Rezultaty skanu uzupełniającego Farbar Recovery Scan Tool (x64) Wersja: 11-07-2021 Uruchomiony przez test (14-07-2021 09:13:15) Uruchomiony z C:\Users\test\Desktop Windows 7 Home Premium Service Pack 1 (X64) (2012-11-27 17:51:19) Tryb startu: Normal ========================================================== ==================== Konta użytkowników: ============================= (Załączenie wejścia w fixlist spowoduje jego usunięcie.) Administrator (S-1-5-21-3875675890-4072692999-1131883279-500 - Administrator - Disabled) Gość (S-1-5-21-3875675890-4072692999-1131883279-501 - Limited - Disabled) => C:\Users\Gość HomeGroupUser$ (S-1-5-21-3875675890-4072692999-1131883279-1007 - Limited - Enabled) janczak (S-1-5-21-3875675890-4072692999-1131883279-1001 - Administrator - Enabled) => C:\Users\janczak test (S-1-5-21-3875675890-4072692999-1131883279-1394 - Administrator - Enabled) => C:\Users\test ==================== Centrum zabezpieczeń ======================== (Załączenie wejścia w fixlist spowoduje jego usunięcie.) AS: Windows Defender (Enabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} ==================== Zainstalowane programy ====================== (W fixlist dozwolone tylko załączanie programów adware z flagą "Hidden" w celu ich uwidocznienia. Programy adware powinny zostać w poprawny sposób odinstalowane.) 18 Wheels of Steel: Pedal to the Metal (HKLM-x32\...\18 Wheels of Steel - Pedal to the Metal/PL-Polish_is1) (Version: - City Interactive) Acrophobia Ball 2 (HKLM-x32\...\Acrophobia Ball 2_is1) (Version: 1.0 - MyPlayCity, Inc.) Adobe Acrobat Reader DC - Polish (HKLM-x32\...\{AC76BA86-7AD7-1045-7B44-AC0F074E4100}) (Version: 21.005.20058 - Adobe Systems Incorporated) Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 32.0.0.89 - Adobe Systems Incorporated) Adobe Flash Player 32 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 32.0.0.445 - Adobe) Adobe Flash Player 32 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 32.0.0.445 - Adobe) AIMP (HKLM-x32\...\AIMP) (Version: v4.70.2227, 01.09.2020 - AIMP DevTeam) Angry Birds Breakfast 2 (HKLM-x32\...\{89FD4D6C-E280-4D6E-B96D-64882F5AD199}) (Version: 1.0.16 - Rovio Entertainment Ltd.) ArcaBit x64 Prerequistes (HKLM-x32\...\{CF4C7ED1-92B6-4E6F-87AC-A68520D6DAF4}) (Version: 12.04.6401 - ArcaBit Sp. z o.o.) Hidden Ashampoo Music Studio 2013 v.4.0.7 (HKLM-x32\...\{0A11EA01-0D61-2DA9-07F6-0EF54C520FE3}_is1) (Version: 4.0.7 - Ashampoo GmbH & Co. KG) AutoGreen B12.0206.1 (HKLM-x32\...\InstallShield_{C75FAD21-EC08-42F3-92D6-C9C0AB355345}) (Version: 1.00.0000 - GIGABYTE) AVG 2014 (HKLM\...\{7F624BD1-4FE0-432F-B928-68302E156D04}) (Version: 14.0.3658 - AVG Technologies) Hidden Beetle Bug 2 (HKLM-x32\...\Beetle Bug 2_is1) (Version: 1.0 - MyPlayCity, Inc.) Billiard Masters (HKLM-x32\...\Billiard Masters_is1) (Version: - My Real Games Ltd) Bolek i Lolek - Język angielski dla najmłodszych (HKLM-x32\...\Bolek_i_Lolek.Język_angielski_dla_najmlodszych._Polish) (Version: - ) Bombermaaan 1.4 (HKLM-x32\...\{451C4ACA-0B6A-4564-BD9D-A6C365DB9C76}_is1) (Version: - The Bombermaaan team) Bombermania ver 1.0 (HKLM-x32\...\Bombermania_Free_is1) (Version: 1.0 - Just Free Games) Brave Dwarves: Back for Treasures Demo v1.0 (HKLM-x32\...\Brave Dwarves: Back for Treasures Demo_is1) (Version: - GameOver-Games) Brother MFL-Pro Suite DCP-J132W (HKLM-x32\...\{B742757A-7658-4E09-A51A-085CF0F7F4D3}) (Version: 1.0.0.0 - Brother Industries, Ltd.) CyberLink Power2Go 9 (HKLM-x32\...\InstallShield_{57D68FAE-CB5E-4fd6-AE3B-A0B43375AF18}) (Version: 9.0.0701.0 - CyberLink Corp.) Document.Editor 2016.5 (HKLM-x32\...\Document.Editor) (Version: 2016.5 - Semagsoft) Easy Tune 6 B12.0509.1 (HKLM-x32\...\InstallShield_{457D7505-D665-4F95-91C3-ECB8C56E9ACA}) (Version: 1.00.0000 - GIGABYTE) eKsterminator - Inwazja z wentylacji (HKLM-x32\...\{84EC6FC5-0AC8-4CB4-90D5-4376C40CEA1C}) (Version: 1.00.0000 - SoftPlanet) Farming Giant (HKLM-x32\...\Farming Giant) (Version: - ) Farming Simulator 19 (HKLM-x32\...\FarmingSimulator2019_is1) (Version: 1.7.1 - GIANTS Software) FastStone Image Viewer, версия 5.5 (HKLM-x32\...\FastStone Image Viewer_is1) (Version: 5.5 - FastStone Soft) Flashout 3D (HKU\S-1-5-21-3875675890-4072692999-1131883279-1001\...\Flashout 3D) (Version: - ) Flashout 3D (HKU\S-1-5-21-3875675890-4072692999-1131883279-501\...\Flashout 3D) (Version: - ) Folder Colorizer version 1.2.1 (HKLM\...\{A133E9CD-2879-4F30-87D4-1604AFD5C5CC}_is1) (Version: 1.2.1 - Softorino) Garden Planner 2.4 (HKLM-x32\...\Garden Planner_is1) (Version: 2.4 - Artifact Interactive) GIANTS Editor 8.0.0 64-bit (HKLM-x32\...\giants_editor_8.0.0_win64_is1) (Version: 8.0.0 - GIANTS Software GmbH) GIMP 2.6.11 (HKLM-x32\...\WinGimp-2.0_is1) (Version: 2.6.11 - The GIMP Team) Google Chrome (HKLM-x32\...\Google Chrome) (Version: 91.0.4472.124 - Google LLC) Google Drive (HKLM-x32\...\{A8DC81F2-D365-4248-892A-FA3B5951F731}) (Version: 2.34.9392.7803 - Google, Inc.) Google Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.99.0 - Google Inc.) Hidden Google+ Auto Backup (HKLM-x32\...\{A50DE037-B5C0-4C8A-8049-B0C576B313D1}) (Version: 1.0.21.81 - Google) Grand Master Chess 3 (HKLM-x32\...\Grand Master Chess 3_is1) (Version: 1.0 - MyPlayCity, Inc.) GT Racers (HKLM-x32\...\{551D0B48-4F70-4069-B3C6-98F7F8D18B5B}_is1) (Version: - ) Hot Racing (HKLM-x32\...\Hot Racing_is1) (Version: - My Real Games Ltd) Hotelowe Imperium (HKLM-x32\...\{87A8C9C6-4B93-4E40-ADBD-01FFD0996D9B}_is1) (Version: - nowe-media.eu) HP DeskJet 2130 series — podstawowe oprogramowanie urządzenia (HKLM\...\{A69F1024-5FCE-43BC-A860-427D8418435B}) (Version: 40.11.1124.17107 - HP Inc.) HP Photo Creations (HKLM-x32\...\HP Photo Creations) (Version: 1.0.0.9572 - HP) Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 11.0.2.1183 - Intel Corporation) Intel(R) OpenCL CPU Runtime (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: - Intel Corporation) Kalejdoskop ucznia. Informatyka. Klasa 2 1.0.0 (only current user) (HKU\S-1-5-21-3875675890-4072692999-1131883279-1001\...\4f7a9a63-79a6-517d-925a-93fa90db1049) (Version: 1.0.0 - WSiP) Kalejdoskop ucznia. Informatyka. Klasa 3 1.0.0 (only current user) (HKU\S-1-5-21-3875675890-4072692999-1131883279-1001\...\d30e1452-552b-5e86-a168-1310deb85d1f) (Version: 1.0.0 - WSiP) Kea Coloring Book 3.5.0 (HKLM-x32\...\Kea Coloring Book_is1) (Version: - Kea Software) Krita Desktop (x64) 2.8.3.0 (HKLM\...\{C954F6B7-202B-4811-8A7E-1BFBCD3A09DD}) (Version: 2.8.3.0 - KO GmbH) Krolestwo Maciusia.Przedszkole (HKLM-x32\...\{1E3A485E-AD43-4980-B691-6D2025BC0EF3}) (Version: 1.0.0 - AidemMedia) Kurczaki: Armageddon (HKLM-x32\...\{E65AB865-1018-4589-B94E-A7B6524FA450}_is1) (Version: - ) Loguś - Komputerowe Gry Logopedyczne DEMO 2005 (HKLM-x32\...\Loguś - Komputerowe Gry Logopedyczne DEMO_is1) (Version: - ) Microsoft .NET Framework 4.8 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.8.03761 - Microsoft Corporation) Microsoft .NET Framework 4.8 (Polski) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1045) (Version: 4.8.03761 - Microsoft Corporation) Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 91.0.864.67 - Microsoft Corporation) Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation) Microsoft Office Professional Edition 2003 (HKLM-x32\...\{90110415-6000-11D3-8CFE-0150048383C9}) (Version: 11.0.8173.0 - Microsoft Corporation) Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50918.0 - Microsoft Corporation) Microsoft Teams (HKU\S-1-5-21-3875675890-4072692999-1131883279-1001\...\Teams) (Version: 1.3.00.34662 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{7f51bdb9-ee21-49ee-94d6-90afc321780e}) (Version: 12.0.21005.1 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation) Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24215 (HKLM-x32\...\{d992c12e-cab2-426f-bde3-fb8c53950b0d}) (Version: 14.0.24215.1 - Microsoft Corporation) Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM-x32\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation) Microsoft WSE 3.0 Runtime (HKLM-x32\...\{E3E71D07-CD27-46CB-8448-16D4FB29AA13}) (Version: 3.0.5305.0 - Microsoft Corp.) MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation) MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation) MSXML 4.0 SP2 Parser and SDK (HKLM-x32\...\{716E0306-8318-4364-8B8F-0CC4E9376BAC}) (Version: 4.20.9818.0 - Microsoft Corporation) Mutant Garden Guard (HKLM-x32\...\Mutant Garden Guard_is1) (Version: 1.0 - MyPlayCity, Inc.) Neverball 1.5.4 (HKLM-x32\...\Neverball) (Version: 1.5.4 - ) NVIDIA GeForce Experience 3.12.0.84 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.12.0.84 - NVIDIA Corporation) NVIDIA Oprogramowanie systemu PhysX 9.17.0524 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.17.0524 - NVIDIA Corporation) NVIDIA Sterownik 3D Vision 391.01 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 391.01 - NVIDIA Corporation) NVIDIA Sterownik dźwięku HD 1.3.36.6 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.36.6 - NVIDIA Corporation) NVIDIA Sterownik graficzny 391.01 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 391.01 - NVIDIA Corporation) NVIDIA Sterownik kontrolera 3D Vision 390.41 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 390.41 - NVIDIA Corporation) OpenOffice 4.0.1 (HKLM-x32\...\{DA0106A3-216E-48DE-9CF6-655DA8FC1D22}) (Version: 4.01.9714 - Apache Software Foundation) Pakiet zgodności dla systemu Office 2007 (HKLM-x32\...\{90120000-0020-0415-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation) PC Format Fotoswiat (HKLM-x32\...\PC Format Fotoswiat) (Version: 5.0.4 - CEWE COLOR AG u Co. OHG) Pogoń za Wiedzą (wersja 1.0) (HKLM-x32\...\{13EE8085-7319-477F-8157-F3701DA154C5}_is1) (Version: 1.0 - Wydawnictwo Dragon) PotPlayer v1.6.58402 Stable x86 (HKLM-x32\...\PotPlayer) (Version: v1.6.58402 Stable x86 - Daum Corp.) Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.101.714.2016 - Realtek) Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.8040 - Realtek Semiconductor Corp.) Scan Tailor (HKLM-x32\...\Scan Tailor) (Version: - ) Secret Maryo Chronicles (HKLM-x32\...\secretmaryo) (Version: 1.5 - Florian Richter) Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation) Symulator Cysterny (HKLM-x32\...\Symulator Cysterny/PL-Polish_is1) (Version: - City Interactive) Symulator wyburzania budynków (HKLM-x32\...\Symulator wyburzania budynków/PL-Polish_is1) (Version: - City Interactive) Szkoła (HKLM-x32\...\Szkola_Polish) (Version: - ) Tito Mine Cart Racing (HKLM-x32\...\Tito Mine Cart Racing_is1) (Version: - ) Tommy Tronic (HKLM-x32\...\Tommy Tronic) (Version: - ) TrackMania Nations ESWC 0.1.7.5 (HKLM-x32\...\TmNations_is1) (Version: - Nadeo) Unity Web Player (HKU\S-1-5-21-3875675890-4072692999-1131883279-501\...\UnityWebPlayer) (Version: - Unity Technologies ApS) USB RACING WHEEL (HKLM-x32\...\FT32B2) (Version: - ) Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.) VLC media player (HKLM-x32\...\VLC media player) (Version: 3.0.11 - VideoLAN) Vulkan Run Time Libraries 1.0.65.1 (HKLM\...\VulkanRT1.0.65.1) (Version: 1.0.65.1 - LunarG, Inc.) Hidden Wesołe przedszkole Reksia (HKLM-x32\...\Wesołe_przedszkole_Reksia_Polish) (Version: - ) WinRAR 5.40 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.40.0 - win.rar GmbH) WinRAR 5.91 (32-bitowy) (HKLM-x32\...\WinRAR archiver) (Version: 5.91.0 - win.rar GmbH) Worms 4 Mayhem Demo (HKLM-x32\...\{ED340366-F336-420D-8867-88643836D900}) (Version: 1.00.0000 - Codemasters) Xing Chess (HKLM-x32\...\Xing Chess_is1) (Version: 1.0 - MyPlayCity, Inc.) ==================== Niestandardowe rejestracje CLSID (filtrowane): ============== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) ShellIconOverlayIdentifiers: [ GoogleDriveBlacklisted] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2018-04-23] (Google Inc -> Google) ShellIconOverlayIdentifiers: [ GoogleDriveSynced] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2018-04-23] (Google Inc -> Google) ShellIconOverlayIdentifiers: [ GoogleDriveSyncing] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2018-04-23] (Google Inc -> Google) ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> Brak pliku ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> Brak pliku ShellIconOverlayIdentifiers: [GDriveSharedOverlay] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44} => -> Brak pliku ContextMenuHandlers1: [AIMP] -> {1F77B17B-F531-44DB-ACA4-76ABB5010A28} => C:\Program Files (x86)\AIMP\System\aimp_menu64.dll [2020-09-11] (IP Izmaylov Artem Andreevich -> AIMP DevTeam) ContextMenuHandlers1: [CLVDShellExt9] -> {4E20B104-5D9F-4E01-A01E-100F08E345C9} => C:\Program Files (x86)\Common Files\CyberLink\ShellExtComponent\CLVDShellExt9.dll [2013-07-01] (CyberLink Corp. -> Cyberlink) ContextMenuHandlers1: [GDContextMenu] -> {BB02B294-8425-42E5-983F-41A1FA970CD6} => C:\Program Files (x86)\Google\Drive\contextmenu64.dll [2018-04-23] (Google Inc -> Google) ContextMenuHandlers1: [Glary Utilities] -> {B3C418F8-922B-4faf-915E-59BC14448CF7} => -> Brak pliku ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2016-08-15] (win.rar GmbH -> Alexander Roshal) ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2016-08-15] (win.rar GmbH -> Alexander Roshal) ContextMenuHandlers2: [CLVDShellExt9] -> {4E20B104-5D9F-4E01-A01E-100F08E345C9} => C:\Program Files (x86)\Common Files\CyberLink\ShellExtComponent\CLVDShellExt9.dll [2013-07-01] (CyberLink Corp. -> Cyberlink) ContextMenuHandlers2: [Glary Utilities] -> {B3C418F8-922B-4faf-915E-59BC14448CF7} => -> Brak pliku ContextMenuHandlers2: [IVBShlExt] -> {5B9C04C2-5EB5-4B60-8B71-46964DB8CDBF} => -> Brak pliku ContextMenuHandlers4: [AIMP] -> {1F77B17B-F531-44DB-ACA4-76ABB5010A28} => C:\Program Files (x86)\AIMP\System\aimp_menu64.dll [2020-09-11] (IP Izmaylov Artem Andreevich -> AIMP DevTeam) ContextMenuHandlers4: [FolderColorize] -> {3443FE61-F294-403D-A4A6-53E034FC9B3F} => C:\Program Files\Folder Colorizer\FolderColorShlExt.dll [2013-02-19] (Hirtal Developments Ltd. -> ) ContextMenuHandlers4: [GDContextMenu] -> {BB02B294-8425-42E5-983F-41A1FA970CD6} => C:\Program Files (x86)\Google\Drive\contextmenu64.dll [2018-04-23] (Google Inc -> Google) ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => C:\Windows\system32\igfxpph.dll [2012-01-06] (Intel Corporation) [Brak podpisu cyfrowego] ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\Windows\system32\nvshext.dll [2018-02-23] (NVIDIA Corporation -> NVIDIA Corporation) ContextMenuHandlers6: [Glary Utilities] -> {B3C418F8-922B-4faf-915E-59BC14448CF7} => -> Brak pliku ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2016-08-15] (win.rar GmbH -> Alexander Roshal) ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2016-08-15] (win.rar GmbH -> Alexander Roshal) ==================== Codecs (filtrowane) ==================== (Załączenie wejścia w fixlist spowoduje usunięcie obiektu z rejestru lub przywrócenie jego domyślnej postaci. Powiązany plik nie zostanie przeniesiony.) HKLM\...\Drivers32: [vidc.iv50] => C:\Windows\SysWOW64\ir50_32.dll [746496 2009-07-14] (Microsoft Windows -> Intel Corporation) HKLM\...\Drivers32: [vidc.iv32] => C:\Windows\SysWOW64\ir32_32.dll [197632 2009-07-14] (Microsoft Windows -> Intel(R) Corporation) HKLM\...\Drivers32: [vidc.iv31] => C:\Windows\SysWOW64\ir32_32.dll [197632 2009-07-14] (Microsoft Windows -> Intel(R) Corporation) ==================== Skróty & WMI ======================== ==================== Załadowane moduły (filtrowane) ============= 2012-11-27 21:19 - 2011-08-04 08:25 - 000043520 _____ (ActMask Co.,Ltd) [Brak podpisu cyfrowego] C:\Windows\system32\spool\PRTPROCS\x64\ActPrint.dll 2012-10-22 10:02 - 2012-01-06 03:31 - 000438784 _____ (Intel Corporation) [Brak podpisu cyfrowego] C:\Windows\system32\igfxrPLK.lrc 2014-04-13 16:44 - 2014-03-06 07:36 - 000722432 _____ (Microsoft Corporation) [Brak podpisu cyfrowego] C:\Program Files\Internet Explorer\ieproxy.dll 2014-04-13 16:44 - 2014-03-06 08:53 - 013551104 _____ (Microsoft Corporation) [Brak podpisu cyfrowego] C:\Windows\System32\ieframe.dll 2014-04-13 16:44 - 2014-03-06 10:53 - 002767360 _____ (Microsoft Corporation) [Brak podpisu cyfrowego] C:\Windows\system32\iertutil.dll 2014-04-13 16:44 - 2014-03-06 07:58 - 001400832 _____ (Microsoft Corporation) [Brak podpisu cyfrowego] C:\Windows\system32\urlmon.dll 2014-04-13 16:44 - 2014-03-06 08:22 - 002260480 _____ (Microsoft Corporation) [Brak podpisu cyfrowego] C:\Windows\system32\wininet.dll 2021-07-14 00:33 - 2018-02-23 21:29 - 000879840 _____ (NVIDIA Corporation PE Sign v2016 -> NVIDIA Corporation) [Brak podpisu cyfrowego] C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPI64.dll 2021-07-14 00:33 - 2018-02-23 21:29 - 000343728 _____ (NVIDIA Corporation PE Sign v2016 -> NVIDIA Corporation) [Brak podpisu cyfrowego] C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem\NvStereo\_nvstapisvr64.dll 2015-08-17 15:30 - 2009-08-06 15:42 - 000015360 _____ (Windows (R) Codename Longhorn DDK provider) [Brak podpisu cyfrowego] C:\Windows\system32\spool\PRTPROCS\x64\HTMLPRNT.DLL ==================== Alternate Data Streams (filtrowane) ======== ==================== Tryb awaryjny (filtrowane) ================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Wartość "AlternateShell" zostanie przywrócona.) HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service" ==================== Powiązania plików (filtrowane) ================= ==================== Internet Explorer (Wersja 11) (filtrowane) ========== HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkID=617912&ResetID=131522203541631947&GUID=CC77C016-F4EF-40EC-B652-790D4FC128FD HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkID=617912&ResetID=131522203541787947&GUID=CC77C016-F4EF-40EC-B652-790D4FC128FD HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com HKU\S-1-5-19\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkID=617912&ResetID=131522203541787947&GUID=CC77C016-F4EF-40EC-B652-790D4FC128FD HKU\S-1-5-20\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkID=617912&ResetID=131522203541787947&GUID=CC77C016-F4EF-40EC-B652-790D4FC128FD HKU\S-1-5-21-3875675890-4072692999-1131883279-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.global-pl.com/ HKU\S-1-5-21-3875675890-4072692999-1131883279-501\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com/ie HKU\S-1-5-21-3875675890-4072692999-1131883279-501\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://v9.com?type=hp&ts=1450710265&from=mych123&uid=wdcxwd10earx-00n0yb0_wd-wcc0s095613256132&z=7c0610958d781d0b414f070gazfwae0mfg8eco9q5q SearchScopes: HKLM -> DefaultScope - brak wartości SearchScopes: HKLM-x32 -> DefaultScope - brak wartości SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-21-3875675890-4072692999-1131883279-1001 -> DefaultScope {B0CD8F74-01AB-4540-B43D-69835065F881} URL = hxxp://www.global-pl.com/search?q={searchTerms} SearchScopes: HKU\S-1-5-21-3875675890-4072692999-1131883279-1001 -> NTURL hxxp://www.bing.com/search?FORM=UWDFNU&PC=U218&q={searchTerms}&src=IE-TopResult SearchScopes: HKU\S-1-5-21-3875675890-4072692999-1131883279-1001 -> {19FB89A4-9E8A-44F5-8046-CED817A05382} URL = hxxp://www.global-pl.com/search?q={searchTerms} SearchScopes: HKU\S-1-5-21-3875675890-4072692999-1131883279-1001 -> {4AE4B81F-EA79-410B-88FA-789C5935CF5B} URL = hxxp://www.nav-pl.com/search?q={searchTerms} SearchScopes: HKU\S-1-5-21-3875675890-4072692999-1131883279-1001 -> {66EEEBE2-1CD6-452C-97DE-9CE2A58FE61D} URL = hxxp://www.nav-pl.com/search?q={searchTerms} SearchScopes: HKU\S-1-5-21-3875675890-4072692999-1131883279-1001 -> {A91837E9-F15A-4260-83F5-A5130D47583F} URL = hxxp://www.web-pl.com/search?q={searchTerms} SearchScopes: HKU\S-1-5-21-3875675890-4072692999-1131883279-1001 -> {B0CD8F74-01AB-4540-B43D-69835065F881} URL = hxxp://www.global-pl.com/search?q={searchTerms} SearchScopes: HKU\S-1-5-21-3875675890-4072692999-1131883279-1001 -> {B1B55794-9B47-43E8-BA99-69FD690A4D1B} URL = hxxp://www.global-pl.com/search?q={searchTerms} SearchScopes: HKU\S-1-5-21-3875675890-4072692999-1131883279-501 -> DefaultScope {411C6174-57E0-4253-B3DF-6B543FE4F3FA} URL = SearchScopes: HKU\S-1-5-21-3875675890-4072692999-1131883279-501 -> NTURL hxxp://www.bing.com/search?FORM=UWDFNU&PC=U218&q={searchTerms}&src=IE-TopResult SearchScopes: HKU\S-1-5-21-3875675890-4072692999-1131883279-501 -> {425ED333-6083-428a-92C9-0CFC28B9D1BF} URL = hxxp://v9.com/web?type=ds&ts=1450710265&from=zzgbkk123&uid=wdcxwd10earx-00n0yb0_wd-wcc0s095613256132&z=7c0610958d781d0b414f070gazfwae0mfg8eco9q5q&q={searchTerms} SearchScopes: HKU\S-1-5-21-3875675890-4072692999-1131883279-501 -> {96bd48dd-741b-41ae-ac4a-aff96ba00f7e} URL = hxxp://home.myplaycity.com/results.php?category=web&s={searchTerms} SearchScopes: HKU\S-1-5-21-3875675890-4072692999-1131883279-501 -> {B9C7CE32-DA91-43C2-B7E9-0E9AAFC675CD} URL = hxxp://www.ask.com/web?l=dis&o=APN10383&gct=sb&qsrc=2869&apn_dtid=^YYYYYY^YY^US&apn_ptnrs=^ABI&apn_uid=3084954303214243&p2=^ABI^YYYYYY^YY^US&q={searchTerms} BHO-x32: Brak nazwy -> {FFCB3198-32F3-4E8B-9539-4324694ED664} -> Brak pliku Handler: about - {3050F406-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\System32\mshtml.dll [2014-03-06] (Microsoft Corporation) [Brak podpisu cyfrowego] Handler-x32: about - {3050F406-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll [2014-03-06] (Microsoft Corporation) [Brak podpisu cyfrowego] Handler: cdl - {3dd53d40-7b8b-11D0-b013-00aa0059ce02} - C:\Windows\system32\urlmon.dll [2014-03-06] (Microsoft Corporation) [Brak podpisu cyfrowego] Handler-x32: cdl - {3dd53d40-7b8b-11D0-b013-00aa0059ce02} - C:\Windows\SysWOW64\urlmon.dll [2014-03-06] (Microsoft Corporation) [Brak podpisu cyfrowego] Handler: file - {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\system32\urlmon.dll [2014-03-06] (Microsoft Corporation) [Brak podpisu cyfrowego] Handler-x32: file - {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll [2014-03-06] (Microsoft Corporation) [Brak podpisu cyfrowego] Handler: ftp - {79eac9e3-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\system32\urlmon.dll [2014-03-06] (Microsoft Corporation) [Brak podpisu cyfrowego] Handler-x32: ftp - {79eac9e3-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll [2014-03-06] (Microsoft Corporation) [Brak podpisu cyfrowego] Handler: javascript - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\System32\mshtml.dll [2014-03-06] (Microsoft Corporation) [Brak podpisu cyfrowego] Handler-x32: javascript - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll [2014-03-06] (Microsoft Corporation) [Brak podpisu cyfrowego] Handler: local - {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\system32\urlmon.dll [2014-03-06] (Microsoft Corporation) [Brak podpisu cyfrowego] Handler-x32: local - {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll [2014-03-06] (Microsoft Corporation) [Brak podpisu cyfrowego] Handler: mailto - {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\System32\mshtml.dll [2014-03-06] (Microsoft Corporation) [Brak podpisu cyfrowego] Handler-x32: mailto - {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll [2014-03-06] (Microsoft Corporation) [Brak podpisu cyfrowego] Handler: mk - {79eac9e6-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\system32\urlmon.dll [2014-03-06] (Microsoft Corporation) [Brak podpisu cyfrowego] Handler-x32: mk - {79eac9e6-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll [2014-03-06] (Microsoft Corporation) [Brak podpisu cyfrowego] Handler: res - {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\System32\mshtml.dll [2014-03-06] (Microsoft Corporation) [Brak podpisu cyfrowego] Handler-x32: res - {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll [2014-03-06] (Microsoft Corporation) [Brak podpisu cyfrowego] Handler: vbscript - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\System32\mshtml.dll [2014-03-06] (Microsoft Corporation) [Brak podpisu cyfrowego] Handler-x32: vbscript - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll [2014-03-06] (Microsoft Corporation) [Brak podpisu cyfrowego] (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru.) IE restricted site: HKU\S-1-5-21-3875675890-4072692999-1131883279-1001\...\008i.com -> 008i.com IE restricted site: HKU\S-1-5-21-3875675890-4072692999-1131883279-1001\...\008k.com -> 008k.com IE restricted site: HKU\S-1-5-21-3875675890-4072692999-1131883279-1001\...\00hq.com -> 00hq.com IE restricted site: HKU\S-1-5-21-3875675890-4072692999-1131883279-1001\...\0190-dialers.com -> 0190-dialers.com IE restricted site: HKU\S-1-5-21-3875675890-4072692999-1131883279-1001\...\01i.info -> 01i.info IE restricted site: HKU\S-1-5-21-3875675890-4072692999-1131883279-1001\...\02pmnzy5eo29bfk4.com -> 02pmnzy5eo29bfk4.com IE restricted site: HKU\S-1-5-21-3875675890-4072692999-1131883279-1001\...\05p.com -> 05p.com IE restricted site: HKU\S-1-5-21-3875675890-4072692999-1131883279-1001\...\07ic5do2myz3vzpk.com -> 07ic5do2myz3vzpk.com IE restricted site: HKU\S-1-5-21-3875675890-4072692999-1131883279-1001\...\08nigbmwk43i01y6.com -> 08nigbmwk43i01y6.com IE restricted site: HKU\S-1-5-21-3875675890-4072692999-1131883279-1001\...\093qpeuqpmz6ebfa.com -> 093qpeuqpmz6ebfa.com IE restricted site: HKU\S-1-5-21-3875675890-4072692999-1131883279-1001\...\0calories.net -> 0calories.net IE restricted site: HKU\S-1-5-21-3875675890-4072692999-1131883279-1001\...\0cj.net -> 0cj.net IE restricted site: HKU\S-1-5-21-3875675890-4072692999-1131883279-1001\...\0scan.com -> 0scan.com IE restricted site: HKU\S-1-5-21-3875675890-4072692999-1131883279-1001\...\1-britney-spears-nude.com -> 1-britney-spears-nude.com IE restricted site: HKU\S-1-5-21-3875675890-4072692999-1131883279-1001\...\1-domains-registrations.com -> 1-domains-registrations.com IE restricted site: HKU\S-1-5-21-3875675890-4072692999-1131883279-1001\...\1-se.com -> 1-se.com IE restricted site: HKU\S-1-5-21-3875675890-4072692999-1131883279-1001\...\1001movie.com -> 1001movie.com IE restricted site: HKU\S-1-5-21-3875675890-4072692999-1131883279-1001\...\1001night.biz -> 1001night.biz IE restricted site: HKU\S-1-5-21-3875675890-4072692999-1131883279-1001\...\100gal.net -> 100gal.net IE restricted site: HKU\S-1-5-21-3875675890-4072692999-1131883279-1001\...\100sexlinks.com -> 100sexlinks.com Wykryto więcej niż wyliczono: 4788 witryn. IE restricted site: HKU\S-1-5-21-3875675890-4072692999-1131883279-501\...\008i.com -> 008i.com IE restricted site: HKU\S-1-5-21-3875675890-4072692999-1131883279-501\...\008k.com -> 008k.com IE restricted site: HKU\S-1-5-21-3875675890-4072692999-1131883279-501\...\00hq.com -> 00hq.com IE restricted site: HKU\S-1-5-21-3875675890-4072692999-1131883279-501\...\0190-dialers.com -> 0190-dialers.com IE restricted site: HKU\S-1-5-21-3875675890-4072692999-1131883279-501\...\01i.info -> 01i.info IE restricted site: HKU\S-1-5-21-3875675890-4072692999-1131883279-501\...\02pmnzy5eo29bfk4.com -> 02pmnzy5eo29bfk4.com IE restricted site: HKU\S-1-5-21-3875675890-4072692999-1131883279-501\...\05p.com -> 05p.com IE restricted site: HKU\S-1-5-21-3875675890-4072692999-1131883279-501\...\07ic5do2myz3vzpk.com -> 07ic5do2myz3vzpk.com IE restricted site: HKU\S-1-5-21-3875675890-4072692999-1131883279-501\...\08nigbmwk43i01y6.com -> 08nigbmwk43i01y6.com IE restricted site: HKU\S-1-5-21-3875675890-4072692999-1131883279-501\...\093qpeuqpmz6ebfa.com -> 093qpeuqpmz6ebfa.com IE restricted site: HKU\S-1-5-21-3875675890-4072692999-1131883279-501\...\0calories.net -> 0calories.net IE restricted site: HKU\S-1-5-21-3875675890-4072692999-1131883279-501\...\0cj.net -> 0cj.net IE restricted site: HKU\S-1-5-21-3875675890-4072692999-1131883279-501\...\0scan.com -> 0scan.com IE restricted site: HKU\S-1-5-21-3875675890-4072692999-1131883279-501\...\1-britney-spears-nude.com -> 1-britney-spears-nude.com IE restricted site: HKU\S-1-5-21-3875675890-4072692999-1131883279-501\...\1-domains-registrations.com -> 1-domains-registrations.com IE restricted site: HKU\S-1-5-21-3875675890-4072692999-1131883279-501\...\1-se.com -> 1-se.com IE restricted site: HKU\S-1-5-21-3875675890-4072692999-1131883279-501\...\1001movie.com -> 1001movie.com IE restricted site: HKU\S-1-5-21-3875675890-4072692999-1131883279-501\...\1001night.biz -> 1001night.biz IE restricted site: HKU\S-1-5-21-3875675890-4072692999-1131883279-501\...\100gal.net -> 100gal.net IE restricted site: HKU\S-1-5-21-3875675890-4072692999-1131883279-501\...\100sexlinks.com -> 100sexlinks.com Wykryto więcej niż wyliczono: 4788 witryn. ==================== Hosts - zawartość: ========================= (Użycie dyrektywy Hosts: w fixlist spowoduje reset pliku Hosts.) 2009-07-14 04:34 - 2020-11-20 09:18 - 000000923 _____ C:\Windows\system32\drivers\etc\hosts 127.0.0.1 genuine.microsoft.com 127.0.0.1 mpa.one.microsoft.com 127.0.0.1 sls.microsoft.com ==================== Inne obszary =========================== (Obecnie brak automatycznej naprawy dla tej sekcji.) HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\ProgramData\Oracle\Java\javapath;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\Intel\OpenCL SDK\2.0\bin\x86;C:\Program Files (x86)\Intel\OpenCL SDK\2.0\bin\x64;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common HKU\S-1-5-21-3875675890-4072692999-1131883279-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\janczak\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg HKU\S-1-5-21-3875675890-4072692999-1131883279-1394\Control Panel\Desktop\\Wallpaper -> HKU\S-1-5-21-3875675890-4072692999-1131883279-501\Control Panel\Desktop\\Wallpaper -> C:\Users\Gość\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg DNS Servers: 192.168.1.1 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 0) Zapora systemu Windows [funkcja włączona] ==================== MSCONFIG/TASK MANAGER - Wyłączone elementy == (Załączenie wejścia w fixlist spowoduje jego usunięcie.) MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^iPrint.lnk => C:\Windows\pss\iPrint.lnk.CommonStartup MSCONFIG\startupreg: BrHelp => C:\Program Files (x86)\Brother\Brother Help\BrotherHelp.exe /AUTORUN MSCONFIG\startupreg: BrStsMon00 => C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe /AUTORUN MSCONFIG\startupreg: ControlCenter4 => C:\Program Files (x86)\ControlCenter4\BrCcBoot.exe /autorun MSCONFIG\startupreg: PrintDisp => C:\Windows\system32\PrintDisp.exe MSCONFIG\startupreg: Steam => "C:\Program Files (x86)\Steam\steam.exe" -silent MSCONFIG\startupreg: WallpaperHd => "C:\Users\janczak\AppData\Local\WallpaperHd\WallpaperHd.exe" /regrun ==================== Reguły Zapory systemu Windows (filtrowane) ================ (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) FirewallRules: [{CCBD1189-9D4D-410B-AE61-4B2AAD2C010D}] => (Allow) C:\Program Files (x86)\Audials\Audials 10\Audials.exe (Audials AG -> Audials AG) FirewallRules: [{3861DE7E-E0D7-48DC-AD9D-47A33ABDA9F0}] => (Allow) LPort=12972 FirewallRules: [{7302593F-A7F9-42DC-9AFD-63550FF24B14}] => (Allow) LPort=14714 FirewallRules: [{2D86DBA5-1062-4EC2-AB69-0FB6DE28C5E9}] => (Allow) LPort=31931 FirewallRules: [{2270C773-A360-4516-832F-C55E57CA5AE1}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe => Brak pliku FirewallRules: [{2D4C61BE-C3EC-4D30-B785-D9D8F779F69B}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe => Brak pliku FirewallRules: [TCP Query User{CE031A3C-3975-41B4-8607-78BE2595A13B}C:\program files (x86)\emule\emule.exe] => (Block) C:\program files (x86)\emule\emule.exe => Brak pliku FirewallRules: [UDP Query User{77EB494A-A5AC-4B2D-87B1-B8EB8E136371}C:\program files (x86)\emule\emule.exe] => (Block) C:\program files (x86)\emule\emule.exe => Brak pliku FirewallRules: [{E339389A-FC28-4789-9492-2351AD9797F2}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe => Brak pliku FirewallRules: [{4A75D94B-443E-4D06-97CC-82F38B5C3972}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe => Brak pliku FirewallRules: [{4796B0D5-EA8A-465F-A058-ECB3B2360CE4}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe => Brak pliku FirewallRules: [TCP Query User{A361CEC2-71D9-4565-80BC-0B5F0090884D}C:\program files (x86)\codemasters\worms 4 mayhem demo\worms 4 mayhem demo.exe] => (Allow) C:\program files (x86)\codemasters\worms 4 mayhem demo\worms 4 mayhem demo.exe () [Brak podpisu cyfrowego] FirewallRules: [UDP Query User{1E65572D-1C7B-4174-B460-0664825C9AF6}C:\program files (x86)\codemasters\worms 4 mayhem demo\worms 4 mayhem demo.exe] => (Allow) C:\program files (x86)\codemasters\worms 4 mayhem demo\worms 4 mayhem demo.exe () [Brak podpisu cyfrowego] FirewallRules: [TCP Query User{8F1FDF3F-077A-457B-ABBA-437EDC61A2E0}C:\program files (x86)\java\jre1.8.0_131\bin\javaw.exe] => (Block) C:\program files (x86)\java\jre1.8.0_131\bin\javaw.exe => Brak pliku FirewallRules: [UDP Query User{77911A95-7EDD-4AAC-B6EE-2E4096D7BF64}C:\program files (x86)\java\jre1.8.0_131\bin\javaw.exe] => (Block) C:\program files (x86)\java\jre1.8.0_131\bin\javaw.exe => Brak pliku FirewallRules: [{5A48398B-F8A2-4FD0-AD6A-C93B42B78610}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation) FirewallRules: [{AEFD2FF2-CDB9-4763-9D69-0A866FC309D5}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation) FirewallRules: [{6B7213D4-DDE3-4935-9B12-88763D69EA6C}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Farm Expert 2017\FE2017.exe () [Brak podpisu cyfrowego] FirewallRules: [{9637302C-DD87-4F47-95E5-D5EE0B3B3D42}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Farm Expert 2017\FE2017.exe () [Brak podpisu cyfrowego] FirewallRules: [{EADBCC82-ADA1-4070-A70A-029387F70E9C}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation) FirewallRules: [{C90969B4-9679-41AD-8A79-AA6400C4E2CA}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation) FirewallRules: [{949EB9B1-4133-4C43-9646-674D98442680}] => (Allow) C:\Program Files (x86)\Farming Simulator 2019\FarmingSimulator2019.exe (GIANTS Software GmbH -> GIANTS Software GmbH) FirewallRules: [{59F9041D-B7BB-4B77-8934-FEBDA7464E37}] => (Allow) C:\Program Files (x86)\Farming Simulator 2019\FarmingSimulator2019.exe (GIANTS Software GmbH -> GIANTS Software GmbH) FirewallRules: [{2E2F4310-02CD-44CB-9B9E-AC64FD79F238}] => (Allow) C:\Program Files (x86)\Farming Simulator 2019\x64\FarmingSimulator2019Game.exe (GIANTS Software GmbH -> GIANTS Software GmbH) FirewallRules: [{3453D52A-9ACA-4BD6-99A5-246ADE570E04}] => (Allow) C:\Program Files (x86)\Farming Simulator 2019\x64\FarmingSimulator2019Game.exe (GIANTS Software GmbH -> GIANTS Software GmbH) FirewallRules: [{843BAA0C-082C-450D-85FA-8496502A4CD9}] => (Allow) C:\Program Files (x86)\Farming Simulator 2019\FarmingSimulator2019.exe (GIANTS Software GmbH -> GIANTS Software GmbH) FirewallRules: [{3CE6F5CB-703A-4F68-92F2-672EE65F0DA7}] => (Allow) C:\Program Files (x86)\Farming Simulator 2019\FarmingSimulator2019.exe (GIANTS Software GmbH -> GIANTS Software GmbH) FirewallRules: [{B51F8EA5-C588-41FD-9E60-8FD04A44CEE0}] => (Allow) C:\Program Files (x86)\Farming Simulator 2019\x64\FarmingSimulator2019Game.exe (GIANTS Software GmbH -> GIANTS Software GmbH) FirewallRules: [{391F28E6-4BDB-40C4-98C1-AE7BEAF57CD0}] => (Allow) C:\Program Files (x86)\Farming Simulator 2019\x64\FarmingSimulator2019Game.exe (GIANTS Software GmbH -> GIANTS Software GmbH) FirewallRules: [TCP Query User{5A7425F0-1600-4C5D-9960-36E0FEE3EB11}C:\program files (x86)\java\jre1.8.0_201\bin\javaw.exe] => (Block) C:\program files (x86)\java\jre1.8.0_201\bin\javaw.exe => Brak pliku FirewallRules: [UDP Query User{22DE88A0-AE64-4E8A-BF78-90BB19567098}C:\program files (x86)\java\jre1.8.0_201\bin\javaw.exe] => (Block) C:\program files (x86)\java\jre1.8.0_201\bin\javaw.exe => Brak pliku FirewallRules: [{22949D5A-C1CF-463D-918E-C84B3D0D6022}] => (Allow) C:\Users\janczak\AppData\Local\Temp\7zS0C10\HP.EasyStart.exe => Brak pliku FirewallRules: [{DE585BB0-CC81-4A67-A087-874C25FFC4B7}] => (Allow) C:\Program Files\HP\HP DeskJet 2130 series\Bin\USBSetup.exe (Hewlett Packard -> HP Inc.) FirewallRules: [{9A0BC5FF-0121-4670-80C6-342CC1EB1389}] => (Allow) C:\Program Files\HP\HP DeskJet 2130 series\Bin\HPNetworkCommunicatorCom.exe (Hewlett Packard -> HP Inc.) FirewallRules: [{98DD61EA-BF44-4821-BB77-D558D6CA0051}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC) FirewallRules: [{C98F0075-50D1-4E4E-B94F-8556215A6FFC}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation) FirewallRules: [{DFA5A6DD-9F34-4147-A06B-0A225A1E4A02}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation) FirewallRules: [{BA0F4187-6518-49B0-9975-B83AA9C90DC3}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation) FirewallRules: [{3EE003E2-A22F-4909-AB57-A42BC95C9DA9}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation) FirewallRules: [{6E7ACA86-945E-4F85-B4D5-BABD49748E1D}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation) FirewallRules: [{974F8023-012D-41D0-B084-EB2D43FE687E}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation) ==================== Punkty Przywracania systemu ========================= ==================== Wadliwe urządzenia w Menedżerze urządzeń ============ Name: Teredo Tunneling Pseudo-Interface Description: Karta tunelowania Teredo firmy Microsoft Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318} Manufacturer: Microsoft Service: tunnel Problem: : This device cannot start. (Code10) Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device. On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard. ==================== Błędy w Dzienniku zdarzeń: ======================== Dziennik Aplikacja: ================== Error: (07/14/2021 01:19:06 AM) (Source: System Restore) (EventID: 8193) (User: ) Description: Nie można utworzyć punktu przywracania (Proces = C:\Windows\system32\msiexec.exe /V; Opis = Usunięto Badanie mające na celu poprawę produktów HP DeskJet 2130 series; Błąd = 0x80070422). Error: (07/14/2021 01:19:06 AM) (Source: System Restore) (EventID: 8193) (User: ) Description: Nie można utworzyć punktu przywracania (Proces = C:\Windows\system32\msiexec.exe /V; Opis = Removed Badanie mające na celu poprawę produktów HP DeskJet 2130 series; Błąd = 0x80070422). Error: (07/14/2021 01:18:58 AM) (Source: System Restore) (EventID: 8193) (User: ) Description: Nie można utworzyć punktu przywracania (Proces = C:\Windows\system32\msiexec.exe /V; Opis = Usunięto program HP DeskJet 2130 series Pomoc; Błąd = 0x80070422). Error: (07/14/2021 01:18:58 AM) (Source: System Restore) (EventID: 8193) (User: ) Description: Nie można utworzyć punktu przywracania (Proces = C:\Windows\system32\msiexec.exe /V; Opis = Removed HP DeskJet 2130 series Pomoc; Błąd = 0x80070422). Error: (07/14/2021 01:18:53 AM) (Source: System Restore) (EventID: 8193) (User: ) Description: Nie można utworzyć punktu przywracania (Proces = C:\Windows\system32\msiexec.exe /V; Opis = Removed HP Dropbox Plugin; Błąd = 0x80070422). Error: (07/14/2021 01:18:53 AM) (Source: System Restore) (EventID: 8193) (User: ) Description: Nie można utworzyć punktu przywracania (Proces = C:\Windows\system32\msiexec.exe /V; Opis = Removed HP Dropbox Plugin; Błąd = 0x80070422). Error: (07/14/2021 01:18:45 AM) (Source: System Restore) (EventID: 8193) (User: ) Description: Nie można utworzyć punktu przywracania (Proces = C:\Windows\system32\msiexec.exe /V; Opis = Removed HP Google Drive Plugin; Błąd = 0x80070422). Error: (07/14/2021 01:18:45 AM) (Source: System Restore) (EventID: 8193) (User: ) Description: Nie można utworzyć punktu przywracania (Proces = C:\Windows\system32\msiexec.exe /V; Opis = Removed HP Google Drive Plugin; Błąd = 0x80070422). Dziennik System: ============= Error: (07/14/2021 09:05:43 AM) (Source: Service Control Manager) (EventID: 7026) (User: ) Description: Nie można załadować następujących sterowników startu rozruchowego lub systemowego: Avgfwfd MBAMSwissArmy Error: (07/14/2021 01:47:44 AM) (Source: Service Control Manager) (EventID: 7001) (User: ) Description: Usługa Przeglądarka komputera zależy od usługi Serwer, której nie można uruchomić z powodu następującego błędu: Uruchomienie usługi zależności lub grupy nie powiodło się. Error: (07/14/2021 01:47:44 AM) (Source: Service Control Manager) (EventID: 7001) (User: ) Description: Usługa Przeglądarka komputera zależy od usługi Serwer, której nie można uruchomić z powodu następującego błędu: Uruchomienie usługi zależności lub grupy nie powiodło się. Error: (07/14/2021 01:47:44 AM) (Source: Service Control Manager) (EventID: 7001) (User: ) Description: Usługa Przeglądarka komputera zależy od usługi Serwer, której nie można uruchomić z powodu następującego błędu: Uruchomienie usługi zależności lub grupy nie powiodło się. Error: (07/14/2021 01:47:43 AM) (Source: Service Control Manager) (EventID: 7001) (User: ) Description: Usługa Przeglądarka komputera zależy od usługi Serwer, której nie można uruchomić z powodu następującego błędu: Uruchomienie usługi zależności lub grupy nie powiodło się. Error: (07/14/2021 01:47:43 AM) (Source: Service Control Manager) (EventID: 7001) (User: ) Description: Usługa Przeglądarka komputera zależy od usługi Serwer, której nie można uruchomić z powodu następującego błędu: Uruchomienie usługi zależności lub grupy nie powiodło się. Error: (07/14/2021 01:47:43 AM) (Source: Service Control Manager) (EventID: 7001) (User: ) Description: Usługa Przeglądarka komputera zależy od usługi Serwer, której nie można uruchomić z powodu następującego błędu: Uruchomienie usługi zależności lub grupy nie powiodło się. Error: (07/14/2021 01:47:43 AM) (Source: Service Control Manager) (EventID: 7001) (User: ) Description: Usługa Przeglądarka komputera zależy od usługi Serwer, której nie można uruchomić z powodu następującego błędu: Uruchomienie usługi zależności lub grupy nie powiodło się. Windows Defender: ================ Date: 2016-04-16 16:02:23.102 Description: Skanowanie produktu Windows Defender zostało zatrzymane przed ukończeniem. Identyfikator skanowania:{4D1F0231-9102-44A7-8ACF-BD4C94F18B29} Typ skanowania:Oprogramowanie antyszpiegowskie Parametry skanowania:Szybkie skanowanie Użytkownik:ZARZĄDZANIE NT\USŁUGA SIECIOWA Date: 2016-04-02 06:51:45.482 Description: Skanowanie produktu Windows Defender zostało zatrzymane przed ukończeniem. Identyfikator skanowania:{3EB42978-4BA2-4EFA-B87C-6F29032733BA} Typ skanowania:Oprogramowanie antyszpiegowskie Parametry skanowania:Szybkie skanowanie Użytkownik:ZARZĄDZANIE NT\USŁUGA SIECIOWA Date: 2016-02-14 12:41:55.262 Description: Skanowanie produktu Windows Defender zostało zatrzymane przed ukończeniem. Identyfikator skanowania:{5EDB6B8A-087E-46EE-92A9-F80633FA3285} Typ skanowania:Oprogramowanie antyszpiegowskie Parametry skanowania:Szybkie skanowanie Użytkownik:ZARZĄDZANIE NT\USŁUGA SIECIOWA Date: 2016-02-03 13:35:53.120 Description: Skanowanie produktu Windows Defender zostało zatrzymane przed ukończeniem. Identyfikator skanowania:{D5DF36DA-47ED-48F9-915D-9514E0987C87} Typ skanowania:Oprogramowanie antyszpiegowskie Parametry skanowania:Szybkie skanowanie Użytkownik:ZARZĄDZANIE NT\USŁUGA SIECIOWA Date: 2015-08-23 14:43:22.889 Description: Podczas skanowania produktu Windows Defender wykryto program szpiegujący lub inne potencjalnie niechciane oprogramowanie. Aby uzyskać więcej informacji, zobacz: http://go.microsoft.com/fwlink/?linkid=37020&name=BrowserModifier:Win32/SupTab&threatid=214126 Nazwa:BrowserModifier:Win32/SupTab Id.:214126 Ważność:Wysoki Kategoria:Program modyfikujący przeglądarkę Znaleziona ścieżka:file:C:\Program Files (x86)\XTab\ffsearch_toolbar!1.0.0.1031.xpi;file:C:\Program Files (x86)\XTab\install.data;file:C:\Program Files (x86)\XTab\msvcp110.dll;file:C:\Program Files (x86)\XTab\msvcr110.dll;file:C:\Program Files (x86)\XTab\ProtectService.exe;file:C:\Program Files (x86)\XTab\searchProvider.xml;file:C:\Program Files (x86)\XTab\skin\about.png;file:C:\Program Files (x86)\XTab\skin\about_bk.png;file:C:\Program Files (x86)\XTab\skin\btn.png;file:C:\Program Files (x86)\XTab\skin\btn_apply.png;file:C:\Program Files (x86)\XTab\skin\close.png;file:C:\Program Files (x86)\XTab\skin\conf.xml;file:C:\Program Files (x86)\XTab\skin\conf_back.png;file:C:\Program Files (x86)\XTab\skin\input_bk.png;file:C:\Program Files (x86)\XTab\skin\logo.png;file:C:\Program Files (x86)\XTab\skin\main.xml;file:C:\Program Files (x86)\XTab\skin\radio_1.png;file:C:\Program Files (x86)\XTab\skin\radio_2.png;file:C:\Program Files (x86)\XTab\skin\rigth_arrow.png;file:C:\Program Files (x86)\XTab\skin\settings.png;file:C:\Program Files Typ wykrycia:Konkretne Źródło wykrycia:System Stan:Nieznane Użytkownik:ZARZĄDZANIE NT\SYSTEM Nazwa procesu:C:\Windows\System32\svchost.exe  ==================== Statystyki pamięci =========================== BIOS: American Megatrends Inc. FE 06/21/2012 Płyta główna: Gigabyte Technology Co., Ltd. H61M-S2PV Procesor: Intel(R) Core(TM) i3-3220 CPU @ 3.30GHz Procent pamięci w użyciu: 74% Całkowita pamięć fizyczna: 4059.72 MB Dostępna pamięć fizyczna: 1049.26 MB Całkowita pamięć wirtualna: 8117.59 MB Dostępna pamięć wirtualna: 4718.8 MB ==================== Dyski ================================ Drive c: (System) (Fixed) (Total:237.88 GB) (Free:101.3 GB) NTFS Drive j: (Dane) (Fixed) (Total:572.52 GB) (Free:571.47 GB) NTFS Drive k: (Dane2) (Fixed) (Total:358.99 GB) (Free:358.44 GB) NTFS \\?\Volume{b5ef6f6c-2a75-11eb-bd58-806e6f6e6963}\ (Zastrzeżone przez system) (Fixed) (Total:0.59 GB) (Free:0.54 GB) NTFS ==================== MBR & Tablica partycji ==================== ========================================================== Disk: 0 (Size: 238.5 GB) (Disk ID: 0D261A4B) Partition 1: (Active) - (Size=600 MB) - (Type=07 NTFS) Partition 2: (Not Active) - (Size=237.9 GB) - (Type=07 NTFS) ========================================================== Disk: 1 (MBR Code: Windows 7/8/10) (Size: 931.5 GB) (Disk ID: 00ACA669) Partition 1: (Not Active) - (Size=572.5 GB) - (Type=07 NTFS) Partition 2: (Not Active) - (Size=359 GB) - (Type=07 NTFS) ==================== Koniec Addition.txt =======================