Additional scan result of Farbar Recovery Scan Tool (x64) Version:13-07-2015 Ran by Jasiu at 2015-07-16 17:54:15 Running from C:\Users\Jasiu\Desktop\frst Boot Mode: Normal ========================================================== ==================== Accounts: ============================= Administrator (S-1-5-21-3625697315-574066735-3411081838-500 - Administrator - Disabled) Gość (S-1-5-21-3625697315-574066735-3411081838-501 - Limited - Disabled) HomeGroupUser$ (S-1-5-21-3625697315-574066735-3411081838-1004 - Limited - Enabled) Jasiu (S-1-5-21-3625697315-574066735-3411081838-1001 - Administrator - Enabled) => C:\Users\Jasiu ==================== Security Center ======================== (If an entry is included in the fixlist, it will be removed.) AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} ==================== Installed Programs ====================== (Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.) µTorrent (HKU\S-1-5-21-3625697315-574066735-3411081838-1001\...\uTorrent) (Version: 3.4.3.40298 - BitTorrent Inc.) 2007 Microsoft Office Suite Service Pack 1 (SP1) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{BEE75E01-DD3F-4D5F-B96C-609E6538D419}) (Version: - Microsoft) 2007 Microsoft Office Suite Service Pack 1 (SP1) (x32 Version: - Microsoft) Hidden 7-Zip 4.64 (HKLM-x32\...\7-Zip) (Version: - ) Adobe Photoshop CS6 (HKLM-x32\...\{74EB3499-8B95-4B5C-96EB-7B342F3FD0C6}) (Version: 13.0 - Adobe Systems Incorporated) Advanced Archive Password Recovery (HKLM-x32\...\{01011662-76A8-41E8-B1A8-4F8821570AC5}) (Version: 4.54.48.1338 - Elcomsoft Co. Ltd.) Alcor Micro USB Card Reader (HKLM-x32\...\AmUStor) (Version: 3.6.142.61624 - Alcor Micro Corp.) Alcor Micro USB Card Reader (x32 Version: 3.6.142.61624 - Alcor Micro Corp.) Hidden Anki (HKLM-x32\...\Anki) (Version: - ) APO 7.6 (HKLM-x32\...\Armia Podkarpacki OTS 7.6_is1) (Version: - ) Apple Application Support (HKLM-x32\...\{A83279FD-CA4B-4206-9535-90974DE76654}) (Version: 2.1.5 - Apple Inc.) Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.) ASUS Instant Connect (HKLM-x32\...\{89ECB85A-D933-4CEA-9116-5CBC9C2ED95B}) (Version: 1.2.8 - ASUS) ASUS InstantOn (HKLM-x32\...\{749F674B-2674-47E8-879C-5626A06B2A91}) (Version: 3.0.2 - ASUS) ASUS LifeFrame3 (HKLM-x32\...\{1DBD1F12-ED93-49C0-A7CC-56CBDE488158}) (Version: 3.1.4 - ASUS) ASUS Live Update (HKLM-x32\...\{FA540E67-095C-4A1B-97BA-4D547DEC9AF4}) (Version: 3.1.8 - ASUS) ASUS Power4Gear Hybrid (HKLM\...\{9B6239BF-4E85-4590-8D72-51E30DB1A9AA}) (Version: 2.0.3 - ASUS) ASUS Smart Gesture (HKLM-x32\...\{4D3286A6-F6AB-498A-82A4-E4F040529F3D}) (Version: 1.0.29 - ASUS) ASUS Splendid Video Enhancement Technology (HKLM-x32\...\{0969AF05-4FF6-4C00-9406-43599238DE0D}) (Version: 1.03.0002 - ASUS) ASUS Tutor (HKLM-x32\...\{58172D66-2F69-4215-9AEC-ED8196023736}) (Version: 1.0.6 - ASUS) ASUS USB Charger Plus (HKLM-x32\...\{A859E3E5-C62F-4BFA-AF1D-2B95E03166AF}) (Version: 2.1.4 - ASUS) ASUSDVD (HKLM-x32\...\InstallShield_{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}) (Version: 10.0.4126.52 - CyberLink Corp.) ASUSDVD (x32 Version: 10.0.4126.52 - CyberLink Corp.) Hidden AsusVibe2.0 (HKLM-x32\...\Asus Vibe2.0) (Version: 2.0.10.168 - ASUSTEK) Atheros Communications Inc.(R) AR81Family Gigabit/Fast Ethernet Driver (HKLM-x32\...\{3108C217-BE83-42E4-AE9E-A56A2A92E549}) (Version: 2.1.0.7 - Atheros Communications Inc.) ATK Package (HKLM-x32\...\{AB5C933E-5C7D-4D30-B314-9C83A49B94BE}) (Version: 1.0.0022 - ASUS) Autodesk Application Manager (HKLM-x32\...\Autodesk Application Manager) (Version: 4.0.66.0 - Autodesk) Autodesk AutoCAD Performance Feedback Tool Version 1.2.2 (HKLM-x32\...\{85735431-6CD3-4B16-BEC8-95332034E53B}) (Version: 1.2.2.0 - Autodesk) Autodesk BIM 360 Glue AutoCAD 2015 Add-in 64 bit (HKLM\...\{9D589081-AFC2-4932-9071-AC585AC1EA83}) (Version: 3.32.3004 - Autodesk) Autodesk Content Service (HKLM-x32\...\Autodesk Content Service) (Version: 3.2.0.0 - Autodesk) Autodesk Content Service (x32 Version: 3.2.0.0 - Autodesk) Hidden Autodesk Content Service Language Pack (x32 Version: 3.2.0.0 - Autodesk) Hidden Autodesk Material Library 2015 (HKLM-x32\...\{427F733F-4D6C-45BC-9324-EB743104C321}) (Version: 5.2.9.100 - Autodesk) Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment) BearPaw 2448TA Plus (HKLM-x32\...\InstallShield_{6885C4F6-4257-4314-91A8-E3F74761B3C9}) (Version: 1.00.0000 - Nazwa firmy) BearPaw 2448TA Plus (x32 Version: 1.00.0000 - Nazwa firmy) Hidden Borland C++Builder 6 (HKLM-x32\...\{2864C41B-EF2D-4640-95A2-526276524519}) (Version: 6.0 - Borland Software Corporation) BrainWave Generator (HKLM-x32\...\BrainWave Generator) (Version: - ) Bułgarski - Jelon (HKLM\...\{E26045B8-1F83-4939-AB07-B2735A6DEC67}) (Version: 1.0.3.40 - Company) Byki (x32 Version: 4.0 - Transparent Language, Inc.) Hidden Byki Express (HKLM-x32\...\Byki Express) (Version: 4.1 - Transparent Language, Inc.) CCleaner (HKLM\...\CCleaner) (Version: 4.06 - Piriform) Cheat Engine 6.4 (HKLM-x32\...\Cheat Engine 6.4_is1) (Version: - Cheat Engine) ChomikBox (HKLM-x32\...\{C7B52FAF-58D8-438C-B810-F78C3C927504}) (Version: 2.0.8.0 - Chomikuj.pl) CodeBlocks (HKU\S-1-5-21-3625697315-574066735-3411081838-1001\...\CodeBlocks) (Version: 13.12 - The Code::Blocks Team) Counter-Strike (HKLM-x32\...\Steam App 10) (Version: - Valve) Curse (HKLM-x32\...\{DEE70742-F4E9-44CA-B2B9-EE95DCF37295}) (Version: 6.0.0.0 - Curse) Dev-C++ (HKLM-x32\...\Dev-C++) (Version: 5.5.2 - ) Diablo III (HKLM-x32\...\Diablo III) (Version: - Blizzard Entertainment) DirectVobSub 2.41.7259 (5d3641a) Beta (64-bit) (HKLM\...\vsfilter64_is1) (Version: 2.41.7259 - MPC-HC Team) Dropbox (HKU\S-1-5-21-3625697315-574066735-3411081838-1001\...\Dropbox) (Version: 3.0.3 - Dropbox, Inc.) EMET (HKLM-x32\...\{DE7A5DDF-47B3-42FF-A082-E158DEA37392}) (Version: 3.0.0 - Microsoft) Facebook Video Calling 3.1.0.521 (HKLM-x32\...\{2091F234-EB58-4B80-8C96-8EB78C808CF7}) (Version: 3.1.521 - Skype Limited) FM Genie Scout 14 version 1.2 14.3.1 (HKLM-x32\...\FM Genie Scout 14_is1) (Version: 1.2 14.3.1 - ) FM Genie Scout 15 version 1.0 15.2.1 beta 9 (HKLM-x32\...\FM Genie Scout 15_is1) (Version: 1.0 15.2.1 beta 9 - ) Football Manager 2014 (HKLM-x32\...\Steam App 231670) (Version: - Sports Interactive) Football Manager 2014 Editor (HKLM-x32\...