Additional scan result of Farbar Recovery Scan Tool (x64) Version: 29-01-2017 Ran by Piotr (02-02-2017 19:54:31) Running from C:\Users\Piotr\Downloads\New folder Windows 10 Pro Version 1607 (X64) (2016-09-24 16:32:14) Boot Mode: Normal ========================================================== ==================== Accounts: ============================= Administrator (S-1-5-21-2121372599-147289370-3370645225-500 - Administrator - Disabled) DefaultAccount (S-1-5-21-2121372599-147289370-3370645225-503 - Limited - Disabled) Guest (S-1-5-21-2121372599-147289370-3370645225-501 - Limited - Disabled) Kasia (S-1-5-21-2121372599-147289370-3370645225-1002 - Limited - Enabled) => C:\Users\Kasia Komputronik (S-1-5-21-2121372599-147289370-3370645225-1003 - Administrator - Enabled) => C:\Users\Komputronik Piotr (S-1-5-21-2121372599-147289370-3370645225-1001 - Administrator - Enabled) => C:\Users\Piotr ==================== Security Center ======================== (If an entry is included in the fixlist, it will be removed.) AV: Norton Security (Enabled - Up to date) {53C7D717-52E2-B95E-FA61-6F32ECC805DB} AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: Norton Security (Enabled - Up to date) {E8A636F3-74D8-B6D0-C0D1-5440974F4F66} FW: Norton Security (Enabled) {6BFC5632-188D-B806-D13E-C607121B42A0} ==================== Installed Programs ====================== (Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.) µTorrent (HKU\S-1-5-21-2121372599-147289370-3370645225-1001\...\uTorrent) (Version: 3.4.5.41865 - BitTorrent Inc.) 7-Zip 16.02 (x64) (HKLM\...\7-Zip) (Version: 16.02 - Igor Pavlov) Active Directory Authentication Library for SQL Server (Version: 13.0.1601.5 - Microsoft Corporation) Hidden Active Directory Authentication Library for SQL Server (x86) (x32 Version: 13.0.1601.5 - Microsoft Corporation) Hidden Adobe Acrobat Reader DC - Polish (HKLM-x32\...\{AC76BA86-7AD7-1045-7B44-AC0F074E4100}) (Version: 15.023.20056 - Adobe Systems Incorporated) Adobe Flash Player 24 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 24.0.0.194 - Adobe Systems Incorporated) Adobe Flash Player 24 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 24.0.0.194 - Adobe Systems Incorporated) Advanced IP Scanner 2.4 (HKLM-x32\...\{C3CF783A-5457-4989-966F-7BE08812FB71}) (Version: 2.4.2601 - Famatech) Apple Application Support (32-bit) (HKLM-x32\...\{D079CAAD-0C31-47A2-9AF5-A82F9CD9B221}) (Version: 5.2 - Apple Inc.) Apple Application Support (64-bit) (HKLM\...\{64E6007B-1DA9-42CD-BBE4-D5FA67A7C71D}) (Version: 5.2 - Apple Inc.) Apple Software Update (HKLM-x32\...\{56EC47AA-5813-4FF6-8E75-544026FBEA83}) (Version: 2.2.0.150 - Apple Inc.) Application Insights Tools for Visual Studio 2015 (HKLM-x32\...\{0E4C791E-B78E-477D-BD5A-CDD0985BA6EC}) (Version: 7.0.20622.1 - Microsoft Corporation) ATK Package (HKLM-x32\...\{AB5C933E-5C7D-4D30-B314-9C83A49B94BE}) (Version: 1.0.0010 - ASUS) Azure AD Authentication Connected Service (x32 Version: 14.0.25420 - Microsoft Corporation) Hidden AzureTools.Notifications (x32 Version: 2.7.30611.1601 - Microsoft Corporation) Hidden BatteryCare 0.9.27.0 (HKLM-x32\...\{C6A6036D-FBD0-4324-BEAA-C0845257160C}_is1) (Version: 0.9.27.0 - Filipe Lourenço) Behaviors SDK (Windows Phone) for Visual Studio 2013 (x32 Version: 12.0.51210.80 - Microsoft Corporation) Hidden Behaviors SDK (Windows) for Visual Studio 2013 (x32 Version: 12.0.51210.80 - Microsoft Corporation) Hidden Blend for Visual Studio SDK for .NET 4.5 (x32 Version: 3.0.40218.0 - Microsoft Corporation) Hidden Blend for Visual Studio SDK for Windows Phone 8.0 (x32 Version: 3.0.30924.0 - Microsoft Corporation) Hidden Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.) Brother MFL-Pro Suite DCP-7065DN (HKLM-x32\...\{3ACCCFB3-7B17-4E9F-ACB0-46868FCD4487}) (Version: 1.1.3.0 - Brother Industries, Ltd.) Build Tools - amd64 (Version: 12.0.31010 - Microsoft Corporation) Hidden Build Tools - x86 (x32 Version: 12.0.31010 - Microsoft Corporation) Hidden Build Tools for Windows 10 - ENU (x32 Version: 14.0.25527 - Microsoft Corporation) Hidden Build Tools for Windows 10 (x32 Version: 14.0.25527 - Microsoft Corporation) Hidden Build Tools Language Resources - amd64 (Version: 12.0.31010 - Microsoft Corporation) Hidden Build Tools Language Resources - x86 (x32 Version: 12.0.31010 - Microsoft Corporation) Hidden Cisco AnyConnect Secure Mobility Client (HKLM-x32\...\Cisco AnyConnect Secure Mobility Client) (Version: 3.1.03103 - Cisco Systems, Inc.) Cisco AnyConnect Secure Mobility Client (x32 Version: 3.1.03103 - Cisco Systems, Inc.) Hidden CodedUITest81 (x32 Version: 14.0.23107 - Microsoft Corporation) Hidden CodedUITestUAP (x32 Version: 14.0.25527 - Microsoft Corporation) Hidden CrystalDiskInfo 6.8.1 (HKLM-x32\...\CrystalDiskInfo_is1) (Version: 6.8.1 - Crystal Dew World) D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden Dotfuscator and Analytics Community Edition 5.22.0 (x32 Version: 5.22.0.3788 - PreEmptive Solutions) Hidden Dropbox (HKLM-x32\...\Dropbox) (Version: 19.4.12 - Dropbox, Inc.) Dropbox Update Helper (x32 Version: 1.3.59.1 - Dropbox, Inc.) Hidden EaseUS Data Recovery Wizard (HKLM\...\EaseUS Data Recovery Wizard_is1) (Version: - EaseUS) EaseUS Todo Backup Free 9.0 (HKLM-x32\...\EaseUS Todo Backup_is1) (Version: 9.0 - CHENGDU YIWO Tech Development Co., Ltd) Entity Framework 6.1.3 Tools for Visual Studio 2015 Update 1 (HKLM-x32\...\{2A56910C-69C8-495D-8ED8-9080F0A14E58}) (Version: 14.0.41103.0 - Microsoft Corporation) Faktury 98 Demo (HKLM-x32\...\Faktury 98 Demo) (Version: - ) Freemake Video Downloader (HKLM-x32\...\Freemake Video Downloader_is1) (Version: 3.8.0 - Ellora Assets Corporation) Galeria fotografii (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden GDR 2269 for SQL Server 2014 (KB3045324) (64-bit) (HKLM\...\KB3045324) (Version: 12.0.2269.0 - Microsoft Corporation) Google Chrome (HKLM-x32\...\Google Chrome) (Version: 55.0.2883.87 - Google Inc.) Google Update Helper (x32 Version: 1.3.32.7 - Google Inc.) Hidden Hotfix 2569 for SQL Server 2014 (KB3158271) (64-bit) (HKLM\...\KB3158271) (Version: 12.0.2569.0 - Microsoft Corporation) Huawei E3372 (HKLM-x32\...\Huawei E3372) (Version: 22.001.22.03.1202 - Huawei Technologies Co.,Ltd) iCloud (HKLM\...\{4BB313CE-D3D1-424C-8823-15CF85B00B05}) (Version: 6.1.0.30 - Apple Inc.) IDE Tools for Windows 10 - ENU (x32 Version: 14.0.25527 - Microsoft Corporation) Hidden IDE Tools for Windows 10 (x32 Version: 14.0.25527 - Microsoft Corporation) Hidden IIS 10.0 Express (HKLM\...\{13FD7E30-D2F1-498D-ABC2-A4242DB6610E}) (Version: 10.0.1736 - Microsoft Corporation) IIS Express Application Compatibility Database for x64 (HKLM\...\{08274920-8908-45c2-9258-8ad67ff77b09}.sdb) (Version: - ) IIS Express Application Compatibility Database for x86 (HKLM\...\{ad846bae-d44b-4722-abad-f7420e08bcd9}.sdb) (Version: - ) Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 9.17.10.4229 - Intel Corporation) Intellisense Lang Pack Mobile Extension SDK 10.0.14393.0 (x32 Version: 10.1.14393.33 - Microsoft Corporation) Hidden Java 8 Update 91 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86418091F0}) (Version: 8.0.910.14 - Oracle Corporation) Java 8 Update 91 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218091F0}) (Version: 8.0.910.14 - Oracle Corporation) Kingo ROOT version 1.4.9.2848 (HKLM-x32\...\{AE7675D6-0B31-494F-ABFA-822E1A0FDF17}_is1) (Version: 1.4.9.2848 - Kingosoft Technology Ltd.) Kits Configuration Installer (x32 Version: 10.1.14393.33 - Microsoft) Hidden K-Lite Codec Pack 11.7.5 Full (HKLM-x32\...\KLiteCodecPack_is1) (Version: 11.7.5 - ) LocalESPC (x32 Version: 8.59.29989 - Microsoft Corporation) Hidden LocalESPCui for en-us (x32 Version: 8.59.29989 - Microsoft) Hidden Manager (x32 Version: 3.0.7.25771 - ANDREA VACONDIO) Hidden Microsoft .NET Framework 4.5 Multi-Targeting Pack (HKLM-x32\...\{56E962F0-4FB0-3C67-88DB-9EAA6EEFC493}) (Version: 4.5.50710 - Microsoft Corporation) Microsoft .NET Framework 4.5.1 Multi-Targeting Pack (ENU) (HKLM-x32\...