Additional scan result of Farbar Recovery Scan Tool (x64) Version: 04-01-2015 Ran by Ewa at 2015-01-05 20:27:41 Running from C:\Users\Ewa\Downloads Boot Mode: Normal ========================================================== ==================== Security Center ======================== (If an entry is included in the fixlist, it will be removed.) AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B} AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736} ==================== Installed Programs ====================== (Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.) «Two Worlds II - Velvet Edition» (HKLM-x32\...\«Two Worlds II - Velvet Edition»_is1) (Version: - TopWare Interactive) Adobe Flash Player 15 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 15.0.0.246 - Adobe Systems Incorporated) Adobe Reader X (10.1.3) (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AA1000000001}) (Version: 10.1.3 - Adobe Systems Incorporated) AMD Catalyst Install Manager (HKLM\...\{95EF3DDB-27C8-CDA9-9E72-5EC3F02C1B02}) (Version: 8.0.881.0 - Advanced Micro Devices, Inc.) Apple Mobile Device Support (HKLM\...\{BDD99690-3541-4619-9D2A-3CDDB3E15F9E}) (Version: 8.0.5.6 - Apple Inc.) Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.) Avast Free Antivirus (HKLM-x32\...\Avast) (Version: 10.0.2208 - AVAST Software) BatBrowse 2013.11.07.204732 (HKLM\...\BatBrowse) (Version: 2013.11.07.204732 - BatBrowse) <==== ATTENTION Bejeweled 3 (x32 Version: 2.2.0.97 - WildTangent) Hidden Bonanza Deals (remove only) (HKLM-x32\...\Bonanza Deals) (Version: 5.0.1.0 - Bonanza Deals) <==== ATTENTION Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.) D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden DRUKI Gofin 2.2.19.0 (HKLM-x32\...\{852B928B-042E-4555-B59B-3473734906FF}) (Version: 2.2.19.0 - Wydawnictwo Podatkowe GOFIN sp. z o.o.) Farmscapes (x32 Version: 2.2.0.98 - WildTangent) Hidden FATE (x32 Version: 2.2.0.97 - WildTangent) Hidden Foxtab (HKLM-x32\...\foxtab) (Version: - FoxTab) <==== ATTENTION! Fraps (HKLM-x32\...\Fraps) (Version: - ) Google Update Helper (x32 Version: 1.3.23.0 - BonanzaDeals) Hidden <==== ATTENTION Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.1.0.1252 - Intel Corporation) Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 11.5.2.1001 - Intel Corporation) iTunes (HKLM\...\{2ABBBD91-91E5-4AD7-929A-FE15D1DC0576}) (Version: 12.0.1.26 - Apple Inc.) Java 7 Update 45 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217045FF}) (Version: 7.0.450 - Oracle) KMP Service (HKLM-x32\...\4F6D5E84-5826-4394-9F40-3A9A19165651_is1) (Version: - KMP) <==== ATTENTION LG United Mobile Driver (HKLM-x32\...\{2A3A4BD6-6CE0-4E2A-80D2-1D0FF6ACBFBA}) (Version: 3.7.2.0 - LG Electronics) Mała Księgowość Rzeczpospolitej (HKLM-x32\...\Mała Księgowość Rzeczpospolitej) (Version: 18.00 - Usługi Informatyczne Andrzej Ciupiński) Microsoft SkyDrive (HKU\S-1-5-21-2354558839-626714277-1970587182-1001\...\SkyDriveSetup.exe) (Version: 16.4.6010.0727 - Microsoft Corporation) Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (HKLM-x32\...\{15134cb0-b767-4960-a911-f2d16ae54797}) (Version: 11.0.50727.1 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 (HKLM-x32\...\{22154f09-719a-4619-bb71-5b3356999fbf}) (Version: 11.0.50727.1 - Microsoft Corporation) Microsoft WSE 3.0 (HKLM-x32\...\{EDEA8AB7-7683-4ED2-AA19-E6C078064C0D}) (Version: 3.0.5305.0 - Microsoft Corporation) Mobogenie (HKLM-x32\...\Mobogenie) (Version: - Mobogenie.com) <==== ATTENTION Movie Maker (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden Mozilla Firefox 34.0.5 (x86 pl) (HKLM-x32\...\Mozilla Firefox 34.0.5 (x86 pl)) (Version: 34.0.5 - Mozilla) Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 29.0.1 - Mozilla) MSXML 4.0 SP2 Parser and SDK (HKLM-x32\...\{716E0306-8318-4364-8B8F-0CC4E9376BAC}) (Version: 4.20.9818.0 - Microsoft Corporation) NBA 2K14 (HKLM-x32\...\{4FE0545A-1BF3-4B9B-A044-6E1EE719E197}) (Version: 1.0.0 - 2K Sports) NVIDIA PhysX (HKLM-x32\...