Additional scan result of Farbar Recovery Scan Tool (x64) Version:24-06-2015 Ran by Jurek at 2015-06-25 16:22:11 Running from C:\Users\Jurek\Desktop Boot Mode: Normal ========================================================== ==================== Accounts: ============================= Administrator (S-1-5-21-3202079706-1851762946-1585998374-500 - Administrator - Disabled) Guest (S-1-5-21-3202079706-1851762946-1585998374-501 - Limited - Disabled) HomeGroupUser$ (S-1-5-21-3202079706-1851762946-1585998374-1003 - Limited - Enabled) Jurek (S-1-5-21-3202079706-1851762946-1585998374-1002 - Administrator - Enabled) => C:\Users\Jurek UpdatusUser (S-1-5-21-3202079706-1851762946-1585998374-1000 - Limited - Enabled) => C:\Users\UpdatusUser ==================== Security Center ======================== (If an entry is included in the fixlist, it will be removed.) AV: Trend Micro Titanium Internet Security (Disabled - Up to date) {68F968AC-2AA0-091D-848C-803E83E35902} AS: Trend Micro Titanium Internet Security (Disabled - Up to date) {D3988948-0C9A-0693-BE3C-BB4CF86413BF} AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} ==================== Installed Programs ====================== (Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.) „Windows Live Essentials“ (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden „Windows Live Mail“ (x32 Version: 16.4.3508.0205 - „Microsoft Corporation“) Hidden „Windows Live Messenger“ (x32 Version: 16.4.3508.0205 - „Microsoft Corporation“) Hidden µTorrent (HKU\S-1-5-21-3202079706-1851762946-1585998374-1002\...\uTorrent) (Version: 3.4.3.40298 - BitTorrent Inc.) Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 3.7.0.1860 - Adobe Systems Incorporated) Adobe Flash Player 10 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 10.0.42.34 - Adobe Systems Incorporated) Adobe Flash Player 17 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 17.0.0.169 - Adobe Systems Incorporated) Adobe Photoshop Elements 11 (HKLM-x32\...\Adobe Photoshop Elements 11) (Version: 11.0 - Adobe Systems Incorporated) Adobe Reader X (10.1.14) (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AA1000000001}) (Version: 10.1.14 - Adobe Systems Incorporated) AI Viewer (HKLM-x32\...\{8C8292F3-7D93-4D40-9738-B24165D7E7CD}_is1) (Version: - IdeaMK) Aktualizacja produktu Microsoft Office Excel 2007 Help (KB963678) (HKLM-x32\...\{90120000-0016-0415-0000-0000000FF1CE}_ENTERPRISER_{04E205D6-88B1-4652-B162-42DF2C3B1228}) (Version: - Microsoft) Aktualizacja produktu Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM-x32\...\{90120000-0018-0415-0000-0000000FF1CE}_ENTERPRISER_{442ECBCF-94A7-48CC-8CD9-D31FFFD5FA86}) (Version: - Microsoft) Aktualizacja produktu Microsoft Office Word 2007 Help (KB963665) (HKLM-x32\...\{90120000-001B-0415-0000-0000000FF1CE}_ENTERPRISER_{128A36ED-21BE-4547-9FFE-5B85AEC735DD}) (Version: - Microsoft) Alcor Micro USB Card Reader (HKLM-x32\...\InstallShield_{878CADF7-5BD6-4A29-A6F4-AC51C0CE8068}) (Version: 1.8.17.26026 - Alcor Micro Corp.) Alcor Micro USB Card Reader (x32 Version: 1.8.17.26026 - Alcor Micro Corp.) Hidden ALL YouTube Downloader (HKLM-x32\...\ALL YouTube Downloader_is1) (Version: 2.0 - ALLPlayer Ltd.) ALLConverter PRO 1.2 (HKLM-x32\...\{9370105C-71BB-4FF9-A85B-36D79B95457A}_is1) (Version: - ALLCinema, Inc.) ALLMediaServer (HKLM-x32\...\{FE77909E-B782-4554-A92A-4D887CEF0ACC}_is1) (Version: 0.94 - ALLCinema Ltd.) ALLPlayer V5.X (HKLM-x32\...\ALLPlayer_is1) (Version: - ALLCinema Ltd.) ArtRage Studio Pro (HKLM-x32\...\{F4BF6344-7223-41DB-8C76-8E964335DF3C}) (Version: 3.5.4 - Ambient Design) ASUS AI Recovery (HKLM-x32\...\{38253529-D97D-4901-AE53-5CC9736D3A2E}) (Version: 1.0.13 - ASUS) ASUS FancyStart (HKLM-x32\...\{2B81872B-A054-48DA-BE3B-FA5C164C303A}) (Version: 1.0.8 - ASUSTeK Computer Inc.) ASUS LifeFrame3 (HKLM-x32\...\{1DBD1F12-ED93-49C0-A7CC-56CBDE488158}) (Version: 3.0.22 - ASUS) ASUS Live Update (HKLM-x32\...\{E657B243-9AD4-4ECC-BE81-4CCF8D667FD0}) (Version: 2.5.9 - ASUS) ASUS Power4Gear Hybrid (HKLM\...\{9B6239BF-4E85-4590-8D72-51E30DB1A9AA}) (Version: 1.1.43 - ASUS) ASUS Secure Delete (HKLM\...\{761C6783-D3BC-48AB-8E7C-61CE918A8436}) (Version: 1.00.0006 - ASUS) ASUS SmartLogon (HKLM-x32\...\{64452561-169F-4A36-A2FF-B5E118EC65F5}) (Version: 1.0.0009 - ASUS) ASUS Splendid Video Enhancement Technology (HKLM-x32\...\{0969AF05-4FF6-4C00-9406-43599238DE0D}) (Version: 1.02.0031 - ASUS) ASUS Virtual Camera (HKLM-x32\...\{EC8BD21F-0CA0-4BBF-97D9-4A52B30041A1}) (Version: 1.0.21 - asus) ASUS WebStorage (HKLM-x32\...\ASUS WebStorage) (Version: 2.0.46.1429 - eCareme Technologies, Inc.) AsusScr_U Series_ENG (HKLM-x32\...\AsusScr_U Series_ENG) (Version: 1.0.0001 - ASUS) Atheros WLAN and Bluetooth Client Installation Program (HKLM-x32\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 9.0 - Atheros) ATK Package (HKLM-x32\...\{AB5C933E-5C7D-4D30-B314-9C83A49B94BE}) (Version: 1.0.0007 - ASUS) Bamboo (HKLM\...\Pen Tablet Driver) (Version: 5.3.0-3 - Wacom Technology Corp.) Bamboo Dock (HKLM-x32\...\Bamboo Dock) (Version: 4.1 - Wacom Co., Ltd.) Bamboo Dock (x32 Version: 4.1.0 - Wacom Europe GmbH) Hidden Bamboo Tablets Tutorial (x32 Version: 3.0.20 - Wacom) Hidden Bluetooth Win7 Suite (64) (HKLM\...\{230D1595-57DA-4933-8C4E-375797EBB7E1}) (Version: 7.2.0.45 - Atheros Communications) Bookworm Deluxe (HKLM-x32\...\Bookworm Deluxe) (Version: - Oberon Media Inc.) calibre (HKLM-x32\...\{4CBCF501-B5FC-4165-87CA-140B41905497}) (Version: 2.23.0 - Kovid Goyal) Convert PDF To Image (HKLM-x32\...\Convert PDF To Image_is1) (Version: - Softinterface, Inc.) Cooking Dash (HKLM-x32\...\Cooking Dash) (Version: - Oberon Media Inc.) Corel Painter Essentials 4 (HKLM-x32\...\_{53A908D4-99C6-469B-BC13-F4189F260742}) (Version: - Corel Corporation) Corel Painter Essentials 4 (x32 Version: 4.2 - Corel Corporation) Hidden CPUID CPU-Z 1.72 (HKLM\...\CPUID CPU-Z_is1) (Version: - ) CyberLink LabelPrint (HKLM-x32\...\InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}) (Version: 2.5.1908 - CyberLink Corp.) CyberLink Power2Go (HKLM-x32\...\InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 6.1.3602c - CyberLink Corp.) D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden DiRT 3 Complete Edition (HKLM-x32\...\DiRT 3 Complete Edition_is1) (Version: 1.0 - PLAZA) Dropbox (HKU\S-1-5-21-3202079706-1851762946-1585998374-1002\...\Dropbox) (Version: 3.2.6 - Dropbox, Inc.) Elements 11 Organizer (x32 Version: 11.0 - Nazwa firmy) Hidden e-pity 2011 wersja 3.0 (HKLM-x32\...