Additional scan result of Farbar Recovery Scan Tool (x64) Version: 28-12-2014 Ran by Sajrax at 2014-12-29 21:22:07 Running from C:\Users\Mikołaj\Downloads Boot Mode: Normal ========================================================== ==================== Security Center ======================== (If an entry is included in the fixlist, it will be removed.) AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B} AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736} ==================== Installed Programs ====================== (Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.) Adobe Flash Player 16 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 16.0.0.235 - Adobe Systems Incorporated) Adobe Reader XI (11.0.10) - Polish (HKLM-x32\...\{AC76BA86-7AD7-1045-7B44-AB0000000001}) (Version: 11.0.10 - Adobe Systems Incorporated) Alcor Micro USB Card Reader (HKLM-x32\...\AmUStor) (Version: 3.4.117.01527 - Alcor Micro Corp.) Alcor Micro USB Card Reader (x32 Version: 3.4.117.01527 - Alcor Micro Corp.) Hidden Assassin's Creed IV Black Flag (HKLM-x32\...\Uplay Install 273) (Version: - Ubisoft) ASUS Live Update (HKLM-x32\...\{FA540E67-095C-4A1B-97BA-4D547DEC9AF4}) (Version: 3.2.2 - ASUS) ASUS Power4Gear Hybrid (HKLM\...\{9B6239BF-4E85-4590-8D72-51E30DB1A9AA}) (Version: 3.0.4 - ASUS) ASUS Smart Gesture (HKLM-x32\...\{4D3286A6-F6AB-498A-82A4-E4F040529F3D}) (Version: 2.1.4 - ASUS) ASUS Splendid Video Enhancement Technology (HKLM-x32\...\{0969AF05-4FF6-4C00-9406-43599238DE0D}) (Version: 2.01.0005 - ASUS) ASUS USB Charger Plus (HKLM-x32\...\{A859E3E5-C62F-4BFA-AF1D-2B95E03166AF}) (Version: 2.1.5 - ASUS) ASUS WebStorage Sync Agent (HKLM-x32\...\ASUS WebStorage) (Version: 1.1.18.159 - ASUS Cloud Corporation) ASUSDVD (HKLM-x32\...\InstallShield_{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}) (Version: 10.0.5230.52 - CyberLink Corp.) ASUSDVD (x32 Version: 10.0.5230.52 - CyberLink Corp.) Hidden Atheros Communications Inc.(R) AR81Family Gigabit/Fast Ethernet Driver (HKLM-x32\...\{3108C217-BE83-42E4-AE9E-A56A2A92E549}) (Version: 2.1.0.7 - Atheros Communications Inc.) ATK Package (HKLM-x32\...\{AB5C933E-5C7D-4D30-B314-9C83A49B94BE}) (Version: 1.0.0030 - ASUS) Avast Free Antivirus (HKLM-x32\...\avast) (Version: 10.0.2208 - AVAST Software) Battlelog Web Plugins (HKLM-x32\...\Battlelog Web Plugins) (Version: 2.5.1 - EA Digital Illusions CE AB) CCleaner (HKLM\...\CCleaner) (Version: 4.14 - Piriform) CyberLink LabelPrint 2.5 (HKLM-x32\...\InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}) (Version: 2.5.5415 - CyberLink Corp.) CyberLink Power2Go (HKLM-x32\...\InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 7.0.0.3625 - CyberLink Corp.) D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden DAEMON Tools Lite (HKLM-x32\...\DAEMON Tools Lite) (Version: 4.49.1.0356 - Disc Soft Ltd) Easy CD-DA Extractor 2010 (HKLM-x32\...\Easy CD-DA Extractor 2010) (Version: 2010 - Poikosoft) Facebook Video Calling 3.1.0.521 (HKLM-x32\...\{2091F234-EB58-4B80-8C96-8EB78C808CF7}) (Version: 3.1.521 - Skype Limited) Fotogaléria (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden Fotogalerie (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden Fotótár (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden Galeria fotografii (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden Google Chrome (HKLM-x32\...\Google Chrome) (Version: 39.0.2171.95 - Google Inc.) Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.1.0.1252 - Intel Corporation) Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3308 - Intel Corporation) Intel(R) SDK for OpenCL - CPU Only Runtime Package (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 2.0.0.37149 - Intel Corporation) Java 7 Update 71 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F03217071FF}) (Version: 7.0.710 - Oracle) Malwarebytes Anti-Malware wersja 2.0.4.1028 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.4.1028 - Malwarebytes Corporation) Microsoft Office 365 - pl-pl (HKLM\...\O365HomePremRetail - pl-pl) (Version: 15.0.4675.1003 - Microsoft Corporation) Microsoft Office Professional Plus 2013 (HKLM-x32\...\Office15.PROPLUS) (Version: 15.0.4569.1506 - Microsoft Corporation) Microsoft OneDrive (HKU\S-1-5-21-4210712741-2411047792-420992153-1002\...\OneDriveSetup.exe) (Version: 17.0.4029.0217 - Microsoft Corporation) Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation) Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (HKLM\...\{350AA351-21FA-3270-8B7A-835434E766AD}) (Version: 9.0.21022 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation) Movie Maker (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden MyBitCast 2.0 (HKLM-x32\...\MyBitCast) (Version: 2.0 - ASUS) Narzędzia sprawdzające pakietu Microsoft Office 2013 — polski (x32 Version: 15.0.4569.1506 - Microsoft Corporation) Hidden NVIDIA Graphics Driver 311.70 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 311.70 - NVIDIA Corporation) NVIDIA PhysX (HKLM-x32\...\{8B922CF8-8A6C-41CE-A858-F1755D7F5D29}) (Version: 9.12.1031 - NVIDIA Corporation) NVIDIA Update 4.11.9 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 4.11.9 - NVIDIA Corporation) Office 15 Click-to-Run Extensibility Component (x32 Version: 15.0.4675.1003 - Microsoft Corporation) Hidden Office 15 Click-to-Run Licensing Component (Version: 15.0.4675.1003 - Microsoft Corporation) Hidden Office 15 Click-to-Run Localization Component (x32 Version: 15.0.4675.1003 - Microsoft Corporation) Hidden Origin (HKLM-x32\...\Origin) (Version: 9.3.6.4639 - Electronic Arts, Inc.) Podstawowe programy Windows Live (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3508.0205 - Microsoft Corporation) Podstawowe programy Windows Live (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.991 - Even Balance, Inc.) Ralink Bluetooth Stack64 (HKLM\...\{3DA4255C-E376-83BE-72B4-B060F7124CC8}) (Version: 9.0.720.5 - Ralink Corporation) Ralink RT2860 Wireless LAN Card (HKLM-x32\...\{8FC4F1DD-F7FD-4766-804D-3C8FF1D309B0}) (Version: 1.2.0.41 - Ralink) Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6804 - Realtek Semiconductor Corp.) Service Pack 1 for Microsoft Office 2013 (KB2850036) 32-Bit Edition (HKLM-x32\...\{90150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUS_{7F6C4883-A18C-459A-82C1-A2F9403F2DA6}) (Version: - Microsoft) Shared C Run-time for x64 (HKLM\...\{EF79C448-6946-4D71-8134-03407888C054}) (Version: 10.0.0 - McAfee) Steam (HKLM-x32\...\Steam) (Version: - Valve Corporation) Titanfall™ (HKLM-x32\...\{347EE0C3-0690-48F6-A231-53853C2A80D6}) (Version: 1.0.8.10 - Electronic Arts) Uplay (HKLM-x32\...\Uplay) (Version: 2.0 - Ubisoft) Windows Driver Package - ASUS (ATP) Mouse (01/10/2013 1.0.0.170) (HKLM\...\4A9DE1E9EBC800B7F01739D4DE7363EF6751BDF5) (Version: 01/10/2013 1.0.0.170 - ASUS) WinFlash (HKLM-x32\...\{8F21291E-0444-4B1D-B9F9-4370A73E346D}) (Version: 2.42.0 - ASUS) WinRAR 5.11 (64-bitowy) (HKLM\...