Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- Additional scan result of Farbar Recovery Scan Tool (x64) Version: 24-12-2019 01
- Ran by Rzychu (01-01-2020 19:53:06)
- Running from E:\
- Windows 10 Pro Version 1903 18362.535 (X64) (2019-06-14 20:20:35)
- Boot Mode: Normal
- ==========================================================
- ==================== Accounts: =============================
- Administrator (S-1-5-21-2846184411-462228645-4040623696-500 - Administrator - Disabled)
- DefaultAccount (S-1-5-21-2846184411-462228645-4040623696-503 - Limited - Disabled)
- Guest (S-1-5-21-2846184411-462228645-4040623696-501 - Limited - Disabled)
- kuba2 (S-1-5-21-2846184411-462228645-4040623696-1002 - Limited - Disabled)
- Rzychu (S-1-5-21-2846184411-462228645-4040623696-1001 - Administrator - Enabled) => C:\Users\Rzychu
- WDAGUtilityAccount (S-1-5-21-2846184411-462228645-4040623696-504 - Limited - Disabled)
- ==================== Security Center ========================
- (If an entry is included in the fixlist, it will be removed.)
- AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
- AV: COMODO Antivirus (Disabled - Out of date) {05AFA9EE-1ABD-A226-D250-B41671D7635C}
- AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
- ==================== Installed Programs ======================
- (Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
- Adobe Flash Player 32 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 32.0.0.238 - Adobe)
- Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment)
- BitComet 1.54 (HKLM-x32\...\BitComet_x64) (Version: 1.54 - CometNetwork)
- BlueStacks App Player (HKLM\...\BlueStacks) (Version: 4.140.12.1002 - BlueStack Systems, Inc.)
- CPUID HWMonitor 1.37 (HKLM\...\CPUID HWMonitor_is1) (Version: 1.37 - CPUID, Inc.)
- Discord (HKU\S-1-5-21-2846184411-462228645-4040623696-1001\...\Discord) (Version: 0.0.305 - Discord Inc.)
- GIMP 2.10.12 (HKLM\...\GIMP-2_is1) (Version: 2.10.12 - The GIMP Team)
- Grand Theft Auto V (HKLM-x32\...\{5EFC6C07-6B87-43FC-9524-F9E967241741}) (Version: "1.0.0.10" - Rockstar Games)
- Hearthstone (HKLM-x32\...\Hearthstone) (Version: - Blizzard Entertainment)
- Intel(R) Network Connections 23.1.100.0 (HKLM\...\PROSetDX) (Version: 23.1.100.0 - Intel)
- Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 15.7.0.1014 - Intel Corporation)
- Java 8 Update 211 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180211F0}) (Version: 8.0.2110.12 - Oracle Corporation)
- L.A. Noire PL [BDIP] wersja 1.01 (HKLM-x32\...\{C863E3ED-F40F-411B-925D-87824CC81DCF}_is1) (Version: 1.01 - BDIP)
- League of Legends (HKLM-x32\...\League of Legends 1.0) (Version: 1.0 - Riot Games, Inc)
- Logitech Camera Settings (HKLM-x32\...\LogiUCDPP) (Version: 2.5.17.0 - Logitech Europe S.A.)
- Logitech Gaming Software 9.02 (HKLM\...\Logitech Gaming Software) (Version: 9.02.65 - Logitech Inc.)
- Logitech Webcam Software (HKLM-x32\...\{D40EB009-0499-459c-A8AF-C9C110766215}) (Version: 2.80 - Logitech Inc.)
- Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{42AA4CA8-DCD8-4308-BCAB-0B6D75856A9D}) (Version: 3.5.95.0 - Microsoft Corporation)
- Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
- Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
- Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
- Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
- Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
- Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
- Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
- Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
- Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
- Microsoft Visual C++ 2015-2019 Redistributable (x64) - 14.22.27821 (HKLM-x32\...\{6361b579-2795-4886-b2a8-53d5239b6452}) (Version: 14.22.27821.0 - Microsoft Corporation)
- Microsoft Visual C++ 2015-2019 Redistributable (x86) - 14.22.27821 (HKLM-x32\...\{5bfc1380-fd35-4b85-9715-7351535d077e}) (Version: 14.22.27821.0 - Microsoft Corporation)
- Microsoft Word 2010 (HKLM\...\Office14.WORD) (Version: 14.0.4763.1000 - Microsoft Corporation)
- Minecraft Launcher (HKLM-x32\...\{CFF44AE9-2908-4D7D-B48B-1CB5139015C7}) (Version: 1.0.0.0 - Mojang)
- Mozilla Firefox 71.0 (x64 pl) (HKLM\...\Mozilla Firefox 71.0 (x64 pl)) (Version: 71.0 - Mozilla)
- Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 68.0.1 - Mozilla)
- NVAPI Monitor plugin for NvContainer (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvContainer.NvapiMonitor) (Version: 1.19 - NVIDIA Corporation) Hidden
- NVIDIA GeForce Experience 3.20.0.118 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.20.0.118 - NVIDIA Corporation)
- NVIDIA Graphics Driver 436.48 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 436.48 - NVIDIA Corporation)
- NVIDIA HD Audio Driver 1.3.38.21 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.38.21 - NVIDIA Corporation)
- NVIDIA PhysX System Software 9.19.0218 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.19.0218 - NVIDIA Corporation)
- OpenAL (HKLM-x32\...\OpenAL) (Version: - )
- Origin (HKLM-x32\...\Origin) (Version: 10.5.43.28287 - Electronic Arts, Inc.)
- Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.8703.1 - Realtek Semiconductor Corp.)
- Rockstar Games Launcher (HKLM-x32\...\Rockstar Games Launcher) (Version: 1.0.17.199 - Rockstar Games)
- Rockstar Games Social Club (HKLM-x32\...\Rockstar Games Social Club) (Version: 2.0.4.3 - Rockstar Games)
- Spotify (HKU\S-1-5-21-2846184411-462228645-4040623696-1001\...\Spotify) (Version: 1.1.22.633.g1bab253a - Spotify AB)
- Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
- SteelSeries Engine 3.13.3 (HKLM\...\SteelSeries Engine 3) (Version: 3.13.3 - SteelSeries ApS)
- TeamSpeak 3 Client (HKU\S-1-5-21-2846184411-462228645-4040623696-1001\...\TeamSpeak 3 Client) (Version: 3.2.3 - TeamSpeak Systems GmbH)
- The Sims™ 4 (HKLM-x32\...\{48EBEBBF-B9F8-4520-A3CF-89A730721917}) (Version: 1.53.115.1020 - Electronic Arts Inc.)
- Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{C3ACFCEA-240F-4DCC-A0C3-DD55FEE6C3C2}) (Version: 2.58.0.0 - Microsoft Corporation)
- UpdateAssistant (HKLM\...\{52C1DD03-104E-4AC6-9DC6-21D585721ED1}) (Version: 1.19.0.0 - Microsoft Corporation) Hidden
- Windows 10 Update Assistant (HKLM-x32\...\{D5C69738-B486-402E-85AC-2456D98A64E4}) (Version: 1.4.9200.22807 - Microsoft Corporation)
- WinRAR 5.61 (64-bitowy) (HKLM\...\WinRAR archiver) (Version: 5.61.0 - win.rar GmbH)
- Packages:
- =========
- Candy Crush Saga -> C:\Program Files\WindowsApps\king.com.CandyCrushSaga_1.1661.1.0_x86__kgqvnymyfvs32 [2019-12-19] (king.com)
- DirectX -> C:\Program Files\WindowsApps\Microsoft.DirectXRuntime_9.29.952.0_x64__8wekyb3d8bbwe [2019-06-25] (Microsoft Corporation)
- DirectX -> C:\Program Files\WindowsApps\Microsoft.DirectXRuntime_9.29.952.0_x86__8wekyb3d8bbwe [2019-06-25] (Microsoft Corporation)
- Dolby Access -> C:\Program Files\WindowsApps\DolbyLaboratories.DolbyAccess_3.1.3842.0_x64__rz1tebttyb220 [2019-12-18] (Dolby Laboratories)
- Enter The Gungeon -> C:\Program Files\WindowsApps\DevolverDigital.57610FDDAB1AC_2.1.11.2_x64__6kzv4j18v0c96 [2019-11-18] (Devolver Digital)
- Fitbit Coach -> C:\Program Files\WindowsApps\Fitbit.FitbitCoach_4.4.133.0_x64__6mqt6hf9g46tw [2018-11-24] (Fitbit)
- Gears Tactics -> C:\Program Files\WindowsApps\Microsoft.GanderBaseGame_1.0.2.0_x64__8wekyb3d8bbwe [2019-12-20] (Microsoft Studios)
- Kingdom Come: Deliverance -> C:\Program Files\WindowsApps\DeepSilver.KingdomComeDeliverance_9.4.502.0_x64__hmv7qcest37me [2019-11-29] (Koch Media GmbH)
- Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-02-03] (Microsoft Corporation) [MS Ad]
- Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-02-03] (Microsoft Corporation) [MS Ad]
- Microsoft News - Wiadomości -> C:\Program Files\WindowsApps\Microsoft.BingNews_4.34.13393.0_x64__8wekyb3d8bbwe [2019-12-18] (Microsoft Corporation) [MS Ad]
- Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.5.12061.0_x64__8wekyb3d8bbwe [2019-12-12] (Microsoft Studios) [MS Ad]
- MSN Finanse -> C:\Program Files\WindowsApps\Microsoft.BingFinance_4.34.13393.0_x64__8wekyb3d8bbwe [2019-12-18] (Microsoft Corporation) [MS Ad]
- MSN Pogoda -> C:\Program Files\WindowsApps\Microsoft.BingWeather_4.34.13393.0_x64__8wekyb3d8bbwe [2019-12-19] (Microsoft Corporation) [MS Ad]
- MSN Sport -> C:\Program Files\WindowsApps\Microsoft.BingSports_4.34.13393.0_x64__8wekyb3d8bbwe [2019-12-19] (Microsoft Corporation) [MS Ad]
- Netflix -> C:\Program Files\WindowsApps\4DF9E0F8.Netflix_6.95.602.0_x64__mcm4njqhnhss8 [2019-10-25] (Netflix, Inc.)
- Night Call -> C:\Program Files\WindowsApps\RawFury.NightCallWIN10_1.0.7.0_x64__9s0pnehqffj7t [2019-11-20] (Raw Fury)
- Phoenix Point -> C:\Program Files\WindowsApps\SnapshotGames.PhoenixPoint_1.0.54730.2_x64__xxvrk32m0sthm [2019-12-23] (Snapshot Games Inc)
- Realtek Audio Control -> C:\Program Files\WindowsApps\RealtekSemiconductorCorp.RealtekAudioControl_1.3.180.0_x64__dt26b99r8h8gj [2019-06-18] (Realtek Semiconductor Corp)
- The Outer Worlds -> C:\Program Files\WindowsApps\PrivateDivision.TheOuterWorldsWindows10_1.2.418.0_x64__hv3d7yfbgr2rp [2019-12-17] (Private Division)
- Thrashball Cole Character Pack -> C:\Program Files\WindowsApps\Microsoft.ThrashballColeCharacterPack_1.2.0.0_x64__8wekyb3d8bbwe [2019-12-20] (Microsoft Studios)
- Usługi gier -> C:\Program Files\WindowsApps\Microsoft.GamingServices_1.35.26001.0_x64__8wekyb3d8bbwe [2019-12-12] (Microsoft Corporation)
- Xbox (Beta) -> C:\Program Files\WindowsApps\Microsoft.GamingApp_1912.1001.8.0_x64__8wekyb3d8bbwe [2019-12-13] (Microsoft Corporation) [Startup Task]
- ==================== Custom CLSID (Whitelisted): ==============
- (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
- CustomCLSID: HKU\S-1-5-21-2846184411-462228645-4040623696-1001_Classes\CLSID\{1BF42E4C-4AF4-4CFD-A1A0-CF2960B8F63E}\InprocServer32 -> C:\Users\Rzychu\AppData\Local\Microsoft\OneDrive\17.3.6816.0313\amd64\FileSyncShell64.dll => No File
- CustomCLSID: HKU\S-1-5-21-2846184411-462228645-4040623696-1001_Classes\CLSID\{7AFDFDDB-F914-11E4-8377-6C3BE50D980C}\InprocServer32 -> C:\Users\Rzychu\AppData\Local\Microsoft\OneDrive\17.3.6816.0313\amd64\FileSyncShell64.dll => No File
- CustomCLSID: HKU\S-1-5-21-2846184411-462228645-4040623696-1001_Classes\CLSID\{82CA8DE3-01AD-4CEA-9D75-BE4C51810A9E}\InprocServer32 -> C:\Users\Rzychu\AppData\Local\Microsoft\OneDrive\17.3.6816.0313\amd64\FileSyncShell64.dll => No File
- ShellIconOverlayIdentifiers: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => -> No File
- ShellIconOverlayIdentifiers: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => -> No File
- ShellIconOverlayIdentifiers: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => -> No File
- ShellIconOverlayIdentifiers: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => -> No File
- ShellIconOverlayIdentifiers: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => -> No File
- ShellIconOverlayIdentifiers: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => -> No File
- ShellIconOverlayIdentifiers: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => -> No File
- ShellIconOverlayIdentifiers-x32: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => -> No File
- ShellIconOverlayIdentifiers-x32: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => -> No File
- ShellIconOverlayIdentifiers-x32: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => -> No File
- ShellIconOverlayIdentifiers-x32: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => -> No File
