Additional scan result of Farbar Recovery Scan Tool (x64) Version:25-07-2015 Ran by Tadeusz at 2015-07-25 15:15:07 Running from C:\Users\Tadeusz\Downloads Boot Mode: Normal ========================================================== ==================== Accounts: ============================= Administrator (S-1-5-21-2944422745-3718675205-452331776-500 - Administrator - Disabled) Gość (S-1-5-21-2944422745-3718675205-452331776-501 - Limited - Disabled) Tadeusz (S-1-5-21-2944422745-3718675205-452331776-1001 - Administrator - Enabled) => C:\Users\Tadeusz ==================== Security Center ======================== (If an entry is included in the fixlist, it will be removed.) AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} ==================== Installed Programs ====================== (Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.) AccelerometerP11 (HKLM-x32\...\{87434D51-51DB-4109-B68F-A829ECDCF380}) (Version: 2.00.10.33 - STMicroelectronics) Adobe Flash Player 18 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 18.0.0.209 - Adobe Systems Incorporated) Adobe Flash Player 18 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 18.0.0.209 - Adobe Systems Incorporated) Brother MFL-Pro Suite DCP-J552DW (HKLM-x32\...\{7B4C83B6-17C1-4BFD-B86D-4D7AD4498CBB}) (Version: 1.0.4.0 - Brother Industries, Ltd.) Dell Backup and Recovery (HKLM-x32\...\{0ED7EE95-6A97-47AA-AD73-152C08A15B04}) (Version: 1.7.5.60 - Dell Inc.) Dell Data Services (HKLM\...\{90F9BFC9-A2A9-403F-9A40-1063FAD035BA}) (Version: 1.1.6.0 - Dell Inc.) Dell Data Vault (Version: 4.2.2.0 - Dell Inc.) Hidden Dell Digital Delivery (HKLM-x32\...\{D850CB7E-72BC-4510-BA4F-48932BFAB295}) (Version: 2.9.901.0 - Dell Products, LP) Dell Foundation Services (HKLM\...\{76966FD2-4189-41F1-9CF6-9D177B4DEC97}) (Version: 2.0.42.1 - Dell Inc.) Dell Product Registration (HKLM-x32\...\{24F2AD94-CC1B-4294-B184-D4D31A3186A7}) (Version: 2.42.0012 - Aviata Inc.) Dell SupportAssist (HKLM\...\PC-Doctor for Windows) (Version: 1.1.6664.10 - Dell) Dell SupportAssistAgent (HKLM-x32\...\{287348C8-8B47-4C36-AF28-441A3B7D8722}) (Version: 1.0.2.57295 - Dell) Dell Touchpad (HKLM\...\SynTPDeinstKey) (Version: 18.1.2.3 - Synaptics Incorporated) Dell Update (HKLM-x32\...\{D9E0A33F-19D6-45A7-83BB-535C7B5F699B}) (Version: 1.5.3000.0 - Dell Inc.) Dell WLAN and Bluetooth Client Installation (HKLM-x32\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 10.0 - Dell Inc.) Dropbox (HKU\S-1-5-21-2944422745-3718675205-452331776-1001\...\Dropbox) (Version: 3.6.9 - Dropbox, Inc.) Dropbox 20 GB (HKLM-x32\...\{597A58EC-42D6-4940-8739-FB94491B013C}) (Version: 0.9.0 - Dropbox, Inc.) GFaktura 1.0 (HKLM-x32\...\{79EDD937-FD3C-4493-8455-11394E9DF50E}) (Version: 1.0.0 - GFaktura) Google Chrome (HKLM-x32\...\Google Chrome) (Version: 44.0.2403.89 - Google Inc.) Google Update Helper (x32 Version: 1.3.24.7 - Google Inc.) Hidden Google Update Helper (x32 Version: 1.3.28.1 - Google Inc.) Hidden Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3408 - Intel Corporation) LibreOffice 4.4.3.2 (HKLM-x32\...\{A651A592-2F6C-4D66-AEA8-9BFE4B61BCB3}) (Version: 4.4.3.2 - The Document Foundation) Microsoft SQL Server Compact 3.5 SP2 ENU (HKLM-x32\...\{3A9FC03D-C685-4831-94CF-4EDFD3749497}) (Version: 3.5.8080.0 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319 (HKLM\...\{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}) (Version: 10.0.30319 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319 (HKLM-x32\...\{196BB40D-1578-3D01-B289-BEFC77A11A1E}) (Version: 10.0.30319 - Microsoft Corporation) Mozilla Firefox 39.0 (x86 pl) (HKLM-x32\...