Infekcja trojana po ściągnięciu aplikacji
Ściągnąłem soft na androida z pewnej strony i przez nieuwagę pobrałem również menadżera pobrań. Przy okazji zainfekowało mi komputer. Co chwile same otwierają się strony w Edge, chrome ciągle się wyłącza. Cały komputer zamulony na maxa, wykorzystanie pocesora i dysku 80-100%. Nie da się używać, tylko tryb awaryjny mi pozostaje. MBAM znalazł setki wirusów, kilka razy skanowałem i dalej coś znajduje więc chyba trzeba wytoczyć większe działa.
http://www.wklej.org/id/3400311/
http://www.wklej.org/id/3400312/
http://www.wklej.org/id/3400313/
Pobierz plik - link do postu
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 14.03.2018
Ran by lou (04-04-2018 14:12:13)
Running from C:\Users\lou\Downloads
Windows 10 Home Version 1709 16299.309 (X64) (2018-03-11 00:13:36)
Boot Mode: Safe Mode (with Networking)
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-2146983506-1740206296-4247606305-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-2146983506-1740206296-4247606305-503 - Limited - Disabled)
defaultuser0 (S-1-5-21-2146983506-1740206296-4247606305-1000 - Limited - Enabled) = & gt; C:\Users\defaultuser0
Guest (S-1-5-21-2146983506-1740206296-4247606305-501 - Limited - Disabled)
lou (S-1-5-21-2146983506-1740206296-4247606305-1001 - Administrator - Enabled) = & gt; C:\Users\lou
WDAGUtilityAccount (S-1-5-21-2146983506-1740206296-4247606305-504 - Limited - Disabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
(Only the adware programs with " Hidden " flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
µTorrent (HKU\S-1-5-21-2146983506-1740206296-4247606305-1001\...\uTorrent) (Version: 3.5.3.44358 - BitTorrent Inc.)
4K Video Downloader 4.4 (HKLM-x32\...\{6C16453A-F664-4CBD-99A7-78F73552470C}) (Version: 4.4.3.2265 - Open Media LLC)
7-Zip 16.04 (HKLM-x32\...\7-Zip) (Version: 16.04 - Igor Pavlov)
AIMP (HKLM-x32\...\AIMP) (Version: v4.50.2058, 27.12.2017 - AIMP DevTeam)
Aktualizacje NVIDIA 29.1.0.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 29.1.0.0 - NVIDIA Corporation) Hidden
Asystent aktualizacji do systemu Windows 10 (HKLM-x32\...\{D5C69738-B486-402E-85AC-2456D98A64E4}) (Version: 1.4.9200.22395 - Microsoft Corporation)
Borderless Gaming (HKLM-x32\...\Borderless Gaming_is1) (Version: 9.4.9 - Andrew Sampson)
Cent Browser (HKU\S-1-5-21-2146983506-1740206296-4247606305-1001\...\CentBrowser) (Version: 3.2.4.23 - Cent Studio)
Cheat Engine 6.7 (HKLM-x32\...\Cheat Engine 6.7_is1) (Version: - Cheat Engine)
CpuCoreParking (HKLM-x32\...\{201BCB80-B052-4BB1-8C01-5581308ACCF3}) (Version: 1.1.1.0 - CpuCoreParking)
CPUID CPU-Z 1.81.1 (HKLM\...\CPUID CPU-Z_is1) (Version: 1.81.1 - )
CPUID HWMonitor 1.34 (HKLM\...\CPUID HWMonitor_is1) (Version: 1.34 - )
Discord (HKU\S-1-5-21-2146983506-1740206296-4247606305-1001\...\Discord) (Version: 0.0.300 - Discord Inc.)
Driver Easy 5.5.5 (HKLM\...\DriverEasy_is1) (Version: 5.5.5 - Easeware)
Epic Games Launcher (HKLM-x32\...\{804A1B77-2B6C-4F8B-AFB9-92D5A00947B2}) (Version: 1.1.134.0 - Epic Games, Inc.)
