Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- Rezultaty skanu uzupełniającego Farbar Recovery Scan Tool (x64) Wersja: 02.08.2018
- Uruchomiony przez Baal (22-10-2018 02:02:20)
- Uruchomiony z C:\Users\Baal\Downloads
- Windows 10 Pro Wersja 1709 16299.125 (X64) (2017-12-06 18:23:29)
- Tryb startu: Normal
- ==========================================================
- ==================== Konta użytkowników: =============================
- Administrator (S-1-5-21-460559988-2109249328-488648659-500 - Administrator - Disabled)
- Baal (S-1-5-21-460559988-2109249328-488648659-1001 - Administrator - Enabled) => C:\Users\Baal
- Gość (S-1-5-21-460559988-2109249328-488648659-501 - Limited - Disabled)
- Konto domyślne (S-1-5-21-460559988-2109249328-488648659-503 - Limited - Disabled)
- WDAGUtilityAccount (S-1-5-21-460559988-2109249328-488648659-504 - Limited - Disabled)
- ==================== Centrum zabezpieczeń ========================
- (Załączenie wejścia w fixlist spowoduje jego usunięcie.)
- AV: Avast Antivirus (Enabled - Up to date) {8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF}
- AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
- AV: Malwarebytes (Enabled - Up to date) {23007AD3-69FE-687C-2629-D584AFFAF72B}
- AS: Malwarebytes (Enabled - Up to date) {98619B37-4FC4-67F2-1C99-EEF6D47DBD96}
- AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
- AS: Avast Antivirus (Enabled - Up to date) {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402}
- ==================== Zainstalowane programy ======================
- (W fixlist dozwolone tylko załączanie programów adware z flagą "Hidden" w celu ich uwidocznienia. Programy adware powinny zostać w poprawny sposób odinstalowane.)
- Ansel (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Ansel) (Version: 385.41 - NVIDIA Corporation) Hidden
- Apple Application Support (32-bit) (HKLM-x32\...\{E92BB800-BCC5-4C25-8102-AC2C3B7C7C1E}) (Version: 5.5 - Apple Inc.)
- Apple Application Support (64-bit) (HKLM\...\{9C912B1E-06DD-43EF-BB2B-45CB2C88BAAE}) (Version: 5.5 - Apple Inc.)
- Apple Mobile Device Support (HKLM\...\{0A596141-97D5-45FA-9281-98DFAF48D579}) (Version: 10.3.2.3 - Apple Inc.)
- Apple Software Update (HKLM-x32\...\{52D87F32-70E4-4348-8148-C0B9F35B1314}) (Version: 2.3.0.177 - Apple Inc.)
- Audacity 2.2.2 (HKLM-x32\...\Audacity_is1) (Version: 2.2.2 - Audacity Team)
- Avast Free Antivirus (HKLM-x32\...\Avast Antivirus) (Version: 17.9.2322 - AVAST Software)
- Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment)
- Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
- Bubble Bobble Nostalgie (HKLM-x32\...\Bubble Bobble Nostalgie) (Version: - )
- CCleaner (HKLM\...\CCleaner) (Version: 5.37 - Piriform)
- Compatibility Pack for the 2007 Office system (HKLM-x32\...\{90120000-0020-0409-0000-0000000FF1CE}) (Version: 12.0.6514.5001 - Microsoft Corporation)
- CPUID CPU-Z 1.79 (HKLM\...\CPUID CPU-Z_is1) (Version: - ) <==== UWAGA
- CPUID HWMonitor 1.31 (HKLM\...\CPUID HWMonitor_is1) (Version: - )
- Crazy Chicken Kart 2 *RECOMPRESSED* (HKLM-x32\...\Crazy Chicken Kart 2 *RECOMPRESSED*_is1) (Version: - )
- CrystalDiskInfo 7.0.5 (HKLM-x32\...\CrystalDiskInfo_is1) (Version: 7.0.5 - Crystal Dew World)
- Diablo III (HKLM-x32\...\Diablo III) (Version: - Blizzard Entertainment)
- Discord (HKU\S-1-5-21-460559988-2109249328-488648659-1001\...\Discord) (Version: 0.0.301 - Discord Inc.)
- Dolby Digital Live Pack (HKLM-x32\...\Dolby Digital Live Pack) (Version: 3.03 - Creative Technology Limited)
- DTS Connect Pack (HKLM-x32\...\DTS Connect Pack) (Version: 1.00 - Creative Technology Limited)
- Epic Games Launcher (HKLM-x32\...\{0F3B0E4D-F8F7-45FC-A661-100AE5495A31}) (Version: 1.1.133.0 - Epic Games, Inc.)
- Epic Games Launcher Prerequisites (x64) (HKLM\...\{66C5838F-B854-4A55-89E6-A6138747A4DF}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
- FACEIT (HKU\S-1-5-21-460559988-2109249328-488648659-1001\...\FACEITApp) (Version: 0.17.1 - FACEIT Ltd.)
- FACEIT 0.15.0 (HKLM\...\1b460c18-2611-5297-a1a8-4f35160a268c) (Version: 0.15.0 - FACEIT Ltd.)
- FACEIT AC version 1.0 (HKLM\...\{1419E44C-0EF4-4822-9194-9F1A4D43973D}_is1) (Version: 1.0 - FACEIT LTD)
- GIMP 2.10.6 (HKLM\...\GIMP-2_is1) (Version: 2.10.6 - The GIMP Team)
- Google Chrome (HKLM-x32\...\Google Chrome) (Version: 70.0.3538.67 - Google Inc.)
- Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.17 - Google Inc.) Hidden
- Google Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.21.123 - Google Inc.) Hidden
- Gtk# for .Net 2.12.26 (HKLM-x32\...\{BC25B808-A11C-4C9F-9C0A-6682E47AAB83}) (Version: 2.12.26 - Xamarin, Inc.)
- Heroes of Might and Magic III - Złota Edycja (HKLM-x32\...\{2F95D723-72D2-425C-A238-367FF157B6EE}) (Version: 1.00 - Ubisoft)
- HP Deskjet 3520 series — podstawowe oprogramowanie urządzenia (HKLM\...\{2AF6DE35-EF82-42D5-86CA-9DE53EA29318}) (Version: 28.0.1315.0 - Hewlett-Packard Co.)
- HP Deskjet 3520 series Setup Guide (HKLM-x32\...\{AEEDCEB7-00B8-4BE1-B492-AB04803D5F1E}) (Version: 27.0.0 - Hewlett Packard)
- HUGO (HKLM-x32\...\HUGO) (Version: - )
- IntelliJ IDEA Community Edition 2017.2.4 (HKLM-x32\...\IntelliJ IDEA Community Edition 2017.2.4) (Version: 172.4155.36 - JetBrains s.r.o.)
- iTunes (HKLM\...\{F0C7385A-9D20-45F3-8101-05D383885180}) (Version: 12.6.1.25 - Apple Inc.)
- Java 8 Update 131 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180131F0}) (Version: 8.0.1310.11 - Oracle Corporation)
- Java 8 Update 144 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F64180144F0}) (Version: 8.0.1440.1 - Oracle Corporation)
- Java SE Development Kit 8 Update 144 (64-bit) (HKLM\...\{64A3A4F4-B792-11D6-A78A-00B0D0180144}) (Version: 8.0.1440.1 - Oracle Corporation)
- Launcher Prerequisites (x64) (HKLM-x32\...\{c6c5a357-c7ca-4a5f-9789-3bb1af579253}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
- MagicTunePremium (HKLM-x32\...\{79E9C7C5-4FCC-4DFF-B79E-17319E9522F3}) (Version: 2.0.09 - Samsung Electronics Ltd.)
