Problem windows 7 32 bit - Nie jest prawidłową aplikacją systemu win32

Question

Mam taki problem od jakiegoś czasu, że programy nie mogą się uruchomić i wyskakuje komunikat - Nie jest prawidłową aplikacją systemu win32, program pr...

Kolobos · Answer

Zacznij od czytania nazw dzialow ze zrozumieniem PRZED napisaniem, zamiast pisac byle gdzie!

Albo masz uszkodzony dysk albo jakis wirus infekujacy pliki.

Zamiesc stan smart dysku z dowolnego programu (CrystalDiskInfo poratable, mhdd itp).
Do tego zrob skan dysku (o ile jest sprawny) przy pomocy cureit livecd/usb.

Sons · Answer

Chyba źle wybrałem dział, możliwe że z początku chciałem wybrać odpowiedni, ale tak jakoś wyszło bo nie byłem pewny. Trochę czasu minęło, ale to z powodu takiego, że nie miałem czasu, ale udało mi się jedynie wykonaś screeny z crystal disk. Jeżeli chodzi o dr web cureit lub nawet hirens boot czy eset secure live usb - zupełnie nic bo pojawia się błąd; Unable to find a medium containing a live file system i nie wiem co już robić. Natomiast spróbowałem dr web cureit jako skan komputera nie robiąc z tego bootowalnego cd/usb i było sporo trojanów, rootkity - jakiś necurs rootkit; czy to też mam przesłać i jak tamto naprawić z tym bootowalnym usb?

Kolobos · Answer

Masz dwa dyski, dlaczego zamiesciles screeny tylko dla drugiego? Swoja droga ten dysk jest uszkodzony i nadaje sie do wymiany. Chyba, ze to screen po podlaczeniu dysku do innego komputera?

Zamiesc tez w zalaczniku logi z FRST, ze skanowania (addition.txt oraz frst.txt).

Sons · Answer

Ten pierwszy nie ma żadnych błędów ani nic - jest zdrowy, dlatego pomyślałem że nie trzeba wrzucać screena, ale mogę podesłać jeśli trzeba. A to jest screen z tego skanowania z FRST (addition.txt oraz first.txt)

Kolobos · Answer

Po co Ci tyle przegladarek, vpn'ow, proxy itp smieci? Nie mowiac juz o ilosci dodatkow do Chrome...

Odinstaluj:
Adobe Reader 9.3, zmien na najnowsza wersj AR.
McAfee Security Scan Plus
SpeedChecker Service

Obok frst.exe utworz plik Fixlist.txt z zawartoscia:
CloseProcesses:
Task: {087E2ED9-86AA-4E75-8BD3-E16D2D800595} - System32\Tasks\Opera scheduled Autoupdate 1420905669 => C:\Program Files\Opera\launcher.exe (Opera Software AS -> Opera Software)
Task: {0CFD8F89-55FE-467F-9498-15F80DC6EA0C} - System32\Tasks\{67EB901B-92EC-4260-BD4F-5A36BAEF7824} => C:\Windows\system32\pcalua.exe -a D:\Downloads\blender-2.47-windows.exe
Task: {1288021F-D52F-460B-9FBF-DE9E24DD4359} - System32\Tasks\{4D2841BA-5E2B-4D33-95B0-3040201E8A06} => K:\Program Files\CyberGhost 6\CyberGhost.exe
Task: {1ADC5BA0-1FB6-4E3A-BCA7-F904B4CF156E} - System32\Tasks\{9EF2368B-5A7A-4FDC-9A51-FA43D446FEA0} => C:\Windows\system32\pcalua.exe -a C:\Users\Marcin\Desktop\ALL_INST_1.12.0022_DASH_20110922_B1\setup.exe -d C:\Users\Marcin\Desktop\ALL_INST_1.12.0022_DASH_20110922_B1
Task: {1B8BC459-353F-414B-A8ED-7148250F55EB} - System32\Tasks\{9EDC877E-C9DA-4F32-B3B6-242E702049C0} => C:\Windows\system32\pcalua.exe -a C:\Users\Marcin\Spynet\spynet312.exe -d C:\Users\Marcin\Spynet
Task: {1DC331FB-4DB0-4C12-A924-F48297715757} - System32\Tasks\{53BE4AF1-7346-478D-94C1-6243DFDE1410} => E:\Program Files\SafeIP\SafeIP.exe
Task: {2DDDCA6A-6A2E-41FB-9BB9-4B0231FA16C2} - System32\Tasks\{2628BB8F-2F03-4C5D-B5C3-A0FD60E457D6} => C:\Windows\system32\pcalua.exe -a "C:\Users\Marcin\Downloads\LS-RP Launcher.exe"
Task: {31325D6D-F1A1-443C-96CC-54016849616A} - System32\Tasks\{8F8FA7AC-3358-4644-9972-ABF40366B605} => C:\Windows\system32\pcalua.exe -a C:\Users\Marcin\Downloads\setup.exe -d C:\Users\Marcin\Downloads
Task: {38A2A99D-9848-4606-97A4-97BB73F48CB5} - System32\Tasks\Opera scheduled Autoupdate 1533260823 => C:\Users\Marcin\AppData\Local\Programs\Opera developer\launcher.exe (Opera Software AS -> Opera Software) [Brak podpisu cyfrowego]
Task: {4BCD5118-C5A5-4C57-A309-7C2EC06CFCBF} - System32\Tasks\{0192DACC-ACBE-4682-BE60-E9E081F366FD} => C:\Windows\system32\pcalua.exe -a C:\Users\Marcin\Downloads\Install.exe -d C:\Users\Marcin\Downloads
Task: {6935ABF8-5918-4B7E-AFB8-C5E4F595F017} - System32\Tasks\{6DDA8680-8EB8-487A-85CB-F11E6FB32AC7} => C:\Windows\system32\pcalua.exe -a D:\setup.exe -d D:\ -c /CD
Task: {6C0A66C3-C5EE-4E1A-A177-92205B7BE7C9} - System32\Tasks\{F31F0D29-32FC-47B7-98DF-2F8638CB2850} => "c:\program files\google\chrome\application\chrome.exe" hxxps://ui.skype.com/ui/0/7.30.64.105/pl/abandoninstall?page=tsProgressBar
Task: {6D37AF84-00ED-4362-9AB4-EA8B39FDB4FA} - System32\Tasks\{7503CD43-B3F7-471C-8D6A-FCB59A2B137E} => C:\Windows\system32\pcalua.exe -a C:\Users\Marcin\Downloads\ChomikBox\Autodesk_Maya_2012_English_Japanese_Win_64bit.exe -d C:\Users\Marcin\Downloads\ChomikBox
Task: {6E27E5D2-200A-4975-ADD6-CE7244193544} - System32\Tasks\{FC70A573-3DB4-4099-9E65-678928DF4A3F} => C:\Program Files\Autodesk\3ds Max 9\3dsmax.exe (Autodesk, Inc.) [Brak podpisu cyfrowego]
Task: {716AD8F6-9D88-48C2-B1E5-6A255D3AA9AB} - System32\Tasks\TuxlerChromeExtensionHelperApp => K:\Program Files\TuxlerChromeExtensionHelperApp\ExtensionHelperAppManager.exe (Tuxler Privacy Technologies, Inc. -> Tuxler Privacy Technologies, Inc.)
Task: {81E00807-541C-4385-AAF6-C6DDD9D801D4} - System32\Tasks\{74492613-BD29-426E-BD0C-146ED5CC935A} => C:\Autodesk\Maya_2012_EJ_Win_64-bit\Setup.exe
Task: {8B5AE146-E801-4F59-8530-49A5E6B80C07} - System32\Tasks\{9A1D9707-BF72-47F5-A375-9898F34D196B} => C:\Windows\system32\pcalua.exe -a C:\Users\Marcin\Desktop\win7-32\CPSetup.exe -d C:\Users\Marcin\Desktop\win7-32
Task: {A86ACF01-70BC-47C5-947A-F44D62BB3B6E} - System32\Tasks\Driver Detective => C:\Program Files\Driver Detective\DriversHQ.DriverDetective.Client.exe
Task: {C4A5CA76-9BB3-4CA6-B8CF-710C0E88431A} - System32\Tasks\{FF854752-A718-4C9A-91EB-0705C9C63EA2} => C:\Program Files\Autodesk\Maya2011\bin\maya.exe (Autodesk) [Brak podpisu cyfrowego]
Task: {C4B119F2-0335-4252-941C-A002C7CC143E} - System32\Tasks\{CA7B99E2-6EA4-4ECF-B6B6-52415DBF9FBF} => C:\Autodesk\Maya_2012_EJ_Win_64-bit\Setup.exe
Task: {EFEDF06A-C974-49A1-9241-10536A162FE2} - System32\Tasks\{389253EF-77CF-4C32-BFBF-A633D146F1C8} => "c:\program files\google\chrome\application\chrome.exe" hxxps://ui.skype.com/ui/0/7.38.0.101/pl/abandoninstall?page=tsProgressBar
Task: C:\Windows\Tasks\AdwCleaner_onReboot.job => J:\adwcleaner_7.2.7.0.exe
AlternateDataStreams: C:\ProgramData\MTA San Andreas All:NT [40]
AlternateDataStreams: C:\ProgramData\MTA San Andreas All:NT2 [432]
AlternateDataStreams: C:\Users\Marcin\Dane aplikacji:NT [40]
AlternateDataStreams: C:\Users\Marcin\Dane aplikacji:NT2 [432]
AlternateDataStreams: C:\Users\Marcin\AppData\Roaming:NT [40]
AlternateDataStreams: C:\Users\Marcin\AppData\Roaming:NT2 [432]
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk [2019-03-14]
ShortcutTarget: McAfee Security Scan Plus.lnk -> C:\Program Files\McAfee Security Scan\3.11.895\SSScheduler.exe (McAfee, Inc. -> McAfee, Inc.)
Startup: C:\Users\Marcin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\iexplorer.lnk [2018-11-21]
ShortcutTarget: iexplorer.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe (Microsoft Windows -> Microsoft Corporation)
GroupPolicy: Ograniczenia ? <==== UWAGA
CHR HKLM\SOFTWARE\Policies\Google: Ograniczenia <==== UWAGA
CHR HKU\S-1-5-21-540523009-1123668352-3565912415-1000\SOFTWARE\Policies\Google: Ograniczenia <==== UWAGA
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Ograniczenia <==== UWAGA
SearchScopes: HKU\S-1-5-21-540523009-1123668352-3565912415-1000 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-540523009-1123668352-3565912415-1000 -> {22F8AF62-9DE8-4423-B74C-E031775DA065} URL = hxxp://www.google.com/cse?cx=partner-pub-3794288947762788%3A7941509802&ie=UTF-8&sa=Search&siteurl=www.google.com%2Fcse%2Fhome%3Fcx%3Dpartner-pub-3794288947762788%3A7941509802&q={searchTerms}
SearchScopes: HKU\S-1-5-21-540523009-1123668352-3565912415-1000 -> {C9D2BD36-1C78-4a18-B9E1-BEC5E390D845} URL = hxxp://uk.search.yahoo.com/search?p={searchTerms}&fr=chr-devicevm&type=IEBDSV
CHR HKLM\...\Chrome\Extension: [ccjleegmemocfpghkhpjmiccjcacackp] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM\...\Chrome\Extension: [hhgfkbnifcfibjflcgibdmabmcgmjdco] - K:\Bitdefender\Bitdefender Safepay\spbxcr.crx [2018-10-01]
CHR HKLM\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - hxxps://clients2.google.com/service/update2/crx
U3 aswbdisk; Brak ImagePath
S3 FairplayKD; \??\C:\ProgramData\MTA San Andreas All\Common\temp\FairplayKD.sys [X]
S3 gdrv; \??\C:\Windows\gdrv.sys [X]
S3 MSICDSetup; \??\D:\CDriver.sys [X]
S3 NVNET; system32\DRIVERS\nvmf6232.sys [X]
S3 taphss6; system32\DRIVERS\taphss6.sys [X]
S3 tapSF0901; system32\DRIVERS\tapSF0901.sys [X]
S3 VGPU; System32\drivers\rdvgkmd.sys [X]
2019-03-14 11:16 - 2019-03-14 11:16 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee Security Scan Plus
2019-03-14 11:13 - 2019-03-14 11:16 - 000002121 _____ C:\Users\Public\Desktop\McAfee Security Scan Plus.lnk
2019-03-14 11:13 - 2019-03-14 11:13 - 000000000 ____D C:\Program Files\McAfee Security Scan
2019-03-14 11:12 - 2019-03-14 11:19 - 000000000 ____D C:\ProgramData\McAfee
2019-03-14 11:12 - 2019-03-14 11:12 - 000000000 ____D C:\ProgramData\McAfee Security Scan
2019-03-14 11:11 - 2019-03-14 12:08 - 000000000 ____D C:\ProgramData\F-Secure
2019-03-14 11:11 - 2019-03-14 11:11 - 000000000 ____D C:\Users\Marcin\AppData\Local\F-Secure
2019-03-12 13:24 - 2019-03-12 13:24 - 000000000 ____D C:\Qoobox
2018-12-21 03:45 - 2018-12-21 03:45 - 000000000 ____D C:\found.002

W FRST wybierz Napraw.

