Additional scan result of Farbar Recovery Scan Tool (x64) Version: 01-02-2015 Ran by wirginia67 at 2015-02-04 15:01:24 Running from C:\Users\sławek\Downloads Boot Mode: Normal ========================================================== ==================== Security Center ======================== (If an entry is included in the fixlist, it will be removed.) AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B} AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736} ==================== Installed Programs ====================== (Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.) µTorrent (HKU\S-1-5-21-2592862549-595905708-2507062346-1001\...\uTorrent) (Version: 3.4.2.38397 - BitTorrent Inc.) 3G HSUPA Modem (HKLM-x32\...\3G HSUPA Modem) (Version: 1.0.0.1 - 3G HSUPA Modem) <==== ATTENTION! Adobe Reader X (10.1.3) MUI (HKLM-x32\...\{AC76BA86-7AD7-FFFF-7B44-AA0000000001}) (Version: 10.1.3 - Adobe Systems Incorporated) AllSharePlayLink (HKLM-x32\...\{CE1836A8-3F2B-49BD-8395-93DD414068D2}) (Version: 1.0.0 - Samsung Electronics Co., Ltd.) Avast Free Antivirus (HKLM-x32\...\Avast) (Version: 10.0.2208 - AVAST Software) Easy File Share (HKLM-x32\...\{A7C37D4B-F37A-42E8-9B6A-B28C18AD4C12}) (Version: 1.3.4 - Samsung Electronics CO.,LTD.) ETDWare PS/2-X64 11.7.2.1_WHQL (HKLM\...\Elantech) (Version: 11.7.2.1 - ELAN Microelectronic Corp.) ExpressCache (HKLM\...\{3EA6AB5D-D434-4ACA-9609-48F1319518EF}) (Version: 1.0.94 - Condusiv Technologies) Fast Flash Sleep Resume (x32 Version: 1.1.1 - Samsung) Hidden Google Chrome (HKLM-x32\...\Google Chrome) (Version: 40.0.2214.93 - Google Inc.) Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden Help Desk (HKLM\...\{AEC9D273-E162-4614-83F1-722B8C74B185}) (Version: 1.0.96 - Samsung Electronics CO., LTD.) Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3958 - Intel Corporation) Intel(R) PROSet/Wireless Software for Bluetooth(R) Technology (HKLM\...\{7854AA22-A2F0-4F29-A2E9-D0C5A2B685E7}) (Version: 2.5.0.0248 - Motorola Solutions, Inc) Intel(R) Rapid Start Technology (HKLM-x32\...\3D073343-CEEB-4ce7-85AC-A69A7631B5D6) (Version: 2.1.0.1002 - Intel Corporation) Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 11.5.2.1001 - Intel Corporation) Intel(R) SDK for OpenCL - CPU Only Runtime Package (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 2.0.0.37149 - Intel Corporation) Intel(R) WiDi (HKLM\...\{6097158B-0184-4140-BEC3-7885794D2571}) (Version: 3.5.40.0 - Intel Corporation) Jump Flip (HKLM\...\Jump Flip) (Version: 2013.12.27.213125 - Jump Flip) <==== ATTENTION! Microsoft Office Professional Plus 2013 (HKLM-x32\...\Office15.PROPLUSR) (Version: 15.0.4569.1506 - Microsoft Corporation) Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft WSE 3.0 Runtime (HKLM-x32\...\{E3E71D07-CD27-46CB-8448-16D4FB29AA13}) (Version: 3.0.5305.0 - Microsoft Corp.) Mobile Partner (HKLM-x32\...\Mobile Partner) (Version: 23.009.05.00.69 - Huawei Technologies Co.,Ltd) Mobogenie (HKLM-x32\...\Mobogenie) (Version: - Mobogenie.com) <==== ATTENTION Narzędzia sprawdzające pakietu Microsoft Office 2013 — polski (x32 Version: 15.0.4569.1506 - Microsoft Corporation) Hidden Oprogramowanie Intel® PROSet/Wireless (HKLM-x32\...\{c9967fbd-e3c3-4ed0-992a-5b33260f2944}) (Version: 16.1.5 - Intel Corporation) Pakiet sterowników systemu Windows - Samsung Electronics Co. Ltd. (RadioHIDMini) HIDClass (07/27/2012 20.57.1.735) (HKLM\...