Additional scan result of Farbar Recovery Scan Tool (x64) Version: 04-03-2015 01 Ran by Julia at 2015-03-06 19:31:53 Running from D:\Dropbox\Uczelnia\nowy list miłosny od Samsunga Julii\nowe Boot Mode: Normal ========================================================== ==================== Security Center ======================== (If an entry is included in the fixlist, it will be removed.) AV: Norton 360 (Enabled - Up to date) {D87FA2C0-F526-77B1-D6EC-0EDF3936CEDB} AS: Norton 360 (Enabled - Up to date) {631E4324-D31C-783F-EC5C-35AD42B18466} AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} FW: Norton 360 (Enabled) {E04423E5-BF49-76E9-FDB3-A7EAC7E589A0} ==================== Installed Programs ====================== (Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.) 64 Bit HP CIO Components Installer (Version: 6.2.1 - Hewlett-Packard) Hidden 7-Zip 9.20 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov) Adobe Flash Player 10 ActiveX (HKLM-x32\...\{B7B3E9B3-FB14-4927-894B-E9124509AF5A}) (Version: 10.0.32.18 - Adobe Systems, Inc.) Adobe Flash Player 16 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 16.0.0.305 - Adobe Systems Incorporated) Adobe Reader XI (11.0.10) - Polish (HKLM-x32\...\{AC76BA86-7AD7-1045-7B44-AB0000000001}) (Version: 11.0.10 - Adobe Systems Incorporated) AIO_Scan (x32 Version: 130.0.365.000 - Hewlett-Packard) Hidden Akamai NetSession Interface (HKU\S-1-5-21-319184298-1583452019-1941364810-1000\...\Akamai) (Version: - Akamai Technologies, Inc) Aktualizacje NVIDIA 1.14.17 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 1.14.17 - NVIDIA Corporation) Atheros Client Installation Program (HKLM-x32\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 9.0 - Atheros) AutoCAD 2014 — Polski (Polish) (Version: 19.1.108.0 - Autodesk) Hidden AutoCAD 2014 — Polski (Polish) (Version: 19.1.18.0 - Autodesk) Hidden AutoCAD 2014 Language Pack – Polski (Polish) (Version: 19.1.18.0 - Autodesk) Hidden Autodesk App Manager (HKLM-x32\...\{C070121A-C8C5-4D52-9A7D-D240631BD433}) (Version: 1.1.0 - Autodesk) Autodesk AutoCAD 2014 — Polski (Polish) (HKLM\...\AutoCAD 2014 — Polski (Polish)) (Version: 19.1.18.0 - Autodesk) Autodesk AutoCAD 2014 — Polski (Polish) SP1 (HKLM\...\AutoCAD 2014 — Polski (Polish) SP1) (Version: 1 - Autodesk) Autodesk Content Service (HKLM-x32\...\Autodesk Content Service) (Version: 3.1.3.0 - Autodesk) Autodesk Content Service (x32 Version: 3.1.3.0 - Autodesk) Hidden Autodesk Content Service Language Pack (x32 Version: 3.1.3.0 - Autodesk) Hidden Autodesk Featured Apps (HKLM-x32\...\{F732FEDA-7713-4428-934B-EF83B8DD65D0}) (Version: 1.1.0 - Autodesk) Autodesk Material Library 2014 (HKLM-x32\...\{644F9B19-A462-499C-BF4D-300ABC2A28B1}) (Version: 4.0.19.0 - Autodesk) Autodesk Material Library Base Resolution Image Library 2014 (HKLM-x32\...\{51BF3210-B825-4092-8E0D-66D689916E02}) (Version: 4.0.19.0 - Autodesk) Autodesk ReCap (HKLM\...\Autodesk ReCap) (Version: 1.0.43.13 - Autodesk) Autodesk ReCap (Version: 1.0.43.13 - Autodesk) Hidden Autodesk ReCap Language Pack-English (Version: 1.0.43.13 - Autodesk) Hidden BufferChm (x32 Version: 130.0.331.000 - Hewlett-Packard) Hidden C4380 (x32 Version: 130.0.365.000 - Hewlett-Packard) Hidden C4380_Help (x32 Version: 100.0.206.000 - Hewlett-Packard) Hidden Camersoft Webcam Capture 2.2.32 (HKLM-x32\...\Camersoft Webcam Capture_is1) (Version: - Camersoft Studio) CCleaner (HKLM\...\CCleaner) (Version: 5.02 - Piriform) CGS17_Setup_x64 (Version: 17.0 - Corel Corporation) Hidden Copy (x32 Version: 130.0.428.000 - Hewlett-Packard) Hidden Corel Graphics - Windows Shell Extension (HKLM\...