Additional scan result of Farbar Recovery Scan Tool (x64) Version:04-07-2015 Ran by Justyna_B at 2015-07-04 22:24:43 Running from C:\Users\Justyna_B\Downloads Boot Mode: Normal ========================================================== ==================== Accounts: ============================= Administrator (S-1-5-21-3691044786-844057909-788077212-500 - Administrator - Disabled) Gość (S-1-5-21-3691044786-844057909-788077212-501 - Limited - Disabled) Justyna_B (S-1-5-21-3691044786-844057909-788077212-1001 - Administrator - Enabled) => C:\Users\Justyna_B ==================== Security Center ======================== (If an entry is included in the fixlist, it will be removed.) AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B} AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736} ==================== Installed Programs ====================== (Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.) Adobe Photoshop Elements 11 (HKLM-x32\...\Adobe Photoshop Elements 11) (Version: 11.0 - Adobe Systems Incorporated) Adobe Reader X (10.1.3) MUI (HKLM-x32\...\{AC76BA86-7AD7-FFFF-7B44-AA0000000001}) (Version: 10.1.3 - Adobe Systems Incorporated) Apple Mobile Device Support (HKLM\...\{C4123106-B685-48E6-B9BD-E4F911841EB4}) (Version: 8.1.1.3 - Apple Inc.) Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.) Avast Free Antivirus (HKLM-x32\...\Avast) (Version: 10.2.2218 - AVAST Software) Bitcasa version 0.9.20.4135 (HKLM\...\{EDA09459-AD7D-4434-BA0C-647F6703EA12}_is1) (Version: 0.9.20.4135 - Bitcasa Inc.) Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.) CyberLink Power2Go 8 (HKLM-x32\...\InstallShield_{2A87D48D-3FDF-41fd-97CD-A1E370EFFFE2}) (Version: 8.0.0.1912 - CyberLink Corp.) CyberLink PowerDVD 10 (HKLM-x32\...\InstallShield_{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}) (Version: 10.0.4421.02 - CyberLink Corp.) D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden Easy File Share (HKLM-x32\...\{A7C37D4B-F37A-42E8-9B6A-B28C18AD4C12}) (Version: 1.3.6 - Samsung Electronics CO.,LTD.) Elements 11 Organizer (x32 Version: 11.0 - Adobe Systems Incorporated) Hidden E-POP (HKLM-x32\...\{F06DD8D9-9DC8-430C-835C-C9BF21E05CC1}) (Version: 1.0.1 - Samsung Electronics CO., LTD.) Fotogalerie (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden Galeria fotografii (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden Galerie de photos (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden GamesDesktop 008.005010002 (HKLM-x32\...\gmsd_pl_005010002_is1) (Version: - GAMESDESKTOP) <==== ATTENTION Google Chrome (HKLM-x32\...\Google Chrome) (Version: 43.0.2357.124 - Google Inc.) Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden Google Update Helper (x32 Version: 1.3.27.5 - Google Inc.) Hidden Help Desk (HKLM\...\{22B32087-797D-4A1B-AFA7-072C87580ADC}) (Version: 1.0.9 - Samsung Electronics CO., LTD.) Huawei E3272 (HKLM-x32\...\Huawei E3272) (Version: 22.001.20.03.1202 - Huawei Technologies Co.,Ltd) Infonaut 1.10.0.14 (HKLM-x32\...\Infonaut_1.10.0.14) (Version: 1.10.0.14 - Infonaut) <==== ATTENTION Intel AppUp(SM) center (HKLM-x32\...\Intel AppUp(SM) center 33070) (Version: 3.6.1.33070.11 - Intel) Intel(R) Manageability Engine Firmware Recovery Agent (HKLM-x32\...\{A6C48A9F-694A-4234-B3AA-62590B668927}) (Version: 1.0.0.36843 - Intel Corporation) Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.1.30.1349 - Intel Corporation) Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3368 - Intel Corporation) Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 11.7.0.1013 - Intel Corporation) Intel(R) SDK for OpenCL - CPU Only Runtime Package (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 2.0.0.37149 - Intel Corporation) iTunes (HKLM\...