Additional scan result of Farbar Recovery Scan Tool (x64) Version: 25-08-2014 Ran by Marcin at 2014-08-26 07:50:30 Running from C:\Users\Marcin\Downloads Boot Mode: Safe Mode (with Networking) ========================================================== ==================== Security Center ======================== (If an entry is included in the fixlist, it will be removed.) AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AV: Norton Internet Security (Disabled - Out of date) {D87FA2C0-F526-77B1-D6EC-0EDF3936CEDB} AS: Norton Internet Security (Disabled - Out of date) {631E4324-D31C-783F-EC5C-35AD42B18466} AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} FW: Norton Internet Security (Disabled) {E04423E5-BF49-76E9-FDB3-A7EAC7E589A0} ==================== Installed Programs ====================== (Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.) µTorrent (HKCU\...\uTorrent) (Version: 3.4.1.30888 - BitTorrent Inc.) Adobe Flash Player 14 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 14.0.0.145 - Adobe Systems Incorporated) Adobe Reader X (10.1.10) MUI (HKLM-x32\...\{AC76BA86-7AD7-FFFF-7B44-AA0000000001}) (Version: 10.1.10 - Adobe Systems Incorporated) AVG PC TuneUp 2014 (HKLM-x32\...\AVG PC TuneUp) (Version: 14.0.1001.215 - AVG) AVG PC TuneUp 2014 (pl-PL) (x32 Version: 14.0.1001.215 - AVG) Hidden AVG PC TuneUp 2014 (x32 Version: 14.0.1001.215 - AVG) Hidden BitComet Packages (HKCU\...\BitComet Packages) (Version: - ) <==== ATTENTION blueconnect (HKLM-x32\...\{A9E5EDA7-2E6C-49E7-924B-A32B89C24A04}) (Version: 1.0.0.2 - ) CCleaner (HKLM\...\CCleaner) (Version: 4.12 - Piriform) CyberLink Power2Go 8 (HKLM-x32\...\InstallShield_{2A87D48D-3FDF-41fd-97CD-A1E370EFFFE2}) (Version: 8.0.0.1912 - CyberLink Corp.) CyberLink Power2Go 8 (x32 Version: 8.0.0.1912 - CyberLink Corp.) Hidden CyberLink PowerDVD 10 (HKLM-x32\...\InstallShield_{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}) (Version: 10.0.4421.02 - CyberLink Corp.) CyberLink PowerDVD 10 (x32 Version: 10.0.4421.02 - CyberLink Corp.) Hidden D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden Easy File Share (HKLM-x32\...\{A7C37D4B-F37A-42E8-9B6A-B28C18AD4C12}) (Version: 1.3.4 - Samsung Electronics CO.,LTD.) E-POP (HKLM-x32\...\{F06DD8D9-9DC8-430C-835C-C9BF21E05CC1}) (Version: 1.0.1 - Samsung Electronics CO., LTD.) ETDWare PS/2-X64 11.7.2.1_WHQL (HKLM\...\Elantech) (Version: 11.7.2.1 - ELAN Microelectronic Corp.) Galeria fotografii (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden Galerie de photos (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden Google Chrome (HKLM-x32\...\Google Chrome) (Version: 35.0.1916.114 - Google Inc.) Help Desk (HKLM\...\{18BB06D9-8518-48E5-88F7-5AE1DF02546B}) (Version: 1.0.6 - Samsung Electronics CO., LTD.) Intel AppUp(SM) center (HKLM-x32\...\Intel AppUp(SM) center 33070) (Version: 3.6.1.33070.11 - Intel) Intel(R) Manageability Engine Firmware Recovery Agent (HKLM-x32\...\{A6C48A9F-694A-4234-B3AA-62590B668927}) (Version: 1.0.0.36702 - Intel Corporation) Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.1.0.1252 - Intel Corporation) Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3316 - Intel Corporation) Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 11.5.2.1001 - Intel Corporation) Intel(R) SDK for OpenCL - CPU Only Runtime Package (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 2.0.0.37149 - Intel Corporation) Intel® Trusted Connect Service Client (Version: 1.24.388.1 - Intel Corporation) Hidden Internet Manager (HKLM-x32\...\Internet Manager) (Version: 22.001.18.11.49 - Huawei Technologies Co.,Ltd) Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden Microsoft Office (HKLM-x32\...