ADVERTISEMENT

Addition.txt

Kaspersky free - blokuje strony internetowe HEUR: Trojan.script.Miner.gen

Proszę o to pliki.


Download file - link to post

Rezultaty skanu uzupełniającego Farbar Recovery Scan Tool (x64) Wersja: 24.12.2018
Uruchomiony przez Mariusz (26-12-2018 11:36:23)
Uruchomiony z C:\Users\Mariusz\Desktop
Windows 8.1 (Update) (X64) (2015-11-14 05:52:57)
Tryb startu: Normal
==========================================================


==================== Konta użytkowników: =============================

Administrator (S-1-5-21-2102368143-2728945569-3422748965-500 - Administrator - Disabled)
Gość (S-1-5-21-2102368143-2728945569-3422748965-501 - Limited - Enabled) = & gt; C:\Users\Gość
GUEST (S-1-5-21-2102368143-2728945569-3422748965-1008 - Limited - Enabled) = & gt; C:\Users\GUEST
HomeGroupUser$ (S-1-5-21-2102368143-2728945569-3422748965-1006 - Limited - Enabled)
Mariusz (S-1-5-21-2102368143-2728945569-3422748965-1001 - Administrator - Enabled) = & gt; C:\Users\Mariusz

==================== Centrum zabezpieczeń ========================

(Załączenie wejścia w fixlist spowoduje jego usunięcie.)

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Kaspersky Free (Disabled - Up to date) {0AB30972-4BAC-7BEE-CBCA-B8F9E68797D8}
AS: Kaspersky Free (Disabled - Up to date) {B1D2E896-6D96-7460-F17A-838B9D00DD65}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Zainstalowane programy ======================

(W fixlist dozwolone tylko załączanie programów adware z flagą " Hidden " w celu ich uwidocznienia. Programy adware powinny zostać w poprawny sposób odinstalowane.)

64 Bit HP CIO Components Installer (HKLM\...\{C788B026-20BD-4E96-B698-533F1D6C5013}) (Version: 7.2.4 - Hewlett-Packard) Hidden
ABBYY FineReader 11 Corporate Edition (HKLM-x32\...\{F11000CE-0010-0000-0000-074957833700}) (Version: 11.11.141 - ABBYY)
Adobe Acrobat Reader DC - Polish (HKLM-x32\...\{AC76BA86-7AD7-1045-7B44-AC0F074E4100}) (Version: 19.010.20064 - Adobe Systems Incorporated)
Aktualizacje NVIDIA 34.0.0.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 34.0.0.0 - NVIDIA Corporation) Hidden
Apple Application Support (64-bit) (HKLM\...\{1FA68E27-2951-42E8-9F57-1A7F6581B4FD}) (Version: 7.1 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{5FA8C4BE-8C74-4B9C-9B49-EBF759230189}) (Version: 12.1.0.25 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{19589375-5C58-4AFA-842F-8B34744CCEAD}) (Version: 2.5.0.1 - Apple Inc.)
Arcanum (HKLM-x32\...\{08E9C35A-A0AE-43FA-AEA1-E4F58A87FBD1}) (Version: 1.0.6.4 - Troika Games LLC)
Arcanum Of Steamworks and Magick Obscura (HKLM-x32\...\GOGPACKARCANUM_is1) (Version: 2.0.0.15 - GOG.com)
Arcanum PL (HKLM-x32\...\Arcanum PL) (Version: - )
Ashampoo Burning Studio 2016 v.16.0.0 (HKLM-x32\...\{91B33C97-B4A4-B41A-6B97-C62C82CEB6A9}_is1) (Version: 16.0.0 - Ashampoo GmbH & Co. KG)
Bandicam (HKLM-x32\...\Bandicam) (Version: 3.2.3.1114 - Bandisoft.com)
Bandisoft MPEG-1 Decoder (HKLM-x32\...\BandiMPEG1) (Version: - Bandisoft.com)
Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment)
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
CCleaner (HKLM\...\CCleaner) (Version: 5.51 - Piriform)
Centrum obsługi urządzeń z systemem Windows Mobile (HKLM\...\{626672CD-BFCF-49A9-AEFE-AB0FED3BFC5B}) (Version: 6.1.6965.0 - Microsoft Corporation)
Comodo Dragon (HKLM-x32\...\Comodo Dragon) (Version: 70.0.3538.110 - Comodo)
Defraggler (HKLM\...\Defraggler) (Version: 2.21 - Piriform)
Diablo II (HKLM-x32\...\Diablo II) (Version: 0.0.0.0 - Blizzard Entertainment)
Diablo III (HKLM-x32\...\Diablo III) (Version: - Blizzard Entertainment)
DisplayDriverAnalyzer (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_DisplayDriverAnalyzer) (Version: 417.01 - NVIDIA Corporation) Hidden
Divinity - Original Sin Enhanced Edition (HKLM-x32\...\1445516929_is1) (Version: 2.5.0.12 - GOG.com)
Energy Management (HKLM-x32\...\{D0956C11-0F60-43FE-99AD-524E833471BB}) (Version: 8.0.2.14 - Lenovo) Hidden
Energy Management (HKLM-x32\...\InstallShield_{D0956C11-0F60-43FE-99AD-524E833471BB}) (Version: 8.0.2.14 - Lenovo)
Fallout Tactics (HKLM-x32\...\{75ECB77B-A2FD-444B-977A-D5B7ACD80D85}) (Version: 1.27 - )
Foxit PDF Editor (HKLM-x32\...\Foxit PDF Editor) (Version: - )
GemsNet Generato (HKLM-x32\...\{F93FFAFD-79CA-43AF-B1C3-959150E6D7A7}_is1) (Version: v5.0 - GemsNet)
GhostMaster (HKLM-x32\...\{2A42871B-A6C5-44EA-BBE0-4E701F610BB4}) (Version: 1.00.000 - )
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 71.0.3578.98 - Google Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.23 - Google Inc.) Hidden
Grim Dawn (HKLM-x32\...\Grim Dawn_is1) (Version: 1.0.6.1.HF1 - )
Heroes of Might & Magic III - HD Edition (HKLM-x32\...\Heroes of Might & Magic III - HD Edition_is1) (Version: - )
HP Support Solutions Framework (HKLM-x32\...\{2AD02988-163A-45E2-AC71-530B080D1A73}) (Version: 12.5.32.203 - HP)
Icewind Dale Enhanced Edition (HKLM-x32\...\Icewind Dale Enhanced Edition_is1) (Version: - )
ImgBurn (HKLM-x32\...\ImgBurn) (Version: 2.5.8.0 - LIGHTNING UK!)
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 11.0.6.1194 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.4358 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 12.8.10.1005 - Intel Corporation)
Internet Download Manager (HKLM-x32\...\Internet Download Manager) (Version: - Tonec Inc.)
IrfanView (remove only) (HKLM-x32\...\IrfanView) (Version: 4.41 - Irfan Skiljan)
Java 8 Update 161 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F64180161F0}) (Version: 8.0.1610.12 - Oracle Corporation)
Java 8 Update 161 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180161F0}) (Version: 8.0.1610.12 - Oracle Corporation)
JDownloader 2 (HKLM\...\jdownloader2) (Version: 2.0 - AppWork GmbH)
JMicron Flash Media Controller Driver (HKLM-x32\...\{26604C7E-A313-4D12-867F-7C6E7820BE4C}) (Version: 1.0.71.1 - JMicron Technology Corp.)
Kaspersky Free (HKLM-x32\...\{718613F4-492D-4272-ACC3-D04A8EF0F883}) (Version: 19.0.0.1088 - Kaspersky Lab) Hidden
Kaspersky Free (HKLM-x32\...\InstallWIX_{718613F4-492D-4272-ACC3-D04A8EF0F883}) (Version: 19.0.0.1088 - Kaspersky Lab)
Kaspersky Secure Connection (HKLM-x32\...\{F10AA188-7166-430E-8810-FEAB2AD73DE3}) (Version: 19.0.0.1088 - Kaspersky Lab) Hidden
Kaspersky Secure Connection (HKLM-x32\...\InstallWIX_{F10AA188-7166-430E-8810-FEAB2AD73DE3}) (Version: 19.0.0.1088 - Kaspersky Lab)
K-Lite Mega Codec Pack 11.7.5 (HKLM-x32\...\KLiteCodecPack_is1) (Version: 11.7.5 - )
Ledger Live 1.1.7 (HKLM\...\c62032b2-0bca-5abc-b458-fd67cfc9e49b) (Version: 1.1.7 - Ledger)
Lenovo Bluetooth with Enhanced Data Rate Software (HKLM\...\{C6D9ED03-6FCF-4410-9CB7-45CA285F9E11}) (Version: 12.0.1.750 - Broadcom Corporation)
LibreOffice 5.3.4.2 (HKLM-x32\...\{E8FF8837-CDA1-462A-925B-2DA1FE7E263E}) (Version: 5.3.4.2 - The Document Foundation)
Malwarebytes (wersja 3.6.1.2711) (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.6.1.2711 - Malwarebytes)
Median XL Launcher 0.3.1.0 (HKLM-x32\...\{649749D9-C274-4CF3-9617-2ED6BB20333E}}_is1) (Version: 0.3.1.0 - Quirinus, Marco)
Microsoft Office Professional Plus 2016 (HKLM\...\Office16.PROPLUS) (Version: 16.0.4266.1001 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-2102368143-2728945569-3422748965-1001\...\OneDriveSetup.exe) (Version: 18.222.1104.0007 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729 (HKLM\...\{2DFD8316-9EF1-3210-908C-4CB61961C1AC}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{527BBE2F-1FED-3D8B-91CB-4DB0F838E69E}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x64) - 14.13.26020 (HKLM-x32\...\{7474cd6e-76cc-4257-837e-5b9261e526af}) (Version: 14.13.26020.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x86) - 14.13.26020 (HKLM-x32\...\{5c045b7f-e561-4794-91f8-c6cda0893107}) (Version: 14.13.26020.0 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 4.0 (HKLM-x32\...\{2BFC7AA0-544C-4E3A-8796-67F3BE655BE9}) (Version: 4.0.20823.0 - Microsoft Corporation)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 60.3.0.6912 - Mozilla)
Mozilla Thunderbird 60.3.3 (x86 pl) (HKLM-x32\...\Mozilla Thunderbird 60.3.3 (x86 pl)) (Version: 60.3.3 - Mozilla)
NapiProjekt (2.2.0.2399) (HKLM-x32\...\NapiProjekt_is1) (Version: - )
Narzędzia sprawdzające pakietu Microsoft Office 2016 — polski (HKLM\...\{90160000-001F-0415-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Neon 0.2.8 (only current user) (HKU\S-1-5-21-2102368143-2728945569-3422748965-1001\...\211a501f-25dd-501b-8c98-509ac17aedfa) (Version: 0.2.8 - Ethan Fast)
NVAPI Monitor plugin for NvContainer (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvContainer.NvapiMonitor) (Version: 1.12 - NVIDIA Corporation) Hidden
NVIDIA GeForce Experience 3.16.0.122 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.16.0.122 - NVIDIA Corporation)
NVIDIA Oprogramowanie systemu PhysX 9.18.0907 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.18.0907 - NVIDIA Corporation)
NVIDIA Sterownik graficzny 417.01 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 417.01 - NVIDIA Corporation)
OpenAL (HKLM-x32\...\OpenAL) (Version: - )
Oprogramowanie Intel® PROSet/Wireless (HKLM-x32\...\{4c8b7360-62a2-4339-b745-41323055d0bb}) (Version: 18.20.0 - Intel Corporation)
Oprogramowanie mikroukładu Intel® (HKLM-x32\...\{fb610cea-ba50-4d4b-a717-cf025419035c}) (Version: 10.1.1.13 - Intel(R) Corporation) Hidden
Origin (HKLM-x32\...\Origin) (Version: 10.5.6.6235 - Electronic Arts, Inc.)
Pakiet sterowników systemu Windows - Lenovo (ACPIVPC) System (02/17/2013 9.52.0.776) (HKLM\...\35DD26BE48DAF4A9F35F969F3CB1E3E1435E661E) (Version: 02/17/2013 9.52.0.776 - Lenovo)
Pakiet sterowników systemu Windows - Lenovo (WUDFRd) LenovoVhid (07/25/2013 10.30.0.288) (HKLM\...\6BCA401E9CBEED970D75F55FA5320F60D11984E9) (Version: 07/25/2013 10.30.0.288 - Lenovo)
Panel sterowania NVIDIA 417.01 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel) (Version: 417.01 - NVIDIA Corporation) Hidden
PDFill FREE PDF Tools (HKLM\...\{D1399216-81B2-457C-A0F7-73B9A2EF6902}) (Version: 14.0 - PlotSoft LLC)
Pillars of Eternity (HKLM-x32\...\1207666813_is1) (Version: 3.07.0.1318 - GOG.com)
Pillars of Eternity Preorder Item and Pet (HKLM-x32\...\1207666843_is1) (Version: 3.07.0.1318 - GOG.com)
Pillars of Eternity: Deadfire Pack (HKLM-x32\...\1577585691_is1) (Version: 3.07.0.1318 - GOG.com)
Pillars of Eternity: The White March - Part 1 (HKLM-x32\...\1439895308_is1) (Version: 3.07.0.1318 - GOG.com)
Pillars of Eternity: The White March - Part 2 (HKLM-x32\...\1439897569_is1) (Version: 3.07.0.1318 - GOG.com)
Planescape: Torment - Enhanced Edition (HKLM-x32\...\Planescape: Torment - Enhanced Edition_is1) (Version: - )
PLAY ONLINE (HKLM-x32\...\PLAY ONLINE) (Version: 23.015.02.02.264 - Huawei Technologies Co.,Ltd)
PuTTY release 0.66 (HKLM-x32\...\PuTTY_is1) (Version: 0.66 - Simon Tatham)
Qualcomm Atheros Inc.(R) AR81Family Gigabit/Fast Ethernet Driver (HKLM-x32\...\{3108C217-BE83-42E4-AE9E-A56A2A92E549}) (Version: 2.1.0.21 - Qualcomm Atheros Inc.)
Razer Synapse (HKLM-x32\...\{0D78BEE2-F8FF-4498-AF1A-3FF81CED8AC6}) (Version: 2.21.20.606 - Razer Inc.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7746 - Realtek Semiconductor Corp.)
Rockstar Games Social Club (HKLM-x32\...\Rockstar Games Social Club) (Version: 1.1.7.8 - Rockstar Games)
Samsung Printer Live Update (HKLM-x32\...\Samsung Printer Live Update) (Version: 1.01.00:04(2013-04-22) - Samsung Electronics Co., Ltd.)
SAMSUNG USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.51.0 - SAMSUNG Electronics Co., Ltd.)
Skype (wersja 8.28) (HKLM-x32\...\Skype_is1) (Version: 8.28 - Skype Technologies S.A.)
Star Wars: The Old Republic (HKLM-x32\...\{3B11D799-48E0-48ED-BFD7-EA655676D8BB}) (Version: 1.00 - Electronic Arts, Inc.)
StarCraft (HKLM-x32\...\StarCraft) (Version: - Blizzard Entertainment)
StarCraft II (HKLM-x32\...\StarCraft II) (Version: - Blizzard Entertainment)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 17.0.6.8 - Synaptics Incorporated)
TeamViewer 12 (HKLM-x32\...\TeamViewer) (Version: 12.0.83369 - TeamViewer)
Telegram Desktop version 1.3.10 (HKU\S-1-5-21-2102368143-2728945569-3422748965-1001\...\{53F49750-6209-4FBF-9CA8-7A333C87D1ED}_is1) (Version: 1.3.10 - Telegram Messenger LLP)
TeraCopy 2.3 (HKLM\...\TeraCopy_is1) (Version: - Code Sector)
Torment: Tides of Numenera (HKLM-x32\...\Torment: Tides of Numenera_is1) (Version: - )
Total Commander 64-bit (Remove or Repair) (HKLM\...\Totalcmd64) (Version: 8.52a - Ghisler Software GmbH)
Tyranny (HKLM-x32\...\Tyranny_is1) (Version: - )
VeraCrypt (HKLM-x32\...\VeraCrypt) (Version: 1.22 - IDRIX)
VLC media player (HKLM-x32\...\VLC media player) (Version: 3.0.4 - VideoLAN)
Winamp (HKLM-x32\...\Winamp) (Version: 5.666 - Nullsoft, Inc)
Windows Driver Package - FTDI CDM Driver Package - Bus/D2XX Driver (01/27/2014 2.10.00) (HKLM\...\A360E2EA788FFC586113AFE1F2AABF01EBE7A248) (Version: 01/27/2014 2.10.00 - FTDI)
Windows Driver Package - FTDI CDM Driver Package - VCP Driver (01/27/2014 2.10.00) (HKLM\...\42F5D8399C4B7EB9005D88E9045ABB1A715CD59A) (Version: 01/27/2014 2.10.00 - FTDI)
WinRAR 5.30 beta 6 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.30.6 - win.rar GmbH)
WinSCP 5.11.1 (HKLM-x32\...\winscp3_is1) (Version: 5.11.1 - Martin Prikryl)
World of Tanks (HKU\S-1-5-21-2102368143-2728945569-3422748965-1001\...\{1EAC1D02-C6AC-4FA6-9A44-96258C37C812eu}_is1) (Version: - Wargaming.net)
World of Warcraft (HKLM-x32\...\World of Warcraft) (Version: - Blizzard Entertainment)

