Rezultaty skanu uzupełniającego Farbar Recovery Scan Tool (x64) Wersja: 16-02-2020 Uruchomiony przez Leszek (21-02-2020 22:30:50) Uruchomiony z C:\Users\Leszek\Desktop\Nowy folder Windows 10 Pro Wersja 1909 18363.657 (X64) (2019-07-23 20:04:56) Tryb startu: Normal ========================================================== ==================== Konta użytkowników: ============================= Administrator (S-1-5-21-3837396634-3380895019-2707598842-500 - Administrator - Disabled) ASPNET (S-1-5-21-3837396634-3380895019-2707598842-1005 - Limited - Enabled) Gość (S-1-5-21-3837396634-3380895019-2707598842-501 - Limited - Disabled) Jolanta (S-1-5-21-3837396634-3380895019-2707598842-1006 - Administrator - Enabled) => C:\Users\Jolanta Konto domyślne (S-1-5-21-3837396634-3380895019-2707598842-503 - Limited - Disabled) Leszek (S-1-5-21-3837396634-3380895019-2707598842-1003 - Administrator - Enabled) => C:\Users\Leszek WDAGUtilityAccount (S-1-5-21-3837396634-3380895019-2707598842-504 - Limited - Disabled) ==================== Centrum zabezpieczeń ======================== (Załączenie wejścia w fixlist spowoduje jego usunięcie.) AV: Avast Antivirus (Enabled - Up to date) {8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF} AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: Avast Antivirus (Enabled - Up to date) {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402} ==================== Zainstalowane programy ====================== (W fixlist dozwolone tylko załączanie programów adware z flagą "Hidden" w celu ich uwidocznienia. Programy adware powinny zostać w poprawny sposób odinstalowane.) Adobe Acrobat DC (HKLM-x32\...\{AC76BA86-1033-FFFF-7760-0C0F074E4100}) (Version: 19.010.20098 - Adobe Systems Incorporated) Adobe Flash Player 32 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 32.0.0.330 - Adobe) Adobe Lightroom Classic CC (HKLM-x32\...\LTRM_8_2_1) (Version: 8.2.1 - Adobe Systems Incorporated) Adobe Photoshop CC 2015 (HKLM-x32\...\{793C2BF7-A4FE-4608-91C9-9282C5801C21}) (Version: 16.0 - Adobe Systems Incorporated) Any Audio Converter 6.2.0 (HKLM-x32\...\Any Audio Converter) (Version: 6.2.0 - Anvsoft) ASUS PCE-AC51 Driver (HKLM-x32\...\{9DAABC60-A5EF-41FF-B2B9-17329590CD5}) (Version: 1.00.0283 - REALTEK Semiconductor Corp.) Avast Free Antivirus (HKLM-x32\...\Avast Antivirus) (Version: 19.8.2393 - AVAST Software) Boris Continuum Complete 10 OFX (64-Bit) (HKLM\...\{ADC8FE37-D602-4903-94AB-74F418850272}) (Version: 10.0.2172 - Boris FX, Inc.) Boris Continuum Complete 9 OFX for Sony (64-Bit) (HKLM\...\{3DF67BF0-17E8-4537-951C-758102AB87F7}) (Version: 9.0.2005 - Boris FX, Inc.) CCleaner (HKLM\...\CCleaner) (Version: 5.63 - Piriform) Cisco EAP-FAST Module (HKLM-x32\...\{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}) (Version: 2.2.14 - Cisco Systems, Inc.) Cisco LEAP Module (HKLM-x32\...\{AF312B06-5C5C-468E-89B3-BE6DE2645722}) (Version: 1.0.19 - Cisco Systems, Inc.) Cisco PEAP Module (HKLM-x32\...\{0A4EF0E6-A912-4CDE-A7F3-6E56E7C13A2F}) (Version: 1.1.6 - Cisco Systems, Inc.) dihav PNG to Icon Converter (HKLM-x32\...\dihav PNG to Icon Converter) (Version: 1.1 - dihav) DisplayDriverAnalyzer (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_DisplayDriverAnalyzer) (Version: 418.81 - NVIDIA Corporation) Hidden DRUKI Gofin 3.7.6.0 (HKLM-x32\...\{C8AD2CED-B627-4EF8-A7FE-209A4655427D}) (Version: 3.7.6.0 - Wydawnictwo Podatkowe GOFIN sp. z o.o.) Hidden DRUKI Gofin 3.7.6.0 (HKLM-x32\...\{fba5b303-edd2-48f4-beac-ce0ad19387e4}) (Version: 3.7.6.0 - Wydawnictwo Podatkowe GOFIN sp. z o.o.) FormatFactory (HKLM-x32\...\{B3551A57-BBFB-4964-AABE-1EAF81B1C319}) (Version: 1.55 - FormatFactory) Freemake Video Downloader (HKLM-x32\...\Freemake Video Downloader_is1) (Version: 3.8.4 - Ellora Assets Corporation) GenArts Sapphire Plug-ins 10.12 for OFX (HKLM\...\GenArts Sapphire Plug-ins for OFX_is1) (Version: 10.120 - Boris FX, Inc.) Google Chrome (HKLM-x32\...\Google Chrome) (Version: 79.0.3945.130 - Google LLC) Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.35.441 - Google LLC) Hidden HitFilm Movie Essentials Pack (HKLM\...\{32D9FFE6-D59F-49BD-AB2C-1615FC32C705}) (Version: 1.0.7910.52047 - FXHOME) HP Dropbox Plugin (HKLM-x32\...\{CFCCF841-E700-45FD-A799-3A2185A7BE29}) (Version: 36.0.191.0 - HP) HP EmailSMTP Plugin (HKLM-x32\...\{0CC55535-7DEF-4EBC-A023-56A2A48EC2E0}) (Version: 43.0.191.0 - HP) HP FTP Plugin (HKLM-x32\...\{DAAE0F05-2566-4BF5-82B9-D4B5C14D0914}) (Version: 43.0.191.0 - HP) HP Google Drive Plugin (HKLM-x32\...\{61EB6F48-6CB9-4414-884F-859A11D16C7F}) (Version: 36.0.191.0 - HP) HP LaserJet MFP M28-M31 Basic Device Software (HKLM\...\{08644094-D714-4B6E-9CEB-11433F5CBDB7}) (Version: 46.2.2636.18185 - HP Inc.) HP LaserJet MFP M28-M31 Pomoc (HKLM-x32\...\{0DF6621D-67C2-4E12-A5CF-260E985B8743}) (Version: 0.00.0005 - HP) HP OneDrive Plugin (HKLM-x32\...\{C2274413-610A-4551-BD8B-0EA5BB75AA8E}) (Version: 36.0.191.0 - HP) HP SFTP Plugin (HKLM-x32\...\{1F0191BF-E339-4192-85D9-C369CA3FE9F1}) (Version: 43.0.191.0 - HP) HP SharePoint Plugin (HKLM-x32\...\{26C89BEA-6751-4822-961E-5F0A04935874}) (Version: 43.0.191.0 - HP) I.R.I.S OCR (HKLM-x32\...\{A7B72F81-1A99-4DB0-B287-13A366D22E17}) (Version: 15.2.10.1114 - HP Inc.) Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 11.0.0.1158 - Intel Corporation) Intel® Security Assist (HKLM-x32\...\{4B230374-6475-4A73-BA6E-41015E9C5013}) (Version: 1.0.0.532 - Intel Corporation) Java 8 Update 211 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F64180211F0}) (Version: 8.0.2110.12 - Oracle Corporation) KMSpico (HKLM\...\{8B29D47F-92E2-4C20-9EE0-F710991F5D7C}_is1) (Version: - ) Magic Bullet Suite 64-bit (HKLM\...\{93488C33-D8D6-472A-83BB-F71603355CF0}) (Version: 11.1.0 - Red Giant Software) Hidden Magic Bullet Suite 64-bit (HKLM-x32\...\InstallShield_{93488C33-D8D6-472A-83BB-F71603355CF0}) (Version: 11.1.0 - Red Giant Software) MAGIX Video Pro X (HKLM\...