Additional scan result of Farbar Recovery Scan Tool (x64) Version:13-04-2016
Ran by Michael Jackson (2016-04-15 18:11:14)
Running from C:\Users\Michael Jackson\Desktop
Windows 10 Enterprise (X64) (2015-08-20 18:46:37)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-3609454662-1413584907-928193442-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-3609454662-1413584907-928193442-503 - Limited - Disabled)
Guest (S-1-5-21-3609454662-1413584907-928193442-501 - Limited - Disabled)
Michael Jackson (S-1-5-21-3609454662-1413584907-928193442-1001 - Administrator - Enabled) => C:\Users\Michael Jackson

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: ESET NOD32 Antivirus 8.0 (Enabled - Up to date) {19259FAE-8396-A113-46DB-15B0E7DFA289}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: ESET NOD32 Antivirus 8.0 (Enabled - Up to date) {A2447E4A-A5AC-AE9D-7C6B-2EC29C58E834}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adblock Plus dla IE (32-bitowego i 64-bitowego) (HKLM\...\{E3EA4A92-E882-4BAF-9FE2-EAA7C692A1A1}) (Version: 1.4 - Eyeo GmbH)
Adobe Acrobat Reader DC - Polish (HKLM-x32\...\{AC76BA86-7AD7-1045-7B44-AC0F074E4100}) (Version: 15.010.20060 - Adobe Systems Incorporated)
Adobe Acrobat XI Pro (HKLM-x32\...\{AC76BA86-1033-FFFF-7760-000000000006}) (Version: 11.0.00 - Adobe Systems)
Adobe Flash Player 20 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 20.0.0.235 - Adobe Systems Incorporated)
Adobe Illustrator CC 2015 (HKLM-x32\...\{5680D629-B263-49CC-821E-3CEBD4507B51}) (Version: 19.0 - Adobe Systems Incorporated)
Adobe Photoshop CC 2015 (HKLM-x32\...\{793C2BF7-A4FE-4608-91C9-9282C5801C21}) (Version: 16.0 - Adobe Systems Incorporated)
BitTorrent (HKU\S-1-5-21-3609454662-1413584907-928193442-1001\...\BitTorrent) (Version: 7.9.6.42095 - BitTorrent Inc.)
ColorNavigator 6 (HKLM\...\{207AD5A9-A797-4C4B-B8C5-1CB8B54972C8}_is1) (Version: 6.4.10 - EIZO Corporation)
CrystalDiskInfo 6.7.5 (HKLM-x32\...\CrystalDiskInfo_is1) (Version: 6.7.5 - Crystal Dew World)
ESET NOD32 Antivirus (HKLM\...\{155EC97B-FE09-4F23-BE22-F79440F1E22E}) (Version: 8.0.319.1 - ESET, spol s r. o.)
FastStone Image Viewer 5.5 (HKLM-x32\...\FastStone Image Viewer) (Version: 5.5 - FastStone Soft)
Free YouTube Download (HKLM-x32\...\Free YouTube Download_is1) (Version: 4.1.0.1229 - DVDVideoSoft Ltd.)
HD Tune Pro 5.60 (HKLM-x32\...\HD Tune Pro_is1) (Version:  - EFD Software)
IDM Patch 6.25 build 03 (HKLM-x32\...\IDM Patch 6.25 build 03) (Version: build 03 - SandySeedings Team)
KMSpico (HKLM\...\{8B29D47F-92E2-4C20-9EE0-F710991F5D7C}_is1) (Version:  - )
Malwarebytes Anti-Malware version 2.2.1.1043 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.1.1043 - Malwarebytes)
Microsoft Office Professional Plus 2016 - en-us (HKLM\...\ProplusRetail - en-us) (Version: 16.0.6769.2017 - Microsoft Corporation)
Microsoft Project Professional 2016 - en-us (HKLM\...\ProjectProRetail - en-us) (Version: 16.0.6769.2017 - Microsoft Corporation)
Microsoft Visio Professional 2016 - en-us (HKLM\...\VisioProRetail - en-us) (Version: 16.0.6769.2017 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Mozilla Firefox 45.0.2 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 45.0.2 (x86 en-US)) (Version: 45.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 45.0.2.5941 - Mozilla)
