Additional scan result of Farbar Recovery Scan Tool (x64) Version:21-06-2015 01 Ran by euro rtv agd at 2015-06-22 22:14:55 Running from C:\Users\euro rtv agd\Downloads Boot Mode: Normal ========================================================== ==================== Accounts: ============================= Administrator (S-1-5-21-2100001416-2170443706-2230923172-500 - Administrator - Disabled) euro rtv agd (S-1-5-21-2100001416-2170443706-2230923172-1001 - Administrator - Enabled) => C:\Users\euro rtv agd Gość (S-1-5-21-2100001416-2170443706-2230923172-501 - Limited - Disabled) HomeGroupUser$ (S-1-5-21-2100001416-2170443706-2230923172-1003 - Limited - Enabled) UpdatusUser (S-1-5-21-2100001416-2170443706-2230923172-1000 - Limited - Enabled) => C:\Users\UpdatusUser ==================== Security Center ======================== (If an entry is included in the fixlist, it will be removed.) AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} ==================== Installed Programs ====================== (Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.) „Windows Live Essentials“ (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden „Windows Live Mail“ (x32 Version: 15.4.3502.0922 - „Microsoft Corporation“) Hidden „Windows Live Messenger“ (x32 Version: 15.4.3502.0922 - „Microsoft Corporation“) Hidden „Windows Live“ fotogalerija (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Ad Muncher v4.94.34121 (Free) (HKLM-x32\...\Ad Muncher) (Version: - ) Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 3.7.0.2090 - Adobe Systems Incorporated) Adobe Flash Player 17 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 17.0.0.188 - Adobe Systems Incorporated) Adobe Flash Player 17 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 17.0.0.188 - Adobe Systems Incorporated) Adobe Reader XI (11.0.11) (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.11 - Adobe Systems Incorporated) Agatha Christie - Death on the Nile (x32 Version: 2.2.0.82 - WildTangent) Hidden Aktualizacja produktu Microsoft Office Excel 2007 Help (KB963678) (HKLM-x32\...\{90120000-0016-0415-0000-0000000FF1CE}_ENTERPRISE_{04E205D6-88B1-4652-B162-42DF2C3B1228}) (Version: - Microsoft) Aktualizacja produktu Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM-x32\...\{90120000-0018-0415-0000-0000000FF1CE}_ENTERPRISE_{442ECBCF-94A7-48CC-8CD9-D31FFFD5FA86}) (Version: - Microsoft) Aktualizacja produktu Microsoft Office Word 2007 Help (KB963665) (HKLM-x32\...\{90120000-001B-0415-0000-0000000FF1CE}_ENTERPRISE_{128A36ED-21BE-4547-9FFE-5B85AEC735DD}) (Version: - Microsoft) Angry Birds Breakfast 1 (HKLM-x32\...\{DE5BE262-C5E7-49B2-A673-56A3E2522F06}) (Version: 1.0.16 - Rovio Entertainment Ltd.) BatteryLifeExtender (HKLM-x32\...\{FFD0E594-823B-4E2B-B680-720B3C852588}) (Version: 1.0.11 - Samsung) Bejeweled 2 Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden Bing Bar (HKLM-x32\...\{1E03DB52-D5CB-4338-A338-E526DD4D4DB1}) (Version: 7.0.610.0 - Microsoft Corporation) Broadcom 802.11 Network Adapter (HKLM\...\Broadcom 802.11 Network Adapter) (Version: 5.60.48.55 - Broadcom Corporation) Build-a-lot (x32 Version: 2.2.0.82 - WildTangent) Hidden ChargeableUSB (HKLM-x32\...\{92D50865-FC60-4EA8-BA7A-5581B0D13EFB}) (Version: 1.0.0.0 - SAMSUNG) Chuzzle Deluxe (x32 Version: 2.2.0.82 - WildTangent) Hidden Common Desktop Agent (Version: 1.53.0 - OEM) Hidden CyberLink Media Suite (HKLM-x32\...\InstallShield_{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}) (Version: 8.0.2227 - CyberLink Corp.) CyberLink Media+ Player10 (HKLM-x32\...\InstallShield_{34FBC7C4-CD31-4D93-A428-0E524EAC4586}) (Version: 10.0.1110.00 - CyberLink Corp.) CyberLink MediaShow (HKLM-x32\...\InstallShield_{80E158EA-7181-40FE-A701-301CE6BE64AB}) (Version: 5.0.1130a - CyberLink Corp.) CyberLink Power2Go (HKLM-x32\...\InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 6.1.3802 - CyberLink Corp.) CyberLink PowerDirector (HKLM-x32\...\InstallShield_{CB099890-1D5F-11D5-9EA9-0050BAE317E1}) (Version: 8.0.3306 - CyberLink Corp.) CyberLink YouCam (HKLM-x32\...\InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 3.1.3509 - CyberLink Corp.) D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden DC-Bass Source 1.3.0 (HKLM-x32\...\DC-Bass Source) (Version: - ) Diner Dash 2 Restaurant Rescue (x32 Version: 2.2.0.82 - WildTangent) Hidden DirectVobSub 2.40.4209 (HKLM-x32\...\vsfilter_is1) (Version: 2.40.4209 - MPC-HC Team) DivX Setup (HKLM-x32\...\DivX Setup) (Version: 2.6.1.8 - DivX, LLC) Dropbox (HKU\S-1-5-21-2100001416-2170443706-2230923172-1001\...\Dropbox) (Version: 3.6.7 - Dropbox, Inc.) Easy Content Share (HKLM-x32\...\{2DDC70C1-C77A-4D08-89D2-9AB648504533}) (Version: 1.0 - Samsung Electronics Co., LTD) Easy Display Manager (HKLM-x32\...\{17283B95-21A8-4996-97DA-547A48DB266F}) (Version: 3.2 - Samsung Electronics Co., Ltd.) Easy Migration (HKLM-x32\...\{AD86049C-3D9C-43E1-BE73-643F57D83D50}) (Version: 1.0 - Samsung Electronics Co., Ltd.) Easy Network Manager (HKLM-x32\...\{8732818E-CA78-4ACB-B077-22311BF4C0E4}) (Version: 4.4.7 - Samsung) Easy SpeedUp Manager (HKLM-x32\...\{EF367AA4-070B-493C-9575-85BE59D789C9}) (Version: 2.1.1.1 - Samsung Electronics Co.,Ltd.) EasyBatteryManager (HKLM-x32\...\{4A331D24-A9E8-484F-835E-1BA7B139689C}) (Version: 4.0.0.4 - Samsung) EasyFileShare (HKLM-x32\...\{1181AA5B-8EFD-4AC5-8CDE-A1F7307B3427}) (Version: 1.0.13 - Samsung) Edytor wzorów 4 DEMO (HKLM-x32\...\Edytor wzorów_is1) (Version: - Caprisoft s.c.) ETDWare PS/2-X64 8.0.7.2_WHQL (HKLM\...\Elantech) (Version: 8.0.7.2 - ELAN Microelectronic Corp.) Facebook Video Calling 3.1.0.521 (HKLM-x32\...\{2091F234-EB58-4B80-8C96-8EB78C808CF7}) (Version: 3.1.521 - Skype Limited) Farm Frenzy (x32 Version: 2.2.0.82 - WildTangent) Hidden Fast Start (HKLM-x32\...\{77F45ECD-FAFC-45A8-8896-CFFB139DAAA3}) (Version: 2.2.0.0 - SAMSUNG) ffdshow v1.1.4399 [2012-03-22] (HKLM-x32\...