Additional scan result of Farbar Recovery Scan Tool (x64) Version:27-01-2016 Ran by BAZYL (2016-01-29 12:18:52) Running from C:\Users\BAZYL\Downloads Windows 7 Home Premium Service Pack 1 (X64) (2010-12-25 13:12:41) Boot Mode: Normal ========================================================== ==================== Accounts: ============================= Administrator (S-1-5-21-2777484894-2762145361-3469590425-500 - Administrator - Disabled) BAZYL (S-1-5-21-2777484894-2762145361-3469590425-1000 - Administrator - Enabled) => C:\Users\BAZYL Guest (S-1-5-21-2777484894-2762145361-3469590425-501 - Limited - Disabled) HomeGroupUser$ (S-1-5-21-2777484894-2762145361-3469590425-1002 - Limited - Enabled) ==================== Security Center ======================== (If an entry is included in the fixlist, it will be removed.) AS: Windows Defender (Enabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} ==================== Installed Programs ====================== (Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.) 64 Bit HP CIO Components Installer (Version: 6.2.1 - Hewlett-Packard) Hidden Acer Backup Manager (HKLM-x32\...\InstallShield_{72B776E5-4530-4C4B-9453-751DF87D9D93}) (Version: 2.0.0.60 - NewTech Infosystems) Acer Crystal Eye Webcam (HKLM-x32\...\{7760D94E-B1B5-40A0-9AA0-ABF942108755}) (Version: 5.2.13.1 - Suyin Optronics Corp) Acer ePower Management (HKLM-x32\...\{3DB0448D-AD82-4923-B305-D001E521A964}) (Version: 5.00.3002 - Acer Incorporated) Acer eRecovery Management (HKLM-x32\...\{7F811A54-5A09-4579-90E1-C93498E230D9}) (Version: 4.05.3007 - Acer Incorporated) Acer GameZone Console (HKLM-x32\...\{ABEE079E-648E-488B-8301-0C3DB48C1BCE}_is1) (Version: 6.1.0.2 - Oberon Media, Inc.) Acer Registration (HKLM-x32\...\Acer Registration) (Version: 1.03.3002 - Acer Incorporated) Acer ScreenSaver (HKLM-x32\...\Acer Screensaver) (Version: 1.1.0105.2010 - Acer Incorporated) Acer Updater (HKLM-x32\...\{EE171732-BEB4-4576-887D-CB62727F01CA}) (Version: 1.02.3001 - Acer Incorporated) Acrobat.com (HKLM-x32\...\{287ECFA4-719A-2143-A09B-D6A12DE54E40}) (Version: 1.6.65 - Adobe Systems Incorporated) Adobe Reader XI (11.0.12) - Polish (HKLM-x32\...\{AC76BA86-7AD7-1045-7B44-AB0000000001}) (Version: 11.0.12 - Adobe Systems Incorporated) Advanced Calendar 2.0 (HKLM\...\{D9BAB2C9-5236-48c3-AF02-67E799F09BBD}) (Version: 2.0.0.10764 - TopTools100) <==== ATTENTION Apache Havoc (HKLM-x32\...\Apache Havoc) (Version: - ) ATI Catalyst Install Manager (HKLM\...\{3B20226B-63ED-B863-B224-FE40401B21CA}) (Version: 3.0.765.0 - ATI Technologies, Inc.) Backup Manager Basic (x32 Version: 2.0.0.60 - NewTech Infosystems) Hidden Browsers Protector (HKLM-x32\...\Browsers Protector) (Version: 1.0.0.0 - Publisher Name) <==== ATTENTION BufferChm (x32 Version: 140.0.212.000 - Hewlett-Packard) Hidden C4600 (x32 Version: 140.0.690.000 - Hewlett-Packard) Hidden ccc-core-static (x32 Version: 2010.0329.836.13543 - ATI) Hidden CCleaner (HKLM\...\CCleaner) (Version: 3.08 - Piriform) Command & Conquer Red Alert 2 (HKLM-x32\...\Red Alert 2) (Version: - ) Compatibility Pack for the 2007 Office system (HKLM-x32\...\{90120000-0020-0409-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation) Contextual Tool Extrafind (HKLM-x32\...\dcf48227) (Version: - ) <==== ATTENTION Coupon Printer for Windows (HKLM-x32\...\Coupon Printer for Windows5.0.0.0) (Version: 5.0.0.0 - Coupons.com Incorporated) CyberLink PowerDVD 9 (HKLM-x32\...