Additional scan result of Farbar Recovery Scan Tool (x64) Version: 13-12-2014 Ran by Patrycjusz at 2014-12-14 01:42:48 Running from C:\Users\Patrycjusz\Desktop\New folder Boot Mode: Normal ========================================================== ==================== Security Center ======================== (If an entry is included in the fixlist, it will be removed.) AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} ==================== Installed Programs ====================== (Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.) 7-Zip 9.20 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov) Adobe Reader XI (11.0.10) - Polish (HKLM-x32\...\{AC76BA86-7AD7-1045-7B44-AB0000000001}) (Version: 11.0.10 - Adobe Systems Incorporated) Adobe Shockwave Player 12.0 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.0.3.133 - Adobe Systems, Inc.) Aloha TriPeaks (x32 Version: 2.2.0.98 - WildTangent) Hidden Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment) Bejeweled 3 (x32 Version: 2.2.0.98 - WildTangent) Hidden Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.) Build-a-lot (x32 Version: 2.2.0.98 - WildTangent) Hidden Counter-Strike: Global Offensive (HKLM-x32\...\Steam App 730) (Version: - Valve) Cradle of Rome 2 (x32 Version: 2.2.0.98 - WildTangent) Hidden Crazy Chicken Soccer (x32 Version: 2.2.0.110 - WildTangent) Hidden CyberLink LabelPrint (HKLM-x32\...\InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}) (Version: 2.5.4.6515 - CyberLink Corp.) CyberLink Media Suite 10 (HKLM-x32\...\InstallShield_{1FBF6C24-C1fD-4101-A42B-0C564F9E8E79}) (Version: 10.0.6.3728 - CyberLink Corp.) Cyberlink PhotoDirector (HKLM-x32\...\InstallShield_{39337565-330E-4ab6-A9AE-AC81E0720B10}) (Version: 3.0.2.4128 - CyberLink Corp.) CyberLink Power2Go 8 (HKLM-x32\...\InstallShield_{2A87D48D-3FDF-41fd-97CD-A1E370EFFFE2}) (Version: 8.0.4.3130 - CyberLink Corp.) CyberLink PowerDirector 10 (HKLM-x32\...\InstallShield_{B0B4F6D2-F2AE-451A-9496-6F2F6A897B32}) (Version: 10.0.4.3122 - CyberLink Corp.) CyberLink YouCam (HKLM-x32\...\InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 5.0.1.3202 - CyberLink Corp.) D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden DAEMON Tools Ultra (HKLM-x32\...\DAEMON Tools Ultra) (Version: 2.4.0.0280 - Disc Soft Ltd) Diablo III (HKLM-x32\...\Diablo III) (Version: - Blizzard Entertainment) Energy Star (HKLM-x32\...\{FC0ADA4D-8FA5-4452-8AFF-F0A0BAC97EF7}) (Version: 1.0.9 - Hewlett-Packard Company) Farm Frenzy (x32 Version: 2.2.0.98 - WildTangent) Hidden GIMP 2.8.14 (HKLM\...\GIMP-2_is1) (Version: 2.8.14 - The GIMP Team) Google Chrome (HKLM-x32\...\Google Chrome) (Version: 39.0.2171.95 - Google Inc.) Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden Governor of Poker 2 Premium Edition (x32 Version: 2.2.0.110 - WildTangent) Hidden Hewlett-Packard ACLM.NET v1.2.2.3 (x32 Version: 1.00.0000 - Hewlett-Packard Company) Hidden HitmanPro 3.7 (HKLM\...\HitmanPro37) (Version: 3.7.9.232 - SurfRight B.V.) HP 3D DriveGuard (HKLM-x32\...\{F90A86C9-7779-47DD-AC06-8EE832C55F55}) (Version: 6.0.18.1 - Hewlett-Packard Company) HP Connected Music (Meridian - installer) (HKLM-x32\...\StartHPConnectedMusic) (Version: 1.0 - Meridian Audio Ltd) HP CoolSense (HKLM-x32\...\{59F8C5AA-91BD-423D-BF05-09A80F39898F}) (Version: 2.10.62 - Hewlett-Packard Company) HP Documentation (HKLM-x32\...\{1154543C-D5D0-49BE-A004-82EE0A3746AE}) (Version: 1.1.0.0 - Hewlett-Packard) HP Registration Service (HKLM\...\{D1E8F2D7-7794-4245-B286-87ED86C1893C}) (Version: 1.2.7045.4591 - Hewlett-Packard) HP SimplePass (HKLM-x32\...\InstallShield_{314FAD12-F785-4471-BCE8-AB506642B9A1}) (Version: 8.00.57 - Hewlett-Packard) HP Support Assistant (HKLM-x32\...\{E35A3B13-78CD-4967-8AC8-AA9FDA693EDE}) (Version: 7.4.45.4 - Hewlett-Packard Company) HP System Event Utility (HKLM-x32\...\{DEF23826-DB71-4654-BC00-D5D6C20802EA}) (Version: 1.1.4 - Hewlett-Packard Company) HP Utility Center (HKLM\...\{AED1C141-3AFC-47FE-AE90-C820AA60B103}) (Version: 2.2.5 - Hewlett-Packard Company) HP Wireless Button Driver (HKLM-x32\...\{30B2D1D8-0A07-4B71-9553-0710C5D31E35}) (Version: 1.1.2.1 - Hewlett-Packard Company) IDT Audio (HKLM-x32\...\{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}) (Version: 1.0.6491.0 - IDT) Inst5675 (Version: 8.00.57 - Softex Inc.) Hidden Inst5676 (Version: 8.00.57 - Softex Inc.) Hidden Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.5.13.1706 - Intel Corporation) Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3304 - Intel Corporation) Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 12.8.1.1000 - Intel Corporation) Intel(R) Smart Connect Technology (HKLM\...\{9B5FD763-5074-474C-B898-24567E6450C8}) (Version: 4.2.40.2439 - Intel Corporation) Java 7 Update 71 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F03217071FF}) (Version: 7.0.710 - Oracle) Jewel Match 3 (x32 Version: 2.2.0.98 - WildTangent) Hidden Jewel Quest II (x32 Version: 2.2.0.97 - WildTangent) Hidden League of Legends (HKLM-x32\...\League of Legends 3.0.1) (Version: 3.0.1 - Riot Games) League of Legends (x32 Version: 3.0.1 - Riot Games) Hidden Mahjongg Artifacts (x32 Version: 2.2.0.110 - WildTangent) Hidden Malwarebytes Anti-Malware wersja 2.0.3.1025 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.3.1025 - Malwarebytes Corporation) Microsoft Office Professional Plus 2013 (HKLM\...\Office15.PROPLUS) (Version: 15.0.4420.1017 - Microsoft Corporation) Microsoft SkyDrive (HKU\S-1-5-21-1542458404-1444137664-256976008-1002\...\SkyDriveSetup.exe) (Version: 16.4.6013.0910 - Microsoft Corporation) Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (HKLM\...\{350AA351-21FA-3270-8B7A-835434E766AD}) (Version: 9.0.21022 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (HKLM-x32\...\{15134cb0-b767-4960-a911-f2d16ae54797}) (Version: 11.0.50727.1 - Microsoft Corporation) Movie Maker (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden Mozilla Firefox 33.1 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 33.1 (x86 en-US)) (Version: 33.1 - Mozilla) Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 33.1 - Mozilla) MSVCRT110_amd64 (Version: 16.4.1109.0912 - Microsoft) Hidden Narzędzia sprawdzające pakietu Microsoft Office 2013 — polski (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden NVIDIA GeForce Experience 2.1.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.1.1 - NVIDIA Corporation) NVIDIA Graphics Driver 344.48 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 344.48 - NVIDIA Corporation) NVIDIA PhysX System Software 9.14.0702 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.14.0702 - NVIDIA Corporation) Photo Common (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden Photo Gallery (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden Plants vs. Zombies - Game of the Year (x32 Version: 2.2.0.98 - WildTangent) Hidden Polar Bowler (x32 Version: 2.2.0.97 - WildTangent) Hidden Ralink Bluetooth Stack64 (HKLM\...\{8A2E2A41-B814-407E-2F96-4E433C42AB78}) (Version: 11.0.739.0 - Mediatek) Ralink RT3290 802.11bgn Wi-Fi Adapter (HKLM-x32\...\{8FC4F1DD-F7FD-4766-804D-3C8FF1D309AF}) (Version: 5.0.29.8105 - Mediatek) Ranch Rush 2 - Premium Edition (x32 Version: 2.2.0.98 - WildTangent) Hidden Razer Cortex (HKLM-x32\...\Razer Cortex_is1) (Version: 5.0.89.0 - Razer Inc.) Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 6.2.9200.21239 - Realtek Semiconductor Corp.) Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.19.726.2013 - Realtek) SHIELD Streaming (Version: 3.1.100 - NVIDIA Corporation) Hidden Skype Click to Call (HKLM-x32\...\{6D1221A9-17BF-4EC0-81F2-27D30EC30701}) (Version: 7.3.16540.9015 - Microsoft Corporation) Skype™ 6.21 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 6.21.104 - Skype Technologies S.A.) Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation) swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 17.0.8.0 - Synaptics Incorporated) TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.16 - TeamSpeak Systems GmbH) Trinklit Supreme (x32 Version: 2.2.0.98 - WildTangent) Hidden Update Installer for WildTangent Games App (x32 Version: - WildTangent) Hidden Vacation Quest™ - Australia (x32 Version: 3.0.2.32 - WildTangent) Hidden Validity WBF DDK (HKLM\...\{21498212-1146-4540-8A81-6A1328BA19F2}) (Version: 4.5.228.0 - Validity Sensors, Inc.) Virtual Families (x32 Version: 2.2.0.98 - WildTangent) Hidden Wedding Dash (x32 Version: 2.2.0.95 - WildTangent) Hidden WildTangent Games (HKLM-x32\...\WildTangent wildgames Master Uninstall) (Version: 1.0.4.0 - WildTangent) WildTangent Games App (HP Games) (x32 Version: 4.0.10.15 - WildTangent) Hidden Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3508.0205 - Microsoft Corporation) World of Warcraft (HKLM-x32\...\World of Warcraft) (Version: - Blizzard Entertainment) ==================== Custom CLSID (selected items): ========================== (If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.) CustomCLSID: HKU\S-1-5-21-1542458404-1444137664-256976008-1002_Classes\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}\InprocServer32 -> C:\Users\Patrycjusz\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\amd64\SkyDriveShell64.dll (Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-1542458404-1444137664-256976008-1002_Classes\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}\InprocServer32 -> C:\Users\Patrycjusz\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\amd64\SkyDriveShell64.dll (Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-1542458404-1444137664-256976008-1002_Classes\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}\InprocServer32 -> C:\Users\Patrycjusz\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\amd64\SkyDriveShell64.dll (Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-1542458404-1444137664-256976008-1002_Classes\CLSID\{F8071786-1FD0-4A66-81A1-3CBE29274458}\InprocServer32 -> C:\Users\Patrycjusz\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\amd64\FileSyncApi64.dll (Microsoft Corporation) ==================== Restore Points ========================= 27-11-2014 00:13:12 Windows Update 08-12-2014 16:33:07 Scheduled Checkpoint ==================== Hosts content: ========================== (If needed Hosts: directive could be included in the fixlist to reset Hosts.) 2013-08-22 13:25 - 2013-08-22 13:25 - 00000824 ____N C:\Windows\system32\Drivers\etc\hosts ==================== Scheduled Tasks (whitelisted) ============= (If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.) Task: {02964302-EE58-4818-88E9-B03F84D3F37A} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office\Office15\msoia.exe [2012-10-01] (Microsoft Corporation) Task: {068EB8A5-CB8A-4AAC-84AE-A92925EFFD49} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [2014-10-21] (Hewlett-Packard) Task: {0DD21480-9898-44E2-B74D-4C910E13F14D} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Update Check => C:\ProgramData\Hewlett-Packard\HP Support Framework\Resources\Updater7\HPSFUpdater.exe [2014-05-12] (Hewlett-Packard Company) Task: {1D56EEB5-C0D9-4970-9487-4970275F5266} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2013-11-04] (Hewlett-Packard Company) Task: {262195E6-81AD-4940-9C7C-D1CAF1B4232F} - System32\Tasks\Hewlett-Packard\HP CoolSense\HP CoolSense Start at Logon => C:\Program Files (x86)\Hewlett-Packard\HP CoolSense\CoolSense.exe [2013-06-07] (Hewlett-Packard Development Company, L.P.) Task: {6B6E51F3-F3D4-498C-9D4D-77CF96CD3443} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe [2012-10-01] (Microsoft Corporation) Task: {71652446-C780-4F81-A362-DDED8FF4EFCB} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\Windows\system32\MRT.exe [2014-12-09] (Microsoft Corporation) Task: {7E657FF5-0934-47A4-A1A6-6B567A069D17} - System32\Tasks\Synaptics TouchPad Enhancements => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2013-08-02] (Synaptics Incorporated) Task: {7F8478B2-21D5-4343-984E-9AFEBC2D5425} - System32\Tasks\CLVDLauncher => C:\Program Files (x86)\CyberLink\Power2Go8\CLVDLauncher.exe [2013-03-12] (CyberLink Corp.) Task: {95A9F13C-B0B8-4A09-B3A7-CCFB0DC6DE70} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2013-11-04] (Hewlett-Packard Company) Task: {A11AD238-EFC9-4984-845B-EFCF03545CE4} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-11-13] (Google Inc.) Task: {B161391B-7CBE-4564-AB85-9F4AAAB547F2} - System32\Tasks\HPCeeScheduleForPatrycjusz => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2011-07-15] (Hewlett-Packard) Task: {C167168C-52A4-4400-B926-AF04B1309A63} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker_DeviceScan => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [2014-10-21] (Hewlett-Packard) Task: {C2FC588F-C063-404E-96E5-16E79366CAA7} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-11-13] (Google Inc.) Task: {C49BBA94-F59A-42FC-8F36-64B6965EB745} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office\Office15\msoia.exe [2012-10-01] (Microsoft Corporation) Task: {E7A9607A-A219-4135-81D8-5728CC904E0A} - System32\Tasks\CLMLSvc_P2G8 => C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe [2013-03-12] (CyberLink) Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\HPCeeScheduleForPatrycjusz.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe ==================== Loaded Modules (whitelisted) ============= 2013-10-14 10:23 - 2013-10-14 10:23 - 00109568 _____ () C:\Program Files\Hewlett-Packard\SimplePass\cachesrvr.exe 2013-10-14 10:24 - 2013-10-14 10:24 - 00627200 _____ () C:\Program Files\Hewlett-Packard\SimplePass\cachedrv.dll 2013-10-14 10:25 - 2013-10-14 10:25 - 02541056 _____ () C:\Program Files\Hewlett-Packard\SimplePass\autheng.dll 2013-10-14 10:22 - 2013-10-14 10:22 - 00035328 _____ () C:\Program Files\Hewlett-Packard\SimplePass\ssplogon.dll 2013-10-14 10:22 - 2013-10-14 10:22 - 00055296 _____ () C:\Program Files\Hewlett-Packard\SimplePass\RandomPass.dll 2013-10-14 10:22 - 2013-10-14 10:22 - 00021504 _____ () C:\Program Files\Hewlett-Packard\SimplePass\cryptodll.dll 2013-10-14 10:35 - 2013-10-14 10:35 - 00306064 _____ () C:\Program Files\Hewlett-Packard\SimplePass\mstrpwd.dll 2013-10-14 10:35 - 2013-10-14 10:35 - 01297296 _____ () C:\Program Files\Hewlett-Packard\SimplePass\GraphicalPwd.dll 2013-08-12 18:06 - 2013-08-12 18:06 - 00198120 _____ () C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe 2013-08-12 18:06 - 2013-08-12 18:06 - 00054760 _____ () C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\NetworkHeuristic.dll 2013-08-12 18:06 - 2013-08-12 18:06 - 00034792 _____ () C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\ISCTNetMon.dll 2014-05-09 22:57 - 2014-10-16 14:11 - 00116880 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll 2013-10-14 10:30 - 2013-10-14 10:30 - 00065024 _____ () C:\Program Files\Hewlett-Packard\SimplePass\opvapp.exe 2014-05-09 22:57 - 2013-08-09 12:25 - 01242584 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll 2014-05-09 23:12 - 2013-03-12 14:51 - 00626240 _____ () C:\Program Files (x86)\CyberLink\Power2Go8\CLMediaLibrary.dll 2013-03-12 21:53 - 2013-03-12 21:53 - 00015424 _____ () C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvcPS.dll 2014-12-11 12:55 - 2014-12-06 01:50 - 01077064 _____ () C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.95\libglesv2.dll 2014-12-11 12:55 - 2014-12-06 01:50 - 00211272 _____ () C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.95\libegl.dll 2014-12-11 12:55 - 2014-12-06 01:50 - 09009480 _____ () C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.95\pdf.dll 2014-12-11 12:55 - 2014-12-06 01:50 - 01677128 _____ () C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.95\ffmpegsumo.dll 2014-12-11 12:55 - 2014-12-06 01:50 - 14913352 _____ () C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.95\PepperFlash\pepflashplayer.dll ==================== Alternate Data Streams (whitelisted) ========= (If an entry is included in the fixlist, only the Alternate Data Streams will be removed.) AlternateDataStreams: C:\Users\Patrycjusz\SkyDrive:ms-properties ==================== Safe Mode (whitelisted) =================== (If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.) HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => ""="" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => ""="" ==================== EXE Association (whitelisted) ============= (If an entry is included in the fixlist, the default will be restored. None default entries will be removed.) ==================== MSCONFIG/TASK MANAGER disabled items ========= (Currently there is no automatic fix for this section.) ========================= Accounts: ========================== Administrator (S-1-5-21-1542458404-1444137664-256976008-500 - Administrator - Disabled) Guest (S-1-5-21-1542458404-1444137664-256976008-501 - Limited - Disabled) Patrycjusz (S-1-5-21-1542458404-1444137664-256976008-1002 - Administrator - Enabled) => C:\Users\Patrycjusz ==================== Faulty Device Manager Devices ============= ==================== Event log errors: ========================= Application errors: ================== Error: (12/14/2014 01:28:46 AM) (Source: Office 2013 Licensing Service) (EventID: 0) (User: ) Description: Subscription licensing service failed: -1073418154 Error: (12/12/2014 10:16:13 AM) (Source: Office 2013 Licensing Service) (EventID: 0) (User: ) Description: Subscription licensing service failed: -1073418154 Error: (12/12/2014 00:22:36 AM) (Source: Application Error) (EventID: 1000) (User: ) Description: Faulting application name: nvstreamsvc.exe, version: 3.1.100.0, time stamp: 0x53d25804 Faulting module name: KERNELBASE.dll, version: 6.3.9600.17278, time stamp: 0x53eebd22 Exception code: 0xc0000142 Fault offset: 0x00000000000ec0b4 Faulting process ID: 0x6f8 Faulting application start time: 0xnvstreamsvc.exe0 Faulting application path: nvstreamsvc.exe1 Faulting module path: nvstreamsvc.exe2 Report ID: nvstreamsvc.exe3 Faulting package full name: nvstreamsvc.exe4 Faulting package-relative application ID: nvstreamsvc.exe5 Error: (12/11/2014 08:12:33 PM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: m->NextScheduledSPRetry 4047 Error: (12/11/2014 08:12:33 PM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: m->NextScheduledEvent 4047 Error: (12/11/2014 08:12:33 PM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: Continuously busy for more than a second Error: (12/11/2014 08:12:31 PM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: m->NextScheduledSPRetry 2016 Error: (12/11/2014 08:12:31 PM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: m->NextScheduledEvent 2016 Error: (12/11/2014 08:12:31 PM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: Continuously busy for more than a second Error: (12/11/2014 00:02:13 PM) (Source: Office 2013 Licensing Service) (EventID: 0) (User: ) Description: Subscription licensing service failed: -1073418154 System errors: ============= Error: (12/11/2014 06:16:03 PM) (Source: DCOM) (EventID: 10010) (User: LAPTOP) Description: {9BA05972-F6A8-11CF-A442-00A0C90A8F39} Error: (12/11/2014 06:14:53 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY) Description: Installation Failure: Windows failed to install the following update with error 0x80070643: Definition Update for Windows Defender - KB2267602 (Definition 1.189.1874.0). Error: (12/11/2014 06:13:23 PM) (Source: DCOM) (EventID: 10010) (User: LAPTOP) Description: {209500FC-6B45-4693-8871-6296C4843751} Error: (12/11/2014 06:12:53 PM) (Source: DCOM) (EventID: 10010) (User: LAPTOP) Description: {209500FC-6B45-4693-8871-6296C4843751} Error: (12/10/2014 00:37:53 PM) (Source: DCOM) (EventID: 10010) (User: LAPTOP) Description: {209500FC-6B45-4693-8871-6296C4843751} Error: (12/10/2014 11:58:25 AM) (Source: DCOM) (EventID: 10010) (User: NT AUTHORITY) Description: {209500FC-6B45-4693-8871-6296C4843751} Error: (12/10/2014 11:57:36 AM) (Source: Service Control Manager) (EventID: 7022) (User: ) Description: The Intel(R) Management and Security Application Local Management Service service did not respond on starting. Error: (11/29/2014 00:25:24 AM) (Source: EventLog) (EventID: 6008) (User: ) Description: The previous system shutdown at 00:24:18 on ‎29/‎11/‎2014 was unexpected. Error: (11/29/2014 00:24:11 AM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: The Computer Browser service failed to start due to the following error: %%1053 Error: (11/29/2014 00:24:11 AM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: The Computer Browser service failed to start due to the following error: %%1053 Microsoft Office Sessions: ========================= Error: (12/14/2014 01:28:46 AM) (Source: Office 2013 Licensing Service) (EventID: 0) (User: ) Description: Subscription licensing service failed: -1073418154 Error: (12/12/2014 10:16:13 AM) (Source: Office 2013 Licensing Service) (EventID: 0) (User: ) Description: Subscription licensing service failed: -1073418154 Error: (12/12/2014 00:22:36 AM) (Source: Application Error) (EventID: 1000) (User: ) Description: nvstreamsvc.exe3.1.100.053d25804KERNELBASE.dll6.3.9600.1727853eebd22c000014200000000000ec0b46f801d015a1babb61ecC:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exeKERNELBASE.dllf867ed61-8194-11e4-8285-0071cc2f8bbc Error: (12/11/2014 08:12:33 PM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: m->NextScheduledSPRetry 4047 Error: (12/11/2014 08:12:33 PM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: m->NextScheduledEvent 4047 Error: (12/11/2014 08:12:33 PM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: Continuously busy for more than a second Error: (12/11/2014 08:12:31 PM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: m->NextScheduledSPRetry 2016 Error: (12/11/2014 08:12:31 PM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: m->NextScheduledEvent 2016 Error: (12/11/2014 08:12:31 PM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: Continuously busy for more than a second Error: (12/11/2014 00:02:13 PM) (Source: Office 2013 Licensing Service) (EventID: 0) (User: ) Description: Subscription licensing service failed: -1073418154 CodeIntegrity Errors: =================================== Date: 2014-12-11 18:30:47.263 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Windows\System32\nvinitx.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2014-12-11 18:30:47.114 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Common Files\microsoft shared\OFFICE15\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements. ==================== Memory info =========================== Processor: Intel(R) Core(TM) i7-4700MQ CPU @ 2.40GHz Percentage of memory in use: 21% Total physical RAM: 12220.02 MB Available physical RAM: 9539.21 MB Total Pagefile: 14076.02 MB Available Pagefile: 11311.23 MB Total Virtual: 131072 MB Available Virtual: 131071.83 MB ==================== Drives ================================ Drive c: (Windows) (Fixed) (Total:909.44 GB) (Free:774.45 GB) NTFS Drive d: (RECOVERY) (Fixed) (Total:21.29 GB) (Free:2.15 GB) NTFS ==>[System with boot components (obtained from reading drive)] ==================== MBR & Partition Table ================== ======================================================== Disk: 0 (Size: 931.5 GB) (Disk ID: 1E1F4777) Partition: GPT Partition Type. ==================== End Of Log ============================