Rezultaty skanu uzupełniającego Farbar Recovery Scan Tool (x64) Wersja: 08-08-2020 Uruchomiony przez WITOLD (08-08-2020 09:50:02) Uruchomiony z C:\Users\WITOLD\Downloads Windows 10 Pro Wersja 1909 18363.997 (X64) (2019-10-18 15:57:24) Tryb startu: Normal ========================================================== ==================== Konta użytkowników: ============================= Administrator (S-1-5-21-2771967570-345177714-4192126267-500 - Administrator - Disabled) Gość (S-1-5-21-2771967570-345177714-4192126267-501 - Limited - Disabled) Konto domyślne (S-1-5-21-2771967570-345177714-4192126267-503 - Limited - Disabled) WDAGUtilityAccount (S-1-5-21-2771967570-345177714-4192126267-504 - Limited - Disabled) WITOLD (S-1-5-21-2771967570-345177714-4192126267-1001 - Administrator - Enabled) => C:\Users\WITOLD ==================== Centrum zabezpieczeń ======================== (Załączenie wejścia w fixlist spowoduje jego usunięcie.) AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} ==================== Zainstalowane programy ====================== (W fixlist dozwolone tylko załączanie programów adware z flagą "Hidden" w celu ich uwidocznienia. Programy adware powinny zostać w poprawny sposób odinstalowane.) µTorrent (HKU\S-1-5-21-2771967570-345177714-4192126267-1001\...\uTorrent) (Version: 3.5.5.45704 - BitTorrent Inc.) 7-Zip 19.00 (x64) (HKLM\...\7-Zip) (Version: 19.00 - Igor Pavlov) ABBYY FineReader 12 Professional (HKLM-x32\...\{F12000FE-0001-0000-0000-074957833700}) (Version: 12.1.733 - ABBYY Production LLC) ASUS Xonar DX Audio (HKLM-x32\...\{71B53BA8-4BE3-49AF-BC3E-07F392008788}) (Version: - ASUSTeK Computer Inc.) Avast SecureLine VPN (HKLM\...\%V_PRODUCT_UNINSTALL_REG_KEY%) (Version: 5.6.4971.434 - Avast Software) Avast SecureLine VPN (HKLM\...\Avast SecureLine) (Version: 5.6.4982.470 - Avast Software) Battlefield 4™ (HKLM-x32\...\{ABADE36E-EC37-413B-8179-B432AD3FACE7}) (Version: 1.8.2.48475 - Electronic Arts) Battlefield™ 1 (HKLM-x32\...\{335B50BC-6130-4BAF-9A6A-F1561270587B}) (Version: 1.0.57.44284 - Electronic Arts) Battlelog Web Plugins (HKLM-x32\...\Battlelog Web Plugins) (Version: 2.3.0 - EA Digital Illusions CE AB) BetterHash (HKLM-x32\...\BH1_is1) (Version: 3.147.0.97 - Innovative Solutions) CCleaner (HKLM\...\CCleaner) (Version: 5.63 - Piriform) Combined Community Codec Pack 64bit 2015-10-18 (HKLM\...\Combined Community Codec Pack 64bit_is1) (Version: 2015.10.19.0 - CCCP Project) Comodo IceDragon (HKLM-x32\...\Comodo IceDragon) (Version: 65.0.2.15 - COMODO) DirectX Media Runtime 5.1 (HKLM-x32\...\DirectXMediaRuntime) (Version: - ) e-pity 11.1.6 za rok 2019 (HKLM-x32\...\{80D8170E-5590-218-B9ED-E24E4C99A11D}_is1) (Version: 11.1.6 - e-file sp. z o.o. sp.k.) ESN Sonar (HKLM-x32\...\ESN Sonar-0.70.4) (Version: 0.70.4 - ESN Social Software AB) Futuremark SystemInfo (HKLM-x32\...\{D22F5556-1049-4406-B8FD-AE7721679179}) (Version: 5.25.802.0 - Futuremark) Glary Tracks Eraser 5.0.1.167 (HKLM-x32\...\Glary Tracks Eraser) (Version: 5.0.1.167 - Glarysoft Ltd) Google Chrome (HKLM-x32\...\Google Chrome) (Version: 84.0.4147.105 - Google LLC) Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.35.451 - Google LLC) Hidden Hamster Free Ovulation Calendar 0.0.0.3 (HKLM-x32\...\Hamster Free Ovulation Calendar_is1) (Version: 0.0.0.3 - Hamster Soft) i-Menu version 4.3.6 (HKLM-x32\...\{0121C0BD-363C-4B1D-8B64-FE7681A37D0A}_is1) (Version: 4.3.6 - AOC) ImgDrive (HKLM\...\ImgDrive) (Version: 1.7.2 - Yubsoft) IVONA 2 (HKLM-x32\...\IVONA 2) (Version: 1.6.63 - IVONA Software Sp. z o.o.) IVONA ControlCenter (HKLM-x32\...\IVONA ControlCenter) (Version: 1.1.10 - IVONA Software Sp. z o.o.) IVONA MiniReader (HKLM-x32\...\IVONA MiniReader) (Version: - IVONA Software Sp. z o.o.) IVONA Reader (HKLM-x32\...\IVONA Reader) (Version: - IVONA Software Sp. z o.o.) Java 8 Update 261 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F64180261F0}) (Version: 8.0.2610.12 - Oracle Corporation) KZCash Core (64-bit) (HKU\S-1-5-21-2771967570-345177714-4192126267-1001\...\KZCash Core (64-bit)) (Version: 0.1.9 - KZCash Core project) Malwarebytes version 4.0.4.49 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 4.0.4.49 - Malwarebytes) Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 84.0.522.52 - Microsoft Corporation) Microsoft Edge Update (HKLM-x32\...\Microsoft Edge Update) (Version: 1.3.133.5 - ) Microsoft Office 2016 dla Użytkowników Domowych i Uczniów - pl-pl (HKLM\...\HomeStudentRetail - pl-pl) (Version: 16.0.13001.20384 - Microsoft Corporation) Microsoft SQL Server Compact 3.5 SP1 English (HKLM-x32\...\{E59113EB-0285-4BFD-A37A-B79EAC6B8F4B}) (Version: 3.5.5692.0 - Microsoft Corporation) Microsoft Teams (HKU\S-1-5-21-2771967570-345177714-4192126267-1001\...\Teams) (Version: 1.3.00.13565 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM-x32\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation) Microsoft Visual C++ 2017 Redistributable (x64) - 14.16.27027 (HKLM-x32\...