\Mozilla Firefox 39.0 (x86 pl)) (Version: 39.0 - Mozilla) Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 36.0 - Mozilla) My Dell Client Framework (HKLM-x32\...\InstallShield_{05F1B866-2372-4E82-9AA8-C64FB11CEF8B}) (Version: 1.0.0.3 - Dell) My Dell Client Framework (x32 Version: 1.0.0.3 - Dell) Hidden Opera Stable 30.0.1835.125 (HKLM-x32\...\Opera 30.0.1835.125) (Version: 30.0.1835.125 - Opera Software) Picexa (HKLM-x32\...\Picexa) (Version: - Taiwan Shui Mu Chih Ching Technology Limited) Qualcomm Atheros Bluetooth Suite (64) (HKLM\...\{A84A4FB1-D703-48DB-89E0-68B6499D2801}) (Version: 8.0.1.318 - Qualcomm Atheros Communications) Quickset64 (HKLM\...\{87CF757E-C1F1-4D22-865C-00C6950B5258}) (Version: 11.1.21 - Dell Inc.) Real Alternative 2.0.2 (HKLM-x32\...\RealAlt_is1) (Version: 2.0.2 - ) RealDownloader (x32 Version: 17.0.15.7 - RealNetworks) Hidden RealNetworks - Microsoft Visual C++ 2008 Runtime (x32 Version: 9.0 - RealNetworks, Inc) Hidden RealNetworks - Microsoft Visual C++ 2010 Runtime (Version: 10.0 - RealNetworks, Inc) Hidden RealNetworks - Microsoft Visual C++ 2010 Runtime (x32 Version: 10.0 - RealNetworks, Inc) Hidden Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7283 - Realtek Semiconductor Corp.) Skype™ 7.2 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.2.103 - Skype Technologies S.A.) ST Microelectronics 3 Axis Digital Accelerometer Solution (HKLM-x32\...\{9C24F411-9CA7-4A8A-91F3-F08A4A38EB31}) (Version: 4.11.0052 - ST Microelectronics) Tachospeed 2.681 standalone (HKLM-x32\...\TachoSpeed) (Version: 2.681 - ) Unchecky v0.3.8 (HKLM-x32\...\Unchecky) (Version: 0.3.8 - RaMMicHaeL) Video Downloader (x32 Version: 1.0.0 - RealNetworks) Hidden ==================== Custom CLSID (Whitelisted): ========================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) CustomCLSID: HKU\S-1-5-21-2944422745-3718675205-452331776-1001_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Tadeusz\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-2944422745-3718675205-452331776-1001_Classes\CLSID\{ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C}\InprocServer32 -> C:\Users\Tadeusz\AppData\Roaming\Dropbox\bin\DropboxExt64.26.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-2944422745-3718675205-452331776-1001_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Tadeusz\AppData\Roaming\Dropbox\bin\DropboxExt64.26.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-2944422745-3718675205-452331776-1001_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Tadeusz\AppData\Roaming\Dropbox\bin\DropboxExt64.26.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-2944422745-3718675205-452331776-1001_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Tadeusz\AppData\Roaming\Dropbox\bin\DropboxExt64.26.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-2944422745-3718675205-452331776-1001_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Tadeusz\AppData\Roaming\Dropbox\bin\DropboxExt64.26.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-2944422745-3718675205-452331776-1001_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Tadeusz\AppData\Roaming\Dropbox\bin\DropboxExt64.26.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-2944422745-3718675205-452331776-1001_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Tadeusz\AppData\Roaming\Dropbox\bin\DropboxExt64.26.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-2944422745-3718675205-452331776-1001_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Tadeusz\AppData\Roaming\Dropbox\bin\DropboxExt64.26.