Rezultaty skanu uzupełniającego Farbar Recovery Scan Tool (x86) Wersja: 21-11-2019 Uruchomiony przez KingTravelPc1 (22-11-2019 10:18:12) Uruchomiony z C:\Users\KingTravelPc1\Desktop Microsoft Windows 7 Home Premium Service Pack 1 (X86) (2019-03-08 10:28:33) Tryb startu: Safe Mode (with Networking) ========================================================== ==================== Konta użytkowników: ============================= Administrator (S-1-5-21-2782572504-2515528266-3654358506-500 - Administrator - Disabled) Gość (S-1-5-21-2782572504-2515528266-3654358506-501 - Limited - Enabled) HomeGroupUser$ (S-1-5-21-2782572504-2515528266-3654358506-1003 - Limited - Enabled) KingTravelPc1 (S-1-5-21-2782572504-2515528266-3654358506-1000 - Administrator - Enabled) => C:\Users\KingTravelPc1 ==================== Centrum zabezpieczeń ======================== (Załączenie wejścia w fixlist spowoduje jego usunięcie.) AV: Bitdefender Ochrona antywirusowa (Disabled - Up to date) {0E17DB7D-A20F-62CE-B95B-17DB0CDFE318} AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: Bitdefender Moduł antyszpiegowski (Disabled - Up to date) {B5763A99-8435-6D40-83EB-2CA97758A9A5} FW: Bitdefender Zapora Sieciowa (Disabled) {362C5A58-E860-6396-9204-BEEEF20CA463} ==================== Zainstalowane programy ====================== (W fixlist dozwolone tylko załączanie programów adware z flagą "Hidden" w celu ich uwidocznienia. Programy adware powinny zostać w poprawny sposób odinstalowane.) 32 Bit HP CIO Components Installer (HKLM\...\{0360D8F0-626A-4E87-8A16-938BD0BEBCC5}) (Version: 7.1.4 - Hewlett-Packard) Hidden 32 Bit HP CIO Components Installer (HKLM\...\{6553F4A8-B67F-49BA-A882-FF499C83CF4B}) (Version: 8.1.4 - Hewlett-Packard) Hidden Adobe Acrobat Reader DC - Polish (HKLM\...\{AC76BA86-7AD7-1045-7B44-AC0F074E4100}) (Version: 19.008.20071 - Adobe Systems Incorporated) Adobe AIR (HKLM\...\Adobe AIR) (Version: 28.0.0.127 - Adobe Systems Incorporated) Adobe Flash Player 32 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 32.0.0.293 - Adobe) Adobe Flash Player 32 NPAPI (HKLM\...\Adobe Flash Player NPAPI) (Version: 32.0.0.293 - Adobe) Adobe Flash Player 32 PPAPI (HKLM\...\Adobe Flash Player PPAPI) (Version: 32.0.0.293 - Adobe) Adobe Shockwave Player 12.3 (HKLM\...\Adobe Shockwave Player) (Version: 12.3.1.201 - Adobe Systems, Inc.) Bitdefender Agent (HKLM\...\Bitdefender Agent) (Version: 22.0.10.67 - Bitdefender) Bitdefender Device Management (HKLM\...\Bitdefender Device Management) (Version: 24.0.9.47 - Bitdefender) Bitdefender Total Security (HKLM\...\Bitdefender) (Version: 23.0.19.85 - Bitdefender) Broadcom NetXtreme-I Netlink Driver and Management Installer (HKLM\...\{7AA348CE-190E-416B-839E-68E33CFEB580}) (Version: 15.4.14.1 - Broadcom Corporation) D3DX10 (HKLM\...\{E09C4DB7-630C-4F06-A631-8EA7239923AF}) (Version: 15.4.2368.0902 - Microsoft) Hidden Dell KM632 Wireless Keyboard Caps Lock Indicator (HKLM\...\{55586382-6704-4237-AAA7-85FF9C055022}) (Version: 2.1.10.0604 - Dell) euroTICKET on-line Sprzedaż (HKLM\...\euroTICKET on-line "Sprzedaż"_is1) (Version: - ITSOFT) Flash Player Pro V6.0 (HKLM\...\Flash Player Pro_is1) (Version: 6.0 - FlashPlayerPro.com) Google Chrome (HKLM\...\Google Chrome) (Version: 78.0.3904.108 - Google LLC) GoTo Opener (HKLM\...\{27288E10-7B6A-4EAD-BF7D-C40F86C3C751}) (Version: 1.0.527 - LogMeIn, Inc.) GoToMeeting 10.4.1.15939 (HKU\S-1-5-21-2782572504-2515528266-3654358506-1000\...