Witam mam problem z wirusem który automatycznie odpala reklamy w nowej karcie oraz zamyka przegladarke po wpisaniu fraz związanych z programami typu ADWCleaner etc. Z góry dziękuje za pomoc i pozdrawiam. Logi FRST.
Rezultaty skanu uzupełniającego Farbar Recovery Scan Tool (x64) Wersja: 23.08.2018
Uruchomiony przez KubaBuba (08-09-2018 10:34:14)
Uruchomiony z C:\Users\KubaBuba\Desktop\Nowy folder
Windows 7 Home Premium Service Pack 1 (X64) (2017-01-14 20:22:05)
Tryb startu: Safe Mode (with Networking)
==========================================================
==================== Konta użytkowników: =============================
Administrator (S-1-5-21-2593294678-4074417021-530637614-500 - Administrator - Disabled)
Gość (S-1-5-21-2593294678-4074417021-530637614-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-2593294678-4074417021-530637614-1002 - Limited - Enabled)
KubaBuba (S-1-5-21-2593294678-4074417021-530637614-1000 - Administrator - Enabled) = & gt; C:\Users\KubaBuba
==================== Centrum zabezpieczeń ========================
(Załączenie wejścia w fixlist spowoduje jego usunięcie.)
AV: Microsoft Security Essentials (Enabled - Up to date) {71A27EC9-3DA6-45FC-60A7-004F623C6189}
AS: Microsoft Security Essentials (Enabled - Up to date) {CAC39F2D-1B9C-4A72-5A17-3B3D19BB2B34}
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Zainstalowane programy ======================
(W fixlist dozwolone tylko załączanie programów adware z flagą " Hidden " w celu ich uwidocznienia. Programy adware powinny zostać w poprawny sposób odinstalowane.)
µTorrent (HKU\S-1-5-21-2593294678-4074417021-530637614-1000\...\uTorrent) (Version: 3.5.4.44520 - BitTorrent Inc.)
Adobe Acrobat Reader DC - Polish (HKLM-x32\...\{AC76BA86-7AD7-1045-7B44-AC0F074E4100}) (Version: 18.011.20058 - Adobe Systems Incorporated)
Adobe Flash Player 27 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 27.0.0.187 - Adobe Systems Incorporated)
AMD Software (HKLM\...\AMD Catalyst Install Manager) (Version: 18.7.1 - Advanced Micro Devices, Inc.)
Application Verifier x64 External Package (HKLM\...\{01C2C51F-B0CF-BB5E-A010-E927D44F7720}) (Version: 10.1.15063.137 - Microsoft) Hidden
Aslain's WoT Modpack (wersja 1.0.2.3.00) (HKLM-x32\...\Aslains_WoT_Modpack_Installer_is1) (Version: 1.0.2.3.00 - Aslain)
Bandicam (HKLM-x32\...\Bandicam) (Version: 4.1.0.1362 - Bandicam.com)
Bandicam MPEG-1 Decoder (HKLM-x32\...\BandiMPEG1) (Version: - Bandicam.com)
Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment)
Battlefield™ 1 (HKLM-x32\...\{335B50BC-6130-4BAF-9A6A-F1561270587B}) (Version: 1.0.55.31997 - Electronic Arts)
Branding64 (HKLM\...\{EE2AFCE4-0238-4DE0-A140-1647021627C1}) (Version: 1.00.0001 - Advanced Micro Devices, Inc.) Hidden
Call of Duty(R) 4 - Modern Warfare(TM) 1.6 Patch (HKLM-x32\...\InstallShield_{8A15B7D9-908A-4EF9-BA84-5AEDE61743EE}) (Version: - ) Hidden
Call of Duty(R) 4 - Modern Warfare(TM) 1.7 Patch (HKLM-x32\...\InstallShield_{931C37FC-594D-43A9-B10F-A2F2B1F03498}) (Version: - ) Hidden
Camtasia Studio 8 (HKLM-x32\...\{45F34E54-DAD9-405B-A4F6-B12B0A46B984}) (Version: 8.4.1.1745 - TechSmith Corporation)
CCleaner (HKLM\...\CCleaner) (Version: 5.38 - Piriform)
DAEMON Tools Lite (HKLM\...\DAEMON Tools Lite) (Version: 10.5.0.0222 - Disc Soft Ltd)
Diablo II (HKLM-x32\...\Diablo II) (Version: - )
Discord (HKU\S-1-5-21-2593294678-4074417021-530637614-1000\...\Discord) (Version: 0.0.301 - Discord Inc.)
Dont Starve Together v280490 (HKLM-x32\...\tuttop.com Dont Starve Together v280490_is1) (Version: 280490 - tuttop.Com)
Epic Games Launcher Prerequisites (x64) (HKLM\...\{66C5838F-B854-4A55-89E6-A6138747A4DF}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
Evolve (HKLM\...\{670B1B49-9FD3-4827-9B41-471EFF580AA8}) (Version: 1.8.18 - Echobit, LLC)
FreeMouseAutoClicker 3.8.5 (HKLM-x32\...\{292F00C5-25EF-4FBE-9873-13EF1F69DEED}_is1) (Version: - Advanced Mouse Auto Clicker ltd.)
Fujitsu Slim Mobile ExpressCard DVB-T 1.0.64.62 (HKLM-x32\...\Fujitsu Slim Mobile ExpressCard DVB-T) (Version: 1.0.64.62 - )
GIMP 2.8.20 (HKLM\...\GIMP-2_is1) (Version: 2.8.20 - The GIMP Team)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 68.0.3440.106 - Google Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.17 - Google Inc.) Hidden
Gothic II Złota Edycja (HKLM-x32\...\{6FB6D550-DDC4-4996-9CDF-91C34F0A4C4A}) (Version: 2.6 - JoWood)
GOTHIC2 - Noc Kruka - 'Pakiet systemowy' (HKLM-x32\...\GOTHIC2 - Noc Kruka - 'Pakiet systemowy') (Version: 1.6 - World of Gothic RU © 2016)
GTA San Andreas (HKLM-x32\...\{D417C96A-FCC7-4590-A1BB-FAF73F5BC98E}) (Version: 1.00.00001 - Rockstar Games)
Gtk# for .Net 2.12.26 (HKLM-x32\...\{BC25B808-A11C-4C9F-9C0A-6682E47AAB83}) (Version: 2.12.26 - Xamarin, Inc.)
Hearthstone (HKLM-x32\...\Hearthstone) (Version: - Blizzard Entertainment)
Heroes of Might and Magic® III: Horn of the Abyss (HKLM-x32\...\HotA + HD_is1) (Version: 1.5.3 - HotA Crew)
Herramientas de corrección de Microsoft Office 2016: español (HKLM-x32\...\{90160000-001F-0C0A-0000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
HP DeskJet 3700 series — podstawowe oprogramowanie urządzenia (HKLM\...\{8EC451C2-5C9E-4C00-A30D-6EA6F73B5D97}) (Version: 40.2.1085.16354 - HP Inc.)
