Additional scan result of Farbar Recovery Scan Tool (x86) Version: 07-01-2015 Ran by BHP at 2015-01-07 17:30:36 Running from C:\Users\BHP\Desktop Boot Mode: Normal ========================================================== ==================== Security Center ======================== (If an entry is included in the fixlist, it will be removed.) AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B} AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736} ==================== Installed Programs ====================== (Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.) µTorrent (HKU\S-1-5-21-3408851026-3105934659-272300781-1001\...\uTorrent) (Version: 3.4.2.36615 - BitTorrent Inc.) Adobe Flash Player 15 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 15.0.0.246 - Adobe Systems Incorporated) Adobe Flash Player 15 Plugin (HKLM\...\Adobe Flash Player Plugin) (Version: 15.0.0.246 - Adobe Systems Incorporated) Adobe Reader XI (11.0.10) - Polish (HKLM\...\{AC76BA86-7AD7-1045-7B44-AB0000000001}) (Version: 11.0.10 - Adobe Systems Incorporated) Alan Wake's American Nightmare (HKLM\...\Steam App 202750) (Version: - Remedy Entertainment) Avast Free Antivirus (HKLM\...\Avast) (Version: 10.0.2208 - AVAST Software) Build Tools - x86 (Version: 12.0.21005 - Microsoft Corporation) Hidden Build Tools Language Resources - x86 (Version: 12.0.21005 - Microsoft Corporation) Hidden D3DX10 (Version: 15.4.2368.0902 - Microsoft) Hidden Dizzel (HKLM\...\Steam App 315640) (Version: - NSStudio) Dropbox (HKU\S-1-5-21-3408851026-3105934659-272300781-1001\...\Dropbox) (Version: 3.0.4 - Dropbox, Inc.) Euro Truck Simulator 2 (HKLM\...\{1B705E8F-9893-4486-B5D7-4F7FEB9C871E}_is1) (Version: 1.5.2 - SCS Software) Facebook Video Calling 3.1.0.521 (HKLM\...\{2091F234-EB58-4B80-8C96-8EB78C808CF7}) (Version: 3.1.521 - Skype Limited) FileZilla Client 3.9.0.5 (HKLM\...\FileZilla Client) (Version: 3.9.0.5 - Tim Kosse) Free Audio Video Studio 8.2.3 (HKLM\...\Free Audio Video Studio_is1) (Version: - FreeAudioVideoSoft, Inc.) Free Sound Recorder v10.0.5 (HKLM\...\Free Sound Recorder_is1) (Version: - Copyright(C) 2005-2014 FreeSoundRecorder Technologies, Inc.) Galeria fotografii (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden GIMP 2.8.14 (HKLM\...\GIMP-2_is1) (Version: 2.8.14 - The GIMP Team) Google Chrome (HKLM\...\Google Chrome) (Version: 37.0.2062.103 - Google Inc.) HyperCam 2 (HKLM\...\HyperCam 2) (Version: 2.29.01 - Hyperionics Technology LLC) Internet Manager (HKLM\...\Internet Manager) (Version: 22.001.18.11.49 - Huawei Technologies Co.,Ltd) Java 7 Update 60 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F03217060FF}) (Version: 7.0.600 - Oracle) Java 8 Update 11 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83218011FF}) (Version: 8.0.110 - Oracle Corporation) Junk Mail filter update (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden LogMeIn Hamachi (HKLM\...\LogMeIn Hamachi) (Version: 2.2.0.291 - LogMeIn, Inc.) LogMeIn Hamachi (Version: 2.2.0.291 - LogMeIn, Inc.) Hidden Microsoft .NET Framework 4.5 Multi-Targeting Pack (HKLM\...\{56E962F0-4FB0-3C67-88DB-9EAA6EEFC493}) (Version: 4.5.50710 - Microsoft Corporation) Microsoft .NET Framework 4.5 SDK (HKLM\...\{4AE57014-05C4-4864-A13D-86517A7E1BA4}) (Version: 4.5.50710 - Microsoft Corporation) Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation) Microsoft .NET Framework 4.5.1 Multi-Targeting Pack (ENU) (HKLM\...\{D3517C62-68A5-37CF-92F7-93C029A89681}) (Version: 4.5.50932 - Microsoft Corporation) Microsoft .NET Framework 4.5.1 Multi-Targeting Pack (HKLM\...\{6A0C6700-EA93-372C-8871-DCCF13D160A4}) (Version: 4.5.50932 - Microsoft Corporation) Microsoft .NET Framework 4.5.1 SDK (HKLM\...\{19A5926D-66E1-46FC-854D-163AA10A52D3}) (Version: 4.5.51641 - Microsoft Corporation) Microsoft Help Viewer 2.1 (HKLM\...\Microsoft Help Viewer 2.1) (Version: 2.1.21005 - Microsoft Corporation) Microsoft Office Outlook Connector (HKLM\...\{95140000-007A-0415-0000-0000000FF1CE}) (Version: 14.0.5118.5000 - Microsoft Corporation) Microsoft Office Professional Plus 2010 (HKLM\...\Office14.PROPLUS) (Version: 14.0.7015.1000 - Microsoft Corporation) Microsoft OneDrive (HKU\S-1-5-21-3408851026-3105934659-272300781-1001\...\OneDriveSetup.exe) (Version: 17.0.4035.0328 - Microsoft Corporation) Microsoft Outlook Social Connector Provider for Windows Live Messenger 32-bit (HKLM\...\{95140000-007D-0409-0000-0000000FF1CE}) (Version: 14.0.5120.5000 - Microsoft Corporation) Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation) Microsoft SQL Server 2012 Command Line Utilities (HKLM\...\{5EF1EBC5-4A40-4D1C-B02E-0C54BC93FD06}) (Version: 11.1.3000.0 - Microsoft Corporation) Microsoft SQL Server 2012 Data-Tier App Framework (HKLM\...\{1B876496-B3A2-4D22-9B12-B608A3FD4B8B}) (Version: 11.1.2902.0 - Microsoft Corporation) Microsoft SQL Server 2012 Express LocalDB (HKLM\...\{FE939060-416C-4ECD-890E-13776E2707C4}) (Version: 11.1.3000.0 - Microsoft Corporation) Microsoft SQL Server 2012 Management Objects (HKLM\...\{2F7DBBE6-8EBC-495C-9041-46A772F4E311}) (Version: 11.1.3000.0 - Microsoft Corporation) Microsoft SQL Server 2012 Native Client (HKLM\...\{544ACD54-9FAA-4A60-A1E7-B2EC3AA75D24}) (Version: 11.1.3000.0 - Microsoft Corporation) Microsoft SQL Server 2012 Transact-SQL ScriptDom (HKLM\...\{E7654811-38F9-4225-9688-827FDA716582}) (Version: 11.1.3000.0 - Microsoft Corporation) Microsoft SQL Server 2012 T-SQL Language Service (HKLM\...\{04DD7AF4-A6D3-4E30-9BB9-3B3670719234}) (Version: 11.1.3000.0 - Microsoft Corporation) Microsoft SQL Server Compact 4.0 SP1 ENU (HKLM\...\{773AC1E4-5F27-4DF6-A932-7FDDE35C069D}) (Version: 4.0.8876.1 - Microsoft Corporation) Microsoft SQL Server Data Tools - enu (12.0.30919.1) (HKLM\...\{0D7FCBFB-F478-4D32-901C-83F0BF5A3501}) (Version: 12.0.30919.1 - Microsoft Corporation) Microsoft SQL Server Data Tools Build Utilities - enu (12.0.30919.1) (HKLM\...