Additional scan result of Farbar Recovery Scan Tool (x64) Version:09-08-2015 Ran by user (2015-08-10 21:07:40) Running from C:\Users\user\Desktop\Pobrane Boot Mode: Normal ========================================================== ==================== Accounts: ============================= Administrator (S-1-5-21-1027461290-2157871058-3066203419-500 - Administrator - Disabled) Gość (S-1-5-21-1027461290-2157871058-3066203419-501 - Limited - Disabled) HomeGroupUser$ (S-1-5-21-1027461290-2157871058-3066203419-1002 - Limited - Enabled) user (S-1-5-21-1027461290-2157871058-3066203419-1001 - Administrator - Enabled) => C:\Users\user ==================== Security Center ======================== (If an entry is included in the fixlist, it will be removed.) AV: ESET NOD32 Antivirus 8.0 (Enabled - Up to date) {19259FAE-8396-A113-46DB-15B0E7DFA289} AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: ESET NOD32 Antivirus 8.0 (Enabled - Up to date) {A2447E4A-A5AC-AE9D-7C6B-2EC29C58E834} ==================== Installed Programs ====================== (Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.) µTorrent (HKU\S-1-5-21-1027461290-2157871058-3066203419-1001\...\uTorrent) (Version: 3.4.3.40760 - BitTorrent Inc.) Adobe Flash Player 18 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 18.0.0.209 - Adobe Systems Incorporated) Adobe Flash Player 19 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 19.0.0.124 - Adobe Systems Incorporated) Adobe Reader XI (11.0.12) - Polish (HKLM-x32\...\{AC76BA86-7AD7-1045-7B44-AB0000000001}) (Version: 11.0.12 - Adobe Systems Incorporated) Advertising Center (x32 Version: 0.0.0.1 - Nero AG) Hidden ALLPlayer Pilot (HKLM-x32\...\{146BDBDD-ACD9-4B04-A286-C27471841E8E}_is1) (Version: 1.2 - ALLPlayer Group, Ltd.) ALLPlayer V6.X (HKLM-x32\...\ALLPlayer_is1) (Version: - ALLPlayer Group, Ltd.) Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.) Archiwizator WinRAR (HKLM-x32\...\WinRAR archiver) (Version: - ) ASUS Live Update (HKLM-x32\...\{FA540E67-095C-4A1B-97BA-4D547DEC9AF4}) (Version: 3.0.6 - ASUS) ATK Hotkey (HKLM-x32\...\{7C05592D-424B-46CB-B505-E0013E8E75C9}) (Version: 1.0.0053 - ASUS) ATK Media (HKLM-x32\...\{D1E5870E-E3E5-4475-98A6-ADD614524ADF}) (Version: 2.0.0005 - ASUS) ATKOSD2 (HKLM-x32\...\{3B05F2FB-745B-4012-ADF2-439F36B2E70B}) (Version: 7.0.0006 - ASUS) CDBurnerXP (HKLM-x32\...\{7E265513-8CDA-4631-B696-F40D983F3B07}_is1) (Version: 4.5.5.5767 - CDBurnerXP) Chronology (HKLM-x32\...\GOGPACKCHRONOLOGY_is1) (Version: 2.0.0.3 - GOG.com) DAEMON Tools Ultra (HKLM-x32\...\DAEMON Tools Ultra) (Version: 2.3.0.0254 - Disc Soft Ltd) DolbyFiles (x32 Version: 0.1 - Nero AG) Hidden Driver Cleaner 3 (HKLM-x32\...\Driver Cleaner) (Version: 3.3 - Ruud Ketelaars) ESET NOD32 Antivirus (HKLM\...\{155EC97B-FE09-4F23-BE22-F79440F1E22E}) (Version: 8.0.319.1 - ESET, spol s r. o.) Firebird 2.1.5.18496 (Win32) (HKLM-x32\...\FBDBServer_2_1_is1) (Version: 2.1.5.18496 - Firebird Project) Glary Utilities 5.31 (HKLM-x32\...\Glary Utilities 5) (Version: 5.31.0.51 - Glarysoft Ltd) Google Chrome (HKLM-x32\...\Google Chrome) (Version: 44.0.2403.130 - Google Inc.) Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden Google Update Helper (x32 Version: 1.3.28.1 - Google Inc.) Hidden ImagXpress (x32 Version: 7.0.74.0 - Nero AG) Hidden Java 7 Update 71 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F03217071FF}) (Version: 7.0.710 - Oracle) Java 8 Update 51 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86418051F0}) (Version: 8.0.510 - Oracle Corporation) Menu Templates - Starter Kit (x32 Version: 9.4.2.0 - Nero AG) Hidden Microsoft Office Professional Plus 2010 (HKLM\...