Additional scan result of Farbar Recovery Scan Tool (x64) Version:26-07-2015 Ran by J at 2015-07-28 16:37:38 Running from C:\Users\J\Downloads Boot Mode: Normal ========================================================== ==================== Accounts: ============================= Administrator (S-1-5-21-1890577046-1904970765-735041783-500 - Administrator - Disabled) Gość (S-1-5-21-1890577046-1904970765-735041783-501 - Limited - Disabled) J (S-1-5-21-1890577046-1904970765-735041783-1001 - Administrator - Enabled) => C:\Users\J ==================== Security Center ======================== (If an entry is included in the fixlist, it will be removed.) AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} ==================== Installed Programs ====================== (Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.) Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 1.5.3.9120 - Adobe Systems Inc.) Adobe Community Help (HKLM-x32\...\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 3.0.0.400 - Adobe Systems Incorporated) Adobe Creative Suite 5 Master Collection (HKLM-x32\...\{FBB02B04-C034-4382-A3F6-57416E2752C4}) (Version: 5.0 - Adobe Systems Incorporated) Adobe Flash Player 18 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 18.0.0.209 - Adobe Systems Incorporated) Adobe Flash Player 18 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 18.0.0.209 - Adobe Systems Incorporated) Adobe Media Player (HKLM-x32\...\com.adobe.amp.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 1.8 - Adobe Systems Incorporated) Adobe Reader XI (11.0.12) - Polish (HKLM-x32\...\{AC76BA86-7AD7-1045-7B44-AB0000000001}) (Version: 11.0.12 - Adobe Systems Incorporated) Allshare Play Link (HKLM-x32\...\{91786428-D4AA-476D-8AF9-A63FFAC2901F}) (Version: 1.0.0 - Samsung) AMD Catalyst Install Manager (HKLM\...\{C2956908-53A3-88FC-B795-B16508296FC4}) (Version: 8.0.916.0 - Advanced Micro Devices, Inc.) Brother MFL-Pro Suite DCP-J105 (HKLM-x32\...\{B742757A-7658-4E09-A51A-085CF0F7F4D3}) (Version: 1.0.0.0 - Brother Industries, Ltd.) CCleaner (HKLM\...\CCleaner) (Version: 5.00 - Piriform) CyberLink Power2Go 8 (HKLM-x32\...\InstallShield_{2A87D48D-3FDF-41fd-97CD-A1E370EFFFE2}) (Version: 8.0.0.1912 - CyberLink Corp.) CyberLink PowerDVD 10 (HKLM-x32\...\InstallShield_{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}) (Version: 10.0.4421.02 - CyberLink Corp.) D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden DAEMON Tools Lite (HKLM-x32\...\DAEMON Tools Lite) (Version: 4.49.1.0356 - Disc Soft Ltd) Easy File Share (HKLM-x32\...\{A7C37D4B-F37A-42E8-9B6A-B28C18AD4C12}) (Version: 1.3.4 - Samsung Electronics CO.,LTD.) E-POP (HKLM-x32\...\{F06DD8D9-9DC8-430C-835C-C9BF21E05CC1}) (Version: 1.0.1 - Samsung Electronics CO., LTD.) FileZilla Client 3.9.0.6 (HKLM-x32\...\FileZilla Client) (Version: 3.9.0.6 - Tim Kosse) Fotosizer 2.09 (HKLM-x32\...\Fotosizer) (Version: 2.09.0.548 - Fotosizer.com) Galeria fotografii (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden Galerie de photos (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden Help Desk (HKLM\...\{C85A891D-7AB4-46AE-84F0-B0C3FAC82280}) (Version: 1.0.4 - Samsung Electronics CO., LTD.) HP LaserJet Professional P1100-P1560-P1600 Series (HKLM\...\HP LaserJet Professional P1100-P1560-P1600 Series) (Version: - ) hppLaserJetService (x32 Version: 001.001.0.0 - Hewlett-Packard) Hidden hppP1100P1560P1600SeriesLaserJetService (x32 Version: 001.001.0.0 - Hewlett-Packard) Hidden hppusgP1100P1560P1600Series (x32 Version: 1.0.0.1 - Hewlett-Packard) Hidden HPSSupply (HKLM-x32\...\{7902E313-FF0F-4493-ACB1-A8147B78DCD0}) (Version: 2.1.1.0000 - Hewlett Packard Development Company L.P.) Intel AppUp(SM) center (HKLM-x32\...\Intel AppUp(SM) center 33070) (Version: 3.6.1.33070.11 - Intel) Intel(R) Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1008 - Intel Corporation) Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.1.0.1252 - Intel Corporation) Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 11.5.0.1207 - Intel Corporation) Intel(R) Update Manager (HKLM-x32\...