==================== Niestandardowe rejestracje CLSID (filtrowane): ==========================

(Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.)

CustomCLSID: HKU\S-1-5-21-2102368143-2728945569-3422748965-1001_Classes\CLSID\{820D63D5-8CFF-46DE-86AF-4997DEDD6DB5}\localserver32 - & gt; C:\WINDOWS\system32\igfxEM.exe (Intel Corporation)
CustomCLSID: HKU\S-1-5-21-2102368143-2728945569-3422748965-1001_Classes\CLSID\{8382be2b-f5be-4261-ac72-0f5144c30e81}\InprocServer32 - & gt; C:\WINDOWS\System32\dfshim.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2102368143-2728945569-3422748965-1001_Classes\CLSID\{893B423C-00D3-4817-A213-8148D47ABE04}\InprocServer32 - & gt; C:\WINDOWS\System32\ole32.dll (Microsoft Corporation)
ShellIconOverlayIdentifiers: [ IDM Shell Extension] - & gt; {CDC95B92-E27C-4745-A8C5-64A52A78855D} = & gt; C:\Program Files (x86)\Internet Download Manager\IDMShellExt64.dll [2018-09-28] (Tonec Inc.)
ContextMenuHandlers1: [DefragglerShellExtension] - & gt; {4380C993-0C43-4E02-9A7A-0D40B6EA7590} = & gt; C:\Program Files\Defraggler\DefragglerShell64.dll [2016-03-08] (Piriform Ltd)
ContextMenuHandlers1: [FineReader11ContextMenu] - & gt; {79E48320-C6B5-49F1-992B-571D53586885} = & gt; C:\Program Files (x86)\ABBYY FineReader 11\FRIntegration.x64.dll [2012-09-20] (ABBYY)
ContextMenuHandlers1: [Kaspersky Anti-Virus 19.0.0] - & gt; {755D388B-420B-4692-A974-84AAF0E577D3} = & gt; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Free 19.0.0\x64\ShellEx.dll [2018-12-26] (AO Kaspersky Lab)
ContextMenuHandlers1: [TeraCopy] - & gt; {A8005AF0-D6E8-48AF-8DFA-023B1CF660A7} = & gt; C:\Program Files\TeraCopy\TeraCopyExt64.dll [2012-01-20] ()
ContextMenuHandlers1: [WinRAR] - & gt; {B41DB860-64E4-11D2-9906-E49FADC173CA} = & gt; C:\Program Files\WinRAR\rarext.dll [2015-11-12] (Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] - & gt; {B41DB860-8EE4-11D2-9906-E49FADC173CA} = & gt; C:\Program Files\WinRAR\rarext32.dll [2015-11-12] (Alexander Roshal)
ContextMenuHandlers2: [Kaspersky Anti-Virus 19.0.0] - & gt; {755D388B-420B-4692-A974-84AAF0E577D3} = & gt; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Free 19.0.0\x64\ShellEx.dll [2018-12-26] (AO Kaspersky Lab)
ContextMenuHandlers2: [TeraCopy] - & gt; {A8005AF0-D6E8-48AF-8DFA-023B1CF660A7} = & gt; C:\Program Files\TeraCopy\TeraCopyExt64.dll [2012-01-20] ()
ContextMenuHandlers3: [MBAMShlExt] - & gt; {57CE581A-0CB6-4266-9CA0-19364C90A0B3} = & gt; C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2018-09-19] (Malwarebytes)
ContextMenuHandlers4: [Kaspersky Anti-Virus 19.0.0] - & gt; {755D388B-420B-4692-A974-84AAF0E577D3} = & gt; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Free 19.0.0\x64\ShellEx.dll [2018-12-26] (AO Kaspersky Lab)
ContextMenuHandlers4: [TeraCopy] - & gt; {A8005AF0-D6E8-48AF-8DFA-023B1CF660A7} = & gt; C:\Program Files\TeraCopy\TeraCopyExt64.dll [2012-01-20] ()
ContextMenuHandlers5: [igfxcui] - & gt; {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} = & gt; - & gt; Brak pliku
ContextMenuHandlers5: [igfxDTCM] - & gt; {9B5F5829-A529-4B12-814A-E81BCB8D93FC} = & gt; C:\WINDOWS\system32\igfxDTCM.dll [2015-12-21] (Intel Corporation)
ContextMenuHandlers5: [NvCplDesktopContext] - & gt; {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} = & gt; C:\WINDOWS\system32\nvshext.dll [2018-11-16] (NVIDIA Corporation)
ContextMenuHandlers6: [DefragglerShellExtension] - & gt; {4380C993-0C43-4E02-9A7A-0D40B6EA7590} = & gt; C:\Program Files\Defraggler\DefragglerShell64.dll [2016-03-08] (Piriform Ltd)
ContextMenuHandlers6: [FineReader11ContextMenu] - & gt; {79E48320-C6B5-49F1-992B-571D53586885} = & gt; C:\Program Files (x86)\ABBYY FineReader 11\FRIntegration.x64.dll [2012-09-20] (ABBYY)
ContextMenuHandlers6: [Kaspersky Anti-Virus 19.0.0] - & gt; {755D388B-420B-4692-A974-84AAF0E577D3} = & gt; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Free 19.0.0\x64\ShellEx.dll [2018-12-26] (AO Kaspersky Lab)
ContextMenuHandlers6: [MBAMShlExt] - & gt; {57CE581A-0CB6-4266-9CA0-19364C90A0B3} = & gt; C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2018-09-19] (Malwarebytes)
ContextMenuHandlers6: [TeraCopy] - & gt; {A8005AF0-D6E8-48AF-8DFA-023B1CF660A7} = & gt; C:\Program Files\TeraCopy\TeraCopyExt64.dll [2012-01-20] ()
ContextMenuHandlers6: [WinRAR] - & gt; {B41DB860-64E4-11D2-9906-E49FADC173CA} = & gt; C:\Program Files\WinRAR\rarext.dll [2015-11-12] (Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] - & gt; {B41DB860-8EE4-11D2-9906-E49FADC173CA} = & gt; C:\Program Files\WinRAR\rarext32.dll [2015-11-12] (Alexander Roshal)

