Additional scan result of Farbar Recovery Scan Tool (x64) Version:09-08-2015 Ran by Karol (2015-08-11 11:24:36) Running from C:\Users\Karol\Desktop Boot Mode: Normal ========================================================== ==================== Accounts: ============================= Administrator (S-1-5-21-1828607627-4141170242-6496250-500 - Administrator - Disabled) Gość (S-1-5-21-1828607627-4141170242-6496250-501 - Limited - Disabled) Karol (S-1-5-21-1828607627-4141170242-6496250-1000 - Administrator - Enabled) => C:\Users\Karol Konto domyślne (S-1-5-21-1828607627-4141170242-6496250-503 - Limited - Disabled) ==================== Security Center ======================== (If an entry is included in the fixlist, it will be removed.) AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} ==================== Installed Programs ====================== (Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.) Aktualizacje NVIDIA 2.5.12.11 (Version: 2.5.12.11 - NVIDIA Corporation) Hidden AVG PC TuneUp 2015 (HKLM-x32\...\AVG PC TuneUp) (Version: 15.0.1001.518 - AVG Technologies) AVG PC TuneUp 2015 (pl-PL) (x32 Version: 15.0.1001.518 - AVG Technologies) Hidden AVG PC TuneUp 2015 (x32 Version: 15.0.1001.518 - AVG Technologies) Hidden cFosSpeed v10.08 (HKLM\...\cFosSpeed) (Version: 10.08 - cFos Software GmbH, Bonn) Cisco LEAP Module (HKLM-x32\...\{51C7AD07-C3F6-4635-8E8A-231306D810FE}) (Version: 1.0.19 - Cisco Systems, Inc.) Cisco PEAP Module (HKLM-x32\...\{ED5776D5-59B4-46B7-AF81-5F2D94D7C640}) (Version: 1.1.6 - Cisco Systems, Inc.) Counter-Strike: Global Offensive (HKLM-x32\...\Steam App 730) (Version: - Valve) Depth (HKLM-x32\...\Steam App 274940) (Version: - Digital Confectioners) Europa Universalis IV (HKLM-x32\...\Steam App 236850) (Version: - Paradox Development Studio) FolderIco 3.0 (HKLM\...\{22C37D82-6137-40BF-8625-7A846ED65F3A}_is1) (Version: - teorex) G DATA INTERNET SECURITY (HKLM-x32\...\{AC68D2FF-1674-4C16-A536-A69FC11BBD82}) (Version: 25.1.0.3 - G DATA Software AG) GIMP 2.8.14 (HKLM\...\GIMP-2_is1) (Version: 2.8.14 - The GIMP Team) Google Chrome (HKLM-x32\...\Google Chrome) (Version: 43.0.2357.132 - Google Inc.) Google Update Helper (x32 Version: 1.3.27.5 - Google Inc.) Hidden Infestation: Survivor Stories (HKLM-x32\...\Steam App 226700) (Version: - OP Productions LLC) Intel Processor Win7 IO Drivers 64Bit (HKLM-x32\...\{BAA62292-0D57-47A1-98C2-8DC26CB8328A}) (Version: 1.5.1021 - Intel) Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 10.0.25.1006 - Intel Corporation) Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 37.15.0.1073 - Intel Corporation) Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 12.8.0.1016 - Intel Corporation) Intel(R) USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 3.0.0.33 - Intel Corporation) Java 8 Update 45 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218045F0}) (Version: 8.0.450 - Oracle Corporation) League of Legends (HKLM-x32\...\League of Legends 3.0.1) (Version: 3.0.1 - Riot Games) League of Legends (x32 Version: 3.0.1 - Riot Games) Hidden Left 4 Dead 2 (HKLM-x32\...\Steam App 550) (Version: - Valve) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation) NVIDIA GeForce Experience 2.5.12.11 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.5.12.11 - NVIDIA Corporation) NVIDIA Oprogramowanie systemu PhysX 9.15.0428 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.15.0428 - NVIDIA Corporation) NVIDIA Sterownik 3D Vision 353.62 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 353.62 - NVIDIA Corporation) NVIDIA Sterownik dźwięku HD 1.3.34.3 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.34.3 - NVIDIA Corporation) NVIDIA Sterownik graficzny 353.62 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 353.62 - NVIDIA Corporation) NVIDIA Sterownik kontrolera 3D Vision 352.65 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 352.65 - NVIDIA Corporation) ON_OFF Charge 2 B13.1028.1 (HKLM-x32\...\InstallShield_{6B4ED6F7-BB88-4945-B0C6-01410E1BAC3A}) (Version: 1.00.0000 - GIGABYTE) ON_OFF Charge 2 B13.1028.1 (x32 Version: 1.00.0000 - GIGABYTE) Hidden Oprogramowanie mikroukładu Intel® (x32 Version: 10.0.13 - Intel(R) Corporation) Hidden Panel sterowania NVIDIA 353.62 (Version: 353.62 - NVIDIA Corporation) Hidden PAYDAY 2 (HKLM-x32\...\Steam App 218620) (Version: - OVERKILL - a Starbreeze Studio.) Platform (x32 Version: 1.40 - VIA Technologies, Inc.) Hidden POSTAL 2 (HKLM-x32\...\Steam App 223470) (Version: - Running With Scissors) Razer Cortex (HKLM-x32\...\Razer Cortex_is1) (Version: 6.0.29.0 - Razer Inc.) Razer Synapse (HKLM-x32\...\{0D78BEE2-F8FF-4498-AF1A-3FF81CED8AC6}) (Version: 1.18.21.26914 - Razer Inc.) Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.77.1126.2013 - Realtek) Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7535 - Realtek Semiconductor Corp.) REALTEK Wireless LAN Driver and Utility (HKLM-x32\...\{9C049499-055C-4a0c-A916-1D8CA1FF45EB}) (Version: 1.00.0132 - REALTEK Semiconductor Corp.) Rust (HKLM-x32\...\Steam App 252490) (Version: - Facepunch Studios) Sąsiedzi z Piekła Rodem 1 i 2 (HKLM-x32\...\{6AAF923E-077E-4543-BA1C-42A75BB03677}) (Version: 1.0 - ) screenSHU - the fastest screen capture ever. (HKLM-x32\...\screenSHU) (Version: - ) SHIELD Streaming (Version: 4.1.3000 - NVIDIA Corporation) Hidden SHIELD Wireless Controller Driver (Version: 2.5.12.11 - NVIDIA Corporation) Hidden Skype™ 7.6 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.6.105 - Skype Technologies S.A.) Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation) Steganos Online Shield (HKLM-x32\...\{896614ED-00BD-4E0C-99AB-01C76EE416D9}) (Version: 1.4.15 - Steganos Software GmbH) TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.16 - TeamSpeak Systems GmbH) The Talos Principle (HKLM-x32\...