Additional scan result of Farbar Recovery Scan Tool (x64) Version: 24-01-2015 01 Ran by WOLEK at 2015-01-25 08:44:45 Running from C:\Users\WOLEK\Desktop Boot Mode: Normal ========================================================== ==================== Security Center ======================== (If an entry is included in the fixlist, it will be removed.) AV: avast! Antivirus (Enabled - Up to date) {C37D8F93-0602-E43C-40AA-47DAD597F308} AS: avast! Antivirus (Enabled - Up to date) {781C6E77-2038-EBB2-7A1A-7CA8AE10B9B5} AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} ==================== Installed Programs ====================== (Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.) µTorrent (HKU\S-1-5-21-1771713310-1976957200-1765415759-1000\...\uTorrent) (Version: 3.4.2.35702 - BitTorrent Inc.) Adobe Flash Player 11 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 11.5.502.149 - Adobe Systems Incorporated) Adobe Flash Player 11 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 11.5.502.149 - Adobe Systems Incorporated) Adobe Reader XI (11.0.10) (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.10 - Adobe Systems Incorporated) Adobe Shockwave Player 11.5 (HKLM-x32\...\Adobe Shockwave Player) (Version: 11.5.9.615 - Adobe Systems, Inc.) Aktualizacje NVIDIA 11.10.13 (Version: 11.10.13 - NVIDIA Corporation) Hidden Archiwizator WinRAR (HKLM\...\WinRAR archiver) (Version: - ) Avast Free Antivirus (HKLM-x32\...\avast) (Version: 10.0.2208 - AVAST Software) Detektor Winampa (HKU\S-1-5-21-1771713310-1976957200-1765415759-1000\...\Winamp Detect) (Version: 1.0.0.1 - Nullsoft, Inc) DivX Setup (HKLM-x32\...\DivX Setup.divx.com) (Version: 2.0.4.2 - DivX, Inc. ) EMSC (x32 Version: 0.0.0.9C - Compal Electronics, Inc.) Hidden Epson Event Manager (HKLM-x32\...\{48F22622-1CC2-4A83-9C1E-644DD96F832D}) (Version: 2.20.00 - SEIKO EPSON Corporation) EPSON Scan (HKLM-x32\...\EPSON Scanner) (Version: - ) Epson Stylus SX210_SX410_TX210_TX410 Podręcznik (HKLM-x32\...\Epson Stylus SX210_SX410_TX210_TX410 Przewodnik użytkownika) (Version: - ) EPSON SX210 Series Printer Uninstall (HKLM\...\EPSON SX210 Series) (Version: - SEIKO EPSON Corporation) Facebook Video Calling 1.2.0.287 (HKLM-x32\...\{B92C5909-1D37-4C51-8397-A28BB28E5DC3}) (Version: 1.2.287 - Skype Limited) GeForce Experience NvStream Client Components (Version: 1.6.28 - NVIDIA Corporation) Hidden GIMP 2.6.9 (HKLM-x32\...\WinGimp-2.0_is1) (Version: 2.6.9 - The GIMP Team) Google Chrome (HKU\S-1-5-21-1771713310-1976957200-1765415759-1000\...\Google Chrome) (Version: 39.0.2171.99 - Google Inc.) Google Drive (HKLM-x32\...\{C60F3836-333A-4AE2-B526-CFDBA143A9BA}) (Version: 1.18.7821.2489 - Google, Inc.) Google Earth Plug-in (HKLM-x32\...\{4AB54F11-2F8C-11E3-B09F-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google) Google Talk Plugin (HKLM-x32\...\{0C5C1177-94C5-3EFB-A8BE-3F6AF1AF887F}) (Version: 5.38.6.0 - Google) Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden Java 7 Update 71 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F03217071FF}) (Version: 7.0.710 - Oracle) K-Lite Codec Pack 10.5.5 Full (HKLM-x32\...\KLiteCodecPack_is1) (Version: 10.5.5 - ) LG PC Suite II (HKLM-x32\...\{14DCD95A-EBA3-4BF0-B7EF-533852E99BE6}) (Version: 2.00.0000 - LG PC Suite) LG PC Suite II (x32 Version: 2.00.0000 - LG PC Suite) Hidden LG United Mobile Driver (HKLM-x32\...\{2A3A4BD6-6CE0-4E2A-80D2-1D0FF6ACBFBA}) (Version: 3.6.0.0 - LG Electronics) Malwarebytes Anti-Malware wersja 2.0.3.1025 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.3.1025 - Malwarebytes Corporation) Microsoft .NET Framework 4.5.1 (Polski) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1045) (Version: 4.5.50938 - Microsoft Corporation) Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft) Microsoft Office Enterprise 2007 (HKLM-x32\...\ENTERPRISE) (Version: 12.0.6612.1000 - Microsoft Corporation) Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation) Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.31211.0 - Microsoft Corporation) Microsoft SQL Server 2008 Management Objects (HKLM-x32\...\{F5E87B12-3C27-452F-8E78-21D42164FD83}) (Version: 10.0.1600.22 - Microsoft Corporation) Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053 (HKLM\...