Additional scan result of Farbar Recovery Scan Tool (x64) Version: 28-12-2014 Ran by user at 2014-12-28 18:31:41 Running from C:\Users\user\Downloads Boot Mode: Normal ========================================================== ==================== Security Center ======================== (If an entry is included in the fixlist, it will be removed.) AV: ESET Smart Security 4.2 (Enabled - Out of date) {CB0F8167-5331-BA19-698E-64816B6801A5} AV: COMODO Antivirus (Enabled - Up to date) {F0BC89B2-8937-0933-021B-B17D981F2A71} AS: ESET Smart Security 4.2 (Enabled - Out of date) {706E6083-750B-B597-533E-5FF310EF4B18} AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: Comodo Defense+ (Enabled - Up to date) {4BDD6856-AF0D-06BD-38AB-8A0FE39860CC} FW: COMODO Firewall (Enabled) {C8870897-C358-086B-2944-184866CC6D0A} FW: Zapora osobista (Disabled) {F3340042-195E-BB41-42D1-CDB495BB46DE} ==================== Installed Programs ====================== (Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.) µTorrent (HKLM-x32\...\uTorrent) (Version: 2.0.2 - ) 2007 Microsoft Office system (HKLM-x32\...\PROHYBRIDR) (Version: 12.0.6612.1000 - Microsoft Corporation) 7-Zip 4.65 (HKLM-x32\...\7-Zip) (Version: - ) Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 1.5.3.9120 - Adobe Systems Inc.) Adobe Community Help (HKLM-x32\...\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 3.0.0.400 - Adobe Systems Incorporated) Adobe Creative Suite 5 Master Collection (HKLM-x32\...\{288DB08D-0708-4A94-B055-55B99E39EB62}) (Version: 5.0 - Adobe Systems Incorporated) Adobe Flash Player 10 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 10.0.45.2 - Adobe Systems Incorporated) Adobe Flash Player 15 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 15.0.0.246 - Adobe Systems Incorporated) Adobe Media Player (HKLM-x32\...\com.adobe.amp.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 1.8 - Adobe Systems Incorporated) Adobe Reader X (10.1.12) - Polish (HKLM-x32\...\{AC76BA86-7AD7-1045-7B44-AA1000000001}) (Version: 10.1.12 - Adobe Systems Incorporated) Aktualizacja produktu Microsoft Office Excel 2007 Help (KB963678) (HKLM-x32\...\{90120000-0016-0415-0000-0000000FF1CE}_PROHYBRIDR_{04E205D6-88B1-4652-B162-42DF2C3B1228}) (Version: - Microsoft) Aktualizacja produktu Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM-x32\...\{90120000-0018-0415-0000-0000000FF1CE}_PROHYBRIDR_{442ECBCF-94A7-48CC-8CD9-D31FFFD5FA86}) (Version: - Microsoft) Aktualizacja produktu Microsoft Office Word 2007 Help (KB963665) (HKLM-x32\...\{90120000-001B-0415-0000-0000000FF1CE}_PROHYBRIDR_{128A36ED-21BE-4547-9FFE-5B85AEC735DD}) (Version: - Microsoft) Alcor Micro USB Card Reader (HKLM-x32\...\InstallShield_{331C520E-D8C3-4AB9-ADF7-A666A3561922}) (Version: 1.3.17.25001 - Alcor Micro Corp.) Alcor Micro USB Card Reader (x32 Version: 1.3.17.25001 - Alcor Micro Corp.) Hidden ArcSoft TotalMedia Backup & Record (HKLM-x32\...\{EF6F70D0-C242-4047-946B-98EA8208481A}) (Version: - ArcSoft) ASUS AI Recovery (HKLM-x32\...\{06585B02-F20D-4AB2-9A64-86EF2AE0F8F0}) (Version: 1.0.6 - ASUS) ASUS Data Security Manager (HKLM-x32\...\{FA2092C5-7979-412D-A962-6485274AE1EE}) (Version: 1.00.0013 - ASUS) ASUS LifeFrame3 (HKLM-x32\...\{1DBD1F12-ED93-49C0-A7CC-56CBDE488158}) (Version: 3.0.20 - ASUS) ASUS Power4Gear Hybrid (HKLM\...\{91EFE3A1-585E-4F66-B5F6-F118F56C4C47}) (Version: 1.1.22 - ASUS) ASUS Splendid Video Enhancement Technology (HKLM-x32\...\{0969AF05-4FF6-4C00-9406-43599238DE0D}) (Version: 1.02.0028 - ASUS) ASUS Virtual Camera (HKLM-x32\...\{EC8BD21F-0CA0-4BBF-97D9-4A52B30041A1}) (Version: 1.0.18 - asus) ATK Generic Function Service (HKLM-x32\...\{D3D54F3E-C5C3-443D-978F-87A72E5616E8}) (Version: 1.00.0008 - ATK) ATK Hotkey (HKLM-x32\...\{7C05592D-424B-46CB-B505-E0013E8E75C9}) (Version: 1.0.0052 - ASUS) ATK Media (HKLM-x32\...\{D1E5870E-E3E5-4475-98A6-ADD614524ADF}) (Version: 2.0.0006 - ASUS) ATKOSD2 (HKLM-x32\...