Epic Games Launcher Prerequisites (x64) (HKLM\...\{66C5838F-B854-4A55-89E6-A6138747A4DF}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
FormatFactory 4.2.0.0 (HKLM-x32\...\FormatFactory) (Version: 4.2.0.0 - Free Time)
Game Fire (HKLM\...\{C2ACBF92-BC7C-42A5-807A-1B86814ACB4B}) (Version: 6.2.3031 - Smart PC Utilities)
GOM Player (HKLM-x32\...\GOM Player) (Version: 2.3.28.5286 - GOM & Company)
Launcher Prerequisites (x64) (HKLM-x32\...\{c6c5a357-c7ca-4a5f-9789-3bb1af579253}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
League of Legends (HKLM-x32\...\League of Legends 1.0) (Version: 1.0 - Riot Games, Inc)
LG United Mobile Driver (HKLM-x32\...\{2A3A4BD6-6CE0-4e2a-80D2-1D0FF6ACBFBA}) (Version: 3.13.2.0 - LG Electronics)
Malwarebytes (wersja 3.3.1.2183) (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.3.1.2183 - Malwarebytes)
MEGAsync (HKLM-x32\...\MEGAsync) (Version: - Mega Limited)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24215 (HKLM-x32\...\{d992c12e-cab2-426f-bde3-fb8c53950b0d}) (Version: 14.0.24215.1 - Microsoft Corporation)
MSI Afterburner 4.3.0 (HKLM-x32\...\Afterburner) (Version: 4.3.0 - MSI Co., LTD)
NapiProjekt (2.2.0.2399) (HKLM-x32\...\NapiProjekt_is1) (Version: - )
Notepad++ (32-bit x86) (HKLM-x32\...\Notepad++) (Version: 7.5.3 - Notepad++ Team)
NVIDIA 3D Vision Driver 388.13 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 388.13 - NVIDIA Corporation)
NVIDIA GeForce Experience 3.10.0.95 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.10.0.95 - NVIDIA Corporation)
NVIDIA Graphics Driver 388.13 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 388.13 - NVIDIA Corporation)
NVIDIA HD Audio Driver 1.3.35.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.35.1 - NVIDIA Corporation)
NVIDIA Oprogramowanie systemu PhysX 9.17.0524 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.17.0524 - NVIDIA Corporation)
NVIDIA Sterownik kontrolera 3D Vision 369.04 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 369.04 - NVIDIA Corporation)
OCCT 4.5.1 (HKLM-x32\...\OCCT) (Version: 4.5.1 - Ocbase.com)
OpenFM (HKU\S-1-5-21-2146983506-1740206296-4247606305-1001\...\OpenFM) (Version: 52.1.0.1 - Grupa Wirtualna Polska)
OpenOffice 4.1.5 (HKLM-x32\...\{7076105B-6FE8-464A-AC28-FFBB2686B68F}) (Version: 4.15.9789 - Apache Software Foundation)
Razer Cortex (HKLM-x32\...\Razer Cortex_is1) (Version: 8.3.20.524 - Razer Inc.)
Replay Media Catcher 7 (7.0.0.8) (HKLM-x32\...\Replay Media Catcher 7) (Version: 7.0.0.8 - Applian Technologies)
Revo Uninstaller Pro 3.2.0 (HKLM\...\{67579783-0FB7-4F7B-B881-E5BE47C9DBE0}_is1) (Version: 3.2.0 - VS Revo Group, Ltd.)
RivaTuner Statistics Server 6.5.0 (HKLM-x32\...\RTSS) (Version: 6.5.0 - Unwinder)
Speedtest by Ookla (HKLM\...\{9CC33E6C-8EF8-4CE3-A874-D5B18966A73F}) (Version: 1.0.14.001 - Ookla)
Super Seducer (HKLM\...\SKIDROW - Super Seducer) (Version: - SKIDROW)
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.1.6 - TeamSpeak Systems GmbH)
Universal Adb Driver (HKLM-x32\...\{C0E08D8D-6076-4117-B644-2AF34F35B757}) (Version: 1.0.4 - ClockworkMod)
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{BF492E7F-BD3F-4F33-932A-1DD0891968B0}) (Version: 2.13.0.0 - Microsoft Corporation)
UpdateAssistant (HKLM\...\{E1D7CB46-BAE9-4D58-99C4-582332B1755A}) (Version: 1.13.0.0 - Microsoft Corporation) Hidden
Volume2 1.1.5 (HKLM-x32\...\Volume2) (Version: 1.1.5 - Alexandr Irza)
Vulkan Run Time Libraries 1.0.61.0 (HKLM\...\VulkanRT1.0.61.0) (Version: 1.0.61.0 - LunarG, Inc.) Hidden
Windows Setup Remediations (x64) (KB4023057) (HKLM\...\{5534e02f-0f5d-40dd-ba92-bea38d22384d}.sdb) (Version: - )
Windscribe (HKLM-x32\...\{fa690e90-ddb0-4f0c-b3f1-136c084e5fc7}_is1) (Version: 1.81 Build 42 - Windscribe Limited)
WinPcap 4.1.3 (HKLM-x32\...\WinPcapInst) (Version: 4.1.0.2980 - Riverbed Technology, Inc.)
WinRAR 5.50 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.50.0 - win.rar GmbH)
WinSpy 2.01 (HKLM-x32\...\WinSpy 2.01) (Version: 2.01 - WinSpy)
Wise Memory Optimizer 3.5.2 (HKLM-x32\...\Wise Memory Optimizer_is1) (Version: 3.5.2 - WiseCleaner.com, Inc.)
