Additional scan result of Farbar Recovery Scan Tool (x64) Version:20-08-2015 Ran by Paweł (2015-08-19 23:42:57) Running from G:\Desktop Boot Mode: Normal ========================================================== ==================== Accounts: ============================= Administrator (S-1-5-21-2697771076-3321475728-2789777070-500 - Administrator - Disabled) ASPNET (S-1-5-21-2697771076-3321475728-2789777070-1006 - Limited - Enabled) Gość (S-1-5-21-2697771076-3321475728-2789777070-501 - Limited - Disabled) HomeGroupUser$ (S-1-5-21-2697771076-3321475728-2789777070-1011 - Limited - Enabled) Konto domyślne (S-1-5-21-2697771076-3321475728-2789777070-503 - Limited - Disabled) Paweł (S-1-5-21-2697771076-3321475728-2789777070-1001 - Administrator - Enabled) => C:\Users\Paweł ==================== Security Center ======================== (If an entry is included in the fixlist, it will be removed.) AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} ==================== Installed Programs ====================== (Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.) µTorrent (HKU\S-1-5-21-2697771076-3321475728-2789777070-1001\...\uTorrent) (Version: 3.4.3.40760 - BitTorrent Inc.) 7-Zip 9.20 (HKLM-x32\...\7-Zip) (Version: - ) Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 16.0.0.273 - Adobe Systems Incorporated) Adobe Audition CS6 (HKLM-x32\...\{30FD541D-3C9D-41C4-B240-A994EE4E0231}) (Version: 5.0.2 - Adobe Systems Incorporated) Adobe Flash Player 18 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 18.0.0.209 - Adobe Systems Incorporated) Adobe Flash Player 18 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 18.0.0.232 - Adobe Systems Incorporated) Adobe Help Manager (HKLM-x32\...\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 4.0.244 - Adobe Systems Incorporated) Adobe Photoshop CC (HKLM-x32\...\{2D99B50E-431D-4AA8-85C1-172A6F8BCF09}) (Version: 14.0 - Adobe Systems Incorporated) Adobe Reader XI (11.0.06) - Polish (HKLM-x32\...\{AC76BA86-7AD7-1045-7B44-AB0000000001}) (Version: 11.0.06 - Adobe Systems Incorporated) AI Suite II (HKLM-x32\...\{34D3688E-A737-44C5-9E2A-FF73618728E1}) (Version: 2.04.01 - ASUSTeK Computer Inc.) AMD Catalyst Control Center (HKLM-x32\...\WUCCCApp) (Version: 1.00.0000 - AMD) AMD Catalyst Install Manager (HKLM\...\{92265DEC-AA16-8226-AE4B-96165DB368B6}) (Version: 8.0.916.0 - Advanced Micro Devices, Inc.) Asmedia ASM104x USB 3.0 Host Controller Driver (HKLM-x32\...\{E4FB0B39-C991-4EE7-95DD-1A1A7857D33D}) (Version: 1.16.12.0 - Asmedia Technology) ASUS Product Register Program (HKLM-x32\...\{C87D79F6-F813-4812-B7A9-CCCAAB8B1188}) (Version: 1.0.025 - ASUSTek Computer Inc.) AutoCAD 2014 — Polski (Polish) (Version: 19.1.18.0 - Autodesk) Hidden AutoCAD 2014 Language Pack – Polski (Polish) (Version: 19.1.18.0 - Autodesk) Hidden Autodesk AutoCAD 2014 — Polski (Polish) (HKLM\...\AutoCAD 2014 — Polski (Polish)) (Version: 19.1.18.0 - Autodesk) Autodesk Content Service (HKLM-x32\...\Autodesk Content Service) (Version: 3.1.3.0 - Autodesk) Autodesk Content Service (x32 Version: 3.1.3.0 - Autodesk) Hidden Autodesk Content Service Language Pack (x32 Version: 3.1.3.0 - Autodesk) Hidden Autodesk Material Library 2014 (HKLM-x32\...\{644F9B19-A462-499C-BF4D-300ABC2A28B1}) (Version: 4.0.19.0 - Autodesk) Autodesk Material Library Base Resolution Image Library 2014 (HKLM-x32\...\{51BF3210-B825-4092-8E0D-66D689916E02}) (Version: 4.0.19.0 - Autodesk) Autopsy (HKLM\...\{a10f2154-0599-4ad8-924c-0a21461ca753}) (Version: 3.0.10 - The Sleuth Kit) BeamNG.drive (HKLM-x32\...\Steam App 284160) (Version: - BeamNG) Bigasoft Total Video Converter 4.5.5.5561 (HKLM-x32\...\{A72CE741-1F32-4D79-BFFB-A714375C678D}_is1) (Version: - Bigasoft Corporation) bl (x32 Version: 1.0.0 - Your Company Name) Hidden BlackBerry 10 Desktop Software (Blend, Link, Drivers) (HKLM-x32\...\{c33e77db-89b5-4abf-a1d1-97f8b35347e1}) (Version: 1.2.0.52 - BlackBerry) BlackBerry Blend (x32 Version: 1.2.0.50 - BlackBerry Ltd.) Hidden BlackBerry Communication Drivers (x32 Version: 8.0.0.143 - BlackBerry Ltd.) Hidden BlackBerry Device Drivers (x32 Version: 8.0.0.143 - BlackBerry Ltd.) Hidden BlackBerry Link (x32 Version: 1.2.4.39 - BlackBerry) Hidden BlackBerry Link Remover (x32 Version: 1.2.4.0 - BlackBerry Ltd.) Hidden Bosch VMS Archive Player (HKLM-x32\...\{852D6A68-60C9-4B19-9A59-F9CF1F0A2D85}) (Version: 0.0 - Bosch Sicherheitssysteme GmbH) calibre 64bit (HKLM\...\{4DF0BC01-6D8A-4D2D-B2D6-2BB5F3203B3E}) (Version: 1.41.0 - Kovid Goyal) Canon Utilities Digital Photo Professional (HKLM-x32\...\Digital Photo Professional) (Version: 3.13.20.0 - Canon Inc.) Canon Utilities EOS Utility (HKLM-x32\...\EOS Utility) (Version: 2.13.20.0 - Canon Inc.) Canon Utilities Picture Style Editor (HKLM-x32\...\Picture Style Editor) (Version: 1.13.20.0 - Canon Inc.) CCleaner (HKLM\...\CCleaner) (Version: 5.05 - Piriform) CDBurnerXP (HKLM\...\{7E265513-8CDA-4631-B696-F40D983F3B07}_is1) (Version: 4.5.4.4852 - CDBurnerXP) CDBurnerXP (HKLM-x32\...\{7E265513-8CDA-4631-B696-F40D983F3B07}_is1) (Version: 4.5.4.5306 - CDBurnerXP) CDex - Open Source Digital Audio CD Extractor (HKLM-x32\...\CDex) (Version: 1.79.0.2015 - Georgy Berdyshev) DAEMON Tools Lite (HKLM-x32\...\DAEMON Tools Lite) (Version: 4.49.1.0356 - Disc Soft Ltd) Daum PotPlayer x64 (HKLM-x32\...\{C2F17E41-43CB-4317-A85D-7DDA50285187}_is1) (Version: 1.5.45955 - Daum Communications (06.03.2014)) Directory Lister Pro v1.70 (HKLM-x32\...\Directory Lister Pro_is1) (Version: 1.70 - KRKSoft) Dolby Digital Live Pack (HKLM-x32\...\Dolby Digital Live Pack) (Version: 3.03 - Creative Technology Limited) Dropbox (HKU\S-1-5-21-2697771076-3321475728-2789777070-1001\...\Dropbox) (Version: 3.4.4 - Dropbox, Inc.) DTS Connect Pack (HKLM-x32\...\DTS Connect Pack) (Version: 1.00 - Creative Technology Limited) e-Deklaracje Desktop (HKLM-x32\...\e-Deklaracje.A1909296681C7ACEFE45687D3A64758C8659BF46.1) (Version: 7.0.3 - Ministerstwo Finansow) e-Deklaracje Desktop (x32 Version: 7.0.3 - Ministerstwo Finansow) Hidden eReg (x32 Version: 1.20.138.34 - Logitech, Inc.) Hidden FARO LS 1.1.501.0 (64bit) (HKLM-x32\...\{8A470330-70B2-49AD-86AF-79885EF9898A}) (Version: 5.1.0.30630 - FARO Scanner Production) ffdshow v1.3.4531 [2014-06-28] (HKLM-x32\...\ffdshow_is1) (Version: 1.3.4531.0 - ) foobar2000 v1.3.3 (HKLM-x32\...\foobar2000) (Version: 1.3.3 - Peter Pawlowski) Foxit Reader (HKLM-x32\...\Foxit Reader_is1) (Version: 7.1.5.425 - Foxit Software Inc.) Google Earth (HKLM-x32\...\{4D2A6330-2F8B-11E3-9C40-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google) Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden Google Update Helper (x32 Version: 1.3.28.1 - Google Inc.) Hidden H264 CODEC Plugs (HKLM-x32\...\H264 CODEC Plugs) (Version: - ) Inkscape 0.91 (HKLM\...\{81922150-317E-4BB0-A31D-FF1C14F707C5}) (Version: 0.91 - inkscape.org) Java 7 Update 55 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217055FF}) (Version: 7.0.550 - Oracle) Java 7 Update 67 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F06417067FF}) (Version: 7.0.670 - Oracle) KeePass Password Safe 2.29 (HKLM-x32\...\KeePassPasswordSafe2_is1) (Version: 2.29 - Dominik Reichl) Logitech SetPoint 6.65 (HKLM\...\sp6) (Version: 6.65.62 - Logitech) Microsoft .NET Framework 1.1 (HKLM-x32\...\{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}) (Version: 1.1.4322 - Microsoft) Microsoft Office 2013 dla Użytkowników Domowych i Małych Firm - pl-pl (HKLM\...\HomeBusinessRetail - pl-pl) (Version: 15.0.4737.1003 - Microsoft Corporation) Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.40728.0 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (HKLM-x32\...\{15134cb0-b767-4960-a911-f2d16ae54797}) (Version: 11.0.50727.1 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 (HKLM-x32\...