\_{4AB916EE-ABA8-4079-9889-745798B6D809}) (Version: 17.0.0.491 - Corel Corporation) Corel Graphics - Windows Shell Extension (Version: 17.0.491 - Corel Corporation) Hidden Corel Graphics - Windows Shell Extension 32 Bit (Version: 17.0.491 - Corel Corporation) Hidden CorelDRAW Graphics Suite X7 - Capture (x64) (Version: 17.0 - Corel Corporation) Hidden CorelDRAW Graphics Suite X7 - Common (x64) (Version: 17.0 - Corel Corporation) Hidden CorelDRAW Graphics Suite X7 - Connect (x64) (Version: 17.0 - Corel Corporation) Hidden CorelDRAW Graphics Suite X7 - Custom Data (x64) (Version: 17.0 - Corel Corporation) Hidden CorelDRAW Graphics Suite X7 - Draw (x64) (Version: 17.0 - Corel Corporation) Hidden CorelDRAW Graphics Suite X7 - Filters (x64) (Version: 17.0 - Corel Corporation) Hidden CorelDRAW Graphics Suite X7 - FontNav (x64) (Version: 17.0 - Corel Corporation) Hidden CorelDRAW Graphics Suite X7 - IPM Content (x64) (Version: 17.0 - Corel Corporation) Hidden CorelDRAW Graphics Suite X7 - IPM T (x64) (Version: 17.0 - Corel Corporation) Hidden CorelDRAW Graphics Suite X7 - PHOTO-PAINT (x64) (Version: 17.0 - Corel Corporation) Hidden CorelDRAW Graphics Suite X7 - Photozoom Plugin (x64) (Version: 17.0 - Corel Corporation) Hidden CorelDRAW Graphics Suite X7 - PL (x64) (Version: 17.0 - Corel Corporation) Hidden CorelDRAW Graphics Suite X7 - Redist (x64) (Version: 17.0 - Corel Corporation) Hidden CorelDRAW Graphics Suite X7 - Setup Files (x64) (Version: 17.0 - Corel Corporation) Hidden CorelDRAW Graphics Suite X7 - VBA (x64) (Version: 17.0 - Corel Corporation) Hidden CorelDRAW Graphics Suite X7 - VideoBrowser (x64) (Version: 17.0 - Corel Corporation) Hidden CorelDRAW Graphics Suite X7 - Writing Tools (x64) (Version: 17.0 - Corel Corporation) Hidden CorelDRAW Graphics Suite X7 (64-Bit) (HKLM\...\_{5CB73140-806C-42C6-A05A-1AFD0E92DEB5}) (Version: 17.0.0.491 - Corel Corporation) Destinations (x32 Version: 130.0.0.0 - Hewlett-Packard) Hidden DeviceDiscovery (x32 Version: 130.0.465.000 - Hewlett-Packard) Hidden DocProc (x32 Version: 13.0.0.0 - Hewlett-Packard) Hidden Dropbox (HKU\S-1-5-21-319184298-1583452019-1941364810-1000\...\Dropbox) (Version: 3.2.6 - Dropbox, Inc.) Easy Settings (HKLM-x32\...\{17283B95-21A8-4996-97DA-547A48DB266F}) (Version: 1.1 - Samsung Electronics CO., LTD.) ETDWare PS/2-X64 10.7.17.5_WHQL (HKLM\...\Elantech) (Version: 10.7.17.5 - ELAN Microelectronic Corp.) FARO LS 1.1.501.0 (64bit) (HKLM-x32\...\{8A470330-70B2-49AD-86AF-79885EF9898A}) (Version: 5.1.0.30630 - FARO Scanner Production) FARO LS 1.1.501.0 (HKLM-x32\...\{8F196892-666A-4A40-8587-6AE38F78A5C2}) (Version: 5.1.0.30630 - FARO Scanner Production) Fax (x32 Version: 130.0.418.000 - Hewlett-Packard) Hidden Ghostscript GPL 8.64 (Msi Setup) (HKLM-x32\...\_{06CD45E6-FF5E-4D8E-BC01-B276A90DADF2}) (Version: 8.64 - Corel Corporation) Ghostscript GPL 8.64 (Msi Setup) (x32 Version: 8.64 - Corel Corporation) Hidden Glary Utilities 5.19 (HKLM-x32\...\Glary Utilities 5) (Version: 5.19.0.32 - Glarysoft Ltd) GPBaseService2 (x32 Version: 130.0.371.000 - Hewlett-Packard) Hidden HP Customer Participation Program 13.0 (HKLM\...\HPExtendedCapabilities) (Version: 13.0 - HP) HP Imaging Device Functions 13.0 (HKLM\...\HP Imaging Device Functions) (Version: 13.0 - HP) HP Photosmart All-In-One Driver Software 13.0 Rel. 2 (HKLM\...\{988329F4-A1A1-4D51-803C-EF2725A97627}) (Version: 13.0 - HP) HP Photosmart Essential 3.5 (HKLM\...\HP Photosmart Essential) (Version: 3.5 - HP) HP Smart Web Printing 4.51 (HKLM\...\HP Smart Web Printing) (Version: 4.51 - HP) HP Solution Center 13.0 (HKLM\...\HP Solution Center & Imaging Support Tools) (Version: 13.0 - HP) HP Update (HKLM-x32\...\{7059BDA7-E1DB-442C-B7A1-6144596720A4}) (Version: 4.000.011.006 - Hewlett-Packard) HPPhotoGadget (x32 Version: 130.0.282.000 - Hewlett-Packard) Hidden HPPhotoSmartDiscLabel_PaperLabel (x32 Version: 2.04.0000 - Hewlett-Packard) Hidden HPPhotoSmartDiscLabel_PrintOnDisc (x32 Version: 2.04.0000 - Hewlett-Packard) Hidden HPPhotoSmartDiscLabelContent1 (x32 Version: 2.04.0000 - Hewlett-Packard) Hidden hpphotosmartdisclabelplugin (x32 Version: 2.04.0000 - Hewlett-Packard) Hidden HPPhotosmartEssential (x32 Version: 2.04.0000 - Hewlett-Packard) Hidden HPProductAssistant (x32 Version: 130.0.371.000 - Hewlett-Packard) Hidden Intel(R) C++ Redistributables for Windows* on Intel(R) 64 (HKLM-x32\...