API tools faq
paste
Advertisement
Guest User

Untitled

a guest
Aug 12th, 2016
656
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 48.63 KB | None | 0 0
raw download clone embed print report
  1. Additional scan result of Farbar Recovery Scan Tool (x64) Version: 11-08-2016 01
  2. Ran by Kamil (2016-08-12 13:55:48)
  3. Running from C:\Users\Kamil\Desktop
  4. Windows 10 Pro Version 1607 (X64) (2016-08-06 22:19:19)
  5. Boot Mode: Normal
  6. ==========================================================
  7.  
  8.  
  9. ==================== Accounts: =============================
  10.  
  11. Administrator (S-1-5-21-827798057-509377163-352550650-500 - Administrator - Disabled)
  12. DefaultAccount (S-1-5-21-827798057-509377163-352550650-503 - Limited - Disabled)
  13. Guest (S-1-5-21-827798057-509377163-352550650-501 - Limited - Disabled)
  14. Kamil (S-1-5-21-827798057-509377163-352550650-1001 - Administrator - Enabled) => C:\Users\Kamil
  15.  
  16. ==================== Security Center ========================
  17.  
  18. (If an entry is included in the fixlist, it will be removed.)
  19.  
  20. AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
  21. AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
  22.  
  23. ==================== Installed Programs ======================
  24.  
  25. (Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
  26.  
  27. µTorrent (HKLM-x32\...\uTorrent) (Version: 2.2.1 - )
  28. 64 Bit HP CIO Components Installer (Version: 7.2.8 - Hewlett-Packard) Hidden
  29. Ace Stream Media 3.1.6 (HKU\S-1-5-21-827798057-509377163-352550650-1001\...\AceStream) (Version: 3.1.6 - Ace Stream Media) <==== ATTENTION
  30. Apple Application Support (32-bit) (HKLM-x32\...\{26356515-5821-40FA-9C3D-9785052A1062}) (Version: 4.3.1 - Apple Inc.)
  31. Apple Application Support (64-bit) (HKLM\...\{C2651553-6CA3-4822-B2E6-BC4ACA6E0EA2}) (Version: 4.3.1 - Apple Inc.)
  32. Apple Mobile Device Support (HKLM\...\{2E4AF2A6-50EA-4260-9BA4-5E582D11879A}) (Version: 9.3.0.15 - Apple Inc.)
  33. Apple Software Update (HKLM-x32\...\{56EC47AA-5813-4FF6-8E75-544026FBEA83}) (Version: 2.2.0.150 - Apple Inc.)
  34. Aslain's WoWs Modpack version 5.8.1.05 (HKLM-x32\...\ASLAINSWARSHIPSTEST_is1) (Version: 5.8.1.05 - Aslain)
  35. Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment)
  36. Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
  37. Brawlhalla (HKLM\...\Steam App 291550) (Version: - Blue Mammoth Games)
  38. BufferChm (x32 Version: 140.0.298.000 - Hewlett-Packard) Hidden
  39. CCleaner (HKLM\...\CCleaner) (Version: 5.20 - Piriform)
  40. Copy (x32 Version: 140.0.298.000 - Hewlett-Packard) Hidden
  41. Counter-Strike (HKLM\...\Steam App 10) (Version: - Valve)
  42. Counter-Strike: Global Offensive (HKLM-x32\...\Steam App 730) (Version: - Valve)
  43. CPUID CPU-Z 1.74 (HKLM\...\CPUID CPU-Z_is1) (Version: - )
  44. DAEMON Tools Lite (HKLM\...\DAEMON Tools Lite) (Version: 10.2.0.0114 - Disc Soft Ltd)
  45. DayZ (HKLM-x32\...\Steam App 221100) (Version: - Bohemia Interactive)
  46. Destinations (x32 Version: 140.0.253.000 - Hewlett-Packard) Hidden
  47. DeviceDiscovery (x32 Version: 140.0.298.000 - Hewlett-Packard) Hidden
  48. Diablo III (HKLM-x32\...\Diablo III) (Version: - Blizzard Entertainment)
  49. Discord (HKU\S-1-5-21-827798057-509377163-352550650-1001\...\Discord) (Version: 0.0.284 - Hammer & Chisel, Inc.)
  50. DJ_AIO_06_K209a-z_SW_Min (x32 Version: 140.0.851.000 - Hewlett-Packard) Hidden
  51. Don't Starve (HKLM\...\Steam App 219740) (Version: - Klei Entertainment)
  52. Don't Starve Together (HKLM\...\Steam App 322330) (Version: - Klei Entertainment)
  53. Dota 2 (HKLM-x32\...\Steam App 570) (Version: - Valve)
  54. f.lux (HKU\S-1-5-21-827798057-509377163-352550650-1001\...\Flux) (Version: - )
  55. Fishing Planet (HKLM\...\Steam App 380600) (Version: - Fishing Planet LLC)
  56. Fraps (remove only) (HKLM-x32\...\Fraps) (Version: - )
  57. FTL: Faster Than Light (HKLM\...\Steam App 212680) (Version: - Subset Games)
  58. Genymotion version 2.6.0 (HKLM\...\{6D180286-D4DF-40EF-9227-923B9C07C08A}_is1) (Version: 2.6.0 - Genymobile)
  59. GIGABYTE OC_GURU II (HKLM-x32\...\InstallShield_{EA298EC1-2B8F-4DA9-8C5B-BC1FCBBAD72F}) (Version: 1.96.0000 - GIGABYTE Technology Co.,Ltd.)
