Additional scan result of Farbar Recovery Scan Tool (x64) Version: 08-10-2017 Ran by Jakub K (09-10-2017 16:03:50) Running from C:\Users\Jakub K\Downloads Windows 10 Enterprise Version 1703 170317-1834 (X64) (2017-08-04 23:40:48) Boot Mode: Normal ========================================================== ==================== Accounts: ============================= Administrator (S-1-5-21-731887816-562859636-3255986779-500 - Administrator - Disabled) DefaultAccount (S-1-5-21-731887816-562859636-3255986779-503 - Limited - Disabled) Guest (S-1-5-21-731887816-562859636-3255986779-501 - Limited - Disabled) Jakub K (S-1-5-21-731887816-562859636-3255986779-1001 - Administrator - Enabled) => C:\Users\Jakub K Nie Jakub (S-1-5-21-731887816-562859636-3255986779-1002 - Administrator - Enabled) => C:\Users\Nie Jakub ==================== Security Center ======================== (If an entry is included in the fixlist, it will be removed.) AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} ==================== Installed Programs ====================== (Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.) µTorrent (HKU\S-1-5-21-731887816-562859636-3255986779-1001\...\uTorrent) (Version: 3.5.0.44050 - BitTorrent Inc.) Adobe Acrobat Reader DC - Polish (HKLM-x32\...\{AC76BA86-7AD7-1045-7B44-AC0F074E4100}) (Version: 15.010.20059 - Adobe Systems Incorporated) Adobe Flash Player 23 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 23.0.0.162 - Adobe Systems Incorporated) Adobe Lightroom (HKLM-x32\...\{8048A5DF-8A70-5BE1-954B-E0FDE1BD0D0D}) (Version: 6.1.1 - Adobe Systems Incorporated) Adobe Photoshop CS6 (HKLM-x32\...\{D586BF67-0A61-4572-BE25-07B40C4CEDA1}) (Version: 13.0 - Adobe Systems Incorporated) Aktualizacje NVIDIA 25.6.0.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 25.6.0.0 - NVIDIA Corporation) Hidden Ansel (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Ansel) (Version: 382.05 - NVIDIA Corporation) Hidden Audacity 2.1.0 (HKLM-x32\...\Audacity_is1) (Version: 2.1.0 - Audacity Team) Battlefield™ 1 (HKLM-x32\...\{335B50BC-6130-4BAF-9A6A-F1561270587B}) (Version: 1.0.50.319 - Electronic Arts) Battlelog Web Plugins (HKLM-x32\...\Battlelog Web Plugins) (Version: 2.3.0 - EA Digital Illusions CE AB) Build Tools - amd64 (HKLM\...\{F74753A3-C93C-34F5-A199-993CAF602B7D}) (Version: 12.0.21005 - Microsoft Corporation) Hidden Build Tools - x86 (HKLM-x32\...\{FB3A15FD-FC67-3A2F-892B-6890B0C56EA9}) (Version: 12.0.21005 - Microsoft Corporation) Hidden Build Tools Language Resources - amd64 (HKLM\...\{05198C22-FFCE-374A-B190-9F18CC99DAEA}) (Version: 12.0.21005 - Microsoft Corporation) Hidden Build Tools Language Resources - x86 (HKLM-x32\...\{9347889B-C22A-3905-901F-C05D8F73C929}) (Version: 12.0.21005 - Microsoft Corporation) Hidden CameraHelperMsi (HKLM-x32\...\{15634701-BACE-4449-8B25-1567DA8C9FD3}) (Version: 13.51.815.0 - Logitech) Hidden CCleaner (HKLM\...\CCleaner) (Version: 5.30 - Piriform) Cheat Engine 6.6 (HKLM-x32\...\Cheat Engine 6.6_is1) (Version: - Cheat Engine) CPUID CPU-Z 1.75 (HKLM\...\CPUID CPU-Z_is1) (Version: - ) Discord (HKU\S-1-5-21-731887816-562859636-3255986779-1001\...\Discord) (Version: 0.0.297 - Hammer & Chisel, Inc.) erLT (HKLM-x32\...\{3EE9BCAE-E9A9-45E5-9B1C-83A4D357E05C}) (Version: 1.20.138.34 - Logitech, Inc.) Hidden ESN Sonar (HKLM-x32\...\ESN Sonar-0.70.4) (Version: 0.70.4 - ESN Social Software AB) foobar2000 v1.3.9 (HKLM-x32\...\foobar2000) (Version: 1.3.9 - Peter Pawlowski) FreeMouseAutoClicker 3.8.5 (HKLM-x32\...\{292F00C5-25EF-4FBE-9873-13EF1F69DEED}_is1) (Version: - Advanced Mouse Auto Clicker ltd.) GIMP 2.8.18 (HKLM\...\GIMP-2_is1) (Version: 2.8.18 - The GIMP Team) GOG Galaxy (HKLM-x32\...\{7258BA11-600C-430E-A759-27E2C691A335}_is1) (Version: - GOG.com) Google Chrome (HKLM-x32\...\Google Chrome) (Version: 61.0.3163.100 - Google Inc.) Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.5 - Google Inc.) Hidden Grand Theft Auto V (HKLM-x32\...\{E01FA564-2094-4833-8F2F-1FFEC6AFCC46}) (Version: "1.00.0000" - Rockstar Games) Hearts of Iron IV (HKLM\...\Steam App 394360) (Version: - Paradox Development Studio) Hearts of Iron IV Death or Dishonor (HKLM-x32\...\Hearts of Iron IV Death or Dishonor_is1) (Version: - ) Java 8 Update 121 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180121F0}) (Version: 8.0.1210.13 - Oracle Corporation) K-Lite Mega Codec Pack 12.3.5 (HKLM-x32\...\KLiteCodecPack_is1) (Version: 12.3.5 - KLCP) KMSpico (HKLM\...\{8B29D47F-92E2-4C20-9EE0-F710991F5D7C}_is1) (Version: - ) Kodi (HKU\S-1-5-21-731887816-562859636-3255986779-1001\...\Kodi) (Version: - XBMC-Foundation) Logitech Gaming Software 8.88 (HKLM\...\Logitech Gaming Software) (Version: 8.88.30 - Logitech Inc.) Logitech SetPoint 6.67 (HKLM\...\sp6) (Version: 6.67.83 - Logitech) Logitech Webcam Software (HKLM-x32\...\{D40EB009-0499-459c-A8AF-C9C110766215}) (Version: 2.80 - Logitech Inc.) Malwarebytes (wersja 3.1.2.1733) (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.1.2.1733 - Malwarebytes) Mass Effect™ 2 (HKLM-x32\...\{75D84EF7-0D8C-4e70-B3FA-7B42A5D4E0EB}) (Version: 1.2.1604.0 - Electronic Arts) Microsoft .NET Framework 4.5 Multi-Targeting Pack (HKLM-x32\...\{56E962F0-4FB0-3C67-88DB-9EAA6EEFC493}) (Version: 4.5.50710 - Microsoft Corporation) Microsoft .NET Framework 4.5 SDK (HKLM-x32\...\{4AE57014-05C4-4864-A13D-86517A7E1BA4}) (Version: 4.5.50710 - Microsoft Corporation) Microsoft .NET Framework 4.5.1 Multi-Targeting Pack (ENU) (HKLM-x32\...