Mozilla Thunderbird 38.7.2 (x86 en-US) (HKLM-x32\...\Mozilla Thunderbird 38.7.2 (x86 en-US)) (Version: 38.7.2 - Mozilla)
NapiProjekt (2.2.0.2399) (HKLM-x32\...\NapiProjekt_is1) (Version:  - )
NVIDIA 3D Vision Driver 341.92 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 341.92 - NVIDIA Corporation)
NVIDIA Graphics Driver 341.92 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 341.92 - NVIDIA Corporation)
NVIDIA HD Audio Driver 1.3.30.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.30.1 - NVIDIA Corporation)
NVIDIA Update 10.4.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 10.4.0 - NVIDIA Corporation)
Office 16 Click-to-Run Extensibility Component (Version: 16.0.6729.1014 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (Version: 16.0.6729.1014 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (Version: 16.0.6729.1014 - Microsoft Corporation) Hidden
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7535 - Realtek Semiconductor Corp.)
TeamViewer 11 (HKLM-x32\...\TeamViewer) (Version: 11.0.56083 - TeamViewer)
Total Commander 64-bit (Remove or Repair) (HKLM\...\Totalcmd64) (Version: 8.51a - Ghisler Software GmbH)
UltraISO Premium V9.65 (HKLM-x32\...\UltraISO_is1) (Version:  - )
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.1 - VideoLAN)
Windows Driver Package - Datacolor (Spyder3) USB  (09/10/2007 1.0.0.3) (HKLM\...\2F24D930929D08C29A697E2C2E0574EC1CCCAE1D) (Version: 09/10/2007 1.0.0.3 - Datacolor)
Windows Driver Package - Datacolor (Spyder4) USB  (06/01/2011 1.0.0.1) (HKLM\...\E5E9268B6D7B0E662E34736CC110C89D595E4222) (Version: 06/01/2011 1.0.0.1 - Datacolor)
Windows Driver Package - Datacolor (Spyder5) USB  (08/26/2014 1.0.0.1) (HKLM\...\D1CF369DD689097AF9D7AD184A04FD57BD8EF4BA) (Version: 08/26/2014 1.0.0.1 - Datacolor)
Windows Driver Package - FTDI CDM Driver Package (07/12/2010 2.08.02) (HKLM\...\498B9978CE49397903524B0761200F43EC650044) (Version: 07/12/2010 2.08.02 - FTDI)
Windows Driver Package - FTDI CDM Driver Package (07/12/2010 2.08.02) (HKLM\...\67170FB0228B69BCCBEF8CE14A76953A5505D8EA) (Version: 07/12/2010 2.08.02 - FTDI)
Windows Driver Package - X-Rite (colormunki) XRiteDevices  (08/21/2006 2.40.0.1315) (HKLM\...\975DA77B1E3D07FC79378569A82F13404D027518) (Version: 08/21/2006 2.40.0.1315 - X-Rite)
Windows Driver Package - X-Rite (EyeOne) XRiteDevices  (04/21/2009 2.40.0.1315) (HKLM\...\60DFC39027B2B7734E1FBB0C005E7A477317D42D) (Version: 04/21/2009 2.40.0.1315 - X-Rite)
Windows Driver Package - X-Rite (EyeOne) XRiteDevices  (08/21/2006 2.40.0.1315) (HKLM\...\4BCA7532847C66A175AD419E8ED0CB00EA9F9A4A) (Version: 08/21/2006 2.40.0.1315 - X-Rite)
Windows Driver Package - X-Rite (EyeOneDisplay) XRiteDevices  (08/21/2006 2.0.0.0) (HKLM\...\BE6334FA182AB4DD51AECFD703C81D6B65B2BBF3) (Version: 08/21/2006 2.0.0.0 - X-Rite)
WTW 1.10.0.4680 IM (HKLM\...\{1DF5019A-68B5-4ba1-8E59-E185C7B7FF11}) (Version: 1.10.0.4680 - K2T.eu)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-3609454662-1413584907-928193442-1001_Classes\CLSID\{71DCE5D6-4B57-496B-AC21-CD5B54EB93FD}\localserver32 -> C:\Users\Michael Jackson\AppData\Local\Microsoft\OneDrive\17.3.6302.0225\FileCoAuth.exe (Microsoft Corporation)