\{D3517C62-68A5-37CF-92F7-93C029A89681}) (Version: 4.5.50932 - Microsoft Corporation) Microsoft .NET Framework 4.5.1 Multi-Targeting Pack (HKLM-x32\...\{6A0C6700-EA93-372C-8871-DCCF13D160A4}) (Version: 4.5.50932 - Microsoft Corporation) Microsoft .NET Framework 4.5.1 SDK (HKLM-x32\...\{19A5926D-66E1-46FC-854D-163AA10A52D3}) (Version: 4.5.51641 - Microsoft Corporation) Microsoft .NET Framework 4.5.2 Multi-Targeting Pack (ENU) (HKLM-x32\...\{290FC320-2F5A-329E-8840-C4193BD7A9EE}) (Version: 4.5.51209 - Microsoft Corporation) Microsoft .NET Framework 4.5.2 Multi-Targeting Pack (HKLM-x32\...\{19E8AE59-4D4A-3534-B567-6CC08FA4102E}) (Version: 4.5.51651 - Microsoft Corporation) Microsoft .NET Framework 4.6 SDK (HKLM-x32\...\{B5915D37-0637-4A26-A3AA-C5DC9F856370}) (Version: 4.6.00081 - Microsoft Corporation) Microsoft .NET Framework 4.6 Targeting Pack (ENU) (HKLM-x32\...\{034547E9-D8FA-49E7-8B9C-4C9861FB9146}) (Version: 4.6.00127 - Microsoft Corporation) Microsoft .NET Framework 4.6 Targeting Pack (HKLM-x32\...\{2CC6A4A7-AAC2-46C9-9DBB-3727B5954F65}) (Version: 4.6.00081 - Microsoft Corporation) Microsoft .NET Framework 4.6.1 SDK (HKLM-x32\...\{2F0ECC80-B9E4-4485-8083-CD32F22ABD92}) (Version: 4.6.01055 - Microsoft Corporation) Microsoft .NET Framework 4.6.1 Targeting Pack (ENU) (HKLM-x32\...\{8EEB28EE-5141-411C-9CF0-9952264FE4AF}) (Version: 4.6.01055 - Microsoft Corporation) Microsoft .NET Framework 4.6.1 Targeting Pack (HKLM-x32\...\{8BC3EEC9-090F-4C53-A8DA-1BEC913040F9}) (Version: 4.6.01055 - Microsoft Corporation) Microsoft .NET Version Manager (x64) 1.0.0-beta5 (HKLM\...\{c5a4aba3-1aba-3ef8-b2d5-c3fa37f59738}) (Version: 1.0.10609.0 - Microsoft Corporation) Microsoft ASP.NET MVC 2 (HKLM-x32\...\{DD8FF2F3-0D97-4CF3-AF78-FA0E1B242244}) (Version: 2.0.60926.0 - Microsoft Corporation) Microsoft Help Viewer 1.1 (HKLM\...\Microsoft Help Viewer 1.1) (Version: 1.1.40219 - Microsoft Corporation) Microsoft Help Viewer 2.2 (HKLM-x32\...\Microsoft Help Viewer 2.2) (Version: 2.2.25420 - Microsoft Corporation) Microsoft Lync Web App Plug-in (HKLM\...\{530923FF-A970-4952-9D2F-5FF3C874B50A}) (Version: 15.8.8308.920 - Microsoft Corporation) Microsoft ODBC Driver 11 for SQL Server (HKLM\...\{A106FA6F-E94C-44C9-8A0F-C34BD82C9FE6}) (Version: 12.0.2000.8 - Microsoft Corporation) Microsoft Office 365 - pl-pl (HKLM\...\O365HomePremRetail - pl-pl) (Version: 16.0.7571.2109 - Microsoft Corporation) Microsoft OneDrive (HKU\S-1-5-21-2121372599-147289370-3370645225-1001\...\OneDriveSetup.exe) (Version: 17.3.6743.1212 - Microsoft Corporation) Microsoft Report Viewer 2014 Runtime (HKLM-x32\...\{327E9C0D-1687-414F-923E-F5979E549548}) (Version: 12.0.2000.8 - Microsoft Corporation) Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50901.0 - Microsoft Corporation) Microsoft Silverlight 5 SDK (HKLM-x32\...\{E1FBB3D4-ADB0-4949-B101-855DA061C735}) (Version: 5.0.61118.0 - Microsoft Corporation) Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation) Microsoft SQL Server 2008 R2 Management Objects (HKLM-x32\...\{83F2B8F4-5CF3-4BE9-9772-9543EAE4AC5F}) (Version: 10.51.2500.0 - Microsoft Corporation) Microsoft SQL Server 2008 Setup Support Files (HKLM\...\{6292D514-17A4-403F-98F9-E150F10C043D}) (Version: 10.3.5500.0 - Microsoft Corporation) Microsoft SQL Server 2012 Command Line Utilities (HKLM\...\{9D573E71-1077-4C7E-B4DB-4E22A5D2B48B}) (Version: 11.0.2100.60 - Microsoft Corporation) Microsoft SQL Server 2012 Express LocalDB (HKLM\...\{E4A1FDA3-689D-44DA-9B39-86BD2270F522}) (Version: 11.2.5058.0 - Microsoft Corporation) Microsoft SQL Server 2012 Management Objects (x64) (HKLM\...\{43A5C316-9521-49C3-B9B6-FCE5E1005DF0}) (Version: 11.1.3000.0 - Microsoft Corporation) Microsoft SQL Server 2012 Native Client (HKLM\...\{E2D10175-7411-4EA5-8E32-FA21262B435D}) (Version: 11.2.5592.0 - Microsoft Corporation) Microsoft SQL Server 2014 (64-bit) (HKLM\...\Microsoft SQL Server SQLServer2014) (Version: - Microsoft Corporation) Microsoft SQL Server 2014 Express LocalDB (HKLM\...\{3D7113D6-92B4-43B5-AFF9-D55145B0DEDF}) (Version: 12.0.2569.0 - Microsoft Corporation) Microsoft SQL Server 2014 Management Objects (HKLM-x32\...\{2774595F-BC2A-4B12-A25B-0C37A37049B0}) (Version: 12.0.2000.8 - Microsoft Corporation) Microsoft SQL Server 2014 Management Objects (x64) (HKLM\...\{1F9EB3B6-AED7-4AA7-B8F1-8E314B74B2A5}) (Version: 12.0.2000.8 - Microsoft Corporation) Microsoft SQL Server 2014 Policies (HKLM-x32\...\{1C30FE7E-8A8C-4492-89D6-10CB20C3B0EB}) (Version: 12.0.2000.8 - Microsoft Corporation) Microsoft SQL Server 2014 Setup (English) (HKLM\...\{92FBD63F-918C-4465-A283-957B15042D80}) (Version: 12.0.2569.0 - Microsoft Corporation) Microsoft SQL Server 2014 Transact-SQL Compiler Service (HKLM\...\{E76CDA08-0F96-44FD-A0FD-C07F6CAF19E0}) (Version: 12.0.2569.0 - Microsoft Corporation) Microsoft SQL Server 2014 Transact-SQL ScriptDom (HKLM\...\{2C8240B9-2142-4A0E-9678-7F3C678E34C6}) (Version: 12.0.2569.0 - Microsoft Corporation) Microsoft SQL Server 2014 T-SQL Language Service (HKLM-x32\...\{47D08E7A-92A1-489B-B0BF-415516497BCE}) (Version: 12.0.2000.8 - Microsoft Corporation) Microsoft SQL Server 2016 LocalDB (HKLM\...\{E359515A-92E6-4FA3-A2C9-E1BA02D8DE6E}) (Version: 13.0.1601.5 - Microsoft Corporation) Microsoft SQL Server 2016 Management Objects (HKLM-x32\...\{0F1C8E2F-199A-4946-B3BF-0906DACFD032}) (Version: 13.0.1601.5 - Microsoft Corporation) Microsoft SQL Server 2016 Management Objects (x64) (HKLM\...\{20EA85AA-2A1D-4F11-B09F-4BA2BF3C8989}) (Version: 13.0.1601.5 - Microsoft Corporation) Microsoft SQL Server 2016 T-SQL Language Service (HKLM-x32\...\{8BFDE775-C5B8-46DB-84EF-43FFC8A2E8AD}) (Version: 13.0.14500.10 - Microsoft Corporation) Microsoft SQL Server 2016 T-SQL ScriptDom (HKLM\...\{D091DE8C-EA0F-49AF-8DE3-BD6C79737C6E}) (Version: 13.0.1601.5 - Microsoft Corporation) Microsoft SQL Server Compact 4.0 SP1 x64 ENU (HKLM\...\{78909610-D229-459C-A936-25D92283D3FD}) (Version: 4.0.8876.1 - Microsoft Corporation) Microsoft SQL Server Data Tools - enu (14.0.60519.0) (HKLM-x32\...\{4E27B0EF-7BAB-432A-AF3D-3FC8F3F7353F}) (Version: 14.0.60519.0 - Microsoft Corporation) Microsoft SQL Server System CLR Types (HKLM-x32\...\{C3F6F200-6D7B-4879-B9EE-700C0CE1FCDA}) (Version: 10.51.2500.0 - Microsoft Corporation) Microsoft System CLR Types for SQL Server 2012 (x64) (HKLM\...\{99AC7F47-A4E0-4706-9C65-8948775C2652}) (Version: 11.1.3000.0 - Microsoft Corporation) Microsoft System CLR Types for SQL Server 2014 (HKLM\...\{CCA90A36-FA50-42CF-BA7D-44AD6EC27F10}) (Version: 12.0.2569.0 - Microsoft Corporation) Microsoft System CLR Types for SQL Server 2014 (HKLM-x32\...\{091CE6AA-2753-4F6E-AD1C-0E875744EB54}) (Version: 12.0.2402.29 - Microsoft Corporation) Microsoft System CLR Types for SQL Server 2016 (HKLM\...\{96EB5054-C775-4BEF-B7B9-AA96A295EDCD}) (Version: 13.0.1601.5 - Microsoft Corporation) Microsoft System CLR Types for SQL Server 2016 (HKLM-x32\...\{84C23ECA-FE4D-494F-9247-3EBAD57E7F0C}) (Version: 13.0.1601.5 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (HKLM\...\{350AA351-21FA-3270-8B7A-835434E766AD}) (Version: 9.0.21022 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4974 (HKLM-x32\...\{B7E38540-E355-3503-AFD7-635B2F2F76E1}) (Version: 9.0.30729.4974 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Runtime - 10.0.40219 (HKLM-x32\...\{5D9ED403-94DE-3BA0-B1D6-71F4BDA412E6}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{7f51bdb9-ee21-49ee-94d6-90afc321780e}) (Version: 12.0.21005.1 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation) Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24212 (HKLM-x32\...\{323dad84-0974-4d90-a1c1-e006c7fdbb7d}) (Version: 14.0.24212.0 - Microsoft Corporation) Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24210 (HKLM-x32\...\{23658c02-145e-483d-ba6b-1eb82c580529}) (Version: 14.0.24210.0 - Microsoft Corporation) Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24212 (HKLM-x32\...