  60. GIGABYTE OC_GURU II (x32 Version: 1.96.0000 - GIGABYTE Technology Co.,Ltd.) Hidden
  61. GOG Galaxy (HKLM-x32\...\{7258BA11-600C-430E-A759-27E2C691A335}_is1) (Version: - GOG.com)
  62. Google Chrome (HKLM-x32\...\Google Chrome) (Version: 52.0.2743.116 - Google Inc.)
  63. Google Update Helper (x32 Version: 1.3.31.5 - Google Inc.) Hidden
  64. GPBaseService2 (x32 Version: 140.0.297.000 - Hewlett-Packard) Hidden
  65. HandBrake 0.10.5 (HKLM-x32\...\HandBrake) (Version: 0.10.5 - )
  66. HD Tune Pro 5.60 (HKLM-x32\...\HD Tune Pro_is1) (Version: - EFD Software)
  67. Hearthstone (HKLM-x32\...\Hearthstone) (Version: - Blizzard Entertainment)
  68. HP Customer Participation Program 14.0 (HKLM\...\HPExtendedCapabilities) (Version: 14.0 - HP)
  69. HP Deskjet Ink Advant K209a-z All-in-One Driver Software 14.0 Rel. 6 (HKLM\...\{1415243E-E8F2-4260-8779-5B136C06BF8F}) (Version: 14.0 - HP)
  70. HP Imaging Device Functions 14.0 (HKLM\...\HP Imaging Device Functions) (Version: 14.0 - HP)
  71. HP Solution Center 14.0 (HKLM\...\HP Solution Center & Imaging Support Tools) (Version: 14.0 - HP)
  72. HP Update (HKLM-x32\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard)
  73. HPPhotoGadget (x32 Version: 140.0.524.000 - Hewlett-Packard) Hidden
  74. HPProductAssistant (x32 Version: 140.0.298.000 - Hewlett-Packard) Hidden
  75. HPSSupply (x32 Version: 140.0.297.000 - Hewlett-Packard) Hidden
  76. Intel(R) Chipset Device Software (x32 Version: 10.1.1.8 - Intel(R) Corporation) Hidden
  77. Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 11.0.0.1158 - Intel Corporation)
  78. Intel(R) Network Connections 20.2.4001.0 (HKLM\...\PROSetDX) (Version: 20.2.4001.0 - Intel)
  79. Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 14.5.0.1081 - Intel Corporation)
  80. IrfanView (uninstall) (HKLM\...\IrfanView) (Version: - )
  81. IrfanView 64 (remove only) (HKLM\...\IrfanView64) (Version: 4.41 - Irfan Skiljan)
  82. iTunes (HKLM\...\{9F4BF859-C3A4-4AB6-BDD1-9C5D58188598}) (Version: 12.4.1.6 - Apple Inc.)
  83. Java 8 Update 66 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218066F0}) (Version: 8.0.660.18 - Oracle Corporation)
  84. Java 8 Update 77 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86418077F0}) (Version: 8.0.770.3 - Oracle Corporation)
  85. Java SE Development Kit 8 Update 77 (64-bit) (HKLM\...\{64A3A4F4-B792-11D6-A78A-00B0D0180770}) (Version: 8.0.770.3 - Oracle Corporation)
  86. K209a-z (x32 Version: 140.0.851.000 - Hewlett-Packard) Hidden
  87. LastPass (tylko odinstaluj) (HKLM-x32\...\LastPass) (Version: - LastPass)
  88. Logitech Gaming Software 8.76 (HKLM\...\Logitech Gaming Software) (Version: 8.76.155 - Logitech Inc.)
  89. MarketResearch (x32 Version: 140.0.212.000 - Hewlett-Packard) Hidden
  90. Microsoft Office Professional Plus 2010 (HKLM\...\Office14.PROPLUS) (Version: 14.0.4763.1000 - Microsoft Corporation)
  91. Microsoft Server Speech Platform Runtime (x64) (HKLM\...\{3B433087-E62E-4BF5-97F9-4AF6E1C2409C}) (Version: 11.0.7400.345 - Microsoft Corporation)
  92. Microsoft Server Speech Platform Runtime (x86) (HKLM-x32\...\{22CB8ED7-DF57-4864-BD04-F63B9CE4B494}) (Version: 11.0.7400.345 - Microsoft Corporation)
  93. Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
  94. Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
  95. Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
  96. Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (HKLM\...\{350AA351-21FA-3270-8B7A-835434E766AD}) (Version: 9.0.21022 - Microsoft Corporation)
  97. Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
  98. Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
  99. Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
  100. Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
  101. Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
  102. Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
  103. Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
  104. Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
  105. Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.23026 (HKLM-x32\...\{74d0e5db-b326-4dae-a6b2-445b9de1836e}) (Version: 14.0.23026.0 - Microsoft Corporation)
  106. Mozilla Firefox 47.0.1 (x86 pl) (HKLM-x32\...\Mozilla Firefox 47.0.1 (x86 pl)) (Version: 47.0.1 - Mozilla)
  107. Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 47.0.1.6018 - Mozilla)
  108. NapiProjekt (2.2.0.2399) (HKLM-x32\...\NapiProjekt_is1) (Version: - )
  109. Natural Selection 2 (HKLM\...\Steam App 4920) (Version: - Unknown Worlds Entertainment)
  110. NCSOFT Game Launcher (HKLM-x32\...\NCLauncher_NCWest) (Version: - NCSOFT)
  111. NetBeans IDE 8.1 (HKLM\...\nbi-nb-base-8.1.0.0.201510222201) (Version: 8.1 - NetBeans.org)
  112. Notepad++ (HKLM-x32\...\Notepad++) (Version: 6.8.8 - Notepad++ Team)
  113. NVIDIA 3D Vision Controller Driver 364.44 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 364.44 - NVIDIA Corporation)
  114. NVIDIA 3D Vision Driver 368.22 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 368.22 - NVIDIA Corporation)
  115. NVIDIA GeForce Experience 2.11.4.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.11.4.0 - NVIDIA Corporation)
  116. NVIDIA Graphics Driver 368.22 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 368.22 - NVIDIA Corporation)
  117. NVIDIA HD Audio Driver 1.3.34.14 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.34.14 - NVIDIA Corporation)
  118. NVIDIA PhysX System Software 9.16.0318 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.16.0318 - NVIDIA Corporation)
  119. Oracle VM VirtualBox 5.0.4 (HKLM\...\{FC191F32-1A67-4231-91D0-0059A57C99A8}) (Version: 5.0.4 - Oracle Corporation)
  120. PeerBlock 1.2 (r693) (HKLM\...\{015C5B35-B678-451C-9AEE-821E8D69621C}_is1) (Version: 1.2.0.693 - PeerBlock, LLC)
  121. Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7560 - Realtek Semiconductor Corp.)
