Additional scan result of Farbar Recovery Scan Tool (x64) Version: 19-01-2015 Ran by Marta at 2015-01-22 18:51:29 Running from C:\Users\Marta\Desktop Boot Mode: Normal ========================================================== ==================== Security Center ======================== (If an entry is included in the fixlist, it will be removed.) AV: Microsoft Security Essentials (Enabled - Up to date) {4F35CFC4-45A3-FC37-EF17-759A02E39AB1} AS: Microsoft Security Essentials (Enabled - Up to date) {F4542E20-6399-F3B9-D5A7-4EE87964D00C} AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} ==================== Installed Programs ====================== (Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.) Adobe Flash Player 16 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 16.0.0.257 - Adobe Systems Incorporated) Adobe Flash Player 16 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 16.0.0.257 - Adobe Systems Incorporated) Adobe Reader XI (11.0.10) (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.10 - Adobe Systems Incorporated) Advanced Audio FX Engine (HKLM-x32\...\Advanced Audio FX Engine) (Version: 1.12.05 - Creative Technology Ltd) Aktualizacja produktu Microsoft Office Excel 2007 Help (KB963678) (HKLM-x32\...\{90120000-0016-0415-0000-0000000FF1CE}_HOMESTUDENTR_{04E205D6-88B1-4652-B162-42DF2C3B1228}) (Version: - Microsoft) Aktualizacja produktu Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM-x32\...\{90120000-0018-0415-0000-0000000FF1CE}_HOMESTUDENTR_{442ECBCF-94A7-48CC-8CD9-D31FFFD5FA86}) (Version: - Microsoft) Aktualizacja produktu Microsoft Office Word 2007 Help (KB963665) (HKLM-x32\...\{90120000-001B-0415-0000-0000000FF1CE}_HOMESTUDENTR_{128A36ED-21BE-4547-9FFE-5B85AEC735DD}) (Version: - Microsoft) Aktualizacje NVIDIA 1.10.8 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 1.10.8 - NVIDIA Corporation) AML Free Registry Cleaner 4.24 (HKLM-x32\...\{315F5FFC-1A5C-4A2A-B8E7-1C5B1174C198}_is1) (Version: - AML SOFT, Inc.) Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.) Asystent (HKLM-x32\...\TPSA) (Version: - ) Convert PDF To Image (HKLM-x32\...\Convert PDF To Image_is1) (Version: - Softinterface, Inc.) D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden Dell DataSafe Local Backup - Support Software (HKLM-x32\...\{A9668246-FB70-4103-A1E3-66C9BC2EFB49}) (Version: 9.4.60 - Dell) Dell DataSafe Local Backup (HKLM-x32\...\{0ED7EE95-6A97-47AA-AD73-152C08A15B04}) (Version: 9.4.60 - Dell) Dell Edoc Viewer (HKLM\...\{8EBA8727-ADC2-477B-9D9A-1A1836BE4E05}) (Version: 1.0.0 - Dell Inc) Dell Getting Started Guide (HKLM-x32\...\{7DB9F1E5-9ACB-410D-A7DC-7A3D023CE045}) (Version: 1.00.0000 - Dell Inc.) Dell MusicStage (HKLM-x32\...\{91AF2672-F5BC-42CF-8037-A9D2F92BBCC0}) (Version: 1.5.201.0 - Fingertapps) Dell PhotoStage (HKLM-x32\...\{E4335E82-17B3-460F-9E70-39D9BC269DB3}) (Version: 1.5.0.65 - ArcSoft) Dell Stage (HKLM-x32\...\{E2EBA7C0-8072-447F-856D-FFEE8D15B23B}) (Version: 1.5.201.0 - Fingertapps) Dell Stage Remote (HKLM-x32\...\{AF4D3C63-009B-4A17-B02E-D395065DD3F0}) (Version: 2.0.0.43 - ArcSoft) Dell Touchpad (HKLM\...\{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}) (Version: 7.1209.101.204 - ALPS ELECTRIC CO., LTD.) Dell VideoStage (HKLM-x32\...\InstallShield_{DCE0E79A-B9AC-41AC-98C1-7EF0538BCA7F}) (Version: 1.2.0.1712 - CyberLink Corp.) Dell VideoStage (x32 Version: 1.2.0.1712 - CyberLink Corp.) Hidden Dell Webcam Central (HKLM-x32\...\Dell Webcam Central) (Version: 2.00.44 - Creative Technology Ltd) DirectX 9 Runtime (x32 Version: 1.00.0000 - Sonic Solutions) Hidden EVEREST Home Edition v2.20 (HKLM-x32\...\EVEREST Home Edition_is1) (Version: 2.20 - Lavalys Inc) FBReader for Windows (HKLM-x32\...\FBReader for Windows) (Version: - ) Flash Saving (HKLM-x32\...\{AD11DADE-C597-45D9-D8C5-1D2EB0B89613}) (Version: - ) Formant ActiveX programu Windows Live Mesh odpowiedzialny za obsługę połączeń zdalnych (HKLM-x32\...