\{462f63a8-6347-4894-a1b3-dbfe3a4c981d}) (Version: 14.0.24212.0 - Microsoft Corporation) Microsoft Visual Studio 2010 Shell (Isolated) - ENU (HKLM-x32\...\{D64B6984-242F-32BC-B008-752806E5FC44}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual Studio Community 2015 with Updates (HKLM-x32\...\{79b486b9-c5f0-4096-a00c-8351f59587c2}) (Version: 14.0.25420.1 - Microsoft Corporation) Microsoft VSS Writer for SQL Server 2014 (HKLM\...\{366CD715-2FF4-40B4-A8B4-A05E5D21A945}) (Version: 12.0.2000.8 - Microsoft Corporation) Microsoft Web Deploy 3.6 (HKLM\...\{94E1227C-08A9-4962-B388-1F05D89AEA75}) (Version: 3.1238.1962 - Microsoft Corporation) MiernikGSM wersja 2.0 (HKLM-x32\...\{DC7EA620-8671-451F-8701-21D201C20FE2}_is1) (Version: 2.0 - Lepszy-Zasieg.pl) Movie Maker (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden Mozilla Firefox 51.0.1 (x86 pl) (HKLM-x32\...\Mozilla Firefox 51.0.1 (x86 pl)) (Version: 51.0.1 - Mozilla) Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 51.0.1.6234 - Mozilla) MSBuild Community Tasks 1.4 (HKLM-x32\...\{4281E664-2261-4602-A4F8-0AE0B3BD4A93}) (Version: 1.4.0 - MSBuild Community Tasks) MSBuild/NuGet Integration 14.0 (x86) (x32 Version: 14.0.25420 - Microsoft Corporation) Hidden Multi-Device Hybrid Apps using C# - Templates - ENU (x32 Version: 14.0.23107 - Microsoft Corporation) Hidden Norton Security (HKLM-x32\...\NS) (Version: 22.8.1.14 - Symantec Corporation) Notepad++ (32-bit x86) (HKLM-x32\...\Notepad++) (Version: 7.1 - Notepad++ Team) NVIDIA Graphics Driver 353.54 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 353.54 - NVIDIA Corporation) NVIDIA Update 10.4.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 10.4.0 - NVIDIA Corporation) Office 16 Click-to-Run Extensibility Component (x32 Version: 16.0.7571.2109 - Microsoft Corporation) Hidden Office 16 Click-to-Run Extensibility Component 64-bit Registration (Version: 16.0.7571.2109 - Microsoft Corporation) Hidden Office 16 Click-to-Run Licensing Component (Version: 16.0.7571.2109 - Microsoft Corporation) Hidden Office 16 Click-to-Run Localization Component (x32 Version: 16.0.7571.2109 - Microsoft Corporation) Hidden OpenVPN 2.3.13-I601 (HKLM\...\OpenVPN) (Version: 2.3.13-I601 - ) Opera developer 43.0.2431.0 (HKLM-x32\...\Opera 43.0.2431.0) (Version: 43.0.2431.0 - Opera Software) Oracle VM VirtualBox 5.1.12 (HKLM\...\{C212962C-71C4-4D9F-B8E0-D2CD00C8B8FE}) (Version: 5.1.12 - Oracle Corporation) PDFsam Basic (HKLM-x32\...\{4E4EF242-7FF0-423E-99ED-C96305B840C0}) (Version: 3.0.10.0 - Andrea Vacondio) Podstawowe programy Windows Live (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation) Podstawowe programy Windows Live (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden POSemu client (HKLM-x32\...\POSemu client) (Version: 1.0.1 - POSNET SA) PreEmptive Analytics Visual Studio Components (x32 Version: 1.2.5134.1 - PreEmptive Solutions) Hidden Prerequisites for SSDT (HKLM-x32\...\{21373064-AD95-48DB-A32E-0D9E08EF7355}) (Version: 12.0.2000.8 - Microsoft Corporation) Prerequisites for SSDT (HKLM-x32\...\{B7E94916-7AE6-4F7F-A377-7A410A42BA19}) (Version: 13.0.1601.5 - Microsoft Corporation) Project and Item Templates for Visual Studio Community 2015 - ENU (x32 Version: 14.0.23107 - Microsoft Corporation) Hidden Project and Item Templates for Visual Studio Express 2015 for Windows 10 - ENU (x32 Version: 14.0.25527 - Microsoft Corporation) Hidden Project and Item Templates for Visual Studio Professionald 2015 - ENU (x32 Version: 14.0.25527 - Microsoft Corporation) Hidden Redis Desktop Manager (HKLM-x32\...\Redis Desktop Manager) (Version: 0.8.3.3850 - Igor Malinovskiy) RedisWatcher (HKLM-x32\...\{3404A743-6802-41DD-A0BD-9229827FD2AF}) (Version: 1.0.0.0 - MsOpenTech) Roslyn Language Services - x86 (x32 Version: 14.0.23107 - Microsoft Corporation) Hidden Roslyn Language Services - x86 (x32 Version: 14.0.25425 - Microsoft Corporation) Hidden Skype Click to Call (HKLM-x32\...\{873F8E7C-10E6-449F-BD7E-5FBA7C8E1C9B}) (Version: 8.5.0.9167 - Microsoft Corporation) Skype™ 7.30 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.30.105 - Skype Technologies S.A.) SopCast 4.0.0 (HKLM-x32\...\SopCast) (Version: 4.0.0 - www.sopcast.com) Spotify (HKU\S-1-5-21-2121372599-147289370-3370645225-1001\...\Spotify) (Version: 1.0.47.13.gd8e05b1f - Spotify AB) SQL Server 2014 Client Tools (Version: 12.0.2000.8 - Microsoft Corporation) Hidden SQL Server 2014 Common Files (Version: 12.0.2000.8 - Microsoft Corporation) Hidden SQL Server 2014 Database Engine Services (Version: 12.0.2000.8 - Microsoft Corporation) Hidden SQL Server 2014 Database Engine Shared (Version: 12.0.2000.8 - Microsoft Corporation) Hidden SQL Server 2014 Management Studio (Version: 12.0.2000.8 - Microsoft Corporation) Hidden SQL Server Browser for SQL Server 2014 (HKLM-x32\...\{3204DE95-97D2-4261-A286-98A262E171D4}) (Version: 12.0.2000.8 - Microsoft Corporation) Sql Server Customer Experience Improvement Program (Version: 12.0.2000.8 - Microsoft Corporation) Hidden SuperMemo UX - Mobilny Angielski. No Problem! 1 (HKLM-x32\...\SuperMemo UX - Mobilny Angielski. No Problem! 1 ) (Version: 1.5.1.13 - SuperMemo World) TAP-Windows 9.21.2 (HKLM\...\TAP-Windows) (Version: 9.21.2 - ) Team Explorer for Microsoft Visual Studio 2015 Update 3.1 (x32 Version: 14.102.25521 - Microsoft) Hidden TeamViewer 12 (HKLM-x32\...\TeamViewer) (Version: 12.0.72365 - TeamViewer) Test Tools for Microsoft Visual Studio 2015 (x32 Version: 14.0.23107 - Microsoft Corporation) Hidden TortoiseSVN 1.9.3.27038 (64 bit) (HKLM\...\{2114A96B-51D7-4C45-B2E1-003562464D99}) (Version: 1.9.27038 - TortoiseSVN) Total Commander 64-bit (Remove or Repair) (HKLM\...\Totalcmd64) (Version: 8.51a - Ghisler Software GmbH) TrueCrypt (HKLM-x32\...\TrueCrypt) (Version: 7.2 - TrueCrypt Foundation) TypeScript Power Tool (x32 Version: 1.8.34.0 - Microsoft Corporation) Hidden TypeScript Tools for Microsoft Visual Studio 2015 (x32 Version: 1.8.36.0 - Microsoft Corporation) Hidden UltraVnc (HKLM\...\Ultravnc2_is1) (Version: 1.2.1.0 - uvnc bvba) Universal CRT Extension SDK (x32 Version: 10.0.10150 - Microsoft Corporation) Hidden Universal CRT Extension SDK (x32 Version: 10.0.26624 - Microsoft Corporation) Hidden Universal CRT Extension SDK (x32 Version: 10.1.14393.33 - Microsoft Corporation) Hidden Universal CRT Headers Libraries and Sources (x32 Version: 10.0.10150 - Microsoft Corporation) Hidden Universal CRT Headers Libraries and Sources (x32 Version: 10.0.26624 - Microsoft Corporation) Hidden Universal CRT Headers Libraries and Sources (x32 Version: 10.1.14393.33 - Microsoft Corporation) Hidden Universal CRT Redistributable (x32 Version: 10.1.14393.33 - Microsoft Corporation) Hidden Universal CRT Tools x64 (Version: 10.1.14393.33 - Microsoft Corporation) Hidden Universal CRT Tools x86 (x32 Version: 10.1.14393.33 - Microsoft Corporation) Hidden Universal General MIDI DLS Extension SDK (x32 Version: 10.1.14393.33 - Microsoft Corporation) Hidden Update for (KB2504637) (HKLM-x32\...\{CFEF48A8-BFB8-3EAC-8BA5-DE4F8AA267CE}.KB2504637) (Version: 1 - Microsoft Corporation) UsbFix (HKLM-x32\...\Usbfix) (Version: 9.001 - www.SOSVirus.Net) Visual Studio 2010 Prerequisites - English (HKLM\...\{662014D2-0450-37ED-ABAE-157C88127BEB}) (Version: 10.0.40219 - Microsoft Corporation) Visual Studio 2015 Update 3 (KB3022398) (HKLM-x32\...\{7a68448b-9cf2-4049-bd73-5875f1aa7ba2}) (Version: 14.0.25420 - Microsoft Corporation) VLC media player (HKLM\...\VLC media player) (Version: 2.2.1 - VideoLAN) VS Update core components (x32 Version: 14.0.25425 - Microsoft Corporation) Hidden vs_update3notification (x32 Version: 14.0.25425 - Microsoft Corporation) Hidden WCF Data Services 5.6.4 Runtime (x32 Version: 5.6.62175.4 - Microsoft Corporation) Hidden WCF Data Services Tools for Microsoft Visual Studio 2015 (x32 Version: 5.6.62175.4 - Microsoft Corporation) Hidden WinAppDeploy (x32 Version: 10.1.14393.33 - Microsoft Corporation) Hidden Windows Phone 8.1 Emulators - ENU (HKLM-x32\...