\Steam App 242460) (Version: - ) Football Manager 2014 Resource Archiver (HKLM-x32\...\Steam App 242480) (Version: - ) Football Manager 2015 (HKLM-x32\...\Steam App 295270) (Version: - Sports Interactive) Football Manager 2015 Editor (HKLM-x32\...\Steam App 295350) (Version: - ) Freemake Video Converter wersja 4.1.6 (HKLM-x32\...\Freemake Video Converter_is1) (Version: 4.1.6 - Ellora Assets Corporation) GIMP 2.8.10 (HKLM\...\GIMP-2_is1) (Version: 2.8.10 - The GIMP Team) GitHub (HKU\S-1-5-21-3625697315-574066735-3411081838-1001\...\5f7eb300e2ea4ebf) (Version: 2.8.1.1 - GitHub, Inc.) gnuplot 5.0 patchlevel 0 (HKLM\...\{AB419AC3-9BC1-4EC5-A75B-4D8870DD651F}_is1) (Version: 5.0 patchlevel 0 - gnuplot development team) Google Chrome (HKLM-x32\...\Google Chrome) (Version: 43.0.2357.134 - Google Inc.) Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden Google Update Helper (x32 Version: 1.3.28.1 - Google Inc.) Hidden Haskell Platform 2014.2.0.0 (HKLM\...\HaskellPlatform-2014.2.0.0) (Version: - Haskell.org) Hearthstone (HKLM-x32\...\Hearthstone) (Version: - Blizzard Entertainment) Heroes of Might and Magic III - Złota Edycja (HKLM-x32\...\{8B743AA0-53B2-11D2-808A-00600895FB43}) (Version: 1.0 - ) HP FWUpdateEDO2 (HKLM-x32\...\{415FA9AD-DA10-4ABE-97B6-5051D4795C90}) (Version: 1.2.0.0 - Hewlett-Packard) HP Photo Creations (HKLM-x32\...\HP Photo Creations) (Version: 1.0.0.7702 - HP) HP Photosmart 5520 series — badanie mające na celu poprawę produktów (HKLM\...\{5CA07B8A-D722-49FF-939C-134CECB2CE74}) (Version: 28.0.1315.0 - Hewlett-Packard Co.) HP Photosmart 5520 series — podstawowe oprogramowanie urządzenia (HKLM\...\{FD670328-60BA-4743-A83E-F7D3780822AE}) (Version: 28.0.1315.0 - Hewlett-Packard Co.) HP Photosmart 5520 series Pomoc (HKLM-x32\...\{30523233-50DA-42B5-9020-8B5231007E9D}) (Version: 27.0.0 - Hewlett Packard) HP Update (HKLM-x32\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard) HPDiagnosticAlert (x32 Version: 1.00.0001 - Microsoft) Hidden Intel(R) Manageability Engine Firmware Recovery Agent (HKLM-x32\...\{A6C48A9F-694A-4234-B3AA-62590B668927}) (Version: 1.0.0.36354 - Intel Corporation) Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.1.0.1252 - Intel Corporation) Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 9.17.10.4229 - Intel Corporation) Intel(R) SDK for OpenCL - CPU Only Runtime Package (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 2.0.0.37149 - Intel Corporation) IObit Uninstaller (HKLM-x32\...\IObitUninstall) (Version: 4.2.6.3 - IObit) kED 2.1.4.0 (HKLM-x32\...\kED_is1) (Version: - ) K-Lite Codec Pack 10.0.5 Full (HKLM-x32\...\KLiteCodecPack_is1) (Version: 10.0.5 - ) League of Legends (HKLM-x32\...\League of Legends 3.0.1) (Version: 3.0.1 - Riot Games) League of Legends (x32 Version: 3.0.1 - Riot Games) Hidden Legimi (HKLM-x32\...\{B86BF7BA-2435-476B-8652-DAACA2A80265}) (Version: 1.0.0 - Legimi) MailShare (HKLM\...\{5846E720-C188-478F-B501-45EA1ACC44D1}_is1) (Version: 2.1.5 - MailShare.pl) MATLAB Production Server R2015a (HKLM\...\MATLAB Production Server R2015a) (Version: 2.1 - MathWorks) MATLAB R2011a (HKLM\...\MatlabR2011a) (Version: 7.12 - The MathWorks, Inc.) Microsoft .NET Framework 4 Multi-Targeting Pack (HKLM-x32\...\{CFEF48A8-BFB8-3EAC-8BA5-DE4F8AA267CE}) (Version: 4.0.30319 - Microsoft Corporation) Microsoft Help Viewer 1.0 (HKLM\...\Microsoft Help Viewer 1.0) (Version: 1.0.30319 - Microsoft Corporation) Microsoft Keyboard Layout Creator 1.4 (HKLM-x32\...\{99E66BC9-E4B6-485F-ABFC-31EFCE36DFDF}) (Version: 1.4.6000 - Microsoft Corp.) Microsoft Office (HKLM-x32\...\{95140000-0070-0000-0000-0000000FF1CE}) (Version: 14.0.6120.5004 - Microsoft Corporation) Microsoft Office Enterprise 2007 (HKLM-x32\...\ENTERPRISE) (Version: 12.0.6215.1000 - Microsoft Corporation) Microsoft SQL Server 2008 R2 Management Objects (HKLM-x32\...\{4E968D9C-21A7-4915-B698-F7AEB913541D}) (Version: 10.50.1447.4 - Microsoft Corporation) Microsoft SQL Server Compact 3.5 SP2 ENU (HKLM-x32\...\{3A9FC03D-C685-4831-94CF-4EDFD3749497}) (Version: 3.5.8080.0 - Microsoft Corporation) Microsoft SQL Server Compact 3.5 SP2 x64 ENU (HKLM\...\{D4AD39AD-091E-4D33-BB2B-59F6FCB8ADC3}) (Version: 3.5.8080.0 - Microsoft Corporation) Microsoft SQL Server System CLR Types (HKLM-x32\...\{2A2F3AE8-246A-4252-BB26-1BEB45627074}) (Version: 10.50.1447.4 - Microsoft Corporation) Microsoft Visual C# 2010 Express - ENU (HKLM-x32\...\Microsoft Visual C# 2010 Express - ENU) (Version: 10.0.30319 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4974 (HKLM-x32\...\{B7E38540-E355-3503-AFD7-635B2F2F76E1}) (Version: 9.0.30729.4974 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Runtime - 10.0.30319 (HKLM\...\{94D70749-4281-39AC-AD90-B56A0E0A402E}) (Version: 10.0.30319 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 Express - ENU (HKLM-x32\...\Microsoft Visual C++ 2010 Express - ENU) (Version: 10.0.30319 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ Compiler Package for Python 2.7 (HKLM-x32\...\{B1EB4846-97FC-4180-9F00-93DC82E13437}) (Version: 9.0.0.30729 - Microsoft Corporation) Microsoft Visual Studio 2010 ADO.NET Entity Framework Tools (HKLM-x32\...\{14DD7530-CCD2-3798-B37D-3839ED6A441C}) (Version: 10.0.30319 - Microsoft Corporation) Microsoft Visual Studio 2010 Express Prerequisites x64 - ENU (HKLM\...\{BCA26999-EC22-3007-BB79-638913079C9A}) (Version: 10.0.30319 - Microsoft Corporation) Mnemosyne 2.3.1 (HKLM-x32\...\Mnemosyne_is1) (Version: - ) Mozilla Firefox 39.0 (x86 pl) (HKLM-x32\...\Mozilla Firefox 39.0 (x86 pl)) (Version: 39.0 - Mozilla) Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 38.0.1 - Mozilla) Multimedia Logic 1.6.1 (HKLM-x32\...\Multimedia Logic) (Version: 1.6.1 - ) Nero 8 (HKLM-x32\...\{D6D5CB84-0E6E-4E69-B300-C690B6911045}) (Version: 8.3.38 - Nero AG) NetBeans IDE 8.0.2 (HKLM\...\nbi-nb-base-8.0.2.0.201411181905) (Version: 8.0.2 - NetBeans.org) NokiaFREE Unlock Codes Calculator (HKLM-x32\...\NokiaFREE Unlock Codes Calculator) (Version: - ) Notepad++ (HKLM-x32\...\Notepad++) (Version: 6.7.9.2 - Notepad++ Team) osu! (HKLM-x32\...\{0343f202-b71b-40c3-a5b2-01708efa7f36}) (Version: latest - ppy Pty Ltd) PDF Settings CS6 (x32 Version: 11.0 - Adobe Systems Incorporated) Hidden Picasa 3 (HKLM-x32\...\Picasa 3) (Version: 3.1 - Google, Inc.) Platform (x32 Version: 1.39 - VIA Technologies, Inc.) Hidden PyQt4 - PyQwt5 5.2.1-5 (HKLM-x32\...