Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- Additional scan result of Farbar Recovery Scan Tool (x64) Version: 20.06.2018
- Ran by flork (02-07-2018 10:51:51)
- Running from C:\Users\flork\Downloads
- Windows 10 Home Version 1803 17134.112 (X64) (2018-06-09 17:22:31)
- Boot Mode: Normal
- ==========================================================
- ==================== Accounts: =============================
- Administrator (S-1-5-21-3473786666-1609645680-3100001402-500 - Administrator - Disabled)
- DefaultAccount (S-1-5-21-3473786666-1609645680-3100001402-503 - Limited - Disabled)
- flork (S-1-5-21-3473786666-1609645680-3100001402-1001 - Administrator - Enabled) => C:\Users\flork
- Guest (S-1-5-21-3473786666-1609645680-3100001402-501 - Limited - Disabled)
- WDAGUtilityAccount (S-1-5-21-3473786666-1609645680-3100001402-504 - Limited - Disabled)
- ==================== Security Center ========================
- (If an entry is included in the fixlist, it will be removed.)
- AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
- AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
- ==================== Installed Programs ======================
- (Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
- Aktualizacje NVIDIA 31.2.0.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 31.2.0.0 - NVIDIA Corporation) Hidden
- AORUS GRAPHICS ENGINE (HKLM-x32\...\AORUS GRAPHICS ENGINE_is1) (Version: 1.3.4 - GIGABYTE Technology Co.,Inc.)
- Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment)
- BitTorrent (HKU\S-1-5-21-3473786666-1609645680-3100001402-1001\...\BitTorrent) (Version: 7.10.3.44495 - BitTorrent Inc.)
- CCleaner (HKLM\...\CCleaner) (Version: 5.44 - Piriform)
- Discord (HKU\S-1-5-21-3473786666-1609645680-3100001402-1001\...\Discord) (Version: 0.0.301 - Discord Inc.)
- DisplayDriverAnalyzer (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_DisplayDriverAnalyzer) (Version: 398.36 - NVIDIA Corporation) Hidden
- Epic Games Launcher (HKLM-x32\...\{C1DEC9EF-012B-40E4-A5DD-350AAD153DCD}) (Version: 1.1.151.0 - Epic Games, Inc.)
- Epic Games Launcher Prerequisites (x64) (HKLM\...\{66C5838F-B854-4A55-89E6-A6138747A4DF}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
- Game Summary (HKU\S-1-5-21-3473786666-1609645680-3100001402-1001\...\Overwolf_nafihghfcpikebhfhdhljejkcifgbdahdhngepfb) (Version: 116.2.4 - Overwolf app)
- Hearthstone (HKLM-x32\...\Hearthstone) (Version: - Blizzard Entertainment)
- Heroes of the Storm (HKLM-x32\...\Heroes of the Storm) (Version: - Blizzard Entertainment)
- Hi-Rez Studios Authenticate and Update Service (HKLM-x32\...\{3C87E0FF-BC0A-4F5E-951B-68DC3F8DF1FC}) (Version: 3.0.0.0 - Hi-Rez Studios)
- Java 8 Update 171 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F64180171F0}) (Version: 8.0.1710.11 - Oracle Corporation)
- Launcher Prerequisites (x64) (HKLM-x32\...\{c6c5a357-c7ca-4a5f-9789-3bb1af579253}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
- League of Legends (HKLM-x32\...\League of Legends 1.0) (Version: 1.0 - Riot Games, Inc)
- Malwarebytes (wersja 3.5.1.2522) (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.5.1.2522 - Malwarebytes)
- Microsoft OneDrive (HKU\S-1-5-21-3473786666-1609645680-3100001402-1001\...\OneDriveSetup.exe) (Version: 18.091.0506.0007 - Microsoft Corporation)
- Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
- Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
- Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
- Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
- Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
- Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
- Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
- Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
- Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
- Microsoft Visual C++ 2017 Redistributable (x64) - 14.13.26020 (HKLM-x32\...\{7474cd6e-76cc-4257-837e-5b9261e526af}) (Version: 14.13.26020.0 - Microsoft Corporation)
- Microsoft Visual C++ 2017 Redistributable (x86) - 14.13.26020 (HKLM-x32\...\{5c045b7f-e561-4794-91f8-c6cda0893107}) (Version: 14.13.26020.0 - Microsoft Corporation)
- Mozilla Firefox 60.0.2 (x64 pl) (HKLM\...\Mozilla Firefox 60.0.2 (x64 pl)) (Version: 60.0.2 - Mozilla)
- Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 60.0.2 - Mozilla)
- NVIDIA GeForce Experience 3.14.0.139 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.14.0.139 - NVIDIA Corporation)
- NVIDIA Oprogramowanie systemu PhysX 9.17.0524 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.17.0524 - NVIDIA Corporation)
- NVIDIA Sterownik 3D Vision 398.36 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 398.36 - NVIDIA Corporation)
- NVIDIA Sterownik dźwięku HD 1.3.37.4 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.37.4 - NVIDIA Corporation)
- NVIDIA Sterownik graficzny 398.36 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 398.36 - NVIDIA Corporation)
- NVIDIA Sterownik kontrolera 3D Vision 390.41 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 390.41 - NVIDIA Corporation)
- Origin (HKLM-x32\...\Origin) (Version: 10.5.21.179 - Electronic Arts, Inc.)
- Overwolf (HKLM-x32\...\Overwolf) (Version: 0.116.2.23 - Overwolf Ltd.)
