wklejto.pl

Dodane przez: ~hipcio_stg (2021-02-02 07:49) -> text
1.
2.
3.
4.
5.
6.
7.
8.
9.
10.
11.
12.
13.
14.
15.
16.
17.
18.
19.
20.
21.
22.
23.
24.
25.
26.
27.
28.
29.
30.
31.
32.
33.
34.
35.
36.
37.
38.
39.
40.
41.
42.
43.
44.
45.
46.
47.
48.
49.
50.
51.
52.
53.
54.
55.
56.
57.
58.
59.
60.
61.
62.
63.
64.
65.
66.
67.
68.
69.
70.
71.
72.
73.
74.
75.
76.
77.
78.
79.
80.
81.
82.
83.
84.
85.
86.
87.
88.
89.
90.
91.
92.
93.
94.
95.
96.
97.
98.
99.
100.
101.
102.
103.
104.
105.
106.
107.
108.
109.
110.
111.
112.
113.
114.
115.
116.
117.
118.
119.
120.
121.
122.
123.
124.
125.
126.
127.
128.
129.
130.
131.
132.
133.
134.
135.
136.
137.
138.
139.
140.
141.
142.
143.
144.
145.
146.
147.
148.
149.
150.
151.
152.
153.
154.
155.
156.
157.
158.
159.
160.
161.
162.
163.
164.
165.
166.
167.
168.
169.
170.
171.
172.
173.
174.
175.
176.
177.
178.
179.
180.
181.
182.
183.
184.
185.
186.
187.
188.
189.
190.
191.
192.
193.
194.
195.
196.
197.
198.
199.
200.
201.
202.
203.
204.
205.
206.
207.
208.
209.
210.
211.
212.
213.
214.
215.
216.
217.
218.
219.
220.
221.
222.
223.
224.
225.
226.
227.
228.
229.
230.
231.
232.
233.
234.
235.
236.
237.
238.
239.
240.
241.
242.
243.
244.
245.
246.
247.
248.
249.
250.
251.
252.
253.
254.
255.
256.
257.
258.
259.
260.
261.
262.
263.
264.
265.
266.
267.
268.
269.
270.
271.
272.
273.
274.
275.
276.
277.
278.
279.
280.
281.
282.
283.
284.
285.
286.
287.
288.
289.
290.
291.
292.
293.
294.
295.
296.
297.
298.
299.
300.
301.
302.
303.
304.
305.
306.
307.
308.
309.
310.
311.
312.
313.
314.
315.
316.
317.
318.
319.
320.
321.
322.
323.
324.
325.
326.
327.
328.
329.
330.
331.
332.
333.
334.
335.
336.
337.
338.
339.
340.
341.
342.
343.
344.
345.
346.
347.
348.
349.
350.
351.
352.
353.
354.
355.
356.
357.
358.
359.
360.
361.
362.
363.
364.
365.
366.
367.
368.
369.
370.
371.
372.
373.
374.
375.
376.
377.
378.
379.
380.
381.
382.
383.
384.
385.
386.
387.
388.
389.
390.
391.
392.
393.
394.
395.
396.
397.
398.
399.
400.
401.
402.
403.
404.
405.
406.
407.
408.
409.
410.
411.
412.
413.
414.
415.
416.
417.
418.
419.
420.
421.
422.
423.
424.
425.
426.
427.
Rezultaty skanu uzupełniającego Farbar Recovery Scan Tool (x64) Wersja: 27-01-2021
Uruchomiony przez Marcin (02-02-2021 02:59:36)
Uruchomiony z C:\Users\Marcin\Downloads
Windows 10 Education Wersja 1809 17763.1697 (X64) (2020-01-10 20:28:16)
Tryb startu: Normal
==========================================================
 
 
==================== Konta użytkowników: =============================
 
Administrator (S-1-5-21-2645379238-1908583816-2438023672-500 - Administrator - Disabled)
Gość (S-1-5-21-2645379238-1908583816-2438023672-501 - Limited - Disabled)
Konto domyślne (S-1-5-21-2645379238-1908583816-2438023672-503 - Limited - Disabled)
Marcin (S-1-5-21-2645379238-1908583816-2438023672-1001 - Administrator - Enabled) => C:\Users\Marcin
WDAGUtilityAccount (S-1-5-21-2645379238-1908583816-2438023672-504 - Limited - Disabled)
 
==================== Centrum zabezpieczeń ========================
 
(Załączenie wejścia w fixlist spowoduje jego usunięcie.)
 