\{D2437C5C-2D8C-40D2-8059-689AD7239FA3}) (Version: 11.1.048 - Intel Corporation) Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 7.0.0.1144 - Intel Corporation) Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 8.15.10.2622 - Intel Corporation) Intel(R) PROSet/Wireless for Bluetooth(R) 3.0 + High Speed (HKLM\...\{2C0E6BD4-65B1-4E82-B2AC-43EFFC8F100C}) (Version: 15.0.0.0059 - Intel Corporation) Intel(R) PROSet/Wireless Software for Bluetooth(R) Technology (HKLM\...\{077BF055-512A-4D48-B3C2-44AD860FEB0A}) (Version: 1.3.0.0621 - Intel Corporation) Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 10.1.5.1001 - Intel Corporation) Malwarebytes Anti-Malware wersja 2.0.4.1028 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.4.1028 - Malwarebytes Corporation) MarketResearch (x32 Version: 130.0.374.000 - Hewlett-Packard) Hidden Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation) Microsoft .NET Framework 4.5.2 (Polski) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1045) (Version: 4.5.51209 - Microsoft Corporation) Microsoft Office Professional Plus 2010 (HKLM\...\Office14.PROPLUS) (Version: 14.0.4763.1000 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual Studio Tools for Applications 2012 (HKLM-x32\...\{89ca2a32-2b52-4595-8dfd-6fe4757958d0}) (Version: 11.0.51108 - Microsoft Corporation) Mozilla Firefox 36.0.1 (x86 pl) (HKLM-x32\...\Mozilla Firefox 36.0.1 (x86 pl)) (Version: 36.0.1 - Mozilla) MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation) MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation) Network64 (Version: 130.0.572.000 - Hewlett-Packard) Hidden Norton 360 (HKLM-x32\...\N360) (Version: 21.6.0.32 - Symantec Corporation) NVIDIA Sterownik graficzny 327.02 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 327.02 - NVIDIA Corporation) OCR Software by I.R.I.S. 13.0 (HKLM\...\HPOCR) (Version: 13.0 - HP) Oprogramowanie Intel® PROSet/Wireless WiFi (HKLM\...\{DF7756DD-656A-45C3-BA71-74673E8259A9}) (Version: 15.00.0000.0642 - Intel Corporation) Pacote de Idiomas do Microsoft Visual Studio Tools for Applications 2012 x64 Hosting Support - PTB (Version: 11.0.51108 - Microsoft Corporation) Hidden Pacote de Idiomas do Microsoft Visual Studio Tools for Applications 2012 x86 Hosting Support - PTB (x32 Version: 11.0.51108 - Microsoft Corporation) Hidden paint.net (HKLM\...\{19BD2C33-16A8-4ED1-B9EA-D9E35B21EC42}) (Version: 4.0.5 - dotPDN LLC) Panel sterowania NVIDIA 327.02 (Version: 327.02 - NVIDIA Corporation) Hidden PS_AIO_02_ProductContext (x32 Version: 130.0.365.000 - Hewlett-Packard) Hidden PS_AIO_02_Software (x32 Version: 130.0.365.000 - Hewlett-Packard) Hidden PS_AIO_02_Software_Min (x32 Version: 130.0.365.000 - Hewlett-Packard) Hidden RAPID Mode (Version: 1.0.1.81 - Samsung Electronics Co., Ltd.) Hidden Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.44.421.2011 - Realtek) Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6413 - Realtek Semiconductor Corp.) Samsung Kiera2 Wireless SS 5.40.3671 (HKLM-x32\...\{8FE20896-3147-43FE-A0FA-1DE33D011511}) (Version: 5.40.3671 - Samsung) Samsung Magician (HKLM-x32\...\{29AE3F9F-7158-4ca7-B1ED-28A73ECDB215}_is1) (Version: 4.5.1 - Samsung Electronics) Scan (x32 Version: 13.0.0.0 - Hewlett-Packard) Hidden SketchUp 2015 (HKLM\...\{350488A4-1540-4103-8F01-B27503891EB0}) (Version: 15.3.331 - Trimble Navigation Limited) SketchUp Import for AutoCAD 2014 (HKLM-x32\...\{644E9589-F73A-49A4-AC61-A953B9DE5669}) (Version: 1.1.0 - Autodesk) Skype™ 7.1 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.1.105 - Skype Technologies S.A.) SmartWebPrinting (x32 Version: 130.0.457.000 - Hewlett-Packard) Hidden SolutionCenter (x32 Version: 130.0.373.000 - Hewlett-Packard) Hidden Status (x32 Version: 130.0.469.000 - Hewlett-Packard) Hidden Toolbox (x32 Version: 130.0.648.000 - Hewlett-Packard) Hidden TrayApp (x32 Version: 130.0.422.000 - Hewlett-Packard) Hidden UnloadSupport (x32 Version: 11.0.0 - Hewlett-Packard) Hidden VLC media player (HKLM\...\VLC media player) (Version: 2.1.5 - VideoLAN) WebReg (x32 Version: 130.0.132.017 - Hewlett-Packard) Hidden WinCDEmu (HKLM-x32\...