Rezultaty skanu uzupełniającego Farbar Recovery Scan Tool (x64) Wersja: 14-03-2021 Uruchomiony przez pati_ (16-03-2021 20:11:46) Uruchomiony z C:\Users\pati_\Downloads Windows 10 Home Wersja 2004 19041.867 (X64) (2020-10-22 13:15:43) Tryb startu: Normal ========================================================== ==================== Konta użytkowników: ============================= Administrator (S-1-5-21-4111564225-2441505280-3832451587-500 - Administrator - Disabled) DefaultAccount (S-1-5-21-4111564225-2441505280-3832451587-503 - Limited - Disabled) Guest (S-1-5-21-4111564225-2441505280-3832451587-501 - Limited - Disabled) pati_ (S-1-5-21-4111564225-2441505280-3832451587-1001 - Administrator - Enabled) => C:\Users\pati_ WDAGUtilityAccount (S-1-5-21-4111564225-2441505280-3832451587-504 - Limited - Disabled) ==================== Centrum zabezpieczeń ======================== (Załączenie wejścia w fixlist spowoduje jego usunięcie.) AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AV: AVG Antivirus (Enabled - Up to date) {4FC75CA5-1654-5411-7CFB-1893D506BCF4} AV: AVG Antivirus (Enabled - Up to date) {18A975F9-A60C-37D8-E30B-4BEF31AD3411} AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: AVG Antivirus (Enabled - Up to date) {F4A6BD41-306E-5B9F-464B-23E1AE81F649} ==================== Zainstalowane programy ====================== (W fixlist dozwolone tylko załączanie programów adware z flagą "Hidden" w celu ich uwidocznienia. Programy adware powinny zostać w poprawny sposób odinstalowane.) Aplikacje Microsoft 365 dla przedsiębiorstw - pl-pl (HKLM\...\O365ProPlusRetail - pl-pl) (Version: 16.0.13801.20294 - Microsoft Corporation) Apple Application Support (32-bit) (HKLM-x32\...\{9F7041CB-8398-4691-B8CB-0D52273BB3D9}) (Version: 7.4 - Apple Inc.) Apple Application Support (64-bit) (HKLM\...\{6E7DF4EE-1976-4215-9D81-755AFC95687D}) (Version: 7.4 - Apple Inc.) Apple Mobile Device Support (HKLM\...\{BA2A6DBB-B09A-43D8-84F3-21C1537B47D9}) (Version: 12.2.0.15 - Apple Inc.) Apple Software Update (HKLM-x32\...\{A30EA700-5515-48F0-88B0-9E99DC356B88}) (Version: 2.6.0.1 - Apple Inc.) AVG AntiVirus FREE (HKLM-x32\...\AVG Antivirus) (Version: 21.1.3164 - AVG Technologies) Build-a-lot (HKLM-x32\...\WTA-62ca4211-5803-444b-8dfd-04065d2aa4a1) (Version: 3.0.2.59 - WildTangent) Hidden CCleaner (HKLM\...\CCleaner) (Version: 5.77 - Piriform) Chromium (HKLM-x32\...\{3CCAD40A-6C4A-058A-DDCA-750A0D4AA68A}) (Version: - ) Crazy Chicken Soccer (HKLM-x32\...\WTA-fdca5ae6-5655-457b-8ea9-833f8f1bcac6) (Version: 2.2.0.110 - WildTangent) Hidden Dropbox 25 GB (HKLM-x32\...\{84D8451D-2ED6-3A59-ABA5-2A447F7C6310}) (Version: 4.1.2.0 - Dropbox, Inc.) Dropbox Update Helper (HKLM-x32\...\{099218A5-A723-43DC-8DB5-6173656A1E94}) (Version: 1.3.415.1 - Dropbox, Inc.) Hidden Google Chrome (HKLM-x32\...\Google Chrome) (Version: 89.0.4389.82 - Google LLC) Google Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.21.123 - Google Inc.) Hidden HP Audio Switch (HKLM-x32\...\{3A5141D4-47DB-4302-9B1C-272BE585BC8A}) (Version: 1.0.179.0 - HP Inc.) HP Documentation (HKLM\...\HP_Documentation) (Version: 1.0.0.1 - HP Inc.) HP ePrint SW (HKLM-x32\...\{54da9769-2364-4bd3-8139-6400500778b3}) (Version: 5.3.22034 - HP Inc.) HP JumpStart Launch (HKLM-x32\...\{81CA40FD-E11B-4DC1-AE33-A71EB044B8B7}) (Version: 1.1.275.0 - HP Inc.) HP Orbit (HKLM-x32\...\{82b971c1-85fa-4c53-ada1-4ec6be0c0c8a}) (Version: 3.5.171.271 - HP Inc.) HP System Event Utility (HKLM-x32\...\{29E20347-C62F-4657-938E-876A182B67F1}) (Version: 1.4.14 - HP Inc.) Intel(R) Chipset Device Software (HKLM-x32\...\{314d4c01-f54b-4125-a71f-1e2722c29050}) (Version: 10.1.1.40 - Intel(R) Corporation) Hidden Intel(R) Dynamic Platform and Thermal Framework (HKLM-x32\...