (Code 22) Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions. Name: Microsoft Virtual Drive Enumerator Driver Description: Microsoft Virtual Drive Enumerator Driver Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318} Manufacturer: (Standard system devices) Service: vdrvroot Problem: : This device is disabled. (Code 22) Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions. Name: Intel(R) 82802 Firmware Hub Device Description: Intel(R) 82802 Firmware Hub Device Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318} Manufacturer: Intel Service: Problem: : This device is disabled. (Code 22) Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions. Name: Intel(R) ICH10 Family SMBus Controller - 3A30 Description: Intel(R) ICH10 Family SMBus Controller - 3A30 Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318} Manufacturer: Intel Service: Problem: : This device is disabled. (Code 22) Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions. Name: Description: Class Guid: Manufacturer: Service: Problem: : This device is disabled. (Code 22) Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions. Name: USB Root Hub Description: USB Root Hub Class Guid: {36fc9e60-c465-11cf-8056-444553540000} Manufacturer: (Standard USB Host Controller) Service: usbhub Problem: : This device is disabled. (Code 22) Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions. Name: Description: Class Guid: Manufacturer: Service: Problem: : This device is disabled. (Code 22) Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions. Name: Intel(R) 82801 PCI Bridge - 244E Description: Intel(R) 82801 PCI Bridge - 244E Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318} Manufacturer: Intel Service: pci Problem: : This device is disabled. (Code 22) Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions. Name: Intel(R) ICH10 Family USB Universal Host Controller - 3A34 Description: Intel(R) ICH10 Family USB Universal Host Controller - 3A34 Class Guid: {36fc9e60-c465-11cf-8056-444553540000} Manufacturer: Intel Service: usbuhci Problem: : This device is disabled. (Code 22) Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions. Name: High Definition Audio Controller Description: High Definition Audio Controller Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318} Manufacturer: Microsoft Service: HDAudBus Problem: : This device is disabled. (Code 22) Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions. ==================== Event log errors: ========================= Application errors: ================== Error: (05/17/2015 08:30:07 AM) (Source: VSS) (EventID: 12289) (User: ) Description: Volume Shadow Copy Service error: Unexpected error DeviceIoControl(\\?\Volume{63c7873e-faec-11e4-8ce3-806e6f6e6963} - 0000000000000190,0x0053c008,00000000003DFFA0,0,00000000003BC560,4096,[0]). hr = 0x80070079, The semaphore timeout period has expired. . Operation: Processing EndPrepareSnapshots Context: Execution Context: System Provider Error: (05/17/2015 08:17:17 AM) (Source: System Restore) (EventID: 8193) (User: ) Description: Failed to create restore point (Process = C:\Windows\system32\wbem\wmiprvse.exe; Description = ComboFix created restore point; Error = 0x81000101). Error: (05/17/2015 08:10:04 AM) (Source: System Restore) (EventID: 8193) (User: ) Description: Failed to create restore point (Process = C:\Windows\servicing\TrustedInstaller.exe; Description = Windows Modules Installer; Error = 0x81000101). Error: (05/17/2015 08:10:03 AM) (Source: VSS) (EventID: 12289) (User: ) Description: Volume Shadow Copy Service error: Unexpected error DeviceIoControl(\\?