\{D3517C62-68A5-37CF-92F7-93C029A89681}) (Version: 4.5.50932 - Microsoft Corporation) Microsoft .NET Framework 4.5.1 Multi-Targeting Pack (HKLM-x32\...\{6A0C6700-EA93-372C-8871-DCCF13D160A4}) (Version: 4.5.50932 - Microsoft Corporation) Microsoft .NET Framework 4.5.1 SDK (HKLM-x32\...\{19A5926D-66E1-46FC-854D-163AA10A52D3}) (Version: 4.5.51641 - Microsoft Corporation) Microsoft Help Viewer 2.1 (HKLM-x32\...\Microsoft Help Viewer 2.1) (Version: 2.1.21005 - Microsoft Corporation) Microsoft Office Professional Plus 2016 - en-us (HKLM\...\ProPlusRetail - en-us) (Version: 16.0.8431.2079 - Microsoft Corporation) Microsoft OneDrive (HKU\S-1-5-21-731887816-562859636-3255986779-1001\...\OneDriveSetup.exe) (Version: 17.3.6998.0830 - Microsoft Corporation) Microsoft SQL Server 2008 Setup Support Files (HKLM-x32\...\{8F72E2D4-1E48-4534-8DB8-1E8E012899C6}) (Version: 10.3.5500.0 - Microsoft Corporation) Microsoft SQL Server 2012 Management Objects (HKLM-x32\...\{2F7DBBE6-8EBC-495C-9041-46A772F4E311}) (Version: 11.1.3000.0 - Microsoft Corporation) Microsoft System CLR Types for SQL Server 2012 (HKLM-x32\...\{070C38AC-05CE-43DF-9A20-141332F6AB2B}) (Version: 11.1.3366.16 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{052bac4a-6f79-46d4-a024-1ce1b4f73cd4}) (Version: 8.0.58299 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{f45b48a7-f616-4211-b927-17cab6a96613}) (Version: 8.0.58298 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2010 Redistributable - x64 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 Redistributable - x86 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 (HKLM-x32\...\{22154f09-719a-4619-bb71-5b3356999fbf}) (Version: 11.0.50727.1 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24215 (HKLM-x32\...\{d992c12e-cab2-426f-bde3-fb8c53950b0d}) (Version: 14.0.24215.1 - Microsoft Corporation) Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM-x32\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation) Microsoft Visual Studio 2013 Shell (Isolated) (HKLM-x32\...\{dd77c2ff-db69-44f7-9e5c-63aa540dfe07}) (Version: 12.0.21005.13 - Microsoft Corporation) Microsoft Windows Media Video 9 VCM (HKLM-x32\...\WMV9_VCM) (Version: - ) Microsoft Xbox 360 Accessories 1.2 (HKLM\...\{D9C50188-12D5-4D3E-8F00-682346C2AA5F}) (Version: 1.20.146.0 - Microsoft) Microsoft XNA Framework Redistributable 4.0 Refresh (HKLM-x32\...\{D69C8EDE-BBC5-436B-8E0E-C5A6D311CF4F}) (Version: 4.0.30901.0 - Microsoft Corporation) Minecraft (HKLM-x32\...\{1C16BCA3-EBC1-49F6-8623-8FBFB9CCC872}) (Version: 1.0.3.0 - Mojang) NapiProjekt (2.2.0.2399) (HKLM-x32\...\NapiProjekt_is1) (Version: - ) Nexus Mod Manager (HKLM\...\6af12c54-643b-4752-87d0-8335503010de_is1) (Version: 0.63.14 - Black Tree Gaming) NieR: Automata (HKLM-x32\...\NieR: Automata_is1) (Version: - ) Notepad++ (32-bit x86) (HKLM-x32\...\Notepad++) (Version: 7.4.2 - Notepad++ Team) NVIDIA GeForce Experience 3.7.0.81 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.7.0.81 - NVIDIA Corporation) NVIDIA Oprogramowanie systemu PhysX 9.17.0329 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.17.0329 - NVIDIA Corporation) NVIDIA Sterownik 3D Vision 382.05 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 382.05 - NVIDIA Corporation) NVIDIA Sterownik dźwięku HD 1.3.34.26 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.34.26 - NVIDIA Corporation) NVIDIA Sterownik graficzny 382.05 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 382.05 - NVIDIA Corporation) NVIDIA Sterownik kontrolera 3D Vision 369.04 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 369.04 - NVIDIA Corporation) NvNodejs (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvNodejs) (Version: 3.7.0.81 - NVIDIA Corporation) Hidden NvTelemetry (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvTelemetry) (Version: 2.6.1.0 - NVIDIA Corporation) Hidden NvvHci (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvvHci) (Version: 2.02.0.5 - NVIDIA Corporation) Hidden Office 16 Click-to-Run Extensibility Component (HKLM\...\{90160000-008C-0000-1000-0000000FF1CE}) (Version: 16.0.8431.2079 - Microsoft Corporation) Hidden Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-007E-0000-1000-0000000FF1CE}) (Version: 16.0.8431.2079 - Microsoft Corporation) Hidden Office 16 Click-to-Run Localization Component (HKLM\...\{90160000-008C-0409-1000-0000000FF1CE}) (Version: 16.0.8326.2107 - Microsoft Corporation) Hidden Origin (HKLM-x32\...\Origin) (Version: 10.5.3.59240 - Electronic Arts, Inc.) PDF Settings CS6 (HKLM-x32\...\{BFEAAE77-BD7F-4534-B286-9C5CB4697EB1}) (Version: 11.0 - Adobe Systems Incorporated) Hidden Planet Coaster (HKLM-x32\...\Planet Coaster_is1) (Version: - ) Portal 2 (HKLM\...\Steam App 620) (Version: - Valve) PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.986 - Even Balance, Inc.) Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7560 - Realtek Semiconductor Corp.) Rockstar Games Social Club (HKLM-x32\...\Rockstar Games Social Club) (Version: 1.2.1.9 - Rockstar Games) SHIELD Streaming (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_GFExperience.NvStreamSrv) (Version: 7.1.0380 - NVIDIA Corporation) Hidden Spintires v.03.03.16 (HKLM-x32\...\Spintires v.03.03.16_is1) (Version: Spintires v.03.03.16 - Darius) Spotify (HKU\S-1-5-21-731887816-562859636-3255986779-1001\...\Spotify) (Version: 1.0.20.101.ge6957e14 - Spotify AB) TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.19 - TeamSpeak Systems GmbH) TeamViewer 11 (HKLM-x32\...\TeamViewer) (Version: 11.0.63017 - TeamViewer) TEKKEN 7 (HKLM-x32\...