Additional scan result of Farbar Recovery Scan Tool (x64) Version:17-12-2015 Ran by KO (2015-12-18 15:10:41) Running from C:\Users\KO\Desktop\Frst Windows 7 Ultimate Service Pack 1 (X64) (2012-12-19 20:19:31) Boot Mode: Normal ========================================================== ==================== Accounts: ============================= Administrator (S-1-5-21-2044814858-3257045265-4192325483-500 - Administrator - Disabled) Guest (S-1-5-21-2044814858-3257045265-4192325483-501 - Limited - Enabled) HomeGroupUser$ (S-1-5-21-2044814858-3257045265-4192325483-1002 - Limited - Enabled) KO (S-1-5-21-2044814858-3257045265-4192325483-1000 - Administrator - Enabled) => C:\Users\KO ==================== Security Center ======================== (If an entry is included in the fixlist, it will be removed.) AV: Bitdefender Antivirus (Enabled - Up to date) {9A0813D8-CED6-F86B-072E-28D2AF25A83D} AS: Bitdefender Antispyware (Enabled - Up to date) {2169F23C-E8EC-F7E5-3D9E-13A0D4A2E280} AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} FW: Bitdefender Firewall (Enabled) {A23392FD-84B9-F933-2C71-81E751F6EF46} ==================== Installed Programs ====================== (Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.) µTorrent (HKLM-x32\...\uTorrent) (Version: 3.2.3.28705 - BitTorrent Inc.) Adobe Flash Player 20 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 20.0.0.228 - Adobe Systems Incorporated) Adobe Flash Player 20 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 20.0.0.235 - Adobe Systems Incorporated) Adobe Help Manager (HKLM-x32\...\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 4.0.244 - Adobe Systems Incorporated) Adobe Media Player (HKLM-x32\...\com.adobe.amp.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 1.8 - Adobe Systems Incorporated) Adobe Reader XI - Polish (HKLM-x32\...\{AC76BA86-7AD7-1045-7B44-AB0000000001}) (Version: 11.0.00 - Adobe Systems Incorporated) Adobe Story (HKLM-x32\...\com.adobe.AdobeStory.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 1.0.571 - Adobe Systems Incorporated) Adobe Widget Browser (HKLM-x32\...\com.adobe.WidgetBrowser) (Version: 2.0 Build 348 - Adobe Systems Incorporated.) AIMP3 (HKLM-x32\...\AIMP3) (Version: v3.51.1288, 07.08.2013 - AIMP DevTeam) Aktualizacja produktu Microsoft Office Excel 2007 Help (KB963678) (HKLM-x32\...\{90120000-0016-0415-0000-0000000FF1CE}_ENTERPRISE_{04E205D6-88B1-4652-B162-42DF2C3B1228}) (Version: - Microsoft) Aktualizacja produktu Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM-x32\...\{90120000-0018-0415-0000-0000000FF1CE}_ENTERPRISE_{442ECBCF-94A7-48CC-8CD9-D31FFFD5FA86}) (Version: - Microsoft) Aktualizacja produktu Microsoft Office Word 2007 Help (KB963665) (HKLM-x32\...\{90120000-001B-0415-0000-0000000FF1CE}_ENTERPRISE_{128A36ED-21BE-4547-9FFE-5B85AEC735DD}) (Version: - Microsoft) ALLMediaServer (HKLM-x32\...\{FE77909E-B782-4554-A92A-4D887CEF0ACC}_is1) (Version: 0.94 - ALLCinema Ltd.) ALLPlayer V5.X (HKLM-x32\...\ALLPlayer_is1) (Version: - ALLCinema Ltd.) AMD Catalyst Install Manager (HKLM\...\{53A19094-2C04-A9B9-7309-3E92152D4845}) (Version: 8.0.903.0 - Advanced Micro Devices, Inc.) AutoCAD 2015 - English (Version: 20.0.51.0 - Autodesk) Hidden AutoCAD 2015 — Polski (Polish) (Version: 20.0.51.0 - Autodesk) Hidden AutoCAD 2015 Language Pack - English (Version: 20.0.51.0 - Autodesk) Hidden AutoCAD 2015 Language Pack – Polski (Polish) (Version: 20.0.51.0 - Autodesk) Hidden Autodesk App Manager (HKLM-x32\...\{C8125548-F2D5-4059-823F-1F3C5BBD9F19}) (Version: 1.2.0 - Autodesk) Autodesk Application Manager (HKLM-x32\...\Autodesk Application Manager) (Version: 4.0.69.0 - Autodesk) Autodesk AutoCAD 2015 - English (HKLM\...\AutoCAD 2015 - English) (Version: 20.0.51.0 - Autodesk) Autodesk AutoCAD 2015 Language Pack – Polski (Polish) (HKLM\...\AutoCAD 2015 Language Pack – Polski (Polish)) (Version: 20.0.51.0 - Autodesk) Autodesk AutoCAD Performance Feedback Tool Version 1.2.2 (HKLM-x32\...\{85735431-6CD3-4B16-BEC8-95332034E53B}) (Version: 1.2.2.0 - Autodesk) Autodesk BIM 360 Glue AutoCAD 2015 Add-in 64 bit (HKLM\...\{9D589081-AFC2-4932-9071-AC585AC1EA83}) (Version: 3.32.3004 - Autodesk) Autodesk Content Service (HKLM-x32\...\Autodesk Content Service) (Version: 3.2.0.0 - Autodesk) Autodesk Content Service (x32 Version: 3.2.0.0 - Autodesk) Hidden Autodesk Content Service Language Pack (x32 Version: 3.2.0.0 - Autodesk) Hidden Autodesk Featured Apps (HKLM-x32\...\{EDDEE94B-214D-4B07-9727-A3E46F3E379A}) (Version: 1.2.0 - Autodesk) Autodesk Material Library 2015 (HKLM-x32\...\{427F733F-4D6C-45BC-9324-EB743104C321}) (Version: 5.2.9.100 - Autodesk) Autodesk Material Library Base Resolution Image Library 2015 (HKLM-x32\...\{ABE2F70B-8D94-44E9-AA04-F0DB35063D62}) (Version: 5.2.9.100 - Autodesk) Bitdefender Total Security (HKLM\...\Bitdefender) (Version: 17.20.0.883 - Bitdefender) bl (x32 Version: 1.0.0 - Your Company Name) Hidden BlueStacks App Player (HKLM-x32\...\{D7E3588F-25E6-4A93-8B1C-596F7951CA38}) (Version: 0.10.7.5601 - BlueStack Systems, Inc.) ChomikBox (HKLM-x32\...\{C7B52FAF-58D8-438C-B810-F78C3C927504}) (Version: 2.0.8.0 - Chomikuj.pl) Creative Audio Control Panel (HKLM-x32\...\AudioCS) (Version: 3.00 - Creative Technology Limited) Creative Software AutoUpdate (HKLM-x32\...