Additional scan result of Farbar Recovery Scan Tool (x64) Version: 13-11-2014 Ran by Patrycjusz at 2014-11-14 17:52:36 Running from C:\Users\Patrycjusz\Desktop\New folder (2) Boot Mode: Normal ========================================================== ==================== Security Center ======================== (If an entry is included in the fixlist, it will be removed.) AV: McAfee Anti-Virus and Anti-Spyware (Enabled - Up to date) {ADA629C7-7F48-5689-624A-3B76997E0892} AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: McAfee Anti-Virus and Anti-Spyware (Enabled - Up to date) {16C7C823-5972-5907-58FA-0004E2F9422F} AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} FW: McAfee Firewall (Enabled) {959DA8E2-3527-57D1-4915-924367AD4FE9} ==================== Installed Programs ====================== (Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.) 7-Zip 9.20 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov) Adobe Reader XI (11.0.09) - Polish (HKLM-x32\...\{AC76BA86-7AD7-1045-7B44-AB0000000001}) (Version: 11.0.09 - Adobe Systems Incorporated) Adobe Shockwave Player 12.0 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.0.3.133 - Adobe Systems, Inc.) Aloha TriPeaks (x32 Version: 2.2.0.98 - WildTangent) Hidden Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment) Bejeweled 3 (x32 Version: 2.2.0.98 - WildTangent) Hidden Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.) Build-a-lot (x32 Version: 2.2.0.98 - WildTangent) Hidden Counter-Strike: Global Offensive (HKLM-x32\...\Steam App 730) (Version: - Valve) Cradle of Rome 2 (x32 Version: 2.2.0.98 - WildTangent) Hidden Crazy Chicken Soccer (x32 Version: 2.2.0.110 - WildTangent) Hidden CyberLink LabelPrint (HKLM-x32\...\InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}) (Version: 2.5.4.6515 - CyberLink Corp.) CyberLink Media Suite 10 (HKLM-x32\...\InstallShield_{1FBF6C24-C1fD-4101-A42B-0C564F9E8E79}) (Version: 10.0.6.3728 - CyberLink Corp.) Cyberlink PhotoDirector (HKLM-x32\...\InstallShield_{39337565-330E-4ab6-A9AE-AC81E0720B10}) (Version: 3.0.2.4128 - CyberLink Corp.) CyberLink Power2Go 8 (HKLM-x32\...\InstallShield_{2A87D48D-3FDF-41fd-97CD-A1E370EFFFE2}) (Version: 8.0.4.3130 - CyberLink Corp.) CyberLink PowerDirector 10 (HKLM-x32\...\InstallShield_{B0B4F6D2-F2AE-451A-9496-6F2F6A897B32}) (Version: 10.0.4.3122 - CyberLink Corp.) CyberLink YouCam (HKLM-x32\...\InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 5.0.1.3202 - CyberLink Corp.) D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden DAEMON Tools Ultra (HKLM-x32\...\DAEMON Tools Ultra) (Version: 2.4.0.0280 - Disc Soft Ltd) Diablo III (HKLM-x32\...\Diablo III) (Version: - Blizzard Entertainment) Energy Star (HKLM-x32\...\{FC0ADA4D-8FA5-4452-8AFF-F0A0BAC97EF7}) (Version: 1.0.9 - Hewlett-Packard Company) Farm Frenzy (x32 Version: 2.2.0.98 - WildTangent) Hidden Google Chrome (HKLM-x32\...\Google Chrome) (Version: 38.0.2125.122 - Google Inc.) Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden Governor of Poker 2 Premium Edition (x32 Version: 2.2.0.110 - WildTangent) Hidden Hewlett-Packard ACLM.NET v1.2.2.3 (x32 Version: 1.00.0000 - Hewlett-Packard Company) Hidden HitmanPro 3.7 (HKLM\...\HitmanPro37) (Version: 3.7.9.232 - SurfRight B.V.) HP 3D DriveGuard (HKLM-x32\...\{F90A86C9-7779-47DD-AC06-8EE832C55F55}) (Version: 6.0.18.1 - Hewlett-Packard Company) HP Connected Music (Meridian - installer) (HKLM-x32\...\StartHPConnectedMusic) (Version: 1.0 - Meridian Audio Ltd) HP CoolSense (HKLM-x32\...\{59F8C5AA-91BD-423D-BF05-09A80F39898F}) (Version: 2.10.62 - Hewlett-Packard Company) HP Documentation (HKLM-x32\...\{1154543C-D5D0-49BE-A004-82EE0A3746AE}) (Version: 1.1.0.0 - Hewlett-Packard) HP Registration Service (HKLM\...\{D1E8F2D7-7794-4245-B286-87ED86C1893C}) (Version: 1.2.7045.4591 - Hewlett-Packard) HP SimplePass (HKLM-x32\...\InstallShield_{314FAD12-F785-4471-BCE8-AB506642B9A1}) (Version: 8.00.57 - Hewlett-Packard) HP Support Assistant (HKLM-x32\...