\{95140000-0070-0000-0000-0000000FF1CE}) (Version: 14.0.6120.5004 - Microsoft Corporation) Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30214.0 - Microsoft Corporation) Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Movie Maker (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden Movies Toolbar for Firefox (Dist. by Bandoo Media, Inc.) (HKLM-x32\...\ilividmoviestoolbarhaFF) (Version: 1.6.2.0 - APN LLC) <==== ATTENTION Movies Toolbar for Internet Explorer (Dist. by Bandoo Media, Inc.) (HKLM-x32\...\ilividmoviestoolbarhaIE) (Version: 1.6.2.0 - APN LLC) <==== ATTENTION Mozilla Firefox 31.0 (x86 pl) (HKLM-x32\...\Mozilla Firefox 31.0 (x86 pl)) (Version: 31.0 - Mozilla) Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 29.0.1 - Mozilla) Mozilla Thunderbird 24.6.0 (x86 pl) (HKLM-x32\...\Mozilla Thunderbird 24.6.0 (x86 pl)) (Version: 24.6.0 - Mozilla) MSVC90_x64 (Version: 1.0.1.2 - Nokia) Hidden MSVC90_x86 (x32 Version: 1.0.1.2 - Nokia) Hidden MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) Hidden MSVCRT110 (x32 Version: 16.4.1108.0727 - Microsoft) Hidden MSVCRT110_amd64 (Version: 16.4.1108.0727 - Microsoft) Hidden NapiProjekt (2.2.0.2399) (HKLM-x32\...\NapiProjekt_is1) (Version: - ) Nokia Connectivity Cable Driver (HKLM-x32\...\{A57025CC-5F2E-4D01-B387-06DB10500D43}) (Version: 7.1.78.0 - Nokia) Norton Internet Security (HKLM-x32\...\NIS) (Version: 20.5.0.28 - Symantec Corporation) Norton Online Backup (HKLM-x32\...\{40A66DF6-22D3-44B5-A7D3-83B118A2C0DC}) (Version: 2.2.3.51 - Symantec Corporation) Norton Online Backup ARA (x32 Version: 4.1.0.14 - Symantec Corporation) Hidden NVIDIA Control Panel 305.46 (Version: 305.46 - NVIDIA Corporation) Hidden NVIDIA Graphics Driver 305.46 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 305.46 - NVIDIA Corporation) NVIDIA Install Application (Version: 2.1002.82.513 - NVIDIA Corporation) Hidden NVIDIA Optimus 1.10.8 (Version: 1.10.8 - NVIDIA Corporation) Hidden NVIDIA PhysX (x32 Version: 9.12.0613 - NVIDIA Corporation) Hidden NVIDIA PhysX System Software 9.12.0613 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.12.0613 - NVIDIA Corporation) NVIDIA Update Components (Version: 1.10.8 - NVIDIA Corporation) Hidden Pakiet sterowników systemu Windows - Nokia pccsmcfd LegacyDriver (05/31/2012 7.1.2.0) (HKLM\...\62BBD193ADFDBB228C7E1ADB56463F5732FF7F6F) (Version: 05/31/2012 7.1.2.0 - Nokia) PC Connectivity Solution (HKLM-x32\...\{644F4910-E812-49AD-93EC-86828CB81A0D}) (Version: 12.0.27.0 - Nokia) PC Data App (HKLM-x32\...\PCData App) (Version: - ) <==== ATTENTION Photo Common (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden Photo Gallery (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden Picasa 3 (HKLM-x32\...\Picasa 3) (Version: 3.9 - Google, Inc.) Podstawowe programy Windows Live (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3503.0728 - Microsoft Corporation) Podstawowe programy Windows Live (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden Qualcomm Atheros Bluetooth Suite (64) (HKLM\...\{A84A4FB1-D703-48DB-89E0-68B6499D2801}) (Version: 8.0.0.206 - Qualcomm Atheros Communications) Qualcomm Atheros Client Installation Program (HKLM-x32\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 10.0 - Qualcomm Atheros) Ralink RT2870 Wireless LAN Card (HKLM-x32\...\{28DA7D8B-F9A4-4F18-8AA0-551B1E084D0D}) (Version: 1.5.25.9 - Ralink) Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.2.612.2012 - Realtek) Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6699 - Realtek Semiconductor Corp.) Recovery (HKLM-x32\...\{145DE957-0679-4A2A-BB5C-1D3E9808FAB2}) (Version: 6.0.6.5 - Samsung Electronics CO., LTD.) S Agent (Version: 1.0.7 - Samsung Electronics CO., LTD.) Hidden Settings (HKLM-x32\...\{52E5DE60-C96B-42CC-9A37-FE04725940AE}) (Version: 2.0.0 - Samsung Electronics CO., LTD.) SiteFinder (HKLM-x32\...\SiteFinder) (Version: 1.0.0.0 - SiteFinder) <==== ATTENTION Support Center (HKLM\...