Additional scan result of Farbar Recovery Scan Tool (x64) Version:13-08-2015 Ran by Sylwia (2015-08-14 16:20:38) Running from C:\Users\Sylwik\Downloads Boot Mode: Normal ========================================================== ==================== Accounts: ============================= Administrator (S-1-5-21-3453432811-3933972505-678822560-500 - Administrator - Disabled) Gość (S-1-5-21-3453432811-3933972505-678822560-501 - Limited - Disabled) => C:\Users\Gość HomeGroupUser$ (S-1-5-21-3453432811-3933972505-678822560-1003 - Limited - Enabled) Sylwia (S-1-5-21-3453432811-3933972505-678822560-1001 - Administrator - Enabled) => C:\Users\Sylwik ==================== Security Center ======================== (If an entry is included in the fixlist, it will be removed.) AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B} AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736} ==================== Installed Programs ====================== (Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.) Adobe Reader X (10.1.13) MUI (HKLM-x32\...\{AC76BA86-7AD7-FFFF-7B44-AA0000000001}) (Version: 10.1.13 - Adobe Systems Incorporated) ASUS Instant Connect (HKLM-x32\...\{89ECB85A-D933-4CEA-9116-5CBC9C2ED95B}) (Version: 1.2.8 - ASUS) ASUS InstantOn (HKLM-x32\...\{749F674B-2674-47E8-879C-5626A06B2A91}) (Version: 3.0.2 - ASUS) ASUS LifeFrame3 (HKLM-x32\...\{1DBD1F12-ED93-49C0-A7CC-56CBDE488158}) (Version: 3.1.5 - ASUS) ASUS Live Update (HKLM-x32\...\{FA540E67-095C-4A1B-97BA-4D547DEC9AF4}) (Version: 3.1.8 - ASUS) ASUS Power4Gear Hybrid (HKLM\...\{9B6239BF-4E85-4590-8D72-51E30DB1A9AA}) (Version: 2.0.4 - ASUS) ASUS Smart Gesture (HKLM-x32\...\{4D3286A6-F6AB-498A-82A4-E4F040529F3D}) (Version: 1.0.35 - ASUS) ASUS Splendid Video Enhancement Technology (HKLM-x32\...\{0969AF05-4FF6-4C00-9406-43599238DE0D}) (Version: 1.03.0004 - ASUS) ASUS Tutor (HKLM-x32\...\{58172D66-2F69-4215-9AEC-ED8196023736}) (Version: 1.0.6 - ASUS) ASUS WebStorage Sync Agent (HKLM-x32\...\ASUS WebStorage) (Version: 1.1.9.120 - ASUS Cloud Corporation) AsusVibe2.0 (HKLM-x32\...\Asus Vibe2.0) (Version: 2.0.10.168 - ASUSTEK) ATK Package (HKLM-x32\...\{AB5C933E-5C7D-4D30-B314-9C83A49B94BE}) (Version: 1.0.0022 - ASUS) Audacity 2.0.2 (HKLM-x32\...\Audacity_is1) (Version: 2.0.2 - Audacity Team) Avast Free Antivirus (HKLM-x32\...\Avast) (Version: 10.2.2218 - AVAST Software) BlazeHDTV 6.0 (HKLM-x32\...\BlazeHDTV 6.0_is1) (Version: - ) CCleaner (HKLM\...\CCleaner) (Version: 4.08 - Piriform) D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden Facebook Video Calling 3.1.0.521 (HKLM-x32\...\{2091F234-EB58-4B80-8C96-8EB78C808CF7}) (Version: 3.1.521 - Skype Limited) FOTOJOKER Fotoswiat (HKLM-x32\...\FOTOJOKER Fotoswiat) (Version: 5.0.6 - CEWE COLOR AG u Co. OHG) Galeria fotografii (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden GIMP 2.8.6 (HKLM\...\GIMP-2_is1) (Version: 2.8.6 - The GIMP Team) Google Chrome (HKLM-x32\...\Google Chrome) (Version: 44.0.2403.155 - Google Inc.) Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden Google Update Helper (x32 Version: 1.3.28.1 - Google Inc.) Hidden Google+ Auto Backup (HKLM-x32\...\{A50DE037-B5C0-4C8A-8049-B0C576B313D1}) (Version: 1.0.21.81 - Google) HFT Brokers MT4 (HKLM-x32\...\HFT Brokers MT4) (Version: 4.00 - MetaQuotes Software Corp.) Inkscape 0.48.5 (HKLM-x32\...\Inkscape) (Version: 0.48.5 - ) Intel(R) Manageability Engine Firmware Recovery Agent (HKLM-x32\...\{A6C48A9F-694A-4234-B3AA-62590B668927}) (Version: 1.0.0.36354 - Intel Corporation) Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.1.0.1252 - Intel Corporation) Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 9.17.10.3347 - Intel Corporation) Intel(R) SDK for OpenCL - CPU Only Runtime Package (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 2.0.0.37149 - Intel Corporation) Microsoft Office Home and Student 2010 (HKLM-x32\...