Additional scan result of Farbar Recovery Scan Tool (x64) Version: 01-02-2015 Ran by michala at 2015-02-04 15:26:27 Running from C:\Users\michala\Downloads Boot Mode: Normal ========================================================== ==================== Security Center ======================== (If an entry is included in the fixlist, it will be removed.) AV: ESET Endpoint Antivirus 5.0 (Enabled - Up to date) {77DEAFED-8149-104B-25A1-21771CA47CD1} AS: ESET Endpoint Antivirus 5.0 (Enabled - Up to date) {CCBF4E09-A773-1FC5-1F11-1A056723366C} AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} ==================== Installed Programs ====================== (Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.) 64 Bit HP CIO Components Installer (Version: 8.2.2 - Hewlett-Packard) Hidden Adobe Acrobat XI Pro (HKLM-x32\...\{AC76BA86-1033-FFFF-7760-000000000006}) (Version: 11.0.00 - Adobe Systems) Adobe Flash Player 16 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 16.0.0.296 - Adobe Systems Incorporated) Adobe Flash Player 16 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 16.0.0.296 - Adobe Systems Incorporated) Adobe Reader XI (11.0.10) - Polish (HKLM-x32\...\{AC76BA86-7AD7-1045-7B44-AB0000000001}) (Version: 11.0.10 - Adobe Systems Incorporated) Alcor Micro Smart Card Reader Driver (HKLM-x32\...\SZCCID) (Version: 1.7.37.0 - Alcor Micro Corp.) Alcor Micro Smart Card Reader Driver (x32 Version: 1.7.37.0 - Alcor Micro Corp.) Hidden Bolo-killer (HKU\S-1-5-21-1389842906-3876487780-2281526025-2177\...\46cfc57e5c040262) (Version: 1.2.1.151 - Mikronika) Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.) Broadcom 802.11 Wireless LAN Adapter (HKLM\...\Broadcom 802.11 Wireless LAN Adapter) (Version: - Broadcom Corporation) Broadcom Bluetooth Software (HKLM\...\{A1439D4F-FD46-47F2-A1D3-FEE097C29A09}) (Version: 6.5.1.3700 - Broadcom Corporation) Broadcom Wireless Utility (HKLM\...\Broadcom Wireless Utility) (Version: - Broadcom Corporation) Cisco EAP-FAST Module (x32 Version: 2.2.14 - Cisco Systems, Inc.) Hidden Cisco LEAP Module (x32 Version: 1.0.19 - Cisco Systems, Inc.) Hidden Cisco PEAP Module (x32 Version: 1.1.6 - Cisco Systems, Inc.) Hidden Cisco Systems VPN Client 5.0.07.0440 (HKLM\...\{5FDC06BF-3D3D-4367-8FFB-4FAFCB61972D}) (Version: 5.0.7 - Cisco Systems, Inc.) Corel DESIGNER Technical Suite X5 - EN (x32 Version: 15.2 - Corel Corporation) Hidden Corel DESIGNER Technical Suite X5 - IPM (x32 Version: 15.2 - Corel Corporation) Hidden Corel DESIGNER Technical Suite X5 - Setup Files (x32 Version: 15.2 - Corel Corporation) Hidden Corel DESIGNER Technical Suite X5 - WT (x32 Version: 15.1 - Corel Corporation) Hidden Corel DESIGNER Technical Suite X5 (HKLM-x32\...\_{CE54DCE1-E00A-4D91-ACB9-A2D916C24051}) (Version: 15.2.0.661 - Corel Corporation) Corel DESIGNER Technical Suite X5 (x32 Version: 15.2 - Corel Corporation) Hidden Corel Graphics - Windows Shell Extension (HKLM-x32\...\_{B922902F-E9E9-4AD9-B87D-7F62FA9EA1AD}) (Version: 15.2.0.661 - Corel Corporation) Corel Graphics - Windows Shell Extension (x32 Version: 15.2.661 - Corel Corporation) Hidden Corel Graphics - Windows Shell Extension 64 Bit (Version: 15.2.661 - Corel Corporation) Hidden CorelDRAW Graphics Suite X5 - Capture (x32 Version: 15.2 - Corel Corporation) Hidden CorelDRAW Graphics Suite X5 - Common (x32 Version: 15.2 - Corel Corporation) Hidden CorelDRAW Graphics Suite X5 - Connect (x32 Version: 15.2 - Corel Corporation) Hidden CorelDRAW Graphics Suite X5 - Custom Data (x32 Version: 15.2 - Corel Corporation) Hidden CorelDRAW