TA STRONA UŻYWA COOKIE. Dowiedz się więcej o celu ich używania i zmianie ustawień cookie w przeglądarce. Korzystając ze strony wyrażasz zgodę na używanie cookie, zgodnie z aktualnymi ustawieniami przeglądarki.
Od dnia 25.05.2018 r. na terenie Unii Europejskiej wchodzi w życie Rozporządzenie Parlamentu Europejskiego w sprawie ochrony danych osobowych. Prosimy o zapoznanie się z polityką prywatności oraz regulaminem serwisu  [X]

prosba o weryfikację logów (zamarzanie kursora myszy)

Logi, zabezpieczenie komputera, danych. Programy antywirusowe antyspyware, firewall itp.
Regulamin forum
1. Każdy temat powinien odzwierciedlać treść wątku.
2. W przypadku wklejania logów; należy je wykonać od razu przynajmniej z dwóch narzędzi: FRST oraz z GMER
3. Wszelkie logi proszę publikować na przeznaczonych do tego stronach a w poście wklejać tylko link.
4. Nie wskazane jest skracanie logów, należy wkleić cały - od początku, do końca.
5. Nie wskazane jest podczepianie się do tematów innych użytkowników - proszę założyć nowy temat w dziale Bezpieczeństwo, ułatwi to pomoc sprawdzającemu.
6. Osoby nie posiadające odpowiedniej wiedzy, nie powinny sprawdzać logów, ponieważ grozi to poważnym uszkodzeniem systemu lub aplikacji zainstalowanych na komputerze.
7. Należy dokładnie opisać problem, występujące objawy oraz wszelkie podjęte działania.
8. Każdy skrypt jest unikatowy, napisany dla każdego przypadku z osobna, więc nie może być stosowany przez innych.
9. W przypadku zamieszczenia zrzutu ekranu (screenshot'a) proszę korzystać z zewnętrznego serwisu oferującego hosting zdjęć.

prosba o weryfikację logów (zamarzanie kursora myszy)

Postprzez kamien8 » 14 Gru 2018, 14:18

PostUA: Mozilla/5.0 (Windows NT 6.3; Win64; x64; rv:64.0) Gecko/20100101 Firefox/64.0


Dzień dobry.

Chciałbym prosić o weryfikację logów.
Objaw.
Na laptopie, na świeżo zainstalowanym Win8.1 (bez zainstalowanych zbędnych gadżetów) kursor myszki zastyga co jakiś czas na ułamek sekundy. Objaw pojawia się na świeżo uruchomionej maszynie i na już długo pracującej (czyli nie jest to raczej kwestia startujących w tle usług).

FRST https://justpaste.it/1vasj
FRST Addition https://justpaste.it/24iii
HijackThis https://justpaste.it/6vjrj


[wiadomość zawierała zbyt wiele znaków, więc podaję linki do logów]

Pozdrawiam,
Adam
kamien8
Forumowicz
Forumowicz
 
Posty: 27
Dołączenie: 05 Lut 2010, 10:39

Re: prosba o weryfikację logów (zamarzanie kursora myszy)

Postprzez Illidan » 14 Gru 2018, 15:08

PostUA: Mozilla/5.0 (Linux; Android 7.0; SLA-L22) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/71.0.3578.83 Mobile Safari/537.36


Sprawdzenie logów wieczorem, puki co pokaż jeszcze screen z Crystal Disk Info, ocenimy stan dysku twardego.
Awatar użytkownika
Illidan
Postujący
Postujący
 
Posty: 403
Dołączenie: 29 Paź 2017, 23:25
Miejscowość: Gliwice
Pochwały: 16

Re: prosba o weryfikację logów (zamarzanie kursora myszy)

Postprzez kamien8 » 14 Gru 2018, 15:51

PostUA: Mozilla/5.0 (Windows NT 6.3; Win64; x64; rv:64.0) Gecko/20100101 Firefox/64.0


https://bit.ly/2QXb5EM

Kod: Zaznacz wszystko
----------------------------------------------------------------------------
CrystalDiskInfo 8.0.0 (C) 2008-2018 hiyohiyo
                                Crystal Dew World : https://crystalmark.info/
----------------------------------------------------------------------------

    OS : Windows 8.1 Pro [6.3 Build 9600] (x64)
  Date : 2018/12/14 13:51:01

-- Controller Map ----------------------------------------------------------
 + Mobile 5th Generation Intel(R) Core(TM) SATA Controller [AHCI Mode] - 9C83 [ATA]
   - Samsung SSD 850 EVO 250GB
   - Slimtype DVD A  DA8A6SH
 - Microsoft Storage Spaces Controller [SCSI]

-- Disk List ---------------------------------------------------------------
 (1) Samsung SSD 850 EVO 250GB : 250.0 GB [0/0/0, pd1] - sg

----------------------------------------------------------------------------
 (1) Samsung SSD 850 EVO 250GB
----------------------------------------------------------------------------
           Model : Samsung SSD 850 EVO 250GB
        Firmware : EMT02B6Q
   Serial Number : S21PNXAG969421J
       Disk Size : 250.0 GB (8.4/137.4/250.0/250.0)
     Buffer Size : Unknown
     Queue Depth : 32
    # of Sectors : 488397168
   Rotation Rate : ---- (SSD)
       Interface : Serial ATA
   Major Version : ACS-2
   Minor Version : ATA8-ACS version 4c
   Transfer Mode : SATA/600 | SATA/600
  Power On Hours : 6791 hours
  Power On Count : 3633 count
     Host Writes : 6194 GB
Wear Level Count : 50
     Temperature : 31 C (87 F)
   Health Status : Good (100 %)
        Features : S.M.A.R.T., 48bit LBA, NCQ, TRIM, DevSleep
       APM Level : ----
       AAM Level : ----
    Drive Letter : C: D:

