Additional scan result of Farbar Recovery Scan Tool (x64) Version:18-05-2016 Ran by adam (2016-05-18 19:44:34) Running from D:\FRST64 Windows 7 Home Premium Service Pack 1 (X64) (2015-05-24 16:50:05) Boot Mode: Normal ========================================================== ==================== Accounts: ============================= adam (S-1-5-21-3595127932-1541083318-131603667-1001 - Administrator - Enabled) => C:\Users\adam Administrator (S-1-5-21-3595127932-1541083318-131603667-500 - Administrator - Disabled) Guest (S-1-5-21-3595127932-1541083318-131603667-501 - Limited - Disabled) HomeGroupUser$ (S-1-5-21-3595127932-1541083318-131603667-1003 - Limited - Enabled) UpdatusUser (S-1-5-21-3595127932-1541083318-131603667-1000 - Limited - Enabled) => C:\Users\UpdatusUser ==================== Security Center ======================== (If an entry is included in the fixlist, it will be removed.) AV: avast! Antivirus (Enabled - Out of date) {17AD7D40-BA12-9C46-7131-94903A54AD8B} AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: avast! Antivirus (Enabled - Out of date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736} ==================== Installed Programs ====================== (Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.) µTorrent (HKU\S-1-5-21-3595127932-1541083318-131603667-1001\...\uTorrent) (Version: 3.4.3.40298 - BitTorrent Inc.) Acrobat.com (HKLM-x32\...\{287ECFA4-719A-2143-A09B-D6A12DE54E40}) (Version: 1.6.65 - Adobe Systems Incorporated) Adobe Acrobat Reader DC - Polish (HKLM-x32\...\{AC76BA86-7AD7-1045-7B44-AC0F074E4100}) (Version: 15.009.20079 - Adobe Systems Incorporated) Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 19.0.0.213 - Adobe Systems Incorporated) Adobe Community Help (HKLM-x32\...\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 3.0.0.400 - Adobe Systems Incorporated) Adobe Creative Suite 5 Design Standard (HKLM-x32\...\{49DC7D87-B9F9-4782-9386-B7F13BC75E48}) (Version: 5.0 - Adobe Systems Incorporated) Adobe Flash Player 10 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 10.0.42.34 - Adobe Systems Incorporated) Adobe Flash Player 21 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 21.0.0.213 - Adobe Systems Incorporated) Adobe Media Player (HKLM-x32\...\com.adobe.amp.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 1.8 - Adobe Systems Incorporated) Akamai NetSession Interface (HKU\S-1-5-21-3595127932-1541083318-131603667-1001\...\Akamai) (Version: - Akamai Technologies, Inc) ASUS AI Recovery (HKLM-x32\...\{06585B02-F20D-4AB2-9A64-86EF2AE0F8F0}) (Version: 1.0.9 - ASUS) ASUS AP Bank (HKLM-x32\...\ASUS AP Bank_is1) (Version: 1.0.0.0 - ASUSTEK) ASUS CopyProtect (HKLM-x32\...\{6B77A7F6-DD63-4F13-A6FF-83137A5AC354}) (Version: 1.0.0015 - ASUS) ASUS Data Security Manager (HKLM-x32\...\{FA2092C5-7979-412D-A962-6485274AE1EE}) (Version: 1.00.0014 - ASUS) ASUS FancyStart (HKLM-x32\...\{2B81872B-A054-48DA-BE3B-FA5C164C303A}) (Version: 1.0.8 - ASUSTeK Computer Inc.) ASUS LifeFrame3 (HKLM-x32\...\{1DBD1F12-ED93-49C0-A7CC-56CBDE488158}) (Version: 3.0.20 - ASUS) ASUS Live Update (HKLM-x32\...\{E657B243-9AD4-4ECC-BE81-4CCF8D667FD0}) (Version: 2.5.9 - ASUS) ASUS MultiFrame (HKLM-x32\...\{9D48531D-2135-49FC-BC29-ACCDA5396A76}) (Version: 1.0.0021 - ASUS) ASUS Power4Gear Hybrid (HKLM\...\{91EFE3A1-585E-4F66-B5F6-F118F56C4C47}) (Version: 1.1.35 - ASUS) ASUS SmartLogon (HKLM-x32\...\{64452561-169F-4A36-A2FF-B5E118EC65F5}) (Version: 1.0.0008 - ASUS) ASUS Virtual Camera (HKLM-x32\...\{EC8BD21F-0CA0-4BBF-97D9-4A52B30041A1}) (Version: 1.0.19 - asus) ASUS WebStorage (HKLM-x32\...\ASUS WebStorage) (Version: 2.0.46.1429 - eCareme Technologies, Inc.) ATK Package (HKLM-x32\...