\{D227565A-0033-40AD-89BA-653A205CDC11}) (Version: 12.1.1.4 - Apple Inc.) Microsoft Office Professional Plus 2013 - pl-pl (HKLM\...\ProPlusRetail - pl-pl) (Version: 15.0.4719.1002 - Microsoft Corporation) Microsoft OneDrive (HKU\S-1-5-21-3691044786-844057909-788077212-1001\...\OneDriveSetup.exe) (Version: 17.3.5860.0512 - Microsoft Corporation) Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.40416.0 - Microsoft Corporation) Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation) Movie Maker (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden Norton Online Backup (HKLM-x32\...\{40A66DF6-22D3-44B5-A7D3-83B118A2C0DC}) (Version: 2.2.3.51 - Symantec Corporation) Norton Online Backup ARA (x32 Version: 4.1.0.14 - Symantec Corporation) Hidden Obsługa programów Apple (32-bitowa) (HKLM-x32\...\{447CDCE5-F555-429B-BFA6-642C3C6D684F}) (Version: 3.1.2 - Apple Inc.) Obsługa programów Apple (64-bitowa) (HKLM\...\{0DF7096B-715A-4233-8633-C7A16ED6D616}) (Version: 3.1.2 - Apple Inc.) Office 15 Click-to-Run Extensibility Component (x32 Version: 15.0.4719.1002 - Microsoft Corporation) Hidden Office 15 Click-to-Run Licensing Component (Version: 15.0.4719.1002 - Microsoft Corporation) Hidden Office 15 Click-to-Run Localization Component (x32 Version: 15.0.4719.1002 - Microsoft Corporation) Hidden Opera Stable 30.0.1835.88 (HKLM-x32\...\Opera 30.0.1835.88) (Version: 30.0.1835.88 - Opera Software) Phone Screen Sharing (HKLM-x32\...\{DF02C515-40B5-45AC-A601-5DC69D03885C}) (Version: 1.0.0.1 - RSUPPORT) Podstawowe programy Windows Live (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden Polski pakiet językowy dla narzędzi Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - PLK) (Version: 10.0.50903 - Microsoft Corporation) PSE11 STI Installer (x32 Version: 11.0 - Adobe Systems Incorporated) Hidden Qualcomm Atheros Bluetooth Suite (64) (HKLM\...\{A84A4FB1-D703-48DB-89E0-68B6499D2801}) (Version: 8.0.0.220 - Qualcomm Atheros Communications) Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.4.907.2012 - Realtek) Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6818 - Realtek Semiconductor Corp.) Recovery (HKLM-x32\...\{145DE957-0679-4A2A-BB5C-1D3E9808FAB2}) (Version: 6.0.9.5 - Samsung Electronics CO., LTD.) Remote Desktop Access (VuuPC) (HKLM-x32\...\VOPackage) (Version: 1.0.0.0 - CMI Limited) <==== ATTENTION S Agent (Version: 1.1.30 - Samsung Electronics CO., LTD.) Hidden Samsung Kies (HKLM-x32\...\InstallShield_{758C8301-2696-4855-AF45-534B1200980A}) (Version: 2.5.2.13021_11 - Samsung Electronics Co., Ltd.) Samsung Kies (x32 Version: 2.5.2.13021_11 - Samsung Electronics Co., Ltd.) Hidden SAMSUNG USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.16.0 - SAMSUNG Electronics Co., Ltd.) Settings (HKLM-x32\...\{8CB5C357-12E5-41B1-A024-D57D4E6F32D9}) (Version: 2.0.1 - Samsung Electronics CO., LTD.) Setup (HKLM-x32\...\{7ADF667E-E14D-4D2C-827C-B0108F0D93BC}) (Version: - ) Side Sync (HKLM-x32\...\{34BEB782-66B1-4772-8E3E-71B758BA848B}) (Version: 1.0.2 - Samsung Electronics CO., LTD.) SmartWeb (HKLM-x32\...\SmartWeb) (Version: 8.0.9 - SoftBrain Technologies Ltd.) <==== ATTENTION Software Version Updater (HKLM-x32\...\{99C91FC5-DB5B-4AA0-BB70-5D89C5A4DF96}) (Version: 1.1.4.2 - ) Support Center (HKLM\...\{25B191F6-A277-478F-90CA-88B76D5A08BD}) (Version: 2.1.70 - Samsung Electronics CO., LTD.) Support Center FAQ (x32 Version: 1.0.8 - Samsung Electronics CO., LTD.) Hidden SW Update (HKLM-x32\...\{DC4F83F3-CAF0-4347-97A4-D6B43D7E34F0}) (Version: 2.1.7 - Samsung Electronics CO., LTD.) Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 19.0.11.1 - Synaptics Incorporated) User Guide (HKLM-x32\...