Additional scan result of Farbar Recovery Scan Tool (x64) Version: 29-05-2015 Ran by Jarek at 2015-06-03 20:35:59 Running from C:\Users\Jarek\Desktop Boot Mode: Normal ========================================================== ==================== Accounts: ============================= Administrator (S-1-5-21-3272948427-4286481902-406228690-500 - Administrator - Disabled) Gość (S-1-5-21-3272948427-4286481902-406228690-501 - Limited - Disabled) => C:\Users\Gość HomeGroupUser$ (S-1-5-21-3272948427-4286481902-406228690-1005 - Limited - Enabled) Jarek (S-1-5-21-3272948427-4286481902-406228690-1000 - Administrator - Enabled) => C:\Users\Jarek Maria (S-1-5-21-3272948427-4286481902-406228690-1002 - Limited - Enabled) => C:\Users\Maria ==================== Security Center ======================== (If an entry is included in the fixlist, it will be removed.) AV: ESET NOD32 Antivirus 8.0 (Enabled - Up to date) {19259FAE-8396-A113-46DB-15B0E7DFA289} AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: ESET NOD32 Antivirus 8.0 (Enabled - Up to date) {A2447E4A-A5AC-AE9D-7C6B-2EC29C58E834} ==================== Installed Programs ====================== (Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.) Adobe Flash Player 17 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 17.0.0.169 - Adobe Systems Incorporated) Adobe Flash Player 17 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 17.0.0.188 - Adobe Systems Incorporated) Adobe Reader XI (11.0.11) - Polish (HKLM-x32\...\{AC76BA86-7AD7-1045-7B44-AB0000000001}) (Version: 11.0.11 - Adobe Systems Incorporated) Aktualizacja produktu Microsoft Office Excel 2007 Help (KB963678) (HKLM-x32\...\{90120000-0016-0415-0000-0000000FF1CE}_ENTERPRISE_{04E205D6-88B1-4652-B162-42DF2C3B1228}) (Version: - Microsoft) Aktualizacja produktu Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM-x32\...\{90120000-0018-0415-0000-0000000FF1CE}_ENTERPRISE_{442ECBCF-94A7-48CC-8CD9-D31FFFD5FA86}) (Version: - Microsoft) Aktualizacja produktu Microsoft Office Word 2007 Help (KB963665) (HKLM-x32\...\{90120000-001B-0415-0000-0000000FF1CE}_ENTERPRISE_{128A36ED-21BE-4547-9FFE-5B85AEC735DD}) (Version: - Microsoft) AMD Catalyst Install Manager (HKLM\...\{F2A7CE36-57BF-5C86-952D-90DBF3746D82}) (Version: 8.0.916.0 - Advanced Micro Devices, Inc.) Asmedia ASM104x USB 3.0 Host Controller Driver (HKLM-x32\...\{E4FB0B39-C991-4EE7-95DD-1A1A7857D33D}) (Version: 1.16.12.0 - Asmedia Technology) ASUS GPU Tweak (HKLM-x32\...\InstallShield_{532F6E8A-AF97-41C3-915F-39F718EC07D1}) (Version: 2.6.7.0 - ASUSTek COMPUTER INC.) ASUS GPU Tweak (x32 Version: 2.6.7.0 - ASUSTek COMPUTER INC.) Hidden Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment) CCleaner (HKLM\...\CCleaner) (Version: 5.06 - Piriform) Curse Client (HKU\S-1-5-21-3272948427-4286481902-406228690-1000\...\101a9f93b8f0bb6f) (Version: 5.1.1.820 - Curse) D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden Defraggler (HKLM\...\Defraggler) (Version: 2.19 - Piriform) Diablo III (HKLM-x32\...\Diablo III) (Version: - Blizzard Entertainment) Dropbox (HKU\S-1-5-21-3272948427-4286481902-406228690-1000\...\Dropbox) (Version: 3.4.6 - Dropbox, Inc.) ESET NOD32 Antivirus (HKLM\...\{4B14EC50-70A2-4973-BE68-50E546653134}) (Version: 8.0.312.4 - ESET, spol s r. o.) Galeria fotografii (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden GG (HKU\S-1-5-21-3272948427-4286481902-406228690-1000\...\GG) (Version: 12 - GG Network S.A.) Hard Disk Sentinel PRO (HKLM-x32\...\Hard Disk Sentinel_is1) (Version: - HDS) Hearthstone (HKLM-x32\...