\ffdshow_is1) (Version: 1.1.4399.0 - ) FinalBurner Free v2.8.0.148 (HKLM-x32\...\{1A3E23D7-7A1E-43EC-B35D-EB8A31BED943}) (Version: - ) Fotogalerija Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Free Pascal 2.2.0 (HKLM-x32\...\FreePascal_is1) (Version: - Free Pascal Team) Galeria de Fotografias do Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Galería fotográfica de Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Galeria fotografii usługi Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Galerie de photos Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Galerie foto Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Google Chrome (HKLM-x32\...\Google Chrome) (Version: 43.0.2357.130 - Google Inc.) Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden Google Update Helper (x32 Version: 1.3.27.5 - Google Inc.) Hidden Haali Media Splitter (HKLM-x32\...\HaaliMkx) (Version: - ) InfraRecorder 0.53 (x64 edition) (HKLM\...\{2C22EA92-CB30-4932-0053-000001000000}) (Version: 0.53.00.00 - Christian Kindahl) Insaniquarium Deluxe (x32 Version: 2.2.0.82 - WildTangent) Hidden Intel(R) Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1007 - Intel Corporation) Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 7.0.0.1118 - Intel Corporation) Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 8.15.10.2253 - Intel Corporation) Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 10.1.5.1001 - Intel Corporation) Intel(R) Turbo Boost Technology Monitor 2.0 (HKLM\...\{B77EFA0B-9BD3-4122-9F9A-15A963B5EA24}) (Version: 2.0.82.0 - Intel) IPTInstaller (HKLM-x32\...\{08208143-777D-4A06-BB54-71BF0AD1BB70}) (Version: 4.0.8 - HTC) Java 7 Update 51 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217051FF}) (Version: 7.0.510 - Oracle) John Deere Drive Green (x32 Version: 2.2.0.82 - WildTangent) Hidden Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Lagarith Lossless Codec (1.3.27) (HKLM-x32\...\{F59AC46C-10C3-4023-882C-4212A92283B3}_is1) (Version: - ) LAME v3.99.3 (for Windows) (HKLM-x32\...\LAME_is1) (Version: - ) Malwarebytes Anti-Malware wersja 2.1.6.1022 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.1.6.1022 - Malwarebytes Corporation) Mesh Runtime (x32 Version: 15.4.5722.2 - Microsoft Corporation) Hidden Microsoft .NET Framework 4.5.1 (Polski) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1045) (Version: 4.5.50938 - Microsoft Corporation) Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation) Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft) Microsoft Office 2010 (HKLM-x32\...\{95140000-0070-0000-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation) Microsoft Office Enterprise 2007 (HKLM-x32\...\ENTERPRISE) (Version: 12.0.6612.1000 - Microsoft Corporation) Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation) Microsoft Office SharePoint Designer 2007 (HKLM-x32\...\SharePointDesigner) (Version: 12.0.6612.1000 - Microsoft Corporation) Microsoft Office SharePoint Designer 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0017-0000-0000-0000000FF1CE}_SharePointDesigner_{4B4DF6E2-5E40-422B-82DD-205FD7E79226}) (Version: - Microsoft) Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.40416.0 - Microsoft Corporation) Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{3C3D696B-0DB7-3C6D-A356-3DB8CE541918}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{7f51bdb9-ee21-49ee-94d6-90afc321780e}) (Version: 12.0.21005.1 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation) Microsoft WSE 3.0 Runtime (HKLM-x32\...\{E3E71D07-CD27-46CB-8448-16D4FB29AA13}) (Version: 3.0.5305.0 - Microsoft Corp.) MiKTeX 2.8 (HKLM-x32\...\MiKTeX 2.8) (Version: 2.8 - MiKTeX.org) Movie Color Enhancer (HKLM-x32\...\{7F6F62F0-7884-4CFB-B86C-597A4A6D9C4D}) (Version: 1.0 - Samsung Electronics Co., Ltd.) Mozilla Firefox 38.0.5 (x86 pl) (HKLM-x32\...\Mozilla Firefox 38.0.5 (x86 pl)) (Version: 38.0.5 - Mozilla) Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 29.0.1 - Mozilla) Multimedia POP (HKLM-x32\...\{331ECF61-69AF-4F57-AC35-AFED610231C3}) (Version: 1.1 - ) Norton Online Backup (HKLM-x32\...\{40A66DF6-22D3-44B5-A7D3-83B118A2C0DC}) (Version: 2.1.17869 - Symantec Corporation) NVIDIA Graphics Driver 266.72 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 266.72 - NVIDIA Corporation) OpenSource Flash Video Splitter 1.0.0.5 (HKLM-x32\...\OpenSource Flash Video Splitter) (Version: 1.0.0.5 - ) Opera Stable 30.0.1835.59 (HKLM-x32\...\Opera 30.0.1835.59) (Version: 30.0.1835.59 - Opera Software) Origin (HKLM-x32\...\Origin) (Version: 9.2.1.4399 - Electronic Arts, Inc.) Peggle (x32 Version: 2.2.0.82 - WildTangent) Hidden Penguins! (x32 Version: 2.2.0.82 - WildTangent) Hidden Plants vs. Zombies (x32 Version: 2.2.0.82 - WildTangent) Hidden Poczta usługi Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Podstawowe programy Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Polar Golfer (x32 Version: 2.2.0.82 - WildTangent) Hidden Pošta Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Raccolta foto di Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.45.516.2011 - Realtek) Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6400 - Realtek Semiconductor Corp.) Renesas Electronics USB 3.0 Host Controller Driver (HKLM-x32\...\InstallShield_{5442DAB8-7177-49E1-8B22-09A049EA5996}) (Version: 2.0.30.0 - Renesas Electronics Corporation) Renesas Electronics USB 3.0 Host Controller Driver (x32 Version: 2.0.30.0 - Renesas Electronics Corporation) Hidden Samsung AnyWeb Print (HKLM-x32\...\{318DBE01-1E6B-4243-84B0-210391FE789A}) (Version: 2.0.67.1 - Samsung Electronics Co., Ltd.) Samsung Easy Printer Manager (HKLM-x32\...\Samsung Easy Printer Manager) (Version: 1.02.06.05 - Samsung Electronics Co., Ltd.) Samsung Printer Live Update (HKLM-x32\...\Samsung Printer Live Update) (Version: - Samsung Electronics Co., Ltd.) Samsung Recovery Solution 5 (HKLM-x32\...