\InstallShield_{A8516AC9-AAF1-47F9-9766-03E2D4CDBCF8}) (Version: 9.0.2719.50 - CyberLink Corp.) D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden Destinations (x32 Version: 140.0.77.000 - Hewlett-Packard) Hidden DeviceDiscovery (x32 Version: 140.0.212.000 - Hewlett-Packard) Hidden eBay Worldwide (HKLM-x32\...\{E0B19DF7-B1C7-4937-82C4-0E4B1E346965}) (Version: 2.1.0901 - OEM) GPBaseService2 (x32 Version: 140.0.211.000 - Hewlett-Packard) Hidden Heroes of Might and Magic(TM) III Armageddon's Blade (HKLM-x32\...\Heroes of Might and Magic(TM) III Armageddon's Blade) (Version: - ) Heroes of Might and Magic® III (HKLM-x32\...\Heroes of Might and Magic® III) (Version: - ) HP Customer Participation Program 14.0 (HKLM\...\HPExtendedCapabilities) (Version: 14.0 - HP) HP Imaging Device Functions 14.0 (HKLM\...\HP Imaging Device Functions) (Version: 14.0 - HP) HP Photo Creations (HKLM-x32\...\HP Photo Creations) (Version: 1.0.0.2024 - HP Photo Creations Powered by RocketLife) HP Photosmart C4600 All-In-One Driver Software 14.0 Rel. 5 (HKLM\...\{1E1746EF-F5BF-4677-8F30-04FE399130DA}) (Version: 14.0 - HP) HP Smart Web Printing 4.60 (HKLM\...\HP Smart Web Printing) (Version: 4.60 - HP) HP Solution Center 14.0 (HKLM\...\HP Solution Center & Imaging Support Tools) (Version: 14.0 - HP) HP Update (HKLM-x32\...\{74DC0593-6BC6-4001-AD5F-D810AFB68D86}) (Version: 5.002.002.002 - Hewlett-Packard) HPProductAssistant (x32 Version: 140.0.212.000 - Hewlett-Packard) Hidden HPSSupply (x32 Version: 140.0.211.000 - Hewlett-Packard) Hidden Identity Card (HKLM-x32\...\Identity Card) (Version: 1.00.3003 - Acer Incorporated) Java(TM) 6 Update 24 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83216022FF}) (Version: 6.0.240 - Oracle) Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden K-Lite Codec Pack 6.2.0 (Basic) (HKLM-x32\...\KLiteCodecPack_is1) (Version: 6.2.0 - ) Launch Manager (HKLM-x32\...\LManager) (Version: 4.0.7 - Acer Inc.) MarketResearch (x32 Version: 140.0.212.000 - Hewlett-Packard) Hidden Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation) Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft) Microsoft Office 2010 dla Użytkowników Domowych i Małych Firm (HKLM-x32\...\Office14.SingleImage) (Version: 14.0.7015.1000 - Microsoft Corporation) Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation) Microsoft Office Home and Student 2007 (HKLM-x32\...\HOMESTUDENTR) (Version: 12.0.6612.1000 - Microsoft Corporation) Microsoft Office PowerPoint Viewer 2007 (English) (HKLM-x32\...\{95120000-00AF-0409-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation) Microsoft Office Suite Activation Assistant (HKLM-x32\...\{E50AE784-FABE-46DA-A1F8-7B6B56DCB22E}) (Version: 2.9 - Microsoft Corporation) Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation) Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation) Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM-x32\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (HKLM-x32\...\{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}) (Version: 9.0.30729.5570 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Works (HKLM-x32\...\{67E03279-F703-408F-B4BF-46B5FC8D70CD}) (Version: 9.7.0621 - Microsoft Corporation) Mozilla Firefox 39.0.3 (x86 pl) (HKLM-x32\...\Mozilla Firefox 39.0.3 (x86 pl)) (Version: 39.0.3 - Mozilla) Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 29.0.1 - Mozilla) MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation) MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation) MyWinLocker (x32 Version: 3.1.206.0 - Egis Technology Inc.) Hidden MyWinLocker Suite (HKLM-x32\...