Additional scan result of Farbar Recovery Scan Tool (x64) Version:29-05-2016 02 Ran by mmazu_000 (2016-05-29 16:16:52) Running from C:\Users\mmazu_000\Downloads Windows 8.1 (Update) (X64) (2014-08-05 19:27:47) Boot Mode: Normal ========================================================== ==================== Accounts: ============================= Administrator (S-1-5-21-1972188415-2893025811-970642349-500 - Administrator - Disabled) => C:\Users\Administrator Guest (S-1-5-21-1972188415-2893025811-970642349-501 - Limited - Disabled) HomeGroupUser$ (S-1-5-21-1972188415-2893025811-970642349-1003 - Limited - Enabled) mmazu_000 (S-1-5-21-1972188415-2893025811-970642349-1001 - Administrator - Enabled) => C:\Users\mmazu_000 ==================== Security Center ======================== (If an entry is included in the fixlist, it will be removed.) AV: McAfee Anti-Virus and Anti-Spyware (Disabled - Up to date) {ADA629C7-7F48-5689-624A-3B76997E0892} AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B} AS: McAfee Anti-Virus i Anti-Spyware (Disabled - Out of date) {16C7C823-5972-5907-58FA-0004E2F9422F} AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736} FW: McAfee Firewall (Disabled) {959DA8E2-3527-57D1-4915-924367AD4FE9} ==================== Installed Programs ====================== (Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.) µTorrent (HKU\S-1-5-21-1972188415-2893025811-970642349-1001\...\uTorrent) (Version: 3.4.2.33394 - BitTorrent Inc.) Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 15.0.0.356 - Adobe Systems Incorporated) Adobe Download Assistant (HKLM-x32\...\com.adobe.downloadassistant.AdobeDownloadAssistant) (Version: 1.2.9 - Adobe Systems Incorporated) Adobe Flash Player 21 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 21.0.0.242 - Adobe Systems Incorporated) AutoCAD 2015 — Polski (Polish) (Version: 20.0.210.0 - Autodesk) Hidden AutoCAD 2015 — Polski (Polish) (Version: 20.0.51.0 - Autodesk) Hidden AutoCAD 2015 Language Pack – Polski (Polish) (Version: 20.0.51.0 - Autodesk) Hidden Autodesk App Manager (HKLM-x32\...\{C8125548-F2D5-4059-823F-1F3C5BBD9F19}) (Version: 1.2.0 - Autodesk) Autodesk Application Manager (HKLM-x32\...\Autodesk Application Manager) (Version: 5.0.142.14 - Autodesk) Autodesk AutoCAD 2015 — Polski (Polish) (HKLM\...\AutoCAD 2015 — Polski (Polish)) (Version: 20.0.51.0 - Autodesk) Autodesk AutoCAD 2015 — Polski (Polish) SP2 (HKLM\...\AutoCAD 2015 — Polski (Polish) SP2) (Version: 20.0.210.0 - Autodesk) Autodesk AutoCAD Performance Feedback Tool Version 1.2.2 (HKLM-x32\...\{85735431-6CD3-4B16-BEC8-95332034E53B}) (Version: 1.2.2.0 - Autodesk) Autodesk BIM 360 Glue AutoCAD 2015 Add-in 64 bit (HKLM\...\{9D589081-AFC2-4932-9071-AC585AC1EA83}) (Version: 3.32.3004 - Autodesk) Autodesk Content Service (HKLM-x32\...\Autodesk Content Service) (Version: 3.2.0.0 - Autodesk) Autodesk Content Service (x32 Version: 3.2.0.0 - Autodesk) Hidden Autodesk Content Service Language Pack (x32 Version: 3.2.0.0 - Autodesk) Hidden Autodesk Featured Apps (HKLM-x32\...\{EDDEE94B-214D-4B07-9727-A3E46F3E379A}) (Version: 1.2.0 - Autodesk) Autodesk Material Library 2015 (HKLM-x32\...\{427F733F-4D6C-45BC-9324-EB743104C321}) (Version: 5.2.9.100 - Autodesk) Autodesk Material Library Base Resolution Image Library 2015 (HKLM-x32\...\{ABE2F70B-8D94-44E9-AA04-F0DB35063D62}) (Version: 5.2.9.100 - Autodesk) Avast Internet Security (HKLM-x32\...\Avast) (Version: 11.1.2241 - AVAST Software) CDBurnerXP (HKLM\...\{7E265513-8CDA-4631-B696-F40D983F3B07}_is1) (Version: 4.5.4.5000 - CDBurnerXP) CyberLink Media Suite Essentials (HKLM-x32\...