  122. Samsung Magician (HKLM-x32\...\{29AE3F9F-7158-4ca7-B1ED-28A73ECDB215}_is1) (Version: 4.9 - Samsung Electronics)
  123. Scan (x32 Version: 140.0.253.000 - Hewlett-Packard) Hidden
  124. ShareX (HKLM\...\82E6AC09-0FEF-4390-AD9F-0DD3F5561EFC_is1) (Version: 11.1.0 - ShareX Team)
  125. SHIELD Streaming (Version: 7.1.0280 - NVIDIA Corporation) Hidden
  126. SHIELD Wireless Controller Driver (Version: 2.11.4.0 - NVIDIA Corporation) Hidden
  127. Shop for HP Supplies (HKLM\...\Shop for HP Supplies) (Version: 14.0 - HP)
  128. Skype™ 7.21 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.21.100 - Skype Technologies S.A.)
  129. SolutionCenter (x32 Version: 140.0.299.000 - Hewlett-Packard) Hidden
  130. Spotify (HKU\S-1-5-21-827798057-509377163-352550650-1001\...\Spotify) (Version: 1.0.34.146.g28f9eda2 - Spotify AB)
  131. Status (x32 Version: 140.0.342.000 - Hewlett-Packard) Hidden
  132. Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
  133. Team Fortress 2 (HKLM\...\Steam App 440) (Version: - Valve)
  134. TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.18 - TeamSpeak Systems GmbH)
  135. Telegram Desktop version 0.10.1 (HKU\S-1-5-21-827798057-509377163-352550650-1001\...\{53F49750-6209-4FBF-9CA8-7A333C87D1ED}_is1) (Version: 0.10.1 - Telegram Messenger LLP)
  136. The Witcher 3 - Wild Hunt (HKLM-x32\...\1207664643_is1) (Version: 1.22.0.0 - GOG.com)
  137. The Witcher 3: Wild Hunt - Free DLC program (16 DLC) (HKLM-x32\...\Free DLC program (16 DLC)_is1) (Version: 1.22.0.0 - GOG.com)
  138. Toolbox (x32 Version: 140.0.596.000 - Hewlett-Packard) Hidden
  139. TrayApp (x32 Version: 140.0.297.000 - Hewlett-Packard) Hidden
  140. Vegas Pro 11.0 (HKLM-x32\...\{E6F012B0-E930-11E0-A67A-F04DA23A5C58}) (Version: 11.0.370 - Sony)
  141. VLC media player (HKLM\...\VLC media player) (Version: 2.2.4 - VideoLAN)
  142. Vulkan Run Time Libraries 1.0.11.1 (HKLM\...\VulkanRT1.0.11.1) (Version: 1.0.11.1 - LunarG, Inc.)
  143. WebReg (x32 Version: 140.0.297.017 - Hewlett-Packard) Hidden
  144. WinRAR 5.30 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.30.0 - win.rar GmbH)
  145. World of Warships (HKU\S-1-5-21-827798057-509377163-352550650-1001\...\{1EAC1D02-C6AC-4FA6-9A44-96258C37C814eu}_is1) (Version: - Wargaming.net)
  146.  
  147. ==================== Custom CLSID (Whitelisted): ==========================
  148.  
  149. (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
  150.  
  151. CustomCLSID: HKU\S-1-5-21-827798057-509377163-352550650-1001_Classes\CLSID\{71DCE5D6-4B57-496B-AC21-CD5B54EB93FD}\localserver32 -> C:\Users\Kamil\AppData\Local\Microsoft\OneDrive\17.3.6390.0509_1\FileCoAuth.exe (Microsoft Corporation)
  152.  
  153. ==================== Scheduled Tasks (Whitelisted) =============
  154.  
  155. (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
  156.  
  157. Task: {03896D04-23AB-4F74-A27D-B1B71EE41E2C} - System32\Tasks\Microsoft\Windows\EnterpriseMgmt\MDMMaintenenceTask => C:\Windows\system32\MDMAgent.exe [2016-07-16] (Microsoft Corporation)
  158. Task: {16DEA092-FB0C-40D0-AE20-0536BECC21D9} - System32\Tasks\Microsoft\Windows\EDP\EDP App Launch Task
  159. Task: {184784E2-6ACB-4154-BD0F-A955BE13F177} - System32\Tasks\Microsoft\Windows\DeviceDirectoryClient\RegisterDevicePolicyChange
  160. Task: {1B65DD58-D16B-45E8-BEB4-94D7E4D64DF7} - System32\Tasks\Microsoft\Windows\EDP\EDP Auth Task
  161. Task: {1E17942C-8F18-4536-B7C4-8C97F2864125} - \OfficeSoftwareProtectionPlatform\SvcRestartTask -> No File <==== ATTENTION
  162. Task: {37D77929-4DC3-4A6F-91DA-DFF55D7F6645} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2016-07-13] (Piriform Ltd)
  163. Task: {3E31ABD7-7B10-482B-AD2F-EFAA1C4741C3} - System32\Tasks\Microsoft\Windows\Subscription\LicenseAcquisition => C:\Windows\system32\UpgradeSubscription.exe [2016-07-16] (Microsoft Corporation)
  164. Task: {5BE91AA6-4313-4E4B-9C09-33DBE53D8152} - System32\Tasks\Microsoft\XblGameSave\XblGameSaveTask => C:\Windows\System32\XblGameSaveTask.exe [2016-07-16] (Microsoft Corporation)
  165. Task: {6232090F-3BD0-4E1F-960B-78CBA797F685} - System32\Tasks\Microsoft\Windows\DeviceDirectoryClient\HandleWnsCommand
  166. Task: {6B1AE720-1359-4B9E-9C0F-60167361EF01} - System32\Tasks\Microsoft\Windows\Shell\FamilySafetyRefreshTask
  167. Task: {6E8AE752-C5D2-4B34-B351-338B4370A342} - System32\Tasks\Microsoft\Windows\DeviceDirectoryClient\HandleCommand
  168. Task: {7AC5E1E2-2FD3-40CD-8842-88CE53A3609C} - System32\Tasks\Microsoft\Windows\DiskFootprint\StorageSense
  169. Task: {9851188E-AC07-4F36-BA28-6D00BB2C9C46} - System32\Tasks\Microsoft\Windows\Device Information\Device => C:\Windows\system32\devicecensus.exe [2016-07-16] (Microsoft Corporation)
  170. Task: {9B962D1B-5131-4287-A056-5D4049956C57} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-12-21] (Google Inc.)
  171. Task: {AA097405-E857-4F09-ADD8-3E9FD3B64720} - System32\Tasks\SamsungMagician => C:\Program Files (x86)\Samsung\Samsung Magician\Samsung Magician.exe [2015-11-06] (Samsung Electronics.)
  172. Task: {AD7321D2-997C-4E81-AE46-4631E6B033A3} - System32\Tasks\Microsoft\Windows\Subscription\EnableLicenseAcquisition => C:\Windows\system32\UpgradeSubscription.exe [2016-07-16] (Microsoft Corporation)
  173. Task: {B6EE76B2-4F82-4E15-9345-C867A29CBAD0} - System32\Tasks\Microsoft\Windows\Speech\SpeechModelDownloadTask => C:\Windows\system32\speech_onecore\common\SpeechModelDownload.exe [2016-07-16] (Microsoft Corporation)
  174. Task: {CC636E49-0109-402B-A40B-A37C29069A95} - System32\Tasks\Microsoft\Windows\DeviceDirectoryClient\LocateCommandUserSession
  175. Task: {CD19BC8A-E9FE-49ED-92A5-0E1194F69F00} - System32\Tasks\Microsoft\XblGameSave\XblGameSaveTaskLogon => C:\Windows\System32\XblGameSaveTask.exe [2016-07-16] (Microsoft Corporation)
  176. Task: {D394BE25-2E16-45D4-AAB2-3E8861A09351} - System32\Tasks\Microsoft\Windows\Shell\FamilySafetyMonitorToastTask
  177. Task: {D3C4106A-D511-42C6-9716-465644534C87} - System32\Tasks\microsoft\windows\applicationdata\appuriverifierinstall => C:\Windows\system32\AppHostRegistrationVerifier.exe [2016-07-16] (Microsoft Corporation)
  178. Task: {D941F53F-7907-4FBE-B1E7-69EBD5B3A5D8} - System32\Tasks\Microsoft\Windows\DeviceDirectoryClient\RegisterDeviceLocationRightsChange
  179. Task: {E9BD8B0B-66FA-4042-9696-BE949673F714} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-12-21] (Google Inc.)
