Additional scan result of Farbar Recovery Scan Tool (x64) Version: 26-05-2015 Ran by Zdzisek at 2015-05-26 20:45:25 Running from C:\Users\Zdzisek\Downloads Boot Mode: Normal ========================================================== ==================== Accounts: ============================= ==================== Security Center ======================== (If an entry is included in the fixlist, it will be removed.) AV: Microsoft Security Essentials (Enabled - Up to date) {B7ECF8CD-0188-6703-DBA4-AA65C6ACFB0A} AS: Microsoft Security Essentials (Enabled - Up to date) {0C8D1929-27B2-688D-E114-9117BD2BB1B7} AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} ==================== Installed Programs ====================== (Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.) Acrobat.com (HKLM-x32\...\{77DCDCE3-2DED-62F3-8154-05E745472D07}) (Version: 1.1.377 - Adobe Systems Incorporated) Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 13.0.0.111 - Adobe Systems Incorporated) Adobe Flash Player 17 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 17.0.0.169 - Adobe Systems Incorporated) Adobe Reader XI (11.0.11) - Polish (HKLM-x32\...\{AC76BA86-7AD7-1045-7B44-AB0000000001}) (Version: 11.0.11 - Adobe Systems Incorporated) Aktualizacja produktu Microsoft Office Excel 2007 Help (KB963678) (HKLM-x32\...\{90120000-0016-0415-0000-0000000FF1CE}_ENTERPRISE_{04E205D6-88B1-4652-B162-42DF2C3B1228}) (Version: - Microsoft) Aktualizacja produktu Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM-x32\...\{90120000-0018-0415-0000-0000000FF1CE}_ENTERPRISE_{442ECBCF-94A7-48CC-8CD9-D31FFFD5FA86}) (Version: - Microsoft) Aktualizacja produktu Microsoft Office Word 2007 Help (KB963665) (HKLM-x32\...\{90120000-001B-0415-0000-0000000FF1CE}_ENTERPRISE_{128A36ED-21BE-4547-9FFE-5B85AEC735DD}) (Version: - Microsoft) ASUS AI Recovery (HKLM-x32\...\{06585B02-F20D-4AB2-9A64-86EF2AE0F8F0}) (Version: 1.0.7 - ASUS) ASUS CopyProtect (HKLM-x32\...\{6B77A7F6-DD63-4F13-A6FF-83137A5AC354}) (Version: 1.0.0015 - ASUS) ASUS Data Security Manager (HKLM-x32\...\{FA2092C5-7979-412D-A962-6485274AE1EE}) (Version: 1.00.0014 - ASUS) ASUS FancyStart (HKLM-x32\...\{F0DF4513-3C4C-4EB8-8012-2C5F70AF3988}) (Version: 1.0.6 - ASUSTeK Computer Inc.) ASUS LifeFrame3 (HKLM-x32\...\{1DBD1F12-ED93-49C0-A7CC-56CBDE488158}) (Version: 3.0.20 - ASUS) ASUS Live Update (HKLM-x32\...\{E657B243-9AD4-4ECC-BE81-4CCF8D667FD0}) (Version: 2.5.9 - ASUS) ASUS MultiFrame (HKLM-x32\...\{9D48531D-2135-49FC-BC29-ACCDA5396A76}) (Version: 1.0.0019 - ASUS) ASUS Power4Gear Hybrid (HKLM\...\{91EFE3A1-585E-4F66-B5F6-F118F56C4C47}) (Version: 1.1.25 - ASUS) ASUS SmartLogon (HKLM-x32\...\{64452561-169F-4A36-A2FF-B5E118EC65F5}) (Version: 1.0.0007 - ASUS) ASUS Splendid Video Enhancement Technology (HKLM-x32\...\{0969AF05-4FF6-4C00-9406-43599238DE0D}) (Version: 1.02.0028 - ASUS) ASUS Virtual Camera (HKLM-x32\...\{EC8BD21F-0CA0-4BBF-97D9-4A52B30041A1}) (Version: 1.0.19 - asus) ATK Package (HKLM-x32\...\{AB5C933E-5C7D-4D30-B314-9C83A49B94BE}) (Version: 1.0.0001 - ASUS) Audacity 2.0.3 (HKLM-x32\...\Audacity_is1) (Version: 2.0.3 - Audacity Team) Conexant HD Audio (HKLM\...\CNXT_AUDIO_HDA) (Version: 4.98.18.64 - Conexant) ControlDeck (HKLM-x32\...\{5B65EF64-1DFA-414A-8C94-7BB726158E21}) (Version: 1.0.4 - ASUS) D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden ETDWare PS/2-x64 7.0.5.9_WHQL (HKLM\...