\{73280CF7-9471-4FB6-B018-E5FD7A09F1AF}) (Version: 2.0.13 - Samsung Electronics CO., LTD.) Support Center FAQ (x32 Version: 1.0.5 - Samsung Electronics CO., LTD.) Hidden SW Update (HKLM-x32\...\{403BBE15-C64E-429A-9652-1C4EFF327457}) (Version: 2.0.20 - Samsung Electronics CO., LTD.) Trans 4.1.0.3290 (HKLM-x32\...\Trans_is1) (Version: 4.1.0.3290 - Logintrans Sp z o.o.) Truck Tycoon (HKLM-x32\...\{DF465208-E97B-4DFB-AADA-82394195DF08}) (Version: 1.00.000 - ) Unity Web Player (HKCU\...\UnityWebPlayer) (Version: - Unity Technologies ApS) Update_for_BonanzaDeals (HKCU\...\Bonanza) (Version: - Update_for_BonanzaDeals) <==== ATTENTION User Guide (HKLM-x32\...\{9914AD8E-C0D6-420D-BEF6-40BF4DEDE3BA}) (Version: 1.2.00 - Samsung Electronics CO., LTD.) VLC media player 2.0.5 (HKLM-x32\...\VLC media player) (Version: 2.0.5 - VideoLAN) Windows Driver Package - Samsung Electronics Co. Ltd. (RadioHIDMini) HIDClass (07/27/2012 20.57.1.735) (HKLM\...\9F04C462DAB591BDCCE784F77E4D4F1736010B92) (Version: 07/27/2012 20.57.1.735 - Samsung Electronics Co. Ltd.) Windows Live (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden Windows Live Communications Platform (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden Windows Live Essentials (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden Windows Live Installer (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden Windows Live Photo Common (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden Windows Live PIMT Platform (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden Windows Live SOXE (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden Windows Live SOXE Definitions (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden Windows Live UX Platform (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden Windows Live UX Platform Language Pack (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden WinRAR 5.00 (64-bitowy) (HKLM\...\WinRAR archiver) (Version: 5.00.0 - win.rar GmbH) Zapp 5.7 (HKLM-x32\...\{7dd964ce-bd82-4752-80e4-5ab17ee135bf}_is1) (Version: 5.7 - SimplyTech LTD) ==================== Custom CLSID (selected items): ========================== (If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.) ==================== Restore Points ========================= 10-07-2014 07:45:24 Removed PC Connectivity Solution 20-07-2014 15:32:40 Zaplanowany punkt kontrolny ==================== Hosts content: ========================== (If needed Hosts: directive could be included in the fixlist to reset Hosts.) 2013-08-22 15:25 - 2013-08-22 15:25 - 00000824 ____N C:\WINDOWS\system32\Drivers\etc\hosts ==================== Scheduled Tasks (whitelisted) ============= (If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.) Task: {05293577-D647-4185-B859-C94839A0B2E3} - System32\Tasks\Microsoft\Windows\SettingSync\NetworkStateChangeTask Task: {07FB6D90-2E17-4757-BFC7-1CD90D4A9ED1} - System32\Tasks\SWUpdateAgent => C:\Program Files (x86)\Samsung\SW Update\SWMAgent.exe [2012-09-18] (Samsung Electronics CO., LTD.) Task: {09DA31ED-416A-4A1A-AD41-456DC4DC62F1} - System32\Tasks\Adobe Flash Player Updater => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-07-09] (Adobe Systems Incorporated) Task: {0B545118-B563-42FC-8D07-B78F602FCF34} - System32\Tasks\Microsoft\Windows\WS\WSRefreshBannedAppsListTask => Rundll32.exe WSClient.dll,RefreshBannedAppsList Task: {142FD38F-ED2D-4EEE-A7BA-84EB6398F899} - System32\Tasks\SystemSockets\SystemSockets => C:\Program Files (x86)\ZappAddon\WBrokerSockets.exe Task: {1B108594-4193-474A-B6C8-E68345ADCE9A} - System32\Tasks\TuneUpUtilities_Task_BkGndMaintenance2013 => C:\Program Files (x86)\AVG PC TuneUp 2014\OneClick.exe [2013-10-12] (AVG) Task: {1CA67A58-A7DF-4662-AFE2-81D2DB3269EB} - System32\Tasks\Microsoft\Windows\WOF\WIM-Hash-Validation