Additional scan result of Farbar Recovery Scan Tool (x64) Version:27-01-2016 Ran by Rockfor (2016-02-06 06:19:20) Running from C:\Users\Rockfor\Downloads\logi Windows 8.1 Pro (X64) (2015-08-18 19:45:04) Boot Mode: Normal ========================================================== ==================== Accounts: ============================= Administrator (S-1-5-21-2412946247-1837993513-3895125520-500 - Administrator - Disabled) Guest (S-1-5-21-2412946247-1837993513-3895125520-501 - Limited - Enabled) => C:\Users\Guest HomeGroupUser$ (S-1-5-21-2412946247-1837993513-3895125520-1006 - Limited - Enabled) Rockfor (S-1-5-21-2412946247-1837993513-3895125520-1002 - Administrator - Enabled) => C:\Users\Rockfor ==================== Security Center ======================== (If an entry is included in the fixlist, it will be removed.) AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} ==================== Installed Programs ====================== (Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.) µTorrent (HKU\S-1-5-21-2412946247-1837993513-3895125520-1002\...\uTorrent) (Version: 3.4.6.41350 - BitTorrent Inc.) Aktualizacje NVIDIA 2.9.1.22 (Version: 2.9.1.22 - NVIDIA Corporation) Hidden Arma 3 (HKLM-x32\...\Steam App 107410) (Version: - Bohemia Interactive) ASRock XFast RAM v3.0.2 (HKLM\...\ASRock XFast RAM_is1) (Version: - ASRock Inc.) CCleaner (HKLM\...\CCleaner) (Version: 5.08 - Piriform) CGS17_Setup_x64 (Version: 17.1 - Corel Corporation) Hidden ChomikBox (HKLM-x32\...\{71736AF6-BA4B-4F3C-8496-C325B97869BA}) (Version: 2.0.8.1 - Chomikuj.pl) Combined Community Codec Pack 64bit 2015-10-18 (HKLM\...\Combined Community Codec Pack 64bit_is1) (Version: 2015.10.19.0 - CCCP Project) Corel Graphics - Windows Shell Extension (HKLM\...\_{4DC318F5-1640-4417-A218-912ED9905FAA}) (Version: 17.1.0.572 - Corel Corporation) Corel Graphics - Windows Shell Extension (Version: 17.1.572 - Corel Corporation) Hidden Corel Graphics - Windows Shell Extension 32 Bit (Version: 17.1.572 - Corel Corporation) Hidden Corel PaintShop Pro X8 (HKLM-x32\...\_{85C69B9B-F9BD-4A60-BD83-F2B7E081ED39}) (Version: 18.1.0.67 - Corel Corporation) CorelDRAW Graphics Suite X7 - Capture (x64) (Version: 17.1 - Corel Corporation) Hidden CorelDRAW Graphics Suite X7 - Common (x64) (Version: 17.1 - Corel Corporation) Hidden CorelDRAW Graphics Suite X7 - Connect (x64) (Version: 17.1 - Corel Corporation) Hidden CorelDRAW Graphics Suite X7 - Custom Data (x64) (Version: 17.1 - Corel Corporation) Hidden CorelDRAW Graphics Suite X7 - Draw (x64) (Version: 17.1 - Corel Corporation) Hidden CorelDRAW Graphics Suite X7 - Filters (x64) (Version: 17.1 - Corel Corporation) Hidden CorelDRAW Graphics Suite X7 - FontNav (x64) (Version: 17.1 - Corel Corporation) Hidden CorelDRAW Graphics Suite X7 - IPM Content (x64) (Version: 17.0 - Corel Corporation) Hidden CorelDRAW Graphics Suite X7 - IPM T (x64) (Version: 17.1 - Corel Corporation) Hidden CorelDRAW Graphics Suite X7 - PHOTO-PAINT (x64) (Version: 17.1 - Corel Corporation) Hidden CorelDRAW Graphics Suite X7 - Photozoom Plugin (x64) (Version: 17.0 - Corel Corporation) Hidden CorelDRAW Graphics Suite X7 - PL (x64) (Version: 17.1 - Corel Corporation) Hidden CorelDRAW Graphics Suite X7 - Redist (x64) (Version: 17.0 - Corel Corporation) Hidden CorelDRAW Graphics Suite X7 - Setup Files (x64) (Version: 17.1 - Corel Corporation) Hidden CorelDRAW Graphics Suite X7 - VBA (x64) (Version: 17.1 - Corel Corporation) Hidden CorelDRAW Graphics Suite X7 - VideoBrowser (x64) (Version: 17.1 - Corel Corporation) Hidden CorelDRAW Graphics Suite X7 - Writing Tools (x64) (Version: 17.1 - Corel Corporation) Hidden CorelDRAW Graphics Suite X7 (64-Bit) (HKLM\...