Additional scan result of Farbar Recovery Scan Tool (x64) Version: 20-11-2016 01 Ran by Remik (21-11-2016 16:21:34) Running from C:\Users\Remik\Downloads Windows 10 Home Version 1607 (X64) (2016-08-26 10:48:28) Boot Mode: Normal ========================================================== ==================== Accounts: ============================= Administrator (S-1-5-21-635559550-1383367878-609704674-500 - Administrator - Disabled) DefaultAccount (S-1-5-21-635559550-1383367878-609704674-503 - Limited - Disabled) Guest (S-1-5-21-635559550-1383367878-609704674-501 - Limited - Disabled) Remik (S-1-5-21-635559550-1383367878-609704674-1001 - Administrator - Enabled) => C:\Users\Remik ==================== Security Center ======================== (If an entry is included in the fixlist, it will be removed.) AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} ==================== Installed Programs ====================== (Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.) µTorrent (HKU\S-1-5-21-635559550-1383367878-609704674-1001\...\uTorrent) (Version: 3.4.7.42330 - BitTorrent Inc.) Ace Stream Media 3.1.8 (HKU\S-1-5-21-635559550-1383367878-609704674-1001\...\AceStream) (Version: 3.1.8 - Ace Stream Media) <==== ATTENTION Adobe Flash Player 23 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 23.0.0.207 - Adobe Systems Incorporated) ALLPlayer V6.X (HKLM-x32\...\ALLPlayer_is1) (Version: - ALLPlayer Group, Ltd.) Audio By Harman (HKLM\...\{4F81A6B8-223E-4C60-A04D-61C48505B7BC}) (Version: 1.2.0.0 - Harman) Conexant HD Audio (HKLM\...\CNXT_AUDIO_HDA) (Version: 8.66.31.55 - Conexant) Counter-Strike: Global Offensive (HKLM\...\Steam App 730) (Version: - Valve) CyberLink Power2Go 8 (HKLM-x32\...\InstallShield_{2A87D48D-3FDF-41fd-97CD-A1E370EFFFE2}) (Version: 8.0.0.5521 - CyberLink Corp.) EasyCamera (HKLM-x32\...\{399C37FB-08AF-493B-BFED-20FBD85EDF7F}) (Version: 6.0.1326.12 - Sonix) ELAN pointing device (HKLM\...\Elantech) (Version: 11.4.79.3 - ELAN Microelectronic Corp.) f.lux (HKU\S-1-5-21-635559550-1383367878-609704674-1001\...\Flux) (Version: - ) Google Chrome (HKLM-x32\...\Google Chrome) (Version: 54.0.2840.99 - Google Inc.) Google Update Helper (x32 Version: 1.3.31.5 - Google Inc.) Hidden Intel(R) Chipset Device Software (x32 Version: 10.1.1.13 - Intel(R) Corporation) Hidden Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 11.0.0.1173 - Intel Corporation) Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 20.19.15.4483 - Intel Corporation) Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 14.8.0.1042 - Intel Corporation) Intel(R) Wireless Bluetooth(R) (HKLM-x32\...\{4DA9DC19-4E1D-4B10-A726-A5F2A1BC7265}) (Version: 18.1.1546.2762 - Intel Corporation) Intel® PROSet/Wireless Software (HKLM-x32\...\{4131143b-edff-4fc8-9238-9271cc57a45b}) (Version: 18.40.1 - Intel Corporation) ipla 2.8.7 (HKLM-x32\...\ipla) (Version: 2.8.7 - Cyfrowy Polsat S.A.) League of Legends (HKLM-x32\...\{92606477-9366-4D3B-8AE3-6BE4B29727AB}) (Version: 1.3 - Riot Games) Lenovo App Explorer (HKU\S-1-5-21-635559550-1383367878-609704674-1001\...\Host App Service) (Version: 0.272.1.503 - SweetLabs for Lenovo) Lenovo OneKey Recovery (HKLM-x32\...\InstallShield_{46F4D124-20E5-4D12-BE52-EC177A7A4B42}) (Version: 8.1.0.4706 - CyberLink Corp.) Lenovo OneKey Recovery (Version: 8.1.0.4706 - CyberLink Corp.) Hidden Lenovo Photo Master (HKLM-x32\...\{BC94C56A-3649-420C-8756-2ADEBE399D33}) (Version: 2.1.3330.01 - CyberLink Corp.) Lenovo PowerDVD12 (HKLM-x32\...\InstallShield_{B46BEA36-0B71-4A4E-AE41-87241643FA0A}) (Version: 12.0.5709.60 - CyberLink Corp.) Lenovo PowerDVD12 (x32 Version: 12.0.5709.60 - CyberLink Corp.) Hidden Lenovo QuickOptimizer (HKLM\...\{8D2C871B-1B9F-45AC-9C43-2BB18089CDFA}) (Version: 1.0.022.00 - Lenovo) Lenovo Service Bridge (HKU\S-1-5-21-635559550-1383367878-609704674-1001\...\dda9ca0b023f4c56) (Version: 1.6.3.5 - Lenovo) Lenovo Solution Center (HKLM\...\{F925868A-2F2C-414B-A5A7-C613039CE9E4}) (Version: 3.1.001.00 - Lenovo) Lenovo System Interface Foundation (HKLM\...\{C2E5CA37-C862-4A69-AC6D-24F450A20C16}) (Version: 1.0.067.00 - Lenovo) LenovoUtility (HKLM-x32\...\InstallShield_{6ADA7E88-8D16-4D0D-BC90-2B93AC5E56DA}) (Version: 3.0.0.4 - Lenovo) LenovoUtility (x32 Version: 3.0.0.4 - Lenovo) Hidden Metric Collection SDK (x32 Version: 1.1.0012.00 - Lenovo Group Limited) Hidden Metric Collection SDK 35 (x32 Version: 1.2.0010.00 - Lenovo Group Limited) Hidden Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{59E4543A-D49D-4489-B445-473D763C79AF}) (Version: 2.0.672.0 - Microsoft Corporation) Microsoft Office 365 - pl-pl (HKLM\...