Additional scan result of Farbar Recovery Scan Tool (x64) Version: 26-10-2016 Ran by Jakub (27-10-2016 16:00:35) Running from C:\Users\Jakub\Desktop Windows 8.1 Pro (Update) (X64) (2016-09-10 22:30:01) Boot Mode: Normal ========================================================== ==================== Accounts: ============================= Administrator (S-1-5-21-529898959-3016096094-2671212967-500 - Administrator - Disabled) Guest (S-1-5-21-529898959-3016096094-2671212967-501 - Limited - Disabled) Jakub (S-1-5-21-529898959-3016096094-2671212967-1001 - Administrator - Enabled) => C:\Users\Jakub ==================== Security Center ======================== (If an entry is included in the fixlist, it will be removed.) AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} ==================== Installed Programs ====================== (Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.) @BIOS B15.0630.1 (HKLM-x32\...\InstallShield_{C9D46F25-5F9D-4E25-B24F-BC00E9EDF529}) (Version: 3.00.0000 - GIGABYTE) @BIOS B15.0630.1 (x32 Version: 3.00.0000 - GIGABYTE) Hidden µTorrent (HKU\S-1-5-21-529898959-3016096094-2671212967-1001\...\uTorrent) (Version: 3.4.8.42576 - BitTorrent Inc.) Aktualizacje NVIDIA 2.13.0.21 (Version: 2.13.0.21 - NVIDIA Corporation) Hidden Ansel (Version: 375.63 - NVIDIA Corporation) Hidden APP Center (HKLM-x32\...\InstallShield_{F3D47276-0E35-42CF-A677-B45118470E21}) (Version: 1.16.0503 - Gigabyte) APP Center (x32 Version: 1.16.0503 - Gigabyte) Hidden Asystent uaktualnienia do systemu Windows 10 (HKLM-x32\...\{D5C69738-B486-402E-85AC-2456D98A64E4}) (Version: 1.4.9200.17364 - Microsoft Corporation) Battlefield 4™ (HKLM-x32\...\{ABADE36E-EC37-413B-8179-B432AD3FACE7}) (Version: 1.7.2.45672 - Electronic Arts) Battlelog Web Plugins (HKLM-x32\...\Battlelog Web Plugins) (Version: 2.3.0 - EA Digital Illusions CE AB) BUSB (HKLM-x32\...\{0AADC50C-C4F8-49A7-8699-AFE46875CA67}) (Version: 1.14.0819.1 - GIGABYTE) Cloud Station Server (HKLM-x32\...\InstallShield_{41B20CB6-32EE-468B-982C-4864E2135BD0}) (Version: 1.00.1607.0101 - GIGABYTE) Cloud Station Server (x32 Version: 1.00.1607.0101 - GIGABYTE) Hidden Core Temp 1.4.1 (HKLM\...\{086D343F-8E78-4AFC-81AC-D6D414AFD8AC}_is1) (Version: 1.4.1 - ALCPU) Counter-Strike (HKLM\...\Steam App 10) (Version: - Valve) Counter-Strike: Global Offensive (HKLM\...\Steam App 730) (Version: - Valve) CPUID HWMonitor 1.30 (HKLM\...\CPUID HWMonitor_is1) (Version: - ) D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden DriverMax 8 (HKLM-x32\...\DMX5_is1) (Version: 8.33.0.509 - Innovative Solutions) EasyTune (HKLM-x32\...\InstallShield_{7F635314-EE21-4E4B-A68D-69AE70BA0E9B}) (Version: 1.00.0002 - GIGABYTE) EasyTune (x32 Version: 1.00.0002 - GIGABYTE) Hidden ESN Sonar (HKLM-x32\...\ESN Sonar-0.70.4) (Version: 0.70.4 - ESN Social Software AB) Euro Truck Simulator 2 (HKLM\...\Steam App 227300) (Version: - SCS Software) EZSetup B15.0811.1 (HKLM-x32\...\InstallShield_{9EAB60B6-70FE-4EC7-8DF4-54773E4EAC05}) (Version: 1.00.0000 - GIGABYTE) EZSetup B15.0811.1 (x32 Version: 1.00.0000 - GIGABYTE) Hidden Fast Boot (HKLM-x32\...\InstallShield_{FA8FB4F2-F524-48E1-A06C-45602FBF26CD}) (Version: 1.15.0626 - GIGABYTE) Fast Boot (x32 Version: 1.15.0626 - GIGABYTE) Hidden GameCtrl B14.0410.1 (HKLM-x32\...\InstallShield_{6BBE6CF2-84B2-4ECA-9ECA-C56925C1CCE2}) (Version: 1.00.0000 - GIGABYTE) GameCtrl B14.0410.1 (x32 Version: 1.00.0000 - GIGABYTE) Hidden GIGABYTE OC_GURU II (HKLM-x32\...\InstallShield_{EA298EC1-2B8F-4DA9-8C5B-BC1FCBBAD72F}) (Version: 1.69.0000 - GIGABYTE Technology Co.,Ltd.) GIGABYTE OC_GURU II (x32 Version: 1.69.0000 - GIGABYTE Technology Co.,Ltd.) Hidden Grand Theft Auto V (HKLM\...\Steam App 271590) (Version: - Rockstar North) Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 10.0.39.1003 - Intel Corporation) Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.14.4206 - Intel Corporation) Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 13.0.3.1001 - Intel Corporation) LogMeIn Hamachi (HKLM-x32\...\LogMeIn Hamachi) (Version: 2.2.0.519 - LogMeIn, Inc.) LogMeIn Hamachi (x32 Version: 2.2.0.519 - LogMeIn, Inc.) Hidden Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation) Movie Maker (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden NVIDIA GeForce Experience 3.0.7.34 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.0.7.34 - NVIDIA Corporation) NVIDIA PhysX System Software 9.16.0318 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.16.0318 - NVIDIA Corporation) NVIDIA Sterownik 3D Vision 375.63 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 375.63 - NVIDIA Corporation) NVIDIA Sterownik dźwięku HD 1.3.34.17 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.34.17 - NVIDIA Corporation) NVIDIA Sterownik graficzny 375.63 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 375.63 - NVIDIA Corporation) NVIDIA Sterownik kontrolera 3D Vision 369.04 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 369.04 - NVIDIA Corporation) NVIDIA Wirtualny dźwięk Miracast 375.63 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Miracast.VirtualAudio) (Version: 375.63 - NVIDIA Corporation) NvNodejs (Version: 3.0.7.34 - NVIDIA Corporation) Hidden NvTelemetry (Version: 1.0.0.0 - NVIDIA Corporation) Hidden Odkurzacz (HKLM-x32\...\Odkurzacz 14.2_is1) (Version: 14.2.0.4492 - FranmoSoftware - Maciej Opaliñski) ON_OFF Charge 2 B15.0709.1 (HKLM-x32\...\InstallShield_{6B4ED6F7-BB88-4945-B0C6-01410E1BAC3A}) (Version: 1.00.0000 - GIGABYTE) ON_OFF Charge 2 B15.0709.1 (x32 Version: 1.00.0000 - GIGABYTE) Hidden Online.io Application (HKLM-x32\...\{DBABED16-1BB7-4805-B24B-7424A372AB0F}) (Version: 1.11.0 - Microleaves) Opera Stable 41.0.2353.46 (HKLM-x32\...