Additional scan result of Farbar Recovery Scan Tool (x64) Version: 26-04-2015 Ran by Marta K at 2015-04-26 20:41:50 Running from C:\Users\Marta K\Downloads Boot Mode: Normal ========================================================== ==================== Accounts: ============================= Administrator (S-1-5-21-1465946743-85629477-4087647475-500 - Administrator - Disabled) => C:\Users\Administrator Gość (S-1-5-21-1465946743-85629477-4087647475-501 - Limited - Disabled) HomeGroupUser$ (S-1-5-21-1465946743-85629477-4087647475-1003 - Limited - Enabled) Marta K (S-1-5-21-1465946743-85629477-4087647475-1001 - Administrator - Enabled) => C:\Users\Marta K ==================== Security Center ======================== (If an entry is included in the fixlist, it will be removed.) AV: ESET NOD32 Antivirus 7.0 (Enabled - Up to date) {19259FAE-8396-A113-46DB-15B0E7DFA289} AV: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: ESET NOD32 Antivirus 8.0 (Enabled - Up to date) {A2447E4A-A5AC-AE9D-7C6B-2EC29C58E834} ==================== Installed Programs ====================== (Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.) 2007 Microsoft Office Suite Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft) 2007 Microsoft Office Suite Service Pack 3 (SP3) (x32 Version: - Microsoft) Hidden Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 13.0.0.83 - Adobe Systems Incorporated) Adobe Flash Player 17 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 17.0.0.169 - Adobe Systems Incorporated) Adobe Photoshop Elements 11 (HKLM-x32\...\Adobe Photoshop Elements 11) (Version: 11.0 - Adobe Systems Incorporated) Adobe Reader X (10.1.3) MUI (HKLM-x32\...\{AC76BA86-7AD7-FFFF-7B44-AA0000000001}) (Version: 10.1.3 - Adobe Systems Incorporated) Aktualizacja produktu Microsoft Office Excel 2007 Help (KB963678) (HKLM-x32\...\{90120000-0016-0415-0000-0000000FF1CE}_ENTERPRISE_{04E205D6-88B1-4652-B162-42DF2C3B1228}) (Version: - Microsoft) Aktualizacja produktu Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM-x32\...\{90120000-0018-0415-0000-0000000FF1CE}_ENTERPRISE_{442ECBCF-94A7-48CC-8CD9-D31FFFD5FA86}) (Version: - Microsoft) Aktualizacja produktu Microsoft Office Word 2007 Help (KB963665) (HKLM-x32\...\{90120000-001B-0415-0000-0000000FF1CE}_ENTERPRISE_{128A36ED-21BE-4547-9FFE-5B85AEC735DD}) (Version: - Microsoft) AMD Catalyst Install Manager (HKLM\...\{3FF69337-3AAB-140F-3F86-5500EDB4810E}) (Version: 8.0.903.0 - Advanced Micro Devices, Inc.) Bandizip (HKLM\...\Bandizip) (Version: 5.03 - Bandisoft.com) Bitcasa version 0.9.20.4135 (HKLM\...\{EDA09459-AD7D-4434-BA0C-647F6703EA12}_is1) (Version: 0.9.20.4135 - Bitcasa Inc.) CyberLink Power2Go 8 (HKLM-x32\...\InstallShield_{2A87D48D-3FDF-41fd-97CD-A1E370EFFFE2}) (Version: 8.0.0.1912 - CyberLink Corp.) CyberLink PowerDVD 10 (HKLM-x32\...\InstallShield_{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}) (Version: 10.0.4421.02 - CyberLink Corp.) D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden Easy File Share (HKLM-x32\...\{A7C37D4B-F37A-42E8-9B6A-B28C18AD4C12}) (Version: 1.3.6 - Samsung Electronics CO.,LTD.) e-Deklaracje Desktop (HKLM-x32\...\e-Deklaracje.A1909296681C7ACEFE45687D3A64758C8659BF46.1) (Version: 7.0.3 - Ministerstwo Finansow) e-Deklaracje Desktop (x32 Version: 7.0.3 - Ministerstwo Finansow) Hidden Elements 11 Organizer (x32 Version: 11.0 - Adobe Systems Incorporated) Hidden e-pity 6.2 za rok 2014 (HKLM-x32\...\{80D8170E-5590-218-B9ED-E24E4C99A18C}_is1) (Version: - e-file sp. z o.o.) E-POP (HKLM-x32\...\{F06DD8D9-9DC8-430C-835C-C9BF21E05CC1}) (Version: 1.0.1 - Samsung Electronics CO., LTD.) ESET NOD32 Antivirus (HKLM\...\{C8566CCF-0795-4652-9665-42241B1EF38D}) (Version: 8.0.304.2 - ESET, spol s r. o.) ETDWare X64 11.7.5.5_WHQL (HKLM\...\Elantech) (Version: 11.7.5.5 - ELAN Microelectronic Corp.) Fotogalerie (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden Galeria fotografii (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden Galerie de photos (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden Google Chrome (HKLM-x32\...\Google Chrome) (Version: 42.0.2311.90 - Google Inc.) Google Update Helper (x32 Version: 1.3.26.9 - Google Inc.) Hidden Google+ Auto Backup (HKLM-x32\...\{A50DE037-B5C0-4C8A-8049-B0C576B313D1}) (Version: 1.0.21.81 - Google) Help Desk (HKLM\...\{22B32087-797D-4A1B-AFA7-072C87580ADC}) (Version: 1.0.9 - Samsung Electronics CO., LTD.) Java 7 Update 51 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217045FF}) (Version: 7.0.510 - Oracle) Microsoft Office Enterprise 2007 (HKLM-x32\...\ENTERPRISE) (Version: 12.0.6612.1000 - Microsoft Corporation) Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.20913.0 - Microsoft Corporation) Microsoft SkyDrive (HKU\S-1-5-21-1465946743-85629477-4087647475-1001\...\SkyDriveSetup.exe) (Version: 17.0.2015.0811 - Microsoft Corporation) Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319 (HKLM\...\{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}) (Version: 10.0.30319 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319 (HKLM-x32\...\{196BB40D-1578-3D01-B289-BEFC77A11A1E}) (Version: 10.0.30319 - Microsoft Corporation) Movie Maker (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden Mozilla Firefox 37.0.2 (x86 pl) (HKLM-x32\...\Mozilla Firefox 37.0.2 (x86 pl)) (Version: 37.0.2 - Mozilla) Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 29.0 - Mozilla) Norton Online Backup (HKLM-x32\...\{40A66DF6-22D3-44B5-A7D3-83B118A2C0DC}) (Version: 2.2.3.51 - Symantec Corporation) Norton Online Backup ARA (x32 Version: 4.1.0.14 - Symantec Corporation) Hidden OEM Application Profile (HKLM-x32\...\{24301870-5EEA-A07A-6265-2EA1E4A6A7CC}) (Version: 1.00.0000 - Advanced Micro Devices, Inc.) Phone Screen Sharing (HKLM-x32\...\{DF02C515-40B5-45AC-A601-5DC69D03885C}) (Version: 1.0.0.1 - RSUPPORT) Picasa 3 (HKLM-x32\...\Picasa 3) (Version: 3.9 - Google, Inc.) PIT Format 2013 (HKLM-x32\...\PIT Format 2013_is1) (Version: - Biuro Informatyki Stosowanej FORMAT) Plants vs. Zombies (HKLM-x32\...\Plants vs. Zombies) (Version: - PopCap Games) Podstawowe programy Windows Live (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3503.0728 - Microsoft Corporation) Podstawowe programy Windows Live (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden PSE11 STI Installer (x32 Version: 11.0 - Adobe Systems Incorporated) Hidden Qualcomm Atheros Bluetooth Suite (64) (HKLM\...\{A84A4FB1-D703-48DB-89E0-68B6499D2801}) (Version: 8.0.0.216 - Qualcomm Atheros Communications) Qualcomm Atheros Client Installation Program (HKLM-x32\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 10.0 - Qualcomm Atheros) Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.4.907.2012 - Realtek) Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6818 - Realtek Semiconductor Corp.) Recovery (HKLM-x32\...\{145DE957-0679-4A2A-BB5C-1D3E9808FAB2}) (Version: 6.0.9.6 - Samsung Electronics CO., LTD.) S Agent (Version: 1.1.40 - Samsung Electronics CO., LTD.) Hidden Samsung Kies (HKLM-x32\...\InstallShield_{758C8301-2696-4855-AF45-534B1200980A}) (Version: 2.5.2.13021_11 - Samsung Electronics Co., Ltd.) Samsung Kies (x32 Version: 2.5.2.13021_11 - Samsung Electronics Co., Ltd.) Hidden SAMSUNG USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.16.0 - SAMSUNG Electronics Co., Ltd.) Settings (HKLM-x32\...\{8CB5C357-12E5-41B1-A024-D57D4E6F32D9}) (Version: 2.0.1 - Samsung Electronics CO., LTD.) Side Sync (HKLM-x32\...\{34BEB782-66B1-4772-8E3E-71B758BA848B}) (Version: 1.0.2 - Samsung Electronics CO., LTD.) Support Center (HKLM\...\{50E36BBB-36A5-400A-8AC5-9F7C0BD751A2}) (Version: 2.1.80 - Samsung Electronics CO., LTD.) Support Center FAQ (x32 Version: 1.0.8 - Samsung Electronics CO., LTD.) Hidden SW Update (HKLM-x32\...\{6531175A-067C-42EA-B3BC-8FFDBB470377}) (Version: 2.1.9 - Samsung Electronics CO., LTD.) User Guide (HKLM-x32\...\{A6C17C20-4464-4A2A-968D-684C083B9424}) (Version: 1.0.00 - Samsung Electronics CO., LTD.) WinRAR 5.00 (32-bitowy) (HKLM-x32\...\WinRAR archiver) (Version: 5.00.0 - win.rar GmbH) WinRAR 5.00 (64-bitowy) (HKLM\...\WinRAR archiver) (Version: 5.00.0 - win.rar GmbH) YouTube Downloader (HKLM-x32\...\{f2f7fdc0-0bf6-45b6-9821-2b4163a8e92b}) (Version: 1.0.0.2 - Flex Media Limited) YouTube Downloader (x32 Version: 1.0000 - Frappsy) Hidden ==================== Custom CLSID (selected items): ========================== (If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.) CustomCLSID: HKU\S-1-5-21-1465946743-85629477-4087647475-1001_Classes\CLSID\{5B69A6B4-393B-459C-8EBB-214237A9E7AC}\InprocServer32 -> C:\Program Files\Bandizip\bdzshl64.dll (Bandisoft.com) CustomCLSID: HKU\S-1-5-21-1465946743-85629477-4087647475-1001_Classes\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}\InprocServer32 -> C:\Users\Marta K\AppData\Local\Microsoft\SkyDrive\17.0.2015.0811\amd64\SkyDriveShell64.dll (Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-1465946743-85629477-4087647475-1001_Classes\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}\InprocServer32 -> C:\Users\Marta K\AppData\Local\Microsoft\SkyDrive\17.0.2015.0811\amd64\SkyDriveShell64.dll (Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-1465946743-85629477-4087647475-1001_Classes\CLSID\{CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B}\InprocServer32 -> C:\Users\Marta K\AppData\Local\Microsoft\SkyDrive\17.0.2015.0811\amd64\SkyDriveShell64.dll (Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-1465946743-85629477-4087647475-1001_Classes\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}\InprocServer32 -> C:\Users\Marta K\AppData\Local\Microsoft\SkyDrive\17.0.2015.0811\amd64\SkyDriveShell64.dll (Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-1465946743-85629477-4087647475-1001_Classes\CLSID\{F8071786-1FD0-4A66-81A1-3CBE29274458}\InprocServer32 -> C:\Users\Marta K\AppData\Local\Microsoft\SkyDrive\17.0.2015.0811\amd64\FileSyncApi64.dll (Microsoft Corporation) ==================== Restore Points ========================= 01-04-2015 19:20:27 Zaplanowany punkt kontrolny 19-04-2015 18:53:09 Zaplanowany punkt kontrolny 22-04-2015 16:28:23 RegRun Virus Scan 25-04-2015 23:42:36 Installed SpyHunter 26-04-2015 17:06:15 Operacja przywracania ==================== Hosts content: ========================== (If needed Hosts: directive could be included in the fixlist to reset Hosts.) 2012-07-26 07:26 - 2012-07-26 07:26 - 00000824 ____N C:\windows\system32\Drivers\etc\hosts ==================== Scheduled Tasks (whitelisted) ============= (If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.) Task: {11D570EB-24C8-4326-B0A5-235E9EE3E05F} - System32\Tasks\Adobe Flash Player Updater => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-04-19] (Adobe Systems Incorporated) Task: {29222AB8-BA5A-4E40-81C9-B772DF01F3D2} - System32\Tasks\SideSyncAutoRun => C:\Program Files (x86)\Samsung\Side Sync\SideSync.exe [2013-03-09] (Samsung Electronics CO., LTD.) Task: {37CE28D6-64DE-433F-BBCF-5D1FC398976B} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-02-15] (Google Inc.) Task: {39EBB72F-BC9C-465D-8D6C-2D479D060408} - System32\Tasks\SAgent => C:\Program Files\Samsung\S Agent\CommonAgent.exe [2013-02-26] (Samsung Electronics CO., LTD.) Task: {6ECD8BE5-9803-480D-B1F2-990DF6C5EF01} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-02-15] (Google Inc.) Task: {892B1215-B2F2-4F6C-A2E8-3ECFD1CFF4A8} - System32\Tasks\Settings => C:\Program Files (x86)\Samsung\Settings\sSettings.exe [2013-02-01] (Samsung Electronics CO., LTD.) Task: {CDD512A0-A2FA-4F0C-B26D-B0FAFEB1CF31} - System32\Tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask => Sc.exe start osppsvc Task: {D41A550B-9CA8-44A7-B2D2-E821E85A4A95} - System32\Tasks\advRecovery => C:\Program Files\Samsung\Recovery\WCScheduler.exe [2013-03-12] (SEC) Task: {D51C68BC-186B-412A-9A47-6B0F3395DC6F} - System32\Tasks\e-pity2015_kwiecien => C:\Program Files (x86)\e-file\e-pity2014\Assets\signxml.exe [2015-02-12] (e-file sp. z o.o.) Task: {DEC67959-0117-4AED-A459-57DBD737375C} - System32\Tasks\e-pity2015_styczen => C:\Program Files (x86)\e-file\e-pity2014\Assets\signxml.exe [2015-02-12] (e-file sp. z o.o.) Task: C:\windows\Tasks\Adobe Flash Player Updater.job => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe Task: C:\windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: C:\windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe ==================== Loaded Modules (whitelisted) ============== 2013-02-01 03:52 - 2013-02-01 03:52 - 00085040 _____ () C:\Program Files (x86)\Samsung\Settings\CmdServer\EasySettingsCmdServer.exe 2013-10-20 15:54 - 2013-10-20 15:54 - 00176048 _____ () C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.0.1119.516_x64__8wekyb3d8bbwe\ModernShared\ErrorReporting\ErrorReporting.dll 2012-12-05 13:44 - 2012-12-05 13:44 - 00384128 _____ () C:\Program Files (x86)\Bluetooth Suite\ContactsApi.dll 2012-12-05 13:38 - 2012-12-05 13:38 - 00020992 _____ () C:\Program Files (x86)\Bluetooth Suite\L10n\pl-PL\BtTray.pl-PL.dll 2012-12-05 13:41 - 2012-12-05 13:41 - 00011264 _____ () C:\Program Files (x86)\Bluetooth Suite\Modules\ActivateDesktopDebugger\ActivateDesktopDebugger.dll 2012-12-05 13:44 - 2012-12-05 13:44 - 00012928 _____ () C:\Program Files (x86)\Bluetooth Suite\ActivateDesktop.exe 2013-08-31 19:51 - 2014-07-09 21:58 - 00559016 _____ () C:\Users\Marta K\AppData\Local\Frappsy\YouTube Downloader\YouTubeDownloader.exe 2013-02-26 09:56 - 2013-02-26 09:56 - 00088624 _____ () C:\Program Files\Samsung\S Agent\ToastX64.dll 2015-02-04 14:59 - 2015-02-04 14:59 - 00380416 _____ () C:\Users\Marta K\AppData\Local\Temp\Rar$EXa0.434\jhnmqgsg.exe 2013-02-01 03:52 - 2013-02-01 03:52 - 00029232 _____ () C:\Program Files (x86)\Samsung\Settings\CmdServer\EasySettingsCmdWrapper.dll 2013-02-01 03:52 - 2013-02-01 03:52 - 01106480 _____ () C:\Program Files (x86)\Samsung\Settings\CmdServer\EasySettingsCmd.dll 2013-02-01 03:52 - 2013-02-01 03:52 - 00111152 _____ () C:\Program Files (x86)\Samsung\Settings\CmdServer\EasySettingsBase.dll 2013-02-01 03:52 - 2013-02-01 03:52 - 00056440 _____ () C:\Program Files (x86)\Samsung\Settings\CmdServer\HookDllPS2.dll 2013-02-01 03:52 - 2013-02-01 03:52 - 00211064 _____ () C:\Program Files (x86)\Samsung\Settings\CmdServer\WinCRT.dll 2013-02-01 03:52 - 2013-02-01 03:52 - 00027184 _____ () C:\Program Files (x86)\Samsung\Settings\EasySettingsAPI.dll 2013-02-01 03:52 - 2013-02-01 03:52 - 00111152 _____ () C:\Program Files (x86)\Samsung\Settings\EasySettingsBase.dll 2013-02-01 03:52 - 2013-02-01 03:52 - 00060976 _____ () C:\Program Files (x86)\Samsung\Settings\EasyMovieEnhancer.dll 2013-02-01 03:52 - 2013-02-01 03:52 - 00103472 _____ () C:\Program Files (x86)\Samsung\Settings\EasySettingsCmdClient.dll 2014-01-06 11:52 - 2014-01-06 11:52 - 03244032 _____ () C:\Users\Marta K\AppData\Local\Programs\Google\Google+ Auto Backup\gpuploader_i18n.dll 2013-03-29 12:16 - 2012-06-08 05:34 - 00627216 _____ () C:\Program Files (x86)\CyberLink\Power2Go8\CLMediaLibrary.dll 2012-06-08 04:34 - 2012-06-08 04:34 - 00016400 _____ () C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvcPS.dll 2013-03-09 21:58 - 2013-03-09 21:58 - 00192048 _____ () C:\Program Files (x86)\Samsung\Side Sync\SideSyncNetworkFramework.dll ==================== Alternate Data Streams (whitelisted) ========= (If an entry is included in the fixlist, only the Alternate Data Streams will be removed.) ==================== Safe Mode (whitelisted) =================== (If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.) ==================== EXE Association (whitelisted) =============== (If an entry is included in the fixlist, the default will be restored. None default entries will be removed.) ==================== Internet Explorer trusted/restricted =============== (If an entry is included in the fixlist, the associated entry will be removed from the registry.) ==================== Other Areas ============================ (Currently there is no automatic fix for this section.) HKU\S-1-5-21-1465946743-85629477-4087647475-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Marta K\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper DNS Servers: 192.168.0.1 ==================== MSCONFIG/TASK MANAGER disabled items == (Currently there is no automatic fix for this section.) ==================== FirewallRules (whitelisted) =============== (If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.) FirewallRules: [Wininit-Shutdown-In-Rule-TCP-RPC] => (Allow) %systemroot%\system32\wininit.exe FirewallRules: [Wininit-Shutdown-In-Rule-TCP-RPC-EPMapper] => (Allow) %systemroot%\system32\wininit.exe FirewallRules: [ProximityUxHost-Sharing-In-TCP-NoScope] => (Allow) %SystemRoot%\system32\proximityuxhost.exe FirewallRules: [ProximityUxHost-Sharing-Out-TCP-NoScope] => (Allow) %SystemRoot%\system32\proximityuxhost.exe FirewallRules: [NETDIS-DAS-In-UDP-Active] => (Allow) %SystemRoot%\system32\dashost.exe FirewallRules: [NETDIS-DAS-In-UDP] => (Allow) %SystemRoot%\system32\dashost.exe FirewallRules: [PlayTo-In-UDP-NoScope] => (Allow) %SystemRoot%\system32\mdeserver.exe FirewallRules: [PlayTo-In-UDP-LocalSubnetScope] => (Allow) %SystemRoot%\system32\mdeserver.exe FirewallRules: [PlayTo-In-UDP-PlayToScope] => (Allow) %SystemRoot%\system32\mdeserver.exe FirewallRules: [PlayTo-Out-UDP-NoScope] => (Allow) %SystemRoot%\system32\mdeserver.exe FirewallRules: [PlayTo-Out-UDP-LocalSubnetScope] => (Allow) %SystemRoot%\system32\mdeserver.exe FirewallRules: [PlayTo-Out-UDP-PlayToScope] => (Allow) %SystemRoot%\system32\mdeserver.exe FirewallRules: [PlayTo-In-RTSP-NoScope] => (Allow) %SystemRoot%\system32\mdeserver.exe FirewallRules: [PlayTo-In-RTSP-LocalSubnetScope] => (Allow) %SystemRoot%\system32\mdeserver.exe FirewallRules: [PlayTo-In-RTSP-PlayToScope] => (Allow) %SystemRoot%\system32\mdeserver.exe FirewallRules: [TPMVSCMGR-Server-In-TCP-NoScope] => (Allow) %SystemRoot%\system32\RmtTpmVscMgrSvr.exe FirewallRules: [TPMVSCMGR-Server-Out-TCP-NoScope] => (Allow) %SystemRoot%\system32\RmtTpmVscMgrSvr.exe FirewallRules: [TPMVSCMGR-Server-In-TCP] => (Allow) %SystemRoot%\system32\RmtTpmVscMgrSvr.exe FirewallRules: [TPMVSCMGR-Server-Out-TCP] => (Allow) %SystemRoot%\system32\RmtTpmVscMgrSvr.exe FirewallRules: [{20201B32-AFDA-4197-A447-6FCD290588AA}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD10\PowerDVD Cinema\PowerDVDCinema10.exe FirewallRules: [{FFC80C49-933D-4049-BD01-97FD55B28867}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD10\PowerDVD10.EXE FirewallRules: [{A8DFA8FE-A833-4CC8-8633-2AA47EC41A67}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe FirewallRules: [{02706E4C-4FC5-4AB1-81E7-23005FD156E5}] => (Allow) C:\Users\Marta K\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe FirewallRules: [TCP Query User{D44185BE-E10C-4D67-954D-5BEFF8FAAE5B}C:\program files (x86)\symantec\norton online backup\nobuclient.exe] => (Block) C:\program files (x86)\symantec\norton online backup\nobuclient.exe FirewallRules: [UDP Query User{756483E4-8502-48D0-B53E-5BA499CEF720}C:\program files (x86)\symantec\norton online backup\nobuclient.exe] => (Block) C:\program files (x86)\symantec\norton online backup\nobuclient.exe FirewallRules: [TCP Query User{0CA668B7-C0B6-4C33-B1BB-B8A8B6C99F8C}C:\program files (x86)\symantec\norton online backup\nobuclient.exe] => (Block) C:\program files (x86)\symantec\norton online backup\nobuclient.exe FirewallRules: [UDP Query User{4D25971E-9A93-4051-A38E-78AFC02470E6}C:\program files (x86)\symantec\norton online backup\nobuclient.exe] => (Block) C:\program files (x86)\symantec\norton online backup\nobuclient.exe FirewallRules: [{2316C9C9-4133-4FA5-A9A0-F16C13F228ED}] => (Allow) C:\Program Files (x86)\Microsoft Office\Office12\outlook.exe FirewallRules: [{8F05D2C5-16F0-4EA9-9B63-957E7887F916}] => (Allow) C:\Program Files (x86)\Microsoft Office\Office12\GROOVE.EXE FirewallRules: [{7C2A8837-DB13-418F-9F64-07BDE64E8DBD}] => (Allow) C:\Program Files (x86)\Microsoft Office\Office12\GROOVE.EXE FirewallRules: [{0EDF0A4C-61EC-40D2-B270-9DCD270FB99E}] => (Allow) C:\Program Files (x86)\Microsoft Office\Office12\ONENOTE.EXE FirewallRules: [{CD8A6C6C-191C-4787-B896-FA15023A1A34}] => (Allow) C:\Program Files (x86)\Microsoft Office\Office12\ONENOTE.EXE FirewallRules: [{0662FB61-9D9F-4C84-BAAA-5517C6BFC091}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe FirewallRules: [{F5CBD1D1-A77D-44CA-BA98-46B0B43C5A7A}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe FirewallRules: [TCP Query User{187BD5C5-D9A9-4D8A-AE11-BF26A0962092}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe FirewallRules: [UDP Query User{082E11A3-5C2D-458D-8A44-0FE9DEB0592D}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe FirewallRules: [{7BFD4014-03B9-49EE-A543-7859F415480D}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe ==================== Faulty Device Manager Devices ============= ==================== Event log errors: ========================= Application errors: ================== Error: (04/26/2015 05:36:48 PM) (Source: System Restore) (EventID: 8210) (User: ) Description: Wystąpił nieokreślony błąd podczas przywracania systemu: (Zaplanowany punkt kontrolny). Informacje dodatkowe: 0x80070005. Error: (04/26/2015 05:21:41 PM) (Source: System Restore) (EventID: 8210) (User: ) Description: Wystąpił nieokreślony błąd podczas przywracania systemu: (Zaplanowany punkt kontrolny). Informacje dodatkowe: 0x80070005. Error: (04/26/2015 00:58:20 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Nazwa aplikacji powodującej błąd: plugin-container.exe, wersja: 37.0.2.5583, sygnatura czasowa: 0x552ef76c Nazwa modułu powodującego błąd: mozalloc.dll, wersja: 37.0.2.5583, sygnatura czasowa: 0x552ee9ae Kod wyjątku: 0x80000003 Przesunięcie błędu: 0x00001aa1 Identyfikator procesu powodującego błąd: 0x16b4 Godzina uruchomienia aplikacji powodującej błąd: 0xplugin-container.exe0 Ścieżka aplikacji powodującej błąd: plugin-container.exe1 Ścieżka modułu powodującego błąd: plugin-container.exe2 Identyfikator raportu: plugin-container.exe3 Pełna nazwa pakietu powodującego błąd: plugin-container.exe4 Identyfikator aplikacji względem pakietu powodującego błąd: plugin-container.exe5 Error: (04/25/2015 11:50:36 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: Marta) Description: Aktywacja aplikacji microsoft.windowscommunicationsapps_8wekyb3d8bbwe!Microsoft.WindowsLive.Mail nie powiodła się. Błąd: -2144927140. Więcej informacji można znaleźć w dzienniku Microsoft-Windows-TWinUI/Działa. Error: (04/25/2015 11:50:36 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: Marta) Description: Aktywacja aplikacji microsoft.windowscommunicationsapps_8wekyb3d8bbwe!Microsoft.WindowsLive.Mail nie powiodła się. Błąd: -2144927140. Więcej informacji można znaleźć w dzienniku Microsoft-Windows-TWinUI/Działa. Error: (04/25/2015 11:50:36 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: Marta) Description: Aktywacja aplikacji microsoft.windowscommunicationsapps_8wekyb3d8bbwe!Microsoft.WindowsLive.Mail nie powiodła się. Błąd: -2144927140. Więcej informacji można znaleźć w dzienniku Microsoft-Windows-TWinUI/Działa. Error: (04/25/2015 11:50:36 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: Marta) Description: Aktywacja aplikacji microsoft.windowscommunicationsapps_8wekyb3d8bbwe!Microsoft.WindowsLive.Mail nie powiodła się. Błąd: -2144927140. Więcej informacji można znaleźć w dzienniku Microsoft-Windows-TWinUI/Działa. Error: (04/25/2015 11:45:10 PM) (Source: MsiInstaller) (EventID: 11721) (User: Marta) Description: Product: SpyHunter -- Error 1721. There is a problem with this Windows Installer package. A program required for this install to complete could not be run. Contact your support personnel or package vendor. Action: , location: WiseCustomCall, command: g3 Error: (04/25/2015 10:52:40 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Nazwa aplikacji powodującej błąd: plugin-container.exe, wersja: 37.0.2.5583, sygnatura czasowa: 0x552ef76c Nazwa modułu powodującego błąd: mozalloc.dll, wersja: 37.0.2.5583, sygnatura czasowa: 0x552ee9ae Kod wyjątku: 0x80000003 Przesunięcie błędu: 0x00001aa1 Identyfikator procesu powodującego błąd: 0x11d4 Godzina uruchomienia aplikacji powodującej błąd: 0xplugin-container.exe0 Ścieżka aplikacji powodującej błąd: plugin-container.exe1 Ścieżka modułu powodującego błąd: plugin-container.exe2 Identyfikator raportu: plugin-container.exe3 Pełna nazwa pakietu powodującego błąd: plugin-container.exe4 Identyfikator aplikacji względem pakietu powodującego błąd: plugin-container.exe5 Error: (04/21/2015 10:15:11 PM) (Source: MsiInstaller) (EventID: 10005) (User: Marta) Description: Product: Ask Toolbar -- Error 25001. The following applications must be closed before continuing the uninstall: Mozilla Firefox System errors: ============= Error: (04/26/2015 06:13:15 PM) (Source: Service Control Manager) (EventID: 7022) (User: ) Description: Usługa Norton Online Backup zawiesiła się podczas uruchamiania. Error: (04/26/2015 06:07:20 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Nie można uruchomić usługi Windows Search z powodu następującego błędu: %%1069 Error: (04/26/2015 06:07:20 PM) (Source: Service Control Manager) (EventID: 7038) (User: ) Description: Usługa WSearch nie może zalogować się jako NT AUTHORITY\SYSTEM za pomocą obecnie skonfigurowanego hasła z powodu następującego błędu: %%50 Aby upewnić się, że usługa jest skonfigurowana prawidłowo, użyj przystawki Usługi w programie Microsoft Management Console (MMC). Error: (04/26/2015 06:06:52 PM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: Usługa Norton Online Backup niespodziewanie zakończyła pracę. Wystąpiło to razy: 1. Error: (04/26/2015 06:06:52 PM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: Usługa Adobe Active File Monitor V11 niespodziewanie zakończyła pracę. Wystąpiło to razy: 1. Error: (04/26/2015 06:06:50 PM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: Usługa Windows Search niespodziewanie zakończyła pracę. Wystąpiło to razy: 1. W przeciągu 30000 milisekund zostanie podjęta następująca czynność korekcyjna: Uruchom usługę ponownie. Error: (04/26/2015 06:06:50 PM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: Usługa ZAtheros Bt and Wlan Coex Agent niespodziewanie zakończyła pracę. Wystąpiło to razy: 1. Error: (04/26/2015 06:06:50 PM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: Usługa SW Update Service niespodziewanie zakończyła pracę. Wystąpiło to razy: 1. Error: (04/26/2015 06:06:50 PM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: Usługa Elan Service niespodziewanie zakończyła pracę. Wystąpiło to razy: 1. Error: (04/26/2015 06:06:49 PM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: Usługa Easy Launcher niespodziewanie zakończyła pracę. Wystąpiło to razy: 1. Microsoft Office Sessions: ========================= ==================== Memory info =========================== Processor: AMD E2-2000 APU with Radeon(tm) HD Graphics Percentage of memory in use: 73% Total physical RAM: 3669.2 MB Available physical RAM: 990.66 MB Total Pagefile: 4949.2 MB Available Pagefile: 1342.88 MB Total Virtual: 8192 MB Available Virtual: 8191.77 MB ==================== Drives ================================ Drive c: () (Fixed) (Total:442.49 GB) (Free:387.07 GB) NTFS ==================== MBR & Partition Table ================== ======================================================== Disk: 0 (Size: 465.8 GB) (Disk ID: 9A7D9D2D) Partition: GPT Partition Type. ==================== End Of Log ============================