Hi
I have downloaded some trojan / malware.
When I realized what I have done I scaned my laptop wit several programs (I thought it was clean) and then upgraded from Win7 to Win10.
Unfortunetly there are still some malwares. I have tried several programs, I'm worried that it will spread truogh the lan to other computers.
Could you please help me with this:
Additional scan result of Farbar Recovery Scan Tool (x64) Version:27-12-2015
Ran by 23 (2015-12-27 23:39:49)
Running from C:\Users\23\Desktop
Windows 10 Pro (X64) (2015-12-27 02:02:59)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
23 (S-1-5-21-2662073481-3153093023-2327895656-1000 - Administrator - Enabled) => C:\Users\23
Administrator (S-1-5-21-2662073481-3153093023-2327895656-500 - Administrator - Disabled)
Gość (S-1-5-21-2662073481-3153093023-2327895656-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-2662073481-3153093023-2327895656-1002 - Limited - Enabled)
Konto domyślne (S-1-5-21-2662073481-3153093023-2327895656-503 - Limited - Disabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
FW: avast! Antivirus (Enabled) {2F96FC65-F07D-9D1E-5A6E-3DA5C487EAF0}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
µTorrent (HKU\S-1-5-21-2662073481-3153093023-2327895656-1000\...\uTorrent) (Version: 3.4.5.41372 - BitTorrent Inc.)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 18.0.0.144 - Adobe Systems Incorporated)
Adobe Flash Player 20 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 20.0.0.235 - Adobe Systems Incorporated)
Aktualizacja produktu Microsoft Office Excel 2007 Help (KB963678) (HKLM-x32\...\{90120000-0016-0415-0000-0000000FF1CE}_ENTERPRISE_{04E205D6-88B1-4652-B162-42DF2C3B1228}) (Version: - Microsoft)
Aktualizacja produktu Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM-x32\...\{90120000-0018-0415-0000-0000000FF1CE}_ENTERPRISE_{442ECBCF-94A7-48CC-8CD9-D31FFFD5FA86}) (Version: - Microsoft)
Aktualizacja produktu Microsoft Office Word 2007 Help (KB963665) (HKLM-x32\...\{90120000-001B-0415-0000-0000000FF1CE}_ENTERPRISE_{128A36ED-21BE-4547-9FFE-5B85AEC735DD}) (Version: - Microsoft)
ALLMediaServer (HKLM-x32\...\{FE77909E-B782-4554-A92A-4D887CEF0ACC}_is1) (Version: 0.95 - ALLCinema Ltd.)
ATI Catalyst Install Manager (HKLM\...\{0B759873-FB73-4F8B-DF06-D3ECC76341E6}) (Version: 3.0.750.0 - ATI Technologies, Inc.)
Avast Premier (HKLM-x32\...\Avast) (Version: 11.1.2245 - AVAST Software)
Bamboo Dock (HKLM-x32\...\Bamboo Dock) (Version: 4.1 - Wacom Co., Ltd.)
Bamboo Dock (x32 Version: 4.1.0 - Wacom Europe GmbH) Hidden
Broadcom 2070 Bluetooth 2.1 + EDR (HKLM\...\{9E9D49A4-1DF4-4138-B7DB-5D87A893088E}) (Version: 6.2.1.1100 - Broadcom Corporation)
ChomikBox (HKLM-x32\...\{C7B52FAF-58D8-438C-B810-F78C3C927504}) (Version: 2.0.8.0 - Chomikuj.pl)
Eraser 6.2.0.2970 (HKLM\...\{58F37E51-2A83-49F3-9117-6005C63CF399}) (Version: 6.2.2970 - The Eraser Project)
Foxit Reader (HKLM-x32\...\Foxit Reader_is1) (Version: 7.2.8.1124 - Foxit Software Inc.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 47.0.2526.106 - Google Inc.)
Google Update Helper (x32 Version: 1.3.24.15 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.29.1 - Google Inc.) Hidden
HP 3D DriveGuard (HKLM\...\{C5203A0C-91C4-40C4-9FEC-CCBDC1B76977}) (Version: 4.1.10.1 - Hewlett-Packard Company)
HP HotKey Support (HKLM\...\{12407B47-A01F-4E7E-B00F-07B90BBB3EF4}) (Version: 4.0.18.1 - Hewlett-Packard Company)
HP Support Assistant (HKLM-x32\...\{79C54A05-F146-4EA0-8A70-D4EFE6181E52}) (Version: 8.1.40.3 - Hewlett-Packard Company)
HP Support Solutions Framework (HKLM-x32\...\{B11B6E26-63A4-4BB6-AA39-0AF758B26092}) (Version: 12.0.30.219 - Hewlett-Packard Company)
HP Webcam (HKLM-x32\...\{1D61E881-43CD-447B-9E6B-D2C6138B2862}) (Version: 1.0.26.3 - Roxio)
HP Webcam Driver (HKLM-x32\...\{399C37FB-08AF-493B-BFED-20FBD85EDF7F}) (Version: 5.8.50012.1 - Sonix)
IDT Audio (HKLM-x32\...\{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}) (Version: 1.0.6300.0 - IDT)
Inkscape 0.91 (HKLM\...\{81922150-317E-4BB0-A31D-FF1C14F707C5}) (Version: 0.91 - inkscape.org)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 6.0.0.1179 - Intel Corporation)
Intel(R) Network Connections Drivers (HKLM\...\PROSet) (Version: 16.3 - Intel)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 8.15.10.2559 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 9.6.0.1014 - Intel Corporation)
IrfanView (remove only) (HKLM-x32\...\IrfanView) (Version: 4.40 - Irfan Skiljan)
Kodi (HKU\S-1-5-21-2662073481-3153093023-2327895656-1000\...\Kodi) (Version: - XBMC-Foundation)
LG One Click Root (HKLM-x32\...\{5085AFF1-777B-4052-85D1-59140D26DB28}) (Version: 1.3.0.0 - avicohh software)
LG PC Suite (HKLM-x32\...\LG PC Suite) (Version: 5.3.25.20150529 - LG Electronics)
LG United Mobile Drivers (HKLM-x32\...\{4DE95ED9-0A29-4C4F-8463-35857CF9BA36}) (Version: 3.14.1 - LG Electronics)
LGFlashTool 1.8.1.1023 (HKLM-x32\...\LGFlashTool) (Version: 1.8.1.1023 - LGE)
Livebrush Mini (HKLM-x32\...\com.livebrush.2205ABAA7E8202CDC1251B1FA1E879364B7BAB52.1) (Version: 1.5 - MoreMeYou)
Livebrush Mini (x32 Version: 1.5 - MoreMeYou) Hidden
Logitech SetPoint 6.67 (HKLM\...\sp6) (Version: 6.67.83 - Logitech)
LSI HDA Modem (HKLM\...\LSI Soft Modem) (Version: 2.2.98 - LSI Corporation)
Malwarebytes Anti-Malware wersja 2.2.0.1024 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.0.1024 - Malwarebytes)
Marvell Miniport Driver (HKLM-x32\...\Marvell Miniport Driver) (Version: 11.25.4.3 - Marvell)
MEGAsync (HKLM-x32\...\MEGAsync) (Version: - Mega Limited)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft)
Microsoft Office Enterprise 2007 (HKLM-x32\...\ENTERPRISE) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.41105.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
MOBZync (HKLM\...\{417FF61C-66A9-4A76-8AF7-0E3994AC8C31}) (Version: 0.9.2 - MOBZystems)
Mozilla Firefox 43.0.2 (x86 pl) (HKLM-x32\...\Mozilla Firefox 43.0.2 (x86 pl)) (Version: 43.0.2 - Mozilla)
Notepad++ (HKLM-x32\...\Notepad++) (Version: 6.8.7 - Notepad++ Team)
paint.net (HKLM\...\{DF3A46D9-67B3-44B2-9D01-25C8BA772C8A}) (Version: 4.0.6 - dotPDN LLC)
Picasa 3 (HKLM-x32\...\Picasa 3) (Version: 3.9.141.259 - Google, Inc.)
Popcorn Time (HKU\S-1-5-21-2662073481-3153093023-2327895656-1000\...\Popcorn Time) (Version: - Popcorn Official)
Remotr version 1.1.1193 (HKLM-x32\...\Remotr_is1) (Version: 1.1.1193 - RemoteMyApp sp. z o.o.)
RICOH Media Driver (HKLM-x32\...\{F5CC2EF8-20A4-4366-A681-3FE849E65809}) (Version: 2.14.00.05 - RICOH)
SafeZone Stable 1.46.1990.139 (x32 Version: 1.46.1990.139 - Avast Software) Hidden
SDFormatter (HKLM-x32\...\{179324FF-7B16-4BA8-9836-055CAAEE4F08}) (Version: 4.0.0 - SD Association)
Spotify (HKU\S-1-5-21-2662073481-3153093023-2327895656-1000\...\Spotify) (Version: 1.0.20.94.g8f8543b3 - Spotify AB)
StepMania 5 (HKLM-x32\...\StepMania 5) (Version: 5.0.10 - StepMania)
SumatraPDF (HKLM\...\SumatraPDF) (Version: 3.1 - Krzysztof Kowalczyk)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 15.0.24.0 - Synaptics Incorporated)
Synology Assistant (remove only) (HKLM-x32\...\Synology Assistant) (Version: - )
TeamViewer 10 (HKLM-x32\...\TeamViewer) (Version: 10.0.47484 - TeamViewer)
The Neverhood (HKLM-x32\...\DreamWorks Interactive: Neverhood) (Version: - )
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft)
Vhd Resizer (HKLM-x32\...\{8FAA57C5-7BD1-4285-B4B1-36D7337D7BE5}) (Version: 1.0.42 - Xcarab)
VLC media player (HKLM\...\VLC media player) (Version: 2.2.1 - VideoLAN)
Wacom (HKLM\...\Pen Tablet Driver) (Version: 5.3.3-3 - Wacom Technology Corp.)
WebTablet FB Plugin 32 bit (HKLM-x32\...\Wacom WebTabletPlugin for Internet Explorer and Netscape) (Version: 2.1.0.3 - Wacom Technology Corp.)
WebTablet FB Plugin 64 bit (HKLM\...\Wacom WebTabletPlugin for Internet Explorer and Netscape) (Version: 2.1.0.3 - Wacom Technology Corp.)