- ShellIconOverlayIdentifiers-x32: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => -> No File
- ShellIconOverlayIdentifiers-x32: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => -> No File
- ShellIconOverlayIdentifiers-x32: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => -> No File
- ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => F:\Program Files\WinRAR\rarext.dll [2018-10-27] (win.rar GmbH -> Alexander Roshal)
- ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => F:\Program Files\WinRAR\rarext32.dll [2018-10-27] (win.rar GmbH -> Alexander Roshal)
- ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\system32\nvshext.dll [2019-09-27] (NVIDIA Corporation -> NVIDIA Corporation)
- ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => F:\Program Files\WinRAR\rarext.dll [2018-10-27] (win.rar GmbH -> Alexander Roshal)
- ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => F:\Program Files\WinRAR\rarext32.dll [2018-10-27] (win.rar GmbH -> Alexander Roshal)
- ==================== Codecs (Whitelisted) ====================
- (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
- HKLM\...\Drivers32: [vidc.i420] => C:\Windows\system32\lvcod64.dll [175392 2018-11-23] (Logitech, Inc. -> Logitech Inc.)
- HKLM\...\Drivers32: [vidc.i420] => C:\Windows\SysWOW64\lvcodec2.dll [305000 2018-11-23] (Logitech, Inc. -> Logitech Inc.)
- HKLM\...\Drivers32: [vidc.VP60] => C:\WINDOWS\SysWOW64\vp6vfw.dll [447752 2014-09-16] (Electronic Arts -> On2.com)
- HKLM\...\Drivers32: [vidc.VP61] => C:\WINDOWS\SysWOW64\vp6vfw.dll [447752 2014-09-16] (Electronic Arts -> On2.com)
- ==================== Shortcuts & WMI ========================
- ==================== Loaded Modules (Whitelisted) =============
- 2019-12-27 14:11 - 2019-12-27 14:11 - 000396800 _____ () [File not signed] G:\Program Files (x86)\Steam\steamapps\common\DarkestDungeon\_windows\glew32.dll
- 2019-12-27 14:11 - 2019-12-27 14:11 - 001047552 _____ () [File not signed] G:\Program Files (x86)\Steam\steamapps\common\DarkestDungeon\_windows\SDL2.dll
- 2019-12-27 14:11 - 2019-12-27 14:11 - 001489408 _____ (Firelight Technologies) [File not signed] G:\Program Files (x86)\Steam\steamapps\common\DarkestDungeon\_windows\fmod.dll
- 2019-12-27 14:11 - 2019-12-27 14:11 - 001410560 _____ (Firelight Technologies) [File not signed] G:\Program Files (x86)\Steam\steamapps\common\DarkestDungeon\_windows\fmodstudio.dll
- 2018-01-25 12:10 - 2018-01-25 12:10 - 000349696 _____ (Intel(R) Corporation) [File not signed] C:\Windows\system32\NCS2Setp.dll
- 2019-12-27 14:11 - 2019-12-27 14:11 - 000283648 _____ (The cURL library, hxxp://curl.haxx.se/) [File not signed] G:\Program Files (x86)\Steam\steamapps\common\DarkestDungeon\_windows\libcurl.dll
- 2019-07-27 12:07 - 2019-07-27 12:07 - 001277440 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Program Files (x86)\Origin\LIBEAY32.dll
- 2019-07-27 12:07 - 2019-07-27 12:07 - 000279040 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Program Files (x86)\Origin\ssleay32.dll
- 2018-04-06 19:29 - 2018-04-06 19:29 - 002286747 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Program Files\Logitech Gaming Software\LIBEAY32.dll
- 2018-04-06 19:29 - 2018-04-06 19:29 - 000416627 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Program Files\Logitech Gaming Software\ssleay32.dll
- 2019-12-27 14:11 - 2019-12-27 14:11 - 001271808 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] G:\Program Files (x86)\Steam\steamapps\common\DarkestDungeon\_windows\LIBEAY32.dll
- 2019-12-27 14:11 - 2019-12-27 14:11 - 000270848 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] G:\Program Files (x86)\Steam\steamapps\common\DarkestDungeon\_windows\SSLEAY32.dll
- 2019-07-27 12:07 - 2019-07-27 12:07 - 001611264 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\platforms\qwindows.dll
- 2019-07-27 12:07 - 2019-07-27 12:07 - 005487104 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5Core.dll
- 2019-07-27 12:07 - 2019-07-27 12:07 - 005841920 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5Gui.dll
- 2019-07-27 12:07 - 2019-07-27 12:07 - 001179136 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5Network.dll
- 2019-07-27 12:07 - 2019-07-27 12:07 - 005089792 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5Widgets.dll
- 2019-07-27 12:07 - 2019-07-27 12:07 - 000184832 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5Xml.dll
- ==================== Alternate Data Streams (Whitelisted) ========
- (If an entry is included in the fixlist, only the ADS will be removed.)
- AlternateDataStreams: C:\Users\Rzychu\Application Data:00e481b5e22dbe1f649fcddd505d3eb7 [394]
- AlternateDataStreams: C:\Users\Rzychu\AppData\Roaming:00e481b5e22dbe1f649fcddd505d3eb7 [394]
- ==================== Safe Mode (Whitelisted) ==================
- (If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
- HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PEVSystemStart => ""="Service"
- HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\procexp90.Sys => ""="Driver"
- HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\PEVSystemStart => ""="Service"
- HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\procexp90.Sys => ""="Driver"
- ==================== Association (Whitelisted) =================
- ==================== Internet Explorer trusted/restricted ==========
- ==================== Hosts content: =========================
- (If needed Hosts: directive could be included in the fixlist to reset Hosts.)