\{3F5C371F-8EA2-4F25-9D3D-D0B4526E3AEA}) (Version: 9.10.0513 - NVIDIA Corporation) Obsługa programów Apple (HKLM-x32\...\{83CAF0DE-8D3B-4C37-A631-2B8F16EC3031}) (Version: 3.1 - Apple Inc.) OpenOffice.org 3.4.1 (HKLM-x32\...\{18192D3F-5537-4560-AD89-D695F72AF91D}) (Version: 3.41.9593 - Apache Software Foundation) Origin (HKLM-x32\...\Origin) (Version: 8.6.3.49 - Electronic Arts, Inc.) Penguins! (x32 Version: 2.2.0.98 - WildTangent) Hidden PITy2013 IPS 1.5.1.0 kompilacja:1.5.1.33 (HKLM-x32\...\PITy2013 IPS_is1) (Version: - IPS Przedsiębiorstwo Informatyczne) Plants vs. Zombies - Game of the Year (x32 Version: 2.2.0.98 - WildTangent) Hidden PlayReady PC Runtime amd64 (HKLM\...\{BCA9334F-B6C9-4F65-9A73-AC5A329A4D04}) (Version: 1.3.0 - Microsoft Corporation) Płatnik 9.01.001A (HKLM-x32\...\{05381030-963D-4779-BECA-0D7D49268EDB}) (Version: 9.01.001A - Asseco Poland S.A.) Polar Bowler (x32 Version: 2.2.0.97 - WildTangent) Hidden Premium Sound HD (HKLM\...\{94F03B8E-CB73-4653-AFE9-79112C01FED2}) (Version: 1.12.4600 - SRS Labs, Inc.) R-CzBR 1.0 (HKLM\...\R-CzBR_is1) (Version: 1.0 - 1.0) Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.3.730.2012 - Realtek) Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6687 - Realtek Semiconductor Corp.) Realtek USB 2.0 Card Reader (HKLM-x32\...\{96AE7E41-E34E-47D0-AC07-1091A8127911}) (Version: 6.1.8400.30136 - Realtek Semiconductor Corp.) Realtek WLAN Driver (HKLM-x32\...\{9D3D8C60-A55F-4fed-B2B9-173001290E16}) (Version: 2.00.0020 - REALTEK Semiconductor Corp.) Startup Manager 2.4.2 (HKLM-x32\...\Startup_Manager_is1) (Version: 2.4.2 - Glenn Van Loon) Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 16.2.10.3 - Synaptics Incorporated) The KMPlayer (remove only) (HKLM-x32\...\The KMPlayer) (Version: 3.7.0.113 - KMP Media co., Ltd) Torpedo wersja 2.1 (HKLM-x32\...\{52AE67BD-86A3-4071-93FD-68CE52FFE09C}_is1) (Version: 2.1 - ) Toshiba App Place (HKLM-x32\...\{ED3CBA78-488F-4E8C-B33F-8E3BF4DDB4D2}) (Version: 1.0.6.3 - Toshiba) TOSHIBA Application Installer (HKLM-x32\...\{970472D0-F5F9-4158-A6E3-1AE49EFEF2D3}) (Version: 9.0.1.4 - TOSHIBA) TOSHIBA Blu-ray Disc Player (HKLM\...\{FF07604E-C860-40E9-A230-E37FA41F103A}) (Version: 1.0.5.207 - Toshiba Corporation) Toshiba Book Place (HKLM-x32\...\{24B45620-22B6-4E4A-B836-FF30A0B0404E}) (Version: 3.1.9534 - K-NFB Reading Technology, Inc.) TOSHIBA Desktop Assist (HKLM\...\{95CCACF0-010D-45F0-82BF-858643D8BC02}) (Version: 1.00.0007.00002 - Toshiba Corporation) TOSHIBA eco Utility (HKLM\...\{5944B9D4-3C2A-48DE-931E-26B31714A2F7}) (Version: 2.0.0.6415 - Toshiba Corporation) TOSHIBA Function Key (HKLM\...\{16562A90-71BC-41A0-B890-D91B0C267120}) (Version: 1.00.6425 - Toshiba Corporation) Toshiba Password Utility (HKLM-x32\...\InstallShield_{6D35FF17-A8B3-43D3-917E-5A1F2C3FB628}) (Version: 2.00.800 - Toshiba Corporation) TOSHIBA PC Health Monitor (HKLM\...\{9DECD0F9-D3E8-48B0-A390-1CF09F54E3A4}) (Version: 1.8.17.640104 - Toshiba Corporation) TOSHIBA Quality Application (HKLM-x32\...\{E69992ED-A7F6-406C-9280-1C156417BC49}) (Version: 1.0.8 - TOSHIBA) TOSHIBA Recovery Media Creator (HKLM-x32\...\{B65BBB06-1F8E-48F5-8A54-B024A9E15FDF}) (Version: 2.2.0.54043005 - Toshiba Corporation) TOSHIBA Resolution+ Plug-in for Windows Media Player (HKLM-x32\...\{6CB76C9D-80C2-4CB3-A4CD-D96B239E3F94}) (Version: 1.2.2.00 - TOSHIBA Corporation) TOSHIBA Service Station (HKLM\...\{B8C8422F-01F1-4791-B084-047AAFF9BFCC}) (Version: 2.4.4 - TOSHIBA) TOSHIBA System Driver (HKLM-x32\...\{1E6A96A1-2BAB-43EF-8087-30437593C66C}) (Version: 1.00.0012 - Toshiba Corporation) TOSHIBA System Settings (HKLM-x32\...\{05A55927-DB9B-4E26-BA44-828EBFF829F0}) (Version: 1.00.0001.32002 - Toshiba Corporation) TOSHIBA User's Guide (HKLM-x32\...\{3384E1D9-3F18-4A98-8655-180FEF0DFC02}) (Version: 1.00.02 - TOSHIBA) TOSHIBARegistration (HKLM-x32\...\{5AF550B4-BB67-4E7E-82F1-2C4300279050}) (Version: 1.1.6 - TOSHIBA) TuneUp Utilities 2013 (HKLM-x32\...