\GoToMeeting) (Version: 10.4.1.15939 - LogMeIn, Inc.) HP LaserJet 200 color M251 (HKLM\...\{6682B5C4-530A-4FB8-ACAC-80DB5CCC68DD}) (Version: 15.0.15188.1774 - Hewlett-Packard) HP LaserJet Professional M1530 MFP Series (HKLM\...\{74280B5D-A0AF-46c5-9C85-D9EA078262F1}) (Version: 15.0.15188.928 - Hewlett-Packard) HP LJ M1530 MFP Series HP Scan (HKLM\...\{C05002F1-06F8-4A15-B6F8-E4DC655C28AA}) (Version: 1.0.302.0 - Hewlett-Packard Co.) HP Update (HKLM\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard) HPDXP (HKLM\...\{6BA4598F-9ECC-453D-B6F7-ABAEEFA35561}) (Version: 3.0.26.12 - HP) Hidden HPLaserJet200color-M251_HelpLearnCenter_SI (HKLM\...\{DDEBEA89-2B5A-4E5B-8702-369882BB3F52}) (Version: 1.01.0000 - Hewlett-Packard) HPLaserJetHelp_LearnCenter (HKLM\...\{B2AA0F22-E167-4C4A-BAE2-E0025028E61B}) (Version: 1.02.0000 - Hewlett-Packard) HPLJDXPHelper (HKLM\...\{010788AB-706E-4604-A46B-6785EAB64B5E}) (Version: 140.069.007 - HP) Hidden HPLJUTCore (HKLM\...\{B445502B-2F83-4873-90F1-06059F71A46A}) (Version: 014.000.0001 - HP) Hidden HPLJUTM251 (HKLM\...\{663A3950-CA55-4541-8B46-646BD548641D}) (Version: 3.00.0003 - HP) Hidden hppFaxDrvM1530 (HKLM\...\{E34509E5-FF1D-48EB-807F-D8E24D1AA2B0}) (Version: 004.000.00001 - Hewlett-Packard) Hidden hppLaserJetService (HKLM\...\{0C4C3664-157A-4D69-B474-31EBF2EE1AE3}) (Version: 009.033.00926 - Hewlett-Packard) Hidden hppM1530LaserJetService (HKLM\...\{A1D53426-D6F3-4886-A72B-E1A8C82259E9}) (Version: 001.008.00477 - Hewlett-Packard) Hidden hppM251LaserJetService (HKLM\...\{09C0DA15-AB94-43BC-9B02-57DF3FEB469F}) (Version: 001.019.00639 - Hewlett-Packard) Hidden hppSendFaxM1530 (HKLM\...\{A340E04F-6152-4058-B5BD-A202C2B30EF1}) (Version: 004.000.00001 - Hewlett-Packard) Hidden hppTLBXFXM1530 (HKLM\...\{9112FEA9-0F64-453C-BEA5-9A782F87EDAA}) (Version: 001.012.00948 - Hewlett-Packard) Hidden hpStatusAlerts (HKLM\...\{E35D0ED5-716B-4E1F-8477-54DD746DF527}) (Version: 140.040.00231 - Hewlett Packard) Hidden hpStatusAlertsM251 (HKLM\...\{A1EF28FB-74A8-4157-91E9-9C164CAB10F8}) (Version: 050.034.00131 - Hewlett-Packard) Hidden I.R.I.S. OCR (HKLM\...\{F20A04CF-5BE6-404A-9295-D59046238245}) (Version: 12.3.6.6 - HP) Intel(R) Management Engine Components (HKLM\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.5.14.1724 - Intel Corporation) Intel(R) Network Connections Drivers (HKLM\...\PROSet) (Version: 18.5 - Intel) Intel(R) Processor Graphics (HKLM\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.4425 - Intel Corporation) Intel(R) PROSet/Wireless for Bluetooth(R) + High Speed (HKLM\...\{37EC048A-81A2-452A-8D1F-3BE2018E767D}) (Version: 15.1.0.0096 - Intel Corporation) Intel(R) USB 3.0 eXtensible Host Controller Driver (HKLM\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 1.0.8.251 - Intel Corporation) IRIS.plus 2019.47.391 (HKLM\...\5670-2018-4747-5322) (Version: 2019.47.391 - TUI) Java 8 Update 231 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F32180231F0}) (Version: 8.0.2310.11 - Oracle Corporation) Junk Mail filter update (HKLM\...\{400C31E4-796F-4E86-8FDC-C3C4FACC6847}) (Version: 16.4.3505.0912 - Microsoft Corporation) Hidden LJDXPHelperUI (HKLM\...\{DEB23FB1-04FF-44AC-98B5-EEB243D65A28}) (Version: 140.069.007 - HP) Hidden Malwarebytes version 4.0.4.49 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 4.0.4.49 - Malwarebytes) Microsoft .NET Framework 4.8 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.8.03761 - Microsoft Corporation) Microsoft .NET Framework 4.8 (Polski) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1045) (Version: 4.8.03761 - Microsoft Corporation) Microsoft Office 365 ProPlus - pl-pl (HKLM\...