Rezultaty skanu uzupełniającego Farbar Recovery Scan Tool (x64) Wersja: 23-07-2017 Uruchomiony przez azartech (24-07-2017 15:16:36) Uruchomiony z C:\Users\azartech\Downloads Windows 10 Pro Wersja 1607 (X64) (2016-11-08 08:49:07) Tryb startu: Normal ========================================================== ==================== Konta użytkowników: ============================= Administrator (S-1-5-21-1445482062-2114172164-452704232-500 - Administrator - Disabled) azartech (S-1-5-21-1445482062-2114172164-452704232-1001 - Administrator - Enabled) => C:\Users\azartech Gość (S-1-5-21-1445482062-2114172164-452704232-501 - Limited - Disabled) Konto domyślne (S-1-5-21-1445482062-2114172164-452704232-503 - Limited - Disabled) ==================== Centrum zabezpieczeń ======================== (Załączenie wejścia w fixlist spowoduje jego usunięcie.) AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AV: Malwarebytes (Disabled - Up to date) {23007AD3-69FE-687C-2629-D584AFFAF72B} AV: ESET Smart Security (Enabled - Up to date) {EC1D6F37-E411-475A-DF50-12FF7FE4AC70} AS: ESET Smart Security (Enabled - Up to date) {577C8ED3-C22B-48D4-E5E0-298D0463E6CD} AS: Malwarebytes (Disabled - Up to date) {98619B37-4FC4-67F2-1C99-EEF6D47DBD96} AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} FW: Zapora osobista ESET (Enabled) {D426EE12-AE7E-4602-F40F-BBCA8137EB0B} ==================== Zainstalowane programy ====================== (W fixlist dozwolone tylko załączanie programów adware z flagą "Hidden" w celu ich uwidocznienia. Programy adware powinny zostać w poprawny sposób odinstalowane.) 2007 Microsoft Office system (HKLM-x32\...\PROHYBRIDR) (Version: 12.0.6612.1000 - Microsoft Corporation) 64 Bit HP CIO Components Installer (HKLM\...\{30689060-43BD-46E9-8A54-E6CDB18AAB88}) (Version: 20.2.1 - HP Inc.) Hidden 64 Bit HP CIO Components Installer (HKLM\...\{C788B026-20BD-4E96-B698-533F1D6C5013}) (Version: 7.2.4 - Hewlett-Packard) Hidden 7-Zip 9.38 beta (HKLM-x32\...\7-Zip) (Version: - ) Advanced IP Scanner 2.4 (HKLM-x32\...\{C3CF783A-5457-4989-966F-7BE08812FB71}) (Version: 2.4.2601 - Famatech) AdWords Editor (HKLM-x32\...\{F5CB9470-6351-11E7-B35B-480FCF5D6515}) (Version: 12.0.4.0 - Google) Aktualizacja produktu Microsoft Office Excel 2007 Help (KB963678) (HKLM-x32\...\{90120000-0016-0415-0000-0000000FF1CE}_PROHYBRIDR_{04E205D6-88B1-4652-B162-42DF2C3B1228}) (Version: - Microsoft) Aktualizacja produktu Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM-x32\...\{90120000-0018-0415-0000-0000000FF1CE}_PROHYBRIDR_{442ECBCF-94A7-48CC-8CD9-D31FFFD5FA86}) (Version: - Microsoft) Aktualizacja produktu Microsoft Office Word 2007 Help (KB963665) (HKLM-x32\...\{90120000-001B-0415-0000-0000000FF1CE}_PROHYBRIDR_{128A36ED-21BE-4547-9FFE-5B85AEC735DD}) (Version: - Microsoft) ALLPlayer Pilot (HKLM-x32\...\{146BDBDD-ACD9-4B04-A286-C27471841E8E}_is1) (Version: 1.2 - ALLPlayer Group, Ltd.) ALLPlayer V6.X (HKLM-x32\...\ALLPlayer_is1) (Version: - ALLPlayer Group, Ltd.) AnyDesk (HKLM-x32\...\AnyDesk) (Version: ad 3.1.1 - philandro Software GmbH) Baza Danych (v17.4.21.1634) (HKLM-x32\...\Baza Danych 2017_is1) (Version: 17.4.21.1634 - Meteoryt.pl) BlackBerry 10 Desktop Software (Blend, Link, Drivers) (HKLM-x32\...\{c33e77db-89b5-4abf-a1d1-97f8b35347e1}) (Version: 1.2.0.52 - BlackBerry) BlackBerry Blend (HKLM-x32\...\{1DA42C01-4ED2-4B4E-B90C-18FCBA12FC41}) (Version: 1.2.0.50 - BlackBerry Ltd.) Hidden BlackBerry Communication Drivers (HKLM-x32\...\{46CD5A63-0C1F-45C3-B643-CA87A17275C0}) (Version: 8.0.0.143 - BlackBerry Ltd.) Hidden BlackBerry Desktop Software 4.5 (HKLM-x32\...\{2D963679-1FC7-4E13-9A81-343F6F49BCC4}) (Version: 4.5.0.13 - Research In Motion Ltd.) Hidden BlackBerry Desktop Software 4.5 (HKLM-x32\...\BlackBerry_{2D963679-1FC7-4E13-9A81-343F6F49BCC4}) (Version: 4.5.0.13 - Research In Motion Ltd.) BlackBerry Device Drivers (HKLM-x32\...\{1F6490E5-7540-426D-BC1E-EB57B0BF0C38}) (Version: 8.0.0.143 - BlackBerry Ltd.) Hidden BlackBerry Link (HKLM-x32\...\{C42468F9-9812-4550-A54B-5DDB062EB10F}) (Version: 1.2.4.39 - BlackBerry) Hidden BlackBerry Link Remover (HKLM-x32\...\{44D65CAB-1BC8-47B7-BF5B-3EB8B6BB0276}) (Version: 1.2.4.0 - BlackBerry Ltd.) Hidden Brother MFL-Pro Suite DCP-7065DN (HKLM-x32\...\{3ACCCFB3-7B17-4E9F-ACB0-46868FCD4487}) (Version: 1.1.3.0 - Brother Industries, Ltd.) CCleaner (HKLM\...\CCleaner) (Version: 5.23 - Piriform) Crystal Reports XI Runtime (HKLM-x32\...\{B53F189B-5098-4246-AE76-E8A95206C07E}) (Version: 11.5.12.1838 - SAP Business Objects) CrystalDiskInfo 6.7.5 (HKLM-x32\...\CrystalDiskInfo_is1) (Version: 6.7.5 - Crystal Dew World) Dell System Detect (HKU\S-1-5-21-1445482062-2114172164-452704232-1001\...\58d94f3ce2c27db0) (Version: 7.5.0.6 - Dell) Dell Touchpad (HKLM\...\{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}) (Version: 10.2207.101.108 - ALPS ELECTRIC CO., LTD.) ESET Smart Security (HKLM\...\{4381D174-1253-459D-96C1-50F37EF92330}) (Version: 10.1.204.1 - ESET, spol. s r.o.) etiLABEL Basic Demo (3.0.0.118) (HKLM-x32\...\etiLABEL_is1) (Version: - ) f.lux (HKU\S-1-5-21-1445482062-2114172164-452704232-1001\...\Flux) (Version: - ) Foxit Reader (HKLM-x32\...\Foxit Reader_is1) (Version: 8.1.0.1013 - Foxit Software Inc.) FreeCommander XE (HKLM-x32\...\FreeCommander XE_is1) (Version: - Marek Jasinski) GIMP 2.8.16 (HKLM\...\GIMP-2_is1) (Version: 2.8.16 - The GIMP Team) Google Chrome (HKLM-x32\...\Google Chrome) (Version: 59.0.3071.115 - Google Inc.) Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.5 - Google Inc.) Hidden Google Web Designer (HKLM\...\{811767F4-C586-4673-A41F-E9D767497222}) (Version: 1.5.0.0 - Google Inc.) HP LaserJet M1522 MFP Series 4.2 (HKLM\...\{C8A37F1F-E13B-48ae-93F8-4669264969F9}) (Version: 4.2 - HP) HP LaserJet Professional P1100-P1560-P1600 Series (HKLM\...\HP LaserJet Professional P1100-P1560-P1600 Series) (Version: - ) hppFaxDrvM1522 (HKLM-x32\...\{1B10BB48-3697-4C87-B0BC-23FAC6130199}) (Version: 003.100.00001 - Hewlett-Packard) Hidden hppLaserJetService (HKLM-x32\...\{5F6AC312-27BA-4BFC-A41F-65AF014D80AB}) (Version: 001.300.00005 - Hewlett-Packard) Hidden hppSendFaxM1522 (HKLM-x32\...\{B6A9D5A0-0827-49C2-A903-513045AE15D3}) (Version: 003.000.00001 - Nazwa firmy) Hidden Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 11.0.0.1163 - Intel Corporation) Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 20.19.15.4531 - Intel Corporation) Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 14.8.1.1043 - Intel Corporation) Intel® Security Assist (HKLM-x32\...\{4B230374-6475-4A73-BA6E-41015E9C5013}) (Version: 1.0.0.532 - Intel Corporation) Internet Manager (HKLM-x32\...\Internet Manager) (Version: 22.001.18.13.49 - Huawei Technologies Co.,Ltd) IPCamSetup (HKLM-x32\...\{02C39DE9-B03A-4FE7-89F9-61E224FE65CC}) (Version: 1.00.0000 - FOSCAM) IPCWebComponents 3.3.0.7 (HKLM-x32\...\{4740E1B2-51CF-4083-8976-D6B3B5A5064F}_is1) (Version: 3.3.0.7 - ) IrfanView 4.44 (64-bit) (HKLM\...\IrfanView64) (Version: 4.44 - Irfan Skiljan) join.me (HKU\S-1-5-21-1445482062-2114172164-452704232-1001\...\JoinMe) (Version: 3.2.1.5223 - LogMeIn, Inc.) KeePass Password Safe 2.32 (HKLM-x32\...\KeePassPasswordSafe2_is1) (Version: 2.32 - Dominik Reichl) Klever PumpKIN 2.7.3 (HKLM-x32\...\PumpKIN) (Version: 2.7.3 - Klever Group) K-Lite Codec Pack 12.3.0 Full (HKLM-x32\...\KLiteCodecPack_is1) (Version: 12.3.0 - KLCP) LibreOffice 4.4.3.1 (HKLM-x32\...\{74378E06-DC15-48BD-814C-2E21CD1EEA4E}) (Version: 4.4.3.1 - The Document Foundation) Malwarebytes (wersja 3.1.2.1733) (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.1.2.1733 - Malwarebytes) Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{91120000-0031-0000-0000-0000000FF1CE}_PROHYBRIDR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft) Microsoft Office Excel Viewer (HKLM-x32\...\{95120000-003F-0409-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation) Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation) Microsoft OneDrive (HKU\S-1-5-21-1445482062-2114172164-452704232-1001\...\OneDriveSetup.exe) (Version: 17.3.6917.0607 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319 (HKLM\...\{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}) (Version: 10.0.30319 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM-x32\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation) Mozilla Firefox 47.0.1 (x64 pl) (HKLM\...\Mozilla Firefox 47.0.1 (x64 pl)) (Version: 47.0.1 - Mozilla) Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 47.0.1 - Mozilla) Mozilla Thunderbird 38.7.2 (x86 pl) (HKLM-x32\...\Mozilla Thunderbird 38.7.2 (x86 pl)) (Version: 38.7.2 - Mozilla) MSVC80_x64 (HKLM\...\{68660049-8D48-427C-9FF7-139D8340CDC0}) (Version: 1.0.1.0 - Nokia) Hidden MSVC80_x86 (HKLM-x32\...\{212748BB-0DA5-46DE-82A1-403736DC9F27}) (Version: 1.0.1.0 - Nokia) Hidden MSXML 4.0 SP2 Parser and SDK (HKLM-x32\...\{716E0306-8318-4364-8B8F-0CC4E9376BAC}) (Version: 4.20.9818.0 - Microsoft Corporation) MySQL-Front (HKLM-x32\...\MySQL-Front_is1) (Version: 5.4 - ) NetSurveillance (HKLM-x32\...\NetSurveillance) (Version: - ) NMS_full_x64 (HKLM\...\{1F5C3200-AE1C-11DC-6784-00A0BC6018BE}) (Version: 1.37.31 - AAT Holding sp. z o.o.) OKI MB4x1/ES41x1/MPS42x Scanner (HKLM-x32\...\InstallShield_{59B5BAE2-6CB8-4375-AF76-ECF3D34095FA}) (Version: 1.1.1.0 - Oki Data Corporation) Opera Stable 46.0.2597.57 (HKLM-x32\...\Opera 46.0.2597.57) (Version: 46.0.2597.57 - Opera Software) Pakiet sterowników systemu Windows - Nokia pccsmcfd (08/22/2008 7.0.0.0) (HKLM\...\FCEC33AD40CEA5E0FC4CEE6E42041A0DA189652D) (Version: 08/22/2008 7.0.0.0 - Nokia) PC Connectivity Solution (HKLM-x32\...\{34610DE0-3C13-42CA-8E32-01FFA38AB6E8}) (Version: 8.47.7.0 - Nokia) Plus Internet 2.4 (HKLM-x32\...\Plus Internet_is1) (Version: - Polkomtel S.A.) Realtek Audio COM Components (HKLM-x32\...\{2355B503-9B11-4449-861D-1C1748B26320}) (Version: 1.0.2 - Realtek Semiconductor Corp.) Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6075 - Realtek Semiconductor Corp.) Samsung Kies (HKLM-x32\...\{758C8301-2696-4855-AF45-534B1200980A}) (Version: 2.6.3.15024.5 - Samsung Electronics Co., Ltd.) Hidden Samsung Kies (HKLM-x32\...\InstallShield_{758C8301-2696-4855-AF45-534B1200980A}) (Version: 2.6.3.15024.5 - Samsung Electronics Co., Ltd.) Samsung Kies3 (HKLM-x32\...\{88547073-C566-4895-9005-EBE98EA3F7C7}) (Version: 3.2.16044.2 - Samsung Electronics Co., Ltd.) Hidden Samsung Kies3 (HKLM-x32\...\InstallShield_{88547073-C566-4895-9005-EBE98EA3F7C7}) (Version: 3.2.16044.2 - Samsung Electronics Co., Ltd.) Samsung PC Studio 7 (HKLM-x32\...\{AB6F6C80-1C35-4672-BDEF-F26FF214C409}) (Version: 7.2.24.9 - Samsung) Hidden Samsung PC Studio 7 (HKLM-x32\...\Samsung PC Studio 7) (Version: 7.2.24.9 - Samsung) Samsung USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.61.0 - Samsung Electronics Co., Ltd.) SamsungConnectivityCableDriver (HKLM-x32\...\{7E84FAC8-C518-40F9-9807-7455301D6D25}) (Version: 6.83.6.2.1 - Samsung) ScannerDriver (HKLM\...\{59B5BAE2-6CB8-4375-AF76-ECF3D34095FA}) (Version: 1.1.1.0 - Oki Data Corporation) Hidden Skype™ 7.37 (HKLM-x32\...\{3B7E914A-93D5-4A29-92BB-AF8C3F66C431}) (Version: 7.37.103 - Skype Technologies S.A.) Smart Switch (HKLM-x32\...\{74FA5314-85C8-4E2A-907D-D9ECCCB770A7}) (Version: 4.1.16084.4 - Samsung Electronics Co., Ltd.) Hidden Smart Switch (HKLM-x32\...\InstallShield_{74FA5314-85C8-4E2A-907D-D9ECCCB770A7}) (Version: 4.1.16084.4 - Samsung Electronics Co., Ltd.) SmartPSS (HKLM-x32\...\{25D1B122-C4D3-455D-87E9-956E8EF0D048}) (Version: 1.12 - BCSCCTV.PL) SpeedFan (remove only) (HKLM-x32\...\SpeedFan) (Version: - ) SuperClient (HKLM-x32\...\SuperClient) (Version: - ) TeamViewer 12 (HKLM-x32\...\TeamViewer) (Version: 12.0.78716 - TeamViewer) TightVNC (HKLM\...\{D2372F87-7DA2-47F7-A102-AF2181B8EAA2}) (Version: 2.7.10.0 - GlavSoft LLC.) Total Commander 64-bit (Remove or Repair) (HKLM\...\Totalcmd64) (Version: 8.52a - Ghisler Software GmbH) Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{91120000-0031-0000-0000-0000000FF1CE}_PROHYBRIDR_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft) ViewClient (HKLM-x32\...\{FF14C187-9EB3-41F9-862F-2620EF5E5898}_is1) (Version: - sz) WAPRO Mag (HKLM-x32\...\{67486777-E3D1-4F1F-81D3-E200A5256308}) (Version: 8.21.2 - Asseco Business Solutions S.A.) WebPlugin version 1.0.1.17 (HKLM-x32\...\{4C348041-DD7D-4aa7-95AF-F97220E4D505}_is1) (Version: 1.0.1.17 - DVR Soft.) WinDirStat 1.1.2 (HKU\S-1-5-21-1445482062-2114172164-452704232-1001\...\WinDirStat) (Version: - ) Windows 10 Update and Privacy Settings (HKLM\...\{4DFCD818-036A-4229-A67D-CF17DC461D92}) (Version: 1.0.14.0 - Microsoft Corporation) Windows 7 USB/DVD Download Tool (HKLM-x32\...\{CCF298AF-9CE1-4B26-B251-486E98A34789}) (Version: 1.0.30 - Microsoft Corporation) XnView 2.40 (HKLM-x32\...\XnView_is1) (Version: 2.40 - Gougelet Pierre-e) ==================== Niestandardowe rejestracje CLSID (filtrowane): ========================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) CustomCLSID: HKU\S-1-5-21-1445482062-2114172164-452704232-1001_Classes\CLSID\{144DF3B2-2402-47AE-9583-5A045929A8D4}\InprocServer32 -> C:\Users\azartech\AppData\Local\Google\Update\1.3.33.5\psuser_64.dll (Google Inc.) CustomCLSID: HKU\S-1-5-21-1445482062-2114172164-452704232-1001_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\azartech\AppData\Local\Google\Update\1.3.33.5\psuser_64.dll (Google Inc.) ContextMenuHandlers01: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => -> Brak pliku ContextMenuHandlers01: [ESET Smart Security - Context Menu Shell Extension] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Security\shellExt.dll [2017-03-09] (ESET) ContextMenuHandlers01: [Foxit_ConvertToPDF_Reader] -> {A94757A0-0226-426F-B4F1-4DF381C630D3} => C:\Program Files\Foxit Reader\plugins\ConvertToPDFShellExtension_x64.dll [2016-10-14] (Foxit Software Inc.) ContextMenuHandlers02: [ESET Smart Security - Context Menu Shell Extension] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Security\shellExt.dll [2017-03-09] (ESET) ContextMenuHandlers03: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2017-05-09] (Malwarebytes) ContextMenuHandlers04: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => -> Brak pliku ContextMenuHandlers05: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> Brak pliku ContextMenuHandlers05: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\system32\igfxDTCM.dll [2016-11-02] (Intel Corporation) ContextMenuHandlers06: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => -> Brak pliku ContextMenuHandlers06: [ESET Smart Security - Context Menu Shell Extension] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Security\shellExt.dll [2017-03-09] (ESET) ContextMenuHandlers06: [Foxit_ConvertToPDF_Reader] -> {A94757A0-0226-426F-B4F1-4DF381C630D3} => C:\Program Files\Foxit Reader\plugins\ConvertToPDFShellExtension_x64.dll [2016-10-14] (Foxit Software Inc.) ContextMenuHandlers06: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2017-05-09] (Malwarebytes) ==================== Zaplanowane zadania (filtrowane) ============= (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) Task: {1EAE67D5-0CB6-4CA4-91B5-A791BE4AE0E2} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1445482062-2114172164-452704232-1001Core1d258b6dabb43cd => C:\Users\azartech\AppData\Local\Google\Update\GoogleUpdate.exe [2016-03-22] (Google Inc.) Task: {205A9F21-4766-454F-8779-A6F09F3ABADB} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1445482062-2114172164-452704232-1001UA1d258b6dabfb171 => C:\Users\azartech\AppData\Local\Google\Update\GoogleUpdate.exe [2016-03-22] (Google Inc.) Task: {703083B7-2843-4749-86B4-FDF35E29DFAD} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1445482062-2114172164-452704232-1001Core => C:\Users\azartech\AppData\Local\Google\Update\GoogleUpdate.exe [2016-03-22] (Google Inc.) Task: {784DD4C6-8517-4743-8878-E724E036F645} - System32\Tasks\OneDrive Standalone Update Task => C:\Users\azartech\AppData\Local\Microsoft\OneDrive\17.3.6517.0809\OneDriveStandaloneUpdater.exe Task: {795F9EF1-429B-4A6E-AC5E-0B19BB2E694A} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2016-09-28] (Piriform Ltd) Task: {9D1CAED8-B9FF-40DB-9A7F-66DD4994B129} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-03-04] (Google Inc.) Task: {A0ED4A2F-EF8F-4B2C-8B73-61298055C9E8} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1445482062-2114172164-452704232-1001UA => C:\Users\azartech\AppData\Local\Google\Update\GoogleUpdate.exe [2016-03-22] (Google Inc.) Task: {A38EE641-930D-4179-ADB5-AAA9371363BA} - System32\Tasks\Opera scheduled Autoupdate 1456951458 => C:\Program Files (x86)\Opera\launcher.exe [2017-07-18] (Opera Software) Task: {AAE787B2-683B-4934-9D01-E997FC1C1FF9} - System32\Tasks\klcp_update => C:\Program Files (x86)\K-Lite Codec Pack\Tools\CodecTweakTool.exe [2016-08-01] () Task: {D8730786-886B-4980-8B27-2CBF485B7387} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-03-04] (Google Inc.) (Załączenie wejścia w fixlist spowoduje przesunięcie pliku zadania (.job). Plik uruchamiany docelowo przez zadanie nie zostanie przeniesiony.) Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe Task: C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-1445482062-2114172164-452704232-1001Core.job => C:\Users\azartech\AppData\Local\Google\Update\GoogleUpdate.exe Task: C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-1445482062-2114172164-452704232-1001UA.job => C:\Users\azartech\AppData\Local\Google\Update\GoogleUpdate.exe ==================== Skróty & WMI ======================== (Wybrane wejścia mogą zostać załączone w celu ich zresetowania lub usunięcia.) Shortcut: C:\Users\azartech\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\NetSurveillance\reg.lnk -> C:\Program Files (x86)\NetSurveillance\CMS\reg.bat () ==================== Załadowane moduły (filtrowane) ============== 2016-07-16 13:42 - 2016-07-16 13:42 - 00231424 _____ () C:\WINDOWS\SYSTEM32\ism32k.dll 2017-07-12 10:46 - 2017-06-21 09:48 - 02681200 _____ () C:\WINDOWS\system32\CoreUIComponents.dll 2016-04-09 16:28 - 2012-08-31 15:03 - 00288768 _____ () C:\WINDOWS\System32\HP1100LM.DLL 2016-02-15 22:01 - 2016-02-15 22:01 - 00031256 _____ () C:\WINDOWS\System32\us008lm.dll 2016-04-09 16:28 - 2012-08-31 15:02 - 00074240 _____ () C:\WINDOWS\system32\spool\PRTPROCS\x64\HP1100PP.DLL 2017-01-20 16:35 - 2017-01-20 16:35 - 01738952 _____ () C:\Program Files (x86)\AnyDesk\AnyDesk.exe 2016-07-05 21:46 - 2005-04-22 06:36 - 00143360 _____ () C:\WINDOWS\system32\BrSNMP64.dll 2016-07-11 20:25 - 2013-12-19 09:30 - 00678480 _____ () C:\ProgramData\Internet Manager\OnlineUpdate\ouc.exe 2008-12-06 02:19 - 2008-12-06 02:19 - 00918016 _____ () C:\Program Files (x86)\Samsung\Samsung PC Studio 7\phonebrowser64.dll 2009-05-16 00:20 - 2009-05-16 00:20 - 01103872 _____ () C:\Program Files (x86)\Samsung\Samsung PC Studio 7\PCSCM64_Samsung.dll 2016-11-02 00:05 - 2016-11-02 00:05 - 00401896 _____ () C:\WINDOWS\system32\igfxTray.exe 2016-11-08 10:37 - 2016-11-08 10:37 - 00134656 _____ () C:\Windows\ShellExperiences\Windows.UI.Shell.SharedUtilities.dll 2017-04-20 21:46 - 2017-03-04 08:31 - 00474112 _____ () C:\Windows\ShellExperiences\QuickActions.dll 2008-12-06 01:48 - 2008-12-06 01:48 - 00699392 _____ () C:\Program Files (x86)\Samsung\Samsung PC Studio 7\PCSuite.exe 2015-05-20 14:00 - 2015-05-20 14:00 - 00688888 _____ () C:\Program Files (x86)\Common Files\Research In Motion\nginx\nginx.exe 2017-05-23 18:16 - 2017-05-23 18:16 - 03918848 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.1705.1301.0_x64__8wekyb3d8bbwe\Calculator.exe 2017-07-17 20:50 - 2017-07-17 21:16 - 00074752 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.19.820.0_x64__kzf8qxf38zg5c\SkypeHost.exe 2017-07-17 20:50 - 2017-07-17 21:16 - 00203264 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.19.820.0_x64__kzf8qxf38zg5c\SkypeBackgroundTasks.dll 2017-07-17 20:50 - 2017-07-17 21:16 - 43573248 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.19.820.0_x64__kzf8qxf38zg5c\SkyWrap.dll 2017-07-17 20:50 - 2017-07-17 21:16 - 02435584 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.19.820.0_x64__kzf8qxf38zg5c\skypert.dll 2008-09-19 08:52 - 2008-09-19 08:52 - 00202752 _____ () C:\Program Files (x86)\PC Connectivity Solution\Transports\NclUSBSrv64.exe 2008-06-03 08:02 - 2008-06-03 08:02 - 00119808 _____ () C:\Program Files (x86)\PC Connectivity Solution\Transports\NclRSSrv.exe 2017-06-30 23:29 - 2017-06-30 23:33 - 00020480 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2017.18062.13720.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe 2017-06-30 23:29 - 2017-06-30 23:33 - 27590144 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2017.18062.13720.0_x64__8wekyb3d8bbwe\Microsoft.Photos.dll 2017-06-30 23:29 - 2017-06-30 23:33 - 00428032 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2017.18062.13720.0_x64__8wekyb3d8bbwe\Microsoft.Photos.AGM.Native.Windows.dll 2017-06-30 23:29 - 2017-06-30 23:33 - 20649984 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2017.18062.13720.0_x64__8wekyb3d8bbwe\PhotosApp.Windows.dll 2017-06-30 23:29 - 2017-06-30 23:33 - 02305536 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2017.18062.13720.0_x64__8wekyb3d8bbwe\MediaEngine.dll 2017-06-30 23:29 - 2017-06-30 23:33 - 02856448 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2017.18062.13720.0_x64__8wekyb3d8bbwe\AppCore.Windows.dll 2017-06-02 00:01 - 2017-06-02 00:01 - 03139496 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2017.18062.13720.0_x64__8wekyb3d8bbwe\Microsoft.UI.Xaml.dll 2017-06-06 18:31 - 2017-06-06 18:32 - 00046080 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2017.18062.13720.0_x64__8wekyb3d8bbwe\Microsoft.Photos.Edit.Services.dll 2016-06-04 09:25 - 2016-06-04 09:27 - 00680448 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2017.18062.13720.0_x64__8wekyb3d8bbwe\Microsoft.DesignCore.dll 2017-06-30 23:29 - 2017-06-30 23:33 - 01127936 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2017.18062.13720.0_x64__8wekyb3d8bbwe\Microsoft.RichMedia.Ink.Controls.dll 2017-05-04 20:34 - 2017-05-04 20:34 - 01062400 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2017.18062.13720.0_x64__8wekyb3d8bbwe\Microsoft.Sharing.dll 2017-04-20 21:46 - 2017-03-04 08:12 - 09760768 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll 2017-04-20 21:46 - 2017-03-04 08:05 - 01401856 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll 2017-04-20 21:46 - 2017-03-04 08:05 - 00757248 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CSGSuggestLib.dll 2017-07-12 10:46 - 2017-06-21 08:35 - 02424320 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll 2017-07-12 10:46 - 2017-06-21 08:37 - 04853760 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll 2017-07-24 14:42 - 2017-07-18 06:18 - 89013336 _____ () C:\Program Files (x86)\Opera\46.0.2597.57_0\opera_browser.dll 2017-07-24 14:42 - 2017-07-18 06:18 - 03930712 _____ () C:\Program Files (x86)\Opera\46.0.2597.57_0\libglesv2.dll 2017-07-24 14:42 - 2017-07-18 06:18 - 00100440 _____ () C:\Program Files (x86)\Opera\46.0.2597.57_0\libegl.dll 2017-07-12 22:10 - 2017-06-23 05:21 - 03807064 _____ () C:\Program Files (x86)\Google\Chrome\Application\59.0.3071.115\libglesv2.dll 2017-07-12 22:10 - 2017-06-23 05:21 - 00100184 _____ () C:\Program Files (x86)\Google\Chrome\Application\59.0.3071.115\libegl.dll 2016-07-11 20:25 - 2013-12-19 04:20 - 00011362 _____ () C:\ProgramData\Internet Manager\OnlineUpdate\mingwm10.dll 2016-07-11 20:25 - 2013-12-19 04:20 - 00043008 _____ () C:\ProgramData\Internet Manager\OnlineUpdate\libgcc_s_dw2-1.dll 2016-07-11 20:25 - 2013-12-19 04:20 - 02417152 _____ () C:\ProgramData\Internet Manager\OnlineUpdate\QtCore4.dll 2016-07-11 20:25 - 2013-12-19 04:20 - 01148416 _____ () C:\ProgramData\Internet Manager\OnlineUpdate\QtNetwork4.dll 2015-03-19 13:22 - 2015-03-19 13:22 - 00094208 _____ () C:\Program Files (x86)\Common Files\Research In Motion\Tunnel Manager\libxpmux.dll 2017-05-31 11:41 - 2017-05-31 11:41 - 01982976 ____R () C:\Program Files (x86)\Skype\Phone\skypert.dll 2008-12-05 16:15 - 2008-12-05 16:15 - 00356352 _____ () C:\Program Files (x86)\Samsung\Samsung PC Studio 7\QtXml4.dll 2008-12-05 16:15 - 2008-12-05 16:15 - 01581056 _____ () C:\Program Files (x86)\Samsung\Samsung PC Studio 7\QtCore4.dll 2008-12-05 16:23 - 2008-12-05 16:23 - 06402048 _____ () C:\Program Files (x86)\Samsung\Samsung PC Studio 7\QtGui4.dll 2009-05-16 00:10 - 2009-05-16 00:10 - 00716800 _____ () C:\Program Files (x86)\Samsung\Samsung PC Studio 7\PCSCM.dll 2008-12-06 01:25 - 2008-12-06 01:25 - 00004608 _____ () C:\Program Files (x86)\Samsung\Samsung PC Studio 7\PCSL.dll 2008-12-06 01:50 - 2008-12-06 01:50 - 00713728 _____ () C:\Program Files (x86)\Samsung\Samsung PC Studio 7\styles\NGLStyle.dll 2008-12-05 16:31 - 2008-12-05 16:31 - 00131072 _____ () C:\Program Files (x86)\Samsung\Samsung PC Studio 7\imageformats\qjpeg4.dll 2016-07-05 21:46 - 2009-02-27 16:38 - 00139264 ____R () C:\Program Files (x86)\Brother\BrUtilities\BrLogAPI.dll 2015-08-14 02:17 - 2015-08-14 02:17 - 01243936 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll 2016-04-06 11:18 - 2016-04-06 11:18 - 00153032 _____ () C:\Program Files (x86)\Mozilla Thunderbird\NSLDAP32V60.dll 2016-04-06 11:18 - 2016-04-06 11:18 - 00022472 _____ () C:\Program Files (x86)\Mozilla Thunderbird\NSLDAPPR32V60.dll ==================== Alternate Data Streams (filtrowane) ========= (Załączenie wejścia w fixlist spowoduje usunięcie strumienia ADS.) ==================== Tryb awaryjny (filtrowane) =================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Wartość "AlternateShell" zostanie przywrócona.) HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys => ""="Driver" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Wdf01000.sys => ""="Driver" ==================== Powiązania plików (filtrowane) =============== (Załączenie wejścia w fixlist spowoduje usunięcie obiektu z rejestru lub przywrócenie jego domyślnej postaci.) ==================== Internet Explorer - Witryny zaufane i z ograniczeniami =============== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru.) ==================== Hosts - zawartość: =============================== (Użycie dyrektywy Hosts: w fixlist spowoduje reset pliku Hosts.) 2015-10-30 09:24 - 2015-10-30 09:21 - 00000824 _____ C:\WINDOWS\system32\Drivers\etc\hosts ==================== Inne obszary ============================ (Obecnie brak automatycznej naprawy dla tej sekcji.) HKU\S-1-5-21-1445482062-2114172164-452704232-1001\Control Panel\Desktop\\Wallpaper -> C:\Windows\web\wallpaper\Windows\img0.jpg DNS Servers: 192.168.17.1 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1) HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: Off) Zapora systemu Windows [funkcja włączona] ==================== MSCONFIG/TASK MANAGER - Wyłączone elementy == HKLM\...\StartupApproved\StartupFolder: => "NMS Server.lnk" HKLM\...\StartupApproved\Run: => "Apoint" HKLM\...\StartupApproved\Run32: => "KiesTrayAgent" HKU\S-1-5-21-1445482062-2114172164-452704232-1001\...\StartupApproved\Run: => "OneDrive" HKU\S-1-5-21-1445482062-2114172164-452704232-1001\...\StartupApproved\Run: => "ALLUpdate" HKU\S-1-5-21-1445482062-2114172164-452704232-1001\...\StartupApproved\Run: => "ALLPlayer WiFi Remote" HKU\S-1-5-21-1445482062-2114172164-452704232-1001\...\StartupApproved\Run: => "Napisy24Update" ==================== Reguły Zapory systemu Windows (filtrowane) =============== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) FirewallRules: [UDP Query User{096A2F6D-36E6-4E03-B55C-EB1F8667FB80}C:\users\azartech\downloads\winbox (1).exe] => (Allow) C:\users\azartech\downloads\winbox (1).exe FirewallRules: [TCP Query User{B15D0E94-D5B6-432F-94A0-49C2ADA3DE1A}C:\users\azartech\downloads\winbox (1).exe] => (Allow) C:\users\azartech\downloads\winbox (1).exe FirewallRules: [{16962846-ECA8-4D5B-A239-8D589723EDA3}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe FirewallRules: [{33E3132F-3552-4DBB-A866-01E40B8367E7}] => (Allow) LPort=161 FirewallRules: [{A88D7BC0-D93F-455C-A269-0F9791343B32}] => (Allow) LPort=427 FirewallRules: [{600AFD0E-3BA9-4F61-BD5F-F40417EBF342}] => (Allow) LPort=9100 FirewallRules: [{11E7DE27-6450-429A-9D53-9F53EAB3CCF7}] => (Allow) C:\Program Files\HP\HP LaserJet P1100 Series\wificonfig.exe FirewallRules: [{D9528F47-24E7-4E49-95A1-C51319F0C3C4}] => (Allow) C:\Program Files\HP\HP LaserJet P1100 Series\wificonfig.exe FirewallRules: [UDP Query User{9E168196-6D30-4EDB-92B6-47A6606BC12C}C:\users\azartech\downloads\winbox.exe] => (Allow) C:\users\azartech\downloads\winbox.exe FirewallRules: [TCP Query User{FFEE5F0F-3C8D-4E53-ACF7-5AB8A32BAF2A}C:\users\azartech\downloads\winbox.exe] => (Allow) C:\users\azartech\downloads\winbox.exe FirewallRules: [UDP Query User{80413559-4611-435E-A3E7-E9D93AD1B398}C:\users\azartech\downloads\winbox (1).exe] => (Allow) C:\users\azartech\downloads\winbox (1).exe FirewallRules: [TCP Query User{DBED58D9-90E0-4784-A943-839BB20D3AA2}C:\users\azartech\downloads\winbox (1).exe] => (Allow) C:\users\azartech\downloads\winbox (1).exe FirewallRules: [UDP Query User{F3A7AFEB-4B45-4F14-B715-DE219040FEB6}C:\program files (x86)\smart professional surveillance system\smartpss\smartpss.exe] => (Allow) C:\program files (x86)\smart professional surveillance system\smartpss\smartpss.exe FirewallRules: [TCP Query User{DAE0651D-2748-4E83-950C-F3B5B709C4A0}C:\program files (x86)\smart professional surveillance system\smartpss\smartpss.exe] => (Allow) C:\program files (x86)\smart professional surveillance system\smartpss\smartpss.exe FirewallRules: [{E1A1C764-B384-44AD-B5E2-9A7C29398E13}] => (Allow) LPort=123 FirewallRules: [UDP Query User{DA5F0A3C-DF9E-4820-A60B-73C4FB9D673A}C:\program files\klever\nothings\pumpkin.exe] => (Allow) C:\program files\klever\nothings\pumpkin.exe FirewallRules: [TCP Query User{7EDA77B7-887D-4CF7-8137-2357D680842A}C:\program files\klever\nothings\pumpkin.exe] => (Allow) C:\program files\klever\nothings\pumpkin.exe FirewallRules: [UDP Query User{9B3243CE-B632-4FC3-BEEB-950781EB0529}C:\users\azartech\downloads\winbox (2).exe] => (Allow) C:\users\azartech\downloads\winbox (2).exe FirewallRules: [TCP Query User{E0568FEA-DE3C-4149-865D-757E973DA6EA}C:\users\azartech\downloads\winbox (2).exe] => (Allow) C:\users\azartech\downloads\winbox (2).exe FirewallRules: [{F8A307F1-3A46-4E9B-B541-72DDC9A78676}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe FirewallRules: [{CF1CEAAE-5A10-4CD1-AA66-CBBE7AA99A03}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe FirewallRules: [{93560A6B-E314-4581-A127-072D88D4B37C}] => (Allow) LPort=54925 FirewallRules: [UDP Query User{ADED8E40-86BA-44B7-91CA-DCE1F4327F0E}C:\program files (x86)\ipcamsetup\ipcamera.exe] => (Allow) C:\program files (x86)\ipcamsetup\ipcamera.exe FirewallRules: [TCP Query User{DE06CAA0-C0FF-43AF-9FD3-78FB8CB15F62}C:\program files (x86)\ipcamsetup\ipcamera.exe] => (Allow) C:\program files (x86)\ipcamsetup\ipcamera.exe FirewallRules: [{3B5F5CB6-856A-4A4C-8A2B-5A4BB26D6CB3}] => (Allow) C:\Program Files\TightVNC\tvnserver.exe FirewallRules: [UDP Query User{A9EECFDC-BDF2-48C8-9DD2-4901395136C5}C:\program files (x86)\allplayer remote\allplayerremotecontrol.exe] => (Allow) C:\program files (x86)\allplayer remote\allplayerremotecontrol.exe FirewallRules: [TCP Query User{ECB53E06-FA75-4F27-A964-CF4029BB710E}C:\program files (x86)\allplayer remote\allplayerremotecontrol.exe] => (Allow) C:\program files (x86)\allplayer remote\allplayerremotecontrol.exe FirewallRules: [UDP Query User{4A525A24-D7E0-45D7-B99C-41112A66473F}C:\program files (x86)\allplayer remote\allplayerremotecontrol.exe] => (Allow) C:\program files (x86)\allplayer remote\allplayerremotecontrol.exe FirewallRules: [TCP Query User{04836D72-232D-437B-B65C-09F403BD862E}C:\program files (x86)\allplayer remote\allplayerremotecontrol.exe] => (Allow) C:\program files (x86)\allplayer remote\allplayerremotecontrol.exe FirewallRules: [UDP Query User{67676446-B535-4B21-9374-884C9272C921}C:\program files (x86)\common files\research in motion\tunnel manager\peermanager.exe] => (Allow) C:\program files (x86)\common files\research in motion\tunnel manager\peermanager.exe FirewallRules: [TCP Query User{D369CFA6-62DA-458F-AA6C-3A4E149462D2}C:\program files (x86)\common files\research in motion\tunnel manager\peermanager.exe] => (Allow) C:\program files (x86)\common files\research in motion\tunnel manager\peermanager.exe FirewallRules: [UDP Query User{293A4CB7-208E-46EE-B445-B661FAA0E571}C:\windows\explorer.exe] => (Allow) C:\windows\explorer.exe FirewallRules: [TCP Query User{3AF6F53F-6074-4637-84B5-7A3F5EBB028B}C:\windows\explorer.exe] => (Allow) C:\windows\explorer.exe FirewallRules: [{054B805D-B8F5-47D3-874D-66A761192EEB}] => (Allow) C:\Program Files (x86)\HP\hp laserjet m1522\Fax Config utility1.exe FirewallRules: [{AF89BF86-B7EF-48F4-B3F3-6EFE96189043}] => (Allow) C:\Program Files (x86)\HP\hp laserjet m1522\Fax Config utility1.exe FirewallRules: [TCP Query User{D8D12D1F-C941-4558-A520-B10776C96969}C:\program files (x86)\ipcamsetup\ipcamera.exe] => (Allow) C:\program files (x86)\ipcamsetup\ipcamera.exe FirewallRules: [UDP Query User{3D5D0F35-8C4A-4D49-BDF6-C91852449E3E}C:\program files (x86)\ipcamsetup\ipcamera.exe] => (Allow) C:\program files (x86)\ipcamsetup\ipcamera.exe FirewallRules: [{6D9F1994-3317-466E-9592-B88CB5A3EF51}] => (Allow) %systemroot%\system32\alg.exe FirewallRules: [{A9DB2947-D171-48E1-B18A-AAEF9E5EA367}] => (Allow) %systemroot%\system32\alg.exe FirewallRules: [{A76B3C8B-BEC0-425B-B45F-2ACA0E93CEA2}] => (Allow) C:\Program Files (x86)\HP\hp laserjet m1522\Fax Config utility1.exe FirewallRules: [{7B13D6CC-B031-48F6-9408-4527BC4828CA}] => (Allow) C:\Program Files (x86)\HP\hp laserjet m1522\Fax Config utility1.exe FirewallRules: [TCP Query User{A07AE0D7-F94D-4F8F-B4EB-97F9C572E470}C:\program files (x86)\internet explorer\iexplore.exe] => (Allow) C:\program files (x86)\internet explorer\iexplore.exe FirewallRules: [UDP Query User{FCE791E3-2D9A-4B52-84E5-4B35B6C3DA67}C:\program files (x86)\internet explorer\iexplore.exe] => (Allow) C:\program files (x86)\internet explorer\iexplore.exe FirewallRules: [{74DDC1BD-AF72-41C2-B79B-36C5AE918C28}] => (Allow) tunmgr.exe FirewallRules: [{B2512A6C-CDE2-4155-92B7-2F825E5E31CA}] => (Allow) tunmgr.exe FirewallRules: [{B6D25598-0559-4313-97FE-739A5678FE8A}] => (Allow) mDNSResponder.exe FirewallRules: [{E3DB4C67-889D-4CA8-9C99-661763BB9CB8}] => (Allow) mDNSResponder.exe FirewallRules: [{CB2C908B-55DB-47EA-9703-92F6D19C6047}] => (Allow) C:\Program Files (x86)\Common Files\Research In Motion\nginx\nginx.exe FirewallRules: [{8161404E-F1B0-443E-B309-B6B2B636E195}] => (Allow) C:\Program Files (x86)\Common Files\Research In Motion\tunnel manager\PeerManager.exe FirewallRules: [{516AF6BB-1A16-4971-9D2D-5461AD8FC064}] => (Allow) C:\Program Files (x86)\BlackBerry\BlackBerry Blend\desktopinvokeproxy.exe FirewallRules: [TCP Query User{BDF20549-ADD2-4669-B9D3-F4F0055E9229}C:\program files (x86)\viewclient\svdvrmain.exe] => (Allow) C:\program files (x86)\viewclient\svdvrmain.exe FirewallRules: [UDP Query User{9CCF3BD5-936B-4EBE-BB37-B5029AA6FFCC}C:\program files (x86)\viewclient\svdvrmain.exe] => (Allow) C:\program files (x86)\viewclient\svdvrmain.exe FirewallRules: [TCP Query User{1508DB61-EFA2-45B0-A321-5252ACDF0489}C:\program files (x86)\internet explorer\iexplore.exe] => (Allow) C:\program files (x86)\internet explorer\iexplore.exe FirewallRules: [UDP Query User{791C905C-60CB-4AE9-AFC7-E2CEA6DC6863}C:\program files (x86)\internet explorer\iexplore.exe] => (Allow) C:\program files (x86)\internet explorer\iexplore.exe FirewallRules: [TCP Query User{69300AD3-072A-431C-AF24-FC3BE180EDBE}C:\totalcmd\totalcmd64.exe] => (Allow) C:\totalcmd\totalcmd64.exe FirewallRules: [UDP Query User{25675913-270D-45C3-B9E8-4B8D05A434F2}C:\totalcmd\totalcmd64.exe] => (Allow) C:\totalcmd\totalcmd64.exe FirewallRules: [{2A8D90D6-9096-45E9-9C97-58A7DCC68C6B}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe FirewallRules: [{0C83CB57-373A-45AA-AAFE-906666166492}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe FirewallRules: [{DA970E31-30F0-437C-9745-4806CCDA4004}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe FirewallRules: [{B2E21742-FF57-4BD4-B4AF-1A52AC1C630D}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe FirewallRules: [TCP Query User{116703B2-3635-4BE3-B420-882BF3646D46}C:\users\azartech\downloads\winbox (3).exe] => (Allow) C:\users\azartech\downloads\winbox (3).exe FirewallRules: [UDP Query User{A5571D11-0C58-4AE7-8CA1-83FD64330624}C:\users\azartech\downloads\winbox (3).exe] => (Allow) C:\users\azartech\downloads\winbox (3).exe FirewallRules: [{C7F8C082-0797-410E-AFC9-C9B800F30C98}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe FirewallRules: [{501E62E9-C329-470F-91BA-1D4CEDF2FE28}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe FirewallRules: [{A7E4DF2C-5327-45BA-93E8-FDFC5BE915F7}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe FirewallRules: [{A626A25C-399D-4A14-B5C2-AB459B34F1E0}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe FirewallRules: [TCP Query User{5D3ACE2D-8419-4867-BA93-6BD2C3D4B503}C:\program files (x86)\wapro\wapro mag\mag.exe] => (Allow) C:\program files (x86)\wapro\wapro mag\mag.exe FirewallRules: [UDP Query User{ED1D51A4-A796-4B7F-B8F8-DA6A9D47082B}C:\program files (x86)\wapro\wapro mag\mag.exe] => (Allow) C:\program files (x86)\wapro\wapro mag\mag.exe FirewallRules: [{CBED73D6-9A1D-4A89-9DDC-80C9E5F371BC}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe FirewallRules: [{AF393107-43A9-4287-B177-42D919A5E591}] => (Allow) C:\Program Files (x86)\Opera\46.0.2597.57\opera.exe FirewallRules: [{AB149A12-5E6E-4FDD-BC1D-B8ECC1F2E2CA}] => (Allow) C:\Program Files (x86)\AnyDesk\AnyDesk.exe FirewallRules: [{D8A4407B-57A4-4C8B-ABAF-5FBD229FBBD5}] => (Allow) C:\Program Files (x86)\AnyDesk\AnyDesk.exe FirewallRules: [{D7B1EEF3-4C59-4915-9F36-2A94C66C6E97}] => (Allow) C:\Program Files (x86)\AnyDesk\AnyDesk.exe FirewallRules: [{ABBA9749-2BA6-4140-8157-F148F831B08C}] => (Allow) C:\Program Files (x86)\AnyDesk\AnyDesk.exe FirewallRules: [{6DA391B5-90F8-4B91-9549-4D0DB4A6C041}] => (Allow) C:\Program Files (x86)\AnyDesk\AnyDesk.exe FirewallRules: [{C370CF48-1B56-4D42-A15F-6AED6BC73143}] => (Allow) C:\Program Files (x86)\AnyDesk\AnyDesk.exe FirewallRules: [{AEFC5BEA-B904-4A4A-A3F1-0F9F66B8EBD3}] => (Allow) C:\Program Files (x86)\Opera\46.0.2597.57_0\opera.exe ==================== Punkty Przywracania systemu ========================= 12-07-2017 10:47:57 Windows Update 24-07-2017 11:17:00 Zaplanowany punkt kontrolny ==================== Wadliwe urządzenia w Menedżerze urządzeń ============= ==================== Błędy w Dzienniku zdarzeń: ========================= Dziennik Aplikacja: ================== Error: (07/24/2017 03:14:11 PM) (Source: SideBySide) (EventID: 78) (User: ) Description: Nie można wygenerować kontekstu aktywacji dla „C:\Users\azartech\Downloads\esetsmartinstaller_plk.exe”. Błąd w pliku manifestu lub w pliku zasad „” w wierszu . Wersja składnika wymagana przez aplikację powoduje konflikt z inną wersją składnika, która jest już aktywna. Składniki powodujące konflikt: Składnik 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.14393.953_none_42151e83c686086b.manifest. Składnik 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.14393.953_none_89c2555adb023171.manifest. Error: (07/24/2017 02:59:52 PM) (Source: RIM MDNS) (EventID: 100) (User: ) Description: mDNSCoreReceiveResponse: Unexpected conflict discarding 25 100.17.168.192.in-addr.arpa. PTR DESKTOP-HN1LBRF-2.local. Error: (07/24/2017 02:59:52 PM) (Source: RIM MDNS) (EventID: 100) (User: ) Description: mDNSCoreReceiveResponse: Received from 192.168.17.100:5353 23 100.17.168.192.in-addr.arpa. PTR DESKTOP-HN1LBRF.local. Error: (07/24/2017 02:59:51 PM) (Source: RIM MDNS) (EventID: 100) (User: ) Description: Local Hostname DESKTOP-HN1LBRF.local already in use; will try DESKTOP-HN1LBRF-2.local instead Error: (07/24/2017 02:59:51 PM) (Source: RIM MDNS) (EventID: 100) (User: ) Description: mDNSCoreReceiveResponse: ProbeCount 2; will deregister 4 DESKTOP-HN1LBRF.local. Addr 192.168.17.100 Error: (07/24/2017 02:59:51 PM) (Source: RIM MDNS) (EventID: 100) (User: ) Description: mDNSCoreReceiveResponse: Received from 192.168.17.100:5353 16 DESKTOP-HN1LBRF.local. AAAA 2A01:115F:0718:9900:ECC9:9DB4:875F:0FE1 Error: (07/24/2017 02:59:51 PM) (Source: RIM MDNS) (EventID: 100) (User: ) Description: mDNSCoreReceiveResponse: Resetting to Probing: 4 DESKTOP-HN1LBRF.local. Addr 192.168.17.100 Error: (07/24/2017 02:59:51 PM) (Source: RIM MDNS) (EventID: 100) (User: ) Description: mDNSCoreReceiveResponse: Received from 192.168.17.100:5353 16 DESKTOP-HN1LBRF.local. AAAA 2A01:115F:0718:9900:ECC9:9DB4:875F:0FE1 Error: (07/24/2017 02:46:05 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Nazwa aplikacji powodującej błąd: hpzscr40.exe, wersja: 9.0.0.62, sygnatura czasowa: 0x45f9fb91 Nazwa modułu powodującego błąd: ntdll.dll, wersja: 10.0.14393.1378, sygnatura czasowa: 0x594a1350 Kod wyjątku: 0xc0000005 Przesunięcie błędu: 0x0000000000047304 Identyfikator procesu powodującego błąd: 0x13c Godzina uruchomienia aplikacji powodującej błąd: 0x01d3047aa407e910 Ścieżka aplikacji powodującej błąd: C:\Program Files (x86)\HP\Digital Imaging\{C8A37F1F-E13B-48ae-93F8-4669264969F9}\setup\hpzscr40.exe Ścieżka modułu powodującego błąd: C:\WINDOWS\SYSTEM32\ntdll.dll Identyfikator raportu: 34f5ee7a-0258-4b25-85d9-3f79294d7998 Pełna nazwa pakietu powodującego błąd: Identyfikator aplikacji względem pakietu powodującego błąd: Error: (07/24/2017 02:45:51 PM) (Source: SideBySide) (EventID: 78) (User: ) Description: Nie można wygenerować kontekstu aktywacji dla „C:\Users\azartech\Downloads\esetsmartinstaller_plk.exe”. Błąd w pliku manifestu lub w pliku zasad „” w wierszu . Wersja składnika wymagana przez aplikację powoduje konflikt z inną wersją składnika, która jest już aktywna. Składniki powodujące konflikt: Składnik 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.14393.953_none_42151e83c686086b.manifest. Składnik 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.14393.953_none_89c2555adb023171.manifest. Dziennik System: ============= Error: (07/24/2017 02:42:32 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: ZARZĄDZANIE NT) Description: Instalacja nie powiodła się: system Windows nie mógł zainstalować następującej aktualizacji, ponieważ wystąpił błąd 0x8024200d: Aktualizacja funkcji dla systemu Windows 10, wersja 1703. Error: (07/24/2017 02:02:01 PM) (Source: DCOM) (EventID: 10016) (User: ZARZĄDZANIE NT) Description: Zgodnie z ustawieniami uprawnienia właściwe dla aplikacji nie jest udzielane uprawnienie Lokalny Aktywacja do aplikacji serwera COM z identyfikatorem klasy CLSID {D63B10C5-BB46-4990-A94F-E40B9D520160} i identyfikatorem aplikacji APPID {9CA88EE3-ACB7-47C8-AFC4-AB702511C276} użytkownikowi ZARZĄDZANIE NT\SYSTEM o identyfikatorze zabezpieczeń SID (S-1-5-18) z adresu LocalHost (użycie LRPC) działającemu w kontenerze aplikacji o identyfikatorze SID Niedostępny (Niedostępny). To uprawnienie zabezpieczeń można modyfikować przy użyciu narzędzia administracyjnego Usługi składowe. Error: (07/24/2017 12:47:30 PM) (Source: Microsoft-Windows-Kernel-General) (EventID: 5) (User: ZARZĄDZANIE NT) Description: 0x8000002a118\??\C:\PROGRAMDATA\MALWAREBYTES\MBAMSERVICE\S-1-5-21-1445482062-2114172164-452704232-1001-07242017124730062-ntuser.dat Error: (07/24/2017 12:36:13 PM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: Usługa HWDeviceService64.exe niespodziewanie zakończyła pracę. Wystąpiło to razy: 1. Error: (07/24/2017 12:36:05 PM) (Source: DCOM) (EventID: 10016) (User: ZARZĄDZANIE NT) Description: Zgodnie z ustawieniami uprawnienia właściwe dla aplikacji nie jest udzielane uprawnienie Lokalny Aktywacja do aplikacji serwera COM z identyfikatorem klasy CLSID {6B3B8D23-FA8D-40B9-8DBD-B950333E2C52} i identyfikatorem aplikacji APPID {4839DDB7-58C2-48F5-8283-E1D1807D0D7D} użytkownikowi ZARZĄDZANIE NT\USŁUGA LOKALNA o identyfikatorze zabezpieczeń SID (S-1-5-19) z adresu LocalHost (użycie LRPC) działającemu w kontenerze aplikacji o identyfikatorze SID Niedostępny (Niedostępny). To uprawnienie zabezpieczeń można modyfikować przy użyciu narzędzia administracyjnego Usługi składowe. Error: (07/24/2017 12:36:05 PM) (Source: DCOM) (EventID: 10016) (User: ZARZĄDZANIE NT) Description: Zgodnie z ustawieniami uprawnienia właściwe dla aplikacji nie jest udzielane uprawnienie Lokalny Aktywacja do aplikacji serwera COM z identyfikatorem klasy CLSID {6B3B8D23-FA8D-40B9-8DBD-B950333E2C52} i identyfikatorem aplikacji APPID {4839DDB7-58C2-48F5-8283-E1D1807D0D7D} użytkownikowi ZARZĄDZANIE NT\USŁUGA LOKALNA o identyfikatorze zabezpieczeń SID (S-1-5-19) z adresu LocalHost (użycie LRPC) działającemu w kontenerze aplikacji o identyfikatorze SID Niedostępny (Niedostępny). To uprawnienie zabezpieczeń można modyfikować przy użyciu narzędzia administracyjnego Usługi składowe. Error: (07/24/2017 12:36:02 PM) (Source: DCOM) (EventID: 10016) (User: ZARZĄDZANIE NT) Description: Zgodnie z ustawieniami uprawnienia właściwe dla aplikacji nie jest udzielane uprawnienie Lokalny Aktywacja do aplikacji serwera COM z identyfikatorem klasy CLSID {8D8F4F83-3594-4F07-8369-FC3C3CAE4919} i identyfikatorem aplikacji APPID {F72671A9-012C-4725-9D2F-2A4D32D65169} użytkownikowi ZARZĄDZANIE NT\SYSTEM o identyfikatorze zabezpieczeń SID (S-1-5-18) z adresu LocalHost (użycie LRPC) działającemu w kontenerze aplikacji o identyfikatorze SID Niedostępny (Niedostępny). To uprawnienie zabezpieczeń można modyfikować przy użyciu narzędzia administracyjnego Usługi składowe. Error: (07/24/2017 12:35:53 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Nie można uruchomić usługi Internet Manager. RunOuc z powodu następującego błędu: Usługa nie odpowiada na sygnał uruchomienia lub sygnał sterujący w oczekiwanym czasie. Error: (07/24/2017 12:35:53 PM) (Source: Service Control Manager) (EventID: 7009) (User: ) Description: Upłynął limit czasu (30000 ms) podczas oczekiwania na połączenie się z usługą Internet Manager. RunOuc. Error: (07/24/2017 12:35:30 PM) (Source: DCOM) (EventID: 10005) (User: ZARZĄDZANIE NT) Description: Model DCOM odebrał błąd 1084 podczas próby uruchomienia usługi dps z argumentami Niedostępny w celu uruchomienia serwera: {DDCFD26B-FEED-44CD-B71D-79487D2E5E5A} CodeIntegrity: =================================== Date: 2017-07-22 22:51:31.524 Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2017-07-18 22:38:22.071 Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2017-07-17 09:57:59.646 Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2017-07-12 12:30:29.223 Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2017-07-11 22:30:18.854 Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2017-07-10 20:25:53.186 Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2017-07-07 09:30:29.413 Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2017-06-30 13:31:08.008 Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2017-06-28 09:41:18.810 Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2017-06-22 12:27:41.833 Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements. ==================== Statystyki pamięci =========================== Procesor: Intel(R) Core(TM) i5-4300U CPU @ 1.90GHz Procent pamięci w użyciu: 57% Całkowita pamięć fizyczna: 8097.54 MB Dostępna pamięć fizyczna: 3451.88 MB Całkowita pamięć wirtualna: 12193.54 MB Dostępna pamięć wirtualna: 7022.42 MB ==================== Dyski ================================ Drive c: () (Fixed) (Total:237.98 GB) (Free:25.75 GB) NTFS ==================== MBR & Tablica partycji ================== ==================== Koniec Addition.txt ============================