Additional scan result of Farbar Recovery Scan Tool (x64) Version:15-09-2015 Ran by Kamil (2015-09-18 09:06:42) Running from C:\Users\Kamil\Downloads Windows 7 Ultimate Service Pack 1 (X64) (2013-10-28 13:52:19) Boot Mode: Normal ========================================================== ==================== Accounts: ============================= Administrator (S-1-5-21-1366293752-3190974027-3552667834-500 - Administrator - Disabled) Guest (S-1-5-21-1366293752-3190974027-3552667834-501 - Limited - Disabled) HomeGroupUser$ (S-1-5-21-1366293752-3190974027-3552667834-1003 - Limited - Enabled) Kamil (S-1-5-21-1366293752-3190974027-3552667834-1000 - Administrator - Enabled) => C:\Users\Kamil ==================== Security Center ======================== (If an entry is included in the fixlist, it will be removed.) AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B} AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736} ==================== Installed Programs ====================== (Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.) µTorrent (HKU\S-1-5-21-1366293752-3190974027-3552667834-1000\...\uTorrent) (Version: 3.4.2.39744 - BitTorrent Inc.) Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 4.0.0.1390 - Adobe Systems Incorporated) Adobe Flash Player 18 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 18.0.0.232 - Adobe Systems Incorporated) Adobe Flash Player 18 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 18.0.0.209 - Adobe Systems Incorporated) Adobe Reader XI (11.0.12) - Polish (HKLM-x32\...\{AC76BA86-7AD7-1045-7B44-AB0000000001}) (Version: 11.0.12 - Adobe Systems Incorporated) AMD Catalyst Install Manager (HKLM\...\{308051DA-0048-7A07-FE8B-9B6EC119A9E8}) (Version: 8.0.915.0 - Advanced Micro Devices, Inc.) Assassins Creed IV Black Flag (HKLM-x32\...\QXNzYXNzaW5zQ3JlZWRJVkJsYWNrRmxhZw==_is1) (Version: 1 - ) Avast Free Antivirus (HKLM-x32\...\avast) (Version: 10.2.2215 - AVAST Software) Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment) Beard and Hairstyle Set (HKLM-x32\...\Beard and Hairstyle Set_is1) (Version: 1.0.0.0 - GOG.com) bwin Poker (HKLM-x32\...\bwincomPoker) (Version: - bwincom) CCleaner (HKLM\...\CCleaner) (Version: 5.09 - Piriform) ChomikBox (HKLM-x32\...\{C7B52FAF-58D8-438C-B810-F78C3C927504}) (Version: 2.0.8.0 - Chomikuj.pl) D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden Defraggler (HKLM\...\Defraggler) (Version: 2.16 - Piriform) Diablo III (HKLM-x32\...\Diablo III) (Version: - Blizzard Entertainment) Dropbox (HKU\S-1-5-21-1366293752-3190974027-3552667834-1000\...\Dropbox) (Version: 3.4.4 - Dropbox, Inc.) e-Deklaracje Desktop (HKLM-x32\...\e-Deklaracje.A1909296681C7ACEFE45687D3A64758C8659BF46.1) (Version: 7.0.1 - Ministerstwo Finansow) e-Deklaracje Desktop (x32 Version: 7.0.1 - Ministerstwo Finansow) Hidden Far Cry 4 (HKLM-x32\...\Far Cry 4_R.G. Mechanics_is1) (Version: - R.G. Mechanics, spider91) Free Video Flip and Rotate version 1.0.8.1215 (HKLM-x32\...\Free Video Flip and Rotate_is1) (Version: 1.0.8.1215 - DVDVideoSoft Ltd.) GOG Galaxy (HKLM-x32\...\{7258BA11-600C-430E-A759-27E2C691A335}_is1) (Version: - GOG.com) Google Chrome (HKLM-x32\...\Google Chrome) (Version: 45.0.2454.93 - Google Inc.) Google Drive (HKLM-x32\...\{12ADFB82-D5A3-43E4-B2F4-FCD9B690315B}) (Version: 1.24.9931.5480 - Google, Inc.) Google Update Helper (x32 Version: 1.3.28.15 - Google Inc.) Hidden HD Tune Pro 5.50 (HKLM-x32\...\HD Tune Pro_is1) (Version: - EFD Software) Java 8 Update 40 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218040F0}) (Version: 8.0.400 - Oracle Corporation) Junk Mail filter update (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden Konserwacja programu Samsung ML-1660 Series (HKLM-x32\...\Samsung ML-1660 Series) (Version: - Samsung Electronics Co., Ltd.) Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation) Microsoft .NET Framework 4.5.2 (Polski) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1045) (Version: 4.5.51209 - Microsoft Corporation) Microsoft Office Professional Plus 2010 (HKLM-x32\...\Office14.PROPLUS) (Version: 14.0.7015.1000 - Microsoft Corporation) Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.40728.0 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2010 Redistributable - x64 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 Redistributable - x86 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{2af972c7-13b0-4978-92a8-fee26a4fb4e9}) (Version: 12.0.21005.1 - Корпорация Майкрософт) Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation) MPC-HC 1.7.0 (HKLM-x32\...\{2624B969-7135-4EB1-B0F6-2D8C397B45F7}_is1) (Version: 1.7.0.7858 - MPC-HC Team) MSVC90_x64 (Version: 1.0.1.2 - Nokia) Hidden MSVC90_x86 (x32 Version: 1.0.1.2 - Nokia) Hidden MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation) MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation) NapiProjekt (2.2.0.2399) (HKLM-x32\...