\{B6E3757B-5E77-3915-866A-CCFC4B8D194C}) (Version: 8.0.50727.4053 - Microsoft Corporation) Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM-x32\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) - KB2467175 (HKLM\...\{aac9fcc4-dd9e-4add-901c-b5496a07ab2e}) (Version: 8.0.51011 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation) Microsoft Visual C++ 2008 ATL Update kb973924 - x64 9.0.30729.4148 (HKLM\...\{EE936C7A-EA40-31D5-9B65-8E3E089C3828}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570 (HKLM\...\{8338783A-0968-3B85-AFC7-BAAE0A63DC50}) (Version: 9.0.30729.5570 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (HKLM-x32\...\{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}) (Version: 9.0.30729.5570 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (HKLM\...\{350AA351-21FA-3270-8B7A-835434E766AD}) (Version: 9.0.21022 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022.218 (HKLM-x32\...\{E503B4BF-F7BB-3D5F-8BC8-F694B1CFF942}) (Version: 9.0.21022.218 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{3C3D696B-0DB7-3C6D-A356-3DB8CE541918}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Windows SDK for Visual Studio 2008 Headers and Libraries (HKLM\...\{5DE154DF-A55E-4FA5-BE59-32E78FCACF3E}) (Version: 6.1.5288.17011 - Microsoft Corporation) Microsoft Windows SDK for Visual Studio 2008 SP1 Express Tools for .NET Framework - enu (HKLM\...\{DFB3AD2B-4EE2-3077-BF1D-3CA164BC5336}) (Version: 3.5.30729 - Microsoft Corporation) Microsoft Windows SDK for Visual Studio 2008 SP1 Express Tools for Win32 (HKLM\...\{F5C819A5-E068-4f7d-B91A-1BD18702AFFB}) (Version: 6.1.5295.17011 - Microsoft Corporation) Motorola Bluetooth (HKLM\...\1DF1F719-D43A-46E8-950F-65A8D96C678A.MBT_is1) (Version: 3.0.02.285 - Motorola, Inc.) MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation) MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation) NapiProjekt (2.1.1.2314) (HKLM-x32\...\NapiProjekt_is1) (Version: - ) Nero 7 Premium (HKLM-x32\...\{D98C0C51-F9BB-4EE4-B791-22BF6EE31045}) (Version: 7.02.8633 - Nero AG) Nowe Gadu-Gadu (HKLM-x32\...\Nowe Gadu-Gadu) (Version: - GG Network S.A.) NVIDIA Display Control Panel (HKLM\...\NVIDIA Display Control Panel) (Version: 1.10 - NVIDIA Corporation) NVIDIA GeForce Experience 1.8.2.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 1.8.2.1 - NVIDIA Corporation) NVIDIA Oprogramowanie systemu PhysX 9.13.1220 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.13.1220 - NVIDIA Corporation) NVIDIA Sterownik 3D Vision 335.23 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 335.23 - NVIDIA Corporation) NVIDIA Sterownik graficzny 335.23 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 335.23 - NVIDIA Corporation) NVIDIA Sterownik kontrolera 3D Vision 335.21 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 335.21 - NVIDIA Corporation) NVIDIA Virtual Audio 1.2.20 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_VirtualAudio.Driver) (Version: 1.2.20 - NVIDIA Corporation) OpenOffice.org 3.1 (HKLM-x32\...\{9E35B051-C7EE-47CB-BA43-9A7FFD4E61DE}) (Version: 3.1.9420 - OpenOffice.org) Panel sterowania NVIDIA 335.23 (Version: 335.23 - NVIDIA Corporation) Hidden Paragon Hard Disk Manager™ 2009 Professional Edition (HKLM\...\{F898E900-B515-47F8-9451-C2B29F036A53}) (Version: 90.00.0003 - Paragon Software) PDFCreator (HKLM-x32\...\{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}) (Version: 1.3.2 - Frank Heindörfer, Philip Chinery) PhotoScape (HKLM-x32\...\PhotoScape) (Version: - ) PokerStars (HKLM-x32\...\PokerStars) (Version: - PokerStars) PokerStars.eu (HKLM-x32\...\PokerStars.eu) (Version: - PokerStars.eu) PokerStrategy.com Equilab (HKLM-x32\...\{86D09F48-CDAB-4B4C-8806-F6C16F17935A}) (Version: 1.2.8.0 - PokerStrategy.com) PokerTracker 4 (remove only) (HKLM-x32\...\PokerTracker4) (Version: - ) PostgreSQL 9.0 (HKLM\...\PostgreSQL 9.0) (Version: 9.0 - PostgreSQL Global Development Group) RadiAnt DICOM Viewer (64-bit) (HKLM-x32\...\RadiAnt64) (Version: 1.9.14.7431 - Medixant) Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7183 - Realtek Semiconductor Corp.) Registry Trash Keys Finder (Freeware) (HKLM-x32\...\Registry Trash Keys Finder) (Version: 3.9.2.1 - SNC) Samsung Kies3 (HKLM-x32\...\InstallShield_{88547073-C566-4895-9005-EBE98EA3F7C7}) (Version: 3.2.14055.3 - Samsung Electronics Co., Ltd.) Samsung Kies3 (x32 Version: 3.2.14055.3 - Samsung Electronics Co., Ltd.) Hidden Secure Download Manager (HKLM-x32\...