\Creative Software AutoUpdate) (Version: 1.41 - Creative Technology Limited) Creative Sound Blaster Properties x64 Edition (HKLM-x32\...\Creative Sound Blaster Properties x64 Edition) (Version: 1.03 - Creative Technology Limited) CyberLink PowerDVD 13 (HKLM-x32\...\InstallShield_{3CFDF154-7E60-4E98-A8DF-C693A4F8E6B6}) (Version: 13.0.3105.58 - CyberLink Corp.) CyberLink PowerDVD 14 (HKLM-x32\...\{32C8E300-BDB4-4398-92C2-E9B7D8A233DB}) (Version: 14.0.3917.58 - CyberLink Corp.) DAEMON Tools Lite (HKLM-x32\...\DAEMON Tools Lite) (Version: 4.48.1.0347 - Disc Soft Ltd) Dev-C++ (HKLM-x32\...\Dev-C++) (Version: 5.9.2 - Bloodshed Software) Diagram Designer (HKLM-x32\...\Diagram Designer) (Version: - ) Easy Tune 6 B11.0728.1 (HKLM-x32\...\InstallShield_{457D7505-D665-4F95-91C3-ECB8C56E9ACA}) (Version: 1.00.0000 - GIGABYTE) Easy Tune 6 B11.0728.1 (x32 Version: 1.00.0000 - GIGABYTE) Hidden eReg (x32 Version: 1.20.138.34 - Logitech, Inc.) Hidden FEMAP v11 64-bit (HKLM-x32\...\InstallShield_{61686B5A-C32B-4564-BDFE-26AD8CDB4E72}) (Version: 11.0 - Siemens Product Lifecycle Management Software Inc.) FEMAP v11 64-bit (Version: 11.0 - Siemens Product Lifecycle Management Software Inc.) Hidden Filedrop version 1.1.5 (HKLM-x32\...\{3A309583-1B4A-4C90-85EA-124EB8DB331A}_is1) (Version: 1.1.5 - Filedrop) Free Word To PDF (HKLM-x32\...\Free Word To PDF_is1) (Version: - Free Word To PDF) Google Chrome (HKLM-x32\...\Google Chrome) (Version: 47.0.2526.106 - Google Inc.) Google Earth Plug-in (HKLM-x32\...\{4AB54F11-2F8C-11E3-B09F-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google) Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden Google Update Helper (x32 Version: 1.3.29.1 - Google Inc.) Hidden Happy Cloud Client (HKU\S-1-5-21-2044814858-3257045265-4192325483-1000\...\HappyCloud) (Version: 3.41 - Happy Cloud, Inc.) HP Deskjet 3540 series — podstawowe oprogramowanie urządzenia (HKLM\...\{09A6295E-F212-4D88-8AC7-D728EBC1D036}) (Version: 32.2.188.47710 - Hewlett-Packard Co.) HP LaserJet Professional P1100-P1560-P1600 Series (HKLM\...\HP LaserJet Professional P1100-P1560-P1600 Series) (Version: - ) HP Support Solutions Framework (HKLM-x32\...\{FC3C2B77-6800-48C6-A15D-9D1031130C16}) (Version: 11.51.0049 - Hewlett-Packard Company) HP Update (HKLM-x32\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard) hppLaserJetService (x32 Version: 001.001.0.0 - Hewlett-Packard) Hidden hppP1100P1560P1600SeriesLaserJetService (x32 Version: 001.001.0.0 - Hewlett-Packard) Hidden hppusgP1100P1560P1600Series (x32 Version: 1.0.0.1 - Hewlett-Packard) Hidden HPSSupply (HKLM-x32\...\{7902E313-FF0F-4493-ACB1-A8147B78DCD0}) (Version: 2.1.1.0000 - Hewlett Packard Development Company L.P.) Jing (HKLM-x32\...\{8C784F8B-89D0-4A59-A000-7EEF129E1574}) (Version: 2.9.15255.1 - TechSmith Corporation) K-Lite Codec Pack 10.0.5 Full (HKLM-x32\...\KLiteCodecPack_is1) (Version: 10.0.5 - ) Left 4 Dead 2 (HKLM-x32\...\Steam App 550) (Version: - Valve) LogMeIn Hamachi (HKLM-x32\...\LogMeIn Hamachi) (Version: 2.2.0.410 - LogMeIn, Inc.) LogMeIn Hamachi (x32 Version: 2.2.0.410 - LogMeIn, Inc.) Hidden MarketResearch (x32 Version: 130.0.374.000 - Hewlett-Packard) Hidden Microsoft .NET Framework 4.5.1 (Polski) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1045) (Version: 4.5.50938 - Microsoft Corporation) Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation) Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft) Microsoft Office Enterprise 2007 (HKLM-x32\...\ENTERPRISE) (Version: 12.0.6612.1000 - Microsoft Corporation) Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation) Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.40728.0 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{A49F249F-0C91-497F-86DF-B2585E8E76B7}) (Version: 8.0.50727.42 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft XNA Framework Redistributable 3.1 (HKLM-x32\...\{19BFDA5D-1FE2-4F25-97F9-1A79DD04EE20}) (Version: 3.1.10527.0 - Microsoft Corporation) Microsoft XNA Framework Redistributable 4.0 (HKLM-x32\...\{2BFC7AA0-544C-4E3A-8796-67F3BE655BE9}) (Version: 4.0.20823.0 - Microsoft Corporation) Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 30.0 - Mozilla) Mozilla Thunderbird 38.4.0 (x86 pl) (HKLM-x32\...\Mozilla Thunderbird 38.4.0 (x86 pl)) (Version: 38.4.0 - Mozilla) MSI Afterburner 2.3.1 (HKLM-x32\...\Afterburner) (Version: 2.3.1 - MSI Co., LTD) MSI Kombustor 2.5.0 (HKLM-x32\...\{0B7C79A5-5CB2-4ABD-A9C1-92A6213CE8DD}_is1) (Version: - MSI Co., LTD) MyPlayer (HKLM-x32\...\MyPlayer) (Version: 2.7.0.10 - MyPortal) NapiProjekt 2.0.0 (build 2151) (HKLM-x32\...\NapiProjekt_is1) (Version: - ) Notepad++ (HKLM-x32\...\Notepad++) (Version: 6.6.7 - Notepad++ Team) OpenAL (HKLM-x32\...\OpenAL) (Version: - ) PDF Settings CS5 (x32 Version: 10.0 - Adobe Systems Incorporated) Hidden ph (x32 Version: 1.0.0 - Your Company Name) Hidden Piwowar (HKLM-x32\...\{43EF8C62-7744-461A-8A62-2471354239C1}) (Version: 1.11.0004 - AGcomp) PxMergeModule (x32 Version: 1.00.0000 - Your Company Name) Hidden Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.45.516.2011 - Realtek) Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6387 - Realtek Semiconductor Corp.) SketchUp 2015 (HKLM\...\{350488A4-1540-4103-8F01-B27503891EB0}) (Version: 15.3.331 - Trimble Navigation Limited) SketchUp Import (HKLM-x32\...