\_{5CB73140-806C-42C6-A05A-1AFD0E92DEB5}) (Version: 17.1.0.572 - Corel Corporation) DAEMON Tools Lite (HKLM\...\DAEMON Tools Lite) (Version: 10.1.0.0074 - Disc Soft Ltd) ESET Online Scanner v3 (HKLM-x32\...\ESET Online Scanner) (Version: - ) Fallout 4 Polish Language Pack (HKLM-x32\...\Fallout 4 Polish Language Pack_is1) (Version: - ) Fallout 4 v.1.1.30 (HKLM-x32\...\Fallout 4_is1) (Version: - ) F-Stream Tuning v2.0.39.1 (HKLM-x32\...\F-Stream Tuning_is1) (Version: 2.0.39.1 - ) GOG Galaxy (HKLM-x32\...\{7258BA11-600C-430E-A759-27E2C691A335}_is1) (Version: - GOG.com) Google Chrome (HKLM-x32\...\Google Chrome) (Version: 48.0.2564.103 - Google Inc.) Google Update Helper (x32 Version: 1.3.29.5 - Google Inc.) Hidden ICA (x32 Version: 18.1.0.67 - Corel Corporation) Hidden Intel(R) C++ Redistributables for Windows* on Intel(R) 64 (HKLM-x32\...\{D2437C5C-2D8C-40D2-8059-689AD7239FA3}) (Version: 11.1.048 - Intel Corporation) Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.5.14.1724 - Intel Corporation) IPM_PSP_COM64 (Version: 18.1.0.67 - Corel Corporation) Hidden Killer Bandwidth Control Filter Driver (Version: 1.1.56.1651 - Rivet Networks) Hidden Killer E220x Drivers (Version: 1.1.56.1651 - Rivet Networks) Hidden Killer Network Manager (Version: 1.1.56.1651 - Rivet Networks) Hidden Killer Performance Suite (HKLM-x32\...\{DB8A465E-67BE-4450-9C9A-FECEA6222B95}) (Version: 1.1.56.1651 - Rivet Networks) Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.40728.0 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual Studio Tools for Applications 2012 (HKLM-x32\...\{89ca2a32-2b52-4595-8dfd-6fe4757958d0}) (Version: 11.0.51108 - Microsoft Corporation) MSI Afterburner 4.1.1 (HKLM-x32\...\Afterburner) (Version: 4.1.1 - MSI Co., LTD) NapiProjekt (2.2.0.2399) (HKLM-x32\...\NapiProjekt_is1) (Version: - ) Nexus Mod Manager (HKLM\...\6af12c54-643b-4752-87d0-8335503010de_is1) (Version: 0.61.6 - Black Tree Gaming) NVIDIA GeForce Experience 2.9.1.22 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.9.1.22 - NVIDIA Corporation) NVIDIA Oprogramowanie systemu PhysX 9.15.0428 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.15.0428 - NVIDIA Corporation) NVIDIA Sterownik 3D Vision 361.43 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 361.43 - NVIDIA Corporation) NVIDIA Sterownik dźwięku HD 1.3.34.4 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.34.4 - NVIDIA Corporation) NVIDIA Sterownik graficzny 361.43 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 361.43 - NVIDIA Corporation) NVIDIA Sterownik kontrolera 3D Vision 352.65 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 352.65 - NVIDIA Corporation) NVIDIA Wirtualny dźwięk Miracast 361.43 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Miracast.VirtualAudio) (Version: 361.43 - NVIDIA Corporation) Origin (HKLM-x32\...\Origin) (Version: 9.7.2.53208 - Electronic Arts, Inc.) Pacote de Idiomas do Microsoft Visual Studio Tools for Applications 2012 x64 Hosting Support - PTB (Version: 11.0.51108 - Microsoft Corporation) Hidden Pacote de Idiomas do Microsoft Visual Studio Tools for Applications 2012 x86 Hosting Support - PTB (x32 Version: 11.0.51108 - Microsoft Corporation) Hidden Panel sterowania NVIDIA 361.43 (Version: 361.43 - NVIDIA Corporation) Hidden Picasa 3 (HKLM-x32\...\Picasa 3) (Version: 3.9.140.248 - Google, Inc.) PSPPContent (x32 Version: 18.1.0.67 - Corel Corporation) Hidden PSPPHelp (x32 Version: 18.1.0.67 - Corel Corporation) Hidden PSPPro64 (Version: 18.1.0.67 - Corel Corporation) Hidden Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7004 - Realtek Semiconductor Corp.) RivaTuner Statistics Server 6.3.0 (HKLM-x32\...\RTSS) (Version: 6.3.0 - Unwinder) Rockstar Games Social Club (HKLM-x32\...\Rockstar Games Social Club) (Version: 1.1.6.8 - Rockstar Games) Setup (x32 Version: 18.1.0.67 - Corel Corporation) Hidden SHIELD Streaming (Version: 4.1.0260 - NVIDIA Corporation) Hidden SHIELD Wireless Controller Driver (Version: 2.9.1.22 - NVIDIA Corporation) Hidden Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation) TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.17 - TeamSpeak Systems GmbH) The Witcher 3 - Wild Hunt (HKLM-x32\...\1207664643_is1) (Version: 1.12.1.0 - GOG.com) The Witcher 3: Wild Hunt - Free DLC program (16 DLC) (HKLM-x32\...\Free DLC program (16 DLC)_is1) (Version: 1.12.1.0 - GOG.com) The Witcher 3: Wild Hunt - Serca z kamienia (HKLM-x32\...\Hearts of Stone_is1) (Version: 1.12.1.0 - GOG.com) VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.1 - VideoLAN) WinRAR 5.21 (64-bitowy) (HKLM\...\WinRAR archiver) (Version: 5.21.0 - win.rar GmbH) Языковой пакет для поддержки размещения набора средств Microsoft Visual Studio Tools для работы с приложениями 2012 (x64) - RUS (Version: 11.0.51108 - Microsoft Corporation) Hidden Языковой пакет для поддержки размещения набора средств Microsoft Visual Studio Tools для работы с приложениями 2012 (x86) - RUS (x32 Version: 11.0.51108 - Microsoft Corporation) Hidden ==================== Custom CLSID (Whitelisted): ========================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) ==================== Scheduled Tasks (Whitelisted) ============= (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) Task: {00BBB5EE-BE39-48C6-B20D-7C6E65B0CC16} - System32\Tasks\RockforMotetsMinistryV2 => Rundll32.exe BrookedOveranalyzing.dll,main 7 1 <==== ATTENTION Task: {0DB87349-7245-4A18-9B4E-03D395513065} - \Optimize Start Menu Cache Files-S-1-5-21-2412946247-1837993513-3895125520-1001 -> No File <==== ATTENTION Task: {119DCF0B-64CF-4A27-A55D-2451B202A63C} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-01-24] (Google Inc.) Task: {3ACA80F4-EB8F-4A4D-8AE0-CBCBA38BE21A} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-01-24] (Google Inc.) Task: {84821A95-091A-43ED-871C-7707EF0DAFBA} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2015-07-17] (Piriform Ltd) Task: {8DC877D7-632E-4F4E-81D9-B28364F24B9B} - System32\Tasks\Plugin Logo => Rundll32.exe "C:\Users\Rockfor\AppData\Local\Plugin Logo\zBin\PluginLogo.dll",#3 <==== ATTENTION Task: {A038E6AB-5DDF-4BC7-A33F-5C092BEB2122} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeTime => C:\Windows\system32\GWX\GWXUXWorker.exe [2015-12-05] (Microsoft Corporation) Task: {B24F658E-4B9A-47A0-A271-A4767B2145BB} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime => C:\Windows\system32\GWX\GWXUXWorker.exe [2015-12-05] (Microsoft Corporation) Task: {BA48FCCD-F364-42BF-B684-E7B4DCC4D3D1} - System32\Tasks\Microsoft\Windows\UPnP\UPnPHostConfig => config upnphost start= auto Task: {BCC1142A-E663-4F54-94D6-A810059915FF} - \WPD\SqmUpload_S-1-5-21-2412946247-1837993513-3895125520-1001 -> No File <==== ATTENTION Task: {CB6A67D8-F827-45F8-BBE3-DE0310D04BA1} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\Windows\system32\MRT.exe [2016-01-12] (Microsoft Corporation) Task: {D0964EBB-7367-4CF1-8160-876F30F7949B} - System32\Tasks\AsrKM => C:\Program Files (x86)\ASRock Utility\Key Master\AsrKM.exe (If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.) Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe ==================== Shortcuts ============================= (The entries could be listed to be restored or removed.) ==================== Loaded Modules (Whitelisted) ============== 2015-08-18 21:00 - 2015-12-16 15:53 - 00126072 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll 2015-08-19 08:30 - 2013-05-28 16:58 - 00454656 _____ () C:\Program Files (x86)\Fatal1ty Utility\F-Stream Tuning\Bin\IOMonitorSrv.exe 2015-12-22 00:30 - 2016-01-12 05:43 - 00291264 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamBase.dll 2015-08-18 21:22 - 2016-01-12 05:43 - 00018880 _____ () C:\Program Files (x86)\NVIDIA Corporation\Update Core\detoured.dll 2016-01-21 23:15 - 2016-01-21 23:15 - 00349184 _____ () C:\Users\Rockfor\AppData\Local\MotetsMinistry\BrookedOveranalyzing.dll 2016-02-04 22:18 - 2016-02-03 08:27 - 01632584 _____ () C:\Program Files (x86)\Google\Chrome\Application\48.0.2564.103\libglesv2.dll 2016-02-04 22:18 - 2016-02-03 08:27 - 00087880 _____ () C:\Program Files (x86)\Google\Chrome\Application\48.0.2564.103\libegl.dll 2016-02-04 22:18 - 2016-02-03 08:27 - 16799048 _____ () C:\Program Files (x86)\Google\Chrome\Application\48.0.2564.103\PepperFlash\pepflashplayer.dll 2015-08-18 21:14 - 2013-09-03 15:52 - 01242584 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll ==================== Alternate Data Streams (Whitelisted) ========= (If an entry is included in the fixlist, only the ADS will be removed.) ==================== Safe Mode (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.) ==================== EXE Association (Whitelisted) =============== (If an entry is included in the fixlist, the registry item will be restored to default or removed.) ==================== Internet Explorer trusted/restricted =============== (If an entry is included in the fixlist, it will be removed from the registry.) ==================== Hosts content: =============================== (If needed Hosts: directive could be included in the fixlist to reset Hosts.) 2013-08-22 14:25 - 2015-11-24 00:16 - 00000826 ____A C:\Windows\system32\Drivers\etc\hosts ==================== Other Areas ============================ (Currently there is no automatic fix for this section.) HKU\S-1-5-21-2412946247-1837993513-3895125520-1002\Control Panel\Desktop\\Wallpaper -> C:\Users\Rockfor\Desktop\2013-banshee-spitfire-7a.jpg DNS Servers: 192.168.1.1 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1) Windows Firewall is enabled. ==================== MSCONFIG/TASK MANAGER disabled items == (Currently there is no automatic fix for this section.) HKU\S-1-5-21-2412946247-1837993513-3895125520-1002\...\StartupApproved\Run: => "GalaxyClient" HKU\S-1-5-21-2412946247-1837993513-3895125520-1002\...\StartupApproved\Run: => "DAEMON Tools Lite Automount" HKU\S-1-5-21-2412946247-1837993513-3895125520-1002\...\StartupApproved\Run: => "ChomikBox" ==================== FirewallRules (Whitelisted) =============== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139 FirewallRules: [{9933B6DC-F6D9-445B-85E0-33F3DEC8A1ED}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe FirewallRules: [{28E7D396-E2B3-41E4-8B1B-151606DC999E}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe FirewallRules: [{0D545006-FDF9-4F81-9C34-1B211447CDBB}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe FirewallRules: [{3AD80BC8-61C4-4E08-81CA-E3A082E92DC5}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe FirewallRules: [{F0EFFCFC-FF96-403D-A54D-80951A6465F9}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe FirewallRules: [{443DBFEB-7877-4524-BB28-37BA21F113DC}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe FirewallRules: [{7DBC7B2F-1B4E-493C-B0EB-989ED9C258EE}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe FirewallRules: [{831C5AA1-559A-45A3-82F9-8F6AB619761E}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe FirewallRules: [{219624F3-E114-4B90-A9EE-42F00E9AC33C}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe FirewallRules: [{D36A737C-BDE9-4E73-B903-5BDE964C1460}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe FirewallRules: [{4EEED567-9F0E-49E6-9D2D-DA9CE80F028D}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe FirewallRules: [{774DB45F-6BB7-432B-B622-1C255474207B}] => (Allow) C:\Users\Rockfor\AppData\Roaming\uTorrent\uTorrent.exe FirewallRules: [{9F4ED7ED-61AD-44A1-A8ED-4DF5259C90C7}] => (Allow) C:\Users\Rockfor\AppData\Roaming\uTorrent\uTorrent.exe FirewallRules: [{51801601-7612-4822-8A99-EEEFAB8001D1}] => (Allow) C:\Users\Rockfor\AppData\Roaming\uTorrent\uTorrent.exe FirewallRules: [{D455DBBC-09FA-4585-A7B8-ABFD5B264FA6}] => (Allow) C:\Users\Rockfor\AppData\Roaming\uTorrent\uTorrent.exe FirewallRules: [{485C15E6-6EFE-444E-B03D-477B826230D1}] => (Allow) C:\Users\Rockfor\AppData\Roaming\uTorrent\uTorrent.exe FirewallRules: [{38ECF4DB-DB4D-46F0-814A-816090C06ABC}] => (Allow) C:\Users\Rockfor\AppData\Roaming\uTorrent\uTorrent.exe FirewallRules: [{013D8D8D-18F5-4565-B1FB-7010042BDD89}] => (Allow) C:\Program Files (x86)\NapiProjekt\napisy.exe FirewallRules: [{E8CD712B-28F0-47A0-8074-D5E3345144D1}] => (Allow) C:\Program Files (x86)\NapiProjekt\napisy.exe FirewallRules: [{F0C0FFC8-5D8B-47C6-B732-3A11ED526D1F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Arma 3\arma3launcher.exe FirewallRules: [{49161D2D-DDB5-488E-A5FC-897F6ACF67A4}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Arma 3\arma3launcher.exe FirewallRules: [TCP Query User{78A033A9-2D0C-40A1-8485-FC3D80207E6B}C:\program files (x86)\steam\steamapps\common\arma 3\arma3.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\arma 3\arma3.exe FirewallRules: [UDP Query User{3E2AC9BA-F22D-44DC-A97D-B8F1A2C33032}C:\program files (x86)\steam\steamapps\common\arma 3\arma3.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\arma 3\arma3.exe FirewallRules: [{7E1D704E-AD2A-43C2-A1BF-9924F5E5E66B}] => (Block) d:\Corel\CorelDRAW Graphics Suite X7\Programs64\CorelDrw.exe FirewallRules: [{44EE66E2-709F-4EEB-91F3-AAA548B4CA2A}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe ==================== Restore Points ========================= 12-01-2016 20:40:30 Windows Update 20-01-2016 00:18:08 Microsoft Visual Studio Tools for Applications 2012 23-01-2016 22:07:22 Windows Update ==================== Faulty Device Manager Devices ============= ==================== Event log errors: ========================= Application errors: ================== Error: (02/06/2016 05:59:59 AM) (Source: Software Protection Platform Service) (EventID: 8198) (User: ) Description: Aktywacja licencji (slui.exe) nie powiodła się, kod błędu: hr=0xC004F074 Argumenty wiersza polecenia: RuleId=502ff3ba-669a-4674-bbb1-601f34a3b968;Action=AutoActivateSilent;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=c06b6981-d7fd-4a35-b7b4-054742b7af67;NotificationInterval=1440;Trigger=NetworkAvailable Error: (02/06/2016 05:59:40 AM) (Source: Software Protection Platform Service) (EventID: 8198) (User: ) Description: Aktywacja licencji (slui.exe) nie powiodła się, kod błędu: hr=0xC004F074 Argumenty wiersza polecenia: RuleId=502ff3ba-669a-4674-bbb1-601f34a3b968;Action=AutoActivateSilent;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=c06b6981-d7fd-4a35-b7b4-054742b7af67;NotificationInterval=1440;Trigger=UserLogon;SessionId=1 Error: (02/05/2016 08:35:22 PM) (Source: Software Protection Platform Service) (EventID: 8198) (User: ) Description: Aktywacja licencji (slui.exe) nie powiodła się, kod błędu: hr=0xC004F074 Argumenty wiersza polecenia: RuleId=502ff3ba-669a-4674-bbb1-601f34a3b968;Action=AutoActivateSilent;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=c06b6981-d7fd-4a35-b7b4-054742b7af67;NotificationInterval=1440;Trigger=NetworkAvailable Error: (02/05/2016 08:24:42 PM) (Source: Software Protection Platform Service) (EventID: 8198) (User: ) Description: Aktywacja licencji (slui.exe) nie powiodła się, kod błędu: hr=0xC004F074 Argumenty wiersza polecenia: RuleId=502ff3ba-669a-4674-bbb1-601f34a3b968;Action=AutoActivateSilent;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=c06b6981-d7fd-4a35-b7b4-054742b7af67;NotificationInterval=1440;Trigger=NetworkAvailable Error: (02/05/2016 08:24:42 PM) (Source: Software Protection Platform Service) (EventID: 8198) (User: ) Description: Aktywacja licencji (slui.exe) nie powiodła się, kod błędu: hr=0xC004F074 Argumenty wiersza polecenia: RuleId=502ff3ba-669a-4674-bbb1-601f34a3b968;Action=AutoActivateSilent;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=c06b6981-d7fd-4a35-b7b4-054742b7af67;NotificationInterval=1440;Trigger=UserLogon;SessionId=7 Error: (02/05/2016 09:10:55 AM) (Source: Software Protection Platform Service) (EventID: 8198) (User: ) Description: Aktywacja licencji (slui.exe) nie powiodła się, kod błędu: hr=0xC004F074 Argumenty wiersza polecenia: RuleId=502ff3ba-669a-4674-bbb1-601f34a3b968;Action=AutoActivateSilent;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=c06b6981-d7fd-4a35-b7b4-054742b7af67;NotificationInterval=1440;Trigger=NetworkAvailable Error: (02/05/2016 09:10:48 AM) (Source: Software Protection Platform Service) (EventID: 8198) (User: ) Description: Aktywacja licencji (slui.exe) nie powiodła się, kod błędu: hr=0xC004F074 Argumenty wiersza polecenia: RuleId=502ff3ba-669a-4674-bbb1-601f34a3b968;Action=AutoActivateSilent;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=c06b6981-d7fd-4a35-b7b4-054742b7af67;NotificationInterval=1440;Trigger=NetworkAvailable Error: (02/05/2016 08:48:25 AM) (Source: Software Protection Platform Service) (EventID: 8198) (User: ) Description: Aktywacja licencji (slui.exe) nie powiodła się, kod błędu: hr=0xC004F074 Argumenty wiersza polecenia: RuleId=502ff3ba-669a-4674-bbb1-601f34a3b968;Action=AutoActivateSilent;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=c06b6981-d7fd-4a35-b7b4-054742b7af67;NotificationInterval=1440;Trigger=UserLogon;SessionId=5 Error: (02/05/2016 08:35:00 AM) (Source: Software Protection Platform Service) (EventID: 8198) (User: ) Description: Aktywacja licencji (slui.exe) nie powiodła się, kod błędu: hr=0xC004F074 Argumenty wiersza polecenia: RuleId=502ff3ba-669a-4674-bbb1-601f34a3b968;Action=AutoActivateSilent;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=c06b6981-d7fd-4a35-b7b4-054742b7af67;NotificationInterval=1440;Trigger=NetworkAvailable Error: (02/04/2016 10:24:30 PM) (Source: Software Protection Platform Service) (EventID: 8198) (User: ) Description: Aktywacja licencji (slui.exe) nie powiodła się, kod błędu: hr=0xC004F074 Argumenty wiersza polecenia: RuleId=502ff3ba-669a-4674-bbb1-601f34a3b968;Action=AutoActivateSilent;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=c06b6981-d7fd-4a35-b7b4-054742b7af67;NotificationInterval=1440;Trigger=UserLogon;SessionId=7 System errors: ============= Error: (02/06/2016 05:59:00 AM) (Source: DCOM) (EventID: 10010) (User: RAGNAROCK) Description: {9BA05972-F6A8-11CF-A442-00A0C90A8F39} Error: (02/06/2016 05:58:51 AM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: Usługa Intel(R) Integrated Clock Controller Service - Intel(R) ICCS niespodziewanie zakończyła pracę. Wystąpiło to razy: 1. Error: (02/06/2016 05:58:51 AM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: Usługa Windows Media Player Network Sharing Service niespodziewanie zakończyła