\PyQt4 - PyQwt5 5.2.1-5) (Version: 5.2.1-5 - pythonxy) PyQt4 - QtHelp 4.8.5-3 (HKLM-x32\...\PyQt4 - QtHelp 4.8.5-3) (Version: 4.8.5-3 - pythonxy) Python 2.7 - astropy 0.4.2-7 (HKLM-x32\...\Python 2.7 - astropy 0.4.2-7) (Version: 0.4.2-7 - pythonxy) Python 2.7 - babel 1.3-3 (HKLM-x32\...\Python 2.7 - babel 1.3-3) (Version: 1.3-3 - pythonxy) Python 2.7 - base_libraries 1.6.2-14 (HKLM-x32\...\Python 2.7 - base_libraries 1.6.2-14) (Version: 1.6.2-14 - pythonxy) Python 2.7 - base_python 1.10.0-32 (HKLM-x32\...\Python 2.7 - base_python 1.10.0-32) (Version: 1.10.0-32 - pythonxy) Python 2.7 - BeautifulSoup4 4.3.2-2 (HKLM-x32\...\Python 2.7 - BeautifulSoup4 4.3.2-2) (Version: 4.3.2-2 - pythonxy) Python 2.7 - blosc 1.2.4-5 (HKLM-x32\...\Python 2.7 - blosc 1.2.4-5) (Version: 1.2.4-5 - pythonxy) Python 2.7 - bottleneck 0.8.0-3 (HKLM-x32\...\Python 2.7 - bottleneck 0.8.0-3) (Version: 0.8.0-3 - pythonxy) Python 2.7 - cffi 0.8.6-7 (HKLM-x32\...\Python 2.7 - cffi 0.8.6-7) (Version: 0.8.6-7 - pythonxy) Python 2.7 - cx_Freeze 4.3.3-3 (HKLM-x32\...\Python 2.7 - cx_Freeze 4.3.3-3) (Version: 4.3.3-3 - pythonxy) Python 2.7 - docutils 0.12-4 (HKLM-x32\...\Python 2.7 - docutils 0.12-4) (Version: 0.12-4 - pythonxy) Python 2.7 - formlayout 1.0.15-3 (HKLM-x32\...\Python 2.7 - formlayout 1.0.15-3) (Version: 1.0.15-3 - pythonxy) Python 2.7 - freeimage 3.6.0-6 (HKLM-x32\...\Python 2.7 - freeimage 3.6.0-6) (Version: 3.6.0-6 - pythonxy) Python 2.7 - gevent 1.0.1-7 (HKLM-x32\...\Python 2.7 - gevent 1.0.1-7) (Version: 1.0.1-7 - pythonxy) Python 2.7 - Gnuplot 1.8.0.3 (HKLM-x32\...\Python 2.7 - Gnuplot 1.8.0.3) (Version: 1.8.0.3 - pythonxy) Python 2.7 - grin 1.2.1-1 (HKLM-x32\...\Python 2.7 - grin 1.2.1-1) (Version: 1.2.1-1 - pythonxy) Python 2.7 - guidata 1.6.1-3 (HKLM-x32\...\Python 2.7 - guidata 1.6.1-3) (Version: 1.6.1-3 - pythonxy) Python 2.7 - guiqwt 2.3.2-6 (HKLM-x32\...\Python 2.7 - guiqwt 2.3.2-6) (Version: 2.3.2-6 - pythonxy) Python 2.7 - h5py 2.3.1-7 (HKLM-x32\...\Python 2.7 - h5py 2.3.1-7) (Version: 2.3.1-7 - pythonxy) Python 2.7 - html5lib 0.999-3 (HKLM-x32\...\Python 2.7 - html5lib 0.999-3) (Version: 0.999-3 - pythonxy) Python 2.7 - IPython 2.3.1-9 (HKLM-x32\...\Python 2.7 - IPython 2.3.1-9) (Version: 2.3.1-9 - pythonxy) Python 2.7 - jinja2 2.7.3-6 (HKLM-x32\...\Python 2.7 - jinja2 2.7.3-6) (Version: 2.7.3-6 - pythonxy) Python 2.7 - lxml 3.4.1-16 (HKLM-x32\...\Python 2.7 - lxml 3.4.1-16) (Version: 3.4.1-16 - pythonxy) Python 2.7 - mahotas 1.2.3-13 (HKLM-x32\...\Python 2.7 - mahotas 1.2.3-13) (Version: 1.2.3-13 - pythonxy) Python 2.7 - mako 1.0.0-2 (HKLM-x32\...\Python 2.7 - mako 1.0.0-2) (Version: 1.0.0-2 - pythonxy) Python 2.7 - matplotlib 1.4.2-6 (HKLM-x32\...\Python 2.7 - matplotlib 1.4.2-6) (Version: 1.4.2-6 - pythonxy) Python 2.7 - modernize 0.4-1 (HKLM-x32\...\Python 2.7 - modernize 0.4-1) (Version: 0.4-1 - pythonxy) Python 2.7 - nose 1.3.4-7 (HKLM-x32\...\Python 2.7 - nose 1.3.4-7) (Version: 1.3.4-7 - pythonxy) Python 2.7 - numexpr 2.4.0-7 (HKLM-x32\...\Python 2.7 - numexpr 2.4.0-7) (Version: 2.4.0-7 - pythonxy) Python 2.7 - numpy 1.8.2-7 (HKLM-x32\...\Python 2.7 - numpy 1.8.2-7) (Version: 1.8.2-7 - pythonxy) Python 2.7 - OpenSSL 0.14-5 (HKLM-x32\...\Python 2.7 - OpenSSL 0.14-5) (Version: 0.14-5 - pythonxy) Python 2.7 - pandas 1.15.2-12 (HKLM-x32\...\Python 2.7 - pandas 1.15.2-12) (Version: 1.15.2-12 - pythonxy) Python 2.7 - paramiko 1.15.1-12 (HKLM-x32\...\Python 2.7 - paramiko 1.15.1-12) (Version: 1.15.1-12 - pythonxy) Python 2.7 - patsy 0.3.0-2 (HKLM-x32\...\Python 2.7 - patsy 0.3.0-2) (Version: 0.3.0-2 - pythonxy) Python 2.7 - PIL 2.6.1-13 (HKLM-x32\...\Python 2.7 - PIL 2.6.1-13) (Version: 2.6.1-13 - pythonxy) Python 2.7 - pip 1.5.7-11 (HKLM-x32\...\Python 2.7 - pip 1.5.7-11) (Version: 1.5.7-11 - pythonxy) Python 2.7 - ply 3.4 (HKLM-x32\...\Python 2.7 - ply 3.4) (Version: 3.4 - pythonxy) Python 2.7 - psutil 2.1.3-12 (HKLM-x32\...\Python 2.7 - psutil 2.1.3-12) (Version: 2.1.3-12 - pythonxy) Python 2.7 - py2exe 0.6.9 (HKLM-x32\...\Python 2.7 - py2exe 0.6.9) (Version: 0.6.9 - pythonxy) Python 2.7 - pyasn1 0.1.8-1 (HKLM-x32\...\Python 2.7 - pyasn1 0.1.8-1) (Version: 0.1.8-1 - pythonxy) Python 2.7 - pyaudio 0.2.8-2 (HKLM-x32\...\Python 2.7 - pyaudio 0.2.8-2) (Version: 0.2.8-2 - pythonxy) Python 2.7 - pycparser 2.11-3 (HKLM-x32\...\Python 2.7 - pycparser 2.11-3) (Version: 2.11-3 - pythonxy) Python 2.7 - pycrypto 2.6.1-2 (HKLM-x32\...\Python 2.7 - pycrypto 2.6.1-2) (Version: 2.6.1-2 - pythonxy) Python 2.7 - pygments 2.0.1-2 (HKLM-x32\...\Python 2.7 - pygments 2.0.1-2) (Version: 2.0.1-2 - pythonxy) Python 2.7 - PyICU 1.8-4 (HKLM-x32\...\Python 2.7 - PyICU 1.8-4) (Version: 1.8-4 - pythonxy) Python 2.7 - pylint 1.4.0-15 (HKLM-x32\...\Python 2.7 - pylint 1.4.0-15) (Version: 1.4.0-15 - pythonxy) Python 2.7 - PyOpenGL 3.1.0-4 (HKLM-x32\...\Python 2.7 - PyOpenGL 3.1.0-4) (Version: 3.1.0-4 - pythonxy) Python 2.7 - pyparsing 2.0.3-4 (HKLM-x32\...\Python 2.7 - pyparsing 2.0.3-4) (Version: 2.0.3-4 - pythonxy) Python 2.7 - PyQt4 4.9.6-4 (HKLM-x32\...\Python 2.7 - PyQt4 4.9.6-4) (Version: 4.9.6-4 - pythonxy) Python 2.7 - pyreadline 2.0.6-3 (HKLM-x32\...\Python 2.7 - pyreadline 2.0.6-3) (Version: 2.0.6-3 - pythonxy) Python 2.7 - pytables 3.1.1-6 (HKLM-x32\...\Python 2.7 - pytables 3.1.1-6) (Version: 3.1.1-6 - pythonxy) Python 2.7 - pywin32 219.0-3 (HKLM-x32\...\Python 2.7 - pywin32 219.0-3) (Version: 219.0-3 - pythonxy) Python 2.7 - pyyaml 3.11-2 (HKLM-x32\...\Python 2.7 - pyyaml 3.11-2) (Version: 3.11-2 - pythonxy) Python 2.7 - pyzmq 14.4.1-11 (HKLM-x32\...\Python 2.7 - pyzmq 14.4.1-11) (Version: 14.4.1-11 - pythonxy) Python 2.7 - reportlab 3.1.10-3 (HKLM-x32\...\Python 2.7 - reportlab 3.1.10-3) (Version: 3.1.10-3 - pythonxy) Python 2.7 - requests 2.5.0-5 (HKLM-x32\...\Python 2.7 - requests 2.5.0-5) (Version: 2.5.0-5 - pythonxy) Python 2.7 - scipy 0.14.0-7 (HKLM-x32\...\Python 2.7 - scipy 0.14.0-7) (Version: 0.14.0-7 - pythonxy) Python 2.7 - setuptools 7.0-26 (HKLM-x32\...\Python 2.7 - setuptools 7.0-26) (Version: 7.0-26 - pythonxy) Python 2.7 - sphinx 1.2.3-8 (HKLM-x32\...\Python 2.7 - sphinx 1.2.3-8) (Version: 1.2.3-8 - pythonxy) Python 2.7 - spyder 2.3.2-14 (HKLM-x32\...\Python 2.7 - spyder 2.3.2-14) (Version: 2.3.2-14 - pythonxy) Python 2.7 - sqlalchemy 0.9.8-15 (HKLM-x32\...