Additional scan result of Farbar Recovery Scan Tool (x64) Version: 01-02-2015 Ran by BM at 2015-02-02 22:27:04 Running from D:\Downloads Boot Mode: Normal ========================================================== ==================== Security Center ======================== (If an entry is included in the fixlist, it will be removed.) AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B} AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736} ==================== Installed Programs ====================== (Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.) 7-Zip 9.20 (HKLM-x32\...\7-Zip) (Version: - ) 7-Zip 9.20 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov) Acrobat.com (HKLM-x32\...\com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 1.1.377 - Adobe Systems Incorporated) Acrobat.com (x32 Version: 0.0.0 - Adobe Systems Incorporated) Hidden Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 1.5.3.9120 - Adobe Systems Inc.) Adobe Community Help (HKLM-x32\...\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 3.0.0.400 - Adobe Systems Incorporated) Adobe Flash Player 16 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 16.0.0.296 - Adobe Systems Incorporated) Adobe Photoshop CS5 (HKLM-x32\...\{15FEDA5F-141C-4127-8D7E-B962D1742728}) (Version: 12.0 - Adobe Systems Incorporated) Adobe Photoshop Lightroom 3.3 64-bit (HKLM\...\{CFFF260C-F510-45BB-8F8E-1D4AC1232786}) (Version: 3.3.1 - Adobe) Adobe Photoshop Lightroom 5.2 64-bit (HKLM\...\{54E6C675-3AD4-42E4-957F-31666ABF1603}) (Version: 5.2.1 - Adobe) Adobe Reader X (10.1.3) (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AA1000000001}) (Version: 10.1.3 - Adobe Systems Incorporated) Advertising Center (x32 Version: 0.0.0.2 - Nero AG) Hidden AllDup 3.4.13 (HKLM-x32\...\AllDup_is1) (Version: 3.4.13 - Michael Thummerer Software Design) Arles Image Web Page Creator 4.94 (HKLM-x32\...\Arles Image Web Page Creator_is1) (Version: 4.94 - Digital Dutch) ASRock App Charger v1.0.4 (HKLM\...\ASRock App Charger_is1) (Version: - ASRock Inc.) ASRock InstantBoot v1.26 (HKLM-x32\...\ASRock InstantBoot_is1) (Version: - ) Avast Free Antivirus (HKLM-x32\...\avast) (Version: 10.0.2208 - AVAST Software) BitTorrent (HKLM-x32\...\BitTorrent) (Version: 7.7.0 - BitTorrent Inc.) Canon Inkjet Printer/Scanner/Fax Extended Survey Program (HKLM-x32\...\CANONIJPLM100) (Version: - ) Canon MovieEdit Task for ZoomBrowser EX (HKLM-x32\...\MovieEditTask) (Version: 3.8.0.5 - Canon Inc.) Canon MP Navigator EX 4.0 (HKLM-x32\...\MP Navigator EX 4.0) (Version: - ) Canon RAW Codec (HKLM-x32\...\Canon RAW Codec) (Version: 1.9.0.73 - Canon Inc.) Canon Solution Menu EX (HKLM-x32\...\CanonSolutionMenuEX) (Version: - ) Canon Utilities CameraWindow (HKLM-x32\...\CameraWindowLauncher) (Version: 7.1.0.2 - Canon Inc.) Canon Utilities CameraWindow DC_DV 6 for ZoomBrowser EX (HKLM-x32\...\CameraWindowDVC6) (Version: 6.4.2.16 - Canon Inc.) Canon Utilities Digital Photo Professional (HKLM-x32\...\Digital Photo Professional) (Version: 3.12.51.2 - Canon Inc.) Canon Utilities EOS Sample Music (HKLM-x32\...\EOS Sample Music) (Version: 1.0.1.1 - Canon Inc.) Canon Utilities EOS Utility (HKLM-x32\...\EOS Utility) (Version: 2.12.2.1 - Canon Inc.) Canon Utilities ImageBrowser EX (HKLM-x32\...\ImageBrowser EX) (Version: 1.2.1.13 - Canon Inc.) Canon Utilities MyCamera (HKLM-x32\...\MyCamera) (Version: 7.0.0.3 - Canon Inc.) Canon Utilities PhotoStitch (HKLM-x32\...\PhotoStitch) (Version: 3.1.23.47 - Canon Inc.) Canon Utilities Picture Style Editor (HKLM-x32\...\Picture Style Editor) (Version: 1.12.2.0 - Canon Inc.) Canon Utilities RemoteCapture Task for ZoomBrowser EX (HKLM-x32\...\RemoteCaptureTask) (Version: 1.7.1.9 - Canon Inc.) Canon Utilities ZoomBrowser EX (HKLM-x32\...\ZoomBrowser EX) (Version: 6.7.2.33 - Canon Inc.) CanoScan LiDE 110 Scanner Driver (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_CNQ2414) (Version: - ) Centrum obsługi urządzeń z systemem Windows Mobile — aktualizacja sterowników (HKLM\...\{92DBCA36-9B41-4DD1-941A-AED149DD37F0}) (Version: 6.1.6965.0 - Microsoft Corporation) Centrum obsługi urządzeń z systemem Windows Mobile (HKLM\...\{626672CD-BFCF-49A9-AEFE-AB0FED3BFC5B}) (Version: 6.1.6965.0 - Microsoft Corporation) Detektor Winampa (HKU\S-1-5-21-2949551511-373755211-1111318044-1000\...\Winamp Detect) (Version: 1.0.0.1 - Nullsoft, Inc) doPDF 7.3 printer (HKLM\...\doPDF 7 printer_is1) (Version: - Softland) Dropbox (HKU\S-1-5-21-2949551511-373755211-1111318044-1000\...\Dropbox) (Version: 3.0.3 - Dropbox, Inc.) Easy Color Basic 3.0 (HKLM-x32\...\Colorland.pl_Easy Color Basic 3.0) (Version: - ) ElitBook DESIGNER (HKLM-x32\...\FotoElita_ElitBook DESIGNER) (Version: - ) empressia (HKLM-x32\...\empresse_empressia) (Version: - ) EOSInfo (HKLM-x32\...\{CC23FF9A-989C-4DEB-8970-50E6E4862315}) (Version: 0.2.0 - astrojargon.net) Etron USB3.0 Host Controller (HKLM-x32\...\InstallShield_{DFBB738C-71D8-4DC5-B8D2-D65C37680E27}) (Version: 0.96 - Etron Technology) Etron USB3.0 Host Controller (x32 Version: 0.96 - Etron Technology) Hidden Facebook Video Calling 3.1.0.521 (HKLM-x32\...\{2091F234-EB58-4B80-8C96-8EB78C808CF7}) (Version: 3.1.521 - Skype Limited) FileZilla Client 3.10.0.2 (HKLM-x32\...\FileZilla Client) (Version: 3.10.0.2 - Tim Kosse) FormatFactory 2.96 (HKLM-x32\...\FormatFactory) (Version: 2.96 - Free Time) Free DWG Viewer 7.1 (HKLM-x32\...\{B8B4D43C-EAA0-4EEC-B93E-D4D012316286}) (Version: 7.1 - IGC) Free Monitor for Google 2.5 (HKLM-x32\...\Free Monitor for Google_is1) (Version: - CleverStat) FreeFileSync 5.11 (HKLM-x32\...\FreeFileSync) (Version: 5.11 - Zenju) GG (HKU\S-1-5-21-2949551511-373755211-1111318044-1000\...\GG) (Version: 11 - GG Network S.A.) Google Chrome (HKLM-x32\...\Google Chrome) (Version: 40.0.2214.93 - Google Inc.) Google Earth Plug-in (HKLM-x32\...\{4AB54F11-2F8C-11E3-B09F-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google) Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden Gramblr (HKU\S-1-5-21-2949551511-373755211-1111318044-1000\...\Gramblr) (Version: 1.0.0 - Gramblr) <==== ATTENTION! GstarCAD 2012 Standard(12.0.0.1) (HKLM-x32\...\GstarCAD 2012 Standard) (Version: - ) HxD Hex Editor wersja 1.7.7.0 (HKLM-x32\...\HxD Hex Editor_is1) (Version: 1.7.7.0 - Maël Hörz) ImagXpress (x32 Version: 7.0.74.0 - Nero AG) Hidden Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 7.0.0.1144 - Intel Corporation) IrfanView (remove only) (HKLM-x32\...\IrfanView) (Version: 4.32 - Irfan Skiljan) Jasc Paint Shop Pro 9 (HKLM-x32\...\{F843C6A3-224D-4615-94F8-3C461BD9AEA0}) (Version: 9.00.0000 - Jasc Software Inc) Java 7 Update 25 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86417025FF}) (Version: 7.0.250 - Oracle) Java 7 Update 71 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217025FF}) (Version: 7.0.710 - Oracle) Java(TM) 6 Update 31 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83216031FF}) (Version: 6.0.310 - Oracle) jEdit 4.5.1 (HKLM\...\jEdit_is1) (Version: 4.5.1 - Contributors) KrukBook Album Maker (HKLM-x32\...\KrukBook_KrukBook Album Maker) (Version: - ) LightScribe System Software (HKLM-x32\...\{3744B641-61DE-417F-BCDC-9CCED4224DF8}) (Version: 1.18.13.1 - LightScribe) Malwarebytes Anti-Malware wersja 2.0.4.1028 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.4.1028 - Malwarebytes Corporation) marvell 91xx driver (HKLM-x32\...\MagniDriver) (Version: 1.0.0.1047 - Marvell) Menu Templates - Starter Kit (x32 Version: 9.6.0.0 - Nero AG) Hidden Microsoft .NET Framework 4 Client Profile (HKLM\...\Microsoft .NET Framework 4 Client Profile) (Version: 4.0.30319 - Microsoft Corporation) Microsoft .NET Framework 4 Extended (HKLM\...\Microsoft .NET Framework 4 Extended) (Version: 4.0.30319 - Microsoft Corporation) Microsoft Office Enterprise 2007 (HKLM-x32\...\ENTERPRISE) (Version: 12.0.4518.1014 - Microsoft Corporation) Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.20513.0 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Movie Templates - Starter Kit (x32 Version: 9.6.0.0 - Nero AG) Hidden MozBackup 1.5.1 (HKLM-x32\...\MozBackup) (Version: - Pavel Cvrcek) Mozilla Firefox 35.0.1 (x86 pl) (HKLM-x32\...\Mozilla Firefox 35.0.1 (x86 pl)) (Version: 35.0.1 - Mozilla) Mozilla Thunderbird 31.4.0 (x86 pl) (HKLM-x32\...\Mozilla Thunderbird 31.4.0 (x86 pl)) (Version: 31.4.0 - Mozilla) MSVC90_x64 (Version: 1.0.1.2 - Nokia) Hidden MSVC90_x86 (x32 Version: 1.0.1.2 - Nokia) Hidden MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation) MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation) MyFreeCodec (HKU\S-1-5-21-2949551511-373755211-1111318044-1000\...\MyFreeCodec) (Version: - ) Nero 9 Essentials (HKLM-x32\...\{4399de31-bd70-4033-ab6f-29a9cfdae545}) (Version: - Nero AG) Notatnik SP, ver 4.1 (HKLM-x32\...\Notatnik SP_is1) (Version: - HAKGERSoft) Notepad++ (HKLM-x32\...\Notepad++) (Version: 6.1.2 - ) OSCAR Editor (x32 Version: 12.03.0004 - A4TECH) Hidden Panel sterowania NVIDIA 311.06 (Version: 311.06 - NVIDIA Corporation) Hidden PDF Settings CS5 (x32 Version: 10.0 - Adobe Systems Incorporated) Hidden PDFCreator (HKLM-x32\...\{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}) (Version: 1.5.1 - Frank Heindörfer, Philip Chinery) Photodex Presenter (HKLM-x32\...\Photodex Presenter) (Version: - Photodex Corporation) Polski pakiet językowy dla programu Microsoft .NET Framework 4 Client Profile (HKLM\...\Microsoft .NET Framework 4 Client Profile PLK Language Pack) (Version: 4.0.30319 - Microsoft Corporation) Polski pakiet językowy dla programu Microsoft .NET Framework 4 Extended (HKLM\...\Microsoft .NET Framework 4 Extended PLK Language Pack) (Version: 4.0.30319 - Microsoft Corporation) popcolor PHOTO 3.0 (HKLM-x32\...\popcolor PHOTO_is1) (Version: - popcolor PHOTO) PowerWalker-WinPower (HKLM-x32\...\PowerWalker-WinPower) (Version: 4.2.0.1 - ) ProShow Gold (HKLM-x32\...\ProShow Gold) (Version: - Photodex Corporation) Ralink RT2870 Wireless LAN Card (HKLM-x32\...\{28DA7D8B-F9A4-4F18-8AA0-551B1E084D0D}) (Version: 1.5.31.0 - Ralink) Realtek Ethernet Controller Driver For Windows 7 (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.23.623.2010 - Realtek) Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6167 - Realtek Semiconductor Corp.) RescuePRO 3.3 (HKLM-x32\...\RescuePRO-3.0) (Version: - ) Samsung Kies (HKLM-x32\...\InstallShield_{758C8301-2696-4855-AF45-534B1200980A}) (Version: 2.5.0.12104_15 - Samsung Electronics Co., Ltd.) Samsung Kies (x32 Version: 2.5.0.12104_15 - Samsung Electronics Co., Ltd.) Hidden Samsung Kies3 (HKLM-x32\...\InstallShield_{88547073-C566-4895-9005-EBE98EA3F7C7}) (Version: 3.2.14034.17 - Samsung Electronics Co., Ltd.) Samsung Kies3 (x32 Version: 3.2.14034.17 - Samsung Electronics Co., Ltd.) Hidden Samsung Story Album Viewer (HKLM-x32\...\InstallShield_{698BBAD8-B116-495D-B879-0F07A533E57F}) (Version: 1.0.0.13054_1 - Samsung Electronics Co., Ltd.) Samsung Story Album Viewer (x32 Version: 1.0.0.13054_1 - Samsung Electronics Co., Ltd.) Hidden SAMSUNG USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.43.0 - SAMSUNG Electronics Co., Ltd.) Skype™ 7.0 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.0.102 - Skype Technologies S.A.) Total Commander 64-bit (Remove or Repair) (HKLM\...\Totalcmd64) (Version: 8.01 - Ghisler Software GmbH) VLC media player (HKLM\...\VLC media player) (Version: 2.1.5 - VideoLAN) Winamp (HKLM-x32\...\Winamp) (Version: 5.623 - Nullsoft, Inc) Wise Disk Cleaner 8.39 (HKLM-x32\...\Wise Disk Cleaner_is1) (Version: 8.39 - WiseCleaner.com, Inc.) Wise Registry Cleaner 8.31 (HKLM-x32\...\Wise Registry Cleaner_is1) (Version: 8.31 - WiseCleaner.com, Inc.) X7 Oscar Editor (HKLM-x32\...\InstallShield_{3C2379D2-337A-4FFA-9017-BDFB80EC0931}) (Version: 12.03.0004 - A4TECH) XnView 1.99.5 (HKLM-x32\...\XnView_is1) (Version: 1.99.5 - Gougelet Pierre-e) ZTE_1.2059.0.8 (HKLM-x32\...\ZTE_1.2059.0.8) (Version: - ) ==================== Custom CLSID (selected items): ========================== (If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.) CustomCLSID: HKU\S-1-5-21-2949551511-373755211-1111318044-1000_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\BM\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-2949551511-373755211-1111318044-1000_Classes\CLSID\{E68D0A55-3C40-4712-B90D-DCFA93FF2534}\InprocServer32 -> C:\Users\BM\AppData\Roaming\GG\ggdrive\ggdrive-menu.dll (GG Network S.A.) CustomCLSID: HKU\S-1-5-21-2949551511-373755211-1111318044-1000_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\BM\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-2949551511-373755211-1111318044-1000_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\BM\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-2949551511-373755211-1111318044-1000_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\BM\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-2949551511-373755211-1111318044-1000_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\BM\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-2949551511-373755211-1111318044-1000_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\BM\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-2949551511-373755211-1111318044-1000_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\BM\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-2949551511-373755211-1111318044-1000_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\BM\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-2949551511-373755211-1111318044-1000_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\BM\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.) ==================== Restore Points ========================= 22-01-2015 12:41:41 Created by Wise Disk Cleaner 23-01-2015 13:55:03 Windows Update 27-01-2015 13:58:59 Windows Update ==================== Hosts content: ========================== (If needed Hosts: directive could be included in the fixlist to reset Hosts.) 2015-01-20 00:07 - 2015-01-22 13:06 - 00001269 ____A C:\Windows\system32\Drivers\etc\hosts 127.0.0.1 activate.adobe.com 127.0.0.1 3dns-3.adobe.com 127.0.0.1 adobe-dns-2.adobe.com 127.0.0.1 adobe-dns-3.adobe.com 127.0.0.1 ereg.wip3.adobe.com 127.0.0.1 activate-sea.adobe.com 127.0.0.1 wip3.adobe.com 127.0.0.1 wwis-dubc1-vip60.adobe.com 127.0.0.1 activate-sjc0.adobe.com 127.0.0.1 practivate.adobe.com 127.0.0.1 ereg.adobe.com 127.0.0.1 activate.wip3.adobe.com 127.0.0.1 3dns-2.adobe.com 127.0.0.1 adobe-dns.adobe.com ==================== Scheduled Tasks (whitelisted) ============= (If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.) Task: {0C51E893-9D27-4384-8A8C-6A8F019B3CEC} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2014-11-09] (AVAST Software) Task: {10993EC2-50A2-453D-B5F4-901CF7F29BD4} - System32\Tasks\AdobeAAMUpdater-1.0-BM-Komputer-BM => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2010-03-06] (Adobe Systems Incorporated) Task: {10D74290-48CD-47E5-B19B-2C0E20D66592} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-10-22] (Google Inc.) Task: {36A37E29-380F-4500-A031-D1FD984D8162} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-2949551511-373755211-1111318044-1000Core => C:\Users\BM\AppData\Local\Facebook\Update\FacebookUpdate.exe Task: {36B87246-4C68-42E8-A8F8-2BBC1778402A} - System32\Tasks\{2427C378-ACFA-482C-980A-C45639FF938D} => pcalua.exe -a C:\Users\BM\Downloads\googlemon(3).exe -d C:\Users\BM\Downloads Task: {3BB0515B-0D40-4DEF-B30C-3950F51E3670} - System32\Tasks\{D2DEBA73-4DDE-4B27-A5AE-D0CD4FCB13FE} => pcalua.exe -a C:\Users\BM\Downloads\irfanview_plugins_433_setup.exe -d "C:\Program Files (x86)\Mozilla Firefox" Task: {402076D7-30B3-4036-B446-888B8AC648E0} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-2949551511-373755211-1111318044-1000UA => C:\Users\BM\AppData\Local\Facebook\Update\FacebookUpdate.exe Task: {40FD1B00-D5DA-477A-B8A1-3D2C522C8F08} - System32\Tasks\{F02A48C8-95BA-4638-8442-3A514452DA07} => pcalua.exe -a C:\TEMP\GTAINSTALLER\SETUP.EXE -d C:\TEMP\GTAINSTALLER Task: {5538D342-15A1-45F5-9EE0-953D79052132} - System32\Tasks\{11F22A97-0946-4B63-8053-4C67FA6A3F68} => pcalua.exe -a "C:\Program Files (x86)\XFastUsb\Uninstall.exe" Task: {57EE4030-D9C5-44B8-A721-622AD663C4C3} - System32\Tasks\Paragon Archive name arc_030413000426092 => C:\Program Files (x86)\Paragon Software\Hard Disk Manager 12 Professional\program\scripts.exe Task: {6A654567-D747-4F86-B2BC-E6B92FCFF42E} - System32\Tasks\{D21F9D2B-A2EA-43E9-BEBA-71F8A3E3D51E} => pcalua.exe -a C:\Users\BM\Downloads\googlemon.exe -d "C:\Program Files (x86)\Mozilla Firefox" Task: {8D471B7B-D35F-4B2D-87FC-0C9E5892081B} - System32\Tasks\Java Update Scheduler => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2014-09-26] (Oracle Corporation) Task: {8F8E0E8B-D236-41AC-8992-CB06CC4F3852} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-10-22] (Google Inc.) Task: {9D860236-C50F-4264-BF00-FB5BE8567999} - System32\Tasks\Seagate_Install_Launch => C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\Dashboard.exe Task: {DA1FFED2-3F6C-47A1-83FC-854D51D899F0} - System32\Tasks\{809CE9AB-A60E-454E-A562-8A1D1ABE9F75} => pcalua.exe -a C:\Users\BM\Documents\dav2avimon-1.0\dav2avi\dhplayer.exe -d C:\Users\BM\Documents\dav2avimon-1.0\dav2avi Task: {E62F10C0-086D-4908-974E-6F3C858236EA} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-01-25] (Adobe Systems Incorporated) Task: {EB253384-11D9-4157-B749-9C147F8BFD0F} - System32\Tasks\{B178E1C2-8559-4568-866E-4691DDD60A34} => pcalua.exe -a "C:\Users\BM\Downloads\Photodex ProShow Gold 5.0.3222\SetUp.exe" -d "C:\Users\BM\Downloads\Photodex ProShow Gold 5.0.3222" Task: {FD685241-F150-417E-9EE3-E4D05E6F18D9} - System32\Tasks\{A1626C9E-D588-4B84-ADD0-6EE42FAF1B4B} => pcalua.exe -a C:\Users\BM\Downloads\googlemon(1).exe -d "C:\Program Files (x86)\Mozilla Firefox" Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe Task: C:\Windows\Tasks\Paragon Archive name arc_030413000426092.job => C:\Program Files (x86)\Paragon Software\Hard Disk Manager 12 Professional\program\scripts.exe ==================== Loaded Modules (whitelisted) ============= 2014-01-02 22:29 - 2013-01-18 16:00 - 00087328 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll 2014-12-08 11:10 - 2014-12-08 11:10 - 00102176 _____ () C:\Program Files (x86)\FileZilla FTP Client\fzshellext_64.dll 2007-03-23 16:36 - 2007-03-23 16:36 - 00022016 _____ () C:\Windows\System32\xrxs1l6.dll 2012-04-18 22:31 - 2010-04-05 20:55 - 00116104 _____ () C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE 2012-03-20 10:59 - 2012-03-20 10:59 - 03340288 _____ () C:\Program Files (x86)\OSCAR Editor X7\OscarEditor.exe 2013-05-09 11:21 - 2013-01-29 18:56 - 00069120 _____ () C:\Program Files (x86)\Canon\ImageBrowser EX\MFManager.exe 2012-04-17 19:54 - 2013-04-10 23:18 - 00186760 _____ () C:\Program Files (x86)\Photodex\ProShowGold\ScsiAccess.exe 2014-11-09 04:26 - 2014-11-09 04:26 - 00388208 _____ () C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxDDU.dll 2014-11-09 04:26 - 2014-11-09 04:26 - 05851328 _____ () C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxRT.dll 2010-04-07 01:45 - 2010-04-07 01:45 - 00050176 _____ () C:\Program Files\Adobe\Adobe Photoshop CS5 (64 Bit)\QuickTimeGlue.dll 2015-02-02 11:52 - 2015-02-02 11:52 - 02913280 _____ () C:\Program Files\AVAST Software\Avast\defs\15020200\algo.dll 2014-11-09 04:26 - 2014-11-09 04:26 - 04495336 _____ () C:\Program Files\AVAST Software\Avast\ng\vbox\x86\VBoxRT-x86.dll 2015-02-02 21:01 - 2015-02-02 21:01 - 02913280 _____ () C:\Program Files\AVAST Software\Avast\defs\15020201\algo.dll 2010-12-02 16:56 - 2010-12-02 16:56 - 00815104 _____ () C:\Program Files (x86)\OSCAR Editor X7\Data\X7\Forms\OSD_Text\OSD_Text.dll 2011-01-09 19:45 - 2011-01-09 19:45 - 00088064 _____ () C:\Program Files (x86)\OSCAR Editor X7\DLL\DLL_MouseDeviceManager.dll 2012-02-07 10:20 - 2012-02-07 10:20 - 02413568 _____ () C:\Program Files (x86)\OSCAR Editor X7\Data\X7\Forms\ScreenCapture\ScreenCapture.dll 2011-03-21 18:33 - 2011-03-21 18:33 - 00999424 _____ () C:\Program Files (x86)\OSCAR Editor X7\Data\X7\Forms\TrayIconWebAdvertisement\TrayIconWebAdvertisement.dll 2010-09-20 13:18 - 2010-09-20 13:18 - 00085504 _____ () C:\Program Files (x86)\OSCAR Editor X7\DLL\DLL_ZoomControl.dll 2010-09-20 13:18 - 2010-09-20 13:18 - 00054272 _____ () C:\Program Files (x86)\OSCAR Editor X7\DLL\DLL_ScrollbarControl.dll 2011-04-12 14:14 - 2011-04-12 14:14 - 00063488 _____ () C:\Program Files (x86)\OSCAR Editor X7\DLL\DLL_AnalyzeGesturesInRight.dll 2010-11-01 19:16 - 2010-11-01 19:16 - 00062976 _____ () C:\Program Files (x86)\OSCAR Editor X7\DLL\DLL_AnalyzeGesturesInOne.dll 2011-08-10 12:43 - 2011-08-10 12:43 - 00118272 _____ () C:\Program Files (x86)\OSCAR Editor X7\DLL\DLL_Wheel4D.dll 2013-05-09 11:21 - 2013-01-29 18:45 - 00112128 _____ () C:\Program Files (x86)\Canon\ImageBrowser EX\MFMFileSystemWatcher.dll 2014-10-22 01:22 - 2014-10-22 01:22 - 00750080 _____ () C:\Users\BM\AppData\Roaming\Dropbox\bin\libGLESv2.dll 2015-02-02 17:00 - 2015-02-02 17:00 - 00043008 _____ () c:\users\bm\appdata\local\temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmphosrrj.dll 2014-10-22 01:22 - 2014-10-22 01:22 - 00047616 _____ () C:\Users\BM\AppData\Roaming\Dropbox\bin\libEGL.dll 2014-10-22 01:22 - 2014-10-22 01:22 - 00863744 _____ () C:\Users\BM\AppData\Roaming\Dropbox\bin\plugins\platforms\qwindows.dll 2014-10-22 01:22 - 2014-10-22 01:22 - 00200704 _____ () C:\Users\BM\AppData\Roaming\Dropbox\bin\plugins\imageformats\qjpeg.dll 2014-01-28 13:33 - 2014-01-28 13:33 - 00045056 _____ () C:\Program Files (x86)\MonitorSoftware\jspWin.dll 2015-01-16 16:34 - 2015-01-16 16:34 - 00039200 _____ () C:\Program Files (x86)\FileZilla FTP Client\fzshellext.dll 2014-05-24 17:41 - 2014-05-24 17:41 - 00091648 _____ () C:\Program Files (x86)\FileZilla FTP Client\libgcc_s_sjlj-1.dll 2014-05-24 17:41 - 2014-05-24 17:41 - 00892416 _____ () C:\Program Files (x86)\FileZilla FTP Client\libstdc++-6.dll 2014-11-09 04:26 - 2014-11-09 04:26 - 38562088 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll 2014-01-28 13:33 - 2014-01-28 13:33 - 00077824 _____ () C:\Program Files (x86)\MonitorSoftware\TrayIcon12.dll 2013-01-09 11:49 - 2015-01-15 09:09 - 03347056 _____ () C:\Program Files (x86)\Mozilla Thunderbird\mozjs.dll 2013-01-09 11:49 - 2015-01-15 09:09 - 00158832 _____ () C:\Program Files (x86)\Mozilla Thunderbird\NSLDAP32V60.dll 2013-01-09 11:49 - 2015-01-15 09:09 - 00023152 _____ () C:\Program Files (x86)\Mozilla Thunderbird\NSLDAPPR32V60.dll 2013-01-18 21:29 - 2015-01-27 00:12 - 03925104 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll 2010-02-22 03:50 - 2010-02-22 03:50 - 00060416 _____ () C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\zlib1.dll ==================== Alternate Data Streams (whitelisted) ========= (If an entry is included in the fixlist, only the Alternate Data Streams will be removed.) ==================== Safe Mode (whitelisted) =================== (If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.) ==================== EXE Association (whitelisted) ============= (If an entry is included in the fixlist, the default will be restored. None default entries will be removed.) ==================== MSCONFIG/TASK MANAGER disabled items ========= (Currently there is no automatic fix for this section.) MSCONFIG\startupreg: LightScribe Control Panel => C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe -hidden ========================= Accounts: ========================== Administrator (S-1-5-21-2949551511-373755211-1111318044-500 - Administrator - Disabled) BM (S-1-5-21-2949551511-373755211-1111318044-1000 - Administrator - Enabled) => C:\Users\BM Gość (S-1-5-21-2949551511-373755211-1111318044-501 - Limited - Disabled) HomeGroupUser$ (S-1-5-21-2949551511-373755211-1111318044-1225 - Limited - Enabled) ==================== Faulty Device Manager Devices ============= Name: Description: Class Guid: Manufacturer: Service: Problem: : The drivers for this device are not installed. (Code 28) Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard. ==================== Event log errors: ========================= Application errors: ================== Error: (02/02/2015 05:40:19 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3006) (User: ZARZĄDZANIE NT) Description: Nie można odczytać ciągów licznika wydajności zdefiniowanych dla identyfikatora języka 015. Pierwszy wpis DWORD w sekcji danych (Data) zawiera kod błędu Win32. Error: (02/02/2015 05:40:19 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3006) (User: ZARZĄDZANIE NT) Description: Nie można odczytać ciągów licznika wydajności zdefiniowanych dla identyfikatora języka 015. Pierwszy wpis DWORD w sekcji danych (Data) zawiera kod błędu Win32. Error: (02/02/2015 05:19:04 PM) (Source: SideBySide) (EventID: 63) (User: ) Description: Nie można wygenerować kontekstu aktywacji dla "assemblyIdentity1". Błąd w pliku manifestu lub w pliku zasad "assemblyIdentity2" w wierszu assemblyIdentity3. Wartość "MAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINOR" atrybutu "version" elementu "assemblyIdentity" jest nieprawidłowa. Error: (02/02/2015 05:04:27 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3006) (User: ZARZĄDZANIE NT) Description: Nie można odczytać ciągów licznika wydajności zdefiniowanych dla identyfikatora języka 015. Pierwszy wpis DWORD w sekcji danych (Data) zawiera kod błędu Win32. Error: (02/02/2015 05:04:27 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3006) (User: ZARZĄDZANIE NT) Description: Nie można odczytać ciągów licznika wydajności zdefiniowanych dla identyfikatora języka 015. Pierwszy wpis DWORD w sekcji danych (Data) zawiera kod błędu Win32. Error: (02/02/2015 11:56:01 AM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3006) (User: ZARZĄDZANIE NT) Description: Nie można odczytać ciągów licznika wydajności zdefiniowanych dla identyfikatora języka 015. Pierwszy wpis DWORD w sekcji danych (Data) zawiera kod błędu Win32. Error: (02/02/2015 11:56:01 AM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3006) (User: ZARZĄDZANIE NT) Description: Nie można odczytać ciągów licznika wydajności zdefiniowanych dla identyfikatora języka 015. Pierwszy wpis DWORD w sekcji danych (Data) zawiera kod błędu Win32. Error: (02/01/2015 11:34:16 AM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3006) (User: ZARZĄDZANIE NT) Description: Nie można odczytać ciągów licznika wydajności zdefiniowanych dla identyfikatora języka 015. Pierwszy wpis DWORD w sekcji danych (Data) zawiera kod błędu Win32. Error: (02/01/2015 11:34:16 AM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3006) (User: ZARZĄDZANIE NT) Description: Nie można odczytać ciągów licznika wydajności zdefiniowanych dla identyfikatora języka 015. Pierwszy wpis DWORD w sekcji danych (Data) zawiera kod błędu Win32. Error: (02/01/2015 01:35:02 AM) (Source: SideBySide) (EventID: 63) (User: ) Description: Nie można wygenerować kontekstu aktywacji dla "assemblyIdentity1". Błąd w pliku manifestu lub w pliku zasad "assemblyIdentity2" w wierszu assemblyIdentity3. Wartość "MAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINOR" atrybutu "version" elementu "assemblyIdentity" jest nieprawidłowa. System errors: ============= Error: (02/02/2015 08:32:12 PM) (Source: Schannel) (EventID: 4120) (User: ZARZĄDZANIE NT) Description: Został wygenerowany następujący alert krytyczny: 10. Stan błędu wewnętrznego: 10. Error: (02/02/2015 05:00:16 PM) (Source: Service Control Manager) (EventID: 7026) (User: ) Description: Nie można załadować następujących sterowników startu rozruchowego lub systemowego: UimBus Uim_IM Error: (02/02/2015 11:51:50 AM) (Source: Service Control Manager) (EventID: 7026) (User: ) Description: Nie można załadować następujących sterowników startu rozruchowego lub systemowego: UimBus Uim_IM Error: (02/01/2015 11:29:58 AM) (Source: Service Control Manager) (EventID: 7026) (User: ) Description: Nie można załadować następujących sterowników startu rozruchowego lub systemowego: UimBus Uim_IM Error: (01/31/2015 11:02:42 PM) (Source: Service Control Manager) (EventID: 7026) (User: ) Description: Nie można załadować następujących sterowników startu rozruchowego lub systemowego: UimBus Uim_IM Error: (01/31/2015 02:15:21 PM) (Source: Service Control Manager) (EventID: 7026) (User: ) Description: Nie można załadować następujących sterowników startu rozruchowego lub systemowego: UimBus Uim_IM Error: (01/31/2015 02:11:53 PM) (Source: Service Control Manager) (EventID: 7026) (User: ) Description: Nie można załadować następujących sterowników startu rozruchowego lub systemowego: UimBus Uim_IM Error: (01/31/2015 02:02:45 PM) (Source: Service Control Manager) (EventID: 7026) (User: ) Description: Nie można załadować następujących sterowników startu rozruchowego lub systemowego: UimBus Uim_IM Error: (01/30/2015 10:27:02 AM) (Source: Service Control Manager) (EventID: 7026) (User: ) Description: Nie można załadować następujących sterowników startu rozruchowego lub systemowego: UimBus Uim_IM Error: (01/29/2015 09:36:04 PM) (Source: Schannel) (EventID: 4120) (User: ZARZĄDZANIE NT) Description: Został wygenerowany następujący alert krytyczny: 10. Stan błędu wewnętrznego: 10. Microsoft Office Sessions: ========================= CodeIntegrity Errors: =================================== Date: 2013-04-12 20:47:20.636 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\SysWOW64\FsUsbExDisk.Sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2013-04-12 20:47:20.558 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\SysWOW64\FsUsbExDisk.Sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2013-04-12 20:47:18.469 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\SysWOW64\FsUsbExDisk.Sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2013-04-12 20:47:18.392 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\SysWOW64\FsUsbExDisk.Sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2013-04-12 20:47:16.277 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\SysWOW64\FsUsbExDisk.Sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2013-04-12 20:47:16.200 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\SysWOW64\FsUsbExDisk.Sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2013-04-12 20:47:14.111 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\SysWOW64\FsUsbExDisk.Sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2013-04-12 20:47:14.032 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\SysWOW64\FsUsbExDisk.Sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2013-04-12 20:47:11.923 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\SysWOW64\FsUsbExDisk.Sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2013-04-12 20:47:11.848 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\SysWOW64\FsUsbExDisk.Sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. ==================== Memory info =========================== Processor: Intel(R) Core(TM) i5-2500K CPU @ 3.30GHz Percentage of memory in use: 63% Total physical RAM: 8174.7 MB Available physical RAM: 2945.3 MB Total Pagefile: 16747.57 MB Available Pagefile: 9953.9 MB Total Virtual: 8192 MB Available Virtual: 8191.83 MB ==================== Drives ================================ Drive c: (SSD) (Fixed) (Total:111.79 GB) (Free:33.08 GB) NTFS ==>[Drive with boot components (obtained from BCD)] Drive d: (TYSIAK) (Fixed) (Total:931.51 GB) (Free:3.07 GB) NTFS Drive g: (750GB_2014) (Fixed) (Total:698.64 GB) (Free:122.51 GB) NTFS Drive j: (My Book) (Fixed) (Total:1862.98 GB) (Free:2.81 GB) NTFS Drive t: (Seagate Backup Plus Drive) (Fixed) (Total:1863.01 GB) (Free:27.8 GB) NTFS ==================== MBR & Partition Table ================== ======================================================== Disk: 0 (MBR Code: Windows 7 or 8) (Size: 111.8 GB) (Disk ID: 8062B151) Partition 1: (Active) - (Size=111.8 GB) - (Type=07 NTFS) ======================================================== Disk: 1 (MBR Code: Windows XP) (Size: 698.6 GB) (Disk ID: 0113D8EB) Partition 1: (Active) - (Size=698.6 GB) - (Type=07 NTFS) ======================================================== Disk: 2 (MBR Code: Windows XP) (Size: 931.5 GB) (Disk ID: 7802A13C) Partition 1: (Not Active) - (Size=931.5 GB) - (Type=07 NTFS) ======================================================== Disk: 3 (MBR Code: Windows XP) (Size: 1863 GB) (Disk ID: 00021365) Partition 1: (Not Active) - (Size=1863 GB) - (Type=07 NTFS) ======================================================== Disk: 4 (Size: 1863 GB) (Disk ID: 2A5C1A81) Partition 1: (Active) - (Size=1863 GB) - (Type=07 NTFS) ==================== End Of Log ============================