Additional scan result of Farbar Recovery Scan Tool (x64) Version:13-08-2015 Ran by Sylwia (2015-08-14 23:53:25) Running from C:\Users\Sylwik\Downloads Boot Mode: Normal ========================================================== ==================== Accounts: ============================= Administrator (S-1-5-21-3453432811-3933972505-678822560-500 - Administrator - Disabled) Gość (S-1-5-21-3453432811-3933972505-678822560-501 - Limited - Disabled) => C:\Users\Gość HomeGroupUser$ (S-1-5-21-3453432811-3933972505-678822560-1003 - Limited - Enabled) Sylwia (S-1-5-21-3453432811-3933972505-678822560-1001 - Administrator - Enabled) => C:\Users\Sylwik ==================== Security Center ======================== (If an entry is included in the fixlist, it will be removed.) AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B} AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736} ==================== Installed Programs ====================== (Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.) Adobe Reader X (10.1.13) MUI (HKLM-x32\...\{AC76BA86-7AD7-FFFF-7B44-AA0000000001}) (Version: 10.1.13 - Adobe Systems Incorporated) ASUS Instant Connect (HKLM-x32\...\{89ECB85A-D933-4CEA-9116-5CBC9C2ED95B}) (Version: 1.2.8 - ASUS) ASUS InstantOn (HKLM-x32\...\{749F674B-2674-47E8-879C-5626A06B2A91}) (Version: 3.0.2 - ASUS) ASUS LifeFrame3 (HKLM-x32\...\{1DBD1F12-ED93-49C0-A7CC-56CBDE488158}) (Version: 3.1.5 - ASUS) ASUS Live Update (HKLM-x32\...\{FA540E67-095C-4A1B-97BA-4D547DEC9AF4}) (Version: 3.1.8 - ASUS) ASUS Power4Gear Hybrid (HKLM\...\{9B6239BF-4E85-4590-8D72-51E30DB1A9AA}) (Version: 2.0.4 - ASUS) ASUS Smart Gesture (HKLM-x32\...\{4D3286A6-F6AB-498A-82A4-E4F040529F3D}) (Version: 1.0.35 - ASUS) ASUS Splendid Video Enhancement Technology (HKLM-x32\...\{0969AF05-4FF6-4C00-9406-43599238DE0D}) (Version: 1.03.0004 - ASUS) ASUS Tutor (HKLM-x32\...\{58172D66-2F69-4215-9AEC-ED8196023736}) (Version: 1.0.6 - ASUS) ASUS WebStorage Sync Agent (HKLM-x32\...\ASUS WebStorage) (Version: 1.1.9.120 - ASUS Cloud Corporation) AsusVibe2.0 (HKLM-x32\...\Asus Vibe2.0) (Version: 2.0.10.168 - ASUSTEK) ATK Package (HKLM-x32\...\{AB5C933E-5C7D-4D30-B314-9C83A49B94BE}) (Version: 1.0.0022 - ASUS) Audacity 2.0.2 (HKLM-x32\...\Audacity_is1) (Version: 2.0.2 - Audacity Team) Avast Free Antivirus (HKLM-x32\...\Avast) (Version: 10.2.2218 - AVAST Software) BlazeHDTV 6.0 (HKLM-x32\...\BlazeHDTV 6.0_is1) (Version: - ) CCleaner (HKLM\...\CCleaner) (Version: 4.08 - Piriform) D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden Facebook Video Calling 3.1.0.521 (HKLM-x32\...\{2091F234-EB58-4B80-8C96-8EB78C808CF7}) (Version: 3.1.521 - Skype Limited) FOTOJOKER Fotoswiat (HKLM-x32\...\FOTOJOKER Fotoswiat) (Version: 5.0.6 - CEWE COLOR AG u Co. OHG) Galeria fotografii (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden GIMP 2.8.6 (HKLM\...\GIMP-2_is1) (Version: 2.8.6 - The GIMP Team) Google Chrome (HKLM-x32\...\Google Chrome) (Version: 44.0.2403.155 - Google Inc.) Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden Google Update Helper (x32 Version: 1.3.28.1 - Google Inc.) Hidden Google+ Auto Backup (HKLM-x32\...\{A50DE037-B5C0-4C8A-8049-B0C576B313D1}) (Version: 1.0.21.81 - Google) HFT Brokers MT4 (HKLM-x32\...\HFT Brokers MT4) (Version: 4.00 - MetaQuotes Software Corp.) Inkscape 0.48.5 (HKLM-x32\...\Inkscape) (Version: 0.48.5 - ) Intel(R) Manageability Engine Firmware Recovery Agent (HKLM-x32\...\{A6C48A9F-694A-4234-B3AA-62590B668927}) (Version: 1.0.0.36354 - Intel Corporation) Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.1.0.1252 - Intel Corporation) Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 9.17.10.3347 - Intel Corporation) Intel(R) SDK for OpenCL - CPU Only Runtime Package (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 2.0.0.37149 - Intel Corporation) Microsoft Office Home and Student 2010 (HKLM-x32\...