Rezultaty skanu uzupełniającego Farbar Recovery Scan Tool (x64) Wersja: 03.03.2019 01
Uruchomiony przez weranda (08-03-2019 18:47:27)
Uruchomiony z C:\Users\weranda\Downloads
Windows 7 Professional Service Pack 1 (X64) (2016-06-30 21:53:12)
Tryb startu: Normal
==========================================================


==================== Konta użytkowników: =============================

Administrator (S-1-5-21-1875640827-2227973923-1423200866-500 - Administrator - Disabled)
Gość (S-1-5-21-1875640827-2227973923-1423200866-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-1875640827-2227973923-1423200866-1003 - Limited - Enabled)
ktoś inny (S-1-5-21-1875640827-2227973923-1423200866-1004 - Limited - Enabled) => C:\Users\ktoś inny
weranda (S-1-5-21-1875640827-2227973923-1423200866-1000 - Administrator - Enabled) => C:\Users\weranda

==================== Centrum zabezpieczeń ========================

(Załączenie wejścia w fixlist spowoduje jego usunięcie.)

AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Zainstalowane programy ======================

(W fixlist dozwolone tylko załączanie programów adware z flagą "Hidden" w celu ich uwidocznienia. Programy adware powinny zostać w poprawny sposób odinstalowane.)