\TuneUp Utilities 2013) (Version: 13.0.2020.84 - TuneUp Software) TuneUp Utilities 2013 (x32 Version: 13.0.2020.84 - TuneUp Software) Hidden TuneUp Utilities Language Pack (pl-PL) (x32 Version: 13.0.2020.84 - TuneUp Software) Hidden Update Installer for WildTangent Games App (x32 Version: - WildTangent) Hidden Update_for_BonanzaDeals (HKU\S-1-5-21-2354558839-626714277-1970587182-1001\...\Bonanza) (Version: - Update_for_BonanzaDeals) <==== ATTENTION Virtual Villagers 4 - The Tree of Life (x32 Version: 2.2.0.97 - WildTangent) Hidden WildTangent Games (HKLM-x32\...\WildTangent toshiba Master Uninstall) (Version: 1.0.3.0 - WildTangent) WildTangent Games App (Toshiba Games) (x32 Version: 4.0.10.25 - WildTangent) Hidden Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3503.0728 - Microsoft Corporation) WRF 1.02.001 G (HKLM-x32\...\{460BE803-88CF-4FD2-9082-2450A5959959}) (Version: 1.02.001 G - Asseco Poland S.A.) WRFKL 1.02.001 C (HKLM-x32\...\{A98C53C1-D7D5-43FE-82F4-EACD66292004}) (Version: 1.02.001 C - Asseco Poland S.A.) WRFSL (x32 Version: 1.02.001 E - Asseco Poland S.A.) Hidden WRFSL 1.02.001 E (HKLM-x32\...\{98A95680-71E0-4C6B-B3D0-384193FCA4F6}) (Version: 1.02.001 E - Asseco Poland S.A.) Yahoo! Search (HKU\S-1-5-21-2354558839-626714277-1970587182-1001\...\Yahoo! Search) (Version: - Pay-By-Ads) <==== ATTENTION Yawcam 0.4.1 (HKLM-x32\...\{8FE96B14-E1F9-47BF-8BA1-A81467CD259B}_is1) (Version: - ) ==================== Custom CLSID (selected items): ========================== (If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.) CustomCLSID: HKU\S-1-5-21-2354558839-626714277-1970587182-1001_Classes\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}\InprocServer32 -> C:\Users\Ewa\AppData\Local\Microsoft\SkyDrive\16.4.6010.0727\amd64\SkyDriveShell64.dll (Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-2354558839-626714277-1970587182-1001_Classes\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}\InprocServer32 -> C:\Users\Ewa\AppData\Local\Microsoft\SkyDrive\16.4.6010.0727\amd64\SkyDriveShell64.dll (Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-2354558839-626714277-1970587182-1001_Classes\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}\InprocServer32 -> C:\Users\Ewa\AppData\Local\Microsoft\SkyDrive\16.4.6010.0727\amd64\SkyDriveShell64.dll (Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-2354558839-626714277-1970587182-1001_Classes\CLSID\{F8071786-1FD0-4A66-81A1-3CBE29274458}\InprocServer32 -> C:\Users\Ewa\AppData\Local\Microsoft\SkyDrive\16.4.6010.0727\amd64\FileSyncApi64.dll (Microsoft Corporation) ==================== Restore Points ========================= 16-12-2014 20:30:41 Windows Update 24-12-2014 22:06:00 Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 03-01-2015 12:56:00 Zaplanowany punkt kontrolny 05-01-2015 19:27:05 avast! antivirus system restore point ==================== Hosts content: ========================== (If needed Hosts: directive could be included in the fixlist to reset Hosts.) 2013-08-22 14:25 - 2013-08-22 14:25 - 00000824 ____A C:\WINDOWS\system32\Drivers\etc\hosts ==================== Scheduled Tasks (whitelisted) ============= (If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.) Task: {001A82CD-92CA-4DE7-B420-49DB52DE494D} - System32\Tasks\Norton Anti-Theft\Norton Error Processor => C:\Program Files (x86)\Norton Anti-Theft\Engine\1.6.0.17\SymErr.exe Task: {0D1BAB00-C1BE-498A-BEEE-6D09F9FCBA28} - System32\Tasks\BonanzaDealsLiveUpdateTaskMachineUA => C:\Program Files (x86)\BonanzaDealsLive\Update\BonanzaDealsLive.exe [2013-11-10] (BonanzaDeals) <==== ATTENTION Task: {190457D4-3144-4A91-A554-7580BEBF6AFD} - System32\Tasks\Synaptics TouchPad Enhancements => \Program Files\Synaptics\SynTP\SynTPEnh.exe [2012-08-15] (Synaptics Incorporated) Task: {1F0D4589-B017-4D34-83CA-115650EB4085} - System32\Tasks\Yahoo! Search => C:\Users\Ewa\AppData\Local\Pay-By-Ads\Yahoo! Search\1.3.18.5\dsrlte.exe [2014-12-21] (Pay By Ads LTD) <==== ATTENTION Task: {3123A6DA-D45D-48BA-972B-EF3AA3A83B6F} - System32\Tasks\Norton Anti-Theft\Norton Error Analyzer => C:\Program Files (x86)\Norton