\{166a69f6-6512-47ea-a342-17d954fc059a}) (Version: 12.0.31010.0 - Microsoft Corporation) Windows SDK AddOn (HKLM-x32\...\{45D392D2-5956-4646-9CA6-83CBF67507B6}) (Version: 10.1.0.0 - Microsoft Corporation) Windows Software Development Kit - Windows 10.0.14393.33 (HKLM-x32\...\{f23f94c5-8bba-4202-85ad-c83d4402cdc1}) (Version: 10.1.14393.33 - Microsoft Corporation) WinMerge 2.14.0 (HKLM-x32\...\WinMerge_is1) (Version: 2.14.0 - Thingamahoochie Software) WinPcap 4.1.2 (HKLM-x32\...\WinPcapInst) (Version: 4.1.0.2001 - CACE Technologies) WinRAR 5.21 (64-bitowy) (HKLM\...\WinRAR archiver) (Version: 5.21.0 - win.rar GmbH) WinRT Intellisense Desktop - en-us (x32 Version: 10.1.14393.33 - Microsoft Corporation) Hidden WinRT Intellisense Desktop - Other Languages (x32 Version: 10.1.14393.33 - Microsoft Corporation) Hidden WinRT Intellisense IoT - en-us (x32 Version: 10.1.14393.33 - Microsoft Corporation) Hidden WinRT Intellisense IoT - Other Languages (x32 Version: 10.1.14393.33 - Microsoft Corporation) Hidden WinRT Intellisense PPI - en-us (x32 Version: 10.1.14393.33 - Microsoft Corporation) Hidden WinRT Intellisense PPI - Other Languages (x32 Version: 10.1.14393.33 - Microsoft Corporation) Hidden WinRT Intellisense UAP - en-us (x32 Version: 10.1.14393.33 - Microsoft Corporation) Hidden WinRT Intellisense UAP - Other Languages (x32 Version: 10.1.14393.33 - Microsoft Corporation) Hidden XnView 2.35 (HKLM-x32\...\XnView_is1) (Version: 2.35 - Gougelet Pierre-e) ==================== Custom CLSID (Whitelisted): ========================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) ==================== Scheduled Tasks (Whitelisted) ============= (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) Task: {0E877FE1-0494-44D1-8309-4314CA2136C5} - System32\Tasks\OneDrive Standalone Update Task => C:\Users\Piotr\AppData\Local\Microsoft\OneDrive\17.3.6517.0809\OneDriveStandaloneUpdater.exe Task: {12D16898-737F-48FB-9E22-3492B8705FE1} - System32\Tasks\Remediation\AntimalwareMigrationTask => C:\Program Files\Common Files\AV\Norton Security\Upgrade.exe [2016-11-12] (Symantec Corporation) Task: {234349C6-3417-4DAD-B3D1-E6AB4861A2A4} - System32\Tasks\Norton WSC Integration => C:\Program Files (x86)\Norton Security\Engine\22.8.1.14\WSCStub.exe [2016-11-12] (Symantec Corporation) Task: {3FD6BF0A-46BB-458D-826C-F1766D5B7531} - System32\Tasks\{53597CD3-698B-4A58-A852-52F6A89C7517} => pcalua.exe -a C:\Users\Piotr\Desktop\livesuitepack\drvinstaller_X86.exe -d C:\Users\Piotr\Desktop\livesuitepack Task: {40E78878-A74F-42E4-87CC-8ED74CE44DAD} - System32\Tasks\DropboxUpdateTaskMachineCore => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2016-03-16] (Dropbox, Inc.) Task: {460812A9-CC33-451B-9075-56AFCF5977AB} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2017-01-10] (Microsoft Corporation) Task: {691C5C59-065A-40BD-92FF-3C059BC95967} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-05-26] (Google Inc.) Task: {69E093A3-A6C5-460B-89A2-54CE016C9A90} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2016-12-19] (Adobe Systems Incorporated) Task: {86ECAEC9-CEAB-4F41-968F-E43892208CC2} - System32\Tasks\Microsoft\VisualStudio\VSIX Auto Update 14 => C:\Program Files (x86)\Microsoft Visual Studio 14.0\Common7\IDE\VSIXAutoUpdate.exe [2016-06-20] (Microsoft Corporation) Task: {878EDE10-928F-45A9-9E7A-CD7F00130A6E} - System32\Tasks\ATKOSD2 => C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe [2010-08-17] (ASUS) Task: {99872652-1186-4027-A139-638AE844C927} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\WINDOWS\SysWoW64\Macromed\Flash\FlashUtil32_24_0_0_194_pepper.exe [2017-01-27] (Adobe Systems Incorporated) Task: {A31D9F59-0DF6-43E9-913F-2838CDA92F69} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2016-12-28] (Microsoft Corporation) Task: {A336504E-DC77-4AD7-8371-7D630861FC5B} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonx86\Microsoft Shared\Office16\OLicenseHeartbeat.exe [2016-12-29] (Microsoft Corporation) Task: {A5E24D13-C073-4083-A238-97448C5BD03F} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2016-02-23] (Apple Inc.) Task: {A6590974-E8C4-433B-BBF7-C76BB10A247E} - System32\Tasks\Norton Security\Norton Autofix => C:\Program Files (x86)\Norton Security\Engine\22.8.1.14\SymErr.exe [2016-11-12] (Symantec Corporation) Task: {B69283F6-8577-4FE3-A8CD-89FE8D28095D} - System32\Tasks\Opera scheduled Autoupdate 1465837412 => C:\Program Files (x86)\Opera developer\launcher.exe [2016-12-05] (Opera Software) Task: {CBF6C9AB-38E7-4284-9368-EDB4DB05DED5} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2016-12-28] (Microsoft Corporation) Task: {D2F89EB9-8DB5-4776-BABC-049E55093C0C} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-05-26] (Google Inc.) Task: {DA7B482F-6B16-4A0A-A3F0-9917473240E9} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2017-01-27] (Adobe Systems Incorporated) Task: {E38B8F3B-F28C-4080-BDD5-4A008A82E3D8} - System32\Tasks\Norton Security\Norton Error Processor => C:\Program Files (x86)\Norton Security\Engine\22.8.1.14\SymErr.exe [2016-11-12] (Symantec Corporation) Task: {E3C3FDDA-906D-45DB-8529-4704D9576D0E} - System32\Tasks\Norton Security\Norton Error Analyzer => C:\Program Files (x86)\Norton Security\Engine\22.8.1.14\SymErr.exe [2016-11-12] (Symantec Corporation) Task: {F0EB7069-EE72-4E32-BC80-51A06E65A08B} - System32\Tasks\DropboxUpdateTaskMachineUA => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2016-03-16] (Dropbox, Inc.) (If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.) Task: C:\WINDOWS\Tasks\Adobe Flash Player PPAPI Notifier.job => C:\WINDOWS\SysWoW64\Macromed\Flash\FlashUtil32_24_0_0_194_pepper.exe Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe ==================== Shortcuts ============================= (The entries could be listed to be restored or removed.) ==================== Loaded Modules (Whitelisted) ============== 2014-01-08 15:58 - 2014-01-08 15:58 - 00566272 _____ () C:\Program Files (x86)\RedisWatcher\RedisWatcher.exe 2016-01-09 13:15 - 2005-04-22 05:36 - 00143360 _____ () C:\WINDOWS\system32\BrSNMP64.dll 2016-10-24 20:30 - 2016-10-19 09:23 - 00017376 _____ () C:\Users\Piotr\AppData\Local\Kingosoft\Kingo Root\update_27205\bin\KingoSoftService.exe 2016-08-17 15:52 - 2014-03-07 02:41 - 00240720 _____ () C:\ProgramData\MobileBrServ\mbbservice.exe 2016-01-14 14:32 - 2016-01-14 14:32 - 00718848 _____ () c:\Applications\Sezam\trunk\lib\Redis\RedisOld\redis-server.exe 2016-07-16 12:42 - 2016-07-16 12:42 - 00231424 _____ () C:\WINDOWS\SYSTEM32\ism32k.dll 2016-12-14 22:17 - 2016-12-09 11:29 - 02681200 _____ () C:\WINDOWS\System32\CoreUIComponents.dll 2016-09-24 16:59 - 2016-08-01 13:54 - 00133056 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll 2016-12-14 22:17 - 2016-12-09 11:29 - 02681200 _____ () C:\WINDOWS\system32\CoreUIComponents.dll 2016-12-14 22:17 - 2016-12-09 11:29 - 02681200 _____ () C:\WINDOWS\SYSTEM32\CoreUIComponents.dll 2015-12-13 16:10 - 2015-12-13 16:10 - 00094080 _____ () C:\Program Files\TortoiseSVN\bin\libsasl.dll 2016-09-25 02:55 - 2016-09-25 02:55 - 00134656 _____ () C:\Windows\ShellExperiences\Windows.UI.Shell.SharedUtilities.dll 2017-01-10 22:11 - 2016-12-21 08:09 - 00474112 _____ () C:\Windows\ShellExperiences\QuickActions.dll 2017-01-10 22:11 - 2016-12-21 08:08 - 00693248 _____ () C:\Windows\ShellExperiences\MtcUvc.dll 2017-01-10 22:11 - 2016-12-21 07:54 - 09760768 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll 2017-01-10 22:11 - 2016-12-21 07:48 - 01401856 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll 2017-01-10 22:11 - 2016-12-21 07:48 - 00757248 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CSGSuggestLib.dll 2017-01-10 22:11 - 2016-12-21 07:48 - 02424320 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll 2017-01-10 22:11 - 2016-12-21 07:53 - 04853760 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll 2016-01-30 12:34 - 2015-12-10 