\{22154f09-719a-4619-bb71-5b3356999fbf}) (Version: 11.0.50727.1 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation) Mozilla Firefox 39.0 (x86 pl) (HKU\S-1-5-21-2697771076-3321475728-2789777070-1001\...\Mozilla Firefox 39.0 (x86 pl)) (Version: 39.0 - Mozilla) Mozilla Thunderbird 31.7.0 (x86 pl) (HKU\S-1-5-21-2697771076-3321475728-2789777070-1001\...\Mozilla Thunderbird 31.7.0 (x86 pl)) (Version: 31.7.0 - Mozilla) MPEG-ActiveX 4.27.01.01 (HKLM-x32\...\{FB3F09C4-029C-48B7-9242-6616BFDE0596}) (Version: 4.27.0101 - Bosch) MSVC80_x64_v2 (Version: 1.0.3.0 - Nokia) Hidden MSVC80_x86_v2 (x32 Version: 1.0.3.0 - Nokia) Hidden MSVC90_x64 (Version: 1.0.1.2 - Nokia) Hidden MSVC90_x86 (x32 Version: 1.0.1.2 - Nokia) Hidden Nero 11 InfoTool (HKLM-x32\...\{64BEF779-5053-48AF-A3D8-B70EBC1C70E7}) (Version: 11.0.00500 - Nero AG) Nokia Connectivity Cable Driver (HKLM\...\{BC4AE628-81A4-4FC6-863A-7A9BA2E2531F}) (Version: 7.1.32.69 - ) Notepad++ (HKLM-x32\...\Notepad++) (Version: 6.7.4 - Notepad++ Team) Office 15 Click-to-Run Extensibility Component (Version: 15.0.4737.1003 - Microsoft Corporation) Hidden Office 15 Click-to-Run Licensing Component (Version: 15.0.4737.1003 - Microsoft Corporation) Hidden Office 15 Click-to-Run Localization Component (Version: 15.0.4737.1003 - Microsoft Corporation) Hidden OpenVPN 2.3.6-I601 (HKLM\...\OpenVPN) (Version: 2.3.6-I601 - ) Opera Stable 31.0.1889.174 (HKU\S-1-5-21-2697771076-3321475728-2789777070-1001\...\Opera 31.0.1889.174) (Version: 31.0.1889.174 - Opera Software) Oracle VM VirtualBox 4.3.30 (HKLM\...\{5E7BEDD4-397D-4537-A290-AB012A45D771}) (Version: 4.3.30 - Oracle Corporation) Origin (HKLM-x32\...\Origin) (Version: 9.4.7.2799 - Electronic Arts, Inc.) Pakiet sterowników systemu Windows - Nokia pccsmcfd LegacyDriver (05/31/2012 7.1.2.0) (HKLM\...\62BBD193ADFDBB228C7E1ADB56463F5732FF7F6F) (Version: 05/31/2012 7.1.2.0 - Nokia) PC Connectivity Solution (HKLM-x32\...\{6D01D1B1-17BD-4F10-BB11-F08F0C47D42B}) (Version: 12.0.109.0 - Nokia) PDF Settings CC (x32 Version: 12.0 - Adobe Systems Incorporated) Hidden ph (x32 Version: 1.0.0 - Your Company Name) Hidden PhotoME (HKLM-x32\...\PhotoME_is1) (Version: 0.79R17 - Jens Duttke) Polski pakiet językowy dla narzędzi Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - PLK) (Version: 10.0.50903 - Microsoft Corporation) Potplayer-64 Bits (HKLM\...\PotPlayer64) (Version: - Daum Kakao Corp.) PowerChute Personal Edition 3.0.2 (HKLM-x32\...\{8ED262EE-FC73-47A9-BB86-D92223246881}) (Version: 3.0.2 - Schneider Electric) R-26 Driver (HKLM\...\RolandRDID0123) (Version: - Roland Corporation) Raptr (HKLM-x32\...\Raptr) (Version: - ) Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 10.1.505.2015 - Realtek) Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7535 - Realtek Semiconductor Corp.) Revo Uninstaller Pro 3.0.7 (HKLM\...\{67579783-0FB7-4F7B-B881-E5BE47C9DBE0}_is1) (Version: 3.0.7 - VS Revo Group, Ltd.) R-Studio 6.3 (HKLM-x32\...\R-Studio 6.3NSIS) (Version: 6.3.154025 - R-Tools Technology Inc.) SketchUp Import for AutoCAD 2014 (HKLM-x32\...\{644E9589-F73A-49A4-AC61-A953B9DE5669}) (Version: 1.1.0 - Autodesk) Skype Click to Call (HKLM-x32\...\{6D1221A9-17BF-4EC0-81F2-27D30EC30701}) (Version: 7.4.0.9058 - Microsoft Corporation) Skype™ 7.7 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.7.102 - Skype Technologies S.A.) Snagit 12 (HKLM-x32\...\{588591F5-74D7-4646-87C5-6A07E526F303}) (Version: 12.3.2 - TechSmith Corporation) Sound Blaster Z-Series (HKLM-x32\...\{143AECC2-5323-458C-8691-0F69277FE3B8}) (Version: 1.00.22 - Creative Technology Limited) Sound Blaster Z-Series Extras (HKLM-x32\...\{9D9DB4BA-E352-4AC8-AD2B-B10104F5AB80}) (Version: 1.0 - Creative Technology Limited) Spintires (HKLM-x32\...\Steam App 263280) (Version: - Oovee® Game Studios) Spotify (HKU\S-1-5-21-2697771076-3321475728-2789777070-1001\...\Spotify) (Version: 1.0.10.107.gd0dfca3a - Spotify AB) Steam (HKLM-x32\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve Corporation) Sweet Home 3D version 4.6 (HKLM\...\Sweet Home 3D_is1) (Version: - eTeks) TAP-Windows 9.21.1 (HKLM\...\TAP-Windows) (Version: 9.21.1 - ) TeamViewer 10 (HKLM-x32\...\TeamViewer) (Version: 10.0.43174 - TeamViewer) TechPowerUp GPU-Z (HKLM-x32\...\TechPowerUp GPU-Z) (Version: - TechPowerUp) Total Commander 64-bit (Remove or Repair) (HKLM\...\Totalcmd64) (Version: 8.51 - Ghisler Software GmbH) TrueCrypt (HKLM-x32\...\TrueCrypt) (Version: 7.1a - TrueCrypt Foundation) TXTcollector (HKLM-x32\...\TXTcollector_is1) (Version: 2.0.2 - Bluefive software) VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.1 - VideoLAN) WinRAR 5.10 beta 2 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.10.2 - win.rar GmbH) XMedia Recode version 3.2.3.5 (HKLM-x32\...\{DDA3C325-47B2-4730-9672-BF3771C08799}_is1) (Version: 3.2.3.5 - XMedia Recode) XnView 2.22 (HKLM-x32\...\XnView_is1) (Version: 2.22 - Gougelet Pierre-e) ==================== Custom CLSID (Whitelisted): ========================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) CustomCLSID: HKU\S-1-5-21-2697771076-3321475728-2789777070-1001_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Paweł\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-2697771076-3321475728-2789777070-1001_Classes\CLSID\{018D5C66-4533-4307-9B53-224DE2ED1FE6}\InprocServer32 -> C:\Windows\system32\shell32.dll (Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-2697771076-3321475728-2789777070-1001_Classes\CLSID\{1BF42E4C-4AF4-4CFD-A1A0-CF2960B8F63E}\InprocServer32 -> C:\Users\Paweł\AppData\Local\Microsoft\OneDrive\17.3.5907.0716_1\amd64\FileSyncShell64.dll (Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-2697771076-3321475728-2789777070-1001_Classes\CLSID\{5AB7172C-9C11-405C-8DD5-AF20F3606282}\InprocServer32 -> C:\Users\Paweł\AppData\Local\Microsoft\OneDrive\17.3.5907.0716_1\amd64\FileSyncShell64.dll (Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-2697771076-3321475728-2789777070-1001_Classes\CLSID\{6A221957-2D85-42A7-8E19-BE33950D1DEB}\localserver32 -> F:\Program Files\Autodesk\AutoCAD 2014\acad.exe (Autodesk, Inc.) CustomCLSID: HKU\S-1-5-21-2697771076-3321475728-2789777070-1001_Classes\CLSID\{7AFDFDDB-F914-11E4-8377-6C3BE50D980C}\InprocServer32 -> C:\Users\Paweł\AppData\Local\Microsoft\OneDrive\17.3.5907.0716_1\amd64\FileSyncShell64.dll (Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-2697771076-3321475728-2789777070-1001_Classes\CLSID\{7DE1BE5C-CEBA-4F1D-ACBC-9CE11EE9A2A1}\localserver32 -> F:\Program Files\Autodesk\AutoCAD 2014\acad.exe (Autodesk, Inc.) CustomCLSID: HKU\S-1-5-21-2697771076-3321475728-2789777070-1001_Classes\CLSID\{82CA8DE3-01AD-4CEA-9D75-BE4C51810A9E}\InprocServer32 -> C:\Users\Paweł\AppData\Local\Microsoft\OneDrive\17.3.5907.0716_1\amd64\FileSyncShell64.dll (Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-2697771076-3321475728-2789777070-1001_Classes\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}\InprocServer32 -> C:\Users\Paweł\AppData\Local\Microsoft\OneDrive\17.3.5907.0716_1\amd64\FileSyncShell64.dll (Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-2697771076-3321475728-2789777070-1001_Classes\CLSID\{A78ED123-AB77-406B-9962-2A5D9D2F7F30}\InprocServer32 -> C:\Users\Paweł\AppData\Local\Microsoft\OneDrive\17.3.5907.0716_1\amd64\FileSyncShell64.dll (Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-2697771076-3321475728-2789777070-1001_Classes\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}\InprocServer32 -> C:\Users\Paweł\AppData\Local\Microsoft\OneDrive\17.3.5907.0716_1\amd64\FileSyncShell64.dll (Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-2697771076-3321475728-2789777070-1001_Classes\CLSID\{BD0DEB94-63DB-4392-9420-6EEE05094B1F}\localserver32 -> F:\Program Files\Autodesk\AutoCAD 2014\acad.exe (Autodesk, Inc.) CustomCLSID: HKU\S-1-5-21-2697771076-3321475728-2789777070-1001_Classes\CLSID\{CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B}\InprocServer32 -> C:\Users\Paweł\AppData\Local\Microsoft\OneDrive\17.3.5907.0716_1\amd64\FileSyncShell64.dll (Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-2697771076-3321475728-2789777070-1001_Classes\CLSID\{E2C40589-DE61-11ce-BAE0-0020AF6D7005}\InprocServer32 -> F:\Program Files\Autodesk\AutoCAD 2014\pl-PL\acadficn.dll (Autodesk, Inc.) CustomCLSID: HKU\S-1-5-21-2697771076-3321475728-2789777070-1001_Classes\CLSID\{ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C}\InprocServer32 -> C:\Users\Paweł\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-2697771076-3321475728-2789777070-1001_Classes\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}\InprocServer32 -> C:\Users\Paweł\AppData\Local\Microsoft\OneDrive\17.3.5907.0716_1\amd64\FileSyncShell64.dll (Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-2697771076-3321475728-2789777070-1001_Classes\CLSID\{F8071786-1FD0-4A66-81A1-3CBE29274458}\InprocServer32 -> C:\Users\Paweł\AppData\Local\Microsoft\OneDrive\17.3.5907.0716_1\amd64\FileSyncApi64.dll (Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-2697771076-3321475728-2789777070-1001_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Paweł\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-2697771076-3321475728-2789777070-1001_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Paweł\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-2697771076-3321475728-2789777070-1001_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Paweł\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-2697771076-3321475728-2789777070-1001_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Paweł\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-2697771076-3321475728-2789777070-1001_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Paweł\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-2697771076-3321475728-2789777070-1001_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Paweł\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-2697771076-3321475728-2789777070-1001_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Paweł\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-2697771076-3321475728-2789777070-1001_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Paweł\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.) ==================== Restore Points ========================= ATTENTION: System Restore is disabled ==================== Hosts content: =============================== (If needed Hosts: directive could be included in the fixlist to reset Hosts.) 2013-08-22 15:25 - 2013-08-22 15:25 - 00000824 ____A C:\WINDOWS\system32\Drivers\etc\hosts ==================== Scheduled Tasks (Whitelisted) ============= (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) Task: {00EEBA9C-F9EF-4272-B793-C830FBADD359} - System32\Tasks\Microsoft\Windows\ApplicationData\DsSvcCleanup => C:\Windows\system32\dstokenclean.exe [2015-07-10] (Microsoft Corporation) Task: {0A46AB85-D79A-408A-BF69-BD7B035072DB} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> No File <==== ATTENTION Task: {0C3F2202-BAEF-44AD-8515-37149582F642} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION Task: {0CCA7916-2916-4F12-BD32-1E3BE31E1269} - System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Device-Join => C:\Windows\System32\dsregcmd.exe [2015-07-10] (Microsoft Corporation) Task: {10775346-5163-4965-8D3E-85C4F906AE48} - System32\Tasks\Microsoft Office 15 Sync Maintenance for PAWEL-KOMPUTER-Paweł PAWEL-KOMPUTER => C:\Program Files\Microsoft Office 15\Root\Office15\MsoSync.exe [2015-06-02] (Microsoft Corporation) Task: {160A6D2F-6DEB-4F39-9477-7D69DF67FD57} - System32\Tasks\{1660EEAC-CED0-4856-82AC-3B8A9E2FC8E4} => pcalua.exe -a "C:\Program Files (x86)\ASUS\AI Suite II\EasyUpdate\Temp\2\Setup.exe" -d "C:\Program Files (x86)\ASUS\AI Suite II\EasyUpdate\Temp\2" -c -s Task: {19865544-CE08-40BE-8B8C-87C47681433D} - System32\Tasks\Microsoft\Windows\WindowsUpdate\sihboot => C:\Windows\System32\sihclient.exe [2015-07-10] (Microsoft Corporation) Task: {1D2788FE-5057-41E9-ACDF-1F10282885BE} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> No File <==== ATTENTION Task: {216099E6-E9B6-4FF1-A582-4EDF2FA5B63D} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_18_0_0_232_pepper.exe [2015-08-16] (Adobe Systems Incorporated) Task: {3DE3A75D-EFF1-45E3-A6FA-DDAA37FE46D7} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION Task: {3F6E048D-6404-433B-8F5F-CFF4D89BF89E} - System32\Tasks\Microsoft\Windows\Application Experience\Microsoft Compatibility Appraiser => Rundll32.exe generaltel.dll,RunTelemetryW Task: {41160EA0-208B-4C3E-B4DB-805BBABC6B93} - System32\Tasks\Microsoft\Windows\Feedback\Siuf\DmClient => C:\Windows\system32\dmclient.exe [2015-07-10] (Microsoft Corporation) Task: {43D1A21D-96DC-4A6D-84B2-B96AABCACCE0} - System32\Tasks\ASUS\USB 3.0 Boost Service => C:\Program Files (x86)\ASUS\AI Suite II\USB 3.0 Boost\U3BoostSvr.exe [2011-09-09] () Task: {57727B23-AF13-4598-965E-03FEC22359B2} - System32\Tasks\Advanced System~Protector => C:\Program Files (x86)\ASP\AspManager.exe Task: {726F667D-CC35-4C39-9EC0-9AF27B0F51B0} - System32\Tasks\ASUS\ASUS Network iControl Help Execute => C:\Program Files (x86)\ASUS\AI Suite II\Network iControl\NetSvcHelp\NetSvcHelpEntry.exe [2013-02-07] (ASUSTeK Computer Inc.) Task: {73551810-E5F4-433E-9494-0D00B55C855E} - System32\Tasks\Microsoft\Windows\Maps\MapsToastTask Task: {749E94B0-0FB6-4B29-B2CC-768BFB0CB8EB} - System32\Tasks\Opera scheduled Autoupdate 1428491980 => D:\Program Files (x86)\Opera\launcher.exe [2015-08-17] (Opera Software) Task: {7571E2E7-5431-4CFF-992A-DEB4B9DAB7A3} - System32\Tasks\ASUS\ASUS AI Suite II Execute => C:\Program Files (x86)\ASUS\AI Suite II\AsRoutineController.exe [2012-03-13] (ASUSTeK Computer Inc.) Task: {78B77FA3-9D97-441D-97B6-68CEA40B4F74} - System32\Tasks\Microsoft\Windows\Application Experience\ProgramDataUpdater => Rundll32.exe generaltel.dll,RunTelemetry -maintenance Task: {79312579-CC6E-494D-8DA6-70CB09A31423} - System32\Tasks\TechSmith Updater => C:\Program Files (x86)\Common Files\TechSmith Shared\Updater\TSCUpdClt.exe [2015-04-14] (TechSmith Corporation) Task: {7C0A72C4-395A-4079-8CC2-E5A7BFD9A89E} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2015-08-12] (Microsoft Corporation) Task: {7FA7BB6D-2026-4B78-814F-918EE468095B} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2015-07-01] (Microsoft Corporation) Task: {83CD6275-B6EB-4989-87C4-8BF3EC700E0B} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION Task: {8DF84CB3-D8E0-4307-A35B-CA74E21786DB} - System32\Tasks\Microsoft\Windows\Clip\License Validation => C:\Windows\system32\ClipUp.exe [2015-07-30] (Microsoft Corporation) Task: {8F1E0B8F-8468-4AEB-A3A6-766B54A967C4} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> No File <==== ATTENTION Task: {A5B6CD85-1B57-49B9-BA80-5D5D65F02826} - System32\Tasks\Microsoft\Windows\AppID\EDP Policy Manager Task: {A6C91A33-B3FE-41DF-B953-08C192AAC5D0} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> No File <==== ATTENTION Task: {A9D52D8C-CC56-4FA8-BE40-7102C9754255} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> No File <==== ATTENTION Task: {ACBEA6EB-FFDB-40F8-ACF6-70D704B2AD0C} - System32\Tasks\AdobeAAMUpdater-1.0-MicrosoftAccount-paweldejko@hotmail.com => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2013-03-21] (Adobe Systems Incorporated) Task: {AE0D6036-125D-4884-827D-2CDB922934D9} - System32\Tasks\ASUS\ASUS Product Register Service => C:\Program Files (x86)\ASUS\APRP\aprp.exe [2013-08-27] (ASUSTek Computer Inc.) Task: {B29DE151-D7B1-42D6-8ED1-D0170C2116AC} - System32\Tasks\{E7FE28FC-9D78-451D-AE04-C665160DC0E9} => pcalua.exe -a E:\opinie\038\Płyta\zawartość\start_Player.exe -d E:\opinie\038\Płyta\zawartość Task: {BFD4571A-CB90-40BF-B9FC-F269F5BC8884} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION Task: {C56AFFD3-06B8-4A16-AF7E-F7A6EB3FAE9E} - System32\Tasks\Microsoft\Windows\TPM\Tpm-HASCertRetr