\{A6C17C20-4464-4A2A-968D-684C083B9424}) (Version: 1.0.00 - Samsung Electronics CO., LTD.) Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3503.0728 - Microsoft Corporation) WinRAR 5.21 (32-bit) (HKLM-x32\...\WinRAR archiver) (Version: 5.21.0 - win.rar GmbH) ==================== Custom CLSID (Whitelisted): ========================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) CustomCLSID: HKU\S-1-5-21-3691044786-844057909-788077212-1001_Classes\CLSID\{F8071786-1FD0-4A66-81A1-3CBE29274458}\InprocServer32 -> C:\Users\Justyna_B\AppData\Local\Microsoft\OneDrive\17.3.5860.0512\amd64\FileSyncApi64.dll (Microsoft Corporation) ==================== Restore Points ========================= 31-05-2015 21:06:00 Zaplanowany punkt kontrolny 01-06-2015 22:10:32 avast! antivirus system restore point 06-06-2015 14:03:37 Windows Update 10-06-2015 17:21:42 Windows Update 15-06-2015 13:50:19 Removed User Guide ==================== Hosts content: =============================== (If needed Hosts: directive could be included in the fixlist to reset Hosts.) 2013-08-22 15:25 - 2013-08-22 15:25 - 00000824 ____A C:\WINDOWS\system32\Drivers\etc\hosts ==================== Scheduled Tasks (Whitelisted) ============= (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) Task: {09E76DE9-9D44-44D7-AF37-9B045BFBC7D1} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2015-04-14] (Microsoft Corporation) Task: {0B670CBA-F238-49F9-8F28-DFC986AF1D6E} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2015-06-15] (Microsoft Corporation) Task: {0E4F941D-7F7F-48D9-B17D-0DF767C9F1A1} - System32\Tasks\APSnotifierPP1 => C:\Program Files (x86)\AnyProtectEx\AnyProtect.exe <==== ATTENTION Task: {140FCBEE-914D-4BEE-9BDC-B0AACEF49B9F} - System32\Tasks\APSnotifierPP3 => C:\Program Files (x86)\AnyProtectEx\AnyProtect.exe <==== ATTENTION Task: {27447873-2243-48D3-A173-2B3A18F8F958} - System32\Tasks\advRecovery => C:\Program Files\Samsung\Recovery\WCScheduler.exe [2013-02-13] (SEC) Task: {2994A88B-6DA6-4210-A99C-6F81DC9EFDD0} - System32\Tasks\SideSyncAutoRun => C:\Program Files (x86)\Samsung\Side Sync\SideSync.exe [2013-03-09] (Samsung Electronics CO., LTD.) Task: {2FCB9A49-9BA0-4EB0-B289-4C31AA5DFED6} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2015-06-01] (Avast Software s.r.o.) Task: {3001522A-C0D9-4455-82C3-F226D787BFC0} - System32\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d-Logon => C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\Bootstrap.exe [2012-09-13] (Intel Corporation) Task: {3199AF7E-BF31-412F-ACAA-F790296696CB} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office 15\root\Office15\msoia.exe [2015-02-03] (Microsoft Corporation) Task: {5C1CF3FC-6055-4FB4-BFF6-38859503620E} - System32\Tasks\Microsoft Office 15 Sync Maintenance for Justyna-Justyna_B Justyna => C:\Program Files\Microsoft Office 15\Root\Office15\MsoSync.exe [2015-03-10] (Microsoft Corporation) Task: {687811CD-3F04-4818-9030-72B6DFEEA513} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2015-04-14] (Microsoft Corporation) Task: {71EB89B3-D449-4BA5-B641-30D787E35574} - System32\Tasks\Settings => C:\Program Files (x86)\Samsung\Settings\sSettings.exe [2013-02-01] (Samsung Electronics CO., LTD.) Task: {77343147-7402-4E68-989F-067C3B463A84} - System32\Tasks\SAgent => C:\Program Files\Samsung\S Agent\CommonAgent.exe [2013-02-13] (Samsung Electronics CO., LTD.) Task: {8106B03B-D9A3-4782-A627-E44ECA0B8928} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesCommonx86\Microsoft Shared\OFFICE15\OLicenseHeartbeat.exe [2015-05-19] (Microsoft Corporation) Task: {83751509-BBE3-4FFF-8FFD-163F465131BA} - System32\Tasks\Opera scheduled Autoupdate 1427831528 => C:\Program Files (x86)\Opera\launcher.exe [2015-06-19] (Opera Software) Task: {8897A8F2-23ED-43DD-93E4-E8E3CF2C66CA} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-01-17] (Google Inc.) Task: {AFDC230F-C5D0-497B-BB9D-273AB9782F9D} - System32\Tasks\AmiUpdXp => C:\Users\Justyna_B\AppData\Local\22362\Updater.exe [2015-06-15] () <==== ATTENTION Task: {BA5E8BE9-CCD4-4547-BEE8-E9EE4096422F} - System32\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d => C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\Bootstrap.exe [2012-09-13] (Intel Corporation) Task: {C9218CC0-5B66-4E10-8CF2-19FBD38912FF} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office 15\root\Office15\msoia.exe [2015-02-03] (Microsoft Corporation) Task: {D3C535B5-7402-4CA8-BF57-BC428EF69C39} - System32\Tasks\Microsoft OneDrive Auto Update Task-S-1-5-21-3691044786-844057909-788077212-1001 => %localappdata%\Microsoft\OneDrive\OneDrive.exe Task: {D57399C5-74FF-4F8F-91FA-E94ACFE911F7} - System32\Tasks\{B2A2C458-05A7-4173-8959-E008A5BD1B89} => pcalua.exe -a C:\Users\Justyna_B\AppData\Roaming\mystartsearch\UninstallManager.exe -c -ptid=cvs Task: {E1418142-648D-49DA-9EB1-FBA08AE4E78F} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-01-17] (Google Inc.) Task: {EB1B1C62-CEB3-44E6-88E3-A8F3047BF7E7} - System32\Tasks\APSnotifierPP2 => C:\Program Files (x86)\AnyProtectEx\AnyProtect.exe <==== ATTENTION Task: C:\WINDOWS\Tasks\AmiUpdXp.job => C:\Users\Justyna_B\AppData\Local\22362\Updater.exe <==== ATTENTION Task: C:\WINDOWS\Tasks\APSnotifierPP1.job => C:\Program Files (x86)\AnyProtectEx\AnyProtect.exe <==== ATTENTION Task: C:\WINDOWS\Tasks\APSnotifierPP2.job => C:\Program Files (x86)\AnyProtectEx\AnyProtect.exe <==== ATTENTION Task: C:\WINDOWS\Tasks\APSnotifierPP3.job => C:\Program Files (x86)\AnyProtectEx\AnyProtect.exe <==== ATTENTION Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: C:\WINDOWS\Tasks\Synaptics TouchPad Enhancements.job => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe ==================== Loaded Modules (Whitelisted) ============== 2015-02-13 05:20 - 2015-02-13 05:20 - 00085832 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll 2015-02-13 05:20 - 2015-02-13 05:20 - 01346344 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll 2015-01-17 12:43 - 2014-05-20 09:19 - 00105640 _____ () C:\Program Files\Microsoft Office 15\ClientX64\ApiClient.dll 2015-01-17 12:36 - 2013-11-04 11:22 - 00241232 _____ () C:\ProgramData\MobileBrServ\mbbservice.exe 2015-06-15 13:30 - 2015-06-15 13:30 - 00297472 _____ () C:\Users\Justyna_B\AppData\Roaming\1F6C8DF6-1434367793-1407-9FC5-5FD5CA091744\nse5761.tmpfs 2013-02-01 03:52 - 2013-02-01 03:52 - 00085040 _____ () C:\Program Files (x86)\Samsung\Settings\CmdServer\EasySettingsCmdServer.exe 2015-06-15 13:42 - 2015-06-13 12:57 - 03307464 _____ () C:\Users\Justyna_B\AppData\Local\gmsd_pl_005010002\upgmsd_pl_005010002.exe 2015-05-09 10:56 - 2015-05-09 10:56 - 00183296 _____ () C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20856_x64__8wekyb3d8bbwe\ErrorReporting.dll 2013-01-24 17:09 - 2013-01-24 17:09 - 00011264 _____ () C:\Program Files (x86)\Bluetooth Suite\Modules\ActivateDesktopDebugger\ActivateDesktopDebugger.dll 2013-01-24 17:05 - 2013-01-24 17:05 - 00084992 _____ () C:\Program Files (x86)\Bluetooth Suite\Modules\Map\MAP.dll 2013-01-24 17:12 - 2013-01-24 17:12 - 00012928 _____ () C:\Program Files (x86)\Bluetooth Suite\ActivateDesktop.exe 2014-03-20 08:53 - 2014-03-20 08:53 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll 2015-06-15 13:42 - 2015-06-13 12:57 - 03984040 _____ () C:\Program Files (x86)\gmsd_pl_005010002\gmsd_pl_005010002.exe 2013-02-13 07:16 - 2013-02-13 07:16 - 00022528 _____ () C:\Program Files\Samsung\S Agent\ToastX64.dll 2013-03-09 14:59 - 2013-01-27 07:40 - 00673280 _____ () C:\Program Files\Samsung\Recovery\Clonix.UC.dll 2013-03-09 14:59 - 2013-01-27 07:40 - 00892416 _____ () C:\Program Files\Samsung\Recovery\Clonix.UC.Res.dll 2015-07-04 22:16 - 2015-07-04 22:16 - 00708096 _____ () C:\Users\Justyna_B\AppData\Local\Temp\is-8EA6G.tmp\majmp_gentleeu.tmp 2015-06-01 22:12 - 2015-06-01 22:12 - 00104400 _____ () C:\Program Files\AVAST Software\Avast\log.dll 2015-06-01 22:12 - 2015-06-01 22:12 - 00081728 _____ () C:\Program Files\AVAST Software\Avast\JsonRpcServer.dll 2015-06-17 11:53 - 2015-06-17 11:53 - 02952704 _____ () C:\Program Files\AVAST Software\Avast\defs\15061700\algo.dll 2015-07-04 22:20 - 2015-07-04 22:20 - 02956288 _____ () C:\Program Files\AVAST Software\Avast\defs\15070401\algo.dll 2013-03-09 12:47 - 2013-01-14 20:25 - 01200088 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\ACE.dll 2013-02-01 03:52 - 2013-02-01 03:52 - 00029232 _____ () C:\Program Files (x86)\Samsung\Settings\CmdServer\EasySettingsCmdWrapper.dll 2013-02-01 03:52 - 2013-02-01 03:52 - 01106480 _____ () C:\Program Files (x86)\Samsung\Settings\CmdServer\EasySettingsCmd.dll 2013-02-01 03:52 - 2013-02-01 03:52 - 00111152 _____ () C:\Program Files (x86)\Samsung\Settings\CmdServer\EasySettingsBase.dll 2013-02-01 03:52 - 2013-02-01 03:52 - 00056440 _____ () C:\Program Files (x86)\Samsung\Settings\CmdServer\HookDllPS2.dll 2013-02-01 03:52 - 2013-02-01 03:52 - 00211064 _____ () C:\Program Files (x86)\Samsung\Settings\CmdServer\WinCRT.dll 2013-02-01 03:52 - 2013-02-01 03:52 - 00027184 _____ () C:\Program Files (x86)\Samsung\Settings\EasySettingsAPI.dll 2013-02-01 03:52 - 2013-02-01 03:52 - 00111152 _____ () C:\Program Files (x86)\Samsung\Settings\EasySettingsBase.dll 2013-02-01 03:52 - 2013-02-01 03:52 - 00060976 _____ () C:\Program Files (x86)\Samsung\Settings\EasyMovieEnhancer.dll 2013-02-01 03:52 - 2013-02-01 03:52 - 00103472 _____ () C:\Program Files (x86)\Samsung\Settings\EasySettingsCmdClient.dll 2013-03-09 14:53 - 2012-06-08 05:34 - 00627216 _____ () C:\Program Files (x86)\CyberLink\Power2Go8\CLMediaLibrary.dll 2012-06-08 04:34 - 2012-06-08 04:34 - 00016400 _____ () C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvcPS.dll 2015-03-14 13:14 - 2015-03-14 13:14 - 40540672 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll 2013-03-09 21:58 - 2013-03-09 21:58 - 00192048 _____ () C:\Program Files (x86)\Samsung\Side Sync\SideSyncNetworkFramework.dll 2015-06-10 16:59 - 2015-06-05 20:22 - 01281864 _____ () C:\Program Files (x86)\Google\Chrome\Application\43.0.2357.124\libglesv2.dll 2015-06-10 16:59 - 2015-06-05 20:22 - 00080712 _____ () C:\Program Files (x86)\Google\Chrome\Application\43.0.2357.124\libegl.dll 2015-06-10 16:59 - 2015-06-05 20:22 - 15003464 _____ () C:\Program Files (x86)\Google\Chrome\Application\43.0.2357.124\PepperFlash\pepflashplayer.dll ==================== Alternate Data Streams (Whitelisted) ========= (If an entry is included in the fixlist, only the ADS will be removed.) AlternateDataStreams: C:\Users\Justyna_B\OneDrive:ms-properties ==================== Safe Mode (Whitelisted) =================== (If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.) ==================== EXE Association (Whitelisted) =============== (If an entry is included in the fixlist, the registry item will be restored to default or removed.) ==================== Internet Explorer trusted/restricted =============== (If an entry is included in the fixlist, it will be removed from the registry.) ==================== Other Areas ============================ (Currently there is no automatic fix for this section.) HKU\S-1-5-21-3691044786-844057909-788077212-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Justyna_B\Pictures\cartoonybeatles-171347.jpeg