\NapiProjekt_is1) (Version: - ) Nero 2015 (HKLM-x32\...\{CB9AE743-D208-4145-8E26-B73A7C96299C}) (Version: 16.0.04200 - Nero AG) Nero Info (HKLM-x32\...\{B791E0AB-87A9-41A4-8D98-D13C2E37D928}) (Version: 16.0.1003 - Nero AG) Oprogramowanie Logitech Unifying 2.50 (HKLM\...\Logitech Unifying) (Version: 2.50.25 - Logitech) Ori and the Blind Forest (HKLM-x32\...\Ori and the Blind Forest_R.G. Mechanics_is1) (Version: - R.G. Mechanics, markfiter) PDFCreator (HKLM-x32\...\{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}) (Version: 1.7.1 - pdfforge) Poczta usługi Windows Live (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden Podstawowe programy Windows Live (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation) Podstawowe programy Windows Live (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden Prerequisite installer (x32 Version: 16.0.0003 - Nero AG) Hidden Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.49.927.2011 - Realtek) Samsung Kies (HKLM-x32\...\InstallShield_{758C8301-2696-4855-AF45-534B1200980A}) (Version: 2.6.2.14014_6 - Samsung Electronics Co., Ltd.) Samsung Kies (x32 Version: 2.6.2.14014_6 - Samsung Electronics Co., Ltd.) Hidden SAMSUNG USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.33.0 - SAMSUNG Electronics Co., Ltd.) Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version: - Microsoft) StarCraft II (HKLM-x32\...\StarCraft II) (Version: 1.0.0.16117 - Blizzard Entertainment) SubEdit - Vista WMP Patch (HKLM-x32\...\SubEdit - Vista WMP Patch_is1) (Version: 1 - Artur Sikora) SubEdit-Player (HKLM-x32\...\SubEdit-Player_is1) (Version: 4072 - Artur Sikora) Temerian Armor Set (HKLM-x32\...\Temerian Armor Set_is1) (Version: 1.0.0.0 - GOG.com) The Witcher 2 - Assassins of Kings Enhanced Edition (HKLM-x32\...\GOGPACKTHEWITCHER2EE_is1) (Version: 3.4.0.25 - GOG.com) The Witcher 3 - Wild Hunt (HKLM-x32\...\1207664643_is1) (Version: 1.0.4.0 - GOG.com) This War of Mine (HKLM-x32\...\{5FD7B6B3-08C7-4FEE-9C37-A2134C699885}}_is1) (Version: 1 - 11 bit studios) TimeComX - Automation Software (HKLM-x32\...\TimeComX) (Version: 1.2.4.10 - Bitdreamers) Total Commander (Remove or Repair) (HKLM-x32\...\Totalcmd) (Version: - ) TP-LINK 150Mbps Wireless N USB Adapter Driver (HKLM-x32\...\{38A1E3ED-D913-41D2-9953-A93D5ACE3ADF}) (Version: 1.3.1 - TP-LINK) TP-LINK Wireless Configuration Utility (HKLM-x32\...\{319D91C6-3D44-436C-9F79-36C0D22372DC}) (Version: 1.3.1 - TP-LINK) VirtualCloneDrive (HKLM-x32\...\VirtualCloneDrive) (Version: - Elaborate Bytes) Visual Studio C++ 10.0 Runtime (HKLM-x32\...\{4412F224-3849-4461-A3E9-DEEF8D252790}) (Version: 10.0.0 - TomTom International B.V.) VLC media player 2.1.2 (HKLM-x32\...\VLC media player) (Version: 2.1.2 - VideoLAN) Windows 7 USB/DVD Download Tool (HKLM-x32\...\{CCF298AF-9CE1-4B26-B251-486E98A34789}) (Version: 1.0.30 - Microsoft Corporation) WinRAR 4.00 (64-bit) (HKLM\...\WinRAR archiver) (Version: 4.00.0 - win.rar GmbH) WRC 4 FIA World Rally Championship Update 1 (HKLM-x32\...\V1JDNEZJQVdvcmxkUmFsbHlDaGFtcGlvbnNoaXA=_is1) (Version: 1 - ) Wtyczka e-Deklaracje (HKLM-x32\...\{81BF6353-3C5B-4E6E-A566-7E162A00BF72}_is1) (Version: 4.1.0 - Ministerstwo Finansów) XnView 2.05 (HKLM-x32\...\XnView_is1) (Version: 2.05 - Gougelet Pierre-e) ==================== Custom CLSID (Whitelisted): ========================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) CustomCLSID: HKU\S-1-5-21-1366293752-3190974027-3552667834-1000_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Kamil\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-1366293752-3190974027-3552667834-1000_Classes\CLSID\{ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C}\InprocServer32 -> C:\Users\Kamil\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-1366293752-3190974027-3552667834-1000_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Kamil\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-1366293752-3190974027-3552667834-1000_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Kamil\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-1366293752-3190974027-3552667834-1000_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Kamil\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-1366293752-3190974027-3552667834-1000_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Kamil\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-1366293752-3190974027-3552667834-1000_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Kamil\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-1366293752-3190974027-3552667834-1000_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Kamil\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-1366293752-3190974027-3552667834-1000_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Kamil\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-1366293752-3190974027-3552667834-1000_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Kamil\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.) ==================== Restore Points ========================= ATTENTION: System Restore is disabled ==================== Hosts content: =============================== (If needed Hosts: directive could be included in the fixlist to reset Hosts.) 