pracę. Wystąpiło to razy: 1. W przeciągu 30000 milisekund zostanie podjęta następująca czynność korekcyjna: Restart the service. Error: (02/06/2016 05:58:51 AM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: Usługa Intel(R) Dynamic Application Loader Host Interface Service niespodziewanie zakończyła pracę. Wystąpiło to razy: 1. Error: (02/06/2016 05:58:51 AM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: Usługa Intel(R) ME Service niespodziewanie zakończyła pracę. Wystąpiło to razy: 1. Error: (02/06/2016 05:58:51 AM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: Usługa Windows Search niespodziewanie zakończyła pracę. Wystąpiło to razy: 1. W przeciągu 30000 milisekund zostanie podjęta następująca czynność korekcyjna: Restart the service. Error: (02/06/2016 05:58:51 AM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: Usługa NVIDIA Streamer Network Service niespodziewanie zakończyła pracę. Wystąpiło to razy: 1. Error: (02/06/2016 05:58:51 AM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: Usługa Corel License Validation Service V2 x64, Powered by arvato niespodziewanie zakończyła pracę. Wystąpiło to razy: 1. Error: (02/06/2016 05:58:51 AM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: Usługa NVIDIA Streamer Service niespodziewanie zakończyła pracę. Wystąpiło to razy: 1. Error: (02/06/2016 05:58:51 AM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: Usługa NVIDIA Network Service niespodziewanie zakończyła pracę. Wystąpiło to razy: 1. CodeIntegrity: =================================== Date: 2016-02-03 03:07:12.487 Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2016-02-03 03:07:12.394 Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2016-02-03 03:07:12.300 Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2016-02-03 03:07:12.190 Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2016-02-03 03:07:12.097 Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2016-02-03 03:07:12.003 Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2016-02-03 03:07:11.894 Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2016-02-03 03:07:11.800 Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2016-02-03 03:07:11.690 Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2016-02-03 03:07:11.597 Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements. ==================== Memory info =========================== Processor: Intel(R) Core(TM) i5-4670K CPU @ 3.40GHz Percentage of memory in use: 38% Total physical RAM: 8122.57 MB Available physical RAM: 5000.13 MB Total Virtual: 9466.57 MB Available Virtual: 6169.29 MB ==================== Drives ================================ Drive c: () (Fixed) (Total:232.54 GB) (Free:38.91 GB) NTFS Drive d: () (Fixed) (Total:156.25 GB) (Free:111.37 GB) NTFS Drive h: (DVD) (Removable) (Total:14.53 GB) (Free:11.47 GB) NTFS ==================== MBR & Partition Table ================== ======================================================== Disk: 0 (MBR Code: Windows 7 or 8) (Size: 232.9 GB) (Disk ID: EF2F9B2E) Partition 1: (Active) - (Size=350 MB) - (Type=07 NTFS) Partition 2: (Not Active) - (Size=232.5 GB) - (Type=07 NTFS) ======================================================== Disk: 1 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: 5000635E) Partition 1: (Not Active) - (Size=156.3 GB) - (Type=07 NTFS) Partition 2: (Not Active) - (Size=156.3 GB) - (Type=06) Partition 3: (Not Active) - (Size=153.3 GB) - (Type=06) ======================================================== Disk: 2 (Size: 14.5 GB) (Disk ID: 2F3D15B6) Partition 1: (Active) - (Size=14.5 GB) - (Type=07 NTFS) ==================== End of Addition.txt ============================