\InstallShield_{738BF5C3-AF7B-4BB0-B7EF-E505EFC756BE}) (Version: 3.1.206.0 - Egis Technology Inc.) MyWinLocker Suite (x32 Version: 3.1.206.0 - Egis Technology Inc.) Hidden NTI Backup Now 5 (HKLM-x32\...\InstallShield_{12EFA1A4-AC3B-443C-8143-237EDE760403}) (Version: 5.1.2.628 - NewTech Infosystems) NTI Backup Now Standard (x32 Version: 5.1.2.628 - NewTech Infosystems) Hidden NTI Media Maker 8 (HKLM-x32\...\InstallShield_{2413930C-8309-47A6-BC61-5EF27A4222BC}) (Version: 8.0.12.6630 - NewTech Infosystems) NTI Media Maker 8 (x32 Version: 8.0.12.6630 - NewTech Infosystems) Hidden PlayReady PC Runtime x86 (HKLM-x32\...\{CCA5EAAD-92F4-4B7A-B5EE-14294C66AB61}) (Version: 1.3.0 - Microsoft Corporation) PS_AIO_05_C4600_Software_Min (x32 Version: 140.0.690.000 - Hewlett-Packard) Hidden QuickTransfer (x32 Version: 140.0.98.000 - Hewlett-Packard) Hidden Realtek HDMI Audio Driver for ATI (HKLM-x32\...\{5449FB4F-1802-4D5B-A6D8-087DB1142147}) (Version: 6.0.1.5992 - Realtek Semiconductor Corp.) Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6004 - Realtek Semiconductor Corp.) Realtek USB 2.0 Card Reader (HKLM-x32\...\{96AE7E41-E34E-47D0-AC07-1091A8127911}) (Version: 6.1.7600.30113 - Realtek Semiconductor Corp.) Scan (x32 Version: 140.0.80.000 - Hewlett-Packard) Hidden Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version: - Microsoft) Shop for HP Supplies (HKLM\...\Shop for HP Supplies) (Version: 14.0 - HP) Shredder (Version: 2.0.5.0 - Egis Technology Inc.) Hidden Shredder (x32 Version: 2.0.5.0 - Egis Technology Inc.) Hidden Skype Click to Call (HKLM-x32\...\{6D1221A9-17BF-4EC0-81F2-27D30EC30701}) (Version: 8.0.0.9103 - Microsoft Corporation) Skype™ 7.18 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.18.109 - Skype Technologies S.A.) SmartWebPrinting (x32 Version: 140.0.186.000 - Hewlett-Packard) Hidden SolutionCenter (x32 Version: 140.0.213.000 - Hewlett-Packard) Hidden Status (x32 Version: 140.0.212.000 - Hewlett-Packard) Hidden Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 14.0.19.0 - Synaptics Incorporated) Toolbox (x32 Version: 140.0.428.000 - Hewlett-Packard) Hidden Tools Update Platform (HKLM-x32\...\{6A128791-4857-4484-9BB2-71D4C1257200}) (Version: 1.1.0.15773 - Beijing Zhihuimen Techology co,.Ltd) <==== ATTENTION TrayApp (x32 Version: 140.0.212.000 - Hewlett-Packard) Hidden Unity Web Player (HKU\S-1-5-21-2777484894-2762145361-3469590425-1000\...\UnityWebPlayer) (Version: 4.5.3f3 - Unity Technologies ApS) Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft) VIS (HKLM-x32\...\VIS) (Version: - ) <==== ATTENTION Visual Studio 2008 x64 Redistributables (HKLM-x32\...\{FCDBEA60-79F0-4FAE-BBA8-55A26C609A49}) (Version: 10.0.0.2 - AVG Technologies) Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies) Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.) VLC media player 1.1.0 (HKLM-x32\...\VLC media player) (Version: 1.1.0 - VideoLAN) WebReg (x32 Version: 140.0.212.017 - Hewlett-Packard) Hidden WebTV (x32 Version: 3.4.1 - XStream Incorporated) Hidden Welcome Center (HKLM-x32\...\Acer Welcome Center) (Version: 1.01.3002 - Acer Incorporated) Wincore MediaBar (HKLM-x32\...\Wincore MediaBar) (Version: 3.0.0.119265 - Musiclab, LLC) <==== ATTENTION Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3502.0922 - Microsoft Corporation) Windows Live Sync (HKLM-x32\...