WhereIsIt? 2014 (HKLM-x32\...\whereisit-wii_is1) (Version: 2014 - Robert Galle)
Win32DiskImager version 0.9.5 (HKLM-x32\...\{D074CE74-912A-4AD3-A0BF-3937D9D01F17}_is1) (Version: 0.9.5 - ImageWriter Developers)
Windows Driver Package - Broadcom Bluetooth (07/30/2009 6.2.0.9405) (HKLM\...\6B6B5E96843E55CF5CF8C7E45FB457F1FE642FF1) (Version: 07/30/2009 6.2.0.9405 - Broadcom)
Windows Driver Package - Broadcom Bluetooth (12/16/2009 6.2.0.9414) (HKLM\...\7E38E30BB92ED94B21CF062A7386554CBA991FEB) (Version: 12/16/2009 6.2.0.9414 - Broadcom)
Windows Driver Package - Broadcom HIDClass (07/28/2009 6.2.0.9800) (HKLM\...\3BA80AB4C7E9F8497C115C844953A3D4BEB84D21) (Version: 07/28/2009 6.2.0.9800 - Broadcom)
WinRAR 5.01 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.01.0 - win.rar GmbH)
WizMouse v1.7.0.3 (HKLM-x32\...\WizMouse_is1) (Version: - Antibody Software)
==================== Custom CLSID (Whitelisted): ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-2662073481-3153093023-2327895656-1000_Classes\CLSID\{092dfa86-5807-5a94-bf3b-5a53ba9e5308}\InprocServer32 -> C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll (Wacom)
CustomCLSID: HKU\S-1-5-21-2662073481-3153093023-2327895656-1000_Classes\CLSID\{71DCE5D6-4B57-496B-AC21-CD5B54EB93FD}\localserver32 -> C:\Users\23\AppData\Local\Microsoft\OneDrive\17.3.6281.1202\FileCoAuth.exe (Microsoft Corporation)
==================== Scheduled Tasks (Whitelisted) =============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {043A8CDB-EB29-4258-BA0A-716AA4CE905E} - System32\Tasks\Microsoft\Windows\Media Center\PvrScheduleTask => C:\Windows\ehome\mcupdate.exe
Task: {14AF0024-1904-4BC1-9618-B008BAFBE17A} - System32\Tasks\Microsoft\Windows\Media Center\PvrRecoveryTask => C:\Windows\ehome\mcupdate.exe
Task: {21129813-41A9-48DB-A9B9-B95C05C208CF} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION
Task: {2599B8CF-2FAB-44E5-A753-E154D8FC9465} - System32\Tasks\Microsoft\Windows\Media Center\ConfigureInternetTimeService => C:\Windows\ehome\ehPrivJob.exe
Task: {2FEF91EB-FF8E-4130-A9B6-26D515B1BB29} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> No File <==== ATTENTION
Task: {303B5590-0A8F-4842-A644-05F37CA2A35D} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime -> No File <==== ATTENTION
Task: {315A3CF3-8770-4553-A69A-CA050A17D870} - System32\Tasks\Microsoft\Windows\SetupSQMTask => C:\WINDOWS\SYSTEM32\OOBE\SETUPSQM.EXE [2015-07-10] (Microsoft Corporation)
Task: {348393A3-AE90-4892-A74E-8D9858DECC1E} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION
Task: {35DB8F60-F718-42BF-B82F-A06AD3D554AF} - System32\Tasks\Microsoft\Windows\Media Center\ehDRMInit => C:\Windows\ehome\ehPrivJob.exe
Task: {361E75C5-235D-4B15-BDC1-FDFC6DDD26C1} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2015-09-28] (Hewlett-Packard Company)
Task: {3754170A-A0EE-4487-A91C-A4A21091F00C} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2015-12-26] (AVAST Software)
Task: {37D62E5A-FC68-43D9-9F61-F80772C62260} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> No File <==== ATTENTION
Task: {3AB6AAD0-E163-432D-90E2-D0D663D0C667} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate => C:\Windows\ehome\mcupdate.exe
Task: {495F9580-648D-4F63-9E3D-642B5E890F33} - System32\Tasks\Microsoft\Windows\Media Center\InstallPlayReady => C:\Windows\ehome\ehPrivJob.exe
Task: {4A5E042C-85C4-4FC5-AE63-D8D1878ECDFA} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe [2015-09-27] (Hewlett-Packard)
Task: {4C372658-AA9A-4CFC-ABD3-1EE8DEDEBE8F} - System32\Tasks\{65D2175E-5627-4599-AAAB-37B6B9C9AD0E} => pcalua.exe -a "C:\Users\23\Desktop\hp 6450b\x64\sp48629.exe" -d "C:\Users\23\Desktop\hp 6450b\x64"
Task: {4DF8ACEB-D8CF-4714-A64A-6F01148AA39A} - System32\Tasks\Microsoft\Windows\Media Center\ObjectStoreRecoveryTask => C:\Windows\ehome\mcupdate.exe
Task: {52677D9B-2D1A-49B5-B3DF-2683E257A77D} - System32\Tasks\Microsoft\Windows\Media Center\DispatchRecoveryTasks => C:\Windows\ehome\ehPrivJob.exe
Task: {54700F58-157A-4EE4-AF8D-147FF02C6F4D} - System32\Tasks\Microsoft\Windows\Media Center\RegisterSearch => C:\Windows\ehome\ehPrivJob.exe
Task: {54F9E58E-3C03-431C-84E7-361DDF928F83} - System32\Tasks\Microsoft\Windows\Media Center\OCURDiscovery => C:\Windows\ehome\ehPrivJob.exe
Task: {590F9432-6279-47C0-98D8-B78732520FA6} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeTime -> No File <==== ATTENTION
Task: {5A874523-BC55-4BCA-8795-F68BD388C76A} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-28] (Google Inc.)
Task: {608361FB-3B25-4AE8-A9C7-1A72D06B12F3} - System32\Tasks\Microsoft\Windows\Media Center\ActivateWindowsSearch => C:\Windows\ehome\ehPrivJob.exe
Task: {61F797FD-1C9D-4390-A002-45E48C02B081} - System32\Tasks\Microsoft\Windows\Media Center\MediaCenterRecoveryTask => C:\Windows\ehome\mcupdate.exe
Task: {65D38ACC-7B6E-4E5A-AA59-BB62ED5524AC} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2015-09-28] (Hewlett-Packard Company)
Task: {68D32361-6378-4378-8DA3-3D90A5C22028} - System32\Tasks\SafeZone scheduled Autoupdate 1451159433 => C:\Program Files\AVAST Software\SZBrowser\launcher.exe [2015-12-01] (Avast Software)
Task: {69833916-CB17-421F-BF7B-0F4EF39D1A18} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW2 => C:\Windows\ehome\ehPrivJob.exe
Task: {6AA4E7E0-E9CC-494C-9FA4-5D247EF4823B} - System32\Tasks\Microsoft\Windows\Media Center\SqlLiteRecoveryTask => C:\Windows\ehome\mcupdate.exe
Task: {6CAB0F94-8DB7-4F37-B57F-87C461B3615C} - System32\Tasks\Microsoft\Windows\Media Center\RecordingRestart => C:\Windows\ehome\ehrec.exe
Task: {6D11591E-BC53-412E-805B-F88CAE90DE6E} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater - Resources => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe [2015-09-27] (Hewlett-Packard)
Task: {6D3CDC83-1097-47CE-9AB5-27F1BF65162F} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION
Task: {738E7C0E-FAC2-4E7F-8DDA-507FC8A8E1EA} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-28] (Google Inc.)
Task: {7726AA0A-623A-43A6-9A20-B0366A872663} - System32\Tasks\WizMouse => C:\Program Files (x86)\WizMouse\WizMouseLaunch.exe [2013-09-22] ()
Task: {791EA26C-0569-4B5E-8559-5B53B14CF946} - System32\Tasks\{726D87C0-5922-49AB-93A0-F8E8FB98E173} => pcalua.exe -a "E:\hp 6450b\siec\sp49604.exe" -d "E:\hp 6450b\siec"
Task: {87DA5593-C75A-4558-9B70-9A2E23357599} - System32\Tasks\{5E013C0A-B422-4470-ABB6-88BB24CD5FBA} => pcalua.exe -a E:\Windows\setup.exe -d E:\
Task: {99E2CE6B-6C87-47AD-A978-FDDAE7176CEE} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION
Task: {9B8DFF25-C945-4831-A49D-BDECA9D6586B} - System32\Tasks\Microsoft\Windows\Media Center\StartRecording => C:\Windows\ehome\ehrec.exe
Task: {A6681B35-C88A-42D1-849A-08CC39AFC5FA} - System32\Tasks\Microsoft\Windows\Media Center\OCURActivate => C:\Windows\ehome\ehPrivJob.exe
Task: {B0C1C514-887C-4A5D-A7DC-C3FEF46C240F} - System32\Tasks\Microsoft\Windows\Media Center\ReindexSearchRoot => C:\Windows\ehome\ehPrivJob.exe
Task: {B4880015-92C2-41D2-B2F3-29BF33270597} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscovery => C:\Windows\ehome\ehPrivJob.exe
Task: {BB03729A-79D1-4134-8C1C-4207596D190A} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> No File <==== ATTENTION
Task: {C5C3855F-AD07-46F6-B123-1EEBD3F3B886} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> No File <==== ATTENTION
Task: {C8A46762-5058-4000-AB5C-3B60737F52BC} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate_scheduled => C:\Windows\ehome\mcupdate.exe
Task: {CF89BB85-3FBB-4D4E-843A-2B9F664A8B97} - System32\Tasks\Microsoft\Windows\Media Center\UpdateRecordPath => C:\Windows\ehome\ehPrivJob.exe
Task: {D493B7D6-E81E-4E4D-8205-A70E3621FD70} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION
Task: {DF67D783-7750-4640-A822-F713E86B4688} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-12-11] (Adobe Systems Incorporated)
Task: {E2E969E0-8C9A-4EA0-B7E0-36457DA04F74} - System32\Tasks\Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan => c:\Program Files\Microsoft Security Client\MpCmdRun.exe
Task: {E66B45FD-9B01-4B98-BF84-D35A5B7311B4} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW1 => C:\Windows\ehome\ehPrivJob.exe
Task: {EACA238C-BC7D-4A8B-817B-65DD2981431A} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> No File <==== ATTENTION
Task: {EC0A8CD7-A65B-41DF-99BB-1EF987319E45} - System32\Tasks\Microsoft\Windows\Media Center\PeriodicScanRetry => C:\Windows\ehome\MCUpdate.exe
Task: {F2BDEC53-A1F1-4CB4-AD51-614C04A518A7} - System32\Tasks\{32264559-94A2-4573-9582-AE9879343630} => E:\SETUP.EXE
Task: {F5A9D4AD-72AC-4AA7-973C-E6FC7D24910C} - System32\Tasks\Hewlett-Packard\HP Active Health\HP Active Health Scan (HPSA) => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPActiveHealth\ActiveHealth.exe [2015-11-04] (Hewlett-Packard)
Task: {FB61947F-4637-41B9-BF7A-CFEE44F7338D} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Active Health Launcher => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPActiveHealth\ActiveHealth.exe [2015-11-04] (Hewlett-Packard)
Task: {FBC6E54C-6DCB-45FB-8102-9FEF30EE6C7B} - System32\Tasks\HPCeeScheduleFor23 => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2015-06-16] (Hewlett-Packard)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\HPCeeScheduleFor23.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe
==================== Shortcuts =============================
(The entries could be listed to be restored or removed.)