Task: {2085BF56-520D-4951-B7C0-DF34AF90CC6A} - System32\Tasks\Microsoft\Windows\Sysmain\WsSwapAssessmentTask => Rundll32.exe sysmain.dll,PfSvWsSwapAssessmentTask Task: {267FFA45-8E8C-4443-A5BA-1D963675C0E0} - System32\Tasks\WLANStartup => C:\Program Files (x86)\Samsung\Easy Settings\WLANStartup.exe Task: {2C9C0C6C-2A74-46F2-858A-4389D253EAD0} - System32\Tasks\Microsoft\Windows\Sysmain\HybridDriveCachePrepopulate Task: {352E6CA0-7314-4DF4-89C4-682368D80D57} - System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join => C:\Windows\System32\AutoWorkplace.exe [2013-08-22] (Microsoft Corporation) Task: {3B6D8A73-F20B-4C93-B8FB-56A154F172D2} - System32\Tasks\Microsoft\Windows\Time Zone\SynchronizeTimeZone => C:\Windows\system32\tzsync.exe [2013-08-22] (Microsoft Corporation) Task: {3BCEC2F9-FEEE-4944-A938-D48F97F4CC60} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: {3D977004-A3BB-4CCF-B19F-BCE8E412649E} - System32\Tasks\Norton WSC Integration => C:\Program Files (x86)\Norton Internet Security\Engine\20.5.0.28\WSCStub.exe [2014-04-29] (Symantec Corporation) Task: {49754026-21E1-41FC-94FD-727AFE414FE7} - System32\Tasks\Microsoft\Windows\Sysmain\HybridDriveCacheRebalance Task: {4E497AFF-DC6E-4CD7-BFF4-36985A293A5D} - System32\Tasks\Settings => C:\Program Files (x86)\Samsung\Settings\sSettings.exe [2012-09-05] (Samsung Electronics CO., LTD.) Task: {4F1DBFD1-BF78-4767-A3B7-655235FCC916} - System32\Tasks\advRecovery => C:\Program Files\Samsung\Recovery\WCScheduler.exe [2012-09-17] (SEC) Task: {53F50FF4-4370-44A6-87F4-51D31FB367F7} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-03-18] (Piriform Ltd) Task: {5D0A8EC8-3A5A-44AF-9EBA-BAAB2AF722A5} - System32\Tasks\Microsoft\Windows\WOF\WIM-Hash-Management Task: {68E833C3-D93C-4B1B-93A1-00DD0F14C92E} - System32\Tasks\Microsoft\Windows\DiskFootprint\Diagnostics Task: {696DF319-EDDF-490F-B021-182D1FDBA618} - System32\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d-Logon => C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\Bootstrap.exe [2012-06-14] (Intel Corporation) Task: {6AA91E8C-DDBD-4979-8464-4062F7681A19} - System32\Tasks\Microsoft\Windows\Plug and Play\Plug and Play Cleanup Task: {6BBF5716-0C56-43FB-8252-E66D805E933C} - System32\Tasks\SAgent => C:\Program Files\Samsung\S Agent\CommonAgent.exe [2012-08-17] (Samsung Electronics CO., LTD.) Task: {6DFCB649-0769-4F83-BB10-F60F235F6D3D} - System32\Tasks\Microsoft\Windows\SkyDrive\Idle Sync Maintenance Task Task: {73B1B253-CE67-4501-AE1A-377DD1D68B65} - System32\Tasks\Microsoft\Windows\Application Experience\StartupAppTask => Rundll32.exe Startupscan.dll,SusRunTask Task: {77F1D869-6E65-4079-A2A0-E2023408EF97} - System32\Tasks\Microsoft\Windows\ApplicationData\CleanupTemporaryState => Rundll32.exe Windows.Storage.ApplicationData.dll,CleanupTemporaryState Task: {872D0E53-FD2E-41E3-B431-698AF82882CE} - System32\Tasks\Microsoft\Windows\SkyDrive\Routine Maintenance Task Task: {8CC813C9-712A-41EF-9512-B233444FC669} - System32\Tasks\Microsoft\Windows\AppxDeploymentClient\Pre-staged app cleanup => Rundll32.exe %windir%\system32\AppxDeploymentClient.dll,AppxPreStageCleanupRunTask Task: {9F33E40B-5071-4F32-A0AB-8304681CCEDE} - System32\Tasks\Microsoft\Windows\Shell\FamilySafetyUpload Task: {9FF4C139-5234-410C-B7FA-23EE2FD2AB53} - System32\Tasks\Microsoft\Windows\Work Folders\Work Folders Maintenance Work Task: {A84DE864-01D2-485D-883E-CF67382AFDE2} - System32\Tasks\Norton Internet Security\Norton Error Processor => C:\Program Files (x86)\Norton Internet Security\Engine\20.5.0.28\SymErr.exe [2013-06-04] (Symantec Corporation) Task: {AB5A4210-B3EE-40B7-9475-D14611510841} - System32\Tasks\Microsoft\Windows\WindowsUpdate\Scheduled Start With Network => Sc.exe start wuauserv Task: {C165D0E5-762F-4B92-9F94-52760A333595} - System32\Tasks\Norton