\O365HomePremRetail - pl-pl) (Version: 16.0.7466.2038 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{7f51bdb9-ee21-49ee-94d6-90afc321780e}) (Version: 12.0.21005.1 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation) Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.23026 (HKLM-x32\...\{e46eca4f-393b-40df-9f49-076faf788d83}) (Version: 14.0.23026.0 - Microsoft Corporation) NapiProjekt (2.2.0.2399) (HKLM-x32\...\NapiProjekt_is1) (Version: - ) Napisy24 (HKLM-x32\...\{D1985DBC-F09E-4317-91B8-932AD0FD4A27}_is1) (Version: 1.5 - Napisy24.pl) Need for Speed(TM) Hot Pursuit (HKLM-x32\...\{83A606F5-BF6F-42ED-9F33-B9F74297CDED}) (Version: 1.0.0.0 - Electronic Arts) Need for Speed™ Carbon version 1.2.0.0 (HKLM-x32\...\Need for Speed™ Carbon_is1) (Version: 1.2.0.0 - GTX Box Team) Need for Speed™ Most Wanted (HKLM-x32\...\{A48B9CD8-C2BA-4EC9-0081-7260D238C7CF}) (Version: - ) NVIDIA Graphics Driver 359.23 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 359.23 - NVIDIA Corporation) NVIDIA PhysX System Software 9.15.0428 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.15.0428 - NVIDIA Corporation) Office 16 Click-to-Run Extensibility Component (x32 Version: 16.0.7466.2038 - Microsoft Corporation) Hidden Office 16 Click-to-Run Extensibility Component 64-bit Registration (Version: 16.0.7426.1015 - Microsoft Corporation) Hidden Office 16 Click-to-Run Licensing Component (Version: 16.0.7466.2038 - Microsoft Corporation) Hidden Office 16 Click-to-Run Localization Component (x32 Version: 16.0.7466.2038 - Microsoft Corporation) Hidden PlayReady PC Runtime x86 (HKLM-x32\...\{CCA5EAAD-92F4-4B7A-B5EE-14294C66AB61}) (Version: 1.3.0 - Microsoft Corporation) REACHit (HKLM-x32\...\{4532E4C5-C84D-4040-A044-ECFCC5C6995B}) (Version: 2.5.005.12 - Lenovo) Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 10.6.1001.2015 - Realtek) Rockstar Games Social Club (HKLM-x32\...\{08B3869E-D282-424C-9AFC-870E04A4BA14}) (Version: 1.00.0000 - Rockstar Games) SHAREit (HKLM-x32\...\SHAREit_is1) (Version: 2.5.5.1 - Lenovo) Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation) TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.19 - TeamSpeak Systems GmbH) The Sims 4 (HKLM-x32\...\VGhlU2ltczQ=_is1) (Version: 1 - ) The Sims™ 4 (HKLM-x32\...\{48EBEBBF-B9F8-4520-A3CF-89A730721917}) (Version: 1.0.732.20 - Electronic Arts Inc.) Tibia (HKLM-x32\...\Tibia_is1) (Version: 10.98 - CipSoft GmbH) Tibia (HKU\S-1-5-21-635559550-1383367878-609704674-1001\...\Tibia) (Version: - CipSoft GmbH) User Manuals (HKLM-x32\...\InstallShield_{7042D952-EE42-4C09-A23D-E7AE4D047007}) (Version: 6.0.0.0 - Lenovo) User Manuals (x32 Version: 6.0.0.0 - Lenovo) Hidden WindBot version 2.8.7 (HKLM-x32\...\{93F2CDEB-F828-463F-9B69-2D8FB38BF089}_is1) (Version: 2.8.7 - Lucas Terra, WindBot) WindMC version 1.0.0 (HKLM-x32\...\{A98A80D2-D46A-41F1-9EA9-D0A7DF1DA184}_is1) (Version: 1.0.0 - Lucas Terra, WindBot) WinRAR 5.31 (64-bitowy) (HKLM\...\WinRAR archiver) (Version: 5.31.0 - win.rar GmbH) ==================== Custom CLSID (Whitelisted): ========================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) ==================== Scheduled Tasks (Whitelisted) ============= (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) Task: {04962393-95BB-4736-8185-C76638DB1361} - System32\Tasks\Lenovo\Lenovo Solution Center Launcher => C:\Program Files\lenovo\lenovo solution center\App\LSCService.exe [2015-08-07] (Lenovo) Task: {284BD40A-486C-4E84-BDE9-42D0EBFDD5BB} - System32\Tasks\{4B6F0E0E-A48D-454F-A41B-520D582753E0} => pcalua.exe -a "C:\Riot Games\League of Legends\lol.launcher.exe" -d "C:\Riot Games\League of Legends\" Task: {31986808-ED3E-452A-9BE6-EFBBED15E342} - System32\Tasks\App Explorer => C:\Users\Remik\AppData\Local\Host App Service\Engine\HostAppServiceUpdater.exe [2016-09-20] (SweetLabs, Inc) Task: {3ABC2973-22D7-4C4E-9CF6-58F844E4D29D} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-11-09] (Adobe Systems Incorporated) Task: {3FF6CBBB-2980-46AB-B5A1-3AFD41969C02} - System32\Tasks\Lenovo\LSC\Lenovo Solution Center Notifications => C:\Program Files\Lenovo\Lenovo Solution Center\LSCNotify.exe [2015-08-07] (Lenovo) Task: {4B48684B-2A81-4DA1-A17C-1032F89336A4} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\WINDOWS\SysWoW64\Macromed\Flash\FlashUtil32_23_0_0_207_pepper.exe [2016-11-09] (Adobe Systems Incorporated) Task: {52DF88A5-462F-40AC-BBF4-3F3BFA05542F} - System32\Tasks\Microsoft\Windows\PLA\LSC Memory => Rundll32.exe C:\Windows\system32\pla.dll,PlaHost "LSC Memory" "$(Arg0)" Task: {5700A20B-3EF1-458E-846F-93BD3818A065} - System32\Tasks\{072BE682-17F6-4AAD-9BF7-A3DF06D65AE1} => pcalua.exe -a "C:\Riot Games\League of