Additional scan result of Farbar Recovery Scan Tool (x64) Version:08-10-2015 Ran by magda1 (2015-10-09 18:58:21) Running from C:\Users\magda1\Downloads Windows 10 Home (X64) (2015-07-29 21:54:16) Boot Mode: Normal ========================================================== ==================== Accounts: ============================= Administrator (S-1-5-21-1955459496-1287597648-2212735668-500 - Administrator - Disabled) DefaultAccount (S-1-5-21-1955459496-1287597648-2212735668-503 - Limited - Disabled) Guest (S-1-5-21-1955459496-1287597648-2212735668-501 - Limited - Disabled) HomeGroupUser$ (S-1-5-21-1955459496-1287597648-2212735668-1005 - Limited - Enabled) magda1 (S-1-5-21-1955459496-1287597648-2212735668-1001 - Administrator - Enabled) => C:\Users\magda1 ==================== Security Center ======================== (If an entry is included in the fixlist, it will be removed.) AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B} AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736} ==================== Installed Programs ====================== (Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.) Adobe Reader XI (11.0.12) - Polish (HKLM-x32\...\{AC76BA86-7AD7-1045-7B44-AB0000000001}) (Version: 11.0.12 - Adobe Systems Incorporated) ASUS InstantOn (HKLM-x32\...\{749F674B-2674-47E8-879C-5626A06B2A91}) (Version: 3.0.5 - ASUS) ASUS LifeFrame3 (HKLM-x32\...\{1DBD1F12-ED93-49C0-A7CC-56CBDE488158}) (Version: 3.1.9 - ASUS) ASUS Live Update (HKLM-x32\...\{FA540E67-095C-4A1B-97BA-4D547DEC9AF4}) (Version: 3.1.9 - ASUS) ASUS Power4Gear Hybrid (HKLM\...\{9B6239BF-4E85-4590-8D72-51E30DB1A9AA}) (Version: 2.1.7 - ASUS) ASUS Screen Saver (HKLM\...\{0FBEEDF8-30FA-4FA3-B31F-C9C7E7E8DFA2}) (Version: 1.0.1 - ASUS) ASUS Smart Gesture (HKLM-x32\...\{4D3286A6-F6AB-498A-82A4-E4F040529F3D}) (Version: 4.0.5 - ASUS) ASUS Splendid Video Enhancement Technology (HKLM-x32\...\{0969AF05-4FF6-4C00-9406-43599238DE0D}) (Version: 2.01.0018 - ASUS) ASUS USB Charger Plus (HKLM-x32\...\{A859E3E5-C62F-4BFA-AF1D-2B95E03166AF}) (Version: 2.1.5 - ASUS) ASUS WebStorage Sync Agent (HKLM-x32\...\ASUS WebStorage) (Version: 1.1.18.159 - ASUS Cloud Corporation) ASUSDVD (HKLM-x32\...\InstallShield_{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}) (Version: 10.0.5710.52 - CyberLink Corp.) ASUSDVD (x32 Version: 10.0.5710.52 - CyberLink Corp.) Hidden AsusVibe2.0 (HKLM-x32\...\Asus Vibe2.0) (Version: 2.0.12.309 - ASUSTEK) ATK Package (HKLM-x32\...\{AB5C933E-5C7D-4D30-B314-9C83A49B94BE}) (Version: 1.0.0025 - ASUS) Avast Free Antivirus (HKLM-x32\...\Avast) (Version: 10.3.2225 - AVAST Software) Azteca (x32 Version: 2.2.0.97 - WildTangent) Hidden Bejeweled 3 (x32 Version: 2.2.0.97 - WildTangent) Hidden Cut the Rope (x32 Version: 3.0.2.38 - WildTangent) Hidden D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden ELAN Touchpad 15.8.4.3_X64_WHQL (HKLM\...\Elantech) (Version: 15.8.4.3 - ELAN Microelectronic Corp.) Galería de fotos (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden Galerie de photos (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden Google Chrome (HKLM-x32\...\Google Chrome) (Version: 45.0.2454.101 - Google Inc.) Google Update Helper (x32 Version: 1.3.21.169 - Google Inc.) Hidden Google Update Helper (x32 Version: 1.3.28.15 - Google Inc.) Hidden Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.1.0.1252 - Intel Corporation) Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3308 - Intel Corporation) Intel(R) SDK for OpenCL - CPU Only Runtime Package (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 2.0.0.37149 - Intel Corporation) Librus Ocena Opisowa (HKLM-x32\...\Ocena Opisowa N) (Version: - ) McAfee SiteAdvisor (HKLM-x32\...\{35ED3F83-4BDC-4c44-8EC6-6A8301C7413A}) (Version: 3.7.2.191 - McAfee, Inc.) Microsoft Office Home and Student 2010 (HKLM-x32\...\Office14.SingleImage) (Version: 14.0.7015.1000 - Microsoft Corporation) Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.40728.0 - Microsoft Corporation) Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation) Movie Maker (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden MyBitCast 2.0 (HKLM-x32\...\MyBitCast) (Version: 2.0 - ASUS) Pakiet sterowników systemu Windows - ASUS (ATP) Mouse (06/17/2015 1.0.0.262) (HKLM\...\14588A15B66655338DBCC021FFA81E31DC281859) (Version: 06/17/2015 1.0.0.262 - ASUS) Peggle (x32 Version: 2.2.0.95 - WildTangent) Hidden Penguins! (x32 Version: 2.2.0.98 - WildTangent) Hidden Polski pakiet językowy dla narzędzi Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - PLK) (Version: 10.0.50903 - Microsoft Corporation) Qualcomm Atheros Client Installation Program (HKLM-x32\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 10.0 - Qualcomm Atheros) Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.7.1025.2012 - Realtek) Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7535 - Realtek Semiconductor Corp.) Realtek PCIE Card Reader (HKLM-x32\...\{C1594429-8296-4652-BF54-9DBE4932A44C}) (Version: 6.2.9200.27030 - Realtek Semiconductor Corp.) Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version: - Microsoft) Shared C Run-time for x64 (HKLM\...\{EF79C448-6946-4D71-8134-03407888C054}) (Version: 10.0.0 - McAfee) Skype Click to Call (HKLM-x32\...\{6D1221A9-17BF-4EC0-81F2-27D30EC30701}) (Version: 7.4.0.9058 - Microsoft Corporation) Skype™ 7.12 (HKLM-x32\...\{6A0549A9-1B96-498C-ACBC-3943001FEB19}) (Version: 7.12.101 - Skype Technologies S.A.) Tales of Lagoona (x32 Version: 2.2.0.110 - WildTangent) Hidden Update Installer for WildTangent Games App (x32 Version: - WildTangent) Hidden WildTangent Games (HKLM-x32\...\WildTangent wildgames Master Uninstall) (Version: 1.0.0.0 - WildTangent) WildTangent Games App (x32 Version: 4.0.10.5 - WildTangent) Hidden Windows Driver Package - ASUS (ATP) Mouse (09/17/2013 1.0.0.186) (HKLM\...\D9E691DCEE7D3B9B7C62A7F5C2EAABBB9335DC9A) (Version: 09/17/2013 1.0.0.186 - ASUS) Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3505.0912 - Microsoft Corporation) WinFlash (HKLM-x32\...\{8F21291E-0444-4B1D-B9F9-4370A73E346D}) (Version: 2.42.0 - ASUS) ==================== Custom CLSID (Whitelisted): ========================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) CustomCLSID: HKU\S-1-5-21-1955459496-1287597648-2212735668-1001_Classes\CLSID\{820D63D5-8CFF-46DE-86AF-4997DEDD6DB5}\localserver32 -> C:\WINDOWS\system32\igfxEM.exe (Intel Corporation) ==================== Restore Points ========================= 19-09-2015 10:08:29 Zaplanowany punkt kontrolny 24-09-2015 13:24:51 Windows Update 01-10-2015 14:33:04 Zaplanowany punkt kontrolny ==================== Hosts content: =============================== (If needed Hosts: directive could be included in the fixlist to reset Hosts.) 2013-08-22 15:25 - 2013-08-22 15:25 - 00000824 ____A C:\WINDOWS\system32\Drivers\etc\hosts ==================== Scheduled Tasks (Whitelisted) ============= (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) Task: {104DF0BA-695A-4EB5-A236-9EACDE050F7C} - System32\Tasks\ASUS Splendid ColorU => C:\Program Files (x86)\ASUS\Splendid\ColorUService.exe [2013-08-17] (ASUSTeK Computer Inc.) Task: {127FD9E1-C92D-4977-A314-94D8C8F0D54C} - System32\Tasks\ASUS InstantOn Config => C:\Program Files (x86)\ASUS\ASUS InstantOn\InsOnCfg.exe [2012-10-25] (ASUS) Task: {1440A01B-844E-4A65-9BAC-3399EFAA808C} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION Task: {1D848E9D-A42E-444E-A468-E36AE665CE99} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> No File <==== ATTENTION Task: {1E20CBC9-5A36-4231-AD76-33BE5383FF07} - System32\Tasks\ASUS Patch for Touch Panel => C:\ProgramData\AsTouchPanel\AsPatchTouchPanel64.exe [2013-01-09] (ASUSTek Computer INC.) Task: {25B3702F-F85C-4431-84E5-9148F7654603} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-28] (Google Inc.) Task: {28646627-1ABE-4D0F-8808-6C70DDEFA3AD} - System32\Tasks\ASUS USB Charger Plus => C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe [2012-09-18] (ASUSTek Computer Inc.) Task: {3A577F41-7EEC-4B64-8C7B-0D2045D70D76} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION Task: {3F3A6BC1-69CE-4CA8-AE08-7A9CE592BAEA} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> No File <==== ATTENTION Task: {5122D585-0C01-402B-8C51-0CB09358EF36} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-07-07] (Adobe Systems Incorporated) Task: {565EFB66-DEEE-4FD5-800A-D1605F0A72BE} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> No File <==== ATTENTION Task: {57537E90-C12F-44C3-A0A8-F9D64B2EA3AB} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> No File <==== ATTENTION Task: {5A1EB5FC-D5F3-4239-8F5F-9187D325E812} - System32\Tasks\Security Cleaner => C:\Users\magda1\AppData\Roaming\Security Cleaner\Security Cleaner.exe [2015-10-09] () Task: {5BE7BE7A-E01F-4BC8-AE1B-FBB3C1DB144D} - System32\Tasks\ASUS Splendid ACMON => C:\Program Files (x86)\ASUS\Splendid\ACMON.exe [2013-08-20] (ASUS) Task: {5EDD9277-79D9-46D3-80EE-0F3459860F03} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION Task: {69F3888F-5D45-4845-A54F-A093E77BF4DE} - System32\Tasks\IT Viewer Uninstaller => C:\Program Files (x86)\IT Viewer\astask.exe [2015-10-09] (West CH Soft) Task: {786996F9-B485-4D99-AA54-D6181E593392} - System32\Tasks\ASUS Smart Gesture Launcher => C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPLauncher.exe [2015-07-13] (AsusTek) Task: {A20834AB-E3D4-43E6-A437-EE444A7843A2} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION Task: {A489DAEA-2740-4F36-B1B1-13644CC82176} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> No File <==== ATTENTION Task: {A5E22A93-21CB-4017-A014-CDD19AB9D127} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2015-08-25] (AVAST Software) Task: {AFA6CBFF-336E-45EC-ABBC-8D425FA63C8D} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2015-08-26] (Microsoft Corporation) Task: {EC87CE59-1FE3-4D30-98EE-85A4F0F0607C} - System32\Tasks\ASUS Live Update => C:\Program Files (x86)\ASUS\ASUS Live Update\LiveUpdate.exe [2012-08-22] (ASUSTeK Computer Inc.) Task: {ED0DF5C9-94B7-4CA6-9011-E1BD708113D5} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> No File <==== ATTENTION Task: {F5EAF9C6-2FD3-451B-A1B5-912BA346787B} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION Task: {FCAFD34D-836C-468D-936E-6CF90CA94AC4} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-28] (Google Inc.) Task: {FDA72F6B-0418-42F3-9301-A1163230E0ED} - System32\Tasks\ASUS P4G => C:\Program Files\ASUS\P4G\BatteryLife.exe [2012-08-25] (ASUS) Task: {FF8A0B76-A63A-47C9-BC9B-D211117657F2} - System32\Tasks\AsusVibeSchedule => C:\Program Files (x86)\Asus\AsusVibe\AsusVibeLauncher.exe [2013-01-04] () (If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.) Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe ==================== Loaded Modules (Whitelisted) ============== 2015-07-30 09:02 - 2015-07-30 09:02 - 00032768 _____ () C:\WINDOWS\SYSTEM32\licensemanagerapi.dll 2015-08-19 09:59 - 2015-08-11 11:14 - 00404480 _____ () C:\WINDOWS\System32\diagtrack_wininternal.dll 2012-12-19 08:10 - 2012-12-19 08:10 - 00072192 _____ () C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.18.159\AsusWSWinService.exe 2015-10-01 17:26 - 2015-09-17 08:48 - 02494712 _____ () C:\WINDOWS\system32\CoreUIComponents.dll 2012-08-25 03:26 - 2012-08-25 03:26 - 00031360 _____ () C:\Program Files\ASUS\P4G\DevMng.dll 2015-10-01 17:26 - 2015-09-17 08:48 - 02494712 _____ () C:\WINDOWS\System32\CoreUIComponents.dll 2015-10-01 17:25 - 2015-09-17 07:48 - 00429056 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\QuickActions.dll 2015-07-10 12:59 - 2015-07-10 12:59 - 00143360 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\XamlTileRendering.dll 2015-10-01 17:26 - 2015-09-17 07:44 - 06569472 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll 2015-10-01 17:25 - 2015-09-17 07:42 - 00471040 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll 2015-10-01 17:25 - 2015-09-17 07:42 - 01808384 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll 2015-10-01 17:26 - 2015-09-17 07:43 - 02274816 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll 2015-07-10 13:00 - 2015-07-10 15:14 - 00210432 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.ProxyStub.dll 2015-10-01 17:26 - 2015-09-17 07:43 - 00928768 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RulesBackgroundTasks.dll 2015-10-01 17:26 - 2015-09-17 07:43 - 02028544 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RulesService.dll 2015-10-01 17:25 - 2015-09-17 07:42 - 00619008 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SignalsManager.dll 2015-08-25 19:12 - 2015-08-25 19:12 - 00102864 _____ () C:\Program Files\AVAST Software\Avast\log.dll 2015-08-25 19:12 - 2015-08-25 19:12 - 00123976 _____ () C:\Program Files\AVAST Software\Avast\JsonRpcServer.dll 2015-10-03 23:16 - 2015-10-03 23:16 - 02966528 _____ () C:\Program Files\AVAST Software\Avast\defs\15100301\algo.dll 2015-10-09 12:30 - 2015-10-09 12:30 - 02967040 _____ () C:\Program Files\AVAST Software\Avast\defs\15100900\algo.dll 2013-12-11 13:21 - 2012-06-25 20:41 - 01198912 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\ACE.dll 2013-08-20 03:16 - 2013-08-20 03:16 - 00015440 _____ () C:\Program Files (x86)\ASUS\Splendid\DetectDisplayDC.dll 2013-08-16 20:03 - 2013-08-16 20:03 - 00023040 _____ () C:\Program Files (x86)\ASUS\Splendid\CCTAdjust.dll 2015-03-20 19:39 - 2015-03-20 19:39 - 40540672 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll 2015-10-09 12:26 - 2015-10-09 12:26 - 00086528 _____ () C:\Program Files (x86)\IT Viewer\mgwz.dll 2015-09-26 15:43 - 2015-09-24 04:34 - 01501512 _____ () C:\Program Files (x86)\Google\Chrome\Application\45.0.2454.101\libglesv2.dll 2015-09-26 15:43 - 2015-09-24 04:34 - 00081224 _____ () C:\Program Files (x86)\Google\Chrome\Application\45.0.2454.101\libegl.dll 2015-09-26 15:43 - 2015-09-24 04:34 - 16487752 _____ () C:\Program Files (x86)\Google\Chrome\Application\45.0.2454.101\PepperFlash\pepflashplayer.dll ==================== Alternate Data Streams (Whitelisted) ========= (If an entry is included in the fixlist, only the ADS will be removed.) AlternateDataStreams: C:\Users\magda1\OneDrive:ms-properties ==================== Safe Mode (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.) ==================== EXE Association (Whitelisted) =============== (If an entry is included in the fixlist, the registry item will be restored to default or removed.) ==================== Internet Explorer trusted/restricted =============== (If an entry is included in the fixlist, it will be removed from the registry.) ==================== Other Areas ============================ (Currently there is no automatic fix for this section.) HKU\S-1-5-21-1955459496-1287597648-2212735668-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\magda1\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper DNS Servers: 8.8.8.8 - 8.8.4.4 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1) Windows Firewall is enabled. ==================== MSCONFIG/TASK MANAGER disabled items == (Currently there is no automatic fix for this section.) HKLM\...\StartupApproved\Run32: => "RemoteControl10" ==================== FirewallRules (Whitelisted) =============== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139 FirewallRules: [{7DDB678C-AD17-4EE6-8C24-64C1BF85C773}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe FirewallRules: [{DB976C7D-0F91-4268-89D9-93C9888B22BF}] => (Allow) LPort=2869 FirewallRules: [{9E835905-E224-44C0-A818-B972D817FB78}] => (Allow) LPort=1900 FirewallRules: [{8EA8A530-BBA8-4CC4-B799-C442E5F1CAB6}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD10\PowerDVD10.EXE FirewallRules: [{49026ECE-1D79-4C06-BBB1-0000777D77A4}] => (Allow) C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe FirewallRules: [{A42641F6-841C-437E-ABF4-DCCAE0ADAF0D}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe FirewallRules: [{93611B56-863C-435E-AEE9-9D567D973081}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe ==================== Faulty Device Manager Devices ============= ==================== Event log errors: ========================= Application errors: ================== Error: (10/08/2015 09:30:51 PM) (Source: Application Hang) (EventID: 1002) (User: ) Description: Program MicrosoftEdge.exe w wersji 11.0.10240.16515 przestał współpracować z systemem Windows i został zamknięty. Aby sprawdzić, czy jest dostępnych więcej informacji na temat tego problemu, sprawdź historię problemu w oknie Zabezpieczenia i konserwacja w Panelu sterowania. Identyfikator procesu: a9c Godzina rozpoczęcia: 01d101fd189efa81 Godzina zakończenia: 4294967295 Ścieżka aplikacji: C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe Identyfikator raportu: 13af703f-6df3-11e5-bea8-bcee7b1d6578 Pełna nazwa pakietu powodującego błąd: Microsoft.MicrosoftEdge_20.10240.16384.0_neutral__8wekyb3d8bbwe Identyfikator aplikacji względem pakietu powodującego błąd: MicrosoftEdge Error: (10/08/2015 09:30:48 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 2484) (User: MAGDA) Description: Działanie pakietu Microsoft.MicrosoftEdge_20.10240.16384.0_neutral__8wekyb3d8bbwe+MicrosoftEdge zostało zakończone, ponieważ operacja wstrzymywania pakietu trwała zbyt długo. Error: (10/08/2015 06:06:11 AM) (Source: Application Error) (EventID: 1000) (User: ) Description: Nazwa aplikacji powodującej błąd: microsoftedgecp.exe, wersja: 11.0.10240.16384, sygnatura czasowa: 0x559f3853 Nazwa modułu powodującego błąd: EDGEHTML.dll, wersja: 11.0.10240.16515, sygnatura czasowa: 0x55fa58b4 Kod wyjątku: 0xc0000005 Przesunięcie błędu: 0x0000000000101b32 Identyfikator procesu powodującego błąd: 0x458 Godzina uruchomienia aplikacji powodującej błąd: 0xmicrosoftedgecp.exe0 Ścieżka aplikacji powodującej błąd: microsoftedgecp.exe1 Ścieżka modułu powodującego błąd: microsoftedgecp.exe2 Identyfikator raportu: microsoftedgecp.exe3 Pełna nazwa pakietu powodującego błąd: microsoftedgecp.exe4 Identyfikator aplikacji względem pakietu powodującego błąd: microsoftedgecp.exe5 Error: (10/07/2015 11:07:09 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: MAGDA) Description: Aktywacja aplikacji Microsoft.Windows.Cortana_cw5n1h2txyewy!CortanaUI nie powiodła się. Błąd: -2144927141. Więcej informacji można znaleźć w dzienniku Microsoft-Windows-TWinUI/Działa. Error: (10/07/2015 06:07:47 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Nazwa aplikacji powodującej błąd: microsoftedgecp.exe, wersja: 11.0.10240.16384, sygnatura czasowa: 0x559f3853 Nazwa modułu powodującego błąd: EDGEHTML.dll, wersja: 11.0.10240.16515, sygnatura czasowa: 0x55fa58b4 Kod wyjątku: 0xc0000005 Przesunięcie błędu: 0x0000000000101b32 Identyfikator procesu powodującego błąd: 0x1980 Godzina uruchomienia aplikacji powodującej błąd: 0xmicrosoftedgecp.exe0 Ścieżka aplikacji powodującej błąd: microsoftedgecp.exe1 Ścieżka modułu powodującego błąd: microsoftedgecp.exe2 Identyfikator raportu: microsoftedgecp.exe3 Pełna nazwa pakietu powodującego błąd: microsoftedgecp.exe4 Identyfikator aplikacji względem pakietu powodującego błąd: microsoftedgecp.exe5 Error: (10/07/2015 05:39:53 PM) (Source: ESENT) (EventID: 413) (User: ) Description: SettingSyncHost (5660) Nie można utworzyć nowego pliku dziennika, ponieważ baza danych nie może dokonać zapisu na dysku dziennika. Dysk może być tylko do odczytu, zapełniony, niewłaściwie skonfigurowany lub uszkodzony. Błąd -1032. Error: (10/07/2015 05:39:53 PM) (Source: ESENT) (EventID: 488) (User: ) Description: SettingSyncHost (5660) Próba utworzenia pliku „C:\WINDOWS\system32\edbtmp.log” zakończyła się niepomyślnie z błędem systemowym 5 (0x00000005): „Odmowa dostępu. ”. Operacja tworzenia pliku zostanie zakończona z błędem -1032 (0xfffffbf8). Error: (10/07/2015 05:39:43 PM) (Source: ESENT) (EventID: 413) (User: ) Description: SettingSyncHost (5660) Nie można utworzyć nowego pliku dziennika, ponieważ baza danych nie może dokonać zapisu na dysku dziennika. Dysk może być tylko do odczytu, zapełniony, niewłaściwie skonfigurowany lub uszkodzony. Błąd -1032. Error: (10/07/2015 05:39:43 PM) (Source: ESENT) (EventID: 488) (User: ) Description: SettingSyncHost (5660) Próba utworzenia pliku „C:\WINDOWS\system32\edbtmp.log” zakończyła się niepomyślnie z błędem systemowym 5 (0x00000005): „Odmowa dostępu. ”. Operacja tworzenia pliku zostanie zakończona z błędem -1032 (0xfffffbf8). Error: (10/07/2015 05:39:33 PM) (Source: ESENT) (EventID: 413) (User: ) Description: SettingSyncHost (5660) Nie można utworzyć nowego pliku dziennika, ponieważ baza danych nie może dokonać zapisu na dysku dziennika. Dysk może być tylko do odczytu, zapełniony, niewłaściwie skonfigurowany lub uszkodzony. Błąd -1032. System errors: ============= Error: (10/09/2015 12:26:56 PM) (Source: Service Control Manager) (EventID: 7030) (User: ) Description: Usługa Privoxy (PrivoxyService) jest oznaczona jako usługa interakcyjna. System jest jednak skonfigurowany tak, aby nie zezwalać na usługi interakcyjne, dlatego ta usługa może nie działać właściwie. Error: (10/09/2015 09:28:53 AM) (Source: DCOM) (EventID: 10010) (User: ZARZĄDZANIE NT) Description: {784E29F4-5EBE-4279-9948-1E8FE941646D} Error: (10/08/2015 11:16:11 PM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: Usługa Dostęp do danych użytkownika_Session5 niespodziewanie zakończyła pracę. Wystąpiło to razy: 1. W przeciągu 10000 milisekund zostanie podjęta następująca czynność korekcyjna: Uruchom usługę ponownie. Error: (10/08/2015 11:16:11 PM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: Usługa Magazyn danych użytkownika_Session5 niespodziewanie zakończyła pracę. Wystąpiło to razy: 1. W przeciągu 10000 milisekund zostanie podjęta następująca czynność korekcyjna: Uruchom usługę ponownie. Error: (10/08/2015 11:16:11 PM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: Usługa Dane kontaktowe_Session5 niespodziewanie zakończyła pracę. Wystąpiło to razy: 1. W przeciągu 10000 milisekund zostanie podjęta następująca czynność korekcyjna: Uruchom usługę ponownie. Error: (10/08/2015 11:16:11 PM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: Usługa Synchronizuj hosta_Session5 niespodziewanie zakończyła pracę. Wystąpiło to razy: 1. W przeciągu 10000 milisekund zostanie podjęta następująca czynność korekcyjna: Uruchom usługę ponownie. Error: (10/08/2015 05:59:57 AM) (Source: DCOM) (EventID: 10016) (User: MAGDA) Description: domyślne ustawienia komputeraLokalnyAktywacja{C2F03A33-21F5-47FA-B4BB-156362A2F239}{316CDED5-E4AE-4B15-9113-7055D84DCC97}Magdamagda1S-1-5-21-1955459496-1287597648-2212735668-1001LocalHost (użycie LRPC)Microsoft.WindowsStore_2015.9.25.0_x64__8wekyb3d8bbweS-1-15-2-1609473798-1231923017-684268153-4268514328-882773646-2760585773-1760938157 Error: (10/08/2015 05:59:11 AM) (Source: DCOM) (EventID: 10010) (User: ZARZĄDZANIE NT) Description: {784E29F4-5EBE-4279-9948-1E8FE941646D} Error: (10/07/2015 11:07:18 PM) (Source: Service Control Manager) (EventID: 7009) (User: ) Description: Upłynął limit czasu (30000 ms) podczas oczekiwania na połączenie się z usługą Synchronizuj hosta_Session4. Error: (10/07/2015 11:07:18 PM) (Source: Service Control Manager) (EventID: 7009) (User: ) Description: Upłynął limit czasu (30000 ms) podczas oczekiwania na połączenie się z usługą Magazyn danych użytkownika_Session4. CodeIntegrity: =================================== Date: 2015-08-25 21:25:07.332 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2015-07-30 11:10:24.283 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2015-07-30 11:10:24.192 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2015-07-30 11:10:24.145 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2015-07-30 11:10:24.048 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2015-07-30 11:10:23.997 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2015-07-30 11:10:23.956 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2015-07-30 11:10:23.916 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2015-07-30 11:10:23.875 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2015-07-30 11:10:22.986 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements. ==================== Memory info =========================== Processor: Intel(R) Core(TM) i3-3217U CPU @ 1.80GHz Percentage of memory in use: 59% Total physical RAM: 6029.74 MB Available physical RAM: 2461.14 MB Total Virtual: 6989.74 MB Available Virtual: 3203 MB ==================== Drives ================================ Drive c: (OS) (Fixed) (Total:444.21 GB) (Free:340.29 GB) NTFS ==>[system with boot components (obtained from reading drive)] Drive e: () (Removable) (Total:7.41 GB) (Free:4.05 GB) FAT32 ==================== MBR & Partition Table ================== ======================================================== Disk: 0 (Size: 465.8 GB) (Disk ID: CFE5C099) Partition: GPT. ======================================================== Disk: 1 (Size: 7.4 GB) (Disk ID: 00000000) Partition: GPT. ==================== End of Addition.txt ============================