\Hearthstone) (Version: - Blizzard Entertainment) ImgBurn (HKLM-x32\...\ImgBurn) (Version: 2.5.8.0 - LIGHTNING UK!) Java 8 Update 45 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218045F0}) (Version: 8.0.450 - Oracle Corporation) Junk Mail filter update (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden K-Lite Codec Pack 11.0.5 Full (HKLM-x32\...\KLiteCodecPack_is1) (Version: 11.0.5 - ) Logitech Gaming Software 8.58 (HKLM\...\Logitech Gaming Software) (Version: 8.58.183 - Logitech Inc.) Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft) Microsoft Office Enterprise 2007 (HKLM-x32\...\ENTERPRISE) (Version: 12.0.6612.1000 - Microsoft Corporation) Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation) Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.40416.0 - Microsoft Corporation) Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319 (HKLM\...\{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}) (Version: 10.0.30319 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319 (HKLM-x32\...\{196BB40D-1578-3D01-B289-BEFC77A11A1E}) (Version: 10.0.30319 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (HKLM-x32\...\{15134cb0-b767-4960-a911-f2d16ae54797}) (Version: 11.0.50727.1 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 (HKLM-x32\...\{22154f09-719a-4619-bb71-5b3356999fbf}) (Version: 11.0.50727.1 - Microsoft Corporation) Movie Maker (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden Mozilla Firefox 38.0.5 (x86 pl) (HKLM-x32\...\Mozilla Firefox 38.0.5 (x86 pl)) (Version: 38.0.5 - Mozilla) Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 36.0.4 - Mozilla) OpenFM (HKU\S-1-5-21-3272948427-4286481902-406228690-1000\...\OpenFM) (Version: 2 - GG Network S.A.) Poczta usługi Windows Live (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden Podstawowe programy Windows Live (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation) Podstawowe programy Windows Live (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden PowerISO (HKLM-x32\...\PowerISO) (Version: 6.2 - Power Software Ltd) Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.67.1226.2012 - Realtek) Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7058 - Realtek Semiconductor Corp.) Samsung Printer Live Update (HKLM-x32\...\Samsung Printer Live Update) (Version: 1.01.00:04(2013-04-22) - Samsung Electronics Co., Ltd.) Skype™ 7.3 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.3.101 - Skype Technologies S.A.) TeraCopy 2.3 (HKLM\...\TeraCopy_is1) (Version: - Code Sector) Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft) WinRAR 5.21 (64-bitowy) (HKLM\...\WinRAR archiver) (Version: 5.21.0 - win.rar GmbH) World of Tanks (HKU\S-1-5-21-3272948427-4286481902-406228690-1000\...\{1EAC1D02-C6AC-4FA6-9A44-96258C37C812EU}_is1) (Version: - Wargaming.net) World of Warcraft (HKLM-x32\...\World of Warcraft) (Version: - Blizzard Entertainment) ==================== Custom CLSID (Whitelisted): ========================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) CustomCLSID: HKU\S-1-5-21-3272948427-4286481902-406228690-1000_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Jarek\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-3272948427-4286481902-406228690-1000_Classes\CLSID\{07474513-7B58-45c7-B3E6-13A3669B1AFD}\InprocServer32 -> C:\Windows\system32\mscoree.dll (Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-3272948427-4286481902-406228690-1000_Classes\CLSID\{2ceb1745-1513-4218-aec2-c96cb59c017f}\InprocServer32 -> C:\Windows\system32\dfshim.dll (Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-3272948427-4286481902-406228690-1000_Classes\CLSID\{E68D0A55-3C40-4712-B90D-DCFA93FF2534}\InprocServer32 -> C:\Users\Jarek\AppData\Roaming\GG\ggdrive\ggdrive-menu.dll (GG Network S.A.) CustomCLSID: HKU\S-1-5-21-3272948427-4286481902-406228690-1000_Classes\CLSID\{ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C}\InprocServer32 -> C:\Users\Jarek\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-3272948427-4286481902-406228690-1000_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Jarek\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-3272948427-4286481902-406228690-1000_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Jarek\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-3272948427-4286481902-406228690-1000_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Jarek\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-3272948427-4286481902-406228690-1000_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Jarek\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-3272948427-4286481902-406228690-1000_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Jarek\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-3272948427-4286481902-406228690-1000_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Jarek\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-3272948427-4286481902-406228690-1000_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Jarek\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-3272948427-4286481902-406228690-1000_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Jarek\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.) ==================== Restore Points ========================= 18-05-2015 00:34:44 Zainstalowano ESET NOD32 Antivirus 19-05-2015 17:59:02 Windows Update 20-05-2015 19:53:07 Windows Update 26-05-2015 20:24:41 Windows Update 31-05-2015 20:32:02 Windows Update 02-06-2015 20:13:07 Removed Bonjour 02-06-2015 22:35:46 Installed SpyHunter 03-06-2015 00:02:12 Removed SpyHunter ==================== Hosts content: =============================== (If needed Hosts: directive could be included in the fixlist to reset Hosts.) 2009-07-14 04:34 - 2009-06-10 23:00 - 00000824 ____N C:\Windows\system32\Drivers\etc\hosts ==================== Scheduled Tasks (Whitelisted) ============= (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) Task: {1F7BF1C2-267A-49A6-8087-32C6684446D3} - System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxconfig => C:\Windows\system32\GWX\GWXConfigManager.exe [2015-05-07] (Microsoft Corporation) Task: {553023C2-102C-429A-A3F5-B9D7D6EC676C} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B => schtasks Task: {72E395D7-3063-4A68-9C36-552D4F9B354C} - System32\Tasks\{48F941F9-AEAB-4513-8C7D-22FF30EE63D4} => pcalua.exe -a "C:\Program Files (x86)\Crosswords\Crosswords.exe" -c /s /n /i:"ExecuteCommands;UninstallCommands" "" Task: {7794BB77-30D1-45FE-8253-506968EBFE31} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-05-14] (Adobe Systems Incorporated) Task: {A6B25755-2D6A-4BE3-9BEB-1AE2BE0E40F0} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\Logon => C:\Windows\system32\GWX\GWX.exe [2015-05-07] (Microsoft Corporation) Task: {A848919B-57A4-47F0-BF5F-14463169C371} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2015-05-08] (Piriform Ltd) Task: {A9C66C60-9785-4671-89EB-02BEFAEFDB73} - System32\Tasks\Microsoft\Windows\Setup\gwx\launchtrayprocess => C:\Windows\system32\GWX\GWX.exe [2015-05-07] (Microsoft Corporation) Task: {AF6ECD32-0FE6-427C-B29F-F12D48875ED1} - System32\Tasks\Microsoft\Windows\Windows