-- S.M.A.R.T. --------------------------------------------------------------
ID Cur Wor Thr RawValues(6) Attribute Name
05 100 100 _10 000000000000 Reallocated Sector Count
09 _98 _98 __0 000000001A87 Power-on Hours
0C _96 _96 __0 000000000E31 Power-on Count
B1 _97 _97 __0 000000000032 Wear Leveling Count
B3 100 100 _10 000000000000 Used Reserved Block Count (Total)
B5 100 100 _10 000000000000 Program Fail Count (Total)
B6 100 100 _10 000000000000 Erase Fail Count (Total)
B7 100 100 _10 000000000000 Runtime Bad Block (Total)
BB 100 100 __0 000000000000 Uncorrectable Error Count
BE _69 _50 __0 00000000001F Airflow Temperature
C3 200 200 __0 000000000000 ECC Error Rate
C7 100 100 __0 000000000000 CRC Error Count
EB _99 _99 __0 000000000008 POR Recovery Count
F1 _99 _99 __0 00030642AE08 Total LBAs Written

-- IDENTIFY_DEVICE ---------------------------------------------------------
        0    1    2    3    4    5    6    7    8    9
000: 0040 3FFF C837 0010 0000 0000 003F 0000 0000 0000
010: 5332 3150 4E58 4147 3936 3934 3231 4A20 2020 2020
020: 0000 0000 0000 454D 5430 3242 3651 5361 6D73 756E
030: 6720 5353 4420 3835 3020 4556 4F20 3235 3047 4220
040: 2020 2020 2020 2020 2020 2020 2020 8001 4001 2F00
050: 4000 0200 0200 0007 3FFF 0010 003F FC10 00FB 0101
060: FFFF 0FFF 0000 0007 0003 0078 0078 0078 0078 0F10
070: 0000 0000 0000 0000 0000 001F 850E 00C6 016C 0020
080: 03FC 0039 746B 7D01 4163 7469 BC01 4163 407F 0001
090: 0004 0000 FFFE 0000 0000 0000 0000 0000 0000 0000
100: 5970 1D1C 0000 0000 0000 0008 4000 0000 5002 538D
110: 4051 EB4E 0000 0000 0000 0000 0000 0000 0000 401E
120: 401C 0000 0000 0000 0000 0000 0000 0000 0029 0000
130: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
140: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
150: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
160: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0001
170: 2020 2020 2020 2020 0000 0000 0000 0000 0000 0000
180: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
190: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
200: 0000 0000 0000 0000 0000 0000 003D 0000 0000 4000
210: 0000 0000 0000 0000 0000 0000 0000 0001 0000 0000
220: 0000 0000 107F 0000 0000 0000 0000 0000 0000 0000
230: 0000 0000 0000 0000 0000 0800 0000 0000 0000 0000
240: 0000 0000 0000 4000 0000 0000 0000 0000 0000 0000
250: 0000 0000 0000 0000 0000 AFA5

-- SMART_READ_DATA ---------------------------------------------------------
     +0 +1 +2 +3 +4 +5 +6 +7 +8 +9 +A +B +C +D +E +F
000: 01 00 05 33 00 64 64 00 00 00 00 00 00 00 09 32
010: 00 62 62 87 1A 00 00 00 00 00 0C 32 00 60 60 31
020: 0E 00 00 00 00 00 B1 13 00 61 61 32 00 00 00 00
030: 00 00 B3 13 00 64 64 00 00 00 00 00 00 00 B5 32
040: 00 64 64 00 00 00 00 00 00 00 B6 32 00 64 64 00
050: 00 00 00 00 00 00 B7 13 00 64 64 00 00 00 00 00
060: 00 00 BB 32 00 64 64 00 00 00 00 00 00 00 BE 32
070: 00 45 32 1F 00 00 00 00 00 00 C3 1A 00 C8 C8 00
080: 00 00 00 00 00 00 C7 3E 00 64 64 00 00 00 00 00
090: 00 00 EB 12 00 63 63 08 00 00 00 00 00 00 F1 32
0A0: 00 63 63 08 AE 42 06 03 00 00 00 00 00 00 00 00
0B0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0C0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0D0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
110: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
120: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
130: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
140: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
150: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
160: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 53
170: 03 00 01 00 02 85 00 00 00 00 00 00 00 00 00 00
180: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
190: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1A0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1B0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1C0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1D0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 E3

-- SMART_READ_THRESHOLD ----------------------------------------------------
     +0 +1 +2 +3 +4 +5 +6 +7 +8 +9 +A +B +C +D +E +F
000: 01 00 05 0A 00 00 00 00 00 00 00 00 00 00 09 00
010: 00 00 00 00 00 00 00 00 00 00 0C 00 00 00 00 00
020: 00 00 00 00 00 00 B1 00 00 00 00 00 00 00 00 00
030: 00 00 B3 0A 00 00 00 00 00 00 00 00 00 00 B5 0A
040: 00 00 00 00 00 00 00 00 00 00 B6 0A 00 00 00 00
050: 00 00 00 00 00 00 B7 0A 00 00 00 00 00 00 00 00
060: 00 00 BB 00 00 00 00 00 00 00 00 00 00 00 BE 00
070: 00 00 00 00 00 00 00 00 00 00 C3 00 00 00 00 00
080: 00 00 00 00 00 00 C7 00 00 00 00 00 00 00 00 00
090: 00 00 EB 00 00 00 00 00 00 00 00 00 00 00 F1 00
0A0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0B0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0C0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0D0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
110: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
120: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
130: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
140: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
150: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
160: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
170: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
180: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
190: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1A0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1B0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1C0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1D0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 4E
kamien8
Forumowicz
Forumowicz
 
Posty: 27
Dołączenie: 05 Lut 2010, 10:39

Re: prosba o weryfikację logów (zamarzanie kursora myszy)

Postprzez Illidan » 14 Gru 2018, 16:40

PostUA: Mozilla/5.0 (Linux; Android 7.0; SLA-L22) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/71.0.3578.83 Mobile Safari/537.36


Dysk masz sprawny. Zobacz jeszcze zachowanie systemu podczas czystego rozruchu i uaktualnij sterowniki i oprogramowanie w nim. Do oprogramowania uyj darmowego PatchMyPC.Do sterowników SnailDriver :
https://sites.google.com/site/twierdzac ... naildriver
Tu jak czysty rozruch zrobić :
https://support.microsoft.com/pl-pl/hel ... in-windows
Awatar użytkownika
Illidan
Postujący
Postujący
 
