Additional scan result of Farbar Recovery Scan Tool (x64) Version: 31-08-2016 Ran by DINO (05-09-2016 18:26:55) Running from C:\Users\DINO\Downloads Windows 7 Ultimate Service Pack 1 (X64) (2012-12-02 20:51:35) Boot Mode: Normal ========================================================== ==================== Accounts: ============================= Administrator (S-1-5-21-819675344-3165160550-3345714557-500 - Administrator - Disabled) DINO (S-1-5-21-819675344-3165160550-3345714557-1000 - Administrator - Enabled) => C:\Users\DINO Guest (S-1-5-21-819675344-3165160550-3345714557-501 - Limited - Enabled) => C:\Users\Guest HomeGroupUser$ (S-1-5-21-819675344-3165160550-3345714557-1005 - Limited - Enabled) ==================== Security Center ======================== (If an entry is included in the fixlist, it will be removed.) AS: Windows Defender (Enabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} ==================== Installed Programs ====================== (Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.) µTorrent (HKU\S-1-5-21-819675344-3165160550-3345714557-1000\...\uTorrent) (Version: 3.4.7.42330 - BitTorrent Inc.) Adobe After Effects CS6 (HKLM-x32\...\{4817D846-700B-474E-A31B-80892B3E92E3}) (Version: 11 - Adobe Systems Incorporated) Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 3.1.0.4880 - Adobe Systems Incorporated) Adobe Flash Player 22 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 22.0.0.210 - Adobe Systems Incorporated) Adobe Flash Player 22 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 22.0.0.209 - Adobe Systems Incorporated) Adobe Help Manager (HKLM-x32\...\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 4.0.244 - Adobe Systems Incorporated) Adobe Photoshop CS6 (HKLM-x32\...\{74EB3499-8B95-4B5C-96EB-7B342F3FD0C6}) (Version: 13.0 - Adobe Systems Incorporated) Arma 2 (HKLM-x32\...\Steam App 33910) (Version: - Bohemia Interactive) Arma 3 (HKLM-x32\...\Steam App 107410) (Version: - Bohemia Interactive) Armored Warfare MyCom Beta (HKU\S-1-5-21-819675344-3165160550-3345714557-1000\...\Armored Warfare MyCom Beta) (Version: 1.59 - My.com B.V.) Autodesk DWG TrueView 2015 - English (HKLM\...\DWG TrueView 2015 - English) (Version: 20.0.51.0 - Autodesk) Battlefield 3™ (HKLM-x32\...\{76285C16-411A-488A-BCE3-C83CB933D8CF}) (Version: 1.6.0.0 - Electronic Arts) Battlelog Web Plugins (HKLM-x32\...\Battlelog Web Plugins) (Version: 2.4.0 - EA Digital Illusions CE AB) BCT Commander (HKLM-x32\...\{E74941DC-0BED-11D6-BE62-002078184525}) (Version: 1.27.0.0 - ProSIM Company) BitRaider Streaming Client (HKLM-x32\...\BitRaider Streaming Client) (Version: 1.3.3.4012 - BitRaider, LLC) BitRaider Web Client (HKLM-x32\...\BitRaider Web Client) (Version: 1.1.6.9 - BitRaider, LLC) DCS World (HKLM\...\DCS World_is1) (Version: 1.2.16.39472 - ) DWG TrueView 2015 - English (Version: 20.0.51.0 - Autodesk) Hidden DxO Optics Pro 6 (HKLM-x32\...\{A9A1FC33-C366-4B17-9ADB-52E52A0E04CC}) (Version: 6.6.0 - DxO Labs) EVE Online (HKLM-x32\...\{5C589C11-5E92-4C61-89F1-7D75F52680EF}) (Version: 3.0.0 - CCP Games Ltd.) EVEMon (HKLM-x32\...\EVEMon) (Version: 1.8.4.4125 - battleclinic.com) Facebook Video Calling 3.1.0.521 (HKLM-x32\...\{2091F234-EB58-4B80-8C96-8EB78C808CF7}) (Version: 3.1.521 - Skype Limited) Foxit Reader (HKLM-x32\...\Foxit Reader_is1) (Version: 5.4.4.1128 - Foxit Corporation) Fraps (remove only) (HKLM-x32\...\Fraps) (Version: - ) Gloria Victis (HKLM\...\Steam App 327070) (Version: - Black Eye Games) Google Earth (HKLM-x32\...\{817750FA-EC6A-485D-9901-0683AE6FFDF1}) (Version: 7.1.5.1557 - Google) Google Update Helper (x32 Version: 1.3.31.5 - Google Inc.) Hidden HD Tune Pro 5.60 (HKLM-x32\...\HD Tune Pro_is1) (Version: - EFD Software) Informacje o systemie Creative (HKLM-x32\...\SysInfo) (Version: 1.10 - Creative Technology Limited) IrfanView (remove only) (HKLM-x32\...\IrfanView) (Version: 4.42 - Irfan Skiljan) Jagged Alliance Online - Steam Edition (HKLM-x32\...\Steam App 218450) (Version: - Cliffhanger Productions) Java 8 Update 45 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218045F0}) (Version: 8.0.450 - Oracle Corporation) Kaspersky Security Scan (HKLM-x32\...\InstallWIX_{D1282694-0693-41A8-ABC1-6D1FFC1F65C5}) (Version: 15.0.0.737 - Kaspersky Lab) Kaspersky Security Scan (x32 Version: 15.0.0.737 - Kaspersky Lab) Hidden Kerbal Space Program (HKLM-x32\...\Steam App 220200) (Version: - Squad) K-Lite Mega Codec Pack 11.4.0 (HKLM-x32\...\KLiteCodecPack_is1) (Version: 11.4.0 - ) LRTimelapse 4.3 (HKLM-x32\...\{3B86296C-F4C8-4FE7-8561-CC5F444098D4}}_is1) (Version: 4.3 - Gunther Wegner) Men of War: Assault Squad 2 (HKLM-x32\...\Steam App 244450) (Version: - Digitalmindsoft) Microsoft .NET Framework 4.5.1 RC (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50861 - Microsoft Corporation) Microsoft Flight Simulator SimConnect Client v10.0.61259.0 (HKLM-x32\...\{D61CA184-3F6D-4A50-B2CC-7A18447D6A8D}) (Version: 10.0.61259.0 - Microsoft Corporation) Microsoft Flight Simulator SimConnect Client v10.0.62613.0 (HKLM-x32\...\{33D89314-361A-4495-A1E1-0ACBCE08F78D}) (Version: 10.0.62613.0 - Microsoft Corporation) Microsoft Flight Simulator X: Steam Edition (HKLM-x32\...\Steam App 314160) (Version: - Microsoft Game Studios) Microsoft Games for Windows - LIVE (HKLM-x32\...\{4AA3D64E-9EC3-4B0F-AB91-5885AC55641F}) (Version: 2.0.675.0 - Microsoft Corporation) Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{832D9DE0-8AFC-4689-9819-4DBBDEBD3E4F}) (Version: 3.5.92.0 - Microsoft Corporation) Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.20913.0 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation) Mozilla Firefox 47.0.1 (x86 pl) (HKLM-x32\...\Mozilla Firefox 47.0.1 (x86 pl)) (Version: 47.0.1 - Mozilla) Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 47.0.1.6018 - Mozilla) MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation) MSXML 4.0 SP2 Parser and SDK (HKLM-x32\...\{716E0306-8318-4364-8B8F-0CC4E9376BAC}) (Version: 4.20.9818.0 - Microsoft Corporation) NapiProjekt (2.1.0.2287) (HKLM-x32\...\NapiProjekt_is1) (Version: - ) NavyFIELD NorthAmerica (HKLM-x32\...\{D6D425D2-803F-40E8-9D65-3DC00D577C11}) (Version: 1.00.0000 - SD EnterNET) No-IP DUC (HKLM-x32\...