\{AB5C933E-5C7D-4D30-B314-9C83A49B94BE}) (Version: 1.0.0003 - ASUS) Avast Free Antivirus (HKLM-x32\...\Avast) (Version: 11.1.2245 - AVAST Software) Choice Guard (x32 Version: 1.2.87.0 - Microsoft Corporation) Hidden Conexant HD Audio (HKLM\...\CNXT_AUDIO_HDA) (Version: 4.98.18.65 - Conexant) CyberLink LabelPrint (HKLM-x32\...\InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}) (Version: 2.5.1908 - CyberLink Corp.) CyberLink Power2Go (HKLM-x32\...\InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 6.1.3602c - CyberLink Corp.) e-Deklaracje Desktop (HKLM-x32\...\e-Deklaracje.A1909296681C7ACEFE45687D3A64758C8659BF46.1) (Version: 8.0.7 - Ministerstwo Finansow) e-Deklaracje Desktop (x32 Version: 8.0.7 - Ministerstwo Finansow) Hidden Fast Boot (HKLM\...\{13F4A7F3-EABC-4261-AF6B-1317777F0755}) (Version: 1.0.5 - ASUS) Google Update Helper (x32 Version: 1.2.183.13 - Google Inc.) Hidden Intel(R) Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1007 - Intel Corporation) Intel(R) Graphics Media Accelerator Driver (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 8.15.10.2104 - Intel Corporation) Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 6.0.0.1179 - Intel Corporation) JMicron Ethernet Adapter NDIS Driver (HKLM-x32\...\{96DCEE2F-98EE-4F80-8C0F-7C04D1FB9D7F}) (Version: 6.0.17.1 - JMicron Technology Corp.) JMicron Flash Media Controller Driver (HKLM-x32\...\{26604C7E-A313-4D12-867F-7C6E7820BE4C}) (Version: 1.0.33.2 - JMicron Technology Corp.) Junk Mail filter update (x32 Version: 14.0.8050.1202 - Microsoft Corporation) Hidden Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation) Microsoft Office Home and Business 2010 (HKLM-x32\...\Office14.SingleImage) (Version: 14.0.7015.1000 - Microsoft Corporation) Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.40728.0 - Microsoft Corporation) Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation) Microsoft Sync Framework Runtime Native v1.0 (x86) (HKLM-x32\...\{8A74E887-8F0F-4017-AF53-CBA42211AAA5}) (Version: 1.0.1215.0 - Microsoft Corporation) Microsoft Sync Framework Services Native v1.0 (x86) (HKLM-x32\...\{BD64AF4A-8C80-4152-AD77-FCDDF05208AB}) (Version: 1.0.1215.0 - Microsoft Corporation) Mozilla Firefox 41.0.2 (x86 pl) (HKLM-x32\...\Mozilla Firefox 41.0.2 (x86 pl)) (Version: 41.0.2 - Mozilla) Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 41.0.2.5765 - Mozilla) MSXML 4.0 SP3 Parser (KB2758694) (HKLM-x32\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation) MSXML 4.0 SP3 Parser (KB973685) (HKLM-x32\...\{859DFA95-E4A6-48CD-B88E-A3E483E89B44}) (Version: 4.30.2107.0 - Microsoft Corporation) NVIDIA Graphics Driver 327.02 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 327.02 - NVIDIA Corporation) PDF Settings CS5 (x32 Version: 10.0 - Adobe Systems Incorporated) Hidden Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version: - Microsoft) The KMPlayer (remove only) (HKLM-x32\...\The KMPlayer) (Version: 3.5.0.77 - KMP Media co., Ltd) USB 2.0 VGA UVC WebCam (HKLM\...\USB 2.0 VGA UVC WebCam) (Version: - ) Windows Live Essentials (HKLM-x32\...\WinLiveSuite_Wave3) (Version: 14.0.8050.1202 - Microsoft Corporation) Windows Live Sign-in Assistant (HKLM-x32\...\{9422C8EA-B0C6-4197-B8FC-DC797658CA00}) (Version: 5.000.818.6 - Microsoft Corporation) Windows Live Sync (HKLM-x32\...\{FDD810CA-D5E3-40E9-AB7B-36440B0D41EF}) (Version: 14.0.8050.1202 - Microsoft Corporation) Windows Live Upload Tool (HKLM-x32\...\{205C6BDD-7B73-42DE-8505-9A093F35A238}) (Version: 14.0.8014.1029 - Microsoft Corporation) WinFlash (HKLM-x32\...