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-2944422745-3718675205-452331776-1001_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Tadeusz\AppData\Roaming\Dropbox\bin\DropboxExt64.26.dll (Dropbox, Inc.) ==================== Restore Points ========================= 28-06-2015 13:35:25 Installed LibreOffice 4.4.3.2 12-07-2015 13:04:55 Windows Update 15-07-2015 21:40:46 Windows Update 22-07-2015 15:33:19 Windows Update 22-07-2015 15:34:30 Instalator modułów systemu Windows ==================== Hosts content: ========================== (If needed Hosts: directive could be included in the fixlist to reset Hosts.) 2013-08-22 15:25 - 2015-07-22 22:23 - 00001993 ____A C:\Windows\system32\Drivers\etc\hosts 0.0.0.0 0.0.0.0 # fix for traceroute and netstat display anomaly 0.0.0.0 tracking.opencandy.com.s3.amazonaws.com 0.0.0.0 media.opencandy.com 0.0.0.0 cdn.opencandy.com 0.0.0.0 tracking.opencandy.com 0.0.0.0 api.opencandy.com 0.0.0.0 installer.betterinstaller.com 0.0.0.0 installer.filebulldog.com 0.0.0.0 d3oxtn1x3b8d7i.cloudfront.net 0.0.0.0 inno.bisrv.com 0.0.0.0 nsis.bisrv.com 0.0.0.0 cdn.file2desktop.com 0.0.0.0 cdn.goateastcach.us 0.0.0.0 cdn.guttastatdk.us 0.0.0.0 cdn.inskinmedia.com 0.0.0.0 cdn.insta.oibundles2.com 0.0.0.0 cdn.insta.playbryte.com 0.0.0.0 cdn.llogetfastcach.us 0.0.0.0 cdn.montiera.com 0.0.0.0 cdn.msdwnld.com 0.0.0.0 cdn.mypcbackup.com 0.0.0.0 cdn.ppdownload.com 0.0.0.0 cdn.riceateastcach.us 0.0.0.0 cdn.shyapotato.us 0.0.0.0 cdn.solimba.com 0.0.0.0 cdn.tuto4pc.com 0.0.0.0 cdn.appround.biz 0.0.0.0 cdn.bigspeedpro.com 0.0.0.0 cdn.bispd.com There are 4 more lines. ==================== Scheduled Tasks (Whitelisted) ============= (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) Task: {26F7D735-6132-46F9-95A7-D4EB55330520} - System32\Tasks\RealDownloaderRealUpgradeLogonTaskS-1-5-21-2944422745-3718675205-452331776-1001 => C:\Program Files (x86)\RealNetworks\RealDownloader\RealUpgrade.exe Task: {296FE578-5A00-4BCF-9DD7-A27063412806} - System32\Tasks\Synaptics TouchPad Enhancements => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2014-03-11] (Synaptics Incorporated) Task: {2D0BAE89-E01C-4D93-A992-BF9BE0E31371} - System32\Tasks\RealDownloaderRealUpgradeScheduledTaskS-1-5-21-2944422745-3718675205-452331776-1001 => C:\Program Files (x86)\RealNetworks\RealDownloader\RealUpgrade.exe Task: {3CC1C719-CD15-49F9-8E64-4613399D69C9} - System32\Tasks\Dell\Dell Product Registration => C:\Program Files (x86)\Dell Product Registration\prodreg.exe [2014-10-31] (Aviata Inc) Task: {51BC936C-EAB0-465F-BE5A-48DAFEC6DE32} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_18_0_0_209_pepper.exe [2015-07-24] (Adobe Systems Incorporated) Task: {601BC439-56E5-4721-8AD0-8CC554F5D5C7} - System32\Tasks\RtHDVBg_PushButton => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2014-07-01] (Realtek Semiconductor) Task: {7AA3820D-C8C5-4B80-B02F-712369621E7E} - System32\Tasks\Opera scheduled Autoupdate 1425245899 => C:\Program Files (x86)\Opera\launcher.exe [2015-07-10] (Opera Software) Task: {8CD460F5-1AF1-4C46-BAA8-040AC1968979} - System32\Tasks\PCDEventLauncherTask => C:\Program Files\Dell\SupportAssist\sessionchecker.exe [2015-05-25] (PC-Doctor, Inc.) Task: {96B9C6B7-21F7-4AE9-A80E-2A5A3A785FCC} - System32\Tasks\SystemToolsDailyTest => uaclauncher.exe Task: {970121DD-D215-4E97-B55E-63D046516A3E} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-07-24] (Adobe Systems Incorporated) Task: {C5F5631B-22F8-4D07-A282-6087DA457559} - System32\Tasks\Dell\Dell Product Registration Update => C:\Program Files (x86)\Dell Product Registration\prodreg.exe [2014-10-31] (Aviata