\NoIPDUC) (Version: 4.1.1 - Vitalwerks Internet Solutions LLC) NVIDIA 3D Vision Controller Driver 352.65 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 352.65 - NVIDIA Corporation) NVIDIA 3D Vision Driver 361.43 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 361.43 - NVIDIA Corporation) NVIDIA GeForce Experience 2.8.1.21 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.8.1.21 - NVIDIA Corporation) NVIDIA Graphics Driver 361.43 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 361.43 - NVIDIA Corporation) NVIDIA HD Audio Driver 1.3.34.4 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.34.4 - NVIDIA Corporation) NVIDIA PhysX System Software 9.15.0428 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.15.0428 - NVIDIA Corporation) OpenOffice 4.1.0 (HKLM-x32\...\{7EB1185B-6319-42D7-B103-707570BFB0D8}) (Version: 4.10.9764 - Apache Software Foundation) Opera Stable 39.0.2256.48 (HKLM-x32\...\Opera 39.0.2256.48) (Version: 39.0.2256.48 - Opera Software) Origin (HKLM-x32\...\Origin) (Version: 8.5.0.4518 - Electronic Arts, Inc.) Paseczek 1.1.0.365 (HKLM-x32\...\Paseczek_is1) (Version: 1.1.0.365 - ) PDF Architect 4 (HKLM-x32\...\PDF Architect 4) (Version: 4.0.26.25466 - pdfforge GmbH) PDF Architect 4 View Module (Version: 4.0.9.25450 - pdfforge GmbH) Hidden PDF Settings CS6 (x32 Version: 11.0 - Adobe Systems Incorporated) Hidden PDFCreator (HKLM\...\{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}) (Version: 2.3.0 - pdfforge GmbH) Point of Attack 2 (HKLM-x32\...\{66BE96C2-8051-4601-9DA4-C021E4A9E8B7}) (Version: 2.2.0 - HPS Simulations) SafeFinder (HKLM-x32\...\{3ABFE3EF-41B7-415D-B2AF-20AF570679A5}) (Version: 1.0.0.0 - Linkury) <==== ATTENTION SHIELD Streaming (Version: 4.1.0250 - NVIDIA Corporation) Hidden SHIELD Wireless Controller Driver (Version: 2.8.1.21 - NVIDIA Corporation) Hidden Skype™ 6.22 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 6.22.107 - Skype Technologies S.A.) Smart Technology Programming Software 7.0.23.0 (HKLM\...\{2A9D89B8-D07E-48F5-9A4C-0972D6FA5475}) (Version: 7.0.23.0 - Mad Catz) Sound Blaster Tactic(3D) (HKLM-x32\...\{92000C16-939B-44CA-802F-0D552019D7C8}) (Version: 1.0 - Creative Technology Limited) Spotify (HKU\S-1-5-21-819675344-3165160550-3345714557-1000\...\Spotify) (Version: 1.0.36.124.g1cba1920 - Spotify AB) Steam (HKLM-x32\...\Steam) (Version: - Valve Corporation) TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.6 - TeamSpeak Systems GmbH) TL-WN721N/TL-WN722N Driver (HKLM-x32\...\{38A1E3ED-D913-41D2-9953-A93D5ACE3ADF}) (Version: 1.0.0 - TP-LINK) Total War: Arena (HKLM-x32\...\Steam App 227520) (Version: - Creative Assembly) TP-LINK Wireless Configuration Utility (HKLM-x32\...\{319D91C6-3D44-436C-9F79-36C0D22372DC}) (Version: 1.0.0 - TP-LINK) Victory At Sea (HKLM-x32\...\Steam App 298480) (Version: - Evil Twin Artworks) Voyage Century Online (HKLM-x32\...\Voyage Century Online_is1) (Version: 0.99 - IGG,Inc.) Wacom Tablet (HKLM\...\Wacom Tablet Driver) (Version: 6.3.15-3 - Wacom Technology Corp.) War Thunder Launcher 1.0.1.652 (HKLM-x32\...\{ed8deea4-29fa-3932-9612-e2122d8a62d9}}_is1) (Version: - Gaijin Entertainment) Wargame: AirLand Battle (HKLM-x32\...\Steam App 222750) (Version: - Eugen Systems) Wargame: Red Dragon (HKLM-x32\...\Steam App 251060) (Version: - Eugen Systems) WebTablet FB Plugin 32 bit (HKLM-x32\...\Wacom WebTabletPlugin for Internet Explorer and Netscape) (Version: 2.1.0.7 - Wacom Technology Corp.) WebTablet FB Plugin 64 bit (HKLM\...\Wacom WebTabletPlugin for Internet Explorer and Netscape) (Version: 2.1.0.7 - Wacom Technology Corp.) Winamp (HKLM-x32\...\Winamp) (Version: 5.666 - Nullsoft, Inc) Windows Live ID Sign-in Assistant (HKLM\...\{9B48B0AC-C813-4174-9042-476A887592C7}) (Version: 6.500.3165.0 - Microsoft Corporation) WinRAR 4.20 (64-bitowy) (HKLM\...\WinRAR archiver) (Version: 4.20.0 - win.rar GmbH) WinZip (HKLM-x32\...\WinZip) (Version: 2.2.74 - Winzipper Pvt Ltd.) <==== ATTENTION World of Tanks (HKLM-x32\...\{1EAC1D02-C6AC-4FA6-9A44-96258C37C812EU}_is1) (Version: - Wargaming.net) World of Warplanes (HKLM-x32\...\{1EAC1D02-C6AC-4FA6-9A44-96258C37C813EU}_is1) (Version: - Wargaming.net) World of Warships (HKU\S-1-5-21-819675344-3165160550-3345714557-1000\...\{1EAC1D02-C6AC-4FA6-9A44-96258C37C814eu}_is1) (Version: - Wargaming.net) ==================== Custom CLSID (Whitelisted): ========================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) CustomCLSID: HKU\S-1-5-21-819675344-3165160550-3345714557-1000_Classes\CLSID\{149DD748-EA85-45A6-93C5-AC50D0260C98}\localserver32 -> G:\6.MISC\Autodesk\DWG TrueView 2015 - English\dwgviewr.exe (Autodesk, Inc.) CustomCLSID: HKU\S-1-5-21-819675344-3165160550-3345714557-1000_Classes\CLSID\{3faa4380-a399-11cf-a466-00805fe418f6}\InprocServer32 -> G:\6.MISC\Autodesk\DWG TrueView 2015 - English\en-US\dwgviewrficn.dll (Autodesk, Inc.) ==================== Scheduled Tasks (Whitelisted) ============= (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) Task: {0968572D-CBAC-4BCC-B21F-E4F8E0F10C9A} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-04-16] (Google Inc.) Task: {23F9BBCC-F88B-4002-A361-5B15A25A8F18} - System32\Tasks\{EDC40DF3-9E10-4D1A-AF24-98D0235A6F05} => pcalua.exe -a "K:\Adobe CS6\Set-up.exe" -d "K:\Adobe CS6" Task: {2BF2B3FC-B1CF-40D1-B911-1A11EECBC2DF} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-04-16] (Google Inc.) Task: {57CD1973-5EF1-4B5A-A9FA-B59C1136E952} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-819675344-3165160550-3345714557-1000Core => C:\Users\DINO\AppData\Local\Facebook\Update\FacebookUpdate.exe [2013-06-25] (Facebook Inc.) Task: {61595C35-56D5-4401-97B0-7EBEE453FBA5} - System32\Tasks\{4AA75E9E-9464-4AEF-9230-1EC6ECF64C75} => pcalua.exe -a C:\Users\DINO\Downloads\iview442_setup.exe -d C:\Users\DINO\Downloads Task: {942DD457-381C-4F26-995D-C9304E467C63} - System32\Tasks\{960028F6-94A0-4318-9C86-21A57C6288A8} => pcalua.exe -a C:\Users\DINO\Downloads\Saitek_X52_Flight_Controller_SD6_64.exe -d C:\Users\DINO\Downloads Task: {9B2888B6-036A-4BD3-8985-92428F9320B6} - System32\Tasks\Opera scheduled Autoupdate 1414162304 => C:\Program Files (x86)\Opera\launcher.exe [2016-08-03] (Opera Software) Task: {A649E63F-E566-4532-AD07-DA16F71201EC} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-07-16] (Adobe Systems Incorporated) Task: {AE95E0F2-333F-425B-A6AF-70187E1B5823} - System32\Tasks\YestonyUpdateTaskMachineCore => C:\Program Files (x86)\Yestony\Update\YestonyUpdate.exe [2016-05-27] () <==== ATTENTION Task: {B1687C8E-52A4-4199-858F-418FD31228F1} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-819675344-3165160550-3345714557-1000UA => C:\Users\DINO\AppData\Local\Facebook\Update\FacebookUpdate.exe [2013-06-25] (Facebook Inc.) Task: {DE51F135-2165-4227-B352-3F417DDD4534} - System32\Tasks\YestonyUpdateTaskMachineUA => C:\Program Files (x86)\Yestony\Update\YestonyUpdate.exe [2016-05-27] () <==== ATTENTION (If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.) Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-819675344-3165160550-3345714557-1000Core.job => C:\Users\DINO\AppData\Local\Facebook\Update\FacebookUpdate.exe Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-819675344-3165160550-3345714557-1000UA.job => C:\Users\DINO\AppData\Local\Facebook\Update\FacebookUpdate.exe Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe ==================== Shortcuts ============================= (The entries could be listed to be restored or removed.) ShortcutWithArgument: C:\Users\DINO\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer (64-bit).lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation) -> hxxp://www.nuesearch.com/?type=sc&ts=1467717899&z=5ac70d7741297910ff3c9a6gfz3q4mam2g6m9t7e2o&from=wpm0616&uid=TOSHIBAXQ300_Y5DB635CKNRX ShortcutWithArgument: C:\Users\DINO\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk -> C:\Program Files (x86)\Internet Explorer\iexplore.exe (Microsoft Corporation) -> hxxp://www.nuesearch.com/?type=sc&ts=1467717899&z=5ac70d7741297910ff3c9a6gfz3q4mam2g6m9t7e2o&from=wpm0616&uid=TOSHIBAXQ300_Y5DB635CKNRX ShortcutWithArgument: C:\Users\DINO\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WarThunder\WarThunder.lnk -> C:\Games\WarThunder\launcher.exe (Gaijin Entertainment) -> hxxp://www.nuesearch.com/?type=sc&ts=1467717899&z=5ac70d7741297910ff3c9a6gfz3q4mam2g6m9t7e2o&from=wpm0616&uid=TOSHIBAXQ300_Y5DB635CKNRX ShortcutWithArgument: C:\Users\DINO\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Internet Explorer (No Add-ons).lnk -> C:\Program Files (x86)\Internet Explorer\iexplore.exe (Microsoft Corporation) -> hxxp://www.nuesearch.com/?type=sc&ts=1466009986&z=8a91de2c6a230366785450egbzfq5q8e4ebt1t6tde&from=wpm0614&uid=TOSHIBAXQ300_Y5DB635CKNRX ShortcutWithArgument: C:\Users\DINO\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk -> C:\Program Files (x86)\Internet Explorer\iexplore.exe (Microsoft Corporation) -> hxxp://www.nuesearch.com/?type=sc&ts=1467717899&z=5ac70d7741297910ff3c9a6gfz3q4mam2g6m9t7e2o&from=wpm0616&uid=TOSHIBAXQ300_Y5DB635CKNRX ShortcutWithArgument: C:\Users\DINO\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\StartMenu\Google Chrome.lnk -> C:\Program Files (x86)\Yestony\Application\chrome.exe (Google Inc.) -> hxxp://www.nuesearch.com/?type=sc&ts=1466009986&z=8a91de2c6a230366785450egbzfq5q8e4ebt1t6tde&from=wpm0614&uid=TOSHIBAXQ300_Y5DB635CKNRX ShortcutWithArgument: C:\Users\DINO\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\StartMenu\Mozilla Firefox.lnk -> C:\Program Files (x86)\Firefox\Firefox.exe (Mozilla Corporation) -> hxxp://www.nuesearch.com/?type=sc&ts=1470379113&z=1d88acf30453e535ffefa6bg8z8mee7c4m0t6g3ofo&from=wpm0802&uid=TOSHIBAXQ300_Y5DB635CKNRX ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk -> C:\Program Files (x86)\Yestony\Application\chrome.exe (Google Inc.) -> hxxp://www.nuesearch.com/?type=sc&ts=1466009986&z=8a91de2c6a230366785450egbzfq5q8e4ebt1t6tde&from=wpm0614&uid=TOSHIBAXQ300_Y5DB635CKNRX ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk -> C:\Program Files (x86)\Firefox\Firefox.exe (Mozilla Corporation) -> hxxp://www.nuesearch.com/?type=sc&ts=1467717899&z=5ac70d7741297910ff3c9a6gfz3q4mam2g6m9t7e2o&from=wpm0616&uid=TOSHIBAXQ300_Y5DB635CKNRX ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Opera.lnk -> C:\Program Files (x86)\Opera\launcher.exe (Opera Software) -> hxxp://www.nuesearch.com/?type=sc&ts=1466009986&z=8a91de2c6a230366785450egbzfq5q8e4ebt1t6tde&from=wpm0614&uid=TOSHIBAXQ300_Y5DB635CKNRX ShortcutWithArgument: C:\Users\Public\Desktop\WarThunder.lnk -> C:\Games\WarThunder\launcher.exe (Gaijin Entertainment) -> hxxp://www.nuesearch.com/?type=sc&ts=1467717899&z=5ac70d7741297910ff3c9a6gfz3q4mam2g6m9t7e2o&from=wpm0616&uid=TOSHIBAXQ300_Y5DB635CKNRX ==================== Loaded Modules (Whitelisted) ============== 2012-12-02 23:18 - 2015-12-16 16:53 - 00126072 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll 2016-01-03 17:48 - 2015-12-16 19:34 - 00217720 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamBase.dll 2016-07-28 19:04 - 2016-07-28 05:26 - 00432344 _____ () C:\Program Files (x86)\WinSaber\WinSaber.exe 2016-03-22 23:18 - 2016-01-11 19:30 - 01349824 _____ () C:\Program Files\Tablet\Wacom\libxml2.dll 2016-08-03 06:30 - 2016-08-02 04:46 - 00253824 _____ () C:\Program Files (x86)\Firefox\bin\FirefoxCommand.exe 2016-08-03 06:30 - 2016-08-02 04:46 - 00499072 _____ () C:\Program Files (x86)\Firefox\bin\FirefoxUpdate.exe 2016-05-25 08:25 - 2015-12-30 07:34 - 00582144 _____ () C:\Program Files (x86)\WinZipper\curlpp.dll 2016-05-25 08:25 - 2016-01-26 10:27 - 00066560 _____ () C:\Program Files (x86)\WinZipper\zlib1.dll 2015-04-06 15:23 - 2015-04-06 15:23 - 00316200 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Scan\dblite.dll 2016-01-03 17:48 - 2015-12-16 19:34 - 00011896 _____ () C:\Program Files (x86)\NVIDIA Corporation\Update Core\detoured.dll 2015-07-02 19:40 - 2016-08-29 06:12 - 51330160 _____ () C:\Users\DINO\AppData\Roaming\Spotify\libcef.dll 2015-04-06 15:34 - 2015-04-06 15:34 - 00267264 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Scan\webcore.dll 2015-04-06 15:34 - 2015-04-06 15:34 - 41268224 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Scan\libcef.dll 2015-04-06 15:34 - 2015-04-06 15:34 - 01402368 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Scan\libglesv2.dll 2015-04-06 15:34 - 2015-04-06 15:34 - 00212992 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Scan\libegl.dll 2015-07-02 19:40 - 2016-08-29 06:12 - 01763952 _____ () C:\Users\DINO\AppData\Roaming\Spotify\libglesv2.dll 2015-07-02 19:40 - 2016-08-29 06:12 - 00088176 _____ () C:\Users\DINO\AppData\Roaming\Spotify\libegl.dll 2016-07-16 