- Panel sterowania NVIDIA 398.36 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel) (Version: 398.36 - NVIDIA Corporation) Hidden
- Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 10.10.714.2016 - Realtek)
- SHU (HKLM-x32\...\{DF11DD92-DBB8-4F3F-9564-A8BBDBE986F5}_is1) (Version: 1.0 - ScreenShu Software)
- Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
- TeamSpeak (HKU\S-1-5-21-3473786666-1609645680-3100001402-1001\...\Overwolf_jnabojaampcpfclojlbildognlnebnhfhibiielh) (Version: 1.0.0.1 - Overwolf app)
- TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.1.9 - TeamSpeak Systems GmbH)
- Tomb Raider GOTY Edition (HKLM-x32\...\Tomb Raider GOTY Edition_is1) (Version: - )
- Uplay (HKLM-x32\...\Uplay) (Version: 60.0 - Ubisoft)
- Watch_Dogs (HKLM-x32\...\Uplay Install 274) (Version: - Ubisoft)
- WinRAR 5.50 (64-bitowy) (HKLM\...\WinRAR archiver) (Version: 5.50.0 - win.rar GmbH)
- World of Warcraft (HKLM-x32\...\World of Warcraft) (Version: - Blizzard Entertainment)
- ==================== Custom CLSID (Whitelisted): ==========================
- (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
- ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => D:\WinRar\rarext.dll [2017-09-13] (Alexander Roshal)
- ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => D:\WinRar\rarext32.dll [2017-09-13] (Alexander Roshal)
- ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2018-05-09] (Malwarebytes)
- ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\Windows\system32\nvshext.dll [2018-06-24] (NVIDIA Corporation)
- ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2018-05-09] (Malwarebytes)
- ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => D:\WinRar\rarext.dll [2017-09-13] (Alexander Roshal)
- ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => D:\WinRar\rarext32.dll [2017-09-13] (Alexander Roshal)
- ==================== Scheduled Tasks (Whitelisted) =============
- (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
- Task: {00807B5D-E620-44F3-A8D4-8DD7FF9C7AAB} - System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmMon.exe [2018-06-01] (NVIDIA Corporation)
- Task: {06825532-8F1E-46C9-A12D-88A36726B58B} - System32\Tasks\NvTmRepCR2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2018-06-01] (NVIDIA Corporation)
- Task: {0980F4F2-2BD2-492C-A22E-60A415C9B414} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1806.18062-0\MpCmdRun.exe [2018-06-27] (Microsoft Corporation)
- Task: {15F3EB01-A5B4-4CD7-A705-3591E3B6EF3C} - System32\Tasks\NvTmRepCR1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2018-06-01] (NVIDIA Corporation)
- Task: {2A09F530-EB5B-490E-8CB7-E8C0DC8A8FD5} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1806.18062-0\MpCmdRun.exe [2018-06-27] (Microsoft Corporation)
- Task: {2FA4338C-71CF-48DD-9990-03ECDF46871C} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2018-06-01] (NVIDIA Corporation)
- Task: {33C5D568-6C47-4D98-A298-910B1EAFC151} - System32\Tasks\Launcher GIGABYTE AORUS GRAPHICS ENGINE => D:\AORUS GRAPHICS ENGINE\AORUS.exe [2018-05-14] (GIGABYTE Technology Co.,Ltd.)
- Task: {5C94C1A5-AFB2-4003-A6A8-851DD2B8FDBD} - System32\Tasks\NvTmRepCR3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2018-06-01] (NVIDIA Corporation)
- Task: {65B85F6F-35B3-4459-A179-28255D5B7B25} - System32\Tasks\Microsoft\Windows\HelloFace\FODCleanupTask => C:\Windows\System32\WinBioPlugIns\FaceFodUninstaller.exe [2018-04-12] ()
- Task: {6835633D-1DC3-496B-8527-2D2DA01CCED0} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1806.18062-0\MpCmdRun.exe [2018-06-27] (Microsoft Corporation)
- Task: {991F4EF4-500C-405E-9E39-73314F125548} - System32\Tasks\Overwolf Updater Task => C:\Program Files (x86)\Overwolf\OverwolfUpdater.exe [2018-06-24] (Overwolf LTD)
- Task: {9C6D7036-57C9-4A5C-8A6C-21C1D44047B5} - System32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [2018-06-01] (NVIDIA Corporation)
- Task: {9E071237-A5F4-472C-BC89-60B9C5C588F8} - System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2018-06-01] (NVIDIA Corporation)
- Task: {9E3669DC-A6CC-4192-9920-D6CE9D8F204C} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1806.18062-0\MpCmdRun.exe [2018-06-27] (Microsoft Corporation)
- Task: {D9FD74A1-B34B-4E69-BFE3-8B0F93C20A24} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [2018-06-01] (NVIDIA Corporation)
- Task: {DF23E650-F9F0-4E63-B266-DF7386EA6BD1} - System32\Tasks\CCleaner Update => D:\CCleaner\CCUpdate.exe [2018-06-24] (Piriform Ltd)
- Task: {E45A085C-0A32-4A80-9A05-973915225E23} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [2018-06-01] (NVIDIA Corporation)
- Task: {E5871E15-DED6-4BE7-9F5B-B31D9D011419} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [2018-06-01] (NVIDIA Corporation)
- Task: {F2C24127-4A9A-4CB2-8906-F4F2DB329524} - System32\Tasks\CCleanerSkipUAC => D:\CCleaner\CCleaner.exe [2018-06-24] (Piriform Ltd)
- Task: {FB71898B-4D02-45FF-8491-6EEEE6B33533} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2018-06-01] (NVIDIA Corporation)
- (If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
- ==================== Shortcuts & WMI ========================
- (The entries could be listed to be restored or removed.)
- ==================== Loaded Modules (Whitelisted) ==============
- 2018-06-09 21:49 - 2018-06-01 12:16 - 001314752 _____ () C:\Program Files\NVIDIA Corporation\NvContainer\libprotobuf.dll
- 2018-04-12 01:34 - 2018-04-12 01:34 - 000491744 _____ () C:\Windows\System32\InputHost.dll
- 2018-07-02 03:30 - 2018-04-25 13:16 - 002297040 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\SelfProtectionSdk.dll
- 2018-07-02 03:30 - 2018-05-30 09:22 - 002493648 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\MwacLib.dll
- 2018-04-12 01:34 - 2018-04-12 01:34 - 000472064 _____ () C:\Windows\ShellExperiences\TileControl.dll
- 2018-04-12 01:34 - 2018-04-12 01:34 - 002759168 _____ () C:\Windows\ShellComponents\TaskFlowUI.dll
- 2018-06-13 14:27 - 2018-06-08 10:56 - 002185216 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
- 2018-06-10 11:49 - 2018-06-10 11:53 - 000086528 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.1815.209.0_x64__kzf8qxf38zg5c\SkypeHost.exe
- 2018-06-10 11:49 - 2018-06-10 11:53 - 000195072 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.1815.209.0_x64__kzf8qxf38zg5c\SkypeBackgroundTasks.dll