Anonymous · Answer

Kto korzysta z tego komputera? Dwuletnie dziecko, które nie umie czytać komunikatów wyskakujących podczas instalacji jakiegoś programu?
I jak to możliwe, że ten system jeszcze działa?
Zdecyduj się na jedną przeglądarkę, resztę wywal, tak samo śmieci typu: TunnelBear, CyberGhost, Blockstack Browser i wiele innych, których nie używasz...

Jakieś 50 dodatków do chrome? Usuń to wszystko, a najlepiej zrób format, bo nawet trudno się to czyta.

Odinstaluj np:
AntiBrowserSpy 2018
360 Browser
Bitdefender Safepay™
Chromium
Chromodo
Comodo Dragon
McAfee Security Scan Plus
SpyNet
TunnelBear
CyberGhost
Blockstack Browser

Skopiuj i wklej do notatnika:

Spoiler:

CloseProcesses:
(Comodo Security Solutions -> Comodo) K:\Program Files\Comodo\Chromodo\chromodo_updater.exe
(Comodo Security Solutions -> Comodo) K:\Program Files\Comodo\Dragon\dragon_updater.exe
(ESET, spol. s r.o. -> ESET) L:\eset\ekrn.exe
(Comodo Security Solutions -> Comodo) K:\Program Files\Comodo\Chromodo\chromodo.exe
(Comodo Security Solutions -> Comodo) K:\Program Files\Comodo\Chromodo\chromodo.exe
(Vivaldi Technologies AS -> Vivaldi Technologies AS) E:\Users\Marcin\AppData\Local\Vivaldi\Application\vivaldi.exe
(Vivaldi Technologies AS -> Vivaldi Technologies AS) E:\Users\Marcin\AppData\Local\Vivaldi\Application\vivaldi.exe
(Vivaldi Technologies AS -> Vivaldi Technologies AS) E:\Users\Marcin\AppData\Local\Vivaldi\Application\vivaldi.exe
(Vivaldi Technologies AS -> Vivaldi Technologies AS) E:\Users\Marcin\AppData\Local\Vivaldi\Application\vivaldi.exe
(Vivaldi Technologies AS -> Vivaldi Technologies AS) E:\Users\Marcin\AppData\Local\Vivaldi\Application\vivaldi.exe
(Comodo Security Solutions -> Comodo) K:\Program Files\Comodo\Chromodo\chromodo.exe
(Comodo Security Solutions -> Comodo) K:\Program Files\Comodo\Chromodo\chromodo.exe
(Comodo Security Solutions -> Comodo) K:\Program Files\Comodo\Chromodo\chromodo.exe
(Comodo Security Solutions -> Comodo) K:\Program Files\Comodo\Chromodo\chromodo.exe
(Comodo Security Solutions -> Comodo) K:\Program Files\Comodo\Chromodo\chromodo.exe
(Comodo Security Solutions -> Comodo) K:\Program Files\Comodo\Chromodo\chromodo.exe
() [Brak podpisu cyfrowego] C:\Program Files\SEC\MagicTune 2.5\GammaTray.exe
(McAfee, Inc. -> McAfee, Inc.) C:\Program Files\McAfee Security Scan\3.11.895\SSScheduler.exe
(Bitdefender SRL -> Bitdefender) K:\Bitdefender\Bitdefender Safepay\obksvc.exe
(Bitdefender SRL -> Bitdefender) K:\Bitdefender\Bitdefender Safepay\updatesrv.exe
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk [2019-03-14]
ShortcutTarget: McAfee Security Scan Plus.lnk -> C:\Program Files\McAfee Security Scan\3.11.895\SSScheduler.exe (McAfee, Inc. -> McAfee, Inc.)
GroupPolicy: Ograniczenia ? <==== UWAGA
CHR HKLM\SOFTWARE\Policies\Google: Ograniczenia <==== UWAGA
CHR HKU\S-1-5-21-540523009-1123668352-3565912415-1000\SOFTWARE\Policies\Google: Ograniczenia <==== UWAGA
Startup: C:\Users\Marcin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\iexplorer.lnk [2018-11-21]
Startup: C:\Users\Marcin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\NaturalColorLoad.lnk [2014-12-26]
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Ograniczenia <==== UWAGA
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkID=617910&ResetID=130910493698682000&GUID=00000000-0000-0000-0000-000000000000
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
HKU\S-1-5-21-540523009-1123668352-3565912415-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\S-1-5-21-540523009-1123668352-3565912415-1000\Software\Microsoft\Internet Explorer\Main,Start Page = about:NewsFeed
SearchScopes: HKLM -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1
SearchScopes: HKU\S-1-5-21-540523009-1123668352-3565912415-1000 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-540523009-1123668352-3565912415-1000 -> {22F8AF62-9DE8-4423-B74C-E031775DA065} URL = hxxp://www.google.com/cse?cx=partner-pub-3794288947762788%3A7941509802&ie=UTF-8&sa=Search&siteurl=www.google.com%2Fcse%2Fhome%3Fcx%3Dpartner-pub-3794288947762788%3A7941509802&q={searchTerms}
SearchScopes: HKU\S-1-5-21-540523009-1123668352-3565912415-1000 -> {C9D2BD36-1C78-4a18-B9E1-BEC5E390D845} URL = hxxp://uk.search.yahoo.com/search?p={searchTerms}&fr=chr-devicevm&type=IEBDSV
BHO: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2009-12-21] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation -> Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_31\bin\ssv.dll [2015-02-16] (Oracle America, Inc. -> Oracle Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation -> Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_31\bin\jp2ssv.dll [2015-02-16] (Oracle America, Inc. -> Oracle Corporation)
BHO: Bitdefender Safepay™ for Internet Explorer -> {ED858D4C-395F-4623-987B-B420994790C9} -> K:\Bitdefender\Bitdefender Safepay\spbxie.dll [2014-11-11] (Bitdefender SRL -> Bitdefender)
FF DefaultProfile: egis1m8e.default-1523549842168
FF DefaultProfile: 82g8o031.default
FF DefaultProfile: 9nxoz8dx.default
FF DefaultProfile: n7ygkzmv.default
FF ProfilePath: C:\Users\Marcin\AppData\Roaming\Mozilla\Firefox\Profiles\egis1m8e.default-1523549842168 [2019-03-14]
FF Homepage: Mozilla\Firefox\Profiles\egis1m8e.default-1523549842168 -> hxxp://www.gazeta.pl/0,0.html?p=190
FF Extension: (Windscribe VPN) - C:\Users\Marcin\AppData\Roaming\Mozilla\Firefox\Profiles\egis1m8e.default-1523549842168\Extensions\@windscribeff.xpi [2019-03-06]
FF Extension: (Browsec VPN - Free and Unlimited VPN) - C:\Users\Marcin\AppData\Roaming\Mozilla\Firefox\Profiles\egis1m8e.default-1523549842168\Extensions\browsec@browsec.com.xpi [2019-02-26]
FF Extension: (NordVPN Proxy Extension - Privacy & Security) - C:\Users\Marcin\AppData\Roaming\Mozilla\Firefox\Profiles\egis1m8e.default-1523549842168\Extensions\nordvpnproxy@nordvpn.com.xpi [2019-03-13]
FF ProfilePath: C:\Users\Marcin\AppData\Roaming\Mozilla\Firefox\Profiles\7n7qmolw.dev-edition-default [2019-03-14]
FF Extension: (Browsec VPN - Free and Unlimited VPN) - C:\Users\Marcin\AppData\Roaming\Mozilla\Firefox\Profiles\7n7qmolw.dev-edition-default\Extensions\browsec@browsec.com.xpi [2019-02-16]
FF Extension: (Hide My IP VPN) - C:\Users\Marcin\AppData\Roaming\Mozilla\Firefox\Profiles\7n7qmolw.dev-edition-default\Extensions\vpn@hide-my-ip.org.xpi [2019-02-16]
FF Extension: (VPN Master) - C:\Users\Marcin\AppData\Roaming\Mozilla\Firefox\Profiles\7n7qmolw.dev-edition-default\Extensions\{57715155-28ba-4879-b332-cc4553b5803d}.xpi [2019-02-16]
FF Extension: (Whoer VPN) - C:\Users\Marcin\AppData\Roaming\Mozilla\Firefox\Profiles\7n7qmolw.dev-edition-default\Extensions\{ee47f82c-1872-4053-badf-cc675093f81e}.xpi [2019-02-16]
FF ProfilePath: C:\Users\Marcin\AppData\Roaming\Moonchild Productions\Basilisk\Profiles\82g8o031.default [2019-02-16]
FF ProfilePath: C:\Users\Marcin\AppData\Roaming\CLIQZ\Profiles\9nxoz8dx.default [2018-11-15]
FF Homepage: CLIQZ\Profiles\9nxoz8dx.default -> resource://cliqz/freshtab/home.html
FF Extension: (Cliqz) - C:\Users\Marcin\AppData\Roaming\CLIQZ\Profiles\9nxoz8dx.default\features\{1600f663-b4a4-465b-85c6-d74adc56e22e}\cliqz@cliqz.com.xpi [2018-09-27] [Przestarzałe] [Brak podpisu cyfrowego]
FF Extension: (re:consent) - C:\Users\Marcin\AppData\Roaming\CLIQZ\Profiles\9nxoz8dx.default\features\{1600f663-b4a4-465b-85c6-d74adc56e22e}\gdprtool@cliqz.com.xpi [2018-09-27] [Brak podpisu cyfrowego] [UpdateUrl:hxxps://s3.amazonaws.com/cdncliqz/update/browser/gdprtool@cliqz.com/update.json]
FF Extension: (HTTPS Everywhere) - C:\Users\Marcin\AppData\Roaming\CLIQZ\Profiles\9nxoz8dx.default\features\{1600f663-b4a4-465b-85c6-d74adc56e22e}\https-everywhere@cliqz.com.xpi [2018-09-27] [Brak podpisu cyfrowego]
FF ProfilePath: C:\Users\Marcin\AppData\Roaming\8pecxstudios\Cyberfox\Profiles\n7ygkzmv.default [2019-02-16]
FF Extension: (VPNetworksLLC Proxy) - C:\Users\Marcin\AppData\Roaming\8pecxstudios\Cyberfox\Profiles\n7ygkzmv.default\Extensions\@VPNetworksLLC.xpi [2019-02-16]
FF Extension: (TunnelBear VPN) - C:\Users\Marcin\AppData\Roaming\8pecxstudios\Cyberfox\Profiles\n7ygkzmv.default\Extensions\browser@tunnelbear.com.xpi [2019-02-16]
FF Extension: (Mullvad Connectivity Checker) - C:\Users\Marcin\AppData\Roaming\8pecxstudios\Cyberfox\Profiles\n7ygkzmv.default\Extensions\{056f0ec1-d798-4767-8e3d-f708f5e0999d}.xpi [2019-02-16]
FF Extension: (VPN - Grab A Proxy - FREE) - C:\Users\Marcin\AppData\Roaming\8pecxstudios\Cyberfox\Profiles\n7ygkzmv.default\Extensions\{32cb491e-ec24-4b50-a6dd-b3ca5f42c4f4}.xpi [2019-02-16]
FF Extension: (OIE) - C:\Users\Marcin\AppData\Roaming\8pecxstudios\Cyberfox\Profiles\n7ygkzmv.default\Extensions\{34df2695-9662-4e42-9cdb-7990f1f04206}.xpi [2019-02-16]
FF Extension: (Disable WebRTC) - C:\Users\Marcin\AppData\Roaming\8pecxstudios\Cyberfox\Profiles\n7ygkzmv.default\Extensions\{64f73088-5156-43ae-94db-5a4701089ba3}.xpi [2019-02-16]
FF Extension: (hide.me Proxy) - C:\Users\Marcin\AppData\Roaming\8pecxstudios\Cyberfox\Profiles\n7ygkzmv.default\Extensions\{7079d3c5-b1a0-4964-8a7a-add0d2af8f52}.xpi [2019-02-16]
FF Extension: (CloudVPN - качественный прокси впн сервис) - C:\Users\Marcin\AppData\Roaming\8pecxstudios\Cyberfox\Profiles\n7ygkzmv.default\Extensions\{7894d07a-0be7-4330-9829-3464a7854156}.xpi [2019-02-16]
FF Extension: (Whoer VPN) - C:\Users\Marcin\AppData\Roaming\8pecxstudios\Cyberfox\Profiles\n7ygkzmv.default\Extensions\{ee47f82c-1872-4053-badf-cc675093f81e}.xpi [2019-02-16]
FF Extension: (CyberCTR) - K:\Program Files\Cyberfox\browser\features\CTR@8pecxstudios.com.xpi [2018-06-29] [Przestarzałe] [Brak podpisu cyfrowego]
FF HKLM\...\Firefox\Extensions: [{a171a864-424e-4d77-be5a-1ee220deccd3}] - K:\Bitdefender\Bitdefender Safepay\spbxff
FF Extension: (Bitdefender Safepay) - K:\Bitdefender\Bitdefender Safepay\spbxff [2014-11-11] [Przestarzałe] [Brak podpisu cyfrowego]
FF HKLM\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird => nie znaleziono
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32_32_0_0_156.dll [2019-03-13] (Adobe Systems Incorporated -> )
FF Plugin: @esn/npbattlelog,version=2.6.2 -> C:\Program Files\Battlelog Web Plugins\2.6.2\npbattlelog.dll [2014-12-03] (Electronic Arts -> EA Digital Illusions CE AB)
FF Plugin: @java.com/DTPlugin,version=11.31.2 -> C:\Program Files\Java\jre1.8.0_31\bin\dtplugin\npDeployJava1.dll [2015-02-16] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.31.2 -> C:\Program Files\Java\jre1.8.0_31\bin\plugin2\npjp2.dll [2015-02-16] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @Microsoft.com/GENUINE -> C:\Windows\system32\Wat\npWatWeb.dll [2015-02-13] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: @Microsoft.com/OfficeAuthz,version=14.0 -> C:\Program Files\Microsoft Office\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: @Microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: @nvidia.com/3DVision -> C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dv.dll [2015-06-17] (NVIDIA Corporation PE Sign v2014 -> NVIDIA Corporation) [Brak podpisu cyfrowego]
FF Plugin: @nvidia.com/3DVisionStreaming -> C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2015-06-17] (NVIDIA Corporation PE Sign v2014 -> NVIDIA Corporation) [Brak podpisu cyfrowego]
