Additional scan result of Farbar Recovery Scan Tool (x64) Version: 28-02-2021 Ran by User (04-03-2021 17:44:38) Running from F:\naprawa win Windows 8.1 (Update) (X64) (2014-11-18 09:34:39) Boot Mode: Normal ========================================================== ==================== Accounts: ============================= Administrator (S-1-5-21-2615146530-3253038631-3002819462-500 - Administrator - Disabled) Gość (S-1-5-21-2615146530-3253038631-3002819462-501 - Limited - Disabled) HomeGroupUser$ (S-1-5-21-2615146530-3253038631-3002819462-1004 - Limited - Enabled) User (S-1-5-21-2615146530-3253038631-3002819462-1002 - Administrator - Enabled) => C:\Users\User ==================== Security Center ======================== (If an entry is included in the fixlist, it will be removed.) AV: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AV: Avast Antivirus (Disabled - Up to date) {EB19B86E-3998-C706-90EF-92B41EB091AF} AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: Avast Antivirus (Disabled - Up to date) {5078598A-1FA2-C888-AA5F-A9C66537DB12} FW: Avast Antivirus (Disabled) {D322394B-73F7-C65E-BBB0-3B81E063D6D4} ==================== Installed Programs ====================== (Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.) 7-Zip 19.00 (HKLM-x32\...\{23170F69-40C1-2701-1900-000001000000}) (Version: 19.00.00.0 - Igor Pavlov) 7-Zip 9.20 (HKLM-x32\...\7-Zip) (Version: - ) Adobe Acrobat Reader DC - Polish (HKLM-x32\...\{AC76BA86-7AD7-1045-7B44-AC0F074E4100}) (Version: 20.013.20074 - Adobe Systems Incorporated) AIMP3 (HKLM-x32\...\AIMP3) (Version: v3.55.1355, 14.07.2014 - AIMP DevTeam) Aktualizacje NVIDIA 2.4.3.22 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 2.4.3.22 - NVIDIA Corporation) Hidden Alcor Micro USB Card Reader (HKLM-x32\...\{420ED767-62A5-462F-9DDA-AE3A95D4BF32}) (Version: 4.8.1245.73583 - Alcor Micro Corp.) Hidden Aloha TriPeaks (HKLM-x32\...\WTA-365de470-77d5-47cd-8ac9-292c18e4f341) (Version: 2.2.0.98 - WildTangent) Hidden AML Free Registry Cleaner 4.6 (HKLM-x32\...\{315F5FFC-1A5C-4A2A-B8E7-1C5B1174C198}_is1) (Version: - AML SOFT, Inc.) Angielsko-polski słownik skrótów ekonomicznych (HKLM-x32\...\{22DA62DD-5E43-4FCE-8B12-E5C6C374939D}) (Version: 1.00.0000 - WN PWN SA) Apple Application Support (32-bit) (HKLM-x32\...\{9738288C-21BC-4F54-AB4F-72F059339376}) (Version: 8.6 - Apple Inc.) Apple Application Support (64-bit) (HKLM\...\{DEB339C1-2687-43AB-816A-8714F3E26846}) (Version: 8.6 - Apple Inc.) Apple Mobile Device Support (HKLM\...\{F9CEF01A-3907-4614-824F-CF5D3E4675EF}) (Version: 14.1.0.35 - Apple Inc.) Apple Software Update (HKLM-x32\...\{A3985C05-7386-411F-A4BF-32A73F37EB44}) (Version: 2.6.3.1 - Apple Inc.) Assassin's Creed Brotherhood (HKLM-x32\...\{BE4BA698-8533-4F77-9559-C7F3F78C0B05}) (Version: 1.00 - Ubisoft) Atheros Driver Installation Program (HKLM-x32\...\{C3A32068-8AB1-4327-BB16-BED9C6219DC7}) (Version: 10.0 - Atheros) Avast BreachGuard (HKLM\...\AvastBreachGuard) (Version: 20.7.919.3208 - Avast Software) Avast Cleanup Premium (HKLM\...\Avast Cleanup) (Version: 21.1.9801.2260 - Avast Software) Avast Premium Security (HKLM-x32\...\Avast Antivirus) (Version: 21.1.2449 - Avast Software) Avast SecureLine VPN (HKLM\...\Avast SecureLine) (Version: 5.9.5357.1746 - Avast Software) AvastAntiTrackPremium (HKLM-x32\...\AvastAntiTrackPremium) (Version: 1.7.0.115 - Avast) AVS Media Player 5.1.2 (HKLM-x32\...\AVS Media Player_is1) (Version: 5.1.2.135 - Online Media Technologies Ltd.) AVS Video Converter 12.0.1 (HKLM-x32\...\AVS4YOU Video Converter 7_is1) (Version: 12.0.1.650 - Online Media Technologies Ltd.) Bandizip (HKLM\...\Bandizip) (Version: 5.05 - Bandisoft.com) Bejeweled 3 (HKLM-x32\...\WTA-e3980c8b-ab83-46dd-bf4a-bc44cb1b1427) (Version: 2.2.0.98 - WildTangent) Hidden BitComet 1.40 64-bit (HKLM-x32\...\BitComet_x64) (Version: 1.40 - CometNetwork) Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.) Brother MFL-Pro Suite DCP-J132W (HKLM-x32\...\{B742757A-7658-4E09-A51A-085CF0F7F4D3}) (Version: 1.0.0.0 - Brother Industries, Ltd.) Chuzzle Deluxe (HKLM-x32\...\WTA-7f0a031d-60dd-4e08-9d3b-0f71f03d9c94) (Version: 2.2.0.95 - WildTangent) Hidden Classic Shell (HKLM\...\{840C85B7-D3D6-4143-9AF9-DAE80FD54CFC}) (Version: 4.1.0 - IvoSoft) CodeBlocks (HKU\S-1-5-21-2615146530-3253038631-3002819462-1002\...\CodeBlocks) (Version: 17.12 - The Code::Blocks Team) DTS Sound (HKLM-x32\...\{2DFA9084-CEB3-4A48-B9F7-9038FEF1B8F4}) (Version: 1.01.2700 - DTS, Inc.) Empress of the Deep - The Darkest Secret (HKLM-x32\...\WTA-d2d8276e-0ba5-42a8-ad8e-daa60b2db841) (Version: 2.2.0.98 - WildTangent) Hidden Evernote v. 6.19.2 (HKLM-x32\...\{B02117F0-97C1-11E9-9D3F-005056951CAD}) (Version: 6.19.2.8555 - Evernote Corp.) GFExperience.Deployer (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_GFExperience.Deployer) (Version: 3.13.1.30 - NVIDIA Corporation) Hidden Google Chrome (HKLM-x32\...\Google Chrome) (Version: 88.0.4324.190 - Google LLC) HP 10bII+ Virtual Calculator (HKLM-x32\...\{C6ABAE79-1C6E-45DF-84DA-ADA90740F2FB}) (Version: 1.3.0.0 - Hewlett-Packard) IDT Audio Driver (HKLM\...\{588A747E-CFF6-46B3-9207-CD754F9473AF}) (Version: 6.10.6491.0 - IDT) InfraRecorder (HKLM-x32\...\InfraRecorder) (Version: - Christian Kindahl) Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.5.14.1724 - Intel Corporation) Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3282 - Intel Corporation) Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 12.8.0.1016 - Intel Corporation) Island Tribe (HKLM-x32\...\WTA-1fbea95f-95b0-4a5f-bc4a-7f63177b8194) (Version: 2.2.0.98 - WildTangent) Hidden iTunes (HKLM\...