Anti-Theft\Engine\1.6.0.17\SymErr.exe Task: {3B6BA2F3-F97D-49FE-9EA3-3A79F2787652} - System32\Tasks\TOSHIBA\Service Station => C:\Program Files\TOSHIBA\Toshiba Service Station\ToshibaServiceStation.exe [2012-07-27] (TOSHIBA Corporation) Task: {471189BA-45F2-41C6-9263-E5B42B55827E} - System32\Tasks\Yahoo! Search Updater => C:\Users\Ewa\AppData\Local\Pay-By-Ads\Yahoo! Search\1.3.18.5\dsrsetup.exe [2014-12-21] (Pay By Ads LTD) <==== ATTENTION Task: {472300DD-C000-4D98-9FE9-5987F4BA7E36} - System32\Tasks\BonanzaDealsUpdate => C:\Program <==== ATTENTION Task: {5A2DC3DF-3EBB-4DE9-95C8-3853507EA6C7} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2015-01-05] (AVAST Software) Task: {7C193215-CCCD-41C1-9371-2CE136E14FF1} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2014-12-14] (Microsoft Corporation) Task: {8A098222-B835-4374-B14E-1822BE5AB3C0} - System32\Tasks\BonanzaDealsLiveUpdateTaskMachineCore => C:\Program Files (x86)\BonanzaDealsLive\Update\BonanzaDealsLive.exe [2013-11-10] (BonanzaDeals) <==== ATTENTION Task: {99203E46-B946-4DC2-9AF3-6E531C51246B} - System32\Tasks\Adobe Flash Player Updater => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-12-09] (Adobe Systems Incorporated) Task: {CF8DDB0E-0EAA-4C31-A6FC-C593A4E5F3CD} - System32\Tasks\FoxTab => C:\Users\Ewa\AppData\Roaming\FoxTab\UpdateProc\UpdateTask.exe [2013-04-12] () <==== ATTENTION Task: {E8828D95-0E99-42B7-BBED-A421A029EBA6} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.) Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe Task: C:\WINDOWS\Tasks\BonanzaDealsLiveUpdateTaskMachineCore.job => C:\Program Files (x86)\BonanzaDealsLive\Update\BonanzaDealsLive.exe <==== ATTENTION Task: C:\WINDOWS\Tasks\BonanzaDealsLiveUpdateTaskMachineUA.job => C:\Program Files (x86)\BonanzaDealsLive\Update\BonanzaDealsLive.exe <==== ATTENTION Task: C:\WINDOWS\Tasks\FoxTab.job => C:\Users\Ewa\AppData\Roaming\FoxTab\UPDATE~1\UPDATE~1.EXE <==== ATTENTION Task: C:\WINDOWS\Tasks\Synaptics TouchPad Enhancements.job => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe ==================== Loaded Modules (whitelisted) ============= 2011-10-13 23:38 - 2011-10-13 23:38 - 00156672 _____ () C:\Program Files (x86)\Toshiba\Password Utility\GFNEXSrv.exe 2014-12-24 22:08 - 2014-03-06 12:37 - 00013312 _____ () C:\Windows\SysWOW64\SMITSC.exe 2013-11-07 21:47 - 2015-01-05 19:13 - 00524528 _____ () C:\Program Files (x86)\BatBrowse\updateBatBrowse.exe 2013-11-26 04:12 - 2015-01-05 19:16 - 00524528 _____ () C:\Program Files (x86)\BatBrowse\bin\utilBatBrowse.exe 2012-08-14 04:13 - 2012-08-14 04:13 - 00018344 _____ () C:\Program Files\Toshiba\Teco\TecoMUI.dll 2012-07-19 03:38 - 2012-07-19 03:38 - 00020904 _____ () C:\Program Files\TOSHIBA\Hotkey\SmoothView.dll 2012-07-19 03:38 - 2012-07-19 03:38 - 00049064 _____ () C:\Program Files\TOSHIBA\Hotkey\Hotkey\FnZ.dll 2014-09-04 19:56 - 2015-01-05 12:29 - 00114928 _____ () C:\Program Files (x86)\BatBrowse\bin\BatBrowse.BrowserAdapter64.exe 2014-05-04 10:29 - 2015-01-05 12:29 - 00098544 _____ () C:\Program Files (x86)\BatBrowse\bin\BatBrowse.BrowserAdapter.exe 2014-05-23 13:47 - 2015-01-05 03:29 - 00353008 _____ () C:\Program Files (x86)\BatBrowse\bin\BatBrowse.PurBrowse64.exe 2015-01-04 18:25 - 2015-01-04 21:46 - 00101616 _____ () C:\Program Files (x86)\BatBrowse\bin\BatBrowse.expext.exe 2014-09-14 16:32 - 2015-01-05 06:31 - 01649904 _____ () C:\Program Files (x86)\BatBrowse\bin\BatBrowse.BOASHelper.exe 2014-10-28 18:21 - 2015-01-05 19:33 - 00123632 _____ () C:\ProgramData\fc69a316-ef1a-4795-843b-0146c382b2b0\maintainer.exe 2015-01-02 12:19 - 2015-01-02 12:19 - 01459712 _____ () C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\Windows.UI\4bd80968bf666252841ca7792faaff11\Windows.UI.ni.dll 2015-01-02 12:19 - 2015-01-02 12:19 - 00521216 _____ () C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\Windows.Data\fae2b750f87849ca11806d20b2504bf2\Windows.Data.ni.dll 2015-01-02 12:19 - 2015-01-02 12:19 - 00363520 _____ () C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\Windows.Foundation\6382e6f5ad8b7a9db4f5cd4817e70319\Windows.Foundation.ni.dll 2014-09-14 16:32 - 2015-01-05 06:31 - 01786608 _____ () C:\Program Files (x86)\BatBrowse\bin\BatBrowse.BOASPRT.exe 2014-09-14 16:32 - 2015-01-05 06:31 - 01791216 _____ () C:\Program Files (x86)\BatBrowse\bin\BatBrowse.BOAS.exe 2015-01-05 19:30 - 2015-01-05 19:30 - 05851328 _____ () C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxRT.dll 2015-01-05 19:30 - 2015-01-05 19:30 - 00388208 _____ () C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxDDU.dll 2015-01-05 19:30 - 2015-01-05 19:30 - 02535240 _____ () C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxVMM.DLL 2015-01-05 19:30 - 2015-01-05 19:30 - 00677656 _____ () C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxREM.dll 2015-01-05 19:30 - 2015-01-05 19:30 - 00031296 _____ () C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxSharedClipboard.DLL 2015-01-05 19:30 - 2015-01-05 19:30 - 00048296 _____ () C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxDragAndDropSvc.DLL 2015-01-05 19:30 - 2015-01-05 19:30 - 00047784 _____ () C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxGuestControlSvc.DLL 2015-01-05 19:30 - 2015-01-05 19:30 - 01533568 _____ () C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxDD.DLL 2015-01-05 19:30 - 2015-01-05 19:30 - 00203832 _____ () C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxDD2.dll 2015-01-05 19:30 - 2015-01-05 19:30 - 00042128 _____ () C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxSharedFolders.DLL 2015-01-05 20:23 - 2015-01-05 20:23 - 00380416 _____ () C:\Users\Ewa\Downloads\4l99jj20.exe 2015-01-05 19:22 - 2015-01-05 19:22 - 02909696 _____ () C:\Program Files\AVAST Software\Avast\defs\15010501\algo.dll 2014-10-11 13:06 - 2014-10-11 13:06 - 00073544 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll 2014-10-11 13:05 - 2014-10-11 13:05 - 01044776 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll 2013-12-24 12:59 - 2012-10-22 20:21 - 01277952 _____ () C:\Program Files (x86)\PANDORA.TV\PanService\avformat-53.dll 2013-12-24 12:59 - 2011-12-07 01:19 - 00133632 _____ () C:\Program Files (x86)\PANDORA.TV\PanService\avutil-51.dll 2013-12-24 12:59 - 2012-07-10 02:57 - 02090496 _____ () C:\Program Files (x86)\PANDORA.TV\PanService\avcodec-53.dll 2013-12-24 12:59 - 2012-03-23 19:07 - 00224768 _____ () C:\Program Files (x86)\PANDORA.TV\PanService\libupnp.dll 2015-01-01 21:12 - 2015-01-04 21:46 - 00082160 _____ () C:\Program Files (x86)\BatBrowse\bin\BatBrowse.expextdll.dll 2015-01-05 19:30 - 2015-01-05 19:30 - 38562088 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll 2013-01-18 22:20 - 2013-01-18 22:20 - 00985088 _____ () C:\Program Files (x86)\OpenOffice.org 3\program\libxml2.dll 2012-12-21 00:49 - 2012-06-25 19:41 - 01198912 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\ACE.dll 2013-11-10 00:16 - 2014-12-11 20:02 - 03758192 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll ==================== Alternate Data Streams (whitelisted) ========= (If an entry is included in the fixlist, only the Alternate Data Streams will be removed.) ==================== Safe Mode (whitelisted) =================== (If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.) ==================== EXE Association (whitelisted) ============= (If an entry is included in the fixlist, the default will be restored. None default entries will be removed.) ==================== MSCONFIG/TASK MANAGER disabled items ========= (Currently there is no automatic fix for this section.) HKLM\...\StartupApproved\Run32: => "iTunesHelper" HKU\S-1-5-21-2354558839-626714277-1970587182-1001\...\StartupApproved\StartupFolder: => "Torpedo.lnk" ========================= Accounts: ========================== Administrator (S-1-5-21-2354558839-626714277-1970587182-500 - Administrator - Disabled) Ewa (S-1-5-21-2354558839-626714277-1970587182-1001 - Administrator - Enabled) => C:\Users\Ewa Gość (S-1-5-21-2354558839-626714277-1970587182-501 - Limited - Disabled) HomeGroupUser$ (S-1-5-21-2354558839-626714277-1970587182-1003 - Limited - Enabled) ==================== Faulty Device Manager Devices ============= ==================== Event log errors: ========================= Application errors: ================== Error: (01/05/2015 07:33:35 PM) (Source: Toshiba App Place) (EventID: 0) (User: ) Description: System.ArgumentOutOfRangeException: Liczba musi być nieujemna albo mniejsza od wartości Int32.MaxValue -1 lub jej równa. Nazwa parametru: dueTime Stack Trace: w System.Threading.Timer..ctor(TimerCallback callback, Object state, Int32 dueTime, Int32 period) w System.Timers.Timer.set_Enabled(Boolean value) w SnappCloud.ActivationReminder.AraClient.PostInit() w SnappCloud.ActivationReminder.Program.Main(String[] args) Error: (01/05/2015 07:33:25 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Nazwa aplikacji powodującej błąd: explorer.exe, wersja: 6.3.9600.17284, sygnatura czasowa: 0x53f816dc Nazwa modułu powodującego błąd: KERNELBASE.dll, wersja: 6.3.9600.17278, sygnatura czasowa: 0x53eebf2e Kod wyjątku: 0xc000041d Przesunięcie błędu: 0x000000000000606c Identyfikator procesu powodującego błąd: 0x10fc Godzina uruchomienia aplikacji powodującej błąd: 0xexplorer.exe0 Ścieżka aplikacji powodującej błąd: explorer.exe1 Ścieżka modułu powodującego błąd: explorer.exe2 Identyfikator raportu: explorer.exe3 Pełna nazwa pakietu powodującego błąd: explorer.exe4 Identyfikator aplikacji względem pakietu powodującego błąd: explorer.exe5 Error: (01/05/2015 07:25:23 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Nazwa aplikacji powodującej błąd: explorer.exe, wersja: 6.1.7601.17514, sygnatura czasowa: 0x4ce7a144 Nazwa modułu powodującego błąd: explorer.DLL, wersja: 6.3.9600.17278, sygnatura czasowa: 0x53eebd22 Kod wyjątku: 0xc0000142 Przesunięcie błędu: 0x00000000000ec0b4 Identyfikator procesu powodującego błąd: 0x18f4 Godzina uruchomienia aplikacji powodującej błąd: 0xexplorer.exe0 Ścieżka aplikacji powodującej błąd: explorer.exe1 Ścieżka modułu powodującego błąd: explorer.exe2 Identyfikator raportu: explorer.exe3 Pełna nazwa pakietu powodującego błąd: explorer.exe4 Identyfikator aplikacji względem pakietu powodującego błąd: explorer.exe5 Error: (01/05/2015 07:25:19 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Nazwa aplikacji powodującej błąd: explorer.exe, wersja: 6.1.7601.17514, sygnatura czasowa: 0x4ce7a144 Nazwa modułu powodującego błąd: explorer.DLL, wersja: 0.0.0.0, sygnatura czasowa: 0x50685d8c Kod wyjątku: 0xc0000005 Przesunięcie błędu: 0x0000000000003546 Identyfikator procesu powodującego błąd: 0x18f4 Godzina uruchomienia aplikacji powodującej błąd: 0xexplorer.exe0 Ścieżka aplikacji powodującej błąd: explorer.exe1 Ścieżka modułu powodującego błąd: explorer.exe2 Identyfikator raportu: explorer.exe3 Pełna nazwa pakietu powodującego błąd: explorer.exe4 Identyfikator aplikacji względem pakietu powodującego błąd: explorer.exe5 Error: (01/05/2015 07:23:05 PM) (Source: Toshiba App Place) (EventID: 0) (User: ) Description: System.ArgumentOutOfRangeException: Liczba musi być nieujemna albo mniejsza od wartości Int32.MaxValue -1 lub jej równa. Nazwa parametru: dueTime Stack Trace: w System.Threading.Timer..ctor(TimerCallback callback, Object state, Int32 dueTime, Int32 period) w System.Timers.Timer.set_Enabled(Boolean value) w SnappCloud.ActivationReminder.AraClient.PostInit() w SnappCloud.ActivationReminder.Program.Main(String[] args) Error: (01/05/2015 07:20:27 PM) (Source: Toshiba App Place) (EventID: 0) (User: ) Description: System.ArgumentOutOfRangeException: Liczba musi być nieujemna albo mniejsza od wartości Int32.MaxValue -1 lub jej równa. Nazwa parametru: dueTime Stack Trace: w System.Threading.Timer..ctor(TimerCallback callback, Object state, Int32 dueTime, Int32 period) w System.Timers.Timer.set_Enabled(Boolean value) w SnappCloud.ActivationReminder.AraClient.PostInit() w SnappCloud.ActivationReminder.Program.Main(String[] args) Error: (01/05/2015 07:19:22 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Nazwa