- Malwarebytes (wersja 3.5.1.2522) (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.5.1.2522 - Malwarebytes)
- Microsoft Office Professional Plus 2016 - en-us (HKLM\...\ProPlusRetail - en-us) (Version: 16.0.8431.2107 - Microsoft Corporation)
- Microsoft Office Professional Plus 2016 - pl-pl (HKLM\...\ProPlusRetail - pl-pl) (Version: 16.0.8431.2107 - Microsoft Corporation)
- Microsoft Office Word Viewer 2003 (HKLM-x32\...\{90850415-6000-11D3-8CFE-0150048383C9}) (Version: 11.0.8173.0 - Microsoft Corporation)
- Microsoft OneDrive (HKU\S-1-5-21-460559988-2109249328-488648659-1001\...\OneDriveSetup.exe) (Version: 17.3.7294.0108 - Microsoft Corporation)
- Microsoft PowerPoint Viewer (HKLM-x32\...\{95140000-00AF-0415-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)
- Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (HKLM\...\{350AA351-21FA-3270-8B7A-835434E766AD}) (Version: 9.0.21022 - Microsoft Corporation)
- Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
- Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
- Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
- Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
- Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation)
- Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
- Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
- Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
- Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
- Microsoft Visual C++ 2017 Redistributable (x64) - 14.10.25008 (HKLM-x32\...\{f1e7e313-06df-4c56-96a9-99fdfd149c51}) (Version: 14.10.25008.0 - Microsoft Corporation)
- Microsoft Visual C++ 2017 Redistributable (x86) - 14.10.25008 (HKLM-x32\...\{c239cea1-d49e-4e16-8e87-8c055765f7ec}) (Version: 14.10.25008.0 - Microsoft Corporation)
- Microsoft Visual Studio Installer (HKLM\...\{6F320B93-EE3C-4826-85E0-ADF79F8D4C61}) (Version: 1.16.1247.518 - Microsoft Corporation)
- Minecraft (HKLM-x32\...\{1C16BCA3-EBC1-49F6-8623-8FBFB9CCC872}) (Version: 1.0.3.0 - Mojang)
- MSI Afterburner 4.3.0 (HKLM-x32\...\Afterburner) (Version: 4.3.0 - MSI Co., LTD)
- Notepad++ (64-bit x64) (HKLM\...\Notepad++) (Version: 7.5.1 - Notepad++ Team)
- NVIDIA Oprogramowanie systemu PhysX 9.17.0524 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.17.0524 - NVIDIA Corporation)
- NVIDIA Sterownik kontrolera 3D Vision 369.04 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 369.04 - NVIDIA Corporation)
- NvTelemetry (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvTelemetry) (Version: 2.4.5.0 - NVIDIA Corporation) Hidden
- OCCT 4.5.0 (HKLM-x32\...\OCCT) (Version: 4.5.0 - Ocbase.com)
- Office 16 Click-to-Run Extensibility Component (HKLM-x32\...\{90160000-008C-0000-0000-0000000FF1CE}) (Version: 16.0.8431.2107 - Microsoft Corporation) Hidden
- Office 16 Click-to-Run Extensibility Component 64-bit Registration (HKLM\...\{90160000-00DD-0000-1000-0000000FF1CE}) (Version: 16.0.8431.2107 - Microsoft Corporation) Hidden
- Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-008F-0000-1000-0000000FF1CE}) (Version: 16.0.8431.2107 - Microsoft Corporation) Hidden
- Office 16 Click-to-Run Localization Component (HKLM-x32\...\{90160000-008C-0409-0000-0000000FF1CE}) (Version: 16.0.8326.2076 - Microsoft Corporation) Hidden
- Office 16 Click-to-Run Localization Component (HKLM-x32\...\{90160000-008C-0415-0000-0000000FF1CE}) (Version: 16.0.8326.2076 - Microsoft Corporation) Hidden
- OpenAL (HKLM-x32\...\OpenAL) (Version: - )
- Opera Stable 53.0.2907.99 (HKLM-x32\...\Opera 53.0.2907.99) (Version: 53.0.2907.99 - Opera Software)
- Origin (HKLM-x32\...\Origin) (Version: 10.5.28.13288 - Electronic Arts, Inc.)
- Pakiet sterowników systemu Windows - Google, Inc. (WinUSB) AndroidUsbDeviceClass (08/27/2012 7.0.0000.00004) (HKLM\...\BE156A27AFEAEA39D6A7C9D25CFA8DAFAF91756B) (Version: 08/27/2012 7.0.0000.00004 - Google, Inc.)
- Pakiet sterowników systemu Windows - Google, Inc. (WinUSB) AndroidUsbDeviceClass (08/27/2012 7.0.0000.00004) (HKLM\...\D43FD4059F47ACA9539247D6CF690AAEA503AF2D) (Version: 08/27/2012 7.0.0000.00004 - Google, Inc.)
- Pakiet sterowników systemu Windows - SAMSUNG Electronics Co., Ltd. (dg_ssudbus) USB (12/02/2015 2.12.1.0) (HKLM\...\85A33267F12961AF9ED9AE799DEDA5E62BEA236F) (Version: 12/02/2015 2.12.1.0 - SAMSUNG Electronics Co., Ltd. )
- Pakiet sterowników systemu Windows - SAMSUNG Electronics Co., Ltd. (ssudmdm) Modem (12/02/2015 2.12.1.0) (HKLM\...\88ED314360B98E6E82E7CC3201FAEB4A9FD291B4) (Version: 12/02/2015 2.12.1.0 - SAMSUNG Electronics Co., Ltd. )
- Pakiet sterowników systemu Windows - SAMSUNG Electronics Co., Ltd. (WinUSB) AndroidUsbDeviceClass (12/02/2015 2.12.1.0) (HKLM\...\701281E8283E9E3681220099A9DA5013A5A437AF) (Version: 12/02/2015 2.12.1.0 - SAMSUNG Electronics Co., Ltd. )
- Panel sterowania NVIDIA 388.13 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel) (Version: 388.13 - NVIDIA Corporation) Hidden
- Papers Please version 1.1.63-S (HKLM-x32\...\Papers Please_is1) (Version: 1.1.63-S - )
- Razer Synapse (HKLM-x32\...\{0D78BEE2-F8FF-4498-AF1A-3FF81CED8AC6}) (Version: 2.20.17.413 - Razer Inc.)
- Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.8036 - Realtek Semiconductor Corp.)
- RivaTuner Statistics Server 7.0.0 Beta 19 (HKLM-x32\...\RTSS) (Version: 7.0.0 Beta 19 - Unwinder)
- SafeZone Stable 4.58.2552.909 (HKLM-x32\...\SafeZone 4.58.2552.909) (Version: 4.58.2552.909 - Avast Software) Hidden
- Samsung Kies3 (HKLM-x32\...\{88547073-C566-4895-9005-EBE98EA3F7C7}) (Version: 3.2.16084.2 - Samsung Electronics Co., Ltd.) Hidden
- Samsung Kies3 (HKLM-x32\...\InstallShield_{88547073-C566-4895-9005-EBE98EA3F7C7}) (Version: 3.2.16084.2 - Samsung Electronics Co., Ltd.)
- Samsung USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.63.0 - Samsung Electronics Co., Ltd.)
- Smart Switch (HKLM-x32\...\{74FA5314-85C8-4E2A-907D-D9ECCCB770A7}) (Version: 4.2.18052.28 - Samsung Electronics Co., Ltd.) Hidden
- Smart Switch (HKLM-x32\...\InstallShield_{74FA5314-85C8-4E2A-907D-D9ECCCB770A7}) (Version: 4.2.18052.28 - Samsung Electronics Co., Ltd.)
- Sound Blaster X-Fi (HKLM-x32\...\{0282C872-4B44-444B-9818-54FBD7D50ECD}) (Version: 1.0 - Creative Technology Limited)
- Spotify (HKU\S-1-5-21-460559988-2109249328-488648659-1001\...\Spotify) (Version: 1.0.91.183.g259b84fa - Spotify AB)
- Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
- SuperTuxKart 0.9.3-rc1 - 3D open-source arcade racer with a variety characters, tracks, and modes to play (HKLM-x32\...\SuperTuxKart 0.9.3-rc1) (Version: - SuperTuxKart)
- TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.1.4 - TeamSpeak Systems GmbH)
- TeamViewer 13 (HKLM-x32\...\TeamViewer) (Version: 13.1.3629 - TeamViewer)
- Tenorshare UltData for Android (HKLM-x32\...\{TenorshareUltDataforAndroid}_is1) (Version: 5.2.2.0 - Tenorshare, Inc.)
- Tom Clancy's Rainbow Six Siege (HKLM-x32\...\Uplay Install 635) (Version: - Ubisoft Montreal)
- ToonCar (HKLM-x32\...\ToonCar) (Version: - )
- Unigine Valley Benchmark version 1.0 (HKLM-x32\...\Unigine Valley Benchmark_is1) (Version: 1.0 - Unigine Corp.)
- Unity (HKLM-x32\...\Unity) (Version: 5.6.1f1 - Unity Technologies ApS)
- Universal Adb Driver (HKLM-x32\...\{C0E08D8D-6076-4117-B644-2AF34F35B757}) (Version: 1.0.4 - ClockworkMod)
- Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{8CFAB044-7D2E-4655-B86D-99932E988980}) (Version: 2.45.0.0 - Microsoft Corporation)
- Uplay (HKLM-x32\...\Uplay) (Version: 43.1 - Ubisoft)
- Visual Studio Community 2017 (HKLM-x32\...\567ae753) (Version: 15.7.27703.2035 - Microsoft Corporation)
- vs_communitymsi (HKLM-x32\...\{5DFEB1ED-29B8-44F0-8615-DE758242B0E2}) (Version: 15.7.27617 - Microsoft Corporation) Hidden
- vs_communitymsires (HKLM-x32\...\{CEF65212-694E-4F0B-ADB5-17CE0C2AE213}) (Version: 15.0.26621 - Microsoft Corporation) Hidden
- vs_devenvmsi (HKLM-x32\...\{BFFA2FFB-1095-4ADD-A352-368806D2412B}) (Version: 15.0.26621 - Microsoft Corporation) Hidden
- vs_filehandler_amd64 (HKLM-x32\...\{B6600254-A9D1-4265-826B-28B0E28C1F37}) (Version: 15.7.27617 - Microsoft Corporation) Hidden
- vs_filehandler_x86 (HKLM-x32\...\{EF15DAFE-8E43-48E6-AE94-CBA196675318}) (Version: 15.7.27617 - Microsoft Corporation) Hidden
- vs_FileTracker_Singleton (HKLM-x32\...\{8EB2C670-04C2-482D-BACD-B4095E27FD39}) (Version: 15.6.27309 - Microsoft Corporation) Hidden
- vs_minshellinteropmsi (HKLM-x32\...\{9B1DD088-CF09-46A1-8B42-18D231B19E39}) (Version: 15.7.27604 - Microsoft Corporation) Hidden
- vs_minshellmsi (HKLM-x32\...\{F5BCAD30-D22C-4B08-A581-1EBE3A35C6B1}) (Version: 15.7.27617 - Microsoft Corporation) Hidden
- vs_minshellmsires (HKLM-x32\...\{871BE104-8114-4C84-9809-D3F2DAB18E06}) (Version: 15.0.26621 - Microsoft Corporation) Hidden
- Vulkan Run Time Libraries 1.0.51.0 (HKLM\...\VulkanRT1.0.51.0) (Version: 1.0.51.0 - LunarG, Inc.)