\{4F1F8D6D-AF14-41EB-B17D-3EC95C8E86A1}) (Version: 12.10.10.2 - Apple Inc.) Java 8 Update 111 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F64180111F0}) (Version: 8.0.1110.14 - Oracle Corporation) Java 8 Update 121 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F64180121F0}) (Version: 8.0.1210.13 - Oracle Corporation) Java 8 Update 131 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F64180131F0}) (Version: 8.0.1310.11 - Oracle Corporation) Java 8 Update 151 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F64180151F0}) (Version: 8.0.1510.12 - Oracle Corporation) Java 8 Update 172 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F64180172F0}) (Version: 8.0.1720.11 - Oracle Corporation) Java 8 Update 201 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F64180201F0}) (Version: 8.0.2010.9 - Oracle Corporation) Java 8 Update 51 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86418051F0}) (Version: 8.0.510 - Oracle Corporation) Jewel Quest Solitaire 2 (HKLM-x32\...\WTA-a8ccd6fa-045d-4d57-adb6-52aadbefaa60) (Version: 2.2.0.98 - WildTangent) Hidden K-Lite Codec Pack 10.8.0 Full (HKLM-x32\...\KLiteCodecPack_is1) (Version: 10.8.0 - ) Ledger Live 2.21.3 (HKLM\...\c62032b2-0bca-5abc-b458-fd67cfc9e49b) (Version: 2.21.3 - Ledger Live Team) Magic Academy (HKLM-x32\...\WTA-5bac0712-853b-4cc5-ba11-6999b3c6ce8a) (Version: 2.2.0.98 - WildTangent) Hidden Malwarebytes version 4.3.0.98 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 4.3.0.98 - Malwarebytes) Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation) Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 88.0.705.81 - Microsoft Corporation) Microsoft Edge Update (HKLM-x32\...\Microsoft Edge Update) (Version: 1.3.141.63 - ) Microsoft Office (HKLM-x32\...\{90150000-0138-0409-0000-0000000FF1CE}) (Version: 15.0.4454.1510 - Microsoft Corporation) Microsoft Office Professional Plus 2010 (HKLM\...\Office14.PROPLUS) (Version: 14.0.7015.1000 - Microsoft Corporation) Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50918.0 - Microsoft Corporation) Microsoft SQL Server Compact 4.0 x64 ENU (HKLM\...\{8424B163-D1E0-48B7-88A2-C7A61767B3D7}) (Version: 4.0.8482.1 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Preview Redistributable (x64) - 12.0.20617 (HKLM-x32\...\{448652c1-f5f3-4230-98c6-68c10c88b1fb}) (Version: 12.0.20617.1 - Microsoft Corporation) Microsoft Visual C++ 2013 Preview Redistributable (x86) - 12.0.20617 (HKLM-x32\...\{1f407217-9aec-4146-8504-e64ac959c534}) (Version: 12.0.20617.1 - Microsoft Corporation) Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24215 (HKLM-x32\...\{d992c12e-cab2-426f-bde3-fb8c53950b0d}) (Version: 14.0.24215.1 - Microsoft Corporation) Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM-x32\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation) Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation) MKVToolNix 24.0.0 (64-bit) (HKLM-x32\...\MKVToolNix) (Version: 24.0.0 - Moritz Bunkus) Mozilla Firefox 86.0 (x64 pl) (HKLM\...\Mozilla Firefox 86.0 (x64 pl)) (Version: 86.0 - Mozilla) Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 86.0.0.7723 - Mozilla) Notepad++ (64-bit x64) (HKLM\...\Notepad++) (Version: 7.9.2 - Notepad++ Team) NVIDIA GeForce Experience 2.4.3.22 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.4.3.22 - NVIDIA Corporation) NVIDIA Graphics Driver 391.25 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 391.25 - NVIDIA Corporation) NVIDIA Oprogramowanie systemu PhysX 9.15.0324 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.15.0324 - NVIDIA Corporation) OpenOffice 4.1.1 (HKLM-x32\...\{B5373BA3-BAD7-4EAC-A9D2-B66B41B82C57}) (Version: 4.11.9775 - Apache Software Foundation) Pazera Free FLV to AVI Converter 1.9 (HKLM-x32\...\{E82A57BC-E9B8-42F9-BDC7-4950BD73EA32}_is1) (Version: 1.9 - Jacek Pazera) Peggle Nights (HKLM-x32\...\WTA-851dde32-35e4-4b12-9ccb-5fb1d1cdbcf5) (Version: 2.2.0.98 - WildTangent) Hidden Plants vs. Zombies - Game of the Year (HKLM-x32\...\WTA-009801be-e5e4-4d9a-80dc-b3e5e386d8f6) (Version: 2.2.0.98 - WildTangent) Hidden Polar Bowler (HKLM-x32\...\WTA-7cba5679-1e3e-4caa-b32d-7b027ec5776d) (Version: 2.2.0.97 - WildTangent) Hidden Polski pakiet językowy dla narzędzi Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - PLK) (Version: 10.0.50903 - Microsoft Corporation) Qualcomm Atheros Bluetooth Suite (64) (HKLM\...\{A84A4FB1-D703-48DB-89E0-68B6499D2801}) (Version: 8.0.1.300 - Qualcomm Atheros) Qualcomm Atheros Inc.(R) AR81Family Gigabit/Fast Ethernet Driver (HKLM-x32\...\{3108C217-BE83-42E4-AE9E-A56A2A92E549}) (Version: 2.1.0.21 - Qualcomm Atheros Inc.) Real Alternative 2.0.2 (HKLM-x32\...\RealAlt_is1) (Version: 2.0.2 - ) Say It Right Online (HKU\S-1-5-21-2615146530-3253038631-3002819462-1002\...\e0bfc61a7f289a77) (Version: 1.0.0.80 - Say It Right Online) Screamer Radio (HKU\S-1-5-21-2615146530-3253038631-3002819462-1002\...\7fe429f13c163c5f) (Version: 0.9.5230.30612 - Steamcore) Service Pack 2 for Microsoft Office 2010 (KB2687455) 64-Bit Edition (HKLM\...\{90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{A3364707-2F53-4C83-8F68-C9877A9080C7}) (Version: - Microsoft) SHIELD Streaming (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_GFExperience.NvStreamSrv) (Version: 4.1.1000 - NVIDIA Corporation) Hidden SHIELD Wireless Controller Driver (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_ShieldWirelessController) (Version: 2.4.3.22 - NVIDIA Corporation) Hidden Skype Click to Call (HKLM-x32\...\{873F8E7C-10E6-449F-BD7E-5FBA7C8E1C9B}) (Version: 8.5.0.9167 - Microsoft Corporation) Skype version 8.67 (HKLM-x32\...\Skype_is1) (Version: 8.67 - Skype Technologies S.A.) Speakout 2e Advanced Plus DVD-ROM (HKLM-x32\...\xxxxxxxxxxxxx-Pearson) (Version: - Pearson Education) Terra Station 1.1.0 (HKU\S-1-5-21-2615146530-3253038631-3002819462-1002\...\544bd55a-4210-5d1d-8eb2-7ec231919777) (Version: 1.1.0 - Terra) TOSHIBA Addendum (HKLM-x32\...