Rezultaty skanu uzupełniającego Farbar Recovery Scan Tool (x64) Wersja: 24.02.2019 02 Uruchomiony przez Dawid (24-02-2019 22:04:36) Uruchomiony z C:\Users\Dawid\Desktop\frst Windows 10 Home Wersja 1803 17134.590 (X64) (2018-06-04 01:02:58) Tryb startu: Normal ========================================================== ==================== Konta użytkowników: ============================= Administrator (S-1-5-21-55963522-1064848890-21313104-500 - Administrator - Disabled) Dawid (S-1-5-21-55963522-1064848890-21313104-1001 - Administrator - Enabled) => C:\Users\Dawid Gość (S-1-5-21-55963522-1064848890-21313104-501 - Limited - Disabled) Konto domyślne (S-1-5-21-55963522-1064848890-21313104-503 - Limited - Disabled) WDAGUtilityAccount (S-1-5-21-55963522-1064848890-21313104-504 - Limited - Disabled) ==================== Centrum zabezpieczeń ======================== (Załączenie wejścia w fixlist spowoduje jego usunięcie.) AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} ==================== Zainstalowane programy ====================== (W fixlist dozwolone tylko załączanie programów adware z flagą "Hidden" w celu ich uwidocznienia. Programy adware powinny zostać w poprawny sposób odinstalowane.) ACA & MEP 2019 Object Enabler (HKLM\...\{28B89EEF-2004-0000-5102-CF3F3A09B77D}) (Version: 8.1.44.0 - Autodesk) Hidden ACAD Private (HKLM\...\{28B89EEF-2001-0000-3102-CF3F3A09B77D}) (Version: 23.0.46.0 - Autodesk) Hidden Adobe Flash Player 32 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 32.0.0.142 - Adobe Systems Incorporated) Adobe Flash Player 32 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 32.0.0.142 - Adobe Systems Incorporated) Advanced Renamer (HKLM-x32\...\Advanced Renamer_is1) (Version: 3.84 - Hulubulu Software) Akamai NetSession Interface (HKU\S-1-5-21-55963522-1064848890-21313104-1001\...\Akamai) (Version: - Akamai Technologies, Inc) Aktualizacje NVIDIA 28.0.0.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 28.0.0.0 - NVIDIA Corporation) Hidden Aplikacja na pulpit firmy Autodesk (HKLM-x32\...\Autodesk Desktop App) (Version: 7.0.10.89 - Autodesk) Apple Application Support (32-bit) (HKLM-x32\...\{E92BB800-BCC5-4C25-8102-AC2C3B7C7C1E}) (Version: 5.5 - Apple Inc.) Apple Application Support (64-bit) (HKLM\...\{9C912B1E-06DD-43EF-BB2B-45CB2C88BAAE}) (Version: 5.5 - Apple Inc.) Apple Mobile Device Support (HKLM\...\{0A596141-97D5-45FA-9281-98DFAF48D579}) (Version: 10.3.2.3 - Apple Inc.) Apple Software Update (HKLM-x32\...\{52D87F32-70E4-4348-8148-C0B9F35B1314}) (Version: 2.3.0.177 - Apple Inc.) ASUS Smart Gesture (HKLM-x32\...\{4D3286A6-F6AB-498A-82A4-E4F040529F3D}) (Version: 4.0.9 - ASUS) ASUS Splendid Video Enhancement Technology (HKLM-x32\...\{0969AF05-4FF6-4C00-9406-43599238DE0D}) (Version: 3.14.0006 - ASUS) ASUS USB Charger Plus (HKLM-x32\...\{A859E3E5-C62F-4BFA-AF1D-2B95E03166AF}) (Version: 4.1.6 - ASUS) ASUS Virtual Camera (HKLM-x32\...\{EC8BD21F-0CA0-4BBF-97D9-4A52B30041A1}) (Version: 1.0.30 - ASUS) ATK Package (HKLM-x32\...\{AB5C933E-5C7D-4D30-B314-9C83A49B94BE}) (Version: 1.0.0040 - ASUS) AudioWizard (HKLM-x32\...\{57E770A2-2BAF-4CAA-BAA3-BD896E2254D3}) (Version: 1.0.0.85 - ICEpower a/s) AutoCAD 2019 — polski (Polish) (HKLM\...\{28B89EEF-2001-0415-2102-CF3F3A09B77D}) (Version: 23.0.46.0 - Autodesk) Hidden AutoCAD 2019 (HKLM\...\{28B89EEF-2001-0000-0102-CF3F3A09B77D}) (Version: 23.0.46.0 - Autodesk) Hidden AutoCAD 2019 Language Pack – polski (Polish) (HKLM\...\{28B89EEF-2001-0415-1102-CF3F3A09B77D}) (Version: 23.0.46.0 - Autodesk) Hidden Autodesk App Manager 2016-2019 (HKLM-x32\...\{C1BF29A7-2D9E-4E8D-A3C1-02F6B20B8AB7}) (Version: 2.5.0 - Autodesk) Autodesk AutoCAD 2019 — polski (Polish) (HKLM\...\AutoCAD 2019 — polski (Polish)) (Version: 23.0.46.0 - Autodesk) Autodesk AutoCAD Performance Feedback Tool 1.3.0 (HKLM-x32\...\{448BC38C-2654-48CD-BB43-F59A37854A3E}) (Version: 1.3.0.0 - Autodesk) Autodesk Featured Apps 2016-2019 (HKLM-x32\...\{79F5747D-A961-4CCD-88B0-41F004D79AEB}) (Version: 2.5.0 - Autodesk) Autodesk License Service (x64) - 7.1.4 (HKLM\...\{F53D6D10-7A75-4A39-8C53-A3D855C7C50A}) (Version: 7.1.4.0 - Autodesk) Autodesk Material Library 2019 (HKLM-x32\...\{8F69EE2C-DC34-4746-9B47-7511147BD4B0}) (Version: 17.11.3.0 - Autodesk) Autodesk Material Library Base Resolution Image Library 2019 (HKLM-x32\...\{3AAA4C1B-51DA-487D-81A3-4234DBB9A8F9}) (Version: 17.11.3.0 - Autodesk) Autodesk ReCap (HKLM\...\{50EDF910-0000-1033-0102-E3D118CE2EEA}) (Version: 5.0.0.40 - Autodesk) Hidden Autodesk ReCap (HKLM\...\Autodesk ReCap 360) (Version: 5.0.0.40 - Autodesk) Autodesk ReCap Photo (HKLM\...\{0E4FA9C0-0000-1033-0102-1B3A7F15D307}) (Version: 19.0.0.38 - Autodesk) Hidden Autodesk ReCap Photo (HKLM\...\Autodesk ReCap Photo) (Version: 19.0.0.38 - Autodesk) Awesome Duplicate Photo Finder v. 1.1 (HKLM-x32\...\Awesome Duplicate Photo Finder_is1) (Version: - Duplicate-Finder.com) BCS Manager 1.4.213 (HKLM\...\BCSManager_is1) (Version: 1.4.213 - NSS Sp. z o.o.) BitComet 1.45 (HKLM-x32\...\BitComet_x64) (Version: 1.45 - CometNetwork) Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.) CCleaner (HKLM\...\CCleaner) (Version: 5.52 - Piriform) Conexant HD Audio (HKLM\...\CNXT_AUDIO_HDA) (Version: 8.66.30.60 - Conexant) Device Setup (HKLM-x32\...\{8D6B05E0-F457-408C-9D13-549334D8FAE1}) (Version: 2.0.3 - ASUSTek Computer Inc.) Dropbox 25 GB (HKLM-x32\...\{0867A88D-764F-366E-9E21-130DA8B472C3}) (Version: 3.1.18.0 - Dropbox, Inc.) Dropbox Update Helper (HKLM-x32\...\{099218A5-A723-43DC-8DB5-6173656A1E94}) (Version: 1.3.189.1 - Dropbox, Inc.) Hidden Farming Simulator 17 (HKLM-x32\...\FarmingSimulator2017_is1) (Version: 1.0.0.0 - GIANTS Software) FARO LS 1.1.700.0 (64bit) (HKLM-x32\...\{FF6E9382-0B85-48DE-888F-76EFD9A87038}) (Version: 7.0.0.23 - FARO Scanner Production) Foxit PhantomPDF (HKLM-x32\...\{39263796-F296-43AF-909C-FCF99592BAC4}) (Version: 7.2.52.1209 - Foxit Software Inc.) GameFirst IV (HKLM-x32\...\{2B5BE4E7-3E40-4BC4-A534-5342E3078F89}) (Version: 1.5.12 - ASUS) Hidden GameFirst IV (HKLM-x32\...\GameFirst IV 1.5.12) (Version: 1.5.12 - ASUS) Google Chrome (HKLM-x32\...\Google Chrome) (Version: 72.0.3626.109 - Google Inc.) Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.23 - Google Inc.) Hidden Heroes of Might and Magic III (HKLM-x32\...\{8B743AA0-53B2-11D2-808A-00600895FB43}) (Version: 1.0 - ) iCloud (HKLM\...\{5B1A59DA-D1EC-4C3A-A996-DF011A0A9668}) (Version: 6.2.2.39 - Apple Inc.) Intel(R) Chipset Device Software (HKLM-x32\...\{c7f54569-0018-439c-809a-48046a4d4ebc}) (Version: 10.1.1.9 - Intel(R) Corporation) Hidden Intel(R) Dynamic Platform and Thermal Framework (HKLM-x32\...