- Winamp (HKLM-x32\...\Winamp) (Version: 5.666 - Nullsoft, Inc)
- WinRAR 5.40 (64-bitowy) (HKLM\...\WinRAR archiver) (Version: 5.40.0 - win.rar GmbH)
- WinSCP 5.11.2 (HKLM-x32\...\winscp3_is1) (Version: 5.11.2 - Martin Prikryl)
- World of Warcraft (HKLM-x32\...\World of Warcraft) (Version: - Blizzard Entertainment)
- ==================== Niestandardowe rejestracje CLSID (filtrowane): ==========================
- (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.)
- ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2018-01-24] (AVAST Software)
- ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} => C:\Program Files\Notepad++\NppShell_06.dll [2017-08-29] ()
- ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2018-01-24] (AVAST Software)
- ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2016-09-19] (Alexander Roshal)
- ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2016-09-19] (Alexander Roshal)
- ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2018-01-24] (AVAST Software)
- ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2018-05-09] (Malwarebytes)
- ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\system32\nvshext.dll [2017-10-27] (NVIDIA Corporation)
- ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2018-01-24] (AVAST Software)
- ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2018-05-09] (Malwarebytes)
- ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2016-09-19] (Alexander Roshal)
- ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2016-09-19] (Alexander Roshal)
- ==================== Zaplanowane zadania (filtrowane) =============
- (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.)
- Task: {369A5647-9AD5-4B84-A50B-A0871B778D9F} - System32\Tasks\MSIAfterburner => C:\Program Files (x86)\MSI Afterburner\MSIAfterburner.exe [2016-10-24] ()
- Task: {8CB2301C-D776-4309-B537-2BDBFC169826} - System32\Tasks\S-1-5-21-460559988-2109249328-488648659-1001\DataSenseLiveTileTask => C:\WINDOWS\System32\DataUsageLiveTileTask.exe [2017-09-29] (Microsoft Corporation)
- Task: {C6D37DEA-88C0-440F-978C-FB13967369DB} - System32\Tasks\Microsoft\Windows\rempl\shell => C:\Program Files\rempl\sedlauncher.exe [2018-06-28] (Microsoft Corporation)
- (Załączenie wejścia w fixlist spowoduje przesunięcie pliku zadania (.job). Plik uruchamiany docelowo przez zadanie nie zostanie przeniesiony.)
- ==================== Skróty & WMI ========================
- (Wybrane wejścia mogą zostać załączone w celu ich zresetowania lub usunięcia.)
- ShortcutWithArgument: C:\Users\Baal\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplikacje Chrome\Vysor.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory=Default --app-id=gidgenkbbabolejbgbpnhbimgjbffefm
- ==================== Załadowane moduły (filtrowane) ==============
- 2017-09-29 15:41 - 2017-09-29 15:41 - 000184432 _____ () C:\WINDOWS\SYSTEM32\inputhost.dll
- 2017-05-09 00:44 - 2017-05-09 00:44 - 000092472 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
- 2017-05-09 00:44 - 2017-05-09 00:44 - 001354040 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
- 2018-10-22 00:36 - 2018-10-22 01:59 - 002681424 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\SelfProtectionSdk.dll
- 2018-10-22 00:36 - 2018-10-22 01:59 - 002769768 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\MwacLib.dll
- 2016-09-25 00:20 - 2016-09-25 00:21 - 000189264 _____ () C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe
- 2016-10-21 00:55 - 2017-04-08 16:40 - 000428232 _____ () C:\Program Files (x86)\RivaTuner Statistics Server\RTSSHooks64.dll
- 2016-10-24 12:03 - 2016-10-24 12:03 - 000589512 _____ () C:\Program Files (x86)\MSI Afterburner\MSIAfterburner.exe
- 2017-12-06 20:06 - 2017-12-06 20:06 - 011044864 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
- 2017-12-06 20:06 - 2017-12-06 20:06 - 001804288 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
- 2018-08-03 16:33 - 2018-08-03 16:35 - 000086528 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.1815.210.0_x64__kzf8qxf38zg5c\SkypeHost.exe
- 2018-08-03 16:33 - 2018-08-03 16:35 - 000195072 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.1815.210.0_x64__kzf8qxf38zg5c\SkypeBackgroundTasks.dll
- 2018-08-03 16:33 - 2018-08-03 16:35 - 022373888 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.1815.210.0_x64__kzf8qxf38zg5c\SkyWrap.dll
- 2018-08-03 16:33 - 2018-08-03 16:35 - 002610176 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.1815.210.0_x64__kzf8qxf38zg5c\skypert.dll
- 2017-04-08 16:35 - 2017-04-08 16:35 - 000241152 _____ () C:\Program Files (x86)\RivaTuner Statistics Server\RTSS.exe
- 2017-04-08 16:35 - 2017-04-08 16:35 - 000027136 _____ () C:\Program Files (x86)\RivaTuner Statistics Server\EncoderServer.exe
- 2017-04-08 16:35 - 2017-04-08 16:35 - 000088576 _____ () C:\Program Files (x86)\RivaTuner Statistics Server\RTSSHooksLoader64.exe
- 2018-08-30 14:39 - 2018-10-10 06:17 - 001056032 _____ () C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\SDL2.dll
- 2018-08-30 14:39 - 2018-09-23 02:00 - 102804768 _____ () C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\libcef.dll
- 2018-08-30 14:39 - 2018-09-23 02:00 - 004866336 _____ () C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\libglesv2.dll
- 2018-08-30 14:39 - 2018-09-23 02:00 - 000116000 _____ () C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\libegl.dll
- 2015-08-31 16:09 - 2015-08-31 16:09 - 000819200 _____ () T:\Program Files (x86)\ClockworkMod\Universal Adb Driver\adb.exe
- 2018-01-24 00:20 - 2018-01-24 00:20 - 000067984 _____ () C:\Program Files\AVAST Software\Avast\x64\dll_loader.dll
- 2018-01-24 00:20 - 2018-01-24 00:20 - 000067920 _____ () C:\Program Files\AVAST Software\Avast\x64\module_lifetime.dll
- 2018-10-19 11:34 - 2018-10-16 02:01 - 005020504 _____ () C:\Program Files (x86)\Google\Chrome\Application\70.0.3538.67\libglesv2.dll
- 2018-10-19 11:34 - 2018-10-16 02:01 - 000116056 _____ () C:\Program Files (x86)\Google\Chrome\Application\70.0.3538.67\libegl.dll
- 2016-10-10 18:46 - 2016-10-10 18:46 - 000056832 _____ () C:\Program Files (x86)\MSI Afterburner\RTFC.dll
- 2016-10-10 18:46 - 2016-10-10 18:46 - 000228864 _____ () C:\Program Files (x86)\MSI Afterburner\RTCore.dll
- 2016-10-10 18:46 - 2016-10-10 18:46 - 000526848 _____ () C:\Program Files (x86)\MSI Afterburner\RTHAL.dll
- 2016-10-10 18:46 - 2016-10-10 18:46 - 000357888 _____ () C:\Program Files (x86)\MSI Afterburner\RTUI.dll
- 2016-10-10 18:46 - 2016-10-10 18:46 - 000071680 _____ () C:\Program Files (x86)\MSI Afterburner\RTMUI.dll
- 2016-10-21 00:55 - 2017-04-08 16:40 - 000400072 _____ () C:\Program Files (x86)\RivaTuner Statistics Server\RTSSHooks.dll
- 2017-04-08 16:34 - 2017-04-08 16:34 - 000055808 _____ () C:\Program Files (x86)\RivaTuner Statistics Server\RTFC.dll
- 2017-04-08 16:35 - 2017-04-08 16:35 - 000353792 _____ () C:\Program Files (x86)\RivaTuner Statistics Server\RTUI.dll
- 2017-04-08 16:35 - 2017-04-08 16:35 - 000071680 _____ () C:\Program Files (x86)\RivaTuner Statistics Server\RTMUI.dll
- 2018-01-24 00:20 - 2018-01-24 00:20 - 000206152 _____ () C:\Program Files\AVAST Software\Avast\JsonRpcServer.dll
- 2018-01-24 00:20 - 2018-01-24 00:20 - 000058016 _____ () C:\Program Files\AVAST Software\Avast\module_lifetime.dll
- 2018-01-24 00:20 - 2018-01-24 00:20 - 000057504 _____ () C:\Program Files\AVAST Software\Avast\dll_loader.dll
- 2017-07-03 21:54 - 2017-07-03 21:54 - 067109376 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
- 2018-01-24 00:20 - 2018-01-24 00:20 - 000289272 _____ () C:\Program Files\AVAST Software\Avast\tasks_core.dll