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Malwarebytes (Enabled - Up to date) {23007AD3-69FE-687C-2629-D584AFFAF72B}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
 
==================== Zainstalowane programy ======================
 
(W fixlist dozwolone tylko załączanie programów adware z flagą "Hidden" w celu ich uwidocznienia. Programy adware powinny zostać w poprawny sposób odinstalowane.)
 
7-Zip 19.00 (HKLM-x32\...\7-Zip) (Version: 19.00 - Igor Pavlov)
7-Zip 19.00 (x64) (HKLM\...\7-Zip) (Version: 19.00 - Igor Pavlov)
Adobe Acrobat Reader DC - Polish (HKLM-x32\...\{AC76BA86-7AD7-1045-7B44-AC0F074E4100}) (Version: 20.013.20074 - Adobe Systems Incorporated)
Adobe Flash Player 32 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 32.0.0.465 - Adobe)
AMD Radeon Settings (HKLM\...\WUCCCApp) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.)
Apple Application Support (32-bit) (HKLM-x32\...\{A7039CC9-4669-4799-92B1-C5CE346DBE3D}) (Version: 8.3 - Apple Inc.)
Apple Application Support (64-bit) (HKLM\...\{DA78A9DC-3599-4D81-A960-B679687A6C14}) (Version: 8.3 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{7D606B87-0AEB-4C27-ABCE-1138EE09777B}) (Version: 13.0.0.41 - Apple Inc.)
ASIO4ALL (HKLM-x32\...\ASIO4ALL) (Version: 2.14 - Michael Tippach)
Audacity 1.2.6 (HKLM-x32\...\Audacity_is1) (Version:  - )
BEHRINGER USB AUDIO DRIVER (HKLM\...\USB_AUDIO_DEusb-audio.deBehringer2902) (Version:  - )
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
Catalyst Control Center Next Localization BR (HKLM\...\{E7AA1A02-575C-14C6-FBEF-4BE6D46A5B74}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHS (HKLM\...\{EB6C44F1-0F78-FE10-BC63-90BA50AB0CE9}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHT (HKLM\...\{B26D75B8-FAB7-6F8B-767F-BAF975383D91}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CS (HKLM\...\{36EDC500-E4C0-371C-9865-08450415C1E9}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DA (HKLM\...\{4C2FB7FD-89FD-BA5C-585A-3811F326AD34}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DE (HKLM\...\{D74218A3-C503-57EF-AC9F-2220082E7ADE}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization EL (HKLM\...\{DA433FCF-90A1-19A5-65A7-FDF82DE4826D}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization ES (HKLM\...\{949F125B-A6CC-5A5E-EEE7-4AC50305C1FA}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FI (HKLM\...\{20D46801-147B-30AD-7C5A-AC4560A79096}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FR (HKLM\...\{22C39711-2747-D264-319A-1550BEEAAEC6}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization HU (HKLM\...\{1DBACFDB-5E43-7882-36BD-53526D34BD22}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization IT (HKLM\...\{A91FC4BF-C1EC-ADCA-79D1-F4F0671F1D60}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization JA (HKLM\...\{ED75A775-03A7-F214-868D-497748707968}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization KO (HKLM\...\{07BFBD5C-2F63-6828-1B61-B41A44113F3B}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NL (HKLM\...\{E6038D3E-5D87-8DF7-6D05-BE7532C3E73E}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NO (HKLM\...\{DFAD9DAC-4768-C8BB-4E0E-5239605A9BEA}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization PL (HKLM\...\{FFBFBD1F-B160-A119-7C43-8584FA2E5665}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization RU (HKLM\...\{4D1D5407-9B69-6422-629C-8518A26004A4}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization SV (HKLM\...\{A8379BAB-59A9-C0A3-8BCC-4852EA403692}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TH (HKLM\...\{24DF617A-CD23-6E6A-126B-23630D2781CE}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TR (HKLM\...\{83DDDFD8-AD42-72F9-E4F1-5456FDB304C9}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