Task: {C5EE2EA2-5312-4D1F-B9D0-41B18DF31B78} - System32\Tasks\Microsoft\Windows\WindowsUpdate\sih => C:\Windows\System32\sihclient.exe [2015-07-10] (Microsoft Corporation) Task: {C7A236B2-12E1-46DC-9501-3B1B0209CC09} - System32\Tasks\Microsoft\Windows\Location\WindowsActionDialog => C:\Windows\System32\WindowsActionDialog.exe [2015-07-10] (Microsoft Corporation) Task: {CF42AD43-EFA9-4FE2-8475-99E5ACF97E18} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2015-04-08] (Piriform Ltd) Task: {D64DD4B2-51AA-40E1-B59C-3520EA0C55C1} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> No File <==== ATTENTION Task: {DBB83F15-4D07-49EC-8DEF-23EED3FF9A24} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION Task: {E059B8C2-A20F-4D05-B2C5-F5E95F90C112} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: {E7FBB069-8BB9-4D7A-AC0A-86201F1697EE} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2015-07-01] (Microsoft Corporation) Task: {E9AF5022-DA6D-4F4D-8158-2D02354C5257} - System32\Tasks\ASUS\ASUS DigiPowerControl Help => C:\Program Files (x86)\ASUS\AI Suite II\DIGI+ Power Control\PowerControlHelp.exe [2013-01-14] (ASUSTeK Computer Inc.) Task: {E9FF6C31-FBD7-43F6-971A-CBEEC4D537A4} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: {EC8A3501-D745-4105-8A37-3FC5C8C7B660} - System32\Tasks\Advanced System~Protector_startup => C:\Program Files (x86)\ASP\AdvancedSystemProtector.exe <==== ATTENTION (If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.) Task: C:\WINDOWS\Tasks\Adobe Flash Player PPAPI Notifier.job => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_18_0_0_232_pepper.exe Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe ==================== Loaded Modules (Whitelisted) ============== 2015-07-30 09:42 - 2015-07-30 09:42 - 00032768 _____ () C:\WINDOWS\SYSTEM32\licensemanagerapi.dll 2015-07-28 22:45 - 2015-07-28 22:45 - 00214528 _____ () C:\Program Files\AMD\ATI.ACE\Fuel\Fuel.Container.PerformanceTuning.dll 2014-02-11 07:08 - 2014-02-11 07:08 - 00817152 _____ () C:\Program Files\AMD\ATI.ACE\Fuel\Device.dll 2014-02-11 07:08 - 2014-02-11 07:08 - 03650560 _____ () C:\Program Files\AMD\ATI.ACE\Fuel\Platform.dll 2015-08-19 14:51 - 2015-08-11 11:14 - 00404480 _____ () C:\WINDOWS\System32\diagtrack_wininternal.dll 2014-04-04 22:38 - 2014-05-20 09:19 - 00105640 _____ () C:\Program Files\Microsoft Office 15\ClientX64\ApiClient.dll 2014-04-04 21:03 - 2013-09-17 18:58 - 00920736 _____ () C:\Program Files (x86)\ASUS\AXSP\1.00.19\atkexComSvc.exe 2015-08-05 19:51 - 2015-07-30 08:05 - 02498808 _____ () C:\WINDOWS\system32\CoreUIComponents.dll 2015-04-22 07:16 - 2015-04-22 00:58 - 00088576 _____ () D:\Program Files\Miranda NG\Zlib.dll 2015-04-22 07:16 - 2015-04-22 00:58 - 00163840 _____ () D:\Program Files\Miranda NG\mir_core.dll 2015-04-22 07:16 - 2015-04-22 01:05 - 00064512 _____ () D:\Program Files\Miranda NG\Plugins\CrashDumper.dll 2015-04-22 07:16 - 2015-04-22 01:05 - 00116736 _____ () D:\Program Files\Miranda NG\Plugins\DbEditorPP.dll 2015-04-22 07:16 - 2015-04-22 00:59 - 00068608 _____ () D:\Program Files\Miranda NG\Plugins\Dbx_mmap.dll 2015-04-22 07:16 - 2015-04-22 00:59 - 00035840 _____ () D:\Program Files\Miranda NG\Core\stdcrypt.dll 2015-04-22 07:16 - 2015-04-22 00:59 - 00015360 _____ () D:\Program Files\Miranda NG\Core\stdssl.dll 2015-04-22 07:16 - 2015-04-22 01:00 - 00702464 _____ () D:\Program Files\Miranda NG\Plugins\AdvaImg.dll 2015-04-22 07:16 - 2015-04-22 01:03 - 00521728 _____ () D:\Program Files\Miranda NG\Plugins\Clist_modern.dll 2015-04-22 07:16 - 2015-04-22 01:01 - 00051200 _____ () D:\Program Files\Miranda NG\Plugins\AdvancedAutoAway.dll 2015-04-22 07:16 - 2015-04-22 01:07 - 00075264 _____ () D:\Program Files\Miranda NG\Plugins\AssocMgr.dll 2015-04-22 07:16 - 2015-04-22 00:59 - 00068096 _____ () D:\Program Files\Miranda NG\Plugins\AVS.dll 2015-06-23 14:00 - 2015-06-23 12:05 - 00357888 _____ () D:\Program Files\Miranda NG\Plugins\Facebook.dll 2015-04-22 07:16 - 2015-04-22 01:07 - 00110080 _____ () D:\Program Files\Miranda NG\Plugins\Fingerprint.dll 2015-04-22 07:16 - 2015-04-22 01:01 - 00025600 _____ () D:\Program Files\Miranda NG\Plugins\Folders.dll 2015-04-22 07:16 - 2015-04-22 01:08 - 00313344 _____ () D:\Program Files\Miranda NG\Plugins\FTPFile.dll 2015-04-22 07:16 - 2015-04-22 01:01 - 00023552 _____ () D:\Program Files\Miranda NG\Plugins\HistorySweeperLight.dll 2015-04-22 07:16 - 2015-04-22 01:01 - 00132096 _____ () D:\Program Files\Miranda NG\Plugins\IEView.dll 2015-04-22 07:16 - 2015-04-22 00:59 - 00046080 _____ () D:\Program Files\Miranda NG\Plugins\Import.dll 2015-01-09 13:20 - 2015-01-01 15:20 - 00028160 _____ () D:\Program Files\Miranda NG\Plugins\mTextControl.dll 2015-04-22 07:16 - 2015-04-22 01:06 - 00086528 _____ () D:\Program Files\Miranda NG\Plugins\NewsAggregator.dll 2015-04-22 07:16 - 2015-04-22 01:01 - 00104448 _____ () D:\Program Files\Miranda NG\Plugins\NewXstatusNotify.dll 2015-04-22 07:16 - 2015-04-22 01:05 - 00084480 _____ () D:\Program Files\Miranda NG\Plugins\PluginUpdater.dll 2015-04-22 07:16 - 2015-04-22 01:01 - 00265728 _____ () D:\Program Files\Miranda NG\Plugins\Popup.dll 2015-04-22 07:16 - 2015-04-22 01:01 - 00045568 _____ () D:\Program Files\Miranda NG\Plugins\SeenPlugin.dll 2015-04-22 07:16 - 2015-04-22 01:01 - 00019968 _____ () D:\Program Files\Miranda NG\Plugins\SimpleAR.dll 2015-04-22 07:16 - 2015-04-22 01:03 - 00100864 _____ () D:\Program Files\Miranda NG\Plugins\SimpleStatusMsg.dll 2015-04-22 07:16 - 2015-04-22 01:01 - 00142848 _____ () D:\Program Files\Miranda NG\Plugins\SmileyAdd.dll 2015-04-22 07:16 - 2015-04-22 01:02 - 00351744 _____ () D:\Program Files\Miranda NG\Plugins\SpellChecker.dll 2015-04-22 07:16 - 2015-04-22 01:02 - 00051712 _____ () D:\Program Files\Miranda NG\Plugins\StopSpam.dll 2015-04-22 07:16 - 2015-04-22 00:59 - 00606720 _____ () D:\Program Files\Miranda NG\Plugins\TabSRMM.dll 2015-04-22 07:16 - 2015-04-22 01:02 - 00159232 _____ () D:\Program Files\Miranda NG\Plugins\Tipper.dll 2015-04-22 07:16 - 2015-04-22 01:03 - 00048640 _____ () D:\Program Files\Miranda NG\Plugins\TopToolBar.dll 2015-04-22 07:16 - 2015-04-22 01:02 - 00412160 _____ () D:\Program Files\Miranda NG\Plugins\UInfoEx.dll 2015-04-22 07:16 - 2015-04-22 01:02 - 00099840 _____ () D:\Program Files\Miranda NG\Plugins\Variables.dll 2015-04-22 07:16 - 2015-04-22 01:02 - 00097280 _____ () D:\Program Files\Miranda NG\Pcre16.dll 2015-04-22 07:16 - 2015-04-22 00:58 - 00020992 _____ () D:\Program Files\Miranda NG\Core\stdurl.dll 2015-04-22 07:16 - 2015-04-22 00:58 - 00016896 _____ () D:\Program Files\Miranda NG\Core\stdauth.dll 2015-04-22 07:16 - 2015-04-22 00:58 - 00060416 _____ () D:\Program Files\Miranda NG\Core\stdfile.dll 2015-04-22 07:16 - 2015-04-22 00:58 - 00014336 _____ () D:\Program Files\Miranda NG\Core\stdhelp.dll 2015-04-22 07:16 - 2015-04-22 00:58 - 00015872 _____ () D:\Program Files\Miranda NG\Core\stdidle.dll 2015-07-28 22:45 - 2015-07-28 22:45 - 00102400 _____ () C:\Program Files\AMD\ATI.ACE\Fuel\Fuel.Proxy.Native.dll 2015-08-05 19:51 - 2015-07-30 08:05 - 02498808 _____ () C:\WINDOWS\System32\CoreUIComponents.dll 2014-05-12 11:49 - 2014-05-12 11:49 - 00222720 _____ () F:\Program Files\Notepad++\NppShell_06.dll 2015-07-10 12:59 - 2015-07-10 12:59 - 00429056 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\QuickActions.dll 2015-07-10 12:59 - 2015-07-10 12:59 - 00143360 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\XamlTileRendering.dll 2015-08-12 16:08 - 2015-08-03 03:11 - 06569472 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll 2015-07-10 13:00 - 2015-07-10 18:35 - 00471040 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll 2015-08-19 14:51 - 2015-08-11 10:58 - 01808384 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll 2015-08-12 16:08 - 2015-08-03 03:09 - 02274816 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll 2015-07-10 13:00 - 2015-07-10 18:35 - 00210432 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.ProxyStub.dll 2014-04-04 21:03 - 2015-08-19 23:13 - 00035840 _____ () C:\Program Files (x86)\ASUS\AXSP\1.00.19\PEbiosinterface32.dll 2014-04-04 21:03 - 2010-06-29 10:58 - 00104448 _____ () C:\Program Files (x86)\ASUS\AXSP\1.00.19\ATKEX.dll 2014-11-28 12:18 - 2014-11-28 12:18 - 00094208 _____ () C:\Program Files (x86)\Common Files\Research In Motion\Tunnel Manager\libxpmux.dll 2014-04-04 21:05 - 2013-08-19 17:23 - 00043520 ____N () C:\Program Files (x86)\ASUS\AI Suite II\TurboV EVO\HookKey32.dll 2014-04-04 21:05 - 2013-08-19 17:21 - 00253952 _____ () C:\Program Files (x86)\ASUS\AI Suite II\TurboV EVO\pngio.dll 2014-04-04 21:04 - 2011-07-12 19:14 - 00147456 _____ () C:\Program Files (x86)\ASUS\AI Suite II\AssistFunc.dll 2014-04-04 21:04 - 2010-10-05 08:22 - 00253952 _____ () C:\Program Files (x86)\ASUS\AI Suite II\pngio.dll 2014-04-04 21:04 - 2013-12-04 11:57 - 00870912 _____ () C:\Program Files (x86)\ASUS\AI Suite II\AI Charger+\AIChargerPlus.dll 2014-04-04 21:04 - 2012-10-08 17:07 - 00972288 _____ () C:\Program Files (x86)\ASUS\AI Suite II\BarGadget\BarGadget.dll 2014-04-04 21:04 - 2013-05-08 16:22 - 01040896 _____ () C:\Program Files (x86)\ASUS\AI Suite II\EasyUpdate\EasyUpdt.dll 2014-04-04 21:04 - 2012-06-19 12:56 - 01305600 _____ () C:\Program Files (x86)\ASUS\AI Suite II\MyLogo\MyLogo.dll 2014-04-04 21:04 - 2013-06-24 15:59 - 01173504 _____ () C:\Program Files (x86)\ASUS\AI Suite II\Network iControl\Network iControl.dll 2014-04-04 21:05 - 2012-07-20 09:39 - 01047040 _____ () C:\Program Files (x86)\ASUS\AI Suite II\Probe_II\ProbeII.dll 2014-04-04 21:04 - 2013-04-15 14:19 - 00883712 _____ () C:\Program Files (x86)\ASUS\AI Suite II\Sensor\Sensor.dll 2014-04-04 21:04 - 2012-05-28 21:27 - 01622528 _____ () C:\Program Files (x86)\ASUS\AI Suite II\Sensor Graph\SensorGraph.dll 2014-04-04 21:04 - 2011-09-19 20:18 - 01243136 _____ () C:\Program Files (x86)\ASUS\AI Suite II\Settings\Settings.dll 2014-04-04 21:04 - 2011-07-21 09:06 - 00846848 _____ () C:\Program Files (x86)\ASUS\AI Suite II\Splitter\Splitter.dll 2014-04-04 21:04 - 2012-08-29 18:09 - 00875520 _____ () C:\Program Files (x86)\ASUS\AI Suite II\TabGadget\TabGadget.dll 2014-04-04 21:03 - 2010-08-23 10:17 - 00662016 _____ () C:\Program Files (x86)\ASUS\AAHM\1.00.20\aaHMLib.dll 2014-04-04 21:04 - 2010-10-05 08:22 - 00208896 _____ () C:\Program Files (x86)\ASUS\AI Suite II\ImageHelper.dll 2014-04-04 21:05 - 2012-01-19 09:39 - 00028672 _____ () C:\Program Files (x86)\ASUS\AI Suite II\USB BIOS Flashback\PEInfo.dll 2014-04-04 21:05 - 2010-09-23 11:51 - 00114688 _____ () C:\Program Files (x86)\ASUS\AI Suite II\USB BIOS Flashback\AsIdxParser.dll 2014-04-04 21:05 - 2010-02-25 14:01 - 00139264 _____ () C:\Program Files (x86)\ASUS\AI Suite II\USB BIOS Flashback\Aszip.dll 2014-04-04 21:04 - 2009-08-12 20:15 - 00253952 _____ () C:\Program Files (x86)\ASUS\AI Suite II\Sensor\AlertHelper\pngio.dll 2015-08-19 14:43 - 2015-08-19 14:43 - 58600568 _____ () D:\Program Files (x86)\Opera\31.0.1889.174\opera.dll 2015-08-19 14:43 - 2015-08-19 14:43 - 01781368 _____ () D:\Program Files (x86)\Opera\31.0.1889.174\libglesv2.dll 2015-08-19 14:43 - 2015-08-19 14:43 - 00081528 _____ () D:\Program Files (x86)\Opera\31.0.1889.174\libegl.dll 2015-05-20 10:36 - 2015-05-20 10:36 - 03350640 _____ () F:\Program Files\Mozilla Thunderbird\mozjs.dll 2015-05-20 10:36 - 2015-05-20 10:36 - 00158832 _____ () F:\Program Files\Mozilla Thunderbird\NSLDAP32V60.dll 2015-05-20 10:36 - 2015-05-20 10:36 - 00023152 _____ () F:\Program Files\Mozilla Thunderbird\NSLDAPPR32V60.dll 2015-05-29 15:33 - 2015-05-29 15:33 - 00008704 _____ () C:\Users\Paweł\AppData\Roaming\Thunderbird\Profiles\v912yn0w.default\extensions\mintrayr@tn123.ath.cx\lib\tray_x86-msvc.dll ==================== Alternate Data Streams (Whitelisted) ========= (If an entry is included in the fixlist, only the ADS will be removed.) AlternateDataStreams: C:\Users\Paweł\SkyDrive:ms-properties ==================== Safe Mode (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.) HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Ahcache.sys => ""="Driver" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CoreMessagingRegistrar => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\StateRepository => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TileDataModelSvc => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\UserManager => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Ahcache.sys => ""="Driver" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\CoreMessagingRegistrar => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\StateRepository => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TileDataModelSvc => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\UserManager => ""="Service" ==================== EXE Association (Whitelisted) =============== (If an entry is included in the fixlist, the registry item will be restored to default or removed.) ==================== Internet Explorer trusted/restricted =============== (If an entry is included in the fixlist, it will be removed from the registry.) ==================== Other Areas ============================ (Currently there is no automatic fix for this section.) HKU\S-1-5-21-2697771076-3321475728-2789777070-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Paweł\AppData\Local\Microsoft\Windows\Themes\RoamedThemeFiles\DesktopBackground\xnview_wallpaper_20150621.bmp DNS Servers: 46.151.191.151 - 46.151.191.5 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1) Windows Firewall is enabled. ==================== MSCONFIG/TASK MANAGER disabled items == (Currently there is no automatic fix for this section.) MSCONFIG\Services: AdobeARMservice => 2 MSCONFIG\Services: FlexNet Licensing Service 64 => 3 MSCONFIG\Services: gupdate => 2 MSCONFIG\Services: gupdatem => 3 MSCONFIG\Services: ServiceLayer => 3 MSCONFIG\Services: Steam Client Service => 3 MSCONFIG\Services: TechSmith Uploader Service => 2 HKLM\...\StartupApproved\Run: => "AdobeAAMUpdater-1.0" HKLM\...\StartupApproved\Run32: => "ASUS AiChargerPlus Execute" HKLM\...\StartupApproved\Run32: => "UpdReg" HKLM\...\StartupApproved\Run32: => "KeePass 2 PreLoad" HKLM\...\StartupApproved\Run32: => "Adobe ARM" HKLM\...\StartupApproved\Run32: => "SunJavaUpdateSched" HKLM\...\StartupApproved\Run32: => "Display" HKLM\...\StartupApproved\Run32: => "AdobeAAMUpdater-1.0" HKLM\...\StartupApproved\Run32: => "RIM PeerManager" HKLM\...\StartupApproved\Run32: => "RIMBBLaunchAgent.exe" HKLM\...\StartupApproved\Run32: => "Raptr" HKLM\...\StartupApproved\Run32: => "CommonToolkitTray" HKLM\...\StartupApproved\Run32: => "ISUSScheduler" HKU\S-1-5-21-2697771076-3321475728-2789777070-1001\...\StartupApproved\StartupFolder: => "Logitech . Rejestracja produktu.lnk" HKU\S-1-5-21-2697771076-3321475728-2789777070-1001\...\StartupApproved\StartupFolder: => "Miranda32.lnk" HKU\S-1-5-21-2697771076-3321475728-2789777070-1001\...\StartupApproved\StartupFolder: => "iRotate.lnk" HKU\S-1-5-21-2697771076-3321475728-2789777070-1001\...\StartupApproved\StartupFolder: => "WTW.lnk" HKU\S-1-5-21-2697771076-3321475728-2789777070-1001\...\StartupApproved\Run: => "CreativeTaskScheduler" HKU\S-1-5-21-2697771076-3321475728-2789777070-1001\...\StartupApproved\Run: => "NokiaSuite.exe" HKU\S-1-5-21-2697771076-3321475728-2789777070-1001\...\StartupApproved\Run: => "DAEMON Tools Lite" HKU\S-1-5-21-2697771076-3321475728-2789777070-1001\...\StartupApproved\Run: => "Steam" HKU\S-1-5-21-2697771076-3321475728-2789777070-1001\...\StartupApproved\Run: => "AMD CATALYST™ Linker Driver" HKU\S-1-5-21-2697771076-3321475728-2789777070-1001\...\StartupApproved\Run: => "Spotify" HKU\S-1-5-21-2697771076-3321475728-2789777070-1001\...