Additional scan result of Farbar Recovery Scan Tool (x64) Version: 07-01-2015 Ran by castletone77 at 2015-01-09 13:59:12 Running from M:\frst64 Boot Mode: Normal ========================================================== ==================== Security Center ======================== (If an entry is included in the fixlist, it will be removed.) AV: AVG Internet Security 2015 (Enabled - Up to date) {0E9420C4-06B3-7FA0-3AB1-6E49CB52ECD9} AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: AVG Internet Security 2015 (Enabled - Up to date) {B5F5C120-2089-702E-0001-553BB0D5A664} FW: AVG update module (Disabled) {36AFA1E1-4CDC-7EF8-11EE-C77C3581ABA2} ==================== Installed Programs ====================== (Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.) Adobe Flash Player 16 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 16.0.0.235 - Adobe Systems Incorporated) Aloha TriPeaks (x32 Version: 2.2.0.98 - WildTangent) Hidden AVG 2015 (HKLM\...\AVG) (Version: 2015.0.5645 - AVG Technologies) AVG 2015 (Version: 15.0.4257 - AVG Technologies) Hidden AVG 2015 (Version: 15.0.5645 - AVG Technologies) Hidden AVG SafeGuard toolbar (HKLM-x32\...\AVG SafeGuard toolbar) (Version: 18.1.9.799 - AVG Technologies) Bandizip (HKLM\...\Bandizip) (Version: 5.03 - Bandisoft.com) Bejeweled 3 (x32 Version: 2.2.0.98 - WildTangent) Hidden Chuzzle Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden Comodo Dragon (HKLM-x32\...\Comodo Dragon) (Version: 31.1.0.0 - COMODO) Dzieńdobry! (HKLM-x32\...\Dzieńdobry!) (Version: 4.0 - VSD Software) Empress of the Deep - The Darkest Secret (x32 Version: 2.2.0.98 - WildTangent) Hidden Flock (2.6.0) (HKLM-x32\...\Flock (2.6.0)) (Version: 2.6.0 (en-US) - Flock) Free Audio Converter version 5.0.45.806 (HKLM-x32\...\Free Audio Converter_is1) (Version: 5.0.45.806 - DVDVideoSoft Ltd.) Google Chrome (HKLM-x32\...\Google Chrome) (Version: 39.0.2171.95 - Google Inc.) Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden Intel AppUp(R) center (HKLM-x32\...\Intel AppUp(R) center 41663) (Version: 3.8.0.41663.61 - Intel) Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.1.0.1252 - Intel Corporation) Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 9.17.10.3347 - Intel Corporation) Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 11.5.2.1001 - Intel Corporation) Intel(R) SDK for OpenCL - CPU Only Runtime Package (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 2.0.0.37149 - Intel Corporation) Intelligent Web Reader (HKLM-x32\...\Intelligent Web Reader) (Version: 2.0.17 - IVO Software Sp. z o.o.) Island Tribe (x32 Version: 2.2.0.98 - WildTangent) Hidden Jewel Quest Solitaire 2 (x32 Version: 2.2.0.98 - WildTangent) Hidden Magic Academy (x32 Version: 2.2.0.98 - WildTangent) Hidden Malwarebytes Anti-Malware wersja 2.0.2.1012 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.2.1012 - Malwarebytes Corporation) Maxthon Cloud Browser (HKLM-x32\...\Maxthon3) (Version: 4.0.0.2000 - Maxthon International Limited) Microsoft Office (HKLM-x32\...\{90150000-0138-0409-0000-0000000FF1CE}) (Version: 15.0.4420.1017 - Microsoft Corporation) Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (HKLM-x32\...\{15134cb0-b767-4960-a911-f2d16ae54797}) (Version: 11.0.50727.1 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 (HKLM-x32\...\{22154f09-719a-4619-bb71-5b3356999fbf}) (Version: 11.0.50727.1 - Microsoft Corporation) OpenFM (HKU\S-1-5-21-519654634-1475891941-3348864904-1001\...\OpenFM) (Version: 2 - GG Network S.A.) OpenOffice.org 3.4.1 (HKLM-x32\...