Graphics Suite X5 - Designer (x32 Version: 15.2 - Corel Corporation) Hidden CorelDRAW Graphics Suite X5 - Draw (x32 Version: 15.2 - Corel Corporation) Hidden CorelDRAW Graphics Suite X5 - EN (x32 Version: 15.2 - Corel Corporation) Hidden CorelDRAW Graphics Suite X5 - Filters (x32 Version: 15.2 - Corel Corporation) Hidden CorelDRAW Graphics Suite X5 - FontNav (x32 Version: 15.2 - Corel Corporation) Hidden CorelDRAW Graphics Suite X5 - PHOTO-PAINT (x32 Version: 15.2 - Corel Corporation) Hidden CorelDRAW Graphics Suite X5 - Photozoom Plugin (x32 Version: 15.0 - Corel Corporation) Hidden CorelDRAW Graphics Suite X5 - Redist (x32 Version: 15.0 - Corel Corporation) Hidden CorelDRAW Graphics Suite X5 - VBA (x32 Version: 15.2 - Corel Corporation) Hidden CorelDRAW Graphics Suite X5 - VideoBrowser (x32 Version: 15.2 - Corel Corporation) Hidden CorelDRAW Graphics Suite X5 - VSTA (x32 Version: 15.2 - Corel Corporation) Hidden CyberLink Power2Go 8 (HKLM-x32\...\InstallShield_{2A87D48D-3FDF-41fd-97CD-A1E370EFFFE2}) (Version: 8.0.3.3207 - CyberLink Corp.) CyberLink PowerDVD 12 (HKLM-x32\...\InstallShield_{B46BEA36-0B71-4A4E-AE41-87241643FA0A}) (Version: 12.0.2.3318 - CyberLink Corp.) CyberLink YouCam (HKLM-x32\...\InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 4.2.1.4225 - CyberLink Corp.) Deep Exploration 6 CE (HKLM-x32\...\{AC8B571C-9C6E-47C1-A508-3BF1BCBED443}) (Version: 6.1 - Right Hemisphere) Energy Star (HKLM-x32\...\{FC0ADA4D-8FA5-4452-8AFF-F0A0BAC97EF7}) (Version: 1.0.9 - Hewlett-Packard Company) ESET Endpoint Antivirus (HKLM\...\{E1A6DF87-007A-4A31-91A7-3792AD5F2177}) (Version: 5.0.2122.17 - ESET, spol. s r.o.) Google Chrome (HKLM-x32\...\Google Chrome) (Version: 40.0.2214.94 - Google Inc.) Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden Hedgehog (HKU\S-1-5-21-1389842906-3876487780-2281526025-2177\...\9eac61132e5a0586) (Version: 1.0.0.40 - Mikronika) Hewlett-Packard ACLM.NET v1.2.2.1 (x32 Version: 1.00.0000 - Hewlett-Packard Company) Hidden HP 3D DriveGuard (HKLM-x32\...\{07F6DC37-0857-4B68-A675-4E35989E85E3}) (Version: 6.0.15.1 - Hewlett-Packard Company) HP Client Security Manager (HKLM\...\HPProtectTools) (Version: 8.3.0.1696 - Hewlett-Packard Company) HP Connection Manager (HKLM-x32\...\{04C23662-CE15-48BE-AF77-7BD9028934E7}) (Version: 4.6.14.1 - Hewlett-Packard Company) HP Device Access Manager (HKLM\...\{D7BC5D88-FC93-46D6-B7B0-145C2E168A95}) (Version: 8.2.1.0 - Hewlett-Packard Company) HP Documentation (HKLM-x32\...\{1F9551BA-A9D4-4F9D-8526-F8CEB8C10C3E}) (Version: 1.1.0.0 - Hewlett-Packard) HP Drive Encryption (HKLM\...\HPDriveEncryption) (Version: 8.6.2.59 - Hewlett-Packard Company) HP ESU for Microsoft Windows 7 (HKLM-x32\...\{240B2BF7-E7E6-425C-A2A4-A3149189BF7F}) (Version: 2.3.1 - Hewlett-Packard Company) HP File Sanitizer (HKLM-x32\...\{547607B0-3294-4ECA-8F5E-921404676CBB}) (Version: 8.4.11.1 - Hewlett-Packard Company) HP HD Webcam Driver (HKLM-x32\...\Sunplus SPUVCb) (Version: 3.4.8.32 - SunplusIT) HP Hotkey Support (HKLM-x32\...\{C807BEFB-0F17-41AC-B307-D7B5E1553040}) (Version: 5.0.20.1 - Hewlett-Packard Company) HP PageLift (HKLM-x32\...\{708ABF62-5D7A-4550-823A-1F9EFA63645A}) (Version: 1.0.11.1 - Hewlett-Packard Company) HP Setup (HKLM-x32\...\{438363A8-F486-4C37-834C-4955773CB3D3}) (Version: 9.1.15453.4066 - Hewlett-Packard Company) HP SoftPaq Download Manager (HKLM-x32\...\{49524B48-4FE9-4A62-A9FD-1F2258DF5489}) (Version: 3.4.12.0 - Hewlett-Packard Company) HP Software Setup (HKLM-x32\...\{B1AFAD6F-9192-421F-9DFF-60A59571366B}) (Version: 8.7.3 - Hewlett-Packard Company) HP Support Assistant (HKLM-x32\...\{C88F84E5-AE23-44BD-922C-2ABEACACAF7A}) (Version: 7.2.23.56 - Hewlett-Packard Company) HP Support Information (HKLM-x32\...\{B2B7B1C8-7C8B-476C-BE2C-049731C55992}) (Version: 13.00.0000 - Hewlett-Packard) HP System Default Settings (HKLM-x32\...\{3A61A282-4F08-4D43-920C-DC30ECE528E8}) (Version: 2.6.1 - Hewlett-Packard Company) HP Theft Recovery (HKLM-x32\...\InstallShield_{BAC712C6-4061-4C9F-AB58-A5C53E76704A}) (Version: 8.2.0.11 - Hewlett-Packard Company) HP Trust Circles (HKLM-x32\...\HP Trust Circles) (Version: 8.2.15.16418 - CryptoMill Technologies) IDT Audio (HKLM-x32\...\{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}) (Version: 1.0.6491.0 - IDT) Intel(R) Driver Update Utility 2.0 (x32 Version: 2.0.0.29 - Intel) Hidden Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.5.15.1730 - Intel Corporation) Intel(R) Network Connections Drivers (HKLM\...\PROSet) (Version: 18.5 - Intel) Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3960 - Intel Corporation) Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 12.8.0.1016 - Intel Corporation) Intel(R) SDK for OpenCL - CPU Only Runtime Package (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 3.0.0.66956 - Intel Corporation) Intel(R) USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 2.5.1.28 - Intel Corporation) Intel® Driver Update Utility (HKLM-x32\...\{8409c4f7-2340-4933-a304-5d37db4fb48b}) (Version: 2.0.0.29 - Intel) Java 7 Update 71 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F06417071FF}) (Version: 7.0.710 - Oracle) Java 7 Update 71 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F03217071FF}) (Version: 7.0.710 - Oracle) Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation) Microsoft .NET Framework 4.5.2 (Polski) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1045) (Version: 4.5.51209 - Microsoft Corporation) Microsoft Office Professional Plus 2010 (HKLM-x32\...\Office14.PROPLUS) (Version: 14.0.7015.1000 - Microsoft Corporation) Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation) Microsoft Visio Premium 2010 (HKLM-x32\...\Office14.VISIOR) (Version: 14.0.7015.1000 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (HKLM-x32\...\{15134cb0-b767-4960-a911-f2d16ae54797}) (Version: 11.0.50727.1 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.51106 (HKLM-x32\...\{6e8f74e0-43bd-4dce-8477-6ff6828acc07}) (Version: 11.0.51106.1 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.51106 (HKLM-x32\...\{8e70e4e1-06d7-470b-9f74-a51bef21088e}) (Version: 11.0.51106.1 - Microsoft Corporation) Microsoft Visual J# 2.0 Redistributable Package - SE (x64) (HKLM\...\Microsoft Visual J# 2.0 Redistributable Package - SE (x64)) (Version: - Microsoft Corporation) Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation) Microsoft Visual Studio Tools for Applications 2.0 - ENU (HKLM-x32\...\{AA4A4B2C-0465-3CF8-BA76-27A027D8ACAB}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual Studio Tools for Applications 2.0 Runtime (HKLM-x32\...\{299C0434-4F4E-341F-A916-4E07AEB35E79}) (Version: 9.0.30729 - Microsoft Corporation) Mobile Partner (HKLM-x32\...\Mobile Partner) (Version: 11.302.09.01.539 - Huawei Technologies Co.,Ltd) Mozilla Firefox 33.1.1 (x86 pl) (HKLM-x32\...\Mozilla Firefox 33.1.1 (x86 pl)) (Version: 33.1.1 - Mozilla) Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 33.1 - Mozilla) MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation) MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation) Nero 7 Ultra Edition (HKLM-x32\...\{D98C0C51-F9BB-4EE4-B791-22BF6EE31045}) (Version: 7.02.8633 - Nero AG) NetSetMan 3.7.3 (HKLM-x32\...\NetSetMan_is1) (Version: 3.7.3 - Ilja Herlein) OmapInstaller (HKU\S-1-5-21-1389842906-3876487780-2281526025-2177\...\f55f164fcc652f34) (Version: 1.0.0.37 - Mikronika) opensource (x32 Version: 1.0.14960.3876 - Your Company Name) Hidden PDF Complete Corporate Edition (HKLM-x32\...\PDF Complete) (Version: 4.1.50 - PDF Complete, Inc) Plus Internet 2.3 (HKLM-x32\...\Plus Internet_is1) (Version: - Polkomtel S.A.) Polski pakiet językowy dla narzędzi Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - PLK) (Version: 10.0.50903 - Microsoft Corporation) Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 1.1.9200.23 - Realtek Semiconductor Corp.) Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version: - Microsoft) Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{91140000-0057-0000-0000-0000000FF1CE}_Office14.VISIOR_{359ADBEC-068A-4CC9-9174-77AB8EDB867A}) (Version: - Microsoft) Skype™ 6.11 (HKLM-x32\...\{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}) (Version: 6.11.102 - Skype Technologies S.A.) Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 17.0.8.9 - Synaptics Incorporated) SynTech wersja 3.87 (HKLM-x32\...\SynTech_is1) (Version: - Mikronika) TeamViewer 9 (HKLM-x32\...\TeamViewer 9) (Version: 9.0.32494 - TeamViewer) Total Commander 64-bit (Remove or Repair) (HKLM\...\Totalcmd64) (Version: 8.51 - Ghisler Software GmbH) Validity Fingerprint Sensor Driver (HKLM\...\{F5850B80-27F9-406E-91D3-1329F813BA63}) (Version: 4.5.130.0 - Validity Sensors, Inc.) VirtualCloneDrive (HKLM-x32\...\VirtualCloneDrive) (Version: 5.4.7.0 - Elaborate Bytes) VLC media player (HKLM\...\VLC media player) (Version: 2.1.5 - VideoLAN) VMware vSphere Client 5.5 (HKLM-x32\...\{4CFB0494-2E96-4631-8364-538E2AA91324}) (Version: 5.5.0.4330 - VMware, Inc.) WinRAR 5.11 (64-bitowy) (HKLM\...\WinRAR archiver) (Version: 5.11.0 - win.rar GmbH) ==================== Custom CLSID (selected items): ========================== (If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.) CustomCLSID: HKU\S-1-5-21-1389842906-3876487780-2281526025-2177_Classes\CLSID\{820D63D5-8CFF-46DE-86AF-4997DEDD6DB5}\localserver32 -> C:\Windows\system32\igfxEM.exe (Intel Corporation) ==================== Restore Points ========================= 17-01-2015 17:39:31 Windows Update 19-01-2015 10:19:54 Installed CardTest 1.2a 19-01-2015 10:23:58 Removed CardTest 1.2a 20-01-2015 11:49:50 Windows Update 26-01-2015 14:30:43 Windows Update 04-02-2015 07:59:52 Windows Update ==================== Hosts content: ========================== (If needed Hosts: directive could be included in the fixlist to reset Hosts.) 2009-07-14 03:34 - 2015-02-04 08:21 - 00000027 ____A C:\Windows\system32\Drivers\etc\hosts 127.0.0.1 localhost ==================== Scheduled Tasks (whitelisted) ============= (If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.) Task: {04E51D1C-765A-4000-803A-3E591DE2014E} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-12-03] (Google Inc.) Task: {1877E151-FE27-474E-8831-FC9A9811EED1} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-12-03] (Google Inc.) Task: {18B60076-19C2-4187-87E1-9342BC134598} - System32\Tasks\AutoKMS => C:\WINDOWS\AutoKMS\AutoKMS.exe [2014-11-28] () Task: {22616DF0-8B23-4C55-82D0-BC3AD9FDBEED} - System32\Tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask => Sc.exe start osppsvc Task: {5ADD6655-2C76-4639-AB3E-85CB843A77F9} - System32\Tasks\elbyExecuteWithUAC => C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\ExecuteWithUAC.exe [2013-03-21] () Task: {9742F802-71EF-46C3-BC74-BD4302518293} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-01-27] (Adobe Systems Incorporated) Task: {A16E080F-CEBB-4083-A694-96F9953B133F} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2013-06-08] (Hewlett-Packard Company) Task: {A42E112C-5AF2-4096-8977-3FC18D08B5B1} - System32\Tasks\{DFAA0E49-C3FF-40ED-AE52-47778A939793} => pcalua.exe -a D:\Hedgehog\setup.exe -d D:\Hedgehog Task: {B9AC4736-3086-4843-A76E-706BFF2A913E} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2014-12-19] (Adobe Systems Incorporated) Task: {BA87EC89-1416-4BB5-B9A6-B85F92AE9CAE} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Update Check => C:\ProgramData\Hewlett-Packard\HP Support Framework\Resources\Updater7\HPSFUpdater.exe [2012-11-29] (Hewlett-Packard Company) Task: {BFDC6554-C0B0-4B10-A120-962D7C6B593A} - System32\Tasks\Registration => C:\Program Files (x86)\Hewlett-Packard\HP Setup\Dependencies\RemEngine.exe [2012-03-21] () Task: {EA4AE065-0E44-40FF-ACC1-349E848D5075} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2013-06-08] (Hewlett-Packard Company) Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe ==================== Loaded Modules (whitelisted) ============= 2013-05-22 21:21 - 2013-05-22 21:21 - 00299832 _____ () c:\Program Files\Hewlett-Packard\Pre-Boot Security for HP ProtectTools\BIOSDomainPlugin.dll 2013-08-14 21:06 - 2013-08-14 21:06 - 00007168 _____ () C:\Program Files (x86)\Hewlett-Packard\HP Theft Recovery\CtService.exe 2013-09-05 00:17 - 2013-09-05 00:17 - 04300456 _____ () C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Cultures\OFFICE.ODF 2011-03-04 12:49 - 2011-03-04 12:49 - 00202752 _____ () C:\Program Files (x86)\Cisco Systems\VPN Client\vpnapi.dll 2014-06-29 14:51 - 2013-08-05 08:49 - 00627672 _____ () C:\Program Files (x86)\CyberLink\Power2Go8\CLMediaLibrary.dll 2013-08-05 23:48 - 2013-08-05 23:48 - 00016856 _____ () c:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvcPS.dll 2012-09-23 18:44 - 2012-09-23 18:44 - 00010240 _____ () C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\locale\pl_pl\acrotray.pol 2014-06-29 14:48 - 2013-09-16 23:19 - 01242584 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll 2013-06-05 19:35 - 2013-06-05 19:35 - 00514570 _____ () c:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\sqlite3.dll 2014-11-28 16:24 - 2014-11-28 16:24 - 03649648 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll 2013-09-05 00:14 - 2013-09-05 00:14 - 04300456 _____ () C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF ==================== Alternate Data Streams (whitelisted) ========= (If an entry is included in the fixlist, only the Alternate Data Streams will be removed.) ==================== Safe Mode (whitelisted) =================== (If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.) ==================== EXE Association (whitelisted) ============= (If an entry is included in the fixlist, the default will be restored. None default entries will be removed.) ==================== MSCONFIG/TASK MANAGER disabled items ========= (Currently there is no automatic fix for this section.) ========================= Accounts: ========================== Administrator (S-1-5-21-3185109138-2101644562-2727773515-500 - Administrator - Enabled) => C:\Users\Administrator Gość (S-1-5-21-3185109138-2101644562-2727773515-501 - Limited - Disabled) michal (S-1-5-21-3185109138-2101644562-2727773515-1001 - Administrator - Enabled) => C:\Users\michal ==================== Faulty Device Manager Devices ============= Name: Karta tunelowania Teredo firmy Microsoft Description: Karta tunelowania Teredo firmy Microsoft Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318} Manufacturer: Microsoft Service: tunnel Problem: : This device cannot start. (Code10) Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device. On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard. ==================== Event log errors: ========================= Application errors: ================== Error: (02/04/2015 02:31:23 PM) (Source: Group Policy Drive Maps) (EventID: 8192) (User: ZARZĄDZANIE NT) Description: Element preferencji H: użytkownik w obiekcie zasad grupy GP_login2 {C013679D-CC24-4471-8198-172595539F35} nie ma zastosowania z powodu błędu o kodzie 0x80070055 Nazwa lokalnego urządzenia jest już w użyciu.%użytkownik00790275. Error: (02/04/2015 08:58:34 AM) (Source: flcdlock) (EventID: 1067) (User: ) Description: Wystąpił błąd podczas uzyskiwania ustawień dostępu komputera lokalnego. Kod błędu systemowego to 0x54b:- Określona domena nie istnieje lub nie można się z nią skontaktować. Error: (02/04/2015 08:58:05 AM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: m->NextScheduledSPRetry 4072 Error: (02/04/2015 08:58:05 AM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: m->NextScheduledEvent 4072 Error: (02/04/2015 08:58:05 AM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: Continuously busy for more than a second Error: (02/04/2015 08:58:04 AM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: m->NextScheduledSPRetry 3074 Error: (02/04/2015 08:58:04 AM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: m->NextScheduledEvent 3074 Error: (02/04/2015 08:58:04 AM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: Continuously busy for more than a second Error: (02/04/2015 08:58:03 AM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: m->NextScheduledSPRetry 2075 Error: (02/04/2015 08:58:03 AM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: m->NextScheduledEvent 2075 System errors: ============= Error: (02/04/2015 02:31:33 PM) (Source: NetBT) (EventID: 4311) (User: ) Description: Zainicjowanie nie powiodło się, ponieważ nie można utworzyć urządzenia sterownika. Użyj ciągu 00059A3C7800 do identyfikacji interfejsu, którego zainicjowanie nie powiodło się. Reprezentuje on adres MAC błędnego interfejsu lub identyfikator GUID, jeśli interfejs NetBT nie może mapować identyfikatora GUID na adres MAC. Jeśli zarówno adres MAC, jak i identyfikator GUID są niedostępne, ciąg reprezentuje nazwę urządzenia klastra. Error: (02/04/2015 02:31:33 PM) (Source: NetBT) (EventID: 4311) (User: ) Description: Zainicjowanie nie powiodło się, ponieważ nie można utworzyć urządzenia sterownika. Użyj ciągu 00059A3C7800 do identyfikacji interfejsu, którego zainicjowanie nie powiodło się. Reprezentuje on adres MAC błędnego interfejsu lub identyfikator GUID, jeśli interfejs NetBT nie może mapować identyfikatora GUID na adres MAC. Jeśli zarówno adres MAC, jak i identyfikator GUID są niedostępne, ciąg reprezentuje nazwę urządzenia klastra. Error: (02/04/2015 02:31:33 PM) (Source: NetBT) (EventID: 4311) (User: ) Description: Zainicjowanie nie powiodło się, ponieważ nie można utworzyć urządzenia sterownika. Użyj ciągu 00059A3C7800 do identyfikacji interfejsu, którego zainicjowanie nie powiodło się. Reprezentuje on adres MAC błędnego interfejsu lub identyfikator GUID, jeśli interfejs NetBT nie może mapować identyfikatora GUID na adres MAC. Jeśli zarówno adres MAC, jak i identyfikator GUID są niedostępne, ciąg reprezentuje nazwę urządzenia klastra. Error: (02/04/2015 02:31:33 PM) (Source: NetBT) (EventID: 4311) (User: ) Description: Zainicjowanie nie powiodło się, ponieważ nie można utworzyć urządzenia sterownika. Użyj ciągu 00059A3C7800 do identyfikacji interfejsu, którego zainicjowanie nie powiodło się. Reprezentuje on adres MAC błędnego interfejsu lub identyfikator GUID, jeśli interfejs NetBT nie może mapować identyfikatora GUID na adres MAC. Jeśli zarówno adres MAC, jak i identyfikator GUID są niedostępne, ciąg reprezentuje nazwę urządzenia klastra. Error: (02/04/2015 08:57:59 AM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: Usługa CyberLink PowerDVD 12 Media Server Service niespodziewanie zakończyła pracę. Wystąpiło to razy: 1. Error: (02/04/2015 08:52:34 AM) (Source: NETLOGON) (EventID: 5719) (User: ) Description: Ten komputer nie może skonfigurować zabezpieczonej sesji z kontrolerem domeny w domenie MIKRONIKA z następującego powodu: %%1311 To może powodować problemy z uwierzytelnianiem. Upewnij się, że ten komputer jest podłączony do sieci. Jeżeli problem się nie rozwiąże, skontaktuj się z administratorem domeny. INFORMACJE DODATKOWE Jeżeli ten komputer jest kontrolerem domeny dla określonej domeny, konfiguruje zabezpieczoną sesję z emulatorem podstawowego kontrolera domeny w określonej domenie. W przeciwnym przypadku komputer może skonfigurować zabezpieczoną sesję z dowolnym kontrolerem domeny w określonej domenie. Error: (02/04/2015 08:22:13 AM) (Source: Service Control Manager) (EventID: 7030) (User: ) Description: Usługa PEVSystemStart jest oznaczona jako usługa interakcyjna. System jest jednak skonfigurowany tak, aby nie zezwalać na usługi interakcyjne, dlatego ta usługa może nie działać właściwie. Error: (02/04/2015 08:14:20 AM) (Source: Application Popup) (EventID: 1060) (User: ) Description: Ładowanie sterownika \??\C:\ComboFix\catchme.sys zostało zablokowane z powodu niezgodności z tym systemem. Skontaktuj się z dostawcą oprogramowania w celu uzyskania zgodnej wersji sterownika. Error: (02/04/2015 08:10:10 AM) (Source: Service Control Manager) (EventID: 7030) (User: ) Description: Usługa PEVSystemStart jest oznaczona jako usługa interakcyjna. System jest jednak skonfigurowany tak, aby nie zezwalać na usługi interakcyjne, dlatego ta usługa może nie działać właściwie. Error: (02/04/2015 08:01:54 AM) (Source: Microsoft-Windows-GroupPolicy) (EventID: 1055) (User: ZARZĄDZANIE NT) Description: Przetwarzanie zasad grupy nie powiodło się. System Windows nie mógł rozpoznać nazwy komputera. Może to być spowodowane jedną z następujących przyczyn: a) Problem z rozpoznawaniem nazw na bieżącym kontrolerze domeny. b) Opóźnienie replikacji usługi Active Directory (konto utworzone w innym kontrolerze domeny nie zostało jeszcze zreplikowane w bieżącym kontrolerze domeny). Microsoft Office Sessions: ========================= Error: (02/04/2015 02:31:23 PM) (Source: Group Policy Drive Maps) (EventID: 8192) (User: ZARZĄDZANIE NT) Description: użytkownikH:GP_login2 {C013679D-CC24-4471-8198-172595539F35}0x80070055 Nazwa lokalnego urządzenia jest już w użyciu. Error: (02/04/2015 08:58:34 AM) (Source: flcdlock) (EventID: 1067) (User: ) Description: 0x54bOkreślona domena nie istnieje lub nie można się z nią skontaktować. Error: (02/04/2015 08:58:05 AM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: m->NextScheduledSPRetry 4072 Error: (02/04/2015 08:58:05 AM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: m->NextScheduledEvent 4072 Error: (02/04/2015 08:58:05 AM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: Continuously busy for more than a second Error: (02/04/2015 08:58:04 AM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: m->NextScheduledSPRetry 3074 Error: (02/04/2015 08:58:04 AM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: m->NextScheduledEvent 3074 Error: (02/04/2015 08:58:04 AM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: Continuously busy for more than a second Error: (02/04/2015 08:58:03 AM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: m->NextScheduledSPRetry 2075 Error: (02/04/2015 08:58:03 AM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: m->NextScheduledEvent 2075 CodeIntegrity Errors: =================================== Date: 2015-02-04 08:14:20.201 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2015-02-04 08:14:20.156 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2014-12-21 18:38:02.669 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\igdkmd64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2014-12-21 18:38:02.575 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\igdkmd64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2014-12-21 18:36:58.573 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\igdkmd64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2014-12-21 18:36:58.505 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\igdkmd64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2014-11-29 09:14:45.175 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\l3codeca.acm because the set of per-page image hashes could not be found on the system. Date: 2014-11-28 20:26:14.009 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\l3codeca.acm because the set of per-page image hashes could not be found on the system. ==================== Memory info =========================== Processor: Intel(R) Core(TM) i5-4200M CPU @ 2.50GHz Percentage of memory in use: 39% Total physical RAM: 7625.11 MB Available physical RAM: 4650.37 MB Total Pagefile: 15248.4 MB Available Pagefile: 12413.18 MB Total Virtual: 8192 MB Available Virtual: 8191.81 MB ==================== Drives ================================ Drive c: (Windows7) (Fixed) (Total:150.63 GB) (Free:71.5 GB) NTFS Drive d: () (Fixed) (Total:314.13 GB) (Free:310.23 GB) NTFS Drive i: (konstruktorzy) (Network) (Total:390.62 GB) (Free:68.64 GB) NTFS Drive j: () (Network) (Total:149.9 GB) (Free:101.9 GB) NTFS Drive k: (biuro) (Network) (Total:488.28 GB) (Free:17.25 GB) NTFS Drive m: () (Network) (Total:930.9 GB) (Free:314.61 GB) Drive n: (normy) (Network) (Total:24.41 GB) (Free:20.66 GB) NTFS Drive o: (dokumentacje) (Network) (Total:488.28 GB) (Free:86.07 GB) NTFS Drive p: (prezentacje) (Network) (Total:97.66 GB) (Free:19.93 GB) NTFS Drive r: (wlodek) (Network) (Total:781.25 GB) (Free:124.67 GB) NTFS Drive t: (firmware) (Network) (Total:48.83 GB) (Free:25.59 GB) NTFS Drive u: (radio) (Network) (Total:195.31 GB) (Free:47.66 GB) NTFS Drive x: (rob) (Network) (Total:488.28 GB) (Free:315.79 GB) NTFS Drive y: (rv-projekty) (Network) (Total:1757.81 GB) (Free:375.67 GB) NTFS Drive z: (zdjecia) (Network) (Total:781.25 GB) (Free:159.01 GB) NTFS ==================== MBR & Partition Table ================== ======================================================== Disk: 0 (Size: 465.8 GB) (Disk ID: D49D271F) Partition 1: (Active) - (Size=1 GB) - (Type=07 NTFS) Partition 2: (Not Active) - (Size=150.6 GB) - (Type=07 NTFS) Partition 3: (Not Active) - (Size=314.1 GB) - (Type=OF Extended) ==================== End Of Log ============================