\Elantech) (Version: - ) Exact Audio Copy 1.0beta3 (HKLM-x32\...\Exact Audio Copy) (Version: 1.0beta3 - Andre Wiethoff) Fast Boot (HKLM\...\{13F4A7F3-EABC-4261-AF6B-1317777F0755}) (Version: 1.0.4 - ASUS) File Association Helper (HKLM\...\{572D0504-2C67-4016-801F-D70879A3026A}) (Version: 1.1.6.53763 - WinZip Computing International, LLC) Galeria fotografii (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden GG (HKU\S-1-5-21-3693633639-2361600314-742410777-1001\...\GG) (Version: 11 - GG Network S.A.) GIMP 2.8.14 (HKLM\...\GIMP-2_is1) (Version: 2.8.14 - The GIMP Team) Google Chrome (HKLM-x32\...\Google Chrome) (Version: 43.0.2357.81 - Google Inc.) Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden Google Update Helper (x32 Version: 1.3.27.5 - Google Inc.) Hidden Intel(R) Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.0.1006 - Intel Corporation) Intel(R) Graphics Media Accelerator Driver (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 8.15.10.1995 - Intel Corporation) Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 6.0.0.1179 - Intel Corporation) Java 8 Update 45 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218045F0}) (Version: 8.0.450 - Oracle Corporation) JMicron Ethernet Adapter NDIS Driver (HKLM-x32\...\{96DCEE2F-98EE-4F80-8C0F-7C04D1FB9D7F}) (Version: 6.0.11.10 - JMicron Technology Corp.) JMicron Flash Media Controller Driver (HKLM-x32\...\{26604C7E-A313-4D12-867F-7C6E7820BE4C}) (Version: 1.0.33.2 - JMicron Technology Corp.) K_Series_ScreenSaver_EN (HKLM-x32\...\K_Series_ScreenSaver_EN) (Version: - ) K-Lite Codec Pack 6.2.0 (Basic) (HKLM-x32\...\KLiteCodecPack_is1) (Version: 6.2.0 - ) Kształcenie Zintegrowane (HKLM-x32\...\Kształcenie Zintegrowane_is1) (Version: - Wydawnictwo Pedagogiczne OPERON) LAME v3.99.3 (for Windows) (HKLM-x32\...\LAME_is1) (Version: - ) Malwarebytes Anti-Malware wersja 2.1.6.1022 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.1.6.1022 - Malwarebytes Corporation) Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation) Microsoft .NET Framework 4.5.1 (Polski) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1045) (Version: 4.5.50938 - Microsoft Corporation) Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft) Microsoft Office Enterprise 2007 (HKLM-x32\...\ENTERPRISE) (Version: 12.0.6612.1000 - Microsoft Corporation) Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation) Microsoft Security Essentials (HKLM\...\Microsoft Security Client) (Version: 4.8.204.0 - Microsoft Corporation) Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.40416.0 - Microsoft Corporation) Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Movie Maker (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation) MSXML 4.0 SP3 Parser (KB2758694) (HKLM-x32\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation) MSXML 4.0 SP3 Parser (KB973685) (HKLM-x32\...\{859DFA95-E4A6-48CD-B88E-A3E483E89B44}) (Version: 4.30.2107.0 - Microsoft Corporation) Picasa 3 (HKLM-x32\...\Picasa 3) (Version: 3.9 - Google, Inc.) PlayReady PC Runtime x86 (HKLM-x32\...\{CCA5EAAD-92F4-4B7A-B5EE-14294C66AB61}) (Version: 1.3.0 - Microsoft Corporation) Podstawowe programy Windows Live (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation) Podstawowe programy Windows Live (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden Skype™ 7.0 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.0.102 - Skype Technologies S.A.) swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft) WinFlash (HKLM-x32\...