\{654EE65D-FAA4-4EA6-8C07-DC94E6A304D4}) (Version: 8.1.10600.150 - Intel Corporation) Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 11.0.0.1159 - Intel Corporation) Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 21.20.16.4550 - Intel Corporation) Intel(R) Serial IO (HKLM\...\{9FD91C5C-44AE-4D9D-85BE-AE52816B0294}) (Version: 30.100.1519.7 - Intel Corporation) Intel(R) WiDi (HKLM\...\{5DD8D7E4-87F1-4134-AD28-4228FB1A03BA}) (Version: 6.0.44.0 - Intel Corporation) Intel(R) WiDi Software Asset Manager (HKLM-x32\...\{86905E62-645F-482E-A417-82C812ABD787}) (Version: 1.1.383 - Intel Corporation) Hidden Intel(R) Wireless Bluetooth(R) (HKLM-x32\...\{9A287643-10C5-4463-B9D1-B2404CE18CCF}) (Version: 17.1.1529.1620 - Intel Corporation) Intel® Security Assist (HKLM-x32\...\{4B230374-6475-4A73-BA6E-41015E9C5013}) (Version: 1.0.0.532 - Intel Corporation) iTunes (HKLM\...\{F0C7385A-9D20-45F3-8101-05D383885180}) (Version: 12.6.1.25 - Apple Inc.) Java 8 Update 181 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180181F0}) (Version: 8.0.1810.13 - Oracle Corporation) Microsoft Office 365 ProPlus - pl-pl (HKLM\...\O365ProPlusRetail - pl-pl) (Version: 16.0.11231.20174 - Microsoft Corporation) Microsoft OneDrive (HKU\.DEFAULT\...\OneDriveSetup.exe) (Version: 17.3.6743.1212 - Microsoft Corporation) Microsoft OneDrive (HKU\S-1-5-21-55963522-1064848890-21313104-1001\...\OneDriveSetup.exe) (Version: 19.002.0107.0008 - Microsoft Corporation) Microsoft SQL Server Compact 3.5 SP2 ENU (HKLM-x32\...\{3A9FC03D-C685-4831-94CF-4EDFD3749497}) (Version: 3.5.8080.0 - Microsoft Corporation) Microsoft SQL Server Compact 3.5 SP2 x64 ENU (HKLM\...\{D4AD39AD-091E-4D33-BB2B-59F6FCB8ADC3}) (Version: 3.5.8080.0 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual C++ 2017 Redistributable (x64) - 14.12.25810 (HKLM-x32\...\{e2ee15e2-a480-4bc5-bfb7-e9803d1d9823}) (Version: 14.12.25810.0 - Microsoft Corporation) Microsoft Visual C++ 2017 Redistributable (x86) - 14.12.25810 (HKLM-x32\...\{56e11d69-7cc9-40a5-a4f9-8f6190c4d84d}) (Version: 14.12.25810.0 - Microsoft Corporation) Minecraft (HKLM-x32\...\{1C16BCA3-EBC1-49F6-8623-8FBFB9CCC872}) (Version: 1.0.3.0 - Mojang) MiniTool Partition Wizard Free 9.1 (HKLM\...\{05D996FA-ADCB-4D23-BA3C-A7C184A8FAC6}_is1) (Version: - MiniTool Solution Ltd.) NVIDIA GeForce Experience 3.9.0.61 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.9.0.61 - NVIDIA Corporation) NVIDIA Oprogramowanie systemu PhysX 9.17.0524 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.17.0524 - NVIDIA Corporation) NVIDIA Sterownik graficzny 398.35 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 398.35 - NVIDIA Corporation) Office 16 Click-to-Run Extensibility Component (HKLM\...\{90160000-008C-0000-1000-0000000FF1CE}) (Version: 16.0.11231.20174 - Microsoft Corporation) Hidden Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-007E-0000-1000-0000000FF1CE}) (Version: 16.0.11231.20174 - Microsoft Corporation) Hidden Office 16 Click-to-Run Localization Component (HKLM\...\{90160000-008C-0415-1000-0000000FF1CE}) (Version: 16.0.11231.20174 - Microsoft Corporation) Hidden Oprogramowanie Intel® PROSet/Wireless (HKLM-x32\...\{5853172b-5520-4089-9ef4-e26c594382b3}) (Version: 19.30.0 - Intel Corporation) Origin (HKLM-x32\...\Origin) (Version: 10.5.32.18460 - Electronic Arts, Inc.) Panel sterowania NVIDIA 398.35 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel) (Version: 398.35 - NVIDIA Corporation) Hidden PixelMaster Video HDR (HKLM\...\{65302154-AAF6-4020-A070-76CAA9CEC8D3}) (Version: 1.1.35 - ASUS) Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 10.0.10143.21278 - Realtek Semiconductor Corp.) Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 10.2.703.2015 - Realtek) Skype (wersja 8.37) (HKLM-x32\...\Skype_is1) (Version: 8.37 - Skype Technologies S.A.) SmartPSS 2.00.1 (HKLM-x32\...\SmartPSS) (Version: 2.00.1 - ) Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation) TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.19 - TeamSpeak Systems GmbH) TeamViewer 12 (HKLM-x32\...\TeamViewer) (Version: 12.0.78313 - TeamViewer) Trans 4.8.0.7307 (HKLM-x32\...\Trans_is1) (Version: 4.8.0.7307 - Logintrans sp. z o.o.) Twierdza (HKLM-x32\...\Stronghold_is1) (Version: - Cenega Poland Sp. z o.o.) Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{C99F4AFA-B32C-4063-865C-D7B5CC0A78FB}) (Version: 2.54.0.0 - Microsoft Corporation) UpdateAssistant (HKLM\...\{B8B01E04-5393-4902-98E6-0E2787F03C80}) (Version: 1.13.0.0 - Microsoft Corporation) Hidden VisiPics V1.31 (HKLM-x32\...\VisiPics_is1) (Version: - Ozone) WebStorage (HKLM-x32\...\WebStorage) (Version: 2.2.6.547 - ASUS Cloud Corporation) Windows Driver Package - ASUS (AsusSGDrv) Mouse (10/21/2015 8.0.0.19) (HKLM\...\DE393C6A9AB085F9E19765D003555C3D360497DB) (Version: 10/21/2015 8.0.0.19 - ASUS) Windows Setup Remediations (x64) (KB4023057) (HKLM\...\{5534e02f-0f5d-40dd-ba92-bea38d22384d}.sdb) (Version: - ) WinFlash (HKLM-x32\...\{8F21291E-0444-4B1D-B9F9-4370A73E346D}) (Version: 3.0.1 - ASUS) WinRAR 5.31 (64-bitowy) (HKLM\...\WinRAR archiver) (Version: 5.31.0 - win.rar GmbH) WPS Office for ASUS (HKLM-x32\...\Kingsoft Office) (Version: 9.1.0.5247 - Kingsoft Corp.) XSplit Gamecaster (HKLM-x32\...\{083E9AF8-1900-4D7A-AB08-0B4BB98D2848}) (Version: 2.7.1512.1839 - SplitmediaLabs) Zoom (HKU\S-1-5-21-55963522-1064848890-21313104-1001\...\ZoomUMX) (Version: 4.3 - Zoom Video Communications, Inc.) ==================== Niestandardowe rejestracje CLSID (filtrowane): ========================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) CustomCLSID: HKU\S-1-5-21-55963522-1064848890-21313104-1001_Classes\CLSID\{018D5C66-4533-4307-9B53-224DE2ED1FE6}\InprocServer32 -> C:\WINDOWS\system32\shell32.dll (Microsoft Windows -> Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-55963522-1064848890-21313104-1001_Classes\CLSID\{4AC6DFE1-607B-45B2-B289-D7FBCD44169C}\localserver32 -> C:\Program Files\Autodesk\AutoCAD 2019\acad.exe (Autodesk, Inc. -> Autodesk, Inc.) CustomCLSID: HKU\S-1-5-21-55963522-1064848890-21313104-1001_Classes\CLSID\{74D0CE91-F931-4FAC-BEA9-EE32E43EAD37}\localserver32 -> C:\Program Files\Autodesk\AutoCAD 2019\acad.exe (Autodesk, Inc. -> Autodesk, Inc.) CustomCLSID: HKU\S-1-5-21-55963522-1064848890-21313104-1001_Classes\CLSID\{E2C40589-DE61-11ce-BAE0-0020AF6D7005}\InprocServer32 -> C:\Program Files\Autodesk\AutoCAD 2019\pl-PL\acadficn.dll (Autodesk Development Sarl -> Autodesk, Inc.) ShellIconOverlayIdentifiers: [!AsusWSShellExt_B] -> {6D4133E5-0742-4ADC-8A8C-9303440F7191} => C:\Program Files (x86)\Common Files\AWS\2.2.6.547\ASUSWSShellExt64.dll [2015-04-22] (ASUS Cloud Corporation.) [Brak podpisu cyfrowego] ShellIconOverlayIdentifiers: [!AsusWSShellExt_O] -> {64174815-8D98-4CE6-8646-4C039977D809} => C:\Program Files (x86)\Common Files\AWS\2.2.6.547\ASUSWSShellExt64.dll [2015-04-22] (ASUS Cloud Corporation.) [Brak podpisu cyfrowego] ShellIconOverlayIdentifiers: [!AsusWSShellExt_U] -> {1C5AB7B1-0B38-4EC4-9093-7FD277E2AF4E} => C:\Program Files (x86)\Common Files\AWS\2.2.6.547\ASUSWSShellExt64.dll [2015-04-22] (ASUS Cloud Corporation.) [Brak podpisu cyfrowego] ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> Brak pliku ShellIconOverlayIdentifiers: [AutoCAD Digital Signatures Icon Overlay Handler] -> {36A21736-36C2-4C11-8ACB-D4136F2B57BD} => C:\Windows\system32\AcSignIcon.dll [2018-01-30] (Autodesk, Inc. -> Autodesk, Inc.) ContextMenuHandlers1: [AcShellExtension.AcContextMenuHandler] -> {2E7A2C6C-B938-40a4-BA1C-C7EC982DC202} => C:\Program Files\Common Files\Autodesk Shared\AcShellEx\AcShellExtension.dll [2018-01-30] (Autodesk, Inc. -> Autodesk) ContextMenuHandlers1: [Foxit_ConvertToPDF] -> {C5269811-4A29-4818-A4BB-111F9FC63A5F} => C:\Program Files (x86)\Foxit PhantomPDF\plugins\ConvertToPDFShellExtension_x64.dll [2015-12-10] (Foxit Software Incorporated -> Foxit Software Inc.) ContextMenuHandlers1: [PhotoStreamsExt] -> {89D984B3-813B-406A-8298-118AFA3A22AE} => C:\Program Files\Common Files\Apple\Internet Services\ShellStreams64.dll [2017-05-09] (Apple Inc. -> Apple Inc.) ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2016-02-08] (win.rar GmbH -> Alexander Roshal) ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2016-02-08] (win.rar GmbH -> Alexander Roshal) ContextMenuHandlers3: [BackupContextMenuExtension] -> {b1b96b20-da1d-4a3c-92c1-7229b32f2326} => C:\Program Files (x86)\Common Files\AWS\2.2.6.547\ASUSWSContextMenu.dll [2015-12-24] (ASUS Cloud Corporation -> ASUS Cloud Corporation) ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\System32\DriverStore\FileRepository\igdlh64.inf_amd64_463164d40c3d26ce\igfxDTCM.dll [2016-11-30] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation) ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\system32\nvshext.dll [2018-06-21] (NVIDIA Corporation -> NVIDIA Corporation) ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2016-02-08] (win.rar GmbH -> Alexander Roshal) ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2016-02-08] (win.rar GmbH -> Alexander Roshal) ==================== Zaplanowane zadania (filtrowane) ============= (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) Task: {0A71B6FB-D3B8-4D62-A1E9-525CF7773A95} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe (Google Inc -> Google Inc.) Task: {0AB844D0-AEB0-4F1F-A419-81AE721EB995} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe (Microsoft Corporation -> Microsoft Corporation) Task: {1FA81033-D3A4-4E47-BFDF-A522CEBEA0AE} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1902.2-0\MpCmdRun.exe (Microsoft Corporation -> Microsoft Corporation) Task: {22019175-5487-4C86-BBC1-8DE14BABC74D} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1902.2-0\MpCmdRun.exe (Microsoft Corporation -> Microsoft Corporation) Task: {2F039262-4AB6-4CCA-8ED2-E5A4561768D5} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe (NVIDIA Corporation -> NVIDIA Corporation) Task: {3409748E-BEB5-4196-9C78-6D5BC51F7673} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe (Microsoft Corporation -> Microsoft Corporation) Task: {34DBFCF1-8F42-46CE-9532-6AE9B24DE552} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonx64\Microsoft Shared\Office16\OLicenseHeartbeat.exe (Microsoft Corporation -> Microsoft Corporation) Task: {3BB75F8E-A5E3-414B-A133-FC478EDBFA4F} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\Avast Software\Overseer\overseer.exe Task: {3F27201D-3D13-497A-989A-487E869AC04F} - System32\Tasks\AVAST Software\Avast settings backup => C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe Task: {43F29367-70DD-4485-9FC3-5EE1C0337D6D} - System32\Tasks\DropboxOEM => C:\Program Files (x86)\Dropbox\DropboxOEM\DropboxOEM.exe (Dropbox, Inc -> ) Task: {448F21B5-5A38-4DB6-8B9E-78C0E23F4FB1} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\VFS\ProgramFilesCommonX64\Microsoft Shared\Office16\sdxhelper.exe (Microsoft Corporation -> Microsoft Corporation) Task: {4D2ED2CC-68DC-4B5F-B18B-02F4555A6E8F} - System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmMon.exe (NVIDIA Corporation -> NVIDIA Corporation) Task: {563875C2-CABB-4BDE-BF79-02342161AD61} - System32\Tasks\WpsNotifyTask_Administrator => C:\Program Files (x86)\Kingsoft\WPS Office\9.1.0.5247\wtoolex\wpsnotify.exe (Zhuhai Kingsoft Office Software Co.,Ltd -> Zhuhai Kingsoft Office Software Co.,Ltd) Task: {5B3BA129-417B-48B0-9F97-4B833C0C2611} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe (NVIDIA Corporation -> NVIDIA Corporation) Task: {5F76B6E4-46D2-47B1-88C0-F2A171678D44} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated -> Adobe Systems Incorporated) Task: {5F8685D6-9964-46BD-888A-2F5603F0E919} - System32\Tasks\NvTmRepOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe (NVIDIA Corporation -> NVIDIA Corporation) Task: {5FD32DFE-8D6F-44F6-B771-54384F1B8EB9} - System32\Tasks\ASUS Smart Gesture Launcher => C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPLauncher.exe (ASUSTeK Computer Inc. -> AsusTek) Task: {64457E73-E7F8-4132-9569-F535B3C2E1FB} - System32\Tasks\Intel\Intel Telemetry 2 => C:\Program Files\Intel\Telemetry 2.0\lrio.exe (Intel(R) Software -> Intel Corporation) Task: {6495588A-5A2A-42EE-8314-73D6D12CCC41} - System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe (NVIDIA Corporation -> NVIDIA Corporation) Task: {65823595-AD9D-46D1-B0D9-FF0F67098E89} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe (Apple Inc. -> Apple Inc.) Task: {672570BE-BC17-447A-AA86-905043B3EC5D} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform Software Ltd) Task: {6A75E037-9ADC-45BD-A633-58F4CA77CB2F} - System32\Tasks\ATK Package 36D18D69AFC3 => C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\SimAppExec.exe (ASUSTeK Computer Inc. -> ASUSTek Computer Inc.) Task: {6E57A939-03A7-49C6-9E4E-570C3EBA6BF1} - System32\Tasks\ATK Package A22126881260 => C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\SimAppExec.exe (ASUSTeK Computer Inc. -> ASUSTek Computer Inc.) Task: {7383A11A-85F9-48A1-A8BF-7948810B60E8} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe (Google Inc -> Google Inc.) Task: {74DCE180-7DFB-43A5-955B-AA24C0D6E196} - System32\Tasks\IntelWiDi-Upgrade-91ba0caa-28a7-4f47-8d08-f71b4b10fbec => C:\Program Files (x86)\Intel Corporation\Intel WiDi\Intel(R) Software Asset Manager\bin\IntelSoftwareAssetManagerService.exe (Intel(R) Software Asset Manager -> Intel Corporation) Task: {758D18B5-4B92-47DD-931A-C26D9208EBF3} - System32\Tasks\DropboxUpdateTaskMachineUA => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe (Dropbox, Inc -> Dropbox, Inc.) Task: {7BF3AD72-7489-4FA0-A617-CFFAB23E7EA3} - System32\Tasks\ASUS USB Charger Plus => C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe (ASUSTeK Computer Inc. -> ASUSTek Computer Inc.) Task: {7F084ACC-5F13-4D56-87D3-CC1F63418D8E} - System32\Tasks\ASUS Splendid ACMON => C:\Program Files (x86)\ASUS\Splendid\ACMON.exe (ASUS) [Brak podpisu cyfrowego] Task: {857976BE-BF35-43D0-A32C-471D15FCB0F2} - System32\Tasks\Adobe Flash Player NPAPI Notifier => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_142_Plugin.exe (Adobe Systems Incorporated -> Adobe Systems Incorporated) Task: {9BDAA792-C547-4F03-9A18-AA2620750D09} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerLogon => C:\Program Files\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe (Microsoft Corporation -> Microsoft Corporation) Task: {A2EBD2EE-3327-486A-8F80-37C948F23CC0} - System32\Tasks\WpsUpdateTask_Administrator => C:\Program Files (x86)\Kingsoft\WPS Office\9.1.0.5247\wtoolex\wpsupdate.exe (Zhuhai Kingsoft Office Software Co.,Ltd -> Zhuhai Kingsoft Office Software Co.,Ltd) Task: {B34A2A30-8C58-45BA-B078-80BE6571AC45} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1902.2-0\MpCmdRun.exe (Microsoft Corporation -> Microsoft Corporation) Task: {B4EB069C-8D04-4C8D-A569-67273F193F2D} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\VFS\ProgramFilesCommonX64\Microsoft Shared\Office16\sdxhelper.exe (Microsoft Corporation -> Microsoft Corporation) Task: {B6A74C91-2C39-489A-A82D-0DD538D31602} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerRegistration => C:\Program Files\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe (Microsoft Corporation -> Microsoft Corporation) Task: {BA773858-CFBF-4F70-AF77-6F875F6164B2} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe (Piriform Software Ltd -> Piriform Software Ltd) Task: {BC136D93-A5CD-4B83-B77C-D84B33AB23B8} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe (Microsoft Corporation -> Microsoft Corporation) Task: {BEFA4BCB-30A4-4EB7-8432-A6DD3D96A2F4} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe (NVIDIA Corporation -> NVIDIA Corporation) Task: {C1DE4B09-1ED6-473A-A3DD-6D4CA50426EA} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation) Task: {C54B5138-4F2C-403D-9AA8-D9070C705B16} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe (NVIDIA Corporation -> NVIDIA Corporation) Task: {C7054F2F-8571-4405-B9C7-718624315538} - System32\Tasks\IntelWiDi-Upgrade-91ba0caa-28a7-4f47-8d08-f71b4b10fbec-Logon => C:\Program Files (x86)\Intel Corporation\Intel WiDi\Intel(R) Software Asset Manager\bin\IntelSoftwareAssetManagerService.exe (Intel(R) Software Asset Manager -> Intel Corporation) Task: {D450C219-79A2-4571-8007-A13B5E2DF9E7} - System32\Tasks\ASUS\ASUS Product Register Service => C:\Program Files (x86)\ASUS\APRP\aprp.exe (ASUSTeK Computer Inc. -> ASUSTek Computer Inc.) [Brak podpisu cyfrowego] Task: {D4758B43-2F16-47A3-9C6F-D78205D11115} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe Task: {E4089E4E-261B-4AAE-9EF6-5ECFFBC66E0E} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473 => C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe Task: {E99BBD91-631C-4F04-A23A-22EB532CCB06} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_142_pepper.exe (Adobe Systems Incorporated -> Adobe Systems Incorporated) Task: {F2C6D650-C4BA-4A97-BB46-D84DCD92D1F9} - System32\Tasks\DropboxUpdateTaskMachineCore => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe (Dropbox, Inc -> Dropbox, Inc.) Task: {F8C26555-AA95-4FC6-80F5-225EB9E95CAE} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe (Microsoft Corporation -> Microsoft Corporation) Task: {FC01FED1-E391-41F0-BF71-655C4D7550A6} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1902.2-0\MpCmdRun.exe (Microsoft Corporation -> Microsoft Corporation) (Załączenie wejścia w fixlist spowoduje przesunięcie pliku zadania (.job). Plik uruchamiany docelowo przez zadanie nie zostanie przeniesiony.) Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe Task: C:\WINDOWS\Tasks\WpsNotifyTask_Administrator.job => C:\Program Files (x86)\Kingsoft\WPS Office\9.1.0.5247\wtoolex\wpsnotify.exe Task: C:\WINDOWS\Tasks\WpsUpdateTask_Administrator.job => C:\Program Files (x86)\Kingsoft\WPS Office\9.1.0.5247\wtoolex\wpsupdate.exe ==================== Skróty & WMI ======================== (Wybrane wejścia mogą zostać załączone w celu ich zresetowania lub usunięcia.) ==================== Załadowane moduły (filtrowane) ============== 2015-12-24 08:31 - 2015-12-24 08:31 - 000075264 _____ (ASUS Cloud Corporation) [Brak podpisu cyfrowego] C:\Program Files (x86)\ASUS\WebStorage\2.2.6.547\AsusWSWinService.exe 2015-05-19 09:11 - 2015-05-19 09:11 - 000335872 _____ (Intel Corporation) [Brak podpisu cyfrowego] C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe 2015-12-02 18:01 - 2015-12-02 18:01 - 000054784 _____ (ASUS) [Brak podpisu cyfrowego] C:\Program Files (x86)\ASUS\Splendid\ACMON.exe 2015-04-22 14:59 - 2015-04-22 14:59 - 001489920 _____ (ASUS Cloud Corporation.) [Brak podpisu cyfrowego] C:\Program Files (x86)\Common Files\AWS\2.2.6.547\ASUSWSShellExt64.dll 2016-11-19 12:02 - 2018-04-10 15:02 - 001177600 _____ (The Qt Company Ltd) [Brak podpisu cyfrowego] C:\Program Files (x86)\Origin\Qt5Network.dll 2016-11-19 12:02 - 2018-04-10 15:02 - 005089792 _____ (The Qt Company Ltd) [Brak podpisu cyfrowego] C:\Program Files (x86)\Origin\Qt5Widgets.dll 2016-11-19 12:02 - 2018-04-10 15:02 - 005487104 _____ (The Qt Company Ltd) [Brak podpisu cyfrowego] C:\Program Files (x86)\Origin\Qt5Core.dll 2016-11-19 12:02 - 2018-04-10 15:02 - 000184832 _____ (The Qt Company Ltd) [Brak podpisu cyfrowego] C:\Program Files (x86)\Origin\Qt5Xml.dll 2016-11-19 12:02 - 2017-08-23 17:48 - 001548288 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [Brak podpisu cyfrowego] C:\Program Files (x86)\Origin\LIBEAY32.dll 2016-11-19 12:02 - 2018-04-10 15:02 - 005841920 _____ (The Qt Company Ltd) [Brak podpisu cyfrowego] C:\Program Files (x86)\Origin\Qt5Gui.dll 2016-11-19 