\Opera 41.0.2353.46) (Version: 41.0.2353.46 - Opera Software) Oprogramowanie mikroukładu Intel® (x32 Version: 10.0.26 - Intel(R) Corporation) Hidden Origin (HKLM-x32\...\Origin) (Version: 10.2.1.38915 - Electronic Arts, Inc.) Panel sterowania NVIDIA 375.63 (Version: 375.63 - NVIDIA Corporation) Hidden PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.993 - Even Balance, Inc.) Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7836 - Realtek Semiconductor Corp.) Rockstar Games Social Club (HKLM-x32\...\Rockstar Games Social Club) (Version: 1.2.0.5 - Rockstar Games) Rust (HKLM\...\Steam App 252490) (Version: - Facepunch Studios) SafeFinder (HKLM-x32\...\{448331BA-9369-4BB6-B48D-CDCFC92D48BC}) (Version: 1.0.0.0 - Linkury) <==== ATTENTION SHIELD Streaming (Version: 7.1.0320 - NVIDIA Corporation) Hidden SHIELD Wireless Controller Driver (Version: 3.0.7.34 - NVIDIA Corporation) Hidden SIV (HKLM-x32\...\InstallShield_{AAA057C3-10DC-4EB9-A3D6-8208C1BB7411}) (Version: 1.15.0701 - GIGABYTE) SIV (x32 Version: 1.15.0701 - GIGABYTE) Hidden Smart Recovery 2 B14.0418.3 (x64) (HKLM-x32\...\{BC1FA5CF-A36F-4C61-9638-09D0B431B006}) (Version: 1.00.0001 - GIGABYTE) Smart TimeLock B15.0626.1 (HKLM-x32\...\InstallShield_{5D93E30A-78A3-4890-962F-56B61A5873DD}) (Version: 1.00.0001 - GIGABYTE) Smart TimeLock B15.0626.1 (x32 Version: 1.00.0001 - GIGABYTE) Hidden Sound Blaster X-Fi MB3 (HKLM-x32\...\{3689CE39-3173-4952-B7AF-F1A9D6F9A288}) (Version: 1.00.07 - Creative Technology Limited) Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation) Stellarium 0.15.0 (HKLM\...\Stellarium_is1) (Version: 0.15.0 - Stellarium team) Stranded Deep (HKLM\...\Steam App 313120) (Version: - Beam Team Games) The Crew (Worldwide) (HKLM-x32\...\Uplay Install 413) (Version: - Ubisoft) The Forest (HKLM\...\Steam App 242760) (Version: - Endnight Games Ltd) Traffic Exchange (HKLM-x32\...\{438465C5-D78D-4958-B31D-60374B5042F4}) (Version: 1.11.0 - Microleaves) Transcend SSD Scope version 3.3.0 (HKLM-x32\...\{AD8E7B8B-EAD8-4B9F-882E-7970ABFACE34}_is1) (Version: 3.3.0 - Transcend Information, Inc.) TruckersMP 0.2.1.2.2 Alpha (HKLM\...\{A227B892-C548-4490-9C5D-DB341F8194A6}_is1) (Version: 0.2.1.2.2 Alpha - TruckersMP Team) Unity Web Player (HKU\S-1-5-21-529898959-3016096094-2671212967-1001\...\UnityWebPlayer) (Version: 5.3.5f1 - Unity Technologies ApS) Uplay (HKLM-x32\...\Uplay) (Version: 22.2 - Ubisoft) VTuner (HKLM-x32\...\InstallShield_{C381226E-C402-4976-9411-54282F1396D3}) (Version: 1.15.0626 - GIGABYTE) VTuner (x32 Version: 1.15.0626 - GIGABYTE) Hidden Vulkan Run Time Libraries 1.0.26.0 (HKLM\...\VulkanRT1.0.26.0) (Version: 1.0.26.0 - LunarG, Inc.) Windows Movie Maker 2016 (HKLM-x32\...\{3CC29C1A-B5FE-457B-8F22-32A2videowin}}_is1) (Version: - videowinsoft.com) WinRAR 5.40 (64-bitowy) (HKLM\...\WinRAR archiver) (Version: 5.40.0 - win.rar GmbH) Xiph.Org Open Codecs 0.85.17777 (HKLM-x32\...\Open Codecs) (Version: 0.85.17777 - Xiph.Org) ==================== Custom CLSID (Whitelisted): ========================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) CustomCLSID: HKU\S-1-5-21-529898959-3016096094-2671212967-1001_Classes\CLSID\{820D63D5-8CFF-46DE-86AF-4997DEDD6DB5}\localserver32 -> C:\Windows\system32\igfxEM.exe (Intel Corporation) ==================== Scheduled Tasks (Whitelisted) ============= (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) Task: {0A7DA7CC-30E8-42DE-8533-44043A29E4E1} - System32\Tasks\Online Application v2 OG => C:\Program Files (x86)\Microleaves\Online.io Application\Online-Guardian-v2.exe [2016-10-25] (Microleaves LTD) Task: {0B545118-B563-42FC-8D07-B78F602FCF34} - System32\Tasks\Microsoft\Windows\WS\WSRefreshBannedAppsListTask => Rundll32.exe WSClient.dll,RefreshBannedAppsList Task: {0D38433F-A3E2-4761-A557-BA33184611E7} - System32\Tasks\Traffic Exchange Guard => C:\Program Files (x86)\Microleaves\Traffic Exchange\Online-Guardian.exe [2016-08-17] (Microleaves LTD) Task: {1766F15D-1102-47CC-A3E1-80F1D923AABC} - System32\Tasks\Online Application v2 => C:\Program Files (x86)\Microleaves\Online.io Application\Online-Guardian-v2.exe [2016-10-25] (Microleaves LTD) Task: {1AEDD995-8AF7-491A-93D5-078EDDD98710} - System32\Tasks\Traffic Exchange v2 Guardian => C:\Program Files (x86)\Microleaves\Traffic Exchange\Online-Guardian-v2.exe [2016-10-25] (Microleaves LTD) Task: {1BCD5710-EF70-431D-8569-2A930CB3FDA8} - System32\Tasks\svshost => C:\Users\Jakub\AppData\Local\svshost\svshost.exe [2016-10-26] () <==== ATTENTION Task: {32627EB0-931F-4791-82E0-8A184E61B556} - System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmMon.exe [2016-09-30] (NVIDIA Corporation) Task: {44B55F0C-68AB-4526-B24F-DA3108F45F0A} - System32\Tasks\Online Application v2 Guard => C:\Program Files (x86)\Microleaves\Online.io Application\Online-Guardian-v2.exe [2016-10-25] (Microleaves LTD) Task: {49E9E4EC-3E60-4F0A-B475-C8E290E3CFF9} - System32\Tasks\Traffic Exchange v2 => C:\Program Files (x86)\Microleaves\Traffic Exchange\Online-Guardian-v2.exe [2016-10-25] (Microleaves LTD) Task: {4DE2F623-0294-4BFF-88EB-52E76C9999C0} - System32\Tasks\{41037E4F-9826-41BC-B46B-5AF5BB46688B} => pcalua.exe -a "C:\Program Files (x86)\Common Files\Stanjob\uninstall.exe" -c shuz -f "C:\Program Files (x86)\Common Files\Stanjob\uninstall.dat" -a uninstallme 448331BA-9369-4BB6-B48D-CDCFC92D48BC DeviceId=7762a020-5b03-b1db-a239-d75ddbb56db8 BarcodeId=51198003 ChannelId=3 DistributerName=APSFWakeNet Task: {4F8ED5B4-9AA0-4D95-ADB3-DCFAB6239730} - System32\Tasks\Opera scheduled Autoupdate 1473547039 => C:\Program Files (x86)\Opera\launcher.exe [2016-10-24] (Opera Software) Task: {52766DE6-B5FB-4882-BD84-EB5CD733A6EF} - System32\Tasks\Application Starter - f1375f225883e83d52e8db9690775c3c => C:\Program Files (x86)\Innovative Solutions\DriverMax\innostp.exe [2016-10-10] (Innovative Solutions) Task: {583E3440-39FF-428A-9C19-BE1B7574A9F6} - System32\Tasks\Core Temp Autostart Jakub => C:\Program Files\Core Temp\Core Temp.exe [2016-10-12] () Task: {5901E426-7639-4FEC-A8EF-F2599D1B7ADC} - System32\Tasks\Online Application v2 On Guard => C:\Program Files (x86)\Microleaves\Online.io Application\Online-Guardian-v2.exe [2016-10-25] (Microleaves LTD) Task: {5E5A7BBA-FF7C-4FC3-90E8-69186EB798D4} - System32\Tasks\Traffic Exchange v2 OG => C:\Program Files (x86)\Microleaves\Traffic Exchange\Online-Guardian-v2.exe [2016-10-25] (Microleaves LTD) Task: {6130FF68-897A-4A2D-8477-1F5CEA72635D} - System32\Tasks\Online Application Guard => C:\Program Files (x86)\Microleaves\Online.io Application\Online-Guardian.exe [2016-08-17] (Microleaves LTD) Task: {699D060E-6449-4A17-84AF-6EAE371D6311} - System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2016-09-30] (NVIDIA Corporation) Task: {69B46549-1B6C-433C-9B63-51C63529FC94} - System32\Tasks\Online Application v2 Guardian => C:\Program Files (x86)\Microleaves\Online.io Application\Online-Guardian-v2.exe [2016-10-25] (Microleaves LTD) Task: {6A2993EB-4D38-45F5-BBB5-896304573F0B} - System32\Tasks\Traffic Exchange Updater => C:\Program Files (x86)\Microleaves\Traffic Exchange\Traffic Exchange Updater.exe [2016-10-25] (Microleaves) Task: {72C7D459-61AB-4BCB-8A0D-EECEFB341CBB} - System32\Tasks\Traffic Exchange v2 Guard => C:\Program Files (x86)\Microleaves\Traffic Exchange\Online-Guardian-v2.exe [2016-10-25] (Microleaves LTD) Task: {813E39D7-AE57-46E9-886A-69882E0D6FD5} - System32\Tasks\NvTmRepOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2016-09-30] (NVIDIA Corporation) Task: {88C97BCA-A9B2-4DE8-8A06-4A30A87E1E98} - System32\Tasks\Traffic Exchange v2 On Guard => C:\Program Files (x86)\Microleaves\Traffic Exchange\Online-Guardian-v2.exe [2016-10-25] (Microleaves LTD) Task: {8DD9104B-0386-4F36-A5E0-1E2516597865} - System32\Tasks\Online Application => C:\Program Files (x86)\Microleaves\Online.io Application\Online-Guardian.exe [2016-08-17] (Microleaves LTD) Task: {93E5603E-9AEC-455C-A19B-9349A8C0BF90} - System32\Tasks\1019595965 => Rundll32.exe "C:\ProgramData\1019595965\1019595965.dll",DllUnregisterServer <==== ATTENTION Task: {97D1A05B-9B3F-4839-8F0F-DB42BB6C61B8} - System32\Tasks\Online Application Updater => C:\Program Files (x86)\Microleaves\Online.io Application\Online Application Updater.exe [2016-10-25] (Microleaves) Task: {A6D6BBFE-00FE-423D-8082-FFEAC186DAC3} - System32\Tasks\Odkurzacz => D:\Odkurzacz\odkurzacz.exe Task: {A7B4CC1F-CD2A-420D-A581-1EC368407CD8} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [2016-09-30] (NVIDIA Corporation) Task: {AE514D7B-5630-4735-B3BF-944AD77170C1} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2016-09-30] (NVIDIA Corporation) Task: {B262F793-07C0-43EA-9B54-C05E353282E0} - System32\Tasks\Traffic Exchange => C:\Program Files (x86)\Microleaves\Traffic Exchange\Online-Guardian.exe [2016-08-17] (Microleaves LTD) Task: {C3203DBA-B387-474D-8B97-B11B8ADCDCCF} - System32\Tasks\Traffic Exchange Guardian => C:\Program Files (x86)\Microleaves\Traffic Exchange\Online-Guardian.exe [2016-08-17] (Microleaves LTD) Task: {C7FC58DA-29E0-4182-A1DB-346A63CBD81B} - System32\Tasks\Traffic Exchange v2 OnGuard => C:\Program Files (x86)\Microleaves\Traffic Exchange\Online-Guardian-v2.exe [2016-10-25] (Microleaves LTD) Task: {CBC5CB49-A8E0-4E9A-9C0B-6A779A99F6AB} - System32\Tasks\Online Application Guardian => C:\Program Files (x86)\Microleaves\Online.io Application\Online-Guardian.exe [2016-08-17] (Microleaves LTD) Task: {DACC89C2-B59E-4521-88A9-1CF0100DA3BD} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2016-09-30] (NVIDIA Corporation) Task: {F8D68E39-C8A7-4AA4-8F3D-972F4A6C4C6D} - System32\Tasks\Online Application v2 OnGuard => C:\Program Files (x86)\Microleaves\Online.io Application\Online-Guardian-v2.exe [2016-10-25] (Microleaves LTD) (If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.) ==================== Shortcuts ============================= (The entries could be listed to be restored or removed.) ==================== Loaded Modules (Whitelisted) ============== 2015-04-14 15:27 - 2015-04-14 15:27 - 00016896 _____ () C:\Program Files (x86)\Gigabyte\AppCenter\AdjustService.exe 2016-09-11 00:40 - 2016-09-30 06:24 - 04489152 _____ () C:\Program Files\NVIDIA Corporation\NvContainer\Poco.dll 2016-09-11 00:40 - 2016-09-30 06:24 - 01147328 _____ () C:\Program Files\NVIDIA Corporation\NvContainer\libprotobuf.dll 2016-09-11 00:40 - 2016-09-30 06:24 - 00418240 _____ () C:\Program Files\NVIDIA Corporation\NvContainer\plugins\LocalSystem\_nvspserviceplugin64.dll 2016-09-11 00:42 - 2016-10-22 08:04 - 00134712 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll 2016-09-16 16:35 - 2016-09-16 16:35 - 00076152 _____ () C:\Windows\system32\PnkBstrA.exe 2015-07-30 09:52 - 2015-07-30 09:52 - 01244456 _____ () C:\Program Files (x86)\Gigabyte\AppCenter\ApCent.exe 2016-09-14 21:31 - 2015-05-29 17:57 - 00089600 _____ () C:\Windows\SYSTEM32\CmdRtr64.DLL 2016-09-14 21:31 - 2015-05-29 17:56 - 00366080 _____ () C:\Windows\SYSTEM32\APOMgr64.DLL 2016-10-26 17:33 - 2016-10-24 15:44 - 00128486 _____ () C:\Users\Jakub\AppData\Local\Uwmjmedia\Windows_Activaton.exe 2014-01-21 13:36 - 2014-01-21 13:36 - 00015872 _____ () C:\Program Files (x86)\Gigabyte\CloudStation\RemoteControl\grckm.exe 2014-02-26 19:22 - 2014-02-26 19:22 - 00107008 _____ () C:\Program Files (x86)\Gigabyte\CloudStation\RemoteOC\ubssrv_oc_only.exe 2016-09-11 00:40 - 2016-09-29 19:20 - 00500792 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NvSpCapsAPINode.node 2016-09-11 00:40 - 2016-09-29 19:20 - 00255936 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\DriverInstall.node 2016-09-11 00:40 - 2016-09-29 19:20 - 02801208 