- 2015-07-10 12:04 - 2015-07-10 12:02 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts
- ==================== Other Areas ===========================
- (Currently there is no automatic fix for this section.)
- HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Common Files\Oracle\Java\javapath;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files\NVIDIA Corporation\NVIDIA NvDLISR;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;%SYSTEMROOT%\System32\OpenSSH\;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common
- HKU\S-1-5-21-2846184411-462228645-4040623696-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Rzychu\Desktop\Bullshit\Memes\H0ZWBv8.jpg
- DNS Servers: 192.168.1.1
- HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
- HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: Off)
- Windows Firewall is disabled.
- ==================== MSCONFIG/TASK MANAGER disabled items ==
- (If an entry is included in the fixlist, it will be removed.)
- HKLM\...\StartupApproved\StartupFolder: => "SteelSeries Engine 3.lnk"
- HKLM\...\StartupApproved\Run: => "SecurityHealth"
- HKLM\...\StartupApproved\Run: => "BCSSync"
- HKLM\...\StartupApproved\Run: => "COMODO Autostart {D5EFF3B3-E126-4AF6-BCE9-852A72129E10}"
- HKLM\...\StartupApproved\Run32: => "LWS"
- HKLM\...\StartupApproved\Run32: => "IObit Security 360"
- HKLM\...\StartupApproved\Run32: => "SunJavaUpdateSched"
- HKU\S-1-5-21-2846184411-462228645-4040623696-1001\...\StartupApproved\Run: => "Steam"
- HKU\S-1-5-21-2846184411-462228645-4040623696-1001\...\StartupApproved\Run: => "Spotify"
- ==================== FirewallRules (Whitelisted) ================
- (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
- FirewallRules: [{21AE2124-DB9C-468C-AF08-B1A3739D6892}] => (Allow) G:\Program Files (x86)\Steam\steamapps\common\Don't Starve Together\bin\dontstarve_steam.exe No File
- FirewallRules: [{06C5BEF7-7033-41AB-B1DF-8DB5BD625831}] => (Allow) G:\Program Files (x86)\Steam\steamapps\common\Don't Starve Together\bin\dontstarve_steam.exe No File
- FirewallRules: [{A054B6D1-1800-410F-850B-1C6F1566F7E3}] => (Allow) G:\Program Files (x86)\Steam\steamapps\common\Rust\Rust.exe No File
- FirewallRules: [{20CC3355-0EC2-4634-B8E6-415633F924BB}] => (Allow) G:\Program Files (x86)\Steam\steamapps\common\Rust\Rust.exe No File
- FirewallRules: [{155C384F-E4CA-4002-B986-5943414BA262}] => (Allow) G:\Program Files (x86)\Steam\steamapps\common\Dying Light\DevTools\DyingLightPlayer.exe No File
- FirewallRules: [{12962E49-2161-4C29-AB2D-E50963311CBF}] => (Allow) G:\Program Files (x86)\Steam\steamapps\common\Dying Light\DevTools\DyingLightPlayer.exe No File
- FirewallRules: [{E3BD8246-DFC7-41DE-8A39-F374CE2DF9B2}] => (Allow) G:\Program Files (x86)\Steam\steamapps\common\Risk of Rain 2\Risk of Rain 2.exe () [File not signed]
- FirewallRules: [{85B1C712-684D-432A-8A91-31F942A7D2AB}] => (Allow) G:\Program Files (x86)\Steam\steamapps\common\Risk of Rain 2\Risk of Rain 2.exe () [File not signed]
- FirewallRules: [{5547E31F-78F7-4FC6-B3BB-DEFD6D80EB88}] => (Allow) G:\Program Files (x86)\Steam\steamapps\common\Borderlands 2\Binaries\Win32\Borderlands2.exe (Gearbox Software LLC -> Take-Two Interactive Software, Inc.)
- FirewallRules: [{BC30D563-9655-4113-8AF5-C20FB07AB0A6}] => (Allow) G:\Program Files (x86)\Steam\steamapps\common\Borderlands 2\Binaries\Win32\Borderlands2.exe (Gearbox Software LLC -> Take-Two Interactive Software, Inc.)
- FirewallRules: [{01ABA142-2AEA-4699-845B-3DAFC135145C}] => (Allow) G:\Program Files (x86)\Steam\steamapps\common\Borderlands 2\Binaries\Win32\Launcher.exe (Gearbox Software LLC -> Gearbox Software)
- FirewallRules: [{0DA5497A-1715-43BF-8FD5-0D9DB37F95B7}] => (Allow) G:\Program Files (x86)\Steam\steamapps\common\Borderlands 2\Binaries\Win32\Launcher.exe (Gearbox Software LLC -> Gearbox Software)
- FirewallRules: [{786896CE-8D09-4260-BE10-85B11EA41595}] => (Allow) G:\Program Files (x86)\Steam\steamapps\common\Hurtworld\HurtworldClient.exe No File
- FirewallRules: [{A66A5A2D-1D76-4ED5-B930-CBAB55B67A57}] => (Allow) G:\Program Files (x86)\Steam\steamapps\common\Hurtworld\HurtworldClient.exe No File
- FirewallRules: [{6845B463-CF78-4ECC-BB32-66BA05DA7C36}] => (Allow) G:\Program Files (x86)\Steam\steamapps\common\TheLongDark\tld.exe () [File not signed]
- FirewallRules: [{B97B679A-2C4C-4E51-A9C7-A8660CD9E310}] => (Allow) G:\Program Files (x86)\Steam\steamapps\common\TheLongDark\tld.exe () [File not signed]
- FirewallRules: [{198D840F-8F4A-43B3-A6A7-706D565FDF8B}] => (Allow) C:\Program Files\BitComet\BitComet.exe (Xing Wang -> www.BitComet.com)
