Additional scan result of Farbar Recovery Scan Tool (x64) Version:18-05-2016 Ran by adam (2016-05-20 08:43:02) Running from D:\FRST64 Windows 7 Home Premium Service Pack 1 (X64) (2015-05-24 16:50:05) Boot Mode: Normal ========================================================== ==================== Accounts: ============================= adam (S-1-5-21-3595127932-1541083318-131603667-1001 - Administrator - Enabled) => C:\Users\adam Administrator (S-1-5-21-3595127932-1541083318-131603667-500 - Administrator - Disabled) Guest (S-1-5-21-3595127932-1541083318-131603667-501 - Limited - Disabled) HomeGroupUser$ (S-1-5-21-3595127932-1541083318-131603667-1003 - Limited - Enabled) UpdatusUser (S-1-5-21-3595127932-1541083318-131603667-1000 - Limited - Enabled) => C:\Users\UpdatusUser ==================== Security Center ======================== (If an entry is included in the fixlist, it will be removed.) AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B} AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736} ==================== Installed Programs ====================== (Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.) µTorrent (HKU\S-1-5-21-3595127932-1541083318-131603667-1001\...\uTorrent) (Version: 3.4.3.40298 - BitTorrent Inc.) Adobe Acrobat Reader DC - Polish (HKLM-x32\...\{AC76BA86-7AD7-1045-7B44-AC0F074E4100}) (Version: 15.009.20079 - Adobe Systems Incorporated) Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 19.0.0.213 - Adobe Systems Incorporated) Adobe Community Help (HKLM-x32\...\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 3.0.0.400 - Adobe Systems Incorporated) Adobe Creative Suite 5 Design Standard (HKLM-x32\...\{49DC7D87-B9F9-4782-9386-B7F13BC75E48}) (Version: 5.0 - Adobe Systems Incorporated) Adobe Flash Player 10 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 10.0.42.34 - Adobe Systems Incorporated) Adobe Flash Player 21 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 21.0.0.213 - Adobe Systems Incorporated) ASUS AI Recovery (HKLM-x32\...\{06585B02-F20D-4AB2-9A64-86EF2AE0F8F0}) (Version: 1.0.9 - ASUS) ATK Package (HKLM-x32\...\{AB5C933E-5C7D-4D30-B314-9C83A49B94BE}) (Version: 1.0.0003 - ASUS) Avast Free Antivirus (HKLM-x32\...\Avast) (Version: 11.1.2245 - AVAST Software) Conexant HD Audio (HKLM\...\CNXT_AUDIO_HDA) (Version: 4.98.18.65 - Conexant) CyberLink LabelPrint (HKLM-x32\...\InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}) (Version: 2.5.1908 - CyberLink Corp.) CyberLink Power2Go (HKLM-x32\...\InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 6.1.3602c - CyberLink Corp.) e-Deklaracje Desktop (HKLM-x32\...\e-Deklaracje.A1909296681C7ACEFE45687D3A64758C8659BF46.1) (Version: 8.0.7 - Ministerstwo Finansow) e-Deklaracje Desktop (x32 Version: 8.0.7 - Ministerstwo Finansow) Hidden Google Update Helper (x32 Version: 1.2.183.13 - Google Inc.) Hidden Intel(R) Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1007 - Intel Corporation) Intel(R) Graphics Media Accelerator Driver (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 8.15.10.2104 - Intel Corporation) Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 6.0.0.1179 - Intel Corporation) JMicron Ethernet Adapter NDIS Driver (HKLM-x32\...\{96DCEE2F-98EE-4F80-8C0F-7C04D1FB9D7F}) (Version: 6.0.17.1 - JMicron Technology Corp.) JMicron Flash Media Controller Driver (HKLM-x32\...\{26604C7E-A313-4D12-867F-7C6E7820BE4C}) (Version: 1.0.33.2 - JMicron Technology Corp.) Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation) Microsoft Office Home and Business 2010 (HKLM-x32\...\Office14.SingleImage) (Version: 14.0.7015.1000 - Microsoft Corporation) Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.40728.0 - Microsoft Corporation) Microsoft Sync Framework Runtime Native v1.0 (x86) (HKLM-x32\...\{8A74E887-8F0F-4017-AF53-CBA42211AAA5}) (Version: 1.0.1215.0 - Microsoft Corporation) Microsoft Sync Framework Services Native v1.0 (x86) (HKLM-x32\...\{BD64AF4A-8C80-4152-AD77-FCDDF05208AB}) (Version: 1.0.1215.0 - Microsoft Corporation) Mozilla Firefox 41.0.2 (x86 pl) (HKLM-x32\...\Mozilla Firefox 41.0.2 (x86 pl)) (Version: 41.0.2 - Mozilla) Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 41.0.2.5765 - Mozilla) MSXML 4.0 SP3 Parser (KB2758694) (HKLM-x32\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation) MSXML 4.0 SP3 Parser (KB973685) (HKLM-x32\...\{859DFA95-E4A6-48CD-B88E-A3E483E89B44}) (Version: 4.30.2107.0 - Microsoft Corporation) NVIDIA Graphics Driver 327.02 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 327.02 - NVIDIA Corporation) PDF Settings CS5 (x32 Version: 10.0 - Adobe Systems Incorporated) Hidden Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version: - Microsoft) The KMPlayer (remove only) (HKLM-x32\...\The KMPlayer) (Version: 3.5.0.77 - KMP Media co., Ltd) USB 2.0 VGA UVC WebCam (HKLM\...\USB 2.0 VGA UVC WebCam) (Version: - ) WinFlash (HKLM-x32\...\{8F21291E-0444-4B1D-B9F9-4370A73E346D}) (Version: 2.30.1 - ASUS) WinRAR 5.20 (64-bitowy) (HKLM\...\WinRAR archiver) (Version: 5.20.0 - win.rar GmbH) Wireless Console 3 (HKLM-x32\...\{20FDF948-C8ED-4543-A539-F7F4AEF5AFA2}) (Version: 3.0.15 - ASUS) Wtyczka e-Deklaracje (HKLM-x32\...\{81BF6353-3C5B-4E6E-A566-7E162A00BF72}_is1) (Version: 4.1.0 - Ministerstwo Finansów) ==================== Custom CLSID (Whitelisted): ========================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) ==================== Scheduled Tasks (Whitelisted) ============= (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) Task: {2AA49770-BDE7-492E-9619-F5554CD3A5B6} - System32\Tasks\AVAST Software\Avast settings backup => C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe [2016-03-21] (AVAST Software) Task: {47F232CF-74F0-43CC-9CB7-59800D992A90} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2015-12-10] (AVAST Software) Task: {4B6EE67A-8379-4E09-A66D-D416F431CACB} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-04-30] (Adobe Systems Incorporated) Task: {9AB6EC50-94F2-4AA8-86A8-5B30CEB46B3D} - System32\Tasks\WC3 => C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe [2010-01-05] () Task: {C7CF7F7F-748F-4429-9E8B-B1805883D97B} - System32\Tasks\AdobeAAMUpdater-1.0-pointblank-adam => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2010-03-06] (Adobe Systems Incorporated) Task: {E2BDC824-485E-44FA-9FFA-F357F4AD0134} - \Softcomp Software Viewer -> No File <==== ATTENTION Task: {EF755520-6D82-4F23-928F-BDD6B8A87723} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-10-28] (Adobe Systems Incorporated) (If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.) Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe ==================== Shortcuts ============================= (The entries could be listed to be restored or removed.) ==================== Loaded Modules (Whitelisted) ============== 2015-05-31 12:15 - 2013-08-29 22:43 - 00097568 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll 2013-09-05 02:36 - 2013-09-05 02:36 - 00013088 _____ () C:\Program Files\NVIDIA Corporation\CoProcManager\detoured.dll 2010-01-05 00:43 - 2010-01-05 00:43 - 01597440 _____ () C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe 2015-12-10 15:06 - 2015-12-10 15:06 - 00103888 _____ () C:\Program Files\AVAST Software\Avast\log.dll 2015-12-10 15:06 - 2015-12-10 15:06 - 00125512 _____ () C:\Program Files\AVAST Software\Avast\JsonRpcServer.dll 2016-05-20 00:08 - 2016-05-20 00:08 - 02909696 _____ () C:\Program Files\AVAST Software\Avast\defs\16051802\algo.dll 2016-04-30 09:07 - 2016-04-30 09:07 - 00510368 _____ () C:\Program Files\AVAST Software\Avast\ffl2.dll 2015-12-10 15:06 - 2015-12-10 15:06 - 40539648 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll 2009-11-02 21:20 - 2009-11-02 21:20 - 00619816 _____ () C:\Program Files (x86)\CyberLink\Power2Go\CLMediaLibrary.dll 2009-11-02 21:23 - 2009-11-02 21:23 - 00013096 _____ () C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvcPS.dll ==================== Alternate Data Streams (Whitelisted) ========= (If an entry is included in the fixlist, only the ADS will be removed.) ==================== Safe Mode (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.) ==================== Association (Whitelisted) =============== (If an entry is included in the fixlist, the registry item will be restored to default or removed.) ==================== Internet Explorer trusted/restricted =============== (If an entry is included in the fixlist, it will be removed from the registry.) ==================== Hosts content: =============================== (If needed Hosts: directive could be included in the fixlist to reset Hosts.) 2009-07-14 02:34 - 2009-06-10 21:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts ==================== Other Areas ============================ (Currently there is no automatic fix for this section.) HKU\S-1-5-21-3595127932-1541083318-131603667-1001\Control Panel\Desktop\\Wallpaper -> DNS Servers: Media is not connected to internet. HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1) Windows Firewall is enabled. ==================== MSCONFIG/TASK MANAGER disabled items == (Currently there is no automatic fix for this section.) MSCONFIG\startupreg: ADSMTray => C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ADSMTray.exe ==================== FirewallRules (Whitelisted) =============== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) ==================== Restore Points ========================= 19-05-2016 21:53:31 Removed Acrobat.com 19-05-2016 22:10:00 Removed Adobe Media Player 19-05-2016 22:12:55 Removed ASUS CopyProtect 19-05-2016 22:39:44 Removed ASUS Data Security Manager 19-05-2016 22:43:02 Removed ASUS FancyStart 19-05-2016 22:44:18 Removed ASUS LifeFrame3 19-05-2016 22:52:04 Removed ASUS Live Update 19-05-2016 22:54:10 Removed ASUS MultiFrame 19-05-2016 22:55:33 Removed ASUS Power4Gear Hybrid 19-05-2016 22:56:43 Removed ASUS SmartLogon 19-05-2016 22:57:36 Removed ASUS Virtual Camera 19-05-2016 23:01:38 Configured LabelPrint 19-05-2016 23:17:04 Configured Power2Go 19-05-2016 23:56:04 Restore Point Created by FRST ==================== Faulty Device Manager Devices ============= ==================== Event log errors: ========================= Application errors: ================== Error: (05/20/2016 12:23:08 AM) (Source: Application Error) (EventID: 1000) (User: ) Description: Faulting application name: firefox.exe, version: 41.0.2.5765, time stamp: 0x561ee543 Faulting module name: ntdll.dll, version: 6.1.7601.18247, time stamp: 0x521ea8e7 Exception code: 0xc0000005 Fault offset: 0x0003cbc6 Faulting process id: 0x8fc Faulting application start time: 0xfirefox.exe0 Faulting application path: firefox.exe1 Faulting module path: firefox.exe2 Report Id: firefox.exe3 Error: (05/19/2016 11:56:04 PM) (Source: VSS) (EventID: 8194) (User: ) Description: Volume Shadow Copy Service error: Unexpected error querying for the IVssWriterCallback interface. hr = 0x80070005, Access is denied. . This is often caused by incorrect security settings in either the writer or requestor process. Operation: Gathering Writer Data Context: Writer Class Id: {e8132975-6f93-4464-a53e-1050253ae220} Writer Name: System Writer Writer Instance ID: {01cb9f44-26ba-426f-ac21-1258a38cf3a2} Error: (05/18/2016 06:38:56 PM) (Source: Microsoft-Windows-RestartManager) (EventID: 10007) (User: pointblank) Description: Application or service 'McNeel Update Service 5.0' could not be restarted. Error: (04/30/2016 09:17:24 AM) (Source: MsiInstaller) (EventID: 1024) (User: pointblank) Description: Product: Adobe Acrobat Reader DC - Polish - Update '{AC76BA86-7AD7-0000-2550-AC0F0A4E5C00}' could not be installed. Error code 1625. Windows Installer can create logs to help troubleshoot issues with installing software packages. Use the following link for instructions on turning on logging support: http://go.microsoft.com/fwlink/?LinkId=23127 Error: (04/30/2016 07:35:25 AM) (Source: MsiInstaller) (EventID: 11730) (User: pointblank) Description: Product: e-Deklaracje Desktop -- Error 1730. You must be an Administrator to remove this application. To remove this application, you can log on as an Administrator, or contact your technical support group for assistance. Error: (02/03/2016 05:19:53 PM) (Source: MsiInstaller) (EventID: 11935) (User: pointblank) Description: Product: Rhinoceros 5 (64-bit) -- Error 1935. (1)An error occurred during the installation of assembly 'Microsoft.VC80.MFCLOC,version="8.0.50727.6195",publicKeyToken="1fc8b3b9a1e18e3b",processorArchitecture="amd64",type="win32"'. Please refer to Help and Support for more information. HRESULT: 0x80070091. assembly interface: IAssemblyCacheItem, function: Commit, component: {608113E0-F3B6-C6EE-A01F-C8B3B9A1E18E} Error: (02/03/2016 05:18:02 PM) (Source: SideBySide) (EventID: 33) (User: ) Description: Activation context generation failed for "Microsoft.VC80.CRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50727.6195"1". Dependent Assembly Microsoft.VC80.CRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50727.6195" could not be found. Please use sxstrace.exe for detailed diagnosis. Error: (02/03/2016 05:18:02 PM) (Source: SideBySide) (EventID: 33) (User: ) Description: Activation context generation failed for "Microsoft.VC80.CRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50727.6195"1". Dependent Assembly Microsoft.VC80.CRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50727.6195" could not be found. Please use sxstrace.exe for detailed diagnosis. Error: (02/03/2016 05:18:02 PM) (Source: SideBySide) (EventID: 33) (User: ) Description: Activation context generation failed for "Microsoft.VC80.CRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50727.6195"1". Dependent Assembly Microsoft.VC80.CRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50727.6195" could not be found. Please use sxstrace.exe for detailed diagnosis. Error: (02/03/2016 05:18:02 PM) (Source: SideBySide) (EventID: 33) (User: ) Description: Activation context generation failed for "Microsoft.VC80.CRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50727.6195"1". Dependent Assembly Microsoft.VC80.CRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50727.6195" could not be found. Please use sxstrace.exe for detailed diagnosis. System errors: ============= Error: (05/19/2016 11:56:50 PM) (Source: DCOM) (EventID: 10010) (User: ) Description: {F9717507-6651-4EDB-BFF7-AE615179BCCF} Error: (05/19/2016 11:55:56 PM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: The Windows Search service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 30000 milliseconds: Restart the service. Error: (05/19/2016 11:55:55 PM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: The Print Spooler service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service. Error: (05/19/2016 11:55:54 PM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: The Windows Media Player Network Sharing Service service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 30000 milliseconds: Restart the service. Error: (05/19/2016 11:55:51 PM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: The Intel(R) Management & Security Application User Notification Service service terminated unexpectedly. It has done this 1 time(s). Error: (05/19/2016 11:55:51 PM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: The Adobe Acrobat Update Service service terminated unexpectedly. It has done this 1 time(s). Error: (05/19/2016 11:55:51 PM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: The Microsoft .NET Framework NGEN v4.0.30319_X86 service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 120000 milliseconds: Restart the service. Error: (05/19/2016 11:55:51 PM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: The NVIDIA Update Service Daemon service terminated unexpectedly. It has done this 1 time(s). Error: (05/19/2016 11:55:51 PM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: The Windows Modules Installer service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 120000 milliseconds: Restart the service. Error: (05/19/2016 11:55:49 PM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: The Privoxy (PrivoxyService) service terminated unexpectedly. It has done this 1 time(s). ==================== Memory info =========================== Processor: Intel(R) Pentium(R) CPU P6000 @ 1.87GHz Percentage of memory in use: 90% Total physical RAM: 1900.49 MB Available physical RAM: 173.96 MB Total Virtual: 3800.98 MB Available Virtual: 1637.23 MB ==================== Drives ================================ Drive c: (OS) (Fixed) (Total:60.27 GB) (Free:26.62 GB) NTFS ==>[system with boot components (obtained from drive)] Drive d: (DATA) (Fixed) (Total:120.47 GB) (Free:22.91 GB) NTFS Drive f: (DATA1) (Fixed) (Total:120.9 GB) (Free:17.56 GB) NTFS Drive g: (DATA2) (Fixed) (Total:120.06 GB) (Free:8.21 GB) NTFS ==================== MBR & Partition Table ================== ======================================================== Disk: 0 (Size: 465.8 GB) (Disk ID: E0C5913D) Partition 1: (Not Active) - (Size=19.5 GB) - (Type=1C) Partition 2: (Active) - (Size=60.3 GB) - (Type=07 NTFS) Partition 3: (Not Active) - (Size=386 GB) - (Type=05) ==================== End of Addition.txt ============================