aplikacji powodującej błąd: explorer.exe, wersja: 6.1.7601.17514, sygnatura czasowa: 0x4ce7a144 Nazwa modułu powodującego błąd: explorer.DLL, wersja: 0.0.0.0, sygnatura czasowa: 0x50685d8c Kod wyjątku: 0xc0000005 Przesunięcie błędu: 0x0000000000003546 Identyfikator procesu powodującego błąd: 0x5150 Godzina uruchomienia aplikacji powodującej błąd: 0xexplorer.exe0 Ścieżka aplikacji powodującej błąd: explorer.exe1 Ścieżka modułu powodującego błąd: explorer.exe2 Identyfikator raportu: explorer.exe3 Pełna nazwa pakietu powodującego błąd: explorer.exe4 Identyfikator aplikacji względem pakietu powodującego błąd: explorer.exe5 Error: (01/05/2015 07:19:18 PM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: m->NextScheduledSPRetry 41063 Error: (01/05/2015 07:19:18 PM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: m->NextScheduledEvent 41063 Error: (01/05/2015 07:19:18 PM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: Continuously busy for more than a second System errors: ============= Error: (01/05/2015 08:14:38 PM) (Source: DCOM) (EventID: 10016) (User: Toshiba) Description: domyślne ustawienia komputeraLokalnyAktywacja{9BA05972-F6A8-11CF-A442-00A0C90A8F39}{9BA05972-F6A8-11CF-A442-00A0C90A8F39}ToshibaEwaS-1-5-21-2354558839-626714277-1970587182-1001LocalHost (użycie LRPC)NiedostępnyNiedostępny Error: (01/05/2015 07:59:58 PM) (Source: DCOM) (EventID: 10016) (User: Toshiba) Description: domyślne ustawienia komputeraLokalnyAktywacja{9BA05972-F6A8-11CF-A442-00A0C90A8F39}{9BA05972-F6A8-11CF-A442-00A0C90A8F39}ToshibaEwaS-1-5-21-2354558839-626714277-1970587182-1001LocalHost (użycie LRPC)NiedostępnyNiedostępny Error: (01/05/2015 07:58:39 PM) (Source: DCOM) (EventID: 10016) (User: Toshiba) Description: domyślne ustawienia komputeraLokalnyAktywacja{9BA05972-F6A8-11CF-A442-00A0C90A8F39}{9BA05972-F6A8-11CF-A442-00A0C90A8F39}ToshibaEwaS-1-5-21-2354558839-626714277-1970587182-1001LocalHost (użycie LRPC)NiedostępnyNiedostępny Error: (01/05/2015 07:50:35 PM) (Source: DCOM) (EventID: 10016) (User: Toshiba) Description: domyślne ustawienia komputeraLokalnyAktywacja{9BA05972-F6A8-11CF-A442-00A0C90A8F39}{9BA05972-F6A8-11CF-A442-00A0C90A8F39}ToshibaEwaS-1-5-21-2354558839-626714277-1970587182-1001LocalHost (użycie LRPC)NiedostępnyNiedostępny Error: (01/05/2015 07:49:29 PM) (Source: DCOM) (EventID: 10016) (User: Toshiba) Description: domyślne ustawienia komputeraLokalnyAktywacja{9BA05972-F6A8-11CF-A442-00A0C90A8F39}{9BA05972-F6A8-11CF-A442-00A0C90A8F39}ToshibaEwaS-1-5-21-2354558839-626714277-1970587182-1001LocalHost (użycie LRPC)NiedostępnyNiedostępny Error: (01/05/2015 07:38:58 PM) (Source: bowser) (EventID: 8003) (User: ) Description: Przeglądarka główna odebrała anons serwera z komputera MARCIN-KOMPUTER. Komputer ten zachowuje się tak, jakby był przeglądarką główną dla domeny w transporcie NetBT_Tcpip_{D936CBB7-1D70-424E-8036-BDC5B01FB16F}. Przeglądarka główna właśnie jest zatrzymywana albo wymuszany jest wybór. Error: (01/05/2015 07:37:50 PM) (Source: DCOM) (EventID: 10016) (User: Toshiba) Description: domyślne ustawienia komputeraLokalnyAktywacja{9BA05972-F6A8-11CF-A442-00A0C90A8F39}{9BA05972-F6A8-11CF-A442-00A0C90A8F39}ToshibaEwaS-1-5-21-2354558839-626714277-1970587182-1001LocalHost (użycie LRPC)NiedostępnyNiedostępny Error: (01/05/2015 07:27:01 PM) (Source: bowser) (EventID: 8003) (User: ) Description: Przeglądarka główna odebrała anons serwera z komputera MARCIN-KOMPUTER. Komputer ten zachowuje się tak, jakby był przeglądarką główną dla domeny w transporcie NetBT_Tcpip_{D936CBB7-1D70-424E-8036-BDC5B01FB16F}. Przeglądarka główna właśnie jest zatrzymywana albo wymuszany jest wybór. Error: (01/05/2015 07:22:51 PM) (Source: DCOM) (EventID: 10016) (User: Toshiba) Description: domyślne ustawienia komputeraLokalnyAktywacja{9BA05972-F6A8-11CF-A442-00A0C90A8F39}{9BA05972-F6A8-11CF-A442-00A0C90A8F39}ToshibaEwaS-1-5-21-2354558839-626714277-1970587182-1001LocalHost (użycie LRPC)NiedostępnyNiedostępny Error: (01/05/2015 02:34:31 PM) (Source: DCOM) (EventID: 10016) (User: Toshiba) Description: domyślne ustawienia komputeraLokalnyAktywacja{9BA05972-F6A8-11CF-A442-00A0C90A8F39}{9BA05972-F6A8-11CF-A442-00A0C90A8F39}ToshibaEwaS-1-5-21-2354558839-626714277-1970587182-1001LocalHost (użycie LRPC)NiedostępnyNiedostępny Microsoft Office Sessions: ========================= Error: (01/05/2015 07:33:35 PM) (Source: Toshiba App Place) (EventID: 0) (User: ) Description: System.ArgumentOutOfRangeException: Liczba musi być nieujemna albo mniejsza od wartości Int32.MaxValue -1 lub jej równa. Nazwa parametru: dueTime Stack Trace: w System.Threading.Timer..ctor(TimerCallback callback, Object state, Int32 dueTime, Int32 period) w System.Timers.Timer.set_Enabled(Boolean value) w SnappCloud.ActivationReminder.AraClient.PostInit() w SnappCloud.ActivationReminder.Program.Main(String[] args) Error: (01/05/2015 07:33:25 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: explorer.exe6.3.9600.1728453f816dcKERNELBASE.dll6.3.9600.1727853eebf2ec000041d000000000000606c10fc01d02915f6ac09d5C:\WINDOWS\explorer.exeC:\WINDOWS\system32\KERNELBASE.dll556d811d-9509-11e4-beb9-7c0507d29ab3 Error: (01/05/2015 07:25:23 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: explorer.exe6.1.7601.175144ce7a144explorer.DLL6.3.9600.1727853eebd22c000014200000000000ec0b418f401d02914f57dfac5C:\explorer\explorer.exeexplorer.DLL35a761d0-9508-11e4-beb8-7c0507d29ab3 Error: (01/05/2015 07:25:19 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: explorer.exe6.1.7601.175144ce7a144explorer.DLL0.0.0.050685d8cc0000005000000000000354618f401d02914f57dfac5C:\explorer\explorer.exeC:\explorer\explorer.DLL33705cf7-9508-11e4-beb8-7c0507d29ab3 Error: (01/05/2015 07:23:05 PM) (Source: Toshiba App Place) (EventID: 0) (User: ) Description: System.ArgumentOutOfRangeException: Liczba musi być nieujemna albo mniejsza od wartości Int32.MaxValue -1 lub jej równa. Nazwa parametru: dueTime Stack Trace: w System.Threading.Timer..ctor(TimerCallback callback, Object state, Int32 dueTime, Int32 period) w System.Timers.Timer.set_Enabled(Boolean value) w SnappCloud.ActivationReminder.AraClient.PostInit() w SnappCloud.ActivationReminder.Program.Main(String[] args) Error: (01/05/2015 07:20:27 PM) (Source: Toshiba App Place) (EventID: 0) (User: ) Description: System.ArgumentOutOfRangeException: Liczba musi być nieujemna albo mniejsza od wartości Int32.MaxValue -1 lub jej równa. Nazwa parametru: dueTime Stack Trace: w System.Threading.Timer..ctor(TimerCallback callback, Object state, Int32 dueTime, Int32 period) w System.Timers.Timer.set_Enabled(Boolean value) w SnappCloud.ActivationReminder.AraClient.PostInit() w SnappCloud.ActivationReminder.Program.Main(String[] args) Error: (01/05/2015 07:19:22 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: explorer.exe6.1.7601.175144ce7a144explorer.DLL0.0.0.050685d8cc00000050000000000003546515001d029142081c1c4C:\explorer\explorer.exeC:\explorer\explorer.DLL5e88c100-9507-11e4-beb7-7c0507d29ab3 Error: (01/05/2015 07:19:18 PM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: m->NextScheduledSPRetry 41063 Error: (01/05/2015 07:19:18 PM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: m->NextScheduledEvent 41063 Error: (01/05/2015 07:19:18 PM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: Continuously busy for more than a second ==================== Memory info =========================== Processor: Intel(R) Core(TM) i7-3630QM CPU @ 2.40GHz Percentage of memory in use: 35% Total physical RAM: 8143.22 MB Available physical RAM: 5268.65 MB Total Pagefile: 9423.22 MB Available Pagefile: 6466.85 MB Total Virtual: 131072 MB Available Virtual: 131071.78 MB ==================== Drives ================================ Drive c: (TI10648300K) (Fixed) (Total:920.9 GB) (Free:869.94 GB) NTFS ==================== MBR & Partition Table ================== ======================================================== Disk: 0 (Size: 931.5 GB) (Disk ID: 00000000) Partition: GPT Partition Type. ==================== End Of Log ============================