\{C28422FB-F2CD-427A-ADED-9F281745CDB2}) (Version: 3.0.3 - e-academy Inc.) SHIELD Streaming (Version: 1.7.321 - NVIDIA Corporation) Hidden Skype™ 6.21 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 6.21.104 - Skype Technologies S.A.) Slicer 4.3.1 (HKLM-x32\...\Slicer 4.3.1 (Win64)) (Version: 4.3.1 - NA-MIC) SlimDrivers (HKLM-x32\...\{A5457401-D56A-43F2-9524-78E54A7FC07A}) (Version: 2.2.32705 - SlimWare Utilities, Inc.) Smart Battery (HKLM-x32\...\InstallShield_{449A16C4-83B3-426C-AA4A-00A34E80C093}) (Version: 1.0.0.12 - ) Smart Battery (x32 Version: 1.0.0.12 - ) Hidden Total Commander (Remove or Repair) (HKLM-x32\...\Totalcmd) (Version: 7.50a - Ghisler Software GmbH) Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft) VC80CRTRedist - 8.0.50727.4053 (x32 Version: 1.1.0 - DivX, Inc) Hidden WIDCOMM Bluetooth Software (HKLM\...\{9E9D49A4-1DF4-4138-B7DB-5D87A893088E}) (Version: 6.2.1.100 - Broadcom Corporation) Winamp (HKLM-x32\...\Winamp) (Version: 5.57 - Nullsoft, Inc) Windows Driver Package - Broadcom Bluetooth (06/15/2009 6.2.0.9000) (HKLM\...\6B8550A319DDC8B17F35F4A89988705E4592349B) (Version: 06/15/2009 6.2.0.9000 - Broadcom) Windows Driver Package - Broadcom Bluetooth (07/30/2009 6.2.0.9405) (HKLM\...\6B6B5E96843E55CF5CF8C7E45FB457F1FE642FF1) (Version: 07/30/2009 6.2.0.9405 - Broadcom) Windows Driver Package - Broadcom HIDClass (07/28/2009 6.2.0.9800) (HKLM\...\3BA80AB4C7E9F8497C115C844953A3D4BEB84D21) (Version: 07/28/2009 6.2.0.9800 - Broadcom) Windows Media Player Firefox Plugin (HKLM-x32\...\{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}) (Version: 1.0.0.8 - Microsoft Corp) Wireless Select Switch (HKLM-x32\...\InstallShield_{065A7AFE-195D-4DFB-A4B2-A83842C0F79F}) (Version: 2.0.0.2 - ) Wireless Select Switch (x32 Version: 2.0.0.2 - ) Hidden ==================== Custom CLSID (selected items): ========================== (If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.) CustomCLSID: HKU\S-1-5-21-1771713310-1976957200-1765415759-1000_Classes\CLSID\{0F22A205-CFB0-4679-8499-A6F44A80A208}\InprocServer32 -> C:\Users\WOLEK\AppData\Local\Google\Update\1.3.25.5\psuser_64.dll No File CustomCLSID: HKU\S-1-5-21-1771713310-1976957200-1765415759-1000_Classes\CLSID\{355EC88A-02E2-4547-9DEE-F87426484BD1}\InprocServer32 -> C:\Users\WOLEK\AppData\Local\Google\Update\1.3.23.9\psuser_64.dll No File CustomCLSID: HKU\S-1-5-21-1771713310-1976957200-1765415759-1000_Classes\CLSID\{90B3DFBF-AF6A-4EA0-8899-F332194690F8}\InprocServer32 -> C:\Users\WOLEK\AppData\Local\Google\Update\1.3.24.15\psuser_64.dll No File CustomCLSID: HKU\S-1-5-21-1771713310-1976957200-1765415759-1000_Classes\CLSID\{C82C8CE3-5806-9BA4-F65E-57FC2ACF5A15}\InprocServer32 -> C:\Windows\system32\ole32.dll (Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-1771713310-1976957200-1765415759-1000_Classes\CLSID\{D0336C0B-7919-4C04-8CCE-2EBAE2ECE8C9}\InprocServer32 -> C:\Users\WOLEK\AppData\Local\Google\Update\1.3.25.11\psuser_64.dll (Google Inc.) CustomCLSID: HKU\S-1-5-21-1771713310-1976957200-1765415759-1000_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\WOLEK\AppData\Local\Google\Update\1.3.25.11\psuser_64.dll (Google Inc.) CustomCLSID: HKU\S-1-5-21-1771713310-1976957200-1765415759-1000_Classes\CLSID\{FE498BAB-CB4C-4F88-AC3F-3641AAAF5E9E}\InprocServer32 -> C:\Users\WOLEK\AppData\Local\Google\Update\1.3.24.7\psuser_64.dll No File ==================== Restore Points ========================= ==================== Hosts content: ========================== (If needed Hosts: directive could be included in the fixlist to reset Hosts.) 2013-10-22 05:00 - 2015-01-25 08:33 - 00244079 ____A C:\Windows\system32\Drivers\etc\hosts 127.0.0.1 006.free-counter.co.uk 127.0.0.1 006.freecounters.co.uk 127.0.0.1 06272002-dbase.hitcountz.net # Web bugs in spam 127.0.0.1 0stats.com 127.0.0.1 123counter.mycomputer.com 127.0.0.1 123counter.superstats.com 127.0.0.1 1ca.cqcounter.com 127.0.0.1 1uk.cqcounter.com 127.0.0.1 1us.cqcounter.com 127.0.0.1 1xxx.cqcounter.com 127.0.0.1 2001-007.com 127.0.0.1 3bc3fd26-91cf-46b2-8ec6-b1559ada0079.statcamp.net 127.0.0.1 4-counter.com 127.0.0.1 a.visualrevenue.com 127.0.0.1 a796faee-7163-4757-a34f-e5b48cada4cb.statcamp.net 127.0.0.1 abscbn.spinbox.net 127.0.0.1 activity.serving-sys.com #eyeblaster.com 127.0.0.1 ad-logics.com 127.0.0.1 adclient.rottentomatoes.com 127.0.0.1 adcodes.aim4media.com 127.0.0.1 adcounter.globeandmail.com 127.0.0.1 adcounter.theglobeandmail.com 127.0.0.1 addfreestats.com 127.0.0.1 ademails.com 127.0.0.1 adlog.com.com # Used by Ziff Davis to serve 127.0.0.1 admanmail.com 127.0.0.1 adopt.specificclick.net 127.0.0.1 ads.tiscali.com 127.0.0.1 ads.tiscali.it There are 1000 more lines. ==================== Scheduled Tasks (whitelisted) ============= (If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.) Task: {0483F4FD-11FF-498D-A374-EBB22053E42E} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-1771713310-1976957200-1765415759-1000UA => C:\Users\WOLEK\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-09-03] (Facebook Inc.) Task: {04E3D71C-EE79-4B75-910B-F95341249AE4} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1771713310-1976957200-1765415759-1000Core => C:\Users\WOLEK\AppData\Local\Google\Update\GoogleUpdate.exe [2014-10-18] (Google Inc.) Task: {12C342A6-610B-4C5E-BC59-8B62C6CFDAD9} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2014-12-19] (Adobe Systems Incorporated) Task: {1C76CA39-95BD-4BB5-BD57-FB976A089C39} - System32\Tasks\{93C17D04-1D0B-463C-8A96-7F15212C135B} => msiexec.exe /package "D:\MicrosoftFixit50850.msi" Task: {1E905AFA-6864-4291-A736-FB3197332FE4} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-10-23] (Google Inc.) Task: {302480E8-FE35-4AE3-9DA3-31EB590F6CBA} - System32\Tasks\{D3B7043F-722F-4DAC-95FD-D3DA056BF142} => pcalua.exe -a G:\ComboFix.exe -d G:\ Task: {3ADD8D7F-D283-4FE7-8D53-810CDAA71C6E} - System32\Tasks\{DB540881-6569-4626-A8AF-184C52C509B7} => C:\Program Files (x86)\Skype\Phone\Skype.exe [2014-10-01] (Skype Technologies S.A.) Task: {3FF68ADA-E1EF-40D4-BCBF-D34C60164D88} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-02-09] (Adobe Systems Incorporated) Task: {469DDF8F-B3A0-471E-B4B1-F1FA785959C5} - System32\Tasks\{E56FCFDE-EC4C-4B14-95ED-E81380BCA493} => pcalua.exe -a C:\games\AOE\SETUPREG.EXE -d C:\games\AOE Task: {4C5E1979-D3B1-4FE3-9B0B-323BD0989465} - System32\Tasks\{07A0F161-FBC4-48AD-9D41-509FBE510AB5} => pcalua.exe -a C:\Windows\IsUninst.exe -c -f"C:\Program Files (x86)\3DO\Heroes 3 Complete\Heroes of Might and Magic® III.isu" -c"C:\Program Files (x86)\Common Files\3DO Shared\3DOUnInst.dll Task: {54C5829D-8F83-4C7B-85AD-F0821C64B13C} - System32\Tasks\Google Updater and Installer => C:\Users\WOLEK\AppData\Local\Google\Update\GoogleUpdate.exe [2014-10-18] (Google Inc.) Task: {561728EF-1D82-4311-AE8C-21669773543C} - System32\Tasks\{336BAF2B-47F4-4642-B940-1C2AF678895D} => pcalua.exe -a "C:\Program Files (x86)\Akademia umysłu\Techniki postrzegania\AUUnInstall.exe" -d "C:\Program Files (x86)\Akademia umysłu\Techniki postrzegania" Task: {59366519-4D67-47C6-980D-D407067806A2} - System32\Tasks\{FA0E3429-00BA-44BE-BC88-4114AB71AA46} => pcalua.exe -a C:\KU990i\LGUSBModemDriver_WHQL_ML_Ver_4.9.6_All.exe -d C:\KU990i Task: {70FE89AA-FDD1-4D8C-B09F-D8AB846D2B00} - System32\Tasks\{DE1811F2-D744-4B66-BC59-56CE5BA547B5} => pcalua.exe -a "C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\Uninstall.exe" -d "C:\Program Files (x86)\Common Files\DVDVideoSoft" Task: {74786B00-92A7-4B27-BC12-F2494C1E67BD} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1771713310-1976957200-1765415759-1000UA => C:\Users\WOLEK\AppData\Local\Google\Update\GoogleUpdate.exe [2014-10-18] (Google Inc.) Task: {7F6B4E9F-5586-403F-8B51-22D59BDCE8F2} - System32\Tasks\{DF8F0169-F451-4E24-9A1B-88545C156161} => pcalua.exe -a "C:\Users\WOLEK\Desktop\ABBYY FineReader 11 Professional Edition v11.0.102.481 Build 975.7\ABBYY_FR11_PE_TRIAL.exe" -d "C:\Users\WOLEK\Desktop\ABBYY FineReader 11 Professional Edition v11.0.102.481 Build 975.7" Task: {8156953C-D11F-4895-B71A-B9A319B8C592} - System32\Tasks\{ABE18285-77A0-4F43-BE40-4B478F08C1FA} => pcalua.exe -a C:\games\AOE\AOE\setup.exe -d C:\games\AOE\AOE Task: {8309FF2D-0EF6-427E-A991-C0065D824C96} - System32\Tasks\{FAFAC9E8-6A4C-40C0-B47F-9FD40026140E} => pcalua.exe -a C:\Users\WOLEK\Downloads\msaoex.exe -d C:\Users\WOLEK\Downloads Task: {89C3280F-4D1A-4927-8FAF-26C599097C65} - System32\Tasks\{6A87D5B0-9708-4632-A994-6320D1CE502C} => pcalua.exe -a C:\Casino\ParadiseCasino\installerclient.exe -d C:\Casino\ParadiseCasino Task: {89C924CC-628A-4A1C-B03C-10AC30EFBF4D} - System32\Tasks\{068DC13D-8660-477B-910E-D1D4624AF456} => pcalua.exe -a C:\Users\WOLEK\Downloads\Shockwave_Installer_Slim.exe -d C:\Users\WOLEK\Downloads Task: {99C5E83A-42E8-495F-9FDF-076C3FFD9ACE} - System32\Tasks\{C57B12DB-FD60-4E54-AFCE-F0C918830CEC} => C:\Program Files (x86)\LG PC Suite II\LG_MobileSync_Launcher.exe [2009-02-11] () Task: {9C78F1EC-2DA5-4E02-A79B-35D205F330A6} - System32\Tasks\{59AF0FF9-79EC-4CD0-953E-3F4C2696B5B7} => C:\Program Files (x86)\Heroes3\Heroes3.exe Task: {A6383C8A-554C-465E-8218-051D5BF77B3A} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-1771713310-1976957200-1765415759-1000Core => C:\Users\WOLEK\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-09-03] (Facebook Inc.) Task: {AAC47D0B-E46B-41BB-A5BE-1F10205B22CF} - System32\Tasks\{96ABC465-17D7-4603-A320-BF678AEFB128} => pcalua.exe -a C:\games\AOE\AOE\SETUPREG.EXE -d C:\games\AOE\AOE Task: {B27F151F-3202-4F5C-9191-AB5F7EE2269B} - System32\Tasks\{5ECC80E0-DEC6-448E-AC6C-F30C53BA7FF0} => C:\Program Files (x86)\Heroes3\Heroes3.exe Task: {B8F608C7-061F-41DC-BD59-0D00A9788A59} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-10-23] (Google Inc.) Task: {B99857FD-B2C8-492A-89CD-5FD44CCC172D} - System32\Tasks\{7B83C986-541C-4393-8B11-4ED3309C98B6} => pcalua.exe -a F:\_setup\Setup.exe -d F:\_setup Task: {BBEC36D8-4A55-42A1-97E5-9C7B82C946AB} - System32\Tasks\Java Update Scheduler => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2014-09-26] (Oracle Corporation) Task: {BD0C2F02-6073-46D9-BCB8-9F690A508584} - System32\Tasks\{E25C21EC-B2E8-4824-A7AD-1D8F442D029A} => pcalua.exe -a E:\install_flash_player.exe -d E:\ Task: {C2B20AD7-34EF-40D1-BEFA-CF0E19F533E6} - System32\Tasks\{91227F85-23AA-4D90-8AC0-8BED20467D67} => pcalua.exe -a C:\Windows\system32\pcwrun.exe -c "C:\Program Files (x86)\LG PC Suite II\LG_MobileSync_Launcher.exe" Task: {C5E30B31-C3EA-4D34-B557-D2B34533BF03} - System32\Tasks\{BC84F4BC-F8B6-4650-AD85-D2DFB6005E6B} => pcalua.exe -a C:\games\AOE\AOE\Uninstx.Exe -d C:\games\AOE\AOE Task: {CDC8A3D7-BD2A-46B1-9303-0B7B814C6C2D} - System32\Tasks\avast! Emergency Update => C:\Program Files\Alwil Software\Avast5\AvastEmUpdate.exe [2014-11-30] (AVAST Software) Task: {DE4624F8-2F90-4ECA-AB59-CC918F230B19} - System32\Tasks\{32B16E7D-46C4-4685-B9AC-DAA649254AD6} => pcalua.exe -a E:\LGSetup.exe -d E:\ Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1771713310-1976957200-1765415759-1000Core.job => C:\Users\WOLEK\AppData\Local\Facebook\Update\FacebookUpdate.exe Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1771713310-1976957200-1765415759-1000UA.job => C:\Users\WOLEK\AppData\Local\Facebook\Update\FacebookUpdate.exe Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1771713310-1976957200-1765415759-1000Core.job => C:\Users\WOLEK\AppData\Local\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1771713310-1976957200-1765415759-1000UA.job => C:\Users\WOLEK\AppData\Local\Google\Update\GoogleUpdate.exe ==================== Loaded Modules (whitelisted) ============= 2011-11-09 13:34 - 2014-03-04 14:05 - 00116056 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll 2014-04-30 17:29 - 2012-09-21 08:55 - 00217600 _____ () C:\Program Files\PostgreSQL\9.0\bin\LIBPQ.dll 2014-04-30 17:30 - 2012-08-14 13:02 - 02258432 _____ () C:\Program Files\PostgreSQL\9.0\bin\libxml2.dll 2009-08-11 16:59 - 2009-08-11 16:59 - 00173344 _____ () C:\Program Files\WIDCOMM\Bluetooth Software\btkeyind.dll ==================== Alternate Data Streams (whitelisted) ========= (If an entry is included in the fixlist, only the Alternate Data Streams will be removed.) AlternateDataStreams: C:\Users\WOLEK\Downloads\Fwd_ Pediatria-mail-11.eml:OECustomProperty AlternateDataStreams: C:\Users\WOLEK\Downloads\Weryfikacja nieobecności na wykładach prowadzonych przez Panią Profesor Bandurską-Stankiewicz.eml:OECustomProperty ==================== Safe Mode (whitelisted) =================== (If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.) HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PEVSystemStart => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\procexp90.Sys => ""="Driver" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\PEVSystemStart => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\procexp90.Sys => ""="Driver" ==================== EXE Association (whitelisted) ============= (If an entry is included in the fixlist, the default will be restored. None default entries will be removed.) HKU\S-1-5-21-1771713310-1976957200-1765415759-1000\Software\Classes\.exe: exefile => "%1" %* <===== ATTENTION! HKU\S-1-5-21-1771713310-1976957200-1765415759-1000\Software\Classes\exefile: "%1" %* <===== ATTENTION! ==================== MSCONFIG/TASK MANAGER disabled items ========= (Currently there is no automatic fix for this section.) MSCONFIG\Services: Hamachi2Svc => 2 MSCONFIG\Services: nvUpdatusService => 2 MSCONFIG\Services: SkypeUpdate => 2 MSCONFIG\Services: vToolbarUpdater14.0.1 => 2 ========================= Accounts: ========================== Administrator (S-1-5-21-1771713310-1976957200-1765415759-500 - Administrator - Disabled) elephant (S-1-5-21-1771713310-1976957200-1765415759-1004 - Limited - Enabled) => C:\Users\elephant Gość (S-1-5-21-1771713310-1976957200-1765415759-501 - Limited - Enabled) HomeGroupUser$ (S-1-5-21-1771713310-1976957200-1765415759-1002 - Limited - Enabled) postgres (S-1-5-21-1771713310-1976957200-1765415759-1509 - Limited - Enabled) => C:\Users\postgres WOLEK (S-1-5-21-1771713310-1976957200-1765415759-1000 - Administrator - Enabled) => C:\Users\WOLEK ==================== Faulty Device Manager Devices ============= Name: Karta Broadcom NetLink (TM) Gigabit Ethernet Description: Karta Broadcom NetLink (TM) Gigabit Ethernet Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318} Manufacturer: Broadcom Service: b57nd60a Problem: : This device is disabled. (Code 22) Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions. Name: Teredo Tunneling Pseudo-Interface Description: Karta tunelowania Teredo firmy Microsoft Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318} Manufacturer: Microsoft Service: tunnel Problem: : This device cannot start. (Code10) Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device. On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard. ==================== Event log errors: ========================= Application errors: ================== Error: (01/20/2015 11:42:28 PM) (Source: C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe) (EventID: 1) (User: ) Description: C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exeCan't get user token [1008] Error: (01/20/2015 07:28:52 PM) (Source: MsiInstaller) (EventID: 1013) (User: WOLEK-Komputer) Description: Product: Samsung Kies3 -- This installation cannot be run by directly launching the MSI package. You must run setup.exe. Error: (01/20/2015 07:43:36 AM) (Source: C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe) (EventID: 1) (User: ) Description: C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exeCan't get user token [1008] Error: (01/20/2015 02:42:25 AM) (Source: Application Error) (EventID: 1000) (User: ) Description: Nazwa aplikacji powodującej błąd: wmiprvse.exe, wersja: 6.1.7601.17514, sygnatura czasowa: 0x4ce79d42 Nazwa modułu powodującego błąd: KERNELBASE.dll, wersja: 6.1.7601.18409, sygnatura czasowa: 0x5315a05a Kod wyjątku: 0xc0000005 Przesunięcie błędu: 0x000000000000940d Identyfikator procesu powodującego błąd: 0x118 Godzina uruchomienia aplikacji powodującej błąd: 0xwmiprvse.exe0 Ścieżka aplikacji powodującej błąd: wmiprvse.exe1 Ścieżka modułu powodującego błąd: wmiprvse.exe2 Identyfikator raportu: wmiprvse.exe3 Error: (01/20/2015 02:36:23 AM) (Source: Application Error) (EventID: 1000) (User: ) Description: Nazwa aplikacji powodującej błąd: wmiprvse.exe, wersja: 6.1.7601.17514, sygnatura czasowa: 0x4ce79d42 Nazwa modułu powodującego błąd: KERNELBASE.dll, wersja: 6.1.7601.18409, sygnatura czasowa: 0x5315a05a Kod wyjątku: 0xc0000005 Przesunięcie błędu: 0x000000000000940d Identyfikator procesu powodującego błąd: 0x224 Godzina uruchomienia aplikacji powodującej błąd: 0xwmiprvse.exe0 Ścieżka aplikacji powodującej błąd: wmiprvse.exe1 Ścieżka modułu powodującego błąd: wmiprvse.exe2 Identyfikator raportu: wmiprvse.exe3 Error: (01/20/2015 02:30:22 AM) (Source: Application Error) (EventID: 1000) (User: ) Description: Nazwa aplikacji powodującej błąd: wmiprvse.exe, wersja: 6.1.7601.17514, sygnatura czasowa: 0x4ce79d42 Nazwa modułu powodującego błąd: KERNELBASE.dll, wersja: 6.1.7601.18409, sygnatura czasowa: 0x5315a05a Kod wyjątku: 0xc0000005 Przesunięcie błędu: 0x000000000000940d Identyfikator procesu powodującego