- 2018-06-10 11:49 - 2018-06-10 11:55 - 022374400 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.1815.209.0_x64__kzf8qxf38zg5c\SkyWrap.dll
- 2018-06-10 11:49 - 2018-06-10 11:54 - 002610176 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.1815.209.0_x64__kzf8qxf38zg5c\skypert.dll
- 2018-06-10 11:49 - 2018-06-10 11:50 - 000654848 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.1815.209.0_x64__kzf8qxf38zg5c\RtmMvrUap.dll
- 2018-06-09 22:53 - 2018-06-09 22:55 - 098275328 _____ () D:\Epic Games\Launcher\Engine\Binaries\ThirdParty\CEF3\Win64\libcef.dll
- 2018-06-09 22:55 - 2018-06-09 22:55 - 003922432 _____ () D:\Epic Games\Launcher\Engine\Binaries\ThirdParty\CEF3\Win64\libGLESv2.dll
- 2018-06-09 22:55 - 2018-06-09 22:55 - 000092672 _____ () D:\Epic Games\Launcher\Engine\Binaries\ThirdParty\CEF3\Win64\libEGL.dll
- 2018-06-24 13:26 - 2018-06-24 13:26 - 000061408 _____ () D:\CCleaner\branding.dll
- 2018-06-24 13:26 - 2018-06-24 13:26 - 000090496 _____ () D:\CCleaner\lang\lang-1045.dll
- 2018-06-10 11:48 - 2018-06-10 12:17 - 000478720 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18041.15530.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
- 2018-06-10 11:48 - 2018-06-10 12:17 - 067232256 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18041.15530.0_x64__8wekyb3d8bbwe\Microsoft.Photos.dll
- 2018-06-10 11:48 - 2018-06-10 12:19 - 002523136 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18041.15530.0_x64__8wekyb3d8bbwe\UnityEngineDelegates.dll
- 2018-06-10 11:48 - 2018-06-10 12:18 - 000010752 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18041.15530.0_x64__8wekyb3d8bbwe\RenderingPlugin.dll
- 2018-06-10 11:48 - 2018-06-10 12:11 - 000009216 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18041.15530.0_x64__8wekyb3d8bbwe\ImagePipelineNative.dll
- 2018-06-10 11:48 - 2018-06-10 12:12 - 004214784 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18041.15530.0_x64__8wekyb3d8bbwe\MediaEngineCSWrapper.dll
- 2018-06-10 11:48 - 2018-06-10 12:20 - 000035840 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18041.15530.0_x64__8wekyb3d8bbwe\WinMLWrapper.UWP.dll
- 2018-06-10 11:48 - 2018-06-10 12:18 - 002283008 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18041.15530.0_x64__8wekyb3d8bbwe\TrackingDLLUWP.dll
- 2018-06-10 11:48 - 2018-06-10 12:18 - 014851072 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18041.15530.0_x64__8wekyb3d8bbwe\PhotosApp.Windows.dll
- 2018-06-10 11:48 - 2018-06-10 12:12 - 004058624 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18041.15530.0_x64__8wekyb3d8bbwe\MediaEngine.dll
- 2018-06-10 11:48 - 2018-06-10 11:59 - 003266048 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18041.15530.0_x64__8wekyb3d8bbwe\AppCore.Windows.dll
- 2018-06-10 11:48 - 2018-06-10 12:17 - 001393664 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18041.15530.0_x64__8wekyb3d8bbwe\Microsoft.RichMedia.Ink.Controls.dll
- 2018-06-10 11:48 - 2018-06-10 12:17 - 004218080 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18041.15530.0_x64__8wekyb3d8bbwe\Microsoft.UI.Xaml.dll
- 2018-06-10 11:48 - 2018-06-10 12:18 - 000872448 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18041.15530.0_x64__8wekyb3d8bbwe\RuntimeConfiguration.dll
- 2018-06-10 11:48 - 2018-06-10 12:18 - 000165376 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18041.15530.0_x64__8wekyb3d8bbwe\SKU.dll
- 2018-06-09 21:49 - 2018-06-01 12:16 - 095437248 _____ () C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\libcef.dll
- 2018-06-09 21:49 - 2018-06-01 12:16 - 003028928 _____ () C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\swiftshader\libglesv2.dll
- 2018-06-09 21:49 - 2018-06-01 12:16 - 000149440 _____ () C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\swiftshader\libegl.dll
- 2018-06-22 01:22 - 2018-06-22 01:22 - 000093696 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsStore_11805.1001.42.0_x64__8wekyb3d8bbwe\WinStore.Preview.dll
- 2018-06-22 01:22 - 2018-06-22 01:22 - 002447072 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsStore_11805.1001.42.0_x64__8wekyb3d8bbwe\Microsoft.UI.Xaml.dll
- 2018-06-22 01:22 - 2018-06-22 01:22 - 007813632 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsStore_11805.1001.42.0_x64__8wekyb3d8bbwe\WinStore.Entertainment.Mobile.dll
- 2018-06-09 21:49 - 2018-06-01 12:16 - 001032640 _____ () C:\Program Files (x86)\NVIDIA Corporation\NvContainer\libprotobuf.dll
- 2018-06-09 21:28 - 2018-06-08 23:38 - 000788256 _____ () D:\Steam\SDL2.dll
- 2018-06-09 21:28 - 2018-06-09 01:39 - 002632992 _____ () D:\Steam\video.dll
- 2018-06-09 21:28 - 2018-06-08 23:42 - 004969248 _____ () D:\Steam\v8.dll
- 2018-06-09 21:28 - 2018-06-08 23:40 - 000695584 _____ () D:\Steam\libavformat-57.dll
- 2018-06-09 21:28 - 2018-06-08 23:40 - 000351520 _____ () D:\Steam\libavresample-3.dll
- 2018-06-09 21:28 - 2018-06-08 23:40 - 005137696 _____ () D:\Steam\libavcodec-57.dll
- 2018-06-09 21:28 - 2018-06-08 23:40 - 000847136 _____ () D:\Steam\libavutil-55.dll
- 2018-06-09 21:28 - 2018-06-08 23:40 - 000783648 _____ () D:\Steam\libswscale-4.dll
- 2018-06-09 21:28 - 2018-06-08 23:40 - 001563936 _____ () D:\Steam\icui18n.dll
- 2018-06-09 21:28 - 2018-06-08 23:40 - 001195296 _____ () D:\Steam\icuuc.dll
- 2018-06-09 21:28 - 2018-06-09 01:38 - 000979744 _____ () D:\Steam\bin\chromehtml.DLL
- 2018-06-09 21:28 - 2018-06-08 23:40 - 000266560 _____ () D:\Steam\openvr_api.dll
- 2018-06-09 21:16 - 2017-01-12 11:15 - 000225792 _____ () D:\AORUS GRAPHICS ENGINE\GvFireware.dll
- 2018-06-09 21:16 - 2017-01-12 11:15 - 000025088 _____ () D:\AORUS GRAPHICS ENGINE\BSL430.dll
- 2018-06-09 21:28 - 2018-06-08 23:39 - 083524384 _____ () D:\Steam\bin\cef\cef.win7\libcef.dll
- 2018-06-09 21:28 - 2018-06-08 23:39 - 000788256 _____ () D:\Steam\bin\cef\cef.win7\SDL2.dll
- 2018-06-09 21:28 - 2018-06-08 23:42 - 000119208 _____ () D:\Steam\winh264.dll
- 2018-06-09 21:28 - 2018-06-08 23:39 - 002253600 _____ () D:\Steam\bin\cef\cef.win7\swiftshader\libglesv2.dll
- 2018-06-09 21:28 - 2018-06-08 23:39 - 000109856 _____ () D:\Steam\bin\cef\cef.win7\swiftshader\libegl.dll
- 2018-06-09 21:16 - 2016-10-23 12:03 - 000225792 _____ () D:\AORUS GRAPHICS ENGINE\Led\GvFireware.dll
- ==================== Alternate Data Streams (Whitelisted) =========
- (If an entry is included in the fixlist, only the ADS will be removed.)