\{670A2206-F20A-490C-8C13-25EA88BF8E54}_is1) (Version: 3.0 - e-file sp. z o.o.) eReg (x32 Version: 1.20.138.34 - Logitech, Inc.) Hidden ExpressGateCloud (HKLM-x32\...\InstallShield_{36B0DC39-3282-40EB-8587-B875CE46C3A7}) (Version: 2.6.23.124 - VideACE Co.) ExpressGateCloud (x32 Version: 2.6.23.124 - VideACE Co.) Hidden Facebook Video Calling 3.1.0.521 (HKLM-x32\...\{2091F234-EB58-4B80-8C96-8EB78C808CF7}) (Version: 3.1.521 - Skype Limited) Fast Boot (HKLM\...\{13F4A7F3-EABC-4261-AF6B-1317777F0755}) (Version: 1.0.7 - ASUS) Fotoattēlu galerija (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden Fotogaléria (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden Fotogalerie (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden Fotogalerii (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden Fotogalerija (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden Foto-galerija (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden Fotótár (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden Galeria fotografii (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden Galerie foto (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden Galerija fotografija (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden Game Park Console (HKLM-x32\...\{E71E60C1-533E-45A5-8D80-E475E88D2B17}_is1) (Version: 6.2.1.1 - Oberon Media, Inc.) GIMP 2.8.6 (HKLM\...\GIMP-2_is1) (Version: 2.8.6 - The GIMP Team) Google Chrome (HKLM-x32\...\Google Chrome) (Version: 43.0.2357.130 - Google Inc.) Google Talk Plugin (HKLM-x32\...\{CA3DD97D-1FD7-37A7-BD5C-FC4430C8B8E6}) (Version: 5.41.2.0 - Google) Google Toolbar for Internet Explorer (HKLM-x32\...\{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version: - Google Inc.) Google Toolbar for Internet Explorer (x32 Version: 1.0.0 - Google Inc.) Hidden Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden Google Update Helper (x32 Version: 1.3.27.5 - Google Inc.) Hidden GoPro CineForm Studio 1.3.2 (HKLM-x32\...\GoPro CineForm Studio) (Version: 1.3.2 - CineForm, Inc & GoPro, Inc.) Governor of Poker (HKLM-x32\...\Governor of Poker) (Version: - Oberon Media Inc.) Grand Theft Auto (HKLM-x32\...\Grand Theft Auto) (Version: - ) Hotel Dash Suite Success (HKLM-x32\...\Hotel Dash Suite Success) (Version: - Oberon Media Inc.) Intel(R) Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1007 - Intel Corporation) Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 7.0.0.1118 - Intel Corporation) Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 8.15.10.2291 - Intel Corporation) Intel(R) Turbo Boost Technology Monitor (HKLM\...\{39F4C6F9-618A-4E5B-8FB2-6BD661174E32}) (Version: 1.0.400.4 - Intel) ipla 2.8 (HKLM-x32\...\ipla) (Version: 2.8 - Redefine Sp z o.o.) Java 8 Update 40 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218040F0}) (Version: 8.0.400 - Oracle Corporation) Junk Mail filter update (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden Lightworks (HKLM-x32\...\{E94DD4E4-7746-472c-AA7B-1242FED0CFC8}) (Version: 11.1.0.0 - Lightworks) Lizardtech DjVu Control (HKLM-x32\...\{105CFC7C-6992-11D5-BD9D-000102C10FD8}) (Version: - ) Luxor 3 (HKLM-x32\...\Luxor 3) (Version: - Oberon Media Inc.) Mahjongg dimensions (HKLM-x32\...\Mahjongg dimensions) (Version: - Oberon Media Inc.) MicroCapture 2.0 (HKLM-x32\...\MicroCapture) (Version: 2.0 - ) Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation) Microsoft Games for Windows - LIVE (HKLM-x32\...\{4CB52D2C-1857-4D6C-99C8-4D3F8FC6E124}) (Version: 3.1.173.0 - Microsoft Corporation) Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{6F05332E-6063-4FB9-9233-0577B01E124A}) (Version: 3.1.89.0 - Microsoft Corporation) Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{91120000-0030-0000-0000-0000000FF1CE}_ENTERPRISER_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft) Microsoft Office 2010 (HKLM-x32\...\{95140000-0070-0000-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation) Microsoft Office Enterprise 2007 (HKLM-x32\...\ENTERPRISER) (Version: 12.0.6612.1000 - Microsoft Corporation) Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation) Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.40416.0 - Microsoft Corporation) Microsoft SkyDrive (HKU\S-1-5-21-3202079706-1851762946-1585998374-1002\...\SkyDriveSetup.exe) (Version: 17.0.2015.0811 - Microsoft Corporation) Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation) Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM-x32\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) - KB2467175 (HKLM\...\{aac9fcc4-dd9e-4add-901c-b5496a07ab2e}) (Version: 8.0.51011 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation) Microsoft Visual C++ 2008 ATL Update kb973924 - x64 9.0.30729.4148 (HKLM\...\{EE936C7A-EA40-31D5-9B65-8E3E089C3828}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 (HKLM-x32\...\{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570 (HKLM\...\{8338783A-0968-3B85-AFC7-BAAE0A63DC50}) (Version: 9.0.30729.5570 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (HKLM-x32\...\{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}) (Version: 9.0.30729.5570 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Movie Maker (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden Mozilla Firefox 38.0.5 (x86 pl) (HKLM-x32\...\Mozilla Firefox 38.0.5 (x86 pl)) (Version: 38.0.5 - Mozilla) Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 29.0.1 - Mozilla) Mozilla Thunderbird 31.7.0 (x86 pl) (HKLM-x32\...\Mozilla Thunderbird 31.7.0 (x86 pl)) (Version: 31.7.0 - Mozilla) MSVC80_x64_v2 (Version: 1.0.3.0 - Nokia) Hidden MSVC80_x86_v2 (x32 Version: 1.0.3.0 - Nokia) Hidden MSVC90_x64 (Version: 1.0.1.2 - Nokia) Hidden MSVC90_x86 (x32 Version: 1.0.1.2 - Nokia) Hidden MSXML 4.0 SP3 Parser (KB2721691) (HKLM-x32\...\{355B5AC0-CEEE-42C5-AD4D-7F3CFD806C36}) (Version: 4.30.2114.0 - Microsoft Corporation) MSXML 4.0 SP3 Parser (KB2758694) (HKLM-x32\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation) MSXML 4.0 SP3 Parser (KB973685) (HKLM-x32\...\{859DFA95-E4A6-48CD-B88E-A3E483E89B44}) (Version: 4.30.2107.0 - Microsoft Corporation) NapiProjekt 2.0.0 (build 2151) (HKLM-x32\...\NapiProjekt_is1) (Version: - ) Nokia Connectivity Cable Driver (HKLM-x32\...\{29373274-977E-413C-A4DE-DC0F8E80C429}) (Version: 7.1.172.0 - Nokia) Nokia Suite (HKLM-x32\...\Nokia Suite) (Version: 3.8.48.0 - Nokia) Nokia Suite (x32 Version: 3.8.48.0 - Nokia) Hidden Nuance PDF Reader (HKLM-x32\...