==================== Loaded Modules (Whitelisted) ==============
2015-09-10 06:11 - 2015-09-10 06:11 - 00032768 _____ () C:\WINDOWS\SYSTEM32\licensemanagerapi.dll
2015-09-10 06:12 - 2015-09-10 06:12 - 00404480 _____ () C:\WINDOWS\System32\diagtrack_wininternal.dll
2015-05-11 08:12 - 2015-05-11 08:12 - 00248736 _____ () C:\Program Files (x86)\Synology\Assistant\UsbClientService.exe
2015-12-27 02:36 - 2015-12-27 02:36 - 02494712 _____ () C:\WINDOWS\system32\CoreUIComponents.dll
2015-12-03 23:15 - 2014-01-13 07:24 - 01356568 _____ () C:\Program Files\Tablet\Pen\libxml2.dll
2015-12-27 02:36 - 2015-12-27 02:36 - 02494712 _____ () C:\WINDOWS\System32\CoreUIComponents.dll
2014-05-01 15:13 - 2014-05-01 15:13 - 00470016 _____ () C:\ProgramData\MEGAsync\ShellExtX64.dll
2015-04-15 21:13 - 2015-04-15 21:13 - 00222720 _____ () C:\Program Files (x86)\Notepad++\NppShell_06.dll
2015-12-27 02:36 - 2015-12-27 02:36 - 00429056 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\QuickActions.dll
2015-08-24 20:41 - 2013-09-22 09:27 - 00119000 _____ () C:\Program Files (x86)\WizMouse\wizmouse.exe
2015-12-27 02:36 - 2015-12-27 02:36 - 06569472 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2015-12-27 02:36 - 2015-12-27 02:36 - 00471040 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2015-12-27 02:36 - 2015-12-27 02:36 - 01808384 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2015-12-27 02:36 - 2015-12-27 02:36 - 02274816 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
2012-11-26 23:54 - 2012-11-26 23:54 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll
2012-10-16 10:39 - 2012-10-16 10:39 - 00646744 _____ () C:\Program Files (x86)\Bamboo Dock\BambooCore.exe
2015-12-27 13:36 - 2015-12-27 13:37 - 00012800 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_15.1208.10480.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
2015-12-27 13:36 - 2015-12-27 13:37 - 11542016 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_15.1208.10480.0_x64__8wekyb3d8bbwe\Microsoft.Photos.dll
2015-12-27 13:34 - 2015-12-27 13:34 - 00258560 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_15.1208.10480.0_x64__8wekyb3d8bbwe\StoreRatingPromotion.dll
2015-12-26 20:45 - 2015-12-26 20:45 - 00103888 _____ () C:\Program Files\AVAST Software\Avast\log.dll
2015-12-26 20:45 - 2015-12-26 20:45 - 00125512 _____ () C:\Program Files\AVAST Software\Avast\JsonRpcServer.dll
2015-12-26 20:49 - 2015-12-26 20:49 - 02806272 _____ () C:\Program Files\AVAST Software\Avast\defs\15122601\algo.dll
2015-12-26 20:45 - 2015-12-26 20:45 - 00469008 _____ () C:\Program Files\AVAST Software\Avast\ffl2.dll
2015-12-26 20:45 - 2015-12-26 20:45 - 40539648 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2013-12-18 16:51 - 2010-03-03 20:08 - 00058880 _____ () C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IsdiInterop.dll
2014-05-01 15:15 - 2014-05-01 15:15 - 00463360 _____ () C:\ProgramData\MEGAsync\ShellExtX32.dll
2015-06-08 20:06 - 2015-06-08 20:06 - 00014336 _____ () C:\Program Files (x86)\Notepad++\plugins\NppExport.dll
==================== Alternate Data Streams (Whitelisted) =========
(If an entry is included in the fixlist, only the ADS will be removed.)
==================== Safe Mode (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\08780756.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\08780756.sys => ""="Driver"
==================== EXE Association (Whitelisted) ===============
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
==================== Internet Explorer trusted/restricted ===============
(If an entry is included in the fixlist, it will be removed from the registry.)
==================== Hosts content: ==========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2009-07-14 03:34 - 2015-08-31 21:27 - 00001132 ____A C:\WINDOWS\system32\Drivers\etc\hosts
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-2662073481-3153093023-2327895656-1000\Control Panel\Desktop\\Wallpaper -> C:\WINDOWS\web\wallpaper\Windows\img0.jpg
DNS Servers: 62.179.1.63 - 62.179.1.62
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
(Currently there is no automatic fix for this section.)
==================== FirewallRules (Whitelisted) ===============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [MSMQ-In-TCP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [MSMQ-Out-TCP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [MSMQ-In-UDP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [MSMQ-Out-UDP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [WCF-NetTcpActivator-In-TCP-64bit] => (Allow) LPort=808
FirewallRules: [{2695EDC8-83CE-4B9D-9206-5CF0F596159D}] => (Allow) C:\Program Files\AVAST Software\Avast\ng\vbox\aswFe.exe
FirewallRules: [{4F1DE0F4-9F7C-43F2-B857-5756E8A7BC42}] => (Allow) C:\Program Files\AVAST Software\Avast\ng\vbox\aswFe.exe
FirewallRules: [UDP Query User{34C8AC1F-B90A-404F-95CA-50ADADC9DA4E}C:\users\23\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\23\appdata\roaming\spotify\spotify.exe
FirewallRules: [TCP Query User{248439DD-96A2-48BA-B7A1-419804CC9837}C:\users\23\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\23\appdata\roaming\spotify\spotify.exe
FirewallRules: [UDP Query User{745C39D6-0975-4A6F-B077-B78CA3DAD67B}C:\games\stepmania 5\program\stepmania.exe] => (Allow) C:\games\stepmania 5\program\stepmania.exe
FirewallRules: [TCP Query User{EF8F3AD4-3B97-4B18-8269-D76D61DEFA42}C:\games\stepmania 5\program\stepmania.exe] => (Allow) C:\games\stepmania 5\program\stepmania.exe
FirewallRules: [{9BE691F5-4755-4AA2-A9CE-815ECB8F811C}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [UDP Query User{1CDFEA42-C01E-4EDD-AFFE-1C4735523E5A}C:\users\23\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\23\appdata\roaming\spotify\spotify.exe
FirewallRules: [TCP Query User{2110E87F-0C6C-4C8D-818F-8028E383AA81}C:\users\23\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\23\appdata\roaming\spotify\spotify.exe
FirewallRules: [UDP Query User{60DC2009-51BB-4FB4-AEE1-B2F1B17C2E83}C:\program files (x86)\allmediaserver\mediaserver.exe] => (Allow) C:\program files (x86)\allmediaserver\mediaserver.exe
FirewallRules: [TCP Query User{B80E71B4-56AA-421B-917E-0ECB957A3B84}C:\program files (x86)\allmediaserver\mediaserver.exe] => (Allow) C:\program files (x86)\allmediaserver\mediaserver.exe
FirewallRules: [UDP Query User{D2BBA839-80DF-4204-8399-AC5DAA217BBC}C:\program files (x86)\kodi\kodi.exe] => (Block) C:\program files (x86)\kodi\kodi.exe
FirewallRules: [TCP Query User{BD990FAE-1B23-497C-99EB-BB3535A0E770}C:\program files (x86)\kodi\kodi.exe] => (Block) C:\program files (x86)\kodi\kodi.exe
FirewallRules: [{55A0B510-7580-4942-94F6-9C4AEC0C27A2}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{C3EC1A5A-1872-4CB8-B604-241C8C39936B}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [UDP Query User{07E476E9-CFE3-45CD-AFB0-1E6B2923201B}C:\users\23\appdata\local\popcorn time\nw.exe] => (Allow) C:\users\23\appdata\local\popcorn time\nw.exe
FirewallRules: [TCP Query User{D179683E-ECF0-44BC-9E25-9083BDDD414F}C:\users\23\appdata\local\popcorn time\nw.exe] => (Allow) C:\users\23\appdata\local\popcorn time\nw.exe
FirewallRules: [UDP Query User{E19BE58E-8635-4997-9997-17EF44C8FFEC}C:\program files (x86)\kodi\kodi.exe] => (Allow) C:\program files (x86)\kodi\kodi.exe
FirewallRules: [TCP Query User{01ABBF5E-0D3F-4592-998F-90F45E78576F}C:\program files (x86)\kodi\kodi.exe] => (Allow) C:\program files (x86)\kodi\kodi.exe
FirewallRules: [UDP Query User{A5109255-B936-4E62-9716-8502362800A5}C:\program files (x86)\synology\assistant\dsassistant.exe] => (Allow) C:\program files (x86)\synology\assistant\dsassistant.exe
FirewallRules: [TCP Query User{D9FC9CAC-95CA-4FC7-A1E1-CD510969CDC6}C:\program files (x86)\synology\assistant\dsassistant.exe] => (Allow) C:\program files (x86)\synology\assistant\dsassistant.exe
FirewallRules: [{D8347BE4-211D-45A6-9E99-66AE2EF78F45}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{73754E23-DFF9-4466-B809-B458F1E50D38}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{2977CF66-02D3-4B87-BA86-11237763A91C}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{1E31CB89-BCDC-40FF-80AD-2D6E870FFE41}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{B4BC88EA-67B9-4EEC-8B9B-7150E1387429}] => (Allow) C:\Program Files (x86)\Remotr\RemotrServer.exe
FirewallRules: [{66114C3E-E80A-4155-9867-CCBF6818F85E}] => (Allow) C:\Users\23\AppData\Local\Temp\nspA25.tmp\Installer-76060148.exe
FirewallRules: [{19C9CDB7-1B7D-4CB5-937F-D78E4BEBCA96}] => (Allow) C:\Users\23\AppData\Local\Temp\nspA25.tmp\Installer-76060148.exe
FirewallRules: [{0E3F70DA-F447-4FCA-AE0C-62AF79557A8F}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{07B5B969-A07C-4E0C-ACEE-FD61733F7D85}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{5BB547C4-89C0-4DDB-A5F6-A48D3820CF01}] => (Allow) C:\Users\23\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{4B545A52-8C65-4921-97E2-205B40CFE508}] => (Allow) C:\Users\23\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{A4265CF3-2585-44E8-AD08-2C0CE2C78140}] => (Allow) C:\Users\23\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{8B1742AA-2474-444D-B94E-612126B76709}] => (Allow) C:\Users\23\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{4404E19C-EFB4-48ED-AECD-3427ECA97568}] => (Allow) C:\Users\23\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{34D5CD25-0796-4CE4-A314-54375C5AADA2}] => (Allow) C:\Users\23\AppData\Roaming\uTorrent\uTorrent.exe
==================== Restore Points =========================
ATTENTION: System Restore is disabled
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
Error: (12/27/2015 02:45:04 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nazwa aplikacji powodującej błąd: SearchUI.exe, wersja: 10.0.10240.16603, sygnatura czasowa: 0x5655390b
Nazwa modułu powodującego błąd: CortanaApi.dll, wersja: 0.0.0.0, sygnatura czasowa: 0x56553724
Kod wyjątku: 0x80000003
Przesunięcie błędu: 0x0000000000151c4f
Identyfikator procesu powodującego błąd: 0xbc0
Godzina uruchomienia aplikacji powodującej błąd: 0xSearchUI.exe0
Ścieżka aplikacji powodującej błąd: SearchUI.exe1
Ścieżka modułu powodującego błąd: SearchUI.exe2
Identyfikator raportu: SearchUI.exe3
Pełna nazwa pakietu powodującego błąd: SearchUI.exe4
Identyfikator aplikacji względem pakietu powodującego błąd: SearchUI.exe5
Error: (12/27/2015 02:45:03 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nazwa aplikacji powodującej błąd: SearchUI.exe, wersja: 10.0.10240.16603, sygnatura czasowa: 0x5655390b
Nazwa modułu powodującego błąd: CortanaApi.dll, wersja: 0.0.0.0, sygnatura czasowa: 0x56553724
Kod wyjątku: 0x80000003
Przesunięcie błędu: 0x0000000000151c4f
Identyfikator procesu powodującego błąd: 0xbec
Godzina uruchomienia aplikacji powodującej błąd: 0xSearchUI.exe0
Ścieżka aplikacji powodującej błąd: SearchUI.exe1
Ścieżka modułu powodującego błąd: SearchUI.exe2
Identyfikator raportu: SearchUI.exe3
Pełna nazwa pakietu powodującego błąd: SearchUI.exe4
Identyfikator aplikacji względem pakietu powodującego błąd: SearchUI.exe5
Error: (12/27/2015 02:45:02 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: 23-Komputer)
Description: Aktywacja aplikacji Microsoft.Windows.Cortana_cw5n1h2txyewy!CortanaUI nie powiodła się. Błąd: -2147023170. Więcej informacji można znaleźć w dzienniku Microsoft-Windows-TWinUI/Działa.
Error: (12/27/2015 02:45:02 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nazwa aplikacji powodującej błąd: SearchUI.exe, wersja: 10.0.10240.16603, sygnatura czasowa: 0x5655390b
Nazwa modułu powodującego błąd: CortanaApi.dll, wersja: 0.0.0.0, sygnatura czasowa: 0x56553724
Kod wyjątku: 0x80000003
Przesunięcie błędu: 0x0000000000151c4f
Identyfikator procesu powodującego błąd: 0x6c8
Godzina uruchomienia aplikacji powodującej błąd: 0xSearchUI.exe0
Ścieżka aplikacji powodującej błąd: SearchUI.exe1
Ścieżka modułu powodującego błąd: SearchUI.exe2
Identyfikator raportu: SearchUI.exe3
Pełna nazwa pakietu powodującego błąd: SearchUI.exe4
Identyfikator aplikacji względem pakietu powodującego błąd: SearchUI.exe5
Error: (12/27/2015 02:44:59 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nazwa aplikacji powodującej błąd: SearchUI.exe, wersja: 10.0.10240.16603, sygnatura czasowa: 0x5655390b
Nazwa modułu powodującego błąd: CortanaApi.dll, wersja: 0.0.0.0, sygnatura czasowa: 0x56553724
Kod wyjątku: 0x80000003
Przesunięcie błędu: 0x0000000000151c4f
Identyfikator procesu powodującego błąd: 0x94c
Godzina uruchomienia aplikacji powodującej błąd: 0xSearchUI.exe0
Ścieżka aplikacji powodującej błąd: SearchUI.exe1
Ścieżka modułu powodującego błąd: SearchUI.exe2
Identyfikator raportu: SearchUI.exe3
Pełna nazwa pakietu powodującego błąd: SearchUI.exe4
Identyfikator aplikacji względem pakietu powodującego błąd: SearchUI.exe5
Error: (12/27/2015 02:44:54 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nazwa aplikacji powodującej błąd: SearchUI.exe, wersja: 10.0.10240.16603, sygnatura czasowa: 0x5655390b
Nazwa modułu powodującego błąd: CortanaApi.dll, wersja: 0.0.0.0, sygnatura czasowa: 0x56553724
Kod wyjątku: 0x80000003
Przesunięcie błędu: 0x0000000000151c4f
Identyfikator procesu powodującego błąd: 0x784
Godzina uruchomienia aplikacji powodującej błąd: 0xSearchUI.exe0
Ścieżka aplikacji powodującej błąd: SearchUI.exe1
Ścieżka modułu powodującego błąd: SearchUI.exe2
Identyfikator raportu: SearchUI.exe3
Pełna nazwa pakietu powodującego błąd: SearchUI.exe4
Identyfikator aplikacji względem pakietu powodującego błąd: SearchUI.exe5
Error: (12/27/2015 02:44:53 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: 23-Komputer)
Description: Aktywacja aplikacji Microsoft.Windows.Cortana_cw5n1h2txyewy!CortanaUI nie powiodła się. Błąd: -2147023170. Więcej informacji można znaleźć w dzienniku Microsoft-Windows-TWinUI/Działa.
Error: (12/27/2015 02:44:53 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nazwa aplikacji powodującej błąd: SearchUI.exe, wersja: 10.0.10240.16603, sygnatura czasowa: 0x5655390b
Nazwa modułu powodującego błąd: CortanaApi.dll, wersja: 0.0.0.0, sygnatura czasowa: 0x56553724
Kod wyjątku: 0x80000003
Przesunięcie błędu: 0x0000000000151c4f
Identyfikator procesu powodującego błąd: 0x450
Godzina uruchomienia aplikacji powodującej błąd: 0xSearchUI.exe0
Ścieżka aplikacji powodującej błąd: SearchUI.exe1
Ścieżka modułu powodującego błąd: SearchUI.exe2
Identyfikator raportu: SearchUI.exe3
Pełna nazwa pakietu powodującego błąd: SearchUI.exe4
Identyfikator aplikacji względem pakietu powodującego błąd: SearchUI.exe5
Error: (12/27/2015 02:44:53 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nazwa aplikacji powodującej błąd: SearchUI.exe, wersja: 10.0.10240.16603, sygnatura czasowa: 0x5655390b
Nazwa modułu powodującego błąd: CortanaApi.dll, wersja: 0.0.0.0, sygnatura czasowa: 0x56553724
Kod wyjątku: 0x80000003
Przesunięcie błędu: 0x0000000000151c4f
Identyfikator procesu powodującego błąd: 0x258
Godzina uruchomienia aplikacji powodującej błąd: 0xSearchUI.exe0
Ścieżka aplikacji powodującej błąd: SearchUI.exe1
Ścieżka modułu powodującego błąd: SearchUI.exe2
Identyfikator raportu: SearchUI.exe3
Pełna nazwa pakietu powodującego błąd: SearchUI.exe4
Identyfikator aplikacji względem pakietu powodującego błąd: SearchUI.exe5
Error: (12/27/2015 02:44:52 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: 23-Komputer)
Description: Aktywacja aplikacji Microsoft.Windows.Cortana_cw5n1h2txyewy!CortanaUI nie powiodła się. Błąd: -2147023170. Więcej informacji można znaleźć w dzienniku Microsoft-Windows-TWinUI/Działa.
System errors:
=============
Error: (12/27/2015 11:22:47 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Usługa Adapter odbiornika Net.Tcp zależy od usługi Usługa udostępniania portów Net.Tcp, której nie można uruchomić z powodu następującego błędu:
%%1058
Error: (12/27/2015 11:22:22 PM) (Source: DCOM) (EventID: 10010) (User: 23-Komputer)
Description: {9BA05972-F6A8-11CF-A442-00A0C90A8F39}
Error: (12/27/2015 11:22:21 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Usługa Dostęp do danych użytkownika_Session1 niespodziewanie zakończyła pracę. Wystąpiło to razy: 1. W przeciągu 10000 milisekund zostanie podjęta następująca czynność korekcyjna: Uruchom usługę ponownie.
Error: (12/27/2015 11:22:21 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Usługa Magazyn danych użytkownika_Session1 niespodziewanie zakończyła pracę. Wystąpiło to razy: 1. W przeciągu 10000 milisekund zostanie podjęta następująca czynność korekcyjna: Uruchom usługę ponownie.
Error: (12/27/2015 11:22:21 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Usługa Dane kontaktowe_Session1 niespodziewanie zakończyła pracę. Wystąpiło to razy: 1. W przeciągu 10000 milisekund zostanie podjęta następująca czynność korekcyjna: Uruchom usługę ponownie.
Error: (12/27/2015 11:22:21 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Usługa Synchronizuj hosta_Session1 niespodziewanie zakończyła pracę. Wystąpiło to razy: 1. W przeciągu 10000 milisekund zostanie podjęta następująca czynność korekcyjna: Uruchom usługę ponownie.
Error: (12/27/2015 02:45:41 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Usługa Adapter odbiornika Net.Tcp zależy od usługi Usługa udostępniania portów Net.Tcp, której nie można uruchomić z powodu następującego błędu:
%%1058
Error: (12/27/2015 02:45:20 PM) (Source: DCOM) (EventID: 10005) (User: ZARZĄDZANIE NT)
Description: 1084dpsNiedostępny{DDCFD26B-FEED-44CD-B71D-79487D2E5E5A}
Error: (12/27/2015 02:45:07 PM) (Source: DCOM) (EventID: 10005) (User: 23-Komputer)
Description: 1084ShellHWDetectionNiedostępny{DD522ACC-F821-461A-A407-50B198B896DC}
Error: (12/27/2015 02:45:04 PM) (Source: DCOM) (EventID: 10005) (User: ZARZĄDZANIE NT)
Description: 1084dpsNiedostępny{DDCFD26B-FEED-44CD-B71D-79487D2E5E5A}
==================== Memory info ===========================
Processor: Intel(R) Core(TM) i7 CPU M 640 @ 2.80GHz
Percentage of memory in use: 62%
Total physical RAM: 3887.43 MB
Available physical RAM: 1450.46 MB
Total Virtual: 7855.43 MB
Available Virtual: 5229.27 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:222.85 GB) (Free:142.53 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 223.6 GB) (Disk ID: DC3E8E25)
Partition 1: (Active) - (Size=283 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=222.9 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=450 MB) - (Type=27)
==================== End of Addition.txt ============================
I have downloaded some trojan / malware.
When I realized what I have done I scaned my laptop wit several programs (I thought it was clean) and then upgraded from Win7 to Win10.
Unfortunetly there are still some malwares. I have tried several programs, I'm worried that it will spread truogh the lan to other computers.
Could you please help me with this:
Additional scan result of Farbar Recovery Scan Tool (x64) Version:27-12-2015
Ran by 23 (2015-12-27 23:39:49)
Running from C:\Users\23\Desktop
Windows 10 Pro (X64) (2015-12-27 02:02:59)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
23 (S-1-5-21-2662073481-3153093023-2327895656-1000 - Administrator - Enabled) => C:\Users\23
Administrator (S-1-5-21-2662073481-3153093023-2327895656-500 - Administrator - Disabled)
Gość (S-1-5-21-2662073481-3153093023-2327895656-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-2662073481-3153093023-2327895656-1002 - Limited - Enabled)
Konto domyślne (S-1-5-21-2662073481-3153093023-2327895656-503 - Limited - Disabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
FW: avast! Antivirus (Enabled) {2F96FC65-F07D-9D1E-5A6E-3DA5C487EAF0}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
µTorrent (HKU\S-1-5-21-2662073481-3153093023-2327895656-1000\...\uTorrent) (Version: 3.4.5.41372 - BitTorrent Inc.)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 18.0.0.144 - Adobe Systems Incorporated)
Adobe Flash Player 20 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 20.0.0.235 - Adobe Systems Incorporated)
Aktualizacja produktu Microsoft Office Excel 2007 Help (KB963678) (HKLM-x32\...\{90120000-0016-0415-0000-0000000FF1CE}_ENTERPRISE_{04E205D6-88B1-4652-B162-42DF2C3B1228}) (Version: - Microsoft)
Aktualizacja produktu Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM-x32\...\{90120000-0018-0415-0000-0000000FF1CE}_ENTERPRISE_{442ECBCF-94A7-48CC-8CD9-D31FFFD5FA86}) (Version: - Microsoft)
Aktualizacja produktu Microsoft Office Word 2007 Help (KB963665) (HKLM-x32\...\{90120000-001B-0415-0000-0000000FF1CE}_ENTERPRISE_{128A36ED-21BE-4547-9FFE-5B85AEC735DD}) (Version: - Microsoft)
ALLMediaServer (HKLM-x32\...\{FE77909E-B782-4554-A92A-4D887CEF0ACC}_is1) (Version: 0.95 - ALLCinema Ltd.)
ATI Catalyst Install Manager (HKLM\...\{0B759873-FB73-4F8B-DF06-D3ECC76341E6}) (Version: 3.0.750.0 - ATI Technologies, Inc.)
Avast Premier (HKLM-x32\...\Avast) (Version: 11.1.2245 - AVAST Software)
Bamboo Dock (HKLM-x32\...\Bamboo Dock) (Version: 4.1 - Wacom Co., Ltd.)
Bamboo Dock (x32 Version: 4.1.0 - Wacom Europe GmbH) Hidden
Broadcom 2070 Bluetooth 2.1 + EDR (HKLM\...\{9E9D49A4-1DF4-4138-B7DB-5D87A893088E}) (Version: 6.2.1.1100 - Broadcom Corporation)
ChomikBox (HKLM-x32\...\{C7B52FAF-58D8-438C-B810-F78C3C927504}) (Version: 2.0.8.0 - Chomikuj.pl)
Eraser 6.2.0.2970 (HKLM\...\{58F37E51-2A83-49F3-9117-6005C63CF399}) (Version: 6.2.2970 - The Eraser Project)
Foxit Reader (HKLM-x32\...\Foxit Reader_is1) (Version: 7.2.8.1124 - Foxit Software Inc.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 47.0.2526.106 - Google Inc.)
Google Update Helper (x32 Version: 1.3.24.15 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.29.1 - Google Inc.) Hidden
HP 3D DriveGuard (HKLM\...\{C5203A0C-91C4-40C4-9FEC-CCBDC1B76977}) (Version: 4.1.10.1 - Hewlett-Packard Company)
HP HotKey Support (HKLM\...\{12407B47-A01F-4E7E-B00F-07B90BBB3EF4}) (Version: 4.0.18.1 - Hewlett-Packard Company)
HP Support Assistant (HKLM-x32\...\{79C54A05-F146-4EA0-8A70-D4EFE6181E52}) (Version: 8.1.40.3 - Hewlett-Packard Company)
HP Support Solutions Framework (HKLM-x32\...\{B11B6E26-63A4-4BB6-AA39-0AF758B26092}) (Version: 12.0.30.219 - Hewlett-Packard Company)
HP Webcam (HKLM-x32\...\{1D61E881-43CD-447B-9E6B-D2C6138B2862}) (Version: 1.0.26.3 - Roxio)
HP Webcam Driver (HKLM-x32\...\{399C37FB-08AF-493B-BFED-20FBD85EDF7F}) (Version: 5.8.50012.1 - Sonix)
IDT Audio (HKLM-x32\...\{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}) (Version: 1.0.6300.0 - IDT)
Inkscape 0.91 (HKLM\...\{81922150-317E-4BB0-A31D-FF1C14F707C5}) (Version: 0.91 - inkscape.org)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 6.0.0.1179 - Intel Corporation)
Intel(R) Network Connections Drivers (HKLM\...\PROSet) (Version: 16.3 - Intel)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 8.15.10.2559 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 9.6.0.1014 - Intel Corporation)
IrfanView (remove only) (HKLM-x32\...\IrfanView) (Version: 4.40 - Irfan Skiljan)
Kodi (HKU\S-1-5-21-2662073481-3153093023-2327895656-1000\...\Kodi) (Version: - XBMC-Foundation)
LG One Click Root (HKLM-x32\...\{5085AFF1-777B-4052-85D1-59140D26DB28}) (Version: 1.3.0.0 - avicohh software)
LG PC Suite (HKLM-x32\...\LG PC Suite) (Version: 5.3.25.20150529 - LG Electronics)
LG United Mobile Drivers (HKLM-x32\...\{4DE95ED9-0A29-4C4F-8463-35857CF9BA36}) (Version: 3.14.1 - LG Electronics)
LGFlashTool 1.8.1.1023 (HKLM-x32\...\LGFlashTool) (Version: 1.8.1.1023 - LGE)
Livebrush Mini (HKLM-x32\...\com.livebrush.2205ABAA7E8202CDC1251B1FA1E879364B7BAB52.1) (Version: 1.5 - MoreMeYou)
Livebrush Mini (x32 Version: 1.5 - MoreMeYou) Hidden
Logitech SetPoint 6.67 (HKLM\...\sp6) (Version: 6.67.83 - Logitech)
LSI HDA Modem (HKLM\...\LSI Soft Modem) (Version: 2.2.98 - LSI Corporation)
Malwarebytes Anti-Malware wersja 2.2.0.1024 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.0.1024 - Malwarebytes)
Marvell Miniport Driver (HKLM-x32\...\Marvell Miniport Driver) (Version: 11.25.4.3 - Marvell)
MEGAsync (HKLM-x32\...\MEGAsync) (Version: - Mega Limited)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft)
Microsoft Office Enterprise 2007 (HKLM-x32\...\ENTERPRISE) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.41105.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
MOBZync (HKLM\...\{417FF61C-66A9-4A76-8AF7-0E3994AC8C31}) (Version: 0.9.2 - MOBZystems)
Mozilla Firefox 43.0.2 (x86 pl) (HKLM-x32\...\Mozilla Firefox 43.0.2 (x86 pl)) (Version: 43.0.2 - Mozilla)
Notepad++ (HKLM-x32\...\Notepad++) (Version: 6.8.7 - Notepad++ Team)
paint.net (HKLM\...\{DF3A46D9-67B3-44B2-9D01-25C8BA772C8A}) (Version: 4.0.6 - dotPDN LLC)
Picasa 3 (HKLM-x32\...\Picasa 3) (Version: 3.9.141.259 - Google, Inc.)
Popcorn Time (HKU\S-1-5-21-2662073481-3153093023-2327895656-1000\...\Popcorn Time) (Version: - Popcorn Official)
Remotr version 1.1.1193 (HKLM-x32\...\Remotr_is1) (Version: 1.1.1193 - RemoteMyApp sp. z o.o.)
RICOH Media Driver (HKLM-x32\...\{F5CC2EF8-20A4-4366-A681-3FE849E65809}) (Version: 2.14.00.05 - RICOH)
SafeZone Stable 1.46.1990.139 (x32 Version: 1.46.1990.139 - Avast Software) Hidden
SDFormatter (HKLM-x32\...\{179324FF-7B16-4BA8-9836-055CAAEE4F08}) (Version: 4.0.0 - SD Association)
Spotify (HKU\S-1-5-21-2662073481-3153093023-2327895656-1000\...\Spotify) (Version: 1.0.20.94.g8f8543b3 - Spotify AB)
StepMania 5 (HKLM-x32\...\StepMania 5) (Version: 5.0.10 - StepMania)
SumatraPDF (HKLM\...\SumatraPDF) (Version: 3.1 - Krzysztof Kowalczyk)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 15.0.24.0 - Synaptics Incorporated)
Synology Assistant (remove only) (HKLM-x32\...\Synology Assistant) (Version: - )
TeamViewer 10 (HKLM-x32\...\TeamViewer) (Version: 10.0.47484 - TeamViewer)
The Neverhood (HKLM-x32\...\DreamWorks Interactive: Neverhood) (Version: - )
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft)
Vhd Resizer (HKLM-x32\...\{8FAA57C5-7BD1-4285-B4B1-36D7337D7BE5}) (Version: 1.0.42 - Xcarab)
VLC media player (HKLM\...\VLC media player) (Version: 2.2.1 - VideoLAN)
Wacom (HKLM\...\Pen Tablet Driver) (Version: 5.3.3-3 - Wacom Technology Corp.)
WebTablet FB Plugin 32 bit (HKLM-x32\...\Wacom WebTabletPlugin for Internet Explorer and Netscape) (Version: 2.1.0.3 - Wacom Technology Corp.)
WebTablet FB Plugin 64 bit (HKLM\...\Wacom WebTabletPlugin for Internet Explorer and Netscape) (Version: 2.1.0.3 - Wacom Technology Corp.)