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\Downloader.node 2016-09-11 00:40 - 2016-09-29 19:20 - 00244672 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NvGameShareAPINode.node 2016-09-11 00:40 - 2016-09-29 19:20 - 00430648 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NvGalleryAPINode.node 2016-09-11 00:40 - 2016-09-29 19:20 - 00336832 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVAccountAPINode.node 2016-09-11 00:40 - 2016-09-29 19:20 - 00373696 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NvCameraAPINode.node 2016-10-26 17:35 - 2016-10-26 17:35 - 01331200 _____ () C:\Users\Jakub\AppData\Local\Ulpjmedia\tcxtyxkl.dll 2016-09-11 00:40 - 2016-09-30 06:24 - 00018880 _____ () C:\Program Files (x86)\NVIDIA Corporation\Update Core\detoured.dll 2014-01-22 13:53 - 2014-01-22 13:53 - 01607680 _____ () C:\Program Files (x86)\Gigabyte\AppCenter\BDR_info.dll 2015-02-16 10:47 - 2015-02-16 10:47 - 00105472 _____ () C:\Program Files (x86)\Gigabyte\AppCenter\ycc.dll 2016-09-11 00:40 - 2016-09-30 06:23 - 60817344 _____ () C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\libcef.dll 2016-10-26 17:34 - 2016-10-26 17:34 - 01311232 _____ () C:\Users\Jakub\AppData\Local\Uwmjmedia\vtpjosvd.dll 2015-02-16 10:47 - 2015-02-16 10:47 - 00105472 _____ () C:\Program Files (x86)\Gigabyte\CloudStation\RemoteOC\ycc.dll 2015-05-19 10:44 - 2015-05-19 10:44 - 01911296 _____ () C:\Program Files (x86)\Gigabyte\CloudStation\RemoteOC\MFCSPD.dll 2015-02-25 14:15 - 2015-02-25 14:15 - 01243936 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll 2016-10-27 14:29 - 2016-10-27 14:29 - 66011856 _____ () C:\Program Files (x86)\Opera\41.0.2353.46\opera.dll 2016-10-27 14:29 - 2016-10-27 14:29 - 01888464 _____ () C:\Program Files (x86)\Opera\41.0.2353.46\libglesv2.dll 2016-10-27 14:29 - 2016-10-27 14:29 - 00094416 _____ () C:\Program Files (x86)\Opera\41.0.2353.46\libegl.dll 2016-10-20 00:38 - 2016-09-08 05:14 - 00784672 _____ () e:\Programy\Steam\SDL2.dll 2016-10-20 00:38 - 2016-09-01 03:02 - 04969248 _____ () e:\Programy\Steam\v8.dll 2016-10-20 00:38 - 2016-10-13 03:58 - 02321696 _____ () e:\Programy\Steam\video.dll 2016-10-20 00:38 - 2016-09-01 03:02 - 01563936 _____ () e:\Programy\Steam\icui18n.dll 2016-10-20 00:38 - 2016-09-01 03:02 - 01195296 _____ () e:\Programy\Steam\icuuc.dll 2016-10-20 00:38 - 2016-01-27 09:49 - 02549760 _____ () e:\Programy\Steam\libavcodec-56.dll 2016-10-20 00:38 - 2016-01-27 09:49 - 00491008 _____ () e:\Programy\Steam\libavformat-56.dll 2016-10-20 00:38 - 2016-01-27 09:49 - 00332800 _____ () e:\Programy\Steam\libavresample-2.dll 2016-10-20 00:38 - 2016-01-27 09:49 - 00442880 _____ () e:\Programy\Steam\libavutil-54.dll 2016-10-20 00:38 - 2016-01-27 09:49 - 00485888 _____ () e:\Programy\Steam\libswscale-3.dll 2016-10-20 00:38 - 2016-10-13 03:58 - 00836896 _____ () E:\Programy\Steam\bin\chromehtml.DLL 2016-10-20 00:38 - 2016-07-05 00:17 - 00266560 _____ () e:\Programy\Steam\openvr_api.dll 2016-10-20 00:38 - 2016-08-04 22:56 - 49825056 _____ () E:\Programy\Steam\bin\cef\cef.winxp\libcef.dll ==================== Alternate Data Streams (Whitelisted) ========= (If an entry is included in the fixlist, only the ADS will be removed.) ==================== Safe Mode (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.) HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Hamachi2Svc => ""="Service" ==================== Association (Whitelisted) =============== (If an entry is included in the fixlist, the registry item will be restored to default or removed.) ==================== Internet Explorer trusted/restricted =============== (If an entry is included in the fixlist, it will be removed from the registry.) ==================== Hosts content: ========================== (If needed Hosts: directive could be included in the fixlist to reset Hosts.) 2013-08-22 15:25 - 2016-10-25 18:01 - 00001006 ____A C:\Windows\system32\Drivers\etc\hosts 127.0.0.1 down.baidu2016.com 127.0.0.1 123.sogou.com 127.0.0.1 www.czzsyzgm.com 127.0.0.1 www.czzsyzxl.com 127.0.0.1 union.baidu2019.com ==================== Other Areas ============================ (Currently there is no automatic fix for this section.) HKU\S-1-5-21-529898959-3016096094-2671212967-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Jakub\AppData\Local\Microsoft\Windows\Themes\RoamedThemeFiles\DesktopBackground\psx_20160719_230759.jpg DNS Servers: 192.168.0.1 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1) Windows Firewall is enabled. ==================== MSCONFIG/TASK MANAGER disabled items == HKLM\...\StartupApproved\Run32: => "Sound Blaster X-Fi MB 3" ==================== FirewallRules (Whitelisted) =============== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139 FirewallRules: [{28A1B63B-F76D-45A6-8EA0-72C5C80CA0E9}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\NvContainer.exe FirewallRules: [{A2F74B46-790C-4E65-B734-C7B7FD71D6C7}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\NvContainer.exe FirewallRules: [{03979E9A-CBFA-4EBD-93E9-07CC442FF5A0}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe FirewallRules: [{BD71E367-9B41-46A9-8F84-79CF8EBE7EB0}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe FirewallRules: [{6AB6E384-B2B2-4C5A-89C5-3CE5F76EBF5C}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe FirewallRules: [{1712EFA9-1DFF-4E9E-9F28-10E97B1CEB29}] => (Allow) C:\Program Files\KMSpico\KMSELDI.exe FirewallRules: [{7E342427-D3F9-441D-BA12-FF1F9FF086CF}] => (Allow) C:\Program Files\KMSpico\KMSELDI.exe FirewallRules: [{4AA795BE-D7E0-447D-AE5D-2A1D93AE7350}] => (Allow) C:\Program Files\KMSpico\AutoPico.exe FirewallRules: [{CCB1CDE4-0DBE-4343-A0D8-DB05A69450B3}] => (Allow) C:\Program Files\KMSpico\AutoPico.exe FirewallRules: [{5A9117FD-CC58-4AB5-8705-06F0CD2C276F}] => (Allow) C:\Program Files\KMSpico\KMSELDI.exe FirewallRules: [{43633C84-D9FE-4D0D-9949-6971BDE50EA0}] => (Allow) C:\Program Files\KMSpico\KMSELDI.exe FirewallRules: [{27FCCB06-29E6-4EFD-803A-984DF0C25266}] => (Allow) C:\Program Files\KMSpico\AutoPico.exe FirewallRules: [{9202C21F-B7EE-43BD-9777-ABD0AEE8A43A}] => (Allow) C:\Program Files\KMSpico\AutoPico.exe FirewallRules: [{0B85E164-59D7-4714-A92A-9A4759904326}] => (Allow) C:\Program Files\KMSpico\Service_KMS.exe FirewallRules: [{A7E57B07-CE25-40DC-85BD-EDA9C6A3C3F9}] => (Allow) C:\Program Files\KMSpico\Service_KMS.exe FirewallRules: [{DEE08B8E-90D0-4376-BD2A-536F9236DE2D}] => (Allow) D:\Programy\Steam\Steam.exe FirewallRules: [{3C93B470-A36B-4F4D-8460-3F9AF61F6CC4}] => (Allow) D:\Programy\Steam\Steam.exe FirewallRules: [{3FB0DE5C-59B9-4FAA-BC3D-BEB48E85A739}] => (Allow) D:\Programy\Steam\bin\steamwebhelper.exe FirewallRules: [{3BFDC8F6-4181-42DA-9C8C-227311A1965B}] => (Allow) D:\Programy\Steam\bin\steamwebhelper.exe FirewallRules: [{5D2DEEA6-49E4-4106-AE31-7CE0108478AB}] => (Allow) D:\Programy\Steam\steamapps\common\Grand Theft Auto V\GTAVLauncher.exe FirewallRules: [{B1477AEE-8D5E-438A-8697-1279DB835CBB}] => (Allow) D:\Programy\Steam\steamapps\common\Grand Theft Auto V\GTAVLauncher.exe FirewallRules: [TCP Query User{6F6EC05C-8ACD-46C4-B71B-76882EF521D2}D:\programy\steam\steamapps\common\grand theft auto v\gta5.exe] => (Allow) D:\programy\steam\steamapps\common\grand theft auto v\gta5.exe FirewallRules: [UDP Query User{A731A3F9-B79B-4080-82D4-CC4F5BE18737}D:\programy\steam\steamapps\common\grand theft auto v\gta5.exe] => (Allow) D:\programy\steam\steamapps\common\grand theft auto v\gta5.exe FirewallRules: [{65DA5B1E-743C-41F7-9C36-F6960E0F9888}] => (Allow) C:\Program Files\KMSpico\Service_KMS.exe FirewallRules: [{73CACF62-D619-48DB-AE31-581C6745D96F}] => (Allow) C:\Program Files\KMSpico\Service_KMS.exe FirewallRules: [{F0295439-8BC9-4556-A1CF-EFED2331E947}] => (Allow) D:\Programy\Steam\steamapps\common\Half-Life\hl.exe FirewallRules: [{809A7CB7-D7D8-465A-8EF5-E36A2BCAABCF}] => (Allow) D:\Programy\Steam\steamapps\common\Half-Life\hl.exe FirewallRules: [{6FE590AE-0594-4B54-ACA9-D2B1ECE1C986}] => (Allow) D:\Programy\The Crew (Worldwide)\TheCrew.exe FirewallRules: [{1556310F-664C-4D1B-B23C-BF12CFAF48F7}] => (Allow) D:\Programy\The Crew (Worldwide)\TheCrew.exe FirewallRules: [{B306F177-C475-4B80-AB98-B472A144BBDD}] => (Allow) D:\Programy\Steam\steamapps\common\Rust\Rust.exe FirewallRules: [{43D9CA28-AD2B-4871-9351-64BCAC8017C9}] => (Allow) D:\Programy\Steam\steamapps\common\Rust\Rust.exe FirewallRules: [{2925BBF4-8CBE-419F-A08F-0C87D1CE9402}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe FirewallRules: [{B873B3A2-308E-4601-88A0-73FCDCE0F1E9}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe FirewallRules: [{CD233198-F9BF-4F25-ADA3-13EE6A197E0C}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe FirewallRules: [{630987B8-75F4-4C6F-BAFE-92D55BDF40C5}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe FirewallRules: [{DBC1CCC0-91A0-48A8-BF39-61AB722B94EC}] => (Allow) C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\SonarHost.exe FirewallRules: [{29B74B35-51B4-480E-9A5B-007916D3D9D3}] => (Allow) C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\SonarHost.exe FirewallRules: [{64502AB3-8F31-4F5E-A563-2CC27A9C064D}] => (Allow) D:\Program Files (x86)\Origin Games\Battlefield 4\BF4WebHelper.exe FirewallRules: [{160D2554-53EA-43AE-B755-57E3637EBC3D}] => (Allow) D:\Program Files (x86)\Origin Games\Battlefield 4\BF4WebHelper.exe FirewallRules: [{1D36851B-DDD4-41A7-AFED-817167485F04}] => (Allow) D:\Program Files (x86)\Origin Games\Battlefield 4\BF4X86WebHelper.exe FirewallRules: [{E6B7CC46-F0E5-4D02-836C-975C355AAC06}] => (Allow) D:\Program Files (x86)\Origin Games\Battlefield 4\BF4X86WebHelper.exe FirewallRules: [TCP Query User{ACB96A03-02A9-4067-8321-CE7152BBBDC9}D:\program files (x86)\origin games\battlefield 4\bf4.exe] => (Allow) D:\program files (x86)\origin games\battlefield 4\bf4.exe FirewallRules: [UDP Query User{58D7DD87-37E6-4D9C-859C-5AA0925430FB}D:\program files (x86)\origin games\battlefield 4\bf4.exe] => (Allow) D:\program files (x86)\origin games\battlefield 4\bf4.exe FirewallRules: [{313B7D58-0EDF-4B24-A3E3-7ED708979AB8}] => (Allow) D:\Programy\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe FirewallRules: [{E407EED7-91DC-42B2-9481-996B03BF8E02}] => (Allow) D:\Programy\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe FirewallRules: [{4D9AF052-FE09-4D06-B2CB-0B5BDE613C8E}] => (Allow) D:\Programy\Steam\steamapps\common\Stranded Deep\Stranded_Deep_x64.exe FirewallRules: [{D7C4109E-3E55-4DA6-A8FC-44C698ABA8DD}] => (Allow) D:\Programy\Steam\steamapps\common\Stranded Deep\Stranded_Deep_x64.exe FirewallRules: [TCP Query User{18CC00F9-7C7E-439B-811C-6C4F33BC1827}C:\users\jakub\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\jakub\appdata\roaming\utorrent\utorrent.exe FirewallRules: [UDP Query User{78B61D86-08F8-447A-BD82-A4CC8EF260B8}C:\users\jakub\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\jakub\appdata\roaming\utorrent\utorrent.exe FirewallRules: [TCP Query User{C4CA8B8F-0735-4F64-9599-3FEE54A5BF95}C:\gog games\dying light\dyinglightgame.exe] => (Allow) C:\gog games\dying light\dyinglightgame.exe FirewallRules: [UDP Query User{C54DE527-C784-4F00-BF47-9FD2DAF0D354}C:\gog games\dying light\dyinglightgame.exe] => (Allow) C:\gog games\dying light\dyinglightgame.exe FirewallRules: [{A2B23C43-588C-409E-894A-8E9FD897FAC8}] => (Allow) D:\Programy\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x86\eurotrucks2.exe FirewallRules: [{1D943914-F819-470F-A69D-0AC3A92CBB6D}] => (Allow) D:\Programy\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x86\eurotrucks2.exe FirewallRules: [{6B6472AF-B9E9-44B5-92C8-9EDA26C51224}] => (Allow) D:\Programy\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x64\eurotrucks2.exe FirewallRules: [{954C9059-3216-45C3-BEF8-C402C3FB2FCC}] => (Allow) D:\Programy\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x64\eurotrucks2.exe FirewallRules: [TCP Query User{20FEB6D1-EC4A-4B4C-A9D7-13384278737D}C:\program files (x86)\gigabyte\appcenter\gbupdate.exe] => (Allow) C:\program files (x86)\gigabyte\appcenter\gbupdate.exe FirewallRules: [UDP Query User{F037F277-BF4F-4828-AE82-8A2E3F9D2F47}C:\program files (x86)\gigabyte\appcenter\gbupdate.exe] => (Allow) C:\program files (x86)\gigabyte\appcenter\gbupdate.exe FirewallRules: [{81550F19-6CE5-46AA-9FE1-6C37714D5C4D}] => (Block) C:\program files (x86)\gigabyte\appcenter\gbupdate.exe FirewallRules: [{C1C2763A-318C-404F-A885-CD90A93C68F8}] => (Block) C:\program files (x86)\gigabyte\appcenter\gbupdate.exe FirewallRules: [{1CA300BD-1CD7-4A68-B524-4E992AE11E3F}] => (Allow) D:\Programy\Steam\steamapps\common\The Forest\TheForest.exe FirewallRules: [{0EE8386C-829C-4319-A4E1-1D60FF22BCF4}] => (Allow) D:\Programy\Steam\steamapps\common\The Forest\TheForest.exe FirewallRules: [{03765938-550D-48A5-BE3E-32214DDF22A1}] => (Allow) D:\Programy\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x86\eurotrucks2.exe FirewallRules: [{C444C33B-62CE-4B93-A365-DDE0676A9E42}] => (Allow) D:\Programy\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x86\eurotrucks2.exe FirewallRules: [{94C0570B-EFCD-4BE0-87F5-4BF84CAAAF38}] => (Allow) D:\Programy\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x64\eurotrucks2.exe FirewallRules: [{06C4676D-8D06-4D26-81F1-A7B11861993D}] => (Allow) D:\Programy\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x64\eurotrucks2.exe FirewallRules: [{909112C3-3955-4A18-B5B1-735BFADA18E6}] => (Allow) E:\Programy\Steam\Steam.exe FirewallRules: [{B48D3B8A-E861-4603-88EA-E96B23B03E87}] => (Allow) E:\Programy\Steam\Steam.exe FirewallRules: [{EA3AEF8C-772C-4E83-A991-50A34E69BB75}] => (Allow) E:\Programy\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe FirewallRules: [{80FE4924-14E3-4859-AF45-031D6D632B89}] => (Allow) E:\Programy\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe FirewallRules: [{38A7F284-A75C-46D7-B4A7-ED468897AFC1}] => (Allow) E:\Programy\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x86\eurotrucks2.exe FirewallRules: [{5A657844-7B1F-4B41-9616-0327363E7398}] => (Allow) E:\Programy\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x86\eurotrucks2.exe FirewallRules: [{5BD44A35-33E6-4DAF-A6BA-D6975274A474}] => (Allow) E:\Programy\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x64\eurotrucks2.exe FirewallRules: [{F4EAC634-9D0B-49AC-B579-246FF2D31546}] => (Allow) E:\Programy\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x64\eurotrucks2.exe FirewallRules: [{27F03FC2-A4C8-4375-B880-068941C0B65C}] => (Allow) C:\Windows\system32\rundll32.exe FirewallRules: [{1C7597DD-9F1D-469C-8EB8-7CAD9146F125}] => (Allow) C:\Users\Jakub\AppData\Local\Amigo\Application\amigo.exe FirewallRules: [TCP Query User{D68417F6-8AD9-423F-B009-74D016DE454A}E:\programy\steam\steamapps\common\grand theft auto v\gta5.exe] => (Allow) E:\programy\steam\steamapps\common\grand theft auto v\gta5.exe FirewallRules: [UDP Query User{D103A37E-69A4-4BA9-84F2-408876A4D163}E:\programy\steam\steamapps\common\grand theft auto v\gta5.exe] => (Allow) E:\programy\steam\steamapps\common\grand theft auto v\gta5.exe FirewallRules: [{A32A96B1-EB68-4380-85AD-F69EA1B851ED}] => (Block) E:\programy\steam\steamapps\common\grand theft auto v\gta5.exe FirewallRules: [{79F6219C-A05B-4BDC-84B8-0C338751AF15}] => (Block) E:\programy\steam\steamapps\common\grand theft auto v\gta5.exe FirewallRules: [{27B18D30-1973-4BB9-8442-A38669B54492}] => (Allow) C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\SonarHost.exe FirewallRules: [{AD2A04B1-984B-4BE2-9564-73F5556176CE}] => (Allow) C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\SonarHost.exe FirewallRules: [{2316BEC4-132B-4A6B-BE27-47A1590616E4}] => (Allow) E:\Program Files (x86)\Origin Games\Battlefield 4\BF4WebHelper.exe FirewallRules: [{6B3F918E-81F1-4B62-8BE7-BECCDA5463A0}] => (Allow) E:\Program Files (x86)\Origin Games\Battlefield 4\BF4WebHelper.exe FirewallRules: [{F0534090-CE5A-4DA6-BA85-056EF220ED41}] => (Allow) E:\Program Files (x86)\Origin Games\Battlefield 4\BF4X86WebHelper.exe FirewallRules: [{BC9E6B8C-7D15-4BDA-9E0D-69ECC092CCEC}] => (Allow) E:\Program Files (x86)\Origin Games\Battlefield 4\BF4X86WebHelper.exe FirewallRules: [{2293AE89-8D04-4F49-9FBC-86A15783893E}] => (Allow) C:\Program Files (x86)\Gigabyte\CloudStation\HomeCloud\HCLOUD.exe FirewallRules: [{B079537F-D211-462F-B23E-6FEE4B206DCB}] => (Allow) C:\Program Files (x86)\Gigabyte\CloudStation\RemoteOC\ubssrv_oc_only.exe FirewallRules: [{E7D1A5FE-5DE2-4F80-9F9F-595AF61B2CA7}] => (Allow) C:\Program Files (x86)\Gigabyte\CloudStation\RemoteControl\grckm.exe FirewallRules: [{A9440F0B-2D3D-4E78-B5D4-ACD87EDE6819}] => (Allow) LPort=1980 FirewallRules: [{D1138C84-CA77-45B8-B110-B93E96D71316}] => (Allow) LPort=1900 FirewallRules: [{EC19B602-E635-4937-9F50-984491C397B5}] => (Allow) LPort=1900 FirewallRules: [{AAE90D79-9AFB-41C1-8985-DF0BA919491D}] => (Allow) LPort=8151 FirewallRules: [{13F21699-B3FD-4350-B46A-F6CDF1EB5D4E}] => (Allow) C:\Windows\System32\rundll32.exe FirewallRules: [{164EB40B-3C8C-4EE3-9AA8-198AD6FE57F8}] => (Allow) C:\Windows\System32\rundll32.exe ==================== Restore Points ========================= 26-10-2016 17:29:54 DMX_DriverMax Driver Installation 26-10-2016 17:31:09 DMX_DriverMax Driver Installation 26-10-2016 18:18:36 Zainstalowany program DirectX 26-10-2016 18:19:16 Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 26-10-2016 18:19:21 Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 26-10-2016 18:20:19 Zainstalowany program DirectX 26-10-2016 18:20:51 Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 26-10-2016 18:20:56 Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 27-10-2016 14:28:04 Zainstalowany program DirectX 27-10-2016 14:29:10 Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 27-10-2016 14:29:14 Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 ==================== Faulty Device Manager Devices ============= Name: Standardowa klawiatura PS/2 Description: Standardowa klawiatura PS/2 Class Guid: {4d36e96b-e325-11ce-bfc1-08002be10318} Manufacturer: (Klawiatury standardowe) Service: i8042prt Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24) Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed. Devices stay in this state if they have been prepared for removal. After you remove the device, this error disappears.Remove the device, and this error should be resolved. ==================== Event log errors: ========================= Application errors: ================== Error: (10/27/2016 04:00:01 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Nazwa aplikacji powodującej błąd: rundll32.exe_1019595965.dll, wersja: 6.3.9600.17415, sygnatura czasowa: 0x54504eb8 Nazwa modułu powodującego błąd: 1019595965.dll, wersja: 0.0.0.0, sygnatura czasowa: 0x5805428d Kod wyjątku: 0xc0000005 Przesunięcie błędu: 0x0000000000020f44 Identyfikator procesu powodującego błąd: 0x14c8 Godzina uruchomienia aplikacji powodującej błąd: 0x01d2305a682e8b2a Ścieżka aplikacji powodującej błąd: C:\Windows\system32\rundll32.exe Ścieżka modułu powodującego błąd: C:\ProgramData\1019595965\1019595965.dll Identyfikator raportu: a67f9c85-9c4d-11e6-8290-74d435e5c7c4 Pełna nazwa pakietu powodującego błąd: Identyfikator aplikacji względem pakietu powodującego błąd: Error: (10/27/2016 03:54:11 PM) (Source: Steam Client Service) (EventID: 1) (User: ) Description: Error: Failed to add firewall exception for e:\Programy\Steam\bin\steamwebhelper.exe Error: (10/27/2016 03:46:59 PM) (Source: Software Protection Platform Service) (EventID: 8198) (User: ) Description: Aktywacja licencji (slui.exe) nie powiodła się, kod błędu: hr=0xC004F074 Argumenty wiersza polecenia: RuleId=eeba1977-569e-4571-b639-7623d8bfecc0;Action=AutoActivate;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=c06b6981-d7fd-4a35-b7b4-054742b7af67;NotificationInterval=1440;Trigger=NetworkAvailable Error: (10/27/2016 03:46:58 PM) (Source: Software Protection Platform Service) (EventID: 8198) (User: ) Description: Aktywacja licencji (slui.exe) nie powiodła się, kod błędu: hr=0xC004F074 Argumenty wiersza polecenia: RuleId=eeba1977-569e-4571-b639-7623d8bfecc0;Action=AutoActivate;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=c06b6981-d7fd-4a35-b7b4-054742b7af67;NotificationInterval=1440;Trigger=NetworkAvailable Error: (10/27/2016 03:46:54 PM) (Source: thermald) (EventID: 0) (User: ) Description: System.InvalidOperationException: Dokument XML zawiera błąd (0, 0). ---> System.Xml.XmlException: Brak elementu głównego. w System.Xml.XmlTextReaderImpl.Throw(Exception e) w System.Xml.XmlTextReaderImpl.ParseDocumentContent() w System.Xml.XmlTextReaderImpl.Read() w System.Xml.XmlTextReader.Read() w System.Xml.XmlReader.MoveToContent() w Microsoft.Xml.Serialization.GeneratedAssembly.XmlSerializationReaderSmartFanConfig.Read6_SmartFanConfig() --- Koniec śladu stosu wyjątków wewnętrznych --- w System.Xml.Serialization.XmlSerializer.Deserialize(XmlReader xmlReader, String encodingStyle, XmlDeserializationEvents events) w System.Xml.Serialization.XmlSerializer.Deserialize(TextReader textReader) w Gigabyte.Xml.XmlGenerater.SerializeObjectFromXML[T](String FilePath) w Gigabyte.EnvironemntControl.Sensor.SmartFanConfigFile.Read(SmartFanConfig& pFanConfig) w Gigabyte.EnvironemntControl.CoolingDevice.Fan.FanControlProfileEx.ReadFanConfig(Int32 fanControlIndex, SmartFanConfig& pFanConfig) w Gigabyte.EnvironemntControl.CoolingDevice.Fan.FanControl.ReadFanConfigFromProfile(Int32 fanControlIndex, SmartFanConfig& pFanConfig) w thermald.MainWindow.RetrieveSmartFanConfigs(List`1& pSmartFanConfigs) w thermald.MainWindow.InitHardwareMonitorObjects() Error: (10/27/2016 03:46:54 PM) (Source: thermald) (EventID: 0) (User: ) Description: System.InvalidOperationException: Dokument XML zawiera błąd (0, 0). ---> System.Xml.XmlException: Brak elementu głównego. w System.Xml.XmlTextReaderImpl.Throw(Exception e) w System.Xml.XmlTextReaderImpl.ParseDocumentContent() w System.Xml.XmlTextReaderImpl.Read() w System.Xml.XmlTextReader.Read() w System.Xml.XmlReader.MoveToContent() w Microsoft.Xml.Serialization.GeneratedAssembly.XmlSerializationReaderSmartFanConfig.Read6_SmartFanConfig() --- Koniec śladu stosu wyjątków wewnętrznych --- w System.Xml.Serialization.XmlSerializer.Deserialize(XmlReader xmlReader, String encodingStyle, XmlDeserializationEvents events) w System.Xml.Serialization.XmlSerializer.Deserialize(TextReader textReader) w Gigabyte.Xml.XmlGenerater.SerializeObjectFromXML[T](String FilePath) w Gigabyte.EnvironemntControl.Sensor.SmartFanConfigFile.Read(SmartFanConfig& pFanConfig) w Gigabyte.EnvironemntControl.CoolingDevice.Fan.FanControlProfileEx.ReadFanConfig(Int32 fanControlIndex, SmartFanConfig& pFanConfig) w Gigabyte.EnvironemntControl.CoolingDevice.Fan.FanControl.ReadFanConfigFromProfile(Int32 fanControlIndex, SmartFanConfig& pFanConfig) w thermald.MainWindow.RetrieveSmartFanConfigs(List`1& pSmartFanConfigs) Error: (10/27/2016 03:46:51 PM) (Source: Software Protection Platform Service) (EventID: 8198) (User: ) Description: Aktywacja licencji (slui.exe) nie powiodła się, kod błędu: hr=0xC004F074 Argumenty wiersza