YouTube By Click (HKLM-x32\...\{466A9654-03BB-4AEE-975E-935FF341D382}) (Version: 2.2.77 - ByClick) Hidden
YouTube By Click (HKLM-x32\...\YouTube By Click 2.2.77) (Version: 2.2.77 - ByClick)
==================== Custom CLSID (Whitelisted): ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
ShellIconOverlayIdentifiers: [� MEGA (Pending)] - & gt; {056D528D-CE28-4194-9BA3-BA2E9197FF8C} = & gt; C:\Users\lou\AppData\Local\MEGAsync\ShellExtX64.dll [2017-10-18] ()
ShellIconOverlayIdentifiers: [� MEGA (Synced)] - & gt; {05B38830-F4E9-4329-978B-1DD28605D202} = & gt; C:\Users\lou\AppData\Local\MEGAsync\ShellExtX64.dll [2017-10-18] ()
ShellIconOverlayIdentifiers: [� MEGA (Syncing)] - & gt; {0596C850-7BDD-4C9D-AFDF-873BE6890637} = & gt; C:\Users\lou\AppData\Local\MEGAsync\ShellExtX64.dll [2017-10-18] ()
ShellIconOverlayIdentifiers: [ OneDrive1] - & gt; {BBACC218-34EA-4666-9D7A-C78F2274A524} = & gt; - & gt; No File
ShellIconOverlayIdentifiers: [ OneDrive2] - & gt; {5AB7172C-9C11-405C-8DD5-AF20F3606282} = & gt; - & gt; No File
ShellIconOverlayIdentifiers: [ OneDrive3] - & gt; {A78ED123-AB77-406B-9962-2A5D9D2F7F30} = & gt; - & gt; No File
ShellIconOverlayIdentifiers: [ OneDrive4] - & gt; {F241C880-6982-4CE5-8CF7-7085BA96DA5A} = & gt; - & gt; No File
ShellIconOverlayIdentifiers: [ OneDrive5] - & gt; {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} = & gt; - & gt; No File
ShellIconOverlayIdentifiers: [ OneDrive6] - & gt; {9AA2F32D-362A-42D9-9328-24A483E2CCC3} = & gt; - & gt; No File
ShellIconOverlayIdentifiers: [{BFD98515-CD74-48A4-98E2-13D209E3EE4F}] - & gt; {BFD98515-CD74-48A4-98E2-13D209E3EE4F} = & gt; C:\WINDOWS\system32\mcicda64.dll [2018-03-24] ()
ShellIconOverlayIdentifiers-x32: [� MEGA (Pending)] - & gt; {056D528D-CE28-4194-9BA3-BA2E9197FF8C} = & gt; C:\Users\lou\AppData\Local\MEGAsync\ShellExtX64.dll [2017-10-18] ()
ShellIconOverlayIdentifiers-x32: [� MEGA (Synced)] - & gt; {05B38830-F4E9-4329-978B-1DD28605D202} = & gt; C:\Users\lou\AppData\Local\MEGAsync\ShellExtX64.dll [2017-10-18] ()
ShellIconOverlayIdentifiers-x32: [� MEGA (Syncing)] - & gt; {0596C850-7BDD-4C9D-AFDF-873BE6890637} = & gt; C:\Users\lou\AppData\Local\MEGAsync\ShellExtX64.dll [2017-10-18] ()
ShellIconOverlayIdentifiers-x32: [ OneDrive1] - & gt; {BBACC218-34EA-4666-9D7A-C78F2274A524} = & gt; - & gt; No File
ShellIconOverlayIdentifiers-x32: [ OneDrive2] - & gt; {5AB7172C-9C11-405C-8DD5-AF20F3606282} = & gt; - & gt; No File
ShellIconOverlayIdentifiers-x32: [ OneDrive3] - & gt; {A78ED123-AB77-406B-9962-2A5D9D2F7F30} = & gt; - & gt; No File
ShellIconOverlayIdentifiers-x32: [ OneDrive4] - & gt; {F241C880-6982-4CE5-8CF7-7085BA96DA5A} = & gt; - & gt; No File
ShellIconOverlayIdentifiers-x32: [ OneDrive5] - & gt; {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} = & gt; - & gt; No File
ShellIconOverlayIdentifiers-x32: [ OneDrive6] - & gt; {9AA2F32D-362A-42D9-9328-24A483E2CCC3} = & gt; - & gt; No File
ContextMenuHandlers1-x32: [7-Zip] - & gt; {23170F69-40C1-278A-1000-000100020000} = & gt; C:\Program Files (x86)\7-Zip\7-zip.dll [2016-10-04] (Igor Pavlov)
ContextMenuHandlers1-x32: [AIMP] - & gt; {1F77B17B-F531-44DB-ACA4-76ABB5010A28} = & gt; C:\Program Files (x86)\AIMP\System\aimp_menu64.dll [2018-01-29] (AIMP DevTeam)
ContextMenuHandlers1-x32: [ANotepad++64] - & gt; {B298D29A-A6ED-11DE-BA8C-A68E55D89593} = & gt; C:\Program Files (x86)\Notepad++\NppShell_06.dll [2017-12-05] ()
ContextMenuHandlers1-x32: [FormatFactoryShell] - & gt; {A3777921-CFD3-4A6B-89BF-08E6B95716E8} = & gt; C:\Program Files (x86)\FormatFactory\ShellEx64_103.dll [2013-06-17] (Free Time)
ContextMenuHandlers1-x32: [MEGA (Context menu)] - & gt; {0229E5E7-09E9-45CF-9228-0228EC7D5F17} = & gt; C:\Users\lou\AppData\Local\MEGAsync\ShellExtX64.dll [2017-10-18] ()
ContextMenuHandlers1-x32: [WinRAR] - & gt; {B41DB860-64E4-11D2-9906-E49FADC173CA} = & gt; C:\Program Files\WinRAR\rarext.dll [2017-08-11] (Alexander Roshal)
ContextMenuHandlers1-x32-x32: [WinRAR32] - & gt; {B41DB860-8EE4-11D2-9906-E49FADC173CA} = & gt; C:\Program Files\WinRAR\rarext32.dll [2017-08-11] (Alexander Roshal)
ContextMenuHandlers2: [MEGA (Context menu)] - & gt; {0229E5E7-09E9-45CF-9228-0228EC7D5F17} = & gt; C:\Users\lou\AppData\Local\MEGAsync\ShellExtX64.dll [2017-10-18] ()