\{E35A3B13-78CD-4967-8AC8-AA9FDA693EDE}) (Version: 7.4.45.4 - Hewlett-Packard Company) HP System Event Utility (HKLM-x32\...\{DEF23826-DB71-4654-BC00-D5D6C20802EA}) (Version: 1.1.4 - Hewlett-Packard Company) HP Utility Center (HKLM\...\{AED1C141-3AFC-47FE-AE90-C820AA60B103}) (Version: 2.2.5 - Hewlett-Packard Company) HP Wireless Button Driver (HKLM-x32\...\{30B2D1D8-0A07-4B71-9553-0710C5D31E35}) (Version: 1.1.2.1 - Hewlett-Packard Company) IDT Audio (HKLM-x32\...\{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}) (Version: 1.0.6491.0 - IDT) Inst5675 (Version: 8.00.57 - Softex Inc.) Hidden Inst5676 (Version: 8.00.57 - Softex Inc.) Hidden Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.5.13.1706 - Intel Corporation) Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3304 - Intel Corporation) Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 12.8.1.1000 - Intel Corporation) Intel(R) Smart Connect Technology (HKLM\...\{9B5FD763-5074-474C-B898-24567E6450C8}) (Version: 4.2.40.2439 - Intel Corporation) Java 7 Update 67 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F03217067FF}) (Version: 7.0.670 - Oracle) Jewel Match 3 (x32 Version: 2.2.0.98 - WildTangent) Hidden Jewel Quest II (x32 Version: 2.2.0.97 - WildTangent) Hidden League of Legends (HKLM-x32\...\League of Legends 3.0.1) (Version: 3.0.1 - Riot Games) League of Legends (x32 Version: 3.0.1 - Riot Games) Hidden Mahjongg Artifacts (x32 Version: 2.2.0.110 - WildTangent) Hidden Malwarebytes Anti-Malware wersja 2.0.3.1025 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.3.1025 - Malwarebytes Corporation) McAfee LiveSafe - Internet Security (HKLM-x32\...\MSC) (Version: 12.8.992 - McAfee, Inc.) Microsoft Office Professional Plus 2013 (HKLM\...\Office15.PROPLUS) (Version: 15.0.4420.1017 - Microsoft Corporation) Microsoft SkyDrive (HKU\S-1-5-21-1542458404-1444137664-256976008-1002\...\SkyDriveSetup.exe) (Version: 16.4.6013.0910 - Microsoft Corporation) Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (HKLM\...\{350AA351-21FA-3270-8B7A-835434E766AD}) (Version: 9.0.21022 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (HKLM-x32\...\{15134cb0-b767-4960-a911-f2d16ae54797}) (Version: 11.0.50727.1 - Microsoft Corporation) Movie Maker (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden Mozilla Firefox 33.1 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 33.1 (x86 en-US)) (Version: 33.1 - Mozilla) Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 33.1 - Mozilla) MSVCRT110_amd64 (Version: 16.4.1109.0912 - Microsoft) Hidden Narzędzia sprawdzające pakietu Microsoft Office 2013 — polski (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden NVIDIA GeForce Experience 2.1.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.1.1 - NVIDIA Corporation) NVIDIA Graphics Driver 344.48 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 344.48 - NVIDIA Corporation) NVIDIA PhysX System Software 9.14.0702 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.14.0702 - NVIDIA Corporation) Photo Common (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden Photo Gallery (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden Plants vs. Zombies - Game of the Year (x32 Version: 2.2.0.98 - WildTangent) Hidden Polar Bowler (x32 Version: 2.2.0.97 - WildTangent) Hidden Ralink Bluetooth Stack64 (HKLM\...\{8A2E2A41-B814-407E-2F96-4E433C42AB78}) (Version: 11.0.739.0 - Mediatek) Ralink RT3290 802.11bgn Wi-Fi Adapter (HKLM-x32\...\{8FC4F1DD-F7FD-4766-804D-3C8FF1D309AF}) (Version: 5.0.29.8105 - Mediatek) Ranch Rush 2 - Premium Edition (x32 Version: 2.2.0.98 - WildTangent) Hidden Razer Cortex (HKLM-x32\...\Razer Cortex_is1) (Version: 5.0.89.0 - Razer Inc.) Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 6.2.9200.21239 - Realtek Semiconductor Corp.) Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.19.726.2013 - Realtek) SHIELD Streaming (Version: 3.1.100 - NVIDIA Corporation) Hidden Skype Click to Call (HKLM-x32\...