\{C403E867-FCF1-432B-BCC1-8FFD40A10A6E}) (Version: 1.2.0 - Autodesk) Skype™ 7.15 (HKLM-x32\...\{6A0549A9-1B96-498C-ACBC-3943001FEB19}) (Version: 7.15.103 - Skype Technologies S.A.) Starbound (HKLM-x32\...\Steam App 211820) (Version: - ) Steam (HKLM-x32\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve Corporation) Total CMA Pack 0.58 (HKLM-x32\...\Total CMA Pack) (Version: 0.58 - CMA) Unified Remote (HKLM-x32\...\{D7930C67-5816-417B-BF28-54BB75EFDAF9}) (Version: 2.14.4.0 - Unified Remote) Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft) Visual Studio 2010 x64 Redistributables (HKLM\...\{21B133D6-5979-47F0-BE1C-F6A6B304693F}) (Version: 13.0.0.1 - AVG Technologies) Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies) Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.) VLC media player 2.0.5 (HKLM-x32\...\VLC media player) (Version: 2.0.5 - VideoLAN) WinRAR 4.00 (64-bit) (HKLM\...\WinRAR archiver) (Version: 4.00.0 - win.rar GmbH) WRFSL (x32 Version: 1.02.001 D - Asseco Poland S.A.) Hidden WRFSL 1.02.001 D (HKLM-x32\...\{98A95680-71E0-4C6B-B3D0-384193FCA4F6}) (Version: 1.02.001 D - Asseco Poland S.A.) Xiph.Org Ogg Codecs 0.83.17220 32-bit (HKLM-x32\...\Ogg Codecs) (Version: 0.83.17220 - Xiph.Org) ==================== Custom CLSID (Whitelisted): ========================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) CustomCLSID: HKU\S-1-5-21-2044814858-3257045265-4192325483-1000_Classes\CLSID\{0B628DE4-07AD-4284-81CA-5B439F67C5E6}\localserver32 -> C:\Program Files\Autodesk\AutoCAD 2015\acad.exe (Autodesk, Inc.) CustomCLSID: HKU\S-1-5-21-2044814858-3257045265-4192325483-1000_Classes\CLSID\{149DD748-EA85-45A6-93C5-AC50D0260C98}\localserver32 -> C:\Program Files\Autodesk\AutoCAD 2015\acad.exe (Autodesk, Inc.) CustomCLSID: HKU\S-1-5-21-2044814858-3257045265-4192325483-1000_Classes\CLSID\{E2C40589-DE61-11ce-BAE0-0020AF6D7005}\InprocServer32 -> C:\Program Files\Autodesk\AutoCAD 2015\en-US\acadficn.dll (Autodesk, Inc.) ==================== Restore Points ========================= 17-12-2015 13:20:03 Scheduled Checkpoint 17-12-2015 21:17:44 Installed SpyHunter 17-12-2015 22:47:04 Installed Microsoft Fix it 50688 18-12-2015 14:57:09 Removed Java 7 Update 17 (64-bit) 18-12-2015 14:57:32 Removed Java 7 Update 21 18-12-2015 14:58:30 Removed SpyHunter 18-12-2015 15:05:31 Restore Point Created by FRST ==================== Hosts content: =============================== (If needed Hosts: directive could be included in the fixlist to reset Hosts.) 2009-07-14 03:34 - 2015-12-18 15:05 - 00000035 ____A C:\Windows\system32\Drivers\etc\hosts ==================== Scheduled Tasks (Whitelisted) ============= (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) Task: {41367201-68CD-439F-AC64-CE8DD36F930C} - System32\Tasks\Bitdefender Update Product Data_A17FD818A96743FAB28AC221BEB4B2C8 => C:\Program Files\Bitdefender\Bitdefender\bdproductdata.exe [2015-07-29] (Bitdefender) Task: {41CC1B16-9794-4E8C-AA02-1E18066C816E} - System32\Tasks\ALL Update => C:\Program Files (x86)\ALLPlayer\ALLUpdate.exe [2013-04-14] (ALLPlayer Group Ltd.) Task: {44DD1140-7D9A-40EF-A077-5391881B558C} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-12-09] (Adobe Systems Incorporated) Task: {D5D1DDBD-05C1-4939-829A-498DB1B83F44} - System32\Tasks\Java Update Scheduler => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe Task: {ED16E6E4-E316-476D-A6A2-84D165555F57} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-31] (Google Inc.) Task: {F0F9C490-E997-4399-B353-BE67955A8CC8} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-31] (Google Inc.) (If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.) Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe ==================== Shortcuts ============================= (The entries could be listed to be restored or removed.) ==================== Loaded Modules (Whitelisted) ============== 2014-10-13 18:13 - 2014-10-13 18:13 - 00265080 _____ () C:\Program Files\Bitdefender\Bitdefender\txmlutil.dll 2014-08-13 15:07 - 2014-08-13 15:07 - 00003072 _____ () C:\Program Files\Bitdefender\Bitdefender\UI\accessl.ui 2013-10-28 19:31 - 2011-11-14 20:17 - 00153680 _____ () C:\Program Files\Bitdefender\Bitdefender\bdfwcore.dll 2013-10-28 19:31 - 2014-08-13 15:06 - 00004608 _____ () C:\Program Files\Bitdefender\Bitdefender\UI\IMSecurityAL.ui 2015-12-03 20:17 - 2015-12-03 20:17 - 00876888 _____ () C:\Program Files\Bitdefender\Bitdefender\otengines_01250_031\ashttpbr.mdl 2015-12-03 20:17 - 2015-12-03 20:17 - 00742976 _____ () C:\Program Files\Bitdefender\Bitdefender\otengines_01250_031\ashttpdsp.mdl 2015-12-03 20:17 - 2015-12-03 20:18 - 02803536 _____ () C:\Program Files\Bitdefender\Bitdefender\otengines_01250_031\ashttpph.mdl 2015-12-03 20:17 - 2015-12-03 20:18 - 01415584 _____ () C:\Program Files\Bitdefender\Bitdefender\otengines_01250_031\ashttprbl.mdl 2015-04-05 00:24 - 2010-03-04 15:56 - 00289280 _____ () C:\Windows\System32\HP1100LM.DLL 2015-04-05 00:25 - 2010-03-04 15:56 - 00074240 _____ () C:\Windows\system32\spool\PRTPROCS\x64\HP1100PP.DLL 2013-10-28 19:31 - 2013-03-25 16:16 - 01117920 _____ () C:\Program Files\Bitdefender\Bitdefender SafeBox\System.Data.SQLite.dll 2015-04-05 00:24 - 2010-03-04 15:57 - 03031040 _____ () C:\Windows\system32\spool\DRIVERS\x64\3\hp1100su.dll 2015-04-05 00:24 - 2010-03-04 15:56 - 01038336 _____ () C:\Windows\system32\spool\DRIVERS\x64\3\HP1100GC.dll 2015-03-10 20:00 - 2014-12-05 03:27 - 00055688 _____ () C:\Program Files (x86)\Common Files\Autodesk Shared\AppManager\R1\QtSolutions_Service-head.dll 2015-03-10 20:00 - 2014-12-05 03:27 - 00104328 _____ () C:\Program Files (x86)\Common Files\Autodesk Shared\AppManager\R1\qjson0.dll 2014-04-25 19:21 - 2014-02-19 04:21 - 00541683 _____ () C:\Program Files (x86)\CyberLink\PowerDVD14\Kernel\DMS\sqlite3.dll 2013-10-28 19:31 - 2014-10-13 18:13 - 00204280 _____ () C:\Program Files\Bitdefender\Bitdefender\antispam32\txmlutil.dll 2011-12-02 13:15 - 2011-12-02 13:15 - 00699392 _____ () C:\Program Files (x86)\ChomikBox\libgstreamer-0.10.dll 2011-12-02 13:14 - 2011-12-02 13:14 - 01396736 _____ () C:\Program Files (x86)\ChomikBox\libxml2-2.dll 2011-12-02 13:14 - 2011-12-02 13:14 - 00085504 _____ () C:\Program Files (x86)\ChomikBox\z.dll 2011-12-02 13:15 - 2011-12-02 13:15 - 00053760 _____ () C:\Program Files (x86)\ChomikBox\libgstinterfaces-0.10.dll 2011-12-02 13:15 - 2011-12-02 13:15 - 00013824 _____ () C:\Program Files (x86)\ChomikBox\gplugins\libgstacmmp3dec.dll 2011-12-02 13:14 - 2011-12-02 13:14 - 00041984 _____ () C:\Program Files (x86)\ChomikBox\libgstriff-0.10.dll 2011-12-02 13:15 - 2011-12-02 13:15 - 00133120 _____ () C:\Program Files (x86)\ChomikBox\libgsttag-0.10.dll 2011-12-02 13:14 - 2011-12-02 13:14 - 00253440 _____ () C:\Program Files (x86)\ChomikBox\libgstbase-0.10.dll 2011-12-02 13:15 - 2011-12-02 13:15 - 00109568 _____ () C:\Program Files (x86)\ChomikBox\libgstaudio-0.10.dll 2011-12-02 13:15 - 2011-12-02 13:15 - 00038400 _____ () C:\Program Files (x86)\ChomikBox\gplugins\libgstaiff.dll 2011-12-02 13:15 - 2011-12-02 13:15 - 00018944 _____ () C:\Program Files (x86)\ChomikBox\gplugins\libgstalaw.dll 2011-12-02 13:15 - 2011-12-02 13:15 - 00015360 _____ () C:\Program Files (x86)\ChomikBox\gplugins\libgstapetag.dll 2011-12-02 13:15 - 2011-12-02 13:15 - 00098304 _____ () C:\Program Files (x86)\ChomikBox\libgstpbutils-0.10.dll 2011-12-02 13:14 - 2011-12-02 13:14 - 00038912 _____ () C:\Program Files (x86)\ChomikBox\libgstvideo-0.10.dll 2011-12-02 13:15 - 2011-12-02 13:15 - 00008192 _____ () C:\Program Files (x86)\ChomikBox\gplugins\libgstapp.dll 2011-12-02 13:15 - 2011-12-02 13:15 - 00039936 _____ () C:\Program Files (x86)\ChomikBox\libgstapp-0.10.dll 2011-12-02 13:15 - 2011-12-02 13:15 - 00095232 _____ () C:\Program Files (x86)\ChomikBox\gplugins\libgstasf.dll 2011-12-02 13:15 - 2011-12-02 13:15 - 00070656 _____ () C:\Program Files (x86)\ChomikBox\libgstrtp-0.10.dll 2011-12-02 13:14 - 2011-12-02 13:14 - 00025088 _____ () C:\Program Files (x86)\ChomikBox\libgstsdp-0.10.dll 2011-12-02 13:14 - 2011-12-02 13:14 - 00070144 _____ () C:\Program Files (x86)\ChomikBox\libgstrtsp-0.10.dll 2011-12-02 13:15 - 2011-12-02 13:15 - 00064000 _____ () C:\Program Files (x86)\ChomikBox\gplugins\libgstasfmux.dll 2011-12-02 13:15 - 2011-12-02 13:15 - 00078336 _____ () C:\Program Files (x86)\ChomikBox\gplugins\libgstaudioconvert.dll 2011-12-02 13:14 - 2011-12-02 13:14 - 00563712 _____ () C:\Program Files (x86)\ChomikBox\liborc-0.4-0.dll 2011-12-02 13:15 - 2011-12-02 13:15 - 00020480 _____ () C:\Program Files (x86)\ChomikBox\gplugins\libgstaudiorate.dll 2011-12-02 13:15 - 2011-12-02 13:15 - 00052224 _____ () C:\Program Files (x86)\ChomikBox\gplugins\libgstaudioresample.dll 2011-12-02 13:15 - 2011-12-02 13:15 - 00018944 _____ () C:\Program Files (x86)\ChomikBox\gplugins\libgstauparse.dll 2011-12-02 13:15 - 2011-12-02 13:15 - 00029184 _____ () C:\Program Files (x86)\ChomikBox\gplugins\libgstautodetect.dll 2011-12-02 13:15 - 2011-12-02 13:15 - 00022528 _____ () C:\Program Files (x86)\ChomikBox\gplugins\libgstcdxaparse.dll 2011-12-02 13:15 - 2011-12-02 13:15 - 00212992 _____ () C:\Program Files (x86)\ChomikBox\gplugins\libgstcoreelements.dll 2011-12-02 13:15 - 2011-12-02 13:15 - 00011776 _____ () C:\Program Files (x86)\ChomikBox\gplugins\libgstcoreindexers.dll 2011-12-02 13:15 - 2011-12-02 13:15 - 00032768 _____ () C:\Program Files (x86)\ChomikBox\gplugins\libgstdecodebin.dll 2011-12-02 13:15 - 2011-12-02 13:15 - 00086016 _____ () C:\Program Files (x86)\ChomikBox\gplugins\libgstdecodebin2.dll 2011-12-02 13:15 - 2011-12-02 13:15 - 00228864 _____ () C:\Program Files (x86)\ChomikBox\gplugins\libgstdirectsound.dll 2011-12-02 13:15 - 2011-12-02 13:15 - 00026624 _____ () C:\Program Files (x86)\ChomikBox\gplugins\libgstequalizer.dll 2011-12-02 13:15 - 2011-12-02 13:15 - 00126976 _____ () C:\Program Files (x86)\ChomikBox\libgstcontroller-0.10.dll 2011-12-02 13:15 - 2011-12-02 13:15 - 00180736 _____ () C:\Program Files (x86)\ChomikBox\gplugins\libgstffmpeg-lgpl.dll 2011-12-02 13:15 - 2011-12-02 13:15 - 00111104 _____ () C:\Program Files (x86)\ChomikBox\avutil-lgpl-50.dll 2011-12-02 13:14 - 2011-12-02 13:14 - 00881664 _____ () C:\Program Files (x86)\ChomikBox\avformat-lgpl-52.dll 2011-12-02 13:14 - 2011-12-02 13:14 - 05038592 _____ () C:\Program Files (x86)\ChomikBox\avcodec-lgpl-52.dll 2011-12-02 13:14 - 2011-12-02 13:14 - 00018944 _____ () C:\Program Files (x86)\ChomikBox\avcore-lgpl-0.dll 2011-12-02 13:15 - 2011-12-02 13:15 - 00067584 _____ () C:\Program Files (x86)\ChomikBox\libbz2.dll 2011-12-02 13:15 - 2011-12-02 13:15 - 00069120 _____ () C:\Program Files (x86)\ChomikBox\gplugins\libgstflac.dll 