21:43 - 2016-07-16 21:43 - 19483328 _____ () C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_22_0_0_209.dll ==================== Alternate Data Streams (Whitelisted) ========= (If an entry is included in the fixlist, only the ADS will be removed.) AlternateDataStreams: C:\ProgramData\Microsoft:GXanUABG0Tqo6L6XDgZk1Yldo71Ji [2102] AlternateDataStreams: C:\ProgramData\Microsoft:MW8Pp9mzabCLuZhJtJDkjeK [2054] AlternateDataStreams: C:\Users\DINO\AppData\Local\Temp:L2Exx3kmbplrP0txYFRc5T3aLXK4 [2052] ==================== Safe Mode (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.) ==================== Association (Whitelisted) =============== (If an entry is included in the fixlist, the registry item will be restored to default or removed.) HKU\S-1-5-21-819675344-3165160550-3345714557-1000\Software\Classes\.scr: DWGTrueViewScriptFile => C:\Windows\system32\notepad.exe "%1" ==================== Internet Explorer trusted/restricted =============== (If an entry is included in the fixlist, it will be removed from the registry.) IE trusted site: HKU\.DEFAULT\...\clonewarsadventures.com -> clonewarsadventures.com IE trusted site: HKU\.DEFAULT\...\freerealms.com -> freerealms.com IE trusted site: HKU\.DEFAULT\...\soe.com -> soe.com IE trusted site: HKU\.DEFAULT\...\sony.com -> sony.com IE trusted site: HKU\S-1-5-19\...\clonewarsadventures.com -> clonewarsadventures.com IE trusted site: HKU\S-1-5-19\...\freerealms.com -> freerealms.com IE trusted site: HKU\S-1-5-19\...\soe.com -> soe.com IE trusted site: HKU\S-1-5-19\...\sony.com -> sony.com IE trusted site: HKU\S-1-5-20\...\clonewarsadventures.com -> clonewarsadventures.com IE trusted site: HKU\S-1-5-20\...\freerealms.com -> freerealms.com IE trusted site: HKU\S-1-5-20\...\soe.com -> soe.com IE trusted site: HKU\S-1-5-20\...\sony.com -> sony.com IE trusted site: HKU\S-1-5-21-819675344-3165160550-3345714557-1000\...\clonewarsadventures.com -> clonewarsadventures.com IE trusted site: HKU\S-1-5-21-819675344-3165160550-3345714557-1000\...\freerealms.com -> freerealms.com IE trusted site: HKU\S-1-5-21-819675344-3165160550-3345714557-1000\...\soe.com -> soe.com IE trusted site: HKU\S-1-5-21-819675344-3165160550-3345714557-1000\...\sony.com -> sony.com ==================== Hosts content: =============================== (If needed Hosts: directive could be included in the fixlist to reset Hosts.) 2009-07-14 04:34 - 2009-06-10 23:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts ==================== Other Areas ============================ (Currently there is no automatic fix for this section.) HKU\S-1-5-21-819675344-3165160550-3345714557-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\DINO\AppData\Roaming\IrfanView\IrfanView_Wallpaper.bmp DNS Servers: 8.8.8.8 - 8.8.8.4 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1) Windows Firewall is enabled. ==================== MSCONFIG/TASK MANAGER disabled items == (Currently there is no automatic fix for this section.) MSCONFIG\Services: BRSptStub => 3 MSCONFIG\Services: BRSptSvc => 3 MSCONFIG\Services: qkseeService => 2 MSCONFIG\Services: YestonyP => 2 MSCONFIG\Services: YestonyU => 2 MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^TP-LINK Wireless Configuration Utility.lnk => C:\Windows\pss\TP-LINK Wireless Configuration Utility.lnk.CommonStartup MSCONFIG\startupreg: Viber => "C:\Users\DINO\AppData\Local\Viber\Viber.exe" StartMinimized ==================== FirewallRules (Whitelisted) =============== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) FirewallRules: [TCP Query User{09902AD2-8498-4A65-9BFE-E7AC3EB83DA5}C:\users\dino\appdata\local\temp\27cead0c8ccd478192dc6ddbc0891e8b\relicdownloader.exe] => (Allow) C:\users\dino\appdata\local\temp\27cead0c8ccd478192dc6ddbc0891e8b\relicdownloader.exe FirewallRules: [UDP Query User{B352A964-D580-4749-BF00-F390FED4DCD4}C:\users\dino\appdata\local\temp\27cead0c8ccd478192dc6ddbc0891e8b\relicdownloader.exe] => (Allow) C:\users\dino\appdata\local\temp\27cead0c8ccd478192dc6ddbc0891e8b\relicdownloader.exe FirewallRules: [TCP Query User{A9434015-58BB-4328-8A2A-7A85341E26D2}C:\users\dino\appdata\local\temp\2aedc19a311647c0ba766a2e5fee2fae\relicdownloader.exe] => (Allow) C:\users\dino\appdata\local\temp\2aedc19a311647c0ba766a2e5fee2fae\relicdownloader.exe FirewallRules: [UDP Query User{DFDD4A22-484B-4E7B-9006-1AE338D51DD9}C:\users\dino\appdata\local\temp\2aedc19a311647c0ba766a2e5fee2fae\relicdownloader.exe] => (Allow) C:\users\dino\appdata\local\temp\2aedc19a311647c0ba766a2e5fee2fae\relicdownloader.exe FirewallRules: [{886D5315-61DE-4D43-9E62-293695A0506B}] => (Allow) D:\PROGRAMY\uTorrent\uTorrent.exe FirewallRules: [{C9D6744F-CFEC-4516-8CA4-8F9DBA325AC5}] => (Allow) D:\PROGRAMY\uTorrent\uTorrent.exe FirewallRules: [TCP Query User{0D892885-29CD-42B1-9FA3-4BFB488AD5AD}C:\users\dino\appdata\local\temp\0f855fd03db04d188abde7b865db50b5\relicdownloader.exe] => (Allow) C:\users\dino\appdata\local\temp\0f855fd03db04d188abde7b865db50b5\relicdownloader.exe FirewallRules: [UDP Query User{A798C535-FE7A-45E6-8005-572CAD737C80}C:\users\dino\appdata\local\temp\0f855fd03db04d188abde7b865db50b5\relicdownloader.exe] => (Allow) C:\users\dino\appdata\local\temp\0f855fd03db04d188abde7b865db50b5\relicdownloader.exe FirewallRules: [TCP Query User{64B66277-7DC1-4636-8C1B-B6C66808DB10}D:\gry\arma 2\arma2.exe] => (Block) D:\gry\arma 2\arma2.exe FirewallRules: [UDP Query User{6CFBEAA4-A2BF-4689-B37A-236ADEEBECC6}D:\gry\arma 2\arma2.exe] => (Block) D:\gry\arma 2\arma2.exe FirewallRules: [{FEECC854-28F8-4B58-9781-BF7C321CE3E2}] => (Allow) D:\PROGRAMY\steam\Steam.exe FirewallRules: [{1980EB14-AD91-4E1F-8FDB-B3801AE843E7}] => (Allow) D:\PROGRAMY\steam\Steam.exe FirewallRules: [TCP Query User{8499A4C4-8913-4CCE-B22C-405A8CC2EC60}D:\gry\battlestation pacific\bsp.exe] => (Allow) D:\gry\battlestation pacific\bsp.exe FirewallRules: [UDP Query User{4B360F5F-3435-41F8-B9AC-EB250077F78B}D:\gry\battlestation pacific\bsp.exe] => (Allow) D:\gry\battlestation pacific\bsp.exe FirewallRules: [TCP Query User{7E658C2E-44B4-44BC-880D-01ECB6DF1100}D:\gry\eve\bin\exefile.exe] => (Allow) D:\gry\eve\bin\exefile.exe FirewallRules: [UDP Query User{AEF37E5B-E880-4A99-BB63-117FAAD51133}D:\gry\eve\bin\exefile.exe] => (Allow) D:\gry\eve\bin\exefile.exe FirewallRules: [TCP Query