\{fd9b6070-d13e-45dc-819b-41806bf45b6b}) (Version: 14.16.27027.1 - Microsoft Corporation) Microsoft XNA Framework Redistributable 4.0 Refresh (HKLM-x32\...\{D69C8EDE-BBC5-436B-8E0E-C5A6D311CF4F}) (Version: 4.0.30901.0 - Microsoft Corporation) MSI Afterburner 4.6.1 (HKLM-x32\...\Afterburner) (Version: 4.6.1 - MSI Co., LTD) NVIDIA Oprogramowanie systemu PhysX 9.19.0218 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.19.0218 - NVIDIA Corporation) NVIDIA Sterownik dźwięku HD 1.3.38.21 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.38.21 - NVIDIA Corporation) NVIDIA Sterownik graficzny 441.08 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 441.08 - NVIDIA Corporation) NVIDIA USBC Driver 1.38.831.832 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_USBC) (Version: 1.38.831.832 - NVIDIA Corporation) OCR Additional Europe East Languages Pack for PDF XChange products (HKLM\...\{C3514E73-27BD-4239-A3D2-61F3884F1154}_is1) (Version: - Tracker software) Office 16 Click-to-Run Extensibility Component (HKLM\...\{90160000-008C-0000-1000-0000000FF1CE}) (Version: 16.0.13001.20144 - Microsoft Corporation) Hidden Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-007E-0000-1000-0000000FF1CE}) (Version: 16.0.13001.20384 - Microsoft Corporation) Hidden Office 16 Click-to-Run Localization Component (HKLM\...\{90160000-008C-0415-1000-0000000FF1CE}) (Version: 16.0.13001.20144 - Microsoft Corporation) Hidden OpenAL (HKLM-x32\...\OpenAL) (Version: - ) Origin (HKLM-x32\...\Origin) (Version: 10.5.79.42672 - Electronic Arts, Inc.) Panel sterowania NVIDIA 441.08 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel) (Version: 441.08 - NVIDIA Corporation) Hidden PDF-Viewer (HKLM\...\{A278382D-4F1B-4D47-9885-8523F7261E8D}_is1) (Version: 2.5.322.10 - Tracker Software Products Ltd) Q-Typing 1.3 (HKLM-x32\...\Q-Typing 1.3_is1) (Version: - Q-Typing) Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 10.35.510.2019 - Realtek) RivaTuner Statistics Server 7.2.3 (HKLM-x32\...\RTSS) (Version: 7.2.3 - Unwinder) Shockwave (HKLM-x32\...\Shockwave) (Version: - ) Sniper Ghost Warrior Contracts (HKU\S-1-5-21-2771967570-345177714-4192126267-1001\...\Sniper Ghost Warrior Contracts) (Version: - HOODLUM) Sp5 (HKLM-x32\...\{560F47F7-EB23-44B1-AAFC-667F1CD8FE5C}) (Version: 5.1.4324.0 - Microsoft) Hidden Sp5Intl (HKLM-x32\...\{FD4B33E1-24AE-4535-AA7B-162B30FB57CD}) (Version: 5.1.4324.0 - Microsoft) Hidden Sp5TTInt (HKLM-x32\...\{E415C943-37E5-473F-8BAE-043C56734124}) (Version: 5.1.4324.0 - Microsoft) Hidden SpCommon (HKLM-x32\...\{6C3959C6-943E-44B3-BAAD-570B04B134E5}) (Version: 5.1.4324.0 - Microsoft) Hidden Speech2Go Voice Package (HKLM-x32\...\Speech2Go Voice Package_is1) (Version: - Harpo) SpPhones (HKLM-x32\...\{4DFF1415-4C29-44A8-BFD4-2BCE249C4991}) (Version: 6.0.3122.0 - Microsoft) Hidden Stamina 2.5 (HKLM-x32\...\Stamina) (Version: - ) Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation) TAP-Windows 9.21.2 (HKLM\...\TAP-Windows) (Version: 9.21.2 - ) TeamViewer (HKLM-x32\...\TeamViewer) (Version: 15.8.3 - TeamViewer) Terminator Resistance (HKU\S-1-5-21-2771967570-345177714-4192126267-1001\...\Terminator Resistance) (Version: - HOODLUM) The Beast Inside (HKLM-x32\...\The Beast Inside_is1) (Version: - ) Titanfall™ 2 (HKLM-x32\...\{4BD80373-FEE7-45B6-8249-6E8E98717405}) (Version: 1.0.1.3 - Electronic Arts, Inc.) Ultra Defragmenter (HKLM-x32\...\UltraDefrag) (Version: 6.1.2 - UltraDefrag Development Team) Winamp (HKLM-x32\...\Winamp) (Version: 5.8 - Winamp SA) Packages: ========= Messenger -> C:\Program Files\WindowsApps\FACEBOOK.317180B0BB486_620.8.119.0_x64__8xx8rvfyw5nnt [2020-07-29] (Facebook Inc) [Startup Task] Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-10-19] (Microsoft Corporation) [MS Ad] Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-10-19] (Microsoft Corporation) [MS Ad] MSN Weather -> C:\Program Files\WindowsApps\Microsoft.BingWeather_4.36.20714.0_x64__8wekyb3d8bbwe [2020-03-25] (Microsoft Corporation) [MS Ad] My Fertility Calendar -> C:\Program Files\WindowsApps\infotechniqueScheidegger.MyFertilityCalendar_1.0.0.3_neutral__t1856m03s423y [2020-06-22] (infotechnique, Scheidegger) Ovulation Calc -> C:\Program Files\WindowsApps\23740CodeCreators.ca.OvulationCalc_1.0.0.1_neutral__6mfwecr1e4j6a [2020-06-22] (CodeCreators.ca) PDF Reader - View, Edit, Annotate -> C:\Program Files\WindowsApps\5E8FC25E.XODODOCS_4.2.6.0_x64__3v3sf0k6w2rec [2019-12-20] (Xodo Technologies Inc.) Period Calendar Deluxe -> C:\Program Files\WindowsApps\49682CheesecakeApp.PeriodCalendarDeluxe_3.0.0.0_x64__mqm7wc256ze72 [2020-06-03] (Cheesecake App) Photos Add-on -> C:\Program Files\WindowsApps\Microsoft.Windows.Photos.DLC.Main_2017.39121.36610.0_x64__8wekyb3d8bbwe [2020-01-30] (Microsoft Corporation) Photos Media Engine Add-on -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2020-01-30] (Microsoft