ContextMenuHandlers3: [MBAMShlExt] - & gt; {57CE581A-0CB6-4266-9CA0-19364C90A0B3} = & gt; C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2017-11-01] (Malwarebytes)
ContextMenuHandlers3: [MEGA (Context menu)] - & gt; {0229E5E7-09E9-45CF-9228-0228EC7D5F17} = & gt; C:\Users\lou\AppData\Local\MEGAsync\ShellExtX64.dll [2017-10-18] ()
ContextMenuHandlers4-x32: [7-Zip] - & gt; {23170F69-40C1-278A-1000-000100020000} = & gt; C:\Program Files (x86)\7-Zip\7-zip.dll [2016-10-04] (Igor Pavlov)
ContextMenuHandlers4-x32: [AIMP] - & gt; {1F77B17B-F531-44DB-ACA4-76ABB5010A28} = & gt; C:\Program Files (x86)\AIMP\System\aimp_menu64.dll [2018-01-29] (AIMP DevTeam)
ContextMenuHandlers4-x32: [FormatFactoryShell] - & gt; {A3777921-CFD3-4A6B-89BF-08E6B95716E8} = & gt; C:\Program Files (x86)\FormatFactory\ShellEx64_103.dll [2013-06-17] (Free Time)
ContextMenuHandlers4-x32: [MEGA (Context menu)] - & gt; {0229E5E7-09E9-45CF-9228-0228EC7D5F17} = & gt; C:\Users\lou\AppData\Local\MEGAsync\ShellExtX64.dll [2017-10-18] ()
ContextMenuHandlers5: [NvCplDesktopContext] - & gt; {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} = & gt; C:\WINDOWS\system32\nvshext.dll [2017-10-27] (NVIDIA Corporation)
ContextMenuHandlers6-x32: [7-Zip] - & gt; {23170F69-40C1-278A-1000-000100020000} = & gt; C:\Program Files (x86)\7-Zip\7-zip.dll [2016-10-04] (Igor Pavlov)
ContextMenuHandlers6-x32: [MBAMShlExt] - & gt; {57CE581A-0CB6-4266-9CA0-19364C90A0B3} = & gt; C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2017-11-01] (Malwarebytes)
ContextMenuHandlers6-x32: [RUShellExt] - & gt; {2C5515DC-2A7E-4BFD-B813-CACC2B685EB7} = & gt; C:\Program Files\VS Revo Group\Revo Uninstaller Pro\RUExt.dll [2012-12-29] (VS Revo Group)
ContextMenuHandlers6-x32: [WinRAR] - & gt; {B41DB860-64E4-11D2-9906-E49FADC173CA} = & gt; C:\Program Files\WinRAR\rarext.dll [2017-08-11] (Alexander Roshal)
ContextMenuHandlers6-x32-x32: [WinRAR32] - & gt; {B41DB860-8EE4-11D2-9906-E49FADC173CA} = & gt; C:\Program Files\WinRAR\rarext32.dll [2017-08-11] (Alexander Roshal)
==================== Scheduled Tasks (Whitelisted) =============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {0CF2DDF9-35D4-498F-BF80-DC4226315E89} - System32\Tasks\{10E77221-56DD-A271-3FD2-865C044427DD} = & gt; C:\Program Files (x86)\joXE.exe [1624-02-24] (Microsoft Corporation) & lt; ==== ATTENTION
Task: {12A1A124-E222-4D2E-9C15-F8882983507C} - System32\Tasks\CCleanerSkipUAC = & gt; C:\Program Files\CCleaner\CCleaner.exe [2017-09-20] (Piriform Ltd)
Task: {12F46C67-C178-4D71-92D6-3D61E4A5F6B3} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} = & gt; C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [2017-10-27] (NVIDIA Corporation)
Task: {15B0AC11-C2D3-4DC3-B0A8-CFA5FB031387} - System32\Tasks\NvTmRepOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} = & gt; C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2017-10-27] (NVIDIA Corporation)
Task: {2147B005-09C8-43E6-B510-606B4715608A} - System32\Tasks\Wise Memory Optimizer Task.job = & gt; C:\Program Files (x86)\Wise\Wise Memory Optimizer\WiseMemoryOptimzer.exe [2017-08-18] (WiseCleaner.com)
Task: {22DA4F10-5692-432C-AEE3-D36ED250E66C} - System32\Tasks\GameFireSkipUAC = & gt; C:\Program Files\Smart PC Utilities\Game Fire\GameFire.exe [2017-07-14] (Smart PC Utilities, Ltd.)
Task: {23FD1D6B-A71A-44F9-ABD7-2C518C981E42} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} = & gt; C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2017-10-27] (NVIDIA Corporation)
Task: {36C27739-3201-49DE-BE8C-55D42651B2B9} - System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} = & gt; C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmMon.exe [2017-10-27] (NVIDIA Corporation)
Task: {450B2EAA-86DF-4DE8-B7B9-1E34DB629BC4} - System32\Tasks\MEGA\MEGAsync Update Task S-1-5-21-2146983506-1740206296-4247606305-1001 = & gt; C:\Users\lou\AppData\Local\MEGAsync\MEGAupdater.exe [2018-01-15] (Mega Limited)
Task: {483600D4-FB8B-4043-99DD-D703436EFA9F} - System32\Tasks\GameFire = & gt; C:\Program Files\Smart PC Utilities\Game Fire\GFTray.exe [2017-07-14] (Smart PC Utilities, Ltd.)