polecenia: RuleId=eeba1977-569e-4571-b639-7623d8bfecc0;Action=AutoActivate;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=c06b6981-d7fd-4a35-b7b4-054742b7af67;NotificationInterval=1440;Trigger=UserLogon;SessionId=1 Error: (10/27/2016 03:46:02 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Nazwa aplikacji powodującej błąd: rundll32.exe_1019595965.dll, wersja: 6.3.9600.17415, sygnatura czasowa: 0x54504eb8 Nazwa modułu powodującego błąd: 1019595965.dll, wersja: 0.0.0.0, sygnatura czasowa: 0x5805428d Kod wyjątku: 0xc0000005 Przesunięcie błędu: 0x0000000000020f44 Identyfikator procesu powodującego błąd: 0x5bc Godzina uruchomienia aplikacji powodującej błąd: 0x01d230586a270cc5 Ścieżka aplikacji powodującej błąd: C:\Windows\system32\rundll32.exe Ścieżka modułu powodującego błąd: C:\ProgramData\1019595965\1019595965.dll Identyfikator raportu: b28280e0-9c4b-11e6-8290-74d435e5c7c4 Pełna nazwa pakietu powodującego błąd: Identyfikator aplikacji względem pakietu powodującego błąd: Error: (10/27/2016 03:46:01 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Nazwa aplikacji powodującej błąd: HCLOUD.exe, wersja: 1.0.0.0, sygnatura czasowa: 0x56cec891 Nazwa modułu powodującego błąd: KERNELBASE.dll, wersja: 6.3.9600.18340, sygnatura czasowa: 0x5736541b Kod wyjątku: 0xe0434352 Przesunięcie błędu: 0x00014878 Identyfikator procesu powodującego błąd: 0x6f4 Godzina uruchomienia aplikacji powodującej błąd: 0x01d230586a486e58 Ścieżka aplikacji powodującej błąd: C:\Program Files (x86)\Gigabyte\CloudStation\HomeCloud\HCLOUD.exe Ścieżka modułu powodującego błąd: C:\Windows\SYSTEM32\KERNELBASE.dll Identyfikator raportu: b1d46e56-9c4b-11e6-8290-74d435e5c7c4 Pełna nazwa pakietu powodującego błąd: Identyfikator aplikacji względem pakietu powodującego błąd: Error: (10/27/2016 03:45:46 PM) (Source: .NET Runtime) (EventID: 1026) (User: ) Description: Application: HCLOUD.exe Framework Version: v4.0.30319 Description: The process was terminated due to an unhandled exception. Exception Info: System.Net.HttpListenerException Stack: at System.Net.HttpListener.Start() at NETWORK_LIB.HttpServer.HTTP_Listener() at System.Threading.ThreadHelper.ThreadStart_Context(System.Object) at System.Threading.ExecutionContext.RunInternal(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean) at System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean) at System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object) at System.Threading.ThreadHelper.ThreadStart() System errors: ============= Error: (10/27/2016 03:46:14 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Nie można uruchomić usługi Origin Web Helper Service z powodu następującego błędu: Usługa nie odpowiada na sygnał uruchomienia lub sygnał sterujący w oczekiwanym czasie. Error: (10/27/2016 03:46:14 PM) (Source: Service Control Manager) (EventID: 7009) (User: ) Description: Upłynął limit czasu (30000 ms) podczas oczekiwania na połączenie się z usługą Origin Web Helper Service. Error: (10/27/2016 03:45:46 PM) (Source: HTTP) (EventID: 15005) (User: ) Description: Nie można powiązać z leżącą niżej warstwą transportową dla 169.254.113.132:8151. Na liście IP tylko-do-nasłuchu mogą znajdować się odwołania do interfejsu, który nie istnieje na tym komputerze. Numer błędu znajduje się w polu danych. Error: (10/27/2016 03:45:44 PM) (Source: EventLog) (EventID: 6008) (User: ) Description: Poprzednie zamknięcie systemu przy 15:34:48 na ‎27/‎10/‎2016 było nieoczekiwane. Error: (10/27/2016 03:35:19 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Nie można uruchomić usługi Origin Web Helper Service z powodu następującego błędu: Usługa nie odpowiada na sygnał uruchomienia lub sygnał sterujący w oczekiwanym czasie. Error: (10/27/2016 03:35:19 PM) (Source: Service Control Manager) (EventID: 7009) (User: ) Description: Upłynął limit czasu (30000 ms) podczas oczekiwania na połączenie się z usługą Origin Web Helper Service. Error: (10/27/2016 03:34:25 PM) (Source: Microsoft-Windows-Ntfs) (EventID: 98) (User: NT AUTHORITY) Description: E:\Device\HarddiskVolume63 Error: (10/27/2016 03:34:48 PM) (Source: BugCheck) (EventID: 1001) (User: ) Description: Nastąpił ponowny rozruch komputera po operacji wykrywania błędów. Wyniki tej operacji były następujące: 0x00000109 (0xa3a01f5a0a68b502, 0xb3b72be05ce8b6c1, 0xffffd000ef46efc0, 0x0000000000000002). Zrzut zapisano w: C:\Windows\MEMORY.DMP. Identyfikator raportu: 102716-32906-01. Error: (10/27/2016 03:34:48 PM) (Source: EventLog) (EventID: 6008) (User: ) Description: Poprzednie zamknięcie systemu przy 15:04:35 na ‎27/‎10/‎2016 było nieoczekiwane. Error: (10/27/2016 03:14:07 PM) (Source: Microsoft-Windows-Ntfs) (EventID: 98) (User: NT AUTHORITY) Description: E:\Device\HarddiskVolume63 CodeIntegrity: =================================== Date: 2016-10-20 22:33:22.834 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\sfc_os.dll because the set of per-page image hashes could not be found on the system. ==================== Memory info =========================== Processor: Intel(R) Core(TM) i5-4690K CPU @ 3.50GHz Percentage of memory in use: 33% Total physical RAM: 8076.8 MB Available physical RAM: 5384.83 MB Total Virtual: 16268.8 MB Available Virtual: 13211.64 MB ==================== Drives ================================ Drive c: () (Fixed) (Total:119.14 GB) (Free:68.6 GB) NTFS Drive e: () (Fixed) (Total:931 GB) (Free:718.5 GB) NTFS ==================== MBR & Partition Table ================== ======================================================== Disk: 0 (Size: 119.2 GB) (Disk ID: 0237546E) Partition: GPT. ======================================================== Disk: 1 (Size: 931.5 GB) (Disk ID: 25BA2AF1) Partition: GPT. ==================== End of Addition.txt ============================