Additional scan result of Farbar Recovery Scan Tool (x64) Version: 12-02-2015 Ran by Daniel at 2015-02-12 19:34:25 Running from C:\Users\Daniel\Downloads Boot Mode: Normal ========================================================== ==================== Security Center ======================== (If an entry is included in the fixlist, it will be removed.) AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B} AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736} ==================== Installed Programs ====================== (Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.) µTorrent (HKU\S-1-5-21-2360153012-2490105570-1480353351-1001\...\uTorrent) (Version: 3.4.2.37754 - BitTorrent Inc.) 64 Bit HP CIO Components Installer (Version: 7.2.8 - Hewlett-Packard) Hidden 7-Zip 9.20 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov) Absolute Uninstaller 5.3.1.17 (HKLM-x32\...\Absolute Uninstaller) (Version: 5.3.1.17 - Glarysoft Ltd) Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 1.5.3.9120 - Adobe Systems Inc.) Adobe Community Help (HKLM-x32\...\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 3.0.0.400 - Adobe Systems Incorporated) Adobe Media Player (HKLM-x32\...\com.adobe.amp.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 1.8 - Adobe Systems Incorporated) Adobe Reader XI (11.0.10) - Polish (HKLM-x32\...\{AC76BA86-7AD7-1045-7B44-AB0000000001}) (Version: 11.0.10 - Adobe Systems Incorporated) AIO_Scan (x32 Version: 130.0.421.000 - Hewlett-Packard) Hidden Apple Application Support (HKLM-x32\...\{D9DAD0FF-495A-472B-9F10-BAE430A26682}) (Version: 3.0.3 - Apple Inc.) Apple Mobile Device Support (HKLM\...\{787136D2-F0F8-4625-AA3F-72D7795AC842}) (Version: 7.1.1.3 - Apple Inc.) Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.) avast! Free Antivirus (HKLM-x32\...\Avast) (Version: 9.0.2021 - AVAST Software) Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.) BufferChm (x32 Version: 140.0.298.000 - Hewlett-Packard) Hidden Catalyst Control Center (HKLM-x32\...\{8B1A559A-FB9D-42F5-A8A7-2F132CF28414}) (Version: 1.00.0000 - ) CDBurnerXP (HKLM-x32\...\{7E265513-8CDA-4631-B696-F40D983F3B07}_is1) (Version: 4.5.4.5000 - CDBurnerXP) ChomikBox (HKLM-x32\...\{C7B52FAF-58D8-438C-B810-F78C3C927504}) (Version: 2.0.8.0 - Chomikuj.pl) Citrix Online Launcher (HKLM-x32\...\{77463C86-BB3A-426E-A6C2-06B4D28C250F}) (Version: 1.0.223 - Citrix) Copy (x32 Version: 140.0.298.000 - Hewlett-Packard) Hidden CPUID CPU-Z 1.70 (HKLM\...\CPUID CPU-Z_is1) (Version: - ) Destinations (x32 Version: 140.0.253.000 - Hewlett-Packard) Hidden DeviceDiscovery (x32 Version: 140.0.298.000 - Hewlett-Packard) Hidden DJ_AIO_NS_LP_DocCD (x32 Version: 90.0.222.000 - Hewlett-Packard) Hidden DJ_AIO_ProductContext (x32 Version: 140.0.425.000 - Hewlett-Packard) Hidden DJ_AIO_Software (x32 Version: 140.0.428.000 - Hewlett-Packard) Hidden DJ_AIO_Software_min (x32 Version: 140.0.425.000 - Hewlett-Packard) Hidden Dropbox (HKU\S-1-5-21-2360153012-2490105570-1480353351-1001\...\Dropbox) (Version: 3.2.6 - Dropbox, Inc.) F4100 (x32 Version: 140.0.425.000 - Hewlett-Packard) Hidden F4100_Help (x32 Version: 90.0.222.000 - Hewlett-Packard) Hidden foobar2000 v1.3.2 (HKLM-x32\...\foobar2000) (Version: 1.3.2 - Peter Pawlowski) foobarCon version 0.97.28-fc (HKU\S-1-5-21-2360153012-2490105570-1480353351-1001\...\{DAC57722-E594-4A46-96CD-49632A791DE1}_is1) (Version: 0.97.28-fc - DanceGom) GitHub (HKU\S-1-5-21-2360153012-2490105570-1480353351-1001\...\5f7eb300e2ea4ebf) (Version: 2.7.0.24 - GitHub, Inc.) Google Chrome (HKLM-x32\...\Google Chrome) (Version: 40.0.2214.111 - Google Inc.) Google Drive (HKLM-x32\...\{65EACBB4-B0B8-4A5B-AE46-22DBE15C70B5}) (Version: 1.19.8406.6504 - Google, Inc.) Google Toolbar for Internet Explorer (HKLM-x32\...