\O365ProPlusRetail - pl-pl) (Version: 16.0.12130.20344 - Microsoft Corporation) Microsoft Office File Validation Add-In (HKLM\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation) Microsoft OneDrive (HKU\S-1-5-21-2782572504-2515528266-3654358506-1000\...\OneDriveSetup.exe) (Version: 19.174.0902.0013 - Microsoft Corporation) Microsoft ReportViewer 2010 Redistributable (HKLM\...\{C19B3EB6-B54C-3204-A4DF-88432E0C79F7}) (Version: 10.0.30319 - Microsoft Corporation) Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50918.0 - Microsoft Corporation) Microsoft Teams (HKU\S-1-5-21-2782572504-2515528266-3654358506-1000\...\Teams) (Version: 1.2.00.22654 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation) Office 16 Click-to-Run Extensibility Component (HKLM\...\{90160000-008C-0000-0000-0000000FF1CE}) (Version: 16.0.12130.20344 - Microsoft Corporation) Hidden Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-007E-0000-0000-0000000FF1CE}) (Version: 16.0.12130.20344 - Microsoft Corporation) Hidden Office 16 Click-to-Run Localization Component (HKLM\...\{90160000-008C-0415-0000-0000000FF1CE}) (Version: 16.0.12130.20344 - Microsoft Corporation) Hidden Oprogramowanie Intel® PROSet/Wireless WiFi (HKLM\...\{54EB8041-1115-4406-AA4B-44D236E84B3B}) (Version: 15.01.1000.0927 - Intel Corporation) Poczta usługi Windows Live (HKLM\...\{4E55905B-849D-4633-9267-3EC77E24221A}) (Version: 16.4.3505.0912 - Microsoft Corporation) Hidden Podstawowe programy Windows Live (HKLM\...\{A7E73DE5-E5FD-4923-9D88-E09ECD1F3545}) (Version: 16.4.3505.0912 - Microsoft Corporation) Hidden Podstawowe programy Windows Live (HKLM\...\WinLiveSuite) (Version: 16.4.3505.0912 - Microsoft Corporation) Realtek High Definition Audio Driver (HKLM\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.5922 - Realtek Semiconductor Corp.) Realtek PCIE Card Reader (HKLM\...\{C1594429-8296-4652-BF54-9DBE4932A44C}) (Version: 6.1.7601.86 - Realtek Semiconductor Corp.) Skype™ 7.3 (HKLM\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.3.101 - Skype Technologies S.A.) swMSM (HKLM\...\{612C34C7-5E90-47D8-9B5C-0F717DD82726}) (Version: 12.0.0.1 - Adobe Systems, Inc) Hidden Teams Machine-Wide Installer (HKLM\...\{39AF0813-FA7B-4860-ADBE-93B9B214B914}) (Version: 1.2.0.22654 - Microsoft Corporation) ToolboxProxy (HKLM\...\{B64E0B43-A452-4B25-93DD-E5C6645A534A}) (Version: 035.024.006 - HP) Hidden VirtualCloneDrive (HKLM\...\VirtualCloneDrive) (Version: - Elaborate Bytes) Voyager Agent (HKLM\...\{B3997A6F-DAD1-4EFC-AF70-79D46CAA4C88}) (Version: 6.05.0072 - Voyager.com sp. z o.o.) Voyager.com - BUS Manager (HKLM\...\{96B22773-51F0-4E1C-BF2B-6D3A61B9D0E3}) (Version: 4.10.0053 - Voyager.com) WinRAR 5.11 (32-bitowy) (HKLM\...\WinRAR archiver) (Version: 5.11.0 - win.rar GmbH) ==================== Niestandardowe rejestracje CLSID (filtrowane): ============== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) CustomCLSID: HKU\S-1-5-21-2782572504-2515528266-3654358506-1000_Classes\CLSID\{19A6E644-14E6-4A60-B8D7-DD20610A871D}\InprocServer32 -> C:\Users\KingTravelPc1\AppData\Local\Microsoft\TeamsMeetingAddin\1.0.19178.2\x86\Microsoft.Teams.AddinLoader.dll (Microsoft Corporation -> Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-2782572504-2515528266-3654358506-1000_Classes\CLSID\{53B5243F-8302-4DAD-BE8F-1D0665E8225E}\InprocServer32 -> C:\Program