2011-12-02 13:15 - 2011-12-02 13:15 - 00331264 _____ () C:\Program Files (x86)\ChomikBox\libFLAC-8.dll 2011-12-02 13:15 - 2011-12-02 13:15 - 00023552 _____ () C:\Program Files (x86)\ChomikBox\libogg-0.dll 2011-12-02 13:15 - 2011-12-02 13:15 - 00015872 _____ () C:\Program Files (x86)\ChomikBox\gplugins\libgsticydemux.dll 2011-12-02 13:15 - 2011-12-02 13:15 - 00032256 _____ () C:\Program Files (x86)\ChomikBox\gplugins\libgstid3demux.dll 2011-12-02 13:15 - 2011-12-02 13:15 - 00035840 _____ () C:\Program Files (x86)\ChomikBox\gplugins\libgstinterleave.dll 2011-12-02 13:15 - 2011-12-02 13:15 - 00019456 _____ () C:\Program Files (x86)\ChomikBox\gplugins\libgstlevel.dll 2011-12-02 13:15 - 2011-12-02 13:15 - 00047616 _____ () C:\Program Files (x86)\ChomikBox\gplugins\libgstmpegaudioparse.dll 2011-12-02 13:15 - 2011-12-02 13:15 - 00151040 _____ () C:\Program Files (x86)\ChomikBox\gplugins\libgstmpegdemux.dll 2011-12-02 13:15 - 2011-12-02 13:15 - 00030208 _____ () C:\Program Files (x86)\ChomikBox\gplugins\libgstmpegpsmux.dll 2011-12-02 13:15 - 2011-12-02 13:15 - 00059904 _____ () C:\Program Files (x86)\ChomikBox\gplugins\libgstmpegstream.dll 2011-12-02 13:15 - 2011-12-02 13:15 - 00039424 _____ () C:\Program Files (x86)\ChomikBox\gplugins\libgstmpegtsmux.dll 2011-12-02 13:15 - 2011-12-02 13:15 - 00023552 _____ () C:\Program Files (x86)\ChomikBox\gplugins\libgstneonhttpsrc.dll 2011-12-02 13:14 - 2011-12-02 13:14 - 00125952 _____ () C:\Program Files (x86)\ChomikBox\libneon-27.dll 2011-12-02 13:14 - 2011-12-02 13:14 - 00167424 _____ () C:\Program Files (x86)\ChomikBox\libexpat-1.dll 2011-12-02 13:15 - 2011-12-02 13:15 - 00604160 _____ () C:\Program Files (x86)\ChomikBox\libgcrypt-11.dll 2011-12-02 13:15 - 2011-12-02 13:15 - 00035328 _____ () C:\Program Files (x86)\ChomikBox\libgpg-error-0.dll 2011-12-02 13:15 - 2011-12-02 13:15 - 00718336 _____ () C:\Program Files (x86)\ChomikBox\libgnutls-26.dll 2011-12-02 13:15 - 2011-12-02 13:15 - 00077312 _____ () C:\Program Files (x86)\ChomikBox\libtasn1-3.dll 2011-12-02 13:15 - 2011-12-02 13:15 - 00014336 _____ () C:\Program Files (x86)\ChomikBox\gplugins\libgstnetsim.dll 2011-12-02 13:15 - 2011-12-02 13:15 - 00132608 _____ () C:\Program Files (x86)\ChomikBox\gplugins\libgstogg.dll 2011-12-02 13:15 - 2011-12-02 13:15 - 00197632 _____ () C:\Program Files (x86)\ChomikBox\gplugins\libgstplaybin.dll 2011-12-02 13:15 - 2011-12-02 13:15 - 00149504 _____ () C:\Program Files (x86)\ChomikBox\gplugins\libgstqtdemux.dll 2011-12-02 13:15 - 2011-12-02 13:15 - 00114688 _____ () C:\Program Files (x86)\ChomikBox\gplugins\libgstqtmux.dll 2011-12-02 13:15 - 2011-12-02 13:15 - 00035840 _____ () C:\Program Files (x86)\ChomikBox\gplugins\libgstrawparse.dll 2011-12-02 13:15 - 2011-12-02 13:15 - 00030208 _____ () C:\Program Files (x86)\ChomikBox\gplugins\libgstreal.dll 2011-12-02 13:15 - 2011-12-02 13:15 - 00035328 _____ () C:\Program Files (x86)\ChomikBox\gplugins\libgstreplaygain.dll 2011-12-02 13:15 - 2011-12-02 13:15 - 00017920 _____ () C:\Program Files (x86)\ChomikBox\gplugins\libgstspeed.dll 2011-12-02 13:15 - 2011-12-02 13:15 - 00012288 _____ () C:\Program Files (x86)\ChomikBox\gplugins\libgststereo.dll 2011-12-02 13:15 - 2011-12-02 13:15 - 00022016 _____ () C:\Program Files (x86)\ChomikBox\gplugins\libgsttta.dll 2011-12-02 13:15 - 2011-12-02 13:15 - 00061952 _____ () C:\Program Files (x86)\ChomikBox\gplugins\libgsttypefindfunctions.dll 2011-12-02 13:15 - 2011-12-02 13:15 - 00034304 _____ () C:\Program Files (x86)\ChomikBox\gplugins\libgstvolume.dll 2011-12-02 13:15 - 2011-12-02 13:15 - 00053760 _____ () C:\Program Files (x86)\ChomikBox\gplugins\libgstvorbis.dll 2011-12-02 13:15 - 2011-12-02 13:15 - 00162304 _____ () C:\Program Files (x86)\ChomikBox\libvorbis-0.dll 2011-12-02 13:15 - 2011-12-02 13:15 - 01520128 _____ () C:\Program Files (x86)\ChomikBox\libvorbisenc-2.dll 2011-12-02 13:15 - 2011-12-02 13:15 - 00019968 _____ () C:\Program Files (x86)\ChomikBox\gplugins\libgstwasapi.dll 2011-12-02 13:15 - 2011-12-02 13:15 - 00015360 _____ () C:\Program Files (x86)\ChomikBox\gplugins\libgstwaveenc.dll 2011-12-02 13:15 - 2011-12-02 13:15 - 00015872 _____ () C:\Program Files (x86)\ChomikBox\gplugins\libgstwaveformsink.dll 2011-12-02 13:15 - 2011-12-02 13:15 - 00050688 _____ () C:\Program Files (x86)\ChomikBox\gplugins\libgstwavpack.dll 2011-12-02 13:14 - 2011-12-02 13:14 - 00196608 _____ () C:\Program Files (x86)\ChomikBox\libwavpack-1.dll 2011-12-02 13:15 - 2011-12-02 13:15 - 00042496 _____ () C:\Program Files (x86)\ChomikBox\gplugins\libgstwavparse.dll 2014-03-03 22:05 - 2014-03-03 22:05 - 00025088 _____ () C:\Program Files (x86)\ChomikBox\tsplugins\integration\chomikbox_win7.tsp 2015-11-14 03:30 - 2015-11-14 03:30 - 00147136 ____R () C:\Program Files (x86)\Skype\Phone\ssScreenVVS2.dll 2014-04-25 19:20 - 2014-03-17 07:38 - 00866056 _____ () C:\Program Files (x86)\CyberLink\PowerDVD14\common\UNO\UNO.dll 2014-04-25 19:20 - 2013-12-10 08:39 - 00074240 _____ () C:\Program Files (x86)\CyberLink\PowerDVD14\Common\Koan\_ctypes.pyd 2014-04-25 19:20 - 2013-12-10 08:39 - 00285184 _____ () C:\Program Files (x86)\CyberLink\PowerDVD14\Common\Koan\_hashlib.pyd 2014-04-25 19:20 - 2013-12-10 08:39 - 00040960 _____ () C:\Program Files (x86)\CyberLink\PowerDVD14\Common\Koan\_socket.pyd 2014-04-25 19:20 - 2013-12-10 