==================== Zaplanowane zadania (filtrowane) =============

(Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.)

Task: {121AF220-DE46-46A2-884D-851A48A9112A} - System32\Tasks\{31DDBD37-5DB7-4030-8064-10B0CAA806C3} = & gt; C:\Program Files\COMODO\COMODO Internet Security\cistray.exe
Task: {18EDD889-D942-493B-A084-F79E4D49669A} - System32\Tasks\Apple\AppleSoftwareUpdate = & gt; C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe
Task: {249EE108-3B5D-4035-8D52-0A65DE5F46A0} - System32\Tasks\{7A86863B-9A79-4FED-A430-E050A95F649C} = & gt; C:\WINDOWS\system32\pcalua.exe -a D:\Gry\WoW\unins000.exe
Task: {289F3A8A-0A92-45ED-999B-A0C1E7A11C06} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} = & gt; C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [2018-11-16] (NVIDIA Corporation)
Task: {28D72AF9-A925-4412-9DD7-63533BC2175D} - System32\Tasks\AdobeGCInvoker-1.0-lenovo-Mariusz = & gt; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [2018-12-13] (Adobe Systems, Incorporated)
Task: {2DD2C986-9111-4AD8-9339-D1F15C08050B} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 = & gt; C:\Program Files\Microsoft Office\Office16\msoia.exe [2015-07-31] (Microsoft Corporation)
Task: {2E6D889F-0B44-4004-918E-699EBD7560C8} - System32\Tasks\NvTmRepCR3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} = & gt; C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2018-11-16] (NVIDIA Corporation)
Task: {2F3019AD-3A19-47B6-B3DC-9B5DF0BED606} - System32\Tasks\CCleanerSkipUAC = & gt; C:\Program Files\CCleaner\CCleaner.exe [2018-12-10] (Piriform Software Ltd)
Task: {376FCE33-5259-44F2-925E-01FDCB918A40} - System32\Tasks\DropboxUpdateTaskMachineUA = & gt; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: {3AAE3CA6-E80A-45E0-822E-0193A568A64B} - System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} = & gt; C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2018-11-16] (NVIDIA Corporation)
Task: {3E603CE9-73B3-4A1B-A718-3CD92EC3D516} - System32\Tasks\CCleaner Update = & gt; C:\Program Files\CCleaner\CCUpdate.exe [2018-12-10] (Piriform Ltd)
Task: {49695CBA-E0B5-43F0-9325-B85F687E6F99} - System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} = & gt; C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmMon.exe [2018-11-16] (NVIDIA Corporation)
Task: {514E4DDD-B031-4E27-8266-20B6AD3A3E7F} - System32\Tasks\DropboxUpdateTaskMachineCore = & gt; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: {56D29636-8F5B-4F5E-821F-03C2F06AC0F8} - System32\Tasks\GoogleUpdateTaskMachineCore = & gt; C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-12-16] (Google Inc.)
Task: {6CD09A8A-02E5-4EF2-819A-A7E8285F8BE2} - System32\Tasks\{779D4AB0-BD6B-4839-8E4B-10251C3376A0} = & gt; C:\WINDOWS\system32\pcalua.exe -a G:\Setup\rsrc\Autorun.exe -d G:\
Task: {7E8E0185-D8A6-4055-970E-3226D04D0185} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} = & gt; C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2018-11-16] (NVIDIA Corporation)
Task: {7FC93E9E-5774-4D84-8899-BACA7004B760} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} = & gt; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [2018-11-16] (NVIDIA Corporation)
Task: {9562D5FD-B2E5-48F3-9F5F-145BD40E583A} - System32\Tasks\NvTmRepCR1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} = & gt; C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2018-11-16] (NVIDIA Corporation)
Task: {A12B68E0-E2F2-4E7B-8993-C3BF78EA0D2A} - System32\Tasks\KMSAutoNet = & gt; C:\ProgramData\KMSAutoS\KMSAuto Net.exe
Task: {A69FB1E7-1930-4299-94EB-82957B5CE00A} - System32\Tasks\Intel PTT EK Recertification = & gt; C:\Program Files\Intel\iCLS Client\IntelPTTEKRecertification.exe [2016-02-19] (Intel(R) Corporation)
Task: {A7567E11-7826-4D43-8ED6-46FB5BACFCD7} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 = & gt; C:\Program Files\Microsoft Office\Office16\msoia.exe [2015-07-31] (Microsoft Corporation)
Task: {A7742C47-059A-4968-A60A-8C02EBD081F5} - System32\Tasks\GoogleUpdateTaskMachineUA = & gt; C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-12-16] (Google Inc.)
Task: {B914F991-9FCB-4686-888D-EE32FE5662E3} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} = & gt; C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [2018-11-16] (NVIDIA Corporation)
Task: {BBD60B4A-F81C-4DBE-BCDC-5C404D1E3C58} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} = & gt; C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2018-11-16] (NVIDIA Corporation)
Task: {C593BAF0-CDBA-4800-9E76-5E48DCEBED84} - System32\Tasks\NvTmRepCR2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} = & gt; C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2018-11-16] (NVIDIA Corporation)
Task: {DE912756-F1F9-41BE-9389-EBA25E22C1D4} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat = & gt; C:\Program Files\Common Files\Microsoft Shared\Office16\OLicenseHeartbeat.exe [2015-07-31] (Microsoft Corporation)
Task: {EDF2F532-D776-4F64-8D59-A54FF103218A} - System32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} = & gt; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [2018-11-16] (NVIDIA Corporation)
Task: {F1893F53-B874-426B-8D6E-FCEBCA108162} - System32\Tasks\Adobe Acrobat Update Task = & gt; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2018-08-13] (Adobe Systems Incorporated)
Task: {F2B6F391-74BA-40E3-B778-176719A695D7} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater = & gt; C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe [2016-12-07] (HP Inc.)
Task: {F8E81CC2-CDCF-4E69-9578-FFF998D202EA} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Report = & gt; C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSFReport.exe [2016-12-21] (HP Inc.)

(Załączenie wejścia w fixlist spowoduje przesunięcie pliku zadania (.job). Plik uruchamiany docelowo przez zadanie nie zostanie przeniesiony.)


==================== Skróty & WMI ========================

(Wybrane wejścia mogą zostać załączone w celu ich zresetowania lub usunięcia.)


ShortcutWithArgument: C:\Users\Mariusz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplikacje Chrome\Ledger Manager.lnk - & gt; C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) - & gt; --profile-directory=Default --app-id=beimhnaefocolcplfimocfiaiefpkgbf
ShortcutWithArgument: C:\Users\Mariusz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplikacje Chrome\Ledger Wallet Bitcoin.lnk - & gt; C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) - & gt; --profile-directory=Default --app-id=kkdpmhnladdopljabkgpacgpliggeeaf
ShortcutWithArgument: C:\Users\Mariusz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplikacje Chrome\Ledger Wallet Ethereum.lnk - & gt; C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) - & gt; --profile-directory=Default --app-id=hmlhkialjkaldndjnlcdfdphcgeadkkm
ShortcutWithArgument: C:\Users\Mariusz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplikacje Chrome\NACL Web Plug-in.lnk - & gt; C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) - & gt; --profile-directory=Default --app-id=pbdcmagkbhnjpjlnpibbmggikpedpilc

