wklejto.pl

Dodane przez: ~Anonim (2019-04-17 09:42) -> text
1.
2.
3.
4.
5.
6.
7.
8.
9.
10.
11.
12.
13.
14.
15.
16.
17.
18.
19.
20.
21.
22.
23.
24.
25.
26.
27.
28.
29.
30.
31.
32.
33.
34.
35.
36.
37.
38.
39.
40.
41.
42.
43.
44.
45.
46.
47.
48.
49.
50.
51.
52.
53.
54.
55.
56.
57.
58.
59.
60.
61.
62.
63.
64.
65.
66.
67.
68.
69.
70.
71.
72.
73.
74.
75.
76.
77.
78.
79.
80.
81.
82.
83.
84.
85.
86.
87.
88.
89.
90.
91.
92.
93.
94.
95.
96.
97.
98.
99.
100.
101.
102.
103.
104.
105.
106.
107.
108.
109.
110.
111.
112.
113.
114.
115.
116.
117.
118.
119.
120.
121.
122.
123.
124.
125.
126.
127.
128.
129.
130.
131.
132.
133.
134.
135.
136.
137.
138.
139.
140.
141.
142.
143.
144.
145.
146.
147.
148.
149.
150.
151.
152.
153.
154.
155.
156.
157.
158.
159.
160.
161.
162.
163.
164.
165.
166.
167.
168.
169.
170.
171.
172.
173.
174.
175.
176.
177.
178.
179.
180.
181.
182.
183.
184.
185.
186.
187.
188.
189.
190.
191.
192.
193.
194.
195.
196.
197.
198.
199.
200.
201.
202.
203.
204.
205.
206.
207.
208.
209.
210.
211.
212.
213.
214.
215.
216.
217.
218.
219.
220.
221.
222.
223.
224.
225.
226.
227.
228.
229.
230.
231.
232.
233.
234.
235.
236.
237.
238.
239.
240.
241.
242.
243.
244.
245.
246.
247.
248.
249.
250.
251.
252.
253.
254.
255.
256.
257.
258.
259.
260.
261.
262.
263.
264.
265.
266.
267.
268.
269.
270.
271.
272.
273.
274.
275.
276.
277.
278.
279.
280.
281.
282.
283.
284.
285.
286.
287.
288.
289.
290.
291.
292.
293.
294.
295.
296.
297.
298.
299.
300.
301.
302.
303.
304.
305.
306.
307.
308.
309.
310.
311.
312.
313.
314.
315.
316.
317.
318.
319.
320.
321.
322.
323.
324.
325.
326.
327.
328.
329.
330.
331.
332.
333.
334.
335.
336.
337.
338.
339.
340.
341.
342.
343.
344.
345.
346.
347.
348.
349.
350.
351.
352.
353.
354.
355.
356.
357.
358.
359.
360.
361.
362.
363.
364.
365.
366.
367.
368.
369.
370.
371.
372.
373.
374.
375.
376.
377.
378.
379.
380.
381.
382.
383.
384.
385.
386.
387.
388.
389.
390.
391.
392.
393.
394.
395.
396.
397.
398.
399.
400.
401.
402.
403.
404.
405.
406.
407.
408.
409.
410.
411.
412.
413.
414.
415.
416.
417.
418.
419.
420.
421.
422.
423.
424.
425.
426.
427.
428.
429.
430.
431.
432.
433.
434.
435.
436.
437.
438.
439.
440.
441.
442.
443.
444.
445.
446.
447.
448.
449.
450.
451.
452.
453.
454.
455.
456.
457.
458.
459.
460.
461.
462.
463.
464.
465.
466.
467.
468.
469.
470.
471.
472.
473.
474.
475.
476.
477.
478.
479.
480.
481.
482.
483.
484.
485.
486.
487.
488.
489.
490.
491.
492.
493.
494.
495.
496.
497.
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 15.04.2019 01
Ran by Miki (17-04-2019 09:34:40)
Running from C:\Users\Miki\Downloads
Windows 10 Pro Version 1803 17134.523 (X64) (2018-05-19 18:33:33)
Boot Mode: Normal
==========================================================
 
 
==================== Accounts: =============================
 
Administrator (S-1-5-21-3623133826-1210183299-932913162-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-3623133826-1210183299-932913162-503 - Limited - Disabled)
Guest (S-1-5-21-3623133826-1210183299-932913162-501 - Limited - Disabled)
Miki (S-1-5-21-3623133826-1210183299-932913162-1001 - Administrator - Enabled) => C:\Users\Miki
WDAGUtilityAccount (S-1-5-21-3623133826-1210183299-932913162-504 - Limited - Disabled)
 
==================== Security Center ========================
 
(If an entry is included in the fixlist, it will be removed.)
 
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: ESET Security (Enabled - Up to date) {EC1D6F37-E411-475A-DF50-12FF7FE4AC70}
AS: ESET Security (Enabled - Up to date) {577C8ED3-C22B-48D4-E5E0-298D0463E6CD}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
 
