Additional scan result of Farbar Recovery Scan Tool (x64) Version: 12-01-2015 02 Ran by SIPLACEAdmin at 2015-01-14 07:53:00 Running from D:\ Boot Mode: Safe Mode (with Networking) ========================================================== ==================== Security Center ======================== (If an entry is included in the fixlist, it will be removed.) AS: Windows Defender (Enabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} ==================== Installed Programs ====================== (Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.) 64 Bit HP CIO Components Installer (Version: 17.2.1 - Hewlett-Packard) Hidden Adobe Flash Player 14 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 14.0.0.176 - Adobe Systems Incorporated) Adobe Reader 9.3 (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-A93000000001}) (Version: 9.3.0 - Adobe Systems Incorporated) Aktualizacje NVIDIA 1.14.17 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 1.14.17 - NVIDIA Corporation) A-Men Technologies USB-to-Serial (HKLM-x32\...\{1805BD6D-C441-4A1C-802D-AFF0232DAACD}) (Version: - ) Astroburn Lite (HKLM-x32\...\Astroburn Lite) (Version: 1.8.0.0182 - Disc Soft Ltd) BMC AppSight Windows Black Box (HKLM-x32\...\InstallShield_{D2B8045F-6166-4CC8-B312-73366288915C}) (Version: 7.6 - BMC Software) BMC AppSight Windows Black Box (x32 Version: 7.6 - BMC Software) Hidden BMC AppSight Windows Black Box Service (HKLM-x32\...\InstallShield_{D6FA5EF4-8DE4-4F17-87D1-B3A0246EE343}) (Version: 7.6 - BMC Software) BMC AppSight Windows Black Box Service (x32 Version: 7.6 - BMC Software) Hidden DAEMON Tools Lite (HKLM-x32\...\DAEMON Tools Lite) (Version: 4.49.1.0356 - Disc Soft Ltd) DYMO Label v.8 (HKLM-x32\...\DYMO Label v.8) (Version: 8.3.0.1242 - Sanford, L.P.) etiLABEL Professional Demo (3.0.0.118) (HKLM-x32\...\etiLABEL_is1) (Version: - ) Firebird 2.5.2.26540 (Win32) (HKLM-x32\...\FBDBServer_2_5_is1) (Version: 2.5.2.26540 - Firebird Project) FMS Empty Folder Remover 1.9.7 (HKLM-x32\...\{B8AA2821-ECF5-496C-BBC1-45B66B56B049}_is1) (Version: - FileManagerSoft Ltd.) Foxit Reader (HKLM-x32\...\Foxit Reader_is1) (Version: 6.1.4.217 - Foxit Corporation) GC-Prevue (HKLM\...\{B5812218-60F6-434A-A9B8-A7673631E72B}) (Version: 22.1.8 - GraphiCode) Google Chrome (HKLM-x32\...\Google Chrome) (Version: 36.0.1985.125 - Google Inc.) Google Update Helper (x32 Version: 1.3.24.15 - Google Inc.) Hidden GSM SIM Utility 9.0 (HKLM-x32\...\{E1ACEF2E-C3C0-43F5-A815-5F0BB968DA70}) (Version: - ) Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 9.18.10.3215 - Intel Corporation) Intel(R) SDK for OpenCL - CPU Only Runtime Package (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 3.0.0.66956 - Intel Corporation) Intel(R) USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 2.5.0.19 - Intel Corporation) Java 7 Update 51 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217051FF}) (Version: 7.0.510 - Oracle) Lenovo Bluetooth with Enhanced Data Rate Software (HKLM\...\{A1439D4F-FD46-47F2-A1D3-FEE097C29A09}) (Version: 6.5.1.4400 - Broadcom Corporation) Lenovo pointing device (HKLM\...\Elantech) (Version: 11.4.21.1 - ELAN Microelectronic Corp.) Lenovo_Wireless_Driver (HKLM-x32\...\{36CE10BD-A076-4DE3-A8A7-2F61E3FB2E6A}) (Version: 6.20.55.14 - Lenovo) Microsoft .NET Framework 4 Client Profile (HKLM\...\Microsoft .NET Framework 4 Client Profile) (Version: 4.0.30319 - Microsoft Corporation) Microsoft .NET Framework 4 Extended (HKLM\...\Microsoft .NET Framework 4 Extended) (Version: 4.0.30319 - Microsoft Corporation) Microsoft Office Professional Plus 2013 (HKLM\...