2009-07-14 04:34 - 2009-06-10 23:00 - 00000824 ____N C:\Windows\system32\Drivers\etc\hosts ==================== Scheduled Tasks (Whitelisted) ============= (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) Task: {282519D0-1032-44F7-BDE1-33BE5EA5746D} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2015-08-20] (Piriform Ltd) Task: {3F219FC9-B6CF-483C-8B4E-4C275143EE49} - System32\Tasks\kqGjQfQc => C:\Users\Kamil\AppData\Roaming\kqGjQfQc.exe [2015-04-20] () <==== ATTENTION Task: {7B231E8E-A04C-452F-A103-889EF7583E15} - System32\Tasks\{EFAD0F0E-1161-421C-84B6-426E07F08B7C} => pcalua.exe -a "e:\The Crew\The Crew (Russian)\Support\InsHelper.exe" -c CallUplayProtocol Uninstall 507 Task: {7EBB78B7-10E6-437C-A9D6-3D353C065665} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-07-07] (Adobe Systems Incorporated) Task: {A752D64C-9317-4420-9994-9B55E3D40174} - System32\Tasks\HGKB => Rundll32.exe "C:\Windows\SysWOW64\d3dim700J.dll",rggi Task: {B96066B2-0862-46C0-A8E7-833DF5F41D8E} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-09-02] (Google Inc.) Task: {D48D2106-7E96-42A1-9F90-E224736387DD} - System32\Tasks\Nero\Nero Info => C:\Program Files (x86)\Common Files\Nero\Nero Info\NeroInfo.exe [2014-07-21] (Nero AG) Task: {E8C42149-FBD2-46ED-95D4-32BCDFE19F7E} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-09-17] (Adobe Systems Incorporated) Task: {F25861A1-C724-4B0F-BB19-DF2EA8926873} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-09-02] (Google Inc.) Task: {F5295FD9-C9FC-4CA4-9485-DD6316935CC3} - System32\Tasks\Microsoft\Windows\Application Experience\ProgramDataUpdater => Rundll32.exe invagent.dll,RunUpdate -noappraiser Task: {FD9D2C68-9093-4E14-90E1-4F52A5BD2FE5} - System32\Tasks\avast! Emergency Update => C:\Program Files\Alwil Software\Avast5\AvastEmUpdate.exe [2015-06-28] (Avast Software s.r.o.) (If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.) Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\HGKB.job => C:\Windows\system32\rundll32.exe C:\Windows\SysWOW64\d3dim700J.dll Task: C:\Windows\Tasks\kqGjQfQc.job => C:\Users\Kamil\AppData\Roaming\kqGjQfQc.exe <==== ATTENTION ==================== Loaded Modules (Whitelisted) ============== 2013-11-02 23:09 - 2011-06-22 08:48 - 00034304 _____ () C:\Windows\System32\ssp7ml6.dll 2013-10-29 04:25 - 2014-11-24 18:37 - 00008192 _____ () C:\Windows\SysWOW64\srvany.exe 2013-10-29 04:25 - 2014-11-24 18:37 - 00151552 _____ () C:\Windows\KMService.exe 2015-09-18 08:58 - 2015-09-18 08:58 - 00380416 _____ () C:\Users\Kamil\Downloads\l71yu3xp.exe 2015-03-30 13:01 - 2015-03-30 13:01 - 00104400 _____ () C:\Program Files\Alwil Software\Avast5\log.dll 2015-03-30 13:01 - 2015-03-30 13:01 - 00081728 _____ () C:\Program Files\Alwil Software\Avast5\JsonRpcServer.dll 2015-09-17 20:31 - 2015-09-17 20:31 - 02964480 _____ () C:\Program Files\Alwil Software\Avast5\defs\15091703\algo.dll 2015-03-30 13:01 - 2015-03-30 13:01 - 40540672 _____ () C:\Program Files\Alwil Software\Avast5\libcef.dll 2013-09-05 01:14 - 2013-09-05 01:14 - 04300456 _____ () C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF 2015-09-16 15:24 - 2015-09-12 02:22 - 01501512 _____ () C:\Program Files (x86)\Google\Chrome\Application\45.0.2454.93\libglesv2.dll 2015-09-16 15:24 - 2015-09-12 02:22 - 00081224 _____ () C:\Program Files (x86)\Google\Chrome\Application\45.0.2454.93\libegl.dll ==================== Alternate Data Streams (Whitelisted) ========= (If an entry is included in the fixlist, only the ADS will be removed.) ==================== Safe Mode (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.) HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PEVSystemStart => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\procexp90.Sys => ""="Driver" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\PEVSystemStart => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\procexp90.Sys => ""="Driver" ==================== EXE Association (Whitelisted) =============== (If an entry is included in the fixlist, the registry item will be restored to default or removed.) ==================== Internet Explorer trusted/restricted =============== (If an entry is included in the fixlist, it will be removed from the registry.) IE trusted site: HKU\S-1-5-21-1366293752-3190974027-3552667834-1000\...\samsungsetup.com -> hxxp://www.samsungsetup.com ==================== Other Areas ============================ (Currently there is no automatic fix for this section.) HKU\S-1-5-21-1366293752-3190974027-3552667834-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Kamil\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg DNS Servers: 192.168.43.1 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1) Windows Firewall is enabled. ==================== MSCONFIG/TASK MANAGER disabled items == (Currently there is no automatic fix for this section.) MSCONFIG\Services: AdobeARMservice => 2 MSCONFIG\Services: AdobeFlashPlayerUpdateSvc => 3 MSCONFIG\Services: AMD External Events Utility => 2 MSCONFIG\Services: Blackberry Device Manager => 3 MSCONFIG\Services: gupdate => 2 MSCONFIG\Services: gupdatem => 3 MSCONFIG\Services: NMIndexingService => 3 MSCONFIG\Services: ServiceLayer => 3 MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^TP-LINK Wireless Configuration Utility.lnk => C:\Windows\pss\TP-LINK Wireless Configuration Utility.lnk.CommonStartup MSCONFIG\startupfolder: C:^Users^Kamil^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Dropbox.lnk => C:\Windows\pss\Dropbox.lnk.Startup MSCONFIG\startupreg: Adobe ARM => "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" MSCONFIG\startupreg: BCSSync => "C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServices MSCONFIG\startupreg: BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA} => "C:\Program Files (x86)\Common Files\Ahead\Lib\NMBgMonitor.exe" MSCONFIG\startupreg: CCleaner Monitoring => "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR MSCONFIG\startupreg: GoogleChromeAutoLaunch_46BF133ACA8BEB7ACDB8F921980892DB => "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --no-startup-window MSCONFIG\startupreg: GoogleChromeAutoLaunch_EC53EDA72B75981F8EFFAB705ED8B3F8 => "C:\Program Files (x86)\Crossbrowse\Crossbrowse\Application\crossbrowse.exe" --no-startup-window MSCONFIG\startupreg: GoogleDriveSync => "C:\Program Files (x86)\Google\Drive\googledrivesync.exe" /autostart MSCONFIG\startupreg: KiesAirMessage => C:\Program Files (x86)\Samsung\Kies\KiesAirMessage.exe -startup MSCONFIG\startupreg: KiesPreload => C:\Program Files (x86)\Samsung\Kies\Kies.exe /preload MSCONFIG\startupreg: KiesTrayAgent => C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe MSCONFIG\startupreg: mailruhomesearchvbm => C:\Users\Kamil\AppData\Local\Mail.ru\Sputnik\ptls\mailruhomesearchvbm.exe -ptls MSCONFIG\startupreg: MyDriveConnect.exe => "C:\Program Files (x86)\MyDrive Connect\MyDriveConnect.exe" MSCONFIG\startupreg: RIMBBLaunchAgent.exe => C:\Program Files (x86)\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe MSCONFIG\startupreg: Samsung PanelMgr => C:\Windows\Samsung\PanelMgr\SSMMgr.exe /autorun MSCONFIG\startupreg: Schedule => "C:\ProgramData\Schedule\timetasks.exe" MSCONFIG\startupreg: StartCCC => "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe" MSRun MSCONFIG\startupreg: SunJavaUpdateSched => "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" MSCONFIG\startupreg: uTorrent => "C:\Users\Kamil\AppData\Roaming\uTorrent\uTorrent.exe" MSCONFIG\startupreg: VirtualCloneDrive => "C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe" /s ==================== FirewallRules (Whitelisted) =============== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) FirewallRules: [{D000759C-83FF-4E12-A53E-14C251066246}] => (Allow) C:\Users\Kamil\AppData\Roaming\uTorrent\uTorrent.exe FirewallRules: [{97C45074-935B-46ED-BAD6-B105D6C6A10E}] => (Allow) C:\Users\Kamil\AppData\Roaming\uTorrent\uTorrent.exe FirewallRules: [TCP Query User{955C2514-CEE5-43A5-A914-E728CBEA6EBB}E:\world of warplanes\wowplauncher.exe] => (Allow) E:\world of warplanes\wowplauncher.exe FirewallRules: [UDP Query User{D68D0274-4607-4DEE-A0EB-726116185DAF}E:\world of warplanes\wowplauncher.exe] => (Allow) E:\world of warplanes\wowplauncher.exe FirewallRules: [TCP Query User{568DD7AD-C921-44D5-9B2D-952D7018F35A}E:\assassins creed iii\ac3sp.exe] => (Allow) E:\assassins creed iii\ac3sp.exe FirewallRules: [UDP Query User{1D64A47C-223B-46D5-B193-2673FEBE2035}E:\assassins creed iii\ac3sp.exe] => (Allow) E:\assassins creed iii\ac3sp.exe FirewallRules: [TCP Query User{1C225BD0-26B6-4D57-B2F3-0197510AD7ED}C:\program files (x86)\videolan\vlc\vlc.exe] => (Allow) C:\program files (x86)\videolan\vlc\vlc.exe FirewallRules: [UDP Query User{0CBF54EB-216D-4FD1-A95D-B1C10F2AC2C4}C:\program files (x86)\videolan\vlc\vlc.exe] => (Allow) C:\program files (x86)\videolan\vlc\vlc.exe FirewallRules: [TCP Query User{8994C3F7-02D4-4BD0-8E1F-4C2B041CE844}E:\wrc 4\wrc4.exe] => (Allow) E:\wrc 4\wrc4.exe FirewallRules: [UDP Query User{5AE02775-10D0-4A66-B856-DE6F62570A57}E:\wrc 4\wrc4.exe] => (Allow) E:\wrc 4\wrc4.exe FirewallRules: [{8090205A-755D-4BE5-8B9A-2B7EB07D5E72}] => (Allow) C:\Program Files (x86)\GoforFiles\goforfilesdl.exe FirewallRules: [{67F0AD41-93FD-4AB2-83A5-8D970911ABBF}] => (Allow) C:\Program Files (x86)\GoforFiles\goforfilesdl.exe FirewallRules: [{7200EA8F-DB1E-4C4A-8FEB-BA3038A3CAC0}] => (Allow) C:\Program Files (x86)\GoforFiles\GoforFiles.exe FirewallRules: [{7A45AA9B-BCC5-4094-8881-B926C432846E}] => (Allow) C:\Program Files (x86)\GoforFiles\GoforFiles.exe FirewallRules: [{30110015-50D3-4063-BDD9-4AF013F5EA6D}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.524\Agent.exe FirewallRules: [{D79DD05C-F424-4F57-9664-0CA6E6592F71}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.524\Agent.exe FirewallRules: [{68B064C8-8773-43AF-892D-3A05C4DCC713}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2689\Agent.exe FirewallRules: [{6195E727-E0E7-4F2E-9655-202C8FE1B8F9}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2689\Agent.exe FirewallRules: [{01AC69B8-0EE6-418E-9B4A-BEFAB0FB3F74}] => (Allow) E:\Diablo III\Diablo III.exe FirewallRules: [{BAA286CD-775F-4D32-B817-6DE63A75F6A8}] => (Allow) E:\Diablo III\Diablo III.exe FirewallRules: [{C6A33A3E-59FA-4764-A24B-D278A50C1BF2}] => (Allow) C:\Program Files (x86)\Battle.net\Battle.net.exe FirewallRules: [{105A28F7-AEA8-454C-99FF-0064D5B4A3C0}] => (Allow) C:\Program Files (x86)\Battle.net\Battle.net.exe FirewallRules: [{897AA184-5AC4-4D65-A0C6-88CC44D048A0}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2717\Agent.exe FirewallRules: [{501CFE1E-0F42-42C5-A12E-5AE19DE962B1}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2717\Agent.exe FirewallRules: [{B95D0245-12AA-49F3-B17A-F850134E8646}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.beta.2737\Agent.exe FirewallRules: [{299BFC7A-D94F-43AE-8F40-3D16B816F5C2}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.beta.2737\Agent.exe FirewallRules: [{31F194E9-12B8-4D46-AB84-9ED0F5E2B043}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.beta.2753\Agent.exe FirewallRules: [{BD70A067-0973-4EE2-8134-CBE2FC659F0F}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.beta.2753\Agent.exe FirewallRules: [{F294BCD2-D97E-495B-8C61-772FF067BBC6}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe FirewallRules: [{C8705C6F-8E94-4736-8055-6E6F92807785}] => (Allow) LPort=2869 FirewallRules: [{E247DF4E-E598-4F99-9887-E71242F4A447}] => (Allow) LPort=1900 FirewallRules: [{C58479DE-2124-4AD6-A449-AEAE319F97BC}] => (Allow) C:\Users\Kamil\AppData\Roaming\uTorrent\uTorrent.exe FirewallRules: [{58943791-592D-42B8-86FA-70E8FC379609}] => (Allow) C:\Users\Kamil\AppData\Roaming\uTorrent\uTorrent.exe FirewallRules: [{06E82E3F-9EC1-46FA-9718-9D68B110F5ED}] => (Allow) E:\WATCH_DOGS\bin\Watch_Dogs.exe FirewallRules: [{C10D8F88-ABFC-42FE-98D3-8CBC2D5A81F8}] => (Allow) E:\WATCH_DOGS\bin\Watch_Dogs.exe FirewallRules: [TCP Query User{A4C14BB8-DF7D-4245-9CBF-75DDFFCFEAD4}E:\enemy front\bin32\enemyfront.exe] => (Allow) E:\enemy front\bin32\enemyfront.exe FirewallRules: [UDP Query User{14E5BF1E-9C9E-43EE-B623-D5E6F3333349}E:\enemy front\bin32\enemyfront.exe] => (Allow) E:\enemy front\bin32\enemyfront.exe FirewallRules: [TCP Query User{9E71FFE3-2C60-41E8-88D3-3C36587D50B7}E:\wrc 4\wrc4.exe] => (Block) E:\wrc 4\wrc4.exe FirewallRules: [UDP Query User{19CA489F-7099-43FE-8DC2-94B9A6C40CE4}E:\wrc 4\wrc4.exe] => (Block) E:\wrc 4\wrc4.exe FirewallRules: [{4CE54115-394B-44F9-8430-3BFAC439E25D}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3286\Agent.exe FirewallRules: [{311EF076-2130-4832-96C6-A1E271DBE0D1}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3286\Agent.exe FirewallRules: [{DB9E7F9E-6869-4CF9-9B9D-431792C3481E}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3322\Agent.exe FirewallRules: [{A767393C-F64D-4880-9A15-9ED6D406C470}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3322\Agent.exe FirewallRules: [{5069317E-0832-48DA-8413-E6BF297686B7}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3323\Agent.exe FirewallRules: [{86EA06C4-5AF5-4B92-8614-268AAAF7F4A8}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3323\Agent.exe FirewallRules: [{6782C0D2-A98B-46D1-94EB-8C8666642CEC}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3346\Agent.exe FirewallRules: [{9736723D-16B7-439B-889C-589132C84441}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3346\Agent.exe FirewallRules: [{31D5E3B7-721F-425C-B2D7-2C2AE0A3A345}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3372\Agent.exe FirewallRules: [{C99B67A1-D908-4650-84BC-23ACA1122BD6}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3372\Agent.exe FirewallRules: [{1E01301E-4D49-49A3-8A15-3557216D365D}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3427\Agent.exe FirewallRules: [{DC2D55F2-6402-4CC4-8964-CE93D45128A0}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3427\Agent.exe FirewallRules: [{90050A67-9144-4D6B-B957-EBB65C03560D}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3454\Agent.exe FirewallRules: [{A9CE8576-EEDE-4C93-9693-D79CC30CD19E}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3454\Agent.exe FirewallRules: [{72E220D3-4823-492D-8A6C-F6B6402ABEFE}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3507\Agent.exe FirewallRules: [{751F7772-1634-4ABF-A493-67555F880A13}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3507\Agent.exe FirewallRules: [{951D89AB-8CB3-4221-A588-C871A942C650}] => (Allow) E:\StarCraft II\StarCraft II.exe FirewallRules: [{8ABFE223-CE70-497D-BE78-8DAF75DEE9A2}] => (Allow) E:\StarCraft II\StarCraft II.exe FirewallRules: [TCP Query User{2F585F04-E32E-4270-A4C0-75634E00DB25}E:\starcraft ii\versions\base15405\sc2.exe] => (Allow) E:\starcraft ii\versions\base15405\sc2.exe FirewallRules: [UDP Query User{DBB4B888-1FC4-4B37-BD83-C91B47D763C6}E:\starcraft ii\versions\base15405\sc2.exe] => (Allow) E:\starcraft ii\versions\base15405\sc2.exe FirewallRules: [TCP Query User{77EAA7FC-5445-473C-8D89-10CB87D6B32B}E:\the witcher 2 enhanced edition\bin\witcher2.exe] => (Allow) E:\the witcher 2 enhanced edition\bin\witcher2.exe FirewallRules: [UDP Query User{21DFA4A7-EDCE-4B48-B804-0DC22468EB59}E:\the witcher 2 enhanced edition\bin\witcher2.exe] => (Allow) E:\the witcher 2 enhanced edition\bin\witcher2.exe FirewallRules: [TCP Query User{1FC0A8E2-098D-4200-BB0F-B6B60E801C7F}E:\far cry 4\bin\farcry4.exe] => (Allow) E:\far cry 4\bin\farcry4.exe FirewallRules: [UDP Query User{1FB30806-8C43-42C2-A700-EC0B7BCA1B8E}E:\far cry 4\bin\farcry4.exe] => (Allow) E:\far cry 4\bin\farcry4.exe FirewallRules: [{36F38945-B21F-4928-A9D4-DFBB82DC77A2}] => (Allow) C:\Program Files (x86)\Nero\Nero Blu-ray Player\Blu-rayPlayer.exe FirewallRules: [{4338C057-76F0-43AD-9D0F-4BB8D017FDB3}] => (Allow) C:\Program Files (x86)\Nero\Nero Blu-ray Player\Blu-rayPlayer.exe FirewallRules: [{E2F2E764-B4E3-4B96-8D41-E2D34ECA9D1D}] => (Allow) C:\Program Files (x86)\Nero\Nero 2015\Nero Burning ROM\StartNBR.exe FirewallRules: [{EB833617-A430-4338-A102-DFF94C0B3BFA}] => (Allow) C:\Program Files (x86)\Nero\Nero 2015\Nero Burning ROM\nero.exe FirewallRules: [TCP Query User{748E6C31-327C-40C2-893E-E01E2487710E}E:\the vanishing of ethan carter\binaries\win64\astronautsgame-win64-shipping.exe] => (Allow) E:\the vanishing of ethan carter\binaries\win64\astronautsgame-win64-shipping.exe FirewallRules: [UDP Query User{A07641F7-FB9B-4B3D-8F79-DCB4556A372F}E:\the vanishing of ethan carter\binaries\win64\astronautsgame-win64-shipping.exe] => (Allow) E:\the vanishing of ethan carter\binaries\win64\astronautsgame-win64-shipping.exe FirewallRules: [TCP Query User{4AEE08D7-99BE-41D2-AA91-93BEE9020080}E:\far cry 4\bin\farcry4.exe] => (Allow) E:\far cry 4\bin\farcry4.exe FirewallRules: [UDP Query User{5046D51B-A77A-4CA7-B2CB-2B3B6164E019}E:\far cry 4\bin\farcry4.exe] => (Allow) E:\far cry 4\bin\farcry4.exe FirewallRules: [{83F2EC55-96C2-4296-868B-1549922F9188}] => (Allow) C:\Program Files\Alwil Software\Avast5\ng\vbox\aswFe.exe FirewallRules: [{F32A245F-2F89-4EEB-AEFC-418D1151471A}] => (Allow) C:\Program Files\Alwil Software\Avast5\ng\vbox\aswFe.exe FirewallRules: [{63DB699C-9052-472A-81BE-304311662767}] => (Allow) C:\Users\Kamil\AppData\Roaming\Dropbox\bin\Dropbox.exe FirewallRules: [{86370FFF-5ACC-4AC6-9BFC-4E05F31AADF6}] => (Allow) C:\Users\Kamil\AppData\Roaming\Dropbox\bin\Dropbox.exe FirewallRules: [{78720794-9323-4000-8F77-13534EC38601}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe FirewallRules: [{5FFC9D5A-7790-452E-9555-4CC31161E92A}] => (Allow) C:\Program Files (x86)\Crossbrowse\Crossbrowse\Application\crossbrowse.exe ==================== Faulty Device Manager Devices ============= Name: M:\ Description: USB HS-MS Card Class Guid: {eec5ad98-8080-425f-922a-dabf3de3f69a} Manufacturer: Sony Service: WUDFRd Problem: : Windows has stopped this device because it has reported problems. (Code 43) Resolution: One of the drivers controlling the device notified the operating system that the device failed in some manner. For more information about how to diagnose the problem, see the hardware documentation. Name: N:\ Description: USB HS-SD Card Class Guid: {eec5ad98-8080-425f-922a-dabf3de3f69a} Manufacturer: Sony Service: WUDFRd Problem: : Windows has stopped this device because it has reported problems. (Code 43) Resolution: One of the drivers controlling the device notified the operating system that the device failed in some manner. For more information about how to diagnose the problem, see the hardware documentation. Name: L:\ Description: USB HS-SM Card Class Guid: {eec5ad98-8080-425f-922a-dabf3de3f69a} Manufacturer: Sony Service: WUDFRd Problem: : Windows has stopped this device because it has reported problems. (Code 43) Resolution: One of the drivers controlling the device notified the operating system that the device failed in some manner. For more information about how to diagnose the problem, see the hardware documentation. ==================== Event log errors: ========================= Application errors: ================== Error: (09/18/2015 08:19:57 AM) (Source: Application Hang) (EventID: 1002) (User: ) Description: Program Explorer.EXE w wersji 6.1.7601.17567 zatrzymał interakcję z systemem Windows i został zamknięty. Aby zobaczyć, czy jest dostępnych więcej informacji dotyczących tego problemu, sprawdź historię problemu w panelu sterowania Centrum akcji. Identyfikator procesu: fc4 Godzina rozpoczęcia: 01d0f1d8a45b9f4c Godzina zakończenia: 15 Ścieżka aplikacji: C:\Windows\Explorer.EXE Identyfikator raportu: 4680634d-5dcd-11e5-ba30-1c6f65806f10 Error: (09/17/2015 07:07:57 AM) (Source: Application Hang) (EventID: 1002) (User: ) Description: Program Spyhunter4.exe w wersji 4.20.9.4533 zatrzymał interakcję z systemem Windows i został zamknięty. Aby zobaczyć, czy jest dostępnych więcej informacji dotyczących tego problemu, sprawdź historię problemu w panelu sterowania Centrum akcji. Identyfikator procesu: c1c Godzina rozpoczęcia: 01d0f106214c749b Godzina zakończenia: 16 Ścieżka aplikacji: C:\Program Files\Enigma Software Group\SpyHunter\Spyhunter4.exe Identyfikator raportu: 0d81b56f-5cfa-11e5-acd2-1c6f65806f10 Error: (09/17/2015 07:03:22 AM) (Source: ESENT) (EventID: 215) (User: ) Description: WinMail (1884) WindowsMail0: Tworzenie kopii zapasowej zostało zatrzymane, ponieważ zostało przerwane przez klienta lub nie można nawiązać połączenia z klientem. Error: (09/17/2015 06:54:04 AM) (Source: MsiInstaller) (EventID: 11316) (User: Kamil-PC) Description: Product: globalupdate Helper -- Error 1316. Określone konto już istnieje. Error: (09/17/2015 04:57:24 AM) (Source: Application Error) (EventID: 1000) (User: ) Description: Nazwa aplikacji powodującej błąd: rundll32.exe, wersja: 6.1.7600.16385, sygnatura czasowa: 0x4a5bc637 Nazwa modułu powodującego błąd: ntdll.dll, wersja: 6.1.7601.18939, sygnatura czasowa: 0x55afd843 Kod wyjątku: 0xc0000005 Przesunięcie błędu: 0x00032542 Identyfikator procesu powodującego błąd: 0xd10 Godzina uruchomienia aplikacji powodującej błąd: 0xrundll32.exe0 Ścieżka aplikacji powodującej błąd: rundll32.exe1 Ścieżka modułu powodującego błąd: rundll32.exe2 Identyfikator raportu: rundll32.exe3 Error: (09/16/2015 11:52:56 PM) (Source: Application Hang) (EventID: 1002) (User: ) Description: Program SpyHunter4.exe w wersji 4.20.9.4533 zatrzymał interakcję z systemem Windows i został zamknięty. Aby zobaczyć, czy jest dostępnych więcej informacji dotyczących tego problemu, sprawdź historię problemu w panelu sterowania Centrum akcji. Identyfikator procesu: 137c Godzina rozpoczęcia: 01d0f0c9ff69fba5 Godzina zakończenia: 0 Ścieżka aplikacji: C:\Program Files\Enigma Software Group\SpyHunter\SpyHunter4.exe Identyfikator raportu: 452b1255-5cbd-11e5-b03f-1c6f65806f10 Error: (09/16/2015 06:21:49 PM) (Source: Application Hang) (EventID: 1002) (User: ) Description: Program Explorer.EXE w wersji 6.1.7601.17567 zatrzymał interakcję z systemem Windows i został zamknięty. Aby zobaczyć, czy jest dostępnych więcej informacji dotyczących tego problemu, sprawdź historię problemu w panelu sterowania Centrum akcji. Identyfikator procesu: aa8 Godzina rozpoczęcia: 01d0f09532463aa7 Godzina zakończenia: 327 Ścieżka aplikacji: C:\Windows\Explorer.EXE Identyfikator raportu: ffe1ec57-5c8e-11e5-9825-1c6f65806f10 Error: (09/03/2015 08:19:03 PM) (Source: Application Hang) (EventID: 1002) (User: ) Description: Program Explorer.EXE w wersji 6.1.7601.17567 zatrzymał interakcję z systemem Windows i został zamknięty. Aby zobaczyć, czy jest dostępnych więcej informacji dotyczących tego problemu, sprawdź historię problemu w panelu sterowania Centrum akcji. Identyfikator procesu: 5e8 Godzina rozpoczęcia: 01d0e65d6871ded6 Godzina zakończenia: 16 Ścieżka aplikacji: C:\Windows\Explorer.EXE Identyfikator raportu: 3ec64be2-5268-11e5-9ba2-1c6f65806f10 Error: (08/22/2015 11:58:16 AM) (Source: Application Hang) (EventID: 1002) (User: ) Description: Program Explorer.EXE w wersji 6.1.7601.17567 zatrzymał interakcję z systemem Windows i został zamknięty. Aby zobaczyć, czy jest dostępnych więcej informacji dotyczących tego problemu, sprawdź historię problemu w panelu sterowania Centrum akcji. Identyfikator procesu: 5e0 Godzina rozpoczęcia: 01d0dcaf20966a6e Godzina zakończenia: 16 Ścieżka aplikacji: C:\Windows\Explorer.EXE Identyfikator raportu: 4c50453a-48b4-11e5-8c67-1c6f65806f10 Error: (05/17/2015 04:34:59 PM) (Source: MsiInstaller) (EventID: 1024) (User: Kamil-PC) Description: Produkt: Adobe Reader XI (11.0.10) - Polish - nie można zainstalować aktualizacji '{AC76BA86-7AD7-0000-2550-7A8C40011011}'. Kod błędu 1625. Instalator Windows może tworzyć dzienniki, aby ułatwić rozwiązywanie problemów z instalowaniem pakietów oprogramowania. Użyj następującego łącza, aby uzyskać instrukcje dotyczące włączania obsługi rejestrowania: http://go.microsoft.com/fwlink/?LinkId=23127 System errors: ============= Error: (09/18/2015 08:26:13 AM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: Usługa Windows Search niespodziewanie zakończyła pracę. Wystąpiło to razy: 1. W przeciągu 30000 milisekund zostanie podjęta następująca czynność korekcyjna: Restart the service. Error: (09/18/2015 08:26:12 AM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: Usługa Windows Media Player Network Sharing Service niespodziewanie zakończyła pracę. Wystąpiło to razy: 1. W przeciągu 30000 milisekund zostanie podjęta następująca czynność korekcyjna: Restart the service. Error: (09/18/2015 08:26:12 AM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: Usługa Volume Shadow Copy niespodziewanie zakończyła pracę. Wystąpiło to razy: 1. Error: (09/18/2015 08:26:12 AM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: Usługa Windows Live ID Sign-in Assistant niespodziewanie zakończyła pracę. Wystąpiło to razy: 1. W przeciągu 10000 milisekund zostanie podjęta następująca czynność korekcyjna: Restart the service. Error: (09/18/2015 08:26:12 AM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: Usługa KMService niespodziewanie zakończyła pracę. Wystąpiło to razy: 1. W przeciągu 60000 milisekund zostanie podjęta następująca czynność korekcyjna: Restart the service. Error: (09/18/2015 08:26:12 AM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: Usługa Adobe Acrobat Update Service niespodziewanie zakończyła pracę. Wystąpiło to razy: 1. Error: (09/18/2015 08:26:12 AM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: Usługa Print Spooler niespodziewanie zakończyła pracę. Wystąpiło to razy: 1. W przeciągu 60000 milisekund zostanie podjęta następująca czynność korekcyjna: Restart the service. Error: (09/18/2015 08:26:11 AM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: Usługa Windows Modules Installer niespodziewanie zakończyła pracę. Wystąpiło to razy: 1. W przeciągu 120000 milisekund zostanie podjęta następująca czynność korekcyjna: Restart the service. Error: (09/18/2015 08:03:15 AM) (Source: Microsoft-Windows-LanguagePackSetup) (EventID: 1000) (User: NT AUTHORITY) Description: Inicjacja klienta CBS nie powiodła się. Ostatni błąd: 0x80080005 Error: (09/18/2015 08:03:15 AM) (Source: DCOM) (EventID: 10010) (User: ) Description: {752073A1-23F2-4396-85F0-8FDB879ED0ED} CodeIntegrity: =================================== Date: 2015-05-22 20:45:51.223 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume1\Users\Kamil\AppData\Local\Temp\EverestDriver.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2015-05-22 20:45:51.125 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume1\Users\Kamil\AppData\Local\Temp\EverestDriver.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2015-05-22 20:45:50.375 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume1\Program Files (x86)\Lavalys\EVEREST Home Edition\kerneld.amd64 because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2015-05-22 20:45:50.260 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume1\Program Files (x86)\Lavalys\EVEREST Home Edition\kerneld.amd64 because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2014-11-06 09:54:10.514 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\athurx.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2014-11-06 09:54:10.374 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\athurx.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2014-11-06 09:51:19.577 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\athurx.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2014-11-06 09:51:19.436 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\athurx.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2014-11-06 09:47:31.546 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\athurx.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2014-11-06 09:47:31.405 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\athurx.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. ==================== Memory info =========================== Processor: Intel(R) Core(TM) i3 CPU 550 @ 3.20GHz Percentage of memory in use: 62% Total physical RAM: 3959.49 MB Available physical RAM: 1499.38 MB Total Virtual: 7917.19 MB Available Virtual: 5024.05 MB ==================== Drives ================================ Drive c: (SYSTEM) (Fixed) (Total:68.36 GB) (Free:19.62 GB) NTFS ==>[drive with boot components (obtained from BCD)] Drive d: (Filmy) (Fixed) (Total:233.63 GB) (Free:26.57 GB) NTFS Drive e: (Gry) (Fixed) (Total:195.31 GB) (Free:8.21 GB) NTFS Drive f: (Muzyka) (Fixed) (Total:202.08 GB) (Free:6.34 GB) NTFS ==================== MBR & Partition Table ================== ======================================================== Disk: 0 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: FFBFFFBF) Partition 1: (Active) - (Size=68.4 GB) - (Type=07 NTFS) Partition 2: (Not Active) - (Size=397.4 GB) - (Type=OF Extended) ======================================================== Disk: 1 (Size: 233.6 GB) (Disk ID: 6F48AB5E) Partition 1: (Active) - (Size=233.6 GB) - (Type=07 NTFS) ==================== End of Addition.txt ============================