- AlternateDataStreams: C:\Users\flork\OneDrive\Documents\Heroes of the Storm:${3D0CE612-FDEE-43f7-8ACA-957BEC0CCBA0}.Metadata [194]
- AlternateDataStreams: C:\Users\flork\OneDrive\Documents\League of Legends:${3D0CE612-FDEE-43f7-8ACA-957BEC0CCBA0}.Metadata [194]
- AlternateDataStreams: C:\Users\flork\OneDrive\Documents\My Games:${3D0CE612-FDEE-43f7-8ACA-957BEC0CCBA0}.Metadata [194]
- AlternateDataStreams: C:\Users\flork\OneDrive\Documents\temp:${3D0CE612-FDEE-43f7-8ACA-957BEC0CCBA0}.Metadata [194]
- AlternateDataStreams: C:\Users\flork\OneDrive\Documents\The Witcher:${3D0CE612-FDEE-43f7-8ACA-957BEC0CCBA0}.Metadata [194]
- AlternateDataStreams: C:\Users\flork\OneDrive\Documents\The Witcher 3:${3D0CE612-FDEE-43f7-8ACA-957BEC0CCBA0}.Metadata [194]
- AlternateDataStreams: C:\Users\flork\OneDrive\Documents\Witcher 2:${3D0CE612-FDEE-43f7-8ACA-957BEC0CCBA0}.Metadata [194]
- AlternateDataStreams: C:\Users\Public\AppData:CSM [482]
- ==================== Safe Mode (Whitelisted) ===================
- (If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
- HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
- HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
- ==================== Association (Whitelisted) ===============
- (If an entry is included in the fixlist, the registry item will be restored to default or removed.)
- ==================== Internet Explorer trusted/restricted ===============
- (If an entry is included in the fixlist, it will be removed from the registry.)
- ==================== Hosts content: ===============================
- (If needed Hosts: directive could be included in the fixlist to reset Hosts.)
- 2018-04-12 01:38 - 2018-04-12 01:36 - 000000824 _____ C:\Windows\system32\Drivers\etc\hosts
- ==================== Other Areas ============================
- (Currently there is no automatic fix for this section.)
- HKU\S-1-5-21-3473786666-1609645680-3100001402-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\flork\Downloads\harry-potter-7-deathly-hallows.jpg
- DNS Servers: 188.241.25.3 - 188.241.25.2
- HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
- HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: )
- Windows Firewall is enabled.
- ==================== MSCONFIG/TASK MANAGER disabled items ==
- MSCONFIG\Services: BEService => 3
- MSCONFIG\Services: EasyAntiCheat => 3
- MSCONFIG\Services: HiPatchService => 2
- MSCONFIG\Services: Origin Client Service => 3
- MSCONFIG\Services: Origin Web Helper Service => 2
- MSCONFIG\Services: OverwolfUpdater => 3
- MSCONFIG\Services: Steam Client Service => 3
- HKU\S-1-5-21-3473786666-1609645680-3100001402-1001\...\StartupApproved\Run: => "Overwolf"
- ==================== FirewallRules (Whitelisted) ===============
- (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
- FirewallRules: [{9702A335-9F0D-4509-A9E7-25E6B7338E00}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
- FirewallRules: [{4EF889C1-EB33-40D6-9DA3-D0F320B409A1}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
- FirewallRules: [TCP Query User{41C491DF-C537-46F1-B654-BB3D3DE17571}D:\aorus graphics engine\aorus.exe] => (Allow) D:\aorus graphics engine\aorus.exe
- FirewallRules: [UDP Query User{4A586C71-8047-400C-9F0F-CC6D23617D75}D:\aorus graphics engine\aorus.exe] => (Allow) D:\aorus graphics engine\aorus.exe
- FirewallRules: [{3E8610D3-A5AD-4EDE-B120-6357E28F188A}] => (Allow) D:\Steam\Steam.exe
- FirewallRules: [{D8725D65-A0EA-44F9-A428-F9DD06045F05}] => (Allow) D:\Steam\Steam.exe
- FirewallRules: [{9C795B25-7DCE-4615-A1CC-B0649A191D19}] => (Allow) D:\Steam\bin\cef\cef.win7\steamwebhelper.exe
- FirewallRules: [{2F51E539-A720-4C3D-B1FB-F7ECB4C9F2C2}] => (Allow) D:\Steam\bin\cef\cef.win7\steamwebhelper.exe
- FirewallRules: [{7AF8DDB3-86E7-465D-A656-CA29508182FE}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
- FirewallRules: [{EA8BB8D3-5A27-4046-AE6D-D1B4D750701F}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
- FirewallRules: [{A21BA4AA-7832-40F2-B07C-60209704D226}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
- FirewallRules: [{F097DA5D-5FF8-4FC5-BB34-B7B1A4B37EC3}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
- FirewallRules: [{8AED7DE4-CD25-48DD-955B-264E23DCE199}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
- FirewallRules: [{E9F0B69E-56E3-4D29-A938-A796D7FA97C3}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
- FirewallRules: [TCP Query User{C3572120-405F-4207-BF51-38E0065DA37E}D:\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe] => (Allow) D:\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe
- FirewallRules: [UDP Query User{812CE2FA-28E9-491B-AFEF-A4AADE904B23}D:\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe] => (Allow) D:\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe
- FirewallRules: [TCP Query User{FCBCEC12-AEE0-46BE-9209-5F5893FFFA89}D:\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe] => (Allow) D:\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe
- FirewallRules: [UDP Query User{5EFB834D-66DC-4041-BB39-5FDFAE46D53E}D:\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe] => (Allow) D:\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe
- FirewallRules: [TCP Query User{2769A718-B70D-4D26-AA49-2F308ADABD54}D:\lol\rads\projects\league_client\releases\0.0.0.149\deploy\leagueclient.exe] => (Allow) D:\lol\rads\projects\league_client\releases\0.0.0.149\deploy\leagueclient.exe
- FirewallRules: [UDP Query User{CF7D5C7E-7C19-4887-8271-DB9544305AD8}D:\lol\rads\projects\league_client\releases\0.0.0.149\deploy\leagueclient.exe] => (Allow) D:\lol\rads\projects\league_client\releases\0.0.0.149\deploy\leagueclient.exe
- FirewallRules: [{4B91554B-5ADE-4AC0-8CF2-D9269BB66440}] => (Allow) D:\Steam\steamapps\common\Skyrim\SkyrimLauncher.exe
- FirewallRules: [{FBBCB3CF-CAAF-49F8-9C49-95CAC4D5871A}] => (Allow) D:\Steam\steamapps\common\Skyrim\SkyrimLauncher.exe