\{CE0374A6-B204-4336-8293-63FBB1DADBF4}) (Version: 1.00 - TOSHIBA) TOSHIBA Desktop Assist (HKLM\...\{95CCACF0-010D-45F0-82BF-858643D8BC02}) (Version: 1.02.01.6407 - Toshiba Corporation) TOSHIBA Display Utility (HKLM\...\{84FA4D2D-4273-4C66-BD3D-ADD3FE48DFA2}) (Version: 1.1.5.0 - Toshiba Corporation) TOSHIBA eco Utility (HKLM\...\{5944B9D4-3C2A-48DE-931E-26B31714A2F7}) (Version: 2.2.0.6404 - Toshiba Corporation) TOSHIBA Function Key (HKLM\...\{16562A90-71BC-41A0-B890-D91B0C267120}) (Version: 1.1.0001.6403 - Toshiba Corporation) TOSHIBA Manuals (HKLM-x32\...\{90FF4432-21B7-4AF6-BA6E-FB8C1FED9173}) (Version: 10.10 - TOSHIBA) TOSHIBA Password Utility (HKLM-x32\...\InstallShield_{78931270-BC9E-441A-A52B-73ECD4ACFAB5}) (Version: 3.00.344 - Toshiba Corporation) TOSHIBA PC Health Monitor (HKLM\...\{9DECD0F9-D3E8-48B0-A390-1CF09F54E3A4}) (Version: 1.9.09.6400 - Toshiba Corporation) TOSHIBA Recovery Media Creator (HKLM-x32\...\{B65BBB06-1F8E-48F5-8A54-B024A9E15FDF}) (Version: 3.1.02.55065006 - Toshiba Corporation) TOSHIBA Service Station (HKLM\...\{FBFCEEA5-96EA-4C8E-9262-43CBBEBAE413}) (Version: 2.6.8 - Toshiba Corporation) TOSHIBA System Driver (HKLM-x32\...\{1E6A96A1-2BAB-43EF-8087-30437593C66C}) (Version: 1.00.0030 - Toshiba Corporation) TOSHIBA System Settings (HKLM-x32\...\{05A55927-DB9B-4E26-BA44-828EBFF829F0}) (Version: 1.1.2.32001 - Toshiba Corporation) Toshiba TEMPRO (HKLM-x32\...\{F76F5214-83A8-4030-80C9-1EF57391D72A}) (Version: 4.5.0 - Toshiba Europe GmbH) TOSHIBA VIDEO PLAYER (HKLM\...\{FF07604E-C860-40E9-A230-E37FA41F103A}) (Version: 5.3.27.102 - Toshiba Corporation) Trezor Suite 20.12.1 (HKU\S-1-5-21-2615146530-3253038631-3002819462-1002\...\978be57b-9286-5cd7-a60b-54c81352a986) (Version: 20.12.1 - SatoshiLabs) Update Installer for WildTangent Games App (HKLM-x32\...\{2FA94A64-C84E-49d1-97DD-7BF06C7BBFB2}.WildTangent Games App) (Version: - WildTangent) Hidden VdhCoApp 1.6.0 (HKLM\...\weh-iss-net.downloadhelper.coapp_is1) (Version: - DownloadHelper) Virtual Villagers 4 - The Tree of Life (HKLM-x32\...\WTA-2ac93c4d-f56d-4095-874b-d443f599f6e3) (Version: 2.2.0.98 - WildTangent) Hidden VLC media player (HKLM-x32\...\VLC media player) (Version: 3.0.11 - VideoLAN) Vulkan Run Time Libraries 1.0.65.1 (HKLM\...\VulkanRT1.0.65.1) (Version: 1.0.65.1 - LunarG, Inc.) Hidden WildTangent Games (HKLM-x32\...\WildTangent wildgames Master Uninstall) (Version: 1.0.3.0 - WildTangent) WildTangent Games App (Toshiba Games) (HKLM-x32\...\{70B446D1-E03B-4ab0-9B3C-0832142C9AA8}.WildTangent Games App-toshiba) (Version: 4.0.9.7 - WildTangent) Hidden Zoom (HKU\S-1-5-21-2615146530-3253038631-3002819462-1002\...\ZoomUMX) (Version: 5.0 - Zoom Video Communications, Inc.) Packages: ========= - Games App - -> C:\Program Files\WindowsApps\WildTangentGames.-GamesApp-_1.0.3.28_x86__qt5r5pa5dyg8m [2015-07-05] (WildTangent Games) Amazon -> C:\Program Files\WindowsApps\Amazon.com.Amazon_3.1.2.8_neutral__343d40qqvtj1t [2015-07-13] (Amazon.com) Browser Choice -> C:\Windows\BrowserChoice [2014-11-20] (Microsoft Corporation) Doodle God™ Free for Toshiba -> C:\Program Files\WindowsApps\7E440FBB.DoodleGodFreeforToshiba_2.0.0.48_x64__pvm5kvqj2rwym [2013-09-19] (JoyBits-Ltd.) Evernote Touch -> C:\Program Files\WindowsApps\Evernote.Evernote_3.3.0.102_x86__q4d96b2w5wcc2 [2016-01-18] (Evernote) Fresh Paint -> C:\Program Files\WindowsApps\Microsoft.FreshPaint_2.0.15133.0_x86__8wekyb3d8bbwe [2016-01-17] (Microsoft Corporation) Gry -> C:\Program Files\WindowsApps\Microsoft.XboxLIVEGames_2.0.139.0_x64__8wekyb3d8bbwe [2014-11-20] (Microsoft Corporation) [MS Ad] Intel AppUp® Center – Toshiba Europe Edition -> C:\Program Files\WindowsApps\AppUp.IntelAppUpCenterToshibaEuropeEdition_1.3.42.881_x64__8j3eq9eme6ctt [2014-11-18] (INTEL CORP) Kindle -> C:\Program Files\WindowsApps\AMZNMobileLLC.KindleforWindows8_2.1.0.2_neutral__stfe6vwa9jnbp [2015-06-21] (AMZN Mobile LLC) McAfee® Central for Toshiba -> C:\Program Files\WindowsApps\McAfeeInc.04.McAfeeSecurityAdvisorforToshiba_5.0.170.1_x64__m0mgz90br52t0 [2018-04-03] (McAfee_Incorporated) MSN Finanse -> C:\Program Files\WindowsApps\Microsoft.BingFinance_3.0.4.344_x64__8wekyb3d8bbwe [2016-05-03] (Microsoft Corporation) [MS Ad] MSN Kuchnia -> C:\Program Files\WindowsApps\Microsoft.BingFoodAndDrink_3.0.4.336_x64__8wekyb3d8bbwe [2015-07-14] (Microsoft Corporation) [MS Ad] MSN Podróże -> C:\Program Files\WindowsApps\Microsoft.BingTravel_3.0.4.336_x64__8wekyb3d8bbwe [2015-07-14] (Microsoft Corporation) [MS Ad] MSN Pogoda -> C:\Program Files\WindowsApps\Microsoft.BingWeather_3.0.4.350_x64__8wekyb3d8bbwe [2016-12-07] (Microsoft Corporation) [MS Ad] MSN Sport -> C:\Program Files\WindowsApps\Microsoft.BingSports_3.0.4.345_x64__8wekyb3d8bbwe [2016-05-03] (Microsoft Corporation) [MS Ad] MSN Wiadomości -> C:\Program Files\WindowsApps\Microsoft.BingNews_3.0.4.344_x64__8wekyb3d8bbwe [2016-05-03] (Microsoft Corporation) [MS Ad] MSN Zdrowie i fitness -> C:\Program Files\WindowsApps\Microsoft.BingHealthAndFitness_3.0.4.336_x64__8wekyb3d8bbwe [2015-07-14] (Microsoft Corporation) [MS Ad] Muzyka -> C:\Program Files\WindowsApps\Microsoft.ZuneMusic_2.6.672.0_x64__8wekyb3d8bbwe [2015-03-22] (Microsoft Corporation) [MS Ad] My Toshiba -> C:\Program Files\WindowsApps\EnnovaResearch.ToshibaPlaces_2.2.38.0_x64__3s2an63h56yee [2016-02-09] (Ennova Research) Onet News -> C:\Program Files\WindowsApps\E9594ECD.OnetNews_2.0.0.7_neutral__c1gk75f6080hw [2014-11-20] (Grupa Onet.pl S.A.) Radio ZET -> C:\Program Files\WindowsApps\33215634.RadioZET_1.0.0.161_x64__93pm5em6fk0sr [2014-11-20] (Infor IT Sp. z o.o.) Skitch Touch -> C:\Program Files\WindowsApps\Evernote.Skitch_2.4.2000.1918_neutral__q4d96b2w5wcc2 [2014-11-20] (Evernote) Skype -> C:\Program Files\WindowsApps\Microsoft.SkypeApp_3.1.0.1016_x86__kzf8qxf38zg5c [2015-06-21] (Skype) [MS Ad] Skyscanner -> C:\Program Files\WindowsApps\Skyscanner.Skyscanner_1.4.2.0_neutral__623c9he0pwcym [2014-11-20] (Skyscanner) TOSHIBA Media Player by sMedio TrueLink+ -> C:\Program Files\WindowsApps\sMedioforToshiba.TOSHIBAMediaPlayerbysMedioTrueLin_3.1.1.33_x64__679ekb9hp1h62 [2016-04-23] (sMedio) VoD Onet -> C:\Program Files\WindowsApps\E9594ECD.Vod.pl_2.0.0.2_neutral__c1gk75f6080hw [2014-11-20] (Grupa Onet.pl S.A.) Wideo -> C:\Program Files\WindowsApps\Microsoft.ZuneVideo_2.6.446.0_x64__8wekyb3d8bbwe [2015-11-14] (Microsoft Corporation) [MS Ad] ==================== Custom CLSID (Whitelisted): ============== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) CustomCLSID: HKU\S-1-5-21-2615146530-3253038631-3002819462-1002_Classes\CLSID\{5B69A6B4-393B-459C-8EBB-214237A9E7AC}\InprocServer32 -> C:\Program Files\Bandizip\bdzshl64.dll (Bandisoft -> Bandisoft.com) ShellExecuteHooks: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [6671064 2013-12-19] (Microsoft Corporation -> Microsoft Corporation) ShellExecuteHooks-x32: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL [4171480 2013-12-19] (Microsoft Corporation -> Microsoft Corporation) ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2021-02-24] (Avast Software s.r.o. -> AVAST Software) ShellIconOverlayIdentifiers: [ShareOverlay] -> {594D4122-1F87-41E2-96C7-825FB4796516} => C:\Program Files\Classic Shell\ClassicExplorer64.dll [2014-04-20] (Ivaylo Beltchev -> IvoSoft) [File not signed] ShellIconOverlayIdentifiers-x32: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2021-02-24] (Avast Software s.r.o. -> AVAST Software) ShellIconOverlayIdentifiers-x32: [ShareOverlay] -> {594D4122-1F87-41E2-96C7-825FB4796516} => C:\Program Files\Classic Shell\ClassicExplorer64.dll [2014-04-20] (Ivaylo Beltchev -> IvoSoft) [File not signed] ContextMenuHandlers1-x32: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files (x86)\7-Zip\7-zip.dll [2019-02-21] (Igor Pavlov) [File not signed] ContextMenuHandlers1: [AABdzCtx] -> {5B69A6B4-393B-459C-8EBB-214237A9E7AC} => C:\Program Files\Bandizip\bdzshl64.dll [2015-02-12] (Bandisoft -> Bandisoft.com) ContextMenuHandlers1: [AIMP] -> {1F77B17B-F531-44DB-ACA4-76ABB5010A28} => C:\Program Files (x86)\AIMP3\Modules\aimp_menu64.dll [2014-11-18] (AIMP DevTeam) [File not signed] ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} => C:\Program Files\Notepad++\NppShell_06.dll [2020-12-31] (Notepad++ -> ) ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2021-02-24] (Avast Software s.r.o. -> AVAST Software) ContextMenuHandlers2: [AABdzCtx] -> {5B69A6B4-393B-459C-8EBB-214237A9E7AC} => C:\Program Files\Bandizip\bdzshl64.dll [2015-02-12] (Bandisoft -> Bandisoft.com) ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2021-02-24] (Avast Software s.r.o. -> AVAST Software) ContextMenuHandlers4-x32: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files (x86)\7-Zip\7-zip.dll [2019-02-21] (Igor Pavlov) [File not signed] ContextMenuHandlers4: [AABdzCtx] -> {5B69A6B4-393B-459C-8EBB-214237A9E7AC} => C:\Program Files\Bandizip\bdzshl64.dll [2015-02-12] (Bandisoft -> Bandisoft.com) ContextMenuHandlers4: [AIMP] -> {1F77B17B-F531-44DB-ACA4-76ABB5010A28} => C:\Program Files (x86)\AIMP3\Modules\aimp_menu64.dll [2014-11-18] (AIMP DevTeam) [File not signed] ContextMenuHandlers5: [AABdzCtx] -> {5B69A6B4-393B-459C-8EBB-214237A9E7AC} => C:\Program Files\Bandizip\bdzshl64.dll [2015-02-12] (Bandisoft -> Bandisoft.com) ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => C:\Windows\system32\igfxpph.dll [2013-11-04] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation) ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\Windows\system32\nvshext.dll [2018-03-16] (NVIDIA Corporation -> NVIDIA Corporation) ContextMenuHandlers6-x32: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files (x86)\7-Zip\7-zip.dll [2019-02-21] (Igor Pavlov) [File not signed] ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2021-02-24] (Avast Software s.r.o. -> AVAST Software) ContextMenuHandlers6: [StartMenuExt] -> {E595F05F-903F-4318-8B0A-7F633B520D2B} => C:\Windows\system32\StartMenuHelper64.dll [2014-04-20] (Ivaylo Beltchev -> IvoSoft) [File not signed] ContextMenuHandlers1_S-1-5-21-2615146530-3253038631-3002819462-1002: [AABdzCtx] -> {5B69A6B4-393B-459C-8EBB-214237A9E7AC} => C:\Program Files\Bandizip\bdzshl64.dll [2015-02-12] (Bandisoft -> Bandisoft.com) ContextMenuHandlers2_S-1-5-21-2615146530-3253038631-3002819462-1002: [AABdzCtx] -> {5B69A6B4-393B-459C-8EBB-214237A9E7AC} => C:\Program Files\Bandizip\bdzshl64.dll [2015-02-12] (Bandisoft -> Bandisoft.com) ContextMenuHandlers4_S-1-5-21-2615146530-3253038631-3002819462-1002: [AABdzCtx] -> {5B69A6B4-393B-459C-8EBB-214237A9E7AC} => C:\Program Files\Bandizip\bdzshl64.dll [2015-02-12] (Bandisoft -> Bandisoft.com) ContextMenuHandlers5_S-1-5-21-2615146530-3253038631-3002819462-1002: [AABdzCtx] -> {5B69A6B4-393B-459C-8EBB-214237A9E7AC} => C:\Program Files\Bandizip\bdzshl64.dll [2015-02-12] (Bandisoft -> Bandisoft.com) ==================== Codecs (Whitelisted) ==================== ==================== Shortcuts & WMI ======================== (The entries could be listed to be restored or removed.) ShortcutWithArgument: C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Uniswap.lnk -> C:\Program Files\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory=Default --app-id=aaecigpilhpekajnmchaikcadkceoimf ==================== Loaded Modules (Whitelisted) ============= 2021-03-02 15:59 - 2009-02-27 16:38 - 000139264 ____R () [File not signed] C:\Program Files (x86)\Brother\BrUtilities\BrLogAPI.dll 2014-11-20 14:25 - 2005-04-22 05:36 - 000143360 ____R () [File not signed] C:\Windows\system32\BrSNMP64.dll 2021-03-02 16:01 - 2012-07-13 13:09 - 000385024 ____N (Brother Industries, Ltd.) [File not signed] C:\Program Files (x86)\Browny02\BrMonitor.dll 2021-03-02 16:00 - 2013-05-14 19:24 - 000137728 ____N (Brother Industries, Ltd.) [File not signed] C:\Program Files (x86)\ControlCenter4\BrCcAssoc.dll 2021-03-02 16:00 - 2012-12-21 12:31 - 000078848 ____N (Brother Industries, Ltd.) [File not signed] C:\Program Files (x86)\ControlCenter4\BrCcDlgRc.dll 2021-03-02 16:00 - 2012-12-21 12:31 - 017666560 ____N (Brother Industries, Ltd.) [File not signed] C:\Program Files (x86)\ControlCenter4\BrCcGrImg.dll 2021-03-02 16:01 - 2013-05-14 19:40 - 000077312 ____N (Brother Industries, Ltd.) [File not signed] C:\Program Files (x86)\ControlCenter4\BrCcLPol.dll 2014-11-20 14:25 - 2012-10-19 13:02 - 000087040 _____ (Brother Industries, Ltd.) [File not signed] C:\Windows\system32\BrNetSti.dll 2014-04-20 10:17 - 2014-04-20 10:17 - 000803520 _____ (Ivaylo Beltchev -> IvoSoft) [File not signed] C:\Program Files\Classic Shell\ClassicExplorer64.dll 2014-04-20 10:17 - 2014-04-20 10:17 - 003374272 _____ (Ivaylo Beltchev -> IvoSoft) [File not signed] C:\Program Files\Classic Shell\ClassicStartMenuDLL.dll 2014-12-22 20:41 - 2015-05-01 17:51 - 001847600 _____ (NVIDIA Corporation PE Sign v2014 -> NVIDIA Corporation) [File not signed] C:\Program Files\NVIDIA Corporation\NvStreamSrv\rxinput.dll ==================== Alternate Data Streams (Whitelisted) ======== ==================== Safe Mode (Whitelisted) ================== (If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.) HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\aswSP.sys => ""="Driver" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\aswSP.sys => ""="Driver" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service" ==================== Association (Whitelisted) ================= ==================== Internet Explorer (Whitelisted) ========== HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com/ HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com/ HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com/ HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com/ HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Local Page = HKU\S-1-5-21-2615146530-3253038631-3002819462-1002\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.gazeta.pl/0,0.html?p=190 SearchScopes: HKLM-x32 -> {632F07F3-19A1-4d16-A23F-E6CE9486BAB5} URL = hxxp://www.bing.com/search?q={searchTerms}&FORM=AVASDF&PC=AV01 SearchScopes: HKLM-x32 -> {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = hxxps://www.google.com/search?trackid=sp-006&q={searchTerms} SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-21-2615146530-3253038631-3002819462-1002 -> {13801E64-9F33-40F0-B5D5-18ED9327EC96} URL = SearchScopes: HKU\S-1-5-21-2615146530-3253038631-3002819462-1002 -> {632F07F3-19A1-4d16-A23F-E6CE9486BAB5} URL = hxxp://www.bing.com/search?q={searchTerms}&FORM=AVASDF&PC=AV01 SearchScopes: HKU\S-1-5-21-2615146530-3253038631-3002819462-1002 -> {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = hxxps://www.google.com/search?trackid=sp-006&q={searchTerms} BHO: ExplorerBHO Class -> {449D0D6E-2412-4E61-B68F-1CB625CD9E52} -> C:\Program Files\Classic Shell\ClassicExplorer64.dll [2014-04-20] (Ivaylo Beltchev -> IvoSoft) [File not signed] BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation -> Microsoft Corporation) BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_201\bin\ssv.dll [2020-02-02] (Oracle America, Inc. -> Oracle Corporation) BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation -> Microsoft Corporation) BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_201\bin\jp2ssv.dll [2020-02-02] (Oracle America, Inc. -> Oracle Corporation) BHO: ClassicIEBHO Class -> {EA801577-E6AD-4BD5-8F71-4BE0154331A4} -> C:\Program Files\Classic Shell\ClassicIEDLL_64.dll [2014-04-20] (Ivaylo Beltchev -> IvoSoft) [File not signed] BHO-x32: BitComet Helper -> {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} -> C:\Program Files\BitComet\tools\BitCometBHO_1.5.4.11.dll [2013-11-29] (Shanghai Comet Network Technology -> BitComet) BHO-x32: ExplorerBHO Class -> {449D0D6E-2412-4E61-B68F-1CB625CD9E52} -> C:\Program Files\Classic Shell\ClassicExplorer32.dll [2014-04-20] (Ivaylo Beltchev -> IvoSoft) [File not signed] BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation -> Microsoft Corporation) BHO-x32: Evernote extension -> {92EF2EAD-A7CE-4424-B0DB-499CF856608E} -> C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll [2019-06-25] (Evernote Corporation -> Evernote Corp., 305 Walnut Street, Redwood City, CA 94063) BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation -> Microsoft Corporation) BHO-x32: ClassicIEBHO Class -> {EA801577-E6AD-4BD5-8F71-4BE0154331A4} -> C:\Program Files\Classic Shell\ClassicIEDLL_32.dll [2014-04-20] (Ivaylo Beltchev -> IvoSoft) [File not signed] Toolbar: HKLM - Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer64.dll [2014-04-20] (Ivaylo Beltchev -> IvoSoft) [File not signed] Toolbar: HKLM-x32 - Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer32.dll [2014-04-20] (Ivaylo Beltchev -> IvoSoft) [File not signed] ==================== Hosts content: ========================= (If needed Hosts: directive could be included in the fixlist to reset Hosts.) 2013-08-22 14:25 - 2019-01-14 10:35 - 000000825 _____ C:\Windows\system32\drivers\etc\hosts ==================== Other Areas =========================== (Currently there is no automatic fix for this section.) HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Common Files\Oracle\Java\javapath;C:\ProgramData\Oracle\Java\javapath;C:\Program Files (x86)\Intel\iCLS Client\;C:\Program Files\Intel\iCLS Client\;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common HKU\S-1-5-21-2615146530-3253038631-3002819462-1002\Control Panel\Desktop\\Wallpaper -> C:\Users\User\AppData\Roaming\Mozilla\Firefox\Desktop Background.bmp DNS Servers: 192.168.1.1 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1) HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin) Windows Firewall is enabled. ==================== MSCONFIG/TASK MANAGER disabled items == (If an entry is included in the fixlist, it will be removed.) HKLM\...\StartupApproved\Run: => "HotKeysCmds" HKLM\...\StartupApproved\Run: => "IgfxTray" HKLM\...\StartupApproved\Run: => "Nvtmru" HKLM\...\StartupApproved\Run: => "Persistence" HKLM\...\StartupApproved\Run: => "TecoResident" HKLM\...\StartupApproved\Run: => "SynTPEnh" HKLM\...\StartupApproved\Run: => "TosWaitSrv" HKLM\...\StartupApproved\Run32: => "Adobe ARM" HKLM\...\StartupApproved\Run32: => "1.TPUReg" HKLM\...\StartupApproved\Run32: => "AmIcoSinglun64" HKLM\...\StartupApproved\Run32: => "TSVU" ==================== FirewallRules (Whitelisted) ================ (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) FirewallRules: [{41367900-606E-4F47-B857-0D0F5E4B264E}] => (Allow) C:\Program Files\BitComet\BitComet.exe (Xing Wang -> www.BitComet.com) [File not signed] FirewallRules: [{40D2A9EC-6D2F-4080-85AC-8665A4E41B0E}] => (Allow) C:\Program Files\BitComet\BitComet.exe (Xing Wang -> www.BitComet.com) [File not signed] FirewallRules: [TCP Query User{A3D368C7-084F-4CF0-9B5C-7964C652A05D}C:\program files\bitcomet\bitcomet.exe] => (Allow) C:\program files\bitcomet\bitcomet.exe (Xing Wang -> www.BitComet.com) [File not signed] FirewallRules: [UDP Query User{F08E8182-9DAF-49D0-A409-34C6B5BCEA10}C:\program files\bitcomet\bitcomet.exe] => (Allow) C:\program files\bitcomet\bitcomet.exe (Xing Wang -> www.BitComet.com) [File not signed] FirewallRules: [{FF1A8BCC-49FB-4A87-B455-B027F092F3B6}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe (NVIDIA Corporation -> NVIDIA Corporation) FirewallRules: [{9F07C647-B3C0-4057-9801-7B2B2FE486AF}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe (NVIDIA Corporation -> NVIDIA Corporation) FirewallRules: [{F5F00343-7BB2-4899-92E1-E9A540E00FE5}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe (NVIDIA Corporation -> NVIDIA Corporation) FirewallRules: [{3818B703-7EFD-4CE5-AAAD-0E9472CC2D93}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe (NVIDIA Corporation -> NVIDIA Corporation) FirewallRules: [{F313839F-3496-4C42-AB28-3A1FFEFD9BA4}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation) FirewallRules: [{C6E82A47-1452-4BB6-97E1-F283E9E7FBF2}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation) FirewallRules: [TCP Query User{AB3E028C-AA5E-468F-8858-385CA7483902}C:\program files (x86)\mozilla firefox\firefox.exe] => (Allow) C:\program files (x86)\mozilla firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation) FirewallRules: [UDP Query User{DEE8A838-7001-4BB1-8D0C-F2E25B64A63E}C:\program files (x86)\mozilla firefox\firefox.exe] => (Allow) C:\program files (x86)\mozilla firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation) FirewallRules: [{51852E5F-E2D8-4ED6-8580-06A45E97C2F3}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.) FirewallRules: [{FD6FC7C5-DAA3-4E94-9E2C-F71D58B7F8D0}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.) FirewallRules: [{84048583-514A-4146-914A-51CC04FD074C}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.) FirewallRules: [{7301F6B1-5BF9-40D5-8F99-53D86DF52FD2}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.) FirewallRules: [{76BCAEEB-2839-47D9-A7A8-90FCAE8FF222}] => (Allow) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc. -> Apple Inc.) FirewallRules: [{E7A06904-6A57-40B4-9DB8-9B0A467C00D3}] => (Allow) C:\Users\User\AppData\Roaming\Zoom\bin\Zoom.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.) FirewallRules: [{1942BBD7-5BE4-470F-985D-EE98FD6579CF}] => (Allow) F:\itunes\iTunes.exe (Apple Inc. -> Apple Inc.) FirewallRules: [{B71CE374-65E8-4FE9-B416-8D19B7C0E84C}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.) FirewallRules: [{D978CEE9-3329-4299-8EE9-68B24DEBC206}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.) FirewallRules: [{3DDDAAD4-8DAF-4325-AF5D-3F553C091F03}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.) FirewallRules: [{64B0CA41-6944-4CE8-8034-11110030301A}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.) FirewallRules: [{C8C8C681-3308-46BA-B174-6C69C2CA4A10}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC) FirewallRules: [{76FFDF3B-E1BE-4783-8CEE-536EE09DE6BE}] => (Allow) LPort=54925 FirewallRules: [{2D03AAF6-A197-4FE2-AAE9-AD7F7F5630A6}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation) FirewallRules: [{CDBAB092-8AFB-42AA-AD7A-5834909623E9}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation) ==================== Restore Points ========================= 02-03-2021 13:59:22 Usunięte Brother Software Suite ==================== Faulty Device Manager Devices ============ Name: avast! SecureLine TAP Adapter v3 Description: avast! SecureLine TAP Adapter v3 Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318} Manufacturer: TAP-Windows Provider V9 Service: aswTap Problem: : This device is disabled. (Code 22) Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions. ==================== Event log errors: ======================== Application errors: ================== Error: (03/04/2021 05:41:12 PM) (Source: Application Hang) (EventID: 1002) (User: ) Description: The program AvastAntiTrackPremium.exe version 1.7.0.17519 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel. Process ID: 920 Start Time: 01d711136cfcc6af Termination Time: 45 Application Path: C:\Program Files (x86)\AVAST Software\AvastAntiTrackPremium\AvastAntiTrackPremium.exe Report Id: 5f89c398-7d08-11eb-841a-0c54a550e408 Faulting package full name: Faulting package-relative application ID: Error: (03/04/2021 05:30:43 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Faulting application name: ig.exe, version: 1.0.1.1, time stamp: 0x5f43d0e0 Faulting module name: KERNELBASE.dll, version: 6.3.9600.19678, time stamp: 0x5e82c0f7 Exception code: 0xc0000142 Fault offset: 0x0009d452 Faulting process id: 0x18c0 Faulting application start time: 0x01d71113abf490b9 Faulting application path: C:\Users\User\AppData\LocalLow\IGDump\sjuqhjbxebpleqhqmuabwwcdqmufubmn\ig.exe Faulting module path: KERNELBASE.dll Report Id: f6bdb1df-7d06-11eb-841a-0c54a550e408 Faulting package full name: Faulting package-relative application ID: Error: (03/04/2021 04:57:29 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Faulting application name: malwarebytes_assistant.exe, version: 4.0.0.897, time stamp: 0x6019d253 Faulting module name: Qt5Core.dll, version: 5.14.1.0, time stamp: 0x5f84e8d4 Exception code: 0xc0000005 Fault offset: 0x0000000000219dc5 Faulting process id: 0x700 Faulting application start time: 0x01d7110ef36b0b94 Faulting application path: C:\Program Files\Malwarebytes\Anti-Malware\malwarebytes_assistant.exe Faulting module path: C:\Program Files\Malwarebytes\Anti-Malware\Qt5Core.dll Report Id: 5247c4e9-7d02-11eb-8419-0c54a550e408 Faulting package full name: Faulting package-relative application ID: Error: (03/04/2021 03:49:20 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Faulting application name: AvastAntiTrackPremiumFilter.exe, version: 1.0.0.0, time stamp: 0x5f7c2044 Faulting module name: KERNELBASE.dll, version: 6.3.9600.19724, time stamp: 0x5ec50c3e Exception code: 0xe0434352 Fault offset: 0x000156e8 Faulting process id: 0x1378 Faulting application start time: 0x01d71105064e4008 Faulting application path: C:\Program Files (x86)\AVAST Software\AvastAntiTrackPremium\NetFilter\AvastAntiTrackPremiumFilter.exe Faulting module path: C:\Windows\SYSTEM32\KERNELBASE.dll Report Id: cc9f95b7-7cf8-11eb-8419-0c54a550e408 Faulting package full name: Faulting package-relative application ID: Error: (03/04/2021 03:49:07 PM) (Source: .NET Runtime) (EventID: 1026) (User: ) Description: Application: AvastAntiTrackPremiumFilter.exe Framework Version: v4.0.30319 Description: The process was terminated due to an unhandled exception. Exception Info: System.InvalidOperationException at System.Windows.Forms.Control.MarshaledInvoke(System.Windows.Forms.Control, System.Delegate, System.Object[], Boolean) at System.Windows.Forms.Control.BeginInvoke(System.Delegate, System.Object[]) at PFNetFilterCS.Form1.updateSessionListSafe(UInt64, nfapinet.NF_TCP_CONN_INFO, Boolean) at PFNetFilterCS.Filter.tcpClosed(UInt64, nfapinet.NF_TCP_CONN_INFO) at pfapinet.PFEventsFwd.tcpClosed(UInt64, nfapinet.NF_TCP_CONN_INFO ByRef) Error: (03/04/2021 03:05:23 PM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: mDNSCoreReceiveResponse: Resetting to Probing: 16 Admin.local. AAAA FE80:0000:0000:0000:F1E6:948D:267C:EA5B Error: (03/04/2021 03:05:23 PM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: mDNSCoreReceiveResponse: Received from 192.168.1.11:5353 16 Admin.local. AAAA 2A01:118F:052E:9400:B129:B767:4BA8:15A7 Error: (03/04/2021 03:05:23 PM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: mDNSCoreReceiveResponse: Resetting to Probing: 16 Admin.local. AAAA 2A01:118F:052E:9400:4D95:BA3F:7253:2B53 System errors: ============= Error: (03/04/2021 05:35:41 PM) (Source: Service Control Manager) (EventID: 7022) (User: ) Description: The Intel(R) Management and Security Application Local Management Service service hung on starting. Error: (03/04/2021 05:31:56 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: The Google Update Service (gupdate) service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion. Error: (03/04/2021 05:31:56 PM) (Source: Service Control Manager) (EventID: 7009) (User: ) Description: A timeout was reached (30000 milliseconds) while waiting for the Google Update Service (gupdate) service to connect. Error: (03/04/2021 05:29:41 PM) (Source: NetBT) (EventID: 4321) (User: ) Description: The name "ADMIN :0" could not be registered on the interface with IP address 192.168.1.14. The computer with the IP address 192.168.1.11 did not allow the name to be claimed by this computer. Error: (03/04/2021 05:29:27 PM) (Source: NetBT) (EventID: 4321) (User: ) Description: The name "ADMIN :0" could not be registered on the interface with IP address 192.168.1.14. The computer with the IP address 192.168.1.11 did not allow the name to be claimed by this computer. Error: (03/04/2021 05:29:13 PM) (Source: NetBT) (EventID: 4321) (User: ) Description: The name "ADMIN :20" could not be registered on the interface with IP address 192.168.1.14. The computer with the IP address 192.168.1.11 did not allow the name to be claimed by this computer. Error: (03/04/2021 05:29:13 PM) (Source: Server) (EventID: 2505) (User: ) Description: The server could not bind to the transport \Device\NetBT_Tcpip_{3D28A540-DE70-4AD8-A5FA-AB68B12559DA} because another computer on the network has the same name. The server could not start. Error: (03/04/2021 05:29:06 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: The TOSHIBA Optical Disc Drive Service service failed to start due to the following error: The system cannot find the path specified. Windows Defender: ================ Date: 2018-06-14 17:19:05.929 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\wow64.dll because the set of per-page image hashes could not be found on the system. Date: 2018-06-14 17:19:05.028 