\{3B05F2FB-745B-4012-ADF2-439F36B2E70B}) (Version: 7.0.0006 - ASUS) CDex - Open Source Digital Audio CD Extractor (HKLM-x32\...\CDex) (Version: 1.70.4.2009 - Georgy Berdyshev) Centrum obsługi urządzeń z systemem Windows Mobile (HKLM\...\{626672CD-BFCF-49A9-AEFE-AB0FED3BFC5B}) (Version: 6.1.6965.0 - Microsoft Corporation) Comodo Dragon (HKLM-x32\...\Comodo Dragon) (Version: 36.1.1.21 - Comodo) COMODO Internet Security Premium (HKLM\...\{18F14F4B-D8A9-4309-817E-3BC0B7664E53}) (Version: 8.0.0.4344 - COMODO Security Solutions Inc.) Core Temp version 0.99.8 (HKLM\...\{086D343F-8E78-4AFC-81AC-D6D414AFD8AC}_is1) (Version: 0.99.8 - Arthur Liberman) D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden Dropbox (HKU\S-1-5-21-3948689686-701338284-1942790856-1000\...\Dropbox) (Version: 3.0.3 - Dropbox, Inc.) Dyn Updater (HKLM-x32\...\DynUpdater) (Version: 4.1.10 - Dyn, Inc.) EaseUS Partition Master 10.0 (HKLM-x32\...\EaseUS Partition Master_is1) (Version: - EaseUS) ETDWare PS/2-x64 7.0.5.7_WHQL (HKLM\...\Elantech) (Version: - ) Formant ActiveX programu Windows Live Mesh odpowiedzialny za obsługę połączeń zdalnych (HKLM-x32\...\{B04A0E2F-1E4C-4E61-B18E-3B2BD6779CA7}) (Version: 15.4.5722.2 - Microsoft Corporation) Gadu-Gadu 10 (HKLM-x32\...\Gadu-Gadu 10) (Version: - GG Network S.A.) Galeria fotografii usługi Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Gastro Szef (HKLM-x32\...\{F4063C95-C3EA-11D4-803A-F49143197918}) (Version: 6.X - Przedsiębiorstwo Usług Komputerowych "SOFTECH BIS") GeekBuddy (HKLM\...\{E98902C5-09AF-487A-AFAE-D4C386F506C0}) (Version: 4.18.121 - Comodo Security Solutions Inc) Google Earth Plug-in (HKLM-x32\...\{4AB54F11-2F8C-11E3-B09F-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google) Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden GPL Ghostscript (HKLM-x32\...\GPL Ghostscript 9.05) (Version: 9.05 - Artifex Software Inc.) HTC Sync Manager (HKLM-x32\...\{231D0C79-98A6-4693-A366-36DE7D7346EC}) (Version: 3.1.24.5 - HTC) IMM4 VCM Codec 1.0.0.10 (HKLM-x32\...\IMM4 Codec_is1) (Version: - ) IPTInstaller (HKLM-x32\...\{08208143-777D-4A06-BB54-71BF0AD1BB70}) (Version: 4.0.9 - HTC) IrfanView (remove only) (HKLM-x32\...\IrfanView) (Version: 4.27 - Irfan Skiljan) Java 7 Update 25 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217025FF}) (Version: 7.0.250 - Oracle) Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden K-Lite Mega Codec Pack 6.2.0 (HKLM-x32\...\KLiteCodecPack_is1) (Version: 6.2.0 - ) LiveVDO (HKLM-x32\...\LiveVDO) (Version: 1.3 - LiveVDO) <==== ATTENTION! Malwarebytes Anti-Malware wersja 2.0.4.1028 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.4.1028 - Malwarebytes Corporation) Mesh Runtime (x32 Version: 15.4.5722.2 - Microsoft Corporation) Hidden Microsoft .NET Framework 1.1 (HKLM-x32\...\{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}) (Version: 1.1.4322 - Microsoft) Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation) Microsoft .NET Framework 4.5.1 (Polski) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1045) (Version: 4.5.50938 - Microsoft Corporation) Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{91120000-0031-0000-0000-0000000FF1CE}_PROHYBRIDR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft) Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation) Microsoft Office Suite Activation Assistant (HKLM-x32\...\{E50AE784-FABE-46DA-A1F8-7B6B56DCB22E}) (Version: 2.9 - Microsoft Corporation) Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation) Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation) Microsoft Sync Framework 2.0 Core Components (x86) ENU (HKLM-x32\...\{FF63121D-91C6-42CC-B341-F1AA729728E7}) (Version: 2.0.1578.0 - Microsoft Corporation) Microsoft Sync Framework 2.0 Provider Services (x86) ENU (HKLM-x32\...\{D3A80508-CD83-4CA3-8671-914A1BC78B61}) (Version: 2.0.1578.0 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation) Microsoft Visual C++ 2008 ATL Update kb973924 - x64 9.0.30729.4148 (HKLM\...