\{B480904D-F73F-4673-B034-8A5F492C9184}) (Version: 6.00.0041 - Nuance Communications, Inc.) NVIDIA Graphics Driver 314.22 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 314.22 - NVIDIA Corporation) NVIDIA PhysX System Software 9.12.1031 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.12.1031 - NVIDIA Corporation) NVIDIA Update 1.12.12 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 1.12.12 - NVIDIA Corporation) OpenAL (HKLM-x32\...\OpenAL) (Version: - ) Opera 12.16 (HKLM-x32\...\Opera 12.16.1860) (Version: 12.16.1860 - Opera Software ASA) Pazera Free Audio Extractor 1.4 (HKLM-x32\...\{6899C238-3E4A-4A04-B251-A0C9EDC7EDBC}_is1) (Version: 1.4 - Jacek Pazera) PC Connectivity Solution (HKLM-x32\...\{6D01D1B1-17BD-4F10-BB11-F08F0C47D42B}) (Version: 12.0.109.0 - Nokia) Picasa 3 (HKLM-x32\...\Picasa 3) (Version: 3.9 - Google, Inc.) Plants vs Zombies (HKLM-x32\...\Plants vs Zombies) (Version: - Oberon Media Inc.) PlayReady PC Runtime x86 (HKLM-x32\...\{CCA5EAAD-92F4-4B7A-B5EE-14294C66AB61}) (Version: 1.3.0 - Microsoft Corporation) Poczta usługi Windows Live (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden Podstawowe programy Windows Live (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3508.0205 - Microsoft Corporation) Podstawowe programy Windows Live (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden Pogoda 1.61 (HKLM-x32\...\Pogoda_is1) (Version: - Watt) Pošta Windows Live (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden PrimoPDF -- brought to you by Nitro PDF Software (HKLM-x32\...\PrimoPDF) (Version: 5 - Nitro PDF Software) Project + (HKLM-x32\...\ProjectPlus) (Version: - ) PSE11 STI Installer (x32 Version: 11.0 - Adobe Systems Incorporated) Hidden Rapture3D 2.3.22 Game (HKLM-x32\...\{D2FCA41E-AC01-4DCD-B3A7-DC9E32363065}}_is1) (Version: - Blue Ripple Sound) Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6307 - Realtek Semiconductor Corp.) SceneSwitch (HKLM-x32\...\{5172E572-C175-4F80-A6D5-5CB45826AD61}) (Version: 1.0.6 - ASUS) Skype Click to Call (HKLM-x32\...\{B6CF2967-C81E-40C0-9815-C05774FEF120}) (Version: 6.11.13348 - Skype Technologies S.A.) Skype™ 7.5 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.5.101 - Skype Technologies S.A.) Sonic Focus (HKLM-x32\...\{09BCB9CE-964B-4BDA-AE46-B5A0ABEF1D3F}) (Version: 1.00.0000 - Virage Logic, Corp.) Stellarium 0.11.3 (HKLM-x32\...\Stellarium_is1) (Version: - ) SumatraPDF (HKLM\...\SumatraPDF) (Version: 2.2.6553 - Krzysztof Kowalczyk) Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 15.2.8.0 - Synaptics Incorporated) syncables desktop SE (HKLM-x32\...\{341697D8-9923-445E-B42A-529E5A99CB7A}) (Version: 5.5.746.11492 - syncables) System Requirements Lab Detection (HKLM-x32\...\{DEB3FD47-9E7A-460E-8933-48377E008133}) (Version: 6.1.3.0 - Husdawg, LLC) Total Commander (Remove or Repair) (HKLM-x32\...\Totalcmd) (Version: 7.57a - Ghisler Software GmbH) Trend Micro Titanium Internet Security (HKLM\...\{ABBD4BA8-6703-40D2-AB1E-5BB1F7DB49A4}) (Version: 3.0 - Trend Micro Inc.) Trend Micro Titanium Internet Security (Version: 3.00 - Trend Micro Inc.) Hidden Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{91120000-0030-0000-0000-0000000FF1CE}_ENTERPRISER_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft) uTorrentControl2 Toolbar (HKLM-x32\...\uTorrentControl2 Toolbar) (Version: 6.15.0.27 - uTorrentControl2) <==== ATTENTION Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies) Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.) VLC media player 1.1.9 (HKLM-x32\...\VLC media player) (Version: 1.1.9 - VideoLAN) WebTablet FB Plugin 32 bit (HKLM-x32\...\Wacom WebTabletPlugin for Internet Explorer and Netscape) (Version: 2.1.0.2 - Wacom Technology Corp.) WebTablet FB Plugin 64 bit (HKLM\...\Wacom WebTabletPlugin for Internet Explorer and Netscape) (Version: 2.1.0.2 - Wacom Technology Corp.) Winamp (HKLM-x32\...\Winamp) (Version: 5.622 - Nullsoft, Inc) Winamp Detector Plug-in (HKU\S-1-5-21-3202079706-1851762946-1585998374-1002\...\Winamp Detect) (Version: 1.0.0.1 - Nullsoft, Inc) Windows Driver Package - GoPro (WinUSB) Universal Serial Bus devices (03/07/2012 ) (HKLM\...\0B624A43DD66DBF5CF3EDFA9741A364E688062A4) (Version: 03/07/2012 - GoPro) Windows Driver Package - Nokia pccsmcfd LegacyDriver (05/31/2012 7.1.2.0) (HKLM\...\62BBD193ADFDBB228C7E1ADB56463F5732FF7F6F) (Version: 05/31/2012 7.1.2.0 - Nokia) Windows Media Player Firefox Plugin (HKLM-x32\...\{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}) (Version: 1.0.0.8 - Microsoft Corp) WinFlash (HKLM-x32\...\{8F21291E-0444-4B1D-B9F9-4370A73E346D}) (Version: 2.31.1 - ASUS) WinRAR 4.00 (64-bitowy) (HKLM\...\WinRAR archiver) (Version: 4.00.0 - win.rar GmbH) Wireless Console 3 (HKLM-x32\...\{20FDF948-C8ED-4543-A539-F7F4AEF5AFA2}) (Version: 3.0.19 - ASUS) World of Goo (HKLM-x32\...\World of Goo) (Version: - Oberon Media Inc.) XnView 1.98 (HKLM-x32\...\XnView_is1) (Version: 1.98 - Gougelet Pierre-e) Фотогалерия (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden ==================== Custom CLSID (Whitelisted): ========================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) CustomCLSID: HKU\S-1-5-21-3202079706-1851762946-1585998374-1002_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Jurek\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-3202079706-1851762946-1585998374-1002_Classes\CLSID\{092dfa86-5807-5a94-bf3b-5a53ba9e5308}\InprocServer32 -> C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll (Wacom) CustomCLSID: HKU\S-1-5-21-3202079706-1851762946-1585998374-1002_Classes\CLSID\{0F22A205-CFB0-4679-8499-A6F44A80A208}\InprocServer32 -> C:\Users\Jurek\AppData\Local\Google\Update\1.3.25.5\psuser_64.dll No File CustomCLSID: HKU\S-1-5-21-3202079706-1851762946-1585998374-1002_Classes\CLSID\{1423F872-3F7F-4E57-B621-8B1A9D49B448}\InprocServer32 -> C:\Users\Jurek\AppData\Local\Google\Update\1.3.27.5\psuser_64.dll (Google Inc.) CustomCLSID: HKU\S-1-5-21-3202079706-1851762946-1585998374-1002_Classes\CLSID\{90B3DFBF-AF6A-4EA0-8899-F332194690F8}\InprocServer32 -> C:\Users\Jurek\AppData\Local\Google\Update\1.3.24.15\psuser_64.dll No File CustomCLSID: HKU\S-1-5-21-3202079706-1851762946-1585998374-1002_Classes\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}\InprocServer32 -> C:\Users\Jurek\AppData\Local\Microsoft\SkyDrive\17.0.2015.0811\amd64\SkyDriveShell64.dll (Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-3202079706-1851762946-1585998374-1002_Classes\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}\InprocServer32 -> C:\Users\Jurek\AppData\Local\Microsoft\SkyDrive\17.0.2015.0811\amd64\SkyDriveShell64.dll (Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-3202079706-1851762946-1585998374-1002_Classes\CLSID\{C3BC25C0-FCD3-4F01-AFDD-41373F017C9A}\InprocServer32 -> C:\Users\Jurek\AppData\Local\Google\Update\1.3.26.9\psuser_64.dll No File CustomCLSID: HKU\S-1-5-21-3202079706-1851762946-1585998374-1002_Classes\CLSID\{CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B}\InprocServer32 -> C:\Users\Jurek\AppData\Local\Microsoft\SkyDrive\17.0.2015.0811\amd64\SkyDriveShell64.dll (Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-3202079706-1851762946-1585998374-1002_Classes\CLSID\{D0336C0B-7919-4C04-8CCE-2EBAE2ECE8C9}\InprocServer32 -> C:\Users\Jurek\AppData\Local\Google\Update\1.3.25.11\psuser_64.dll No File CustomCLSID: HKU\S-1-5-21-3202079706-1851762946-1585998374-1002_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\Jurek\AppData\Local\Google\Update\1.3.27.5\psuser_64.dll (Google Inc.) CustomCLSID: HKU\S-1-5-21-3202079706-1851762946-1585998374-1002_Classes\CLSID\{ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C}\InprocServer32 -> C:\Users\Jurek\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-3202079706-1851762946-1585998374-1002_Classes\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}\InprocServer32 -> C:\Users\Jurek\AppData\Local\Microsoft\SkyDrive\17.0.2015.0811\amd64\SkyDriveShell64.dll (Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-3202079706-1851762946-1585998374-1002_Classes\CLSID\{F8071786-1FD0-4A66-81A1-3CBE29274458}\InprocServer32 -> C:\Users\Jurek\AppData\Local\Microsoft\SkyDrive\17.0.2015.0811\amd64\FileSyncApi64.dll (Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-3202079706-1851762946-1585998374-1002_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Jurek\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-3202079706-1851762946-1585998374-1002_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Jurek\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-3202079706-1851762946-1585998374-1002_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Jurek\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-3202079706-1851762946-1585998374-1002_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Jurek\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-3202079706-1851762946-1585998374-1002_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Jurek\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-3202079706-1851762946-1585998374-1002_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Jurek\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-3202079706-1851762946-1585998374-1002_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Jurek\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-3202079706-1851762946-1585998374-1002_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Jurek\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-3202079706-1851762946-1585998374-1002_Classes\CLSID\{FE498BAB-CB4C-4F88-AC3F-3641AAAF5E9E}\InprocServer32 -> C:\Users\Jurek\AppData\Local\Google\Update\1.3.24.7\psuser_64.dll No File ==================== Restore Points ========================= ==================== Hosts content: =============================== (If needed Hosts: directive could be included in the fixlist to reset Hosts.) 2009-07-14 04:34 - 2009-06-10 23:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts ==================== Scheduled Tasks (Whitelisted) ============= (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3202079706-1851762946-1585998374-1002Core.job => C:\Users\Jurek\AppData\Local\Facebook\Update\FacebookUpdate.exe Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3202079706-1851762946-1585998374-1002UA.job => C:\Users\Jurek\AppData\Local\Facebook\Update\FacebookUpdate.exe Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3202079706-1851762946-1585998374-1002Core.job => C:\Users\Jurek\AppData\Local\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3202079706-1851762946-1585998374-1002UA.job => C:\Users\Jurek\AppData\Local\Google\Update\GoogleUpdate.exe ==================== Loaded Modules (Whitelisted) ============== 2013-04-15 20:27 - 2013-03-15 06:16 - 00086304 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll 2011-05-17 16:11 - 2011-03-01 00:37 - 00095008 _____ () C:\Windows\System32\Primomonnt.dll 2011-04-05 17:01 - 2010-09-17 10:52 - 00047104 _____ () C:\Program Files\Trend Micro\AMSP\boost_thread-vc80-mt-1_36.dll 2011-04-05 17:01 - 2010-09-17 10:52 - 00042496 _____ () C:\Program Files\Trend Micro\AMSP\boost_date_time-vc80-mt-1_36.dll 2011-01-13 01:22 - 2011-01-13 01:22 - 00091464 _____ () C:\ExpressGateUtil\VAWinService.exe 2013-06-01 18:45 - 2012-11-14 14:45 - 01184640 _____ () C:\Program Files\Tablet\Pen\libxml2.dll 2010-03-16 03:48 - 2010-03-16 03:48 - 01754448 _____ () C:\Program Files (x86)\ASUS\ASUS WebStorage\SERVICE\AsusWSService.exe 2011-04-05 15:22 - 2011-04-05 15:22 - 00057640 _____ () C:\Program Files\Synaptics\SynTP\SynTPEnhPS.dll 2011-04-05 15:21 - 2011-04-05 15:21 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll 2010-09-24 01:53 - 2010-09-24 01:53 - 01601536 _____ () C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe 2011-01-14 01:09 - 2011-01-14 01:09 - 00191304 _____ () C:\ExpressGateUtil\VAWinAgent.exe 2012-10-16 11:39 - 2012-10-16 11:39 - 00646744 _____ () C:\Program Files (x86)\Bamboo Dock\BambooCore.exe 2015-06-04 05:40 - 2015-06-04 05:40 - 00818176 _____ () C:\Users\Jurek\AppData\Roaming\Mozilla\Firefox\Profiles\2tv9h9un.default\extensions\adbhelper@mozilla.org\win32\adb.exe 2010-12-25 03:51 - 2010-12-25 03:51 - 00157000 _____ () C:\ExpressGateUtil\libexpat.dll 2011-01-04 02:08 - 2011-01-04 02:08 - 00061768 _____ () C:\ExpressGateUtil\netProfileDatabase.DLL 2009-11-02 23:20 - 2009-11-02 23:20 - 00619816 _____ () C:\Program Files (x86)\CyberLink\Power2Go\CLMediaLibrary.dll 2009-11-02 23:23 - 2009-11-02 23:23 - 00013096 _____ () C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvcPS.dll ==================== Alternate Data Streams (Whitelisted) ========= (If an entry is included in the fixlist, only the ADS will be removed.) AlternateDataStreams: C:\ProgramData\Temp:029E021F AlternateDataStreams: C:\ProgramData\Temp:054203E4 AlternateDataStreams: C:\ProgramData\Temp:3AE22B1A AlternateDataStreams: C:\ProgramData\Temp:3E7393FC AlternateDataStreams: C:\ProgramData\Temp:52DBE86F AlternateDataStreams: C:\ProgramData\Temp:5D458568 AlternateDataStreams: C:\ProgramData\Temp:81F83028 AlternateDataStreams: C:\ProgramData\Temp:981884E7 AlternateDataStreams: C:\ProgramData\Temp:D20FFA63 ==================== Safe Mode (Whitelisted) =================== (If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.) ==================== EXE Association (Whitelisted) =============== (If an entry is included in the fixlist, the registry item will be restored to default or removed.) ==================== Internet Explorer trusted/restricted =============== (If an entry is included in the fixlist, it will be removed from the registry.) ==================== Other Areas ============================ (Currently there is no automatic fix for this section.) HKU\S-1-5-21-3202079706-1851762946-1585998374-1002\Control Panel\Desktop\\Wallpaper -> C:\Users\Jurek\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg DNS Servers: 8.8.8.8 - 8.8.4.4 ==================== MSCONFIG/TASK MANAGER disabled items == (Currently there is no automatic fix for this section.) MSCONFIG\startupreg: ASUS Screen Saver Protector => C:\Windows\AsScrPro.exe MSCONFIG\startupreg: CLMLServer => "C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe" MSCONFIG\startupreg: RtHDVCpl => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s ==================== FirewallRules (Whitelisted) =============== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) FirewallRules: [{F7D95D39-05D5-4398-9A9A-EC89B1ED575E}] => (Allow) LPort=5353 FirewallRules: [{2362293A-120A-46F9-904C-21689CE1CAC3}] => (Allow) LPort=8182 FirewallRules: [{850B6CE0-CAF7-4283-94CB-E80E49100D9C}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe FirewallRules: [{43D44303-28E3-481F-BE31-D40E7D565D22}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe FirewallRules: [{99B08B30-368F-40AD-BA45-FEFB4A84E4A7}] => (Allow) C:\Program Files (x86)\uTorrent\uTorrent.exe FirewallRules: [{7CEB0958-232D-465A-9570-85036F982884}] => (Allow) C:\Program Files (x86)\uTorrent\uTorrent.exe FirewallRules: [{A938A4B6-C82A-4CB1-8171-CCC054149002}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe FirewallRules: [TCP Query User{E6F4DF29-C62A-481C-8B6E-11B543EB5829}C:\program files (x86)\ubisoft\gearbox software\brothers in arms - hell's highway\binaries\biahh.exe] => (Allow) C:\program files (x86)\ubisoft\gearbox software\brothers in arms - hell's highway\binaries\biahh.exe FirewallRules: [UDP Query User{038338DA-6602-40D3-A3A5-7D9FE9494E72}C:\program files (x86)\ubisoft\gearbox software\brothers in arms - hell's highway\binaries\biahh.exe] => (Allow) C:\program files (x86)\ubisoft\gearbox software\brothers in arms - hell's highway\binaries\biahh.exe FirewallRules: [TCP Query User{5B6EB0B0-0868-449E-A8B9-A662247FA370}D:\games\crysis2\bin32\crysis2.exe] => (Allow) D:\games\crysis2\bin32\crysis2.exe FirewallRules: [UDP Query User{4094361E-1929-458A-BCC1-6E721A5EBF72}D:\games\crysis2\bin32\crysis2.exe] => (Allow) D:\games\crysis2\bin32\crysis2.exe FirewallRules: [{FA47BDA0-DFB8-44EF-B619-A97233007363}] => (Allow) D:\games\Bad Company2\BFBC2Updater.exe FirewallRules: [{E75AB461-2493-4F03-B7A0-9E334D3396B6}] => (Allow) D:\games\Bad Company2\BFBC2Updater.exe FirewallRules: [TCP Query User{01BC02AC-5E2A-4237-BBF2-52A8000D1F71}C:\program files (x86)\winamp\winamp.exe] => (Allow) C:\program files (x86)\winamp\winamp.exe FirewallRules: [UDP Query User{6D690C09-8FFA-4992-8217-C1641CC21FA3}C:\program files (x86)\winamp\winamp.exe] => (Allow) C:\program files (x86)\winamp\winamp.exe FirewallRules: [TCP Query User{DC550BBB-B6BC-4DB7-B48B-BD906C9E3231}C:\program files (x86)\ubisoft\gearbox software\brothers in arms - hell's highway\binaries\biahh.exe] => (Allow) C:\program files (x86)\ubisoft\gearbox software\brothers in arms - hell's highway\binaries\biahh.exe FirewallRules: [UDP Query User{9EA92FB3-4029-4963-853B-3F72B245F29D}C:\program files (x86)\ubisoft\gearbox software\brothers in arms - hell's highway\binaries\biahh.exe] => (Allow) C:\program files (x86)\ubisoft\gearbox software\brothers in arms - hell's highway\binaries\biahh.exe FirewallRules: [{F5AE5FCE-A083-4268-B517-1944561644A0}] => (Allow) C:\Users\Jurek\AppData\Roaming\Dropbox\bin\Dropbox.exe FirewallRules: [{63CB560C-F0A2-424D-B3FF-F5869B511D43}] => (Allow) C:\Users\Jurek\AppData\Roaming\Dropbox\bin\Dropbox.exe FirewallRules: [{7FF1B164-32CB-4E0F-9A61-58FB1FEB1B90}] => (Allow) C:\Program Files (x86)\Opera\opera.exe FirewallRules: [{16834995-091B-4A32-BA25-BC83F5BBEB98}] => (Allow) C:\Program Files (x86)\Opera\opera.exe FirewallRules: [{B9200B3E-88E6-4E74-9D71-0C8A8EB65446}] => (Allow) C:\Program Files (x86)\nokia\nokia ovi suite\nokiaovisuite.exe FirewallRules: [{A72234AB-D3E0-4D78-AEF7-390AB062E0C6}] => (Allow) C:\Program Files (x86)\Common Files\nokia\service layer\a\nsl_host_process.exe FirewallRules: [TCP Query User{606DD091-9795-45FD-9162-6B945850840C}C:\program files (x86)\the witcher 2\bin\witcher2.exe] => (Allow) C:\program files (x86)\the witcher 2\bin\witcher2.exe FirewallRules: [UDP Query User{EC101112-AA21-4B00-99DA-1F6E8258F095}C:\program files (x86)\the witcher 2\bin\witcher2.exe] => (Allow) C:\program files (x86)\the witcher 2\bin\witcher2.exe FirewallRules: [TCP Query User{CFCE4C92-F19B-4E4F-B4CB-58BC55B547B6}C:\users\jurek\appdata\roaming\dropbox\bin\dropbox.exe] => (Block) C:\users\jurek\appdata\roaming\dropbox\bin\dropbox.exe FirewallRules: [UDP Query User{D5E21A3E-D96D-48D4-BCDF-B906CB428484}C:\users\jurek\appdata\roaming\dropbox\bin\dropbox.exe] => (Block) C:\users\jurek\appdata\roaming\dropbox\bin\dropbox.exe FirewallRules: [TCP Query User{2D39FE85-D7FB-4529-AC4C-EF8F6016264D}C:\program files (x86)\syncables\syncables desktop\jre\bin\javaw.exe] => (Block) C:\program files (x86)\syncables\syncables desktop\jre\bin\javaw.exe FirewallRules: [UDP Query User{E9E1420C-0199-4B3A-B053-83122500F76A}C:\program files (x86)\syncables\syncables desktop\jre\bin\javaw.exe] => (Block) C:\program files (x86)\syncables\syncables desktop\jre\bin\javaw.exe FirewallRules: [TCP Query User{A2931A75-52A0-49D5-AE97-538DA05E41BC}C:\program files (x86)\the witcher 2\bin\witcher2.exe] => (Allow) C:\program files (x86)\the witcher 2\bin\witcher2.exe FirewallRules: [UDP Query User{D7647BD1-6159-4F20-8409-13787B41D149}C:\program files (x86)\the witcher 2\bin\witcher2.exe] => (Allow) C:\program files (x86)\the witcher 2\bin\witcher2.exe FirewallRules: [TCP Query User{79E0627A-AAFF-4865-9E7D-BD454CFC2A0F}D:\games\crysis2\bin32\crysis2.exe] => (Block) D:\games\crysis2\bin32\crysis2.exe FirewallRules: [UDP Query User{6F5B6262-96F8-450C-99EC-242B0F1BC45C}D:\games\crysis2\bin32\crysis2.exe] => (Block) D:\games\crysis2\bin32\crysis2.exe FirewallRules: [TCP Query User{4CC23C4D-E1DB-4381-BEF3-13BD2D5C30CD}C:\program files (x86)\opera\opera.exe] => (Allow) C:\program files (x86)\opera\opera.exe FirewallRules: [UDP Query User{4B2E9DA5-4330-4FE7-84B2-5FC31373F55A}C:\program files (x86)\opera\opera.exe] => (Allow) C:\program files (x86)\opera\opera.exe FirewallRules: [{209AC4F4-B859-47F6-8EFC-783CE60EB596}] => (Allow) C:\Program Files (x86)\nokia\nokia suite\nokiasuite.exe FirewallRules: [{D132CCF8-0D09-4720-BC92-717FA301D324}] => (Allow) C:\Program Files (x86)\Common Files\nokia\service layer\a\nsl_host_process.exe FirewallRules: [TCP Query User{CF5AC257-33AB-4988-9E09-07B3AC3F468B}C:\program files (x86)\electronic arts\shift 2 unleashed\shift2u.exe] => (Block) C:\program files (x86)\electronic arts\shift 2 unleashed\shift2u.exe FirewallRules: [UDP Query User{BF4093F1-E081-41E5-A0E4-52EE2C092554}C:\program files (x86)\electronic arts\shift 2 unleashed\shift2u.exe] => (Block) C:\program files (x86)\electronic arts\shift 2 unleashed\shift2u.exe FirewallRules: [{CC45DB27-0719-49EF-B76C-579857906C47}] => (Allow) C:\Program Files (x86)\nokia\nokia suite\nokiasuite.exe FirewallRules: [{E2D392C6-C199-484F-AC9F-E4F786A4734C}] => (Allow) C:\Program Files (x86)\Common Files\nokia\service layer\a\nsl_host_process.exe FirewallRules: [{6798B4FB-3A0E-48F0-8F64-4AA8A7F47AAE}] => (Allow) C:\Users\Jurek\AppData\Local\Google\Google Talk Plugin\googletalkplugin.exe FirewallRules: [{111DFC36-DAAE-423D-AAC7-DA5C8E7912CD}] => (Allow) C:\Users\Jurek\AppData\Local\Google\Google Talk Plugin\googletalkplugin.exe FirewallRules: [{3D8A86E2-18BB-4ED1-9B9A-6C33DBA1A7C1}] => (Allow) C:\Program Files (x86)\nokia\nokia suite\nokiasuite.exe FirewallRules: [{2A0F61BC-337D-418A-8FB6-59947A5B7F67}] => (Allow) C:\Program Files (x86)\Common Files\nokia\service layer\a\nsl_host_process.exe FirewallRules: [{F9409EB8-849D-4626-B244-F33B2E7517EA}] => (Allow) C:\Program Files (x86)\Opera\pluginwrapper\opera_plugin_wrapper.exe FirewallRules: [{507B37DC-730C-4674-9411-4E1A11582ED6}] => (Allow) C:\Program Files (x86)\Opera\pluginwrapper\opera_plugin_wrapper.exe FirewallRules: [TCP Query User{1F3C4A02-C286-46AB-B338-60669A2AEF41}D:\games\world_of_tanks\wotlauncher.exe] => (Allow) D:\games\world_of_tanks\wotlauncher.exe FirewallRules: [UDP Query User{C5BF72BB-50E1-47BF-BF59-F7F881752E37}D:\games\world_of_tanks\wotlauncher.exe] => (Allow) D:\games\world_of_tanks\wotlauncher.exe FirewallRules: [TCP Query User{AC9E1CAB-EDA7-4C58-BB61-4C47992D3F37}C:\program files (x86)\rockstar games\grand theft auto\wino\grand theft auto.exe] => (Block) C:\program files (x86)\rockstar games\grand theft auto\wino\grand theft auto.exe FirewallRules: [UDP Query User{9AAB66D6-689D-4B9C-84CC-B0B1AA90FEEB}C:\program files (x86)\rockstar games\grand theft auto\wino\grand theft auto.exe] => (Block) C:\program files (x86)\rockstar games\grand theft auto\wino\grand theft auto.exe FirewallRules: [TCP Query User{74373978-7D26-4D36-87D3-DD635FFE1127}C:\windows\syswow64\dplaysvr.exe] => (Block) C:\windows\syswow64\dplaysvr.exe FirewallRules: [UDP Query User{77F87739-58DB-4B98-8567-FA9D644BAA66}C:\windows\syswow64\dplaysvr.exe] => (Block) C:\windows\syswow64\dplaysvr.exe FirewallRules: [{704CC82D-C68E-4064-8B58-F6171A11DA98}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe FirewallRules: [{3D79DB90-749B-492B-A6F3-E17F39CACF45}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe FirewallRules: [TCP Query User{7EB76346-6565-4E75-ADF0-CC5A82A2952D}C:\program files (x86)\electronic arts\shift 2 unleashed\shift2u.exe] => (Block) C:\program files (x86)\electronic arts\shift 2 unleashed\shift2u.exe FirewallRules: [UDP Query User{49C5A22C-1E6F-4996-9B21-25E68D93952C}C:\program files (x86)\electronic arts\shift 2 unleashed\shift2u.exe] => (Block) C:\program files (x86)\electronic arts\shift 2 unleashed\shift2u.exe FirewallRules: [TCP Query User{1832416F-450E-4C7D-B9D8-6FE0D0042269}C:\program files (x86)\videolan\vlc\vlc.exe] => (Allow) C:\program files (x86)\videolan\vlc\vlc.exe FirewallRules: [UDP Query User{F2593646-679A-4E8E-9B6E-523E9E20D31C}C:\program files (x86)\videolan\vlc\vlc.exe] => (Allow) C:\program files (x86)\videolan\vlc\vlc.exe FirewallRules: [TCP Query User{8948CA4C-2C23-4E23-8FDF-4B50D183B995}C:\users\jurek\appdata\local\asus webcam software\webcam.exe] => (Allow) C:\users\jurek\appdata\local\asus webcam software\webcam.exe FirewallRules: [UDP Query User{C6090CEB-B132-4BA9-8951-69922E09FA7B}C:\users\jurek\appdata\local\asus webcam software\webcam.exe] => (Allow) C:\users\jurek\appdata\local\asus webcam software\webcam.exe FirewallRules: [{E6DD4DE8-0765-4292-8459-1B117647F6AC}] => (Allow) C:\Users\Jurek\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe FirewallRules: [{8F528A3A-0B9D-4FE4-ABB1-9543D2296E2A}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe FirewallRules: [{A3EE5659-F552-48B3-B8CC-4E75A0B62DCD}] => (Allow) LPort=2869 FirewallRules: [{6A7DF317-9AFC-45BC-A8A3-46D48D425932}] => (Allow) LPort=1900 FirewallRules: [{AEA62904-20CE-4723-93D8-FA11EA1FE029}] => (Allow) C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe FirewallRules: [{A05B9D2C-7A87-468D-96C6-7F36147A9FF3}] => (Allow) C:\Program Files (x86)\Lightworks\ntcardvt.exe FirewallRules: [{5868015C-2F54-45FF-90AF-E8FAF4F6D69D}] => (Allow) C:\Program Files (x86)\Lightworks\ntcardvt.exe FirewallRules: [{FBF06E3E-DC54-454D-89F2-E709B591959D}] => (Allow) C:\Program Files\Lightworks\Lightworks.exe FirewallRules: [{35658D69-65BA-4D5A-BFA7-73F207AFF831}] => (Allow) C:\Program Files\Lightworks\Lightworks.exe FirewallRules: [{F35BCAE1-C242-4ED6-9A77-A2C229B2C61E}] => (Allow) C:\Program Files\Lightworks\ntcardvt.exe FirewallRules: [{D5E796BB-DA88-4311-ACBC-DD7B98A547BA}] => (Allow) C:\Program Files\Lightworks\ntcardvt.exe FirewallRules: [{67046C9F-4B3D-4B5E-ABE1-695E80F48B34}] => (Allow) C:\Program Files (x86)\nokia\nokia suite\nokiasuite.exe FirewallRules: [{F87BEFAE-4A72-401A-9B72-86093531B6D5}] => (Allow) C:\Program Files (x86)\Common Files\nokia\service layer\a\nsl_host_process.exe FirewallRules: [{D8AB46E5-379B-4901-A12F-99529A0030F6}] => (Allow) C:\Users\Jurek\AppData\Roaming\uTorrent\uTorrent.exe FirewallRules: [{97335AF2-E861-407A-B24C-AECD187A8A14}] => (Allow) C:\Users\Jurek\AppData\Roaming\uTorrent\uTorrent.exe FirewallRules: [{AAEF95FA-C278-45B3-9B56-62957BC74936}] => (Allow) C:\Users\Jurek\AppData\Local\Facebook\Video\Skype\FacebookVideoCalling.exe FirewallRules: [TCP Query User{6FED1CAF-E1B6-416E-A375-D18B55C021DA}C:\totalcmd\totalcmd.exe] => (Allow) C:\totalcmd\totalcmd.exe FirewallRules: [UDP Query User{BBE7B882-85AA-4362-A6A0-01AF98E91881}C:\totalcmd\totalcmd.exe] => (Allow) C:\totalcmd\totalcmd.exe FirewallRules: [TCP Query User{967316F2-6316-40F9-A72F-85DFEC1AFF49}C:\program files (x86)\winamp\winamp.exe] => (Block) C:\program files (x86)\winamp\winamp.exe FirewallRules: [UDP Query User{5A0E2111-D9F5-44A4-A48A-661DEF01DB61}C:\program files (x86)\winamp\winamp.exe] => (Block) C:\program files (x86)\winamp\winamp.exe FirewallRules: [{2B15390D-7BB7-44FF-8F3A-316ABA51634E}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe FirewallRules: [{BB189923-8B07-40AD-B9DA-1675595AB281}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe FirewallRules: [TCP Query User{C1DF9575-454E-4989-B8D2-7A403AE71166}C:\users\jurek\desktop\wr741n\easysetupassistant.exe] => (Allow) C:\users\jurek\desktop\wr741n\easysetupassistant.exe FirewallRules: [UDP Query User{A7CDAC3E-7734-4F2F-A024-82F28DB31CC8}C:\users\jurek\desktop\wr741n\easysetupassistant.exe] => (Allow) C:\users\jurek\desktop\wr741n\easysetupassistant.exe FirewallRules: [TCP Query User{3F3B34CC-600E-4B29-ADDE-4A69CBFE7290}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe FirewallRules: [UDP Query User{7B6F8B9C-5442-4E13-AD10-495C79EF5562}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe FirewallRules: [{906BD843-0C99-4261-B67F-8157695E6881}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe ==================== Faulty Device Manager Devices ============= Name: Bluetooth Module Description: Bluetooth Module Class Guid: {e0cbf06c-cd8b-4647-bb8a-263b43f0f974} Manufacturer: Atheros Communications Service: BTHUSB Problem: : This device is disabled. (Code 22) Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions. ==================== Event log errors: ========================= Application errors: ================== Error: (06/24/2015 10:03:15 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Faulting application name: 8lo6sneg.exe, version: 2.1.19357.0, time stamp: 0x52e7ea83 Faulting module name: 8lo6sneg.exe, version: 2.1.19357.0, time stamp: 0x52e7ea83 Exception code: 0xc0000005 Fault offset: 0x000011aa Faulting process id: 0xebc Faulting application start time: 0x8lo6sneg.exe0 Faulting application path: 8lo6sneg.exe1 Faulting module path: 8lo6sneg.exe2 Report Id: 8lo6sneg.exe3 Error: (06/24/2015 09:56:54 PM) (Source: ESENT) (EventID: 215) (User: ) Description: WinMail (1628) WindowsMail0: The backup has been stopped because it was halted by the client or the connection with the client failed. Error: (06/24/2015 08:44:17 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Faulting application name: 8lo6sneg.exe, version: 2.1.19357.0, time stamp: 0x52e7ea83 Faulting module name: 8lo6sneg.exe, version: 2.1.19357.0, time stamp: 0x52e7ea83 Exception code: 0xc0000005 Fault offset: 0x000011aa Faulting process id: 0xdac Faulting application start time: 0x8lo6sneg.exe0 Faulting application path: 8lo6sneg.exe1 Faulting module path: 8lo6sneg.exe2 Report Id: 8lo6sneg.exe3 Error: (06/24/2015 08:40:50 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Faulting application name: 8lo6sneg.exe, version: 2.1.19357.0, time stamp: 0x52e7ea83 Faulting module name: 8lo6sneg.exe, version: 2.1.19357.0, time stamp: 0x52e7ea83 Exception code: 0xc0000005 Fault offset: 0x000011aa Faulting process id: 0x1250 Faulting application start time: 0x8lo6sneg.exe0 Faulting application path: 8lo6sneg.exe1 Faulting module path: 8lo6sneg.exe2 Report Id: 8lo6sneg.exe3 Error: (06/24/2015 08:34:53 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Faulting application name: 8lo6sneg.exe, version: 2.1.19357.0, time stamp: 0x52e7ea83 Faulting module name: 8lo6sneg.exe, version: 2.1.19357.0, time stamp: 0x52e7ea83 Exception code: 0xc0000005 Fault offset: 0x000011aa Faulting process id: 0xb0c Faulting application start time: 0x8lo6sneg.exe0 Faulting application path: 8lo6sneg.exe1 Faulting module path: 8lo6sneg.exe2 Report Id: 8lo6sneg.exe3 Error: (06/24/2015 08:27:47 PM) (Source: System Restore) (EventID: 8193) (User: ) Description: Failed to create restore point (Process = C:\Users\Jurek\Downloads\SPTDinst-v187-x64.exe ; Description = SPTD setup V1.87; Error = 0x80070422). Error: (06/24/2015 08:24:27 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Faulting application name: 8lo6sneg.exe, version: 2.1.19357.0, time stamp: 0x52e7ea83 Faulting module name: 8lo6sneg.exe, version: 2.1.19357.0, time stamp: 0x52e7ea83 Exception code: 0xc0000005 Fault offset: 0x000011aa Faulting process id: 0x1a60 Faulting application start time: 0x8lo6sneg.exe0 Faulting application path: 8lo6sneg.exe1 Faulting module path: 8lo6sneg.exe2 Report Id: 8lo6sneg.exe3 Error: (06/24/2015 08:23:56 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Faulting application name: 8lo6sneg.exe, version: 2.1.19357.0, time stamp: 0x52e7ea83 Faulting module name: 8lo6sneg.exe, version: 2.1.19357.0, time stamp: 0x52e7ea83 Exception code: 0xc0000005 Fault offset: 0x000011aa Faulting process id: 0x1934 Faulting application start time: 0x8lo6sneg.exe0 Faulting application path: 8lo6sneg.exe1 Faulting module path: 8lo6sneg.exe2 Report Id: 8lo6sneg.exe3 Error: (06/24/2015 05:44:48 PM) (Source: System Restore) (EventID: 8193) (User: ) Description: Failed to create restore point (Process = C:\Windows\system32\msiexec.exe /V; Description = Usunięto AVG 2015; Error = 0x80070422). Error: (06/24/2015 05:44:48 PM) (Source: System Restore) (EventID: 8193) (User: ) Description: Failed to create restore point (Process = C:\Windows\system32\msiexec.exe /V; Description = Removed AVG 2015; Error = 0x80070422). System errors: ============= Error: (06/25/2015 04:19:22 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: The NVIDIA Update Service Daemon service failed to start due to the following error: %%1069 Error: (06/25/2015 04:19:22 PM) (Source: Service Control Manager) (EventID: 7038) (User: ) Description: The nvUpdatusService service was unable to log on as .