\{84EBDF39-4B33-49D7-A0BD-EB6E2C4E81C1}) (Version: 14.0.8089.726 - Microsoft Corporation) WinRAR 4.10 (32-bit) (HKLM-x32\...\WinRAR archiver) (Version: 4.10.0 - win.rar GmbH) Yontoo 1.10.02 (HKLM\...\{889DF117-14D1-44EE-9F31-C5FB5D47F68B}) (Version: 1.10.02 - Yontoo LLC) <==== ATTENTION ZTE Remote NDIS Device (HKLM-x32\...\ZTE Remote NDIS_is1) (Version: - ADSL Router Company, Inc.) ==================== Custom CLSID (Whitelisted): ========================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) ==================== Scheduled Tasks (Whitelisted) ============= (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) Task: {16BF7586-FE57-4128-8F4A-D81492F4AD49} - \DealPlyUpdate -> No File <==== ATTENTION Task: {2F0A490F-78B0-4F69-9770-7901DA76205A} - System32\Tasks\RealUpgradeLogonTaskS-1-5-21-2777484894-2762145361-3469590425-1000 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe Task: {4D144DEB-866C-47CD-BD3D-0E26F8488F47} - System32\Tasks\RealUpgradeScheduledTaskS-1-5-21-2777484894-2762145361-3469590425-1000 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe Task: {522FA612-5461-4486-91FF-54FC2446AD51} - System32\Tasks\Program aktualizacji online firmy HP => C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [2009-11-18] (Hewlett-Packard) Task: {543FA0B4-67E6-42E8-B835-6B7C42902A69} - System32\Tasks\ToolsUpdatePlatform_ScheduledTask => C:\Program Files (x86)\ToolsUpdatePlatform\UpdatePlatform.exe [2015-07-07] () <==== ATTENTION Task: {5A40E926-9E86-4B89-9CFD-B12311724371} - System32\Tasks\Microsoft\Windows\UPnP\UPnPHostConfig => config upnphost start= auto Task: {8391F482-9E4C-4EC3-9DEC-FBEB1428270D} - System32\Tasks\Adobe online update program => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-12-13] (Adobe Systems Incorporated) Task: {94906301-D761-4168-9305-A8CF945FC046} - System32\Tasks\{8B6CAE7E-962A-4CA0-A574-63D42B26BAB4} => pcalua.exe -a C:\Users\BAZYL\setup.exe -d C:\Users\BAZYL Task: {9CDAE859-A371-4201-AF42-03B3D5E86EA3} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-12-13] (Adobe Systems Incorporated) Task: {DD9F510C-95F4-499A-90C8-BAC5BC372FF4} - System32\Tasks\Microsoft\Windows\SoftwareProtectionPlatform\SvcRestartTask => start sppsvc (If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.) Task: C:\Windows\Tasks\ToolsUpdatePlatform_ScheduledTask.job => C:\Program Files (x86)\ToolsUpdatePlatform\UpdatePlatform.exe <==== ATTENTION ==================== Shortcuts ============================= (The entries could be listed to be restored or removed.) ==================== Loaded Modules (Whitelisted) ============== 2015-07-21 06:37 - 2015-07-21 06:37 - 00158856 _____ () C:\Program Files (x86)\CalendarTool\2.0.0.10764\CalendarEntry.dll 2015-07-07 06:49 - 2015-07-07 06:49 - 00635128 _____ () C:\Program Files (x86)\ToolsUpdatePlatform\UpdatePlatform.exe 2010-05-21 15:25 - 2010-01-13 09:47 - 00206208 _____ () C:\Windows\PLFSetI.exe 2015-07-21 06:37 - 2015-07-21 06:37 - 00149432 _____ () C:\Program Files (x86)\CalendarTool\2.0.0.10764\CalendarServ.exe 2012-02-15 16:56 - 2012-02-15 16:56 - 00147784 _____ () C:\Program Files (x86)\Browsers Protector\regmon32.exe 2015-07-21 06:37 - 2015-07-21 06:37 - 03925432 _____ () C:\Program Files (x86)\CalendarTool\2.0.0.10764\Calendar.exe 2010-03-08 09:57 - 2010-03-08 09:57 - 00016384 ____R () C:\Program Files (x86)\ATI Technologies\ATI.ACE\Branding\Branding.dll 2010-05-21 15:19 - 2010-05-21 15:19 - 00270336 _____ () C:\Windows\assembly\GAC_MSIL\CLI.Aspect.CrossDisplay.Graphics.Dashboard\1.0.0.0__90ba9c70f846762e\CLI.Aspect.CrossDisplay.Graphics.Dashboard.dll 2016-01-29 10:52 - 2016-01-29 10:52 - 00380416 _____ () C:\Users\BAZYL\Downloads\4g5g2055.exe 2010-03-09 00:18 - 2010-03-09 00:18 - 00465576 _____ () C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\sqlite3.dll 2010-03-09 00:13 - 2010-03-09 00:13 - 01081600 _____ () C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\ACE.dll 2015-07-21 06:37 - 2015-07-21 06:37 - 00543368 _____ () C:\Program Files (x86)\CalendarTool\2.0.0.10764\EVPTask.dll 2015-07-21 06:37 - 2015-07-21 06:37 - 00406664 _____ () C:\Program Files (x86)\CalendarTool\2.0.0.10764\EVPNet.dll 2015-07-21 06:37 - 2015-07-21 06:37 - 00428680 _____ () C:\Program Files (x86)\CalendarTool\2.0.0.10764\EVPDR.dll 2010-04-12 03:58 - 2009-05-20 06:02 - 00072200 _____ () C:\Program Files (x86)\Launch Manager\CdDirIo.dll 2016-01-11 10:36 - 2016-01-11 10:36 - 00932032 ____R () C:\Program Files (x86)\Skype\Phone\ssScreenVVS2.dll ==================== Alternate Data Streams (Whitelisted) ========= (If an entry is included in the fixlist, only the ADS will be removed.) AlternateDataStreams: C:\ProgramData\Temp:0B4227B4 AlternateDataStreams: C:\ProgramData\Temp:0B9176C0 AlternateDataStreams: C:\ProgramData\Temp:4D066AD2 AlternateDataStreams: C:\ProgramData\Temp:5D7E5A8F AlternateDataStreams: C:\ProgramData\Temp:798A3728 AlternateDataStreams: C:\ProgramData\Temp:93DE1838 AlternateDataStreams: C:\ProgramData\Temp:93EB7685 AlternateDataStreams: C:\ProgramData\Temp:AB689DEA AlternateDataStreams: C:\ProgramData\Temp:ABE89FFE AlternateDataStreams: C:\ProgramData\Temp:DE29D4A1 AlternateDataStreams: C:\ProgramData\Temp:E1F04E8D AlternateDataStreams: C:\ProgramData\Temp:E36F5B57 ==================== Safe Mode (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.) ==================== EXE Association (Whitelisted) =============== (If an entry is included in the fixlist, the registry item will be restored to default or removed.) ==================== Internet Explorer trusted/restricted =============== (If an entry is included in the fixlist, it will be removed from the registry.) ==================== Hosts content: =============================== (If needed Hosts: directive could be included in the fixlist to reset Hosts.) 2009-07-14 02:34 - 2009-06-10 21:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts ==================== Other Areas ============================ (Currently there is no automatic fix for this section.) HKU\S-1-5-21-2777484894-2762145361-3469590425-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\BAZYL\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg DNS Servers: 194.168.4.100 - 194.168.8.100 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1) Windows Firewall is disabled. ==================== MSCONFIG/TASK MANAGER disabled items == (Currently there is no automatic fix for this section.) MSCONFIG\startupreg: Adobe Reader Speed Launcher => "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe" MSCONFIG\startupreg: Gadu-Gadu 10 => "C:\Users\BAZYL\Downloads\Gadu-Gadu 10\gg.exe" MSCONFIG\startupreg: Google Update => "C:\Users\BAZYL\AppData\Local\Google\Update\GoogleUpdate.exe" /c MSCONFIG\startupreg: mwlDaemon => C:\Program Files (x86)\EgisTec MyWinLocker\x86\mwlDaemon.exe MSCONFIG\startupreg: My Web Search Bar Search Scope Monitor => "C:\PROGRA~2\MYWEBS~1\bar\1.bin\m3SrchMn.exe" /m=2 /w /h MSCONFIG\startupreg: MyWebSearch Email Plugin => C:\PROGRA~2\MYWEBS~1\bar\1.bin\mwsoemon.exe MSCONFIG\startupreg: NortonOnlineBackupReminder => "C:\Program Files (x86)\Symantec\Norton Online Backup\Activation\NobuActivation.exe" UNATTENDED MSCONFIG\startupreg: Skype => "C:\Program Files (x86)\Skype\Phone\Skype.exe" /nosplash /minimized MSCONFIG\startupreg: SunJavaUpdateSched => "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" MSCONFIG\startupreg: Twoje TVN24 => "C:\Program Files (x86)\Pasek TVN24\pasektvn24.exe" ==================== FirewallRules (Whitelisted) =============== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) FirewallRules: [{B6E173DC-14F6-4CA8-B539-B344FA768B99}] => (Allow) C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe FirewallRules: [{0FF9E515-F3C9-4A46-AE78-E31050F1C85C}] => (Allow) C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe FirewallRules: [{6A0DCB75-E7F3-4281-B121-1640C3D46D58}] => (Allow) C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe FirewallRules: [{0291E628-716F-4DE8-AB7A-F53C37558ECB}] => (Allow) C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe FirewallRules: [{17E9B555-E44F-430B-A648-71B2D1D03549}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD9\PowerDVD9.EXE FirewallRules: [{1023B11C-DCE9-413E-B754-3ADB71F682B9}] => (Allow) C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe FirewallRules: [{1B4872A8-047F-4EBE-8B0E-314E95736B02}] => (Allow) C:\Program Files (x86)\Windows Live\Sync\WindowsLiveSync.exe FirewallRules: [{49640C42-878A-4589-8EFE-19F7EC6F20B5}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe FirewallRules: [{3BD231A5-1A22-4C19-AF9F-8DD1EAD569FF}] => (Allow) LPort=2869 FirewallRules: [{EF303C76-19ED-4545-A81A-DE9FDCE58122}] => (Allow) LPort=1900 FirewallRules: [{AD511A0A-FFA0-4676-91EE-4EBAA618A3E8}] => (Allow) C:\Program Files (x86)\BearShare Applications\MEDIABAR\DATAMNGR\ToolBar\dtUser.exe FirewallRules: [{EA2C2936-E51F-48A3-BC19-7D8D65F4521B}] => (Allow) C:\Program Files (x86)\BearShare Applications\MEDIABAR\DATAMNGR\ToolBar\dtUser.exe FirewallRules: [{BDF351C1-9888-4660-9B1A-9E2EE16593F7}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe FirewallRules: [{0FBCF619-71FD-4233-B010-272887CEBE09}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqste08.exe FirewallRules: [{3F1F2074-84D7-4F12-8A80-CC7AD90CEABD}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hposid01.exe FirewallRules: [{64C4583D-A234-4D58-A28D-10A733C406DD}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqkygrp.exe FirewallRules: [{5F857787-C38B-4C1E-9072-D36693FAA54F}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpfccopy.exe FirewallRules: [{D785FB01-A831-47D8-B893-18D45FF89C38}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpoews01.exe FirewallRules: [{1B6C04B1-F58A-4E67-8A67-6B22ACFD2450}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpiscnapp.exe FirewallRules: [{C2DC9A5B-CA87-4ADD-808A-9547D97860F4}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgplgtupl.exe FirewallRules: [{2F24B1B1-EA2A-4D63-91E6-65CCBC1E8C80}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe FirewallRules: [{714D83F7-EAAF-41CC-9734-1A3876D4A52A}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqusgm.exe FirewallRules: [{E6985B50-BCED-45DC-9AFD-C403E93F2BD4}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqusgh.exe FirewallRules: [{754C5E22-08F5-4AC8-A648-EDD5516A9281}] => (Allow) C:\Program Files (x86)\HP\hp