Corporation) ==================== Niestandardowe rejestracje CLSID (filtrowane): ============== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) CustomCLSID: HKU\S-1-5-21-2771967570-345177714-4192126267-1001_Classes\CLSID\{19A6E644-14E6-4A60-B8D7-DD20610A871D}\InprocServer32 -> C:\Users\WITOLD\AppData\Local\Microsoft\TeamsMeetingAddin\1.0.20091.2\x64\Microsoft.Teams.AddinLoader.dll (Microsoft Corporation -> Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-2771967570-345177714-4192126267-1001_Classes\CLSID\{B63A74FE-EB22-632F-CA9E-8F4766AAE6D9}\InprocServer32 -> C:\Windows\system32\ole32.dll (Microsoft Windows -> Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-2771967570-345177714-4192126267-1001_Classes\CLSID\{CB965DF1-B8EA-49C7-BDAD-5457FDC1BF92}\InprocServer32 -> C:\Users\WITOLD\AppData\Local\Microsoft\TeamsMeetingAddin\1.0.20091.2\x64\Microsoft.Teams.AddinLoader.dll (Microsoft Corporation -> Microsoft Corporation) ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> Brak pliku ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2019-02-21] (Igor Pavlov) [Brak podpisu cyfrowego] ContextMenuHandlers1: [FineReader12ContextMenu] -> {55344AC6-630B-430C-B292-C7BE21F90061} => C:\Program Files (x86)\ABBYY FineReader 12\FRIntegration.x64.dll [2018-07-27] (ABBYY Production LLC -> ABBYY Production LLC.) ContextMenuHandlers1: [ImgDrive] -> {3FADB8BC-DD3E-434F-A503-F6FFCF414E1D} => C:\Program Files\ImgDrive\ImgDrive.dll [2018-08-12] (Beijing Yubei Information Technology Co., Ltd -> Yubsoft) ContextMenuHandlers2: [ImgDrive] -> {3FADB8BC-DD3E-434F-A503-F6FFCF414E1D} => C:\Program Files\ImgDrive\ImgDrive.dll [2018-08-12] (Beijing Yubei Information Technology Co., Ltd -> Yubsoft) ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2019-11-14] (Malwarebytes Corporation -> Malwarebytes) ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2019-02-21] (Igor Pavlov) [Brak podpisu cyfrowego] ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\Windows\system32\nvshext.dll [2019-10-22] (NVIDIA Corporation -> NVIDIA Corporation) ContextMenuHandlers6: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2019-02-21] (Igor Pavlov) [Brak podpisu cyfrowego] ContextMenuHandlers6: [FineReader12ContextMenu] -> {55344AC6-630B-430C-B292-C7BE21F90061} => C:\Program Files (x86)\ABBYY FineReader 12\FRIntegration.x64.dll [2018-07-27] (ABBYY Production LLC -> ABBYY Production LLC.) ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2019-11-14] (Malwarebytes Corporation -> Malwarebytes) ==================== Codecs (filtrowane) ==================== (Załączenie wejścia w fixlist spowoduje usunięcie obiektu z rejestru lub przywrócenie jego domyślnej postaci. Powiązany plik nie zostanie przeniesiony.) HKLM\...\Drivers32: [VIDC.RTV1] => C:\Windows\system32\rtvcvfw64.dll [246272 2012-09-28] () [Brak podpisu cyfrowego] HKLM\...\Drivers32: [VIDC.RTV1] => C:\Windows\SysWOW64\rtvcvfw32.dll [247296 2012-09-28] () [Brak podpisu cyfrowego] ==================== Skróty & WMI ======================== ==================== Załadowane moduły (filtrowane) ============= 2013-09-25 11:21 - 2013-09-25 11:21 - 001773568 _____ () [Brak podpisu cyfrowego] C:\Program Files (x86)\IVONA\IVONA 2 Voice\Qt_4_6_3_1\x86\QtCoreIVONA4.dll 2013-09-25 11:34 - 2013-09-25 11:34 - 006694912 _____ () [Brak podpisu cyfrowego] C:\Program Files (x86)\IVONA\IVONA 2 Voice\Qt_4_6_3_1\x86\QtGuiIVONA4.dll 2013-09-25 14:26 - 2013-09-25 14:26 - 000025600 _____ () [Brak podpisu cyfrowego] C:\Program Files (x86)\IVONA\IVONA 2 Voice\Qt_4_6_3_1\x86\QtSolutions_MFCMigrationFramework-2.8_IVONA.dll 2012-08-30 10:46 - 2012-08-30 10:46 - 000025600 _____ () [Brak podpisu cyfrowego] C:\Program Files (x86)\IVONA\IVONA Reader\IvonaIntegration.dll 2019-10-18 18:52 - 2016-03-30 11:04 - 000438269 _____ () [Brak podpisu cyfrowego] C:\Program Files (x86)\Speech2Go Voice Package\x86\libexpat-1.dll 2019-10-18 18:52 - 2014-12-24 15:26 - 000474449 _____ () [Brak podpisu cyfrowego] C:\Program Files (x86)\Speech2Go Voice Package\x86\libgcc_s_sjlj-1.dll 2019-10-18 18:52 - 2016-03-29 15:13 - 000048419 _____ () [Brak podpisu cyfrowego] C:\Program Files (x86)\Speech2Go Voice Package\x86\libmman.dll 2019-10-18 18:52 - 2016-03-29 18:23 - 000674590 _____ () [Brak podpisu cyfrowego] C:\Program Files (x86)\Speech2Go Voice Package\x86\libpcre-1.dll 2019-10-18 18:52 - 2016-03-29 18:23 - 000091061 _____ () [Brak podpisu cyfrowego] C:\Program Files (x86)\Speech2Go Voice Package\x86\libpcrecpp-0.dll 2019-10-18 18:52 - 2014-12-24 15:26 - 006645014 _____ () [Brak podpisu cyfrowego] C:\Program Files (x86)\Speech2Go Voice Package\x86\libstdc++-6.dll 2019-10-18 18:52 - 2016-08-22 18:56 - 000826571 _____ () [Brak podpisu cyfrowego] C:\Program Files (x86)\Speech2Go Voice Package\x86\ve_tools.dll 2019-10-22 03:30 - 2019-10-22 03:30 - 000143360 ____N () [Brak podpisu cyfrowego] C:\Program Files\ASUS Xonar DX Audio\Customapp\VmixP8.dll 2019-10-22 03:30 - 2019-10-22 