\{B04A0E2F-1E4C-4E61-B18E-3B2BD6779CA7}) (Version: 15.4.5722.2 - Microsoft Corporation) Free PDF to Word Doc Converter v1.1 (HKLM-x32\...\Free PDF to Word Doc Converter_is1) (Version: 1.1 - www.hellopdf.com) Galeria fotografii usługi Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Gimnazjum - Chemia Nowej Ery (HKLM-x32\...\Gimnazjum - Chemia Nowej Ery) (Version: - ) Gimnazjum - Chemia Nowej Ery 2 (HKLM-x32\...\Gimnazjum - Chemia Nowej Ery 2) (Version: - ) Gimnazjum klasa 1 - Puls życia (HKLM-x32\...\Gimnazjum klasa 1 - Puls życia) (Version: - ) Gimnazjum klasa 2 - Śladami przeszłości (HKLM-x32\...\Gimnazjum klasa 2 - Śladami przeszłości) (Version: - ) High-Definition Video Playback (x32 Version: 11.1.11500.4.273 - Nero AG) Hidden HP Deskjet 2050 J510 series Badanie ulepszeń produktu (HKLM\...\{6F5A03BD-6415-4EA8-99EC-F0A0A163DBB0}) (Version: 22.0.334.0 - Hewlett-Packard Co.) HP Deskjet 2050 J510 series Podstawowe oprogramowanie urządzenia (HKLM\...\{1497F824-EBC0-4277-B40D-1A0D6892C0D5}) (Version: 22.50.231.0 - Hewlett-Packard Co.) HP Deskjet 2050 J510 series Pomoc (HKLM-x32\...\{7A3DF2E2-CF13-44FB-A93E-F71D5381DB3F}) (Version: 140.0.61.61 - Hewlett Packard) HP Photo Creations (HKLM-x32\...\HP Photo Creations) (Version: 1.0.0.3341 - HP Photo Creations Powered by RocketLife) HP Update (HKLM-x32\...\{787D1A33-A97B-4245-87C0-7174609A540C}) (Version: 5.002.005.003 - Hewlett-Packard) IDT Audio (HKLM-x32\...\{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}) (Version: 1.0.6324.0 - IDT) Intel PROSet Wireless (x32 Version: - ) Hidden Intel(R) Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1007 - Intel Corporation) Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 7.0.0.1118 - Intel Corporation) Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 8.15.10.2361 - Intel Corporation) Intel(R) PROSet/Wireless Software for Bluetooth(R) Technology (HKLM\...\{7CE8BE79-ABC3-4B2C-9543-28ED2B0A9EA8}) (Version: 1.2.0.0587 - Intel Corporation) Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 10.1.0.1008 - Intel Corporation) Intel(R) Turbo Boost Technology Monitor 2.0 (HKLM\...\{B77EFA0B-9BD3-4122-9F9A-15A963B5EA24}) (Version: 2.1.23.0 - Intel) Intel(R) WiDi (HKLM-x32\...\{781A93CD-1608-427D-B7F0-D05C07795B25}) (Version: 2.1.41.0 - Intel Corporation) Intel(R) Wireless Display (HKLM\...\{28EF7372-9087-4AC3-9B9F-D9751FCDF830}) (Version: - ) Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden K-Lite Codec Pack 6.0.4 (Basic) (HKLM-x32\...\KLiteCodecPack_is1) (Version: 6.0.4 - ) livebox tp (HKLM-x32\...\{FC7DDAAE-7F2B-4270-9BFD-5A130B667E9E}) (Version: 1.00.000 - SAGEM) Medycyna Praktyczna eMPendium (HKLM-x32\...\eMPendium) (Version: 2.4 - Medycyna Praktyczna) Medycyna Praktyczna eMPendium Leki (HKLM-x32\...\eMPendiumLeki) (Version: 2.0.0 - ) Mesh Runtime (x32 Version: 15.4.5722.2 - Microsoft Corporation) Hidden Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation) Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft) Microsoft Office 2010 (HKLM-x32\...\{95140000-0070-0000-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation) Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation) Microsoft Office Home and Student 2007 (HKLM-x32\...\HOMESTUDENTR) (Version: 12.0.6612.1000 - Microsoft Corporation) Microsoft Security Essentials (HKLM\...\Microsoft Security Client) (Version: 4.6.305.0 - Microsoft Corporation) Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation) Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation) Mozilla Firefox 35.0 (x86 pl) (HKLM-x32\...\Mozilla Firefox 35.0 (x86 pl)) (Version: 35.0 - Mozilla) Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 29.0 - Mozilla) MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation) MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation) MSXML 4.0 SP2 Parser and SDK (HKLM-x32\...\{716E0306-8318-4364-8B8F-0CC4E9376BAC}) (Version: 4.20.9818.0 - Microsoft Corporation) My Dell (HKLM\...