==================== Installed Programs ======================
 
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
 
µTorrent (HKU\S-1-5-21-3623133826-1210183299-932913162-1001\...\uTorrent) (Version: 3.5.5.45146 - BitTorrent Inc.)
Adobe Acrobat Reader DC - Polish (HKLM-x32\...\{AC76BA86-7AD7-1045-7B44-AC0F074E4100}) (Version: 19.010.20099 - Adobe Systems Incorporated)
Adobe Flash Player 32 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 32.0.0.171 - Adobe)
Battle.net (HKLM-x32\...\Battle.net) (Version:  - Blizzard Entertainment)
CCleaner (HKLM\...\CCleaner) (Version: 5.46 - Piriform)
CPUID HWMonitor 1.32 (HKLM\...\CPUID HWMonitor_is1) (Version: 1.32 - )
Darkest Dungeon (HKLM-x32\...\1450711444_is1) (Version: 24787 - GOG.com)
Darkest Dungeon: Musketeer (HKLM-x32\...\1405492047_is1) (Version: 24787 - GOG.com)
Darkest Dungeon: The Color of Madness (HKLM-x32\...\1946270261_is1) (Version: 24787 - GOG.com)
Darkest Dungeon: The Crimson Court (HKLM-x32\...\1957260232_is1) (Version: 24787 - GOG.com)
Darkest Dungeon: The Shieldbreaker (HKLM-x32\...\1128594953_is1) (Version: 24787 - GOG.com)
Discord (HKU\S-1-5-21-3623133826-1210183299-932913162-1001\...\Discord) (Version: 0.0.301 - Discord Inc.)
DisplayDriverAnalyzer (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_DisplayDriverAnalyzer) (Version: 419.35 - NVIDIA Corporation) Hidden
ESET Security (HKLM\...\{EC96F234-2A42-4D7D-9C33-443566F72BF5}) (Version: 12.1.34.0 - ESET, spol. s r.o.)
Far Cry 3 (HKLM-x32\...\{E3B9C5A9-BD7A-4B56-B754-FAEA7DD6FA88}) (Version: 1.01 - Ubisoft)
Far Cry 4 wersja 1.10 (HKLM-x32\...\{2DC0CEAE-C301-436F-BF9E-36A4B371901E}_is1) (Version: 1.10 - UBISoft)
Fraps (HKLM-x32\...\Fraps) (Version:  - )
GOG.com Heroes of Might and Magic 3 (HKLM\...\{1d3c859c-1028-4822-b0a7-da4f7bbc18bc}.sdb) (Version:  - )
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 73.0.3683.103 - Google Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.34.7 - Google LLC) Hidden
Hearthstone (HKLM-x32\...\Hearthstone) (Version:  - Blizzard Entertainment)
Heroes of Might and Magic® III: Horn of the Abyss (HKLM-x32\...\HotA_is1) (Version: 1.4.0 - HotA Crew)
Heroes of the Storm (HKLM-x32\...\Heroes of the Storm) (Version:  - Blizzard Entertainment)
lightcleaner version 1.0 (HKLM-x32\...\{2C1A121C-292F-460D-BA62-3B9886D0DE46}_is1) (Version: 1.0 - 360dev)
Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{832D9DE0-8AFC-4689-9819-4DBBDEBD3E4F}) (Version: 3.5.92.0 - Microsoft Corporation)
Microsoft Games for Windows Marketplace (HKLM-x32\...\{67F42018-F647-4D3C-BE62-F8CB4FE2FCD5}) (Version: 3.5.67.0 - Microsoft Corporation)
Microsoft Office Professional Plus 2013 (HKLM\...\Office15.PROPLUS) (Version: 15.0.4569.1506 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-3623133826-1210183299-932913162-1001\...\OneDriveSetup.exe) (Version: 19.043.0304.0007 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61187 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61186 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.7523 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.7523 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.7523 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.7523 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219.473 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219.473 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219.473 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219.473 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.61135 (HKLM\...\{37B8F9C7-03FB-3253-8781-2517C99D7C00}) (Version: 11.0.61135 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.61135 (HKLM\...\{CF2BEA3C-26EA-32F8-AA9B-331F7E34BA97}) (Version: 11.0.61135 - Microsoft Corporation)
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61135 (HKLM-x32\...\{B175520C-86A2-35A7-8619-86DC379688B9}) (Version: 11.0.61135 - Microsoft Corporation)
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61135 (HKLM-x32\...\{BD95A8CD-1D9F-35AD-981A-3E7925026EBB}) (Version: 11.0.61135 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 x64 Additional Runtime - 12.0.40664 (HKLM\...\{010792BA-551A-3AC0-A7EF-0FAB4156C382}) (Version: 12.0.40664 - Microsoft Corporation)
Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.40664 (HKLM\...\{53CF6934-A98D-3D84-9146-FC4EDF3D5641}) (Version: 12.0.40664 - Microsoft Corporation)
Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.40664 (HKLM-x32\...\{D401961D-3A20-3AC7-943B-6139D5BD490A}) (Version: 12.0.40664 - Microsoft Corporation)
Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.40664 (HKLM-x32\...\{8122DAB1-ED4D-3676-BB0A-CA368196543E}) (Version: 12.0.40664 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.23026 (HKLM-x32\...\{74d0e5db-b326-4dae-a6b2-445b9de1836e}) (Version: 14.0.23026.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x64) - 14.16.27024 (HKLM-x32\...\{5fb2083a-f3cc-4b78-93ff-bd9788b5de01}) (Version: 14.16.27024.1 - Microsoft Corporation)
Microsoft Visual C++ 2017 x86 Additional Runtime - 14.12.25810 (HKLM-x32\...\{7FED75A1-600C-394B-8376-712E2A8861F2}) (Version: 14.12.25810 - Microsoft Corporation)
Microsoft Visual C++ 2017 x86 Minimum Runtime - 14.12.25810 (HKLM-x32\...\{828952EB-5572-3666-8CA9-000B6CE79350}) (Version: 14.12.25810 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Minimal ADB and Fastboot version 1.4.2 (HKLM-x32\...\{1901BAF7-7E78-4041-BC88-D0EE5DD1DFD9}_is1) (Version: 1.4.2 - Sam Rodberg)
NapiProjekt (2.2.0.2399) (HKLM-x32\...\NapiProjekt_is1) (Version:  - )
Narzędzia sprawdzające pakietu Microsoft Office 2013 — polski (HKLM\...\{90150000-001F-0415-1000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
NVIDIA 3D Vision Controller Driver 390.41 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 390.41 - NVIDIA Corporation)
NVIDIA 3D Vision Driver 419.35 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 419.35 - NVIDIA Corporation)
NVIDIA Graphics Driver 419.35 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 419.35 - NVIDIA Corporation)
NVIDIA HD Audio Driver 1.3.38.13 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.38.13 - NVIDIA Corporation)
NVIDIA PhysX System Software 9.19.0218 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.19.0218 - NVIDIA Corporation)
OBS Studio (HKLM-x32\...\OBS Studio) (Version: 20.0.1 - OBS Project)
OpenFM (HKU\S-1-5-21-3623133826-1210183299-932913162-1001\...\OpenFM) (Version: 52.1.0.1 - Grupa Wirtualna Polska)
Opera Stable 58.0.3135.127 (HKLM-x32\...\Opera 58.0.3135.127) (Version: 58.0.3135.127 - Opera Software)
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.993 - Even Balance, Inc.)
RadiAnt DICOM Viewer (64-bit) (HKLM-x32\...\RadiAnt64) (Version: 4.2.1.17555 - Medixant)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7780 - Realtek Semiconductor Corp.)
RMPrepUSB (HKLM-x32\...\RMPrepUSB) (Version:  - )
SafeFinder (HKLM-x32\...\{CE81012B-05F2-4641-9253-3D1230840A35}) (Version: 1.0.0.0 - Linkury) <==== ATTENTION
Skype™ 7.40 (HKLM-x32\...\{3B7E914A-93D5-4A29-92BB-AF8C3F66C431}) (Version: 7.40.151 - Skype Technologies S.A.)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
TeamSpeak 3 Client (HKLM-x32\...\TeamSpeak 3 Client) (Version: 3.1.6 - TeamSpeak Systems GmbH)
Update for Skype for Business 2015 (KB4011284) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{0CFCD910-8950-4626-80EB-AA0B64A186E8}) (Version:  - Microsoft)
Update for Skype for Business 2015 (KB4011284) 64-Bit Edition (HKLM\...\{90150000-00C1-0000-1000-0000000FF1CE}_Office15.PROPLUS_{0CFCD910-8950-4626-80EB-AA0B64A186E8}) (Version:  - Microsoft)
Update for Skype for Business 2015 (KB4011284) 64-Bit Edition (HKLM\...\{90150000-012B-0415-1000-0000000FF1CE}_Office15.PROPLUS_{0CFCD910-8950-4626-80EB-AA0B64A186E8}) (Version:  - Microsoft)
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{F814D094-197F-43C8-87FA-3210BB780486}) (Version: 2.53.0.0 - Microsoft Corporation)
Uplay (HKLM-x32\...\Uplay) (Version: 2.0 - Ubisoft)
VLC media player (HKLM-x32\...\VLC media player) (Version: 3.0.2 - VideoLAN)
WickrMe (HKLM-x32\...\{68F35DA9-3A76-4A1D-84BE-2D6E7656BB5D}) (Version: 4.37.9 - Wickr Inc.)
Windows Driver Package - Google, Inc. (WinUSB) AndroidUsbDeviceClass  (08/28/2014 11.0.0000.00000) (HKLM\...\092555911492C6959D2596D612F52DCA71881CA2) (Version: 08/28/2014 11.0.0000.00000 - Google, Inc.)
WinRAR 5.50 (32-bitowy) (HKLM-x32\...\WinRAR archiver) (Version: 5.50.0 - win.rar GmbH)
XnView 2.45 (HKLM-x32\...\XnView_is1) (Version: 2.45 - Gougelet Pierre-e)
Zoom (HKU\S-1-5-21-3623133826-1210183299-932913162-1001\...\ZoomUMX) (Version: 4.1 - Zoom Video Communications, Inc.)
 