\9F04C462DAB591BDCCE784F77E4D4F1736010B92) (Version: 07/27/2012 20.57.1.735 - Samsung Electronics Co. Ltd.) PLAY ONLINE (HKLM-x32\...\{AEFF9E60-3E93-41EE-9895-311F7D1C5FFD}) (Version: 1.0.0.2 - ZTE Corporation) PLAY ONLINE (HKLM-x32\...\PLAY ONLINE) (Version: 21.005.11.17.264 - Huawei Technologies Co.,Ltd) PriceFountain (remove only) (HKU\S-1-5-21-2592862549-595905708-2507062346-1001\...\PriceFountain) (Version: 1.1.0.2 - Price Fountain) Quick Starter (HKLM\...\{EC36E2BC-86F7-44C9-84B2-93930F0FBDBF}) (Version: 1.0.2 - Samsung Electronics CO., LTD.) RealDownloader (x32 Version: 1.3.3 - RealNetworks, Inc.) Hidden RealNetworks - Microsoft Visual C++ 2008 Runtime (x32 Version: 9.0 - RealNetworks, Inc) Hidden RealNetworks - Microsoft Visual C++ 2010 Runtime (x32 Version: 10.0 - RealNetworks, Inc) Hidden RealPlayer (HKLM-x32\...\RealPlayer 16.0) (Version: 16.0.3 - RealNetworks) Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.2.612.2012 - Realtek) Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6699 - Realtek Semiconductor Corp.) RealUpgrade 1.1 (x32 Version: 1.1.0 - RealNetworks, Inc.) Hidden Recovery (HKLM-x32\...\{145DE957-0679-4A2A-BB5C-1D3E9808FAB2}) (Version: 6.0.10.0 - Samsung Electronics CO., LTD.) S Agent (Version: 1.1.45 - Samsung Electronics CO., LTD.) Hidden Settings (HKLM-x32\...\{52E5DE60-C96B-42CC-9A37-FE04725940AE}) (Version: 2.0.0 - Samsung Electronics CO., LTD.) Skype Packages (HKU\S-1-5-21-2592862549-595905708-2507062346-1001\...\Skype Packages) (Version: - ) <==== ATTENTION Skype™ 6.11 (HKLM-x32\...\{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}) (Version: 6.11.102 - Skype Technologies S.A.) Support Center (HKLM\...\{5C20C1A9-75F9-4B6B-AAC3-9065C2AFB918}) (Version: 2.1.1106 - Samsung Electronics CO., LTD.) Support Center FAQ (x32 Version: 1.0.11 - Samsung Electronics CO., LTD.) Hidden SW Update (HKLM-x32\...\{DA06101F-FD76-4BF0-88BD-B26A197005E3}) (Version: 2.1.21 - Samsung Electronics CO., LTD.) The Sims™ 3 (HKLM-x32\...\{C05D8CDB-417D-4335-A38C-A0659EDFD6B8}) (Version: 1.42.130 - Electronic Arts) The Sims™ 3 Cztery pory roku (HKLM-x32\...\{3DE92282-CB49-434F-81BF-94E5B380E889}) (Version: 16.0.136 - Electronic Arts) The Sims™ 3 Wymarzone Podróże (HKLM-x32\...\{BA26FFA5-6D47-47DB-BE56-34C357B5F8CC}) (Version: 2.0.86 - Electronic Arts) The Sims™ 3 Zwierzaki (HKLM-x32\...\{C12631C6-804D-4B32-B0DD-8A496462F106}) (Version: 10.0.96 - Electronic Arts) Update for PriceFountain (HKU\S-1-5-21-2592862549-595905708-2507062346-1001\...\Price Fountain) (Version: - Update for PriceFountain) <==== ATTENTION User Guide (HKLM-x32\...\{426BC106-F501-4D57-B908-4E550BD197F0}) (Version: 1.3.00 - Samsung Electronics CO., LTD.) WinRAR 5.11 (64-bitowy) (HKLM\...\WinRAR archiver) (Version: 5.11.0 - win.rar GmbH) ==================== Custom CLSID (selected items): ========================== (If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.) CustomCLSID: HKU\S-1-5-21-2592862549-595905708-2507062346-1001_Classes\CLSID\{820D63D5-8CFF-46DE-86AF-4997DEDD6DB5}\localserver32 -> C:\WINDOWS\system32\igfxEM.exe (Intel Corporation) ==================== Restore Points ========================= 01-01-2015 12:11:13 Windows Update 14-01-2015 23:30:58 Windows Update 19-01-2015 21:03:46 Windows Update 01-02-2015 11:15:20 Windows Update 02-02-2015 16:29:56 avast! antivirus system restore point ==================== Hosts content: ========================== (If needed Hosts: directive could be included in the fixlist to reset Hosts.) 