\{8F21291E-0444-4B1D-B9F9-4370A73E346D}) (Version: 2.30.1 - ASUS) WinRAR 5.20 (64-bitowy) (HKLM\...\WinRAR archiver) (Version: 5.20.0 - win.rar GmbH) Wireless Console 3 (HKLM-x32\...\{20FDF948-C8ED-4543-A539-F7F4AEF5AFA2}) (Version: 3.0.15 - ASUS) Wtyczka e-Deklaracje (HKLM-x32\...\{81BF6353-3C5B-4E6E-A566-7E162A00BF72}_is1) (Version: 4.1.0 - Ministerstwo Finansów) ==================== Custom CLSID (Whitelisted): ========================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) ==================== Scheduled Tasks (Whitelisted) ============= (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) Task: {2AA49770-BDE7-492E-9619-F5554CD3A5B6} - System32\Tasks\AVAST Software\Avast settings backup => C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe [2016-03-21] (AVAST Software) Task: {331D0CF8-9C23-4506-8161-FE544B586061} - System32\Tasks\ASUS P4G => C:\Program Files\P4G\BatteryLife.exe [2010-04-08] (ATK) Task: {47F232CF-74F0-43CC-9CB7-59800D992A90} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2015-12-10] (AVAST Software) Task: {4B6EE67A-8379-4E09-A66D-D416F431CACB} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-04-30] (Adobe Systems Incorporated) Task: {7A3FB9E4-9FD4-4000-A2E1-A5794C3404FE} - System32\Tasks\ASUS Live Update => C:\Program Files (x86)\ASUS\ASUS Live Update\ALU.exe [2007-11-30] () Task: {7F537B1F-A2B4-4B56-BC74-F7C9FFD0F728} - System32\Tasks\Softcomp Software Viewer => C:\Program Files (x86)\Softcomp Software\swjob.exe [2015-06-02] (SecureSoft) <==== ATTENTION Task: {9AB6EC50-94F2-4AA8-86A8-5B30CEB46B3D} - System32\Tasks\WC3 => C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe [2010-01-05] () Task: {C7CF7F7F-748F-4429-9E8B-B1805883D97B} - System32\Tasks\AdobeAAMUpdater-1.0-pointblank-adam => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2010-03-06] (Adobe Systems Incorporated) Task: {CC6E4942-7F8C-4369-A2D6-7C2E36D991E0} - System32\Tasks\ASUS SmartLogon Console Sensor => C:\Program Files (x86)\ASUS\SmartLogon\sensorsrv.exe [2009-07-31] (ASUS) Task: {D67729BE-32C4-4802-8261-E7701AC1309C} - System32\Tasks\ASPG => C:\Program Files (x86)\ASUS\ASUS CopyProtect\aspg.exe [2009-06-29] (ASUS) Task: {EF755520-6D82-4F23-928F-BDD6B8A87723} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-10-28] (Adobe Systems Incorporated) (If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.) Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe ==================== Shortcuts ============================= (The entries could be listed to be restored or removed.) ==================== Loaded Modules (Whitelisted) ============== 2015-05-31 12:15 - 2013-08-29 22:43 - 00097568 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll 2013-09-05 02:36 - 2013-09-05 02:36 - 00013088 _____ () C:\Program Files\NVIDIA Corporation\CoProcManager\detoured.dll 2010-01-11 17:27 - 2010-01-11 17:27 - 00017920 _____ () C:\Program Files\P4G\DevMng.dll 2010-02-04 00:14 - 2010-02-04 00:14 - 00033792 _____ () C:\Program Files\P4G\OvrClk.dll 2010-01-05 00:43 - 2010-01-05 00:43 - 01597440 _____ () C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe 2007-06-15 17:28 - 2007-06-15 17:28 - 00104960 _____ () C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ShlExt\x64\OverlayIconShlExt64.dll 2007-06-01 23:52 - 2007-06-01 23:52 - 00159744 _____ () C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ShlExt\x64\OverlayIconShlExt1_64.dll 2010-03-16 01:48 - 2010-03-16 01:48 - 00148816 _____ () C:\Program Files (x86)\ASUS\ASUS WebStorage\EcaremeDLL.dll 2010-07-15 05:28 - 2010-07-15 05:28 - 00030032 _____ () C:\Windows\assembly\GAC_MSIL\SqliteShared\1.0.3726.20828__0d0f4b69e50e559b\SqliteShared.dll 2010-07-15 05:28 - 2010-07-15 05:28 - 00931840 _____ () C:\Windows\assembly\GAC_64\System.Data.SQLite\1.0.60.0__db937bc2d44ff139\System.Data.SQLite.dll 2010-03-16 01:48 - 2010-03-16 01:48 - 01754448 _____ () C:\Program Files (x86)\ASUS\ASUS WebStorage\SERVICE\AsusWSService.exe 2015-12-10 15:06 - 2015-12-10 15:06 - 00103888 _____ () C:\Program Files\AVAST Software\Avast\log.dll 2015-12-10 15:06 - 2015-12-10 15:06 - 00125512 _____ () C:\Program Files\AVAST Software\Avast\JsonRpcServer.dll 2016-05-10 23:36 - 2016-05-10 23:36 - 02892800 _____ () C:\Program Files\AVAST Software\Avast\defs\16051002\algo.dll 2016-04-30 09:07 - 2016-04-30 09:07 - 00510368 _____ () C:\Program Files\AVAST Software\Avast\ffl2.dll 2015-06-02 11:58 - 2015-06-02 11:58 - 00086528 _____ () C:\Program Files (x86)\Softcomp Software\mgwz.dll 2015-12-10 15:06 - 2015-12-10 15:06 - 40539648 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll 2009-11-02 21:20 - 2009-11-02 21:20 - 00619816 _____ () C:\Program Files (x86)\CyberLink\Power2Go\CLMediaLibrary.dll 2009-11-02 21:23 - 2009-11-02 21:23 - 00013096 _____ () C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvcPS.dll ==================== Alternate Data Streams (Whitelisted) ========= (If an entry is included in the fixlist, only the ADS will be removed.) ==================== Safe Mode (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.) ==================== Association (Whitelisted) =============== (If an entry is included in the fixlist, the registry item will be restored to default or removed.) ==================== Internet Explorer trusted/restricted =============== (If an entry is included in the fixlist, it will be removed from the registry.) ==================== Hosts content: =============================== (If needed Hosts: directive could be included in the fixlist to reset Hosts.) 2009-07-14 02:34 - 2009-06-10 21:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts ==================== Other Areas ============================ (Currently there is no automatic fix for this section.) HKU\S-1-5-21-3595127932-1541083318-131603667-1001\Control Panel\Desktop\\Wallpaper -> DNS Servers: 192.168.10.1 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1) Windows Firewall is enabled. ==================== MSCONFIG/TASK MANAGER disabled items == (Currently there is no automatic fix for this section.) MSCONFIG\startupreg: Adobe Reader Speed Launcher => "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe" MSCONFIG\startupreg: ADSMTray => C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ADSMTray.exe MSCONFIG\startupreg: ASUS Screen Saver Protector => C:\Windows\AsScrPro.exe MSCONFIG\startupreg: CLMLServer => "C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe" ==================== FirewallRules (Whitelisted) =============== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) FirewallRules: [{C449D7F1-5AEA-46F2-A157-7CF20168E3EC}] => (Allow) LPort=5353 FirewallRules: [{E9C4F6DE-BC9F-4C48-9043-C0796E246FAC}] => (Allow) LPort=8182 FirewallRules: [{05901194-EEF9-49F8-A3A1-8C52B69964E7}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe FirewallRules: [{5169B4D2-CB15-4A21-9CDD-6A00168CB343}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe FirewallRules: [{10B9CC0A-13E4-4EDB-B43F-578C23B21426}] => (Allow) C:\Program Files (x86)\Windows Live\Messenger\wlcsdk.exe FirewallRules: [{58F880BB-AD83-4251-BBA3-56AB14708195}] => (Allow) C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe FirewallRules: [{CF11B36E-4572-4584-B2C9-96391AF0DAEC}] => (Allow) svchost.exe FirewallRules: [{B5B102FB-DF8C-4B3A-8564-538ED856ADAB}] => (Allow) C:\Program