WhereIsIt? 2014 (HKLM-x32\...\whereisit-wii_is1) (Version: 2014 - Robert Galle)
Win32DiskImager version 0.9.5 (HKLM-x32\...\{D074CE74-912A-4AD3-A0BF-3937D9D01F17}_is1) (Version: 0.9.5 - ImageWriter Developers)
Windows Driver Package - Broadcom Bluetooth (07/30/2009 6.2.0.9405) (HKLM\...\6B6B5E96843E55CF5CF8C7E45FB457F1FE642FF1) (Version: 07/30/2009 6.2.0.9405 - Broadcom)
Windows Driver Package - Broadcom Bluetooth (12/16/2009 6.2.0.9414) (HKLM\...\7E38E30BB92ED94B21CF062A7386554CBA991FEB) (Version: 12/16/2009 6.2.0.9414 - Broadcom)
Windows Driver Package - Broadcom HIDClass (07/28/2009 6.2.0.9800) (HKLM\...\3BA80AB4C7E9F8497C115C844953A3D4BEB84D21) (Version: 07/28/2009 6.2.0.9800 - Broadcom)
WinRAR 5.01 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.01.0 - win.rar GmbH)
WizMouse v1.7.0.3 (HKLM-x32\...\WizMouse_is1) (Version: - Antibody Software)
==================== Custom CLSID (Whitelisted): ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-2662073481-3153093023-2327895656-1000_Classes\CLSID\{092dfa86-5807-5a94-bf3b-5a53ba9e5308}\InprocServer32 -> C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll (Wacom)
CustomCLSID: HKU\S-1-5-21-2662073481-3153093023-2327895656-1000_Classes\CLSID\{71DCE5D6-4B57-496B-AC21-CD5B54EB93FD}\localserver32 -> C:\Users\23\AppData\Local\Microsoft\OneDrive\17.3.6281.1202\FileCoAuth.exe (Microsoft Corporation)
==================== Scheduled Tasks (Whitelisted) =============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {043A8CDB-EB29-4258-BA0A-716AA4CE905E} - System32\Tasks\Microsoft\Windows\Media Center\PvrScheduleTask => C:\Windows\ehome\mcupdate.exe
Task: {14AF0024-1904-4BC1-9618-B008BAFBE17A} - System32\Tasks\Microsoft\Windows\Media Center\PvrRecoveryTask => C:\Windows\ehome\mcupdate.exe
Task: {21129813-41A9-48DB-A9B9-B95C05C208CF} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION
Task: {2599B8CF-2FAB-44E5-A753-E154D8FC9465} - System32\Tasks\Microsoft\Windows\Media Center\ConfigureInternetTimeService => C:\Windows\ehome\ehPrivJob.exe
Task: {2FEF91EB-FF8E-4130-A9B6-26D515B1BB29} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> No File <==== ATTENTION
Task: {303B5590-0A8F-4842-A644-05F37CA2A35D} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime -> No File <==== ATTENTION
Task: {315A3CF3-8770-4553-A69A-CA050A17D870} - System32\Tasks\Microsoft\Windows\SetupSQMTask => C:\WINDOWS\SYSTEM32\OOBE\SETUPSQM.EXE [2015-07-10] (Microsoft Corporation)
Task: {348393A3-AE90-4892-A74E-8D9858DECC1E} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION
Task: {35DB8F60-F718-42BF-B82F-A06AD3D554AF} - System32\Tasks\Microsoft\Windows\Media Center\ehDRMInit => C:\Windows\ehome\ehPrivJob.exe
Task: {361E75C5-235D-4B15-BDC1-FDFC6DDD26C1} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2015-09-28] (Hewlett-Packard Company)
Task: {3754170A-A0EE-4487-A91C-A4A21091F00C} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2015-12-26] (AVAST Software)
Task: {37D62E5A-FC68-43D9-9F61-F80772C62260} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> No File <==== ATTENTION
Task: {3AB6AAD0-E163-432D-90E2-D0D663D0C667} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate => C:\Windows\ehome\mcupdate.exe
Task: {495F9580-648D-4F63-9E3D-642B5E890F33} - System32\Tasks\Microsoft\Windows\Media Center\InstallPlayReady => C:\Windows\ehome\ehPrivJob.exe
Task: {4A5E042C-85C4-4FC5-AE63-D8D1878ECDFA} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe [2015-09-27] (Hewlett-Packard)
Task: {4C372658-AA9A-4CFC-ABD3-1EE8DEDEBE8F} - System32\Tasks\{65D2175E-5627-4599-AAAB-37B6B9C9AD0E} => pcalua.exe -a "C:\Users\23\Desktop\hp 6450b\x64\sp48629.exe" -d "C:\Users\23\Desktop\hp 6450b\x64"
Task: {4DF8ACEB-D8CF-4714-A64A-6F01148AA39A} - System32\Tasks\Microsoft\Windows\Media Center\ObjectStoreRecoveryTask => C:\Windows\ehome\mcupdate.exe
Task: {52677D9B-2D1A-49B5-B3DF-2683E257A77D} - System32\Tasks\Microsoft\Windows\Media Center\DispatchRecoveryTasks => C:\Windows\ehome\ehPrivJob.exe
Task: {54700F58-157A-4EE4-AF8D-147FF02C6F4D} - System32\Tasks\Microsoft\Windows\Media Center\RegisterSearch => C:\Windows\ehome\ehPrivJob.exe
Task: {54F9E58E-3C03-431C-84E7-361DDF928F83} - System32\Tasks\Microsoft\Windows\Media Center\OCURDiscovery => C:\Windows\ehome\ehPrivJob.exe
Task: {590F9432-6279-47C0-98D8-B78732520FA6} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeTime -> No File <==== ATTENTION
Task: {5A874523-BC55-4BCA-8795-F68BD388C76A} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-28] (Google Inc.)
Task: {608361FB-3B25-4AE8-A9C7-1A72D06B12F3} - System32\Tasks\Microsoft\Windows\Media Center\ActivateWindowsSearch => C:\Windows\ehome\ehPrivJob.exe
Task: {61F797FD-1C9D-4390-A002-45E48C02B081} - System32\Tasks\Microsoft\Windows\Media Center\MediaCenterRecoveryTask => C:\Windows\ehome\mcupdate.exe
Task: {65D38ACC-7B6E-4E5A-AA59-BB62ED5524AC} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2015-09-28] (Hewlett-Packard Company)
Task: {68D32361-6378-4378-8DA3-3D90A5C22028} - System32\Tasks\SafeZone scheduled Autoupdate 1451159433 => C:\Program Files\AVAST Software\SZBrowser\launcher.exe [2015-12-01] (Avast Software)
Task: {69833916-CB17-421F-BF7B-0F4EF39D1A18} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW2 => C:\Windows\ehome\ehPrivJob.exe
Task: {6AA4E7E0-E9CC-494C-9FA4-5D247EF4823B} - System32\Tasks\Microsoft\Windows\Media Center\SqlLiteRecoveryTask => C:\Windows\ehome\mcupdate.exe
Task: {6CAB0F94-8DB7-4F37-B57F-87C461B3615C} - System32\Tasks\Microsoft\Windows\Media Center\RecordingRestart => C:\Windows\ehome\ehrec.exe
Task: {6D11591E-BC53-412E-805B-F88CAE90DE6E} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater - Resources => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe [2015-09-27] (Hewlett-Packard)
Task: {6D3CDC83-1097-47CE-9AB5-27F1BF65162F} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION
Task: {738E7C0E-FAC2-4E7F-8DDA-507FC8A8E1EA} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-28] (Google Inc.)
Task: {7726AA0A-623A-43A6-9A20-B0366A872663} - System32\Tasks\WizMouse => C:\Program Files (x86)\WizMouse\WizMouseLaunch.exe [2013-09-22] ()
Task: {791EA26C-0569-4B5E-8559-5B53B14CF946} - System32\Tasks\{726D87C0-5922-49AB-93A0-F8E8FB98E173} => pcalua.exe -a "E:\hp 6450b\siec\sp49604.exe" -d "E:\hp 6450b\siec"
Task: {87DA5593-C75A-4558-9B70-9A2E23357599} - System32\Tasks\{5E013C0A-B422-4470-ABB6-88BB24CD5FBA} => pcalua.exe -a E:\Windows\setup.exe -d E:\
Task: {99E2CE6B-6C87-47AD-A978-FDDAE7176CEE} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION
Task: {9B8DFF25-C945-4831-A49D-BDECA9D6586B} - System32\Tasks\Microsoft\Windows\Media Center\StartRecording => C:\Windows\ehome\ehrec.exe
Task: {A6681B35-C88A-42D1-849A-08CC39AFC5FA} - System32\Tasks\Microsoft\Windows\Media Center\OCURActivate => C:\Windows\ehome\ehPrivJob.exe
Task: {B0C1C514-887C-4A5D-A7DC-C3FEF46C240F} - System32\Tasks\Microsoft\Windows\Media Center\ReindexSearchRoot => C:\Windows\ehome\ehPrivJob.exe
Task: {B4880015-92C2-41D2-B2F3-29BF33270597} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscovery => C:\Windows\ehome\ehPrivJob.exe
Task: {BB03729A-79D1-4134-8C1C-4207596D190A} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> No File <==== ATTENTION
Task: {C5C3855F-AD07-46F6-B123-1EEBD3F3B886} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> No File <==== ATTENTION
Task: {C8A46762-5058-4000-AB5C-3B60737F52BC} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate_scheduled => C:\Windows\ehome\mcupdate.exe
Task: {CF89BB85-3FBB-4D4E-843A-2B9F664A8B97} - System32\Tasks\Microsoft\Windows\Media Center\UpdateRecordPath => C:\Windows\ehome\ehPrivJob.exe
Task: {D493B7D6-E81E-4E4D-8205-A70E3621FD70} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION
Task: {DF67D783-7750-4640-A822-F713E86B4688} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-12-11] (Adobe Systems Incorporated)
Task: {E2E969E0-8C9A-4EA0-B7E0-36457DA04F74} - System32\Tasks\Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan => c:\Program Files\Microsoft Security Client\MpCmdRun.exe
Task: {E66B45FD-9B01-4B98-BF84-D35A5B7311B4} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW1 => C:\Windows\ehome\ehPrivJob.exe
Task: {EACA238C-BC7D-4A8B-817B-65DD2981431A} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> No File <==== ATTENTION
Task: {EC0A8CD7-A65B-41DF-99BB-1EF987319E45} - System32\Tasks\Microsoft\Windows\Media Center\PeriodicScanRetry => C:\Windows\ehome\MCUpdate.exe
Task: {F2BDEC53-A1F1-4CB4-AD51-614C04A518A7} - System32\Tasks\{32264559-94A2-4573-9582-AE9879343630} => E:\SETUP.EXE
Task: {F5A9D4AD-72AC-4AA7-973C-E6FC7D24910C} - System32\Tasks\Hewlett-Packard\HP Active Health\HP Active Health Scan (HPSA) => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPActiveHealth\ActiveHealth.exe [2015-11-04] (Hewlett-Packard)
Task: {FB61947F-4637-41B9-BF7A-CFEE44F7338D} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Active Health Launcher => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPActiveHealth\ActiveHealth.exe [2015-11-04] (Hewlett-Packard)
Task: {FBC6E54C-6DCB-45FB-8102-9FEF30EE6C7B} - System32\Tasks\HPCeeScheduleFor23 => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2015-06-16] (Hewlett-Packard)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\HPCeeScheduleFor23.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe
==================== Shortcuts =============================
(The entries could be listed to be restored or removed.)
