Rezultaty skanu uzupełniającego Farbar Recovery Scan Tool (x64) Wersja: 22-01-2021 Uruchomiony przez Marcin (22-01-2021 18:05:03) Uruchomiony z C:\Users\Marcin\Downloads Windows 10 Home Wersja 2004 19041.746 (X64) (2020-11-17 12:11:29) Tryb startu: Normal ========================================================== ==================== Konta użytkowników: ============================= Administrator (S-1-5-21-3226224125-705978768-3437366758-500 - Administrator - Disabled) defaultuser0 (S-1-5-21-3226224125-705978768-3437366758-1000 - Limited - Disabled) => C:\Users\defaultuser0 Gość (S-1-5-21-3226224125-705978768-3437366758-501 - Limited - Disabled) Konto domyślne (S-1-5-21-3226224125-705978768-3437366758-503 - Limited - Disabled) Marcin (S-1-5-21-3226224125-705978768-3437366758-1001 - Administrator - Enabled) => C:\Users\Marcin WDAGUtilityAccount (S-1-5-21-3226224125-705978768-3437366758-504 - Limited - Disabled) ==================== Centrum zabezpieczeń ======================== (Załączenie wejścia w fixlist spowoduje jego usunięcie.) AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} ==================== Zainstalowane programy ====================== (W fixlist dozwolone tylko załączanie programów adware z flagą "Hidden" w celu ich uwidocznienia. Programy adware powinny zostać w poprawny sposób odinstalowane.) Ace Stream Media 3.1.32 (HKU\S-1-5-21-3226224125-705978768-3437366758-1001\...\AceStream) (Version: 3.1.32 - Ace Stream Media) <==== UWAGA Apple Application Support (32-bit) (HKLM-x32\...\{A7039CC9-4669-4799-92B1-C5CE346DBE3D}) (Version: 8.3 - Apple Inc.) Apple Application Support (64-bit) (HKLM\...\{DA78A9DC-3599-4D81-A960-B679687A6C14}) (Version: 8.3 - Apple Inc.) Apple Mobile Device Support (HKLM\...\{7D606B87-0AEB-4C27-ABCE-1138EE09777B}) (Version: 13.0.0.41 - Apple Inc.) Apple Software Update (HKLM-x32\...\{A3985C05-7386-411F-A4BF-32A73F37EB44}) (Version: 2.6.3.1 - Apple Inc.) Ashampoo WinOptimizer 2018 (HKLM-x32\...\{4209F371-DBD7-A4A8-3604-A669D1DB15F3}_is1) (Version: 15.00.05 - Ashampoo GmbH & Co. KG) Asmedia USB Host Controller Driver (HKLM-x32\...\{E4FB0B39-C991-4EE7-95DD-1A1A7857D33D}) (Version: 1.16.47.2 - Asmedia Technology) Asystent aktualizacji do systemu Windows 10 (HKLM-x32\...\{D5C69738-B486-402E-85AC-2456D98A64E4}) (Version: 1.4.9200.22514 - Microsoft Corporation) BCS POINT Manager (HKLM-x32\...\{B260D91F-0D48-42B2-89DB-A00E64E43DF7}) (Version: 2.3.0 - BCS POINT Manager) Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.) ELAN Touchpad 11.15.0.18_X64 (HKLM\...\Elantech) (Version: 11.15.0.18 - ELAN Microelectronic Corp.) Google Chrome (HKLM-x32\...\Google Chrome) (Version: 87.0.4280.141 - Google LLC) Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.36.51 - Google LLC) Hidden HiSuite (HKLM-x32\...\Hi Suite) (Version: 11.0.0.320 - Huawei Technologies Co., Ltd.) HP LaserJet Professional M1130-M1210 MFP Series (HKLM\...\HP LaserJet Professional M1130-M1210 MFP Series) (Version: - ) Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 9.17.10.4229 - Intel Corporation) Intel(R) SDK for OpenCL - CPU Only Runtime Package (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 2.0.0.37149 - Intel Corporation) iTunes (HKLM\...\{104DE2EB-028B-4263-A267-27CF03039807}) (Version: 12.10.4.2 - Apple Inc.) K-Lite Codec Pack 14.5.2 Full (HKLM-x32\...