Posty: 403
Dołączenie: 29 Paź 2017, 23:25
Miejscowość: Gliwice
Pochwały: 16

Re: prosba o weryfikację logów (zamarzanie kursora myszy)

Postprzez Illidan » 15 Gru 2018, 04:33

PostUA: Mozilla/5.0 (Windows NT 6.2) AppleWebKit/537.22 (KHTML, like Gecko) Chrome/71.0.3578.80 Safari/537.22 anonymized by Abelssoft 154108910


Uruchom "FRST". NA klawiaturze naciśnij jednocześnie "CTRL+Y" .Otworzy się Notatnik, wklej do niego:
Kod: Zaznacz wszystko
HKLM-x32\...\Run: [] => [X]
GroupPolicy: Restriction ? <==== ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <==== ATTENTION
U3 iswSvc; no ImagePath
ContextMenuHandlers1: [Adobe.Acrobat.ContextMenu] -> [CC]{D25B2CAB-8A9A-4517-A9B2-CB5F68A5A802} => -> No File
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
ContextMenuHandlers6: [Adobe.Acrobat.ContextMenu] -> [CC]{D25B2CAB-8A9A-4517-A9B2-CB5F68A5A802} => -> No File
EmptyTemp:


Na klawiaturze naciśnij jednocześnie "CTRL+S". W "FRST uruchom opcję na "Fix / Napraw". Następnie pobierz darmowy "AdwCleaner" i pokaż raport ze skanowania:
https://sites.google.com/site/twierdzac ... a-programu

Tak jak sugerowałem aktualizuj sterowniki w systemie, system zgłasza problemy:
Kod: Zaznacz wszystko
==================== Faulty Device Manager Devices =============

Name: Intel(R) Atom(TM)/Celeron(R)/Pentium(R) Processor Intel DPTF Thermal Framework Device - 3400
Description: Intel(R) Atom(TM)/Celeron(R)/Pentium(R) Processor Intel DPTF Thermal Framework Device - 3400
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: Mobile 5th Generation Intel(R) Core(TM) Camarillo Device - 1603
Description: Mobile 5th Generation Intel(R) Core(TM) Camarillo Device - 1603
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name:
Description:
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Error: (12/14/2018 11:53:52 AM) (Source: Microsoft-Windows-Kernel-Processor-Power) (EventID: 54) (User: NT AUTHORITY)
Description: Collaborative processor power controls on processor 3 in group 0 are disabled due to a firmware problem. Check with the computer manufacturer for updated firmware.
Awatar użytkownika
Illidan
Postujący
Postujący
 
Posty: 403
Dołączenie: 29 Paź 2017, 23:25
Miejscowość: Gliwice
Pochwały: 16

Re: prosba o weryfikację logów (zamarzanie kursora myszy)

Postprzez kamien8 » 16 Gru 2018, 00:36

PostUA: Mozilla/5.0 (Windows NT 6.3; Win64; x64; rv:64.0) Gecko/20100101 Firefox/64.0


Hej, zrobiłem jak napisałeś.

Po aktualizacji sterowników nadal została jakaś sierotka bez:
https://www.screencast.com/t/kv8ttqVB

AdwCleaner nie nic znalazł.
System jakby płynniej chodzi.

Jest sens porównywać start na czystym systemie?
kamien8
Forumowicz
Forumowicz
 
Posty: 27
Dołączenie: 05 Lut 2010, 10:39

Re: prosba o weryfikację logów (zamarzanie kursora myszy)

Postprzez Illidan » 16 Gru 2018, 03:18

PostUA: Mozilla/5.0 (Windows NT 6.2) AppleWebKit/537.22 (KHTML, like Gecko) Chrome/71.0.3578.80 Safari/537.22 anonymized by Abelssoft 154108910


Nie tyle start co i płynność działania.
Ta sierotka to jakaś karta sieciowa, czy modem...Zobacz co na to "Driver identifier", to alternatywa "SanailDrivers". Pokaż jeszcze nowe logi z "FRST", czyli główny i "Addition". Przeskanj system jeszcze "RK" i pokaż log. Program ten pobierz najlepiej w wersji "Portable":
https://sites.google.com/site/twierdzac ... gramowania
Awatar użytkownika
Illidan
Postujący
Postujący
 
Posty: 403
Dołączenie: 29 Paź 2017, 23:25
Miejscowość: Gliwice
Pochwały: 16

Re: prosba o weryfikację logów (zamarzanie kursora myszy)

Postprzez kamien8 » 16 Gru 2018, 22:12

PostUA: Mozilla/5.0 (Windows NT 6.3; Win64; x64; rv:64.0) Gecko/20100101 Firefox/64.0


FRST: https://justpaste.it/3awx7

RK nie nie znalazł.

Czy driveridentifier.com jest bezpieczny? Znalazłem trochę wpisów, że sam z siebie wrzuca reklamy.

Addition
Kod: Zaznacz wszystko
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 09.12.2018
Ran by adam (16-12-2018 20:01:20)
Running from D:\Downloads\System Tools
Windows 8.1 Pro (Update) (X64) (2018-12-06 19:06:43)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

adam (S-1-5-21-537903363-2798869277-3563865902-1001 - Administrator - Enabled) => C:\Users\adam
Administrator (S-1-5-21-537903363-2798869277-3563865902-500 - Administrator - Disabled)
Guest (S-1-5-21-537903363-2798869277-3563865902-501 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: ZoneAlarm Free Firewall Firewall (Enabled) {8D637332-9C08-995E-98D7-8237936B0E9F}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