\TEKKEN 7_is1) (Version: - ) The Witcher 3 - Wild Hunt (HKLM-x32\...\1207664643_is1) (Version: 1.31.0.0 - GOG.com) The Witcher 3: Wild Hunt - Free DLC program (16 DLC) (HKLM-x32\...\Free DLC program (16 DLC)_is1) (Version: 1.24.0.0 - GOG.com) The Witcher 3: Wild Hunt - Krew i Wino (HKLM-x32\...\Blood and Wine_is1) (Version: 1.24.0.0 - GOG.com) The Witcher 3: Wild Hunt - Serca z kamienia (HKLM-x32\...\Hearts of Stone_is1) (Version: 1.24.0.0 - GOG.com) Tom Clancy's Rainbow Six Siege (HKLM-x32\...\Uplay Install 635) (Version: - Ubisoft Montreal) Update for (KB2504637) (HKLM-x32\...\{CFEF48A8-BFB8-3EAC-8BA5-DE4F8AA267CE}.KB2504637) (Version: 1 - Microsoft Corporation) Uplay (HKLM-x32\...\Uplay) (Version: 34.0 - Ubisoft) Vegas Pro 13.0 (64-bit) (HKLM\...\{1EEE0BEE-0BC8-11E5-A19E-F04DA23A5C58}) (Version: 13.0.453 - Sony) Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies) Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.) VLC media player (HKLM\...\VLC media player) (Version: 2.2.6 - VideoLAN) Vulkan Run Time Libraries 1.0.42.1 (HKLM\...\VulkanRT1.0.42.1) (Version: 1.0.42.1 - LunarG, Inc.) Webcam 1200 (HKLM-x32\...\{66D475AE-F18B-43A0-8BAF-61AF4403E339}) (Version: 1.0.0.0 - Logitech) Win10Pcap (HKLM-x32\...\{B5B58F8A-1984-4F3E-B400-235A6E005002}) (Version: 10.2.5002 - Daiyuu Nobori, University of Tsukuba, Japan) Windows 7 USB/DVD Download Tool (HKLM-x32\...\{CCF298AF-9CE1-4B26-B251-486E98A34789}) (Version: 1.0.30 - Microsoft Corporation) WinRAR 5.30 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.30.0 - win.rar GmbH) ==================== Custom CLSID (Whitelisted): ========================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) ShellIconOverlayIdentifiers: [00avg] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} => C:\Program Files (x86)\Notepad++\NppShell_06.dll [2017-06-18] () ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2015-11-18] (Alexander Roshal) ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2015-11-18] (Alexander Roshal) ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2017-05-09] (Malwarebytes) ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\system32\nvshext.dll [2017-05-01] (NVIDIA Corporation) ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2017-05-09] (Malwarebytes) ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2015-11-18] (Alexander Roshal) ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2015-11-18] (Alexander Roshal) ==================== Scheduled Tasks (Whitelisted) ============= (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) Task: {169318EB-37E8-48D0-A16D-0BF161527DAB} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerLogon => C:\Program Files\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [2017-09-29] () Task: {1DAFBA16-6E4B-4646-BF5C-5C9705576536} - System32\Tasks\AutoPico Daily Restart => C:\Program Files\KMSpico\AutoPico.exe Task: {1F3F4521-1997-4E27-802F-F5B25F550B31} - System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2017-06-21] (NVIDIA Corporation) Task: {4CE3F114-49D2-429A-9FFB-F53941B01986} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [2017-06-21] (NVIDIA Corporation) Task: {69FFBE77-CD94-44CD-8041-C185E1635B74} - System32\Tasks\klcp_update => C:\Program Files (x86)\K-Lite Codec Pack\Tools\CodecTweakTool.exe [2016-08-15] () Task: {713BE2A7-2C0B-4921-B64A-03766E95CC7E} - System32\Tasks\KMSAutoNet => C:\ProgramData\KMSAutoS\KMSAuto Net.exe Task: {740C98FB-E5C0-4CCF-9AC8-74562E606C4E} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [2017-06-21] (NVIDIA Corporation) Task: {7C506388-FADC-4ACC-89CE-A3684F9606F0} - System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmMon.exe [2017-06-21] (NVIDIA Corporation) Task: {8435984A-2256-4D03-A81F-BA9E01B781EC} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [2017-06-21] (NVIDIA Corporation) Task: {85B00458-7E70-4C80-98BE-5221724FF9C7} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2017-09-08] (Microsoft Corporation) Task: {A541725B-8A70-45ED-A8E5-2D6F27BD4F57} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-12-14] (Adobe Systems Incorporated) Task: {A8693612-F610-49BC-85F3-75B1BD600D40} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2017-05-19] (Piriform Ltd) Task: {B2C2EC7D-C316-463C-93E6-14A5C3FE0D96} - System32\Tasks\AVGPCTuneUp_Task_BkGndMaintenance => C:\Program Files (x86)\AVG\AVG PC TuneUp\tuscanx.exe Task: {B4407CAE-1505-4706-AE59-51F4E99524BA} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-12-29] (Google Inc.) Task: {BAE823D8-EF26-4EF5-905F-920186CF3F18} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2017-06-21] (NVIDIA Corporation) Task: {CAB79271-0087-48DD-904C-1FEB5FEC629D} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-12-29] (Google Inc.) Task: {D651BA26-43A0-4FA4-9C39-00935F300599} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [2017-09-29] (Microsoft Corporation) Task: {E7FF5BCD-6BBE-444F-B309-5C2317B8017A} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [2017-09-29] (Microsoft Corporation) Task: {EA879FFA-D177-48C4-ACF6-982A5A677C8B} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2017-06-21] (NVIDIA Corporation) Task: {EB8280E0-DEB5-4A42-A5E8-0C36C7AFBD82} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2017-09-08] (Microsoft Corporation) Task: {EE3633C5-F710-4EB4-8EE2-1090E297E3CB} - System32\Tasks\NvTmRepOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2017-06-21] (NVIDIA Corporation) Task: {F2BBB347-9A5E-4647-80F3-828A3E70051A} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerRegistration => C:\Program Files\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [2017-09-29] () Task: {FD9336F0-3CD4-46BC-86F6-E8C31D9E3A61} - System32\Tasks\Game_Booster_AutoUpdate => C:\Program Files (x86)\IObit\Game Booster 3\AutoUpdate.exe Task: {FE92BC20-D668-4908-BD98-4AC7B73E5A8B} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\Windows\system32\MRT.exe [2017-09-13] (Microsoft Corporation) (If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.) ==================== Shortcuts & WMI ======================== (The entries could be listed to be restored or removed.) ==================== Loaded Modules (Whitelisted) ============== 2016-10-15 04:26 - 2017-06-21 09:07 - 001267320 _____ () C:\Program Files\NVIDIA Corporation\NvContainer\libprotobuf.dll 2016-05-04 09:29 - 2016-09-17 19:31 - 000075136 _____ () C:\WINDOWS\SysWOW64\PnkBstrA.exe 2017-03-18 22:58 - 2017-03-18 22:58 - 000138000 _____ () C:\WINDOWS\SYSTEM32\inputhost.dll 2016-03-16 02:21 - 2017-09-29 06:08 - 008929480 _____ () C:\Program Files\Microsoft Office\root\Office16\1033\GrooveIntlResource.dll 2017-03-18 22:59 - 2017-03-19 04:49 - 001731072 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll 2017-09-13 00:19 - 2017-09-05 07:19 - 004125088 _____ () C:\Windows\SystemApps\Microsoft.Windows.ContentDeliveryManager_cw5n1h2txyewy\ContentDeliveryManager.Background.dll 2017-03-18 22:59 - 2017-03-19 04:49 - 002487712 _____ () C:\Windows\SystemApps\Microsoft.Windows.ContentDeliveryManager_cw5n1h2txyewy\ContentManagementSDK.dll 2017-08-23 14:27 - 2017-08-23 14:28 - 000074752 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.19.856.0_x64__kzf8qxf38zg5c\SkypeHost.exe 2017-08-23 14:27 - 2017-08-23 14:27 - 000203264 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.19.856.0_x64__kzf8qxf38zg5c\SkypeBackgroundTasks.dll 2017-08-23 14:27 - 2017-08-23 14:28 - 036162048 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.19.856.0_x64__kzf8qxf38zg5c\SkyWrap.dll 2017-08-23 14:27 - 2017-08-23 14:28 - 002237952 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.19.856.0_x64__kzf8qxf38zg5c\skypert.dll 2017-09-26 23:56 - 2017-09-21 09:29 - 004022616 _____ () C:\Program Files (x86)\Google\Chrome\Application\61.0.3163.100\libglesv2.dll 2017-09-26 23:56 - 2017-09-21 09:29 - 000100184 _____ () C:\Program Files (x86)\Google\Chrome\Application\61.0.3163.100\libegl.dll 2016-10-15 04:26 - 2017-06-21 09:07 - 001040504 _____ () C:\Program Files (x86)\NVIDIA Corporation\NvContainer\libprotobuf.dll 2016-10-15 04:26 - 2017-06-21 09:06 - 066837112 _____ () C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\libcef.dll ==================== Alternate Data Streams (Whitelisted) ========= (If an entry is included in the fixlist, only the ADS will be removed.) ==================== Safe Mode (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.) HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service" ==================== Association (Whitelisted) =============== (If an entry is included in the fixlist, the registry item will be restored to default or removed.) ==================== Internet Explorer trusted/restricted =============== (If an entry is included in the fixlist, it will be removed from the registry.) ==================== Hosts content: =============================== (If needed Hosts: directive could be included in the fixlist to reset Hosts.) 2016-02-10 03:52 - 2016-08-27 16:09 - 000000793 _____ C:\WINDOWS\system32\Drivers\etc\hosts ==================== Other Areas ============================ (Currently there is no automatic fix for this section.) HKU\S-1-5-21-731887816-562859636-3255986779-1001\Control Panel\Desktop\\Wallpaper -> C:\Windows\Web\Wallpaper\Windows\img0.jpg DNS Servers: 192.168.0.1 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1) HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: Off) Windows Firewall is disabled. ==================== MSCONFIG/TASK MANAGER disabled items == MSCONFIG\Services: AdobeARMservice => 2 MSCONFIG\Services: avgsvc => 2 MSCONFIG\Services: GfExperienceService => 2 MSCONFIG\Services: gupdate => 2 MSCONFIG\Services: gupdatem => 3 MSCONFIG\Services: LogiRegistryService => 2 MSCONFIG\Services: NvNetworkService => 2 MSCONFIG\Services: NvStreamNetworkSvc => 3 MSCONFIG\Services: NvStreamSvc => 2 MSCONFIG\Services: nvsvc => 2 MSCONFIG\Services: SkypeUpdate => 2 MSCONFIG\Services: Steam Client Service => 3 MSCONFIG\Services: Stereo Service => 2 HKLM\...\StartupApproved\Run: => "Launch LCore" HKLM\...\StartupApproved\Run: => "XboxStat" HKLM\...\StartupApproved\Run: => "AdobeAAMUpdater-1.0" HKLM\...\StartupApproved\Run32: => "LWS" HKLM\...\StartupApproved\Run32: => "AvgUi" HKLM\...\StartupApproved\Run32: => "AdobeCS6ServiceManager" HKLM\...\StartupApproved\Run32: => "AdobeAAMUpdater-1.0" HKLM\...\StartupApproved\Run32: => "LogMeIn Hamachi Ui" HKLM\...\StartupApproved\Run32: => "Windows Mobile-based device management" HKLM\...\StartupApproved\Run32: => "SunJavaUpdateSched" HKU\S-1-5-21-731887816-562859636-3255986779-1001\...\StartupApproved\StartupFolder: => "Logitech . Rejestracja produktu.lnk" HKU\S-1-5-21-731887816-562859636-3255986779-1001\...\StartupApproved\Run: => "OneDrive" HKU\S-1-5-21-731887816-562859636-3255986779-1001\...\StartupApproved\Run: => "EADM" HKU\S-1-5-21-731887816-562859636-3255986779-1001\...\StartupApproved\Run: => "Skype" HKU\S-1-5-21-731887816-562859636-3255986779-1001\...\StartupApproved\Run: => "Spotify" HKU\S-1-5-21-731887816-562859636-3255986779-1001\...