\WinCDEmu) (Version: 3.6 - Bazis) Языковой пакет для поддержки размещения набора средств Microsoft Visual Studio Tools для работы с приложениями 2012 (x64) - RUS (Version: 11.0.51108 - Microsoft Corporation) Hidden Языковой пакет для поддержки размещения набора средств Microsoft Visual Studio Tools для работы с приложениями 2012 (x86) - RUS (x32 Version: 11.0.51108 - Microsoft Corporation) Hidden ==================== Custom CLSID (selected items): ========================== (If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.) CustomCLSID: HKU\S-1-5-21-319184298-1583452019-1941364810-1000_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Julia\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-319184298-1583452019-1941364810-1000_Classes\CLSID\{6A221957-2D85-42A7-8E19-BE33950D1DEB}\localserver32 -> C:\Program Files\Autodesk\AutoCAD 2014\acad.exe (Autodesk, Inc.) CustomCLSID: HKU\S-1-5-21-319184298-1583452019-1941364810-1000_Classes\CLSID\{7DE1BE5C-CEBA-4F1D-ACBC-9CE11EE9A2A1}\localserver32 -> C:\Program Files\Autodesk\AutoCAD 2014\acad.exe (Autodesk, Inc.) CustomCLSID: HKU\S-1-5-21-319184298-1583452019-1941364810-1000_Classes\CLSID\{BD0DEB94-63DB-4392-9420-6EEE05094B1F}\localserver32 -> C:\Program Files\Autodesk\AutoCAD 2014\acad.exe (Autodesk, Inc.) CustomCLSID: HKU\S-1-5-21-319184298-1583452019-1941364810-1000_Classes\CLSID\{E2C40589-DE61-11ce-BAE0-0020AF6D7005}\InprocServer32 -> C:\Program Files\Autodesk\AutoCAD 2014\pl-PL\acadficn.dll (Autodesk, Inc.) ==================== Restore Points ========================= 22-02-2015 21:53:52 Zainstalowany program DirectX 22-02-2015 22:28:32 Removed Autodesk 360 25-02-2015 11:08:59 Windows Update 28-02-2015 19:37:00 Windows Update ==================== Hosts content: ========================== (If needed Hosts: directive could be included in the fixlist to reset Hosts.) 2009-07-14 03:34 - 2009-06-10 22:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts ==================== Scheduled Tasks (whitelisted) ============= (If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.) Task: {17A31300-798A-4ABF-8573-0FA6C611BC89} - System32\Tasks\SCCSpeedBoot => C:\Program Files (x86)\Samsung\Easy Settings\SCCSpeedBoot.exe [2012-03-27] (Samsung Electronics Co., Ltd.) Task: {42299BE9-040C-49F9-B7DD-C50C1EDD3386} - System32\Tasks\GlaryInitialize 5 => C:\Program Files (x86)\Glary Utilities 5\Initialize.exe [2015-02-12] (Glarysoft Ltd) Task: {595C7C0E-5CC8-448A-9B42-0B7BE7B3FEAC} - System32\Tasks\Norton 360\Norton Error Processor => C:\Program Files (x86)\Norton 360\Engine\21.6.0.32\SymErr.exe [2014-01-30] (Symantec Corporation) Task: {69DB6EF4-80E9-48AF-8AFE-FF0B718A491C} - System32\Tasks\EasyDisplayMgr => C:\Program Files (x86)\Samsung\Easy Settings\dmhkcore.exe [2012-05-30] (Samsung Electronics Co., Ltd.) Task: {79541DCE-8C1B-44E5-86E2-F388E17D4370} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2015-01-20] (Piriform Ltd) Task: {7D72DCF2-45DA-4910-8E1D-EF8BB8CC68F8} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-02-18] (Adobe Systems Incorporated) Task: {85AAB5A0-406F-45FA-896A-8F998011FB6B} - System32\Tasks\MovieColorEnhancer => C:\Program Files (x86)\Samsung\Easy Settings\MovieColorEnhancer.exe [2012-04-25] (Samsung Electronics Co., Ltd.) Task: {8AFF6EE8-6BC0-4FEE-93CD-A99087A98712} - System32\Tasks\GU5SkipUAC => C:\Program Files (x86)\Glary Utilities 5\Integrator.exe [2015-02-12] (Glarysoft Ltd) Task: {A6F92DA1-4F0C-4D50-B5A9-F12646171874} - System32\Tasks\WLANStartup => C:\Program Files (x86)\Samsung\Easy Settings\WLANStartup.exe [2012-04-03] (Samsung Electronics) Task: {B168AAAD-AC7B-4D09-A2C8-B6D62DE875E9} - System32\Tasks\SmartSetting => C:\Program Files (x86)\Samsung\Easy Settings\SmartSetting.exe [2012-05-02] (Samsung Electronics Co., Ltd.) Task: {B508DB91-D76F-430A-A22A-5D357F17B291} - System32\Tasks\EasySpeedUpManager => C:\Program Files (x86)\Samsung\Easy Settings\EasySpeedUpManager.exe [2012-01-31] (Samsung Electronics) Task: {B6EEDEEF-49F1-43BB-8907-A38A257337B1} - System32\Tasks\EasyBatteryManager => C:\Program Files (x86)\Samsung\Easy Settings\EBM\EasyBatteryMgr4.exe [2011-11-18] (SAMSUNG Electronics co., LTD.) Task: {BA5613F4-59A8-4FB1-81E5-DEE491331DDD} - System32\Tasks\SamsungMagician => C:\Program Files (x86)\Samsung Magician\Samsung Magician.exe [2014-09-28] (Samsung Electronics.) Task: {BFCAA03C-C47A-4D42-82CF-F203396250BB} - System32\Tasks\Norton WSC Integration => C:\Program Files (x86)\Norton 360\Engine\21.6.0.32\WSCStub.exe [2014-09-21] (Symantec Corporation) Task: {C0934E5E-570E-4D28-AA7D-AC38F5D3C125} - System32\Tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask => Sc.exe start osppsvc Task: {F8A32A1D-4A31-4495-9D09-139E921350E0} - System32\Tasks\Norton 360\Norton Error Analyzer => C:\Program Files (x86)\Norton 360\Engine\21.6.0.32\SymErr.exe [2014-01-30] (Symantec Corporation) Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe Task: C:\Windows\Tasks\GlaryInitialize 5.job => C:\Program Files (x86)\Glary Utilities 5\Initialize.exe ==================== Loaded Modules (whitelisted) ============== 2015-02-14 22:38 - 2013-08-29 23:43 - 00097568 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll 2015-02-14 21:10 - 2012-02-13 15:02 - 00031624 _____ () C:\Program Files (x86)\Samsung\Easy Settings\SamsungDeviceConfiguration.exe 2013-09-05 02:36 - 2013-09-05 02:36 - 00013088 _____ () C:\Program Files\NVIDIA Corporation\CoProcManager\detoured.dll 2012-01-10 13:12 - 2015-02-11 23:20 - 00094208 _____ () C:\Windows\system32\IccLibDll_x64.dll 2011-04-29 19:23 - 2011-04-29 19:23 - 00125376 _____ () C:\Program Files\Common Files\Autodesk Shared\WSCommCntr4\lib\axutil.dll 2011-04-29 19:23 - 2011-04-29 19:23 - 00385984 _____ () C:\Program Files\Common Files\Autodesk Shared\WSCommCntr4\lib\axis2_engine.dll 2011-04-29 19:23 - 2011-04-29 19:23 - 00158144 _____ () C:\Program Files\Common Files\Autodesk Shared\WSCommCntr4\lib\axiom.dll 2011-04-29 19:23 - 2011-04-29 19:23 - 00034752 _____ () C:\Program Files\Common Files\Autodesk Shared\WSCommCntr4\lib\axis2_parser.dll 2011-04-29 19:27 - 2011-04-29 19:27 - 01315264 _____ () C:\Program Files\Common Files\Autodesk Shared\WSCommCntr4\lib\libxml2.dll 2011-04-29 19:23 - 2011-04-29 19:23 - 00103360 _____ () C:\Program Files\Common Files\Autodesk Shared\WSCommCntr4\lib\neethi.dll 2011-04-29 19:23 - 2011-04-29 19:23 - 00046528 _____ () C:\Program Files\Common Files\Autodesk Shared\WSCommCntr4\lib\axis2_http_sender.dll 2011-04-29 19:23 - 2011-04-29 19:23 - 00021440 _____ () C:\Program Files\Common Files\Autodesk Shared\WSCommCntr4\lib\axis2_http_receiver.dll 2011-04-29 19:23 - 2011-04-29 19:23 - 00032192 _____ () C:\Program Files\Common Files\Autodesk Shared\WSCommCntr4\modules\addressing\axis2_mod_addr.dll 2011-04-29 19:23 - 2011-04-29 19:23 - 00014784 _____ () C:\Program Files\Common Files\Autodesk Shared\WSCommCntr4\modules\logging\axis2_mod_log.dll 2015-03-05 23:37 - 2015-03-05 23:37 - 00050477 _____ () D:\Dropbox\Uczelnia\nowy list miłosny od Samsunga Julii\nowe\Defogger.exe 2015-03-05 23:35 - 2015-03-05 23:35 - 00380416 _____ () D:\Dropbox\Uczelnia\nowy list miłosny od Samsunga Julii\nowe\009gpb0c.exe 2015-02-16 11:17 - 2015-02-10 22:00 - 00750080 _____ () C:\Users\Julia\AppData\Roaming\Dropbox\bin\libGLESv2.dll 2015-03-06 15:56 - 2015-03-06 15:56 - 00043008 _____ () c:\users\julia\appdata\local\temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpz0tazx.dll 2015-02-16 11:17 - 2015-02-10 22:00 - 00047616 _____ () C:\Users\Julia\AppData\Roaming\Dropbox\bin\libEGL.dll 2015-02-16 11:32 - 2015-02-10 22:00 - 00865280 _____ () C:\Users\Julia\AppData\Roaming\Dropbox\bin\plugins\platforms\qwindows.dll 2015-02-16 11:32 - 2015-02-10 22:00 - 00200704 _____ () C:\Users\Julia\AppData\Roaming\Dropbox\bin\plugins\imageformats\qjpeg.dll 2015-02-14 21:10 - 2011-02-17 01:03 - 00203776 _____ () C:\Program Files (x86)\Samsung\Easy Settings\WinCRT.dll 2015-02-14 22:21 - 2014-09-28 17:59 - 00019872 _____ () C:\Program Files (x86)\Samsung Magician\SAMSUNG_SSD.dll 2015-02-14 21:10 - 2006-08-12 12:48 - 00049152 _____ () C:\Program Files (x86)\Samsung\Easy Settings\HookDllPS2.dll 2015-02-14 22:38 - 2015-02-14 22:38 - 00169472 _____ () C:\Windows\assembly\NativeImages_v2.0.50727_32\IsdiInterop\17c296575fad30d021e6370dc70cf800\IsdiInterop.ni.dll 2015-02-11 23:19 - 2011-02-18 08:16 - 00058880 _____ () C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IsdiInterop.dll ==================== Alternate Data Streams (whitelisted) ========= (If an entry is included in the fixlist, only the Alternate Data Streams will be removed.) AlternateDataStreams: C:\ProgramData\Reprise:wupeogjxldtlfudivq`qsp`26hfm AlternateDataStreams: C:\Users\Julia\Desktop\plan-michal.gif:com.dropbox.attributes ==================== Safe Mode (whitelisted) =================== (If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.) ==================== EXE Association (whitelisted) =============== (If an entry is included in the fixlist, the default will be restored. None default entries will be removed.) ==================== Other Areas ============================ (Currently there is no automatic fix for this section.) HKU\S-1-5-21-319184298-1583452019-1941364810-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Julia\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg DNS Servers: 192.168.1.1 ==================== MSCONFIG/TASK MANAGER disabled items == (Currently there is no automatic fix for this section.) MSCONFIG\Services: AdobeARMservice => 2 MSCONFIG\Services: AdobeFlashPlayerUpdateSvc => 3 MSCONFIG\Services: SkypeUpdate => 2 MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^HP Digital Imaging Monitor.lnk => C:\Windows\pss\HP Digital Imaging Monitor.lnk.CommonStartup MSCONFIG\startupfolder: C:^Users^Julia^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Dropbox.lnk => C:\Windows\pss\Dropbox.lnk.Startup MSCONFIG\startupreg: Adobe ARM => "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" MSCONFIG\startupreg: BCSSync => "C:\Program Files\Microsoft Office\Office14\BCSSync.exe" /DelayServices MSCONFIG\startupreg: GUDelayStartup => "C:\Program Files (x86)\Glary Utilities 5\StartupManager.exe" -delayrun MSCONFIG\startupreg: HP Software Update => C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe MSCONFIG\startupreg: hpqSRMon => C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSRMon.exe ==================== Accounts: ============================= Administrator (S-1-5-21-319184298-1583452019-1941364810-500 - Administrator - Disabled) Gość (S-1-5-21-319184298-1583452019-1941364810-501 - Limited - Disabled) Julia (S-1-5-21-319184298-1583452019-1941364810-1000 - Administrator - Enabled) => C:\Users\Julia UpdatusUser (S-1-5-21-319184298-1583452019-1941364810-1001 - Limited - Enabled) => C:\Users\UpdatusUser ==================== Faulty Device Manager Devices ============= ==================== Event log errors: ========================= Application errors: ================== Error: (03/06/2015 04:09:50 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Nazwa aplikacji powodującej błąd: WSCommCntr4.exe, wersja: 4.0.3.0, sygnatura czasowa: 0x50dcb523 Nazwa modułu powodującego błąd: WSCommCntr4.exe, wersja: 4.0.3.0, sygnatura czasowa: 0x50dcb523 Kod wyjątku: 0xc0000005 Przesunięcie błędu: 0x0000000000016490 Identyfikator procesu powodującego błąd: 0xe24 Godzina uruchomienia aplikacji powodującej błąd: 0xWSCommCntr4.exe0 Ścieżka aplikacji powodującej błąd: WSCommCntr4.exe1 Ścieżka modułu powodującego błąd: WSCommCntr4.exe2 Identyfikator raportu: WSCommCntr4.exe3 Error: (03/06/2015 03:58:30 PM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (03/06/2015 03:57:33 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Nazwa aplikacji powodującej błąd: obexsrv.exe, wersja: 1.3.0.117, sygnatura czasowa: 0x4eb14fbb Nazwa modułu powodującego błąd: ntdll.dll, wersja: 6.1.7601.18247, sygnatura czasowa: 0x521ea8e7 Kod wyjątku: 0xc0000005 Przesunięcie błędu: 0x0002e3be Identyfikator procesu powodującego błąd: 0x824 Godzina uruchomienia aplikacji powodującej błąd: 0xobexsrv.exe0 Ścieżka aplikacji powodującej błąd: obexsrv.exe1 Ścieżka modułu powodującego błąd: obexsrv.exe2 Identyfikator raportu: obexsrv.exe3 Error: (03/06/2015 00:47:41 PM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (03/06/2015 