1-Wire Drivers Version 4.03 x64 (HKLM\...\{A7F4ED14-F167-47EE-AF9A-43963500E1D9}) (Version: 4.0.3 - Maxim Integrated Products)
7-Zip 19.00 (x64) (HKLM\...\7-Zip) (Version: 19.00 - Igor Pavlov)
Adobe Acrobat Reader DC - Polish (HKLM-x32\...\{AC76BA86-7AD7-1045-7B44-AC0F074E4100}) (Version: 19.010.20098 - Adobe Systems Incorporated)
Adobe After Effects CS6 (HKLM-x32\...\{4817D846-700B-474E-A31B-80892B3E92E3}) (Version: 11 - Adobe Systems Incorporated)
Adobe Flash Player 32 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 32.0.0.142 - Adobe Systems Incorporated)
Adobe Flash Player 32 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 32.0.0.142 - Adobe Systems Incorporated)
Advertising Center (HKLM-x32\...\{b2ec4a38-b545-4a00-8214-13fe0e915e6d}) (Version: 0.0.0.1 - Nero AG) Hidden
AMD Catalyst Install Manager (HKLM\...\{1D1DCF8A-6961-F848-0DA0-5401969C44CE}) (Version: 8.0.915.0 - Advanced Micro Devices, Inc.)
Badanie mające na celu poprawę produktów HP DeskJet 4670 series (HKLM\...\{A600DC36-D95F-4E8B-91B3-673EF491C84C}) (Version: 36.0.72.54013 - Hewlett-Packard Co.)
Chromium (HKLM-x32\...\{E9B40174-B934-D0F4-08B4-A074D83473F4}) (Version:  - )
Euro Truck Simulator 2 v1.13.3s (15 DLC)(2-click run) (HKLM-x32\...\Euro Truck Simulator 2 v1.13.3s (15 DLC)(2-click run)1.13.3s) (Version: 1.13.3s - Friends in War)
Freemake Video Converter wersja 4.1.10 (HKLM-x32\...\Freemake Video Converter_is1) (Version: 4.1.10 - Ellora Assets Corporation)
FreePDF XP (Remove only) (HKLM-x32\...\FreePDF_XP) (Version:  - )
GIMP 2.8.18 (HKLM\...\GIMP-2_is1) (Version: 2.8.18 - The GIMP Team)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 72.0.3626.119 - Google Inc.)
Google Drive (HKLM-x32\...\{A8DC81F2-D365-4248-892A-FA3B5951F731}) (Version: 2.34.9392.7803 - Google, Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.23 - Google Inc.) Hidden
Google Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.21.115 - Google Inc.) Hidden
Hard Truck 18 Wheels of Steel (HKLM-x32\...\Hard Truck 18 Wheels of Steel) (Version:  - )
HDD Regenerator (HKLM-x32\...\{2445981B-A23B-4A0E-AD15-3D391BDAEC3E}) (Version: 1.71.0012 - Abstradrome)
HP DeskJet 4670 series — podstawowe oprogramowanie urządzenia (HKLM\...\{49C01947-E93C-4B4F-B27A-222FC55A2340}) (Version: 36.0.72.54013 - Hewlett-Packard Co.)
HP DeskJet 4670 series Pomoc (HKLM-x32\...\{DD35E866-2726-4C21-95C4-B726F056BF6B}) (Version: 36.0.0 - Hewlett Packard)
HP Dropbox Plugin (HKLM-x32\...\{581FEA38-471B-4895-A563-3921CAC73CB6}) (Version: 36.0.31.53050 - Hewlett-Packard Co.)
HP Google Drive Plugin (HKLM-x32\...\{1D14D459-DE8A-4180-A270-697236381DA5}) (Version: 36.0.31.53050 - Hewlett-Packard Co.)
HP Photo Creations (HKLM-x32\...\HP Photo Creations) (Version: 1.0.0.9572 - HP)
HP Update (HKLM-x32\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard)
I.R.I.S. OCR (HKLM-x32\...\{02A245C7-C006-4C6B-BF7D-9866872AB814}) (Version: 12.3.6.9 - HP)
IC_Katalog ONLINE (HKU\S-1-5-21-1875640827-2227973923-1423200866-1000\...\2f3530a7666b3c93) (Version: 2.55.0.0 - Inter Cars)
Icecream Ebook Reader wersja 5.19 (HKLM-x32\...\{B8C30F0F-1F23-49E1-A3ED-44DE17660EE2}_is1) (Version: 5.19 - Icecream Apps)
Inkscape 0.91 (HKLM\...\{81922150-317E-4BB0-A31D-FF1C14F707C5}) (Version: 0.91 - inkscape.org)
Java 8 Update 101 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180101F0}) (Version: 8.0.1010.13 - Oracle Corporation)
Java 8 Update 181 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180181F0}) (Version: 8.0.1810.13 - Oracle Corporation)
Manager (HKLM-x32\...\{38251B9A-C44B-42D9-9A6A-0697986E334A}) (Version: 4.1.4.27792 - 2015 pdfforge GmbH. All rights reserved) Hidden
McAfee WebAdvisor (HKLM-x32\...\{35ED3F83-4BDC-4c44-8EC6-6A8301C7413A}) (Version: 4.1.0.23 - McAfee, Inc.)
Microsoft .NET Framework 4.5 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50709 - Microsoft Corporation)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version:  - Microsoft)