\{145DE957-0679-4A2A-BB5C-1D3E9808FAB2}) (Version: 5.0.0.9 - Samsung) Samsung Scan Assistant (HKLM-x32\...\Samsung Scan Assistant) (Version: 1.04.30.00 - Samsung Electronics Co., Ltd.) Samsung SCX-3400 Series (HKLM-x32\...\Samsung SCX-3400 Series) (Version: - Samsung Electronics Co., Ltd.) Samsung Support Center 1.0 (HKLM-x32\...\{F687E657-F636-44DF-8125-9FEEA2C362F5}) (Version: 1.1.38 - Samsung) Samsung Universal Print Driver (HKLM-x32\...\Samsung Universal Print Driver) (Version: 2.02.05.00:27 - Samsung Electronics Co., Ltd.) Samsung Universal Scan Driver (HKLM-x32\...\Samsung Universal Scan Driver) (Version: 1.2.5.0 - Samsung Electronics Co., Ltd.) Samsung Update Plus (HKLM-x32\...\{142D8CA7-2C6F-45A7-83E3-099AAFD99133}) (Version: 3.0.0.17 - Samsung Electronics Co., Ltd.) Sid Meier's Civilization V (HKLM-x32\...\Steam App 8930) (Version: - 2K Games, Inc.) Skype™ 7.0 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.0.102 - Skype Technologies S.A.) STATISTICA PL 10 (64-bit) (HKLM\...\{7811654C-9701-4347-B9DD-7DDB6B47F56A}) (Version: 10.0.1101.6 - StatSoft, Inc.) STATNOVAPDF (novaPDF 7.4 printer) (HKLM\...\STATNOVAPDF_is1) (Version: - Softland) Steam (HKLM-x32\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve Corporation) Texmaker (HKLM-x32\...\Texmaker) (Version: - ) The Sims™ 3 (HKLM-x32\...\{C05D8CDB-417D-4335-A38C-A0659EDFD6B8}) (Version: 1.67.2 - Electronic Arts) The Sims™ 4 (HKLM-x32\...\{48EBEBBF-B9F8-4520-A3CF-89A730721917}) (Version: 1.4.83.1010 - Electronic Arts Inc.) TL-WN721N/TL-WN722N Driver (HKLM-x32\...\{38A1E3ED-D913-41D2-9953-A93D5ACE3ADF}) (Version: 1.0.0 - TP-LINK) TP-LINK Wireless Configuration Utility (HKLM-x32\...\{319D91C6-3D44-436C-9F79-36C0D22372DC}) (Version: 1.0.0 - TP-LINK) UCSF Chimera 1.8.1 (HKLM-x32\...\UCSF Chimera 1.8.1_is1) (Version: - University of California at San Francisco) Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{90120000-0017-0000-0000-0000000FF1CE}_SharePointDesigner_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft) Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft) User Guide (HKLM-x32\...\{BAE68339-B0F6-4D33-9554-5A3DB2DFF5DA}) (Version: 1.5 - ) VC80CRTRedist - 8.0.50727.6195 (x32 Version: 1.2.0 - DivX, Inc) Hidden WIDCOMM Bluetooth Software (HKLM\...\{436E0B79-2CFB-4E5F-9380-E17C1B25D0C5}) (Version: 6.3.0.7000 - Broadcom Corporation) WildTangent Games (HKLM-x32\...\WildTangent wildgames Master Uninstall) (Version: 1.0.1.5 - WildTangent) WildTangent ORB Game Console (x32 Version: - WildTangent) Hidden Windows Live 程式集 (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3508.1109 - Microsoft Corporation) WinRAR 4.20 (32-bitowy) (HKLM-x32\...\WinRAR archiver) (Version: 4.20.0 - win.rar GmbH) WinRAR 4.20 (64-bitowy) (HKLM\...\WinRAR archiver) (Version: 4.20.0 - win.rar GmbH) Xvid Video Codec (HKLM-x32\...\Xvid Video Codec 1.3.2) (Version: 1.3.2 - Xvid Team) Zuma Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden Συλλογή φωτογραφιών του Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Основные компоненты Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Почта Windows Live (x32 Version: 15.4.3502.0922 - Корпорация Майкрософт) Hidden Фотоальбом Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Фотогалерия на Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden גלריית התמונות של Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden بريد Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden معرض صور Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden ==================== Custom CLSID (Whitelisted): ========================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) CustomCLSID: HKU\S-1-5-21-2100001416-2170443706-2230923172-1001_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\euro rtv agd\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-2100001416-2170443706-2230923172-1001_Classes\CLSID\{ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C}\InprocServer32 -> C:\Users\euro rtv agd\AppData\Roaming\Dropbox\bin\DropboxExt64.26.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-2100001416-2170443706-2230923172-1001_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\euro rtv agd\AppData\Roaming\Dropbox\bin\DropboxExt64.26.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-2100001416-2170443706-2230923172-1001_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\euro rtv agd\AppData\Roaming\Dropbox\bin\DropboxExt64.26.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-2100001416-2170443706-2230923172-1001_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\euro rtv agd\AppData\Roaming\Dropbox\bin\DropboxExt64.26.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-2100001416-2170443706-2230923172-1001_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\euro rtv agd\AppData\Roaming\Dropbox\bin\DropboxExt64.26.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-2100001416-2170443706-2230923172-1001_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\euro rtv agd\AppData\Roaming\Dropbox\bin\DropboxExt64.26.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-2100001416-2170443706-2230923172-1001_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\euro rtv agd\AppData\Roaming\Dropbox\bin\DropboxExt64.26.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-2100001416-2170443706-2230923172-1001_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\euro rtv agd\AppData\Roaming\Dropbox\bin\DropboxExt64.26.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-2100001416-2170443706-2230923172-1001_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\euro rtv agd\AppData\Roaming\Dropbox\bin\DropboxExt64.26.dll (Dropbox, Inc.) ==================== Restore Points ========================= 14-05-2015 11:45:52 Windows Update 19-05-2015 16:31:01 Windows Update 21-05-2015 06:58:00 Windows Update 26-05-2015 18:50:33 Windows Update 29-05-2015 21:27:02 Windows Update 02-06-2015 15:51:52 Windows Update 07-06-2015 17:35:00 Windows Update 08-06-2015 08:39:20 Windows Update 11-06-2015 07:45:25 Windows Update 16-06-2015 16:18:29 Windows Update 21-06-2015 20:04:24 Installed Windows 7 USB/DVD Download Tool 21-06-2015 22:19:11 Removed Windows 7 USB/DVD Download Tool ==================== Hosts content: =============================== (If needed Hosts: directive could be included in the fixlist to reset Hosts.) 2009-07-14 04:34 - 2009-06-10 23:00 - 00000824 ____A C:\windows\system32\Drivers\etc\hosts ==================== Scheduled Tasks (Whitelisted) ============= (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) Task: {0D36A689-20AF-4A4A-9275-83C8B5D614F4} - System32\Tasks\MovieColorEnhancer => C:\Program Files (x86)\Samsung\Movie Color Enhancer\MovieColorEnhancer.exe [2010-11-29] (Samsung Electronics Co., Ltd.) Task: {14399C49-5905-4A55-8560-C19807D952E8} - System32\Tasks\SUPBackground => C:\Program Files (x86)\Samsung\Samsung Update Plus\SUPBackground.exe [2011-01-12] (Samsung Electronics) Task: {14C61FAD-4BEE-46C4-B6E2-1ED2062BE83D} - System32\Tasks\{486F43D8-9DC3-4078-8911-4ED7730E4E23} => C:\Program Files (x86)\Electronic Arts\The Sims 3\Game\Bin\Sims3Launcher.exe Task: {151B205C-1F7C-46E9-B29A-025EDCC700CC} - System32\Tasks\BatteryLifeExtender => C:\Program Files (x86)\Samsung\BatteryLifeExtender\BatteryLifeExtender.exe [2010-12-18] (Samsung Electronics. Co. Ltd.) Task: {16326E95-DCD4-4B2E-AF60-B5CD236D0F30} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2014-12-19] (Adobe Systems Incorporated) Task: {1A98FC9E-6A0B-4E17-94E7-EA4303E7E9B4} - System32\Tasks\Opera scheduled Autoupdate 1434996513 => C:\Program Files (x86)\Opera\launcher.exe [2015-06-10] (Opera Software) Task: {1BCC6185-58F4-4432-A0E6-E55FE32BFB10} - System32\Tasks\{709CD3A6-D222-4A56-A560-B2EE009701CD} => pcalua.exe -a E:\setup.exe -d E:\ Task: {1D04BA6E-CEB9-44DC-B6F4-D257C3DBF32D} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-2100001416-2170443706-2230923172-1001UA => C:\Users\euro rtv agd\AppData\Local\Facebook\Update\FacebookUpdate.exe [2013-08-31] (Facebook Inc.) Task: {23E510CF-7805-4E83-9AE1-F7D251445B6C} - System32\Tasks\SamsungSupportCenter => C:\Program Files (x86)\Samsung\Samsung Support Center\SSCKbdHk.exe [2011-09-04] (SAMSUNG Electronics) Task: {29571016-2F79-4DD4-BFB3-06CB532A56DC} - System32\Tasks\MirageAgent => C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe [2010-11-10] (CyberLink) Task: {2ACDA183-97BE-44BC-8E3C-2A29261BA581} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-2100001416-2170443706-2230923172-1001UA => C:\Users\euro rtv agd\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2015-06-20] (Dropbox, Inc.) Task: {33EDC604-2930-4477-8E99-3F012CB7BD9E} - System32\Tasks\Microsoft\Windows\Setup\gwx\launchtrayprocess => C:\Windows\system32\GWX\GWX.exe [2015-05-07] (Microsoft Corporation) Task: {41A97A8B-1E98-44D5-BCCC-0C25686E2978} - System32\Tasks\{5E3286AF-3135-4950-80E1-8EDEAE5EF8C6} => pcalua.exe -a E:\SETUP.EXE -d E:\ Task: {4F091D61-4BF2-4D83-92A5-1CCEA08B3EFD} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-2100001416-2170443706-2230923172-1001Core => C:\Users\euro rtv agd\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2015-06-20] (Dropbox, Inc.) Task: {52AB901A-39B4-4E4A-9BBC-8515003EDBF4} - System32\Tasks\{25727234-BDB6-49A3-9D9E-CC742F5148D8} => C:\Program Files (x86)\LibreOffice 3.6\program\soffice.exe Task: {5A75D7B0-5EE9-46BC-9C12-6C81EE19F488} - System32\Tasks\{FDD00228-4F5D-463F-9B72-2CF5B8B8BAE3} => C:\Program Files (x86)\Electronic Arts\The Sims 3\Game\Bin\Sims3Launcher.exe Task: {7355F8B0-AF20-4773-A3E1-F20019A015E2} - System32\Tasks\WifiManager => C:\Program Files (x86)\Samsung\Easy Display Manager\WifiManager.exe [2010-12-06] (Samsung Electronics Co., Ltd.) Task: {749CC751-B0EE-4D70-B20E-CD1C5DDE22EA} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\Logon => C:\Windows\system32\GWX\GWX.exe [2015-05-07] (Microsoft Corporation) Task: {7A069905-0137-4880-B8B4-A0EDC63A0EF0} - System32\Tasks\EasyPartitionManager => C:\Windows\MSetup\BA46-12225A02\EPM.exe Task: {8155E0FE-072D-4EB4-955F-02CE8A2A433D} - System32\Tasks\advSRS5 => C:\Program Files (x86)\Samsung\Samsung Recovery Solution 5\WCScheduler.exe [2010-11-17] (SEC) Task: {8297CB24-DCBF-49D1-BCFE-1D243D455321} - System32\Tasks\Opera N Sunday => C:\Program Files (x86)\Opera\launcher.exe [2015-06-10] (Opera Software) Task: {8AB62A9C-C0C4-4FC1-A533-8C41C66792A5} - System32\Tasks\EasySpeedUpManager => C:\Program Files (x86)\Samsung\EasySpeedUpManager\EasySpeedUpManager2.exe [2010-12-23] (Samsung Electronics) Task: {9474A09C-6978-4575-AC15-0B1F0F6F21C5} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-03-30] (Google Inc.) Task: {9728DFA4-1493-4728-A083-A5D6C5EE55B9} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-03-30] (Google Inc.) Task: {9CCCDD7F-2654-4BF9-834A-4B678E659D05} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-2100001416-2170443706-2230923172-1001Core => C:\Users\euro rtv agd\AppData\Local\Facebook\Update\FacebookUpdate.exe [2013-08-31] (Facebook Inc.) Task: {A1097230-6751-431E-A4BD-4DA1636AE3F8} - System32\Tasks\SmartRestarter => C:\Program Files\Samsung\SamsungFastStart\SmartRestarter.exe [2010-08-05] (Samsung Electronics Co., Ltd.) Task: {AEF9B1BA-EB87-4087-9E2A-7E4A9748001A} - System32\Tasks\Opera N Saturday => C:\Program Files (x86)\Opera\launcher.exe [2015-06-10] (Opera Software) Task: {BABF5405-6A3E-4A4E-A5CB-EE6531916CC4} - System32\Tasks\Microsoft\Windows\Windows Activation Technologies\ValidationTask => C:\Windows\system32\Wat\WatAdminSvc.exe [2012-11-12] (Microsoft Corporation) Task: {C64A7AD7-9A0E-465B-90BD-E4F4E778560F} - System32\Tasks\Microsoft\Windows\Application Experience\Microsoft Compatibility Appraiser => C:\Windows\system32\compattel\DiagTrackRunner.exe [2015-03-16] (Microsoft Corporation) Task: {D8545B8A-D447-480B-89E0-20509DC00224} - System32\Tasks\Adobe Flash Player Updater => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-06-11] (Adobe Systems Incorporated) Task: {DB1760C3-7BB0-4915-A1CB-3A01A8F50B7A} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\OutOfIdle => C:\Windows\system32\GWX\GWX.exe [2015-05-07] (Microsoft Corporation) Task: {DF4E4E96-DDDF-4A0F-9EDA-74F77C153C61} - System32\Tasks\EasyDisplayMgr => C:\Program Files (x86)\Samsung\Easy Display Manager\dmhkcore.exe [2010-12-06] (Samsung Electronics Co., Ltd.) Task: {E55BFAE6-7ACA-4B98-853F-A83F2F02AA72} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B => schtasks Task: {E89B11F1-BE72-4D4C-A86F-01D7AA25F2C2} - System32\Tasks\EasyBatteryManager => C:\Program Files (x86)\Samsung\EasyBatteryManager\EasyBatteryMgr4.exe [2010-07-20] (SAMSUNG Electronics co., LTD.) Task: {FEFA3858-5ED1-4D33-B547-AAB7DD82C0B8} - System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxconfig => C:\Windows\system32\GWX\GWXConfigManager.exe [2015-05-07] (Microsoft Corporation) Task: C:\windows\Tasks\Adobe Flash Player Updater.job => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe Task: C:\windows\Tasks\DropboxUpdateTaskUserS-1-5-21-2100001416-2170443706-2230923172-1001Core.job => C:\Users\euro rtv agd\AppData\Local\Dropbox\Update\DropboxUpdate.exe Task: C:\windows\Tasks\DropboxUpdateTaskUserS-1-5-21-2100001416-2170443706-2230923172-1001UA.job => C:\Users\euro rtv agd\AppData\Local\Dropbox\Update\DropboxUpdate.exe Task: C:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2100001416-2170443706-2230923172-1001Core.job => C:\Users\euro rtv agd\AppData\Local\Facebook\Update\FacebookUpdate.exe Task: C:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2100001416-2170443706-2230923172-1001UA.job => C:\Users\euro rtv agd\AppData\Local\Facebook\Update\FacebookUpdate.exe Task: C:\windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: C:\windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe ==================== Loaded Modules (Whitelisted) ============== 2011-07-26 23:21 - 2008-06-05 01:53 - 00027648 _____ () C:\windows\System32\spd__l.dll 2011-05-02 05:40 - 2011-05-02 05:40 - 00034304 _____ () C:\windows\System32\ssm1mlm.dll 2012-12-07 19:27 - 2012-12-07 19:27 - 00167424 _____ () C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe 2011-07-26 08:43 - 2009-12-01 09:21 - 00244904 ____N () C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe 2011-07-26 23:18 - 2010-11-29 06:34 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll 2010-12-17 19:13 - 2010-12-17 19:13 - 00438784 _____ () C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe 2010-12-17 19:13 - 2010-12-17 19:13 - 00050688 _____ () C:\Program Files\Common Files\Common Desktop Agent\CDASrvPS.dll 2012-11-12 21:50 - 2011-11-18 18:14 - 00788992 _____ () C:\Program Files (x86)\TP-LINK\TP-LINK Wireless Configuration Utility\TWCU.exe 2013-02-13 04:37 - 2013-02-13 04:37 - 01263952 _____ () C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe 2011-07-26 23:21 - 2010-10-21 20:22 - 00709632 _____ () C:\windows\system32\SnMinDrv.dll 2011-07-26 08:37 - 2010-07-05 12:42 - 00203776 _____ () C:\Program Files (x86)\Samsung\Movie Color Enhancer\WinCRT.dll 2012-11-12 21:50 - 2011-08-25 15:02 - 01425920 _____ () C:\Program Files (x86)\TP-LINK\TP-LINK Wireless Configuration Utility\nicLan.dll 2012-11-12 21:50 - 2011-03-31 16:36 - 00167424 _____ () C:\Program Files (x86)\TP-LINK\TP-LINK Wireless Configuration Utility\DC_WFF.dll 2015-06-22 21:10 - 2015-06-22 21:10 - 00043008 _____ () c:\Users\euro rtv agd\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmp2bjylj.dll 2015-03-04 23:45 - 2015-03-19 09:15 - 00750080 _____ () C:\Users\euro rtv agd\AppData\Roaming\Dropbox\bin\libGLESv2.dll 2015-03-04 23:45 - 2015-03-19 09:15 - 00047616 _____ () C:\Users\euro rtv agd\AppData\Roaming\Dropbox\bin\libEGL.dll 2015-03-04 23:45 - 2015-03-19 09:15 - 00865280 _____ () C:\Users\euro rtv agd\AppData\Roaming\Dropbox\bin\plugins\platforms\qwindows.dll 2015-03-04 23:45 - 2015-03-19 09:15 - 00200704 _____ () C:\Users\euro rtv agd\AppData\Roaming\Dropbox\bin\plugins\imageformats\qjpeg.dll 2015-03-04 23:45 - 2015-03-19 09:15 - 00010240 _____ () C:\Users\euro rtv agd\AppData\Roaming\Dropbox\bin\QtQuick.2\qtquick2plugin.dll 2015-03-04 23:45 - 2015-03-19 09:15 - 00726016 _____ () C:\Users\euro rtv agd\AppData\Roaming\Dropbox\bin\QtQuick\Controls\qtquickcontrolsplugin.dll 2015-03-04 23:45 - 2015-03-19 09:15 - 00010240 _____ () C:\Users\euro rtv agd\AppData\Roaming\Dropbox\bin\QtQuick\Window.2\windowplugin.dll 2011-07-26 09:33 - 2006-08-12 05:48 - 00049152 _____ () C:\Program Files (x86)\Samsung\Easy Display Manager\HookDllPS2.dll 2009-11-02 07:20 - 2009-11-02 07:20 - 00619816 _____ () C:\Program Files (x86)\CyberLink\Power2Go\CLMediaLibrary.dll 2009-11-02 07:23 - 2009-11-02 07:23 - 00013096 _____ () C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvcPS.dll 2013-02-13 04:38 - 2013-02-13 04:38 - 00100688 _____ () C:\Program Files (x86)\DivX\DivX Update\DivXUpdateCheck.dll 2011-07-26 08:50 - 2010-05-07 16:22 - 01636864 _____ () C:\Program Files (x86)\Samsung\Samsung Recovery Solution 5\Resdll.dll 2015-06-11 07:45 - 2015-06-11 07:45 - 16867504 _____ () C:\windows\SysWOW64\Macromed\Flash\NPSWF32_17_0_0_188.dll ==================== Alternate Data Streams (Whitelisted) ========= (If an entry is included in the fixlist, only the ADS will be removed.) ==================== Safe Mode (Whitelisted) =================== (If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.) ==================== EXE Association (Whitelisted) =============== (If an entry is included in the fixlist, the registry item will be restored to default or removed.) ==================== Internet Explorer trusted/restricted =============== (If an entry is included in the fixlist, it will be removed from the registry.) ==================== Other Areas ============================ (Currently there is no automatic fix for this section.) HKU\S-1-5-21-2100001416-2170443706-2230923172-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\euro rtv agd\AppData\Roaming\Mozilla\Firefox\Tapeta pulpitu.bmp DNS Servers: 192.168.100.1 ==================== MSCONFIG/TASK MANAGER disabled items == (Currently there is no automatic fix for this section.) ==================== FirewallRules (Whitelisted) =============== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) FirewallRules: [{D426971D-35ED-46F0-80DF-DFF86CE4765A}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe FirewallRules: [{2155908D-2F16-47C8-A6B6-078580AC8FDB}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe FirewallRules: [{A1BE6C4D-476D-46CF-9ADD-87119DC41250}] => (Allow) C:\Program Files (x86)\CyberLink\Media+Player10\Media+Player10.exe FirewallRules: [{9546BFEC-1AA7-4A03-8A2D-4066B0186376}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDirector\PDR8.EXE FirewallRules: [{362014C1-9012-454B-95B1-F3011D9ED009}] => (Allow) C:\Program Files (x86)\Samsung\Samsung Universal Scan Driver\USDAgent.exe FirewallRules: [{CDC278D9-55EF-4D37-AFA1-2658BEDF52BD}] => (Allow) C:\Program Files (x86)\Samsung\Samsung Universal Scan Driver\USDAgent.exe FirewallRules: [{031E8FA8-5BA2-4859-9529-F69C9EA4121A}] => (Allow) C:\Program Files (x86)\Samsung\Samsung Universal Scan Driver\ICCUpdater.exe FirewallRules: [{18C0B79F-614C-4F42-B793-3423D193FED9}] => (Allow) C:\Program Files (x86)\Samsung\Samsung Universal Scan Driver\ICCUpdater.exe FirewallRules: [{F8380E5B-28DA-4C1C-B9E8-EB2C428340B2}] => (Allow) C:\Windows\System32\SUPDSvc.exe FirewallRules: [{1BF84F3A-59D5-4876-BD3C-F5C400B578C4}] => (Allow) C:\Windows\System32\SUPDSvc.exe FirewallRules: [{1676D555-018F-4506-9C2E-D143A151FF14}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe FirewallRules: [{9FB5EA14-29C6-4169-8F3F-C2C9D2139C61}] => (Allow) LPort=2869 FirewallRules: [{C0DCBB99-A5B4-4C56-8E0C-2B9E9D43CF8E}] => (Allow) LPort=1900 FirewallRules: [{504B004C-3F73-4D7C-B6EB-95AD50D3FE69}] => (Allow) C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe FirewallRules: [{4274EE15-72B0-4C0D-957B-2440CEF30245}] => (Allow) C:\Program Files (x86)\Windows Live\Mesh\MOE.exe FirewallRules: [{062D6F40-A0CA-4D60-A984-FDF859745636}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe FirewallRules: [TCP Query User{0B22066E-6440-49C3-A811-C992AC9924EC}C:\program files (x86)\electronic arts\eadm\core.exe] => (Allow) C:\program files (x86)\electronic arts\eadm\core.exe FirewallRules: [UDP Query User{F6EB993C-6D78-4AB0-B3AB-03180873903D}C:\program files (x86)\electronic arts\eadm\core.exe] => (Allow) C:\program files (x86)\electronic arts\eadm\core.exe FirewallRules: [{2DDAFD61-3976-4EA7-855D-BF026576BD07}] => (Block) C:\program files (x86)\electronic arts\eadm\core.exe FirewallRules: [{E0685C9D-89C6-4286-88F4-21496FD0B260}] => (Block) C:\program files (x86)\electronic arts\eadm\core.exe FirewallRules: [{5D4D6FFC-8263-4E18-821D-B60AA96B0ACF}] => (Allow) C:\Windows\twain_32\Samsung\SCX3400\SCNSearch\USDAgent.exe FirewallRules: [{E5E10058-62D3-4766-9F0A-E0BF97556433}] => (Allow) C:\Windows\twain_32\Samsung\SCX3400\SCNSearch\USDAgent.exe FirewallRules: [{CFC9BF20-E51E-45AB-8861-0ED4F548B8FA}] => (Allow) C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe FirewallRules: [{722C04D3-B89E-4AE5-8387-8160618CC739}] => (Allow) C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe FirewallRules: [{03CB1287-B57D-41B4-9E79-C07963A86EC3}] => (Allow) C:\Program Files (x86)\Samsung\Easy Printer Manager\IDS.Application.exe FirewallRules: [{7EF32F8E-78C2-4B71-B781-1EB7A7558310}] => (Allow) C:\Program Files (x86)\Samsung\Easy Printer Manager\IDS.Application.exe FirewallRules: [{C7201F31-5FA1-4159-8AB5-2DAF8A7D6D72}] => (Allow) C:\Program Files (x86)\Samsung\Easy Printer Manager\OrderSupplies.exe FirewallRules: [{950D38FD-DA28-4EFA-AAA2-03316973B7F3}] => (Allow) C:\Program Files (x86)\Samsung\Easy Printer Manager\OrderSupplies.exe FirewallRules: [{AAF17851-9ABE-49B6-8DD3-F2BC2830FBE6}] => (Allow) C:\Program Files (x86)\Samsung\Easy Printer Manager\IDSAlert.exe FirewallRules: [{B9244EFA-4D83-47A3-BD53-857907FCA756}] => (Allow) C:\Program Files (x86)\Samsung\Easy Printer Manager\IDSAlert.exe FirewallRules: [{8F431F56-430F-47A1-8BFD-9F7C2C678940}] => (Allow) C:\Program Files (x86)\Samsung\Easy Printer Manager\CDAS2PC\CDAS2PC.exe FirewallRules: [{D96ECF40-619A-440C-84B4-44E9BC79D0F3}] => (Allow) C:\Program Files (x86)\Samsung\Easy Printer Manager\CDAS2PC\CDAS2PC.exe FirewallRules: [{B498BE75-72B5-450A-B8BA-B9182677BB42}] => (Allow) C:\Program Files (x86)\Scan Assistant\USDAgent.exe FirewallRules: [{8A82C8FA-D5E9-453E-8F90-01A26CE42EFE}] => (Allow) C:\Program Files (x86)\Scan Assistant\USDAgent.exe FirewallRules: [{91D45BCB-EB76-42A3-ABE6-452A0D4DD712}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe FirewallRules: [{8B29925C-ED5F-4714-88BA-4A69453180DB}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe FirewallRules: [{F78E1C42-3DA7-456A-8957-EE2D0146009C}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Sid Meier's Civilization V\Launcher.exe FirewallRules: [{F695DE6C-189D-4BB4-85A1-39CE7CD2B0A9}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Sid Meier's Civilization V\Launcher.exe FirewallRules: [{124D3386-872A-4822-BF1A-C79E1414B9AC}] => (Allow) C:\Users\euro rtv agd\AppData\Roaming\Dropbox\bin\Dropbox.exe FirewallRules: [{B09AE2FC-F56D-4F74-9F32-23D8F87E3B43}] => (Allow) C:\Users\euro rtv agd\AppData\Roaming\Dropbox\bin\Dropbox.exe FirewallRules: [TCP Query User{A547B54E-77D1-457F-A1E6-501B30E2CF90}C:\users\euro rtv agd\appdata\roaming\dropbox\bin\dropbox.exe] => (Allow) C:\users\euro rtv agd\appdata\roaming\dropbox\bin\dropbox.exe FirewallRules: [UDP Query User{A1D80472-2417-4726-BF9D-D7A0D32AEB26}C:\users\euro rtv agd\appdata\roaming\dropbox\bin\dropbox.exe] => (Allow) C:\users\euro rtv agd\appdata\roaming\dropbox\bin\dropbox.exe FirewallRules: [{6B661872-27D8-4CC3-B14E-CAA7EA01579D}] => (Allow) C:\Users\euro rtv agd\AppData\Local\Facebook\Video\Skype\FacebookVideoCalling.exe FirewallRules: [{94C22CF5-6C38-464A-A4F9-5310CC5B9273}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Sid Meier's Civilization V\Launcher.exe FirewallRules: [{38E3C94C-F848-4706-8D6F-E5CDF60F77F9}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Sid Meier's Civilization V\Launcher.exe FirewallRules: [{DE08CB61-BA2A-4A0E-9DFF-2322EFC222EE}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe FirewallRules: [{CE18B2CC-6289-4F65-B6E4-A4949F5BC40A}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe FirewallRules: [{A66BF602-79B8-4D6A-86CE-7F4EA6FB825F}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe FirewallRules: [{4DC9FAAF-516B-45CF-84F4-D88ACAE5829F}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe FirewallRules: [{67082334-1941-46D0-ACD6-A86B87B22DC0}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe FirewallRules: [{3A574627-1C05-4C71-9787-DC0502E4C01A}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe FirewallRules: [{748E27F7-4705-4961-91F6-0CB30C91F61B}] => (Allow) C:\Program Files (x86)\Origin Games\The Sims 4\Game\Bin\TS4.exe FirewallRules: [{27876A40-37A3-4A83-82D4-832F8521F188}] => (Allow) C:\Program Files (x86)\Origin Games\The Sims 4\Game\Bin\TS4.exe FirewallRules: [TCP Query User{E9ABDE99-686C-4849-A41F-70BE5BE0712E}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe FirewallRules: [UDP Query User{4303A34A-5995-418F-B6C1-1BF8AB5A3D7D}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe FirewallRules: [{4884C8B8-CC69-46A3-BD3C-FFB6A45AEDAC}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe ==================== Faulty Device Manager Devices ============= Name: Broadcom BCM2070 Bluetooth 3.0 + HS USB Device Description: Broadcom BCM2070 Bluetooth 3.0 + HS USB Device Class Guid: {e0cbf06c-cd8b-4647-bb8a-263b43f0f974} Manufacturer: Broadcom Service: BTHUSB Problem: : This device is disabled. (Code 22) Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions. ==================== Event log errors: ========================= Application errors: ================== Error: (06/22/2015 09:09:19 PM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (06/22/2015 07:27:16 PM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (06/22/2015 07:15:30 PM) (Source: MsiInstaller) (EventID: 10005) (User: eurortvagd) Description: Product: Ask Toolbar -- Error 25001. The following applications must be closed before continuing the uninstall: Mozilla Firefox Error: (06/22/2015 07:15:29 PM) (Source: MsiInstaller) (EventID: 10005) (User: eurortvagd) Description: Product: Ask Toolbar -- Error 25001. The following applications must be closed before continuing the uninstall: Mozilla Firefox Error: (06/21/2015 11:01:11 PM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (06/21/2015 10:24:40 PM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (06/21/2015 07:57:32 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3011) (User: ZARZĄDZANIE NT) Description: Nie można usunąć z pamięci ciągów licznika wydajności dla usługi WmiApRpl (WmiApRpl). Pierwszy wpis DWORD w sekcji danych (Data) zawiera kod błędu. Error: (06/21/2015 07:57:32 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3012) (User: ZARZĄDZANIE NT) Description: Ciągi wydajności w wartości rejestru wydajności są uszkodzone, kiedy proces wykonuje następującą operację na dostawcy licznika rozszerzeń: Performance. Wartość BaseIndex z rejestru wydajności to pierwszy wpis DWORD w sekcji danych Data, wartość LastCounter to drugi wpis DWORD, a wartość LastHelp to trzeci wpis DWORD w sekcji Data. Error: (06/21/2015 07:57:32 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3012) (User: ZARZĄDZANIE NT) Description: Ciągi wydajności w wartości rejestru wydajności są uszkodzone, kiedy proces wykonuje następującą operację na dostawcy licznika rozszerzeń: Performance. Wartość BaseIndex z rejestru wydajności to pierwszy wpis DWORD w sekcji danych Data, wartość LastCounter to drugi wpis DWORD, a wartość LastHelp to trzeci wpis DWORD w sekcji Data. Error: (06/21/2015 01:04:02 PM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 System errors: ============= Error: (06/22/2015 09:28:31 PM) (Source: Disk) (EventID: 11) (User: ) Description: Sterownik wykrył błąd kontrolera na \Device\Harddisk1\DR1. Error: (06/22/2015 09:28:27 PM) (Source: Disk) (EventID: 11) (User: ) Description: Sterownik wykrył błąd kontrolera na \Device\Harddisk1\DR1. Error: (06/22/2015 09:12:50 PM) (Source: Service Control Manager) (EventID: 7022) (User: ) Description: Usługa NVIDIA Update Service Daemon zawiesiła się podczas uruchamiania. Error: (06/22/2015 09:09:23 PM) (Source: Service Control Manager) (EventID: 7011) (User: ) Description: Upłynął limit czasu (30000 ms) podczas oczekiwania na odpowiedź transakcji z usługi MBAMScheduler. Error: (06/22/2015 09:08:53 PM) (Source: Service Control Manager) (EventID: 7011) (User: ) Description: Upłynął limit czasu (30000 ms) podczas oczekiwania na odpowiedź transakcji z usługi MBAMScheduler. Error: (06/22/2015 09:03:05 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Nie można uruchomić usługi lirsgt z powodu następującego błędu: %%577 Error: (06/22/2015 09:03:05 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Nie można uruchomić usługi atksgt z powodu następującego błędu: %%577 Error: (06/22/2015 07:26:12 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Nie można uruchomić usługi lirsgt z powodu następującego błędu: %%577 Error: (06/22/2015 07:26:11 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Nie można uruchomić usługi atksgt z powodu następującego błędu: %%577 Error: (06/22/2015 07:25:01 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: ZARZĄDZANIE NT) Description: Nastąpiło nieoczekiwane zatrzymanie modułu rozszerzalności sieci WLAN. Ścieżka modułu: C:\windows\System32\bcmihvsrv64.dll Microsoft Office: ========================= Error: (04/18/2015 00:09:34 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: ) Description: ID: 1, Application Name: Microsoft Office Excel, Application Version: 12.0.6718.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 1994 seconds with 300 seconds of active time. This session ended with a crash. Error: (04/18/2015 11:36:12 AM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: ) Description: ID: 1, Application Name: Microsoft Office Excel, Application Version: 12.0.6718.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 46816 seconds with 2040 seconds of active time. This session ended with a crash. Error: (05/30/2013 10:59:31 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: ) Description: ID: 7, Application Name: Microsoft Office SharePoint Designer, Application Version: 12.0.6211.1000, Microsoft Office Version: 12.0.6612.1000. This session lasted 1791 seconds with 1320 seconds of active time. This session ended with a crash. Error: (03/26/2013 08:01:12 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: ) Description: ID: 1, Application Name: Microsoft Office Excel, Application Version: 12.0.6665.5003, Microsoft Office Version: 12.0.6612.1000. This session lasted 1 seconds with 0 seconds of active time. This session ended with a crash. Error: (03/23/2013 07:55:14 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: ) Description: ID: 1, Application Name: Microsoft Office Excel, Application Version: 12.0.6665.5003, Microsoft Office Version: 12.0.6612.1000. This session lasted 6 seconds with 0 seconds of active time. This session ended with a crash. Error: (03/23/2013 07:54:55 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: ) Description: ID: 1, Application Name: Microsoft Office Excel, Application Version: 12.0.6665.5003, Microsoft Office Version: 12.0.6612.1000. This session lasted 0 seconds with 0 seconds of active time. This session ended with a crash. Error: (03/23/2013 07:54:24 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: ) Description: ID: 1, Application Name: Microsoft Office Excel, Application Version: 12.0.6665.5003, Microsoft Office Version: 12.0.6612.1000. This session lasted 1 seconds with 0 seconds of active time. This session ended with a crash. Error: (03/23/2013 07:53:56 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: ) Description: ID: 1, Application Name: Microsoft Office Excel, Application Version: 12.0.6665.5003, Microsoft Office Version: 12.0.6612.1000. This session lasted 0 seconds with 0 seconds of active time. This session ended with a crash. Error: (03/23/2013 07:53:44 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: ) Description: ID: 1, Application Name: Microsoft Office Excel, Application Version: 12.0.6665.5003, Microsoft Office Version: 12.0.6612.1000. This session lasted 1 seconds with 0 seconds of active time. This session ended with a crash. CodeIntegrity Errors: =================================== Date: 2015-06-22 21:03:05.942 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\lirsgt.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2015-06-22 21:03:05.833 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\lirsgt.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2015-06-22 21:03:05.677 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\atksgt.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2015-06-22 21:03:05.583 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\atksgt.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2015-06-22 19:26:12.068 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\lirsgt.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2015-06-22 19:26:11.974 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\lirsgt.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2015-06-22 19:26:11.787 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\atksgt.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2015-06-22 19:26:11.678 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\atksgt.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2015-06-21 22:59:47.634 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\lirsgt.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2015-06-21 22:59:47.591 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\lirsgt.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. ==================== Memory info =========================== Processor: Intel(R) Core(TM) i5-2450M CPU @ 2.50GHz Percentage of memory in use: 46% Total physical RAM: 6056.29 MB Available physical RAM: 3255.16 MB Total Pagefile: 12110.79 MB Available Pagefile: 9128.64 MB Total Virtual: 8192 MB Available Virtual: 8191.82 MB ==================== Drives ================================ Drive c: () (Fixed) (Total:364 GB) (Free:258.99 GB) NTFS Drive d: () (Fixed) (Total:544.67 GB) (Free:544.24 GB) NTFS Drive f: () (Removable) (Total:14.45 GB) (Free:14.36 GB) NTFS ==================== MBR & Partition Table ================== ======================================================== Disk: 0 (Size: 931.5 GB) (Disk ID: 253681B0) Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS) Partition 2: (Not Active) - (Size=364 GB) - (Type=07 NTFS) Partition 3: (Not Active) - (Size=544.7 GB) - (Type=OF Extended) Partition 4: (Not Active) - (Size=22.7 GB) - (Type=27) ======================================================== Disk: 1 (MBR Code: Windows 7 or 8) (Size: 14.5 GB) (Disk ID: C3072E18) Partition 1: (Active) - (Size=14.5 GB) - (Type=07 NTFS) ==================== End of log ============================