User{D4D45E15-A75A-4C0A-B1E1-11CF584C8AE5}D:\programy\teamspeak3-server_win64\ts3server_win64.exe] => (Allow) D:\programy\teamspeak3-server_win64\ts3server_win64.exe FirewallRules: [UDP Query User{FAE1A2FB-BB82-4278-9C44-5DE797120F44}D:\programy\teamspeak3-server_win64\ts3server_win64.exe] => (Allow) D:\programy\teamspeak3-server_win64\ts3server_win64.exe FirewallRules: [TCP Query User{F2998AA3-9B74-494E-93AC-1B00F83561DD}F:\wowp_1.0.0_eu_install\wowp\wowplauncher.exe] => (Allow) F:\wowp_1.0.0_eu_install\wowp\wowplauncher.exe FirewallRules: [UDP Query User{940EC80E-F154-45F0-A704-5A71261DDB1F}F:\wowp_1.0.0_eu_install\wowp\wowplauncher.exe] => (Allow) F:\wowp_1.0.0_eu_install\wowp\wowplauncher.exe FirewallRules: [{099172D6-0510-4B64-952F-DF128154FF3F}] => (Allow) G:\7. GRY\Battlefield 3\bf3.exe FirewallRules: [{B65E369A-76B6-44F5-96C2-D824EA0E5249}] => (Allow) G:\7. GRY\Battlefield 3\bf3.exe FirewallRules: [{87BA72D2-0308-4C18-A630-1D4B3970E773}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe FirewallRules: [{FB4A5640-2E20-4FCC-9AA4-1B777243647A}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe FirewallRules: [{7F06C1E5-BF94-41BB-BB1B-839DB2D5EE2E}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe FirewallRules: [{30794881-523A-4F46-95B5-18F7BF019EE0}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe FirewallRules: [TCP Query User{1E6CA848-82A4-4770-BD35-BB41F9C17901}G:\7. gry\wot\wot\wotlauncher.exe] => (Allow) G:\7. gry\wot\wot\wotlauncher.exe FirewallRules: [UDP Query User{67E9B0BF-0422-4438-A360-3DD96BDE399A}G:\7. gry\wot\wot\wotlauncher.exe] => (Allow) G:\7. gry\wot\wot\wotlauncher.exe FirewallRules: [TCP Query User{453AFF0F-A81A-4913-B106-2DC737A2489C}G:\7. gry\wot\wot\worldoftanks.exe] => (Allow) G:\7. gry\wot\wot\worldoftanks.exe FirewallRules: [UDP Query User{D1F5C011-C79B-48B2-A189-552AC0E72679}G:\7. gry\wot\wot\worldoftanks.exe] => (Allow) G:\7. gry\wot\wot\worldoftanks.exe FirewallRules: [{84C73048-22F8-4F9F-962F-ABF29C8DB360}] => (Allow) G:\6.MISC\steam\Steam.exe FirewallRules: [{9FAC0338-9243-498D-B166-C6CD01D0193C}] => (Allow) G:\6.MISC\steam\Steam.exe FirewallRules: [{616C512D-86AD-4D33-B470-8195BD5341FC}] => (Allow) G:\6.MISC\steam\SteamApps\common\Arma 2\arma2.exe FirewallRules: [{E8771021-94B7-4F3D-8BE0-184536765C87}] => (Allow) G:\6.MISC\steam\SteamApps\common\Arma 2\arma2.exe FirewallRules: [{7966400A-CA99-44D5-8ECB-EFA56943FB61}] => (Allow) G:\7. GRY\WarThunder\launcher.exe FirewallRules: [{11C1C118-25C7-4C45-925F-0A98048A4DC4}] => (Allow) G:\7. GRY\WarThunder\launcher.exe FirewallRules: [{C8430FDE-0EE9-4988-8A11-475F0440964E}] => (Allow) LPort=80 FirewallRules: [{2B8BFFD8-D37E-42DF-A273-2D57BFEDA648}] => (Allow) LPort=443 FirewallRules: [{DC855849-F47B-4BC8-A203-EE0359D9635B}] => (Allow) LPort=20010 FirewallRules: [{D2E53D88-53DB-4E96-B774-62B9F74CAE30}] => (Allow) LPort=3478 FirewallRules: [{2352BB47-F096-4900-88C6-2F392A486C56}] => (Allow) LPort=7850 FirewallRules: [{94401950-0F86-4CE0-A499-C7EFB1C01BCD}] => (Allow) LPort=7852 FirewallRules: [{24CC4EB0-D383-41BB-9086-976FA8DFE908}] => (Allow) LPort=7853 FirewallRules: [{1A6AA870-3951-4F3C-A2A5-558D1C6438E2}] => (Allow) LPort=27022 FirewallRules: [{356042D5-49C5-4088-8CC1-2DB61E566D94}] => (Allow) LPort=6881 FirewallRules: [{DCC40000-C960-46EE-AB52-B5385B2D3503}] => (Allow) LPort=33333 FirewallRules: [{38A138B6-FA9C-4775-B413-B6CE1688FEED}] => (Allow) LPort=20443 FirewallRules: [{CD0758DE-6A7B-4D10-AF7C-12F23B24C7F2}] => (Allow) LPort=8090 FirewallRules: [TCP Query User{0DB28375-A70B-4670-A7B9-66ED9A211CD0}G:\7. gry\warthunder\aces.exe] => (Allow) G:\7. gry\warthunder\aces.exe FirewallRules: [UDP Query User{B05ADECC-3AEB-4813-A7BF-6BBC26EBA8EB}G:\7. gry\warthunder\aces.exe] => (Allow) G:\7. gry\warthunder\aces.exe FirewallRules: [{0CD6DD4B-4DCD-4DBB-910C-DCEA74740369}] => (Allow) C:\Users\DINO\AppData\Local\Facebook\Video\Skype\FacebookVideoCalling.exe FirewallRules: [{51CED912-69E5-485A-987B-CD8C5E8E9E7B}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe FirewallRules: [{AFC5BD30-9FBE-4F8A-B312-6D9267129210}] => (Allow) G:\6.MISC\steam\bin\steamwebhelper.exe FirewallRules: [{33974C50-52EC-4CAC-AAB4-A3949C7FEF60}] => (Allow) G:\6.MISC\steam\bin\steamwebhelper.exe FirewallRules: [{0110575B-AE97-4689-8D20-34ACC759713F}] => (Allow) G:\6.MISC\steam\SteamApps\common\Kerbal Space Program\KSP.exe FirewallRules: [{913C2B92-3E0F-49FD-B7A5-B619BC5A3D80}] => (Allow) G:\6.MISC\steam\SteamApps\common\Kerbal Space Program\KSP.exe FirewallRules: [TCP Query User{55F7EBFF-2DC1-405F-BB80-160206E03776}G:\7. gry\warthunder\aces.exe] => (Allow) G:\7. gry\warthunder\aces.exe FirewallRules: [UDP Query User{68D2002F-2FC3-439C-871D-B4EA08E329AB}G:\7. gry\warthunder\aces.exe] => (Allow) G:\7. gry\warthunder\aces.exe FirewallRules: [TCP Query User{5B34B70A-3B23-4A4E-B075-4A286C3166CF}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe FirewallRules: [UDP Query User{43565464-6EC5-49C8-A73D-D4FA0BB78B2C}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe FirewallRules: [TCP Query User{AE248029-613D-4C24-8791-1D7DCAFD67F3}G:\7. gry\mow_assault_squad.exe] => (Allow) G:\7. gry\mow_assault_squad.exe FirewallRules: [UDP Query User{98E28B44-374C-4A1B-A371-E440E1F93512}G:\7. gry\mow_assault_squad.exe] => (Allow) G:\7. gry\mow_assault_squad.exe FirewallRules: [{DC313215-BB0E-4DB4-BB01-533AEF569300}] => (Allow) G:\6.MISC\steam\SteamApps\common\Jagged Alliance Online\JAO.exe FirewallRules: [{21EE851B-4660-457D-AAFD-BCEFA132BCF1}] => (Allow) G:\6.MISC\steam\SteamApps\common\Jagged Alliance Online\JAO.exe FirewallRules: [TCP Query User{A38878D0-2DEC-424D-91CB-854B098EF255}G:\7. gry\warthunder\launcher.exe] => (Allow) G:\7. gry\warthunder\launcher.exe FirewallRules: [UDP Query User{CACCA3DD-5325-48D9-B68B-742EC8A3161D}G:\7. gry\warthunder\launcher.exe] => (Allow) G:\7. gry\warthunder\launcher.exe FirewallRules: [{8C23A612-256F-4A2E-8F1E-0ECF989FB1BA}] => (Allow) G:\6.MISC\steam\SteamApps\common\Wargame Airland Battle\WarGame2.exe FirewallRules: [{2AD21888-BBC0-4514-8A0D-D452CDC055FB}] => (Allow) G:\6.MISC\steam\SteamApps\common\Wargame Airland Battle\WarGame2.exe FirewallRules: [{9C303979-F0E4-4AAF-AD69-8D893762C4CC}] => (Allow) G:\6.MISC\steam\SteamApps\common\Men of War Assault Squad 2\mowas_2.exe FirewallRules: [{F4218F57-BD8A-4198-822C-F3CFDD90B0C2}] => (Allow) G:\6.MISC\steam\SteamApps\common\Men of War Assault Squad 2\mowas_2.exe FirewallRules: [{F4F8BDE8-1529-4BAF-BFD9-EBB1AC230AC5}] => (Allow) G:\6.MISC\steam\SteamApps\common\Men of War Assault Squad 2\mowas_2_ed.exe FirewallRules: [{EBD79BEA-D116-45CB-B661-F3A76A4A3A5A}] => (Allow) G:\6.MISC\steam\SteamApps\common\Men of War Assault Squad 2\mowas_2_ed.exe FirewallRules: [{CB888EA6-2E4B-45EE-94A8-4EF742DFEB5C}] => (Allow) G:\6.MISC\steam\SteamApps\common\Wargame Red Dragon\WarGame3.exe FirewallRules: [{17D36D52-438F-4BC7-916E-66E0A4E43DA0}] => (Allow) G:\6.MISC\steam\SteamApps\common\Wargame Red Dragon\WarGame3.exe FirewallRules: [{35CDDF42-9E76-468E-9C9A-849D2811468E}] => (Allow) G:\6.MISC\steam\SteamApps\common\FSX\fsx.exe FirewallRules: [{4C0C8C18-7043-4F7F-92CC-99CA7139337D}] => (Allow) G:\6.MISC\steam\SteamApps\common\FSX\fsx.exe FirewallRules: [{899552C5-CB28-47A0-80EF-70B0947296F9}] => (Allow) G:\6.MISC\steam\SteamApps\common\VictoryAtSea\VictoryAtSea.exe FirewallRules: [{AA20656D-60C4-45C6-9762-C91D967EBE48}] => (Allow) G:\6.MISC\steam\SteamApps\common\VictoryAtSea\VictoryAtSea.exe FirewallRules: [TCP Query User{18F81F99-3C03-4C7C-B50F-88DAF8AC4F4D}C:\games\world_of_warships\wowslauncher.exe] => (Block) C:\games\world_of_warships\wowslauncher.exe FirewallRules: [UDP Query User{D906BB24-8289-4824-BBC3-342F7CC33802}C:\games\world_of_warships\wowslauncher.exe] => (Block) C:\games\world_of_warships\wowslauncher.exe FirewallRules: [TCP Query User{4AE54537-ED75-4EC7-B0F3-A9506ABE7F79}G:\7. gry\wow\wowslauncher.exe] => (Allow) G:\7. gry\wow\wowslauncher.exe FirewallRules: [UDP Query User{668CEB57-25FF-4A9C-AB8C-DE5900B553D6}G:\7. gry\wow\wowslauncher.exe] => (Allow) G:\7. gry\wow\wowslauncher.exe FirewallRules: [TCP Query User{88DF4CAE-F76E-4AA8-8C7E-91BC93879798}C:\users\dino\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\dino\appdata\roaming\spotify\spotify.exe FirewallRules: [UDP Query User{ACFCC392-7AF6-4C41-B3FD-A1F5BB539275}C:\users\dino\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\dino\appdata\roaming\spotify\spotify.exe FirewallRules: [{C4414C2B-B779-467C-834C-59CEFA17086A}] => (Allow) C:\Program Files (x86)\Winamp\winamp.exe FirewallRules: [{4E26C762-9418-440F-A1D3-4D92901EA641}] => (Allow) C:\Program Files (x86)\Winamp\winamp.exe FirewallRules: [{FE3F5352-12A1-446D-A12E-5E0024C753CA}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe FirewallRules: [{A6F4FDA6-C28A-456B-930C-44155D4C44AA}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe FirewallRules: [TCP Query User{05ACD1EC-977B-4176-BD53-4F6F7BBFEBA3}C:\users\dino\appdata\roaming\spotify\spotify.exe] => (Block) C:\users\dino\appdata\roaming\spotify\spotify.exe FirewallRules: [UDP Query User{57326D43-10B8-4434-95CF-0ABF54EE0EB1}C:\users\dino\appdata\roaming\spotify\spotify.exe] => (Block) C:\users\dino\appdata\roaming\spotify\spotify.exe FirewallRules: [TCP Query User{1308A2B9-C651-4F34-8D39-02BD360881C0}G:\6.misc\steam\steamapps\common\total war arena\arena.exe] => (Allow) G:\6.misc\steam\steamapps\common\total war arena\arena.exe FirewallRules: [UDP Query User{4B80CA71-1BBD-4EE9-BC9A-866B69727A3C}G:\6.misc\steam\steamapps\common\total war arena\arena.exe] => (Allow) G:\6.misc\steam\steamapps\common\total war arena\arena.exe FirewallRules: [TCP Query User{9BC949F7-6D64-489A-B819-3D1E1746ED58}C:\users\dino\appdata\local\mycomgames\mycomgames.exe] => (Allow) C:\users\dino\appdata\local\mycomgames\mycomgames.exe FirewallRules: [UDP Query User{D46D03DD-61DC-49B1-8A2C-C023F09797EB}C:\users\dino\appdata\local\mycomgames\mycomgames.exe] => (Allow) C:\users\dino\appdata\local\mycomgames\mycomgames.exe FirewallRules: [TCP Query User{9A4D80EB-7E24-4301-8232-1A79FEA7A00D}G:\7. gry\aromuredwarfare\armored warfare mycom beta\bin64\armoredwarfare.exe] => (Allow) G:\7. gry\aromuredwarfare\armored warfare mycom beta\bin64\armoredwarfare.exe FirewallRules: [UDP Query User{C83813E8-DB6D-44A2-A11D-E22E5C137158}G:\7. gry\aromuredwarfare\armored warfare mycom beta\bin64\armoredwarfare.exe] => (Allow) G:\7. gry\aromuredwarfare\armored warfare mycom beta\bin64\armoredwarfare.exe FirewallRules: [{AAAB048B-FA90-4B75-8662-E8127351CC2D}] => (Allow) G:\6.MISC\steam\SteamApps\common\Arma 3\arma3launcher.exe FirewallRules: [{7A0206C0-4667-4591-A61B-1D658AC528B5}] => (Allow) G:\6.MISC\steam\SteamApps\common\Arma 3\arma3launcher.exe FirewallRules: [{F840175B-BDCC-4F6A-94AB-2313B4167E08}] => (Allow) D:\PROGRAMY\steam\bin\steamwebhelper.exe FirewallRules: [{6B0C27DC-0C8E-4FA1-8EA0-BF03AEA2D0D6}] => (Allow) D:\PROGRAMY\steam\bin\steamwebhelper.exe FirewallRules: [TCP Query User{6DBA8C8B-8472-46FB-8979-187D29790D44}G:\6.misc\steam\steamapps\common\arma 3\arma3.exe] => (Allow) G:\6.misc\steam\steamapps\common\arma 3\arma3.exe FirewallRules: [UDP Query User{DEBA5852-3007-4912-9096-A10496895FBF}G:\6.misc\steam\steamapps\common\arma 3\arma3.exe] => (Allow) G:\6.misc\steam\steamapps\common\arma 3\arma3.exe FirewallRules: [{69D8F4FE-E357-4400-81B2-4EE957CF33E9}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe FirewallRules: [{F22788B0-B95B-4F3A-A7D0-56B19D9B818D}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe FirewallRules: [{424E106C-A954-4139-9453-DB191C4F2D20}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe FirewallRules: [{7EAB273C-E2B1-4ED1-9A86-A34B3D798119}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe FirewallRules: [{8FCB3981-D22F-4F97-B69F-3208F4CA7A1B}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe FirewallRules: [{F0C09C1D-21CE-499B-AF36-42D1ED233BF1}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe FirewallRules: [{8718BD69-5D64-49E0-AB13-D07E298BD0F4}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe FirewallRules: [{0ACED911-4952-48B0-A2FC-1DE484185232}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe FirewallRules: [{8C702526-0E8E-49B8-A9AD-3ED00C9E4F16}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe FirewallRules: [TCP Query User{21FB8234-627B-41C8-98D5-FDACC782CADD}G:\7. gry\warthunder\win64\aces.exe] => (Allow) G:\7. gry\warthunder\win64\aces.exe FirewallRules: [UDP Query User{83511844-EBD1-4A9B-94D1-0284B699EF16}G:\7. gry\warthunder\win64\aces.exe] => (Allow) G:\7. gry\warthunder\win64\aces.exe FirewallRules: [{A02809FE-2221-4ACE-9368-AEA2CA2D2954}] => (Allow) G:\6.MISC\steam\SteamApps\common\Total War Arena\launcher\launcher.exe FirewallRules: [{F18F2F14-11E1-419B-862D-240460A2E555}] => (Allow) G:\6.MISC\steam\SteamApps\common\Total War Arena\launcher\launcher.exe FirewallRules: [TCP Query User{54E76DDC-B633-4C00-A2C5-A757024A3A73}G:\7. gry\dcs wrld\dcs world\bin\dcs_updater.exe] => (Allow) G:\7. gry\dcs wrld\dcs world\bin\dcs_updater.exe FirewallRules: [UDP Query User{2385458F-86B0-4E30-B2AB-0F95145D4DE5}G:\7. gry\dcs wrld\dcs world\bin\dcs_updater.exe] => (Allow) G:\7. gry\dcs wrld\dcs world\bin\dcs_updater.exe FirewallRules: [TCP Query User{21C8485D-9A32-4E11-A452-8F7ADEF982D6}G:\7. gry\eve\bin\exefile.exe] => (Allow) G:\7. gry\eve\bin\exefile.exe FirewallRules: [UDP Query User{3F441688-90F5-46B7-8244-38786C345B35}G:\7. gry\eve\bin\exefile.exe] => (Allow) G:\7. gry\eve\bin\exefile.exe FirewallRules: [{3D2EB1C0-9F16-4CA1-AA03-71F3468034A9}] => (Allow) G:\6.MISC\steam\SteamApps\common\Kerbal Space Program\KSP_x64.exe FirewallRules: [{008841B8-D50E-41EA-A6A0-79AA4CA050CD}] => (Allow) G:\6.MISC\steam\SteamApps\common\Kerbal Space Program\KSP_x64.exe FirewallRules: [TCP Query User{AE178793-7A31-4770-BEED-2F6AB4CBA565}C:\users\dino\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\dino\appdata\roaming\utorrent\utorrent.exe FirewallRules: [UDP Query User{BE1A082E-A860-4646-BC35-737FE1C9EFC3}C:\users\dino\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\dino\appdata\roaming\utorrent\utorrent.exe FirewallRules: [{DBEE2F82-6EDB-45AC-AB0F-492869F0E920}] => (Allow) C:\Program Files (x86)\Yestony\Application\chrome.exe FirewallRules: [{2F276AFB-E056-49A0-8004-BD2FC886B565}] => (Allow) C:\ProgramData\Yestony\Yestony.exe FirewallRules: [{659A904B-7072-4887-B70F-38B2D39AB71F}] => (Allow) G:\6.MISC\steam\SteamApps\common\Gloria Victis\gv.exe FirewallRules: [{45FF2340-D653-4DE8-BC2B-CA6CEB88F97B}] => (Allow) G:\6.MISC\steam\SteamApps\common\Gloria Victis\gv.exe FirewallRules: [{BF33514F-FA63-467E-AC7B-A144D71C7EC0}] => (Allow) C:\Games\WarThunder\launcher.exe FirewallRules: [{5EBF7AE7-55F1-46AE-98F5-4CD1CAA3E9EA}] => (Allow) C:\Games\WarThunder\launcher.exe FirewallRules: [TCP Query User{4BD83E01-2FD5-4BF3-92E9-A0E928F4B286}C:\games\warthunder\win64\aces.exe] => (Allow) C:\games\warthunder\win64\aces.exe FirewallRules: [UDP Query User{F2980DE6-0950-4DD1-A7F8-EAD29705141D}C:\games\warthunder\win64\aces.exe] => (Allow) C:\games\warthunder\win64\aces.exe FirewallRules: [TCP Query User{F81AC80C-E4BB-49F5-A5BA-30EE9AEA5C9D}D:4\6.misc\steam\steam.exe] => (Block) D:4\6.misc\steam\steam.exe FirewallRules: [UDP Query User{E2EEC107-0570-423D-9B52-F1F86DC7F1A0}D:4\6.misc\steam\steam.exe] => (Block) D:4\6.misc\steam\steam.exe FirewallRules: [{AA9DD849-D6FC-4610-BDC2-A8F9665B6EC6}] => (Allow) C:\Program Files (x86)\Firefox\bin\FirefoxUpdate.exe FirewallRules: [{18528C67-A9DB-4625-8FA8-83BA78CAF7E4}] => (Allow) C:\Program Files (x86)\Firefox\bin\FirefoxCommand.exe FirewallRules: [{4B4CBAF2-BD6B-44AB-A79B-E35837828273}] => (Allow) C:\Program Files (x86)\Firefox\Firefox.exe ==================== Restore Points ========================= 11-08-2016 14:46:39 Scheduled Checkpoint 18-08-2016 21:13:31 Scheduled Checkpoint 29-08-2016 07:41:28 Scheduled Checkpoint 05-09-2016 18:03:52 SPTD setup V1.89 ==================== Faulty Device Manager Devices ============= Name: SM Bus Controller Description: SM Bus Controller Class Guid: Manufacturer: Service: Problem: : The drivers for this device are not installed. (Code 28) Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard. Name: wfdrvr_vt_1_10_0_28 Description: wfdrvr_vt_1_10_0_28 Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1} Manufacturer: Service: wfdrvr_vt_1_10_0_28 Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24) Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed. Devices stay in this state if they have been prepared for removal. After you remove the device, this error disappears.Remove the device, and this error should be resolved. Name: {31c21995-b861-4864-ab50-4a53fbca73d4}Gw64 Description: {31c21995-b861-4864-ab50-4a53fbca73d4}Gw64 Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1} Manufacturer: Service: {31c21995-b861-4864-ab50-4a53fbca73d4}Gw64 Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24) Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed. Devices stay in this state if they have been prepared for removal. After you remove the device, this error disappears.Remove the device, and this error should be resolved. Name: Teredo Tunneling Pseudo-Interface Description: Microsoft Teredo Tunneling Adapter Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318} Manufacturer: Microsoft Service: tunnel Problem: : This device cannot start. (Code10) Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device. On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard. Name: {371bcf01-e691-44bf-9345-60788e5d16a5}Gw64 Description: {371bcf01-e691-44bf-9345-60788e5d16a5}Gw64 Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1} Manufacturer: Service: {371bcf01-e691-44bf-9345-60788e5d16a5}Gw64 Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24) Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed. Devices stay in this state if they have been prepared for removal. After you remove the device, this error disappears.Remove the device, and this error should be resolved. Name: WD SES Device USB Device Description: WD SES Device USB Device Class Guid: Manufacturer: Service: Problem: : The drivers for this device are not installed. (Code 28) Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard. Name: {df8eec40-f909-439c-9ffe-3fee212f71b9}Gw64 Description: {df8eec40-f909-439c-9ffe-3fee212f71b9}Gw64 Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1} Manufacturer: Service: {df8eec40-f909-439c-9ffe-3fee212f71b9}Gw64 Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24) Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed. Devices stay in this state if they have been prepared for removal. After you remove the device, this error disappears.Remove the device, and this error should be resolved. Name: PCI Simple Communications Controller Description: PCI Simple Communications Controller Class Guid: Manufacturer: Service: Problem: : The drivers for