Activation Technologies\ValidationTask => C:\Windows\system32\Wat\WatAdminSvc.exe [2014-09-10] (Microsoft Corporation) Task: {C060AF62-76EA-4CBB-8777-5FD597087618} - System32\Tasks\{E5DFBE3B-C716-4F19-9329-86AA891A3CF6} => pcalua.exe -a C:\Users\Jarek\Desktop\blazingcolorsviz.exe -d C:\Users\Jarek\Desktop Task: {C7AFBF48-A30C-4917-9A48-B551911F6BBF} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\OutOfIdle => C:\Windows\system32\GWX\GWX.exe [2015-05-07] (Microsoft Corporation) Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe ==================== Loaded Modules (Whitelisted) ============== 2015-04-08 09:59 - 2015-04-08 09:59 - 00022528 _____ () C:\Windows\System32\ssj1mlm.dll 2014-11-20 21:23 - 2014-11-20 21:23 - 00214528 _____ () C:\Program Files\AMD\ATI.ACE\Fuel\Fuel.Container.PerformanceTuning.dll 2014-02-11 06:08 - 2014-02-11 06:08 - 00817152 _____ () C:\Program Files\AMD\ATI.ACE\Fuel\Device.dll 2014-02-11 06:08 - 2014-02-11 06:08 - 03650560 _____ () C:\Program Files\AMD\ATI.ACE\Fuel\Platform.dll 2012-01-17 12:24 - 2012-01-17 12:24 - 00055296 _____ () C:\Windows\SysWOW64\ASGT.exe 2015-03-29 01:10 - 2012-01-20 15:55 - 00678400 _____ () C:\Program Files\TeraCopy\TERACO~2.DLL 2014-09-18 09:23 - 2014-09-18 09:23 - 00866584 _____ () C:\Program Files\Logitech Gaming Software\libGLESv2.dll 2015-03-12 20:23 - 2015-03-12 20:23 - 01050904 _____ () C:\Program Files\Logitech Gaming Software\platforms\qwindows.dll 2014-09-18 09:23 - 2014-09-18 09:23 - 00059160 _____ () C:\Program Files\Logitech Gaming Software\libEGL.dll 2015-03-12 20:23 - 2015-03-12 20:23 - 00242456 _____ () C:\Program Files\Logitech Gaming Software\imageformats\qjpeg.dll 2015-05-08 20:50 - 2015-05-08 20:50 - 00061440 _____ () C:\Program Files\CCleaner\lang\lang-1045.dll 2014-11-20 21:23 - 2014-11-20 21:23 - 00102400 _____ () C:\Program Files\AMD\ATI.ACE\Fuel\Fuel.Proxy.Native.dll 2015-06-01 16:47 - 2011-11-28 14:54 - 02036736 _____ () C:\HTC Home 2.8\Clock.exe 2015-06-01 16:47 - 2011-05-31 10:33 - 00011776 _____ () C:\HTC Home 2.8\pl-PL\Clock.resources.dll 2015-06-01 16:47 - 2011-06-21 07:06 - 00249344 _____ () C:\HTC Home 2.8\Home.Base.dll 2015-06-01 16:47 - 2011-06-20 14:12 - 00011776 _____ () C:\HTC Home 2.8\Home.Packaging.dll 2015-06-01 16:47 - 2011-06-22 09:15 - 00016896 _____ () C:\HTC Home 2.8\Weather.Base.dll 2015-06-01 16:47 - 2011-06-20 09:49 - 04660736 _____ () C:\HTC Home 2.8\UIFramework.Weather.dll 2015-06-03 19:20 - 2015-06-03 19:20 - 00043008 _____ () c:\users\jarek\appdata\local\temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmp2g7dzw.dll 2015-05-23 12:33 - 2015-03-04 23:45 - 00750080 _____ () C:\Users\Jarek\AppData\Roaming\Dropbox\bin\libGLESv2.dll 2015-05-23 12:33 - 2015-03-04 23:45 - 00047616 _____ () C:\Users\Jarek\AppData\Roaming\Dropbox\bin\libEGL.dll 2015-05-23 12:33 - 2015-03-04 23:45 - 00865280 _____ () C:\Users\Jarek\AppData\Roaming\Dropbox\bin\plugins\platforms\qwindows.dll 2015-05-23 12:33 - 2015-03-04 23:45 - 00200704 _____ () C:\Users\Jarek\AppData\Roaming\Dropbox\bin\plugins\imageformats\qjpeg.dll 2014-07-14 16:25 - 2014-07-14 16:25 - 00278528 _____ () C:\Program Files (x86)\ASUS\GPU Tweak\Vender.dll 2014-06-16 18:25 - 2014-06-16 18:25 - 00053248 _____ () C:\Program Files (x86)\ASUS\GPU Tweak\Exeio.dll ==================== Alternate Data Streams (Whitelisted) ========= (If an entry is included in the fixlist, only the ADS will be removed.) ==================== Safe Mode (Whitelisted) =================== (If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.) ==================== EXE