\{654EE65D-FAA4-4EA6-8C07-DC94E6A304D4}) (Version: 8.2.11003.3588 - Intel Corporation) Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 11.7.0.1054 - Intel Corporation) Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 25.20.100.6518 - Intel Corporation) Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 15.2.12.1048 - Intel Corporation) Intel(R) Trusted Connect Service Client x86 (HKLM-x32\...\{C9552825-7BF2-4344-BA91-D3CD46F4C441}) (Version: 1.47.866.0 - Intel Corporation) Hidden Intel(R) Trusted Connect Services Client (HKLM-x32\...\{246c6cc0-9810-4728-9a29-28474de2eec5}) (Version: 1.47.866.0 - Intel Corporation) Hidden Intel(R) Wireless Bluetooth(R) (HKLM-x32\...\{559FA847-377D-4926-80A3-ED9E014D363A}) (Version: 19.60.0 - Intel Corporation) Intel® PROSet/Wireless Software (HKLM-x32\...\{05f918ac-9392-4f5d-8399-68c4c70550b0}) (Version: 19.60.1 - Intel Corporation) iTunes (HKLM\...\{02BC119C-5817-4851-B854-1A6FA5FA0F1B}) (Version: 12.9.4.102 - Apple Inc.) Magic Heroes: Save Our Park (HKLM-x32\...\WTA-f712e531-3c98-483b-95fe-350622bf0dd2) (Version: 3.0.2.59 - WildTangent) Hidden Microsoft 365 - en-us (HKLM\...\O365HomePremRetail - en-us) (Version: 16.0.13801.20294 - Microsoft Corporation) Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 89.0.774.45 - Microsoft Corporation) Microsoft ODBC Driver 11 for SQL Server (HKLM\...\{A22EED3F-6DB6-4987-8023-6C6B7030E554}) (Version: 12.2.5000.0 - Microsoft Corporation) Microsoft OneDrive (HKU\S-1-5-21-4111564225-2441505280-3832451587-1001\...\OneDriveSetup.exe) (Version: 20.169.0823.0008 - Microsoft Corporation) Microsoft SQL Server 2005 Backward compatibility (HKLM\...\{8909B8A7-CEAB-4772-BF29-1892C4E6603B}) (Version: 8.05.2309 - Microsoft Corporation) Microsoft SQL Server 2008 R2 Command Line Utilities (HKLM\...\{D9F711D3-3C90-4D79-9292-47C90C722E2A}) (Version: 10.50.1600.1 - Microsoft Corporation) Microsoft SQL Server 2008 R2 Native Client (HKLM\...\{2180B33F-3225-423E-BBC1-7798CFD3CD1F}) (Version: 10.50.1600.1 - Microsoft Corporation) Microsoft SQL Server 2008 Setup Support Files (HKLM\...\{6292D514-17A4-403F-98F9-E150F10C043D}) (Version: 10.3.5500.0 - Microsoft Corporation) Microsoft SQL Server 2012 Native Client (HKLM\...\{C20DACBE-19F2-47FF-AD22-BBB493499346}) (Version: 11.2.5643.3 - Microsoft Corporation) Microsoft SQL Server 2014 (64-bit) (HKLM\...\Microsoft SQL Server SQLServer2014) (Version: - Microsoft Corporation) Microsoft SQL Server 2014 Setup (English) (HKLM\...\{E0AE1947-4991-475D-B972-15C90905915A}) (Version: 12.2.5000.0 - Microsoft Corporation) Microsoft SQL Server 2014 Transact-SQL ScriptDom (HKLM\...\{E8C99927-8E6E-4B6B-B80C-1B8B23B1767D}) (Version: 12.2.5000.0 - Microsoft Corporation) Microsoft Teams (HKU\S-1-5-21-4111564225-2441505280-3832451587-1001\...\Teams) (Version: 1.4.00.4167 - Microsoft Corporation) Microsoft Update Health Tools (HKLM\...\{99FAF70F-9B61-4AB0-9EC0-B31F98FFDC4A}) (Version: 2.75.0.0 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.23506 (HKLM-x32\...\{23daf363-3020-4059-b3ae-dc4ad39fed19}) (Version: 14.0.23506.0 - Microsoft Corporation) Microsoft Visual C++ 2015-2019 Redistributable (x64) - 14.25.28508 (HKLM-x32\...\{6913e92a-b64e-41c9-a5e6-cef39207fe89}) (Version: 14.25.28508.3 - Microsoft Corporation) Microsoft VSS Writer for SQL Server 2014 (HKLM\...\{366CD715-2FF4-40B4-A8B4-A05E5D21A945}) (Version: 12.2.5000.0 - Microsoft Corporation) Office 16 Click-to-Run Extensibility Component (HKLM-x32\...\{90160000-008C-0000-0000-0000000FF1CE}) (Version: 16.0.13801.20274 - Microsoft Corporation) Hidden Office 16 Click-to-Run Extensibility Component 64-bit Registration (HKLM\...