Microsoft Office Enterprise 2007 (HKLM-x32\...\ENTERPRISE) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50907.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (HKLM-x32\...\{15134cb0-b767-4960-a911-f2d16ae54797}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 (HKLM-x32\...\{22154f09-719a-4619-bb71-5b3356999fbf}) (Version: 11.0.50727.1 - Microsoft Corporation)
Mozilla Firefox 65.0.2 (x64 pl) (HKLM\...\Mozilla Firefox 65.0.2 (x64 pl)) (Version: 65.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 65.0 - Mozilla)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
My Summer Car v20.03.2017 (HKLM-x32\...\vsetop.com My Summer Car v20.03.2017_is1) (Version: 20.03.2017 - VseTop.Com)
Nero 9 Essentials (HKLM-x32\...\{a50eb208-a767-40de-8884-18e5d8178242}) (Version:  - Nero AG)
NFS CARBON (TM) (HKU\S-1-5-21-1875640827-2227973923-1423200866-1000\...\NFS CARBON (TM)) (Version:  - )
ON_OFF Charge 2 B13.1028.1 (HKLM-x32\...\{6B4ED6F7-BB88-4945-B0C6-01410E1BAC3A}) (Version: 1.00.0000 - GIGABYTE) Hidden
ON_OFF Charge 2 B13.1028.1 (HKLM-x32\...\InstallShield_{6B4ED6F7-BB88-4945-B0C6-01410E1BAC3A}) (Version: 1.00.0000 - GIGABYTE)
Opera beta 58.0.3135.59 (HKLM-x32\...\Opera 58.0.3135.59) (Version: 58.0.3135.59 - Opera Software)
Opera Stable 58.0.3135.79 (HKLM-x32\...\Opera 58.0.3135.79) (Version: 58.0.3135.79 - Opera Software)
PDF Architect 4 Create Module (HKLM\...\{06CDB669-BB6F-47B7-9F83-A3EBCC9797E0}) (Version: 4.1.4.27684 - pdfforge GmbH) Hidden
PDF Architect 4 Edit Module (HKLM\...\{7F697B24-63AE-4433-8DF6-36F8171CAB70}) (Version: 4.1.4.27684 - pdfforge GmbH) Hidden
PDF Architect 4 View Module (HKLM\...\{0893CB6D-8936-4882-8303-8C0769AA6750}) (Version: 4.1.4.27684 - pdfforge GmbH) Hidden
PDF Combine (HKLM-x32\...\PDF Combine_is1) (Version: 2.5 - Softplicity, Inc.)
PDFCreator (HKLM\...\{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}) (Version: 2.3.2 - pdfforge GmbH)
PIT Format 2016 (HKLM-x32\...\PIT Format 2016_is1) (Version:  - Biuro Informatyki Stosowanej FORMAT)
PowerISO (HKLM-x32\...\PowerISO) (Version: 7.3 - Power Software Ltd)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.49.927.2011 - Realtek)
Realtek Ethernet Diagnostic Utility (HKLM-x32\...\{DADC7AB0-E554-4705-9F6A-83EA82ED708E}) (Version: 1.007 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7037 - Realtek Semiconductor Corp.)
RedMon - Redirection Port Monitor (HKLM\...\Redirection Port Monitor) (Version:  - )
Samsung Kies3 (HKLM-x32\...\{88547073-C566-4895-9005-EBE98EA3F7C7}) (Version: 3.2.16044.2 - Samsung Electronics Co., Ltd.) Hidden
Samsung Kies3 (HKLM-x32\...\InstallShield_{88547073-C566-4895-9005-EBE98EA3F7C7}) (Version: 3.2.16044.2 - Samsung Electronics Co., Ltd.)
SAMSUNG Mobile Composite Device Software (HKLM\...\SAMSUNG Mobile Composite Device) (Version:  - )
SAMSUNG Mobile Modem Driver Set (HKLM\...\SAMSUNG Mobile Modem) (Version:  - )
Samsung Mobile phone USB driver Drive Software (HKLM\...\Samsung Mobile phone USB driver Drive) (Version:  - )
SAMSUNG Mobile USB Modem 1.0 Software (HKLM\...\SAMSUNG Mobile USB Modem 1.0) (Version:  - )
SAMSUNG Mobile USB Modem Software (HKLM\...\SAMSUNG Mobile USB Modem) (Version:  - )
Samsung PC Studio 3 (HKLM-x32\...\{0FAAA044-04CF-4766-84A2-A6A95CE196BD}) (Version: 3.0.0.80705 - Samsung Electronics Co., Ltd.) Hidden
Samsung PC Studio 3 (HKLM-x32\...\{C4A4722E-79F9-417C-BD72-8D359A090C97}) (Version: 3.2.2.80705 - Samsung Electronics Co., Ltd.)
Samsung_MonSetup (HKLM-x32\...\{8EA79DBF-D637-448A-89D6-410A087A4493}) (Version: 1.00.0000 - Samsung)
Spintires_[Hotfix] (HKLM-x32\...\Spintires_[Hotfix]_is1) (Version: Spintires_[Hotfix] - U4enik_77)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version:  - Microsoft)
Web Companion (HKLM-x32\...\{32d5dc6c-7678-4cbf-b335-04ae55f7b7d2}) (Version: 4.6.1966.3854 - Lavasoft)
WhatsApp (HKU\S-1-5-21-1875640827-2227973923-1423200866-1000\...\WhatsApp) (Version: 0.2.8000 - WhatsApp)
Windows Movie Maker 2.6 (HKLM-x32\...\{B3DAF54F-DB25-4586-9EF1-96D24BB14088}) (Version: 2.6.4037.0 - Microsoft Corporation)
WinPcap 4.1.2 (HKLM-x32\...\WinPcapInst) (Version: 4.1.0.2001 - CACE Technologies)
WinRAR 5.50 (64-bitowy) (HKLM\...\WinRAR archiver) (Version: 5.50.0 - win.rar GmbH)