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {76136353-E996-47F6-AC12-C9AAF00BBAEF} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-12-14] (Adobe Systems Incorporated)
Task: {7FFD988F-1E02-44E0-8EF2-55FBA6B5D07D} - System32\Tasks\AutoPico Daily Restart => C:\Program Files\KMSpico\AutoPico.exe [2015-08-15] (@ByELDI)
Task: {8D3A33F9-953B-4463-A8C8-F81DF0DBF34F} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2016-04-03] (Microsoft Corporation)
Task: {953C4CF7-4622-433E-8AA4-5EA9AD33407D} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2016-04-03] (Microsoft Corporation)
Task: {B5689AFF-9EB5-49FB-85FD-442B06058B86} - System32\Tasks\AdobeAAMUpdater-1.0-DESKTOP-PBETDGK-Michael Jackson => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2015-05-26] (Adobe Systems Incorporated)
Task: {E4F50BDC-DC2B-4A76-A3F4-FC132A4C48B4} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\Windows\system32\MRT.exe [2016-04-13] (Microsoft Corporation)
Task: {EECC8CF4-642D-4416-BC16-AC836E145DFC} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [2016-04-03] (Microsoft Corporation)
Task: {FE97E77D-48E6-4A55-B357-62E93656F904} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [2016-04-03] (Microsoft Corporation)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


==================== Shortcuts =============================

(The entries could be listed to be restored or removed.)

