Additional scan result of Farbar Recovery Scan Tool (x64) Version: 01.01.2019 Ran by IGA (05-01-2019 18:09:37) Running from C:\Users\igaki\Downloads Windows 10 Home Version 1803 17134.472 (X64) (2018-05-22 22:27:29) Boot Mode: Normal ========================================================== ==================== Accounts: ============================= Administrator (S-1-5-21-913247424-1415060799-534011615-500 - Administrator - Disabled) DefaultAccount (S-1-5-21-913247424-1415060799-534011615-503 - Limited - Disabled) Guest (S-1-5-21-913247424-1415060799-534011615-501 - Limited - Disabled) IGA (S-1-5-21-913247424-1415060799-534011615-1001 - Administrator - Enabled) => C:\Users\igaki WDAGUtilityAccount (S-1-5-21-913247424-1415060799-534011615-504 - Limited - Disabled) ==================== Security Center ======================== (If an entry is included in the fixlist, it will be removed.) AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: Malwarebytes (Disabled - Up to date) {98619B37-4FC4-67F2-1C99-EEF6D47DBD96} AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} ==================== Installed Programs ====================== (Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.) µTorrent (HKU\S-1-5-21-913247424-1415060799-534011615-1001\...\uTorrent) (Version: 3.5.1.44332 - BitTorrent Inc.) Adobe Photoshop CC 2015 (HKLM-x32\...\{793C2BF7-A4FE-4608-91C9-9282C5801C21}) (Version: 16.0 - Adobe Systems Incorporated) Apple Application Support (32-bit) (HKLM-x32\...\{05E07D23-91E9-4E70-A4CC-EF505088F967}) (Version: 5.4.1 - Apple Inc.) Apple Application Support (64-bit) (HKLM\...\{741291DA-2B34-4D44-8FB6-58EDE21261D8}) (Version: 5.4.1 - Apple Inc.) Apple Mobile Device Support (HKLM\...\{DB18F1C0-846F-46F5-A074-5B97C8AF5C8E}) (Version: 10.3.1.2 - Apple Inc.) Apple Software Update (HKLM-x32\...\{52D87F32-70E4-4348-8148-C0B9F35B1314}) (Version: 2.3.0.177 - Apple Inc.) ClickOnce Bootstrapper Package for Microsoft .NET Framework (HKLM-x32\...\{D1844DC3-B378-47CC-AB40-7FC16C79A2CD}) (Version: 4.7.02558 - Microsoft Corporation) Hidden CodeBlocks (HKU\S-1-5-21-913247424-1415060799-534011615-1001\...\CodeBlocks) (Version: 16.01 - The Code::Blocks Team) DiagnosticsHub_CollectionService (HKLM\...\{A5DD0731-C724-4037-B35B-B80782AACE00}) (Version: 15.0.27128 - Microsoft Corporation) Hidden Dropbox (HKLM-x32\...\Dropbox) (Version: 63.4.107 - Dropbox, Inc.) Dropbox Update Helper (HKLM-x32\...\{099218A5-A723-43DC-8DB5-6173656A1E94}) (Version: 1.3.141.1 - Dropbox, Inc.) Hidden Entity Framework 6.1.3 Tools for Visual Studio 15 (HKLM-x32\...\{F8C0447E-D45C-4E52-94E8-C6340AAC9DB8}) (Version: 6.1.60104.0 - Microsoft Corporation) Hidden Google Chrome (HKLM-x32\...\Google Chrome) (Version: 71.0.3578.98 - Google Inc.) Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.23 - Google Inc.) Hidden HP Deskjet 2540 series Basic Device Software (HKLM\...\{6A79CD11-0C1C-4E24-A8C6-46A02F680346}) (Version: 32.2.188.47710 - Hewlett-Packard Co.) HP Deskjet 2540 series Help (HKLM-x32\...\{4539575D-C09D-4E71-B207-0F2D6BD74DA2}) (Version: 30.0.0 - Hewlett Packard) HP Photo Creations (HKLM-x32\...\HP Photo Creations) (Version: 1.0.0.7702 - HP) HP Update (HKLM-x32\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard) icecap_collection_neutral (HKLM-x32\...\{9149432D-3BEE-4869-B6F5-7A5CF843A612}) (Version: 15.0.27005 - Microsoft Corporation) Hidden icecap_collection_x64 (HKLM\...\{D0C9796E-CB35-4440-885D-9630A0153D1E}) (Version: 15.0.27005 - Microsoft Corporation) Hidden icecap_collectionresources (HKLM-x32\...\{B96B62E4-2EE4-45EC-8082-246FFC1B12E3}) (Version: 15.0.27005 - Microsoft Corporation) Hidden icecap_collectionresourcesx64 (HKLM-x32\...\{262EE643-72FF-406D-9776-C6B65443DA5B}) (Version: 15.0.27005 - Microsoft Corporation) Hidden iCloud (HKLM\...\{ADFDB647-35C0-4254-9EE6-2D9C3B7104BD}) (Version: 5.2.1.69 - Apple Inc.) Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.15.4248 - Intel Corporation) IntelliTraceProfilerProxy (HKLM-x32\...\{0A2EDF2C-9A71-43D7-964A-696BB7CEAC65}) (Version: 15.0.25.0 - Microsoft Corporation) Hidden Java 8 Update 171 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180171F0}) (Version: 8.0.1710.11 - Oracle Corporation) JDownloader 2 (HKLM\...\jdownloader2) (Version: 2.0 - AppWork GmbH) LibreOffice 5.0.1.2 (HKLM-x32\...\{927AE35D-72BC-437D-BAC7-EE47D03DEE54}) (Version: 5.0.1.2 - The Document Foundation) Malwarebytes (wersja 3.4.5.2467) (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.4.5.2467 - Malwarebytes) Microsoft OneDrive (HKU\S-1-5-21-913247424-1415060799-534011615-1001\...\OneDriveSetup.exe) (Version: 18.222.1104.0007 - Microsoft Corporation) Microsoft System CLR Types for SQL Server 2017 CTP2.1 (HKLM\...\{9BAD8F82-A221-42CE-AFF0-7CAB825790C9}) (Version: 14.0.600.250 - Microsoft Corporation) Microsoft System CLR Types for SQL Server 2017 CTP2.1 (HKLM-x32\...\{F0DD1AA8-44D7-4ACE-AF65-7378EA5D884C}) (Version: 14.0.600.250 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual C++ 2017 Redistributable (x64) - 14.12.25810 (HKLM-x32\...\{e2ee15e2-a480-4bc5-bfb7-e9803d1d9823}) (Version: 14.12.25810.0 - Microsoft Corporation) Microsoft Visual C++ 2017 Redistributable (x86) - 14.12.25810 (HKLM-x32\...\{56e11d69-7cc9-40a5-a4f9-8f6190c4d84d}) (Version: 14.12.25810.0 - Microsoft Corporation) Microsoft Visual Studio Installer (HKLM\...\{6F320B93-EE3C-4826-85E0-ADF79F8D4C61}) (Version: 1.14.151.1127 - Microsoft Corporation) MiKTeX 2.9 (HKU\S-1-5-21-913247424-1415060799-534011615-1001\...\MiKTeX 2.9) (Version: 2.9 - MiKTeX.org) NVIDIA Update 10.4.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 10.4.0 - NVIDIA Corporation) Product Improvement Study for HP Deskjet 2540 series (HKLM\...\{DF34643B-A745-430C-B27B-A48F853C81E4}) (Version: 32.2.188.47710 - Hewlett-Packard Co.) R for Windows 3.5.0 (HKLM\...\R for Windows 3.5.0_is1) (Version: 3.5.0 - R Core Team) Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7300 - Realtek Semiconductor Corp.) RStudio (HKLM-x32\...\RStudio) (Version: 1.1.453 - RStudio) Skype™ 7.30 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.30.105 - Skype Technologies S.A.) Splash (HKLM-x32\...\Mirillis Splash) (Version: 2.1.0 - Mirillis) Spotify (HKU\S-1-5-21-913247424-1415060799-534011615-1001\...\Spotify) (Version: 1.0.95.289.g342899da - Spotify AB) TDM-GCC (HKLM-x32\...