==================== Custom CLSID (Whitelisted): ==========================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
CustomCLSID: HKU\S-1-5-21-3623133826-1210183299-932913162-1001_Classes\CLSID\{018D5C66-4533-4307-9B53-224DE2ED1FE6} -> [OneDrive] => {a52bba46-e9e1-435f-b3d9-28daa648c0f6}
ContextMenuHandlers1: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Security\shellExt.dll [2019-04-05] (ESET, spol. s r.o. -> ESET)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext64.dll [2017-09-13] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext.dll [2017-09-13] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers2: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Security\shellExt.dll [2019-04-05] (ESET, spol. s r.o. -> ESET)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\system32\nvshext.dll [2019-03-01] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Security\shellExt.dll [2019-04-05] (ESET, spol. s r.o. -> ESET)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext64.dll [2017-09-13] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext.dll [2017-09-13] (win.rar GmbH -> Alexander Roshal)
 
==================== Scheduled Tasks (Whitelisted) =============
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
Task: {35CE4758-C3E6-4B43-B932-87D0F85E78A3} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe (Piriform Ltd -> Piriform Ltd)
Task: {390112FE-CA17-4936-954A-86A7BAFA8BEA} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office\Office15\msoia.exe (Microsoft Corporation -> Microsoft Corporation)
Task: {40342B65-60DB-4076-9EA6-50DB04195470} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\Avast Software\Overseer\overseer.exe
Task: {489CDE71-A64C-451E-842C-2B5405401CA7} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe
Task: {4B9BB48B-3318-4FF1-A785-3754A7687B28} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform Software Ltd)
Task: {70A9B619-E440-4093-9CD3-8C64DD43FF7B} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office\Office15\msoia.exe (Microsoft Corporation -> Microsoft Corporation)
Task: {71ACCDE2-BD33-4C84-9409-1F07E89DB1ED} - System32\Tasks\BlueStacksHelper => C:\ProgramData\BlueStacks\Client\Helper\BlueStacksHelper.exe
Task: {7C527D7E-315B-47F1-8F7D-A1B58D46BAA0} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe (Google Inc -> Google LLC)
Task: {8F04C059-8C84-4323-A051-EA99A7DC0DF8} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Inc. -> Adobe)
Task: {BDBE3D18-E715-4EAC-9668-1CC5C10A8252} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe (Google Inc -> Google LLC)
Task: {DEAF9E65-F351-49B6-BF2F-6152EDFC02BE} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe (Microsoft Corporation -> Microsoft Corporation)
Task: {EDFC9299-3734-4995-B851-EB1AA543C67A} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
Task: {F00047E5-C6FD-4758-9EF5-0D8C18437E37} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_171_pepper.exe (Adobe Inc. -> Adobe)
 
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
 
Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe
 
==================== Shortcuts & WMI ========================
 
(The entries could be listed to be restored or removed.)
 