\Volume{63c7873e-faec-11e4-8ce3-806e6f6e6963} - 0000000000000144,0x0053c008,00000000003BC690,0,00000000003DFFD0,4096,[0]). hr = 0x80070079, The semaphore timeout period has expired. . Operation: Processing EndPrepareSnapshots Context: Execution Context: System Provider Error: (05/17/2015 07:59:57 AM) (Source: System Restore) (EventID: 8193) (User: ) Description: Failed to create restore point (Process = C:\Windows\system32\wbem\wmiprvse.exe; Description = ComboFix created restore point; Error = 0x81000101). Error: (05/17/2015 07:50:37 AM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (05/17/2015 06:50:26 AM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (05/16/2015 08:21:51 PM) (Source: System Restore) (EventID: 8193) (User: ) Description: Failed to create restore point (Process = C:\Users\Administrator\Downloads\New folder\rtlsetup-rtlnic(641)(0406)\PCI_InstallShield_5641_0406\setup.exe folder\rtlsetup-rtlnic(641)(0406)\PCI_InstallShield_5641_0406\setup.exe" -deleter ; Description = Zainstalowane REALTEK GbE & FE Ethernet PCI NIC Driver; Error = 0x81000101). Error: (05/16/2015 08:21:50 PM) (Source: VSS) (EventID: 12289) (User: ) Description: Volume Shadow Copy Service error: Unexpected error DeviceIoControl(\\?\Volume{63c7873e-faec-11e4-8ce3-806e6f6e6963} - 0000000000000150,0x0053c008,000000000045C6A0,0,000000000029FFD0,4096,[0]). hr = 0x80070079, The semaphore timeout period has expired. . Operation: Processing EndPrepareSnapshots Context: Execution Context: System Provider Error: (05/16/2015 08:11:44 PM) (Source: System Restore) (EventID: 8193) (User: ) Description: Failed to create restore point (Process = C:\Windows\system32\msiexec.exe /V; Description = Installed Intel(R) Network Connections.; Error = 0x81000101). System errors: ============= Error: (05/17/2015 08:30:07 AM) (Source: volsnap) (EventID: 67) (User: ) Description: The shadow copy of volume C: being created failed to install. Error: (05/17/2015 08:21:12 AM) (Source: Service Control Manager) (EventID: 7030) (User: ) Description: The PEVSystemStart service is marked as an interactive service. However, the system is configured to not allow interactive services. This service may not function properly. Error: (05/17/2015 08:19:52 AM) (Source: Service Control Manager) (EventID: 7030) (User: ) Description: The PEVSystemStart service is marked as an interactive service. However, the system is configured to not allow interactive services. This service may not function properly. Error: (05/17/2015 08:10:03 AM) (Source: volsnap) (EventID: 67) (User: ) Description: The shadow copy of volume C: being created failed to install. Error: (05/17/2015 08:03:43 AM) (Source: Service Control Manager) (EventID: 7030) (User: ) Description: The PEVSystemStart service is marked as an interactive service. However, the system is configured to not allow interactive services. This service may not function properly. Error: (05/17/2015 08:03:20 AM) (Source: Application Popup) (EventID: 1060) (User: ) Description: \??\C:\ComboFix\catchme.sys has been blocked from loading due to incompatibility with this system. Please contact your software vendor for a compatible version of the driver. Error: (05/17/2015 08:02:11 AM) (Source: Service Control Manager) (EventID: 7030) (User: ) Description: The PEVSystemStart service is marked as an interactive service. However, the system is configured to not allow interactive services. This service may not function properly. Error: (05/17/2015 07:49:02 AM) (Source: Service Control Manager) (EventID: 7026) (User: ) Description: The following boot-start or system-start driver(s) failed to load: cdrom mssmbios vdrvroot Error: (05/17/2015 07:48:49 AM) (Source: EventLog) (EventID: 6008) (User: ) Description: The previous system shutdown at 07:46:30 on ‎2015-‎05-‎17 was unexpected. Error: (05/17/2015 07:46:58 AM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: The Diagnostics Tracking Service service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 30000 milliseconds: Restart the service. Microsoft Office Sessions: ========================= Error: (05/17/2015 08:30:07 AM) (Source: VSS) (EventID: 12289) (User: ) Description: DeviceIoControl(\\?\Volume{63c7873e-faec-11e4-8ce3-806e6f6e6963} - 0000000000000190,0x0053c008,00000000003DFFA0,0,00000000003BC560,4096,[0])0x80070079, The semaphore timeout period has expired. Operation: Processing EndPrepareSnapshots Context: Execution Context: System Provider Error: (05/17/2015 08:17:17 AM) (Source: System Restore) (EventID: 8193) (User: ) Description: C:\Windows\system32\wbem\wmiprvse.exeComboFix created restore point0x81000101 Error: (05/17/2015 08:10:04 AM) (Source: System Restore) (EventID: 8193) (User: ) Description: C:\Windows\servicing\TrustedInstaller.exeWindows Modules Installer0x81000101 Error: (05/17/2015 08:10:03 AM) (Source: VSS) (EventID: 12289) (User: ) Description: DeviceIoControl(\\?