Files\HP\Common\FWUpdateEDO3.dll (Hewlett-Packard Company -> Hewlett-Packard Company) CustomCLSID: HKU\S-1-5-21-2782572504-2515528266-3654358506-1000_Classes\CLSID\{820D63D5-8CFF-46DE-86AF-4997DEDD6DB5}\localserver32 -> C:\Windows\system32\igfxEM.exe (Intel Corporation - pGFX -> Intel Corporation) CustomCLSID: HKU\S-1-5-21-2782572504-2515528266-3654358506-1000_Classes\CLSID\{84B5A313-CD5D-4904-8BA2-AFDC81C1B309}\InprocServer32 -> C:\Users\KingTravelPc1\AppData\Local\GoToMeeting\13761\G2MOutlookAddin.dll => Brak pliku CustomCLSID: HKU\S-1-5-21-2782572504-2515528266-3654358506-1000_Classes\CLSID\{CB965DF1-B8EA-49C7-BDAD-5457FDC1BF92}\InprocServer32 -> C:\Users\KingTravelPc1\AppData\Local\Microsoft\TeamsMeetingAddin\1.0.19178.2\x86\Microsoft.Teams.AddinLoader.dll (Microsoft Corporation -> Microsoft Corporation) ContextMenuHandlers1: [WinRAR] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2014-09-02] (win.rar GmbH -> Alexander Roshal) ContextMenuHandlers2: [VirtualCloneDrive] -> {B7056B8E-4F99-44f8-8CBD-282390FE5428} => C:\Program Files\Elaborate Bytes\VirtualCloneDrive\ElbyVCDShell.dll [2008-11-20] (Elaborate Bytes AG -> Elaborate Bytes AG) ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2019-11-22] (Malwarebytes Corporation -> Malwarebytes) ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> Brak pliku ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\Windows\system32\igfxDTCM.dll [2016-06-15] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation) ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2019-11-22] (Malwarebytes Corporation -> Malwarebytes) ContextMenuHandlers6: [WinRAR] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2014-09-02] (win.rar GmbH -> Alexander Roshal) ==================== Codecs (filtrowane) ==================== ==================== Skróty & WMI ======================== (Wybrane wejścia mogą zostać załączone w celu ich zresetowania lub usunięcia.) WMI:subscription\__FilterToConsumerBinding->CommandLineEventConsumer.Name=\"BVTConsumer\"",Filter="__EventFilter.Name=\"BVTFilter\":: WMI:subscription\__EventFilter->BVTFilter::[Query => SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99] WMI:subscription\CommandLineEventConsumer->BVTConsumer::[CommandLineTemplate => cscript KernCap.vbs][WorkingDirectory => C:\\tools\\kernrate] ==================== Załadowane moduły (filtrowane) ============= ==================== Alternate Data Streams (filtrowane) ======== ==================== Tryb awaryjny (filtrowane) ================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Wartość "AlternateShell" zostanie przywrócona.) HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mbamchameleon => ""="Driver" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMSwissArmy => ""="Driver" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mbamchameleon => ""="Driver" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMSwissArmy => ""="Driver" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Option => "OptionValue"="2" ==================== Powiązania plików (filtrowane) ================= ==================== Internet Explorer - Witryny zaufane i z ograniczeniami ========== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru.) IE trusted site: HKU\S-1-5-21-2782572504-2515528266-3654358506-1000\...\sharepoint.com -> hxxps://uinedu-files.sharepoint.com ==================== Hosts - zawartość: ========================= (Użycie dyrektywy Hosts: w fixlist spowoduje reset pliku Hosts.) 