- FirewallRules: [TCP Query User{80EEDD71-931C-4B56-AB63-A1605EA56539}D:\epic games\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe] => (Allow) D:\epic games\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe
- FirewallRules: [UDP Query User{A08DE090-474F-4CEE-8C31-9216D506875E}D:\epic games\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe] => (Allow) D:\epic games\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe
- FirewallRules: [{9A4615C8-4EA0-4FF8-AA4E-33A3DC68B980}] => (Allow) D:\Steam\steamapps\common\SleepingDogs\HKShip.exe
- FirewallRules: [{18C3B421-391A-4C21-92C9-B7ECC67E5E82}] => (Allow) D:\Steam\steamapps\common\SleepingDogs\HKShip.exe
- FirewallRules: [{545848B8-A865-4DCA-A7B7-07EB0C19E526}] => (Allow) D:\Steam\steamapps\common\Realm Royale\Binaries\Win64\RealmEAC.exe
- FirewallRules: [{5AC7FBC0-8600-45F3-9B71-281980368BAD}] => (Allow) D:\Steam\steamapps\common\Realm Royale\Binaries\Win64\RealmEAC.exe
- FirewallRules: [TCP Query User{AB939B2A-1D7F-41BB-821C-E5411284867C}D:\steam\steamapps\common\realm royale\binaries\win64\realm.exe] => (Allow) D:\steam\steamapps\common\realm royale\binaries\win64\realm.exe
- FirewallRules: [UDP Query User{0061E126-3439-4D2A-9377-18A8382A3AD6}D:\steam\steamapps\common\realm royale\binaries\win64\realm.exe] => (Allow) D:\steam\steamapps\common\realm royale\binaries\win64\realm.exe
- FirewallRules: [TCP Query User{CA9D7535-2A4A-48D7-AFF1-D841A982DFE9}D:\hearthstone\hearthstone.exe] => (Allow) D:\hearthstone\hearthstone.exe
- FirewallRules: [UDP Query User{D40C556F-1BA0-49E4-BF55-CEDC3FD6B7F3}D:\hearthstone\hearthstone.exe] => (Allow) D:\hearthstone\hearthstone.exe
- FirewallRules: [{2BB54C58-1A64-4082-AB5C-685222CCE11B}] => (Allow) C:\Users\flork\AppData\Roaming\BitTorrent\BitTorrent.exe
- FirewallRules: [{46A9296F-1C35-4A02-A9D1-4E86398FB0CC}] => (Allow) C:\Users\flork\AppData\Roaming\BitTorrent\BitTorrent.exe
- FirewallRules: [TCP Query User{59B4BA2F-0FA2-4B43-8335-C93047F1B094}D:\heroes of the storm\versions\base65943\heroesofthestorm_x64.exe] => (Allow) D:\heroes of the storm\versions\base65943\heroesofthestorm_x64.exe
- FirewallRules: [UDP Query User{1711DD8F-3E91-478C-BC8A-548502F95F69}D:\heroes of the storm\versions\base65943\heroesofthestorm_x64.exe] => (Allow) D:\heroes of the storm\versions\base65943\heroesofthestorm_x64.exe
- FirewallRules: [{417D64BC-D311-4638-966C-F641BE3C5C10}] => (Allow) D:\Steam\steamapps\common\H1Z1\H1Z1_BE.exe
- FirewallRules: [{CB7836E6-EEE7-4598-B6F6-720F16740B11}] => (Allow) D:\Steam\steamapps\common\H1Z1\H1Z1_BE.exe
- FirewallRules: [TCP Query User{AC6BBEFD-4096-4777-9CC0-C247955E8026}D:\steam\steamapps\common\h1z1\h1z1.exe] => (Allow) D:\steam\steamapps\common\h1z1\h1z1.exe
- FirewallRules: [UDP Query User{3E226999-04CC-4AC9-9305-AC3269E63AA7}D:\steam\steamapps\common\h1z1\h1z1.exe] => (Allow) D:\steam\steamapps\common\h1z1\h1z1.exe
- FirewallRules: [{B1FCE6C1-9846-4C43-9765-F807AE39DA4A}] => (Allow) D:\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe
- FirewallRules: [{CC3FA7C8-3F29-4CBA-A09C-EB5DCF4AA782}] => (Allow) D:\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe
- FirewallRules: [{1E893256-D799-400C-88FE-2278F41220A6}] => (Allow) D:\Steam\steamapps\common\Paladins\Binaries\Win32\HirezBridge.exe
- FirewallRules: [{526800BE-D19D-4334-9B15-E3A0A8BE05EB}] => (Allow) D:\Steam\steamapps\common\Paladins\Binaries\Win32\HirezBridge.exe
- FirewallRules: [TCP Query User{50597A3B-7821-461D-89D4-E1D166FEABEB}D:\steam\steamapps\common\paladins\binaries\win64\paladins.exe] => (Allow) D:\steam\steamapps\common\paladins\binaries\win64\paladins.exe
- FirewallRules: [UDP Query User{80EDF437-6AF1-4019-A0F8-C8062C460A5B}D:\steam\steamapps\common\paladins\binaries\win64\paladins.exe] => (Allow) D:\steam\steamapps\common\paladins\binaries\win64\paladins.exe
- FirewallRules: [{0A020273-1EB8-49C7-BA51-290F07C47314}] => (Allow) D:\Steam\steamapps\common\The Witcher Enhanced Edition\System\witcher.exe
- FirewallRules: [{D0B4445C-F035-4AA0-AF36-18ABD4515D4D}] => (Allow) D:\Steam\steamapps\common\The Witcher Enhanced Edition\System\witcher.exe
- FirewallRules: [{3680A742-E093-4B87-B5A6-1A8763551C08}] => (Allow) D:\Steam\steamapps\common\The Witcher Enhanced Edition\System\djinni!.exe
- FirewallRules: [{9BCE38D5-F892-40C5-B84C-EB2810F68006}] => (Allow) D:\Steam\steamapps\common\The Witcher Enhanced Edition\System\djinni!.exe
- FirewallRules: [{9FFF1F94-1453-417F-BFC0-073526C79F95}] => (Allow) D:\Steam\steamapps\common\The Witcher Enhanced Edition\Digital Comic\DigitalComic.exe
- FirewallRules: [{9602F986-B72A-43C4-862D-21E92CF88F1E}] => (Allow) D:\Steam\steamapps\common\The Witcher Enhanced Edition\Digital Comic\DigitalComic.exe
- FirewallRules: [{842BA62D-5A1E-40EF-B8D4-F89008E9EC68}] => (Allow) D:\Steam\steamapps\common\the witcher 2\Launcher.exe
- FirewallRules: [{A33574C5-3A73-4EFF-8895-1EA95CA674C9}] => (Allow) D:\Steam\steamapps\common\the witcher 2\Launcher.exe
- FirewallRules: [TCP Query User{933A078A-E7CD-45CF-ADF5-68F935C1F1C6}D:\steam\steamapps\common\the witcher 2\bin\witcher2.exe] => (Allow) D:\steam\steamapps\common\the witcher 2\bin\witcher2.exe
- FirewallRules: [UDP Query User{CA80673F-C1C7-4950-8311-2BB97B2EEF19}D:\steam\steamapps\common\the witcher 2\bin\witcher2.exe] => (Allow) D:\steam\steamapps\common\the witcher 2\bin\witcher2.exe
- FirewallRules: [{497B0EB2-170B-4E2C-9D59-DB5C8CB6F59E}] => (Allow) D:\Steam\steamapps\common\The Witcher 3\bin\x64\witcher3.exe
- FirewallRules: [{909FE43C-3972-438F-9929-5B1965C2F91F}] => (Allow) D:\Steam\steamapps\common\The Witcher 3\bin\x64\witcher3.exe
- FirewallRules: [TCP Query User{9D1539C4-B6C0-443F-9425-25B53C212D0C}C:\users\flork\downloads\sdi_r1806\sdi_x64_r1806.exe] => (Allow) C:\users\flork\downloads\sdi_r1806\sdi_x64_r1806.exe
- FirewallRules: [UDP Query User{90CEFAEB-6AD5-477E-BC28-BF3FE7F1FB66}C:\users\flork\downloads\sdi_r1806\sdi_x64_r1806.exe] => (Allow) C:\users\flork\downloads\sdi_r1806\sdi_x64_r1806.exe