\{8F21291E-0444-4B1D-B9F9-4370A73E346D}) (Version: 2.29.0 - ASUS) WinZip 18.0 (HKLM\...\{CD95F661-A5C4-44F5-A6AA-ECDD91C240E1}) (Version: 18.0.11023 - WinZip Computing, S.L. ) Wireless Console 3 (HKLM-x32\...\{20FDF948-C8ED-4543-A539-F7F4AEF5AFA2}) (Version: 3.0.14 - ASUS) ==================== Custom CLSID (Whitelisted): ========================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) CustomCLSID: HKU\S-1-5-21-3693633639-2361600314-742410777-1001_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Zdzisek\AppData\Roaming\Dropbox\bin\Dropbox.exe /autoplay No File CustomCLSID: HKU\S-1-5-21-3693633639-2361600314-742410777-1001_Classes\CLSID\{E68D0A55-3C40-4712-B90D-DCFA93FF2534}\InprocServer32 -> C:\Users\Zdzisek\AppData\Roaming\GG\ggdrive\ggdrive-menu.dll (GG Network S.A.) CustomCLSID: HKU\S-1-5-21-3693633639-2361600314-742410777-1001_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Zdzisek\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll No File CustomCLSID: HKU\S-1-5-21-3693633639-2361600314-742410777-1001_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Zdzisek\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll No File CustomCLSID: HKU\S-1-5-21-3693633639-2361600314-742410777-1001_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Zdzisek\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll No File CustomCLSID: HKU\S-1-5-21-3693633639-2361600314-742410777-1001_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Zdzisek\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll No File ==================== Restore Points ========================= ==================== Hosts content: =============================== (If needed Hosts: directive could be included in the fixlist to reset Hosts.) 2009-07-14 04:34 - 2014-10-01 22:17 - 00000027 ____A C:\Windows\system32\Drivers\etc\hosts 127.0.0.1 localhost ==================== Scheduled Tasks (Whitelisted) ============= (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) Task: {112E13F7-18E9-4919-9D60-D94CB1220061} - System32\Tasks\Games\UpdateCheck_S-1-5-21-3693633639-2361600314-742410777-1001 Task: {1BEC5DA4-1524-4C93-AAF8-397CA7F48D1C} - System32\Tasks\ASUS P4G => C:\Program Files\P4G\BatteryLife.exe [2009-11-07] (ATK) Task: {240A1E29-1183-4514-9030-F2F9881C3C21} - System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxconfig => C:\Windows\system32\GWX\GWXConfigManager.exe [2015-05-07] (Microsoft Corporation) Task: {4C25D364-A0F1-446B-BA03-A56E2120DA7C} - System32\Tasks\P4GIntlCtrl => C:\Program Files\P4G\IntlCtrl.exe [2009-09-23] (TODO: ) Task: {5F1BEA17-7F8B-4434-BD32-AD044665865E} - System32\Tasks\{2908854C-A9DF-4C1F-8D52-DBABC69523DE} => pcalua.exe -a C:\Users\Zdzisek\AppData\Roaming\qone8\UninstallManager.exe -c -ptid=smt -simple=0 Task: {6A3AC291-6C9C-482A-9DD9-7546A7137E6F} - System32\Tasks\{F54EF969-067E-4528-8FF6-E5ED028EEB37} => Firefox.exe Task: {6EA09C90-F05D-4BB5-97C3-E63E90F110DD} - System32\Tasks\ASPG => C:\Program Files (x86)\ASUS\ASUS CopyProtect\aspg.exe [2009-06-29] (ASUS) Task: {7AA41983-D2E1-463C-9149-1888378DABE1} - System32\Tasks\P4G Sidebar => C:\Program Files\Windows Sidebar\sidebar.exe [2010-11-20] (Microsoft