==================== Loaded Modules (Whitelisted) ==============
2015-09-10 06:11 - 2015-09-10 06:11 - 00032768 _____ () C:\WINDOWS\SYSTEM32\licensemanagerapi.dll
2015-09-10 06:12 - 2015-09-10 06:12 - 00404480 _____ () C:\WINDOWS\System32\diagtrack_wininternal.dll
2015-05-11 08:12 - 2015-05-11 08:12 - 00248736 _____ () C:\Program Files (x86)\Synology\Assistant\UsbClientService.exe
2015-12-27 02:36 - 2015-12-27 02:36 - 02494712 _____ () C:\WINDOWS\system32\CoreUIComponents.dll
2015-12-03 23:15 - 2014-01-13 07:24 - 01356568 _____ () C:\Program Files\Tablet\Pen\libxml2.dll
2015-12-27 02:36 - 2015-12-27 02:36 - 02494712 _____ () C:\WINDOWS\System32\CoreUIComponents.dll
2014-05-01 15:13 - 2014-05-01 15:13 - 00470016 _____ () C:\ProgramData\MEGAsync\ShellExtX64.dll
2015-04-15 21:13 - 2015-04-15 21:13 - 00222720 _____ () C:\Program Files (x86)\Notepad++\NppShell_06.dll
2015-12-27 02:36 - 2015-12-27 02:36 - 00429056 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\QuickActions.dll
2015-08-24 20:41 - 2013-09-22 09:27 - 00119000 _____ () C:\Program Files (x86)\WizMouse\wizmouse.exe
2015-12-27 02:36 - 2015-12-27 02:36 - 06569472 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2015-12-27 02:36 - 2015-12-27 02:36 - 00471040 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2015-12-27 02:36 - 2015-12-27 02:36 - 01808384 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2015-12-27 02:36 - 2015-12-27 02:36 - 02274816 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
2012-11-26 23:54 - 2012-11-26 23:54 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll
2012-10-16 10:39 - 2012-10-16 10:39 - 00646744 _____ () C:\Program Files (x86)\Bamboo Dock\BambooCore.exe
2015-12-27 13:36 - 2015-12-27 13:37 - 00012800 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_15.1208.10480.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
2015-12-27 13:36 - 2015-12-27 13:37 - 11542016 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_15.1208.10480.0_x64__8wekyb3d8bbwe\Microsoft.Photos.dll
2015-12-27 13:34 - 2015-12-27 13:34 - 00258560 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_15.1208.10480.0_x64__8wekyb3d8bbwe\StoreRatingPromotion.dll
2015-12-26 20:45 - 2015-12-26 20:45 - 00103888 _____ () C:\Program Files\AVAST Software\Avast\log.dll
2015-12-26 20:45 - 2015-12-26 20:45 - 00125512 _____ () C:\Program Files\AVAST Software\Avast\JsonRpcServer.dll
2015-12-26 20:49 - 2015-12-26 20:49 - 02806272 _____ () C:\Program Files\AVAST Software\Avast\defs\15122601\algo.dll
2015-12-26 20:45 - 2015-12-26 20:45 - 00469008 _____ () C:\Program Files\AVAST Software\Avast\ffl2.dll
2015-12-26 20:45 - 2015-12-26 20:45 - 40539648 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2013-12-18 16:51 - 2010-03-03 20:08 - 00058880 _____ () C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IsdiInterop.dll
2014-05-01 15:15 - 2014-05-01 15:15 - 00463360 _____ () C:\ProgramData\MEGAsync\ShellExtX32.dll
2015-06-08 20:06 - 2015-06-08 20:06 - 00014336 _____ () C:\Program Files (x86)\Notepad++\plugins\NppExport.dll
==================== Alternate Data Streams (Whitelisted) =========
(If an entry is included in the fixlist, only the ADS will be removed.)
==================== Safe Mode (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\08780756.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\08780756.sys => ""="Driver"
==================== EXE Association (Whitelisted) ===============
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
==================== Internet Explorer trusted/restricted ===============
(If an entry is included in the fixlist, it will be removed from the registry.)
==================== Hosts content: ==========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2009-07-14 03:34 - 2015-08-31 21:27 - 00001132 ____A C:\WINDOWS\system32\Drivers\etc\hosts
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-2662073481-3153093023-2327895656-1000\Control Panel\Desktop\\Wallpaper -> C:\WINDOWS\web\wallpaper\Windows\img0.jpg
DNS Servers: 62.179.1.63 - 62.179.1.62
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
(Currently there is no automatic fix for this section.)
==================== FirewallRules (Whitelisted) ===============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [MSMQ-In-TCP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [MSMQ-Out-TCP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [MSMQ-In-UDP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [MSMQ-Out-UDP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [WCF-NetTcpActivator-In-TCP-64bit] => (Allow) LPort=808
FirewallRules: [{2695EDC8-83CE-4B9D-9206-5CF0F596159D}] => (Allow) C:\Program Files\AVAST Software\Avast\ng\vbox\aswFe.exe
FirewallRules: [{4F1DE0F4-9F7C-43F2-B857-5756E8A7BC42}] => (Allow) C:\Program Files\AVAST Software\Avast\ng\vbox\aswFe.exe
FirewallRules: [UDP Query User{34C8AC1F-B90A-404F-95CA-50ADADC9DA4E}C:\users\23\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\23\appdata\roaming\spotify\spotify.exe
FirewallRules: [TCP Query User{248439DD-96A2-48BA-B7A1-419804CC9837}C:\users\23\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\23\appdata\roaming\spotify\spotify.exe
FirewallRules: [UDP Query User{745C39D6-0975-4A6F-B077-B78CA3DAD67B}C:\games\stepmania 5\program\stepmania.exe] => (Allow) C:\games\stepmania 5\program\stepmania.exe
FirewallRules: [TCP Query User{EF8F3AD4-3B97-4B18-8269-D76D61DEFA42}C:\games\stepmania 5\program\stepmania.exe] => (Allow) C:\games\stepmania 5\program\stepmania.exe
FirewallRules: [{9BE691F5-4755-4AA2-A9CE-815ECB8F811C}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [UDP Query User{1CDFEA42-C01E-4EDD-AFFE-1C4735523E5A}C:\users\23\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\23\appdata\roaming\spotify\spotify.exe
FirewallRules: [TCP Query User{2110E87F-0C6C-4C8D-818F-8028E383AA81}C:\users\23\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\23\appdata\roaming\spotify\spotify.exe
FirewallRules: [UDP Query User{60DC2009-51BB-4FB4-AEE1-B2F1B17C2E83}C:\program files (x86)\allmediaserver\mediaserver.exe] => (Allow) C:\program files (x86)\allmediaserver\mediaserver.exe
FirewallRules: [TCP Query User{B80E71B4-56AA-421B-917E-0ECB957A3B84}C:\program files (x86)\allmediaserver\mediaserver.exe] => (Allow) C:\program files (x86)\allmediaserver\mediaserver.exe
FirewallRules: [UDP Query User{D2BBA839-80DF-4204-8399-AC5DAA217BBC}C:\program files (x86)\kodi\kodi.exe] => (Block) C:\program files (x86)\kodi\kodi.exe
FirewallRules: [TCP Query User{BD990FAE-1B23-497C-99EB-BB3535A0E770}C:\program files (x86)\kodi\kodi.exe] => (Block) C:\program files (x86)\kodi\kodi.exe
FirewallRules: [{55A0B510-7580-4942-94F6-9C4AEC0C27A2}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{C3EC1A5A-1872-4CB8-B604-241C8C39936B}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [UDP Query User{07E476E9-CFE3-45CD-AFB0-1E6B2923201B}C:\users\23\appdata\local\popcorn time\nw.exe] => (Allow) C:\users\23\appdata\local\popcorn time\nw.exe
FirewallRules: [TCP Query User{D179683E-ECF0-44BC-9E25-9083BDDD414F}C:\users\23\appdata\local\popcorn time\nw.exe] => (Allow) C:\users\23\appdata\local\popcorn time\nw.exe
FirewallRules: [UDP Query User{E19BE58E-8635-4997-9997-17EF44C8FFEC}C:\program files (x86)\kodi\kodi.exe] => (Allow) C:\program files (x86)\kodi\kodi.exe
FirewallRules: [TCP Query User{01ABBF5E-0D3F-4592-998F-90F45E78576F}C:\program files (x86)\kodi\kodi.exe] => (Allow) C:\program files (x86)\kodi\kodi.exe
FirewallRules: [UDP Query User{A5109255-B936-4E62-9716-8502362800A5}C:\program files (x86)\synology\assistant\dsassistant.exe] => (Allow) C:\program files (x86)\synology\assistant\dsassistant.exe
FirewallRules: [TCP Query User{D9FC9CAC-95CA-4FC7-A1E1-CD510969CDC6}C:\program files (x86)\synology\assistant\dsassistant.exe] => (Allow) C:\program files (x86)\synology\assistant\dsassistant.exe
FirewallRules: [{D8347BE4-211D-45A6-9E99-66AE2EF78F45}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{73754E23-DFF9-4466-B809-B458F1E50D38}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{2977CF66-02D3-4B87-BA86-11237763A91C}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{1E31CB89-BCDC-40FF-80AD-2D6E870FFE41}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{B4BC88EA-67B9-4EEC-8B9B-7150E1387429}] => (Allow) C:\Program Files (x86)\Remotr\RemotrServer.exe
FirewallRules: [{66114C3E-E80A-4155-9867-CCBF6818F85E}] => (Allow) C:\Users\23\AppData\Local\Temp\nspA25.tmp\Installer-76060148.exe
FirewallRules: [{19C9CDB7-1B7D-4CB5-937F-D78E4BEBCA96}] => (Allow) C:\Users\23\AppData\Local\Temp\nspA25.tmp\Installer-76060148.exe
FirewallRules: [{0E3F70DA-F447-4FCA-AE0C-62AF79557A8F}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{07B5B969-A07C-4E0C-ACEE-FD61733F7D85}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{5BB547C4-89C0-4DDB-A5F6-A48D3820CF01}] => (Allow) C:\Users\23\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{4B545A52-8C65-4921-97E2-205B40CFE508}] => (Allow) C:\Users\23\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{A4265CF3-2585-44E8-AD08-2C0CE2C78140}] => (Allow) C:\Users\23\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{8B1742AA-2474-444D-B94E-612126B76709}] => (Allow) C:\Users\23\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{4404E19C-EFB4-48ED-AECD-3427ECA97568}] => (Allow) C:\Users\23\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{34D5CD25-0796-4CE4-A314-54375C5AADA2}] => (Allow) C:\Users\23\AppData\Roaming\uTorrent\uTorrent.exe
==================== Restore Points =========================
ATTENTION: System Restore is disabled
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
Error: (12/27/2015 02:45:04 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nazwa aplikacji powodującej błąd: SearchUI.exe, wersja: 10.0.10240.16603, sygnatura czasowa: 0x5655390b
Nazwa modułu powodującego błąd: CortanaApi.dll, wersja: 0.0.0.0, sygnatura czasowa: 0x56553724
Kod wyjątku: 0x80000003
Przesunięcie błędu: 0x0000000000151c4f
Identyfikator procesu powodującego błąd: 0xbc0
Godzina uruchomienia aplikacji powodującej błąd: 0xSearchUI.exe0
Ścieżka aplikacji powodującej błąd: SearchUI.exe1
Ścieżka modułu powodującego błąd: SearchUI.exe2
Identyfikator raportu: SearchUI.exe3
Pełna nazwa pakietu powodującego błąd: SearchUI.exe4
Identyfikator aplikacji względem pakietu powodującego błąd: SearchUI.exe5
Error: (12/27/2015 02:45:03 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nazwa aplikacji powodującej błąd: SearchUI.exe, wersja: 10.0.10240.16603, sygnatura czasowa: 0x5655390b
Nazwa modułu powodującego błąd: CortanaApi.dll, wersja: 0.0.0.0, sygnatura czasowa: 0x56553724
Kod wyjątku: 0x80000003
Przesunięcie błędu: 0x0000000000151c4f
Identyfikator procesu powodującego błąd: 0xbec
Godzina uruchomienia aplikacji powodującej błąd: 0xSearchUI.exe0
Ścieżka aplikacji powodującej błąd: SearchUI.exe1
Ścieżka modułu powodującego błąd: SearchUI.exe2
Identyfikator raportu: SearchUI.exe3
Pełna nazwa pakietu powodującego błąd: SearchUI.exe4
Identyfikator aplikacji względem pakietu powodującego błąd: SearchUI.exe5
Error: (12/27/2015 02:45:02 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: 23-Komputer)
Description: Aktywacja aplikacji Microsoft.Windows.Cortana_cw5n1h2txyewy!CortanaUI nie powiodła się. Błąd: -2147023170. Więcej informacji można znaleźć w dzienniku Microsoft-Windows-TWinUI/Działa.