\{12914061-EB9B-4AE7-AC7E-0B8A607C7DF4}) (Version: 2.3.1338 - Intel Corporation) LG United Mobile Driver (HKLM-x32\...\{2A3A4BD6-6CE0-4E2A-80D2-1D0FF6ACBFBA}) (Version: 3.8.1 - LG Electronics) Malwarebytes Anti-Malware wersja 2.1.8.1057 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.1.8.1057 - Malwarebytes Corporation) MarketResearch (x32 Version: 130.0.374.000 - Hewlett-Packard) Hidden Microsoft Office Professional Plus 2013 (HKLM\...\Office15.PROPLUS) (Version: 15.0.4569.1506 - Microsoft Corporation) Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.40416.0 - Microsoft Corporation) Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (HKLM-x32\...\{15134cb0-b767-4960-a911-f2d16ae54797}) (Version: 11.0.50727.1 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 (HKLM-x32\...\{22154f09-719a-4619-bb71-5b3356999fbf}) (Version: 11.0.50727.1 - Microsoft Corporation) Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation) MouseServer version 1.3.0.0 (HKLM-x32\...\{E13018F5-FFC7-4729-9C1B-1A85807D03E6}_is1) (Version: 1.3.0.0 - Necta Co.) Movie Maker (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation) MSXML 4.0 SP3 Parser (KB2758694) (HKLM-x32\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation) Narzędzia sprawdzające pakietu Microsoft Office 2013 — polski (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden Opera Stable 30.0.1835.125 (HKLM-x32\...\Opera 30.0.1835.125) (Version: 30.0.1835.125 - Opera Software) PDF Settings CS5 (x32 Version: 10.0 - Adobe Systems Incorporated) Hidden Plants vs. Zombies (HKLM-x32\...\Plants vs. Zombies) (Version: - PopCap Games) Podstawowe programy Windows Live (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden Polski pakiet językowy dla narzędzi Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - PLK) (Version: 10.0.50903 - Microsoft Corporation) PX Profile Update (x32 Version: 1.00.1. - AMD) Hidden Qualcomm Atheros Bluetooth Suite (64) (HKLM\...\{A84A4FB1-D703-48DB-89E0-68B6499D2801}) (Version: 8.0.0.206 - Qualcomm Atheros Communications) Qualcomm Atheros Client Installation Program (HKLM-x32\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 10.0 - Qualcomm Atheros) Quick Starter (HKLM\...\{EC36E2BC-86F7-44C9-84B2-93930F0FBDBF}) (Version: 1.0.0 - Samsung Electronics CO., LTD.) Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.2.612.2012 - Realtek) Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6702 - Realtek Semiconductor Corp.) Realtek USB 2.0 Card Reader (HKLM-x32\...\{96AE7E41-E34E-47D0-AC07-1091A8127911}) (Version: 6.1.8400.39030 - Realtek Semiconductor Corp.) Recovery (HKLM-x32\...\{145DE957-0679-4A2A-BB5C-1D3E9808FAB2}) (Version: 6.0.5.0 - Samsung Electronics CO., LTD.) S Agent (Version: 1.0.7 - Samsung Electronics CO., LTD.) Hidden Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{D82063A8-7C8C-4C3B-A9BB-95138CA55D26}) (Version: - Microsoft) Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (Version: - Microsoft) Hidden Settings (HKLM-x32\...\{52E5DE60-C96B-42CC-9A37-FE04725940AE}) (Version: 2.0.0 - Samsung Electronics CO., LTD.) Support Center (HKLM\...\{3D7275C7-8549-46AF-8B59-82A3EF301B31}) (Version: 2.0.8 - Samsung Electronics CO., LTD.) Support Center FAQ (x32 Version: 1.0.0 - Samsung Electronics CO., LTD.) Hidden SW Update (HKLM-x32\...\{49271148-3C6B-4F2B-B8C9-FFDE243B8FEA}) (Version: 2.0.15 - Samsung Electronics CO., LTD.) Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 18.0.0.0 - Synaptics Incorporated) Update for Skype for Business 2015 (KB2889853) 64-Bit Edition (HKLM\...\{90150000-012B-0415-1000-0000000FF1CE}_Office15.PROPLUS_{CF394926-359E-48E1-AA25-E56B32FCB335}) (Version: - Microsoft) Update for Skype for Business 2015 (KB3054946) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{5280698D-EE40-4A94-9E69-ED2E2B1E12A2}) (Version: - Microsoft) Update for Skype for Business 2015 (KB3054946) 64-Bit Edition (HKLM\...\{90150000-00C1-0000-1000-0000000FF1CE}_Office15.PROPLUS_{5280698D-EE40-4A94-9E69-ED2E2B1E12A2}) (Version: - Microsoft) Update for Skype for Business 2015 (KB3054946) 64-Bit Edition (HKLM\...\{90150000-012B-0415-1000-0000000FF1CE}_Office15.PROPLUS_{5280698D-EE40-4A94-9E69-ED2E2B1E12A2}) (Version: - Microsoft) User Guide (HKLM-x32\...\{66172F70-0BDE-4BAB-A973-E2E4EF501F6D}) (Version: 1.2.00 - Samsung Electronics CO., LTD.) VLC media player (HKLM\...\VLC media player) (Version: 2.1.5 - VideoLAN) Windows Driver Package - Samsung Electronics Co. Ltd. (RadioHIDMini) HIDClass (07/27/2012 20.57.1.735) (HKLM\...\9F04C462DAB591BDCCE784F77E4D4F1736010B92) (Version: 07/27/2012 20.57.1.735 - Samsung Electronics Co. Ltd.) Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3503.0728 - Microsoft Corporation) WinRAR 5.11 (64-bitowy) (HKLM\...\WinRAR archiver) (Version: 5.11.0 - win.rar GmbH) ==================== Custom CLSID (Whitelisted): ========================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) ==================== Restore Points ========================= 06-07-2015 18:19:02 Windows Update 14-07-2015 21:36:39 Windows Update 21-07-2015 20:01:36 Windows Update 25-07-2015 09:47:57 Windows Update 28-07-2015 14:55:40 Zainstalowane Brother Software Suite ==================== Hosts content: =============================== (If needed Hosts: directive could be included in the fixlist to reset Hosts.) 2012-07-26 07:26 - 2014-12-13 00:22 - 00000923 ____A C:\WINDOWS\system32\Drivers\etc\hosts # # This is a sample HOSTS file used by Microsoft TCP/IP for Windows. # # This file contains the mappings of IP addresses to host names. Each # entry should be kept on an individual line. The IP address should # be placed in the first column followed by the corresponding host name. # The IP address and the host name should be separated by at least one # space. # Additionally, comments (such as these) may be inserted on individual # lines or following the machine name denoted by a '#' symbol. # # For example: # # 102.54.94.97 rhino.acme.com # source server # 38.25.63.10 x.acme.com # x client host # localhost name resolution is handled within DNS itself. # 127.0.0.1 localhost # ::1 localhost 127.0.0.1 localhost 127.0.0.1 activate.adobe.com 127.0.0.1 csmg.lgmobile.com 127.0.0.1 practivate.adobe.com ==================== Scheduled Tasks (Whitelisted) ============= (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) Task: {146805B9-D819-4311-A7AB-F49705401CD8} - System32\Tasks\WLANStartup => C:\Program Files (x86)\Samsung\Easy Settings\WLANStartup.exe Task: {163A1C02-A1D6-4A41-8203-D95A884C9667} - System32\Tasks\advRecovery => C:\Program Files\Samsung\Recovery\WCScheduler.exe [2012-08-23] (SEC) Task: {2D7C4608-5839-466C-BF9A-635C704A75FE} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office\Office15\msoia.exe [2014-01-23] (Microsoft Corporation) Task: {326C9A75-8F92-4E6C-86BA-A97FD030AC0A} - System32\Tasks\SWUpdateAgent => C:\Program Files (x86)\Samsung\SW Update\SWMAgent.exe [2012-08-24] (Samsung Electronics CO., LTD.) Task: {3506A887-9D77-495B-821A-8BA16067F631} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473 => C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [2014-02-28] () Task: {3A226C9A-E535-4827-B131-F8847F1AFF1C} - System32\Tasks\{2A91F260-FC85-4C8C-8B9B-F73F1967AE00} => pcalua.exe -a "C:\Program Files (x86)\Omiga Plus\eUninstall.exe" <==== ATTENTION Task: {44F549CF-A8EA-455D-AB27-900476E9A7F3} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473-Logon => C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [2014-02-28] () Task: {515F87CD-3F1F-41C3-B902-67AEDD6D851C} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2015-07-03] (Microsoft Corporation) Task: {51E78103-3603-44BC-9BAA-07FB4EDE95C9} - System32\Tasks\Settings => C:\Program Files (x86)\Samsung\Settings\sSettings.exe [2012-08-26] (Samsung Electronics CO., LTD.) Task: {539F9EBA-DFAD-4591-8D57-1C10F6CD48CC} - System32\Tasks\MakeMarkerFile => %ProgramData%\MakeMarkerFile.exe Task: {6C6B611F-40AF-43F8-A5C6-FE79CE0A8753} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office\Office15\msoia.exe [2014-01-23] (Microsoft Corporation) Task: {74DA4513-BCBC-44BE-9E1F-B83E6DB20166} - \AutoKMS No Task File <==== ATTENTION Task: {8651FBEA-A65B-4219-BBB0-FB5E4B80122D} - System32\Tasks\Opera scheduled Autoupdate 1396899113 => C:\Program Files (x86)\Opera\launcher.exe [2015-07-10] (Opera Software) Task: {86A4E664-CFCB-405C-8638-83C03C70BA37} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-11-21] (Piriform Ltd) Task: {B08F2039-09B9-4E39-AC2A-4EAEBE119914} - System32\Tasks\AdobeAAMUpdater-1.0-Justyna-J => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2010-03-06] (Adobe Systems Incorporated) Task: {BB00CCDF-5868-472E-955A-CA66C864C2B1} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe [2014-01-23] (Microsoft Corporation) Task: {EF4F3440-E4A2-4207-B65E-5ACC5C2A3C61} - System32\Tasks\SAgent => C:\Program Files\Samsung\S Agent\CommonAgent.exe [2012-08-17] (Samsung Electronics CO., LTD.) Task: {F838A278-4252-4033-96B1-0045F71439D3} - System32\Tasks\Adobe Flash Player Updater => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-07-14] (Adobe Systems Incorporated) (If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.) Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe ==================== Loaded Modules (Whitelisted) ============== 2013-05-14 22:53 - 2012-08-31 15:03 - 00288768 _____ () C:\WINDOWS\System32\HP1100LM.DLL 2013-05-14 22:53 - 2012-08-31 15:02 - 00074240 _____ () C:\WINDOWS\system32\spool\PRTPROCS\x64\HP1100PP.DLL 2015-07-28 15:01 - 2005-04-22 06:36 - 00143360 ____R () C:\WINDOWS\system32\BrSNMP64.dll 2012-08-26 11:48 - 2012-08-26 11:48 - 00076920 _____ () C:\Program Files (x86)\Samsung\Settings\CmdServer\EasySettingsCmdServer.exe 2014-05-01 21:29 - 2014-05-01 21:29 - 00098304 _____ () C:\Program Files (x86)\FileZilla FTP Client\fzshellext_64.dll 2012-08-10 11:28 - 2012-08-10 11:28 - 00384128 _____ () C:\Program Files (x86)\Bluetooth Suite\ContactsApi.dll 2012-08-10 11:23 - 2012-08-10 11:23 - 00020992 _____ () C:\Program Files (x86)\Bluetooth Suite\L10n\pl-PL\BtTray.pl-PL.dll 2014-01-25 02:22 - 2014-01-25 02:22 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll 2012-08-24 11:10 - 2012-08-24 11:10 - 04238968 _____ () C:\Program Files\Samsung\Support Center\GuaranaAgent.exe 2012-08-26 11:48 - 2012-08-26 11:48 - 00028280 _____ () C:\Program Files (x86)\Samsung\Settings\CmdServer\EasySettingsCmdWrapper.dll 2012-08-26 11:48 - 2012-08-26 11:48 - 01015416 _____ () C:\Program Files (x86)\Samsung\Settings\CmdServer\EasySettingsCmd.dll 2012-08-26 11:48 - 2012-08-26 11:48 - 00110712 _____ () C:\Program Files (x86)\Samsung\Settings\CmdServer\EasySettingsBase.dll 2012-08-26 11:48 - 2012-08-26 11:48 - 00056440 _____ () C:\Program Files (x86)\Samsung\Settings\CmdServer\HookDllPS2.dll 2012-08-26 11:48 - 2012-08-26 11:48 - 00211064 _____ () C:\Program Files (x86)\Samsung\Settings\CmdServer\WinCRT.dll 2012-08-26 11:48 - 2012-08-26 11:48 - 00026232 _____ () C:\Program Files (x86)\Samsung\Settings\EasySettingsAPI.dll 2012-08-26 11:48 - 2012-08-26 11:48 - 00110712 _____ () C:\Program Files (x86)\Samsung\Settings\EasySettingsBase.dll 2012-08-26 11:48 - 2012-08-26 11:48 - 00029816 _____ () C:\Program Files (x86)\Samsung\Settings\EasyMovieEnhancer.dll 2012-08-26 11:48 - 2012-08-26 11:48 - 00091768 _____ () C:\Program Files (x86)\Samsung\Settings\EasySettingsCmdClient.dll 2015-07-28 14:59 - 2009-02-27 16:38 - 00139264 ____R () C:\Program Files (x86)\Brother\BrUtilities\BrLogAPI.dll 2014-10-24 02:21 - 2014-10-24 02:21 - 00016384 _____ () C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\PSIClient\80a14cd14e9579821dba2282b4349fef\PSIClient.ni.dll 2012-08-31 01:49 - 2012-06-25 19:41 - 01198912 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\ACE.dll 2015-07-14 21:16 - 2015-07-14 21:15 - 00157304 _____ () C:\Program Files (x86)\Opera\30.0.1835.125\message_center_win8.dll 2014-10-16 11:15 - 2014-10-16 11:15 - 00035328 _____ () C:\Program Files (x86)\FileZilla FTP Client\fzshellext.dll 2014-05-24 18:41 - 2014-05-24 18:41 - 00091648 _____ () C:\Program Files (x86)\FileZilla FTP Client\libgcc_s_sjlj-1.dll 2014-05-24 18:41 - 2014-05-24 18:41 - 00892416 _____ () C:\Program Files (x86)\FileZilla FTP Client\libstdc++-6.dll 2015-07-14 21:16 - 2015-07-14 21:15 - 01649272 _____ () C:\Program Files (x86)\Opera\30.0.1835.125\libglesv2.dll 2015-07-14 21:16 - 2015-07-14 21:15 - 00081016 _____ () C:\Program Files (x86)\Opera\30.0.1835.125\libegl.dll ==================== Alternate Data Streams (Whitelisted) ========= (If an entry is included in the fixlist, only the ADS will be removed.) ==================== Safe Mode (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.) ==================== EXE Association (Whitelisted) =============== (If an entry is included in the fixlist, the registry item will be restored to default or removed.) ==================== Internet Explorer trusted/restricted =============== (If an entry is included in the fixlist, it will be removed from the registry.) ==================== Other Areas ============================ (Currently there is no automatic fix for this section.) HKU\S-1-5-21-1890577046-1904970765-735041783-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\J\AppData\Roaming\Microsoft\Windows Photo Viewer\Tapeta z Przeglądarki fotografii systemu Windows.jpg DNS Servers: 192.168.9.1 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1) Windows Firewall is enabled. ==================== MSCONFIG/TASK MANAGER disabled items == (Currently there is no automatic fix for this section.) ==================== FirewallRules (Whitelisted) =============== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139 FirewallRules: [UDP Query User{10533C76-75CE-4FD4-84E7-A2141834BED3}C:\windows\microsoft.net\framework\v2.0.50727\vbc.exe] => (Allow) C:\windows\microsoft.net\framework\v2.0.50727\vbc.exe FirewallRules: [TCP Query User{0A82BC4E-2A40-453D-A25D-CEAD87032BED}C:\windows\microsoft.net\framework\v2.0.50727\vbc.exe] => (Allow) C:\windows\microsoft.net\framework\v2.0.50727\vbc.exe FirewallRules: [{E8B858DE-6DD2-40EC-9EBD-3E79B440C2D6}] => (Allow) LPort=427 FirewallRules: [{6DBC6FC5-DA2D-4977-9273-50BA739AA1FA}] => (Allow) LPort=161 FirewallRules: [{7D666FB6-4BEE-41F8-A481-F378D4FCFD78}] => (Allow) LPort=427 FirewallRules: [{BE3ACCAC-BE5F-47AB-BC3D-BE0D539445E3}] => (Allow) LPort=9100 FirewallRules: [{CCCE024D-0276-4AE7-A308-4DED032E561C}] => (Allow) H:\instalki\LJP1100_P1560_P1600_Full_Solution\ProductInst64.exe FirewallRules: [{B7C99D16-EBED-4E31-895F-FFE2C7D666D7}] => (Allow) H:\instalki\LJP1100_P1560_P1600_Full_Solution\ProductInst64.exe FirewallRules: [UDP Query User{FCC96D4A-C195-4078-9D60-4071E780F51F}C:\windows\microsoft.net\framework\v2.0.50727\vbc.exe] => (Allow) C:\windows\microsoft.net\framework\v2.0.50727\vbc.exe FirewallRules: [TCP Query User{1A658BDF-5ABE-4884-8A3A-BFB6832D11D8}C:\windows\microsoft.net\framework\v2.0.50727\vbc.exe] => (Allow) C:\windows\microsoft.net\framework\v2.0.50727\vbc.exe FirewallRules: [{1CA63E84-03B1-480D-AC37-4A9432BFDDFA}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe FirewallRules: [{A5B50F9F-F184-4CC3-92B3-2740E92EDD0D}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe FirewallRules: [{207B7991-6F16-4211-B1DD-613C46B6A308}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe FirewallRules: [{4D878FA6-F3A5-487A-B1B4-87D56E96EFCA}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe FirewallRules: [UDP Query User{FF22E4FD-A5A2-40F1-9832-60D713D5A839}C:\program files (x86)\mouseserver\mouseserver.exe] => (Allow) C:\program files (x86)\mouseserver\mouseserver.exe FirewallRules: [TCP Query User{1F4E2492-C1EE-435D-A421-E104D937A1DF}C:\program files (x86)\mouseserver\mouseserver.exe] => (Allow) C:\program files (x86)\mouseserver\mouseserver.exe FirewallRules: [{4981DDD0-5314-4B8B-A9F6-A283CB0C1062}] => (Allow) LPort=1900 FirewallRules: [{1415683D-4DE8-4072-8D20-EC01777AB828}] => (Allow) LPort=2869 FirewallRules: [{0BC45616-E25B-4B5E-B44A-F72AEB154226}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe FirewallRules: [{C2DE5115-31A5-4A7F-B2D4-1452C417C432}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD10\PowerDVD10.EXE FirewallRules: [{1A6A4BFF-FD55-4A56-9BA8-EB75EB24545B}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD10\PowerDVD Cinema\PowerDVDCinema10.exe FirewallRules: [TCP Query User{6F60FDD2-021B-4CA7-B411-6F9F1E5BB61F}H:\pendrive\obrazy\office 2013 x64\ms toolkit 2.4.9\microsoft toolkit.exe] => (Allow) H:\pendrive\obrazy\office 2013 x64\ms toolkit 2.4.9\microsoft toolkit.exe FirewallRules: [UDP Query User{477153F6-B521-4B2A-AD51-BDB83663D347}H:\pendrive\obrazy\office 2013 x64\ms toolkit 2.4.9\microsoft toolkit.exe] => (Allow) H:\pendrive\obrazy\office 2013 x64\ms toolkit 2.4.9\microsoft toolkit.exe FirewallRules: [TCP Query User{BFB2B7BA-1BF1-4A56-BAB4-85376CFA2E5C}I:\pendrive\obrazy\office 2013 x64\ms toolkit 2.4.9\microsoft toolkit.exe] => (Allow) I:\pendrive\obrazy\office 2013 x64\ms toolkit 2.4.9\microsoft toolkit.exe FirewallRules: [UDP Query User{696E6C8A-FF43-419B-9A52-7BCAC1A5ADA2}I:\pendrive\obrazy\office 2013 x64\ms toolkit 2.4.9\microsoft toolkit.exe] => (Allow) I:\pendrive\obrazy\office 2013 x64\ms toolkit 2.4.9\microsoft toolkit.exe FirewallRules: [{D2683FEA-9391-43E1-B116-3D1F7925AFA6}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe FirewallRules: [{806E23BE-8893-4F2F-BAD6-E4B326A6C06A}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe FirewallRules: [{1E6A05BC-7992-460B-9874-92D65A9E3CFE}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe FirewallRules: [{C7E7FF09-67C6-4809-A4F7-81645C1E13DB}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe FirewallRules: [{A368BBEE-2501-4647-95F7-82CF0F53B93B}] => (Allow) LPort=54925 ==================== Faulty Device Manager Devices ============= ==================== Event log errors: ========================= Application errors: ================== Error: (07/28/2015 04:18:49 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Nazwa aplikacji powodującej błąd: MakeMarkerFile.exe, wersja: 1.0.0.2, sygnatura czasowa: 0x5021e5e8 Nazwa modułu powodującego błąd: MakeMarkerFile.exe, wersja: 1.0.0.2, sygnatura czasowa: 0x5021e5e8 Kod wyjątku: 0xc0000417 Przesunięcie błędu: 0x000000000014d7cc Identyfikator procesu powodującego błąd: 0xd24 Godzina uruchomienia aplikacji powodującej błąd: 0xMakeMarkerFile.exe0 Ścieżka aplikacji powodującej błąd: MakeMarkerFile.exe1 Ścieżka modułu powodującego błąd: MakeMarkerFile.exe2 Identyfikator raportu: MakeMarkerFile.exe3 Pełna nazwa pakietu powodującego błąd: MakeMarkerFile.exe4 Identyfikator aplikacji względem pakietu powodującego błąd: MakeMarkerFile.exe5 Error: (07/28/2015 03:52:48 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: Justyna) Description: Aktywacja aplikacji E9594ECD.OnetNews_c1gk75f6080hw!App nie powiodła się. Błąd: -2144927142. Więcej informacji można znaleźć w dzienniku Microsoft-Windows-TWinUI/Działa. Error: (07/28/2015 03:34:53 PM) (Source: Application Hang) (EventID: 1002) (User: ) Description: Program backgroundTaskHost.exe w wersji 6.3.9600.17415 przestał współpracować z systemem Windows i został zamknięty. Aby sprawdzić, czy jest dostępnych więcej informacji na temat tego problemu, sprawdź historię problemu w aplecie Centrum akcji w Panelu sterowania. Identyfikator procesu: 1318 Godzina rozpoczęcia: 01d0c9391beb5d3b Godzina zakończenia: 4294967295 Ścieżka aplikacji: C:\WINDOWS\system32\backgroundTaskHost.exe Identyfikator raportu: 698365cc-352d-11e5-bf58-b888e367cd85 Pełna nazwa pakietu powodującego błąd: E9594ECD.OnetNews_2.0.0.7_neutral__c1gk75f6080hw Identyfikator aplikacji względem pakietu powodującego błąd: App Error: (07/28/2015 03:24:31 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Nazwa aplikacji powodującej błąd: MakeMarkerFile.exe, wersja: 1.0.0.2, sygnatura czasowa: 0x5021e5e8 Nazwa modułu powodującego błąd: MakeMarkerFile.exe, wersja: 1.0.0.2, sygnatura czasowa: 0x5021e5e8 Kod wyjątku: 0xc0000417 Przesunięcie błędu: 0x000000000014d7cc Identyfikator procesu powodującego błąd: 0xe30 Godzina uruchomienia aplikacji powodującej błąd: 0xMakeMarkerFile.exe0 Ścieżka aplikacji powodującej błąd: MakeMarkerFile.exe1 Ścieżka modułu powodującego błąd: MakeMarkerFile.exe2 Identyfikator raportu: MakeMarkerFile.exe3 Pełna nazwa pakietu powodującego błąd: MakeMarkerFile.exe4 Identyfikator aplikacji względem pakietu powodującego błąd: MakeMarkerFile.exe5 Error: (07/28/2015 03:10:10 PM) (Source: Application Hang) (EventID: 1002) (User: ) Description: Program backgroundTaskHost.exe w wersji 6.3.9600.17415 przestał współpracować z systemem Windows i został zamknięty. Aby sprawdzić, czy jest dostępnych więcej informacji na temat tego problemu, sprawdź historię problemu w aplecie Centrum akcji w Panelu sterowania. Identyfikator procesu: 111c Godzina rozpoczęcia: 01d0c9360189af94 Godzina zakończenia: 4294967295 Ścieżka aplikacji: C:\WINDOWS\system32\backgroundTaskHost.exe Identyfikator raportu: f67bf5f8-3529-11e5-bf57-b888e367cd85 Pełna nazwa pakietu powodującego błąd: E9594ECD.OnetNews_2.0.0.7_neutral__c1gk75f6080hw Identyfikator aplikacji względem pakietu powodującego błąd: App Error: (07/28/2015 03:04:58 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: Justyna) Description: Aktywacja aplikacji E9594ECD.OnetNews_c1gk75f6080hw!App nie powiodła się. Błąd: -2144927142. Więcej informacji można znaleźć w dzienniku Microsoft-Windows-TWinUI/Działa. Error: (07/28/2015 03:04:13 PM) (Source: Office 2013 Licensing Service) (EventID: 0) (User: ) Description: Subscription licensing service failed: -1073418154 Error: (07/26/2015 04:41:29 PM) (Source: Office 2013 Licensing Service) (EventID: 0) (User: ) Description: Subscription licensing service failed: -1073418154 Error: (07/26/2015 04:36:55 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: Justyna) Description: Aktywacja aplikacji E9594ECD.OnetNews_c1gk75f6080hw!App nie powiodła się. Błąd: -2144927142. Więcej informacji można znaleźć w dzienniku Microsoft-Windows-TWinUI/Działa. Error: (07/26/2015 04:33:59 PM) (Source: Customer Experience Improvement Program) (EventID: 1008) (User: ) Description: 80070005 System errors: ============= Error: (07/28/2015 03:28:39 PM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: Usługa WinZiper service niespodziewanie zakończyła pracę. Wystąpiło to razy: 1. Error: (07/28/2015 03:23:36 PM) (Source: Service Control Manager) (EventID: 7022) (User: ) Description: Usługa Intel(R) Rapid Storage Technology zawiesiła się podczas uruchamiania. Error: (07/28/2015 03:22:02 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Nie można uruchomić usługi AppX Deployment Service (AppXSVC) z powodu następującego błędu: %%1053 Error: (07/28/2015 03:22:02 PM) (Source: Service Control Manager) (EventID: 7009) (User: ) Description: Upłynął limit czasu (30000 ms) podczas oczekiwania na połączenie się z usługą AppX Deployment Service (AppXSVC). Error: (07/28/2015 02:59:22 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Nie można uruchomić usługi Usługa Sklep Windows (WSService) z powodu następującego błędu: %%1053 Error: (07/28/2015 02:59:22 PM) (Source: Service Control Manager) (EventID: 7009) (User: ) Description: Upłynął limit czasu (30000 ms) podczas oczekiwania na połączenie się z usługą Usługa Sklep Windows (WSService). Error: (07/28/2015 02:58:51 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Nie można uruchomić usługi Usługa Sklep Windows (WSService) z powodu następującego błędu: %%1053 Error: (07/28/2015 02:58:51 PM) (Source: Service Control Manager) (EventID: 7009) (User: ) Description: Upłynął limit czasu (30000 ms) podczas oczekiwania na połączenie się z usługą Usługa Sklep Windows (WSService). Error: (07/28/2015 02:58:20 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Nie można uruchomić usługi Usługa Sklep Windows (WSService) z powodu następującego błędu: %%1053 Error: (07/28/2015 02:58:20 PM) (Source: Service Control Manager) (EventID: 7009) (User: ) Description: Upłynął limit czasu (30000 ms) podczas oczekiwania na połączenie się z usługą Usługa Sklep Windows (WSService). Microsoft Office: ========================= Error: (07/28/2015 04:18:49 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: MakeMarkerFile.exe1.0.0.25021e5e8MakeMarkerFile.exe1.0.0.25021e5e8c0000417000000000014d7ccd2401d0c9404797e834C:\ProgramData\MakeMarkerFile.exeC:\ProgramData\MakeMarkerFile.exe90824e6a-3533-11e5-bf59-b888e367cd85 Error: (07/28/2015 03:52:48 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: Justyna) Description: E9594ECD.OnetNews_c1gk75f6080hw!App-2144927142 Error: (07/28/2015 03:34:53 PM) (Source: Application Hang) (EventID: 1002) (User: ) Description: backgroundTaskHost.exe6.3.9600.17415131801d0c9391beb5d3b4294967295C:\WINDOWS\system32\backgroundTaskHost.exe698365cc-352d-11e5-bf58-b888e367cd85E9594ECD.OnetNews_2.0.0.7_neutral__c1gk75f6080hwApp Error: (07/28/2015 03:24:31 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: MakeMarkerFile.exe1.0.0.25021e5e8MakeMarkerFile.exe1.0.0.25021e5e8c0000417000000000014d7cce3001d0c93819770f6bC:\ProgramData\MakeMarkerFile.exeC:\ProgramData\MakeMarkerFile.exefa1e7fce-352b-11e5-bf58-50b7c32ba079 Error: (07/28/2015 03:10:10 PM) (Source: Application Hang) (EventID: 1002) (User: ) Description: backgroundTaskHost.exe6.3.9600.17415111c01d0c9360189af944294967295C:\WINDOWS\system32\backgroundTaskHost.exef67bf5f8-3529-11e5-bf57-b888e367cd85E9594ECD.OnetNews_2.0.0.7_neutral__c1gk75f6080hwApp Error: (07/28/2015 03:04:58 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: Justyna) Description: E9594ECD.OnetNews_c1gk75f6080hw!App-2144927142 Error: (07/28/2015 03:04:13 PM) (Source: Office 2013 Licensing Service) (EventID: 0) (User: ) Description: Subscription licensing service failed: -1073418154 Error: (07/26/2015 04:41:29 PM) (Source: Office 2013 Licensing Service) (EventID: 0) (User: ) Description: Subscription licensing service failed: -1073418154 Error: (07/26/2015 04:36:55 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: Justyna) Description: E9594ECD.OnetNews_c1gk75f6080hw!App-2144927142 Error: (07/26/2015 04:33:59 PM) (Source: Customer Experience Improvement Program) (EventID: 1008) (User: ) Description: 80070005 CodeIntegrity Error: =================================== Date: 2015-07-28 16:30:03.797 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2015-07-28 16:30:03.596 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2015-07-28 16:30:03.409 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2015-07-28 16:30:03.151 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2015-07-28 16:30:02.944 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2015-07-28 16:30:02.731 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2015-07-28 16:29:48.079 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2015-07-28 16:29:47.127 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2015-07-28 16:27:01.830 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2015-07-28 16:26:41.008 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements. ==================== Memory info =========================== Processor: Intel(R) Core(TM) i5-3210M CPU @ 2.50GHz Percentage of memory in use: 51% Total physical RAM: 3987.42 MB Available physical RAM: 1922.13 MB Total Virtual: 5715.42 MB Available Virtual: 3281.11 MB ==================== Drives ================================ Drive c: () (Fixed) (Total:440.67 GB) (Free:255.24 GB) NTFS Drive d: (BROTHER) (CDROM) (Total:0.39 GB) (Free:0 GB) CDFS ==================== MBR & Partition Table ================== ==================== End of log ============================