\{6781FF9B-E87D-4A03-9373-A55A288B83FA}) (Version: 12.0.30919.1 - Microsoft Corporation) Microsoft System CLR Types for SQL Server 2012 (HKLM\...\{070C38AC-05CE-43DF-9A20-141332F6AB2B}) (Version: 11.1.3366.16 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual Studio Express 2013 for Windows Desktop - ENU (HKLM\...\{bec3d87e-1d6d-4b15-8383-29068c86b888}) (Version: 12.0.21005.13 - Microsoft Corporation) Microsoft XNA Framework Redistributable 4.0 (HKLM\...\{2BFC7AA0-544C-4E3A-8796-67F3BE655BE9}) (Version: 4.0.20823.0 - Microsoft Corporation) Movie Maker (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden Mozilla Firefox 34.0.5 (x86 pl) (HKLM\...\Mozilla Firefox 34.0.5 (x86 pl)) (Version: 34.0.5 - Mozilla) Nidhogg v1.0 (HKLM\...\Nidhogg v1.01.0) (Version: 1.0 - Friends in War) Notepad++ (HKLM\...\Notepad++) (Version: 6.6.6 - Notepad++ Team) NVIDIA PhysX (HKLM\...\{3F5C371F-8EA2-4F25-9D3D-D0B4526E3AEA}) (Version: 9.10.0513 - NVIDIA Corporation) PC_Sustainer 1.80 (HKLM\...\{5F189DF5-2D05-472B-9091-84D9848AE48B}{32148148}) (Version: - Certified Publisher) <==== ATTENTION PicoZip Recovery Tool 1.02 (HKLM\...\PicoZip Recovery Tool 1.02) (Version: 1.02 - Softchitect) Poczta usługi Windows Live (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden Podstawowe programy Windows Live (HKLM\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation) Podstawowe programy Windows Live (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden Prerequisites for SSDT (HKLM\...\{35C1D9D6-87C0-46A3-B1B4-EDBCC063221C}) (Version: 11.1.3000.0 - Microsoft Corporation) RAR Password Recovery v1.1 RC17 (remove only) (HKLM\...\Intelore - RAR Password Recovery) (Version: - ) Robocraft (HKLM\...\Steam App 301520) (Version: - Freejam) screenSHU - the fastest screen capture ever. (HKLM\...\screenSHU) (Version: - ) Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version: - Microsoft) Skype Click to Call (HKLM\...\{6D1221A9-17BF-4EC0-81F2-27D30EC30701}) (Version: 7.3.16540.9015 - Microsoft Corporation) Skype™ 6.22 (HKLM\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 6.22.107 - Skype Technologies S.A.) SpyHunter 4 (HKLM\...\SpyHunter) (Version: 4.18.9.4384 - Enigma Software Group, LLC) Steam (HKLM\...\Steam) (Version: - Valve Corporation) Team Explorer for Microsoft Visual Studio 2013 (Version: 12.0.21005 - Microsoft Corporation) Hidden TeamSpeak 3 Client (HKU\S-1-5-21-3408851026-3105934659-272300781-1001\...\TeamSpeak 3 Client) (Version: 3.0.15 - TeamSpeak Systems GmbH) This War of Mine (HKLM\...\1207666873_is1) (Version: 2.0.0.2 - GOG.com) Two Worlds II (HKLM\...\Steam App 7520) (Version: - Reality Pump Studios) Unity (HKLM\...\Unity) (Version: 4.5.4f1 - Unity Technologies ApS) Unity Web Player (HKU\S-1-5-21-3408851026-3105934659-272300781-1001\...\UnityWebPlayer) (Version: 4.5.4f1 - Unity Technologies ApS) Unturned (HKLM\...\Steam App 304930) (Version: - Nelson Sexton) Update for (KB2504637) (HKLM\...\{CFEF48A8-BFB8-3EAC-8BA5-DE4F8AA267CE}.KB2504637) (Version: 1 - Microsoft Corporation) VideoPad Video Editor (HKLM\...\VideoPad) (Version: 3.74 - NCH Software) Virtual Audio Cable 4.10 (HKLM\...\Virtual Audio Cable 4.10) (Version: - ) WampServer 2.5 (HKLM\...\WampServer 2_is1) (Version: - Hervé Leclerc (HeL)) War Thunder Launcher 1.0.1.465 (HKLM\...\{ed8deea4-29fa-3932-9612-e2122d8a62d9}}_is1) (Version: - Gaijin Entertainment) Winamp (HKLM\...\Winamp) (Version: 5.666 - Nullsoft, Inc) WinRAR 5.10 (32-bit) (HKLM\...\WinRAR archiver) (Version: 5.10.0 - win.rar GmbH) Wireless Console 3 (HKLM\...\{20FDF948-C8ED-4543-A539-F7F4AEF5AFA2}) (Version: 3.0.19 - ASUS) ==================== Custom CLSID (selected items): ========================== (If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.) CustomCLSID: HKU\S-1-5-21-3408851026-3105934659-272300781-1001_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\BHP\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-3408851026-3105934659-272300781-1001_Classes\CLSID\{1FD1FE74-9E3C-4C1C-AEEB-AAB592AD770F}\localserver32 -> C:\Users\BHP\AppData\Local\Facebook\Update\FacebookUpdate.exe (Facebook Inc.) CustomCLSID: HKU\S-1-5-21-3408851026-3105934659-272300781-1001_Classes\CLSID\{444785F1-DE89-4295-863A-D46C3A781394}\InprocServer32 -> C:\Users\BHP\AppData\LocalLow\Unity\WebPlayer\loader\UnityWebPluginAX.ocx (Unity Technologies ApS) CustomCLSID: HKU\S-1-5-21-3408851026-3105934659-272300781-1001_Classes\CLSID\{5E71E4F3-E8C7-4906-9626-973E418762B6}\InprocServer32 -> C:\Users\BHP\AppData\Local\Facebook\Update\1.2.205.0\goopdate.dll (Facebook Inc.) CustomCLSID: HKU\S-1-5-21-3408851026-3105934659-272300781-1001_Classes\CLSID\{7B37E4E2-C62F-4914-9620-8FB5062718CC}\localserver32 -> C:\Users\BHP\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe (Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-3408851026-3105934659-272300781-1001_Classes\CLSID\{8B9F5BF4-0407-4BB2-9FED-4C0372DABD00}\localserver32 -> C:\Users\BHP\AppData\Local\Facebook\Video\Skype\FacebookVideoCallingProxy.exe (Skype Limited) CustomCLSID: HKU\S-1-5-21-3408851026-3105934659-272300781-1001_Classes\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}\InprocServer32 -> C:\Users\BHP\AppData\Local\Microsoft\SkyDrive\17.0.4035.0328\SkyDriveShell.dll (Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-3408851026-3105934659-272300781-1001_Classes\CLSID\{AB807329-7324-431B-8B36-DBD581F56E0B}\localserver32 -> C:\Users\BHP\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe (Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-3408851026-3105934659-272300781-1001_Classes\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}\InprocServer32 -> C:\Users\BHP\AppData\Local\Microsoft\SkyDrive\17.0.4035.0328\SkyDriveShell.dll (Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-3408851026-3105934659-272300781-1001_Classes\CLSID\{CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B}\InprocServer32 -> C:\Users\BHP\AppData\Local\Microsoft\SkyDrive\17.0.4035.0328\SkyDriveShell.dll (Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-3408851026-3105934659-272300781-1001_Classes\CLSID\{CBE9C57E-FFA9-4123-8354-AD360D6DD3CC}\InprocServer32 -> C:\Users\BHP\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited) CustomCLSID: HKU\S-1-5-21-3408851026-3105934659-272300781-1001_Classes\CLSID\{E68D0A55-3C40-4712-B90D-DCFA93FF2534}\InprocServer32 -> C:\Users\BHP\AppData\Roaming\GG\ggdrive\ggdrive-menu.dll No File CustomCLSID: HKU\S-1-5-21-3408851026-3105934659-272300781-1001_Classes\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}\InprocServer32 -> C:\Users\BHP\AppData\Local\Microsoft\SkyDrive\17.0.4035.0328\SkyDriveShell.dll (Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-3408851026-3105934659-272300781-1001_Classes\CLSID\{F28C2F70-47DE-4EA5-8F6D-7D1476CD1EF5}\localserver32 -> C:\Users\BHP\AppData\Local\Temp\s13c.exe (World Elephantine) CustomCLSID: HKU\S-1-5-21-3408851026-3105934659-272300781-1001_Classes\CLSID\{F8071786-1FD0-4A66-81A1-3CBE29274458}\InprocServer32 -> C:\Users\BHP\AppData\Local\Microsoft\SkyDrive\17.0.4035.0328\FileSyncApi.dll (Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-3408851026-3105934659-272300781-1001_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\BHP\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-3408851026-3105934659-272300781-1001_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\BHP\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-3408851026-3105934659-272300781-1001_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\BHP\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-3408851026-3105934659-272300781-1001_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\BHP\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-3408851026-3105934659-272300781-1001_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\BHP\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-3408851026-3105934659-272300781-1001_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\BHP\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-3408851026-3105934659-272300781-1001_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\BHP\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-3408851026-3105934659-272300781-1001_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\BHP\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll (Dropbox, Inc.) ==================== Restore Points ========================= 23-12-2014 09:37:53 Windows Update 23-12-2014 19:27:21 Zainstalowany program DirectX 26-12-2014 10:29:12 Windows Update 30-12-2014 10:38:48 Windows Update 06-01-2015 11:56:29 Removed Facebook Video Calling 3.1.0.521 06-01-2015 11:58:36 Removed League of Legends 06-01-2015 12:00:41 Windows Update 06-01-2015 21:33:12 Windows Defender Checkpoint 07-01-2015 14:14:51 Removed Entity Framework Tools for Visual Studio 2013 07-01-2015 16:22:16 avast! antivirus system restore point 07-01-2015 16:33:21 avast! antivirus system restore point ==================== Hosts content: ========================== (If needed Hosts: directive could be included in the fixlist to reset Hosts.) 2009-07-14 03:04 - 2014-06-19 19:25 - 00000851 ____N C:\Windows\system32\Drivers\etc\hosts 127.0.0.1 localhost ==================== Scheduled Tasks (whitelisted) ============= (If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.) Task: {0091B0BE-903D-4455-9D67-4B7A3C4D2219} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe Task: {0B55AE0F-9C67-4263-A028-AFCC48B76CB3} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-3408851026-3105934659-272300781-1001UA => C:\Users\BHP\AppData\Local\Facebook\Update\FacebookUpdate.exe [2014-10-23] (Facebook Inc.) Task: {136B982C-44C9-4672-BFDD-CE05A654C753} - System32\Tasks\{227C132E-77CB-487E-BF81-9BB23B5ACFCB} => pcalua.exe -a "C:\Program Files\Intelore\RAR Password Recovery\uninstall.exe" Task: {1C5B3CD9-00AD-428B-8D0B-B6296BE715ED} - System32\Tasks\798c9d1a-d35a-41a7-b128-4763313e6ae1-6 => C:\Program Files\TheTorntv V10\TheTorntv V10-novainstaller.exe <==== ATTENTION Task: {2D85A5E9-D3D8-4275-9A18-572B2C8E6A43} - System32\Tasks\{D21D127C-9BD1-47E7-9FC5-508056F38262} => Firefox.exe http://ui.skype.com/ui/0/6.21.0.104/pl/abandoninstall?page=tsProgressBar Task: {42A16370-7308-4B1D-ACDD-9B2F09E83DAE} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2014-12-19] (Adobe Systems Incorporated) Task: {4736C4B5-987B-4DE3-B86A-820D508A20C1} - System32\Tasks\pricemeterdownloader => C:\Users\BHP\AppData\Local\PriceMeter\pricemeterd.exe <==== ATTENTION Task: {5331B101-AED0-4C4D-B7E7-C511004BC995} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-3408851026-3105934659-272300781-1001Core => C:\Users\BHP\AppData\Local\Facebook\Update\FacebookUpdate.exe [2014-10-23] (Facebook Inc.) Task: {5D030EF7-71F1-4367-833D-ACF285878180} - System32\Tasks\DriverToolkit Autorun => C:\Program Files\DriverToolkit\DriverToolkit.exe Task: {5DEC0936-1A35-4C41-824F-3C7CDBABB711} - System32\Tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask => Sc.exe start osppsvc Task: {683FD69E-A773-4A54-AC2A-41F84366AECB} - System32\Tasks\globalUpdateUpdateTaskMachineCore => C:\Program Files\globalUpdate\Update\GoogleUpdate.exe [2015-01-06] (globalUpdate) <==== ATTENTION Task: {725EEF32-8EC5-455A-8E5F-87D69C8C5253} - System32\Tasks\798c9d1a-d35a-41a7-b128-4763313e6ae1-2 => C:\Program Files\TheTorntv V10\798c9d1a-d35a-41a7-b128-4763313e6ae1-2.exe <==== ATTENTION Task: {73CCAE97-5709-493B-9197-A535C65724A0} - System32\Tasks\globalUpdateUpdateTaskMachineUA => C:\Program Files\globalUpdate\Update\GoogleUpdate.exe [2015-01-06] (globalUpdate) <==== ATTENTION Task: {8ADBA85E-E164-40A8-8125-7A548949CF06} - System32\Tasks\4a263a02-ae51-4b9a-a531-2037e520e833-7 => C:\Program Files\Ge-Force\4a263a02-ae51-4b9a-a531-2037e520e833-7.exe [2015-01-06] (iWebar) <==== ATTENTION Task: {95622347-DF96-4425-A8D8-9B7AB9AD28F9} - System32\Tasks\{1E78F1B7-314D-4452-998F-CE6714AABF5A} => Firefox.exe http://ui.skype.com/ui/0/6.21.0.104/pl/abandoninstall?page=tsProgressBar Task: {B0601C9C-E2F9-4BD4-8D8E-D77908F66147} - System32\Tasks\798c9d1a-d35a-41a7-b128-4763313e6ae1-4 => C:\Program Files\TheTorntv V10\798c9d1a-d35a-41a7-b128-4763313e6ae1-4.exe <==== ATTENTION Task: {B35B4257-12F2-4441-B1C2-93CFB73EDF69} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2014-12-09] (Adobe Systems Incorporated) Task: {C4CFBFA9-E00A-4A52-BAB1-51E715C222F5} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe Task: {C8294AAA-5542-49EF-A5A2-9AA1B51823B0} - System32\Tasks\4a263a02-ae51-4b9a-a531-2037e520e833-6 => C:\Program Files\Ge-Force\4a263a02-ae51-4b9a-a531-2037e520e833-6.exe [2015-01-06] (iWebar) <==== ATTENTION Task: {C96F1AAB-0688-4F5A-A7B1-FBDE9C171FEE} - System32\Tasks\4a263a02-ae51-4b9a-a531-2037e520e833-1 => C:\Program Files\Ge-Force\Ge-Force-codedownloader.exe [2015-01-06] (iWebar) <==== ATTENTION Task: {CC11880E-4ED9-4336-9E96-5EFA6AF343DE} - System32\Tasks\YTDownloader => C:\Program Files\YTDownloader\YTDownloader.exe <==== ATTENTION Task: {CF9317F3-A54E-4955-9FCF-1B674431A4D1} - System32\Tasks\4a263a02-ae51-4b9a-a531-2037e520e833-5 => C:\Program Files\Ge-Force\4a263a02-ae51-4b9a-a531-2037e520e833-5.exe [2015-01-06] (iWebar) <==== ATTENTION Task: {D0841C29-1569-4231-9FFA-7613C224B421} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2015-01-07] (AVAST Software) Task: {DE682B09-9637-4614-8416-7AC04CE9783A} - System32\Tasks\4a263a02-ae51-4b9a-a531-2037e520e833-5_user => C:\Program Files\Ge-Force\4a263a02-ae51-4b9a-a531-2037e520e833-5.exe [2015-01-06] (iWebar) <==== ATTENTION Task: {E2FCC61F-4D9B-4963-9A65-A7F2B1E663A8} - System32\Tasks\SpyHunter4Startup => C:\Program Files\Enigma Software Group\SpyHunter\Spyhunter4.exe [2015-01-06] (Enigma Software Group USA, LLC.) Task: {FAD20220-055A-4EA1-A558-3170D827B77C} - System32\Tasks\798c9d1a-d35a-41a7-b128-4763313e6ae1-7 => C:\Program Files\TheTorntv V10\TheTorntv V10-nova.exe <==== ATTENTION Task: {FB835441-D6CE-4EDC-9F89-90E56E12A365} - System32\Tasks\798c9d1a-d35a-41a7-b128-4763313e6ae1-5 => C:\Program Files\TheTorntv V10\798c9d1a-d35a-41a7-b128-4763313e6ae1-5.exe <==== ATTENTION Task: {FB90C11D-3809-4B33-AF28-33BD13C95980} - System32\Tasks\798c9d1a-d35a-41a7-b128-4763313e6ae1-1 => C:\Program Files\TheTorntv V10\TheTorntv V10-codedownloader.exe <==== ATTENTION Task: {FBA1B2A2-0A80-4658-BE54-A7F2AC7EDB05} - System32\Tasks\798c9d1a-d35a-41a7-b128-4763313e6ae1-5_user => C:\Program Files\TheTorntv V10\798c9d1a-d35a-41a7-b128-4763313e6ae1-5.exe <==== ATTENTION (If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.) Task: C:\Windows\Tasks\4a263a02-ae51-4b9a-a531-2037e520e833-1.job => C:\Program Files\Ge-Force\Ge-Force-codedownloader.exe <==== ATTENTION Task: C:\Windows\Tasks\4a263a02-ae51-4b9a-a531-2037e520e833-5.job => C:\Program Files\Ge-Force\4a263a02-ae51-4b9a-a531-2037e520e833-5.exe <==== ATTENTION Task: C:\Windows\Tasks\4a263a02-ae51-4b9a-a531-2037e520e833-5_user.job => C:\Program Files\Ge-Force\4a263a02-ae51-4b9a-a531-2037e520e833-5.exe <==== ATTENTION Task: C:\Windows\Tasks\4a263a02-ae51-4b9a-a531-2037e520e833-6.job => C:\Program Files\Ge-Force\4a263a02-ae51-4b9a-a531-2037e520e833-6.exe <==== ATTENTION Task: C:\Windows\Tasks\4a263a02-ae51-4b9a-a531-2037e520e833-7.job => C:\Program Files\Ge-Force\4a263a02-ae51-4b9a-a531-2037e520e833-7.exe <==== ATTENTION Task: C:\Windows\Tasks\798c9d1a-d35a-41a7-b128-4763313e6ae1-1.job => C:\Program Files\TheTorntv V10\TheTorntv V10-codedownloader.exe <==== ATTENTION Task: C:\Windows\Tasks\798c9d1a-d35a-41a7-b128-4763313e6ae1-2.job => C:\Program Files\TheTorntv V10\798c9d1a-d35a-41a7-b128-4763313e6ae1-2.exe <==== ATTENTION Task: C:\Windows\Tasks\798c9d1a-d35a-41a7-b128-4763313e6ae1-4.job => C:\Program Files\TheTorntv V10\798c9d1a-d35a-41a7-b128-4763313e6ae1-4.exe <==== ATTENTION Task: C:\Windows\Tasks\798c9d1a-d35a-41a7-b128-4763313e6ae1-5.job => C:\Program Files\TheTorntv V10\798c9d1a-d35a-41a7-b128-4763313e6ae1-5.exe <==== ATTENTION Task: C:\Windows\Tasks\798c9d1a-d35a-41a7-b128-4763313e6ae1-5_user.job => C:\Program Files\TheTorntv V10\798c9d1a-d35a-41a7-b128-4763313e6ae1-5.exe <==== ATTENTION Task: C:\Windows\Tasks\798c9d1a-d35a-41a7-b128-4763313e6ae1-6.job => C:\Program Files\TheTorntv V10\TheTorntv V10-novainstaller.exe <==== ATTENTION Task: C:\Windows\Tasks\798c9d1a-d35a-41a7-b128-4763313e6ae1-7.job => C:\Program Files\TheTorntv V10\TheTorntv V10-nova.exe <==== ATTENTION Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe Task: C:\Windows\Tasks\DriverToolkit Autorun.job => C:\Program Files\DriverToolkit\DriverToolkit.exe Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3408851026-3105934659-272300781-1001Core.job => C:\Users\BHP\AppData\Local\Facebook\Update\FacebookUpdate.exe Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3408851026-3105934659-272300781-1001UA.job => C:\Users\BHP\AppData\Local\Facebook\Update\FacebookUpdate.exe Task: C:\Windows\Tasks\globalUpdateUpdateTaskMachineCore.job => C:\Program Files\globalUpdate\Update\GoogleUpdate.exe <==== ATTENTION Task: C:\Windows\Tasks\globalUpdateUpdateTaskMachineUA.job => C:\Program Files\globalUpdate\Update\GoogleUpdate.exe <==== ATTENTION Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe ==================== Loaded Modules (whitelisted) ============= 2011-03-14 16:27 - 2011-03-14 16:27 - 00271712 _____ () C:\ProgramData\DatacardService\HWDeviceService.exe 2014-06-15 13:06 - 2011-06-17 12:04 - 00224096 _____ () C:\ProgramData\Internet Manager\OnlineUpdate\ouc.exe 2014-06-15 13:06 - 2009-01-10 11:32 - 00011362 _____ () C:\ProgramData\Internet Manager\OnlineUpdate\mingwm10.dll 2014-06-15 13:06 - 2014-12-30 13:22 - 00043008 _____ () C:\ProgramData\Internet Manager\OnlineUpdate\libgcc_s_dw2-1.dll 2014-06-15 13:06 - 2010-05-05 09:47 - 02415104 _____ () C:\ProgramData\Internet