7-Zip 18.05 (x64) (HKLM\...\7-Zip) (Version: 18.05 - Igor Pavlov)
Adobe Acrobat X Pro - English, Français, Deutsch (HKLM-x32\...\{AC76BA86-1033-F400-7760-000000000005}) (Version: 10.0.0 - Adobe Systems)
Adobe Photoshop Lightroom 5.7 64-bit (HKLM\...\{1B77B02E-17E4-4B6D-B8A1-74B29AF3D8DD}) (Version: 5.7.0 - Adobe Systems Incorporated)
ASUS Smart Gesture (HKLM-x32\...\{4D3286A6-F6AB-498A-82A4-E4F040529F3D}) (Version: 3.0.14 - ASUS)
ATK Package (HKLM-x32\...\{AB5C933E-5C7D-4D30-B314-9C83A49B94BE}) (Version: 1.0.0050 - ASUS)
CCleaner (HKLM\...\CCleaner) (Version: 5.50 - Piriform)
Check Point SBA (HKLM\...\{B212ABB9-E151-444B-975C-8A3EA9DC8EFB}) (Version: 86.4.9056 - Check Point Software Technologies Ltd.) Hidden
DisplayDriverAnalyzer (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_DisplayDriverAnalyzer) (Version: 417.22 - NVIDIA Corporation) Hidden
ELAN Touchpad 11.5.16.2_X64_WHQL (HKLM\...\Elantech) (Version: 11.5.16.2 - ELAN Microelectronic Corp.)
eM Client (HKLM-x32\...\{E1A91386-A21E-484E-8FED-47BA87671427}) (Version: 7.2.34062.0 - eM Client Inc.)
FastStone Image Viewer 6.7 (HKLM-x32\...\FastStone Image Viewer) (Version: 6.7 - FastStone Soft)
FontBase 2.6.6 (HKU\S-1-5-21-537903363-2798869277-3563865902-1001\...\ffc1e284-e25b-515d-b453-93eb9fe955eb) (Version: 2.6.6 - Dominik Levitsky Studio)
foobar2000 v1.4.1 (HKLM-x32\...\foobar2000) (Version: 1.4.1 - Peter Pawlowski)
HD Video Converter Factory Pro 17.0 (HKLM-x32\...\HD Video Converter Factory Pro) (Version: 17.0 - WonderFox Soft, Inc.)
Intel(R) Chipset Device Software (HKLM-x32\...\{f5d71765-7cd1-4e68-998f-5b379e725da3}) (Version: 10.0.22 - Intel(R) Corporation) Hidden
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.14.4385 - Intel Corporation)
jAlbum (HKLM\...\{EB433E79-52E8-455C-9140-1F8068A3ACCC}) (Version: 13.3 - Jalbum AB)
Jing (HKLM-x32\...\{8C784F8B-89D0-4A59-A000-7EEF129E1574}) (Version: 2.9.15255.1 - TechSmith Corporation)
KeePass Password Safe 2.40 (HKLM-x32\...\KeePassPasswordSafe2_is1) (Version: 2.40 - Dominik Reichl)
Malwarebytes version 3.6.1.2711 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.6.1.2711 - Malwarebytes)
Mediatek Bluetooth (HKLM\...\{1C41AEAE-7DD5-29D6-FA5F-D1E8A12ECE4E}) (Version: 11.0.760.0 - Mediatek)
Microsoft Office 365 ProPlus - en-us (HKLM\...\O365ProPlusRetail - en-us) (Version: 16.0.11029.20108 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-537903363-2798869277-3563865902-1001\...\OneDriveSetup.exe) (Version: 18.222.1104.0007 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (HKLM\...\{350AA351-21FA-3270-8B7A-835434E766AD}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.30319 (HKLM-x32\...\{196BB40D-1578-3D01-B289-BEFC77A11A1E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Mozilla Firefox 64.0 (x64 en-GB) (HKLM\...\Mozilla Firefox 64.0 (x64 en-GB)) (Version: 64.0 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 63.0.3 - Mozilla)
Notepad++ (64-bit x64) (HKLM\...\Notepad++) (Version: 7.6 - Notepad++ Team)
NVIDIA Graphics Driver 417.22 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 417.22 - NVIDIA Corporation)
NVIDIA PhysX System Software 9.18.0907 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.18.0907 - NVIDIA Corporation)
Office 16 Click-to-Run Extensibility Component (HKLM\...\{90160000-008C-0000-1000-0000000FF1CE}) (Version: 16.0.11029.20108 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-007E-0000-1000-0000000FF1CE}) (Version: 16.0.11029.20108 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM\...\{90160000-008C-0409-1000-0000000FF1CE}) (Version: 16.0.11029.20108 - Microsoft Corporation) Hidden
Ralink RT2860 Wireless LAN Card (HKLM-x32\...\{8FC4F1DD-F7FD-4766-804D-3C8FF1D309B0}) (Version: 5.0.55.0 - Ralink)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 6.2.9200.39048 - Realtek Semiconductor Corp.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.33.529.2014 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.8186 - Realtek Semiconductor Corp.)
RogueKiller version 13.0.16.0 (HKLM\...\8B3D7924-ED89-486B-8322-E8594065D5CB_is1) (Version: 13.0.16.0 - Adlice Software)
Samsung Magician (HKLM-x32\...\{29AE3F9F-7158-4ca7-B1ED-28A73ECDB215}_is1) (Version: 5.3.0.1910 - Samsung Electronics)
Sandboxie 5.26 (64-bit) (HKLM\...\Sandboxie) (Version: 5.26 - Sandboxie Holdings, LLC)
Skype version 8.36 (HKLM-x32\...\Skype_is1) (Version: 8.36 - Skype Technologies S.A.)
SnailDriver 2 Lite version 2.1.2.0 (HKLM-x32\...\{3189DA22-4E71-4794-9F3D-39A3DE0062DE}_is1) (Version: 2.1.2.0 - Snailsuite)
Total Commander 64-bit (Remove or Repair) (HKLM\...\Totalcmd64) (Version: 9.21a - Ghisler Software GmbH)
VLC media player (HKLM\...\VLC media player) (Version: 3.0.4 - VideoLAN)
WhereIsIt? 2014 (HKLM-x32\...\whereisit-wii_is1) (Version: 2014 - Robert Galle)
Windows Driver Package - ASUS (ATP) Mouse  (01/13/2015 1.0.0.233) (HKLM\...\8335D73177E6D80E7ADC00FED2275758BD28AEFB) (Version: 01/13/2015 1.0.0.233 - ASUS)
ZoneAlarm Anti-Ransomware (HKLM-x32\...\{0B8C3231-9818-4CB9-8213-4AB839836791}) (Version: 1.001.0704 - Check Point Software) Hidden
ZoneAlarm Firewall (HKLM-x32\...\{6F277433-5A52-4DC5-AA23-ECE8FD045EBD}) (Version: 15.4.062.17802 - Check Point Software Technologies Ltd.) Hidden
ZoneAlarm Free Firewall (HKLM-x32\...\ZoneAlarm Free Firewall) (Version: 15.4.062.17802 - Check Point)
ZoneAlarm Security (HKLM-x32\...\{37F2A556-851C-46BA-BDD4-48745E7A106B}) (Version: 15.4.062.17802 - Check Point Software Technologies Ltd.) Hidden