Files (x86)\Windows Live\Sync\WindowsLiveSync.exe FirewallRules: [TCP Query User{343B08E9-69A2-4D0A-90B3-F7ACAA2982E1}C:\program files (x86)\syncables\syncables desktop\jre\bin\javaw.exe] => (Block) C:\program files (x86)\syncables\syncables desktop\jre\bin\javaw.exe FirewallRules: [UDP Query User{01F87419-1040-4304-B8DD-D96961ACDEDC}C:\program files (x86)\syncables\syncables desktop\jre\bin\javaw.exe] => (Block) C:\program files (x86)\syncables\syncables desktop\jre\bin\javaw.exe FirewallRules: [{931C381D-40F0-4471-A50C-0487F44F8029}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe FirewallRules: [{988C01A8-8784-436B-8214-6CCCFA13FD53}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe FirewallRules: [{C1F707F1-7543-4B55-8B12-13E045E32183}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe FirewallRules: [{24760CB6-17F0-44DC-857E-4F9FF6C23525}] => (Allow) C:\Users\adam\AppData\Roaming\uTorrent\uTorrent.exe FirewallRules: [{6E5DD8AC-3FF8-4B2C-AE8E-F566BA029E83}] => (Allow) C:\Users\adam\AppData\Roaming\uTorrent\uTorrent.exe FirewallRules: [{CC6DF844-82DD-485F-BE62-1D7A4B09D9C7}] => (Allow) C:\Users\adam\AppData\Local\Temp\nshAB71.tmp\CnetInstaller-75021441.exe FirewallRules: [{0278AC2E-5733-451B-A43D-0A0808FFBD21}] => (Allow) C:\Users\adam\AppData\Local\Temp\nshAB71.tmp\CnetInstaller-75021441.exe FirewallRules: [{D62D652B-7474-4FAC-B479-E2613FAE9E86}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe FirewallRules: [{F64FADE0-8F6C-4644-99AA-F82983F936C5}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe FirewallRules: [{CBEFD5FB-309B-4831-BC6A-33BEE3B9D5FE}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe FirewallRules: [{FC137E7D-9DF3-460C-9143-14DA5FA90D00}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe FirewallRules: [{C7D7E450-7310-4FDD-BDA0-43C61210D232}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\dota.exe FirewallRules: [{1248D079-D67B-4776-8330-6F3F3EABDE41}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\dota.exe FirewallRules: [TCP Query User{ED42DF9B-1160-403E-A487-A6A856425F76}C:\users\adam\appdata\local\akamai\netsession_win.exe] => (Allow) C:\users\adam\appdata\local\akamai\netsession_win.exe FirewallRules: [UDP Query User{742087DD-F0AC-4277-933E-FB1B25871DBC}C:\users\adam\appdata\local\akamai\netsession_win.exe] => (Allow) C:\users\adam\appdata\local\akamai\netsession_win.exe FirewallRules: [TCP Query User{695A744A-AAC5-4AA6-B98F-9829797D2947}D:\program files\warcraft iii\war3.exe] => (Allow) D:\program files\warcraft iii\war3.exe FirewallRules: [UDP Query User{12ECA858-2218-4531-9DFE-F23DF4D1EA4C}D:\program files\warcraft iii\war3.exe] => (Allow) D:\program files\warcraft iii\war3.exe FirewallRules: [TCP Query User{9A2AA482-F9B8-45B8-A208-D6751035432B}C:\program files (x86)\warcraft iii\war3.exe] => (Allow) C:\program files (x86)\warcraft iii\war3.exe FirewallRules: [UDP Query User{7E296650-544F-4324-9F55-D94141490877}C:\program files (x86)\warcraft iii\war3.exe] => (Allow) C:\program files (x86)\warcraft iii\war3.exe FirewallRules: [TCP Query User{E4CC673C-E851-4E5D-BECE-54567ABFA5C2}C:\program files (x86)\warcraft iii\war3.exe] => (Block) C:\program files (x86)\warcraft iii\war3.exe FirewallRules: [UDP Query User{34501136-B839-414F-A2EE-CC43AB93DF89}C:\program files (x86)\warcraft iii\war3.exe] => (Block) C:\program files (x86)\warcraft iii\war3.exe FirewallRules: [TCP Query User{AEB90D30-BC46-4BB9-9F61-0BC63E65F346}C:\users\adam\appdata\local\akamai\netsession_win.exe] => (Block) C:\users\adam\appdata\local\akamai\netsession_win.exe FirewallRules: [UDP Query