\PC-Doctor for Windows) (Version: 3.4.6422.14 - PC-Doctor, Inc.) MyDriveConnect 3.3.0.1502 (HKLM-x32\...\MyDriveConnect) (Version: 3.3.0.1502 - TomTom) NVIDIA Sterownik 3D Vision 306.97 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 306.97 - NVIDIA Corporation) NVIDIA Sterownik dźwięku HD 1.2.22.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.2.22.1 - NVIDIA Corporation) NVIDIA Sterownik graficzny 306.97 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 306.97 - NVIDIA Corporation) NWZ-B170 WALKMAN Guide (HKLM-x32\...\{B91B14D5-B817-4C79-BEF6-0A7A23FE6C61}) (Version: 2.1.0.33220 - Sony Corporation) Obsługa programów Apple (HKLM-x32\...\{46F044A5-CE8B-4196-984E-5BD6525E361D}) (Version: 2.3.6 - Apple Inc.) Oprogramowanie Intel(R) PROSet/Wireless WiFi (HKLM\...\{25FBDA9A-E868-4B3B-B9FF-D923818511A1}) (Version: 14.2.0000 - Intel Corporation) Panel sterowania NVIDIA 306.97 (Version: 306.97 - NVIDIA Corporation) Hidden PhotoShowExpress (x32 Version: 2.0.063 - ##COMPANY_NAME##) Hidden PIT Format 2014 (HKLM-x32\...\PIT Format 2014_is1) (Version: - Biuro Informatyki Stosowanej FORMAT) Plants vs. Zombies (HKLM-x32\...\{426F4A60-F14C-4050-91D1-B206341BEC8F}) (Version: 1.0.0.1051 - LeeGTs Games) Płatnik 8.01.001A (HKLM-x32\...\{05381030-963D-4779-BECA-0D7D49268EDB}) (Version: 8.01.001A - Asseco Poland SA) Poczta usługi Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Podstawowe programy Windows Live (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3508.1109 - Microsoft Corporation) Podstawowe programy Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Quickset64 (HKLM\...\{87CF757E-C1F1-4D22-865C-00C6950B5258}) (Version: 10.09.25 - Dell Inc.) QuickTime 7 (HKLM-x32\...\{111EE7DF-FC45-40C7-98A7-753AC46B12FB}) (Version: 7.75.80.95 - Apple Inc.) RadiAnt DICOM Viewer (64-bit) (HKLM-x32\...\RadiAnt64) (Version: 1.9.16.7446 - Medixant) RBVirtualFolder64Inst (Version: 1.00.0000 - Roxio, Inc.) Hidden RealDownloader (x32 Version: 17.0.10 - RealNetworks, Inc.) Hidden RealNetworks - Microsoft Visual C++ 2008 Runtime (x32 Version: 9.0 - RealNetworks, Inc) Hidden RealNetworks - Microsoft Visual C++ 2010 Runtime (Version: 10.0 - RealNetworks, Inc) Hidden RealNetworks - Microsoft Visual C++ 2010 Runtime (x32 Version: 10.0 - RealNetworks, Inc) Hidden RealPlayer Cloud (HKLM-x32\...\RealPlayer 17.0) (Version: 17.0.10 - RealNetworks) Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.31.1025.2010 - Realtek) Realtek USB 2.0 Card Reader (HKLM-x32\...\{96AE7E41-E34E-47D0-AC07-1091A8127911}) (Version: 6.1.7600.30126 - Realtek Semiconductor Corp.) RealUpgrade 1.1 (x32 Version: 1.1.0 - RealNetworks, Inc.) Hidden Roxio Creator Starter (HKLM-x32\...\{6F0BBEFE-BE1C-419B-BA1F-D36C9E7915BC}) (Version: 12.1.77.0 - Roxio) Roxio File Backup (Version: 1.3.2 - Roxio) Hidden Skype Click to Call (HKLM-x32\...\{B6CF2967-C81E-40C0-9815-C05774FEF120}) (Version: 6.1.10441 - Skype Technologies S.A.) Sonic CinePlayer Decoder Pack (x32 Version: 4.3.0 - Sonic Solutions) Hidden SyncUP (HKLM-x32\...\{D92C9CCE-E5F0-4125-977A-0590F3225B74}) (Version: 10.2.15400 - Nero AG) SyncUP (x32 Version: 1.12.11200.10.102 - Nero AG) Hidden TI USB 3.0 Host Controller Driver (HKLM-x32\...\InstallShield_{B1EB7FFF-6E44-43D8-869D-B78E44CD3E0F}) (Version: 1.12.14.0 - Texas Instruments Inc.) TI USB3 Host Driver (x32 Version: 1.12.14.0 - Texas Instruments Inc.) Hidden Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft) UpdateService (x32 Version: 1.0.0 - RealNetworks, Inc.) Hidden Visual Studio C++ 10.0 Runtime (HKLM-x32\...\{4412F224-3849-4461-A3E9-DEEF8D252790}) (Version: 10.0.0 - TomTom International B.V.) Windows Media Player Firefox Plugin (HKLM-x32\...\{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}) (Version: 1.0.0.8 - Microsoft Corp) WinRAR 4.20 (64-bitowy) (HKLM\...\WinRAR archiver) (Version: 4.20.0 - win.rar GmbH) Zinio Reader 4 (HKLM-x32\...\ZinioReader4) (Version: 4.2.4164 - Zinio LLC) Zinio Reader 4 (x32 Version: 4.2.4164 - Zinio LLC) Hidden Zuma Deluxe! 1.0 (HKLM-x32\...\Zuma_Deluxe!_1.0) (Version: - ) ==================== Custom CLSID (selected items): ========================== (If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.) ==================== Restore Points ========================= 05-01-2015 10:23:32 Windows Update 08-01-2015 19:06:48 Windows Update 13-01-2015 16:51:57 Windows Update 13-01-2015 23:20:42 Windows Update 17-01-2015 13:12:15 Windows Update 17-01-2015 20:12:58 SPTD setup V1.86 20-01-2015 16:34:08 Windows Update 22-01-2015 18:11:55 Removed Java(TM) 6 Update 27 (64-bit) 22-01-2015 18:23:00 Restore Point Created by FRST ==================== Hosts content: ========================== (If needed Hosts: directive could be included in the fixlist to reset Hosts.) 2009-07-14 03:34 - 2009-06-10 22:00 - 00000824 ____N C:\windows\system32\Drivers\etc\hosts ==================== Scheduled Tasks (whitelisted) ============= (If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.) Task: {19B8B3C7-B4C7-4911-A9B8-1949692D0230} - System32\Tasks\SystemToolsDailyTest => uaclauncher.exe Task: {1BCCC148-3699-4AB2-AF56-9BAE4DF1D670} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2014-12-19] (Adobe Systems Incorporated) Task: {2585CFB3-A9E3-4853-9D98-4388211405CC} - System32\Tasks\RealDownloaderRealUpgradeLogonTaskS-1-5-21-2987063312-1551485774-402213560-1001 => C:\Program Files (x86)\RealNetworks\RealDownloader\realupgrade.exe [2014-05-13] (RealNetworks, Inc.) Task: {31B1A1CD-6184-4D65-96D9-7A2F6B08B392} - System32\Tasks\HPCustParticipation HP Deskjet 2050 J510 series => C:\Program Files\HP\HP Deskjet 2050 J510 series\Bin\HPCustPartic.exe [2010-06-14] (Hewlett-Packard Co.) Task: {3B338953-65FC-4502-BFFF-B826D6A83735} - System32\Tasks\PCDEventLauncherTask => C:\Program Files\My Dell\sessionchecker.exe [2013-12-19] (PC-Doctor, Inc.) Task: {8CFB69B6-8FE5-472C-9E5E-D5B467D253D2} - System32\Tasks\RealDownloaderDownloaderScheduledTaskS-1-5-21-2987063312-1551485774-402213560-1001 => C:\Program Files (x86)\RealNetworks\RealDownloader\recordingmanager.exe [2014-05-13] (RealNetworks, Inc.) Task: {AEE1AA5D-4440-4D99-968B-021C5B1FD6B6} - System32\Tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-2987063312-1551485774-402213560-1001 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe [2014-05-23] (RealNetworks, Inc.) Task: {B1DAACD6-150B-4509-A6FC-764844BE2B64} - System32\Tasks\RealUpgradeScheduledTaskS-1-5-21-2987063312-1551485774-402213560-1001 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe [2014-05-23] (RealNetworks, Inc.) Task: {B670B19C-6F44-41B2-83C3-2BE69C071571} - System32\Tasks\PCDoctorBackgroundMonitorTask => C:\Program Files\My Dell\uaclauncher.exe [2013-12-19] (PC-Doctor, Inc.) Task: {BDE7CBDE-2D3C-4E83-881F-FCCAA47BEEB3} - System32\Tasks\Adobe Flash Player Updater => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-01-15] (Adobe Systems Incorporated) Task: {C85E85EF-E5BC-45A6-B4FF-52C0F63F6278} - System32\Tasks\hpwebreg_CN08T2N62405D1 => C:\Program Files\HP\HP Deskjet 2050 J510 series\Bin\hpwebreg.exe [2010-11-16] (Hewlett-Packard Co.) Task: {CCC9174E-EFD1-4026-A2DC-AED6E17AADAE} - System32\Tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-2987063312-1551485774-402213560-1001 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe [2014-05-23] (RealNetworks, Inc.) Task: {D5BDB0CC-ACB0-41F4-884E-74D38B4BF7E3} - System32\Tasks\Games\UpdateCheck_S-1-5-21-2987063312-1551485774-402213560-1001 Task: {DAC1EB29-F288-4718-9248-BE8208095CF6} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.) Task: {EA952D9C-2E0C-4D54-A048-8123515CC09A} - System32\Tasks\RealDownloaderRealUpgradeScheduledTaskS-1-5-21-2987063312-1551485774-402213560-1001 => C:\Program Files (x86)\RealNetworks\RealDownloader\realupgrade.exe [2014-05-13] (RealNetworks, Inc.) Task: {F6707264-5BC4-43EB-BA64-9965B2931A62} - System32\Tasks\RealUpgradeLogonTaskS-1-5-21-2987063312-1551485774-402213560-1001 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe [2014-05-23] (RealNetworks, Inc.) Task: C:\windows\Tasks\Adobe Flash Player Updater.job => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe Task: C:\windows\Tasks\hpwebreg_CN08T2N62405D1.job => C:\Program Files\HP\HP Deskjet 2050 J510 series\Bin\HpWebReg.exe ==================== Loaded Modules (whitelisted) ============= 2013-04-01 17:33 - 2012-10-02 20:51 - 00086888 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll 2011-07-28 03:07 - 2011-07-28 03:07 - 01501696 _____ () C:\Program Files\Common Files\Intel\WirelessCommon\Libeay32.dll 2011-11-25 19:01 - 2011-04-10 19:40 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll 2011-07-28 03:07 - 2011-07-28 03:07 - 01501696 _____ () C:\Program Files\Common Files\Intel\WirelessCommon\LIBEAY32.dll 2011-06-28 02:26 - 2011-06-28 02:26 - 02022976 _____ () C:\Program Files (x86)\Dell\Stage Remote\StageRemote.exe 2011-06-29 15:52 - 2011-06-29 15:52 - 00474176 _____ () C:\Program Files (x86)\Dell\Stage Remote\StageRemoteService.exe 2010-11-17 17:35 - 2010-11-17 17:35 - 00514544 _____ () C:\Program Files (x86)\Roxio\OEM\Roxio Burn\RoxioBurnLauncher.exe 2014-05-13 12:10 - 2014-05-13 12:10 - 00039568 _____ () C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe 2011-04-30 01:18 - 2011-04-30 01:18 - 00885760 _____ () C:\Program Files (x86)\Dell Stage\Dell Stage\AccuWeather\accuweather.exe 2014-05-23 00:34 - 2014-05-23 00:34 - 00023552 _____ () C:\Program Files (x86)\Real\UpdateService\RealPlayerUpdateSvc.exe 2014-10-23 14:36 - 2012-10-01 14:27 - 00118272 _____ () C:\Program Files (x86)\eMPendium\eMPendiumService.exe 2011-11-25 18:29 - 2011-08-18 16:05 - 02751808 _____ () C:\Program Files (x86)\Dell DataSafe Local Backup\COMPONENTS\SCHEDULER\STSERVICE.EXE 2011-07-28 03:48 - 2011-07-28 03:48 - 00340240 _____ () C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe 2010-03-17 03:28 - 2010-03-17 03:28 - 01926144 _____ () C:\Program Files (x86)\Dell\Stage Remote\QtCore4.dll 2010-03-22 22:52 - 2010-03-22 22:52 - 06776832 _____ () C:\Program Files (x86)\Dell\Stage Remote\QtGui4.dll 2010-03-17 03:28 - 2010-03-17 03:28 - 00635904 _____ () C:\Program Files (x86)\Dell\Stage Remote\QtNetwork4.dll 2010-03-17 03:28 - 2010-03-17 03:28 - 00326144 _____ () C:\Program Files (x86)\Dell\Stage Remote\QtXml4.dll 2011-06-25 06:20 - 2011-06-25 06:20 - 00565968 _____ () C:\Program Files (x86)\Dell\Stage Remote\sqlite3.dll 2011-06-28 02:25 - 2011-06-28 02:25 - 00058944 _____ () C:\Program Files (x86)\Dell\Stage Remote\DataService.dll 2011-06-25 06:21 - 2011-06-25 06:21 - 00322624 _____ () C:\Program Files (x86)\Dell\Stage Remote\en-US\UI\ManagerUI.dll 2010-03-12 02:52 - 2010-03-12 02:52 - 00028160 _____ () C:\Program Files (x86)\Dell\Stage Remote\plugins\imageformats\qgif4.dll 2010-03-05 22:07 - 2010-03-05 22:07 - 00031744 _____ () C:\Program Files (x86)\Dell\Stage Remote\plugins\imageformats\qico4.dll 2010-03-05 22:07 - 2010-03-05 22:07 - 00125952 _____ () C:\Program Files (x86)\Dell\Stage Remote\plugins\imageformats\qjpeg4.dll 2010-03-12 02:52 - 2010-03-12 02:52 - 00225280 _____ () C:\Program Files (x86)\Dell\Stage Remote\plugins\imageformats\qmng4.dll 2014-03-17 11:59 - 2014-03-17 11:59 - 00026488 _____ () C:\Program Files (x86)\MyDrive Connect\DeviceDetection.dll 2014-03-17 11:58 - 2014-03-17 11:58 - 00082808 _____ () C:\Program Files (x86)\MyDrive Connect\TomTomSupporterBase.dll 2014-03-17 11:58 - 2014-03-17 11:58 - 00357752 _____ () C:\Program Files (x86)\MyDrive Connect\TomTomSupporterProxy.dll 2010-11-25 05:44 - 2010-11-25 05:44 - 00375280 _____ () c:\program files (x86)\common files\roxio shared\dllshared\SQLite352.dll 2011-04-30 01:13 - 2011-04-30 01:13 - 07938048 _____ () C:\Program Files (x86)\Dell Stage\Dell Stage\AccuWeather\QtGui4.dll 2011-04-30 01:13 - 2011-04-30 01:13 - 02225664 _____ () C:\Program Files (x86)\Dell Stage\Dell Stage\AccuWeather\QtCore4.dll 2014-06-14 19:24 - 2014-06-14 19:24 - 00861784 _____ () C:\Program Files (x86)\Real\RealPlayer\RPDS\Plugins\cldplin.dll 2014-10-17 07:10 - 2014-10-17 07:10 - 00169472 _____ () C:\windows\assembly\NativeImages_v2.0.50727_32\IsdiInterop\93182e9779b8be0f688fd0784df6d7fb\IsdiInterop.ni.dll 2011-11-25 17:42 - 2010-11-06 06:50 - 00058880 _____ () C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IsdiInterop.dll 2015-01-15 20:11 - 2015-01-15 20:11 - 03925104 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll 2015-01-15 18:58 - 2015-01-15 18:58 - 16844464 _____ () C:\windows\SysWOW64\Macromed\Flash\NPSWF32_16_0_0_257.dll ==================== Alternate Data Streams (whitelisted) ========= (If an entry is included in the fixlist, only the Alternate Data Streams will be removed.) ==================== Safe Mode (whitelisted) =================== (If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.) HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys => ""="Driver" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Wdf01000.sys => ""="Driver" ==================== EXE Association (whitelisted) ============= (If an entry is included in the fixlist, the default will be restored. None default entries will be removed.) ==================== MSCONFIG/TASK MANAGER disabled items ========= (Currently there is no automatic fix for this section.) ========================= Accounts: ========================== Administrator (S-1-5-21-2987063312-1551485774-402213560-500 - Administrator - Disabled) Gość (S-1-5-21-2987063312-1551485774-402213560-501 - Limited - Disabled) HomeGroupUser$ (S-1-5-21-2987063312-1551485774-402213560-1004 - Limited - Enabled) Marta (S-1-5-21-2987063312-1551485774-402213560-1001 - Administrator - Enabled) => C:\Users\Marta UpdatusUser (S-1-5-21-2987063312-1551485774-402213560-1000 - Limited - Enabled) => C:\Users\UpdatusUser ==================== Faulty Device Manager Devices ============= Name: Zewnętrzne urządzenie Bluetooth Description: Zewnętrzne urządzenie Bluetooth Class Guid: Manufacturer: Service: Problem: : The drivers for this device are not installed. (Code 28) Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard. Name: Zewnętrzne urządzenie Bluetooth Description: Zewnętrzne urządzenie Bluetooth Class Guid: Manufacturer: Service: Problem: : The drivers for this device are not installed. (Code 28) Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard. Name: Zewnętrzne urządzenie Bluetooth Description: Zewnętrzne urządzenie Bluetooth Class Guid: Manufacturer: Service: Problem: : The drivers for this device are not installed. (Code 28) Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard. Name: Zewnętrzne urządzenie Bluetooth Description: Zewnętrzne urządzenie Bluetooth Class Guid: Manufacturer: Service: Problem: : The drivers for this device are not installed. (Code 28) Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard. Name: Zewnętrzne urządzenie Bluetooth Description: Zewnętrzne urządzenie Bluetooth Class Guid: Manufacturer: Service: Problem: : The drivers for this device are not installed. (Code 28) Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard. ==================== Event log errors: ========================= Application errors: ================== Error: (01/22/2015 06:47:29 PM) (Source: SideBySide) (EventID: 33) (User: ) Description: Nie można wygenerować kontekstu aktywacji dla "rpshellextension.1.0,language="*",type="win32",version="1.0.0.0"1". Nie można odnaleźć zestawu zależnego rpshellextension.1.0,language="*",type="win32",version="1.0.0.0". Użyj narzędzia sxstrace.exe, aby uzyskać szczegółową diagnozę. Error: (01/22/2015 06:47:29 PM) (Source: SideBySide) (EventID: 33) (User: ) Description: Nie można wygenerować kontekstu aktywacji dla "rpshellextension.1.0,language="*",type="win32",version="1.0.0.0"1". Nie można odnaleźć