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-537903363-2798869277-3563865902-1001_Classes\CLSID\{820D63D5-8CFF-46DE-86AF-4997DEDD6DB5}\localserver32 -> C:\Windows\system32\igfxEM.exe (Intel Corporation)
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2018-04-30] (Igor Pavlov)
ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} => C:\Program Files\Notepad++\NppShell_06.dll [2018-11-12] ()
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2018-09-19] (Malwarebytes)
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2018-04-30] (Igor Pavlov)
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\Windows\system32\igfxDTCM.dll [2018-03-27] (Intel Corporation)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\Windows\system32\nvshext.dll [2018-11-29] (NVIDIA Corporation)
ContextMenuHandlers6: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2018-04-30] (Igor Pavlov)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2018-09-19] (Malwarebytes)

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {034FB27D-AA4D-43F1-9F9C-FD0BE330C7A1} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [2018-11-28] (Piriform Ltd)
Task: {05C3BA7C-32B0-4910-ADFD-7FCC2A83AB12} - System32\Tasks\NvTmRepCR2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2018-11-29] (NVIDIA Corporation)
Task: {0A17BEB1-8AD8-41BF-8117-6F5637211AC3} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\Program Files\Windows Defender\\MpCmdRun.exe [2017-01-12] (Microsoft Corporation)
Task: {115695B8-AA5B-4B2A-BD6F-E09E56930866} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2018-11-28] (Piriform Software Ltd)
Task: {12348269-B60D-4B06-86D7-2D54C2F8E920} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2018-12-07] (Microsoft Corporation)
Task: {146A32B3-5DA2-42E9-9D14-363D075E75D6} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [2018-12-08] (Microsoft Corporation)
Task: {15840BBA-F7A3-4F9E-BE35-7E59B1CE4EC4} - System32\Tasks\RtHDVBg_ListenToDevice => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2017-06-29] (Realtek Semiconductor)
Task: {1FD07CA2-819E-41C3-9F10-0868260EA0C5} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\Program Files\Windows Defender\\MpCmdRun.exe [2017-01-12] (Microsoft Corporation)
Task: {2D3958C9-B35C-4A0A-BDD1-47687F575772} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2018-12-07] (Microsoft Corporation)
Task: {2D580328-B726-4F60-A8B1-4E3639D88A75} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerLogon => C:\Program Files\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [2018-12-14] (Microsoft Corporation)
Task: {307F9EF6-4C15-4861-864A-F9314F3AA343} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\Program Files\Windows Defender\\MpCmdRun.exe [2017-01-12] (Microsoft Corporation)
Task: {311A5163-7422-4510-95E6-07DB510184F7} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\VFS\ProgramFilesCommonX64\Microsoft Shared\Office16\sdxhelper.exe [2018-12-14] (Microsoft Corporation)
Task: {315D7CFC-6418-41AD-BAFE-345F22281D88} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2018-11-29] (NVIDIA Corporation)
Task: {38969C6B-6754-489B-9420-F63A77B08A6C} - System32\Tasks\ATK Package 36D18D69AFC3 => C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\SimAppExec.exe [2015-09-22] (ASUSTek Computer Inc.)
Task: {6649CAFD-6DDC-4782-B6FB-A069AF0AFF20} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerRegistration => C:\Program Files\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [2018-12-14] (Microsoft Corporation)
Task: {6ACF899D-3B83-4A55-9CAF-DFA82A2C88EA} - System32\Tasks\SamsungMagician => C:\Program Files (x86)\Samsung\Samsung Magician\SamsungMagician.exe [2018-10-05] (Samsung Electronics Co. Ltd.)
Task: {82E3B68D-2CAC-4277-8A64-947F3BA3758E} - System32\Tasks\NvTmRepCR3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2018-11-29] (NVIDIA Corporation)
Task: {830616B5-6B3D-4EE8-BB56-071FB541EA81} - System32\Tasks\ASUS Smart Gesture Launcher => C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPLauncher.exe [2015-03-18] (AsusTek)
Task: {83129F0D-45BA-4EED-9F5B-DCA2AFCEB2DF} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\VFS\ProgramFilesCommonX64\Microsoft Shared\Office16\sdxhelper.exe [2018-12-14] (Microsoft Corporation)
Task: {89059439-0E15-4FC9-B39A-6999438BA962} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\Program Files\Windows Defender\\MpCmdRun.exe [2017-01-12] (Microsoft Corporation)
Task: {8A1B5E02-D441-4547-9623-B4B8CB82AC1C} - System32\Tasks\NvTmRepCR1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2018-11-29] (NVIDIA Corporation)
Task: {8A8AB9E9-5FAA-4EA6-8737-4445ADA1AAB2} - System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmMon.exe [2018-11-29] (NVIDIA Corporation)
Task: {9770F37B-50AD-4FDF-A251-77B1CD5FA5C8} - System32\Tasks\SnailDriver2_Lite_Launch => C:\Program Files (x86)\SnailSuite\SnailDriver 2 Lite\SnailLaunch.exe [2018-07-26] (SnailDrivers)
Task: {A3107D51-F0B8-4BB7-A82C-052561856C66} - System32\Tasks\RTKCPL => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2017-06-29] (Realtek Semiconductor)
Task: {A92EA702-50DC-40D9-87A8-A546440A7F8C} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [2018-12-08] (Microsoft Corporation)
Task: {AE8A1BD7-8A8D-4F4F-A1E0-815E5B60202D} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2018-11-29] (NVIDIA Corporation)
Task: {B5D6C8A1-A0D1-4035-A711-C1B33444BE39} - System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2018-11-29] (NVIDIA Corporation)
Task: {DB10FEC2-F0BD-407A-8D78-7EC1D87DAD3C} - System32\Tasks\ATK Package A22126881260 => C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\SimAppExec.exe [2015-09-22] (ASUSTek Computer Inc.)
Task: {DD8856BA-FB7C-4BD6-AEC6-78707A9ADA20} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonx64\Microsoft Shared\Office16\OLicenseHeartbeat.exe [2018-12-14] (Microsoft Corporation)
Task: {E9C54D33-A42F-4305-95EC-68ACBBA9F8A5} - System32\Tasks\SnailDriver2_Lite_SkipUAC => C:\Program Files (x86)\SnailSuite\SnailDriver 2 Lite\SnailDriver.exe [2018-07-26] (Snail)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)