CPUID CPU-Z 1.94 (HKLM\...\CPUID CPU-Z_is1) (Version: 1.94 - CPUID, Inc.)
Discord (HKU\S-1-5-21-2645379238-1908583816-2438023672-1001\...\Discord) (Version: 0.0.309 - Discord Inc.)
FACEIT (HKU\S-1-5-21-2645379238-1908583816-2438023672-1001\...\FACEITApp) (Version: 1.25.1 - FACEIT Ltd.)
FACEIT Anti-Cheat (HKLM\...\{1419E44C-0EF4-4822-9194-9F1A4D43973D}_is1) (Version: 2.0 - FACEIT LTD)
Finale (HKLM\...\{7D32EB2C-4144-4EF3-BA4A-84B4ECAC7D16}) (Version: 26.3.1.520 - MakeMusic)
Finale NotePad 2012 (HKLM-x32\...\Finale NotePad 2012) (Version: 2012..r1.5 - MakeMusic)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 88.0.4324.104 - Google LLC)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.36.51 - Google LLC) Hidden
Hammer 88 Preset Editor 1.0.7  (HKLM\...\{47D97A57-C048-4B78-A25E-8625BE6C3B32}) (Version: 1.0.7 - M-Audio)
Kalejdoskop ucznia. Informatyka. Klasa 3 1.0.0 (only current user) (HKU\S-1-5-21-2645379238-1908583816-2438023672-1001\...\d30e1452-552b-5e86-a168-1310deb85d1f) (Version: 1.0.0 - WSiP)
Malwarebytes version 4.3.0.98 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 4.3.0.98 - Malwarebytes)
M-Audio AIR HUB 1.0.5 (HKLM\...\{71C0254E-D907-4A7B-97AE-00700BCDE217}) (Version: 1.0.5 - M-Audio)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 88.0.705.56 - Microsoft Corporation)
Microsoft Edge Update (HKLM-x32\...\Microsoft Edge Update) (Version: 1.3.139.71 - )
Microsoft Office Enterprise 2007 (HKLM-x32\...\ENTERPRISE) (Version: 12.0.4518.1014 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-2645379238-1908583816-2438023672-1001\...\OneDriveSetup.exe) (Version: 20.201.1005.0009 - Microsoft Corporation)
Microsoft Teams (HKU\S-1-5-21-2645379238-1908583816-2438023672-1001\...\Teams) (Version: 1.3.00.34662 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{BF91429C-D353-49D6-8CFA-B5B080EB8D18}) (Version: 2.70.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (HKLM\...\{350AA351-21FA-3270-8B7A-835434E766AD}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.30319 (HKLM-x32\...\{196BB40D-1578-3D01-B289-BEFC77A11A1E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x64) - 14.26.28720 (HKLM-x32\...\{7d607fb4-7e28-4c7a-a92f-3fcdaf555faf}) (Version: 14.26.28720.3 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x86) - 14.25.28508 (HKLM-x32\...\{65e650ff-30be-469d-b63a-418d71ea1765}) (Version: 14.25.28508.3 - Microsoft Corporation)
MMFonts (HKLM-x32\...\{7564F180-CD44-4721-88FB-F88E7782D604}) (Version: 1.1.1.1 - MakeMusic, Inc.)
Mozilla Firefox 85.0 (x64 pl) (HKLM\...\Mozilla Firefox 85.0 (x64 pl)) (Version: 85.0 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 72.0.1 - Mozilla)
MTG Arena (HKLM\...\{9A330D3A-2883-4735-9659-C778942A5F05}) (Version: 0.1.3372 - Wizards of the Coast)
MuseScore 3 (HKLM\...\{0595F182-4FEF-48B9-B32A-7FB2B58B4D40}) (Version: 3.5.2.311459983 - Werner Schweer and Others)
PACE License Support Win64 (HKLM\...\{034EBDB8-02DA-4ce3-A4BF-3833BD932C7C}) (Version: 5.2.0.3015 - PACE Anti-Piracy, Inc.) Hidden
PACE License Support Win64 (HKLM-x32\...\InstallShield_{034EBDB8-02DA-4ce3-A4BF-3833BD932C7C}) (Version: 5.2.0.3015 - PACE Anti-Piracy, Inc.)
REAPER (HKLM-x32\...\REAPER) (Version:  - )
Roblox Player for Marcin (HKU\S-1-5-21-2645379238-1908583816-2438023672-1001\...\roblox-player) (Version:  - Roblox Corporation)
SONiVOX EightyEight 2 (HKLM-x32\...\SONiVOX EightyEight 2_is1) (Version:  - )
SpyHunter 5 (HKLM-x32\...\SpyHunter5) (Version: 5.10.7.226 - EnigmaSoft Limited)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.5.3 - TeamSpeak Systems GmbH)
Ubisoft Connect (HKLM-x32\...\Uplay) (Version: 114.1 - Ubisoft)
 