\WinRAR archiver) (Version: 5.11.0 - win.rar GmbH) ==================== Custom CLSID (selected items): ========================== (If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.) CustomCLSID: HKU\S-1-5-21-4210712741-2411047792-420992153-1002_Classes\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}\InprocServer32 -> C:\Users\Mikołaj\AppData\Local\Microsoft\SkyDrive\17.0.4029.0217\amd64\SkyDriveShell64.dll (Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-4210712741-2411047792-420992153-1002_Classes\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}\InprocServer32 -> C:\Users\Mikołaj\AppData\Local\Microsoft\SkyDrive\17.0.4029.0217\amd64\SkyDriveShell64.dll (Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-4210712741-2411047792-420992153-1002_Classes\CLSID\{CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B}\InprocServer32 -> C:\Users\Mikołaj\AppData\Local\Microsoft\SkyDrive\17.0.4029.0217\amd64\SkyDriveShell64.dll (Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-4210712741-2411047792-420992153-1002_Classes\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}\InprocServer32 -> C:\Users\Mikołaj\AppData\Local\Microsoft\SkyDrive\17.0.4029.0217\amd64\SkyDriveShell64.dll (Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-4210712741-2411047792-420992153-1002_Classes\CLSID\{F8071786-1FD0-4A66-81A1-3CBE29274458}\InprocServer32 -> C:\Users\Mikołaj\AppData\Local\Microsoft\SkyDrive\17.0.4029.0217\amd64\FileSyncApi64.dll (Microsoft Corporation) ==================== Restore Points ========================= 14-12-2014 19:16:16 Removed 7-Zip 9.20 (x64 edition) 25-12-2014 17:38:22 Windows Update 28-12-2014 22:12:41 Usunięte Assassin's Creed ==================== Hosts content: ========================== (If needed Hosts: directive could be included in the fixlist to reset Hosts.) 2013-08-22 14:25 - 2013-08-22 14:25 - 00000824 ____N C:\WINDOWS\system32\Drivers\etc\hosts ==================== Scheduled Tasks (whitelisted) ============= (If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.) Task: {015B4C6B-22F2-447B-8B43-86B75EB7A114} - System32\Tasks\ASUS InstantOn Config => C:\Program Files\ASUS\P4G\InsOnCfg.exe Task: {01C7674D-3CBC-4264-AEFA-888C4D51810C} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-03-26] (Google Inc.) Task: {04DC1A34-F5CE-43A2-813B-85E5C23555A2} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-05-20] (Piriform Ltd) Task: {0CC1B25B-3612-44EB-B007-9FD2EAFB298F} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-03-26] (Google Inc.) Task: {0D6E94E8-2399-42D3-B297-53BEB1375C8E} - System32\Tasks\ASUS Live Update2 => C:\Program Files (x86)\ASUS\ASUS Live Update\LiveUpdate.exe [2013-03-20] (ASUSTeK Computer Inc.) Task: {2A0991A9-1F2E-4053-8013-128DA72170A6} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office\Office15\msoia.exe [2014-01-22] (Microsoft Corporation) Task: {2CC86EA3-E213-4060-BFDC-FA1D7FADB849} - System32\Tasks\ASUS Touchpad Launcher (x64) => C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPLauncher.exe [2013-04-29] (AsusTek) Task: {2EB84E5D-5ABD-417C-A696-1630372F6404} - System32\Tasks\ASUS USB Charger Plus => C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe [2012-09-18] (ASUSTek Computer Inc.) Task: {3C3A049F-7090-41C6-9936-CD6A097531D4} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2014-12-19] (Adobe Systems Incorporated) Task: {539DBEFE-EA09-4702-AA0F-A3D3B14448F5} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office\Office15\msoia.exe [2014-01-22] (Microsoft Corporation) Task: {57EE36C9-3F48-452C-8F1B-A09206A4AE05} - \Installer_iwebar No Task File <==== ATTENTION Task: {62B3002D-EA8A-49C0-93B5-7C7F952218DA} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2014-12-11] (Microsoft Corporation) Task: {6EC81787-525E-4911-B44B-CB516DEEA283} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe Task: {8E3227E4-F35D-455B-BE64-A50450C4E34A} - System32\Tasks\ASUS Live Update1 => C:\Program Files (x86)\ASUS\ASUS Live Update\LiveUpdate.exe [2013-03-20] (ASUSTeK Computer Inc.) Task: {B565ECCC-3B17-4611-B637-879FB086E95E} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2014-11-04] (Microsoft Corporation) Task: {B659ABF6-4DF7-4136-9947-9A9A0A699D52} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesCommonx86\Microsoft Shared\OFFICE15\OLicenseHeartbeat.exe [2014-11-12] (Microsoft Corporation) Task: {C70CE649-B782-461D-B5BA-F2BA848596F7} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2014-12-28] (AVAST Software) Task: {CB44E400-0605-4809-8B94-A2DC93581EBA} - System32\Tasks\ASUS P4G => C:\Program Files\ASUS\P4G\BatteryLife.exe [2013-06-19] (ASUS) Task: {CE796AA3-238A-4A69-938D-10431371D4F2} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-12-28] (Adobe Systems Incorporated) Task: {D0BFF1EF-4348-4E13-BCFF-9BB8428CA0E9} - System32\Tasks\ASUS Splendid ACMON => C:\Program Files (x86)\ASUS\Splendid\ACMON.exe [2012-11-28] (ASUS) Task: {D153916B-3C8C-4846-A59B-7A5A2DE28174} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-4210712741-2411047792-420992153-1002Core => C:\Users\Mikołaj\AppData\Local\Facebook\Update\FacebookUpdate.exe [2013-11-21] (Facebook Inc.) Task: {D2953D5E-C972-4E0A-8F9C-DA5063A440BE} - System32\Tasks\Installer_sense => C:\Users\Mikołaj\AppData\Local\Installer\Installsense_6905\ins_postInst.exe [2014-12-28] () <==== ATTENTION Task: {D5494F7F-38F6-4DB8-B3DC-AD094E3A287D} - System32\Tasks\ASUS Splendid ColorU => C:\Program Files (x86)\ASUS\Splendid\ColorUService.exe [2013-02-26] (ASUSTeK Computer Inc.) Task: {F262672D-BDB6-44FF-BF3C-039C32233156} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-4210712741-2411047792-420992153-1002UA => C:\Users\Mikołaj\AppData\Local\Facebook\Update\FacebookUpdate.exe [2013-11-21] (Facebook Inc.) Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe Task: C:\WINDOWS\Tasks\FacebookUpdateTaskUserS-1-5-21-4210712741-2411047792-420992153-1002Core.job => C:\Users\MikoBaj\AppData\Local\Facebook\Update\FacebookUpdate.exe Task: C:\WINDOWS\Tasks\FacebookUpdateTaskUserS-1-5-21-4210712741-2411047792-420992153-1002UA.job => C:\Users\MikoBaj\AppData\Local\Facebook\Update\FacebookUpdate.exe Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe ==================== Loaded Modules (whitelisted) ============= 2013-12-10 07:13 - 2013-12-10 07:13 - 00013088 _____ () C:\Program Files\NVIDIA Corporation\CoProcManager\detoured.dll 2013-06-19 20:49 - 2013-06-19 20:49 - 00031360 _____ () C:\Program Files\ASUS\P4G\DevMng.dll 2010-03-23 14:09 - 2010-03-23 14:33 - 00126208 _____ () C:\Program Files\Easy CD-DA Extractor 2010\ezcddax64.dll 2012-09-03 11:01 - 2012-09-03 11:01 - 00356352 _____ () C:\Windows\system32\BsExtendFunc.dll 2012-09-03 11:48 - 2012-09-03 11:48 - 00022528 _____ () C:\Windows\system32\BsTrace.dll 2012-09-03 11:50 - 2012-09-03 11:50 - 00009728 _____ () C:\Windows\system32\BsHelpCSps.dll 2012-09-03 11:50 - 2012-09-03 11:50 - 00054784 _____ () C:\Windows\system32\BlueSoleilCSps.dll 2012-12-19 07:10 - 2012-12-19 07:10 - 00072192 _____ () C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.18.159\AsusWSWinService.exe 2014-03-19 22:16 - 2014-05-20 08:19 - 00105640 _____ () C:\Program Files\Microsoft Office 15\ClientX64\ApiClient.dll 2013-10-30 01:38 - 2014-12-29 01:42 - 00075136 _____ () C:\WINDOWS\SysWOW64\PnkBstrA.exe 2014-12-28 23:34 - 2014-12-28 23:34 - 00388208 _____ () C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxDDU.dll 2014-12-28 23:34 - 2014-12-28 23:34 - 05851328 _____ () C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxRT.dll 2013-10-01 12:02 - 2013-10-01 12:02 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll 2014-12-29 19:15 - 2014-12-29 19:15 - 02908160 _____ () C:\Program Files\AVAST Software\Avast\defs\14122901\algo.dll 