- FirewallRules: [{EA261E39-628F-42B5-84E1-4EA5AFE5B873}] => (Allow) C:\Program Files\BitComet\BitComet.exe (Xing Wang -> www.BitComet.com)
- FirewallRules: [{A32FF28D-89C1-4A71-9A8B-1A28E5FC91AE}] => (Allow) G:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
- FirewallRules: [{BCC95AF1-1203-4661-A16F-5BEAF9975AA4}] => (Allow) G:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
- FirewallRules: [{40D26122-E4BD-4A91-9DF9-312C9C3CECC6}] => (Allow) G:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation)
- FirewallRules: [{8C8F5162-40DF-47E8-B48A-CFC297FF26CE}] => (Allow) G:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation)
- FirewallRules: [{267631CE-798B-4188-B746-CE64CA62AF9B}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
- FirewallRules: [{4B332162-AF2A-4EA9-91BB-8B74F7DC82A8}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
- FirewallRules: [{9C96D697-FED9-421C-A4FF-58BBF8211BB9}] => (Allow) G:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe No File
- FirewallRules: [{99E3BCAA-3FC4-41E0-8EC1-F0DEC1B3778A}] => (Allow) G:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe No File
- FirewallRules: [{9547D325-F045-47D0-8B82-6150018E0878}] => (Allow) G:\Program Files (x86)\Steam\steamapps\common\DeathRoadToCanada\prog.exe () [File not signed]
- FirewallRules: [{33A11714-6D55-4AA5-8955-01AA5BDBE47E}] => (Allow) G:\Program Files (x86)\Steam\steamapps\common\DeathRoadToCanada\prog.exe () [File not signed]
- FirewallRules: [{5485D5B8-A575-4FF2-9FF7-A2E65946F1FC}] => (Allow) G:\Program Files (x86)\Steam\steamapps\common\My Friend Pedro\My Friend Pedro - Blood Bullets Bananas.exe () [File not signed]
- FirewallRules: [{D81A023E-F9D8-4C6A-A256-124CF7800D47}] => (Allow) G:\Program Files (x86)\Steam\steamapps\common\My Friend Pedro\My Friend Pedro - Blood Bullets Bananas.exe () [File not signed]
- FirewallRules: [{C2DBB797-DD07-42B7-845B-9636479D1CC0}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
- FirewallRules: [{4BE168AA-06EB-4E7C-8599-0561BFAFFF98}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
- FirewallRules: [{47F5872A-7315-4317-914D-A69AAAC5CAF9}] => (Allow) G:\Program Files\The Sims 4\Game\Bin\TS4.exe (Electronic Arts, Inc. -> Electronic Arts Inc.)
- FirewallRules: [{7E687634-EACF-4BCE-A647-ECDEABB88C66}] => (Allow) G:\Program Files\The Sims 4\Game\Bin\TS4.exe (Electronic Arts, Inc. -> Electronic Arts Inc.)
- FirewallRules: [{B62BBA61-7AC0-4B49-802F-86F18C73F1DC}] => (Allow) G:\Program Files\The Sims 4\Game\Bin\TS4_x64.exe (Electronic Arts, Inc. -> Electronic Arts Inc.)
- FirewallRules: [{3A9D2EB6-D783-4AD2-A898-C9B0C44A410D}] => (Allow) G:\Program Files\The Sims 4\Game\Bin\TS4_x64.exe (Electronic Arts, Inc. -> Electronic Arts Inc.)
- FirewallRules: [{A001A7C2-D930-455D-AB62-06D963673BB4}] => (Allow) G:\Program Files (x86)\Steam\steamapps\common\Monster Hunter World\MonsterHunterWorld.exe (CAPCOM CO., LTD. -> CAPCOM CO., LTD.)
- FirewallRules: [{945719AE-B9D7-4BDB-953E-E376251F9B2F}] => (Allow) G:\Program Files (x86)\Steam\steamapps\common\Monster Hunter World\MonsterHunterWorld.exe (CAPCOM CO., LTD. -> CAPCOM CO., LTD.)
- FirewallRules: [{913800F3-8B74-4FD4-BAD6-1EB0F750C6D7}] => (Allow) G:\Program Files (x86)\Steam\steamapps\common\Tabletop Simulator\Tabletop Simulator.exe () [File not signed]
- FirewallRules: [{D4747198-302E-400F-8C64-0F1B66B67919}] => (Allow) G:\Program Files (x86)\Steam\steamapps\common\Tabletop Simulator\Tabletop Simulator.exe () [File not signed]
- FirewallRules: [{FFFC4D5E-F59E-4D56-AB9F-AB2A8AF481A4}] => (Allow) C:\SteamLibrary\steamapps\common\Rust\Rust.exe (Facepunch Studios Ltd -> EasyAntiCheat Ltd)
- FirewallRules: [{5D73E32E-81E3-4734-B9C9-87D3CE7F11DC}] => (Allow) C:\SteamLibrary\steamapps\common\Rust\Rust.exe (Facepunch Studios Ltd -> EasyAntiCheat Ltd)
- FirewallRules: [{0CFA3246-243A-4094-925B-84A3EAA15F83}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
- FirewallRules: [{12BE861E-0E6B-453B-910C-14F3729C9C3B}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
- FirewallRules: [{4DF6C675-FCED-4FEA-B55E-27259E6DC0CE}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
- FirewallRules: [{104EBDBD-50CB-47F9-AC43-47E6A89AE950}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
- FirewallRules: [{24B7617D-4F40-4255-AD18-7E9969DDFDF7}] => (Allow) G:\Program Files (x86)\Steam\steamapps\common\Frostpunk\Frostpunk.exe (Marek Ziemak -> 11 bit studios S.A.)
- FirewallRules: [{5E1BB338-5966-4B5A-92F9-1A5DF7A0E712}] => (Allow) G:\Program Files (x86)\Steam\steamapps\common\Frostpunk\Frostpunk.exe (Marek Ziemak -> 11 bit studios S.A.)
