Additional scan result of Farbar Recovery Scan Tool (x64) Version:05-07-2015 Ran by Majaque at 2015-07-07 21:54:15 Running from C:\Users\Majaque\Desktop Boot Mode: Normal ========================================================== ==================== Accounts: ============================= Administrator (S-1-5-21-827327514-984835142-572640902-500 - Administrator - Disabled) Guest (S-1-5-21-827327514-984835142-572640902-501 - Limited - Disabled) Luksevine (S-1-5-21-827327514-984835142-572640902-1001 - Limited - Enabled) => C:\Users\Luksevine Majaque (S-1-5-21-827327514-984835142-572640902-1000 - Administrator - Enabled) => C:\Users\Majaque ==================== Security Center ======================== (If an entry is included in the fixlist, it will be removed.) AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AV: COMODO Antivirus (Enabled - Up to date) {F25D0092-CDBE-B303-ADB7-88DE8CDECCF5} AS: Comodo Defense+ (Enabled - Up to date) {493CE176-EB84-BC8D-9707-B3ACF7598648} AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} FW: COMODO Firewall (Enabled) {CA6681B7-87D1-B25B-86E8-21EB720D8B8E} ==================== Installed Programs ====================== (Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.) "FIFA 14" (HKLM-x32\...\{6049054B-DB11-48E1-A583-9A565D5C8856}_is1) (Version: 1.4.0.0 - ) Alternative Look for Triss (HKLM-x32\...\Alternative Look for Triss_is1) (Version: 1.0.0.0 - GOG.com) Alternative Look for Yennefer (HKLM-x32\...\Alternative Look for Yennefer_is1) (Version: 1.0.0.0 - GOG.com) Ballad Heroes - Neutral Gwent Card Set (HKLM-x32\...\Ballad Heroes - Neutral Gwent Card Set_is1) (Version: 1.0.0.0 - GOG.com) Beard and Hairstyle Set (HKLM-x32\...\Beard and Hairstyle Set_is1) (Version: 1.0.0.0 - GOG.com) CCleaner (HKLM\...\CCleaner) (Version: 5.07 - Piriform) COMODO Internet Security Premium (HKLM\...\{4C5D0B6A-944A-47A6-A2F3-BCB58E05CA5D}) (Version: 8.2.0.4591 - COMODO Security Solutions Inc.) Elite Crossbow Set (HKLM-x32\...\Elite Crossbow Set_is1) (Version: 1.0.0.0 - GOG.com) Enthought Canopy (64-bit) (HKLM\...\{93D7DF53-FDD4-4270-B83C-1EBC15FA1A87}) (Version: 1.5.4.116 - Enthought, Inc.) Google Chrome (HKLM-x32\...\Google Chrome) (Version: 43.0.2357.130 - Google Inc.) Google Update Helper (x32 Version: 1.3.27.5 - Google Inc.) Hidden Malwarebytes Anti-Malware wersja 2.1.8.1057 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.1.8.1057 - Malwarebytes Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation) New Quest - Contract - Skellige's Most Wanted (HKLM-x32\...\New Quest - Contract: Skellige's Most Wanted_is1) (Version: 1.0.0.0 - GOG.com) New Quest - Contract Missing Miners (HKLM-x32\...\New Quest - Contract Missing Miners_is1) (Version: 1.0.0.0 - GOG.com) New Quest - Fool's Gold (HKLM-x32\...\New Quest - Fool's Gold_is1) (Version: 1.0.0.0 - GOG.com) New Quest - Scavenger Hunt - Wolf School Gear (HKLM-x32\...\New Quest - Scavenger Hunt: Wolf School Gear_is1) (Version: 1.0.0.0 - GOG.com) New Quest - Where the Cat and Wolf Play... (HKLM-x32\...\New Quest - Where the Cat and Wolf Play..._is1) (Version: 1.0.0.0 - GOG.com) Nilfgaardian Armor Set (HKLM-x32\...\Nilfgaardian Armor Set_is1) (Version: 1.0.0.0 - GOG.com) NVIDIA Oprogramowanie systemu PhysX 9.15.0428 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.15.0428 - NVIDIA Corporation) NVIDIA Sterownik graficzny 353.30 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 353.30 - NVIDIA Corporation) Panel sterowania NVIDIA 353.30 (Version: 353.30 - NVIDIA Corporation) Hidden Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7541 - Realtek Semiconductor Corp.) Skellige Armor Set (HKLM-x32\...