- 2018-01-24 00:20 - 2018-01-24 00:20 - 000282560 _____ () C:\Program Files\AVAST Software\Avast\gaming_mode_ui.dll
- 2017-04-29 15:25 - 2018-10-10 06:17 - 000878880 _____ () C:\Program Files (x86)\Steam\SDL2.dll
- 2017-04-29 15:25 - 2016-09-01 03:02 - 004969248 _____ () C:\Program Files (x86)\Steam\v8.dll
- 2017-04-29 15:25 - 2018-10-13 03:59 - 002647840 _____ () C:\Program Files (x86)\Steam\video.dll
- 2017-04-29 15:25 - 2016-09-01 03:02 - 001563936 _____ () C:\Program Files (x86)\Steam\icui18n.dll
- 2017-04-29 15:25 - 2016-09-01 03:02 - 001195296 _____ () C:\Program Files (x86)\Steam\icuuc.dll
- 2017-12-15 01:34 - 2017-12-20 03:43 - 005137696 _____ () C:\Program Files (x86)\Steam\libavcodec-57.dll
- 2017-12-15 01:34 - 2017-12-20 03:43 - 000695584 _____ () C:\Program Files (x86)\Steam\libavformat-57.dll
- 2017-12-15 01:34 - 2017-12-20 03:43 - 000351520 _____ () C:\Program Files (x86)\Steam\libavresample-3.dll
- 2017-12-15 01:34 - 2017-12-20 03:43 - 000847136 _____ () C:\Program Files (x86)\Steam\libavutil-55.dll
- 2017-12-15 01:34 - 2017-12-20 03:43 - 000783648 _____ () C:\Program Files (x86)\Steam\libswscale-4.dll
- 2017-04-29 15:25 - 2018-10-13 03:59 - 001023776 _____ () C:\Program Files (x86)\Steam\bin\chromehtml.DLL
- 2017-04-29 15:25 - 2016-07-05 00:17 - 000266560 _____ () C:\Program Files (x86)\Steam\openvr_api.dll
- 2017-01-16 13:40 - 2017-01-16 13:40 - 000143824 _____ () C:\ProgramData\Razer\Synapse\CrashReporter\CrashRpt1402.dll
- 2018-08-24 20:04 - 2015-12-19 17:03 - 000002560 _____ () C:\WINDOWS\System32\CTXFIRES.DLL
- ==================== Alternate Data Streams (filtrowane) =========
- (Załączenie wejścia w fixlist spowoduje usunięcie strumienia ADS.)
- ==================== Tryb awaryjny (filtrowane) ===================
- (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Wartość "AlternateShell" zostanie przywrócona.)
- HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
- HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
- ==================== Powiązania plików (filtrowane) ===============
- (Załączenie wejścia w fixlist spowoduje usunięcie obiektu z rejestru lub przywrócenie jego domyślnej postaci.)
- ==================== Internet Explorer - Witryny zaufane i z ograniczeniami ===============
- (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru.)
- ==================== Hosts - zawartość: ===============================
- (Użycie dyrektywy Hosts: w fixlist spowoduje reset pliku Hosts.)
- 2017-03-18 23:03 - 2018-08-15 21:30 - 000000027 _____ C:\WINDOWS\system32\Drivers\etc\hosts
- 127.0.0.1 localhost
- ==================== Inne obszary ============================
- (Obecnie brak automatycznej naprawy dla tej sekcji.)
- HKU\S-1-5-21-460559988-2109249328-488648659-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Baal\Desktop\Bez tytułu.png
- DNS Servers: 8.8.8.8 - 8.8.4.4
- HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
- HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: )
- Zapora systemu Windows [funkcja wyłączona]
- ==================== MSCONFIG/TASK MANAGER - Wyłączone elementy ==
- HKLM\...\StartupApproved\StartupFolder: => "GammaTray.exe.lnk"
- HKLM\...\StartupApproved\Run: => "SecurityHealth"
- HKLM\...\StartupApproved\Run: => "iTunesHelper"
- HKU\S-1-5-21-460559988-2109249328-488648659-1001\...\StartupApproved\Run: => "OneDrive"
- HKU\S-1-5-21-460559988-2109249328-488648659-1001\...\StartupApproved\Run: => "safe_urls768"
- HKU\S-1-5-21-460559988-2109249328-488648659-1001\...\StartupApproved\Run: => "FACEIT"
- HKU\S-1-5-21-460559988-2109249328-488648659-1001\...\StartupApproved\Run: => "CCleaner Monitoring"
- HKU\S-1-5-21-460559988-2109249328-488648659-1001\...\StartupApproved\Run: => "Spotify"
- HKU\S-1-5-21-460559988-2109249328-488648659-1001\...\StartupApproved\Run: => "Spotify Web Helper"
- HKU\S-1-5-21-460559988-2109249328-488648659-1001\...\StartupApproved\Run: => "Discord"
- ==================== Reguły Zapory systemu Windows (filtrowane) ===============
- (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.)
- FirewallRules: [UDP Query User{B1C1EB4A-CA1A-4E2D-B735-B67127C62991}C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe] => (Block) C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe
- FirewallRules: [TCP Query User{78ABBC58-646D-4D35-8A4F-8854DBB19D85}C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe] => (Block) C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe
- FirewallRules: [UDP Query User{C758D963-ABAD-42FD-834B-77B882635F6C}C:\program files (x86)\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe] => (Block) C:\program files (x86)\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe
- FirewallRules: [TCP Query User{E9268A54-2452-4932-909E-29D346EF4FBC}C:\program files (x86)\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe] => (Block) C:\program files (x86)\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe
- FirewallRules: [{D8ECB826-3456-4DA0-BB81-5585127B6ACF}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Sonic & All-Stars Racing Transformed\Launcher.exe
- FirewallRules: [{0B546D20-22B3-49FA-989F-ADC1C689DED5}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Sonic & All-Stars Racing Transformed\Launcher.exe
- FirewallRules: [{FF7BF8B9-C8A1-461B-BEE8-C63E0807AD62}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Sonic & All-Stars Racing Transformed\ASN_App_PcDx9_Final.exe
- FirewallRules: [{CD093EA9-B9ED-4244-81C9-82272DD27AF2}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Sonic & All-Stars Racing Transformed\ASN_App_PcDx9_Final.exe
- FirewallRules: [UDP Query User{5C37C4D2-2599-4D41-9026-AC28958258A9}C:\program files (x86)\steam\steamapps\common\pubg\tslgame\binaries\win64\tslgame.exe] => (Block) C:\program files (x86)\steam\steamapps\common\pubg\tslgame\binaries\win64\tslgame.exe
- FirewallRules: [TCP Query User{EE19EE2D-D575-4D8F-921C-0989755DD990}C:\program files (x86)\steam\steamapps\common\pubg\tslgame\binaries\win64\tslgame.exe] => (Block) C:\program files (x86)\steam\steamapps\common\pubg\tslgame\binaries\win64\tslgame.exe
- FirewallRules: [{A24DFC61-A4D8-447B-BE23-FB9A6EA480BD}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\PUBG\TslGame\Binaries\Win64\TslGame_BE.exe
- FirewallRules: [{FFCF6F2E-FE88-4AD3-9777-7490EAAE7909}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\PUBG\TslGame\Binaries\Win64\TslGame_BE.exe
- FirewallRules: [UDP Query User{DA743A67-3932-42AF-B8E1-D311E0358B3F}C:\program files (x86)\steam\steamapps\common\redout demo\redout\binaries\win64\redout-win64-shipping.exe] => (Block) C:\program files (x86)\steam\steamapps\common\redout demo\redout\binaries\win64\redout-win64-shipping.exe
- FirewallRules: [TCP Query User{6BE0A0FF-4E1A-4CD0-934C-43E9A41E6576}C:\program files (x86)\steam\steamapps\common\redout demo\redout\binaries\win64\redout-win64-shipping.exe] => (Block) C:\program files (x86)\steam\steamapps\common\redout demo\redout\binaries\win64\redout-win64-shipping.exe
- FirewallRules: [UDP Query User{60963799-D814-41D6-B137-9D24DB56BA44}C:\program files\faceit\faceit.exe] => (Block) C:\program files\faceit\faceit.exe
- FirewallRules: [TCP Query User{BD915AE5-4D8A-41E7-B016-56BB4F7D4021}C:\program files\faceit\faceit.exe] => (Block) C:\program files\faceit\faceit.exe
- FirewallRules: [UDP Query User{A12A261A-2E94-45FF-A518-4DE76EB0767D}G:\program files (x86)\diablo iii\x64\diablo iii64.exe] => (Block) G:\program files (x86)\diablo iii\x64\diablo iii64.exe
- FirewallRules: [TCP Query User{319E83B5-90BC-41B6-ADB3-A54B9C903F8D}G:\program files (x86)\diablo iii\x64\diablo iii64.exe] => (Block) G:\program files (x86)\diablo iii\x64\diablo iii64.exe