Manager\OnlineUpdate\QtCore4.dll 2014-06-15 13:06 - 2010-02-10 15:10 - 01148416 _____ () C:\ProgramData\Internet Manager\OnlineUpdate\QtNetwork4.dll 2014-06-12 18:06 - 2014-06-12 18:05 - 00008192 _____ () C:\Windows\system32\srvany.exe 2014-06-12 18:06 - 2014-06-12 18:05 - 00151552 _____ () C:\Windows\KMService.exe 2013-09-04 23:14 - 2013-09-04 23:14 - 04300456 _____ () C:\Program Files\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF 2014-09-06 17:44 - 2014-09-06 17:44 - 00035328 _____ () C:\Program Files\FileZilla FTP Client\fzshellext.dll 2014-05-24 17:41 - 2014-05-24 17:41 - 00091648 _____ () C:\Program Files\FileZilla FTP Client\libgcc_s_sjlj-1.dll 2014-05-24 17:41 - 2014-05-24 17:41 - 00892416 _____ () C:\Program Files\FileZilla FTP Client\libstdc++-6.dll 2014-05-12 10:49 - 2014-05-12 10:49 - 00260608 _____ () C:\Program Files\Notepad++\NppShell_06.dll 2012-01-10 20:12 - 2012-01-10 20:12 - 00094208 _____ () C:\Windows\System32\IccLibDll.dll 2010-09-23 15:53 - 2010-09-23 15:53 - 01601536 _____ () C:\Program Files\ASUS\Wireless Console 3\wcourier.exe 2013-09-04 18:21 - 2013-09-04 18:21 - 02112000 _____ () C:\Program Files\screenSHU\screenSHU.exe 2011-06-08 08:32 - 2011-06-08 08:32 - 00011362 _____ () C:\Program Files\screenSHU\mingwm10.dll 2011-06-08 08:32 - 2011-06-08 08:32 - 00043008 _____ () C:\Program Files\screenSHU\libgcc_s_dw2-1.dll 2014-06-15 13:04 - 2012-11-06 06:42 - 00085088 _____ () C:\Program Files\T-Mobile\InternetManager_H\Internet Manager.exe 2014-06-15 13:04 - 2012-09-24 12:50 - 00432008 _____ () C:\Program Files\T-Mobile\InternetManager_H\core.dll 2014-06-15 13:04 - 2012-09-24 12:51 - 00281992 _____ () C:\Program Files\T-Mobile\InternetManager_H\sdk.dll 2014-06-15 13:04 - 2009-01-10 11:32 - 00011362 _____ () C:\Program Files\T-Mobile\InternetManager_H\mingwm10.dll 2014-06-15 13:04 - 2009-06-22 19:42 - 00043008 _____ () C:\Program Files\T-Mobile\InternetManager_H\libgcc_s_dw2-1.dll 2014-06-15 13:04 - 2010-05-05 09:47 - 02415104 _____ () C:\Program Files\T-Mobile\InternetManager_H\QtCore4.dll 2014-06-15 13:04 - 2010-02-10 15:43 - 09515520 _____ () C:\Program Files\T-Mobile\InternetManager_H\QtGui4.dll 2014-06-15 13:04 - 2012-09-24 12:51 - 00396168 _____ () C:\Program Files\T-Mobile\InternetManager_H\Proxy.DLL 2014-06-15 13:04 - 2012-09-24 12:50 - 00228232 _____ () C:\Program Files\T-Mobile\InternetManager_H\Common.dll 2014-06-15 13:04 - 2012-09-24 12:51 - 00141704 _____ () C:\Program Files\T-Mobile\InternetManager_H\Trace.dll 2014-06-15 13:04 - 2012-09-24 12:51 - 00551304 _____ () C:\Program Files\T-Mobile\InternetManager_H\PluginContainer.dll 2014-06-15 13:04 - 2012-09-24 12:50 - 00245128 _____ () C:\Program Files\T-Mobile\InternetManager_H\AtCodec.dll 2014-06-15 13:04 - 2012-09-24 12:50 - 00306568 _____ () C:\Program Files\T-Mobile\InternetManager_H\DeviceSrvPlugin.dll 2014-06-15 13:04 - 2012-09-24 12:51 - 00242568 _____ () C:\Program Files\T-Mobile\InternetManager_H\NetSrvPlugin.dll 2014-06-15 13:04 - 2012-09-24 12:51 - 00139656 _____ () C:\Program Files\T-Mobile\InternetManager_H\OSDialup.dll 2014-06-15 13:04 - 2012-09-24 12:51 - 00174984 _____ () C:\Program Files\T-Mobile\InternetManager_H\XCodec.dll 2014-06-15 13:04 - 2012-09-24 12:50 - 00163208 _____ () C:\Program Files\T-Mobile\InternetManager_H\DataServicePlugin.dll 2014-06-15 13:04 - 2012-09-24 12:50 - 00268680 _____ () C:\Program Files\T-Mobile\InternetManager_H\AddrBookSrvPlugin.dll 2014-06-15 13:04 - 2012-09-24 12:51 - 00225160 _____ () C:\Program Files\T-Mobile\InternetManager_H\SmsSrvPlugin.dll 2014-06-15 13:04 - 2012-11-06 05:14 - 00142336 _____ () C:\Program Files\T-Mobile\InternetManager_H\USSDSrvPlugin.dll 2014-06-15 13:04 - 2012-09-24 12:50 - 00343432 _____ () C:\Program Files\T-Mobile\InternetManager_H\DeviceAppPlugin.dll 2014-06-15 13:04 - 2012-09-24 12:51 - 00071560 _____ () C:\Program Files\T-Mobile\InternetManager_H\OSPowerMgr.dll 2014-06-15 13:04 - 2012-05-18 01:40 - 00120192 _____ () C:\Program Files\T-Mobile\InternetManager_H\Win7Support.dll 2014-06-15 13:04 - 2012-09-24 12:50 - 00129928 _____ () C:\Program Files\T-Mobile\InternetManager_H\ATR2SMgr.dll 2014-06-15 13:04 - 2012-09-24 12:50 - 01093000 _____ () C:\Program Files\T-Mobile\InternetManager_H\AddrBookPlugin.dll 2014-06-15 13:04 - 2012-09-24 12:51 - 00692104 _____ () C:\Program Files\T-Mobile\InternetManager_H\SmsAppPlugin.dll 2014-06-15 13:04 - 2012-09-24 12:50 - 00164744 _____ () C:\Program Files\T-Mobile\InternetManager_H\NetConnectSrvPlugin.dll 2014-06-15 13:04 - 2012-09-24 12:50 - 00217992 _____ () C:\Program Files\T-Mobile\InternetManager_H\DialUpPlugin.dll 2014-06-15 13:04 - 2012-09-24 12:51 - 00107912 _____ () C:\Program Files\T-Mobile\InternetManager_H\OSAdapt.dll 2014-06-15 13:04 - 2012-09-24 12:50 - 00185224 _____ () C:\Program Files\T-Mobile\InternetManager_H\NDISPlugin.dll 2014-06-15 13:04 - 2012-09-24 12:51 - 00137608 _____ () C:\Program Files\T-Mobile\InternetManager_H\OSNDIS.dll 2014-06-15 13:04 - 2012-05-18 01:39 - 01107328 _____ () C:\Program Files\T-Mobile\InternetManager_H\NDISAPI.dll 2014-06-15 13:04 - 2012-09-24 12:50 - 00301960 _____ () C:\Program Files\T-Mobile\InternetManager_H\NetInfoSrvPlugin.dll 2014-06-15 13:04 - 2012-09-24 12:50 - 00565640 _____ () C:\Program Files\T-Mobile\InternetManager_H\DeviceMgrUIPlugin.dll 2014-06-15 13:04 - 2012-09-24 12:51 - 00309128 _____ () C:\Program Files\T-Mobile\InternetManager_H\XFramePlugin.dll 2014-06-15 13:04 - 2012-09-25 02:05 - 00820104 _____ () C:\Program Files\T-Mobile\InternetManager_H\MiniFramePlugin.dll 2014-06-15 13:04 - 2010-02-10 15:06 - 00398336 _____ () C:\Program Files\T-Mobile\InternetManager_H\QtXml4.dll 2014-06-15 13:04 - 2012-09-24 12:51 - 00103304 _____ () C:\Program Files\T-Mobile\InternetManager_H\NotifyServicePlugin.dll 2014-06-15 13:04 - 2012-09-24 12:50 - 00336264 _____ () C:\Program Files\T-Mobile\InternetManager_H\NetConnectPlugin.dll 2014-06-15 13:04 - 2012-09-24 