software update\hpwucli.exe FirewallRules: [{9C7FCAF7-CEBD-4179-BCAA-949DC79CAFDA}] => (Allow) C:\Program Files (x86)\HP\digital imaging\smart web printing\smartwebprintexe.exe FirewallRules: [{DACDE9A6-E36A-4C5D-A574-A5184A13B826}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe FirewallRules: [{0C5B5AA8-E32E-45D7-BB1A-A4A744849C9F}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe FirewallRules: [{E60D39D1-1C44-43BB-BFB5-65CB8A81AC80}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe ==================== Restore Points ========================= 30-11-2014 19:00:13 Windows Backup 09-12-2014 21:00:04 Windows Backup 17-12-2014 19:58:53 Windows Backup 22-12-2014 19:39:10 Windows Backup 30-12-2014 20:44:06 Windows Backup 04-01-2015 22:11:45 Windows Backup 13-01-2015 20:15:43 Windows Backup 01-02-2015 14:45:53 Windows Backup 03-02-2015 08:06:02 Windows Backup 09-05-2015 11:16:36 Windows Backup 26-05-2015 19:32:44 Windows Backup 25-07-2015 14:37:18 Windows Backup 02-08-2015 11:48:38 Windows Backup 16-08-2015 18:28:34 Windows Backup 04-10-2015 07:46:34 Windows Backup ==================== Faulty Device Manager Devices ============= ==================== Event log errors: ========================= Application errors: ================== Error: (08/20/2015 09:03:12 PM) (Source: SideBySide) (EventID: 33) (User: ) Description: Activation context generation failed for "msadctls,processorArchitecture="x86",type="win32",version="1.0.1801.0"1". Dependent Assembly msadctls,processorArchitecture="x86",type="win32",version="1.0.1801.0" could not be found. Please use sxstrace.exe for detailed diagnosis. Error: (08/20/2015 09:03:12 PM) (Source: SideBySide) (EventID: 33) (User: ) Description: Activation context generation failed for "msadctls,processorArchitecture="x86",type="win32",version="1.0.1801.0"1". Dependent Assembly msadctls,processorArchitecture="x86",type="win32",version="1.0.1801.0" could not be found. Please use sxstrace.exe for detailed diagnosis. Error: (08/20/2015 09:03:12 PM) (Source: SideBySide) (EventID: 33) (User: ) Description: Activation context generation failed for "msadctls,processorArchitecture="x86",type="win32",version="1.0.1801.0"1". Dependent Assembly msadctls,processorArchitecture="x86",type="win32",version="1.0.1801.0" could not be found. Please use sxstrace.exe for detailed diagnosis. Error: (08/20/2015 09:03:12 PM) (Source: SideBySide) (EventID: 33) (User: ) Description: Activation context generation failed for "msadctls,processorArchitecture="x86",type="win32",version="1.0.1801.0"1". Dependent Assembly msadctls,processorArchitecture="x86",type="win32",version="1.0.1801.0" could not be found. Please use sxstrace.exe for detailed diagnosis. Error: (05/26/2015 07:38:17 PM) (Source: MsiInstaller) (EventID: 1024) (User: BAZYL-PC) Description: Product: Adobe Reader XI (11.0.10) - Polish - Update '{AC76BA86-7AD7-0000-2550-7A8C40011011}' could not be installed. Error code 1625. Windows Installer can create logs to help troubleshoot issues with installing software packages. Use the following link for instructions on turning on logging support: http://go.microsoft.com/fwlink/?LinkId=23127 Error: (05/09/2015 12:33:43 PM) (Source: SideBySide) (EventID: 33) (User: ) Description: Activation context generation failed for "msadctls,processorArchitecture="x86",type="win32",version="1.0.1801.0"1". Dependent Assembly msadctls,processorArchitecture="x86",type="win32",version="1.0.1801.0" could