2013-08-22 14:25 - 2013-08-22 14:25 - 00000824 ____A C:\WINDOWS\system32\Drivers\etc\hosts ==================== Scheduled Tasks (whitelisted) ============= (If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.) Task: {07FAFA7A-AB21-4458-8095-4C55B5DE12CF} - System32\Tasks\Price Fountain => C:\Users\sławek\AppData\Roaming\PriceFountain\UpdateProc\UpdateTask.exe [2015-01-27] () <==== ATTENTION Task: {19750152-F8B9-41BB-856D-CD16D41607B3} - System32\Tasks\Settings => C:\Program Files (x86)\Samsung\Settings\sSettings.exe [2012-09-05] (Samsung Electronics CO., LTD.) Task: {1D655C37-C392-420F-AEB7-2933A38E0388} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe Task: {34BE6C5C-1341-4096-8F2D-A19FF849DA1F} - System32\Tasks\RNUpgradeHelperLogonPrompt_wirginia67 => C:\Users\sławek\AppData\Roaming\Real\Update\UpgradeHelper\RealPlayer\12.01\agent\rnupgagent.exe [2015-01-28] (RealNetworks, Inc.) Task: {49577C90-2F72-4D4C-B7FF-32702AB99F4B} - System32\Tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-2592862549-595905708-2507062346-1001 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe [2013-08-14] (RealNetworks, Inc.) Task: {52E50589-E949-4BD5-997D-97B8A2C99280} - System32\Tasks\RNUpgradeHelperResumePrompt_wirginia67 => C:\Users\sławek\AppData\Roaming\Real\Update\UpgradeHelper\RealPlayer\12.01\agent\rnupgagent.exe [2015-01-28] (RealNetworks, Inc.) Task: {589E76B1-1457-406B-A1E1-78D3A66DEDBC} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office\Office15\msoia.exe [2014-01-21] (Microsoft Corporation) Task: {59EC939C-76F8-4D4B-BA41-9008FB1BA111} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2015-01-14] (Microsoft Corporation) Task: {64579228-5567-44BB-ABAE-47FBAEC22805} - System32\Tasks\SAgent => C:\Program Files\Samsung\S Agent\CommonAgent.exe [2013-10-16] (Samsung Electronics CO., LTD.) Task: {6E637DE9-73C3-4FA6-B4E7-2316FE5D4483} - System32\Tasks\FFSRConfigurer => C:\Program Files (x86)\Samsung\Fast Flash Sleep Resume\FFSRConfigurer.exe [2012-08-22] (Samsung) Task: {72A1D39B-FAA1-4844-9F2E-179D4AD8E2CB} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2015-02-02] (AVAST Software) Task: {7A9BF62A-2518-413D-823B-D7B3BC9BCDE5} - System32\Tasks\ReclaimerUpdateXML_wirginia67 => C:\Users\sławek\AppData\Roaming\Real\Update\UpgradeHelper\RealPlayer\12.01\agent\rnupgagent.exe [2015-01-28] (RealNetworks, Inc.) Task: {838866CC-40A5-4FE4-8C1F-CA9315658BC6} - System32\Tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-2592862549-595905708-2507062346-1001 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe [2013-08-14] (RealNetworks, Inc.) Task: {86367286-30F4-4455-B9FA-77EE80929B4B} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office\Office15\msoia.exe [2014-01-21] (Microsoft Corporation) Task: {8B3B6E79-95E8-4C61-9D86-F0F200F6D614} - System32\Tasks\ReclaimerUpdateFiles_wirginia67 => C:\Users\sławek\AppData\Roaming\Real\Update\UpgradeHelper\RealPlayer\12.01\agent\rnupgagent.exe [2015-01-28] (RealNetworks, Inc.) Task: {92B7C0A5-93A6-4FF7-B9F2-71EAB62E6D18} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-01-05] (Google Inc.) Task: {9714D8FC-B5C8-4725-89C5-10C833CFB9B4} - System32\Tasks\{46511A2A-A716-403F-9DB8-E8131D2B6156} => pcalua.exe -a "C:\Program Files (x86)\3G HSUPA Modem\UNWISE.EXE" -d "C:\Program Files (x86)\3G HSUPA Modem" -c /W6 "C:\Program Files (x86)\3G HSUPA Modem\INSTALL.LOG" Task: {9F17114C-4088-45F0-BA30-78E93B2C6BE8} - System32\Tasks\WLANStartup => C:\Program Files (x86)\Samsung\Easy Settings\WLANStartup.exe Task: {A9A0C51A-8F11-448A-BED5-51111B77DC17} - System32\Tasks\advRecovery => C:\Program Files\Samsung\Recovery\WCScheduler.exe [2013-08-23] (SEC) Task: {CD05F3F7-4C4C-4FC5-BA43-C3B94AF23E06} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-01-05] (Google Inc.) Task: {DB0FB7AD-A1AA-44BA-92D3-A7EBC365F285} - System32\Tasks\CreateChoiceProcessTask => C:\Windows\BrowserChoice\browserchoice.exe Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: C:\WINDOWS\Tasks\Price Fountain.job => C:\Users\SAWEK~1\AppData\Roaming\PRICEF~1\UPDATE~1\UPDATE~1.EXE <==== ATTENTION Task: C:\WINDOWS\Tasks\ReclaimerUpdateFiles_wirginia67.job => C:\Users\sBawek\AppData\Roaming\Real\Update\UpgradeHelper\RealPlayer\12.01\agent\rnupgagent.exe Task: C:\WINDOWS\Tasks\ReclaimerUpdateXML_wirginia67.job => C:\Users\sBawek\AppData\Roaming\Real\Update\UpgradeHelper\RealPlayer\12.01\agent\rnupgagent.exe Task: C:\WINDOWS\Tasks\RNUpgradeHelperLogonPrompt_wirginia67.job => C:\Users\sBawek\AppData\Roaming\Real\Update\UpgradeHelper\RealPlayer\12.01\agent\rnupgagent.exe ==================== Loaded Modules (whitelisted) ============= 2011-03-14 16:27 - 2011-03-14 16:27 - 00346976 _____ () C:\ProgramData\DatacardService\HWDeviceService64.exe 2014-12-21 15:38 - 2012-09-22 03:32 - 00655744 _____ () C:\ProgramData\Mobile Partner\OnlineUpdate\ouc.exe 2014-12-21 15:38 - 2014-02-01 18:15 - 00246112 _____ () C:\ProgramData\PLAY ONLINE\OnlineUpdate\ouc.exe 2013-08-14 15:19 - 2013-08-14 15:19 - 00039056 _____ () C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe 2015-02-02 16:36 - 2015-02-02 16:36 - 00388208 _____ () C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxDDU.dll 2015-02-02 16:36 - 2015-02-02 16:36 - 05851328 _____ () C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxRT.dll 2012-09-05 15:50 - 2012-09-05 15:50 - 00085112 _____ () C:\Program Files (x86)\Samsung\Settings\CmdServer\EasySettingsCmdServer.exe 2015-01-09 19:55 - 2013-07-26 19:21 - 00459008 _____ () C:\Program Files (x86)\4G Hostless Modem\PLAY ONLINE\CheckNDISPort_df.exe 2015-01-09 19:55 - 2013-07-26 19:21 - 00446208 _____ () C:\Program Files (x86)\4G Hostless Modem\PLAY ONLINE\CancelAutoPlay_df.exe 2013-10-16 19:15 - 2013-10-16 19:15 - 00088624 _____ () C:\Program Files\Samsung\S Agent\ToastX64.dll 2015-01-09 19:55 - 2013-09-04 00:06 - 00497408 _____ () C:\Program Files (x86)\4G Hostless Modem\PLAY ONLINE\ShowTip.exe 2015-02-02 16:37 - 2015-02-02 16:37 - 02913280 _____ () C:\Program Files\AVAST Software\Avast\defs\15020200\algo.dll 2015-02-02 16:37 - 2015-02-02 16:37 - 04495336 _____ () C:\Program Files\AVAST Software\Avast\ng\vbox\x86\VBoxRT-x86.dll 2015-02-04 14:27 - 2015-02-04 14:27 - 02913280 _____ () C:\Program Files\AVAST Software\Avast\defs\15020400\algo.dll 2013-11-10 17:47 - 2009-01-10 11:32 - 00011362 _____ () C:\ProgramData\Mobile Partner\OnlineUpdate\mingwm10.dll 2013-11-10 17:47 - 2009-06-22 19:42 - 00043008 _____ () C:\ProgramData\Mobile Partner\OnlineUpdate\libgcc_s_dw2-1.dll 2013-11-10 17:47 - 2010-07-23 05:58 - 02415104 _____ () C:\ProgramData\Mobile Partner\OnlineUpdate\QtCore4.dll 2013-11-10 17:47 - 2010-02-10 15:10 - 01148416 _____ () C:\ProgramData\Mobile Partner\OnlineUpdate\QtNetwork4.dll 2013-11-10 17:47 - 2012-09-22 03:32 - 00843264 _____ () C:\ProgramData\Mobile Partner\OnlineUpdate\QueryStrategy.dll 