Association (Whitelisted) =============== (If an entry is included in the fixlist, the registry item will be restored to default or removed.) ==================== Internet Explorer trusted/restricted =============== (If an entry is included in the fixlist, it will be removed from the registry.) ==================== Other Areas ============================ (Currently there is no automatic fix for this section.) HKU\S-1-5-21-3272948427-4286481902-406228690-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Jarek\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg DNS Servers: 192.168.1.1 ==================== MSCONFIG/TASK MANAGER disabled items == (Currently there is no automatic fix for this section.) ==================== FirewallRules (Whitelisted) =============== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) FirewallRules: [{AE7626E4-F4FF-48DC-978D-E35884156F8F}] => (Allow) C:\Program Files\Logitech Gaming Software\LCore.exe FirewallRules: [{257180F1-40FA-4AC7-860A-C3649C945383}] => (Allow) C:\Program Files\Logitech Gaming Software\LCore.exe FirewallRules: [{66AF6167-194C-4597-BC2C-C4BC0ACF1D11}] => (Allow) D:\GRY\Diablo III\Diablo III.exe FirewallRules: [{FDA0DCED-A298-4DFC-BCA1-8C5096366787}] => (Allow) D:\GRY\Diablo III\Diablo III.exe FirewallRules: [TCP Query User{FB966018-CEB6-4275-B630-D773736B5837}D:\gry\wot\worldoftanks.exe] => (Block) D:\gry\wot\worldoftanks.exe FirewallRules: [UDP Query User{AF419ABC-EBCA-4A61-9997-3FBFF5C17B13}D:\gry\wot\worldoftanks.exe] => (Block) D:\gry\wot\worldoftanks.exe FirewallRules: [{9B40583F-D5DE-454A-AC53-381394F9D1A5}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe FirewallRules: [{86BE6BEA-BD71-4167-900F-1B684CC9BCDC}] => (Allow) LPort=2869 FirewallRules: [{ED34DC44-8A55-4824-A039-6B22459A7658}] => (Allow) LPort=1900 FirewallRules: [{A8B78404-AA5B-4974-A83F-56809740EAB0}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe FirewallRules: [{316A0B2B-1045-4F6D-80B3-E303EA182031}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe FirewallRules: [TCP Query User{602DAF66-3FEA-41D4-9061-65AAEF5820AE}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe FirewallRules: [UDP Query User{60358AA5-BAA9-4981-A47E-E3D3AC8B33E2}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe FirewallRules: [{4D0A5638-5CF2-4758-B6B8-C0B6A9E8F91F}] => (Allow) C:\Users\Jarek\AppData\Local\Apps\2.0\GM1WC33N.YEL\36NNERJR.WV5\curs..tion_9e9e83ddf3ed3ead_0005.0001_36a9b62a0ea0a2ec\CurseClient.exe FirewallRules: [{9D700E0E-253F-4FF5-997C-2BBDA2E52CE4}] => (Allow) C:\Users\Jarek\AppData\Local\Apps\2.0\GM1WC33N.YEL\36NNERJR.WV5\curs..tion_9e9e83ddf3ed3ead_0005.0001_36a9b62a0ea0a2ec\CurseClient.exe FirewallRules: [TCP Query User{9F2EA9C7-9C7F-425B-B0F5-7238026589B1}D:\gry\wot\wotlauncher.exe] => (Allow) D:\gry\wot\wotlauncher.exe FirewallRules: [UDP Query User{FEAED234-AA31-45AF-90BF-FD298B1956AF}D:\gry\wot\wotlauncher.exe] => (Allow) D:\gry\wot\wotlauncher.exe FirewallRules: [{DFFF8125-C337-4700-ABD7-F62FE084D09A}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe FirewallRules: [TCP Query User{6BCA4866-619F-4D8F-AE80-51058FA1BA51}E:\utorrentportable\app\utorrent\utorrent.exe] => (Allow) E:\utorrentportable\app\utorrent\utorrent.exe FirewallRules: [UDP Query User{6C8B7F50-4B97-419D-BE79-1B4C503330BE}E:\utorrentportable\app\utorrent\utorrent.exe] => (Allow) E:\utorrentportable\app\utorrent\utorrent.exe FirewallRules: [TCP Query User{EBBC156F-CE27-4501-83CF-EB70AE66B8F0}D:\gry\hearthstone\hearthstone.exe] => (Allow) D:\gry\hearthstone\hearthstone.exe FirewallRules: [UDP Query User{AD2167E0-BC88-457B-B908-8370763F3DC9}D:\gry\hearthstone\hearthstone.exe] => (Allow) D:\gry\hearthstone\hearthstone.exe FirewallRules: [{9CBD9F39-3DB0-4164-B176-D63CEC91CCCA}] => (Allow) C:\Users\Jarek\AppData\Roaming\Dropbox\bin\Dropbox.exe FirewallRules: [{18C524E2-41E3-49D2-8AC5-0B4486F9E40C}] => (Allow) C:\Users\Jarek\AppData\Roaming\Dropbox\bin\Dropbox.exe ==================== Faulty Device Manager Devices ============= ==================== Event log errors: ========================= Application errors: ================== Error: (06/03/2015 07:22:42 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Nazwa aplikacji powodującej błąd: Clock.exe, wersja: 3.0.622.0, sygnatura czasowa: 0x4ed3847e Nazwa modułu powodującego błąd: KERNELBASE.dll, wersja: 6.1.7601.18839, sygnatura czasowa: 0x553e8c17 Kod wyjątku: 0xe0434352 Przesunięcie błędu: 0x000000000001aaad Identyfikator procesu powodującego błąd: 0x11b0 Godzina uruchomienia aplikacji powodującej błąd: 0xClock.exe0 Ścieżka aplikacji powodującej błąd: Clock.exe1 Ścieżka modułu powodującego błąd: Clock.exe2 Identyfikator raportu: Clock.exe3 Error: (06/03/2015 07:22:38 PM) (Source: .NET Runtime) (EventID: 1026) (User: ) Description: Aplikacja: Clock.exe Wersja architektury: v4.0.30319 Opis: proces został przerwany z powodu nieobsłużonego wyjątku. Informacje o wyjątku: System.Windows.Markup.XamlParseException Stos: w System.Windows.Markup.WpfXamlLoader.Load(System.Xaml.XamlReader, System.Xaml.IXamlObjectWriterFactory, Boolean, System.Object, System.Xaml.XamlObjectWriterSettings, System.Uri) w System.Windows.Markup.WpfXamlLoader.LoadBaml(System.Xaml.XamlReader, Boolean, System.Object, System.Xaml.Permissions.XamlAccessLevel, System.Uri) w System.Windows.Markup.XamlReader.LoadBaml(System.IO.Stream, System.Windows.Markup.ParserContext, System.Object, Boolean) w System.Windows.Application.LoadComponent(System.Object, System.Uri) w Clock.App.Main() Error: (06/03/2015 07:21:38 PM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (06/03/2015 00:10:28 AM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (06/03/2015 00:02:13 AM) (Source: VSS) (EventID: 8193) (User: ) Description: Błąd Usługi kopiowania woluminów w tle: nieoczekiwany błąd podczas wywoływania procedury ConvertStringSidToSid(S-1-5-21-3272948427-4286481902-406228690-500.bak). hr = 0x80070539, Struktura identyfikatora zabezpieczenia jest nieprawidłowa. . Operacja: Zdarzenie OnIdentify Zbieranie danych modułu zapisującego Kontekst: Kontekst wykonywania: Shadow Copy Optimization Writer Identyfikator klasy modułu zapisującego: {4dc3bdd4-ab48-4d07-adb0-3bee2926fd7f} Nazwa modułu zapisującego: Shadow Copy Optimization Writer Identyfikator wystąpienia modułu zapisującego: {31c78c2a-dd46-4c4b-8a13-1aa0a65b8827} Error: (06/03/2015 00:01:57 AM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (06/02/2015 11:58:40 PM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (06/02/2015 10:35:46 PM) (Source: VSS) (EventID: 8193) (User: ) Description: Błąd Usługi kopiowania woluminów w tle: nieoczekiwany błąd podczas wywoływania procedury ConvertStringSidToSid(S-1-5-21-3272948427-4286481902-406228690-500.bak). hr = 0x80070539, Struktura identyfikatora zabezpieczenia jest nieprawidłowa. . Operacja: Zdarzenie OnIdentify Zbieranie danych modułu zapisującego Kontekst: Kontekst wykonywania: Shadow Copy Optimization Writer Identyfikator klasy modułu zapisującego: {4dc3bdd4-ab48-4d07-adb0-3bee2926fd7f} Nazwa modułu zapisującego: Shadow Copy Optimization Writer