\InstallShield_{8F14AA37-5193-4A14-BD5B-BDF9B361AEF7}) (Version: 10.0 - CyberLink Corp.) D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden DAEMON Tools Lite (HKLM-x32\...\DAEMON Tools Lite) (Version: 4.49.1.0356 - Disc Soft Ltd) Dell Backup and Recovery - Support Software (HKLM-x32\...\{A9668246-FB70-4103-A1E3-66C9BC2EFB49}) (Version: 1.6.1.2 - Dell Inc.) Dell Backup and Recovery (HKLM-x32\...\{0ED7EE95-6A97-47AA-AD73-152C08A15B04}) (Version: 1.6.1.2 - Dell Inc.) Dell Touchpad (HKLM\...\SynTPDeinstKey) (Version: 17.0.8.1 - Synaptics Incorporated) Dell WLAN and Bluetooth Client Installation (HKLM-x32\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 10.0 - Dell Inc.) DSC/AA Factory Installer (Version: 3.4.6299.48 - PC-Doctor, Inc.) Hidden Foxit Reader (HKLM-x32\...\Foxit Reader_is1) (Version: 7.0.3.916 - Foxit Software Inc.) Google Chrome (HKU\S-1-5-21-1972188415-2893025811-970642349-1001\...\Google Chrome) (Version: 50.0.2661.102 - Google Inc.) Google Photos Backup (HKU\S-1-5-21-1972188415-2893025811-970642349-1001\...\Google Photos Backup) (Version: 1.1.2.13 - Google, Inc.) LAME v3.99.3 (for Windows) (HKLM-x32\...\LAME_is1) (Version: - ) McAfee LiveSafe – Internet Security (HKLM-x32\...\MSC) (Version: 12.8.409 - McAfee, Inc.) Microsoft Office (HKLM-x32\...\{90150000-0138-0409-0000-0000000FF1CE}) (Version: 15.0.4454.1510 - Microsoft Corporation) Microsoft Office Professional Plus 2010 (HKLM-x32\...\Office14.PROPLUS) (Version: 14.0.4763.1000 - Microsoft Corporation) Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.41212.0 - Microsoft Corporation) Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{7f51bdb9-ee21-49ee-94d6-90afc321780e}) (Version: 12.0.21005.1 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation) Mobile Partner (HKLM-x32\...\Mobile Partner) (Version: 23.009.05.00.159 - Huawei Technologies Co.,Ltd) Movie Maker (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden Mozilla Firefox 46.0.1 (x86 pl) (HKLM-x32\...\Mozilla Firefox 46.0.1 (x86 pl)) (Version: 46.0.1 - Mozilla) Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 46.0.1.5966 - Mozilla) My Dell (HKLM\...\PC-Doctor for Windows) (Version: 3.4.6299.48 - PC-Doctor, Inc.) Odkurzacz (HKLM-x32\...\Odkurzacz 14.0_is1) (Version: 14.0.0.4000 - FranmoSoftware - Maciej Opaliński) Qualcomm Atheros Bluetooth Suite (64) (HKLM\...\{A84A4FB1-D703-48DB-89E0-68B6499D2801}) (Version: 8.0.1.304 - Qualcomm Atheros Communications) Quickset64 (HKLM\...\{87CF757E-C1F1-4D22-865C-00C6950B5258}) (Version: 10.15.021 - Dell Inc.) Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7023 - Realtek Semiconductor Corp.) SafeZone Stable 1.46.1990.55 (x32 Version: 1.46.1990.55 - Avast Software) Hidden SketchUp Import (HKLM-x32\...\{C403E867-FCF1-432B-BCC1-8FFD40A10A6E}) (Version: 1.2.0 - Autodesk) Skype™ 7.21 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.21.100 - Skype Technologies S.A.) SopCast 3.9.2 (HKLM-x32\...\SopCast) (Version: 3.9.2 - www.sopcast.com) VLC media player (HKLM-x32\...\VLC media player) (Version: 2.1.5 - VideoLAN) Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3508.0205 - Microsoft Corporation) WinRAR 5.11 (64-bitowy) (HKLM\...