- FirewallRules: [UDP Query User{15EBFFE0-237C-409C-B9F1-5CE48F1F744E}C:\program files (x86)\steam\steamapps\common\h1z1\h1z1.exe] => (Block) C:\program files (x86)\steam\steamapps\common\h1z1\h1z1.exe
- FirewallRules: [TCP Query User{AD8D98A6-C70D-4DA4-9BEB-BF6CDB0C93D6}C:\program files (x86)\steam\steamapps\common\h1z1\h1z1.exe] => (Block) C:\program files (x86)\steam\steamapps\common\h1z1\h1z1.exe
- FirewallRules: [{209FEFD0-9DC5-4D0D-B247-1014AA05F215}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\H1Z1\LaunchPad.exe
- FirewallRules: [{3DC1DC8C-2F25-43FE-8239-F5922A6FF80F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\H1Z1\LaunchPad.exe
- FirewallRules: [{A479B542-61D6-4441-85FE-130EEEC94D4B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Tales from Candlekeep\TalesCandlekeep.exe
- FirewallRules: [{6BAEE622-32E3-4D68-AE3F-7461BD06B29F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Tales from Candlekeep\TalesCandlekeep.exe
- FirewallRules: [{E8851F77-F993-4B3F-87BD-F2304929C6CD}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe
- FirewallRules: [{D4740941-7DA9-469F-B1BD-F2310979BF58}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe
- FirewallRules: [{9095D5A2-7CBA-4181-B61F-09E2890BC4B1}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\outlook.exe
- FirewallRules: [{42A85FCB-04D6-42F5-B353-5ED06EF4506E}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe
- FirewallRules: [{DEBA9183-74F9-4AF7-83A8-7ACF99C317D7}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe
- FirewallRules: [{DBB655CC-C7F2-4076-BC07-FEB8D9D72A2D}] => (Allow) C:\Program Files\AVAST Software\SZBrowser\4.58.2552.909_0\SZBrowser.exe
- FirewallRules: [{0DC1C549-0338-460F-9569-BC0D14354D51}] => (Allow) F:\Program Files\iTunes\iTunes.exe
- FirewallRules: [{8CFB862D-F5AB-436B-B2D4-B4BB6ADE086A}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
- FirewallRules: [{7987B459-68AB-463C-A8F0-0CE2504F2209}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
- FirewallRules: [{2816D39B-E089-40AC-B76A-5E40F656F149}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
- FirewallRules: [{20CB3432-8512-4312-A920-32D7B1F8C216}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
- FirewallRules: [UDP Query User{AF69E4B7-FB54-4A74-8BFF-2DAE43BA4B66}C:\program files (x86)\microsoft visual studio\2017\community\common7\ide\devenv.exe] => (Block) C:\program files (x86)\microsoft visual studio\2017\community\common7\ide\devenv.exe
- FirewallRules: [TCP Query User{631FD809-2B41-4D95-B4C2-9B6684BAC26B}C:\program files (x86)\microsoft visual studio\2017\community\common7\ide\devenv.exe] => (Block) C:\program files (x86)\microsoft visual studio\2017\community\common7\ide\devenv.exe
- FirewallRules: [UDP Query User{18E25B2A-7026-472E-83EF-831743AE2CCC}C:\program files\unity\monodevelop\bin\monodevelop.exe] => (Block) C:\program files\unity\monodevelop\bin\monodevelop.exe
- FirewallRules: [TCP Query User{184CAD00-04C0-4B20-A4B8-2E52F9D684A1}C:\program files\unity\monodevelop\bin\monodevelop.exe] => (Block) C:\program files\unity\monodevelop\bin\monodevelop.exe
- FirewallRules: [UDP Query User{1C325CCB-464A-4D4A-84CB-1DCBC98765DA}C:\program files\unity\editor\unity.exe] => (Block) C:\program files\unity\editor\unity.exe
- FirewallRules: [TCP Query User{F6CF1ABD-7083-4869-82A5-6E9E8931A9AE}C:\program files\unity\editor\unity.exe] => (Block) C:\program files\unity\editor\unity.exe
- FirewallRules: [{BACF4CB6-2063-4850-91FA-1C11FBFF02FB}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe
- FirewallRules: [{DA2CD823-5ADA-44CA-B75E-AB5F77E744AE}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe
- FirewallRules: [{E08522A4-BFC6-48D9-B001-A2B0D575CE23}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
- FirewallRules: [{2D422145-3F83-4535-8DE5-5F0CB5762591}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
- FirewallRules: [{8193CF26-4E12-410F-9E4F-249ECF1A09AF}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
- FirewallRules: [{8D3C90FC-1AAC-4E3B-86CF-C08B3963BD71}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
- FirewallRules: [TCP Query User{9202A811-4C80-4745-ADCD-C9E55B5D5551}C:\users\baal\appdata\roaming\spotify\spotify.exe] => (Block) C:\users\baal\appdata\roaming\spotify\spotify.exe
- FirewallRules: [UDP Query User{C4F712A2-B806-4038-98A3-18CE9D8F11EA}C:\users\baal\appdata\roaming\spotify\spotify.exe] => (Block) C:\users\baal\appdata\roaming\spotify\spotify.exe
- FirewallRules: [TCP Query User{2CE4A745-75BB-46C4-9EBA-F0282AB3536B}C:\program files\epic games\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe] => (Block) C:\program files\epic games\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe
- FirewallRules: [UDP Query User{0E2962F8-56A0-44BA-BA64-28075E956CEB}C:\program files\epic games\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe] => (Block) C:\program files\epic games\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe
- FirewallRules: [{97A625DE-D75E-4C74-A23D-02E08F70ED29}] => (Allow) F:\SteamLibrary\steamapps\common\PUBG\TslGame\Binaries\Win64\TslGame_BE.exe
- FirewallRules: [{42E43340-BAC4-4F3A-9654-D24BE466CD4D}] => (Allow) F:\SteamLibrary\steamapps\common\PUBG\TslGame\Binaries\Win64\TslGame_BE.exe
- FirewallRules: [{365BB9DC-30C1-441D-98C7-BC352A466FBA}] => (Allow) C:\Program Files\AVAST Software\SZBrowser\4.58.2552.909_1\SZBrowser.exe
- FirewallRules: [TCP Query User{5242379E-8780-41E5-9C37-797199028BAC}C:\program files\epic games\unrealtournament\engine\binaries\win64\ue4-win64-shipping.exe] => (Block) C:\program files\epic games\unrealtournament\engine\binaries\win64\ue4-win64-shipping.exe
- FirewallRules: [UDP Query User{6F627B78-9F0F-4195-8FA7-FE7737E8077D}C:\program files\epic games\unrealtournament\engine\binaries\win64\ue4-win64-shipping.exe] => (Block) C:\program files\epic games\unrealtournament\engine\binaries\win64\ue4-win64-shipping.exe
- FirewallRules: [TCP Query User{2B3E95A6-4258-4AF8-9741-5202ABFE8EDB}C:\program files (x86)\steam\steamapps\common\warhammer 40,000 - eternal crusade\eternalcrusade\binaries\win64\eternalcrusadeclient.exe] => (Block) C:\program files (x86)\steam\steamapps\common\warhammer 40,000 - eternal crusade\eternalcrusade\binaries\win64\eternalcrusadeclient.exe
- FirewallRules: [UDP Query User{0D21C995-E506-4194-B721-32EE5866A44D}C:\program files (x86)\steam\steamapps\common\warhammer 40,000 - eternal crusade\eternalcrusade\binaries\win64\eternalcrusadeclient.exe] => (Block) C:\program files (x86)\steam\steamapps\common\warhammer 40,000 - eternal crusade\eternalcrusade\binaries\win64\eternalcrusadeclient.exe
- FirewallRules: [{DA78EBE3-9CAE-4052-8556-FB79A75CF0DE}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\games\Tom Clancy's Rainbow Six Siege\RainbowSix_BE.exe
- FirewallRules: [{9226FF9B-53E9-4302-8342-230ADBCA4D84}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\games\Tom Clancy's Rainbow Six Siege\RainbowSix_BE.exe
- FirewallRules: [{9B78D5BB-9795-4217-8334-E529AF4FBAEE}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\games\Tom Clancy's Rainbow Six Siege\RainbowSix.exe
- FirewallRules: [{FCEA2EB3-CA47-40E6-BB46-CA9B2FFB7C67}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\games\Tom Clancy's Rainbow Six Siege\RainbowSix.exe
- FirewallRules: [{90DE9F3C-29F7-4DEF-9263-0D48EB06F555}] => (Allow) C:\Program Files\Opera\53.0.2907.68\opera.exe
- FirewallRules: [{E8D1088D-A84D-4B92-B712-9B5FF736D3B4}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