\{6D1221A9-17BF-4EC0-81F2-27D30EC30701}) (Version: 7.3.16540.9015 - Microsoft Corporation) Skype™ 6.21 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 6.21.104 - Skype Technologies S.A.) Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation) swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 17.0.8.0 - Synaptics Incorporated) TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.16 - TeamSpeak Systems GmbH) Trinklit Supreme (x32 Version: 2.2.0.98 - WildTangent) Hidden Update Installer for WildTangent Games App (x32 Version: - WildTangent) Hidden Vacation Quest™ - Australia (x32 Version: 3.0.2.32 - WildTangent) Hidden Validity WBF DDK (HKLM\...\{21498212-1146-4540-8A81-6A1328BA19F2}) (Version: 4.5.228.0 - Validity Sensors, Inc.) Virtual Families (x32 Version: 2.2.0.98 - WildTangent) Hidden Wedding Dash (x32 Version: 2.2.0.95 - WildTangent) Hidden WildTangent Games (HKLM-x32\...\WildTangent wildgames Master Uninstall) (Version: 1.0.4.0 - WildTangent) WildTangent Games App (HP Games) (x32 Version: 4.0.10.15 - WildTangent) Hidden Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3508.0205 - Microsoft Corporation) ==================== Custom CLSID (selected items): ========================== (If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.) CustomCLSID: HKU\S-1-5-21-1542458404-1444137664-256976008-1002_Classes\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}\InprocServer32 -> C:\Users\Patrycjusz\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\amd64\SkyDriveShell64.dll (Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-1542458404-1444137664-256976008-1002_Classes\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}\InprocServer32 -> C:\Users\Patrycjusz\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\amd64\SkyDriveShell64.dll (Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-1542458404-1444137664-256976008-1002_Classes\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}\InprocServer32 -> C:\Users\Patrycjusz\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\amd64\SkyDriveShell64.dll (Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-1542458404-1444137664-256976008-1002_Classes\CLSID\{F8071786-1FD0-4A66-81A1-3CBE29274458}\InprocServer32 -> C:\Users\Patrycjusz\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\amd64\FileSyncApi64.dll (Microsoft Corporation) ==================== Restore Points ========================= ==================== Hosts content: ========================== (If needed Hosts: directive could be included in the fixlist to reset Hosts.) 2013-08-22 13:25 - 2013-08-22 13:25 - 00000824 ____N C:\Windows\system32\Drivers\etc\hosts ==================== Scheduled Tasks (whitelisted) ============= (If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.) Task: {02964302-EE58-4818-88E9-B03F84D3F37A} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office\Office15\msoia.exe [2012-10-01] (Microsoft Corporation) Task: {068EB8A5-CB8A-4AAC-84AE-A92925EFFD49} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [2014-09-22] (Hewlett-Packard) Task: {0DD21480-9898-44E2-B74D-4C910E13F14D} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Update Check => C:\ProgramData\Hewlett-Packard\HP Support Framework\Resources\Updater7\HPSFUpdater.exe [2014-05-12] (Hewlett-Packard Company) Task: {1D56EEB5-C0D9-4970-9487-4970275F5266} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2013-11-04] (Hewlett-Packard Company) Task: {262195E6-81AD-4940-9C7C-D1CAF1B4232F} - System32\Tasks\Hewlett-Packard\HP CoolSense\HP CoolSense Start at Logon => C:\Program Files (x86)\Hewlett-Packard\HP CoolSense\CoolSense.exe [2013-06-07] (Hewlett-Packard Development Company, L.P.) Task: {3B39C300-6F14-4B60-97CA-81B8580B3D4D} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\Windows\system32\MRT.exe [2014-10-16] (Microsoft Corporation) Task: {57298062-573F-4C6A-A2E4-FED6A358345A} - System32\Tasks\HPCeeScheduleForPatrycjusz => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2011-07-15] (Hewlett-Packard) Task: {6B6E51F3-F3D4-498C-9D4D-77CF96CD3443} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe [2012-10-01] (Microsoft Corporation) Task: {7E657FF5-0934-47A4-A1A6-6B567A069D17} - System32\Tasks\Synaptics TouchPad Enhancements => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2013-08-02] (Synaptics Incorporated) Task: {7F8478B2-21D5-4343-984E-9AFEBC2D5425} - System32\Tasks\CLVDLauncher => C:\Program Files (x86)\CyberLink\Power2Go8\CLVDLauncher.exe [2013-03-12] (CyberLink Corp.) Task: {95A9F13C-B0B8-4A09-B3A7-CCFB0DC6DE70} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2013-11-04] (Hewlett-Packard Company) Task: {A11AD238-EFC9-4984-845B-EFCF03545CE4} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-11-13] (Google Inc.) Task: {C167168C-52A4-4400-B926-AF04B1309A63} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker_DeviceScan => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [2014-09-22] (Hewlett-Packard) Task: {C2FC588F-C063-404E-96E5-16E79366CAA7} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-11-13] (Google Inc.) Task: {C49BBA94-F59A-42FC-8F36-64B6965EB745} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office\Office15\msoia.exe [2012-10-01] (Microsoft Corporation) Task: {E7A9607A-A219-4135-81D8-5728CC904E0A} - System32\Tasks\CLMLSvc_P2G8 => C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe [2013-03-12] (CyberLink) Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\HPCeeScheduleForPatrycjusz.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe ==================== Loaded Modules (whitelisted) ============= 2013-10-14 10:23 - 2013-10-14 10:23 - 00109568 _____ () C:\Program Files\Hewlett-Packard\SimplePass\cachesrvr.exe 2013-10-14 10:24 - 2013-10-14 10:24 - 00627200 _____ () C:\Program Files\Hewlett-Packard\SimplePass\cachedrv.dll 2013-10-14 10:25 - 2013-10-14 10:25 - 02541056 _____ () C:\Program Files\Hewlett-Packard\SimplePass\autheng.dll 2013-10-14 10:22 - 2013-10-14 10:22 - 00035328 _____ () C:\Program Files\Hewlett-Packard\SimplePass\ssplogon.dll 2013-10-14 10:22 - 2013-10-14 10:22 - 00055296 _____ () C:\Program Files\Hewlett-Packard\SimplePass\RandomPass.dll 2013-10-14 10:22 - 2013-10-14 10:22 - 00021504 _____ () C:\Program Files\Hewlett-Packard\SimplePass\cryptodll.dll 2013-10-14 10:35 - 2013-10-14 10:35 - 00306064 _____ () C:\Program Files\Hewlett-Packard\SimplePass\mstrpwd.dll 2013-10-14 10:35 - 2013-10-14 10:35 - 01297296 _____ () C:\Program Files\Hewlett-Packard\SimplePass\GraphicalPwd.dll 2013-08-12 18:06 - 2013-08-12 18:06 - 00198120 _____ () C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe 2013-08-12 18:06 - 2013-08-12 18:06 - 00054760 _____ () C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\NetworkHeuristic.dll 2013-08-12 18:06 - 2013-08-12 18:06 - 00034792 _____ () C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\ISCTNetMon.dll 2014-05-09 22:57 - 2014-10-16 14:11 - 00116880 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll 2013-10-14 10:30 - 2013-10-14 10:30 - 00065024 _____ () C:\Program Files\Hewlett-Packard\SimplePass\opvapp.exe 2014-05-09 22:57 - 2013-08-09 12:25 - 01242584 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll 2014-05-09 23:12 - 2013-03-12 14:51 - 00626240 _____ () C:\Program Files (x86)\CyberLink\Power2Go8\CLMediaLibrary.dll 2013-03-12 21:53 - 2013-03-12 21:53 - 00015424 _____ () C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvcPS.dll 2014-11-13 22:49 - 2014-11-05 23:56 - 01042760 _____ () C:\Program Files (x86)\Google\Chrome\Application\38.0.2125.122\libglesv2.dll 2014-11-13 22:49 - 2014-11-05 23:56 - 00211272 _____ () C:\Program Files (x86)\Google\Chrome\Application\38.0.2125.122\libegl.dll 2014-11-13 22:49 - 2014-11-05 23:57 - 08911176 _____ () C:\Program Files (x86)\Google\Chrome\Application\38.0.2125.122\pdf.dll 2014-11-13 22:49 - 