12:02 - 2018-04-10 15:01 - 001611264 _____ (The Qt Company Ltd) [Brak podpisu cyfrowego] C:\Program Files (x86)\Origin\platforms\qwindows.dll 2016-11-19 12:02 - 2017-08-23 17:49 - 000395776 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [Brak podpisu cyfrowego] C:\Program Files (x86)\Origin\ssleay32.dll 2015-12-02 18:01 - 2015-12-02 18:01 - 000027648 _____ () [Brak podpisu cyfrowego] C:\Program Files (x86)\ASUS\Splendid\DetectDisplayDC.dll 2015-12-02 18:01 - 2015-12-02 18:01 - 000164864 _____ (ASUSTeK Computer Inc.) [Brak podpisu cyfrowego] C:\Program Files (x86)\ASUS\Splendid\ColorU.dll 2015-12-02 18:01 - 2015-12-02 18:01 - 001676288 _____ (ASUS TeK Computer Inc.) [Brak podpisu cyfrowego] C:\Program Files (x86)\ASUS\Splendid\ApplyLUT.dll 2015-12-02 18:01 - 2015-12-02 18:01 - 000124928 _____ () [Brak podpisu cyfrowego] C:\Program Files (x86)\ASUS\Splendid\CCTAdjust.dll 2015-12-02 18:01 - 2015-12-02 18:01 - 000178176 _____ (ASUS TeK Computer Inc.) [Brak podpisu cyfrowego] C:\Program Files (x86)\ASUS\Splendid\GenLUT.dll 2015-12-02 18:01 - 2015-12-02 18:01 - 000029184 _____ () [Brak podpisu cyfrowego] C:\Program Files (x86)\ASUS\Splendid\VideoEnhance.dll 2016-06-22 21:45 - 2015-11-03 03:45 - 001134080 _____ (Conexant Systems, Inc.) [Brak podpisu cyfrowego] C:\Program Files\Conexant\SAII\CxHDAudioAPI.dll ==================== Alternate Data Streams (filtrowane) ========= (Załączenie wejścia w fixlist spowoduje usunięcie strumienia ADS.) ==================== Tryb awaryjny (filtrowane) =================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Wartość "AlternateShell" zostanie przywrócona.) ==================== Powiązania plików (filtrowane) =============== (Załączenie wejścia w fixlist spowoduje usunięcie obiektu z rejestru lub przywrócenie jego domyślnej postaci.) HKU\S-1-5-21-55963522-1064848890-21313104-1001\Software\Classes\.scr: AutoCADScriptFile => C:\WINDOWS\system32\notepad.exe "%1" ==================== Internet Explorer - Witryny zaufane i z ograniczeniami =============== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru.) IE trusted site: HKU\S-1-5-21-55963522-1064848890-21313104-1001\...\sharepoint.com -> hxxps://pkamc-files.sharepoint.com ==================== Hosts - zawartość: =============================== (Użycie dyrektywy Hosts: w fixlist spowoduje reset pliku Hosts.) 2015-10-30 08:24 - 2019-01-04 11:25 - 000000836 _____ C:\WINDOWS\system32\drivers\etc\hosts 2017-09-05 19:15 - 2018-01-26 11:05 - 000000512 _____ C:\WINDOWS\system32\drivers\etc\hosts.ics ==================== Inne obszary ============================ (Obecnie brak automatycznej naprawy dla tej sekcji.) HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path: C:\Program Files (x86)\Common Files\Oracle\Java\javapath;C:\ProgramData\Oracle\Java\javapath;C:\Program Files (x86)\Intel\iCLS Client\;C:\Program Files\Intel\iCLS Client\;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;C:\Program Files\Intel\WiFi\bin\;C:\Program Files\Common Files\Intel\WirelessCommon\;%SYSTEMROOT%\System32\OpenSSH\ HKU\S-1-5-21-55963522-1064848890-21313104-1001\Control Panel\Desktop\\Wallpaper -> c:\windows\web\wallpaper\windows\img0.jpg DNS Servers: 192.168.1.1 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1) HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin) Zapora systemu Windows [funkcja włączona] ==================== MSCONFIG/TASK MANAGER - Wyłączone elementy == Załączenie wejścia w fixlist spowoduje jego usunięcie. MSCONFIG\Services: BITCOMET_HELPER_SERVICE => 3 MSCONFIG\Services: Hamachi2Svc => 2 MSCONFIG\Services: LMIGuardianSvc => 2 MSCONFIG\Services: Origin Client Service => 3 MSCONFIG\Services: Origin Web Helper Service => 2 MSCONFIG\Services: TeamViewer => 2 HKLM\...\StartupApproved\Run32: => "WebStorage" HKLM\...\StartupApproved\Run32: => "LogMeIn Hamachi Ui" HKU\S-1-5-21-55963522-1064848890-21313104-1001\...\StartupApproved\Run: => "OneDrive" HKU\S-1-5-21-55963522-1064848890-21313104-1001\...\StartupApproved\Run: => "GoogleChromeAutoLaunch_D2C73B4BE2EDB87BC4F6EB49D6696FEE" ==================== Reguły Zapory systemu Windows (filtrowane) =============== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) FirewallRules: [{75E8AD4D-6E2A-494E-A112-460851F75BB0}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation) FirewallRules: [UDP Query User{CB48CE9F-0434-4418-B696-10E62ADC417D}C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Allow) C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe FirewallRules: [TCP Query User{052737D8-242A-49D7-B2B5-0DBAF431065C}C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Allow) C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe FirewallRules: [{8E73E56B-9F37-44EC-9B4C-3C31301A4384}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation) FirewallRules: [{B195A651-0650-442E-853B-7D5551DC1019}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation) FirewallRules: [{0E2F426A-8D60-48EC-929F-E0F625040F2D}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation) FirewallRules: [{7035EB32-D446-4898-A05F-9AF36BE82AB1}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation) FirewallRules: [{AF392733-5298-4E2A-A041-A94F1C5E66BC}] => (Allow) C:\Program Files\BitComet\BitComet.exe (Xing Wang -> www.BitComet.com) FirewallRules: [{074C5D20-24E5-4B5F-8EB3-CBBA6F4D2409}] => (Allow) C:\Program Files\BitComet\BitComet.exe (Xing Wang -> www.BitComet.com) FirewallRules: [{F8F3C093-3B58-4109-8216-DD9075651AA2}] => (Allow) C:\Program Files\iTunes\iTunes.exe (Apple Inc. -> Apple Inc.) FirewallRules: [UDP Query User{E9D4649C-2734-49C2-96D1-DFC1160EC869}C:\windows\syswow64\dplaysvr.exe] => (Allow) C:\windows\syswow64\dplaysvr.exe (Microsoft Windows -> Microsoft Corporation) FirewallRules: [TCP Query User{F4B1A925-A1BE-4AB9-967C-6993C0E59DF4}C:\windows\syswow64\dplaysvr.exe] => (Allow) C:\windows\syswow64\dplaysvr.exe (Microsoft Windows -> Microsoft Corporation) FirewallRules: [{1B2352F7-15D6-4842-98CF-DB8082B7108A}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer GmbH -> TeamViewer GmbH) FirewallRules: [{8F1FAD71-335F-4484-95A7-FA26C40CCE16}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer GmbH -> TeamViewer GmbH) FirewallRules: [{75877032-CDBB-4B02-B6BF-3EF9AB5B2DED}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer GmbH -> TeamViewer GmbH) FirewallRules: [{CB0046A7-5CF5-40A5-BF97-56552254CB62}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer GmbH -> TeamViewer GmbH) FirewallRules: [{35C5F626-FD5F-4AB1-8FA1-8F927A486FD3}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x64\eurotrucks2.exe (SCS Software s.r.o. -> SCS Software) FirewallRules: [{145158DA-601F-4886-A52A-FAEE0BF4FF67}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x64\eurotrucks2.exe (SCS Software s.r.o. -> SCS Software) FirewallRules: [{E27DD16B-E5CE-4AEF-9B4A-E4EA5942BCBC}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x86\eurotrucks2.exe (SCS Software s.r.o. -> SCS Software) FirewallRules: [{3CF77DE2-7256-40AE-821E-28AE0E171CAD}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x86\eurotrucks2.exe (SCS Software s.r.o. -> SCS Software) FirewallRules: [{EBE3DFFF-5C82-480C-AA4B-23566BF2A21D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe (Valve -> ) FirewallRules: [{A9789657-76AA-4492-949C-6F708C37AD2A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe (Valve -> ) FirewallRules: [{3E0E1023-347D-461A-8BF2-A9BB43BED6CB}] => (Allow) C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe (Intel Corporation-Wireless Connectivity Solutions -> ) FirewallRules: [{187FDB77-5775-4F46-834E-D9DD2CC3B102}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.) FirewallRules: [{A798B2C4-75D0-4CAA-85BF-1176197C69E8}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.) FirewallRules: [{5582E899-3F3F-4C5A-A24C-9F30EC6F49AB}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.) FirewallRules: [{B1B0075D-ED74-4B9A-B2B0-67A82733F0D3}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.) FirewallRules: [{B608D832-BCBC-4CAF-8DDF-C3A70CA22D5E}] => (Allow) C:\Program Files (x86)\Farming Simulator 2017\x64\FarmingSimulator2017Game.exe (GIANTS Software GmbH -> GIANTS Software GmbH) FirewallRules: [{271CC23A-DC22-4035-BAF3-365D8CF6F196}] => (Allow) C:\Program Files (x86)\Farming Simulator 2017\x64\FarmingSimulator2017Game.exe (GIANTS Software GmbH -> GIANTS Software GmbH) FirewallRules: [{195F6509-FD4E-4224-A855-633D6ECE932C}] => (Allow) C:\Program Files (x86)\Farming Simulator 2017\x86\FarmingSimulator2017Game.exe (GIANTS Software GmbH -> GIANTS Software GmbH) FirewallRules: [{693809A9-6D22-4D53-9E2A-22E40C4A6A66}] => (Allow) C:\Program Files (x86)\Farming Simulator 2017\x86\FarmingSimulator2017Game.exe (GIANTS Software GmbH -> GIANTS Software GmbH) FirewallRules: [{EF8DD077-F5EE-45A8-AC45-CBE86FEF94B8}] => (Allow) C:\Program Files (x86)\Farming Simulator 2017\FarmingSimulator2017.exe (GIANTS Software GmbH -> GIANTS Software GmbH) FirewallRules: [{DC9CE14F-E97B-49BB-956F-1FBDCA8E2664}] => (Allow) C:\Program Files (x86)\Farming Simulator 2017\FarmingSimulator2017.exe (GIANTS Software GmbH -> GIANTS Software GmbH) FirewallRules: [{CD773FE9-C8CB-4199-AAEE-49FA06A085B9}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation) FirewallRules: [{3FBD7FC4-9F52-4FA8-9D8A-60AB2F958659}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation) FirewallRules: [{78B17CF0-74F6-4241-965F-14B44B1644C3}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation) FirewallRules: [{9135519A-A0FD-45BD-A33D-49420AF2675D}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation) FirewallRules: [{3CA1F088-4580-4822-8755-79CB403BE904}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation) FirewallRules: [{8BD35A83-2F2F-47DD-8007-739ADC96B923}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation) FirewallRules: [TCP Query User{F5930D86-88BD-4B50-AFE2-4D6C72DE9C73}C:\users\dawid\appdata\local\akamai\netsession_win.exe] => (Allow) C:\users\dawid\appdata\local\akamai\netsession_win.exe (Akamai Technologies, Inc. -> Akamai Technologies, Inc.) FirewallRules: [UDP Query User{986054E2-47F1-4399-9905-E9E8FFFE750D}C:\users\dawid\appdata\local\akamai\netsession_win.exe] => (Allow) C:\users\dawid\appdata\local\akamai\netsession_win.exe (Akamai Technologies, Inc. -> Akamai Technologies, Inc.) FirewallRules: [{15D7482B-9778-4CB6-8227-15E8467D0BD4}] => (Allow) LPort=50814 FirewallRules: [{4553BB55-08B6-46ED-B7C2-5C61A2D1737D}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [{7655B14F-B648-4761-A4DE-C028A19E7E82}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [{F487AA31-1D53-4615-B691-43AF16A7376E}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [{A34E8AF1-9EB9-472C-B1F2-D8CC4D3E3F72}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [{E9703391-6DEA-4DB2-A3D2-BAD0E2947404}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [{653E71B4-8479-446E-A038-CB5F68ED8C60}] => (Allow) C:\Program Files\BCS Manager\BCSManager.exe () [Brak podpisu cyfrowego] FirewallRules: [{120CB42D-EB8C-49E5-BE9E-8B5D14034193}] => (Allow) C:\Program Files\BCS Manager\BCSManager.exe () [Brak podpisu cyfrowego] FirewallRules: [{5BED9E87-F0C2-4BD9-8DBB-FBE0DD8971C1}] => (Allow) C:\Program Files\BCS Manager\BCSManager.exe () [Brak podpisu cyfrowego] FirewallRules: [{195BFFD6-4D71-4084-97D9-995BABE50631}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation) FirewallRules: [{4B2AC88B-440F-4C61-AE27-A570F9C01DC8}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation) FirewallRules: [{344EB55F-9BE4-4A0C-9D28-D6F8899341BF}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\The Forest\TheForest.exe () [Brak podpisu cyfrowego] FirewallRules: [{F1681FD0-C36F-4858-81F6-0B404D0141BF}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\The Forest\TheForest.exe () [Brak podpisu cyfrowego] FirewallRules: [{812B48A9-D9C0-42CA-BDBE-7A13B675A0B4}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\The Forest\TheForestVR.exe () [Brak podpisu cyfrowego] FirewallRules: [{E46760C1-9E79-437C-933D-7069838F4F7A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\The Forest\TheForestVR.exe () [Brak podpisu cyfrowego] FirewallRules: [{B241BC49-D533-4CC2-A7CB-97C371D785D5}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Port Royale 3\PortRoyale3.exe (Gaming Minds Studios GmbH) [Brak podpisu cyfrowego] FirewallRules: [{8DCD92AC-73FA-4C63-9BBF-21024B6A01EC}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Port Royale 3\PortRoyale3.exe (Gaming Minds Studios GmbH) [Brak podpisu cyfrowego] FirewallRules: [{1D95612E-DBBE-4115-A634-54CC53C3F326}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Cities_Skylines\Cities.exe () [Brak podpisu cyfrowego] FirewallRules: [{49F4CF4B-F20A-4513-BF26-B946A3337F1C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Cities_Skylines\Cities.exe () [Brak podpisu cyfrowego] FirewallRules: [TCP Query User{34DF13C1-639C-405F-9501-22C4F718BAF3}C:\users\dawid\appdata\local\akamai\netsession_win.exe] => (Block) C:\users\dawid\appdata\local\akamai\netsession_win.exe (Akamai Technologies, Inc. -> Akamai Technologies, Inc.) FirewallRules: [UDP Query