  180. Task: {EA9BAA00-6604-4A27-8A73-AFA65F0EE1B3} - System32\Tasks\Microsoft\Windows\SharedPC\Account Cleanup => Rundll32.exe %windir%\System32\Windows.SharedPC.AccountManager.dll,StartMaintenance
  181. Task: {ECEDC57D-8965-4EB1-BD6F-84791D928E23} - System32\Tasks\microsoft\windows\applicationdata\appuriverifierdaily => C:\Windows\system32\AppHostRegistrationVerifier.exe [2016-07-16] (Microsoft Corporation)
  182. Task: {FF10EA57-4A0F-4ED9-A1E9-6776B8A6A43F} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\Windows\system32\MRT.exe [2016-08-10] (Microsoft Corporation)
  183.  
  184. (If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
  185.  
  186. Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
  187. Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
  188.  
  189. ==================== Shortcuts =============================
  190.  
  191. (The entries could be listed to be restored or removed.)
  192.  
  193. ==================== Loaded Modules (Whitelisted) ==============
  194.  
  195. 2016-07-16 13:42 - 2016-07-16 13:42 - 00231424 _____ () C:\WINDOWS\SYSTEM32\ism32k.dll
  196. 2016-07-16 13:42 - 2016-07-16 13:42 - 02681200 _____ () C:\WINDOWS\system32\CoreUIComponents.dll
  197. 2016-08-07 00:13 - 2016-05-20 04:08 - 00134712 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
  198. 2015-12-21 23:54 - 2016-06-14 22:03 - 00288192 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamBase.dll
  199. 2016-03-07 21:51 - 2016-06-14 22:03 - 00367552 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\MessageBus.dll
  200. 2016-05-24 18:20 - 2016-06-14 22:03 - 01147328 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\libprotobuf.dll
  201. 2016-03-07 21:51 - 2016-06-14 22:03 - 03611584 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\Poco.dll
  202. 2016-04-22 01:07 - 2016-04-22 01:07 - 00092472 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
  203. 2016-04-22 01:07 - 2016-04-22 01:07 - 01337144 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
  204. 2016-05-24 18:20 - 2016-06-14 22:03 - 02665920 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\Plugins\NSS\NvMdnsPlugin.dll
  205. 2016-05-24 18:20 - 2016-06-14 22:03 - 01988544 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\Plugins\NSS\NvPortForwardPlugin.dll
  206. 2016-05-24 18:20 - 2016-06-14 22:03 - 01840576 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\Plugins\NSS\RtspPlugin.dll
  207. 2016-01-22 03:12 - 2016-06-14 22:03 - 00207296 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\RtspServer.dll
  208. 2016-05-24 18:20 - 2016-06-14 22:03 - 00034240 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\boost_system-vc120-mt-1_58.dll
  209. 2016-05-24 18:20 - 2016-06-14 22:03 - 00920000 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\boost_regex-vc120-mt-1_58.dll
  210. 2015-03-07 02:07 - 2015-03-07 02:07 - 00908568 _____ () C:\Program Files\Logitech Gaming Software\libGLESv2.dll
  211. 2015-11-20 23:41 - 2015-11-20 23:41 - 01095448 _____ () C:\Program Files\Logitech Gaming Software\platforms\qwindows.dll
  212. 2015-03-07 02:07 - 2015-03-07 02:07 - 00060184 _____ () C:\Program Files\Logitech Gaming Software\libEGL.dll
  213. 2015-11-20 23:41 - 2015-11-20 23:41 - 00240408 _____ () C:\Program Files\Logitech Gaming Software\imageformats\qjpeg.dll
  214. 2016-07-16 13:42 - 2016-07-16 13:42 - 00236488 _____ () c:\windows\system32\WerEtw.dll
  215. 2016-07-16 13:42 - 2016-07-16 13:42 - 02681200 _____ () C:\WINDOWS\SYSTEM32\CoreUIComponents.dll
  216. 2016-08-07 00:21 - 2016-08-07 00:21 - 00959168 _____ () C:\Users\Kamil\AppData\Local\Microsoft\OneDrive\17.3.6390.0509_1\amd64\ClientTelemetry.dll
  217. 2010-01-30 03:40 - 2010-01-30 03:40 - 04254560 _____ () C:\Program Files\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF
  218. 2016-07-16 13:42 - 2016-07-16 13:42 - 00130048 _____ () C:\WINDOWS\SYSTEM32\CHARTV.dll
  219. 2016-07-16 13:42 - 2016-07-16 13:42 - 00134656 _____ () C:\Windows\ShellExperiences\Windows.UI.Shell.SharedUtilities.dll
  220. 2016-08-09 21:17 - 2016-08-02 10:15 - 00474112 _____ () C:\Windows\ShellExperiences\QuickActions.dll
  221. 2016-08-09 21:18 - 2016-08-02 10:01 - 09761280 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
  222. 2016-08-09 21:18 - 2016-08-02 09:53 - 01401344 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
  223. 2016-08-09 21:18 - 2016-08-02 09:53 - 00757248 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CSGSuggestLib.dll
  224. 2016-08-09 21:18 - 2016-08-02 09:54 - 02438144 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
  225. 2016-08-09 21:18 - 2016-08-02 09:56 - 04853760 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
  226. 2015-12-21 23:54 - 2016-06-14 22:03 - 00018880 _____ () C:\Program Files (x86)\NVIDIA Corporation\Update Core\detoured.dll
  227. 2015-12-22 00:02 - 2016-08-03 00:08 - 00785920 _____ () C:\Program Files (x86)\Steam\SDL2.dll
  228. 2015-12-22 00:02 - 2016-08-03 00:10 - 04962816 _____ () C:\Program Files (x86)\Steam\v8.dll
  229. 2015-12-22 00:02 - 2016-08-03 02:00 - 02320160 _____ () C:\Program Files (x86)\Steam\video.dll
  230. 2015-12-22 00:02 - 2016-02-09 01:14 - 02549760 _____ () C:\Program Files (x86)\Steam\libavcodec-56.dll
  231. 2015-12-22 00:02 - 2016-02-09 01:14 - 00491008 _____ () C:\Program Files (x86)\Steam\libavformat-56.dll
  232. 2015-12-22 00:02 - 2016-02-09 01:14 - 00332800 _____ () C:\Program Files (x86)\Steam\libavresample-2.dll
  233. 2015-12-22 00:02 - 2016-02-09 01:14 - 00442880 _____ () C:\Program Files (x86)\Steam\libavutil-54.dll
  234. 2015-12-22 00:02 - 2016-02-09 01:14 - 00485888 _____ () C:\Program Files (x86)\Steam\libswscale-3.dll
  235. 2015-12-22 00:02 - 2016-08-03 00:09 - 01556992 _____ () C:\Program Files (x86)\Steam\icui18n.dll
  236. 2015-12-22 00:02 - 2016-08-03 00:09 - 01187840 _____ () C:\Program Files (x86)\Steam\icuuc.dll
  237. 2015-12-22 00:02 - 2016-08-03 01:59 - 00831776 _____ () C:\Program Files (x86)\Steam\bin\chromehtml.DLL
  238. 2016-03-09 18:40 - 2016-07-07 00:00 - 00266560 _____ () C:\Program Files (x86)\Steam\openvr_api.dll
