Rezultaty skanu uzupełniającego Farbar Recovery Scan Tool (x64) Wersja: 05-01-2021 Uruchomiony przez 1 (05-01-2021 13:34:37) Uruchomiony z E:\ Windows 10 Home Wersja 1909 18363.1256 (X64) (2020-08-29 13:19:45) Tryb startu: Normal ========================================================== ==================== Konta użytkowników: ============================= 1 (S-1-5-21-4167625086-3165384033-634236210-1002 - Administrator - Enabled) => C:\Users\1 2 (S-1-5-21-4167625086-3165384033-634236210-1003 - Administrator - Enabled) => C:\Users\2 48534 (S-1-5-21-4167625086-3165384033-634236210-1001 - Administrator - Enabled) => C:\Users\48534 Administrator (S-1-5-21-4167625086-3165384033-634236210-500 - Administrator - Disabled) Gość (S-1-5-21-4167625086-3165384033-634236210-501 - Limited - Disabled) Konto domyślne (S-1-5-21-4167625086-3165384033-634236210-503 - Limited - Disabled) WDAGUtilityAccount (S-1-5-21-4167625086-3165384033-634236210-504 - Limited - Disabled) ==================== Centrum zabezpieczeń ======================== (Załączenie wejścia w fixlist spowoduje jego usunięcie.) AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} ==================== Zainstalowane programy ====================== (W fixlist dozwolone tylko załączanie programów adware z flagą "Hidden" w celu ich uwidocznienia. Programy adware powinny zostać w poprawny sposób odinstalowane.) µTorrent (HKU\S-1-5-21-4167625086-3165384033-634236210-1002\...\uTorrent) (Version: 3.5.5.45790 - BitTorrent Inc.) Audacity 2.4.2 (HKLM-x32\...\Audacity_is1) (Version: 2.4.2 - Audacity Team) Badanie mające na celu poprawę produktów HP ENVY 5640 series (HKLM\...\{18589653-CF6D-4287-A8F3-FB1E0CFB7DEB}) (Version: 40.13.1176.1978 - HP Inc.) BankID Aplikacja Bezpieczeństwa (HKLM-x32\...\{77B5BCDC-5496-48DA-8B16-5EE2AF08CA31}) (Version: 7.9.1.3 - Financial ID-Technology) Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment) CCleaner (HKLM\...\CCleaner) (Version: 5.75 - Piriform) Cheat Engine 7.2 (HKLM\...\Cheat Engine_is1) (Version: - Cheat Engine) DAEMON Tools Lite (HKLM\...\DAEMON Tools Lite) (Version: 10.13.0.1371 - Disc Soft Ltd) Deluxe Ski Jump 4 (HKLM-x32\...\Deluxe Ski Jump 4_is1) (Version: 1.6.1 - Mediamond Tmi) DFX (HKLM-x32\...\DFX) (Version: 12.023.0.0 - Power Technology) Discord (HKU\S-1-5-21-4167625086-3165384033-634236210-1002\...\Discord) (Version: 0.0.309 - Discord Inc.) Driver - RAVCORE Mistral 4000 dpi version 1.0. (HKLM-x32\...\{2F606408-495F-4772-A3A7-BE0A31C4B261}_is1) (Version: 1.0. - ) FIFA 21 (HKLM-x32\...\{A918ACE7-A83B-41F4-8746-AEF8DC821879}) (Version: 1.0.67.42655 - Electronic Arts) GlobalServerify (wersja 6.3.2.3) (HKLM-x32\...\{B79D285A-4634-4956-B10F-9DAA073C7487}_is1) (Version: 6.3.2.3 - GOSetti.pl) Google Chrome (HKLM-x32\...\Google Chrome) (Version: 87.0.4280.88 - Google LLC) Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.36.51 - Google LLC) Hidden GridinSoft Anti-Malware (HKLM\...\GridinSoft Anti-Malware) (Version: 4.1.77 - Gridinsoft LLC) Hearthstone (HKLM-x32\...\Hearthstone) (Version: - Blizzard Entertainment) HP Dropbox Plugin (HKLM-x32\...\{E35D5D4F-FA8D-4FB9-82C3-AADF088C56C6}) (Version: 40.13.54.81239 - HP) HP ENVY 5640 series — podstawowe oprogramowanie urządzenia (HKLM\...\{01E84F07-BBEB-4FAE-B866-9974B0D8DBA0}) (Version: 40.13.1176.1978 - HP Inc.) HP ENVY 5640 series Pomoc (HKLM-x32\...\{FF01A22A-1B1E-49CA-94D9-2D5AB9E8D84E}) (Version: 34.0.0 - Hewlett Packard) HP Google Drive Plugin (HKLM-x32\...\{B04BEDA9-A86F-4F35-9239-FA36B7BA1E4A}) (Version: 40.13.54.81239 - HP) HP Photo Creations (HKLM-x32\...\HP Photo Creations) (Version: 1.0.0.9572 - HP) Htal Player version 4.1.4.7 (HKLM-x32\...\{75F23EF7-DA27-4E1D-8E83-BBDF5FB5E773}_is1) (Version: 4.1.4.7 - Valsoft) HUAWEI DataCard Driver 6.00.08.00 (HKLM-x32\...\HUAWEI DataCard Driver) (Version: 6.00.08.00 - Huawei Technologies Co., Ltd.) Java 8 Update 271 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F64180271F0}) (Version: 8.0.2710.9 - Oracle Corporation) Malwarebytes version 4.3.0.98 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 4.3.0.98 - Malwarebytes) MEGAsync (HKLM-x32\...\MEGAsync) (Version: - Mega Limited) Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 87.0.664.66 - Microsoft Corporation) Microsoft Edge Update (HKLM-x32\...\Microsoft Edge Update) (Version: 1.3.139.59 - ) Microsoft Mouse and Keyboard Center (HKLM\...\Microsoft Mouse and Keyboard Center) (Version: 13.222.137.0 - Microsoft Corporation) Microsoft OneDrive (HKU\S-1-5-21-4167625086-3165384033-634236210-1002\...\OneDriveSetup.exe) (Version: 20.201.1005.0009 - Microsoft Corporation) Microsoft Update Health Tools (HKLM\...\{0BCA8FBE-0C1C-4C65-98A3-5D34AAF41737}) (Version: 2.70.0.0 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2010 Redistributable - x64 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 Redistributable - x86 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24215 (HKLM-x32\...\{d992c12e-cab2-426f-bde3-fb8c53950b0d}) (Version: 14.0.24215.1 - Microsoft Corporation) Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM-x32\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation) Microsoft Visual C++ 2015-2019 Redistributable (x64) - 14.22.27821 (HKLM-x32\...\{6361b579-2795-4886-b2a8-53d5239b6452}) (Version: 14.22.27821.0 - Microsoft Corporation) Microsoft Visual C++ 2015-2019 Redistributable (x64) - 14.23.27820 (HKLM-x32\...\{852adda4-4c78-4a38-b583-c0b360a329d6}) (Version: 14.23.27820.0 - Microsoft Corporation) Microsoft Visual C++ 2015-2019 Redistributable (x86) - 14.22.27821 (HKLM-x32\...\{5bfc1380-fd35-4b85-9715-7351535d077e}) (Version: 14.22.27821.0 - Microsoft Corporation) Microsoft Visual C++ 2015-2019 Redistributable (x86) - 14.23.27820 (HKLM-x32\...\{45231ab4-69fd-486a-859d-7a59fcd11013}) (Version: 14.23.27820.0 - Microsoft Corporation) Microsoft Visual C++ 2017 Redistributable (x64) - 14.10.25008 (HKLM-x32\...\{f1e7e313-06df-4c56-96a9-99fdfd149c51}) (Version: 14.10.25008.0 - Microsoft Corporation) Microsoft Visual C++ 2017 Redistributable (x86) - 14.10.25008 (HKLM-x32\...\{c239cea1-d49e-4e16-8e87-8c055765f7ec}) (Version: 14.10.25008.0 - Microsoft Corporation) NVIDIA Oprogramowanie systemu PhysX 9.19.0218 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.19.0218 - NVIDIA Corporation) NVIDIA PhysX (HKLM-x32\...\{3F5C371F-8EA2-4F25-9D3D-D0B4526E3AEA}) (Version: 9.10.0513 - NVIDIA Corporation) NVIDIA Sterownik graficzny 457.30 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 457.30 - NVIDIA Corporation) Overwatch (HKLM-x32\...\Overwatch) (Version: - Blizzard Entertainment) Overwatch Test (HKLM-x32\...\Overwatch Test) (Version: - Blizzard Entertainment) Paradox Launcher v2 (HKLM\...\{A8D4AE16-519B-409D-B5B4-2647C06805AD}) (Version: 2.0.3.0 - Paradox Interactive) PhotoScape (HKLM-x32\...\PhotoScape) (Version: - ) PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.990 - Even Balance, Inc.) Razer Chroma SDK Core Components (HKLM-x32\...\Razer Chroma SDK) (Version: 2.10.6 - Razer Inc.) Razer Cortex (HKLM-x32\...\Razer Cortex_is1) (Version: 9.12.1002.1309 - Razer Inc.) Razer Diamondback (HKLM-x32\...\{DE4CF159-4AD2-4754-BDA0-5FB088C8B58B}) (Version: 5.01 - Razer USA Ltd.) Razer Synapse (HKLM-x32\...\{0D78BEE2-F8FF-4498-AF1A-3FF81CED8AC6}) (Version: 2.21.24.34 - Razer Inc.) Razer Synapse (HKLM-x32\...\Razer Synapse) (Version: 3.5.1215.121019 - Razer Inc.) Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.8186 - Realtek Semiconductor Corp.) Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation) TeamSpeak 3 Client (HKU\S-1-5-21-4167625086-3165384033-634236210-1002\...\TeamSpeak 3 Client) (Version: 3.5.5 - TeamSpeak Systems GmbH) WinRAR 5.90 (64-bitowy) (HKLM\...\WinRAR archiver) (Version: 5.90.0 - win.rar GmbH) WinRAR 6.00 (32-bit) (HKLM-x32\...\WinRAR archiver) (Version: 6.00.0 - win.rar GmbH) XEOX Gamepad SL-6556-BK (HKLM-x32\...\{5E7F3FD4-503B-4451-B2EB-AC8C82DBA32F}) (Version: 1.00.0000 - ) Packages: ========= Dodatek Aparat multimediów dla aplikacji Zdjęcia -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2020-11-07] (Microsoft Corporation) Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.7.10142.0_x64__8wekyb3d8bbwe [2020-10-24] (Microsoft Studios) [MS Ad] NVIDIA Control Panel -> C:\Program Files\WindowsApps\NVIDIACorp.NVIDIAControlPanel_8.1.959.0_x64__56jybvy8sckqj [2020-11-27] (NVIDIA Corp.) ==================== Niestandardowe rejestracje CLSID (filtrowane): ============== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) CustomCLSID: HKU\S-1-5-21-4167625086-3165384033-634236210-1002_Classes\CLSID\{7EDB4F57-1FAD-4492-B571-D2A9AEBAC900} -> [MEGA] => E:\MEGA [2020-10-03 11:22] ShellIconOverlayIdentifiers: [ MEGA (Synced)] -> {05B38830-F4E9-4329-978B-1DD28605D202} => C:\Users\1\AppData\Local\MEGAsync\ShellExtX64.dll [2020-09-16] (Mega Limited -> ) ShellIconOverlayIdentifiers: [ MEGA (Syncing)] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => C:\Users\1\AppData\Local\MEGAsync\ShellExtX64.dll [2020-09-16] (Mega Limited -> ) ContextMenuHandlers1: [GridinSoft Anti-Malware] -> {F77F27A6-89F3-471A-AFA8-3B280940A10C} => C:\Program Files\GridinSoft Anti-Malware\shellext.dll [2021-01-04] (GridinSoft, LLC -> Gridinsoft LLC) ContextMenuHandlers1: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\Users\1\AppData\Local\MEGAsync\ShellExtX64.dll [2020-09-16] (Mega Limited -> ) ContextMenuHandlers1: [SmartGameBoosterMenu] -> {96C86AD1-055D-457D-9C00-0D4A91ECF1B4} => C:\Program Files (x86)\PCGameBoost\Smart Game Booster\5.0.1\MenuExt64.dll -> Brak pliku ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext64.dll [2020-12-01] (win.rar GmbH -> Alexander Roshal) ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext.dll [2020-12-01] (win.rar GmbH -> Alexander Roshal) ContextMenuHandlers2: [DaemonShellExtDriveLite] -> {C06369D6-E77D-4626-9656-1256312BD576} => C:\Program Files\DAEMON Tools Lite\dtshl64.dll [2020-07-02] (AVB Disc Soft, SIA -> Disc Soft Ltd) ContextMenuHandlers2: [GridinSoft Anti-Malware] -> {F77F27A6-89F3-471A-AFA8-3B280940A10C} => C:\Program Files\GridinSoft Anti-Malware\shellext.dll [2021-01-04] (GridinSoft, LLC -> Gridinsoft LLC) ContextMenuHandlers2: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\Users\1\AppData\Local\MEGAsync\ShellExtX64.dll [2020-09-16] (Mega Limited -> ) ContextMenuHandlers3: [DaemonShellExtImageLite] -> {1D1B5D7B-0FC9-452E-902C-12BACD4FBC20} => C:\Program Files\DAEMON Tools Lite\dtshl64.dll [2020-07-02] (AVB Disc Soft, SIA -> Disc Soft Ltd) ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2021-01-05] (Malwarebytes Corporation -> Malwarebytes) ContextMenuHandlers3: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\Users\1\AppData\Local\MEGAsync\ShellExtX64.dll [2020-09-16] (Mega Limited -> ) ContextMenuHandlers3: [SmartGameBoosterMenu] -> {96C86AD1-055D-457D-9C00-0D4A91ECF1B4} => C:\Program Files (x86)\PCGameBoost\Smart Game Booster\5.0.1\MenuExt64.dll -> Brak pliku ContextMenuHandlers4: [GridinSoft Anti-Malware] -> {F77F27A6-89F3-471A-AFA8-3B280940A10C} => C:\Program Files\GridinSoft Anti-Malware\shellext.dll [2021-01-04] (GridinSoft, LLC -> Gridinsoft LLC) ContextMenuHandlers4: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\Users\1\AppData\Local\MEGAsync\ShellExtX64.dll [2020-09-16] (Mega Limited -> ) ContextMenuHandlers4: [SmartGameBoosterMenu] -> {96C86AD1-055D-457D-9C00-0D4A91ECF1B4} => C:\Program Files (x86)\PCGameBoost\Smart Game Booster\5.0.1\MenuExt64.dll -> Brak pliku ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_a51067c0ac557884\nvshext.dll [2020-12-30] (NVIDIA Corporation -> NVIDIA Corporation) ContextMenuHandlers6: [GridinSoft Anti-Malware] -> {F77F27A6-89F3-471A-AFA8-3B280940A10C} => C:\Program Files\GridinSoft Anti-Malware\shellext.dll [2021-01-04] (GridinSoft, LLC -> Gridinsoft LLC) ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2021-01-05] (Malwarebytes Corporation -> Malwarebytes) ContextMenuHandlers6: [SmartGameBoosterMenu] -> {96C86AD1-055D-457D-9C00-0D4A91ECF1B4} => C:\Program Files (x86)\PCGameBoost\Smart Game Booster\5.0.1\MenuExt64.dll -> Brak pliku ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext64.dll [2020-12-01] (win.rar GmbH -> Alexander Roshal) ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext.dll [2020-12-01] (win.rar GmbH -> Alexander Roshal) ==================== Codecs (filtrowane) ==================== ==================== Skróty & WMI ======================== ==================== Załadowane moduły (filtrowane) ============= 2020-12-16 09:10 - 2020-11-02 18:17 - 001282048 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [Brak podpisu cyfrowego] E:\Origin\LIBEAY32.dll 2020-12-16 09:10 - 2020-11-02 18:17 - 000279040 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [Brak podpisu cyfrowego] E:\Origin\ssleay32.dll 2020-12-16 09:10 - 2020-11-02 18:17 - 001611264 _____ (The Qt Company Ltd) [Brak podpisu cyfrowego] E:\Origin\platforms\qwindows.dll 2020-12-16 09:10 - 2020-11-02 18:17 - 005487104 _____ (The Qt Company Ltd) [Brak podpisu cyfrowego] E:\Origin\Qt5Core.dll 2020-12-16 09:10 - 2020-11-02 18:17 - 005841920 _____ (The Qt Company Ltd) [Brak podpisu cyfrowego] E:\Origin\Qt5Gui.dll 2020-12-16 09:10 - 2020-11-02 18:17 - 001179136 _____ (The Qt Company Ltd) [Brak podpisu cyfrowego] E:\Origin\Qt5Network.dll 2020-12-16 09:10 - 2020-11-02 18:17 - 000146432 _____ (The Qt Company Ltd) [Brak podpisu cyfrowego] E:\Origin\Qt5WebSockets.dll 2020-12-16 09:10 - 2020-11-02 18:17 - 005089792 _____ (The Qt Company Ltd) [Brak podpisu cyfrowego] E:\Origin\Qt5Widgets.dll 2020-12-16 09:10 - 2020-11-02 18:17 - 000184832 _____ (The Qt Company Ltd) [Brak podpisu cyfrowego] E:\Origin\Qt5Xml.dll ==================== Alternate Data Streams (filtrowane) ======== ==================== Tryb awaryjny (filtrowane) ================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Wartość "AlternateShell" zostanie przywrócona.) HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service" ==================== Powiązania plików (filtrowane) ================= ==================== Internet Explorer (filtrowane) ========== BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_271\bin\ssv.dll [2020-12-07] (Oracle America, Inc. -> Oracle Corporation) BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_271\bin\jp2ssv.dll [2020-12-07] (Oracle America, Inc. -> Oracle Corporation) ==================== Hosts - zawartość: ========================= (Użycie dyrektywy Hosts: w fixlist spowoduje reset pliku Hosts.) 2018-09-15 08:31 - 2018-09-15 08:31 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts ==================== Inne obszary =========================== (Obecnie brak automatycznej naprawy dla tej sekcji.) HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Common Files\Oracle\Java\javapath;C:\Program Files (x86)\Razer Chroma SDK\bin;C:\Program Files\Razer Chroma SDK\bin;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Windows\System32\OpenSSH\;C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem;C:\WINDOWS\System32\WindowsPowerShell\v1.0\;C:\WINDOWS\System32\OpenSSH\;C:\Users\1\AppData\Local\Microsoft\WindowsApps HKU\S-1-5-21-4167625086-3165384033-634236210-1002\Control Panel\Desktop\\Wallpaper -> C:\Users\1\AppData\Local\Packages\Microsoft.Windows.Photos_8wekyb3d8bbwe\LocalState\PhotosAppBackground\asas.jpg DNS Servers: 192.168.1.1 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1) HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: ) Zapora systemu Windows [funkcja włączona] ==================== MSCONFIG/TASK MANAGER - Wyłączone elementy == (Załączenie wejścia w fixlist spowoduje jego usunięcie.) HKLM\...\StartupApproved\Run: => "SecurityHealth" HKLM\...\StartupApproved\Run: => "Riot Vanguard" HKLM\...\StartupApproved\Run: => "RTHDVCPL" HKLM\...\StartupApproved\Run32: => "RazerCortex" HKLM\...\StartupApproved\Run32: => "SE61T-UserTools" HKLM\...\StartupApproved\Run32: => "DFX" HKLM\...\StartupApproved\Run32: => "Diamondback" HKLM\...\StartupApproved\Run32: => "Razer Synapse" HKLM\...\StartupApproved\Run32: => "SunJavaUpdateSched" HKU\S-1-5-21-4167625086-3165384033-634236210-1002\...\StartupApproved\StartupFolder: => "MEGAsync.lnk" HKU\S-1-5-21-4167625086-3165384033-634236210-1002\...\StartupApproved\Run: => "OneDrive" HKU\S-1-5-21-4167625086-3165384033-634236210-1002\...\StartupApproved\Run: => "HP ENVY 5640 series (NET)" HKU\S-1-5-21-4167625086-3165384033-634236210-1002\...\StartupApproved\Run: => "uTorrent" HKU\S-1-5-21-4167625086-3165384033-634236210-1002\...\StartupApproved\Run: => "utweb" HKU\S-1-5-21-4167625086-3165384033-634236210-1002\...\StartupApproved\Run: => "Windows Updates Service" HKU\S-1-5-21-4167625086-3165384033-634236210-1002\...\StartupApproved\Run: => "CCleaner Smart Cleaning" HKU\S-1-5-21-4167625086-3165384033-634236210-1002\...\StartupApproved\Run: => "ProductAuthenticationService" HKU\S-1-5-21-4167625086-3165384033-634236210-1002\...\StartupApproved\Run: => "SteamServerBrowser" HKU\S-1-5-21-4167625086-3165384033-634236210-1002\...\StartupApproved\Run: => "Synapse3" HKU\S-1-5-21-4167625086-3165384033-634236210-1002\...\StartupApproved\Run: => "Discord" ==================== Reguły Zapory systemu Windows (filtrowane) ================ (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) FirewallRules: [{E2EE9214-66BA-4384-BE6A-CA4501CB4919}] => (Allow) E:\SteamLibrary\steamapps\common\Hearts of Iron 3\hoi3.exe (Paradox Interactive) [Brak podpisu cyfrowego] FirewallRules: [{B81138A9-DB5D-45C1-B815-713CA10853B8}] => (Allow) E:\SteamLibrary\steamapps\common\Hearts of Iron 3\hoi3.exe (Paradox Interactive) [Brak podpisu cyfrowego] FirewallRules: [{3BF56B9A-022F-44DE-8763-5147AF93E42D}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation) FirewallRules: [{EFBBF234-24DB-4F1E-99EE-D985F056871D}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation) FirewallRules: [{A80F3A4C-5E08-45E0-A37B-618ED1BBFE47}] => (Allow) C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe (AVB Disc Soft, SIA -> Disc Soft Ltd) FirewallRules: [{DAA84F1D-63A8-476A-B88F-3A2C20368558}] => (Allow) C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe (AVB Disc Soft, SIA -> Disc Soft Ltd) FirewallRules: [UDP Query User{08CCF2B5-7638-43E8-AA84-7FE5EE59CFD5}C:\users\2\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\2\appdata\roaming\utorrent\utorrent.exe (BitTorrent Inc -> BitTorrent Inc.) FirewallRules: [TCP Query User{DCE3A1F8-73A2-4A1F-98CD-0A4DF930154C}C:\users\2\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\2\appdata\roaming\utorrent\utorrent.exe (BitTorrent Inc -> BitTorrent Inc.) FirewallRules: [{5FC0DB37-A25F-4EC3-8F7E-A96A0AC51CE3}] => (Allow) C:\Users\1\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc -> BitTorrent Inc.) FirewallRules: [{4FFDB430-40C6-497D-BE8A-106828D303D4}] => (Allow) C:\Users\1\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc -> BitTorrent Inc.) FirewallRules: [{2252B97E-8F75-4EBE-8FB9-D4882F4DC2EE}] => (Allow) C:\Program Files\HP\HP ENVY 5640 series\Bin\HPNetworkCommunicatorCom.exe (HP Inc -> HP Inc.) FirewallRules: [{EBED9A3B-E40E-43F8-A9AE-596684BEFABD}] => (Allow) C:\Program Files\HP\HP ENVY 5640 series\Bin\DeviceSetup.exe (HP Inc -> HP Inc.) FirewallRules: [{D8A8BD14-B896-4365-93CC-03D417C03931}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation) FirewallRules: [{5F7F36A7-137E-4B0D-A9B2-D2AD25A196A9}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation) FirewallRules: [{4031EAE3-4A65-4E86-B0B0-6B3A33189A29}] => (Allow) E:\SteamLibrary\steamapps\common\Arcania Gothic 4\Arcania.exe (Spellbound Entertainment AG) [Brak podpisu cyfrowego] FirewallRules: [{B63FA9CA-2C28-483D-A5C5-C246B5CF2419}] => (Allow) E:\SteamLibrary\steamapps\common\Arcania Gothic 4\Arcania.exe (Spellbound Entertainment AG) [Brak podpisu cyfrowego] FirewallRules: [{570A958B-00BD-43FA-A350-DDB11E146BFA}] => (Allow) E:\SteamLibrary\steamapps\common\SMITE\Binaries\Win64\SmiteEAC.exe (EasyAntiCheat Oy -> EasyAntiCheat Ltd) FirewallRules: [{07D41FF5-E3A0-40AD-9D9C-69683997E24F}] => (Allow) E:\SteamLibrary\steamapps\common\SMITE\Binaries\Win64\SmiteEAC.exe (EasyAntiCheat Oy -> EasyAntiCheat Ltd) FirewallRules: [{977031A1-EFAD-4E65-A664-8ECB5E18C4FD}] => (Allow) E:\SteamLibrary\steamapps\common\SMITE\Binaries\Win32\SmiteEAC.exe (EasyAntiCheat Oy -> EasyAntiCheat Ltd) FirewallRules: [{8F29A9EB-065F-4E32-899C-01F9EF95CC45}] => (Allow) E:\SteamLibrary\steamapps\common\SMITE\Binaries\Win32\SmiteEAC.exe (EasyAntiCheat Oy -> EasyAntiCheat Ltd) FirewallRules: [TCP Query User{3DAB9983-2F59-4E43-B180-6987EE51FBC5}E:\steamlibrary\steamapps\common\smite\binaries\win64\smite.exe] => (Block) E:\steamlibrary\steamapps\common\smite\binaries\win64\smite.exe (Hirez Studios, Inc.) [Brak podpisu cyfrowego] FirewallRules: [UDP Query User{B35647E6-727F-402E-9936-F282D66BDCC0}E:\steamlibrary\steamapps\common\smite\binaries\win64\smite.exe] => (Block) E:\steamlibrary\steamapps\common\smite\binaries\win64\smite.exe (Hirez Studios, Inc.) [Brak podpisu cyfrowego] FirewallRules: [TCP Query User{DCD57B92-1A3D-4389-91B5-2BD135142709}E:\steamlibrary\steamapps\common\hearts of iron iv\hoi4.exe] => (Allow) E:\steamlibrary\steamapps\common\hearts of iron iv\hoi4.exe (Paradox Interactive AB (publ) -> Paradox Interactive) FirewallRules: [UDP Query User{CD162139-1224-4942-8A2F-D1886295735F}E:\steamlibrary\steamapps\common\hearts of iron iv\hoi4.exe] => (Allow) E:\steamlibrary\steamapps\common\hearts of iron iv\hoi4.exe (Paradox Interactive AB (publ) -> Paradox Interactive) FirewallRules: [TCP Query User{56B2669F-0CBD-4EE8-AEDF-21DF8D295EA0}C:\program files (x86)\overwatch\_retail_\overwatch.exe] => (Allow) C:\program files (x86)\overwatch\_retail_\overwatch.exe (Blizzard Entertainment, Inc. -> Blizzard Entertainment) FirewallRules: [UDP Query User{DC7C6E52-463B-474A-BE7A-3D65EAE38A1C}C:\program files (x86)\overwatch\_retail_\overwatch.exe] => (Allow) C:\program files (x86)\overwatch\_retail_\overwatch.exe (Blizzard Entertainment, Inc. -> Blizzard Entertainment) FirewallRules: [{03380651-BC74-4A5D-AC59-98988CC23D39}] => (Allow) E:\SteamLibrary\steamapps\common\Hearts of Iron IV\dowser.exe (Paradox Interactive AB (publ) -> ) FirewallRules: [{379C21F1-7CCA-4C96-B037-0AB103802560}] => (Allow) E:\SteamLibrary\steamapps\common\Hearts of Iron IV\dowser.exe (Paradox Interactive AB (publ) -> ) FirewallRules: [{1E13DDEE-4CC6-4826-B799-8356174BF65C}] => (Allow) E:\SteamLibrary\steamapps\common\Counter-Strike Global Offensive\csgo.exe (Valve -> ) FirewallRules: [{5D732604-AF61-4389-8809-F1694AD8F8C6}] => (Allow) E:\SteamLibrary\steamapps\common\Counter-Strike Global Offensive\csgo.exe (Valve -> ) FirewallRules: [{C831D44D-5C5D-474E-9254-A7672ACC12B6}] => (Allow) C:\Users\2\AppData\Local\Programs\Opera\72.0.3815.400\opera.exe (Opera Software AS -> Opera Software) FirewallRules: [{76576E6C-AD93-4820-BD93-518C5CD6982A}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe (Even Balance, Inc. -> ) FirewallRules: [{05F80332-74F4-4D39-B244-61C64E30340A}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe (Even Balance, Inc. -> ) FirewallRules: [{D941F488-22C8-4976-9681-07FDC1E192BE}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe (Even Balance, Inc. -> ) FirewallRules: [{E20F67D6-A75E-4DBC-93BA-4CD0B5BD42EC}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe (Even Balance, Inc. -> ) FirewallRules: [{DEB9F4A9-FD04-47AB-BC91-091D665EDD25}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC) FirewallRules: [{F9C52606-C641-4212-B7A2-73E42F78D8BF}] => (Allow) E:\Nowy folder\FIFA 21\FIFASetup\fifaconfig.exe (Electronic Arts, Inc. -> Electronic Arts) FirewallRules: [{860EAA16-09CE-4CBC-BB83-2499BB0F044E}] => (Allow) E:\Nowy folder\FIFA 21\FIFASetup\fifaconfig.exe (Electronic Arts, Inc. -> Electronic Arts) FirewallRules: [{C6B3B6AC-F281-4BD5-8C10-481E53C74CF2}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.148.625.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd) FirewallRules: [{D1342332-B13C-420E-B0C2-C98A9782BCCE}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.148.625.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd) FirewallRules: [{04C31403-D2C9-4C15-97C6-DBC3F543306B}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.148.625.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd) FirewallRules: [{037B5C2C-E660-4E2A-87AF-76A8EA8E7DCD}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.148.625.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd) FirewallRules: [{0D200C4E-162E-49C3-866D-02285BFB0615}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.148.625.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd) FirewallRules: [{A5F48123-C2C4-49C5-B9E5-E734349AEB9D}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.148.625.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd) FirewallRules: [{460069DF-F5A9-47AA-81E7-5B3E07571CC2}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.148.625.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd) FirewallRules: [{C77FDD6C-7DBC-41C6-9C1B-6F9F8659E9D5}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.148.625.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd) FirewallRules: [TCP Query User{1E6237C3-3505-4B78-8947-4F304D91F9E5}C:\program files (x86)\overwatch\_ptr_\overwatch.exe] => (Allow) C:\program files (x86)\overwatch\_ptr_\overwatch.exe (Blizzard Entertainment, Inc. -> Blizzard Entertainment) FirewallRules: [UDP Query User{4E9C38EB-F8C5-46C8-8A74-FBC4379E46E6}C:\program files (x86)\overwatch\_ptr_\overwatch.exe] => (Allow) C:\program files (x86)\overwatch\_ptr_\overwatch.exe (Blizzard Entertainment, Inc. -> Blizzard Entertainment) FirewallRules: [{E7176799-C5CD-4393-8860-D5E51FCCEB25}] => (Allow) E:\SteamLibrary\steamapps\common\rocketleague\Binaries\Win64\RocketLeague.exe (Psyonix, LLC) [Brak podpisu cyfrowego] FirewallRules: [{F320237F-8911-48B7-A2E9-9F1AB8786228}] => (Allow) E:\SteamLibrary\steamapps\common\rocketleague\Binaries\Win64\RocketLeague.exe (Psyonix, LLC) [Brak podpisu cyfrowego] FirewallRules: [{58CCA219-5324-4639-A966-9F21494E9714}] => (Allow) C:\Users\2\AppData\Local\Programs\Opera\73.0.3856.284\opera.exe (Opera Software AS -> Opera Software) FirewallRules: [{2FCE093F-2CAA-4A4F-A301-A5016544D394}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.67.99.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.) FirewallRules: [{280ADA2F-74A7-4235-A86F-38C204720B8A}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.67.99.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.) FirewallRules: [{8918830A-36D8-403F-ADF3-443061C973D6}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.67.99.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.) FirewallRules: [{28E88C5A-9C41-41F9-9461-BC86381D2879}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.67.99.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.) FirewallRules: [TCP Query User{7F1EC996-EC71-4F12-B4B3-A663FE9BEA59}C:\program files (x86)\hearthstone\hearthstone.exe] => (Allow) C:\program files (x86)\hearthstone\hearthstone.exe (Blizzard Entertainment, Inc. -> ) FirewallRules: [UDP Query User{D6F1C84A-B14B-4EAF-8335-DFACD8AF04F9}C:\program files (x86)\hearthstone\hearthstone.exe] => (Allow) C:\program files (x86)\hearthstone\hearthstone.exe (Blizzard Entertainment, Inc. -> ) ==================== Punkty Przywracania systemu ========================= UWAGA: Przywracanie systemu jest wyłączone (Total:110.74 GB) (Free:17.01 GB) (15%) ==================== Wadliwe urządzenia w Menedżerze urządzeń ============ ==================== Błędy w Dzienniku zdarzeń: ======================== Dziennik Aplikacja: ================== Error: (01/05/2021 01:29:21 PM) (Source: ESENT) (EventID: 455) (User: ) Description: svchost (10044,R,98) TILEREPOSITORYS-1-5-18: Wystąpił błąd -1023 (0xfffffc01) podczas otwierania pliku dziennika C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log. Error: (01/05/2021 01:22:43 PM) (Source: ESENT) (EventID: 455) (User: ) Description: svchost (3276,R,98) TILEREPOSITORYS-1-5-18: Wystąpił błąd -1023 (0xfffffc01) podczas otwierania pliku dziennika C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log. Error: (01/05/2021 01:16:52 PM) (Source: ESENT) (EventID: 455) (User: ) Description: svchost (6080,R,98) TILEREPOSITORYS-1-5-18: Wystąpił błąd -1023 (0xfffffc01) podczas otwierania pliku dziennika C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log. Error: (01/05/2021 01:09:04 PM) (Source: MBAMIService) (EventID: 0) (User: ) Description: Event-ID 0 Error: (01/05/2021 01:05:59 PM) (Source: VSS) (EventID: 8193) (User: ) Description: Błąd Usługi kopiowania woluminów w tle: nieoczekiwany błąd podczas wywoływania procedury CoCreateInstance. hr = 0x8007045b, Trwa proces zamykania systemu. . Error: (01/05/2021 01:05:59 PM) (Source: VSS) (EventID: 13) (User: ) Description: Informacje Usługi kopiowania woluminów w tle: nie można uruchomić serwera usługi COM z identyfikatorem CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} i nazwą CEventSystem. [0x8007045b, Trwa proces zamykania systemu. ] Error: (01/05/2021 12:07:51 PM) (Source: ESENT) (EventID: 455) (User: ) Description: svchost (4168,R,98) TILEREPOSITORYS-1-5-18: Wystąpił błąd -1023 (0xfffffc01) podczas otwierania pliku dziennika C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log. Error: (01/05/2021 11:46:24 AM) (Source: ESENT) (EventID: 455) (User: ) Description: svchost (1652,R,98) TILEREPOSITORYS-1-5-18: Wystąpił błąd -1023 (0xfffffc01) podczas otwierania pliku dziennika C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log. Dziennik System: ============= Error: (01/05/2021 12:58:21 PM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: Usługa Origin Web Helper Service niespodziewanie zakończyła pracę. Wystąpiło to razy: 1. Error: (01/05/2021 12:58:21 PM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: Usługa Razer Synapse Service niespodziewanie zakończyła pracę. Wystąpiło to razy: 1. Error: (01/05/2021 12:58:21 PM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: Usługa Razer Game Manager niespodziewanie zakończyła pracę. Wystąpiło to razy: 1. Error: (01/05/2021 12:58:21 PM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: Usługa Disc Soft Lite Bus Service niespodziewanie zakończyła pracę. Wystąpiło to razy: 1. Error: (01/05/2021 12:58:21 PM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: Usługa Razer Chroma SDK Server niespodziewanie zakończyła pracę. Wystąpiło to razy: 1. Error: (01/05/2021 12:58:21 PM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: Usługa Razer Central Service niespodziewanie zakończyła pracę. Wystąpiło to razy: 1. Error: (01/05/2021 12:58:21 PM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: Usługa Razer Chroma SDK Service niespodziewanie zakończyła pracę. Wystąpiło to razy: 1. Error: (01/05/2021 12:58:21 PM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: Usługa RzKLService niespodziewanie zakończyła pracę. Wystąpiło to razy: 1. Windows Defender: =================================== Date: 2020-12-30 13:31:00.224 Description: Produkt Program antywirusowy Windows Defender wykrył złośliwe oprogramowanie lub inne potencjalnie niechciane oprogramowanie. Aby uzyskać więcej informacji, zobacz: https://go.microsoft.com/fwlink/?linkid=37020&name=Trojan:Win32/Glupteba!ml&threatid=2147748182&enterprise=0 Nazwa: Trojan:Win32/Glupteba!ml Identyfikator: 2147748182 Ważność: Poważny Kategoria: Koń trojański Ścieżka: file:_C:\Users\1\AppData\Local\Temp\Rar$EXa5756.28622\assas_736723940023.exe Pochodzenie wykrycia: Komputer lokalny Typ wykrycia: FastPath Źródło wykrycia: Ochrona w czasie rzeczywistym Użytkownik: DESKTOP-MBQD4AC\1 Nazwa procesu: C:\Program Files (x86)\WinRAR\WinRAR.exe Wersja analizy zabezpieczeń: AV: 1.329.1345.0, AS: 1.329.1345.0, NIS: 1.329.1345.0 Wersja aparatu: AM: 1.1.17700.4, NIS: 1.1.17700.4 Date: 2020-12-28 14:45:19.499 Description: Skanowanie produktu Program antywirusowy Windows Defender zostało zatrzymane przed ukończeniem. Identyfikator skanowania: {B4909AC0-6712-4FE1-83BB-BCC9EA1D40A9} Typ skanowania: Narzędzia chroniące przed złośliwym oprogramowaniem Parametry skanowania: Szybkie skanowanie Użytkownik: ZARZĄDZANIE NT\SYSTEM Date: 2020-12-27 00:13:38.049 Description: Skanowanie produktu Program antywirusowy Windows Defender zostało zatrzymane przed ukończeniem. Identyfikator skanowania: {5EF6E4F8-6BF4-43B7-9B63-B070335802EB} Typ skanowania: Narzędzia chroniące przed złośliwym oprogramowaniem Parametry skanowania: Szybkie skanowanie Użytkownik: ZARZĄDZANIE NT\SYSTEM Date: 2020-12-24 13:10:21.335 Description: Skanowanie produktu Program antywirusowy Windows Defender zostało zatrzymane przed ukończeniem. Identyfikator skanowania: {148BA805-B93C-4319-81CD-A834229FDE7D} Typ skanowania: Narzędzia chroniące przed złośliwym oprogramowaniem Parametry skanowania: Szybkie skanowanie Użytkownik: ZARZĄDZANIE NT\SYSTEM Date: 2020-12-22 09:27:05.319 Description: Skanowanie produktu Program antywirusowy Windows Defender zostało zatrzymane przed ukończeniem. Identyfikator skanowania: {310112B2-C230-48B8-860D-D6E910E3DC19} Typ skanowania: Narzędzia chroniące przed złośliwym oprogramowaniem Parametry skanowania: Szybkie skanowanie Użytkownik: ZARZĄDZANIE NT\SYSTEM CodeIntegrity: =================================== Date: 2021-01-05 10:43:09.805 Description: Windows blocked file \Device\HarddiskVolume3\Windows\System32\scrobj.dll which has been disallowed for protected processes. Date: 2021-01-05 10:42:58.406 Description: Windows blocked file \Device\HarddiskVolume3\Windows\System32\scrobj.dll which has been disallowed for protected processes. Date: 2021-01-05 10:42:50.294 Description: Windows blocked file \Device\HarddiskVolume3\Windows\System32\scrobj.dll which has been disallowed for protected processes. Date: 2021-01-05 10:42:29.435 Description: Windows blocked file \Device\HarddiskVolume3\Windows\System32\scrobj.dll which has been disallowed for protected processes. Date: 2021-01-05 10:42:27.889 Description: Windows blocked file \Device\HarddiskVolume3\Windows\System32\scrobj.dll which has been disallowed for protected processes. Date: 2021-01-05 10:42:25.093 Description: Windows blocked file \Device\HarddiskVolume3\Windows\System32\scrobj.dll which has been disallowed for protected processes. Date: 2020-12-22 14:34:56.239 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\FlightSettings.dll because the set of per-page image hashes could not be found on the system. Date: 2020-12-22 14:34:56.230 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\FlightSettings.dll because the set of per-page image hashes could not be found on the system. ==================== Statystyki pamięci =========================== BIOS: American Megatrends Inc. P1.70 07/23/2015 Płyta główna: ASRock 960GC-GS FX Procesor: AMD FX(tm)-6300 Six-Core Processor Procent pamięci w użyciu: 57% Całkowita pamięć fizyczna: 8175.23 MB Dostępna pamięć fizyczna: 3499.42 MB Całkowita pamięć wirtualna: 10735.23 MB Dostępna pamięć wirtualna: 5635.07 MB ==================== Dyski ================================ Drive c: () (Fixed) (Total:110.74 GB) (Free:17.01 GB) NTFS Drive e: (Nowy) (Fixed) (Total:232.88 GB) (Free:37.53 GB) NTFS \\?\Volume{bd4e50c6-0000-0000-0000-100000000000}\ (Zastrzeżone przez system) (Fixed) (Total:0.54 GB) (Free:0.5 GB) NTFS \\?\Volume{bd4e50c6-0000-0000-0000-90d11b000000}\ () (Fixed) (Total:0.51 GB) (Free:0.08 GB) NTFS ==================== MBR & Tablica partycji ==================== ========================================================== Disk: 0 (MBR Code: Windows 7/8/10) (Size: 232.9 GB) (Disk ID: 6DFBABCF) Partition 1: (Not Active) - (Size=232.9 GB) - (Type=07 NTFS) ========================================================== Disk: 1 (MBR Code: Windows 7/8/10) (Size: 111.8 GB) (Disk ID: BD4E50C6) Partition 1: (Active) - (Size=549 MB) - (Type=07 NTFS) Partition 2: (Not Active) - (Size=110.7 GB) - (Type=07 NTFS) Partition 3: (Not Active) - (Size=526 MB) - (Type=27) ==================== Koniec Addition.txt =======================