06:14 - 00249384 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\TodoBackupService.exe 2016-01-08 18:48 - 2016-01-08 18:48 - 00102912 _____ () C:\Windows\System32\IccLibDll_x64.dll 2016-03-15 20:38 - 2014-03-22 13:08 - 00252928 _____ () C:\Program Files (x86)\BatteryCare\OpenHardwareMonitorLib.dll 2017-01-23 18:58 - 2017-01-23 18:59 - 00072192 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.10.152.0_x64__kzf8qxf38zg5c\SkypeHost.exe 2017-01-23 18:58 - 2017-01-23 18:59 - 00179712 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.10.152.0_x64__kzf8qxf38zg5c\SkypeBackgroundTasks.dll 2017-01-23 18:58 - 2017-01-23 18:59 - 42130432 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.10.152.0_x64__kzf8qxf38zg5c\SkyWrap.dll 2016-12-14 09:51 - 2016-12-14 09:52 - 02216448 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.10.152.0_x64__kzf8qxf38zg5c\roottools.dll 2016-05-17 23:42 - 2016-05-17 23:42 - 00230064 _____ () C:\Program Files (x86)\Notepad++\NppShell_06.dll 2017-02-02 19:51 - 2017-02-02 19:51 - 00380928 _____ () C:\Users\Piotr\Downloads\gmer.exe 2013-03-26 08:44 - 2013-03-26 08:44 - 00063376 _____ () C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\zlib1.dll 2016-01-30 12:34 - 2015-12-10 06:04 - 00080936 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\CodeLog.dll 2016-01-30 12:34 - 2015-12-10 06:04 - 00017448 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\CompressFile.dll 2016-01-30 12:34 - 2015-12-10 06:04 - 00088616 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\TBGetRemoteNetInfo.dll 2016-01-30 12:34 - 2015-12-10 06:04 - 01296424 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\libxml2.dll 2016-01-30 12:34 - 2015-12-10 06:04 - 00060968 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\zlib1.dll 2016-01-30 12:34 - 2015-12-10 06:04 - 00022568 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\CmcTbProxy.dll 2016-01-30 12:34 - 2015-12-10 06:04 - 00186408 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\CMCPipeCenter.dll 2016-01-30 12:34 - 2015-12-10 06:04 - 00165928 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\CMCAdapt.dll 2016-01-30 12:34 - 2015-12-10 06:04 - 00058408 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\TBInfo.dll 2016-01-30 12:34 - 2015-12-10 06:04 - 00015912 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\CMCNetTokenProxy.dll 2016-01-30 12:34 - 2015-12-10 06:04 - 00108072 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\ActivationOnline.dll 2016-01-30 12:34 - 2015-12-10 06:04 - 00077864 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\logsys.dll 2016-01-30 12:34 - 2015-12-10 06:04 - 00030760 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\DiskSearchImg.dll 2016-01-30 12:34 - 2015-12-10 06:04 - 00068136 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\MountImg.dll 2016-01-30 12:34 - 2015-12-10 06:04 - 00158248 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\ImgFile.dll 2016-01-30 12:34 - 2015-12-10 06:04 - 00281128 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\DsImgFile.dll 2016-01-30 12:34 - 2015-12-10 06:04 - 00072232 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\CheckImg.dll 2016-01-30 12:34 - 2015-12-10 06:04 - 00139816 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\vhdvmdk.dll 2016-01-30 12:34 - 2015-12-10 06:04 - 00037416 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\BootDriver.dll 2016-01-30 12:34 - 2015-12-10 06:04 - 00769064 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\ExImage.dll 2016-01-30 12:34 - 2015-12-10 06:04 - 00193064 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\EmailBackupSize.dll 2016-01-30 12:34 - 2015-12-10 06:04 - 00443944 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\AndroidImage.dll 2016-01-30 12:34 - 2015-12-10 06:04 - 00148008 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\EnumDisk.dll 2016-01-30 12:34 - 2015-12-10 06:04 - 00207912 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\NTFSLib.dll 2016-01-30 12:34 - 2015-12-10 06:04 - 00076840 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\FatLib.dll 2016-01-30 12:34 - 2015-12-10 06:04 - 00111656 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\FileStorage.dll 2016-01-30 12:34 - 2015-12-10 06:04 - 00169512 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\CloudInterface.dll 2016-01-30 12:34 - 2015-12-10 06:04 - 00501800 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\StorageMgr.dll 2016-01-30 12:34 - 2015-12-10 06:04 - 00024616 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\GetDriverInfo.dll 2016-01-30 12:34 - 2015-12-10 06:04 - 00020520 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\CorrectMbr.dll 2016-01-30 12:34 - 2015-12-10 06:04 - 00032296 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\EnumTapeDevice.dll 2016-01-30 12:34 - 2015-12-10 06:04 - 00034856 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\TbTapeBrowse.dll 2016-01-30 12:34 - 2015-12-10 06:04 - 00025128 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\AccountManager.dll 2016-01-30 12:34 - 2015-12-10 06:04 - 00064040 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\RegLib.dll 2016-01-30 12:34 - 2015-12-10 06:04 - 00059944 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\NasOperator.dll 2016-01-30 12:34 - 2015-12-10 06:04 - 00201768 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\EmailBrowser.dll 2016-01-30 12:34 - 2015-12-10 06:04 - 00077864 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\CloudOperator.dll 2016-01-30 12:34 - 2015-12-10 06:04 - 00018984 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\ActiveOnline.dll 2016-01-30 12:34 - 2015-12-10 06:04 - 00136232 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\VMConfig.dll 2016-01-30 12:34 - 2015-12-10 06:04 - 00020008 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\AndroidDeviceManager.dll 2016-01-30 12:34 - 2015-12-10 06:04 - 00043048 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\TbDataSwap.dll 2016-01-30 12:34 - 2015-12-10 06:04 - 00353832 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\DeviceManager.dll 2016-01-30 12:34 - 2015-12-10 06:04 - 00027176 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\DeviceAdapter.dll 2016-01-30 12:34 - 2015-12-10 06:04 - 00138792 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\Device.dll 2016-01-30 12:34 - 2015-12-10 06:04 - 00146984 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\Partition.dll 2016-01-30 12:34 - 2015-12-10 06:04 - 00050216 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\FileSystemAnalyser.dll 2016-01-30 12:34 - 2015-12-10 06:04 - 00061992 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\FATFileSystemAnalyser.dll 2016-01-30 12:34 - 2015-12-10 06:04 - 00089640 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\Common.dll 2016-01-30 12:34 - 2015-12-10 06:04 - 00056360 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\NTFSFileSystemAnalyser.dll 2016-01-30 12:34 - 2015-03-11 23:59 - 00427560 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\uexper.dll 2016-02-25 23:24 - 2009-02-27 16:38 - 00139264 ____R () C:\Program Files (x86)\Brother\BrUtilities\BrLogAPI.dll 2016-03-15 21:51 - 2016-12-28 12:34 - 01010368 _____ () C:\Program Files (x86)\Microsoft Office\Root\Office16\ADDINS\UmOutlookAddin.dll 2016-01-30 12:34 - 2015-12-10 06:04 - 00224808 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\SmartBackup.dll 2016-11-17 01:29 - 2016-11-17 01:29 - 01041720 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll 2016-11-17 01:28 - 2016-11-17 01:28 - 00189752 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxslt.dll 2016-09-01 17:13 - 2016-09-01 17:13 - 00080184 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll 2016-07-09 16:32 - 2017-01-23 20:01 - 51777648 _____ () C:\Users\Piotr\AppData\Roaming\Spotify\libcef.dll 2016-10-24 19:31 - 2017-01-23 20:01 - 00110192 _____ () C:\Users\Piotr\AppData\Roaming\Spotify\SpotifyWinRT.dll 2016-07-09 16:32 - 2017-01-23 20:01 - 01803888 _____ () C:\Users\Piotr\AppData\Roaming\Spotify\libglesv2.dll 2016-07-09 16:32 - 2017-01-23 20:01 - 00086128 _____ () C:\Users\Piotr\AppData\Roaming\Spotify\libegl.dll 2017-02-01 20:33 - 2017-01-30 15:12 - 00801600 _____ () C:\Program Files (x86)\Dropbox\Client\dropbox_watchdog.dll 2016-03-16 22:19 - 2017-01-14 00:53 - 00035792 _____ () C:\Program Files (x86)\Dropbox\Client\_multiprocessing.pyd 2016-03-16 22:19 - 2017-01-14 00:53 - 00100296 _____ () C:\Program Files (x86)\Dropbox\Client\_ctypes.pyd 2016-03-16 22:19 - 2017-01-14 00:53 - 00018888 _____ () C:\Program Files (x86)\Dropbox\Client\select.pyd 2016-03-16 22:19 - 2017-01-30 15:14 - 00019776 _____ () C:\Program Files (x86)\Dropbox\Client\tornado.speedups.pyd 2016-03-16 22:19 - 2017-01-14 00:53 - 00694224 _____ () C:\Program Files (x86)\Dropbox\Client\unicodedata.pyd 2017-02-01 20:33 - 2017-01-30 15:14 - 00020824 _____ () C:\Program Files (x86)\Dropbox\Client\cryptography.hazmat.bindings._constant_time.pyd 2016-03-16 22:19 - 2017-01-14 00:54 - 00123856 _____ () C:\Program Files (x86)\Dropbox\Client\_cffi_backend.pyd 2017-02-01 20:33 - 2017-01-30 15:14 - 01682768 _____ () C:\Program Files (x86)\Dropbox\Client\cryptography.hazmat.bindings._openssl.pyd 2017-02-01 20:33 - 2017-01-30 15:14 - 00020816 _____ () C:\Program Files (x86)\Dropbox\Client\cryptography.hazmat.bindings._padding.pyd 2017-02-01 20:33 - 2017-01-14 00:53 - 00145864 _____ () C:\Program Files (x86)\Dropbox\Client\pyexpat.pyd 2017-02-01 20:33 - 2017-01-14 00:54 - 00019408 _____ () C:\Program Files (x86)\Dropbox\Client\faulthandler.pyd 2017-02-01 20:33 - 2017-01-14 00:53 - 00116688 _____ () C:\Program Files (x86)\Dropbox\Client\pywintypes27.dll 2016-03-16 22:19 - 2017-01-14 00:56 - 00105928 _____ () C:\Program Files (x86)\Dropbox\Client\win32api.pyd 2016-08-05 20:43 - 2017-01-30 15:14 - 00022864 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.crt.compiled._winffi_crt.pyd 2017-02-01 20:33 - 2017-01-30 15:14 - 00052544 _____ () C:\Program Files (x86)\Dropbox\Client\psutil._psutil_windows.pyd 2017-02-01 20:33 - 2017-01-30 15:14 - 00038712 _____ () C:\Program Files (x86)\Dropbox\Client\fastpath.pyd 2017-02-01 20:33 - 2017-01-14 00:53 - 00392144 _____ () C:\Program Files (x86)\Dropbox\Client\pythoncom27.dll 2017-02-01 20:33 - 2017-01-14 00:56 - 00020936 _____ () C:\Program Files (x86)\Dropbox\Client\mmapfile.pyd 2016-03-16 22:19 - 2017-01-14 00:56 - 00024528 _____ () C:\Program Files (x86)\Dropbox\Client\win32event.pyd 2016-03-16 22:19 - 2017-01-14 00:57 - 00116176 _____ () C:\Program Files (x86)\Dropbox\Client\win32security.pyd 2016-03-16 22:19 - 2017-01-30 15:14 - 00381760 _____ () C:\Program Files (x86)\Dropbox\Client\win32com.shell.shell.pyd 2016-03-16 22:19 - 2017-01-14 00:56 - 00124880 _____ () C:\Program Files (x86)\Dropbox\Client\win32file.pyd 2016-08-05 20:43 - 2017-01-30 15:14 - 00026456 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.kernel32.compiled._winffi_kernel32.pyd 2016-03-16 22:19 - 2017-01-14 00:56 - 00024016 _____ () C:\Program Files (x86)\Dropbox\Client\win32clipboard.pyd 2016-03-16 22:19 - 2017-01-14 00:56 - 00175560 _____ () C:\Program Files (x86)\Dropbox\Client\win32gui.pyd 2016-03-16 22:19 - 2017-01-14 00:57 - 00030160 _____ () C:\Program Files (x86)\Dropbox\Client\win32pipe.pyd 2016-03-16 22:19 - 2017-01-14 00:57 - 00043472 _____ () C:\Program Files (x86)\Dropbox\Client\win32process.pyd 2016-03-16 22:19 - 2017-01-14 00:57 - 00048592 _____ () C:\Program Files (x86)\Dropbox\Client\win32service.pyd 2016-03-16 22:19 - 2017-01-14 00:56 - 00057808 _____ () C:\Program Files (x86)\Dropbox\Client\win32evtlog.pyd 2016-03-16 22:19 - 2017-01-14 00:57 - 00024016 _____ () C:\Program Files (x86)\Dropbox\Client\win32profile.pyd 2017-02-01 20:33 - 2017-01-30 15:14 - 00246608 _____ () C:\Program Files (x86)\Dropbox\Client\breakpad.client.windows.handler.pyd 2017-02-01 20:33 - 2017-01-30 15:14 - 00027488 _____ () C:\Program Files (x86)\Dropbox\Client\dropbox.infinite.win.compiled._driverinstallation.pyd 2016-08-05 20:43 - 2017-01-14 00:55 - 00241104 _____ () C:\Program Files (x86)\Dropbox\Client\_jpegtran.pyd 2017-02-01 20:33 - 2017-01-30 15:14 - 00022336 _____ () C:\Program Files (x86)\Dropbox\Client\cpuid.compiled._cpuid.pyd 2016-03-16 22:19 - 2017-01-14 00:57 - 00028616 _____ () C:\Program Files (x86)\Dropbox\Client\win32ts.pyd 2017-02-01 20:33 - 2017-01-30 15:14 - 01826104 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtCore.pyd 2016-03-16 22:19 - 2017-01-14 00:54 - 00083912 _____ () C:\Program Files (x86)\Dropbox\Client\sip.pyd 2017-02-01 20:33 - 2017-01-30 15:14 - 01972536 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtGui.pyd 2017-02-01 20:33 - 2017-01-30 15:14 - 03928896 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWidgets.pyd 2017-02-01 20:33 - 2017-01-30 15:14 - 00531264 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtNetwork.pyd 2016-03-16 22:19 - 2017-01-30 15:14 - 00025432 _____ () C:\Program Files (x86)\Dropbox\Client\winscreenshot.compiled._CaptureScreenshot.pyd 2017-02-01 20:33 - 2017-01-30 15:14 - 00133432 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebKit.pyd 2017-02-01 20:33 - 2017-01-30 15:14 - 00224064 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebKitWidgets.pyd 2017-02-01 20:33 - 2017-01-30 15:14 - 00207680 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtPrintSupport.pyd 2017-01-24 10:00 - 2017-01-30 15:14 - 00021840 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.user32.compiled._winffi_user32.pyd 2016-04-14 09:24 - 2017-01-30 15:14 - 00069968 _____ () C:\Program Files (x86)\Dropbox\Client\windisplaytoast.compiled._DisplayToast.pyd 2017-01-24 10:00 - 2017-01-30 15:14 - 00022872 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.iphlpapi.compiled._winffi_iphlpapi.pyd 2017-01-24 10:00 - 2017-01-30 15:14 - 00021848 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.winerror.compiled._winffi_winerror.pyd 2017-01-24 10:00 - 2017-01-30 15:14 - 00022872 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.wininet.compiled._winffi_wininet.pyd 2016-03-16 22:19 - 2017-01-14 00:57 - 00350152 _____ () C:\Program Files (x86)\Dropbox\Client\winxpgui.pyd 2017-02-01 20:33 - 2017-01-30 15:14 - 00103232 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWinExtras.pyd 2016-03-16 22:19 - 2017-01-30 15:14 - 00023896 _____ () C:\Program Files (x86)\Dropbox\Client\winverifysignature.compiled._VerifySignature.pyd 2017-02-01 20:33 - 2017-01-30 15:14 - 00025936 _____ () C:\Program Files (x86)\Dropbox\Client\librsyncffi.compiled._librsyncffi.pyd 2017-02-01 20:33 - 2017-01-14 00:51 - 00036296 _____ () C:\Program Files (x86)\Dropbox\Client\librsync.dll 2017-02-01 20:33 - 2017-01-30 15:14 - 00033112 _____ () C:\Program Files (x86)\Dropbox\Client\enterprise_data.compiled._enterprise_data.pyd 2017-02-01 20:33 - 2016-12-05 21:15 - 00293392 _____ () C:\Program Files (x86)\Dropbox\Client\EnterpriseDataAdapter.dll 2017-02-01 20:33 - 2017-01-30 15:14 - 00084288 _____ () C:\Program Files (x86)\Dropbox\Client\dropbox_sqlite_ext.DLL 2017-02-01 20:33 - 2017-01-14 01:02 - 00017864 _____ () C:\Program Files (x86)\Dropbox\Client\libEGL.dll 2017-02-01 20:33 - 2017-01-14 01:02 - 01631184 _____ () C:\Program Files (x86)\Dropbox\Client\libGLESv2.dll 2017-02-01 20:33 - 2017-01-30 15:14 - 00042816 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebChannel.pyd 2017-02-01 20:33 - 2017-01-30 15:14 - 00171336 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebEngineWidgets.pyd 2017-02-01 20:33 - 2017-01-30 15:14 - 00357688 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtQml.pyd 2016-03-16 22:19 - 2017-01-14 00:57 - 00060880 _____ () C:\Program Files (x86)\Dropbox\Client\win32print.pyd 2016-08-05 20:43 - 2017-01-30 15:14 - 00026456 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.winhttp.compiled._winffi_winhttp.pyd 2017-02-01 20:33 - 2017-01-30 15:14 - 00546104 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtQuick.pyd ==================== Alternate Data Streams (Whitelisted) ========= (If an entry is included in the fixlist, only the ADS will be removed.) ==================== Safe Mode (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.) ==================== Association (Whitelisted) =============== (If an entry is included in the fixlist, the registry item will be restored to default or removed.) ==================== Internet Explorer trusted/restricted =============== (If an entry is included in the fixlist, it will be removed from the registry.) ==================== Hosts content: =============================== (If needed Hosts: directive could be included in the fixlist to reset Hosts.) 2015-07-10 12:04 - 2015-07-10 12:02 - 00000824 ____A C:\WINDOWS\system32\Drivers\etc\hosts ==================== Other Areas ============================ (Currently there is no automatic fix for this section.) HKU\S-1-5-21-2121372599-147289370-3370645225-1001\Control Panel\Desktop\\Wallpaper -> HKU\S-1-5-80-3880006512-4290199581-1648723128-3569869737-3631323133\Control Panel\Desktop\\Wallpaper -> HKU\S-1-5-80-3880718306-3832830129-1677859214-2598158968-1052248003\Control Panel\Desktop\\Wallpaper -> DNS Servers: 192.168.1.1 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1) Windows Firewall is enabled. ==================== MSCONFIG/TASK MANAGER disabled items == ==================== FirewallRules (Whitelisted) =============== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) FirewallRules: [vm-monitoring-nb-session] => LPort=139 FirewallRules: [MSMQ-In-TCP] => %systemroot%\system32\mqsvc.exe FirewallRules: [MSMQ-Out-TCP] => %systemroot%\system32\mqsvc.exe FirewallRules: [MSMQ-In-UDP] => %systemroot%\system32\mqsvc.exe FirewallRules: [MSMQ-Out-UDP] => %systemroot%\system32\mqsvc.exe FirewallRules: [WCF-NetTcpActivator-In-TCP-64bit] => LPort=808 FirewallRules: [{58EE505A-B458-47CC-B5E4-C888FE16A733}] => C:\Program Files (x86)\Microsoft Visual Studio 14.0\Common7\IDE\devenv.exe FirewallRules: [{08C17CAA-0605-4D32-824A-A92D0089362B}] => C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe FirewallRules: [{A439E56E-74F0-4BC6-97D2-14F4E11B952D}] => C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe FirewallRules: [{AB6BB847-9A1A-4FB8-BC0C-6FC13D717014}] => C:\Program Files (x86)\TeamViewer\TeamViewer.exe FirewallRules: [{F89CAB43-E323-4AFB-9A95-F0E598D2B1B4}] => C:\Program Files (x86)\TeamViewer\TeamViewer.exe FirewallRules: [UDP Query User{92DDF292-07B0-4E26-AB72-40BF73F89D4F}C:\users\piotr\appdata\roaming\spotify\spotify.exe] => C:\users\piotr\appdata\roaming\spotify\spotify.exe FirewallRules: [TCP Query User{916381AA-A87A-483A-8024-EB840CDC1154}C:\users\piotr\appdata\roaming\spotify\spotify.exe] => C:\users\piotr\appdata\roaming\spotify\spotify.exe FirewallRules: [UDP Query User{EBC1115E-EE54-4FB4-94CA-6C26DD215938}C:\users\piotr\appdata\roaming\spotify\spotify.exe] => C:\users\piotr\appdata\roaming\spotify\spotify.exe FirewallRules: [TCP Query User{D4457CE1-75DA-45BA-9287-748FE7F1B814}C:\users\piotr\appdata\roaming\spotify\spotify.exe] => C:\users\piotr\appdata\roaming\spotify\spotify.exe FirewallRules: [{ACF10B46-F7CC-4BF6-9238-ED0E7913FC40}] => C:\Program Files (x86)\Microsoft Office\root\Office16\outlook.exe FirewallRules: [{26C9722F-8D7E-47C6-A8DD-C07702FE7B84}] => LPort=1900 FirewallRules: [{1816D366-2904-432D-853C-334660407C87}] => LPort=2869 FirewallRules: [{F2A41D77-3079-437A-811E-C1343C7016D7}] => C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe FirewallRules: [{F48B5D9D-052A-48D9-A138-93005E3CBB2A}] => C:\Users\Piotr\AppData\Roaming\uTorrent\uTorrent.exe FirewallRules: [{3E00D29E-7958-41B8-BD38-371F133DADCE}] => C:\Users\Piotr\AppData\Roaming\uTorrent\uTorrent.exe FirewallRules: [{6BD373E2-C74D-4ACA-98AD-BB1AD2926A70}] => C:\Users\Piotr\AppData\Roaming\uTorrent\uTorrent.exe FirewallRules: [{5FB362A6-4B75-4A77-89EF-6B3618682567}] => C:\Users\Piotr\AppData\Roaming\uTorrent\uTorrent.exe FirewallRules: [{666F72A7-E218-4D50-B3FC-C77A9129822C}] => C:\Users\Piotr\AppData\Roaming\uTorrent\uTorrent.exe FirewallRules: [{78CB7C4C-F330-43D9-894C-002C064AFA14}] => C:\Users\Piotr\AppData\Roaming\uTorrent\uTorrent.exe FirewallRules: [{F6DCD6EB-ADB6-4295-BD9B-5E3B116E991D}] => C:\Program Files (x86)\Skype\Phone\Skype.exe FirewallRules: [{167009D1-CFF5-485C-9619-A326BCB225BA}] => C:\Program Files\uvnc bvba\UltraVNC\vncviewer.exe FirewallRules: [{2C6FD712-03A2-470F-9C05-7287327914A0}] => C:\Program Files\uvnc bvba\UltraVNC\vncviewer.exe FirewallRules: [{B3CAA951-50C7-414D-AE9B-A44C48B6A43A}] => LPort=54925 FirewallRules: [{6B4A1D76-88B0-4CAC-A748-C22D84ED10BE}] => C:\Program Files (x86)\EaseUS\Todo Backup\bin\TodoBackupService.exe FirewallRules: [{EDD2BAAB-DEB3-454B-8A39-3704FC4F22D4}] => C:\Program Files (x86)\EaseUS\Todo Backup\bin\TodoBackupService.exe FirewallRules: [{14EEF55B-0700-4E47-86DD-87745A1F3AFE}] => C:\Program Files (x86)\EaseUS\Todo Backup\bin\TodoBackupService.exe FirewallRules: [{F268534A-3F2E-4547-AAA2-32E4D4FC72D7}] => C:\Program Files (x86)\EaseUS\Todo Backup\bin\TodoBackupService.exe FirewallRules: [{A1BF6C2B-D496-4151-AF1C-1560D01F71C6}] => C:\Program Files (x86)\EaseUS\Todo Backup\bin\TBConsoleUI.exe FirewallRules: [{B541D1BD-7C71-4AC1-867F-59F5948B3F84}] => C:\Program Files (x86)\EaseUS\Todo Backup\bin\TBConsoleUI.exe FirewallRules: [{E31E0E13-BCA4-4CA6-9801-3050C7AD2760}] => C:\Program Files (x86)\EaseUS\Todo Backup\bin\TbService.exe FirewallRules: [{92255393-A4CA-4E76-A7ED-33B324C2F2F0}] => C:\Program Files (x86)\EaseUS\Todo Backup\bin\TbService.exe FirewallRules: [{84D01555-A57B-4D25-AB83-3155ABB0E8CA}] => C:\Program Files (x86)\Mozilla Firefox\firefox.exe FirewallRules: [{3FBF453D-BE42-4502-81D2-2BA7E33A6447}] => C:\Program Files (x86)\Mozilla Firefox\firefox.exe FirewallRules: [{ADF504D3-1EFB-4828-860F-ECA178687799}] => C:\Program Files\Bonjour\mDNSResponder.exe FirewallRules: [{63D09B22-47AB-407C-AAE6-C793354E1DE4}] => C:\Program Files\Bonjour\mDNSResponder.exe FirewallRules: [{35942FD5-1CF8-44BB-8A77-3D4E11951D3A}] => C:\Program Files (x86)\Bonjour\mDNSResponder.exe FirewallRules: [{8D747F19-9331-49CA-8070-7D0ECEE4D3C5}] => C:\Program Files (x86)\Bonjour\mDNSResponder.exe FirewallRules: [{308938D2-33C8-4835-ABB3-422F09305BDA}] => C:\Program Files (x86)\Opera developer\43.0.2423.0\opera.exe FirewallRules: [{4265544D-DA1E-4EFC-8A43-D72BA6091F7B}] => C:\Program Files (x86)\Opera developer\43.0.2431.0\opera.exe FirewallRules: [{AA296BAB-4DB4-487D-B2A5-FB2E665EAD92}] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe FirewallRules: [{03880041-EC9E-4BF9-BF73-622DE0CB7853}] => C:\Program Files (x86)\TeamViewer\TeamViewer.exe FirewallRules: [{1011012D-95BB-4ACA-91C1-FC90AAE55E57}] => C:\Program Files (x86)\TeamViewer\TeamViewer.exe FirewallRules: [{6141D33B-8D5C-4770-8846-C7966532283B}] => C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe FirewallRules: [{816E8411-5C6B-4696-962B-2D30321D4DD6}] => C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe FirewallRules: [VIRT-MIGL-In-TCP-NoScope] => %systemroot%\system32\vmms.exe FirewallRules: [VIRT-REMOTEDESKTOP-In-TCP-NoScope] => %systemroot%\system32\vmms.exe FirewallRules: [{1E08EAE4-B9E8-4B5E-BB8F-3AA06EAEFDBE}] => C:\Program Files (x86)\Dropbox\Client\Dropbox.exe ==================== Restore Points ========================= 18-01-2017 20:52:41 Scheduled Checkpoint 24-01-2017 22:45:12 Windows Modules Installer 02-02-2017 18:23:40 Scheduled Checkpoint ==================== Faulty Device Manager Devices ============= ==================== Event log errors: ========================= Application errors: ================== Error: (02/02/2017 07:43:48 PM) (Source: Application Hang) (EventID: 1002) (User: ) Description: The program dllhost.exe version 10.0.14393.0 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Security and Maintenance control panel. Process ID: 580 Start Time: 01d27d837d1075a8 Termination