\Python 2.7 - sqlalchemy 0.9.8-15) (Version: 0.9.8-15 - pythonxy) Python 2.7 - statsmodels 0.6.1-3 (HKLM-x32\...\Python 2.7 - statsmodels 0.6.1-3) (Version: 0.6.1-3 - pythonxy) Python 2.7 - tornado 4.0.2-9 (HKLM-x32\...\Python 2.7 - tornado 4.0.2-9) (Version: 4.0.2-9 - pythonxy) Python 2.7 - veusz 1.22-12 (HKLM-x32\...\Python 2.7 - veusz 1.22-12) (Version: 1.22-12 - pythonxy) Python 2.7 - virtualenv 1.11.6-10 (HKLM-x32\...\Python 2.7 - virtualenv 1.11.6-10) (Version: 1.11.6-10 - pythonxy) Python 2.7 - vitables 2.1.0.3 (HKLM-x32\...\Python 2.7 - vitables 2.1.0.3) (Version: 2.1.0.3 - pythonxy) Python 2.7 - wxPython 2.8.12.1-1 (HKLM-x32\...\Python 2.7 - wxPython 2.8.12.1-1) (Version: 2.8.12.1-1 - pythonxy) Python 2.7 - xy 1.3.5-7 (HKLM-x32\...\Python 2.7 - xy 1.3.5-7) (Version: 1.3.5-7 - pythonxy) Python 2.7 py2exe-0.6.9 (HKLM-x32\...\py2exe-py2.7) (Version: - ) Python 2.7.9 (x32 Version: 2.7.9150 - Python Software Foundation) Hidden Python 3.2 pygame-1.9.2a0 (HKLM-x32\...\{265E2F1D-0025-45DF-B83B-8320466108A8}) (Version: 1.9.2 - Pete Shinners, Rene Dudfield, Marcus von Appen, Bob Pendleton, others...) Python 3.4.3 (HKLM-x32\...\{CCD588A7-8D55-49F1-A30C-47FAB40889ED}) (Version: 3.4.16490 - Python Software Foundation) Python(x,y) - console 1.12.0.14282-11 (HKLM-x32\...\Python(x,y) - console 1.12.0.14282-11) (Version: 1.12.0.14282-11 - pythonxy) Python(x,y) - SciTE 3.5.1-4 (HKLM-x32\...\Python(x,y) - SciTE 3.5.1-4) (Version: 3.5.1-4 - pythonxy) Python(x,y) - xydoc 1.0.5.1 (HKLM-x32\...\Python(x,y) - xydoc 1.0.5.1) (Version: 1.0.5.1 - pythonxy) Python(x,y) (HKLM-x32\...\Python(x,y)) (Version: 2.7.9.0 - Python(x,y)) Qualcomm Atheros Client Installation Program (HKLM-x32\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 10.0 - Qualcomm Atheros) QuickTime (HKLM-x32\...\{8DC42D05-680B-41B0-8878-6C14D24602DB}) (Version: 7.55.90.70 - Apple Inc.) Racket v6.1.1 (x86_64) (HKLM-x32\...\Racket-x86_64-6.1.1) (Version: 6.1.1 - PLT Design Inc.) RaidCall (HKLM-x32\...\RaidCall) (Version: 7.3.6-1.0.12972.94 - raidcall.com) RAM Kontroler (HKLM-x32\...\{782B6053-CEF0-432D-94CC-EA2CB5CAF587}) (Version: 1.2.0.0 - PHU XimSoft Tomasz Wyderka) RonOTS Client wersja 8.7 (HKLM-x32\...\{30D371C9-53B1-46B3-A934-A9394856482F}_is1) (Version: 8.7 - RonIT) Samsung ML-2160 Series (HKLM-x32\...\Samsung ML-2160 Series) (Version: 1.14 (2013-12-05) - Samsung Electronics Co., Ltd.) Samsung Printer Live Update (HKLM-x32\...\Samsung Printer Live Update) (Version: 1.01.00:04(2013-04-22) - Samsung Electronics Co., Ltd.) Skype™ 6.16 (HKLM-x32\...\{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}) (Version: 6.16.105 - Skype Technologies S.A.) Speedy Drive (remove only) (HKLM-x32\...\SpeedyDrive) (Version: 1.2.0 - Speedy Share LTD) Start Menu 8 (HKLM-x32\...\IObit_StartMenu8_is1) (Version: 2.0.1 - IObit) Steam (HKLM-x32\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve Corporation) SWI-Prolog (remove only) (HKLM\...\SWI-Prolog) (Version: - ) TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.16 - TeamSpeak Systems GmbH) TeamViewer 9 (HKLM-x32\...\TeamViewer 9) (Version: 9.0.32494 - TeamViewer) TeLL me More CJ (HKLM-x32\...\TellmeMoreV50) (Version: - ) Tibia (HKLM-x32\...\Tibia_is1) (Version: 10.41 - CipSoft GmbH) Tibia Preview (HKLM-x32\...\Tibia Preview_is1) (Version: 10.51 - CipSoft GmbH) Tibiacast (HKLM-x32\...\{0FEF3FBD-8EF9-4815-B544-59FC1841ECC1}) (Version: 3.1.03901 - Silver Squirrel Software HB) Total Commander 64-bit (Remove or Repair) (HKLM\...\Totalcmd64) (Version: 8.51a - Ghisler Software GmbH) Unity Web Player (HKU\S-1-5-21-3625697315-574066735-3411081838-1001\...\UnityWebPlayer) (Version: 4.6.1f1 - Unity Technologies ApS) Update for Japanese Microsoft IME Postal Code Dictionary (HKLM-x32\...\{15015752-9990-4516-A2B1-93823281FB8E}) (Version: 15.0.1759 - Microsoft Corporation) Update for Japanese Microsoft IME Standard Dictionary (HKLM-x32\...\{7DB71278-9AD7-4480-AB08-8649C5010B17}) (Version: 15.0.1215 - Microsoft Corporation) Update for Japanese Microsoft IME Standard Extended Dictionary (HKLM-x32\...\{78CE66A9-85AF-4BD8-8FB7-35B5F3846C00}) (Version: 15.0.1215 - Microsoft Corporation) VIA Platform Device Manager (HKLM-x32\...\InstallShield_{20D4A895-748C-4D88-871C-FDB1695B0169}) (Version: 1.39 - VIA Technologies, Inc.) Visual Studio 2010 Tools for SQL Server Compact 3.5 SP2 ENU (HKLM-x32\...\{112C23F2-C036-4D40-BED4-0CB47BF5555C}) (Version: 4.0.8080.0 - Microsoft Corporation) WA Update v3.50 beta2 (HKLM-x32\...\{9BE2669E-2BD8-4164-A8B5-C904C864B403}) (Version: - ) Windows Driver Package - ASUS (ATP) Mouse (07/28/2012 1.0.0.108) (HKLM\...\9B634C8DF2662B6B0212BF0B7547894BF2B5359F) (Version: 07/28/2012 1.0.0.108 - ASUS) WinRAR 4.00 beta 5 (64-bit) (HKLM\...\WinRAR archiver) (Version: 4.00.5 - win.rar GmbH) WinSCP 5.1.7 (HKLM-x32\...\winscp3_is1) (Version: 5.1.7 - Martin Prikryl) Worms Armageddon (HKLM-x32\...\Worms Armageddon) (Version: - ) ==================== Custom CLSID (Whitelisted): ========================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) CustomCLSID: HKU\S-1-5-21-3625697315-574066735-3411081838-1001_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Jasiu\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-3625697315-574066735-3411081838-1001_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Jasiu\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-3625697315-574066735-3411081838-1001_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Jasiu\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-3625697315-574066735-3411081838-1001_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Jasiu\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-3625697315-574066735-3411081838-1001_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Jasiu\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-3625697315-574066735-3411081838-1001_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Jasiu\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-3625697315-574066735-3411081838-1001_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Jasiu\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-3625697315-574066735-3411081838-1001_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Jasiu\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-3625697315-574066735-3411081838-1001_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Jasiu\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.) ==================== Restore Points ========================= 30-06-2015 15:22:47 Windows Update 03-07-2015 16:16:25 Windows Update 09-07-2015 09:47:58 Windows Update 15-07-2015 07:29:49 Windows Update 16-07-2015 17:15:00 Restore Point Created by FRST 16-07-2015 17:29:58 Restore Point Created by FRST ==================== Hosts content: =============================== (If needed Hosts: directive could be included in the fixlist to reset Hosts.) 