Additional scan result of Farbar Recovery Scan Tool (x64) Version:25-07-2015
Ran by Tadeusz at 2015-07-27 15:05:28
Running from C:\Users\Tadeusz\Downloads
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-2944422745-3718675205-452331776-500 - Administrator - Disabled)
Gość (S-1-5-21-2944422745-3718675205-452331776-501 - Limited - Disabled)
Tadeusz (S-1-5-21-2944422745-3718675205-452331776-1001 - Administrator - Enabled) => C:\Users\Tadeusz

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

AccelerometerP11 (HKLM-x32\...\{87434D51-51DB-4109-B68F-A829ECDCF380}) (Version: 2.00.10.33 - STMicroelectronics)
Adobe Flash Player 18 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 18.0.0.209 - Adobe Systems Incorporated)
Adobe Flash Player 18 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 18.0.0.209 - Adobe Systems Incorporated)
Brother MFL-Pro Suite DCP-J552DW (HKLM-x32\...\{7B4C83B6-17C1-4BFD-B86D-4D7AD4498CBB}) (Version: 1.0.4.0 - Brother Industries, Ltd.)
Dell Backup and Recovery (HKLM-x32\...\{0ED7EE95-6A97-47AA-AD73-152C08A15B04}) (Version: 1.7.5.60 - Dell Inc.)
Dell Data Services (HKLM\...\{90F9BFC9-A2A9-403F-9A40-1063FAD035BA}) (Version: 1.1.6.0 - Dell Inc.)
Dell Data Vault (Version: 4.2.2.0 - Dell Inc.) Hidden
Dell Digital Delivery (HKLM-x32\...\{D850CB7E-72BC-4510-BA4F-48932BFAB295}) (Version: 2.9.901.0 - Dell Products, LP)
Dell Foundation Services (HKLM\...\{76966FD2-4189-41F1-9CF6-9D177B4DEC97}) (Version: 2.0.42.1 - Dell Inc.)
Dell Product Registration (HKLM-x32\...\{24F2AD94-CC1B-4294-B184-D4D31A3186A7}) (Version: 2.42.0012 - Aviata Inc.)
Dell SupportAssist (HKLM\...\PC-Doctor for Windows) (Version: 1.1.6664.10 - Dell)
Dell SupportAssistAgent (HKLM-x32\...\{287348C8-8B47-4C36-AF28-441A3B7D8722}) (Version: 1.0.2.57295 - Dell)
Dell Touchpad (HKLM\...\SynTPDeinstKey) (Version: 18.1.2.3 - Synaptics Incorporated)
Dell Update (HKLM-x32\...\{D9E0A33F-19D6-45A7-83BB-535C7B5F699B}) (Version: 1.5.3000.0 - Dell Inc.)
Dell WLAN and Bluetooth Client Installation (HKLM-x32\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 10.0 - Dell Inc.)
Dropbox (HKU\S-1-5-21-2944422745-3718675205-452331776-1001\...\Dropbox) (Version: 3.6.9 - Dropbox, Inc.)
Dropbox 20 GB (HKLM-x32\...\{597A58EC-42D6-4940-8739-FB94491B013C}) (Version: 0.9.0 - Dropbox, Inc.)
GFaktura 1.0 (HKLM-x32\...\{79EDD937-FD3C-4493-8455-11394E9DF50E}) (Version: 1.0.0 - GFaktura)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 44.0.2403.107 - Google Inc.)
Google Update Helper (x32 Version: 1.3.24.7 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.28.1 - Google Inc.) Hidden
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3408 - Intel Corporation)
LibreOffice 4.4.3.2 (HKLM-x32\...\{A651A592-2F6C-4D66-AEA8-9BFE4B61BCB3}) (Version: 4.4.3.2 - The Document Foundation)
Microsoft SQL Server Compact 3.5 SP2 ENU (HKLM-x32\...\{3A9FC03D-C685-4831-94CF-4EDFD3749497}) (Version: 3.5.8080.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.30319 (HKLM\...\{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.30319 (HKLM-x32\...\{196BB40D-1578-3D01-B289-BEFC77A11A1E}) (Version: 10.0.30319 - Microsoft Corporation)
Mozilla Firefox 39.0 (x86 pl) (HKLM-x32\...\Mozilla Firefox 39.0 (x86 pl)) (Version: 39.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 36.0 - Mozilla)
My Dell Client Framework (HKLM-x32\...\InstallShield_{05F1B866-2372-4E82-9AA8-C64FB11CEF8B}) (Version: 1.0.0.3 - Dell)
My Dell Client Framework (x32 Version: 1.0.0.3 - Dell) Hidden
Opera Stable 30.0.1835.125 (HKLM-x32\...\Opera 30.0.1835.125) (Version: 30.0.1835.125 - Opera Software)
Picexa (HKLM-x32\...\Picexa) (Version:  - Taiwan Shui Mu Chih Ching Technology Limited)
Qualcomm Atheros Bluetooth Suite (64) (HKLM\...\{A84A4FB1-D703-48DB-89E0-68B6499D2801}) (Version: 8.0.1.318 - Qualcomm Atheros Communications)
Quickset64 (HKLM\...\{87CF757E-C1F1-4D22-865C-00C6950B5258}) (Version: 11.1.21 - Dell Inc.)
Real Alternative 2.0.2 (HKLM-x32\...\RealAlt_is1) (Version: 2.0.2 - )
RealDownloader (x32 Version: 17.0.15.7 - RealNetworks) Hidden
RealNetworks - Microsoft Visual C++ 2008 Runtime (x32 Version: 9.0 - RealNetworks, Inc) Hidden
RealNetworks - Microsoft Visual C++ 2010 Runtime (Version: 10.0 - RealNetworks, Inc) Hidden
RealNetworks - Microsoft Visual C++ 2010 Runtime (x32 Version: 10.0 - RealNetworks, Inc) Hidden
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7283 - Realtek Semiconductor Corp.)
Skype™ 7.2 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.2.103 - Skype Technologies S.A.)
ST Microelectronics 3 Axis Digital Accelerometer Solution (HKLM-x32\...\{9C24F411-9CA7-4A8A-91F3-F08A4A38EB31}) (Version: 4.11.0052 - ST Microelectronics)
Tachospeed 2.681 standalone (HKLM-x32\...\TachoSpeed) (Version: 2.681 - )
Unchecky v0.3.8 (HKLM-x32\...\Unchecky) (Version: 0.3.8 - RaMMicHaeL)
Video Downloader (x32 Version: 1.0.0 - RealNetworks) Hidden