\WinRAR archiver) (Version: 5.11.0 - win.rar GmbH) ==================== Custom CLSID (Whitelisted): ========================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) CustomCLSID: HKU\S-1-5-21-1972188415-2893025811-970642349-1001_Classes\CLSID\{0B628DE4-07AD-4284-81CA-5B439F67C5E6}\localserver32 -> C:\Program Files\Autodesk2015proba\AutoCAD 2015\acad.exe (Autodesk, Inc.) CustomCLSID: HKU\S-1-5-21-1972188415-2893025811-970642349-1001_Classes\CLSID\{1423F872-3F7F-4E57-B621-8B1A9D49B448}\InprocServer32 -> C:\Users\mmazu_000\AppData\Local\Google\Update\1.3.27.5\psuser_64.dll => No File CustomCLSID: HKU\S-1-5-21-1972188415-2893025811-970642349-1001_Classes\CLSID\{149DD748-EA85-45A6-93C5-AC50D0260C98}\localserver32 -> C:\Program Files\Autodesk2015proba\AutoCAD 2015\acad.exe (Autodesk, Inc.) CustomCLSID: HKU\S-1-5-21-1972188415-2893025811-970642349-1001_Classes\CLSID\{590C4387-5EBD-4D46-8A84-CD0BA2EF2856}\InprocServer32 -> C:\Users\mmazu_000\AppData\Local\Google\Update\1.3.30.3\psuser_64.dll (Google Inc.) CustomCLSID: HKU\S-1-5-21-1972188415-2893025811-970642349-1001_Classes\CLSID\{5C8C2A98-6133-4EBA-BBCC-34D9EA01FC2E}\InprocServer32 -> C:\Users\mmazu_000\AppData\Local\Google\Update\1.3.28.1\psuser_64.dll => No File CustomCLSID: HKU\S-1-5-21-1972188415-2893025811-970642349-1001_Classes\CLSID\{78550997-5DEF-4A8A-BAF9-D5774E87AC98}\InprocServer32 -> C:\Users\mmazu_000\AppData\Local\Google\Update\1.3.28.13\psuser_64.dll => No File CustomCLSID: HKU\S-1-5-21-1972188415-2893025811-970642349-1001_Classes\CLSID\{793EE463-1304-471C-ADF1-68C2FFB01247}\InprocServer32 -> C:\Users\mmazu_000\AppData\Local\Google\Update\1.3.29.5\psuser_64.dll => No File CustomCLSID: HKU\S-1-5-21-1972188415-2893025811-970642349-1001_Classes\CLSID\{C3BC25C0-FCD3-4F01-AFDD-41373F017C9A}\InprocServer32 -> C:\Users\mmazu_000\AppData\Local\Google\Update\1.3.26.9\psuser_64.dll => No File CustomCLSID: HKU\S-1-5-21-1972188415-2893025811-970642349-1001_Classes\CLSID\{CC182BE1-84CE-4A57-B85C-FD4BBDF78CB2}\InprocServer32 -> C:\Users\mmazu_000\AppData\Local\Google\Update\1.3.29.1\psuser_64.dll => No File CustomCLSID: HKU\S-1-5-21-1972188415-2893025811-970642349-1001_Classes\CLSID\{D0336C0B-7919-4C04-8CCE-2EBAE2ECE8C9}\InprocServer32 -> C:\Users\mmazu_000\AppData\Local\Google\Update\1.3.25.11\psuser_64.dll => No File CustomCLSID: HKU\S-1-5-21-1972188415-2893025811-970642349-1001_Classes\CLSID\{D1EDC4F5-7F4D-4B12-906A-614ECF66DDAF}\InprocServer32 -> C:\Users\mmazu_000\AppData\Local\Google\Update\1.3.28.15\psuser_64.dll => No File CustomCLSID: HKU\S-1-5-21-1972188415-2893025811-970642349-1001_Classes\CLSID\{E2C40589-DE61-11ce-BAE0-0020AF6D7005}\InprocServer32 -> C:\Program Files\Autodesk2015proba\AutoCAD 2015\pl-PL\acadficn.dll (Autodesk, Inc.) CustomCLSID: HKU\S-1-5-21-1972188415-2893025811-970642349-1001_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\mmazu_000\AppData\Local\Google\Update\1.3.30.3\psuser_64.dll (Google Inc.) ==================== Scheduled Tasks (Whitelisted) ============= (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) Task: {0A8DB505-CC8D-4F44-B570-E81CE662E402} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1972188415-2893025811-970642349-1001UA => C:\Users\mmazu_000\AppData\Local\Google\Update\GoogleUpdate.exe [2015-08-31] (Google Inc.) Task: {13B9E799-69F4-40AE-B0CB-F9B7F76AA37F} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1972188415-2893025811-970642349-1001Core1d0bf884693a842 => C:\Users\mmazu_000\AppData\Local\Google\Update\GoogleUpdate.exe [2015-08-31] (Google Inc.) Task: {1C0F3489-BCBD-4C82-8210-D701AB572724} - System32\Tasks\PCDoctorBackgroundMonitorTask => C:\Program Files\My Dell\uaclauncher.exe [2013-08-22] (PC-Doctor, Inc.) Task: {20323905-C8A0-42BD-87C8-9C1FCE0F14AA} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2016-05-15] (Microsoft Corporation) Task: {245D2A29-CC08-4757-9735-0FDD11A1EECB} - System32\Tasks\AVAST Software\Avast settings backup => C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe [2016-03-05] (AVAST Software) Task: {3B01BF2B-8035-4D9B-ABFA-9989F6B6ED37} - System32\Tasks\Odkurzacz => C:\Program Files (x86)\Odkurzacz\odkurzacz.exe [2016-05-03] (FranmoSoftware) Task: {43431B09-9446-44CA-899D-4767ED5E9418} - System32\Tasks\CLMLSvc_P2G8 => C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe [2013-03-05] (CyberLink) Task: {65312E89-E288-4942-B5F5-B5475940FE78} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-05-13] (Adobe Systems Incorporated) Task: {7D08A8D3-1A96-4EFE-BAFA-91A3F49383F8} - System32\Tasks\PCDEventLauncherTask => C:\Program Files\My Dell\sessionchecker.exe [2013-08-22] (PC-Doctor, Inc.) Task: {87661F60-A3D4-4E80-B46B-49D6720649F8} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2015-11-17] (AVAST Software) Task: {9C1C6DBC-7893-4204-835F-34030D7D4859} - System32\Tasks\Synaptics TouchPad Enhancements => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2013-08-12] (Synaptics Incorporated) Task: {A771078D-8680-41D0-91CD-A5173EF97BE6} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1972188415-2893025811-970642349-1001Core => C:\Users\mmazu_000\AppData\Local\Google\Update\GoogleUpdate.exe [2015-08-31] (Google Inc.) Task: {B4849D0F-F698-415B-BCA8-32D86376B6B9} - System32\Tasks\SafeZone scheduled Autoupdate 1448029687 => C:\Program Files\AVAST Software\SZBrowser\launcher.exe [2015-10-30] (Avast Software) Task: {E63D9A44-773A-4B17-9A75-D755FE927E76} - System32\Tasks\CLVDLauncher => C:\Program Files (x86)\CyberLink\Power2Go8\CLVDLauncher.exe [2013-03-22] (CyberLink Corp.) Task: {F998D73C-1849-456F-B550-E4CCD78F7E7A} - System32\Tasks\SystemToolsDailyTest => uaclauncher.exe (If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.) Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe Task: C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-1972188415-2893025811-970642349-1001Core.job => C:\Users\mmazu_000\AppData\Local\Google\Update\GoogleUpdate.exe Task: C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-1972188415-2893025811-970642349-1001Core1d0bf884693a842.job => C:\Users\mmazu_000\AppData\Local\Google\Update\GoogleUpdate.exe Task: C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-1972188415-2893025811-970642349-1001UA.job => C:\Users\mmazu_000\AppData\Local\Google\Update\GoogleUpdate.exe ==================== Shortcuts ============================= (The entries could be listed to be restored or removed.) ==================== Loaded Modules (Whitelisted) ============== 2011-03-14 17:27 - 2011-03-14 17:27 - 00346976 _____ () C:\ProgramData\DatacardService\HWDeviceService64.exe 2014-08-28 08:33 - 2012-06-28 04:46 - 00655744 _____ () C:\ProgramData\Mobile Partner\OnlineUpdate\ouc.exe 2014-04-19 02:12 - 2013-08-19 17:21 - 00020256 _____ () C:\Program Files (x86)\Dell Backup and Recovery\Components\Shell\DBROverlayIcon.dll 2014-04-19 02:12 - 2013-08-19 17:21 - 00019232 _____ () C:\Program Files (x86)\Dell Backup and Recovery\Components\Shell\DBROverlayNotBackuped.dll 2010-01-30 03:40 - 2010-01-30 03:40 - 04254560 _____ () C:\Program Files\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF 2014-04-19 02:12 - 2013-08-19 17:21 - 00035104 _____ () C:\Program Files (x86)\Dell Backup and Recovery\Components\Shell\DBRShellExtension.dll 2013-09-05 06:20 - 2013-09-05 06:20 - 00011264 _____ () C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\Modules\ActivateDesktopDebugger\ActivateDesktopDebugger.dll 2013-09-05 06:17 - 2013-09-05 06:17 - 00086016 _____ () C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\Modules\Map\MAP.dll 2013-09-05 06:24 - 2013-09-05 06:24 - 00012928 _____ () C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\ActivateDesktop.exe 2015-11-17 00:41 - 2015-11-17 00:41 - 00103888 _____ () C:\Program Files\AVAST Software\Avast\log.dll 2015-11-17 