- FirewallRules: [{50C45339-BF62-46B2-840E-759A20B369FF}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
- FirewallRules: [{1B64269D-B783-48E3-94DA-1BE8B632EEDC}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
- FirewallRules: [{64CBE891-AF9E-46B0-BFC8-6E327858CA9B}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
- FirewallRules: [{C3BF78FA-109F-4A49-B263-7A79D42D4F56}] => (Allow) C:\Program Files\Opera\53.0.2907.99\opera.exe
- FirewallRules: [{7E188170-F11C-4493-8670-9210D2ADECEA}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Tom Clancy's Rainbow Six Siege\RainbowSix.exe
- FirewallRules: [{C5395AEB-49D1-4DD2-9A74-94429FAE8923}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Tom Clancy's Rainbow Six Siege\RainbowSix.exe
- FirewallRules: [{D088E520-683B-4999-9163-A3BAD2105E55}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Tom Clancy's Rainbow Six Siege\RainbowSix_BE.exe
- FirewallRules: [{27E388E7-80E3-4162-90EE-A61E940876F9}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Tom Clancy's Rainbow Six Siege\RainbowSix_BE.exe
- FirewallRules: [{55CEDA2D-903D-4E16-9A15-ADCB669B66D1}] => (Allow) LPort=1688
- FirewallRules: [{FCE286F0-2334-4058-8899-5B0568F18DBF}] => (Allow) C:\Program Files\HP\HP Deskjet 3520 series\Bin\DeviceSetup.exe
- FirewallRules: [{954170F4-5558-47AA-90A3-298B697E0016}] => (Allow) C:\Program Files\HP\HP Deskjet 3520 series\Bin\HPNetworkCommunicator.exe
- FirewallRules: [{42C3CAF5-C745-4E6A-8078-8467CFD40CB4}] => (Allow) C:\Program Files\HP\HP Deskjet 3520 series\Bin\HPNetworkCommunicatorCom.exe
- FirewallRules: [{C15F6CA8-CBF9-454B-AA5C-C2E7DEE7241B}] => (Allow) C:\Program Files (x86)\Winamp\winamp.exe
- FirewallRules: [{995BF757-A09C-4659-ABBC-95AE7347CB1B}] => (Allow) C:\Program Files (x86)\Winamp\winamp.exe
- FirewallRules: [TCP Query User{25B6889A-D792-40D6-B7F2-E6FF55181CB0}T:\world of warcraft\utils\wowvoiceproxy.exe] => (Block) T:\world of warcraft\utils\wowvoiceproxy.exe
- FirewallRules: [UDP Query User{3C962C85-6BB9-491C-811B-5657324C9086}T:\world of warcraft\utils\wowvoiceproxy.exe] => (Block) T:\world of warcraft\utils\wowvoiceproxy.exe
- FirewallRules: [{28D90892-F0E6-4BE6-98D5-74379CE8FACB}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe
- FirewallRules: [{B1296D43-4A73-4FAC-BB98-D9EB0BB8590F}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe
- FirewallRules: [{4E2EAC87-E8D6-44D9-9461-CD92AC6F3330}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
- ==================== Punkty Przywracania systemu =========================
- ==================== Wadliwe urządzenia w Menedżerze urządzeń =============
- ==================== Błędy w Dzienniku zdarzeń: =========================
- Dziennik Aplikacja:
- ==================
- Error: (10/22/2018 02:02:09 AM) (Source: Software Protection Platform Service) (EventID: 16385) (User: )
- Description: Nie można zaplanować restartu usługi ochrony oprogramowania o 2018-11-17T11:59:09Z. Kod błędu: 0x80070002.
- Error: (10/22/2018 02:01:39 AM) (Source: Software Protection Platform Service) (EventID: 16385) (User: )
- Description: Nie można zaplanować restartu usługi ochrony oprogramowania o 2018-11-17T11:59:39Z. Kod błędu: 0x80070002.
- Error: (10/22/2018 02:01:09 AM) (Source: Software Protection Platform Service) (EventID: 16385) (User: )
- Description: Nie można zaplanować restartu usługi ochrony oprogramowania o 2018-11-17T11:59:09Z. Kod błędu: 0x80070002.
- Error: (10/22/2018 02:00:39 AM) (Source: Software Protection Platform Service) (EventID: 16385) (User: )
- Description: Nie można zaplanować restartu usługi ochrony oprogramowania o 2018-11-17T11:59:39Z. Kod błędu: 0x80070002.
- Error: (10/22/2018 02:00:09 AM) (Source: Software Protection Platform Service) (EventID: 16385) (User: )
- Description: Nie można zaplanować restartu usługi ochrony oprogramowania o 2018-11-17T11:59:09Z. Kod błędu: 0x80070002.
- Error: (10/22/2018 01:59:39 AM) (Source: Software Protection Platform Service) (EventID: 16385) (User: )
- Description: Nie można zaplanować restartu usługi ochrony oprogramowania o 2018-11-17T11:59:39Z. Kod błędu: 0x80070002.
- Error: (10/22/2018 01:59:09 AM) (Source: Software Protection Platform Service) (EventID: 16385) (User: )
- Description: Nie można zaplanować restartu usługi ochrony oprogramowania o 2018-11-17T11:59:09Z. Kod błędu: 0x80070002.
- Error: (10/22/2018 01:55:09 AM) (Source: Software Protection Platform Service) (EventID: 16385) (User: )
- Description: Nie można zaplanować restartu usługi ochrony oprogramowania o 2018-11-17T11:59:09Z. Kod błędu: 0x80070002.
- Dziennik System:
- =============
- Error: (10/22/2018 01:57:46 AM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-O2K1B2H)
- Description: Zgodnie z ustawieniami uprawnienia właściwe dla aplikacji nie jest udzielane uprawnienie Lokalny Aktywacja do aplikacji serwera COM z identyfikatorem klasy CLSID
- {D63B10C5-BB46-4990-A94F-E40B9D520160}
- i identyfikatorem aplikacji APPID
- {9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
- użytkownikowi DESKTOP-O2K1B2H\Baal o identyfikatorze zabezpieczeń SID (S-1-5-21-460559988-2109249328-488648659-1001) z adresu LocalHost (użycie LRPC) działającemu w kontenerze aplikacji o identyfikatorze SID Niedostępny (Niedostępny). To uprawnienie zabezpieczeń można modyfikować przy użyciu narzędzia administracyjnego Usługi składowe.
- Error: (10/22/2018 01:57:08 AM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-O2K1B2H)
- Description: Zgodnie z ustawieniami uprawnienia właściwe dla aplikacji nie jest udzielane uprawnienie Lokalny Aktywacja do aplikacji serwera COM z identyfikatorem klasy CLSID
- {D63B10C5-BB46-4990-A94F-E40B9D520160}
- i identyfikatorem aplikacji APPID
- {9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
- użytkownikowi DESKTOP-O2K1B2H\Baal o identyfikatorze zabezpieczeń SID (S-1-5-21-460559988-2109249328-488648659-1001) z adresu LocalHost (użycie LRPC) działającemu w kontenerze aplikacji o identyfikatorze SID Niedostępny (Niedostępny). To uprawnienie zabezpieczeń można modyfikować przy użyciu narzędzia administracyjnego Usługi składowe.
- Error: (10/22/2018 01:56:51 AM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-O2K1B2H)
- Description: Zgodnie z ustawieniami uprawnienia właściwe dla aplikacji nie jest udzielane uprawnienie Lokalny Aktywacja do aplikacji serwera COM z identyfikatorem klasy CLSID
- {D63B10C5-BB46-4990-A94F-E40B9D520160}
- i identyfikatorem aplikacji APPID
- {9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
- użytkownikowi DESKTOP-O2K1B2H\Baal o identyfikatorze zabezpieczeń SID (S-1-5-21-460559988-2109249328-488648659-1001) z adresu LocalHost (użycie LRPC) działającemu w kontenerze aplikacji o identyfikatorze SID Niedostępny (Niedostępny). To uprawnienie zabezpieczeń można modyfikować przy użyciu narzędzia administracyjnego Usługi składowe.
- Error: (10/22/2018 01:56:28 AM) (Source: DCOM) (EventID: 10016) (User: ZARZĄDZANIE NT)
- Description: Zgodnie z ustawieniami uprawnienia właściwe dla aplikacji nie jest udzielane uprawnienie Lokalny Aktywacja do aplikacji serwera COM z identyfikatorem klasy CLSID
- {6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
- i identyfikatorem aplikacji APPID
- {4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
- użytkownikowi ZARZĄDZANIE NT\USŁUGA LOKALNA o identyfikatorze zabezpieczeń SID (S-1-5-19) z adresu LocalHost (użycie LRPC) działającemu w kontenerze aplikacji o identyfikatorze SID Niedostępny (Niedostępny). To uprawnienie zabezpieczeń można modyfikować przy użyciu narzędzia administracyjnego Usługi składowe.
