Rezultaty skanu uzupełniającego Farbar Recovery Scan Tool (x64) Wersja: 21.02.2018 Uruchomiony przez Edward (22-02-2018 12:43:00) Uruchomiony z C:\Users\Edward\Downloads Windows 7 Home Premium Service Pack 1 (X64) (2016-11-07 11:11:30) Tryb startu: Normal ========================================================== ==================== Konta użytkowników: ============================= Administrator (S-1-5-21-2463942350-2031580884-1313598156-500 - Administrator - Disabled) Edward (S-1-5-21-2463942350-2031580884-1313598156-1001 - Administrator - Enabled) => C:\Users\Edward Gość (S-1-5-21-2463942350-2031580884-1313598156-501 - Limited - Disabled) HomeGroupUser$ (S-1-5-21-2463942350-2031580884-1313598156-1003 - Limited - Enabled) ==================== Centrum zabezpieczeń ======================== (Załączenie wejścia w fixlist spowoduje jego usunięcie.) AV: Kaspersky Total Security (Enabled - Up to date) {86367591-4BE4-AE08-2FD9-7FCB8259CD98} AS: Kaspersky Total Security (Enabled - Up to date) {3D579475-6DDE-A186-1569-44B9F9DE8725} AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} FW: Kaspersky Total Security (Enabled) {BE0DF4B4-018B-AF50-0486-D6FE7C8A8AE3} ==================== Zainstalowane programy ====================== (W fixlist dozwolone tylko załączanie programów adware z flagą "Hidden" w celu ich uwidocznienia. Programy adware powinny zostać w poprawny sposób odinstalowane.) 7-Zip 16.04 (x64) (HKLM\...\7-Zip) (Version: 16.04 - Igor Pavlov) Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 26.0.0.127 - Adobe Systems Incorporated) Adobe Flash Player 28 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 28.0.0.161 - Adobe Systems Incorporated) Adobe Flash Player 28 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 28.0.0.161 - Adobe Systems Incorporated) Any Video Converter 6.0.4 (HKLM-x32\...\Any Video Converter) (Version: 6.0.4 - Anvsoft) Any Video Recorder version 1.0.4 (HKLM-x32\...\{17D86E62-4849-49BC-83D2-FA369CEEA9D9}_is1) (Version: 1.0.4 - anvsoft, Inc.) Aptana Studio (HKLM-x32\...\{2D6C1116-78C6-469C-9923-3E549218773F}) (Version: 3.6.0 - Appcelerator) Hidden Aptana Studio (HKU\S-1-5-21-2463942350-2031580884-1313598156-1001\...\Aptana Studio 3.6.0) (Version: 3.6.0 - Appcelerator) AutoSizer (HKLM-x32\...\AutoSizer) (Version: - ) BlackBerry USB Driver (HKLM-x32\...\{51e38982-9005-48e1-aee8-cfa2f13b2446}) (Version: 5.0.0.2 - BlackBerry Limited) Canon IJ Network Tool (HKLM-x32\...\Canon_IJ_Network_UTILITY) (Version: 3.6.0 - Canon Inc.) CCleaner (HKLM\...\CCleaner) (Version: 5.05 - Piriform) Centrum obsługi urządzeń z systemem Windows Mobile (HKLM\...\{626672CD-BFCF-49A9-AEFE-AB0FED3BFC5B}) (Version: 6.1.6965.0 - Microsoft Corporation) CMS (HKLM-x32\...\CMS) (Version: - ) CrystalDiskInfo 7.0.4 (HKLM-x32\...\CrystalDiskInfo_is1) (Version: 7.0.4 - Crystal Dew World) Dell Custom Help (HKLM\...\{BE1CF6CA-3182-45D8-9535-A18055B73607}) (Version: 16.01.1000.0235 - Intel Corporation) Hidden Dell System Detect (HKU\S-1-5-21-2463942350-2031580884-1313598156-1001\...\d24084d039586cae) (Version: 8.11.0.3 - Dell) Dell Wireless HSPA Mini-Card Drivers (HKLM-x32\...\{9D583F01-A973-4B04-90BD-FB7886779090}) (Version: 7.2.2.0 - Dell) Dexpot (HKU\S-1-5-21-2463942350-2031580884-1313598156-1001\...\Dexpot) (Version: 1.6.14 - Dexpot GbR) Dload10 v1.00.046 (HKLM-x32\...\Dload10_is1) (Version: - Satel sp. z o.o.) DLOADX v1.17.005 (HKLM-x32\...\DLOADX_is1) (Version: - Satel sp. z o.o.) dreamboxEDIT -- The one and only settings editor for your Dreambox (HKLM-x32\...\dreamboxEDIT) (Version: - ) Dropbox (HKLM-x32\...\Dropbox) (Version: 43.4.50 - Dropbox, Inc.) Dropbox Update Helper (HKLM-x32\...\{099218A5-A723-43DC-8DB5-6173656A1E94}) (Version: 1.3.59.1 - Dropbox, Inc.) Hidden easy4ip (HKLM-x32\...\easy4ip) (Version: - ) e-Deklaracje Desktop (HKLM-x32\...\{145486BA-033C-7D81-9949-E4BF0C2AD165}) (Version: 9.0.5 - Ministerstwo Finansow) Hidden e-Deklaracje Desktop (HKLM-x32\...\e-Deklaracje.A1909296681C7ACEFE45687D3A64758C8659BF46.1) (Version: 9.0.5 - Ministerstwo Finansow) Elmes GSM Configurator (HKLM-x32\...\{778BF155-61AE-4A21-BA4B-EA200952C088}) (Version: 1.0.0 - Elmes Elektronik) FBReader for Windows (HKLM-x32\...\FBReader for Windows) (Version: - ) Foxit Reader (HKLM-x32\...\Foxit Reader_is1) (Version: 9.0.0.29935 - Foxit Software Inc.) GUARDX v1.16.000 (HKLM-x32\...\GUARDX_is1) (Version: - Satel sp. z o.o.) IDT Audio (HKLM-x32\...\{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}) (Version: 1.0.6324.0 - IDT) iNode Hub Server (HKLM-x32\...\{E6F493BA-19D2-4B98-ACF5-469221AA4DDC}) (Version: 1.0.0 - Elsat s.c.) iNode Setup (HKLM-x32\...\{C5083FEC-95B7-4768-8245-70572E28BA40}) (Version: 1.0.2 - Elsat s.c.) Intel(R) Network Connections Drivers (HKLM\...\PROSet) (Version: 18.1 - Intel) Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 9.17.10.3517 - Intel Corporation) IrfanView 4.50 (64-bit) (HKLM\...\IrfanView64) (Version: 4.50 - Irfan Skiljan) Java 8 Update 161 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F64180161F0}) (Version: 8.0.1610.12 - Oracle Corporation) Java 8 Update 161 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180161F0}) (Version: 8.0.1610.12 - Oracle Corporation) Java SE Development Kit 8 Update 121 (64-bit) (HKLM\...