Packages:
=========
Dodatek Aparat multimediów dla aplikacji Zdjęcia -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2020-10-15] (Microsoft Corporation)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2020-01-10] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2020-01-10] (Microsoft Corporation) [MS Ad]
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.9.1252.0_x64__8wekyb3d8bbwe [2021-02-01] (Microsoft Studios) [MS Ad]
Skype -> C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.56.102.0_x64__kzf8qxf38zg5c [2020-02-05] (Skype)
 
==================== Niestandardowe rejestracje CLSID (filtrowane): ==============
 
(Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.)
 
CustomCLSID: HKU\S-1-5-21-2645379238-1908583816-2438023672-1001_Classes\CLSID\{19A6E644-14E6-4A60-B8D7-DD20610A871D}\InprocServer32 -> C:\Users\Marcin\AppData\Local\Microsoft\TeamsMeetingAddin\1.0.20289.5\x64\Microsoft.Teams.AddinLoader.dll (Microsoft Corporation -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2645379238-1908583816-2438023672-1001_Classes\CLSID\{CB965DF1-B8EA-49C7-BDAD-5457FDC1BF92}\InprocServer32 -> C:\Users\Marcin\AppData\Local\Microsoft\TeamsMeetingAddin\1.0.20244.4\x64\Microsoft.Teams.AddinLoader.dll => Brak pliku
ShellExecuteHooks-x32: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2210608 2006-10-27] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2019-02-21] (Igor Pavlov) [Brak podpisu cyfrowego]
ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} =>  -> Brak pliku
ContextMenuHandlers1: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} =>  -> Brak pliku
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2021-02-02] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers3: [{4A7C4306-57E0-4C0C-83A9-78C1528F618C}] -> {4A7C4306-57E0-4C0C-83A9-78C1528F618C} =>  -> Brak pliku
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2019-02-21] (Igor Pavlov) [Brak podpisu cyfrowego]
ContextMenuHandlers5: [ACE] -> {5E2121EE-0300-11D4-8D3B-444553540000} => C:\Program Files\AMD\CNext\CNext\atiacm64.dll [2017-04-24] (Advanced Micro Devices, Inc.) [Brak podpisu cyfrowego]
ContextMenuHandlers6: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2019-02-21] (Igor Pavlov) [Brak podpisu cyfrowego]
ContextMenuHandlers6: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} =>  -> Brak pliku
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2021-02-02] (Malwarebytes Corporation -> Malwarebytes)
 
==================== Codecs (filtrowane) ====================
 
==================== Skróty & WMI ========================
 
==================== Załadowane moduły (filtrowane) =============
 
==================== Alternate Data Streams (filtrowane) ========
 
(Załączenie wejścia w fixlist spowoduje usunięcie strumienia ADS.)
 
AlternateDataStreams: C:\ProgramData\PACE:787DFD260BD4240B [217]
 
==================== Tryb awaryjny (filtrowane) ==================
 
(Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Wartość "AlternateShell" zostanie przywrócona.)
 
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
 
==================== Powiązania plików (filtrowane) =================
 
==================== Internet Explorer (filtrowane) ==========
 
SearchScopes: HKLM-x32 -> DefaultScope - brak wartości
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2006-10-27] (Microsoft Corporation -> Microsoft Corporation)
 
==================== Hosts - zawartość: =========================
 
(Użycie dyrektywy Hosts: w fixlist spowoduje reset pliku Hosts.)
 
2018-09-15 08:31 - 2018-09-15 08:31 - 000000824 _____ C:\Windows\system32\drivers\etc\hosts
 
==================== Inne obszary ===========================
 
(Obecnie brak automatycznej naprawy dla tej sekcji.)
 
HKU\S-1-5-21-2645379238-1908583816-2438023672-1001\Control Panel\Desktop\\Wallpaper -> c:\users\marcin\appdata\local\packages\microsoft.windows.photos_8wekyb3d8bbwe\localstate\photosappbackground\thumb-1920-143357.jpg
DNS Servers: 192.168.0.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: )
Zapora systemu Windows [funkcja włączona]
 
==================== MSCONFIG/TASK MANAGER - Wyłączone elementy ==
 
(Załączenie wejścia w fixlist spowoduje jego usunięcie.)
 