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\wow64.dll because the set of per-page image hashes could not be found on the system. Date: 2018-06-14 17:19:03.876 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\wow64.dll because the set of per-page image hashes could not be found on the system. Date: 2018-06-14 17:19:02.686 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\wow64.dll because the set of per-page image hashes could not be found on the system. Date: 2018-06-14 17:19:01.314 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\wow64.dll because the set of per-page image hashes could not be found on the system. Date: 2018-06-14 17:18:59.850 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\wow64.dll because the set of per-page image hashes could not be found on the system. Date: 2018-06-14 17:18:58.483 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\wow64.dll because the set of per-page image hashes could not be found on the system. Date: 2018-06-14 17:18:57.456 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\wow64.dll because the set of per-page image hashes could not be found on the system. Date: 2018-06-14 17:18:56.481 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\wow64.dll because the set of per-page image hashes could not be found on the system. Date: 2018-06-14 17:18:55.715 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\wow64.dll because the set of per-page image hashes could not be found on the system. Event[10]: Date: 2018-06-14 17:18:54.988 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\wow64.dll because the set of per-page image hashes could not be found on the system. Event[11]: Date: 2018-06-14 17:18:54.328 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\wow64.dll because the set of per-page image hashes could not be found on the system. Date: 2016-10-09 18:18:40.516 Description: Windows Defender scan has been stopped before completion. Scan Type: Antimalware Scan Parameters: Quick Scan Date: 2016-10-09 18:00:35.805 Description: Windows Defender scan has been stopped before completion. Scan Type: Antimalware Scan Parameters: Quick Scan Date: 2016-10-09 13:20:21.623 Description: Windows Defender scan has been stopped before completion. Scan Type: Antimalware Scan Parameters: Quick Scan Date: 2016-10-08 18:46:36.003 Description: Windows Defender scan has been stopped before completion. Scan Type: Antimalware Scan Parameters: Quick Scan Date: 2016-10-08 17:01:29.594 Description: Windows Defender scan has been stopped before completion. Scan Type: Antimalware Scan Parameters: Quick Scan Date: 2016-10-09 13:40:06.410 Description: Windows Defender has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 115.6.0.0 Update Source: Microsoft Malware Protection Center Signature Type: Network Inspection System Update Type: Full Current Engine Version: Previous Engine Version: 2.1.11804.0 Error code: 0x80072ee7 Error description: Nie można określić nazwy serwera lub adresu. Date: 2016-10-09 13:40:06.402 Description: Windows Defender has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 1.201.2259.0 Update Source: Microsoft Malware Protection Center Signature Type: AntiSpyware Update Type: Full Current Engine Version: Previous Engine Version: 1.1.11804.0 Error code: 0x80072ee7 Error description: Nie można określić nazwy serwera lub adresu. Date: 2016-10-09 13:40:06.401 Description: Windows Defender has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 1.201.2259.0 Update Source: Microsoft Malware Protection Center Signature Type: AntiVirus Update Type: Full Current Engine Version: Previous Engine Version: 1.1.11804.0 Error code: 0x80072ee7 Error description: Nie można określić nazwy serwera lub adresu. Date: 2016-10-09 13:40:06.361 Description: Windows Defender has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 1.201.2259.0 Update Source: Microsoft Update Server Signature Type: AntiVirus Update Type: Full Current Engine Version: Previous Engine Version: 1.1.11804.0 Error code: 0x8024402c Error description: Podczas sprawdzania aktualizacji wystąpił nieoczekiwany problem. Aby uzyskać informacje na temat instalowania aktualizacji i rozwiązywania problemów z nimi, zobacz Pomoc i obsługę techniczną. Date: 2016-10-09 09:27:31.538 Description: Windows Defender has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 115.6.0.0 Update Source: Microsoft Malware Protection Center Signature Type: Network Inspection System Update Type: Full Current Engine Version: Previous Engine Version: 2.1.11804.0 Error code: 0x80072ee7 Error description: Nie można określić nazwy serwera lub adresu. ==================== Memory info =========================== BIOS: Insyde Corp. 1.20 09/04/2013 Motherboard: Intel PT10F Processor: Intel(R) Core(TM) i3-3110M CPU @ 2.40GHz Percentage of memory in use: 59% Total physical RAM: 3971.27 MB Available physical RAM: 1614.25 MB Total Virtual: 35971.27 MB Available Virtual: 33278.04 MB ==================== Drives ================================ Drive c: (TI31216600A) (Fixed) (Total:169.99 GB) (Free:63.86 GB) NTFS Drive d: (gry) (Fixed) (Total:177.7 GB) (Free:111.13 GB) NTFS Drive f: (moje) (Fixed) (Total:163.03 GB) (Free:81.33 GB) NTFS Drive h: (filmy) (Fixed) (Total:176.64 GB) (Free:110.72 GB) NTFS \\?\Volume{ddea6bce-2591-11e3-933a-54bef7605701}\ (System) (Fixed) (Total:1 GB) (Free:0.61 GB) NTFS \\?\Volume{f25f8b94-64a6-11e3-ad17-0c54a550e408}\ (Recovery) (Fixed) (Total:10.05 GB) (Free:0.86 GB) NTFS ==================== MBR & Partition Table ==================== ========================================================== Disk: 0 (Protective MBR) (Size: 698.6 GB) (Disk ID: 00000000) Partition: GPT. ==================== End of Addition.txt =======================