Legends\lol.launcher.exe" -d "C:\Riot Games\League of Legends\" Task: {64D28F3C-903D-4231-99A4-8BFFEFD1FF59} - System32\Tasks\Lenovo\SHPrompt => C:\Program Files (x86)\Lenovo\SHAREit\ShareitPrompt.exe [2015-09-25] () Task: {66DA46F4-B0BF-4CEC-98F7-B6971C1FA517} - System32\Tasks\Lenovo\SHUpdate => C:\Program Files (x86)\Lenovo\SHAREit\ShareitUpdater.exe [2015-09-25] () Task: {70F1B56B-A05E-4894-A132-BE053CA86651} - System32\Tasks\Lenovo\Lenovo Service Bridge\S-1-5-21-635559550-1383367878-609704674-1001 => Rundll32.exe dfshim.dll,ShOpenVerbShortcut C:\Users\Remik\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Lenovo\Lenovo Service Bridge.appref-ms Task: {7620298C-9C0F-42B0-B5C7-E4C42BD383C3} - System32\Tasks\PDVDServ12 Task => C:\Program Files (x86)\Lenovo\PowerDVD12\PDVD12Serv.exe [2015-09-11] (CyberLink Corp.) Task: {79824D70-5BD1-4A41-A31C-F28116B0D476} - System32\Tasks\Lenovo\ImController\Lenovo iM Controller Scheduled Maintenance => Sc.exe START ImControllerService Task: {7C3A5C13-EE19-4049-83FC-C202ECC8658B} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2016-10-30] (Microsoft Corporation) Task: {7E545968-63CE-49CB-AAA5-7662CAD562C8} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonx86\Microsoft Shared\Office16\OLicenseHeartbeat.exe [2016-11-02] (Microsoft Corporation) Task: {9E741121-B28B-461D-BAD5-7E262E46ADF9} - System32\Tasks\{4BF19BC5-8A2B-4209-9145-873686AEA860} => pcalua.exe -a "C:\Riot Games\League of Legends\lol.launcher.exe" -d "C:\Riot Games\League of Legends\" Task: {A2FD3D94-09CB-4109-B42A-DF11F4EC40C4} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-07-23] (Google Inc.) Task: {BABAB744-844F-48D0-949B-C9A07F1B97B2} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-07-23] (Google Inc.) Task: {BE43DB4E-2678-4FDF-881A-A2DCC3DFD18B} - System32\Tasks\CyberLink\Photo Master Gadget startup => C:\Program Files (x86)\Lenovo\Lenovo Photo Master\PhotoMasterWorker.exe [2015-09-30] (CyberLink Corp.) Task: {BECE61E3-16BB-4ADE-B5B0-1311A914C34F} - System32\Tasks\Lenovo\REACHit Agent Update => C:\Program Files (x86)\Lenovo\REACHit\REACHitAgent.exe [2016-05-18] (Lenovo) Task: {CE339223-0F3D-41D3-A5DB-C447F49D6CC9} - System32\Tasks\Lenovo\ImController\Plugins\LenovoSystemUpdatePlugin_WeeklyTask => reg.exe add hklm\SOFTWARE\Lenovo\SystemUpdatePlugin\scheduler /v start /t reg_dword /d 1 /f /reg:32 Task: {D280BF2E-7218-448F-8C83-59A013C6F31C} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2016-10-30] (Microsoft Corporation) Task: {EAF9C786-0CB0-4AFF-89A0-B7800A9E31CA} - System32\Tasks\Lenovo\REACHit Agent Startup => C:\Program Files (x86)\Lenovo\REACHit\REACHitAgent.exe [2016-05-18] (Lenovo) Task: {EBE3756D-8552-4069-9C62-FA97F7D4F7DB} - System32\Tasks\Lenovo\LSC\LSCHardwareScan => C:\Program Files\Lenovo\Lenovo Solution Center\LSC.exe [2015-08-07] () Task: {F326DB59-2714-4012-BE71-E1E8805D2313} - System32\Tasks\Lenovo\Lenovo Customer Feedback Program 64 => C:\Program Files (x86)\Lenovo\Customer Feedback Program\Lenovo.TVT.CustomerFeedback.Agent.exe [2015-07-08] (Lenovo) (If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.) Task: C:\WINDOWS\Tasks\Adobe Flash Player PPAPI Notifier.job => C:\WINDOWS\SysWoW64\Macromed\Flash\FlashUtil32_23_0_0_207_pepper.exe Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe ==================== Shortcuts ============================= (The entries could be listed to be restored or removed.) ==================== Loaded Modules (Whitelisted) ============== 2016-07-16 12:42 - 2016-07-16 12:42 - 00231424 _____ () C:\WINDOWS\SYSTEM32\ism32k.dll 2016-09-30 15:16 - 2016-09-15 18:25 - 02681200 _____ () C:\WINDOWS\system32\CoreUIComponents.dll 2016-08-26 11:24 - 2015-12-22 05:06 - 00126256 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll 2016-01-15 16:24 - 2016-01-15 16:24 - 00043976 _____ () C:\Program Files\Lenovo\QuickOptimizer\LNBPrismAssistInf.dll 2016-09-30 15:16 - 2016-09-15 18:25 - 02681200 _____ () C:\WINDOWS\SYSTEM32\CoreUIComponents.dll 2016-08-26 11:57 - 2016-08-26 11:57 - 01864384 _____ () C:\Users\Remik\AppData\Local\Microsoft\OneDrive\17.3.6517.0809\amd64\ClientTelemetry.dll 2016-09-14 00:22 - 2016-09-07 05:56 - 00134656 _____ () C:\Windows\ShellExperiences\Windows.UI.Shell.SharedUtilities.dll 2016-11-09 01:42 - 2016-11-02 11:30 - 00474112 _____ () C:\Windows\ShellExperiences\QuickActions.dll 2016-11-09 01:42 - 2016-11-02 11:21 - 09760768 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll 2016-11-09 01:42 - 2016-11-02 11:15 - 01401856 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll 2016-11-09 01:42 - 2016-11-02 11:14 - 00757248 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CSGSuggestLib.dll 