\TDM-GCC) (Version: 1.1309.0 - TDM) Texmaker 5.0.3 (64-bit) (HKLM-x32\...\{7209FF10-D27D-432F-A705-84F02D136C7E}) (Version: 5.0.3.0 - Texmaker) The Sims 4 Cats and Dogs (HKLM\...\dGhlc2ltczQ_is1) (Version: 1 - ) The Sims™ 4 (HKLM-x32\...\{48EBEBBF-B9F8-4520-A3CF-89A730721917}) (Version: 1.36.102.1020 - Electronic Arts Inc.) Update for (KB2504637) (HKLM-x32\...\{CFEF48A8-BFB8-3EAC-8BA5-DE4F8AA267CE}.KB2504637) (Version: 1 - Microsoft Corporation) Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{9CBA860F-7437-4A75-941C-8EF559F2D145}) (Version: 2.52.0.0 - Microsoft Corporation) vcpp_crt.redist.clickonce (HKLM-x32\...\{0074562E-F896-4994-9086-79F8BC8DE02C}) (Version: 14.12.25830 - Microsoft Corporation) Hidden Visual Studio Community 2017 (HKLM\...\1756820d) (Version: 15.5.27130.0 - Microsoft Corporation) VS Immersive Activate Helper (HKLM-x32\...\{8A2BDA07-3417-46C1-9058-CB32BC63E30E}) (Version: 16.0.76.0 - Microsoft Corporation) Hidden VS JIT Debugger (HKLM\...\{F8F52853-A1A7-42C7-A082-5A6D5853BB0B}) (Version: 16.0.76.0 - Microsoft Corporation) Hidden vs_BlendMsi (HKLM-x32\...\{18640789-304F-40B5-884B-130B4A97D83B}) (Version: 15.0.27005 - Microsoft Corporation) Hidden vs_clickoncebootstrappermsi (HKLM-x32\...\{A68D7884-F036-4A0D-AE1A-410E0311E135}) (Version: 15.0.27005 - Microsoft Corporation) Hidden vs_clickoncebootstrappermsires (HKLM-x32\...\{91DDDFB5-1782-48C2-BA2A-8F4D9DE39D27}) (Version: 15.0.27005 - Microsoft Corporation) Hidden vs_clickoncesigntoolmsi (HKLM-x32\...\{6A1ECF65-2CBF-4B33-9D4A-D1C0A0E5FE45}) (Version: 15.0.27005 - Microsoft Corporation) Hidden vs_communitymsi (HKLM-x32\...\{595F5D63-8773-4182-A1E0-EC9ECF4B6EA4}) (Version: 15.0.27102 - Microsoft Corporation) Hidden vs_communitymsires (HKLM-x32\...\{40040E64-50EB-4FCF-B209-DA0B20821759}) (Version: 15.0.26621 - Microsoft Corporation) Hidden vs_devenvmsi (HKLM-x32\...\{BFFA2FFB-1095-4ADD-A352-368806D2412B}) (Version: 15.0.26621 - Microsoft Corporation) Hidden vs_filehandler_amd64 (HKLM-x32\...\{9414C260-D479-49EB-B0BF-01C1F5076EA0}) (Version: 15.0.27005 - Microsoft Corporation) Hidden vs_filehandler_x86 (HKLM-x32\...\{A57BD1C0-42AD-42F8-AFEB-FAC7E6ABB005}) (Version: 15.0.27005 - Microsoft Corporation) Hidden vs_FileTracker_Singleton (HKLM-x32\...\{70F69B4F-7950-4841-8139-5D0C7EDD2FE6}) (Version: 15.0.27005 - Microsoft Corporation) Hidden vs_minshellinteropmsi (HKLM-x32\...\{231C8ADB-BF59-458E-A909-CFA825F46388}) (Version: 15.0.27102 - Microsoft Corporation) Hidden vs_minshellmsi (HKLM-x32\...\{9CDD69A2-765A-4970-AB6B-595A740C614F}) (Version: 15.0.27019 - Microsoft Corporation) Hidden vs_minshellmsires (HKLM-x32\...\{6DFE6F8D-B61D-4348-AB70-4ABF1210DFD5}) (Version: 15.0.26621 - Microsoft Corporation) Hidden vs_SQLClickOnceBootstrappermsi (HKLM-x32\...\{5779B6DD-604A-41CE-BC3D-9D4BDDA22AD2}) (Version: 15.0.27005 - Microsoft Corporation) Hidden vs_tipsmsi (HKLM-x32\...\{1AC6CC3D-7724-4D84-9270-798A2191AB1C}) (Version: 15.0.27005 - Microsoft Corporation) Hidden WinRAR 5.30 (32-bit) (HKLM-x32\...\WinRAR archiver) (Version: 5.30.0 - win.rar GmbH) Wolfram Extras 11.0 (5597552) (HKLM\...\A-WIN-Extras 11.0.1 5597552_is1) (Version: 11.0.1 - Wolfram Research, Inc.) Wolfram Mathematica 11 (M-WIN-L 11.0.1 5597744) (HKLM\...\M-WIN-L 11.0.1 5597744_is1) (Version: 11.0.1 - Wolfram Research, Inc.) ==================== Custom CLSID (Whitelisted): ========================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) ShellIconOverlayIdentifiers: [ DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.26.0.dll [2018-12-13] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.26.0.dll [2018-12-13] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.26.0.dll [2018-12-13] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.26.0.dll [2018-12-13] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.26.0.dll [2018-12-13] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.26.0.dll [2018-12-13] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.26.0.dll [2018-12-13] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.26.0.dll [2018-12-13] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.26.0.dll [2018-12-13] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.26.0.dll [2018-12-13] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [00avg] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File ShellIconOverlayIdentifiers-x32: [ DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.26.0.dll [2018-12-13] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.26.0.dll [2018-12-13] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.26.0.dll [2018-12-13] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.26.0.dll [2018-12-13] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.26.0.dll [2018-12-13] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.26.0.dll [2018-12-13] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.26.0.dll [2018-12-13] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.26.0.dll [2018-12-13] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.26.0.dll [2018-12-13] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.26.0.dll [2018-12-13] (Dropbox, Inc.) ContextMenuHandlers1: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.26.0.dll [2018-12-13] (Dropbox, Inc.) ContextMenuHandlers1: [duba_64bit] -> {DDEA5705-1BB0-4C03-AC1E-8FF9716A0D51} => -> No File ContextMenuHandlers1: [PhotoStreamsExt] -> {89D984B3-813B-406A-8298-118AFA3A22AE} => C:\Program Files\Common Files\Apple\Internet Services\ShellStreams64.dll [2016-04-22] (Apple Inc.) ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext64.dll [2015-11-18] (Alexander Roshal) ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext.dll [2015-11-18] (Alexander Roshal) ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2018-03-27] (Malwarebytes) ContextMenuHandlers4: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.26.0.dll [2018-12-13] (Dropbox, Inc.) ContextMenuHandlers4: [duba_64bit] -> {DDEA5705-1BB0-4C03-AC1E-8FF9716A0D51} => -> No File ContextMenuHandlers5: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.26.0.dll [2018-12-13] (Dropbox, Inc.) ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\system32\igfxDTCM.dll [2015-10-19] (Intel Corporation) ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\system32\nvshext.dll [2016-12-29] (NVIDIA Corporation) ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2018-03-27] (Malwarebytes) ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext64.dll [2015-11-18] (Alexander Roshal) ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext.dll [2015-11-18] (Alexander Roshal) ==================== Scheduled Tasks (Whitelisted) ============= (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) Task: {09736D51-9195-4327-AEA6-3B4D6FD476E7} - System32\Tasks\DropboxUpdateTaskMachineCore => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2016-11-23] (Dropbox, Inc.) Task: {0C7453DA-BE97-45BF-A888-0D063EACBEC9} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1812.3-0\MpCmdRun.exe [2018-12-12] (Microsoft Corporation) Task: {29233680-9855-4A1C-AAD8-A044AC8A9D62} - System32\Tasks\{E458A8F8-2C99-4B13-B268-DF24C1AB04A8} => C:\WINDOWS\system32\pcalua.exe -a C:\Users\igaki\AppData\Roaming\Gameo\uninstall.exe Task: {2B7B864C-B6EF-4523-8CFC-1D00E3A1316F} - System32\Tasks\{31DDBD37-5DB7-4030-8064-10B0CAA806C3} => C:\Program Files\COMODO\COMODO Internet Security\cistray.exe Task: {2C540557-E689-4663-ACC8-B285F4D0086F} - System32\Tasks\COMODO\COMODO Signature Update {B9D5C6F9-17D2-4917-8BD0-614BAA1C6A59} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe Task: {33069158-EEE5-482E-B736-05F2CD493F14} - System32\Tasks\AdobeGCInvoker-1.0-DESKTOP-6E78KM4-IGA => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [2018-12-13] (Adobe Systems, Incorporated) Task: {560741D7-E868-48E4-94ED-98D6AB88EF88} - System32\Tasks\COMODO\COMODO Scan {F140D794-60B6-4F00-9235-D6457AA25B22} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe Task: {5A692812-8241-43B3-AF2A-7E3BD9415458} - System32\Tasks\COMODO\COMODO Update {A6D52E4F-569B-4756-B3D8-DF217313DA85} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe Task: {65B85F6F-35B3-4459-A179-28255D5B7B25} - System32\Tasks\Microsoft\Windows\HelloFace\FODCleanupTask => C:\WINDOWS\System32\WinBioPlugIns\FaceFodUninstaller.exe [2018-04-12] () Task: {7C3135CD-7DC8-4C36-9D1A-C980F8FCB3B2} - \Microsoft\Windows\UNP\RunCampaignManager -> No File <==== ATTENTION Task: {88781C5B-DC48-4082-BBCC-4D7AC952B615} - System32\Tasks\COMODO\COMODO Autostart {D5EFF3B3-E126-4AF6-BCE9-852A72129E10} => C:\Program Files\COMODO\COMODO Internet Security\cistray.exe Task: {98F9A75B-EB07-409D-827B-483B2F14706F} - System32\Tasks\DropboxUpdateTaskMachineUA => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2016-11-23] (Dropbox, Inc.) Task: {A27E9E26-871A-44B4-8442-5AFAA37C849D} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1812.3-0\MpCmdRun.exe [2018-12-12] (Microsoft Corporation) Task: {A542CC36-1611-4C25-B456-6AA41299ECDB} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-10] (Google Inc.) Task: {B4096156-3E85-417B-8DDA-AEFACC50BF6E} - System32\Tasks\COMODO\COMODO Cache Builder {0FB77674-7905-4F34-A362-C5A9A26F8CF9} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe Task: {BE2D97B2-88D2-4431-9D8D-590963BF8999} - System32\Tasks\{87855085-4255-4F05-8348-1C8B046075C5} => "c:\program files (x86)\mozilla firefox\firefox.exe" hxxp://ui.skype.com/ui/0/7.8.0.102/pl/abandoninstall?page=tsProgressBar Task: {C2BEB9AB-5D50-414D-911A-9B8AF09D1011} - System32\Tasks\{29B98381-3A46-4484-8306-829DA81ED926} => "c:\program files (x86)\google\chrome\application\chrome.exe" hxxps://ui.skype.com/ui/0/7.32.0.104/pl/abandoninstall?page=tsProgressBar Task: {CFC9A445-55C8-4453-80FD-6AE96EDBD9CD} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-10] (Google Inc.) Task: {E8C450B4-A9B0-4B1B-8845-091551FDDF00} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1812.3-0\MpCmdRun.exe [2018-12-12] (Microsoft Corporation) Task: {E9D3E60C-6CA3-48D8-84F1-81C1DB41BCEE} - System32\Tasks\AdobeAAMUpdater-1.0-MicrosoftAccount-iga.kisielewska@gmail.com => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2015-05-25] (Adobe Systems Incorporated) Task: {F1622C0C-46EA-4DBF-8D70-6C8502FE3AD3} - System32\Tasks\HPCustParticipation HP Deskjet 2540 series => C:\Program Files\HP\HP Deskjet 2540 series\Bin\HPCustPartic.exe [2016-12-14] (Hewlett-Packard Co.) Task: {F9F02F25-4D25-4A73-8641-B769F1E07B4E} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1812.3-0\MpCmdRun.exe [2018-12-12] (Microsoft Corporation) (If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.) Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe ==================== Shortcuts & WMI ======================== (The entries could be listed to be restored or removed.) ==================== Loaded Modules (Whitelisted) ============== 2018-05-11 09:21 - 2018-03-12 14:09 - 002300192 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\SelfProtectionSdk.dll 2017-03-16 15:08 - 2017-03-16 15:08 - 000092472 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll 2017-03-16 15:08 - 2017-03-16 15:08 - 001354040 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll 2018-04-12 00:34 - 2018-04-12 00:34 - 000491744 _____ () C:\Windows\System32\InputHost.dll 2018-04-12 00:34 - 2018-04-12 00:34 - 000472064 _____ () C:\Windows\ShellExperiences\TileControl.dll 2018-12-12 08:56 - 2018-11-09 03:17 - 002759680 _____ () C:\Windows\ShellComponents\TaskFlowUI.dll 2018-12-20 15:14 - 2018-12-14 07:50 - 002185728 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll 2018-12-14 10:28 - 2018-12-14 11:21 - 000182272 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.36.52.0_x64__kzf8qxf38zg5c\SkypeBackgroundHost.exe 2018-10-04 07:22 - 2018-10-04 07:22 - 000009216 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.36.52.0_x64__kzf8qxf38zg5c\ImagePipelineNative.dll 2018-12-14 10:28 - 2018-12-14 10:28 - 000060416 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.36.52.0_x64__kzf8qxf38zg5c\ChakraBridge.dll 2018-07-11 08:31 - 2018-07-11 08:31 - 001922224 _____ () C:\Program Files\WindowsApps\Microsoft.MicrosoftOfficeHub_17.10314.31700.1000_x64__8wekyb3d8bbwe\Microsoft.Applications.Telemetry.Windows.dll 2018-12-18 20:12 - 2018-12-12 06:11 - 005237216 _____ () C:\Program Files (x86)\Google\Chrome\Application\71.0.3578.98\libglesv2.dll 2018-12-18 20:12 - 2018-12-12 06:11 - 000117216 _____ () C:\Program Files (x86)\Google\Chrome\Application\71.0.3578.98\libegl.dll 2014-12-04 13:37 - 2013-10-01 10:09 - 000078880 _____ () C:\Program Files\Realtek\Audio\HDA\FMAPP.exe 2017-03-16 15:09 - 2017-03-16 15:09 - 001041720 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll 2017-03-16 15:09 - 2017-03-16 15:09 - 000080184 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll 2017-03-16 15:08 - 2017-03-16 15:08 - 000189752 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxslt.dll ==================== Alternate Data Streams (Whitelisted) ========= (If an entry is included in the fixlist, only the ADS will be removed.) AlternateDataStreams: C:\WINDOWS\NvContainerRecovery.bat:$CmdTcID [130] AlternateDataStreams: C:\WINDOWS\system32\cdpreference.exe:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\common_clang64.