2013-11-10 17:47 - 2010-02-10 15:06 - 00398336 _____ () C:\ProgramData\Mobile Partner\OnlineUpdate\QtXml4.dll 2014-02-01 18:15 - 2014-02-01 18:15 - 00011362 _____ () C:\ProgramData\PLAY ONLINE\OnlineUpdate\mingwm10.dll 2014-02-01 18:15 - 2014-02-01 18:15 - 00043008 _____ () C:\ProgramData\PLAY ONLINE\OnlineUpdate\libgcc_s_dw2-1.dll 2014-02-01 18:15 - 2014-02-01 18:15 - 02415104 _____ () C:\ProgramData\PLAY ONLINE\OnlineUpdate\QtCore4.dll 2014-02-01 18:15 - 2014-02-01 18:15 - 01148416 _____ () C:\ProgramData\PLAY ONLINE\OnlineUpdate\QtNetwork4.dll 2014-02-01 18:15 - 2014-02-01 18:15 - 00384512 _____ () C:\ProgramData\PLAY ONLINE\OnlineUpdate\QueryStrategy.dll 2014-02-01 18:15 - 2014-02-01 18:15 - 00398336 _____ () C:\ProgramData\PLAY ONLINE\OnlineUpdate\QtXml4.dll 2012-09-05 15:50 - 2012-09-05 15:50 - 00028792 _____ () C:\Program Files (x86)\Samsung\Settings\CmdServer\EasySettingsCmdWrapper.dll 2012-09-05 15:50 - 2012-09-05 15:50 - 01012856 _____ () C:\Program Files (x86)\Samsung\Settings\CmdServer\EasySettingsCmd.dll 2012-09-05 15:50 - 2012-09-05 15:50 - 00110712 _____ () C:\Program Files (x86)\Samsung\Settings\CmdServer\EasySettingsBase.dll 2012-09-05 15:50 - 2012-09-05 15:50 - 00056440 _____ () C:\Program Files (x86)\Samsung\Settings\CmdServer\HookDllPS2.dll 2012-09-05 15:50 - 2012-09-05 15:50 - 00211064 _____ () C:\Program Files (x86)\Samsung\Settings\CmdServer\WinCRT.dll 2012-09-05 15:50 - 2012-09-05 15:50 - 00026744 _____ () C:\Program Files (x86)\Samsung\Settings\EasySettingsAPI.dll 2012-09-05 15:50 - 2012-09-05 15:50 - 00110712 _____ () C:\Program Files (x86)\Samsung\Settings\EasySettingsBase.dll 2012-09-05 15:50 - 2012-09-05 15:50 - 00060536 _____ () C:\Program Files (x86)\Samsung\Settings\EasyMovieEnhancer.dll 2012-09-05 15:50 - 2012-09-05 15:50 - 00103544 _____ () C:\Program Files (x86)\Samsung\Settings\EasySettingsCmdClient.dll 2015-02-02 16:37 - 2015-02-02 16:37 - 38562088 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll 2015-01-27 20:18 - 2015-01-25 22:08 - 01117512 _____ () C:\Program Files (x86)\Google\Chrome\Application\40.0.2214.93\libglesv2.dll 2015-01-27 20:18 - 2015-01-25 22:08 - 00211272 _____ () C:\Program Files (x86)\Google\Chrome\Application\40.0.2214.93\libegl.dll 2015-01-27 20:18 - 2015-01-25 22:08 - 09170760 _____ () C:\Program Files (x86)\Google\Chrome\Application\40.0.2214.93\pdf.dll ==================== Alternate Data Streams (whitelisted) ========= (If an entry is included in the fixlist, only the Alternate Data Streams will be removed.) ==================== Safe Mode (whitelisted) =================== (If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.) ==================== EXE Association (whitelisted) ============= (If an entry is included in the fixlist, the default will be restored. None default entries will be removed.) ==================== MSCONFIG/TASK MANAGER disabled items ========= (Currently there is no automatic fix for this section.) HKLM\...\StartupApproved\Run: => "BTMTrayAgent" HKLM\...\StartupApproved\Run32: => "mobilegeni daemon" HKU\S-1-5-21-2592862549-595905708-2507062346-1001\...\StartupApproved\Run: => "NextLive" HKU\S-1-5-21-2592862549-595905708-2507062346-1001\...