Task: {4ADEE158-AAC1-4C72-AA1C-625C920E3889} - System32\Tasks\{B178FD77-BEB9-179E-5235-531E715802E1} = & gt; C:\Users\lou\AppData\Roaming\XeUwswAUE.exe [1624-02-24] (Microsoft Corporation) & lt; ==== ATTENTION
Task: {6288A3FB-17F5-4AF3-AD79-81F39CC09C31} - System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} = & gt; C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2017-10-27] (NVIDIA Corporation)
Task: {668FBCD2-CC02-459B-8E89-833DB4B263F4} - System32\Tasks\cmdsvr = & gt; C:\Dapp\cmdsvr.exe [2018-03-12] (TODO: & lt; Company name & gt; )
Task: {7C179241-2462-4A69-A3B1-A63FE2EA5433} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} = & gt; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [2017-10-27] (NVIDIA Corporation)
Task: {82409956-78D2-4167-AA5E-699EAE80A63A} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} = & gt; C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2017-10-27] (NVIDIA Corporation)
Task: {B3590912-FCA8-4B70-B9F0-E235F7148A8A} - System32\Tasks\Driver Easy Scheduled Scan = & gt; C:\Program Files\Easeware\DriverEasy\DriverEasy.exe [2017-11-10] (Easeware)
Task: {C88B6B69-FB17-46FC-A45A-9A0E2F2AF288} - System32\Tasks\Dapp = & gt; C:\Dapp\Dapp.exe [2018-03-27] (Web Service Inc.)
Task: {D46E3041-DC9A-422C-AE5D-EA2A34065551} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} = & gt; C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [2017-10-27] (NVIDIA Corporation)
Task: {E6F585D5-9BAB-4D7A-9A9B-D4C256507EAC} - System32\Tasks\CreateExplorerShellUnelevatedTask = & gt; C:\WINDOWS\explorer.exe /NOUACCHECK
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job = & gt; C:\WINDOWS\explorer.exe
Task: C:\WINDOWS\Tasks\Driver Easy Scheduled Scan.job = & gt; C:\Program Files\Easeware\DriverEasy\DriverEasy.exe
==================== Shortcuts & WMI ========================
(The entries could be listed to be restored or removed.)
==================== Loaded Modules (Whitelisted) ==============
2017-09-29 15:41 - 2017-09-29 15:41 - 000184432 _____ () C:\WINDOWS\SYSTEM32\inputhost.dll
2017-10-18 23:51 - 2017-10-18 23:51 - 000598528 _____ () C:\Users\lou\AppData\Local\MEGAsync\ShellExtX64.dll
2018-04-04 12:39 - 2018-03-24 14:51 - 002990080 ____N () C:\WINDOWS\system32\mcicda64.dll
2018-03-14 12:05 - 2018-02-22 02:26 - 011044864 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2018-03-14 12:04 - 2018-02-22 02:21 - 001804288 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2017-10-08 12:44 - 2017-07-26 11:20 - 000789704 _____ () C:\Program Files (x86)\FreeDownloadManager.ORG\Free Download Manager\browsernativehost.exe
2018-02-13 14:53 - 2018-02-13 05:41 - 002400256 _____ () C:\Users\lou\AppData\Local\CentBrowser\Application\3.2.4.23\swiftshader\libglesv2.dll
2018-02-13 14:53 - 2018-02-13 05:41 - 000108032 _____ () C:\Users\lou\AppData\Local\CentBrowser\Application\3.2.4.23\swiftshader\libegl.dll
==================== Alternate Data Streams (Whitelisted) =========
(If an entry is included in the fixlist, only the ADS will be removed.)
==================== Safe Mode (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The " AlternateShell " will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Option = & gt; " OptionValue " = " 2 "
==================== Association (Whitelisted) ===============
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
==================== Internet Explorer trusted/restricted ===============
(If an entry is included in the fixlist, it will be removed from the registry.)
IE trusted site: HKU\S-1-5-21-2146983506-1740206296-4247606305-1001\...\localhost - & gt; localhost
IE restricted site: HKU\S-1-5-21-2146983506-1740206296-4247606305-1001\...\kmpmedia.net - & gt; hxxp://player.kmpmedia.net
==================== Hosts content: ==========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2017-12-05 08:13 - 2018-04-04 12:39 - 000001723 _____ C:\WINDOWS\system32\Drivers\etc\hosts
0.0.0.0 cert.bandicam.com
127.0.0.1 wemsofts.com
127.0.0.1 bongadoom.com
127.0.0.1 wepcmainsystem.com
127.0.0.1 internalcampaigntargets.com
127.0.0.1 bongadoom.com
127.0.0.1 getthefilenow.com
127.0.0.1 bigpicturepop.com
127.0.0.1 wizzcaster.com
127.0.0.1 bestoffersfortoday.com
127.0.0.1 wepcmainsystem.com
127.0.0.1 agent.wizztrakys.com
127.0.0.1 csdimonetize.com
127.0.0.1 dl.azalee.site
127.0.0.1 titiaredh.com
127.0.0.1 wepcdisplaysystem.com
127.0.0.1 wepcanalyticsystem.com
127.0.0.1 healthydownload.com
127.0.0.1 leading2download.com
127.0.0.1 dwl0.wizzlabs.com
127.0.0.1 dwl1.wizzlabs.com
127.0.0.1 mess1.wizzmonetize.com
127.0.0.1 dl.azalee.site
127.0.0.1 dl.smashdl.com
127.0.0.1 downloadmyhost.com
127.0.0.1 lapapahoster.com
127.0.0.1 asedownloadgate.com
127.0.0.1 ladomainadeserver.com
127.0.0.1 mess1.wizzmonetize.com
127.0.0.1 dl.wizzuniquify.com
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-2146983506-1740206296-4247606305-1001\Control Panel\Desktop\\Wallpaper - & gt; E:\sea_24-wallpaper-1920x1080.jpg
