Rezultaty skanu uzupełniającego Farbar Recovery Scan Tool (x64) Wersja: 31-05-2022 01 Uruchomiony przez Andrzej (01-06-2022 15:50:17) Uruchomiony z C:\Users\Andrzej\Downloads Microsoft Windows 7 Home Premium Service Pack 1 (X64) (2012-10-14 14:19:04) Tryb startu: Normal ========================================================== ==================== Konta użytkowników: ============================= (Załączenie wejścia w fixlist spowoduje jego usunięcie.) Administrator (S-1-5-21-2770710654-563048816-2845096244-500 - Administrator - Disabled) Andrzej (S-1-5-21-2770710654-563048816-2845096244-1000 - Administrator - Enabled) => C:\Users\Andrzej Gość (S-1-5-21-2770710654-563048816-2845096244-501 - Limited - Enabled) => C:\Users\Gość.ADMIN HomeGroupUser$ (S-1-5-21-2770710654-563048816-2845096244-1006 - Limited - Enabled) ==================== Centrum zabezpieczeń ======================== (Załączenie wejścia w fixlist spowoduje jego usunięcie.) AV: ESET Security (Enabled - Up to date) {DF8BEACB-94C9-218A-73AD-A78362A8C516} AS: ESET Security (Enabled - Up to date) {64EA0B2F-B2F3-2E04-491D-9CF1192F8FAB} AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} FW: ESET Zapora (Enabled) {E7B06BEE-DEA6-20D2-58F2-0EB69C7B826D} ==================== Zainstalowane programy ====================== (W fixlist dozwolone tylko załączanie programów adware z flagą "Hidden" w celu ich uwidocznienia. Programy adware powinny zostać w poprawny sposób odinstalowane.) 64 Bit HP CIO Components Installer (HKLM\...\{BE930E38-7BB3-45B6-85B2-5251F374F844}) (Version: 6.2.2 - Hewlett-Packard) Hidden 7-Zip 19.00 (x64) (HKLM\...\7-Zip) (Version: 19.00 - Igor Pavlov) Acer Backup Manager (HKLM-x32\...\InstallShield_{0B61BBD5-DA3C-409A-8730-0C3DC3B0F270}) (Version: 3.0.0.99 - NTI Corporation) Acer eRecovery Management (HKLM-x32\...\{7F811A54-5A09-4579-90E1-C93498E230D9}) (Version: 5.00.3504 - Acer Incorporated) Acer ScreenSaver (HKLM-x32\...\Acer Screensaver) (Version: 1.1.0517.2011 - Acer Incorporated) AdGuard (HKLM-x32\...\{aa20a42b-6cff-4300-aa71-505c4a58c8be}) (Version: 7.9.3869.0 - Adguard Software Ltd) Aktualizacja produktu Microsoft Office Excel 2007 Help (KB963678) (HKLM-x32\...\{90120000-0016-0415-0000-0000000FF1CE}_ENTERPRISE_{04E205D6-88B1-4652-B162-42DF2C3B1228}) (Version: - Microsoft) Aktualizacja produktu Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM-x32\...\{90120000-0018-0415-0000-0000000FF1CE}_ENTERPRISE_{442ECBCF-94A7-48CC-8CD9-D31FFFD5FA86}) (Version: - Microsoft) Aktualizacja produktu Microsoft Office Word 2007 Help (KB963665) (HKLM-x32\...\{90120000-001B-0415-0000-0000000FF1CE}_ENTERPRISE_{128A36ED-21BE-4547-9FFE-5B85AEC735DD}) (Version: - Microsoft) Alcor Micro USB Card Reader (HKLM-x32\...\AmUStor) (Version: 1.2.42.68439 - Alcor Micro Corp.) Apple Software Update (HKLM-x32\...\{56EC47AA-5813-4FF6-8E75-544026FBEA83}) (Version: 2.2.0.150 - Apple Inc.) Ashampoo UnInstaller 8 (HKLM-x32\...\{4209F371-D192-F401-E058-BBF7CF126AEA}_is1) (Version: 8.00.12 - Ashampoo GmbH & Co. KG) Ashampoo WinOptimizer 18 (HKLM-x32\...\{4209F371-3AF1-5998-2DFB-FC430324C91A}_is1) (Version: 18.00.19 - Ashampoo GmbH & Co. KG) Atheros Communications Inc.(R) AR81Family Gigabit/Fast Ethernet Driver (HKLM-x32\...\{3108C217-BE83-42E4-AE9E-A56A2A92E549}) (Version: 1.0.2.43 - Atheros Communications Inc.) AutoCAD 2005 - English (HKLM-x32\...\{5783F2D7-0301-0409-0002-0060B0CE6BBA}) (Version: 16.1.63.10 - Autodesk) AutoCAD 2005 Express Tools Volumes 1-9 (HKLM-x32\...\{5783F2D7-0311-0409-0000-0060B0CE6BBA}) (Version: 1.0.0.0 - Autodesk) Autodesk DWF Viewer (HKLM-x32\...\Autodesk DWF Viewer) (Version: 4.1 - Autodesk, Inc.) Autodesk DWG TrueView 2016 - English (HKLM\...\DWG TrueView 2016 - English) (Version: 20.1.49.0 - Autodesk) Backup Manager V3 (HKLM-x32\...\{0B61BBD5-DA3C-409A-8730-0C3DC3B0F270}) (Version: 3.0.0.99 - NTI Corporation) Hidden Bullzip PDF Printer 10.25.0.2552 (HKLM\...\Bullzip PDF Printer_is1) (Version: 10.25.0.2552 - Bullzip) clear.fi (HKLM-x32\...\{14C4C3B6-F1F4-401F-8C86-03E8E19AAC8C}) (Version: 1.0.1517_36458 - CyberLink Corp.) Hidden clear.fi (HKLM-x32\...\{B906C11A-D193-4143-9FA7-E2EE8A5A8F21}) (Version: 9.0.8026 - CyberLink Corp.) Hidden clear.fi Client (HKLM-x32\...\{43AAE145-83CF-4C96-9A5E-756CEFCE879F}) (Version: 1.00.3500 - Acer Incorporated) CSR Harmony Wireless Software Stack (HKLM\...\{17DEA095-8EE1-49A2-AC5A-9663DB098FA9}) (Version: 2.1.63.0 - CSR Plc.) D3DX10 (HKLM-x32\...\{E09C4DB7-630C-4F06-A631-8EA7239923AF}) (Version: 15.4.2368.0902 - Microsoft) Hidden Defraggler (HKLM\...\Defraggler) (Version: 2.22 - Piriform) Detektor Winampa (HKU\S-1-5-21-2770710654-563048816-2845096244-1000\...\Winamp Detect) (Version: 1.0.0.1 - Nullsoft, Inc) EncFlac 1.1.2 (HKLM-x32\...\EncFlac) (Version: 1.1.2 - Michael Facquet) EncVorbis 1.1 (HKLM-x32\...\EncVorbis) (Version: 1.1 - Michael Facquet) ESET Security (HKLM\...\{7640EC0A-921E-44D1-9165-DE31D473EAE3}) (Version: 15.1.12.0 - ESET, spol. s r.o.) EVEREST Home Edition v2.20 (HKLM-x32\...\EVEREST Home Edition_is1) (Version: 2.20 - Lavalys Inc) EVEREST Ultimate Edition v5.50 (HKLM-x32\...\EVEREST Ultimate Edition_is1) (Version: 5.50 - FinalWire Ltd.) foobar2000 v1.6.4 (HKLM-x32\...\foobar2000) (Version: 1.6.4 - Peter Pawlowski) Fotogalerija Windows Live (HKLM-x32\...\{E59969EA-3B5B-4B24-8B94-43842A7FBFE9}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Foxit Creator (HKLM-x32\...\Foxit Creator) (Version: 3,0,1,0109 - Foxit Corporation) Free PDF Image Extractor (remove only) (HKLM\...\Free PDF Image Extractor) (Version: - ) Galeria de Fotografias do Windows Live (HKLM-x32\...\{0EC0B576-90F9-43C3-8FAD-A4902DF4B8F4}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Galería fotográfica de Windows Live (HKLM-x32\...\{E85A4EFC-82F2-4CEE-8A8E-62FDAD353A66}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Galeria fotogràfica del Windows Live (HKLM-x32\...\{4736B0ED-F6A1-48EC-A1B7-C053027648F1}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Galeria fotografii usługi Windows Live (HKLM-x32\...\{CB3F59BB-7858-41A1-A7EA-4B8A6FC7D431}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Galerie de photos Windows Live (HKLM-x32\...\{488F0347-C4A7-4374-91A7-30818BEDA710}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Galerie foto Windows Live (HKLM-x32\...\{CB66242D-12B1-4494-82D2-6F53A7E024A3}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden GIMP 2.10.24 (HKLM\...\GIMP-2_is1) (Version: 2.10.24 - The GIMP Team) Google Chrome (HKLM-x32\...\Google Chrome) (Version: 102.0.5005.63 - Google LLC) Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.35.451 - Google LLC) Hidden Google Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.25.11 - Google Inc.) Hidden Intel(R) Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1008 - Intel Corporation) Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 7.0.0.1144 - Intel Corporation) Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 9.17.10.4229 - Intel Corporation) Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 11.5.0.1207 - Intel Corporation) Intel(R) SDK for OpenCL - CPU Only Runtime Package (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 2.0.0.37149 - Intel Corporation) IrfanView 4.58 (64-bit) (HKLM\...\IrfanView64) (Version: 4.58 - Irfan Skiljan) Junk Mail filter update (HKLM-x32\...\{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Kerish Doctor 2022 (HKLM-x32\...\{EF70A54F-E09E-4570-8F21-C7674CDDB5B6}_is1) (Version: 4.90 - Kerish Products) Launch Manager (HKLM-x32\...\LManager) (Version: 5.1.4 - Acer Inc.) LenovoUsbDriver 1.0.8 (HKLM-x32\...\LenovoUsbDriver) (Version: 1.0.8 - Lenovo) Mesh Runtime (HKLM-x32\...\{8C6D6116-B724-4810-8F2D-D047E6B7D68E}) (Version: 15.4.5722.2 - Microsoft Corporation) Hidden MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation) MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation) MX5 (HKLM-x32\...\Maxthon5) (Version: 5.2.7.5000 - Maxthon International Limited) Nitro Pro 8 (HKLM\...\{62721310-3C83-442A-81D1-6BB454A5B17E}) (Version: 8.5.1.10 - Nitro) NTI Media Maker 9 (HKLM-x32\...\InstallShield_{D3D5C4E8-040F-4C6F-8105-41D43CF94F44}) (Version: 9.0.2.9002 - NTI Corporation) OBS Multiplatform (HKLM-x32\...\OBS Multiplatform) (Version: 0.12.0 - OBS Project) Obsługa programów Apple (HKLM-x32\...\{46F044A5-CE8B-4196-984E-5BD6525E361D}) (Version: 2.3.6 - Apple Inc.) Omron Health Management Software (HKLM-x32\...\{E01DFD45-F13A-4F12-AC38-8EEE2163E52E}) (Version: 1.60.0004 - Omron Healthcare) OpenOffice 4.1.4 (HKLM-x32\...\{BA41785F-1DB1-4CEA-830A-149E940786B8}) (Version: 4.14.9788 - Apache Software Foundation) Opera Stable 86.0.4363.58 (HKLM-x32\...\Opera 86.0.4363.58) (Version: 86.0.4363.58 - Opera Software) PageExpress A3 USB 600 Pro V1.1 (HKLM-x32\...\{900581ED-9396-428C-A277-119DAADB1D0A}) (Version: 1.1 - Nazwa firmy) Hidden PageExpress A3 USB 600 Pro V1.1 (HKLM-x32\...\InstallShield_{900581ED-9396-428C-A277-119DAADB1D0A}) (Version: 1.1 - Nazwa firmy) PC Win Booster Free (HKLM-x32\...\PC Win Booster Free_is1) (Version: 10.0.3.155 - Sorentio Systems Ltd.) PDF24 Creator 9.2.2 (HKLM-x32\...\{81A6F461-0DBA-4F12-B56F-0E977EC10576}_is1) (Version: 9.2.2 - PDF24.org) PDFCreator (HKLM\...\{00010FEF-82A2-497E-983A-7105A0167FA7}) (Version: 4.0.3 - pdfforge GmbH) PDFill PDF Editor with FREE Writer and FREE Tools (HKLM\...\{D1399216-81B2-457C-A0F7-73B9A2EF6902}) (Version: 13.0 - PlotSoft LLC) PDF-Viewer (HKLM\...\{A278382D-4F1B-4D47-9885-8523F7261E8D}_is1) (Version: 2.5.322.10 - Tracker Software Products Ltd) PDF-XChange Viewer (HKLM\...\{9ED333F8-3E6C-4A38-BAFA-728454121CDA}) (Version: 2.5.211.0 - Tracker Software Products (Canada) Ltd.) PerformanceTest v7.0 (64-bit) (HKLM\...\PerformanceTest 7_is1) (Version: 7.0 - Passmark Software) PhotoScape (HKLM-x32\...\PhotoScape) (Version: - ) Poczta usługi Windows Live (HKLM-x32\...\{64376910-1860-4CEF-8B34-AA5D205FC5F1}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Podstawowe programy Windows Live (HKLM-x32\...\{7A9D47BA-6D50-4087-866F-0800D8B89383}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Pošta Windows Live (HKLM-x32\...\{7BA19818-F717-4DFB-BC11-FAF17B2B8AEE}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden PrivaZer (HKLM-x32\...\PrivaZer) (Version: 4.0.31.0 - Goversoft LLC) PROFIT v. 3.06.003 START (HKLM-x32\...\PROFIT_is1) (Version: - IZIS SOFT) QuickTime 7 (HKLM-x32\...\{FF59BD75-466A-4D5A-AD23-AAD87C5FD44C}) (Version: 7.79.80.95 - Apple Inc.) Raccolta foto di Windows Live (HKLM-x32\...\{ED16B700-D91F-44B0-867C-7EB5253CA38D}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden RadioSure (HKU\S-1-5-21-2770710654-563048816-2845096244-1000\...\RadioSure) (Version: - ) Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.8432 - Realtek Semiconductor Corp.) Resource Hacker Version 4.5.30 (HKLM-x32\...\ResourceHacker_is1) (Version: - ) RogueKiller version 15.5.1.0 (HKLM\...\8B3D7924-ED89-486B-8322-E8594065D5CB_is1) (Version: 15.5.1.0 - Adlice Software) Screamer Radio (HKU\S-1-5-21-2770710654-563048816-2845096244-1000\...\Screamer) (Version: 1.7265.31862 - Steamcore) Security Task Manager 2.4 (HKLM-x32\...\Security Task Manager) (Version: 2.4 - Neuber Software) SharewareOnSale Notifier (HKU\S-1-5-21-2770710654-563048816-2845096244-1000\...\SharewareOnSale Notifier) (Version: 20 - SharewareOnSale) Skype (wersja 8.75) (HKLM-x32\...\Skype_is1) (Version: 8.75 - Skype Technologies S.A.) Skype Click to Call (HKLM-x32\...\{873F8E7C-10E6-449F-BD7E-5FBA7C8E1C9B}) (Version: 8.5.0.9167 - Microsoft Corporation) Surfshark (HKLM-x32\...\{0C318F99-753A-4053-9368-6B87A3AB659E}) (Version: 3.4.4999 - Surfshark) Hidden Surfshark (HKLM-x32\...\Surfshark 3.4.4999) (Version: 3.4.4999 - Surfshark) Surfshark TAP Driver Windows (HKLM-x32\...\{D14EEDB2-A6B3-44EC-852B-5EFDAD0FF8F5}) (Version: 1.0 - Surfshark) Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 15.1.18.0 - Synaptics Incorporated) TapinRadio 2.14.8 (x32) (HKLM-x32\...\TapinRadio_is1) (Version: - Raimersoft) UnHackMe 13.80 (HKLM-x32\...\UnHackMe_is1) (Version: - Greatis Software) Unlocker 1.9.2 (HKLM\...\Unlocker) (Version: 1.9.2 - Cedrick Collomb) Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft) VLC media player (HKLM\...\VLC media player) (Version: 3.0.15 - VideoLAN) VueScan x64 (HKLM\...\VueScan x64) (Version: - ) Welcome Center (HKLM-x32\...\Acer Welcome Center) (Version: 1.02.3504 - Acer Incorporated) Winamp (HKLM-x32\...\Winamp) (Version: 5.666 - Nullsoft, Inc) WinRAR 6.02 (64-bit) (HKLM\...\WinRAR archiver) (Version: 6.02.0 - win.rar GmbH) Συλλογή φωτογραφιών του Windows Live (HKLM-x32\...\{C00C2A91-6CB3-483F-80B3-2958E29468F1}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Основные компоненты Windows Live (HKLM-x32\...\{E83DC314-C926-4214-AD58-147691D6FE9F}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Почта Windows Live (HKLM-x32\...\{B63F0CE3-CCD0-490A-9A9C-E1A3B3A17137}) (Version: 15.4.3502.0922 - Корпорация Майкрософт) Hidden Фотоальбом Windows Live (HKLM-x32\...\{77F69CA1-E53D-4D77-8BA3-FA07606CC851}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Фотогалерия на Windows Live (HKLM-x32\...\{4444F27C-B1A8-464E-9486-4C37BAB39A09}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden גלריית התמונות של Windows Live (HKLM-x32\...\{CE929F09-3853-4180-BD90-30764BFF7136}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden بريد Windows Live (HKLM-x32\...\{0A4C4B29-5A9D-4910-A13C-B920D5758744}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden معرض صور Windows Live (HKLM-x32\...\{FBCA06D2-4642-4F33-B20A-A7AB3F0D2E69}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden ==================== Niestandardowe rejestracje CLSID (filtrowane): ============== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) CustomCLSID: HKU\S-1-5-21-2770710654-563048816-2845096244-1000_Classes\CLSID\{149DD748-EA85-45A6-93C5-AC50D0260C98}\localserver32 -> C:\Program Files\Autodesk\DWG TrueView 2016 - English\dwgviewr.exe (Autodesk, Inc -> Autodesk, Inc.) CustomCLSID: HKU\S-1-5-21-2770710654-563048816-2845096244-1000_Classes\CLSID\{3faa4380-a399-11cf-a466-00805fe418f6}\InprocServer32 -> C:\Program Files\Autodesk\DWG TrueView 2016 - English\en-US\dwgviewrficn.dll (Autodesk, Inc -> Autodesk, Inc.) ShellExecuteHooks-x32: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2217832 2009-02-26] (Microsoft Corporation -> Microsoft Corporation) ContextMenuHandlers1: [###MegaContextMenuExt] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => -> Brak pliku ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2019-02-21] (Igor Pavlov) [Brak podpisu cyfrowego] ContextMenuHandlers1: [AcShellExtension.AcContextMenuHandler] -> {2E7A2C6C-B938-40a4-BA1C-C7EC982DC202} => C:\Program Files\Common Files\Autodesk Shared\AcShellEx\AcShellExtension.dll [2015-02-06] (Autodesk, Inc -> Autodesk) ContextMenuHandlers1: [AIMP] -> {1F77B17B-F531-44DB-ACA4-76ABB5010A28} => C:\Program Files (x86)\AIMP\System\aimp_menu64.dll [2021-09-14] (IP Izmaylov Artem Andreevich -> AIMP DevTeam) ContextMenuHandlers1: [cm_64bit] -> {69E19770-EA24-49e2-B997-405EDBEF4C05} => -> Brak pliku ContextMenuHandlers1: [DefragglerShellExtension] -> {4380C993-0C43-4E02-9A7A-0D40B6EA7590} => C:\Program Files\Defraggler\DefragglerShell64.dll [2018-05-02] (Piriform Ltd -> Piriform Ltd) ContextMenuHandlers1: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Security\shellExt.dll [2022-03-15] (ESET, spol. s r.o. -> ESET) ContextMenuHandlers1: [Glary Utilities] -> {B3C418F8-922B-4faf-915E-59BC14448CF7} => -> Brak pliku ContextMenuHandlers1: [IObitUnstaler] -> {836AB26C-2DE4-41D3-AC24-4C6C2699B960} => -> Brak pliku ContextMenuHandlers1: [NP8ShellExtension] -> {9C4B85B8-956C-49BF-9BA5-101384E562B2} => C:\Program Files\Common Files\Nitro\Pro\8.0\NPShellExtension64.dll [2013-03-05] (Nitro PDF Software -> Nitro PDF) ContextMenuHandlers1: [PDFCreator.ShellContextMenu] -> {d9cea52e-100d-4159-89ea-76e845bc13e1} => C:\Program Files\PDFCreator\PDFCreatorShell.DLL [2019-11-19] (pdfforge GmbH -> pdfforge GmbH) ContextMenuHandlers1: [PrivaZer] -> {7691BE2F-3D79-AADE-9C87-4D6EBCC76682} => C:\Program Files (x86)\PrivaZer\PrivaMenu6.dll [2020-03-08] (Goversoft LLC -> ) ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2021-06-11] (win.rar GmbH -> Alexander Roshal) ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2021-06-11] (win.rar GmbH -> Alexander Roshal) ContextMenuHandlers2: [cm_64bit] -> {69E19770-EA24-49e2-B997-405EDBEF4C05} => -> Brak pliku ContextMenuHandlers2: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Security\shellExt.dll [2022-03-15] (ESET, spol. s r.o. -> ESET) ContextMenuHandlers2: [Glary Utilities] -> {B3C418F8-922B-4faf-915E-59BC14448CF7} => -> Brak pliku ContextMenuHandlers2: [PrivaZer] -> {7691BE2F-3D79-AADE-9C87-4D6EBCC76682} => C:\Program Files (x86)\PrivaZer\PrivaMenu6.dll [2020-03-08] (Goversoft LLC -> ) ContextMenuHandlers3: [PrivaZer] -> {7691BE2F-3D79-AADE-9C87-4D6EBCC76682} => C:\Program Files (x86)\PrivaZer\PrivaMenu6.dll [2020-03-08] (Goversoft LLC -> ) ContextMenuHandlers3: [UnlockerShellExtension] -> {DDE4BEEB-DDE6-48fd-8EB5-035C09923F83} => C:\Program Files\Unlocker\UnlockerCOM.dll [2010-07-15] (Empty Loop -> ) ContextMenuHandlers4: [###MegaContextMenuExt] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => -> Brak pliku ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2019-02-21] (Igor Pavlov) [Brak podpisu cyfrowego] ContextMenuHandlers4: [AIMP] -> {1F77B17B-F531-44DB-ACA4-76ABB5010A28} => C:\Program Files (x86)\AIMP\System\aimp_menu64.dll [2021-09-14] (IP Izmaylov Artem Andreevich -> AIMP DevTeam) ContextMenuHandlers4: [cm_64bit] -> {69E19770-EA24-49e2-B997-405EDBEF4C05} => -> Brak pliku ContextMenuHandlers4: [IObitUnstaler] -> {836AB26C-2DE4-41D3-AC24-4C6C2699B960} => -> Brak pliku ContextMenuHandlers4: [PrivaZer] -> {7691BE2F-3D79-AADE-9C87-4D6EBCC76682} => C:\Program Files (x86)\PrivaZer\PrivaMenu6.dll [2020-03-08] (Goversoft LLC -> ) ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => C:\Windows\system32\igfxpph.dll [2015-05-26] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation) ContextMenuHandlers6: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2019-02-21] (Igor Pavlov) [Brak podpisu cyfrowego] ContextMenuHandlers6: [DefragglerShellExtension] -> {4380C993-0C43-4E02-9A7A-0D40B6EA7590} => C:\Program Files\Defraggler\DefragglerShell64.dll [2018-05-02] (Piriform Ltd -> Piriform Ltd) ContextMenuHandlers6: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Security\shellExt.dll [2022-03-15] (ESET, spol. s r.o. -> ESET) ContextMenuHandlers6: [Glary Utilities] -> {B3C418F8-922B-4faf-915E-59BC14448CF7} => -> Brak pliku ContextMenuHandlers6: [IObitUnstaler] -> {836AB26C-2DE4-41D3-AC24-4C6C2699B960} => -> Brak pliku ContextMenuHandlers6: [PrivaZer] -> {7691BE2F-3D79-AADE-9C87-4D6EBCC76682} => C:\Program Files (x86)\PrivaZer\PrivaMenu6.dll [2020-03-08] (Goversoft LLC -> ) ContextMenuHandlers6: [UnlockerShellExtension] -> {DDE4BEEB-DDE6-48fd-8EB5-035C09923F83} => C:\Program Files\Unlocker\UnlockerCOM.dll [2010-07-15] (Empty Loop -> ) ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2021-06-11] (win.rar GmbH -> Alexander Roshal) ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2021-06-11] (win.rar GmbH -> Alexander Roshal) ==================== Codecs (filtrowane) ==================== (Załączenie wejścia w fixlist spowoduje usunięcie obiektu z rejestru lub przywrócenie jego domyślnej postaci. Powiązany plik nie zostanie przeniesiony.) HKLM\...\Drivers32: [VIDC.FICV] => C:\Windows\system32\ficvdec_x64.dll [652288 2013-05-28] () [Brak podpisu cyfrowego] HKLM\...\Drivers32: [msacm.l3acm] => C:\Windows\SysWOW64\l3codecp.acm [220672 2009-07-14] (Microsoft Windows -> Fraunhofer Institut Integrierte Schaltungen IIS) HKLM\...\Drivers32: [VIDC.FICV] => C:\Windows\SysWOW64\ficvdec_x86.dll [641024 2013-05-28] () [Brak podpisu cyfrowego] HKLM\...\Drivers32: [vidc.xvid] => C:\Windows\SysWOW64\xvidvfw.dll [246736 2017-06-23] (Cole Williams Software Limited -> ) HKLM\...\Drivers32: [vidc.x264] => C:\Windows\SysWOW64\x264vfw.dll [3850240 2017-07-30] (x264vfw project) [Brak podpisu cyfrowego] HKLM\...\Drivers32: [vidc.lags] => C:\Windows\SysWOW64\lagarith.dll [230080 2016-09-21] (Cole Williams Software Limited -> ) HKLM\...\Drivers32: [msacm.divxa32] => C:\Windows\SysWOW64\DivXa32.acm [291408 2013-12-17] (Packed With Joy !) [Brak podpisu cyfrowego] ==================== Skróty & WMI ======================== (Wybrane wejścia mogą zostać załączone w celu ich zresetowania lub usunięcia.) WMI:subscription\__FilterToConsumerBinding->CommandLineEventConsumer.Name=\"BVTConsumer\"",Filter="__EventFilter.Name=\"BVTFilter\":: WMI:subscription\__EventFilter->BVTFilter::[Query => SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99] WMI:subscription\CommandLineEventConsumer->BVTConsumer::[CommandLineTemplate => cscript KernCap.vbs][WorkingDirectory => C:\\tools\\kernrate] ShortcutWithArgument: C:\Users\Andrzej\Desktop\Nie ja ale TY.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory=Default --app-id=hojeimjoloiannkkcmdedkelcfmgaacp ShortcutWithArgument: C:\Users\Andrzej\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplikacje Chrome\Nie ja ale TY.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory=Default --app-id=hojeimjoloiannkkcmdedkelcfmgaacp ==================== Załadowane moduły (filtrowane) ============= 2022-02-01 08:41 - 2022-02-01 08:41 - 000263680 _____ () [Brak podpisu cyfrowego] C:\Program Files (x86)\Surfshark\Resources\x64\Surfshark.Firewall.dll 2021-10-27 11:41 - 2021-10-27 11:41 - 001601536 _____ () [Brak podpisu cyfrowego] C:\Program Files (x86)\Surfshark\runtimes\win-x64\native\e_sqlite3.dll 2020-03-08 21:18 - 2020-03-08 21:18 - 000016384 _____ () [Brak podpisu cyfrowego] C:\Windows\assembly\NativeImages_v4.0.30319_32\PSIClient\90a8e8dcf782610b49a199387a6f6073\PSIClient.ni.dll 2016-04-05 02:35 - 2016-08-29 14:59 - 000218112 _____ (Bullzip) [Brak podpisu cyfrowego] C:\Program Files\Common Files\Bullzip\PDF Printer\Ports\BULLZIP\bzpdf.dll 2016-09-30 22:46 - 2009-04-16 14:08 - 000136704 _____ (Hewlett-Packard Company) [Brak podpisu cyfrowego] C:\Windows\System32\hpf3l70v.dll 2016-09-30 23:10 - 2009-04-16 14:08 - 000248320 _____ (Hewlett-Packard Corporation) [Brak podpisu cyfrowego] C:\Windows\system32\spool\PRTPROCS\x64\hpfpp70v.dll 2009-05-14 16:49 - 2009-05-14 16:49 - 000071680 _____ (Hewlett-Packard) [Brak podpisu cyfrowego] c:\windows\system32\hpzinw12.dll 2019-07-22 17:44 - 2019-02-21 18:00 - 000078336 _____ (Igor Pavlov) [Brak podpisu cyfrowego] C:\Program Files\7-Zip\7-zip.dll 2020-03-08 21:18 - 2020-03-08 21:18 - 000019968 _____ (Intel Corp.) [Brak podpisu cyfrowego] C:\Windows\assembly\NativeImages_v4.0.30319_32\IAStorCommon\ff531e48b178902583e5d57461c5572d\IAStorCommon.ni.dll 2017-01-10 01:43 - 2012-07-09 14:46 - 000269312 _____ (Intel Corporation) [Brak podpisu cyfrowego] [Plik w użyciu] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\PsiData.dll 2017-01-10 01:43 - 2012-07-09 14:46 - 000497664 _____ (Intel Corporation) [Brak podpisu cyfrowego] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\ISDI2.dll 2020-03-08 21:18 - 2020-03-08 21:18 - 000075264 _____ (Intel Corporation) [Brak podpisu cyfrowego] C:\Windows\assembly\NativeImages_v4.0.30319_32\IAStorDataMgr\fbdf2290bd7a779b39a94e6fa8549d13\IAStorDataMgr.ni.dll 2020-03-08 21:18 - 2020-03-08 21:18 - 000379392 _____ (Intel Corporation) [Brak podpisu cyfrowego] C:\Windows\assembly\NativeImages_v4.0.30319_32\IAStorUtil\0f6c29489ec9a4b43dfbdf255a650fc5\IAStorUtil.ni.dll 2020-03-08 21:19 - 2020-03-08 21:19 - 001114624 _____ (Intel Corporation) [Brak podpisu cyfrowego] C:\Windows\assembly\NativeImages_v4.0.30319_32\IAStorViewModel\84022df9a0855dc68e676c1bb1b7ea51\IAStorViewModel.ni.dll 2020-03-08 21:18 - 2020-03-08 21:18 - 003864576 _____ (Intel Corporation) [Brak podpisu cyfrowego] C:\Windows\assembly\NativeImages_v4.0.30319_32\PSI\ec81389ba66d057d93cf223e588e4453\PSI.ni.dll 2020-03-08 21:18 - 2020-03-08 21:18 - 000643584 _____ (Intel Corporation) [Brak podpisu cyfrowego] C:\Windows\assembly\NativeImages_v4.0.30319_32\PsiData\0bc29e06aac607eabf404fcde012d010\PsiData.ni.dll 2016-01-28 00:36 - 2016-01-28 00:36 - 000225280 _____ (Microsoft Corporation) [Brak podpisu cyfrowego] [Plik w użyciu] C:\Windows\WinSxS\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_50934f2ebcb7eb57\msvcm90.dll 2001-01-12 19:17 - 2001-01-12 19:17 - 000159744 _____ (Microsoft Corporation) [Brak podpisu cyfrowego] C:\Program Files (x86)\Common Files\microsoft shared\VBA\VBA6\1033\VBE6INTL.DLL 2016-01-28 00:13 - 2016-01-28 00:13 - 000097280 _____ (Microsoft Corporation) [Brak podpisu cyfrowego] C:\Windows\WinSxS\x86_microsoft.vc80.atl_1fc8b3b9a1e18e3b_8.0.50727.6195_none_d1cb102c435421de\ATL80.DLL 2020-03-08 21:18 - 2020-03-08 21:18 - 000027136 _____ (Microsoft) [Brak podpisu cyfrowego] C:\Windows\assembly\NativeImages_v4.0.30319_32\IAStorDataMcfeeca6f#\690596fd26747698c1477648497825ec\IAStorDataMgrSvcInterfaces.ni.dll 2013-03-19 13:59 - 2018-10-17 00:56 - 000117248 _____ (pdfforge GmbH) [Brak podpisu cyfrowego] C:\Windows\System32\pdfcmon.dll ==================== Alternate Data Streams (filtrowane) ======== (Załączenie wejścia w fixlist spowoduje usunięcie strumienia ADS.) AlternateDataStreams: C:\Windows\system32\aelupsvc.dll:$CmdTcID [64] AlternateDataStreams: C:\Windows\system32\apphelp.dll:$CmdTcID [64] AlternateDataStreams: C:\Windows\system32\COLORCNV.DLL:$CmdTcID [130] AlternateDataStreams: C:\Windows\system32\CPFilters.dll:$CmdTcID [64] AlternateDataStreams: C:\Windows\system32\D3DCompiler_40.dll:$CmdTcID [64] AlternateDataStreams: C:\Windows\system32\d3dx10_40.dll:$CmdTcID [64] AlternateDataStreams: C:\Windows\system32\D3DX9_40.dll:$CmdTcID [64] AlternateDataStreams: C:\Windows\system32\els.dll:$CmdTcID [64] AlternateDataStreams: C:\Windows\system32\EncDec.dll:$CmdTcID [64] AlternateDataStreams: C:\Windows\system32\fixmapi.exe:$CmdTcID [64] AlternateDataStreams: C:\Windows\system32\ksproxy.ax:$CmdTcID [64] AlternateDataStreams: C:\Windows\system32\ksuser.dll:$CmdTcID [64] AlternateDataStreams: C:\Windows\system32\mcmde.dll:$CmdTcID [64] AlternateDataStreams: C:\Windows\system32\mfvdsp.dll:$CmdTcID [64] AlternateDataStreams: C:\Windows\system32\MFWMAAEC.DLL:$CmdTcID [64] AlternateDataStreams: C:\Windows\system32\MP3DMOD.DLL:$CmdTcID [64] AlternateDataStreams: C:\Windows\system32\MP43DECD.DLL:$CmdTcID [64] AlternateDataStreams: C:\Windows\system32\MP4SDECD.DLL:$CmdTcID [64] AlternateDataStreams: C:\Windows\system32\MPG4DECD.DLL:$CmdTcID [64] AlternateDataStreams: C:\Windows\system32\msmpeg2adec.dll:$CmdTcID [64] AlternateDataStreams: C:\Windows\system32\MSMPEG2ENC.DLL:$CmdTcID [64] AlternateDataStreams: C:\Windows\system32\RESAMPLEDMO.DLL:$CmdTcID [64] AlternateDataStreams: C:\Windows\system32\sdbinst.exe:$CmdTcID [64] AlternateDataStreams: C:\Windows\system32\shimeng.dll:$CmdTcID [64] AlternateDataStreams: C:\Windows\system32\SysFxUI.dll:$CmdTcID [64] AlternateDataStreams: C:\Windows\system32\VIDRESZR.DLL:$CmdTcID [64] AlternateDataStreams: C:\Windows\system32\WMADMOD.DLL:$CmdTcID [64] AlternateDataStreams: C:\Windows\system32\WMADMOE.DLL:$CmdTcID [64] AlternateDataStreams: C:\Windows\system32\WMALFXGFXDSP.dll:$CmdTcID [64] AlternateDataStreams: C:\Windows\system32\WMSPDMOD.DLL:$CmdTcID [64] AlternateDataStreams: C:\Windows\system32\WMSPDMOE.DLL:$CmdTcID [130] AlternateDataStreams: C:\Windows\system32\WMVDECOD.DLL:$CmdTcID [64] AlternateDataStreams: C:\Windows\system32\WMVENCOD.DLL:$CmdTcID [64] AlternateDataStreams: C:\Windows\system32\WMVSDECD.DLL:$CmdTcID [64] AlternateDataStreams: C:\Windows\system32\WMVSENCD.DLL:$CmdTcID [64] AlternateDataStreams: C:\Windows\system32\WMVXENCD.DLL:$CmdTcID [64] AlternateDataStreams: C:\Windows\system32\wshrm.dll:$CmdTcID [64] AlternateDataStreams: C:\Windows\SysWOW64\apphelp.dll:$CmdTcID [64] AlternateDataStreams: C:\Windows\SysWOW64\COLORCNV.DLL:$CmdTcID [64] AlternateDataStreams: C:\Windows\SysWOW64\CPFilters.dll:$CmdTcID [64] AlternateDataStreams: C:\Windows\SysWOW64\D3DCompiler_40.dll:$CmdTcID [64] AlternateDataStreams: C:\Windows\SysWOW64\d3dx10_40.dll:$CmdTcID [64] AlternateDataStreams: C:\Windows\SysWOW64\D3DX9_40.dll:$CmdTcID [64] AlternateDataStreams: C:\Windows\SysWOW64\devenum.dll:$CmdTcID [64] AlternateDataStreams: C:\Windows\SysWOW64\els.dll:$CmdTcID [64] AlternateDataStreams: C:\Windows\SysWOW64\EncDec.dll:$CmdTcID [64] AlternateDataStreams: C:\Windows\SysWOW64\fixmapi.exe:$CmdTcID [64] AlternateDataStreams: C:\Windows\SysWOW64\javaws.exe:$CmdTcID [64] AlternateDataStreams: C:\Windows\SysWOW64\ksproxy.ax:$CmdTcID [64] AlternateDataStreams: C:\Windows\SysWOW64\ksuser.dll:$CmdTcID [130] AlternateDataStreams: C:\Windows\SysWOW64\mapistub.dll:$CmdTcID [64] AlternateDataStreams: C:\Windows\SysWOW64\mfvdsp.dll:$CmdTcID [64] AlternateDataStreams: C:\Windows\SysWOW64\MFWMAAEC.DLL:$CmdTcID [64] AlternateDataStreams: C:\Windows\SysWOW64\MP3DMOD.DLL:$CmdTcID [64] AlternateDataStreams: C:\Windows\SysWOW64\MP43DECD.DLL:$CmdTcID [64] AlternateDataStreams: C:\Windows\SysWOW64\MP4SDECD.DLL:$CmdTcID [64] AlternateDataStreams: C:\Windows\SysWOW64\MPG4DECD.DLL:$CmdTcID [64] AlternateDataStreams: C:\Windows\SysWOW64\msmpeg2adec.dll:$CmdTcID [64] AlternateDataStreams: C:\Windows\SysWOW64\MSMPEG2ENC.DLL:$CmdTcID [64] AlternateDataStreams: C:\Windows\SysWOW64\msmpeg2vdec.dll:$CmdTcID [64] AlternateDataStreams: C:\Windows\SysWOW64\PhysXCompatCplUI.exe:$CmdTcID [64] AlternateDataStreams: C:\Windows\SysWOW64\PhysXCplUI.exe:$CmdTcID [64] AlternateDataStreams: C:\Windows\SysWOW64\qasf.dll:$CmdTcID [64] AlternateDataStreams: C:\Windows\SysWOW64\qedit.dll:$CmdTcID [64] AlternateDataStreams: C:\Windows\SysWOW64\RESAMPLEDMO.DLL:$CmdTcID [64] AlternateDataStreams: C:\Windows\SysWOW64\sdbinst.exe:$CmdTcID [64] AlternateDataStreams: C:\Windows\SysWOW64\shimeng.dll:$CmdTcID [64] AlternateDataStreams: C:\Windows\SysWOW64\VIDRESZR.DLL:$CmdTcID [64] AlternateDataStreams: C:\Windows\SysWOW64\WISPTIS.EXE:$CmdTcID [64] AlternateDataStreams: C:\Windows\SysWOW64\WMADMOD.DLL:$CmdTcID [64] AlternateDataStreams: C:\Windows\SysWOW64\WMADMOE.DLL:$CmdTcID [64] AlternateDataStreams: C:\Windows\SysWOW64\wmpmde.dll:$CmdTcID [64] AlternateDataStreams: C:\Windows\SysWOW64\WMSPDMOD.DLL:$CmdTcID [64] AlternateDataStreams: C:\Windows\SysWOW64\WMSPDMOE.DLL:$CmdTcID [64] AlternateDataStreams: C:\Windows\SysWOW64\WMVDECOD.DLL:$CmdTcID [64] AlternateDataStreams: C:\Windows\SysWOW64\WMVENCOD.DLL:$CmdTcID [130] AlternateDataStreams: C:\Windows\SysWOW64\WMVSDECD.DLL:$CmdTcID [64] AlternateDataStreams: C:\Windows\SysWOW64\WMVSENCD.DLL:$CmdTcID [64] AlternateDataStreams: C:\Windows\SysWOW64\WMVXENCD.DLL:$CmdTcID [64] AlternateDataStreams: C:\Windows\SysWOW64\wshrm.dll:$CmdTcID [64] AlternateDataStreams: C:\Windows\system32\Drivers\drmk.sys:$CmdTcID [64] AlternateDataStreams: C:\Windows\system32\Drivers\drmkaud.sys:$CmdTcID [64] AlternateDataStreams: C:\Windows\system32\Drivers\portcls.sys:$CmdTcID [64] AlternateDataStreams: C:\Users\Andrzej\AppData\Roaming\Microsoft\Windows\Start Menu\W obronie Wiary i Tradycji Katolickiej.website:DESTICON_ec11134e5693a65a149a87d7e3d27cf5-1379509959 [1698] AlternateDataStreams: C:\Users\Andrzej\AppData\Roaming\Microsoft\Windows\Start Menu\W obronie Wiary i Tradycji Katolickiej.website:DESTICON_ec11134e5693a65a149a87d7e3d27cf5-1587315079 [1698] AlternateDataStreams: C:\Users\Andrzej\AppData\Roaming\Microsoft\Windows\Start Menu\W obronie Wiary i Tradycji Katolickiej.website:DESTICON_ec11134e5693a65a149a87d7e3d27cf5-2144400857 [1698] AlternateDataStreams: C:\Users\Andrzej\AppData\Roaming\Microsoft\Windows\Start Menu\W obronie Wiary i Tradycji Katolickiej.website:DESTICON_ec11134e5693a65a149a87d7e3d27cf5175198541 [1698] AlternateDataStreams: C:\Users\Andrzej\AppData\Roaming\Microsoft\Windows\Start Menu\W obronie Wiary i Tradycji Katolickiej.website:DESTICON_ec11134e5693a65a149a87d7e3d27cf5638546998 [1698] AlternateDataStreams: C:\Users\Andrzej\AppData\Roaming\Microsoft\Windows\Start Menu\W obronie Wiary i Tradycji Katolickiej.website:TASKICON_0ec11134e5693a65a149a87d7e3d27cf51514041266 [1698] AlternateDataStreams: C:\Users\Andrzej\AppData\Roaming\Microsoft\Windows\Start Menu\W obronie Wiary i Tradycji Katolickiej.website:TASKICON_1favicon818190576 [10862] AlternateDataStreams: C:\Users\Andrzej\AppData\Roaming\Microsoft\Windows\Start Menu\W obronie Wiary i Tradycji Katolickiej.website:TASKICON_2favicon856924206 [10862] AlternateDataStreams: C:\Users\Andrzej\AppData\Roaming\Microsoft\Windows\Start Menu\W obronie Wiary i Tradycji Katolickiej.website:TASKICON_3favicon-778822629 [10862] ==================== Tryb awaryjny (filtrowane) ================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Wartość "AlternateShell" zostanie przywrócona.) HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\NanoServiceMain => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PSUAService => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NanoServiceMain => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\PSUAService => ""="Service" ==================== Powiązania plików (filtrowane) ================= (Załączenie wejścia w fixlist spowoduje usunięcie obiektu z rejestru lub przywrócenie jego domyślnej postaci.) HKU\S-1-5-21-2770710654-563048816-2845096244-1000\Software\Classes\scrfile: <==== UWAGA HKU\S-1-5-21-2770710654-563048816-2845096244-1000\Software\Classes\.scr: scrfile => <==== UWAGA ==================== Internet Explorer (Wersja 11) (filtrowane) ========== HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://niejaalety.blogspot.com HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://niejaalety.blogspot.com HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Local Page = HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank DownloadDir: C:\Users\Andrzej\Downloads SearchScopes: HKU\S-1-5-21-2770710654-563048816-2845096244-1000 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-21-2770710654-563048816-2845096244-1000 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = BHO: ExplorerWnd Helper -> {10921475-03CE-4E04-90CE-E2E7EF20C814} -> Brak pliku BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_301\bin\ssv.dll [2021-09-06] (Oracle America, Inc. -> Oracle Corporation) BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_301\bin\jp2ssv.dll [2021-09-06] (Oracle America, Inc. -> Oracle Corporation) Toolbar: HKLM-x32 - PDF Architect 5 Toolbar - {84F23192-A475-4038-B5C0-8584777F2DF4} - C:\Program Files (x86)\PDF Architect 5\creator-ie-plugin.dll [2017-05-08] (pdfforge GmbH -> pdfforge GmbH) Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll [2017-01-02] (Skype Software Sarl -> Skype Technologies) ==================== Hosts - zawartość: ========================= (Użycie dyrektywy Hosts: w fixlist spowoduje reset pliku Hosts.) 2009-07-14 04:34 - 2022-06-01 01:56 - 000029298 _____ C:\Windows\system32\drivers\etc\hosts 127.0.0.1 localhost 0.0.0.0 0123movies.com 0.0.0.0 0sntp7dnrr.com 0.0.0.0 10gamestop.com 0.0.0.0 11bet.com 0.0.0.0 12kotov.ru 0.0.0.0 1406588359.rsc.cdn77.org 0.0.0.0 1dnscontrol.com 0.0.0.0 1redirb.com 0.0.0.0 360installer.com 0.0.0.0 4cj5qu70.top 0.0.0.0 77.mycfg.site 0.0.0.0 78325.alexsoff.com 0.0.0.0 88796.alexsoff.com 0.0.0.0 addons-chrome.com 0.0.0.0 adf.ly 0.0.0.0 adsrvr.org 0.0.0.0 adsymptotic.com 0.0.0.0 adturtle.biz 0.0.0.0 adult.yourblocksite.com 0.0.0.0 advertising.com 0.0.0.0 advmaker.su 0.0.0.0 agkn.com 0.0.0.0 akisho.ru 0.0.0.0 alexsoff.com 0.0.0.0 allowcontent.site 0.0.0.0 allsthe.net 0.0.0.0 alphashoppers.com 0.0.0.0 altocloudmedia.com 0.0.0.0 am15.net Wykryto więcej niż wyliczono: 1149 linii. ==================== Inne obszary =========================== (Obecnie brak automatycznej naprawy dla tej sekcji.) HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Common Files\Oracle\Java\javapath;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\system32\Wbem;C:\ProgramData\Oracle\Java\javapath;C:\PROGRAM FILES\COMMON FILES\MICROSOFT SHARED\WINDOWS LIVE;C:\PROGRAM FILES (X86)\COMMON FILES\MICROSOFT SHARED\WINDOWS LIVE;%SYSTEMROOT%\SYSTEM32\WINDOWSPOWERSHELL\V1.0;C:\PROGRAM FILES (X86)\WINDOWS LIVE\SHARED;C:\PROGRAM FILES (X86)\EGISTEC MYWINLOCKER;C:\Program Files (x86)\QuickTime\QTSystem;C:\Program Files (x86)\Common Files\Autodesk Shared;C:\Program Files (x86)\Skype\Phone;C:\Program Files (x86)\Skype\Phone\;C:\Program Files (x86)\Intel\OpenCL SDK\2.0\bin\x86;C:\Program Files (x86)\Intel\OpenCL SDK\2.0\bin\x64 HKU\S-1-5-21-2770710654-563048816-2845096244-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Andrzej\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg HKU\S-1-5-21-2770710654-563048816-2845096244-501\Control Panel\Desktop\\Wallpaper -> C:\Users\Gość.ADMIN\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg DNS Servers: 192.168.0.1 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 2) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1) Zapora systemu Windows [funkcja włączona] ==================== MSCONFIG/TASK MANAGER - Wyłączone elementy == ==================== Reguły Zapory systemu Windows (filtrowane) ================ (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) FirewallRules: [{1EAC93C1-A9D8-43BC-BBD1-7464D06BE022}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [{B610CA07-DB94-4D5E-BFBF-07733516E88E}] => (Allow) LPort=2869 FirewallRules: [{98327F05-1C5E-4A41-B8DF-EABA7910E324}] => (Allow) LPort=1900 FirewallRules: [{BC3556D0-2FDF-48E7-BABD-A5E026D36A56}] => (Allow) C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [{B6F055CD-A25B-489C-84B5-E20A5B3DC639}] => (Allow) C:\Program Files (x86)\Windows Live\Mesh\MOE.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [{7B2E7628-A8FD-4756-8951-D57B7763F099}] => (Allow) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe (Apple Inc. -> Apple Inc.) FirewallRules: [{431D1045-45A5-4E56-92E2-02ECF128096A}] => (Allow) C:\Program Files (x86)\Opera\opera.exe (Opera Software AS -> Opera Software) FirewallRules: [{51C214A0-5F9A-4E6A-B823-3641F8C6CBE2}] => (Allow) C:\Program Files (x86)\Opera\opera.exe (Opera Software AS -> Opera Software) FirewallRules: [TCP Query User{1F294A2D-E4DA-4D08-AF94-8412732C2AEF}C:\program files (x86)\java\jre7\launch4j-tmp\minecraftzyczu.exe] => (Allow) C:\program files (x86)\java\jre7\launch4j-tmp\minecraftzyczu.exe (Oracle America, Inc. -> Oracle Corporation) FirewallRules: [UDP Query User{2794E6D9-C7D2-4597-BAC8-07475124C0C3}C:\program files (x86)\java\jre7\launch4j-tmp\minecraftzyczu.exe] => (Allow) C:\program files (x86)\java\jre7\launch4j-tmp\minecraftzyczu.exe (Oracle America, Inc. -> Oracle Corporation) FirewallRules: [{95622432-A629-4903-B297-3AB8171AED8F}] => (Allow) C:\Program Files (x86)\Winamp\winamp.exe (Nullsoft Inc. -> Nullsoft, Inc.) FirewallRules: [{65A33A57-8996-48A4-98A9-9B87D8F36CBD}] => (Allow) C:\Program Files (x86)\Winamp\winamp.exe (Nullsoft Inc. -> Nullsoft, Inc.) FirewallRules: [{36BE5E19-2F5D-4029-B455-4DDBCCD782F1}] => (Allow) C:\Program Files (x86)\HP\hp software update\hpwucli.exe (Hewlett-Packard Company -> Hewlett-Packard) FirewallRules: [{08DF01E6-AA76-4FCE-893A-56C8FF930E4F}] => (Allow) C:\Program Files (x86)\Maxthon5\Bin\MxUp.exe (Maxthon Technology Co, Ltd. -> Maxthon International ltd.) FirewallRules: [{C547C96D-FFD4-49C5-9D03-5E8E07524512}] => (Allow) C:\Program Files (x86)\Maxthon5\Bin\MxUp.exe (Maxthon Technology Co, Ltd. -> Maxthon International ltd.) FirewallRules: [TCP Query User{43D8EC54-C825-40FE-BEB3-CDE1C35EFE9C}C:\windows\twain_32\l6u16u2\srvmod.exe] => (Block) C:\windows\twain_32\l6u16u2\srvmod.exe (NetWork Scanner) [Brak podpisu cyfrowego] FirewallRules: [UDP Query User{4810DC52-7BC3-4167-A4D1-AE24095F82F0}C:\windows\twain_32\l6u16u2\srvmod.exe] => (Block) C:\windows\twain_32\l6u16u2\srvmod.exe (NetWork Scanner) [Brak podpisu cyfrowego] FirewallRules: [TCP Query User{BD7E47BE-1053-4A36-911B-CBCE62F21573}C:\windows\twain_32\l6u16u2\srvmod.exe] => (Allow) C:\windows\twain_32\l6u16u2\srvmod.exe (NetWork Scanner) [Brak podpisu cyfrowego] FirewallRules: [UDP Query User{C52F0CA8-FF57-40B7-A677-A4C57A50B7A0}C:\windows\twain_32\l6u16u2\srvmod.exe] => (Allow) C:\windows\twain_32\l6u16u2\srvmod.exe (NetWork Scanner) [Brak podpisu cyfrowego] FirewallRules: [{DDBA0FAC-B67B-444A-8F9B-3013F799065D}] => (Allow) C:\Program Files (x86)\Winamp\winamp.exe (Nullsoft Inc. -> Nullsoft, Inc.) FirewallRules: [{E438D69E-D29B-490D-82BF-B3B8D8001E23}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.) FirewallRules: [{D5A7DC17-C0F7-466C-A0DA-8CFE92461090}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.) FirewallRules: [{870BD7FC-4F21-48D7-9E73-818E8D2C3CD8}] => (Allow) C:\Program Files (x86)\Maxthon5\Bin\Maxthon.exe (Maxthon Technology Co, Ltd. -> Maxthon International ltd.) FirewallRules: [{CA2A570C-09F6-4046-91E9-170016135180}] => (Allow) C:\Program Files (x86)\Maxthon5\Bin\Maxthon.exe (Maxthon Technology Co, Ltd. -> Maxthon International ltd.) FirewallRules: [{BEE99D5A-DFA3-4C63-AF8A-B592A75F6746}] => (Allow) C:\Program Files (x86)\Maxthon5\Bin\Maxthon.exe (Maxthon Technology Co, Ltd. -> Maxthon International ltd.) FirewallRules: [{C6B81467-B063-4A04-930B-92FBFF9CE3DA}] => (Allow) C:\Program Files (x86)\Maxthon5\Bin\Maxthon.exe (Maxthon Technology Co, Ltd. -> Maxthon International ltd.) FirewallRules: [{6C1D3CEE-7C7D-4325-A6BE-0F8FDDF34EB4}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.) FirewallRules: [{BC028E3F-A9D8-4013-BFB3-42804EF9278F}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.) FirewallRules: [{982F9010-7ACE-4AE8-BE9B-BD83B3711FD4}] => (Allow) C:\Program Files (x86)\Opera\86.0.4363.59\opera.exe (Opera Software AS -> Opera Software) FirewallRules: [{4685EFF8-7B69-4FBE-8F44-4DBA716E2AA1}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC) FirewallRules: [{15A26632-43C3-4E2F-9D11-DFFBACF783F6}] => (Allow) C:\Program Files (x86)\Opera\86.0.4363.58\opera.exe (Opera Software AS -> Opera Software) ==================== Punkty Przywracania systemu ========================= 30-05-2022 23:28:16 Removed ESET Security 30-05-2022 23:31:00 Removed ESET Security 30-05-2022 23:55:55 Removed ESET Security 31-05-2022 00:58:47 Removed ESET Security 31-05-2022 22:17:22 Punkt przywracania utworzony przez HitmanPro 31-05-2022 22:17:50 Punkt przywracania utworzony przez HitmanPro 31-05-2022 22:18:01 Punkt przywracania utworzony przez HitmanPro 31-05-2022 22:18:26 Punkt przywracania utworzony przez HitmanPro 31-05-2022 22:20:36 Punkt przywracania utworzony przez HitmanPro 31-05-2022 22:21:09 Punkt przywracania utworzony przez HitmanPro 01-06-2022 02:03:42 Installed Surfshark ==================== Wadliwe urządzenia w Menedżerze urządzeń ============ ==================== Błędy w Dzienniku zdarzeń: ======================== Dziennik Aplikacja: ================== Error: (06/01/2022 02:39:06 PM) (Source: WinMgmt) (EventID: 10) (User: ) Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected. Error: (06/01/2022 02:32:40 AM) (Source: Application Error) (EventID: 1000) (User: ) Description: Nazwa aplikacji powodującej błąd: CsrBtOBEXService.exe, wersja: 2.1.63.0, sygnatura czasowa: 0x4f68683b Nazwa modułu powodującego błąd: CsrBtOBEXService.exe, wersja: 2.1.63.0, sygnatura czasowa: 0x4f68683b Kod wyjątku: 0xc0000005 Przesunięcie błędu: 0x0000000000006f58 Identyfikator procesu powodującego błąd: 0x6d4 Godzina uruchomienia aplikacji powodującej błąd: 0x01d87549c0beb6ee Ścieżka aplikacji powodującej błąd: C:\Program Files\CSR\CSR Harmony Wireless Software Stack\CsrBtOBEXService.exe Ścieżka modułu powodującego błąd: C:\Program Files\CSR\CSR Harmony Wireless Software Stack\CsrBtOBEXService.exe Identyfikator raportu: 57cc0e1d-e142-11ec-a805-e89a8febb777 Error: (06/01/2022 02:32:02 AM) (Source: RasClient) (EventID: 20227) (User: ) Description: Identyfikator CoId={BD46699B-04BD-4BF5-B89C-7E08BC493161}: Użytkownik SYSTEM wybrał numer w celu nawiązania połączenia o nazwie IKEv2-Surfshark Connection, jednak jego nawiązanie nie powiodło się. Kod błędu zwrócony w wyniku niepowodzenia: 0. Error: (06/01/2022 02:31:54 AM) (Source: RasClient) (EventID: 20227) (User: ) Description: Identyfikator CoId={14F08312-2E6F-4747-B5D1-98A4DE333094}: Użytkownik SYSTEM wybrał numer w celu nawiązania połączenia o nazwie IKEv2-Surfshark Connection, jednak jego nawiązanie nie powiodło się. Kod błędu zwrócony w wyniku niepowodzenia: 809. Error: (06/01/2022 02:31:45 AM) (Source: Microsoft-Windows-EapHost) (EventID: 2002) (User: ZARZĄDZANIE NT) Description: Pomijanie: nie można zweryfikować Eap method DLL path. Błąd: identyfikator typu=26, identyfikator autora=0, identyfikator dostawcy=0, typ dostawcy=0 Error: (06/01/2022 02:31:45 AM) (Source: Microsoft-Windows-EapHost) (EventID: 2002) (User: ZARZĄDZANIE NT) Description: Pomijanie: nie można zweryfikować Eap method DLL path. Błąd: identyfikator typu=25, identyfikator autora=0, identyfikator dostawcy=0, typ dostawcy=0 Error: (06/01/2022 02:31:45 AM) (Source: Microsoft-Windows-EapHost) (EventID: 2002) (User: ZARZĄDZANIE NT) Description: Pomijanie: nie można zweryfikować Eap method DLL path. Błąd: identyfikator typu=13, identyfikator autora=0, identyfikator dostawcy=0, typ dostawcy=0 Error: (06/01/2022 02:31:45 AM) (Source: Microsoft-Windows-EapHost) (EventID: 2002) (User: ZARZĄDZANIE NT) Description: Pomijanie: nie można zweryfikować Eap method DLL path. Błąd: identyfikator typu=254, identyfikator autora=311, identyfikator dostawcy=14122, typ dostawcy=1 Dziennik System: ============= Error: (06/01/2022 03:53:56 PM) (Source: DCOM) (EventID: 10010) (User: ) Description: Serwer {BB6DF56B-CACE-11DC-9992-0019B93A3A84} nie zarejestrował się w modelu DCOM w wymaganym czasie. Error: (06/01/2022 02:37:31 PM) (Source: Service Control Manager) (EventID: 7026) (User: ) Description: Nie można załadować następujących sterowników startu rozruchowego lub systemowego: C2397F875 ctsvgn nmfmfx Error: (06/01/2022 02:33:01 AM) (Source: Service Control Manager) (EventID: 7043) (User: ) Description: Usługa Funkcja Audio CSR Bluetooth nie została poprawnie zamknięta po odebraniu kodu sterującego przed zamknięciem. Error: (06/01/2022 02:32:41 AM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: Usługa CSR OBEX Service niespodziewanie zakończyła pracę. Wystąpiło to razy: 1. Error: (06/01/2022 01:54:25 AM) (Source: Service Control Manager) (EventID: 7026) (User: ) Description: Nie można załadować następujących sterowników startu rozruchowego lub systemowego: C2397F875 ctsvgn nmfmfx Error: (06/01/2022 01:28:09 AM) (Source: Service Control Manager) (EventID: 7026) (User: ) Description: Nie można załadować następujących sterowników startu rozruchowego lub systemowego: C2397F875 ctsvgn discache eamonm ehdrv HWiNFO32 nmfmfx NNSALPC NNSHTTP NNSHTTPS NNSIDS NNSPICC NNSPIHSW NNSPOP3 NNSPROT NNSPRV NNSSMTP NNSSTRM NNSTLSC PSINKNC spldr Wanarpv6 Error: (06/01/2022 01:28:09 AM) (Source: Service Control Manager) (EventID: 7001) (User: ) Description: Usługa PDF24 zależy od usługi Bufor wydruku, której nie można uruchomić z powodu następującego błędu: Uruchomienie usługi zależności lub grupy nie powiodło się. Error: (06/01/2022 01:27:43 AM) (Source: Service Control Manager) (EventID: 7043) (User: ) Description: Usługa Funkcja Audio CSR Bluetooth nie została poprawnie zamknięta po odebraniu kodu sterującego przed zamknięciem. Windows Defender: ================ Date: 2016-08-25 23:05:54.722 Description: Podczas skanowania produktu Windows Defender wykryto program szpiegujący lub inne potencjalnie niechciane oprogramowanie. Aby uzyskać więcej informacji, zobacz: http://go.microsoft.com/fwlink/?linkid=37020&name=SoftwareBundler:Win32/Tillail&threatid=224633 Nazwa:SoftwareBundler:Win32/Tillail Id.:224633 Ważność:Wysoki Kategoria:Program instalujący niezamówione pakiety oprogramowania Znaleziona ścieżka:file:C:\ProgramData\Microsoft\Windows Defender\Scans\FilesStash\B19E5A64-28D3-A25E-1C32-2A58EB8C0CFD_1d1ffdda1b42ec9;file:C:\Users\Andrzej\Downloads\installer_Unlocker_(64-bit)_sciagnij.exe;filelocalcopy:C:\ProgramData\Microsoft\Windows Defender\LocalCopy\{80C3B59D-3C62-4CF5-99F2-4E01940FE73F}-B19E5A64-28D3-A25E-1C32-2A58EB8C0CFD_1d1ffdda1b42ec9;internalfileproxy:C:\ProgramData\Microsoft\Windows Defender\Scans\FilesStash\B19E5A64-28D3-A25E-1C32-2A58EB8C0CFD_1d1ffdda1b42ec9|C:\Users\Andrzej\Downloads\installer_Unlocker_(64-bit)_sciagnij.exe;webfile:C:\ProgramData\Microsoft\Windows Defender\LocalCopy\{80C3B59D-3C62-4CF5-99F2-4E01940FE73F}-B19E5A64-28D3-A25E-1C32-2A58EB8C0CFD_1d1ffdda1b42ec9|http://www.deliverycontentnew.com/c?x=v4dtIZNu32vaXnXCQipkwmp1ueSCgvgi9HxasaEUOvo{7447E931-7D44-411A-864B-D07B84F573BF}D&c=k6.1.7601.18170FwJ1PJ89UZS9JkNasc8pfZHh62d0bCW3gYdE6.1.7601.18170BOp13bo6.1.7601.18170Baid19msDxk3MR4RbQei6.1.7601.18170F7pWKlVqDF6.1.7601.18170FYr8YrOMvhMtbsxmQxaVclSIFhNsNZg8YCmSxYZ1f73vlLH2k15xL7&fallback_url=http{7447E931-7D44-411A-864B-D07B84F573BF}A6.1.7601.18170F6.1.7601.18170Fwww.emptyloop.com6.1.7601.18170Funlocker6.1.7601.18170FUnlocker1.9.2.exe&downloadAs=installer_Unl Typ wykrycia:Konkretne Źródło wykrycia:Pobrania i załączniki Stan:Nieznane Użytkownik:ADMIN\Andrzej Nazwa procesu:C:\Program Files (x86)\Google\Chrome\Application\chrome.exe Event[0]: Date: 2017-02-20 11:01:29.126 Description: Produkt Windows Defender napotkał błąd podczas próby załadowania podpisów i podejmie próbę powrotu do znanego zestawu dobrych podpisów. Podpisy objęte próbą:Bieżące Kod błędu:0x80070003 Opis błędu:System nie może odnaleźć określonej ścieżki. Wersja podpisu:0.0.0.0 Wersja aparatu:0.0.0.0 ==================== Statystyki pamięci =========================== BIOS: INSYDE V1.06 09/29/2011 Płyta główna: Acer HMA51_HR Procesor: Intel(R) Pentium(R) CPU B960 @ 2.20GHz Procent pamięci w użyciu: 76% Całkowita pamięć fizyczna: 8043.86 MB Dostępna pamięć fizyczna: 1877.82 MB Całkowita pamięć wirtualna: 16085.86 MB Dostępna pamięć wirtualna: 4323.27 MB ==================== Dyski ================================ Drive c: (Acer) (Fixed) (Total:461.84 GB) (Free:302.78 GB) (Model: ATA SSDPR-CX400-512- SCSI Disk Device) NTFS Drive e: () (Removable) (Total:29.28 GB) (Free:1.37 GB) FAT32 \\?\Volume{d60ec125-1b59-11e1-8919-806e6f6e6963}\ (SYSTEM RESERVED) (Fixed) (Total:0.1 GB) (Free:0.07 GB) NTFS \\?\Volume{d60ec124-1b59-11e1-8919-806e6f6e6963}\ (PQSERVICE) (Fixed) (Total:15 GB) (Free:2.78 GB) NTFS ==================== MBR & Tablica partycji ==================== ========================================================== Disk: 0 (MBR Code: Windows 7/8/10) (Size: 476.9 GB) (Disk ID: 452F36E5) Partition 1: (Not Active) - (Size=15 GB) - (Type=27) Partition 2: (Active) - (Size=100 MB) - (Type=07 NTFS) Partition 3: (Not Active) - (Size=461.8 GB) - (Type=07 NTFS) ========================================================== Disk: 1 (Size: 29.3 GB) (Disk ID: 964690FA) Partition 1: (Active) - (Size=29.3 GB) - (Type=0B) ==================== Koniec Addition.txt =======================