\{A07D2540-80E2-4635-9973-297D8B04B827}) (Version: 16.0.1.236 - MAGIX Software GmbH) Hidden Malwarebytes version 4.0.4.49 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 4.0.4.49 - Malwarebytes) Microsoft Office Professional Plus 2013 (HKLM\...\Office15.PROPLUS) (Version: 15.0.4569.1506 - Microsoft Corporation) Microsoft OneDrive (HKU\.DEFAULT\...\OneDriveSetup.exe) (Version: 18.151.0729.0013 - Microsoft Corporation) Microsoft OneDrive (HKU\S-1-5-21-3837396634-3380895019-2707598842-1006\...\OneDriveSetup.exe) (Version: 19.222.1110.0006 - Microsoft Corporation) Microsoft Visio Professional 2019 - en-us (HKLM\...\VisioPro2019Retail - en-us) (Version: 16.0.12325.20298 - Microsoft Corporation) Microsoft Visio Professional 2019 - pl-pl (HKLM\...\VisioPro2019Retail - pl-pl) (Version: 16.0.12325.20298 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (HKLM\...\{350AA351-21FA-3270-8B7A-835434E766AD}) (Version: 9.0.21022 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729 (HKLM\...\{2DFD8316-9EF1-3210-908C-4CB61961C1AC}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{527BBE2F-1FED-3D8B-91CB-4DB0F838E69E}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{7f51bdb9-ee21-49ee-94d6-90afc321780e}) (Version: 12.0.21005.1 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40660 (HKLM-x32\...\{ef6b00ec-13e1-4c25-9064-b2f383cb8412}) (Version: 12.0.40660.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.40660 (HKLM-x32\...\{61087a79-ac85-455c-934d-1fa22cc64f36}) (Version: 12.0.40660.0 - Microsoft Corporation) Microsoft Visual C++ 2015-2019 Redistributable (x86) - 14.21.27702 (HKLM-x32\...\{49697869-be8e-427d-81a0-c334d1d14950}) (Version: 14.21.27702.2 - Microsoft Corporation) Microsoft Visual C++ 2017 Redistributable (x64) - 14.15.26706 (HKLM-x32\...\{95ac1cfa-f4fb-4d1b-8912-7f9d5fbb140d}) (Version: 14.15.26706.0 - Microsoft Corporation) Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation) Mozilla Firefox 72.0.2 (x64 pl) (HKLM\...\Mozilla Firefox 72.0.2 (x64 pl)) (Version: 72.0.2 - Mozilla) MP3 Toolkit 1.2.1 (HKLM-x32\...\MP3 Toolkit_is1) (Version: - MP3Toolkit.com) MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation) MSXML 4.0 SP3 Parser (KB2721691) (HKLM-x32\...\{355B5AC0-CEEE-42C5-AD4D-7F3CFD806C36}) (Version: 4.30.2114.0 - Microsoft Corporation) MyPhoneExplorer (HKLM-x32\...\MPE) (Version: 1.8.11 - F.J. Wechselberger) NAPS2 5.4.0 (HKLM-x32\...\NAPS2 (Not Another PDF Scanner 2)_is1) (Version: - Ben Olden-Cooligan) Narzędzia sprawdzające pakietu Microsoft Office 2013 — polski (HKLM\...\{90150000-001F-0415-1000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden NewBlue 3D Explosions for Windows (HKLM-x32\...\NewBlue 3D Explosions for Windows) (Version: 3.0 - NewBlue) NewBlue 3D Transformations for Windows (HKLM-x32\...\NewBlue 3D Transformations for Windows) (Version: 3.0 - NewBlue) NewBlue Art Blends for Windows (HKLM-x32\...\NewBlue Art Blends for Windows) (Version: 3.0 - NewBlue) NewBlue Art Effects for Windows (HKLM-x32\...\NewBlue Art Effects for Windows) (Version: 3.0 - NewBlue) NewBlue ColorFast for Windows (HKLM-x32\...\NewBlue ColorFast for Windows) (Version: 3.0 - NewBlue) NewBlue Film Effects for Windows (HKLM-x32\...\NewBlue Film Effects for Windows) (Version: 1.4 - NewBlue) NewBlue Filters 5 Ultimate (HKLM-x32\...\NewBlue Filters 5 Ultimate) (Version: 5.0 - NewBlue) NewBlue Flash Remover Pro for Windows (HKLM-x32\...\NewBlue Flash Remover Pro for Windows) (Version: 3.0 - NewBlue) NewBlue Light Blends for Windows (HKLM-x32\...\NewBlue Light Blends for Windows) (Version: 3.0 - NewBlue) NewBlue Light Effects for Windows (HKLM-x32\...\NewBlue Light Effects for Windows) (Version: 3.0 - NewBlue) NewBlue Motion Blends for Windows (HKLM-x32\...\NewBlue Motion Blends for Windows) (Version: 2.4 - NewBlue) NewBlue Motion Effects for Windows (HKLM-x32\...\NewBlue Motion Effects for Windows) (Version: 3.0 - NewBlue) NewBlue Paint Blends for Windows (HKLM-x32\...\NewBlue Paint Blends for Windows) (Version: 3.0 - NewBlue) NewBlue Paint Effects for Windows (HKLM-x32\...\NewBlue Paint Effects for Windows) (Version: 3.0 - NewBlue) NewBlue plug-ins bundle patch build 121206 (HKLM\...\NewBlue plug-ins bundle patch build 121206_is1) (Version: 3.0.0.0 - NewBlue Inc.) NewBlue Titler Pro (HKLM\...\Titler Pro 5.0_is1) (Version: 5.0.161114 - Team V.R) NewBlue Video Essentials for Windows (HKLM-x32\...\NewBlue Video Essentials for Windows) (Version: 3.0 - NewBlue) NewBlue Video Essentials II for Windows (HKLM-x32\...\NewBlue Video Essentials II for Windows) (Version: 3.0 - NewBlue) NewBlue Video Essentials III for Windows (HKLM-x32\...\NewBlue Video Essentials III for Windows) (Version: 3.0 - NewBlue) NewBlue Video Essentials IV for Windows (HKLM-x32\...\NewBlue Video Essentials IV for Windows) (Version: 3.0 - NewBlue) NewBlue Video Essentials V for Windows (HKLM-x32\...\NewBlue Video Essentials V for Windows) (Version: 3.0 - NewBlue) NewBlue Video Essentials VI for Windows (HKLM-x32\...\NewBlue Video Essentials VI for Windows) (Version: 3.0 - NewBlue) NVIDIA Oprogramowanie systemu PhysX 9.18.0907 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.18.0907 - NVIDIA Corporation) NVIDIA Sterownik dźwięku HD 1.3.38.16 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.38.16 - NVIDIA Corporation) NVIDIA Sterownik graficzny 432.00 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 432.00 - NVIDIA Corporation) NVIDIA Sterownik kontrolera 3D Vision 390.41 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 390.41 - NVIDIA Corporation) Obsługa programów Apple (HKLM-x32\...\{46F044A5-CE8B-4196-984E-5BD6525E361D}) (Version: 2.3.6 - Apple Inc.) Office 16 Click-to-Run Extensibility Component (HKLM\...