2016-11-09 01:42 - 2016-11-02 11:16 - 02424320 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll 2016-11-09 01:42 - 2016-11-02 11:17 - 04853760 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll 2016-07-28 01:27 - 2016-09-03 00:49 - 00410592 _____ () C:\WINDOWS\system32\igfxTray.exe 2016-05-25 06:54 - 2016-05-25 06:54 - 00791848 _____ () C:\Program Files\Lenovo\LenovoUtility\utility.exe 2016-05-25 06:54 - 2016-05-25 06:54 - 00097048 _____ () C:\Program Files\Lenovo\LenovoUtility\kbdhook.dll 2016-05-25 07:36 - 2010-10-26 05:40 - 00049056 _____ () C:\Program Files\CONEXANT\ForteConfig\fmapp.exe 2016-11-17 12:21 - 2016-11-17 12:22 - 00072192 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.9.261.0_x64__kzf8qxf38zg5c\SkypeHost.exe 2016-11-17 12:21 - 2016-11-17 12:22 - 00178688 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.9.261.0_x64__kzf8qxf38zg5c\SkypeBackgroundTasks.dll 2016-11-17 12:21 - 2016-11-17 12:22 - 41609728 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.9.261.0_x64__kzf8qxf38zg5c\SkyWrap.dll 2016-11-14 22:16 - 2016-11-08 22:03 - 02367080 _____ () C:\Program Files (x86)\Google\Chrome\Application\54.0.2840.99\libglesv2.dll 2016-11-14 22:16 - 2016-11-08 22:03 - 00107112 _____ () C:\Program Files (x86)\Google\Chrome\Application\54.0.2840.99\libegl.dll 2016-07-14 11:25 - 2016-07-14 11:25 - 00174872 _____ () C:\Program Files\TeamSpeak 3 Client\quazip.dll 2016-07-14 11:25 - 2016-07-14 11:25 - 00103192 _____ () C:\Program Files\TeamSpeak 3 Client\soundbackends\directsound_win64.dll 2016-07-14 11:25 - 2016-07-14 11:25 - 00107800 _____ () C:\Program Files\TeamSpeak 3 Client\soundbackends\windowsaudiosession_win64.dll 2016-07-14 11:26 - 2016-07-14 11:26 - 00312088 _____ () C:\Program Files\TeamSpeak 3 Client\plugins\clientquery_plugin.dll 2016-07-14 11:26 - 2016-07-14 11:26 - 00485656 _____ () C:\Program Files\TeamSpeak 3 Client\plugins\teamspeak_control_plugin.dll 2016-05-25 06:56 - 2015-09-30 09:19 - 00875960 _____ () C:\Program Files (x86)\Lenovo\Lenovo Photo Master\subsys\Kernel\Boomerang\UNO.dll 2016-05-25 06:56 - 2015-09-30 09:05 - 00081920 _____ () C:\Program Files (x86)\Lenovo\Lenovo Photo Master\koan\_ctypes.pyd 2016-05-25 06:56 - 2015-09-30 09:05 - 00053248 _____ () C:\Program Files (x86)\Lenovo\Lenovo Photo Master\koan\_socket.pyd 2016-05-25 06:56 - 2015-09-30 09:05 - 00655360 _____ () C:\Program Files (x86)\Lenovo\Lenovo Photo Master\koan\_ssl.pyd 2016-07-23 20:47 - 2016-09-08 04:14 - 00784672 _____ () C:\Program Files (x86)\Steam\SDL2.dll 2016-07-23 20:47 - 2016-09-01 02:02 - 04969248 _____ () C:\Program Files (x86)\Steam\v8.dll 2016-07-23 20:47 - 2016-10-13 02:58 - 02321696 _____ () C:\Program Files (x86)\Steam\video.dll 2016-07-23 20:47 - 2016-01-27 08:49 - 02549760 _____ () C:\Program Files (x86)\Steam\libavcodec-56.dll 2016-07-23 20:47 - 2016-01-27 08:49 - 00491008 _____ () C:\Program Files (x86)\Steam\libavformat-56.dll 2016-07-23 20:47 - 2016-01-27 08:49 - 00332800 _____ () C:\Program Files (x86)\Steam\libavresample-2.dll 2016-07-23 20:47 - 2016-01-27 08:49 - 00442880 _____ () C:\Program Files (x86)\Steam\libavutil-54.dll 2016-07-23 20:47 - 2016-01-27 08:49 - 00485888 _____ () C:\Program Files (x86)\Steam\libswscale-3.dll 2016-07-23 20:47 - 2016-09-01 02:02 - 01563936 _____ () C:\Program Files (x86)\Steam\icui18n.dll 2016-07-23 20:47 - 2016-09-01 02:02 - 01195296 _____ () C:\Program Files (x86)\Steam\icuuc.dll 2016-07-23 20:47 - 2016-10-13 02:58 - 00836896 _____ () C:\Program Files (x86)\Steam\bin\chromehtml.DLL 2016-07-23 20:47 - 2016-07-04 23:17 - 00266560 _____ () C:\Program Files (x86)\Steam\openvr_api.dll 2016-05-25 07:03 - 2014-07-04 05:35 - 00627672 _____ () C:\Program Files (x86)\Lenovo\Power2Go\CLMediaLibrary.dll 2014-07-04 20:35 - 2014-07-04 20:35 - 00016856 _____ () C:\Program Files (x86)\Lenovo\Power2Go\CLMLSvcPS.dll 2016-10-13 23:57 - 2016-08-04 21:56 - 49825056 _____ () C:\Program Files (x86)\Steam\bin\cef\cef.winxp\libcef.dll 2016-05-25 06:54 - 2015-02-13 00:02 - 00224696 _____ () C:\Program Files (x86)\Lenovo\CCSDK\SDKClient.dll ==================== Alternate Data Streams (Whitelisted) ========= (If an entry is included in the fixlist, only the ADS will be removed.) ==================== Safe Mode (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.) HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\McMPFSvc => ""="Service" ==================== Association (Whitelisted) =============== (If an entry is included in the fixlist, the registry item will be restored to default or removed.) ==================== Internet Explorer trusted/restricted =============== (If an entry is included in the fixlist, it will be removed from the registry.) IE trusted site: HKU\S-1-5-21-635559550-1383367878-609704674-1001\...