Inc) Task: {DD3659C4-5BA6-49E0-8602-01F2C79977F9} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-07-23] (Google Inc.) Task: {E158BB7F-31C0-4EAD-8C40-05273FC2CBC0} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-07-23] (Google Inc.) Task: {EAF3DE76-D422-4F51-A3CA-6C4C0EB73E0B} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\Windows\system32\MRT.exe [2015-07-03] (Microsoft Corporation) Task: {F4C9466C-FCE8-40AA-B581-0ECB7288F33F} - System32\Tasks\PCDoctorBackgroundMonitorTask => C:\Program Files\Dell\SupportAssist\uaclauncher.exe [2015-05-25] (PC-Doctor, Inc.) Task: {FA3A2A35-0682-4B73-B6EF-BBBF04308CDF} - System32\Tasks\Dell SupportAssistAgent AutoUpdate => C:\Program Files (x86)\Dell\SupportAssistAgent\bin\SupportAssist.exe [2015-03-04] (Dell Inc.) (If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.) Task: C:\Windows\Tasks\Adobe Flash Player PPAPI Notifier.job => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_18_0_0_209_pepper.exe Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe Task: C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-2944422745-3718675205-452331776-1001Core1d0c25549d77436.job => C:\Users\Tadeusz\AppData\Local\Dropbox\Update\DropboxUpdate.exe Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe ==================== Loaded Modules (Whitelisted) ============== 2015-05-30 21:31 - 2005-04-22 06:36 - 00143360 _____ () C:\Windows\system32\BrSNMP64.dll 2014-12-22 19:06 - 2014-06-04 16:02 - 00020256 _____ () C:\Program Files (x86)\Dell Backup and Recovery\Components\Shell\DBROverlayIcon.dll 2014-12-22 19:06 - 2014-06-04 16:02 - 00019744 _____ () C:\Program Files (x86)\Dell Backup and Recovery\Components\Shell\DBROverlayNotBackuped.dll 2014-12-22 19:06 - 2014-06-04 16:03 - 00035104 _____ () C:\Program Files (x86)\Dell Backup and Recovery\Components\Shell\DBRShellExtension.dll 2015-07-05 11:10 - 2015-07-05 11:10 - 00183296 _____ () C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20911_x64__8wekyb3d8bbwe\ErrorReporting.dll 2014-02-26 01:46 - 2014-02-26 01:46 - 00011264 _____ () C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\Modules\ActivateDesktopDebugger\ActivateDesktopDebugger.dll 2014-02-26 01:43 - 2014-02-26 01:43 - 00086016 _____ () C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\Modules\Map\MAP.dll 2014-02-26 01:50 - 2014-02-26 01:50 - 00012928 _____ () C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\ActivateDesktop.exe 2015-06-24 18:05 - 2015-05-20 03:26 - 00107256 _____ () C:\Program Files\Dell\SupportAssist\libCSharpCommonCS.dll 2015-06-24 18:05 - 2015-05-20 03:26 - 00553720 _____ () C:\Program Files\Dell\SupportAssist\libAsapiCSharp.dll 2015-07-22 22:24 - 2015-07-22 22:24 - 00043008 _____ () c:\users\tadeusz\appdata\local\temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpjj8tlp.dll 2015-03-04 23:45 - 2015-03-19 09:15 - 00750080 _____ () C:\Users\Tadeusz\AppData\Roaming\Dropbox\bin\libGLESv2.dll 2015-03-04 23:45 - 2015-03-19 09:15 - 00047616 _____ () C:\Users\Tadeusz\AppData\Roaming\Dropbox\bin\libEGL.dll 2015-03-04 23:45 - 2015-03-19 09:15 - 00865280 _____ () C:\Users\Tadeusz\AppData\Roaming\Dropbox\bin\plugins\platforms\qwindows.dll 2015-03-04 23:45 - 2015-03-19 09:15 - 00200704 _____ () C:\Users\Tadeusz\AppData\Roaming\Dropbox\bin\plugins\imageformats\qjpeg.dll 2015-03-04 23:45 - 2015-03-19 09:15 - 00010240 _____ () C:\Users\Tadeusz\AppData\Roaming\Dropbox\bin\QtQuick.2\qtquick2plugin.dll 2015-03-04 23:45 - 2015-03-19 09:15 - 00726016 _____ () C:\Users\Tadeusz\AppData\Roaming\Dropbox\bin\QtQuick\Controls\qtquickcontrolsplugin.dll 2015-03-04 