\{18192D3F-5537-4560-AD89-D695F72AF91D}) (Version: 3.41.9593 - Apache Software Foundation) Opera 10.00 (HKLM-x32\...\{2085F05D-24C5-4E27-B7B4-A51DE890FFC9}) (Version: 10.00 - Opera Software ASA) Opera Stable 26.0.1656.60 (HKLM-x32\...\Opera 26.0.1656.60) (Version: 26.0.1656.60 - Opera Software ASA) Peggle Nights (x32 Version: 2.2.0.98 - WildTangent) Hidden PIT Format 2013 (HKLM-x32\...\PIT Format 2013_is1) (Version: - Biuro Informatyki Stosowanej FORMAT) Plants vs. Zombies - Game of the Year (x32 Version: 2.2.0.98 - WildTangent) Hidden Polar Bowler (x32 Version: 2.2.0.97 - WildTangent) Hidden Premium Sound HD (HKLM\...\{000A208E-1050-4181-AC37-E13DA9254B73}) (Version: 1.12.6000 - DTS, Inc.) Realtek Bluetooth Filter Driver Package (HKLM-x32\...\InstallShield_{0CC0980D-811D-43B8-A455-8D150EB5BC0D}) (Version: 12.24.2012.0802 - REALTEK Semiconductor Corp) Realtek Bluetooth Filter Driver Package (x32 Version: 12.24.2012.0802 - REALTEK Semiconductor Corp) Hidden Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.3.730.2012 - Realtek) Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6794 - Realtek Semiconductor Corp.) Realtek USB 2.0 Card Reader (HKLM-x32\...\{96AE7E41-E34E-47D0-AC07-1091A8127911}) (Version: 6.1.8400.30136 - Realtek Semiconductor Corp.) Realtek WLAN Driver (HKLM-x32\...\{9D3D8C60-A55F-4fed-B2B9-173001290E16}) (Version: 2.00.0020 - REALTEK Semiconductor Corp.) Reimage Repair (HKLM\...\Reimage Repair) (Version: 1.8.0.3 - Reimage) <==== ATTENTION screenSHU - the fastest screen capture ever. (HKLM-x32\...\screenSHU) (Version: - ) Shared C Run-time for x64 (HKLM\...\{EF79C448-6946-4D71-8134-03407888C054}) (Version: 10.0.0 - McAfee) Skype Click to Call (HKLM-x32\...\{6D1221A9-17BF-4EC0-81F2-27D30EC30701}) (Version: 7.3.16540.9015 - Microsoft Corporation) Skype™ 6.18 (HKLM-x32\...\{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}) (Version: 6.18.106 - Skype Technologies S.A.) Sony PC Companion 2.10.236 (HKLM-x32\...\{F09EF8F2-0976-42C1-8D9D-8DF78337C6E3}) (Version: 2.10.236 - Sony) SpaceTime3D (HKU\S-1-5-21-519654634-1475891941-3348864904-1001\...\SpaceTime3D) (Version: - ) Spotify (HKLM-x32\...\Spotify) (Version: 0.8.5.1333.g822e0de8 - Spotify AB) Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 17.0.8.21 - Synaptics Incorporated) Toolwiz Care (HKLM-x32\...\ToolwizCareFree) (Version: 3.1.0.5500 - ToolWiz Care) TOSHIBA Desktop Assist (HKLM\...\{95CCACF0-010D-45F0-82BF-858643D8BC02}) (Version: 1.00.08.6402 - Toshiba Corporation) TOSHIBA eco Utility (HKLM\...\{5944B9D4-3C2A-48DE-931E-26B31714A2F7}) (Version: 2.0.0.6415 - Toshiba Corporation) TOSHIBA Function Key (HKLM\...\{16562A90-71BC-41A0-B890-D91B0C267120}) (Version: 1.00.6626.6410 - Toshiba Corporation) TOSHIBA Manuals (HKLM-x32\...\{90FF4432-21B7-4AF6-BA6E-FB8C1FED9173}) (Version: 10.10 - TOSHIBA) TOSHIBA Password Utility (HKLM-x32\...\InstallShield_{78931270-BC9E-441A-A52B-73ECD4ACFAB5}) (Version: 2.00.973 - Toshiba Corporation) TOSHIBA PC Health Monitor (HKLM\...\{9DECD0F9-D3E8-48B0-A390-1CF09F54E3A4}) (Version: 1.8.17.640104 - Toshiba Corporation) TOSHIBA Recovery Media Creator (HKLM-x32\...\{B65BBB06-1F8E-48F5-8A54-B024A9E15FDF}) (Version: 2.2.1.54043006 - Toshiba Corporation) TOSHIBA Resolution+ Plug-in for Windows Media Player (HKLM-x32\...\{6CB76C9D-80C2-4CB3-A4CD-D96B239E3F94}) (Version: 1.2.2.00 - TOSHIBA Corporation) TOSHIBA Service Station (HKLM\...\{B8C8422F-01F1-4791-B084-047AAFF9BFCC}) (Version: 2.4.4 - TOSHIBA) TOSHIBA System Driver (HKLM-x32\...\{1E6A96A1-2BAB-43EF-8087-30437593C66C}) (Version: 1.00.0015 - Toshiba Corporation) TOSHIBA System Settings (HKLM-x32\...