- FirewallRules: [{456757C8-0836-4020-985E-C95DF6DD366F}] => (Allow) D:\CCleaner\CCUpdate.exe
- FirewallRules: [{F9A4FCBE-3854-4A0D-82B9-D8CCDC99B57B}] => (Allow) D:\CCleaner\CCUpdate.exe
- FirewallRules: [{0467C755-6C95-4EE2-B0FE-36D6D42BD7C8}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.84.344.0_x86__zpdnekdrzrea0\Spotify.exe
- FirewallRules: [{9137300D-15CB-4B6E-914B-115534D49EAB}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.84.344.0_x86__zpdnekdrzrea0\Spotify.exe
- FirewallRules: [{9FD9BE19-6A46-4878-BE30-0F400E1E7408}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.84.344.0_x86__zpdnekdrzrea0\Spotify.exe
- FirewallRules: [{BB04F33F-0F80-408E-AD7A-6D6B909039C5}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.84.344.0_x86__zpdnekdrzrea0\Spotify.exe
- FirewallRules: [{29D89073-889D-422A-AB8E-ECDEA631F599}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.84.344.0_x86__zpdnekdrzrea0\Spotify.exe
- FirewallRules: [{22CB86B0-B5B8-4B3C-BA50-67CBF5F64BFF}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.84.344.0_x86__zpdnekdrzrea0\Spotify.exe
- FirewallRules: [{15D176BF-25BF-4C8C-B109-DD71F6A05768}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.84.344.0_x86__zpdnekdrzrea0\Spotify.exe
- FirewallRules: [{17BE9687-B99A-4B10-B27A-965F80F4F9DA}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.84.344.0_x86__zpdnekdrzrea0\Spotify.exe
- FirewallRules: [{F0CC303A-D664-4E0B-AAA2-C18CED1004C1}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.84.344.0_x86__zpdnekdrzrea0\SpotifyWebHelper.exe
- FirewallRules: [{3A4DA6E9-05BA-461C-BE7E-BFA1B398016C}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.84.344.0_x86__zpdnekdrzrea0\SpotifyWebHelper.exe
- ==================== Restore Points =========================
- 27-06-2018 19:04:14 Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501
- 27-06-2018 19:05:13 Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005
- ==================== Faulty Device Manager Devices =============
- ==================== Event log errors: =========================
- Application errors:
- ==================
- Error: (07/01/2018 06:07:12 PM) (Source: Microsoft-Windows-SpellChecker) (EventID: 33) (User: DESKTOP-KJD4D7N)
- Description: httphttp-2147467263
- Error: (07/01/2018 05:52:21 PM) (Source: COM) (EventID: 10031) (User: )
- Description: Podczas anulowania kierowania obiektu skierowanego niestandardowo wykonano sprawdzanie zasad anulowania kierowania i klasa {41FD88F7-F295-4D39-91AC-A85F3149A05B} została odrzucona.
- Error: (07/01/2018 05:52:21 PM) (Source: COM) (EventID: 10031) (User: )
- Description: Podczas anulowania kierowania obiektu skierowanego niestandardowo wykonano sprawdzanie zasad anulowania kierowania i klasa {41FD88F7-F295-4D39-91AC-A85F3149A05B} została odrzucona.
- Error: (06/30/2018 05:35:11 PM) (Source: Application Error) (EventID: 1000) (User: )
- Description: Nazwa aplikacji powodującej błąd: witcher.exe, wersja: 1.5.0.1304, sygnatura czasowa: 0x4910475c
- Nazwa modułu powodującego błąd: witcher.exe, wersja: 1.5.0.1304, sygnatura czasowa: 0x4910475c
- Kod wyjątku: 0xc0000005
- Przesunięcie błędu: 0x0066525c
- Identyfikator procesu powodującego błąd: 0x2afc
- Godzina uruchomienia aplikacji powodującej błąd: 0x01d41084cd57b069
- Ścieżka aplikacji powodującej błąd: D:\Steam\steamapps\common\The Witcher Enhanced Edition\system\witcher.exe
- Ścieżka modułu powodującego błąd: D:\Steam\steamapps\common\The Witcher Enhanced Edition\system\witcher.exe
- Identyfikator raportu: 77f5f17a-8667-4fef-a92b-f4d76de876a8
- Pełna nazwa pakietu powodującego błąd:
- Identyfikator aplikacji względem pakietu powodującego błąd:
- Error: (06/30/2018 08:02:32 AM) (Source: Microsoft-Windows-SpellChecker) (EventID: 33) (User: DESKTOP-KJD4D7N)
- Description: httphttp-2147467263
- Error: (06/29/2018 06:03:23 PM) (Source: Application Error) (EventID: 1000) (User: )
- Description: Nazwa aplikacji powodującej błąd: witcher.exe, wersja: 1.5.0.1304, sygnatura czasowa: 0x4910475c
- Nazwa modułu powodującego błąd: witcher.exe, wersja: 1.5.0.1304, sygnatura czasowa: 0x4910475c
- Kod wyjątku: 0xc0000005
- Przesunięcie błędu: 0x00436a85
- Identyfikator procesu powodującego błąd: 0x2878
- Godzina uruchomienia aplikacji powodującej błąd: 0x01d40fa6eec1b2d7
- Ścieżka aplikacji powodującej błąd: D:\Steam\steamapps\common\The Witcher Enhanced Edition\system\witcher.exe
- Ścieżka modułu powodującego błąd: D:\Steam\steamapps\common\The Witcher Enhanced Edition\system\witcher.exe
- Identyfikator raportu: 90e1750a-9461-42ba-a1e4-7d6692c60432
- Pełna nazwa pakietu powodującego błąd:
- Identyfikator aplikacji względem pakietu powodującego błąd:
- Error: (06/28/2018 08:15:09 PM) (Source: Application Error) (EventID: 1000) (User: )
- Description: Nazwa aplikacji powodującej błąd: witcher.exe, wersja: 1.5.0.1304, sygnatura czasowa: 0x4910475c
- Nazwa modułu powodującego błąd: MSVCR80.dll, wersja: 8.0.50727.9445, sygnatura czasowa: 0x5a7bc74c
- Kod wyjątku: 0xc0000005
- Przesunięcie błędu: 0x00014a5d
- Identyfikator procesu powodującego błąd: 0x2348
- Godzina uruchomienia aplikacji powodującej błąd: 0x01d40ef43ea731a5
- Ścieżka aplikacji powodującej błąd: D:\Steam\steamapps\common\The Witcher Enhanced Edition\system\witcher.exe
- Ścieżka modułu powodującego błąd: C:\Windows\WinSxS\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.9445_none_d08c58b4442ba54f\MSVCR80.dll
- Identyfikator raportu: 1bfe85c3-fb13-40e8-aa87-de6c333133db
- Pełna nazwa pakietu powodującego błąd:
- Identyfikator aplikacji względem pakietu powodującego błąd:
- Error: (06/27/2018 08:33:49 PM) (Source: Application Hang) (EventID: 1002) (User: )
- Description: Program Steam.exe w wersji 4.55.34.56 przestał współpracować z systemem Windows i został zamknięty. Aby sprawdzić, czy jest dostępnych więcej informacji na temat tego problemu, sprawdź historię problemu w oknie Zabezpieczenia i konserwacja w Panelu sterowania.