00:35 - 2015-11-17 00:35 - 00125512 _____ () C:\Program Files\AVAST Software\Avast\JsonRpcServer.dll 2016-05-27 14:26 - 2016-05-27 14:26 - 02982040 _____ () C:\Program Files\AVAST Software\Avast\defs\16052700\algo.dll 2016-04-15 19:07 - 2016-04-15 19:07 - 00507808 _____ () C:\Program Files\AVAST Software\Avast\ffl2.dll 2016-05-29 12:18 - 2016-05-29 12:18 - 02982040 _____ () C:\Program Files\AVAST Software\Avast\defs\16052900\algo.dll 2016-01-08 15:44 - 2016-02-24 06:48 - 00062024 _____ () C:\Program Files (x86)\Common Files\Autodesk Shared\AppManager\R1\QtSolutions_Service-head.dll 2016-01-08 15:44 - 2016-02-24 06:47 - 00110664 _____ () C:\Program Files (x86)\Common Files\Autodesk Shared\AppManager\R1\qjson0.dll 2014-08-28 08:33 - 2009-01-10 12:32 - 00011362 _____ () C:\ProgramData\Mobile Partner\OnlineUpdate\mingwm10.dll 2014-08-28 08:33 - 2009-06-22 20:42 - 00043008 _____ () C:\ProgramData\Mobile Partner\OnlineUpdate\libgcc_s_dw2-1.dll 2014-08-28 08:33 - 2010-07-23 06:58 - 02415104 _____ () C:\ProgramData\Mobile Partner\OnlineUpdate\QtCore4.dll 2014-08-28 08:33 - 2010-02-10 16:10 - 01148416 _____ () C:\ProgramData\Mobile Partner\OnlineUpdate\QtNetwork4.dll 2014-08-28 08:33 - 2012-06-28 04:34 - 00843264 _____ () C:\ProgramData\Mobile Partner\OnlineUpdate\QueryStrategy.dll 2014-08-28 08:33 - 2010-02-10 16:06 - 00398336 _____ () C:\ProgramData\Mobile Partner\OnlineUpdate\QtXml4.dll 2014-04-19 01:55 - 2013-03-05 05:40 - 00626240 _____ () C:\Program Files (x86)\CyberLink\Power2Go8\CLMediaLibrary.dll 2013-03-05 18:41 - 2013-03-05 18:41 - 00015424 _____ () C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvcPS.dll 2015-11-17 09:15 - 2015-11-17 09:18 - 40540672 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll 2016-05-29 12:16 - 2016-02-24 06:47 - 00110664 _____ () C:\Users\mmazu_000\AppData\Local\Autodesk\.AdskAppManager\R1\qjson0.dll 2010-01-30 03:41 - 2010-01-30 03:41 - 04254560 _____ () C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Cultures\OFFICE.ODF 2014-09-11 16:05 - 2012-06-28 04:45 - 01545088 _____ () C:\ProgramData\Mobile Partner\OnlineUpdate\LiveUpd.exe 2014-08-28 08:33 - 2010-02-10 16:43 - 09515520 _____ () C:\ProgramData\Mobile Partner\OnlineUpdate\QtGui4.dll 2014-09-11 16:05 - 2012-06-06 03:21 - 00082944 _____ () C:\ProgramData\Mobile Partner\OnlineUpdate\plugins\imageformats\qgif4.dll 2014-09-11 16:05 - 2012-06-06 03:21 - 00081920 _____ () C:\ProgramData\Mobile Partner\OnlineUpdate\plugins\imageformats\qico4.dll ==================== Alternate Data Streams (Whitelisted) ========= (If an entry is included in the fixlist, only the ADS will be removed.) ==================== Safe Mode (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.) HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS => ""="" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => ""="" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\McMPFSvc => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MCODS => ""="" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => ""="" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefire => ""="Driver" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek => ""="Driver" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek.sys => ""="Driver" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk => ""="Driver" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk.sys => ""="Driver" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfevtp => ""="Driver" ==================== Association (Whitelisted) =============== (If an entry is included in the fixlist, the registry item will be restored to default or removed.) HKU\S-1-5-21-1972188415-2893025811-970642349-1001\Software\Classes\.scr: AutoCADScriptFile => C:\WINDOWS\system32\notepad.exe "%1" <===== ATTENTION ==================== Internet Explorer trusted/restricted =============== (If an entry is included in the fixlist, it will be removed from the registry.) ==================== Hosts content: =============================== (If needed Hosts: directive could be included in the fixlist to reset Hosts.) 