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-2944422745-3718675205-452331776-1001_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Tadeusz\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2944422745-3718675205-452331776-1001_Classes\CLSID\{ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C}\InprocServer32 -> C:\Users\Tadeusz\AppData\Roaming\Dropbox\bin\DropboxExt64.26.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2944422745-3718675205-452331776-1001_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Tadeusz\AppData\Roaming\Dropbox\bin\DropboxExt64.26.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2944422745-3718675205-452331776-1001_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Tadeusz\AppData\Roaming\Dropbox\bin\DropboxExt64.26.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2944422745-3718675205-452331776-1001_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Tadeusz\AppData\Roaming\Dropbox\bin\DropboxExt64.26.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2944422745-3718675205-452331776-1001_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Tadeusz\AppData\Roaming\Dropbox\bin\DropboxExt64.26.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2944422745-3718675205-452331776-1001_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Tadeusz\AppData\Roaming\Dropbox\bin\DropboxExt64.26.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2944422745-3718675205-452331776-1001_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Tadeusz\AppData\Roaming\Dropbox\bin\DropboxExt64.26.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2944422745-3718675205-452331776-1001_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Tadeusz\AppData\Roaming\Dropbox\bin\DropboxExt64.26.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2944422745-3718675205-452331776-1001_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Tadeusz\AppData\Roaming\Dropbox\bin\DropboxExt64.26.dll (Dropbox, Inc.)