\Steam App 257510) (Version: - Croteam) VIA Platforma Menedżera urządzeń (HKLM-x32\...\InstallShield_{20D4A895-748C-4D88-871C-FDB1695B0169}) (Version: 1.40 - VIA Technologies, Inc.) War of the Immortals (HKLM-x32\...\Steam App 209710) (Version: - Perfect World Shanghai) Windows Driver Package - Intel Corporation (iaiogpio) System (03/05/2014 1.1.5.1021) (HKLM\...\C350E9A986E5CBAAFC01C1264B3688841327E30E) (Version: 03/05/2014 1.1.5.1021 - Intel Corporation) Windows Driver Package - Intel Corporation (iaioi2c) System (03/05/2014 1.1.5.1021) (HKLM\...\34B5F339098E26469E165D779C42C32A61913E98) (Version: 03/05/2014 1.1.5.1021 - Intel Corporation) Windows Driver Package - Intel Corporation (iaiospi) System (03/05/2014 1.1.5.1021) (HKLM\...\EF134616B2A85F61DD4FE7CEA90633D9E831939E) (Version: 03/05/2014 1.1.5.1021 - Intel Corporation) Windows Driver Package - Intel Corporation (iaiouart) Ports (03/05/2014 1.1.5.1021) (HKLM\...\BDF4069D9B91F8C595E4965DDB19A0079F8A7C09) (Version: 03/05/2014 1.1.5.1021 - Intel Corporation) Windows Driver Package - Intel Corporation (ialpssdma) System (03/05/2014 1.1.5.1021) (HKLM\...\03F0626C3266BFF2337B68D44CCBB8A8A2D654B9) (Version: 03/05/2014 1.1.5.1021 - Intel Corporation) WinRAR 5.21 (64-bitowy) (HKLM\...\WinRAR archiver) (Version: 5.21.0 - win.rar GmbH) WPS Office (9.1.0.4759) (HKU\S-1-5-21-1828607627-4141170242-6496250-1000\...\WPS Office) (Version: 9.1.0.4759 - Kingsoft Corp.) ZyXEL NWD6605 Driver Installation Tool (HKLM-x32\...\{B63CCD1C-A133-4DF8-8306-DA0387231152}) (Version: 1.00.0205.1 - ZyXEL Communications Corp.) ==================== Custom CLSID (Whitelisted): ========================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) CustomCLSID: HKU\S-1-5-21-1828607627-4141170242-6496250-1000_Classes\CLSID\{018D5C66-4533-4307-9B53-224DE2ED1FE6}\InprocServer32 -> C:\Windows\system32\shell32.dll (Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-1828607627-4141170242-6496250-1000_Classes\CLSID\{1BF42E4C-4AF4-4CFD-A1A0-CF2960B8F63E}\InprocServer32 -> C:\Users\Karol\AppData\Local\Microsoft\OneDrive\17.3.5907.0716\amd64\FileSyncShell64.dll (Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-1828607627-4141170242-6496250-1000_Classes\CLSID\{5AB7172C-9C11-405C-8DD5-AF20F3606282}\InprocServer32 -> C:\Users\Karol\AppData\Local\Microsoft\OneDrive\17.3.5907.0716\amd64\FileSyncShell64.dll (Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-1828607627-4141170242-6496250-1000_Classes\CLSID\{7AFDFDDB-F914-11E4-8377-6C3BE50D980C}\InprocServer32 -> C:\Users\Karol\AppData\Local\Microsoft\OneDrive\17.3.5907.0716\amd64\FileSyncShell64.dll (Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-1828607627-4141170242-6496250-1000_Classes\CLSID\{82CA8DE3-01AD-4CEA-9D75-BE4C51810A9E}\InprocServer32 -> C:\Users\Karol\AppData\Local\Microsoft\OneDrive\17.3.5907.0716\amd64\FileSyncShell64.dll (Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-1828607627-4141170242-6496250-1000_Classes\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}\InprocServer32 -> C:\Users\Karol\AppData\Local\Microsoft\OneDrive\17.3.5907.0716\amd64\FileSyncShell64.dll (Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-1828607627-4141170242-6496250-1000_Classes\CLSID\{A78ED123-AB77-406B-9962-2A5D9D2F7F30}\InprocServer32 -> C:\Users\Karol\AppData\Local\Microsoft\OneDrive\17.3.5907.0716\amd64\FileSyncShell64.dll (Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-1828607627-4141170242-6496250-1000_Classes\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}\InprocServer32 -> C:\Users\Karol\AppData\Local\Microsoft\OneDrive\17.3.5907.0716\amd64\FileSyncShell64.dll (Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-1828607627-4141170242-6496250-1000_Classes\CLSID\{CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B}\InprocServer32 -> C:\Users\Karol\AppData\Local\Microsoft\OneDrive\17.3.5907.0716\amd64\FileSyncShell64.dll (Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-1828607627-4141170242-6496250-1000_Classes\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}\InprocServer32 -> C:\Users\Karol\AppData\Local\Microsoft\OneDrive\17.3.5907.0716\amd64\FileSyncShell64.dll (Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-1828607627-4141170242-6496250-1000_Classes\CLSID\{F8071786-1FD0-4A66-81A1-3CBE29274458}\InprocServer32 -> C:\Users\Karol\AppData\Local\Microsoft\OneDrive\17.3.5907.0716\amd64\FileSyncApi64.dll (Microsoft Corporation) ==================== Restore Points ========================= 09-08-2015 16:58:52 Usunięto: NVIDIA PhysX 10-08-2015 23:43:45 Removed LogMeIn Hamachi ==================== Hosts content: =============================== (If needed Hosts: directive could be included in the fixlist to reset Hosts.) 2009-07-14 04:34 - 2009-06-10 23:00 - 00000824 ____A C:\WINDOWS\system32\Drivers\etc\hosts ==================== Scheduled Tasks (Whitelisted) ============= (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) Task: {00EEBA9C-F9EF-4272-B793-C830FBADD359} - System32\Tasks\Microsoft\Windows\ApplicationData\DsSvcCleanup => C:\Windows\system32\dstokenclean.exe [2015-07-10] (Microsoft Corporation) Task: {01281D62-14D1-49BA-B276-0C143F4FF583} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate => C:\Windows\ehome\mcupdate.exe Task: {0486E1DA-E658-4D15-A9CA-E915E81199F4} - System32\Tasks\TuneUpUtilities_Task_BkGndMaintenance2013 => C:\Program Files (x86)\AVG\AVG PC TuneUp\OneClick.exe [2015-05-15] (AVG Technologies) Task: {0CCA7916-2916-4F12-BD32-1E3BE31E1269} - System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Device-Join => C:\Windows\System32\dsregcmd.exe [2015-07-10] (Microsoft Corporation) Task: {1215A42D-E2FD-4B57-A6ED-346A35606FD8} - System32\Tasks\Microsoft\Windows\Media Center\OCURDiscovery => C:\Windows\ehome\ehPrivJob.exe Task: {1641F54C-1E57-4902-AB65-EE2B65E5629D} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\Schedule