zestawu zależnego rpshellextension.1.0,language="*",type="win32",version="1.0.0.0". Użyj narzędzia sxstrace.exe, aby uzyskać szczegółową diagnozę. Error: (01/22/2015 06:28:21 PM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (01/22/2015 06:15:15 PM) (Source: SideBySide) (EventID: 33) (User: ) Description: Nie można wygenerować kontekstu aktywacji dla "rpshellextension.1.0,language="*",type="win32",version="1.0.0.0"1". Nie można odnaleźć zestawu zależnego rpshellextension.1.0,language="*",type="win32",version="1.0.0.0". Użyj narzędzia sxstrace.exe, aby uzyskać szczegółową diagnozę. Error: (01/22/2015 06:14:59 PM) (Source: SideBySide) (EventID: 33) (User: ) Description: Nie można wygenerować kontekstu aktywacji dla "rpshellextension.1.0,language="*",type="win32",version="1.0.0.0"1". Nie można odnaleźć zestawu zależnego rpshellextension.1.0,language="*",type="win32",version="1.0.0.0". Użyj narzędzia sxstrace.exe, aby uzyskać szczegółową diagnozę. Error: (01/22/2015 03:00:39 PM) (Source: SideBySide) (EventID: 33) (User: ) Description: Nie można wygenerować kontekstu aktywacji dla "rpshellextension.1.0,language="*",type="win32",version="1.0.0.0"1". Nie można odnaleźć zestawu zależnego rpshellextension.1.0,language="*",type="win32",version="1.0.0.0". Użyj narzędzia sxstrace.exe, aby uzyskać szczegółową diagnozę. Error: (01/22/2015 06:40:17 AM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (01/21/2015 03:49:24 PM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (01/21/2015 07:00:39 AM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (01/21/2015 06:35:25 AM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 System errors: ============= Error: (01/22/2015 06:30:13 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Nie można uruchomić usługi NVIDIA Update Service Daemon z powodu następującego błędu: %%1069 Error: (01/22/2015 06:30:13 PM) (Source: Service Control Manager) (EventID: 7038) (User: ) Description: Usługa nvUpdatusService nie może zalogować się jako .\UpdatusUser za pomocą obecnie skonfigurowanego hasła z powodu następującego błędu: %%1330 Aby upewnić się, że usługa jest skonfigurowana prawidłowo, użyj przystawki Usługi w programie Microsoft Management Console (MMC). Error: (01/22/2015 06:29:59 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Nie można uruchomić usługi Usługa Google Update (gupdate) z powodu następującego błędu: %%2 Error: (01/22/2015 06:25:35 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: ZARZĄDZANIE NT) Description: Nastąpiło nieoczekiwane zatrzymanie modułu rozszerzalności sieci WLAN. Ścieżka modułu: C:\windows\System32\IWMSSvc.dll Error: (01/22/2015 06:25:35 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: ZARZĄDZANIE NT) Description: Nastąpiło nieoczekiwane zatrzymanie modułu rozszerzalności sieci WLAN. Ścieżka modułu: C:\windows\System32\IWMSSvc.dll Error: (01/22/2015 06:25:35 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: ZARZĄDZANIE NT) Description: Nastąpiło nieoczekiwane zatrzymanie modułu rozszerzalności sieci WLAN. Ścieżka modułu: C:\windows\System32\IWMSSvc.dll Error: (01/22/2015 06:25:30 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: ZARZĄDZANIE NT) Description: Nastąpiło nieoczekiwane zatrzymanie modułu rozszerzalności sieci WLAN. Ścieżka modułu: C:\windows\System32\IWMSSvc.dll Error: (01/22/2015 06:23:32 PM) (Source: Service Control Manager) (EventID: 7032) (User: ) Description: Menedżer sterowania usługami próbował podjąć akcję korekcyjną (Uruchom usługę ponownie) po nieoczekiwanym zakończeniu usługi Windows Search, ale ta akcja nie powiodła się przy następującym błędzie: %%1056. Error: (01/22/2015 06:23:00 PM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: Usługa Bluetooth Media Service niespodziewanie zakończyła pracę. Wystąpiło to razy: 1. Error: (01/22/2015 06:23:00 PM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: Usługa Windows Search niespodziewanie zakończyła pracę. Wystąpiło to razy: 1. W przeciągu 30000 milisekund zostanie podjęta następująca czynność korekcyjna: Uruchom usługę ponownie. Microsoft Office Sessions: ========================= Error: (05/12/2014 03:54:27 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: ) Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6695.