08:39 - 00721920 _____ () C:\Program Files (x86)\CyberLink\PowerDVD14\Common\Koan\_ssl.pyd 2014-04-25 19:20 - 2014-03-17 07:38 - 00043784 _____ () C:\Program Files (x86)\CyberLink\PowerDVD14\Kernel\DHProcedure\DHProcedure.dll 2009-08-04 16:23 - 2009-08-04 16:23 - 00063032 _____ () C:\Program Files (x86)\HP\HP UT LEDM\bin\HPTools.dll 2009-08-04 16:23 - 2009-08-04 16:23 - 00075320 _____ () C:\Program Files (x86)\HP\HP UT LEDM\bin\HPToolkit.dll 2009-08-04 16:22 - 2009-08-04 16:22 - 00136248 _____ () C:\Program Files (x86)\HP\HP UT LEDM\bin\DMBaseObjects.dll 2009-08-04 16:22 - 2009-08-04 16:22 - 00678968 _____ () C:\Program Files (x86)\HP\HP UT LEDM\bin\LEDMXMLObjects.dll 2014-04-25 19:20 - 2014-03-17 07:27 - 00337920 _____ () C:\Program Files (x86)\CyberLink\PowerDVD14\Common\sqlite3.dll 2014-04-25 19:20 - 2014-03-17 04:10 - 00249344 _____ () C:\Program Files (x86)\CyberLink\PowerDVD14\Common\NavFilter\libebml.dll 2014-04-25 19:20 - 2014-03-17 04:10 - 00548352 _____ () C:\Program Files (x86)\CyberLink\PowerDVD14\Common\NavFilter\libmatroska.dll 2015-12-16 20:15 - 2015-12-11 04:54 - 01583432 _____ () C:\Program Files (x86)\Google\Chrome\Application\47.0.2526.106\libglesv2.dll 2015-12-16 20:15 - 2015-12-11 04:54 - 00081224 _____ () C:\Program Files (x86)\Google\Chrome\Application\47.0.2526.106\libegl.dll ==================== Alternate Data Streams (Whitelisted) ========= (If an entry is included in the fixlist, only the ADS will be removed.) AlternateDataStreams: C:\Windows\SysWOW64\FlashPlayerInstaller.exe:BDU AlternateDataStreams: C:\Users\KO\Desktop\HijackThis.exe:BDU AlternateDataStreams: C:\Users\KO\Downloads\BlueStacks-Installer_native.exe:BDU AlternateDataStreams: C:\Users\KO\Downloads\lf9evwp7.exe:BDU ==================== Safe Mode (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.) HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Hamachi2Svc => ""="Service" ==================== EXE Association (Whitelisted) =============== (If an entry is included in the fixlist, the registry item will be restored to default or removed.) ==================== Internet Explorer trusted/restricted =============== (If an entry is included in the fixlist, it will be removed from the registry.) ==================== Other Areas ============================ (Currently there is no automatic fix for this section.) HKU\S-1-5-21-2044814858-3257045265-4192325483-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\KO\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg DNS Servers: 62.179.1.61 - 62.179.1.63 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 0) Windows Firewall is enabled. ==================== MSCONFIG/TASK MANAGER disabled items == (Currently there is no automatic fix for this section.) ==================== FirewallRules (Whitelisted) =============== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) FirewallRules: [{04C5EC0F-B9B1-44A4-867E-D49DE55C2679}] => (Allow) C:\Program Files (x86)\uTorrent\uTorrent.exe FirewallRules: [{FE894728-AA7F-4766-B7D1-2736CC513BE0}] => (Allow) C:\Program Files (x86)\uTorrent\uTorrent.exe FirewallRules: [TCP Query User{F31ECCF7-7243-4C0E-9E33-51D923812279}C:\program files\hp\hp deskjet 3540 series\bin\hpnetworkcommunicatorcom.exe] => (Allow) C:\program files\hp\hp deskjet 3540 series\bin\hpnetworkcommunicatorcom.exe FirewallRules: [UDP Query User{55A075FC-40FA-4D8F-A230-D1E0AF83F91D}C:\program files\hp\hp deskjet 3540 series\bin\hpnetworkcommunicatorcom.exe] => (Allow) C:\program files\hp\hp deskjet 3540 series\bin\hpnetworkcommunicatorcom.exe FirewallRules: [TCP Query User{FE0C31F2-C31D-4B36-8F45-C5C466FADC82}C:\program files (x86)\unified remote\remoteserver.exe] => (Allow) C:\program files (x86)\unified remote\remoteserver.exe FirewallRules: [UDP Query User{508765E7-3870-4DC7-8241-334EC278D238}C:\program files (x86)\unified remote\remoteserver.exe] => (Allow) C:\program files (x86)\unified remote\remoteserver.exe FirewallRules: [TCP Query User{9CC5B60B-5E59-4680-A8D7-091C7236C0BA}C:\program files (x86)\cyberlink\powerdvd14\powerdvd14agent.exe] => (Block) C:\program files (x86)\cyberlink\powerdvd14\powerdvd14agent.exe FirewallRules: [UDP Query User{A62607EB-EF5E-4556-840A-2430C0E57E2E}C:\program files (x86)\cyberlink\powerdvd14\powerdvd14agent.exe] => (Block) C:\program files (x86)\cyberlink\powerdvd14\powerdvd14agent.exe FirewallRules: [TCP Query User{87FDC968-728D-4848-B906-1EAACCF836D7}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe FirewallRules: [UDP Query User{D95301AF-5DA7-4A5B-B31E-E334C374DEE4}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\FlashGet Network\FlashGet 3\FlashGet3.exe] => Enabled:Flashget3 ==================== Faulty Device Manager Devices ============= Name: Teredo Tunneling Pseudo-Interface Description: Karta tunelowania Teredo firmy Microsoft Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318} Manufacturer: Microsoft Service: tunnel Problem: : This device cannot start. (Code10) Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device. On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard. ==================== Event log errors: ========================= Application errors: ================== Error: (11/25/2015 03:54:57 PM) (Source: .NET Runtime Optimization Service) (EventID: 1101) (User: ) Description: .NET Runtime