Additional scan result of Farbar Recovery Scan Tool (x64) Version:15-09-2015
Ran by wiktor (2015-09-16 11:19:14)
Running from F:\drivers
Windows 8.1 Pro (X64) (2015-07-22 09:29:47)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-117099339-1064191922-458739453-500 - Administrator - Disabled)
Guest (S-1-5-21-117099339-1064191922-458739453-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-117099339-1064191922-458739453-1003 - Limited - Enabled)
wiktor (S-1-5-21-117099339-1064191922-458739453-1001 - Administrator - Enabled) => C:\Users\wiktor

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Avira Antivirus (Enabled - Up to date) {4D041356-F94D-285F-8768-AAE50FA36859}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avira Antivirus (Enabled - Up to date) {F665F2B2-DF77-27D1-BDD8-9197742422E4}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

µTorrent (HKU\S-1-5-21-117099339-1064191922-458739453-1001\...\uTorrent) (Version: 3.4.4.40911 - BitTorrent Inc.)
2007 Microsoft Office Suite Service Pack 2 (SP2) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}) (Version:  - Microsoft)
2007 Microsoft Office Suite Service Pack 2 (SP2) (x32 Version:  - Microsoft) Hidden
7-Zip 9.38 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0938-000001000000}) (Version: 9.38.00.0 - Igor Pavlov)
abgx360 v1.0.6 (HKLM-x32\...\abgx360) (Version:  - )
Adobe Acrobat Reader DC - Polish (HKLM-x32\...\{AC76BA86-7AD7-1045-7B44-AC0F074E4100}) (Version: 15.008.20082 - Adobe Systems Incorporated)
AutoHotkey 1.1.22.04 (HKLM\...\AutoHotkey) (Version: 1.1.22.04 - Lexikos)
Avira Antivirus (HKLM-x32\...\Avira Antivirus) (Version: 15.0.12.420 - Avira Operations GmbH & Co. KG)
Avira Launcher (HKLM-x32\...\{315dd168-0794-4cf1-8355-f195cde642fc}) (Version: 1.1.45.11819 - Avira Operations GmbH & Co. KG)
Avira Launcher (x32 Version: 1.1.45.11819 - Avira Operations GmbH & Co. KG) Hidden
Battle.net (HKLM-x32\...\Battle.net) (Version:  - Blizzard Entertainment)
CCleaner (HKLM\...\CCleaner) (Version: 5.05 - Piriform)
Counter-Strike: Global Offensive (HKLM-x32\...\Steam App 730) (Version:  - Valve)
CPUID HWMonitor 1.27 (HKLM\...\CPUID HWMonitor_is1) (Version:  - )
Curse Client (HKU\S-1-5-21-117099339-1064191922-458739453-1001\...\101a9f93b8f0bb6f) (Version: 5.1.1.844 - Curse)
DAEMON Tools Lite (HKLM\...\DAEMON Tools Lite) (Version: 10.1.0.0074 - Disc Soft Ltd)
Diablo III (HKLM-x32\...\Diablo III) (Version:  - Blizzard Entertainment)
Fraps (HKLM-x32\...\Fraps) (Version:  - )
GOG Galaxy (HKLM-x32\...\{7258BA11-600C-430E-A759-27E2C691A335}_is1) (Version:  - GOG.com)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 45.0.2454.85 - Google Inc.)
Google Update Helper (x32 Version: 1.3.28.15 - Google Inc.) Hidden
Hearthstone (HKLM-x32\...\Hearthstone) (Version:  - Blizzard Entertainment)
Heroes of the Storm (HKLM-x32\...\Heroes of the Storm) (Version:  - Blizzard Entertainment)
Hot Keyboard Pro 5 (HKLM-x32\...\Hot Keyboard Pro_is1) (Version: 5.1 - Imposant)
HOTSLogsUploader (HKU\S-1-5-21-117099339-1064191922-458739453-1001\...\99a83d131490dc73) (Version: 1.0.0.12 - HOTSLogsUploader)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.5.15.1730 - Intel Corporation)
KMSpico v9.1.3 (HKLM\...\KMSpico_is1) (Version: 9.1.3 - )
Logitech SetPoint 6.67 (HKLM\...\sp6) (Version: 6.67.82 - Logitech)
Microsoft Office Enterprise 2007 (HKLM-x32\...\ENTERPRISE) (Version: 12.0.6425.1000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
NapiProjekt (2.2.0.2399) (HKLM-x32\...\NapiProjekt_is1) (Version:  - )
NVIDIA GeForce Experience 2.4.1.21 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.4.1.21 - NVIDIA Corporation)
NVIDIA Oprogramowanie systemu PhysX 9.15.0428 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.15.0428 - NVIDIA Corporation)
NVIDIA Sterownik 3D Vision 355.82 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 355.82 - NVIDIA Corporation)
NVIDIA Sterownik dźwięku HD 1.3.34.3 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.34.3 - NVIDIA Corporation)
NVIDIA Sterownik graficzny 355.82 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 355.82 - NVIDIA Corporation)
NVIDIA Sterownik kontrolera 3D Vision 352.65 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 352.65 - NVIDIA Corporation)
NVIDIA Wirtualny dźwięk Miracast 355.82 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Miracast.VirtualAudio) (Version: 355.82 - NVIDIA Corporation)
Panel sterowania NVIDIA 355.82 (Version: 355.82 - NVIDIA Corporation) Hidden
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.29.314.2014 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7200 - Realtek Semiconductor Corp.)
SHIELD Streaming (Version: 4.1.1000 - NVIDIA Corporation) Hidden
Splash PRO (HKLM-x32\...\{F0FC3C44-E864-44CD-9604-6D5A7A49181E}) (Version: 1.5.0 - Mirillis)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
TeamViewer 10 (HKLM-x32\...\TeamViewer) (Version: 10.0.45862 - TeamViewer)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.1 - VideoLAN)
War Thunder (HKLM-x32\...\Steam App 236390) (Version:  - Gaijin Entertainment)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== Restore Points =========================