DNS Servers: 192.168.43.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System = & gt; (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer = & gt; (SmartScreenEnabled: Off)
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
HKLM\...\StartupApproved\Run32: = & gt; " SecurityHealth "
HKLM\...\StartupApproved\Run32: = & gt; " Volume2 "
HKU\S-1-5-21-2146983506-1740206296-4247606305-1001\...\StartupApproved\Run: = & gt; " AceStream "
HKU\S-1-5-21-2146983506-1740206296-4247606305-1001\...\StartupApproved\Run: = & gt; " Napisy24.pl "
HKU\S-1-5-21-2146983506-1740206296-4247606305-1001\...\StartupApproved\Run: = & gt; " Napisy24Update "
HKU\S-1-5-21-2146983506-1740206296-4247606305-1001\...\StartupApproved\Run: = & gt; " OneDriveSetup "
==================== FirewallRules (Whitelisted) ===============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [{018A092C-3BCF-49A0-AA90-CE23739D8204}] = & gt; (Allow) C:\Program Files (x86)\NapiProjekt\napisy.exe
FirewallRules: [{9F498782-5E1E-4FF2-BF7C-04F4A21E7B41}] = & gt; (Allow) C:\Program Files (x86)\NapiProjekt\napisy.exe
FirewallRules: [{AFAC4943-6596-4604-A81D-FE88C0C180E6}] = & gt; (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{6D2D483D-F6A9-45F8-8F9E-189E65929BA9}] = & gt; (Allow) C:\Program Files (x86)\FormatFactory\FormatFactory.exe
FirewallRules: [{0FE961A7-6471-4980-A5E7-4719A103A154}] = & gt; (Allow) C:\Program Files (x86)\FormatFactory\FFModules\Encoder\Doc\EBookCodec.exe
FirewallRules: [{3C9560EB-9B0F-4D3C-95E9-610DAE85008B}] = & gt; (Allow) C:\Program Files (x86)\FormatFactory\FFModules\Encoder\Doc\EBookCodec.exe
FirewallRules: [{838ADEBB-A54D-4190-99A8-936E1712912E}] = & gt; (Allow) C:\Program Files (x86)\FormatFactory\FormatFactory.exe
FirewallRules: [{C20F9468-105B-4F3B-9323-95CD16E50DB8}] = & gt; (Allow) C:\Users\lou\AppData\Roaming\ACEStream\engine\ace_engine.exe
FirewallRules: [{59172815-5BC0-49F6-8A33-D5C48209D4F0}] = & gt; (Allow) C:\Users\lou\AppData\Roaming\ACEStream\engine\ace_engine.exe
FirewallRules: [{D983524B-BFD8-4D39-8F72-C1BECEB9882C}] = & gt; (Allow) C:\Program Files\Easeware\DriverEasy\DriverEasy.exe
FirewallRules: [{CB048665-F390-45AC-8CFB-56AC8DAC146A}] = & gt; (Allow) C:\Program Files (x86)\NapiProjekt\napisy.exe
FirewallRules: [{3DB29779-EB9B-488B-9D7D-C239ABC9C39E}] = & gt; (Allow) C:\Program Files (x86)\NapiProjekt\napisy.exe
FirewallRules: [{FA02EE36-FC89-4B6D-B908-E4C383590F9E}] = & gt; (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
FirewallRules: [{6A6CD5AC-454F-4A65-B732-29AEF3F94227}] = & gt; (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{9010E7C3-DEAA-4AA7-99F3-AADF2FD3A502}] = & gt; (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{01D4B079-B2E6-4D30-8A1D-930B15C9D8BE}] = & gt; (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
FirewallRules: [{DF0B3999-168A-4512-B216-78E11B0F67F7}] = & gt; (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
FirewallRules: [{3DF4B682-E19A-417E-ACBD-717E514FC184}] = & gt; (Allow) E:\steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{EA23C782-B37B-487F-8B31-AE164AAE5560}] = & gt; (Allow) E:\steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{B6237C49-2261-44D4-BAFF-FD897822397E}] = & gt; (Allow) C:\Users\lou\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{50B83BC1-765B-42C9-96D3-B079F40E9830}] = & gt; (Allow) C:\Users\lou\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{B3CFC9EF-24B7-457E-962C-B35D1C4D7C85}] = & gt; (Allow) E:\steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{96A4E16D-DC96-420C-9367-F0CF25B76C7C}] = & gt; (Allow) E:\steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{A27F78BB-AB55-41B9-8667-001D17A8959B}] = & gt; (Allow) E:\steam\Steam.exe
FirewallRules: [{BF2ABB36-3AB7-45E6-B980-CF27EBF60FF1}] = & gt; (Allow) E:\steam\Steam.exe
FirewallRules: [{A09929F3-3759-43AD-BCD0-51CFEA1D8EC2}] = & gt; (Allow) C:\WINDOWS\SysWOW64\msiexec.exe
FirewallRules: [{C11F8E07-82FA-48E6-A575-C4A64853EF06}] = & gt; (Allow) C:\Program Files (x86)\joXE.exe
FirewallRules: [{FAFE3C58-DC9B-4402-8446-353AC88E57C4}] = & gt; (Allow) C:\Users\lou\AppData\Roaming\XeUwswAUE.exe
FirewallRules: [{001CD438-F729-4C68-A1F8-48BFE0D174F1}] = & gt; (Allow) C:\WINDOWS\system32\rundll32.exe
FirewallRules: [{7AE2B7F1-7E93-41BC-8179-40DE27B20C23}] = & gt; (Allow) C:\Windows\System32\rundll32.exe
FirewallRules: [{5418C8D1-1162-44CC-A408-C9E2372730FE}] = & gt; (Allow) C:\Windows\System32\rundll32.exe
==================== Restore Points =========================
25-03-2018 21:19:08 Scheduled Checkpoint
01-04-2018 03:14:06 Windows Modules Installer
04-04-2018 12:50:28 Revo Uninstaller Pro's restore point - PandaViewer
==================== Faulty Device Manager Devices =============
Name: NVIDIA nForce Networking Controller
Description: Kontroler sieci NVIDIA nForce
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: NVIDIA
Service: NVNET
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click " Action " , and then click " Enable Device " . This starts the Enable Device wizard. Follow the instructions.