\Office14.SingleImage) (Version: 14.0.7015.1000 - Microsoft Corporation) Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.40728.0 - Microsoft Corporation) Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{6AFCA4E1-9B78-3640-8F72-A7BF33448200}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation) Moja cewe fotoksiazka (HKLM-x32\...\Moja cewe fotoksiazka) (Version: 5.0.6 - CEWE Stiftung u Co. KGaA) Movie Maker (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden MPC-HC 1.6.5.6366 (64-bit) (HKLM\...\{2ACBF1FA-F5C3-4B19-A774-B22A31F231B9}_is1) (Version: 1.6.5.6366 - MPC-HC Team) MSVC80_x64_v2 (Version: 1.0.3.0 - Nokia) Hidden MSVC80_x86_v2 (x32 Version: 1.0.3.0 - Nokia) Hidden MSVC90_x64 (Version: 1.0.1.2 - Nokia) Hidden MSVC90_x86 (x32 Version: 1.0.1.2 - Nokia) Hidden Nokia Connectivity Cable Driver (HKLM-x32\...\{29373274-977E-413C-A4DE-DC0F8E80C429}) (Version: 7.1.172.0 - Nokia) Nokia Suite (HKLM-x32\...\Nokia Suite) (Version: 3.8.30.0 - Nokia) Nokia Suite (x32 Version: 3.8.30.0 - Nokia) Hidden Notepad++ (HKLM-x32\...\Notepad++) (Version: 6.6.2 - Notepad++ Team) Opera Stable 31.0.1889.99 (HKLM-x32\...\Opera 31.0.1889.99) (Version: 31.0.1889.99 - Opera Software) Origin (HKLM-x32\...\Origin) (Version: 9.4.11.2806 - Electronic Arts, Inc.) Pakiet sterowników systemu Windows - ASUS (ATP) Mouse (10/29/2012 1.0.0.148) (HKLM\...\C01F56FBD9B141017E63E2A1A141E59934D4DC67) (Version: 10/29/2012 1.0.0.148 - ASUS) Pakiet sterowników systemu Windows - Nokia pccsmcfd LegacyDriver (05/31/2012 7.1.2.0) (HKLM\...\62BBD193ADFDBB228C7E1ADB56463F5732FF7F6F) (Version: 05/31/2012 7.1.2.0 - Nokia) PC Connectivity Solution (HKLM-x32\...\{6D01D1B1-17BD-4F10-BB11-F08F0C47D42B}) (Version: 12.0.109.0 - Nokia) Peggle (HKLM-x32\...\{715AD72D-887A-459E-988B-D4F3E87FA24B}) (Version: 1.04.0.0 - PopCap Games) Picasa 3 (HKLM-x32\...\Picasa 3) (Version: 3.9 - Google, Inc.) Podstawowe programy Windows Live (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden Polski pakiet językowy dla narzędzi Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - PLK) (Version: 10.0.50903 - Microsoft Corporation) Qualcomm Atheros Bluetooth Suite (64) (HKLM\...\{A84A4FB1-D703-48DB-89E0-68B6499D2801}) (Version: 8.0.0.206 - Qualcomm Atheros Communications) Qualcomm Atheros Client Installation Program (HKLM-x32\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 10.0 - Qualcomm Atheros) Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.3.730.2012 - Realtek) Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6710 - Realtek Semiconductor Corp.) Realtek PCIE Card Reader (HKLM-x32\...\{C1594429-8296-4652-BF54-9DBE4932A44C}) (Version: 6.1.8400.27023 - Realtek Semiconductor Corp.) SafeFinder (HKLM-x32\...\{B1228E32-6012-4A83-A136-FB49BEC46B0D}) (Version: 1.0.0.0 - Linkury) Samsung Printer Live Update (HKLM-x32\...\Samsung Printer Live Update) (Version: 1.01.00:04(2013-04-22) - Samsung Electronics Co., Ltd.) Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version: - Microsoft) Shared C Run-time for x64 (HKLM\...\{EF79C448-6946-4D71-8134-03407888C054}) (Version: 10.0.0 - McAfee) Spotify (HKU\S-1-5-21-3453432811-3933972505-678822560-1001\...\Spotify) (Version: 0.9.15.27.g87efe634 - Spotify AB) WinFlash (HKLM-x32\...\{8F21291E-0444-4B1D-B9F9-4370A73E346D}) (Version: 2.41.1 - ASUS) WinRAR 5.20 (64-bitowy) (HKLM\...\WinRAR archiver) (Version: 5.20.0 - win.rar GmbH) ==================== Custom CLSID (Whitelisted): ========================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) CustomCLSID: HKU\S-1-5-21-3453432811-3933972505-678822560-1001_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Sylwik\AppData\Roaming\Dropbox\bin\Dropbox.exe /autoplay No File ==================== Restore Points ========================= 28-07-2015 21:46:50 Windows Update 05-08-2015 17:28:15 Zaplanowany punkt kontrolny 12-08-2015 13:07:34 Windows Update 14-08-2015 12:40:19 Installed Panorama Maker 14-08-2015 13:12:48 Operacja przywracania ==================== Hosts content: =============================== (If needed Hosts: directive could be included in the fixlist to reset Hosts.) 