\hola.org -> hxxp://hola.org ==================== Hosts content: =============================== (If needed Hosts: directive could be included in the fixlist to reset Hosts.) 2015-10-30 08:24 - 2015-10-30 08:21 - 00000824 ____A C:\WINDOWS\system32\Drivers\etc\hosts ==================== Other Areas ============================ (Currently there is no automatic fix for this section.) HKU\S-1-5-21-635559550-1383367878-609704674-1001\Control Panel\Desktop\\Wallpaper -> C:\Windows\Web\Wallpaper\Lenovo\LenovoWallPaper.jpg DNS Servers: 192.168.1.1 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1) Windows Firewall is enabled. ==================== MSCONFIG/TASK MANAGER disabled items == ==================== FirewallRules (Whitelisted) =============== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139 FirewallRules: [{BE582CC2-972D-4D9C-8FA5-C7CBEC82EC88}] => (Allow) C:\Program Files (x86)\Electronic Arts\Need for Speed(TM) Hot Pursuit\Launcher.exe FirewallRules: [{8C18215A-9807-4F60-9FC1-D8C9D8BFC00B}] => (Allow) C:\Program Files (x86)\Electronic Arts\Need for Speed(TM) Hot Pursuit\Launcher.exe FirewallRules: [{B000BEB1-A628-4C06-945F-4ABB014D37D8}] => (Allow) C:\Program Files (x86)\Rockstar Games\Rockstar Games Social Club\RGSCLauncher.exe FirewallRules: [{840D5407-78B7-4E1D-A0F7-415F269FB194}] => (Allow) C:\Program Files (x86)\Rockstar Games\Rockstar Games Social Club\RGSCLauncher.exe FirewallRules: [{EADDDE2B-6A07-4B3A-AFB1-D9CED783BB78}] => (Allow) C:\Program Files (x86)\The Sims 4\Game\Bin\TS4.exe FirewallRules: [{9F3ED4B5-E4A7-4E36-A13E-7AA72AF16070}] => (Allow) C:\Program Files (x86)\The Sims 4\Game\Bin\TS4.exe FirewallRules: [{80CA7D12-3C2B-481A-B71F-8E0B3A93CA02}] => (Allow) C:\Users\Remik\AppData\Roaming\uTorrent\uTorrent.exe FirewallRules: [{9C2FFD85-B92C-4FB9-A047-C87EEB4CB82B}] => (Allow) C:\Users\Remik\AppData\Roaming\uTorrent\uTorrent.exe FirewallRules: [{A687B3CC-A43E-4CDF-8F0E-35430880AD2B}] => (Allow) C:\Users\Remik\AppData\Roaming\uTorrent\uTorrent.exe FirewallRules: [{C968DD48-2AF3-4182-84E8-207AF03F90F1}] => (Allow) C:\Users\Remik\AppData\Roaming\uTorrent\uTorrent.exe FirewallRules: [{AA5E95E8-A68E-4CEB-AF94-713AE71EEB10}] => (Allow) C:\Users\Remik\AppData\Roaming\uTorrent\uTorrent.exe FirewallRules: [{E8DCC831-7959-41D7-9CBE-FB3F118BB99D}] => (Allow) C:\Users\Remik\AppData\Roaming\uTorrent\uTorrent.exe FirewallRules: [{248BB36F-F7AB-4F56-8AE3-D64172690D4D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe FirewallRules: [{51275D30-5822-4982-8BFC-EAFB9DEBBEF3}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe FirewallRules: [{0BED7AF3-BE83-4815-A087-FC840CF19EDC}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe FirewallRules: [{8702B46A-94E5-47EA-8A93-704968E3250F}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe FirewallRules: [{AC4F3F55-14FF-41C7-8B1B-4621AC78DA5B}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe FirewallRules: [{552B801B-A05D-4407-9559-C6E59F6CE629}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe FirewallRules: [{1D19BC6B-96A6-4261-A3D5-42F72BD2F851}] => (Allow) C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe FirewallRules: [{31630F4F-4B00-4292-9EE7-EAB322D049FD}] => (Allow) C:\Program Files (x86)\Lenovo\SHAREit\SHAREit.exe FirewallRules: [{FD5173D4-67C1-4144-A1E6-95EC91D94D85}] => (Allow) C:\Program Files (x86)\Lenovo\SHAREit\SHAREit.exe FirewallRules: [{BAB97CE8-619B-4B64-933D-1099FD6B4D45}] => (Allow) C:\Program Files (x86)\Lenovo\Lenovo Photo Master\subsys\AdvPhotoEditor\PhotoDirector5.exe FirewallRules: [{8B8D9919-7B2A-4924-8AF8-292D3047BC01}] => (Allow) C:\Program Files (x86)\Lenovo\Lenovo Photo Master\PhotoPlus.exe FirewallRules: [TCP Query User{79AA7BB3-8D99-47A3-B723-1219B1260630}C:\program files (x86)\electronic arts\need for speed(tm) hot pursuit\nfs11.exe] => (Block) C:\program files (x86)\electronic arts\need for speed(tm) hot pursuit\nfs11.exe FirewallRules: [UDP Query User{0A41AC22-074C-4034-86E4-DDD6E8FAA57D}C:\program files (x86)\electronic arts\need for speed(tm) hot pursuit\nfs11.exe] => (Block) C:\program files (x86)\electronic arts\need for speed(tm) hot pursuit\nfs11.exe FirewallRules: [{75511F0A-3ED6-4C4C-B816-B6FB8745DE53}] => (Allow) C:\Program Files (x86)\NapiProjekt\napisy.exe FirewallRules: [{ACF20AB1-4CD9-442E-AEF2-8F62478B428A}] => (Allow) C:\Program Files (x86)\NapiProjekt\napisy.exe FirewallRules: [TCP Query User{C22CE88D-8395-46D0-95F0-E2F6A4DE94DF}C:\users\remik\appdata\roaming\acestream\engine\ace_engine.exe] => (Allow) C:\users\remik\appdata\roaming\acestream\engine\ace_engine.exe