Identyfikator wystąpienia modułu zapisującego: {a5f6369e-1fb1-4cdf-b2de-3bc29d879794} Error: (06/02/2015 10:17:54 PM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (06/02/2015 10:11:48 PM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 System errors: ============= Error: (06/03/2015 00:00:14 AM) (Source: EventLog) (EventID: 6008) (User: ) Description: Poprzednie zamknięcie systemu przy 23:58:46 na ‎2015-‎06-‎02 było nieoczekiwane. Error: (06/02/2015 11:57:00 PM) (Source: BugCheck) (EventID: 1001) (User: ) Description: 0x00000050 (0xfffffa7ffffffff1, 0x0000000000000000, 0xfffff8000340d133, 0x0000000000000007)C:\Windows\MEMORY.DMP Error: (06/02/2015 11:57:00 PM) (Source: BugCheck) (EventID: 1005) (User: ) Description: Error: (06/02/2015 11:56:59 PM) (Source: EventLog) (EventID: 6008) (User: ) Description: Poprzednie zamknięcie systemu przy 23:54:58 na ‎2015-‎06-‎02 było nieoczekiwane. Error: (06/02/2015 10:43:41 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Nie można uruchomić usługi EsgScanner z powodu następującego błędu: %%1275 Error: (06/02/2015 10:43:41 PM) (Source: Application Popup) (EventID: 1060) (User: ) Description: Ładowanie sterownika \SystemRoot\SysWow64\DRIVERS\EsgScanner.sys zostało zablokowane z powodu niezgodności z tym systemem. Skontaktuj się z dostawcą oprogramowania w celu uzyskania zgodnej wersji sterownika. Error: (06/02/2015 10:36:29 PM) (Source: NetBT) (EventID: 4321) (User: ) Description: Nie można zarejestrować nazwy „JAREK-KOMPUTER :20” w interfejsie o adresie IP 192.168.1.27. Komputer o adresie IP 192.168.1.10 nie zezwolił na przejęcie tej nazwy przez ten komputer. Error: (06/02/2015 10:36:29 PM) (Source: NetBT) (EventID: 4321) (User: ) Description: Nie można zarejestrować nazwy „JAREK-KOMPUTER :0” w interfejsie o adresie IP 192.168.1.27. Komputer o adresie IP 192.168.1.10 nie zezwolił na przejęcie tej nazwy przez ten komputer. Error: (06/02/2015 10:36:29 PM) (Source: Server) (EventID: 2505) (User: ) Description: Serwer nie mógł utworzyć powiązania do transportu \Device\NetBT_Tcpip_{D0C802B6-0277-4421-B8A4-58887BD9BA5A}, ponieważ inny komputer w sieci ma tę samą nazwę. Nie można uruchomić serwera. Error: (06/02/2015 10:33:27 PM) (Source: Disk) (EventID: 11) (User: ) Description: Sterownik wykrył błąd kontrolera na \Device\Harddisk2\DR8. Microsoft Office: ========================= ==================== Memory info =========================== Processor: AMD FX(tm)-4100 Quad-Core Processor Percentage of memory in use: 30% Total physical RAM: 8091.78 MB Available physical RAM: 5642.57 MB Total Pagefile: 16181.76 MB Available Pagefile: 13669.39 MB Total Virtual: 8192 MB Available Virtual: 8191.82 MB ==================== Drives ================================ Drive c: (seagate 250) (Fixed) (Total:232.88 GB) (Free:177.29 GB) NTFS ==>[Drive with boot components (obtained from BCD)] Drive d: (Zabawa) (Fixed) (Total:488.28 GB) (Free:423.76 GB) NTFS Drive e: (Nowy) (Fixed) (Total:443.23 GB) (Free:321.32 GB) NTFS ==================== MBR & Partition Table ================== ======================================================== Disk: 0 (MBR Code: Windows 7 or 8) (Size: 232.9 GB) (Disk ID: 55428662) Partition 1: (Active) - (Size=232.9 GB) - (Type=07 NTFS) ======================================================== Disk: 1 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: 21181B6C) Partition 1: (Not Active) - (Size=488.3 GB) - (Type=07 NTFS) Partition 2: (Not Active) - (Size=443.2 GB) - (Type=07 NTFS) ==================== End of log ============================