\StartupApproved\Run: => "Spotify Web Helper" HKU\S-1-5-21-731887816-562859636-3255986779-1001\...\StartupApproved\Run: => "CCleaner Monitoring" ==================== FirewallRules (Whitelisted) =============== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) FirewallRules: [{F68C9222-2B40-4528-B30C-6C956D14EDAB}] => (Allow) D:\Gry\Steam\steamapps\common\Hearts of Iron IV\hoi4.exe FirewallRules: [{4268ED44-7F68-4373-AE57-44C4DD7C93E3}] => (Allow) D:\Gry\Steam\steamapps\common\Hearts of Iron IV\hoi4.exe FirewallRules: [{B9879A38-A166-4B89-8679-5D3CDA873009}] => (Allow) D:\Gry\Ubisoft Game Launcher\games\Tom Clancy's Rainbow Six Siege\RainbowSix.exe FirewallRules: [{A862C2CE-E442-4F1C-8EDC-3531616AD9FF}] => (Allow) D:\Gry\Ubisoft Game Launcher\games\Tom Clancy's Rainbow Six Siege\RainbowSix.exe FirewallRules: [{1A336477-B491-4F52-B2F8-AAE72186F812}] => (Allow) D:\Gry\Ubisoft Game Launcher\games\Tom Clancy's Rainbow Six Siege\RainbowSix_BE.exe FirewallRules: [{B28EC42A-78C4-4A9E-9725-059FEA973968}] => (Allow) D:\Gry\Ubisoft Game Launcher\games\Tom Clancy's Rainbow Six Siege\RainbowSix_BE.exe FirewallRules: [{622DC8A8-64C5-48F4-BEFE-30CEC3700CB5}] => (Allow) D:\Gry\Steam\steamapps\common\Portal 2\portal2.exe FirewallRules: [{60526FF9-E431-46C3-B113-20BE1271637F}] => (Allow) D:\Gry\Steam\steamapps\common\Portal 2\portal2.exe FirewallRules: [{B32C5852-CF36-4161-AE33-13E0111FDA08}] => (Allow) D:\Gry\Origin\Gry\Battlefield 1\bf1.exe FirewallRules: [{0B0D344E-106D-4BE8-A53B-9D212CF94474}] => (Allow) D:\Gry\Origin\Gry\Battlefield 1\bf1.exe FirewallRules: [{6D2BD172-4A57-431E-9CF1-F6718B97D81D}] => (Allow) D:\Gry\Origin\Gry\Battlefield 1\bf1Trial.exe FirewallRules: [{F7406578-E6C3-4706-906B-E91E52619D94}] => (Allow) D:\Gry\Origin\Gry\Battlefield 1\bf1Trial.exe FirewallRules: [{EC8F6682-E704-429A-A2F6-37C22C459C6D}] => (Allow) C:\Users\Jakub K\appdata\local\younity\jre-windows-32\launch4j-tmp\younity.exe FirewallRules: [{2BA777A7-D1C0-4E66-A356-EC5256192B4F}] => (Allow) C:\Users\Jakub K\appdata\local\younity\jre-windows-32\launch4j-tmp\younity.exe FirewallRules: [{3D6AB7C2-FDF5-4188-9814-DB440FFDFB80}] => (Allow) C:\Users\Jakub K\AppData\Roaming\uTorrent\uTorrent.exe FirewallRules: [{C6B59956-896A-47B6-9633-0179C592B643}] => (Allow) C:\Users\Jakub K\AppData\Roaming\uTorrent\uTorrent.exe FirewallRules: [{D70C8544-913D-4616-AC64-5E7CF852001D}] => (Allow) D:\Gry\Steam\Steam.exe FirewallRules: [{CE34E485-80AA-43C8-9C2B-74B430B655F6}] => (Allow) D:\Gry\Steam\Steam.exe FirewallRules: [TCP Query User{B71E8F3B-788A-470A-9AAD-17EB0CDA7BC9}C:\program files\logitech gaming software\lcore.exe] => (Allow) C:\program files\logitech gaming software\lcore.exe FirewallRules: [UDP Query User{139C5228-FC00-4664-9458-9FA1C2F84D91}C:\program files\logitech gaming software\lcore.exe] => (Allow) C:\program files\logitech gaming software\lcore.exe FirewallRules: [{9BEDDBA4-CBAC-469E-AB9D-A5999A01B247}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\Lync.exe FirewallRules: [{91EEAA60-A622-46FD-8458-CFB628B459AC}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\UcMapi.exe FirewallRules: [{984A0460-F9A0-4DAD-8D3F-CD4265187AAF}] => (Allow) C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\SonarHost.exe FirewallRules: [{2271D206-DF65-45DC-9084-C1118E1864F7}] => (Allow) C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\SonarHost.exe FirewallRules: [TCP Query User{DBAE05FC-8D16-4E4E-9506-40A7A42BF351}C:\program files\logitech gaming software\lcore.exe] => (Allow) C:\program files\logitech gaming software\lcore.exe FirewallRules: [UDP Query User{2A56ACB2-E7F8-430E-A7E3-C0B7D7280C15}C:\program files\logitech gaming software\lcore.exe] => (Allow) C:\program files\logitech gaming software\lcore.exe FirewallRules: [{3986EE7E-60E6-485A-97FE-BBC8319B236B}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe FirewallRules: [{6A877FE0-5BD0-4EEC-9D55-E0F3C2825C2C}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe FirewallRules: [{EAD8B6A3-7A34-40FF-90A3-8D0B71672170}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe FirewallRules: [{DAC63866-9D85-4460-A3A3-EE48831A0F29}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe FirewallRules: [{A0653D19-F411-4B52-87D7-5DF318DEEF73}] => (Allow) C:\Users\Jakub K\AppData\Roaming\uTorrent\uTorrent.exe FirewallRules: [{90C87C14-0EBB-446B-B8E8-74AE7A43280B}] => (Allow) C:\Users\Jakub K\AppData\Roaming\uTorrent\uTorrent.exe FirewallRules: [{4782DEAC-6ECE-4638-8430-663743D8AA05}] => (Allow) C:\Users\Jakub K\AppData\Roaming\uTorrent\uTorrent.exe FirewallRules: [{8FF6D8B8-06AC-414B-A0DD-E5369A5366C9}] => (Allow) C:\Users\Jakub K\AppData\Roaming\uTorrent\uTorrent.exe FirewallRules: [{39ABB7FB-32F4-4806-A4D8-95CE6A024723}] => (Allow) C:\Users\Jakub K\AppData\Roaming\uTorrent\uTorrent.exe FirewallRules: [{2636E05F-C05B-42D4-BE3B-987111D9A1C1}] => (Allow) C:\Users\Jakub K\AppData\Roaming\uTorrent\uTorrent.exe FirewallRules: [{20EE19FD-5E35-4876-8751-634AC9D8665F}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe FirewallRules: [{3126FADF-3E1B-4CF3-8858-3D7C42610508}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe FirewallRules: [{DBF1A47C-EC94-4DAE-BCA7-EC73FC0DFBD8}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe FirewallRules: [{0F05E9DF-A3CA-4A54-ABA9-1FE67A47CC76}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe FirewallRules: [{28FF25B3-0E95-43DA-99CA-7385E82EFF79}] => (Allow) LPort=1688 FirewallRules: [{F5B6C982-7C85-4CD0-80E5-5F7FE0545F96}] => (Allow) C:\Program Files\KMSpico\Service_KMS.exe