\Skellige Armor Set_is1) (Version: 1.0.0.0 - GOG.com) Skype™ 7.6 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.6.103 - Skype Technologies S.A.) Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation) SteelSeries Engine (HKLM\...\SteelSeries Engine) (Version: 2.9.2014.1 - SteelSeries) Temerian Armor Set (HKLM-x32\...\Temerian Armor Set_is1) (Version: 1.0.0.0 - GOG.com) The Witcher 3 - Wild Hunt (HKLM-x32\...\1207664643_is1) (Version: 1.0.0.0 - GOG.com) Transmission-Qt (HKLM\...\Transmission-Qt) (Version: 2.84.4 - Transmission) WTW (x64) (HKLM\...\{522A00DD-90B5-4481-B00F-E4CFBC0E7B3F}) (Version: 1.4.0.4466 - K2T.eu) ==================== Custom CLSID (Whitelisted): ========================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) ==================== Restore Points ========================= 04-07-2015 19:35:49 Operacja przywracania 06-07-2015 10:35:32 Zainstalowano: WTW (x64) ==================== Hosts content: =============================== (If needed Hosts: directive could be included in the fixlist to reset Hosts.) 2013-08-22 15:25 - 2013-08-22 15:25 - 00000824 ____A C:\WINDOWS\system32\Drivers\etc\hosts ==================== Scheduled Tasks (Whitelisted) ============= (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) Task: {29A3F4EF-3EC5-482C-9EAE-867DDCF6DDC0} - System32\Tasks\COMODO\COMODO Autostart {D5EFF3B3-E126-4AF6-BCE9-852A72129E10} => C:\Program Files\COMODO\COMODO Internet Security\cistray.exe [2015-06-05] (COMODO) Task: {371B35F8-C258-44DD-9FCE-A9CD828BFF90} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-07-05] (Google Inc.) Task: {4207DFBE-8CDA-4D68-86D3-686D95C1E0FC} - System32\Tasks\COMODO\COMODO Scan {F140D794-60B6-4F00-9235-D6457AA25B22} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe [2015-06-05] (COMODO) Task: {4B5D43FA-C244-417B-A90A-21E3C039D0D1} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2015-05-27] (Microsoft Corporation) Task: {4C877647-D2D4-4778-8DCE-79B617AF67DA} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2015-06-01] (Piriform Ltd) Task: {66D4C50C-1C1A-4569-957C-AF701BC53795} - System32\Tasks\COMODO\COMODO Update {A6D52E4F-569B-4756-B3D8-DF217313DA85} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe [2015-06-05] (COMODO) Task: {8A3A6E09-B078-40CA-8760-D67D262E729E} - System32\Tasks\COMODO\COMODO Cache Builder {0FB77674-7905-4F34-A362-C5A9A26F8CF9} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe [2015-06-05] (COMODO) Task: {CEE8D3F3-80B9-4585-AE31-3BC1B31C39CB} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-07-05] (Google Inc.) Task: {F8B52CA4-6C57-4FE6-8EBC-6AB9BB5CFF13} - System32\Tasks\COMODO\COMODO Signature Update {B9D5C6F9-17D2-4917-8BD0-614BAA1C6A59} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe [2015-06-05] (COMODO) Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe ==================== Loaded Modules (Whitelisted) ============== 2015-01-08 23:02 - 2015-01-08 23:02 - 00067808 _____ () C:\Program Files\COMODO\COMODO Internet Security\scanners\smart.cav 2015-06-26 05:59 - 2015-06-17 08:48 - 00116368 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll 2015-07-04 21:14 - 2015-07-04 21:14 - 00183296 _____ () C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20911_x64__8wekyb3d8bbwe\ErrorReporting.dll 2014-10-09 21:44 - 2014-10-09 21:44 - 00504832 _____ () C:\Program Files\SteelSeries\SteelSeries Engine\SSEngineLib.dll 2014-10-09 21:44 - 2014-10-09 21:44 - 09315328 _____ () C:\Program Files\SteelSeries\SteelSeries Engine\SSEngineWinGui.dll 2014-10-09 21:44 - 2014-10-09 21:44 - 00015872 _____ () C:\Program Files\SteelSeries\SteelSeries Engine\Localization.dll 2014-10-09 21:43 - 2014-10-09 21:43 - 00011264 _____ () C:\Program Files\SteelSeries\SteelSeries Engine\ISSPlugin.dll 2014-10-09 21:44 - 2014-10-09 21:44 - 00011264 _____ () C:\Program Files\SteelSeries\SteelSeries Engine\Utilities.dll 2014-10-09 21:44 - 2014-10-09 21:44 - 00115200 _____ () C:\Program Files\SteelSeries\SteelSeries Engine\DriverCommunication.dll 2014-10-08 17:30 - 2014-10-08 17:30 - 00047616 _____ () C:\Program Files\SteelSeries\SteelSeries Engine\SteelSeriesDrivers\x2api.dll 2014-10-09 21:44 - 2014-10-09 21:44 - 00034304 _____ () C:\Program Files\SteelSeries\SteelSeries Engine\DBUtils.dll 2014-10-08 17:30 - 2014-10-08 17:30 - 01102336 _____ () C:\Program Files\SteelSeries\SteelSeries Engine\System.Data.SQLite.dll 2014-10-09 21:44 - 2014-10-09 21:44 - 00189440 _____ () C:\Program Files\SteelSeries\SteelSeries Engine\MousePlugin.dll 2014-10-09 21:44 - 2014-10-09 21:44 - 00030720 _____ () C:\Program Files\SteelSeries\SteelSeries Engine\D3MousePlugin.dll 2014-10-09 21:44 - 2014-10-09 21:44 - 00031744 _____ () C:\Program Files\SteelSeries\SteelSeries Engine\KKMousePlugin.dll 2014-10-09 21:44 - 2014-10-09 21:44 - 00030720 _____ () C:\Program Files\SteelSeries\SteelSeries Engine\SRawPlugin.dll 2014-10-09 21:44 - 2014-10-09 21:44 - 00159744 _____ () C:\Program Files\SteelSeries\SteelSeries Engine\MLGSenseiPlugin.dll 2014-10-09 21:44 - 2014-10-09 21:44 - 00020992 _____ () C:\Program Files\SteelSeries\SteelSeries Engine\WoWGoldPlugin.dll 2014-10-09 21:44 - 2014-10-09 21:44 - 00030720 _____ () C:\Program Files\SteelSeries\SteelSeries Engine\GW2MousePlugin.dll 2014-10-09 21:44 - 2014-10-09 21:44 - 00029696 _____ () C:\Program Files\SteelSeries\SteelSeries Engine\CSGOMousePlugin.dll 2014-10-09 21:44 - 2014-10-09 21:44 - 00030208 _____ () C:\Program Files\SteelSeries\SteelSeries Engine\DOTA2MousePlugin.dll 2014-10-09 21:44 - 2014-10-09 21:44 - 00023040 _____ () C:\Program Files\SteelSeries\SteelSeries Engine\WoWWirelessPlugin.dll 2014-10-09 21:44 - 2014-10-09 21:44 - 00030720 _____ () C:\Program Files\SteelSeries\SteelSeries Engine\CODMousePlugin.dll 2014-10-09 21:44 - 2014-10-09 21:44 - 00030208 _____ () C:\Program Files\SteelSeries\SteelSeries Engine\WoTMousePlugin.dll ==================== Alternate Data Streams (Whitelisted) ========= (If an entry is included in the fixlist, only the ADS will be removed.) AlternateDataStreams: C:\WINDOWS\SysWOW64\D3DCompiler_43.dll:$CmdTcID AlternateDataStreams: C:\WINDOWS\SysWOW64\D3DX9_43.dll:$CmdTcID AlternateDataStreams: C:\WINDOWS\SysWOW64\xinput1_3.dll:$CmdTcID AlternateDataStreams: C:\Users\Luksevine\Desktop\1.jpg:$CmdZnID AlternateDataStreams: C:\Users\Luksevine\Desktop\2.jpg:$CmdZnID AlternateDataStreams: C:\Users\Luksevine\Desktop\2015-07-06.png:$CmdZnID AlternateDataStreams: C:\Users\Luksevine\Desktop\3.jpg:$CmdZnID AlternateDataStreams: C:\Users\Luksevine\Desktop\4.jpg:$CmdZnID AlternateDataStreams: C:\Users\Luksevine\Desktop\5.jpg:$CmdZnID