06:49:43 AM) (Source: Application Error) (EventID: 1000) (User: ) Description: Nazwa aplikacji powodującej błąd: obexsrv.exe, wersja: 1.3.0.117, sygnatura czasowa: 0x4eb14fbb Nazwa modułu powodującego błąd: obexsrv.exe, wersja: 1.3.0.117, sygnatura czasowa: 0x4eb14fbb Kod wyjątku: 0xc0000005 Przesunięcie błędu: 0x0001ab8e Identyfikator procesu powodującego błąd: 0x818 Godzina uruchomienia aplikacji powodującej błąd: 0xobexsrv.exe0 Ścieżka aplikacji powodującej błąd: obexsrv.exe1 Ścieżka modułu powodującego błąd: obexsrv.exe2 Identyfikator raportu: obexsrv.exe3 Error: (03/06/2015 06:47:01 AM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (03/05/2015 09:22:29 PM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (03/05/2015 09:21:32 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Nazwa aplikacji powodującej błąd: obexsrv.exe, wersja: 1.3.0.117, sygnatura czasowa: 0x4eb14fbb Nazwa modułu powodującego błąd: obexsrv.exe, wersja: 1.3.0.117, sygnatura czasowa: 0x4eb14fbb Kod wyjątku: 0xc0000005 Przesunięcie błędu: 0x0001a95e Identyfikator procesu powodującego błąd: 0x838 Godzina uruchomienia aplikacji powodującej błąd: 0xobexsrv.exe0 Ścieżka aplikacji powodującej błąd: obexsrv.exe1 Ścieżka modułu powodującego błąd: obexsrv.exe2 Identyfikator raportu: obexsrv.exe3 Error: (03/05/2015 09:17:17 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Nazwa aplikacji powodującej błąd: plugin-container.exe, wersja: 36.0.0.5531, sygnatura czasowa: 0x54eb029a Nazwa modułu powodującego błąd: mozalloc.dll, wersja: 36.0.0.5531, sygnatura czasowa: 0x54eaf3b7 Kod wyjątku: 0x80000003 Przesunięcie błędu: 0x00001e02 Identyfikator procesu powodującego błąd: 0x210 Godzina uruchomienia aplikacji powodującej błąd: 0xplugin-container.exe0 Ścieżka aplikacji powodującej błąd: plugin-container.exe1 Ścieżka modułu powodującego błąd: plugin-container.exe2 Identyfikator raportu: plugin-container.exe3 Error: (03/05/2015 09:17:17 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Nazwa aplikacji powodującej błąd: mbamservice.exe, wersja: 3.0.8.1, sygnatura czasowa: 0x546e4a58 Nazwa modułu powodującego błąd: mbamservice.exe, wersja: 3.0.8.1, sygnatura czasowa: 0x546e4a58 Kod wyjątku: 0x40000015 Przesunięcie błędu: 0x0008f796 Identyfikator procesu powodującego błąd: 0x754 Godzina uruchomienia aplikacji powodującej błąd: 0xmbamservice.exe0 Ścieżka aplikacji powodującej błąd: mbamservice.exe1 Ścieżka modułu powodującego błąd: mbamservice.exe2 Identyfikator raportu: mbamservice.exe3 System errors: ============= Error: (03/06/2015 03:57:34 PM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: Usługa Bluetooth OBEX Service niespodziewanie zakończyła pracę. Wystąpiło to razy: 1. Error: (03/06/2015 01:00:36 PM) (Source: Schannel) (EventID: 4114) (User: Julia-Komputer) Description: Certyfikat otrzymany z serwera zdalnego został wystawiony przez niezaufany urząd certyfikacji. Dlatego nie można zweryfikować żadnych danych zawartych w tym certyfikacie. Żądanie połączenia SLL nie powiodło się. W dołączonych danych znajduje się certyfikat serwera. Error: (03/06/2015 01:00:36 PM) (Source: Schannel) (EventID: 4120) (User: Julia-Komputer) Description: Został wygenerowany następujący alert krytyczny: 48. Stan błędu wewnętrznego: 552. Error: (03/06/2015 06:49:43 AM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: Usługa Bluetooth OBEX Service niespodziewanie zakończyła pracę. Wystąpiło to razy: 1. Error: (03/05/2015 09:21:33 PM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: Usługa Bluetooth OBEX Service niespodziewanie zakończyła pracę. Wystąpiło to razy: 1. Error: (03/05/2015 09:17:47 PM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: Usługa MBAMService niespodziewanie zakończyła pracę. Wystąpiło to razy: 1. Error: (03/05/2015 03:39:26 PM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: Usługa Autodesk Content Service niespodziewanie zakończyła pracę. Wystąpiło to razy: 8. W przeciągu 10000 milisekund zostanie podjęta następująca czynność korekcyjna: Uruchom usługę ponownie. Error: (03/05/2015 01:04:12 