==================== Loaded Modules (Whitelisted) ==============

2015-07-10 13:00 - 2015-07-10 13:00 - 00028160 _____ () C:\Windows\SYSTEM32\efsext.dll
2015-08-20 21:01 - 2015-07-15 04:04 - 00032768 _____ () C:\Windows\SYSTEM32\licensemanagerapi.dll
2015-08-20 21:05 - 2015-10-13 19:26 - 00125616 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2015-08-20 21:02 - 2015-08-11 11:14 - 00404480 _____ () C:\Windows\System32\diagtrack_wininternal.dll
2015-08-24 21:16 - 2016-04-03 04:34 - 00172224 _____ () C:\Program Files\Common Files\Microsoft Shared\ClickToRun\ApiClient.dll
2016-04-13 00:53 - 2016-03-16 06:55 - 02495768 _____ () C:\Windows\system32\CoreUIComponents.dll
2016-04-13 00:53 - 2016-03-16 06:55 - 02495768 _____ () C:\Windows\System32\CoreUIComponents.dll
2016-03-11 10:37 - 2016-04-03 13:34 - 08919232 _____ () C:\Program Files\Microsoft Office\root\Office16\1033\GrooveIntlResource.dll
2015-10-01 17:19 - 2015-09-17 07:48 - 00429056 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\QuickActions.dll
2015-12-09 21:53 - 2015-11-25 06:20 - 06569472 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2015-12-09 21:53 - 2015-11-25 06:17 - 00471040 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2015-12-09 21:53 - 2015-11-25 06:17 - 01808384 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2015-10-01 17:20 - 2015-09-17 07:43 - 02274816 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
2015-08-20 22:20 - 2015-07-15 17:36 - 00148080 _____ () C:\Program Files\EIZO\ColorNavigator 6\ColorNavigator 6.exe
2015-08-20 22:20 - 2015-07-15 17:36 - 00080496 _____ () C:\Program Files\EIZO\ColorNavigator 6\core\cn6_eacore.exe
2015-08-20 21:27 - 2016-02-01 00:44 - 00019456 _____ () C:\Program Files\K2T\WTW\libCryptoLayer.module
2015-08-20 21:27 - 2016-02-01 00:44 - 00088064 _____ () C:\Program Files\K2T\WTW\libCryptoWtw.module
2015-08-20 21:27 - 2016-02-01 00:44 - 00577024 _____ () C:\Program Files\K2T\WTW\libImage.module
2015-08-20 21:27 - 2016-02-01 00:44 - 00555008 _____ () C:\Program Files\K2T\WTW\libSQ3.module
2015-08-20 21:27 - 2016-02-01 00:44 - 00092160 _____ () C:\Program Files\K2T\WTW\libZlib.module
2015-08-20 21:27 - 2016-02-01 00:44 - 00129024 _____ () C:\Program Files\K2T\WTW\libExpat.module
2015-08-20 21:27 - 2016-02-01 00:44 - 00442880 _____ () C:\Program Files\K2T\WTW\libLexer.module
2015-08-20 21:27 - 2016-02-01 00:44 - 00014336 _____ () C:\Program Files\K2T\WTW\libWin8.module
2016-01-16 15:12 - 2015-12-29 13:17 - 00253800 _____ () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\collector.dll
2016-01-16 15:12 - 2015-12-29 13:17 - 00110952 _____ () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\zlib1.dll
2016-01-16 15:12 - 2015-12-29 13:17 - 00295272 _____ () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\stat.dll
2016-01-16 15:12 - 2015-12-29 13:17 - 00104296 _____ () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\boost_filesystem-vc120-mt-1_56.dll
2016-01-16 15:12 - 2015-12-29 13:17 - 00020328 _____ () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\boost_system-vc120-mt-1_56.dll
2016-01-16 15:12 - 2015-12-29 13:17 - 00044392 _____ () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\boost_date_time-vc120-mt-1_56.dll
2016-03-11 10:38 - 2016-04-03 12:41 - 08919240 _____ () C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\1033\GrooveIntlResource.dll
2015-08-20 22:21 - 2015-07-15 17:35 - 00172032 _____ () C:\Program Files\EIZO\ColorNavigator 6\core\libcolour.dll
2015-08-20 22:21 - 2015-07-15 17:35 - 00946176 _____ () C:\Program Files\EIZO\ColorNavigator 6\core\plugins\cn_Procs.dll
2015-08-20 22:21 - 2015-07-15 17:35 - 00136192 _____ () C:\Program Files\EIZO\ColorNavigator 6\core\libimpronta.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)


==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== EXE Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)


==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2015-07-10 13:04 - 2016-04-15 16:20 - 00000027 ____A C:\Windows\system32\Drivers\etc\hosts

127.0.0.1       localhost

==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-3609454662-1413584907-928193442-1001\Control Panel\Desktop\\Wallpaper -> 
DNS Servers: 80.243.191.66 - 8.8.8.8
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)

HKLM\...\StartupApproved\Run32: => "UniColor Pro"

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [{DAD96BFD-2B8B-4BB3-8233-E3409535F044}] => (Allow) C:\Program Files\EIZO\ColorNavigator 6\core\cn6_eacore.exe
FirewallRules: [{CF26738F-2945-436C-AB13-4F364395F391}] => (Allow) C:\Program Files\EIZO\ColorNavigator 6\core\cn6_eacore.exe
FirewallRules: [{7CF2BB2C-E156-402D-9130-C8B249FF5E06}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{C645D882-9A55-42C6-A2E5-FA15DC8FC674}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{EEF3EBF0-7B5B-4FE5-AE16-BB21636E7D27}] => (Allow) C:\Users\Michael Jackson\AppData\Roaming\BitTorrent\BitTorrent.exe
FirewallRules: [{4AAB920F-F92C-412B-A059-BE265A1BE59D}] => (Allow) C:\Users\Michael Jackson\AppData\Roaming\BitTorrent\BitTorrent.exe
FirewallRules: [{7575F286-422D-41EE-B610-27F1674834F0}] => (Allow) C:\Users\Michael Jackson\AppData\Roaming\BitTorrent\BitTorrent.exe
FirewallRules: [{AD53F57B-6790-4FB3-B4CA-0C8B7471510C}] => (Allow) C:\Users\Michael Jackson\AppData\Roaming\BitTorrent\BitTorrent.exe
FirewallRules: [{8F44E05D-FAD6-4D0B-806D-B49FB57A6F90}] => (Allow) C:\Users\Michael Jackson\AppData\Roaming\BitTorrent\BitTorrent.exe
FirewallRules: [{F8ABB80B-1569-4CE8-9E42-B758A765708D}] => (Allow) C:\Users\Michael Jackson\AppData\Roaming\BitTorrent\BitTorrent.exe
FirewallRules: [{EE5418C4-EF72-429F-92BA-AE1D086979CF}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\outlook.exe
FirewallRules: [{A7DBD273-FD42-47BF-89C4-8D1F761712CD}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\Lync.exe
FirewallRules: [{FEA1379E-98CC-42BB-884E-601E6A299586}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\UcMapi.exe
FirewallRules: [{3CDEE184-8533-4108-A34E-287092AD6381}] => (Allow) C:\Program Files\K2T\WTW\wtw.exe
FirewallRules: [{E9C2D9BF-2BF0-4328-9BA0-73BF4AA18FDD}] => (Allow) C:\Program Files\K2T\WTW\wtw.exe
FirewallRules: [{1BE3D94C-9392-4C61-9B81-F5F48EB6F354}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{3C5E20F6-A3DD-4EAA-9E3C-C2645A82D105}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{8936210A-3D42-4DE8-B8A9-28FB8D0B6219}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\Lync.exe
FirewallRules: [{A37AC8BC-F8B3-4ED4-8999-2F38A2C9F740}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\UcMapi.exe
FirewallRules: [{432013CE-4FD3-4E9B-AE04-B34C9ED03EBA}] => (Allow) C:\Program Files (x86)\NapiProjekt\napisy.exe
FirewallRules: [{E16986E3-B50E-4643-B696-64E06130694B}] => (Allow) C:\Program Files (x86)\NapiProjekt\napisy.exe
FirewallRules: [TCP Query User{A8242835-3B1C-423C-9430-87AD63B154EF}C:\program files\totalcmd\totalcmd64.exe] => (Allow) C:\program files\totalcmd\totalcmd64.exe
FirewallRules: [UDP Query User{6A7CAFA6-03A2-4D34-9D00-58C0FA6B5D5F}C:\program files\totalcmd\totalcmd64.exe] => (Allow) C:\program files\totalcmd\totalcmd64.exe
FirewallRules: [{4C84388E-15E5-466F-BC7D-53BB71D7117B}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{E59B1239-CEBF-40E6-B057-B9081D626BB4}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{428F26AF-6F9C-4D7C-870C-226F01AE2E55}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{B3718024-52D0-40D0-87EA-4AC96AC0A979}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe

==================== Restore Points =========================

27-03-2016 15:15:22 Scheduled Checkpoint
05-04-2016 10:20:01 Scheduled Checkpoint
12-04-2016 20:48:14 Scheduled Checkpoint

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (04/15/2016 05:02:53 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: vlc.exe, version: 2.2.1.0, time stamp: 0x00000004
Faulting module name: libqt4_plugin.dll, version: 2.2.1.0, time stamp: 0x00020002
Exception code: 0x40000015
Fault offset: 0x007ca10a
Faulting process id: 0x149c
Faulting application start time: 0xvlc.exe0
Faulting application path: vlc.exe1
Faulting module path: vlc.exe2
Report Id: vlc.exe3
Faulting package full name: vlc.exe4
Faulting package-relative application ID: vlc.exe5