2014-11-05 23:56 - 01681224 _____ () C:\Program Files (x86)\Google\Chrome\Application\38.0.2125.122\ffmpegsumo.dll 2014-10-29 21:22 - 2014-10-29 21:22 - 26065408 _____ () C:\Program Files (x86)\Battle.net\Battle.net.5191\libcef.dll 2014-10-29 21:22 - 2014-10-29 21:22 - 00739840 _____ () C:\Program Files (x86)\Battle.net\Battle.net.5191\libGLESv2.dll 2014-10-29 21:22 - 2014-10-29 21:22 - 00905216 _____ () C:\Program Files (x86)\Battle.net\Battle.net.5191\platforms\qwindows.dll 2014-10-29 21:22 - 2014-10-29 21:22 - 00130048 _____ () C:\Program Files (x86)\Battle.net\Battle.net.5191\libEGL.dll 2014-10-29 21:22 - 2014-10-29 21:22 - 00020992 _____ () C:\Program Files (x86)\Battle.net\Battle.net.5191\imageformats\qgif.dll 2014-10-29 21:22 - 2014-10-29 21:22 - 00020992 _____ () C:\Program Files (x86)\Battle.net\Battle.net.5191\imageformats\qico.dll 2014-10-29 21:22 - 2014-10-29 21:22 - 00205312 _____ () C:\Program Files (x86)\Battle.net\Battle.net.5191\imageformats\qjpeg.dll 2014-10-29 21:22 - 2014-10-29 21:22 - 00225792 _____ () C:\Program Files (x86)\Battle.net\Battle.net.5191\imageformats\qmng.dll 2014-10-29 21:22 - 2014-10-29 21:22 - 00312832 _____ () C:\Program Files (x86)\Battle.net\Battle.net.5191\imageformats\qtiff.dll 2014-10-29 21:22 - 2014-10-29 21:22 - 00010240 _____ () C:\Program Files (x86)\Battle.net\Battle.net.5191\qml\QtQuick.2\qtquick2plugin.dll 2014-10-29 21:22 - 2014-10-29 21:22 - 00054272 _____ () C:\Program Files (x86)\Battle.net\Battle.net.5191\qml\QtQuick\Layouts\qquicklayoutsplugin.dll 2014-10-29 21:22 - 2014-10-29 21:22 - 00010240 _____ () C:\Program Files (x86)\Battle.net\Battle.net.5191\qml\QtQml\Models.2\modelsplugin.dll 2014-11-13 22:49 - 2014-11-05 23:57 - 14910280 _____ () C:\Program Files (x86)\Google\Chrome\Application\38.0.2125.122\PepperFlash\pepflashplayer.dll ==================== Alternate Data Streams (whitelisted) ========= (If an entry is included in the fixlist, only the Alternate Data Streams will be removed.) AlternateDataStreams: C:\Users\Patrycjusz\SkyDrive:ms-properties ==================== Safe Mode (whitelisted) =================== (If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.) HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS => ""="" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => ""="" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\McMPFSvc => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MCODS => ""="" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => ""="" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefire => ""="Driver" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek => ""="Driver" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek.sys => ""="Driver" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk => ""="Driver" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk.sys => ""="Driver" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfevtp => ""="Driver" ==================== EXE Association (whitelisted) ============= (If an entry is included in the fixlist, the default will be restored. None default entries will be removed.) ==================== MSCONFIG/TASK MANAGER disabled items ========= (Currently there is no automatic fix for this section.) ========================= Accounts: ========================== Administrator (S-1-5-21-1542458404-1444137664-256976008-500 - Administrator - Disabled) Guest (S-1-5-21-1542458404-1444137664-256976008-501 - Limited - Disabled) Patrycjusz (S-1-5-21-1542458404-1444137664-256976008-1002 - Administrator - Enabled) => C:\Users\Patrycjusz ==================== Faulty Device Manager Devices ============= ==================== Event log errors: ========================= Application errors: ================== Error: (11/13/2014 10:33:35 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Faulting application name: opbhobroker.exe, version: 8.0.0.57, time stamp: 0x525c1b0c Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000 Exception code: 0xc0000005 Fault offset: 0x0000000000000000 Faulting process ID: 0x104c Faulting application start time: 0xopbhobroker.exe0 Faulting application path: opbhobroker.exe1 Faulting module path: opbhobroker.exe2 Report ID: opbhobroker.exe3 Faulting package full name: opbhobroker.exe4 Faulting package-relative application ID: opbhobroker.exe5 Error: (11/13/2014 10:26:56 PM) (Source: Application Hang) (EventID: 1002) (User: ) Description: The program iexplore.exe version 11.0.9600.17416 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel. Process ID: 1ed0 Start Time: 01cfff900a1007dd Termination Time: 18 Application Path: C:\Program Files\Internet Explorer\iexplore.exe Report Id: 190a3328-6b84-11e4-827d-0071cc2f8bbc Faulting package full name: Faulting package-relative application ID: Error: (11/13/2014 10:20:25 PM) (Source: Application Hang) (EventID: 1002) (User: ) Description: The program iexplore.exe version 11.0.9600.17416 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel. Process ID: 195c Start Time: 01cfff8fd117bcf2 Termination Time: 0 Application Path: C:\Program Files\Internet Explorer\iexplore.exe Report Id: 36c95c78-6b83-11e4-827d-0071cc2f8bbc Faulting package full name: Faulting package-relative application ID: Error: (11/13/2014 10:20:22 PM) (Source: Application Hang) (EventID: 1002) (User: ) Description: The program iexplore.exe version 11.0.9600.17416 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel. Process ID: 18d4 Start Time: 01cfff8fd15357d4 Termination Time: 15 Application Path: C:\Program Files\Internet Explorer\iexplore.exe Report Id: 347c7592-6b83-11e4-827d-0071cc2f8bbc Faulting package full name: Faulting package-relative application ID: Error: (11/13/2014 10:20:15 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 2484) (User: LAPTOP) Description: Package DefaultBrowser_NOPUBLISHERID+Microsoft.InternetExplorer.Default#{dd106978-c96f-4095-83e3-06d409e077fa} was terminated because it took too long to suspend. Error: (11/13/2014 10:20:15 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 2484) (User: LAPTOP) Description: Package DefaultBrowser_NOPUBLISHERID+Microsoft.InternetExplorer.Default was terminated because it took too long to suspend. Error: (11/13/2014 10:13:10 PM) (Source: Application Hang) (EventID: 1002) (User: ) Description: The program Spyhunter4.exe version 4.18.9.4384 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel. Process ID: 162c Start Time: 01cfff61b77b88c2 Termination Time: 93 Application Path: C:\Program Files\Enigma Software Group\SpyHunter\Spyhunter4.exe Report Id: 2e261638-6b82-11e4-827d-0071cc2f8bbc Faulting package full name: Faulting package-relative application ID: Error: (11/12/2014 03:40:27 PM) (Source: Application Hang) (EventID: 1002) (User: ) Description: The program explorer.exe version 6.3.9600.17284 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel. Process ID: 1ff4 Start Time: 01cffe7360564128 Termination Time: 0 Application Path: C:\Windows\explorer.exe Report Id: 2186cd85-6a82-11e4-827d-0071cc2f8bbc Faulting package full name: Faulting package-relative application ID: System errors: ============= Error: (11/14/2014 05:08:46 PM) (Source: DCOM) (EventID: 10010) (User: LAPTOP) Description: {209500FC-6B45-4693-8871-6296C4843751} Error: (11/14/2014 10:10:19 AM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: The SpyHunter 4 Service service failed to start due to the following error: %%2 Error: (11/14/2014 00:04:51 AM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: The Steam Client Service service failed to start due to the following error: %%1053 Error: (11/14/2014 00:04:51 AM) (Source: Service Control Manager) (EventID: 7009) (User: ) Description: A timeout was reached (30000 milliseconds) while waiting for the Steam Client Service service to connect. Error: (11/13/2014 10:38:17 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: The SpyHunter 4 Service service