23:45 - 2015-03-19 09:15 - 00010240 _____ () C:\Users\Tadeusz\AppData\Roaming\Dropbox\bin\QtQuick\Window.2\windowplugin.dll 2015-07-23 13:45 - 2015-07-14 07:55 - 01405768 _____ () C:\Program Files (x86)\Google\Chrome\Application\44.0.2403.89\libglesv2.dll 2015-07-23 13:45 - 2015-07-14 07:55 - 00081224 _____ () C:\Program Files (x86)\Google\Chrome\Application\44.0.2403.89\libegl.dll 2015-07-14 23:19 - 2015-07-14 23:19 - 00157304 _____ () C:\Program Files (x86)\Opera\30.0.1835.125\message_center_win8.dll 2015-07-14 23:19 - 2015-07-14 23:19 - 01649272 _____ () C:\Program Files (x86)\Opera\30.0.1835.125\libglesv2.dll 2015-07-14 23:19 - 2015-07-14 23:19 - 00081016 _____ () C:\Program Files (x86)\Opera\30.0.1835.125\libegl.dll ==================== Alternate Data Streams (Whitelisted) ========= (If an entry is included in the fixlist, only the ADS will be removed.) AlternateDataStreams: C:\Users\Tadeusz\OneDrive:ms-properties AlternateDataStreams: C:\Users\Tadeusz\OneDrive.old:ms-properties ==================== Safe Mode (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.) HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\iaioi2ce.sys => ""="Driver" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => ""="" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\McMPFSvc => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => ""="" ==================== EXE Association (Whitelisted) =============== (If an entry is included in the fixlist, the registry item will be restored to default or removed.) ==================== Internet Explorer trusted/restricted =============== (If an entry is included in the fixlist, it will be removed from the registry.) ==================== Other Areas ============================ (Currently there is no automatic fix for this section.) HKU\S-1-5-21-2944422745-3718675205-452331776-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Tadeusz\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper DNS Servers: 192.168.1.1 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1) Windows Firewall is enabled. ==================== MSCONFIG/TASK MANAGER disabled items == (Currently there is no automatic fix for this section.) MSCONFIG\Services: AdobeFlashPlayerUpdateSvc => 3 MSCONFIG\Services: AERTFilters => 2 MSCONFIG\Services: Dell Data Services => 2 MSCONFIG\Services: Dell Foundation Services => 2 MSCONFIG\Services: DellDataVault => 2 MSCONFIG\Services: DellDataVaultWiz => 2 MSCONFIG\Services: DellDigitalDelivery => 2 MSCONFIG\Services: DellProdRegManager => 3 MSCONFIG\Services: DellUpdate => 2 MSCONFIG\Services: My Dell Client Framework => 2 MSCONFIG\Services: SftService => 2 MSCONFIG\Services: SupportAssistAgent => 2 MSCONFIG\Services: WavesSysSvc => 2 HKLM\...\StartupApproved\Run: => "Persistence" HKLM\...\StartupApproved\Run: => "QuickSet" HKLM\...\StartupApproved\Run32: => "RealDownloader" HKLM\...\StartupApproved\Run32: => "TkBellExe" HKLM\...\StartupApproved\Run32: => "BrHelp" HKLM\...\StartupApproved\Run32: => "ControlCenter4" HKLM\...\StartupApproved\Run32: => "BrStsMon00" HKU\S-1-5-21-2944422745-3718675205-452331776-1001\...