DNS Servers: 62.233.233.233 - 87.204.204.204 ==================== MSCONFIG/TASK MANAGER disabled items == (Currently there is no automatic fix for this section.) ==================== FirewallRules (Whitelisted) =============== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139 FirewallRules: [{69DBD8FD-CF8E-429C-AB3B-B674DC7856AB}] => (Allow) C:\Users\Justyna_B\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe FirewallRules: [{A5C984FE-851B-4BE5-9452-7C388470BFEA}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\outlook.exe FirewallRules: [{5EE9F6C9-8FF1-4BC6-A2B1-94A8888052F4}] => (Allow) LPort=1900 FirewallRules: [{5E35E377-6FF6-41FA-A5F7-B55070B803B6}] => (Allow) LPort=2869 FirewallRules: [{D9560C4A-43ED-4C2B-89C1-ADB5207A5BEC}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe FirewallRules: [{C1292173-0F6F-434B-87EE-CF6A511CEDD7}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD10\PowerDVD10.EXE FirewallRules: [{C99A8F10-391A-403B-895B-5C9EEF64EEA4}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD10\PowerDVD Cinema\PowerDVDCinema10.exe FirewallRules: [{BB46DD48-19EB-42D1-87D9-EA0A9247B4A8}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\Lync.exe FirewallRules: [{4FBD4436-5A5D-4D6A-82AF-77ED1E3EB0C9}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\UcMapi.exe FirewallRules: [{F76F6BAC-9963-4A53-BFE4-72FA9844C715}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe FirewallRules: [{974CA980-DFCA-45FA-9F77-D617BD53FC6B}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe FirewallRules: [{EC70944B-255E-48E6-9636-13D7B6508322}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe FirewallRules: [{EB191E02-4561-454D-ACB8-D9D8777890B7}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe FirewallRules: [{1B9C03C6-8453-497A-BD77-78A426820119}] => (Allow) C:\Program Files\iTunes\iTunes.exe FirewallRules: [{777AFCAE-0968-4379-828E-5EB2D197DEAE}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\Lync.exe FirewallRules: [{4941B3D6-8582-44A4-A743-17CC4C042905}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\UcMapi.exe FirewallRules: [{EDAA7660-0F25-458D-9EE8-69B9FF2BBD92}] => (Allow) C:\Program Files\AVAST Software\Avast\ng\vbox\aswFe.exe FirewallRules: [{2878C0D5-B608-49B3-8169-F000E97C4916}] => (Allow) C:\Program Files\AVAST Software\Avast\ng\vbox\aswFe.exe FirewallRules: [{E4663656-BF13-47E4-B6DC-CB8BD89814C4}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe ==================== Faulty Device Manager Devices ============= Name: Bluetooth Audio Device Description: Bluetooth Audio Device Class Guid: {4d36e96c-e325-11ce-bfc1-08002be10318} Manufacturer: Qualcomm Atheros Communications Service: BTATH_A2DP Problem: : This device cannot start. (Code10) Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device. On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard. Name: Virtual Bluetooth Support (Include Audio) Description: Virtual Bluetooth Support (Include Audio) Class Guid: {c7c038ad-1f2d-44d4-b2fe-d912be20e6d5} Manufacturer: Qualcomm Atheros Communications Service: AthBTPort Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31) Resolution: Update the driver Name: Bluetooth LWFLT Device Description: Bluetooth LWFLT Device Class Guid: {c7c038ad-1f2d-44d4-b2fe-d912be20e6d5} Manufacturer: Qualcomm Atheros Communications Service: BTATH_LWFLT Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31) Resolution: Update the driver ==================== Event log errors: ========================= Application errors: ================== Error: (06/18/2015 11:11:36 AM) (Source: SideBySide) (EventID: 35) (User: ) Description: Nie można wygenerować kontekstu aktywacji dla "UccApi,processorArchitecture="AMD64",type="win32",version="15.0.0.0"1". Błąd w pliku manifestu lub w pliku zasad "UccApi,processorArchitecture="AMD64",type="win32",version="15.0.0.0"2" w wierszu UccApi,processorArchitecture="AMD64",type="win32",version="15.0.0.0"3. Tożsamość składnika znaleziona w manifeście nie odpowiada tożsamości składnika żądanego. Odwołanie to UccApi,processorArchitecture="AMD64",type="win32",version="15.0.0.0". Definicja to UccApi,processorArchitecture="x86",type="win32",version="15.0.0.0". Użyj narzędzia sxstrace.exe, aby uzyskać szczegółową diagnozę. Error: (06/18/2015 11:11:36 AM) (Source: SideBySide) (EventID: 35) (User: ) Description: Nie można wygenerować kontekstu aktywacji dla "UccApi,processorArchitecture="AMD64",type="win32",version="15.0.0.0"1". Błąd w pliku manifestu lub w pliku zasad "UccApi,processorArchitecture="AMD64",type="win32",version="15.0.0.0"2" w wierszu UccApi,processorArchitecture="AMD64",type="win32",version="15.0.0.0"3. Tożsamość składnika znaleziona w manifeście nie odpowiada tożsamości składnika żądanego. Odwołanie to UccApi,processorArchitecture="AMD64",type="win32",version="15.0.0.0". Definicja to UccApi,processorArchitecture="x86",type="win32",version="15.0.0.0". Użyj narzędzia sxstrace.exe, aby uzyskać szczegółową diagnozę. Error: (06/18/2015 05:57:06 AM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: m->NextScheduledSPRetry 21628047 Error: (06/18/2015 05:57:06 AM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: m->NextScheduledEvent 21628047 Error: (06/18/2015 05:57:06 AM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: Continuously busy for more than a second Error: (06/18/2015 05:56:58 AM) (Source: Application Error) (EventID: 1000) (User: ) Description: Nazwa aplikacji powodującej błąd: EasySettingsCmdServer.exe, wersja: 0.0.0.0, sygnatura czasowa: 0x510b1e6a Nazwa modułu powodującego błąd: EasySettingsBase.dll, wersja: 0.0.0.0, sygnatura czasowa: 0x510b1e29 Kod wyjątku: 0xc0000005 Przesunięcie błędu: 0x00001f7b Identyfikator procesu powodującego błąd: 0x1890 Godzina uruchomienia aplikacji powodującej błąd: 0xEasySettingsCmdServer.exe0 Ścieżka aplikacji powodującej błąd: EasySettingsCmdServer.exe1 Ścieżka modułu powodującego błąd: EasySettingsCmdServer.exe2 Identyfikator raportu: EasySettingsCmdServer.exe3 Pełna nazwa pakietu powodującego błąd: EasySettingsCmdServer.exe4 Identyfikator aplikacji względem pakietu powodującego błąd: EasySettingsCmdServer.exe5 Error: (06/18/2015 05:56:54 AM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: m->NextScheduledSPRetry 21616140 Error: (06/18/2015 05:56:54 AM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: m->NextScheduledEvent 21616140 Error: (06/18/2015 05:56:54 AM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: Continuously busy for more than a second Error: (06/18/2015 05:56:47 AM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: m->NextScheduledSPRetry 21608687 System errors: ============= Error: (06/18/2015 11:09:28 AM) (Source: Microsoft-Windows-NDIS) (EventID: 10317) (User: ) Description: Miniport: Remote NDIS based Internet Sharing Device, {9CAAB4FF-8979-4820-9A37-909938777A84}, zdarzenie: 74 Error: (06/17/2015 11:22:55 PM) (Source: Microsoft-Windows-NDIS) (EventID: 10317) (User: ZARZĄDZANIE NT) Description: Miniport: Remote NDIS based Internet Sharing Device, {9CAAB4FF-8979-4820-9A37-909938777A84}, zdarzenie: 74 Error: (06/17/2015 06:45:33 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Nie można uruchomić usługi VBoxAsw Support Driver z powodu następującego błędu: %%3 Error: (06/17/2015 11:56:26 AM) (Source: DCOM) (EventID: 10010) (User: JUSTYNA) Description: {14286318-B6CF-49A1-81FC-D74AD94902F9} Error: (06/17/2015 11:52:28 AM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Nie można uruchomić usługi VBoxAsw Support Driver z powodu następującego błędu: %%3 Error: (06/17/2015 11:51:04 AM) (Source: Service Control Manager) (EventID: 7023) (User: ) Description: Usługa Wstępne ładowanie do pamięci zakończyła działanie; wystąpił następujący błąd: %%1062 Error: (06/17/2015 11:50:44 AM) (Source: DCOM) (EventID: 10010) (User: JUSTYNA) Description: {4AA0A5C4-1B9B-4F2E-99D7-99C6AEC83474} Error: (06/17/2015 11:50:44 AM) (Source: DCOM) (EventID: 10010) (User: JUSTYNA) Description: {4AA0A5C4-1B9B-4F2E-99D7-99C6AEC83474} Error: (06/17/2015 10:10:31 AM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Nie można uruchomić usługi VBoxAsw Support Driver z powodu następującego błędu: %%3 Error: (06/17/2015 09:30:34 AM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Nie można uruchomić usługi VBoxAsw Support Driver z powodu następującego błędu: %%3 Microsoft Office: ========================= Error: (06/18/2015 11:11:36 AM) (Source: SideBySide) (EventID: 35) (User: ) Description: UccApi,processorArchitecture="AMD64",type="win32",version="15.0.0.0"UccApi,processorArchitecture="x86",type="win32",version="15.0.0.0"C:\Program Files\Microsoft Office 15\root\office15\lync.exe.ManifestC:\Program Files\Microsoft Office 15\root\office15\UccApi.DLL1 Error: (06/18/2015 11:11:36 AM) (Source: SideBySide) (EventID: 35) (User: ) Description: UccApi,processorArchitecture="AMD64",type="win32",version="15.0.0.0"UccApi,processorArchitecture="x86",type="win32",version="15.0.0.0"C:\Program Files\Microsoft Office 15\root\office15\lync.exe.ManifestC:\Program Files\Microsoft Office 15\root\office15\UccApi.DLL1 Error: (06/18/2015 05:57:06 AM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: m->NextScheduledSPRetry 21628047 Error: (06/18/2015 05:57:06 AM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: m->NextScheduledEvent 21628047 Error: (06/18/2015 05:57:06 AM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: Continuously busy for more than a second Error: (06/18/2015 05:56:58 AM) (Source: Application Error) (EventID: 1000) (User: ) Description: EasySettingsCmdServer.exe0.0.0.0510b1e6aEasySettingsBase.dll0.0.0.0510b1e29c000000500001f7b189001d0a94879340bbdC:\Program Files (x86)\Samsung\Settings\CmdServer\EasySettingsCmdServer.exeC:\Program Files (x86)\Samsung\Settings\CmdServer\EasySettingsBase.dll10a4262f-156e-11e5-beb2-1867b0763484 Error: (06/18/2015 05:56:54 AM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: m->NextScheduledSPRetry 21616140 Error: (06/18/2015 05:56:54 AM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: m->NextScheduledEvent 21616140 Error: (06/18/2015 05:56:54 AM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: Continuously busy for more than a second Error: (06/18/2015 05:56:47 AM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: m->NextScheduledSPRetry 21608687 CodeIntegrity Errors: =================================== Date: 2015-06-02 00:26:47.737 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements. ==================== Memory info =========================== Processor: Intel(R) Core(TM) i3-3120M CPU @ 2.50GHz Percentage of memory in use: 58% Total physical RAM: 3969.91 MB Available physical RAM: 1664.85 MB Total Virtual: 9601.91 MB Available Virtual: 7069.06 MB ==================== Drives ================================ Drive c: () (Fixed) (Total:196.13 GB) (Free:150.85 GB) NTFS Drive d: (Moje) (Fixed) (Total:244.14 GB) (Free:229.45 GB) NTFS ==================== MBR & Partition Table ================== ==================== End of log ============================