AlternateDataStreams: C:\Users\Luksevine\Desktop\6.jpg:$CmdZnID AlternateDataStreams: C:\Users\Luksevine\Desktop\7.jpg:$CmdZnID AlternateDataStreams: C:\Users\Luksevine\Desktop\[CIACH]:$CmdZnID AlternateDataStreams: C:\Users\Luksevine\Desktop\[CIACH]:$CmdZnID AlternateDataStreams: C:\Users\Luksevine\Downloads\[CIACH]:$CmdZnID AlternateDataStreams: C:\Users\Luksevine\Downloads\[CIACH].jpg:$CmdZnID AlternateDataStreams: C:\Users\Luksevine\Downloads\[CIACH]:$CmdZnID AlternateDataStreams: C:\Users\Luksevine\Downloads\[CIACH]:$CmdZnID AlternateDataStreams: C:\Users\Luksevine\Downloads\[CIACH]:$CmdZnID AlternateDataStreams: C:\Users\Luksevine\Downloads\[CIACH]:$CmdZnID AlternateDataStreams: C:\Users\Luksevine\Downloads\[CIACH]:$CmdZnID AlternateDataStreams: C:\Users\Luksevine\Downloads\[CIACH]:$CmdZnID AlternateDataStreams: C:\Users\Luksevine\Downloads\[CIACH]:$CmdZnID AlternateDataStreams: C:\Users\Luksevine\Downloads\[CIACH]:$CmdZnID AlternateDataStreams: C:\Users\Majaque\SkyDrive:ms-properties AlternateDataStreams: C:\Users\Majaque\Desktop\1.png:$CmdZnID AlternateDataStreams: C:\Users\Majaque\Desktop\2.png:$CmdZnID AlternateDataStreams: C:\Users\Majaque\Desktop\3.png:$CmdZnID AlternateDataStreams: C:\Users\Majaque\Desktop\FRST64.exe:$CmdTcID AlternateDataStreams: C:\Users\Majaque\Desktop\[CIACH]:$CmdZnID AlternateDataStreams: C:\Users\Majaque\Desktop\z5vzw3ix.exe:$CmdTcID AlternateDataStreams: C:\Users\Majaque\Downloads\100389688367.sdx:$CmdZnID AlternateDataStreams: C:\Users\Majaque\Downloads\100389898890.sdx:$CmdZnID AlternateDataStreams: C:\Users\Majaque\Downloads\100389904999.sdx:$CmdZnID AlternateDataStreams: C:\Users\Majaque\Downloads\11354911_904262312949508_22278165_n.jpg:$CmdZnID AlternateDataStreams: C:\Users\Majaque\Downloads\2015_lab_3_subplot.ipynb:$CmdZnID AlternateDataStreams: C:\Users\Majaque\Downloads\2015_lab_5_slowniki_sygnaly (1).html:$CmdZnID AlternateDataStreams: C:\Users\Majaque\Downloads\2015_lab_5_slowniki_sygnaly.html:$CmdZnID AlternateDataStreams: C:\Users\Majaque\Downloads\20522,15372,podzial_r.ak._2014_15.pdf,387575.pdf:$CmdZnID AlternateDataStreams: C:\Users\Majaque\Downloads\3.png:$CmdZnID AlternateDataStreams: C:\Users\Majaque\Downloads\bbbb.ipynb:$CmdZnID AlternateDataStreams: C:\Users\Majaque\Downloads\[CIACH]:$CmdZnID AlternateDataStreams: C:\Users\Majaque\Downloads\[CIACH]:$CmdZnID AlternateDataStreams: C:\Users\Majaque\Downloads\[CIACH]:$CmdZnID AlternateDataStreams: C:\Users\Majaque\Downloads\[CIACH]:$CmdZnID AlternateDataStreams: C:\Users\Majaque\Downloads\img008.pdf:$CmdZnID AlternateDataStreams: C:\Users\Majaque\Downloads\img009.pdf:$CmdZnID AlternateDataStreams: C:\Users\Majaque\Downloads\img011.pdf:$CmdZnID AlternateDataStreams: C:\Users\Majaque\Downloads\img016.pdf:$CmdZnID AlternateDataStreams: C:\Users\Majaque\Downloads\img017.pdf:$CmdZnID AlternateDataStreams: C:\Users\Majaque\Downloads\[CIACH]:$CmdZnID AlternateDataStreams: C:\Users\Majaque\Downloads\[CIACH]:$CmdZnID AlternateDataStreams: C:\Users\Majaque\Downloads\[CIACH]:$CmdZnID AlternateDataStreams: C:\Users\Majaque\Downloads\[CIACH]:$CmdZnID AlternateDataStreams: C:\Users\Majaque\Downloads\[CIACH]:$CmdZnID AlternateDataStreams: C:\Users\Majaque\Downloads\[CIACH]:$CmdZnID AlternateDataStreams: C:\Users\Majaque\Downloads\[CIACH]:$CmdZnID AlternateDataStreams: C:\Users\Majaque\Downloads\[CIACH]:$CmdZnID AlternateDataStreams: C:\Users\Majaque\Downloads\[CIACH]:$CmdZnID AlternateDataStreams: C:\Users\Majaque\Downloads\setup-wtw-x64.msi:$CmdZnID AlternateDataStreams: C:\Users\Majaque\Downloads\[CIACH]:$CmdZnID AlternateDataStreams: C:\Users\Majaque\Downloads\[CIACH]:$CmdZnID AlternateDataStreams: C:\Users\Majaque\Downloads\[CIACH]:$CmdZnID ==================== Safe Mode (Whitelisted) =================== (If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.) ==================== EXE Association (Whitelisted) =============== (If an entry is included in the fixlist, the registry item will be restored to default or removed.) ==================== Internet Explorer trusted/restricted =============== (If an entry is included in the fixlist, it will be removed from the registry.) ==================== Other Areas ============================ (Currently there is no automatic fix for this section.) HKU\S-1-5-21-827327514-984835142-572640902-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Majaque\Desktop\8u0l3OU.jpg DNS Servers: 10.0.2.2 - 10.0.2.4 ==================== MSCONFIG/TASK MANAGER disabled items == (Currently there is no automatic fix for this section.) HKLM\...\StartupApproved\Run32: => "StereoLinksInstall" HKU\S-1-5-21-827327514-984835142-572640902-1000\...\StartupApproved\Run: => "Skype" HKU\S-1-5-21-827327514-984835142-572640902-1000\...\StartupApproved\Run: => "CCleaner Monitoring" ==================== FirewallRules (Whitelisted) =============== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139 FirewallRules: [SPPSVC-In-TCP] => (Allow) %SystemRoot%\system32\sppextcomobj.exe FirewallRules: [SPPSVC-In-TCP-NoScope] => (Allow) %SystemRoot%\system32\sppextcomobj.exe FirewallRules: [{442885D5-AA86-4AAA-BF28-DD50B1163D93}] => (Allow) D:\Steam\Steam.exe FirewallRules: [{EAC735E8-E354-4EA9-AF08-DDB9DD1FD510}] => (Allow) D:\Steam\Steam.exe FirewallRules: [{77F5A9F7-327A-4E9B-90FB-DB8E0F4A2F21}] => (Allow) D:\Steam\bin\steamwebhelper.exe FirewallRules: [{9A07ECA6-7764-490F-9380-099FBFB7F10C}] => (Allow) D:\Steam\bin\steamwebhelper.exe FirewallRules: [{C595372C-AB2B-4A1B-BD08-07A5377158DA}] => (Allow) D:\Steam\SteamApps\common\Counter-Strike Global Offensive\csgo.exe FirewallRules: [{C948D768-3492-4CF3-9E75-DD09D651DFF4}] => (Allow) D:\Steam\SteamApps\common\Counter-Strike Global Offensive\csgo.exe FirewallRules: [{8E51BAE7-5704-4F64-A1FA-F9970EFAC3CF}] => (Allow) D:\Steam\SteamApps\common\PAYDAY 2\payday2_win32_release.exe FirewallRules: [{9D2BEAB6-21B7-4A2F-8F30-B2ECF16FC9B1}] => (Allow) D:\Steam\SteamApps\common\PAYDAY 2\payday2_win32_release.exe FirewallRules: [TCP Query User{FC81AB59-1D11-41D4-89B2-AB8DD029498F}C:\program files\transmission\transmission-qt.exe] => (Allow) C:\program files\transmission\transmission-qt.exe FirewallRules: [UDP Query User{50E675F7-351D-442B-9DD5-4FF084EA7B7C}C:\program files\transmission\transmission-qt.exe] => (Allow) C:\program files\transmission\transmission-qt.exe FirewallRules: [TCP Query User{2F303B68-E15C-49F5-9598-8F063F075038}C:\program files (x86)\skype\phone\skype.exe] => (Block) C:\program files (x86)\skype\phone\skype.exe FirewallRules: [UDP Query User{D4BC17B3-82ED-420F-BE8D-81531B187912}C:\program files (x86)\skype\phone\skype.exe] => (Block) C:\program files (x86)\skype\phone\skype.exe FirewallRules: [{7289EF2E-25DC-4474-A3B5-5916B8DB9417}] => (Allow) D:\Steam\SteamApps\common\Team Fortress 2\hl2.exe FirewallRules: [{432F27FF-4A71-49B5-BC3D-94C2E8466ECC}] => (Allow) D:\Steam\SteamApps\common\Team Fortress 2\hl2.exe FirewallRules: [TCP Query User{07DF7AE4-A3EC-4ADC-BE99-3542A6F25E04}D:\steam\steamapps\common\left 4 dead 2\left4dead2.exe] => (Allow) D:\steam\steamapps\common\left 4 dead 2\left4dead2.exe FirewallRules: [UDP Query User{E9F8BD46-A70D-4E32-8A7F-7ABC49E3013C}D:\steam\steamapps\common\left 4 dead 2\left4dead2.exe] => (Allow) D:\steam\steamapps\common\left 4 dead 2\left4dead2.exe FirewallRules: [{05C76C95-A4D1-4255-B78B-7BFBA79D45AB}] => (Allow) D:\Steam\SteamApps\common\Borderlands 2\Binaries\Win32\Launcher.exe FirewallRules: [{9955263D-222F-4C39-83DF-9B754A3EA70E}] => (Allow) D:\Steam\SteamApps\common\Borderlands 2\Binaries\Win32\Launcher.exe FirewallRules: [{13CE64B7-443F-49B0-A44F-09D5587ECBA6}] => (Allow) D:\FIFA 14\Game\fifa14.exe FirewallRules: [{852DA401-020D-4A55-92BB-3D94853FE089}] => (Allow) D:\FIFA 14\Game\fifa14.exe FirewallRules: [{B917561C-DE24-44EC-89BA-C38871625E49}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe ==================== Faulty Device Manager Devices ============= ==================== Event log errors: ========================= Application errors: ================== Error: (07/07/2015 11:41:48 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: MAJAQUE-PC) Description: Aktywacja aplikacji Microsoft.BingWeather_8wekyb3d8bbwe!App nie powiodła się. Błąd: -2144927148. Więcej informacji można znaleźć w dzienniku Microsoft-Windows-TWinUI/Działa. Error: (07/07/2015 11:41:43 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: MAJAQUE-PC) Description: Aktywacja aplikacji Microsoft.SkypeApp_kzf8qxf38zg5c!App nie powiodła się. Błąd: -2147023170. Więcej informacji można znaleźć w dzienniku Microsoft-Windows-TWinUI/Działa. Error: (07/07/2015 10:41:45 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: MAJAQUE-PC) Description: Aktywacja aplikacji Microsoft.BingWeather_8wekyb3d8bbwe!App nie powiodła się. Błąd: -2144927148. Więcej informacji można znaleźć w dzienniku Microsoft-Windows-TWinUI/Działa. Error: (07/06/2015 09:43:19 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: MAJAQUE-PC) Description: Aktywacja aplikacji Microsoft.BingWeather_8wekyb3d8bbwe!App nie powiodła się. Błąd: -2144927148. Więcej informacji można znaleźć w dzienniku Microsoft-Windows-TWinUI/Działa. Error: (07/06/2015 07:43:15 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: MAJAQUE-PC) Description: Aktywacja aplikacji Microsoft.BingWeather_8wekyb3d8bbwe!App nie powiodła się. Błąd: -2144927148. Więcej informacji można znaleźć w dzienniku Microsoft-Windows-TWinUI/Działa. Error: (07/06/2015 05:43:21 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: MAJAQUE-PC) Description: Aktywacja aplikacji Microsoft.BingWeather_8wekyb3d8bbwe!App nie powiodła się. Błąd: -2144927148. Więcej informacji można znaleźć w dzienniku Microsoft-Windows-TWinUI/Działa. Error: (07/06/2015 11:43:20 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: MAJAQUE-PC) Description: Aktywacja aplikacji Microsoft.BingWeather_8wekyb3d8bbwe!App nie powiodła się. Błąd: -2144927148. Więcej informacji można znaleźć w dzienniku Microsoft-Windows-TWinUI/Działa. Error: (07/06/2015 10:35:48 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: ) Description: Przetwarzanie wywołania OnIdentity() w obiekcie System Writer przez Usługi kryptograficzne nie powiodło się. Details: AddLegacyDriverFiles: Unable to back up image of binary Protokół LLDP (Link-Layer Discovery Protocol) firmy Microsoft. System Error: Odmowa dostępu. . Error: (07/06/2015 09:43:18 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: MAJAQUE-PC) Description: Aktywacja aplikacji Microsoft.BingWeather_8wekyb3d8bbwe!App nie powiodła się. Błąd: -2144927148. Więcej informacji można znaleźć w dzienniku Microsoft-Windows-TWinUI/Działa. Error: (07/05/2015 11:42:56 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: MAJAQUE-PC) Description: Aktywacja aplikacji Microsoft.BingWeather_8wekyb3d8bbwe!App nie powiodła się. Błąd: -2144927148. Więcej informacji można znaleźć w dzienniku Microsoft-Windows-TWinUI/Działa. System errors: ============= Error: (07/07/2015 08:24:47 PM) (Source: DCOM) (EventID: 10016) (User: ZARZĄDZANIE NT) Description: właściwe dla aplikacjiLokalnyAktywacja{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}ZARZĄDZANIE NTSYSTEMS-1-5-18LocalHost (użycie LRPC)NiedostępnyNiedostępny Error: (07/07/2015 07:06:04 PM) (Source: DCOM) (EventID: 10016) (User: ZARZĄDZANIE NT) Description: właściwe dla aplikacjiLokalnyAktywacja{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}ZARZĄDZANIE NTSYSTEMS-1-5-18LocalHost (użycie LRPC)NiedostępnyNiedostępny Error: (07/07/2015 06:58:23 PM) (Source: DCOM) (EventID: 10016) (User: ZARZĄDZANIE NT) Description: właściwe dla aplikacjiLokalnyAktywacja{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}ZARZĄDZANIE NTSYSTEMS-1-5-18LocalHost (użycie LRPC)NiedostępnyNiedostępny Error: (07/07/2015 02:46:23 PM) (Source: DCOM) (EventID: 10010) (User: Majaque-PC) Description: {1B1F472E-3221-4826-97DB-2C2324D389AE} Error: (07/07/2015 02:45:53 PM) (Source: DCOM) (EventID: 10010) (User: Majaque-PC) Description: {BF6C1E47-86EC-4194-9CE5-13C15DCB2001} Error: (07/07/2015 01:57:59 PM) (Source: DCOM) (EventID: 10010) (User: Majaque-PC) Description: {BF6C1E47-86EC-4194-9CE5-13C15DCB2001} Error: (07/07/2015 01:57:28 PM) (Source: DCOM) (EventID: 10010) (User: Majaque-PC) Description: {1B1F472E-3221-4826-97DB-2C2324D389AE} Error: (07/07/2015 00:12:29 PM) (Source: DCOM) (EventID: 10016) (User: ZARZĄDZANIE NT) Description: właściwe dla aplikacjiLokalnyAktywacja{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}ZARZĄDZANIE NTSYSTEMS-1-5-18LocalHost (użycie LRPC)NiedostępnyNiedostępny Error: (07/07/2015 10:41:09 AM) (Source: DCOM) (EventID: 10010) (User: MAJAQUE-PC) Description: {ED1D0FDF-4414-470A-A56D-CFB68623FC58} Error: (07/07/2015 02:18:41 AM) (Source: DCOM) (EventID: 10010) (User: Majaque-PC) Description: {4545DEA0-2DFC-4906-A728-6D986BA399A9} Microsoft Office: ========================= Error: (07/07/2015 11:41:48 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: MAJAQUE-PC) Description: Microsoft.BingWeather_8wekyb3d8bbwe!App-2144927148 Error: (07/07/2015 11:41:43 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: MAJAQUE-PC) Description: Microsoft.SkypeApp_kzf8qxf38zg5c!App-2147023170 Error: (07/07/2015 10:41:45 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: MAJAQUE-PC) Description: Microsoft.BingWeather_8wekyb3d8bbwe!App-2144927148 Error: (07/06/2015 09:43:19 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: MAJAQUE-PC) Description: Microsoft.BingWeather_8wekyb3d8bbwe!App-2144927148 Error: (07/06/2015 07:43:15 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: MAJAQUE-PC) Description: Microsoft.BingWeather_8wekyb3d8bbwe!App-2144927148 Error: (07/06/2015 05:43:21 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: MAJAQUE-PC) Description: Microsoft.BingWeather_8wekyb3d8bbwe!App-2144927148 Error: (07/06/2015 11:43:20 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: MAJAQUE-PC) Description: Microsoft.BingWeather_8wekyb3d8bbwe!App-2144927148 Error: (07/06/2015 10:35:48 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: ) Description: Details: AddLegacyDriverFiles: Unable to back up image of binary Protokół LLDP (Link-Layer Discovery Protocol) firmy Microsoft. System Error: Odmowa dostępu. Error: (07/06/2015 09:43:18 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: MAJAQUE-PC) Description: Microsoft.BingWeather_8wekyb3d8bbwe!App-2144927148 Error: (07/05/2015 11:42:56 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: MAJAQUE-PC) Description: Microsoft.BingWeather_8wekyb3d8bbwe!App-2144927148 CodeIntegrity Errors: =================================== Date: 2015-07-07 21:47:28.874 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\guard64.dll because the set of per-page image hashes could not be found on the system. Date: 2015-07-07 20:25:47.300 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\cmdcsr.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2015-07-07 20:25:19.236 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\cmdcsr.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2015-07-07 19:06:04.753 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\cmdcsr.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2015-07-07 18:59:04.277 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\cmdcsr.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2015-07-07 16:30:28.927 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\guard64.dll because the set of per-page image hashes could not be found on the system. Date: 2015-07-07 14:48:24.381 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\guard64.dll because the set of per-page image hashes could not be found on the system. Date: 2015-07-07 13:47:54.276 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\guard64.dll because the set of per-page image hashes could not be found on the system. Date: 2015-07-07 13:22:51.806 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\cmdcsr.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2015-07-07 12:54:34.794 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\guard64.dll because the set of per-page image hashes could not be found on the system. ==================== Memory info =========================== Processor: AMD Phenom(tm) II X4 955 Processor Percentage of memory in use: 31% Total physical RAM: 4094.18 MB Available physical RAM: 2800.45 MB Total Virtual: 7103.03 MB Available Virtual: 5372.74 MB ==================== Drives ================================ Drive c: () (Fixed) (Total:70 GB) (Free:32.81 GB) NTFS Drive d: () (Fixed) (Total:350 GB) (Free:53.51 GB) NTFS Drive e: () (Fixed) (Total:500 GB) (Free:244.63 GB) NTFS ==================== MBR & Partition Table ================== ======================================================== Disk: 0 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: 0B9D14F4) Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS) Partition 2: (Not Active) - (Size=70 GB) - (Type=07 NTFS) Partition 3: (Not Active) - (Size=850 GB) - (Type=OF Extended) ==================== End of log ============================