\{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version: 7.5.5111.1712 - Google Inc.) Google Toolbar for Internet Explorer (x32 Version: 1.0.0 - Google Inc.) Hidden Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden Google Update Helper (x32 Version: 1.3.26.9 - Google Inc.) Hidden Google+ Auto Backup (HKU\S-1-5-21-2360153012-2490105570-1480353351-1001\...\Google+ Auto Backup) (Version: 1.0.26.151 - Google, Inc.) GoToMeeting 6.4.12.2331 (HKU\S-1-5-21-2360153012-2490105570-1480353351-1001\...\GoToMeeting) (Version: 6.4.12.2331 - CitrixOnline) HP Deskjet All-In-One Software (HKLM\...\{2CB8566A-8EA6-417A-BAB1-1B10A88C79BB}) (Version: 14.0 - HP) HP Imaging Device Functions 14.0 (HKLM\...\HP Imaging Device Functions) (Version: 14.0 - HP) HPPhotoGadget (x32 Version: 140.0.524.000 - Hewlett-Packard) Hidden iSEEK AnswerWorks English Runtime (HKLM-x32\...\{18A8E78B-9EF2-496E-B310-BCD8E4C1DAB3}) (Version: 010.000.0101 - Vantage Linguistics) iTunes (HKLM\...\{1CF5754A-545B-4360-BFDE-2847BC728DFC}) (Version: 11.2.0.115 - Apple Inc.) Java 7 Update 60 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F03217060FF}) (Version: 7.0.600 - Oracle) Java 8 Update 25 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218025F0}) (Version: 8.0.250 - Oracle Corporation) KMPlayer (remove only) (HKLM-x32\...\The KMPlayer) (Version: 3.9.1.129 - PandoraTV) Microsoft Network Monitor 3.4 (HKLM\...\{8C5B5A11-CBF8-451B-B201-77FAB0D0B77D}) (Version: 3.4.2350.0 - Microsoft Corporation) Microsoft Office Professional Plus 2013 (HKLM\...\Office15.PROPLUS) (Version: 15.0.4569.1506 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation) MPC-HC 1.7.7 (64-bit) (HKLM\...\{2ACBF1FA-F5C3-4B19-A774-B22A31F231B9}_is1) (Version: 1.7.7 - MPC-HC Team) Narzędzia sprawdzające pakietu Microsoft Office 2013 — polski (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden OpenSSL 1.0.1L Light (32-bit) (HKLM-x32\...\OpenSSL Light (32-bit)_is1) (Version: - OpenSSL Win32 Installer Team) PeerBlock 1.2 (r693) (HKLM\...\{015C5B35-B678-451C-9AEE-821E8D69621C}_is1) (Version: 1.2.0.693 - PeerBlock, LLC) Picasa 3 (HKLM-x32\...\Picasa 3) (Version: 3.9 - Google, Inc.) PL-2303 USB-to-Serial (HKLM-x32\...\{ECC3713C-08A4-40E3-95F1-7D0704F1CE5E}) (Version: 1.00.000 - Prolific Technology INC) Ruby 1.9.3-p550 (HKU\S-1-5-21-2360153012-2490105570-1480353351-1001\...\{17E73B15-62D2-43FD-B851-ACF86A8C9D25}_is1) (Version: 1.9.3-p550 - RubyInstaller Team) Samsung Kies (HKLM-x32\...\InstallShield_{758C8301-2696-4855-AF45-534B1200980A}) (Version: 2.6.2.14014_6 - Samsung Electronics Co., Ltd.) Samsung Kies (x32 Version: 2.6.2.14014_6 - Samsung Electronics Co., Ltd.) Hidden Samsung Kies3 (HKLM-x32\...\InstallShield_{88547073-C566-4895-9005-EBE98EA3F7C7}) (Version: 3.2.14083.17 - Samsung Electronics Co., Ltd.) Samsung Kies3 (x32 Version: 3.2.14083.17 - Samsung Electronics Co., Ltd.) Hidden SAMSUNG USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.45.0 - SAMSUNG Electronics Co., Ltd.) Scan (x32 Version: 140.0.253.000 - Hewlett-Packard) Hidden Seagate Dashboard (HKLM-x32\...\{F1D8690F-06B3-4100-9949-398EA253AC61}) (Version: 3.2.1802.2 - Seagate) Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{D82063A8-7C8C-4C3B-A9BB-95138CA55D26}) (Version: - Microsoft) Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (Version: - Microsoft) Hidden Skype™ 6.22 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 6.22.107 - Skype Technologies S.A.) StartIsBack+ (HKLM-x32\...\StartIsBack) (Version: 1.6.2 - startisback.com) Status (x32 Version: 140.0.342.000 - Hewlett-Packard) Hidden Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation) Sublime Text 2.0.2 (HKLM-x32\...\Sublime Text 2_is1) (Version: - ) TeamViewer 9 (HKLM-x32\...\TeamViewer 9) (Version: 9.0.32494 - TeamViewer) Todoist (HKLM-x32\...