FirewallRules: [UDP Query User{73A99CDD-3D1D-4690-8757-EC60C04A97CE}C:\users\remik\appdata\roaming\acestream\engine\ace_engine.exe] => (Allow) C:\users\remik\appdata\roaming\acestream\engine\ace_engine.exe FirewallRules: [{E3F8EC7F-9DBD-49F9-988C-448C98322FD8}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\outlook.exe FirewallRules: [{961B1B74-9126-4316-B0A8-A2F0DE6F1ACD}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe ==================== Restore Points ========================= 05-11-2016 21:41:40 Scheduled Checkpoint 09-11-2016 04:37:36 Windows Update 18-11-2016 10:37:06 Scheduled Checkpoint ==================== Faulty Device Manager Devices ============= ==================== Event log errors: ========================= Application errors: ================== Error: (11/20/2016 03:38:34 PM) (Source: Application Hang) (EventID: 1002) (User: ) Description: Program chrome.exe w wersji 54.0.2840.99 przestał współpracować z systemem Windows i został zamknięty. Aby sprawdzić, czy jest dostępnych więcej informacji na temat tego problemu, sprawdź historię problemu w oknie Zabezpieczenia i konserwacja w Panelu sterowania. Identyfikator procesu: 292c Godzina rozpoczęcia: 01d243231e3a5776 Godzina zakończenia: 5 Ścieżka aplikacji: C:\Program Files (x86)\Google\Chrome\Application\chrome.exe Identyfikator raportu: feae7106-af2e-11e6-af28-ac2b6e765d8a Pełna nazwa pakietu powodującego błąd: Identyfikator aplikacji względem pakietu powodującego błąd: Error: (11/18/2016 10:37:31 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: ) Description: Przetwarzanie wywołania OnIdentity() w obiekcie System Writer przez Usługi kryptograficzne nie powiodło się. Details: AddLegacyDriverFiles: Unable to back up image of binary Microsoft Link-Layer Discovery Protocol. System Error: Access is denied. . Error: (11/17/2016 12:20:08 PM) (Source: ESENT) (EventID: 489) (User: ) Description: SettingSyncHost (10012) Próba otwarcia pliku „C:\Users\Remik\AppData\Local\Microsoft\Windows\SettingSync\remotemetastore\v1\meta.edb” w trybie tylko do odczytu zakończyła się niepomyślnie z błędem systemowym 32 (0x00000020): „Proces nie może uzyskać dostępu do pliku, ponieważ jest on używany przez inny proces. ”. Operacja otwierania pliku zostanie zakończona z błędem -1032 (0xfffffbf8). Error: (11/13/2016 07:06:58 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Nazwa aplikacji powodującej błąd: steamwebhelper.exe, wersja: 3.65.13.80, sygnatura czasowa: 0x57fed9f2 Nazwa modułu powodującego błąd: steamwebhelper.exe, wersja: 3.65.13.80, sygnatura czasowa: 0x57fed9f2 Kod wyjątku: 0xc0000005 Przesunięcie błędu: 0x00037b59 Identyfikator procesu powodującego błąd: 0xad4 Godzina uruchomienia aplikacji powodującej błąd: 0x01d23dcf290ec8e7 Ścieżka aplikacji powodującej błąd: C:\Program Files (x86)\Steam\bin\cef\cef.winxp\steamwebhelper.exe Ścieżka modułu powodującego błąd: C:\Program Files (x86)\Steam\bin\cef\cef.winxp\steamwebhelper.exe Identyfikator raportu: 0c34abca-68f1-481d-a667-377f7c7a2054 Pełna nazwa pakietu powodującego błąd: Identyfikator aplikacji względem pakietu powodującego błąd: Error: (11/13/2016 06:02:38 PM) (Source: Microsoft Office 16) (EventID: 2011) (User: ) Description: Application: winword.exe; IdentityType: Unknown; HasToken: 1; AutoLoadIdentity: 0; SessionLicensing: 0; LvuxSqm: 37; SppReady: 1; CurrentHr: 0x803d0013; CorrelationId: {AF873B6E-D93E-4580-B0CA-B7494145C612}; OlsErrorCode: 0x407; CurrentProductReleaseId: O365HomePremRetail; AllProductReleaseIds (from store): O365HomePremRetail Error: (11/13/2016 06:02:38 PM) (Source: Microsoft Office 16) (EventID: 2011) (User: ) Description: Office Subscription licensing exception: Error Code: 0x407; CorrelationId: {AF873B6E-D93E-4580-B0CA-B7494145C612} Error: (11/12/2016 04:57:26 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Nazwa aplikacji powodującej błąd: steamwebhelper.exe, wersja: 3.65.13.80, sygnatura czasowa: 0x57fed9f2 Nazwa modułu powodującego błąd: steamwebhelper.exe, wersja: 3.65.13.80, sygnatura czasowa: 0x57fed9f2 Kod wyjątku: 0xc0000005 Przesunięcie błędu: 0x00037b59 Identyfikator procesu powodującego błąd: 0x1870 Godzina uruchomienia aplikacji powodującej błąd: 0x01d23cfb23e8b8fe Ścieżka aplikacji powodującej błąd: C:\Program Files (x86)\Steam\bin\cef\cef.winxp\steamwebhelper.exe Ścieżka modułu powodującego błąd: C:\Program Files (x86)\Steam\bin\cef\cef.winxp\steamwebhelper.exe Identyfikator raportu: d64f6749-f1d6-47e9-aa7a-626bc6ecc87d Pełna nazwa pakietu powodującego błąd: Identyfikator aplikacji względem pakietu powodującego błąd: Error: (11/09/2016 10:07:06 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Nazwa aplikacji powodującej błąd: steamwebhelper.exe, wersja: 3.65.13.80, sygnatura czasowa: 0x57fed9f2 Nazwa modułu powodującego błąd: steamwebhelper.exe, wersja: 3.65.13.80, sygnatura czasowa: 0x57fed9f2 Kod wyjątku: 0xc0000005 Przesunięcie błędu: 0x00037b59 Identyfikator procesu powodującego błąd: 0x187c Godzina uruchomienia aplikacji powodującej błąd: 0x01d23a921f84dbe3 Ścieżka aplikacji powodującej błąd: C:\Program Files (x86)\Steam\bin\cef\cef.winxp\steamwebhelper.exe Ścieżka modułu powodującego błąd: C:\Program Files (x86)\Steam\bin\cef\cef.winxp\steamwebhelper.exe Identyfikator raportu: c106bf7f-50d7-45bd-a295-a5caff3a4c83 Pełna nazwa pakietu powodującego błąd: Identyfikator aplikacji względem pakietu powodującego błąd: Error: (11/09/2016 04:41:01 AM) (Source: Perflib) (EventID: 1008) (User: ) Description: Nie powiodło się wykonanie procedury otwierania dla usługi „BITS” w bibliotece DLL „C:\Windows\System32\bitsperf.dll”. Dane wydajności dla tej usługi nie będą dostępne. Pierwsze cztery bajty (DWORD) sekcji danych Data zawierają kod błędu. Error: (11/09/2016 04:37:56 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: ) Description: Przetwarzanie wywołania OnIdentity() w obiekcie System Writer przez Usługi kryptograficzne nie powiodło się. Details: AddLegacyDriverFiles: Unable to back up image of binary Microsoft Link-Layer Discovery Protocol. System Error: Access is denied. . System errors: ============= Error: (11/21/2016 12:09:13 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Nie można uruchomić usługi Windows Presentation Foundation Font Cache 3.0.0.0 z powodu następującego błędu: Usługa nie odpowiada na sygnał uruchomienia lub sygnał sterujący w oczekiwanym czasie. Error: (11/21/2016 12:09:13 PM) (Source: Service Control Manager) (EventID: 7009) (User: ) Description: Upłynął limit czasu (30000 ms) podczas oczekiwania na połączenie się z usługą FontCache3.0.0.0. Error: (11/21/2016 12:08:37 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY) Description: Zgodnie z ustawieniami uprawnienia application-specific nie jest udzielane uprawnienie Local Activation do aplikacji serwera COM z identyfikatorem klasy CLSID {8D8F4F83-3594-4F07-8369-FC3C3CAE4919} i identyfikatorem aplikacji APPID {F72671A9-012C-4725-9D2F-2A4D32D65169} użytkownikowi NT AUTHORITY\SYSTEM o identyfikatorze zabezpieczeń SID (S-1-5-18) z adresu LocalHost (Using LRPC) działającemu w kontenerze aplikacji o identyfikatorze SID Unavailable (Unavailable). To uprawnienie zabezpieczeń można modyfikować przy użyciu narzędzia administracyjnego Usługi składowe. Error: (11/21/2016 12:08:34 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY) Description: Zgodnie z ustawieniami uprawnienia application-specific nie jest udzielane uprawnienie Local Activation do aplikacji serwera COM z identyfikatorem klasy CLSID {6B3B8D23-FA8D-40B9-8DBD-B950333E2C52} i identyfikatorem aplikacji APPID {4839DDB7-58C2-48F5-8283-E1D1807D0D7D} użytkownikowi NT AUTHORITY\LOCAL SERVICE o identyfikatorze zabezpieczeń SID (S-1-5-19) z adresu LocalHost (Using LRPC) działającemu w kontenerze aplikacji o identyfikatorze SID Unavailable (Unavailable). To uprawnienie zabezpieczeń można modyfikować przy użyciu narzędzia administracyjnego Usługi składowe. Error: (11/21/2016 12:08:34 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY) Description: Zgodnie z ustawieniami uprawnienia application-specific nie jest udzielane uprawnienie Local Activation do aplikacji serwera COM z identyfikatorem klasy CLSID {6B3B8D23-FA8D-40B9-8DBD-B950333E2C52} i identyfikatorem aplikacji APPID {4839DDB7-58C2-48F5-8283-E1D1807D0D7D} użytkownikowi NT AUTHORITY\LOCAL SERVICE o identyfikatorze zabezpieczeń SID (S-1-5-19) z adresu LocalHost (Using LRPC) działającemu w kontenerze aplikacji o identyfikatorze SID Unavailable (Unavailable). To uprawnienie zabezpieczeń można modyfikować przy użyciu narzędzia administracyjnego Usługi składowe. Error: (11/21/2016 12:08:01 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Nie można uruchomić usługi SAService z powodu następującego błędu: Nie można odnaleźć określonego pliku. Error: (11/21/2016 09:28:20 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY) Description: Zgodnie z ustawieniami uprawnienia application-specific nie jest udzielane uprawnienie Local Activation do aplikacji serwera COM z identyfikatorem klasy CLSID {6B3B8D23-FA8D-40B9-8DBD-B950333E2C52} i identyfikatorem aplikacji APPID {4839DDB7-58C2-48F5-8283-E1D1807D0D7D} użytkownikowi NT AUTHORITY\LOCAL SERVICE o identyfikatorze zabezpieczeń SID (S-1-5-19) z adresu LocalHost (Using LRPC) działającemu w kontenerze aplikacji o identyfikatorze SID Unavailable (Unavailable). To uprawnienie zabezpieczeń można modyfikować przy użyciu narzędzia administracyjnego Usługi składowe. Error: (11/21/2016 09:28:20 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY) Description: Zgodnie z ustawieniami uprawnienia application-specific nie jest udzielane uprawnienie Local Activation do aplikacji serwera COM z identyfikatorem klasy CLSID {6B3B8D23-FA8D-40B9-8DBD-B950333E2C52} i identyfikatorem aplikacji APPID {4839DDB7-58C2-48F5-8283-E1D1807D0D7D} użytkownikowi NT AUTHORITY\LOCAL SERVICE o identyfikatorze zabezpieczeń SID (S-1-5-19) z adresu LocalHost (Using LRPC) działającemu w kontenerze aplikacji o identyfikatorze SID Unavailable (Unavailable). To uprawnienie zabezpieczeń można modyfikować przy użyciu narzędzia administracyjnego Usługi składowe. Error: (11/21/2016 09:28:20 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY) Description: Zgodnie z ustawieniami uprawnienia application-specific nie jest udzielane uprawnienie Local Activation do aplikacji serwera COM z identyfikatorem klasy CLSID {8D8F4F83-3594-4F07-8369-FC3C3CAE4919} i identyfikatorem aplikacji APPID {F72671A9-012C-4725-9D2F-2A4D32D65169} użytkownikowi NT AUTHORITY\SYSTEM o identyfikatorze zabezpieczeń SID (S-1-5-18) z adresu LocalHost (Using LRPC) działającemu w kontenerze aplikacji o identyfikatorze SID Unavailable (Unavailable). To uprawnienie zabezpieczeń można modyfikować przy użyciu narzędzia administracyjnego Usługi składowe. Error: (11/21/2016 03:08:10 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY) Description: Zgodnie z ustawieniami uprawnienia application-specific nie jest udzielane uprawnienie Local Activation do aplikacji serwera COM z identyfikatorem klasy CLSID {6B3B8D23-FA8D-40B9-8DBD-B950333E2C52} i identyfikatorem aplikacji APPID {4839DDB7-58C2-48F5-8283-E1D1807D0D7D} użytkownikowi NT AUTHORITY\LOCAL SERVICE o identyfikatorze zabezpieczeń SID (S-1-5-19) z adresu LocalHost (Using LRPC) działającemu w kontenerze aplikacji o identyfikatorze SID Unavailable (Unavailable). To uprawnienie zabezpieczeń można modyfikować przy użyciu narzędzia administracyjnego Usługi składowe. CodeIntegrity: =================================== Date: 2016-11-09 14:07:01.232 Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Windows\System32\nvinitx.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2016-10-31 00:59:38.000 Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Windows\System32\nvinitx.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2016-10-26 18:40:06.782 Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Windows\System32\nvinitx.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2016-10-13 16:11:04.035 Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Windows\System32\nvinitx.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2016-10-03 17:02:32.878 Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Windows\System32\nvinitx.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2016-09-29 15:58:51.166 Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Windows\System32\nvinitx.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2016-09-22 12:46:11.593 Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Windows\System32\nvinitx.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2016-09-17 00:58:39.117 Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Windows\System32\nvinitx.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2016-09-14 15:43:03.290 Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Windows\System32\nvinitx.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2016-09-01 22:08:59.270 Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Windows\System32\nvinitx.dll that did not meet the Custom 3 / Antimalware signing level requirements. ==================== Memory info =========================== Processor: Intel(R) Core(TM) i5-6200U CPU @ 2.30GHz Percentage of memory in use: 44% Total physical RAM: 8097.91 MB Available physical RAM: 4485.81 MB Total Virtual: 9377.91 MB Available Virtual: 5175.25 MB ==================== Drives ================================ Drive c: (Windows) (Fixed) (Total:884.56 GB) (Free:737.86 GB) NTFS Drive d: (LENOVO) (Fixed) (Total:25 GB) (Free:22.42 GB) NTFS Drive g: (NFSHP_2010) (CDROM) (Total:7.85 GB) (Free:0 GB) CDFS ==================== MBR & Partition Table ================== ======================================================== Disk: 0 (Size: 931.5 GB) (Disk ID: 9589D4B0) Partition: GPT. ==================== End of Addition.txt ============================