==================== Restore Points =========================

28-06-2015 13:35:25 Installed LibreOffice 4.4.3.2
12-07-2015 13:04:55 Windows Update
15-07-2015 21:40:46 Windows Update
22-07-2015 15:33:19 Windows Update
22-07-2015 15:34:30 Instalator modułów systemu Windows

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2013-08-22 15:25 - 2015-07-27 15:01 - 00001993 ____A C:\Windows\system32\Drivers\etc\hosts
0.0.0.0 0.0.0.0 # fix for traceroute and netstat display anomaly
0.0.0.0 tracking.opencandy.com.s3.amazonaws.com
0.0.0.0 media.opencandy.com
0.0.0.0 cdn.opencandy.com
0.0.0.0 tracking.opencandy.com
0.0.0.0 api.opencandy.com
0.0.0.0 installer.betterinstaller.com
0.0.0.0 installer.filebulldog.com
0.0.0.0 d3oxtn1x3b8d7i.cloudfront.net
0.0.0.0 inno.bisrv.com
0.0.0.0 nsis.bisrv.com
0.0.0.0 cdn.file2desktop.com
0.0.0.0 cdn.goateastcach.us
0.0.0.0 cdn.guttastatdk.us
0.0.0.0 cdn.inskinmedia.com
0.0.0.0 cdn.insta.oibundles2.com
0.0.0.0 cdn.insta.playbryte.com
0.0.0.0 cdn.llogetfastcach.us
0.0.0.0 cdn.montiera.com
0.0.0.0 cdn.msdwnld.com
0.0.0.0 cdn.mypcbackup.com
0.0.0.0 cdn.ppdownload.com
0.0.0.0 cdn.riceateastcach.us
0.0.0.0 cdn.shyapotato.us
0.0.0.0 cdn.solimba.com
0.0.0.0 cdn.tuto4pc.com
0.0.0.0 cdn.appround.biz
0.0.0.0 cdn.bigspeedpro.com
0.0.0.0 cdn.bispd.com

There are 4 more lines.


==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {26F7D735-6132-46F9-95A7-D4EB55330520} - System32\Tasks\RealDownloaderRealUpgradeLogonTaskS-1-5-21-2944422745-3718675205-452331776-1001 => C:\Program Files (x86)\RealNetworks\RealDownloader\RealUpgrade.exe
Task: {296FE578-5A00-4BCF-9DD7-A27063412806} - System32\Tasks\Synaptics TouchPad Enhancements => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2014-03-11] (Synaptics Incorporated)
Task: {2D0BAE89-E01C-4D93-A992-BF9BE0E31371} - System32\Tasks\RealDownloaderRealUpgradeScheduledTaskS-1-5-21-2944422745-3718675205-452331776-1001 => C:\Program Files (x86)\RealNetworks\RealDownloader\RealUpgrade.exe
Task: {3CC1C719-CD15-49F9-8E64-4613399D69C9} - System32\Tasks\Dell\Dell Product Registration => C:\Program Files (x86)\Dell Product Registration\prodreg.exe [2014-10-31] (Aviata Inc)
Task: {45495B93-8BEB-414A-9E20-0FF07B574CF9} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\Windows\system32\MRT.exe [2015-07-03] (Microsoft Corporation)
Task: {51BC936C-EAB0-465F-BE5A-48DAFEC6DE32} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_18_0_0_209_pepper.exe [2015-07-24] (Adobe Systems Incorporated)
Task: {601BC439-56E5-4721-8AD0-8CC554F5D5C7} - System32\Tasks\RtHDVBg_PushButton => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2014-07-01] (Realtek Semiconductor)
Task: {7AA3820D-C8C5-4B80-B02F-712369621E7E} - System32\Tasks\Opera scheduled Autoupdate 1425245899 => C:\Program Files (x86)\Opera\launcher.exe [2015-07-10] (Opera Software)
Task: {8CD460F5-1AF1-4C46-BAA8-040AC1968979} - System32\Tasks\PCDEventLauncherTask => C:\Program Files\Dell\SupportAssist\sessionchecker.exe [2015-05-25] (PC-Doctor, Inc.)
Task: {96B9C6B7-21F7-4AE9-A80E-2A5A3A785FCC} - System32\Tasks\SystemToolsDailyTest => uaclauncher.exe
Task: {970121DD-D215-4E97-B55E-63D046516A3E} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-07-24] (Adobe Systems Incorporated)
Task: {C5F5631B-22F8-4D07-A282-6087DA457559} - System32\Tasks\Dell\Dell Product Registration Update => C:\Program Files (x86)\Dell Product Registration\prodreg.exe [2014-10-31] (Aviata Inc)
Task: {DD3659C4-5BA6-49E0-8602-01F2C79977F9} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-07-23] (Google Inc.)
Task: {E158BB7F-31C0-4EAD-8C40-05273FC2CBC0} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-07-23] (Google Inc.)
Task: {F4C9466C-FCE8-40AA-B581-0ECB7288F33F} - System32\Tasks\PCDoctorBackgroundMonitorTask => C:\Program Files\Dell\SupportAssist\uaclauncher.exe [2015-05-25] (PC-Doctor, Inc.)
Task: {FA3A2A35-0682-4B73-B6EF-BBBF04308CDF} - System32\Tasks\Dell SupportAssistAgent AutoUpdate => C:\Program Files (x86)\Dell\SupportAssistAgent\bin\SupportAssist.exe [2015-03-04] (Dell Inc.)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\Windows\Tasks\Adobe Flash Player PPAPI Notifier.job => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_18_0_0_209_pepper.exe
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-2944422745-3718675205-452331776-1001Core1d0c25549d77436.job => C:\Users\Tadeusz\AppData\Local\Dropbox\Update\DropboxUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (Whitelisted) ==============