HP DeskJet 3700 series Pomoc (HKLM-x32\...\{17F6D66F-3498-48D2-95C6-3F63B40C1447}) (Version: 40.0.0 - HP)
HP Dropbox Plugin (HKLM-x32\...\{8A3F1F3A-A88B-4090-83C6-3C4CBDE3F8CC}) (Version: 36.0.41.58587 - HP)
HP Google Drive Plugin (HKLM-x32\...\{958F5926-D507-4C87-B83B-8D6CA34195D9}) (Version: 36.0.41.58587 - HP)
HP Photo Creations (HKLM-x32\...\HP Photo Creations) (Version: 1.0.0.9572 - HP)
Image Resizer for Windows (64 bit) (HKLM\...\{617CA6E9-D5FB-4017-8130-82E68C56C34D}) (Version: 3.0.4802.35565 - Brice Lambson) Hidden
Image Resizer for Windows (HKLM-x32\...\{69d72156-6582-4556-8637-06f40aa7f85b}) (Version: 3.0.4802.35565 - Brice Lambson)
Intel(R) USB 3.0\3.1 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 5.0.0.32 - Intel Corporation)
Java 8 Update 121 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180121F0}) (Version: 8.0.1210.13 - Oracle Corporation)
Launcher Prerequisites (x64) (HKLM-x32\...\{c6c5a357-c7ca-4a5f-9789-3bb1af579253}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
League of Legends (HKLM-x32\...\{EA8630BD-0DCC-4154-B972-AAA6C8989E1A}) (Version: 4.2.1 - Riot Games) Hidden
League of Legends (HKLM-x32\...\League of Legends 4.2.1) (Version: 4.2.1 - Riot Games)
Live! Cam Sync HD VF0770 Driver (1.00.02.00) (HKLM\...\Creative VF0770) (Version: - Creative Technology Ltd.)
LogMeIn Hamachi (HKLM-x32\...\{892DB406-ADF8-4C30-9840-8438AF5B8763}) (Version: 2.2.0.607 - LogMeIn, Inc.) Hidden
LogMeIn Hamachi (HKLM-x32\...\LogMeIn Hamachi) (Version: 2.2.0.607 - LogMeIn, Inc.)
Microsoft .NET Framework 4.6.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft .NET Framework 4.6.1 (Polski) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1045) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft)
Microsoft Office Enterprise 2007 (HKLM-x32\...\ENTERPRISE) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Security Essentials (HKLM\...\Microsoft Security Client) (Version: 4.10.209.0 - Microsoft Corporation)
Microsoft System CLR Types for SQL Server 2016 (HKLM\...\{96EB5054-C775-4BEF-B7B9-AA96A295EDCD}) (Version: 13.0.1601.5 - Microsoft Corporation)
Microsoft System CLR Types for SQL Server 2016 (HKLM-x32\...\{84C23ECA-FE4D-494F-9247-3EBAD57E7F0C}) (Version: 13.0.1601.5 - Microsoft Corporation)
Microsoft Visio Professional 2016 (HKLM-x32\...\Office16.VISPRO) (Version: 16.0.4266.1001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (HKLM-x32\...\{15134cb0-b767-4960-a911-f2d16ae54797}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x64) - 14.10.25008 (HKLM-x32\...\{f1e7e313-06df-4c56-96a9-99fdfd149c51}) (Version: 14.10.25008.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x86) - 14.10.25008 (HKLM-x32\...\{c239cea1-d49e-4e16-8e87-8c055765f7ec}) (Version: 14.10.25008.0 - Microsoft Corporation)
Microsoft Visual Studio Installer (HKLM\...\{6F320B93-EE3C-4826-85E0-ADF79F8D4C61}) (Version: 1.14.160.1208 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 4.0 (HKLM-x32\...\{2BFC7AA0-544C-4E3A-8796-67F3BE655BE9}) (Version: 4.0.20823.0 - Microsoft Corporation)
Mozilla Firefox 62.0 (x64 pl) (HKLM\...\Mozilla Firefox 62.0 (x64 pl)) (Version: 62.0 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 59.0.2 - Mozilla)
Music Recorder (HKLM-x32\...\{F3949798-3544-433B-B5AB-A61F32F0386F}) (Version: 18.001.2 - Nero AG) Hidden
Notepad++ (32-bit x86) (HKLM-x32\...\Notepad++) (Version: 7.5.1 - Notepad++ Team)
NVIDIA PhysX (HKLM-x32\...\{8B922CF8-8A6C-41CE-A858-F1755D7F5D29}) (Version: 9.12.1031 - NVIDIA Corporation)
OpenAL (HKLM-x32\...\OpenAL) (Version: - )
OpenOffice 4.1.3 (HKLM-x32\...\{4D71C348-C964-442D-B2DB-5160E46FB664}) (Version: 4.13.9783 - Apache Software Foundation)
Oprogramowanie mikroukładu Intel® (HKLM-x32\...\{bb0592a7-5772-4736-9d55-2402740085db}) (Version: 10.1.1.38 - Intel(R) Corporation) Hidden
Origin (HKLM-x32\...\Origin) (Version: 10.5.22.1331 - Electronic Arts, Inc.)