Internet Security\Norton Error Analyzer => C:\Program Files (x86)\Norton Internet Security\Engine\20.5.0.28\SymErr.exe [2013-06-04] (Symantec Corporation) Task: {C84B8717-73C6-4AD0-BBD8-38820BC03227} - System32\Tasks\Bonanza => C:\Users\Marcin\AppData\Roaming\Bonanza\UPDATE~1\UPDATE~1.EXE [2013-04-30] () <==== ATTENTION Task: {CB935C20-C3F1-40BE-8552-666DAB6F3AC3} - System32\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d => C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\Bootstrap.exe [2012-06-14] (Intel Corporation) Task: {CFD7C21A-808B-487B-A6EC-8A10E44E8360} - System32\Tasks\Microsoft\Windows\SettingSync\BackupTask Task: {D88FEC9E-A82A-46F9-87E2-B6B97B301C1A} - System32\Tasks\Microsoft\Windows\WS\License Validation => Rundll32.exe WSClient.dll,WSpTLR licensing Task: {DA46820F-FF8A-4B5E-A6B2-B12185DCFFFB} - System32\Tasks\Microsoft\Windows\Work Folders\Work Folders Logon Synchronization Task: {DA7C4DD5-52EF-4A1B-990C-DE660EE8B18B} - System32\Tasks\Browser Updater\Zapp Browser Updater => C:\Program Files (x86)\ZappAddon\tbupdater.exe Task: {E6D378FA-E068-4BCB-80DE-56D43A249507} - System32\Tasks\Microsoft\Windows\RecoveryEnvironment\VerifyWinRE Task: {F87E2532-B9B6-4781-AD5B-5F4461F0CD4C} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: {FA21F97A-E820-49C6-86C0-424B027C26A6} - System32\Tasks\Microsoft\Windows\DiskCleanup\SilentCleanup => C:\Windows\system32\cleanmgr.exe [2014-02-22] (Microsoft Corporation) Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe Task: C:\WINDOWS\Tasks\AmiUpdXp.job => C:\Users\Marcin\AppData\Local\15640\a1627.exe <==== ATTENTION Task: C:\WINDOWS\Tasks\APSnotifierPP1.job => C:\Program Files (x86)\AnyProtectEx\AnyProtect.exe <==== ATTENTION Task: C:\WINDOWS\Tasks\APSnotifierPP2.job => C:\Program Files (x86)\AnyProtectEx\AnyProtect.exe <==== ATTENTION Task: C:\WINDOWS\Tasks\APSnotifierPP3.job => C:\Program Files (x86)\AnyProtectEx\AnyProtect.exe <==== ATTENTION Task: C:\WINDOWS\Tasks\BlockAndSurf Update.job => C:\Program Files (x86)\di7BlockAndSurf\E6BlockAndSurfs35.exe <==== ATTENTION Task: C:\WINDOWS\Tasks\BlockAndSurf_wd.job => C:\Program Files (x86)\di7BlockAndSurf\T9BlockAndSurfm.exe <==== ATTENTION Task: C:\WINDOWS\Tasks\Bonanza.job => C:\Users\Marcin\AppData\Roaming\Bonanza\UPDATE~1\UPDATE~1.EXE <==== ATTENTION Task: C:\WINDOWS\Tasks\Digital Sites.job => C:\Users\Marcin\AppData\Roaming\DIGITA~1\UPDATE~1\UPDATE~1.EXE <==== ATTENTION Task: C:\WINDOWS\Tasks\DigitalSite.job => C:\Users\Marcin\AppData\Roaming\DigitalSite\UpdateProc\UpdateTask.exe <==== ATTENTION Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: C:\WINDOWS\Tasks\Update Bonanza.job => C:\Users\Marcin\AppData\Roaming\UPDATE~1\UPDATE~1\UPDATE~1.EXE <==== ATTENTION ==================== Loaded Modules (whitelisted) ============= 2014-05-26 13:47 - 2014-05-14 01:40 - 00716616 _____ () C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.114\libglesv2.dll 2014-05-26 13:47 - 2014-05-14 01:40 - 00126280 _____ () C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.114\libegl.dll 2014-05-26 13:47 - 2014-05-14 01:40 - 04217672 _____ () C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.114\pdf.dll 2014-05-26 13:47 - 2014-05-14 01:40 - 00414536 _____ () C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.114\ppGoogleNaClPluginChrome.dll 2014-05-26 13:47 - 2014-05-14 01:40 - 01732424 _____ () C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.114\ffmpegsumo.dll ==================== Safe Mode (whitelisted) =================== (If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.) HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Option => "OptionValue"="2" ==================== EXE Association (whitelisted) ============= (If an entry is included in the fixlist, the default will be restored. None default entries will be