\{90160000-008C-0000-1000-0000000FF1CE}) (Version: 16.0.12325.20288 - Microsoft Corporation) Hidden Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-007E-0000-1000-0000000FF1CE}) (Version: 16.0.12325.20298 - Microsoft Corporation) Hidden Office 16 Click-to-Run Localization Component (HKLM\...\{90160000-008C-0409-1000-0000000FF1CE}) (Version: 16.0.12325.20288 - Microsoft Corporation) Hidden Office 16 Click-to-Run Localization Component (HKLM\...\{90160000-008C-0415-1000-0000000FF1CE}) (Version: 16.0.12325.20288 - Microsoft Corporation) Hidden OpenOffice 4.1.6 (HKLM-x32\...\{F03D2388-158B-4F8A-B195-CBCA5F459197}) (Version: 4.16.9790 - Apache Software Foundation) Pakiet sterowników systemu Windows - Leaf Imaging Ltd. Image (12/03/2014 1.2.0.0) (HKLM\...\B758007C752D28F7C3542875CEEBDADCAE5941AE) (Version: 12/03/2014 1.2.0.0 - Leaf Imaging Ltd.) Pakiet sterowników systemu Windows - Phase One / Mamiya V-Grip USB Driver (12/03/2014 1.2.0.0) (HKLM\...\3F504CC0B024052107934E093CC26DA720256A7A) (Version: 12/03/2014 1.2.0.0 - Phase One / Mamiya) Pakiet sterowników systemu Windows - Phase One A/S (WinUSB) USBDevice (09/18/2017 1.14.0.0) (HKLM\...\5D536C8BAC29754ACD7E2AFB52D1C2B1EA169BE6) (Version: 09/18/2017 1.14.0.0 - Phase One A/S) Panel sterowania NVIDIA 432.00 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel) (Version: 432.00 - NVIDIA Corporation) Hidden Panopticum Engraver 1.5 for Sonic Foundry Vegas 4.0 (HKLM-x32\...\Panopticum Engraver 1.5 for Sonic Foundry Vegas 4.0_is1) (Version: - ) Photodex Presenter (HKLM-x32\...\Photodex Presenter) (Version: - Photodex Corporation) Polski pakiet językowy dla narzędzi Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - PLK) (Version: 10.0.50903 - Microsoft Corporation) Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 10.1.505.2015 - Realtek) Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7503 - Realtek Semiconductor Corp.) Realtek PCI-E Wireless LAN Driver (HKLM-x32\...\InstallShield_{70714FB7-4084-4202-A599-2D5935DECB67}) (Version: Drv_3.00.0014 - REALTEK Semiconductor Corp.) Recuva (HKLM\...\Recuva) (Version: 1.51 - Piriform) Samsung USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.61.0 - Samsung Electronics Co., Ltd.) Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{D82063A8-7C8C-4C3B-A9BB-95138CA55D26}) (Version: - Microsoft) Side 9 Screensaver (HKLM-x32\...\Side 9 Screensaver) (Version: - ) Smart View (HKLM-x32\...\{1800D8A5-F7B2-4C20-868E-1CF55CBBDF21}) (Version: 1.0.0.0 - Samsung ) Sony Channel Editor (wersja 1.2) (HKLM-x32\...\{A60B1C02-DF63-43A3-8F45-7B2C6EC065F3}_is1) (Version: 1.2 - Sony Visual Products Europe) Sony Channel Editor (wersja v1.0.1) (HKU\S-1-5-21-3837396634-3380895019-2707598842-1003\...\{5C759F8E-D094-4D62-8C5D-F7C3EF0EF49B}_is1) (Version: v1.0.1 - Sony Visual Products Europe) TeamViewer (HKLM-x32\...\TeamViewer) (Version: 15.1.3937 - TeamViewer) Total Uninstall 6 wersja 6.16.0 (HKLM\...\Total Uninstall 6_is1) (Version: 6.16.0 - ) Universe (HKLM\...\Universe_is1) (Version: 2.2.2 - Red Giant & Team V.R) Update for Skype for Business 2015 (KB4475564) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{CD0EE05F-11E6-46FA-BB7B-D2A28C47A4F3}) (Version: - Microsoft) Update for Skype for Business 2015 (KB4475564) 64-Bit Edition (HKLM\...\{90150000-00C1-0000-1000-0000000FF1CE}_Office15.PROPLUS_{CD0EE05F-11E6-46FA-BB7B-D2A28C47A4F3}) (Version: - Microsoft) Update for Skype for Business 2015 (KB4475564) 64-Bit Edition (HKLM\...\{90150000-012B-0415-1000-0000000FF1CE}_Office15.PROPLUS_{CD0EE05F-11E6-46FA-BB7B-D2A28C47A4F3}) (Version: - Microsoft) Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{F814D094-197F-43C8-87FA-3210BB780486}) (Version: 2.53.0.0 - Microsoft Corporation) Usb to Serial Driver 1.12.28 (HKLM-x32\...\{7F46E168-E0F4-45EA-81F5-80488334B609}) (Version: 1.12.28 - ) VC80CRTRedist - 8.0.50727.6195 (HKLM-x32\...\{933B4015-4618-4716-A828-5289FC03165F}) (Version: 1.2.0 - DivX, Inc) Hidden VEGAS Pro 16.0 (HKLM\...\{0D090E4F-12A2-11E9-A3DD-00155D6302F2}) (Version: 16.0.361 - VEGAS) Vuze (HKLM\...\8461-7759-5462-8226) (Version: 5.7.6.0 - Azureus Software, Inc.) Windows 10 Codec Pack 2.1.2 (HKLM-x32\...\Windows 10 - Codec Pack) (Version: 2.1.2 - Windows 10 Codec Pack) WinPcap 4.1.2 (HKLM-x32\...\WinPcapInst) (Version: 4.1.0.2001 - CACE Technologies) WinRAR 5.71 (64-bitowy) (HKLM\...\WinRAR archiver) (Version: 5.71.0 - win.rar GmbH) World of Tanks (HKLM-x32\...\World of Tanks) (Version: - ) Xvid Video Codec (HKLM-x32\...\Xvid Video Codec 1.3.5) (Version: 1.3.5 - Xvid Team) Packages: ========= Dodatek Aparat multimediów dla aplikacji Zdjęcia -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2019-12-30] (Microsoft Corporation) Dolby Access -> C:\Program Files\WindowsApps\DolbyLaboratories.DolbyAccess_3.1.4081.0_x64__rz1tebttyb220 [2020-01-29] (Dolby Laboratories) HP Smart -> C:\Program Files\WindowsApps\AD2F1837.HPPrinterControl_110.1.671.0_x64__v10z8vjag6ke6 [2020-02-06] (HP Inc.) Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-12-30] (Microsoft Corporation) [MS Ad] Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-12-30] (Microsoft Corporation) [MS Ad] Samsung Printer Experience -> C:\Program Files\WindowsApps\SAMSUNGELECTRONICSCO.LTD.SamsungPrinterExperience_1.3.15.0_x64__3c1yjt4zspk6g [2019-12-30] (Samsung Electronics Co. Ltd.) ==================== Niestandardowe rejestracje CLSID (filtrowane): ============== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) ShellIconOverlayIdentifiers: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => -> Brak pliku ShellIconOverlayIdentifiers: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => -> Brak pliku ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-10-05] (AVAST Software s.r.o. -> AVAST Software) ShellIconOverlayIdentifiers-x32: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => -> Brak pliku ShellIconOverlayIdentifiers-x32: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => -> Brak pliku ContextMenuHandlers1: [Adobe.Acrobat.ContextMenu] -> {A6595CD1-BF77-430A-A452-18696685F7C7} => C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat Elements\ContextMenuShim64.dll [2015-03-17] (Adobe Systems, Incorporated -> Adobe Systems Inc.) ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-10-05] (AVAST Software s.r.o. -> AVAST Software) ContextMenuHandlers1-x32: [MyPhoneExplorer] -> {A372C6DF-7A85-41B1-B3B0-D1E24073DCBF} => C:\Program Files (x86)\MyPhoneExplorer\DLL\ShellMgr.dll [2010-03-30] (F.J. Wechselberger) [Brak podpisu cyfrowego] ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2019-05-07] (win.rar GmbH -> Alexander Roshal) ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2019-05-07] (win.rar GmbH -> Alexander Roshal) ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-10-05] (AVAST Software s.r.o. -> AVAST Software) ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2019-06-26] (Malwarebytes Corporation -> Malwarebytes) ContextMenuHandlers4: [RecuvaShellExt] -> {435E5DF5-2510-463C-B223-BDA47006D002} => C:\Program Files\Recuva\RecuvaShell64.dll [2014-03-14] (Piriform Ltd -> Piriform Ltd) ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\system32\nvshext.dll [2019-10-02] (NVIDIA Corporation -> NVIDIA Corporation) ContextMenuHandlers6: [Adobe.Acrobat.ContextMenu] -> {A6595CD1-BF77-430A-A452-18696685F7C7} => C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat Elements\ContextMenuShim64.dll [2015-03-17] (Adobe Systems, Incorporated -> Adobe Systems Inc.) ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-10-05] (AVAST Software s.r.o. -> AVAST Software) ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2019-06-26] (Malwarebytes Corporation -> Malwarebytes) ContextMenuHandlers6: [RecuvaShellExt] -> {435E5DF5-2510-463C-B223-BDA47006D002} => C:\Program Files\Recuva\RecuvaShell64.dll [2014-03-14] (Piriform Ltd -> Piriform Ltd) ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2019-05-07] (win.rar GmbH -> Alexander Roshal) ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2019-05-07] (win.rar GmbH -> Alexander Roshal) ==================== Codecs (filtrowane) ==================== (Załączenie wejścia w fixlist spowoduje usunięcie obiektu z rejestru lub przywrócenie jego domyślnej postaci. Powiązany plik nie zostanie przeniesiony.) HKLM\...\Drivers32: [vidc.pDAD] => C:\WINDOWS\system32\prodad-codec.dll [607688 2011-02-26] (proDAD GmbH -> proDAD GmbH) HKLM\...\Drivers32: [vidc.XVID] => C:\WINDOWS\system32\xvidvfw.dll [251392 2017-12-08] () [Brak podpisu cyfrowego] HKLM\...\Drivers32: [vidc.XVID] => C:\Windows\SysWOW64\xvidvfw.dll [235520 2017-12-08] () [Brak podpisu cyfrowego] HKLM\...\Drivers32: [vidc.x264] => C:\Windows\SysWOW64\x264vfw.dll [3850240 2017-07-30] (x264vfw project) [Brak podpisu cyfrowego] HKLM\...\Drivers32: [vidc.lags] => C:\Windows\SysWOW64\lagarith.dll [230080 2016-09-21] (Cole Williams Software Limited -> ) HKLM\...\Drivers32: [msacm.divxa32] => C:\Windows\SysWOW64\DivXa32.acm [291408 2013-12-17] (Packed With Joy !) [Brak podpisu cyfrowego] ==================== Skróty & WMI ======================== ==================== Załadowane moduły (filtrowane) ============= 2015-03-17 01:34 - 2015-03-17 01:34 - 000010240 _____ () [Brak podpisu cyfrowego] C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\locale\pl_pl\AcroTray.pol 2020-02-21 21:59 - 2020-02-21 21:59 - 000016896 _____ () [Brak podpisu cyfrowego] C:\Program Files\KMSpico\WinDivert.dll 2015-03-17 01:34 - 2015-03-17 01:34 - 000013312 _____ (Adobe Systems Inc.) [Brak podpisu cyfrowego] C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\locale\pl_pl\Acrobat Elements\ContextMenuShim64.pol ==================== Alternate Data Streams (filtrowane) ======== (Załączenie wejścia w fixlist spowoduje usunięcie strumienia ADS.) AlternateDataStreams: C:\ProgramData\Reprise:jhqduwvxlctbqqijsf`usjbm`pgyjhinhqhifh [0] AlternateDataStreams: C:\ProgramData\Reprise:jhqduwvxlctbqqijsf`usjbm`pgyjhioihinfh [0] AlternateDataStreams: C:\Users\Leszek\AppData\Local\VEGAS Pro:$v3 [48] ==================== Tryb awaryjny (filtrowane) ================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Wartość "AlternateShell" zostanie przywrócona.) HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\460C6A8A.sys => ""="Driver" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\460C6A8A.sys => ""="Driver" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service" ==================== Powiązania plików (filtrowane) ================= ==================== Internet Explorer - Witryny zaufane i z ograniczeniami ========== ==================== Hosts - zawartość: ========================= (Użycie dyrektywy Hosts: w fixlist spowoduje reset pliku Hosts.) 2018-06-26 18:21 - 2019-03-02 22:22 - 000000979 _____ C:\WINDOWS\system32\drivers\etc\hosts 127.0.0.1 lmlicenses.wip4.adobe.com 127.0.0.1 lm.licenses.adobe.com 127.0.0.1 na1r.services.adobe.com 127.0.0.1 hlrcv.stage.adobe.com 127.0.0.1 practivate.adobe.com 127.0.0.1 activate.adobe.com 2019-11-09 17:43 - 2019-11-09 17:43 - 000000374 _____ C:\WINDOWS\system32\drivers\etc\hosts.ics ==================== Inne obszary =========================== (Obecnie brak automatycznej naprawy dla tej sekcji.) HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Common Files\Oracle\Java\javapath;C:\Program Files (x86)\Intel\iCLS Client\;C:\Program Files\Intel\iCLS Client\;C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem;C:\WINDOWS\System32\WindowsPowerShell\v1.0\;C:\WINDOWS\System32\OpenSSH\;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;%SYSTEMROOT%\System32\OpenSSH\;C:\Program Files (x86)\HP\Common\HPDestPlgIn\;C:\Program Files (x86)\HP\IdrsOCR_15.2.10.1114\ HKU\S-1-5-21-3837396634-3380895019-2707598842-1003\Control Panel\Desktop\\Wallpaper -> C:\WINDOWS\web\wallpaper\Windows\img0.jpg HKU\S-1-5-21-3837396634-3380895019-2707598842-1006\Control Panel\Desktop\\Wallpaper -> C:\WINDOWS\web\wallpaper\Windows\img0.jpg HKU\S-1-5-82-271721585-897601226-2024613209-625570482-296978595\Control Panel\Desktop\\Wallpaper -> C:\Windows\Web\Wallpaper\Windows\img0.jpg HKU\S-1-5-82-3006700770-424185619-1745488364-794895919-4004696415\Control Panel\Desktop\\Wallpaper -> C:\Windows\Web\Wallpaper\Windows\img0.jpg HKU\S-1-5-82-3876422241-1344743610-1729199087-774402673-2621913236\Control Panel\Desktop\\Wallpaper -> C:\Windows\Web\Wallpaper\Windows\img0.jpg DNS Servers: 62.179.1.62 - 62.179.1.63 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1) HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: Off) Zapora systemu Windows [funkcja włączona] ==================== MSCONFIG/TASK MANAGER - Wyłączone elementy == (Załączenie wejścia w fixlist spowoduje jego usunięcie.) HKLM\...