Additional scan result of Farbar Recovery Scan Tool (x64) Version:28-07-2015 Ran by Figo2 (2015-07-30 17:15:27) Running from C:\Fix\FRST Boot Mode: Normal ========================================================== ==================== Accounts: ============================= Administrator (S-1-5-21-2705386953-3286083312-722412902-500 - Administrator - Disabled) => C:\Users\Administrator Figo2 (S-1-5-21-2705386953-3286083312-722412902-1050 - Administrator - Enabled) => C:\Users\Figo2 Gość (S-1-5-21-2705386953-3286083312-722412902-501 - Limited - Disabled) HomeGroupUser$ (S-1-5-21-2705386953-3286083312-722412902-1005 - Limited - Enabled) Konto domyślne (S-1-5-21-2705386953-3286083312-722412902-503 - Limited - Disabled) ==================== Security Center ======================== (If an entry is included in the fixlist, it will be removed.) AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B} AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736} FW: avast! Antivirus (Enabled) {2F96FC65-F07D-9D1E-5A6E-3DA5C487EAF0} ==================== Installed Programs ====================== (Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.) 7-Zip 9.20 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov) 7-Zip 9.22 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0922-000001000000}) (Version: 9.22.00.0 - Igor Pavlov) Ad Muncher v4.94.34121 (Free) (HKLM-x32\...\Ad Muncher) (Version: - ) Ad-Aware Web Companion (x32 Version: 1.1.922.1860 - Lavasoft) Hidden Adobe Flash Player 18 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 18.0.0.209 - Adobe Systems Incorporated) Adobe Reader XI (11.0.12) - Polish (HKLM-x32\...\{AC76BA86-7AD7-1045-7B44-AB0000000001}) (Version: 11.0.12 - Adobe Systems Incorporated) Aktualizacja produktu Microsoft Office Excel 2007 Help (KB963678) (HKLM-x32\...\{90120000-0016-0415-0000-0000000FF1CE}_ENTERPRISE_{04E205D6-88B1-4652-B162-42DF2C3B1228}) (Version: - Microsoft) Aktualizacja produktu Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM-x32\...\{90120000-0018-0415-0000-0000000FF1CE}_ENTERPRISE_{442ECBCF-94A7-48CC-8CD9-D31FFFD5FA86}) (Version: - Microsoft) Aktualizacja produktu Microsoft Office Word 2007 Help (KB963665) (HKLM-x32\...\{90120000-001B-0415-0000-0000000FF1CE}_ENTERPRISE_{128A36ED-21BE-4547-9FFE-5B85AEC735DD}) (Version: - Microsoft) Aktualizacje NVIDIA 2.4.5.57 (Version: 2.4.5.57 - NVIDIA Corporation) Hidden ALLPlayer Pilot (HKLM-x32\...\{146BDBDD-ACD9-4B04-A286-C27471841E8E}_is1) (Version: 1.2 - ALLPlayer Group, Ltd.) ALLPlayer V6.X (HKLM-x32\...\ALLPlayer_is1) (Version: - ALLPlayer Group, Ltd.) APP Center (x32 Version: 1.14.1205 - Gigabyte) Hidden Avast Premier (HKLM-x32\...\Avast) (Version: 10.2.2218 - AVAST Software) AVG PC TuneUp 2014 (HKLM-x32\...\AVG PC TuneUp 2014) (Version: 14.0.1001.147 - AVG) AVG PC TuneUp 2014 (pl-PL) (x32 Version: 14.0.1001.147 - AVG) Hidden AVG PC TuneUp 2014 (x32 Version: 14.0.1001.147 - AVG) Hidden Battlefield 4™ (HKLM-x32\...\{ABADE36E-EC37-413B-8179-B432AD3FACE7}) (Version: 1.4.2.30944 - Electronic Arts) Battlelog Web Plugins (HKLM-x32\...\Battlelog Web Plugins) (Version: 2.7.1 - EA Digital Illusions CE AB) Canon Utilities CameraWindow DC 8 (HKLM-x32\...\CameraWindowDC) (Version: 8.10.4.24 - Canon Inc.) Canon Utilities ImageBrowser EX (HKLM-x32\...\ImageBrowser EX) (Version: 1.5.2.8 - Canon Inc.) Canon Utilities PhotoStitch (HKLM-x32\...\PhotoStitch) (Version: 3.1.23.47 - Canon Inc.) CCleaner (HKLM\...\CCleaner) (Version: 5.08 - Piriform) Curse (HKLM-x32\...\{DEE70742-F4E9-44CA-B2B9-EE95DCF37295}) (Version: 6.0.0.0 - Curse) CWK (Czasowy Wyłącznik Komputera) (HKLM-x32\...\CWK) (Version: 2.52.3.43 - Damian Pasternak) Electronics Workbench V5.12 (HKLM-x32\...\Electronics_Workbench_V5) (Version: - ) Epson Easy Photo Print 2 (HKLM-x32\...\{87C2248A-C7DD-49ED-9BCD-B312A9D0819E}) (Version: 2.1.0.0 - SEIKO EPSON CORPORATION) EPSON Scan (HKLM-x32\...\EPSON Scanner) (Version: - ) Epson Stylus SX210_SX410_TX210_TX410 Podręcznik (HKLM-x32\...\Epson Stylus SX210_SX410_TX210_TX410 Przewodnik użytkownika) (Version: - ) EPSON SX410 Series Printer Uninstall (HKLM\...\EPSON SX410 Series) (Version: - SEIKO EPSON Corporation) EPSON SX430 Series Printer Uninstall (HKLM\...\EPSON SX430 Series) (Version: - SEIKO EPSON Corporation) EVEREST Ultimate Edition v5.50 (HKLM-x32\...\EVEREST Ultimate Edition_is1) (Version: 5.50 - Lavalys, Inc.) Expressivo (HKLM-x32\...\Expressivo) (Version: 1.5.1 - IVO Software Sp. z o.o.) ffdshow v1.3.4532 [2014-07-17] (HKLM-x32\...\ffdshow_is1) (Version: 1.3.4532.0 - ) Freemake Video Converter wersja 4.1.5 (HKLM-x32\...\Freemake Video Converter_is1) (Version: 4.1.5 - Ellora Assets Corporation) Gaming Keyboard Driver (HKLM-x32\...\{4D2D3DC8-404C-46E2-B57C-49C45BD110AC}) (Version: 1.0 - AULA) GIMP 2.8.14 (HKLM\...\GIMP-2_is1) (Version: 2.8.14 - The GIMP Team) GOM Player (HKLM-x32\...\GOM Player) (Version: 2.2.69.5227 - Gretech Corporation) Google Chrome (HKLM-x32\...\{32E600A5-C6F1-38A2-A8CC-B7DEF699D3F1}) (Version: 66.65.49304 - Google, Inc.) Google Update Helper (x32 Version: 1.3.28.1 - Google Inc.) Hidden GTA San Andreas (HKLM-x32\...\{D417C96A-FCC7-4590-A1BB-FAF73F5BC98E}) (Version: 1.00.00001 - Rockstar Games) IVONA (HKLM-x32\...\IVONA) (Version: 1.4.1 - IVO Software Sp. z o.o.) IVONA MiniReader (HKLM-x32\...\IVONA MiniReader) (Version: - IVO Software Sp. z o.o.) Java 8 Update 51 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218051F0}) (Version: 8.0.510 - Oracle Corporation) jetAudio Basic (HKLM-x32\...\{DF8195AF-8E6F-4487-A0EE-196F7E3F4B8A}) (Version: 8.1.0 - COWON) jv16 PowerTools 2014 (HKLM-x32\...\jv16 PowerTools 2014) (Version: - Macecraft Software) LavasoftTcpService (x32 Version: 2.3.3.0 - Lavasoft) Hidden Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation) Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft) Microsoft Office Enterprise 2007 (HKLM-x32\...\ENTERPRISE) (Version: 12.0.6612.1000 - Microsoft Corporation) Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation) Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.40416.0 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2010 Redistributable - x64 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 Redistributable - x86 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation) Mozilla Firefox 39.0 (x86 pl) (HKLM-x32\...\Mozilla Firefox 39.0 (x86 pl)) (Version: 39.0 - Mozilla) Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 37.0.1 - Mozilla) MSI Afterburner 4.1.0 (HKLM-x32\...\Afterburner) (Version: 4.1.0 - MSI Co., LTD) MTA:SA v1.4.1 (HKLM-x32\...\MTA:SA 1.4) (Version: v1.4.1 - Multi Theft Auto) NapiProjekt (2.2.0.2399) (HKLM-x32\...\NapiProjekt_is1) (Version: - ) Napisy24 (HKLM-x32\...\{D1985DBC-F09E-4317-91B8-932AD0FD4A27}_is1) (Version: 1.0 - Napisy24.pl) Nero 2015 (HKLM-x32\...\{61F056D1-E951-4403-A8DD-322D6C328D4C}) (Version: 16.0.04300 - Nero AG) Nero Info (HKLM-x32\...\{B791E0AB-87A9-41A4-8D98-D13C2E37D928}) (Version: 16.0.1003 - Nero AG) Notepad++ (HKLM-x32\...\{93DFD7C9-64D8-42DD-B290-92BD2C3DAFBD}) (Version: 6.2.3.0 - Notepad++) NVIDIA GeForce Experience 2.4.5.57 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.4.5.57 - NVIDIA Corporation) NVIDIA Oprogramowanie systemu PhysX 9.15.0428 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.15.0428 - NVIDIA Corporation) NVIDIA Sterownik dźwięku HD 1.3.34.3 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.34.3 - NVIDIA Corporation) NVIDIA Sterownik graficzny 353.30 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 353.30 - NVIDIA Corporation) NVIDIA Sterownik kontrolera 3D Vision 352.65 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 352.65 - NVIDIA Corporation) OpenOffice.org 3.3 (HKLM-x32\...\{EB87675F-5281-4767-A54B-31931794C23D}) (Version: 3.3.9567 - OpenOffice.org) Oracle VM VirtualBox 4.3.24 (HKLM\...\{15E093DF-951E-46CB-B3EC-E1287E7A2319}) (Version: 4.3.24 - Oracle Corporation) Origin (HKLM-x32\...\Origin) (Version: 8.2.6.475 - Electronic Arts, Inc.) OSFMount v1.5 (HKLM\...\OSFMount_is1) (Version: 1.5.1015 - Passmark Software) oursurfing uninstall (HKLM-x32\...\oursurfing uninstall) (Version: - oursurfing) <==== ATTENTION Panel sterowania NVIDIA 353.30 (Version: 353.30 - NVIDIA Corporation) Hidden Paragon Backup and Recovery™ 14 Free (HKLM\...\{C268B5E1-A5DA-11DF-A289-005056C00008}) (Version: 90.00.0003 - Paragon Software) PITy2014 IPS 1.6 kompilacja:1.6.2.37 (HKLM-x32\...\PITy2014IPS_is1) (Version: - IPS Przedsiębiorstwo Informatyczne) PIXELA AAC LC CODEC (HKLM-x32\...\PIXELA AAC LC CODEC) (Version: 1.1.0.1 - Canon Inc.) Platform (x32 Version: 1.38 - VIA Technologies, Inc.) Hidden PlayMemories Home (HKLM-x32\...\{E03CD71A-F595-49DF-9ADC-0CFC93B1B211}) (Version: 6.0.02.14151 - Sony Corporation) Prerequisite installer (x32 Version: 16.0.0003 - Nero AG) Hidden PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.993 - Even Balance, Inc.) RealSpeak Solo 4.0 SAPI5 Polish Agata (HKLM-x32\...\{30233C19-872D-4412-9050-7DC263824A96}) (Version: 1.00.0000 - Freedom Scientific) Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6662 - Realtek Semiconductor Corp.) Robocraft (HKLM-x32\...\Steam App 301520) (Version: - Freejam) Serious Sam 3: BFE (HKLM-x32\...\Steam App 41070) (Version: - Croteam) SHIELD Streaming (Version: 4.1.2000 - NVIDIA Corporation) Hidden SHIELD Wireless Controller Driver (Version: 2.4.5.57 - NVIDIA Corporation) Hidden Skype™ 7.6 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.6.105 - Skype Technologies S.A.) Sp5 (x32 Version: 5.1.4324.0 - Microsoft) Hidden Sp5Intl (x32 Version: 5.1.4324.0 - Microsoft) Hidden Sp5TTInt (x32 Version: 5.1.4324.0 - Microsoft) Hidden SpCommon (x32 Version: 5.1.4324.0 - Microsoft) Hidden SpPhones (x32 Version: 6.0.3122.0 - Microsoft) Hidden Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation) STK02N 2.3 (HKLM-x32\...\{E42E07F5-5A90-4BA9-B55A-79FCF9EAF9B5}) (Version: 2.3 - Syntek) Swift Record (HKLM\...\Swift Record) (Version: 2015.06.05.063310 - Swift Record) <==== ATTENTION TeamViewer 10 (HKLM-x32\...\TeamViewer) (Version: 10.0.43174 - TeamViewer) The Sims™ 4 (HKLM-x32\...\{48EBEBBF-B9F8-4520-A3CF-89A730721917}) (Version: 1.5.139.1020 - Electronic Arts Inc.) Tunngle (HKLM-x32\...\Tunngle_is1) (Version: 5.2 - Tunngle.net GmbH) Uninstall Tool (HKLM\...\Uninstall Tool_is1) (Version: 3.4.3 - CrystalIDEA Software, Inc.) Unity (HKLM-x32\...\Unity) (Version: 5.1.1f1 - Unity Technologies ApS) Unity Web Player (HKU\S-1-5-21-2705386953-3286083312-722412902-1050\...\UnityWebPlayer) (Version: 5.1.1f1 - Unity Technologies ApS) Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft) Vegas Pro 11.0 (64-bit) (HKLM\...\{30048BC0-4093-11E1-9406-F04DA23A5C58}) (Version: 11.0.521 - Sony) VIA Platforma Menedżera urządzeń (HKLM-x32\...\InstallShield_{20D4A895-748C-4D88-871C-FDB1695B0169}) (Version: 1.38 - VIA Technologies, Inc.) VLC media player (HKLM\...\VLC media player) (Version: 2.2.1 - VideoLAN) Vuze (HKLM\...\8461-7759-5462-8226) (Version: 5.6.1.2 - Azureus Software, Inc.) Web Companion (HKLM-x32\...\{902C3D36-9254-437D-98AC-913B78E60864}_WebCompanion) (Version: 1.1.922.1860 - Lavasoft) WinDjView 2.1 (HKLM\...\WinDjView) (Version: 2.1 - Andrew Zhezherun) Xilisoft Video Converter Ultimate (HKLM-x32\...\Xilisoft Video Converter Ultimate) (Version: 7.8.0.20140401 - Xilisoft) ==================== Custom CLSID (Whitelisted): ========================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) CustomCLSID: HKU\S-1-5-21-2705386953-3286083312-722412902-1050_Classes\CLSID\{018D5C66-4533-4307-9B53-224DE2ED1FE6}\InprocServer32 -> C:\Windows\system32\shell32.dll (Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-2705386953-3286083312-722412902-1050_Classes\CLSID\{1BF42E4C-4AF4-4CFD-A1A0-CF2960B8F63E}\InprocServer32 -> C:\Users\Figo2\AppData\Local\Microsoft\OneDrive\17.3.5907.0716\amd64\FileSyncShell64.dll (Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-2705386953-3286083312-722412902-1050_Classes\CLSID\{5AB7172C-9C11-405C-8DD5-AF20F3606282}\InprocServer32 -> C:\Users\Figo2\AppData\Local\Microsoft\OneDrive\17.3.5907.0716\amd64\FileSyncShell64.dll (Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-2705386953-3286083312-722412902-1050_Classes\CLSID\{7AFDFDDB-F914-11E4-8377-6C3BE50D980C}\InprocServer32 -> C:\Users\Figo2\AppData\Local\Microsoft\OneDrive\17.3.5907.0716\amd64\FileSyncShell64.dll (Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-2705386953-3286083312-722412902-1050_Classes\CLSID\{82CA8DE3-01AD-4CEA-9D75-BE4C51810A9E}\InprocServer32 -> C:\Users\Figo2\AppData\Local\Microsoft\OneDrive\17.3.5907.0716\amd64\FileSyncShell64.dll (Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-2705386953-3286083312-722412902-1050_Classes\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}\InprocServer32 -> C:\Users\Figo2\AppData\Local\Microsoft\OneDrive\17.3.5907.0716\amd64\FileSyncShell64.dll (Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-2705386953-3286083312-722412902-1050_Classes\CLSID\{A78ED123-AB77-406B-9962-2A5D9D2F7F30}\InprocServer32 -> C:\Users\Figo2\AppData\Local\Microsoft\OneDrive\17.3.5907.0716\amd64\FileSyncShell64.dll (Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-2705386953-3286083312-722412902-1050_Classes\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}\InprocServer32 -> C:\Users\Figo2\AppData\Local\Microsoft\OneDrive\17.3.5907.0716\amd64\FileSyncShell64.dll (Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-2705386953-3286083312-722412902-1050_Classes\CLSID\{CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B}\InprocServer32 -> C:\Users\Figo2\AppData\Local\Microsoft\OneDrive\17.3.5907.0716\amd64\FileSyncShell64.dll (Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-2705386953-3286083312-722412902-1050_Classes\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}\InprocServer32 -> C:\Users\Figo2\AppData\Local\Microsoft\OneDrive\17.3.5907.0716\amd64\FileSyncShell64.dll (Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-2705386953-3286083312-722412902-1050_Classes\CLSID\{F8071786-1FD0-4A66-81A1-3CBE29274458}\InprocServer32 -> C:\Users\Figo2\AppData\Local\Microsoft\OneDrive\17.3.5907.0716\amd64\FileSyncApi64.dll (Microsoft Corporation) ==================== Restore Points ========================= 29-07-2015 13:38:33 Instalator modułów systemu Windows ==================== Hosts content: =============================== (If needed Hosts: directive could be included in the fixlist to reset Hosts.) 2009-07-14 04:34 - 2009-06-10 23:00 - 00000824 ____A C:\WINDOWS\system32\Drivers\etc\hosts ==================== Scheduled Tasks (Whitelisted) ============= (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) Task: {0063E258-2276-4EAC-8462-088BE4D79233} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d No Task File <==== ATTENTION Task: {00EEBA9C-F9EF-4272-B793-C830FBADD359} - System32\Tasks\Microsoft\Windows\ApplicationData\DsSvcCleanup => C:\Windows\system32\dstokenclean.exe [2015-07-10] (Microsoft Corporation) Task: {078E29BA-7A4A-4639-BC28-8C4472591377} - System32\Tasks\WINshell Event Logging => C:\Users\Figo\AppData\Local\Temp\Dscp1.exe <==== ATTENTION Task: {08EDA4D1-DA72-458A-8542-FD3DD3F0E833} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d No Task File <==== ATTENTION Task: {0CCA7916-2916-4F12-BD32-1E3BE31E1269} - System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Device-Join => C:\Windows\System32\dsregcmd.exe [2015-07-10] (Microsoft Corporation) Task: {0EDAACD6-A8D4-4E4A-BC5B-FAF45041D804} - System32\Tasks\Microsoft\Windows\Media Center\ReindexSearchRoot => C:\Windows\ehome\ehPrivJob.exe Task: {1641F54C-1E57-4902-AB65-EE2B65E5629D} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\Schedule Scan => C:\Windows\system32\usoclient.exe [2015-07-10] (Microsoft Corporation) Task: {19865544-CE08-40BE-8B8C-87C47681433D} - System32\Tasks\Microsoft\Windows\WindowsUpdate\sihboot => C:\Windows\System32\sihclient.exe [2015-07-10] (Microsoft Corporation) Task: {1D3D099E-EE1E-4907-8BA2-BA8F12D11AA6} - System32\Tasks\Microsoft\Windows\Location\Notifications => C:\Windows\System32\LocationNotificationWindows.exe [2015-07-10] (Microsoft Corporation) Task: {210E1559-07A9-47CA-BC60-DEDBBC707D9E} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-05-28] (Google Inc.) Task: {2C15334C-B4A2-4022-9995-B896AE6B94F4} - \Microsoft\Windows\File Classification Infrastructure\Property Definition Sync No Task File <==== ATTENTION Task: {2C97A00A-1C5C-4318-B5CC-8A1A126B77F9} - System32\Tasks\Microsoft\Windows\CertificateServicesClient\KeyPreGenTask Task: {3848EDE2-B0FE-4BB4-8D4F-14662F65F12F} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-05-28] (Google Inc.) Task: {39C12A3D-EC45-42D4-AD23-BAED20881E94} - System32\Tasks\ALL Update => C:\Program Files (x86)\ALLPlayer\ALLUpdate.exe [2015-04-27] (ALLPlayer Group Ltd.) Task: {3E20D50A-5B00-4C0A-9D02-92EF86F7D95B} - System32\Tasks\Kopia Pulpitu => C:\kopia.bat [2015-06-05] () Task: {3F6E048D-6404-433B-8F5F-CFF4D89BF89E} - System32\Tasks\Microsoft\Windows\Application Experience\Microsoft Compatibility Appraiser => Rundll32.exe generaltel.dll,RunTelemetryW Task: {41160EA0-208B-4C3E-B4DB-805BBABC6B93} - System32\Tasks\Microsoft\Windows\Feedback\Siuf\DmClient => C:\Windows\system32\dmclient.exe [2015-07-10] (Microsoft Corporation) Task: {4454A8D0-2E4E-4A02-BF67-48DF6A7BFAB4} - System32\Tasks\Microsoft\Windows\Maps\MapsUpdateTask Task: {478D9869-22D0-4C98-8A2A-3534ACD88F6A} - System32\Tasks\Microsoft\Windows\Media Center\PeriodicScanRetry => C:\Windows\ehome\MCUpdate.exe Task: {4A46D1F8-8771-447A-BE93-6C10DC97A31A} - System32\Tasks\Microsoft\Windows\Media Center\ConfigureInternetTimeService => C:\Windows\ehome\ehPrivJob.exe Task: {4CABC4F8-B5E8-48EA-BA05-622E618A11FD} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd No Task File <==== ATTENTION Task: {4D52FF93-A0A1-4186-B522-963C17E07F74} - System32\Tasks\Microsoft\Windows\Media Center\ActivateWindowsSearch => C:\Windows\ehome\ehPrivJob.exe Task: {51768972-15C0-493A-B0ED-9AF84F741FA1} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscovery => C:\Windows\ehome\ehPrivJob.exe Task: {51ECBDDB-C325-48F8-AF23-EB6C141F7672} - System32\Tasks\Microsoft\Windows\Media Center\InstallPlayReady => C:\Windows\ehome\ehPrivJob.exe Task: {52279677-8374-4A9C-B7A2-32D5DA41F1A7} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d No Task File <==== ATTENTION Task: {53F9799D-D4C2-4C41-B6B1-122FB4DC0BA6} - System32\Tasks\{7C33622E-2574-4BF8-B305-54BDB7C8B638} => Firefox.exe http://ui.skype.com/ui/0/7.4.85.102/pl/abandoninstall?page=tsProgressBar Task: {5DE7EFBF-7BB6-4CA7-9DE4-99701A16FDF7} - System32\Tasks\TuneUpUtilities_Task_BkGndMaintenance2013 => C:\Program Files (x86)\AVG\AVG PC TuneUp\OneClick.exe Task: {5E5515C1-7D87-4904-B9CE-FD29EB2ADB72} - System32\Tasks\Microsoft\Windows\Sysmain\ResPriStaticDbSync Task: {611C823C-437B-46E7-9683-5312DFFCFD7B} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\Policy Install => C:\Windows\system32\usoclient.exe [2015-07-10] (Microsoft Corporation) Task: {6C6BD1F8-89DB-4FF1-821A-5086F6AE6914} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B No Task File <==== ATTENTION Task: {6CD393C9-B54F-46EE-A42E-E0385A1E8BE8} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW2 => C:\Windows\ehome\ehPrivJob.exe Task: {6F6985AD-E55C-46C9-BB08-C3D688A39256} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig No Task File <==== ATTENTION Task: {711EE2F9-A611-4773-AF8E-D4B278A6718D} - System32\Tasks\Microsoft\Windows\CertificateServicesClient\AikCertEnrollTask Task: {73551810-E5F4-433E-9494-0D00B55C855E} - System32\Tasks\Microsoft\Windows\Maps\MapsToastTask Task: {744C9FEA-08B7-43E1-A729-0F94647D655C} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\Resume On Boot => C:\Windows\system32\usoclient.exe [2015-07-10] (Microsoft Corporation) Task: {768F7044-6DF3-4D0A-87BC-50E6338C60E2} - System32\Tasks\Microsoft\Windows\Media Center\RecordingRestart => C:\Windows\ehome\ehrec.exe Task: {78B77FA3-9D97-441D-97B6-68CEA40B4F74} - System32\Tasks\Microsoft\Windows\Application Experience\ProgramDataUpdater => Rundll32.exe generaltel.dll,RunTelemetry -maintenance Task: {7A003965-A297-4DC6-B15B-852D798391E0} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\Reboot => C:\Windows\system32\MusNotification.exe [2015-07-29] (Microsoft Corporation) Task: {82D6CB22-192F-41DD-ABA8-F11F514258AC} - System32\Tasks\Microsoft\Windows\Media Center\SqlLiteRecoveryTask => C:\Windows\ehome\mcupdate.exe Task: {848DCC36-520C-4946-BF68-C7EFFEFA2F84} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\USO_UxBroker_ReadyToReboot => C:\windows\system32\MusNotification.exe [2015-07-29] (Microsoft Corporation) Task: {860B282E-F7B9-4D0C-9708-553478F65757} - System32\Tasks\Microsoft\Windows\Media Center\OCURDiscovery => C:\Windows\ehome\ehPrivJob.exe Task: {8D9A6D1C-2F93-4D0F-B393-9FE32E70B2FF} - System32\Tasks\Microsoft\Windows\Media Center\PvrRecoveryTask => C:\Windows\ehome\mcupdate.exe Task: {8DF84CB3-D8E0-4307-A35B-CA74E21786DB} - System32\Tasks\Microsoft\Windows\Clip\License Validation => C:\Windows\system32\ClipUp.exe [2015-07-29] (Microsoft Corporation) Task: {92DCC27B-5A2D-4EC2-8ED5-A752EAE7386E} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate => C:\Windows\ehome\mcupdate.exe Task: {954E9B40-C27B-4FEF-A646-A23881A40053} - System32\Tasks\Microsoft\Windows\Media Center\RegisterSearch => C:\Windows\ehome\ehPrivJob.exe Task: {9740E846-8644-4506-B5AB-B8A17E8B273E} - System32\Tasks\RunUninstallTool_SkipUac => C:\Program Files\Uninstall Tool\UninstallTool.exe [2015-06-02] (CrystalIDEA Software) Task: {979A43DA-80E1-4097-84C5-4B164171802E} - System32\Tasks\Microsoft\Windows\RetailDemo\CleanupOfflineContent Task: {9A28715F-91DB-488E-85A4-09508D82E8F2} - System32\Tasks\Microsoft\Windows\Media Center\PvrScheduleTask => C:\Windows\ehome\mcupdate.exe Task: {9C19B036-300A-46A5-8B2A-805874C34E54} - System32\Tasks\Nero\Nero Info => C:\Program Files (x86)\Common Files\Nero\Nero Info\NeroInfo.exe [2014-07-21] (Nero AG) Task: {A34E3A45-9790-41D8-BF39-480441B1094D} - System32\Tasks\Microsoft\Windows\Media Center\MediaCenterRecoveryTask => C:\Windows\ehome\mcupdate.exe Task: {A364E297-00AD-490D-900E-22AC34598C71} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\Maintenance Install => C:\Windows\system32\usoclient.exe [2015-07-10] (Microsoft Corporation) Task: {A514892A-42F6-4BCB-827C-98FE95667D8B} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent No Task File <==== ATTENTION Task: {A5B6CD85-1B57-49B9-BA80-5D5D65F02826} - System32\Tasks\Microsoft\Windows\AppID\EDP Policy Manager Task: {A6F15A16-AAA5-40A6-97C4-8D040588C70C} - System32\Tasks\Microsoft\Windows\Media Center\UpdateRecordPath => C:\Windows\ehome\ehPrivJob.exe Task: {A8A72D1B-F645-4098-A1B3-68E067EB2DC9} - System32\Tasks\Microsoft\Windows\Media Center\StartRecording => C:\Windows\ehome\ehrec.exe Task: {AC29E64E-3271-47BA-B8F1-914523CF379B} - System32\Tasks\Microsoft\Windows\WindowsUpdate\Automatic App Update Task: {B649D2B9-E07B-498B-9942-92E4C83A81C0} - \Microsoft\Windows\Setup\gwx\launchtrayprocess No Task File <==== ATTENTION Task: {B9B36D41-C776-424E-9A13-5387E17A2CEB} - System32\Tasks\Microsoft\Windows\WCM\WiFiTask => C:\Windows\System32\WiFiTask.exe [2015-07-10] (Microsoft Corporation) Task: {BD76AB9F-2C2B-48FB-AFD0-E2F938BAB0CF} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-07-15] (Adobe Systems Incorporated) Task: {BF8EB137-4656-4C6B-AF10-D0DD0776B728} - System32\Tasks\WINshell Event Notification => C:\Users\Figo\AppData\Local\Temp\SBCint2.exe <==== ATTENTION Task: {C19FDC78-75A7-4EE7-A21D-602F11229DE2} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d No Task File <==== ATTENTION Task: {C2162702-FFEB-48C0-AA5F-2DA3A8887D61} - System32\Tasks\Microsoft\Windows\LanguageComponentsInstaller\Installation Task: {C56AFFD3-06B8-4A16-AF7E-F7A6EB3FAE9E} - System32\Tasks\Microsoft\Windows\TPM\Tpm-HASCertRetr Task: {C5EE2EA2-5312-4D1F-B9D0-41B18DF31B78} - System32\Tasks\Microsoft\Windows\WindowsUpdate\sih => C:\Windows\System32\sihclient.exe [2015-07-10] (Microsoft Corporation) Task: {C7A236B2-12E1-46DC-9501-3B1B0209CC09} - System32\Tasks\Microsoft\Windows\Location\WindowsActionDialog => C:\Windows\System32\WindowsActionDialog.exe [2015-07-10] (Microsoft Corporation) Task: {D2401052-A382-42DE-9C79-D1CF3563F654} - System32\Tasks\Microsoft\Windows\LanguageComponentsInstaller\Uninstallation Task: {D5CDEA25-B9D1-426D-97D9-DEED0D3CB793} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2015-07-11] (Avast Software s.r.o.) Task: {D7D66E11-C660-4DB1-836D-CB9DB581DD66} - System32\Tasks\Microsoft\Windows\Media Center\OCURActivate => C:\Windows\ehome\ehPrivJob.exe Task: {D7DAA99D-8586-41F8-AA2D-78F5CB6E7380} - System32\Tasks\{F6BB3BC3-87F8-4922-9517-916435B7AE5A} => pcalua.exe -a C:\Users\Figo2\Downloads\MStorage_PCDRV_LB_1_07_00_250.exe -d C:\Users\Figo2\Downloads Task: {DAF2BAE3-1C5B-4CB5-9F62-0911C031A15A} - System32\Tasks\Microsoft\Windows\DiskFootprint\Diagnostics => C:\Windows\system32\disksnapshot.exe [2015-07-10] (Microsoft Corporation) Task: {DC7A7790-712F-4E67-B844-E9BFDE57A9C4} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW1 => C:\Windows\ehome\ehPrivJob.exe Task: {DDD467BD-A19C-497F-BE9F-1D8D3A3D14A8} - System32\Tasks\Microsoft\Windows\Media Center\ObjectStoreRecoveryTask => C:\Windows\ehome\mcupdate.exe Task: {DE7E1C3E-D6C0-4C0B-8EC8-5F621AB62E07} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-07-07] (Adobe Systems Incorporated) Task: {DEDDDCD5-3959-4624-85E6-6D3876FC7E19} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d No Task File <==== ATTENTION Task: {DFDC78F9-A7F0-44EE-9518-E4DAB93DAE5E} - System32\Tasks\Microsoft\Windows\Media Center\DispatchRecoveryTasks => C:\Windows\ehome\ehPrivJob.exe Task: {E57D6CED-6EA3-4234-8D6E-CE28B97AD7EB} - System32\Tasks\Microsoft\Windows\Media Center\ehDRMInit => C:\Windows\ehome\ehPrivJob.exe Task: {EA3F661E-B31C-44A9-B40C-E3D5D56149D4} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\USO_UxBroker_Display => C:\windows\system32\MusNotification.exe [2015-07-29] (Microsoft Corporation) Task: {ECE98298-11E8-4795-8524-0201716AF902} - System32\Tasks\Microsoft\Windows\SetupSQMTask => C:\WINDOWS\SYSTEM32\OOBE\SETUPSQM.EXE [2015-07-10] (Microsoft Corporation) Task: {F0EDCD65-44FB-4F32-9128-2B6FBC2472A8} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate_scheduled => C:\Windows\ehome\mcupdate.exe Task: {F21E9182-51EB-47F6-AD7E-0D2DE2E90EEE} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent No Task File <==== ATTENTION Task: {FE928EFA-903F-4968-A4E5-AC83180AB19D} - System32\Tasks\MSIAfterburner => C:\Program Files (x86)\MSI Afterburner\MSIAfterburner.exe [2014-12-06] () (If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.) Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe ==================== Loaded Modules (Whitelisted) ============== 2015-07-29 13:38 - 2015-07-29 13:38 - 00032768 _____ () C:\WINDOWS\SYSTEM32\licensemanagerapi.dll 2015-04-02 22:38 - 2015-06-17 08:30 - 00116552 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll 2015-07-29 13:38 - 2015-07-29 13:38 - 00403968 _____ () C:\WINDOWS\System32\diagtrack_wininternal.dll 2015-04-03 13:02 - 2015-04-03 13:02 - 00076152 _____ () C:\Windows\system32\PnkBstrA.exe 2015-07-29 13:38 - 2015-07-29 13:38 - 02498808 _____ () C:\WINDOWS\system32\CoreUIComponents.dll 2014-12-06 09:03 - 2014-12-06 09:03 - 00565760 _____ () C:\Program Files (x86)\MSI Afterburner\MSIAfterburner.exe 2015-07-29 13:38 - 2015-07-29 13:38 - 02498808 _____ () C:\WINDOWS\System32\CoreUIComponents.dll 2015-07-10 12:59 - 2015-07-10 12:59 - 00429056 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\QuickActions.dll 2015-07-29 13:38 - 2015-07-29 13:38 - 06576640 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll 2015-07-10 13:00 - 2015-07-10 18:35 - 00471040 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll 2015-07-29 13:38 - 2015-07-29 13:38 - 01806848 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll 2015-07-29 13:38 - 2015-07-29 13:38 - 02274816 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll 2015-06-17 12:57 - 2012-05-21 19:08 - 00770048 _____ () C:\Program Files (x86)\Gaming Keyboard\Monitor.EXE 2015-06-17 12:57 - 2011-12-16 13:04 - 00655360 _____ () C:\Program Files (x86)\Gaming Keyboard\OSD.exe 2015-04-24 14:40 - 2015-04-24 14:40 - 00104400 _____ () C:\Program Files\AVAST Software\Avast\log.dll 2015-04-24 14:40 - 2015-04-24 14:40 - 00081728 _____ () C:\Program Files\AVAST Software\Avast\JsonRpcServer.dll 2015-07-29 10:13 - 2015-07-29 10:13 - 02960384 _____ () C:\Program Files\AVAST Software\Avast\defs\15072900\algo.dll 2014-12-06 09:01 - 2014-12-06 09:01 - 00071680 _____ () C:\Program Files (x86)\MSI Afterburner\RTMUI.dll 2014-12-06 09:01 - 2014-12-06 09:01 - 00056832 _____ () C:\Program Files (x86)\MSI Afterburner\RTFC.dll 2014-12-06 09:02 - 2014-12-06 09:02 - 00217600 _____ () C:\Program Files (x86)\MSI Afterburner\RTCore.dll 2014-12-06 09:01 - 2014-12-06 09:01 - 00353792 _____ () C:\Program Files (x86)\MSI Afterburner\RTUI.dll 2014-12-06 09:02 - 2014-12-06 09:02 - 00649216 _____ () C:\Program Files (x86)\MSI Afterburner\RTHAL.dll 2015-04-02 22:53 - 2015-06-24 13:37 - 00011920 _____ () C:\Program Files (x86)\NVIDIA Corporation\Update Core\detoured.dll 2015-04-02 22:12 - 2015-04-02 22:12 - 40540672 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll 2015-06-17 12:57 - 2012-05-04 18:28 - 00057344 _____ () C:\Program Files (x86)\Gaming Keyboard\lan.dll ==================== Alternate Data Streams (Whitelisted) ========= (If an entry is included in the fixlist, only the ADS will be removed.) ==================== Safe Mode (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.) HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Ahcache.sys => ""="Driver" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CoreMessagingRegistrar => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\StateRepository => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TileDataModelSvc => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\UserManager => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Ahcache.sys => ""="Driver" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\CoreMessagingRegistrar => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\StateRepository => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TileDataModelSvc => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\UserManager => ""="Service" ==================== EXE Association (Whitelisted) =============== (If an entry is included in the fixlist, the registry item will be restored to default or removed.) ==================== Internet Explorer trusted/restricted =============== (If an entry is included in the fixlist, it will be removed from the registry.) ==================== Other Areas ============================ (Currently there is no automatic fix for this section.) HKU\S-1-5-21-2705386953-3286083312-722412902-1050\Control Panel\Desktop\\Wallpaper -> c:\windows\web\wallpaper\theme1\img1.jpg DNS Servers: 192.168.0.1 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1) Windows Firewall is enabled. ==================== MSCONFIG/TASK MANAGER disabled items == (Currently there is no automatic fix for this section.) ==================== FirewallRules (Whitelisted) =============== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139 FirewallRules: [SPPSVC-In-TCP] => (Allow) %SystemRoot%\system32\sppextcomobj.exe FirewallRules: [SPPSVC-In-TCP-NoScope] => (Allow) %SystemRoot%\system32\sppextcomobj.exe FirewallRules: [MSMQ-In-TCP] => (Allow) %systemroot%\system32\mqsvc.exe FirewallRules: [MSMQ-Out-TCP] => (Allow) %systemroot%\system32\mqsvc.exe FirewallRules: [MSMQ-In-UDP] => (Allow) %systemroot%\system32\mqsvc.exe FirewallRules: [MSMQ-Out-UDP] => (Allow) %systemroot%\system32\mqsvc.exe FirewallRules: [WCF-NetTcpActivator-In-TCP-64bit] => (Allow) LPort=808 FirewallRules: [UDP Query User{B85DC2D0-27FD-4477-89FC-A93B2C43F85D}C:\program files\unity\monodevelop\bin\monodevelop.exe] => (Allow) C:\program files\unity\monodevelop\bin\monodevelop.exe FirewallRules: [TCP Query User{7F0CFB07-AD99-44B4-B865-6D7B3DF39067}C:\program files\unity\monodevelop\bin\monodevelop.exe] => (Allow) C:\program files\unity\monodevelop\bin\monodevelop.exe FirewallRules: [{CF2AF771-3863-49DC-97A3-4190F806F76A}] => (Allow) C:\Gry\Battlefield 4\bf4.exe FirewallRules: [{A971F96A-C5D1-4D20-83AE-63D4D1387C7F}] => (Allow) C:\Gry\Battlefield 4\bf4.exe FirewallRules: [{28A273C3-8CE6-4FA5-B07E-9B216492A791}] => (Allow) C:\Gry\Battlefield 4\bf4_x86.exe FirewallRules: [{FC2233D2-2BAC-4B9A-A42B-D9A9FC2D1770}] => (Allow) C:\Gry\Battlefield 4\bf4_x86.exe FirewallRules: [{F30D53F6-6619-4DCD-98F2-F1293978F96B}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe FirewallRules: [{163D96B6-94FD-460F-B8AC-C0DC31E65D4C}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe FirewallRules: [{774DAD1E-A377-4D0D-9420-5767AB6F6B64}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe FirewallRules: [{3C3E66E4-2580-4668-A4FD-1DB1F462C08D}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe FirewallRules: [{2AF9168B-6EC9-4CD6-8799-0860B65B3185}] => (Allow) C:\Program Files\Vuze\Azureus.exe FirewallRules: [{A4C33E73-4AAF-4625-AFD0-FD719878C957}] => (Allow) C:\Program Files\Vuze\Azureus.exe FirewallRules: [{48D2A301-358A-4505-A817-2EE89FCE2A80}] => (Allow) C:\Program Files (x86)\Nero\Nero 2015\Nero Burning ROM\nero.exe FirewallRules: [{5B188B90-3D7E-48DC-BCCE-F6F1B066CDEC}] => (Allow) C:\Program Files (x86)\Nero\KM\NMDllHost.exe FirewallRules: [{A825DCBB-500A-472F-BD9A-CDD52236210D}] => (Allow) C:\Program Files (x86)\Nero\Nero 2015\Nero Burning ROM\StartNBR.exe FirewallRules: [{D744F413-C885-4008-A6BD-D85822B7751B}] => (Allow) C:\Program Files (x86)\Nero\Nero Blu-ray Player\Blu-rayPlayer.exe FirewallRules: [{943C4EA1-C32B-4319-BD8F-CB4E0B10DDF2}] => (Allow) C:\Program Files (x86)\Nero\Nero Blu-ray Player\Blu-rayPlayer.exe FirewallRules: [{63D14F1A-4EDD-464B-B2CA-6E0C15EB63AD}] => (Allow) C:\Program Files\AVAST Software\Avast\ng\vbox\aswFe.exe FirewallRules: [{630ECB7A-C2BB-43EA-B952-8F220C67B6FA}] => (Allow) C:\Program Files\AVAST Software\Avast\ng\vbox\aswFe.exe FirewallRules: [{B7382CF1-E519-4CFF-AC16-38BB61202839}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Serious Sam 3\Bin\Sam3_Unrestricted.exe FirewallRules: [{E16170FA-E641-46D4-BC84-26501ABEB518}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Serious Sam 3\Bin\Sam3_Unrestricted.exe FirewallRules: [{3C29FC30-B21B-4AB1-BBF7-D1A205C31E91}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Serious Sam 3\Bin\Sam3.exe FirewallRules: [{D8E0AA6C-B26B-4510-B44D-9C689C21913E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Serious Sam 3\Bin\Sam3.exe FirewallRules: [{FDACE46D-EE14-4EEF-9EEC-DB941B0E9A7E}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe FirewallRules: [{D8B5B1C3-BCAE-4EE4-A58D-7140CE5A705A}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe FirewallRules: [{001A7AD3-16C3-4ABA-A106-64B7DC0476D5}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe FirewallRules: [{32640F65-AF0C-4009-8051-0134CC7A7C6A}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe FirewallRules: [UDP Query User{5BD67887-1F43-4E85-B72E-3F8F9F0943B7}C:\program files (x86)\allplayer remote\allplayerremotecontrol.exe] => (Block) C:\program files (x86)\allplayer remote\allplayerremotecontrol.exe FirewallRules: [TCP Query User{D2EB0A62-23B2-47F8-B529-C100E25C5EBA}C:\program files (x86)\allplayer remote\allplayerremotecontrol.exe] => (Block) C:\program files (x86)\allplayer remote\allplayerremotecontrol.exe FirewallRules: [UDP Query User{8156DB1B-C70C-425F-8455-73AFC5E36219}C:\program files (x86)\allplayer remote\allplayerremotecontrol.exe] => (Block) C:\program files (x86)\allplayer remote\allplayerremotecontrol.exe FirewallRules: [TCP Query User{5B9D085E-11CF-4D40-8E28-432A1A0070E5}C:\program files (x86)\allplayer remote\allplayerremotecontrol.exe] => (Block) C:\program files (x86)\allplayer remote\allplayerremotecontrol.exe FirewallRules: [UDP Query User{55C8C395-0ADE-4994-AE00-E5EC7F6347D6}C:\gry\rockstar games\gta san andreas\gta_sa.exe] => (Block) C:\gry\rockstar games\gta san andreas\gta_sa.exe FirewallRules: [TCP Query User{B314B4E5-610D-4FF3-ADCA-A527D1D37DC7}C:\gry\rockstar games\gta san andreas\gta_sa.exe] => (Block) C:\gry\rockstar games\gta san andreas\gta_sa.exe FirewallRules: [{33B5D6FC-DED9-460C-972A-516DC4992026}] => (Allow) C:\Gry\The Sims 4\Game\Bin\TS4.exe FirewallRules: [{A37EF892-E43D-4310-90D6-1B8F4207908D}] => (Allow) C:\Gry\The Sims 4\Game\Bin\TS4.exe FirewallRules: [{AC8FC615-9752-4B98-9E95-70595AC14A85}] => (Allow) C:\Gry\The Sims 4\Game\Bin\TS4.exe FirewallRules: [{3E57A90A-178C-4AEE-AA7F-61ACDC83DC77}] => (Allow) C:\Gry\The Sims 4\Game\Bin\TS4.exe FirewallRules: [UDP Query User{1AD471F6-21DC-4888-9298-443C4B57B970}C:\program files\videolan\vlc\vlc.exe] => (Block) C:\program files\videolan\vlc\vlc.exe FirewallRules: [TCP Query User{46DB14EB-BE38-41E5-9096-F9EA316B2D5A}C:\program files\videolan\vlc\vlc.exe] => (Block) C:\program files\videolan\vlc\vlc.exe FirewallRules: [{47F07082-4146-4C26-A725-36C6CD2E865D}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe FirewallRules: [{04C43DB2-F252-43A1-B83A-1AEEE23F92AB}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe FirewallRules: [{5DDE3D0E-2CAE-47DD-8F27-DC446D0D1415}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe FirewallRules: [{56F35E1A-BC5D-4D1A-9CF8-07DF17189F3F}] => (Allow) C:\Program Files (x86)\Tunngle\Tunngle.exe FirewallRules: [{80C7AE25-F8AE-4E83-A0FC-454E51889078}] => (Allow) C:\Program Files (x86)\Tunngle\Tunngle.exe FirewallRules: [{845DD408-BD38-41AB-A216-14F31EDCFA33}] => (Allow) C:\Program Files (x86)\Tunngle\TnglCtrl.exe FirewallRules: [{D9DF81A8-AC59-410B-8999-D73733E084A0}] => (Allow) C:\Program Files (x86)\Tunngle\TnglCtrl.exe FirewallRules: [{E9949D8A-9921-4555-BF0E-A1FC08CA9372}] => (Allow) C:\Program Files (x86)\NapiProjekt\napisy.exe FirewallRules: [{B6050506-7B42-4545-8B62-D3C09C86D6BA}] => (Allow) C:\Program Files (x86)\NapiProjekt\napisy.exe FirewallRules: [UDP Query User{E6984AFD-50F3-48B5-9367-0FA0E6DFCB23}C:\program files\vuze\azureus.exe] => (Block) C:\program files\vuze\azureus.exe FirewallRules: [TCP Query User{710A6BA4-F276-4C8E-AAD7-47C5D3A74438}C:\program files\vuze\azureus.exe] => (Block) C:\program files\vuze\azureus.exe FirewallRules: [{569969C6-A0B6-445F-86F2-BFE7DE683391}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe FirewallRules: [{52CC3FE8-AC9D-4AFB-AE56-3DA794D7F142}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe FirewallRules: [{81CE96BE-2997-436F-AA63-06D23AB88AE8}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe FirewallRules: [{02F23CB7-A580-496C-9D18-FF56C1F23AAD}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe FirewallRules: [{83397BBA-5F39-449F-8D8C-BFE4BC7A9CCA}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe FirewallRules: [{8091EDC5-9448-447E-A150-24891E306594}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe FirewallRules: [{784A5A19-35CC-4741-B69F-62B5AD5A6C1A}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe FirewallRules: [{88DCDD8B-9F13-471C-879B-51ADDBD3DCC5}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe FirewallRules: [{CE0065C8-C938-4205-B838-36EDB4581261}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe FirewallRules: [{22D334D4-18FB-4456-856D-A009D7D9CBC9}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe FirewallRules: [{4FE9B633-548E-4C0C-94EF-FEB9B619F047}] => (Allow) C:\Program Files\AVAST Software\Avast\ng\vbox\aswFe.exe FirewallRules: [{FC7837EA-6D19-4CE9-8FE9-884DDCDEEAAF}] => (Allow) C:\Program Files\AVAST Software\Avast\ng\vbox\aswFe.exe FirewallRules: [{239093C9-AB7E-4766-A94F-28B0AC700959}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Robocraft\Robocraft.exe FirewallRules: [{77DC2AED-11DB-482C-B376-262D01FC7284}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Robocraft\Robocraft.exe FirewallRules: [{96212CE9-7EF0-4456-B6F1-A7845D970A74}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe ==================== Faulty Device Manager Devices ============= Name: Stacja dyskietek Description: Stacja dyskietek Class Guid: {4d36e980-e325-11ce-bfc1-08002be10318} Manufacturer: (Standardowe sterowniki stacji dyskietek) Service: flpydisk Problem: : This device is disabled. (Code 22) Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions. ==================== Event log errors: ========================= Application errors: ================== Error: (07/30/2015 04:37:57 PM) (Source: Application Hang) (EventID: 1002) (User: ) Description: Program OTL.exe w wersji 3.2.69.0 przestał współpracować z systemem Windows i został zamknięty. Aby sprawdzić, czy jest dostępnych więcej informacji na temat tego problemu, sprawdź historię problemu w oknie Zabezpieczenia i konserwacja w Panelu sterowania. Identyfikator procesu: 204c Godzina rozpoczęcia: 01d0cad502369758 Godzina zakończenia: 4294967295 Ścieżka aplikacji: C:\Users\Figo2\Desktop\OTL.exe Identyfikator raportu: 90e5b1e8-36c8-11e5-9bca-001a7dda7108 Pełna nazwa pakietu powodującego błąd: Identyfikator aplikacji względem pakietu powodującego błąd: Error: (07/30/2015 04:35:38 PM) (Source: Application Hang) (EventID: 1002) (User: ) Description: Program OTL.exe w wersji 3.2.69.0 przestał współpracować z systemem Windows i został zamknięty. Aby sprawdzić, czy jest dostępnych więcej informacji na temat tego problemu, sprawdź historię problemu w oknie Zabezpieczenia i konserwacja w Panelu sterowania. Identyfikator procesu: 10e0 Godzina rozpoczęcia: 01d0cad463203e90 Godzina zakończenia: 12 Ścieżka aplikacji: C:\Users\Figo2\Desktop\OTL.exe Identyfikator raportu: 3c029325-36c8-11e5-9bca-001a7dda7108 Pełna nazwa pakietu powodującego błąd: Identyfikator aplikacji względem pakietu powodującego błąd: Error: (07/30/2015 04:08:13 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: Figo-Komputer) Description: Aktywacja aplikacji Microsoft.Windows.Cortana_cw5n1h2txyewy!CortanaUI nie powiodła się. Błąd: -2144927141. Więcej informacji można znaleźć w dzienniku Microsoft-Windows-TWinUI/Działa. Error: (07/30/2015 04:08:09 PM) (Source: Application Hang) (EventID: 1002) (User: ) Description: Program FixSirc.com w wersji 1.0.0.1 przestał współpracować z systemem Windows i został zamknięty. Aby sprawdzić, czy jest dostępnych więcej informacji na temat tego problemu, sprawdź historię problemu w oknie Zabezpieczenia i konserwacja w Panelu sterowania. Identyfikator procesu: 1410 Godzina rozpoczęcia: 01d0cacf42d72237 Godzina zakończenia: 2 Ścieżka aplikacji: C:\Users\Figo2\Desktop\FixSirc.com Identyfikator raportu: 650bb3b6-36c4-11e5-9bca-001a7dda7108 Pełna nazwa pakietu powodującego błąd: Identyfikator aplikacji względem pakietu powodującego błąd: Error: (07/30/2015 03:51:09 PM) (Source: Application Hang) (EventID: 1002) (User: ) Description: Program FixSirc.com w wersji 1.0.0.1 przestał współpracować z systemem Windows i został zamknięty. Aby sprawdzić, czy jest dostępnych więcej informacji na temat tego problemu, sprawdź historię problemu w oknie Zabezpieczenia i konserwacja w Panelu sterowania. Identyfikator procesu: 2120 Godzina rozpoczęcia: 01d0caceb51db3eb Godzina zakończenia: 7 Ścieżka aplikacji: C:\Users\Figo2\Desktop\FixSirc.com Identyfikator raportu: 03df467d-36c2-11e5-9bca-001a7dda7108 Pełna nazwa pakietu powodującego błąd: Identyfikator aplikacji względem pakietu powodującego błąd: Error: (07/30/2015 03:37:01 PM) (Source: Windows Installer 3.1) (EventID: 4373) (User: ) Description: WindowsW magazynie brak miejsca dla wykonania tego polecenia. Error: (07/30/2015 03:29:17 PM) (Source: Application Hang) (EventID: 1002) (User: ) Description: Program Solitaire.exe w wersji 1.0.0.0 przestał współpracować z systemem Windows i został zamknięty. Aby sprawdzić, czy jest dostępnych więcej informacji na temat tego problemu, sprawdź historię problemu w oknie Zabezpieczenia i konserwacja w Panelu sterowania. Identyfikator procesu: 864 Godzina rozpoczęcia: 01d0cacb9df286d0 Godzina zakończenia: 4294967295 Ścieżka aplikacji: C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_3.2.7240.0_x64__8wekyb3d8bbwe\Solitaire.exe Identyfikator raportu: f8be83f3-36be-11e5-9bca-001a7dda7108 Pełna nazwa pakietu powodującego błąd: Microsoft.MicrosoftSolitaireCollection_3.2.7240.0_x64__8wekyb3d8bbwe Identyfikator aplikacji względem pakietu powodującego błąd: App Error: (07/30/2015 03:29:15 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 2484) (User: Figo-Komputer) Description: Działanie pakietu Microsoft.MicrosoftSolitaireCollection_3.2.7240.0_x64__8wekyb3d8bbwe+App zostało zakończone, ponieważ operacja wstrzymywania pakietu trwała zbyt długo. Error: (07/29/2015 11:06:24 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: Figo-Komputer) Description: Aktywacja aplikacji Microsoft.Windows.Cortana_cw5n1h2txyewy!CortanaUI nie powiodła się. Błąd: -2144927141. Więcej informacji można znaleźć w dzienniku Microsoft-Windows-TWinUI/Działa. Error: (07/29/2015 08:31:51 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: Figo-Komputer) Description: Aktywacja aplikacji Microsoft.Windows.Cortana_cw5n1h2txyewy!CortanaUI nie powiodła się. Błąd: -2144927141. Więcej informacji można znaleźć w dzienniku Microsoft-Windows-TWinUI/Działa. System errors: ============= Error: (07/30/2015 05:15:43 PM) (Source: DCOM) (EventID: 10016) (User: ZARZĄDZANIE NT) Description: właściwe dla aplikacjiLokalnyAktywacja{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}ZARZĄDZANIE NTUSŁUGA LOKALNAS-1-5-19LocalHost (użycie LRPC)NiedostępnyNiedostępny Error: (07/30/2015 05:12:13 PM) (Source: Service Control Manager) (EventID: 7001) (User: ) Description: Usługa Adapter odbiornika Net.Tcp zależy od usługi Usługa udostępniania portów Net.Tcp, której nie można uruchomić z powodu następującego błędu: %%1058 Error: (07/30/2015 05:12:12 PM) (Source: Service Control Manager) (EventID: 7024) (User: ) Description: Usługa Usługa nasłuchująca grup domowych zakończyła działanie; wystąpił następujący specyficzny dla niej błąd: %%2147944153 Error: (07/30/2015 05:11:27 PM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: Usługa Dostęp do danych użytkownika_Session2 niespodziewanie zakończyła pracę. Wystąpiło to razy: 1. W przeciągu 10000 milisekund zostanie podjęta następująca czynność korekcyjna: Uruchom usługę ponownie. Error: (07/30/2015 05:11:27 PM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: Usługa Magazyn danych użytkownika_Session2 niespodziewanie zakończyła pracę. Wystąpiło to razy: 1. W przeciągu 10000 milisekund zostanie podjęta następująca czynność korekcyjna: Uruchom usługę ponownie. Error: (07/30/2015 05:11:27 PM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: Usługa Dane kontaktowe_Session2 niespodziewanie zakończyła pracę. Wystąpiło to razy: 1. W przeciągu 10000 milisekund zostanie podjęta następująca czynność korekcyjna: Uruchom usługę ponownie. Error: (07/30/2015 05:11:27 PM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: Usługa Synchronizuj hosta_Session2 niespodziewanie zakończyła pracę. Wystąpiło to razy: 1. W przeciągu 10000 milisekund zostanie podjęta następująca czynność korekcyjna: Uruchom usługę ponownie. Error: (07/30/2015 04:24:42 PM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: Usługa Adapter odbiornika Net.Pipe niespodziewanie zakończyła pracę. Wystąpiło to razy: 1. W przeciągu 120000 milisekund zostanie podjęta następująca czynność korekcyjna: Uruchom usługę ponownie. Error: (07/30/2015 04:24:42 PM) (Source: WAS) (EventID: 5175) (User: ) Description: Adapter odbiornika obsługujący protokół 'net.pipe' nieoczekiwanie się rozłączył. Error: (07/30/2015 04:24:41 PM) (Source: WAS) (EventID: 5175) (User: ) Description: Adapter odbiornika obsługujący protokół 'net.msmq' nieoczekiwanie się rozłączył. Microsoft Office: ========================= ==================== Memory info =========================== Processor: Intel(R) Core(TM)2 Duo CPU E8400 @ 3.00GHz Percentage of memory in use: 17% Total physical RAM: 8190.49 MB Available physical RAM: 6724 MB Total Virtual: 16382.49 MB Available Virtual: 14915.77 MB ==================== Drives ================================ Drive c: () (Fixed) (Total:232.88 GB) (Free:62.8 GB) NTFS ==>[drive with boot components (obtained from BCD)] ==================== MBR & Partition Table ================== ======================================================== Disk: 0 (MBR Code: Windows 7 or 8) (Size: 232.9 GB) (Disk ID: 87E69087) Partition 1: (Active) - (Size=232.9 GB) - (Type=07 NTFS) ==================== End of log ============================