\StartupApproved\Run: => "Spotify Web Helper" HKU\S-1-5-21-2697771076-3321475728-2789777070-1001\...\StartupApproved\Run: => "DisplayFusion" HKU\S-1-5-21-2697771076-3321475728-2789777070-1001\...\StartupApproved\Run: => "ISUSPM Startup" ==================== FirewallRules (Whitelisted) =============== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139 FirewallRules: [SPPSVC-In-TCP] => (Allow) %SystemRoot%\system32\sppextcomobj.exe FirewallRules: [SPPSVC-In-TCP-NoScope] => (Allow) %SystemRoot%\system32\sppextcomobj.exe FirewallRules: [{21411EA2-8859-4F2E-8F1E-5E1787D56BC6}] => (Block) C:\program files (x86)\skype\phone\skype.exe FirewallRules: [{64F222CE-CA38-440D-8B4B-7E2C41A7FF50}] => (Block) C:\program files (x86)\skype\phone\skype.exe FirewallRules: [UDP Query User{F5CA8E38-0756-4DA5-9782-3D042B0B162C}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe FirewallRules: [TCP Query User{0139A755-89AC-4BD5-BCD2-B4F1EDAB78C0}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe FirewallRules: [{1FF4CBF6-CF73-442D-AE03-F953EAE001FB}] => (Allow) C:\Program Files (x86)\BlackBerry\BlackBerry Blend\desktopinvokeproxy.exe FirewallRules: [{801D9065-458E-4559-B0A4-7CD1644B9430}] => (Allow) C:\Program Files (x86)\Common Files\Research In Motion\tunnel manager\PeerManager.exe FirewallRules: [{B9A63B61-8646-4EB3-87BC-9CFB1AA1938E}] => (Allow) C:\Program Files (x86)\Common Files\Research In Motion\nginx\nginx.exe FirewallRules: [{A91E0C4A-D785-4E26-95B5-A0F1AADEEE6E}] => (Allow) mDNSResponder.exe FirewallRules: [{65723C5E-BC2E-418B-9FDC-915A6A9A06B3}] => (Allow) mDNSResponder.exe FirewallRules: [{BD860366-36DA-4ABD-9E24-76F3F6B25493}] => (Allow) tunmgr.exe FirewallRules: [{F24210F2-E621-4853-B7F8-9610F4CFD901}] => (Allow) tunmgr.exe FirewallRules: [{63F28771-9741-4316-96D3-70D9762C3DB9}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe FirewallRules: [{75DCFE50-3590-420B-82C2-09F6FA6BCE38}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe FirewallRules: [{81BB15CF-EC18-4CEE-AFEF-59C1FC3BE616}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe FirewallRules: [{5E1EEC09-BB67-4805-9956-BC9A619A4CBD}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe FirewallRules: [{0C9B7F70-117B-4CC9-B108-9FF25A0F4A71}] => (Block) C:\users\paweł\appdata\roaming\spotify\spotify.exe FirewallRules: [{EC1B5CF3-D3CA-4498-9ABC-3D2E068D7EEB}] => (Block) C:\users\paweł\appdata\roaming\spotify\spotify.exe FirewallRules: [UDP Query User{7C094B15-AA8F-4F04-A643-C2E6BB53B455}C:\users\paweł\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\paweł\appdata\roaming\spotify\spotify.exe FirewallRules: [TCP Query User{8C940A8B-EABD-480F-A82B-0BE369AA26EA}C:\users\paweł\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\paweł\appdata\roaming\spotify\spotify.exe FirewallRules: [{A6229FDE-85A6-441D-9019-4C119AF9E3B3}] => (Block) D:\program files (x86)\steam\steamapps\common\beamng.drive\bin64\beamng.drive.x64.exe FirewallRules: [{EC0DF003-6A5A-4707-AA7B-223A3518F65A}] => (Block) D:\program files (x86)\steam\steamapps\common\beamng.drive\bin64\beamng.drive.x64.exe FirewallRules: [UDP Query User{84C4E104-ADF9-4060-BC23-754D6EAC7A77}D:\program files (x86)\steam\steamapps\common\beamng.drive\bin64\beamng.drive.x64.exe] => (Allow) D:\program files (x86)\steam\steamapps\common\beamng.drive\bin64\beamng.drive.x64.exe FirewallRules: [TCP Query User{359A347B-3988-4404-B176-343BE28481C1}D:\program files (x86)\steam\steamapps\common\beamng.drive\bin64\beamng.drive.x64.exe] => (Allow) D:\program files (x86)\steam\steamapps\common\beamng.drive\bin64\beamng.drive.x64.exe FirewallRules: [{ECD099DC-0AD8-402B-8E8C-96E7D31148E0}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\BeamNG.drive\BeamNG.drive.exe FirewallRules: [{9F2AE230-9CF7-43A4-92F7-6A25DFDC6B12}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\BeamNG.drive\BeamNG.drive.exe FirewallRules: [{76DE0D58-06AE-4E61-B77A-E77F2F54AB40}] => (Allow) LPort=8298 FirewallRules: [{3C02C241-176C-4E07-805A-C57086C208A8}] => (Block) D:\program files (x86)\mozilla firefox\firefox.exe FirewallRules: [{3F87E343-979C-4E55-8972-60B8FEA99ECC}] => (Block) D:\program files (x86)\mozilla firefox\firefox.exe FirewallRules: [UDP Query User{D560D162-A02D-41DD-92DB-7DA0E4AC1A85}D:\program files (x86)\mozilla firefox\firefox.exe] => (Allow) D:\program files (x86)\mozilla firefox\firefox.exe FirewallRules: [TCP Query User{E37725A5-10EE-4685-AD68-147577A6B4F9}D:\program files (x86)\mozilla firefox\firefox.exe] => (Allow) D:\program files (x86)\mozilla firefox\firefox.exe FirewallRules: [{F78B97D7-36CC-4038-9869-3C0C55A65545}] => (Allow) C:\Program Files (x86)\Raptr\raptr_im.exe FirewallRules: [{D8CD94AD-326B-41D8-85AA-C585AC73B28C}] => (Allow) C:\Program Files (x86)\Raptr\raptr_im.exe FirewallRules: [{75EB624B-5D8A-40C6-84DF-A319CA5AE7E1}] => (Allow) C:\Program Files (x86)\Raptr\raptr.exe FirewallRules: [{FA94F68F-4B90-49DE-87AE-D837AF50B1FB}] => (Allow) C:\Program Files (x86)\Raptr\raptr.exe FirewallRules: [{8C214B5E-06A4-44B8-B3EA-CF9886BC0CA9}] => (Block) D:\program files\miranda ng\miranda64.exe FirewallRules: [{8FBBD31A-F6B5-44EF-9C02-EAFF6270562B}] => (Block) D:\program files\miranda ng\miranda64.exe FirewallRules: [UDP Query User{823EEA63-894D-440E-B616-E4FE136B86B7}D:\program files\miranda ng\miranda64.exe] => (Allow) D:\program files\miranda ng\miranda64.exe FirewallRules: [TCP Query User{A0EE4345-B12C-4AD1-9E2A-7C28C79EA7C8}D:\program files\miranda ng\miranda64.exe] => (Allow) D:\program files\miranda ng\miranda64.exe FirewallRules: [{6897229A-9B2D-4054-BE74-8B00FC454E90}] => (Allow) C:\Users\Paweł\AppData\Roaming\uTorrent\uTorrent.exe FirewallRules: [{D21A2122-127A-4DF0-9BD6-BB85AD4AE06C}] => (Allow) C:\Users\Paweł\AppData\Roaming\uTorrent\uTorrent.exe FirewallRules: [{F4A2C71F-CEC9-4AB4-A217-0191B2CD7505}] => (Allow) F:\Program Files\Daum\PotPlayer\PotPlayerMini64.exe FirewallRules: [Daum PotPlayer(PotPlayerMini64.exe)] => (Allow) F:\Program Files\Daum\PotPlayer\PotPlayerMini64.exe FirewallRules: [{1AEFE0F5-CB04-4481-BD47-79938853CC75}] => (Allow) D:\Program Files (x86)\Steam\bin\steamwebhelper.exe FirewallRules: [{D01FC7D3-D98A-4950-8FD4-C58C4B64733A}] => (Allow) D:\Program Files (x86)\Steam\bin\steamwebhelper.exe FirewallRules: [{E73305FD-E01E-4213-872A-6A251B601EC7}] => (Block) D:\program files (x86)\totalcmd\totalcmd64.exe FirewallRules: [{AFF31DA9-8512-47BB-96A7-2A2C1034E31B}] => (Block) D:\program files (x86)\totalcmd\totalcmd64.exe FirewallRules: [UDP Query User{DAF171F5-3945-44B8-8664-EB6EA951D92F}D:\program files (x86)\totalcmd\totalcmd64.exe] => (Allow) D:\program files (x86)\totalcmd\totalcmd64.exe FirewallRules: [TCP Query User{8A547707-537C-4029-A611-F6E0ADDD9740}D:\program files (x86)\totalcmd\totalcmd64.exe] => (Allow) D:\program files (x86)\totalcmd\totalcmd64.exe FirewallRules: [{CC9A54D6-9270-4B0D-A6D4-AFCF84C0B983}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\Spintires\SpinTires.exe FirewallRules: [{BA2BD38E-98C1-425D-A8A8-79C3424E62E9}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\Spintires\SpinTires.exe FirewallRules: [{5B69792C-4097-4093-A0F4-61775F3F16D3}] => (Allow) D:\Program Files (x86)\Steam\Steam.exe FirewallRules: [{72E1BDD3-6686-40BE-A3ED-2120513D928E}] => (Allow) D:\Program Files (x86)\Steam\Steam.exe FirewallRules: [{E7128784-9CDC-41A6-903A-E1FA76FD76FF}] => (Allow) C:\Users\Paweł\AppData\Roaming\Dropbox\bin\Dropbox.exe FirewallRules: [{4B1DAB7C-1272-400D-AA8C-5D29BD5AB405}] => (Allow) C:\Users\Paweł\AppData\Roaming\Dropbox\bin\Dropbox.exe FirewallRules: [{27224729-572F-401A-9705-B11923085326}] => (Allow) C:\Users\Paweł\AppData\Roaming\Dropbox\bin\Dropbox.exe FirewallRules: [{68E8F8ED-01F1-4F7B-8826-048AAA4389B6}] => (Allow) C:\Users\Paweł\AppData\Roaming\Dropbox\bin\Dropbox.exe FirewallRules: [{C15B0CFC-6A99-4272-B80C-D36C25E316F2}] => (Allow) LPort=50248 FirewallRules: [{6F88FF86-3A27-483B-94A4-95CD319EFCAC}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\outlook.exe FirewallRules: [{071654E5-BCE5-4838-8942-EABDC188ACC0}] => (Allow) C:\Program Files (x86)\ASUS\AI Suite II\AI Suite II.exe FirewallRules: [{299A51C5-EFB4-40F1-9966-F8675FC1FD75}] => (Allow) C:\Program Files (x86)\ASUS\AI Suite II\AI Suite II.exe FirewallRules: [{58A82381-61D1-4541-85BB-66CC64F9F872}] => (Allow) C:\Program Files (x86)\Raptr\raptr.exe FirewallRules: [{DA1F3DF5-17D5-4B8A-BE3C-AFED95493A3E}] => (Allow) C:\Program Files (x86)\Raptr\raptr.exe FirewallRules: [{B13E4846-CB4C-4980-AD7D-3F245C473619}] => (Allow) C:\Program Files (x86)\Raptr\raptr_im.exe FirewallRules: [{53BB0631-B32B-440D-A4CA-0591D910A5DC}] => (Allow) C:\Program Files (x86)\Raptr\raptr_im.exe FirewallRules: [{63B052D8-88D6-4EEE-ADA8-60D851A0372D}] => (Allow) F:\Program Files\Directory Lister Pro\DirListerPro.exe FirewallRules: [{0C6E54D3-574F-4F0F-BFB7-EB73C0592A45}] => (Allow) F:\Program Files\Directory Lister Pro\DirListerPro.exe FirewallRules: [{755EEBD5-375F-498B-BDEA-57819AA72BC2}] => (Allow) F:\Program Files\Directory Lister Pro\DirListerPro.exe FirewallRules: [{9D2F4A71-B8D9-4B73-A42C-BFED8249A4C1}] => (Allow) F:\Program Files\Directory Lister Pro\DirListerPro.exe ==================== Faulty Device Manager Devices ============= Name: Realtek High Definition Audio Description: Realtek High Definition Audio Class Guid: {4d36e96c-e325-11ce-bfc1-08002be10318} Manufacturer: Realtek Service: IntcAzAudAddService Problem: : This device is disabled. (Code 22) Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions. ==================== Event log errors: ========================= Application errors: ================== Error: (08/19/2015 11:18:34 PM) (Source: Application Hang) (EventID: 1002) (User: ) Description: Program MicrosoftEdge.exe w wersji 11.0.10240.16431 przestał współpracować z systemem Windows i został zamknięty. Aby sprawdzić, czy jest dostępnych więcej informacji na temat tego problemu, sprawdź historię problemu w oknie Zabezpieczenia i konserwacja w Panelu sterowania. Identyfikator procesu: edc Godzina rozpoczęcia: 01d0dac46ccb6658 Godzina zakończenia: 4294967295 Ścieżka aplikacji: C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe Identyfikator raportu: d39b3ba9-46b7-11e5-9bd4-00081b8335ad Pełna nazwa pakietu powodującego błąd: Microsoft.MicrosoftEdge_20.10240.16384.0_neutral__8wekyb3d8bbwe Identyfikator aplikacji względem pakietu powodującego błąd: MicrosoftEdge Error: (08/19/2015 11:18:25 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 2484) (User: PAWEL-KOMPUTER) Description: Działanie pakietu Microsoft.MicrosoftEdge_20.10240.16384.0_neutral__8wekyb3d8bbwe+MicrosoftEdge zostało zakończone, ponieważ operacja wstrzymywania pakietu trwała zbyt długo. Error: (08/19/2015 08:46:54 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Nazwa aplikacji powodującej błąd: svchost.exe_Dnscache, wersja: 10.0.10240.16384, sygnatura czasowa: 0x559f38cb Nazwa modułu powodującego błąd: dnsrslvr.dll, wersja: 10.0.10240.16384, sygnatura czasowa: 0x559f3892 Kod wyjątku: 0xc0000005 Przesunięcie błędu: 0x0000000000025131 Identyfikator procesu powodującego błąd: 0x1728 Godzina uruchomienia aplikacji powodującej błąd: 0xsvchost.exe_Dnscache0 Ścieżka aplikacji powodującej błąd: svchost.exe_Dnscache1 Ścieżka modułu powodującego błąd: svchost.exe_Dnscache2 Identyfikator raportu: svchost.exe_Dnscache3 Pełna nazwa pakietu powodującego błąd: svchost.exe_Dnscache4 Identyfikator aplikacji względem pakietu powodującego błąd: svchost.exe_Dnscache5 Error: (08/19/2015 07:42:43 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: PAWEL-KOMPUTER) Description: Aktywacja aplikacji Microsoft.XboxApp_8wekyb3d8bbwe!Microsoft.XboxApp nie powiodła się. Błąd: -2144927148. Więcej informacji można znaleźć w dzienniku Microsoft-Windows-TWinUI/Działa. Error: (08/19/2015 07:42:41 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Nazwa aplikacji powodującej błąd: svchost.exe_Dnscache, wersja: 10.0.10240.16384, sygnatura czasowa: 0x559f38cb Nazwa modułu powodującego błąd: dnsrslvr.dll, wersja: 10.0.10240.16384, sygnatura czasowa: 0x559f3892 Kod wyjątku: 0xc0000005 Przesunięcie błędu: 0x0000000000025131 Identyfikator procesu powodującego błąd: 0x13e8 Godzina uruchomienia aplikacji powodującej błąd: 0xsvchost.exe_Dnscache0 Ścieżka aplikacji powodującej błąd: svchost.exe_Dnscache1 Ścieżka modułu powodującego błąd: svchost.exe_Dnscache2 Identyfikator raportu: svchost.exe_Dnscache3 Pełna nazwa pakietu powodującego błąd: svchost.exe_Dnscache4 Identyfikator aplikacji względem pakietu powodującego błąd: svchost.exe_Dnscache5 Error: (08/19/2015 03:55:27 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: PAWEL-KOMPUTER) Description: Aktywacja aplikacji Microsoft.XboxApp_8wekyb3d8bbwe!Microsoft.XboxApp nie powiodła się. Błąd: -2144927148. Więcej informacji można znaleźć w dzienniku Microsoft-Windows-TWinUI/Działa. Error: (08/19/2015 03:55:23 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Nazwa aplikacji powodującej błąd: svchost.exe_Dnscache, wersja: 10.0.10240.16384, sygnatura czasowa: 0x559f38cb Nazwa modułu powodującego błąd: dnsrslvr.dll, wersja: 10.0.10240.16384, sygnatura czasowa: 0x559f3892 Kod wyjątku: 0xc0000005 Przesunięcie błędu: 0x0000000000025131 Identyfikator procesu powodującego błąd: 0x5d4 Godzina uruchomienia aplikacji powodującej błąd: 0xsvchost.exe_Dnscache0 Ścieżka aplikacji powodującej błąd: svchost.exe_Dnscache1 Ścieżka modułu powodującego błąd: svchost.exe_Dnscache2 Identyfikator raportu: svchost.exe_Dnscache3 Pełna nazwa pakietu powodującego błąd: svchost.exe_Dnscache4 Identyfikator aplikacji względem pakietu powodującego błąd: svchost.exe_Dnscache5 Error: (08/19/2015 02:37:13 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: PAWEL-KOMPUTER) Description: Aktywacja aplikacji Microsoft.Windows.Cortana_cw5n1h2txyewy!CortanaUI nie powiodła się. Błąd: -2144927141. Więcej informacji można znaleźć w dzienniku Microsoft-Windows-TWinUI/Działa. Error: (08/19/2015 11:13:56 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: PAWEL-KOMPUTER) Description: Aktywacja aplikacji Microsoft.XboxApp_8wekyb3d8bbwe!Microsoft.XboxApp nie powiodła się. Błąd: -2144927148. Więcej informacji można znaleźć w dzienniku Microsoft-Windows-TWinUI/Działa. Error: (08/19/2015 11:13:54 AM) (Source: Application Error) (EventID: 1000) (User: ) Description: Nazwa aplikacji powodującej błąd: svchost.exe_Dnscache, wersja: 10.0.10240.16384, sygnatura czasowa: 0x559f38cb Nazwa modułu powodującego błąd: dnsrslvr.dll, wersja: 10.0.10240.16384, sygnatura czasowa: 0x559f3892 Kod wyjątku: 0xc0000005 Przesunięcie błędu: 0x0000000000025131 Identyfikator procesu powodującego błąd: 0x1f10 Godzina uruchomienia aplikacji powodującej błąd: 0xsvchost.exe_Dnscache0 Ścieżka aplikacji powodującej błąd: svchost.exe_Dnscache1 Ścieżka modułu powodującego błąd: svchost.exe_Dnscache2 Identyfikator raportu: svchost.exe_Dnscache3 Pełna nazwa pakietu powodującego błąd: svchost.exe_Dnscache4 Identyfikator aplikacji względem pakietu powodującego błąd: svchost.exe_Dnscache5 System errors: ============= Error: (08/19/2015 11:13:28 PM) (Source: Service Control Manager) (EventID: 7024) (User: ) Description: Usługa Usługa nasłuchująca grup domowych zakończyła działanie; wystąpił następujący specyficzny dla niej błąd: %%2147944153 Error: (08/19/2015 11:12:53 PM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: Usługa Dostęp do danych użytkownika_Session1 niespodziewanie zakończyła pracę. Wystąpiło to razy: 1. W przeciągu 10000 milisekund zostanie podjęta następująca czynność korekcyjna: Uruchom usługę ponownie. Error: (08/19/2015 11:12:53 PM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: Usługa Magazyn danych użytkownika_Session1 niespodziewanie zakończyła pracę. Wystąpiło to razy: 1. W przeciągu 10000 milisekund zostanie podjęta