2009-07-14 03:04 - 2019-11-22 09:57 - 000000000 _____ C:\Windows\system32\drivers\etc\hosts ==================== Inne obszary =========================== (Obecnie brak automatycznej naprawy dla tej sekcji.) HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files\Common Files\Oracle\Java\javapath;C:\ProgramData\Oracle\Java\javapath;C:\Program Files\Common Files\Microsoft Shared\Windows Live;C:\Program Files\Intel\iCLS Client\;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files\Skype\Phone\;C:\Program Files\Windows Live\Shared;C:\Program Files\Intel\WiFi\bin\;C:\Program Files\Common Files\Intel\WirelessCommon\ HKU\S-1-5-21-2782572504-2515528266-3654358506-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\KingTravelPc1\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg DNS Servers: 192.168.1.1 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1) Zapora systemu Windows [funkcja wyłączona] ==================== MSCONFIG/TASK MANAGER - Wyłączone elementy == (Załączenie wejścia w fixlist spowoduje jego usunięcie.) MSCONFIG\Services: BDAuxSrv => 2 MSCONFIG\Services: bdredline => 2 MSCONFIG\Services: LMIRescue_916846a9-8527-d17f-e47d-2830ca3c16e9 => 2 MSCONFIG\Services: UPDATESRV => 2 MSCONFIG\Services: VSSERV => 2 MSCONFIG\startupreg: com.squirrel.Teams.Teams => C:\Users\KingTravelPc1\AppData\Local\Microsoft\Teams\Update.exe --processStart "Teams.exe" --process-start-args "--system-initiated" MSCONFIG\startupreg: IntelPROSet => "C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe" /tf Intel PROSet/Wireless MSCONFIG\startupreg: Skype => "C:\Program Files\Skype\Phone\Skype.exe" /minimized /regrun MSCONFIG\startupreg: StatusAlerts => "C:\Program Files\HP\StatusAlerts\bin\HPStatusAlerts.exe" /enum:on /alerts:on /notifications:on /fl:on /fr:on /appData:on /tmcp:on MSCONFIG\startupreg: TeamsMachineInstaller => %ProgramFiles%\Teams Installer\Teams.exe --checkInstall --source=PROPLUS MSCONFIG\startupreg: VirtualCloneDrive => "C:\Program Files\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe" /s ==================== Reguły Zapory systemu Windows (filtrowane) ================ (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) FirewallRules: [{C0C7C0D2-D9AB-49FF-96E5-665948E87907}] => (Allow) C:\Program Files\HP\HP LaserJet 200 color M251\bin\EWSProxy.exe (Hewlett Packard -> Hewlett-Packard Co.) FirewallRules: [{AF613EAC-E401-4E8A-AE3F-7F86D8DEF9DF}] => (Allow) C:\Program Files\HP\HP LaserJet 200 color M251\Bin\HPNetworkCommunicator.exe (Hewlett Packard -> Hewlett-Packard Co.) FirewallRules: [{C876D0C8-0354-434E-854F-451EB3EB7494}] => (Allow) C:\Users\KingTravelPc1\AppData\Local\Temp\7zS1E10\HPDiagnosticCoreUI.exe Brak pliku FirewallRules: [{BD426DD6-1D7C-494F-AF10-04FA7030BF35}] => (Allow) C:\Users\KingTravelPc1\AppData\Local\Temp\7zS1E10\HPDiagnosticCoreUI.exe Brak pliku FirewallRules: [{CFE28938-F549-4B00-85DE-678A4CD306B4}] => (Allow) C:\Users\KingTravelPc1\AppData\Local\Temp\7zS16BE\HPDiagnosticCoreUI.exe Brak pliku FirewallRules: [{CCD72B1A-C4A0-4C15-99B1-D77C9A13D45A}] => (Allow) C:\Users\KingTravelPc1\AppData\Local\Temp\7zS16BE\HPDiagnosticCoreUI.exe Brak pliku FirewallRules: [{4B150AE0-9E5B-42C7-B3EA-D61FDF4EB9C6}] => (Allow) C:\HP_LaserJet_Professional_M1530_MFP_Series\Installer\hpbcsiInstaller.exe (Hewlett-Packard Company -> Hewlett-Packard Company) FirewallRules: [{2ADAE06F-8271-40BF-9FD5-E07688A2F0B5}] => (Allow) C:\HP_LaserJet_Professional_M1530_MFP_Series\Installer\hpbcsiInstaller.exe (Hewlett-Packard Company -> Hewlett-Packard Company) FirewallRules: [{2465DBB1-F0D4-44ED-82A1-4405CDB40AF4}] => (Allow) C:\Users\KingTravelPc1\AppData\Local\Temp\7zS1EE7\HPDiagnosticCoreUI.exe Brak pliku FirewallRules: [{D692CBB0-504F-4A08-96A2-0E43B5A3CD95}] => (Allow) C:\Users\KingTravelPc1\AppData\Local\Temp\7zS1EE7\HPDiagnosticCoreUI.exe Brak pliku FirewallRules: [{66D261DA-2C11-49BF-8664-EA4A3429BFF7}] => (Allow) C:\Users\KingTravelPc1\AppData\Local\Temp\7zS1CF7\HPDiagnosticCoreUI.exe Brak pliku FirewallRules: [{E0868C64-E3B0-4C37-A942-23FB8FAC8004}] => (Allow) C:\Users\KingTravelPc1\AppData\Local\Temp\7zS1CF7\HPDiagnosticCoreUI.exe Brak pliku FirewallRules: [{C3A16F3F-4A5C-4CBB-8752-1BD8B5D76E8E}] => (Allow) C:\Users\KingTravelPc1\AppData\Local\Temp\7zS7AF2\HPDiagnosticCoreUI.exe Brak pliku FirewallRules: [{FCD35E71-0894-4C52-8128-DEB1BF3E0874}] => (Allow) C:\Users\KingTravelPc1\AppData\Local\Temp\7zS7AF2\HPDiagnosticCoreUI.exe Brak pliku FirewallRules: [{FA164E7C-A0BD-45F5-BC94-8C2780972DB9}] => (Allow) C:\Users\KingTravelPc1\AppData\Local\Temp\7zS7A6F\HPDiagnosticCoreUI.exe Brak pliku FirewallRules: [{B0F47C05-F179-4245-B261-1B3A7A44B755}] => (Allow) C:\Users\KingTravelPc1\AppData\Local\Temp\7zS7A6F\HPDiagnosticCoreUI.exe Brak pliku FirewallRules: [UDP Query User{302B0295-350F-4E27-AFD5-F9B54C37303E}C:\windows\explorer.exe] => (Allow) C:\windows\explorer.exe (Microsoft Windows -> Microsoft Corporation) FirewallRules: [TCP Query User{6110BB28-3415-4A9E-8F65-D35B73096FD7}C:\windows\explorer.exe] => (Allow) C:\windows\explorer.exe (Microsoft Windows -> Microsoft Corporation) FirewallRules: [{280286AC-0AC6-436A-8097-B9C09A4CCF76}] => (Allow) C:\Users\KingTravelPc1\AppData\Local\Temp\7zS6625\HPDiagnosticCoreUI.exe Brak pliku FirewallRules: [{4D4B6745-D48B-4032-87D8-A54361CB5477}] => (Allow) C:\Users\KingTravelPc1\AppData\Local\Temp\7zS6625\HPDiagnosticCoreUI.exe Brak pliku FirewallRules: [{CD608E1A-158F-4397-B2A9-37FED090DD90}] => (Allow) C:\Users\KingTravelPc1\AppData\Local\Temp\7zS0C30\HPDiagnosticCoreUI.exe Brak pliku FirewallRules: [{47D0095C-A78B-46D7-A39D-F3D83E6B2C89}] => (Allow) C:\Users\KingTravelPc1\AppData\Local\Temp\7zS0C30\HPDiagnosticCoreUI.exe Brak pliku FirewallRules: [{26F1D596-8993-4011-946B-2CA784D31050}] => (Allow) C:\Users\KingTravelPc1\AppData\Local\Temp\7zS6706\HPDiagnosticCoreUI.exe Brak pliku FirewallRules: [{49BAA371-95E4-4AF2-9E05-803165DF0229}] => (Allow) C:\Users\KingTravelPc1\AppData\Local\Temp\7zS6706\HPDiagnosticCoreUI.exe Brak pliku FirewallRules: [{310999C8-70D3-4594-B699-82E4A0A3F705}] => (Allow) C:\Users\KingTravelPc1\AppData\Local\Temp\7zS58CC\HPDiagnosticCoreUI.exe Brak pliku FirewallRules: [{827DD780-64A7-4A55-A8AD-3D26AECCCCCD}] => (Allow) C:\Users\KingTravelPc1\AppData\Local\Temp\7zS58CC\HPDiagnosticCoreUI.exe Brak pliku FirewallRules: [{56360C47-82AD-480B-9F15-EC65902C0719}] => (Allow) C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe (Intel Corporation-Mobile Wireless Group -> ) FirewallRules: [{DE51C0D6-D8E3-4B40-9CF7-FE773B127704}] => (Allow) LPort=1900 FirewallRules: [{CAA3730F-3001-4B5E-8546-FE1BE18E26AD}] => (Allow) LPort=2869 FirewallRules: [{FA8E88A7-97C6-4B60-8A63-C2BAA8ECA6D0}] => (Allow) C:\Program Files\Windows Live\Contacts\wlcomm.