Outils de vérification linguistique 2016 de Microsoft Office - Français (HKLM-x32\...\{90160000-001F-040C-0000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Prerequisite installer (HKLM-x32\...\{EB511CD1-C87C-490D-A7B1-D6C47F57820F}) (Version: 18.0.0003 - Nero AG) Hidden
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.82.317.2014 - Realtek)
Realtek Ethernet Diagnostic Utility (HKLM-x32\...\{DADC7AB0-E554-4705-9F6A-83EA82ED708E}) (Version: 2.0.2.7 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7727 - Realtek Semiconductor Corp.)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.19 - TeamSpeak Systems GmbH)
TeamSpeak 3 Client (HKLM-x32\...\TeamSpeak 3 Client) (Version: 3.0.19 - TeamSpeak Systems GmbH)
TechSmith Screen Capture Codec (HKLM-x32\...\{84FE50F5-B0F3-4D18-8BE8-A4DEEE0C37AD}) (Version: 4.1.1.0 - TechSmith Corporation) Hidden
The Binding of Isaac - Afterbirth Plus version 1.0 (HKLM-x32\...\The Binding of Isaac - Afterbirth Plus_is1) (Version: 1.0 - Nicalis Inc)
TypeScript Power Tool (HKLM-x32\...\{0B693FB7-DF61-44DB-AEAA-E2E30F85A781}) (Version: 2.1.5.0 - Microsoft Corporation) Hidden
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft)
Update for Skype for Business 2016 (KB4032255) 32-Bit Edition (HKLM-x32\...\{90160000-002A-0000-1000-0000000FF1CE}_Office16.VISPRO_{699F991D-0635-4A44-9776-AEE20C6087DC}) (Version: - Microsoft)
VS Script Debugging Common (HKLM\...\{3B64C68E-14E0-4214-A53D-502E9FBD32E7}) (Version: 16.0.59.0 - Microsoft Corporation) Hidden
vs_BlendMsi (HKLM-x32\...\{1070C8E8-4DFB-419F-984A-5C835828897E}) (Version: 15.0.26208 - Microsoft Corporation) Hidden
vs_communitymsi (HKLM-x32\...\{A041943F-C97B-48F6-8F23-C5078F99BB3A}) (Version: 15.0.26323 - Microsoft Corporation) Hidden
vs_communitymsires (HKLM-x32\...\{F9B8B794-3CDD-40F7-B426-F970CC5A3AD4}) (Version: 15.0.26228 - Microsoft Corporation) Hidden
vs_devenvmsi (HKLM-x32\...\{581E5656-26E2-4A02-9711-48C8E4998310}) (Version: 15.0.26208 - Microsoft Corporation) Hidden
vs_filehandler_amd64 (HKLM-x32\...\{15D591B0-7B40-4957-B6C0-EB7452B5AAB6}) (Version: 15.0.26228 - Microsoft Corporation) Hidden
vs_filehandler_x86 (HKLM-x32\...\{DC296244-0701-4EDE-9696-05B9C1D017B3}) (Version: 15.0.26228 - Microsoft Corporation) Hidden
vs_FileTracker_Singleton (HKLM-x32\...\{11230C85-1813-4BC3-9C24-E0B74B59653E}) (Version: 15.0.26208 - Microsoft Corporation) Hidden
vs_minshellinteropmsi (HKLM-x32\...\{9477F337-FD16-4ACA-8217-E2D7A0F92603}) (Version: 15.0.26301 - Microsoft Corporation) Hidden
vs_minshellmsi (HKLM-x32\...\{ACFEA151-D1BE-4114-875A-87328B6002D4}) (Version: 15.0.26315 - Microsoft Corporation) Hidden
vs_minshellmsires (HKLM-x32\...\{372C5668-B386-429E-B345-24851BEA9CA7}) (Version: 15.0.26228 - Microsoft Corporation) Hidden
Vulkan Run Time Libraries 1.0.65.0 (HKLM\...\VulkanRT1.0.65.0) (Version: 1.0.65.0 - LunarG, Inc.) Hidden
Vulkan Run Time Libraries 1.0.65.0 (HKLM\...\VulkanRT1.0.65.0-4) (Version: 1.0.65.0 - LunarG, Inc.) Hidden
Vulkan Run Time Libraries 1.1.70.0 (HKLM\...\VulkanRT1.1.70.0) (Version: 1.1.70.0 - LunarG, Inc.) Hidden
Vulkan Run Time Libraries 1.1.70.0 (HKLM\...\VulkanRT1.1.70.0-4) (Version: 1.1.70.0 - LunarG, Inc.) Hidden
Windows SDK AddOn (HKLM-x32\...\{30DCCFB4-068F-4C5C-BC10-5ECDCAEE55D4}) (Version: 10.1.0.0 - Microsoft Corporation)
Windows Software Development Kit - Windows 10.0.15063.137 (HKLM-x32\...\{a07b4a01-ca27-4e28-9353-f325a308f128}) (Version: 10.1.15063.137 - Microsoft Corporation)
WinRAR 5.40 (32-bitowy) (HKLM-x32\...\WinRAR archiver) (Version: 5.40.0 - win.rar GmbH)
Засоби перевірки правопису Microsoft Office 2016 – українська (HKLM-x32\...\{90160000-001F-0422-0000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Средства проверки правописания Microsoft Office 2016 — русский (HKLM-x32\...\{90160000-001F-0419-0000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
==================== Niestandardowe rejestracje CLSID (filtrowane): ==========================
(Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.)
ShellIconOverlayIdentifiers: [00asw] - & gt; {472083B0-C522-11CF-8763-00608CC02F24} = & gt; - & gt; Brak pliku
ContextMenuHandlers1: [ANotepad++64] - & gt; {B298D29A-A6ED-11DE-BA8C-A68E55D89593} = & gt; C:\Program Files (x86)\Notepad++\NppShell_06.dll [2017-08-29] ()
ContextMenuHandlers1: [EPP] - & gt; {09A47860-11B0-4DA5-AFA5-26D86198A780} = & gt; c:\Program Files\Microsoft Security Client\shellext.dll [2016-11-14] (Microsoft Corporation)
ContextMenuHandlers1: [Image Resizer] - & gt; {51B4D7E5-7568-4234-B4BB-47FB3C016A69} = & gt; C:\Program Files\Image Resizer for Windows\ShellExtensions.dll [2013-02-23] (Brice Lambson)
ContextMenuHandlers1: [WinRAR] - & gt; {B41DB860-64E4-11D2-9906-E49FADC173CA} = & gt; C:\Program Files (x86)\WinRAR\rarext64.dll [2016-09-19] (Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] - & gt; {B41DB860-8EE4-11D2-9906-E49FADC173CA} = & gt; C:\Program Files (x86)\WinRAR\rarext.dll [2016-09-19] (Alexander Roshal)
ContextMenuHandlers2: [EPP] - & gt; {09A47860-11B0-4DA5-AFA5-26D86198A780} = & gt; c:\Program Files\Microsoft Security Client\shellext.dll [2016-11-14] (Microsoft Corporation)
ContextMenuHandlers4: [EPP] - & gt; {09A47860-11B0-4DA5-AFA5-26D86198A780} = & gt; c:\Program Files\Microsoft Security Client\shellext.dll [2016-11-14] (Microsoft Corporation)
ContextMenuHandlers5: [ACE] - & gt; {5E2121EE-0300-11D4-8D3B-444553540000} = & gt; C:\Program Files\AMD\CNext\CNext\atiacm64.dll [2018-07-11] (Advanced Micro Devices, Inc.)
ContextMenuHandlers6: [WinRAR] - & gt; {B41DB860-64E4-11D2-9906-E49FADC173CA} = & gt; C:\Program Files (x86)\WinRAR\rarext64.dll [2016-09-19] (Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] - & gt; {B41DB860-8EE4-11D2-9906-E49FADC173CA} = & gt; C:\Program Files (x86)\WinRAR\rarext.dll [2016-09-19] (Alexander Roshal)
==================== Zaplanowane zadania (filtrowane) =============
(Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.)