\Office14.PROPLUS) (Version: 14.0.4763.1000 - Microsoft Corporation) Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{820B6609-4C97-3A2B-B644-573B06A0F0CC}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Windows Media Video 9 VCM (HKLM-x32\...\WMV9_VCM) (Version: - ) Movie Templates - Starter Kit (x32 Version: 9.4.2.0 - Nero AG) Hidden MSI to redistribute MS VS2005 CRT libraries (HKLM-x32\...\{A8D93648-9F7F-407D-915C-62044644C3DA}) (Version: 8.0.50727.42 - The Firebird Project) Obsługa programów Apple (HKLM-x32\...\{46F044A5-CE8B-4196-984E-5BD6525E361D}) (Version: 2.3.6 - Apple Inc.) OpenAL (HKLM-x32\...\OpenAL) (Version: - ) Pro Surveillance System (HKLM-x32\...\{B28C9804-BFCE-4ADB-8C18-1DD9DA1C530A}) (Version: 4.0.0 - DH) QuickTime 7 (HKLM-x32\...\{111EE7DF-FC45-40C7-98A7-753AC46B12FB}) (Version: 7.75.80.95 - Apple Inc.) Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.5951 - Realtek Semiconductor Corp.) Skype Click to Call (HKLM-x32\...\{6D1221A9-17BF-4EC0-81F2-27D30EC30701}) (Version: 7.4.0.9058 - Microsoft Corporation) Skype™ 7.7 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.7.103 - Skype Technologies S.A.) Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 16.3.9.0 - Synaptics Incorporated) Unity Web Player (HKU\S-1-5-21-1027461290-2157871058-3066203419-1001\...\UnityWebPlayer) (Version: 5.1.0f3 - Unity Technologies ApS) USB 2.0 1.3M UVC WebCam (HKLM\...\USB 2.0 1.3M UVC WebCam) (Version: - ) Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies) Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.) WinRAR 5.21 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.21.0 - win.rar GmbH) ==================== Custom CLSID (Whitelisted): ========================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) ==================== Restore Points ========================= 09-08-2015 19:20:02 Kopia zapasowa systemu Windows ==================== Hosts content: =============================== (If needed Hosts: directive could be included in the fixlist to reset Hosts.) 2009-07-14 04:34 - 2014-07-22 19:31 - 00000027 ____A C:\Windows\system32\Drivers\etc\hosts 127.0.0.1 localhost ==================== Scheduled Tasks (Whitelisted) ============= (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) Task: {1C654618-877D-46D2-9865-745BC701A6AD} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-11-26] (Google Inc.) Task: {2D0C0127-3F0E-4588-A76B-8B49B285490E} - System32\Tasks\GU5SkipUAC => C:\Program Files (x86)\Glary Utilities 5\Integrator.exe [2015-08-03] (Glarysoft Ltd) Task: {7E88CACE-FBC7-4C9C-B103-5C9652CC031E} - System32\Tasks\{AB4726A9-45CF-41F5-8396-8D88559E0A4D} => pcalua.exe -a "C:\Users\user\Desktop\Pobrane\QuickTimeInstaller (1).exe" -d C:\Users\user\Desktop\Pobrane Task: {8156C2B0-2D25-40C0-B242-8325E2C8BA14} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-08-08] (Adobe Systems Incorporated) Task: {99C4ABB3-DEE3-4AF7-9CB7-779800AEB454} - System32\Tasks\ASUS Live Update => C:\Program Files (x86)\ASUS\ASUS Live Update\LiveUpdate.exe [2011-08-31] (ASUSTeK Computer Inc.) Task: {A572C4EF-3E8F-426B-B0F9-DD3D5E29B48D} - System32\Tasks\GlaryInitialize 5 => C:\Program Files (x86)\Glary Utilities 5\Initialize.exe [2015-08-03] (Glarysoft Ltd) Task: {B91C99C1-7F3A-418E-BE63-318D45802C74} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-07-07] (Adobe Systems Incorporated) Task: {BA114168-823C-4720-8380-421FD24048C1} - System32\Tasks\{40C8798F-138C-4A2E-979F-BD2715191348} => pcalua.exe -a C:\Users\user\Desktop\soga\SOGA_1_40a\Setup.exe -d C:\Users\user\Desktop\soga\SOGA_1_40a Task: {CF8B33D5-1271-467F-8AA3-1737C3ECAE81} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-11-26] (Google Inc.) Task: {D6D3B686-B753-46C6-9354-8951B0E21F33} - System32\Tasks\{31C5C998-0563-4AFB-9459-2CB531CA0D95} => Chrome.exe http://ui.skype.com/ui/0/6.21.0.104/pl/abandoninstall?page=tsMain (If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.) Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe ==================== Loaded Modules (Whitelisted) ============== 2011-08-31 15:33 - 2011-08-31 15:33 - 00208384 _____ () C:\Program Files (x86)\ASUS\ASUS Live Update\alvupdt.dll 2015-08-03 09:03 - 2015-08-03 09:03 - 00080160 _____ () C:\Program Files (x86)\Glary Utilities 5\zlib1.dll ==================== Alternate Data Streams (Whitelisted) ========= (If an entry is included in the fixlist, only the ADS will be removed.) ==================== Safe Mode (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.) ==================== EXE Association (Whitelisted) =============== (If an entry is included in the fixlist, the registry item will be restored to default or removed.) ==================== Internet Explorer trusted/restricted =============== (If an entry is included in the fixlist, it will be removed from the registry.) IE restricted site: HKU\.DEFAULT\...\007guard.com -> install.007guard.com IE restricted site: HKU\.DEFAULT\...\008i.com -> 008i.com IE restricted site: HKU\.DEFAULT\...\008k.com -> www.008k.com IE restricted site: HKU\.DEFAULT\...\00hq.com -> www.00hq.com IE restricted site: HKU\.DEFAULT\...\010402.com -> 010402.com IE restricted site: HKU\.DEFAULT\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com IE restricted site: HKU\.DEFAULT\...\0scan.com -> www.0scan.com IE restricted site: HKU\.DEFAULT\...\1-2005-search.com -> www.1-2005-search.com IE restricted site: HKU\.DEFAULT\...\1-domains-registrations.com -> www.1-domains-registrations.com IE restricted site: HKU\.DEFAULT\...\1000gratisproben.com -> www.1000gratisproben.com IE restricted site: HKU\.DEFAULT\...\1001namen.com -> www.1001namen.com IE restricted site: HKU\.DEFAULT\...\100888290cs.com -> mir.100888290cs.com IE restricted site: HKU\.DEFAULT\...\100sexlinks.com -> www.100sexlinks.com IE restricted site: HKU\.DEFAULT\...\10sek.com -> www.10sek.com IE restricted site: HKU\.DEFAULT\...\12-26.net -> user1.12-26.net IE restricted site: HKU\.DEFAULT\...\12-27.net -> user1.12-27.net IE restricted site: HKU\.DEFAULT\...\123fporn.info -> www.123fporn.info IE restricted site: HKU\.DEFAULT\...\123haustiereundmehr.com -> www.123haustiereundmehr.com IE restricted site: HKU\.DEFAULT\...\123moviedownload.com -> www.123moviedownload.com IE restricted site: HKU\.DEFAULT\...\123simsen.com -> www.123simsen.com There are 7866 more restricted sites. ==================== Other Areas ============================ (Currently there is no automatic fix for this section.) HKU\S-1-5-21-1027461290-2157871058-3066203419-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\user\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg DNS Servers: 80.72.37.106 - 8.8.8.8 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1) Windows Firewall is enabled. ==================== MSCONFIG/TASK MANAGER disabled items == (Currently there is no automatic fix for this section.) MSCONFIG\Services: AVGIDSAgent => 2 MSCONFIG\Services: avgwd => 2 MSCONFIG\Services: vToolbarUpdater18.8.0 => 2 MSCONFIG\Services: WtuSystemSupport => 2 ==================== FirewallRules (Whitelisted) =============== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) FirewallRules: [SPPSVC-In-TCP] => (Allow) %SystemRoot%\system32\sppsvc.exe FirewallRules: [SPPSVC-In-TCP-NoScope] => (Allow) %SystemRoot%\system32\sppsvc.exe FirewallRules: [{7335FF60-9627-4840-950E-EFBB925E559F}] => (Allow) C:\Users\user\AppData\Roaming\uTorrent\uTorrent.exe FirewallRules: [{43B8F173-2CD9-4A5C-A810-D5020FABFCA7}] => (Allow) C:\Users\user\AppData\Roaming\uTorrent\uTorrent.exe FirewallRules: [TCP Query User{BA90A7A8-ED27-4869-8A21-8BAFC7BF7734}C:\program files (x86)\java\jre7\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre7\bin\javaw.exe FirewallRules: [UDP Query User{EDDFBC42-E574-4A9B-A383-841762A971AB}C:\program files (x86)\java\jre7\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre7\bin\javaw.exe FirewallRules: [{1BBF182D-ECC4-4AA7-BD28-DBB045462577}] => (Allow) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe FirewallRules: [TCP Query User{24E6BB3A-1655-488A-91DA-2F3251342102}C:\program files (x86)\pro surveillance system(en)\pssproject.exe] => (Allow) C:\program files (x86)\pro surveillance system(en)\pssproject.exe FirewallRules: [UDP Query User{3A7A9873-E711-4041-BC87-9899E76AFA67}C:\program files (x86)\pro surveillance system(en)\pssproject.exe] => (Allow) C:\program files (x86)\pro surveillance system(en)\pssproject.exe FirewallRules: [TCP Query User{873443E8-7136-42D3-BA95-388E8B0451FD}C:\program files\novitus\soga\soga.exe] => (Allow) C:\program files\novitus\soga\soga.exe FirewallRules: [UDP Query User{EF12EC3D-EE9F-47A7-9861-FAD3713AB4A8}C:\program files\novitus\soga\soga.exe] => (Allow) C:\program files\novitus\soga\soga.exe FirewallRules: [TCP Query User{6DCC0BB0-4884-46CA-9BBA-6D4E9CCB23B0}C:\program files\novitus\soga\fiskserv.exe] => (Allow) C:\program files\novitus\soga\fiskserv.exe FirewallRules: [UDP Query User{5A0340B8-273A-4549-8B50-CEEE7FAE6CFF}C:\program files\novitus\soga\fiskserv.exe] => (Allow) C:\program files\novitus\soga\fiskserv.exe FirewallRules: [TCP Query User{6A8A8B07-9B48-44E0-99A1-01A615CB8CDE}C:\program files\novitus\soga\magazyn.exe] => (Allow) C:\program files\novitus\soga\magazyn.exe FirewallRules: [UDP Query User{2BCF0AD1-72B5-4DD5-A8B3-D94F0F9DDAF7}C:\program files\novitus\soga\magazyn.exe] => (Allow) C:\program files\novitus\soga\magazyn.exe FirewallRules: [{1FDBE108-BE7C-4F42-BD7E-60B645A381FB}] => (Allow) C:\Program Files (x86)\AVG\AVG2014\avgnsa.exe FirewallRules: [{063C549D-E174-4C2C-88AE-CDF0DF3357F6}] => (Allow) C:\Program Files (x86)\AVG\AVG2014\avgnsa.exe FirewallRules: [{1A5CC6B6-77EA-4DB4-8177-2D81310E39C1}] => (Allow) C:\Program Files (x86)\AVG\AVG2014\avgdiagex.exe FirewallRules: [{552F6D2B-522C-4213-B47B-42D34318EC9C}] => (Allow) C:\Program Files (x86)\AVG\AVG2014\avgdiagex.exe FirewallRules: [{A16D4149-6039-43A5-ADDE-7B4C332BC0EA}] => (Allow) C:\Program Files (x86)\AVG\AVG2014\avgemca.exe FirewallRules: [{65C60C56-2D33-4EA2-A636-CEFD466D40BD}] => (Allow) C:\Program Files (x86)\AVG\AVG2014\avgemca.exe FirewallRules: [TCP Query User{96AFAD2C-D8D0-43FC-939A-80903E284DF7}C:\program files (x86)\mozilla firefox\plugin-container.exe] => (Allow) C:\program files (x86)\mozilla firefox\plugin-container.exe FirewallRules: [UDP Query User{C81AD134-BAAE-4A4A-A65A-E62337C55D8A}C:\program files (x86)\mozilla firefox\plugin-container.exe] => (Allow) C:\program files (x86)\mozilla firefox\plugin-container.exe FirewallRules: [{A26A7611-011E-42B7-803A-D26C168D61B9}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgmfapx.exe FirewallRules: [{D9F1C34F-CFA7-46F7-B268-F730CE011EEA}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgmfapx.exe FirewallRules: [TCP Query User{57BD0E79-54D2-4D82-AC13-DC8E0AEF2ABA}C:\program files (x86)\pro surveillance system(en)\pssproject.exe] => (Allow) C:\program files (x86)\pro surveillance