Error: (12/27/2015 02:45:02 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nazwa aplikacji powodującej błąd: SearchUI.exe, wersja: 10.0.10240.16603, sygnatura czasowa: 0x5655390b
Nazwa modułu powodującego błąd: CortanaApi.dll, wersja: 0.0.0.0, sygnatura czasowa: 0x56553724
Kod wyjątku: 0x80000003
Przesunięcie błędu: 0x0000000000151c4f
Identyfikator procesu powodującego błąd: 0x6c8
Godzina uruchomienia aplikacji powodującej błąd: 0xSearchUI.exe0
Ścieżka aplikacji powodującej błąd: SearchUI.exe1
Ścieżka modułu powodującego błąd: SearchUI.exe2
Identyfikator raportu: SearchUI.exe3
Pełna nazwa pakietu powodującego błąd: SearchUI.exe4
Identyfikator aplikacji względem pakietu powodującego błąd: SearchUI.exe5
Error: (12/27/2015 02:44:59 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nazwa aplikacji powodującej błąd: SearchUI.exe, wersja: 10.0.10240.16603, sygnatura czasowa: 0x5655390b
Nazwa modułu powodującego błąd: CortanaApi.dll, wersja: 0.0.0.0, sygnatura czasowa: 0x56553724
Kod wyjątku: 0x80000003
Przesunięcie błędu: 0x0000000000151c4f
Identyfikator procesu powodującego błąd: 0x94c
Godzina uruchomienia aplikacji powodującej błąd: 0xSearchUI.exe0
Ścieżka aplikacji powodującej błąd: SearchUI.exe1
Ścieżka modułu powodującego błąd: SearchUI.exe2
Identyfikator raportu: SearchUI.exe3
Pełna nazwa pakietu powodującego błąd: SearchUI.exe4
Identyfikator aplikacji względem pakietu powodującego błąd: SearchUI.exe5
Error: (12/27/2015 02:44:54 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nazwa aplikacji powodującej błąd: SearchUI.exe, wersja: 10.0.10240.16603, sygnatura czasowa: 0x5655390b
Nazwa modułu powodującego błąd: CortanaApi.dll, wersja: 0.0.0.0, sygnatura czasowa: 0x56553724
Kod wyjątku: 0x80000003
Przesunięcie błędu: 0x0000000000151c4f
Identyfikator procesu powodującego błąd: 0x784
Godzina uruchomienia aplikacji powodującej błąd: 0xSearchUI.exe0
Ścieżka aplikacji powodującej błąd: SearchUI.exe1
Ścieżka modułu powodującego błąd: SearchUI.exe2
Identyfikator raportu: SearchUI.exe3
Pełna nazwa pakietu powodującego błąd: SearchUI.exe4
Identyfikator aplikacji względem pakietu powodującego błąd: SearchUI.exe5
Error: (12/27/2015 02:44:53 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: 23-Komputer)
Description: Aktywacja aplikacji Microsoft.Windows.Cortana_cw5n1h2txyewy!CortanaUI nie powiodła się. Błąd: -2147023170. Więcej informacji można znaleźć w dzienniku Microsoft-Windows-TWinUI/Działa.
Error: (12/27/2015 02:44:53 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nazwa aplikacji powodującej błąd: SearchUI.exe, wersja: 10.0.10240.16603, sygnatura czasowa: 0x5655390b
Nazwa modułu powodującego błąd: CortanaApi.dll, wersja: 0.0.0.0, sygnatura czasowa: 0x56553724
Kod wyjątku: 0x80000003
Przesunięcie błędu: 0x0000000000151c4f
Identyfikator procesu powodującego błąd: 0x450
Godzina uruchomienia aplikacji powodującej błąd: 0xSearchUI.exe0
Ścieżka aplikacji powodującej błąd: SearchUI.exe1
Ścieżka modułu powodującego błąd: SearchUI.exe2
Identyfikator raportu: SearchUI.exe3
Pełna nazwa pakietu powodującego błąd: SearchUI.exe4
Identyfikator aplikacji względem pakietu powodującego błąd: SearchUI.exe5
Error: (12/27/2015 02:44:53 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nazwa aplikacji powodującej błąd: SearchUI.exe, wersja: 10.0.10240.16603, sygnatura czasowa: 0x5655390b
Nazwa modułu powodującego błąd: CortanaApi.dll, wersja: 0.0.0.0, sygnatura czasowa: 0x56553724
Kod wyjątku: 0x80000003
Przesunięcie błędu: 0x0000000000151c4f
Identyfikator procesu powodującego błąd: 0x258
Godzina uruchomienia aplikacji powodującej błąd: 0xSearchUI.exe0
Ścieżka aplikacji powodującej błąd: SearchUI.exe1
Ścieżka modułu powodującego błąd: SearchUI.exe2
Identyfikator raportu: SearchUI.exe3
Pełna nazwa pakietu powodującego błąd: SearchUI.exe4
Identyfikator aplikacji względem pakietu powodującego błąd: SearchUI.exe5
Error: (12/27/2015 02:44:52 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: 23-Komputer)
Description: Aktywacja aplikacji Microsoft.Windows.Cortana_cw5n1h2txyewy!CortanaUI nie powiodła się. Błąd: -2147023170. Więcej informacji można znaleźć w dzienniku Microsoft-Windows-TWinUI/Działa.
System errors:
=============
Error: (12/27/2015 11:22:47 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Usługa Adapter odbiornika Net.Tcp zależy od usługi Usługa udostępniania portów Net.Tcp, której nie można uruchomić z powodu następującego błędu:
%%1058
Error: (12/27/2015 11:22:22 PM) (Source: DCOM) (EventID: 10010) (User: 23-Komputer)
Description: {9BA05972-F6A8-11CF-A442-00A0C90A8F39}
Error: (12/27/2015 11:22:21 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Usługa Dostęp do danych użytkownika_Session1 niespodziewanie zakończyła pracę. Wystąpiło to razy: 1. W przeciągu 10000 milisekund zostanie podjęta następująca czynność korekcyjna: Uruchom usługę ponownie.
Error: (12/27/2015 11:22:21 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Usługa Magazyn danych użytkownika_Session1 niespodziewanie zakończyła pracę. Wystąpiło to razy: 1. W przeciągu 10000 milisekund zostanie podjęta następująca czynność korekcyjna: Uruchom usługę ponownie.
Error: (12/27/2015 11:22:21 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Usługa Dane kontaktowe_Session1 niespodziewanie zakończyła pracę. Wystąpiło to razy: 1. W przeciągu 10000 milisekund zostanie podjęta następująca czynność korekcyjna: Uruchom usługę ponownie.
Error: (12/27/2015 11:22:21 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Usługa Synchronizuj hosta_Session1 niespodziewanie zakończyła pracę. Wystąpiło to razy: 1. W przeciągu 10000 milisekund zostanie podjęta następująca czynność korekcyjna: Uruchom usługę ponownie.
Error: (12/27/2015 02:45:41 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Usługa Adapter odbiornika Net.Tcp zależy od usługi Usługa udostępniania portów Net.Tcp, której nie można uruchomić z powodu następującego błędu:
%%1058
Error: (12/27/2015 02:45:20 PM) (Source: DCOM) (EventID: 10005) (User: ZARZĄDZANIE NT)
Description: 1084dpsNiedostępny{DDCFD26B-FEED-44CD-B71D-79487D2E5E5A}
Error: (12/27/2015 02:45:07 PM) (Source: DCOM) (EventID: 10005) (User: 23-Komputer)
Description: 1084ShellHWDetectionNiedostępny{DD522ACC-F821-461A-A407-50B198B896DC}
Error: (12/27/2015 02:45:04 PM) (Source: DCOM) (EventID: 10005) (User: ZARZĄDZANIE NT)
Description: 1084dpsNiedostępny{DDCFD26B-FEED-44CD-B71D-79487D2E5E5A}
==================== Memory info ===========================
Processor: Intel(R) Core(TM) i7 CPU M 640 @ 2.80GHz
Percentage of memory in use: 62%
Total physical RAM: 3887.43 MB
Available physical RAM: 1450.46 MB
Total Virtual: 7855.43 MB
Available Virtual: 5229.27 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:222.85 GB) (Free:142.53 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 223.6 GB) (Disk ID: DC3E8E25)
Partition 1: (Active) - (Size=283 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=222.9 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=450 MB) - (Type=27)
==================== End of Addition.txt ============================