\KLiteCodecPack_is1) (Version: 14.5.2 - KLCP) Malwarebytes (wersja 3.6.1.2711) (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.6.1.2711 - Malwarebytes) Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 87.0.664.75 - Microsoft Corporation) Microsoft Edge Update (HKLM-x32\...\Microsoft Edge Update) (Version: 1.3.139.71 - ) Microsoft Office Professional Plus 2016 - pl-pl (HKLM\...\ProPlusRetail - pl-pl) (Version: 16.0.13530.20376 - Microsoft Corporation) Microsoft Office Professional Plus 2019 - pl-pl (HKLM\...\ProPlus2019Retail - pl-pl) (Version: 16.0.13530.20376 - Microsoft Corporation) Microsoft OneDrive (HKU\S-1-5-21-3226224125-705978768-3437366758-1001\...\OneDriveSetup.exe) (Version: 20.201.1005.0009 - Microsoft Corporation) Microsoft Update Health Tools (HKLM\...\{97238E8A-4919-4A1E-965A-C6C36938F4CE}) (Version: 2.68.0.0 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation) Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 60.2.1 - Mozilla) Mozilla Thunderbird 68.12.1 (x64 pl) (HKLM\...\Mozilla Thunderbird 68.12.1 (x64 pl)) (Version: 68.12.1 - Mozilla) Office 16 Click-to-Run Extensibility Component (HKLM-x32\...\{90160000-008C-0000-0000-0000000FF1CE}) (Version: 16.0.13530.20376 - Microsoft Corporation) Hidden Office 16 Click-to-Run Extensibility Component 64-bit Registration (HKLM\...\{90160000-00DD-0000-1000-0000000FF1CE}) (Version: 16.0.13530.20376 - Microsoft Corporation) Hidden Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-008F-0000-1000-0000000FF1CE}) (Version: 16.0.13530.20376 - Microsoft Corporation) Hidden Office 16 Click-to-Run Localization Component (HKLM-x32\...\{90160000-008C-0415-0000-0000000FF1CE}) (Version: 16.0.13530.20376 - Microsoft Corporation) Hidden PDF-XChange Viewer (HKLM\...\{9ED333F8-3E6C-4A38-BAFA-728454121CDA}) (Version: 2.5.322.7 - Tracker Software Products (Canada) Ltd.) Qualcomm Atheros 11ac Wireless LAN&Bluetooth Installer (HKLM-x32\...\{3241744A-BA36-41F0-B4AA-EF3946D00632}) (Version: 11.0.0.10434 - Qualcomm) Qualcomm Atheros Client Installation Program (HKLM-x32\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 10.0 - Qualcomm Atheros) Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7926 - Realtek Semiconductor Corp.) Scan To (HKLM\...\{E8A34AC8-0137-4515-A94B-0A0946DDC251}) (Version: 2.0.1 - HP) SnadBoy's Revelation v2 (HKLM-x32\...\SnadBoy's Revelation v2) (Version: 2.0.1.100 - SnadBoy Software) Star4Live_P2P (HKLM-x32\...\{186BE932-E28A-4F47-960F-AC1F123C1703}) (Version: 1.17.0001 - Star4Live) TeamViewer 14 (HKLM-x32\...\TeamViewer) (Version: 14.1.18533 - TeamViewer) Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{16AD6161-2E47-4BF1-AA77-0946EFE93E08}) (Version: 2.61.0.0 - Microsoft Corporation) WinRAR 5.60 (64-bitowy) (HKLM\...\WinRAR archiver) (Version: 5.60.0 - win.rar GmbH) Packages: ========= Autodesk SketchBook -> C:\Program Files\WindowsApps\89006A2E.AutodeskSketchBook_5.1.0.0_x64__tf1gferkr813w [2019-11-06] (Autodesk Inc.) Dodatek Aparat multimediów dla aplikacji Zdjęcia -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2020-04-01] (Microsoft Corporation) HP Smart -> C:\Program Files\WindowsApps\AD2F1837.HPPrinterControl_121.1.193.0_x64__v10z8vjag6ke6 [2020-11-17] (HP Inc.) Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-02-12] (Microsoft Corporation) [MS Ad] Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-02-12] (Microsoft Corporation) [MS Ad] Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.7.10142.0_x64__8wekyb3d8bbwe [2020-11-17] (Microsoft Studios) [MS Ad] Twój telefon -> C:\Program Files\WindowsApps\Microsoft.YourPhone_1.20101.99.0_x64__8wekyb3d8bbwe [2020-11-23] (Microsoft Corporation) ==================== Niestandardowe rejestracje CLSID (filtrowane): ============== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> Brak pliku ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2018-07-16] (win.rar GmbH -> Alexander Roshal) ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2018-07-16] (win.rar GmbH -> Alexander Roshal) ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2018-09-19] (Malwarebytes Corporation -> Malwarebytes) ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => C:\WINDOWS\system32\igfxpph.dll [2017-03-09] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation) ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2018-09-19] (Malwarebytes Corporation -> Malwarebytes) ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2018-07-16] (win.rar GmbH -> Alexander Roshal) ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2018-07-16] (win.rar GmbH -> Alexander Roshal) ==================== Codecs (filtrowane) ==================== ==================== Skróty & WMI ======================== ==================== Załadowane moduły (filtrowane) ============= 2018-01-17 19:10 - 2018-01-17 19:10 - 000202752 _____ () [Brak podpisu cyfrowego] C:\Program Files (x86)\Star4Live\Star4Live_P2P\libcloud.dll 2018-01-17 19:10 - 2018-01-17 19:10 - 000068608 _____ () [Brak podpisu cyfrowego] C:\Program Files (x86)\Star4Live\Star4Live_P2P\libcloudclient.dll 2018-01-17 19:10 - 2018-01-17 19:10 - 000008192 _____ () [Brak podpisu cyfrowego] C:\Program Files (x86)\Star4Live\Star4Live_P2P\libcloudhttpcurl.dll 2016-05-05 17:54 - 2016-05-05 17:54 - 000075776 _____ () [Brak podpisu cyfrowego] C:\Program Files (x86)\Star4Live\Star4Live_P2P\libglog.dll 2018-01-17 19:10 - 2018-01-17 19:10 - 000017920 _____ () [Brak podpisu cyfrowego] C:\Program Files (x86)\Star4Live\Star4Live_P2P\libstun.dll 2018-08-16 20:31 - 2018-08-16 20:31 - 000032768 _____ (Open Source Software community LGPL) [Brak podpisu cyfrowego] C:\Program Files (x86)\Star4Live\Star4Live_P2P\pthreadVC2.dll 2018-01-02 17:22 - 2018-01-02 17:22 - 000291328 _____ (The curl library, hxxps://curl.haxx.se/) [Brak podpisu cyfrowego] C:\Program Files (x86)\Star4Live\Star4Live_P2P\libcurl.dll ==================== Alternate Data Streams (filtrowane) ======== ==================== Tryb awaryjny (filtrowane) ================== ==================== Powiązania plików (filtrowane) ================= ==================== Internet Explorer (filtrowane) ========== BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2021-01-18] (Microsoft Corporation -> Microsoft Corporation) BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\Office16\OCHelper.dll [2021-01-18] (Microsoft Corporation -> Microsoft Corporation) Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2021-01-18] (Microsoft Corporation -> Microsoft Corporation) Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2021-01-18] (Microsoft Corporation -> Microsoft Corporation) Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2021-01-18] (Microsoft Corporation -> Microsoft Corporation) Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2021-01-18] (Microsoft Corporation -> Microsoft Corporation) ==================== Hosts - zawartość: ========================= (Użycie dyrektywy Hosts: w fixlist spowoduje reset pliku Hosts.) 