User{E52E97BA-1C17-4068-9280-1E7E1603001E}C:\users\adam\appdata\local\akamai\netsession_win.exe] => (Block) C:\users\adam\appdata\local\akamai\netsession_win.exe FirewallRules: [{F0CA913D-7DB7-4C97-99DB-EA529C4AA839}] => (Allow) C:\Program Files (x86)\PANDORA.TV\PanService\PanProcess.exe FirewallRules: [{49560083-D3C8-4854-BBEF-D1F14FB8C848}] => (Allow) C:\Program Files (x86)\PANDORA.TV\PanService\PanProcess.exe FirewallRules: [{2D8B0FE7-13AB-41D8-B703-8E596E854B65}] => (Allow) C:\Program Files (x86)\PANDORA.TV\PanService\PandoraService.exe FirewallRules: [{101B80AE-CE7D-4B4D-8520-5BEF3010C93E}] => (Allow) C:\Program Files (x86)\PANDORA.TV\PanService\PandoraService.exe ==================== Restore Points ========================= 18-05-2016 18:36:52 Removed Rhinoceros 5 ==================== Faulty Device Manager Devices ============= ==================== Event log errors: ========================= Application errors: ================== Error: (05/18/2016 06:38:56 PM) (Source: Microsoft-Windows-RestartManager) (EventID: 10007) (User: pointblank) Description: Application or service 'McNeel Update Service 5.0' could not be restarted. Error: (04/30/2016 09:17:24 AM) (Source: MsiInstaller) (EventID: 1024) (User: pointblank) Description: Product: Adobe Acrobat Reader DC - Polish - Update '{AC76BA86-7AD7-0000-2550-AC0F0A4E5C00}' could not be installed. Error code 1625. Windows Installer can create logs to help troubleshoot issues with installing software packages. Use the following link for instructions on turning on logging support: http://go.microsoft.com/fwlink/?LinkId=23127 Error: (04/30/2016 07:35:25 AM) (Source: MsiInstaller) (EventID: 11730) (User: pointblank) Description: Product: e-Deklaracje Desktop -- Error 1730. You must be an Administrator to remove this application. To remove this application, you can log on as an Administrator, or contact your technical support group for assistance. Error: (02/03/2016 05:19:53 PM) (Source: MsiInstaller) (EventID: 11935) (User: pointblank) Description: Product: Rhinoceros 5 (64-bit) -- Error 1935. (1)An error occurred during the installation of assembly 'Microsoft.VC80.MFCLOC,version="8.0.50727.6195",publicKeyToken="1fc8b3b9a1e18e3b",processorArchitecture="amd64",type="win32"'. Please refer to Help and Support for more information. HRESULT: 0x80070091. assembly interface: IAssemblyCacheItem, function: Commit, component: {608113E0-F3B6-C6EE-A01F-C8B3B9A1E18E} Error: (02/03/2016 05:18:02 PM) (Source: SideBySide) (EventID: 33) (User: ) Description: Activation context generation failed for "Microsoft.VC80.CRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50727.6195"1". Dependent Assembly Microsoft.VC80.CRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50727.6195" could not be found. Please use sxstrace.exe for detailed diagnosis. Error: (02/03/2016 05:18:02 PM) (Source: SideBySide) (EventID: 33) (User: ) Description: Activation context generation failed for "Microsoft.VC80.CRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50727.6195"1". Dependent Assembly Microsoft.VC80.CRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50727.6195" could not be found. Please use sxstrace.exe for detailed diagnosis. Error: (02/03/2016 05:18:02 PM) (Source: SideBySide) (EventID: 33) (User: ) Description: Activation context generation failed for "Microsoft.VC80.CRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50727.6195"1". Dependent Assembly Microsoft.VC80.CRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50727.6195" could not be found. Please use sxstrace.exe for detailed diagnosis. Error: (02/03/2016 05:18:02 PM) (Source: SideBySide) (EventID: 33) (User: ) Description: Activation context generation failed for "Microsoft.VC80.CRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50727.6195"1". Dependent Assembly Microsoft.VC80.CRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50727.6195" could not be found. Please use sxstrace.exe for detailed diagnosis. Error: (12/30/2015 05:00:37 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 4107) (User: ) Description: Failed extract of third-party root list from auto update cab at: with error: A required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file. . Error: (12/30/2015 05:00:37 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 4107) (User: ) Description: Failed extract of third-party root list from auto update cab at: with error: A required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file. . System errors: ============= Error: (04/30/2016 07:34:03 AM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: The MBAMService service failed to start due to the following error: %%1053 Error: (04/30/2016 07:34:03 AM) (Source: Service Control Manager) (EventID: 7009) (User: ) Description: A timeout was reached (30000 milliseconds) while waiting for the MBAMService service to connect. Error: (04/30/2016 07:32:00 AM) (Source: Service Control Manager) (EventID: 7043) (User: ) Description: The Windows Update service did not shut down properly after receiving a preshutdown control. Error: (02/03/2016 08:25:39 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: The MBAMService service failed to start due to the following error: %%1053 Error: (02/03/2016 08:25:39 PM) (Source: Service Control Manager) (EventID: 7009) (User: ) Description: A timeout was reached (30000 milliseconds) while waiting for the MBAMService service to connect. Error: (02/03/2016 05:55:27 PM) (Source: Service Control Manager) (EventID: 7043) (User: ) Description: The Windows Update service did not shut down properly after receiving a preshutdown control. Error: (02/03/2016 05:44:33 PM) (Source: DCOM) (EventID: 10010) (User: ) Description: {49BD2028-1523-11D1-AD79-00C04FD8FDFF} Error: (01/09/2016 02:27:12 PM) (Source: iaStor) (EventID: 9) (User: ) Description: The device, \Device\Ide\iaStor0, did not respond within the timeout period. Error: (11/20/2015 03:11:38 PM) (Source: Service Control Manager) (EventID: 7043) (User: ) Description: The Windows Update service did not shut down properly after receiving a preshutdown control. Error: (11/09/2015 12:37:33 AM) (Source: EventLog) (EventID: 6008) (User: ) Description: The previous system shutdown at 23:24:00 on ‎2015-‎11-‎08 was unexpected. ==================== Memory info =========================== Processor: Intel(R) Pentium(R) CPU P6000 @ 1.87GHz Percentage of memory in use: 91% Total physical RAM: 1900.49 MB Available physical RAM: 161.77 MB Total Virtual: 4054.98 MB Available Virtual: 1482.77 MB ==================== Drives ================================ Drive c: (OS) (Fixed) (Total:60.27 GB) (Free:25.16 GB) NTFS ==>[system with boot components (obtained from drive)] Drive d: (DATA) (Fixed) (Total:120.47 GB) (Free:15.16 GB) NTFS Drive f: (DATA1) (Fixed) (Total:120.9 GB) (Free:17.42 GB) NTFS Drive g: (DATA2) (Fixed) (Total:120.06 GB) (Free:8.21 GB) NTFS ==================== MBR & Partition Table ================== ======================================================== Disk: 0 (Size: 465.8 GB) (Disk ID: E0C5913D) Partition 1: (Not Active) - (Size=19.5 GB) - (Type=1C) Partition 2: (Active) - (Size=60.3 GB) - (Type=07 NTFS) Partition 3: (Not Active) - (Size=386 GB) - (Type=05) ==================== End of Addition.txt ============================