==================== Loaded Modules (Whitelisted) ==============

2018-11-12 23:35 - 2018-11-12 23:35 - 000230064 _____ () C:\Program Files\Notepad++\NppShell_06.dll
2018-12-06 20:55 - 2018-03-27 07:01 - 000381928 _____ () C:\Windows\system32\igfxTray.exe
2018-10-25 02:39 - 2018-10-25 02:39 - 000033016 _____ () C:\Program Files (x86)\CheckPoint\Endpoint Security\TPCommon\Cipolla\SBACipollaSrvHost.exe
2018-10-25 01:44 - 2018-10-25 01:44 - 000163576 _____ () C:\Program Files (x86)\CheckPoint\Endpoint Security\TPCommon\TPCommonCLI.dll
2018-08-29 15:21 - 2018-08-29 15:21 - 000095992 _____ () C:\Program Files (x86)\CheckPoint\Endpoint Security\Remediation\RemediationProxyWrapperLib.dll
2018-09-05 11:11 - 2018-09-05 11:11 - 000104184 _____ () C:\Program Files (x86)\CheckPoint\Endpoint Security\Reputation\ReputationProviderCLI.dll
2018-12-14 19:30 - 2018-06-01 16:28 - 000148480 _____ () C:\Program Files (x86)\SnailSuite\SnailDriver 2 Lite\CrashRpt1403.dll
2018-12-14 19:30 - 2018-06-01 16:28 - 000797696 _____ () C:\Program Files (x86)\SnailSuite\SnailDriver 2 Lite\sqlite3.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)


==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\vsmon => ""="Service"

==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)


==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2013-08-22 13:25 - 2013-08-22 13:25 - 000000824 _____ C:\Windows\system32\Drivers\etc\hosts


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-537903363-2798869277-3563865902-1001\Control Panel\Desktop\\Wallpaper -> D:\Documents\Dzogczen\A.jpg
DNS Servers: 192.168.1.254
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: Off)
Windows Firewall is disabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

If an entry is included in the fixlist, it will be removed.

HKLM\...\StartupApproved\Run: => "Logitech Download Assistant"
HKLM\...\StartupApproved\Run32: => "KeePass 2 PreLoad"
HKLM\...\StartupApproved\Run32: => "Adobe ARM"
HKLM\...\StartupApproved\Run32: => "Adobe Acrobat Speed Launcher"
HKLM\...\StartupApproved\Run32: => "Acrobat Assistant 8.0"
HKU\S-1-5-21-537903363-2798869277-3563865902-1001\...\StartupApproved\Run: => "SandboxieControl"
HKU\S-1-5-21-537903363-2798869277-3563865902-1001\...\StartupApproved\Run: => "Uninstall 18.151.0729.0013"
HKU\S-1-5-21-537903363-2798869277-3563865902-1001\...\StartupApproved\Run: => "Uninstall 18.151.0729.0013\amd64"
HKU\S-1-5-21-537903363-2798869277-3563865902-1001\...\StartupApproved\Run: => "Lync"

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{77F3ECB4-0A40-4D64-8CA8-081929B6B83D}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{4D8B1072-8B09-49B4-B673-6EFB74B080FF}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{0E34502E-2944-4480-9B96-225E1C8D14E1}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\outlook.exe
FirewallRules: [{FCDB8CB7-322F-42C9-A88E-618C45888497}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\Lync.exe
FirewallRules: [{A07778EB-7A17-44B9-AF59-7030D9298F97}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\Lync.exe
FirewallRules: [{FCB3F1DE-794C-49B6-806E-6B18CAC06AE7}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\UcMapi.exe
FirewallRules: [{95F137AD-C3BB-4376-AF7B-77A62FEA7363}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\UcMapi.exe
FirewallRules: [{C9889982-F0F1-4EE0-B803-EE0B398CCD90}] => (Allow) C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsmon.exe
FirewallRules: [{E423DCDA-E434-4DDE-9716-E3C0C5BCA400}] => (Allow) C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsmon.exe
FirewallRules: [{7F9E91CC-BE13-412A-8527-C69EF39216A6}] => (Allow) C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsmon.exe
FirewallRules: [{8E34D195-C425-4D9A-BE0E-F1CF20F54C5E}] => (Allow) C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsmon.exe
FirewallRules: [{FC25DDA0-5356-40F0-BCC9-05FBA7BCE3D1}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe
FirewallRules: [{BAD0CE86-4BD6-450B-87C7-970F92EF5722}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe
FirewallRules: [{D3B98615-D1B5-4ECE-8E62-33AA05D8047C}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe
FirewallRules: [{9207AA93-7846-478A-9047-9B80E7B74160}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe

==================== Restore Points =========================

14-12-2018 19:32:58 Snail Driver install restore point

==================== Faulty Device Manager Devices =============

Name: Mobile 5th Generation Intel(R) Core(TM) Camarillo Device - 1603
Description: Mobile 5th Generation Intel(R) Core(TM) Camarillo Device - 1603
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.


==================== Event log errors: =========================

Application errors:
==================
Error: (12/15/2018 10:27:22 PM) (Source: DptfEvent) (EventID: 1) (User: )
Description: DptfPolicyConfigTDPService
ServiceMainThread:  NotifyServiceStatusRunning() failed.

Error: (12/15/2018 10:27:22 PM) (Source: DptfEvent) (EventID: 2) (User: )
Description: DptfPolicyConfigTDPService
NotifyServiceStatusRunning:  DeviceIoControl() failed.
Last error = [0x0000001f]

Error: (12/15/2018 03:45:21 PM) (Source: Microsoft-Windows-Defrag) (EventID: 257) (User: )
Description: The volume Odzyskiwanie was not optimised because an error was encountered: The parameter is incorrect. (0x80070057)

Error: (12/14/2018 10:08:26 PM) (Source: DptfEvent) (EventID: 2) (User: )
Description: DptfPolicyLpmServiceHelper
WinMain:  CreateSharedMemory() failed.
Session ID = 2

Error: (12/14/2018 10:08:26 PM) (Source: DptfEvent) (EventID: 3) (User: )
Description: DptfPolicyLpmServiceHelper
CreateSharedMemory:  WaitForSingleObject() with g_pkeLpmSharedMemoryCreated failed
Last error = [0x00000102]
Session ID = 2

Error: (12/14/2018 07:44:49 PM) (Source: DptfEvent) (EventID: 1) (User: )
Description: DptfInvalidPolicyRemover
DptfInvalidPolicyRemover:  executeFile() failed.

Error: (12/14/2018 07:44:48 PM) (Source: DptfEvent) (EventID: 1) (User: )
Description: DptfInvalidPolicyRemover
executeFile:  failed to remove item for policy guid [97C68AE7-15FA-499C-B8C9-5DA81D606E0A]
directive:  [dependency]
value:  [64568CCD-6597-4BFC-B9D6-9D33854013CE]

Error: (12/14/2018 07:44:48 PM) (Source: DptfEvent) (EventID: 1) (User: )
Description: DptfInvalidPolicyRemover
executeLine:  invalid directive.


System errors:
=============
Error: (12/16/2018 02:25:04 PM) (Source: Ntfs) (EventID: 55) (User: NT AUTHORITY)
Description: A corruption was discovered in the file system structure on volume E:.

A corruption was found in a file system index structure.  The file reference number is 0x200000002af22.  The name of the file is "\2018-11-17 - Marta ASUS backup przed LinuxMint\D\Desktop\z telefonu".  The corrupted index attribute is ":$I30:$INDEX_ALLOCATION".

Error: (12/16/2018 02:24:21 PM) (Source: Microsoft-Windows-Ntfs) (EventID: 98) (User: NT AUTHORITY)
Description: E:\Device\HarddiskVolume62

Error: (12/15/2018 10:27:03 PM) (Source: volmgr) (EventID: 46) (User: )
Description: Crash dump initialization failed!

Error: (12/15/2018 10:26:36 PM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the CPEFR service.

Error: (12/15/2018 05:27:30 PM) (Source: DCOM) (EventID: 10010) (User: ak)
Description: The server {1B1F472E-3221-4826-97DB-2C2324D389AE} did not register with DCOM within the required timeout.

Error: (12/15/2018 05:27:00 PM) (Source: DCOM) (EventID: 10010) (User: ak)
Description: The server {BF6C1E47-86EC-4194-9CE5-13C15DCB2001} did not register with DCOM within the required timeout.

Error: (12/15/2018 03:40:24 PM) (Source: DCOM) (EventID: 10010) (User: ak)
Description: The server {1B1F472E-3221-4826-97DB-2C2324D389AE} did not register with DCOM within the required timeout.

Error: (12/15/2018 03:39:54 PM) (Source: DCOM) (EventID: 10010) (User: ak)
Description: The server {1B1F472E-3221-4826-97DB-2C2324D389AE} did not register with DCOM within the required timeout.


Windows Defender:
===================================
Date: 2018-12-15 22:22:48.663
Description:
Windows Defender scan has been stopped before completion.
Scan ID: {E0FDB641-08EB-4E83-B92C-28859C9BD67A}
Scan Type: Antimalware
Scan Parameters: Quick Scan

Date: 2018-12-15 17:26:36.184
Description:
Windows Defender scan has been stopped before completion.
Scan ID: {99BE178A-B859-4987-ACC8-C785A4B7F33E}
Scan Type: Antimalware
Scan Parameters: Quick Scan

Date: 2018-12-15 15:38:59.485
Description:
Windows Defender scan has been stopped before completion.
Scan ID: {D9BE8E36-1B6B-4468-AD7D-525809E67709}
Scan Type: Antimalware
Scan Parameters: Quick Scan

Date: 2018-12-14 10:56:52.509
Description:
Windows Defender scan has been stopped before completion.
Scan ID: {DA58425A-FE19-494F-939A-C151E083E41B}
Scan Type: Antimalware
Scan Parameters: Quick Scan

Date: 2018-12-14 10:51:22.445
Description:
Windows Defender scan has been stopped before completion.
Scan ID: {D9297ADF-52DD-4222-AE98-A919CC5AD424}
Scan Type: Antimalware
Scan Parameters: Quick Scan

Date: 2018-12-10 21:25:08.631
Description:
Windows Defender Real-Time Protection feature has encountered an error and failed.
Feature: Network Inspection System
Error Code: 0x80070002
Error description: The system cannot find the file specified.
Reason: The system is missing updates that are required for running Network Inspection System.  Install the required updates and restart the computer.

Date: 2018-12-08 16:32:42.126
Description:
Windows Defender has encountered an error trying to load signatures and will attempt reverting back to a known-good set of signatures.
Signatures Attempted: Current
Error Code: 0x80073aba
Error description: The resource is too old to be compatible.
Signature version: 1.155.266.0;1.155.266.0
Engine version: 1.1.9700.0

Date: 2018-12-08 15:28:46.275
Description:
Windows Defender has encountered an error trying to update the engine.
New Engine Version: 1.1.15500.2
Previous Engine Version: 1.1.9700.0
Error Code: 0x8050800c
Error description: An unexpected problem occurred. Install any available updates, then try to start the program again. For information on installing updates, see Help and Support.