\StartupApproved\StartupFolder: => "CodecPackTrayMenu.lnk" HKLM\...\StartupApproved\Run: => "SecurityHealth" HKLM\...\StartupApproved\Run: => "AdobeAAMUpdater-1.0" HKLM\...\StartupApproved\Run: => "CDAServer" HKLM\...\StartupApproved\Run: => "AdobeGCInvoker-1.0" HKLM\...\StartupApproved\Run32: => "IMSS" HKLM\...\StartupApproved\Run32: => "Acrobat Assistant 8.0" HKLM\...\StartupApproved\Run32: => "SunJavaUpdateSched" HKLM\...\StartupApproved\Run32: => "KiesTrayAgent" HKLM\...\StartupApproved\Run32: => "AdobeGCInvoker-1.0" HKLM\...\StartupApproved\Run32: => "AdobeAAMUpdater-1.0" HKLM\...\StartupApproved\Run32: => "APSDaemon" HKU\S-1-5-21-3837396634-3380895019-2707598842-1003\...\StartupApproved\StartupFolder: => "EOS Utility.lnk" HKU\S-1-5-21-3837396634-3380895019-2707598842-1003\...\StartupApproved\Run: => "OneDrive" HKU\S-1-5-21-3837396634-3380895019-2707598842-1003\...\StartupApproved\Run: => "CCleaner Monitoring" HKU\S-1-5-21-3837396634-3380895019-2707598842-1003\...\StartupApproved\Run: => "CCleaner Smart Cleaning" HKU\S-1-5-21-3837396634-3380895019-2707598842-1003\...\StartupApproved\Run: => "Codec Pack Update Checker" HKU\S-1-5-21-3837396634-3380895019-2707598842-1003\...\StartupApproved\Run: => "QMxNetworkSync" ==================== Reguły Zapory systemu Windows (filtrowane) ================ (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) FirewallRules: [SNMP-In-UDP] => (Allow) %SystemRoot%\system32\snmp.exe (Microsoft Windows -> Microsoft Corporation) FirewallRules: [SNMP-Out-UDP] => (Allow) %SystemRoot%\system32\snmp.exe (Microsoft Windows -> Microsoft Corporation) FirewallRules: [SNMP-In-UDP-NoScope] => (Allow) %SystemRoot%\system32\snmp.exe (Microsoft Windows -> Microsoft Corporation) FirewallRules: [SNMP-Out-UDP-NoScope] => (Allow) %SystemRoot%\system32\snmp.exe (Microsoft Windows -> Microsoft Corporation) FirewallRules: [UDP Query User{7F53811A-CC64-4CD3-89F8-849B2C1A1AB2}C:\program files (x86)\smart view\smart view.exe] => (Allow) C:\program files (x86)\smart view\smart view.exe () [Brak podpisu cyfrowego] FirewallRules: [TCP Query User{F8582332-FC84-433C-B2EB-3E231FCC23BE}C:\program files (x86)\smart view\smart view.exe] => (Allow) C:\program files (x86)\smart view\smart view.exe () [Brak podpisu cyfrowego] FirewallRules: [{1EF68C3C-3A24-4B0D-9EA2-31DC46949062}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform Software Ltd) FirewallRules: [{C5489CF6-D997-4E6B-ADB2-5D049F03E420}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform Software Ltd) FirewallRules: [{156B3F37-73EA-4A0D-97F9-891F5A59A981}] => (Allow) C:\Program Files\Vuze\Azureus.exe (Azureus Software, Inc. -> Azureus Software, Inc) FirewallRules: [{201CF2DB-F099-4562-96BF-6A48D9CABF59}] => (Allow) C:\Program Files\Vuze\Azureus.exe (Azureus Software, Inc. -> Azureus Software, Inc) FirewallRules: [{BC35B81D-8B23-4F48-83BA-027918A0F72B}] => (Block) %ProgramFiles% (x86)\Photodex Presenter\pxdown.exe Brak pliku FirewallRules: [{495DE143-D527-44E6-B808-9A7A7A205995}] => (Block) %ProgramFiles% (x86)\Photodex Presenter\pxplay.exe Brak pliku FirewallRules: [{6BC63890-5830-436F-B3BD-C1652D4A7086}] => (Block) %ProgramFiles% (x86)\Photodex Presenter\remove.exe Brak pliku FirewallRules: [{6A01175E-984B-4D6A-BD06-3999A2F6BC99}] => (Allow) %ProgramFiles% (x86)\Photodex Presenter\pxdown.exe Brak pliku FirewallRules: [{58A3543D-6B98-4D3F-A8B9-47C4005A01BD}] => (Block) %ProgramFiles% (x86)\Photodex Presenter\pxplay.exe Brak pliku FirewallRules: [{FB2E41A0-EBB1-4E6E-BF56-4A839FA45A2E}] => (Block) %ProgramFiles% (x86)\Photodex Presenter\remove.exe Brak pliku FirewallRules: [{5BB2E8B7-EABC-4A88-9592-9C40E4D3E3B5}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [{6334C90C-4F95-4C2A-9A20-B20DF2D939A6}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [{EBBFCDEA-7C22-47A5-8B71-B7033D926EFF}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [{685B3797-EF34-4339-BE42-7F16965203F4}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [{FBCB8EC8-8581-4714-90D9-C40A844E9738}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [{321C5ED5-5D63-467F-8146-47275219C488}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [{F8C74095-90AD-493A-BB62-557778438285}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [{4185D7FD-2F59-41AD-973A-8FCDA5E047A6}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [{59EABDAA-2F3B-4992-8822-2FA4236A457D}] => (Allow) LPort=1542 FirewallRules: [{09127DA0-3B77-4DD6-93F0-6424E3CB4CA0}] => (Allow) LPort=1542 FirewallRules: [{A0A26780-7AC7-4202-849D-7B1F66913ECA}] => (Allow) LPort=53 FirewallRules: [TCP Query User{B7F128FF-5AC1-4A59-B71B-C966E5EE7FA9}C:\program files (x86)\ikk\sql anywhere 7\win32\rteng7.exe] => (Allow) C:\program files (x86)\ikk\sql anywhere 7\win32\rteng7.exe Brak pliku FirewallRules: [UDP Query User{DCE59289-764A-47E7-A8E4-1B7B612A923A}C:\program files (x86)\ikk\sql anywhere 7\win32\rteng7.exe] => (Allow) C:\program files (x86)\ikk\sql anywhere 7\win32\rteng7.exe Brak pliku FirewallRules: [{AEE9778B-2E93-411B-A48E-DF8F6DD98FBE}] => (Allow) C:\Program