16-09-2015 11:04:28 Scheduled Checkpoint

==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2013-08-22 15:25 - 2013-08-22 15:25 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {00E475CD-4CE3-485C-8434-95B03C7AF998} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-07-22] (Google Inc.)
Task: {37796C2E-A6E4-4586-8F9B-3251712B04FD} - System32\Tasks\AutoPico Daily Restart => C:\Program Files\KMSpico\AutoPico.exe [2013-12-11] ()
Task: {82E45A20-5DD7-454D-92DE-CEDB83DFC251} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\Windows\system32\MRT.exe [2015-08-26] (Microsoft Corporation)
Task: {A952F428-5AA8-42A4-B61D-B51C315E535C} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-07-22] (Google Inc.)
Task: {CB308B85-5610-4330-8489-163FAF0CEC84} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-07-07] (Adobe Systems Incorporated)
Task: {FBF7A319-5128-44B6-918D-B2C0F640ACB0} - System32\Tasks\Microsoft\Windows\Application Experience\ProgramDataUpdater => Rundll32.exe invagent.dll,RunUpdate -noappraiser

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (Whitelisted) ==============

2015-07-22 11:36 - 2015-08-25 16:24 - 00116344 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2015-07-22 11:48 - 2015-04-09 02:58 - 00011920 _____ () C:\Program Files (x86)\NVIDIA Corporation\Update Core\detoured.dll
2015-07-22 11:45 - 2013-09-16 12:17 - 01242584 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll
2015-09-03 09:26 - 2015-08-28 02:17 - 01501512 _____ () C:\Program Files (x86)\Google\Chrome\Application\45.0.2454.85\libglesv2.dll
2015-09-03 09:26 - 2015-08-28 02:17 - 00081224 _____ () C:\Program Files (x86)\Google\Chrome\Application\45.0.2454.85\libegl.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\Users\wiktor\SkyDrive:ms-properties