\{64A3A4F4-B792-11D6-A78A-00B0D0180121}) (Version: 8.0.1210.13 - Oracle Corporation) Kaspersky Secure Connection (HKLM-x32\...\{1CF84962-50F8-48CA-9082-B70F3A02C686}) (Version: 17.0.0.611 - Kaspersky Lab) Hidden Kaspersky Secure Connection (HKLM-x32\...\InstallWIX_{1CF84962-50F8-48CA-9082-B70F3A02C686}) (Version: 17.0.0.611 - Kaspersky Lab) Kaspersky Total Security (HKLM-x32\...\{E27B1D7B-3B34-43A2-9FC0-9828D5DF46E2}) (Version: 17.0.0.611 - Kaspersky Lab) Hidden Kaspersky Total Security (HKLM-x32\...\InstallWIX_{E27B1D7B-3B34-43A2-9FC0-9828D5DF46E2}) (Version: 17.0.0.611 - Kaspersky Lab) MEGAsync (HKLM-x32\...\MEGAsync) (Version: - Mega Limited) Microsoft .NET Framework 4.7 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.7.02053 - Microsoft Corporation) Microsoft .NET Framework 4.7 (Polski) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1045) (Version: 4.7.02053 - Microsoft Corporation) Microsoft OneDrive (HKU\S-1-5-21-2463942350-2031580884-1313598156-1001\...\OneDriveSetup.exe) (Version: 17.3.7294.0108 - Microsoft Corporation) Microsoft PowerPoint Viewer (HKLM-x32\...\{95140000-00AF-0415-0000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation) Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50907.0 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) MozBackup 1.5.1 (HKLM-x32\...\MozBackup) (Version: - Pavel Cvrcek) Mozilla Firefox 58.0.1 (x86 pl) (HKLM-x32\...\Mozilla Firefox 58.0.1 (x86 pl)) (Version: 58.0.1 - Mozilla) Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 58.0.1 - Mozilla) MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation) MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation) MSXML 4.0 SP2 Parser and SDK (HKLM-x32\...\{716E0306-8318-4364-8B8F-0CC4E9376BAC}) (Version: 4.20.9818.0 - Microsoft Corporation) NetSurveillance (HKLM-x32\...\NetSurveillance) (Version: - ) Node.js (HKLM-x32\...\{2D41A012-35EE-4724-AE8E-E592EDD9F89D}) (Version: 0.10.13 - Joyent, Inc. and other Node contributors) Notepad++ (64-bit x64) (HKLM\...\Notepad++) (Version: 7.4.2 - Notepad++ Team) NVIDIA Sterownik dźwięku HD 1.3.12.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.12.0 - NVIDIA Corporation) OpenOffice 4.1.3 (HKLM-x32\...\{4D71C348-C964-442D-B2DB-5160E46FB664}) (Version: 4.13.9783 - Apache Software Foundation) Opera Stable 51.0.2830.34 (HKLM-x32\...\Opera 51.0.2830.34) (Version: 51.0.2830.34 - Opera Software) Oprogramowanie Intel® PROSet/Wireless (HKLM-x32\...\{b6b417a3-1f40-4618-aadd-49628bda7836}) (Version: 16.1.1 - Intel Corporation) paint.net (HKLM\...\{E8FA8815-3817-4128-A814-E2EAC456ADF0}) (Version: 4.0.21 - dotPDN LLC) Partner GSM 4.5 wersja Partner GSM 4.5 (HKLM-x32\...\Partner GSM 4.5_is1) (Version: Partner GSM 4.5 - Ropam Elektronik) PERFECTA Soft v1.01.006 (HKLM-x32\...\PERFECTA Soft_is1) (Version: - Satel sp. z o.o.) SG 3100SNw/3110SFNw Podręcznik użytkownika (HKLM-x32\...\{1698F2CC-C9BB-4A88-BF42-1BEB35EF434F}) (Version: 1.00.00 - Generic) SG3100SNw TWAIN/WIA (HKLM-x32\...\{A1A79C19-82AF-4B41-A035-C2F8A0399E86}) (Version: 0.01.000 - RICOH) SmartPSS 2.00.1 (HKLM-x32\...\SmartPSS) (Version: 2.00.1 - ) TeamViewer 13 (HKLM-x32\...\TeamViewer) (Version: 13.0.6447 - TeamViewer) Total Commander 64-bit (Remove or Repair) (HKLM\...\Totalcmd64) (Version: 8.52a - Ghisler Software GmbH) TrueCrypt (HKLM-x32\...\TrueCrypt) (Version: 7.2 - TrueCrypt Foundation) TurboTop 2.8 (HKLM-x32\...\TurboTop_is1) (Version: 2.8.0.21 - Savard Software) uCMS (HKLM-x32\...\uCMS) (Version: 7.1.23.5 - ) UltraISO Premium V9.66 (HKLM-x32\...\UltraISO_is1) (Version: - ) USB Driver x64 (HKLM\...\{6D69CF0E-5928-4B91-9BBE-B0674E46C8D8}) (Version: 5.0.0.2 - BlackBerry Limited) Hidden VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.6 - VideoLAN) vWebClient version 5.5.23.3 (HKLM-x32\...\{1CAD5FAF-7EB8-4DE8-BCB6-766DE18D9403}_is1) (Version: 5.5.23.3 - ) ==================== Niestandardowe rejestracje CLSID (filtrowane): ========================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) CustomCLSID: HKU\S-1-5-21-2463942350-2031580884-1313598156-1001_Classes\CLSID\{E68D0A55-3C40-4712-B90D-DCFA93FF2534}\InprocServer32 -> C:\Users\Edward\AppData\Roaming\GG\ggdrive\ggdrive-menu.dll => Brak pliku ShellIconOverlayIdentifiers: [ MEGA (Pending)] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => C:\ProgramData\MEGAsync\ShellExtX64.dll [2017-11-17] () ShellIconOverlayIdentifiers: [ MEGA (Synced)] -> {05B38830-F4E9-4329-978B-1DD28605D202} => C:\ProgramData\MEGAsync\ShellExtX64.dll [2017-11-17] () ShellIconOverlayIdentifiers: [ MEGA (Syncing)] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => C:\ProgramData\MEGAsync\ShellExtX64.dll [2017-11-17] () ShellIconOverlayIdentifiers: [ DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2018-02-08] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2018-02-08] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2018-02-08] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2018-02-08] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2018-02-08] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2018-02-08] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2018-02-08] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2018-02-08] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2018-02-08] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2018-02-08] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ MEGA (Pending)] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => C:\ProgramData\MEGAsync\ShellExtX64.dll [2017-11-17] () ShellIconOverlayIdentifiers-x32: [ MEGA (Synced)] -> {05B38830-F4E9-4329-978B-1DD28605D202} => C:\ProgramData\MEGAsync\ShellExtX64.dll [2017-11-17] () ShellIconOverlayIdentifiers-x32: [ MEGA (Syncing)] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => C:\ProgramData\MEGAsync\ShellExtX64.dll [2017-11-17] () ShellIconOverlayIdentifiers-x32: [ DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2018-02-08] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2018-02-08] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2018-02-08] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2018-02-08] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2018-02-08] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2018-02-08] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2018-02-08] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2018-02-08] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2018-02-08] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2018-02-08] (Dropbox, Inc.) ContextMenuHandlers1: [KuaiZipShlExt] -> {6ADF19E3-77A3-4395-ADB4-9FD7D351EB3E} => -> Brak pliku ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2016-10-04] (Igor Pavlov) ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} => C:\Program Files\Notepad++\NppShell_06.dll [2017-06-18] () ContextMenuHandlers1: [ContextMenuExt] -> {6ADF19E3-77A3-4395-ADB4-9FD7D351EB3E} => -> Brak pliku ContextMenuHandlers1: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2018-02-08] (Dropbox, Inc.) ContextMenuHandlers1: [Foxit_ConvertToPDF_Reader] -> {A94757A0-0226-426F-B4F1-4DF381C630D3} => C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\ConvertToPDFShellExtension_x64.dll [2017-10-21] (Foxit Software Inc.) ContextMenuHandlers1: [Kaspersky Anti-Virus 17.0.0] -> {39C9FA89-7012-4573-A92D-BFD1F8CA542D} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 17.0.0\x64\shellex.dll [2017-03-29] (AO Kaspersky Lab) ContextMenuHandlers1: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\ProgramData\MEGAsync\ShellExtX64.dll [2017-11-17] () ContextMenuHandlers2: [Kaspersky Anti-Virus 17.0.0] -> {39C9FA89-7012-4573-A92D-BFD1F8CA542D} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 17.0.0\x64\shellex.dll [2017-03-29] (AO Kaspersky Lab) ContextMenuHandlers2: [UltraISO] -> {AD392E40-428C-459F-961E-9B147782D099} => C:\Program Files (x86)\UltraISO\isoshl64.dll [2015-10-08] (EZB Systems, Inc.) ContextMenuHandlers3: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\ProgramData\MEGAsync\ShellExtX64.dll [2017-11-17] () ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2016-10-04] (Igor Pavlov) ContextMenuHandlers4: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2018-02-08] (Dropbox, Inc.) ContextMenuHandlers4: [Kaspersky Anti-Virus 17.0.0] -> {39C9FA89-7012-4573-A92D-BFD1F8CA542D} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 17.0.0\x64\shellex.dll [2017-03-29] (AO Kaspersky Lab) ContextMenuHandlers4: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\ProgramData\MEGAsync\ShellExtX64.dll [2017-11-17] () ContextMenuHandlers4: [UltraISO] -> {AD392E40-428C-459F-961E-9B147782D099} => C:\Program Files (x86)\UltraISO\isoshl64.dll [2015-10-08] (EZB Systems, Inc.) ContextMenuHandlers5: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2018-02-08] (Dropbox, Inc.) ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => C:\Windows\system32\igfxpph.dll [2015-01-02] (Intel Corporation) ContextMenuHandlers6: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2016-10-04] (Igor Pavlov) ContextMenuHandlers6: [Foxit_ConvertToPDF_Reader] -> {A94757A0-0226-426F-B4F1-4DF381C630D3} => C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\ConvertToPDFShellExtension_x64.dll [2017-10-21] (Foxit Software Inc.) ContextMenuHandlers6: [Kaspersky Anti-Virus 17.0.0] -> {39C9FA89-7012-4573-A92D-BFD1F8CA542D} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 17.0.0\x64\shellex.dll [2017-03-29] (AO Kaspersky Lab) ContextMenuHandlers6: [UltraISO] -> {AD392E40-428C-459F-961E-9B147782D099} => C:\Program Files (x86)\UltraISO\isoshl64.dll [2015-10-08] (EZB Systems, Inc.) ContextMenuHandlers1_S-1-5-21-2463942350-2031580884-1313598156-1001: [GGDriveMenu] -> {E68D0A55-3C40-4712-B90D-DCFA93FF2534} => C:\Users\Edward\AppData\Roaming\GG\ggdrive\ggdrive-menu.dll -> Brak pliku ContextMenuHandlers4_S-1-5-21-2463942350-2031580884-1313598156-1001: [GGDriveMenu] -> {E68D0A55-3C40-4712-B90D-DCFA93FF2534} => C:\Users\Edward\AppData\Roaming\GG\ggdrive\ggdrive-menu.dll -> Brak pliku ContextMenuHandlers5_S-1-5-21-2463942350-2031580884-1313598156-1001: [GGDriveMenu] -> {E68D0A55-3C40-4712-B90D-DCFA93FF2534} => C:\Users\Edward\AppData\Roaming\GG\ggdrive\ggdrive-menu.dll -> Brak pliku ==================== Zaplanowane zadania (filtrowane) ============= (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) Task: {39E6F4D0-696D-47BA-BFC9-228FA27DD21B} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2015-04-23] (Piriform Ltd) Task: {4E67C354-313A-49CB-85F6-D656B152A3AA} - System32\Tasks\{64CA4EF5-0058-49C4-B537-DAEC9D1676A4} => C:\Users\Edward\Documents\MEGA\Digitex\prog-94s.exe [2004-11-30] () Task: {4E72C4EE-65A8-4060-8FB7-86BD96EDEE02} - System32\Tasks\DropboxUpdateTaskMachineCore => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2016-11-07] (Dropbox, Inc.) Task: {506EABBC-B203-4C75-BABF-E0453CE70020} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2018-02-07] (Adobe Systems Incorporated) Task: {78DB8B1C-B978-433D-90DE-6E75E13E6139} - System32\Tasks\Opera scheduled Autoupdate 1484259706 => C:\Program Files (x86)\Opera\launcher.exe [2018-02-15] (Opera Software) Task: {7C54F1CD-FFF3-4188-9BC6-FC4A1436D941} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_28_0_0_161_pepper.exe [2018-02-07] (Adobe Systems Incorporated) Task: {A90757C1-685B-44A3-B64A-A5ABED493750} - System32\Tasks\MEGA\MEGAsync Update Task S-1-5-21-2463942350-2031580884-1313598156-1001 => C:\ProgramData\MEGAsync\MEGAupdater.exe [2018-01-19] (Mega Limited) Task: {AE719EB7-16D7-40D3-8D08-B3CC556493D3} - System32\Tasks\Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan => c:\Program Files\Microsoft Security Client\\MpCmdRun.exe Task: {BA35338D-A904-41A8-A467-E0305BF9934D} - System32\Tasks\DropboxUpdateTaskMachineUA => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2016-11-07] (Dropbox, Inc.) Task: {DD6E6D5A-B468-4B4E-A0A3-BB29D10DDBF5} - System32\Tasks\{3357E672-321A-482C-A30A-5A1A1BAD14A0} => C:\Windows\system32\pcalua.exe -a C:\Users\Edward\Downloads\sp43289.exe -d C:\Users\Edward\Downloads (Załączenie wejścia w fixlist spowoduje przesunięcie pliku zadania (.job). Plik uruchamiany docelowo przez zadanie nie zostanie przeniesiony.) Task: C:\Windows\Tasks\DropboxUpdateTaskMachineCore.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe Task: C:\Windows\Tasks\DropboxUpdateTaskMachineUA.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe ==================== Skróty & WMI ======================== (Wybrane wejścia mogą zostać załączone w celu ich zresetowania lub usunięcia.) Shortcut: C:\Users\Edward\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\NetSurveillance\reg.lnk -> C:\Program Files (x86)\NetSurveillance\CMS\reg.bat () ShortcutWithArgument: C:\Users\Edward\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Node.js\Node.js command prompt.lnk -> C:\Windows\SysWOW64\cmd.exe (Microsoft Corporation) -> /k "C:\Program Files (x86)\nodejs\nodevars.bat" ShortcutWithArgument: C:\Users\Public\Desktop\Turkcell VINN.lnk -> C:\Program Files (x86)\Hostless Modem\Turkcell VINN\LaunchWebUI.exe () -> hxxp://Turkcell.VINN ==================== Załadowane moduły (filtrowane) ============== 2016-10-31 20:45 - 2017-11-17 23:35 - 000598528 _____ () C:\ProgramData\MEGAsync\ShellExtX64.dll 2015-11-27 10:28 - 2015-01-02 19:56 - 000094208 _____ () C:\Windows\System32\IccLibDll_x64.dll 2015-04-08 20:53 - 2015-04-08 20:53 - 000050688 _____ () C:\Program Files\CCleaner\lang\lang-1045.dll 2016-06-27 23:19 - 2016-06-27 23:19 - 000865232 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 17.0.0\kpcengine.2.3.dll 2016-11-07 14:26 - 2011-07-13 11:10 - 000065576 ____R () C:\Program Files (x86)\Dell\Dell WWAN\WMCore\MBMDebug.dll 2016-04-13 09:38 - 2017-11-17 23:35 - 000798208 _____ () C:\ProgramData\MEGAsync\libsodium.dll 2018-02-09 21:25 - 2018-02-08 21:10 - 000740168 _____ () C:\Program Files (x86)\Dropbox\Client\dropbox_watchdog.dll 2018-02-09 21:25 - 2018-02-08 21:10 - 002079048 _____ () C:\Program Files (x86)\Dropbox\Client\dropbox_crashpad.dll 2017-12-06 23:57 - 2018-02-08 21:10 - 000100312 _____ () C:\Program Files (x86)\Dropbox\Client\_ctypes.pyd 2017-08-22 23:13 - 2018-02-08 21:10 - 000018896 _____ () C:\Program Files (x86)\Dropbox\Client\select.pyd 2017-08-22 23:13 - 2018-02-08 21:12 - 000020808 _____ () C:\Program Files (x86)\Dropbox\Client\tornado.speedups.pyd 2017-12-06 23:57 - 2018-02-08 21:10 - 000035808 _____ () C:\Program Files (x86)\Dropbox\Client\_multiprocessing.pyd 2017-08-22 23:13 - 2018-02-08 21:10 - 000694232 _____ () C:\Program Files (x86)\Dropbox\Client\unicodedata.pyd 2018-02-09 21:25 - 2018-02-08 21:12 - 000021856 _____ () C:\Program Files (x86)\Dropbox\Client\cryptography.hazmat.bindings._constant_time.pyd 2017-12-06 23:57 - 2018-02-08 21:10 - 000130520 _____ () C:\Program Files (x86)\Dropbox\Client\_cffi_backend.pyd 2018-02-09 21:25 - 2018-02-08 21:12 - 001856864 _____ () C:\Program Files (x86)\Dropbox\Client\cryptography.hazmat.bindings._openssl.pyd 2018-02-09 21:25 - 2018-02-08 21:12 - 000022880 _____ () C:\Program Files (x86)\Dropbox\Client\cryptography.hazmat.bindings._padding.pyd 