Scan => C:\Windows\system32\usoclient.exe [2015-07-10] (Microsoft Corporation) Task: {16613ABE-AA7B-48CF-952B-A50FD906126E} - System32\Tasks\Microsoft\Windows\Media Center\InstallPlayReady => C:\Windows\ehome\ehPrivJob.exe Task: {18B256C1-C613-4758-BA45-CEFD1C4E83C1} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION Task: {19865544-CE08-40BE-8B8C-87C47681433D} - System32\Tasks\Microsoft\Windows\WindowsUpdate\sihboot => C:\Windows\System32\sihclient.exe [2015-07-10] (Microsoft Corporation) Task: {1D3D099E-EE1E-4907-8BA2-BA8F12D11AA6} - System32\Tasks\Microsoft\Windows\Location\Notifications => C:\Windows\System32\LocationNotificationWindows.exe [2015-07-10] (Microsoft Corporation) Task: {2A2BFEF0-4BC8-4213-B4ED-A1FA68EC42AD} - System32\Tasks\WpsNotifyTask_Karol => C:\Users\Karol\AppData\Local\Kingsoft\WPS Office\9.1.0.4759\wtoolex\wpsnotify.exe [2015-06-11] (Zhuhai Kingsoft Office Software Co.,Ltd) Task: {2C97A00A-1C5C-4318-B5CC-8A1A126B77F9} - System32\Tasks\Microsoft\Windows\CertificateServicesClient\KeyPreGenTask Task: {35AD735F-066D-4204-BEC6-F64192819BE7} - System32\Tasks\Microsoft\Windows\Media Center\ReindexSearchRoot => C:\Windows\ehome\ehPrivJob.exe Task: {3F6E048D-6404-433B-8F5F-CFF4D89BF89E} - System32\Tasks\Microsoft\Windows\Application Experience\Microsoft Compatibility Appraiser => Rundll32.exe generaltel.dll,RunTelemetryW Task: {404110D2-E461-412A-BBA2-FB449A29F837} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> No File <==== ATTENTION Task: {40E564DF-8387-4387-9B55-ABC75A4D1903} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscovery => C:\Windows\ehome\ehPrivJob.exe Task: {41160EA0-208B-4C3E-B4DB-805BBABC6B93} - System32\Tasks\Microsoft\Windows\Feedback\Siuf\DmClient => C:\Windows\system32\dmclient.exe [2015-07-10] (Microsoft Corporation) Task: {43A23227-2021-4F22-B3D8-7CDED19C02BD} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate_scheduled => C:\Windows\ehome\mcupdate.exe Task: {4406AD5D-A59F-4C8A-9DA0-61D30B80501C} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION Task: {4454A8D0-2E4E-4A02-BF67-48DF6A7BFAB4} - System32\Tasks\Microsoft\Windows\Maps\MapsUpdateTask Task: {45B4DCA5-BBB8-43AD-AACC-1F289F47E7FF} - System32\Tasks\Microsoft\Windows\Media Center\ObjectStoreRecoveryTask => C:\Windows\ehome\mcupdate.exe Task: {53D4BF6B-CA3D-44D6-B715-439A15086B60} - System32\Tasks\Microsoft\Windows\Media Center\MediaCenterRecoveryTask => C:\Windows\ehome\mcupdate.exe Task: {5576A034-9D10-40D9-BDA3-3DF976E416F1} - System32\Tasks\Microsoft\Windows\Media Center\PvrScheduleTask => C:\Windows\ehome\mcupdate.exe Task: {5D1C5D18-C64E-42D2-B55F-69858A3C1C2C} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION Task: {5E5515C1-7D87-4904-B9CE-FD29EB2ADB72} - System32\Tasks\Microsoft\Windows\Sysmain\ResPriStaticDbSync Task: {611C823C-437B-46E7-9683-5312DFFCFD7B} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\Policy Install => C:\Windows\system32\usoclient.exe [2015-07-10] (Microsoft Corporation) Task: {649E7224-D57F-4950-8754-FF533ED29A92} - System32\Tasks\Microsoft\Windows\Media Center\PeriodicScanRetry => C:\Windows\ehome\MCUpdate.exe Task: {6DB61095-F013-4B6E-9D92-B800CF881815} - System32\Tasks\Microsoft\Windows\Media Center\RecordingRestart => C:\Windows\ehome\ehrec.exe Task: {711EE2F9-A611-4773-AF8E-D4B278A6718D} - System32\Tasks\Microsoft\Windows\CertificateServicesClient\AikCertEnrollTask Task: {73551810-E5F4-433E-9494-0D00B55C855E} - System32\Tasks\Microsoft\Windows\Maps\MapsToastTask Task: {744C9FEA-08B7-43E1-A729-0F94647D655C} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\Resume On Boot => C:\Windows\system32\usoclient.exe [2015-07-10] (Microsoft Corporation) Task: {78B77FA3-9D97-441D-97B6-68CEA40B4F74} - System32\Tasks\Microsoft\Windows\Application Experience\ProgramDataUpdater => Rundll32.exe generaltel.dll,RunTelemetry -maintenance Task: {7A003965-A297-4DC6-B15B-852D798391E0} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\Reboot => C:\WINDOWS\system32\MusNotification.exe [2015-08-09] (Microsoft Corporation) Task: {7E5E7E54-40A7-4252-AD94-CAD194DC833A} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> No File <==== ATTENTION Task: {848DCC36-520C-4946-BF68-C7EFFEFA2F84} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\USO_UxBroker_ReadyToReboot => C:\windows\system32\MusNotification.exe [2015-08-09] (Microsoft Corporation) Task: {87675685-D923-4DBA-9FE1-465DBCF9D730} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-06-11] (Google Inc.) Task: {8DF84CB3-D8E0-4307-A35B-CA74E21786DB} - System32\Tasks\Microsoft\Windows\Clip\License Validation => C:\Windows\system32\ClipUp.exe [2015-08-09] (Microsoft Corporation) Task: {956D0268-3628-4844-BB15-E42219C3FDA7} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> No File <==== ATTENTION Task: {964738D3-173A-4AB6-AC9B-E795B185EE35} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW2 => C:\Windows\ehome\ehPrivJob.exe Task: {9DDC18BA-C35C-48BB-AB35-083F54FB05BC} - System32\Tasks\{02A1E7CC-9D90-4B94-8DA7-9972114C045C} => pcalua.exe -a "C:\ProgramData\G Data\Setups\{AC68D2FF-1674-4C16-A536-A69FC11BBD82}\setup.exe" -c /InstallMode=Uninstall /_DoNotShowChange=true Task: {A364E297-00AD-490D-900E-22AC34598C71} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\Maintenance Install => C:\Windows\system32\usoclient.exe [2015-07-10] (Microsoft Corporation) Task: {A45F2FE1-B88B-4FD5-9930-0825CCC05EB5} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-06-11] (Google Inc.) Task: {A5B6CD85-1B57-49B9-BA80-5D5D65F02826} - System32\Tasks\Microsoft\Windows\AppID\EDP Policy Manager Task: {A75B41F9-1AF7-4A1C-B6D2-14A4B0363A3F} - System32\Tasks\Microsoft\Windows\Media Center\ehDRMInit => C:\Windows\ehome\ehPrivJob.exe Task: {A869E2B8-CC86-4193-9550-2767B44673E3} - System32\Tasks\WpsUpdateTask_Karol => C:\Users\Karol\AppData\Local\Kingsoft\WPS Office\9.1.0.4759\wtoolex\wpsupdate.exe [2015-06-11] (Zhuhai Kingsoft Office Software Co.,Ltd) Task: {AC29E64E-3271-47BA-B8F1-914523CF379B} - System32\Tasks\Microsoft\Windows\WindowsUpdate\Automatic App Update Task: {ADBBC9D3-208F-4578-AF27-1F2A6F900422} - System32\Tasks\Microsoft\Windows\Media Center\DispatchRecoveryTasks => C:\Windows\ehome\ehPrivJob.exe Task: {B1403E70-C3F2-4804-8210-86F69E283298} - System32\Tasks\Microsoft\Windows\Media Center\ConfigureInternetTimeService => C:\Windows\ehome\ehPrivJob.exe Task: {B64454F2-6960-48A6-AB3B-031A9D53BCC0} - System32\Tasks\Java Platform SE Auto Updater => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2015-04-30] (Oracle Corporation) Task: {B9B36D41-C776-424E-9A13-5387E17A2CEB} - System32\Tasks\Microsoft\Windows\WCM\WiFiTask => C:\Windows\System32\WiFiTask.exe [2015-07-10] (Microsoft Corporation) Task: {BB8DF4C3-1464-4698-9839-5C5BAC4C1431} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION Task: {BF69446D-D979-4AC0-B4D4-DBF09E80E357} - System32\Tasks\{9B3A4D3C-C110-4A86-868B-E3D117E4CF7B} => pcalua.exe -a "D:\steam\steamapps\common\Left 4 Dead 2\bin\addoninstaller.exe" -d "D:\steam\steamapps\common\Left 4 Dead 2" -c /register Task: {C2162702-FFEB-48C0-AA5F-2DA3A8887D61} - System32\Tasks\Microsoft\Windows\LanguageComponentsInstaller\Installation Task: {C56AFFD3-06B8-4A16-AF7E-F7A6EB3FAE9E} - System32\Tasks\Microsoft\Windows\TPM\Tpm-HASCertRetr Task: {C5EE2EA2-5312-4D1F-B9D0-41B18DF31B78} - System32\Tasks\Microsoft\Windows\WindowsUpdate\sih => C:\Windows\System32\sihclient.exe [2015-07-10] (Microsoft Corporation) Task: {C6EC43D0-D80D-4AAA-951B-C83E5FF6CB31} - System32\Tasks\Microsoft\Windows\Media Center\RegisterSearch => C:\Windows\ehome\ehPrivJob.exe Task: {C7A236B2-12E1-46DC-9501-3B1B0209CC09} - System32\Tasks\Microsoft\Windows\Location\WindowsActionDialog => C:\Windows\System32\WindowsActionDialog.exe [2015-07-10] (Microsoft Corporation) Task: {D0061CC8-FAD0-4803-A155-E2AC50CEA6B7} - System32\Tasks\Microsoft\Windows\RetailDemo\CleanupOfflineContent Task: {D0C133F3-FD2B-429C-BEFA-7DA7B8086619} - System32\Tasks\Bitdefender Update Product Data_A17FD818A96743FAB28AC221BEB4B2C8 => C:\Program Files\Bitdefender\Bitdefender 2015\bdproductdata.exe Task: {D0CD2540-EA8D-47CB-80C1-73918680C45E} - System32\Tasks\Microsoft\Windows\Media Center\PvrRecoveryTask => C:\Windows\ehome\mcupdate.exe Task: {D2375C42-621B-4816-B7AE-183E41BD17DB} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> No File <==== ATTENTION Task: {D2401052-A382-42DE-9C79-D1CF3563F654} - System32\Tasks\Microsoft\Windows\LanguageComponentsInstaller\Uninstallation Task: {D5EB648A-02FB-4125-9391-033E9357D156} - System32\Tasks\Microsoft\Windows\SetupSQMTask => C:\WINDOWS\SYSTEM32\OOBE\SETUPSQM.EXE [2015-07-10] (Microsoft Corporation) Task: {DAF2BAE3-1C5B-4CB5-9F62-0911C031A15A} - System32\Tasks\Microsoft\Windows\DiskFootprint\Diagnostics => C:\Windows\system32\disksnapshot.exe [2015-07-10] (Microsoft Corporation) Task: {DC92198A-BA02-4E38-AD0A-AB540DAA44B9} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> No File <==== ATTENTION Task: {E169F072-05F8-4667-939C-37BC5B9D8DD8} - System32\Tasks\Microsoft\Windows\Media Center\ActivateWindowsSearch => C:\Windows\ehome\ehPrivJob.exe Task: {E2552782-3AF8-4F31-88D5-95D117AE7FF3} - System32\Tasks\Microsoft\Windows\Media Center\UpdateRecordPath => C:\Windows\ehome\ehPrivJob.exe Task: {E6A764C8-6993-4ACF-BAF4-54CC87E48799} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> No File <==== ATTENTION Task: {EA3F661E-B31C-44A9-B40C-E3D5D56149D4} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\USO_UxBroker_Display => C:\windows\system32\MusNotification.exe [2015-08-09] (Microsoft Corporation) Task: {EE072902-C117-4870-84AD-AE87841B6261} - System32\Tasks\Microsoft\Windows\Media Center\OCURActivate => C:\Windows\ehome\ehPrivJob.exe Task: {EE718BFB-3882-4A03-BA44-EA2041DA2B1B} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW1 => C:\Windows\ehome\ehPrivJob.exe Task: {F236DC7C-F8A8-4192-979A-0219CD0FECCA} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION Task: {FA4C700A-F820-440D-83A8-AAF4787481D0} - System32\Tasks\Microsoft\Windows\Media Center\SqlLiteRecoveryTask => C:\Windows\ehome\mcupdate.exe (If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.) Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => 0x000A01005B0DDF95A337BD4ABB2130BCAB67EC134600D400000000003C000A00200000000014730F000000000513040020200401000000000000000000000000000000000000180043003A005C00570049004E0044004F00570053005C006500780070006C006F007200650072002E0065007800650000000C002F004E004F0055004100430043004800450043004B000000000018004500780070006C006F007200650072005300680065006C006C0055006E0065006C00650076006100740065006400000000000000080003130400000000000000 Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: C:\WINDOWS\Tasks\WpsNotifyTask_Karol.job => C:\Users\Karol\AppData\Local\Kingsoft\WPS Office\9.1.0.4759\wtoolex\wpsnotify.exe Task: C:\WINDOWS\Tasks\WpsUpdateTask_Karol.job => C:\Users\Karol\AppData\Local\Kingsoft\WPS Office\9.1.0.4759\wtoolex\wpsupdate.exe ==================== Loaded Modules (Whitelisted) ============== 2015-08-09 15:04 - 2015-08-09 15:04 - 00032768 _____ () C:\WINDOWS\SYSTEM32\licensemanagerapi.dll 2015-08-09 15:04 - 2015-08-09 15:04 - 00403968 _____ () C:\WINDOWS\System32\diagtrack_wininternal.dll 2015-07-10 18:34 - 2014-07-11 14:46 - 00036864 _____ () C:\Windows\runSW.exe 2015-05-15 15:57 - 2015-05-15 15:57 - 00718136 _____ () C:\Program Files (x86)\AVG\AVG PC TuneUp\avgrepliba.dll 2015-07-10 18:34 - 2014-07-11 14:45 - 00096768 _____ () C:\Program Files (x86)\ZyXEL\ZyXEL NWD6605 Driver Installation Tool\WPSService20.exe 2015-06-11 23:13 - 2015-07-23 03:10 - 00116552 