FF Plugin: @TOOLS.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.33.23\npGoogleUpdate3.dll [2018-12-20] (Google Inc -> Google Inc.)
FF Plugin: @TOOLS.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.33.23\npGoogleUpdate3.dll [2018-12-20] (Google Inc -> Google Inc.)
FF Plugin: @videolan.org/vlc,version=2.1.5 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2014-07-23] (VideoLAN) [Brak podpisu cyfrowego]
FF Plugin HKU\S-1-5-21-540523009-1123668352-3565912415-1000: @TOOLS.google.com/Google Update;version=3 -> C:\Users\Marcin\AppData\Local\Google\Update\1.3.33.23\npGoogleUpdate3.dll [2019-02-22] (Google Inc -> Google Inc.)
FF Plugin HKU\S-1-5-21-540523009-1123668352-3565912415-1000: @TOOLS.google.com/Google Update;version=9 -> C:\Users\Marcin\AppData\Local\Google\Update\1.3.33.23\npGoogleUpdate3.dll [2019-02-22] (Google Inc -> Google Inc.)
FF Plugin HKU\S-1-5-21-540523009-1123668352-3565912415-1000: @Updates.epicbrowser.com/Epic Privacy Browser Installer;version=3 -> C:\Users\Marcin\AppData\Local\Epic Privacy Browser\Installer\1.3.27.13\npEpicUpdate3.dll [2018-08-03] (Google Inc (TEST) -> Epic Privacy Browser) [Brak podpisu cyfrowego]
FF Plugin HKU\S-1-5-21-540523009-1123668352-3565912415-1000: @Updates.epicbrowser.com/Epic Privacy Browser Installer;version=9 -> C:\Users\Marcin\AppData\Local\Epic Privacy Browser\Installer\1.3.27.13\npEpicUpdate3.dll [2018-08-03] (Google Inc (TEST) -> Epic Privacy Browser) [Brak podpisu cyfrowego]
FF Plugin HKU\S-1-5-21-540523009-1123668352-3565912415-1000: SkypePlugin -> C:\Users\Marcin\AppData\Local\SkypePlugin\7.32.6.278\npGatewayNpapi.dll [2017-04-18] (Microsoft Corporation -> Skype Technologies S.A.)
FF Plugin HKU\S-1-5-21-540523009-1123668352-3565912415-1000: ubisoft.com/uplaypc -> C:\Program Files\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll [2015-07-15] (Ubisoft Entertainment Sweden AB -> )
StartMenuInternet: Firefox-75E106C881DA22AF - K:\Program Files\Mozilla Firefox\firefox.exe
CHR HomePage: Default -> atavi.com
CHR NewTab: Default -> Not-active:"chrome-extension://ogllliimbhgmclkgjldeffhjbhaenapo/Default.html", Not-active:"chrome-extension://ejbjamhkdedinncaeiackcdehpccoejm/pages/newtab.html", Not-active:"chrome-extension://pieohgeajiedmcohhhbbomekgpoiikgg/index.html", Not-active:"chrome-extension://dbfmnekepjoapopniengjbcpnbljalfg/index.html", Not-active:"chrome-extension://mfgdmpfihlmdekaclngibpjhdebndhdj/newtab.html", Not-active:"chrome-extension://eglajlkpjblcgkobgagfaenaehilaike/views/newtab.html", Not-active:"chrome-extension://mjmipbogglnbgcabealdgbfdkpochcjg/aurora.html", Not-active:"chrome-extension://jpchabeoojaflbaajmjhfcfiknckabpo/index.html", Not-active:"chrome-extension://jdbgjlehkajddoapdgpdjmlpdalfnenf/newtab.html"
CHR HKLM\...\Chrome\Extension: [ccjleegmemocfpghkhpjmiccjcacackp] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM\...\Chrome\Extension: [hhgfkbnifcfibjflcgibdmabmcgmjdco] - K:\Bitdefender\Bitdefender Safepay\spbxcr.crx [2018-10-01]
CHR HKLM\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - hxxps://clients2.google.com/service/update2/crx
StartMenuInternet: Google Chrome Beta - C:\Program Files\Google\Chrome Beta\Application\chrome.exe
StartMenuInternet: Google Chrome Dev - C:\Program Files\Google\Chrome Dev\Application\chrome.exe
OPR Extension: (Ghostery – Bloker reklam chroniący prywatność) - C:\Users\Marcin\AppData\Roaming\Opera Software\Opera Stable\Extensions\bbkekonodcdmedgffkkbgmnnekbainbg [2018-12-04]
OPR Extension: (DuckDuckGo for Opera) - C:\Users\Marcin\AppData\Roaming\Opera Software\Opera Stable\Extensions\cfbekbndggmbdkfhjandenfihkdkndil [2018-02-16]
OPR Extension: (ZenMate VPN - Best Cyber Security & Unblock) - C:\Users\Marcin\AppData\Roaming\Opera Software\Opera Stable\Extensions\cnhbkkedmelfmalgjpkngiaoifpdfcnl [2019-03-03]
OPR Extension: (Avira Browser Safety) - C:\Users\Marcin\AppData\Roaming\Opera Software\Opera Stable\Extensions\dalelnnofafalcmkmnhdbigbjjkloabo [2019-01-17]
OPR Extension: (VPN.S HTTP Proxy) - C:\Users\Marcin\AppData\Roaming\Opera Software\Opera Stable\Extensions\decfmjjdfcldhoonmgjadlilkdblonge [2016-08-25]
OPR Extension: (SurfEasy VPN - Bezpieczeństwo, Prywatność, Odblokowywanie Stron) - C:\Users\Marcin\AppData\Roaming\Opera Software\Opera Stable\Extensions\ebpielhlnnpkiddeeacoephkilopgblc [2018-10-25]
OPR Extension: (HTTPS Everywhere) - C:\Users\Marcin\AppData\Roaming\Opera Software\Opera Stable\Extensions\edaplhobcmdaneconioghljnnopmkhgm [2019-01-13]
OPR Extension: (TunnelBear VPN) - C:\Users\Marcin\AppData\Roaming\Opera Software\Opera Stable\Extensions\eenddkdfifnnmgbohackpefaggccbcgp [2019-01-13]
OPR Extension: (VirtualShield - Fast and reliable VPN) - C:\Users\Marcin\AppData\Roaming\Opera Software\Opera Stable\Extensions\efakjnjlccongeibhjcahfdjepgipgen [2018-02-16]
OPR Extension: (Hola Free VPN Proxy Unblocker) - C:\Users\Marcin\AppData\Roaming\Opera Software\Opera Stable\Extensions\ekmmelpnmfdegjhnmadddcfjcahpajnm [2019-02-19]
OPR Extension: (Open in Tor Browser) - C:\Users\Marcin\AppData\Roaming\Opera Software\Opera Stable\Extensions\emlgnifoahkaeocfmafkpnfbijoioefh [2018-02-16]
OPR Extension: (ibVPN - Best VPN & Proxy) - C:\Users\Marcin\AppData\Roaming\Opera Software\Opera Stable\Extensions\fcnhocjlepngmobjbplcoiimpidnlcio [2019-03-12]
OPR Extension: (DotVPN — a better way to VPN) - C:\Users\Marcin\AppData\Roaming\Opera Software\Opera Stable\Extensions\hiegahbgoabbpoieploedhfnobmpgbeg [2018-05-18]
OPR Extension: (IP Address & Geolocation) - C:\Users\Marcin\AppData\Roaming\Opera Software\Opera Stable\Extensions\iaclonegbdnnhhphidamdicnknghloaj [2018-02-16]
OPR Extension: (Server IP) - C:\Users\Marcin\AppData\Roaming\Opera Software\Opera Stable\Extensions\jogiijffjodmnadmeehnfhdonhmgmald [2018-02-16]
OPR Extension: (ProxyGO - Hide My IP) - C:\Users\Marcin\AppData\Roaming\Opera Software\Opera Stable\Extensions\keoodlpmaacdgljdhhiecpdgkmbbpigi [2018-02-16]
OPR Extension: (Geo-IP Widget) - C:\Users\Marcin\AppData\Roaming\Opera Software\Opera Stable\Extensions\kmhlpkpjebnehagdnbojghgldocpgchp [2018-02-16]
OPR Extension: (Tor Control (anonymity layer)) - C:\Users\Marcin\AppData\Roaming\Opera Software\Opera Stable\Extensions\knfbgpkbkfebddfbklfpgmdjgolnkkfl [2018-02-16]
OPR Extension: (Hide My IP VPN) - C:\Users\Marcin\AppData\Roaming\Opera Software\Opera Stable\Extensions\naapkicannpiienpabliikhbcejidhpl [2019-03-12]
OPR Extension: (Privatix - bezpłatny nieograniczony VPN i Proxy) - C:\Users\Marcin\AppData\Roaming\Opera Software\Opera Stable\Extensions\pgoeficbmcelodkejaaeahjmekdnbedn [2019-03-03]
OPR Extension: (Turbo Button) - C:\Users\Marcin\AppData\Roaming\Opera Software\Opera Stable\Extensions\ppmkgfbgphcahahpgkckcodnfggmikfk [2018-02-16]
R2 DragonUpdater; K:\Program Files\Comodo\Dragon\dragon_updater.exe [2060848 2016-02-05] (Comodo Security Solutions -> Comodo)
R2 ChromodoUpdater; K:\Program Files\Comodo\Chromodo\chromodo_updater.exe [2062384 2016-02-03] (Comodo Security Solutions -> Comodo)
S2 Faceless; C:\Users\Marcin\AppData\Roaming\Faceless LLC\Faceless Internet Connection\FacelessService.exe [0 2016-03-14]<==== UWAGA (zerobajtowy plik/folder)
R2 HideIPLaucherService; L:\Program Files\Hide ALL IP\LauncherService.exe [489328 2016-04-05] (Zhengzhou longling technology Co.,Ltd. -> www.hideallip.com)
R2 OBKSvc; K:\Bitdefender\Bitdefender Safepay\OBKSvc.exe [1242568 2014-11-11] (Bitdefender SRL -> Bitdefender)
S2 OpenVPNService; C:\Program Files\ZenVPN OpenVPN bundle\bin\openvpnserv.exe [0 2018-01-31]<==== UWAGA (zerobajtowy plik/folder)
R2 PnkBstrA; C:\Windows\system32\PnkBstrA.exe [76888 2015-07-14] (Even Balance, Inc. -> )
R2 UPDATESRV_SAFEPAY; K:\Bitdefender\Bitdefender Safepay\updatesrv.exe [66784 2014-10-28] (Bitdefender SRL -> Bitdefender)
S2 CG6Service; "K:\Program Files\CyberGhost 6\CyberGhost.Service.exe" [X]
S3 rpcapd; "%ProgramFiles%\WinPcap\rpcapd.exe" -d -f "%ProgramFiles%\WinPcap\rpcapd.ini" [X]
R0 gzflt; C:\Windows\System32\DRIVERS\gzflt.sys [162848 2012-09-05] (Bitdefender SRL -> BitDefender LLC)
U3 aswbdisk; Brak ImagePath
S3 FairplayKD; \??\C:\ProgramData\MTA San Andreas All\Common\temp\FairplayKD.sys [X]
S3 gdrv; \??\C:\Windows\gdrv.sys [X]
S3 MSICDSetup; \??\D:\CDriver.sys [X]
S3 NVNET; system32\DRIVERS\nvmf6232.sys [X]
S3 taphss6; system32\DRIVERS\taphss6.sys [X]
S3 tapSF0901; system32\DRIVERS\tapSF0901.sys [X]
S3 VGPU; System32\drivers\rdvgkmd.sys [X]
CustomCLSID: HKU\S-1-5-21-540523009-1123668352-3565912415-1000_Classes\CLSID\{56CBD3CF-BF99-4DF5-851F-F5B9B57496A1} -> [] =>
CustomCLSID: HKU\S-1-5-21-540523009-1123668352-3565912415-1000_Classes\CLSID\{635EFA6F-08D6-4EC9-BD14-8A0FDE975159}\localserver32 -> C:\Users\Marcin\AppData\Local\Chromium\Application\74.0.3714.0\notification_helper.exe (The Chromium Authors) [Brak podpisu cyfrowego] <==== UWAGA
CustomCLSID: HKU\S-1-5-21-540523009-1123668352-3565912415-1000_Classes\CLSID\{91A41FCC-BC02-42D8-A36E-0D27FF9BFFC8}\InprocServer32 -> C:\Users\Marcin\AppData\Local\Google\Update\1.3.33.7\psuser.dll => Brak pliku
CustomCLSID: HKU\S-1-5-21-540523009-1123668352-3565912415-1000_Classes\CLSID\{EA724FD3-844D-43A9-A8C9-A5BC35FC20E4}\InprocServer32 -> C:\Users\Marcin\AppData\Local\Google\Update\1.3.33.17\psuser.dll => Brak pliku
FolderExtensions: [] -> {56CBD3CF-BF99-4DF5-851F-F5B9B57496A1} => C:\ProgramData\{D9E629DC-CB1C-4A97-9900-81922B4EFFD4}\shdocvw.dll -> Brak pliku
FolderExtensions_S-1-5-21-540523009-1123668352-3565912415-1000: [] -> {56CBD3CF-BF99-4DF5-851F-F5B9B57496A1} => C:\ProgramData\{D9E629DC-CB1C-4A97-9900-81922B4EFFD4}\shdocvw.dll -> Brak pliku
Task: {711D0218-DDCB-473E-A39A-786D3117F356} - System32\Tasks\AvastUpdateTaskMachineUA => C:\Program Files\AVAST Software\Browser\Update\AvastBrowserUpdate.exe (AVAST Software s.r.o. -> AVAST Software) <==== UWAGA
Task: {A570CB64-FEBA-4F07-A0A0-BF3D6BD2B67B} - System32\Tasks\AvastUpdateTaskMachineCore => C:\Program Files\AVAST Software\Browser\Update\AvastBrowserUpdate.exe (AVAST Software s.r.o. -> AVAST Software) <==== UWAGA
Task: {EFEDF06A-C974-49A1-9241-10536A162FE2} - System32\Tasks\{389253EF-77CF-4C32-BFBF-A633D146F1C8} => "c:\program files\google\chrome\application\chrome.exe" hxxps://ui.skype.com/ui/0/7.38.0.101/pl/abandoninstall?page=tsProgressBar
Task: C:\Windows\Tasks\AdwCleaner_onReboot.job => J:\adwcleaner_7.2.7.0.exe
Task: C:\Windows\Tasks\RtlDashSrvStart.job => C:\Program Files\Realtek\RtkDashClientInstaller\RtkDashClient.exe
IE trusted site: HKU\S-1-5-21-540523009-1123668352-3565912415-1000\...\driversupport.com -> hxxp://apps.driversupport.com
IE trusted site: HKU\S-1-5-21-540523009-1123668352-3565912415-1000\...\driversupport.com -> hxxps://apps.driversupport.com
MSCONFIG\startupreg: ALLPlayer WiFi Remote => C:\Program Files\ALLPlayer Remote\ALLPlayerRemoteControl.exe
MSCONFIG\startupreg: ALLUpdate => "C:\Program Files\ALLPlayer\ALLUpdate.exe" "sleep"
MSCONFIG\startupreg: GoogleChromeAutoLaunch_DD0495E407290B10DCE7346164CFE45B => "E:\Users\Marcin\AppData\Local\Vivaldi\Application\vivaldi.exe" --no-startup-window /prefetch:5