HKU\S-1-5-21-2645379238-1908583816-2438023672-1001\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-2645379238-1908583816-2438023672-1001\...\StartupApproved\Run: => "Steam"
HKU\S-1-5-21-2645379238-1908583816-2438023672-1001\...\StartupApproved\Run: => "Discord"
HKU\S-1-5-21-2645379238-1908583816-2438023672-1001\...\StartupApproved\Run: => "FACEIT"
 
==================== Reguły Zapory systemu Windows (filtrowane) ================
 
(Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.)
 
FirewallRules: [{1C87C4F0-3235-4AA7-998D-E2249744584A}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{380CA951-31FD-4561-80C2-FF052FF2EFF7}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{51E7BB15-B9C0-43DE-BB1C-0BA0D9FFE860}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{EEE15442-4686-4C64-8F3B-A78D53613E85}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{D076E259-8179-4B92-92B9-7133EAD9351E}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe => Brak pliku
FirewallRules: [{6D96605C-4B37-4922-9B18-E3E7B9A0ACDB}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe => Brak pliku
FirewallRules: [{FB43952B-40DD-4A9C-A3B9-E0DC5D9383EE}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe (Valve -> )
FirewallRules: [{7DA32F86-3D77-45A9-9A80-A684F07CB9A2}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe (Valve -> )
FirewallRules: [TCP Query User{FDB0D389-4FD4-4902-B99A-52ACE9B0B3FD}C:\program files (x86)\wizards of the coast\mtga\mtga.exe] => (Allow) C:\program files (x86)\wizards of the coast\mtga\mtga.exe => Brak pliku
FirewallRules: [UDP Query User{82935FA1-5DE0-4DB7-A933-8ACF9257D320}C:\program files (x86)\wizards of the coast\mtga\mtga.exe] => (Allow) C:\program files (x86)\wizards of the coast\mtga\mtga.exe => Brak pliku
FirewallRules: [{3D3123B4-0347-4099-837C-570BCCB90FF0}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{2982E8EB-3610-42E0-B5C1-99A725ABFD45}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{C030E208-040A-4B70-A80A-9CA8CB147A80}] => (Allow) C:\Program Files (x86)\3uTools\libXunlei\Download\MiniThunderPlatform.exe => Brak pliku
FirewallRules: [{D3F86488-832F-4052-8116-8EDC46359675}] => (Allow) C:\Program Files (x86)\3uTools\libXunlei\Download\MiniThunderPlatform.exe => Brak pliku
FirewallRules: [{1A897B77-0BAB-4DDB-B229-D7EC0DAC3A60}] => (Allow) LPort=80
FirewallRules: [{F3234A2B-D2B2-4FB8-B86B-234D651C06BD}] => (Allow) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{0B401D36-261D-4AD1-9100-3721332ABDE7}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{FA5EFCAE-26E6-408D-A2D1-0BB4A7D258AE}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{955F2137-F308-4170-9E31-959FAC4D00CD}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{459384C3-1BD2-469E-BBD5-87D5128286F8}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{1F21043E-5D34-4224-9B1B-442FDFEDCCCC}] => (Allow) LPort=27015
FirewallRules: [TCP Query User{55A88718-9C4D-45DD-A0D7-856355131C83}C:\program files\wizards of the coast\mtga\mtga.exe] => (Allow) C:\program files\wizards of the coast\mtga\mtga.exe (Wizards of the Coast, LLC -> )
FirewallRules: [UDP Query User{8D0945F6-5BB1-40C1-8B7D-CEEC29B079EE}C:\program files\wizards of the coast\mtga\mtga.exe] => (Allow) C:\program files\wizards of the coast\mtga\mtga.exe (Wizards of the Coast, LLC -> )
FirewallRules: [{86C2D151-B64E-4247-BDBF-75300230F435}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Among Us\Among Us.exe () [Brak podpisu cyfrowego]
FirewallRules: [{0E76D5B3-E56B-4AFE-ADBB-918F20027214}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Among Us\Among Us.exe () [Brak podpisu cyfrowego]
FirewallRules: [{1166F154-F390-438D-AF02-B73068F6849A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Uno\UNO.exe (UBISOFT ENTERTAINMENT INC. -> )
FirewallRules: [{D516C31F-C273-4D17-A13A-193B05290D39}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Uno\UNO.exe (UBISOFT ENTERTAINMENT INC. -> )
FirewallRules: [TCP Query User{DC1FB4D9-1AD0-44F1-BF74-0A3CA43FE339}C:\users\marcin\appdata\local\microsoft\teams\current\teams.exe] => (Block) C:\users\marcin\appdata\local\microsoft\teams\current\teams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [UDP Query User{ED0CD170-F3EE-4E74-91AE-BDB2A417E5EF}C:\users\marcin\appdata\local\microsoft\teams\current\teams.exe] => (Block) C:\users\marcin\appdata\local\microsoft\teams\current\teams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{C93DCE90-E1C0-4A1A-92D2-729315830A2D}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
 