\StartupApproved\Run: => "Yahoo! Search" ========================= Accounts: ========================== Administrator (S-1-5-21-2592862549-595905708-2507062346-500 - Administrator - Disabled) => C:\Users\Administrator Gość (S-1-5-21-2592862549-595905708-2507062346-501 - Limited - Enabled) => C:\Users\Gość HomeGroupUser$ (S-1-5-21-2592862549-595905708-2507062346-1003 - Limited - Enabled) wirginia67 (S-1-5-21-2592862549-595905708-2507062346-1001 - Administrator - Enabled) => C:\Users\sławek ==================== Faulty Device Manager Devices ============= ==================== Event log errors: ========================= Application errors: ================== Error: (02/04/2015 02:55:42 PM) (Source: irstrtsv) (EventID: 0) (User: ) Description: irstrtsvError: Unable to obtain an interface instance for the driver interface. Brak dalszych danych. Error: (02/04/2015 02:22:03 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Nazwa aplikacji powodującej błąd: WCScheduler.exe, wersja: 6.0.10.0, sygnatura czasowa: 0x52170ba8 Nazwa modułu powodującego błąd: ntdll.dll, wersja: 6.3.9600.17278, sygnatura czasowa: 0x53eebd22 Kod wyjątku: 0xc0000374 Przesunięcie błędu: 0x00000000000f0d6c Identyfikator procesu powodującego błąd: 0x1630 Godzina uruchomienia aplikacji powodującej błąd: 0xWCScheduler.exe0 Ścieżka aplikacji powodującej błąd: WCScheduler.exe1 Ścieżka modułu powodującego błąd: WCScheduler.exe2 Identyfikator raportu: WCScheduler.exe3 Pełna nazwa pakietu powodującego błąd: WCScheduler.exe4 Identyfikator aplikacji względem pakietu powodującego błąd: WCScheduler.exe5 Error: (02/02/2015 06:29:24 PM) (Source: irstrtsv) (EventID: 0) (User: ) Description: irstrtsvError: Unable to obtain an interface instance for the driver interface. Brak dalszych danych. Error: (02/02/2015 06:14:14 PM) (Source: VSS) (EventID: 12294) (User: ) Description: Błąd Usługi kopiowania woluminów w tle: Błąd wywołania procedury w Dostawcy kopii w tle {b5946137-7b9f-4925-af80-51abd60b20d5}. Procedura zwróciła wartość E_INVALIDARG. Szczegóły procedury: GetSnapshot({00000000-0000-0000-0000-000000000000},0000004C475DE570). Operacja: Pobierz właściwości kopii w tle Kontekst: Kontekst wykonywania: Coordinator Error: (02/02/2015 04:29:35 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Nazwa aplikacji powodującej błąd: WCScheduler.exe, wersja: 6.0.10.0, sygnatura czasowa: 0x52170ba8 Nazwa modułu powodującego błąd: ntdll.dll, wersja: 6.3.9600.17278, sygnatura czasowa: 0x53eebd22 Kod wyjątku: 0xc0000374 Przesunięcie błędu: 0x00000000000f0d6c Identyfikator procesu powodującego błąd: 0x15bc Godzina uruchomienia aplikacji powodującej błąd: 0xWCScheduler.exe0 Ścieżka aplikacji powodującej błąd: WCScheduler.exe1 Ścieżka modułu powodującego błąd: WCScheduler.exe2 Identyfikator raportu: WCScheduler.exe3 Pełna nazwa pakietu powodującego błąd: WCScheduler.exe4 Identyfikator aplikacji względem pakietu powodującego błąd: WCScheduler.exe5 Error: (02/01/2015 08:25:55 PM) (Source: irstrtsv) (EventID: 0) (User: ) Description: irstrtsvError: Unable to obtain an interface instance for the driver interface. Brak dalszych danych. Error: (02/01/2015 11:40:53 AM) (Source: irstrtsv) (EventID: 0) (User: ) Description: irstrtsvError: Unable to obtain an interface instance for the driver interface. Brak dalszych danych. Error: (02/01/2015 10:57:24 AM) (Source: Customer Experience Improvement Program) (EventID: 1008) (User: ) Description: 80070005 Error: (02/01/2015 10:38:02 AM) (Source: Application Error) (EventID: 1000) (User: ) Description: Nazwa aplikacji powodującej błąd: WCScheduler.exe, wersja: 6.0.10.0, sygnatura czasowa: 0x52170ba8 Nazwa modułu powodującego błąd: ntdll.dll, wersja: 