2013-08-22 15:25 - 2013-08-22 15:25 - 00000824 ____A C:\WINDOWS\system32\Drivers\etc\hosts ==================== Other Areas ============================ (Currently there is no automatic fix for this section.) HKU\S-1-5-21-1972188415-2893025811-970642349-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\mmazu_000\AppData\Local\Microsoft\Windows\Themes\RoamedThemeFiles\DesktopBackground\tapeta z przeglądarki fotografii systemu windows.jpg DNS Servers: 91.231.70.37 - 91.231.70.58 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1) Windows Firewall is enabled. ==================== MSCONFIG/TASK MANAGER disabled items == (Currently there is no automatic fix for this section.) ==================== FirewallRules (Whitelisted) =============== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139 FirewallRules: [{C2401FA7-B2E8-483E-8ABF-ADDA7C3D7846}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDirector10\PDR10.EXE FirewallRules: [{2DEF169D-FB19-4BBD-B910-D1B4A8A86A12}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\PowerDVD12.exe FirewallRules: [{02F068E7-E638-4E16-86DD-2ACF66959556}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMR\PowerDVD12DMREngine.exe FirewallRules: [{A31ACE30-9D91-4958-A713-A0CF1248D304}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSServerPDVD12.exe FirewallRules: [{ACFEF7B9-F3A9-44BF-B95B-B285D5EEAE0C}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\PowerDVD12Agent.exe FirewallRules: [{F586BF7C-3EA1-41D9-891B-DE49413D44F3}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\PowerDVD12ML.exe FirewallRules: [{01C5CF17-3DF8-4BC4-895D-650C397021E3}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\Movie\PowerDVD Cinema\PowerDVDCinema12.exe FirewallRules: [{5AD7C3A3-969C-4F96-90CC-03FBCF68A638}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe FirewallRules: [{61DA5447-289D-4291-9A4E-A00518EB25AD}] => (Allow) LPort=2869 FirewallRules: [{F3B2B7CE-C9E9-4434-AA3A-8DF28E4C623A}] => (Allow) LPort=1900 FirewallRules: [{E4145B76-BC51-49F3-B6B3-08591639F90C}] => (Allow) C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe FirewallRules: [{322CAF30-D213-4F5D-9E07-38DE0BB77861}] => (Allow) C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe FirewallRules: [{A76B2687-667C-4BC9-8140-E46418B66AC6}] => (Allow) C:\Users\mmazu_000\AppData\Roaming\uTorrent\uTorrent.exe FirewallRules: [{4621570B-4F0F-43C5-A4B3-B4349E58C69F}] => (Allow) C:\Users\mmazu_000\AppData\Roaming\uTorrent\uTorrent.exe FirewallRules: [{715C0DF4-28E7-4F49-9B94-F50FF06148AD}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe FirewallRules: [{7A39C12B-134A-42FF-BDA7-F911F469FF23}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe FirewallRules: [{B5BF7543-8EA7-4FF1-BD9A-920AD50ABBA6}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe FirewallRules: [{59A9B1AB-B822-4DAB-ACCE-759C1EB54518}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe FirewallRules: [{6921E4B4-A51A-4DB7-8F66-0F0CF525F57C}] => (Allow) C:\Program Files\AVAST Software\Avast\ng\vbox\aswFe.exe FirewallRules: [{E497B4D7-1043-43EE-B006-A9625F9E3B4C}] => (Allow) C:\Program Files\AVAST Software\Avast\ng\vbox\aswFe.exe FirewallRules: [{8454BBFD-82BF-4D36-9A54-FA24F129DA85}] => (Allow) LPort=50248 ==================== Restore Points ========================= Check "winmgmt" service or repair WMI. ==================== Faulty Device Manager Devices ============= Could not list Devices. Check "winmgmt" service or repair WMI. ==================== Event log errors: ========================= Application errors: ================== Error: (05/29/2016 04:21:57 PM) (Source: ESENT) (EventID: 454) (User: ) Description: svchost (1176) SRUJet: Odzyskiwanie/przywracanie bazy danych nie powiodło się z powodu nieoczekiwanego błędu: -1017. Error: (05/29/2016 04:21:57 PM) (Source: ESENT) (EventID: 492) (User: ) Description: svchost (1176) SRUJet: Sekwencja pliku dziennika w "C:\WINDOWS\system32\SRU\" została zatrzymana z powodu błędu krytycznego. Przyszłe aktualizacje nie są możliwe w wypadku baz danych używających tej sekwencji pliku dziennika. Usuń problem i ponownie uruchom bazę danych lub przywróć ją z kopii zapasowej. Error: (05/29/2016 04:21:57 PM) (Source: ESENT) (EventID: 471) (User: ) Description: svchost (1176) SRUJet: Nie można cofnąć operacji nr 447 na bazie danych C:\WINDOWS\system32\SRU\SRUDB.dat. Błąd: -1017. Wszystkie przyszłe aktualizacje bazy danych będą odrzucane. Error: (05/29/2016 04:20:37 PM) (Source: ESENT) (EventID: 454) (User: ) Description: svchost (1176) SRUJet: Odzyskiwanie/przywracanie bazy danych nie powiodło się z powodu nieoczekiwanego błędu: -1017. Error: (05/29/2016 04:20:37 PM) (Source: ESENT) (EventID: 492) (User: ) Description: svchost (1176) SRUJet: Sekwencja pliku dziennika w "C:\WINDOWS\system32\SRU\" została zatrzymana z powodu błędu krytycznego. Przyszłe aktualizacje nie są możliwe w wypadku baz danych używających tej sekwencji pliku dziennika. Usuń problem i ponownie uruchom bazę danych lub przywróć ją z kopii zapasowej. Error: (05/29/2016 04:20:37 PM) (Source: ESENT) (EventID: 471) (User: ) Description: svchost (1176) SRUJet: Nie można cofnąć operacji nr 447 na bazie danych C:\WINDOWS\system32\SRU\SRUDB.dat. Błąd: -1017. Wszystkie przyszłe aktualizacje bazy danych będą odrzucane. Error: (05/29/2016 04:19:11 PM) (Source: ESENT) (EventID: 454) (User: ) Description: svchost (1176) SRUJet: Odzyskiwanie/przywracanie bazy danych nie powiodło się z powodu nieoczekiwanego błędu: -1017. Error: (05/29/2016 04:19:11 PM) (Source: ESENT) (EventID: 492) (User: ) Description: svchost (1176) SRUJet: Sekwencja pliku dziennika w "C:\WINDOWS\system32\SRU\" została zatrzymana z powodu błędu krytycznego. Przyszłe aktualizacje nie są możliwe w wypadku baz danych używających tej sekwencji pliku dziennika. Usuń problem i ponownie uruchom bazę danych lub przywróć ją z kopii zapasowej. Error: (05/29/2016 04:19:11 PM) (Source: ESENT) (EventID: 471) (User: ) Description: svchost (1176) SRUJet: Nie można cofnąć operacji nr 447 na bazie danych C:\WINDOWS\system32\SRU\SRUDB.dat. Błąd: -1017. Wszystkie przyszłe aktualizacje bazy danych będą odrzucane. Error: (05/29/2016 04:17:37 PM) (Source: ESENT) (EventID: 454) (User: ) Description: svchost (1176) SRUJet: Odzyskiwanie/przywracanie bazy danych nie powiodło się z powodu nieoczekiwanego błędu: -1017. System errors: ============= Error: (05/28/2016 11:07:31 PM) (Source: DCOM) (EventID: 10010) (User: NT AUTHORITY) Description: {209500FC-6B45-4693-8871-6296C4843751} Error: (05/28/2016 12:33:33 PM) (Source: DCOM) (EventID: 10010) (User: WINDOWS-JUU6T5R) Description: {1B1F472E-3221-4826-97DB-2C2324D389AE} Error: (05/28/2016 12:32:21 PM) (Source: DCOM) (EventID: 10010) (User: WINDOWS-JUU6T5R) Description: {9AA46009-3CE0-458A-A354-715610A075E6} Error: (05/28/2016 12:31:50 PM) (Source: DCOM) (EventID: 10010) (User: WINDOWS-JUU6T5R) Description: {9AA46009-3CE0-458A-A354-715610A075E6} Error: (05/28/2016 12:31:32 PM) (Source: DCOM) (EventID: 10010) (User: WINDOWS-JUU6T5R) Description: {1B1F472E-3221-4826-97DB-2C2324D389AE} Error: (05/28/2016 12:31:16 PM) (Source: Service Control Manager) (EventID: 7022) (User: ) Description: Usługa Windows Search zawiesiła się podczas uruchamiania. Error: (05/28/2016 12:28:34 PM) (Source: DCOM) (EventID: 10010) (User: NT AUTHORITY) Description: {209500FC-6B45-4693-8871-6296C4843751} Error: (05/28/2016 12:25:07 PM) (Source: DCOM) (EventID: 10010) (User: NT AUTHORITY) Description: {DDCFD26B-FEED-44CD-B71D-79487D2E5E5A} Error: (05/28/2016 12:24:43 PM) (Source: Service Control Manager) (EventID: 7022) (User: ) Description: Usługa Autodesk Content Service zawiesiła się podczas uruchamiania. Error: (05/28/2016 12:23:35 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Nie można uruchomić usługi Mobile Partner. OUC z powodu następującego błędu: %%1053 CodeIntegrity: =================================== Date: 2015-11-15 22:40:23.415 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Elex-tech\YAC\iSafeSrvMon64.dll that did not meet the Windows signing level requirements. Date: 2015-11-15 22:40:22.925 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Elex-tech\YAC\iSafeSrvMon64.dll that did not meet the Windows signing level requirements. Date: 2015-11-15 22:40:22.882 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Elex-tech\YAC\iSafeSrvMon64.dll that did not meet the Windows signing level requirements. Date: 2015-11-14 14:19:12.283 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Elex-tech\YAC\iSafeSrvMon64.dll that did not meet the Windows signing level requirements. Date: 2015-11-14 14:19:10.421 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Elex-tech\YAC\iSafeSrvMon64.dll that did not meet the Windows signing level requirements. Date: 2015-11-14 14:19:09.981 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Elex-tech\YAC\iSafeSrvMon64.dll that did not meet the Windows signing level requirements. Date: 2015-11-14 14:19:09.976 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Elex-tech\YAC\iSafeSrvMon64.dll that did not meet the Windows signing level requirements. Date: 2015-11-14 14:19:09.972 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Elex-tech\YAC\iSafeSrvMon64.dll that did not meet the Windows signing level requirements. Date: 2015-11-14 14:19:09.392 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Elex-tech\YAC\iSafeSrvMon64.dll that did not meet the Windows signing level requirements. Date: 2015-11-12 22:36:05.789 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Elex-tech\YAC\iSafeSrvMon64.dll that did not meet the Windows signing level requirements. ==================== Memory info =========================== Processor: AMD A10-5745M APU with Radeon(tm) HD Graphics Percentage of memory in use: 47% Total physical RAM: 7365.01 MB Available physical RAM: 3830.33 MB Total Virtual: 8517.01 MB Available Virtual: 5439.38 MB ==================== Drives ================================ Drive c: (OS) (Fixed) (Total:921.25 GB) (Free:569.91 GB) NTFS Drive f: () (Removable) (Total:3.75 GB) (Free:2.12 GB) FAT32 ==================== MBR & Partition Table ================== ======================================================== Disk: 0 (Size: 931.5 GB) (Disk ID: 277B4D9C) Partition: GPT. ======================================================== Disk: 1 (Size: 3.8 GB) (Disk ID: 52E8B113) Partition 1: (Not Active) - (Size=3.8 GB) - (Type=0B) ==================== End of Addition.txt ============================