Task: {02A81387-CAB7-4F59-9436-F52A2221670B} - System32\Tasks\{4637D4E3-8D68-4F06-B550-89058074D7CA} = & gt; C:\Windows\system32\pcalua.exe -a C:\Users\KubaBuba\Downloads\dotNetFx35setup(1).exe -d C:\Users\KubaBuba\Downloads
Task: {194A10E5-B617-4755-B1E7-BFBFB150E1AE} - System32\Tasks\Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan = & gt; c:\Program Files\Microsoft Security Client\\MpCmdRun.exe [2016-11-14] (Microsoft Corporation)
Task: {1EE181A1-B5BE-4DAB-9888-869EBABD402A} - System32\Tasks\Adobe Flash Player Updater = & gt; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2017-12-05] (Adobe Systems Incorporated)
Task: {443C029E-A71B-4A46-8B35-1B99655FE79B} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 = & gt; C:\Program Files\Microsoft Office\Office16\msoia.exe [2015-07-31] (Microsoft Corporation)
Task: {48898FCD-F013-4B34-A749-EE60F7E9D806} - System32\Tasks\{9D0285A9-D752-4F13-9FBC-20838DDFDA8A} = & gt; C:\Windows\system32\pcalua.exe -a " C:\Program Files (x86)\TeamSpeak 3 Client\package_inst.exe " -d C:\Users\KubaBuba\AppData\Local\Temp -c " C:\Users\KubaBuba\AppData\Local\Temp\ClownfishVoiceChanger-v1.65.ts3_plugin " & lt; ==== UWAGA
Task: {4BCC7262-C1CA-4BF8-9E0B-D716D22A1299} - System32\Tasks\StartCN = & gt; C:\Program Files\AMD\CNext\CNext\cncmd.exe [2018-07-11] (Advanced Micro Devices, Inc.)
Task: {50664129-A9C7-4FA1-BD2D-4A9D13F21560} - System32\Tasks\HPCustPartic.exe_{72058532-45EF-4AB9-A58B-3883396D05D3} = & gt; C:\Program Files\HP\HP DeskJet 3700 series\Bin\HPCustPartic.exe
Task: {52449ED7-4121-4EA2-BB39-FDCA2A2B183B} - System32\Tasks\CCleaner Update = & gt; C:\Program Files\CCleaner\CCUpdate.exe [2017-12-13] (Piriform Ltd)
Task: {54C007C9-11B1-4C3C-B674-C339DB2CED98} - System32\Tasks\{6C8F3C68-FC3C-A710-676A-8D7AE429C901} = & gt; " C:\Program Files\Mozilla Firefox\firefox.exe " hxxp://nwcnewsforuk.com/cl/?guid=20bcrrzpeb7flyx7a5kfoe1di6tucfe4 & prid=1 & pid=4_1408_0
Task: {55F9A8F0-0C78-4484-8E0C-73C9D76A25E2} - System32\Tasks\{6237C893-1C97-49D5-B1B3-47FBF6980F36} = & gt; C:\Windows\system32\pcalua.exe -a F:\SETUP.EXE -d F:\
Task: {5789F1AC-59EA-4D4A-9052-6E20BE47B9D4} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat = & gt; C:\Program Files\Common Files\Microsoft Shared\Office16\OLicenseHeartbeat.exe
Task: {62D901FF-42F3-4D51-A814-BF5D137AB49F} - System32\Tasks\Adobe Acrobat Update Task = & gt; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2018-03-21] (Adobe Systems Incorporated)
Task: {6BFAAE7F-89A9-4A98-A081-827D77665B49} - System32\Tasks\GoogleUpdateTaskMachineCore = & gt; C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2018-04-11] (Google Inc.)
Task: {7346596F-0429-477B-8D3B-D3FCC7FB3A06} - System32\Tasks\GoogleUpdateTaskMachineUA = & gt; C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2018-04-11] (Google Inc.)
Task: {8182A29B-8797-4256-A51C-0FDE4C18ED90} - System32\Tasks\{1A107EF2-B15C-95F9-DB7F-A4002A3AD437} = & gt; C:\Program Files (x86)\Common Files\ugsOei.exe [2009-07-14] (Microsoft Corporation)
Task: {81940D74-ADDD-4CB9-8584-677B1C7CE865} - System32\Tasks\{9B71E3E8-FCCC-BC23-BC1D-5C72B9127EAB} = & gt; C:\Users\KubaBuba\AppData\Roaming\eAvar.exe [2009-07-14] (Microsoft Corporation) & lt; ==== UWAGA
Task: {A8AE0BC8-AE87-4C67-8D7D-F986E80346F0} - System32\Tasks\{C7A87094-147B-45B2-B5BF-9BC79AF7F281} = & gt; C:\Windows\system32\pcalua.exe -a C:\Win7_x64.exe -d C:\
Task: {CC9F7619-701E-495B-8380-AF3B03ED6CF8} - System32\Tasks\CCleanerSkipUAC = & gt; C:\Program Files\CCleaner\CCleaner.exe [2017-12-13] (Piriform Ltd)
Task: {E6CE94B5-F5EB-4FC8-8B28-53387511530C} - System32\Tasks\{F2FACF37-D2A9-4628-B2F1-9767C1B6CA9C} = & gt; C:\Riot Games\League of Legends\LeagueClient.exe [2018-08-29] ()
Task: {EED0C12B-C6FE-4FCE-9496-2D894EFB3220} - System32\Tasks\{C8F62C1C-84AB-4E46-A395-CEE105BF1E58} = & gt; C:\Windows\system32\pcalua.exe -a C:\Users\KubaBuba\Downloads\TheVulcanoQuestPL.exe -d C:\Users\KubaBuba\Downloads
Task: {F11E26CB-515E-4F58-BC86-0F690BE3A51F} - System32\Tasks\{5163DAB2-58B0-4A40-82FB-3F7DFA3EA092} = & gt; C:\Windows\system32\pcalua.exe -a D:\Drivers\E534A\Win7_x64.exe -d D:\Drivers\E534A
Task: {F1989CDC-0B2A-42A4-B232-D39CC23ACAEA} - System32\Tasks\StartDVR = & gt; C:\Program Files\AMD\CNext\CNext\dvrcmd.exe [2018-07-11] (Advanced Micro Devices, Inc.)
Task: {FFAA5EEC-5A94-40FD-A809-A664EEF5E279} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 = & gt; C:\Program Files\Microsoft Office\Office16\msoia.exe [2015-07-31] (Microsoft Corporation)
(Załączenie wejścia w fixlist spowoduje przesunięcie pliku zadania (.job). Plik uruchamiany docelowo przez zadanie nie zostanie przeniesiony.)
==================== Skróty & WMI ========================
(Wybrane wejścia mogą zostać załączone w celu ich zresetowania lub usunięcia.)
==================== Załadowane moduły (filtrowane) ==============
2017-07-11 06:59 - 2017-07-11 06:59 - 008911560 _____ () C:\Program Files\Microsoft Office\Office16\1033\GrooveIntlResource.dll
2017-08-29 02:43 - 2017-08-29 02:43 - 000230064 _____ () C:\Program Files (x86)\Notepad++\NppShell_06.dll
==================== Alternate Data Streams (filtrowane) =========
(Załączenie wejścia w fixlist spowoduje usunięcie strumienia ADS.)
==================== Tryb awaryjny (filtrowane) ===================
(Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Wartość " AlternateShell " zostanie przywrócona.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Hamachi2Svc = & gt; " " = " Service "
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Option = & gt; " OptionValue " = " 2 "
==================== Powiązania plików (filtrowane) ===============
(Załączenie wejścia w fixlist spowoduje usunięcie obiektu z rejestru lub przywrócenie jego domyślnej postaci.)
==================== Internet Explorer - Witryny zaufane i z ograniczeniami ===============
(Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru.)