system(en)\pssproject.exe FirewallRules: [UDP Query User{2D80A062-0375-47C8-8472-7EB85E78E3A6}C:\program files (x86)\pro surveillance system(en)\pssproject.exe] => (Allow) C:\program files (x86)\pro surveillance system(en)\pssproject.exe FirewallRules: [TCP Query User{685D19E2-F8FC-455C-B822-32ACC544B75F}C:\program files (x86)\allplayer remote\allplayerremotecontrol.exe] => (Allow) C:\program files (x86)\allplayer remote\allplayerremotecontrol.exe FirewallRules: [UDP Query User{6ACE212F-5C76-4496-92D2-325523079818}C:\program files (x86)\allplayer remote\allplayerremotecontrol.exe] => (Allow) C:\program files (x86)\allplayer remote\allplayerremotecontrol.exe FirewallRules: [{D5477182-5929-49B9-B5B9-BA493779B9FC}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgmfapx.exe FirewallRules: [{802EA3D0-CD14-492B-BC3F-994D3B44C325}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgmfapx.exe FirewallRules: [TCP Query User{3F9BAA2B-D3CD-490F-8E93-3AD8480DD5FB}C:\program files (x86)\pro surveillance system\pssproject.exe] => (Allow) C:\program files (x86)\pro surveillance system\pssproject.exe FirewallRules: [UDP Query User{5C61AFCA-7B36-4782-9459-9828C65A3DFB}C:\program files (x86)\pro surveillance system\pssproject.exe] => (Allow) C:\program files (x86)\pro surveillance system\pssproject.exe FirewallRules: [{A3B54F85-1D9A-42AE-9184-B5F924B5EE89}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe FirewallRules: [{915951A1-714D-45AE-B56C-A0C4C3FE8A0E}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgnsa.exe FirewallRules: [{A3BB3FC5-042B-42D5-881D-AE9A4C50D582}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgnsa.exe FirewallRules: [{D86B768D-8F38-42A5-B55B-F05FEC0D79EB}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgdiagex.exe FirewallRules: [{D95D84D3-5589-4E56-8D48-31B122ECA93E}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgdiagex.exe FirewallRules: [{8C4770AA-52C7-4EBB-BB65-9BE6EAB811C3}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgemca.exe FirewallRules: [{FE75C330-15DC-4C6F-8241-96661E32F6D8}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgemca.exe FirewallRules: [{0998FC87-1941-44A5-A7C2-14994BD61507}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe ==================== Faulty Device Manager Devices ============= Name: Lexmark X422 Description: Lexmark X422 Class Guid: {6bdd1fc6-810f-11d0-bec7-08002be2092f} Manufacturer: Lexmark Service: usbscan Problem: : This device cannot start. (Code10) Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device. On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard. ==================== Event log errors: ========================= Application errors: ================== Error: (08/10/2015 08:46:25 PM) (Source: EventSystem) (EventID: 4621) (User: ) Description: 80070005EventSystem.EventSubscription{92147EEA-7C84-4055-9E6A-F32CD6A609C0}-{00000000-0000-0000-0000-000000000000}-{00000000-0000-0000-0000-000000000000}HB_System_Logoff Error: (08/10/2015 08:44:31 PM) (Source: ATIeRecord) (EventID: 16388) (User: ) Description: ATI EEU Client event error Error: (08/10/2015 08:12:49 PM) (Source: ATIeRecord) (EventID: 16388) (User: ) Description: ATI EEU Client event error Error: (08/10/2015 08:09:19 PM) (Source: ATIeRecord) (EventID: 16388) (User: ) Description: ATI EEU Client event error Error: (08/10/2015 07:28:30 PM) (Source: EventSystem) (EventID: 4621) (User: ) Description: 80070005EventSystem.EventSubscription{5C70CD3A-8913-4D93-94F7-79182EF1B930}-{00000000-0000-0000-0000-000000000000}-{00000000-0000-0000-0000-000000000000}HB_StopScreenSaver Error: (08/10/2015 04:55:24 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3009) (User: user-Komputer) Description: Nie można zainstalować ciągów liczników wydajności dla usługi .NET CLR Networking 4.0.0.0 (). Pierwszy wpis DWORD w sekcji danych (Data) zawiera kod błędu. Error: (08/10/2015 04:55:24 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3009) (User: user-Komputer) Description: Nie można zainstalować ciągów liczników wydajności dla usługi .NET Data Provider for Oracle (). Pierwszy wpis DWORD w sekcji danych (Data) zawiera kod błędu. Error: (08/10/2015 04:54:24 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3009) (User: user-Komputer) Description: Nie można zainstalować ciągów liczników wydajności dla usługi RemoteAccess (). Pierwszy wpis DWORD w sekcji danych (Data) zawiera kod błędu. Error: (08/10/2015 04:54:02 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3009) (User: user-Komputer) Description: Nie można zainstalować ciągów liczników wydajności dla usługi UGatherer (). Pierwszy wpis DWORD w sekcji danych (Data) zawiera kod błędu. Error: (08/10/2015 04:54:02 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3009) (User: user-Komputer) Description: Nie można zainstalować ciągów liczników wydajności dla usługi UGTHRSVC (). Pierwszy wpis DWORD w sekcji danych (Data) zawiera kod błędu. System errors: ============= Error: (08/10/2015 08:40:09 PM) (Source: DCOM) (EventID: 10005) (User: ) Description: 1084EventSystem{1BE1F766-5536-11D1-B726-00C04FB926AF} Error: (08/10/2015 08:40:03 PM) (Source: DCOM) (EventID: 10005) (User: ) Description: 1084ShellHWDetection{DD522ACC-F821-461A-A407-50B198B896DC} Error: (08/10/2015 08:40:01 PM) (Source: Service Control Manager) (EventID: 7026) (User: ) Description: Nie można załadować następujących sterowników startu rozruchowego lub systemowego: discache eamonm ehdrv GUBootStartup spldr Wanarpv6 Error: (08/10/2015 08:12:43 PM) (Source: BugCheck) (EventID: 1001) (User: ) Description: 0x000000cd (0xfffff9800bb55000, 0x0000000000000000, 0xfffff8000306ad05, 0x0000000000000000)C:\Windows\MEMORY.DMP081015-45224-01 Error: (08/10/2015 07:51:05 PM) (Source: DCOM) (EventID: 10005) (User: ) Description: 1084EventSystem{1BE1F766-5536-11D1-B726-00C04FB926AF} Error: (08/10/2015 07:50:59 PM) (Source: DCOM) (EventID: 10005) (User: ) Description: 1084ShellHWDetection{DD522ACC-F821-461A-A407-50B198B896DC} Error: (08/10/2015 07:50:54 PM) (Source: Service Control Manager) (EventID: 7026) (User: ) Description: Nie można załadować następujących sterowników startu rozruchowego lub systemowego: discache eamonm ehdrv GUBootStartup spldr Wanarpv6 Error: (08/10/2015 07:50:53 PM) (Source: BugCheck) (EventID: 1001) (User: ) Description: 0xc000021a (0xfffff8a0004c3f80, 0x0000000000000001, 0xffffffffc0000001, 0x00000000001005b0)C:\Windows\MEMORY.DMP081015-19796-01 Error: (08/10/2015 07:18:47 PM) (Source: BugCheck) (EventID: 1001) (User: ) Description: 0xc000021a (0xfffff8a001212360, 0x0000000000000000, 0xffffffffc0000001, 0x0000000000100598)C:\Windows\MEMORY.DMP081015-49748-01 Error: (08/10/2015 06:07:02 PM) (Source: DCOM) (EventID: 10005) (User: ) Description: 1084EventSystem{1BE1F766-5536-11D1-B726-00C04FB926AF} Microsoft Office: ========================= Error: (08/10/2015 08:46:25 PM) (Source: EventSystem) (EventID: 4621) (User: ) Description: 80070005EventSystem.EventSubscription{92147EEA-7C84-4055-9E6A-F32CD6A609C0}-{00000000-0000-0000-0000-000000000000}-{00000000-0000-0000-0000-000000000000}HB_System_Logoff Error: (08/10/2015 08:44:31 PM) (Source: ATIeRecord) (EventID: 16388) (User: ) Description: Error: (08/10/2015 08:12:49 PM) (Source: ATIeRecord) (EventID: 16388) (User: ) Description: Error: (08/10/2015 08:09:19 PM) (Source: ATIeRecord) (EventID: 16388) (User: ) Description: Error: (08/10/2015 07:28:30 PM) (Source: EventSystem) (EventID: 4621) (User: ) Description: 80070005EventSystem.EventSubscription{5C70CD3A-8913-4D93-94F7-79182EF1B930}-{00000000-0000-0000-0000-000000000000}-{00000000-0000-0000-0000-000000000000}HB_StopScreenSaver Error: (08/10/2015 04:55:24 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3009) (User: user-Komputer) Description: .NET CLR Networking 4.0.0.02E412 Error: (08/10/2015 04:55:24 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3009) (User: user-Komputer) Description: .NET Data Provider for Oracle2E412 Error: (08/10/2015 04:54:24 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3009) (User: user-Komputer) Description: RemoteAccess2E412 Error: (08/10/2015 04:54:02 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3009) (User: user-Komputer) Description: UGatherer2E412 Error: (08/10/2015 04:54:02 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3009) (User: user-Komputer) Description: UGTHRSVC2E412 CodeIntegrity: =================================== Date: 2014-07-22 19:27:34.655 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2014-07-22 19:27:34.655 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2014-06-26 16:46:30.740 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\user32.dll because the set of per-page image hashes could not be found on the system. Date: 2014-06-26 15:52:06.313 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\user32.dll because the set of per-page image hashes could not be found on the system. Date: 2014-06-26 14:41:32.085 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\user32.dll because the set of per-page image hashes could not be found on the system. Date: 2014-06-26 14:08:43.267 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\user32.dll because the set of per-page image hashes could not be found on the system. Date: 2014-06-26 12:10:45.904 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\user32.dll because the set of per-page image hashes could not be found on the system. Date: 2014-06-26 11:31:48.268 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\user32.dll because the set of per-page image hashes could not be found on the system. Date: 2014-06-26 11:10:46.837 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\user32.dll because the set of per-page image hashes could not be found on the system. Date: 2014-06-25 13:07:19.926 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\user32.dll because the set of per-page image hashes could not be found on the system. ==================== Memory info =========================== Processor: AMD Turion(tm) X2 Dual-Core Mobile RM-75 Percentage of memory in use: 26% Total physical RAM: 4095.12 MB Available physical RAM: 2995.59 MB Total Virtual: 8190.23 MB Available Virtual: 6651.2 MB ==================== Drives ================================ Drive c: () (Fixed) (Total:112.6 GB) (Free:72.62 GB) NTFS Drive d: (MACIEK) (Fixed) (Total:292.97 GB) (Free:189.02 GB) NTFS Drive e: (DEBCIA) (Fixed) (Total:292.97 GB) (Free:161.18 GB) NTFS ==================== MBR & Partition Table ================== ======================================================== Disk: 0 (MBR Code: Windows 7 or 8) (Size: 698.6 GB) (Disk ID: 46FABAFF) Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS) Partition 2: (Not Active) - (Size=112.6 GB) - (Type=07 NTFS) Partition 3: (Not Active) - (Size=293 GB) - (Type=07 NTFS) Partition 4: (Not Active) - (Size=293 GB) - (Type=07 NTFS) ==================== End of log ============================