\StartupApproved\Run: => "Skype" ==================== FirewallRules (Whitelisted) =============== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139 FirewallRules: [{4B43CE95-1ACA-4E58-A316-3DE08DC5D928}] => (Allow) C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe FirewallRules: [{E9E41C03-AEA9-48CF-896D-3A61D9A41C5B}] => (Allow) C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe FirewallRules: [{47F5E08A-9149-4A3B-B485-7D6AB328BC17}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe FirewallRules: [{0641B504-8512-4B9B-A611-5D1EF3E4304A}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe FirewallRules: [{B7F910E4-B706-4659-B0FE-5EC2EF1ABAB0}] => (Allow) C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe FirewallRules: [{3427602C-26A6-4242-8B9B-A2C28E5DE806}] => (Allow) C:\Users\Tadeusz\AppData\Roaming\Dropbox\bin\Dropbox.exe FirewallRules: [{24FDF6F5-BF4E-494E-9390-3E32A93610B4}] => (Allow) C:\Users\Tadeusz\AppData\Roaming\Dropbox\bin\Dropbox.exe FirewallRules: [TCP Query User{6D7B75DB-28A6-4389-B94F-BAA1E2E1E520}C:\users\tadeusz\appdata\roaming\dropbox\bin\dropbox.exe] => (Block) C:\users\tadeusz\appdata\roaming\dropbox\bin\dropbox.exe FirewallRules: [UDP Query User{DB53A8B7-A98F-4203-8CF7-A947E2DFEEB3}C:\users\tadeusz\appdata\roaming\dropbox\bin\dropbox.exe] => (Block) C:\users\tadeusz\appdata\roaming\dropbox\bin\dropbox.exe FirewallRules: [TCP Query User{C6BC7F48-9AEA-40EB-A79B-63AB16FBCE35}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe FirewallRules: [UDP Query User{140B05D0-0DE0-4D64-A5FC-D261EAFD1A85}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe FirewallRules: [{F0F0E602-C979-4551-96D8-8B80906F8C82}] => (Allow) LPort=54925 FirewallRules: [{EB5B4BD5-F918-497E-AC7A-C1D8964A65B9}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe ==================== Faulty Device Manager Devices ============= ==================== Event log errors: ========================= Application errors: ================== Error: (07/25/2015 03:15:20 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Nazwa aplikacji powodującej błąd: jhnmqgsg.exe, wersja: 2.1.19357.0, sygnatura czasowa: 0x52e7ea83 Nazwa modułu powodującego błąd: jhnmqgsg.exe, wersja: 2.1.19357.0, sygnatura czasowa: 0x52e7ea83 Kod wyjątku: 0xc0000005 Przesunięcie błędu: 0x000011aa Identyfikator procesu powodującego błąd: 0xfbc Godzina uruchomienia aplikacji powodującej błąd: 0xjhnmqgsg.exe0 Ścieżka aplikacji powodującej błąd: jhnmqgsg.exe1 Ścieżka modułu powodującego błąd: jhnmqgsg.exe2 Identyfikator raportu: jhnmqgsg.exe3 Pełna nazwa pakietu powodującego błąd: jhnmqgsg.exe4 Identyfikator aplikacji względem pakietu powodującego błąd: jhnmqgsg.exe5 Error: (07/25/2015 03:14:42 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Nazwa aplikacji powodującej błąd: jhnmqgsg.exe, wersja: 2.1.19357.0, sygnatura czasowa: 0x52e7ea83 Nazwa modułu powodującego błąd: jhnmqgsg.exe, wersja: 2.1.19357.0, sygnatura czasowa: 0x52e7ea83 Kod wyjątku: 0xc0000005 Przesunięcie błędu: 0x000011aa Identyfikator procesu powodującego błąd: 0x20e0 Godzina uruchomienia aplikacji powodującej błąd: 0xjhnmqgsg.exe0 Ścieżka aplikacji powodującej błąd: jhnmqgsg.exe1 Ścieżka modułu powodującego błąd: jhnmqgsg.exe2 Identyfikator raportu: jhnmqgsg.exe3 Pełna nazwa pakietu powodującego błąd: jhnmqgsg.exe4 Identyfikator aplikacji względem pakietu powodującego błąd: jhnmqgsg.exe5 Error: (07/25/2015 03:07:29 PM) (Source: Application Hang) (EventID: 1002) (User: ) Description: Program wwahost.exe w wersji 6.3.9600.17415 przestał współpracować z systemem Windows i został zamknięty. Aby sprawdzić, czy jest dostępnych więcej informacji na temat tego problemu, sprawdź historię problemu w aplecie Centrum akcji w Panelu sterowania. Identyfikator procesu: 2208 Godzina rozpoczęcia: 01d0c6dac19a1bec Godzina zakończenia: 4294967295 Ścieżka aplikacji: C:\Windows\system32\wwahost.exe Identyfikator raportu: 18a3bd84-32ce-11e5-8275-4cbb5849fb9d Pełna nazwa pakietu powodującego błąd: Microsoft.BingNews_3.0.4.336_x64__8wekyb3d8bbwe Identyfikator aplikacji względem pakietu