03:30 - 000430080 ____N (C-Media Electronics Inc.) [Brak podpisu cyfrowego] C:\Program Files\ASUS Xonar DX Audio\CustomApp\cmdevice.dll 2019-10-18 18:20 - 2019-10-22 03:30 - 000122880 ____N (C-Media Electronics Inc.) [Brak podpisu cyfrowego] C:\Windows\System\HsSrv64.dll 2011-11-28 13:51 - 2011-11-28 13:51 - 000393216 _____ (hxxp://www.id3lib.org/) [Brak podpisu cyfrowego] C:\Program Files (x86)\IVONA\IVONA Reader\id3lib.dll 2012-08-30 10:43 - 2012-08-30 10:43 - 000110592 _____ (IVONA Software Sp. z o.o.) [Brak podpisu cyfrowego] C:\Program Files (x86)\IVONA\IVONA Reader\CommCompat.dll 2012-08-30 10:42 - 2012-08-30 10:42 - 002347008 _____ (IVONA Software Sp. z o.o.) [Brak podpisu cyfrowego] C:\Program Files (x86)\IVONA\IVONA Reader\lang\polish.dll 2019-10-18 18:34 - 2019-10-18 18:34 - 001093120 _____ (Microsoft Corporation) [Brak podpisu cyfrowego] C:\Windows\WinSxS\x86_microsoft.vc80.mfc_1fc8b3b9a1e18e3b_8.0.50727.6195_none_cbf5e994470a1a8f\MFC80U.DLL 2019-10-18 18:34 - 2019-10-18 18:34 - 000057344 _____ (Microsoft Corporation) [Brak podpisu cyfrowego] C:\Windows\WinSxS\x86_microsoft.vc80.mfcloc_1fc8b3b9a1e18e3b_8.0.50727.6195_none_03ce2c72205943d3\MFC80ENU.DLL 2019-10-18 18:52 - 2014-12-24 14:17 - 000053651 _____ (MingW-W64 Project. All rights reserved.) [Brak podpisu cyfrowego] C:\Program Files (x86)\Speech2Go Voice Package\x86\libwinpthread-1.dll 2019-11-15 23:27 - 2020-03-16 15:05 - 001282048 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [Brak podpisu cyfrowego] C:\Program Files (x86)\Origin\LIBEAY32.dll 2019-11-15 23:27 - 2020-03-16 15:06 - 000279040 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [Brak podpisu cyfrowego] C:\Program Files (x86)\Origin\ssleay32.dll 2019-11-15 23:27 - 2020-02-23 13:40 - 001611264 _____ (The Qt Company Ltd) [Brak podpisu cyfrowego] C:\Program Files (x86)\Origin\platforms\qwindows.dll 2020-08-06 22:41 - 2020-02-23 13:40 - 005487104 _____ (The Qt Company Ltd) [Brak podpisu cyfrowego] C:\Program Files (x86)\Origin\Qt5Core.dll 2020-08-06 22:41 - 2020-02-23 13:40 - 005841920 _____ (The Qt Company Ltd) [Brak podpisu cyfrowego] C:\Program Files (x86)\Origin\Qt5Gui.dll 2020-08-06 22:41 - 2020-02-23 13:40 - 001179136 _____ (The Qt Company Ltd) [Brak podpisu cyfrowego] C:\Program Files (x86)\Origin\Qt5Network.dll 2020-08-06 22:41 - 2020-02-23 13:40 - 000146432 _____ (The Qt Company Ltd) [Brak podpisu cyfrowego] C:\Program Files (x86)\Origin\Qt5WebSockets.dll 2020-08-06 22:41 - 2020-02-23 13:40 - 005089792 _____ (The Qt Company Ltd) [Brak podpisu cyfrowego] C:\Program Files (x86)\Origin\Qt5Widgets.dll 2020-08-06 22:41 - 2020-02-23 13:40 - 000184832 _____ (The Qt Company Ltd) [Brak podpisu cyfrowego] C:\Program Files (x86)\Origin\Qt5Xml.dll ==================== Alternate Data Streams (filtrowane) ======== ==================== Tryb awaryjny (filtrowane) ================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Wartość "AlternateShell" zostanie przywrócona.) HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service" ==================== Powiązania plików (filtrowane) ================= ==================== Internet Explorer - Witryny zaufane i z ograniczeniami ========== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru.) IE trusted site: HKU\S-1-5-21-2771967570-345177714-4192126267-1001\...\localhost -> localhost ==================== Hosts - zawartość: ========================= (Użycie dyrektywy Hosts: w fixlist spowoduje reset pliku Hosts.) 2019-03-19 06:49 - 2020-07-28 16:31 - 000000822 _____ C:\Windows\system32\drivers\etc\hosts 127.0.0.1 localhost ==================== Inne obszary =========================== (Obecnie brak automatycznej naprawy dla tej sekcji.) HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Common Files\Oracle\Java\javapath;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Windows\System32\OpenSSH\;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common HKU\S-1-5-21-2771967570-345177714-4192126267-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\WITOLD\Pictures\download (3).jpg DNS Servers: 192.168.1.1 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1) HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: ) Zapora systemu Windows [funkcja włączona] ==================== MSCONFIG/TASK MANAGER - Wyłączone elementy == (Załączenie wejścia w fixlist spowoduje jego usunięcie.) HKU\S-1-5-21-2771967570-345177714-4192126267-1001\...\StartupApproved\Run: => "Steam" HKU\S-1-5-21-2771967570-345177714-4192126267-1001\...