\{05A55927-DB9B-4E26-BA44-828EBFF829F0}) (Version: 1.00.0002.32002 - Toshiba Corporation) Toshiba TEMPRO (HKLM-x32\...\{F76F5214-83A8-4030-80C9-1EF57391D72A}) (Version: 4.5.1 - Toshiba Europe GmbH) TOSHIBA VIDEO PLAYER (HKLM\...\{FF07604E-C860-40E9-A230-E37FA41F103A}) (Version: 5.3.42.120 - Toshiba Corporation) Update Installer for WildTangent Games App (x32 Version: - WildTangent) Hidden Virtual Villagers 4 - The Tree of Life (x32 Version: 2.2.0.98 - WildTangent) Hidden Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies) Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.) WildTangent Games (HKLM-x32\...\WildTangent wildgames Master Uninstall) (Version: 1.0.3.0 - WildTangent) WildTangent Games App (Toshiba Games) (x32 Version: 4.0.11.7 - WildTangent) Hidden Windows Driver Package - Realtek Semiconductor Corp. RtkBtFilter Bluetooth (07/11/2012 2.3.13.3) (HKLM\...\57F58DC141BEB353704E041792E5B00606694FEA) (Version: 07/11/2012 2.3.13.3 - Realtek Semiconductor Corp.) Wyzo (HKLM-x32\...\Wyzo) (Version: 3.6.4 - Radical Software Ltd) ==================== Custom CLSID (selected items): ========================== (If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.) CustomCLSID: HKU\S-1-5-21-519654634-1475891941-3348864904-1001_Classes\CLSID\{5B69A6B4-393B-459C-8EBB-214237A9E7AC}\InprocServer32 -> P:\RAR\Bandizip\bdzshl64.dll (Bandisoft.com) ==================== Restore Points ========================= 19-12-2014 14:43:44 Czyść niepotrzebne pliki "śmieci" 26-12-2014 15:07:32 Czyść błędy rejestru 28-12-2014 23:50:17 Czyść błędy rejestru 28-12-2014 23:51:53 Czyść niepotrzebne pliki "śmieci" 06-01-2015 10:45:12 Scheduled Checkpoint 08-01-2015 13:36:45 Czyść błędy rejestru 08-01-2015 13:37:28 Czyść niepotrzebne pliki "śmieci" ==================== Hosts content: ========================== (If needed Hosts: directive could be included in the fixlist to reset Hosts.) 2013-08-22 13:25 - 2013-08-22 13:25 - 00000824 ____N C:\WINDOWS\system32\Drivers\etc\hosts ==================== Scheduled Tasks (whitelisted) ============= (If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.) Task: {0CE3B8B6-449D-4E93-A9A0-668CDA86DEB7} - System32\Tasks\ToolwizCareFree => P:\ToolwizCareFree\ToolwizCares.exe [2014-06-11] (Toolwiz) Task: {0D9DDEBB-6FDD-433F-807D-B3EC386C19F5} - System32\Tasks\Browser Updater\Browser Updater => C:\Program Files (x86)\HomeTab\WBrowserUpdater.exe <==== ATTENTION Task: {2540D1CA-2136-4308-9CC1-13F8AB8D875B} - System32\Tasks\globalUpdateUpdateTaskMachineCore => C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe [2014-06-09] (globalUpdate) <==== ATTENTION Task: {294AEA74-828A-4CEA-83C7-15DE38B0BFC2} - \BrowserSafeguard Update Task No Task File <==== ATTENTION Task: {2C43D54B-7093-4B5F-B717-958DA9047B3E} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2014-12-14] (Microsoft Corporation) Task: {4F67FDC2-028F-4CD3-9AE7-F40C6AF8C637} - System32\Tasks\Adobe Flash Player Updater => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-12-26] (Adobe Systems Incorporated) Task: {513608D1-0E24-41D5-BE5A-4EE747635C61} - System32\Tasks\globalUpdateUpdateTaskMachineUA => C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe [2014-06-09] (globalUpdate) <==== ATTENTION Task: {58252B15-7603-4494-B734-DF0261ADDD66} - System32\Tasks\ProtectedSearch\Protected Search => C:\Program Files (x86)\HomeTab\WBrowserProtect.exe <==== ATTENTION Task: {67131C2C-42FD-4D52-83A3-9D70CFFCDD6D} - System32\Tasks\Reimage Reminder => C:\Program Files\Reimage\Reimage Repair\ReimageReminder.exe [2014-12-30] () <==== ATTENTION Task: {8B3976C7-426B-4780-8129-B6BD1B5604F4} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-04-29] (Google Inc.) Task: {B641728C-6984-42D0-9FE8-F7CCCB576487} - System32\Tasks\Opera scheduled Autoupdate 1397558392 => C:\Users\castletone77\PRZEGLADARKI INTERNETOWE\launcher.exe [2014-12-17] (Opera Software) Task: {B862FAF7-882C-4A48-A605-7A019600B388} - System32\Tasks\{FE6D317A-BA0B-4F28-BC63-76EC8539E6A3} => i:\maxthon 4\maxthon\bin\maxthon.exe [2012-12-11] (Maxthon International ltd.) Task: {C2CCDF58-A5A9-4250-85C1-6981CEEB626B} - System32\Tasks\Synaptics TouchPad Enhancements => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2013-08-28] (Synaptics Incorporated) Task: {C85BD367-F35D-4495-8A05-CE49750880BF} - System32\Tasks\GenericSettingsHandler\Windows-Credentials\RetrySyncTask_for_S-1-5-21-519654634-1475891941-3348864904-1001 Task: {C8EF4B1D-E319-415B-961B-685BFB0F0B6C} - System32\Tasks\ReimageUpdater => C:\Program Files\Reimage\Reimage Protector\ReiGuard.exe [2014-12-02] (Reimage®) <==== ATTENTION Task: {D1594AB4-80CA-402F-AFB2-0AE3C17D5C65} - System32\Tasks\Maxthon Update => I:\maxthon 4\Maxthon\Bin\mxup.exe [2014-12-10] (Maxthon International ltd.) Task: {D5EF4379-6CAD-4C3C-A92B-490177CC53C5} - System32\Tasks\Toshiba\CommonNotifier => C:\Program Files (x86)\Toshiba TEMPRO\Toshiba.Tempro.UI.CommonNotifier.exe [2013-01-04] (Toshiba Europe GmbH) Task: {E687A986-B218-4730-A9DB-34FEC9A5E919} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-04-29] (Google Inc.) Task: {F88BB178-2540-482D-9D0F-076F1CC4BCE9} - System32\Tasks\SystemSockets\SystemSockets => C:\Program Files (x86)\HomeTab\WBrowserProductivity.exe <==== ATTENTION Task: {FB6F147B-47F7-4058-9C1D-6B10C4A88EE9} - System32\Tasks\TOSHIBA\Service Station => C:\Program Files\TOSHIBA\Toshiba Service Station\ToshibaServiceStation.exe [2012-07-27] (TOSHIBA Corporation) Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe Task: C:\WINDOWS\Tasks\globalUpdateUpdateTaskMachineCore.job => C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe <==== ATTENTION Task: C:\WINDOWS\Tasks\globalUpdateUpdateTaskMachineUA.job => C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe <==== ATTENTION Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe ==================== Loaded Modules (whitelisted) ============= 2011-10-13 12:38 - 2011-10-13 12:38 - 00156672 _____ () C:\Program Files (x86)\TOSHIBA\Password Utility\GFNEXSrv.exe 2014-12-02 11:50 - 2014-12-02 11:50 - 06745440 _____ () C:\Program Files\Reimage\Reimage Protector\ReiSystem.exe 2014-08-12 12:20 - 2014-08-12 12:20 - 00159768 _____ () C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\18.1.9\loggingserver.exe 2014-01-29 22:02 - 2014-01-29 22:02 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll 2012-10-31 14:15 - 2012-10-31 14:15 - 02565544 _____ () C:\Program Files\TOSHIBA\Hotkey\TCrdMain_Win8.exe 2012-07-18 17:38 - 2012-07-18 17:38 - 00020904 _____ () C:\Program Files\TOSHIBA\Hotkey\SmoothView.dll 2012-07-18 17:38 - 2012-07-18 17:38 - 00049064 _____ () C:\Program Files\TOSHIBA\Hotkey\Hotkey\FnZ.dll 2012-08-13 18:13 - 2012-08-13 18:13 - 00018344 _____ () C:\Program Files\TOSHIBA\Teco\TecoMUI.dll 2014-06-30 17:11 - 2014-08-26 10:36 - 02640408 _____ () C:\Program Files (x86)\AVG SafeGuard toolbar\vprot.exe 2014-12-17 00:07 - 2014-06-23 08:07 - 00113376 _____ () C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanionInfo.exe 2013-09-04 17:21 - 2013-09-04 17:21 - 02112000 _____ () C:\Users\castletone77\zainstalowane\screnSHU\screenSHU\screenSHU.exe 2014-08-12 12:20 - 2014-08-12 12:20 - 00519704 _____ () C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\18.1.9\log4cplusU.dll 2014-12-17 00:07 - 2012-04-30 10:57 - 00039936 _____ () C:\Program Files (x86)\Sony\Sony PC Companion\TMonitorAPI.dll 2014-12-17 00:07 - 2013-09-13 10:02 - 00208896 _____ () C:\Program Files (x86)\Sony\Sony PC Companion\MExplorer.dll 2014-06-30 17:11 - 2014-06-30 17:11 - 01632792 _____ () C:\Program Files (x86)\AVG SafeGuard toolbar\TBAPI.dll 2013-01-18 12:20 - 2013-01-18 12:20 - 00985088 ____C () P:\OpenOffice info\program\program\libxml2.dll 2013-04-25 02:58 - 2012-06-25 09:41 - 01198912 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\ACE.dll 2011-06-08 07:32 - 2011-06-08 07:32 - 00011362 _____ () C:\Users\castletone77\zainstalowane\screnSHU\screenSHU\mingwm10.dll 2011-06-08 07:32 - 2011-06-08 07:32 - 00043008 _____ () C:\Users\castletone77\zainstalowane\screnSHU\screenSHU\libgcc_s_dw2-1.dll 2014-06-11 21:21 - 2012-12-04 06:35 - 00258944 ____C () I:\maxthon 4\Maxthon\bin\Maxzlib.dll 2014-06-11 21:21 - 2012-12-07 05:54 - 00276864 ____C () I:\maxthon 4\Maxthon\Addons\CloudsSvc\MxCloudsSvc.dll 2014-06-11 21:21 - 2012-12-04 06:35 - 00258944 ____C () I:\maxthon 4\Maxthon\Bin\maxzlib.dll 2014-06-11 21:21 - 2012-12-05 02:38 - 14586808 ____C () I:\maxthon 4\Maxthon\Core\Webkit\Npplugins\NPSWF32.dll 2014-06-11 21:21 - 2012-12-05 02:38 - 00742272 ____C () I:\maxthon 4\Maxthon\Core\Webkit\libglesv2.dll 2014-06-11 21:21 - 2012-12-05 02:38 - 00144256 ____C () I:\maxthon 4\Maxthon\Core\Webkit\libegl.dll 2014-06-11 21:21 - 2012-12-04 09:32 - 03522336 ____C () I:\maxthon 4\Maxthon\Core\Webkit\avcodec-54.dll 2014-06-11 21:21 - 2012-12-04 09:32 - 00304960 ____C () I:\maxthon 4\Maxthon\Core\Webkit\avutil-51.dll 2014-06-11 21:21 - 2012-12-04 09:32 - 00452712 ____C () I:\maxthon 4\Maxthon\Core\Webkit\avformat-54.dll ==================== Alternate Data Streams (whitelisted) ========= (If an entry is included in the fixlist, only the Alternate Data Streams will be removed.) AlternateDataStreams: C:\Users\castletone77\OneDrive:ms-properties ==================== Safe Mode (whitelisted) =================== (If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.) HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => ""="" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => ""="" ==================== EXE Association (whitelisted) ============= (If an entry is included in the fixlist, the default will be restored. None default entries will be removed.) ==================== MSCONFIG/TASK MANAGER disabled items ========= (Currently there is no automatic fix for this section.) HKLM\...\StartupApproved\Run32: => "mcui_exe" HKU\S-1-5-21-519654634-1475891941-3348864904-1001\...\StartupApproved\Run: => "GoogleChromeAutoLaunch_2650199CD79B17F993E2D9C6C21BCCDB" HKU\S-1-5-21-519654634-1475891941-3348864904-1001\...\StartupApproved\Run: => "Dzieńdobry!" HKU\S-1-5-21-519654634-1475891941-3348864904-1001\...\StartupApproved\Run: => "screenSHU" ========================= Accounts: ========================== Administrator (S-1-5-21-519654634-1475891941-3348864904-500 - Administrator - Disabled) castletone77 (S-1-5-21-519654634-1475891941-3348864904-1001 - Administrator - Enabled) => C:\Users\castletone77 Guest (S-1-5-21-519654634-1475891941-3348864904-501 - Limited - Disabled) HomeGroupUser$ (S-1-5-21-519654634-1475891941-3348864904-1003 - Limited - Enabled) ==================== Faulty Device Manager Devices ============= ==================== Event log errors: ========================= Application errors: ================== Error: (01/09/2015 09:48:27 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: CASTLE77) Description: Aktywacja aplikacji Microsoft.Reader_6.3.9654.17499_x64__8wekyb3d8bbwe:Microsoft.Reader.AppXqwpk1t4bvqdvwhxhbyg53psw2e2hmdrd.mca nie powiodła się. Błąd: -2147023878. Więcej informacji można znaleźć w dzienniku Microsoft-Windows-TWinUI/Działa. Error: (01/08/2015 02:14:19 PM) (Source: SideBySide) (EventID: 59) (User: ) Description: Nie można wygenerować kontekstu aktywacji dla "1". Błąd w pliku manifestu lub w pliku zasad "2" w wierszu 3. Nieprawidłowa składnia XML. Error: (01/08/2015 00:34:38 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: CASTLE77) Description: Aktywacja aplikacji Microsoft.Reader_6.3.9654.17499_x64__8wekyb3d8bbwe:Microsoft.Reader.AppXqwpk1t4bvqdvwhxhbyg53psw2e2hmdrd.mca nie powiodła się. Błąd: -2147221165. Więcej informacji można znaleźć w dzienniku Microsoft-Windows-TWinUI/Działa. Error: (01/08/2015 10:48:23 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: CASTLE77) Description: Aktywacja aplikacji Microsoft.Reader_6.3.9654.17499_x64__8wekyb3d8bbwe:Microsoft.Reader.AppXqwpk1t4bvqdvwhxhbyg53psw2e2hmdrd.mca nie powiodła się. Błąd: -2147221165. Więcej informacji można znaleźć w dzienniku Microsoft-Windows-TWinUI/Działa. Error: (01/08/2015 10:13:55 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: CASTLE77) Description: Aktywacja aplikacji Microsoft.Reader_6.3.9654.17499_x64__8wekyb3d8bbwe:Microsoft.Reader.AppXqwpk1t4bvqdvwhxhbyg53psw2e2hmdrd.mca nie powiodła się. Błąd: -2147221165. Więcej informacji można znaleźć w dzienniku Microsoft-Windows-TWinUI/Działa. Error: (01/08/2015 10:13:22 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: CASTLE77) Description: Aktywacja aplikacji microsoft.windowscommunicationsapps_8wekyb3d8bbwe!Microsoft.WindowsLive.Mail nie powiodła się. Błąd: -2144927148. Więcej informacji można znaleźć w dzienniku Microsoft-Windows-TWinUI/Działa. Error: (01/08/2015 10:12:04 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: CASTLE77) Description: Aktywacja aplikacji microsoft.windowscommunicationsapps_8wekyb3d8bbwe!Microsoft.WindowsLive.Mail nie powiodła się. Błąd: -2144927148. Więcej informacji można znaleźć w dzienniku Microsoft-Windows-TWinUI/Działa. Error: (01/08/2015 10:11:59 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: CASTLE77) Description: Aktywacja aplikacji microsoft.windowscommunicationsapps_8wekyb3d8bbwe!Microsoft.WindowsLive.Mail nie powiodła się. Błąd: -2144927148. Więcej informacji można znaleźć w dzienniku Microsoft-Windows-TWinUI/Działa. Error: (01/08/2015 10:11:48 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: CASTLE77) Description: Aktywacja aplikacji Microsoft.Reader_6.3.9654.17499_x64__8wekyb3d8bbwe:Microsoft.Reader.AppXqwpk1t4bvqdvwhxhbyg53psw2e2hmdrd.mca nie powiodła się. Błąd: -2147221165. Więcej informacji można znaleźć w dzienniku Microsoft-Windows-TWinUI/Działa. Error: (01/08/2015 10:11:05 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: CASTLE77) Description: Aktywacja aplikacji microsoft.windowscommunicationsapps_8wekyb3d8bbwe!Microsoft.WindowsLive.Mail nie powiodła się. Błąd: -2144927148. Więcej informacji można znaleźć w dzienniku Microsoft-Windows-TWinUI/Działa. System errors: ============= Error: (01/08/2015 10:14:05 AM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Nie można uruchomić usługi Windows Defender Network Inspection Service z powodu następującego błędu: %%577 Error: (01/08/2015 10:10:22 AM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Nie można uruchomić usługi Windows Defender Service z powodu następującego błędu: %%577 Error: (01/08/2015 10:09:03 AM) (Source: Microsoft-Windows-Kernel-General) (EventID: 5) (User: NT AUTHORITY) Description: 0x8000002a70\??\C:\Users\castletone77\AppData\Local\Microsoft\Windows\UsrClass.dat Error: (01/08/2015 10:07:43 AM) (Source: volmgr) (EventID: 46) (User: ) Description: Inicjowanie zrzutu awaryjnego nie powiodło się! Error: (01/08/2015 10:03:23 AM) (Source: DCOM) (EventID: 10010) (User: CASTLE77) Description: {9BA05972-F6A8-11CF-A442-00A0C90A8F39} Error: (01/07/2015 00:22:26 AM) (Source: Schannel) (EventID: 4120) (User: NT AUTHORITY) Description: Wygenerowano alert krytyczny, który został wysłany do zdalnego punktu końcowego. W efekcie połączenie może zostać zakończone. Kod błędu krytycznego zdefiniowany przez protokół TLS to 10. Kod stanu błędu SChannel w systemie Windows to 10. Error: (01/07/2015 00:22:26 AM) (Source: Schannel) (EventID: 4120) (User: NT AUTHORITY) Description: Wygenerowano alert krytyczny, który został wysłany do zdalnego punktu końcowego. W efekcie połączenie może zostać zakończone. Kod błędu krytycznego zdefiniowany przez protokół TLS to 10. Kod stanu błędu SChannel w systemie Windows to 10. Error: (01/07/2015 00:22:26 AM) (Source: Schannel) (EventID: 4120) (User: NT AUTHORITY) Description: Wygenerowano alert krytyczny, który został wysłany do zdalnego punktu końcowego. W efekcie połączenie może zostać zakończone. Kod błędu krytycznego zdefiniowany przez protokół TLS to 10. Kod stanu błędu SChannel w systemie Windows to 10. Error: (01/06/2015 11:02:30 PM) (Source: DCOM) (EventID: 10010) (User: CASTLE77) Description: Microsoft.WindowsLive.Mail.wwa Error: (01/06/2015 10:18:09 PM) (Source: bowser) (EventID: 8003) (User: ) Description: Przeglądarka główna odebrała anons serwera z komputera ASUS-PC. Komputer ten zachowuje się tak, jakby był przeglądarką główną dla domeny w transporcie NetBT_Tcpip_{8FA467BB-C95D-4CC5-87EE-79516C532EE4}. Przeglądarka główna właśnie jest zatrzymywana albo wymuszany jest wybór. Microsoft Office Sessions: ========================= Error: (01/09/2015 09:48:27 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: CASTLE77) Description: Microsoft.Reader_6.3.9654.17499_x64__8wekyb3d8bbwe:Microsoft.Reader.AppXqwpk1t4bvqdvwhxhbyg53psw2e2hmdrd.mca-2147023878 Error: (01/08/2015 02:14:19 PM) (Source: SideBySide) (EventID: 59) (User: ) Description: c:\Users\castletone77\AppData\Roaming\spacetime 3d\spacetime3d\SpaceTime3D.ocxc:\Users\castletone77\AppData\Roaming\spacetime 3d\spacetime3d\SpaceTime3D.ocx9 Error: (01/08/2015 00:34:38 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: CASTLE77) Description: Microsoft.Reader_6.3.9654.17499_x64__8wekyb3d8bbwe:Microsoft.Reader.AppXqwpk1t4bvqdvwhxhbyg53psw2e2hmdrd.mca-2147221165 Error: (01/08/2015 10:48:23 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: CASTLE77) Description: Microsoft.Reader_6.3.9654.17499_x64__8wekyb3d8bbwe:Microsoft.Reader.AppXqwpk1t4bvqdvwhxhbyg53psw2e2hmdrd.mca-2147221165 Error: (01/08/2015 10:13:55 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: CASTLE77) Description: Microsoft.Reader_6.3.9654.17499_x64__8wekyb3d8bbwe:Microsoft.Reader.AppXqwpk1t4bvqdvwhxhbyg53psw2e2hmdrd.mca-2147221165 Error: (01/08/2015 10:13:22 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: CASTLE77) Description: microsoft.windowscommunicationsapps_8wekyb3d8bbwe!Microsoft.WindowsLive.Mail-2144927148 Error: (01/08/2015 10:12:04 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: CASTLE77) Description: microsoft.windowscommunicationsapps_8wekyb3d8bbwe!Microsoft.WindowsLive.Mail-2144927148 Error: (01/08/2015 10:11:59 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: CASTLE77) Description: microsoft.windowscommunicationsapps_8wekyb3d8bbwe!Microsoft.WindowsLive.Mail-2144927148 Error: (01/08/2015 10:11:48 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: CASTLE77) Description: Microsoft.Reader_6.3.9654.17499_x64__8wekyb3d8bbwe:Microsoft.Reader.AppXqwpk1t4bvqdvwhxhbyg53psw2e2hmdrd.mca-2147221165 Error: (01/08/2015 10:11:05 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: CASTLE77) Description: microsoft.windowscommunicationsapps_8wekyb3d8bbwe!Microsoft.WindowsLive.Mail-2144927148 CodeIntegrity Errors: =================================== Date: 2015-01-08 10:14:05.587 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\services.exe) attempted to load \Device\HarddiskVolume4\Program Files\Windows Defender\NisSrv.exe that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2015-01-08 10:10:22.826 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2014-12-31 10:23:45.845 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\services.exe) attempted to load \Device\HarddiskVolume4\Program Files\Windows Defender\NisSrv.exe that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2014-12-31 10:18:50.274 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2014-12-30 12:48:28.599 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\services.exe) attempted to load \Device\HarddiskVolume4\Program Files\Windows Defender\NisSrv.exe that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2014-12-30 12:45:21.350 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2014-12-30 11:56:38.124 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2014-12-30 10:35:45.001 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\services.exe) attempted to load \Device\HarddiskVolume4\Program Files\Windows Defender\NisSrv.exe that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2014-12-30 10:30:35.395 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2014-12-26 13:30:40.906 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\services.exe) attempted to load \Device\HarddiskVolume4\Program Files\Windows Defender\NisSrv.exe that did not meet the Custom 3 / Antimalware signing level requirements. ==================== Memory info =========================== Processor: Intel(R) Pentium(R) CPU B960 @ 2.20GHz Percentage of memory in use: 47% Total physical RAM: 8073.22 MB Available physical RAM: 4234.47 MB Total Pagefile: 16265.22 MB Available Pagefile: 12737.32 MB Total Virtual: 131072 MB Available Virtual: 131071.84 MB ==================== Drives ================================ Drive a: (Moje Różności) (Fixed) (Total:30 GB) (Free:28.07 GB) NTFS Drive c: (TI31061100A) (Fixed) (Total:729.26 GB) (Free:672.75 GB) NTFS Drive d: (Dokumenty WAZNE) (Fixed) (Total:20 GB) (Free:14.93 GB) NTFS Drive g: (GRY) (Fixed) (Total:5 GB) (Free:4.96 GB) NTFS Drive i: (Internetowe Przeglądarki) (Fixed) (Total:30 GB) (Free:29.45 GB) NTFS Drive m: (Muzyka) (Fixed) (Total:20 GB) (Free:16.71 GB) NTFS Drive p: (Programy Instalowane) (Fixed) (Total:20 GB) (Free:19.11 GB) NTFS Drive r: (Różności z internetu) (Fixed) (Total:40 GB) (Free:35.81 GB) NTFS Drive s: (Skype) (Fixed) (Total:5 GB) (Free:4.96 GB) NTFS Drive z: (Zdjęcia WAZNE) (Fixed) (Total:20 GB) (Free:19.89 GB) NTFS ==================== MBR & Partition Table ================== ======================================================== Disk: 0 (Size: 931.5 GB) (Disk ID: 00000000) Partition: GPT Partition Type. ==================== End Of Log ============================