Optimization Service (clr_optimization_v4.0.30319_32) - Failed to compile C:\Program Files (x86)\BlueStacks\HD-CreateSymlink.exe because this image is a 64bit assembly; try using 64bit ngen instead. Error: (11/19/2015 10:59:07 AM) (Source: Application Error) (EventID: 1000) (User: ) Description: Nazwa aplikacji powodującej błąd: ctfhost.exe, wersja: 6.1.7600.16385, sygnatura czasowa: 0x561598f1 Nazwa modułu powodującego błąd: unknown, wersja: 0.0.0.0, sygnatura czasowa: 0x00000000 Kod wyjątku: 0xc0000005 Przesunięcie błędu: 0x0000000000000000 Identyfikator procesu powodującego błąd: 0x14d4 Godzina uruchomienia aplikacji powodującej błąd: 0xctfhost.exe0 Ścieżka aplikacji powodującej błąd: ctfhost.exe1 Ścieżka modułu powodującego błąd: ctfhost.exe2 Identyfikator raportu: ctfhost.exe3 Error: (11/18/2015 12:24:57 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Nazwa aplikacji powodującej błąd: ctfhost.exe, wersja: 6.1.7600.16385, sygnatura czasowa: 0x561598f1 Nazwa modułu powodującego błąd: unknown, wersja: 0.0.0.0, sygnatura czasowa: 0x00000000 Kod wyjątku: 0xc0000005 Przesunięcie błędu: 0x0000000000000000 Identyfikator procesu powodującego błąd: 0x1804 Godzina uruchomienia aplikacji powodującej błąd: 0xctfhost.exe0 Ścieżka aplikacji powodującej błąd: ctfhost.exe1 Ścieżka modułu powodującego błąd: ctfhost.exe2 Identyfikator raportu: ctfhost.exe3 Error: (11/16/2015 05:48:49 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Nazwa aplikacji powodującej błąd: ctfhost.exe, wersja: 6.1.7600.16385, sygnatura czasowa: 0x561598f1 Nazwa modułu powodującego błąd: unknown, wersja: 0.0.0.0, sygnatura czasowa: 0x00000000 Kod wyjątku: 0xc0000005 Przesunięcie błędu: 0x0000000000000000 Identyfikator procesu powodującego błąd: 0xb04 Godzina uruchomienia aplikacji powodującej błąd: 0xctfhost.exe0 Ścieżka aplikacji powodującej błąd: ctfhost.exe1 Ścieżka modułu powodującego błąd: ctfhost.exe2 Identyfikator raportu: ctfhost.exe3 Error: (11/15/2015 04:00:51 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Nazwa aplikacji powodującej błąd: ctfhost.exe, wersja: 6.1.7600.16385, sygnatura czasowa: 0x561598f1 Nazwa modułu powodującego błąd: unknown, wersja: 0.0.0.0, sygnatura czasowa: 0x00000000 Kod wyjątku: 0xc0000005 Przesunięcie błędu: 0x0000000000000000 Identyfikator procesu powodującego błąd: 0x534 Godzina uruchomienia aplikacji powodującej błąd: 0xctfhost.exe0 Ścieżka aplikacji powodującej błąd: ctfhost.exe1 Ścieżka modułu powodującego błąd: ctfhost.exe2 Identyfikator raportu: ctfhost.exe3 Error: (11/14/2015 07:42:58 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Nazwa aplikacji powodującej błąd: ctfhost.exe, wersja: 6.1.7600.16385, sygnatura czasowa: 0x561598f1 Nazwa modułu powodującego błąd: unknown, wersja: 0.0.0.0, sygnatura czasowa: 0x00000000 Kod wyjątku: 0xc0000005 Przesunięcie błędu: 0x0000000000000000 Identyfikator procesu powodującego błąd: 0x134 Godzina uruchomienia aplikacji powodującej błąd: 0xctfhost.exe0 Ścieżka aplikacji powodującej błąd: ctfhost.exe1 Ścieżka modułu powodującego błąd: ctfhost.exe2 Identyfikator raportu: ctfhost.exe3 Error: (11/14/2015 10:19:22 AM) (Source: Application Error) (EventID: 1000) (User: ) Description: Nazwa aplikacji powodującej błąd: ctfhost.exe, wersja: 6.1.7600.16385, sygnatura czasowa: 0x561598f1 Nazwa modułu powodującego błąd: unknown, wersja: 0.0.0.0, sygnatura czasowa: 0x00000000 Kod wyjątku: 0xc0000005 Przesunięcie błędu: 0x0000000000000000 Identyfikator procesu powodującego błąd: 0xe50 Godzina uruchomienia aplikacji powodującej błąd: 0xctfhost.exe0 Ścieżka aplikacji powodującej błąd: ctfhost.exe1 Ścieżka modułu powodującego błąd: ctfhost.exe2 Identyfikator raportu: ctfhost.exe3 Error: (11/13/2015 09:02:26 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Nazwa aplikacji powodującej błąd: ctfhost.exe, wersja: 6.1.7600.16385, sygnatura czasowa: 0x561598f1 Nazwa modułu powodującego błąd: unknown, wersja: 0.0.0.0, sygnatura czasowa: 0x00000000 Kod wyjątku: 0xc0000005 Przesunięcie błędu: 0x0000000000000000 Identyfikator procesu powodującego błąd: 0xab4 Godzina uruchomienia aplikacji powodującej błąd: 0xctfhost.exe0 Ścieżka aplikacji powodującej błąd: ctfhost.exe1 Ścieżka modułu powodującego błąd: ctfhost.exe2 Identyfikator raportu: ctfhost.exe3 Error: (11/13/2015 06:57:34 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Nazwa aplikacji powodującej błąd: ctfhost.exe, wersja: 6.1.7600.16385, sygnatura czasowa: 0x561598f1 Nazwa modułu powodującego błąd: unknown, wersja: 0.0.0.0, sygnatura czasowa: 0x00000000 Kod wyjątku: 0xc0000005 Przesunięcie błędu: 0x0000000000000000 Identyfikator procesu powodującego błąd: 0x598 Godzina uruchomienia aplikacji powodującej błąd: 0xctfhost.exe0 Ścieżka aplikacji powodującej błąd: ctfhost.exe1 Ścieżka modułu powodującego błąd: ctfhost.exe2 Identyfikator raportu: ctfhost.exe3 Error: (11/12/2015 06:37:30 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Nazwa aplikacji powodującej błąd: ctfhost.exe, wersja: 6.1.7600.16385, sygnatura czasowa: 0x561598f1 Nazwa modułu powodującego błąd: unknown, wersja: 0.0.0.0, sygnatura czasowa: 0x00000000 Kod wyjątku: 0xc0000005 Przesunięcie błędu: 0x0000000000000000 Identyfikator procesu powodującego błąd: 0x1220 Godzina uruchomienia aplikacji powodującej błąd: 0xctfhost.exe0 Ścieżka aplikacji powodującej błąd: ctfhost.exe1 Ścieżka modułu powodującego błąd: ctfhost.exe2 Identyfikator raportu: ctfhost.exe3 System errors: ============= Error: (12/18/2015 03:06:00 PM) (Source: Service Control Manager) (EventID: 7032) (User: ) Description: Menedżer sterowania usługami próbował podjąć akcję korekcyjną (Restart the service) po nieoczekiwanym zakończeniu usługi Windows Search, ale ta akcja nie powiodła się przy następującym błędzie: %%1056. Error: (12/18/2015 03:05:31 PM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: Usługa Software Protection niespodziewanie zakończyła pracę. Wystąpiło to razy: 1. W przeciągu 120000 milisekund zostanie podjęta następująca czynność korekcyjna: Restart the service. Error: (12/18/2015 03:05:30 PM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: Usługa LogMeIn Hamachi Tunneling Engine niespodziewanie zakończyła pracę. Wystąpiło to razy: 1. Error: (12/18/2015 03:05:30 PM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: Usługa Windows Installer niespodziewanie zakończyła pracę. Wystąpiło to razy: 1. W przeciągu 120000 milisekund zostanie podjęta następująca czynność korekcyjna: Restart the service. Error: (12/18/2015 03:05:30 PM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: Usługa Windows Search niespodziewanie zakończyła pracę. Wystąpiło to razy: 1. W przeciągu 30000 milisekund zostanie podjęta następująca czynność korekcyjna: Restart the service. Error: (12/18/2015 03:05:30 PM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: Usługa WdMan Service niespodziewanie zakończyła pracę. Wystąpiło to razy: 1. Error: (12/18/2015 03:05:30 PM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: Usługa LMIGuardianSvc niespodziewanie zakończyła pracę. Wystąpiło to razy: 1. Error: (12/18/2015 03:05:30 PM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: Usługa HP Support Solutions Framework Service niespodziewanie zakończyła pracę. Wystąpiło to razy: 1. Error: (12/18/2015 03:05:30 PM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: Usługa HP SI Service niespodziewanie zakończyła pracę. Wystąpiło to razy: 1. W przeciągu 1000 milisekund zostanie podjęta następująca czynność korekcyjna: Restart the service. Error: (12/18/2015 03:05:30 PM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: Usługa HP LaserJet Service niespodziewanie zakończyła pracę. Wystąpiło to razy: 1. CodeIntegrity: =================================== Date: 2015-12-17 22:38:53.804 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files (x86)\Enigma Software Group\SpyHunter\esgiguard.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2015-12-17 22:38:53.704 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files (x86)\Enigma Software Group\SpyHunter\esgiguard.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2015-12-17 21:50:42.878 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files (x86)\Enigma Software Group\SpyHunter\esgiguard.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2015-12-17 21:50:42.768 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files (x86)\Enigma Software Group\SpyHunter\esgiguard.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2014-03-11 20:52:05.079 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\drivers\LHidFilt.Sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2014-03-11 20:52:04.929 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\drivers\LHidFilt.Sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2014-03-11 20:51:36.224 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\drivers\LHidFilt.Sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2014-03-11 20:51:36.100 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\drivers\LHidFilt.Sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2014-03-08 12:01:44.899 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\drivers\LHidFilt.Sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2014-03-08 12:01:44.755 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\drivers\LHidFilt.Sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. ==================== Memory info =========================== Processor: Intel(R) Core(TM)2 Quad CPU Q6600 @ 2.40GHz Percentage of memory in use: 32% Total physical RAM: 8190.49 MB Available physical RAM: 5493.94 MB Total Virtual: 16379.19 MB Available Virtual: 13372.41 MB ==================== Drives ================================ Drive c: () (Fixed) (Total:111.79 GB) (Free:18.58 GB) NTFS ==>[system with boot components (obtained from drive)] Drive e: () (Fixed) (Total:115.7 GB) (Free:42.6 GB) NTFS ==>[system with boot components (obtained from drive)] Drive f: () (Fixed) (Total:117.19 GB) (Free:37.16 GB) NTFS Drive g: (Femap 11.0.0 64b) (CDROM) (Total:2.15 GB) (Free:0 GB) CDFS ==================== MBR & Partition Table ================== ======================================================== Disk: 0 (MBR Code: Windows 7 or 8) (Size: 232.9 GB) (Disk ID: 505C6F9E) Partition 1: (Active) - (Size=115.7 GB) - (Type=07 NTFS) Partition 2: (Not Active) - (Size=117.2 GB) - (Type=07 NTFS) ======================================================== Disk: 1 (MBR Code: Windows 7 or 8) (Size: 111.8 GB) (Disk ID: ECC98E23) Partition 1: (Active) - (Size=111.8 GB) - (Type=07 NTFS) ==================== End of Addition.txt ============================