Corporation) Task: {7D0CA35A-C3C9-4EE7-9CFC-F96CCD14AC25} - System32\Tasks\{6982D407-9801-44DF-A525-559726A187EA} => pcalua.exe -a C:\Users\Zdzisek\Downloads\SZSetup_AID10121_AV.exe -d C:\Users\Zdzisek\Downloads Task: {7D924567-3C67-41A9-BBE6-14E1174CE5B7} - System32\Tasks\WC3 => C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe [2009-11-12] () Task: {86069559-21A0-42C5-AFDF-6F9BCD057B09} - System32\Tasks\{D2EE188A-64A2-4305-97B1-6BC078ACFB52} => pcalua.exe -a "C:\Program Files\AVAST Software\Avast\aswRunDll.exe" -c "C:\Program Files\AVAST Software\Avast\Setup\setiface.dll" RunSetup Task: {9103BA94-F032-4838-869E-BD1625DAC462} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-04-15] (Adobe Systems Incorporated) Task: {920E66AF-A741-4A1D-A897-F6164AD7FFA2} - System32\Tasks\ACMON => C:\Program Files (x86)\ASUS\Splendid\ACMON.exe [2009-07-23] (ATK) Task: {9AC8D506-DB66-453F-A4FA-792A1ACFD109} - System32\Tasks\{6D8AE3CB-4B82-4EB0-AC6D-B23F9F5662BA} => pcalua.exe -a C:\Users\Zdzisek\Downloads\instaluj.exe -d C:\Users\Zdzisek\Downloads Task: {A871677B-B43F-450E-8259-B2AF57901984} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-07-13] (Google Inc.) Task: {BDB7566D-7CD4-4292-8F10-D1EA19400112} - System32\Tasks\{8A2994CA-16B5-4962-B6C4-C3B741BB4D2C} => C:\Program Files (x86)\Operon\Kształcenie Zintegrowane\start.exe [2009-03-24] (Adobe Systems, Inc.) Task: {D0B7937D-7AD9-4942-BA59-AFF9D54ACC29} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-07-13] (Google Inc.) Task: {D15B0760-06EF-48C3-96D3-6544B5ECE4E0} - System32\Tasks\{A6439A61-C368-4368-95F9-8E516DEEE266} => Firefox.exe Task: {D2D6F47B-7C4D-45AC-8645-E4C435B7E591} - System32\Tasks\ASUS Live Update => C:\Program Files (x86)\ASUS\ASUS Live Update\ALU.exe [2007-11-30] () Task: {D53C2719-7506-488E-AB22-9BFABBC6B8F9} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2014-12-19] (Adobe Systems Incorporated) Task: {E0FAE000-95D4-47A1-8C53-DFAAFD5D5AEB} - System32\Tasks\ASUS SmartLogon Console Sensor => C:\Program Files (x86)\ASUS\SmartLogon\sensorsrv.exe [2009-05-19] (ASUS) Task: {EB97E3D0-7850-4F10-A055-C6DADF36CDBE} - System32\Tasks\ASUSControlDeck => C:\Program Files (x86)\ASUS\ControlDeck\ControlDeckStartUp.exe [2009-09-24] () Task: {F00E60A8-6F60-489A-99DE-9B98127BE2D5} - System32\Tasks\Microsoft\Windows\Setup\gwx\launchtrayprocess => C:\Windows\system32\GWX\GWX.exe [2015-05-07] (Microsoft Corporation) Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe ==================== Loaded Modules (Whitelisted) ============== 2013-09-26 16:52 - 2009-10-16 16:02 - 00186880 _____ () C:\Windows\system32\spool\PRTPROCS\x64\lxdrdrpp.dll 2009-10-23 22:40 - 2009-10-23 22:40 - 00041984 _____ () C:\Program Files\P4G\DevMng.dll 2009-09-11 21:27 - 2009-09-11 21:27 - 00029184 _____ () C:\Program Files\P4G\OvrClk.dll 2010-05-12 21:24 - 2007-11-30 20:20 - 00051768 _____ () C:\Program Files (x86)\ASUS\ASUS Live Update\ALU.exe 2008-10-01 08:02 - 2008-10-01 08:08 - 00011264 _____ () C:\Program Files (x86)\ASUS\Splendid\GLCDdll.dll 2009-09-24 22:50 - 2009-09-24 22:50 - 00053888 _____ () C:\Program Files (x86)\ASUS\ControlDeck\ControlDeckStartUp.exe 2007-06-15 19:28 - 2007-06-15 19:28 - 00104960 _____ () C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ShlExt\x64\OverlayIconShlExt64.dll 2007-06-02 01:52 - 2007-06-02 01:52 - 00159744 _____ () C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ShlExt\x64\OverlayIconShlExt1_64.dll 2009-11-12 19:10 - 2009-11-12 19:10 - 01597440 _____ () C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe 2012-01-10 21:12 - 2012-01-10 21:12 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll 2009-09-23 20:07 - 2009-09-23 20:07 - 00204800 _____ () C:\Program Files (x86)\asus\VirtualCamera\virtualCamera.ax 2007-06-15 19:28 - 2007-06-15 19:28 - 00147456 _____ () C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ShlExt\x86\OverlayIconShlExt.dll 2007-06-02 02:08 - 2007-06-02 02:08 - 00143360 _____ () C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ShlExt\x86\OverlayIconShlExt1.dll 2015-05-22 20:09 - 2015-05-13 18:48 - 01281864 _____ () C:\Program Files (x86)\Google\Chrome\Application\43.0.2357.65\libglesv2.dll 2015-05-22 20:09 - 2015-05-13 18:48 - 00080712 _____ () C:\Program Files (x86)\Google\Chrome\Application\43.0.2357.65\libegl.dll 2015-05-26 20:43 - 2015-05-26 20:43 - 00380416 _____ () C:\Users\Zdzisek\Downloads\z6hxfcim.exe ==================== Alternate Data Streams (Whitelisted) ========= (If an entry is included in the fixlist, only the ADS will be removed.) ==================== Safe Mode (Whitelisted) =================== (If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.) ==================== EXE Association (Whitelisted) =============== (If an entry is included in the fixlist, the registry item will be restored to default or removed.) HKU\S-1-5-21-3693633639-2361600314-742410777-1001\Software\Classes\exefile: <===== ATTENTION! ==================== Internet Explorer trusted/restricted =============== (If an entry is included in the fixlist, it will be removed from the registry.) ==================== Other Areas ============================ (Currently there is no automatic fix for this section.) HKU\S-1-5-21-3693633639-2361600314-742410777-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Zdzisek\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg DNS Servers: 8.8.8.8 - 8.8.4.4 ==================== MSCONFIG/TASK MANAGER disabled items == (Currently there is no automatic fix for this section.) MSCONFIG\startupreg: Adobe Reader Speed Launcher => "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe" MSCONFIG\startupreg: ADSMTray => C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ADSMTray.exe MSCONFIG\startupreg: ASUS Screen Saver Protector => C:\Windows\AsScrPro.exe MSCONFIG\startupreg: GG => "C:\Users\Zdzisek\AppData\Local\GG\Application\gghub.exe" MSCONFIG\startupreg: Skype => "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun ==================== FirewallRules (Whitelisted) =============== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) FirewallRules: [{AD7E9A54-1D1E-4679-BF9E-847B8E2E89E8}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe FirewallRules: [{FEBCC453-7D11-4482-809B-E4E3F7796AA2}] => (Allow) C:\Windows\System32\lxdrcoms.exe FirewallRules: [{E2F4EB3F-C52E-4CBE-A04E-D52D582EDFE4}] => (Allow) C:\Windows\System32\lxdrcoms.exe FirewallRules: [{78E5D3B3-BAE6-411C-B2F1-DC5EF3D0DD04}] => (Allow) C:\ProgramData\eSafe\eGdpSvc.exe FirewallRules: [{A7D5DF70-D250-444A-B4E8-4511FC8FA798}] => (Allow) C:\Windows\explorer.exe FirewallRules: [{698AC2E1-C47B-410D-B69B-313E079EDF9B}] => (Allow) C:\Windows\explorer.exe FirewallRules: [{56FE08E2-8D62-433E-8A69-B9E84F9A9C25}] => (Allow) C:\Windows\SysWOW64\explorer.exe FirewallRules: [{ABCD1CDA-9754-47A3-A27A-6FB7CE7422C3}] => (Allow) C:\Windows\SysWOW64\explorer.exe FirewallRules: [TCP Query User{E6BA113B-490D-4E2E-B982-30770C27B4D7}C:\windows\syswow64\explorer.exe] => (Allow) C:\windows\syswow64\explorer.exe FirewallRules: [UDP Query User{51B5490B-05D7-4A77-8E2D-4981E5849DF8}C:\windows\syswow64\explorer.exe] => (Allow) C:\windows\syswow64\explorer.exe FirewallRules: [TCP Query User{4C81DC89-1776-468F-A28C-CD821B35F429}C:\windows\installer\{d5553ab9-d079-6361-2c07-04ea0bd7e1f6}\syshost.exe] => (Allow) C:\windows\installer\{d5553ab9-d079-6361-2c07-04ea0bd7e1f6}\syshost.exe FirewallRules: [UDP Query User{0443AD7F-DF3B-440B-B931-30EB0C93206F}C:\windows\installer\{d5553ab9-d079-6361-2c07-04ea0bd7e1f6}\syshost.exe] => (Allow) C:\windows\installer\{d5553ab9-d079-6361-2c07-04ea0bd7e1f6}\syshost.exe FirewallRules: [{38F9F291-8017-43B8-BA54-0FF69BA4BA1B}] => (Allow) C:\Windows\SysWOW64\lxdecoms.exe FirewallRules: [{2918C6C3-00DA-45AA-A755-B7594362D7BA}] => (Allow) C:\Windows\SysWOW64\lxdecoms.exe FirewallRules: [{338CDA15-AF71-4589-8B4D-37A9BD6F2A04}] => (Allow) C:\Program Files (x86)\Lexmark 4800 Series\lxdemon.exe FirewallRules: [{6A7B9419-D4A4-4CE6-AE54-CA2061001A3D}] => (Allow) C:\Program Files (x86)\Lexmark 4800 Series\lxdemon.exe FirewallRules: [{CE020F42-D17E-42EC-B1CD-EE5E36150F82}] => (Allow) C:\Users\Zdzisek\AppData\Local\Temp\lxde\wireless\ENGLISH\lxdewpss.exe FirewallRules: [{50C1E28B-A91D-437A-BCA3-F76614F0BB30}] => (Allow) C:\Users\Zdzisek\AppData\Local\Temp\lxde\wireless\ENGLISH\lxdewpss.exe FirewallRules: [{5BFB6A7C-627B-447E-B273-E3DF9D2AEFFC}] => (Allow) C:\Windows\System32\lxdecoms.exe FirewallRules: [{C792C36A-7224-46C0-A06B-08D2274FE89A}] => (Allow) C:\Windows\System32\lxdecoms.exe FirewallRules: [{59929C78-B268-4742-B684-B2632D2ACE69}] => (Allow) C:\Program Files (x86)\Lexmark 4800 Series\lxdeamon.exe FirewallRules: [{2670377D-B3C4-46A9-A687-983847C40ACF}] => (Allow) C:\Program Files (x86)\Lexmark 4800 Series\lxdeamon.exe FirewallRules: [{6504DADB-371E-4E11-9A13-56F2033C0616}] => (Allow) C:\Program Files (x86)\Lexmark 4800 Series\frun.exe FirewallRules: [{8170229F-BDC6-422B-929F-985C942417FC}] => (Allow) C:\Program Files (x86)\Lexmark 4800 Series\frun.exe FirewallRules: [{98D55F66-4929-4735-952A-494A6C8FA309}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe FirewallRules: [{A95C3DC8-CD05-4E2C-9D93-620D9258FBB6}] => (Allow) LPort=2869 FirewallRules: [{76478246-CF27-40A2-A4E4-22B1A1362F1B}] => (Allow) LPort=1900 FirewallRules: [{39746D09-B8F8-4C7F-B0D4-9B25F09C4142}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe ==================== Faulty Device Manager Devices ============= Name: Zewnętrzne urządzenie Bluetooth Description: Zewnętrzne urządzenie Bluetooth Class Guid: Manufacturer: Service: Problem: : The drivers for this device are not installed. (Code 28) Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard. Name: Zewnętrzne urządzenie Bluetooth Description: Zewnętrzne urządzenie Bluetooth Class Guid: Manufacturer: Service: Problem: : The drivers for this device are not installed. (Code 28) Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard. Name: Karta wirtualnego miniportu WiFi firmy Microsoft Description: Karta wirtualnego miniportu WiFi firmy