błąd: 0xcf0 Godzina uruchomienia aplikacji powodującej błąd: 0xwmiprvse.exe0 Ścieżka aplikacji powodującej błąd: wmiprvse.exe1 Ścieżka modułu powodującego błąd: wmiprvse.exe2 Identyfikator raportu: wmiprvse.exe3 Error: (01/20/2015 02:24:22 AM) (Source: Application Error) (EventID: 1000) (User: ) Description: Nazwa aplikacji powodującej błąd: wmiprvse.exe, wersja: 6.1.7601.17514, sygnatura czasowa: 0x4ce79d42 Nazwa modułu powodującego błąd: KERNELBASE.dll, wersja: 6.1.7601.18409, sygnatura czasowa: 0x5315a05a Kod wyjątku: 0xc0000005 Przesunięcie błędu: 0x000000000000940d Identyfikator procesu powodującego błąd: 0x7e0 Godzina uruchomienia aplikacji powodującej błąd: 0xwmiprvse.exe0 Ścieżka aplikacji powodującej błąd: wmiprvse.exe1 Ścieżka modułu powodującego błąd: wmiprvse.exe2 Identyfikator raportu: wmiprvse.exe3 Error: (01/20/2015 02:18:20 AM) (Source: Application Error) (EventID: 1000) (User: ) Description: Nazwa aplikacji powodującej błąd: wmiprvse.exe, wersja: 6.1.7601.17514, sygnatura czasowa: 0x4ce79d42 Nazwa modułu powodującego błąd: KERNELBASE.dll, wersja: 6.1.7601.18409, sygnatura czasowa: 0x5315a05a Kod wyjątku: 0xc0000005 Przesunięcie błędu: 0x000000000000940d Identyfikator procesu powodującego błąd: 0x33c Godzina uruchomienia aplikacji powodującej błąd: 0xwmiprvse.exe0 Ścieżka aplikacji powodującej błąd: wmiprvse.exe1 Ścieżka modułu powodującego błąd: wmiprvse.exe2 Identyfikator raportu: wmiprvse.exe3 Error: (01/20/2015 02:12:20 AM) (Source: Application Error) (EventID: 1000) (User: ) Description: Nazwa aplikacji powodującej błąd: wmiprvse.exe, wersja: 6.1.7601.17514, sygnatura czasowa: 0x4ce79d42 Nazwa modułu powodującego błąd: KERNELBASE.dll, wersja: 6.1.7601.18409, sygnatura czasowa: 0x5315a05a Kod wyjątku: 0xc0000005 Przesunięcie błędu: 0x000000000000940d Identyfikator procesu powodującego błąd: 0x450 Godzina uruchomienia aplikacji powodującej błąd: 0xwmiprvse.exe0 Ścieżka aplikacji powodującej błąd: wmiprvse.exe1 Ścieżka modułu powodującego błąd: wmiprvse.exe2 Identyfikator raportu: wmiprvse.exe3 Error: (01/20/2015 02:06:18 AM) (Source: Application Error) (EventID: 1000) (User: ) Description: Nazwa aplikacji powodującej błąd: wmiprvse.exe, wersja: 6.1.7601.17514, sygnatura czasowa: 0x4ce79d42 Nazwa modułu powodującego błąd: KERNELBASE.dll, wersja: 6.1.7601.18409, sygnatura czasowa: 0x5315a05a Kod wyjątku: 0xc0000005 Przesunięcie błędu: 0x000000000000940d Identyfikator procesu powodującego błąd: 0xe58 Godzina uruchomienia aplikacji powodującej błąd: 0xwmiprvse.exe0 Ścieżka aplikacji powodującej błąd: wmiprvse.exe1 Ścieżka modułu powodującego błąd: wmiprvse.exe2 Identyfikator raportu: wmiprvse.exe3 System errors: ============= Error: (01/25/2015 08:13:16 AM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Nie można uruchomić usługi Usługa Google Update (gupdate) z powodu następującego błędu: %%1053 Error: (01/25/2015 08:13:16 AM) (Source: Service Control Manager) (EventID: 7009) (User: ) Description: Upłynął limit czasu (30000 ms) podczas oczekiwania na połączenie się z usługą Usługa Google Update (gupdate). Error: (01/25/2015 08:13:13 AM) (Source: Service Control Manager) (EventID: 7009) (User: ) Description: Upłynął limit czasu (30000 ms) podczas oczekiwania na połączenie się z usługą Microsoft .NET Framework NGEN v4.0.30319_X86. Error: (01/25/2015 08:11:32 AM) (Source: Microsoft-Windows-Kernel-General) (EventID: 5) (User: ZARZĄDZANIE NT) Description: 0x8000002a29\??\C:\Users\WOLEK\ntuser.dat Error: (01/25/2015 08:11:08 AM) (Source: Service Control Manager) (EventID: 7009) (User: ) Description: Upłynął limit czasu (30000 ms) podczas oczekiwania na połączenie się z usługą NVIDIA Network Service. Error: (01/25/2015 08:11:07 AM) (Source: Service Control Manager) (EventID: 7009) (User: ) Description: Upłynął limit czasu (30000 ms) podczas oczekiwania na połączenie się z usługą Adobe Acrobat Update Service. Error: (01/25/2015 08:11:05 AM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Nie można uruchomić usługi avast! Antivirus z powodu następującego błędu: %%1053 Error: (01/25/2015 08:11:05 AM) (Source: Service Control Manager) (EventID: 7009) (User: ) Description: Upłynął limit czasu (30000 ms) podczas oczekiwania na połączenie się z usługą avast! Antivirus. Error: (01/25/2015 08:10:58 AM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Nie