==================== Załadowane moduły (filtrowane) ==============

2016-03-13 14:42 - 2012-09-18 15:27 - 000192512 _____ () C:\WINDOWS\System32\zlhp1020.dll
2016-09-22 12:19 - 2016-09-22 12:19 - 000031256 _____ () C:\WINDOWS\System32\ssa6mlm.dll
2016-03-13 14:42 - 2012-09-18 15:27 - 000065024 _____ () C:\WINDOWS\system32\spool\PRTPROCS\x64\pphp1020.dll
2018-10-21 02:17 - 2018-10-21 02:17 - 000088888 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2018-10-21 02:17 - 2018-10-21 02:17 - 001356088 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2015-09-24 17:46 - 2015-09-24 17:46 - 000049408 _____ () C:\Program Files\Lenovo\Bluetooth Software\btwleapi.dll
2013-10-28 03:02 - 2016-04-30 14:52 - 000351824 _____ () C:\ProgramData\DatacardService\HWDeviceService64.exe
2016-04-30 14:52 - 2016-04-30 14:52 - 000651856 _____ () C:\ProgramData\PLAY ONLINE\OnlineUpdate\ouc.exe
2015-11-21 07:17 - 2016-02-21 17:10 - 000075136 _____ () C:\WINDOWS\SysWOW64\PnkBstrA.exe
2018-03-14 20:13 - 2018-03-14 20:13 - 000189776 _____ () C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe
2018-10-06 10:20 - 2018-12-14 21:45 - 002712432 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\SelfProtectionSdk.dll
2017-07-29 03:45 - 2017-07-29 03:45 - 000298448 _____ () C:\ProgramData\Razer\Synapse\RzStats\RzStats.Manager.exe
2018-12-26 08:37 - 2018-12-26 08:37 - 000864112 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Free 19.0.0\kpcengine.2.3.dll
2016-04-30 14:52 - 2013-08-31 06:44 - 002417152 _____ () C:\ProgramData\PLAY ONLINE\OnlineUpdate\QtCore4.dll
2016-04-30 14:52 - 2013-08-31 06:46 - 001148416 _____ () C:\ProgramData\PLAY ONLINE\OnlineUpdate\QtNetwork4.dll
2016-04-30 14:52 - 2009-01-10 19:32 - 000011362 _____ () C:\ProgramData\PLAY ONLINE\OnlineUpdate\mingwm10.dll
2016-04-30 14:52 - 2009-06-23 03:42 - 000043008 _____ () C:\ProgramData\PLAY ONLINE\OnlineUpdate\libgcc_s_dw2-1.dll
2018-05-08 11:57 - 2018-05-08 11:57 - 000143824 _____ () C:\ProgramData\Razer\Synapse\CrashReporter\CrashRpt1402.dll
2018-08-13 11:30 - 2017-09-08 22:22 - 050656768 _____ () C:\Users\Mariusz\AppData\Local\razer\InGameEngine\cache\RzStats.Manager\cef\libcef.dll
2018-08-13 11:30 - 2017-09-08 22:22 - 001874944 _____ () C:\Users\Mariusz\AppData\Local\razer\InGameEngine\cache\RzStats.Manager\cef\libglesv2.dll
2018-08-13 11:30 - 2017-09-08 22:22 - 000075264 _____ () C:\Users\Mariusz\AppData\Local\razer\InGameEngine\cache\RzStats.Manager\cef\libegl.dll

==================== Alternate Data Streams (filtrowane) =========

(Załączenie wejścia w fixlist spowoduje usunięcie strumienia ADS.)

AlternateDataStreams: C:\WINDOWS\system32\adhsvc.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\AppXDeploymentExtensions.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\basesrv.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\BdeHdCfgLib.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\consent.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\dhcpsapi.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\ftbusui.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\ftcserco.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\ftd2xx.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\FTLang.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\ftserui2.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\fvecpl.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\FWPUCLNT.DLL:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\FwRemoteSvr.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\httpprxm.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\httpprxp.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\LocationApi.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\mtxoci.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\polstore.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\SettingsHandlers.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\SettingSync.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\SettingSyncHost.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\SystemSettingsAdminFlows.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\SystemSettingsAdminFlowUI.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\themecpl.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\usercpl.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\VSSVC.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Windows.Devices.Geolocation.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\WindowsAnytimeUpgradeui.exe:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\WorkfoldersControl.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\WsmAgent.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\WsmAuto.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\dhcpsapi.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\dsparse.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\fog.dll:$CmdZnID [26]
AlternateDataStreams: C:\WINDOWS\SysWOW64\ftd2xx.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\FWPUCLNT.DLL:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\FwRemoteSvr.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\gpapi.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\hgcpl.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\IPHLPAPI.DLL:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\LocationApi.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\msorcl32.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\mswsock.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\mtxoci.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\polstore.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\SettingMonitor.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\SettingSync.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\SettingSyncCore.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\SettingSyncHost.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\shacct.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\stobject.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\themecpl.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\usercpl.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\wfapigp.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\Windows.Devices.Geolocation.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\Windows.UI.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\ws2_32.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\WsmAgent.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\WsmAuto.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\dtliteusbbus.sys:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\ftdibus.sys:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\ftser2k.sys:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\IPMIDrv.sys:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\mup.sys:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\ndiswan.sys:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\rasl2tp.sys:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\volmgr.sys:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\volsnap.sys:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\vpci.sys:$CmdTcID [64]
AlternateDataStreams: C:\ProgramData\TEMP:72CCCD14 [207]
AlternateDataStreams: C:\Users\Mariusz\Documents\iview441_setup.exe:BDU [0]

==================== Tryb awaryjny (filtrowane) ===================

(Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Wartość " AlternateShell " zostanie przywrócona.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService = & gt; " " = " Service "
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PAexec = & gt; " " = " Service "
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService = & gt; " " = " Service "
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\PAexec = & gt; " " = " Service "

==================== Powiązania plików (filtrowane) ===============

(Załączenie wejścia w fixlist spowoduje usunięcie obiektu z rejestru lub przywrócenie jego domyślnej postaci.)


==================== Internet Explorer - Witryny zaufane i z ograniczeniami ===============

(Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru.)

IE restricted site: HKU\.DEFAULT\...\007guard.com - & gt; install.007guard.com
IE restricted site: HKU\.DEFAULT\...\008i.com - & gt; 008i.com
IE restricted site: HKU\.DEFAULT\...\008k.com - & gt; www.008k.com
IE restricted site: HKU\.DEFAULT\...\00hq.com - & gt; www.00hq.com
IE restricted site: HKU\.DEFAULT\...\010402.com - & gt; 010402.com
IE restricted site: HKU\.DEFAULT\...\032439.com - & gt; 80gw6ry3i3x3qbrkwhxhw.032439.com
IE restricted site: HKU\.DEFAULT\...\0scan.com - & gt; www.0scan.com
IE restricted site: HKU\.DEFAULT\...\1-2005-search.com - & gt; www.1-2005-search.com
IE restricted site: HKU\.DEFAULT\...\1-domains-registrations.com - & gt; www.1-domains-registrations.com
IE restricted site: HKU\.DEFAULT\...\1000gratisproben.com - & gt; www.1000gratisproben.com
IE restricted site: HKU\.DEFAULT\...\1001namen.com - & gt; www.1001namen.com
IE restricted site: HKU\.DEFAULT\...\100888290cs.com - & gt; mir.100888290cs.com
IE restricted site: HKU\.DEFAULT\...\100sexlinks.com - & gt; www.100sexlinks.com
IE restricted site: HKU\.DEFAULT\...\10sek.com - & gt; www.10sek.com
IE restricted site: HKU\.DEFAULT\...\12-26.net - & gt; user1.12-26.net
IE restricted site: HKU\.DEFAULT\...\12-27.net - & gt; user1.12-27.net
IE restricted site: HKU\.DEFAULT\...\123fporn.info - & gt; www.123fporn.info
IE restricted site: HKU\.DEFAULT\...\123haustiereundmehr.com - & gt; www.123haustiereundmehr.com
IE restricted site: HKU\.DEFAULT\...\123moviedownload.com - & gt; www.123moviedownload.com
IE restricted site: HKU\.DEFAULT\...\123simsen.com - & gt; www.123simsen.com

Wykryto więcej niż wyliczono: 7936 witryn.

IE trusted site: HKU\S-1-5-21-2102368143-2728945569-3422748965-1001\...\filebit.pl - & gt; hxxps://filebit.pl
IE restricted site: HKU\S-1-5-21-2102368143-2728945569-3422748965-1001\...\007guard.com - & gt; install.007guard.com
IE restricted site: HKU\S-1-5-21-2102368143-2728945569-3422748965-1001\...\008i.com - & gt; 008i.com
IE restricted site: HKU\S-1-5-21-2102368143-2728945569-3422748965-1001\...\008k.com - & gt; www.008k.com
IE restricted site: HKU\S-1-5-21-2102368143-2728945569-3422748965-1001\...\00hq.com - & gt; www.00hq.com
IE restricted site: HKU\S-1-5-21-2102368143-2728945569-3422748965-1001\...\010402.com - & gt; 010402.com
IE restricted site: HKU\S-1-5-21-2102368143-2728945569-3422748965-1001\...\032439.com - & gt; 80gw6ry3i3x3qbrkwhxhw.032439.com
IE restricted site: HKU\S-1-5-21-2102368143-2728945569-3422748965-1001\...\0scan.com - & gt; www.0scan.com
IE restricted site: HKU\S-1-5-21-2102368143-2728945569-3422748965-1001\...\1-2005-search.com - & gt; www.1-2005-search.com
IE restricted site: HKU\S-1-5-21-2102368143-2728945569-3422748965-1001\...\1-domains-registrations.com - & gt; www.1-domains-registrations.com
IE restricted site: HKU\S-1-5-21-2102368143-2728945569-3422748965-1001\...\1000gratisproben.com - & gt; www.1000gratisproben.com
IE restricted site: HKU\S-1-5-21-2102368143-2728945569-3422748965-1001\...\1001namen.com - & gt; www.1001namen.com
IE restricted site: HKU\S-1-5-21-2102368143-2728945569-3422748965-1001\...\100888290cs.com - & gt; mir.100888290cs.com
IE restricted site: HKU\S-1-5-21-2102368143-2728945569-3422748965-1001\...\100sexlinks.com - & gt; www.100sexlinks.com
IE restricted site: HKU\S-1-5-21-2102368143-2728945569-3422748965-1001\...\10sek.com - & gt; www.10sek.com
IE restricted site: HKU\S-1-5-21-2102368143-2728945569-3422748965-1001\...\12-26.net - & gt; user1.12-26.net
IE restricted site: HKU\S-1-5-21-2102368143-2728945569-3422748965-1001\...\12-27.net - & gt; user1.12-27.net
IE restricted site: HKU\S-1-5-21-2102368143-2728945569-3422748965-1001\...\123fporn.info - & gt; www.123fporn.info
IE restricted site: HKU\S-1-5-21-2102368143-2728945569-3422748965-1001\...\123haustiereundmehr.com - & gt; www.123haustiereundmehr.com
IE restricted site: HKU\S-1-5-21-2102368143-2728945569-3422748965-1001\...\123moviedownload.com - & gt; www.123moviedownload.com
IE restricted site: HKU\S-1-5-21-2102368143-2728945569-3422748965-1001\...\123simsen.com - & gt; www.123simsen.com

Wykryto więcej niż wyliczono: 7936 witryn.


==================== Hosts - zawartość: ==========================

(Użycie dyrektywy Hosts: w fixlist spowoduje reset pliku Hosts.)

2013-08-22 14:25 - 2018-02-26 12:19 - 000454512 ____N C:\WINDOWS\system32\Drivers\etc\hosts

127.0.0.1 www.007guard.com
127.0.0.1 007guard.com
127.0.0.1 008i.com
127.0.0.1 www.008k.com
127.0.0.1 008k.com
127.0.0.1 www.00hq.com
127.0.0.1 00hq.com
127.0.0.1 010402.com
127.0.0.1 www.032439.com
127.0.0.1 032439.com
127.0.0.1 www.0scan.com
127.0.0.1 0scan.com
127.0.0.1 1000gratisproben.com
127.0.0.1 www.1000gratisproben.com
127.0.0.1 1001namen.com
127.0.0.1 www.1001namen.com
127.0.0.1 100888290cs.com
127.0.0.1 www.100888290cs.com
127.0.0.1 www.100sexlinks.com
127.0.0.1 100sexlinks.com
127.0.0.1 10sek.com
127.0.0.1 www.10sek.com
127.0.0.1 www.1-2005-search.com
127.0.0.1 1-2005-search.com
127.0.0.1 123fporn.info
127.0.0.1 www.123fporn.info
127.0.0.1 www.123haustiereundmehr.com
127.0.0.1 123haustiereundmehr.com
127.0.0.1 123moviedownload.com
127.0.0.1 www.123moviedownload.com

Wykryto więcej niż wyliczono: 15600 linii.