Microsoft Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318} Manufacturer: Microsoft Service: vwifimp Problem: : This device is disabled. (Code 22) Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions. Name: Zewnętrzne urządzenie Bluetooth Description: Zewnętrzne urządzenie Bluetooth Class Guid: Manufacturer: Service: Problem: : The drivers for this device are not installed. (Code 28) Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard. ==================== Event log errors: ========================= Application errors: ================== Error: (05/26/2015 08:41:06 PM) (Source: System Restore) (EventID: 8193) (User: ) Description: Nie można utworzyć punktu przywracania (Proces = C:\Windows\system32\svchost.exe -k netsvcs; Opis = Windows Update; Błąd = 0x80070422). Error: (05/25/2015 09:59:35 AM) (Source: System Restore) (EventID: 8193) (User: ) Description: Nie można utworzyć punktu przywracania (Proces = C:\Windows\system32\svchost.exe -k netsvcs; Opis = Windows Update; Błąd = 0x80070422). Error: (05/23/2015 08:20:08 PM) (Source: System Restore) (EventID: 8193) (User: ) Description: Nie można utworzyć punktu przywracania (Proces = C:\Windows\system32\svchost.exe -k netsvcs; Opis = Windows Update; Błąd = 0x80070422). Error: (05/22/2015 08:00:53 PM) (Source: System Restore) (EventID: 8193) (User: ) Description: Nie można utworzyć punktu przywracania (Proces = C:\Windows\system32\svchost.exe -k netsvcs; Opis = Windows Update; Błąd = 0x80070422). Error: (05/21/2015 05:40:59 PM) (Source: System Restore) (EventID: 8193) (User: ) Description: Nie można utworzyć punktu przywracania (Proces = C:\Windows\servicing\TrustedInstaller.exe; Opis = Instalator modułów systemu Windows; Błąd = 0x80070422). Error: (05/21/2015 05:40:52 PM) (Source: System Restore) (EventID: 8193) (User: ) Description: Nie można utworzyć punktu przywracania (Proces = C:\Windows\system32\svchost.exe -k netsvcs; Opis = Windows Update; Błąd = 0x80070422). Error: (05/20/2015 08:00:42 PM) (Source: System Restore) (EventID: 8193) (User: ) Description: Nie można utworzyć punktu przywracania (Proces = C:\Windows\system32\svchost.exe -k netsvcs; Opis = Windows Update; Błąd = 0x80070422). Error: (05/19/2015 04:33:57 PM) (Source: System Restore) (EventID: 8193) (User: ) Description: Nie można utworzyć punktu przywracania (Proces = C:\Windows\system32\svchost.exe -k netsvcs; Opis = Windows Update; Błąd = 0x80070422). Error: (05/18/2015 09:45:35 AM) (Source: System Restore) (EventID: 8193) (User: ) Description: Nie można utworzyć punktu przywracania (Proces = C:\Windows\system32\svchost.exe -k netsvcs; Opis = Windows Update; Błąd = 0x80070422). Error: (05/16/2015 10:28:35 PM) (Source: System Restore) (EventID: 8193) (User: ) Description: Nie można utworzyć punktu przywracania (Proces = C:\Windows\system32\svchost.exe -k netsvcs; Opis = Windows Update; Błąd = 0x80070422). System errors: ============= Error: (05/26/2015 08:17:01 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Nie można uruchomić usługi sbapifs z powodu następującego błędu: %%2 Error: (05/25/2015 06:36:46 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Nie można uruchomić usługi sbapifs z powodu następującego błędu: %%2 Error: (05/25/2015 09:46:40 AM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Nie można uruchomić usługi sbapifs z powodu następującego