==================== Niestandardowe rejestracje CLSID (filtrowane): ==========================

(Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.)

ShellIconOverlayIdentifiers: [  GoogleDriveBlacklisted] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2018-04-23] (Google Inc -> Google)
ShellIconOverlayIdentifiers: [  GoogleDriveSynced] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2018-04-23] (Google Inc -> Google)
ShellIconOverlayIdentifiers: [  GoogleDriveSyncing] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2018-04-23] (Google Inc -> Google)
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} =>  -> Brak pliku
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} =>  -> Brak pliku
ShellIconOverlayIdentifiers: [GDriveSharedOverlay] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D43} =>  -> Brak pliku
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2019-02-21] (Igor Pavlov) [Brak podpisu cyfrowego]
ContextMenuHandlers1: [GDContextMenu] -> {BB02B294-8425-42E5-983F-41A1FA970CD6} => C:\Program Files (x86)\Google\Drive\contextmenu64.dll [2018-04-23] (Google Inc -> Google)
ContextMenuHandlers1: [PDFArchitect4_ManagerExt] -> {3AECFCB3-8472-48E9-BC7B-5A3CD945C886} => C:\Program Files\PDF Architect 4\creator-context-menu.dll [2016-05-04] (pdfforge GmbH -> pdfforge GmbH)
ContextMenuHandlers1: [PDFCreator.ShellContextMenu] -> {d9cea52e-100d-4159-89ea-76e845bc13e1} => C:\Program Files\PDFCreator\PDFCreatorShell.DLL [2016-02-19] (pdfforge GmbH -> pdfforge GmbH)
ContextMenuHandlers1: [PowerISO] -> {967B2D40-8B7D-4127-9049-61EA0C2C6DCE} => C:\Program Files\PowerISO\PWRISOSH.DLL [2018-11-22] (Power Software Limited -> Power Software Ltd)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2017-09-13] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2017-09-13] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2019-02-21] (Igor Pavlov) [Brak podpisu cyfrowego]
ContextMenuHandlers4: [GDContextMenu] -> {BB02B294-8425-42E5-983F-41A1FA970CD6} => C:\Program Files (x86)\Google\Drive\contextmenu64.dll [2018-04-23] (Google Inc -> Google)
ContextMenuHandlers4: [PowerISO] -> {967B2D40-8B7D-4127-9049-61EA0C2C6DCE} => C:\Program Files\PowerISO\PWRISOSH.DLL [2018-11-22] (Power Software Limited -> Power Software Ltd)
ContextMenuHandlers5: [ACE] -> {5E2121EE-0300-11D4-8D3B-444553540000} => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\atiacm64.dll [2013-08-30] (Advanced Micro Devices, Inc.) [Brak podpisu cyfrowego]
ContextMenuHandlers6: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2019-02-21] (Igor Pavlov) [Brak podpisu cyfrowego]
ContextMenuHandlers6: [PowerISO] -> {967B2D40-8B7D-4127-9049-61EA0C2C6DCE} => C:\Program Files\PowerISO\PWRISOSH.DLL [2018-11-22] (Power Software Limited -> Power Software Ltd)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2017-09-13] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2017-09-13] (win.rar GmbH -> Alexander Roshal)

==================== Zaplanowane zadania (filtrowane) =============

(Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.)