- Error: (10/22/2018 01:56:28 AM) (Source: DCOM) (EventID: 10016) (User: ZARZĄDZANIE NT)
- Description: Zgodnie z ustawieniami uprawnienia właściwe dla aplikacji nie jest udzielane uprawnienie Lokalny Aktywacja do aplikacji serwera COM z identyfikatorem klasy CLSID
- {6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
- i identyfikatorem aplikacji APPID
- {4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
- użytkownikowi ZARZĄDZANIE NT\USŁUGA LOKALNA o identyfikatorze zabezpieczeń SID (S-1-5-19) z adresu LocalHost (użycie LRPC) działającemu w kontenerze aplikacji o identyfikatorze SID Niedostępny (Niedostępny). To uprawnienie zabezpieczeń można modyfikować przy użyciu narzędzia administracyjnego Usługi składowe.
- Error: (10/22/2018 01:56:28 AM) (Source: DCOM) (EventID: 10016) (User: ZARZĄDZANIE NT)
- Description: Zgodnie z ustawieniami uprawnienia właściwe dla aplikacji nie jest udzielane uprawnienie Lokalny Aktywacja do aplikacji serwera COM z identyfikatorem klasy CLSID
- {6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
- i identyfikatorem aplikacji APPID
- {4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
- użytkownikowi ZARZĄDZANIE NT\USŁUGA LOKALNA o identyfikatorze zabezpieczeń SID (S-1-5-19) z adresu LocalHost (użycie LRPC) działającemu w kontenerze aplikacji o identyfikatorze SID Niedostępny (Niedostępny). To uprawnienie zabezpieczeń można modyfikować przy użyciu narzędzia administracyjnego Usługi składowe.
- Error: (10/22/2018 01:56:28 AM) (Source: DCOM) (EventID: 10016) (User: ZARZĄDZANIE NT)
- Description: Zgodnie z ustawieniami uprawnienia właściwe dla aplikacji nie jest udzielane uprawnienie Lokalny Aktywacja do aplikacji serwera COM z identyfikatorem klasy CLSID
- {6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
- i identyfikatorem aplikacji APPID
- {4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
- użytkownikowi ZARZĄDZANIE NT\USŁUGA LOKALNA o identyfikatorze zabezpieczeń SID (S-1-5-19) z adresu LocalHost (użycie LRPC) działającemu w kontenerze aplikacji o identyfikatorze SID Niedostępny (Niedostępny). To uprawnienie zabezpieczeń można modyfikować przy użyciu narzędzia administracyjnego Usługi składowe.
- Error: (10/22/2018 01:55:33 AM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-O2K1B2H)
- Description: Serwer {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5} nie zarejestrował się w modelu DCOM w wymaganym czasie.
- Windows Defender:
- ===================================
- Date: 2018-02-15 20:35:18.368
- Description:
- Produkt Program antywirusowy Windows Defender wykrył złośliwe oprogramowanie lub inne potencjalnie niechciane oprogramowanie.
- Aby uzyskać więcej informacji, zobacz:
- https://go.microsoft.com/fwlink/?linkid=37020&name=HackTool:Win32/AutoKMS&threatid=2147685180&enterprise=0
- Nazwa: HackTool:Win32/AutoKMS
- Identyfikator: 2147685180
- Ważność: Średni
- Kategoria: Narzędzie
- Ścieżka: file:_C:\Users\Baal\Documents\Nowy folder\Microsoft Office 2016 Professional Plus RTM (x86-x64) English DVD [elladajarek]\KMSAuto Net 2015 v1.4.0 Portable\KMSAuto Net.exe;file:_C:\Users\Baal\Documents\Nowy folder\Microsoft Office 2016 Professional Plus RTM (x86-x64) English DVD [elladajarek]\KMSAuto Net 2015 v1.4.0 Portable\Nowy folder\KMSAuto Net 2016 1.4.9 Portable + 1.5.1\KMSAuto Net 1.5.1.exe;file:_C:\Users\Baal\Documents\Nowy folder\Microsoft Office 2016 Professional Plus RTM (x86-x64) English DVD [elladajarek]\KMSAuto Net 2015 v1.4.0 Portable\Nowy folder\KMSAuto Net 2016 1.4.9 Portable + 1.5.1\KMSAuto Net.exe;file:_C:\Windows\AutoKMS\AutoKMS.exe;file:_C:\WINDOWS\System32\Tasks\AutoKMS;file:_C:\Windows\Temp\SppExtComObjHook.dll;process:_pid:11444,ProcessStart:131631963024070303;process:_pid:1700,ProcessStart:131631887274564382;regkey:_HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{EE4EFEC1-1528-4552-85AC-4B461D45D512};regkey:_HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion
- Pochodzenie wykrycia: Komputer lokalny
- Typ wykrycia: Konkretne
- Źródło wykrycia: Ochrona w czasie rzeczywistym
- Użytkownik: ZARZĄDZANIE NT\SYSTEM
- Nazwa procesu: C:\Users\Baal\AppData\Local\Temp\Rar$EXa0.604\Autoruns.exe
- Wersja podpisu: AV: 1.261.1230.0, AS: 1.261.1230.0, NIS: 118.2.0.0
- Wersja aparatu: AM: 1.1.14500.5, NIS: 2.1.14202.0
- Date: 2018-02-15 20:26:02.057
- Description:
- Produkt Program antywirusowy Windows Defender wykrył złośliwe oprogramowanie lub inne potencjalnie niechciane oprogramowanie.
- Aby uzyskać więcej informacji, zobacz:
- https://go.microsoft.com/fwlink/?linkid=37020&name=HackTool:Win32/AutoKMS&threatid=2147685180&enterprise=0
- Nazwa: HackTool:Win32/AutoKMS
- Identyfikator: 2147685180
- Ważność: Średni
- Kategoria: Narzędzie
- Ścieżka: file:_C:\Users\Baal\Documents\Nowy folder\Microsoft Office 2016 Professional Plus RTM (x86-x64) English DVD [elladajarek]\KMSAuto Net 2015 v1.4.0 Portable\KMSAuto Net.exe;file:_C:\Users\Baal\Documents\Nowy folder\Microsoft Office 2016 Professional Plus RTM (x86-x64) English DVD [elladajarek]\KMSAuto Net 2015 v1.4.0 Portable\Nowy folder\KMSAuto Net 2016 1.4.9 Portable + 1.5.1\KMSAuto Net 1.5.1.exe;file:_C:\Users\Baal\Documents\Nowy folder\Microsoft Office 2016 Professional Plus RTM (x86-x64) English DVD [elladajarek]\KMSAuto Net 2015 v1.4.0 Portable\Nowy folder\KMSAuto Net 2016 1.4.9 Portable + 1.5.1\KMSAuto Net.exe;file:_C:\Windows\AutoKMS\AutoKMS.exe;file:_C:\WINDOWS\System32\Tasks\AutoKMS;file:_C:\Windows\Temp\SppExtComObjHook.dll;process:_pid:11444,ProcessStart:131631963024070303;process:_pid:1700,ProcessStart:131631887274564382;regkey:_HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{EE4EFEC1-1528-4552-85AC-4B461D45D512};regkey:_HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion
- Pochodzenie wykrycia: Komputer lokalny
- Typ wykrycia: Konkretne
- Źródło wykrycia: Ochrona w czasie rzeczywistym
- Użytkownik: ZARZĄDZANIE NT\SYSTEM
- Nazwa procesu: C:\Windows\AutoKMS\AutoKMS.exe
- Wersja podpisu: AV: 1.261.1230.0, AS: 1.261.1230.0, NIS: 118.2.0.0
- Wersja aparatu: AM: 1.1.14500.5, NIS: 2.1.14202.0
- Date: 2018-02-15 20:25:29.587
- Description:
- Produkt Program antywirusowy Windows Defender wykrył złośliwe oprogramowanie lub inne potencjalnie niechciane oprogramowanie.
- Aby uzyskać więcej informacji, zobacz:
- https://go.microsoft.com/fwlink/?linkid=37020&name=HackTool:Win32/AutoKMS&threatid=2147685180&enterprise=0
- Nazwa: HackTool:Win32/AutoKMS
- Identyfikator: 2147685180
- Ważność: Średni
- Kategoria: Narzędzie
- Ścieżka: file:_C:\Users\Baal\Documents\Nowy folder\Microsoft Office 2016 Professional Plus RTM (x86-x64) English DVD [elladajarek]\KMSAuto Net 2015 v1.4.0 Portable\KMSAuto Net.exe;file:_C:\Users\Baal\Documents\Nowy folder\Microsoft Office 2016 Professional Plus RTM (x86-x64) English DVD [elladajarek]\KMSAuto Net 2015 v1.4.0 Portable\Nowy folder\KMSAuto Net 2016 1.4.9 Portable + 1.5.1\KMSAuto Net 1.5.1.exe;file:_C:\Users\Baal\Documents\Nowy folder\Microsoft Office 2016 Professional Plus RTM (x86-x64) English DVD [elladajarek]\KMSAuto Net 2015 v1.4.0 Portable\Nowy folder\KMSAuto Net 2016 1.4.9 Portable + 1.5.1\KMSAuto Net.exe;file:_C:\Windows\AutoKMS\AutoKMS.exe;file:_C:\WINDOWS\System32\Tasks\AutoKMS;file:_C:\Windows\Temp\SppExtComObjHook.dll;process:_pid:11444,ProcessStart:131631963024070303;process:_pid:1700,ProcessStart:131631887274564382;regkey:_HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{EE4EFEC1-1528-4552-85AC-4B461D45D512};regkey:_HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion
- Pochodzenie wykrycia: Komputer lokalny
- Typ wykrycia: Konkretne
- Źródło wykrycia: Ochrona w czasie rzeczywistym
- Użytkownik: ZARZĄDZANIE NT\SYSTEM
- Nazwa procesu: C:\Windows\AutoKMS\AutoKMS.exe
- Wersja podpisu: AV: 1.261.1230.0, AS: 1.261.1230.0, NIS: 118.2.0.0
- Wersja aparatu: AM: 1.1.14500.5, NIS: 2.1.14202.0
- Date: 2018-02-15 20:25:28.311
- Description:
- Produkt Program antywirusowy Windows Defender wykrył złośliwe oprogramowanie lub inne potencjalnie niechciane oprogramowanie.