\Office15.PROPLUS) (Version: 15.0.4420.1017 - Microsoft Corporation) Microsoft OneDrive (HKU\S-1-5-21-1363554176-1050123802-1245359072-1008\...\OneDriveSetup.exe) (Version: 17.3.1229.0918 - Microsoft Corporation) Microsoft Report Viewer Redistributable 2008 SP1 (HKLM-x32\...\Microsoft Report Viewer Redistributable 2008 (KB971119)) (Version: - Microsoft Corporation) Microsoft SQL Server 2005 Backward compatibility (HKLM\...\{8909B8A7-CEAB-4772-BF29-1892C4E6603B}) (Version: 8.05.2309 - Microsoft Corporation) Microsoft SQL Server 2008 R2 (64-bit) (HKLM\...\Microsoft SQL Server 2008 R2) (Version: - Microsoft Corporation) Microsoft SQL Server 2008 R2 Native Client (HKLM\...\{79A2C6E8-C727-4D12-B4B3-19790C181DEA}) (Version: 10.52.4000.0 - Microsoft Corporation) Microsoft SQL Server 2008 R2 Policies (HKLM-x32\...\{D21BC5B2-CBAC-48FA-A701-B5A63C1CA7B8}) (Version: 10.50.1600.1 - Microsoft Corporation) Microsoft SQL Server 2008 R2 Setup (English) (HKLM\...\{C3525BF7-3698-4CD3-A8C3-69BD6F57BA3B}) (Version: 10.52.4000.0 - Microsoft Corporation) Microsoft SQL Server 2008 R2 Setup (English) (HKLM-x32\...\{7419AE1A-D1A5-4B24-BD78-C7ABCC26016F}) (Version: 10.52.4000.0 - Microsoft Corporation) Microsoft SQL Server 2008 Setup Support Files (HKLM\...\{B40EE88B-400A-4266-A17B-E3DE64E94431}) (Version: 10.1.2731.0 - Microsoft Corporation) Microsoft SQL Server Browser (HKLM-x32\...\{BF9BF038-FE03-429D-9B26-2FA0FD756052}) (Version: 10.52.4000.0 - Microsoft Corporation) Microsoft SQL Server Compact 3.5 SP2 ENU (HKLM-x32\...\{3A9FC03D-C685-4831-94CF-4EDFD3749497}) (Version: 3.5.8080.0 - Microsoft Corporation) Microsoft SQL Server Compact 3.5 SP2 Query Tools ENU (HKLM-x32\...\{DDFD8348-058C-4F4B-85E5-6D740D4AB3FE}) (Version: 3.5.8080.0 - Microsoft Corporation) Microsoft SQL Server VSS Writer (HKLM\...\{288D79EE-A2D1-42AF-9597-B0ADCC23A8ED}) (Version: 10.52.4000.0 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual Studio Tools for Applications 2.0 - ENU (HKLM-x32\...\{4ECF4BDC-8387-329A-ABE9-CF5798F84BB2}) (Version: 9.0.35191 - Microsoft Corporation) Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 31.1.0 - Mozilla) Mozilla Thunderbird 31.3.0 (x86 pl) (HKLM-x32\...\Mozilla Thunderbird 31.3.0 (x86 pl)) (Version: 31.3.0 - Mozilla) MSI to redistribute MS VS2005 CRT libraries (HKLM-x32\...\{A8D93648-9F7F-407D-915C-62044644C3DA}) (Version: 8.0.50727.42 - The Firebird Project) Narzędzia sprawdzające pakietu Microsoft Office 2013 — polski (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden NVIDIA Sterownik graficzny 327.62 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 327.62 - NVIDIA Corporation) Panel sterowania NVIDIA 327.62 (Version: 327.62 - NVIDIA Corporation) Hidden PL-2303 USB-to-Serial (HKLM-x32\...\{ECC3713C-08A4-40E3-95F1-7D0704F1CE5E}) (Version: 1.1.0 - Prolific Technology INC) PL-2303 Vista Driver Installer (HKLM-x32\...\{EEC010D0-1252-4E1D-BAD9-F1B8F414535C}) (Version: 3.2.0.0 - Prolific) PROfiler 4.9 (HKLM-x32\...\{F1ACEA0C-A202-42DF-9E9C-4B176A7E64DF}) (Version: 4.9.0 - Circuitmaster) Protel 99 SE Service Pack 6 (HKLM-x32\...\Protel 99 SE Service Pack 6) (Version: - ) Protel 99 SE Trial Version (HKLM-x32\...\{EB490160-A606-11D3-9B22-00A0C971727F}) (Version: - ) Qualcomm Atheros Communications Inc.(R) AR81Family Gigabit/Fast Ethernet Driver (HKLM-x32\...\{3108C217-BE83-42E4-AE9E-A56A2A92E549}) (Version: 2.1.0.16 - Qualcomm Atheros Communications Inc.) SAP Crystal Reports runtime engine for .NET Framework 4 (32-bit) (HKLM-x32\...