PM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: Usługa Autodesk Content Service niespodziewanie zakończyła pracę. Wystąpiło to razy: 7. W przeciągu 10000 milisekund zostanie podjęta następująca czynność korekcyjna: Uruchom usługę ponownie. Error: (03/05/2015 00:44:00 PM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: Usługa Autodesk Content Service niespodziewanie zakończyła pracę. Wystąpiło to razy: 6. W przeciągu 10000 milisekund zostanie podjęta następująca czynność korekcyjna: Uruchom usługę ponownie. Error: (03/05/2015 00:38:48 PM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: Usługa Autodesk Content Service niespodziewanie zakończyła pracę. Wystąpiło to razy: 5. W przeciągu 10000 milisekund zostanie podjęta następująca czynność korekcyjna: Uruchom usługę ponownie. Microsoft Office Sessions: ========================= Error: (03/06/2015 04:09:50 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: WSCommCntr4.exe4.0.3.050dcb523WSCommCntr4.exe4.0.3.050dcb523c00000050000000000016490e2401d0581f0d463edeC:\Program Files\Common Files\Autodesk Shared\WSCommCntr4\lib\WSCommCntr4.exeC:\Program Files\Common Files\Autodesk Shared\WSCommCntr4\lib\WSCommCntr4.exed5885320-c412-11e4-9365-e8039aa49beb Error: (03/06/2015 03:58:30 PM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (03/06/2015 03:57:33 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: obexsrv.exe1.3.0.1174eb14fbbntdll.dll6.1.7601.18247521ea8e7c00000050002e3be82401d0581dc0c9a2dfC:\Program Files (x86)\Intel\Bluetooth\obexsrv.exeC:\Windows\SysWOW64\ntdll.dll1e4c4f1b-c411-11e4-9365-f81ffbd9734b Error: (03/06/2015 00:47:41 PM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (03/06/2015 06:49:43 AM) (Source: Application Error) (EventID: 1000) (User: ) Description: obexsrv.exe1.3.0.1174eb14fbbobexsrv.exe1.3.0.1174eb14fbbc00000050001ab8e81801d057d0b679f447C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exeC:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe95e95de3-c3c4-11e4-8379-e8039aa49beb Error: (03/06/2015 06:47:01 AM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (03/05/2015 09:22:29 PM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (03/05/2015 09:21:32 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: obexsrv.exe1.3.0.1174eb14fbbobexsrv.exe1.3.0.1174eb14fbbc00000050001a95e83801d05781d9a58fb4C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exeC:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe367138ca-c375-11e4-825e-e8039aa49beb Error: (03/05/2015 09:17:17 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: plugin-container.exe36.0.0.553154eb029amozalloc.dll36.0.0.553154eaf3b78000000300001e0221001d05722806fe43fC:\Program Files (x86)\Mozilla Firefox\plugin-container.exeC:\Program Files (x86)\Mozilla Firefox\mozalloc.dll9dfa8a4c-c374-11e4-a647-b803058adc29 Error: (03/05/2015 09:17:17 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: mbamservice.exe3.0.8.1546e4a58mbamservice.exe3.0.8.1546e4a58400000150008f79675401d0571b74aba641C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exeC:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe9df9c6f9-c374-11e4-a647-b803058adc29 ==================== Memory info =========================== Processor: Intel(R) Core(TM) i3-2350M CPU @ 2.30GHz Percentage of memory in use: 83% Total physical RAM: 6057.55 MB Available physical RAM: 980.36 MB Total Pagefile: 15140.73 MB Available Pagefile: 10129.61 MB Total Virtual: 8192 MB Available Virtual: 8191.8 MB ==================== Drives ================================ Drive c: () (Fixed) (Total:132.71 GB) (Free:80.58 GB) NTFS Drive d: () (Fixed) (Total:100.07 GB) (Free:90.72 GB) NTFS ==================== MBR & Partition Table ================== ======================================================== Disk: 0 (MBR Code: Windows 7 or 8) (Size: 232.9 GB) (Disk ID: 73822C0E) Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS) Partition 2: (Not Active) - (Size=132.7 GB) - (Type=07 NTFS) Partition 3: (Not Active) - (Size=100.1 GB) - (Type=07 NTFS) ==================== End Of Log ============================