błędu: %%2 Error: (05/24/2015 02:08:21 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Nie można uruchomić usługi sbapifs z powodu następującego błędu: %%2 Error: (05/23/2015 08:30:02 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Nie można uruchomić usługi sbapifs z powodu następującego błędu: %%2 Error: (05/23/2015 08:30:03 PM) (Source: EventLog) (EventID: 6008) (User: ) Description: Poprzednie zamknięcie systemu przy 20:28:11 na ‎2015-‎05-‎23 było nieoczekiwane. Error: (05/23/2015 08:03:22 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Nie można uruchomić usługi sbapifs z powodu następującego błędu: %%2 Error: (05/23/2015 08:43:41 AM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Nie można uruchomić usługi sbapifs z powodu następującego błędu: %%2 Error: (05/22/2015 07:35:41 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Nie można uruchomić usługi sbapifs z powodu następującego błędu: %%2 Error: (05/21/2015 06:21:53 PM) (Source: Service Control Manager) (EventID: 7006) (User: ) Description: Wywołanie ScRegSetValueExW dla FailureCommand nie powiodło się i wystąpił następujący błąd: %%5. Microsoft Office: ========================= Error: (05/20/2014 07:35:26 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: ) Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6695.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 230 seconds with 60 seconds of active time. This session ended with a crash. Error: (05/20/2014 07:31:27 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: ) Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6695.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 206 seconds with 60 seconds of active time. This session ended with a crash. CodeIntegrity Errors: =================================== Date: 2014-10-01 22:16:26.450 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2014-10-01 22:16:26.290 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2014-05-20 17:39:36.997 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\4f5a4.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2014-05-20 17:39:36.775 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\4f5a4.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2013-10-29 17:12:35.464 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2013-10-29 17:12:35.276 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. ==================== Memory info =========================== Processor: Intel(R) Core(TM) i3 CPU M 350 @ 2.27GHz Percentage of memory in use: 96% Total physical RAM: 2924.37 MB Available physical RAM: 105.21 MB Total Pagefile: 5846.95 MB Available Pagefile: 2443.13 MB Total Virtual: 8192 MB Available Virtual: 8191.84 MB ==================== Drives ================================ Drive c: (OS) (Fixed) (Total:74.52 GB) (Free:28.35 GB) NTFS ==>[Drive with boot components (obtained from BCD)] Drive d: (DATA) (Fixed) (Total:218.58 GB) (Free:95.22 GB) NTFS ==================== MBR & Partition Table ================== ======================================================== Disk: 0 (MBR Code: Windows XP) (Size: 298.1 GB) (Disk ID: FFD68D3B) Partition 1: (Not Active) - (Size=5 GB) - (Type=1C) Partition 2: (Active) - (Size=74.5 GB) - (Type=07 NTFS) Partition 3: (Not Active) - (Size=218.6 GB) - (Type=OF Extended) ==================== End of log ============================