removed.) ==================== MSCONFIG/TASK MANAGER disabled items ========= (Currently there is no automatic fix for this section.) ==================== Faulty Device Manager Devices ============= Name: Qualcomm Atheros AR3012 Bluetooth 4.0 + HS Description: Qualcomm Atheros AR3012 Bluetooth 4.0 + HS Class Guid: {e0cbf06c-cd8b-4647-bb8a-263b43f0f974} Manufacturer: Qualcomm Atheros Communications Service: BTHUSB Problem: : This device is disabled. (Code 22) Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions. ==================== Event log errors: ========================= Application errors: ================== Error: (08/26/2014 07:35:45 AM) (Source: Application Hang) (EventID: 1002) (User: ) Description: Program LiveComm.exe w wersji 17.5.9600.20498 przestał współpracować z systemem Windows i został zamknięty. Aby sprawdzić, czy jest dostępnych więcej informacji na temat tego problemu, sprawdź historię problemu w aplecie Centrum akcji w Panelu sterowania. Identyfikator procesu: ff8 Godzina rozpoczęcia: 01cfc0eedf1a2b3c Godzina zakończenia: 4294967295 Ścieżka aplikacji: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20498_x64__8wekyb3d8bbwe\LiveComm.exe Identyfikator raportu: d29a4a26-2ce2-11e4-bf01-50b7c381962d Pełna nazwa pakietu powodującego błąd: microsoft.windowscommunicationsapps_17.5.9600.20498_x64__8wekyb3d8bbwe Identyfikator aplikacji względem pakietu powodującego błąd: ppleae38af2e007f4358a809ac99a64a67c1 Error: (08/26/2014 07:30:21 AM) (Source: System Restore) (EventID: 8193) (User: ) Description: Nie można utworzyć punktu przywracania (Proces = C:\WINDOWS\system32\msiexec.exe /V; Opis = Removed Norton Online Backup; Błąd = 0x80070005). Error: (08/26/2014 07:21:27 AM) (Source: Application Hang) (EventID: 1002) (User: ) Description: Program LiveComm.exe w wersji 17.5.9600.20498 przestał współpracować z systemem Windows i został zamknięty. Aby sprawdzić, czy jest dostępnych więcej informacji na temat tego problemu, sprawdź historię problemu w aplecie Centrum akcji w Panelu sterowania. Identyfikator procesu: 878 Godzina rozpoczęcia: 01cfc0ecdf517197 Godzina zakończenia: 4294967295 Ścieżka aplikacji: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20498_x64__8wekyb3d8bbwe\LiveComm.exe Identyfikator raportu: d2d7014b-2ce0-11e4-bf01-50b7c381962d Pełna nazwa pakietu powodującego błąd: microsoft.windowscommunicationsapps_17.5.9600.20498_x64__8wekyb3d8bbwe Identyfikator aplikacji względem pakietu powodującego błąd: ppleae38af2e007f4358a809ac99a64a67c1 Error: (08/26/2014 07:19:42 AM) (Source: Windows Search Service) (EventID: 1006) (User: ) Description: Usługa Windows Search nie może utworzyć nowego indeksu wyszukiwania. Błąd wewnętrzny <4, 0x80070005, Nie można dodać projektu: C:\ProgramData\Microsoft\Search\Data\Applications\Windows\Projects>. Error: (08/26/2014 07:16:47 AM) (Source: Windows Search Service) (EventID: 1006) (User: ) Description: Usługa Windows Search nie może utworzyć nowego indeksu wyszukiwania. Błąd wewnętrzny <4, 0x80070005, Nie można dodać projektu: C:\ProgramData\Microsoft\Search\Data\Applications\Windows\Projects>. Error: (08/26/2014 07:15:58 AM) (Source: Application Hang) (EventID: 1002) (User: ) Description: Program LiveComm.exe w wersji 17.5.9600.20498 przestał współpracować z systemem Windows i został zamknięty. Aby sprawdzić, czy jest dostępnych więcej informacji na temat tego problemu, sprawdź historię problemu w aplecie Centrum akcji w Panelu sterowania. Identyfikator procesu: d74 Godzina rozpoczęcia: 01cfc0ec1a385ab7 Godzina zakończenia: 4294967295 Ścieżka aplikacji: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20498_x64__8wekyb3d8bbwe\LiveComm.exe Identyfikator raportu: 0eb46312-2ce0-11e4-bf01-50b7c381962d Pełna nazwa pakietu powodującego błąd: microsoft.windowscommunicationsapps_17.5.9600.20498_x64__8wekyb3d8bbwe