\{90160000-00DD-0000-1000-0000000FF1CE}) (Version: 16.0.13801.20274 - Microsoft Corporation) Hidden Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-008F-0000-1000-0000000FF1CE}) (Version: 16.0.13801.20274 - Microsoft Corporation) Hidden Office 16 Click-to-Run Localization Component (HKLM-x32\...\{90160000-008C-0409-0000-0000000FF1CE}) (Version: 16.0.13801.20274 - Microsoft Corporation) Hidden Office 16 Click-to-Run Localization Component (HKLM-x32\...\{90160000-008C-0415-0000-0000000FF1CE}) (Version: 16.0.13801.20274 - Microsoft Corporation) Hidden Origin (HKLM-x32\...\Origin) (Version: 10.5.66.38849 - Electronic Arts, Inc.) Pakiet sterowników systemu Windows - Ross-Tech HIDClass (01/05/2014 6.3.0.3) (HKLM\...\3A9B09BBD4F12A76FBBD3A428729660930BA5F13) (Version: 01/05/2014 6.3.0.3 - Ross-Tech) Pakiet sterowników systemu Windows - Ross-Tech USB Driver Package (05/12/2014 2.10.00) (HKLM\...\88B02C4BD09AA7910C55C4E74BE8F036244B5CF9) (Version: 05/12/2014 2.10.00 - Ross-Tech) Polar Bowler 1st Frame (HKLM-x32\...\WTA-c6186b2d-9242-42d2-b93d-54198dc08853) (Version: 3.0.2.59 - WildTangent) Hidden Ranch Rush 2 - Premium Edition (HKLM-x32\...\WTA-456a8fe4-bc3d-420b-8237-f475d5d09067) (Version: 2.2.0.97 - WildTangent) Hidden Razer Cortex (HKLM-x32\...\Razer Cortex_is1) (Version: 9.13.18.1333 - Razer Inc.) Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 10.0.15063.31235 - Realtek Semiconductor Corp.) Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 10.16.323.2017 - Realtek) Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.8940.1 - Realtek Semiconductor Corp.) Runefall (HKLM-x32\...\WTA-2d3c8132-6659-4afa-a565-2cd24e2bf34e) (Version: 3.0.2.126 - WildTangent) Hidden SAP Crystal Reports runtime engine for .NET Framework (32-bit) (HKLM-x32\...\{FBAB5DC0-657B-424F-BE58-07DEFF68917C}) (Version: 13.0.5.891 - SAP) Search the Web (Yahoo) (HKLM-x32\...\{1503FDC3-4583-2C43-F403-5CC324838F43}) (Version: - ) <==== UWAGA Service Pack 2 for SQL Server 2014 (KB3171021) (64-bit) (HKLM\...\KB3171021) (Version: 12.2.5000.0 - Microsoft Corporation) Spotify (HKU\S-1-5-21-4111564225-2441505280-3832451587-1001\...\Spotify) (Version: 1.1.28.721.g5b5ee660 - Spotify AB) SQL Server 2014 Common Files (HKLM\...\{BD1CD96B-FE4B-4EAE-83D4-6EF55AB5779C}) (Version: 12.2.5000.0 - Microsoft Corporation) Hidden SQL Server 2014 Common Files (HKLM\...\{F7012F84-80F5-4C25-852E-B1BA03276FE6}) (Version: 12.2.5000.0 - Microsoft Corporation) Hidden SQL Server 2014 Database Engine Services (HKLM\...\{17531BCD-C627-46A2-9F1E-7CC920E0E94A}) (Version: 12.2.5000.0 - Microsoft Corporation) Hidden SQL Server 2014 Database Engine Services (HKLM\...\{5082A9F3-AEE5-4639-9BA7-C19661BA7331}) (Version: 12.2.5000.0 - Microsoft Corporation) Hidden SQL Server 2014 Database Engine Shared (HKLM\...\{ACC530B8-B6B4-40D6-B59B-152468CF47D0}) (Version: 12.2.5000.0 - Microsoft Corporation) Hidden SQL Server 2014 Database Engine Shared (HKLM\...\{D1B847A9-B06B-4264-9EF0-78E6E1571E65}) (Version: 12.2.5000.0 - Microsoft Corporation) Hidden SQL Server Browser for SQL Server 2014 (HKLM-x32\...\{3204DE95-97D2-4261-A286-98A262E171D4}) (Version: 12.2.5000.0 - Microsoft Corporation) Sql Server Customer Experience Improvement Program (HKLM\...\{6476DB81-F263-4C04-8574-AAD31136C304}) (Version: 12.2.5000.0 - Microsoft Corporation) Hidden Środowisko uruchomieniowe Microsoft Edge WebView2 (HKLM-x32\...\Microsoft EdgeWebView) (Version: 89.0.774.50 - Microsoft Corporation) Teams Machine-Wide Installer (HKLM-x32\...\{39AF0813-FA7B-4860-ADBE-93B9B214B914}) (Version: 1.3.0.4461 - Microsoft Corporation) The Sims™ 4 (HKLM-x32\...