6.3.9600.17278, sygnatura czasowa: 0x53eebd22 Kod wyjątku: 0xc0000374 Przesunięcie błędu: 0x00000000000f0d6c Identyfikator procesu powodującego błąd: 0x13a4 Godzina uruchomienia aplikacji powodującej błąd: 0xWCScheduler.exe0 Ścieżka aplikacji powodującej błąd: WCScheduler.exe1 Ścieżka modułu powodującego błąd: WCScheduler.exe2 Identyfikator raportu: WCScheduler.exe3 Pełna nazwa pakietu powodującego błąd: WCScheduler.exe4 Identyfikator aplikacji względem pakietu powodującego błąd: WCScheduler.exe5 Error: (02/01/2015 10:36:50 AM) (Source: irstrtsv) (EventID: 0) (User: ) Description: irstrtsvError: Unable to obtain an interface instance for the driver interface. Brak dalszych danych. System errors: ============= Error: (02/04/2015 02:56:33 PM) (Source: Microsoft-Windows-NDIS) (EventID: 10317) (User: ZARZĄDZANIE NT) Description: Miniport: Remote NDIS based Internet Sharing Device, {471C9047-D1F6-4FC7-8A7D-E8498EF2C393}, zdarzenie: 74 Error: (02/04/2015 02:55:42 PM) (Source: disk) (EventID: 11) (User: ) Description: Sterownik wykrył błąd kontrolera na \Device\Harddisk2\DR4. Error: (02/02/2015 06:26:34 PM) (Source: Ntfs) (EventID: 55) (User: ZARZĄDZANIE NT) Description: Wykryto uszkodzenie w strukturze systemu plików woluminu C:. Dokładna istota uszkodzenia nie jest znana. Należy przeskanować struktury systemu plików w trybie online. Error: (02/02/2015 06:12:04 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Nie można uruchomić usługi PLAY ONLINE. OUC z powodu następującego błędu: %%1053 Error: (02/02/2015 06:12:04 PM) (Source: Service Control Manager) (EventID: 7009) (User: ) Description: Upłynął limit czasu (30000 ms) podczas oczekiwania na połączenie się z usługą PLAY ONLINE. OUC. Error: (02/02/2015 06:12:03 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Nie można uruchomić usługi Mobile Partner. OUC z powodu następującego błędu: %%1053 Error: (02/02/2015 06:12:03 PM) (Source: Service Control Manager) (EventID: 7009) (User: ) Description: Upłynął limit czasu (30000 ms) podczas oczekiwania na połączenie się z usługą Mobile Partner. OUC. Error: (02/02/2015 06:11:35 PM) (Source: volmgr) (EventID: 46) (User: ) Description: Inicjowanie zrzutu awaryjnego nie powiodło się! Error: (02/02/2015 04:36:51 PM) (Source: DCOM) (EventID: 10016) (User: hapi72) Description: domyślne ustawienia komputeraLokalnyAktywacja{9BA05972-F6A8-11CF-A442-00A0C90A8F39}{9BA05972-F6A8-11CF-A442-00A0C90A8F39}hapi72wirginia67S-1-5-21-2592862549-595905708-2507062346-1001LocalHost (użycie LRPC)NiedostępnyNiedostępny Error: (02/02/2015 04:29:19 PM) (Source: DCOM) (EventID: 10016) (User: hapi72) Description: domyślne ustawienia komputeraLokalnyAktywacja{9BA05972-F6A8-11CF-A442-00A0C90A8F39}{9BA05972-F6A8-11CF-A442-00A0C90A8F39}hapi72wirginia67S-1-5-21-2592862549-595905708-2507062346-1001LocalHost (użycie LRPC)NiedostępnyNiedostępny Microsoft Office Sessions: ========================= Error: (02/04/2015 02:55:42 PM) (Source: irstrtsv) (EventID: 0) (User: ) Description: irstrtsvError: Unable to obtain an interface instance for the driver interface. Brak dalszych danych. Error: (02/04/2015 02:22:03 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: WCScheduler.exe6.0.10.052170ba8ntdll.dll6.3.9600.1727853eebd22c000037400000000000f0d6c163001d03f0d5bc07e68C:\Program Files\Samsung\Recovery\WCScheduler.exeC:\WINDOWS\SYSTEM32\ntdll.dllce06ec2d-ac70-11e4-bea1-001e101f5d68 Error: (02/02/2015 06:29:24 