2015-05-30 21:31 - 2005-04-22 06:36 - 00143360 _____ () C:\Windows\system32\BrSNMP64.dll
2014-12-22 19:06 - 2014-06-04 16:02 - 00020256 _____ () C:\Program Files (x86)\Dell Backup and Recovery\Components\Shell\DBROverlayIcon.dll
2014-12-22 19:06 - 2014-06-04 16:02 - 00019744 _____ () C:\Program Files (x86)\Dell Backup and Recovery\Components\Shell\DBROverlayNotBackuped.dll
2014-02-26 01:46 - 2014-02-26 01:46 - 00011264 _____ () C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\Modules\ActivateDesktopDebugger\ActivateDesktopDebugger.dll
2014-02-26 01:43 - 2014-02-26 01:43 - 00086016 _____ () C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\Modules\Map\MAP.dll
2014-02-26 01:50 - 2014-02-26 01:50 - 00012928 _____ () C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\ActivateDesktop.exe
2015-07-27 15:02 - 2015-07-27 15:02 - 00043008 _____ () c:\users\tadeusz\appdata\local\temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpj7h6xh.dll
2015-03-04 23:45 - 2015-03-19 09:15 - 00750080 _____ () C:\Users\Tadeusz\AppData\Roaming\Dropbox\bin\libGLESv2.dll
2015-03-04 23:45 - 2015-03-19 09:15 - 00047616 _____ () C:\Users\Tadeusz\AppData\Roaming\Dropbox\bin\libEGL.dll
2015-03-04 23:45 - 2015-03-19 09:15 - 00865280 _____ () C:\Users\Tadeusz\AppData\Roaming\Dropbox\bin\plugins\platforms\qwindows.dll
2015-03-04 23:45 - 2015-03-19 09:15 - 00200704 _____ () C:\Users\Tadeusz\AppData\Roaming\Dropbox\bin\plugins\imageformats\qjpeg.dll
2015-03-04 23:45 - 2015-03-19 09:15 - 00010240 _____ () C:\Users\Tadeusz\AppData\Roaming\Dropbox\bin\QtQuick.2\qtquick2plugin.dll
2015-03-04 23:45 - 2015-03-19 09:15 - 00726016 _____ () C:\Users\Tadeusz\AppData\Roaming\Dropbox\bin\QtQuick\Controls\qtquickcontrolsplugin.dll
2015-03-04 23:45 - 2015-03-19 09:15 - 00010240 _____ () C:\Users\Tadeusz\AppData\Roaming\Dropbox\bin\QtQuick\Window.2\windowplugin.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\Users\Tadeusz\OneDrive:ms-properties
AlternateDataStreams: C:\Users\Tadeusz\OneDrive.old:ms-properties

==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\iaioi2ce.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\McMPFSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => ""=""

==================== EXE Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-2944422745-3718675205-452331776-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Tadeusz\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)

MSCONFIG\Services: AdobeFlashPlayerUpdateSvc => 3
MSCONFIG\Services: AERTFilters => 2
MSCONFIG\Services: Dell Data Services => 2
MSCONFIG\Services: Dell Foundation Services => 2
MSCONFIG\Services: DellDataVault => 2
MSCONFIG\Services: DellDataVaultWiz => 2
MSCONFIG\Services: DellDigitalDelivery => 2
MSCONFIG\Services: DellProdRegManager => 3
MSCONFIG\Services: DellUpdate => 2
MSCONFIG\Services: My Dell Client Framework => 2
MSCONFIG\Services: SftService => 2
MSCONFIG\Services: SupportAssistAgent => 2
MSCONFIG\Services: WavesSysSvc => 2
HKLM\...\StartupApproved\Run: => "Persistence"
HKLM\...\StartupApproved\Run: => "QuickSet"
HKLM\...\StartupApproved\Run32: => "RealDownloader"
HKLM\...\StartupApproved\Run32: => "TkBellExe"
HKLM\...\StartupApproved\Run32: => "BrHelp"
HKLM\...\StartupApproved\Run32: => "ControlCenter4"
HKLM\...\StartupApproved\Run32: => "BrStsMon00"
HKU\S-1-5-21-2944422745-3718675205-452331776-1001\...\StartupApproved\Run: => "Skype"

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [{4B43CE95-1ACA-4E58-A316-3DE08DC5D928}] => (Allow) C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe
FirewallRules: [{E9E41C03-AEA9-48CF-896D-3A61D9A41C5B}] => (Allow) C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe
FirewallRules: [{47F5E08A-9149-4A3B-B485-7D6AB328BC17}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{0641B504-8512-4B9B-A611-5D1EF3E4304A}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{B7F910E4-B706-4659-B0FE-5EC2EF1ABAB0}] => (Allow) C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe
FirewallRules: [{3427602C-26A6-4242-8B9B-A2C28E5DE806}] => (Allow) C:\Users\Tadeusz\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{24FDF6F5-BF4E-494E-9390-3E32A93610B4}] => (Allow) C:\Users\Tadeusz\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [TCP Query User{6D7B75DB-28A6-4389-B94F-BAA1E2E1E520}C:\users\tadeusz\appdata\roaming\dropbox\bin\dropbox.exe] => (Block) C:\users\tadeusz\appdata\roaming\dropbox\bin\dropbox.exe
FirewallRules: [UDP Query User{DB53A8B7-A98F-4203-8CF7-A947E2DFEEB3}C:\users\tadeusz\appdata\roaming\dropbox\bin\dropbox.exe] => (Block) C:\users\tadeusz\appdata\roaming\dropbox\bin\dropbox.exe
FirewallRules: [TCP Query User{C6BC7F48-9AEA-40EB-A79B-63AB16FBCE35}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [UDP Query User{140B05D0-0DE0-4D64-A5FC-D261EAFD1A85}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [{F0F0E602-C979-4551-96D8-8B80906F8C82}] => (Allow) LPort=54925
FirewallRules: [{C8B1E300-DCAD-4493-9972-BAE1D686C597}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (07/26/2015 02:48:14 PM) (Source: Customer Experience Improvement Program) (EventID: 1008) (User: )
Description: 80070005

Error: (07/26/2015 08:11:29 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Program backgroundTaskHost.exe w wersji 6.3.9600.17415 przestał współpracować z systemem Windows i został zamknięty. Aby sprawdzić, czy jest dostępnych więcej informacji na temat tego problemu, sprawdź historię problemu w aplecie Centrum akcji w Panelu sterowania.

Identyfikator procesu: 1b68

Godzina rozpoczęcia: 01d0c72e95323dee

Godzina zakończenia: 4294967295

Ścieżka aplikacji: C:\Windows\system32\backgroundTaskHost.exe

Identyfikator raportu: 265b1a98-335d-11e5-8278-4cbb5849fb9d

Pełna nazwa pakietu powodującego błąd: 64885BlueEdge.OneCalendar_6.1.0.17_x64__8kea50m9krsh2

Identyfikator aplikacji względem pakietu powodującego błąd: App

Error: (07/26/2015 08:10:02 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Program LiveComm.exe w wersji 17.5.9600.20911 przestał współpracować z systemem Windows i został zamknięty. Aby sprawdzić, czy jest dostępnych więcej informacji na temat tego problemu, sprawdź historię problemu w aplecie Centrum akcji w Panelu sterowania.

Identyfikator procesu: e68

Godzina rozpoczęcia: 01d0c6e11abe50c3

Godzina zakończenia: 4294967295

Ścieżka aplikacji: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20911_x64__8wekyb3d8bbwe\LiveComm.exe

Identyfikator raportu: ee6f03e8-335c-11e5-8278-4cbb5849fb9d

Pełna nazwa pakietu powodującego błąd: microsoft.windowscommunicationsapps_17.5.9600.20911_x64__8wekyb3d8bbwe

Identyfikator aplikacji względem pakietu powodującego błąd: ppleae38af2e007f4358a809ac99a64a67c1

Error: (07/25/2015 04:18:02 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Program wwahost.exe w wersji 6.3.9600.17415 przestał współpracować z systemem Windows i został zamknięty. Aby sprawdzić, czy jest dostępnych więcej informacji na temat tego problemu, sprawdź historię problemu w aplecie Centrum akcji w Panelu sterowania.

Identyfikator procesu: 8f8

Godzina rozpoczęcia: 01d0c6e49a011fb3

Godzina zakończenia: 15

Ścieżka aplikacji: C:\Windows\system32\wwahost.exe

Identyfikator raportu: f2fee23e-32d7-11e5-8278-4cbb5849fb9d

Pełna nazwa pakietu powodującego błąd: Microsoft.BingNews_3.0.4.336_x64__8wekyb3d8bbwe

Identyfikator aplikacji względem pakietu powodującego błąd: AppexNews

Error: (07/25/2015 03:50:33 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: TADEUSZ)
Description: Aktywacja aplikacji microsoft.windowscommunicationsapps_8wekyb3d8bbwe!Microsoft.WindowsLive.Mail nie powiodła się. Błąd: -2144927149. Więcej informacji można znaleźć w dzienniku Microsoft-Windows-TWinUI/Działa.

Error: (07/25/2015 03:15:20 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nazwa aplikacji powodującej błąd: jhnmqgsg.exe, wersja: 2.1.19357.0, sygnatura czasowa: 0x52e7ea83
Nazwa modułu powodującego błąd: jhnmqgsg.exe, wersja: 2.1.19357.0, sygnatura czasowa: 0x52e7ea83
Kod wyjątku: 0xc0000005
Przesunięcie błędu: 0x000011aa
Identyfikator procesu powodującego błąd: 0xfbc
Godzina uruchomienia aplikacji powodującej błąd: 0xjhnmqgsg.exe0
Ścieżka aplikacji powodującej błąd: jhnmqgsg.exe1
Ścieżka modułu powodującego błąd: jhnmqgsg.exe2
Identyfikator raportu: jhnmqgsg.exe3
Pełna nazwa pakietu powodującego błąd: jhnmqgsg.exe4
Identyfikator aplikacji względem pakietu powodującego błąd: jhnmqgsg.exe5

Error: (07/25/2015 03:14:42 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nazwa aplikacji powodującej błąd: jhnmqgsg.exe, wersja: 2.1.19357.0, sygnatura czasowa: 0x52e7ea83
Nazwa modułu powodującego błąd: jhnmqgsg.exe, wersja: 2.1.19357.0, sygnatura czasowa: 0x52e7ea83
Kod wyjątku: 0xc0000005
Przesunięcie błędu: 0x000011aa
Identyfikator procesu powodującego błąd: 0x20e0
Godzina uruchomienia aplikacji powodującej błąd: 0xjhnmqgsg.exe0
Ścieżka aplikacji powodującej błąd: jhnmqgsg.exe1
Ścieżka modułu powodującego błąd: jhnmqgsg.exe2
Identyfikator raportu: jhnmqgsg.exe3
Pełna nazwa pakietu powodującego błąd: jhnmqgsg.exe4
Identyfikator aplikacji względem pakietu powodującego błąd: jhnmqgsg.exe5

Error: (07/25/2015 03:07:29 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Program wwahost.exe w wersji 6.3.9600.17415 przestał współpracować z systemem Windows i został zamknięty. Aby sprawdzić, czy jest dostępnych więcej informacji na temat tego problemu, sprawdź historię problemu w aplecie Centrum akcji w Panelu sterowania.

Identyfikator procesu: 2208

Godzina rozpoczęcia: 01d0c6dac19a1bec

Godzina zakończenia: 4294967295

Ścieżka aplikacji: C:\Windows\system32\wwahost.exe

Identyfikator raportu: 18a3bd84-32ce-11e5-8275-4cbb5849fb9d

Pełna nazwa pakietu powodującego błąd: Microsoft.BingNews_3.0.4.336_x64__8wekyb3d8bbwe

Identyfikator aplikacji względem pakietu powodującego błąd: AppexNews

Error: (07/25/2015 03:07:26 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 2484) (User: TADEUSZ)
Description: Działanie pakietu Microsoft.BingNews_3.0.4.336_x64__8wekyb3d8bbwe+AppexNews zostało zakończone, ponieważ operacja wstrzymywania pakietu trwała zbyt długo.

Error: (07/25/2015 03:06:38 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Program wwahost.exe w wersji 6.3.9600.17415 przestał współpracować z systemem Windows i został zamknięty. Aby sprawdzić, czy jest dostępnych więcej informacji na temat tego problemu, sprawdź historię problemu w aplecie Centrum akcji w Panelu sterowania.

Identyfikator procesu: 1a94

Godzina rozpoczęcia: 01d0c6d8460ed504

Godzina zakończenia: 4294967295

Ścieżka aplikacji: C:\Windows\syswow64\wwahost.exe

Identyfikator raportu: f6488aef-32cd-11e5-8275-4cbb5849fb9d

Pełna nazwa pakietu powodującego błąd: Microsoft.SkypeApp_3.1.0.1016_x86__kzf8qxf38zg5c

Identyfikator aplikacji względem pakietu powodującego błąd: App


System errors:
=============
Error: (07/27/2015 03:01:20 PM) (Source: i8042prt) (EventID: 34) (User: )
Description: Przy próbie określenia liczby przycisków myszy wystąpił błąd.

Error: (07/26/2015 09:18:05 AM) (Source: Microsoft-Windows-Kernel-General) (EventID: 5) (User: ZARZĄDZANIE NT)
Description: 0x8000002a42\SystemRoot\System32\Config\RegBack\SYSTEM

Error: (07/25/2015 03:51:14 PM) (Source: DCOM) (EventID: 10010) (User: TADEUSZ)
Description: {9BA05972-F6A8-11CF-A442-00A0C90A8F39}

Error: (07/25/2015 03:51:14 PM) (Source: DCOM) (EventID: 10005) (User: TADEUSZ)
Description: 1084ShellHWDetectionNiedostępny{DD522ACC-F821-461A-A407-50B198B896DC}

Error: (07/25/2015 03:51:06 PM) (Source: DCOM) (EventID: 10005) (User: TADEUSZ)
Description: 1084WSearchNiedostępny{B52D54BB-4818-4EB9-AA80-F9EACD371DF8}

Error: (07/25/2015 03:51:06 PM) (Source: DCOM) (EventID: 10005) (User: TADEUSZ)
Description: 1084WSearchNiedostępny{B52D54BB-4818-4EB9-AA80-F9EACD371DF8}

Error: (07/25/2015 03:51:06 PM) (Source: DCOM) (EventID: 10005) (User: TADEUSZ)
Description: 1084ShellHWDetectionNiedostępny{DD522ACC-F821-461A-A407-50B198B896DC}

Error: (07/25/2015 03:51:02 PM) (Source: DCOM) (EventID: 10005) (User: TADEUSZ)
Description: 1084WSearchNiedostępny{B52D54BB-4818-4EB9-AA80-F9EACD371DF8}

Error: (07/25/2015 03:51:02 PM) (Source: DCOM) (EventID: 10005) (User: TADEUSZ)
Description: 1084WSearchNiedostępny{B52D54BB-4818-4EB9-AA80-F9EACD371DF8}

Error: (07/25/2015 03:51:00 PM) (Source: DCOM) (EventID: 10005) (User: TADEUSZ)
Description: 1084WSearchNiedostępny{B52D54BB-4818-4EB9-AA80-F9EACD371DF8}


Microsoft Office:
=========================
Error: (07/26/2015 02:48:14 PM) (Source: Customer Experience Improvement Program) (EventID: 1008) (User: )
Description: 80070005

Error: (07/26/2015 08:11:29 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: backgroundTaskHost.exe6.3.9600.174151b6801d0c72e95323dee4294967295C:\Windows\system32\backgroundTaskHost.exe265b1a98-335d-11e5-8278-4cbb5849fb9d64885BlueEdge.OneCalendar_6.1.0.17_x64__8kea50m9krsh2App

Error: (07/26/2015 08:10:02 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: LiveComm.exe17.5.9600.20911e6801d0c6e11abe50c34294967295C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20911_x64__8wekyb3d8bbwe\LiveComm.exeee6f03e8-335c-11e5-8278-4cbb5849fb9dmicrosoft.windowscommunicationsapps_17.5.9600.20911_x64__8wekyb3d8bbweppleae38af2e007f4358a809ac99a64a67c1

Error: (07/25/2015 04:18:02 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: wwahost.exe6.3.9600.174158f801d0c6e49a011fb315C:\Windows\system32\wwahost.exef2fee23e-32d7-11e5-8278-4cbb5849fb9dMicrosoft.BingNews_3.0.4.336_x64__8wekyb3d8bbweAppexNews

Error: (07/25/2015 03:50:33 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: TADEUSZ)
Description: microsoft.windowscommunicationsapps_8wekyb3d8bbwe!Microsoft.WindowsLive.Mail-2144927149

Error: (07/25/2015 03:15:20 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: jhnmqgsg.exe2.1.19357.052e7ea83jhnmqgsg.exe2.1.19357.052e7ea83c0000005000011aafbc01d0c6dbf18fda64C:\Users\Tadeusz\Downloads\gm(1)\jhnmqgsg.exeC:\Users\Tadeusz\Downloads\gm(1)\jhnmqgsg.exe32db41c8-32cf-11e5-8275-4cbb5849fb9d

Error: (07/25/2015 03:14:42 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: jhnmqgsg.exe2.1.19357.052e7ea83jhnmqgsg.exe2.1.19357.052e7ea83c0000005000011aa20e001d0c6dbd4b86128C:\Users\Tadeusz\Downloads\gm(1)\jhnmqgsg.exeC:\Users\Tadeusz\Downloads\gm(1)\jhnmqgsg.exe1be03bbe-32cf-11e5-8275-4cbb5849fb9d

Error: (07/25/2015 03:07:29 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: wwahost.exe6.3.9600.17415220801d0c6dac19a1bec4294967295C:\Windows\system32\wwahost.exe18a3bd84-32ce-11e5-8275-4cbb5849fb9dMicrosoft.BingNews_3.0.4.336_x64__8wekyb3d8bbweAppexNews

Error: (07/25/2015 03:07:26 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 2484) (User: TADEUSZ)
Description: Microsoft.BingNews_3.0.4.336_x64__8wekyb3d8bbwe+AppexNews

Error: (07/25/2015 03:06:38 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: wwahost.exe6.3.9600.174151a9401d0c6d8460ed5044294967295C:\Windows\syswow64\wwahost.exef6488aef-32cd-11e5-8275-4cbb5849fb9dMicrosoft.SkypeApp_3.1.0.1016_x86__kzf8qxf38zg5cApp


==================== Memory info =========================== 

Processor: Intel(R) Pentium(R) CPU N3530 @ 2.16GHz
Percentage of memory in use: 33%
Total physical RAM: 3979.2 MB
Available physical RAM: 2665.6 MB
Total Virtual: 4683.2 MB
Available Virtual: 3336.97 MB

==================== Drives ================================

Drive c: (OS) (Fixed) (Total:458.41 GB) (Free:412.39 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 465.8 GB) (Disk ID: 03844EC0)

Partition: GPT Partition Type.

==================== End of log ============================