FirewallRules: [{B013EEB6-4CEA-4BCA-A012-F8FE25260041}] => (Allow) C:\Program Files\KMSpico\Service_KMS.exe FirewallRules: [{9B8BD5D5-A790-4720-AFA5-6BF0FED94A46}] => (Allow) D:\Gry\Origin\Gry\Battlefield 1\bf1Trial.exe FirewallRules: [{8505B082-43A3-48A4-A5A2-59FBCB8B6FEC}] => (Allow) D:\Gry\Origin\Gry\Battlefield 1\bf1Trial.exe FirewallRules: [{EE6EE99B-DBA9-4F55-A001-CF4990B2A27B}] => (Allow) D:\Gry\Origin\Gry\Battlefield 1\bf1.exe FirewallRules: [{EC75EADA-7EFC-4B92-934B-0396ECAE7684}] => (Allow) D:\Gry\Origin\Gry\Battlefield 1\bf1.exe FirewallRules: [{14FBC14E-3E4E-4E75-BFE5-F099EE27FD94}] => (Allow) C:\Program Files (x86)\NapiProjekt\napisy.exe FirewallRules: [{484AACBE-9B46-411A-B357-B7024F111662}] => (Allow) C:\Program Files (x86)\NapiProjekt\napisy.exe FirewallRules: [{F0E5A112-F8E9-45BC-9444-EE98F54255F3}] => (Allow) D:\Gry\Steam\bin\cef\cef.win7\steamwebhelper.exe FirewallRules: [{1911D1C6-1F68-4F04-A580-48A58A6422BE}] => (Allow) D:\Gry\Steam\bin\cef\cef.win7\steamwebhelper.exe FirewallRules: [{B4C77062-1E11-4EDE-B3E9-86C1FCD40F65}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\Lync.exe FirewallRules: [{11C67633-7A0B-4083-AB9F-32FE3D1A8199}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\UcMapi.exe FirewallRules: [{0A2EB619-BEF1-4310-AE8E-BDC3487A45C8}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe FirewallRules: [{B8D975C9-8E44-4B85-9079-AE4E3299D85B}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe FirewallRules: [{A838BB59-A627-41EB-B21B-35FE025C9F4F}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe FirewallRules: [{38F14E3E-13E0-45F5-B937-2857A0E432B0}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe FirewallRules: [{2455E49F-B0D1-4814-B434-CCDF6DDC0F55}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe FirewallRules: [{FDF2182B-ED37-4FAE-B2F5-5C7B1FF57550}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe FirewallRules: [{0F79E777-D3C0-4100-BA5E-259E12F89B11}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe FirewallRules: [{E172EFE5-404C-4DB6-B658-2CFF50EAF69E}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe FirewallRules: [{41D05894-4D1A-4C2B-B4DB-6D402FAF3B96}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe FirewallRules: [{C9043A7B-D3A4-4CF4-B915-CE1ECF600082}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\outlook.exe FirewallRules: [{FD005CE6-89FA-46E8-B62F-1D7CA949CD01}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe ==================== Restore Points ========================= ATTENTION: System Restore is disabled ==================== Faulty Device Manager Devices ============= ==================== Event log errors: ========================= Application errors: ================== Error: (10/09/2017 02:35:23 AM) (Source: Application Hang) (EventID: 1002) (User: ) Description: Program Kodi.exe w wersji 16.1.0.0 przestał współpracować z systemem Windows i został zamknięty. Aby sprawdzić, czy jest dostępnych więcej informacji na temat tego problemu, sprawdź historię problemu w oknie Zabezpieczenia i konserwacja w Panelu sterowania. Identyfikator procesu: b28 Godzina rozpoczęcia: 01d34081b4531e81 Godzina zakończenia: 1 Ścieżka aplikacji: C:\Program Files (x86)\Kodi\Kodi.exe Identyfikator raportu: 1973da47-ae37-48dd-a334-a6c47b1a10eb Pełna nazwa pakietu powodującego błąd: Identyfikator aplikacji względem pakietu powodującego błąd: Error: (10/08/2017 06:36:51 PM) (Source: MsiInstaller) (EventID: 1024) (User: DESKTOP-GC77QGH) Description: Produkt: Adobe Acrobat Reader DC - Polish - nie można zainstalować aktualizacji '{AC76BA86-7AD7-0000-2550-AC0F174E6600}'. Kod błędu 1625. Instalator Windows może tworzyć dzienniki, aby ułatwić rozwiązywanie problemów z instalowaniem pakietów oprogramowania. Użyj następującego linku, aby uzyskać instrukcje dotyczące włączania obsługi rejestrowania: http://go.microsoft.com/fwlink/?LinkId=23127 Error: (10/08/2017 01:32:54 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Nazwa aplikacji powodującej błąd: MicrosoftEdgeCP.exe, wersja: 11.0.15063.608, sygnatura czasowa: 0x59ae240c Nazwa modułu powodującego błąd: unknown, wersja: 0.0.0.0, sygnatura czasowa: 0x00000000 Kod wyjątku: 0xc0000604 Przesunięcie błędu: 0x0000000000000000 Identyfikator procesu powodującego błąd: 0x2b64 Godzina uruchomienia aplikacji powodującej błąd: 0x01d340292aa44e8b Ścieżka aplikacji powodującej błąd: C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe Ścieżka modułu powodującego błąd: unknown Identyfikator raportu: cf34ac94-034b-46ea-9b47-d2117988690b Pełna nazwa pakietu powodującego błąd: Microsoft.MicrosoftEdge_40.15063.0.0_neutral__8wekyb3d8bbwe Identyfikator aplikacji względem pakietu powodującego błąd: ContentProcess Error: (10/08/2017 01:32:52 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Nazwa aplikacji powodującej błąd: MicrosoftEdgeCP.exe, wersja: 11.0.15063.608, sygnatura czasowa: 0x59ae240c Nazwa modułu powodującego błąd: unknown, wersja: 0.0.0.0, sygnatura czasowa: 0x00000000 Kod wyjątku: 0xc0000604 Przesunięcie błędu: 0x0000000000000000 Identyfikator procesu powodującego błąd: 0x2b64 Godzina uruchomienia aplikacji powodującej błąd: 0x01d340292aa44e8b Ścieżka aplikacji powodującej błąd: C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe Ścieżka modułu powodującego błąd: unknown Identyfikator raportu: af19a43f-b5db-453f-9205-06f02d1a90ba Pełna nazwa pakietu powodującego błąd: Microsoft.MicrosoftEdge_40.15063.0.0_neutral__8wekyb3d8bbwe Identyfikator aplikacji względem pakietu powodującego błąd: ContentProcess Error: (10/08/2017 01:32:51 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Nazwa aplikacji powodującej błąd: MicrosoftEdgeCP.exe, wersja: 11.0.15063.608, sygnatura czasowa: 0x59ae240c Nazwa modułu powodującego błąd: unknown, wersja: 0.0.0.0, sygnatura czasowa: 0x00000000 Kod wyjątku: 0xc0000604 Przesunięcie błędu: 0x0000000000000000 Identyfikator procesu powodującego błąd: 0x2b64 Godzina uruchomienia aplikacji powodującej błąd: 0x01d340292aa44e8b Ścieżka aplikacji powodującej błąd: C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe Ścieżka modułu powodującego błąd: unknown Identyfikator raportu: 90ebad32-4fcc-40dd-b2d7-e696a3a65cce Pełna nazwa pakietu powodującego błąd: Microsoft.MicrosoftEdge_40.15063.0.0_neutral__8wekyb3d8bbwe Identyfikator aplikacji względem pakietu powodującego błąd: ContentProcess Error: (10/08/2017 01:32:50 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Nazwa aplikacji powodującej błąd: MicrosoftEdgeCP.exe, wersja: 11.0.15063.608, sygnatura czasowa: 0x59ae240c Nazwa modułu powodującego błąd: unknown, wersja: 0.0.0.0, sygnatura czasowa: 0x00000000 Kod wyjątku: 0xc0000604 Przesunięcie błędu: 0x0000000000000000 Identyfikator procesu powodującego błąd: 0x2b64 Godzina uruchomienia aplikacji powodującej błąd: 0x01d340292aa44e8b Ścieżka aplikacji powodującej błąd: C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe Ścieżka modułu powodującego błąd: unknown Identyfikator raportu: 68f248aa-4f85-403c-84dc-df0392c73d2b Pełna nazwa pakietu powodującego błąd: Microsoft.MicrosoftEdge_40.15063.0.0_neutral__8wekyb3d8bbwe Identyfikator aplikacji względem pakietu powodującego błąd: ContentProcess Error: (10/08/2017 01:32:49 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Nazwa aplikacji powodującej błąd: MicrosoftEdgeCP.exe, wersja: 11.0.15063.608, sygnatura czasowa: 0x59ae240c Nazwa modułu powodującego błąd: unknown, wersja: 0.0.0.0, sygnatura czasowa: 0x00000000 Kod wyjątku: 0xc0000604 Przesunięcie błędu: 0x0000000000000000 Identyfikator procesu powodującego błąd: 0x2b64 Godzina uruchomienia aplikacji powodującej błąd: 0x01d340292aa44e8b Ścieżka aplikacji powodującej błąd: C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe Ścieżka modułu powodującego błąd: unknown Identyfikator raportu: dd2b2529-aa98-4dda-9191-96c263aa35b0 Pełna nazwa pakietu powodującego błąd: Microsoft.MicrosoftEdge_40.15063.0.0_neutral__8wekyb3d8bbwe Identyfikator aplikacji względem pakietu powodującego błąd: ContentProcess Error: (10/08/2017 01:32:47 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Nazwa aplikacji powodującej błąd: MicrosoftEdgeCP.exe, wersja: 11.0.15063.608, sygnatura czasowa: 0x59ae240c Nazwa modułu powodującego błąd: unknown, wersja: 0.0.0.0, sygnatura czasowa: 0x00000000 Kod wyjątku: 0xc0000604 Przesunięcie błędu: 0x0000000000000000 Identyfikator procesu powodującego błąd: 0x2b64 Godzina uruchomienia aplikacji powodującej błąd: 0x01d340292aa44e8b Ścieżka aplikacji powodującej błąd: C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe Ścieżka modułu powodującego błąd: unknown Identyfikator raportu: b91f73de-56b7-450d-8153-f08c8e5d0892 Pełna nazwa pakietu powodującego błąd: Microsoft.MicrosoftEdge_40.15063.0.0_neutral__8wekyb3d8bbwe Identyfikator aplikacji względem pakietu powodującego błąd: ContentProcess Error: (10/08/2017 01:32:21 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Nazwa aplikacji powodującej błąd: MicrosoftEdgeCP.exe, wersja: 11.0.15063.608, sygnatura czasowa: 0x59ae240c Nazwa modułu powodującego błąd: unknown, wersja: 0.0.0.0, sygnatura czasowa: 0x00000000 Kod wyjątku: 0xc0000604 Przesunięcie błędu: 0x0000000000000000 Identyfikator procesu powodującego błąd: 0x420 Godzina uruchomienia aplikacji powodującej błąd: 0x01d34029179258a1 Ścieżka aplikacji powodującej błąd: C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe Ścieżka modułu powodującego błąd: unknown Identyfikator raportu: e08e0c65-9e4b-4371-bdce-3165c5da84f6 Pełna nazwa pakietu powodującego błąd: Microsoft.MicrosoftEdge_40.15063.0.0_neutral__8wekyb3d8bbwe Identyfikator aplikacji względem pakietu powodującego błąd: ContentProcess Error: (10/08/2017 01:32:19 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Nazwa aplikacji powodującej błąd: MicrosoftEdgeCP.exe, wersja: 11.0.15063.608, sygnatura czasowa: 0x59ae240c Nazwa modułu powodującego błąd: unknown, wersja: 0.0.0.0, sygnatura czasowa: 0x00000000 Kod wyjątku: 0xc0000604 Przesunięcie błędu: 0x0000000000000000 Identyfikator procesu powodującego błąd: 0x420 Godzina uruchomienia aplikacji powodującej błąd: 0x01d34029179258a1 Ścieżka aplikacji powodującej błąd: C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe Ścieżka modułu powodującego błąd: unknown Identyfikator raportu: f1039040-6824-424b-bf7a-84cdaa6a57c9 Pełna nazwa pakietu powodującego błąd: Microsoft.MicrosoftEdge_40.15063.0.0_neutral__8wekyb3d8bbwe Identyfikator aplikacji względem pakietu powodującego błąd: ContentProcess System errors: ============= Error: (10/09/2017 02:35:27 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY) Description: Zgodnie z ustawieniami uprawnienia application-specific nie jest udzielane uprawnienie Local Activation do aplikacji serwera COM z identyfikatorem klasy CLSID {D63B10C5-BB46-4990-A94F-E40B9D520160} i identyfikatorem aplikacji APPID {9CA88EE3-ACB7-47C8-AFC4-AB702511C276} użytkownikowi NT AUTHORITY\SYSTEM o identyfikatorze zabezpieczeń SID (S-1-5-18) z adresu LocalHost (Using LRPC) działającemu w kontenerze aplikacji o identyfikatorze