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [{4E0A377F-0CA4-4114-BDB6-33ABFB1D4EC4}] => (Allow) C:\Program Files\Skype\Phone\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.) FirewallRules: [{EC61D432-5B47-4B95-A681-CC7BD11CEFC0}] => (Allow) C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [{15116442-686E-453E-9117-28629DEE620C}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [{1EA70ADB-B154-41F9-8374-F8208F40ED1C}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [{A3F71CBF-3B39-4AB8-8F82-50ABF03BA770}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [{C0D7AC16-AA59-4AFE-9952-69C76999D1DD}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [{A8412B74-E7F1-4531-B21F-36A012EE0506}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [{01B88499-EB11-4241-82C0-CE029EBF07CE}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC) ==================== Punkty Przywracania systemu ========================= 22-11-2019 08:19:25 Windows Update 22-11-2019 08:52:09 Removed Adobe Acrobat Reader DC - Polish. ==================== Wadliwe urządzenia w Menedżerze urządzeń ============ Name: Intel(R) Centrino(R) Advanced-N 6235 Description: Intel(R) Centrino(R) Advanced-N 6235 Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318} Manufacturer: Intel Corporation Service: NETwNs32 Problem: : This device is disabled. (Code 22) Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions. Name: Security Processor Loader Driver Description: Security Processor Loader Driver Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1} Manufacturer: Service: spldr Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24) Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed. Devices stay in this state if they have been prepared for removal. After you remove the device, this error disappears.Remove the device, and this error should be resolved. ==================== Błędy w Dzienniku zdarzeń: ======================== Dziennik Aplikacja: ================== Error: (11/22/2019 10:17:25 AM) (Source: WinMgmt) (EventID: 10) (User: ) Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected. Error: (11/22/2019 10:07:02 AM) (Source: Application Error) (EventID: 1000) (User: ) Description: Nazwa aplikacji powodującej błąd: mscorsvw.exe, wersja: 4.8.3761.0, sygnatura czasowa: 0x5c9c6e6c Nazwa modułu powodującego błąd: mscorwks.dll, wersja: 2.0.50727.8806, sygnatura czasowa: 0x5c9c4f7a Kod wyjątku: 0xc0000005 Przesunięcie błędu: 0x0000ecd1 Identyfikator procesu powodującego błąd: 0x16f8 Godzina uruchomienia aplikacji powodującej błąd: 0x01d5a11433f47473 Ścieżka aplikacji powodującej błąd: C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe Ścieżka modułu powodującego błąd: C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorwks.dll Identyfikator raportu: 71ade035-0d07-11ea-bc17-c8f733c98e42 Error: (11/22/2019 10:06:52 AM) (Source: Application Error) (EventID: 1000) (User: ) Description: Nazwa aplikacji powodującej błąd: mscorsvw.exe, wersja: 4.8.3761.0, sygnatura czasowa: 0x5c9c6e6c Nazwa modułu powodującego błąd: mscorwks.dll, wersja: 2.0.50727.8806, sygnatura czasowa: 0x5c9c4f7a Kod wyjątku: 0xc0000005 Przesunięcie błędu: 0x0000ecd1 Identyfikator procesu powodującego błąd: 0xbbc Godzina uruchomienia aplikacji powodującej błąd: 0x01d5a1142d784bdb Ścieżka aplikacji powodującej błąd: C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe Ścieżka modułu powodującego błąd: C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorwks.dll Identyfikator raportu: 6bca4e2a-0d07-11ea-bc17-c8f733c98e42 Error: (11/22/2019 08:57:23 AM) (Source: WinMgmt) (EventID: 10) (User: ) Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected. Error: (11/22/2019 08:43:45 AM) (Source: WinMgmt) (EventID: 10) (User: ) Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected. Error: (11/22/2019 08:30:40 AM) (Source: WinMgmt) (EventID: 10) (User: ) Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected. Error: (11/22/2019 08:09:52 AM) (Source: WinMgmt) (EventID: 10) (User: ) Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected. Error: (11/21/2019 12:36:56 PM) (Source: WinMgmt) (EventID: 10) (User: ) Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected. Dziennik System: ============= Error: (11/22/2019 10:17:29 AM) (Source: DCOM) (EventID: 10005) (User: ) Description: Model DCOM odebrał błąd 1084 podczas próby uruchomienia usługi VSS z argumentami w celu uruchomienia serwera: {E579AB5F-1CC4-44B4-BED9-DE0991FF0623} Error: (11/22/2019 10:17:10 AM) (Source: DCOM) (EventID: 10005) (User: ) Description: Model DCOM odebrał błąd 1068 podczas próby uruchomienia usługi fdPHost z argumentami w celu uruchomienia serwera: {D3DCB472-7261-43CE-924B-0704BD730D5F} Error: (11/22/2019 10:17:10 AM) (Source: DCOM) (EventID: 10005) (User: ) Description: Model DCOM odebrał błąd 1068 podczas próby uruchomienia usługi fdPHost z argumentami w celu uruchomienia serwera: {145B4335-FE2A-4927-A040-7C35AD3180EF} Error: (11/22/2019 10:16:58 AM) (Source: DCOM) (EventID: 10005) (User: ) Description: Model DCOM odebrał błąd 1068 podczas próby uruchomienia usługi stisvc z argumentami w celu uruchomienia serwera: {A1F4E726-8CF1-11D1-BF92-0060081ED811} Error: (11/22/2019 10:15:53 AM) (Source: DCOM) (EventID: 10005) (User: ) Description: Model DCOM odebrał błąd 1084 podczas próby uruchomienia usługi WSearch z argumentami w celu uruchomienia serwera: {7D096C5F-AC08-4F1F-BEB7-5C22C517CE39} Error: (11/22/2019 10:15:53 AM) (Source: DCOM) (EventID: 10005) (User: ) Description: Model DCOM odebrał błąd 1084 podczas próby uruchomienia usługi WSearch z argumentami w celu uruchomienia serwera: {9E175B6D-F52A-11D8-B9A5-505054503030} Error: (11/22/2019 10:15:52 AM) (Source: DCOM) (EventID: 10005) (User: ) Description: Model DCOM odebrał błąd 1084 podczas próby uruchomienia usługi EventSystem z argumentami w celu uruchomienia serwera: {1BE1F766-5536-11D1-B726-00C04FB926AF} Error: (11/22/2019 10:15:49 AM) (Source: Service Control Manager) (EventID: 7001) (User: ) Description: Usługa Przeglądarka komputera zależy od usługi Serwer, której nie można uruchomić z powodu następującego błędu: Uruchomienie usługi zależności lub grupy nie powiodło się. ==================== Statystyki pamięci =========================== BIOS: Dell Inc. A21 05/09/2017 Płyta główna: Dell Inc. 0CRWCR Procesor: Intel(R) Core(TM) i7-3770S CPU @ 3.10GHz Procent pamięci w użyciu: 36% Całkowita pamięć fizyczna: 3485.22 MB Dostępna pamięć fizyczna: 2227.32 MB Całkowita pamięć wirtualna: 6968.81 MB Dostępna pamięć wirtualna: 5751.27 MB ==================== Dyski ================================ Drive c: () (Fixed) (Total:111.69 GB) (Free:23.8 GB) NTFS \\?\Volume{b5fdefc3-e7e3-11e7-b8ad-806e6f6e6963}\ (Zastrzeżone przez system) (Fixed) (Total:0.1 GB) (Free:0.07 GB) NTFS ==================== MBR & Tablica partycji ==================== ========================================================== Disk: 0 (MBR Code: Windows 7/8/10) (Size: 111.8 GB) (Disk ID: 1E04F7F4) Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS) Partition 2: (Not Active) - (Size=111.7 GB) - (Type=07 NTFS) ==================== Koniec Addition.txt =======================