- FirewallRules: [{1022B0D6-05EF-47CC-9477-B18587BB08EC}] => (Allow) G:\Riot Games\League of Legends\LeagueClient.exe (Riot Games, Inc. -> )
- FirewallRules: [{584A329E-9CE2-46DA-B95B-945187499440}] => (Allow) G:\Riot Games\League of Legends\LeagueClient.exe (Riot Games, Inc. -> )
- FirewallRules: [{EC7E765F-79D0-4590-8ABA-82C35D839697}] => (Allow) G:\Program Files (x86)\Steam\steamapps\common\ProjectZomboid\ProjectZomboid64.exe () [File not signed]
- FirewallRules: [{EC3EDC61-332D-4630-A362-AD26B4286970}] => (Allow) G:\Program Files (x86)\Steam\steamapps\common\ProjectZomboid\ProjectZomboid64.exe () [File not signed]
- FirewallRules: [{429373DF-8937-4B74-9416-94C81C6BBAE9}] => (Allow) C:\Program Files\BlueStacks\HD-Player.exe (BlueStack Systems, Inc.) [File not signed]
- FirewallRules: [{5500B1A3-81D5-432D-BEDB-62510558797C}] => (Allow) G:\Program Files (x86)\Steam\steamapps\common\PUBG\TslGame\Binaries\Win64\ExecPubg.exe (Bluehole, Inc. -> PUBG Corporation )
- FirewallRules: [{51A73C8E-C3D2-4205-B5F8-CD513B8F80B7}] => (Allow) G:\Program Files (x86)\Steam\steamapps\common\PUBG\TslGame\Binaries\Win64\ExecPubg.exe (Bluehole, Inc. -> PUBG Corporation )
- FirewallRules: [{130E435E-3A80-4502-975E-92E300F38B02}] => (Allow) G:\Program Files (x86)\Steam\steamapps\common\Red Dead Redemption 2\PlayRDR2.exe (Rockstar Games, Inc. -> Rockstar Games)
- FirewallRules: [{36F181C8-1371-4F1E-A0CD-ED15FD7A700D}] => (Allow) G:\Program Files (x86)\Steam\steamapps\common\Red Dead Redemption 2\PlayRDR2.exe (Rockstar Games, Inc. -> Rockstar Games)
- FirewallRules: [{B2B1B903-4553-4F32-A4B4-DAA492DB0C39}] => (Allow) G:\Program Files (x86)\Steam\steamapps\common\DarkestDungeon\_windows\Darkest.exe () [File not signed]
- FirewallRules: [{931AAC6C-F9C9-4E4B-8709-FB04253D1F61}] => (Allow) G:\Program Files (x86)\Steam\steamapps\common\DarkestDungeon\_windows\Darkest.exe () [File not signed]
- ==================== Restore Points =========================
- ATTENTION: System Restore is disabled (Total:111.24 GB) (Free:36.01 GB) (32%)
- ==================== Faulty Device Manager Devices ============
- ==================== Event log errors: ========================
- Application errors:
- ==================
- Error: (01/01/2020 07:52:28 PM) (Source: Software Protection Platform Service) (EventID: 8198) (User: )
- Description: License Activation (slui.exe) failed with the following error code:
- hr=0x8007007B
- Command-line arguments:
- RuleId=502ff3ba-669a-4674-bbb1-601f34a3b968;Action=AutoActivateSilent;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=2de67392-b7a7-462a-b1ca-108dd189f588;NotificationInterval=1440;Trigger=NetworkAvailable
- Error: (01/01/2020 07:52:25 PM) (Source: Software Protection Platform Service) (EventID: 8198) (User: )
- Description: License Activation (slui.exe) failed with the following error code:
- hr=0x8007007B
- Command-line arguments:
- RuleId=502ff3ba-669a-4674-bbb1-601f34a3b968;Action=AutoActivateSilent;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=2de67392-b7a7-462a-b1ca-108dd189f588;NotificationInterval=1440;Trigger=NetworkAvailable
- Error: (01/01/2020 07:48:33 PM) (Source: ESENT) (EventID: 455) (User: )
- Description: svchost (576,R,98) TILEREPOSITORYS-1-5-18: Error -1023 (0xfffffc01) occurred while opening logfile C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log.
- Error: (01/01/2020 07:32:38 PM) (Source: ESENT) (EventID: 455) (User: )
- Description: svchost (9700,R,98) TILEREPOSITORYS-1-5-18: Error -1023 (0xfffffc01) occurred while opening logfile C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log.
- Error: (01/01/2020 06:42:47 PM) (Source: ESENT) (EventID: 455) (User: )
- Description: svchost (6592,R,98) TILEREPOSITORYS-1-5-18: Error -1023 (0xfffffc01) occurred while opening logfile C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log.
- Error: (01/01/2020 05:38:51 PM) (Source: ESENT) (EventID: 455) (User: )
- Description: svchost (3608,R,98) TILEREPOSITORYS-1-5-18: Error -1023 (0xfffffc01) occurred while opening logfile C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log.
- Error: (01/01/2020 05:32:50 PM) (Source: Software Protection Platform Service) (EventID: 8198) (User: )
- Description: License Activation (slui.exe) failed with the following error code:
- hr=0x8007007B
- Command-line arguments:
- RuleId=502ff3ba-669a-4674-bbb1-601f34a3b968;Action=AutoActivateSilent;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=2de67392-b7a7-462a-b1ca-108dd189f588;NotificationInterval=1440;Trigger=NetworkAvailable
- Error: (01/01/2020 05:32:48 PM) (Source: Software Protection Platform Service) (EventID: 8198) (User: )
- Description: License Activation (slui.exe) failed with the following error code:
- hr=0x8007007B
- Command-line arguments:
- RuleId=502ff3ba-669a-4674-bbb1-601f34a3b968;Action=AutoActivateSilent;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=2de67392-b7a7-462a-b1ca-108dd189f588;NotificationInterval=1440;Trigger=NetworkAvailable
- System errors:
- =============
- Error: (01/01/2020 11:26:22 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
- Description: The Origin Web Helper Service service terminated unexpectedly. It has done this 1 time(s).
- Error: (01/01/2020 11:26:22 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
- Description: The NVIDIA LocalSystem Container service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 6000 milliseconds: Uruchom usługę ponownie.
- Error: (01/01/2020 11:26:22 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
- Description: The Logitech Video Camera Service service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 1000 milliseconds: Uruchom usługę ponownie.
- Error: (01/01/2020 11:26:22 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
- Description: The Realtek Audio Universal Service service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 0 milliseconds: Uruchom usługę ponownie.
- Error: (01/01/2020 11:26:22 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
- Description: The Logitech Gaming Registry Service service terminated unexpectedly. It has done this 1 time(s).
- Error: (01/01/2020 11:26:22 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
- Description: The COMODO Dragon Update Service service terminated unexpectedly. It has done this 1 time(s).
- Error: (01/01/2020 11:26:22 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
- Description: The Intel(R) PROSet Monitoring Service service terminated unexpectedly. It has done this 1 time(s).
- Error: (01/01/2020 11:26:22 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
- Description: The NVIDIA Display Container LS service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 6000 milliseconds: Uruchom usługę ponownie.
- Windows Defender:
- ===================================
- Date: 2019-12-13 17:17:03.986
- Description:
- Skanowanie produktu Program antywirusowy Windows Defender zostało zatrzymane przed ukończeniem.
- Identyfikator skanowania: {BBB95E49-6BEA-4DBE-BFC3-06729EACAD91}
- Typ skanowania: Narzędzia chroniące przed złośliwym oprogramowaniem
- Parametry skanowania: Szybkie skanowanie
- Użytkownik: ZARZĄDZANIE NT\SYSTEM
- Date: 2019-12-01 09:39:37.255
- Description:
- Skanowanie produktu Program antywirusowy Windows Defender zostało zatrzymane przed ukończeniem.
- Identyfikator skanowania: {42C12613-1A73-4010-A3F0-3C43B95A40C5}
- Typ skanowania: Narzędzia chroniące przed złośliwym oprogramowaniem
- Parametry skanowania: Szybkie skanowanie
- Użytkownik: ZARZĄDZANIE NT\SYSTEM
- Date: 2019-11-20 19:48:13.787
- Description:
- Produkt Program antywirusowy Windows Defender wykrył złośliwe oprogramowanie lub inne potencjalnie niechciane oprogramowanie.
- Aby uzyskać więcej informacji, zobacz:
- https://go.microsoft.com/fwlink/?linkid=37020&name=HackTool:Win32/AutoKMS&threatid=2147685180&enterprise=0
- Nazwa: HackTool:Win32/AutoKMS
- Identyfikator: 2147685180
- Ważność: Wysoki
- Kategoria: Narzędzie
- Ścieżka: file:_E:\nowy folder 2\KMSAuto Net 2016 1.4.9 Portable + 1.5.1\KMSAuto Net 2016 1.4.9 Portable + 1.5.1\KMSAuto Net 1.5.1.exe; file:_E:\nowy folder 2\KMSAuto Net 2016 1.4.9 Portable + 1.5.1\KMSAuto Net 2016 1.4.9 Portable + 1.5.1\KMSAuto Net.exe
- Pochodzenie wykrycia: Komputer lokalny
- Typ wykrycia: Konkretne
- Źródło wykrycia: Ochrona w czasie rzeczywistym
- Użytkownik: DESKTOP-428GQMH\Rzychu
- Nazwa procesu: C:\Windows\explorer.exe
- Wersja analizy zabezpieczeń: AV: 1.305.2482.0, AS: 1.305.2482.0, NIS: 1.305.2482.0
- Wersja aparatu: AM: 1.1.16500.1, NIS: 1.1.16500.1
- Date: 2019-11-20 19:48:01.264
- Description:
- Produkt Program antywirusowy Windows Defender wykrył złośliwe oprogramowanie lub inne potencjalnie niechciane oprogramowanie.
- Aby uzyskać więcej informacji, zobacz:
- https://go.microsoft.com/fwlink/?linkid=37020&name=HackTool:Win32/AutoKMS&threatid=2147685180&enterprise=0
- Nazwa: HackTool:Win32/AutoKMS
- Identyfikator: 2147685180
- Ważność: Wysoki
- Kategoria: Narzędzie
- Ścieżka: file:_E:\nowy folder 2\KMSAuto Net 2016 1.4.9 Portable + 1.5.1\KMSAuto Net 2016 1.4.9 Portable + 1.5.1\KMSAuto Net 1.5.1.exe; file:_E:\nowy folder 2\KMSAuto Net 2016 1.4.9 Portable + 1.5.1\KMSAuto Net 2016 1.4.9 Portable + 1.5.1\KMSAuto Net.exe
- Pochodzenie wykrycia: Komputer lokalny
- Typ wykrycia: Konkretne
- Źródło wykrycia: Ochrona w czasie rzeczywistym
- Użytkownik: DESKTOP-428GQMH\Rzychu
- Nazwa procesu: C:\Windows\explorer.exe
- Wersja analizy zabezpieczeń: AV: 1.305.2482.0, AS: 1.305.2482.0, NIS: 1.305.2482.0
- Wersja aparatu: AM: 1.1.16500.1, NIS: 1.1.16500.1
- Date: 2019-11-20 19:48:00.549
- Description:
- Produkt Program antywirusowy Windows Defender wykrył złośliwe oprogramowanie lub inne potencjalnie niechciane oprogramowanie.
- Aby uzyskać więcej informacji, zobacz:
- https://go.microsoft.com/fwlink/?linkid=37020&name=HackTool:Win32/AutoKMS&threatid=2147685180&enterprise=0
- Nazwa: HackTool:Win32/AutoKMS
- Identyfikator: 2147685180
- Ważność: Wysoki
- Kategoria: Narzędzie
- Ścieżka: file:_E:\nowy folder 2\KMSAuto Net 2016 1.4.9 Portable + 1.5.1\KMSAuto Net 2016 1.4.9 Portable + 1.5.1\KMSAuto Net 1.5.1.exe
- Pochodzenie wykrycia: Komputer lokalny
- Typ wykrycia: Konkretne
- Źródło wykrycia: Ochrona w czasie rzeczywistym
- Użytkownik: DESKTOP-428GQMH\Rzychu
- Nazwa procesu: C:\Windows\explorer.exe
- Wersja analizy zabezpieczeń: AV: 1.305.2482.0, AS: 1.305.2482.0, NIS: 1.305.2482.0
- Wersja aparatu: AM: 1.1.16500.1, NIS: 1.1.16500.1
- Date: 2020-01-01 17:52:10.246
- Description:
- Produkt Program antywirusowy Windows Defender napotkał błąd podczas próby aktualizacji analizy zabezpieczeń.
- Nowa wersja analizy zabezpieczeń:
- Poprzednia wersja analizy zabezpieczeń: 1.307.1514.0
- Źródło aktualizacji: Serwer usługi Microsoft Update
- Typ analizy zabezpieczeń: Oprogramowanie antywirusowe
- Typ aktualizacji: Pełne
- Użytkownik: ZARZĄDZANIE NT\SYSTEM
- Bieżąca wersja aparatu:
- Poprzednia wersja aparatu: 1.1.16600.7
- Kod błędu: 0x80072f8f
- Opis błędu: Wystąpił błąd zabezpieczeń.
- Date: 2020-01-01 12:01:39.912
- Description:
- Agent ochrony w czasie rzeczywistym produktu Program antywirusowy Windows Defender wykrył błąd i jego uruchomienie nie powiodło się.
- Funkcja: Monitorowanie zachowania
- Kod błędu: 0x80508023
- Opis błędu: Program nie znalazł na tym urządzeniu złośliwego oprogramowania ani innego potencjalnie niechcianego oprogramowania.