PM) (Source: irstrtsv) (EventID: 0) (User: ) Description: irstrtsvError: Unable to obtain an interface instance for the driver interface. Brak dalszych danych. Error: (02/02/2015 06:14:14 PM) (Source: VSS) (EventID: 12294) (User: ) Description: {b5946137-7b9f-4925-af80-51abd60b20d5}GetSnapshot({00000000-0000-0000-0000-000000000000},0000004C475DE570) Operacja: Pobierz właściwości kopii w tle Kontekst: Kontekst wykonywania: Coordinator Error: (02/02/2015 04:29:35 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: WCScheduler.exe6.0.10.052170ba8ntdll.dll6.3.9600.1727853eebd22c000037400000000000f0d6c15bc01d03efc703280adC:\Program Files\Samsung\Recovery\WCScheduler.exeC:\WINDOWS\SYSTEM32\ntdll.dll4a9f267e-aaf0-11e4-be9f-364b50b7ef2d Error: (02/01/2015 08:25:55 PM) (Source: irstrtsv) (EventID: 0) (User: ) Description: irstrtsvError: Unable to obtain an interface instance for the driver interface. Brak dalszych danych. Error: (02/01/2015 11:40:53 AM) (Source: irstrtsv) (EventID: 0) (User: ) Description: irstrtsvError: Unable to obtain an interface instance for the driver interface. Brak dalszych danych. Error: (02/01/2015 10:57:24 AM) (Source: Customer Experience Improvement Program) (EventID: 1008) (User: ) Description: 80070005 Error: (02/01/2015 10:38:02 AM) (Source: Application Error) (EventID: 1000) (User: ) Description: WCScheduler.exe6.0.10.052170ba8ntdll.dll6.3.9600.1727853eebd22c000037400000000000f0d6c13a401d03cbacba8e1b8C:\Program Files\Samsung\Recovery\WCScheduler.exeC:\WINDOWS\SYSTEM32\ntdll.dll03c33306-a9f6-11e4-be9f-364b50b7ef2d Error: (02/01/2015 10:36:50 AM) (Source: irstrtsv) (EventID: 0) (User: ) Description: irstrtsvError: Unable to obtain an interface instance for the driver interface. Brak dalszych danych. CodeIntegrity Errors: =================================== Date: 2015-01-29 10:21:59.990 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2015-01-29 10:21:59.760 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2015-01-29 10:21:59.562 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2015-01-29 10:21:59.217 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2015-01-29 10:21:58.893 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2015-01-29 10:21:58.584 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2015-01-29 10:21:58.276 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2015-01-29 10:21:57.672 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2015-01-29 10:21:56.608 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2015-01-29 10:21:55.717 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements. ==================== Memory info =========================== Processor: Intel(R) Core(TM) i5-3317U CPU @ 1.70GHz Percentage of memory in use: 74% Total physical RAM: 3797.53 MB Available physical RAM: 969.86 MB Total Pagefile: 4693.54 MB Available Pagefile: 1410.85 MB Total Virtual: 131072 MB Available Virtual: 131071.81 MB ==================== Drives ================================ Drive c: () (Fixed) (Total:441.78 GB) (Free:349.41 GB) NTFS ==================== MBR & Partition Table ================== ======================================================== Disk: 0 (Size: 465.8 GB) (Disk ID: 2D8E9AB2) Partition: GPT Partition Type. ======================================================== Disk: 1 (Size: 22.4 GB) (Disk ID: 0DDD03A0) Partition: GPT Partition Type. ==================== End Of Log ============================