12:50 - 00424840 _____ () C:\Program Files\T-Mobile\InternetManager_H\DialupUIPlugin.dll 2014-06-15 13:04 - 2012-09-24 12:51 - 00325000 _____ () C:\Program Files\T-Mobile\InternetManager_H\StatusBarMgrPlugin.dll 2014-06-15 13:04 - 2012-09-24 12:50 - 00277384 _____ () C:\Program Files\T-Mobile\InternetManager_H\MenuMgrPlugin.dll 2014-06-15 13:04 - 2012-09-24 12:50 - 00123272 _____ () C:\Program Files\T-Mobile\InternetManager_H\LayoutPlugin.dll 2014-06-15 13:04 - 2012-11-06 05:24 - 00303104 _____ () C:\Program Files\T-Mobile\InternetManager_H\SettingUIPlugin.dll 2014-06-15 13:04 - 2012-09-24 12:51 - 00506760 _____ () C:\Program Files\T-Mobile\InternetManager_H\NetSettingPlugin.dll 2014-06-15 13:04 - 2012-09-24 12:50 - 00314760 _____ () C:\Program Files\T-Mobile\InternetManager_H\NetInfoRecordUIPlugin.dll 2014-06-15 13:04 - 2012-09-24 12:50 - 00106376 _____ () C:\Program Files\T-Mobile\InternetManager_H\CompressRatePlugin.dll 2014-06-15 13:04 - 2012-11-06 05:31 - 00148992 _____ () C:\Program Files\T-Mobile\InternetManager_H\VPNPlugin.dll 2014-06-15 13:04 - 2012-09-24 12:50 - 00523656 _____ () C:\Program Files\T-Mobile\InternetManager_H\NetInfoUIExPlugin.dll 2014-06-15 13:04 - 2012-09-24 12:51 - 00845704 _____ () C:\Program Files\T-Mobile\InternetManager_H\SMSUIPlugin.dll 2014-06-15 13:04 - 2012-11-06 05:30 - 00110080 _____ () C:\Program Files\T-Mobile\InternetManager_H\ServiceUIPlugin.dll 2014-06-15 13:04 - 2012-09-24 12:50 - 00418184 _____ () C:\Program Files\T-Mobile\InternetManager_H\DiagnosisPlugin.dll 2014-06-15 13:04 - 2010-02-10 15:10 - 01148416 _____ () C:\Program Files\T-Mobile\InternetManager_H\QtNetwork4.dll 2014-06-15 13:04 - 2012-11-06 05:30 - 00139776 _____ () C:\Program Files\T-Mobile\InternetManager_H\HelpUIPlugin.dll 2014-06-15 13:04 - 2012-11-06 05:29 - 00423424 _____ () C:\Program Files\T-Mobile\InternetManager_H\USSDUIPlugin.dll 2014-06-15 13:04 - 2012-09-24 12:50 - 00811912 _____ () C:\Program Files\T-Mobile\InternetManager_H\AddrBookUIPlugin.dll 2014-06-15 13:04 - 2010-06-04 10:31 - 00082944 _____ () C:\Program Files\T-Mobile\InternetManager_H\plugins\imageformats\qgif4.dll 2014-06-15 13:04 - 2010-06-04 10:31 - 00081920 _____ () C:\Program Files\T-Mobile\InternetManager_H\plugins\imageformats\qico4.dll 2014-06-15 13:04 - 2012-05-18 01:38 - 00250752 _____ () C:\Program Files\T-Mobile\InternetManager_H\LiveUpdateInterface.dll 2014-08-30 07:34 - 2014-11-11 19:48 - 01171456 _____ () C:\Program Files\Steam\libavcodec-56.dll 2014-08-30 07:34 - 2014-11-11 19:48 - 00442368 _____ () C:\Program Files\Steam\libavutil-54.dll 2014-08-30 07:34 - 2014-11-11 19:48 - 00332800 _____ () C:\Program Files\Steam\libavresample-2.dll 2014-07-17 17:43 - 2014-11-11 19:47 - 00774656 _____ () C:\Program Files\Steam\SDL2.dll 2014-07-17 17:43 - 2014-11-18 21:23 - 02227904 _____ () C:\Program Files\Steam\video.dll 2014-08-30 07:34 - 2014-11-11 19:48 - 00403968 _____ () C:\Program Files\Steam\libavformat-56.dll 2014-08-30 07:34 - 2014-11-11 19:48 - 00485888 _____ () C:\Program Files\Steam\libswscale-3.dll 2014-07-17 17:43 - 2014-11-18 21:23 - 00690880 _____ () C:\Program Files\Steam\bin\chromehtml.DLL 2014-07-17 17:43 - 2014-11-11 19:48 - 34589888 _____ () C:\Program Files\Steam\bin\libcef.dll 2014-08-01 15:39 - 2014-11-11 19:48 - 00837824 _____ () C:\Program Files\Steam\bin\ffmpegsumo.dll 2015-01-06 21:36 - 2015-01-07 16:32 - 00528624 _____ () C:\Program Files\Cyti Web\bin\utilCytiWeb.exe 2015-01-07 14:24 - 2015-01-07 04:49 - 00098544 _____ () C:\Program Files\Cyti Web\bin\CytiWeb.BrowserAdapter.exe 2015-01-06 21:38 - 2015-01-06 19:50 - 00296176 _____ () C:\Program Files\Cyti Web\bin\CytiWeb.PurBrowse.exe 2014-06-12 17:48 - 2014-12-10 20:44 - 03758192 _____ () C:\Program Files\Mozilla Firefox\mozjs.dll 2015-01-06 18:30 - 2015-01-07 16:37 - 00528624 _____ () C:\Program Files\Cyti Web\updateCytiWeb.exe 2014-12-09 19:08 - 2014-12-09 19:08 - 16841392 _____ () C:\Windows\system32\Macromed\Flash\NPSWF32_15_0_0_246.dll 2015-01-07 16:40 - 2015-01-07 16:40 - 02909696 _____ () C:\Program Files\AVAST Software\Avast\defs\15010700\algo.dll 2015-01-07 16:39 - 2015-01-07 16:39 - 02151544 _____ () C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxVMM.dll 2015-01-07 16:39 - 2015-01-07 16:39 - 00021488 _____ () C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxREM.dll 2015-01-07 16:39 - 2015-01-07 16:39 - 04474224 _____ () C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxRT.dll 2015-01-07 16:39 - 2015-01-07 16:39 - 38562088 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll 2015-01-07 16:39 - 2015-01-07 16:39 - 00317632 _____ () C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxDDU.dll 2015-01-07 16:52 - 2014-12-16 23:22 - 00750080 _____ () C:\Users\BHP\AppData\Roaming\Dropbox\bin\libGLESv2.dll 2015-01-07 16:54 - 2015-01-07 16:54 - 00043008 _____ () c:\users\bhp\appdata\local\temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpu3m3hl.dll 2015-01-07 16:52 - 2014-12-16 23:22 - 00047616 _____ () C:\Users\BHP\AppData\Roaming\Dropbox\bin\libEGL.dll 2015-01-07 16:52 - 2014-12-16 23:22 - 00863744 _____ () C:\Users\BHP\AppData\Roaming\Dropbox\bin\plugins\platforms\qwindows.dll 2015-01-07 16:52 - 2014-12-16 23:22 - 00200704 _____ () C:\Users\BHP\AppData\Roaming\Dropbox\bin\plugins\imageformats\qjpeg.dll ==================== Alternate Data Streams (whitelisted) ========= (If an entry is included in the fixlist, only the Alternate Data Streams will be removed.) ==================== Safe Mode (whitelisted) =================== (If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.) HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Hamachi2Svc => ""="Service" ==================== EXE Association (whitelisted) ============= (If an entry is included in the fixlist, the default will be restored. None default entries will be removed.) ==================== MSCONFIG/TASK MANAGER disabled items ========= (Currently there is no automatic fix for this section.) ========================= Accounts: ========================== Administrator (S-1-5-21-3408851026-3105934659-272300781-500 - Administrator - Disabled) BHP (S-1-5-21-3408851026-3105934659-272300781-1001 - Administrator - Enabled) => C:\Users\BHP Gość (S-1-5-21-3408851026-3105934659-272300781-501 - Limited - Disabled) HomeGroupUser$ (S-1-5-21-3408851026-3105934659-272300781-1002 - Limited - Enabled) ==================== Faulty Device Manager Devices ============= Name: Kontroler Ethernet Description: Kontroler Ethernet Class Guid: Manufacturer: Service: Problem: : The drivers for this device are not installed. (Code 28) Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard. Name: Podstawowe urządzenie systemowe Description: Podstawowe urządzenie systemowe Class Guid: Manufacturer: Service: Problem: : The drivers for this device are not installed. (Code 28) Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard. Name: Zewnętrzne urządzenie Bluetooth Description: Zewnętrzne urządzenie Bluetooth Class Guid: Manufacturer: Service: Problem: : The drivers for this device are not installed. (Code 28) Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard. Name: Podstawowe urządzenie systemowe Description: Podstawowe urządzenie systemowe Class Guid: Manufacturer: Service: Problem: : The drivers for this device are not installed. (Code 28) Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard. Name: Podstawowe urządzenie systemowe Description: Podstawowe urządzenie systemowe Class Guid: Manufacturer: Service: Problem: : The drivers for this device are not installed. (Code 28) Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard. Name: Karta wirtualnego miniportu WiFi firmy Microsoft Description: Karta wirtualnego miniportu WiFi firmy Microsoft Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318} Manufacturer: Microsoft Service: vwifimp Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31) Resolution: Update the driver Name: Teredo Tunneling Pseudo-Interface Description: Karta tunelowania Teredo firmy Microsoft Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318} Manufacturer: Microsoft Service: tunnel Problem: : This device cannot start. (Code10) Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device. On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard. ==================== Event log errors: ========================= Application errors: ================== Error: (01/07/2015 05:03:29 PM) (Source: Application Hang) (EventID: 1002) (User: ) Description: Program FRST.exe w wersji 7.1.2015.0 zatrzymał interakcję z systemem Windows i został zamknięty. Aby zobaczyć, czy jest dostępnych więcej informacji dotyczących tego problemu, sprawdź historię problemu w panelu sterowania Centrum akcji. Identyfikator procesu: 1110 Godzina rozpoczęcia: 01d02a92234e53a1 Godzina zakończenia: 5 Ścieżka aplikacji: C:\Users\BHP\Desktop\FRST.exe Identyfikator raportu: Error: (01/07/2015 04:33:19 PM) (Source: VSS) (EventID: 8194) (User: ) Description: Błąd Usługi kopiowania woluminów w tle: nieoczekiwany błąd podczas badania interfejsu IVssWriterCallback. hr = 0x80070005, Odmowa dostępu. . To jest często spowodowane przez niepoprawne ustawienia zabezpieczeń w procesie zapisującym lub żądającym. Operacja: Zbieranie danych modułu zapisującego Kontekst: Identyfikator klasy modułu zapisującego: {e8132975-6f93-4464-a53e-1050253ae220} Nazwa modułu zapisującego: System Writer Identyfikator wystąpienia modułu zapisującego: {3b0e0fa3-8256-4bdf-aa2d-a2fdf2ebbdf4} Error: (01/07/2015 04:30:11 PM) (Source: Application Hang) (EventID: 1002) (User: ) Description: Program Spyhunter4.exe w wersji 4.18.9.4384 zatrzymał interakcję z systemem Windows i został zamknięty. Aby zobaczyć, czy jest dostępnych więcej informacji dotyczących tego problemu, sprawdź historię problemu w panelu sterowania Centrum akcji. Identyfikator procesu: 46c Godzina rozpoczęcia: 01d02a8e91b183ce Godzina zakończenia: 0 Ścieżka aplikacji: C:\Program Files\Enigma Software Group\SpyHunter\Spyhunter4.exe Identyfikator raportu: 0d52ae45-9682-11e4-b431-74f06dbd7a85 Error: (01/07/2015 04:28:19 PM) (Source: Winlogon) (EventID: 4103) (User: ) Description: Aktywacja licencji systemu Windows nie powiodła się. Błąd 0x80070005. Error: (01/07/2015 04:22:21 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: ) Description: Przetwarzanie wywołania OnIdentity() w obiekcie System Writer przez Usługi kryptograficzne nie powiodło się. Details: AddWin32ServiceFiles: Unable to back up image of service IePlugin Services since QueryServiceConfig API failed System Error: Nie można odnaleźć określonego pliku. . Error: (01/07/2015 04:16:24 PM) (Source: Application Hang) (EventID: 1002) (User: ) Description: Program firefox.exe w wersji 34.0.5.5443 zatrzymał interakcję z systemem Windows i został zamknięty. Aby zobaczyć, czy jest dostępnych więcej informacji dotyczących tego problemu, sprawdź historię problemu w panelu sterowania Centrum akcji. Identyfikator procesu: 1c68 Godzina rozpoczęcia: 01d02a7e6546e91e Godzina zakończenia: 196 Ścieżka aplikacji: C:\Program Files\Mozilla Firefox\firefox.exe Identyfikator raportu: 2196417f-9680-11e4-9ccf-74f06dbd7a85 Error: (01/07/2015 04:16:24 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Nazwa aplikacji powodującej błąd: plugin-container.exe, wersja: 34.0.5.5443, sygnatura czasowa: 0x5475dd5d Nazwa modułu powodującego błąd: mozalloc.dll, wersja: 34.0.5.5443, sygnatura czasowa: 0x5475d664 Kod wyjątku: 0x80000003 Przesunięcie błędu: 0x00001425 Identyfikator procesu powodującego błąd: 0x1a58 Godzina uruchomienia aplikacji powodującej błąd: 0xplugin-container.exe0 Ścieżka aplikacji powodującej błąd: plugin-container.exe1 Ścieżka modułu powodującego błąd: plugin-container.exe2 Identyfikator raportu: plugin-container.exe3 Error: (01/07/2015 03:48:45 PM) (Source: Application Hang) (EventID: 