2013-08-22 15:25 - 2013-08-22 15:25 - 00000824 ____A C:\WINDOWS\system32\Drivers\etc\hosts ==================== Scheduled Tasks (Whitelisted) ============= (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) Task: {14C072E6-F3E2-46F4-AA95-6AEDE6674C3F} - System32\Tasks\{2C78AE65-1A47-42EF-BC89-9DDB4F05352B} => Chrome.exe http://ui.skype.com/ui/0/6.5.0.158/pl/abandoninstall?source=lightinstaller&page=tsMain Task: {15D13CFE-BBDF-4D30-B085-3C0FA6A3BDE3} - System32\Tasks\Opera N Saturday => C:\Program Files (x86)\Opera\launcher.exe [2015-07-30] (Opera Software) Task: {20B15D9C-417F-43F0-8950-D93D7A4D4632} - System32\Tasks\Microsoft\Windows\Application Experience\ProgramDataUpdater => Rundll32.exe invagent.dll,RunUpdate -noappraiser Task: {212F8602-AF1E-4BFD-BE64-AFF56ABB2E61} - \snp -> No File <==== ATTENTION Task: {450FF4FD-D816-48ED-813A-8F9E5B15DD92} - System32\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d => C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\Bootstrap.exe [2012-04-16] (Intel Corporation) Task: {592BC468-22B5-40FF-AE12-2E2FEB896DDC} - System32\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d-Logon => C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\Bootstrap.exe [2012-04-16] (Intel Corporation) Task: {5BD380CE-188B-4FE8-AF38-F10940384497} - System32\Tasks\ASUS InstantOn Config => C:\Program Files (x86)\ASUS\ASUS InstantOn\InsOnCfg.exe [2012-08-06] (ASUS) Task: {5ECC0F40-2F26-45CB-ADF1-44EFF94C6FA1} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-11-17] (Google Inc.) Task: {6016B99F-816E-4AA2-8E2D-5BA82BCD972B} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-11-17] (Google Inc.) Task: {711834FE-6D97-4370-A850-C1F87B5544AA} - System32\Tasks\Opera scheduled Autoupdate 1439548839 => C:\Program Files (x86)\Opera\launcher.exe [2015-07-30] (Opera Software) Task: {B10850DB-D63C-41DC-B50D-657454165199} - System32\Tasks\{A67D392F-365F-4097-AC53-F3F39F1199D9} => Chrome.exe http://www.skype.com/go/downloading?source=lightinstaller&ver=6.5.0.158&LastError=2 Task: {B19BAEA5-F443-448B-99D1-04FE4C7F72CC} - System32\Tasks\ASUS Live Update => C:\Program Files (x86)\ASUS\ASUS Live Update\LiveUpdate.exe [2012-07-25] (ASUSTeK Computer Inc.) Task: {BE7BB79E-6582-487E-B09E-E35BBAC64631} - System32\Tasks\ASUS Touchpad Launcher (x64) => C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPLauncher.exe [2012-10-31] (AsusTek) Task: {C00CB736-435B-4603-B5A0-11387F95492C} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2013-11-22] (Piriform Ltd) Task: {E800C93F-21B2-4FC7-94DF-6D343733DCE4} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2015-08-12] (Microsoft Corporation) Task: {E804C61F-C077-495B-A994-761A1DEC14BF} - System32\Tasks\ASUS P4G => C:\Program Files\ASUS\P4G\BatteryLife.exe [2012-08-24] (ASUS) Task: {E9A69610-B8B9-4414-9A71-3BCFE89B5DAC} - System32\Tasks\Opera N Sunday => C:\Program Files (x86)\Opera\launcher.exe [2015-07-30] (Opera Software) Task: {F53F3FEA-F8D1-4B63-8CF8-8A294A08C408} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2015-08-14] (Avast Software s.r.o.) Task: {FF635D71-AC7F-4735-BB6E-D5080AB6B859} - \snf -> No File <==== ATTENTION (If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.) Task: C:\WINDOWS\Tasks\FacebookUpdateTaskUserS-1-5-21-3453432811-3933972505-678822560-1001Core.job => C:\Users\Sylwik\AppData\Local\Facebook\Update\FacebookUpdate.exe Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: C:\WINDOWS\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d-Logon.job => C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\Bootstrap.exe Task: C:\WINDOWS\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d.job => C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\Bootstrap.exe ==================== Loaded Modules (Whitelisted) ============== 2014-04-14 09:02 - 2014-04-14 09:02 - 00034304 _____ () C:\WINDOWS\System32\ssj1mlm.dll 2015-08-13 20:28 - 2015-08-13 20:28 - 00035840 _____ () C:\ProgramData\Tristip\Tristip.exe 2012-08-24 18:26 - 2012-08-24 18:26 - 00031360 _____ () C:\Program Files\ASUS\P4G\DevMng.dll 2012-04-16 15:45 - 2012-04-16 15:45 - 00119808 _____ () C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\updateui.exe 2012-08-10 19:28 - 2012-08-10 19:28 - 00384128 _____ () C:\Program Files (x86)\Bluetooth Suite\ContactsApi.dll 2012-08-10 19:23 - 2012-08-10 19:23 - 00020992 _____ () C:\Program Files (x86)\Bluetooth Suite\L10n\pl-PL\BtTray.pl-PL.dll 2012-12-14 03:42 - 2012-12-14 03:42 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll 2015-08-14 13:39 - 2015-08-14 13:39 - 00144384 _____ () C:\ProgramData\Tristip\jxlqkj43.exe 2015-05-22 18:44 - 2015-05-22 18:44 - 00104400 _____ () C:\Program Files\AVAST Software\Avast\log.dll 2015-05-22 18:44 - 2015-05-22 18:44 - 00081728 _____ () C:\Program Files\AVAST Software\Avast\JsonRpcServer.dll 2015-08-14 13:42 - 2015-08-14 13:42 - 02962432 _____ () C:\Program Files\AVAST Software\Avast\defs\15081404\algo.dll 2011-08-15 21:12 - 2011-08-15 21:12 - 02603520 _____ () C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\QtCore4.dll 2011-08-17 17:48 - 2011-08-17 17:48 - 00322048 _____ () C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\log4cplus.dll 2011-08-15 21:15 - 2011-08-15 21:15 - 00382464 _____ () C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\QtXml4.dll 2011-08-17 17:48 - 2011-08-17 17:48 - 00195584 _____ () C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\libgsoap.dll 2012-04-16 12:37 - 2012-04-16 12:37 - 00071680 _____ () C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\ServiceManagerStarter.dll 2011-08-15 20:23 - 2011-08-15 20:23 - 00062464 _____ () C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\zlib1.dll 2011-08-15 21:12 - 2011-08-15 21:12 - 01006592 _____ () C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\QtNetwork4.dll 2012-04-16 12:42 - 2012-04-16 12:42 - 00015872 _____ () C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\featureController.dll 2011-08-17 17:41 - 2011-08-17 17:41 - 00400384 _____ () C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\sqlite3.dll 2012-04-16 12:41 - 2012-04-16 12:41 - 00484864 _____ () C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\DeviceProfile.dll 2012-04-16 12:56 - 2012-04-16 12:56 - 00500032 _____ () C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\plugin\PServerPlugin.dll 2012-04-16 12:38 - 2012-04-16 12:38 - 00013824 _____ () C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\eventsSender.dll 2011-07-19 17:05 - 2011-07-19 17:05 - 14978048 _____ () C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\QtWebKit4.dll 2011-08-15 21:17 - 2011-08-15 21:17 - 09224704 _____ () C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\QtGui4.dll 2011-07-19 17:04 - 2011-07-19 17:04 - 00317952 _____ () C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\phonon4.dll 2012-08-24 18:17 - 2012-08-24 18:17 - 00009216 _____ () C:\Program Files (x86)\ASUS\Splendid\GLCDdll.dll 2015-05-22 18:44 - 2015-05-22 18:44 - 40540672 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll 2015-08-14 13:39 - 2015-08-14 13:39 - 00984576 _____ () C:\ProgramData\Tristip\0z521sei.dll 2015-08-12 17:58 - 2015-08-08 02:13 - 01405768 _____ () C:\Program Files (x86)\Google\Chrome\Application\44.0.2403.155\libglesv2.dll 2015-08-12 17:58 - 2015-08-08 02:13 - 00081224 _____ () C:\Program Files (x86)\Google\Chrome\Application\44.0.2403.155\libegl.dll 2012-10-27 18:49 - 2012-06-25 11:41 - 01198912 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\ACE.dll 2015-08-12 17:58 - 2015-08-08 02:13 - 16393032 _____ () C:\Program Files (x86)\Google\Chrome\Application\44.0.2403.155\PepperFlash\pepflashplayer.dll ==================== Alternate Data Streams (Whitelisted) ========= (If an entry is included in the fixlist, only the ADS will be removed.) AlternateDataStreams: C:\ProgramData\TEMP:2CB9631F AlternateDataStreams: C:\Users\Sylwik\SkyDrive:ms-properties ==================== Safe Mode (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.) ==================== EXE Association (Whitelisted) =============== (If an entry is included in the fixlist, the registry item will be restored to default or removed.) ==================== Internet Explorer trusted/restricted =============== (If an entry is included in the fixlist, it will be removed from the registry.) ==================== Other Areas ============================ (Currently there is no automatic fix for this section.) HKU\S-1-5-21-3453432811-3933972505-678822560-1001\Control Panel\Desktop\\Wallpaper -> D:\zdjęcia\RHCP\1380202_678058895546947_566773458_n.jpg DNS Servers: 192.168.1.1 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1) Windows Firewall is enabled. ==================== MSCONFIG/TASK MANAGER disabled items == (Currently there is no automatic fix for this section.) HKU\S-1-5-21-3453432811-3933972505-678822560-1001\...\StartupApproved\Run: => "NokiaSuite.exe" HKU\S-1-5-21-3453432811-3933972505-678822560-1001\...\StartupApproved\Run: => "BlazeServoTool" ==================== FirewallRules (Whitelisted) =============== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139 FirewallRules: [{104F0CA1-5CBC-4D37-9ACC-0538A956DD3D}] => (Allow) C:\Program Files (x86)\nokia\nokia suite\nokiasuite.exe FirewallRules: [TCP Query User{8AC6D672-61D5-46FE-80A8-8911AE15F76D}C:\users\sylwik\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\sylwik\appdata\roaming\spotify\spotify.exe FirewallRules: [UDP Query User{0511AFF7-CB2F-4738-8BDE-2B1EF3F91AE1}C:\users\sylwik\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\sylwik\appdata\roaming\spotify\spotify.exe FirewallRules: [TCP Query User{040C4303-207F-4FBD-9019-261BE9D4528C}C:\users\sylwik\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\sylwik\appdata\roaming\spotify\spotify.exe FirewallRules: [UDP Query User{3A820565-12A3-4D8A-A22F-BCD10C1C4281}C:\users\sylwik\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\sylwik\appdata\roaming\spotify\spotify.exe FirewallRules: [{B4564B5F-2033-4CC4-ABD4-C1CDEFC92E9F}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe FirewallRules: [{05126E05-B711-46C6-B46A-DA0F8B11999E}] => (Allow) LPort=2869 FirewallRules: [{2FDC8CF9-DCA5-4019-9D99-21CC0F4849A8}] => (Allow) LPort=1900 FirewallRules: [{FEF2A531-1356-414C-B8FD-EDF110EB00D1}] => (Allow) D:\Program Files (x86)\Origin Games\Peggle Deluxe\Peggle.exe FirewallRules: [{F391435D-E9F8-4706-8267-8F44E4444A1D}] => (Allow) D:\Program Files (x86)\Origin Games\Peggle Deluxe\Peggle.exe FirewallRules: [{D4A94B6F-C90D-4F39-A851-5C566964DA46}] => (Allow) C:\Users\Sylwik\AppData\Local\Facebook\Video\Skype\FacebookVideoCalling.exe FirewallRules: [TCP Query User{56C801B3-F232-45C9-BC00-C07587ED1A38}C:\users\sylwik\appdata\roaming\dropbox\bin\dropbox.exe] => (Block) C:\users\sylwik\appdata\roaming\dropbox\bin\dropbox.exe FirewallRules: [UDP Query User{81D0823D-19AB-435E-8A42-C4624116E3BC}C:\users\sylwik\appdata\roaming\dropbox\bin\dropbox.exe] => (Block) C:\users\sylwik\appdata\roaming\dropbox\bin\dropbox.exe FirewallRules: [{B80D09D6-AEB0-425E-9B3B-9A5BCD0BDB24}] => (Allow) C:\Program Files\AVAST Software\Avast\ng\vbox\aswFe.exe FirewallRules: [{784C66C5-AF71-48E0-92E1-9C2F4DA4662C}] => (Allow) C:\Program Files\AVAST Software\Avast\ng\vbox\aswFe.exe FirewallRules: [{FE724606-41AF-4CCA-B870-0F405A6550A2}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe ==================== Faulty Device Manager Devices ============= ==================== Event