User{F1BAFD4F-F5D7-419C-8A6F-864C7BF89662}C:\users\dawid\appdata\local\akamai\netsession_win.exe] => (Block) C:\users\dawid\appdata\local\akamai\netsession_win.exe (Akamai Technologies, Inc. -> Akamai Technologies, Inc.) FirewallRules: [{76314D22-A704-4F7C-8A07-45E592429F0F}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.) FirewallRules: [{4611C65A-FFB4-40A7-8481-EF293A5C2C3D}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.) FirewallRules: [TCP Query User{5BE8565B-0F65-4164-BC03-118C565EC233}C:\program files (x86)\microsoft\skype for desktop\skype.exe] => (Allow) C:\program files (x86)\microsoft\skype for desktop\skype.exe (Skype Software Sarl -> Skype Technologies S.A.) FirewallRules: [UDP Query User{B7FFACE8-7F4E-45EE-AD3A-A1DA8CFDDAA1}C:\program files (x86)\microsoft\skype for desktop\skype.exe] => (Allow) C:\program files (x86)\microsoft\skype for desktop\skype.exe (Skype Software Sarl -> Skype Technologies S.A.) FirewallRules: [{75468C7C-1B8B-4956-B548-522218363998}] => (Allow) C:\Users\Dawid\AppData\Roaming\Zoom\bin\Zoom.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.) FirewallRules: [{4A12DA9B-BDE7-4E2A-B699-8DC3028A580C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x64\eurotrucks2.exe (SCS Software s.r.o. -> SCS Software) FirewallRules: [{C688DB3D-8F02-4DBC-A7A3-AC010947A77A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x64\eurotrucks2.exe (SCS Software s.r.o. -> SCS Software) FirewallRules: [{9916722A-964A-4FDC-AAFD-4A3A3D39C185}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x86\eurotrucks2.exe (SCS Software s.r.o. -> SCS Software) FirewallRules: [{1C329CB7-6F92-461C-B936-F3E769BF6427}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x86\eurotrucks2.exe (SCS Software s.r.o. -> SCS Software) FirewallRules: [{14270FE6-BE76-4B63-A18A-2531834062AA}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform Software Ltd) FirewallRules: [{D77F635E-B8B0-4ADF-9174-E741C7682759}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform Software Ltd) FirewallRules: [{D36E92DE-7E12-4A63-A4ED-7DFD7C042794}] => (Allow) C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe Brak pliku FirewallRules: [{CECCEFDF-18EF-4D29-8B61-BD46A4750017}] => (Allow) C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe Brak pliku FirewallRules: [{D83DC6D9-1845-4A0E-9D29-85639753BDD1}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google Inc.) ==================== Punkty Przywracania systemu ========================= 18-02-2019 15:24:35 Zaplanowany punkt kontrolny ==================== Wadliwe urządzenia w Menedżerze urządzeń ============= ==================== Błędy w Dzienniku zdarzeń: ========================= Dziennik Aplikacja: ================== Error: (02/24/2019 05:09:18 PM) (Source: Office 2016 Licensing Service) (EventID: 0) (User: ) Description: Event-ID 0 Error: (02/24/2019 05:06:15 PM) (Source: DPTF) (EventID: 256) (User: ) Description: Intel(R) Dynamic Platform and Thermal Framework : ESIF(8.1.10600.150) TYPE: ERROR DPTF Build Version: 8.1.10600.150 DPTF Build Date: Jun 26 2015 11:46:12 Source File: ..\..\..\Sources\Manager\EsifApplicationInterface.cpp @ line 737 Executing Function: DptfEvent Message: Received unexpected event Framework Event: DptfResume [3] Error: (02/24/2019 10:18:08 AM) (Source: DPTF) (EventID: 256) (User: ) Description: Intel(R) Dynamic Platform and Thermal Framework : ESIF(8.1.10600.150) TYPE: ERROR DPTF Build Version: 8.1.10600.150 DPTF Build Date: Jun 26 2015 11:46:12 Source File: ..\..\..\Sources\Manager\EsifApplicationInterface.cpp @ line 737 Executing Function: DptfEvent Message: Received unexpected event Framework Event: DptfResume [3] Error: (02/23/2019 11:12:45 PM) (Source: Office 2016 Licensing Service) (EventID: 0) (User: ) Description: Event-ID 0 Error: (02/23/2019 11:09:49 PM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Local Hostname DESKTOP-0U77DTJ.local already in use; will try DESKTOP-0U77DTJ-2.local instead Error: (02/23/2019 11:09:49 PM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: mDNSCoreReceiveResponse: ProbeCount 1; will deregister 16 DESKTOP-0U77DTJ.local. AAAA 2A01:110F:0D14:3700:0000:0000:0000:ED74 Error: (02/23/2019 11:09:49 PM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: mDNSCoreReceiveResponse: Received from FE80:0000:0000:0000:791A:B581:8844:CB74:5353 16 DESKTOP-0U77DTJ.local. AAAA 2A01:110F:0D14:3700:791A:B581:8844:CB74 Error: (02/23/2019 11:09:49 PM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: mDNSCoreReceiveResponse: Ignoring response received before we even began probing: 16 DESKTOP-0U77DTJ.local. AAAA FE80:0000:0000:0000:791A:B581:8844:CB74 Dziennik System: ============= Error: (02/24/2019 09:35:55 PM) (Source: Disk) (EventID: 7) (User: ) Description: W urządzeniu \Device\Harddisk2\DR2 wystąpił zły blok. Error: (02/24/2019 06:30:25 PM) (Source: DCOM) (EventID: 10016) (User: ZARZĄDZANIE NT) Description: Zgodnie z ustawieniami uprawnienia właściwe dla aplikacji nie jest udzielane uprawnienie Lokalny Aktywacja do aplikacji serwera COM z identyfikatorem klasy CLSID {D63B10C5-BB46-4990-A94F-E40B9D520160} i identyfikatorem aplikacji APPID {9CA88EE3-ACB7-47C8-AFC4-AB702511C276} użytkownikowi ZARZĄDZANIE NT\USŁUGA LOKALNA o identyfikatorze zabezpieczeń SID (S-1-5-19) z adresu LocalHost (użycie LRPC) działającemu w kontenerze aplikacji o identyfikatorze SID Niedostępny (Niedostępny). To uprawnienie zabezpieczeń można modyfikować przy użyciu narzędzia administracyjnego Usługi składowe. Error: (02/24/2019 05:07:43 PM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-0U77DTJ) Description: Zgodnie z ustawieniami uprawnienia właściwe dla aplikacji nie jest udzielane uprawnienie Lokalny Aktywacja do aplikacji serwera COM z identyfikatorem klasy CLSID {D63B10C5-BB46-4990-A94F-E40B9D520160} i identyfikatorem aplikacji APPID {9CA88EE3-ACB7-47C8-AFC4-AB702511C276} użytkownikowi DESKTOP-0U77DTJ\Dawid o identyfikatorze zabezpieczeń SID (S-1-5-21-55963522-1064848890-21313104-1001) z adresu LocalHost (użycie LRPC) działającemu w kontenerze aplikacji o identyfikatorze SID Niedostępny (Niedostępny). To uprawnienie zabezpieczeń można modyfikować przy użyciu narzędzia administracyjnego Usługi składowe. Error: (02/24/2019 05:06:17 PM) (Source: DCOM) (EventID: 10016) (User: ZARZĄDZANIE NT) Description: Zgodnie z ustawieniami uprawnienia właściwe dla aplikacji nie jest udzielane uprawnienie Lokalny Aktywacja do aplikacji serwera COM z identyfikatorem klasy CLSID {D63B10C5-BB46-4990-A94F-E40B9D520160} i identyfikatorem aplikacji