MSCONFIG\startupreg: LogMeIn Hamachi Ui => "E:\Program Files\LogMeIn Hamachi\hamachi-2-ui.exe" --auto-start
MSCONFIG\startupreg: Napisy24Update => "C:\Program Files\Napisy24\Napisy24Update.exe" "sleep"
MSCONFIG\startupreg: NetSetMan => "E:\Program Files\NetSetMan\netsetman.exe" -h
MSCONFIG\startupreg: obkagent => "K:\Bitdefender\Bitdefender Safepay\obkagent.exe"
MSCONFIG\startupreg: Plays => "C:\Users\Marcin\AppData\Local\Plays\update.exe" --processStart "Plays.exe"
MSCONFIG\startupreg: SandboxieControl => "E:\Program Files\Sandboxie\SbieCtrl.exe"
MSCONFIG\startupreg: TgbVpn => "E:\Program Files\TheGreenBow\TheGreenBow VPN\vpnconf.exe"
MSCONFIG\startupreg: uTorrent => "C:\Users\Marcin\AppData\Roaming\uTorrent\uTorrent.exe" /MINIMIZED
MSCONFIG\startupreg: ZPNConnect => E:\Program Files\ZPN Connect\ZpnCli.exe
FirewallRules: [TCP Query User{D9926CAE-82E5-4413-804A-C417C122C426}D:\upgradewizard\upgradest.exe] => (Allow) D:\upgradewizard\upgradest.exe Brak pliku
FirewallRules: [UDP Query User{D8FCFBB7-3EB4-4D38-81D8-971D89B60944}D:\upgradewizard\upgradest.exe] => (Allow) D:\upgradewizard\upgradest.exe Brak pliku
FirewallRules: [{76A5A636-D1A9-4B64-BB53-23919D96D71E}] => (Allow) C:\Program Files\Steam\bin\steamwebhelper.exe Brak pliku
FirewallRules: [{C9948468-18BF-466C-BF69-AA6247119CAF}] => (Allow) C:\Program Files\Steam\bin\steamwebhelper.exe Brak pliku
FirewallRules: [TCP Query User{675511FB-4A42-419B-BD1B-ABD4E84A3A8E}C:\xampp1\apache\bin\httpd.exe] => (Allow) C:\xampp1\apache\bin\httpd.exe Brak pliku
FirewallRules: [UDP Query User{776D4B7D-059C-4DBF-9F00-0B9D2832F9B5}C:\xampp1\apache\bin\httpd.exe] => (Allow) C:\xampp1\apache\bin\httpd.exe Brak pliku
FirewallRules: [TCP Query User{FF6CFB4F-FF70-4C3F-B49C-0B8AC6D00ECB}C:\xampp1\mysql\bin\mysqld.exe] => (Allow) C:\xampp1\mysql\bin\mysqld.exe Brak pliku
FirewallRules: [UDP Query User{211A85AD-929D-4EEF-AA08-0013A586C3E9}C:\xampp1\mysql\bin\mysqld.exe] => (Allow) C:\xampp1\mysql\bin\mysqld.exe Brak pliku
FirewallRules: [TCP Query User{EB9D37AE-EF50-4412-BF73-FB8AA2A31569}C:\program files\connectify\connectify.exe] => (Allow) C:\program files\connectify\connectify.exe Brak pliku
FirewallRules: [UDP Query User{60A81FB5-9A41-448F-8BAB-D05367E19762}C:\program files\connectify\connectify.exe] => (Allow) C:\program files\connectify\connectify.exe Brak pliku
FirewallRules: [TCP Query User{14FCDA24-7176-46D8-A970-8EDA9B745A01}C:\users\marcin\appdata\local\skypeplugin\7.17.0.44\pluginhost.exe] => (Allow) C:\users\marcin\appdata\local\skypeplugin\7.17.0.44\pluginhost.exe Brak pliku
FirewallRules: [UDP Query User{1C40B229-0210-4938-8D20-376C4D821167}C:\users\marcin\appdata\local\skypeplugin\7.17.0.44\pluginhost.exe] => (Allow) C:\users\marcin\appdata\local\skypeplugin\7.17.0.44\pluginhost.exe Brak pliku
FirewallRules: [TCP Query User{58DD3C54-42E5-4CF6-9425-5792FDE794C1}C:\users\marcin\appdata\local\temp\rar$exa0.713\teamspeak3-server_win32\ts3server.exe] => (Allow) C:\users\marcin\appdata\local\temp\rar$exa0.713\teamspeak3-server_win32\ts3server.exe Brak pliku
FirewallRules: [UDP Query User{21D2A269-66CC-4A1A-BFE7-2ED4FF03156A}C:\users\marcin\appdata\local\temp\rar$exa0.713\teamspeak3-server_win32\ts3server.exe] => (Allow) C:\users\marcin\appdata\local\temp\rar$exa0.713\teamspeak3-server_win32\ts3server.exe Brak pliku
FirewallRules: [TCP Query User{F869DF1F-8CD3-470E-A33D-AE7DEC15DDB9}C:\users\marcin\appdata\local\skypeplugin\7.16.0.22\pluginhost.exe] => (Allow) C:\users\marcin\appdata\local\skypeplugin\7.16.0.22\pluginhost.exe Brak pliku
FirewallRules: [UDP Query User{79396967-7D96-4A42-B312-37CE740120E2}C:\users\marcin\appdata\local\skypeplugin\7.16.0.22\pluginhost.exe] => (Allow) C:\users\marcin\appdata\local\skypeplugin\7.16.0.22\pluginhost.exe Brak pliku
FirewallRules: [TCP Query User{63CEE77F-B02B-46DD-9F08-22EB753612ED}C:\users\marcin\appdata\local\skypeplugin\7.17.0.43\pluginhost.exe] => (Allow) C:\users\marcin\appdata\local\skypeplugin\7.17.0.43\pluginhost.exe Brak pliku
FirewallRules: [UDP Query User{E762BFC4-7F77-4C7E-BB6A-2E89CB0AB393}C:\users\marcin\appdata\local\skypeplugin\7.17.0.43\pluginhost.exe] => (Allow) C:\users\marcin\appdata\local\skypeplugin\7.17.0.43\pluginhost.exe Brak pliku
FirewallRules: [TCP Query User{D5DA6DDD-F3A0-4FDD-A008-61D60E194DC2}C:\users\marcin\appdata\local\skypeplugin\7.18.0.51\pluginhost.exe] => (Allow) C:\users\marcin\appdata\local\skypeplugin\7.18.0.51\pluginhost.exe Brak pliku
FirewallRules: [UDP Query User{BD7BD1AC-2B91-4ECD-AC49-B00AFF045F71}C:\users\marcin\appdata\local\skypeplugin\7.18.0.51\pluginhost.exe] => (Allow) C:\users\marcin\appdata\local\skypeplugin\7.18.0.51\pluginhost.exe Brak pliku
FirewallRules: [TCP Query User{5DD15CA2-5EF1-4E3F-BBB8-04DB1C9B86D1}C:\users\marcin\appdata\local\skypeplugin\7.18.0.58\pluginhost.exe] => (Allow) C:\users\marcin\appdata\local\skypeplugin\7.18.0.58\pluginhost.exe Brak pliku
FirewallRules: [UDP Query User{8438B394-845F-4BE0-9DB2-13A22EF25FFE}C:\users\marcin\appdata\local\skypeplugin\7.18.0.58\pluginhost.exe] => (Allow) C:\users\marcin\appdata\local\skypeplugin\7.18.0.58\pluginhost.exe Brak pliku
FirewallRules: [{92DA962A-92F8-4C6E-A3DB-57B65931B029}] => (Block) C:\users\marcin\appdata\local\skypeplugin\7.18.0.58\pluginhost.exe Brak pliku
FirewallRules: [{01F678CF-8195-4A52-ABD1-9CFE38CF6282}] => (Block) C:\users\marcin\appdata\local\skypeplugin\7.18.0.58\pluginhost.exe Brak pliku
FirewallRules: [TCP Query User{11DCC021-A731-4D2F-9789-1D4E40CBD3DC}C:\users\marcin\appdata\local\temp\rar$exa0.265\the godfather\samp-server.exe] => (Allow) C:\users\marcin\appdata\local\temp\rar$exa0.265\the godfather\samp-server.exe Brak pliku
FirewallRules: [UDP Query User{848FCAF8-55CB-4792-AB16-41CBB9C361A7}C:\users\marcin\appdata\local\temp\rar$exa0.265\the godfather\samp-server.exe] => (Allow) C:\users\marcin\appdata\local\temp\rar$exa0.265\the godfather\samp-server.exe Brak pliku
FirewallRules: [{AE7456F4-F6AB-45BE-B628-6055C1F63C23}] => (Allow) C:\Program Files\Globus\GlobusService.exe Brak pliku
FirewallRules: [{0B67E8BF-F04B-49AE-AC08-99A1CA577EDF}] => (Allow) C:\Program Files\Globus\GlobusService.exe Brak pliku
FirewallRules: [{B706C06F-9127-4330-9F16-1A5D6E15DADF}] => (Allow) C:\Program Files\Globus\GlobusService.exe Brak pliku
FirewallRules: [{33E24249-2EAE-44B3-A994-D2B588B5EEE4}] => (Allow) C:\Program Files\Globus\GlobusService.exe Brak pliku
FirewallRules: [{5C65FFEC-9ADC-4A12-A5B3-37AABBD5F05E}] => (Block) C:\program files\windscribe\wsappcontrol.exe Brak pliku
FirewallRules: [{7E07FE9A-533C-4747-818B-B4F4E6A32EBC}] => (Block) C:\program files\windscribe\wsappcontrol.exe Brak pliku
FirewallRules: [{74C95249-2BDF-4D58-8615-5376E778B778}] => (Allow) K:\Program Files\CyberGhost 6\CyberGhost.exe Brak pliku
FirewallRules: [TCP Query User{A95C37A0-A3F5-4870-A760-0C1F6B01A02F}C:\program files\windscribe\wsappcontrol.exe] => (Allow) C:\program files\windscribe\wsappcontrol.exe Brak pliku
FirewallRules: [UDP Query User{4C540FA4-60E3-40BF-B55A-8BB183555B1D}C:\program files\windscribe\wsappcontrol.exe] => (Allow) C:\program files\windscribe\wsappcontrol.exe Brak pliku
FirewallRules: [TCP Query User{D054BFA2-8380-4E23-B5DD-C097F7652A80}C:\users\marcin\appdata\local\temp\rar$exa0.219\lsrp made by bbehar\samp-server.exe] => (Allow) C:\users\marcin\appdata\local\temp\rar$exa0.219\lsrp made by bbehar\samp-server.exe Brak pliku
FirewallRules: [UDP Query User{1B9DA572-795F-42AB-80ED-3F9F556D8903}C:\users\marcin\appdata\local\temp\rar$exa0.219\lsrp made by bbehar\samp-server.exe] => (Allow) C:\users\marcin\appdata\local\temp\rar$exa0.219\lsrp made by bbehar\samp-server.exe Brak pliku
FirewallRules: [{D5137FF7-3C61-4222-A4A0-A3684872BEDF}] => (Block) C:\users\marcin\appdata\local\temp\rar$exa0.219\lsrp made by bbehar\samp-server.exe Brak pliku
FirewallRules: [{A2609A90-A7EE-4E54-840C-80B20C5E893E}] => (Block) C:\users\marcin\appdata\local\temp\rar$exa0.219\lsrp made by bbehar\samp-server.exe Brak pliku
FirewallRules: [TCP Query User{CC5563D2-D9E6-4ECF-9948-B47871F3D8E9}C:\users\marcin\appdata\local\temp\rar$exa0.289\lsrp made by bbehar\samp-server.exe] => (Allow) C:\users\marcin\appdata\local\temp\rar$exa0.289\lsrp made by bbehar\samp-server.exe Brak pliku
FirewallRules: [UDP Query User{C12EC018-0DC5-4EC2-9307-78BBF73BFC2B}C:\users\marcin\appdata\local\temp\rar$exa0.289\lsrp made by bbehar\samp-server.exe] => (Allow) C:\users\marcin\appdata\local\temp\rar$exa0.289\lsrp made by bbehar\samp-server.exe Brak pliku
FirewallRules: [{23671713-66F3-4012-BA0B-C5724AE3D8D7}] => (Block) C:\users\marcin\appdata\local\temp\rar$exa0.289\lsrp made by bbehar\samp-server.exe Brak pliku
FirewallRules: [{E5B75D0F-A39B-4EFB-9C57-6F1D689556A3}] => (Block) C:\users\marcin\appdata\local\temp\rar$exa0.289\lsrp made by bbehar\samp-server.exe Brak pliku
FirewallRules: [TCP Query User{E8A6D2EF-EDE2-4A1E-A189-E2A4DF8E125C}J:\lsrp made by bbehar\samp-server.exe] => (Allow) J:\lsrp made by bbehar\samp-server.exe Brak pliku
FirewallRules: [UDP Query User{C0660BAB-AA7B-428E-BDBF-082987B1BCC0}J:\lsrp made by bbehar\samp-server.exe] => (Allow) J:\lsrp made by bbehar\samp-server.exe Brak pliku
FirewallRules: [{6B14B809-43FD-4E19-87DC-3F1963326137}] => (Block) J:\lsrp made by bbehar\samp-server.exe Brak pliku
FirewallRules: [{A69E1CD0-5527-4F7F-B1EB-06B6B20F8FCC}] => (Block) J:\lsrp made by bbehar\samp-server.exe Brak pliku
FirewallRules: [{A04F3409-8AF5-43D3-AE72-834130574C65}] => (Allow) C:\Users\Marcin\AppData\Local\Torch\Plugins\Hola\hola_plugin_x64.exe Brak pliku
FirewallRules: [TCP Query User{324364FC-CA03-4F7E-8ED7-3B67DFA39900}C:\users\marcin\appdata\local\temp\rar$exa0.018\sons server\samp-server.exe] => (Allow) C:\users\marcin\appdata\local\temp\rar$exa0.018\sons server\samp-server.exe Brak pliku
FirewallRules: [UDP Query User{2C225764-380E-40BE-BA6F-D0DD3865B300}C:\users\marcin\appdata\local\temp\rar$exa0.018\sons server\samp-server.exe] => (Allow) C:\users\marcin\appdata\local\temp\rar$exa0.018\sons server\samp-server.exe Brak pliku
FirewallRules: [{CD011684-E944-4C49-8FEA-67FA76E07395}] => (Block) C:\users\marcin\appdata\local\temp\rar$exa0.018\sons server\samp-server.exe Brak pliku
FirewallRules: [{0B710CFC-78B5-4D70-A3F4-68A2E9D5CB29}] => (Block) C:\users\marcin\appdata\local\temp\rar$exa0.018\sons server\samp-server.exe Brak pliku
FirewallRules: [TCP Query User{EB4C2D48-0ACF-4779-BEE4-61036A8B4194}C:\users\marcin\appdata\local\temp\rar$exa0.549\sons server\samp-server.exe] => (Allow) C:\users\marcin\appdata\local\temp\rar$exa0.549\sons server\samp-server.exe Brak pliku
FirewallRules: [UDP Query User{162FB5A0-4BED-4420-A25B-50FA58E142CA}C:\users\marcin\appdata\local\temp\rar$exa0.549\sons server\samp-server.exe] => (Allow) C:\users\marcin\appdata\local\temp\rar$exa0.549\sons server\samp-server.exe Brak pliku
FirewallRules: [{F736BB16-6113-4233-94CF-EF01189E1AEB}] => (Block) C:\users\marcin\appdata\local\temp\rar$exa0.549\sons server\samp-server.exe Brak pliku
FirewallRules: [{A0575698-D17E-40E5-AC24-9D6F20FB5A75}] => (Block) C:\users\marcin\appdata\local\temp\rar$exa0.549\sons server\samp-server.exe Brak pliku
Hosts:
EmptyTemp:

Plik zapisz pod nazwą fixlist.txt i umieść obok FRST w tym samym folderze.
Uruchom FRST i kliknij w Fix/Napraw.

Sons · Answer

Akurat mi potrzebne te rzeczy, chyba że któreś z nich kolidowały to, że tak się stało z komputerem? Czy to coś innego? A to nie jest przypadkiem Adobe Reader DC? AR nie mogę znaleźć

Anonymous · Answer

4 antywirusy, milion dodatków do czterech przeglądarek, , i innych? Na pewno bardzo potrzebne.Ten zaśmiecony system nie wie już co ma zrobić, "koliduje" ze sobą...

Sons · Answer

To nie wiem, jakoś system normalnie tak działał z tyloma przeglądarkami, vpn i dodatkami i nie było problemów - mi się wydaje, że przez przypadek lub coś musiałeś jakieś gówno zainstalować skoro są trojany i tamten rootkit - nie mam pojęcia.Akurat to dopiero teraz zostały zaistalowane antywirusy dodatkowo jak Malwarebytes, aby pozbyć się tego syfu, ale nadal to samo

Anonymous · Answer

Wykonaj fixlist podany przez Kolobos i sprawdź.

Sons · Answer

Teraz zapewne przesłać fixlog?

Anonymous · Answer

Możesz, ale możesz po prostu sprawdzić, czy problem się dalej pojawia.

Sons · Answer

Tu jest właśnie problem bo połowa programów się otwiera, połowa nie i nie wiadomo które to są, ale sprawdziłem dwa, które wiem że tak się robiły i nadal się nie otwierają - wywala błąd /program przestał działać/ . W załączniku będą te logi z FRST

Anonymous · Answer

Możesz wstawić nowe logi FRST.txt i Addition.txt (kolejny skan FRST), ale wcześniej usuń zbędne programy, usuń niepotrzebne rozszerzenia z Chrome, usuń inne przeglądarki i antywirusy, zostaw sobie ESETa i tylko to, z czego korzystasz.

Sons · Answer

Te rozszerzenia, które z nich nie korzystam również? Bo chyba nie kolidują, nie wiem....... Czyli inne zainstalowane przeglądarki również mogą z czymś kolidować? Bo jakoś nie miałem problemu wcześniej z tym

Anonymous · Answer

Po prostu łatwiej i przyjemniej będzie się czytać logi.A kolidować może wszystko ze wszystkim, nie znam kodów, budowy tych dodatków, aplikacji itp.

Sons · Answer

Spoiler: Show Ok, parę rzeczy zostało usuniętych, ale nie wszystkie bo po prostu będą mi potrzebne i je używam. W załączniku będzie ten skan z FRST

Anonymous · Answer

Korzystasz tylko z Chrome tak? Mozilla i Explorer i Opera nie?

Sons · Answer

Też korzystam

Anonymous · Answer

Możesz to spróbować, ale w tym systemie jest taki burdel, że ja bym się nie zastanawiał, tylko zgrał pliki i zrobił format.

Usuń:
Comodo
Avast

Skopiuj i wklej do notatnika:

Spoiler:

CloseProcesses:
(Comodo Security Solutions -> Comodo) K:\Program Files\Comodo\Chromodo\chromodo_updater.exe
(Comodo Security Solutions -> Comodo) K:\Program Files\Comodo\Chromodo\chromodo.exe
(Comodo Security Solutions -> Comodo) K:\Program Files\Comodo\Chromodo\chromodo.exe
(Comodo Security Solutions -> Comodo) K:\Program Files\Comodo\Chromodo\chromodo.exe
(Comodo Security Solutions -> Comodo) K:\Program Files\Comodo\Chromodo\chromodo.exe
(Comodo Security Solutions -> Comodo) K:\Program Files\Comodo\Chromodo\chromodo.exe
(Comodo Security Solutions -> Comodo) K:\Program Files\Comodo\Chromodo\chromodo.exe
(Comodo Security Solutions -> Comodo) K:\Program Files\Comodo\Chromodo\chromodo.exe
(Comodo Security Solutions -> Comodo) K:\Program Files\Comodo\Chromodo\chromodo.exe
HKLM\...\RunOnce: [HideIPEasyunstall] => [X]
HKLM\...\RunOnce: [PlatinumHideIPunstall] => [X]
HKLM\...\RunOnce: [RealHideIPunstall] => [X]
HKU\S-1-5-21-540523009-1123668352-3565912415-1000\...\Run: [GoogleChromeAutoLaunch_CEED50C566D3EDE1B386F03A7F848925] => K:\Program Files\Comodo\Chromodo\chromodo.exe [739376 2016-02-03] (Comodo Security Solutions -> Comodo)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{A8504530-742B-42BC-895D-2BAD6406F698}] -> C:\Program Files\AVAST Software\Browser\Application\72.0.1174.122\Installer\chrmstp.exe [2019-03-08] (AVAST Software s.r.o. -> AVAST Software)
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkID=617910&ResetID=130910493698682000&GUID=00000000-0000-0000-0000-000000000000
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
HKU\S-1-5-21-540523009-1123668352-3565912415-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\S-1-5-21-540523009-1123668352-3565912415-1000\Software\Microsoft\Internet Explorer\Main,Start Page = about:NewsFeed
SearchScopes: HKLM -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation -> Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_31\bin\ssv.dll [2015-02-16] (Oracle America, Inc. -> Oracle Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation -> Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_31\bin\jp2ssv.dll [2015-02-16] (Oracle America, Inc. -> Oracle Corporation)
CHR HomePage: Default -> atavi.com
CHR StartupUrls: Default -> "hxxp://www.onet.pl/"
CHR NewTab: Default -> Not-active:"chrome-extension://ogllliimbhgmclkgjldeffhjbhaenapo/Default.html", Not-active:"chrome-extension://ejbjamhkdedinncaeiackcdehpccoejm/pages/newtab.html", Not-active:"chrome-extension://pieohgeajiedmcohhhbbomekgpoiikgg/index.html", Not-active:"chrome-extension://dbfmnekepjoapopniengjbcpnbljalfg/index.html", Not-active:"chrome-extension://mfgdmpfihlmdekaclngibpjhdebndhdj/newtab.html", Not-active:"chrome-extension://eglajlkpjblcgkobgagfaenaehilaike/views/newtab.html", Not-active:"chrome-extension://mjmipbogglnbgcabealdgbfdkpochcjg/aurora.html", Not-active:"chrome-extension://jpchabeoojaflbaajmjhfcfiknckabpo/index.html", Not-active:"chrome-extension://jdbgjlehkajddoapdgpdjmlpdalfnenf/newtab.html"
CHR DefaultSearchKeyword: Default -> Historia
CHR Extension: (Quick QR Code Generator) - C:\Users\Marcin\AppData\Local\Google\Chrome\User Data\Default\Extensions\afpbjjgbdimpioenaedcjgkaigggcdpp [2019-03-10]
CHR Extension: (Clipboard History 2) - C:\Users\Marcin\AppData\Local\Google\Chrome\User Data\Default\Extensions\ajiejmhbejpdgkkigpddefnjmgcbkenk [2018-09-26]
CHR Extension: (Multi Messenger | WhatsApp , Messenger ...) - C:\Users\Marcin\AppData\Local\Google\Chrome\User Data\Default\Extensions\ajjpkmcnbocgmmbheanojgfhghabhmmf [2019-02-01]
CHR Extension: (Bookmark Manager - favattic.com) - C:\Users\Marcin\AppData\Local\Google\Chrome\User Data\Default\Extensions\ajmlbbfiejodkbgeicicecdjbpcanecj [2018-09-19]
CHR Extension: (Xmarks Bookmark Sync) - C:\Users\Marcin\AppData\Local\Google\Chrome\User Data\Default\Extensions\ajpgkpeckebdhofmmjfgcjjiiejpodla [2017-07-26]
CHR Extension: (Adblocker for Chrome - NoAds) - C:\Users\Marcin\AppData\Local\Google\Chrome\User Data\Default\Extensions\alplpnakfeabeiebipdmaenpmbgknjce [2018-12-26]
CHR Extension: (Last.fm free music player) - C:\Users\Marcin\AppData\Local\Google\Chrome\User Data\Default\Extensions\bbncpldmanoknoahidbgmkgobgmhnafh [2019-02-08]
CHR Extension: (Keeper® Password Manager & Digital Vault) - C:\Users\Marcin\AppData\Local\Google\Chrome\User Data\Default\Extensions\bfogiafebfohielmmehodmfbbebbbpei [2019-03-10]
CHR Extension: (Bloker reklam AdGuard) - C:\Users\Marcin\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgnkhhnnamicmpeenaelnjfhikgbkllg [2019-03-10]
CHR Extension: (Enhanced History) - C:\Users\Marcin\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpnkmdkoapbdhpmemnaikpbhajknmdb [2018-11-23]
CHR Extension: (History Control) - C:\Users\Marcin\AppData\Local\Google\Chrome\User Data\Default\Extensions\cadnaaebdgplogjfdijgaajndmklnedk [2018-04-03]
CHR Extension: (Full History Keeper) - C:\Users\Marcin\AppData\Local\Google\Chrome\User Data\Default\Extensions\cailfpeoajpebgkchjnmpopcileaeklm [2018-04-03]
CHR Extension: (My History) - C:\Users\Marcin\AppData\Local\Google\Chrome\User Data\Default\Extensions\cdhohjibknnedddolmohfcofeaidlmnl [2018-04-11]
CHR Extension: (Adblock Plus - darmowy adblocker) - C:\Users\Marcin\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2019-03-13]
CHR Extension: (Web Historian Edu - History Visualizations) - C:\Users\Marcin\AppData\Local\Google\Chrome\User Data\Default\Extensions\chpcblajbmmlbhecpnnadmjmlbhkloji [2018-02-18]
CHR Extension: (OneTab) - C:\Users\Marcin\AppData\Local\Google\Chrome\User Data\Default\Extensions\chphlpgkkbolifaimnlloiipkdnihall [2018-09-19]
CHR Extension: (Awesome History Button) - C:\Users\Marcin\AppData\Local\Google\Chrome\User Data\Default\Extensions\cjifeclbknmlhapifaiaocfcbahinlji [2018-04-03]
CHR Extension: (uBlock Origin) - C:\Users\Marcin\AppData\Local\Google\Chrome\User Data\Default\Extensions\cjpalhdlnbpafiamejdnhcphjbkeiagm [2019-03-14]
R2 Autodesk Licensing Service; C:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe [72704 2015-01-09] (Autodesk) [Brak podpisu cyfrowego]
S2 avast; C:\Program Files\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [164984 2018-08-03] (AVAST Software s.r.o. -> AVAST Software)
S3 avastm; C:\Program Files\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [164984 2018-08-03] (AVAST Software s.r.o. -> AVAST Software)
S3 AvastSecureBrowserElevationService; C:\Program Files\AVAST Software\Browser\Application\72.0.1174.122\elevation_service.exe [1070600 2019-03-06] (AVAST Software s.r.o. -> AVAST Software)
S2 Faceless; C:\Users\Marcin\AppData\Roaming\Faceless LLC\Faceless Internet Connection\FacelessService.exe [0 2016-03-14]<==== UWAGA (zerobajtowy plik/folder)
S2 CG6Service; "K:\Program Files\CyberGhost 6\CyberGhost.Service.exe" [X]
S2 hmevpnsvc; "C:\Program Files\hide.me VPN\hidemesvc.exe" [X]
S2 OpenVPNService; "C:\Program Files\ZenVPN OpenVPN bundle\bin\openvpnserv.exe" [X]
S3 rpcapd; "%ProgramFiles%\WinPcap\rpcapd.exe" -d -f "%ProgramFiles%\WinPcap\rpcapd.ini" [X]
FF HKLM\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird => nie znaleziono
FF Plugin HKU\S-1-5-21-540523009-1123668352-3565912415-1000: @Updates.epicbrowser.com/Epic Privacy Browser Installer;version=3 -> C:\Users\Marcin\AppData\Local\Epic Privacy Browser\Installer\1.3.27.13\npEpicUpdate3.dll [Brak pliku]
FF Plugin HKU\S-1-5-21-540523009-1123668352-3565912415-1000: @Updates.epicbrowser.com/Epic Privacy Browser Installer;version=9 -> C:\Users\Marcin\AppData\Local\Epic Privacy Browser\Installer\1.3.27.13\npEpicUpdate3.dll [Brak pliku]
CustomCLSID: HKU\S-1-5-21-540523009-1123668352-3565912415-1000_Classes\CLSID\{56CBD3CF-BF99-4DF5-851F-F5B9B57496A1} -> [] =>
CustomCLSID: HKU\S-1-5-21-540523009-1123668352-3565912415-1000_Classes\CLSID\{635EFA6F-08D6-4EC9-BD14-8A0FDE975159}\localserver32 -> C:\Users\Marcin\AppData\Local\Chromium\Application\74.0.3714.0\notification_helper.exe (The Chromium Authors) [Brak podpisu cyfrowego] <==== UWAGA
CustomCLSID: HKU\S-1-5-21-540523009-1123668352-3565912415-1000_Classes\CLSID\{6959B6E8-B5E0-4E64-B1B4-C82969BAF394}\InprocServer32 -> C:\Users\Marcin\AppData\Local\Epic Privacy Browser\Installer\1.3.27.13\psuser.dll => Brak pliku
CustomCLSID: HKU\S-1-5-21-540523009-1123668352-3565912415-1000_Classes\CLSID\{085C3A71-18C5-4FB5-8F2B-62CF7474FFE5}\localserver32 -> "C:\Users\Marcin\AppData\Local\Epic Privacy Browser\Installer\1.3.27.13\EpicUpdateOnDemand.exe" => Brak pliku
CustomCLSID: HKU\S-1-5-21-540523009-1123668352-3565912415-1000_Classes\CLSID\{84D964EE-0441-4A42-8146-0699AE05DDC3}\InprocServer32 -> C:\Users\Marcin\AppData\Local\Epic Privacy Browser\Installer\1.3.27.13\psuser.dll => Brak pliku
CustomCLSID: HKU\S-1-5-21-540523009-1123668352-3565912415-1000_Classes\CLSID\{91A41FCC-BC02-42D8-A36E-0D27FF9BFFC8}\InprocServer32 -> C:\Users\Marcin\AppData\Local\Google\Update\1.3.33.7\psuser.dll => Brak pliku
CustomCLSID: HKU\S-1-5-21-540523009-1123668352-3565912415-1000_Classes\CLSID\{9B8ABA14-0F6A-492C-AB9D-41FA1F7EC450}\localserver32 -> "C:\Users\Marcin\AppData\Local\Epic Privacy Browser\Installer\1.3.27.13\EpicUpdateOnDemand.exe" => Brak pliku
CustomCLSID: HKU\S-1-5-21-540523009-1123668352-3565912415-1000_Classes\CLSID\{9C3B9AB7-2486-4403-B138-E9ED32DD063C}\localserver32 -> "C:\Users\Marcin\AppData\Local\Epic Privacy Browser\Installer\1.3.27.13\EpicUpdateOnDemand.exe" => Brak pliku
CustomCLSID: HKU\S-1-5-21-540523009-1123668352-3565912415-1000_Classes\CLSID\{EA724FD3-844D-43A9-A8C9-A5BC35FC20E4}\InprocServer32 -> C:\Users\Marcin\AppData\Local\Google\Update\1.3.33.17\psuser.dll => Brak pliku
CustomCLSID: HKU\S-1-5-21-540523009-1123668352-3565912415-1000_Classes\CLSID\{F86DEB4A-8D78-4C57-8872-D2730ED051EF}\InprocServer32 -> C:\Users\Marcin\AppData\Local\Epic Privacy Browser\Installer\1.3.27.13\npEpicUpdate3.dll => Brak pliku
CustomCLSID: HKU\S-1-5-21-540523009-1123668352-3565912415-1000_Classes\CLSID\{C5135FC3-396E-4AFB-974F-D7A91D15CCCA}\InprocServer32 -> C:\Users\Marcin\AppData\Local\Epic Privacy Browser\Installer\1.3.27.13\npEpicUpdate3.dll => Brak pliku
CustomCLSID: HKU\S-1-5-21-540523009-1123668352-3565912415-1000_Classes\CLSID\{D9A13C52-6B85-4E00-B98A-DF25F77CBBEA}\localserver32 -> "C:\Users\Marcin\AppData\Local\Epic Privacy Browser\Installer\1.3.27.13\EpicUpdateOnDemand.exe" => Brak pliku
FolderExtensions: [] -> {56CBD3CF-BF99-4DF5-851F-F5B9B57496A1} => C:\ProgramData\{D9E629DC-CB1C-4A97-9900-81922B4EFFD4}\shdocvw.dll -> Brak pliku
FolderExtensions_S-1-5-21-540523009-1123668352-3565912415-1000: [] -> {56CBD3CF-BF99-4DF5-851F-F5B9B57496A1} => C:\ProgramData\{D9E629DC-CB1C-4A97-9900-81922B4EFFD4}\shdocvw.dll -> Brak pliku
Task: {A570CB64-FEBA-4F07-A0A0-BF3D6BD2B67B} - System32\Tasks\AvastUpdateTaskMachineCore => C:\Program Files\AVAST Software\Browser\Update\AvastBrowserUpdate.exe (AVAST Software s.r.o. -> AVAST Software) <==== UWAGA
Task: {711D0218-DDCB-473E-A39A-786D3117F356} - System32\Tasks\AvastUpdateTaskMachineUA => C:\Program Files\AVAST Software\Browser\Update\AvastBrowserUpdate.exe (AVAST Software s.r.o. -> AVAST Software) <==== UWAGA
IE trusted site: HKU\S-1-5-21-540523009-1123668352-3565912415-1000\...\driversupport.com -> hxxp://apps.driversupport.com
IE trusted site: HKU\S-1-5-21-540523009-1123668352-3565912415-1000\...\driversupport.com -> hxxps://apps.driversupport.com
WMI:subscription\__FilterToConsumerBinding->CommandLineEventConsumer.Name=\"BVTConsumer\"",Filter="__EventFilter.Name=\"BVTFilter\"::