można uruchomić usługi NVIDIA Stereoscopic 3D Driver Service z powodu następującego błędu: %%1053 Error: (01/25/2015 08:10:58 AM) (Source: Service Control Manager) (EventID: 7009) (User: ) Description: Upłynął limit czasu (30000 ms) podczas oczekiwania na połączenie się z usługą NVIDIA Stereoscopic 3D Driver Service. Microsoft Office Sessions: ========================= Error: (06/14/2013 02:24:51 AM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: ) Description: ID: 3, Application Name: Microsoft Office PowerPoint, Application Version: 12.0.6600.1000, Microsoft Office Version: 12.0.6612.1000. This session lasted 31 seconds with 0 seconds of active time. This session ended with a crash. Error: (03/07/2013 10:59:56 AM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: ) Description: ID: 3, Application Name: Microsoft Office PowerPoint, Application Version: 12.0.6600.1000, Microsoft Office Version: 12.0.6612.1000. This session lasted 5 seconds with 0 seconds of active time. This session ended with a crash. Error: (03/07/2013 10:59:39 AM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: ) Description: ID: 3, Application Name: Microsoft Office PowerPoint, Application Version: 12.0.6600.1000, Microsoft Office Version: 12.0.6612.1000. This session lasted 6 seconds with 0 seconds of active time. This session ended with a crash. Error: (03/07/2013 10:59:11 AM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: ) Description: ID: 3, Application Name: Microsoft Office PowerPoint, Application Version: 12.0.6600.1000, Microsoft Office Version: 12.0.6612.1000. This session lasted 8 seconds with 0 seconds of active time. This session ended with a crash. Error: (03/07/2013 10:58:42 AM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: ) Description: ID: 3, Application Name: Microsoft Office PowerPoint, Application Version: 12.0.6600.1000, Microsoft Office Version: 12.0.6612.1000. This session lasted 6 seconds with 0 seconds of active time. This session ended with a crash. Error: (03/07/2013 10:58:27 AM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: ) Description: ID: 3, Application Name: Microsoft Office PowerPoint, Application Version: 12.0.6600.1000, Microsoft Office Version: 12.0.6612.1000. This session lasted 28 seconds with 0 seconds of active time. This session ended with a crash. Error: (03/07/2013 10:56:29 AM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: ) Description: ID: 3, Application Name: Microsoft Office PowerPoint, Application Version: 12.0.6600.1000, Microsoft Office Version: 12.0.6612.1000. This session lasted 455 seconds with 60 seconds of active time. This session ended with a crash. Error: (03/07/2013 10:48:42 AM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: ) Description: ID: 3, Application Name: Microsoft Office PowerPoint, Application Version: 12.0.6600.1000, Microsoft Office Version: 12.0.6612.1000. This session lasted 7 seconds with 0 seconds of active time. This session ended with a crash. Error: (03/07/2013 10:47:52 AM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: ) Description: ID: 3, Application Name: Microsoft Office PowerPoint, Application Version: 12.0.6600.1000, Microsoft Office Version: 12.0.6612.1000. This session lasted 1935 seconds with 0 seconds of active time. This session ended with a crash. ==================== Memory info =========================== Processor: Intel(R) Core(TM)2 Duo CPU T5750 @ 2.00GHz Percentage of memory in use: 27% Total physical RAM: 4094.43 MB Available physical RAM: 2953.33 MB Total Pagefile: 8187.04 MB Available Pagefile: 5940.53 MB Total Virtual: 8192 MB Available Virtual: 8191.84 MB ==================== Drives ================================ Drive c: () (Fixed) (Total:97.65 GB) (Free:14.31 GB) NTFS ==>[Drive with boot components (obtained from BCD)] Drive d: () (Fixed) (Total:200.43 GB) (Free:21.63 GB) NTFS Drive e: (GRMCPRXFRER_PL_DVD) (CDROM) (Total:2.91 GB) (Free:0 GB) UDF ==================== MBR & Partition Table ================== ======================================================== Disk: 0 (MBR Code: Windows 7 or 8) (Size: 298.1 GB) (Disk ID: A9BBA9BB) Partition 1: (Active) - (Size=97.7 GB) - (Type=07 NTFS) Partition 2: (Not Active) - (Size=200.4 GB) - (Type=OF Extended) ==================== End Of Log ============================