powodującego błąd: AppexNews Error: (07/25/2015 03:07:26 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 2484) (User: TADEUSZ) Description: Działanie pakietu Microsoft.BingNews_3.0.4.336_x64__8wekyb3d8bbwe+AppexNews zostało zakończone, ponieważ operacja wstrzymywania pakietu trwała zbyt długo. Error: (07/25/2015 03:06:38 PM) (Source: Application Hang) (EventID: 1002) (User: ) Description: Program wwahost.exe w wersji 6.3.9600.17415 przestał współpracować z systemem Windows i został zamknięty. Aby sprawdzić, czy jest dostępnych więcej informacji na temat tego problemu, sprawdź historię problemu w aplecie Centrum akcji w Panelu sterowania. Identyfikator procesu: 1a94 Godzina rozpoczęcia: 01d0c6d8460ed504 Godzina zakończenia: 4294967295 Ścieżka aplikacji: C:\Windows\syswow64\wwahost.exe Identyfikator raportu: f6488aef-32cd-11e5-8275-4cbb5849fb9d Pełna nazwa pakietu powodującego błąd: Microsoft.SkypeApp_3.1.0.1016_x86__kzf8qxf38zg5c Identyfikator aplikacji względem pakietu powodującego błąd: App Error: (07/24/2015 12:46:35 PM) (Source: Customer Experience Improvement Program) (EventID: 1008) (User: ) Description: 80070005 Error: (07/24/2015 11:59:35 AM) (Source: Customer Experience Improvement Program) (EventID: 1008) (User: ) Description: 80070005 Error: (07/22/2015 10:26:43 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Nazwa aplikacji powodującej błąd: uninst.exe, wersja: 9.1.3.126, sygnatura czasowa: 0x4bc06ccb Nazwa modułu powodującego błąd: z\AppData\Local\Temp\uninst.exe!GetFileVersionInfoSizeW, wersja: 6.3.9600.17736, sygnatura czasowa: 0x550f42c2 Kod wyjątku: 0xc0000139 Przesunięcie błędu: 0x0009d4f2 Identyfikator procesu powodującego błąd: 0x1494 Godzina uruchomienia aplikacji powodującej błąd: 0xuninst.exe0 Ścieżka aplikacji powodującej błąd: uninst.exe1 Ścieżka modułu powodującego błąd: uninst.exe2 Identyfikator raportu: uninst.exe3 Pełna nazwa pakietu powodującego błąd: uninst.exe4 Identyfikator aplikacji względem pakietu powodującego błąd: uninst.exe5 Error: (07/20/2015 08:50:40 AM) (Source: Customer Experience Improvement Program) (EventID: 1008) (User: ) Description: 80070005 Error: (07/19/2015 12:55:57 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: TADEUSZ) Description: Aktywacja aplikacji Microsoft.BingMaps_8wekyb3d8bbwe!AppexMaps nie powiodła się. Błąd: -2144927142. Więcej informacji można znaleźć w dzienniku Microsoft-Windows-TWinUI/Działa. System errors: ============= Error: (07/24/2015 02:18:12 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: ZARZĄDZANIE NT) Description: Instalacja nie powiodła się: system Windows nie mógł zainstalować następującej aktualizacji, ponieważ wystąpił błąd 0x80010108: 64885BlueEdge.OneCalendar. Error: (07/22/2015 10:26:08 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Nie można uruchomić usługi AppX Deployment Service (AppXSVC) z powodu następującego błędu: %%1053 Error: (07/22/2015 10:26:08 PM) (Source: Service Control Manager) (EventID: 7009) (User: ) Description: Upłynął limit czasu (30000 ms) podczas oczekiwania na połączenie się z usługą AppX Deployment Service (AppXSVC). Error: (07/22/2015 10:25:38 PM) (Source: Service Control Manager) (EventID: 7011) (User: ) Description: Upłynął limit czasu (30000 ms) podczas oczekiwania na odpowiedź transakcji z usługi WSearch. Error: (07/22/2015 10:19:43 PM) (Source: DCOM) (EventID: 10010) (User: TADEUSZ) Description: {4545DEA0-2DFC-4906-A728-6D986BA399A9} Error: (07/22/2015 10:19:43 PM) (Source: DCOM) (EventID: 10010) (User: TADEUSZ) Description: {4545DEA0-2DFC-4906-A728-6D986BA399A9} Error: (07/22/2015 10:19:41 