==================== Inne obszary ============================

(Obecnie brak automatycznej naprawy dla tej sekcji.)

HKU\S-1-5-21-2102368143-2728945569-3422748965-1001\Control Panel\Desktop\\Wallpaper - & gt; D:\Tapety\13239313_784173465016188_9178762443412891889_n.png
DNS Servers: 8.8.8.8 - 8.8.4.4
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System = & gt; (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer = & gt; (SmartScreenEnabled: RequireAdmin)
HKLM\software\microsoft\Windows\CurrentVersion\Telephony\Providers = & gt; ProviderFileName2 - & gt; ndptsp.tsp (Brak pliku)
Zapora systemu Windows [funkcja włączona]

==================== MSCONFIG/TASK MANAGER - Wyłączone elementy ==

Załączenie wejścia w fixlist spowoduje jego usunięcie.

HKLM\...\StartupApproved\Run: = & gt; " ShadowPlay "
HKLM\...\StartupApproved\Run: = & gt; " Bluetooth "
HKLM\...\StartupApproved\Run: = & gt; " IAStorIcon "
HKLM\...\StartupApproved\Run32: = & gt; " IAStorIcon "
HKLM\...\StartupApproved\Run32: = & gt; " Bonus.SSR.FR11 "
HKLM\...\StartupApproved\Run32: = & gt; " SunJavaUpdateSched "
HKLM\...\StartupApproved\Run32: = & gt; " Dropbox "
HKU\S-1-5-21-2102368143-2728945569-3422748965-1001\...\StartupApproved\StartupFolder: = & gt; " Wysyłanie do programu OneNote.lnk "
HKU\S-1-5-21-2102368143-2728945569-3422748965-1001\...\StartupApproved\Run: = & gt; " GoogleChromeAutoLaunch_BEEE8AE62A2540156452F89C7FBBA2DA "
HKU\S-1-5-21-2102368143-2728945569-3422748965-1001\...\StartupApproved\Run: = & gt; " DAEMON Tools Lite Automount "
HKU\S-1-5-21-2102368143-2728945569-3422748965-1001\...\StartupApproved\Run: = & gt; " CCleaner Monitoring "
HKU\S-1-5-21-2102368143-2728945569-3422748965-1001\...\StartupApproved\Run: = & gt; " BlueStacks Agent "
HKU\S-1-5-21-2102368143-2728945569-3422748965-1001\...\StartupApproved\Run: = & gt; " World of Tanks "

==================== Reguły Zapory systemu Windows (filtrowane) ===============

(Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.)