not be found. Please use sxstrace.exe for detailed diagnosis. Error: (05/09/2015 12:33:43 PM) (Source: SideBySide) (EventID: 33) (User: ) Description: Activation context generation failed for "msadctls,processorArchitecture="x86",type="win32",version="1.0.1801.0"1". Dependent Assembly msadctls,processorArchitecture="x86",type="win32",version="1.0.1801.0" could not be found. Please use sxstrace.exe for detailed diagnosis. Error: (05/09/2015 12:33:43 PM) (Source: SideBySide) (EventID: 33) (User: ) Description: Activation context generation failed for "msadctls,processorArchitecture="x86",type="win32",version="1.0.1801.0"1". Dependent Assembly msadctls,processorArchitecture="x86",type="win32",version="1.0.1801.0" could not be found. Please use sxstrace.exe for detailed diagnosis. Error: (05/09/2015 12:33:43 PM) (Source: SideBySide) (EventID: 33) (User: ) Description: Activation context generation failed for "msadctls,processorArchitecture="x86",type="win32",version="1.0.1801.0"1". Dependent Assembly msadctls,processorArchitecture="x86",type="win32",version="1.0.1801.0" could not be found. Please use sxstrace.exe for detailed diagnosis. Error: (02/03/2015 08:38:02 AM) (Source: SideBySide) (EventID: 33) (User: ) Description: Activation context generation failed for "msadctls,processorArchitecture="x86",type="win32",version="1.0.1801.0"1". Dependent Assembly msadctls,processorArchitecture="x86",type="win32",version="1.0.1801.0" could not be found. Please use sxstrace.exe for detailed diagnosis. System errors: ============= Error: (08/22/2015 08:37:59 AM) (Source: DCOM) (EventID: 10010) (User: ) Description: {F9717507-6651-4EDB-BFF7-AE615179BCCF} Error: (08/16/2015 06:19:04 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: The Windows Live ID Sign-in Assistant service failed to start due to the following error: %%1053 Error: (08/16/2015 06:19:04 PM) (Source: Service Control Manager) (EventID: 7009) (User: ) Description: A timeout was reached (30000 milliseconds) while waiting for the Windows Live ID Sign-in Assistant service to connect. Error: (08/15/2015 08:16:27 PM) (Source: Service Control Manager) (EventID: 7030) (User: ) Description: The Baidu Spark Service service is marked as an interactive service. However, the system is configured to not allow interactive services. This service may not function properly. Error: (08/15/2015 08:12:08 PM) (Source: Service Control Manager) (EventID: 7030) (User: ) Description: The Mini Service service is marked as an interactive service. However, the system is configured to not allow interactive services. This service may not function properly. Error: (02/03/2015 10:36:49 AM) (Source: EventLog) (EventID: 6008) (User: ) Description: The previous system shutdown at 10:35:32 on ‎03/‎02/‎2015 was unexpected. Error: (01/11/2015 10:35:43 AM) (Source: Service Control Manager) (EventID: 7023) (User: ) Description: The Windows Time service terminated with the following error: %%1115 Error: (12/31/2014 06:34:43 AM) (Source: Service Control Manager) (EventID: 7023) (User: ) Description: The Windows Time service terminated with the following error: %%1115 Error: (12/25/2014 09:51:31 AM) (Source: EventLog) (EventID: 6008) (User: ) Description: The previous system shutdown at 09:49:59 on ‎25/‎12/‎2014 was unexpected. Error: (12/25/2014 07:08:06 AM) (Source: EventLog) (EventID: 6008) (User: ) Description: The previous system shutdown at 22:52:03 on ‎22/‎12/‎2014 was unexpected.