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\difx64.exe:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\DPTopologyApp.exe:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\DPTopologyAppv2_0.exe:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\GfxResources.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\GfxUIEx.exe:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\Gfxv2_0.exe:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\Gfxv4_0.exe:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\ig8icd64.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\igc64.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\igd10idpp64.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\igd10iumd64.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\igd11dxva64.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\igd12umd64.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\igdail64.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\igdbcl64.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\igdde64.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\igdfcl64.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\igdmcl64.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\igdmd64.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\igdrcl64.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\igdumdim64.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\igdusc64.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\igfx11cmrt64.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\igfxcmjit64.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\igfxcmrt64.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\igfxCoIn_v4248.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\igfxCPL.cpl:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\igfxCUIService.exe:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\igfxCUIServicePS.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\igfxDH.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\igfxDHLib.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\igfxDHLibv2_0.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\igfxDI.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\igfxDILib.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\igfxDILibv2_0.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\igfxDTCM.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\igfxEM.exe:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\igfxEMLib.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\igfxEMLibv2_0.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\igfxexps.dll:$CmdTcID [130] AlternateDataStreams: C:\WINDOWS\system32\igfxext.exe:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\igfxHK.exe:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\igfxLHM.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\igfxLHMLib.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\igfxLHMLibv2_0.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\igfxOSP.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\igfxSDK.exe:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\igfxSDKLib.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\igfxSDKLibv2_0.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\igfxTray.exe:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\iglhcp64.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\iglhsip64.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\IntelCpHDCPSvc.exe:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\IntelOpenCL64.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\IntelWiDiLogServer64.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\IntelWiDiMCComp64.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\IntelWiDiUMS64.exe:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\IntelWiDiUtils64.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\Intel_OpenCL_ICD64.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\MetroIntelGenericUIFramework.dll:$CmdTcID [130] AlternateDataStreams: C:\WINDOWS\system32\nvapi64.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\nvcompiler.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\nvcuda.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\nvcuvid.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\nvdispco6437654.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\nvdispgenco6437654.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\nvEncMFTH264.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\nvEncodeAPI64.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\nvfatbinaryLoader.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\NvFBC64.dll:$CmdTcID [130] AlternateDataStreams: C:\WINDOWS\system32\NvIFR64.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\NvIFROpenGL.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\nvoglv64.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\nvopencl.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\nvptxJitCompiler.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\OpenCL.DLL:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\WinUSBCoInstaller.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\WUDFUpdate_01009.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\ZuneCoInst.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\ZuneMTPZ.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\ZuneNetProxy.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\ZunePTDNS.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\ZuneRegUtil.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\ZuneTcp2Udp.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\ZuneUsbTransport.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\SysWOW64\common_clang32.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\SysWOW64\ig8icd32.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\SysWOW64\igc32.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\SysWOW64\igd10idpp32.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\SysWOW64\igd10iumd32.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\SysWOW64\igd11dxva32.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\SysWOW64\igd12umd32.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\SysWOW64\igdail32.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\SysWOW64\igdbcl32.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\SysWOW64\igdde32.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\SysWOW64\igdfcl32.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\SysWOW64\igdmcl32.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\SysWOW64\igdmd32.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\SysWOW64\igdrcl32.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\SysWOW64\igdumdim32.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\SysWOW64\igdusc32.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\SysWOW64\igfx11cmrt32.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\SysWOW64\igfxcmjit32.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\SysWOW64\igfxcmrt32.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\SysWOW64\igfxexps32.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\SysWOW64\iglhcp32.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\SysWOW64\iglhsip32.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\SysWOW64\IntelCpHeciSvc.exe:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\SysWOW64\IntelOpenCL32.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\SysWOW64\Intel_OpenCL_ICD32.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\SysWOW64\nvapi.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\SysWOW64\nvcompiler.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\SysWOW64\nvcuda.dll:$CmdTcID [130] AlternateDataStreams: C:\WINDOWS\SysWOW64\nvcuvid.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\SysWOW64\nvEncMFTH264.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\SysWOW64\nvEncodeAPI.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\SysWOW64\nvfatbinaryLoader.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\SysWOW64\NvFBC.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\SysWOW64\NvIFR.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\SysWOW64\NvIFROpenGL.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\SysWOW64\nvoglv32.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\SysWOW64\nvopencl.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\SysWOW64\nvptxJitCompiler.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\SysWOW64\OpenCL.DLL:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\Drivers\igdkmd64.sys:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\Drivers\ssadbus.sys:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\Drivers\ssadcm.sys:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\Drivers\ssadcmnt.sys:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\Drivers\ssadmdfl.sys:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\Drivers\ssadmdm.sys:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\Drivers\ssadserd.sys:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\Drivers\ssadwh.sys:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\Drivers\ssadwhnt.sys:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\Drivers\wdcsam64.sys:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\System32\Tasks\AdobeAAMUpdater-1.0-MicrosoftAccount-iga.kisielewska@gmail.com:$CmdTcID [64] AlternateDataStreams: C:\Users\igaki\edb_apachephp.exe:$CmdTcID [64] AlternateDataStreams: C:\Users\igaki\edb_pgjdbc.exe:$CmdTcID [64] AlternateDataStreams: C:\Users\igaki\Documents\owoce.mp4:$CmdZnID [26] ==================== Safe Mode (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.) ==================== Association (Whitelisted) =============== (If an entry is included in the fixlist, the registry item will be restored to default or removed.) ==================== Internet Explorer trusted/restricted =============== (If an entry is included in the fixlist, it will be removed from the registry.) ==================== Hosts content: =============================== (If needed Hosts: directive could be included in the fixlist to reset Hosts.) 2015-08-09 16:50 - 2017-03-30 17:48 - 000000824 _____ C:\WINDOWS\system32\Drivers\etc\hosts ==================== Other Areas ============================ (Currently there is no automatic fix for this section.) HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path: C:\Program Files (x86)\Common Files\Oracle\Java\javapath;C:\ProgramData\Oracle\Java\javapath;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\Skype\Phone\;C:\TDM-GCC-64\bin;%SYSTEMROOT%\System32\OpenSSH\ HKU\S-1-5-21-913247424-1415060799-534011615-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\igaki\Desktop\IGA\javier.jpg DNS Servers: 192.168.1.1 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1) HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: Off) Windows Firewall is enabled. ==================== MSCONFIG/TASK MANAGER disabled items == If an entry is included in the fixlist, it will be removed. HKLM\...\StartupApproved\Run32: => "Dropbox" HKU\S-1-5-21-913247424-1415060799-534011615-1001\...\StartupApproved\Run: => "OneDrive" ==================== FirewallRules (Whitelisted) =============== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) FirewallRules: [{41D77660-AD88-4680-8619-513B5DCEB479}] => (Allow) C:\Program Files\The Sims 4\Game\Bin\TS4_x64.exe (Electronic Arts Inc.) FirewallRules: [{F66C498A-D862-4B0F-943E-A731F9EE7077}] => (Allow) C:\Program Files\The Sims 4\Game\Bin\TS4_x64.exe (Electronic Arts Inc.) FirewallRules: [{DA4A3FC7-2F3E-46EE-A568-2F17FC708EB4}] => (Allow) C:\Program Files\The Sims 4\Game\Bin\TS4.exe (Electronic Arts Inc.) FirewallRules: [{9637A5A9-05ED-46AB-BD4B-276F8B57EFEE}] => (Allow) C:\Program Files\The Sims 4\Game\Bin\TS4.exe (Electronic Arts Inc.) FirewallRules: [{FF877813-E130-4F4C-BDCF-05AEBF3BFAE6}] => (Allow) C:\Users\igaki\Desktop\Simsiki\The.Sims.4.Cats.and.Dogs.v1.36.102.1020.MULTI.17\The Sims 4 Cats & Dogs v1.36.102.1023\Game\Bin\TS4_x64.exe No File FirewallRules: [{05ED5514-B945-47AE-AA1E-CB2F7FE8ACD7}] => (Allow) C:\Users\igaki\Desktop\Simsiki\The.Sims.4.Cats.and.Dogs.v1.36.102.1020.MULTI.17\The Sims 4 Cats & Dogs v1.36.102.1023\Game\Bin\TS4_x64.exe No File FirewallRules: [{F838D0A4-6F38-47F4-959D-C1E178B017B8}] => (Allow) C:\Users\igaki\Desktop\Simsiki\The.Sims.4.Cats.and.Dogs.v1.36.102.1020.MULTI.17\The Sims 4 Cats & Dogs v1.36.102.1023\Game\Bin\TS4.exe No File FirewallRules: [{BB116FA4-4388-487A-A698-3967DC4335C6}] => (Allow) C:\Users\igaki\Desktop\Simsiki\The.Sims.4.Cats.and.Dogs.v1.36.102.1020.MULTI.17\The Sims 4 Cats & Dogs v1.36.102.1023\Game\Bin\TS4.exe No File FirewallRules: [{A340EB04-6578-42C4-9712-337ACCF10B2C}] => (Allow) C:\Program Files (x86)\The Sims 4\Game\Bin\TS4.exe No File FirewallRules: [{3EDC5E1B-BDEC-4449-B268-E1A0ED2041F1}] => (Allow) C:\Program Files (x86)\The Sims 4\Game\Bin\TS4.exe No File FirewallRules: [{784B2277-B0D8-46DC-BEFD-D0B685D731EC}] => (Allow) C:\Users\igaki\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc.) FirewallRules: [{AA86E9CD-1121-4EEE-9B61-A2CA6632AE1A}] => (Allow) C:\Users\igaki\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc.) FirewallRules: [{90FBA49A-1E21-4C4E-928A-ECE3CAC9A634}] => (Allow) C:\Users\igaki\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc.) FirewallRules: [{6E357991-EF92-425C-A3C8-2E88E4175672}] => (Allow) C:\Users\igaki\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc.) FirewallRules: [{A3151757-F682-41BE-8070-2869776CDB4A}] => (Allow) C:\Users\igaki\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc.) FirewallRules: [{292FA5E8-4943-44E3-A3C8-0C8799294D28}] => (Allow) C:\Users\igaki\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc.) FirewallRules: [{224DC1B1-218D-4344-AFFF-D0CAF0A47981}] => (Allow) C:\Program Files (x86)\Firefox\Firefox.exe No File FirewallRules: [{3AB6ABC8-463C-4EA7-A7FF-B86DC738740A}] => (Block) C:\program files (x86)\dearmob\5kplayer\5kplayer.exe No File FirewallRules: [{228BADFE-506F-40B0-80CA-7CB38FE8E313}] => (Block) C:\program files (x86)\dearmob\5kplayer\5kplayer.exe No File FirewallRules: [UDP Query User{FF6071D7-26A6-4EBA-BE3D-3A2B513D9DFE}C:\program files (x86)\dearmob\5kplayer\5kplayer.exe] => (Allow) C:\program files (x86)\dearmob\5kplayer\5kplayer.exe No File FirewallRules: [TCP Query User{3D4D42A9-8C0D-4F4D-AD04-0318AFBE96E7}C:\program files (x86)\dearmob\5kplayer\5kplayer.exe] => (Allow) C:\program files (x86)\dearmob\5kplayer\5kplayer.exe No File FirewallRules: [{E5BDF580-A378-4BEE-9321-325D82E2F614}] => (Allow) C:\Program Files (x86)\FormatFactory\FFModules\Encoder\Doc\EBookCodec.exe No File FirewallRules: [{1E9B3C5D-FAF9-4C5A-9735-58ACED768AB1}] => (Allow) C:\Program Files (x86)\FormatFactory\FormatFactory.exe No File FirewallRules: [{12239A9D-12CD-408B-9BD7-2012BF65710E}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe No File FirewallRules: [{3E622CE5-5E8B-4C5D-8D7C-57460FA5170E}] => (Block) %ProgramFiles%\Adobe\Adobe Photoshop CC 2015\Photoshop.exe No File FirewallRules: [{8271D1CD-D1A9-4CD7-AD07-B3C381875F52}] => (Allow) C:\Users\igaki\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc.) FirewallRules: [{78911D23-B6A5-4788-B896-A8BE3B045FA9}] => (Allow) C:\Users\igaki\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc.) FirewallRules: [{ADC9B29B-ABEE-49FF-8AB7-417504114A27}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe No File FirewallRules: [{F0450D85-B3E4-4CE8-B593-5631EA62D2F0}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe No File FirewallRules: [UDP Query User{3443CF58-9EA6-43D3-BC62-654247B2347C}C:\users\igaki\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\igaki\appdata\roaming\spotify\spotify.exe (Spotify Ltd) FirewallRules: [TCP Query User{9624053B-A11F-43DF-99CE-F656ED402E20}C:\users\igaki\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\igaki\appdata\roaming\spotify\spotify.exe (Spotify Ltd) FirewallRules: [{10EEBD84-8D2B-443A-ADF7-A8926FD07C55}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe (Skype Technologies S.A.) FirewallRules: [{61A061A9-4FD2-4512-97BF-0131B7CE445D}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe No File FirewallRules: [{6C635AFF-4A4F-4CDF-90EF-92B6196CB1E1}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe No File FirewallRules: [TCP Query User{CB8B8AD9-7F21-4FE1-94B2-3A499C397C9B}C:\users\igaki\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\igaki\appdata\roaming\spotify\spotify.exe (Spotify Ltd) FirewallRules: [UDP Query User{02FF4E62-9FCE-444C-B230-621332BC309C}C:\users\igaki\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\igaki\appdata\roaming\spotify\spotify.exe (Spotify Ltd) FirewallRules: [{E47C02CC-A2E7-4437-9119-0282035F8632}] => (Allow) C:\Program Files\HP\HP Deskjet 2540 series\Bin\DeviceSetup.exe (Hewlett-Packard Co.) FirewallRules: [{A70832DF-207B-4FFF-B63C-8702C6BF02F9}] => (Allow) LPort=5357 FirewallRules: [{F457B9CC-18E5-40A4-9A7C-A334D65D122B}] => (Allow) C:\Program Files\HP\HP Deskjet 2540 series\Bin\HPNetworkCommunicatorCom.exe (Hewlett-Packard Co.) FirewallRules: [TCP Query User{6596D7A2-0ADE-4572-8F80-5F392A4B0274}C:\program files (x86)\postgresql\enterprisedb-apachephp\apache\bin\httpd.exe] => (Allow) C:\program files (x86)\postgresql\enterprisedb-apachephp\apache\bin\httpd.exe No File FirewallRules: [UDP Query User{94E32B9B-D2DB-4319-8B47-0B2DB6EB04D5}C:\program files (x86)\postgresql\enterprisedb-apachephp\apache\bin\httpd.exe] => (Allow) C:\program files (x86)\postgresql\enterprisedb-apachephp\apache\bin\httpd.exe No File FirewallRules: [TCP Query User{B5632B69-34FE-4DC5-AC5D-23702F4DEF3E}C:\users\igaki\appdata\local\temp\kmsnano\qemu-system-i386.exe] => (Block) C:\users\igaki\appdata\local\temp\kmsnano\qemu-system-i386.exe No File FirewallRules: [UDP Query User{EF180890-4E04-4305-90E7-2886AA559854}C:\users\igaki\appdata\local\temp\kmsnano\qemu-system-i386.exe] => (Block) C:\users\igaki\appdata\local\temp\kmsnano\qemu-system-i386.exe No File FirewallRules: [{F01D8702-74D4-4D14-B29E-D626C89C882D}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe No File FirewallRules: [{D0D63A36-57F0-49C2-86A6-3FD21E027BBF}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe No File FirewallRules: [{08920515-72AB-45A0-B109-0F35E54365E0}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe No File FirewallRules: [{F66E9EA0-75AF-4948-97D1-426B84FA6406}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe No File FirewallRules: [{DFC16435-EBFC-4306-AE80-9F2BA2CC85A5}] => (Allow) C:\Program Files\Wolfram Research\Mathematica\11.0\Mathematica.exe (Wolfram Research, Inc.) FirewallRules: [{7F67B69C-7E9D-44E8-8D57-D1EC771A8ED4}] => (Allow) C:\Program Files\Wolfram Research\Mathematica\11.0\Mathematica.exe (Wolfram Research, Inc.) FirewallRules: [{900C0CB5-4C7C-46EE-8FBF-BD969643E3E9}] => (Allow) C:\Program Files\Wolfram Research\Mathematica\11.0\MathKernel.exe (Wolfram Research, Inc.) FirewallRules: [{63BE5DB8-A930-4396-9C33-A1D2FE83157B}] => (Allow) C:\Program Files\Wolfram Research\Mathematica\11.0\MathKernel.exe (Wolfram Research, Inc.) FirewallRules: [{A1FB1A3E-A56A-4E41-AF0D-F51ED9232B03}] => (Allow) C:\Program Files\Wolfram Research\Mathematica\11.0\math.exe (Wolfram Research, Inc.) FirewallRules: [{E2414CB2-A387-4448-B0A1-3B9E78A55285}] => (Allow) C:\Program Files\Wolfram Research\Mathematica\11.0\math.exe (Wolfram Research, Inc.) FirewallRules: [{4A5B1284-8339-453B-B59A-70EAF51916E1}] => (Allow) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe (Dropbox, Inc.) FirewallRules: [{D14085F1-15D0-4505-BD72-E09B367C05B4}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) ==================== Restore Points ========================= 09-12-2018 10:41:19 Windows Modules Installer 10-12-2018 20:42:02 Windows Modules Installer 20-12-2018 15:11:45 Windows Update ==================== Faulty Device Manager Devices ============= ==================== Event log errors: ========================= Application errors: ================== Error: (01/05/2019 05:42:19 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Nazwa aplikacji powodującej błąd: SoundMixer.exe, wersja: 2.6.0.0, sygnatura czasowa: 0x5bbf2e60 Nazwa modułu powodującego błąd: unknown, wersja: 0.0.0.0, sygnatura czasowa: 0x00000000 Kod wyjątku: 0xc0000005 Przesunięcie błędu: 0x00000000003b8516 Identyfikator procesu powodującego błąd: 0xec4 Godzina uruchomienia aplikacji powodującej błąd: 0x01d4a5159604b5f7 Ścieżka aplikacji powodującej błąd: C:\Users\igaki\AppData\Roaming\Microsoft\SoundMixer\SoundMixer.exe Ścieżka modułu powodującego błąd: unknown Identyfikator raportu: 6219e10e-54c1-4c99-96ce-b10d405cb13c Pełna nazwa pakietu powodującego błąd: Identyfikator aplikacji względem pakietu powodującego błąd: Error: (01/05/2019 05:34:36 PM) (Source: VSS) (EventID: 8193) (User: ) Description: Błąd Usługi kopiowania woluminów w tle: nieoczekiwany błąd podczas wywoływania procedury QueryFullProcessImageNameW. hr = 0x80070006, The handle is invalid. . Operation: Executing Asynchronous Operation Context: Current State: DoSnapshotSet Error: (12/20/2018 06:09:23 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Nazwa aplikacji powodującej błąd: SoundMixer.exe, wersja: 2.6.0.0, sygnatura czasowa: 0x5bbf2e60 Nazwa modułu powodującego błąd: unknown, wersja: 0.0.0.0, sygnatura czasowa: 0x00000000 Kod wyjątku: 0xc0000005 Przesunięcie błędu: 0x00000000003b8516 Identyfikator procesu powodującego błąd: 0x1b30 Godzina uruchomienia aplikacji powodującej błąd: 0x01d49886ba6f3b12 Ścieżka aplikacji powodującej błąd: C:\Users\igaki\AppData\Roaming\Microsoft\SoundMixer\SoundMixer.exe Ścieżka modułu powodującego błąd: unknown Identyfikator raportu: 31e894e1-1e53-4aac-8d38-4b57e8a175c6 Pełna nazwa pakietu powodującego błąd: Identyfikator aplikacji względem pakietu powodującego błąd: Error: (12/14/2018 10:26:24 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Nazwa aplikacji powodującej błąd: AppleMobileDeviceService.exe, wersja: 17.374.913.1, sygnatura czasowa: 0x54dd6d21 Nazwa modułu powodującego błąd: CoreFoundation.dll, wersja: 1.750.33.0, sygnatura czasowa: 0x58a514d8 Kod wyjątku: 0xc0000005 Przesunięcie błędu: 0x000000000007f085 Identyfikator procesu powodującego błąd: 0xc60 Godzina uruchomienia aplikacji powodującej błąd: 0x01d49256eeb820be Ścieżka aplikacji powodującej błąd: C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe Ścieżka modułu powodującego błąd: C:\Program Files\Common Files\Apple\Apple Application Support\CoreFoundation.dll Identyfikator raportu: 3f47cd12-2757-4b2a-99c5-8a2b85844ca1 Pełna nazwa pakietu powodującego błąd: Identyfikator aplikacji względem pakietu powodującego błąd: Error: (12/12/2018 09:14:51 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Nazwa aplikacji powodującej błąd: SoundMixer.exe, wersja: 2.6.0.0, sygnatura czasowa: 0x5bbf2e60 Nazwa modułu powodującego błąd: unknown, wersja: 0.0.0.0, sygnatura czasowa: 0x00000000 Kod wyjątku: 0xc0000005 Przesunięcie błędu: 0x00000000003b8516 Identyfikator procesu powodującego błąd: 0x19e8 Godzina uruchomienia aplikacji powodującej błąd: 0x01d49257526261a6 Ścieżka aplikacji powodującej błąd: C:\Users\igaki\AppData\Roaming\Microsoft\SoundMixer\SoundMixer.exe Ścieżka modułu powodującego błąd: unknown Identyfikator raportu: 6da1558a-70a0-4084-9a98-29f4a8e866b1 Pełna nazwa pakietu powodującego błąd: Identyfikator aplikacji względem pakietu powodującego błąd: Error: (12/09/2018 10:31:56 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Nazwa aplikacji powodującej błąd: Explorer.EXE, wersja: 10.0.17134.165, sygnatura czasowa: 0x4031a9f8 Nazwa modułu powodującego błąd: ntdll.dll, wersja: 10.0.17134.376, sygnatura czasowa: 0x60d78cf9 Kod wyjątku: 0xc0000409 Przesunięcie błędu: 0x000000000008a94f Identyfikator procesu powodującego błąd: 0xbd4 Godzina uruchomienia aplikacji powodującej błąd: 0x01d487e9725b28b9 Ścieżka aplikacji powodującej błąd: C:\WINDOWS\Explorer.EXE Ścieżka modułu powodującego błąd: C:\WINDOWS\SYSTEM32\ntdll.dll Identyfikator raportu: e7e4ad49-7c73-48fb-b783-51b108c6f146 Pełna nazwa pakietu powodującego błąd: Identyfikator aplikacji względem pakietu powodującego błąd: Error: (11/29/2018 02:43:45 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Nazwa aplikacji powodującej błąd: SoundMixer.exe, wersja: 2.6.0.0, sygnatura czasowa: 0x5bbf2e60 Nazwa modułu powodującego błąd: unknown, wersja: 0.0.0.0, sygnatura czasowa: 0x00000000 Kod wyjątku: 0xc0000005 Przesunięcie błędu: 0x00000000003b8516 Identyfikator procesu powodującego błąd: 0x15b4 Godzina uruchomienia aplikacji powodującej błąd: 0x01d487e98838c952 Ścieżka aplikacji powodującej błąd: C:\Users\igaki\AppData\Roaming\Microsoft\SoundMixer\SoundMixer.exe Ścieżka modułu powodującego błąd: unknown Identyfikator raportu: d78df5e2-4404-4515-bb44-caf405537a73 Pełna nazwa pakietu powodującego błąd: Identyfikator aplikacji względem pakietu powodującego błąd: Error: (11/24/2018 02:48:48 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Nazwa aplikacji powodującej błąd: AppleMobileDeviceService.exe, wersja: 17.374.913.1, sygnatura czasowa: 0x54dd6d21 Nazwa modułu powodującego błąd: unknown, wersja: 0.0.0.0, sygnatura czasowa: 0x00000000 Kod wyjątku: 0xc0000005 Przesunięcie błędu: 0x0000000000000000 Identyfikator procesu powodującego błąd: 0xc38 Godzina uruchomienia aplikacji powodującej błąd: 0x01d48335e2cac040 Ścieżka aplikacji powodującej błąd: C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe Ścieżka modułu powodującego błąd: unknown Identyfikator raportu: 6241accd-fbfb-444f-8428-e44de35d1ec7 Pełna nazwa pakietu powodującego błąd: Identyfikator aplikacji względem pakietu powodującego błąd: System errors: ============= Error: (01/05/2019 05:59:15 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY) Description: Zgodnie z ustawieniami uprawnienia application-specific nie jest udzielane uprawnienie Local Activation do aplikacji serwera COM z identyfikatorem klasy CLSID {D63B10C5-BB46-4990-A94F-E40B9D520160} i identyfikatorem aplikacji APPID {9CA88EE3-ACB7-47C8-AFC4-AB702511C276} użytkownikowi NT AUTHORITY\LOCAL SERVICE o identyfikatorze zabezpieczeń SID (S-1-5-19) z adresu LocalHost (Using LRPC) działającemu w kontenerze aplikacji o identyfikatorze SID Unavailable (Unavailable). To uprawnienie zabezpieczeń można modyfikować przy użyciu narzędzia administracyjnego Usługi składowe. Error: (01/05/2019 05:47:23 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY) Description: Zgodnie z ustawieniami uprawnienia application-specific nie jest udzielane uprawnienie Local Launch do aplikacji serwera COM z identyfikatorem klasy CLSID Windows.SecurityCenter.WscBrokerManager i identyfikatorem aplikacji APPID Unavailable użytkownikowi NT AUTHORITY\SYSTEM o identyfikatorze zabezpieczeń SID (S-1-5-18) z adresu LocalHost (Using LRPC) działającemu w kontenerze aplikacji o identyfikatorze SID Unavailable (Unavailable). To uprawnienie zabezpieczeń można modyfikować przy użyciu narzędzia administracyjnego Usługi składowe. Error: (01/05/2019 05:45:06 PM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-6E78KM4) Description: Zgodnie z ustawieniami uprawnienia application-specific nie jest udzielane uprawnienie Local Activation do aplikacji serwera COM z identyfikatorem klasy CLSID {D63B10C5-BB46-4990-A94F-E40B9D520160} i identyfikatorem aplikacji APPID {9CA88EE3-ACB7-47C8-AFC4-AB702511C276} użytkownikowi DESKTOP-6E78KM4\IGA o identyfikatorze zabezpieczeń SID (S-1-5-21-913247424-1415060799-534011615-1001) z adresu LocalHost (Using LRPC) działającemu w kontenerze aplikacji o identyfikatorze SID Unavailable (Unavailable). To uprawnienie zabezpieczeń można modyfikować przy użyciu narzędzia administracyjnego Usługi składowe. Error: (01/05/2019 05:44:19 PM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-6E78KM4) Description: Zgodnie z ustawieniami uprawnienia application-specific nie jest udzielane uprawnienie Local Activation do aplikacji serwera COM z identyfikatorem klasy CLSID {D63B10C5-BB46-4990-A94F-E40B9D520160} i identyfikatorem aplikacji APPID {9CA88EE3-ACB7-47C8-AFC4-AB702511C276} użytkownikowi DESKTOP-6E78KM4\IGA o identyfikatorze zabezpieczeń SID (S-1-5-21-913247424-1415060799-534011615-1001) z adresu LocalHost (Using LRPC) działającemu w kontenerze aplikacji o identyfikatorze SID Unavailable (Unavailable). To uprawnienie zabezpieczeń można modyfikować przy użyciu narzędzia administracyjnego Usługi składowe. Error: (01/05/2019 05:41:50 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY) Description: Zgodnie z ustawieniami uprawnienia application-specific nie jest udzielane uprawnienie Local Activation do aplikacji serwera COM z identyfikatorem klasy CLSID {D63B10C5-BB46-4990-A94F-E40B9D520160} i identyfikatorem aplikacji APPID {9CA88EE3-ACB7-47C8-AFC4-AB702511C276} użytkownikowi NT AUTHORITY\LOCAL SERVICE o identyfikatorze zabezpieczeń SID (S-1-5-19) z adresu LocalHost (Using LRPC) działającemu w kontenerze aplikacji o identyfikatorze SID Unavailable (Unavailable). To uprawnienie zabezpieczeń można modyfikować przy użyciu narzędzia administracyjnego Usługi składowe. Error: (01/05/2019 05:39:21 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Nie można uruchomić usługi Apple Mobile Device Service z powodu następującego błędu: Nośnik jest zabezpieczony przed zapisem. Error: (01/05/2019 05:39:12 PM) (Source: Service Control Manager) (EventID: 7011) (User: ) Description: Upłynął limit czasu (30000 ms) podczas oczekiwania na odpowiedź transakcji z usługi MBAMService. Error: (01/05/2019 05:38:21 PM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: Usługa Apple Mobile Device Service niespodziewanie zakończyła pracę. Wystąpiło to razy: 1. W przeciągu 60000 milisekund zostanie podjęta następująca czynność korekcyjna: Restart the service. ==================== Memory info =========================== Processor: Intel(R) Core(TM) i5-5200U CPU @ 2.20GHz Percentage of memory in use: 34% Total physical RAM: 8106.33 MB Available physical RAM: 5332.47 MB Total Virtual: 9386.33 MB Available Virtual: 6765.79 MB ==================== Drives ================================ Drive c: (Acer) (Fixed) (Total:914.31 GB) (Free:729.83 GB) NTFS \\?\Volume{683ebe39-4219-4cd4-9123-f4702c418041}\ (Recovery) (Fixed) (Total:0.59 GB) (Free:0.31 GB) NTFS \\?\Volume{e0a55e66-7828-43ed-899e-17c070328b31}\ () (Fixed) (Total:0.84 GB) (Free:0.45 GB) NTFS \\?\Volume{6107ba4c-9b4f-4bfb-94dd-51798ed3c8ee}\ (Push Button Reset) (Fixed) (Total:15.36 GB) (Free:0.85 GB) NTFS \\?\Volume{331315b9-4583-47c6-84d0-9fdf5c92d02d}\ (ESP) (Fixed) (Total:0.29 GB) (Free:0.24 GB) FAT32 ==================== MBR & Partition Table ================== ======================================================== Disk: 0 (Size: 931.5 GB) (Disk ID: 6449B3EE) Partition: GPT. ==================== End of Addition.txt ============================