\{EE936C7A-EA40-31D5-9B65-8E3E089C3828}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (HKLM\...\{350AA351-21FA-3270-8B7A-835434E766AD}) (Version: 9.0.21022 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Mozilla Firefox 34.0.5 (x86 pl) (HKLM-x32\...\Mozilla Firefox 34.0.5 (x86 pl)) (Version: 34.0.5 - Mozilla) Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 33.0.1 - Mozilla) Mozilla Thunderbird 17.0.8 (x86 pl) (HKLM-x32\...\Mozilla Thunderbird 17.0.8 (x86 pl)) (Version: 17.0.8 - Mozilla) MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation) MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation) No-IP DUC (HKLM-x32\...\NoIPDUC) (Version: 4.1.0 - Vitalwerks Internet Solutions LLC) NVIDIA Drivers (HKLM\...\NVIDIA Drivers) (Version: 1.9 - NVIDIA Corporation) OpenOffice.org 3.2 (HKLM-x32\...\{D5A6D02F-3CBB-4FBF-8F65-C3A6D721E8A4}) (Version: 3.2.9483 - OpenOffice.org) PDF Settings CS5 (x32 Version: 10.0 - Adobe Systems Incorporated) Hidden Poczta usługi Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Podstawowe programy Windows Live (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3502.0922 - Microsoft Corporation) Podstawowe programy Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden PrivDog (HKLM-x32\...\PrivDog) (Version: 2.2.0.14 - privdog.com) Pro Surveillance System (HKLM-x32\...\{B28C9804-BFCE-4ADB-8C18-1DD9DA1C530A}) (Version: 4.0.0 - DH) Real Alternative 2.0.2 (HKLM-x32\...\RealAlt_is1) (Version: 2.0.2 - ) Realtek 8136 8168 8169 Ethernet Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 1.00.0005 - Realtek) Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.5936 - Realtek Semiconductor Corp.) RegClean Pro (HKLM-x32\...\RegClean Pro_is1) (Version: 6.21 - Systweak Inc) <==== ATTENTION RegClean-Pro (HKLM-x32\...\RegClean-Pro_is1) (Version: 6.21 - systweak.com) <==== ATTENTION Samsung Printer Live Update (HKLM-x32\...\Samsung Printer Live Update) (Version: - Samsung Electronics Co., Ltd.) Skype Toolbars (HKLM-x32\...\{981029E0-7FC9-4CF3-AB39-6F133621921A}) (Version: 1.0.4051 - Skype Technologies S.A.) Skype™ 6.11 (HKLM-x32\...\{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}) (Version: 6.11.102 - Skype Technologies S.A.) SRS Premium Sound Control Panel (HKLM\...\{E5CF6B9C-3ABE-43C9-9413-AD5FFC98F049}) (Version: 1.8.1200 - SRS Labs, Inc.) SyncToy 2.1 (x86) (HKLM-x32\...\{A066194B-DC8F-449A-8E0F-B57BDD3A2072}) (Version: 2.1.0 - Microsoft) System Requirements Lab for Intel (HKLM-x32\...\{63B7AC7E-0178-4F4F-A79B-08D97ADD02D7}) (Version: 4.5.11.0 - Husdawg, LLC) Total Commander 64-bit (Remove or Repair) (HKLM\...\Totalcmd64) (Version: 8.51a - Ghisler Software GmbH) Uninstall 1.0.0.1 (HKLM-x32\...\Uninstall_is1) (Version: - ) Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{91120000-0031-0000-0000-0000000FF1CE}_PROHYBRIDR_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft) USB 2.0 1.3M UVC WebCam (HKLM\...\USB 2.0 1.3M UVC WebCam) (Version: - ) USB 2.0 UVC 1.3M WebCam (HKLM\...\USB 2.0 UVC 1.3M WebCam) (Version: - ) Video Server E (HKLM-x32\...\Video Server E) (Version: 1.0.5.3 - ) VLC media player 1.1.0 (HKLM-x32\...\VLC media player) (Version: 1.1.0 - VideoLAN) VNC Free Edition 4.1.2 (HKLM-x32\...\RealVNC_is1) (Version: 4.1.2 - RealVNC Ltd.) VshareComplete (HKLM-x32\...\{ec4b6105-e039-42fb-8e18-c8aa393f0018}_is1) (Version: - VshareComplete) <==== ATTENTION Windows Live Sync (HKLM-x32\...\{E580DFEA-3F1D-4B56-9115-984217032FF5}) (Version: 14.0.8117.416 - Microsoft Corporation) YAC(Yet Another Cleaner!) (HKLM-x32\...\iSafe) (Version: - ELEX DO BRASIL PARTICIPAÇÕES LTDA) <==== ATTENTION ==================== Custom CLSID (selected items): ========================== (If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.) CustomCLSID: HKU\S-1-5-21-3948689686-701338284-1942790856-1000_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\user\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-3948689686-701338284-1942790856-1000_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\user\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-3948689686-701338284-1942790856-1000_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\user\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-3948689686-701338284-1942790856-1000_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\user\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-3948689686-701338284-1942790856-1000_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\user\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-3948689686-701338284-1942790856-1000_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\user\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-3948689686-701338284-1942790856-1000_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\user\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-3948689686-701338284-1942790856-1000_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\user\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-3948689686-701338284-1942790856-1000_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\user\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.) ==================== Restore Points ========================= ==================== Hosts content: ========================== (If needed Hosts: directive could be included in the fixlist to reset Hosts.) 2013-03-09 17:53 - 2010-05-20 12:26 - 00001798 ____A C:\Windows\system32\Drivers\etc\hosts 127.0.0.1 activate.adobe.com 127.0.0.1 practivate.adobe.com 127.0.0.1 ereg.adobe.com 127.0.0.1 activate.wip3.adobe.com 127.0.0.1 wip3.adobe.com 127.0.0.1 3dns-3.adobe.com 127.0.0.1 3dns-2.adobe.com 127.0.0.1 adobe-dns.adobe.com 127.0.0.1 adobe-dns-2.adobe.com 127.0.0.1 adobe-dns-3.adobe.com 127.0.0.1 ereg.wip3.adobe.com 127.0.0.1 activate-sea.adobe.com 127.0.0.1 wwis-dubc1-vip60.adobe.com 127.0.0.1 activate-sjc0.adobe.com 127.0.0.1 adobe.activate.com 127.0.0.1 adobeereg.com 127.0.0.1 www.adobeereg.com 127.0.0.1 wwis-dubc1-vip60.adobe.com 127.0.0.1 125.252.224.90 127.0.0.1 125.252.224.91 127.0.0.1 hl2rcv.adobe.com ==================== Scheduled Tasks (whitelisted) ============= (If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.) Task: {0B0B6EF7-E30D-410B-B6FA-201E09CD2182} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-02-08] (Google Inc.) Task: {11D0A059-940D-4968-849D-D4EB5A384D91} - System32\Tasks\{27DE5F21-101D-4D83-96DC-6FA694A75594} => C:\Program Files (x86)\Skype\Phone\Skype.exe [2013-11-14] (Skype Technologies S.A.) Task: {13AB1BFF-1F46-4570-AB77-BD65D2CE0098} - System32\Tasks\ASUS P4G => C:\Program Files\P4G\BatteryLife.exe [2009-08-28] (ATK) Task: {48071AA5-42A8-4E16-86E0-ED41194B3E02} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-12-10] (Adobe Systems Incorporated) Task: {496CAC90-D5B4-4461-AAFC-89E6C8E07574} - System32\Tasks\COMODO\COMODO Cache Builder {0FB77674-7905-4F34-A362-C5A9A26F8CF9} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe [2014-12-09] (COMODO) Task: {499A0B6B-6B55-48F5-ADFA-54E341BAB10B} - System32\Tasks\P4GIntlCtrl => C:\Program Files\P4G\IntlCtrl.exe [2009-08-11] (TODO: ) Task: {5AEA055F-74BE-4A1E-8044-A4B2F459BBED} - System32\Tasks\COMODO\COMODO Scan {F140D794-60B6-4F00-9235-D6457AA25B22} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe [2014-12-09] (COMODO) Task: {669DCF2F-E074-4F10-B12E-2BA69EC45636} - \RegClean Pro No Task File <==== ATTENTION Task: {8B5BFF46-F40D-42D7-B353-7F27E020F950} - System32\Tasks\COMODO\COMODO Autostart {D5EFF3B3-E126-4AF6-BCE9-852A72129E10} => C:\Program Files\COMODO\COMODO Internet Security\cistray.exe [2014-12-09] (COMODO) Task: {B214E06C-EE4B-4EEF-81C2-0679CE5FB60A} - System32\Tasks\COMODO\COMODO Update {A6D52E4F-569B-4756-B3D8-DF217313DA85} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe [2014-12-09] (COMODO) Task: {BE6F370A-2822-4692-BA44-3246E748166C} - System32\Tasks\{05F53984-5AC4-42FD-BFF9-4BF874278055} => pcalua.exe -a "C:\Program Files (x86)\Mozilla Firefox\uninstall\helper.exe" Task: {BECDECFA-0E5A-4EFA-A370-A1472D0888D3} - System32\Tasks\COMODO\COMODO Signature Update {B9D5C6F9-17D2-4917-8BD0-614BAA1C6A59} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe [2014-12-09] (COMODO) Task: {E2F70CA7-C5AB-49E9-BBA7-AA0677DC4FF1} - System32\Tasks\ACMON => C:\Program Files (x86)\ASUS\Splendid\ACMON.exe [2009-07-23] (ATK) Task: {FDCE33E6-1BA6-4018-AC3B-5511690C4EF3} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-02-08] (Google Inc.) Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe ==================== Loaded Modules (whitelisted) ============= 2009-11-23 17:58 - 2007-08-08 00:08 - 00094208 _____ () C:\Program Files\ATKGFNEX\GFNEXSrv.exe 2007-06-15 10:28 - 2007-06-15 10:28 - 00104960 _____ () C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ShlExt\x64\OverlayIconShlExt64.dll 2007-06-01 16:52 - 2007-06-01 16:52 - 00159744 _____ () C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ShlExt\x64\OverlayIconShlExt1_64.dll 2011-01-27 07:32 - 2011-01-27 07:32 - 00027648 _____ () C:\Windows\System32\ssb7mlm.dll 2011-06-21 06:42 - 2011-06-21 06:42 - 00034304 _____ () C:\Windows\System32\sst3cl6.dll 2006-12-04 00:26 - 2006-12-04 00:26 - 00022016 _____ () C:\Windows\System32\sugs2l6.dll 2009-08-28 15:00 - 2009-08-28 15:00 - 00041984 _____ () C:\Program Files\P4G\DevMng.dll 2009-08-28 11:43 - 2009-08-28 11:43 - 00029184 _____ () C:\Program Files\P4G\OvrClk.dll 2009-11-23 17:58 - 2007-03-09 18:58 - 00124416 _____ () C:\Program Files\ATKGFNEX\AGFNEX64.dll 2008-08-13 20:59 - 2008-08-13 20:59 - 00301624 _____ () C:\Program Files (x86)\ASUS\ATK Hotkey\Atouch64.exe 2008-09-30 23:02 - 2008-09-30 23:08 - 00011264 _____ () C:\Program Files (x86)\ASUS\Splendid\GLCDdll.dll 2013-04-15 17:39 - 2013-04-15 17:39 - 00073424 _____ () C:\Program Files\COMODO\COMODO Internet Security\scanners\smart.cav 2014-04-12 13:27 - 2014-02-13 14:37 - 00254024 _____ () C:\Program Files (x86)\EaseUS\EaseUS Partition Master 10.0\bin\TrayPopupE\TrayTipAgentE.exe 2014-12-25 02:06 - 2014-12-16 09:56 - 00065696 _____ () C:\Program Files (x86)\Elex-tech\YAC\zlib1.dll 2014-12-25 02:06 - 2014-12-16 09:56 - 00092320 _____ () C:\Program Files (x86)\Elex-tech\YAC\curlpp.dll 2014-12-25 02:06 - 2014-12-16 09:56 - 01105408 _____ () C:\Program Files (x86)\Elex-tech\YAC\isafechlp.dll 2014-12-25 02:05 - 2014-10-27 04:02 - 00176976 _____ () C:\Program Files (x86)\Elex-tech\YAC\tws\unrar.dll 2014-12-25 02:05 - 2014-10-27 04:02 - 00087744 _____ () C:\Program Files (x86)\Elex-tech\YAC\tws\unacev2.dll 2014-12-25 02:05 - 2014-12-16 09:56 - 00185640 _____ () C:\Program Files (x86)\Elex-tech\YAC\libpng.dll 2007-06-15 10:28 - 2007-06-15 10:28 - 00147456 _____ () C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ShlExt\x86\OverlayIconShlExt.dll 2007-06-01 17:08 - 2007-06-01 17:08 - 00143360 _____ () C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ShlExt\x86\OverlayIconShlExt1.dll 2014-08-06 13:40 - 2014-08-06 13:40 - 00031080 _____ () C:\Program Files (x86)\HTC\HTC Sync Manager\DbAccess.dll 2014-08-06 13:41 - 2014-08-06 13:41 - 00607376 _____ () C:\Program Files (x86)\HTC\HTC Sync Manager\sqlite3.dll 2014-08-06 13:41 - 2014-08-06 13:41 - 00059752 _____ () C:\Program Files (x86)\HTC\HTC Sync Manager\NAdvLog.dll 2014-08-06 13:41 - 2014-08-06 13:41 - 00036216 _____ () C:\Program Files (x86)\HTC\HTC Sync Manager\NFileCacheDBAccess.dll 2014-08-06 13:42 - 2014-08-06 13:42 - 00080248 _____ () C:\Program Files (x86)\HTC\HTC Sync Manager\ninstallerhelper.dll 2014-08-06 13:44 - 2014-08-06 13:44 - 00129376 _____ () C:\Program Files (x86)\HTC\HTC Sync Manager\zlib1.dll 2014-08-06 13:46 - 2014-08-06 13:46 - 00223592 _____ () C:\Program Files (x86)\HTC\HTC Sync Manager\DevConnMon.dll 2014-10-22 01:22 - 2014-10-22 01:22 - 00750080 _____ () C:\Users\user\AppData\Roaming\Dropbox\bin\libGLESv2.dll 2014-12-28 17:21 - 2014-12-28 17:21 - 00043008 _____ () c:\users\user\appdata\local\temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpokzi3d.dll 2014-10-22 01:22 - 2014-10-22 01:22 - 00047616 _____ () C:\Users\user\AppData\Roaming\Dropbox\bin\libEGL.dll 2014-10-22 01:22 - 2014-10-22 01:22 - 00863744 _____ () C:\Users\user\AppData\Roaming\Dropbox\bin\plugins\platforms\qwindows.dll 2014-10-22 01:22 - 2014-10-22 01:22 - 00200704 _____ () C:\Users\user\AppData\Roaming\Dropbox\bin\plugins\imageformats\qjpeg.dll 2014-04-12 13:27 - 2014-02-13 14:27 - 00222792 _____ () C:\Program Files (x86)\EaseUS\EaseUS Partition Master 10.0\bin\TrayPopupE\traynet.dll 2014-04-12 13:27 - 2014-02-13 14:27 - 00275528 _____ () C:\Program Files (x86)\EaseUS\EaseUS Partition Master 10.0\bin\TrayPopupE\libcurl.dll 2014-04-12 13:27 - 2014-02-13 14:27 - 00113166 _____ () C:\Program Files (x86)\EaseUS\EaseUS Partition Master 10.0\bin\TrayPopupE\zlib1.dll 2014-04-12 13:27 - 2014-02-13 14:27 - 00249928 _____ () C:\Program Files (x86)\EaseUS\EaseUS Partition Master 10.0\bin\TrayPopupE\uexper.dll 2014-12-10 12:08 - 2014-12-10 12:08 - 16841392 _____ () C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_246.dll ==================== Alternate Data Streams (whitelisted) ========= (If an entry is included in the fixlist, only the Alternate Data Streams will be removed.) AlternateDataStreams: C:\Windows\system32\ieUnatt.exe:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\ieUnatt.exe:$CmdTcID AlternateDataStreams: C:\Users\user\Desktop\garda.jpg:$CmdZnID AlternateDataStreams: C:\Users\user\Desktop\Garda2015.gif:com.dropbox.attributes AlternateDataStreams: C:\Users\user\Desktop\Tatar.jpg:$CmdZnID AlternateDataStreams: C:\Users\user\Downloads\EE76EDFF807928E7AA96E50007CE457E2AD33272.torrent:$CmdZnID AlternateDataStreams: C:\Users\user\Downloads\faktura(3).pdf:$CmdZnID AlternateDataStreams: C:\Users\user\Downloads\faktura(4).pdf:$CmdZnID AlternateDataStreams: C:\Users\user\Downloads\faktura(5).pdf:$CmdZnID AlternateDataStreams: C:\Users\user\Downloads\faktura(6).pdf:$CmdTcID AlternateDataStreams: C:\Users\user\Downloads\faktura(6).pdf:$CmdZnID AlternateDataStreams: C:\Users\user\Downloads\faktura(7).pdf:$CmdZnID AlternateDataStreams: C:\Users\user\Downloads\FRST64.exe:$CmdTcID AlternateDataStreams: C:\Users\user\Downloads\FRST64.exe:$CmdZnID AlternateDataStreams: C:\Users\user\Downloads\mbam-setup-2.0.4.1028.exe:$CmdTcID AlternateDataStreams: C:\Users\user\Downloads\mbam-setup-2.0.4.1028.exe:$CmdZnID AlternateDataStreams: C:\Users\user\Downloads\yet_another_cleaner_bbs.exe:$CmdTcID AlternateDataStreams: C:\Users\user\Downloads\yet_another_cleaner_bbs.exe:$CmdZnID ==================== Safe Mode (whitelisted) =================== (If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.) ==================== EXE Association (whitelisted) ============= (If an entry is included in the fixlist, the default will be restored. None default entries will be removed.) HKU\S-1-5-21-3948689686-701338284-1942790856-1000\Software\Classes\.exe: => <===== ATTENTION! ==================== MSCONFIG/TASK MANAGER disabled items ========= (Currently there is no automatic fix for this section.) ========================= Accounts: ========================== Administrator (S-1-5-21-3948689686-701338284-1942790856-500 - Administrator - Disabled) ASPNET (S-1-5-21-3948689686-701338284-1942790856-1002 - Limited - Enabled) Gość (S-1-5-21-3948689686-701338284-1942790856-501 - Limited - Disabled) HomeGroupUser$ (S-1-5-21-3948689686-701338284-1942790856-1004 - Limited - Enabled) user (S-1-5-21-3948689686-701338284-1942790856-1000 - Administrator - Enabled) => C:\Users\user ==================== Faulty Device Manager Devices ============= Name: Karta wirtualnego miniportu WiFi firmy Microsoft Description: Karta wirtualnego miniportu WiFi firmy Microsoft Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318} Manufacturer: Microsoft Service: vwifimp Problem: : This device is disabled. (Code 22) Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions. ==================== Event log errors: ========================= Application errors: ================== Error: (12/27/2014 03:28:54 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Nazwa aplikacji powodującej błąd: plugin-container.exe, wersja: 34.0.5.5443, sygnatura czasowa: 0x5475dd5d Nazwa modułu powodującego błąd: mozalloc.dll, wersja: 34.0.5.5443, sygnatura czasowa: 0x5475d664 Kod wyjątku: 0x80000003 Przesunięcie błędu: 0x00001425 Identyfikator procesu powodującego błąd: 0x170c Godzina uruchomienia aplikacji powodującej błąd: 0xplugin-container.exe0 Ścieżka aplikacji powodującej błąd: plugin-container.exe1 Ścieżka modułu powodującego błąd: plugin-container.exe2 Identyfikator raportu: plugin-container.exe3 Error: (12/24/2014 11:04:23 PM) (Source: Application Hang) (EventID: 1002) (User: ) Description: Program RegCleanPro.exe w wersji 7.2.63.146 zatrzymał interakcję z systemem Windows i został zamknięty. Aby zobaczyć, czy jest dostępnych więcej informacji dotyczących tego problemu, sprawdź historię problemu w panelu sterowania Centrum akcji. Identyfikator procesu: 9f4 Godzina rozpoczęcia: 01d01fc519312d40 Godzina zakończenia: 47 Ścieżka aplikacji: C:\Program Files (x86)\RCP\RegCleanPro.exe Identyfikator raportu: c589b851-8bb8-11e4-808f-e0cb4e49e9d8 Error: (12/23/2014 07:02:24 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Nazwa aplikacji powodującej błąd: RegCleanPro.exe, wersja: 7.2.63.146, sygnatura czasowa: 0x54858bdf Nazwa modułu powodującego błąd: RegCleanPro.exe, wersja: 7.2.63.146, sygnatura czasowa: 0x54858bdf Kod wyjątku: 0xc0000005 Przesunięcie błędu: 0x00042db2 Identyfikator procesu powodującego błąd: 0x9f0 Godzina uruchomienia aplikacji powodującej błąd: 0xRegCleanPro.exe0 Ścieżka aplikacji powodującej błąd: RegCleanPro.exe1 Ścieżka modułu powodującego błąd: RegCleanPro.exe2 Identyfikator raportu: RegCleanPro.exe3 Error: (12/23/2014 06:56:55 PM) (Source: WinMgmt) (EventID: 24) (User: ) Description: CisWmiSELECT * FROM CisStatusChangeCisStatusChange//./root/cis Error: (12/23/2014 06:56:55 PM) (Source: WinMgmt) (EventID: 24) (User: ) Description: CisWmiSELECT * FROM CisNotificationCisNotification//./root/cis Error: (12/23/2014 06:56:55 PM) (Source: WinMgmt) (EventID: 24) (User: ) Description: CisWmiSELECT * FROM FwAlertFwAlert//./root/cis Error: (12/23/2014 06:56:55 PM) (Source: WinMgmt) (EventID: 24) (User: ) Description: CisWmiSELECT * FROM DfAlertDfAlert//./root/cis Error: (12/23/2014 06:56:55 PM) (Source: WinMgmt) (EventID: 24) (User: ) Description: CisWmiSELECT * FROM AvAlertAvAlert//./root/cis Error: (12/23/2014 06:56:55 PM) (Source: WinMgmt) (EventID: 24) (User: ) Description: CisWmiSELECT * FROM CisAlertCisAlert//./root/cis Error: (12/23/2014 06:56:55 PM) (Source: WinMgmt) (EventID: 24) (User: ) Description: CisWmiSELECT * FROM CisEventCisEvent//./root/cis System errors: ============= Error: (12/28/2014 05:22:18 PM) (Source: Service Control Manager) (EventID: 7009) (User: ) Description: Upłynął limit czasu (30000 ms) podczas oczekiwania na połączenie się z usługą Microsoft .NET Framework NGEN v4.0.30319_X86. Error: (12/28/2014 01:27:45 PM) (Source: Service Control Manager) (EventID: 7009) (User: ) Description: Upłynął limit czasu (30000 ms) podczas oczekiwania na połączenie się z usługą Microsoft .NET Framework NGEN v4.0.30319_X86. Error: (12/27/2014 05:49:33 PM) (Source: DCOM) (EventID: 10010) (User: ) Description: {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5} Error: (12/27/2014 01:14:23 PM) (Source: Service Control Manager) (EventID: 7009) (User: ) Description: Upłynął limit czasu (30000 ms) podczas oczekiwania na połączenie się z usługą Microsoft .NET Framework NGEN v4.0.30319_X86. Error: (12/26/2014 05:24:41 PM) (Source: DCOM) (EventID: 10010) (User: ) Description: {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5} Error: (12/25/2014 07:49:58 PM) (Source: Service Control Manager) (EventID: 7009) (User: ) Description: Upłynął limit czasu (30000 ms) podczas oczekiwania na połączenie się z usługą Microsoft .NET Framework NGEN v4.0.30319_X86. Error: (12/25/2014 03:39:08 AM) (Source: DCOM) (EventID: 10010) (User: ) Description: {F40211E8-05C9-4430-B832-041A5ECD7FA2} Error: (12/25/2014 03:38:34 AM) (Source: DCOM) (EventID: 10010) (User: ) Description: {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5} Error: (12/25/2014 03:33:32 AM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: Usługa Util Hold Page niespodziewanie zakończyła pracę. Wystąpiło to razy: 1. W przeciągu 5000 milisekund zostanie podjęta następująca czynność korekcyjna: Uruchom usługę ponownie. Error: (12/25/2014 03:20:47 AM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Nie można uruchomić usługi Update Hold Page z powodu następującego błędu: %%1053 Microsoft Office Sessions: ========================= Error: (09/08/2013 08:42:36 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: ) Description: ID: 1, Application Name: Microsoft Office Excel, Application Version: 12.0.6665.5003, Microsoft Office Version: 12.0.6612.1000. This session lasted 1440 seconds with 0 seconds of active time. This session ended with a crash. CodeIntegrity Errors: =================================== Date: 2014-12-14 13:44:03.168 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\cmdvrt64.dll because the set of per-page image hashes could not be found on the system. Date: 2014-12-14 13:32:56.955 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\cmdvrt64.dll because the set of per-page image hashes could not be found on the system. Date: 2014-12-14 13:12:09.155 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\cmdvrt64.dll because the set of per-page image hashes could not be found on the system. Date: 2014-12-14 13:06:48.219 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\cmdvrt64.dll because the set of per-page image hashes could not be found on the system. Date: 2014-12-14 11:46:15.651 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\cmdvrt64.dll because the set of per-page image hashes could not be found on the system. Date: 2014-12-14 10:45:03.048 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\cmdvrt64.dll because the set of per-page image hashes could not be found on the system. Date: 2014-12-13 21:28:39.750 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\cmdvrt64.dll because the set of per-page image hashes could not be found on the system. Date: 2014-04-10 20:52:54.037 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Users\user\AppData\Local\Temp\EverestDriver.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2014-04-10 20:52:53.007 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Users\user\AppData\Local\Temp\EverestDriver.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2014-04-10 20:52:51.588 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\Lavalys\EVEREST Home Edition\kerneld.amd64 because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. ==================== Memory info =========================== Processor: Pentium(R) Dual-Core CPU T4400 @ 2.20GHz Percentage of memory in use: 37% Total physical RAM: 4095.27 MB Available physical RAM: 2543.99 MB Total Pagefile: 8188.72 MB Available Pagefile: 6289.34 MB Total Virtual: 8192 MB Available Virtual: 8191.82 MB ==================== Drives ================================ Drive c: () (Fixed) (Total:128.8 GB) (Free:69.75 GB) NTFS Drive d: () (Fixed) (Total:103.98 GB) (Free:57.11 GB) NTFS Drive f: () (Removable) (Total:1.91 GB) (Free:0.93 GB) FAT32 ==================== MBR & Partition Table ================== ======================================================== Disk: 0 (Size: 232.9 GB) (Disk ID: 3D82E436) Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS) Partition 2: (Not Active) - (Size=128.8 GB) - (Type=07 NTFS) Partition 3: (Not Active) - (Size=104 GB) - (Type=07 NTFS) ======================================================== Disk: 1 (Size: 1.9 GB) (Disk ID: 00000000) Partition: GPT Partition Type. ==================== End Of Log ============================