- Identyfikator procesu: 7a0
- Godzina rozpoczęcia: 01d40e0f8e2ba2ba
- Godzina zakończenia: 19
- Ścieżka aplikacji: D:\Steam\Steam.exe
- Identyfikator raportu: 82c8c6a4-f879-44f7-aed8-f81b18d55c71
- Pełna nazwa pakietu powodującego błąd:
- Identyfikator aplikacji względem pakietu powodującego błąd:
- System errors:
- =============
- Error: (07/02/2018 10:47:26 AM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-KJD4D7N)
- Description: Zgodnie z ustawieniami uprawnienia application-specific nie jest udzielane uprawnienie Local Activation do aplikacji serwera COM z identyfikatorem klasy CLSID
- {8BC3F05E-D86B-11D0-A075-00C04FB68820}
- i identyfikatorem aplikacji APPID
- {8BC3F05E-D86B-11D0-A075-00C04FB68820}
- użytkownikowi DESKTOP-KJD4D7N\flork o identyfikatorze zabezpieczeń SID (S-1-5-21-3473786666-1609645680-3100001402-1001) z adresu LocalHost (Using LRPC) działającemu w kontenerze aplikacji o identyfikatorze SID Microsoft.Windows.ContentDeliveryManager_10.0.17134.1_neutral_neutral_cw5n1h2txyewy (S-1-15-2-350187224-1905355452-1037786396-3028148496-2624191407-3283318427-1255436723). To uprawnienie zabezpieczeń można modyfikować przy użyciu narzędzia administracyjnego Usługi składowe.
- Error: (07/02/2018 10:47:22 AM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-KJD4D7N)
- Description: Zgodnie z ustawieniami uprawnienia application-specific nie jest udzielane uprawnienie Local Activation do aplikacji serwera COM z identyfikatorem klasy CLSID
- {8BC3F05E-D86B-11D0-A075-00C04FB68820}
- i identyfikatorem aplikacji APPID
- {8BC3F05E-D86B-11D0-A075-00C04FB68820}
- użytkownikowi DESKTOP-KJD4D7N\flork o identyfikatorze zabezpieczeń SID (S-1-5-21-3473786666-1609645680-3100001402-1001) z adresu LocalHost (Using LRPC) działającemu w kontenerze aplikacji o identyfikatorze SID Microsoft.Windows.ContentDeliveryManager_10.0.17134.1_neutral_neutral_cw5n1h2txyewy (S-1-15-2-350187224-1905355452-1037786396-3028148496-2624191407-3283318427-1255436723). To uprawnienie zabezpieczeń można modyfikować przy użyciu narzędzia administracyjnego Usługi składowe.
- Error: (07/02/2018 10:46:35 AM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-KJD4D7N)
- Description: Zgodnie z ustawieniami uprawnienia application-specific nie jest udzielane uprawnienie Local Activation do aplikacji serwera COM z identyfikatorem klasy CLSID
- {D63B10C5-BB46-4990-A94F-E40B9D520160}
- i identyfikatorem aplikacji APPID
- {9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
- użytkownikowi DESKTOP-KJD4D7N\flork o identyfikatorze zabezpieczeń SID (S-1-5-21-3473786666-1609645680-3100001402-1001) z adresu LocalHost (Using LRPC) działającemu w kontenerze aplikacji o identyfikatorze SID Unavailable (Unavailable). To uprawnienie zabezpieczeń można modyfikować przy użyciu narzędzia administracyjnego Usługi składowe.
- Error: (07/02/2018 03:24:36 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
- Description: Zgodnie z ustawieniami uprawnienia application-specific nie jest udzielane uprawnienie Local Launch do aplikacji serwera COM z identyfikatorem klasy CLSID
- Windows.SecurityCenter.WscDataProtection
- i identyfikatorem aplikacji APPID
- Unavailable
- użytkownikowi NT AUTHORITY\SYSTEM o identyfikatorze zabezpieczeń SID (S-1-5-18) z adresu LocalHost (Using LRPC) działającemu w kontenerze aplikacji o identyfikatorze SID Unavailable (Unavailable). To uprawnienie zabezpieczeń można modyfikować przy użyciu narzędzia administracyjnego Usługi składowe.
- Error: (07/02/2018 03:24:36 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
- Description: Zgodnie z ustawieniami uprawnienia application-specific nie jest udzielane uprawnienie Local Launch do aplikacji serwera COM z identyfikatorem klasy CLSID
- Windows.SecurityCenter.WscBrokerManager
- i identyfikatorem aplikacji APPID
- Unavailable
- użytkownikowi NT AUTHORITY\SYSTEM o identyfikatorze zabezpieczeń SID (S-1-5-18) z adresu LocalHost (Using LRPC) działającemu w kontenerze aplikacji o identyfikatorze SID Unavailable (Unavailable). To uprawnienie zabezpieczeń można modyfikować przy użyciu narzędzia administracyjnego Usługi składowe.
- Error: (07/02/2018 03:12:56 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
- Description: Zgodnie z ustawieniami uprawnienia application-specific nie jest udzielane uprawnienie Local Launch do aplikacji serwera COM z identyfikatorem klasy CLSID
- Windows.SecurityCenter.WscDataProtection
- i identyfikatorem aplikacji APPID
- Unavailable
- użytkownikowi NT AUTHORITY\SYSTEM o identyfikatorze zabezpieczeń SID (S-1-5-18) z adresu LocalHost (Using LRPC) działającemu w kontenerze aplikacji o identyfikatorze SID Unavailable (Unavailable). To uprawnienie zabezpieczeń można modyfikować przy użyciu narzędzia administracyjnego Usługi składowe.
- Error: (07/01/2018 06:00:03 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
- Description: Instalacja nie powiodła się: system Windows nie mógł zainstalować następującej aktualizacji, ponieważ wystąpił błąd 0x80073d02: 9NCBCSZSJRSB-SpotifyAB.SpotifyMusic.
- Error: (07/01/2018 05:56:07 PM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-KJD4D7N)
- Description: Zgodnie z ustawieniami uprawnienia application-specific nie jest udzielane uprawnienie Local Activation do aplikacji serwera COM z identyfikatorem klasy CLSID
- {8BC3F05E-D86B-11D0-A075-00C04FB68820}
- i identyfikatorem aplikacji APPID
- {8BC3F05E-D86B-11D0-A075-00C04FB68820}
- użytkownikowi DESKTOP-KJD4D7N\flork o identyfikatorze zabezpieczeń SID (S-1-5-21-3473786666-1609645680-3100001402-1001) z adresu LocalHost (Using LRPC) działającemu w kontenerze aplikacji o identyfikatorze SID Microsoft.Windows.ContentDeliveryManager_10.0.17134.1_neutral_neutral_cw5n1h2txyewy (S-1-15-2-350187224-1905355452-1037786396-3028148496-2624191407-3283318427-1255436723). To uprawnienie zabezpieczeń można modyfikować przy użyciu narzędzia administracyjnego Usługi składowe.