==================== Hosts - zawartość: ==========================
(Użycie dyrektywy Hosts: w fixlist spowoduje reset pliku Hosts.)
2009-07-14 04:34 - 2017-03-13 20:43 - 000000950 _____ C:\Windows\system32\Drivers\etc\hosts
127.0.0.1 activation.cloud.techsmith.com
127.0.0.1 65.52.240.48
127.0.0.1 69.167.144.18
127.0.0.1 oscount.techsmith.com
==================== Inne obszary ============================
(Obecnie brak automatycznej naprawy dla tej sekcji.)
HKU\S-1-5-21-2593294678-4074417021-530637614-1000\Control Panel\Desktop\\Wallpaper - & gt;
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System = & gt; (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Zapora systemu Windows [funkcja wyłączona]
==================== MSCONFIG/TASK MANAGER - Wyłączone elementy ==
MSCONFIG\Services: AdobeARMservice = & gt; 2
MSCONFIG\Services: AdobeFlashPlayerUpdateSvc = & gt; 3
MSCONFIG\Services: AMD External Events Utility = & gt; 2
MSCONFIG\Services: AUEPLauncher = & gt; 2
MSCONFIG\Services: BEService = & gt; 3
MSCONFIG\Services: CmdAgent = & gt; 2
MSCONFIG\Services: cmdvirth = & gt; 3
MSCONFIG\Services: Disc Soft Lite Bus Service = & gt; 3
MSCONFIG\Services: EvoSvc = & gt; 3
MSCONFIG\Services: gupdate = & gt; 2
MSCONFIG\Services: gupdatem = & gt; 3
MSCONFIG\Services: Hamachi2Svc = & gt; 2
MSCONFIG\Services: isesrv = & gt; 2
MSCONFIG\Services: LMIGuardianSvc = & gt; 2
MSCONFIG\Services: MozillaMaintenance = & gt; 3
MSCONFIG\Services: NAUpdate = & gt; 2
MSCONFIG\Services: Origin Client Service = & gt; 3
MSCONFIG\Services: Origin Web Helper Service = & gt; 2
MSCONFIG\Services: SkypeUpdate = & gt; 2
MSCONFIG\Services: Steam Client Service = & gt; 3
MSCONFIG\startupfolder: C:^Users^KubaBuba^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Monitoruj alerty dotyczące pojemnika z tuszem - HP DJ 3700 series.lnk = & gt; C:\Windows\pss\Monitoruj alerty dotyczące pojemnika z tuszem - HP DJ 3700 series.lnk.Startup
MSCONFIG\startupreg: Aimersoft Helper Compact.exe = & gt; C:\Program Files (x86)\Common Files\Aimersoft\Aimersoft Helper Compact\ASHelper.exe
MSCONFIG\startupreg: CCleaner Monitoring = & gt; " C:\Program Files\CCleaner\CCleaner64.exe " /MONITOR
MSCONFIG\startupreg: COMODO Internet Security = & gt; C:\Program Files\COMODO\COMODO Internet Security\cistray.exe
MSCONFIG\startupreg: DAEMON Tools Lite Automount = & gt; " C:\Program Files\DAEMON Tools Lite\DTAgent.exe " -autorun
MSCONFIG\startupreg: Discord = & gt; C:\Users\KubaBuba\AppData\Local\Discord\app-0.0.297\Discord.exe
MSCONFIG\startupreg: EADM = & gt; " C:\Program Files (x86)\Origin\Origin.exe " -AutoStart
MSCONFIG\startupreg: EvolveClient = & gt; " C:\Program Files\Echobit\Evolve\EvolveClient.exe " -autorun
MSCONFIG\startupreg: GrooveMonitor = & gt; " C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe "
MSCONFIG\startupreg: IseUI = & gt; C:\Program Files (x86)\COMODO\Internet Security Essentials\vkise.exe
MSCONFIG\startupreg: LogMeIn Hamachi Ui = & gt; " C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe " --auto-start
MSCONFIG\startupreg: Skype = & gt; " C:\Program Files (x86)\Skype\Phone\Skype.exe " /minimized /regrun
MSCONFIG\startupreg: Skype for Desktop = & gt; C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe
MSCONFIG\startupreg: Steam = & gt; " C:\Program Files (x86)\Steam\steam.exe " -silent
MSCONFIG\startupreg: SunJavaUpdateSched = & gt; " C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe "
MSCONFIG\startupreg: USB3MON = & gt; " C:\Program Files (x86)\Intel\Intel(R) USB 3.0 3.1 eXtensible Host Controller Driver\Application\iusb3mon.exe "
MSCONFIG\startupreg: V0770Mon.exe = & gt; C:\Windows\V0770Mon.exe
MSCONFIG\startupreg: World of Tanks = & gt; " C:\Games\World_of_Tanks\WargamingGameUpdater.exe "
==================== Reguły Zapory systemu Windows (filtrowane) ===============
(Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.)
FirewallRules: [TCP Query User{FE4D985F-3423-4D1C-A7E7-90E710AE2890}C:\games\world_of_tanks\worldoftanks.exe] = & gt; (Allow) C:\games\world_of_tanks\worldoftanks.exe
FirewallRules: [UDP Query User{ACC09D1E-C452-4C02-B660-A41780DA2051}C:\games\world_of_tanks\worldoftanks.exe] = & gt; (Allow) C:\games\world_of_tanks\worldoftanks.exe
FirewallRules: [TCP Query User{A927C048-0BFF-411B-82C9-43478310A9DA}C:\games\world_of_tanks\wotlauncher.exe] = & gt; (Block) C:\games\world_of_tanks\wotlauncher.exe
FirewallRules: [UDP Query User{C899E02B-5B70-443A-A8B1-D575CF08D1FC}C:\games\world_of_tanks\wotlauncher.exe] = & gt; (Block) C:\games\world_of_tanks\wotlauncher.exe
FirewallRules: [{1AFB3684-6B09-40B3-86A2-A6B4E96935D9}] = & gt; (Allow) C:\Users\KubaBuba\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{62F20C3D-8FDF-4121-86C6-AC1FF05A3E3C}] = & gt; (Allow) C:\Users\KubaBuba\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{D84FF7BA-84D8-4487-8F92-6ED86E7DF15E}] = & gt; (Allow) C:\Users\KubaBuba\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{91E81C22-EDA8-4981-935B-8E83DE150AED}] = & gt; (Allow) C:\Users\KubaBuba\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{29D7B575-7241-4F04-A240-EA262A6C04E4}] = & gt; (Allow) C:\Users\KubaBuba\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{A0C3DE1B-747A-4900-AA42-2A726305A139}] = & gt; (Allow) C:\Users\KubaBuba\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{5DBA4FF7-EA33-45A4-9405-1CF36441CE84}] = & gt; (Allow) C:\Program Files (x86)\Nero\Nero 2017\Nero Burning ROM\StartNBR.exe
FirewallRules: [{5477268C-A610-4AE3-8146-E1BD62A88598}] = & gt; (Allow) C:\Program Files (x86)\Nero\Nero 2017\Nero MediaHome\NMDllHost.exe
FirewallRules: [{46B022B1-077C-49BD-8010-9A4BC5C5BD7B}] = & gt; (Allow) C:\Program Files (x86)\Nero\Nero 2017\Nero MediaHome\MediaHome.exe
FirewallRules: [{595D1DD9-544E-4470-BCC0-468C7ED51611}] = & gt; (Allow) C:\Program Files (x86)\Nero\Nero 2017\Nero Burning ROM\nero.exe
FirewallRules: [{705E7482-49DE-4D70-AFD8-4237EA60BE24}] = & gt; (Block) LPort=8317
FirewallRules: [{038B2C5C-3777-4EC9-AB71-8D060C4C8AE1}] = & gt; (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{CF4CB447-4517-4CFE-A08D-F50CA4C059C1}] = & gt; (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{D9FF0EDE-436F-483C-9B28-2E42A9A9D762}] = & gt; (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{50F9BEC5-5BF7-41AA-B65B-1D99DF953EBE}] = & gt; (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{2E253610-9E6F-4ACF-B4E5-53764451E9A0}] = & gt; (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{90A4B94F-1FF1-4CDF-B6E9-38F86191C5BE}] = & gt; (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{1AA89587-A225-472C-A061-809A49A09601}] = & gt; (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{D3FAD5F4-403F-4A3D-A33F-31A51011C05E}] = & gt; (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [TCP Query User{EF4C40F8-CF43-4FCF-8561-737DD260169B}C:\program files (x86)\java\jre1.8.0_121\bin\javaw.exe] = & gt; (Block) C:\program files (x86)\java\jre1.8.0_121\bin\javaw.exe
FirewallRules: [UDP Query User{4C7DBF57-3EF6-45B9-83F1-D512D203BCA8}C:\program files (x86)\java\jre1.8.0_121\bin\javaw.exe] = & gt; (Block) C:\program files (x86)\java\jre1.8.0_121\bin\javaw.exe
FirewallRules: [TCP Query User{E324E507-3CB5-4814-B58F-AE9604E3CEB7}C:\windows\syswow64\dplaysvr.exe] = & gt; (Allow) C:\windows\syswow64\dplaysvr.exe
FirewallRules: [UDP Query User{8D070458-8EA9-4890-A905-A16BB222969C}C:\windows\syswow64\dplaysvr.exe] = & gt; (Allow) C:\windows\syswow64\dplaysvr.exe
FirewallRules: [{347C5020-8BDD-44B4-8D56-AA116FE4D6A1}] = & gt; (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{54A41977-5129-4A90-908B-43C65D73E600}] = & gt; (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{107A6864-A488-4F9A-814D-0293D987EE8B}] = & gt; (Allow) C:\Program Files\HP\HP DeskJet 3700 series\Bin\DeviceSetup.exe
FirewallRules: [{47E36273-83C8-4751-B250-6505C376C265}] = & gt; (Allow) LPort=5357
FirewallRules: [{D442053B-E273-4844-A923-E3BA278117CF}] = & gt; (Allow) C:\Program Files\HP\HP DeskJet 3700 series\Bin\HPNetworkCommunicatorCom.exe
FirewallRules: [{3A699319-D9F4-4F7A-9179-9F2690580771}] = & gt; (Allow) C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{A4879733-7799-48FE-8B64-54121380EB3D}] = & gt; (Allow) C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{CDA4F7E8-2335-4075-999A-2F3126F8D6EA}] = & gt; (Allow) C:\Program Files (x86)\Origin Games\Battlefield 1\bf1Trial.exe
FirewallRules: [{2C6C0059-DB5B-4C08-AF0C-5103927463D1}] = & gt; (Allow) C:\Program Files (x86)\Origin Games\Battlefield 1\bf1Trial.exe
FirewallRules: [{E2BF5BC5-125C-44E0-B32B-37748575FDD1}] = & gt; (Allow) C:\Program Files (x86)\Origin Games\Battlefield 1\bf1.exe
FirewallRules: [{6CE0D9DE-279B-4259-BD4C-33ADB70C7FFC}] = & gt; (Allow) C:\Program Files (x86)\Origin Games\Battlefield 1\bf1.exe
FirewallRules: [{48B0C7BA-44C1-46D4-9C41-04CC84EE0E05}] = & gt; (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [TCP Query User{79C29C09-3CB6-4A67-BDA0-7A0E91D028FA}C:\program files (x86)\hearthstone\hearthstone.exe] = & gt; (Allow) C:\program files (x86)\hearthstone\hearthstone.exe
FirewallRules: [UDP Query User{DC88D68C-2C76-4DD6-BA8D-849B16A2BD8F}C:\program files (x86)\hearthstone\hearthstone.exe] = & gt; (Allow) C:\program files (x86)\hearthstone\hearthstone.exe
FirewallRules: [TCP Query User{19AC52FB-2ECB-4916-9541-8574CF65BB12}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.159\deploy\leagueclient.exe] = & gt; (Allow) C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.159\deploy\leagueclient.exe
FirewallRules: [UDP Query User{13EEB021-8FF5-4B06-97C3-27FAFF2B41E2}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.159\deploy\leagueclient.exe] = & gt; (Allow) C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.159\deploy\leagueclient.exe
FirewallRules: [TCP Query User{3506330F-93EA-40E8-A98B-728309BF3C9D}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.160\deploy\leagueclient.exe] = & gt; (Allow) C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.160\deploy\leagueclient.exe
FirewallRules: [UDP Query User{0EE5F58C-7E93-4E66-87D7-CB957EE210CA}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.160\deploy\leagueclient.exe] = & gt; (Allow) C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.160\deploy\leagueclient.exe
FirewallRules: [{DBAC0B30-EB41-4A5E-9162-32FD10AE7D72}] = & gt; (Allow) C:\Program Files\Echobit\Evolve\EvoSvc.exe
FirewallRules: [{71C39B49-24FA-41CF-A9CB-FB8272CEA154}] = & gt; (Allow) C:\Program Files\Echobit\Evolve\EvolveClient.exe
FirewallRules: [{5636EC47-BCC3-4C29-A1FA-18391349FC6C}] = & gt; (Allow) C:\Windows\SysWOW64\msiexec.exe
FirewallRules: [{25A2D7DA-8BD2-429C-B05D-5038CE11A87D}] = & gt; (Allow) C:\Users\KubaBuba\AppData\Roaming\eAvar.exe
FirewallRules: [{4A0ABEEB-84A9-4885-A883-527F55060084}] = & gt; (Allow) C:\Program Files (x86)\Common Files\ugsOei.exe
FirewallRules: [{1FAEBE2A-A474-4345-B3C5-F23F624EB486}] = & gt; (Allow) C:\Windows\SysWOW64\svchost.exe
FirewallRules: [TCP Query User{B72EEE65-B2D0-44E2-B08E-0898C95861D5}C:\games\dont starve together v280490\bin\dontstarve_dedicated_server_nullrenderer.exe] = & gt; (Allow) C:\games\dont starve together v280490\bin\dontstarve_dedicated_server_nullrenderer.exe
FirewallRules: [UDP Query User{DEBA7995-103B-48D0-9BB6-78A7D99F8FEA}C:\games\dont starve together v280490\bin\dontstarve_dedicated_server_nullrenderer.exe] = & gt; (Allow) C:\games\dont starve together v280490\bin\dontstarve_dedicated_server_nullrenderer.exe
FirewallRules: [{DE75CBB7-CD6E-493C-B1E2-9FCC14A65195}] = & gt; (Allow) C:\Games\Dont Starve Together v280490\bin\dontstarve_steam.exe
FirewallRules: [{77058429-A794-4E0D-B73B-82B9C338BD01}] = & gt; (Allow) C:\Games\Dont Starve Together v280490\bin\dontstarve_steam.exe
FirewallRules: [{F678E303-5A08-4B67-9DC2-D9F6AC44F321}] = & gt; (Allow) C:\Windows\SysWOW64\svchost.exe
FirewallRules: [{7C477938-D461-42FC-B828-5F6562249843}] = & gt; (Allow) C:\Windows\SysWOW64\svchost.exe
FirewallRules: [{1004121B-06CD-4ECF-8F7D-CC3824AF2CDA}] = & gt; (Allow) C:\Windows\SysWOW64\svchost.exe
FirewallRules: [{7F41385A-F358-422C-BF3B-B57D046EE688}] = & gt; (Allow) C:\Windows\SysWOW64\svchost.exe
FirewallRules: [{7EBCE23E-86F4-423E-9701-97213C7F7B79}] = & gt; (Allow) C:\Windows\SysWOW64\svchost.exe
FirewallRules: [{A88785C5-F4A0-4DFF-9F46-E49C04459105}] = & gt; (Allow) C:\Windows\SysWOW64\svchost.exe
FirewallRules: [{B8B142CB-4AC6-47C4-A029-65DCB02EB1EE}] = & gt; (Allow) C:\Windows\SysWOW64\svchost.exe
FirewallRules: [{74500899-490E-422F-8EE0-B8FF745A7BAA}] = & gt; (Allow) C:\Windows\SysWOW64\svchost.exe
FirewallRules: [{E6C4C724-A6BE-468B-A216-CD46A0CBF94A}] = & gt; (Allow) C:\Windows\SysWOW64\svchost.exe
FirewallRules: [{00AB71DB-0F93-4AF9-A970-87A8FD957DB6}] = & gt; (Allow) C:\Windows\SysWOW64\svchost.exe
FirewallRules: [{C0D8F7DF-ABE5-4A84-955E-0212B5ED3AA8}] = & gt; (Allow) C:\Windows\SysWOW64\svchost.exe
FirewallRules: [{755C4DCE-B9D1-4474-A545-84441737C95E}] = & gt; (Allow) C:\Windows\SysWOW64\tracert.exe
FirewallRules: [{B35342C9-5D88-4D88-A4AB-DF28DD80987E}] = & gt; (Allow) C:\Windows\SysWOW64\svchost.exe
FirewallRules: [{4692845C-2FDF-4825-A9D2-08684CCD88CB}] = & gt; (Allow) C:\Windows\SysWOW64\svchost.exe
FirewallRules: [{781A2033-E2B5-4AF9-A787-7D10D530E9AB}] = & gt; (Allow) C:\Windows\SysWOW64\svchost.exe
FirewallRules: [{FF188904-7EC7-4948-A5DC-92EB244FB28B}] = & gt; (Allow) C:\Windows\SysWOW64\svchost.exe
FirewallRules: [{97257C51-6AFB-4CDD-8068-83BC9942A528}] = & gt; (Allow) C:\Windows\SysWOW64\svchost.exe
FirewallRules: [{F6E14C77-C3CC-4D9C-A658-5109F4CE75A8}] = & gt; (Allow) C:\Windows\SysWOW64\svchost.exe
FirewallRules: [{0B8370B7-9D7C-4D53-9291-5FB924D6A39A}] = & gt; (Allow) C:\Windows\SysWOW64\svchost.exe
FirewallRules: [{1209A817-A573-430C-9C43-81697C5E1207}] = & gt; (Allow) C:\Windows\SysWOW64\tracert.exe
FirewallRules: [{93BB82E2-FC34-4BCB-BB4B-EA47D21EDEA3}] = & gt; (Allow) C:\Windows\SysWOW64\svchost.exe
FirewallRules: [{E3268B12-6D5B-47F4-AF97-449F635A25E1}] = & gt; (Allow) C:\Windows\SysWOW64\svchost.exe
FirewallRules: [{D6DB03FA-3185-43D9-BA77-ACA08B7F951C}] = & gt; (Allow) C:\Windows\SysWOW64\svchost.exe
FirewallRules: [{2988FAB2-DA08-4E74-8E40-DF8C00A78BF1}] = & gt; (Allow) C:\Windows\SysWOW64\svchost.exe
FirewallRules: [{ECD053C7-088B-45A8-B912-CF575EC7FB19}] = & gt; (Allow) C:\Windows\SysWOW64\svchost.exe
FirewallRules: [{61B7C585-6950-439A-B1A4-37A7DA42D607}] = & gt; (Allow) C:\Windows\SysWOW64\svchost.exe
FirewallRules: [{E630D08F-1EDE-401B-A2C9-754C8FCB3BB9}] = & gt; (Allow) C:\Windows\SysWOW64\svchost.exe
FirewallRules: [{744EDEF7-2616-4F48-90ED-624973575969}] = & gt; (Allow) C:\Windows\SysWOW64\svchost.exe
==================== Punkty Przywracania systemu =========================
UWAGA: Przywracanie systemu jest wyłączone
==================== Wadliwe urządzenia w Menedżerze urządzeń =============
Name: Security Processor Loader Driver
Description: Security Processor Loader Driver
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: spldr
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.
==================== Błędy w Dzienniku zdarzeń: =========================
Dziennik Aplikacja:
==================
Error: (09/08/2018 10:27:29 AM) (Source: Winlogon) (EventID: 4103) (User: )
Description: Aktywacja licencji systemu Windows nie powiodła się. Błąd 0x00000000.
Error: (09/08/2018 10:27:29 AM) (Source: Software Protection Platform Service) (EventID: 8198) (User: )
Description: Wystąpił błąd aktywacji licencji (slui.exe), kod błędu:
0x8007043C
Error: (09/07/2018 07:02:07 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Program firefox.exe w wersji 62.0.0.6816 zatrzymał interakcję z systemem Windows i został zamknięty. Aby zobaczyć, czy jest dostępnych więcej informacji dotyczących tego problemu, sprawdź historię problemu w panelu sterowania Centrum akcji.
Identyfikator procesu: 13a8
Godzina rozpoczęcia: 01d446c7e1e4acd4
Godzina zakończenia: 63
Ścieżka aplikacji: C:\Program Files\Mozilla Firefox\firefox.exe
Identyfikator raportu: bd5f0aac-b2bf-11e8-87e9-fcaa142401f2
Error: (09/07/2018 04:21:15 PM) (Source: Wininit) (EventID: 1015) (User: )
Description: Błąd krytycznego procesu systemowego C:\Windows\system32\lsass.exe z kodem stanu 1. Komputer musi być ponownie uruchomiony.
Error: (09/07/2018 04:09:52 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nazwa aplikacji powodującej błąd: AUEPMaster.exe, wersja: 1820.19.1.24940, sygnatura czasowa: 0x5b464399
Nazwa modułu powodującego błąd: KERNELBASE.dll, wersja: 6.1.7601.24214, sygnatura czasowa: 0x5b627020
Kod wyjątku: 0xe0434352
Przesunięcie błędu: 0x0000c54f
Identyfikator procesu powodującego błąd: 0x16e8
Godzina uruchomienia aplikacji powodującej błąd: 0x01d446b46a2626bb
Ścieżka aplikacji powodującej błąd: C:\Program Files (x86)\AMD\Performance Profile Client\AUEPMaster.exe
Ścieżka modułu powodującego błąd: C:\Windows\syswow64\KERNELBASE.dll
Identyfikator raportu: b0051924-b2a7-11e8-bf80-fcaa142401f2
Error: (09/07/2018 04:09:52 PM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Aplikacja: AUEPMaster.exe
Wersja architektury: v4.0.30319
Opis: proces został przerwany z powodu nieobsłużonego wyjątku.
Informacje o wyjątku: System.Security.Principal.IdentityNotMappedException
w System.Security.Principal.NTAccount.Translate(System.Security.Principal.IdentityReferenceCollection, System.Type, Boolean)
w System.Security.Principal.NTAccount.Translate(System.Type)
w System.Security.AccessControl.CommonObjectSecurity.ModifyAccess(System.Security.AccessControl.AccessControlModification, System.Security.AccessControl.AccessRule, Boolean ByRef)
w System.Security.AccessControl.CommonObjectSecurity.AddAccessRule(System.Security.AccessControl.AccessRule)
w System.IO.Pipes.PipeSecurity.AddAccessRule(System.IO.Pipes.PipeAccessRule)
w PPCM.PipeData.StartServer()
w System.Threading.ThreadHelper.ThreadStart_Context(System.Object)
w System.Threading.ExecutionContext.RunInternal(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
w System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
w System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object)
w System.Threading.ThreadHelper.ThreadStart()
Error: (09/07/2018 04:04:28 PM) (Source: Winlogon) (EventID: 4103) (User: )
Description: Aktywacja licencji systemu Windows nie powiodła się. Błąd 0x00000000.
Error: (09/07/2018 04:04:26 PM) (Source: Software Protection Platform Service) (EventID: 8198) (User: )
Description: Wystąpił błąd aktywacji licencji (slui.exe), kod błędu:
0x8007043C
Dziennik System:
=============
Error: (09/08/2018 10:27:37 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Usługa Przeglądarka komputera zależy od usługi Serwer, której nie można uruchomić z powodu następującego błędu:
Uruchomienie usługi zależności lub grupy nie powiodło się.
Error: (09/08/2018 10:27:37 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Usługa Przeglądarka komputera zależy od usługi Serwer, której nie można uruchomić z powodu następującego błędu:
Uruchomienie usługi zależności lub grupy nie powiodło się.
Error: (09/08/2018 10:27:37 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Usługa Przeglądarka komputera zależy od usługi Serwer, której nie można uruchomić z powodu następującego błędu:
Uruchomienie usługi zależności lub grupy nie powiodło się.
Error: (09/08/2018 10:27:37 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Usługa Przeglądarka komputera zależy od usługi Serwer, której nie można uruchomić z powodu następującego błędu:
Uruchomienie usługi zależności lub grupy nie powiodło się.
Error: (09/08/2018 10:27:37 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Usługa Przeglądarka komputera zależy od usługi Serwer, której nie można uruchomić z powodu następującego błędu:
Uruchomienie usługi zależności lub grupy nie powiodło się.
Error: (09/08/2018 10:27:37 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Usługa Przeglądarka komputera zależy od usługi Serwer, której nie można uruchomić z powodu następującego błędu:
Uruchomienie usługi zależności lub grupy nie powiodło się.
Error: (09/08/2018 10:27:38 AM) (Source: DCOM) (EventID: 10005) (User: )
Description: Model DCOM odebrał błąd 1084 podczas próby uruchomienia usługi WSearch z argumentami w celu uruchomienia serwera:
{9E175B6D-F52A-11D8-B9A5-505054503030}
Error: (09/08/2018 10:27:38 AM) (Source: DCOM) (EventID: 10005) (User: )
Description: Model DCOM odebrał błąd 1084 podczas próby uruchomienia usługi WSearch z argumentami w celu uruchomienia serwera:
{7D096C5F-AC08-4F1F-BEB7-5C22C517CE39}
CodeIntegrity:
===================================
Date: 2017-09-26 16:47:58.827
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\api-ms-win-core-synch-l1-2-0.dll because the set of per-page image hashes could not be found on the system.
Date: 2017-09-26 16:47:58.768
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\api-ms-win-core-synch-l1-2-0.dll because the set of per-page image hashes could not be found on the system.
Date: 2017-09-26 16:13:46.081
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\api-ms-win-core-synch-l1-2-0.dll because the set of per-page image hashes could not be found on the system.
Date: 2017-09-26 16:13:46.034
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\api-ms-win-core-synch-l1-2-0.dll because the set of per-page image hashes could not be found on the system.
Date: 2017-09-25 20:17:16.577
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\api-ms-win-core-synch-l1-2-0.dll because the set of per-page image hashes could not be found on the system.
Date: 2017-09-25 20:17:16.522
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\api-ms-win-core-synch-l1-2-0.dll because the set of per-page image hashes could not be found on the system.
Date: 2017-09-25 15:58:36.424
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\api-ms-win-core-synch-l1-2-0.dll because the set of per-page image hashes could not be found on the system.
Date: 2017-09-25 15:58:36.393
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\api-ms-win-core-synch-l1-2-0.dll because the set of per-page image hashes could not be found on the system.
==================== Statystyki pamięci ===========================
Procesor: Intel(R) Core(TM) i3-4160 CPU @ 3.60GHz
Procent pamięci w użyciu: 22%
Całkowita pamięć fizyczna: 8142.12 MB
Dostępna pamięć fizyczna: 6284.64 MB
Całkowita pamięć wirtualna: 16282.38 MB
Dostępna pamięć wirtualna: 14485.8 MB
==================== Dyski ================================
Drive c: () (Fixed) (Total:931.41 GB) (Free:625.66 GB) NTFS
\\?\Volume{0d54f543-da96-11e6-8150-806e6f6e6963}\ (Zastrzeżone przez system) (Fixed) (Total:0.1 GB) (Free:0.07 GB) NTFS
==================== MBR & Tablica partycji ==================
========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 931.5 GB) (Disk ID: F2D8BF5E)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=931.4 GB) - (Type=07 NTFS)
==================== Koniec Addition.txt ============================