Files\HP\HP LaserJet MFP M28-M31\bin\EWSProxy.exe (Hewlett Packard -> HP Inc.) FirewallRules: [{CF6031B0-70E8-46D7-98AE-9045A142CD7D}] => (Allow) C:\Program Files\HP\HP LaserJet MFP M28-M31\bin\DigitalWizards.exe (Hewlett Packard -> HP Inc.) FirewallRules: [{0FB3B8D9-1F21-492A-933C-A54F6DB85BEC}] => (Allow) C:\Program Files\HP\HP LaserJet MFP M28-M31\Bin\DeviceSetup.exe (Hewlett Packard -> HP Inc.) FirewallRules: [{8FAABF31-3127-4D15-8E82-2354D8E771A3}] => (Allow) LPort=5357 FirewallRules: [{D8FB2C4F-7237-4E31-9560-E04B14D19815}] => (Allow) C:\Program Files\HP\HP LaserJet MFP M28-M31\Bin\HPNetworkCommunicatorCom.exe (Hewlett Packard -> HP Inc.) FirewallRules: [{1A00985A-D331-4077-AE98-5F57515F80A0}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer GmbH -> TeamViewer Germany GmbH) FirewallRules: [{46C27E6E-F849-45BF-A551-F18B6BA35A59}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer GmbH -> TeamViewer Germany GmbH) FirewallRules: [{4C89922D-D405-43D0-866D-B3C54288BBCC}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer GmbH -> TeamViewer Germany GmbH) FirewallRules: [{E3992AFC-8CFB-48C3-A16F-7D1BCB15A336}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer GmbH -> TeamViewer Germany GmbH) FirewallRules: [{C4928DEA-8EFD-43E8-BB1A-FCD9C82E8F50}] => (Allow) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe (Apple Inc. -> Apple Inc.) FirewallRules: [TCP Query User{E91F33A4-9257-449F-B53B-A4637A025046}C:\program files\vegas\vegas pro 17.0\vegas170.exe] => (Allow) C:\program files\vegas\vegas pro 17.0\vegas170.exe Brak pliku FirewallRules: [UDP Query User{310A06E5-41AA-423A-B683-6A1334AE681E}C:\program files\vegas\vegas pro 17.0\vegas170.exe] => (Allow) C:\program files\vegas\vegas pro 17.0\vegas170.exe Brak pliku FirewallRules: [TCP Query User{0C24A716-F372-400C-8D07-3A41826C1BD0}C:\program files\vegas\vegas pro 16.0\vegas160.exe] => (Block) C:\program files\vegas\vegas pro 16.0\vegas160.exe (MAGIX Software GmbH -> MAGIX Computer Products Intl. Co.) FirewallRules: [UDP Query User{8EC14858-CFCA-4CE3-996C-16385A82ADE9}C:\program files\vegas\vegas pro 16.0\vegas160.exe] => (Block) C:\program files\vegas\vegas pro 16.0\vegas160.exe (MAGIX Software GmbH -> MAGIX Computer Products Intl. Co.) FirewallRules: [{7AA23A71-57B9-4B00-99F9-81D916FC9385}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC) FirewallRules: [{7420CE69-FCA9-430C-A3B2-4D47BA9423FA}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation) FirewallRules: [{F1BC6972-5448-4922-87FB-5D9FC0B8F5E7}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation) ==================== Punkty Przywracania systemu ========================= 16-02-2020 09:42:25 Removed Adobe Acrobat DC. 16-02-2020 13:15:33 Installed Adobe Acrobat DC. 16-02-2020 16:55:45 Removed Adobe Acrobat DC. 16-02-2020 17:29:03 Installed Adobe Acrobat DC. 16-02-2020 17:49:17 Removed Adobe Acrobat DC. 16-02-2020 18:04:12 Installed Adobe Acrobat DC. 16-02-2020 18:27:23 Removed Adobe Acrobat DC. 16-02-2020 19:01:54 Installed Adobe Acrobat DC. 21-02-2020 22:11:36 Removed VEGAS Pro 17.0 ==================== Wadliwe urządzenia w Menedżerze urządzeń ============ Name: Leaf Imaging Device Description: Leaf Imaging Device Class Guid: {6bdd1fc6-810f-11d0-bec7-08002be2092f} Manufacturer: Leaf Imaging Ltd. Service: scsiscan Problem: : This device cannot start. (Code10) Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device. On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard. ==================== Błędy w Dzienniku zdarzeń: ======================== Dziennik Aplikacja: ================== Error: (02/21/2020 10:10:03 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Nazwa aplikacji powodującej błąd: RuntimeBroker.exe, wersja: 10.0.18362.1, sygnatura czasowa: 0x4539d5a0 Nazwa modułu powodującego błąd: SettingsEnvironment.Desktop.dll, wersja: 10.0.18362.387, sygnatura czasowa: 0x10b406e4 Kod wyjątku: 0xc0000005 Przesunięcie błędu: 0x000000000002b605 Identyfikator procesu powodującego błąd: 0x1828 Godzina uruchomienia aplikacji powodującej błąd: 0x01d5e8f9382b14ee Ścieżka aplikacji powodującej błąd: C:\Windows\System32\RuntimeBroker.exe Ścieżka modułu powodującego błąd: C:\WINDOWS\SYSTEM32\SettingsEnvironment.Desktop.dll Identyfikator raportu: 6502db5c-356b-4b1b-88eb-57c986266e60 Pełna nazwa pakietu powodującego błąd: Microsoft.Windows.Cortana_1.13.0.18362_neutral_neutral_cw5n1h2txyewy Identyfikator aplikacji względem pakietu powodującego błąd: runtimebroker07f4358a809ac99a64a67c1 Error: (02/21/2020 10:07:19 PM) (Source: ESENT) (EventID: 455) (User: ) Description: svchost (7100,R,98) TILEREPOSITORYS-1-5-18: Wystąpił błąd -1023 (0xfffffc01) podczas otwierania pliku dziennika C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log. Error: (02/21/2020 09:39:04 AM) (Source: Application Hang) (EventID: 1002) (User: ) Description: Program MicrosoftEdge.exe w wersji 11.0.18362.628 przestał współpracować z systemem Windows i został zamknięty. Aby zobaczyć, czy jest dostępnych więcej informacji dotyczących tego problemu, sprawdź historię problemów w oknie Zabezpieczenia i konserwacja w Panelu sterowania. Identyfikator procesu: 1064 Godzina rozpoczęcia: 01d5e892544bcb45 Godzina zakończenia: 4294967295 Ścieżka aplikacji: C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe Identyfikator raportu: 3e4eea4e-3b26-42e9-8a4f-d0ad927dc42a Pełna nazwa pakietu powodującego błąd: Microsoft.MicrosoftEdge_44.18362.449.0_neutral__8wekyb3d8bbwe Identyfikator aplikacji powiązanej z pakietem powodującym błąd: MicrosoftEdge Typ zawieszenia: Quiesce Error: (02/21/2020 09:23:38 AM) (Source: ESENT) (EventID: 455) (User: ) Description: svchost (6100,R,98) TILEREPOSITORYS-1-5-18: Wystąpił błąd -1023 (0xfffffc01) podczas otwierania pliku dziennika C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log. Error: (02/19/2020 10:27:35 PM) (Source: ESENT) (EventID: 455) (User: ) Description: svchost (644,R,98) TILEREPOSITORYS-1-5-18: Wystąpił błąd -1023 (0xfffffc01) podczas otwierania pliku dziennika C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log. Error: (02/19/2020 11:41:24 AM) (Source: ESENT) (EventID: 455) (User: ) Description: svchost (4436,R,98) TILEREPOSITORYS-1-5-18: Wystąpił błąd -1023 (0xfffffc01) podczas otwierania pliku dziennika C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log. Error: (02/19/2020 09:42:32 AM) (Source: Application Error) (EventID: 1000) (User: ) Description: Nazwa aplikacji powodującej błąd: Service_KMS.exe, wersja: 15.0.1.0, sygnatura czasowa: 0x55aef299 Nazwa modułu powodującego błąd: KERNELBASE.dll, wersja: 10.0.18362.628, sygnatura czasowa: 0xf96f12ee Kod wyjątku: 0xe0434352 Przesunięcie błędu: 0x000000000003a839 Identyfikator procesu powodującego błąd: 0x1080 Godzina uruchomienia aplikacji powodującej błąd: 0x01d5e700159e0f33 Ścieżka aplikacji powodującej błąd: C:\Program Files\KMSpico\Service_KMS.exe Ścieżka modułu powodującego błąd: C:\WINDOWS\System32\KERNELBASE.dll Identyfikator raportu: 6b2eecd7-0ee7-4b58-aa4b-cd9a375aa291 Pełna nazwa pakietu powodującego błąd: Identyfikator aplikacji względem pakietu powodującego błąd: Error: (02/19/2020 09:42:20 AM) (Source: .NET Runtime) (EventID: 1026) (User: ) Description: Aplikacja: Service_KMS.exe Wersja architektury: v4.0.30319 Opis: proces został przerwany z powodu nieobsłużonego wyjątku. Informacje o wyjątku: System.IO.IOException w System.IO.__Error.WinIOError(Int32, System.String) w System.IO.FileStream.Init(System.String, System.IO.FileMode, System.IO.FileAccess, Int32, Boolean, System.IO.FileShare, Int32, System.IO.FileOptions, SECURITY_ATTRIBUTES, System.String, Boolean, Boolean, Boolean) w System.IO.FileStream..ctor(System.String, System.IO.FileMode, System.IO.FileAccess, System.IO.FileShare, Int32, System.IO.FileOptions, System.String, Boolean, Boolean, Boolean) w System.IO.File.InternalReadAllBytes(System.String, Boolean) w Service_KMS.EmbeddedAssembly.ᜀ(System.String ByRef, System.String ByRef, Service_KMS.Activador.Variables ByRef) w ប.ᜀ(Service_KMS.Activador.Variables ByRef) w ថ.ᜃ(Service_KMS.Activador.Variables ByRef, Service_KMS.Activador.HostServer ByRef) w ថ.ᜀ(Service_KMS.Activador.Variables ByRef, Service_KMS.Activador.HostServer ByRef) w ន.ᜀ(Service_KMS.Activador.Variables ByRef) w ថ.ᜊ(Service_KMS.Activador.Variables ByRef) w ៑.ᜁ() w ៑.ᜂ() w System.Threading.ExecutionContext.RunInternal(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean) w System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean) w System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object) w System.Threading.ThreadHelper.ThreadStart() Dziennik System: ============= Error: (02/21/2020 10:17:14 PM) (Source: DCOM) (EventID: 10000) (User: DESKTOP-I2BJPCT) Description: Nie można uruchomić serwera DCOM: {0358B920-0AC7-461F-98F4-58E32CD89148}. Błąd: 2147942767 Błąd wystąpił podczas uruchamiania polecenia: C:\WINDOWS\system32\DllHost.exe /Processid:{3EB3C877-1F16-487C-9050-104DBCD66683} Error: (02/21/2020 09:58:37 PM) (Source: Service Control Manager) (EventID: 7022) (User: ) Description: Usługa Intel(R) Management and Security Application Local Management Service zawiesiła się podczas uruchamiania. Error: (02/21/2020 09:53:53 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Nie można uruchomić usługi SSPORT z powodu następującego błędu: Nie można odnaleźć określonego pliku. Error: (02/21/2020 09:53:53 PM) (Source: SNMP) (EventID: 1500) (User: ) Description: The SNMP Service encountered an error while accessing the registry key SYSTEM\CurrentControlSet\Services\SNMP\Parameters\TrapConfiguration. Error: (02/21/2020 09:53:41 PM) (Source: EventLog) (EventID: 6008) (User: ) Description: Poprzednie zamknięcie systemu przy 09:37:02 na ‎21.‎02.‎2020 było nieoczekiwane. Error: (02/21/2020 09:52:46 PM) (Source: Microsoft-Windows-Kernel-Boot) (EventID: 29) (User: ZARZĄDZANIE NT) Description: 3221225684Wystąpił błąd krytyczny podczas przetwarzania danych przywracania. Error: (02/21/2020 09:37:04 AM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Nie można uruchomić usługi SSPORT z powodu następującego błędu: Nie można odnaleźć określonego pliku. Error: (02/21/2020 09:37:04 AM) (Source: SNMP) (EventID: 1500) (User: ) Description: The SNMP Service encountered an error while accessing the registry key SYSTEM\CurrentControlSet\Services\SNMP\Parameters\TrapConfiguration. Windows Defender: =================================== Date: 2020-02-21 09:04:38.885 Description: Produkt Program antywirusowy Windows Defender wykrył złośliwe oprogramowanie lub inne potencjalnie niechciane oprogramowanie. Aby uzyskać więcej informacji, zobacz: https://go.microsoft.com/fwlink/?linkid=37020&name=HackTool:Win64/AutoKMS&threatid=2147723334&enterprise=0 Nazwa: HackTool:Win64/AutoKMS Identyfikator: 2147723334 Ważność: Wysoki Kategoria: Narzędzie Ścieżka: file:_C:\Windows\SECOH-QAD.dll Pochodzenie wykrycia: Komputer lokalny Typ wykrycia: Konkretne Źródło wykrycia: Ochrona w czasie rzeczywistym Użytkownik: ZARZĄDZANIE NT\SYSTEM Nazwa procesu: C:\Program Files\KMSpico\Service_KMS.exe Wersja analizy zabezpieczeń: AV: 1.309.1271.0, AS: 1.309.1271.0, NIS: 1.309.1271.0 Wersja aparatu: AM: 1.1.16700.3, NIS: 1.1.16700.3 Date: 2020-02-19 09:46:34.641 Description: Produkt Program antywirusowy Windows Defender wykrył złośliwe oprogramowanie lub inne potencjalnie niechciane oprogramowanie. Aby uzyskać więcej informacji, zobacz: https://go.microsoft.com/fwlink/?linkid=37020&name=HackTool:Win64/AutoKMS&threatid=2147723334&enterprise=0 Nazwa: HackTool:Win64/AutoKMS Identyfikator: 2147723334 Ważność: Wysoki Kategoria: Narzędzie Ścieżka: file:_C:\Windows\SECOH-QAD.dll Pochodzenie wykrycia: Komputer lokalny Typ wykrycia: Konkretne Źródło wykrycia: System