FirewallRules: [{CD50E8F9-17F9-4C5D-962E-6EBFCF601B65}] = & gt; (Allow) D:\Gry\Steam\Steam.exe (Valve Corporation)
FirewallRules: [{73E9C92D-ADA4-4990-BEEF-8C6B483BD3FB}] = & gt; (Allow) D:\Gry\Steam\Steam.exe (Valve Corporation)
FirewallRules: [{89D72BB6-5CC9-4D79-860B-0411F5A63D31}] = & gt; (Allow) C:\Users\Mariusz\AppData\Local\Microsoft\OneDrive\OneDrive.exe (Microsoft Corporation)
FirewallRules: [{B117D0A3-69C6-420A-85F4-90A9FB7AD31F}] = & gt; (Allow) D:\Gry\Steam\steamapps\common\Talisman\Talisman.exe ()
FirewallRules: [{DD30E6D2-EA11-435E-B97C-3BED2539B715}] = & gt; (Allow) D:\Gry\Steam\steamapps\common\Talisman\Talisman.exe ()
FirewallRules: [TCP Query User{0C468D90-DA49-47F5-A75E-F356A6B8F4D2}C:\totalcmd\totalcmd64.exe] = & gt; (Allow) C:\totalcmd\totalcmd64.exe (Ghisler Software GmbH)
FirewallRules: [UDP Query User{ACA9DC09-FAF9-4E48-B439-7502D89DB3AB}C:\totalcmd\totalcmd64.exe] = & gt; (Allow) C:\totalcmd\totalcmd64.exe (Ghisler Software GmbH)
FirewallRules: [{AF43C12D-D94C-42DD-8BBC-27D6D728EA1A}] = & gt; (Allow) %systemroot%\WindowsMobile\wmdHost.exe (Microsoft Corporation)
FirewallRules: [{0DEA9BCF-1E98-4726-B607-4EE10DFC8D14}] = & gt; (Allow) %systemroot%\WindowsMobile\wmdHost.exe (Microsoft Corporation)
FirewallRules: [{548BA115-0101-4959-8805-CE5797AAABDB}] = & gt; (Allow) LPort=26675
FirewallRules: [TCP Query User{05DD181C-74AD-4900-A8D6-D779427CF8B9}D:\gry\diablo iii\diablo iii.exe] = & gt; (Allow) D:\gry\diablo iii\diablo iii.exe (Blizzard Entertainment)
FirewallRules: [UDP Query User{CA9457F2-42E8-4FED-8969-BA65D1A55F7F}D:\gry\diablo iii\diablo iii.exe] = & gt; (Allow) D:\gry\diablo iii\diablo iii.exe (Blizzard Entertainment)
FirewallRules: [TCP Query User{1DDEA60C-59A7-440D-88CA-FE6020518E2B}D:\praca\winbox.exe] = & gt; (Allow) D:\praca\winbox.exe ()
FirewallRules: [UDP Query User{37FA5538-2715-4774-B3EC-3089C248A6D2}D:\praca\winbox.exe] = & gt; (Allow) D:\praca\winbox.exe ()
FirewallRules: [{B15F1159-093E-4178-917C-9C20DD2737E5}] = & gt; (Allow) C:\Windows\SysWOW64\PnkBstrA.exe ()
FirewallRules: [{0AFE4C14-7EAE-484A-BA2A-95AE76A846EF}] = & gt; (Allow) C:\Windows\SysWOW64\PnkBstrA.exe ()
FirewallRules: [{EEB8E173-E9B6-4263-87F6-8380B804EF1E}] = & gt; (Allow) C:\Windows\SysWOW64\PnkBstrB.exe ()
FirewallRules: [{A8C318D3-E1C4-4AC5-B698-BA6908D4C882}] = & gt; (Allow) C:\Windows\SysWOW64\PnkBstrB.exe ()
FirewallRules: [{884A3C25-4EFB-4325-997C-A928137033F2}] = & gt; (Allow) %systemroot%\WindowsMobile\wmdHost.exe (Microsoft Corporation)
FirewallRules: [{F3FA7CE0-B956-4030-B366-E47BFEE17B61}] = & gt; (Allow) %systemroot%\WindowsMobile\wmdHost.exe (Microsoft Corporation)
FirewallRules: [{4F1072F2-5B38-4C10-9638-674CB3F4CBCD}] = & gt; (Allow) LPort=26675
FirewallRules: [TCP Query User{3F4F5FE3-4B36-42D9-8E0A-F2C69BC1CA0E}D:\praca\winbox.exe] = & gt; (Allow) D:\praca\winbox.exe ()
FirewallRules: [UDP Query User{88E27497-0721-4BE9-A947-42970E0B8368}D:\praca\winbox.exe] = & gt; (Allow) D:\praca\winbox.exe ()
FirewallRules: [{F4863A52-61C9-4C17-A127-59B666E5C4B0}] = & gt; (Allow) C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe ()
FirewallRules: [{656A88E8-9199-4EF1-91CF-6B5A3FC1C1A8}] = & gt; (Allow) C:\Program Files (x86)\Winamp\winamp.exe (Nullsoft, Inc.)
FirewallRules: [{4798E149-F95F-4744-BCFD-4FEBB6E48B0F}] = & gt; (Allow) C:\Program Files (x86)\Winamp\winamp.exe (Nullsoft, Inc.)
FirewallRules: [{0E53E90F-8294-4C52-9C58-72969575D5EE}] = & gt; (Allow) D:\Gry\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe ()
FirewallRules: [{C2A07454-2E97-41AD-B675-00F7A845B731}] = & gt; (Allow) D:\Gry\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe ()
FirewallRules: [TCP Query User{0C0535F8-295B-4E51-AF77-DF6F00F6AF5C}D:\gry\divinity - original sin enhanced edition\shipping\eocapp.exe] = & gt; (Block) D:\gry\divinity - original sin enhanced edition\shipping\eocapp.exe ()
FirewallRules: [UDP Query User{35F4E24E-02F7-47FA-A0FD-6A42F86B1F73}D:\gry\divinity - original sin enhanced edition\shipping\eocapp.exe] = & gt; (Block) D:\gry\divinity - original sin enhanced edition\shipping\eocapp.exe ()
FirewallRules: [TCP Query User{A87AA5E1-3D01-4F76-8823-E6DB2745E7D6}C:\program files\foxit software\pdf editor\pdfedit.exe] = & gt; (Block) C:\program files\foxit software\pdf editor\pdfedit.exe (Foxit Software Company)
FirewallRules: [UDP Query User{03D64254-5DA0-4950-BCCB-A5079749E12F}C:\program files\foxit software\pdf editor\pdfedit.exe] = & gt; (Block) C:\program files\foxit software\pdf editor\pdfedit.exe (Foxit Software Company)
FirewallRules: [{8139C189-8577-4657-9FF8-1C3B28A54CCF}] = & gt; (Allow) D:\Gry\Steam\bin\cef\cef.win7\steamwebhelper.exe (Valve Corporation)
FirewallRules: [{81F04E09-D565-4663-A411-B049DDE6CCF8}] = & gt; (Allow) D:\Gry\Steam\bin\cef\cef.win7\steamwebhelper.exe (Valve Corporation)
FirewallRules: [{8FF918FE-6557-4331-9846-DE466960F173}] = & gt; (Allow) C:\Program Files\Microsoft Office\Office16\lync.exe (Microsoft Corporation)
FirewallRules: [{1A725632-2D83-4786-9473-1C0C93559F0B}] = & gt; (Allow) C:\Program Files\Microsoft Office\Office16\lync.exe (Microsoft Corporation)
FirewallRules: [{63DF5451-89D4-42CD-AFAB-6561DE08D66D}] = & gt; (Allow) C:\Program Files\Microsoft Office\Office16\UcMapi.exe (Microsoft Corporation)
FirewallRules: [{23AC81F6-4E0C-4B8C-8BAE-15AD5DABE747}] = & gt; (Allow) C:\Program Files\Microsoft Office\Office16\UcMapi.exe (Microsoft Corporation)
FirewallRules: [TCP Query User{3727425D-0ADA-46A7-9EEB-095599596F1E}D:\gry\diablo iii\x64\diablo iii64.exe] = & gt; (Allow) D:\gry\diablo iii\x64\diablo iii64.exe (Blizzard Entertainment)
FirewallRules: [UDP Query User{D8A8EB4C-9C55-4C8B-8994-62DDF5F288BE}D:\gry\diablo iii\x64\diablo iii64.exe] = & gt; (Allow) D:\gry\diablo iii\x64\diablo iii64.exe (Blizzard Entertainment)
FirewallRules: [TCP Query User{85CA42BE-55F3-4A4D-B51D-C25DF7541360}D:\gry\quake ii\q2dedicated.exe] = & gt; (Allow) D:\gry\quake ii\q2dedicated.exe (r1ch.net)
FirewallRules: [UDP Query User{C5AF3D75-CBDB-42B2-BC05-30B319D994DB}D:\gry\quake ii\q2dedicated.exe] = & gt; (Allow) D:\gry\quake ii\q2dedicated.exe (r1ch.net)
FirewallRules: [TCP Query User{88C9C70C-279D-4946-97D6-7322F92A1BA4}D:\gry\torment - tides of numenera\win\tidesofnumenera.exe] = & gt; (Block) D:\gry\torment - tides of numenera\win\tidesofnumenera.exe ()
FirewallRules: [UDP Query User{38FFD22D-1E91-4124-8148-E372A760520D}D:\gry\torment - tides of numenera\win\tidesofnumenera.exe] = & gt; (Block) D:\gry\torment - tides of numenera\win\tidesofnumenera.exe ()
FirewallRules: [{20E47B17-A8BC-4718-AC9C-083B90B360DF}] = & gt; (Allow) D:\Gry\Steam\steamapps\common\SteamVR\bin\win32\vrstartup.exe ()
FirewallRules: [{382C82AB-E56A-40F5-9702-17D78AFFAC5F}] = & gt; (Allow) D:\Gry\Steam\steamapps\common\SteamVR\bin\win32\vrstartup.exe ()
FirewallRules: [{3BF89175-D7AC-4CC4-B2ED-4BD1EE95EEFF}] = & gt; (Allow) D:\Gry\Steam\steamapps\common\Torchlight II\ModLauncher.exe (Runic Games, Inc.)
FirewallRules: [{41B6CD54-6C51-4DA6-BFA0-5B002454052E}] = & gt; (Allow) D:\Gry\Steam\steamapps\common\Torchlight II\ModLauncher.exe (Runic Games, Inc.)
FirewallRules: [TCP Query User{8DA326CA-4F67-44AC-B10E-86DF86483C9F}C:\users\mariusz\appdata\roaming\esp\espers-qt.exe] = & gt; (Allow) C:\users\mariusz\appdata\roaming\esp\espers-qt.exe ()
FirewallRules: [UDP Query User{B591E658-38FA-47BD-8E24-4549B4DCE8B1}C:\users\mariusz\appdata\roaming\esp\espers-qt.exe] = & gt; (Allow) C:\users\mariusz\appdata\roaming\esp\espers-qt.exe ()
FirewallRules: [{6B203BB5-5624-4886-9125-B04B30A81E84}] = & gt; (Allow) D:\Gry\Steam\steamapps\common\Path of Exile\PathOfExileSteam.exe ()
FirewallRules: [{5156E998-9B48-43BB-8320-892340EB5FC2}] = & gt; (Allow) D:\Gry\Steam\steamapps\common\Path of Exile\PathOfExileSteam.exe ()
FirewallRules: [{FE1F9290-0A32-4D00-80F8-AB812678BE57}] = & gt; (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer GmbH)
FirewallRules: [{AC974168-468A-48E8-B3BD-5BACEE5DCDD7}] = & gt; (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer GmbH)
FirewallRules: [{C914DF50-EDE8-4E4A-8EEE-168430C0B8E0}] = & gt; (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer GmbH)
FirewallRules: [{8E40D34F-FC29-4A66-AF73-9A704B1D4C9B}] = & gt; (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer GmbH)
FirewallRules: [{89EDD2A6-4DE6-4B63-B828-EACE38E4214A}] = & gt; (Allow) D:\Gry\Steam\steamapps\common\Terraria\Terraria.exe (Re-Logic)
FirewallRules: [{9F8174FC-5048-4F0B-96E1-F77EED6455CA}] = & gt; (Allow) D:\Gry\Steam\steamapps\common\Terraria\Terraria.exe (Re-Logic)
FirewallRules: [{1F7E462A-A398-4671-8A9F-33BF1FF56C4C}] = & gt; (Allow) D:\Gry\Steam\steamapps\common\divine_divinity\div.exe (Larian Studios)
FirewallRules: [{E8A940B1-F01C-40C8-B14C-5D43DADC58EA}] = & gt; (Allow) D:\Gry\Steam\steamapps\common\divine_divinity\div.exe (Larian Studios)
FirewallRules: [{DF36A0BE-C981-4E30-94C4-9AE672140BA7}] = & gt; (Allow) D:\Gry\Steam\steamapps\common\divine_divinity\configtool.exe ()
FirewallRules: [{E8188B1D-5019-44B3-AC9A-F57F47563D89}] = & gt; (Allow) D:\Gry\Steam\steamapps\common\divine_divinity\configtool.exe ()
FirewallRules: [{C4188F0A-9C8F-4713-AA61-389E84453134}] = & gt; (Allow) %systemroot%\WindowsMobile\wmdHost.exe (Microsoft Corporation)
FirewallRules: [{CA3E2206-98FC-4553-8FB8-3E7FDB2078F2}] = & gt; (Allow) %systemroot%\WindowsMobile\wmdHost.exe (Microsoft Corporation)
FirewallRules: [{C4B00EA8-F6C0-4E14-8464-25B560A995DA}] = & gt; (Allow) LPort=26675
FirewallRules: [TCP Query User{DF72208A-9BBB-43AF-8695-28EC321D5FF5}C:\program files\foxit software\pdf editor\pdfedit.exe] = & gt; (Allow) C:\program files\foxit software\pdf editor\pdfedit.exe (Foxit Software Company)
FirewallRules: [UDP Query User{182B22F5-A311-4BD6-B8E3-F737514BFADE}C:\program files\foxit software\pdf editor\pdfedit.exe] = & gt; (Allow) C:\program files\foxit software\pdf editor\pdfedit.exe (Foxit Software Company)
FirewallRules: [{0E4BA34F-4F2D-4BF9-A4A9-A0891E35DAEC}] = & gt; (Allow) D:\Gry\Steam\steamapps\common\Quake Live\quakelive_steam.exe (id Software Inc.)
FirewallRules: [{97FDF7D7-D46F-4764-892F-88ED85BF2188}] = & gt; (Allow) D:\Gry\Steam\steamapps\common\Quake Live\quakelive_steam.exe (id Software Inc.)
FirewallRules: [{16017EAF-BDDB-4772-AD2E-63D059FBC4BF}] = & gt; (Allow) D:\Gry\Wot\WoTLauncher.exe (Wargaming.net)
FirewallRules: [{EFA9A9F5-245F-4725-851A-A28E01A9B8B5}] = & gt; (Allow) D:\Gry\Wot\WoTLauncher.exe (Wargaming.net)
FirewallRules: [{52423997-B57D-41A8-8F22-06943E9843B0}] = & gt; (Allow) D:\Gry\Wot\worldoftanks.exe (Wargaming.net)
FirewallRules: [{68B76D6F-A9BA-4A2C-B915-51C8666F7A18}] = & gt; (Allow) D:\Gry\Wot\worldoftanks.exe (Wargaming.net)
FirewallRules: [{4E515D6D-10FA-4EF0-92E2-72B12224BB74}] = & gt; (Allow) C:\Program Files (x86)\NapiProjekt\napisy.exe ()
FirewallRules: [{55A273E3-C86D-44C2-9339-E6E2B42BDB98}] = & gt; (Allow) C:\Program Files (x86)\NapiProjekt\napisy.exe ()
FirewallRules: [TCP Query User{BF5D94C4-6199-4B78-BF6E-22B72E740A38}C:\users\mariusz\desktop\sia-ui-v1.3.7-win32-x64\resources\app\sia\siad.exe] = & gt; (Allow) C:\users\mariusz\desktop\sia-ui-v1.3.7-win32-x64\resources\app\sia\siad.exe ()
FirewallRules: [UDP Query User{AE1D4217-798D-4736-BAEF-9A573DA19AB7}C:\users\mariusz\desktop\sia-ui-v1.3.7-win32-x64\resources\app\sia\siad.exe] = & gt; (Allow) C:\users\mariusz\desktop\sia-ui-v1.3.7-win32-x64\resources\app\sia\siad.exe ()
FirewallRules: [{0919C05C-8C70-49C0-8C7E-E5F0863B8CA8}] = & gt; (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Technologies S.A.)
FirewallRules: [{B1F2C51C-4A3A-4DE9-BAD2-32464414CD98}] = & gt; (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Technologies S.A.)
FirewallRules: [{C0329508-F871-4DF5-9764-03D3184FC447}] = & gt; (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc.)
FirewallRules: [{6E671CF1-CF20-47FF-94FB-27D2BDD3D210}] = & gt; (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc.)
FirewallRules: [{886054E0-A41B-42E0-A06C-B6F0064573B9}] = & gt; (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc.)
FirewallRules: [{0FBC15D3-19F3-410E-AE20-87BC697E00F9}] = & gt; (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc.)
FirewallRules: [TCP Query User{0B9D4ADB-AA46-4121-9BE4-EE022D944B7B}D:\gry\world of warcraft\utils\wowvoiceproxy.exe] = & gt; (Allow) D:\gry\world of warcraft\utils\wowvoiceproxy.exe (Blizzard Entertainment)
FirewallRules: [UDP Query User{E6E02C01-B58C-44D5-B6AE-9767B867DF3A}D:\gry\world of warcraft\utils\wowvoiceproxy.exe] = & gt; (Allow) D:\gry\world of warcraft\utils\wowvoiceproxy.exe (Blizzard Entertainment)
FirewallRules: [TCP Query User{6D401ABB-D0DA-4004-AFA9-2D63942F6ED1}D:\gry\quake\quake\darkplaces.exe] = & gt; (Allow) D:\gry\quake\quake\darkplaces.exe ()
FirewallRules: [UDP Query User{2E14BCFC-790B-4F30-8FBA-5229ADC092CD}D:\gry\quake\quake\darkplaces.exe] = & gt; (Allow) D:\gry\quake\quake\darkplaces.exe ()
FirewallRules: [{6D6540FA-6398-4E17-B49E-E9072DDCC720}] = & gt; (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)
FirewallRules: [{A6A22510-B8A5-491E-A312-6B46419169A7}] = & gt; (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Ltd)
FirewallRules: [{DED868A9-62E7-401E-B26B-CE1EA8C62F94}] = & gt; (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Ltd)
FirewallRules: [{BCFF5324-C40A-4613-9D73-607B1A71D138}] = & gt; (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation)
FirewallRules: [{A1F75A38-A67B-4403-A2A6-C05C44B6B474}] = & gt; (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation)
FirewallRules: [{FCB9F427-C63F-4CAF-8131-CCC8BF1CEB49}] = & gt; (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation)
FirewallRules: [{1DC38E02-95D1-463C-A256-5082597EB80A}] = & gt; (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation)
FirewallRules: [{ED62F4A1-504A-4172-85D2-25D5F4853F5B}] = & gt; (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation)
FirewallRules: [{5E50E1D1-1598-4C29-BFD9-166C5454C43D}] = & gt; (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation)
FirewallRules: [{05BF2CC3-0738-43E0-BEBB-7A0A78F4E1DA}] = & gt; (Allow) C:\WINDOWS\AutoKMS\AutoKMS.exe Brak pliku
FirewallRules: [{7F17A3E5-F03F-4BAE-9F2F-BE876DC84924}] = & gt; (Allow) C:\WINDOWS\AutoKMS\AutoKMS.exe Brak pliku
FirewallRules: [{F598C44F-499B-4CA4-94C0-921416D47A77}] = & gt; (Allow) D:\Gry\Steam\steamapps\common\SteamVR\tools\steamvr_environments\game\bin\win64\steamtours.exe ()
FirewallRules: [{F9A7B9D8-BADE-41C3-AB41-160D560E9D62}] = & gt; (Allow) D:\Gry\Steam\steamapps\common\SteamVR\tools\steamvr_environments\game\bin\win64\steamtours.exe ()
FirewallRules: [{5508D2AF-FE64-4A8E-9274-50D6567C9E79}] = & gt; (Allow) D:\Gry\Steam\steamapps\common\SteamVR\tools\steamvr_environments\game\bin\win64\steamtourscfg.exe ()
FirewallRules: [{A902D2F1-FA7F-4208-A5F9-9F39FAB18199}] = & gt; (Allow) D:\Gry\Steam\steamapps\common\SteamVR\tools\steamvr_environments\game\bin\win64\steamtourscfg.exe ()