==================== Event log errors: =========================
Application errors:
==================
Error: (04/04/2018 01:11:57 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Błąd Usługi kopiowania woluminów w tle: nieoczekiwany błąd podczas wywoływania procedury QueryFullProcessImageNameW. hr = 0x80070006, The handle is invalid.
.
Operation:
Executing Asynchronous Operation
Context:
Current State: DoSnapshotSet
Error: (04/04/2018 01:08:49 PM) (Source: VSS) (EventID: 8194) (User: )
Description: Błąd Usługi kopiowania woluminów w tle: nieoczekiwany błąd podczas badania interfejsu IVssWriterCallback. hr = 0x80070005, Access is denied.
.
To jest często spowodowane przez niepoprawne ustawienia zabezpieczeń w procesie zapisującym lub żądającym.
Operation:
Gathering Writer Data
Context:
Writer Class Id: {e8132975-6f93-4464-a53e-1050253ae220}
Writer Name: System Writer
Writer Instance ID: {25f1d02d-f73b-4a31-b981-13536b6a4648}
Error: (04/04/2018 12:49:20 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Program HealerConsole.exe w wersji 0.0.0.0 przestał współpracować z systemem Windows i został zamknięty. Aby sprawdzić, czy jest dostępnych więcej informacji na temat tego problemu, sprawdź historię problemu w oknie Zabezpieczenia i konserwacja w Panelu sterowania.
Identyfikator procesu: 17b8
Godzina rozpoczęcia: 01d3cc0193c97a91
Godzina zakończenia: 4294967295
Ścieżka aplikacji: C:\Program Files (x86)\SystemHealer\HealerConsole.exe
Identyfikator raportu: 5d72f256-10c5-4555-bb44-dffd6dc398ca
Pełna nazwa pakietu powodującego błąd:
Identyfikator aplikacji względem pakietu powodującego błąd:
Error: (04/04/2018 12:48:52 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Błąd Usługi kopiowania woluminów w tle: nieoczekiwany błąd podczas wywoływania procedury QueryFullProcessImageNameW. hr = 0x80070006, The handle is invalid.
.
Operation:
Executing Asynchronous Operation
Context:
Current State: DoSnapshotSet
Error: (04/04/2018 12:48:41 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Program MicrosoftEdge.exe w wersji 11.0.16299.309 przestał współpracować z systemem Windows i został zamknięty. Aby sprawdzić, czy jest dostępnych więcej informacji na temat tego problemu, sprawdź historię problemu w oknie Zabezpieczenia i konserwacja w Panelu sterowania.
Identyfikator procesu: 2634
Godzina rozpoczęcia: 01d3cc025562e66b
Godzina zakończenia: 4294967295
Ścieżka aplikacji: C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe
Identyfikator raportu: 11854936-6082-476a-be40-413d5d9d3a42
Pełna nazwa pakietu powodującego błąd: Microsoft.MicrosoftEdge_41.16299.248.0_neutral__8wekyb3d8bbwe
Identyfikator aplikacji względem pakietu powodującego błąd: MicrosoftEdge
Error: (04/04/2018 12:48:37 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 2484) (User: NETIASPOT-82681)
Description: Działanie pakietu Microsoft.MicrosoftEdge_41.16299.248.0_neutral__8wekyb3d8bbwe+MicrosoftEdge zostało zakończone, ponieważ operacja wstrzymywania pakietu trwała zbyt długo.
Error: (04/04/2018 12:46:50 PM) (Source: VSS) (EventID: 8194) (User: )
Description: Błąd Usługi kopiowania woluminów w tle: nieoczekiwany błąd podczas badania interfejsu IVssWriterCallback. hr = 0x80070005, Access is denied.
.
To jest często spowodowane przez niepoprawne ustawienia zabezpieczeń w procesie zapisującym lub żądającym.