Identyfikator aplikacji względem pakietu powodującego błąd: ppleae38af2e007f4358a809ac99a64a67c1 Error: (08/26/2014 07:11:51 AM) (Source: Windows Search Service) (EventID: 1006) (User: ) Description: Usługa Windows Search nie może utworzyć nowego indeksu wyszukiwania. Błąd wewnętrzny <4, 0x80070005, Nie można dodać projektu: C:\ProgramData\Microsoft\Search\Data\Applications\Windows\Projects>. Error: (08/26/2014 07:11:01 AM) (Source: Windows Search Service) (EventID: 1006) (User: ) Description: Usługa Windows Search nie może utworzyć nowego indeksu wyszukiwania. Błąd wewnętrzny <4, 0x80070005, Nie można dodać projektu: C:\ProgramData\Microsoft\Search\Data\Applications\Windows\Projects>. Error: (08/26/2014 07:10:52 AM) (Source: Windows Search Service) (EventID: 1006) (User: ) Description: Usługa Windows Search nie może utworzyć nowego indeksu wyszukiwania. Błąd wewnętrzny <4, 0x80070005, Nie można dodać projektu: C:\ProgramData\Microsoft\Search\Data\Applications\Windows\Projects>. Error: (08/26/2014 07:07:20 AM) (Source: Application Error) (EventID: 1000) (User: ) Description: Nazwa aplikacji powodującej błąd: SWMAgent.exe, wersja: 2.0.19.51, sygnatura czasowa: 0x50583562 Nazwa modułu powodującego błąd: SWMAgent.exe, wersja: 2.0.19.51, sygnatura czasowa: 0x50583562 Kod wyjątku: 0x40000015 Przesunięcie błędu: 0x001b312b Identyfikator procesu powodującego błąd: 0xfa4 Godzina uruchomienia aplikacji powodującej błąd: 0xSWMAgent.exe0 Ścieżka aplikacji powodującej błąd: SWMAgent.exe1 Ścieżka modułu powodującego błąd: SWMAgent.exe2 Identyfikator raportu: SWMAgent.exe3 Pełna nazwa pakietu powodującego błąd: SWMAgent.exe4 Identyfikator aplikacji względem pakietu powodującego błąd: SWMAgent.exe5 System errors: ============= Error: (08/26/2014 07:50:18 AM) (Source: DCOM) (EventID: 10005) (User: ARKA-MARCIN) Description: 1084WSearchNiedostępny{9E175B6D-F52A-11D8-B9A5-505054503030} Error: (08/26/2014 07:50:18 AM) (Source: DCOM) (EventID: 10005) (User: ARKA-MARCIN) Description: 1084ShellHWDetectionNiedostępny{DD522ACC-F821-461A-A407-50B198B896DC} Error: (08/26/2014 07:48:11 AM) (Source: DCOM) (EventID: 10005) (User: ARKA-MARCIN) Description: 1084WSearchNiedostępny{9E175B6D-F52A-11D8-B9A5-505054503030} Error: (08/26/2014 07:48:06 AM) (Source: DCOM) (EventID: 10005) (User: ARKA-MARCIN) Description: 1084WSearchNiedostępny{9E175B6D-F52A-11D8-B9A5-505054503030} Error: (08/26/2014 07:48:06 AM) (Source: DCOM) (EventID: 10005) (User: ARKA-MARCIN) Description: 1084ShellHWDetectionNiedostępny{DD522ACC-F821-461A-A407-50B198B896DC} Error: (08/26/2014 07:48:00 AM) (Source: DCOM) (EventID: 10005) (User: ARKA-MARCIN) Description: 1084WSearchNiedostępny{9E175B6D-F52A-11D8-B9A5-505054503030} Error: (08/26/2014 07:48:00 AM) (Source: DCOM) (EventID: 10005) (User: ARKA-MARCIN) Description: 1084ShellHWDetectionNiedostępny{DD522ACC-F821-461A-A407-50B198B896DC} Error: (08/26/2014 07:47:44 AM) (Source: DCOM) (EventID: 10005) (User: ARKA-MARCIN) Description: 1084WSearchNiedostępny{9E175B6D-F52A-11D8-B9A5-505054503030} Error: (08/26/2014 07:47:40 AM) (Source: DCOM) (EventID: 10005) (User: ARKA-MARCIN) Description: 1084WSearchNiedostępny{9E175B6D-F52A-11D8-B9A5-505054503030} Error: (08/26/2014 07:47:40 AM) (Source: DCOM) (EventID: 10005) (User: ARKA-MARCIN) Description: 1084ShellHWDetectionNiedostępny{DD522ACC-F821-461A-A407-50B198B896DC} Microsoft Office Sessions: ========================= Error: (08/26/2014 07:35:45 AM) (Source: Application Hang) (EventID: 1002) (User: ) Description: LiveComm.exe17.5.9600.20498ff801cfc0eedf1a2b3c4294967295C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20498_x64__8wekyb3d8bbwe\LiveComm.exed29a4a26-2ce2-11e4-bf01-50b7c381962dmicrosoft.windowscommunicationsapps_17.5.9600.20498_x64__8wekyb3d8bbweppleae38af2e007f4358a809ac99a64a67c1 