Użytkownik: ZARZĄDZANIE NT\SYSTEM Nazwa procesu: Unknown Wersja analizy zabezpieczeń: AV: 1.309.1264.0, AS: 1.309.1264.0, NIS: 1.309.1264.0 Wersja aparatu: AM: 1.1.16700.3, NIS: 1.1.16700.3 Date: 2020-02-19 09:46:34.077 Description: Produkt Program antywirusowy Windows Defender wykrył złośliwe oprogramowanie lub inne potencjalnie niechciane oprogramowanie. Aby uzyskać więcej informacji, zobacz: https://go.microsoft.com/fwlink/?linkid=37020&name=HackTool:Win64/AutoKMS&threatid=2147723334&enterprise=0 Nazwa: HackTool:Win64/AutoKMS Identyfikator: 2147723334 Ważność: Wysoki Kategoria: Narzędzie Ścieżka: file:_C:\Windows\SECOH-QAD.dll Pochodzenie wykrycia: Komputer lokalny Typ wykrycia: Konkretne Źródło wykrycia: System Użytkownik: ZARZĄDZANIE NT\SYSTEM Nazwa procesu: Unknown Wersja analizy zabezpieczeń: AV: 1.309.1264.0, AS: 1.309.1264.0, NIS: 1.309.1264.0 Wersja aparatu: AM: 1.1.16700.3, NIS: 1.1.16700.3 Date: 2020-02-19 09:42:14.050 Description: Produkt Program antywirusowy Windows Defender wykrył złośliwe oprogramowanie lub inne potencjalnie niechciane oprogramowanie. Aby uzyskać więcej informacji, zobacz: https://go.microsoft.com/fwlink/?linkid=37020&name=HackTool:Win64/AutoKMS&threatid=2147723334&enterprise=0 Nazwa: HackTool:Win64/AutoKMS Identyfikator: 2147723334 Ważność: Wysoki Kategoria: Narzędzie Ścieżka: file:_C:\Windows\SECOH-QAD.dll Pochodzenie wykrycia: Komputer lokalny Typ wykrycia: Konkretne Źródło wykrycia: Ochrona w czasie rzeczywistym Użytkownik: ZARZĄDZANIE NT\SYSTEM Nazwa procesu: C:\Program Files\KMSpico\Service_KMS.exe Wersja analizy zabezpieczeń: AV: 1.309.1264.0, AS: 1.309.1264.0, NIS: 1.309.1264.0 Wersja aparatu: AM: 1.1.16700.3, NIS: 1.1.16700.3 Date: 2020-02-17 09:18:05.557 Description: Produkt Program antywirusowy Windows Defender wykrył złośliwe oprogramowanie lub inne potencjalnie niechciane oprogramowanie. Aby uzyskać więcej informacji, zobacz: https://go.microsoft.com/fwlink/?linkid=37020&name=HackTool:Win64/AutoKMS&threatid=2147723334&enterprise=0 Nazwa: HackTool:Win64/AutoKMS Identyfikator: 2147723334 Ważność: Wysoki Kategoria: Narzędzie Ścieżka: file:_C:\Windows\SECOH-QAD.dll; file:_C:\Windows\SECOH-QAD.exe Pochodzenie wykrycia: Komputer lokalny Typ wykrycia: Konkretne Źródło wykrycia: Ochrona w czasie rzeczywistym Użytkownik: ZARZĄDZANIE NT\SYSTEM Nazwa procesu: C:\Program Files\AVAST Software\Avast\AvastSvc.exe Wersja analizy zabezpieczeń: AV: 1.309.1090.0, AS: 1.309.1090.0, NIS: 1.309.1090.0 Wersja aparatu: AM: 1.1.16700.3, NIS: 1.1.16700.3 CodeIntegrity: =================================== Date: 2020-02-21 21:57:11.790 Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MpCmdRun.exe) attempted to load \Device\HarddiskVolume2\Program Files\AVAST Software\Avast\aswAMSI.dll that did not meet the Microsoft signing level requirements. Date: 2020-02-21 21:57:11.775 Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MpCmdRun.exe) attempted to load \Device\HarddiskVolume2\Program Files\AVAST Software\Avast\aswAMSI.dll that did not meet the Microsoft signing level requirements. Date: 2020-02-21 21:57:11.760 Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MpCmdRun.exe) attempted to load \Device\HarddiskVolume2\Program Files\AVAST Software\Avast\aswAMSI.dll that did not meet the Microsoft signing level requirements. Date: 2020-02-21 21:57:11.743 Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MpCmdRun.exe) attempted to load \Device\HarddiskVolume2\Program Files\AVAST Software\Avast\aswAMSI.dll that did not meet the Microsoft signing level requirements. Date: 2020-02-21 21:57:11.726 Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MpCmdRun.exe) attempted to load \Device\HarddiskVolume2\Program Files\AVAST Software\Avast\aswAMSI.dll that did not meet the Microsoft signing level requirements. Date: 2020-02-21 21:57:11.710 Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MpCmdRun.exe) attempted to load \Device\HarddiskVolume2\Program Files\AVAST Software\Avast\aswAMSI.dll that did not meet the Microsoft signing level requirements. Date: 2020-02-21 21:57:11.693 Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MpCmdRun.exe) attempted to load \Device\HarddiskVolume2\Program Files\AVAST Software\Avast\aswAMSI.dll that did not meet the Microsoft signing level requirements. Date: 2020-02-21 21:57:11.653 Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MpCmdRun.exe) attempted to load \Device\HarddiskVolume2\Program Files\AVAST Software\Avast\aswAMSI.dll that did not meet the Microsoft signing level requirements. ==================== Statystyki pamięci =========================== BIOS: American Megatrends Inc. 1701 08/06/2014 Płyta główna: ASUSTeK COMPUTER INC. P8B75-M Procesor: Intel(R) Core(TM) i5-3330 CPU @ 3.00GHz Procent pamięci w użyciu: 54% Całkowita pamięć fizyczna: 8123.16 MB Dostępna pamięć fizyczna: 3726.81 MB Całkowita pamięć wirtualna: 10555.16 MB Dostępna pamięć wirtualna: 5441.31 MB ==================== Dyski ================================ Drive c: () (Fixed) (Total:586.16 GB) (Free:314.06 GB) NTFS Drive d: () (Fixed) (Total:344.73 GB) (Free:186.55 GB) NTFS Drive e: (cs5.5) (CDROM) (Total:4.1 GB) (Free:0 GB) CDFS \\?\Volume{24e01ace-0000-0000-0000-100000000000}\ (Zastrzeżone przez system) (Fixed) (Total:0.1 GB) (Free:0.06 GB) NTFS \\?\Volume{24e01ace-0000-0000-0000-e09092000000}\ () (Fixed) (Total:0.51 GB) (Free:0.08 GB) NTFS ==================== MBR & Tablica partycji ==================== ========================================================== Disk: 0 (MBR Code: Windows 7/8/10) (Size: 931.5 GB) (Disk ID: 24E01ACE) Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS) Partition 2: (Not Active) - (Size=586.2 GB) - (Type=07 NTFS) Partition 3: (Not Active) - (Size=527 MB) - (Type=27) Partition 4: (Not Active) - (Size=344.7 GB) - (Type=07 NTFS) ==================== Koniec Addition.txt =======================