Operation:
Gathering Writer Data
Context:
Writer Class Id: {e8132975-6f93-4464-a53e-1050253ae220}
Writer Name: System Writer
Writer Instance ID: {c2174335-d320-4f84-9816-74088b9c5605}
Error: (04/04/2018 12:45:39 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nazwa aplikacji powodującej błąd: mbamservice.exe, wersja: 3.1.0.595, sygnatura czasowa: 0x59f745cb
Nazwa modułu powodującego błąd: mbamservice.exe, wersja: 3.1.0.595, sygnatura czasowa: 0x59f745cb
Kod wyjątku: 0xc0000005
Przesunięcie błędu: 0x00000000001c6e66
Identyfikator procesu powodującego błąd: 0x13ac
Godzina uruchomienia aplikacji powodującej błąd: 0x01d3cc0209f6400e
Ścieżka aplikacji powodującej błąd: C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe
Ścieżka modułu powodującego błąd: C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe
Identyfikator raportu: 0808fd85-32ed-4286-b73f-abfcf15646d3
Pełna nazwa pakietu powodującego błąd:
Identyfikator aplikacji względem pakietu powodującego błąd:
System errors:
=============
Error: (04/04/2018 02:12:54 PM) (Source: DCOM) (EventID: 10005) (User: NT AUTHORITY)
Description: Model DCOM odebrał błąd 1084 podczas próby uruchomienia usługi EventSystem z argumentami Unavailable w celu uruchomienia serwera:
{1BE1F766-5536-11D1-B726-00C04FB926AF}
Error: (04/04/2018 02:12:47 PM) (Source: DCOM) (EventID: 10005) (User: NETIASPOT-82681)
Description: Model DCOM odebrał błąd 1084 podczas próby uruchomienia usługi ShellHWDetection z argumentami Unavailable w celu uruchomienia serwera:
{DD522ACC-F821-461A-A407-50B198B896DC}
Error: (04/04/2018 02:12:13 PM) (Source: DCOM) (EventID: 10005) (User: NETIASPOT-82681)
Description: Model DCOM odebrał błąd 1084 podczas próby uruchomienia usługi ShellHWDetection z argumentami Unavailable w celu uruchomienia serwera:
{DD522ACC-F821-461A-A407-50B198B896DC}
Error: (04/04/2018 02:10:57 PM) (Source: DCOM) (EventID: 10005) (User: NETIASPOT-82681)
Description: Model DCOM odebrał błąd 1084 podczas próby uruchomienia usługi ShellHWDetection z argumentami Unavailable w celu uruchomienia serwera:
{DD522ACC-F821-461A-A407-50B198B896DC}
Error: (04/04/2018 02:10:04 PM) (Source: DCOM) (EventID: 10005) (User: NETIASPOT-82681)
Description: Model DCOM odebrał błąd 1084 podczas próby uruchomienia usługi ShellHWDetection z argumentami Unavailable w celu uruchomienia serwera:
{DD522ACC-F821-461A-A407-50B198B896DC}
Error: (04/04/2018 02:09:58 PM) (Source: DCOM) (EventID: 10005) (User: NETIASPOT-82681)
Description: Model DCOM odebrał błąd 1084 podczas próby uruchomienia usługi ShellHWDetection z argumentami Unavailable w celu uruchomienia serwera:
{DD522ACC-F821-461A-A407-50B198B896DC}
Error: (04/04/2018 02:09:12 PM) (Source: DCOM) (EventID: 10005) (User: NT AUTHORITY)
Description: Model DCOM odebrał błąd 1084 podczas próby uruchomienia usługi WSearch z argumentami Unavailable w celu uruchomienia serwera:
{9E175B68-F52A-11D8-B9A5-505054503030}
Error: (04/04/2018 02:08:44 PM) (Source: DCOM) (EventID: 10005) (User: NETIASPOT-82681)
Description: Model DCOM odebrał błąd 1084 podczas próby uruchomienia usługi ShellHWDetection z argumentami Unavailable w celu uruchomienia serwera:
{DD522ACC-F821-461A-A407-50B198B896DC}
CodeIntegrity:
===================================
Date: 2018-03-16 23:50:51.287
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\Windows.WARP.JITService.exe) attempted to load \Device\HarddiskVolume2\Windows\Jaksta\AC\x64\jaudcap.dll that did not meet the Store signing level requirements.
Date: 2018-03-14 00:30:53.204
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\Windows.WARP.JITService.exe) attempted to load \Device\HarddiskVolume2\Windows\Jaksta\AC\x64\jaudcap.dll that did not meet the Store signing level requirements.
Date: 2018-03-13 20:19:20.375
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\Windows.WARP.JITService.exe) attempted to load \Device\HarddiskVolume2\Windows\Jaksta\AC\x64\jaudcap.dll that did not meet the Store signing level requirements.
Date: 2018-03-12 02:34:24.753
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\Windows.WARP.JITService.exe) attempted to load \Device\HarddiskVolume2\Windows\Jaksta\AC\x64\jaudcap.dll that did not meet the Store signing level requirements.
Date: 2018-03-11 01:25:43.695
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\Windows.WARP.JITService.exe) attempted to load \Device\HarddiskVolume2\Windows\Jaksta\AC\x64\jaudcap.dll that did not meet the Store signing level requirements.
==================== Memory info ===========================
Processor: AMD Athlon(tm) II X4 630 Processor
Percentage of memory in use: 34%
Total physical RAM: 4095.3 MB
Available physical RAM: 2687.52 MB
Total Virtual: 6655.3 MB
Available Virtual: 5359.11 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:247.8 GB) (Free:47.64 GB) NTFS
Drive e: (Nowy) (Fixed) (Total:48.97 GB) (Free:14.34 GB) NTFS
\\?\Volume{921daafe-0000-0000-0000-100000000000}\ (System Reserved) (Fixed) (Total:0.49 GB) (Free:0.23 GB) NTFS
\\?\Volume{921daafe-0000-0000-0000-70123e000000}\ () (Fixed) (Total:0.83 GB) (Free:0.46 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 298.1 GB) (Disk ID: 921DAAFE)
Partition 1: (Active) - (Size=500 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=247.8 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=846 MB) - (Type=27)
Partition 4: (Not Active) - (Size=49 GB) - (Type=07 NTFS)
==================== End of Addition.txt ============================