2016-07-16 12:47 - 2016-07-16 12:45 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts ==================== Inne obszary =========================== (Obecnie brak automatycznej naprawy dla tej sekcji.) HKU\S-1-5-21-3226224125-705978768-3437366758-1001\Control Panel\Desktop\\Wallpaper -> c:\windows\web\wallpaper\windows\img0.jpg DNS Servers: 217.172.224.160 - 89.231.1.206 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 2) (ConsentPromptBehaviorUser: 1) (EnableLUA: 1) HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: Off) Zapora systemu Windows [funkcja włączona] ==================== MSCONFIG/TASK MANAGER - Wyłączone elementy == (Załączenie wejścia w fixlist spowoduje jego usunięcie.) HKLM\...\StartupApproved\Run: => "WindowsDefender" HKU\S-1-5-21-3226224125-705978768-3437366758-1001\...\StartupApproved\Run: => "OneDrive" HKU\S-1-5-21-3226224125-705978768-3437366758-1001\...\StartupApproved\Run: => "AceStream" ==================== Reguły Zapory systemu Windows (filtrowane) ================ (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) FirewallRules: [{1E8F4274-F3FF-4E0E-9BDA-6FDC494A7018}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.63.76.0_x86__kzf8qxf38zg5c\Skype\Skype.exe => Brak pliku FirewallRules: [{7C13DCF3-6D56-4F79-8981-221EA2804EE6}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.63.76.0_x86__kzf8qxf38zg5c\Skype\Skype.exe => Brak pliku FirewallRules: [{94553E2C-C44A-4D0E-9455-07FCFC611A4E}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.63.76.0_x86__kzf8qxf38zg5c\Skype\Skype.exe => Brak pliku FirewallRules: [{811F48B9-900B-4A5C-949E-5DD5448119A2}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.63.76.0_x86__kzf8qxf38zg5c\Skype\Skype.exe => Brak pliku FirewallRules: [{0A25AF68-05B0-45B5-9C84-DD8BA886E67A}] => (Allow) C:\Program Files\iTunes\iTunes.exe (Apple Inc. -> Apple Inc.) FirewallRules: [{65F4D151-39D7-4935-A4A2-3DD71AACCAFC}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.) FirewallRules: [{80412092-2B69-4D05-B1D2-F087E35BAE73}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.) FirewallRules: [{AC68F444-0D91-4981-95F2-285B807430F8}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.) FirewallRules: [{7322A264-58C4-4CE2-AC25-103E635B08E9}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.) FirewallRules: [{3D41D2D8-7543-4728-971A-58779606617B}] => (Allow) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc. -> Apple Inc.) FirewallRules: [{F0351E81-9835-4613-B20C-0A7D2C9485B0}] => (Allow) C:\Users\Marcin\AppData\Roaming\ACEStream\engine\ace_engine.exe (INNOVATIVE DIGITAL TECHNOLOGIES LLC -> Innovative Digital Technologies) FirewallRules: [{E1C24279-B1BB-49C0-AE9A-A65ABFBE7982}] => (Allow) C:\Users\Marcin\AppData\Roaming\ACEStream\engine\ace_engine.exe (INNOVATIVE DIGITAL TECHNOLOGIES LLC -> Innovative Digital Technologies) FirewallRules: [TCP Query User{60E795D1-D682-40AB-B513-441B741E652F}C:\users\marcin\appdata\roaming\acestream\engine\ace_engine.exe] => (Allow) C:\users\marcin\appdata\roaming\acestream\engine\ace_engine.exe (INNOVATIVE DIGITAL TECHNOLOGIES LLC -> Innovative Digital Technologies) FirewallRules: [UDP Query User{749ACAF1-1E82-421E-A30D-AAB08D9F8586}C:\users\marcin\appdata\roaming\acestream\engine\ace_engine.exe] => (Allow) C:\users\marcin\appdata\roaming\acestream\engine\ace_engine.exe (INNOVATIVE DIGITAL TECHNOLOGIES LLC -> Innovative Digital Technologies) FirewallRules: [{760E5CBA-69AC-4F9C-B634-DB4DB9AC9098}] => (Allow) C:\Program Files (x86)\BCS POINT Manager\BCS POINT Recorder\BCS POINT Recorder.exe (bcscctv -> ) FirewallRules: [{DE359CB0-3917-4DF1-A0E9-3452E7EC7BE1}] => (Allow) C:\Program Files (x86)\BCS POINT Manager\BCS POINT Manager\BCS POINT Manager.exe (bcscctv -> ) FirewallRules: [{0D515E92-DE61-4979-9E15-6647B2580859}] => (Allow) C:\Program Files (x86)\BCS POINT Manager\BCS POINT Streamer\BCS POINT Streamer.exe (bcscctv -> ) FirewallRules: [{6A8411DB-EA3B-45A1-AB94-2D080F937691}] => (Allow) C:\Program Files (x86)\BCS POINT Manager\BCS POINT Recorder\EZRecorderSvc.exe (bcscctv -> ) FirewallRules: [{3A61261B-FCD9-43E9-AE76-4D43BB1E15D0}] => (Allow) C:\Program Files (x86)\BCS POINT Manager\BCS POINT Recorder\vod\ezr_vod.exe (bcscctv -> ) FirewallRules: [{0AEC017F-6D02-4F3F-87C6-B04A43C084C9}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer GmbH -> TeamViewer GmbH) FirewallRules: [{A2A9B0AA-E4BD-4D46-9F0A-B7D71C7971AD}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer GmbH -> TeamViewer GmbH) FirewallRules: [{F4FEA1AB-99D5-4A48-B255-CF5F87F94BAF}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer GmbH -> TeamViewer GmbH) FirewallRules: [{7D1E1777-CE06-4F4C-9075-84074A12539B}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer GmbH -> TeamViewer GmbH) FirewallRules: [{950340E2-18CF-4B8A-8CC3-59C2DDC50A40}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [{C040CDB1-83A4-4573-8A4F-FE76C67F0CE2}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [{D2748B8A-CD72-4E96-BB7D-D5D1A17755A8}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [{FF652F87-BCEE-4CF3-860E-1B9E6DF1CB16}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [{25B42573-B4B5-47B9-A593-21B1442A2313}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.66.77.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.) FirewallRules: [{F2F93ED0-740B-4143-880B-5414E9B2B1F8}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.66.77.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.) FirewallRules: [{D5C396E7-E451-4682-AA8E-53B6EDFF4816}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.66.77.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.) FirewallRules: [{BFCCE46D-5D4E-4CB6-84BD-DDA1EF619BDA}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.66.77.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.) FirewallRules: [{AD166772-6D88-4C58-8B42-97361744D14C}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC) FirewallRules: [{4575FE4F-1674-407B-B7A5-D16BB2C2956D}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation) ==================== Punkty Przywracania systemu ========================= 21-01-2021 15:59:29 Instalator modułów systemu Windows ==================== Wadliwe urządzenia w Menedżerze urządzeń ============ Name: Bluetooth Module Description: Bluetooth Module Class Guid: {e0cbf06c-cd8b-4647-bb8a-263b43f0f974} Manufacturer: Qualcomm Atheros Communications Service: BTHUSB Problem: : Windows has stopped this device because it has reported problems. (Code 43) Resolution: One of the drivers controlling the device notified the operating system that the device failed in some manner. For more information about how to diagnose the problem, see the hardware documentation. ==================== Błędy w Dzienniku zdarzeń: ======================== Dziennik Aplikacja: ================== Error: (01/21/2021 04:04:52 PM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Local Hostname DESKTOP-6TNIDK7.local already in use; will try DESKTOP-6TNIDK7-2.local instead Error: (01/21/2021 04:04:52 PM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: mDNSCoreReceiveResponse: ProbeCount 2; will deregister 4 DESKTOP-6TNIDK7.local. Addr 192.168.0.19 Error: (01/21/2021 04:04:52 PM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: mDNSCoreReceiveResponse: Received from 192.168.0.19:5353 16 DESKTOP-6TNIDK7.local. AAAA 0000:0000:0000:0000:155B:0E0A:3AD8:8D94 Error: (01/21/2021 03:41:19 PM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: m->NextScheduledSPRetry 19875 Error: (01/21/2021 03:41:19 PM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: m->NextScheduledEvent 19875 Error: (01/21/2021 03:41:19 PM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: Continuously busy for more than a second Error: (12/05/2020 07:54:17 PM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Local Hostname DESKTOP-6TNIDK7.local already in use; will try DESKTOP-6TNIDK7-2.local instead Error: (12/05/2020 07:54:17 PM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: mDNSCoreReceiveResponse: ProbeCount 1; will deregister 16 DESKTOP-6TNIDK7.local. AAAA 0000:0000:0000:0000:155B:0E0A:3AD8:8D94 Dziennik System: ============= Error: (01/21/2021 05:54:41 PM) (Source: BTHUSB) (EventID: 17) (User: ) Description: W lokalnym adapterze Bluetooth wystąpił nieokreślony błąd. Adapter nie będzie używany. Sterownik został usunięty z pamięci. Error: (01/21/2021 04:05:24 PM) (Source: BTHUSB) (EventID: 17) (User: ) Description: W lokalnym adapterze Bluetooth wystąpił nieokreślony błąd. Adapter nie będzie używany. Sterownik został usunięty z pamięci. Error: (01/21/2021 04:05:16 PM) (Source: Service Control Manager) (EventID: 7001) (User: ) Description: Usługa RasMan zależy od usługi SstpSvc, której nie można uruchomić z powodu następującego błędu: Operacja ukończona pomyślnie. Error: (01/21/2021 04:04:45 PM) (Source: BTHUSB) (EventID: 17) (User: ) Description: W lokalnym adapterze Bluetooth wystąpił nieokreślony błąd. Adapter nie będzie używany. Sterownik został usunięty z pamięci. Error: (01/21/2021 04:03:42 PM) (Source: Service Control Manager) (EventID: 7024) (User: ) Description: Usługa Menedżer połączeń usługi Dostęp zdalny zakończyła działanie; wystąpił następujący specyficzny dla niej błąd: %%2147943860 = Operacja została zwrócona, ponieważ przekroczono limit czasu. Error: (01/21/2021 04:03:11 PM) (Source: BTHUSB) (EventID: 17) (User: ) Description: W lokalnym adapterze Bluetooth wystąpił nieokreślony błąd. Adapter nie będzie używany. Sterownik został usunięty z pamięci. Error: (01/21/2021 04:01:45 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-6TNIDK7) Description: Serwer {776DBC8D-7347-478C-8D71-791E12EF49D8} nie