==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== EXE Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-117099339-1064191922-458739453-1001\Control Panel\Desktop\\Wallpaper -> F:\1502942.jpg
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 2) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)

HKLM\...\StartupApproved\Run: => "Logitech Download Assistant"
HKLM\...\StartupApproved\Run: => "NvBackend"
HKLM\...\StartupApproved\Run: => "RTHDVCPL"
HKLM\...\StartupApproved\Run32: => "GrooveMonitor"
HKLM\...\StartupApproved\Run32: => "CMD"
HKU\S-1-5-21-117099339-1064191922-458739453-1001\...\StartupApproved\StartupFolder: => "CurseClientStartup.ccip"
HKU\S-1-5-21-117099339-1064191922-458739453-1001\...\StartupApproved\Run: => "CCleaner Monitoring"
HKU\S-1-5-21-117099339-1064191922-458739453-1001\...\StartupApproved\Run: => "Hot Keyboard"
HKU\S-1-5-21-117099339-1064191922-458739453-1001\...\StartupApproved\Run: => "Steam"
HKU\S-1-5-21-117099339-1064191922-458739453-1001\...\StartupApproved\Run: => "DAEMON Tools Lite Automount"
HKU\S-1-5-21-117099339-1064191922-458739453-1001\...\StartupApproved\Run: => "GalaxyClient"