Task: {0D4119B7-8575-41E4-B754-742D40E63259} - System32\Tasks\HP AR Program Upload - 35e05c7c945140ffa16735fc12c85aa2783da2f70b3c4cdd86f89b14f7e21dde => C:\Program Files\HP\HP DeskJet 4670 series\bin\HPRewards.exe (Hewlett Packard -> Hewlett-Packard Development Company, LP)
Task: {108B0496-78B7-46F7-935E-11E2EF6B29ED} - System32\Tasks\{E4B0CC70-59A8-4269-BE76-13B6BA4CA626} => C:\Windows\system32\pcalua.exe -a C:\Users\weranda\Downloads\WDM_R274.exe -d C:\Users\weranda\Downloads
Task: {18A25C46-53B2-49BE-944C-AE861C2F938E} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
Task: {21601671-A0B0-42AB-87B5-07FB8C7DF0B4} - System32\Tasks\AvastUpdateTaskMachineUA => C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe (AVAST Software s.r.o. -> AVAST Software)
Task: {280FA62E-FF8C-4D45-8EF9-AC052C2A321E} - System32\Tasks\HP AR Program Upload - dbbb63a4e960431d998a0bb2d898789c61a7524b2a714039bf42c89614ca2cd3 => C:\Program Files\HP\HP DeskJet 4670 series\bin\HPRewards.exe (Hewlett Packard -> Hewlett-Packard Development Company, LP)
Task: {29D01371-F976-413D-BB2C-E89AF42D33BC} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe
Task: {2A3766BD-DD46-48C4-AA34-5B71B2D100F6} - System32\Tasks\{58A03F46-6AC3-4283-B512-5BBF33E3F6E9} => C:\Windows\system32\pcalua.exe -a "C:\Users\weranda\Downloads\Samsung PC Studio 3.2.2 HG5\20080926103459515_Samsung_PC_Studio_322_HG5.exe" -d "C:\Users\weranda\Downloads\Samsung PC Studio 3.2.2 HG5"
Task: {30D6C4D7-F897-4DA1-82FA-B807FE54651F} - System32\Tasks\HPCustParticipation HP DeskJet 4670 series => C:\Program Files\HP\HP DeskJet 4670 series\Bin\HPCustPartic.exe (Hewlett Packard -> Hewlett-Packard Development Company, LP)
Task: {37A2E6BE-1419-4E1F-840C-831B21035F96} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_142_pepper.exe (Adobe Systems Incorporated -> Adobe Systems Incorporated)
Task: {4471BF7A-E0E5-4780-A124-6B5ABFEA9921} - System32\Tasks\Adobe Flash Player NPAPI Notifier => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_142_Plugin.exe (Adobe Systems Incorporated -> Adobe Systems Incorporated)
Task: {4920CE8C-103F-4250-B016-27F4A6301361} - System32\Tasks\{6C25B29F-B5FE-439C-93BA-D9A328CD3DDA} => C:\Users\weranda\Desktop\setup(1).exe (InstallShield Software Corporation) [Brak podpisu cyfrowego]
Task: {4ADCF389-5ED8-4A68-95A3-502E2D65E292} - \WPD\SqmUpload_S-1-5-21-1875640827-2227973923-1423200866-1000 -> Brak pliku <==== UWAGA
Task: {5128EA00-9D7C-4356-AB6D-5D3FD62A33CC} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated -> Adobe Systems Incorporated)
Task: {6B17DC28-A7BA-45FC-A923-C5A59A9DF351} - \WPD\SqmUpload_S-1-5-21-1875640827-2227973923-1423200866-1004 -> Brak pliku <==== UWAGA
Task: {6B9436C8-8C57-48B0-B104-EDD76C9191FE} - System32\Tasks\Opera scheduled Autoupdate 1487763226 => c:\program files\opera\launcher.exe (Opera Software AS -> Opera Software)
Task: {89B38102-3C59-4AF2-90BB-560466884C23} - System32\Tasks\AvastUpdateTaskMachineCore => C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe (AVAST Software s.r.o. -> AVAST Software)
Task: {8ABC1E19-4ED4-466C-992C-F8193292EC6D} - System32\Tasks\{37C23543-2BC0-4896-8A7A-B17806C28D07} => C:\Windows\system32\pcalua.exe -a C:\Users\weranda\Downloads\setup.exe -d C:\Users\weranda\Downloads
Task: {8E74AEEF-576F-4A57-892F-0B1971EDA2DD} - System32\Tasks\AVAST Software\Avast settings backup => C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe
Task: {9018E2D4-0751-45D4-8175-3C9732BF58FC} - System32\Tasks\HP AR Program Upload - fd05b00e0ff5474185ece4d05d78d3d81270fe37bf45470daf395a4ce5bac46f => C:\Program Files\HP\HP DeskJet 4670 series\bin\HPRewards.exe (Hewlett Packard -> Hewlett-Packard Development Company, LP)
Task: {9B169010-A7F1-45DF-99C7-A1DD50EE9B30} - System32\Tasks\Opera scheduled Autoupdate 1511613013 => C:\Program Files\Opera beta\launcher.exe (Opera Software AS -> Opera Software)
Task: {9B906981-8035-4C85-8D76-72170DDB7350} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe (Google Inc -> Google Inc.)
Task: {A9A5CAD5-CF57-4E2F-8842-4E4AFE539855} - System32\Tasks\HP AR Program Upload - dd061635c36c4576862ce6870ecc462e3f4dbc9a7ebd445f89f9ee0354ebb46f => C:\Program Files\HP\HP DeskJet 4670 series\bin\HPRewards.exe (Hewlett Packard -> Hewlett-Packard Development Company, LP)
Task: {AF450C72-C8BF-4480-8560-4752A0223F20} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\Avast Software\Overseer\overseer.exe (AVAST Software s.r.o. -> AVAST Software)
Task: {B00117B4-8E80-4594-B23D-D6D4E52238A6} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe (Google Inc -> Google Inc.)
Task: {CFCF3888-00B3-421C-B55E-012DF1ACF1F1} - System32\Tasks\HP AR Program Upload - 6d485685c2574023a12a5f65bdc898e0e69fb524a9c64d5c957adb826daab2e7 => C:\Program Files\HP\HP DeskJet 4670 series\bin\HPRewards.exe (Hewlett Packard -> Hewlett-Packard Development Company, LP)
Task: {F6B39359-BFED-4BC9-BA95-E28870FC105F} - System32\Tasks\{26420BD7-86AD-4670-8B67-10253D559388} => C:\Users\weranda\Desktop\setup(1).exe (InstallShield Software Corporation) [Brak podpisu cyfrowego]
Task: {FA01D7FA-DCC7-4054-8A00-426189A9845D} - System32\Tasks\HP AR Program Upload - ac025ee31ed24e048b8aec5d6566096f3d794457696d4a1fa84d9c27082b749d => C:\Program Files\HP\HP DeskJet 4670 series\bin\HPRewards.exe (Hewlett Packard -> Hewlett-Packard Development Company, LP)