APPID {9CA88EE3-ACB7-47C8-AFC4-AB702511C276} użytkownikowi ZARZĄDZANIE NT\USŁUGA LOKALNA o identyfikatorze zabezpieczeń SID (S-1-5-19) z adresu LocalHost (użycie LRPC) działającemu w kontenerze aplikacji o identyfikatorze SID Niedostępny (Niedostępny). To uprawnienie zabezpieczeń można modyfikować przy użyciu narzędzia administracyjnego Usługi składowe. Error: (02/24/2019 10:21:09 AM) (Source: DCOM) (EventID: 10016) (User: ZARZĄDZANIE NT) Description: Zgodnie z ustawieniami uprawnienia właściwe dla aplikacji nie jest udzielane uprawnienie Lokalny Aktywacja do aplikacji serwera COM z identyfikatorem klasy CLSID {D63B10C5-BB46-4990-A94F-E40B9D520160} i identyfikatorem aplikacji APPID {9CA88EE3-ACB7-47C8-AFC4-AB702511C276} użytkownikowi ZARZĄDZANIE NT\USŁUGA LOKALNA o identyfikatorze zabezpieczeń SID (S-1-5-19) z adresu LocalHost (użycie LRPC) działającemu w kontenerze aplikacji o identyfikatorze SID Niedostępny (Niedostępny). To uprawnienie zabezpieczeń można modyfikować przy użyciu narzędzia administracyjnego Usługi składowe. Error: (02/24/2019 10:19:14 AM) (Source: DCOM) (EventID: 10016) (User: ZARZĄDZANIE NT) Description: Zgodnie z ustawieniami uprawnienia właściwe dla aplikacji nie jest udzielane uprawnienie Lokalny Aktywacja do aplikacji serwera COM z identyfikatorem klasy CLSID {D63B10C5-BB46-4990-A94F-E40B9D520160} i identyfikatorem aplikacji APPID {9CA88EE3-ACB7-47C8-AFC4-AB702511C276} użytkownikowi ZARZĄDZANIE NT\USŁUGA LOKALNA o identyfikatorze zabezpieczeń SID (S-1-5-19) z adresu LocalHost (użycie LRPC) działającemu w kontenerze aplikacji o identyfikatorze SID Niedostępny (Niedostępny). To uprawnienie zabezpieczeń można modyfikować przy użyciu narzędzia administracyjnego Usługi składowe. Error: (02/24/2019 10:18:46 AM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-0U77DTJ) Description: Zgodnie z ustawieniami uprawnienia właściwe dla aplikacji nie jest udzielane uprawnienie Lokalny Aktywacja do aplikacji serwera COM z identyfikatorem klasy CLSID {D63B10C5-BB46-4990-A94F-E40B9D520160} i identyfikatorem aplikacji APPID {9CA88EE3-ACB7-47C8-AFC4-AB702511C276} użytkownikowi DESKTOP-0U77DTJ\Dawid o identyfikatorze zabezpieczeń SID (S-1-5-21-55963522-1064848890-21313104-1001) z adresu LocalHost (użycie LRPC) działającemu w kontenerze aplikacji o identyfikatorze SID Niedostępny (Niedostępny). To uprawnienie zabezpieczeń można modyfikować przy użyciu narzędzia administracyjnego Usługi składowe. Error: (02/24/2019 10:18:10 AM) (Source: DCOM) (EventID: 10016) (User: ZARZĄDZANIE NT) Description: Zgodnie z ustawieniami uprawnienia właściwe dla aplikacji nie jest udzielane uprawnienie Lokalny Aktywacja do aplikacji serwera COM z identyfikatorem klasy CLSID {D63B10C5-BB46-4990-A94F-E40B9D520160} i identyfikatorem aplikacji APPID {9CA88EE3-ACB7-47C8-AFC4-AB702511C276} użytkownikowi ZARZĄDZANIE NT\USŁUGA LOKALNA o identyfikatorze zabezpieczeń SID (S-1-5-19) z adresu LocalHost (użycie LRPC) działającemu w kontenerze aplikacji o identyfikatorze SID Niedostępny (Niedostępny). To uprawnienie zabezpieczeń można modyfikować przy użyciu narzędzia administracyjnego Usługi składowe. Windows Defender: =================================== Date: 2019-02-21 22:05:20.166 Description: Skanowanie produktu Program antywirusowy Windows Defender zostało zatrzymane przed ukończeniem. Identyfikator skanowania: {6CF7EE7C-9620-48A6-9F20-3C38FE338485} Typ skanowania: Narzędzia chroniące przed złośliwym oprogramowaniem Parametry skanowania: Szybkie skanowanie Użytkownik: DESKTOP-0U77DTJ\Dawid CodeIntegrity: =================================== Date: 2019-02-10 09:07:47.787 Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\browser_broker.exe) attempted to load \Device\HarddiskVolume3\Windows\System32\AcSignIcon.dll that did not meet the Microsoft signing level requirements. Date: 2019-02-10 09:07:47.778 Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\browser_broker.exe) attempted to load \Device\HarddiskVolume3\Program Files\AVAST Software\Avast\ashShell.dll that did not meet the Microsoft signing level requirements. Date: 2019-02-10 09:07:47.732 Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\browser_broker.exe) attempted to load \Device\HarddiskVolume3\Program Files (x86)\Common Files\AWS\2.2.6.547\AsusWSShellExt64.dll that did not meet the Microsoft signing level requirements. Date: 2019-02-10 09:07:47.721 Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\browser_broker.exe) attempted to load \Device\HarddiskVolume3\Program Files (x86)\Common Files\AWS\2.2.6.547\AsusWSShellExt64.dll that did not meet the Microsoft signing level requirements. Date: 2019-02-10 09:07:47.714 Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\browser_broker.exe) attempted to load \Device\HarddiskVolume3\Program Files (x86)\Common Files\AWS\2.2.6.547\AsusWSShellExt64.dll that did not meet the Microsoft signing level requirements. Date: 2019-02-06 07:40:41.275 Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\browser_broker.exe) attempted to load \Device\HarddiskVolume3\Windows\System32\AcSignIcon.dll that did not meet the Microsoft signing level requirements. Date: 2019-02-06 07:40:41.271 Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\browser_broker.exe) attempted to load \Device\HarddiskVolume3\Program Files\AVAST Software\Avast\ashShell.dll that did not meet the Microsoft signing level requirements. Date: 2019-02-06 07:40:41.243 Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\browser_broker.exe) attempted to load \Device\HarddiskVolume3\Program Files (x86)\Common Files\AWS\2.2.6.547\AsusWSShellExt64.dll that did not meet the Microsoft signing level requirements. ==================== Statystyki pamięci =========================== Procesor: Intel(R) Core(TM) i7-6700HQ CPU @ 2.60GHz Procent pamięci w użyciu: 35% Całkowita pamięć fizyczna: 12186.52 MB Dostępna pamięć fizyczna: 7917.84 MB Całkowita pamięć wirtualna: 14042.52 MB Dostępna pamięć wirtualna: 9220.69 MB ==================== Dyski ================================ Drive c: (OS) (Fixed) (Total:222.45 GB) (Free:85.23 GB) NTFS \\?\Volume{f381afa8-2cb7-44ac-a943-0708f5b3bf02}\ () (Fixed) (Total:0.85 GB) (Free:0.46 GB) NTFS \\?\Volume{26502f4d-1158-4dbc-8882-c614490403a4}\ (SYSTEM) (Fixed) (Total:0.25 GB) (Free:0.22 GB) FAT32 ==================== MBR & Tablica partycji ================== ======================================================== Disk: 0 (Protective MBR) (Size: 223.6 GB) (Disk ID: 00000000) Partition: GPT. ==================== Koniec Addition.txt ============================