 
==================== Loaded Modules (Whitelisted) ==============
 
2018-04-12 01:33 - 2019-02-13 13:54 - 000193024 _____ (Microsoft Corporation) [File not signed] C:\Program Files\Windows Defender\MSASCuiL.exe
2019-04-14 22:08 - 2019-04-14 22:08 - 046444508 _____ () [File not signed] C:\Users\Miki\Documents\TransactionServices Inc\transactionservices.exe
2019-04-17 08:40 - 2019-04-17 08:40 - 000072704 _____ () [File not signed] C:\Users\Miki\AppData\Local\Temp\_MEI79242\google\protobuf\internal\_api_implementation.cp36-win32.pyd
2019-04-17 08:40 - 2019-04-17 08:40 - 001174528 _____ () [File not signed] C:\Users\Miki\AppData\Local\Temp\_MEI79242\google\protobuf\pyext\_message.cp36-win32.pyd
2019-04-17 08:40 - 2019-04-17 08:40 - 000085504 _____ () [File not signed] C:\Users\Miki\AppData\Local\Temp\_MEI79242\multidict\_multidict.cp36-win32.pyd
2019-04-17 08:40 - 2019-04-17 08:40 - 000069120 _____ () [File not signed] C:\Users\Miki\AppData\Local\Temp\_MEI79242\yarl\_quoting.cp36-win32.pyd
2019-04-17 08:40 - 2019-04-17 08:40 - 000036864 _____ () [File not signed] C:\Users\Miki\AppData\Local\Temp\_MEI79242\aiohttp\_helpers.cp36-win32.pyd
2019-04-17 08:40 - 2019-04-17 08:40 - 000032256 _____ () [File not signed] C:\Users\Miki\AppData\Local\Temp\_MEI79242\aiohttp\_http_writer.cp36-win32.pyd
2019-04-17 08:40 - 2019-04-17 08:40 - 000216576 _____ () [File not signed] C:\Users\Miki\AppData\Local\Temp\_MEI79242\aiohttp\_http_parser.cp36-win32.pyd
2019-04-17 08:40 - 2019-04-17 08:40 - 000022528 _____ () [File not signed] C:\Users\Miki\AppData\Local\Temp\_MEI79242\aiohttp\_websocket.cp36-win32.pyd
2019-04-17 08:40 - 2019-04-17 08:40 - 000048640 _____ () [File not signed] C:\Users\Miki\AppData\Local\Temp\_MEI79242\aiohttp\_frozenlist.cp36-win32.pyd
2019-04-17 08:40 - 2019-04-17 08:40 - 000008704 _____ () [File not signed] C:\Users\Miki\AppData\Local\Temp\_MEI79242\Cryptodome\Cipher\_raw_ecb.cp36-win32.pyd
2019-04-17 08:40 - 2019-04-17 08:40 - 000010240 _____ () [File not signed] C:\Users\Miki\AppData\Local\Temp\_MEI79242\Cryptodome\Cipher\_raw_cbc.cp36-win32.pyd
2019-04-17 08:40 - 2019-04-17 08:40 - 000009728 _____ () [File not signed] C:\Users\Miki\AppData\Local\Temp\_MEI79242\Cryptodome\Cipher\_raw_cfb.cp36-win32.pyd
2019-04-17 08:40 - 2019-04-17 08:40 - 000009728 _____ () [File not signed] C:\Users\Miki\AppData\Local\Temp\_MEI79242\Cryptodome\Cipher\_raw_ofb.cp36-win32.pyd
2019-04-17 08:40 - 2019-04-17 08:40 - 000010752 _____ () [File not signed] C:\Users\Miki\AppData\Local\Temp\_MEI79242\Cryptodome\Cipher\_raw_ctr.cp36-win32.pyd
2019-04-17 08:40 - 2019-04-17 08:40 - 000008704 _____ () [File not signed] C:\Users\Miki\AppData\Local\Temp\_MEI79242\Cryptodome\Util\_strxor.cp36-win32.pyd
2019-04-17 08:40 - 2019-04-17 08:40 - 000011776 _____ () [File not signed] C:\Users\Miki\AppData\Local\Temp\_MEI79242\Cryptodome\Hash\_BLAKE2s.cp36-win32.pyd
2019-04-17 08:40 - 2019-04-17 08:40 - 000015360 _____ () [File not signed] C:\Users\Miki\AppData\Local\Temp\_MEI79242\Cryptodome\Hash\_SHA1.cp36-win32.pyd
2019-04-17 08:40 - 2019-04-17 08:40 - 000017920 _____ () [File not signed] C:\Users\Miki\AppData\Local\Temp\_MEI79242\Cryptodome\Hash\_SHA256.cp36-win32.pyd
2019-04-17 08:40 - 2019-04-17 08:40 - 000012288 _____ () [File not signed] C:\Users\Miki\AppData\Local\Temp\_MEI79242\Cryptodome\Hash\_MD5.cp36-win32.pyd
2019-04-17 08:40 - 2019-04-17 08:40 - 000011264 _____ () [File not signed] C:\Users\Miki\AppData\Local\Temp\_MEI79242\Cryptodome\Cipher\_Salsa20.cp36-win32.pyd
2019-04-17 08:40 - 2019-04-17 08:40 - 000009728 _____ () [File not signed] C:\Users\Miki\AppData\Local\Temp\_MEI79242\Cryptodome\Protocol\_scrypt.cp36-win32.pyd
2019-04-17 08:40 - 2019-04-17 08:40 - 000008704 _____ () [File not signed] C:\Users\Miki\AppData\Local\Temp\_MEI79242\Cryptodome\Util\_cpuid_c.cp36-win32.pyd
2019-04-17 08:40 - 2019-04-17 08:40 - 000010752 _____ () [File not signed] C:\Users\Miki\AppData\Local\Temp\_MEI79242\Cryptodome\Hash\_ghash_portable.cp36-win32.pyd
2019-04-17 08:40 - 2019-04-17 08:40 - 000011264 _____ () [File not signed] C:\Users\Miki\AppData\Local\Temp\_MEI79242\Cryptodome\Cipher\_raw_ocb.cp36-win32.pyd
2019-04-17 08:40 - 2019-04-17 08:40 - 000030720 _____ () [File not signed] C:\Users\Miki\AppData\Local\Temp\_MEI79242\Cryptodome\Cipher\_raw_aes.cp36-win32.pyd
2019-04-17 08:40 - 2019-04-17 08:40 - 000102400 _____ () [File not signed] C:\Users\Miki\AppData\Local\Temp\_MEI79242\libsecp256k1.dll
2019-04-17 08:40 - 2019-04-17 08:40 - 000038912 _____ () [File not signed] C:\Users\Miki\AppData\Local\Temp\_MEI79242\Cryptodome\Hash\_SHA384.cp36-win32.pyd
2019-04-17 08:40 - 2019-04-17 08:40 - 000038912 _____ () [File not signed] C:\Users\Miki\AppData\Local\Temp\_MEI79242\Cryptodome\Hash\_SHA512.cp36-win32.pyd
2019-04-17 08:40 - 2019-04-17 08:40 - 000050688 _____ () [File not signed] C:\Users\Miki\AppData\Local\Temp\_MEI79242\Cryptodome\Cipher\_raw_des.cp36-win32.pyd
2019-04-17 08:40 - 2019-04-17 08:40 - 000011264 _____ () [File not signed] C:\Users\Miki\AppData\Local\Temp\_MEI79242\Cryptodome\Cipher\_raw_arc2.cp36-win32.pyd
2019-04-17 08:40 - 2019-04-17 08:40 - 000050688 _____ () [File not signed] C:\Users\Miki\AppData\Local\Temp\_MEI79242\Cryptodome\Cipher\_raw_des3.cp36-win32.pyd
2019-04-17 08:40 - 2019-04-17 08:40 - 000017920 _____ () [File not signed] C:\Users\Miki\AppData\Local\Temp\_MEI79242\Cryptodome\Math\_montgomery.cp36-win32.pyd
2019-04-17 08:40 - 2019-04-17 08:40 - 001888768 _____ () [File not signed] C:\Users\Miki\AppData\Local\Temp\_MEI79242\PyQt5\QtGui.pyd
2019-04-17 08:40 - 2019-04-17 08:40 - 004874240 _____ (The Qt Company Ltd.) [File not signed] C:\Users\Miki\AppData\Local\Temp\_MEI79242\Qt5Core.dll
2019-04-17 08:40 - 2019-04-17 08:40 - 005197312 _____ (The Qt Company Ltd.) [File not signed] C:\Users\Miki\AppData\Local\Temp\_MEI79242\Qt5Gui.dll
2019-04-17 08:40 - 2019-04-17 08:40 - 000086016 _____ () [File not signed] C:\Users\Miki\AppData\Local\Temp\_MEI79242\PyQt5\sip.pyd
2019-04-17 08:40 - 2019-04-17 08:40 - 001779712 _____ () [File not signed] C:\Users\Miki\AppData\Local\Temp\_MEI79242\PyQt5\QtCore.pyd
2019-04-17 08:40 - 2019-04-17 08:40 - 003822080 _____ () [File not signed] C:\Users\Miki\AppData\Local\Temp\_MEI79242\PyQt5\QtWidgets.pyd
2019-04-17 08:40 - 2019-04-17 08:40 - 004429312 _____ (The Qt Company Ltd.) [File not signed] C:\Users\Miki\AppData\Local\Temp\_MEI79242\Qt5Widgets.dll
2019-04-17 08:40 - 2019-04-17 08:40 - 001158144 _____ (The Qt Company Ltd.) [File not signed] C:\Users\Miki\AppData\Local\Temp\_MEI79242\PyQt5\Qt\plugins\platforms\qwindows.dll
2019-04-17 08:40 - 2019-04-17 08:40 - 000123392 _____ (The Qt Company Ltd.) [File not signed] C:\Users\Miki\AppData\Local\Temp\_MEI79242\PyQt5\Qt\plugins\styles\qwindowsvistastyle.dll
2019-04-17 08:40 - 2019-04-17 08:40 - 000026112 _____ (The Qt Company Ltd.) [File not signed] C:\Users\Miki\AppData\Local\Temp\_MEI79242\PyQt5\Qt\plugins\imageformats\qgif.dll
2019-04-17 08:40 - 2019-04-17 08:40 - 000033280 _____ (The Qt Company Ltd.) [File not signed] C:\Users\Miki\AppData\Local\Temp\_MEI79242\PyQt5\Qt\plugins\imageformats\qicns.dll
2019-04-17 08:40 - 2019-04-17 08:40 - 000026624 _____ (The Qt Company Ltd.) [File not signed] C:\Users\Miki\AppData\Local\Temp\_MEI79242\PyQt5\Qt\plugins\imageformats\qico.dll
2019-04-17 08:40 - 2019-04-17 08:40 - 000297472 _____ (The Qt Company Ltd.) [File not signed] C:\Users\Miki\AppData\Local\Temp\_MEI79242\PyQt5\Qt\plugins\imageformats\qjpeg.dll
2019-04-17 08:40 - 2019-04-17 08:40 - 000021504 _____ (The Qt Company Ltd.) [File not signed] C:\Users\Miki\AppData\Local\Temp\_MEI79242\PyQt5\Qt\plugins\imageformats\qsvg.dll
2019-04-17 08:40 - 2019-04-17 08:40 - 000265216 _____ (The Qt Company Ltd.) [File not signed] C:\Users\Miki\AppData\Local\Temp\_MEI79242\Qt5Svg.dll
2019-04-17 08:40 - 2019-04-17 08:40 - 000020992 _____ (The Qt Company Ltd.) [File not signed] C:\Users\Miki\AppData\Local\Temp\_MEI79242\PyQt5\Qt\plugins\imageformats\qtga.dll
2019-04-17 08:40 - 2019-04-17 08:40 - 000327680 _____ (The Qt Company Ltd.) [File not signed] C:\Users\Miki\AppData\Local\Temp\_MEI79242\PyQt5\Qt\plugins\imageformats\qtiff.dll
2019-04-17 08:40 - 2019-04-17 08:40 - 000019968 _____ (The Qt Company Ltd.) [File not signed] C:\Users\Miki\AppData\Local\Temp\_MEI79242\PyQt5\Qt\plugins\imageformats\qwbmp.dll
2019-04-17 08:40 - 2019-04-17 08:40 - 000413696 _____ (The Qt Company Ltd.) [File not signed] C:\Users\Miki\AppData\Local\Temp\_MEI79242\PyQt5\Qt\plugins\imageformats\qwebp.dll
 