log errors: ========================= Application errors: ================== Error: (08/14/2015 02:43:36 PM) (Source: Application Hang) (EventID: 1002) (User: ) Description: Program wwahost.exe w wersji 6.3.9600.17415 przestał współpracować z systemem Windows i został zamknięty. Aby sprawdzić, czy jest dostępnych więcej informacji na temat tego problemu, sprawdź historię problemu w aplecie Centrum akcji w Panelu sterowania. Identyfikator procesu: 10f0 Godzina rozpoczęcia: 01d0d68e118e058e Godzina zakończenia: 4294967295 Ścieżka aplikacji: C:\WINDOWS\syswow64\wwahost.exe Identyfikator raportu: 05dea6c3-4282-11e5-bf4b-dc85de7604c0 Pełna nazwa pakietu powodującego błąd: Microsoft.SkypeApp_3.1.0.1016_x86__kzf8qxf38zg5c Identyfikator aplikacji względem pakietu powodującego błąd: App Error: (08/14/2015 02:43:36 PM) (Source: Application Hang) (EventID: 1002) (User: ) Description: Program backgroundTaskHost.exe w wersji 6.3.9600.17415 przestał współpracować z systemem Windows i został zamknięty. Aby sprawdzić, czy jest dostępnych więcej informacji na temat tego problemu, sprawdź historię problemu w aplecie Centrum akcji w Panelu sterowania. Identyfikator procesu: 14a8 Godzina rozpoczęcia: 01d0d68e118e058e Godzina zakończenia: 4294967295 Ścieżka aplikacji: C:\WINDOWS\system32\backgroundTaskHost.exe Identyfikator raportu: 09dae88d-4282-11e5-bf4b-dc85de7604c0 Pełna nazwa pakietu powodującego błąd: CoolApps.WomanCalendar_1.18.1.70_x64__xmyf8egy57fzc Identyfikator aplikacji względem pakietu powodującego błąd: App Error: (08/14/2015 02:27:52 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Nazwa aplikacji powodującej błąd: uninstall.exe_Installer, wersja: 1.0.0.0, sygnatura czasowa: 0x55a66bc1 Nazwa modułu powodującego błąd: KERNELBASE.dll, wersja: 6.3.9600.17415, sygnatura czasowa: 0x54504ade Kod wyjątku: 0xe0434352 Przesunięcie błędu: 0x00014598 Identyfikator procesu powodującego błąd: 0x7c0 Godzina uruchomienia aplikacji powodującej błąd: 0xuninstall.exe_Installer0 Ścieżka aplikacji powodującej błąd: uninstall.exe_Installer1 Ścieżka modułu powodującego błąd: uninstall.exe_Installer2 Identyfikator raportu: uninstall.exe_Installer3 Pełna nazwa pakietu powodującego błąd: uninstall.exe_Installer4 Identyfikator aplikacji względem pakietu powodującego błąd: uninstall.exe_Installer5 Error: (08/14/2015 02:27:51 PM) (Source: .NET Runtime) (EventID: 1026) (User: ) Description: Aplikacja: uninstall.exe Wersja architektury: v4.0.30319 Opis: proces został przerwany z powodu nieobsłużonego wyjątku. Informacje o wyjątku: System.InvalidOperationException Stos: w A..() w A...ctor() w A..get_() w A..() w A..get_() w A..() Error: (08/14/2015 02:00:00 PM) (Source: ESENT) (EventID: 455) (User: ) Description: svchost (1448) SRUJet: Wystąpił błąd -1811 (0xfffff8ed) podczas otwierania pliku dziennika C:\WINDOWS\system32\SRU\SRU02678.log. Error: (08/14/2015 01:55:12 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: Sylwia) Description: Aktywacja aplikacji microsoft.windowscommunicationsapps_8wekyb3d8bbwe!ppleae38af2e007f4358a809ac99a64a67c1 nie powiodła się. Błąd: -2144927142. Więcej informacji można znaleźć w dzienniku Microsoft-Windows-TWinUI/Działa. Error: (08/14/2015 01:55:12 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: Sylwia) Description: Aktywacja aplikacji microsoft.windowscommunicationsapps_8wekyb3d8bbwe!ppleae38af2e007f4358a809ac99a64a67c1 nie powiodła się. Błąd: -2144927142. Więcej informacji można znaleźć w dzienniku Microsoft-Windows-TWinUI/Działa. Error: (08/14/2015 01:55:12 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: Sylwia) Description: Aktywacja aplikacji microsoft.windowscommunicationsapps_8wekyb3d8bbwe!ppleae38af2e007f4358a809ac99a64a67c1 nie powiodła się. Błąd: -2144927142. Więcej informacji można znaleźć w dzienniku Microsoft-Windows-TWinUI/Działa. Error: (08/14/2015 01:55:12 