WMI:subscription\__EventFilter->BVTFilter::[Query => SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99]
WMI:subscription\CommandLineEventConsumer->BVTConsumer::[CommandLineTemplate => cscript KernCap.vbs][WorkingDirectory => C:\\tools\\kernrate]
MSCONFIG\startupreg: LogMeIn Hamachi Ui => "E:\Program Files\LogMeIn Hamachi\hamachi-2-ui.exe" --auto-start
MSCONFIG\startupreg: Napisy24Update => "C:\Program Files\Napisy24\Napisy24Update.exe" "sleep"
MSCONFIG\startupreg: NetSetMan => "E:\Program Files\NetSetMan\netsetman.exe" -h
MSCONFIG\startupreg: obkagent => "K:\Bitdefender\Bitdefender Safepay\obkagent.exe"
MSCONFIG\startupreg: Plays => "C:\Users\Marcin\AppData\Local\Plays\update.exe" --processStart "Plays.exe"
MSCONFIG\startupreg: SandboxieControl => "E:\Program Files\Sandboxie\SbieCtrl.exe"
MSCONFIG\startupreg: TgbVpn => "E:\Program Files\TheGreenBow\TheGreenBow VPN\vpnconf.exe"
MSCONFIG\startupreg: uTorrent => "C:\Users\Marcin\AppData\Roaming\uTorrent\uTorrent.exe" /MINIMIZED
MSCONFIG\startupreg: ZPNConnect => E:\Program Files\ZPN Connect\ZpnCli.exe
FirewallRules: [TCP Query User{D9926CAE-82E5-4413-804A-C417C122C426}D:\upgradewizard\upgradest.exe] => (Allow) D:\upgradewizard\upgradest.exe Brak pliku
FirewallRules: [UDP Query User{D8FCFBB7-3EB4-4D38-81D8-971D89B60944}D:\upgradewizard\upgradest.exe] => (Allow) D:\upgradewizard\upgradest.exe Brak pliku
FirewallRules: [{76A5A636-D1A9-4B64-BB53-23919D96D71E}] => (Allow) C:\Program Files\Steam\bin\steamwebhelper.exe Brak pliku
FirewallRules: [{C9948468-18BF-466C-BF69-AA6247119CAF}] => (Allow) C:\Program Files\Steam\bin\steamwebhelper.exe Brak pliku
FirewallRules: [TCP Query User{675511FB-4A42-419B-BD1B-ABD4E84A3A8E}C:\xampp1\apache\bin\httpd.exe] => (Allow) C:\xampp1\apache\bin\httpd.exe Brak pliku
FirewallRules: [UDP Query User{776D4B7D-059C-4DBF-9F00-0B9D2832F9B5}C:\xampp1\apache\bin\httpd.exe] => (Allow) C:\xampp1\apache\bin\httpd.exe Brak pliku
FirewallRules: [TCP Query User{FF6CFB4F-FF70-4C3F-B49C-0B8AC6D00ECB}C:\xampp1\mysql\bin\mysqld.exe] => (Allow) C:\xampp1\mysql\bin\mysqld.exe Brak pliku
FirewallRules: [UDP Query User{211A85AD-929D-4EEF-AA08-0013A586C3E9}C:\xampp1\mysql\bin\mysqld.exe] => (Allow) C:\xampp1\mysql\bin\mysqld.exe Brak pliku
FirewallRules: [TCP Query User{EB9D37AE-EF50-4412-BF73-FB8AA2A31569}C:\program files\connectify\connectify.exe] => (Allow) C:\program files\connectify\connectify.exe Brak pliku
FirewallRules: [UDP Query User{60A81FB5-9A41-448F-8BAB-D05367E19762}C:\program files\connectify\connectify.exe] => (Allow) C:\program files\connectify\connectify.exe Brak pliku
FirewallRules: [TCP Query User{14FCDA24-7176-46D8-A970-8EDA9B745A01}C:\users\marcin\appdata\local\skypeplugin\7.17.0.44\pluginhost.exe] => (Allow) C:\users\marcin\appdata\local\skypeplugin\7.17.0.44\pluginhost.exe Brak pliku
FirewallRules: [UDP Query User{1C40B229-0210-4938-8D20-376C4D821167}C:\users\marcin\appdata\local\skypeplugin\7.17.0.44\pluginhost.exe] => (Allow) C:\users\marcin\appdata\local\skypeplugin\7.17.0.44\pluginhost.exe Brak pliku
FirewallRules: [TCP Query User{58DD3C54-42E5-4CF6-9425-5792FDE794C1}C:\users\marcin\appdata\local\temp\rar$exa0.713\teamspeak3-server_win32\ts3server.exe] => (Allow) C:\users\marcin\appdata\local\temp\rar$exa0.713\teamspeak3-server_win32\ts3server.exe Brak pliku
FirewallRules: [UDP Query User{21D2A269-66CC-4A1A-BFE7-2ED4FF03156A}C:\users\marcin\appdata\local\temp\rar$exa0.713\teamspeak3-server_win32\ts3server.exe] => (Allow) C:\users\marcin\appdata\local\temp\rar$exa0.713\teamspeak3-server_win32\ts3server.exe Brak pliku
FirewallRules: [TCP Query User{F869DF1F-8CD3-470E-A33D-AE7DEC15DDB9}C:\users\marcin\appdata\local\skypeplugin\7.16.0.22\pluginhost.exe] => (Allow) C:\users\marcin\appdata\local\skypeplugin\7.16.0.22\pluginhost.exe Brak pliku
FirewallRules: [UDP Query User{79396967-7D96-4A42-B312-37CE740120E2}C:\users\marcin\appdata\local\skypeplugin\7.16.0.22\pluginhost.exe] => (Allow) C:\users\marcin\appdata\local\skypeplugin\7.16.0.22\pluginhost.exe Brak pliku
FirewallRules: [TCP Query User{63CEE77F-B02B-46DD-9F08-22EB753612ED}C:\users\marcin\appdata\local\skypeplugin\7.17.0.43\pluginhost.exe] => (Allow) C:\users\marcin\appdata\local\skypeplugin\7.17.0.43\pluginhost.exe Brak pliku
FirewallRules: [UDP Query User{E762BFC4-7F77-4C7E-BB6A-2E89CB0AB393}C:\users\marcin\appdata\local\skypeplugin\7.17.0.43\pluginhost.exe] => (Allow) C:\users\marcin\appdata\local\skypeplugin\7.17.0.43\pluginhost.exe Brak pliku
FirewallRules: [TCP Query User{D5DA6DDD-F3A0-4FDD-A008-61D60E194DC2}C:\users\marcin\appdata\local\skypeplugin\7.18.0.51\pluginhost.exe] => (Allow) C:\users\marcin\appdata\local\skypeplugin\7.18.0.51\pluginhost.exe Brak pliku
FirewallRules: [UDP Query User{BD7BD1AC-2B91-4ECD-AC49-B00AFF045F71}C:\users\marcin\appdata\local\skypeplugin\7.18.0.51\pluginhost.exe] => (Allow) C:\users\marcin\appdata\local\skypeplugin\7.18.0.51\pluginhost.exe Brak pliku
FirewallRules: [TCP Query User{5DD15CA2-5EF1-4E3F-BBB8-04DB1C9B86D1}C:\users\marcin\appdata\local\skypeplugin\7.18.0.58\pluginhost.exe] => (Allow) C:\users\marcin\appdata\local\skypeplugin\7.18.0.58\pluginhost.exe Brak pliku
FirewallRules: [UDP Query User{8438B394-845F-4BE0-9DB2-13A22EF25FFE}C:\users\marcin\appdata\local\skypeplugin\7.18.0.58\pluginhost.exe] => (Allow) C:\users\marcin\appdata\local\skypeplugin\7.18.0.58\pluginhost.exe Brak pliku
FirewallRules: [{92DA962A-92F8-4C6E-A3DB-57B65931B029}] => (Block) C:\users\marcin\appdata\local\skypeplugin\7.18.0.58\pluginhost.exe Brak pliku
FirewallRules: [{01F678CF-8195-4A52-ABD1-9CFE38CF6282}] => (Block) C:\users\marcin\appdata\local\skypeplugin\7.18.0.58\pluginhost.exe Brak pliku
FirewallRules: [TCP Query User{11DCC021-A731-4D2F-9789-1D4E40CBD3DC}C:\users\marcin\appdata\local\temp\rar$exa0.265\the godfather\samp-server.exe] => (Allow) C:\users\marcin\appdata\local\temp\rar$exa0.265\the godfather\samp-server.exe Brak pliku
FirewallRules: [UDP Query User{848FCAF8-55CB-4792-AB16-41CBB9C361A7}C:\users\marcin\appdata\local\temp\rar$exa0.265\the godfather\samp-server.exe] => (Allow) C:\users\marcin\appdata\local\temp\rar$exa0.265\the godfather\samp-server.exe Brak pliku
FirewallRules: [{AE7456F4-F6AB-45BE-B628-6055C1F63C23}] => (Allow) C:\Program Files\Globus\GlobusService.exe Brak pliku
FirewallRules: [{0B67E8BF-F04B-49AE-AC08-99A1CA577EDF}] => (Allow) C:\Program Files\Globus\GlobusService.exe Brak pliku
FirewallRules: [{B706C06F-9127-4330-9F16-1A5D6E15DADF}] => (Allow) C:\Program Files\Globus\GlobusService.exe Brak pliku
FirewallRules: [{33E24249-2EAE-44B3-A994-D2B588B5EEE4}] => (Allow) C:\Program Files\Globus\GlobusService.exe Brak pliku
FirewallRules: [{5C65FFEC-9ADC-4A12-A5B3-37AABBD5F05E}] => (Block) C:\program files\windscribe\wsappcontrol.exe Brak pliku
FirewallRules: [{7E07FE9A-533C-4747-818B-B4F4E6A32EBC}] => (Block) C:\program files\windscribe\wsappcontrol.exe Brak pliku
FirewallRules: [{74C95249-2BDF-4D58-8615-5376E778B778}] => (Allow) K:\Program Files\CyberGhost 6\CyberGhost.exe Brak pliku
FirewallRules: [TCP Query User{A95C37A0-A3F5-4870-A760-0C1F6B01A02F}C:\program files\windscribe\wsappcontrol.exe] => (Allow) C:\program files\windscribe\wsappcontrol.exe Brak pliku
FirewallRules: [UDP Query User{4C540FA4-60E3-40BF-B55A-8BB183555B1D}C:\program files\windscribe\wsappcontrol.exe] => (Allow) C:\program files\windscribe\wsappcontrol.exe Brak pliku
FirewallRules: [TCP Query User{D054BFA2-8380-4E23-B5DD-C097F7652A80}C:\users\marcin\appdata\local\temp\rar$exa0.219\lsrp made by bbehar\samp-server.exe] => (Allow) C:\users\marcin\appdata\local\temp\rar$exa0.219\lsrp made by bbehar\samp-server.exe Brak pliku
FirewallRules: [UDP Query User{1B9DA572-795F-42AB-80ED-3F9F556D8903}C:\users\marcin\appdata\local\temp\rar$exa0.219\lsrp made by bbehar\samp-server.exe] => (Allow) C:\users\marcin\appdata\local\temp\rar$exa0.219\lsrp made by bbehar\samp-server.exe Brak pliku
FirewallRules: [{D5137FF7-3C61-4222-A4A0-A3684872BEDF}] => (Block) C:\users\marcin\appdata\local\temp\rar$exa0.219\lsrp made by bbehar\samp-server.exe Brak pliku
FirewallRules: [{A2609A90-A7EE-4E54-840C-80B20C5E893E}] => (Block) C:\users\marcin\appdata\local\temp\rar$exa0.219\lsrp made by bbehar\samp-server.exe Brak pliku
FirewallRules: [TCP Query User{CC5563D2-D9E6-4ECF-9948-B47871F3D8E9}C:\users\marcin\appdata\local\temp\rar$exa0.289\lsrp made by bbehar\samp-server.exe] => (Allow) C:\users\marcin\appdata\local\temp\rar$exa0.289\lsrp made by bbehar\samp-server.exe Brak pliku
FirewallRules: [UDP Query User{C12EC018-0DC5-4EC2-9307-78BBF73BFC2B}C:\users\marcin\appdata\local\temp\rar$exa0.289\lsrp made by bbehar\samp-server.exe] => (Allow) C:\users\marcin\appdata\local\temp\rar$exa0.289\lsrp made by bbehar\samp-server.exe Brak pliku
FirewallRules: [{23671713-66F3-4012-BA0B-C5724AE3D8D7}] => (Block) C:\users\marcin\appdata\local\temp\rar$exa0.289\lsrp made by bbehar\samp-server.exe Brak pliku
FirewallRules: [{E5B75D0F-A39B-4EFB-9C57-6F1D689556A3}] => (Block) C:\users\marcin\appdata\local\temp\rar$exa0.289\lsrp made by bbehar\samp-server.exe Brak pliku
FirewallRules: [TCP Query User{E8A6D2EF-EDE2-4A1E-A189-E2A4DF8E125C}J:\lsrp made by bbehar\samp-server.exe] => (Allow) J:\lsrp made by bbehar\samp-server.exe Brak pliku
FirewallRules: [UDP Query User{C0660BAB-AA7B-428E-BDBF-082987B1BCC0}J:\lsrp made by bbehar\samp-server.exe] => (Allow) J:\lsrp made by bbehar\samp-server.exe Brak pliku
FirewallRules: [{6B14B809-43FD-4E19-87DC-3F1963326137}] => (Block) J:\lsrp made by bbehar\samp-server.exe Brak pliku
FirewallRules: [{A69E1CD0-5527-4F7F-B1EB-06B6B20F8FCC}] => (Block) J:\lsrp made by bbehar\samp-server.exe Brak pliku
FirewallRules: [{A04F3409-8AF5-43D3-AE72-834130574C65}] => (Allow) C:\Users\Marcin\AppData\Local\Torch\Plugins\Hola\hola_plugin_x64.exe Brak pliku
FirewallRules: [TCP Query User{324364FC-CA03-4F7E-8ED7-3B67DFA39900}C:\users\marcin\appdata\local\temp\rar$exa0.018\sons server\samp-server.exe] => (Allow) C:\users\marcin\appdata\local\temp\rar$exa0.018\sons server\samp-server.exe Brak pliku
FirewallRules: [UDP Query User{2C225764-380E-40BE-BA6F-D0DD3865B300}C:\users\marcin\appdata\local\temp\rar$exa0.018\sons server\samp-server.exe] => (Allow) C:\users\marcin\appdata\local\temp\rar$exa0.018\sons server\samp-server.exe Brak pliku
FirewallRules: [{CD011684-E944-4C49-8FEA-67FA76E07395}] => (Block) C:\users\marcin\appdata\local\temp\rar$exa0.018\sons server\samp-server.exe Brak pliku
FirewallRules: [{0B710CFC-78B5-4D70-A3F4-68A2E9D5CB29}] => (Block) C:\users\marcin\appdata\local\temp\rar$exa0.018\sons server\samp-server.exe Brak pliku
FirewallRules: [TCP Query User{EB4C2D48-0ACF-4779-BEE4-61036A8B4194}C:\users\marcin\appdata\local\temp\rar$exa0.549\sons server\samp-server.exe] => (Allow) C:\users\marcin\appdata\local\temp\rar$exa0.549\sons server\samp-server.exe Brak pliku
FirewallRules: [UDP Query User{162FB5A0-4BED-4420-A25B-50FA58E142CA}C:\users\marcin\appdata\local\temp\rar$exa0.549\sons server\samp-server.exe] => (Allow) C:\users\marcin\appdata\local\temp\rar$exa0.549\sons server\samp-server.exe Brak pliku
FirewallRules: [{F736BB16-6113-4233-94CF-EF01189E1AEB}] => (Block) C:\users\marcin\appdata\local\temp\rar$exa0.549\sons server\samp-server.exe Brak pliku
FirewallRules: [{A0575698-D17E-40E5-AC24-9D6F20FB5A75}] => (Block) C:\users\marcin\appdata\local\temp\rar$exa0.549\sons server\samp-server.exe Brak pliku
Hosts:
EmptyTemp:

Plik zapisz pod nazwą fixlist.txt i umieść obok FRST w tym samym folderze.
Uruchom FRST i kliknij w Fix/Napraw.

Dodano po 11 [minuty]:

https://spece.it/kilka-slow-o-bledzie-invalid-win32-application-i-kompatybilnosci-w-systemach-windows/
Możesz też to przeczytać.

Anonymous · Answer

Nieźle...Coś się zmieniło?

Sons · Answer

No właśnie niestety historia przeglądania zniknęła w Chrome, ale nadal pewne programy nie działają

Anonymous · Answer

EmptyTemp: - czyści pliki tymczasowe itp.Czy te programy na pewno są zgodne z tą wersją systemu?https://spece.it/kilka-slow-o-bledzie-invalid...cation-i-kompatybilnosci-w-systemach-windows/

Sons · Answer

A da się odzyskać tą historię przeglądania czy tak nie bardzo?Chodzi Ci o tryb zgodności, jeśli tak no to wszystko było zgodne bo pewne programy działały bez problemowo do pewnego czasu jak to się nie stało - mi się wydaje, że to coś innego, jakiś inny syf; może lepiej przeskanować dr web cureit na windows i tam może będzie widoczny problem? Bo jak nim skanowałem to wyskoczyły trojany, rootkity etc

Anonymous · Answer

A po co chcesz odzyskać historię przeglądania? https://www.elektroda.pl/rtvforum/topic3527102.html

Sons wrote:
bo pewne programy działały bez problemowo do pewnego czasu jak to się nie stało

A co instalowałeś przed tym problemem?

Sons wrote:
może lepiej przeskanować dr web cureit na windows i tam może będzie widoczny problem? Bo jak nim skanowałem to wyskoczyły trojany, rootkity etc

I on je usunął czy co z nimi zrobił?

Malware nic nie pokazuje, FRST nic nie pokazuje, więc to już raczej nie infekcja.

Sons · Answer

Bo były tam pewne strony, które nie zapisałem, a mogłem sprawdzić jak to było dawno temu.Zneutralizowałem je, ale eset informował mnie o tym rootkicie, ale nie mogłem go usunąć bo wystąpił błąd leczeniaTo nie wiem co to może być

Anonymous · Answer

Teraz w FRST nic nie widać.Nie wiem co się działo przed awarią i co musiałeś zainstalować, że coś się popsuło.

Sons · Answer

Co jeszcze mogę zrobić?