2012-07-26 07:26 - 2014-04-19 14:25 - 00000856 ____A C:\WINDOWS\system32\Drivers\etc\hosts 127.0.0.1 198.144.182.42 ==================== Scheduled Tasks (Whitelisted) ============= (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) Task: {019AE35F-E87C-4127-838B-7C656FC6F901} - System32\Tasks\ASUS Live Update => C:\Program Files (x86)\ASUS\ASUS Live Update\LiveUpdate.exe [2012-07-25] (ASUSTeK Computer Inc.) Task: {12A27795-32DD-4E04-9E74-31418DC8070E} - System32\Tasks\HPCustParticipation HP Photosmart 5520 series => C:\Program Files\HP\HP Photosmart 5520 series\Bin\HPCustPartic.exe [2012-10-17] (Hewlett-Packard Co.) Task: {17B54308-3FEE-4DA8-8175-21482615BC8E} - System32\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d => C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\Bootstrap.exe [2012-04-16] (Intel Corporation) Task: {1F24347F-6BFB-41B4-AC89-959BCA101330} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-10-19] (Google Inc.) Task: {244EA8EB-A876-41F7-A5A5-C60B279EBDC8} - System32\Tasks\RsDelayLauncher_{8A34248E-7D35-4832-8378-7659E0B0A380} => C:\Program Files (x86)\Rising\RAV\rsdelaylauncher.exe Task: {3A5A6BF9-72CB-45FA-B77D-6862762EF456} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2013-09-19] (Piriform Ltd) Task: {4600102B-1948-4364-A5B0-88B4A7FED485} - System32\Tasks\ASUS USB Charger Plus => C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe [2012-07-25] (ASUSTek Computer Inc.) Task: {67A90390-D011-4D16-B5EA-A596192D619A} - System32\Tasks\ASUS InstantOn Config => C:\Program Files (x86)\ASUS\ASUS InstantOn\InsOnCfg.exe [2012-08-06] (ASUS) Task: {687B9531-432C-42D5-91EE-293FC4752218} - System32\Tasks\ASUS P4G => C:\Program Files\ASUS\P4G\BatteryLife.exe [2012-08-04] (ASUS) Task: {6FD7A638-3BE5-498E-BEEC-D3CA290A3F15} - System32\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d-Logon => C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\Bootstrap.exe [2012-04-16] (Intel Corporation) Task: {AC6C10EB-77FB-42D4-A990-F6DF9BA6F22F} - System32\Tasks\Uninstaller_SkipUac_Jasiu => C:\Program Files (x86)\IObit\IObit Uninstaller\IObitUninstaler.exe [2015-01-21] (IObit) Task: {CC8916B3-7287-4677-9ACE-5A60A429CFFE} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-3625697315-574066735-3411081838-1001Core => C:\Users\Jasiu\AppData\Local\Facebook\Update\FacebookUpdate.exe [2014-03-12] (Facebook Inc.) Task: {E69820BE-9B28-4431-8AB9-78A9D55F560A} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-10-19] (Google Inc.) Task: {F4E8A231-CDD0-41FB-AA2A-A0258210FE7D} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2015-06-10] (Microsoft Corporation) Task: {F916A9A8-CEF4-4219-9D0E-E55C8834CFA7} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.) (If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.) Task: C:\WINDOWS\Tasks\FacebookUpdateTaskUserS-1-5-21-3625697315-574066735-3411081838-1001Core.job => C:\Users\Jasiu\AppData\Local\Facebook\Update\FacebookUpdate.exe Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: C:\WINDOWS\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d-Logon.job => C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\Bootstrap.exe Task: C:\WINDOWS\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d.job => C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\Bootstrap.exe Task: C:\WINDOWS\Tasks\Uninstaller_SkipUac_Jasiu.job => C:\Program Files (x86)\IObit\IObit Uninstaller\IObitUninstaler.exe ==================== Loaded Modules (Whitelisted) ============== 2014-01-20 22:03 - 2011-04-25 13:24 - 00034304 _____ () C:\WINDOWS\System32\ssj1mlm.dll 2012-08-04 19:34 - 2012-08-04 19:34 - 00031360 _____ () C:\Program Files\ASUS\P4G\DevMng.dll 2013-10-19 14:26 - 2011-01-27 11:35 - 00164864 _____ () C:\Program Files\WinRAR\rarext.dll 2015-04-15 22:13 - 2015-04-15 22:13 - 00222720 _____ () C:\Program Files (x86)\Notepad++\NppShell_06.dll 2012-04-16 23:45 - 2012-04-16 23:45 - 00119808 _____ () C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\updateui.exe 2014-12-10 03:16 - 2014-11-26 11:35 - 00055688 _____ () C:\Program Files (x86)\Common Files\Autodesk Shared\AppManager\R1\QtSolutions_Service-head.dll 2014-12-10 03:16 - 2014-11-26 11:35 - 00104328 _____ () C:\Program Files (x86)\Common Files\Autodesk Shared\AppManager\R1\qjson0.dll 2011-08-16 05:12 - 2011-08-16 05:12 - 02603520 _____ () C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\QtCore4.dll 2012-04-16 20:42 - 2012-04-16 20:42 - 00015872 _____ () C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\featureController.dll 2011-08-16 05:12 - 2011-08-16 05:12 - 01006592 _____ () C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\QtNetwork4.dll 2011-08-16 05:15 - 2011-08-16 05:15 - 00382464 _____ () C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\QtXml4.dll 2011-08-18 01:41 - 2011-08-18 01:41 - 00400384 _____ () C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\sqlite3.dll 2011-08-18 01:48 - 2011-08-18 01:48 - 00322048 _____ () C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\log4cplus.dll 2011-08-18 01:48 - 2011-08-18 01:48 - 00195584 _____ () C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\libgsoap.dll 2011-08-16 04:23 - 2011-08-16 04:23 - 00062464 _____ () C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\zlib1.dll 2012-04-16 20:41 - 2012-04-16 20:41 - 00484864 _____ () C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\DeviceProfile.dll 2012-04-16 20:56 - 2012-04-16 20:56 - 00500032 _____ () C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\plugin\PServerPlugin.dll 2012-04-16 20:38 - 2012-04-16 20:38 - 00013824 _____ () C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\eventsSender.dll 2015-01-19 14:07 - 