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: Sylwia) Description: Aktywacja aplikacji CoolApps.WomanCalendar_xmyf8egy57fzc!App nie powiodła się. Błąd: -2144927142. Więcej informacji można znaleźć w dzienniku Microsoft-Windows-TWinUI/Działa. Error: (08/14/2015 01:55:12 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: Sylwia) Description: Aktywacja aplikacji Microsoft.SkypeApp_kzf8qxf38zg5c!App nie powiodła się. Błąd: -2144927142. Więcej informacji można znaleźć w dzienniku Microsoft-Windows-TWinUI/Działa. System errors: ============= Error: (08/14/2015 04:13:57 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Nie można uruchomić usługi VBoxAsw Support Driver z powodu następującego błędu: %%3 Error: (08/14/2015 04:12:37 PM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: Usługa Windows Search niespodziewanie zakończyła pracę. Wystąpiło to razy: 2. W przeciągu 30000 milisekund zostanie podjęta następująca czynność korekcyjna: Uruchom usługę ponownie. Error: (08/14/2015 04:12:37 PM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: Usługa Intel(R) Capability Licensing Service Interface niespodziewanie zakończyła pracę. Wystąpiło to razy: 1. W przeciągu 0 milisekund zostanie podjęta następująca czynność korekcyjna: Uruchom usługę ponownie. Error: (08/14/2015 04:12:36 PM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: Usługa Instalator modułów systemu Windows niespodziewanie zakończyła pracę. Wystąpiło to razy: 1. W przeciągu 120000 milisekund zostanie podjęta następująca czynność korekcyjna: Uruchom usługę ponownie. Error: (08/14/2015 04:12:35 PM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: Usługa Intel(R) Management and Security Application User Notification Service niespodziewanie zakończyła pracę. Wystąpiło to razy: 1. Error: (08/14/2015 04:12:35 PM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: Usługa Intel(R) ME Service niespodziewanie zakończyła pracę. Wystąpiło to razy: 1. Error: (08/14/2015 04:12:35 PM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: Usługa Windows Search niespodziewanie zakończyła pracę. Wystąpiło to razy: 1. W przeciągu 30000 milisekund zostanie podjęta następująca czynność korekcyjna: Uruchom usługę ponownie. Error: (08/14/2015 04:12:35 PM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: Usługa ZAtheros Bt&Wlan Coex Agent niespodziewanie zakończyła pracę. Wystąpiło to razy: 1. Error: (08/14/2015 04:12:34 PM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: Usługa Tristip niespodziewanie zakończyła pracę. Wystąpiło to razy: 1. Error: (08/14/2015 04:12:34 PM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: Usługa Intel(R) Dynamic Application Loader Host Interface Service niespodziewanie zakończyła pracę. Wystąpiło to razy: 1. Microsoft Office: ========================= Error: (08/14/2015 02:43:36 PM) (Source: Application Hang) (EventID: 1002) (User: ) Description: wwahost.exe6.3.9600.1741510f001d0d68e118e058e4294967295C:\WINDOWS\syswow64\wwahost.exe05dea6c3-4282-11e5-bf4b-dc85de7604c0Microsoft.SkypeApp_3.1.0.1016_x86__kzf8qxf38zg5cApp Error: (08/14/2015 02:43:36 PM) (Source: Application Hang) (EventID: 1002) (User: ) Description: backgroundTaskHost.exe6.3.9600.1741514a801d0d68e118e058e4294967295C:\WINDOWS\system32\backgroundTaskHost.exe09dae88d-4282-11e5-bf4b-dc85de7604c0CoolApps.WomanCalendar_1.18.1.70_x64__xmyf8egy57fzcApp Error: (08/14/2015 02:27:52 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: uninstall.exe_Installer1.0.0.055a66bc1KERNELBASE.dll6.3.9600.1741554504adee0434352000145987c001d0d68ca323a152C:\Program Files (x86)\Common Files\pksqktte.pae\uninstall.exeC:\WINDOWS\SYSTEM32\KERNELBASE.dlle15814e7-427f-11e5-bf4b-dc85de7604c0 Error: (08/14/2015 02:27:51 PM) (Source: .NET Runtime) (EventID: 1026) (User: ) Description: Aplikacja: uninstall.exe Wersja architektury: v4.0.30319 Opis: proces został przerwany z powodu nieobsłużonego wyjątku. Informacje o wyjątku: System.InvalidOperationException Stos: w A..