- Aby uzyskać więcej informacji, zobacz:
- https://go.microsoft.com/fwlink/?linkid=37020&name=HackTool:Win32/AutoKMS&threatid=2147685180&enterprise=0
- Nazwa: HackTool:Win32/AutoKMS
- Identyfikator: 2147685180
- Ważność: Średni
- Kategoria: Narzędzie
- Ścieżka: file:_C:\Users\Baal\Documents\Nowy folder\Microsoft Office 2016 Professional Plus RTM (x86-x64) English DVD [elladajarek]\KMSAuto Net 2015 v1.4.0 Portable\KMSAuto Net.exe;file:_C:\Users\Baal\Documents\Nowy folder\Microsoft Office 2016 Professional Plus RTM (x86-x64) English DVD [elladajarek]\KMSAuto Net 2015 v1.4.0 Portable\Nowy folder\KMSAuto Net 2016 1.4.9 Portable + 1.5.1\KMSAuto Net 1.5.1.exe;file:_C:\Users\Baal\Documents\Nowy folder\Microsoft Office 2016 Professional Plus RTM (x86-x64) English DVD [elladajarek]\KMSAuto Net 2015 v1.4.0 Portable\Nowy folder\KMSAuto Net 2016 1.4.9 Portable + 1.5.1\KMSAuto Net.exe;file:_C:\Windows\AutoKMS\AutoKMS.exe;file:_C:\WINDOWS\System32\Tasks\AutoKMS;file:_C:\Windows\Temp\SppExtComObjHook.dll;process:_pid:1700,ProcessStart:131631887274564382;regkey:_HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{EE4EFEC1-1528-4552-85AC-4B461D45D512};regkey:_HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\AutoKMS;taskscheduler:_C:\
- Pochodzenie wykrycia: Komputer lokalny
- Typ wykrycia: Konkretne
- Źródło wykrycia: Ochrona w czasie rzeczywistym
- Użytkownik: ZARZĄDZANIE NT\SYSTEM
- Nazwa procesu: C:\Windows\System32\SppExtComObj.Exe
- Wersja podpisu: AV: 1.261.1230.0, AS: 1.261.1230.0, NIS: 118.2.0.0
- Wersja aparatu: AM: 1.1.14500.5, NIS: 2.1.14202.0
- Date: 2018-02-15 20:25:27.684
- Description:
- Produkt Program antywirusowy Windows Defender wykrył złośliwe oprogramowanie lub inne potencjalnie niechciane oprogramowanie.
- Aby uzyskać więcej informacji, zobacz:
- https://go.microsoft.com/fwlink/?linkid=37020&name=HackTool:Win32/AutoKMS&threatid=2147685180&enterprise=0
- Nazwa: HackTool:Win32/AutoKMS
- Identyfikator: 2147685180
- Ważność: Średni
- Kategoria: Narzędzie
- Ścieżka: file:_C:\Users\Baal\Documents\Nowy folder\Microsoft Office 2016 Professional Plus RTM (x86-x64) English DVD [elladajarek]\KMSAuto Net 2015 v1.4.0 Portable\KMSAuto Net.exe;file:_C:\Users\Baal\Documents\Nowy folder\Microsoft Office 2016 Professional Plus RTM (x86-x64) English DVD [elladajarek]\KMSAuto Net 2015 v1.4.0 Portable\Nowy folder\KMSAuto Net 2016 1.4.9 Portable + 1.5.1\KMSAuto Net 1.5.1.exe;file:_C:\Users\Baal\Documents\Nowy folder\Microsoft Office 2016 Professional Plus RTM (x86-x64) English DVD [elladajarek]\KMSAuto Net 2015 v1.4.0 Portable\Nowy folder\KMSAuto Net 2016 1.4.9 Portable + 1.5.1\KMSAuto Net.exe;file:_C:\Windows\AutoKMS\AutoKMS.exe;file:_C:\WINDOWS\System32\Tasks\AutoKMS;file:_C:\Windows\Temp\SppExtComObjHook.dll;process:_pid:1700,ProcessStart:131631887274564382;regkey:_HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{EE4EFEC1-1528-4552-85AC-4B461D45D512};regkey:_HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\AutoKMS;taskscheduler:_C:\
- Pochodzenie wykrycia: Komputer lokalny
- Typ wykrycia: Konkretne
- Źródło wykrycia: Ochrona w czasie rzeczywistym
- Użytkownik: ZARZĄDZANIE NT\SYSTEM
- Nazwa procesu: C:\Windows\System32\svchost.exe
- Wersja podpisu: AV: 1.261.1230.0, AS: 1.261.1230.0, NIS: 118.2.0.0
- Wersja aparatu: AM: 1.1.14500.5, NIS: 2.1.14202.0
- CodeIntegrity:
- ===================================
- Date: 2018-10-22 02:00:26.545
- Description:
- Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume2\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements.
- Date: 2018-10-22 02:00:26.543
- Description:
- Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume2\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements.
- Date: 2018-10-22 01:57:44.543
- Description:
- Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume2\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements.
- Date: 2018-10-22 01:57:44.541
- Description:
- Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume2\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements.
- Date: 2018-10-22 01:56:29.081
- Description:
- Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume2\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements.
- Date: 2018-10-22 01:56:29.065
- Description:
- Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume2\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements.
- Date: 2018-10-22 01:40:47.155
- Description:
- Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume2\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements.
- Date: 2018-10-22 01:40:47.153
- Description:
- Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume2\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements.
- ==================== Statystyki pamięci ===========================
- Procesor: Intel(R) Core(TM) i5 CPU 760 @ 2.80GHz
- Procent pamięci w użyciu: 51%
- Całkowita pamięć fizyczna: 8183.11 MB
- Dostępna pamięć fizyczna: 3982.84 MB
- Całkowita pamięć wirtualna: 15863.11 MB
- Dostępna pamięć wirtualna: 10990.35 MB
- ==================== Dyski ================================
- Drive c: () (Fixed) (Total:222.6 GB) (Free:11.42 GB) NTFS
- Drive d: (Zastrzeżone przez system) (Fixed) (Total:0.1 GB) (Free:0.07 GB) NTFS ==>[system z komponentami startowymi (pozyskano odczytując dysk)]
- Drive f: () (Fixed) (Total:97.58 GB) (Free:6.73 GB) NTFS
- Drive g: () (Fixed) (Total:498.49 GB) (Free:38.82 GB) NTFS
- Drive t: (Toshiba) (Fixed) (Total:931.51 GB) (Free:841.24 GB) NTFS
- \\?\Volume{8f721760-0000-0000-0000-100000000000}\ (Zastrzeżone przez system) (Fixed) (Total:0.49 GB) (Free:0.46 GB) NTFS
- \\?\Volume{8f721760-0000-0000-0000-00c637000000}\ () (Fixed) (Total:0.47 GB) (Free:0.08 GB) NTFS
- ==================== MBR & Tablica partycji ==================
- ========================================================
- Disk: 0 (MBR Code: Windows 7/8/10) (Size: 223.6 GB) (Disk ID: 8F721760)
- Partition 1: (Active) - (Size=500 MB) - (Type=07 NTFS)
- Partition 2: (Not Active) - (Size=222.6 GB) - (Type=07 NTFS)
- Partition 3: (Not Active) - (Size=486 MB) - (Type=27)
- ========================================================
- Disk: 1 (Size: 596.2 GB) (Disk ID: 2AAE2AAD)
- Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
- Partition 2: (Not Active) - (Size=97.6 GB) - (Type=07 NTFS)
- Partition 3: (Not Active) - (Size=498.5 GB) - (Type=07 NTFS)
- ========================================================
- Disk: 2 (MBR Code: Windows 7/8/10) (Size: 931.5 GB) (Disk ID: 1C6358B8)
- Partition 1: (Not Active) - (Size=931.5 GB) - (Type=07 NTFS)
- ==================== Koniec Addition.txt ============================
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement