Rezultaty skanu uzupełniającego Farbar Recovery Scan Tool (x64) Wersja: 26-03-2021
Uruchomiony przez Mariusz (26-03-2021 21:20:08)
Uruchomiony z C:\Users\Mariusz\Downloads
Windows 10 Home Wersja 20H2 19042.868 (X64) (2021-03-13 20:30:52)
Tryb startu: Normal
==========================================================


==================== Konta użytkowników: =============================

Administrator (S-1-5-21-2384729773-2530975304-3792660739-500 - Administrator - Disabled)
Gość (S-1-5-21-2384729773-2530975304-3792660739-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-2384729773-2530975304-3792660739-1006 - Limited - Enabled)
Konto domyślne (S-1-5-21-2384729773-2530975304-3792660739-503 - Limited - Disabled)
Mariusz (S-1-5-21-2384729773-2530975304-3792660739-1002 - Administrator - Enabled) => C:\Users\Mariusz
UpdatusUser (S-1-5-21-2384729773-2530975304-3792660739-1001 - Limited - Enabled) => C:\Users\UpdatusUser
WDAGUtilityAccount (S-1-5-21-2384729773-2530975304-3792660739-504 - Limited - Disabled)

==================== Centrum zabezpieczeń ========================

(Załączenie wejścia w fixlist spowoduje jego usunięcie.)

AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: COMODO Firewall (Disabled) {3D87FB90-B561-70B4-3B0B-BCEFE7656ABC}

==================== Zainstalowane programy ======================

(W fixlist dozwolone tylko załączanie programów adware z flagą "Hidden" w celu ich uwidocznienia. Programy adware powinny zostać w poprawny sposób odinstalowane.)

64 Bit HP CIO Components Installer (HKLM\...\{FF21C3E6-97FD-474F-9518-8DCBE94C2854}) (Version: 7.2.8 - Hewlett-Packard) Hidden
Adobe Acrobat Reader DC - Polish (HKLM-x32\...\{AC76BA86-7AD7-1045-7B44-AC0F074E4100}) (Version: 21.001.20145 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.3 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.3.5.205 - Adobe, Inc.)
Ares (HKLM-x32\...\Ares) (Version: 2.5.7-Build#3083 - AresGalaxy)
Ashampoo WinOptimizer 17 (HKLM-x32\...\{4209F371-A288-7880-7A7F-D105477C7D11}_is1) (Version: 17.00.32 - Ashampoo GmbH & Co. KG)
ASUS Console (HKLM\...\{6D989E08-8143-4AB8-B0A8-5B836235CAA4}) (Version: 1.0.3 - ASUS)
ASUS Instant Key (HKLM-x32\...\{D97A1B80-131F-4692-9543-E652956D8B99}) (Version: 1.1.3 - ASUS)
ASUS Live Update (HKLM-x32\...\{FA540E67-095C-4A1B-97BA-4D547DEC9AF4}) (Version: 3.3.4 - ASUS)
ASUS Power4Gear Hybrid (HKLM\...\{9B6239BF-4E85-4590-8D72-51E30DB1A9AA}) (Version: 3.0.6 - ASUS)
ASUS Screen Saver (HKLM\...\{0FBEEDF8-30FA-4FA3-B31F-C9C7E7E8DFA2}) (Version: 1.0.1 - ASUS)
ASUS Smart Gesture (HKLM-x32\...\{4D3286A6-F6AB-498A-82A4-E4F040529F3D}) (Version: 4.0.20 - ASUS)
ASUS Tutor (HKLM-x32\...\{58172D66-2F69-4215-9AEC-ED8196023736}) (Version: 1.0.6 - ASUS)
ASUS USB Charger Plus (HKLM-x32\...\{A859E3E5-C62F-4BFA-AF1D-2B95E03166AF}) (Version: 3.1.7 - ASUS)
ASUS Video Magic (HKLM-x32\...\{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}) (Version: 6.0.5005 - CyberLink Corp.) Hidden
ASUS Video Magic (HKLM-x32\...\InstallShield_{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}) (Version: 6.0.5005 - CyberLink Corp.)
ASUSDVD (HKLM-x32\...\{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}) (Version: 10.0.4924.52 - CyberLink Corp.) Hidden
ASUSDVD (HKLM-x32\...\InstallShield_{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}) (Version: 10.0.4924.52 - CyberLink Corp.)
AsusVibe2.0 (HKLM-x32\...\Asus Vibe2.0) (Version: 2.0.12.310 - ASUSTEK)
ATK Package (HKLM-x32\...\{AB5C933E-5C7D-4D30-B314-9C83A49B94BE}) (Version: 1.0.0030 - ASUS)
Call of Duty(R) 2 (HKLM-x32\...\InstallShield_{D0A05794-48C2-4424-A15A-9F20FCFDD374}) (Version: 1.00.0000 - Activision)
CCleaner (HKLM\...\CCleaner) (Version: 5.58.7209 - Piriform Ltd.)
Core Temp 1.15.1 (HKLM\...\{086D343F-8E78-4AFC-81AC-D6D414AFD8AC}_is1) (Version: 1.15.1 - ALCPU)
Dream Aquarium (HKLM-x32\...\Dream Aquarium_is1) (Version: 1.0700 - )
Google Earth Pro (HKLM\...\{FB8010D4-05F4-420D-8DFC-2F911A6DD100}) (Version: 7.3.3.7786 - Google)
Google Toolbar for Internet Explorer (HKLM-x32\...\{18455581-E099-4BA8-BC6B-F34B2F06600C}) (Version: 1.0.0 - Google Inc.) Hidden
Google Toolbar for Internet Explorer (HKLM-x32\...\{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version: 7.5.8231.2252 - Google Inc.)
Google Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.25.11 - Google Inc.) Hidden
HP Customer Participation Program 14.0 (HKLM\...\HPExtendedCapabilities) (Version: 14.0 - HP)
HP Imaging Device Functions 14.0 (HKLM\...\HP Imaging Device Functions) (Version: 14.0 - HP)
HP Photosmart All-In-One Driver Software (HKLM\...\{4F6C1178-3FC0-44BB-8F9A-28D8516DFEE2}) (Version: 14.0 - HP)
HP Solution Center 14.0 (HKLM\...\HP Solution Center & Imaging Support Tools) (Version: 14.0 - HP)
HP Update (HKLM-x32\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard)
HPDiagnosticAlert (HKLM-x32\...\{B6465A32-8BE9-4B38-ADC5-4B4BDDC10B0D}) (Version: 1.00.0001 - Microsoft) Hidden
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.5.23.1766 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 20.19.15.4549 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 12.9.0.1001 - Intel Corporation)
IObit Apps Toolbar v9.7 (HKLM-x32\...\{E029C309-4421-410B-890A-30D2E8E82D0C}) (Version: 9.7 - Spigot, Inc.)
IObit Driver Booster 7.6.0.766 (HKLM-x32\...\IObit Driver Booster_is1) (Version: 7.6.0.766 - lrepacks.ru)
LibreOffice 6.4.2.2 (HKLM\...\{366B3DEE-791D-4044-AC14-4FE2265754BA}) (Version: 6.4.2.2 - The Document Foundation)
Malwarebytes version 4.3.0.98 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 4.3.0.98 - Malwarebytes)
MergeModule_x64 (HKLM\...\{12DCC5A7-0100-4433-B4FF-217A3C5DC83B}) (Version: 9.3.00 - Sony Corporation) Hidden
MergeModule_x86 (HKLM-x32\...\{42251A8D-C4AE-4D3B-8A50-948CB98A0969}) (Version: 10.5.00 - Sony Corporation) Hidden
Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 89.0.774.57 - Microsoft Corporation)
Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{832D9DE0-8AFC-4689-9819-4DBBDEBD3E4F}) (Version: 3.5.92.0 - Microsoft Corporation)
Microsoft Games for Windows Marketplace (HKLM-x32\...\{67F42018-F647-4D3C-BE62-F8CB4FE2FCD5}) (Version: 3.5.67.0 - Microsoft Corporation)
Microsoft Office Professional Plus 2016 - en-us (HKLM\...\ProPlusRetail - en-us) (Version: 16.0.13801.20360 - Microsoft Corporation)
Microsoft Office Professional Plus 2016 - pl-pl (HKLM\...\ProPlusRetail - pl-pl) (Version: 16.0.13801.20360 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50918.0 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{99FAF70F-9B61-4AB0-9EC0-B31F98FFDC4A}) (Version: 2.75.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40660 (HKLM-x32\...\{ef6b00ec-13e1-4c25-9064-b2f383cb8412}) (Version: 12.0.40660.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.40660 (HKLM-x32\...\{61087a79-ac85-455c-934d-1fa22cc64f36}) (Version: 12.0.40660.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x64) - 14.21.27702 (HKLM-x32\...\{f4220b74-9edd-4ded-bc8b-0342c1e164d8}) (Version: 14.21.27702.2 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x86) - 14.21.27702 (HKLM-x32\...\{49697869-be8e-427d-81a0-c334d1d14950}) (Version: 14.21.27702.2 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 4.0 Refresh (HKLM-x32\...\{D69C8EDE-BBC5-436B-8E0E-C5A6D311CF4F}) (Version: 4.0.30901.0 - Microsoft Corporation)
Mobile Broadband HL Service (HKLM-x32\...\Mobile Broadband HL Service) (Version: 22.001.29.01.264 - Huawei Technologies Co.,Ltd)
MotoGP(TM)13 (HKLM-x32\...\{4B784CE7-7CDB-4AF1-B636-2DC3EA51EA87}) (Version: 1.00.0000 - Milestone)
Mozilla Firefox 87.0 (x64 pl) (HKLM\...\Mozilla Firefox 87.0 (x64 pl)) (Version: 87.0 - Mozilla)
Mozilla Thunderbird 78.8.1 (x86 pl) (HKLM-x32\...\Mozilla Thunderbird 78.8.1 (x86 pl)) (Version: 78.8.1 - Mozilla)
MSVC80_x64_v2 (HKLM\...\{4D668D4F-FAA2-4726-834C-31F4614F312E}) (Version: 1.0.3.0 - Nokia) Hidden
MSVC80_x86_v2 (HKLM-x32\...\{6D3245B1-8DB8-4A23-9CD2-2C90F40ABAF6}) (Version: 1.0.3.0 - Nokia) Hidden
MSVC90_x64 (HKLM\...\{AB071C8B-873C-459F-ACA9-9EBE03C3E89B}) (Version: 1.0.1.2 - Nokia) Hidden
MSVC90_x86 (HKLM-x32\...\{AF111648-99A1-453E-81DD-80DBBF6DAD0D}) (Version: 1.0.1.2 - Nokia) Hidden
nGlide 1.04 (HKLM-x32\...\nGlide) (Version: 1.04 - Zeus Software)
Nokia Connectivity Cable Driver (HKLM-x32\...\{29373274-977E-413C-A4DE-DC0F8E80C429}) (Version: 7.1.172.0 - Nokia)
NVIDIA Oprogramowanie systemu PhysX 9.19.0218 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.19.0218 - NVIDIA Corporation)
NVIDIA Sterownik dźwięku HD 1.3.32.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.32.1 - NVIDIA Corporation)
OCR Software by I.R.I.S. 14.0 (HKLM\...\HPOCR) (Version: 14.0 - HP)
Office 16 Click-to-Run Extensibility Component (HKLM\...\{90160000-008C-0000-1000-0000000FF1CE}) (Version: 16.0.13801.20274 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-007E-0000-1000-0000000FF1CE}) (Version: 16.0.13801.20294 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM\...\{90160000-008C-0409-1000-0000000FF1CE}) (Version: 16.0.13801.20274 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM\...\{90160000-008C-0415-1000-0000000FF1CE}) (Version: 16.0.13801.20274 - Microsoft Corporation) Hidden
OpenAL (HKLM-x32\...\OpenAL) (Version:  - )
Oprogramowanie mikroukładu Intel® (HKLM-x32\...\{98f335cd-0a32-4b3f-b74c-ef9480e834f0}) (Version: 10.0.27 - Intel(R) Corporation) Hidden
PLAY Web partner (HKLM-x32\...\PLAY Web partner) (Version: 1.12.00.264 - Huawei Technologies Co.,Ltd)
PMB_ModeEditor (HKLM-x32\...\{E95982CA-945F-41F2-B156-A603897AB242}) (Version: 10.3.00 - Sony Corporation) Hidden
PMB_ServiceUploader (HKLM-x32\...\{7D3A0097-9E0E-4073-801C-295BBDAEAED8}) (Version: 10.5.01 - Sony Corporation) Hidden
Polski pakiet językowy dla narzędzi Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - PLK) (Version: 10.0.50903 - Microsoft Corporation)
Qualcomm Atheros Bluetooth Suite (64) (HKLM\...\{A84A4FB1-D703-48DB-89E0-68B6499D2801}) (Version: 8.0.1.305 - Qualcomm Atheros Communications)
Qualcomm Atheros Client Installation Program (HKLM-x32\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 10.0 - Qualcomm Atheros)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 10.0.14393.31228 - Realtek Semiconductor Corp.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.35.716.2014 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.8899.1 - Realtek Semiconductor Corp.)
Shared C Run-time for x64 (HKLM\...\{EF79C448-6946-4D71-8134-03407888C054}) (Version: 10.0.0 - McAfee)
Shop for HP Supplies (HKLM\...\Shop for HP Supplies) (Version: 14.0 - HP)
Skype (wersja 8.67) (HKLM-x32\...\Skype_is1) (Version: 8.67 - Skype Technologies S.A.)
Skype Meetings App (HKLM-x32\...\{BC1D9E47-8927-4AA1-A891-7763BC2475B7}) (Version: 16.2.0.511 - Microsoft Corporation)
swMSM (HKLM-x32\...\{612C34C7-5E90-47D8-9B5C-0F717DD82726}) (Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{F14FB68A-9188-4036-AD0D-D054BC9C9291}) (Version: 2.59.0.0 - Microsoft Corporation)
VLC media player (HKLM\...\VLC media player) (Version: 3.0.12 - VideoLAN)
Vulkan Run Time Libraries 1.0.61.0 (HKLM\...\VulkanRT1.0.61.0) (Version: 1.0.61.0 - LunarG, Inc.) Hidden
WebStorage (HKLM-x32\...\WebStorage) (Version: 2.2.17.591 - ASUS Cloud Corporation)
Windows 7 Games for Windows 10 and 8 (HKLM\...\Win7Games) (Version: 2.0 - hxxp://winaero.com)
Windows Movie Maker 2.6 (HKLM-x32\...\{B3DAF54F-DB25-4586-9EF1-96D24BB14088}) (Version: 2.6.4037.0 - Microsoft Corporation)
WinFlash (HKLM-x32\...\{8F21291E-0444-4B1D-B9F9-4370A73E346D}) (Version: 2.42.0 - ASUS)
WinRAR 5.71 (64-bitowy) (HKLM\...\WinRAR archiver) (Version: 5.71.0 - win.rar GmbH)

Packages:
=========
Adera -> C:\Program Files\WindowsApps\Microsoft.Adera_2.5.2.34894_x86__8wekyb3d8bbwe [2014-02-18] (Microsoft Studios)
ASUS Calculator -> C:\Program Files\WindowsApps\B9ECED6F.ASUSCalculator_1.0.0.25_neutral__qmba6cd70vzyy [2014-02-18] (ASUSTek COMPUTER INC.)
Asus Converter -> C:\Program Files\WindowsApps\B9ECED6F.AsusConverter_1.0.0.27_neutral__qmba6cd70vzyy [2014-02-18] (ASUSTeK COMPUTER INC.)
ASUS Welcome -> C:\Program Files\WindowsApps\B9ECED6F.ASUSWelcome_1.0.1.0_x64__qmba6cd70vzyy [2015-08-09] (ASUSTeK COMPUTER INC.)
Autodesk SketchBook -> C:\Program Files\WindowsApps\89006A2E.AutodeskSketchBook_5.1.0.0_x64__tf1gferkr813w [2019-11-08] (Autodesk Inc.)
Dodatek Zdjęcia -> C:\Program Files\WindowsApps\Microsoft.Windows.Photos.DLC.Main_2021.39122.10110.0_x64__8wekyb3d8bbwe [2021-03-15] (Microsoft Corporation)
Fresh Paint -> C:\Program Files\WindowsApps\Microsoft.FreshPaint_3.1.10383.1000_x86__8wekyb3d8bbwe [2019-06-07] (Microsoft Corporation)
Messenger -> C:\Program Files\WindowsApps\FACEBOOK.317180B0BB486_950.7.118.0_x64__8xx8rvfyw5nnt [2021-03-19] (Facebook Inc) [Startup Task]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-01-20] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-01-20] (Microsoft Corporation) [MS Ad]
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.9.1252.0_x64__8wekyb3d8bbwe [2021-03-13] (Microsoft Studios) [MS Ad]
Microsoft Ultimate Word Games -> C:\Program Files\WindowsApps\Microsoft.Studios.Wordament_3.8.904.0_x64__8wekyb3d8bbwe [2021-03-21] (Microsoft Studios) [MS Ad]
MSN Kuchnia -> C:\Program Files\WindowsApps\Microsoft.BingFoodAndDrink_3.0.4.336_x64__8wekyb3d8bbwe [2015-07-14] (Microsoft Corporation) [MS Ad]
MSN Podróże -> C:\Program Files\WindowsApps\Microsoft.BingTravel_3.0.4.336_x64__8wekyb3d8bbwe [2015-07-14] (Microsoft Corporation) [MS Ad]
MSN Sport -> C:\Program Files\WindowsApps\Microsoft.BingSports_4.36.20714.0_x64__8wekyb3d8bbwe [2020-03-25] (Microsoft Corporation) [MS Ad]
MSN Zdrowie i fitness -> C:\Program Files\WindowsApps\Microsoft.BingHealthAndFitness_3.0.4.336_x64__8wekyb3d8bbwe [2015-07-14] (Microsoft Corporation) [MS Ad]
Spotify Music -> C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.154.592.0_x86__zpdnekdrzrea0 [2021-03-09] (Spotify AB) [Startup Task]
Taptiles -> C:\Program Files\WindowsApps\Microsoft.Taptiles_2.6.288.0_x86__8wekyb3d8bbwe [2018-10-26] (Microsoft Studios) [MS Ad]
The World Clock -> C:\Program Files\WindowsApps\B9ECED6F.TheWorldClock_1.0.0.6_neutral__qmba6cd70vzyy [2014-02-18] (ASUSTeK COMPUTER INC.)
Twitter -> C:\Program Files\WindowsApps\9E2F88E3.Twitter_6.1.4.1000_neutral__wgeqdkkx372wm [2018-09-08] (Twitter Inc.)

==================== Niestandardowe rejestracje CLSID (filtrowane): ==============

(Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.)

CustomCLSID: HKU\S-1-5-21-2384729773-2530975304-3792660739-1002_Classes\CLSID\{3E3AD4BD-346A-460A-80E8-90699B75C00B}\InprocServer32 -> C:\Users\Mariusz\AppData\Local\Microsoft\SkypeForBusinessPlugin\16.2.0.511\GatewayActiveX-x64.dll (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [      OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} =>  -> Brak pliku
ShellIconOverlayIdentifiers: [      OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} =>  -> Brak pliku
ShellIconOverlayIdentifiers: [      OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} =>  -> Brak pliku
ShellIconOverlayIdentifiers: [      OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} =>  -> Brak pliku
ShellIconOverlayIdentifiers: [      OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} =>  -> Brak pliku
ShellIconOverlayIdentifiers: [      OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} =>  -> Brak pliku
ShellIconOverlayIdentifiers: [     !AsusWSShellExt_B] -> {6D4133E5-0742-4ADC-8A8C-9303440F7191} => C:\Program Files (x86)\Common Files\AWS\2.2.17.591\ASUSWSShellExt64.dll [2017-04-21] (ASUS Cloud Corporation.) [Brak podpisu cyfrowego]
ShellIconOverlayIdentifiers: [     !AsusWSShellExt_O] -> {64174815-8D98-4CE6-8646-4C039977D809} => C:\Program Files (x86)\Common Files\AWS\2.2.17.591\ASUSWSShellExt64.dll [2017-04-21] (ASUS Cloud Corporation.) [Brak podpisu cyfrowego]
ShellIconOverlayIdentifiers: [     !AsusWSShellExt_U] -> {1C5AB7B1-0B38-4EC4-9093-7FD277E2AF4E} => C:\Program Files (x86)\Common Files\AWS\2.2.17.591\ASUSWSShellExt64.dll [2017-04-21] (ASUS Cloud Corporation.) [Brak podpisu cyfrowego]
ShellIconOverlayIdentifiers: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} =>  -> Brak pliku
ShellIconOverlayIdentifiers: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} =>  -> Brak pliku
ShellIconOverlayIdentifiers: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} =>  -> Brak pliku
ShellIconOverlayIdentifiers: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} =>  -> Brak pliku
ShellIconOverlayIdentifiers: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} =>  -> Brak pliku
ShellIconOverlayIdentifiers: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} =>  -> Brak pliku
ShellIconOverlayIdentifiers: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} =>  -> Brak pliku
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} =>  -> Brak pliku
ShellIconOverlayIdentifiers: [00avg] -> {472083B0-C522-11CF-8763-00608CC02F24} =>  -> Brak pliku
ShellIconOverlayIdentifiers-x32: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} =>  -> Brak pliku
ShellIconOverlayIdentifiers-x32: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} =>  -> Brak pliku
ShellIconOverlayIdentifiers-x32: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} =>  -> Brak pliku
ShellIconOverlayIdentifiers-x32: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} =>  -> Brak pliku
ShellIconOverlayIdentifiers-x32: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} =>  -> Brak pliku
ShellIconOverlayIdentifiers-x32: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} =>  -> Brak pliku
ShellIconOverlayIdentifiers-x32: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} =>  -> Brak pliku
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2019-05-07] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2019-05-07] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers3: [BackupContextMenuExtension] -> {b1b96b20-da1d-4a3c-92c1-7229b32f2326} => C:\Program Files (x86)\Common Files\AWS\2.2.17.591\ASUSWSContextMenu.dll [2017-07-26] (ASUS Cloud Corporation -> ASUS Cloud Corporation)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2021-03-21] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} =>  -> Brak pliku
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\system32\igfxDTCM.dll [2016-11-30] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\system32\nvshext.dll [2019-04-09] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2021-03-21] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2019-05-07] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2019-05-07] (win.rar GmbH -> Alexander Roshal)

==================== Codecs (filtrowane) ====================

==================== Skróty & WMI ========================

==================== Załadowane moduły (filtrowane) =============

2021-03-18 20:04 - 2021-03-18 20:05 - 055265280 _____ () [Brak podpisu cyfrowego] \\?\C:\Program Files\WindowsApps\FACEBOOK.317180B0BB486_950.7.118.0_x64__8xx8rvfyw5nnt\app\resources\app.asar.unpacked\build\addon.node
2021-03-18 20:04 - 2021-03-18 20:05 - 000762880 _____ () [Brak podpisu cyfrowego] \\?\C:\Program Files\WindowsApps\FACEBOOK.317180B0BB486_950.7.118.0_x64__8xx8rvfyw5nnt\app\resources\app.asar.unpacked\build\keytar.node
2021-03-18 20:04 - 2021-03-18 20:05 - 000750080 _____ () [Brak podpisu cyfrowego] \\?\C:\Program Files\WindowsApps\FACEBOOK.317180B0BB486_950.7.118.0_x64__8xx8rvfyw5nnt\app\resources\app.asar.unpacked\build\logging.node
2021-02-03 16:30 - 2021-02-03 16:35 - 001037824 _____ () [Brak podpisu cyfrowego] \\?\C:\Program Files\WindowsApps\FACEBOOK.317180B0BB486_950.7.118.0_x64__8xx8rvfyw5nnt\app\resources\app.asar.unpacked\build\spellchecker_win.node
2021-03-18 20:04 - 2021-03-18 20:05 - 001218560 _____ () [Brak podpisu cyfrowego] \\?\C:\Program Files\WindowsApps\FACEBOOK.317180B0BB486_950.7.118.0_x64__8xx8rvfyw5nnt\app\resources\app.asar.unpacked\build\systeminfo.node
2021-02-03 16:30 - 2021-02-03 16:35 - 000614912 _____ () [Brak podpisu cyfrowego] \\?\C:\Program Files\WindowsApps\FACEBOOK.317180B0BB486_950.7.118.0_x64__8xx8rvfyw5nnt\app\resources\app.asar.unpacked\build\windows.applicationmodel.node
2021-02-03 16:30 - 2021-02-03 16:35 - 000202240 _____ () [Brak podpisu cyfrowego] \\?\C:\Program Files\WindowsApps\FACEBOOK.317180B0BB486_950.7.118.0_x64__8xx8rvfyw5nnt\app\resources\app.asar.unpacked\build\windows.networking.pushnotifications.node
2021-02-03 16:30 - 2021-02-03 16:35 - 001144832 _____ () [Brak podpisu cyfrowego] \\?\C:\Program Files\WindowsApps\FACEBOOK.317180B0BB486_950.7.118.0_x64__8xx8rvfyw5nnt\app\resources\app.asar.unpacked\build\windows.storage.node
2021-02-03 16:30 - 2021-02-03 16:35 - 000681984 _____ () [Brak podpisu cyfrowego] \\?\C:\Program Files\WindowsApps\FACEBOOK.317180B0BB486_950.7.118.0_x64__8xx8rvfyw5nnt\app\resources\app.asar.unpacked\build\windows.ui.notifications.node
2017-04-21 04:06 - 2017-04-21 04:06 - 001504768 _____ (ASUS Cloud Corporation.) [Brak podpisu cyfrowego] C:\Program Files (x86)\Common Files\AWS\2.2.17.591\ASUSWSShellExt64.dll
2011-08-18 00:29 - 2011-08-18 00:29 - 001039360 _____ (Hewlett-Packard Co.) [Brak podpisu cyfrowego] c:\program files (x86)\hp\digital imaging\bin\hpslpsvc64.dll
2010-08-06 10:15 - 2010-08-06 10:15 - 000071680 _____ (Hewlett-Packard) [Brak podpisu cyfrowego] c:\windows\system32\hpzinw12.dll
2010-08-06 10:15 - 2010-08-06 10:15 - 000089600 _____ (Hewlett-Packard) [Brak podpisu cyfrowego] c:\windows\system32\hpzipm12.dll
2013-11-21 08:31 - 2013-11-21 08:31 - 000286720 _____ (Intel Corporation) [Brak podpisu cyfrowego] [Plik w użyciu] C:\Program Files\Intel\Intel(R) Rapid Storage Technology\PsiData.dll
2013-11-21 08:31 - 2013-11-21 08:31 - 000499200 _____ (Intel Corporation) [Brak podpisu cyfrowego] C:\Program Files\Intel\Intel(R) Rapid Storage Technology\ISDI2.dll

==================== Alternate Data Streams (filtrowane) ========

==================== Tryb awaryjny (filtrowane) ==================

(Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Wartość "AlternateShell" zostanie przywrócona.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

==================== Powiązania plików (filtrowane) =================

==================== Internet Explorer (filtrowane) ==========

HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-2384729773-2530975304-3792660739-1002\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.onet.pl/
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-21-2384729773-2530975304-3792660739-1002 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxps://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IESR02&pc=UE00
SearchScopes: HKU\S-1-5-21-2384729773-2530975304-3792660739-1002 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxps://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IESR02&pc=UE00
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\Office16\OCHelper.dll [2021-03-08] (Microsoft Corporation -> Microsoft Corporation)
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2016-04-27] (Google Inc -> Google Inc.)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2021-03-08] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2016-04-27] (Google Inc -> Google Inc.)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2016-04-27] (Google Inc -> Google Inc.)
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2016-04-27] (Google Inc -> Google Inc.)
Toolbar: HKU\S-1-5-21-2384729773-2530975304-3792660739-1002 -> Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2016-04-27] (Google Inc -> Google Inc.)
DPF: HKLM-x32 {166B1BCA-3F9C-11CF-8075-444553540000} hxxps://fpdownload.macromedia.com/pub/shockwave/cabs/director/sw.cab
DPF: HKLM-x32 {5AE58FCF-6F6A-49B2-B064-02492C66E3F4} hxxp://catalog.update.microsoft.com/v7/site/ClientControl/en/x86/MuCatalogWebControl.cab?1492195922862
Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2021-03-08] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2021-03-08] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2021-03-08] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2021-03-08] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2021-03-08] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2021-03-08] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2021-03-08] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2021-03-08] (Microsoft Corporation -> Microsoft Corporation)

(Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru.)

IE trusted site: HKU\S-1-5-21-2384729773-2530975304-3792660739-1002\...\localhost -> localhost
IE trusted site: HKU\S-1-5-21-2384729773-2530975304-3792660739-1002\...\webcompanion.com -> hxxp://webcompanion.com

==================== Hosts - zawartość: =========================

(Użycie dyrektywy Hosts: w fixlist spowoduje reset pliku Hosts.)

2018-06-13 21:37 - 2021-03-23 20:31 - 000000751 _____ C:\WINDOWS\system32\drivers\etc\hosts
127.0.0.1 cpm.paneladmin.pro
127.0.0.1 publisher.hmdiadmingate.xyz
127.0.0.1 hmdicrewtracksystem.xyz
127.0.0.1 mydownloaddomain.com
127.0.0.1 linkmate.space
127.0.0.1 space1.adminpressure.space
127.0.0.1 trackpressure.website
127.0.0.1 doctorlink.space
127.0.0.1 plugpackdownload.net
127.0.0.1 texttotalk.org
127.0.0.1 gambling577.xyz
127.0.0.1 htagdownload.space
127.0.0.1 mybcnmonetize.com
127.0.0.1 360devtraking.website
127.0.0.1 dscdn.pw
127.0.0.1 bcnmonetize.go2affise.com
127.0.0.1 beautifllink.xyz
0.0.0.0                   telemetry.malwarebytes.com
0.0.0.0 analytics.ff.avast.com
0.0.0.0 ipm-provider.ff.avast.com
0.0.0.0 license.piriform.com
0.0.0.0 www.ccleaner.com
0.0.0.0 shepherd.ff.avast.com

2015-03-16 10:01 - 2018-06-12 21:20 - 000000375 _____ C:\WINDOWS\system32\drivers\etc\hosts.ics

==================== Inne obszary ===========================

(Obecnie brak automatycznej naprawy dla tej sekcji.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\ProgramData\Oracle\Java\javapath;C:\Program Files (x86)\Intel\iCLS Client\;C:\Program Files\Intel\iCLS Client\;C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem;C:\WINDOWS\System32\WindowsPowerShell\v1.0\;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;%SYSTEMROOT%\System32\OpenSSH\
HKU\S-1-5-21-2384729773-2530975304-3792660739-1001\Control Panel\Desktop\\Wallpaper -> 
HKU\S-1-5-21-2384729773-2530975304-3792660739-1002\Control Panel\Desktop\\Wallpaper -> C:\Users\Mariusz\AppData\Local\Packages\Microsoft.Windows.Photos_8wekyb3d8bbwe\LocalState\PhotosAppBackground\received_214899753511055.jpeg
DNS Servers: 192.168.8.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 0) (EnableLUA: 0)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: Off)
HKLM\software\microsoft\Windows\CurrentVersion\Telephony\Providers => ProviderFileName2 -> ndptsp.tsp (Brak pliku)
MpsSvc => Usługa "Zapora systemu Windows" nie jest uruchomiona.
bfe => Usługa "Zapora systemu Windows" nie jest uruchomiona.

==================== MSCONFIG/TASK MANAGER - Wyłączone elementy ==

(Załączenie wejścia w fixlist spowoduje jego usunięcie.)

HKLM\...\StartupApproved\Run32: => "Adobe Reader Speed Launcher"
HKLM\...\StartupApproved\Run32: => "Adobe ARM"
HKLM\...\StartupApproved\Run32: => "mcui_exe"
HKLM\...\StartupApproved\Run32: => "RemoteControl10"
HKLM\...\StartupApproved\Run32: => "UpdatePSTShortCut"
HKLM\...\StartupApproved\Run32: => "HP Software Update"
HKLM\...\StartupApproved\Run32: => "WidgetPodatnikInfo"
HKU\S-1-5-21-2384729773-2530975304-3792660739-1002\...\StartupApproved\StartupFolder: => "Wysyłanie do programu OneNote.lnk"
HKU\S-1-5-21-2384729773-2530975304-3792660739-1002\...\StartupApproved\Run: => "DAEMON Tools Lite"
HKU\S-1-5-21-2384729773-2530975304-3792660739-1002\...\StartupApproved\Run: => "Mobile Partner"
HKU\S-1-5-21-2384729773-2530975304-3792660739-1002\...\StartupApproved\Run: => "Skype"
HKU\S-1-5-21-2384729773-2530975304-3792660739-1002\...\StartupApproved\Run: => "DAEMON Tools Lite Automount"
HKU\S-1-5-21-2384729773-2530975304-3792660739-1002\...\StartupApproved\Run: => "ares"
HKU\S-1-5-21-2384729773-2530975304-3792660739-1002\...\StartupApproved\Run: => "CCleaner Smart Cleaning"

==================== Reguły Zapory systemu Windows (filtrowane) ================

(Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.)

FirewallRules: [TCP Query User{230472A2-77F3-4BD9-A16B-0BC911D5C5E1}C:\program files (x86)\ares\ares.exe] => (Allow) C:\program files (x86)\ares\ares.exe (AresGalaxy) [Brak podpisu cyfrowego]
FirewallRules: [UDP Query User{7AB8FFB1-F46A-42B4-B5CF-E7F5A8EB856C}C:\program files (x86)\ares\ares.exe] => (Allow) C:\program files (x86)\ares\ares.exe (AresGalaxy) [Brak podpisu cyfrowego]

==================== Punkty Przywracania systemu =========================

25-03-2021 19:18:00 Zaplanowany punkt kontrolny
26-03-2021 21:02:13 Installing COMODO Firewall

==================== Wadliwe urządzenia w Menedżerze urządzeń ============


==================== Błędy w Dzienniku zdarzeń: ========================

Dziennik Aplikacja:
==================

Dziennik System:
=============
Error: (03/26/2021 09:13:26 PM) (Source: DCOM) (EventID: 10010) (User: ZARZĄDZANIE NT)
Description: Serwer {784E29F4-5EBE-4279-9948-1E8FE941646D} nie zarejestrował się w modelu DCOM w wymaganym czasie.

Error: (03/26/2021 09:12:21 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Nie można uruchomić usługi Intel(R) Dynamic Application Loader Host Interface Service z powodu następującego błędu: 
Usługa nie odpowiada na sygnał uruchomienia lub sygnał sterujący w oczekiwanym czasie.

Error: (03/26/2021 09:12:21 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Upłynął limit czasu (30000 ms) podczas oczekiwania na połączenie się z usługą Intel(R) Dynamic Application Loader Host Interface Service.

Error: (03/26/2021 09:10:20 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Nie można uruchomić usługi BFE z powodu następującego błędu: 
Usługa nie odpowiada na sygnał uruchomienia lub sygnał sterujący w oczekiwanym czasie.

Error: (03/26/2021 09:10:20 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Upłynął limit czasu (45000 ms) podczas oczekiwania na połączenie się z usługą BFE.

Error: (03/26/2021 09:10:20 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Usługa IKEEXT zależy od usługi BFE, której nie można uruchomić z powodu następującego błędu: 
Usługa nie odpowiada na sygnał uruchomienia lub sygnał sterujący w oczekiwanym czasie.

Error: (03/26/2021 09:10:20 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Nie można uruchomić usługi BFE z powodu następującego błędu: 
Usługa nie odpowiada na sygnał uruchomienia lub sygnał sterujący w oczekiwanym czasie.

Error: (03/26/2021 09:10:20 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Upłynął limit czasu (45000 ms) podczas oczekiwania na połączenie się z usługą BFE.


Windows Defender:
================
Date: 2021-03-21 14:08:13
Description: 
Produkt Program antywirusowy Microsoft Defender wykrył złośliwe oprogramowanie lub inne potencjalnie niechciane oprogramowanie.
Aby uzyskać więcej informacji, zobacz:
https://go.microsoft.com/fwlink/?linkid=37020&name=Trojan:Win32/Ymacco.AB2D&threatid=2147758023&enterprise=0
Nazwa: Trojan:Win32/Ymacco.AB2D
Identyfikator: 2147758023
Ważność: Poważny
Kategoria: Koń trojański
Ścieżka: file:_D:\Filmy\Malwarebytes Premium 4.1.2.73 + Activator\Malwarebytes Premium 4.1.2.73 + Activator\Activator\LicenseMalwareBytes.exe
Pochodzenie wykrycia: Komputer lokalny
Typ wykrycia: Konkretne
Źródło wykrycia: Ochrona w czasie rzeczywistym
Użytkownik: DOM\Mariusz
Nazwa procesu: C:\Windows\explorer.exe
Wersja analizy zabezpieczeń: AV: 1.333.946.0, AS: 1.333.946.0, NIS: 0.0.0.0
Wersja aparatu: AM: 1.1.17900.7, NIS: 0.0.0.0

Date: 2021-03-21 14:07:54
Description: 
Produkt Program antywirusowy Microsoft Defender wykrył złośliwe oprogramowanie lub inne potencjalnie niechciane oprogramowanie.
Aby uzyskać więcej informacji, zobacz:
https://go.microsoft.com/fwlink/?linkid=37020&name=Trojan:Win32/Ymacco.AB2D&threatid=2147758023&enterprise=0
Nazwa: Trojan:Win32/Ymacco.AB2D
Identyfikator: 2147758023
Ważność: Poważny
Kategoria: Koń trojański
Ścieżka: file:_D:\Filmy\Malwarebytes Premium 4.1.2.73 + Activator\Malwarebytes Premium 4.1.2.73 + Activator\Activator\LicenseMalwareBytes.exe
Pochodzenie wykrycia: Komputer lokalny
Typ wykrycia: Konkretne
Źródło wykrycia: Ochrona w czasie rzeczywistym
Użytkownik: DOM\Mariusz
Nazwa procesu: C:\Windows\explorer.exe
Wersja analizy zabezpieczeń: AV: 1.333.946.0, AS: 1.333.946.0, NIS: 0.0.0.0
Wersja aparatu: AM: 1.1.17900.7, NIS: 0.0.0.0

Date: 2021-03-21 14:07:48
Description: 
Produkt Program antywirusowy Microsoft Defender wykrył złośliwe oprogramowanie lub inne potencjalnie niechciane oprogramowanie.
Aby uzyskać więcej informacji, zobacz:
https://go.microsoft.com/fwlink/?linkid=37020&name=Trojan:Win32/Ymacco.AB2D&threatid=2147758023&enterprise=0
Nazwa: Trojan:Win32/Ymacco.AB2D
Identyfikator: 2147758023
Ważność: Poważny
Kategoria: Koń trojański
Ścieżka: file:_D:\Filmy\Malwarebytes Premium 4.1.2.73 + Activator\Malwarebytes Premium 4.1.2.73 + Activator\Activator\LicenseMalwareBytes.exe
Pochodzenie wykrycia: Komputer lokalny
Typ wykrycia: Konkretne
Źródło wykrycia: Ochrona w czasie rzeczywistym
Użytkownik: DOM\Mariusz
Nazwa procesu: C:\Windows\explorer.exe
Wersja analizy zabezpieczeń: AV: 1.333.946.0, AS: 1.333.946.0, NIS: 0.0.0.0
Wersja aparatu: AM: 1.1.17900.7, NIS: 0.0.0.0

Date: 2021-03-21 14:06:12
Description: 
Produkt Program antywirusowy Microsoft Defender wykrył złośliwe oprogramowanie lub inne potencjalnie niechciane oprogramowanie.
Aby uzyskać więcej informacji, zobacz:
https://go.microsoft.com/fwlink/?linkid=37020&name=Trojan:Win32/Ymacco.AB2D&threatid=2147758023&enterprise=0
Nazwa: Trojan:Win32/Ymacco.AB2D
Identyfikator: 2147758023
Ważność: Poważny
Kategoria: Koń trojański
Ścieżka: file:_D:\Filmy\Malwarebytes Premium 4.1.2.73 + Activator\Malwarebytes Premium 4.1.2.73 + Activator\Activator\LicenseMalwareBytes.exe
Pochodzenie wykrycia: Komputer lokalny
Typ wykrycia: Konkretne
Źródło wykrycia: Ochrona w czasie rzeczywistym
Użytkownik: DOM\Mariusz
Nazwa procesu: C:\Windows\explorer.exe
Wersja analizy zabezpieczeń: AV: 1.333.946.0, AS: 1.333.946.0, NIS: 0.0.0.0
Wersja aparatu: AM: 1.1.17900.7, NIS: 0.0.0.0

Date: 2021-03-21 14:06:12
Description: 
Produkt Program antywirusowy Microsoft Defender wykrył złośliwe oprogramowanie lub inne potencjalnie niechciane oprogramowanie.
Aby uzyskać więcej informacji, zobacz:
https://go.microsoft.com/fwlink/?linkid=37020&name=Trojan:Win32/Ymacco.AB2D&threatid=2147758023&enterprise=0
Nazwa: Trojan:Win32/Ymacco.AB2D
Identyfikator: 2147758023
Ważność: Poważny
Kategoria: Koń trojański
Ścieżka: file:_D:\Filmy\Malwarebytes Premium 4.1.2.73 + Activator\Malwarebytes Premium 4.1.2.73 + Activator\Activator\LicenseMalwareBytes.exe
Pochodzenie wykrycia: Komputer lokalny
Typ wykrycia: Konkretne
Źródło wykrycia: Ochrona w czasie rzeczywistym
Użytkownik: DOM\Mariusz
Nazwa procesu: C:\Windows\explorer.exe
Wersja analizy zabezpieczeń: AV: 1.333.946.0, AS: 1.333.946.0, NIS: 0.0.0.0
Wersja aparatu: AM: 1.1.17900.7, NIS: 0.0.0.0

Date: 2021-03-21 19:14:58
Description: 
Agent ochrony w czasie rzeczywistym produktu Program antywirusowy Microsoft Defender wykrył błąd i jego uruchomienie nie powiodło się.
Funkcja: Przy dostępie
Kod błędu: 0x8007043c
Opis błędu: Tej usługi nie można uruchomić w trybie awaryjnym 
Przyczyna: Analiza zabezpieczeń dla oprogramowania chroniącego przed złośliwym kodem przestała działać z nieznanej przyczyny. W niektórych przypadkach problem można rozwiązać, uruchamiając ponownie usługę.

CodeIntegrity:
===============
Date: 2021-03-26 21:07:11
Description: 
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\guard64.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2021-03-26 21:07:11
Description: 
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\guard64.dll because the set of per-page image hashes could not be found on the system.


==================== Statystyki pamięci =========================== 

BIOS: American Megatrends Inc. N550JV.208 11/19/2013
Płyta główna: ASUSTeK COMPUTER INC. N550JV
Procesor: Intel(R) Core(TM) i7-4700HQ CPU @ 2.40GHz
Procent pamięci w użyciu: 45%
Całkowita pamięć fizyczna: 16267.16 MB
Dostępna pamięć fizyczna: 8785.89 MB
Całkowita pamięć wirtualna: 32651.16 MB
Dostępna pamięć wirtualna: 24425.08 MB

==================== Dyski ================================

Drive c: (OS) (Fixed) (Total:140.03 GB) (Free:41.54 GB) NTFS ==>[system z komponentami startowymi (pozyskano odczytując dysk)]
Drive d: (Moje Pliki) (Fixed) (Total:70.38 GB) (Free:27.82 GB) NTFS

\\?\Volume{99a0fff7-7c96-468f-8bee-25e0eb6e394b}\ (Recovery) (Fixed) (Total:0.88 GB) (Free:0.57 GB) NTFS
\\?\Volume{1b149724-3925-4284-8b96-d7dc8089d28e}\ () (Fixed) (Total:0.82 GB) (Free:0.31 GB) NTFS
\\?\Volume{fa770ca6-7413-447f-99bd-31c616182617}\ () (Fixed) (Total:0.34 GB) (Free:0.3 GB) NTFS
\\?\Volume{45e8d7bd-876d-46e4-9bc5-35810f874ae4}\ (Restore) (Fixed) (Total:20.01 GB) (Free:8.7 GB) NTFS
\\?\Volume{9714f0c3-d804-4d4a-8ea0-4159a824b3ff}\ (SYSTEM) (Fixed) (Total:0.29 GB) (Free:0.26 GB) FAT32

==================== MBR & Tablica partycji ====================

==========================================================
Disk: 0 (Size: 232.9 GB) (Disk ID: 2929FD79)

Partition: GPT.

==================== Koniec  Addition.txt =======================