Date: 2018-12-07 12:38:32.708
Description:
Windows Defender Real-Time Protection feature has encountered an error and failed.
Feature: Network Inspection System
Error Code: 0x80070002
Error description: The system cannot find the file specified.
Reason: The system is missing updates that are required for running Network Inspection System.  Install the required updates and restart the computer.

Date: 2018-12-07 08:40:40.333
Description:
Windows Defender Real-Time Protection feature has encountered an error and failed.
Feature: Network Inspection System
Error Code: 0x80070002
Error description: The system cannot find the file specified.
Reason: Antimalware protection has stopped functioning for an unknown reason. In some instances, restarting the service may resolve the problem.

CodeIntegrity:
===================================

Date: 2018-12-16 15:01:58.923
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Windows\System32\nvdlistx.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2018-12-15 15:39:05.376
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Windows\System32\nvdlistx.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2018-12-15 15:39:05.204
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Windows\System32\nvdlistx.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2018-12-14 10:50:07.683
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Windows\System32\nvdlistx.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2018-12-11 08:32:10.311
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Windows\System32\nvdlistx.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2018-12-08 10:52:10.826
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Windows\System32\nvdlistx.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2018-12-07 08:40:33.582
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Windows\System32\nvdlistx.dll that did not meet the Custom 3 / Antimalware signing level requirements.

==================== Memory info ===========================

Processor: Intel(R) Core(TM) i5-5200U CPU @ 2.20GHz
Percentage of memory in use: 27%
Total physical RAM: 12187.36 MB
Available physical RAM: 8793.08 MB
Total Virtual: 12187.36 MB
Available Virtual: 8425.36 MB

==================== Drives ================================

Drive c: (System) (Fixed) (Total:100.53 GB) (Free:47.46 GB) NTFS
Drive d: (Dane) (Fixed) (Total:131.83 GB) (Free:68.58 GB) NTFS

\\?\Volume{1fabe3ec-4883-4953-a60f-8c9889add6e5}\ (Odzyskiwanie) (Fixed) (Total:0.29 GB) (Free:0.28 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Protective MBR) (Size: 232.9 GB) (Disk ID: 00000000)

Partition: GPT.

==================== End of Addition.txt ============================
kamien8
Forumowicz
Forumowicz
 
Posty: 27
Dołączenie: 05 Lut 2010, 10:39

Re: prosba o weryfikację logów (zamarzanie kursora myszy)

Postprzez Illidan » 16 Gru 2018, 23:38

PostUA: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/71.0.3578.98 Safari/537.36


Z tego co pamietam jest bezpieczny. Reklamami sie nie martw. Uważaj podczas instlacji by nie zainstalowac nic niechcianego.
Awatar użytkownika
Illidan
Postujący
Postujący
 
Posty: 403
Dołączenie: 29 Paź 2017, 23:25
Miejscowość: Gliwice
Pochwały: 16

Re: prosba o weryfikację logów (zamarzanie kursora myszy)

Postprzez Illidan » 16 Gru 2018, 23:48

PostUA: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/71.0.3578.98 Safari/537.36


Uruchom "FRST". NA klawiaturze naciśnij jednocześnie "CTRL+Y" .Otworzy się Notatnik, wklej do niego:
Kod: Zaznacz wszystko
CHR HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <==== ATTENTION
HKU\S-1-5-21-537903363-2798869277-3563865902-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://robbo.niepokoj.com/pl
U3 iswSvc; no ImagePath
EmptyTemp:

Na klawiaturze naciśnij jednocześnie "CTRL+S". W "FRST uruchom opcję na "Fix / Napraw". po naprawie otrzymasz "Fixlog", pokaż go również na forum. nie wiem czy wdcześniej wykonałeś naprawę, bo widze te same elementy co wcześniej dałem w skrypcie. BraK także też nowego logu "Addition", tego też proszę pokaż.
Teraz widze ze pokazałeś mi stary log a nie nowy, takze skryptu nie wykonuj tylko pokaż nowe wygenerowane logi z "FRST" , czyli "FRST.txt" i "Addition.txt". Czyba że skryptu nie wykonałeś jeszcze, to wykonaj go, ale ten pierwszy i pokaż "Fixlog".
Awatar użytkownika
Illidan
Postujący
Postujący
 
Posty: 403
Dołączenie: 29 Paź 2017, 23:25
Miejscowość: Gliwice
Pochwały: 16

Re: prosba o weryfikację logów (zamarzanie kursora myszy)

Postprzez kamien8 » 17 Gru 2018, 18:43

PostUA: Mozilla/5.0 (Windows NT 6.3; Win64; x64; rv:64.0) Gecko/20100101 Firefox/64.0


FRST https://justpaste.it/222gd
Addition https://justpaste.it/1rjew

Możliwe, że przez pomyłkę wkleiłem stare logi, ale testy/czyszczenia wykonywałem na bieżąco. Podane logi już po wykonaniu kolejnego czyszczenia.

Dzięki serdeczne za pomoc.

Adam
kamien8
Forumowicz
Forumowicz
 
Posty: 27
Dołączenie: 05 Lut 2010, 10:39

Re: prosba o weryfikację logów (zamarzanie kursora myszy)

Postprzez Illidan » 18 Gru 2018, 21:28

PostUA: Mozilla/5.0 (Windows NT 6.2) AppleWebKit/537.22 (KHTML, like Gecko) Chrome/71.0.3578.98 Safari/537.22 anonymized by Abelssoft 844401209


Uruchom "FRST". NA klawiaturze naciśnij jednocześnie "CTRL+Y" .Otworzy się Notatnik, wklej do niego:
Kod: Zaznacz wszystko
CHR HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <==== ATTENTION
U3 iswSvc; no ImagePath
EmptyTemp:

Na klawiaturze naciśnij jednocześnie "CTRL+S". W "FRST uruchom opcję na "Fix / Napraw". pokaż otrzymany "fixlog", log zamieni "fixlist".
Awatar użytkownika
Illidan
Postujący
Postujący
 
Posty: 403
Dołączenie: 29 Paź 2017, 23:25
Miejscowość: Gliwice
Pochwały: 16


Powróć do Bezpieczeństwo

Kto jest na forum

Zarejestrowani użytkownicy: Bing [Bot], Google [Bot]

cron