Error: (04/15/2016 01:24:15 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: egui.exe, version: 8.0.319.0, time stamp: 0x559d2313
Faulting module name: ToastNotify.dll, version: 8.0.319.0, time stamp: 0x559d2398
Exception code: 0xc0000005
Fault offset: 0x0000000000002f3e
Faulting process id: 0xb68
Faulting application start time: 0xegui.exe0
Faulting application path: egui.exe1
Faulting module path: egui.exe2
Report Id: egui.exe3
Faulting package full name: egui.exe4
Faulting package-relative application ID: egui.exe5

Error: (04/15/2016 09:17:31 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: egui.exe, version: 8.0.319.0, time stamp: 0x559d2313
Faulting module name: ToastNotify.dll, version: 8.0.319.0, time stamp: 0x559d2398
Exception code: 0xc0000005
Fault offset: 0x0000000000002f3e
Faulting process id: 0x12b0
Faulting application start time: 0xegui.exe0
Faulting application path: egui.exe1
Faulting module path: egui.exe2
Report Id: egui.exe3
Faulting package full name: egui.exe4
Faulting package-relative application ID: egui.exe5

Error: (04/14/2016 07:25:47 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: egui.exe, version: 8.0.319.0, time stamp: 0x559d2313
Faulting module name: ToastNotify.dll, version: 8.0.319.0, time stamp: 0x559d2398
Exception code: 0xc0000005
Fault offset: 0x0000000000002f3e
Faulting process id: 0x1808
Faulting application start time: 0xegui.exe0
Faulting application path: egui.exe1
Faulting module path: egui.exe2
Report Id: egui.exe3
Faulting package full name: egui.exe4
Faulting package-relative application ID: egui.exe5

Error: (04/14/2016 12:45:49 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: DESKTOP-PBETDGK)
Description: Activation of app Microsoft.Windows.Photos_8wekyb3d8bbwe!App failed with error: -2147023170 See the Microsoft-Windows-TWinUI/Operational log for additional information.

Error: (04/14/2016 12:26:18 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: egui.exe, version: 8.0.319.0, time stamp: 0x559d2313
Faulting module name: ToastNotify.dll, version: 8.0.319.0, time stamp: 0x559d2398
Exception code: 0xc0000005
Fault offset: 0x0000000000002f3e
Faulting process id: 0x3dc
Faulting application start time: 0xegui.exe0
Faulting application path: egui.exe1
Faulting module path: egui.exe2
Report Id: egui.exe3
Faulting package full name: egui.exe4
Faulting package-relative application ID: egui.exe5

Error: (04/13/2016 08:28:04 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: egui.exe, version: 8.0.319.0, time stamp: 0x559d2313
Faulting module name: ToastNotify.dll, version: 8.0.319.0, time stamp: 0x559d2398
Exception code: 0xc0000005
Fault offset: 0x0000000000002f3e
Faulting process id: 0x171c
Faulting application start time: 0xegui.exe0
Faulting application path: egui.exe1
Faulting module path: egui.exe2
Report Id: egui.exe3
Faulting package full name: egui.exe4
Faulting package-relative application ID: egui.exe5

Error: (04/13/2016 07:28:39 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: egui.exe, version: 8.0.319.0, time stamp: 0x559d2313
Faulting module name: ToastNotify.dll, version: 8.0.319.0, time stamp: 0x559d2398
Exception code: 0xc0000005
Fault offset: 0x0000000000002f3e
Faulting process id: 0x1bc4
Faulting application start time: 0xegui.exe0
Faulting application path: egui.exe1
Faulting module path: egui.exe2
Report Id: egui.exe3
Faulting package full name: egui.exe4
Faulting package-relative application ID: egui.exe5

Error: (04/13/2016 01:17:58 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: egui.exe, version: 8.0.319.0, time stamp: 0x559d2313
Faulting module name: ToastNotify.dll, version: 8.0.319.0, time stamp: 0x559d2398
Exception code: 0xc0000005
Fault offset: 0x0000000000002f3e
Faulting process id: 0x404
Faulting application start time: 0xegui.exe0
Faulting application path: egui.exe1
Faulting module path: egui.exe2
Report Id: egui.exe3
Faulting package full name: egui.exe4
Faulting package-relative application ID: egui.exe5