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll 2015-05-15 15:58 - 2015-05-15 15:58 - 00862008 _____ () C:\Program Files (x86)\AVG\AVG PC TuneUp\tulnga.dll 2015-08-09 17:56 - 2015-07-30 08:05 - 02498808 _____ () C:\WINDOWS\system32\CoreUIComponents.dll 2015-08-09 17:56 - 2015-07-30 08:05 - 02498808 _____ () C:\WINDOWS\System32\CoreUIComponents.dll 2015-07-10 12:59 - 2015-07-10 12:59 - 00429056 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\QuickActions.dll 2015-08-09 17:56 - 2015-08-02 03:37 - 06569472 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll 2015-07-10 13:00 - 2015-07-10 18:34 - 00471040 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll 2015-08-09 17:56 - 2015-08-02 03:34 - 01806848 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll 2015-08-09 17:56 - 2015-08-02 03:35 - 02274816 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll 2015-03-14 07:49 - 2015-03-14 07:49 - 00291840 _____ () C:\ProgramData\Razer\Synapse\RzStats\RzStats.Manager.exe 2015-07-10 13:00 - 2015-07-10 13:00 - 00215352 _____ () c:\windows\system32\WerEtw.dll 2014-05-14 15:08 - 2014-05-14 15:08 - 01241560 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll 2015-06-11 19:54 - 2015-07-24 06:22 - 00011920 _____ () C:\Program Files (x86)\NVIDIA Corporation\Update Core\detoured.dll 2015-08-09 14:39 - 2015-08-11 11:21 - 00619840 _____ () C:\Users\Karol\AppData\Local\Temp\0KrakenDevProps.dll 2015-05-20 04:29 - 2015-05-20 04:29 - 00137728 _____ () C:\ProgramData\Razer\Synapse\CrashReporter\CrashRpt1402.dll 2015-06-11 22:24 - 2014-11-26 03:12 - 40622592 _____ () C:\Users\Karol\AppData\Local\razer\InGameEngine\cache\RzStats.Manager\cef\libcef.dll 2015-06-11 22:24 - 2014-11-26 03:12 - 00911360 _____ () C:\Users\Karol\AppData\Local\razer\InGameEngine\cache\RzStats.Manager\cef\libglesv2.dll 2015-06-11 22:24 - 2014-11-26 03:12 - 00134144 _____ () C:\Users\Karol\AppData\Local\razer\InGameEngine\cache\RzStats.Manager\cef\libegl.dll 2015-07-08 13:28 - 2015-07-07 05:49 - 01281864 _____ () C:\Program Files (x86)\Google\Chrome\Application\43.0.2357.132\libglesv2.dll 2015-07-08 13:28 - 2015-07-07 05:49 - 00080712 _____ () C:\Program Files (x86)\Google\Chrome\Application\43.0.2357.132\libegl.dll ==================== Alternate Data Streams (Whitelisted) ========= (If an entry is included in the fixlist, only the ADS will be removed.) AlternateDataStreams: C:\WINDOWS\SwUSB.exe:AGC ==================== Safe Mode (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.) HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Ahcache.sys => ""="Driver" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CoreMessagingRegistrar => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\StateRepository => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TileDataModelSvc => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\UserManager => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Ahcache.sys => ""="Driver" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\CoreMessagingRegistrar => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\StateRepository => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TileDataModelSvc => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\UserManager => ""="Service" ==================== EXE Association (Whitelisted) =============== (If an entry is included in the fixlist, the registry item will be restored to default or removed.) ==================== Internet Explorer trusted/restricted =============== (If an entry is included in the fixlist, it will be removed from the registry.) ==================== Other Areas ============================ (Currently there is no automatic fix for this section.) HKU\S-1-5-21-1828607627-4141170242-6496250-1000\Control Panel\Desktop\\Wallpaper -> c:\windows\web\wallpaper\theme1\img1.jpg DNS Servers: 192.168.1.1 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1) Windows Firewall is enabled. ==================== MSCONFIG/TASK MANAGER disabled items == (Currently there is no automatic fix for this section.) ==================== FirewallRules (Whitelisted) =============== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139 FirewallRules: [MSMQ-In-TCP] => (Allow) %systemroot%\system32\mqsvc.exe FirewallRules: [MSMQ-Out-TCP] => (Allow) %systemroot%\system32\mqsvc.exe FirewallRules: [MSMQ-In-UDP] => (Allow) %systemroot%\system32\mqsvc.exe FirewallRules: [MSMQ-Out-UDP] => (Allow) %systemroot%\system32\mqsvc.exe FirewallRules: [WCF-NetTcpActivator-In-TCP-64bit] => (Allow) LPort=808 FirewallRules: [{69657D8D-DE25-46C0-BE97-5E2B41B3C9E4}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe FirewallRules: [{D3252A11-5576-4C2F-B645-BA988A0D2F6F}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe FirewallRules: [{70AF287D-93D9-425A-8ED0-499319A4EBF5}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe FirewallRules: [{400CAAC1-DA7A-4900-8FF2-B6BAC92B909A}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe FirewallRules: [{F7E1CFFE-B953-48A6-9250-E04531FB7CD0}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe FirewallRules: [{5B2A7EF6-90BA-4036-B4DA-9AAA9C2E26D6}] => (Allow) D:\steam\SteamApps\common\Skyrim\SkyrimLauncher.exe FirewallRules: [{A1E42EBB-89AD-4D73-B840-51579AA412E6}] => (Allow) D:\steam\SteamApps\common\Skyrim\SkyrimLauncher.exe FirewallRules: [{A1000CFA-6751-4563-AA00-F4AB85E1F34E}] => (Allow) D:\steam\SteamApps\common\The Talos Principle\Bin\Talos_Unrestricted.exe FirewallRules: [{2B45B543-33A7-417B-A4BE-0A2BBBCC5B2B}] => (Allow) D:\steam\SteamApps\common\The Talos Principle\Bin\Talos_Unrestricted.exe FirewallRules: [{2E607FAB-5E3C-4637-AD63-1B7D7B2E3370}] => (Allow) D:\steam\SteamApps\common\The Talos Principle\Bin\Talos.exe FirewallRules: [{A048B743-2888-40D9-B51E-239DB61F8C1F}] => (Allow) D:\steam\SteamApps\common\The Talos Principle\Bin\Talos.exe