==================== Punkty Przywracania systemu =========================

26-12-2018 08:33:15 Removing COMODO Client - Security
26-12-2018 11:12:51 Removed COMODO Secure Shopping

==================== Wadliwe urządzenia w Menedżerze urządzeń =============


==================== Błędy w Dzienniku zdarzeń: =========================

Dziennik Aplikacja:
==================
Error: (12/26/2018 10:59:50 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nazwa aplikacji powodującej błąd: FRST64.exe, wersja: 24.12.2018.0, sygnatura czasowa: 0x5c20f10d
Nazwa modułu powodującego błąd: Wintrust.dll, wersja: 6.3.9600.18508, sygnatura czasowa: 0x57f3fc8d
Kod wyjątku: 0xc0000005
Przesunięcie błędu: 0x000000000000baa5
Identyfikator procesu powodującego błąd: 0x28c4
Godzina uruchomienia aplikacji powodującej błąd: 0x01d49d018c389e45
Ścieżka aplikacji powodującej błąd: C:\Users\Mariusz\Desktop\FRST64.exe
Ścieżka modułu powodującego błąd: C:\WINDOWS\system32\Wintrust.dll
Identyfikator raportu: fb74eb60-08f4-11e9-bf68-2016d827b5ff
Pełna nazwa pakietu powodującego błąd:
Identyfikator aplikacji względem pakietu powodującego błąd:

Error: (12/25/2018 09:36:09 AM) (Source: Microsoft-Windows-WMI) (EventID: 24) (User: ZARZĄDZANIE NT)
Description: Dostawca zdarzeń CisWmi próbował zarejestrować zapytanie „SELECT * FROM CisFileRatingChange”, w przypadku którego klasa docelowa „CisFileRatingChange” w przestrzeni nazw //./root/cis nie istnieje. Zapytanie zostanie zignorowane.

Error: (12/25/2018 09:36:09 AM) (Source: Microsoft-Windows-WMI) (EventID: 24) (User: ZARZĄDZANIE NT)
Description: Dostawca zdarzeń CisWmi próbował zarejestrować zapytanie „SELECT * FROM CisStatusChange”, w przypadku którego klasa docelowa „CisStatusChange” w przestrzeni nazw //./root/cis nie istnieje. Zapytanie zostanie zignorowane.

Error: (12/25/2018 09:36:09 AM) (Source: Microsoft-Windows-WMI) (EventID: 24) (User: ZARZĄDZANIE NT)
Description: Dostawca zdarzeń CisWmi próbował zarejestrować zapytanie „SELECT * FROM CisNotification”, w przypadku którego klasa docelowa „CisNotification” w przestrzeni nazw //./root/cis nie istnieje. Zapytanie zostanie zignorowane.

Error: (12/25/2018 09:36:09 AM) (Source: Microsoft-Windows-WMI) (EventID: 24) (User: ZARZĄDZANIE NT)
Description: Dostawca zdarzeń CisWmi próbował zarejestrować zapytanie „SELECT * FROM FwAlert”, w przypadku którego klasa docelowa „FwAlert” w przestrzeni nazw //./root/cis nie istnieje. Zapytanie zostanie zignorowane.

Error: (12/25/2018 09:36:09 AM) (Source: Microsoft-Windows-WMI) (EventID: 24) (User: ZARZĄDZANIE NT)
Description: Dostawca zdarzeń CisWmi próbował zarejestrować zapytanie „SELECT * FROM DfAlert”, w przypadku którego klasa docelowa „DfAlert” w przestrzeni nazw //./root/cis nie istnieje. Zapytanie zostanie zignorowane.

Error: (12/25/2018 09:36:09 AM) (Source: Microsoft-Windows-WMI) (EventID: 24) (User: ZARZĄDZANIE NT)
Description: Dostawca zdarzeń CisWmi próbował zarejestrować zapytanie „SELECT * FROM AvAlert”, w przypadku którego klasa docelowa „AvAlert” w przestrzeni nazw //./root/cis nie istnieje. Zapytanie zostanie zignorowane.

Error: (12/25/2018 09:36:09 AM) (Source: Microsoft-Windows-WMI) (EventID: 24) (User: ZARZĄDZANIE NT)
Description: Dostawca zdarzeń CisWmi próbował zarejestrować zapytanie „SELECT * FROM CisAlert”, w przypadku którego klasa docelowa „CisAlert” w przestrzeni nazw //./root/cis nie istnieje. Zapytanie zostanie zignorowane.


Dziennik System:
=============
Error: (12/26/2018 11:35:03 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Nie można uruchomić usługi PLAY ONLINE. OUC z powodu następującego błędu:
Usługa nie odpowiada na sygnał uruchomienia lub sygnał sterujący w oczekiwanym czasie.

Error: (12/26/2018 11:35:03 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Upłynął limit czasu (30000 ms) podczas oczekiwania na połączenie się z usługą PLAY ONLINE. OUC.

Error: (12/26/2018 11:35:03 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Nie można uruchomić usługi Origin Web Helper Service z powodu następującego błędu:
Usługa nie odpowiada na sygnał uruchomienia lub sygnał sterujący w oczekiwanym czasie.

Error: (12/26/2018 11:35:03 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Upłynął limit czasu (30000 ms) podczas oczekiwania na połączenie się z usługą Origin Web Helper Service.

Error: (12/26/2018 09:34:02 AM) (Source: Schannel) (EventID: 4119) (User: ZARZĄDZANIE NT)
Description: Odebrano alert krytyczny ze zdalnego punktu końcowego. Kod alertu krytycznego zdefiniowany przez protokół TLS to 20.

Error: (12/26/2018 08:35:26 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Nie można uruchomić usługi PLAY ONLINE. OUC z powodu następującego błędu:
Usługa nie odpowiada na sygnał uruchomienia lub sygnał sterujący w oczekiwanym czasie.

Error: (12/26/2018 08:35:26 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Upłynął limit czasu (30000 ms) podczas oczekiwania na połączenie się z usługą PLAY ONLINE. OUC.

Error: (12/26/2018 08:35:25 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Nie można uruchomić usługi Origin Web Helper Service z powodu następującego błędu:
Usługa nie odpowiada na sygnał uruchomienia lub sygnał sterujący w oczekiwanym czasie.


Windows Defender:
===================================
Date: 2016-12-27 16:09:52.040
Description:
Produkt Windows Defender wykrył złośliwe oprogramowanie lub inne potencjalnie niechciane oprogramowanie.
Aby uzyskać więcej informacji, zobacz:
http://go.microsoft.com/fwlink/?linkid=37020 & name=HackTool:Win32/AutoKMS & threatid=2147685180 & enterprise=0
Nazwa: HackTool:Win32/AutoKMS
Identyfikator: 2147685180
Ważność: Średni
Kategoria: Narzędzie
Ścieżka: containerfile:_D:\pen\programy\Microsoft.Office.Professional.Plus.2016.PL.rar;file:_C:\ProgramData\KMSAutoS\bin\KMSSS.exe;file:_D:\pen\programy\Microsoft.Office.Professional.Plus.2016.PL.rar- & gt; Microsoft.Office.Professional.Plus.2016.PL\KMSAuto Net 2015 v1.3.8 Portable\KMSAuto Net.exe- & gt; [MSILRES:KMSAuto_Net.Resources.resources]#9
Pochodzenie wykrycia: Komputer lokalny
Typ wykrycia: Konkretne
Źródło wykrycia: System
Użytkownik: ZARZĄDZANIE NT\SYSTEM
Nazwa procesu: Unknown
Wersja podpisu: AV: 1.233.3353.0, AS: 1.233.3353.0, NIS: 116.72.0.0
Wersja aparatu: AM: 1.1.13303.0, NIS: 2.1.12706.0

Date: 2016-12-27 16:09:52.040
Description:
Produkt Windows Defender wykrył złośliwe oprogramowanie lub inne potencjalnie niechciane oprogramowanie.
Aby uzyskać więcej informacji, zobacz:
http://go.microsoft.com/fwlink/?linkid=37020 & name=HackTool:Win32/Keygen & threatid=2147593794 & enterprise=0
Nazwa: HackTool:Win32/Keygen
Identyfikator: 2147593794
Ważność: Średni
Kategoria: Narzędzie
Ścieżka: containerfile:_C:\$Recycle.Bin\S-1-5-21-2102368143-2728945569-3422748965-1001\$R6AB0FT.rar;file:_C:\$Recycle.Bin\S-1-5-21-2102368143-2728945569-3422748965-1001\$R6AB0FT.rar- & gt; Windows 7 (x86) Czerwiec 2015 PL\pl_windows_7_with_sp1_x86_dvd_u_11062015.iso- & gt; \Windows Loader v2.2.2\Windows Loader.exe;file:_C:\$Recycle.Bin\S-1-5-21-2102368143-2728945569-3422748965-1001\$R6AB0FT.rar- & gt; Windows 7 (x86) Czerwiec 2015 PL\Windows Loader v2.2.2\Windows Loader.exe
Pochodzenie wykrycia: Komputer lokalny
Typ wykrycia: Konkretne
Źródło wykrycia: System
Użytkownik: ZARZĄDZANIE NT\SYSTEM
Nazwa procesu: Unknown
Wersja podpisu: AV: 1.233.3353.0, AS: 1.233.3353.0, NIS: 116.72.0.0
Wersja aparatu: AM: 1.1.13303.0, NIS: 2.1.12706.0