1002) (User: ) Description: Program FRST.exe w wersji 7.1.2015.0 zatrzymał interakcję z systemem Windows i został zamknięty. Aby zobaczyć, czy jest dostępnych więcej informacji dotyczących tego problemu, sprawdź historię problemu w panelu sterowania Centrum akcji. Identyfikator procesu: 27c4 Godzina rozpoczęcia: 01d02a824cf2c1fc Godzina zakończenia: 9 Ścieżka aplikacji: C:\Users\BHP\Desktop\FRST.exe Identyfikator raportu: Error: (01/07/2015 02:46:07 PM) (Source: Customer Experience Improvement Program) (EventID: 1008) (User: ) Description: 80004005 Error: (01/07/2015 02:32:31 PM) (Source: Application Hang) (EventID: 1002) (User: ) Description: Program updateCytiWeb.exe w wersji 1.0.5485.2491 zatrzymał interakcję z systemem Windows i został zamknięty. Aby zobaczyć, czy jest dostępnych więcej informacji dotyczących tego problemu, sprawdź historię problemu w panelu sterowania Centrum akcji. Identyfikator procesu: 1074 Godzina rozpoczęcia: 01d02a7e4f579af8 Godzina zakończenia: 0 Ścieżka aplikacji: C:\Program Files\Cyti Web\updateCytiWeb.exe Identyfikator raportu: System errors: ============= Error: (01/07/2015 04:31:13 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Nie można uruchomić usługi Usługa Google Update (gupdate) z powodu następującego błędu: %%2 Error: (01/07/2015 04:28:15 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Nie można uruchomić usługi Internet Manager. OUC z powodu następującego błędu: %%1053 Error: (01/07/2015 04:28:15 PM) (Source: Service Control Manager) (EventID: 7009) (User: ) Description: Upłynął limit czasu (30000 ms) podczas oczekiwania na połączenie się z usługą Internet Manager. OUC. Error: (01/07/2015 04:14:38 PM) (Source: Service Control Manager) (EventID: 7023) (User: ) Description: Usługa Usługa powiadomień SPP zakończyła działanie; wystąpił następujący błąd: %%5 Error: (01/07/2015 03:14:48 PM) (Source: Service Control Manager) (EventID: 7023) (User: ) Description: Usługa Usługa powiadomień SPP zakończyła działanie; wystąpił następujący błąd: %%5 Error: (01/07/2015 02:18:45 PM) (Source: DCOM) (EventID: 10010) (User: ) Description: {FE9617F6-E606-42AA-BECC-0E9CDA246D63} Error: (01/07/2015 02:18:26 PM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: Usługa IePlugin Services niespodziewanie zakończyła pracę. Wystąpiło to razy: 1. Error: (01/07/2015 02:14:41 PM) (Source: Service Control Manager) (EventID: 7023) (User: ) Description: Usługa Usługa powiadomień SPP zakończyła działanie; wystąpił następujący błąd: %%5 Error: (01/07/2015 02:13:01 PM) (Source: DCOM) (EventID: 10001) (User: ) Description: C:\Windows\System32\slui.exe -Embedding5{F87B28F1-DA9A-4F35-8EC0-800EFCF26B83} Error: (01/06/2015 11:00:18 PM) (Source: Service Control Manager) (EventID: 7023) (User: ) Description: Usługa Usługa powiadomień SPP zakończyła działanie; wystąpił następujący błąd: %%5 Microsoft Office Sessions: ========================= Error: (01/07/2015 05:03:29 PM) (Source: Application Hang) (EventID: 1002) (User: ) Description: FRST.exe7.1.2015.0111001d02a92234e53a15C:\Users\BHP\Desktop\FRST.exe Error: (01/07/2015 04:33:19 PM) (Source: VSS) (EventID: 8194) (User: ) Description: 0x80070005, Odmowa dostępu. Operacja: Zbieranie danych modułu zapisującego Kontekst: Identyfikator klasy modułu zapisującego: {e8132975-6f93-4464-a53e-1050253ae220} Nazwa modułu zapisującego: System Writer Identyfikator wystąpienia modułu zapisującego: {3b0e0fa3-8256-4bdf-aa2d-a2fdf2ebbdf4} Error: (01/07/2015 04:30:11 PM) (Source: Application Hang) (EventID: 1002) (User: ) Description: Spyhunter4.exe4.18.9.438446c01d02a8e91b183ce0C:\Program Files\Enigma Software Group\SpyHunter\Spyhunter4.exe0d52ae45-9682-11e4-b431-74f06dbd7a85 Error: (01/07/2015 04:28:19 PM) (Source: Winlogon) (EventID: 4103) (User: ) Description: 0x800700050x00000000 Error: (01/07/2015 04:22:21 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: ) Description: Details: AddWin32ServiceFiles: Unable to back up image of service IePlugin Services since QueryServiceConfig API failed System Error: Nie można odnaleźć określonego pliku. Error: (01/07/2015 04:16:24 PM) (Source: Application Hang) (EventID: 1002) (User: ) Description: firefox.exe34.0.5.54431c6801d02a7e6546e91e196C:\Program Files\Mozilla Firefox\firefox.exe2196417f-9680-11e4-9ccf-74f06dbd7a85 Error: (01/07/2015 04:16:24 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: plugin-container.exe34.0.5.54435475dd5dmozalloc.dll34.0.5.54435475d66480000003000014251a5801d02a7e6ebbe7a6C:\Program Files\Mozilla Firefox\plugin-container.exeC:\Program Files\Mozilla Firefox\mozalloc.dll240686cc-9680-11e4-9ccf-74f06dbd7a85 Error: (01/07/2015 03:48:45 PM) (Source: Application Hang) (EventID: 1002) (User: ) Description: FRST.exe7.1.2015.027c401d02a824cf2c1fc9C:\Users\BHP\Desktop\FRST.exe Error: (01/07/2015 02:46:07 PM) (Source: Customer Experience Improvement Program) (EventID: 1008) (User: ) Description: 80004005 Error: (01/07/2015 02:32:31 PM) (Source: Application Hang) (EventID: 1002) (User: ) Description: updateCytiWeb.exe1.0.5485.2491107401d02a7e4f579af80C:\Program Files\Cyti Web\updateCytiWeb.exe ==================== Memory info =========================== Processor: Intel(R) Core(TM) i3 CPU M 350 @ 2.27GHz Percentage of memory in use: 45% Total physical RAM: 2924.37 MB Available physical RAM: 1589.68 MB Total Pagefile: 5847.03 MB Available Pagefile: 4029.41 MB Total Virtual: 2047.88 MB Available Virtual: 1907.64 MB ==================== Drives ================================ Drive c: () (Fixed) (Total:232.88 GB) (Free:137.78 GB) NTFS ==>[Drive with boot components (obtained from BCD)] ==================== MBR & Partition Table ================== ======================================================== Disk: 0 (MBR Code: Windows 7 or 8) (Size: 232.9 GB) (Disk ID: B3ED39CE) Partition 1: (Active) - (Size=232.9 GB) - (Type=07 NTFS) ==================== End Of Log ============================