this device are not installed. (Code 28) Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard. Name: Universal Serial Bus (USB) Controller Description: Universal Serial Bus (USB) Controller Class Guid: Manufacturer: Service: Problem: : The drivers for this device are not installed. (Code 28) Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard. Name: Ethernet Controller Description: Ethernet Controller Class Guid: Manufacturer: Service: Problem: : The drivers for this device are not installed. (Code 28) Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard. ==================== Event log errors: ========================= Application errors: ================== Error: (09/05/2016 06:11:51 PM) (Source: WinMgmt) (EventID: 10) (User: ) Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected. Error: (09/05/2016 06:10:26 PM) (Source: Winlogon) (EventID: 4103) (User: ) Description: Windows license activation failed. Error 0x80070002. Error: (09/05/2016 06:06:52 PM) (Source: WinMgmt) (EventID: 10) (User: ) Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected. Error: (09/05/2016 06:06:14 PM) (Source: Winlogon) (EventID: 4103) (User: ) Description: Windows license activation failed. Error 0x80070002. Error: (09/05/2016 06:03:51 PM) (Source: VSS) (EventID: 8194) (User: ) Description: Volume Shadow Copy Service error: Unexpected error querying for the IVssWriterCallback interface. hr = 0x80070005, Access is denied. . This is often caused by incorrect security settings in either the writer or requestor process. Operation: Gathering Writer Data Context: Writer Class Id: {e8132975-6f93-4464-a53e-1050253ae220} Writer Name: System Writer Writer Instance ID: {0a051faa-761b-4c1c-8355-163158c32b0a} Error: (09/05/2016 05:58:59 PM) (Source: Winlogon) (EventID: 4103) (User: ) Description: Windows license activation failed. Error 0x80070002. Error: (09/05/2016 05:16:11 PM) (Source: Software Protection Platform Service) (EventID: 8193) (User: ) Description: License Activation Scheduler (sppuinotify.dll) failed with the following error code: 0x80040154 Error: (09/05/2016 04:32:58 PM) (Source: WinMgmt) (EventID: 10) (User: ) Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected. Error: (09/05/2016 04:32:31 PM) (Source: Winlogon) (EventID: 4103) (User: ) Description: Windows license activation failed. Error 0x80070002. Error: (09/04/2016 09:35:01 PM) (Source: Software Protection Platform Service) (EventID: 8193) (User: ) Description: License Activation Scheduler (sppuinotify.dll) failed with the following error code: 0x80040154 System errors: ============= Error: (09/05/2016 06:11:58 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: The NO-IP DUC v4.1.1 service failed to start due to the following error: The system cannot find the file specified. Error: (09/05/2016 06:09:57 PM) (Source: Service Control Manager) (EventID: 7026) (User: ) Description: The following boot-start or system-start driver(s) failed to load: wfdrvr_vt_1_10_0_28 {31c21995-b861-4864-ab50-4a53fbca73d4}Gw64 {371bcf01-e691-44bf-9345-60788e5d16a5}Gw64 {df8eec40-f909-439c-9ffe-3fee212f71b9}Gw64 Error: (09/05/2016 06:09:57 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: The SSFK service failed to start due to the following error: The system cannot find the file specified. Error: (09/05/2016 06:09:57 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: The Opejob service failed to start due to the following error: The system cannot find the file specified. Error: (09/05/2016 06:09:57 PM) (Source: Microsoft-Windows-BitLocker-Driver) (EventID: 24620) (User: NT AUTHORITY) Description: Encrypted volume check: Volume information on \\?\Volume{3714c944-3cc1-11e2-a69c-806e6f6e6963} cannot be read. Error: (09/05/2016 06:09:57 PM) (Source: Microsoft-Windows-BitLocker-Driver) (EventID: 24620) (User: NT AUTHORITY) Description: Encrypted volume check: Volume information on \\?\Volume{1f8c0f69-3cc6-11e2-9be5-e2baee664219} cannot be read. Error: (09/05/2016 06:07:22 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: The NO-IP DUC v4.1.1 service failed to start due to the following error: The system cannot find the file specified. Error: (09/05/2016 06:05:21 PM) (Source: Microsoft-Windows-BitLocker-Driver) (EventID: 24620) (User: NT AUTHORITY) Description: Encrypted volume check: Volume information on \\?\Volume{1f8c0f69-3cc6-11e2-9be5-e2baee664219} cannot be read. Error: (09/05/2016 06:05:21 PM) (Source: Service Control Manager) (EventID: 7026) (User: ) Description: The following boot-start or system-start driver(s) failed to load: wfdrvr_vt_1_10_0_28 {31c21995-b861-4864-ab50-4a53fbca73d4}Gw64 {371bcf01-e691-44bf-9345-60788e5d16a5}Gw64 {df8eec40-f909-439c-9ffe-3fee212f71b9}Gw64 Error: (09/05/2016 06:05:20 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: The SSFK service failed to start due to the following error: The system cannot find the file specified. ==================== Memory info =========================== Processor: Intel(R) Core(TM) i7-3770K CPU @ 3.50GHz Percentage of memory in use: 25% Total physical RAM: 16344.07 MB Available physical RAM: 12180.5 MB Total Virtual: 32686.34 MB Available Virtual: 29012.37 MB ==================== Drives ================================ Drive c: (SYSTEM SSD) (Fixed) (Total:111.69 GB) (Free:33.8 GB) NTFS ==>[drive with boot components (obtained from BCD)] Drive d: (New Volume) (Fixed) (Total:149.05 GB) (Free:147.61 GB) NTFS Drive g: (DINO) (Fixed) (Total:833.82 GB) (Free:92.39 GB) NTFS ==================== MBR & Partition Table ================== ======================================================== Disk: 0 (MBR Code: Windows XP) (Size: 111.8 GB) (Disk ID: 710E3F08) Partition 1: (Not Active) - (Size=99 MB) - (Type=07 NTFS) Partition 2: (Active) - (Size=111.7 GB) - (Type=07 NTFS) ======================================================== Disk: 1 (MBR Code: Windows 7 or 8) (Size: 149 GB) (Disk ID: 15985211) Partition 1: (Not Active) - (Size=149 GB) - (Type=07 NTFS) ======================================================== Disk: 2 (MBR Code: Windows XP) (Size: 931.5 GB) (Disk ID: 00023F15) Partition 1: (Active) - (Size=97.7 GB) - (Type=07 NTFS) Partition 2: (Not Active) - (Size=833.8 GB) - (Type=OF Extended) ==================== End of Addition.txt ============================