SID Unavailable (Unavailable). To uprawnienie zabezpieczeń można modyfikować przy użyciu narzędzia administracyjnego Usługi składowe. Error: (10/08/2017 09:06:09 PM) (Source: Microsoft-Windows-Kernel-Power) (EventID: 137) (User: ) Description: 4 Error: (10/08/2017 06:45:28 PM) (Source: Microsoft-Windows-Kernel-Power) (EventID: 137) (User: ) Description: 4 Error: (10/08/2017 11:45:31 AM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-GC77QGH) Description: Zgodnie z ustawieniami uprawnienia machine-default nie jest udzielane uprawnienie Local Activation do aplikacji serwera COM z identyfikatorem klasy CLSID {C2F03A33-21F5-47FA-B4BB-156362A2F239} i identyfikatorem aplikacji APPID {316CDED5-E4AE-4B15-9113-7055D84DCC97} użytkownikowi DESKTOP-GC77QGH\Jakub K o identyfikatorze zabezpieczeń SID (S-1-5-21-731887816-562859636-3255986779-1001) z adresu LocalHost (Using LRPC) działającemu w kontenerze aplikacji o identyfikatorze SID Microsoft.Windows.Cortana_1.8.12.15063_neutral_neutral_cw5n1h2txyewy (S-1-15-2-1861897761-1695161497-2927542615-642690995-327840285-2659745135-2630312742). To uprawnienie zabezpieczeń można modyfikować przy użyciu narzędzia administracyjnego Usługi składowe. Error: (10/08/2017 11:40:57 AM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Nie można uruchomić usługi CldFlt z powodu następującego błędu: Żądanie nie jest obsługiwane. Error: (10/08/2017 11:40:57 AM) (Source: EventLog) (EventID: 6008) (User: ) Description: Poprzednie zamknięcie systemu przy 11:09:49 PM na ‎10/‎7/‎2017 było nieoczekiwane. Error: (10/07/2017 11:34:16 PM) (Source: Microsoft-Windows-Kernel-Power) (EventID: 137) (User: ) Description: 4 Error: (10/07/2017 07:21:28 PM) (Source: Microsoft-Windows-Kernel-Power) (EventID: 137) (User: ) Description: 4 Error: (10/07/2017 03:33:40 AM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-GC77QGH) Description: Serwer Microsoft.Windows.Cortana_1.8.12.15063_neutral_neutral_cw5n1h2txyewy!CortanaUI.AppX6jbm6fjqte5wzzrf5807m7eq0z44q5gf.mca nie zarejestrował się w modelu DCOM w wymaganym czasie. Error: (10/07/2017 03:33:40 AM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-GC77QGH) Description: Serwer Microsoft.Windows.ContentDeliveryManager_10.0.15063.0_neutral_neutral_cw5n1h2txyewy!App.AppXryc2qd338f5728r9gzzazav8206ba77s.mca nie zarejestrował się w modelu DCOM w wymaganym czasie. CodeIntegrity: =================================== Date: 2017-10-08 13:32:16.843 Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume1\Windows\System32\nvspcap64.dll that did not meet the Store signing level requirements. Date: 2017-10-08 12:11:46.048 Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume1\Windows\System32\nvspcap64.dll that did not meet the Store signing level requirements. Date: 2017-10-07 20:24:25.317 Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume1\Windows\System32\nvspcap64.dll that did not meet the Store signing level requirements. Date: 2017-08-11 00:06:31.171 Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume1\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements. Date: 2017-08-11 00:06:30.195 Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume1\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements. Date: 2017-08-11 00:06:21.355 Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume1\Windows\System32\nvspcap64.dll that did not meet the Store signing level requirements. Date: 2017-08-11 00:06:21.355 Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume1\Windows\System32\nvspcap64.dll that did not meet the Store signing level requirements. Date: 2017-08-11 00:06:20.960 Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume1\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements. Date: 2017-08-11 00:06:20.769 Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume1\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements. Date: 2017-08-11 00:06:20.421 Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume1\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements. ==================== Memory info =========================== Processor: Intel(R) Core(TM) i5-2500K CPU @ 3.30GHz Percentage of memory in use: 50% Total physical RAM: 8155.75 MB Available physical RAM: 3996.72 MB Total Virtual: 34011.75 MB Available Virtual: 29302.14 MB ==================== Drives ================================ Drive c: (System) (Fixed) (Total:99.16 GB) (Free:27.74 GB) NTFS Drive d: (GIERKI ITP) (Fixed) (Total:831.51 GB) (Free:330.6 GB) NTFS Drive e: (Torrent) (Fixed) (Total:465.76 GB) (Free:61.17 GB) NTFS Drive f: (Muzyka i zdjęcia) (Fixed) (Total:169.68 GB) (Free:77.78 GB) NTFS ==================== MBR & Partition Table ================== ======================================================== Disk: 0 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: A998CD9F) Partition 1: (Not Active) - (Size=99.2 GB) - (Type=07 NTFS) Partition 2: (Not Active) - (Size=859 MB) - (Type=27) Partition 3: (Not Active) - (Size=831.5 GB) - (Type=07 NTFS) ======================================================== Disk: 1 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: 9CFE4256) Partition 1: (Not Active) - (Size=465.8 GB) - (Type=07 NTFS) ======================================================== Disk: 2 (MBR Code: Windows 7 or 8) (Size: 232.9 GB) (Disk ID: 2D5C2D5B) Partition 1: (Active) - (Size=63.2 GB) - (Type=07 NTFS) Partition 2: (Not Active) - (Size=169.7 GB) - (Type=07 NTFS) ==================== End of Addition.txt ============================