\{B1B3C79A-FFD9-4B28-A456-62B6E55E2A5C}_is1) (Version: 2.6.4.0 - Doist Ltd.) Toolbox (x32 Version: 140.0.596.000 - Hewlett-Packard) Hidden TrayApp (x32 Version: 140.0.297.000 - Hewlett-Packard) Hidden UnloadSupport (x32 Version: 11.0.0 - Hewlett-Packard) Hidden WebReg (x32 Version: 140.0.297.017 - Hewlett-Packard) Hidden Windows 7 USB/DVD Download Tool (HKLM-x32\...\{CCF298AF-9CE1-4B26-B251-486E98A34789}) (Version: 1.0.30 - Microsoft Corporation) WinSCP 5.5.3 (HKLM-x32\...\winscp3_is1) (Version: 5.5.3 - Martin Prikryl) YNAB 4 version 4.0.911 (HKLM-x32\...\com.ynab.YNAB4.LiveCaptive_is1) (Version: 4.0.911 - YouNeedABudget.com) ==================== Custom CLSID (selected items): ========================== (If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.) CustomCLSID: HKU\S-1-5-21-2360153012-2490105570-1480353351-1001_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Daniel\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-2360153012-2490105570-1480353351-1001_Classes\CLSID\{84B5A313-CD5D-4904-8BA2-AFDC81C1B309}\InprocServer32 -> C:\Users\Daniel\AppData\Local\Citrix\GoToMeeting\1865\G2MOutlookAddin64.dll (Citrix Online, a division of Citrix Systems, Inc.) CustomCLSID: HKU\S-1-5-21-2360153012-2490105570-1480353351-1001_Classes\CLSID\{C3BC25C0-FCD3-4F01-AFDD-41373F017C9A}\InprocServer32 -> C:\Users\Daniel\AppData\Local\Google\Update\1.3.26.9\psuser_64.dll (Google Inc.) CustomCLSID: HKU\S-1-5-21-2360153012-2490105570-1480353351-1001_Classes\CLSID\{D0336C0B-7919-4C04-8CCE-2EBAE2ECE8C9}\InprocServer32 -> C:\Users\Daniel\AppData\Local\Google\Update\1.3.25.11\psuser_64.dll No File CustomCLSID: HKU\S-1-5-21-2360153012-2490105570-1480353351-1001_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\Daniel\AppData\Local\Google\Update\1.3.26.9\psuser_64.dll (Google Inc.) CustomCLSID: HKU\S-1-5-21-2360153012-2490105570-1480353351-1001_Classes\CLSID\{ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C}\InprocServer32 -> C:\Users\Daniel\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-2360153012-2490105570-1480353351-1001_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Daniel\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-2360153012-2490105570-1480353351-1001_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Daniel\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-2360153012-2490105570-1480353351-1001_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Daniel\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-2360153012-2490105570-1480353351-1001_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Daniel\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-2360153012-2490105570-1480353351-1001_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Daniel\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-2360153012-2490105570-1480353351-1001_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Daniel\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-2360153012-2490105570-1480353351-1001_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Daniel\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-2360153012-2490105570-1480353351-1001_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Daniel\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.) ==================== Restore Points ========================= 28-01-2015 12:51:36 Windows Update 06-02-2015 17:57:08 Windows Update 11-02-2015 13:03:49 Windows Update ==================== Hosts content: ========================== (If needed Hosts: directive could be included in the fixlist to reset Hosts.) 