\UpdatusUser with the currently configured password due to the following error: %%1330 To ensure that the service is configured properly, use the Services snap-in in Microsoft Management Console (MMC). Error: (06/25/2015 04:19:21 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: The Google Update Service (gupdate) service failed to start due to the following error: %%1053 Error: (06/25/2015 04:19:21 PM) (Source: Service Control Manager) (EventID: 7009) (User: ) Description: A timeout was reached (30000 milliseconds) while waiting for the Google Update Service (gupdate) service to connect. Error: (06/25/2015 04:08:02 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: The NVIDIA Update Service Daemon service failed to start due to the following error: %%1069 Error: (06/25/2015 04:08:02 PM) (Source: Service Control Manager) (EventID: 7038) (User: ) Description: The nvUpdatusService service was unable to log on as .\UpdatusUser with the currently configured password due to the following error: %%1330 To ensure that the service is configured properly, use the Services snap-in in Microsoft Management Console (MMC). Error: (06/25/2015 04:07:58 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: The Google Update Service (gupdate) service failed to start due to the following error: %%1053 Error: (06/25/2015 04:07:58 PM) (Source: Service Control Manager) (EventID: 7009) (User: ) Description: A timeout was reached (30000 milliseconds) while waiting for the Google Update Service (gupdate) service to connect. Error: (06/25/2015 04:05:51 PM) (Source: BugCheck) (EventID: 1001) (User: ) Description: 0x000000f4 (0x0000000000000003, 0xfffffa80084e9b10, 0xfffffa80084e9df0, 0xfffff800039d1e20)C:\Windows\MEMORY.DMP062515-37518-01 Error: (06/25/2015 04:05:19 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: The Volume Shadow Copy Service service failed to start due to the following error: %%2 Microsoft Office: ========================= Error: (12/05/2013 09:23:36 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: ) Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6683.5002, Microsoft Office Version: 12.0.6612.1000. This session lasted 319603 seconds with 7680 seconds of active time. This session ended with a crash. Error: (03/06/2012 03:17:08 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: ) Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6545.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 54 seconds with 0 seconds of active time. This session ended with a crash. Error: (03/06/2012 03:16:02 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: ) Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6545.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 75 seconds with 60 seconds of active time. This session ended with a crash. Error: (03/06/2012 03:14:36 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: ) Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6545.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 97 seconds with 60 seconds of active time. This session ended with a crash. Error: (03/06/2012 03:10:11 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: ) Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6545.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 2841 seconds with 120 seconds of active time. This session ended with a crash. Error: (03/01/2012 11:32:40 AM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: ) Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6545.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 116 seconds with 60 seconds of active time. This session ended with a crash. Error: (09/26/2011 10:45:02 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: ) Description: ID: 1, Application Name: Microsoft Office Excel, Application Version: 12.0.6565.5003, Microsoft Office Version: 12.0.6425.1000. This session lasted 11775 seconds with 1140 seconds of active time. This session ended with a crash. CodeIntegrity Errors: =================================== Date: 2015-06-01 22:38:17.009 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\dsound.dll because the set of per-page image hashes could not be found on the system. Date: 2015-06-01 22:38:16.853 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\dsound.dll because the set of per-page image hashes could not be found on the system. Date: 2015-06-01 22:37:37.213 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\dsound.dll because the set of per-page image hashes could not be found on the system. Date: 2015-06-01 22:37:36.706 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\dsound.dll because the set of per-page image hashes could not be found on the system. Date: 2015-05-27 23:19:05.867 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\dsound.dll because the set of per-page image hashes could not be found on the system. Date: 2015-05-27 23:19:05.503 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\dsound.dll because the set of per-page image hashes could not be found on the system. Date: 2015-05-27 23:18:34.370 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\dsound.dll because the set of per-page image hashes could not be found on the system. Date: 2015-05-27 23:18:33.870 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\dsound.dll because the set of per-page image hashes could not be found on the system. Date: 2015-05-27 23:06:10.314 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\dsound.dll because the set of per-page image hashes could not be found on the system. Date: 2015-05-27 23:06:09.310 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\dsound.dll because the set of per-page image hashes could not be found on the system. ==================== Memory info =========================== Processor: Intel(R) Core(TM) i5-2410M CPU @ 2.30GHz Percentage of memory in use: 62% Total physical RAM: 4008.16 MB Available physical RAM: 1491.55 MB Total Pagefile: 12022.36 MB Available Pagefile: 9502.95 MB Total Virtual: 8192 MB Available Virtual: 8191.83 MB ==================== Drives ================================ Drive c: (OS) (Fixed) (Total:149.04 GB) (Free:22.91 GB) NTFS ==>[System with boot components (obtained from reading drive)] Drive d: (Data) (Fixed) (Total:425.64 GB) (Free:11.4 GB) NTFS ==================== MBR & Partition Table ================== ======================================================== Disk: 0 (MBR Code: Windows 7 or 8) (Size: 596.2 GB) (Disk ID: E0C5913D) Partition 1: (Not Active) - (Size=21.5 GB) - (Type=1C) Partition 2: (Active) - (Size=149 GB) - (Type=07 NTFS) Partition 3: (Not Active) - (Size=425.6 GB) - (Type=OF Extended) ==================== End of log ============================