FirewallRules: [{F6AB7F70-8258-409E-A60F-1150F58689AB}] => (Allow) D:\steam\SteamApps\common\Counter-Strike Global Offensive\csgo.exe FirewallRules: [{A6EC1A51-BC26-442C-AD36-01F93ADE8F6A}] => (Allow) D:\steam\SteamApps\common\Counter-Strike Global Offensive\csgo.exe FirewallRules: [{1CF34C06-B0A0-4878-876F-67F2F9FB4D1A}] => (Allow) D:\steam\SteamApps\common\Europa Universalis IV\eu4.exe FirewallRules: [{7EB6E3C1-8DB6-4B30-8AB6-D3FE4656ED97}] => (Allow) D:\steam\SteamApps\common\Europa Universalis IV\eu4.exe FirewallRules: [{01050854-040B-4E9A-AD82-321D223F712C}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe FirewallRules: [{0CA3DC67-22FB-4FE8-976D-50D10B8E4497}] => (Allow) D:\steam\SteamApps\common\PAYDAY 2\payday2_win32_release.exe FirewallRules: [{5BFEDF11-A562-4402-A603-8372278574E4}] => (Allow) D:\steam\SteamApps\common\PAYDAY 2\payday2_win32_release.exe FirewallRules: [{A48C527D-9A37-4CDF-B444-DB2AD2F5C20C}] => (Allow) D:\steam\SteamApps\common\POSTAL2Complete\ShareThePain\System\Postal2MP.exe FirewallRules: [{47255524-7E22-48B7-ABA6-02DF48FBCFE4}] => (Allow) D:\steam\SteamApps\common\POSTAL2Complete\ShareThePain\System\Postal2MP.exe FirewallRules: [{576CD880-28B6-4ADC-B38F-B9BA7C3D6689}] => (Allow) D:\steam\SteamApps\common\POSTAL2Complete\System\Postal2.exe FirewallRules: [{32086960-C9FB-4BCA-BB22-874BF63E56E4}] => (Allow) D:\steam\SteamApps\common\POSTAL2Complete\System\Postal2.exe FirewallRules: [{F7DF62FE-A2E2-48B2-A711-C8C2AF8412C4}] => (Allow) D:\steam\SteamApps\common\Left 4 Dead 2\left4dead2.exe FirewallRules: [{034AD70A-D038-4EA5-9731-8E8039E92268}] => (Allow) D:\steam\SteamApps\common\Left 4 Dead 2\left4dead2.exe FirewallRules: [{139C91C6-DC58-4808-B2FC-5313BBD6522E}] => (Allow) C:\Users\Karol\AppData\Roaming\Steganos\OnlineShield\Proxy\node.exe FirewallRules: [{090E2207-5711-4D20-89BD-A52F23BFFD06}] => (Allow) D:\steam\SteamApps\common\Warface\live\nw.exe FirewallRules: [{6B91F0C9-8AC7-48D6-B530-58417AE92781}] => (Allow) D:\steam\SteamApps\common\Warface\live\nw.exe FirewallRules: [{41A5675C-3355-4A05-B873-8874B6A0D929}] => (Allow) D:\steam\SteamApps\common\The War Z\WarZlauncher.exe FirewallRules: [{AC2C06DB-FD31-4FCD-AD33-E711CCA17DB5}] => (Allow) D:\steam\SteamApps\common\The War Z\WarZlauncher.exe FirewallRules: [{A3CC5163-B3A5-4883-BE13-21A6C373103D}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe FirewallRules: [{036FE71D-6E05-44FA-BF1C-598BF8853F2B}] => (Allow) D:\steam\SteamApps\common\Rust\Rust.exe FirewallRules: [{E835D2D2-9883-4EC3-B3F0-15C63B7725AF}] => (Allow) D:\steam\SteamApps\common\Rust\Rust.exe FirewallRules: [UDP Query User{BD274399-B482-46F4-A121-2D4C31417FCA}D:\hots\heroes of the storm\versions\base35702\heroesofthestorm_x64.exe] => (Allow) D:\hots\heroes of the storm\versions\base35702\heroesofthestorm_x64.exe FirewallRules: [TCP Query User{8EFFD752-015E-4344-A245-8C0280BAB389}D:\hots\heroes of the storm\versions\base35702\heroesofthestorm_x64.exe] => (Allow) D:\hots\heroes of the storm\versions\base35702\heroesofthestorm_x64.exe FirewallRules: [{9BC8CE91-632F-4F80-B00C-D19C2D94E58F}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe FirewallRules: [{C999BE2D-DFFB-487F-95AB-CE8B0C90AC81}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe FirewallRules: [{3229DF7D-C816-4132-9C0D-441B03AF00CC}] => (Allow) D:\steam\bin\steamwebhelper.exe FirewallRules: [{502B5A08-0947-486F-9D37-D283884F827E}] => (Allow) D:\steam\bin\steamwebhelper.exe FirewallRules: [{9DFC9D71-20D6-448D-8F87-A5AAE0C91456}] => (Allow) D:\steam\Steam.exe FirewallRules: [{0C29225D-5E55-45EA-8345-F0ACD805915A}] => (Allow) D:\steam\Steam.exe FirewallRules: [{F0E8E96A-B2C3-4BB8-94A2-FC56500FB9E4}] => (Allow) LPort=53 FirewallRules: [{C5AC72F6-518E-46C5-AC07-B2A805D3BE26}] => (Allow) LPort=1542 FirewallRules: [{DE4A4282-5829-4CDB-80E7-F464ACC795F4}] => (Allow) LPort=1542 FirewallRules: [{33E81C10-4E1D-4A99-AA52-127A4A132032}] => (Allow) C:\Program Files (x86)\Realtek\11n USB Wireless LAN Utility\RtWLan.exe FirewallRules: [{6121A837-4B63-45DD-A2CA-37C1D7DBA523}] => (Allow) C:\Program Files (x86)\Realtek\11n USB Wireless LAN Utility\RtWLan.exe FirewallRules: [{ABD56917-4D38-4C4E-BC7B-C9926BEB1D3C}] => (Allow) C:\steam\Steam.exe FirewallRules: [{9358F557-6839-4A1E-B16F-8DC4F4C09C67}] => (Allow) C:\steam\Steam.exe FirewallRules: [{AE1E964D-7787-44DA-BE21-CA47DC4C2C58}] => (Allow) D:\steam\SteamApps\common\War of the Immortals\Launcher.exe FirewallRules: [{91A0AE52-28E4-4F20-9B37-7DA8C5C35676}] => (Allow) D:\steam\SteamApps\common\War of the Immortals\Launcher.exe ==================== Faulty Device Manager Devices ============= ==================== Event log errors: ========================= Application errors: ================== Error: (08/11/2015 11:23:04 AM) (Source: Application Error) (EventID: 1000) (User: ) Description: Nazwa aplikacji powodującej błąd: OHub.exe, wersja: 16.0.6106.2350, sygnatura czasowa: 0x55c40ea1 Nazwa modułu powodującego błąd: ntdll.dll, wersja: 10.0.10240.16392, sygnatura czasowa: 0x55a864a2 Kod wyjątku: 0xc0000374 Przesunięcie błędu: 0x00000000000ea28c Identyfikator procesu powodującego błąd: 0x10dc Godzina uruchomienia aplikacji powodującej błąd: 0xOHub.exe0 Ścieżka aplikacji powodującej błąd: OHub.exe1 Ścieżka modułu powodującego błąd: OHub.exe2 Identyfikator raportu: OHub.exe3 Pełna nazwa pakietu powodującego błąd: OHub.exe4 Identyfikator aplikacji względem pakietu powodującego błąd: OHub.exe5 Error: (08/11/2015 01:25:47 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: SZYSZEK_KRULEM) Description: Aktywacja aplikacji Microsoft.Windows.Cortana_cw5n1h2txyewy!CortanaUI nie powiodła się. Błąd: -2144927141. Więcej informacji można znaleźć w dzienniku Microsoft-Windows-TWinUI/Działa. Error: (08/11/2015 12:44:40 AM) (Source: Application Error) (EventID: 1000) (User: ) Description: Nazwa aplikacji powodującej błąd: 6orhfqu2.exe, wersja: 2.1.19357.0, sygnatura czasowa: 0x52e7ea83 Nazwa modułu powodującego błąd: 6orhfqu2.exe, wersja: 2.1.19357.0, sygnatura czasowa: 0x52e7ea83 Kod wyjątku: 0xc0000005 Przesunięcie błędu: 0x000011aa Identyfikator procesu powodującego błąd: 0x124c Godzina uruchomienia aplikacji powodującej błąd: 0x6orhfqu2.exe0 Ścieżka aplikacji powodującej błąd: 6orhfqu2.exe1 Ścieżka modułu powodującego błąd: 6orhfqu2.exe2 Identyfikator raportu: 6orhfqu2.exe3 Pełna nazwa pakietu powodującego błąd: 6orhfqu2.exe4 Identyfikator aplikacji względem pakietu powodującego błąd: 6orhfqu2.exe5 Error: (08/11/2015 12:44:14 AM) (Source: Application Error) (EventID: 1000) (User: ) Description: Nazwa aplikacji powodującej błąd: GDScan.exe, wersja: 1.4.15063.600, sygnatura czasowa: 0x54f6c99c Nazwa modułu powodującego błąd: ntdll.dll, wersja: 10.0.10240.16392, sygnatura czasowa: 0x55a85cc1 Kod wyjątku: 0xc000070a Przesunięcie błędu: 0x000e90fe Identyfikator procesu powodującego błąd: 0x600 Godzina uruchomienia aplikacji powodującej błąd: 0xGDScan.exe0 Ścieżka aplikacji powodującej błąd: GDScan.exe1 Ścieżka modułu powodującego błąd: GDScan.exe2 Identyfikator raportu: GDScan.exe3 Pełna nazwa pakietu powodującego błąd: GDScan.exe4 Identyfikator aplikacji względem pakietu powodującego błąd: GDScan.exe5 Error: (08/11/2015 12:44:10 AM) (Source: Application Error) (EventID: 1000) (User: ) Description: Nazwa aplikacji powodującej błąd: AVKTray.exe, wersja: 25.1.15062.313, sygnatura czasowa: 0x54f534d0 Nazwa modułu powodującego błąd: ntdll.dll, wersja: 10.0.10240.16392, sygnatura czasowa: 0x55a85cc1 Kod wyjątku: 0xc000070a Przesunięcie błędu: 0x000e90fe Identyfikator procesu powodującego błąd: 0x12bc Godzina uruchomienia aplikacji powodującej błąd: 0xAVKTray.exe0 Ścieżka aplikacji powodującej błąd: AVKTray.exe1 Ścieżka modułu powodującego błąd: AVKTray.exe2 Identyfikator raportu: AVKTray.exe3 Pełna nazwa pakietu powodującego błąd: AVKTray.exe4 Identyfikator aplikacji względem pakietu powodującego błąd: AVKTray.exe5 Error: (08/11/2015 12:41:10 AM) (Source: Application Error) (EventID: 1000) (User: ) Description: Nazwa aplikacji powodującej błąd: 6orhfqu2.exe, wersja: 2.1.19357.0, sygnatura czasowa: 0x52e7ea83 Nazwa modułu powodującego błąd: 6orhfqu2.exe, wersja: 2.1.19357.0, sygnatura czasowa: 0x52e7ea83 Kod wyjątku: 0xc0000005 Przesunięcie błędu: 0x000011aa Identyfikator procesu powodującego błąd: 0xf64 Godzina uruchomienia aplikacji powodującej błąd: 0x6orhfqu2.exe0 Ścieżka aplikacji powodującej błąd: 6orhfqu2.exe1 Ścieżka modułu powodującego błąd: 6orhfqu2.exe2 Identyfikator raportu: 6orhfqu2.exe3 Pełna nazwa pakietu powodującego błąd: 6orhfqu2.exe4 Identyfikator aplikacji względem pakietu powodującego błąd: 6orhfqu2.exe5 Error: (08/11/2015 12:34:27 AM) (Source: Application Error) (EventID: 1000) (User: ) Description: Nazwa aplikacji powodującej błąd: OHub.exe, wersja: 16.0.6106.2350, sygnatura czasowa: 0x55c40ea1 Nazwa modułu powodującego błąd: Mso30Imm.dll, wersja: 16.0.6014.1000, sygnatura czasowa: 0x55a5783f Kod wyjątku: 0xc0000005 Przesunięcie błędu: 0x0000000000012b70 Identyfikator procesu powodującego błąd: 0x1f1c Godzina uruchomienia aplikacji powodującej błąd: 0xOHub.exe0 Ścieżka aplikacji powodującej błąd: OHub.exe1 Ścieżka modułu powodującego błąd: OHub.exe2 Identyfikator raportu: OHub.exe3 Pełna nazwa pakietu powodującego błąd: OHub.exe4 Identyfikator aplikacji względem pakietu powodującego błąd: OHub.exe5 Error: (08/11/2015 12:29:38 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: SZYSZEK_KRULEM) Description: Aktywacja aplikacji Microsoft.Windows.Cortana_cw5n1h2txyewy!CortanaUI nie powiodła się. Błąd: -2147023170. Więcej informacji można znaleźć w dzienniku Microsoft-Windows-TWinUI/Działa. Error: (08/11/2015 12:29:38 AM) (Source: Application Error) (EventID: 1000) (User: ) Description: Nazwa aplikacji powodującej błąd: SearchUI.exe, wersja: 10.0.10240.16413, sygnatura czasowa: 0x55bd762c Nazwa modułu powodującego błąd: CortanaApi.dll, wersja: 0.0.0.0, sygnatura czasowa: 0x55bd743a Kod wyjątku: 0x80000003 Przesunięcie błędu: 0x0000000000151c23 Identyfikator procesu powodującego błąd: 0x488 Godzina uruchomienia aplikacji powodującej błąd: 0xSearchUI.exe0 Ścieżka aplikacji powodującej błąd: SearchUI.exe1 Ścieżka modułu powodującego błąd: SearchUI.exe2 Identyfikator raportu: SearchUI.exe3 Pełna nazwa pakietu powodującego błąd: SearchUI.exe4 Identyfikator aplikacji względem pakietu powodującego błąd: SearchUI.exe5 Error: (08/11/2015 12:29:37 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: SZYSZEK_KRULEM) Description: Aktywacja aplikacji Microsoft.Windows.Cortana_cw5n1h2txyewy!CortanaUI nie powiodła się. Błąd: -2147023170. Więcej informacji można znaleźć w dzienniku Microsoft-Windows-TWinUI/Działa. System errors: ============= Error: (08/11/2015 11:21:19 AM) (Source: Service Control Manager) (EventID: 7001) (User: ) Description: Usługa Dostawca grupy domowej zależy od usługi Host dostawcy odnajdowania funkcji, której nie można uruchomić z powodu następującego błędu: %%1058 Error: (08/11/2015 11:20:47 AM) (Source: Service Control Manager) (EventID: 7001) (User: ) Description: Usługa Dostawca grupy domowej zależy od usługi Host dostawcy odnajdowania funkcji, której nie można uruchomić z powodu następującego błędu: %%1058 Error: (08/11/2015 01:25:47 AM) (Source: DCOM) (EventID: 10010) (User: SZYSZEK_KRULEM) Description: CortanaUI.AppXd4tad4d57t4wtdbnnmb8v2xtzym8c1n8.mca Error: (08/11/2015 01:25:45 AM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: Usługa Dostęp do danych użytkownika_Session1 niespodziewanie zakończyła pracę. Wystąpiło to razy: 1. W przeciągu 10000 milisekund zostanie podjęta następująca czynność korekcyjna: Uruchom usługę ponownie. Error: (08/11/2015 01:25:45 AM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: Usługa Magazyn danych użytkownika_Session1 niespodziewanie zakończyła pracę. Wystąpiło to razy: 1. W przeciągu 10000 milisekund zostanie podjęta następująca czynność korekcyjna: Uruchom usługę ponownie. Error: (08/11/2015 01:25:45 AM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: Usługa Dane kontaktowe_Session1 niespodziewanie zakończyła pracę. Wystąpiło to razy: 1. W przeciągu 10000 milisekund zostanie podjęta następująca czynność korekcyjna: Uruchom usługę ponownie. Error: (08/11/2015 01:25:45 AM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: Usługa Synchronizuj hosta_Session1 niespodziewanie zakończyła pracę. Wystąpiło to razy: 1. W przeciągu 10000 milisekund zostanie podjęta następująca czynność korekcyjna: Uruchom usługę ponownie. Error: (08/11/2015 12:44:14 AM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: Usługa G DATA Scanner niespodziewanie zakończyła pracę. Wystąpiło to razy: 1. Error: (08/11/2015 12:39:49 AM) (Source: DCOM) (EventID: 10005) (User: SZYSZEK_KRULEM) Description: 1075GDFwSvc-Service{1DED95CA-C567-464A-B405-087EDDF0B095} Error: (08/11/2015 12:39:49 AM) (Source: Service Control Manager) (EventID: 7003) (User: ) Description: Usługa G DATA Personal Firewall zależy od następującej usługi: AVKWCtl. Ta usługa może nie być zainstalowana. Microsoft Office: ========================= Error: (08/11/2015 11:23:04 AM) (Source: Application Error) (EventID: 1000) (User: ) Description: OHub.exe16.0.6106.235055c40ea1ntdll.dll10.0.10240.1639255a864a2c000037400000000000ea28c10dc01d0d4174e825f66C:\Program Files\WindowsApps\Microsoft.MicrosoftOfficeHub_17.6106.23501.0_x64__8wekyb3d8bbwe\OHub.exeC:\WINDOWS\SYSTEM32\ntdll.dll10183ee8-e888-4bbc-8e62-4385e0d4bf54Microsoft.MicrosoftOfficeHub_17.6106.23501.0_x64__8wekyb3d8bbweMicrosoft.MicrosoftOfficeHub Error: (08/11/2015 01:25:47 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: SZYSZEK_KRULEM) Description: Microsoft.Windows.Cortana_cw5n1h2txyewy!CortanaUI-2144927141 Error: (08/11/2015 12:44:40 AM) (Source: Application Error) (EventID: 1000) (User: ) Description: 6orhfqu2.exe2.1.19357.052e7ea836orhfqu2.exe2.1.19357.052e7ea83c0000005000011aa124c01d0d3be1ff1095dC:\Users\Karol\Downloads\6orhfqu2.exeC:\Users\Karol\Downloads\6orhfqu2.exeb972bd47-34f4-48cf-8d0e-f180aa230806 Error: (08/11/2015 12:44:14 AM) (Source: Application Error) (EventID: 1000) (User: ) Description: GDScan.exe1.4.15063.60054f6c99cntdll.dll10.0.10240.1639255a85cc1c000070a000e90fe60001d0d3bc454cef70C:\Program Files (x86)\Common Files\G Data\GDScan\GDScan.exeC:\WINDOWS\SYSTEM32\ntdll.dll9f5dfa1e-c8a2-47c6-b4e7-d1a238ed3894 Error: (08/11/2015 12:44:10 AM) (Source: Application Error) (EventID: 1000) (User: ) Description: AVKTray.exe25.1.15062.31354f534d0ntdll.dll10.0.10240.1639255a85cc1c000070a000e90fe12bc01d0d3bc6f2004a5C:\Program Files (x86)\G DATA\InternetSecurity\AVKTray\AVKTray.exeC:\WINDOWS\SYSTEM32\ntdll.dll79274903-13d4-4e6e-b35a-b39155d20275 Error: (08/11/2015 12:41:10 AM) (Source: Application Error) (EventID: 1000) (User: ) Description: 6orhfqu2.exe2.1.19357.052e7ea836orhfqu2.exe2.1.19357.052e7ea83c0000005000011aaf6401d0d3bd9f8a78e4C:\Users\Karol\Downloads\6orhfqu2.exeC:\Users\Karol\Downloads\6orhfqu2.exe5864129d-ae53-4b2c-a85c-4b9a4407d962 Error: (08/11/2015 12:34:27 AM) (Source: Application Error) (EventID: 1000) (User: ) Description: OHub.exe16.0.6106.235055c40ea1Mso30Imm.dll16.0.6014.100055a5783fc00000050000000000012b701f1c01d0d3bcaed92380C:\Program Files\WindowsApps\Microsoft.MicrosoftOfficeHub_17.6106.23501.0_x64__8wekyb3d8bbwe\OHub.exeC:\Program Files\WindowsApps\Microsoft.MicrosoftOfficeHub_17.6106.23501.0_x64__8wekyb3d8bbwe\Mso30Imm.dll5c5321af-ea51-4f1b-a99a-f8e66e728c3dMicrosoft.MicrosoftOfficeHub_17.6106.23501.0_x64__8wekyb3d8bbweMicrosoft.MicrosoftOfficeHub Error: (08/11/2015 12:29:38 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: SZYSZEK_KRULEM) Description: Microsoft.Windows.Cortana_cw5n1h2txyewy!CortanaUI-2147023170 Error: (08/11/2015 12:29:38 AM) (Source: Application Error) (EventID: 1000) (User: ) Description: SearchUI.exe10.0.10240.1641355bd762cCortanaApi.dll0.0.0.055bd743a800000030000000000151c2348801d0d3bc0b160848C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exeC:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll1d9db5e1-ec5c-4196-a9c4-72ccca41fff7Microsoft.Windows.Cortana_1.4.8.176_neutral_neutral_cw5n1h2txyewyCortanaUI Error: (08/11/2015 12:29:37 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: SZYSZEK_KRULEM) Description: Microsoft.Windows.Cortana_cw5n1h2txyewy!CortanaUI-2147023170 ==================== Memory info =========================== Processor: Intel(R) Core(TM) i3-4130 CPU @ 3.40GHz Percentage of memory in use: 25% Total physical RAM: 8068.75 MB Available physical RAM: 5988.76 MB Total Virtual: 16260.75 MB Available Virtual: 13988.13 MB ==================== Drives ================================ Drive c: () (Fixed) (Total:442.69 GB) (Free:374.51 GB) NTFS Drive d: (gry) (Fixed) (Total:488.28 GB) (Free:289.73 GB) NTFS Drive f: (Karol ) (Fixed) (Total:931.48 GB) (Free:827.3 GB) NTFS ==================== MBR & Partition Table ================== ======================================================== Disk: 0 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: 82672E61) Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS) Partition 2: (Not Active) - (Size=442.7 GB) - (Type=07 NTFS) Partition 3: (Not Active) - (Size=450 MB) - (Type=27) Partition 4: (Not Active) - (Size=488.3 GB) - (Type=07 NTFS) ======================================================== Disk: 1 (MBR Code: Windows XP) (Size: 931.5 GB) (Disk ID: 00023F15) Partition 1: (Not Active) - (Size=931.5 GB) - (Type=07 NTFS) ==================== End of log ============================