2013-08-22 13:25 - 2014-11-11 18:08 - 00000884 ____A C:\Windows\system32\Drivers\etc\hosts 127.0.0.1 commerce-kickstart-7-x-2-19-core.local ==================== Scheduled Tasks (whitelisted) ============= (If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.) Task: {03D768EA-CB2F-4B58-B186-714EE58381F8} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-05-20] (Google Inc.) Task: {135E45E9-E71D-4801-946F-7E217430AB62} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2360153012-2490105570-1480353351-1001UA => C:\Users\Daniel\AppData\Local\Google\Update\GoogleUpdate.exe [2015-01-18] (Google Inc.) Task: {2C97BC4E-8437-4430-B0F7-88FECE9A50BA} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2360153012-2490105570-1480353351-1001Core => C:\Users\Daniel\AppData\Local\Google\Update\GoogleUpdate.exe [2015-01-18] (Google Inc.) Task: {3D07E34B-D38B-4223-9827-44629764B796} - System32\Tasks\G2MUpdateTask-S-1-5-21-2360153012-2490105570-1480353351-1001 => C:\Users\Daniel\AppData\Local\Citrix\GoToMeeting\2331\g2mupdate.exe [2015-02-10] (Citrix Online, a division of Citrix Systems, Inc.) Task: {40A2A5FA-D963-4F3C-ADA1-607E3E07C8B5} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2014-09-29] (AVAST Software) Task: {41ED09DB-D41B-4C2B-9F26-0F6820F3A3AF} - System32\Tasks\Daniel => C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\NBCore.exe [2014-09-17] (Seagate Technology LLC) Task: {47E63C13-A501-4A94-8ECB-DFBD20CD8B75} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2014-12-19] (Adobe Systems Incorporated) Task: {50C1DC8B-9DB0-4A52-9B45-2554DB33FD99} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe [2014-01-23] (Microsoft Corporation) Task: {5C29C6C8-2CA7-4338-9D12-4127DD02615A} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-05-20] (Google Inc.) Task: {5E5802A1-8702-4678-9B5B-2FB2E8743BD7} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office\Office15\msoia.exe [2014-01-23] (Microsoft Corporation) Task: {8C537A52-7969-40AE-BA80-A0AF8B2165DB} - System32\Tasks\Seagate_Install_Launch => C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\Dashboard.exe [2014-09-17] (Seagate Technology LLC) Task: {C6E5F111-EC68-4445-87B6-421F593117BE} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office\Office15\msoia.exe [2014-01-23] (Microsoft Corporation) Task: {EBB12185-67AA-465F-94E4-97AD5472A05B} - System32\Tasks\Leader Technologies\PowerRegister\Seagate Product Registration (Daniel) => C:\Users\Daniel\AppData\Roaming\Leadertech\PowerRegister\Seagate Product Registration.exe Task: {ECCD14CC-F738-4326-8770-5D5B268ABB08} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\Windows\system32\MRT.exe [2015-02-11] (Microsoft Corporation) Task: {FDE54676-9873-4B38-B944-445E8248A407} - System32\Tasks\Daniel Merge => C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\NBCore.exe [2014-09-17] (Seagate Technology LLC) Task: {FED27B83-A684-4FAF-922A-090386AC1D76} - System32\Tasks\AdobeAAMUpdater-1.0-Jack-Daniel => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2010-03-06] (Adobe Systems Incorporated) Task: C:\Windows\Tasks\G2MUpdateTask-S-1-5-21-2360153012-2490105570-1480353351-1001.job => C:\Users\Daniel\AppData\Local\Citrix\GoToMeeting\2331\g2mupdate.exe Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2360153012-2490105570-1480353351-1001Core.job => C:\Users\Daniel\AppData\Local\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2360153012-2490105570-1480353351-1001UA.job => C:\Users\Daniel\AppData\Local\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\WebReg HP Deskjet F4100 series.job => C:\Program Files (x86)\HP\Digital Imaging\bin\hpqwrg.exe ==================== Loaded Modules (whitelisted) ============== 2014-11-17 17:29 - 2014-09-11 06:06 - 00020240 _____ () C:\Windows\system32\spool\PRTPROCS\x64\TeamViewer_PrintProcessor.dll 2014-09-29 06:56 - 2014-09-29 06:56 - 00301152 _____ () C:\Program Files\AVAST Software\Avast\aswProperty.dll 2015-02-11 21:02 - 2015-02-11 21:02 - 02912256 _____ () C:\Program Files\AVAST Software\Avast\defs\15021101\algo.dll 2015-02-12 17:57 - 2015-02-12 17:57 - 02912256 _____ () C:\Program Files\AVAST Software\Avast\defs\15021200\algo.dll 2015-02-12 19:31 - 2015-02-12 19:31 - 02912256 _____ () C:\Program Files\AVAST Software\Avast\defs\15021201\algo.dll 2014-04-23 15:05 - 2014-04-23 15:05 - 00073544 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll 2014-04-23 15:04 - 2014-04-23 15:04 - 01044808 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll 2014-09-29 06:56 - 2014-09-29 06:56 - 19329904 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll 2015-02-10 21:00 - 2015-02-10 21:00 - 00750080 _____ () C:\Users\Daniel\AppData\Roaming\Dropbox\bin\libGLESv2.dll 2015-02-12 19:17 - 2015-02-12 19:17 - 00043008 _____ () c:\users\daniel\appdata\local\temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpyqadrt.dll 2015-02-10 21:00 - 2015-02-10 21:00 - 00047616 _____ () C:\Users\Daniel\AppData\Roaming\Dropbox\bin\libEGL.dll 2015-02-10 21:00 - 2015-02-10 21:00 - 00865280 _____ () C:\Users\Daniel\AppData\Roaming\Dropbox\bin\plugins\platforms\qwindows.dll 2015-02-10 21:00 - 2015-02-10 21:00 - 00200704 _____ () C:\Users\Daniel\AppData\Roaming\Dropbox\bin\plugins\imageformats\qjpeg.dll 2015-02-07 17:50 - 2015-02-04 09:02 - 01117512 _____ () C:\Program Files (x86)\Google\Chrome\Application\40.0.2214.111\libglesv2.dll 2015-02-07 17:50 - 2015-02-04 09:02 - 00211272 _____ () C:\Program Files (x86)\Google\Chrome\Application\40.0.2214.111\libegl.dll 2015-02-07 17:50 - 2015-02-04 09:02 - 09170760 _____ () C:\Program Files (x86)\Google\Chrome\Application\40.0.2214.111\pdf.dll 2015-02-07 17:50 - 2015-02-04 09:02 - 14965064 _____ () C:\Program Files (x86)\Google\Chrome\Application\40.0.2214.111\PepperFlash\pepflashplayer.dll ==================== Alternate Data Streams (whitelisted) ========= (If an entry is included in the fixlist, only the Alternate Data Streams will be removed.) AlternateDataStreams: C:\Users\Daniel\OneDrive:ms-properties ==================== Safe Mode (whitelisted) =================== (If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.) ==================== EXE Association (whitelisted) =============== (If an entry is included in the fixlist, the default will be restored. None default entries will be removed.) ==================== Other Areas ============================ (Currently there is no automatic fix for this section.) HKU\S-1-5-21-2360153012-2490105570-1480353351-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Daniel\Pictures\Picasa\Backgrounds\picasabackground-001.bmp DNS Servers: 192.168.0.1 ==================== MSCONFIG/TASK MANAGER disabled items == (Currently there is no automatic fix for this section.) HKLM\...\StartupApproved\Run: => "AdobeAAMUpdater-1.0" HKLM\...\StartupApproved\Run32: => "KiesTrayAgent" HKLM\...\StartupApproved\Run32: => "DBAgent" HKU\S-1-5-21-2360153012-2490105570-1480353351-1001\...\StartupApproved\Run: => "Uploader" ==================== Accounts: ============================= Administrator (S-1-5-21-2360153012-2490105570-1480353351-500 - Administrator - Disabled) Daniel (S-1-5-21-2360153012-2490105570-1480353351-1001 - Administrator - Enabled) => C:\Users\Daniel Gość (S-1-5-21-2360153012-2490105570-1480353351-501 - Limited - Enabled) => C:\Users\Gość HomeGroupUser$ (S-1-5-21-2360153012-2490105570-1480353351-1004 - Limited - Enabled) ==================== Faulty Device Manager Devices ============= ==================== Event log errors: ========================= Application errors: ================== Error: (02/12/2015 07:15:48 PM) (Source: Software Protection Platform Service) (EventID: 8198) (User: ) Description: Aktywacja licencji (slui.exe) nie powiodła się, kod błędu: hr=0xC004F074 Argumenty wiersza polecenia: RuleId=eeba1977-569e-4571-b639-7623d8bfecc0;Action=AutoActivate;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=c06b6981-d7fd-4a35-b7b4-054742b7af67;NotificationInterval=1440;Trigger=NetworkAvailable Error: (02/12/2015 07:15:25 PM) (Source: Software Protection Platform Service) (EventID: 8198) (User: ) Description: Aktywacja licencji (slui.exe) nie powiodła się, kod błędu: hr=0xC004F074 Argumenty wiersza