zarejestrował się w modelu DCOM w wymaganym czasie. Error: (01/21/2021 04:01:43 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-6TNIDK7) Description: Serwer microsoft.windowscommunicationsapps_16005.13228.41011.0_x64__8wekyb3d8bbwe!microsoft.windowslive.calendar.AppXwkn9j84yh1kvnt49k5r8h6y1ecsv09hs.mca nie zarejestrował się w modelu DCOM w wymaganym czasie. Windows Defender: =================================== Date: 2021-01-22 18:04:58.5790000Z Description: Produkt Program antywirusowy Microsoft Defender wykrył złośliwe oprogramowanie lub inne potencjalnie niechciane oprogramowanie. Aby uzyskać więcej informacji, zobacz: https://go.microsoft.com/fwlink/?linkid=37020&name=HackTool:Win32/AutoKMS&threatid=2147685180&enterprise=0 Nazwa: HackTool:Win32/AutoKMS Identyfikator: 2147685180 Ważność: Wysoki Kategoria: Narzędzie Ścieżka: file:_C:\Users\Marcin\Downloads\WebAct.exe Pochodzenie wykrycia: Komputer lokalny Typ wykrycia: Konkretne Źródło wykrycia: Ochrona w czasie rzeczywistym Użytkownik: DESKTOP-6TNIDK7\Marcin Nazwa procesu: C:\Users\Marcin\Downloads\FRST64.exe Wersja analizy zabezpieczeń: AV: 1.329.2639.0, AS: 1.329.2639.0, NIS: 1.329.2639.0 Wersja aparatu: AM: 1.1.17700.4, NIS: 1.1.17700.4 Date: 2021-01-21 16:48:51.8150000Z Description: Skanowanie produktu Program antywirusowy Microsoft Defender zostało zatrzymane przed ukończeniem. Identyfikator skanowania: {0AC07B9C-334B-41DB-809A-C27E17D527BB} Typ skanowania: Narzędzia chroniące przed złośliwym oprogramowaniem Parametry skanowania: Szybkie skanowanie Użytkownik: ZARZĄDZANIE NT\SYSTEM Date: 2021-01-08 10:00:55.5060000Z Description: Skanowanie produktu Program antywirusowy Microsoft Defender zostało zatrzymane przed ukończeniem. Identyfikator skanowania: {EB9B6E4E-DB9B-482A-BA37-7DA2019C9113} Typ skanowania: Narzędzia chroniące przed złośliwym oprogramowaniem Parametry skanowania: Szybkie skanowanie Użytkownik: ZARZĄDZANIE NT\SYSTEM Date: 2020-11-18 16:27:24.8600000Z Description: Skanowanie produktu Program antywirusowy Microsoft Defender zostało zatrzymane przed ukończeniem. Identyfikator skanowania: {0E8F7E0D-F536-49F7-B3D5-52E62B4767F1} Typ skanowania: Narzędzia chroniące przed złośliwym oprogramowaniem Parametry skanowania: Szybkie skanowanie Użytkownik: ZARZĄDZANIE NT\SYSTEM ==================== Statystyki pamięci =========================== BIOS: American Megatrends Inc. K54C.205 02/16/2012 Płyta główna: ASUSTeK Computer Inc. K54C Procesor: Intel(R) Pentium(R) CPU B950 @ 2.10GHz Procent pamięci w użyciu: 92% Całkowita pamięć fizyczna: 4000.12 MB Dostępna pamięć fizyczna: 308.36 MB Całkowita pamięć wirtualna: 4704.12 MB Dostępna pamięć wirtualna: 715.52 MB ==================== Dyski ================================ Drive c: () (Fixed) (Total:231.44 GB) (Free:128.83 GB) NTFS ==>[dysk z komponentami startowymi (pozyskano odczytując BCD)] \\?\Volume{1c8e7a96-0000-0000-0000-c0fb39000000}\ () (Fixed) (Total:0.95 GB) (Free:0.42 GB) NTFS ==================== MBR & Tablica partycji ==================== ========================================================== Disk: 0 (MBR Code: Windows 7/8/10) (Size: 232.9 GB) (Disk ID: 1C8E7A96) Partition 1: (Active) - (Size=231.4 GB) - (Type=07 NTFS) Partition 2: (Not Active) - (Size=973 MB) - (Type=27) ==================== Koniec Addition.txt =======================