- Przyczyna: Analiza zabezpieczeń dla oprogramowania chroniącego przed złośliwym kodem przestała działać z nieznanej przyczyny. W niektórych przypadkach problem można rozwiązać, uruchamiając ponownie usługę.
- Date: 2020-01-01 11:37:16.869
- Description:
- Produkt Program antywirusowy Windows Defender napotkał błąd podczas próby aktualizacji analizy zabezpieczeń.
- Nowa wersja analizy zabezpieczeń:
- Poprzednia wersja analizy zabezpieczeń: 1.307.1514.0
- Źródło aktualizacji: Serwer usługi Microsoft Update
- Typ analizy zabezpieczeń: Oprogramowanie antywirusowe
- Typ aktualizacji: Pełne
- Użytkownik: ZARZĄDZANIE NT\SYSTEM
- Bieżąca wersja aparatu:
- Poprzednia wersja aparatu: 1.1.16600.7
- Kod błędu: 0x80072f8f
- Opis błędu: Wystąpił błąd zabezpieczeń.
- Date: 2020-01-01 11:24:38.971
- Description:
- Produkt Program antywirusowy Windows Defender napotkał błąd podczas próby aktualizacji analizy zabezpieczeń.
- Nowa wersja analizy zabezpieczeń:
- Poprzednia wersja analizy zabezpieczeń: 1.307.1514.0
- Źródło aktualizacji: Serwer usługi Microsoft Update
- Typ analizy zabezpieczeń: Oprogramowanie antywirusowe
- Typ aktualizacji: Pełne
- Użytkownik: ZARZĄDZANIE NT\SYSTEM
- Bieżąca wersja aparatu:
- Poprzednia wersja aparatu: 1.1.16600.7
- Kod błędu: 0x80072f8f
- Opis błędu: Wystąpił błąd zabezpieczeń.
- CodeIntegrity:
- ===================================
- Date: 2020-01-01 12:00:31.496
- Description:
- Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\guard64.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
- Date: 2020-01-01 11:59:49.171
- Description:
- Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\guard64.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
- Date: 2020-01-01 11:55:02.354
- Description:
- Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\guard64.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
- Date: 2020-01-01 11:44:26.544
- Description:
- Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\guard64.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
- Date: 2020-01-01 11:41:56.346
- Description:
- Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\guard64.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
- Date: 2020-01-01 11:35:05.309
- Description:
- Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\guard64.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
- Date: 2020-01-01 11:35:05.074
- Description:
- Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\guard64.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
- Date: 2020-01-01 11:29:53.188
- Description:
- Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\guard64.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
- ==================== Memory info ===========================
- BIOS: American Megatrends Inc. 1.30 03/08/2018
- Motherboard: Micro-Star International Co., Ltd. Z370 PC PRO (MS-7B49)
- Processor: Intel(R) Core(TM) i5-8600K CPU @ 3.60GHz
- Percentage of memory in use: 30%
- Total physical RAM: 16339.07 MB
- Available physical RAM: 11356.83 MB
- Total Virtual: 24275.07 MB
- Available Virtual: 16339.64 MB
- ==================== Drives ================================
- Drive c: () (Fixed) (Total:111.24 GB) (Free:36.01 GB) NTFS
- Drive d: () (Fixed) (Total:0.48 GB) (Free:0.48 GB) FAT32
- Drive e: () (Removable) (Total:3.72 GB) (Free:2.76 GB) FAT32
- Drive f: () (Fixed) (Total:194.82 GB) (Free:194.61 GB) NTFS
- Drive g: () (Fixed) (Total:735.74 GB) (Free:279.65 GB) NTFS
- \\?\Volume{f0bb1dd7-4686-49a6-aae1-9d48956b8b2f}\ (Recovery) (Fixed) (Total:0.44 GB) (Free:0.05 GB) NTFS
- \\?\Volume{a0de7c77-4374-1f06-66f5-d6e40b3f7927}\ () (Fixed) (Total:65.58 GB) (Free:0 GB) NTFS
- \\?\Volume{2662018b-e541-267d-f467-23c6b437c7a9}\ () (Fixed) (Total:0.01 GB) (Free:0 GB) NTFS
- \\?\Volume{8ba245dd-9f8a-a5a4-ee46-3b74476f3b08}\ () (Fixed) (Total:0.01 GB) (Free:0 GB) NTFS
- \\?\Volume{3e754e7e-e8f7-9149-4352-01af1ddc46a0}\ () (Fixed) (Total:37.21 GB) (Free:0 GB) NTFS
- \\?\Volume{6cb6106c-58b9-a7dc-cc79-1ff53a8d3054}\ () (Fixed) (Total:1.14 GB) (Free:0 GB) NTFS
- \\?\Volume{32c0418e-0000-0000-0000-80c3e8000000}\ () (Fixed) (Total:0.46 GB) (Free:0.44 GB) NTFS
- \\?\Volume{c191732e-137d-4dc3-9326-8db3ad9a144b}\ () (Fixed) (Total:0.09 GB) (Free:0.07 GB) FAT32
- ==================== MBR & Partition Table ====================
- ==========================================================
- Disk: 0 (Protective MBR) (Size: 111.8 GB) (Disk ID: 00000000)
- Partition: GPT.
- ==========================================================
- Disk: 1 (MBR Code: Windows 7/8/10) (Size: 931.5 GB) (Disk ID: 32C0418E)
- Partition 1: (Active) - (Size=500 MB) - (Type=0B)
- Partition 2: (Not Active) - (Size=194.8 GB) - (Type=07 NTFS)
- Partition 3: (Not Active) - (Size=735.7 GB) - (Type=07 NTFS)
- Partition 4: (Not Active) - (Size=466 MB) - (Type=27)
- ==========================================================
- Disk: 2 (Size: 3.7 GB) (Disk ID: 587F285B)
- Partition 1: (Not Active) - (Size=3.7 GB) - (Type=0B)
- Attempted reading MBR returned 0 bytes.
- Could not read MBR for disk 3.
- Attempted reading MBR returned 0 bytes.
- Could not read MBR for disk 4.
- Attempted reading MBR returned 0 bytes.
- Could not read MBR for disk 5.
- Attempted reading MBR returned 0 bytes.
- Could not read MBR for disk 6.
- Attempted reading MBR returned 0 bytes.
- Could not read MBR for disk 7.
- ==================== End of Addition.txt =======================
Add Comment
Please, Sign In to add comment