polecenia: RuleId=eeba1977-569e-4571-b639-7623d8bfecc0;Action=AutoActivate;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=c06b6981-d7fd-4a35-b7b4-054742b7af67;NotificationInterval=1440;Trigger=UserLogon;SessionId=2 Error: (02/12/2015 07:15:02 PM) (Source: Software Protection Platform Service) (EventID: 8198) (User: ) Description: Aktywacja licencji (slui.exe) nie powiodła się, kod błędu: hr=0xC004F074 Argumenty wiersza polecenia: RuleId=eeba1977-569e-4571-b639-7623d8bfecc0;Action=AutoActivate;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=c06b6981-d7fd-4a35-b7b4-054742b7af67;NotificationInterval=1440;Trigger=NetworkAvailable Error: (02/12/2015 07:02:43 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Nazwa aplikacji powodującej błąd: WinSCP.exe, wersja: 5.5.3.4214, sygnatura czasowa: 0x00000000 Nazwa modułu powodującego błąd: WinSCP.exe, wersja: 5.5.3.4214, sygnatura czasowa: 0x00000000 Kod wyjątku: 0xc0000005 Przesunięcie błędu: 0x006a2ec9 Identyfikator procesu powodującego błąd: 0x1848 Godzina uruchomienia aplikacji powodującej błąd: 0xWinSCP.exe0 Ścieżka aplikacji powodującej błąd: WinSCP.exe1 Ścieżka modułu powodującego błąd: WinSCP.exe2 Identyfikator raportu: WinSCP.exe3 Pełna nazwa pakietu powodującego błąd: WinSCP.exe4 Identyfikator aplikacji względem pakietu powodującego błąd: WinSCP.exe5 Error: (02/12/2015 07:02:40 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Nazwa aplikacji powodującej błąd: WinSCP.exe, wersja: 5.5.3.4214, sygnatura czasowa: 0x00000000 Nazwa modułu powodującego błąd: WinSCP.exe, wersja: 5.5.3.4214, sygnatura czasowa: 0x00000000 Kod wyjątku: 0xc0000005 Przesunięcie błędu: 0x005214be Identyfikator procesu powodującego błąd: 0x1848 Godzina uruchomienia aplikacji powodującej błąd: 0xWinSCP.exe0 Ścieżka aplikacji powodującej błąd: WinSCP.exe1 Ścieżka modułu powodującego błąd: WinSCP.exe2 Identyfikator raportu: WinSCP.exe3 Pełna nazwa pakietu powodującego błąd: WinSCP.exe4 Identyfikator aplikacji względem pakietu powodującego błąd: WinSCP.exe5 Error: (02/12/2015 06:31:20 PM) (Source: Software Protection Platform Service) (EventID: 8198) (User: ) Description: Aktywacja licencji (slui.exe) nie powiodła się, kod błędu: hr=0xC004F074 Argumenty wiersza polecenia: RuleId=eeba1977-569e-4571-b639-7623d8bfecc0;Action=AutoActivate;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=c06b6981-d7fd-4a35-b7b4-054742b7af67;NotificationInterval=1440;Trigger=UserLogon;SessionId=1 Error: (02/12/2015 06:07:19 PM) (Source: Office 2013 Licensing Service) (EventID: 0) (User: ) Description: Subscription licensing service failed: -1073418225 Error: (02/12/2015 05:59:44 PM) (Source: Software Protection Platform Service) (EventID: 8198) (User: ) Description: Aktywacja licencji (slui.exe) nie powiodła się, kod błędu: hr=0xC004F074 Argumenty wiersza polecenia: RuleId=eeba1977-569e-4571-b639-7623d8bfecc0;Action=AutoActivate;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=c06b6981-d7fd-4a35-b7b4-054742b7af67;NotificationInterval=1440;Trigger=NetworkAvailable Error: (02/11/2015 00:56:44 PM) (Source: Office 2013 Licensing Service) (EventID: 0) (User: ) Description: Subscription licensing service failed: -1073418225 Error: (02/11/2015 00:52:51 PM) (Source: Software Protection Platform Service) (EventID: 8198) (User: ) Description: Aktywacja licencji (slui.exe) nie powiodła się, kod błędu: hr=0xC004F074 Argumenty wiersza polecenia: RuleId=eeba1977-569e-4571-b639-7623d8bfecc0;Action=AutoActivate;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=c06b6981-d7fd-4a35-b7b4-054742b7af67;NotificationInterval=1440;Trigger=UserLogon;SessionId=4 System errors: ============= Error: (02/12/2015 06:15:15 PM) (Source: bowser) (EventID: 8003) (User: ) Description: Przeglądarka główna odebrała anons serwera z komputera GOSIADEK. Komputer ten zachowuje się tak, jakby był przeglądarką główną dla domeny w transporcie NetBT_Tcpip_{C99C1C33-AC25-43E3-8E32-994A78C329C6}. Przeglądarka główna właśnie jest zatrzymywana albo wymuszany jest wybór. Error: (02/12/2015 05:57:50 PM) (Source: Service Control Manager) (EventID: 7009) (User: ) Description: Upłynął limit czasu (30000 ms) podczas oczekiwania na połączenie się z usługą Seagate Dashboard Services. Error: (02/11/2015 06:43:13 PM) (Source: bowser) (EventID: 8003) (User: ) Description: Przeglądarka główna odebrała anons serwera z komputera GOSIADEK. Komputer ten zachowuje się tak, jakby był przeglądarką główną dla domeny w transporcie NetBT_Tcpip_{C99C1C33-AC25-43E3-8E32-994A78C329C6}. Przeglądarka główna właśnie jest zatrzymywana albo wymuszany jest wybór. Error: (02/11/2015 05:31:10 PM) (Source: bowser) (EventID: 8003) (User: ) Description: Przeglądarka główna odebrała anons serwera z komputera GOSIADEK. Komputer ten zachowuje się tak, jakby był przeglądarką główną dla domeny w transporcie NetBT_Tcpip_{C99C1C33-AC25-43E3-8E32-994A78C329C6}. Przeglądarka główna właśnie jest zatrzymywana albo wymuszany jest wybór. Error: (02/11/2015 04:31:04 PM) (Source: bowser) (EventID: 8003) (User: ) Description: Przeglądarka główna odebrała anons serwera z komputera GOSIADEK. Komputer ten zachowuje się tak, jakby był przeglądarką główną dla domeny w transporcie NetBT_Tcpip_{C99C1C33-AC25-43E3-8E32-994A78C329C6}. Przeglądarka główna właśnie jest zatrzymywana albo wymuszany jest wybór. Error: (02/11/2015 03:30:59 PM) (Source: bowser) (EventID: 8003) (User: ) Description: Przeglądarka główna odebrała anons serwera z komputera GOSIADEK. Komputer ten zachowuje się tak, jakby był przeglądarką główną dla domeny w transporcie NetBT_Tcpip_{C99C1C33-AC25-43E3-8E32-994A78C329C6}. Przeglądarka główna właśnie jest zatrzymywana albo wymuszany jest wybór. Error: (02/10/2015 07:59:27 PM) (Source: bowser) (EventID: 8003) (User: ) Description: Przeglądarka główna odebrała anons serwera z komputera GOSIADEK. Komputer ten zachowuje się tak, jakby był przeglądarką główną dla domeny w transporcie NetBT_Tcpip_{C99C1C33-AC25-43E3-8E32-994A78C329C6}. Przeglądarka główna właśnie jest zatrzymywana albo wymuszany jest wybór. Error: (02/10/2015 06:52:58 PM) (Source: Schannel) (EventID: 4120) (User: ZARZĄDZANIE NT) Description: Wygenerowano alert krytyczny, który został wysłany do zdalnego punktu końcowego. W efekcie połączenie może zostać zakończone. Kod błędu krytycznego zdefiniowany przez protokół TLS to 70. Kod stanu błędu SChannel w systemie Windows to 105. Error: (02/08/2015 05:28:35 PM) (Source: bowser) (EventID: 8003) (User: ) Description: Przeglądarka główna odebrała anons serwera z komputera GOSIADEK. Komputer ten zachowuje się tak, jakby był przeglądarką główną dla domeny w transporcie NetBT_Tcpip_{C99C1C33-AC25-43E3-8E32-994A78C329C6}. Przeglądarka główna właśnie jest zatrzymywana albo wymuszany jest wybór. Error: (02/07/2015 08:07:02 PM) (Source: bowser) (EventID: 8003) (User: ) Description: Przeglądarka główna odebrała anons serwera z komputera GOSIADEK. Komputer ten zachowuje się tak, jakby był przeglądarką główną dla domeny w transporcie NetBT_Tcpip_{C99C1C33-AC25-43E3-8E32-994A78C329C6}. Przeglądarka główna właśnie jest zatrzymywana albo wymuszany jest wybór. Microsoft Office Sessions: ========================= Error: (02/12/2015 07:15:48 PM) (Source: Software Protection Platform Service) (EventID: 8198) (User: ) Description: hr=0xC004F074RuleId=eeba1977-569e-4571-b639-7623d8bfecc0;Action=AutoActivate;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=c06b6981-d7fd-4a35-b7b4-054742b7af67;NotificationInterval=1440;Trigger=NetworkAvailable Error: (02/12/2015 07:15:25 PM) (Source: Software Protection Platform Service) (EventID: 8198) (User: ) Description: hr=0xC004F074RuleId=eeba1977-569e-4571-b639-7623d8bfecc0;Action=AutoActivate;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=c06b6981-d7fd-4a35-b7b4-054742b7af67;NotificationInterval=1440;Trigger=UserLogon;SessionId=2 Error: (02/12/2015 07:15:02 PM) (Source: Software Protection Platform Service) (EventID: 8198) (User: ) Description: hr=0xC004F074RuleId=eeba1977-569e-4571-b639-7623d8bfecc0;Action=AutoActivate;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=c06b6981-d7fd-4a35-b7b4-054742b7af67;NotificationInterval=1440;Trigger=NetworkAvailable Error: (02/12/2015 07:02:43 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: WinSCP.exe5.5.3.421400000000WinSCP.exe5.5.3.421400000000c0000005006a2ec9184801d046f582960a2fC:\Program Files (x86)\WinSCP\WinSCP.exeC:\Program Files (x86)\WinSCP\WinSCP.exeb879a995-b2e9-11e4-82a7-6c626d0a9d4d Error: (02/12/2015 07:02:40 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: WinSCP.exe5.5.3.421400000000WinSCP.exe5.5.3.421400000000c0000005005214be184801d046f582960a2fC:\Program Files (x86)\WinSCP\WinSCP.exeC:\Program Files (x86)\WinSCP\WinSCP.exeb71d5267-b2e9-11e4-82a7-6c626d0a9d4d Error: (02/12/2015 06:31:20 PM) (Source: Software Protection Platform Service) (EventID: 8198) (User: ) Description: hr=0xC004F074RuleId=eeba1977-569e-4571-b639-7623d8bfecc0;Action=AutoActivate;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=c06b6981-d7fd-4a35-b7b4-054742b7af67;NotificationInterval=1440;Trigger=UserLogon;SessionId=1 Error: (02/12/2015 06:07:19 PM) (Source: Office 2013 Licensing Service) (EventID: 0) (User: ) Description: Subscription licensing service failed: -1073418225 Error: (02/12/2015 05:59:44 PM) (Source: Software Protection Platform Service) (EventID: 8198) (User: ) Description: hr=0xC004F074RuleId=eeba1977-569e-4571-b639-7623d8bfecc0;Action=AutoActivate;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=c06b6981-d7fd-4a35-b7b4-054742b7af67;NotificationInterval=1440;Trigger=NetworkAvailable Error: (02/11/2015 00:56:44 PM) (Source: Office 2013 Licensing Service) (EventID: 0) (User: ) Description: Subscription licensing service failed: -1073418225 Error: (02/11/2015 00:52:51 PM) (Source: Software Protection Platform Service) (EventID: 8198) (User: ) Description: hr=0xC004F074RuleId=eeba1977-569e-4571-b639-7623d8bfecc0;Action=AutoActivate;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=c06b6981-d7fd-4a35-b7b4-054742b7af67;NotificationInterval=1440;Trigger=UserLogon;SessionId=4 CodeIntegrity Errors: =================================== Date: 2014-09-29 08:40:41.338 Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Common Files\microsoft shared\OFFICE15\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements. ==================== Memory info =========================== Processor: Intel(R) Core(TM) i5 CPU 650 @ 3.20GHz Percentage of memory in use: 44% Total physical RAM: 6071.07 MB Available physical RAM: 3363.39 MB Total Pagefile: 7799.07 MB Available Pagefile: 4344.29 MB Total Virtual: 131072 MB Available Virtual: 131071.78 MB ==================== Drives ================================ Drive c: () (Fixed) (Total:578 GB) (Free:443.34 GB) NTFS ==>[Drive with boot components (obtained from BCD)] Drive d: (Data) (Fixed) (Total:341.8 GB) (Free:37.01 GB) NTFS Drive e: () (Fixed) (Total:0.1 GB) (Free:0.08 GB) NTFS Drive f: (HP_RECOVERY) (Fixed) (Total:11.62 GB) (Free:1.36 GB) NTFS ==>[System with boot components (obtained from reading drive)] ==================== MBR & Partition Table ================== ======================================================== Disk: 0 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: 02B9CE4C) Partition 1: (Not Active) - (Size=100 MB) - (Type=07 NTFS) Partition 2: (Active) - (Size=578 GB) - (Type=07 NTFS) Partition 3: (Not Active) - (Size=341.8 GB) - (Type=OF Extended) Partition 4: (Not Active) - (Size=11.6 GB) - (Type=07 NTFS) ==================== End Of Log ============================