Date: 2016-12-27 16:04:05.760
Description:
Produkt Windows Defender wykrył złośliwe oprogramowanie lub inne potencjalnie niechciane oprogramowanie.
Aby uzyskać więcej informacji, zobacz:
http://go.microsoft.com/fwlink/?linkid=37020 & name=HackTool:Win32/AutoKMS & threatid=2147685180 & enterprise=0
Nazwa: HackTool:Win32/AutoKMS
Identyfikator: 2147685180
Ważność: Średni
Kategoria: Narzędzie
Ścieżka: containerfile:_D:\pen\programy\Microsoft.Office.Professional.Plus.2016.PL.rar;file:_C:\ProgramData\KMSAutoS\bin\KMSSS.exe;file:_D:\pen\programy\Microsoft.Office.Professional.Plus.2016.PL.rar- & gt; Microsoft.Office.Professional.Plus.2016.PL\KMSAuto Net 2015 v1.3.8 Portable\KMSAuto Net.exe- & gt; [MSILRES:KMSAuto_Net.Resources.resources]#9
Pochodzenie wykrycia: Komputer lokalny
Typ wykrycia: Konkretne
Źródło wykrycia: System
Użytkownik: ZARZĄDZANIE NT\SYSTEM
Nazwa procesu: Unknown
Wersja podpisu: AV: 1.233.3353.0, AS: 1.233.3353.0, NIS: 116.72.0.0
Wersja aparatu: AM: 1.1.13303.0, NIS: 2.1.12706.0

Date: 2016-12-27 16:04:05.759
Description:
Produkt Windows Defender wykrył złośliwe oprogramowanie lub inne potencjalnie niechciane oprogramowanie.
Aby uzyskać więcej informacji, zobacz:
http://go.microsoft.com/fwlink/?linkid=37020 & name=HackTool:Win32/Keygen & threatid=2147593794 & enterprise=0
Nazwa: HackTool:Win32/Keygen
Identyfikator: 2147593794
Ważność: Średni
Kategoria: Narzędzie
Ścieżka: containerfile:_C:\$Recycle.Bin\S-1-5-21-2102368143-2728945569-3422748965-1001\$R6AB0FT.rar;file:_C:\$Recycle.Bin\S-1-5-21-2102368143-2728945569-3422748965-1001\$R6AB0FT.rar- & gt; Windows 7 (x86) Czerwiec 2015 PL\pl_windows_7_with_sp1_x86_dvd_u_11062015.iso- & gt; \Windows Loader v2.2.2\Windows Loader.exe;file:_C:\$Recycle.Bin\S-1-5-21-2102368143-2728945569-3422748965-1001\$R6AB0FT.rar- & gt; Windows 7 (x86) Czerwiec 2015 PL\Windows Loader v2.2.2\Windows Loader.exe
Pochodzenie wykrycia: Komputer lokalny
Typ wykrycia: Konkretne
Źródło wykrycia: System
Użytkownik: ZARZĄDZANIE NT\SYSTEM
Nazwa procesu: Unknown
Wersja podpisu: AV: 1.233.3353.0, AS: 1.233.3353.0, NIS: 116.72.0.0
Wersja aparatu: AM: 1.1.13303.0, NIS: 2.1.12706.0

Date: 2016-12-27 15:23:54.794
Description:
Produkt Windows Defender wykrył złośliwe oprogramowanie lub inne potencjalnie niechciane oprogramowanie.
Aby uzyskać więcej informacji, zobacz:
http://go.microsoft.com/fwlink/?linkid=37020 & name=HackTool:Win32/AutoKMS & threatid=2147685180 & enterprise=0
Nazwa: HackTool:Win32/AutoKMS
Identyfikator: 2147685180
Ważność: Średni
Kategoria: Narzędzie
Ścieżka: containerfile:_D:\pen\programy\Microsoft.Office.Professional.Plus.2016.PL.rar;file:_C:\ProgramData\KMSAutoS\bin\KMSSS.exe;file:_D:\pen\programy\Microsoft.Office.Professional.Plus.2016.PL.rar- & gt; Microsoft.Office.Professional.Plus.2016.PL\KMSAuto Net 2015 v1.3.8 Portable\KMSAuto Net.exe- & gt; [MSILRES:KMSAuto_Net.Resources.resources]#9
Pochodzenie wykrycia: Komputer lokalny
Typ wykrycia: Konkretne
Źródło wykrycia: System
Użytkownik: ZARZĄDZANIE NT\SYSTEM
Nazwa procesu: Unknown
Wersja podpisu: AV: 1.233.3353.0, AS: 1.233.3353.0, NIS: 116.72.0.0
Wersja aparatu: AM: 1.1.13303.0, NIS: 2.1.12706.0

Date: 2018-12-25 09:33:11.177
Description:
Produkt Windows Defender napotkał błąd podczas próby aktualizacji podpisów.
Nowa wersja podpisu:
Poprzednia wersja podpisu: 1.233.3353.0
Źródło aktualizacji: Serwer usługi Microsoft Update
Typ podpisu: Oprogramowanie antywirusowe
Typ aktualizacji: Pełne
Użytkownik: ZARZĄDZANIE NT\SYSTEM
Bieżąca wersja aparatu:
Poprzednia wersja aparatu: 1.1.13303.0
Kod błędu: 0x80240022
Opis błędu: Program nie może sprawdzić, czy są dostępne aktualizacje definicji.

Date: 2018-12-25 09:33:11.177
Description:
Produkt Windows Defender napotkał błąd podczas próby aktualizacji podpisów.
Nowa wersja podpisu:
Poprzednia wersja podpisu: 1.233.3353.0
Źródło aktualizacji: Serwer usługi Microsoft Update
Typ podpisu: Oprogramowanie antywirusowe
Typ aktualizacji: Pełne
Użytkownik: ZARZĄDZANIE NT\SYSTEM
Bieżąca wersja aparatu:
Poprzednia wersja aparatu: 1.1.13303.0
Kod błędu: 0x80240022
Opis błędu: Program nie może sprawdzić, czy są dostępne aktualizacje definicji.

Date: 2016-12-15 23:22:35.384
Description:
Działanie aparatu Windows Defender zostało zakończone z powodu nieoczekiwanego błędu.
Typ błędu: Awaria
Kod wyjątku: 0xc0000005
Zasób:

Date: 2016-12-15 23:22:35.381
Description:
Działanie aparatu Windows Defender zostało zakończone z powodu nieoczekiwanego błędu.
Typ błędu: Awaria
Kod wyjątku: 0xc0000005
Zasób:

Date: 2016-11-09 22:48:50.740
Description:
Produkt Windows Defender napotkał błąd podczas próby aktualizacji podpisów.
Nowa wersja podpisu:
Poprzednia wersja podpisu: 1.231.1587.0
Źródło aktualizacji: Centrum firmy Microsoft ds. ochrony przed złośliwym oprogramowaniem
Typ podpisu: Oprogramowanie antyszpiegowskie
Typ aktualizacji: Pełne
Użytkownik: ZARZĄDZANIE NT\USŁUGA SIECIOWA
Bieżąca wersja aparatu:
Poprzednia wersja aparatu: 1.1.13202.0
Kod błędu: 0x80072ee2
Opis błędu: Limit czasu operacji został przekroczony.

CodeIntegrity:
===================================

Date: 2018-12-26 08:39:15.228
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\WINDOWS\System32\svchost.exe) attempted to load \Device\HarddiskVolume4\WINDOWS\System32\cssguard64.dll that did not meet the Windows signing level requirements.

Date: 2018-12-26 08:34:52.923
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\WINDOWS\System32\services.exe) attempted to load \Device\HarddiskVolume4\WINDOWS\System32\cssguard64.dll that did not meet the Windows signing level requirements.

Date: 2018-12-26 08:33:54.999
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2018-12-26 08:33:14.968
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\WINDOWS\System32\svchost.exe) attempted to load \Device\HarddiskVolume4\WINDOWS\System32\cssguard64.dll that did not meet the Windows signing level requirements.

Date: 2018-12-26 03:47:03.278
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\WINDOWS\System32\svchost.exe) attempted to load \Device\HarddiskVolume4\WINDOWS\System32\cssguard64.dll that did not meet the Windows signing level requirements.

Date: 2018-12-25 21:40:19.830
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\WINDOWS\System32\svchost.exe) attempted to load \Device\HarddiskVolume4\WINDOWS\System32\cssguard64.dll that did not meet the Windows signing level requirements.

Date: 2018-12-25 19:04:52.285
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume4\WINDOWS\SysWOW64\cssguard32.dll that did not meet the Microsoft signing level requirements.

Date: 2018-12-25 19:04:51.190
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume4\WINDOWS\System32\cssguard64.dll that did not meet the Microsoft signing level requirements.

==================== Statystyki pamięci ===========================

Procesor: Intel(R) Core(TM) i5-3210M CPU @ 2.50GHz
Procent pamięci w użyciu: 21%
Całkowita pamięć fizyczna: 8057.77 MB
Dostępna pamięć fizyczna: 6308.93 MB
Całkowita pamięć wirtualna: 16249.77 MB
Dostępna pamięć wirtualna: 13995.93 MB

==================== Dyski ================================

Drive c: () (Fixed) (Total:118.29 GB) (Free:24.96 GB) NTFS
Drive d: (Dane) (Fixed) (Total:931.51 GB) (Free:113.61 GB) NTFS

\\?\Volume{469725de-d8ef-4d85-827a-d0f6edf2715c}\ (Odzyskiwanie) (Fixed) (Total:0.29 GB) (Free:0.26 GB) NTFS
\\?\Volume{d2f72f0e-fec3-4a04-987a-36783e61b6a6}\ () (Fixed) (Total:0.44 GB) (Free:0.15 GB) NTFS

==================== MBR & Tablica partycji ==================

========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 119.2 GB) (Disk ID: 0C0EA81C)

Partition: GPT.

========================================================
Disk: 1 (Size: 931.5 GB) (Disk ID: B647826F)

Partition: GPT.

==================== Koniec Addition.txt ============================