2014-12-28 23:34 - 2014-12-28 23:34 - 04495336 _____ () C:\Program Files\AVAST Software\Avast\ng\vbox\x86\VBoxRT-x86.dll 2012-09-03 11:48 - 2012-09-03 11:48 - 00022528 _____ () C:\WINDOWS\SYSTEM32\BsTrace.dll 2012-08-14 10:24 - 2012-08-14 10:24 - 00323648 _____ () C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\Driver\USB\tl_filter.dll 2012-05-02 17:28 - 2012-05-02 17:28 - 00012800 _____ () C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\Driver\AMP\IVTAMPRL.dll 2012-09-03 11:50 - 2012-09-03 11:50 - 00009728 _____ () C:\Windows\SYSTEM32\BsHelpCSps.dll 2012-09-03 11:50 - 2012-09-03 11:50 - 00054784 _____ () C:\Windows\SYSTEM32\BlueSoleilCSps.dll 2012-09-03 11:48 - 2012-09-03 11:48 - 00022528 _____ () C:\Windows\SYSTEM32\BsTrace.dll 2014-11-16 15:48 - 2014-11-16 15:48 - 00316576 _____ () C:\Program Files\Microsoft Office 15\root\office15\AppVIsvStream32.dll 2012-09-03 11:52 - 2012-09-03 11:52 - 00072192 _____ () C:\WINDOWS\SYSTEM32\BsProfilefunc.dll 2012-09-03 11:01 - 2012-09-03 11:01 - 00356352 _____ () C:\WINDOWS\SYSTEM32\BsExtendFunc.dll 2012-05-24 20:19 - 2012-05-24 20:19 - 00627216 _____ () C:\Program Files (x86)\CyberLink\Power2Go\CLMediaLibrary.dll 2011-03-09 13:21 - 2011-03-09 13:21 - 00013096 _____ () C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvcPS.dll 2014-12-28 23:34 - 2014-12-28 23:34 - 38562088 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll 2014-12-13 02:06 - 2014-12-06 02:50 - 01077064 _____ () C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.95\libglesv2.dll 2014-12-13 02:06 - 2014-12-06 02:50 - 00211272 _____ () C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.95\libegl.dll 2013-12-10 07:13 - 2013-12-10 07:13 - 00013088 _____ () C:\Program Files (x86)\NVIDIA Corporation\CoProcManager\detoured.dll 2014-12-13 02:06 - 2014-12-06 02:50 - 09009480 _____ () C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.95\pdf.dll 2014-12-13 02:06 - 2014-12-06 02:50 - 01677128 _____ () C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.95\ffmpegsumo.dll 2013-07-17 12:43 - 2012-06-25 10:41 - 01198912 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\ACE.dll 2014-12-13 02:06 - 2014-12-06 02:50 - 14913352 _____ () C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.95\PepperFlash\pepflashplayer.dll ==================== Alternate Data Streams (whitelisted) ========= (If an entry is included in the fixlist, only the Alternate Data Streams will be removed.) AlternateDataStreams: C:\ProgramData\Temp:56E2E879 AlternateDataStreams: C:\ProgramData\Temp:DE406C3E AlternateDataStreams: C:\Users\Mikołaj\OneDrive:ms-properties ==================== Safe Mode (whitelisted) =================== (If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.) ==================== EXE Association (whitelisted) ============= (If an entry is included in the fixlist, the default will be restored. None default entries will be removed.) ==================== MSCONFIG/TASK MANAGER disabled items ========= (Currently there is no automatic fix for this section.) ========================= Accounts: ========================== Administrator (S-1-5-21-4210712741-2411047792-420992153-500 - Administrator - Disabled) Gość (S-1-5-21-4210712741-2411047792-420992153-501 - Limited - Disabled) HomeGroupUser$ (S-1-5-21-4210712741-2411047792-420992153-1027 - Limited - Enabled) Sajrax (S-1-5-21-4210712741-2411047792-420992153-1002 - Administrator - Enabled) => C:\Users\Mikołaj UpdatusUser (S-1-5-21-4210712741-2411047792-420992153-1001 - Limited - Enabled) => C:\Users\UpdatusUser ==================== Faulty Device Manager Devices ============= Name: Description: Class Guid: Manufacturer: Service: Problem: : The drivers for this device are not installed. (Code 28) Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard. Name: Description: Class Guid: Manufacturer: Service: Problem: : The drivers for this device are not installed. (Code 28) Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard. Name: ASUS Touchpad Description: ASUS Touchpad Class Guid: {4d36e96f-e325-11ce-bfc1-08002be10318} Manufacturer: ASUS Service: i8042prt Problem: : Windows cannot start this hardware device because its configuration information (in the registry) is incomplete or damaged. (Code 19) Resolution: A registry problem was detected. This can occur when more than one service is defined for a device, if there is a failure opening the service subkey, or if the driver name cannot be obtained from the service subkey. Try these options: On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard. Click "Uninstall", and then click "Scan for hardware changes" to load a usable driver. ==================== Event log errors: ========================= Application errors: ================== Error: (12/29/2014 09:20:58 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: JACKHERRER) Description: Aktywacja aplikacji Microsoft.SkypeApp_kzf8qxf38zg5c!App nie powiodła się. Błąd: -2144927141. Więcej informacji można znaleźć w dzienniku Microsoft-Windows-TWinUI/Działa. Error: (12/29/2014 09:20:53 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: JACKHERRER) Description: Aktywacja aplikacji microsoft.windowscommunicationsapps_8wekyb3d8bbwe!ppleae38af2e007f4358a809ac99a64a67c1 nie powiodła się. Błąd: -2144927141. Więcej informacji można znaleźć w dzienniku Microsoft-Windows-TWinUI/Działa. Error: (12/29/2014 09:20:53 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: JACKHERRER) Description: Aktywacja aplikacji microsoft.windowscommunicationsapps_8wekyb3d8bbwe!ppleae38af2e007f4358a809ac99a64a67c1 nie powiodła się. Błąd: -2144927141. Więcej informacji można znaleźć w dzienniku Microsoft-Windows-TWinUI/Działa. Error: (12/29/2014 09:20:47 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Nazwa aplikacji powodującej błąd: wwahost.exe, wersja: 6.3.9600.17031, sygnatura czasowa: 0x53085904 Nazwa modułu powodującego błąd: KERNELBASE.dll, wersja: 6.3.9600.17278, sygnatura czasowa: 0x53eeb460 Kod wyjątku: 0x00000004 Przesunięcie błędu: 0x00012f71 Identyfikator procesu powodującego błąd: 0x1220 Godzina uruchomienia aplikacji powodującej błąd: 0xwwahost.exe0 Ścieżka aplikacji powodującej błąd: wwahost.exe1 Ścieżka modułu powodującego błąd: wwahost.exe2 Identyfikator raportu: wwahost.exe3 Pełna nazwa pakietu powodującego błąd: wwahost.exe4 Identyfikator aplikacji względem pakietu powodującego błąd: wwahost.exe5 Error: (12/29/2014 09:05:53 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: JACKHERRER) Description: Aktywacja aplikacji Microsoft.SkypeApp_kzf8qxf38zg5c!App nie powiodła się. Błąd: -2144927141. Więcej informacji można znaleźć w dzienniku Microsoft-Windows-TWinUI/Działa. Error: (12/29/2014 09:05:47 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Nazwa aplikacji powodującej błąd: wwahost.exe, wersja: 6.3.9600.17031, sygnatura czasowa: 0x53085904 Nazwa modułu powodującego błąd: KERNELBASE.dll, wersja: 6.3.9600.17278, sygnatura czasowa: 0x53eeb460 Kod wyjątku: 0x00000004 Przesunięcie błędu: 0x00012f71 Identyfikator procesu powodującego błąd: 0xff0 Godzina uruchomienia aplikacji powodującej błąd: 0xwwahost.exe0 Ścieżka aplikacji powodującej błąd: wwahost.exe1 Ścieżka modułu powodującego błąd: wwahost.exe2 Identyfikator raportu: wwahost.exe3 Pełna nazwa pakietu powodującego błąd: wwahost.exe4 Identyfikator aplikacji względem pakietu powodującego błąd: wwahost.exe5 Error: (12/29/2014 08:50:54 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: JACKHERRER) Description: Aktywacja aplikacji Microsoft.SkypeApp_kzf8qxf38zg5c!App nie powiodła się. Błąd: -2144927141. Więcej informacji można znaleźć w dzienniku Microsoft-Windows-TWinUI/Działa. Error: (12/29/2014 08:50:54 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: JACKHERRER) Description: Aktywacja aplikacji microsoft.windowscommunicationsapps_8wekyb3d8bbwe!ppleae38af2e007f4358a809ac99a64a67c1 nie powiodła się. Błąd: -2144927141. Więcej informacji można znaleźć w dzienniku Microsoft-Windows-TWinUI/Działa. Error: (12/29/2014 08:50:54 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: JACKHERRER) Description: Aktywacja aplikacji microsoft.windowscommunicationsapps_8wekyb3d8bbwe!ppleae38af2e007f4358a809ac99a64a67c1 nie powiodła się. Błąd: -2144927141. Więcej informacji można znaleźć w dzienniku Microsoft-Windows-TWinUI/Działa. Error: (12/29/2014 08:50:47 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Nazwa aplikacji powodującej błąd: wwahost.exe, wersja: 6.3.9600.17031, sygnatura czasowa: 0x53085904 Nazwa modułu powodującego błąd: KERNELBASE.dll, wersja: 6.3.9600.17278, sygnatura czasowa: 0x53eeb460 Kod wyjątku: 0x00000004 Przesunięcie błędu: 0x00012f71 Identyfikator procesu powodującego błąd: 0x1458 Godzina uruchomienia aplikacji powodującej błąd: 0xwwahost.exe0 Ścieżka aplikacji powodującej błąd: wwahost.exe1 Ścieżka modułu powodującego błąd: wwahost.exe2 Identyfikator raportu: wwahost.exe3 Pełna nazwa pakietu powodującego błąd: wwahost.exe4 Identyfikator aplikacji względem pakietu powodującego błąd: wwahost.exe5 System errors: ============= Error: (12/29/2014 09:20:53 PM) (Source: DCOM) (EventID: 10010) (User: JACKHERRER) Description: App.AppX54xz6wnkhmw763c2y8tb018n7d71dtx7.wwa Error: (12/29/2014 09:20:48 PM) (Source: DCOM) (EventID: 10010) (User: JACKHERRER) Description: Microsoft.WindowsLive.Mail.AppXj3e9v0xw9sf8t58nqr15tqqb2yq4zsfg.mca Error: (12/29/2014 09:20:48 PM) (Source: DCOM) (EventID: 10010) (User: JACKHERRER) Description: Microsoft.WindowsLive.Mail.AppXj3e9v0xw9sf8t58nqr15tqqb2yq4zsfg.mca Error: (12/29/2014 09:05:48 PM) (Source: DCOM) (EventID: 10010) (User: JACKHERRER) Description: App.AppX54xz6wnkhmw763c2y8tb018n7d71dtx7.wwa Error: (12/29/2014 08:50:49 PM) (Source: DCOM) (EventID: 10010) (User: JACKHERRER) Description: App.AppX54xz6wnkhmw763c2y8tb018n7d71dtx7.wwa Error: (12/29/2014 08:50:48 PM) (Source: DCOM) (EventID: 10010) (User: JACKHERRER) Description: Microsoft.WindowsLive.Mail.AppXj3e9v0xw9sf8t58nqr15tqqb2yq4zsfg.mca Error: (12/29/2014 08:50:48 PM) (Source: DCOM) (EventID: 10010) (User: JACKHERRER) Description: Microsoft.WindowsLive.Mail.AppXj3e9v0xw9sf8t58nqr15tqqb2yq4zsfg.mca Error: (12/29/2014 08:37:08 PM) (Source: DCOM) (EventID: 10010) (User: JACKHERRER) Description: Microsoft.WindowsLive.Mail.AppXj3e9v0xw9sf8t58nqr15tqqb2yq4zsfg.mca Error: (12/29/2014 08:37:06 PM) (Source: DCOM) (EventID: 10010) (User: JACKHERRER) Description: Microsoft.WindowsLive.Mail.AppXj3e9v0xw9sf8t58nqr15tqqb2yq4zsfg.mca Error: (12/29/2014 08:37:05 PM) (Source: DCOM) (EventID: 10010) (User: JACKHERRER) Description: Microsoft.WindowsLive.Mail.AppXj3e9v0xw9sf8t58nqr15tqqb2yq4zsfg.mca Microsoft Office Sessions: ========================= Error: (12/29/2014 09:20:58 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: JACKHERRER) Description: Microsoft.SkypeApp_kzf8qxf38zg5c!App-2144927141 Error: (12/29/2014 09:20:53 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: JACKHERRER) Description: microsoft.windowscommunicationsapps_8wekyb3d8bbwe!ppleae38af2e007f4358a809ac99a64a67c1-2144927141 Error: (12/29/2014 09:20:53 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: JACKHERRER) Description: microsoft.windowscommunicationsapps_8wekyb3d8bbwe!ppleae38af2e007f4358a809ac99a64a67c1-2144927141 Error: (12/29/2014 09:20:47 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: wwahost.exe6.3.9600.1703153085904KERNELBASE.dll6.3.9600.1727853eeb4600000000400012f71122001d023a4ee5528aeC:\WINDOWS\syswow64\wwahost.exeC:\WINDOWS\SYSTEM32\KERNELBASE.dll2c20b37d-8f98-11e4-bec1-74d02be5b78eMicrosoft.SkypeApp_3.1.0.1007_x86__kzf8qxf38zg5cApp Error: (12/29/2014 09:05:53 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: JACKHERRER) Description: Microsoft.SkypeApp_kzf8qxf38zg5c!App-2144927141 Error: (12/29/2014 09:05:47 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: wwahost.exe6.3.9600.1703153085904KERNELBASE.dll6.3.9600.1727853eeb4600000000400012f71ff001d023a2d5e00414C:\WINDOWS\syswow64\wwahost.exeC:\WINDOWS\SYSTEM32\KERNELBASE.dll13a6c94e-8f96-11e4-bec1-74d02be5b78eMicrosoft.SkypeApp_3.1.0.1007_x86__kzf8qxf38zg5cApp Error: (12/29/2014 08:50:54 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: JACKHERRER) Description: Microsoft.SkypeApp_kzf8qxf38zg5c!App-2144927141 Error: (12/29/2014 08:50:54 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: JACKHERRER) Description: microsoft.windowscommunicationsapps_8wekyb3d8bbwe!ppleae38af2e007f4358a809ac99a64a67c1-2144927141 Error: (12/29/2014 08:50:54 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: JACKHERRER) Description: microsoft.windowscommunicationsapps_8wekyb3d8bbwe!ppleae38af2e007f4358a809ac99a64a67c1-2144927141 Error: (12/29/2014 08:50:47 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: wwahost.exe6.3.9600.1703153085904KERNELBASE.dll6.3.9600.1727853eeb4600000000400012f71145801d023a0bd7097deC:\WINDOWS\syswow64\wwahost.exeC:\WINDOWS\SYSTEM32\KERNELBASE.dllfb7919b2-8f93-11e4-bec1-74d02be5b78eMicrosoft.SkypeApp_3.1.0.1007_x86__kzf8qxf38zg5cApp CodeIntegrity Errors: =================================== Date: 2014-12-29 01:22:24.361 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2014-12-29 01:22:24.189 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2014-12-29 01:22:23.814 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2014-12-29 01:22:23.658 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2014-12-29 01:22:23.502 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2014-12-29 01:22:23.361 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2014-12-29 01:22:23.205 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2014-12-29 01:22:23.064 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2014-12-29 01:22:22.892 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2014-12-29 01:22:22.736 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements. ==================== Memory info =========================== Processor: Intel(R) Core(TM) i5-3230M CPU @ 2.60GHz Percentage of memory in use: 30% Total physical RAM: 8077.57 MB Available physical RAM: 5627.36 MB Total Pagefile: 16269.57 MB Available Pagefile: 13683.42 MB Total Virtual: 131072 MB Available Virtual: 131071.78 MB ==================== Drives ================================ Drive c: (OS) (Fixed) (Total:279.01 GB) (Free:198.22 GB) NTFS ==>[System with boot components (obtained from reading drive)] Drive d: (Data) (Fixed) (Total:397.87 GB) (Free:286.02 GB) NTFS ==================== MBR & Partition Table ================== ======================================================== Disk: 0 (Size: 698.6 GB) (Disk ID: 91A883DE) Partition: GPT Partition Type. ==================== End Of Log ============================