() w A...ctor() w A..get_() w A..() w A..get_() w A..() Error: (08/14/2015 02:00:00 PM) (Source: ESENT) (EventID: 455) (User: ) Description: svchost1448SRUJet: C:\WINDOWS\system32\SRU\SRU02678.log-1811 (0xfffff8ed) Error: (08/14/2015 01:55:12 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: Sylwia) Description: microsoft.windowscommunicationsapps_8wekyb3d8bbwe!ppleae38af2e007f4358a809ac99a64a67c1-2144927142 Error: (08/14/2015 01:55:12 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: Sylwia) Description: microsoft.windowscommunicationsapps_8wekyb3d8bbwe!ppleae38af2e007f4358a809ac99a64a67c1-2144927142 Error: (08/14/2015 01:55:12 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: Sylwia) Description: microsoft.windowscommunicationsapps_8wekyb3d8bbwe!ppleae38af2e007f4358a809ac99a64a67c1-2144927142 Error: (08/14/2015 01:55:12 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: Sylwia) Description: CoolApps.WomanCalendar_xmyf8egy57fzc!App-2144927142 Error: (08/14/2015 01:55:12 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: Sylwia) Description: Microsoft.SkypeApp_kzf8qxf38zg5c!App-2144927142 CodeIntegrity: =================================== Date: 2015-07-04 01:17:13.748 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\wow64.dll because the set of per-page image hashes could not be found on the system. Date: 2015-07-04 01:17:13.577 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\wow64.dll because the set of per-page image hashes could not be found on the system. Date: 2015-07-04 01:17:13.405 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\wow64.dll because the set of per-page image hashes could not be found on the system. Date: 2015-07-04 01:17:13.235 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\wow64.dll because the set of per-page image hashes could not be found on the system. Date: 2015-07-04 01:17:13.065 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\wow64.dll because the set of per-page image hashes could not be found on the system. Date: 2015-07-04 01:17:12.894 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\wow64.dll because the set of per-page image hashes could not be found on the system. Date: 2015-07-04 01:17:12.724 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\wow64.dll because the set of per-page image hashes could not be found on the system. Date: 2015-07-04 01:17:12.553 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\wow64.dll because the set of per-page image hashes could not be found on the system. Date: 2015-07-04 01:17:12.383 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\wow64.dll because the set of per-page image hashes could not be found on the system. Date: 2015-07-04 01:17:12.213 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\wow64.dll because the set of per-page image hashes could not be found on the system. ==================== Memory info =========================== Processor: Intel(R) Core(TM) i3-2350M CPU @ 2.30GHz Percentage of memory in use: 43% Total physical RAM: 3979.79 MB Available physical RAM: 2261.25 MB Total Virtual: 4747.79 MB Available Virtual: 2955.84 MB ==================== Drives ================================ Drive c: (OS) (Fixed) (Total:185.96 GB) (Free:93.66 GB) NTFS ==>[system with boot components (obtained from reading drive)] Drive d: (Data) (Fixed) (Total:258.44 GB) (Free:67.57 GB) NTFS Drive f: (EOS_DIGITAL) (Removable) (Total:7.39 GB) (Free:6.94 GB) FAT32 ==================== MBR & Partition Table ================== ======================================================== Disk: 0 (Size: 465.8 GB) (Disk ID: 944CB54D) Partition: GPT. ======================================================== Disk: 1 (Size: 7.4 GB) (Disk ID: 00000000) Partition: GPT. ==================== End of log ============================