2015-01-14 17:15 - 00622880 _____ () C:\Program Files (x86)\IObit\LiveUpdate\ProductStatistics.dll 2013-10-19 14:02 - 2015-01-14 17:14 - 00348960 _____ () C:\Program Files (x86)\IObit\Start Menu 8\madExcept_.bpl 2013-10-19 14:02 - 2015-01-14 17:14 - 00183584 _____ () C:\Program Files (x86)\IObit\Start Menu 8\madBasic_.bpl 2013-10-19 14:02 - 2015-01-14 17:14 - 00050976 _____ () C:\Program Files (x86)\IObit\Start Menu 8\madDisAsm_.bpl 2015-01-19 14:06 - 2015-01-14 17:15 - 00268920 _____ () C:\Program Files (x86)\IObit\Start Menu 8\sqlite3.dll 2015-01-19 14:06 - 2015-01-14 17:15 - 00053024 _____ () C:\Program Files (x86)\IObit\Start Menu 8\parseAuto.dll 2015-01-19 14:06 - 2015-01-14 17:15 - 00622880 _____ () C:\Program Files (x86)\IObit\Start Menu 8\ProductStatistics.dll 2015-01-19 14:06 - 2015-01-14 17:15 - 00041248 _____ () C:\Program Files (x86)\IObit\Start Menu 8\winkey.dll 2011-07-20 01:05 - 2011-07-20 01:05 - 14978048 _____ () C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\QtWebKit4.dll 2011-08-16 05:17 - 2011-08-16 05:17 - 09224704 _____ () C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\QtGui4.dll 2011-07-20 01:04 - 2011-07-20 01:04 - 00317952 _____ () C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\phonon4.dll 2015-07-14 22:59 - 2015-07-13 23:55 - 01281864 _____ () C:\Program Files (x86)\Google\Chrome\Application\43.0.2357.134\libglesv2.dll 2015-07-14 22:59 - 2015-07-13 23:55 - 00080712 _____ () C:\Program Files (x86)\Google\Chrome\Application\43.0.2357.134\libegl.dll 2012-09-23 20:09 - 2012-06-25 19:41 - 01198912 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\ACE.dll 2015-07-14 22:59 - 2015-07-13 23:55 - 16308040 _____ () C:\Program Files (x86)\Google\Chrome\Application\43.0.2357.134\PepperFlash\pepflashplayer.dll ==================== Alternate Data Streams (Whitelisted) ========= (If an entry is included in the fixlist, only the ADS will be removed.) ==================== Safe Mode (Whitelisted) =================== (If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.) ==================== EXE Association (Whitelisted) =============== (If an entry is included in the fixlist, the registry item will be restored to default or removed.) ==================== Internet Explorer trusted/restricted =============== (If an entry is included in the fixlist, it will be removed from the registry.) ==================== Other Areas ============================ (Currently there is no automatic fix for this section.) HKU\S-1-5-21-3625697315-574066735-3411081838-1001\Control Panel\Desktop\\Wallpaper -> D:\osu!\Songs\102282 Renard - Terminal\BG.jpg DNS Servers: 87.204.204.204 - 62.233.233.233 ==================== MSCONFIG/TASK MANAGER disabled items == (Currently there is no automatic fix for this section.) HKLM\...\StartupApproved\StartupFolder: => "AsusVibeLauncher.lnk" HKLM\...\StartupApproved\Run: => "ACMON" HKLM\...\StartupApproved\Run: => "ASUSQuickGesture(x64)" HKLM\...\StartupApproved\Run: => "ASUSQuickGesture(x86)" HKLM\...\StartupApproved\Run: => "ASUSTPLoader(x64)" HKLM\...\StartupApproved\Run: => "HotKeysCmds" HKLM\...\StartupApproved\Run: => "IgfxTray" HKLM\...\StartupApproved\Run: => "Persistence" HKLM\...\StartupApproved\Run32: => "GrooveMonitor" HKLM\...\StartupApproved\Run32: => "NBKeyScan" HKLM\...\StartupApproved\Run32: => "RemoteControl10" HKLM\...\StartupApproved\Run32: => "QuickTime Task" HKLM\...\StartupApproved\Run32: => "AmIcoSinglun64" HKLM\...\StartupApproved\Run32: => "HDAudDeck" HKLM\...\StartupApproved\Run32: => "APSDaemon" HKLM\...\StartupApproved\Run32: => "ADSKAppManager" HKLM\...\StartupApproved\Run32: => "ProductUpdater" HKLM\...\StartupApproved\Run32: => "RSDTRAY" HKLM\...\StartupApproved\Run32: => "RavTRAY" HKLM\...\StartupApproved\Run32: => "ACMON" HKU\S-1-5-21-3625697315-574066735-3411081838-1001\...\StartupApproved\StartupFolder: => "Dropbox.lnk" HKU\S-1-5-21-3625697315-574066735-3411081838-1001\...\StartupApproved\Run: => "IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}" HKU\S-1-5-21-3625697315-574066735-3411081838-1001\...\StartupApproved\Run: => "Steam" HKU\S-1-5-21-3625697315-574066735-3411081838-1001\...\StartupApproved\Run: => "Facebook Update" HKU\S-1-5-21-3625697315-574066735-3411081838-1001\...\StartupApproved\Run: => "RAMKontroler" HKU\S-1-5-21-3625697315-574066735-3411081838-1001\...\StartupApproved\Run: => "FotkaBot" ==================== FirewallRules (Whitelisted) =============== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) FirewallRules: [TCP Query User{C541865B-F6A0-47DC-8703-74813931A903}C:\program files\hp\hp photosmart 5520 series\bin\hpnetworkcommunicator.exe] => (Allow) C:\program files\hp\hp photosmart 5520 series\bin\hpnetworkcommunicator.exe FirewallRules: [UDP Query User{99F03A1E-EAB7-4F15-A325-A30DACFA435F}C:\program files\hp\hp photosmart 5520 series\bin\hpnetworkcommunicator.exe] => (Allow) C:\program files\hp\hp photosmart 5520 series\bin\hpnetworkcommunicator.exe ==================== Faulty Device Manager Devices ============= ==================== Event log errors: ========================= Application errors: ================== Error: (07/16/2015 05:32:06 PM) (Source: Application Hang) (EventID: 1002) (User: ) Description: Program FRST64.exe w wersji 13.7.2015.1 przestał współpracować z systemem Windows i został zamknięty. Aby sprawdzić, czy jest dostępnych więcej informacji na temat tego problemu, sprawdź historię problemu w aplecie Centrum akcji w Panelu sterowania. Identyfikator procesu: 5f8 Godzina rozpoczęcia: 01d0bfdc44fad050 Godzina zakończenia: 2906 Ścieżka aplikacji: C:\Users\Jasiu\Desktop\frst\FRST64.exe Identyfikator raportu: cbfd619a-2bcf-11e5-8211-08606e0e5d32 Pełna nazwa pakietu powodującego błąd: Identyfikator aplikacji względem pakietu powodującego błąd: Error: (07/16/2015 05:29:23 PM) (Source: Application Hang) (EventID: 1002) (User: ) Description: Program FRST64.exe w wersji 13.7.2015.1 przestał współpracować z systemem Windows i został zamknięty. Aby sprawdzić, czy jest dostępnych więcej informacji na temat tego problemu, sprawdź historię problemu w aplecie Centrum akcji w Panelu sterowania. Identyfikator procesu: 1558 Godzina rozpoczęcia: 01d0bfda281b6890 Godzina zakończenia: 0 Ścieżka aplikacji: C:\Users\Jasiu\Desktop\frst\FRST64.exe Identyfikator raportu: 69e1c4e0-2bcf-11e5-8211-08606e0e5d32 Pełna nazwa pakietu powodującego błąd: Identyfikator aplikacji względem pakietu powodującego błąd: Error: (07/16/2015 05:14:59 PM) (Source: VSS) (EventID: 8194) (User: ) Description: Błąd Usługi kopiowania woluminów w tle: nieoczekiwany błąd podczas badania interfejsu IVssWriterCallback. hr = 0x80070005, Odmowa dostępu. . To jest często spowodowane przez niepoprawne ustawienia zabezpieczeń w procesie zapisującym lub żądającym. Operacja: Zbieranie danych modułu zapisującego Kontekst: Identyfikator klasy modułu zapisującego: {e8132975-6f93-4464-a53e-1050253ae220} Nazwa modułu zapisującego: System Writer Identyfikator wystąpienia modułu zapisującego: {4baf68e4-994c-4223-894f-03045ba420b4} Error: (07/16/2015 04:42:28 PM) (Source: Windows Search Service) (EventID: 3079) (User: ) Description: Powiadomienia dla woluminu C:\ są nieaktywne. Kontekst: aplikacja Windows Szczegóły: Dziennik zmian woluminu jest usuwany. (HRESULT : 0x8007049a) (0x8007049a) Error: (07/16/2015 01:06:29 PM) (Source: SideBySide) (EventID: 78) (User: ) Description: Nie można wygenerować kontekstu aktywacji dla „C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17810_none_6240b9c7ecbd0bda.manifest1”. Błąd w pliku manifestu lub w pliku zasad „C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17810_none_6240b9c7ecbd0bda.manifest2” w wierszu C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17810_none_6240b9c7ecbd0bda.manifest3. Wersja składnika wymagana przez aplikację powoduje konflikt z inną wersją składnika, która jest już aktywna. Składniki powodujące konflikt: Składnik 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17810_none_6240b9c7ecbd0bda.manifest. Składnik 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17810_none_a9edf09f013934e0.manifest. Error: (07/16/2015 01:06:29 PM) (Source: SideBySide) (EventID: 78) (User: ) Description: Nie można wygenerować kontekstu aktywacji dla „C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17810_none_a9edf09f013934e0.manifest1”. Błąd w pliku manifestu lub w pliku zasad „C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17810_none_a9edf09f013934e0.manifest2” w wierszu C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17810_none_a9edf09f013934e0.manifest3. Wersja składnika wymagana przez aplikację powoduje konflikt z inną wersją składnika, która jest już aktywna. Składniki powodujące konflikt: Składnik 1: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17810_none_a9edf09f013934e0.manifest. Składnik 2: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17810_none_6240b9c7ecbd0bda.manifest. Error: (07/16/2015 01:06:28 PM) (Source: SideBySide) (EventID: 78) (User: ) Description: Nie można wygenerować kontekstu aktywacji dla „C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17810_none_a9edf09f013934e0.manifest1”. Błąd w pliku manifestu lub w pliku zasad „C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17810_none_a9edf09f013934e0.manifest2” w wierszu C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17810_none_a9edf09f013934e0.manifest3. Wersja składnika wymagana przez aplikację powoduje konflikt z inną wersją składnika, która jest już aktywna. Składniki powodujące konflikt: Składnik 1: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17810_none_a9edf09f013934e0.manifest. Składnik 2: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17810_none_6240b9c7ecbd0bda.manifest. Error: (07/16/2015 09:16:02 AM) (Source: Windows Search Service) (EventID: 3079) (User: ) Description: Powiadomienia dla woluminu C:\ są nieaktywne. Kontekst: aplikacja Windows Szczegóły: Dziennik zmian woluminu jest usuwany. (HRESULT : 0x8007049a) (0x8007049a) Error: (07/16/2015 12:20:29 AM) (Source: Application Error) (EventID: 1000) (User: ) Description: Nazwa aplikacji powodującej błąd: ravmond.exe, wersja: 24.0.0.10, sygnatura czasowa: 0x535f0ae6 Nazwa modułu powodującego błąd: ntdll.dll, wersja: 6.3.9600.17736, sygnatura czasowa: 0x550f42c2 Kod wyjątku: 0xc0000005 Przesunięcie błędu: 0x0001b2bc Identyfikator procesu powodującego błąd: 0x394 Godzina uruchomienia aplikacji powodującej błąd: 0xravmond.exe0 Ścieżka aplikacji powodującej błąd: ravmond.exe1 Ścieżka modułu powodującego błąd: ravmond.exe2 Identyfikator raportu: ravmond.exe3 Pełna nazwa pakietu powodującego błąd: ravmond.exe4 Identyfikator aplikacji względem pakietu powodującego błąd: ravmond.exe5 Error: (07/15/2015 11:39:41 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Nazwa aplikacji powodującej błąd: AdwCleaner.exe, wersja: 4.2.0.8, sygnatura czasowa: 0x559eaf1a Nazwa modułu powodującego błąd: AdwCleaner.exe, wersja: 4.2.0.8, sygnatura czasowa: 0x559eaf1a Kod wyjątku: 0xc0000005 Przesunięcie błędu: 0x0001f09e Identyfikator procesu powodującego błąd: 0x740 Godzina uruchomienia aplikacji powodującej błąd: 0xAdwCleaner.exe0 Ścieżka aplikacji powodującej błąd: AdwCleaner.exe1 Ścieżka modułu powodującego błąd: AdwCleaner.exe2 Identyfikator raportu: AdwCleaner.exe3 Pełna nazwa pakietu powodującego błąd: AdwCleaner.exe4 Identyfikator aplikacji względem pakietu powodującego błąd: AdwCleaner.exe5 System errors: ============= Error: (07/16/2015 05:39:19 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Nie można uruchomić usługi Rsd Service z powodu następującego błędu: %%3 Error: (07/16/2015 05:39:19 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Nie można uruchomić usługi Wirtualizacja pliku UAC z powodu następującego błędu: %%1275 Error: (07/16/2015 05:30:48 PM) (Source: Service Control Manager) (EventID: 7032) (User: ) Description: Menedżer sterowania usługami próbował podjąć akcję korekcyjną (Uruchom usługę ponownie) po nieoczekiwanym zakończeniu usługi Windows Search, ale ta akcja nie powiodła się przy następującym błędzie: %%1056. Error: (07/16/2015 05:29:57 PM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: Usługa Windows Search niespodziewanie zakończyła pracę. Wystąpiło to razy: 2. W przeciągu 30000 milisekund zostanie podjęta następująca czynność korekcyjna: Uruchom usługę ponownie. Error: (07/16/2015 05:29:57 PM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: Usługa Usługa udostępniania w sieci programu Windows Media Player niespodziewanie zakończyła pracę. Wystąpiło to razy: 2. W przeciągu 30000 milisekund zostanie podjęta następująca czynność korekcyjna: Uruchom usługę ponownie. Error: (07/16/2015 05:29:57 PM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: Usługa Autodesk Content Service niespodziewanie zakończyła pracę. Wystąpiło to razy: 2. W przeciągu 10000 milisekund zostanie podjęta następująca czynność korekcyjna: Uruchom usługę ponownie. Error: (07/16/2015 05:29:57 PM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: Usługa Intel(R) Management and Security Application Local Management Service niespodziewanie zakończyła pracę. Wystąpiło to razy: 1. W przeciągu 10000 milisekund zostanie podjęta następująca czynność korekcyjna: Uruchom usługę ponownie. Error: (07/16/2015 05:29:57 PM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: Usługa Bufor wydruku niespodziewanie zakończyła pracę. Wystąpiło to razy: 2. W przeciągu 5000 milisekund zostanie podjęta następująca czynność korekcyjna: Uruchom usługę ponownie. Error: (07/16/2015 05:29:57 PM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: Usługa Intel(R) Capability Licensing Service Interface niespodziewanie zakończyła pracę. Wystąpiło to razy: 1. W przeciągu 0 milisekund zostanie podjęta następująca czynność korekcyjna: Uruchom usługę ponownie. Error: (07/16/2015 05:14:52 PM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: Usługa StartMenu8 Service niespodziewanie zakończyła pracę. Wystąpiło to razy: 1. Microsoft Office: ========================= Error: (01/20/2015 12:35:17 AM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: ) Description: ID: 1, Application Name: Microsoft Office Excel, Application Version: 12.0.6214.1000, Microsoft Office Version: 12.0.6215.1000. This session lasted 627 seconds with 120 seconds of active time. This session ended with a crash. Error: (01/19/2015 11:43:12 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: ) Description: ID: 1, Application Name: Microsoft Office Excel, Application Version: 12.0.6214.1000, Microsoft Office Version: 12.0.6215.1000. This session lasted 2683 seconds with 180 seconds of active time. This session ended with a crash. Error: (01/09/2015 12:50:40 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: ) Description: ID: 1, Application Name: Microsoft Office Excel, Application Version: 12.0.6214.1000, Microsoft Office Version: 12.0.6215.1000. This session lasted 1999 seconds with 1320 seconds of active time. This session ended with a crash. Error: (12/22/2014 09:36:58 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: ) Description: ID: 1, Application Name: Microsoft Office Excel, Application Version: 12.0.6214.1000, Microsoft Office Version: 12.0.6215.1000. This session lasted 10576 seconds with 600 seconds of active time. This session ended with a crash. Error: (12/15/2014 10:49:56 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: ) Description: ID: 1, Application Name: Microsoft Office Excel, Application Version: 12.0.6214.1000, Microsoft Office Version: 12.0.6215.1000. This session lasted 1313 seconds with 300 seconds of active time. This session ended with a crash. Error: (12/12/2014 01:11:53 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: ) Description: ID: 1, Application Name: Microsoft Office Excel, Application Version: 12.0.6214.1000, Microsoft Office Version: 12.0.6215.1000. This session lasted 627 seconds with 420 seconds of active time. This session ended with a crash. Error: (12/12/2014 01:01:00 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: ) Description: ID: 1, Application Name: Microsoft Office Excel, Application Version: 12.0.6214.1000, Microsoft Office Version: 12.0.6215.1000. This session lasted 37 seconds with 0 seconds of active time. This session ended with a crash. Error: (12/12/2014 01:00:06 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: ) Description: ID: 1, Application Name: Microsoft Office Excel, Application Version: 12.0.6214.1000, Microsoft Office Version: 12.0.6215.1000. This session lasted 654 seconds with 360 seconds of active time. This session ended with a crash. Error: (12/12/2014 12:49:00 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: ) Description: ID: 1, Application Name: Microsoft Office Excel, Application Version: 12.0.6214.1000, Microsoft Office Version: 12.0.6215.1000. This session lasted 222 seconds with 180 seconds of active time. This session ended with a crash. Error: (12/12/2014 12:45:05 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: ) Description: ID: 1, Application Name: Microsoft Office Excel, Application Version: 12.0.6214.1000, Microsoft Office Version: 12.0.6215.1000. This session lasted 1010 seconds with 780 seconds of active time. This session ended with a crash. CodeIntegrity Errors: =================================== Date: 2015-07-13 08:00:20.201 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2015-07-12 09:50:38.152 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2015-07-11 10:09:41.512 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2015-07-10 09:28:12.085 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2015-07-08 14:50:12.683 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2015-07-07 13:58:33.145 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2015-07-06 08:47:53.176 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2015-07-05 08:16:37.252 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2015-07-04 13:22:34.942 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2015-07-03 11:48:28.060 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements. ==================== Memory info =========================== Processor: Intel(R) Core(TM) i3-2370M CPU @ 2.40GHz Percentage of memory in use: 52% Total physical RAM: 3979.69 MB Available physical RAM: 1892.6 MB Total Virtual: 8075.69 MB Available Virtual: 5298.18 MB ==================== Drives ================================ Drive c: (OS) (Fixed) (Total:185.92 GB) (Free:71.61 GB) NTFS ==>[system with boot components (obtained from reading drive)] Drive d: (Data) (Fixed) (Total:258.52 GB) (Free:55.6 GB) NTFS ==================== MBR & Partition Table ================== ======================================================== Disk: 0 (Size: 465.8 GB) (Disk ID: 23D3E035) Partition: GPT Partition Type. ==================== End of log ============================