następująca czynność korekcyjna: Uruchom usługę ponownie. Error: (08/19/2015 11:12:53 PM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: Usługa Dane kontaktowe_Session1 niespodziewanie zakończyła pracę. Wystąpiło to razy: 1. W przeciągu 10000 milisekund zostanie podjęta następująca czynność korekcyjna: Uruchom usługę ponownie. Error: (08/19/2015 11:12:53 PM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: Usługa Synchronizuj hosta_Session1 niespodziewanie zakończyła pracę. Wystąpiło to razy: 1. W przeciągu 10000 milisekund zostanie podjęta następująca czynność korekcyjna: Uruchom usługę ponownie. Error: (08/19/2015 10:46:02 PM) (Source: Service Control Manager) (EventID: 7024) (User: ) Description: Usługa Usługa nasłuchująca grup domowych zakończyła działanie; wystąpił następujący specyficzny dla niej błąd: %%2147944153 Error: (08/19/2015 10:45:24 PM) (Source: Service Control Manager) (EventID: 7032) (User: ) Description: Menedżer sterowania usługami próbował podjąć akcję korekcyjną (Uruchom usługę ponownie) po nieoczekiwanym zakończeniu usługi Windows Search, ale ta akcja nie powiodła się przy następującym błędzie: %%1056. Error: (08/19/2015 10:45:03 PM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: Usługa Dostęp do danych użytkownika_Session1 niespodziewanie zakończyła pracę. Wystąpiło to razy: 1. W przeciągu 10000 milisekund zostanie podjęta następująca czynność korekcyjna: Uruchom usługę ponownie. Error: (08/19/2015 10:45:03 PM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: Usługa Magazyn danych użytkownika_Session1 niespodziewanie zakończyła pracę. Wystąpiło to razy: 1. W przeciągu 10000 milisekund zostanie podjęta następująca czynność korekcyjna: Uruchom usługę ponownie. Error: (08/19/2015 10:45:03 PM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: Usługa Dane kontaktowe_Session1 niespodziewanie zakończyła pracę. Wystąpiło to razy: 1. W przeciągu 10000 milisekund zostanie podjęta następująca czynność korekcyjna: Uruchom usługę ponownie. Microsoft Office: ========================= Error: (08/19/2015 11:18:34 PM) (Source: Application Hang) (EventID: 1002) (User: ) Description: MicrosoftEdge.exe11.0.10240.16431edc01d0dac46ccb66584294967295C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exed39b3ba9-46b7-11e5-9bd4-00081b8335adMicrosoft.MicrosoftEdge_20.10240.16384.0_neutral__8wekyb3d8bbweMicrosoftEdge Error: (08/19/2015 11:18:25 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 2484) (User: PAWEL-KOMPUTER) Description: Microsoft.MicrosoftEdge_20.10240.16384.0_neutral__8wekyb3d8bbwe+MicrosoftEdge Error: (08/19/2015 08:46:54 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: svchost.exe_Dnscache10.0.10240.16384559f38cbdnsrslvr.dll10.0.10240.16384559f3892c00000050000000000025131172801d0daa672634116C:\WINDOWS\system32\svchost.exec:\windows\system32\dnsrslvr.dllef8837f4-e7b0-4293-96cd-9b24977a77f0 Error: (08/19/2015 07:42:43 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: PAWEL-KOMPUTER) Description: Microsoft.XboxApp_8wekyb3d8bbwe!Microsoft.XboxApp-2144927148 Error: (08/19/2015 07:42:41 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: svchost.exe_Dnscache10.0.10240.16384559f38cbdnsrslvr.dll10.0.10240.16384559f3892c0000005000000000002513113e801d0da86b1e7f6ceC:\WINDOWS\System32\svchost.exec:\windows\system32\dnsrslvr.dll60f0d735-4033-4289-ae74-6df92c31907e Error: (08/19/2015 03:55:27 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: PAWEL-KOMPUTER) Description: Microsoft.XboxApp_8wekyb3d8bbwe!Microsoft.XboxApp-2144927148 Error: (08/19/2015 03:55:23 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: svchost.exe_Dnscache10.0.10240.16384559f38cbdnsrslvr.dll10.0.10240.16384559f3892c000000500000000000251315d401d0da7bd9a42faaC:\WINDOWS\System32\svchost.exec:\windows\system32\dnsrslvr.dllad24fc8b-e709-4dd4-a1d8-7ceece3fa633 Error: (08/19/2015 02:37:13 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: PAWEL-KOMPUTER) Description: Microsoft.Windows.Cortana_cw5n1h2txyewy!CortanaUI-2144927141 Error: (08/19/2015 11:13:56 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: PAWEL-KOMPUTER) Description: Microsoft.XboxApp_8wekyb3d8bbwe!Microsoft.XboxApp-2144927148 Error: (08/19/2015 11:13:54 AM) (Source: Application Error) (EventID: 1000) (User: ) Description: svchost.exe_Dnscache10.0.10240.16384559f38cbdnsrslvr.dll10.0.10240.16384559f3892c000000500000000000251311f1001d0da4d26e7eb7bC:\WINDOWS\system32\svchost.exec:\windows\system32\dnsrslvr.dll44982221-28d8-4470-9d6c-e9bd8d94f6a4 CodeIntegrity: =================================== Date: 2015-08-19 22:43:45.977 Description: Code Integrity determined that a process (\Device\HarddiskVolume7\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume7\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2015-08-19 22:43:45.922 Description: Code Integrity determined that a process (\Device\HarddiskVolume7\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume7\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2015-08-01 09:44:02.503 Description: Code Integrity determined that a process (\Device\HarddiskVolume7\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume7\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2015-08-01 09:44:02.473 Description: Code Integrity determined that a process (\Device\HarddiskVolume7\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume7\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2015-08-01 09:44:02.446 Description: Code Integrity determined that a process (\Device\HarddiskVolume7\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume7\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2015-08-01 09:44:02.419 Description: Code Integrity determined that a process (\Device\HarddiskVolume7\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume7\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2015-08-01 09:44:02.387 Description: Code Integrity determined that a process (\Device\HarddiskVolume7\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume7\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2015-08-01 09:44:02.361 Description: Code Integrity determined that a process (\Device\HarddiskVolume7\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume7\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2015-08-01 09:44:02.335 Description: Code Integrity determined that a process (\Device\HarddiskVolume7\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume7\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2015-08-01 09:44:02.307 Description: Code Integrity determined that a process (\Device\HarddiskVolume7\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume7\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements. ==================== Memory info =========================== Processor: AMD FX(tm)-8350 Eight-Core Processor Percentage of memory in use: 18% Total physical RAM: 16283.48 MB Available physical RAM: 13305.31 MB Total Virtual: 18715.48 MB Available Virtual: 15245.8 MB ==================== Drives ================================ Drive c: (System) (Fixed) (Total:57.64 GB) (Free:17.27 GB) NTFS Drive d: (Program Files) (Fixed) (Total:60.65 GB) (Free:50.23 GB) NTFS Drive f: (Programy) (Fixed) (Total:100 GB) (Free:47.69 GB) NTFS Drive g: (Dokumenty) (Fixed) (Total:243.61 GB) (Free:115.73 GB) NTFS ==================== MBR & Partition Table ================== ======================================================== Disk: 0 (MBR Code: Windows 7 or 8) (Size: 372.6 GB) (Disk ID: 61EE13A0) Partition 1: (Not Active) - (Size=29 GB) - (Type=07 NTFS) Partition 2: (Not Active) - (Size=100 GB) - (Type=07 NTFS) Partition 3: (Not Active) - (Size=243.6 GB) - (Type=OF Extended) ======================================================== Disk: 1 (Size: 119.2 GB) (Disk ID: 246B2225) Partition: GPT. ==================== End of log ============================