Error: (08/26/2014 07:30:21 AM) (Source: System Restore) (EventID: 8193) (User: ) Description: C:\WINDOWS\system32\msiexec.exe /VRemoved Norton Online Backup0x80070005 Error: (08/26/2014 07:21:27 AM) (Source: Application Hang) (EventID: 1002) (User: ) Description: LiveComm.exe17.5.9600.2049887801cfc0ecdf5171974294967295C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20498_x64__8wekyb3d8bbwe\LiveComm.exed2d7014b-2ce0-11e4-bf01-50b7c381962dmicrosoft.windowscommunicationsapps_17.5.9600.20498_x64__8wekyb3d8bbweppleae38af2e007f4358a809ac99a64a67c1 Error: (08/26/2014 07:19:42 AM) (Source: Windows Search Service) (EventID: 1006) (User: ) Description: 40x80070005Nie można dodać projektu: C:\ProgramData\Microsoft\Search\Data\Applications\Windows\Projects Error: (08/26/2014 07:16:47 AM) (Source: Windows Search Service) (EventID: 1006) (User: ) Description: 40x80070005Nie można dodać projektu: C:\ProgramData\Microsoft\Search\Data\Applications\Windows\Projects Error: (08/26/2014 07:15:58 AM) (Source: Application Hang) (EventID: 1002) (User: ) Description: LiveComm.exe17.5.9600.20498d7401cfc0ec1a385ab74294967295C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20498_x64__8wekyb3d8bbwe\LiveComm.exe0eb46312-2ce0-11e4-bf01-50b7c381962dmicrosoft.windowscommunicationsapps_17.5.9600.20498_x64__8wekyb3d8bbweppleae38af2e007f4358a809ac99a64a67c1 Error: (08/26/2014 07:11:51 AM) (Source: Windows Search Service) (EventID: 1006) (User: ) Description: 40x80070005Nie można dodać projektu: C:\ProgramData\Microsoft\Search\Data\Applications\Windows\Projects Error: (08/26/2014 07:11:01 AM) (Source: Windows Search Service) (EventID: 1006) (User: ) Description: 40x80070005Nie można dodać projektu: C:\ProgramData\Microsoft\Search\Data\Applications\Windows\Projects Error: (08/26/2014 07:10:52 AM) (Source: Windows Search Service) (EventID: 1006) (User: ) Description: 40x80070005Nie można dodać projektu: C:\ProgramData\Microsoft\Search\Data\Applications\Windows\Projects Error: (08/26/2014 07:07:20 AM) (Source: Application Error) (EventID: 1000) (User: ) Description: SWMAgent.exe2.0.19.5150583562SWMAgent.exe2.0.19.515058356240000015001b312bfa401cfc0eb9d24c84dC:\Program Files (x86)\Samsung\SW Update\SWMAgent.exeC:\Program Files (x86)\Samsung\SW Update\SWMAgent.exedaf7b429-2cde-11e4-bf01-50b7c381962d CodeIntegrity Errors: =================================== Date: 2014-08-26 07:29:51.464 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2014-08-26 07:29:51.175 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2014-08-26 07:29:50.941 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2014-08-26 07:29:50.784 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2014-08-26 07:29:50.624 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2014-08-26 07:29:50.467 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2014-08-26 07:29:50.234 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2014-08-26 07:29:50.071 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2014-08-26 07:29:49.914 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2014-08-26 07:29:49.757 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements. ==================== Memory info =========================== Processor: Intel(R) Core(TM) i3-3110M CPU @ 2.40GHz Percentage of memory in use: 25% Total physical RAM: 3797.48 MB Available physical RAM: 2846.18 MB Total Pagefile: 3797.48 MB Available Pagefile: 2909.29 MB Total Virtual: 131072 MB Available Virtual: 131071.79 MB ==================== Drives ================================ ==================== MBR & Partition Table ================== ======================================================== Disk: 0 (Size: 465.8 GB) (Disk ID: 0D8A3C62) Partition: GPT Partition Type. ==================== End Of Log ============================