  239. 2015-12-22 00:02 - 2016-06-14 21:14 - 49826080 _____ () C:\Program Files (x86)\Steam\bin\libcef.dll
  240. 2015-12-22 00:54 - 2016-08-04 01:23 - 52042352 _____ () C:\Users\Kamil\AppData\Roaming\Spotify\libcef.dll
  241. 2015-12-22 04:17 - 2016-08-12 13:38 - 00174080 _____ () C:\Users\Kamil\AppData\Roaming\vibranceGUI\vibranceDLL.dll
  242. 2015-12-22 00:54 - 2016-08-04 01:23 - 01741936 _____ () C:\Users\Kamil\AppData\Roaming\Spotify\libglesv2.dll
  243. 2015-12-22 00:54 - 2016-08-04 01:23 - 00087664 _____ () C:\Users\Kamil\AppData\Roaming\Spotify\libegl.dll
  244. 2015-12-22 01:12 - 2015-11-06 12:59 - 00021600 _____ () C:\Program Files (x86)\Samsung\Samsung Magician\SAMSUNG_SSD.dll
  245. 2015-03-24 19:01 - 2015-03-24 19:01 - 00192512 _____ () C:\Program Files (x86)\GIGABYTE\GIGABYTE OC_GURU II\GvVGAConfig.dll
  246. 2016-08-07 00:20 - 2016-08-07 00:20 - 00679624 _____ () C:\Users\Kamil\AppData\Local\Microsoft\OneDrive\17.3.6390.0509_1\ClientTelemetry.dll
  247. 2010-01-30 03:41 - 2010-01-30 03:41 - 04254560 _____ () C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Cultures\OFFICE.ODF
  248. 2016-08-09 01:20 - 2016-08-03 02:24 - 01771336 _____ () C:\Program Files (x86)\Google\Chrome\Application\52.0.2743.116\libglesv2.dll
  249. 2016-08-09 01:20 - 2016-08-03 02:23 - 00094024 _____ () C:\Program Files (x86)\Google\Chrome\Application\52.0.2743.116\libegl.dll
  250.  
  251. ==================== Alternate Data Streams (Whitelisted) =========
  252.  
  253. (If an entry is included in the fixlist, only the ADS will be removed.)
  254.  
  255.  
  256. ==================== Safe Mode (Whitelisted) ===================
  257.  
  258. (If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
  259.  
  260.  
  261. ==================== Association (Whitelisted) ===============
  262.  
  263. (If an entry is included in the fixlist, the registry item will be restored to default or removed.)
  264.  
  265.  
  266. ==================== Internet Explorer trusted/restricted ===============
  267.  
  268. (If an entry is included in the fixlist, it will be removed from the registry.)
  269.  
  270.  
  271. ==================== Hosts content: ===============================
  272.  
  273. (If needed Hosts: directive could be included in the fixlist to reset Hosts.)
  274.  
  275. 2015-10-30 09:24 - 2015-10-30 09:21 - 00000824 ____A C:\WINDOWS\system32\Drivers\etc\hosts
  276.  
  277.  
  278. ==================== Other Areas ============================
  279.  
  280. (Currently there is no automatic fix for this section.)
  281.  
  282. HKU\S-1-5-21-827798057-509377163-352550650-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Kamil\Documents\wallhaven-277331.png
  283. DNS Servers: 62.179.1.62 - 62.179.1.63
  284. HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
  285. Windows Firewall is enabled.
  286.  
  287. ==================== MSCONFIG/TASK MANAGER disabled items ==
  288.  
  289. (Currently there is no automatic fix for this section.)
  290.  
  291. HKLM\...\StartupApproved\Run: => "BCSSync"
  292. HKLM\...\StartupApproved\Run: => "iTunesHelper"
  293. HKLM\...\StartupApproved\Run32: => "SunJavaUpdateSched"
  294. HKU\S-1-5-21-827798057-509377163-352550650-1001\...\StartupApproved\Run: => "OneDrive"
  295. HKU\S-1-5-21-827798057-509377163-352550650-1001\...\StartupApproved\Run: => "DAEMON Tools Lite Automount"
  296.  
  297. ==================== FirewallRules (Whitelisted) ===============
  298.  
  299. (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
  300.  
  301. FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
  302. FirewallRules: [WirelessDisplay-Infra-In-TCP] => (Allow) %systemroot%\system32\CastSrv.exe
  303. FirewallRules: [{4B1DF51C-DC99-43A6-A437-3BDE315E98CA}] => (Allow) D:\steam\steamapps\common\FTL Faster Than Light\FTLGame.exe
  304. FirewallRules: [{1E43692F-F330-4EC3-8CC9-14A26D651B32}] => (Allow) D:\steam\steamapps\common\FTL Faster Than Light\FTLGame.exe
  305. FirewallRules: [{CA37448D-9315-4688-ADB7-25477B914197}] => (Allow) D:\steam\steamapps\common\Half-Life\hl.exe
  306. FirewallRules: [{644B9770-5F31-453C-9AFF-C01F4365114B}] => (Allow) D:\steam\steamapps\common\Half-Life\hl.exe
  307. FirewallRules: [{40A85CBF-24C7-4624-A116-965964C3E2F1}] => (Allow) C:\Program Files\iTunes\iTunes.exe
  308. FirewallRules: [{2A342F45-AC56-4E9C-A955-4CF09DEAAB49}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
  309. FirewallRules: [{173A0FE6-98D1-463A-8B14-55052F56B24A}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
  310. FirewallRules: [{DC15B4CE-F480-4C01-B409-0647D579F562}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
  311. FirewallRules: [{A2A500D1-5F8C-4190-87A7-6B3C9E2C0240}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
  312. FirewallRules: [{7A76C32A-29C6-4CBA-BD23-938BBB7FF5A2}] => (Allow) D:\Games\World_of_Warships\worldofwarships.exe
  313. FirewallRules: [{0599CF0F-3392-4C97-B2E5-2FF0AEE717A3}] => (Allow) D:\Games\World_of_Warships\worldofwarships.exe
  314. FirewallRules: [{AAF31928-2851-4BF2-A36E-CED081DBFC9F}] => (Allow) D:\Games\World_of_Warships\WoWSLauncher.exe
  315. FirewallRules: [{239C3CBE-FE78-4163-89AE-900150C55BAC}] => (Allow) D:\Games\World_of_Warships\WoWSLauncher.exe
  316. FirewallRules: [UDP Query User{C851ACCC-B4EF-48DF-AFB3-1622FB9B07A8}C:\users\kamil\appdata\roaming\acestream\engine\ace_engine.exe] => (Allow) C:\users\kamil\appdata\roaming\acestream\engine\ace_engine.exe
  317. FirewallRules: [TCP Query User{C3F673EE-E2B5-4A09-B58A-7E62BB1FBC5C}C:\users\kamil\appdata\roaming\acestream\engine\ace_engine.exe] => (Allow) C:\users\kamil\appdata\roaming\acestream\engine\ace_engine.exe
  318. FirewallRules: [{3AB14377-5DB0-49FC-B226-A4B4483B9A17}] => (Allow) C:\Program Files (x86)\HP\hp software update\hpwucli.exe
  319. FirewallRules: [{36402638-EADF-4A09-BDB9-A48F55EC71FB}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqusgh.exe
  320. FirewallRules: [{539311E4-302F-4F73-9CC0-5F017510D488}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqusgm.exe
  321. FirewallRules: [{CDCEE6C2-2DBF-47D7-A910-2552018540D7}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe
  322. FirewallRules: [{8A44DDC3-66DB-43D5-BD8A-B019EE9DAF1D}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgplgtupl.exe
  323. FirewallRules: [{7B199123-F786-4F16-AD37-57D01D876F0B}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpiscnapp.exe
  324. FirewallRules: [{D2BB0644-A62C-45F5-A949-5D2E5B20461F}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpoews01.exe
  325. FirewallRules: [{C977C4A5-2965-47F3-AC55-30FD604B9D96}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpfccopy.exe
  326. FirewallRules: [{CFE92340-13BF-4AB5-AA69-77F903E67ADF}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcopy2.exe
  327. FirewallRules: [{7A32BD9C-65BE-40B2-99BF-C1A5981AD5BC}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqkygrp.exe
  328. FirewallRules: [{075C8105-EF76-4C32-987A-32913031ADD8}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hposid01.exe
  329. FirewallRules: [{16E7E4A4-5BC1-400D-A538-10F7A534781B}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqste08.exe
  330. FirewallRules: [{D40BCDFB-3733-40FC-A77C-CBBEFF14CFBB}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
  331. FirewallRules: [{95B5E6FE-759E-496D-AEE8-C6AF9DAAC23B}] => (Allow) D:\steam\steamapps\common\Fishing Planet\FishingPlanet.exe
  332. FirewallRules: [{1CF32560-6CE2-49BE-A1B5-4D429FCF2FE8}] => (Allow) D:\steam\steamapps\common\Fishing Planet\FishingPlanet.exe
  333. FirewallRules: [{21F556C1-5B8E-4EF2-8ED9-7CB85920AA8F}] => (Allow) D:\steam\steamapps\common\Brawlhalla\Brawlhalla.exe
  334. FirewallRules: [{A824F065-1E53-44E5-9098-06751574C59C}] => (Allow) D:\steam\steamapps\common\Brawlhalla\Brawlhalla.exe
  335. FirewallRules: [{59788422-71C4-4AE9-AD80-34D0939B448B}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
  336. FirewallRules: [{D35B5C5B-2476-4EE0-B0E8-50DB660A64C8}] => (Allow) D:\steam\steamapps\common\Team Fortress 2\hl2.exe
  337. FirewallRules: [{F316755D-E34E-46BB-8B6A-86D456BC4201}] => (Allow) D:\steam\steamapps\common\Team Fortress 2\hl2.exe
  338. FirewallRules: [UDP Query User{5723F0FD-A29D-40D9-A914-E940558A56ED}C:\program files (x86)\diablo iii\diablo iii.exe] => (Allow) C:\program files (x86)\diablo iii\diablo iii.exe
  339. FirewallRules: [TCP Query User{980C337D-AA2A-4BFA-BDC9-80E69DEDB4A4}C:\program files (x86)\diablo iii\diablo iii.exe] => (Allow) C:\program files (x86)\diablo iii\diablo iii.exe
  340. FirewallRules: [UDP Query User{152C4111-788A-4AE7-973C-2622EE650482}D:\program files (x86)\hearthstone\hearthstone.exe] => (Allow) D:\program files (x86)\hearthstone\hearthstone.exe
  341. FirewallRules: [TCP Query User{10F42324-07F0-4EFD-AFEB-9B2E05AB2A30}D:\program files (x86)\hearthstone\hearthstone.exe] => (Allow) D:\program files (x86)\hearthstone\hearthstone.exe
  342. FirewallRules: [{58280175-7F6D-4ED3-9C70-C79B47E7A5A1}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
  343. FirewallRules: [{9F80CEB4-1891-40AE-8BC4-9B60FD5F11F5}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
  344. FirewallRules: [UDP Query User{4676FCC1-964A-42A6-8516-D44D10C45CDA}C:\program files (x86)\steam\steamapps\common\dayz\dayz.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\dayz\dayz.exe
  345. FirewallRules: [TCP Query User{17E658AD-C95B-4B26-A1AF-00953EFD7C93}C:\program files (x86)\steam\steamapps\common\dayz\dayz.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\dayz\dayz.exe
  346. FirewallRules: [{89109AC9-BC35-46AE-8D51-411BA9E11BB1}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\DayZ\DayZ_BE.exe
  347. FirewallRules: [{6C537BB5-A6FE-4173-BE27-9698F514C512}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\DayZ\DayZ_BE.exe
  348. FirewallRules: [{DA7E61FF-6898-4C5D-AE71-34929AC2FD35}] => (Allow) C:\Program Files (x86)\NapiProjekt\napisy.exe
  349. FirewallRules: [{794D7ACD-E87A-431A-B43A-AEAB0BEC1548}] => (Allow) C:\Program Files (x86)\NapiProjekt\napisy.exe
  350. FirewallRules: [{4035B1F7-3D99-4D4B-988E-3AAAE6B873BB}] => (Allow) C:\Program Files (x86)\uTorrent\uTorrent.exe
  351. FirewallRules: [{A0E64DF5-757C-4C83-B193-53C4B1A7D546}] => (Allow) C:\Program Files (x86)\uTorrent\uTorrent.exe
  352. FirewallRules: [UDP Query User{1B52276C-0764-40D3-88AF-FB9C8302EEFF}C:\program files\logitech gaming software\lcore.exe] => (Allow) C:\program files\logitech gaming software\lcore.exe
  353. FirewallRules: [TCP Query User{C7C69BAD-FE29-4668-ADA0-9EB10C82834E}C:\program files\logitech gaming software\lcore.exe] => (Allow) C:\program files\logitech gaming software\lcore.exe
  354. FirewallRules: [{814B5A9F-1946-429F-ADCC-9DA398497F79}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe
  355. FirewallRules: [{0DFAFDFF-D68F-43FB-9A88-4030F3107012}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe
  356. FirewallRules: [UDP Query User{5EBD7C39-8E59-4BED-831B-A2955C67447F}C:\users\kamil\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\kamil\appdata\roaming\spotify\spotify.exe
  357. FirewallRules: [TCP Query User{C1B66486-7E9E-4FF0-A650-94FD6FB0AF22}C:\users\kamil\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\kamil\appdata\roaming\spotify\spotify.exe
  358. FirewallRules: [{CEC264B5-CB73-498B-8822-1E2A613FDB0E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
  359. FirewallRules: [{1D596FB3-9A2E-49B7-A281-3EC5B3B38F51}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
  360. FirewallRules: [{9365B586-4E79-4988-892E-DD96FAF4EAFB}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
  361. FirewallRules: [{8EFB2952-223E-434E-95AF-3E41F849450A}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
  362. FirewallRules: [{0CA1CA84-1AC0-4542-BC96-1E82F2766E32}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
  363. FirewallRules: [{C7855C31-2B31-4ABF-ACB3-E9C334ACB764}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
  364. FirewallRules: [{1814C27A-939B-47FE-865C-640D41CDD5FD}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
  365. FirewallRules: [{EEE31E5C-6EBD-4E0B-999D-CA7F250D9DA2}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
  366. FirewallRules: [{5A733395-B201-4F30-891F-E5C4CB602BF9}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
  367. FirewallRules: [{8C787533-CEF6-4210-93BA-293856D11B01}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
  368. FirewallRules: [{6B68FDD5-0271-4E99-A93B-9CB0B4204007}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
  369. FirewallRules: [{588E0D6F-DE0B-46B0-A138-20DAE15CD22D}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
  370. FirewallRules: [{4BDE19D3-497C-43B1-AD2E-8ADEC6C2596E}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
  371. FirewallRules: [{DE9C5EC7-FC8D-498B-9F11-F176DE8839EF}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
  372. FirewallRules: [{242D86E4-179E-4795-B900-DEF0E976C0C8}] => (Allow) D:\steam\steamapps\common\Natural Selection 2\ns2.exe
  373. FirewallRules: [{BC471562-8CC9-4CCC-861C-2F906EE4A16E}] => (Allow) D:\steam\steamapps\common\Natural Selection 2\ns2.exe
  374. FirewallRules: [{E2ABA74D-F9D4-47E8-911E-BC1BC7973B2C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dont_starve\bin\dontstarve_steam.exe
  375. FirewallRules: [{CD5F4D54-EB5F-49C6-B9F1-AD6056811EA2}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dont_starve\bin\dontstarve_steam.exe
  376. FirewallRules: [{5D74CDCD-0844-406D-A5A9-E626603F7485}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Don't Starve Together\bin\dontstarve_steam.exe
  377. FirewallRules: [{5EF036E5-82EF-4084-870B-B95C330FDE17}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Don't Starve Together\bin\dontstarve_steam.exe
  378. FirewallRules: [TCP Query User{F0D63325-1557-4368-931F-565E7681D843}C:\program files (x86)\steam\steamapps\common\don't starve together\bin\dontstarve_dedicated_server_nullrenderer.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\don't starve together\bin\dontstarve_dedicated_server_nullrenderer.exe
  379. FirewallRules: [UDP Query User{A0C1A045-17DF-46CE-8984-02F36D4C7160}C:\program files (x86)\steam\steamapps\common\don't starve together\bin\dontstarve_dedicated_server_nullrenderer.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\don't starve together\bin\dontstarve_dedicated_server_nullrenderer.exe
  380.  
  381. ==================== Restore Points =========================
  382.  
  383. 07-08-2016 22:22:07 Removed puush
  384. 10-08-2016 00:17:44 Installed DirectX
  385.  
  386. ==================== Faulty Device Manager Devices =============
  387.  
  388.  
  389. ==================== Event log errors: =========================
  390.  
  391. Application errors:
  392. ==================
  393. Error: (08/12/2016 01:53:51 PM) (Source: Application Hang) (EventID: 1002) (User: )
  394. Description: The program explorer.exe version 10.0.14393.0 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Security and Maintenance control panel.
  395.  
  396. Process ID: 2874
  397.  
  398. Start Time: 01d1f4902618b2f4
  399.  
  400. Termination Time: 7
  401.  
  402. Application Path: C:\Windows\explorer.exe
  403.  
  404. Report Id: 6f4c7c63-6083-11e6-96c7-d0509901ce29
  405.  
  406. Faulting package full name:
  407.  
  408. Faulting package-relative application ID:
  409.  
  410. Error: (08/12/2016 01:53:32 PM) (Source: Application Hang) (EventID: 1002) (User: )
  411. Description: The program explorer.exe version 10.0.14393.0 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Security and Maintenance control panel.
  412.  
  413. Process ID: 1218
  414.  
  415. Start Time: 01d1f4901d39a4d0
  416.  
  417. Termination Time: 7
  418.  
  419. Application Path: C:\Windows\explorer.exe
  420.  
  421. Report Id: 639e43a6-6083-11e6-96c7-d0509901ce29
  422.  
  423. Faulting package full name:
  424.  
  425. Faulting package-relative application ID:
  426.  
  427. Error: (08/12/2016 01:53:17 PM) (Source: Application Hang) (EventID: 1002) (User: )
  428. Description: The program explorer.exe version 10.0.14393.0 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Security and Maintenance control panel.
  429.  
  430. Process ID: 1040
  431.  
  432. Start Time: 01d1f48e48837cb6
  433.  
  434. Termination Time: 7
  435.  
  436. Application Path: C:\Windows\explorer.exe
  437.  
  438. Report Id: 5abe2a0c-6083-11e6-96c7-d0509901ce29
  439.  
  440. Faulting package full name:
  441.  
  442. Faulting package-relative application ID:
  443.  
  444. Error: (08/12/2016 01:40:10 PM) (Source: Application Hang) (EventID: 1002) (User: )
  445. Description: The program explorer.exe version 10.0.14393.0 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Security and Maintenance control panel.
  446.  
  447. Process ID: fbc
  448.  
  449. Start Time: 01d1f48e0736a758
  450.  
  451. Termination Time: 7
  452.  
  453. Application Path: C:\Windows\explorer.exe
  454.  
  455. Report Id: 8607c999-6081-11e6-96c7-d0509901ce29
  456.  
  457. Faulting package full name:
  458.  
  459. Faulting package-relative application ID:
  460.  
  461. Error: (08/11/2016 06:08:31 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: DESKTOP-QEHOTKS)
  462. Description: Activation of app Microsoft.Windows.Cortana_cw5n1h2txyewy!CortanaUI failed with error: -2144927141 See the Microsoft-Windows-TWinUI/Operational log for additional information.
  463.  
  464. Error: (08/10/2016 05:34:00 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: DESKTOP-QEHOTKS)
  465. Description: Activation of app Microsoft.Windows.CloudExperienceHost_cw5n1h2txyewy!App failed with error: -2144927141 See the Microsoft-Windows-TWinUI/Operational log for additional information.
  466.  
  467. Error: (08/10/2016 05:34:00 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: DESKTOP-QEHOTKS)
  468. Description: Activation of app Microsoft.Windows.CloudExperienceHost_cw5n1h2txyewy!App failed with error: -2144927141 See the Microsoft-Windows-TWinUI/Operational log for additional information.
  469.  
  470. Error: (08/10/2016 05:33:56 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: DESKTOP-QEHOTKS)
  471. Description: Activation of app Microsoft.Windows.CloudExperienceHost_cw5n1h2txyewy!App failed with error: -2144927141 See the Microsoft-Windows-TWinUI/Operational log for additional information.
  472.  
  473. Error: (08/10/2016 05:33:56 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: DESKTOP-QEHOTKS)
  474. Description: Activation of app Microsoft.Windows.CloudExperienceHost_cw5n1h2txyewy!App failed with error: -2144927141 See the Microsoft-Windows-TWinUI/Operational log for additional information.
  475.  
  476. Error: (08/10/2016 05:33:42 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: DESKTOP-QEHOTKS)
  477. Description: Activation of app Microsoft.WindowsStore_8wekyb3d8bbwe!App failed with error: -2144927141 See the Microsoft-Windows-TWinUI/Operational log for additional information.
  478.  
  479.  
  480. System errors:
  481. =============
  482. Error: (08/12/2016 01:43:19 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
  483. Description: application-specificLocalActivation{8D8F4F83-3594-4F07-8369-FC3C3CAE4919}{F72671A9-012C-4725-9D2F-2A4D32D65169}NT AUTHORITYSYSTEMS-1-5-18LocalHost (Using LRPC)UnavailableUnavailable
  484.  
  485. Error: (08/12/2016 01:38:21 PM) (Source: Microsoft-Windows-Kernel-General) (EventID: 5) (User: NT AUTHORITY)
  486. Description: 0x8000002a63\??\C:\Users\Kamil\AppData\Local\Microsoft\Windows\UsrClass.dat
  487.  
  488. Error: (08/11/2016 05:05:15 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
  489. Description: application-specificLocalActivation{8D8F4F83-3594-4F07-8369-FC3C3CAE4919}{F72671A9-012C-4725-9D2F-2A4D32D65169}NT AUTHORITYSYSTEMS-1-5-18LocalHost (Using LRPC)UnavailableUnavailable
  490.  
  491. Error: (08/11/2016 06:08:31 AM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-QEHOTKS)
  492. Description: CortanaUI.AppXjytc7c0yvwb8n3cw0r82k4364sd1s7bv.mca
  493.  
  494. Error: (08/10/2016 08:00:42 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
  495. Description: application-specificLocalActivation{8D8F4F83-3594-4F07-8369-FC3C3CAE4919}{F72671A9-012C-4725-9D2F-2A4D32D65169}NT AUTHORITYSYSTEMS-1-5-18LocalHost (Using LRPC)UnavailableUnavailable
  496.  
  497. Error: (08/10/2016 06:27:22 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-QEHOTKS)
  498. Description: {9BA05972-F6A8-11CF-A442-00A0C90A8F39}
  499.  
  500. Error: (08/10/2016 02:58:12 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
  501. Description: application-specificLocalActivation{8D8F4F83-3594-4F07-8369-FC3C3CAE4919}{F72671A9-012C-4725-9D2F-2A4D32D65169}NT AUTHORITYSYSTEMS-1-5-18LocalHost (Using LRPC)UnavailableUnavailable
  502.  
  503. Error: (08/10/2016 05:35:42 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
  504. Description: Installation Failure: Windows failed to install the following update with error 0x8024001e: Windows Malicious Software Removal Tool for Windows 8, 8.1, 10 and Windows Server 2012, 2012 R2 x64 Edition - August 2016 (KB890830).
  505.  
  506. Error: (08/10/2016 05:35:37 AM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-QEHOTKS)
  507. Description: {9BA05972-F6A8-11CF-A442-00A0C90A8F39}
  508.  
  509. Error: (08/10/2016 05:34:00 AM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-QEHOTKS)
  510. Description: Windows.Security.Authentication.Web.Core.BackgroundGetTokenTask.ClassId.WebAccountProvider
  511.  
  512.  
  513. CodeIntegrity:
  514. ===================================
  515. Date: 2016-08-12 13:52:19.541
  516. Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume1\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.
  517.  
  518. Date: 2016-08-12 13:52:19.540
  519. Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume1\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.
  520.  
  521. Date: 2016-08-12 13:52:19.421
  522. Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume1\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.
  523.  
  524. Date: 2016-08-12 13:52:19.421
  525. Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume1\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.
  526.  
  527. Date: 2016-08-12 13:38:50.748
  528. Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume1\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.
  529.  
  530. Date: 2016-08-12 13:38:50.747
  531. Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume1\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.
  532.  
  533. Date: 2016-08-12 00:51:44.859
  534. Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume1\Program Files\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.
  535.  
  536. Date: 2016-08-11 22:28:50.029
  537. Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume1\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.
  538.  
  539. Date: 2016-08-11 22:28:50.028
  540. Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume1\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.
  541.  
  542. Date: 2016-08-11 22:11:14.323
  543. Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume1\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.
  544.  
  545.  
  546. ==================== Memory info ===========================
  547.  
  548. Processor: Intel(R) Core(TM) i5-4670K CPU @ 3.40GHz
  549. Percentage of memory in use: 26%
  550. Total physical RAM: 16313.36 MB
  551. Available physical RAM: 12051.22 MB
  552. Total Virtual: 20153.36 MB
  553. Available Virtual: 15288.4 MB
  554.  
  555. ==================== Drives ================================
  556.  
  557. Drive c: () (Fixed) (Total:118.8 GB) (Free:17.96 GB) NTFS ==>[drive with boot components (obtained from BCD)]
  558. Drive d: () (Fixed) (Total:224.36 GB) (Free:70.71 GB) NTFS
  559. Drive e: () (Fixed) (Total:1863.01 GB) (Free:382.14 GB) NTFS
  560. Drive g: () (Fixed) (Total:707.15 GB) (Free:159.29 GB) NTFS
  561. Drive i: (SAMSUNG) (Fixed) (Total:298.09 GB) (Free:49.13 GB) NTFS
  562.  
  563. ==================== MBR & Partition Table ==================
  564.  
  565. ========================================================
  566. Disk: 0 (MBR Code: Windows 7 or 8) (Size: 119.2 GB) (Disk ID: 36F13A06)
  567. Partition 1: (Active) - (Size=118.8 GB) - (Type=07 NTFS)
  568. Partition 2: (Not Active) - (Size=450 MB) - (Type=27)
  569.  
  570. ========================================================
  571. Disk: 1 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: 51E5F2EB)
  572. Partition 1: (Not Active) - (Size=224.4 GB) - (Type=07 NTFS)
  573. Partition 2: (Not Active) - (Size=707.1 GB) - (Type=07 NTFS)
  574.  
  575. ========================================================
  576. Disk: 2 (MBR Code: Windows 7 or 8) (Size: 1863 GB) (Disk ID: 428C381B)
  577. Partition 1: (Not Active) - (Size=1863 GB) - (Type=07 NTFS)
  578.  
  579. ========================================================
  580. Disk: 3 (Size: 298.1 GB) (Disk ID: E0798F03)
  581. Partition 1: (Active) - (Size=298.1 GB) - (Type=07 NTFS)
  582.  
  583. ==================== End of Addition.txt ============================
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!