Time: 4294967295 Application Path: C:\Windows\System32\dllhost.exe Report Id: 875b059c-e977-11e6-9c45-14dae91864d0 Faulting package full name: Faulting package-relative application ID: Error: (02/02/2017 06:24:57 PM) (Source: Perflib) (EventID: 1008) (User: ) Description: The Open Procedure for service "SQLSERVERAGENT" in DLL "perf-MSSQL12.MSSQLSERVER-sqlagtctr.dll" failed. Performance data for this service will not be available. The first four bytes (DWORD) of the Data section contains the error code. Error: (02/02/2017 06:24:57 PM) (Source: Perflib) (EventID: 1008) (User: ) Description: The Open Procedure for service "SQLAgent$SQLEXPRESS" in DLL "perf-MSSQL12.SQLEXPRESS-sqlagtctr.dll" failed. Performance data for this service will not be available. The first four bytes (DWORD) of the Data section contains the error code. Error: (02/02/2017 06:24:57 PM) (Source: Perflib) (EventID: 1008) (User: ) Description: The Open Procedure for service "MSSQLSERVER" in DLL "perf-MSSQLSERVER-sqlctr12.0.2000.8.dll" failed. Performance data for this service will not be available. The first four bytes (DWORD) of the Data section contains the error code. Error: (02/02/2017 06:24:57 PM) (Source: Perflib) (EventID: 1008) (User: ) Description: The Open Procedure for service "MSSQL$SQLEXPRESS" in DLL "perf-MSSQL$SQLEXPRESS-sqlctr12.0.2000.8.dll" failed. Performance data for this service will not be available. The first four bytes (DWORD) of the Data section contains the error code. Error: (02/02/2017 06:23:41 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: ) Description: Cryptographic Services failed while processing the OnIdentity() call in the System Writer Object. Details: AddLegacyDriverFiles: Unable to back up image of binary Microsoft Link-Layer Discovery Protocol. System Error: Access is denied. . Error: (02/01/2017 09:38:39 PM) (Source: SideBySide) (EventID: 63) (User: ) Description: Activation context generation failed for "C:\Program Files (x86)\Microsoft SQL Server\120\Tools\Binn\ManagementStudio\CopyDatabaseWizard.exe".Error in manifest or policy file "C:\Program Files (x86)\Microsoft SQL Server\120\Tools\Binn\ManagementStudio\CopyDatabaseWizard.exe" on line 8. The value "1.0" of attribute "version" in element "assemblyIdentity" is invalid. Error: (02/01/2017 09:38:30 PM) (Source: SideBySide) (EventID: 33) (User: ) Description: Activation context generation failed for "C:\Program Files (x86)\Microsoft Visual Studio 14.0\VC\redist\1033\vcredist_arm.exe". Dependent Assembly Microsoft.Windows.Common-Controls,language="*",processorArchitecture="arm",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0" could not be found. Please use sxstrace.exe for detailed diagnosis. Error: (02/01/2017 09:38:23 PM) (Source: SideBySide) (EventID: 33) (User: ) Description: Activation context generation failed for "C:\Program Files (x86)\Windows Kits\10\bin\arm64\oleview.exe". Dependent Assembly Microsoft.Windows.Common-Controls,language="*",processorArchitecture="arm64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0" could not be found. Please use sxstrace.exe for detailed diagnosis. Error: (02/01/2017 09:38:23 PM) (Source: SideBySide) (EventID: 33) (User: ) Description: Activation context generation failed for "C:\Program Files (x86)\Windows Kits\10\bin\arm64\filetypeverifier.exe". Dependent Assembly Microsoft.Windows.Common-Controls,language="*",processorArchitecture="arm64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0" could not be found. Please use sxstrace.exe for detailed diagnosis. System errors: ============= Error: (02/02/2017 07:35:17 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY) Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID {6B3B8D23-FA8D-40B9-8DBD-B950333E2C52} and APPID {4839DDB7-58C2-48F5-8283-E1D1807D0D7D} to the user NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool. Error: (02/02/2017 07:35:17 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY) Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID {6B3B8D23-FA8D-40B9-8DBD-B950333E2C52} and APPID {4839DDB7-58C2-48F5-8283-E1D1807D0D7D} to the user NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool. Error: (02/02/2017 07:35:16 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY) Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID {8D8F4F83-3594-4F07-8369-FC3C3CAE4919} and APPID {F72671A9-012C-4725-9D2F-2A4D32D65169} to the user NT AUTHORITY\SYSTEM SID (S-1-5-18) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool. Error: (02/02/2017 12:06:36 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY) Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID {D63B10C5-BB46-4990-A94F-E40B9D520160} and APPID {9CA88EE3-ACB7-47C8-AFC4-AB702511C276} to the user NT AUTHORITY\SYSTEM SID (S-1-5-18) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool. Error: (02/02/2017 10:38:11 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY) Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID {6B3B8D23-FA8D-40B9-8DBD-B950333E2C52} and APPID {4839DDB7-58C2-48F5-8283-E1D1807D0D7D} to the user NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool. Error: (02/02/2017 10:38:11 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY) Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID {6B3B8D23-FA8D-40B9-8DBD-B950333E2C52} and APPID {4839DDB7-58C2-48F5-8283-E1D1807D0D7D} to the user NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool. Error: (02/02/2017 10:38:11 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY) Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID {8D8F4F83-3594-4F07-8369-FC3C3CAE4919} and APPID {F72671A9-012C-4725-9D2F-2A4D32D65169} to the user NT AUTHORITY\SYSTEM SID (S-1-5-18) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool. Error: (02/01/2017 11:20:58 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY) Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID {D63B10C5-BB46-4990-A94F-E40B9D520160} and APPID {9CA88EE3-ACB7-47C8-AFC4-AB702511C276} to the user NT AUTHORITY\SYSTEM SID (S-1-5-18) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool. Error: (02/01/2017 09:16:16 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY) Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID {6B3B8D23-FA8D-40B9-8DBD-B950333E2C52} and APPID {4839DDB7-58C2-48F5-8283-E1D1807D0D7D} to the user NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool. Error: (02/01/2017 09:16:16 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY) Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID {6B3B8D23-FA8D-40B9-8DBD-B950333E2C52} and APPID {4839DDB7-58C2-48F5-8283-E1D1807D0D7D} to the user NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool. ==================== Memory info =========================== Processor: Intel(R) Core(TM) i7-2630QM CPU @ 2.00GHz Percentage of memory in use: 70% Total physical RAM: 8103.77 MB Available physical RAM: 2428.9 MB Total Virtual: 9383.77 MB Available Virtual: 3316.7 MB ==================== Drives ================================ Drive c: (OS) (Fixed) (Total:232.4 GB) (Free:125.86 GB) NTFS Drive d: (Data) (Fixed) (Total:698.63 GB) (Free:373.52 GB) NTFS Drive e: () (Fixed) (Total:465.64 GB) (Free:179.53 GB) FAT32 ==================== MBR & Partition Table ================== ======================================================== Disk: 0 (MBR Code: Windows 7 or 8) (Size: 232.9 GB) (Disk ID: F61A4855) Partition 1: (Active) - (Size=500 MB) - (Type=07 NTFS) Partition 2: (Not Active) - (Size=232.4 GB) - (Type=07 NTFS) ======================================================== Disk: 1 (MBR Code: Windows 7 or 8) (Size: 698.6 GB) (Disk ID: 58F68C0F) Partition 1: (Not Active) - (Size=698.6 GB) - (Type=07 NTFS) ======================================================== Disk: 2 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: B8E31DF5) Partition 1: (Not Active) - (Size=465.8 GB) - (Type=0C) ==================== End of Addition.txt ============================