==================== Punkty Przywracania systemu =========================
 
13-01-2021 20:10:35 Windows Update
22-01-2021 22:50:14 Zaplanowany punkt kontrolny
01-02-2021 20:07:57 Zaplanowany punkt kontrolny
 
==================== Wadliwe urządzenia w Menedżerze urządzeń ============
 
 
==================== Błędy w Dzienniku zdarzeń: ========================
 
Dziennik Aplikacja:
==================
Error: (01/26/2021 08:48:35 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Local Hostname DESKTOP-O8F7184.local already in use; will try DESKTOP-O8F7184-2.local instead
 
Error: (01/26/2021 08:48:35 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: mDNSCoreReceiveResponse: ProbeCount 2; will deregister    4 DESKTOP-O8F7184.local. Addr 192.168.0.74
 
Error: (01/26/2021 08:48:35 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: mDNSCoreReceiveResponse: Received from 192.168.0.74:5353   16 DESKTOP-O8F7184.local. AAAA 2A02:A31C:A03E:9880:DC43:5913:3CA9:3A75
 
Error: (01/26/2021 08:48:34 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: mDNSCoreReceiveResponse: Resetting to Probing:   16 DESKTOP-O8F7184.local. AAAA FE80:0000:0000:0000:C5BC:88B9:1193:FBC4
 
Error: (01/26/2021 08:48:34 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: mDNSCoreReceiveResponse: Received from 192.168.0.74:5353   16 DESKTOP-O8F7184.local. AAAA 2A02:A31C:A03E:9880:DC43:5913:3CA9:3A75
 
Error: (01/26/2021 08:48:34 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: mDNSCoreReceiveResponse: Resetting to Probing:   16 DESKTOP-O8F7184.local. AAAA 2A02:A31C:A03E:9880:F843:6DE4:9261:BDBB
 
Error: (01/26/2021 08:48:34 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: mDNSCoreReceiveResponse: Received from 192.168.0.74:5353   16 DESKTOP-O8F7184.local. AAAA 2A02:A31C:A03E:9880:DC43:5913:3CA9:3A75
 
Error: (01/26/2021 08:48:34 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: mDNSCoreReceiveResponse: Resetting to Probing:   16 DESKTOP-O8F7184.local. AAAA 2A02:A31C:A03E:9880:DD05:156B:7310:16C6
 
 
Dziennik System:
=============
Error: (02/02/2021 02:36:21 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Usługa PACE License Services niespodziewanie zakończyła pracę. Wystąpiło to razy: 1. W przeciągu 2000 milisekund zostanie podjęta następująca czynność korekcyjna: Uruchom usługę ponownie.
 
Error: (02/02/2021 02:36:21 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Usługa Adobe Acrobat Update Service niespodziewanie zakończyła pracę. Wystąpiło to razy: 1.
 
Error: (02/02/2021 02:36:21 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Usługa AIR HUB Audio Device Monitor niespodziewanie zakończyła pracę. Wystąpiło to razy: 1.
 
Error: (02/02/2021 02:36:21 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Usługa Apple Mobile Device Service niespodziewanie zakończyła pracę. Wystąpiło to razy: 1. W przeciągu 60000 milisekund zostanie podjęta następująca czynność korekcyjna: Uruchom usługę ponownie.
 
Error: (02/02/2021 02:36:21 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Usługa SpyHunter 5 Kernel Monitor niespodziewanie zakończyła pracę. Wystąpiło to razy: 1.
 
Error: (02/02/2021 02:36:21 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Usługa Usługa Bonjour niespodziewanie zakończyła pracę. Wystąpiło to razy: 1.
 
Error: (02/02/2021 02:36:21 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Usługa AMD External Events Utility niespodziewanie zakończyła pracę. Wystąpiło to razy: 1.
 
Error: (02/02/2021 02:32:12 AM) (Source: DCOM) (EventID: 10016) (User: ZARZĄDZANIE NT)
Description: Zgodnie z ustawieniami uprawnienia właściwe dla aplikacji nie jest udzielane uprawnienie Lokalny Uruchom do aplikacji serwera COM z identyfikatorem klasy CLSID 
Windows.SecurityCenter.WscDataProtection
 i identyfikatorem aplikacji APPID 
Niedostępny
 użytkownikowi ZARZĄDZANIE NT\SYSTEM o identyfikatorze zabezpieczeń SID (S-1-5-18) z adresu LocalHost (użycie LRPC) działającemu w kontenerze aplikacji o identyfikatorze SID Niedostępny (Niedostępny). To uprawnienie zabezpieczeń można modyfikować przy użyciu narzędzia administracyjnego Usługi składowe.
 
 
Windows Defender:
===================================
Date: 2021-02-02 01:26:14.652
Description: 
Produkt Program antywirusowy Windows Defender wykrył złośliwe oprogramowanie lub inne potencjalnie niechciane oprogramowanie.
Aby uzyskać więcej informacji, zobacz:
https://go.microsoft.com/fwlink/?linkid=37020&name=Trojan:Win32/Occamy.AB&threatid=2147755095&enterprise=0
Nazwa: Trojan:Win32/Occamy.AB
Identyfikator: 2147755095
Ważność: Poważny
Kategoria: Koń trojański
Ścieżka: containerfile:_D:\AdwCleaner\Quarantine\C\Program Files (x86)\ShopperPro\JSDriver\1.37.0.486\jsdrv.exe.vir; file:_D:\AdwCleaner\Quarantine\C\Program Files (x86)\ShopperPro\JSDriver\1.37.0.486\jsdrv.exe.vir->[lowcase_mzpe]
Pochodzenie wykrycia: Komputer lokalny
Typ wykrycia: FastPath
Źródło wykrycia: System
Użytkownik: ZARZĄDZANIE NT\SYSTEM
Nazwa procesu: Unknown
Wersja podpisu: AV: 1.329.3327.0, AS: 1.329.3327.0, NIS: 1.329.3327.0
Wersja aparatu: AM: 1.1.17700.4, NIS: 1.1.17700.4
 
Date: 2021-02-02 01:25:53.089
Description: 
Produkt Program antywirusowy Windows Defender wykrył złośliwe oprogramowanie lub inne potencjalnie niechciane oprogramowanie.
Aby uzyskać więcej informacji, zobacz:
https://go.microsoft.com/fwlink/?linkid=37020&name=Trojan:Win32/Occamy.AB&threatid=2147755095&enterprise=0
Nazwa: Trojan:Win32/Occamy.AB
Identyfikator: 2147755095
Ważność: Poważny
Kategoria: Koń trojański
Ścieżka: containerfile:_D:\AdwCleaner\Quarantine\C\Program Files (x86)\ShopperPro\JSDriver\1.37.0.486\jsdrv.exe.vir; file:_D:\AdwCleaner\Quarantine\C\Program Files (x86)\ShopperPro\JSDriver\1.37.0.486\jsdrv.exe.vir->[lowcase_mzpe]
Pochodzenie wykrycia: Komputer lokalny
Typ wykrycia: FastPath
Źródło wykrycia: System
Użytkownik: ZARZĄDZANIE NT\SYSTEM
Nazwa procesu: Unknown
Wersja podpisu: AV: 1.329.3327.0, AS: 1.329.3327.0, NIS: 1.329.3327.0
Wersja aparatu: AM: 1.1.17700.4, NIS: 1.1.17700.4
 
Date: 2021-02-02 01:25:45.602
Description: 
Produkt Program antywirusowy Windows Defender wykrył złośliwe oprogramowanie lub inne potencjalnie niechciane oprogramowanie.
Aby uzyskać więcej informacji, zobacz:
https://go.microsoft.com/fwlink/?linkid=37020&name=Trojan:Win32/Occamy.AB&threatid=2147755095&enterprise=0
Nazwa: Trojan:Win32/Occamy.AB
Identyfikator: 2147755095
Ważność: Poważny
Kategoria: Koń trojański
Ścieżka: containerfile:_D:\AdwCleaner\Quarantine\C\Program Files (x86)\ShopperPro\JSDriver\1.37.0.486\jsdrv.exe.vir; file:_D:\AdwCleaner\Quarantine\C\Program Files (x86)\ShopperPro\JSDriver\1.37.0.486\jsdrv.exe.vir->[lowcase_mzpe]
Pochodzenie wykrycia: Komputer lokalny
Typ wykrycia: FastPath
Źródło wykrycia: Ochrona w czasie rzeczywistym
Użytkownik: DESKTOP-O8F7184\Marcin
Nazwa procesu: C:\Users\Marcin\Downloads\esetonlinescanner.exe
Wersja podpisu: AV: 1.329.3327.0, AS: 1.329.3327.0, NIS: 1.329.3327.0
Wersja aparatu: AM: 1.1.17700.4, NIS: 1.1.17700.4
 
Date: 2021-02-01 19:19:53.835
Description: 
Skanowanie produktu Program antywirusowy Windows Defender zostało zatrzymane przed ukończeniem.
Identyfikator skanowania: {EA430169-38F2-458D-A577-9C62D147436E}
Typ skanowania: Narzędzia chroniące przed złośliwym oprogramowaniem
Parametry skanowania: Szybkie skanowanie
Użytkownik: ZARZĄDZANIE NT\SYSTEM
 
Date: 2021-01-26 18:02:08.545
Description: 
Skanowanie produktu Program antywirusowy Windows Defender zostało zatrzymane przed ukończeniem.
Identyfikator skanowania: {4214A295-72F2-4CA3-B656-1480213F2F84}
Typ skanowania: Narzędzia chroniące przed złośliwym oprogramowaniem
Parametry skanowania: Szybkie skanowanie
Użytkownik: ZARZĄDZANIE NT\SYSTEM
 
CodeIntegrity:
===================================
 
Date: 2021-02-02 03:00:12.713
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Windows signing level requirements.
 
Date: 2021-02-02 03:00:12.710
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Windows signing level requirements.
 
Date: 2021-02-02 03:00:12.167
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Windows signing level requirements.
 
Date: 2021-02-02 03:00:12.163
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Windows signing level requirements.
 
Date: 2021-02-02 02:54:43.020
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements.
 
Date: 2021-02-02 02:54:43.015
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements.
 
Date: 2021-02-02 02:45:23.769
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements.
 
Date: 2021-02-02 02:45:23.764
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements.
 
==================== Statystyki pamięci =========================== 
 
BIOS: American Megatrends Inc. 1302 11/15/2012
Płyta główna: ASUSTeK COMPUTER INC. M5A97 EVO R2.0
Procesor: AMD FX(tm)-8350 Eight-Core Processor 
Procent pamięci w użyciu: 22%
Całkowita pamięć fizyczna: 24477.57 MB
Dostępna pamięć fizyczna: 19082.59 MB
Całkowita pamięć wirtualna: 28061.57 MB
Dostępna pamięć wirtualna: 23109.68 MB
 
==================== Dyski ================================
 
Drive c: () (Fixed) (Total:238.47 GB) (Free:77.94 GB) NTFS
Drive d: () (Fixed) (Total:931.51 GB) (Free:611.92 GB) NTFS
Drive e: () (Fixed) (Total:931.41 GB) (Free:282.66 GB) NTFS
 
\\?\Volume{1b38754b-0000-0000-0000-100000000000}\ (Zastrzeżone przez system) (Fixed) (Total:0.1 GB) (Free:0.05 GB) NTFS
 
==================== MBR & Tablica partycji ====================
 
==========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 931.5 GB) (Disk ID: 519D639F)
Partition 1: (Not Active) - (Size=931.5 GB) - (Type=07 NTFS)
 
==========================================================
Disk: 1 (MBR Code: Windows 7/8/10) (Size: 931.5 GB) (Disk ID: 1B38754B)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=931.4 GB) - (Type=07 NTFS)
 
==========================================================
Disk: 2 (MBR Code: Windows 7/8/10) (Size: 238.5 GB) (Disk ID: C8AB901B)
Partition 1: (Not Active) - (Size=238.5 GB) - (Type=07 NTFS)
 
==================== Koniec  Addition.txt =======================
Wygenerowano w 0.006s, przy pomocy GeSHi 1.0.8
'
Podziel się na Facebook Podziel się na BLIP Podziel się na Twitter Podziel się na Buzz Podziel się na Flaker Dodaj zakładkę Google Podziel się na Delicious Wykop to!

Nowy Komentarz:

Komentarze:

Brak Komentarzy!