\{48EBEBBF-B9F8-4520-A3CF-89A730721917}) (Version: 1.46.18.1020 - Electronic Arts Inc.) Trinklit Supreme (HKLM-x32\...\WTA-0799a92b-99de-4fb0-ad21-283ee8896725) (Version: 2.2.0.98 - WildTangent) Hidden Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{32DC821E-4A7D-4878-BEE8-337FA153D7F2}) (Version: 2.63.0.0 - Microsoft Corporation) Hidden WinRAR 5.91 (64-bitowy) (HKLM\...\WinRAR archiver) (Version: 5.91.0 - win.rar GmbH) World Of Warships (HKLM-x32\...\World Of Warships) (Version: - ) Zasady rachunkowoœci (HKLM-x32\...\Zasady rachunkowoœci_is1) (Version: - ) Packages: ========= Autodesk SketchBook -> C:\Program Files\WindowsApps\89006A2E.AutodeskSketchBook_5.1.0.0_x64__tf1gferkr813w [2019-11-05] (Autodesk Inc.) Dodatek Aparat multimediów dla aplikacji Zdjęcia -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2019-09-11] (Microsoft Corporation) HP Smart -> C:\Program Files\WindowsApps\AD2F1837.HPPrinterControl_122.3.838.0_x64__v10z8vjag6ke6 [2021-03-01] (HP Inc.) Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-02-13] (Microsoft Corporation) [MS Ad] Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-02-13] (Microsoft Corporation) [MS Ad] Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.9.1252.0_x64__8wekyb3d8bbwe [2021-02-01] (Microsoft Studios) [MS Ad] Netflix -> C:\Program Files\WindowsApps\4DF9E0F8.Netflix_6.97.752.0_x64__mcm4njqhnhss8 [2020-07-16] (Netflix, Inc.) Pasjans -> C:\Program Files\WindowsApps\26720RandomSaladGamesLLC.SimpleSolitaire_7.1.3.0_x64__kx24dqmazqk8j [2021-03-16] (Random Salad Games LLC) Synaptics TouchPad -> C:\Program Files\WindowsApps\SynapticsIncorporated.SynHPConsumerDApp_19005.35054.0.0_x64__807d65c4rvak2 [2020-03-14] (Synaptics Incorporated) ==================== Niestandardowe rejestracje CLSID (filtrowane): ============== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) CustomCLSID: HKU\S-1-5-21-4111564225-2441505280-3832451587-1001_Classes\CLSID\{19A6E644-14E6-4A60-B8D7-DD20610A871D}\InprocServer32 -> C:\Users\pati_\AppData\Local\Microsoft\TeamsMeetingAddin\1.0.20289.5\x64\Microsoft.Teams.AddinLoader.dll (Microsoft Corporation -> Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-4111564225-2441505280-3832451587-1001_Classes\CLSID\{CB965DF1-B8EA-49C7-BDAD-5457FDC1BF92}\InprocServer32 -> C:\Users\pati_\AppData\Local\Microsoft\TeamsMeetingAddin\1.0.20244.4\x64\Microsoft.Teams.AddinLoader.dll => Brak pliku ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> Brak pliku ShellIconOverlayIdentifiers: [00avg] -> {472083B1-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVG\Antivirus\ashShell.dll [2021-02-25] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.) ShellIconOverlayIdentifiers-x32: [00avg] -> {472083B1-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVG\Antivirus\ashShell.dll [2021-02-25] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.) ContextMenuHandlers1: [AVG] -> {472083B1-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVG\Antivirus\ashShell.dll [2021-02-25] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.) ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2020-08-25] (win.rar GmbH -> Alexander Roshal) ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2020-08-25] (win.rar GmbH -> Alexander Roshal) ContextMenuHandlers3: [00avg] -> {472083B1-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVG\Antivirus\ashShell.dll [2021-02-25] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.) ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> Brak pliku ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\System32\DriverStore\FileRepository\ki135422.inf_amd64_819df826076efbf4\igfxDTCM.dll [2020-03-16] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation) ContextMenuHandlers6: [AVG] -> {472083B1-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVG\Antivirus\ashShell.dll [2021-02-25] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.) ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2020-08-25] (win.rar GmbH -> Alexander Roshal) ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2020-08-25] (win.rar GmbH -> Alexander Roshal) ==================== Codecs (filtrowane) ==================== (Załączenie wejścia w fixlist spowoduje usunięcie obiektu z rejestru lub przywrócenie jego domyślnej postaci. Powiązany plik nie zostanie przeniesiony.) HKLM\...\Drivers32: [vidc.VP60] => C:\WINDOWS\SysWOW64\vp6vfw.dll [447752 2014-09-16] (Electronic Arts -> On2.com) HKLM\...\Drivers32: [vidc.VP61] => C:\WINDOWS\SysWOW64\vp6vfw.dll [447752 2014-09-16] (Electronic Arts -> On2.com) ==================== Skróty & WMI ======================== ==================== Załadowane moduły (filtrowane) ============= ==================== Alternate Data Streams (filtrowane) ======== ==================== Tryb awaryjny (filtrowane) ================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Wartość "AlternateShell" zostanie przywrócona.) HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\avgSP.sys => ""="Driver" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\avgSP.sys => ""="Driver" ==================== Powiązania plików (filtrowane) ================= ==================== Internet Explorer (filtrowane) ========== SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2021-03-08] (Microsoft Corporation -> Microsoft Corporation) BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\Office16\OCHelper.dll [2021-03-08] (Microsoft Corporation -> Microsoft Corporation) Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2021-03-08] (Microsoft Corporation -> Microsoft Corporation) Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2021-03-08] (Microsoft Corporation -> Microsoft Corporation) Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2021-03-08] (Microsoft Corporation -> Microsoft Corporation) Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2021-03-08] (Microsoft Corporation -> Microsoft Corporation) Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll Brak pliku (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru.) IE trusted site: HKU\.DEFAULT\...\localhost -> localhost IE trusted site: HKU\S-1-5-21-4111564225-2441505280-3832451587-1001\...\localhost -> localhost IE trusted site: HKU\S-1-5-21-4111564225-2441505280-3832451587-1001\...\sharepoint.com -> hxxps://gpe-files.sharepoint.com ==================== Hosts - zawartość: ========================= (Użycie dyrektywy Hosts: w fixlist spowoduje reset pliku Hosts.) 2017-03-18 22:03 - 2021-03-16 19:21 - 000000027 _____ C:\WINDOWS\system32\drivers\etc\hosts 127.0.0.1 localhost ==================== Inne obszary =========================== (Obecnie brak automatycznej naprawy dla tej sekcji.) HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Intel\iCLS Client\;C:\Program Files\Intel\iCLS Client\;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files\Intel\Intel(R) Management Engine Components\IPT;%SYSTEMROOT%\System32\OpenSSH\;C:\Program Files\Microsoft SQL Server\Client SDK\ODBC\110\Tools\Binn\;C:\Program Files (x86)\Microsoft SQL Server\120\Tools\Binn\;C:\Program Files\Microsoft SQL Server\120\Tools\Binn\;C:\Program Files\Microsoft SQL Server\120\DTS\Binn\;C:\Program Files (x86)\Microsoft SQL Server\80\Tools\Binn\ HKU\S-1-5-21-4111564225-2441505280-3832451587-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\pati_\AppData\Local\Packages\Microsoft.Windows.Photos_8wekyb3d8bbwe\LocalState\PhotosAppBackground\r8nHMaK.gif DNS Servers: 192.168.0.1 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1) HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: ) Zapora systemu Windows [funkcja włączona] ==================== MSCONFIG/TASK MANAGER - Wyłączone elementy == (Załączenie wejścia w fixlist spowoduje jego usunięcie.) HKLM\...\StartupApproved\Run: => "RTHDVCPL" HKLM\...\StartupApproved\Run32: => "HPMessageService" HKLM\...\StartupApproved\Run32: => "RazerCortex" HKU\S-1-5-21-4111564225-2441505280-3832451587-1001\...\StartupApproved\Run: => "OneDrive" HKU\S-1-5-21-4111564225-2441505280-3832451587-1001\...\StartupApproved\Run: => "com.squirrel.Teams.Teams" ==================== Reguły Zapory systemu Windows (filtrowane) ================ (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) FirewallRules: [UDP Query User{4EAA7F46-8232-41D6-B23B-46DFFE51DBED}C:\users\pati_\appdata\local\microsoft\teams\current\teams.exe] => (Block) C:\users\pati_\appdata\local\microsoft\teams\current\teams.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [TCP Query User{CD74B288-32D8-423B-AE79-B8379879E3F0}C:\users\pati_\appdata\local\microsoft\teams\current\teams.exe] => (Block) C:\users\pati_\appdata\local\microsoft\teams\current\teams.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [UDP Query User{E51FAAC4-9108-4427-9061-3A910D4BF1F0}C:\program files\the sims 4\game\bin\ts4_x64.exe] => (Block) C:\program files\the sims 4\game\bin\ts4_x64.exe (Electronic Arts Inc.) [Brak podpisu cyfrowego] FirewallRules: [TCP Query User{C3FB35DE-A1EB-4B51-9933-D56EDD51E20A}C:\program files\the sims 4\game\bin\ts4_x64.exe] => (Block) C:\program files\the sims 4\game\bin\ts4_x64.exe (Electronic Arts Inc.) [Brak podpisu cyfrowego] FirewallRules: [UDP Query User{0C409516-1A0E-4DF2-A8CE-D0A665A3C647}C:\users\pati_\appdata\local\microsoft\teams\current\teams.exe] => (Block) C:\users\pati_\appdata\local\microsoft\teams\current\teams.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [TCP Query User{07ABA530-264A-45BC-8095-CB1602073FC5}C:\users\pati_\appdata\local\microsoft\teams\current\teams.exe] => (Block) C:\users\pati_\appdata\local\microsoft\teams\current\teams.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [{7B35D594-4461-4063-8034-7B7C73D61A66}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [{14FC5D05-6356-4ACC-98B2-D4101B580909}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [{9648E715-6043-407E-A829-D0C53FC989D9}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [{ED323C15-AA93-4D93-A28C-8C6CB660D937}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [{6EAF6308-BE3B-49FB-B759-DABD948B128F}] => (Allow) C:\Program Files\The Sims 4\Game\Bin\TS4_x64.exe (Electronic Arts Inc.) [Brak podpisu cyfrowego] FirewallRules: [{55693D59-76B1-4BED-88A7-53430DC8F816}] => (Allow) C:\Program Files\The Sims 4\Game\Bin\TS4_x64.exe (Electronic Arts Inc.) [Brak podpisu cyfrowego] FirewallRules: [{3743DBE1-9BFB-40F5-B646-94249B7FE412}] => (Allow) C:\Program Files\The Sims 4\Game\Bin\TS4.exe (Electronic Arts Inc.) [Brak podpisu cyfrowego] FirewallRules: [{98DBCD66-9649-4463-90AB-7CA97D7174AE}] => (Allow) C:\Program Files\The Sims 4\Game\Bin\TS4.exe (Electronic Arts Inc.) [Brak podpisu cyfrowego] FirewallRules: [UDP Query User{3029B169-EFB7-4F60-A124-826B7F54E8B1}C:\users\pati_\appdata\roaming\utorrent web\utweb.exe] => (Block) C:\users\pati_\appdata\roaming\utorrent web\utweb.exe => Brak pliku FirewallRules: [TCP Query User{BF09DAE9-0F4B-4912-B51B-D2DA6C5A0545}C:\users\pati_\appdata\roaming\utorrent web\utweb.exe] => (Block) C:\users\pati_\appdata\roaming\utorrent web\utweb.exe => Brak pliku FirewallRules: [UDP Query User{CF68CCB6-C1B8-4E9D-B42D-E7E716BE2533}C:\users\pati_\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\pati_\appdata\roaming\spotify\spotify.exe (Spotify AB -> Spotify Ltd) FirewallRules: [TCP Query User{9AA5A4D4-F8B2-44E1-A333-A7BB000D6E01}C:\users\pati_\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\pati_\appdata\roaming\spotify\spotify.exe (Spotify AB -> Spotify Ltd) FirewallRules: [{87070CB9-C94B-4EE2-801B-1CD5FA0515C3}] => (Allow) LPort=13148 FirewallRules: [{5EEE5996-3453-4827-AAB0-5E2D655CAB29}] => (Allow) C:\Program Files\HP\HP Orbit Service\HPOrbitService.exe => Brak pliku FirewallRules: [{E162576D-AECA-4D7B-B22A-7A1673FDF397}] => (Allow) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc. -> Apple Inc.) FirewallRules: [{0BCC9771-6A96-452E-8095-E15BEBF80D74}] => (Allow) C:\Users\pati_\AppData\Local\Chromium\Application\chrome.exe (The Chromium Authors) [Brak podpisu cyfrowego] FirewallRules: [TCP Query User{3343E49D-1019-4DE1-AC39-8600ED652036}C:\users\pati_\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\pati_\appdata\roaming\spotify\spotify.exe (Spotify AB -> Spotify Ltd) FirewallRules: [UDP Query User{26958B43-118C-4EBC-9355-68D7974743BC}C:\users\pati_\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\pati_\appdata\roaming\spotify\spotify.exe (Spotify AB -> Spotify Ltd) FirewallRules: [{F3CA75E5-417D-417B-A5E6-274F2BFD5253}] => (Allow) C:\Program Files\iTunes\iTunes.exe (Apple Inc. -> Apple Inc.) FirewallRules: [{ADF2746F-7A4D-4681-A363-A7202FF1AD5E}] => (Allow) C:\Ross-Tech\VCDS\VCDS.EXE => Brak pliku FirewallRules: [{AC858E73-3EB4-4EC9-A175-F5652E3F8BA1}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [{EE992492-DB9E-4AAE-8946-7208E641DFF1}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.68.96.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.) FirewallRules: [{913F50A8-E151-444F-A51B-AA716EE384E6}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.68.96.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.) FirewallRules: [{A24F0229-F85C-4985-AE0E-9A6BB3087824}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.68.96.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.) FirewallRules: [{93CC1199-48E5-4559-A5BB-3F98A4C143FA}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.68.96.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.) FirewallRules: [{07505DA3-E79A-4DB7-BB9D-4A2491BB4119}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\89.0.774.50\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [{D17CBA6E-4802-4F34-AEA0-D96F9DEE8D83}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC) ==================== Punkty Przywracania systemu ========================= 16-03-2021 16:29:43 Removed Neighbours From Hell Online Demo ==================== Wadliwe urządzenia w Menedżerze urządzeń ============ ==================== Błędy w Dzienniku zdarzeń: ======================== Dziennik Aplikacja: ================== Error: (03/16/2021 07:37:37 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Nazwa aplikacji powodującej błąd: RzKLService.exe, wersja: 1.4.1.7, sygnatura czasowa: 0x5e5f2e69 Nazwa modułu powodującego błąd: ntdll.dll, wersja: 10.0.19041.844, sygnatura czasowa: 0xa9ac4e88 Kod wyjątku: 0xc0000374 Przesunięcie błędu: 0x000e6a73 Identyfikator procesu powodującego błąd: 0x1274 Godzina uruchomienia aplikacji powodującej błąd: 0x01d71a92ec869247 Ścieżka aplikacji powodującej błąd: C:\Program Files (x86)\Razer\Razer Cortex\RzKLService.exe Ścieżka modułu powodującego błąd: C:\WINDOWS\SYSTEM32\ntdll.dll Identyfikator raportu: 48df9e4f-fb2d-412a-b419-edf57002c914 Pełna nazwa pakietu powodującego błąd: Identyfikator aplikacji względem pakietu powodującego błąd: Dziennik System: ============= Error: (03/16/2021 07:51:25 PM) (Source: DCOM) (EventID: 10000) (User: LAPTOP-N93U0AA1) Description: Nie można uruchomić serwera DCOM: {0358B920-0AC7-461F-98F4-58E32CD89148}. Błąd: 2147942767 Błąd wystąpił podczas uruchamiania polecenia: C:\WINDOWS\system32\DllHost.exe /Processid:{3EB3C877-1F16-487C-9050-104DBCD66683} Error: (03/16/2021 07:49:08 PM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: Usługa SQL Server (INSERTGT) niespodziewanie zakończyła pracę. Wystąpiło to razy: 1. Error: (03/16/2021 07:49:08 PM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: Usługa Usługa buforowania czcionek platformy Windows Presentation Foundation, wersja 3.0.0.0 niespodziewanie zakończyła pracę. Wystąpiło to razy: 1. W przeciągu 0 milisekund zostanie podjęta następująca czynność korekcyjna: Uruchom usługę ponownie. Error: (03/16/2021 07:49:07 PM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: Usługa Microsoft Office Click-to-Run Service niespodziewanie zakończyła pracę. Wystąpiło to razy: 1. W przeciągu 0 milisekund zostanie podjęta następująca czynność korekcyjna: Uruchom usługę ponownie. Error: (03/16/2021 07:49:07 PM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: Usługa Intel(R) Content Protection HECI Service niespodziewanie zakończyła pracę. Wystąpiło to razy: 1. Error: (03/16/2021 07:49:07 PM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: Usługa Intel(R) Dynamic Application Loader Host Interface Service niespodziewanie zakończyła pracę. Wystąpiło to razy: 1. Error: (03/16/2021 07:49:07 PM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: Usługa Apple Mobile Device Service niespodziewanie zakończyła pracę. Wystąpiło to razy: 1. W przeciągu 60000 milisekund zostanie podjęta następująca czynność korekcyjna: Uruchom usługę ponownie. Error: (03/16/2021 07:49:07 PM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: Usługa SQL Server Browser niespodziewanie zakończyła pracę. Wystąpiło to razy: 1. W przeciągu 60000 milisekund zostanie podjęta następująca czynność korekcyjna: Uruchom usługę ponownie. CodeIntegrity: =============== Date: 2021-03-16 19:41:26 Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume3\Program Files\AVG\Antivirus\aswhook.dll that did not meet the Microsoft signing level requirements. Date: 2021-03-16 19:36:34 Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MpCmdRun.exe) attempted to load \Device\HarddiskVolume3\Program Files\AVG\Antivirus\aswAMSI.dll that did not meet the Microsoft signing level requirements. ==================== Statystyki pamięci =========================== BIOS: Insyde F.24 09/25/2017 Płyta główna: HP 8328 Procesor: Intel(R) Core(TM) i3-6006U CPU @ 2.00GHz Procent pamięci w użyciu: 47% Całkowita pamięć fizyczna: 8108.91 MB Dostępna pamięć fizyczna: 4226.66 MB Całkowita pamięć wirtualna: 10412.91 MB Dostępna pamięć wirtualna: 6925.11 MB ==================== Dyski ================================ Drive c: (Windows) (Fixed) (Total:915.82 GB) (Free:797.04 GB) NTFS Drive d: (RECOVERY) (Fixed) (Total:14.46 GB) (Free:14.39 GB) NTFS \\?\Volume{fefbab92-21e6-4e7e-8a8a-9c11ad339671}\ (Windows RE tools) (Fixed) (Total:0.96 GB) (Free:0.36 GB) NTFS \\?\Volume{eb8848f9-f507-453a-b681-560fad9fa56c}\ () (Fixed) (Total:0.25 GB) (Free:0.16 GB) FAT32 ==================== MBR & Tablica partycji ==================== ========================================================== Disk: 0 (Size: 931.5 GB) (Disk ID: 834607F1) Partition: GPT. ==================== Koniec Addition.txt =======================