==================== Alternate Data Streams (Whitelisted) =========
 
(If an entry is included in the fixlist, only the ADS will be removed.)
 
 
==================== Safe Mode (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
 
 
==================== Association (Whitelisted) ===============
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
 
 
==================== Internet Explorer trusted/restricted ===============
 
(If an entry is included in the fixlist, it will be removed from the registry.)
 
 
==================== Hosts content: ===============================
 
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
 
2015-10-30 09:24 - 2019-04-16 07:31 - 000000027 _____ C:\WINDOWS\system32\drivers\etc\hosts
 
127.0.0.1       localhost
 
==================== Other Areas ============================
 
(Currently there is no automatic fix for this section.)
 
HKU\S-1-5-21-3623133826-1210183299-932913162-1001\Control Panel\Desktop\\Wallpaper -> C:\Windows\web\wallpaper\Windows\img0.jpg
DNS Servers: 192.168.0.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: Off)
Windows Firewall is disabled.
 
==================== MSCONFIG/TASK MANAGER disabled items ==
 
If an entry is included in the fixlist, it will be removed.
 
HKU\S-1-5-21-3623133826-1210183299-932913162-1001\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-3623133826-1210183299-932913162-1001\...\StartupApproved\Run: => "DAEMON Tools Lite Automount"
HKU\S-1-5-21-3623133826-1210183299-932913162-1001\...\StartupApproved\Run: => "OneDriveSetup"
HKU\S-1-5-21-3623133826-1210183299-932913162-1001\...\StartupApproved\Run: => "Steam"
HKU\S-1-5-21-3623133826-1210183299-932913162-1001\...\StartupApproved\Run: => "Skype"
HKU\S-1-5-21-3623133826-1210183299-932913162-1001\...\StartupApproved\Run: => "CCleaner Monitoring"
HKU\S-1-5-21-3623133826-1210183299-932913162-1001\...\StartupApproved\Run: => "Discord"
HKU\S-1-5-21-3623133826-1210183299-932913162-1001\...\StartupApproved\Run: => "MiPhoneManager"
 
==================== FirewallRules (Whitelisted) ===============
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
FirewallRules: [UDP Query User{B041A3FB-283D-4689-8B8C-5973EBB6C51E}C:\program files (x86)\battle.net\battle.net.exe] => (Block) C:\program files (x86)\battle.net\battle.net.exe (Blizzard Entertainment, Inc. -> Blizzard Entertainment)
FirewallRules: [TCP Query User{EF2A5BE3-3F25-4065-BBEB-97A8D070E17C}C:\program files (x86)\battle.net\battle.net.exe] => (Block) C:\program files (x86)\battle.net\battle.net.exe (Blizzard Entertainment, Inc. -> Blizzard Entertainment)
FirewallRules: [{EA710D20-FE23-4521-891C-58B75EB270CF}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{677AC0F7-DE67-4ABE-B00A-385CB73EABFA}] => (Allow) E:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{35A4BAC5-987D-4991-8954-3D763147F0AD}] => (Allow) E:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{305362B7-01F6-439D-979D-E58F36878A9A}] => (Allow) E:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{E4FD6D79-CF02-43F9-992A-5BBF9620FD55}] => (Allow) E:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{BDB7541F-7B4A-4F4B-96EA-AE19E85B5907}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{09B2DE94-1FEA-4814-8F0E-EB28C8E0C178}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{024D8B05-28EF-410A-94A9-90261351DB1C}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{8D20F55C-0549-4510-9A3F-1DAB7626893F}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [UDP Query User{CDE35F65-8D03-4235-9832-DCD9FF5419A4}E:\gog games\kopia hoomm3\vcmi_server.exe] => (Allow) E:\gog games\kopia hoomm3\vcmi_server.exe () [File not signed]
FirewallRules: [TCP Query User{04161D4F-D3D1-4DD4-90BD-B9FFAB0BD5E3}E:\gog games\kopia hoomm3\vcmi_server.exe] => (Allow) E:\gog games\kopia hoomm3\vcmi_server.exe () [File not signed]
FirewallRules: [{C9BC12D3-640F-4D54-9C46-F11BBDBB978C}] => (Allow) C:\Users\Miki\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [{92224842-486B-4748-A148-1201524236E9}] => (Allow) C:\Users\Miki\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [UDP Query User{54762FAA-2E9E-4A58-B7DD-335E41EF66EE}E:\hearthstone\hearthstone.exe] => (Allow) E:\hearthstone\hearthstone.exe (Blizzard Entertainment, Inc. -> )
FirewallRules: [TCP Query User{96DFC812-3F5C-4783-950E-3E99DE839EE2}E:\hearthstone\hearthstone.exe] => (Allow) E:\hearthstone\hearthstone.exe (Blizzard Entertainment, Inc. -> )
FirewallRules: [TCP Query User{30026AE3-C56C-4C14-A8B8-6DB9E0274290}C:\program files (x86)\blizzard app\battle.net.9397\battle.net.exe] => (Block) C:\program files (x86)\blizzard app\battle.net.9397\battle.net.exe (Blizzard Entertainment, Inc. -> Blizzard Entertainment)
FirewallRules: [UDP Query User{2C197808-F27C-494F-B489-DFB0EDA35E04}C:\program files (x86)\blizzard app\battle.net.9397\battle.net.exe] => (Block) C:\program files (x86)\blizzard app\battle.net.9397\battle.net.exe (Blizzard Entertainment, Inc. -> Blizzard Entertainment)
FirewallRules: [TCP Query User{A9272149-288A-4B2D-9118-1E42DA2F4271}E:\heroes of the storm\versions\base58482\heroesofthestorm_x64.exe] => (Allow) E:\heroes of the storm\versions\base58482\heroesofthestorm_x64.exe (Blizzard Entertainment, Inc. -> Blizzard Entertainment, Inc.)
FirewallRules: [UDP Query User{49616A2B-7EEC-41FD-B6EA-7E070211FA2D}E:\heroes of the storm\versions\base58482\heroesofthestorm_x64.exe] => (Allow) E:\heroes of the storm\versions\base58482\heroesofthestorm_x64.exe (Blizzard Entertainment, Inc. -> Blizzard Entertainment, Inc.)
FirewallRules: [TCP Query User{D213A087-5966-48B5-816C-DA5111BA8299}E:\jebac\heroes of the storm\versions\base59657\heroesofthestorm.exe] => (Allow) E:\jebac\heroes of the storm\versions\base59657\heroesofthestorm.exe (Blizzard Entertainment, Inc. -> Blizzard Entertainment, Inc.)
FirewallRules: [UDP Query User{11A37456-6499-4A7F-96FF-7B238271CDC9}E:\jebac\heroes of the storm\versions\base59657\heroesofthestorm.exe] => (Allow) E:\jebac\heroes of the storm\versions\base59657\heroesofthestorm.exe (Blizzard Entertainment, Inc. -> Blizzard Entertainment, Inc.)
FirewallRules: [{4B0749A7-3E1B-42A3-860B-2AEEE66E65EB}] => (Allow) E:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe (Valve -> )
FirewallRules: [{6C97FFD3-80C3-44C3-9DD8-FE197CE0BA8E}] => (Allow) E:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe (Valve -> )
FirewallRules: [{79645460-9B7E-4B43-AA35-E1EB61F0D4F0}] => (Allow) C:\Program Files (x86)\NapiProjekt\napisy.exe () [File not signed]
FirewallRules: [{BDE017FF-7734-4074-A15F-DE2FB2DCE546}] => (Allow) C:\Program Files (x86)\NapiProjekt\napisy.exe () [File not signed]
FirewallRules: [{E770396D-2B60-4DFE-9125-0108D4DAAAE3}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform Software Ltd)
FirewallRules: [{DF55F6FD-A38C-4236-84C3-511498AD49F1}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform Software Ltd)
FirewallRules: [TCP Query User{BD162887-4ED4-4FA7-A9FA-EC2A6B4BFF86}C:\users\miki\appdata\roaming\xiaomi\miphonemanager\plugin\xunlei\download\minithunderplatform.exe] => (Allow) C:\users\miki\appdata\roaming\xiaomi\miphonemanager\plugin\xunlei\download\minithunderplatform.exe (ShenZhen Thunder Networking Technologies Ltd. -> 深圳市迅雷网络技术有限公司)
FirewallRules: [UDP Query User{2599EB30-AF99-4A3F-ADF8-9642D51FB4DF}C:\users\miki\appdata\roaming\xiaomi\miphonemanager\plugin\xunlei\download\minithunderplatform.exe] => (Allow) C:\users\miki\appdata\roaming\xiaomi\miphonemanager\plugin\xunlei\download\minithunderplatform.exe (ShenZhen Thunder Networking Technologies Ltd. -> 深圳市迅雷网络技术有限公司)
FirewallRules: [{8191A596-0DF3-4A0B-A008-29A4FA74A2E5}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.99.250.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{DBB8E652-F5F1-417F-B880-6A1EA6CCC34B}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.99.250.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{1D17ED4D-9DA6-4752-8C68-5980684AC891}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.99.250.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{A9D04D7B-E7E8-4824-BA59-1462EE39FE25}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.99.250.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{0728CDB4-1558-4DF6-8BF2-6833192C0B24}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.99.250.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{3DDD661F-C783-4AE5-8272-5468F56DF35B}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.99.250.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{36FA1744-496E-4F0E-8A10-F42AE9A61BCB}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.99.250.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{5B950238-CB21-46FA-900F-528009468705}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.99.250.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{36122234-24F3-4097-B9FE-03BDC431E1AE}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe (Even Balance, Inc. -> )
FirewallRules: [{FB9F57F0-550F-48AE-BCBD-704C4BB988AC}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe (Even Balance, Inc. -> )
FirewallRules: [{0B6787BD-A621-4FE8-BB03-655AD87DBED7}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe (Even Balance, Inc. -> )
FirewallRules: [{73024512-B13B-42EB-9490-5230DA9EC963}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe (Even Balance, Inc. -> )
FirewallRules: [{959790CB-D42D-42E0-A397-C1021C56D1EC}] => (Allow) F:\Program Files (x86)\Ubisoft\FarCry 3\bin\farcry3.exe (UBISOFT ENTERTAINMENT INC. -> Ubisoft Entertainment)
FirewallRules: [{83B78722-A752-434C-BAC3-8450B18560EE}] => (Allow) F:\Program Files (x86)\Ubisoft\FarCry 3\bin\farcry3.exe (UBISOFT ENTERTAINMENT INC. -> Ubisoft Entertainment)
FirewallRules: [{B0678E4A-00EB-4ACC-A75A-12E73221893B}] => (Allow) F:\Program Files (x86)\Ubisoft\FarCry 3\bin\farcry3_d3d11.exe (UBISOFT ENTERTAINMENT INC. -> Ubisoft Entertainment)
FirewallRules: [{288C2556-10C2-4AAA-82FD-19BC08B9A03E}] => (Allow) F:\Program Files (x86)\Ubisoft\FarCry 3\bin\farcry3_d3d11.exe (UBISOFT ENTERTAINMENT INC. -> Ubisoft Entertainment)
FirewallRules: [{EC0DF6F9-4C55-4E4C-9646-7489E8DD33EA}] => (Allow) F:\Program Files (x86)\Ubisoft\FarCry 3\bin\FC3Updater.exe (UBISOFT ENTERTAINMENT INC. -> Ubisoft)
FirewallRules: [{CFC4818A-BE6B-4C33-A0E3-FBE9FF0C93A8}] => (Allow) F:\Program Files (x86)\Ubisoft\FarCry 3\bin\FC3Updater.exe (UBISOFT ENTERTAINMENT INC. -> Ubisoft)
FirewallRules: [{F9B4F3AF-10AB-4E2D-BEEB-CE25E7F10303}] => (Allow) F:\Program Files (x86)\Ubisoft\FarCry 3\bin\FC3Editor.exe (UBISOFT ENTERTAINMENT INC. -> Ubisoft)
FirewallRules: [{D6310E54-AD31-424F-A8D6-3C50337384C5}] => (Allow) F:\Program Files (x86)\Ubisoft\FarCry 3\bin\FC3Editor.exe (UBISOFT ENTERTAINMENT INC. -> Ubisoft)
FirewallRules: [{B83F5566-A1B5-4844-9BB4-8C0EBA99DA55}] => (Allow) C:\Program Files\Opera\58.0.3135.118\opera.exe (Opera Software AS -> Opera Software)
FirewallRules: [{D309873D-BEF3-41DE-B930-DF38E2AA829F}] => (Allow) C:\Program Files\Opera\58.0.3135.127\opera.exe (Opera Software AS -> Opera Software)
FirewallRules: [{108DB370-DFB0-4606-A929-F700F30BA05B}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google Inc.)
 
==================== Restore Points =========================
 
28-03-2019 18:09:25 Scheduled Checkpoint
07-04-2019 08:13:02 Scheduled Checkpoint
 
==================== Faulty Device Manager Devices =============
 
Name: 
Description: 
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
 
Name: 
Description: 
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
 
Name: 
Description: 
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
 
 
==================== Event log errors: =========================
 
Application errors:
==================
Error: (04/17/2019 08:42:04 AM) (Source: Software Protection Platform Service) (EventID: 8198) (User: )
Description: License Activation (slui.exe) failed with the following error code:
hr=0xC004F074
Command-line arguments:
RuleId=502ff3ba-669a-4674-bbb1-601f34a3b968;Action=AutoActivateSilent;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=2de67392-b7a7-462a-b1ca-108dd189f588;NotificationInterval=1440;Trigger=UserLogon;SessionId=1
 
Error: (04/16/2019 01:59:57 PM) (Source: Software Protection Platform Service) (EventID: 8198) (User: )
Description: License Activation (slui.exe) failed with the following error code:
hr=0xC004F074
Command-line arguments:
RuleId=502ff3ba-669a-4674-bbb1-601f34a3b968;Action=AutoActivateSilent;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=2de67392-b7a7-462a-b1ca-108dd189f588;NotificationInterval=1440;Trigger=UserLogon;SessionId=1
 
Error: (04/16/2019 07:53:39 AM) (Source: Software Protection Platform Service) (EventID: 8198) (User: )
Description: License Activation (slui.exe) failed with the following error code:
hr=0xC004F074
Command-line arguments:
RuleId=502ff3ba-669a-4674-bbb1-601f34a3b968;Action=AutoActivateSilent;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=2de67392-b7a7-462a-b1ca-108dd189f588;NotificationInterval=1440;Trigger=UserLogon;SessionId=1
 
Error: (04/16/2019 07:43:21 AM) (Source: Software Protection Platform Service) (EventID: 8198) (User: )
Description: License Activation (slui.exe) failed with the following error code:
hr=0xC004F074
Command-line arguments:
RuleId=502ff3ba-669a-4674-bbb1-601f34a3b968;Action=AutoActivateSilent;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=2de67392-b7a7-462a-b1ca-108dd189f588;NotificationInterval=1440;Trigger=UserLogon;SessionId=1
 
Error: (04/16/2019 07:31:27 AM) (Source: VSS) (EventID: 8193) (User: )
Description: Volume Shadow Copy Service error: Unexpected error calling routine QueryFullProcessImageNameW.  hr = 0x80070006, The handle is invalid.
.
 
 
Operation:
   Executing Asynchronous Operation
 
Context:
   Current State: DoSnapshotSet
 
Error: (04/16/2019 07:30:35 AM) (Source: VSS) (EventID: 8194) (User: )
Description: Volume Shadow Copy Service error: Unexpected error querying for the IVssWriterCallback interface.  hr = 0x80070005, Access is denied.
.
This is often caused by incorrect security settings in either the writer or requestor process.
 
 
Operation:
   Gathering Writer Data
 
Context:
   Writer Class Id: {e8132975-6f93-4464-a53e-1050253ae220}
   Writer Name: System Writer
   Writer Instance ID: {d0c280df-2d40-435d-8b45-0e0c72a49977}
 
Error: (04/16/2019 07:19:59 AM) (Source: Software Protection Platform Service) (EventID: 8198) (User: )
Description: License Activation (slui.exe) failed with the following error code:
hr=0xC004F074
Command-line arguments:
RuleId=502ff3ba-669a-4674-bbb1-601f34a3b968;Action=AutoActivateSilent;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=2de67392-b7a7-462a-b1ca-108dd189f588;NotificationInterval=1440;Trigger=NetworkAvailable
 
Error: (04/16/2019 07:19:54 AM) (Source: Software Protection Platform Service) (EventID: 8198) (User: )
Description: License Activation (slui.exe) failed with the following error code:
hr=0xC004F074
Command-line arguments:
RuleId=502ff3ba-669a-4674-bbb1-601f34a3b968;Action=AutoActivateSilent;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=2de67392-b7a7-462a-b1ca-108dd189f588;NotificationInterval=1440;Trigger=UserLogon;SessionId=1
 
 
System errors:
=============
Error: (04/17/2019 09:16:28 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID 
{9A4948D9-13FC-4FAC-B60A-FBA6EE0FB11C}
 and APPID 
{50E1C3FD-EC35-490E-9CCF-C68F9AE91919}
 to the user NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
 
Error: (04/17/2019 08:41:52 AM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-LL8TNPO)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID 
{8BC3F05E-D86B-11D0-A075-00C04FB68820}
 and APPID 
{8BC3F05E-D86B-11D0-A075-00C04FB68820}
 to the user DESKTOP-LL8TNPO\Miki SID (S-1-5-21-3623133826-1210183299-932913162-1001) from address LocalHost (Using LRPC) running in the application container Microsoft.Windows.ContentDeliveryManager_10.0.17134.1_neutral_neutral_cw5n1h2txyewy SID (S-1-15-2-350187224-1905355452-1037786396-3028148496-2624191407-3283318427-1255436723). This security permission can be modified using the Component Services administrative tool.
 
Error: (04/17/2019 08:41:08 AM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-LL8TNPO)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID 
{D63B10C5-BB46-4990-A94F-E40B9D520160}
 and APPID 
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
 to the user DESKTOP-LL8TNPO\Miki SID (S-1-5-21-3623133826-1210183299-932913162-1001) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
 
Error: (04/17/2019 08:40:42 AM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-LL8TNPO)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID 
{8BC3F05E-D86B-11D0-A075-00C04FB68820}
 and APPID 
{8BC3F05E-D86B-11D0-A075-00C04FB68820}
 to the user DESKTOP-LL8TNPO\Miki SID (S-1-5-21-3623133826-1210183299-932913162-1001) from address LocalHost (Using LRPC) running in the application container Microsoft.Windows.ContentDeliveryManager_10.0.17134.1_neutral_neutral_cw5n1h2txyewy SID (S-1-15-2-350187224-1905355452-1037786396-3028148496-2624191407-3283318427-1255436723). This security permission can be modified using the Component Services administrative tool.
 
Error: (04/17/2019 08:39:26 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The symsrv service failed to start due to the following error: 
The service did not respond to the start or control request in a timely fashion.
 
Error: (04/17/2019 08:39:26 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the symsrv service to connect.
 
Error: (04/16/2019 03:44:46 PM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-LL8TNPO)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID 
{D63B10C5-BB46-4990-A94F-E40B9D520160}
 and APPID 
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
 to the user DESKTOP-LL8TNPO\Miki SID (S-1-5-21-3623133826-1210183299-932913162-1001) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
 
Error: (04/16/2019 01:59:35 PM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-LL8TNPO)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID 
{8BC3F05E-D86B-11D0-A075-00C04FB68820}
 and APPID 
{8BC3F05E-D86B-11D0-A075-00C04FB68820}
 to the user DESKTOP-LL8TNPO\Miki SID (S-1-5-21-3623133826-1210183299-932913162-1001) from address LocalHost (Using LRPC) running in the application container Microsoft.Windows.ContentDeliveryManager_10.0.17134.1_neutral_neutral_cw5n1h2txyewy SID (S-1-15-2-350187224-1905355452-1037786396-3028148496-2624191407-3283318427-1255436723). This security permission can be modified using the Component Services administrative tool.
 
 
==================== Memory info =========================== 
 
Processor: AMD Phenom(tm) II X4 955 Processor
Percentage of memory in use: 85%
Total physical RAM: 4095.18 MB
Available physical RAM: 607.59 MB
Total Virtual: 7040.54 MB
Available Virtual: 1732.21 MB
 
==================== Drives ================================
 
Drive c: () (Fixed) (Total:146.48 GB) (Free:55.32 GB) NTFS
Drive e: () (Fixed) (Total:244.14 GB) (Free:88.96 GB) NTFS
Drive f: () (Fixed) (Total:244.14 GB) (Free:226.17 GB) NTFS
 
\\?\Volume{cd4980a2-0000-0000-0000-100000000000}\ () (Fixed) (Total:0.49 GB) (Free:0.45 GB) NTFS
 
==================== MBR & Partition Table ==================
 
========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 931.5 GB) (Disk ID: CD4980A2)
Partition 1: (Active) - (Size=500 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=146.5 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=244.1 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=244.1 GB) - (Type=07 NTFS)
 
==================== End of Addition.txt ============================
Wygenerowano w 0.067s, przy pomocy GeSHi 1.0.8
'
Podziel się na Facebook Podziel się na BLIP Podziel się na Twitter Podziel się na Buzz Podziel się na Flaker Dodaj zakładkę Google Podziel się na Delicious Wykop to!

Nowy Komentarz:

Komentarze:

Brak Komentarzy!