\{083988D7-BDA9-4244-983B-409A634BBC09}) (Version: 13.0.1.220 - SAP) Service Pack 2 for SQL Server 2008 R2 (KB2630458) (64-bit) (HKLM\...\KB2630458) (Version: 10.52.4000.0 - Microsoft Corporation) SIPLACE License Manager (x32 Version: 2.3.0.37 - ASM Assembly Systems) Hidden SIPLACE License Manager V2.3.0.37 (HKLM-x32\...\InstallShield_{7B42565B-F507-40AA-8F1E-42139F534FEF}) (Version: 2.3.0.37 - ASM Assembly Systems) SIPLACE Net Error Reporter Service 1.4.0.3 (HKLM-x32\...\{C600E228-55F3-4758-8F48-3BD227778E4D}) (Version: 1.4.0003 - ASM Assembly Systems) SIPLACE Net Operation Manager Console 1.5.0.5 (HKLM-x32\...\{91A3458F-504F-4117-BA1A-0BF15C3D51AA}) (Version: 1.5.0005 - ASM Assembly Systems) SIPLACE Pro (x32 Version: 10.0.0.47 - ASM Assembly Systems) Hidden SIPLACE Pro V10.0.0.47 (HKLM-x32\...\InstallShield_{A4BBB4A8-2B59-4882-BB2D-A0B41E4C57CC}) (Version: 10.0.0.47 - ASM Assembly Systems) SQL Server 2008 R2 SP2 Common Files (Version: 10.52.4000.0 - Microsoft Corporation) Hidden SQL Server 2008 R2 SP2 Database Engine Services (Version: 10.52.4000.0 - Microsoft Corporation) Hidden SQL Server 2008 R2 SP2 Database Engine Shared (Version: 10.52.4000.0 - Microsoft Corporation) Hidden SQL Server 2008 R2 SP2 Management Studio (Version: 10.52.4000.0 - Microsoft Corporation) Hidden Sql Server Customer Experience Improvement Program (Version: 10.50.1600.1 - Microsoft Corporation) Hidden STREAMSOFT PRO, PRESTIŻ stanowisko sieciowe (HKLM-x32\...\{F2CBC4C4-DDA8-11D5-9CB0-00C02626646B}) (Version: 1.0 - STREAM soft s.j.) TeamViewer 9 (HKLM-x32\...\TeamViewer 9) (Version: 9.0.32494 - TeamViewer) Total Commander (Remove or Repair) (HKLM-x32\...\Totalcmd) (Version: 8.51a - Ghisler Software GmbH) Total Commander 64-bit (Remove or Repair) (HKLM\...\Totalcmd64) (Version: 8.50 - Ghisler Software GmbH) ViewMate 11.6 (HKLM-x32\...\{2ECE7AA7-F042-4478-B576-AE5AE7BD3943}) (Version: 11.6.35 - PentaLogix) WinRAR 5.01 (32-bit) (HKLM-x32\...\WinRAR archiver) (Version: 5.01.0 - win.rar GmbH) YATS (HKLM-x32\...\{62E77BC0-115E-11D5-9ED9-0050DA4C59C8}) (Version: 6.00.003 - ASM Assembly Systems GmbH & Co. KG) YATS (x32 Version: 6.00.003 - ASM Assembly Systems GmbH & Co. KG) Hidden ==================== Custom CLSID (selected items): ========================== (If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.) CustomCLSID: HKU\S-1-5-21-1363554176-1050123802-1245359072-1008_Classes\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}\InprocServer32 -> C:\Users\SIPLACEAdmin\AppData\Local\Microsoft\SkyDrive\17.3.1229.0918\amd64\SkyDriveShell64.dll (Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-1363554176-1050123802-1245359072-1008_Classes\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}\InprocServer32 -> C:\Users\SIPLACEAdmin\AppData\Local\Microsoft\SkyDrive\17.3.1229.0918\amd64\SkyDriveShell64.dll (Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-1363554176-1050123802-1245359072-1008_Classes\CLSID\{CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B}\InprocServer32 -> C:\Users\SIPLACEAdmin\AppData\Local\Microsoft\SkyDrive\17.3.1229.0918\amd64\SkyDriveShell64.dll (Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-1363554176-1050123802-1245359072-1008_Classes\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}\InprocServer32 -> C:\Users\SIPLACEAdmin\AppData\Local\Microsoft\SkyDrive\17.3.1229.0918\amd64\SkyDriveShell64.dll (Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-1363554176-1050123802-1245359072-1008_Classes\CLSID\{F8071786-1FD0-4A66-81A1-3CBE29274458}\InprocServer32 -> C:\Users\SIPLACEAdmin\AppData\Local\Microsoft\SkyDrive\17.3.1229.0918\amd64\FileSyncApi64.dll (Microsoft Corporation) ==================== Restore Points ========================= 11-12-2014 08:28:03 Zainstalowane ACT! by Sage 2008 (10.0) 17-12-2014 15:11:57 Zainstalowano: STREAMSOFT PRO, PRESTIŻ stanowisko sieciowe 25-12-2014 00:00:00 Zaplanowany punkt kontrolny 01-01-2015 00:00:01 Zaplanowany punkt kontrolny 09-01-2015 00:00:00 Zaplanowany punkt kontrolny ==================== Hosts content: ========================== (If needed Hosts: directive could be included in the fixlist to reset Hosts.) 2009-07-14 03:34 - 2009-06-10 22:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts ==================== Scheduled Tasks (whitelisted) ============= (If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.) Task: {0C968A3D-C8A0-4704-8483-6F68D52BB325} - System32\Tasks\Daily SIPLACE Pro database maintenance => C:\Program Files (x86)\SIPLACE\SIPLACE Pro\DBSkripts\SchedulerDailyJobSteps.cmd [2014-04-03] () Task: {10C210B0-31B5-4970-A193-D6352C902372} - System32\Tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask => Sc.exe start osppsvc Task: {1566C79F-82F8-48E4-8545-6D4AF54074E8} - System32\Tasks\Microsoft Office 15 Sync Maintenance for SIPLACE-OFFLINE-SIPLACEAdmin SIPLACE-OFFLINE => C:\Program Files\Microsoft Office\Office15\MsoSync.exe [2012-10-01] (Microsoft Corporation) Task: {156FE9CD-ED75-4A46-8F71-99F8D887883E} - System32\Tasks\Weekly SIPLACE Pro database maintenance => C:\Program Files (x86)\SIPLACE\SIPLACE Pro\DBSkripts\SchedulerWeeklyJobSteps.cmd [2014-04-03] () Task: {3984F3C9-1C43-4EEB-9B88-EE879F1451BC} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office\Office15\msoia.exe [2012-10-01] (Microsoft Corporation) Task: {57D43626-EE33-43B9-B6D6-14D943E82C23} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe [2012-10-01] (Microsoft Corporation) Task: {62EC2A94-1D2A-4F8E-A28C-EAFE62E135F9} - System32\Tasks\{0149E5FC-899F-4720-B3CB-6E40C67D2A59} => E:\bin\demo32.exe Task: {76562085-E460-4201-AA9D-DCC24C5EAAB0} - System32\Tasks\{BB3E1F41-B1C9-4504-844F-C72CE08746FE} => C:\Program Files (x86)\Hewlett-Packard\Toolbox\hpbpsttp.exe [2004-02-12] (Hewlett-Packard) Task: {833536EC-76AA-44A5-B04C-F1772A1F4734} - System32\Tasks\{01F2D051-FC3A-48B0-B394-FC9A7FCB5528} => C:\Users\SIPLACEAdmin\Desktop\LJ2550_toolbox\hpsetup.exe Task: {9377EA63-88D4-4CE5-8F2F-B98F663CA2D8} - System32\Tasks\{4F924A08-8B27-4B1A-98CF-711F682210E3} => C:\Users\SIPLACEAdmin\Desktop\LJ2550_toolbox\hpsetup.exe Task: {ACFC0EDE-854B-4365-AC3A-EBBDB51DB78D} - System32\Tasks\{01A03AA5-5D0C-4B56-A3A4-AD498E8BDEEB} => C:\Program Files (x86)\Hewlett-Packard\Toolbox2.0\hpbpsttp.exe [2003-07-17] (HP) Task: {B2A9D181-2F0E-472C-B35B-33AA1A69E515} - System32\Tasks\{4C8981FF-4BF4-4E5C-A0F6-304838C98967} => pcalua.exe -a "C:\drivers\WLAN Driver (Broadcom, Qualcomm)\Setup.exe" -d "C:\drivers\WLAN Driver (Broadcom, Qualcomm)" Task: {C2952879-14DF-4355-B6CC-B0CBD1481D54} - System32\Tasks\{CE0DD134-2B44-47C0-A04D-7432F939151F} => C:\Program Files (x86)\Hewlett-Packard\Toolbox\hpbpsttp.exe [2004-02-12] (Hewlett-Packard) Task: {C3CC3A1B-EDED-4854-9D3E-7FEA7A1B7AA0} - System32\Tasks\{04E7BF12-64CC-4638-885E-6FF5ED68F2CC} => pcalua.exe -a D:\HP\setup.exe -d D:\HP -c /S /L1045 /v"/qb! RESPONSE=response.ini" Task: {C99B568F-14AB-485A-AC4A-749A58CC08CE} - System32\Tasks\{CD49C0CE-1E2C-4AEC-80C1-5AC5FDC72D16} => C:\Users\SIPLACEAdmin\Desktop\LJ2550_toolbox\toolbox\Windows\hp_toolbox.exe Task: {CD1FABA3-39C0-4DA1-868F-F22D7DDA393D} - System32\Tasks\{CA61DC1B-0EDC-4742-A7BD-FFA1DB4213A5} => pcalua.exe -a "C:\Users\SIPLACEAdmin\Desktop\park-v1.7.7\driver deployment utility\setup.exe" -d "C:\Users\SIPLACEAdmin\Desktop\park-v1.7.7\driver deployment utility" Task: {D3B6F8ED-B1DD-4D40-90AC-315218BD8E6D} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office\Office15\msoia.exe [2012-10-01] (Microsoft Corporation) Task: {F0931B21-6FDE-4EB8-9A49-49EA95677A77} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-07-31] (Google Inc.) Task: {F19B174A-55C4-46C4-8049-CF47BA33E847} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-07-31] (Google Inc.) Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe ==================== Loaded Modules (whitelisted) ============= 2015-01-12 15:02 - 2014-02-10 12:44 - 04592128 _____ () C:\Users\SIPLACEAdmin\AppData\Local\Google\Chrome\User Data\SwiftShader\3.2.6.45159\libglesv2.dll 2015-01-12 15:02 - 2014-02-10 12:44 - 00112128 _____ () C:\Users\SIPLACEAdmin\AppData\Local\Google\Chrome\User Data\SwiftShader\3.2.6.45159\libegl.dll 2014-07-31 12:47 - 2014-07-15 10:24 - 08537928 _____ () C:\Program Files (x86)\Google\Chrome\Application\36.0.1985.125\pdf.dll 2014-07-31 12:47 - 2014-07-15 10:24 - 00353096 _____ () C:\Program Files (x86)\Google\Chrome\Application\36.0.1985.125\ppGoogleNaClPluginChrome.dll 2014-07-31 12:47 - 2014-07-15 10:24 - 01732936 _____ () C:\Program Files (x86)\Google\Chrome\Application\36.0.1985.125\ffmpegsumo.dll ==================== Alternate Data Streams (whitelisted) ========= (If an entry is included in the fixlist, only the Alternate Data Streams will be removed.) ==================== Safe Mode (whitelisted) =================== (If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.) HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Option => "OptionValue"="2" ==================== EXE Association (whitelisted) ============= (If an entry is included in the fixlist, the default will be restored. None default entries will be removed.) ==================== MSCONFIG/TASK MANAGER disabled items ========= (Currently there is no automatic fix for this section.) ========================= Accounts: ========================== Administrator (S-1-5-21-1363554176-1050123802-1245359072-500 - Administrator - Disabled) Gość (S-1-5-21-1363554176-1050123802-1245359072-501 - Limited - Disabled) plr (S-1-5-21-1363554176-1050123802-1245359072-1007 - Limited - Enabled) => C:\Users\plr SIPLACEAdmin (S-1-5-21-1363554176-1050123802-1245359072-1008 - Administrator - Enabled) => C:\Users\SIPLACEAdmin SIPLACEServices (S-1-5-21-1363554176-1050123802-1245359072-1009 - Administrator - Enabled) UpdatusUser (S-1-5-21-1363554176-1050123802-1245359072-1045 - Limited - Enabled) => C:\Users\UpdatusUser YatsUser (S-1-5-21-1363554176-1050123802-1245359072-1002 - Limited - Enabled) ==================== Faulty Device Manager Devices ============= Name: Security Processor Loader Driver Description: Security Processor Loader Driver Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1} Manufacturer: Service: spldr Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24) Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed. Devices stay in this state if they have been prepared for removal. After you remove the device, this error disappears.Remove the device, and this error should be resolved. Name: Teredo Tunneling Pseudo-Interface Description: Karta tunelowania Teredo firmy Microsoft Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318} Manufacturer: Microsoft Service: tunnel Problem: : This device cannot start. (Code10) Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device. On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard. ==================== Event log errors: ========================= Application errors: ================== Error: (01/14/2015 07:51:26 AM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (01/14/2015 07:49:05 AM) (Source: COM) (EventID: 18209) (User: ZARZĄDZANIE NT) Description: domyślne ustawienia komputeraLokalnyC:\Windows\Explorer.EXENiedostępnyZARZĄDZANIE NTUSŁUGA LOKALNAS-1-5-19LocalHost (użycie LRPC) Error: (01/13/2015 03:30:44 PM) (Source: Office Software Protection Platform Service) (EventID: 16385) (User: ) Description: Failed to schedule Software Protection service for re-start at 2015-02-03T05:59:44Z. Error Code: 0x80070490. Error: (01/13/2015 03:22:49 PM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (01/13/2015 03:21:10 PM) (Source: FirebirdGuardianDefaultInstance) (EventID: 0) (User: ) Description: FirebirdGuardianDefaultInstance error: 1063StartServiceCtrlDispatcher failed Error: (01/13/2015 03:20:29 PM) (Source: System Restore) (EventID: 8193) (User: ) Description: Nie można utworzyć punktu przywracania (Proces = C:\Program Files\Common Files\Microsoft Shared\OFFICE15\Office Setup Controller\Setup.exe Files\Common Files\Microsoft Shared\OFFICE15\Office Setup Controller\Setup.exe" -Embedding; Opis = Configured Microsoft Office Professional Plus 2013; Błąd = 0x8007043c). Error: (01/13/2015 02:55:46 PM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (01/13/2015 01:03:39 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Nazwa aplikacji powodującej błąd: gcprevue.exe, wersja: 14.1.8.0, sygnatura czasowa: 0x52e702a0 Nazwa modułu powodującego błąd: MSVCR100.dll, wersja: 10.0.40219.325, sygnatura czasowa: 0x4df2bcac Kod wyjątku: 0x40000015 Przesunięcie błędu: 0x00000000000761c9 Identyfikator procesu powodującego błąd: 0xe68 Godzina uruchomienia aplikacji powodującej błąd: 0xgcprevue.exe0 Ścieżka aplikacji powodującej błąd: gcprevue.exe1 Ścieżka modułu powodującego błąd: gcprevue.exe2 Identyfikator raportu: gcprevue.exe3 Error: (01/13/2015 07:32:44 AM) (Source: Office Software Protection Platform Service) (EventID: 16385) (User: ) Description: Failed to schedule Software Protection service for re-start at 2015-02-03T05:59:44Z. Error Code: 0x80070490. Error: (01/13/2015 07:12:30 AM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 System errors: ============= Error: (01/14/2015 07:51:40 AM) (Source: Service Control Manager) (EventID: 7001) (User: ) Description: Usługa Moduł wyliczający magistrali PnP-X IP zależy od usługi Host dostawcy odnajdowania funkcji, której nie można uruchomić z powodu następującego błędu: %%1068 Error: (01/14/2015 07:50:38 AM) (Source: DCOM) (EventID: 10005) (User: ) Description: 1068fdPHost{D3DCB472-7261-43CE-924B-0704BD730D5F} Error: (01/14/2015 07:50:38 AM) (Source: DCOM) (EventID: 10005) (User: ) Description: 1068fdPHost{145B4335-FE2A-4927-A040-7C35AD3180EF} Error: (01/14/2015 07:50:06 AM) (Source: Service Control Manager) (EventID: 7001) (User: ) Description: Usługa Dostawca grupy domowej zależy od usługi Host dostawcy odnajdowania funkcji, której nie można uruchomić z powodu następującego błędu: %%1068 Error: (01/14/2015 07:49:59 AM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10000) (User: ZARZĄDZANIE NT) Description: C:\Windows\System32\bcmihvsrv64.dll21 Error: (01/14/2015 07:49:58 AM) (Source: DCOM) (EventID: 10005) (User: ) Description: 1084WSearch{7D096C5F-AC08-4F1F-BEB7-5C22C517CE39} Error: (01/14/2015 07:49:58 AM) (Source: DCOM) (EventID: 10005) (User: ) Description: 1084WSearch{9E175B6D-F52A-11D8-B9A5-505054503030} Error: (01/14/2015 07:49:57 AM) (Source: DCOM) (EventID: 10005) (User: ) Description: 1084EventSystem{1BE1F766-5536-11D1-B726-00C04FB926AF} Error: (01/14/2015 07:49:52 AM) (Source: DCOM) (EventID: 10005) (User: ) Description: 1084ShellHWDetection{DD522ACC-F821-461A-A407-50B198B896DC} Error: (01/14/2015 07:49:40 AM) (Source: Service Control Manager) (EventID: 7026) (User: ) Description: Nie można załadować następujących sterowników startu rozruchowego lub systemowego: discache NetworkX spldr Wanarpv6 Microsoft Office Sessions: ========================= Error: (01/14/2015 07:51:26 AM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (01/14/2015 07:49:05 AM) (Source: COM) (EventID: 18209) (User: ZARZĄDZANIE NT) Description: domyślne ustawienia komputeraLokalnyC:\Windows\Explorer.EXENiedostępnyZARZĄDZANIE NTUSŁUGA LOKALNAS-1-5-19LocalHost (użycie LRPC) Error: (01/13/2015 03:30:44 PM) (Source: Office Software Protection Platform Service) (EventID: 16385) (User: ) Description: 0x800704902015-02-03T05:59:44Z Error: (01/13/2015 03:22:49 PM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (01/13/2015 03:21:10 PM) (Source: FirebirdGuardianDefaultInstance) (EventID: 0) (User: ) Description: FirebirdGuardianDefaultInstance error: 1063StartServiceCtrlDispatcher failed Error: (01/13/2015 03:20:29 PM) (Source: System Restore) (EventID: 8193) (User: ) Description: C:\Program Files\Common Files\Microsoft Shared\OFFICE15\Office Setup Controller\Setup.exe Files\Common Files\Microsoft Shared\OFFICE15\Office Setup Controller\Setup.exe" -EmbeddingConfigured Microsoft Office Professional Plus 20130x8007043c Error: (01/13/2015 02:55:46 PM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (01/13/2015 01:03:39 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: gcprevue.exe14.1.8.052e702a0MSVCR100.dll10.0.40219.3254df2bcac4000001500000000000761c9e6801d02ef846d098a7C:\Program Files\GraphiCode\GC-Prevue_x64 22.1.8\gcprevue.exeC:\Windows\system32\MSVCR100.dll35a25788-9b1c-11e4-80db-1c3e84df7024 Error: (01/13/2015 07:32:44 AM) (Source: Office Software Protection Platform Service) (EventID: 16385) (User: ) Description: 0x800704902015-02-03T05:59:44Z Error: (01/13/2015 07:12:30 AM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 CodeIntegrity Errors: =================================== Date: 2014-04-03 14:36:05.656 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files (x86)\YATS\YatsKernel.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2014-04-03 14:36:05.656 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files (x86)\YATS\YatsKernel.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. ==================== Memory info =========================== Processor: Intel(R) Core(TM) i3-4000M CPU @ 2.40GHz Percentage of memory in use: 19% Total physical RAM: 7944.28 MB Available physical RAM: 6363.99 MB Total Pagefile: 15886.75 MB Available Pagefile: 14333.84 MB Total Virtual: 8192 MB Available Virtual: 8191.8 MB ==================== Drives ================================ Drive c: () (Fixed) (Total:247.27 GB) (Free:195.23 GB) NTFS Drive d: () (Fixed) (Total:684.02 GB) (Free:671.92 GB) NTFS ==================== MBR & Partition Table ================== ======================================================== Disk: 0 (Size: 931.5 GB) (Disk ID: D9FA2484) Partition: GPT Partition Type. ==================== End Of Log ============================