failed to start due to the following error: %%2 Error: (11/13/2014 10:37:29 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: The Windows Search service failed to start due to the following error: %%1069 Error: (11/13/2014 10:37:29 PM) (Source: Service Control Manager) (EventID: 7038) (User: ) Description: The WSearch service was unable to log on as NT AUTHORITY\SYSTEM with the currently configured password due to the following error: %%50 To ensure that the service is configured properly, use the Services snap-in in Microsoft Management Console (MMC). Error: (11/13/2014 10:36:59 PM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: The Windows Presentation Foundation Font Cache 3.0.0.0 service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 0 milliseconds: Restart the service. Error: (11/13/2014 10:36:59 PM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: The Windows Search service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 30000 milliseconds: Restart the service. Error: (11/13/2014 10:36:59 PM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: The Intel(R) Management and Security Application Local Management Service service terminated unexpectedly. It has done this 1 time(s). Microsoft Office Sessions: ========================= Error: (11/13/2014 10:33:35 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: opbhobroker.exe8.0.0.57525c1b0cunknown0.0.0.000000000c00000050000000000000000104c01cfff61bb69667bC:\Program Files\Hewlett-Packard\SimplePass\opbhobroker.exeunknown1a6445c2-6b85-11e4-827d-0071cc2f8bbc Error: (11/13/2014 10:26:56 PM) (Source: Application Hang) (EventID: 1002) (User: ) Description: iexplore.exe11.0.9600.174161ed001cfff900a1007dd18C:\Program Files\Internet Explorer\iexplore.exe190a3328-6b84-11e4-827d-0071cc2f8bbc Error: (11/13/2014 10:20:25 PM) (Source: Application Hang) (EventID: 1002) (User: ) Description: iexplore.exe11.0.9600.17416195c01cfff8fd117bcf20C:\Program Files\Internet Explorer\iexplore.exe36c95c78-6b83-11e4-827d-0071cc2f8bbc Error: (11/13/2014 10:20:22 PM) (Source: Application Hang) (EventID: 1002) (User: ) Description: iexplore.exe11.0.9600.1741618d401cfff8fd15357d415C:\Program Files\Internet Explorer\iexplore.exe347c7592-6b83-11e4-827d-0071cc2f8bbc Error: (11/13/2014 10:20:15 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 2484) (User: LAPTOP) Description: DefaultBrowser_NOPUBLISHERID+Microsoft.InternetExplorer.Default#{dd106978-c96f-4095-83e3-06d409e077fa} Error: (11/13/2014 10:20:15 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 2484) (User: LAPTOP) Description: DefaultBrowser_NOPUBLISHERID+Microsoft.InternetExplorer.Default Error: (11/13/2014 10:13:10 PM) (Source: Application Hang) (EventID: 1002) (User: ) Description: Spyhunter4.exe4.18.9.4384162c01cfff61b77b88c293C:\Program Files\Enigma Software Group\SpyHunter\Spyhunter4.exe2e261638-6b82-11e4-827d-0071cc2f8bbc Error: (11/12/2014 03:40:27 PM) (Source: Application Hang) (EventID: 1002) (User: ) Description: explorer.exe6.3.9600.172841ff401cffe73605641280C:\Windows\explorer.exe2186cd85-6a82-11e4-827d-0071cc2f8bbc ==================== Memory info =========================== Processor: Intel(R) Core(TM) i7-4700MQ CPU @ 2.40GHz Percentage of memory in use: 31% Total physical RAM: 12220.02 MB Available physical RAM: 8351.5 MB Total Pagefile: 14076.02 MB Available Pagefile: 9670.33 MB Total Virtual: 131072 MB Available Virtual: 131071.83 MB ==================== Drives ================================ Drive c: (Windows) (Fixed) (Total:909.44 GB) (Free:809.02 GB) NTFS Drive d: (RECOVERY) (Fixed) (Total:21.29 GB) (Free:2.15 GB) NTFS ==>[System with boot components (obtained from reading drive)] ==================== MBR & Partition Table ================== ======================================================== Disk: 0 (Size: 931.5 GB) (Disk ID: 1E1F4777) Partition: GPT Partition Type. ==================== End Of Log ============================