(Załączenie wejścia w fixlist spowoduje przesunięcie pliku zadania (.job). Plik uruchamiany docelowo przez zadanie nie zostanie przeniesiony.)


==================== Skróty & WMI ========================

(Wybrane wejścia mogą zostać załączone w celu ich zresetowania lub usunięcia.)


==================== Załadowane moduły (filtrowane) ==============

2019-03-08 10:26 - 2019-03-08 18:43 - 000042216 _____ (三亚众贤网络科技有限公司 -> ) [Brak podpisu cyfrowego] C:\Windows\system32\usp20.dll
2019-03-08 10:26 - 2019-03-08 18:43 - 000534760 _____ (三亚众贤网络科技有限公司 -> ) [Brak podpisu cyfrowego] C:\Windows\system32\KeyHook64.dll
2013-08-30 18:46 - 2013-08-30 18:46 - 000344064 _____ (Advanced Micro Devices, Inc.) [Brak podpisu cyfrowego] C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
2013-08-30 18:47 - 2013-08-30 18:47 - 000214528 _____ () [Brak podpisu cyfrowego] C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Container.PerformanceTuning.dll
2012-10-22 13:41 - 2012-10-22 13:41 - 000749056 _____ () [Brak podpisu cyfrowego] C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Device.dll
2012-10-22 13:42 - 2012-10-22 13:42 - 003645952 _____ () [Brak podpisu cyfrowego] C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Platform.dll
2019-03-05 12:10 - 2019-03-08 18:43 - 001321936 _____ (Xi' an JingTech electronic Technology Co.,LTD -> ) [Brak podpisu cyfrowego] C:\Windows\System32\msrpci.exe
2013-08-30 18:37 - 2013-08-30 18:37 - 000004608 _____ (Advanced Micro Devices, Inc.) [Brak podpisu cyfrowego] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\atiamplk.dll
2007-06-26 19:27 - 2007-06-26 19:27 - 000312320 _____ (shbox.de) [Brak podpisu cyfrowego] C:\Program Files (x86)\FreePDF_XP\fpassist.exe

==================== Alternate Data Streams (filtrowane) =========

(Załączenie wejścia w fixlist spowoduje usunięcie strumienia ADS.)


==================== Tryb awaryjny (filtrowane) ===================

(Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Wartość "AlternateShell" zostanie przywrócona.)


==================== Powiązania plików (filtrowane) ===============

(Załączenie wejścia w fixlist spowoduje usunięcie obiektu z rejestru lub przywrócenie jego domyślnej postaci.)


==================== Internet Explorer - Witryny zaufane i z ograniczeniami ===============

(Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru.)


==================== Inne obszary ============================

(Obecnie brak automatycznej naprawy dla tej sekcji.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path: C:\Program Files (x86)\Common Files\Oracle\Java\javapath;C:\ProgramData\Oracle\Java\javapath;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static;C:\Program Files (x86)\Samsung\Samsung PC Studio 3\
HKU\S-1-5-21-1875640827-2227973923-1423200866-1000\Control Panel\Desktop\\Wallpaper -> 
DNS Servers: Urządzenie nie jest podłączone do internetu.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 0)
MpsSvc => Usługa "Zapora systemu Windows" nie jest uruchomiona.
bfe => Usługa "Zapora systemu Windows" nie jest uruchomiona.

==================== MSCONFIG/TA