\StartupApproved\Run: => "CCleaner Smart Cleaning" ==================== Reguły Zapory systemu Windows (filtrowane) ================ (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) FirewallRules: [{4B3CBB55-51AC-49E9-BEB6-C957B63004E2}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation) FirewallRules: [{E4575466-F5D6-4D2A-AF02-5B02B1173393}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation) FirewallRules: [{2B856810-FEB8-4031-B4C5-AB6F335B0A4C}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation) FirewallRules: [{A354817A-D979-4301-B905-3D4ECF957A86}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation) FirewallRules: [{9E48216A-8293-49FE-BEB0-EFF7843DDE80}] => (Allow) C:\Program Files (x86)\Winamp\winamp.exe (Winamp SA -> Winamp SA) FirewallRules: [{0AF38B70-56F9-4008-ACA6-48555CB4F491}] => (Allow) C:\Program Files (x86)\Winamp\winamp.exe (Winamp SA -> Winamp SA) FirewallRules: [{7C082E41-C620-4682-AB1A-A8582EFBFBCE}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe (Even Balance, Inc. -> ) FirewallRules: [{CA06D149-7D9D-4A60-B6BB-E97787649B92}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe (Even Balance, Inc. -> ) FirewallRules: [{0A18A679-6125-4915-87F3-92B872EEDEC9}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe (Even Balance, Inc. -> ) FirewallRules: [{8D4093C3-11C5-4D54-A565-3910AE204C9D}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe (Even Balance, Inc. -> ) FirewallRules: [{B1A5181C-6361-467B-A3E0-13EBFC90CC86}] => (Allow) C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\SonarHost.exe (Electronic Sports Network i Sverige AB -> ESN Social Software AB) FirewallRules: [{CFE2A695-6A52-4FE0-8241-632004718143}] => (Allow) C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\SonarHost.exe (Electronic Sports Network i Sverige AB -> ESN Social Software AB) FirewallRules: [{9D246F31-372F-497D-8ABC-DAC1CDA8EAD4}] => (Allow) LPort=25664 FirewallRules: [{9A3C0113-700A-4EB1-BADB-20D6AB577C7A}] => (Allow) LPort=25664 FirewallRules: [{87360888-AA69-4EA1-803A-C992DB2541F2}] => (Allow) LPort=26811 FirewallRules: [{5B97C6B6-2E86-4A5C-9288-9718E77E7C43}] => (Allow) LPort=26811 FirewallRules: [{28BAD91C-788D-43A3-AE0C-E3FEE62FB52F}] => (Allow) C:\Users\WITOLD\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc -> BitTorrent Inc.) FirewallRules: [{8A00D17F-57AE-459C-A003-2B93D43D9DAB}] => (Allow) C:\Users\WITOLD\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc -> BitTorrent Inc.) FirewallRules: [{8A4DF50E-FCB9-4F56-A7C0-3FAB602F273C}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH) FirewallRules: [{4D0CCF40-C2C8-4DD7-8A21-39C56F01C7A3}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH) FirewallRules: [{FAAF4A54-E190-4402-970E-6A2028889BE9}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH) FirewallRules: [{CFEB6005-8DDC-4231-A851-7182DE19235C}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH) FirewallRules: [{6445A7FC-D491-41CE-88A8-4AB89B4290B6}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC) FirewallRules: [{56CF19DB-BA7F-4815-A61F-F120F95F2C1E}] => (Allow) E:\SteamLibrary\steamapps\common\Bulletstorm Full Clip Edition\Binaries\Win64\StormGame-Win64-Shipping.exe => Brak pliku FirewallRules: [{1FF2FA7B-01D3-40B6-91C4-AAEFF919266F}] => (Allow) E:\SteamLibrary\steamapps\common\Bulletstorm Full Clip Edition\Binaries\Win64\StormGame-Win64-Shipping.exe => Brak pliku FirewallRules: [{BF9E010C-24D3-48EC-8DF2-EA027BB3D118}] => (Allow) C:\Program Files (x86)\BetterHash\Cores\xmrig-cpu\xmrig.exe (www.xmrig.com) [Brak podpisu cyfrowego] FirewallRules: [{D255ED16-29A3-4544-A048-5C0B0FA8ACF3}] => (Allow) C:\Program Files (x86)\BetterHash\Cores\xmrig-cpu\xmrig.exe (www.xmrig.com) [Brak podpisu cyfrowego] FirewallRules: [{B95E03CA-9654-474F-ACA9-092A09BBF75A}] => (Allow) C:\Program Files (x86)\BetterHash\Cores\equihash\powercore-main-g.exe () [Brak podpisu cyfrowego] FirewallRules: [{626604AA-5DB7-4908-85B5-7CC944804D48}] => (Allow) C:\Program Files (x86)\BetterHash\Cores\equihash\powercore-main-g.exe () [Brak podpisu cyfrowego] FirewallRules: [{1B28F0F5-F8F7-434A-A35C-31F6134CE2F3}] => (Allow) C:\Program Files (x86)\BetterHash\Cores\claymore-dual\EthDcrMiner64.exe () [Brak podpisu cyfrowego] FirewallRules: [{2685FD24-8819-4CB3-BB7A-7BE5D6ECDB87}] => (Allow) C:\Program Files (x86)\BetterHash\Cores\claymore-dual\EthDcrMiner64.exe () [Brak podpisu cyfrowego] FirewallRules: [{0CC263A2-0FFD-4FFF-AD92-84B55F9C73B0}] => (Allow) C:\Program Files (x86)\BetterHash\Cores\ewbf\miner.exe () [Brak podpisu cyfrowego] FirewallRules: [{396985F2-2841-417C-8627-4796B402EA6D}] => (Allow) C:\Program Files (x86)\BetterHash\Cores\ewbf\miner.exe () [Brak podpisu cyfrowego] FirewallRules: [{F8177539-2C61-42BF-AEAA-416AF2EEDA06}] => (Allow) C:\Program Files (x86)\BetterHash\Cores\xmrig-amd\xmrig-amd.exe (www.xmrig.com) [Brak podpisu cyfrowego] FirewallRules: [{E463A20B-1F51-4E4C-92AE-0139764A9217}] => (Allow) C:\Program Files (x86)\BetterHash\Cores\xmrig-amd\xmrig-amd.exe (www.xmrig.com) [Brak podpisu cyfrowego] FirewallRules: [{6DE36113-743C-4B47-B8B2-4BB5E6BC61F6}] => (Allow) C:\Program Files (x86)\BetterHash\Cores\ccminer-cryptonight-x64\ccminer-cryptonight.exe () [Brak podpisu cyfrowego] FirewallRules: [{C23A20F6-57FB-4763-B34C-21BA7134E863}] => (Allow) C:\Program Files (x86)\BetterHash\Cores\ccminer-cryptonight-x64\ccminer-cryptonight.exe () [Brak podpisu cyfrowego] FirewallRules: [{CD4E8EC3-589D-4EBB-ABDF-E443451A394F}] => (Allow) C:\Program Files (x86)\BetterHash\Cores\claymore-dual-etc\EthDcrMiner64Etc.exe () [Brak podpisu cyfrowego] FirewallRules: [{658CDF89-727E-42E0-A9BD-FC11C50000E1}] => (Allow) C:\Program Files (x86)\BetterHash\Cores\claymore-dual-etc\EthDcrMiner64Etc.exe () [Brak podpisu cyfrowego] FirewallRules: [{4AB541CB-F85B-4A80-9894-57E108F233A2}] => (Allow) C:\Program Files (x86)\BetterHash\Cores\d3-dash\scpd3.exe () [Brak podpisu cyfrowego] FirewallRules: [{B74B39A7-3868-4439-9B5A-D8A22B897013}] => (Allow) C:\Program Files (x86)\BetterHash\Cores\d3-dash\scpd3.exe () [Brak podpisu cyfrowego] FirewallRules: [{62274802-97D6-42AA-9362-73E16E53F240}] => (Allow) C:\Program Files (x86)\BetterHash\Cores\z9-zcash\scpz9.exe () [Brak podpisu cyfrowego] FirewallRules: [{BA8F3DDA-FFC4-4340-BED5-C771793ED953}] => (Allow) C:\Program Files (x86)\BetterHash\Cores\z9-zcash\scpz9.exe () [Brak podpisu cyfrowego] FirewallRules: [{254CFDA6-7B7C-48DA-A0F8-0B76129815AD}] => (Allow) C:\Program Files (x86)\BetterHash\Cores\gminer-zhash\gminer-zh.exe () [Brak podpisu cyfrowego] FirewallRules: [{6A3DAE64-F60E-4A75-8169-FACDEB5A06CB}] => (Allow) C:\Program Files (x86)\BetterHash\Cores\gminer-zhash\gminer-zh.exe () [Brak podpisu cyfrowego] FirewallRules: [{507AB8C2-72CD-41B3-B10D-4501B89D9FBC}] => (Allow) C:\Program Files (x86)\BetterHash\Cores\lol\lolMiner.exe () [Brak podpisu cyfrowego] FirewallRules: [{E78A951D-0EB2-4FEF-8B43-59FFFC8D8907}] => (Allow) C:\Program Files (x86)\BetterHash\Cores\lol\lolMiner.exe () [Brak podpisu cyfrowego] FirewallRules: [{AD380470-63DE-4F17-8023-EBECA7ACD209}] => (Allow) C:\Program Files (x86)\BetterHash\Cores\nbminer-rvn\nbminer-rvn.exe () [Brak podpisu cyfrowego] FirewallRules: [{676FBC43-9D58-4F95-A2DC-BCAF564749AE}] => (Allow) C:\Program Files (x86)\BetterHash\Cores\nbminer-rvn\nbminer-rvn.exe () [Brak podpisu cyfrowego] FirewallRules: [{730C5231-9FF9-4A1E-8616-49F3A3F16B26}] => (Allow) C:\Program Files (x86)\BetterHash\Cores\teamredminer-cryptonight\teamredminer.exe (MingW-W64 Project. All rights reserved.) [Brak podpisu cyfrowego] FirewallRules: [{98242BC6-F4AC-443F-B94D-A5659E6D5EC9}] => (Allow) C:\Program Files (x86)\BetterHash\Cores\teamredminer-cryptonight\teamredminer.exe (MingW-W64 Project. All rights reserved.) [Brak podpisu cyfrowego] FirewallRules: [{6DB551DA-6431-4773-AB44-4FB5C4CDF6B3}] => (Allow) C:\Program Files (x86)\BetterHash\Cores\nbminer-grin\nbminer-grin.exe () [Brak podpisu cyfrowego] FirewallRules: [{EB7A3502-91D3-463D-A557-F7D5006FED78}] => (Allow) C:\Program Files (x86)\BetterHash\Cores\nbminer-grin\nbminer-grin.exe () [Brak podpisu cyfrowego] FirewallRules: [{1E6F942D-4237-431B-8913-05FFBA82C09C}] => (Allow) C:\Program Files (x86)\BetterHash\Cores\nbminer-grin29\nbminer-grin29.exe () [Brak podpisu cyfrowego] FirewallRules: [{13004CE0-DCEB-4DDA-8736-0AF441CC4A2A}] => (Allow) C:\Program Files (x86)\BetterHash\Cores\nbminer-grin29\nbminer-grin29.exe () [Brak podpisu cyfrowego] FirewallRules: [{48BDA115-4306-4045-BE16-211388082A74}] => (Allow) C:\Program Files (x86)\BetterHash\Cores\ccminer-xzc-x64\ccminer-xzc-x64.exe () [Brak podpisu cyfrowego] FirewallRules: [{43C4C635-A177-4C60-A008-8FF60403AAAB}] => (Allow) C:\Program Files (x86)\BetterHash\Cores\ccminer-xzc-x64\ccminer-xzc-x64.exe () [Brak podpisu cyfrowego] ==================== Punkty Przywracania systemu ========================= UWAGA: Przywracanie systemu jest wyłączone (Total:111.22 GB) (Free:42.24 GB) (38%) ==================== Wadliwe urządzenia w Menedżerze urządzeń ============ Name: avast! SecureLine TAP Adapter v3 Description: avast! SecureLine TAP Adapter v3 Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318} Manufacturer: TAP-Windows Provider V9 Service: aswTap Problem: : This device is disabled. (Code 22) Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions. ==================== Błędy w Dzienniku zdarzeń: ======================== Dziennik Aplikacja: ================== Error: (08/08/2020 08:55:32 AM) (Source: Microsoft-Windows-PerfNet) (EventID: 2004) (User: DESKTOP-FVO0R2P) Description: Unable to open the Server service performance object. The first four bytes (DWORD) of the Data section contains the status code. Error: (08/07/2020 04:47:25 PM) (Source: Microsoft-Windows-PerfNet) (EventID: 2004) (User: DESKTOP-FVO0R2P) Description: Unable to open the Server service performance object. The first four bytes (DWORD) of the Data section contains the status code. Error: (08/07/2020 01:00:15 PM) (Source: Microsoft-Windows-PerfNet) (EventID: 2004) (User: DESKTOP-FVO0R2P) Description: Unable to open the Server service performance object. The first four bytes (DWORD) of the Data section contains the status code. Error: (08/07/2020 01:00:02 PM) (Source: Microsoft-Windows-PerfNet) (EventID: 2004) (User: DESKTOP-FVO0R2P) Description: Unable to open the Server service performance object. The first four bytes (DWORD) of the Data section contains the status code. Error: (08/07/2020 12:59:30 PM) (Source: Microsoft-Windows-PerfNet) (EventID: 2004) (User: DESKTOP-FVO0R2P) Description: Unable to open the Server service performance object. The first four bytes (DWORD) of the Data section contains the status code. Error: (08/07/2020 12:59:16 PM) (Source: Microsoft-Windows-PerfNet) (EventID: 2004) (User: DESKTOP-FVO0R2P) Description: Unable to open the Server service performance object. The first four bytes (DWORD) of the Data section contains the status code. Error: (08/07/2020 12:59:03 PM) (Source: Microsoft-Windows-PerfNet) (EventID: 2004) (User: DESKTOP-FVO0R2P) Description: Unable to open the Server service performance object. The first four bytes (DWORD) of the Data section contains the status code. Error: (08/07/2020 12:33:10 PM) (Source: Microsoft-Windows-PerfNet) (EventID: 2004) (User: DESKTOP-FVO0R2P) Description: Unable to open the Server service performance object. The first four bytes (DWORD) of the Data section contains the status code. Dziennik System: ============= Error: (08/07/2020 07:56:39 PM) (Source: Service Control Manager) (EventID: 7011) (User: ) Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the WSearch service. Error: (08/07/2020 07:56:09 PM) (Source: Service Control Manager) (EventID: 7011) (User: ) Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the WSearch service. Error: (08/07/2020 11:01:51 AM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: The BetterHashPrelogin service terminated unexpectedly. It has done this 1 time(s). Error: (08/07/2020 09:12:20 AM) (Source: nvlddmkm) (EventID: 13) (User: ) Description: Event-ID 13 Error: (08/07/2020 09:12:20 AM) (Source: nvlddmkm) (EventID: 13) (User: ) Description: Event-ID 13 Error: (08/06/2020 11:29:21 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-FVO0R2P) Description: The server Microsoft.Windows.Cortana_1.13.0.18362_neutral_neutral_cw5n1h2txyewy!CortanaUI.AppXd4tad4d57t4wtdbnnmb8v2xtzym8c1n8.mca did not register with DCOM within the required timeout. Error: (08/06/2020 07:55:18 PM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: The Cudo Miner service terminated unexpectedly. It has done this 2 time(s). The following corrective action will be taken in 4000 milliseconds: Uruchom usługę ponownie. Error: (08/06/2020 07:55:09 PM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: The Cudo Miner service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 4000 milliseconds: Uruchom usługę ponownie. Windows Defender: =================================== Date: 2020-08-08 09:45:33.107 Description: Produkt Program antywirusowy Windows Defender wykrył złośliwe oprogramowanie lub inne potencjalnie niechciane oprogramowanie. Aby uzyskać więcej informacji, zobacz: https://go.microsoft.com/fwlink/?linkid=37020&name=Trojan:Win32/Wacatac.DA!ml&threatid=2147757789&enterprise=0 Nazwa: Trojan:Win32/Wacatac.DA!ml Identyfikator: 2147757789 Ważność: Poważny Kategoria: Koń trojański Ścieżka: file:_C:\Users\WITOLD\Downloads\FRST.exe; webfile:_C:\Users\WITOLD\Downloads\FRST.exe|https://download.bleepingcomputer.com/dl/8f956d2a0a00b7fe86a8d4f87f35ad26/5f2e55ec/windows/security/security-utilities/f/farbar-recovery-scan-tool/FRST.exe|pid:9032,ProcessStart:132413463329004179 Pochodzenie wykrycia: Internet Typ wykrycia: FastPath Źródło wykrycia: Pobrania i załączniki Użytkownik: DESKTOP-FVO0R2P\WITOLD Nazwa procesu: Unknown Wersja analizy zabezpieczeń: AV: 1.321.883.0, AS: 1.321.883.0, NIS: 1.321.883.0 Wersja aparatu: AM: 1.1.17300.4, NIS: 1.1.17300.4 Date: 2020-08-08 09:36:37.032 Description: Produkt Program antywirusowy Windows Defender wykrył złośliwe oprogramowanie lub inne potencjalnie niechciane oprogramowanie. Aby uzyskać więcej informacji, zobacz: https://go.microsoft.com/fwlink/?linkid=37020&name=Trojan:Win32/Wacatac.DA!ml&threatid=2147757789&enterprise=0 Nazwa: Trojan:Win32/Wacatac.DA!ml Identyfikator: 2147757789 Ważność: Poważny Kategoria: Koń trojański Ścieżka: file:_C:\Users\WITOLD\Downloads\FRST.exe; webfile:_C:\Users\WITOLD\Downloads\FRST.exe|https://download.bleepingcomputer.com/dl/8f956d2a0a00b7fe86a8d4f87f35ad26/5f2e55ec/windows/security/security-utilities/f/farbar-recovery-scan-tool/FRST.exe|pid:7656,ProcessStart:132413457955243592 Pochodzenie wykrycia: Internet Typ wykrycia: FastPath Źródło wykrycia: Ochrona w czasie rzeczywistym Użytkownik: DESKTOP-FVO0R2P\WITOLD Nazwa procesu: C:\Windows\explorer.exe Wersja analizy zabezpieczeń: AV: 1.321.883.0, AS: 1.321.883.0, NIS: 1.321.883.0 Wersja aparatu: AM: 1.1.17300.4, NIS: 1.1.17300.4 Date: 2020-08-08 09:36:37.030 Description: Produkt Program antywirusowy Windows Defender wykrył złośliwe oprogramowanie lub inne potencjalnie niechciane oprogramowanie. Aby uzyskać więcej informacji, zobacz: https://go.microsoft.com/fwlink/?linkid=37020&name=Trojan:Win32/Wacatac.DA!ml&threatid=2147757789&enterprise=0 Nazwa: Trojan:Win32/Wacatac.DA!ml Identyfikator: 2147757789 Ważność: Poważny Kategoria: Koń trojański Ścieżka: file:_C:\Users\WITOLD\Downloads\FRST.exe Pochodzenie wykrycia: Komputer lokalny Typ wykrycia: FastPath Źródło wykrycia: Ochrona w czasie rzeczywistym Użytkownik: DESKTOP-FVO0R2P\WITOLD Nazwa procesu: C:\Windows\explorer.exe Wersja analizy zabezpieczeń: AV: 1.321.883.0, AS: 1.321.883.0, NIS: 1.321.883.0 Wersja aparatu: AM: 1.1.17300.4, NIS: 1.1.17300.4 Date: 2020-08-01 20:18:57.303 Description: Skanowanie produktu Program antywirusowy Windows Defender zostało zatrzymane przed ukończeniem. Identyfikator skanowania: {1292FBC5-12F3-4ACC-B1D7-5C543F195193} Typ skanowania: Narzędzia chroniące przed złośliwym oprogramowaniem Parametry skanowania: Szybkie skanowanie Użytkownik: ZARZĄDZANIE NT\SYSTEM Date: 2020-07-28 16:31:03.466 Description: Produkt Program antywirusowy Windows Defender wykrył złośliwe oprogramowanie lub inne potencjalnie niechciane oprogramowanie. Aby uzyskać więcej informacji, zobacz: https://go.microsoft.com/fwlink/?linkid=37020&name=SettingsModifier:Win32/HostsFileHijack&threatid=265754&enterprise=0 Nazwa: SettingsModifier:Win32/HostsFileHijack Identyfikator: 265754 Ważność: Poważny Kategoria: Program modyfikujący ustawienia Ścieżka: file:_C:\Windows\System32\drivers\etc\hosts Pochodzenie wykrycia: Komputer lokalny Typ wykrycia: Konkretne Źródło wykrycia: Ochrona w czasie rzeczywistym Użytkownik: DESKTOP-FVO0R2P\WITOLD Nazwa procesu: C:\Program Files\AVAST Software\SecureLine VPN\Vpn.exe Wersja analizy zabezpieczeń: AV: 1.321.43.0, AS: 1.321.43.0, NIS: 1.321.43.0 Wersja aparatu: AM: 1.1.17300.4, NIS: 1.1.17300.4 CodeIntegrity: =================================== Date: 2020-06-27 13:30:07.483 Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume2\Program Files\AVAST Software\Avast\aswhook.dll that did not meet the Microsoft signing level requirements. Date: 2020-06-27 13:30:07.482 Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume2\Program Files\AVAST Software\Avast\snxhk.dll that did not meet the Microsoft signing level requirements. Date: 2020-06-27 13:30:06.491 Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume2\Program Files\AVAST Software\Avast\aswhook.dll that did not meet the Microsoft signing level requirements. Date: 2020-06-27 13:30:06.489 Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume2\Program Files\AVAST Software\Avast\snxhk.dll that did not meet the Microsoft signing level requirements. Date: 2020-06-27 13:30:06.477 Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume2\Program Files\AVAST Software\Avast\aswhook.dll that did not meet the Microsoft signing level requirements. Date: 2020-06-27 13:30:06.474 Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume2\Program Files\AVAST Software\Avast\snxhk.dll that did not meet the Microsoft signing level requirements. Date: 2020-06-27 13:30:06.464 Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume2\Program Files\AVAST Software\Avast\aswhook.dll that did not meet the Microsoft signing level requirements. Date: 2020-06-27 13:30:06.462 Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume2\Program Files\AVAST Software\Avast\snxhk.dll that did not meet the Microsoft signing level requirements. ==================== Statystyki pamięci =========================== BIOS: American Megatrends Inc. 2.70 03/06/2019 Płyta główna: Micro-Star International Co., Ltd. B450M PRO-M2 (MS-7B84) Procesor: AMD Ryzen 7 2700 Eight-Core Processor Procent pamięci w użyciu: 15% Całkowita pamięć fizyczna: 32717.27 MB Dostępna pamięć fizyczna: 27542.5 MB Całkowita pamięć wirtualna: 37581.27 MB Dostępna pamięć wirtualna: 29344.27 MB ==================== Dyski ================================ Drive c: () (Fixed) (Total:111.22 GB) (Free:42.24 GB) NTFS Drive d: () (Fixed) (Total:488.28 GB) (Free:53.37 GB) NTFS \\?\Volume{a7f42a1f-0000-0000-0000-100000000000}\ (Zastrzeżone przez system) (Fixed) (Total:0.57 GB) (Free:0.12 GB) NTFS ==================== MBR & Tablica partycji ==================== ========================================================== Disk: 0 (MBR Code: Windows 7/8/10) (Size: 111.8 GB) (Disk ID: A7F42A1F) Partition 1: (Active) - (Size=579 MB) - (Type=07 NTFS) Partition 2: (Not Active) - (Size=111.2 GB) - (Type=07 NTFS) ========================================================== Disk: 1 (MBR Code: Windows XP) (Size: 931.5 GB) (Disk ID: 8448BAFA) Partition 1: (Active) - (Size=488.3 GB) - (Type=07 NTFS) Partition 2: (Not Active) - (Size=443.2 GB) - (Type=07 NTFS) ========================================================== Disk: 2 (Size: 931.5 GB) (Disk ID: 77AA0808) Partition 1: (Not Active) - (Size=491.3 GB) - (Type=07 NTFS) Partition 2: (Active) - (Size=440.2 GB) - (Type=07 NTFS) ==================== Koniec Addition.txt =======================