\Office14.SingleImage) (Version: 14.0.7015.1000 - Microsoft Corporation) Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.40728.0 - Microsoft Corporation) Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{6AFCA4E1-9B78-3640-8F72-A7BF33448200}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation) Moja cewe fotoksiazka (HKLM-x32\...\Moja cewe fotoksiazka) (Version: 5.0.6 - CEWE Stiftung u Co. KGaA) Movie Maker (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden MPC-HC 1.6.5.6366 (64-bit) (HKLM\...\{2ACBF1FA-F5C3-4B19-A774-B22A31F231B9}_is1) (Version: 1.6.5.6366 - MPC-HC Team) MSVC80_x64_v2 (Version: 1.0.3.0 - Nokia) Hidden MSVC80_x86_v2 (x32 Version: 1.0.3.0 - Nokia) Hidden MSVC90_x64 (Version: 1.0.1.2 - Nokia) Hidden MSVC90_x86 (x32 Version: 1.0.1.2 - Nokia) Hidden Nokia Connectivity Cable Driver (HKLM-x32\...\{29373274-977E-413C-A4DE-DC0F8E80C429}) (Version: 7.1.172.0 - Nokia) Nokia Suite (HKLM-x32\...\Nokia Suite) (Version: 3.8.30.0 - Nokia) Nokia Suite (x32 Version: 3.8.30.0 - Nokia) Hidden Notepad++ (HKLM-x32\...\Notepad++) (Version: 6.6.2 - Notepad++ Team) Opera Stable 31.0.1889.99 (HKLM-x32\...\Opera 31.0.1889.99) (Version: 31.0.1889.99 - Opera Software) Origin (HKLM-x32\...\Origin) (Version: 9.4.11.2806 - Electronic Arts, Inc.) Pakiet sterowników systemu Windows - ASUS (ATP) Mouse (10/29/2012 1.0.0.148) (HKLM\...\C01F56FBD9B141017E63E2A1A141E59934D4DC67) (Version: 10/29/2012 1.0.0.148 - ASUS) Pakiet sterowników systemu Windows - Nokia pccsmcfd LegacyDriver (05/31/2012 7.1.2.0) (HKLM\...\62BBD193ADFDBB228C7E1ADB56463F5732FF7F6F) (Version: 05/31/2012 7.1.2.0 - Nokia) PC Connectivity Solution (HKLM-x32\...\{6D01D1B1-17BD-4F10-BB11-F08F0C47D42B}) (Version: 12.0.109.0 - Nokia) Peggle (HKLM-x32\...\{715AD72D-887A-459E-988B-D4F3E87FA24B}) (Version: 1.04.0.0 - PopCap Games) Picasa 3 (HKLM-x32\...\Picasa 3) (Version: 3.9 - Google, Inc.) Podstawowe programy Windows Live (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden Polski pakiet językowy dla narzędzi Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - PLK) (Version: 10.0.50903 - Microsoft Corporation) Qualcomm Atheros Bluetooth Suite (64) (HKLM\...\{A84A4FB1-D703-48DB-89E0-68B6499D2801}) (Version: 8.0.0.206 - Qualcomm Atheros Communications) Qualcomm Atheros Client Installation Program (HKLM-x32\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 10.0 - Qualcomm Atheros) Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.3.730.2012 - Realtek) Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6710 - Realtek Semiconductor Corp.) Realtek PCIE Card Reader (HKLM-x32\...\{C1594429-8296-4652-BF54-9DBE4932A44C}) (Version: 6.1.8400.27023 - Realtek Semiconductor Corp.) SafeFinder (HKLM-x32\...\{B1228E32-6012-4A83-A136-FB49BEC46B0D}) (Version: 1.0.0.0 - Linkury) Samsung Printer Live Update (HKLM-x32\...\Samsung Printer Live Update) (Version: 1.01.00:04(2013-04-22) - Samsung Electronics Co., Ltd.) Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version: - Microsoft) Shared C Run-time for x64 (HKLM\...\{EF79C448-6946-4D71-8134-03407888C054}) (Version: 10.0.0 - McAfee) Spotify (HKU\S-1-5-21-3453432811-3933972505-678822560-1001\...\Spotify) (Version: 0.9.15.27.g87efe634 - Spotify AB) WinFlash (HKLM-x32\...\{8F21291E-0444-4B1D-B9F9-4370A73E346D}) (Version: 2.41.1 - ASUS) WinRAR 5.20 (64-bitowy) (HKLM\...\WinRAR archiver) (Version: 5.20.0 - win.rar GmbH) ==================== Custom CLSID (Whitelisted): ========================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) CustomCLSID: HKU\S-1-5-21-3453432811-3933972505-678822560-1001_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Sylwik\AppData\Roaming\Dropbox\bin\Dropbox.exe /autoplay No File ==================== Restore Points ========================= 28-07-2015 21:46:50 Windows Update 05-08-2015 17:28:15 Zaplanowany punkt kontrolny 12-08-2015 13:07:34 Windows Update 14-08-2015 12:40:19 Installed Panorama Maker 14-08-2015 13:12:48 Operacja przywracania ==================== Hosts content: =============================== (If needed Hosts: directive could be included in the fixlist to reset Hosts.) 2013-08-22 15:25 - 2013-08-22 15:25 - 00000824 ____A C:\WINDOWS\system32\Drivers\etc\hosts ==================== Scheduled Tasks (Whitelisted) ============= (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) Task: {14C072E6-F3E2-46F4-AA95-6AEDE6674C3F} - System32\Tasks\{2C78AE65-1A47-42EF-BC89-9DDB4F05352B} => Chrome.exe http://ui.skype.com/ui/0/6.5.0.158/pl/abandoninstall?source=lightinstaller&page=tsMain Task: {15D13CFE-BBDF-4D30-B085-3C0FA6A3BDE3} - System32\Tasks\Opera N Saturday => C:\Program Files (x86)\Opera\launcher.exe [2015-07-30] (Opera Software) Task: {20B15D9C-417F-43F0-8950-D93D7A4D4632} - System32\Tasks\Microsoft\Windows\Application Experience\ProgramDataUpdater => Rundll32.exe invagent.dll,RunUpdate -noappraiser Task: {450FF4FD-D816-48ED-813A-8F9E5B15DD92} - System32\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d => C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\Bootstrap.exe [2012-04-16] (Intel Corporation) Task: {488EF29B-E842-4B29-8891-6F89E670DCA5} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2015-08-12] (Microsoft Corporation) Task: {592BC468-22B5-40FF-AE12-2E2FEB896DDC} - System32\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d-Logon => C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\Bootstrap.exe [2012-04-16] (Intel Corporation) Task: {5BD380CE-188B-4FE8-AF38-F10940384497} - System32\Tasks\ASUS InstantOn Config => C:\Program Files (x86)\ASUS\ASUS InstantOn\InsOnCfg.exe [2012-08-06] (ASUS) Task: {5ECC0F40-2F26-45CB-ADF1-44EFF94C6FA1} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-11-17] (Google Inc.) Task: {6016B99F-816E-4AA2-8E2D-5BA82BCD972B} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-11-17] (Google Inc.) Task: {711834FE-6D97-4370-A850-C1F87B5544AA} - System32\Tasks\Opera scheduled Autoupdate 1439548839 => C:\Program Files (x86)\Opera\launcher.exe [2015-07-30] (Opera Software) Task: {B10850DB-D63C-41DC-B50D-657454165199} - System32\Tasks\{A67D392F-365F-4097-AC53-F3F39F1199D9} => Chrome.exe http://www.skype.com/go/downloading?source=lightinstaller&ver=6.5.0.158&LastError=2 Task: {B19BAEA5-F443-448B-99D1-04FE4C7F72CC} - System32\Tasks\ASUS Live Update => C:\Program Files (x86)\ASUS\ASUS Live Update\LiveUpdate.exe [2012-07-25] (ASUSTeK Computer Inc.) Task: {BE7BB79E-6582-487E-B09E-E35BBAC64631} - System32\Tasks\ASUS Touchpad Launcher (x64) => C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPLauncher.exe [2012-10-31] (AsusTek) Task: {C00CB736-435B-4603-B5A0-11387F95492C} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2013-11-22] (Piriform Ltd) Task: {E804C61F-C077-495B-A994-761A1DEC14BF} - System32\Tasks\ASUS P4G => C:\Program Files\ASUS\P4G\BatteryLife.exe [2012-08-24] (ASUS) Task: {E9A69610-B8B9-4414-9A71-3BCFE89B5DAC} - System32\Tasks\Opera N Sunday => C:\Program Files (x86)\Opera\launcher.exe [2015-07-30] (Opera Software) Task: {F53F3FEA-F8D1-4B63-8CF8-8A294A08C408} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2015-08-14] (Avast Software s.r.o.) (If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.) Task: C:\WINDOWS\Tasks\FacebookUpdateTaskUserS-1-5-21-3453432811-3933972505-678822560-1001Core.job => C:\Users\Sylwik\AppData\Local\Facebook\Update\FacebookUpdate.exe Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: C:\WINDOWS\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d-Logon.job => C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\Bootstrap.exe Task: C:\WINDOWS\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d.job => C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\Bootstrap.exe ==================== Loaded Modules (Whitelisted) ============== 2014-04-14 09:02 - 2014-04-14 09:02 - 00034304 _____ () C:\WINDOWS\System32\ssj1mlm.dll 2012-08-24 18:26 - 2012-08-24 18:26 - 00031360 _____ () C:\Program Files\ASUS\P4G\DevMng.dll 2012-04-16 15:45 - 2012-04-16 15:45 - 00119808 _____ () C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\updateui.exe 2012-08-10 19:28 - 2012-08-10 19:28 - 00384128 _____ () C:\Program Files (x86)\Bluetooth Suite\ContactsApi.dll 2012-08-10 19:23 - 2012-08-10 19:23 - 00020992 _____ () C:\Program Files (x86)\Bluetooth Suite\L10n\pl-PL\BtTray.pl-PL.dll 2012-12-14 03:42 - 2012-12-14 03:42 - 00094208 _____ () C:\Windows\system32\IccLibDll_x64.dll 2015-05-22 18:44 - 2015-05-22 18:44 - 00104400 _____ () C:\Program Files\AVAST Software\Avast\log.dll 2015-05-22 18:44 - 2015-05-22 18:44 - 00081728 _____ () C:\Program Files\AVAST Software\Avast\JsonRpcServer.dll 2015-08-14 13:42 - 2015-08-14 13:42 - 02962432 _____ () C:\Program Files\AVAST Software\Avast\defs\15081404\algo.dll 2015-08-14 22:29 - 2015-08-14 22:29 - 02962432 _____ () C:\Program Files\AVAST Software\Avast\defs\15081406\algo.dll 2011-08-15 21:12 - 2011-08-15 21:12 - 02603520 _____ () C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\QtCore4.dll 2012-04-16 12:42 - 2012-04-16 12:42 - 00015872 _____ () C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\featureController.dll 2011-08-15 21:12 - 2011-08-15 21:12 - 01006592 _____ () C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\QtNetwork4.dll 2011-08-15 21:15 - 2011-08-15 21:15 - 00382464 _____ () C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\QtXml4.dll 2011-08-17 17:41 - 2011-08-17 17:41 - 00400384 _____ () C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\sqlite3.dll 2011-08-17 17:48 - 2011-08-17 17:48 - 00322048 _____ () C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\log4cplus.dll 2011-08-17 17:48 - 2011-08-17 17:48 - 00195584 _____ () C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\libgsoap.dll 2011-08-15 20:23 - 2011-08-15 20:23 - 00062464 _____ () C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\zlib1.dll 2012-04-16 12:41 - 2012-04-16 12:41 - 00484864 _____ () C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\DeviceProfile.dll 2012-04-16 12:56 - 2012-04-16 12:56 - 00500032 _____ () C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\plugin\PServerPlugin.dll 2012-04-16 12:38 - 2012-04-16 12:38 - 00013824 _____ () C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\eventsSender.dll 2011-07-19 17:05 - 2011-07-19 17:05 - 14978048 _____ () C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\QtWebKit4.dll 2011-08-15 21:17 - 2011-08-15 21:17 - 09224704 _____ () C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\QtGui4.dll 2011-07-19 17:04 - 2011-07-19 17:04 - 00317952 _____ () C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\phonon4.dll 2012-08-24 18:17 - 2012-08-24 18:17 - 00009216 _____ () C:\Program Files (x86)\ASUS\Splendid\GLCDdll.dll 2015-05-22 18:44 - 2015-05-22 18:44 - 40540672 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll 2012-10-27 18:49 - 2012-06-25 11:41 - 01198912 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\ACE.dll 2015-08-12 17:58 - 2015-08-08 02:13 - 01405768 _____ () C:\Program Files (x86)\Google\Chrome\Application\44.0.2403.155\libglesv2.dll 2015-08-12 17:58 - 2015-08-08 02:13 - 00081224 _____ () C:\Program Files (x86)\Google\Chrome\Application\44.0.2403.155\libegl.dll 2015-08-12 17:58 - 2015-08-08 02:13 - 16393032 _____ () C:\Program Files (x86)\Google\Chrome\Application\44.0.2403.155\PepperFlash\pepflashplayer.dll ==================== Alternate Data Streams (Whitelisted) ========= (If an entry is included in the fixlist, only the ADS will be removed.) AlternateDataStreams: C:\ProgramData\TEMP:2CB9631F AlternateDataStreams: C:\Users\Sylwik\SkyDrive:ms-properties ==================== Safe Mode (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.) ==================== EXE Association (Whitelisted) =============== (If an entry is included in the fixlist, the registry item will be restored to default or removed.) ==================== Internet Explorer trusted/restricted =============== (If an entry is included in the fixlist, it will be removed from the registry.) ==================== Other Areas ============================ (Currently there is no automatic fix for this section.) HKU\S-1-5-21-3453432811-3933972505-678822560-1001\Control Panel\Desktop\\Wallpaper -> D:\zdjęcia\RHCP\1380202_678058895546947_566773458_n.jpg DNS Servers: 192.168.1.1 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1) Windows Firewall is enabled. ==================== MSCONFIG/TASK MANAGER disabled items == (Currently there is no automatic fix for this section.) HKU\S-1-5-21-3453432811-3933972505-678822560-1001\...\StartupApproved\Run: => "NokiaSuite.exe" HKU\S-1-5-21-3453432811-3933972505-678822560-1001\...\StartupApproved\Run: => "BlazeServoTool" ==================== FirewallRules (Whitelisted) =============== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139 FirewallRules: [{104F0CA1-5CBC-4D37-9ACC-0538A956DD3D}] => (Allow) C:\Program Files (x86)\nokia\nokia suite\nokiasuite.exe FirewallRules: [TCP Query User{8AC6D672-61D5-46FE-80A8-8911AE15F76D}C:\users\sylwik\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\sylwik\appdata\roaming\spotify\spotify.exe FirewallRules: [UDP Query User{0511AFF7-CB2F-4738-8BDE-2B1EF3F91AE1}C:\users\sylwik\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\sylwik\appdata\roaming\spotify\spotify.exe FirewallRules: [TCP Query User{040C4303-207F-4FBD-9019-261BE9D4528C}C:\users\sylwik\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\sylwik\appdata\roaming\spotify\spotify.exe FirewallRules: [UDP Query User{3A820565-12A3-4D8A-A22F-BCD10C1C4281}C:\users\sylwik\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\sylwik\appdata\roaming\spotify\spotify.exe FirewallRules: [{B4564B5F-2033-4CC4-ABD4-C1CDEFC92E9F}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe FirewallRules: [{05126E05-B711-46C6-B46A-DA0F8B11999E}] => (Allow) LPort=2869 FirewallRules: [{2FDC8CF9-DCA5-4019-9D99-21CC0F4849A8}] => (Allow) LPort=1900 FirewallRules: [{FEF2A531-1356-414C-B8FD-EDF110EB00D1}] => (Allow) D:\Program Files (x86)\Origin Games\Peggle Deluxe\Peggle.exe FirewallRules: [{F391435D-E9F8-4706-8267-8F44E4444A1D}] => (Allow) D:\Program Files (x86)\Origin Games\Peggle Deluxe\Peggle.exe FirewallRules: [{D4A94B6F-C90D-4F39-A851-5C566964DA46}] => (Allow) C:\Users\Sylwik\AppData\Local\Facebook\Video\Skype\FacebookVideoCalling.exe FirewallRules: [TCP Query User{56C801B3-F232-45C9-BC00-C07587ED1A38}C:\users\sylwik\appdata\roaming\dropbox\bin\dropbox.exe] => (Block) C:\users\sylwik\appdata\roaming\dropbox\bin\dropbox.exe FirewallRules: [UDP Query User{81D0823D-19AB-435E-8A42-C4624116E3BC}C:\users\sylwik\appdata\roaming\dropbox\bin\dropbox.exe] => (Block) C:\users\sylwik\appdata\roaming\dropbox\bin\dropbox.exe FirewallRules: [{B80D09D6-AEB0-425E-9B3B-9A5BCD0BDB24}] => (Allow) C:\Program Files\AVAST Software\Avast\ng\vbox\aswFe.exe FirewallRules: [{784C66C5-AF71-48E0-92E1-9C2F4DA4662C}] => (Allow) C:\Program Files\AVAST Software\Avast\ng\vbox\aswFe.exe FirewallRules: [{FE724606-41AF-4CCA-B870-0F405A6550A2}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe ==================== Faulty Device Manager Devices ============= ==================== Event log errors: ========================= Application errors: ================== Error: (08/14/2015 10:35:11 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Nazwa aplikacji powodującej błąd: uninstall.exe_Installer, wersja: 1.0.0.0, sygnatura czasowa: 0x55a66bc1 Nazwa modułu powodującego błąd: KERNELBASE.dll, wersja: 6.3.9600.17415, sygnatura czasowa: 0x54504ade Kod wyjątku: 0xe0434352 Przesunięcie błędu: 0x00014598 Identyfikator procesu powodującego błąd: 0x440 Godzina uruchomienia aplikacji powodującej błąd: 0xuninstall.exe_Installer0 Ścieżka aplikacji powodującej błąd: uninstall.exe_Installer1 Ścieżka modułu powodującego błąd: uninstall.exe_Installer2 Identyfikator raportu: uninstall.exe_Installer3 Pełna nazwa pakietu powodującego błąd: uninstall.exe_Installer4 Identyfikator aplikacji względem pakietu powodującego błąd: uninstall.exe_Installer5 Error: (08/14/2015 10:35:11 PM) (Source: .NET Runtime) (EventID: 1026) (User: ) Description: Aplikacja: uninstall.exe Wersja architektury: v4.0.30319 Opis: proces został przerwany z powodu nieobsłużonego wyjątku. Informacje o wyjątku: System.InvalidOperationException Stos: w A..() w A...ctor() w A..get_() w A..() w A..get_() w A..() Error: (08/14/2015 05:32:46 PM) (Source: Application Hang) (EventID: 1002) (User: ) Description: Program wwahost.exe w wersji 6.3.9600.17415 przestał współpracować z systemem Windows i został zamknięty. Aby sprawdzić, czy jest dostępnych więcej informacji na temat tego problemu, sprawdź historię problemu w aplecie Centrum akcji w Panelu sterowania. Identyfikator procesu: d00 Godzina rozpoczęcia: 01d0d6a5c05851c3 Godzina zakończenia: 4294967295 Ścieżka aplikacji: C:\WINDOWS\syswow64\wwahost.exe Identyfikator raportu: b50e47c2-4299-11e5-bf4d-dc85de7604c0 Pełna nazwa pakietu powodującego błąd: Microsoft.SkypeApp_3.1.0.1016_x86__kzf8qxf38zg5c Identyfikator aplikacji względem pakietu powodującego błąd: App Error: (08/14/2015 02:43:36 PM) (Source: Application Hang) (EventID: 1002) (User: ) Description: Program wwahost.exe w wersji 6.3.9600.17415 przestał współpracować z systemem Windows i został zamknięty. Aby sprawdzić, czy jest dostępnych więcej informacji na temat tego problemu, sprawdź historię problemu w aplecie Centrum akcji w Panelu sterowania. Identyfikator procesu: 10f0 Godzina rozpoczęcia: 01d0d68e118e058e Godzina zakończenia: 4294967295 Ścieżka aplikacji: C:\WINDOWS\syswow64\wwahost.exe Identyfikator raportu: 05dea6c3-4282-11e5-bf4b-dc85de7604c0 Pełna nazwa pakietu powodującego błąd: Microsoft.SkypeApp_3.1.0.1016_x86__kzf8qxf38zg5c Identyfikator aplikacji względem pakietu powodującego błąd: App Error: (08/14/2015 02:43:36 PM) (Source: Application Hang) (EventID: 1002) (User: ) Description: Program backgroundTaskHost.exe w wersji 6.3.9600.17415 przestał współpracować z systemem Windows i został zamknięty. Aby sprawdzić, czy jest dostępnych więcej informacji na temat tego problemu, sprawdź historię problemu w aplecie Centrum akcji w Panelu sterowania. Identyfikator procesu: 14a8 Godzina rozpoczęcia: 01d0d68e118e058e Godzina zakończenia: 4294967295 Ścieżka aplikacji: C:\WINDOWS\system32\backgroundTaskHost.exe Identyfikator raportu: 09dae88d-4282-11e5-bf4b-dc85de7604c0 Pełna nazwa pakietu powodującego błąd: CoolApps.WomanCalendar_1.18.1.70_x64__xmyf8egy57fzc Identyfikator aplikacji względem pakietu powodującego błąd: App Error: (08/14/2015 02:27:52 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Nazwa aplikacji powodującej błąd: uninstall.exe_Installer, wersja: 1.0.0.0, sygnatura czasowa: 0x55a66bc1 Nazwa modułu powodującego błąd: KERNELBASE.dll, wersja: 6.3.9600.17415, sygnatura czasowa: 0x54504ade Kod wyjątku: 0xe0434352 Przesunięcie błędu: 0x00014598 Identyfikator procesu powodującego błąd: 0x7c0 Godzina uruchomienia aplikacji powodującej błąd: 0xuninstall.exe_Installer0 Ścieżka aplikacji powodującej błąd: uninstall.exe_Installer1 Ścieżka modułu powodującego błąd: uninstall.exe_Installer2 Identyfikator raportu: uninstall.exe_Installer3 Pełna nazwa pakietu powodującego błąd: uninstall.exe_Installer4 Identyfikator aplikacji względem pakietu powodującego błąd: uninstall.exe_Installer5 Error: (08/14/2015 02:27:51 PM) (Source: .NET Runtime) (EventID: 1026) (User: ) Description: Aplikacja: uninstall.exe Wersja architektury: v4.0.30319 Opis: proces został przerwany z powodu nieobsłużonego wyjątku. Informacje o wyjątku: System.InvalidOperationException Stos: w A..() w A...ctor() w A..get_() w A..() w A..get_() w A..() Error: (08/14/2015 02:00:00 PM) (Source: ESENT) (EventID: 455) (User: ) Description: svchost (1448) SRUJet: Wystąpił błąd -1811 (0xfffff8ed) podczas otwierania pliku dziennika C:\WINDOWS\system32\SRU\SRU02678.log. Error: (08/14/2015 01:55:12 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: Sylwia) Description: Aktywacja aplikacji microsoft.windowscommunicationsapps_8wekyb3d8bbwe!ppleae38af2e007f4358a809ac99a64a67c1 nie powiodła się. Błąd: -2144927142. Więcej informacji można znaleźć w dzienniku Microsoft-Windows-TWinUI/Działa. Error: (08/14/2015 01:55:12 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: Sylwia) Description: Aktywacja aplikacji microsoft.windowscommunicationsapps_8wekyb3d8bbwe!ppleae38af2e007f4358a809ac99a64a67c1 nie powiodła się. Błąd: -2144927142. Więcej informacji można znaleźć w dzienniku Microsoft-Windows-TWinUI/Działa. System errors: ============= Error: (08/14/2015 11:05:28 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: ZARZĄDZANIE NT) Description: Instalacja nie powiodła się: system Windows nie mógł zainstalować następującej aktualizacji, ponieważ wystąpił błąd 0x80240020: Uaktualnij do wersji Windows 10 Home. Error: (08/14/2015 10:29:32 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Nie można uruchomić usługi VBoxAsw Support Driver z powodu następującego błędu: %%3 Error: (08/14/2015 05:28:42 PM) (Source: DCOM) (EventID: 10010) (User: Sylwia) Description: {1B1F472E-3221-4826-97DB-2C2324D389AE} Error: (08/14/2015 05:28:12 PM) (Source: DCOM) (EventID: 10010) (User: Sylwia) Description: {BF6C1E47-86EC-4194-9CE5-13C15DCB2001} Error: (08/14/2015 04:29:59 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: ZARZĄDZANIE NT) Description: Instalacja nie powiodła się: system Windows nie mógł zainstalować następującej aktualizacji, ponieważ wystąpił błąd 0x80240020: Uaktualnij do wersji Windows 10 Home. Error: (08/14/2015 04:13:57 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Nie można uruchomić usługi VBoxAsw Support Driver z powodu następującego błędu: %%3 Error: (08/14/2015 04:12:37 PM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: Usługa Windows Search niespodziewanie zakończyła pracę. Wystąpiło to razy: 2. W przeciągu 30000 milisekund zostanie podjęta następująca czynność korekcyjna: Uruchom usługę ponownie. Error: (08/14/2015 04:12:37 PM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: Usługa Intel(R) Capability Licensing Service Interface niespodziewanie zakończyła pracę. Wystąpiło to razy: 1. W przeciągu 0 milisekund zostanie podjęta następująca czynność korekcyjna: Uruchom usługę ponownie. Error: (08/14/2015 04:12:36 PM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: Usługa Instalator modułów systemu Windows niespodziewanie zakończyła pracę. Wystąpiło to razy: 1. W przeciągu 120000 milisekund zostanie podjęta następująca czynność korekcyjna: Uruchom usługę ponownie. Error: (08/14/2015 04:12:35 PM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: Usługa Intel(R) Management and Security Application User Notification Service niespodziewanie zakończyła pracę. Wystąpiło to razy: 1. Microsoft Office: ========================= Error: (08/14/2015 10:35:11 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: uninstall.exe_Installer1.0.0.055a66bc1KERNELBASE.dll6.3.9600.1741554504adee04343520001459844001d0d6d0b6e5fe89C:\Program Files (x86)\Common Files\pksqktte.pae\uninstall.exeC:\WINDOWS\SYSTEM32\KERNELBASE.dllf58359e1-42c3-11e5-bf4e-dc85de7604c0 Error: (08/14/2015 10:35:11 PM) (Source: .NET Runtime) (EventID: 1026) (User: ) Description: Aplikacja: uninstall.exe Wersja architektury: v4.0.30319 Opis: proces został przerwany z powodu nieobsłużonego wyjątku. Informacje o wyjątku: System.InvalidOperationException Stos: w A..() w A...ctor() w A..get_() w A..() w A..get_() w A..() Error: (08/14/2015 05:32:46 PM) (Source: Application Hang) (EventID: 1002) (User: ) Description: wwahost.exe6.3.9600.17415d0001d0d6a5c05851c34294967295C:\WINDOWS\syswow64\wwahost.exeb50e47c2-4299-11e5-bf4d-dc85de7604c0Microsoft.SkypeApp_3.1.0.1016_x86__kzf8qxf38zg5cApp Error: (08/14/2015 02:43:36 PM) (Source: Application Hang) (EventID: 1002) (User: ) Description: wwahost.exe6.3.9600.1741510f001d0d68e118e058e4294967295C:\WINDOWS\syswow64\wwahost.exe05dea6c3-4282-11e5-bf4b-dc85de7604c0Microsoft.SkypeApp_3.1.0.1016_x86__kzf8qxf38zg5cApp Error: (08/14/2015 02:43:36 PM) (Source: Application Hang) (EventID: 1002) (User: ) Description: backgroundTaskHost.exe6.3.9600.1741514a801d0d68e118e058e4294967295C:\WINDOWS\system32\backgroundTaskHost.exe09dae88d-4282-11e5-bf4b-dc85de7604c0CoolApps.WomanCalendar_1.18.1.70_x64__xmyf8egy57fzcApp Error: (08/14/2015 02:27:52 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: uninstall.exe_Installer1.0.0.055a66bc1KERNELBASE.dll6.3.9600.1741554504adee0434352000145987c001d0d68ca323a152C:\Program Files (x86)\Common Files\pksqktte.pae\uninstall.exeC:\WINDOWS\SYSTEM32\KERNELBASE.dlle15814e7-427f-11e5-bf4b-dc85de7604c0 Error: (08/14/2015 02:27:51 PM) (Source: .NET Runtime) (EventID: 1026) (User: ) Description: Aplikacja: uninstall.exe Wersja architektury: v4.0.30319 Opis: proces został przerwany z powodu nieobsłużonego wyjątku. Informacje o wyjątku: System.InvalidOperationException Stos: w A..() w A...ctor() w A..get_() w A..() w A..get_() w A..() Error: (08/14/2015 02:00:00 PM) (Source: ESENT) (EventID: 455) (User: ) Description: svchost1448SRUJet: C:\WINDOWS\system32\SRU\SRU02678.log-1811 (0xfffff8ed) Error: (08/14/2015 01:55:12 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: Sylwia) Description: microsoft.windowscommunicationsapps_8wekyb3d8bbwe!ppleae38af2e007f4358a809ac99a64a67c1-2144927142 Error: (08/14/2015 01:55:12 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: Sylwia) Description: microsoft.windowscommunicationsapps_8wekyb3d8bbwe!ppleae38af2e007f4358a809ac99a64a67c1-2144927142 CodeIntegrity: =================================== Date: 2015-07-04 01:17:13.748 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\wow64.dll because the set of per-page image hashes could not be found on the system. Date: 2015-07-04 01:17:13.577 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\wow64.dll because the set of per-page image hashes could not be found on the system. Date: 2015-07-04 01:17:13.405 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\wow64.dll because the set of per-page image hashes could not be found on the system. Date: 2015-07-04 01:17:13.235 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\wow64.dll because the set of per-page image hashes could not be found on the system. Date: 2015-07-04 01:17:13.065 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\wow64.dll because the set of per-page image hashes could not be found on the system. Date: 2015-07-04 01:17:12.894 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\wow64.dll because the set of per-page image hashes could not be found on the system. Date: 2015-07-04 01:17:12.724 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\wow64.dll because the set of per-page image hashes could not be found on the system. Date: 2015-07-04 01:17:12.553 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\wow64.dll because the set of per-page image hashes could not be found on the system. Date: 2015-07-04 01:17:12.383 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\wow64.dll because the set of per-page image hashes could not be found on the system. Date: 2015-07-04 01:17:12.213 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\wow64.dll because the set of per-page image hashes could not be found on the system. ==================== Memory info =========================== Processor: Intel(R) Core(TM) i3-2350M CPU @ 2.30GHz Percentage of memory in use: 61% Total physical RAM: 3979.79 MB Available physical RAM: 1533.12 MB Total Virtual: 4747.79 MB Available Virtual: 2124.38 MB ==================== Drives ================================ Drive c: (OS) (Fixed) (Total:185.96 GB) (Free:90.91 GB) NTFS ==>[system with boot components (obtained from reading drive)] Drive d: (Data) (Fixed) (Total:258.44 GB) (Free:67.57 GB) NTFS Drive f: (EOS_DIGITAL) (Removable) (Total:7.39 GB) (Free:6.94 GB) FAT32 ==================== MBR & Partition Table ================== ======================================================== Disk: 0 (Size: 465.8 GB) (Disk ID: 944CB54D) Partition: GPT. ======================================================== Disk: 1 (Size: 7.4 GB) (Disk ID: 00000000) Partition: GPT. ==================== End of log ============================