2018-02-09 21:25 - 2018-02-08 21:10 - 000145880 _____ () C:\Program Files (x86)\Dropbox\Client\pyexpat.pyd 2018-02-09 21:25 - 2018-02-08 21:10 - 000116696 _____ () C:\Program Files (x86)\Dropbox\Client\pywintypes27.dll 2017-08-22 23:13 - 2018-02-08 21:10 - 000105944 _____ () C:\Program Files (x86)\Dropbox\Client\win32api.pyd 2017-08-22 23:13 - 2018-02-08 21:13 - 000022872 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.crt.compiled._winffi_crt.pyd 2018-02-09 21:25 - 2018-02-08 21:12 - 000063312 _____ () C:\Program Files (x86)\Dropbox\Client\psutil._psutil_windows.pyd 2017-08-22 23:13 - 2018-02-08 21:10 - 000024536 _____ () C:\Program Files (x86)\Dropbox\Client\win32event.pyd 2018-02-09 21:25 - 2018-02-08 21:12 - 000077120 _____ () C:\Program Files (x86)\Dropbox\Client\fastpath.pyd 2018-02-09 21:25 - 2018-02-08 21:10 - 000020952 _____ () C:\Program Files (x86)\Dropbox\Client\mmapfile.pyd 2017-08-22 23:13 - 2018-02-08 21:10 - 000124888 _____ () C:\Program Files (x86)\Dropbox\Client\win32file.pyd 2017-08-22 23:13 - 2018-02-08 21:10 - 000116184 _____ () C:\Program Files (x86)\Dropbox\Client\win32security.pyd 2018-02-09 21:25 - 2018-02-08 21:10 - 000392664 _____ () C:\Program Files (x86)\Dropbox\Client\pythoncom27.dll 2017-08-22 23:13 - 2018-02-08 21:12 - 000392520 _____ () C:\Program Files (x86)\Dropbox\Client\win32com.shell.shell.pyd 2017-08-22 23:13 - 2018-02-08 21:13 - 000026464 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.kernel32.compiled._winffi_kernel32.pyd 2017-08-22 23:13 - 2018-02-08 21:10 - 000024024 _____ () C:\Program Files (x86)\Dropbox\Client\win32clipboard.pyd 2017-08-22 23:13 - 2018-02-08 21:10 - 000175576 _____ () C:\Program Files (x86)\Dropbox\Client\win32gui.pyd 2017-08-22 23:13 - 2018-02-08 21:10 - 000030168 _____ () C:\Program Files (x86)\Dropbox\Client\win32pipe.pyd 2017-08-22 23:13 - 2018-02-08 21:10 - 000043480 _____ () C:\Program Files (x86)\Dropbox\Client\win32process.pyd 2017-09-21 21:42 - 2018-02-08 21:10 - 000026072 _____ () C:\Program Files (x86)\Dropbox\Client\win32job.pyd 2017-08-22 23:13 - 2018-02-08 21:10 - 000048600 _____ () C:\Program Files (x86)\Dropbox\Client\win32service.pyd 2017-08-22 23:13 - 2018-02-08 21:10 - 000057816 _____ () C:\Program Files (x86)\Dropbox\Client\win32evtlog.pyd 2018-02-09 21:25 - 2018-02-08 21:12 - 000021840 _____ () C:\Program Files (x86)\Dropbox\Client\cpuid.compiled._cpuid.pyd 2017-12-06 23:57 - 2018-02-08 21:13 - 000023376 _____ () C:\Program Files (x86)\Dropbox\Client\winshell.compiled._winshell.pyd 2018-02-09 21:25 - 2018-02-08 21:12 - 000022864 _____ () C:\Program Files (x86)\Dropbox\Client\crashpad.compiled._Crashpad.pyd 2017-08-22 23:13 - 2018-02-08 21:12 - 000066400 _____ () C:\Program Files (x86)\Dropbox\Client\winenumhandles.compiled._WinEnumHandles.pyd 2018-02-09 21:25 - 2018-02-08 21:12 - 001796416 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtCore.pyd 2017-08-22 23:13 - 2018-02-08 21:10 - 000084944 _____ () C:\Program Files (x86)\Dropbox\Client\sip.pyd 2018-02-09 21:25 - 2018-02-08 21:12 - 001956672 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtGui.pyd 2018-02-09 21:25 - 2018-02-08 21:12 - 003859272 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWidgets.pyd 2018-02-09 21:25 - 2018-02-08 21:12 - 000155472 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebEngineWidgets.pyd 2018-02-09 21:25 - 2018-02-08 21:12 - 000521032 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtNetwork.pyd 2018-02-09 21:25 - 2018-02-08 21:12 - 000051024 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebEngineCore.pyd 2018-02-09 21:25 - 2018-02-08 21:12 - 000043336 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebChannel.pyd 2018-02-09 21:25 - 2018-02-08 21:12 - 000131400 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebKit.pyd 2018-02-09 21:25 - 2018-02-08 21:12 - 000219984 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebKitWidgets.pyd 2018-02-09 21:25 - 2018-02-08 21:12 - 000204104 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtPrintSupport.pyd 2017-12-06 23:57 - 2018-02-08 21:13 - 000025440 _____ () C:\Program Files (x86)\Dropbox\Client\winscreenshot.compiled._CaptureScreenshot.pyd 2017-08-22 23:13 - 2018-02-08 21:10 - 000060888 _____ () C:\Program Files (x86)\Dropbox\Client\win32print.pyd 2017-12-06 23:57 - 2018-02-08 21:13 - 000054616 _____ () C:\Program Files (x86)\Dropbox\Client\winrpcserver.compiled._RPCServer.pyd 2017-08-22 23:13 - 2018-02-08 21:10 - 000024024 _____ () C:\Program Files (x86)\Dropbox\Client\win32profile.pyd 2017-12-06 23:57 - 2018-02-08 21:13 - 000022880 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.user32.compiled._winffi_user32.pyd 2017-08-22 23:13 - 2018-02-08 21:10 - 000028632 _____ () C:\Program Files (x86)\Dropbox\Client\win32ts.pyd 2017-08-22 23:13 - 2018-02-08 21:13 - 000022368 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.iphlpapi.compiled._winffi_iphlpapi.pyd 2017-12-06 23:57 - 2018-02-08 21:13 - 000021856 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.winerror.compiled._winffi_winerror.pyd 2017-12-06 23:57 - 2018-02-08 21:13 - 000022368 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.wininet.compiled._winffi_wininet.pyd 2018-02-09 21:25 - 2018-02-08 21:12 - 000027496 _____ () C:\Program Files (x86)\Dropbox\Client\dropbox.infinite.win.compiled._driverinstallation.pyd 2017-12-06 23:57 - 2018-02-08 21:10 - 000349144 _____ () C:\Program Files (x86)\Dropbox\Client\winxpgui.pyd 2017-12-06 23:57 - 2018-02-08 21:13 - 000023904 _____ () C:\Program Files (x86)\Dropbox\Client\winverifysignature.compiled._VerifySignature.pyd 2018-02-09 21:25 - 2018-02-08 21:12 - 000025432 _____ () C:\Program Files (x86)\Dropbox\Client\librsyncffi.compiled._librsyncffi.pyd 2018-02-09 21:25 - 2018-02-08 21:10 - 000036312 _____ () C:\Program Files (x86)\Dropbox\Client\librsync.dll 2018-01-12 06:54 - 2018-02-08 21:13 - 000021856 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.advapi32.compiled._winffi_advapi32.pyd 2018-02-09 21:25 - 2018-02-08 21:12 - 000181064 _____ () C:\Program Files (x86)\Dropbox\Client\dropbox_sqlite_ext.DLL 2017-08-22 23:13 - 2018-02-08 21:12 - 000030544 _____ () C:\Program Files (x86)\Dropbox\Client\wind3d11.compiled._wind3d11.pyd 2018-02-09 21:25 - 2018-02-08 21:12 - 000024384 _____ () C:\Program Files (x86)\Dropbox\Client\libEGL.DLL 2018-02-09 21:25 - 2018-02-08 21:12 - 001638208 _____ () C:\Program Files (x86)\Dropbox\Client\libGLESv2.dll 2017-12-06 23:57 - 2018-02-08 21:13 - 000026464 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.winhttp.compiled._winffi_winhttp.pyd 2018-02-09 21:25 - 2018-02-08 21:12 - 000545096 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtQuick.pyd 2018-02-09 21:25 - 2018-02-08 21:12 - 000359232 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtQml.pyd 2018-02-09 21:25 - 2018-02-08 21:12 - 000038216 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebEngine.pyd 2016-10-31 20:43 - 2017-11-17 23:35 - 000570368 _____ () C:\ProgramData\MEGAsync\ShellExtX32.dll ==================== Alternate Data Streams (filtrowane) ========= (Załączenie wejścia w fixlist spowoduje usunięcie strumienia ADS.) AlternateDataStreams: C:\Windows\system32\Drivers\csrbc.sys:com.dropbox.attributes [168] AlternateDataStreams: C:\Users\Edward\Downloads\Active.exe:BDU [0] AlternateDataStreams: C:\Users\Edward\Downloads\basicgsmmanger instaler.exe:BDU [0] AlternateDataStreams: C:\Users\Edward\Downloads\ccsetup505.exe:BDU [0] AlternateDataStreams: C:\Users\Edward\Downloads\chirp-daily-20170608-installer.exe:BDU [0] AlternateDataStreams: C:\Users\Edward\Downloads\ESETOnlineScanner_PLK.exe:BDU [0] AlternateDataStreams: C:\Users\Edward\Downloads\Firefox Setup Stub 53.0.2.exe:BDU [0] ==================== Tryb awaryjny (filtrowane) =================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Wartość "AlternateShell" zostanie przywrócona.) HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service" ==================== Powiązania plików (filtrowane) =============== (Załączenie wejścia w fixlist spowoduje usunięcie obiektu z rejestru lub przywrócenie jego domyślnej postaci.) HKU\.DEFAULT\Software\Classes\.scr: Bricscad.load.scr => "C:\Program Files\Bricsys\BricsCAD V17 en_US\bricscad.exe" "%1" <==== UWAGA HKU\S-1-5-21-2463942350-2031580884-1313598156-1001\Software\Classes\.scr: Bricscad.load.scr => <==== UWAGA ==================== Internet Explorer - Witryny zaufane i z ograniczeniami =============== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru.) IE trusted site: HKU\S-1-5-21-2463942350-2031580884-1313598156-1001\...\dell.com -> dell.com ==================== Hosts - zawartość: =============================== (Użycie dyrektywy Hosts: w fixlist spowoduje reset pliku Hosts.) 2009-07-14 03:34 - 2017-04-12 22:28 - 000000027 _____ C:\Windows\system32\Drivers\etc\hosts 127.0.0.1 localhost ==================== Inne obszary ============================ (Obecnie brak automatycznej naprawy dla tej sekcji.) HKU\S-1-5-21-2463942350-2031580884-1313598156-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Edward\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg DNS Servers: 192.168.1.1 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1) Zapora systemu Windows [funkcja włączona] ==================== MSCONFIG/TASK MANAGER - Wyłączone elementy == MSCONFIG\startupreg: CheckNDISPortf0ac02 => C:\Program Files (x86)\Hostless Modem\Turkcell VINN\CheckNDISPort_df.exe MSCONFIG\startupreg: easy4ip => "C:\Program Files (x86)\easy4ip\bin\easy4ip.exe" MSCONFIG\startupreg: RIM PeerManager => "C:\Program Files (x86)\Common Files\Research In Motion\Tunnel Manager\PeerManager.exe" MSCONFIG\startupreg: RIMBBLaunchAgent.exe => C:\Program Files (x86)\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe MSCONFIG\startupreg: UIExec => "C:\Program Files (x86)\ZTE Join Air\UIExec.exe" MSCONFIG\startupreg: Windows Mobile Device Center => %windir%\WindowsMobile\wmdc.exe ==================== Reguły Zapory systemu Windows (filtrowane) =============== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) FirewallRules: [{F806585B-02BC-46CD-8BB6-9A648A3B7FC5}] => (Allow) C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe FirewallRules: [TCP Query User{00335EEE-AB67-4685-A125-1ADBBA3AC8F2}C:\program files (x86)\smart professional surveillance system\smartpss\smartpss.exe] => (Allow) C:\program files (x86)\smart professional surveillance system\smartpss\smartpss.exe FirewallRules: [UDP Query User{60B89A9A-66E0-4018-9557-05CC959B94D7}C:\program files (x86)\smart professional surveillance system\smartpss\smartpss.exe] => (Allow) C:\program files (x86)\smart professional surveillance system\smartpss\smartpss.exe FirewallRules: [TCP Query User{DD32D915-55C8-430D-964F-548B9B3E1543}C:\totalcmd\totalcmd64.exe] => (Allow) C:\totalcmd\totalcmd64.exe FirewallRules: [UDP Query User{38F1DA23-182D-43FC-BA41-0C318C39D0DE}C:\totalcmd\totalcmd64.exe] => (Allow) C:\totalcmd\totalcmd64.exe FirewallRules: [TCP Query User{97096C97-306D-4640-BFFE-3DA3F975D065}C:\program files (x86)\cms\cms.exe] => (Allow) C:\program files (x86)\cms\cms.exe FirewallRules: [UDP Query User{67F1FDE5-501F-410C-8BE1-EB3890A1FC63}C:\program files (x86)\cms\cms.exe] => (Allow) C:\program files (x86)\cms\cms.exe FirewallRules: [{C6E53A90-92E4-4D52-AF3A-D42E0AD0F04C}] => (Block) C:\program files (x86)\cms\cms.exe FirewallRules: [{F811797A-ED68-4B9A-913E-2A8F3DEEE335}] => (Block) C:\program files (x86)\cms\cms.exe FirewallRules: [TCP Query User{115F692F-F7E4-42A8-9891-41CB903E5AB9}C:\program files (x86)\satel\integra\dloadx.exe] => (Allow) C:\program files (x86)\satel\integra\dloadx.exe FirewallRules: [UDP Query User{657A6F48-640A-4260-9800-0DD4036291A7}C:\program files (x86)\satel\integra\dloadx.exe] => (Allow) C:\program files (x86)\satel\integra\dloadx.exe FirewallRules: [TCP Query User{93A09210-1325-45A7-ADE5-495C02990457}C:\program files (x86)\satel\guardx\guardx.exe] => (Allow) C:\program files (x86)\satel\guardx\guardx.exe FirewallRules: [UDP Query User{DD55589A-36A1-4183-9CF7-7DBD887527AD}C:\program files (x86)\satel\guardx\guardx.exe] => (Allow) C:\program files (x86)\satel\guardx\guardx.exe FirewallRules: [TCP Query User{35BE202C-0F07-43EA-8201-CDF047ACB509}C:\program files (x86)\satel\integra\dloadx.exe] => (Allow) C:\program files (x86)\satel\integra\dloadx.exe FirewallRules: [UDP Query User{F3EE5A81-E2A9-46DA-9EB1-D4E6719C12A6}C:\program files (x86)\satel\integra\dloadx.exe] => (Allow) C:\program files (x86)\satel\integra\dloadx.exe FirewallRules: [{FBFF11E0-C274-408C-AA94-D4FA68748828}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe FirewallRules: [{37C5A115-59CC-4E69-A6B8-BEF6CC81481D}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe FirewallRules: [TCP Query User{B5710691-AD68-47EE-AD63-F24CB3CDBC5E}C:\program files\irfanview\plugins\stub_plugin.exe] => (Allow) C:\program files\irfanview\plugins\stub_plugin.exe FirewallRules: [UDP Query User{17B4A235-F9D5-4176-A295-6B61AFCE1CDD}C:\program files\irfanview\plugins\stub_plugin.exe] => (Allow) C:\program files\irfanview\plugins\stub_plugin.exe FirewallRules: [{53B3EA14-9BE5-4975-9EB1-9672E963DC94}] => (Allow) %systemroot%\WindowsMobile\wmdHost.exe FirewallRules: [{C4ADB779-3369-48E7-BB68-C934C056872E}] => (Allow) %systemroot%\WindowsMobile\wmdHost.exe FirewallRules: [{5E6836D0-E95A-4D6D-8B2D-CE0C0AA9FC05}] => (Allow) LPort=26675 FirewallRules: [{609F7EBE-7A6F-46C8-997C-DCEB9BD184E1}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe FirewallRules: [{B0C5EF4D-C398-4C58-97C9-C7C89192B270}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe FirewallRules: [{78E34AB3-24BA-4230-A6F3-A7BE2283C659}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe FirewallRules: [{9495DE00-28AB-42CA-B518-298B5F9B154F}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe FirewallRules: [{D5A2B0FE-96BD-4CAA-AC8C-C7E695C89892}] => (Allow) C:\Program Files (x86)\Opera\50.0.2762.67\opera.exe FirewallRules: [{E011693E-5D19-41BA-8B3B-D1D08550C561}] => (Allow) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe FirewallRules: [{D84CACF8-7E88-479F-A0FB-B760F6C428DF}] => (Allow) C:\Program Files (x86)\Opera\51.0.2830.34\opera.exe ==================== Punkty Przywracania systemu ========================= 21-02-2018 23:18:49 Removed Join Air 21-02-2018 23:21:03 BlackBerry 10 Desktop Software (Blend, Link, Drivers) ==================== Wadliwe urządzenia w Menedżerze urządzeń ============= Name: Teredo Tunneling Pseudo-Interface Description: Karta tunelowania Teredo firmy Microsoft Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318} Manufacturer: Microsoft Service: tunnel Problem: : This device cannot start. (Code10) Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device. On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard. Name: Dell Wireless 5550 HSPA+ Mini-Card GPS Port (COM3) Description: Dell Wireless 5550 HSPA+ Mini-Card GPS Port Class Guid: {4d36e978-e325-11ce-bfc1-08002be10318} Manufacturer: Dell Service: d554gps Problem: : This device is disabled. (Code 22) Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions. Name: Dell Wireless 5550 HSPA+ Mini-Card Network Adapter Description: Dell Wireless 5550 HSPA+ Mini-Card Network Adapter Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318} Manufacturer: Ericsson AB Service: WwanUsbServ Problem: : This device is disabled. (Code 22) Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions. ==================== Błędy w Dzienniku zdarzeń: ========================= Dziennik Aplikacja: ================== Error: (02/22/2018 12:10:08 PM) (Source: WinMgmt) (EventID: 10) (User: ) Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected. Error: (02/21/2018 11:03:35 PM) (Source: RIM MDNS) (EventID: 100) (User: ) Description: 528: ERROR: read_msg errno 0 (Operacja ukończona pomyślnie.) Error: (02/21/2018 11:03:35 PM) (Source: RIM MDNS) (EventID: 100) (User: ) Description: ERROR: mDNSPlatformReadTCP - recv: 10053 Error: (02/21/2018 11:03:16 PM) (Source: WinMgmt) (EventID: 10) (User: ) Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected. Error: (02/21/2018 09:10:55 PM) (Source: RIM MDNS) (EventID: 100) (User: ) Description: 528: ERROR: read_msg errno 0 (Operacja ukończona pomyślnie.) Error: (02/21/2018 09:10:55 PM) (Source: RIM MDNS) (EventID: 100) (User: ) Description: ERROR: mDNSPlatformReadTCP - recv: 10053 Error: (02/21/2018 09:10:40 PM) (Source: WinMgmt) (EventID: 10) (User: ) Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected. Error: (02/21/2018 09:09:19 PM) (Source: SideBySide) (EventID: 33) (User: ) Description: Nie można wygenerować kontekstu aktywacji dla "C:\Program Files (x86)\Jamper\Application\chrome.exe". Nie można odnaleźć zestawu zależnego 58.0.3029.81,language="*",type="win32",version="58.0.3029.81". Użyj narzędzia sxstrace.exe, aby uzyskać szczegółową diagnozę. Dziennik System: ============= Error: (02/22/2018 12:15:49 PM) (Source: Service Control Manager) (EventID: 7022) (User: ) Description: Usługa Łączność urządzeń z systemem Windows Mobile zawiesiła się podczas uruchamiania. Error: (02/22/2018 12:13:12 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Nie można uruchomić usługi Usługa Kaspersky Secure Connection 1.0.0 z powodu następującego błędu: Usługa nie odpowiada na sygnał uruchomienia lub sygnał sterujący w oczekiwanym czasie. Error: (02/22/2018 12:13:12 PM) (Source: Service Control Manager) (EventID: 7009) (User: ) Description: Upłynął limit czasu (30000 ms) podczas oczekiwania na połączenie się z usługą Usługa Kaspersky Secure Connection 1.0.0. Error: (02/22/2018 12:12:21 PM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: Usługa Microsoft .NET Framework NGEN v4.0.30319_X64 niespodziewanie zakończyła pracę. Wystąpiło to razy: 1. W przeciągu 120000 milisekund zostanie podjęta następująca czynność korekcyjna: Uruchom usługę ponownie. Error: (02/22/2018 12:10:46 PM) (Source: Service Control Manager) (EventID: 7023) (User: ) Description: Usługa Wstępne ładowanie do pamięci zakończyła działanie; wystąpił następujący błąd: Nie można odnaleźć określonego pliku. Error: (02/22/2018 12:10:05 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Nie można uruchomić usługi SNARE z powodu następującego błędu: Usługa nie odpowiada na sygnał uruchomienia lub sygnał sterujący w oczekiwanym czasie. Error: (02/22/2018 12:10:05 PM) (Source: Service Control Manager) (EventID: 7009) (User: ) Description: Upłynął limit czasu (30000 ms) podczas oczekiwania na połączenie się z usługą SNARE. Error: (02/22/2018 12:10:02 PM) (Source: Service Control Manager) (EventID: 7023) (User: ) Description: Usługa Automatyczne konfigurowanie bezprzewodowej sieci WAN zakończyła działanie; wystąpił następujący błąd: Odmowa dostępu. Windows Defender: =================================== Date: 2017-05-05 21:48:40.018 Description: Produkt Windows Defender napotkał błąd podczas próby załadowania podpisów i podejmie próbę powrotu do znanego zestawu dobrych podpisów. Podpisy objęte próbą:Bieżące Kod błędu:0x80070003 Opis błędu:System nie może odnaleźć określonej ścieżki. Wersja podpisu:0.0.0.0 Wersja aparatu:0.0.0.0 CodeIntegrity: =================================== Date: 2017-04-12 23:27:29.521 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2017-04-12 23:27:29.459 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. ==================== Statystyki pamięci =========================== Procesor: Intel(R) Core(TM) i5-2520M CPU @ 2.50GHz Procent pamięci w użyciu: 40% Całkowita pamięć fizyczna: 8073.02 MB Dostępna pamięć fizyczna: 4773.74 MB Całkowita pamięć wirtualna: 9071.18 MB Dostępna pamięć wirtualna: 5707.73 MB ==================== Dyski ================================ Drive c: (Windows) (Fixed) (Total:111.9 GB) (Free:9.27 GB) NTFS Drive d: (CSR4.0 Harmony) (CDROM) (Total:0.41 GB) (Free:0 GB) CDFS \\?\Volume{5b9ed322-a4eb-11e6-9e53-806e6f6e6963}\ (System) (Fixed) (Total:7.34 GB) (Free:0.52 GB) NTFS ==================== MBR & Tablica partycji ================== ======================================================== Disk: 0 (MBR Code: Windows 7/8/10) (Size: 119.2 GB) (Disk ID: 7E9B2EED) Partition 1: (Active) - (Size=7.3 GB) - (Type=27) Partition 2: (Not Active) - (Size=111.9 GB) - (Type=07 NTFS) ==================== Koniec Addition.txt ============================