Additional scan result of Farbar Recovery Scan Tool (x64) Version: 29-04-2015 01 Ran by Damian at 2015-05-01 10:51:36 Running from C:\Users\Damian\Downloads Boot Mode: Normal ========================================================== ==================== Accounts: ============================= Administrator (S-1-5-21-2873684722-1015400582-2217056914-500 - Administrator - Disabled) Damian (S-1-5-21-2873684722-1015400582-2217056914-1001 - Administrator - Enabled) => C:\Users\Damian Gość (S-1-5-21-2873684722-1015400582-2217056914-501 - Limited - Disabled) UpdatusUser (S-1-5-21-2873684722-1015400582-2217056914-1003 - Limited - Enabled) ==================== Security Center ======================== (If an entry is included in the fixlist, it will be removed.) AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} ==================== Installed Programs ====================== (Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.) Adobe Flash Player 17 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 17.0.0.169 - Adobe Systems Incorporated) Adobe Reader XI (11.0.10) - Polish (HKLM-x32\...\{AC76BA86-7AD7-1045-7B44-AB0000000001}) (Version: 11.0.10 - Adobe Systems Incorporated) Akamai NetSession Interface (HKU\S-1-5-21-2873684722-1015400582-2217056914-1001\...\Akamai) (Version: - Akamai Technologies, Inc) Aktualizacje NVIDIA 17.12.8 (Version: 17.12.8 - NVIDIA Corporation) Hidden CCleaner (HKLM\...\CCleaner) (Version: 5.03 - Piriform) CDBurnerXP (HKLM-x32\...\{7E265513-8CDA-4631-B696-F40D983F3B07}_is1) (Version: 4.5.4.5306 - CDBurnerXP) CGS17_Setup_x64 (Version: 17.0 - Corel Corporation) Hidden Colin McRae Rally 04 (HKLM-x32\...\{F8718F95-21A1-44B9-97EC-679C93020BAE}) (Version: 1.01 - Codemasters) Combat Arms EU (HKLM-x32\...\Combat Arms EU) (Version: - ) Corel Graphics - Windows Shell Extension (HKLM\...\_{4AB916EE-ABA8-4079-9889-745798B6D809}) (Version: 17.0.0.491 - Corel Corporation) Corel Graphics - Windows Shell Extension (Version: 17.0.491 - Corel Corporation) Hidden Corel Graphics - Windows Shell Extension 32 Bit (Version: 17.0.491 - Corel Corporation) Hidden CorelDRAW Graphics Suite X7 - Capture (x64) (Version: 17.0 - Corel Corporation) Hidden CorelDRAW Graphics Suite X7 - Common (x64) (Version: 17.0 - Corel Corporation) Hidden CorelDRAW Graphics Suite X7 - Connect (x64) (Version: 17.0 - Corel Corporation) Hidden CorelDRAW Graphics Suite X7 - Custom Data (x64) (Version: 17.0 - Corel Corporation) Hidden CorelDRAW Graphics Suite X7 - Draw (x64) (Version: 17.0 - Corel Corporation) Hidden CorelDRAW Graphics Suite X7 - Filters (x64) (Version: 17.0 - Corel Corporation) Hidden CorelDRAW Graphics Suite X7 - FontNav (x64) (Version: 17.0 - Corel Corporation) Hidden CorelDRAW Graphics Suite X7 - IPM Content (x64) (Version: 17.0 - Corel Corporation) Hidden CorelDRAW Graphics Suite X7 - IPM T (x64) (Version: 17.0 - Corel Corporation) Hidden CorelDRAW Graphics Suite X7 - PHOTO-PAINT (x64) (Version: 17.0 - Corel Corporation) Hidden CorelDRAW Graphics Suite X7 - Photozoom Plugin (x64) (Version: 17.0 - Corel Corporation) Hidden CorelDRAW Graphics Suite X7 - PL (x64) (Version: 17.0 - Corel Corporation) Hidden CorelDRAW Graphics Suite X7 - Redist (x64) (Version: 17.0 - Corel Corporation) Hidden CorelDRAW Graphics Suite X7 - Setup Files (x64) (Version: 17.0 - Corel Corporation) Hidden CorelDRAW Graphics Suite X7 - VBA (x64) (Version: 17.0 - Corel Corporation) Hidden CorelDRAW Graphics Suite X7 - VideoBrowser (x64) (Version: 17.0 - Corel Corporation) Hidden CorelDRAW Graphics Suite X7 - Writing Tools (x64) (Version: 17.0 - Corel Corporation) Hidden CorelDRAW Graphics Suite X7 (64-Bit) (HKLM\...\_{5CB73140-806C-42C6-A05A-1AFD0E92DEB5}) (Version: 17.0.0.491 - Corel Corporation) Counter-Strike (HKLM-x32\...\Steam App 10) (Version: - Valve) Dead Rising 2: Off The Record (x32 Version: 1.0.0001.131 - Capcom) Hidden Dolby Digital Plus Home Theater (HKLM\...\{7E3D8FA1-6092-469A-955B-68FC4A2C67CA}) (Version: 7.6.3.1 - Dolby Laboratories Inc) DriverUpdate (HKLM-x32\...\{F6FC7DD8-B1C7-4572-9296-D09923970A8A}) (Version: 2.3.0 - SlimWare Utilities, Inc.) Energy Manager (HKLM-x32\...\InstallShield_{AC768037-7079-4658-AC24-2897650E0ABE}) (Version: 1.0.1.51 - Lenovo) Energy Manager (x32 Version: 1.0.1.51 - Lenovo) Hidden Eusing Free Registry Cleaner (HKLM-x32\...\Eusing Free Registry Cleaner) (Version: - Eusing Software) Fuse Drivers x64 (HKLM-x32\...\{06904B2B-5000-4C58-9471-256BA1A303BE}) (Version: 11.34.1 - Nokia) Genesys USB Mass Storage Device (HKLM-x32\...\{959B7F35-2819-40C5-A0CD-3C53B5FCC935}) (Version: 4.3.0.7 - Genesys Logic) Google Chrome (HKLM-x32\...\Google Chrome) (Version: 42.0.2311.135 - Google Inc.) Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden Google Update Helper (x32 Version: 1.3.26.9 - Google Inc.) Hidden Intel(R) C++ Redistributables for Windows* on Intel(R) 64 (HKLM-x32\...\{D2437C5C-2D8C-40D2-8059-689AD7239FA3}) (Version: 11.1.048 - Intel Corporation) Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 10.0.2.1000 - Intel Corporation) Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.14.4170 - Intel Corporation) Intel(R) PROSet/Wireless Software for Bluetooth(R) Technology (HKLM\...\{302600C1-6BDF-4FD1-1309-148929CC1385}) (Version: 3.1.1309.0390 - Intel Corporation) Java(TM) 7 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217000FF}) (Version: 7.0.0 - Oracle) KMSpico v9.3.3 (HKLM\...\{8B29D47F-92E2-4C20-9EE0-F710991F5D7C}_is1) (Version: 9.3.2 - ) Lenovo EasyCamera (HKLM-x32\...\{E0A7ED39-8CD6-4351-93C3-69CCA00D12B4}) (Version: 6.2.9200.10253 - Realtek Semiconductor Corp.) Lumia UEFI Blue Driver (HKLM-x32\...\{5E80E23F-3BB2-4827-A703-EA7E180AA6A9}) (Version: 1.1.5.1416 - Nokia) Microsoft Office Professional Plus 2013 (HKLM\...\Office15.PROPLUS) (Version: 15.0.4420.1017 - Microsoft Corporation) Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.51106 (HKLM-x32\...\{8e70e4e1-06d7-470b-9f74-a51bef21088e}) (Version: 11.0.51106.1 - Microsoft Corporation) Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation) Narzędzia sprawdzające pakietu Microsoft Office 2013 — polski (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden NOKIA 3806 USB DRIVER Ver:1.5 (HKLM-x32\...\{6AE35C55-F02A-41EE-B694-8F2706FE4819}) (Version: 2.00.0000 - NOKIA) Nokia Care Suite PST 5.0 (HKLM-x32\...\{09FD0E5E-525F-4EF8-8828-E724FF95055E}) (Version: 5.2.92.1418 - Nokia) Nokia Connectivity Cable Driver (HKLM-x32\...\{D4BF151C-70A8-4CE2-906F-4173A575BAD9}) (Version: 7.1.182.0 - Nokia) NVIDIA GeForce Experience 2.2.2 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.2.2 - NVIDIA Corporation) NVIDIA Oprogramowanie systemu PhysX 9.14.0702 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.14.0702 - NVIDIA Corporation) NVIDIA Sterownik graficzny 347.88 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 347.88 - NVIDIA Corporation) Overwolf (HKLM-x32\...\Overwolf) (Version: 0.84.92.0 - Overwolf Ltd.) Pacote de Idiomas do Microsoft Visual Studio Tools for Applications 2012 x64 Hosting Support - PTB (Version: 11.0.51108 - Microsoft Corporation) Hidden Pacote de Idiomas do Microsoft Visual Studio Tools for Applications 2012 x86 Hosting Support - PTB (x32 Version: 11.0.51108 - Microsoft Corporation) Hidden Pakiet sterowników systemu Windows - Lenovo (ACPIVPC) System (02/17/2013 9.52.0.776) (HKLM\...\35DD26BE48DAF4A9F35F969F3CB1E3E1435E661E) (Version: 02/17/2013 9.52.0.776 - Lenovo) Pakiet sterowników systemu Windows - Lenovo (WUDFRd) LenovoVhid (07/25/2013 10.30.0.288) (HKLM\...\6BCA401E9CBEED970D75F55FA5320F60D11984E9) (Version: 07/25/2013 10.30.0.288 - Lenovo) Pakiet sterowników systemu Windows - Nokia pccsmcfd (08/22/2008 7.0.0.0) (HKLM\...\FCEC33AD40CEA5E0FC4CEE6E42041A0DA189652D) (Version: 08/22/2008 7.0.0.0 - Nokia) Panel sterowania NVIDIA 347.88 (Version: 347.88 - NVIDIA Corporation) Hidden PC Connectivity Solution (HKLM-x32\...\{9590C850-8A55-43DB-A413-DFF6E5636570}) (Version: 10.30.0.0 - Nokia) PL-2303 USB-to-Serial (HKLM-x32\...\{ECC3713C-08A4-40E3-95F1-7D0704F1CE5E}) (Version: 1.3.0 - Prolific Technology INC) Polski pakiet językowy dla narzędzi Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - PLK) (Version: 10.0.50903 - Microsoft Corporation) Qualcomm Atheros Inc.(R) AR81Family Gigabit/Fast Ethernet Driver (HKLM-x32\...\{3108C217-BE83-42E4-AE9E-A56A2A92E549}) (Version: 2.1.0.21 - Qualcomm Atheros Inc.) Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7404 - Realtek Semiconductor Corp.) screenSHU - the fastest screen capture ever. (HKLM-x32\...\screenSHU) (Version: - ) SHIELD Streaming (Version: 4.0.1000 - NVIDIA Corporation) Hidden SHIELD Wireless Controller Driver (Version: 17.12.8 - NVIDIA Corporation) Hidden Skype™ 7.3 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.3.101 - Skype Technologies S.A.) Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation) SteelSeries Engine (HKLM\...\SteelSeries Engine) (Version: 2.9.2014.1 - SteelSeries) Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 17.0.10.12 - Synaptics Incorporated) TeamSpeak 3 Client (HKU\S-1-5-21-2873684722-1015400582-2217056914-1001\...\TeamSpeak 3 Client) (Version: 3.0.16 - TeamSpeak Systems GmbH) TeamViewer 10 (HKLM-x32\...\TeamViewer) (Version: 10.0.38843 - TeamViewer) TimeOff 1.3 (HKLM-x32\...\TimeOff_is1) (Version: - Szpak & Company) Total Commander 64-bit (Remove or Repair) (HKLM\...\Totalcmd64) (Version: 8.51a - Ghisler Software GmbH) Unity Web Player (HKU\S-1-5-21-2873684722-1015400582-2217056914-1001\...\UnityWebPlayer) (Version: 4.6.0f2 - Unity Technologies ApS) USB Serial Port Driver (x64) (HKLM-x32\...\{53012BD2-D1A3-4530-9AE2-B0C503B5C1C2}) (Version: 2013.30.0.313 - Nokia) WinRAR 5.11 (64-bitowy) (HKLM\...\WinRAR archiver) (Version: 5.11.0 - win.rar GmbH) WinSweeper 2.1 (HKLM-x32\...\{96E8A815-3053-4616-AAC2-865E6B1792F5}_is1) (Version: - Solvusoft Corporation) WinUsb CoInstallers (HKLM-x32\...\{B7D4B08A-9D89-4369-B51C-92CF8C03D2F8}) (Version: 1.1.8.1406 - Nokia) WinUSB Compatible ID Drivers (HKLM-x32\...\{C97989C1-551F-4F41-A069-2A49567FD36B}) (Version: 1.1.6.1416 - Nokia) WinUSB Drivers ext (HKLM-x32\...\{0ED6AC75-474D-4511-B198-05B8C99F6B8B}) (Version: 1.1.7.1416 - Nokia) Языковой пакет для поддержки размещения набора средств Microsoft Visual Studio Tools для работы с приложениями 2012 (x64) - RUS (Version: 11.0.51108 - Microsoft Corporation) Hidden Языковой пакет для поддержки размещения набора средств Microsoft Visual Studio Tools для работы с приложениями 2012 (x86) - RUS (x32 Version: 11.0.51108 - Microsoft Corporation) Hidden ==================== Custom CLSID (selected items): ========================== (If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.) CustomCLSID: HKU\S-1-5-21-2873684722-1015400582-2217056914-1001_Classes\CLSID\{820D63D5-8CFF-46DE-86AF-4997DEDD6DB5}\localserver32 -> C:\Windows\system32\igfxEM.exe (Intel Corporation) ==================== Restore Points ========================= 30-04-2015 19:41:36 04-30 30-04-2015 21:22:31 Removed FixCleaner 30-04-2015 21:23:04 Removed Google Earth Pro. 30-04-2015 21:23:38 Removed Windows 8 Manager 30-04-2015 21:23:55 Removed SlimCleaner 30-04-2015 22:35:34 Restore Point Created by FRST ==================== Hosts content: ========================== (If needed Hosts: directive could be included in the fixlist to reset Hosts.) 2013-08-22 15:25 - 2015-04-30 20:37 - 00000761 ____A C:\Windows\system32\Drivers\etc\hosts 127.0.0.1 localhost ::1 localhost ==================== Scheduled Tasks (whitelisted) ============= (If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.) Task: {3A545C22-B4CB-4803-9A6C-C7E2707B3901} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-11-14] (Google Inc.) Task: {49803D22-951A-4559-AFC8-1956CE99BEC7} - System32\Tasks\Overwolf Updater Task => C:\Program Files (x86)\Overwolf\OverwolfUpdater.exe [2015-03-25] (Overwolf LTD) Task: {4E6687B5-65BC-47DD-8A74-7662C8954A48} - System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxconfig => C:\Windows\system32\GWX\GWXConfigManager.exe [2015-03-24] (Microsoft Corporation) Task: {592BAFCC-C5DB-4350-A7D1-BD149303E4AF} - System32\Tasks\Microsoft\Windows\Setup\gwx\runappraiser => C:\Windows\system32\GWX\GWXConfigManager.exe [2015-03-24] (Microsoft Corporation) Task: {7DCA3B5B-C8B8-4A92-B28A-ECF8862F9803} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe [2012-10-01] (Microsoft Corporation) Task: {87AAA21F-9D49-4567-BB85-51653AC2AED2} - System32\Tasks\CCleanerSkipUAC => D:\Program Files\CCleaner\CCleaner.exe [2015-02-19] (Piriform Ltd) Task: {8917F593-BBC6-49F0-8086-25B0EAF2F05E} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => D:\Program Files\Microsoft Office\Office15\msoia.exe [2012-10-01] (Microsoft Corporation) Task: {8AA520B3-CAAE-4C55-83A4-F694C7404501} - System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxcontent => C:\Windows\system32\GWX\GWXConfigManager.exe [2015-03-24] (Microsoft Corporation) Task: {A3A6C125-C18C-4420-B776-CB7E4CE48F55} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-04-23] (Adobe Systems Incorporated) Task: {B22020E2-A283-44F8-833A-18BD5233E6CB} - System32\Tasks\Microsoft Office 15 Sync Maintenance for KOMP-W-POKOJU-Damian komp-w-pokoju => D:\Program Files\Microsoft Office\Office15\MsoSync.exe [2015-02-10] (Microsoft Corporation) Task: {B5AAAFFE-56A9-4EE1-83D1-52D32AF7276A} - System32\Tasks\Microsoft\Windows\Setup\gwx\launchtrayprocess => C:\Windows\system32\GWX\GWX.exe [2015-03-24] (Microsoft Corporation) Task: {C54BB568-9B67-4F31-ACA1-6CD6C74F0B42} - System32\Tasks\Bidaily Synchronize Task => C:\ProgramData\{a2fb8fee-2190-6ab2-a2fb-b8fee2193fb8}\Setup.exe Task: {D6DB7242-CBD9-4C5F-B703-511B7B07F293} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-11-14] (Google Inc.) Task: {E8CC60EB-EBD0-4994-B59D-AC1E92578B11} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => D:\Program Files\Microsoft Office\Office15\msoia.exe [2012-10-01] (Microsoft Corporation) Task: {FBD27C64-687B-49BB-BBDA-76504C064827} - System32\Tasks\AutoPico Daily Restart => d:\Program Files\KMSpico\AutoPico.exe [2014-08-25] (@ByELDI) Task: {FCBA8F80-22DB-4E55-B764-10BFF2CD56DD} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\Windows\system32\MRT.exe [2015-04-24] (Microsoft Corporation) Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe Task: C:\Windows\Tasks\Bidaily Synchronize Task.job => C:\ProgramData\{a2fb8fee-2190-6ab2-a2fb-b8fee2193fb8}\Setup.exe Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe ==================== Loaded Modules (whitelisted) ============== 2015-04-30 20:58 - 2015-03-13 21:41 - 00011920 _____ () C:\Program Files\NVIDIA Corporation\CoProcManager\detoured.dll 2015-04-30 21:05 - 2015-03-13 18:16 - 00118472 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll 2014-10-03 18:36 - 2015-03-19 21:02 - 00393480 _____ () C:\Windows\system32\igfxTray.exe 2015-05-01 10:00 - 2015-04-28 04:07 - 01252680 _____ () C:\Program Files (x86)\Google\Chrome\Application\42.0.2311.135\libglesv2.dll 2015-05-01 10:00 - 2015-04-28 04:07 - 00080712 _____ () C:\Program Files (x86)\Google\Chrome\Application\42.0.2311.135\libegl.dll 2015-04-30 20:58 - 2015-03-13 21:41 - 00011920 _____ () C:\Program Files (x86)\NVIDIA Corporation\CoProcManager\detoured.dll 2014-04-29 17:23 - 2014-04-29 17:23 - 01241560 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll ==================== Alternate Data Streams (whitelisted) ========= (If an entry is included in the fixlist, only the Alternate Data Streams will be removed.) AlternateDataStreams: C:\Users\Damian\OneDrive:ms-properties ==================== Safe Mode (whitelisted) =================== (If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.) ==================== EXE Association (whitelisted) =============== (If an entry is included in the fixlist, the default will be restored. None default entries will be removed.) ==================== Internet Explorer trusted/restricted =============== (If an entry is included in the fixlist, the associated entry will be removed from the registry.) ==================== Other Areas ============================ (Currently there is no automatic fix for this section.) HKU\S-1-5-21-2873684722-1015400582-2217056914-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Damian\AppData\Local\Microsoft\Windows\Themes\RoamedThemeFiles\DesktopBackground\wp_20140720_020.jpg DNS Servers: 192.168.1.1 ==================== MSCONFIG/TASK MANAGER disabled items == (Currently there is no automatic fix for this section.) HKLM\...\StartupApproved\Run: => "BTMTrayAgent" HKLM\...\StartupApproved\Run32: => "Adobe ARM" HKLM\...\StartupApproved\Run32: => "SunJavaUpdateSched" HKLM\...\StartupApproved\Run32: => "NvBackend" HKU\S-1-5-21-2873684722-1015400582-2217056914-1001\...\StartupApproved\Run: => "BrowserChoice" HKU\S-1-5-21-2873684722-1015400582-2217056914-1001\...\StartupApproved\Run: => "GoogleChromeAutoLaunch_3F2E34BF7A244698209604940BA7FE5B" ==================== FirewallRules (whitelisted) =============== (If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.) FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139 FirewallRules: [SPPSVC-In-TCP] => (Allow) %SystemRoot%\system32\sppextcomobj.exe FirewallRules: [SPPSVC-In-TCP-NoScope] => (Allow) %SystemRoot%\system32\sppextcomobj.exe FirewallRules: [{0CB4DCFB-6724-4BD7-9859-AC8DD9EEEFD3}] => (Allow) D:\Program Files (x86)\Steam\Steam.exe FirewallRules: [{63E0A622-E025-4650-827E-AB9D2005C2B1}] => (Allow) D:\Program Files (x86)\Steam\Steam.exe FirewallRules: [{FB8A1551-7B93-48F2-A213-A4739A0DC5CA}] => (Allow) D:\Program Files (x86)\Steam\bin\steamwebhelper.exe FirewallRules: [{9C46D5B4-462D-4C8D-AADC-D8DEABC139E0}] => (Allow) D:\Program Files (x86)\Steam\bin\steamwebhelper.exe FirewallRules: [{239C7330-C880-47D9-848D-DF509FE34D60}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Half-Life\hl.exe FirewallRules: [{D1D3AEAF-7BC3-46A4-A66B-89766218E1D8}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Half-Life\hl.exe FirewallRules: [TCP Query User{844672B5-64A3-4DA5-9D3C-3C76469AD68A}D:\program files (x86)\prototype 2\prototype2.exe] => (Allow) D:\program files (x86)\prototype 2\prototype2.exe FirewallRules: [UDP Query User{9F17AB46-27DE-4C6F-92D8-C0395363ECF6}D:\program files (x86)\prototype 2\prototype2.exe] => (Allow) D:\program files (x86)\prototype 2\prototype2.exe FirewallRules: [TCP Query User{134B2EFF-244D-4CA4-A1D3-A45F36E63E4B}C:\program files (x86)\common files\nokia\fuse\fuse.exe] => (Allow) C:\program files (x86)\common files\nokia\fuse\fuse.exe FirewallRules: [UDP Query User{60FE51A7-4C14-4E13-A502-2641236EB65D}C:\program files (x86)\common files\nokia\fuse\fuse.exe] => (Allow) C:\program files (x86)\common files\nokia\fuse\fuse.exe FirewallRules: [{54D45D44-D02C-4743-952D-9769736A26A8}] => (Block) d:\Program Files\Corel\CorelDRAW Graphics Suite X7\Programs64\CorelDrw.exe FirewallRules: [{D9B0FF40-A0F3-4CBE-955E-A70CF8BC4337}] => (Block) d:\Program Files\Corel\CorelDRAW Graphics Suite X7\Programs64\CorelPP.exe FirewallRules: [TCP Query User{EAEB414A-8F76-4F76-8081-DA509F3C24C6}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe FirewallRules: [UDP Query User{D5582D02-289B-4223-B0C4-0EC63FB3E1DE}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe FirewallRules: [TCP Query User{BDCAFCD6-3B17-48A5-AFD3-C8D81BB891B9}C:\users\damian\appdata\local\akamai\netsession_win.exe] => (Allow) C:\users\damian\appdata\local\akamai\netsession_win.exe FirewallRules: [UDP Query User{35509F2B-0514-4E78-9228-25D131E007AC}C:\users\damian\appdata\local\akamai\netsession_win.exe] => (Allow) C:\users\damian\appdata\local\akamai\netsession_win.exe FirewallRules: [{7FBEB57B-2B0C-4817-9188-77A94BFA71D3}] => (Allow) D:\Combat Arms EU\NMService.exe FirewallRules: [{2AC7D34A-8642-4E24-A425-840241270099}] => (Allow) D:\Combat Arms EU\NMService.exe FirewallRules: [{AA4E75F4-1EDD-4D1C-B8EC-FEDE7C4E4441}] => (Allow) D:\Program Files (x86)\TeamViewer\TeamViewer.exe FirewallRules: [{22522C02-03FA-4A2B-8338-548D21FBD428}] => (Allow) D:\Program Files (x86)\TeamViewer\TeamViewer.exe FirewallRules: [{502072C8-7EC0-4350-95F6-13DF84101F8F}] => (Allow) D:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe FirewallRules: [{70351D72-DD1A-4E81-B3C1-52BAB1303A45}] => (Allow) D:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe FirewallRules: [TCP Query User{9194A78B-AF34-4FDE-AA9A-726CEE34D3C2}D:\combat arms eu\engine.exe] => (Block) D:\combat arms eu\engine.exe FirewallRules: [UDP Query User{32518F3D-DC7C-499C-AF9B-6C3F450EEB85}D:\combat arms eu\engine.exe] => (Block) D:\combat arms eu\engine.exe FirewallRules: [TCP Query User{A5DAC394-937E-462A-B067-054F26505D1D}C:\program files (x86)\common files\nokia\fuse\fuseservice.exe] => (Allow) C:\program files (x86)\common files\nokia\fuse\fuseservice.exe FirewallRules: [UDP Query User{AC90B215-03FE-48AE-B74C-5944891C8436}C:\program files (x86)\common files\nokia\fuse\fuseservice.exe] => (Allow) C:\program files (x86)\common files\nokia\fuse\fuseservice.exe FirewallRules: [TCP Query User{9481C559-16C7-4A4C-B135-FF0A3A3CC68F}D:\program files (x86)\nokia\nokia care suite\product support tool for store 5.0\productsupporttoolforstore.exe] => (Allow) D:\program files (x86)\nokia\nokia care suite\product support tool for store 5.0\productsupporttoolforstore.exe FirewallRules: [UDP Query User{B963377E-DC4B-454A-BE2B-6B131661F9A8}D:\program files (x86)\nokia\nokia care suite\product support tool for store 5.0\productsupporttoolforstore.exe] => (Allow) D:\program files (x86)\nokia\nokia care suite\product support tool for store 5.0\productsupporttoolforstore.exe FirewallRules: [{E1A4BABC-7D4D-4E2E-866C-04D0F90D5AC1}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe FirewallRules: [{69C8801E-D5B3-45F8-8BB4-A69B637E5387}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe FirewallRules: [{1876146C-CB4C-4A42-BC24-3C65BE13B75D}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe FirewallRules: [{3A1BA64B-AAD5-4116-899D-1B5022B14AA0}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe FirewallRules: [{1397FEB1-07BD-4838-BC40-B0929A76BE25}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe FirewallRules: [{AF81600F-C8ED-4A0E-A24B-EA0E6903FDAA}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe FirewallRules: [{D62DF419-67AB-4841-8133-90A716E1BFF2}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe ==================== Faulty Device Manager Devices ============= ==================== Event log errors: ========================= Application errors: ================== Error: (05/01/2015 10:48:58 AM) (Source: Application Error) (EventID: 1000) (User: ) Description: Nazwa aplikacji powodującej błąd: Service_KMS.exe, wersja: 13.5.0.0, sygnatura czasowa: 0x53fb8768 Nazwa modułu powodującego błąd: KERNELBASE.dll, wersja: 6.3.9600.17415, sygnatura czasowa: 0x54505737 Kod wyjątku: 0xe0434352 Przesunięcie błędu: 0x0000000000008b9c Identyfikator procesu powodującego błąd: 0x8d4 Godzina uruchomienia aplikacji powodującej błąd: 0xService_KMS.exe0 Ścieżka aplikacji powodującej błąd: Service_KMS.exe1 Ścieżka modułu powodującego błąd: Service_KMS.exe2 Identyfikator raportu: Service_KMS.exe3 Pełna nazwa pakietu powodującego błąd: Service_KMS.exe4 Identyfikator aplikacji względem pakietu powodującego błąd: Service_KMS.exe5 Error: (05/01/2015 10:48:55 AM) (Source: .NET Runtime) (EventID: 1026) (User: ) Description: Aplikacja: Service_KMS.exe Wersja architektury: v4.0.30319 Opis: proces został przerwany z powodu nieobsłużonego wyjątku. Informacje o wyjątku: System.IO.IOException Stos: w System.IO.__Error.WinIOError(Int32, System.String) w System.IO.FileStream.Init(System.String, System.IO.FileMode, System.IO.FileAccess, Int32, Boolean, System.IO.FileShare, Int32, System.IO.FileOptions, SECURITY_ATTRIBUTES, System.String, Boolean, Boolean, Boolean) w System.IO.FileStream..ctor(System.String, System.IO.FileMode, System.IO.FileAccess, System.IO.FileShare, Int32, System.IO.FileOptions, System.String, Boolean, Boolean, Boolean) w System.IO.StreamWriter..ctor(System.String, Boolean, System.Text.Encoding, Int32, Boolean) w System.IO.StreamWriter..ctor(System.String, Boolean, System.Text.Encoding, Int32) w System.IO.StreamWriter..ctor(System.String, Boolean, System.Text.Encoding) w System.IO.File.InternalAppendAllText(System.String, System.String, System.Text.Encoding) w Service_KMS.Logging.FileLogger.ᜀ(System.String ByRef) w System.Threading.ExecutionContext.RunInternal(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean) w System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean) w System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object) w System.Threading.ThreadHelper.ThreadStart() Error: (05/01/2015 10:24:31 AM) (Source: Desktop Window Manager) (EventID: 9020) (User: ) Description: Menedżer okien pulpitu napotkał błąd krytyczny (0x8898008d). Error: (04/30/2015 10:35:32 PM) (Source: VSS) (EventID: 8194) (User: ) Description: Błąd Usługi kopiowania woluminów w tle: nieoczekiwany błąd podczas badania interfejsu IVssWriterCallback. hr = 0x80070005, Odmowa dostępu. . To jest często spowodowane przez niepoprawne ustawienia zabezpieczeń w procesie zapisującym lub żądającym. Operacja: Zbieranie danych modułu zapisującego Kontekst: Identyfikator klasy modułu zapisującego: {e8132975-6f93-4464-a53e-1050253ae220} Nazwa modułu zapisującego: System Writer Identyfikator wystąpienia modułu zapisującego: {1b0e9ead-89c1-4b51-87f6-715aec2c9a4d} Error: (04/30/2015 09:48:16 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Nazwa aplikacji powodującej błąd: cleanmgr.exe, wersja: 6.3.9600.17415, sygnatura czasowa: 0x54504e1a Nazwa modułu powodującego błąd: KERNELBASE.dll, wersja: 6.3.9600.17415, sygnatura czasowa: 0x54505737 Kod wyjątku: 0xc06d007e Przesunięcie błędu: 0x0000000000008b9c Identyfikator procesu powodującego błąd: 0xdf4 Godzina uruchomienia aplikacji powodującej błąd: 0xcleanmgr.exe0 Ścieżka aplikacji powodującej błąd: cleanmgr.exe1 Ścieżka modułu powodującego błąd: cleanmgr.exe2 Identyfikator raportu: cleanmgr.exe3 Pełna nazwa pakietu powodującego błąd: cleanmgr.exe4 Identyfikator aplikacji względem pakietu powodującego błąd: cleanmgr.exe5 Error: (04/30/2015 09:48:12 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Nazwa aplikacji powodującej błąd: cleanmgr.exe, wersja: 6.3.9600.17415, sygnatura czasowa: 0x54504e1a Nazwa modułu powodującego błąd: KERNELBASE.dll, wersja: 6.3.9600.17415, sygnatura czasowa: 0x54505737 Kod wyjątku: 0xc06d007e Przesunięcie błędu: 0x0000000000008b9c Identyfikator procesu powodującego błąd: 0xbec Godzina uruchomienia aplikacji powodującej błąd: 0xcleanmgr.exe0 Ścieżka aplikacji powodującej błąd: cleanmgr.exe1 Ścieżka modułu powodującego błąd: cleanmgr.exe2 Identyfikator raportu: cleanmgr.exe3 Pełna nazwa pakietu powodującego błąd: cleanmgr.exe4 Identyfikator aplikacji względem pakietu powodującego błąd: cleanmgr.exe5 Error: (04/30/2015 09:25:45 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Nazwa aplikacji powodującej błąd: cleanmgr.exe, wersja: 6.3.9600.17415, sygnatura czasowa: 0x54504e1a Nazwa modułu powodującego błąd: KERNELBASE.dll, wersja: 6.3.9600.17415, sygnatura czasowa: 0x54505737 Kod wyjątku: 0xc06d007e Przesunięcie błędu: 0x0000000000008b9c Identyfikator procesu powodującego błąd: 0x1120 Godzina uruchomienia aplikacji powodującej błąd: 0xcleanmgr.exe0 Ścieżka aplikacji powodującej błąd: cleanmgr.exe1 Ścieżka modułu powodującego błąd: cleanmgr.exe2 Identyfikator raportu: cleanmgr.exe3 Pełna nazwa pakietu powodującego błąd: cleanmgr.exe4 Identyfikator aplikacji względem pakietu powodującego błąd: cleanmgr.exe5 Error: (04/30/2015 09:25:43 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Nazwa aplikacji powodującej błąd: cleanmgr.exe, wersja: 6.3.9600.17415, sygnatura czasowa: 0x54504e1a Nazwa modułu powodującego błąd: KERNELBASE.dll, wersja: 6.3.9600.17415, sygnatura czasowa: 0x54505737 Kod wyjątku: 0xc06d007e Przesunięcie błędu: 0x0000000000008b9c Identyfikator procesu powodującego błąd: 0x210 Godzina uruchomienia aplikacji powodującej błąd: 0xcleanmgr.exe0 Ścieżka aplikacji powodującej błąd: cleanmgr.exe1 Ścieżka modułu powodującego błąd: cleanmgr.exe2 Identyfikator raportu: cleanmgr.exe3 Pełna nazwa pakietu powodującego błąd: cleanmgr.exe4 Identyfikator aplikacji względem pakietu powodującego błąd: cleanmgr.exe5 System errors: ============= Error: (05/01/2015 10:49:05 AM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: Usługa Service KMSELDI niespodziewanie zakończyła pracę. Wystąpiło to razy: 1. Error: (05/01/2015 10:46:18 AM) (Source: Service Control Manager) (EventID: 7023) (User: ) Description: Usługa Wstępne ładowanie do pamięci zakończyła działanie; wystąpił następujący błąd: %%1062 Error: (05/01/2015 10:35:42 AM) (Source: DCOM) (EventID: 10010) (User: ZARZĄDZANIE NT) Description: {752073A1-23F2-4396-85F0-8FDB879ED0ED} Error: (04/30/2015 10:36:01 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Nie można uruchomić usługi Windows Search z powodu następującego błędu: %%1069 Error: (04/30/2015 10:36:01 PM) (Source: Service Control Manager) (EventID: 7038) (User: ) Description: Usługa WSearch nie może zalogować się jako NT AUTHORITY\SYSTEM za pomocą obecnie skonfigurowanego hasła z powodu następującego błędu: %%50 Aby upewnić się, że usługa jest skonfigurowana prawidłowo, użyj przystawki Usługi w programie Microsoft Management Console (MMC). Error: (04/30/2015 10:35:31 PM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: Usługa Service KMSELDI niespodziewanie zakończyła pracę. Wystąpiło to razy: 1. Error: (04/30/2015 10:35:31 PM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: Usługa Bufor wydruku niespodziewanie zakończyła pracę. Wystąpiło to razy: 1. W przeciągu 5000 milisekund zostanie podjęta następująca czynność korekcyjna: Uruchom usługę ponownie. Error: (04/30/2015 10:35:31 PM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: Usługa Windows Search niespodziewanie zakończyła pracę. Wystąpiło to razy: 1. W przeciągu 30000 milisekund zostanie podjęta następująca czynność korekcyjna: Uruchom usługę ponownie. Error: (04/30/2015 10:35:31 PM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: Usługa Intel(R) Capability Licensing Service TCP IP Interface niespodziewanie zakończyła pracę. Wystąpiło to razy: 1. Error: (04/30/2015 10:35:31 PM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: Usługa Bluetooth OBEX Service niespodziewanie zakończyła pracę. Wystąpiło to razy: 1. Microsoft Office Sessions: ========================= Error: (05/01/2015 10:48:58 AM) (Source: Application Error) (EventID: 1000) (User: ) Description: Service_KMS.exe13.5.0.053fb8768KERNELBASE.dll6.3.9600.1741554505737e04343520000000000008b9c8d401d083eb72c9e281d:\Program Files\KMSpico\Service_KMS.exeC:\Windows\system32\KERNELBASE.dlle7797b1d-efde-11e4-8297-28d244318f2f Error: (05/01/2015 10:48:55 AM) (Source: .NET Runtime) (EventID: 1026) (User: ) Description: Aplikacja: Service_KMS.exe Wersja architektury: v4.0.30319 Opis: proces został przerwany z powodu nieobsłużonego wyjątku. Informacje o wyjątku: System.IO.IOException Stos: w System.IO.__Error.WinIOError(Int32, System.String) w System.IO.FileStream.Init(System.String, System.IO.FileMode, System.IO.FileAccess, Int32, Boolean, System.IO.FileShare, Int32, System.IO.FileOptions, SECURITY_ATTRIBUTES, System.String, Boolean, Boolean, Boolean) w System.IO.FileStream..ctor(System.String, System.IO.FileMode, System.IO.FileAccess, System.IO.FileShare, Int32, System.IO.FileOptions, System.String, Boolean, Boolean, Boolean) w System.IO.StreamWriter..ctor(System.String, Boolean, System.Text.Encoding, Int32, Boolean) w System.IO.StreamWriter..ctor(System.String, Boolean, System.Text.Encoding, Int32) w System.IO.StreamWriter..ctor(System.String, Boolean, System.Text.Encoding) w System.IO.File.InternalAppendAllText(System.String, System.String, System.Text.Encoding) w Service_KMS.Logging.FileLogger.ᜀ(System.String ByRef) w System.Threading.ExecutionContext.RunInternal(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean) w System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean) w System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object) w System.Threading.ThreadHelper.ThreadStart() Error: (05/01/2015 10:24:31 AM) (Source: Desktop Window Manager) (EventID: 9020) (User: ) Description: 0x8898008d Error: (04/30/2015 10:35:32 PM) (Source: VSS) (EventID: 8194) (User: ) Description: 0x80070005, Odmowa dostępu. Operacja: Zbieranie danych modułu zapisującego Kontekst: Identyfikator klasy modułu zapisującego: {e8132975-6f93-4464-a53e-1050253ae220} Nazwa modułu zapisującego: System Writer Identyfikator wystąpienia modułu zapisującego: {1b0e9ead-89c1-4b51-87f6-715aec2c9a4d} Error: (04/30/2015 09:48:16 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: cleanmgr.exe6.3.9600.1741554504e1aKERNELBASE.dll6.3.9600.1741554505737c06d007e0000000000008b9cdf401d0837e9999e1c7C:\Windows\System32\cleanmgr.exeC:\Windows\system32\KERNELBASE.dlld74ff505-ef71-11e4-8294-28d244318f2f Error: (04/30/2015 09:48:12 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: cleanmgr.exe6.3.9600.1741554504e1aKERNELBASE.dll6.3.9600.1741554505737c06d007e0000000000008b9cbec01d0837e96e674f3C:\Windows\System32\cleanmgr.exeC:\Windows\system32\KERNELBASE.dlld500ad30-ef71-11e4-8294-28d244318f2f Error: (04/30/2015 09:25:45 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: cleanmgr.exe6.3.9600.1741554504e1aKERNELBASE.dll6.3.9600.1741554505737c06d007e0000000000008b9c112001d0837b74c1393fC:\Windows\System32\cleanmgr.exeC:\Windows\system32\KERNELBASE.dllb2774c7e-ef6e-11e4-8294-28d244318f2f Error: (04/30/2015 09:25:43 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: cleanmgr.exe6.3.9600.1741554504e1aKERNELBASE.dll6.3.9600.1741554505737c06d007e0000000000008b9c21001d0837b730c9457C:\Windows\System32\cleanmgr.exeC:\Windows\system32\KERNELBASE.dllb0d3581d-ef6e-11e4-8294-28d244318f2f CodeIntegrity Errors: =================================== Date: 2015-05-01 03:16:39.232 Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2015-05-01 03:16:39.022 Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2015-05-01 03:16:38.712 Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2015-05-01 03:16:38.502 Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2015-05-01 03:16:38.193 Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2015-05-01 03:16:37.983 Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2015-05-01 03:16:37.671 Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2015-05-01 03:16:37.459 Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2015-05-01 03:16:37.138 Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2015-05-01 03:16:36.930 Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements. ==================== Memory info =========================== Processor: Intel(R) Core(TM) i7-4700MQ CPU @ 2.40GHz Percentage of memory in use: 47% Total physical RAM: 3816.27 MB Available physical RAM: 2016.96 MB Total Pagefile: 7656.27 MB Available Pagefile: 5705.75 MB Total Virtual: 131072 MB Available Virtual: 131071.85 MB ==================== Drives ================================ Drive c: () (Fixed) (Total:150 GB) (Free:109.5 GB) NTFS Drive d: () (Fixed) (Total:780.61 GB) (Free:647.76 GB) NTFS ==================== MBR & Partition Table ================== ======================================================== Disk: 0 (Size: 931.5 GB) (Disk ID: D9FA2484) Partition: GPT Partition Type. ==================== End Of Log ============================