PM) (Source: DCOM) (EventID: 10010) (User: TADEUSZ) Description: {4AA0A5C4-1B9B-4F2E-99D7-99C6AEC83474} Error: (07/22/2015 10:19:41 PM) (Source: DCOM) (EventID: 10010) (User: TADEUSZ) Description: {4AA0A5C4-1B9B-4F2E-99D7-99C6AEC83474} Error: (07/22/2015 10:19:41 PM) (Source: DCOM) (EventID: 10010) (User: TADEUSZ) Description: {4AA0A5C4-1B9B-4F2E-99D7-99C6AEC83474} Error: (07/22/2015 10:19:41 PM) (Source: DCOM) (EventID: 10010) (User: TADEUSZ) Description: {4AA0A5C4-1B9B-4F2E-99D7-99C6AEC83474} Microsoft Office: ========================= Error: (07/25/2015 03:15:20 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: jhnmqgsg.exe2.1.19357.052e7ea83jhnmqgsg.exe2.1.19357.052e7ea83c0000005000011aafbc01d0c6dbf18fda64C:\Users\Tadeusz\Downloads\gm(1)\jhnmqgsg.exeC:\Users\Tadeusz\Downloads\gm(1)\jhnmqgsg.exe32db41c8-32cf-11e5-8275-4cbb5849fb9d Error: (07/25/2015 03:14:42 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: jhnmqgsg.exe2.1.19357.052e7ea83jhnmqgsg.exe2.1.19357.052e7ea83c0000005000011aa20e001d0c6dbd4b86128C:\Users\Tadeusz\Downloads\gm(1)\jhnmqgsg.exeC:\Users\Tadeusz\Downloads\gm(1)\jhnmqgsg.exe1be03bbe-32cf-11e5-8275-4cbb5849fb9d Error: (07/25/2015 03:07:29 PM) (Source: Application Hang) (EventID: 1002) (User: ) Description: wwahost.exe6.3.9600.17415220801d0c6dac19a1bec4294967295C:\Windows\system32\wwahost.exe18a3bd84-32ce-11e5-8275-4cbb5849fb9dMicrosoft.BingNews_3.0.4.336_x64__8wekyb3d8bbweAppexNews Error: (07/25/2015 03:07:26 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 2484) (User: TADEUSZ) Description: Microsoft.BingNews_3.0.4.336_x64__8wekyb3d8bbwe+AppexNews Error: (07/25/2015 03:06:38 PM) (Source: Application Hang) (EventID: 1002) (User: ) Description: wwahost.exe6.3.9600.174151a9401d0c6d8460ed5044294967295C:\Windows\syswow64\wwahost.exef6488aef-32cd-11e5-8275-4cbb5849fb9dMicrosoft.SkypeApp_3.1.0.1016_x86__kzf8qxf38zg5cApp Error: (07/24/2015 12:46:35 PM) (Source: Customer Experience Improvement Program) (EventID: 1008) (User: ) Description: 80070005 Error: (07/24/2015 11:59:35 AM) (Source: Customer Experience Improvement Program) (EventID: 1008) (User: ) Description: 80070005 Error: (07/22/2015 10:26:43 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: uninst.exe9.1.3.1264bc06ccbz\AppData\Local\Temp\uninst.exe!GetFileVersionInfoSizeW6.3.9600.17736550f42c2c00001390009d4f2149401d0c4bcb6f89aa8C:\Users\Tadeusz\AppData\Local\Temp\uninst.exez\AppData\Local\Temp\uninst.exef71c5718-30af-11e5-8275-4cbb5849fb9d Error: (07/20/2015 08:50:40 AM) (Source: Customer Experience Improvement Program) (EventID: 1008) (User: ) Description: 80070005 Error: (07/19/2015 12:55:57 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: TADEUSZ) Description: Microsoft.BingMaps_8wekyb3d8bbwe!AppexMaps-2144927142 ==================== Memory info =========================== Processor: Intel(R) Pentium(R) CPU N3530 @ 2.16GHz Percentage of memory in use: 70% Total physical RAM: 3979.2 MB Available physical RAM: 1167.17 MB Total Virtual: 5164.16 MB Available Virtual: 864.32 MB ==================== Drives ================================ Drive c: (OS) (Fixed) (Total:458.41 GB) (Free:410.18 GB) NTFS Drive e: (ESP) (Fixed) (Total:0.48 GB) (Free:0.43 GB) FAT32 Drive x: (WINRETOOLS) (Fixed) (Total:0.73 GB) (Free:0.32 GB) NTFS Drive y: (PBR Image) (Fixed) (Total:5.97 GB) (Free:0.74 GB) NTFS ==================== MBR & Partition Table ================== ======================================================== Disk: 0 (Size: 465.8 GB) (Disk ID: 03844EC0) Partition: GPT Partition Type. ==================== End of log ============================