\Volume{63c7873e-faec-11e4-8ce3-806e6f6e6963} - 0000000000000144,0x0053c008,00000000003BC690,0,00000000003DFFD0,4096,[0])0x80070079, The semaphore timeout period has expired. Operation: Processing EndPrepareSnapshots Context: Execution Context: System Provider Error: (05/17/2015 07:59:57 AM) (Source: System Restore) (EventID: 8193) (User: ) Description: C:\Windows\system32\wbem\wmiprvse.exeComboFix created restore point0x81000101 Error: (05/17/2015 07:50:37 AM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (05/17/2015 06:50:26 AM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (05/16/2015 08:21:51 PM) (Source: System Restore) (EventID: 8193) (User: ) Description: C:\Users\Administrator\Downloads\New folder\rtlsetup-rtlnic(641)(0406)\PCI_InstallShield_5641_0406\setup.exe folder\rtlsetup-rtlnic(641)(0406)\PCI_InstallShield_5641_0406\setup.exe" -deleter Zainstalowane REALTEK GbE & FE Ethernet PCI NIC Driver0x81000101 Error: (05/16/2015 08:21:50 PM) (Source: VSS) (EventID: 12289) (User: ) Description: DeviceIoControl(\\?\Volume{63c7873e-faec-11e4-8ce3-806e6f6e6963} - 0000000000000150,0x0053c008,000000000045C6A0,0,000000000029FFD0,4096,[0])0x80070079, The semaphore timeout period has expired. Operation: Processing EndPrepareSnapshots Context: Execution Context: System Provider Error: (05/16/2015 08:11:44 PM) (Source: System Restore) (EventID: 8193) (User: ) Description: C:\Windows\system32\msiexec.exe /VInstalled Intel(R) Network Connections.0x81000101 CodeIntegrity Errors: =================================== Date: 2015-05-17 08:03:20.403 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume1\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2015-05-17 08:03:20.372 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume1\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2015-05-17 07:26:49.181 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\SysWOW64\drivers\DrvAgent64.SYS because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2015-05-17 07:26:49.161 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\SysWOW64\drivers\DrvAgent64.SYS because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2015-05-17 07:26:49.131 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\SysWOW64\drivers\DrvAgent64.SYS because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2015-05-17 07:26:49.101 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\SysWOW64\drivers\DrvAgent64.SYS because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2015-05-17 07:26:49.081 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\SysWOW64\drivers\DrvAgent64.SYS because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2015-05-17 07:26:49.051 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\SysWOW64\drivers\DrvAgent64.SYS because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2015-05-17 07:26:49.031 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\SysWOW64\drivers\DrvAgent64.SYS because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2015-05-17 07:26:49.001 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\SysWOW64\drivers\DrvAgent64.SYS because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. ==================== Memory info =========================== Processor: Pentium(R) Dual-Core CPU E5500 @ 2.80GHz Percentage of memory in use: 42% Total physical RAM: 3037.14 MB Available physical RAM: 1738.29 MB Total Pagefile: 6072.5 MB Available Pagefile: 4882.12 MB Total Virtual: 8192 MB Available Virtual: 8191.85 MB ==================== Drives ================================ Drive c: () (Fixed) (Total:297.99 GB) (Free:278.22 GB) NTFS ==>[Drive with boot components (obtained from BCD)] ==================== MBR & Partition Table ================== ======================================================== Disk: 0 (MBR Code: Windows 7 or 8) (Size: 298.1 GB) (Disk ID: 9CFEE288) Partition 1: (Active) - (Size=298 GB) - (Type=07 NTFS) ==================== End Of Log ============================