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [{77000DC9-F2A1-4012-BB28-44D2CD5D9E73}] => (Allow) C:\Program Files\KMSpico\KMSELDI.exe
FirewallRules: [{0EE13CD2-E3B5-4770-AE16-343A08BACDBB}] => (Allow) C:\Program Files\KMSpico\KMSELDI.exe
FirewallRules: [{CCF5BD95-574E-488F-A041-7176949DB823}] => (Allow) C:\Program Files\KMSpico\AutoPico.exe
FirewallRules: [{DBFA41AF-6110-4AFE-8383-D1E4E1302402}] => (Allow) C:\Program Files\KMSpico\AutoPico.exe
FirewallRules: [{6919AA8D-4B5C-47EC-BBB2-016225381962}] => (Allow) C:\Program Files\KMSpico\Service_KMS.exe
FirewallRules: [{4D12DD08-3A4A-46E8-B7D4-4787CC265EFD}] => (Allow) C:\Program Files\KMSpico\Service_KMS.exe
FirewallRules: [{419CAE76-FDEA-4391-9820-C01745114A48}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{70E98FF7-9F23-4823-87D0-F18402AC873E}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{E6FDBBBA-7974-4AFA-9042-E7C885744EF4}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{3724788B-2D56-44D3-BC2D-540211A404B6}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{71947CCA-BE1F-46C5-9785-CF6854CA0975}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{1DABE826-FB0A-4FF6-9460-4C85631A49C0}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{DAFE4D2D-C690-4ED1-B9B2-D2C857A407BD}] => (Allow) C:\Users\wiktor\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{4DC8717E-69F8-4145-9054-A28CF27666CB}] => (Allow) C:\Users\wiktor\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{01A616BC-3F8D-4BF8-A0E3-2EBBE05EBACF}] => (Allow) C:\Users\wiktor\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{5E0D88AC-771B-4A12-A429-2295D1C65CF7}] => (Allow) C:\Users\wiktor\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{78A264F9-02D6-464E-B423-2094DCBD70E3}] => (Allow) C:\Users\wiktor\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{D39A0D8C-E93D-42E7-A7F9-49CC99C994D6}] => (Allow) C:\Users\wiktor\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{BF6ACDBC-36B3-4AD4-8CD2-C7F02945EF45}] => (Allow) LPort=1688
FirewallRules: [{478A3F64-D840-4C01-8DF8-5EB98FE3CE1E}] => (Allow) C:\Program Files\KMSpico\Service_KMS.exe
FirewallRules: [{B095D24B-BE7C-47C0-BD1B-C6E04AE8FE57}] => (Allow) C:\Program Files\KMSpico\Service_KMS.exe
FirewallRules: [{DE72D9E1-6F6F-4559-A7B6-860B33A2E3EA}] => (Allow) C:\Program Files (x86)\Battle.net\Battle.net.exe
FirewallRules: [{3E3A368D-943B-46CE-9CFE-808D649625FF}] => (Allow) C:\Program Files (x86)\Battle.net\Battle.net.exe
FirewallRules: [TCP Query User{FA612899-3227-40FA-9A1F-A13C5C35DB55}C:\gry\heroes of the storm\versions\base36144\heroesofthestorm_x64.exe] => (Allow) C:\gry\heroes of the storm\versions\base36144\heroesofthestorm_x64.exe
FirewallRules: [UDP Query User{113652D6-EE13-4810-9CD9-BDCCBC9F628F}C:\gry\heroes of the storm\versions\base36144\heroesofthestorm_x64.exe] => (Allow) C:\gry\heroes of the storm\versions\base36144\heroesofthestorm_x64.exe
FirewallRules: [{7B5214F4-9D57-4FA3-82EA-97B933E739BA}] => (Allow) C:\gry\Hearthstone\Hearthstone.exe
FirewallRules: [{B2779008-073E-49A0-9460-9CF6232B2DDE}] => (Allow) C:\gry\Hearthstone\Hearthstone.exe
FirewallRules: [{78C76CE8-4CF9-4445-8FD1-0057C1A9B84B}] => (Allow) C:\Program Files (x86)\NapiProjekt\napisy.exe
FirewallRules: [{F50B111B-68FB-4651-903A-235ED386A358}] => (Allow) C:\Program Files (x86)\NapiProjekt\napisy.exe
FirewallRules: [{53E1E5CE-00D6-42D2-9A57-CAEB4134A8AB}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{B208D71C-BB0E-46F1-9158-7699238CFBCF}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{BEFA969F-0786-4E6E-BFFE-C763B84A7D97}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{92C5E42F-9D4F-4EDE-A465-E3D77F70820B}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [TCP Query User{36EB26C1-F412-4DB1-A56F-FFB1C3DAE35F}D:\gry\starcraft ii\versions\base32283\sc2.exe] => (Allow) D:\gry\starcraft ii\versions\base32283\sc2.exe
FirewallRules: [UDP Query User{299F2E4D-6168-4E4B-8B74-BFE400C427F6}D:\gry\starcraft ii\versions\base32283\sc2.exe] => (Allow) D:\gry\starcraft ii\versions\base32283\sc2.exe
FirewallRules: [{70014C61-EDD8-48D2-9B79-21F4CD60968A}] => (Allow) D:\Gry\steam\steamapps\common\War Thunder\launcher.exe
FirewallRules: [{C1F6ADBB-CA78-4CC9-A31A-0D1551CE24D4}] => (Allow) D:\Gry\steam\steamapps\common\War Thunder\launcher.exe
FirewallRules: [TCP Query User{94F5BA8D-594C-4BB6-985C-1B69B79F8867}D:\gry\steam\steamapps\common\war thunder\aces.exe] => (Allow) D:\gry\steam\steamapps\common\war thunder\aces.exe
FirewallRules: [UDP Query User{BEE04C7D-D605-4E2E-9583-0869940546A0}D:\gry\steam\steamapps\common\war thunder\aces.exe] => (Allow) D:\gry\steam\steamapps\common\war thunder\aces.exe
FirewallRules: [{2947EE5D-1266-463A-A358-B6B770DB13F2}] => (Allow) D:\Gry\steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{F6DA8C11-96B6-4B67-8BB4-0D638EB75683}] => (Allow) D:\Gry\steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [TCP Query User{2834390C-EC62-4826-B91E-6F0ACE31475F}C:\gry\diablo iii\diablo iii.exe] => (Allow) C:\gry\diablo iii\diablo iii.exe
FirewallRules: [UDP Query User{E2AB8F8C-F0E9-4BF6-969A-7BA63C3FE853}C:\gry\diablo iii\diablo iii.exe] => (Allow) C:\gry\diablo iii\diablo iii.exe
FirewallRules: [{6F2593F6-A02B-440D-9A68-D90DB92B8917}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{0BA32ABD-4576-4AD2-9D3E-29466AEED2C4}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{47BB1D46-B9EF-4C00-B263-C18AEBFABADD}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{217769F2-58AE-4E75-87CE-781DE32300B5}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [TCP Query User{26ECCBAB-F210-452C-8753-B711701A66E9}C:\gry\heroes of the storm\versions\base37117\heroesofthestorm_x64.exe] => (Allow) C:\gry\heroes of the storm\versions\base37117\heroesofthestorm_x64.exe
FirewallRules: [UDP Query User{0367AAD2-22DE-4311-9E2B-EBC43F280139}C:\gry\heroes of the storm\versions\base37117\heroesofthestorm_x64.exe] => (Allow) C:\gry\heroes of the storm\versions\base37117\heroesofthestorm_x64.exe
FirewallRules: [TCP Query User{E6D20AFB-CB14-4001-B37E-EBFCC7902304}C:\gry\heroes of the storm\versions\base37274\heroesofthestorm_x64.exe] => (Allow) C:\gry\heroes of the storm\versions\base37274\heroesofthestorm_x64.exe
FirewallRules: [UDP Query User{E4E0931A-D516-4BDF-8D35-133A4D2BDFC7}C:\gry\heroes of the storm\versions\base37274\heroesofthestorm_x64.exe] => (Allow) C:\gry\heroes of the storm\versions\base37274\heroesofthestorm_x64.exe
FirewallRules: [TCP Query User{D3A7E670-DE8D-4516-A121-FBBF4E4FAD3D}C:\gry\heroes of the storm\versions\base37351\heroesofthestorm_x64.exe] => (Allow) C:\gry\heroes of the storm\versions\base37351\heroesofthestorm_x64.exe
FirewallRules: [UDP Query User{36E428A8-A69D-46BA-A61A-0E1104AB090F}C:\gry\heroes of the storm\versions\base37351\heroesofthestorm_x64.exe] => (Allow) C:\gry\heroes of the storm\versions\base37351\heroesofthestorm_x64.exe
FirewallRules: [{8F4C376B-EE01-4480-9CAC-975B81E291A7}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [TCP Query User{8AD0E5E9-5752-4F33-BCC4-42C920ACDD35}C:\gry\heroes of the storm\versions\base37569\heroesofthestorm_x64.exe] => (Allow) C:\gry\heroes of the storm\versions\base37569\heroesofthestorm_x64.exe
FirewallRules: [UDP Query User{6CBAED2B-C6CE-4D78-B964-AF21CED1247E}C:\gry\heroes of the storm\versions\base37569\heroesofthestorm_x64.exe] => (Allow) C:\gry\heroes of the storm\versions\base37569\heroesofthestorm_x64.exe

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (09/16/2015 11:04:29 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Przetwarzanie wywołania OnIdentity() w obiekcie System Writer przez Usługi kryptograficzne nie powiodło się.

Details:
AddLegacyDriverFiles: Unable to back up image of binary Microsoft Link-Layer Discovery Protocol.

System Error:
Access is denied.
.

Error: (09/16/2015 08:56:37 AM) (Source: NvStreamSvc) (EventID: 2001) (User: )
Description: NvStreamSvcFailed continue stopping. [5]

Error: (09/15/2015 10:50:12 AM) (Source: Microsoft-Windows-Defrag) (EventID: 257) (User: )
Description: Wolumin Recovery nie został zoptymalizowany, ponieważ napotkano błąd: The parameter is incorrect. (0x80070057)

Error: (09/15/2015 08:59:09 AM) (Source: NvStreamSvc) (EventID: 2001) (User: )
Description: NvStreamSvcFailed continue stopping. [6]

Error: (09/14/2015 11:06:52 AM) (Source: Microsoft-Windows-Defrag) (EventID: 257) (User: )
Description: Wolumin Recovery nie został zoptymalizowany, ponieważ napotkano błąd: The parameter is incorrect. (0x80070057)

Error: (09/14/2015 10:18:09 AM) (Source: Microsoft-Windows-Defrag) (EventID: 257) (User: )
Description: Wolumin Recovery nie został zoptymalizowany, ponieważ napotkano błąd: The parameter is incorrect. (0x80070057)

Error: (09/14/2015 09:01:24 AM) (Source: NvStreamSvc) (EventID: 2001) (User: )
Description: NvStreamSvcFailed continue stopping. [6]

Error: (09/12/2015 03:14:59 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Przetwarzanie wywołania OnIdentity() w obiekcie System Writer przez Usługi kryptograficzne nie powiodło się.

Details:
AddLegacyDriverFiles: Unable to back up image of binary Microsoft Link-Layer Discovery Protocol.

System Error:
Access is denied.
.

Error: (09/11/2015 11:22:54 PM) (Source: NvStreamSvc) (EventID: 2001) (User: )
Description: NvStreamSvcFailed continue stopping. [6]

Error: (09/10/2015 05:16:04 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: WmiApRplC:\Windows\system32\wbem\wmiaprpl.dll8


System errors:
=============
Error: (09/16/2015 10:40:17 AM) (Source: DCOM) (EventID: 10010) (User: virus)
Description: {1B1F472E-3221-4826-97DB-2C2324D389AE}

Error: (09/16/2015 10:39:47 AM) (Source: DCOM) (EventID: 10010) (User: virus)
Description: {BF6C1E47-86EC-4194-9CE5-13C15DCB2001}

Error: (09/16/2015 10:29:11 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Usługa Service KMSELDI niespodziewanie zakończyła pracę. Wystąpiło to razy: 1.

Error: (09/16/2015 09:05:13 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Usługa Service KMSELDI niespodziewanie zakończyła pracę. Wystąpiło to razy: 1.

Error: (09/16/2015 09:02:41 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Usługa Service KMSELDI niespodziewanie zakończyła pracę. Wystąpiło to razy: 1.

Error: (09/15/2015 03:05:42 PM) (Source: DCOM) (EventID: 10010) (User: virus)
Description: {1B1F472E-3221-4826-97DB-2C2324D389AE}

Error: (09/15/2015 03:05:12 PM) (Source: DCOM) (EventID: 10010) (User: virus)
Description: {BF6C1E47-86EC-4194-9CE5-13C15DCB2001}

Error: (09/15/2015 10:50:56 AM) (Source: DCOM) (EventID: 10010) (User: virus)
Description: {1B1F472E-3221-4826-97DB-2C2324D389AE}

Error: (09/15/2015 10:50:26 AM) (Source: DCOM) (EventID: 10010) (User: virus)
Description: {BF6C1E47-86EC-4194-9CE5-13C15DCB2001}

Error: (09/14/2015 11:07:49 AM) (Source: DCOM) (EventID: 10010) (User: virus)
Description: {1B1F472E-3221-4826-97DB-2C2324D389AE}


==================== Memory info =========================== 

Processor: Intel(R) Core(TM) i5-4460 CPU @ 3.20GHz
Percentage of memory in use: 22%
Total physical RAM: 8150.27 MB
Available physical RAM: 6294.24 MB
Total Virtual: 9430.27 MB
Available Virtual: 7014.12 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:111.27 GB) (Free:50.24 GB) NTFS
Drive d: (gry) (Fixed) (Total:292.97 GB) (Free:187.36 GB) NTFS
Drive f: (smietnik) (Fixed) (Total:638.54 GB) (Free:379.15 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: F59DF458)
Partition 1: (Not Active) - (Size=293 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=638.5 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (Size: 111.8 GB) (Disk ID: 89054725)

Partition: GPT.

==================== End of Addition.txt ============================