Error: (04/12/2016 11:59:19 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: AutoPico.exe, version: 15.0.0.3, time stamp: 0x55ceabe9
Faulting module name: KERNELBASE.dll, version: 10.0.10240.16683, time stamp: 0x56ad97a2
Exception code: 0xe0434352
Fault offset: 0x000000000002a1c8
Faulting process id: 0x1908
Faulting application start time: 0xAutoPico.exe0
Faulting application path: AutoPico.exe1
Faulting module path: AutoPico.exe2
Report Id: AutoPico.exe3
Faulting package full name: AutoPico.exe4
Faulting package-relative application ID: AutoPico.exe5


System errors:
=============
Error: (04/15/2016 06:03:20 PM) (Source: BugCheck) (EventID: 1001) (User: )
Description: 0x000000ef (0xffffe001f8cf9080, 0x0000000000000000, 0x0000000000000000, 0x0000000000000000)C:\Windows\MEMORY.DMP041516-21171-01

Error: (04/15/2016 06:03:15 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: The previous system shutdown at 18:01:07 on ‎15.‎04.‎2016 was unexpected.

Error: (04/15/2016 04:59:09 PM) (Source: Service Control Manager) (EventID: 7038) (User: )
Description: The WerSvc service was unable to log on as NT AUTHORITY\SYSTEM with the currently configured password due to the following error: 
%%50

To ensure that the service is configured properly, use the Services snap-in in Microsoft Management Console (MMC).

Error: (04/15/2016 04:59:04 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The User Data Access_Session1 service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 10000 milliseconds: Restart the service.

Error: (04/15/2016 04:59:04 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The User Data Storage_Session1 service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 10000 milliseconds: Restart the service.

Error: (04/15/2016 04:59:04 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The Contact Data_Session1 service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 10000 milliseconds: Restart the service.

Error: (04/15/2016 04:59:04 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The Sync Host_Session1 service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 10000 milliseconds: Restart the service.

Error: (04/15/2016 02:20:14 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The User Data Access_Session1 service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 10000 milliseconds: Restart the service.

Error: (04/15/2016 02:20:14 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The User Data Storage_Session1 service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 10000 milliseconds: Restart the service.

Error: (04/15/2016 02:20:14 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The Contact Data_Session1 service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 10000 milliseconds: Restart the service.


==================== Memory info =========================== 

Processor: Pentium(R) Dual-Core CPU E6500 @ 2.93GHz
Percentage of memory in use: 49%
Total physical RAM: 4094.49 MB
Available physical RAM: 2052.4 MB
Total Virtual: 6014.49 MB
Available Virtual: 3768.45 MB

==================== Drives ================================

Drive c: (WDRED1_System) (Fixed) (Total:244.14 GB) (Free:172.79 GB) NTFS ==>[drive with boot components (obtained from BCD)]
Drive e: (WDRED2_Glowny) (Fixed) (Total:1269.53 GB) (Free:648.93 GB) NTFS
Drive f: (WDRED3_Stuff) (Fixed) (Total:1280.85 GB) (Free:945.69 GB) NTFS
Drive j: (WDGREEN1_Kopie) (Fixed) (Total:1152.68 GB) (Free:530.51 GB) NTFS
Drive l: (WDGREEN2_Kopie) (Fixed) (Total:1152.68 GB) (Free:844.65 GB) NTFS
Drive z: (Maxtor_Kopie) (Fixed) (Total:465.76 GB) (Free:1.48 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 2794.5 GB) (Disk ID: A1985833)
Partition 1: (Active) - (Size=244.1 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=1269.5 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=1280.8 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (Size: 465.8 GB) (Disk ID: A6365ACC)
Partition 1: (Not Active) - (Size=465.8 GB) - (Type=07 NTFS)

========================================================
Disk: 2 (MBR Code: Windows 7 or 8) (Size: 2305.5 GB) (Disk ID: 00000000)

Partition: GPT.

==================== End of Addition.txt ============================