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 3675 seconds with 1020 seconds of active time. This session ended with a crash. Error: (04/07/2014 06:01:14 AM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: ) Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6690.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 35956 seconds with 0 seconds of active time. This session ended with a crash. Error: (01/24/2014 07:22:04 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: ) Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6690.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 576 seconds with 60 seconds of active time. This session ended with a crash. Error: (01/03/2014 09:20:04 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: ) Description: ID: 3, Application Name: Microsoft Office PowerPoint, Application Version: 12.0.6600.1000, Microsoft Office Version: 12.0.6612.1000. This session lasted 6 seconds with 0 seconds of active time. This session ended with a crash. Error: (01/03/2014 09:19:39 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: ) Description: ID: 3, Application Name: Microsoft Office PowerPoint, Application Version: 12.0.6600.1000, Microsoft Office Version: 12.0.6612.1000. This session lasted 21 seconds with 0 seconds of active time. This session ended with a crash. Error: (10/27/2013 11:39:41 AM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: ) Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6683.5002, Microsoft Office Version: 12.0.6612.1000. This session lasted 367 seconds with 120 seconds of active time. This session ended with a crash. Error: (10/22/2013 09:11:04 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: ) Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6683.5002, Microsoft Office Version: 12.0.6612.1000. This session lasted 15033 seconds with 3180 seconds of active time. This session ended with a crash. CodeIntegrity Errors: =================================== Date: 2014-06-29 15:41:40.372 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Users\Marta\AppData\Local\Temp\EverestDriver.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2014-06-29 15:41:40.325 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Users\Marta\AppData\Local\Temp\EverestDriver.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2014-06-29 15:41:39.967 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files (x86)\Lavalys\EVEREST Home Edition\kerneld.amd64 because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2014-06-29 15:41:39.920 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files (x86)\Lavalys\EVEREST Home Edition\kerneld.amd64 because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. ==================== Memory info =========================== Processor: Intel(R) Core(TM) i5-2450M CPU @ 2.50GHz Percentage of memory in use: 56% Total physical RAM: 4002.05 MB Available physical RAM: 1752.81 MB Total Pagefile: 8002.28 MB Available Pagefile: 5313.41 MB Total Virtual: 8192 MB Available Virtual: 8191.85 MB ==================== Drives ================================ Drive c: (OS) (Fixed) (Total:451.01 GB) (Free:315.91 GB) NTFS ==================== MBR & Partition Table ================== ======================================================== Disk: 0 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: DD9A6B83) Partition 1: (Not Active) - (Size=100 MB) - (Type=DE) Partition 2: (Active) - (Size=14.6 GB) - (Type=07 NTFS) Partition 3: (Not Active) - (Size=451 GB) - (Type=07 NTFS) ==================== End Of Log ============================