- Windows Defender:
- ===================================
- Date: 2018-06-22 10:44:41.353
- Description:
- Skanowanie produktu Program antywirusowy Windows Defender zostalo zatrzymane przed ukonczeniem.
- Identyfikator skanowania: {878EDD92-47F5-4555-92B6-E299B7322FAD}
- Typ skanowania: Narzedzia chroniace przed zlosliwym oprogramowaniem
- Parametry skanowania: Szybkie skanowanie
- Uzytkownik: NT AUTHORITY\SYSTEM
- Date: 2018-06-22 01:22:07.420
- Description:
- Skanowanie produktu Program antywirusowy Windows Defender zostalo zatrzymane przed ukonczeniem.
- Identyfikator skanowania: {F06A0500-004F-4752-A54D-0C3C75CD3912}
- Typ skanowania: Narzedzia chroniace przed zlosliwym oprogramowaniem
- Parametry skanowania: Szybkie skanowanie
- Uzytkownik: NT AUTHORITY\SYSTEM
- Date: 2018-06-20 13:03:01.430
- Description:
- Skanowanie produktu Program antywirusowy Windows Defender zostalo zatrzymane przed ukonczeniem.
- Identyfikator skanowania: {EDB3B4E9-BA34-4226-8824-6409266A72B9}
- Typ skanowania: Narzedzia chroniace przed zlosliwym oprogramowaniem
- Parametry skanowania: Szybkie skanowanie
- Uzytkownik: NT AUTHORITY\SYSTEM
- Date: 2018-06-20 11:53:32.586
- Description:
- Skanowanie produktu Program antywirusowy Windows Defender zostalo zatrzymane przed ukonczeniem.
- Identyfikator skanowania: {F53D2232-4CFB-42D2-B299-22049BF67DFA}
- Typ skanowania: Narzedzia chroniace przed zlosliwym oprogramowaniem
- Parametry skanowania: Szybkie skanowanie
- Uzytkownik: NT AUTHORITY\SYSTEM
- Date: 2018-06-20 11:33:20.494
- Description:
- Skanowanie produktu Program antywirusowy Windows Defender zostalo zatrzymane przed ukonczeniem.
- Identyfikator skanowania: {B4446E8D-1254-46FE-834B-71E62BA8AB3C}
- Typ skanowania: Narzedzia chroniace przed zlosliwym oprogramowaniem
- Parametry skanowania: Szybkie skanowanie
- Uzytkownik: NT AUTHORITY\SYSTEM
- CodeIntegrity:
- ===================================
- Date: 2018-06-26 14:15:30.273
- Description:
- Code Integrity determined that a process (\Device\HarddiskVolume5\Windows\System32\browser_broker.exe) attempted to load \Device\HarddiskVolume5\Program Files (x86)\Overwolf\0.116.2.23\x64\OWExplorer.dll that did not meet the Microsoft signing level requirements.
- Date: 2018-06-26 14:15:30.270
- Description:
- Code Integrity determined that a process (\Device\HarddiskVolume5\Windows\System32\browser_broker.exe) attempted to load \Device\HarddiskVolume5\Program Files (x86)\Overwolf\0.116.2.23\x64\OWExplorer.dll that did not meet the Microsoft signing level requirements.
- Date: 2018-06-26 14:15:30.266
- Description:
- Code Integrity determined that a process (\Device\HarddiskVolume5\Windows\System32\browser_broker.exe) attempted to load \Device\HarddiskVolume5\Program Files (x86)\Overwolf\0.116.2.23\x64\OWExplorer.dll that did not meet the Microsoft signing level requirements.
- Date: 2018-06-26 14:15:30.263
- Description:
- Code Integrity determined that a process (\Device\HarddiskVolume5\Windows\System32\browser_broker.exe) attempted to load \Device\HarddiskVolume5\Program Files (x86)\Overwolf\0.116.2.23\x64\OWExplorer.dll that did not meet the Microsoft signing level requirements.
- Date: 2018-06-26 14:15:30.260
- Description:
- Code Integrity determined that a process (\Device\HarddiskVolume5\Windows\System32\browser_broker.exe) attempted to load \Device\HarddiskVolume5\Program Files (x86)\Overwolf\0.116.2.23\x64\OWExplorer.dll that did not meet the Microsoft signing level requirements.
- Date: 2018-06-26 14:15:30.185
- Description:
- Code Integrity determined that a process (\Device\HarddiskVolume5\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe) attempted to load \Device\HarddiskVolume5\Program Files (x86)\Overwolf\0.116.2.23\x64\OWExplorer.dll that did not meet the Store signing level requirements.
- Date: 2018-06-25 11:55:07.910
- Description:
- Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\WindowsApps\Microsoft.MicrosoftOfficeHub_17.9328.1700.0_x64__8wekyb3d8bbwe\Office16\OfficeHubTaskHost.exe) attempted to load \Device\HarddiskVolume5\Program Files (x86)\Overwolf\0.116.2.22\x64\OWExplorer.dll that did not meet the Store signing level requirements.
- Date: 2018-06-24 21:20:18.793
- Description:
- Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\WindowsApps\Microsoft.MicrosoftOfficeHub_17.9328.1700.0_x64__8wekyb3d8bbwe\Office16\OfficeHubTaskHost.exe) attempted to load \Device\HarddiskVolume5\Program Files (x86)\Overwolf\0.116.1.11\x64\OWExplorer.dll that did not meet the Store signing level requirements.
- ==================== Memory info ===========================
- Processor: Intel(R) Core(TM) i5-8400 CPU @ 2.80GHz
- Percentage of memory in use: 40%
- Total physical RAM: 8134.67 MB
- Available physical RAM: 4814.3 MB
- Total Virtual: 13766.67 MB
- Available Virtual: 8736.36 MB
- ==================== Drives ================================
- Drive c: () (Fixed) (Total:150.26 GB) (Free:103.79 GB) NTFS
- Drive d: () (Fixed) (Total:780.65 GB) (Free:478.54 GB) NTFS
- \\?\Volume{00a33760-fa11-4b1b-9d6c-00d9558ed00f}\ (Recovery) (Fixed) (Total:0.49 GB) (Free:0.13 GB) NTFS
- \\?\Volume{acff066c-f298-4781-be10-b51f93f08dfc}\ () (Fixed) (Total:0.09 GB) (Free:0.07 GB) FAT32
- ==================== MBR & Partition Table ==================
- ========================================================
- Disk: 0 (Size: 931.5 GB) (Disk ID: 1D56431B)
- Partition: GPT.
- ==================== End of Addition.txt ============================
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement