Additional scan result of Farbar Recovery Scan Tool (x64) Version:08-08-2015 01 Ran by Rymin (2015-08-09 14:06:48) Running from C:\Users\Rymin\Desktop Boot Mode: Normal ========================================================== ==================== Accounts: ============================= Administrator (S-1-5-21-2256594746-1432280111-207961492-500 - Administrator - Disabled) Gość (S-1-5-21-2256594746-1432280111-207961492-501 - Limited - Disabled) HomeGroupUser$ (S-1-5-21-2256594746-1432280111-207961492-1002 - Limited - Enabled) Rymin (S-1-5-21-2256594746-1432280111-207961492-1000 - Administrator - Enabled) => C:\Users\Rymin ==================== Security Center ======================== (If an entry is included in the fixlist, it will be removed.) AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} ==================== Installed Programs ====================== (Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.) 2007 Microsoft Office Suite Service Pack 1 (SP1) (HKLM-x32\...\{90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{BEE75E01-DD3F-4D5F-B96C-609E6538D419}) (Version: - Microsoft) 2007 Microsoft Office Suite Service Pack 1 (SP1) (x32 Version: - Microsoft) Hidden Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 17.0.0.144 - Adobe Systems Incorporated) Adobe Flash Player 18 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 18.0.0.209 - Adobe Systems Incorporated) Adobe Photoshop CS6 (HKLM-x32\...\{74EB3499-8B95-4B5C-96EB-7B342F3FD0C6}) (Version: 13.0 - Adobe Systems Incorporated) Adobe Reader 9.0.1 - Polish (HKLM-x32\...\{AC76BA86-7AD7-1045-7B44-A90100000001}) (Version: 9.0.1 - Adobe Systems Incorporated) ALPS Touch Pad Driver (HKLM\...\{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}) (Version: - ) Andy OS (HKLM-x32\...\Andy OS) (Version: 0.43 - Andy OS, Inc) Apple Software Update (HKLM-x32\...\{6956856F-B6B3-4BE0-BA0B-8F495BE32033}) (Version: 2.1.1.116 - Apple Inc.) Asystent rejestracji usługi Windows Live (HKLM-x32\...\{51958BA7-21E4-4A8B-9098-CD8375BD17B2}) (Version: 5.000.818.5 - Microsoft Corporation) BitComet 1.38 64-bit (HKLM-x32\...\BitComet_x64) (Version: 1.38 - CometNetwork) Bonjour (HKLM\...\{B91110FB-33B4-468B-90C2-4D5E8AE3FAE1}) (Version: 2.0.2.0 - Apple Inc.) Broadcom 802.11 Wireless Driver (HKLM-x32\...\{8991E763-21F5-4DEA-A938-5D9D77DCB488}) (Version: 1.0.0.0 - ) Broadcom Gigabit Integrated Controller (HKLM\...\{49F3D04B-B849-4C89-AB31-2366A004EA28}) (Version: 12.24.02 - Broadcom Corporation) Conexant HD Audio (HKLM\...\CNXT_AUDIO_HDA) (Version: 4.119.0.60 - Conexant) DAZ Content Management Service (HKLM-x32\...\DAZ Content Management Service 4.8.1.7) (Version: 4.8.1.7 - DAZ 3D) DAZ Install Manager (HKLM-x32\...\DAZ Install Manager 1.1.0.28) (Version: 1.1.0.28 - DAZ 3D) Dropbox (HKU\S-1-5-21-2256594746-1432280111-207961492-1000\...\Dropbox) (Version: 3.8.5 - Dropbox, Inc.) e-Deklaracje Desktop (HKLM-x32\...\e-Deklaracje.A1909296681C7ACEFE45687D3A64758C8659BF46.1) (Version: 7.0.3 - Ministerstwo Finansow) e-Deklaracje Desktop (x32 Version: 7.0.3 - Ministerstwo Finansow) Hidden Energy Management (HKLM-x32\...\{AE1E24C2-E720-42D5-B8E1-48F71A97B4DB}) (Version: 4.4.1.3 - Lenovo) Galeria fotografii usługi Windows Live (x32 Version: 14.0.8081.709 - Microsoft Corporation) Hidden Google Talk Plugin (HKLM-x32\...\{CA3DD97D-1FD7-37A7-BD5C-FC4430C8B8E6}) (Version: 5.41.2.0 - Google) Intel® Matrix Storage Manager (HKLM\...\{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}) (Version: - Intel Corporation) Junk Mail filter update (x32 Version: 14.0.8089.726 - Microsoft Corporation) Hidden KeyShot 5 64 bit (HKLM-x32\...\KeyShot 5_64) (Version: 5.0 64 bit - Luxion ApS) K-Lite Codec Pack 10.8.0 Full (HKLM-x32\...\KLiteCodecPack_is1) (Version: 10.8.0 - ) Lenovo Bluetooth with Enhanced Data Rate Software (HKLM\...\{9E9D49A4-1DF4-4138-B7DB-5D87A893088E}) (Version: 6.2.1.100 - Broadcom Corporation) Lenovo EasyCamera (HKLM-x32\...\{4BB1DCED-84D3-47F9-B718-5947E904593E}) (Version: 6.64.2018.12 - Lenovo EasyCamera) Lenovo OneKey Recovery (HKLM-x32\...\InstallShield_{46F4D124-20E5-4D12-BE52-EC177A7A4B42}) (Version: 7.0.0723 - CyberLink Corp.) Lenovo OneKey Recovery (Version: 7.0.0723 - CyberLink Corp.) Hidden Lenovo ReadyComm 5 (HKLM-x32\...\{17542DBF-E17C-4562-BC4D-FA3EF3076C45}) (Version: 5.1.1.20 - Lenovo) Lenovo ReadyComm 5.0 Service (HKLM-x32\...\{76C66170-C538-4E77-B54D-48E136B5B533}) (Version: 5.0.0.1 - Lenovo Group Limited) Luxology modo 801 build 70287 (HKLM-x32\...\801_64) (Version: - ) Microsoft .NET Framework 4 Client Profile (HKLM\...\Microsoft .NET Framework 4 Client Profile) (Version: 4.0.30319 - Microsoft Corporation) Microsoft .NET Framework 4 Extended (HKLM\...\Microsoft .NET Framework 4 Extended) (Version: 4.0.30319 - Microsoft Corporation) Microsoft Office Professional Plus 2007 (HKLM-x32\...\PROPLUS) (Version: 12.0.6215.1000 - Microsoft Corporation) Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation) Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation) Microsoft Sync Framework Runtime Native v1.0 (x86) (HKLM-x32\...\{8A74E887-8F0F-4017-AF53-CBA42211AAA5}) (Version: 1.0.1215.0 - Microsoft Corporation) Microsoft Sync Framework Services Native v1.0 (x86) (HKLM-x32\...\{BD64AF4A-8C80-4152-AD77-FCDDF05208AB}) (Version: 1.0.1215.0 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Mozilla Firefox 39.0.3 (x86 pl) (HKLM-x32\...\Mozilla Firefox 39.0.3 (x86 pl)) (Version: 39.0.3 - Mozilla) Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 33.0 - Mozilla) Narzędzie do przekazywania usługi Windows Live (HKLM-x32\...\{205C6BDD-7B73-42DE-8505-9A093F35A238}) (Version: 14.0.8014.1029 - Microsoft Corporation) NVIDIA Drivers (HKLM\...\NVIDIA Drivers) (Version: 1.10.57.35 - NVIDIA Corporation) Pakiet sterowników systemu Windows - Lenovo (ACPIVPC) System (05/19/2009 4.4.0.1) (HKLM\...\92F4CDC794E6E4E29DC063D292D1C94F6FA1EA1E) (Version: 05/19/2009 4.4.0.1 - Lenovo) PDF Settings CS6 (x32 Version: 11.0 - Adobe Systems Incorporated) Hidden Poczta usługi Windows Live (x32 Version: 14.0.8089.0726 - Microsoft Corporation) Hidden Podstawowe programy Windows Live (HKLM-x32\...\WinLiveSuite_Wave3) (Version: 14.0.8089.0726 - Microsoft Corporation) Podstawowe programy Windows Live (x32 Version: 14.0.8089.726 - Microsoft Corporation) Hidden Power2Go (HKLM-x32\...\{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 5.6.0.4809d4 - CyberLink Corp.) Realtek USB 2.0 Card Reader (HKLM-x32\...\{96AE7E41-E34E-47D0-AC07-1091A8127911}) (Version: 6.1.7600.30101 - Realtek Semiconductor Corp.) SketchUp 2015 (HKLM\...\{350488A4-1540-4103-8F01-B27503891EB0}) (Version: 15.3.331 - Trimble Navigation Limited) Skype™ 7.6 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.6.105 - Skype Technologies S.A.) Tablet Wacom (HKLM-x32\...\Wacom Tablet Driver) (Version: - Wacom Technology Corp.) Usługi drukowania Bonjour (HKLM\...\{0DA20600-6130-443B-9D4B-F30520315FA6}) (Version: 2.0.2.0 - Apple Inc.) WebTablet IE Plugin (HKLM-x32\...\Wacom WebTabletPlugin for IE) (Version: 1.1.0.4 - Wacom Technology Corp.) WebTablet Netscape Plugin (HKLM-x32\...\Wacom WebTabletPlugin for Netscape) (Version: 1.1.0.3 - Wacom Technology Corp.) Windows Driver Package - Broadcom Bluetooth (06/15/2009 6.2.0.9000) (HKLM\...\6B8550A319DDC8B17F35F4A89988705E4592349B) (Version: 06/15/2009 6.2.0.9000 - Broadcom) Windows Driver Package - Broadcom Bluetooth (07/30/2009 6.2.0.9405) (HKLM\...\6B6B5E96843E55CF5CF8C7E45FB457F1FE642FF1) (Version: 07/30/2009 6.2.0.9405 - Broadcom) Windows Driver Package - Broadcom HIDClass (07/28/2009 6.2.0.9800) (HKLM\...\3BA80AB4C7E9F8497C115C844953A3D4BEB84D21) (Version: 07/28/2009 6.2.0.9800 - Broadcom) Windows Live Sync (HKLM-x32\...\{2E522ED6-01E2-4207-82D5-B3BFB31B8BD4}) (Version: 14.0.8089.726 - Microsoft Corporation) WinRAR 5.11 (64-bitowy) (HKLM\...\WinRAR archiver) (Version: 5.11.0 - win.rar GmbH) ZBrush 4 (HKLM-x32\...\InstallShield_{4BF62C05-3943-4ECB-B233-6E37E3FB5BCF}) (Version: 4.0 - Pixologic) ZBrush 4 (x32 Version: 4.0 - Pixologic) Hidden ==================== Custom CLSID (Whitelisted): ========================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) CustomCLSID: HKU\S-1-5-21-2256594746-1432280111-207961492-1000_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Rymin\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-2256594746-1432280111-207961492-1000_Classes\CLSID\{1423F872-3F7F-4E57-B621-8B1A9D49B448}\InprocServer32 -> C:\Users\Rymin\AppData\Local\Google\Update\1.3.27.5\psuser_64.dll No File CustomCLSID: HKU\S-1-5-21-2256594746-1432280111-207961492-1000_Classes\CLSID\{5C8C2A98-6133-4EBA-BBCC-34D9EA01FC2E}\InprocServer32 -> C:\Users\Rymin\AppData\Local\Google\Update\1.3.28.1\psuser_64.dll (Google Inc.) CustomCLSID: HKU\S-1-5-21-2256594746-1432280111-207961492-1000_Classes\CLSID\{C3BC25C0-FCD3-4F01-AFDD-41373F017C9A}\InprocServer32 -> C:\Users\Rymin\AppData\Local\Google\Update\1.3.26.9\psuser_64.dll No File CustomCLSID: HKU\S-1-5-21-2256594746-1432280111-207961492-1000_Classes\CLSID\{D0336C0B-7919-4C04-8CCE-2EBAE2ECE8C9}\InprocServer32 -> C:\Users\Rymin\AppData\Local\Google\Update\1.3.25.11\psuser_64.dll No File CustomCLSID: HKU\S-1-5-21-2256594746-1432280111-207961492-1000_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\Rymin\AppData\Local\Google\Update\1.3.28.1\psuser_64.dll (Google Inc.) CustomCLSID: HKU\S-1-5-21-2256594746-1432280111-207961492-1000_Classes\CLSID\{ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C}\InprocServer32 -> C:\Users\Rymin\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-2256594746-1432280111-207961492-1000_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Rymin\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-2256594746-1432280111-207961492-1000_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Rymin\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-2256594746-1432280111-207961492-1000_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Rymin\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-2256594746-1432280111-207961492-1000_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Rymin\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-2256594746-1432280111-207961492-1000_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Rymin\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-2256594746-1432280111-207961492-1000_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Rymin\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-2256594746-1432280111-207961492-1000_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Rymin\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-2256594746-1432280111-207961492-1000_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Rymin\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-2256594746-1432280111-207961492-1000_Classes\CLSID\{FBC9D74C-AF55-4309-9FB2-C426E071637F}\InprocServer32 -> C:\Users\Rymin\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll (Dropbox, Inc.) ==================== Restore Points ========================= 21-07-2015 15:52:03 Windows Update 22-07-2015 13:14:05 Windows Update 29-07-2015 22:07:17 Windows Update 05-08-2015 08:34:12 Windows Update 09-08-2015 13:55:59 Windows Update ==================== Hosts content: =============================== (If needed Hosts: directive could be included in the fixlist to reset Hosts.) 2009-07-14 04:34 - 2009-06-10 23:00 - 00000824 ____N C:\windows\system32\Drivers\etc\hosts ==================== Scheduled Tasks (Whitelisted) ============= (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) Task: {05D370F8-AA9B-4E89-9BCC-2425E47A3885} - System32\Tasks\Microsoft\Windows\TabletPC\InputPersonalization => C:\Program Files\Common Files\Microsoft Shared\Ink\InputPersonalization.exe [2009-07-14] (Microsoft Corporation) Task: {8ACBAB01-BEC5-4194-BECB-F190F7A0E9DF} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2256594746-1432280111-207961492-1000Core => C:\Users\Rymin\AppData\Local\Google\Update\GoogleUpdate.exe [2015-03-09] (Google Inc.) Task: {AEDE6CCB-431E-4FF8-97FA-FEDDB7B3E8BC} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-2256594746-1432280111-207961492-1000UA => C:\Users\Rymin\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2015-06-16] (Dropbox, Inc.) Task: {B45102C5-BFC9-4A4B-9C6A-3C17F72D2236} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2008-07-30] (Apple Inc.) Task: {D5202C3A-1CDD-48E6-99A4-E4DE3DCA8FAA} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-2256594746-1432280111-207961492-1000Core => C:\Users\Rymin\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2015-06-16] (Dropbox, Inc.) Task: {D9A5035C-C588-4E90-AF33-AE121122EEB1} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2256594746-1432280111-207961492-1000UA => C:\Users\Rymin\AppData\Local\Google\Update\GoogleUpdate.exe [2015-03-09] (Google Inc.) (If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.) Task: C:\windows\Tasks\DropboxUpdateTaskUserS-1-5-21-2256594746-1432280111-207961492-1000Core.job => C:\Users\Rymin\AppData\Local\Dropbox\Update\DropboxUpdate.exe Task: C:\windows\Tasks\DropboxUpdateTaskUserS-1-5-21-2256594746-1432280111-207961492-1000UA.job => C:\Users\Rymin\AppData\Local\Dropbox\Update\DropboxUpdate.exe Task: C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2256594746-1432280111-207961492-1000Core.job => C:\Users\Rymin\AppData\Local\Google\Update\GoogleUpdate.exe Task: C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2256594746-1432280111-207961492-1000UA.job => C:\Users\Rymin\AppData\Local\Google\Update\GoogleUpdate.exe ==================== Loaded Modules (Whitelisted) ============== 2015-05-19 21:44 - 2011-05-05 22:36 - 00022528 _____ () C:\Program Files\DAZ 3D\Content Management Service\ContentManagementServer.exe 2015-05-19 21:44 - 2011-05-05 22:36 - 01479680 _____ () C:\Program Files\DAZ 3D\Content Management Service\ace_x64.dll 2015-05-19 21:44 - 2011-05-05 22:36 - 00977408 _____ () C:\Program Files\DAZ 3D\Content Management Service\VServer_x64.dll 2015-05-19 21:44 - 2011-05-05 22:36 - 01053696 _____ () C:\Program Files\DAZ 3D\Content Management Service\ace_ssl_x64.dll 2015-05-19 21:44 - 2011-05-05 22:36 - 00155136 _____ () C:\Program Files\DAZ 3D\Content Management Service\asnmp_x64.dll 2009-08-11 18:59 - 2009-08-11 18:59 - 00173344 _____ () C:\Program Files\Lenovo\Bluetooth Software\btkeyind.dll 2010-06-19 19:00 - 2009-07-15 17:55 - 00054088 _____ () C:\Program Files (x86)\Lenovo\Energy Management\kbdhook.dll 2010-06-19 19:00 - 2009-07-15 17:55 - 00054088 _____ () C:\Program Files (x86)\Lenovo\Energy Management\HookLib.dll 2015-08-09 13:48 - 2015-08-09 13:48 - 00071168 _____ () c:\users\rymin\appdata\local\temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmprjzmr4.dll 2015-03-04 23:45 - 2015-07-17 02:31 - 00012800 _____ () C:\Users\Rymin\AppData\Roaming\Dropbox\bin\QtQuick.2\qtquick2plugin.dll 2015-03-04 23:45 - 2015-07-17 02:31 - 00779776 _____ () C:\Users\Rymin\AppData\Roaming\Dropbox\bin\QtQuick\Controls\qtquickcontrolsplugin.dll 2015-07-31 08:02 - 2015-07-17 02:31 - 00056320 _____ () C:\Users\Rymin\AppData\Roaming\Dropbox\bin\QtQuick\Layouts\qquicklayoutsplugin.dll 2015-03-04 23:45 - 2015-07-17 02:31 - 00012288 _____ () C:\Users\Rymin\AppData\Roaming\Dropbox\bin\QtQuick\Window.2\windowplugin.dll ==================== Alternate Data Streams (Whitelisted) ========= (If an entry is included in the fixlist, only the ADS will be removed.) AlternateDataStreams: C:\ProgramData\Reprise:wupeogjxldtlfudivq`qsp`26hfm ==================== Safe Mode (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.) HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcmscsvc => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys => ""="Driver" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcmscsvc => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MCODS => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MpfService => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Wdf01000.sys => ""="Driver" ==================== EXE Association (Whitelisted) =============== (If an entry is included in the fixlist, the registry item will be restored to default or removed.) ==================== Internet Explorer trusted/restricted =============== (If an entry is included in the fixlist, it will be removed from the registry.) ==================== Other Areas ============================ (Currently there is no automatic fix for this section.) HKU\S-1-5-21-2256594746-1432280111-207961492-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Rymin\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg DNS Servers: 217.113.224.36 - 217.113.224.134 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1) Windows Firewall is enabled. ==================== MSCONFIG/TASK MANAGER disabled items == (Currently there is no automatic fix for this section.) ==================== FirewallRules (Whitelisted) =============== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) FirewallRules: [{C7979EF4-97D4-4232-BDBA-C824864FBFDE}] => (Allow) C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe FirewallRules: [{7F03093D-A9F7-436E-9B71-9ABF1784A15B}] => (Allow) svchost.exe FirewallRules: [{5FD7AF5E-B64D-4488-B467-CB08CF92193C}] => (Allow) C:\Program Files (x86)\Windows Live\Sync\WindowsLiveSync.exe FirewallRules: [{0BB4F05F-04BD-4BEF-90F8-82BA48FE0904}] => (Allow) C:\windows\System32\IgrsSvcs.exe FirewallRules: [{58D3E1FF-5B03-4261-956B-19B5A3023DF9}] => (Allow) C:\Program Files (x86)\Lenovo\ReadyComm\common\IGRS.exe FirewallRules: [{38ED5BD1-A670-4C4A-A5DD-00C95743DC2D}] => (Allow) C:\Program Files (x86)\Lenovo\ReadyComm\common\IGRS.exe FirewallRules: [{F5F45D99-62C0-4454-9E28-9C7EDB83CC5D}] => (Allow) C:\windows\System32\IgrsSvcs.exe FirewallRules: [{8EB34420-FA28-4B73-835F-CACF2572F16A}] => (Allow) C:\Program Files\Lenovo\ReadyComm\ReadyCom.exe FirewallRules: [{7EFE030B-D5A0-4396-A659-E3E828228A44}] => (Allow) C:\Program Files\Lenovo\ReadyComm\ReadyComm.exe FirewallRules: [{64CFFA47-2F75-4349-9824-B260DA02536F}] => (Allow) C:\Program Files\Lenovo\ReadyComm\Projectionist.exe FirewallRules: [{AFED893A-0304-4F1F-8F7E-6E42843852F9}] => (Allow) C:\Program Files\Lenovo\ReadyComm\Projectionist.exe FirewallRules: [{A931C280-4ABB-422D-A651-76B24C443CF8}] => (Allow) C:\Program Files\Lenovo\ReadyComm\AppSvc.exe FirewallRules: [{500A46ED-B3F0-48D7-9323-BE650F9BC08F}] => (Allow) C:\Program Files\Lenovo\ReadyComm\AppSvc.exe FirewallRules: [{2272A5D2-E18B-4F29-A1BE-C31468C3756D}] => (Allow) C:\Program Files\Lenovo\ReadyComm\ConnSvc.exe FirewallRules: [{4166C183-A0FE-4DFE-BD49-C3C7BE0B239A}] => (Allow) C:\Program Files\Lenovo\ReadyComm\ConnSvc.exe FirewallRules: [{8BFEA2E9-4397-4479-9CA8-2B2FDEBA75C6}] => (Allow) C:\Program Files (x86)\Lenovo\ReadyComm\common\IGRS.exe FirewallRules: [{8EB1C3E0-8724-4180-AF32-21A11CF0C702}] => (Allow) C:\Program Files (x86)\Lenovo\ReadyComm\common\IGRS.exe FirewallRules: [{A4D33C9A-439F-4511-A0A3-302E7E8ED7BC}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe FirewallRules: [TCP Query User{AE4C9BFC-8263-4ED2-97B9-62750A80CB4C}C:\users\rymin\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\rymin\appdata\roaming\spotify\spotify.exe FirewallRules: [UDP Query User{899A3A48-5C7C-4408-B462-ACC628649CB6}C:\users\rymin\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\rymin\appdata\roaming\spotify\spotify.exe FirewallRules: [TCP Query User{7B377D5F-0DBD-4724-B87C-CC31D8418B50}C:\users\rymin\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\rymin\appdata\roaming\spotify\spotify.exe FirewallRules: [UDP Query User{EDD48D46-FACE-46C7-92F0-ED54FDCED503}C:\users\rymin\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\rymin\appdata\roaming\spotify\spotify.exe FirewallRules: [{7284B510-E7B7-4CA3-89A3-F1B1C0DB0A28}] => (Allow) C:\Program Files\KeyShot5\bin\keyshot5.exe FirewallRules: [{23D62117-1FAE-485B-A925-2062B57CBF0F}] => (Allow) C:\Program Files\KeyShot5\bin\keyshot_daemon.exe FirewallRules: [TCP Query User{2759970A-29F6-4902-83E4-787A696956F4}C:\program files (x86)\counter-strike 1.6\hl.exe] => (Allow) C:\program files (x86)\counter-strike 1.6\hl.exe FirewallRules: [UDP Query User{E705A2AE-B273-4037-AE5C-8EDBAD598D51}C:\program files (x86)\counter-strike 1.6\hl.exe] => (Allow) C:\program files (x86)\counter-strike 1.6\hl.exe FirewallRules: [TCP Query User{D5D51AFC-EEB9-4009-89A5-B26D21327DC5}C:\program files (x86)\counter-strike 1.6\hlds.exe] => (Allow) C:\program files (x86)\counter-strike 1.6\hlds.exe FirewallRules: [UDP Query User{7925D4A7-A141-4194-95EF-7362224943FF}C:\program files (x86)\counter-strike 1.6\hlds.exe] => (Allow) C:\program files (x86)\counter-strike 1.6\hlds.exe FirewallRules: [TCP Query User{611E1679-77EC-42AB-97FB-D259E4D84D79}C:\program files\luxology\modo\801\modo.exe] => (Allow) C:\program files\luxology\modo\801\modo.exe FirewallRules: [UDP Query User{090A2E35-AD56-4325-AF6D-F965B72A7828}C:\program files\luxology\modo\801\modo.exe] => (Allow) C:\program files\luxology\modo\801\modo.exe FirewallRules: [{CFD3E0FF-E4FD-4D9F-841F-3D0B0BE873DC}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe FirewallRules: [{4A0222B1-3DDE-4F65-9271-3C66E522587E}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe FirewallRules: [{24D9FEB7-E2D5-40D7-BDEE-B93A0C4D4035}] => (Allow) C:\Users\Rymin\AppData\Roaming\Dropbox\bin\Dropbox.exe FirewallRules: [{C07EB35D-76CF-4EAC-B941-C8F706673D4A}] => (Allow) C:\Users\Rymin\AppData\Roaming\Dropbox\bin\Dropbox.exe FirewallRules: [TCP Query User{0A211FA1-3E62-48A2-8B23-54FD1A80E76C}C:\users\rymin\appdata\roaming\dropbox\bin\dropbox.exe] => (Block) C:\users\rymin\appdata\roaming\dropbox\bin\dropbox.exe FirewallRules: [UDP Query User{CE51A073-F652-4110-B1F9-5816022119AE}C:\users\rymin\appdata\roaming\dropbox\bin\dropbox.exe] => (Block) C:\users\rymin\appdata\roaming\dropbox\bin\dropbox.exe FirewallRules: [TCP Query User{B9B2EE5E-D234-4FCA-ADCF-C46A5E0CB710}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe FirewallRules: [UDP Query User{F6389F7E-5861-4A2C-89D9-83503C83DE5F}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe FirewallRules: [{4989D55B-1B7A-4BFC-87DD-FB217AF5868F}] => (Allow) C:\Program Files\BitComet\BitComet.exe FirewallRules: [{DE5D593E-B7E2-460F-9F0B-E310B8B472D4}] => (Allow) C:\Program Files\BitComet\BitComet.exe FirewallRules: [TCP Query User{C842F5E8-B15F-419B-9A2C-1E5ED92E8FF8}C:\program files\andy\andy.exe] => (Allow) C:\program files\andy\andy.exe FirewallRules: [UDP Query User{A3D6E35F-EA17-4301-ACA7-A87364831977}C:\program files\andy\andy.exe] => (Allow) C:\program files\andy\andy.exe FirewallRules: [{6E1D78AE-F3C9-41AA-A54E-5A1674DC2B3C}] => (Block) C:\program files\andy\andy.exe FirewallRules: [{92A68CB5-8E0F-4E01-BA08-6CDF9D18013B}] => (Block) C:\program files\andy\andy.exe FirewallRules: [{1BE32A92-958D-4F05-95D5-B696524FA262}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe FirewallRules: [{D40A9EA1-0066-4BC6-B60B-394A30DE0541}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe FirewallRules: [{2463E073-AE8C-40C6-9A59-E24316016E01}] => (Allow) C:\Program Files\Luxology\modo\801\modo.exe FirewallRules: [{8E1C0F46-9BA1-4327-873C-B62DE9EB0A49}] => (Allow) C:\Program Files\Luxology\modo\801\modo.exe FirewallRules: [TCP Query User{A72457C0-003F-4665-B7A3-9D181047FF0D}C:\users\rymin\desktop\modosp4\the foundry modo 801 sp4 win\flt7.0v2-win-x86-release-32\rlm.foundry.exe] => (Allow) C:\users\rymin\desktop\modosp4\the foundry modo 801 sp4 win\flt7.0v2-win-x86-release-32\rlm.foundry.exe FirewallRules: [UDP Query User{08950909-04FF-4701-BD76-E3D8FD390A0B}C:\users\rymin\desktop\modosp4\the foundry modo 801 sp4 win\flt7.0v2-win-x86-release-32\rlm.foundry.exe] => (Allow) C:\users\rymin\desktop\modosp4\the foundry modo 801 sp4 win\flt7.0v2-win-x86-release-32\rlm.foundry.exe ==================== Faulty Device Manager Devices ============= Name: Teredo Tunneling Pseudo-Interface Description: Karta tunelowania Teredo firmy Microsoft Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318} Manufacturer: Microsoft Service: tunnel Problem: : This device cannot start. (Code10) Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device. On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard. ==================== Event log errors: ========================= Application errors: ================== Error: (08/07/2015 10:32:59 AM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: GetLargeResourceRecord: opt 65002 optlen 8 wrong Error: (08/06/2015 10:04:33 PM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: GetLargeResourceRecord: opt 65002 optlen 8 wrong Error: (08/06/2015 10:04:00 PM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: GetLargeResourceRecord: opt 65002 optlen 8 wrong Error: (08/06/2015 10:03:08 PM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: GetLargeResourceRecord: opt 65002 optlen 8 wrong Error: (08/06/2015 10:02:55 PM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: GetLargeResourceRecord: opt 65002 optlen 8 wrong Error: (08/06/2015 10:02:22 PM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: GetLargeResourceRecord: opt 65002 optlen 8 wrong Error: (08/06/2015 09:59:47 PM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: GetLargeResourceRecord: opt 65002 optlen 8 wrong Error: (08/06/2015 09:59:15 PM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: GetLargeResourceRecord: opt 65002 optlen 8 wrong Error: (08/06/2015 09:58:42 PM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: GetLargeResourceRecord: opt 65002 optlen 8 wrong Error: (08/06/2015 09:58:09 PM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: GetLargeResourceRecord: opt 65002 optlen 8 wrong System errors: ============= Error: (08/09/2015 01:47:32 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Nie można uruchomić usługi Conexant SmartAudio service z powodu następującego błędu: %%2 Error: (08/09/2015 01:47:32 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Nie można uruchomić usługi ReadyComm.DirectRouter z powodu następującego błędu: %%2 Error: (08/09/2015 08:16:53 AM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Nie można uruchomić usługi Conexant SmartAudio service z powodu następującego błędu: %%2 Error: (08/09/2015 08:16:53 AM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Nie można uruchomić usługi ReadyComm.DirectRouter z powodu następującego błędu: %%2 Error: (08/08/2015 09:47:28 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Nie można uruchomić usługi Conexant SmartAudio service z powodu następującego błędu: %%2 Error: (08/08/2015 09:47:28 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Nie można uruchomić usługi ReadyComm.DirectRouter z powodu następującego błędu: %%2 Error: (08/08/2015 08:47:35 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Nie można uruchomić usługi Conexant SmartAudio service z powodu następującego błędu: %%2 Error: (08/08/2015 08:47:35 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Nie można uruchomić usługi ReadyComm.DirectRouter z powodu następującego błędu: %%2 Error: (08/08/2015 07:04:55 AM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Nie można uruchomić usługi Conexant SmartAudio service z powodu następującego błędu: %%2 Error: (08/08/2015 07:04:55 AM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Nie można uruchomić usługi ReadyComm.DirectRouter z powodu następującego błędu: %%2 Microsoft Office: ========================= ==================== Memory info =========================== Processor: Pentium(R) Dual-Core CPU T4500 @ 2.30GHz Percentage of memory in use: 61% Total physical RAM: 3066.6 MB Available physical RAM: 1178.32 MB Total Virtual: 6131.39 MB Available Virtual: 4009.44 MB ==================== Drives ================================ Drive c: () (Fixed) (Total:252.89 GB) (Free:105.58 GB) NTFS Drive d: (Lenovo) (Fixed) (Total:30.25 GB) (Free:29.41 GB) NTFS ==================== MBR & Partition Table ================== ======================================================== Disk: 0 (MBR Code: Windows 7 or 8) (Size: 298.1 GB) (Disk ID: 5D623F33) Partition 1: (Active) - (Size=200 MB) - (Type=07 NTFS) Partition 2: (Not Active) - (Size=252.9 GB) - (Type=07 NTFS) Partition 3: (Not Active) - (Size=30.2 GB) - (Type=OF Extended) Partition 4: (Not Active) - (Size=14.8 GB) - (Type=12) ==================== End of log ============================