Rezultaty skanu uzupełniającego Farbar Recovery Scan Tool (x64) Wersja: 14-12-2020 Uruchomiony przez q (15-12-2020 18:13:43) Uruchomiony z C:\Users\q\Desktop Windows 10 Home Wersja 2004 19041.685 (X64) (2020-09-07 08:39:56) Tryb startu: Normal ========================================================== ==================== Konta użytkowników: ============================= Administrator (S-1-5-21-1448178001-3530575419-1287885553-500 - Administrator - Disabled) Gość (S-1-5-21-1448178001-3530575419-1287885553-501 - Limited - Disabled) Konto domyślne (S-1-5-21-1448178001-3530575419-1287885553-503 - Limited - Disabled) q (S-1-5-21-1448178001-3530575419-1287885553-1001 - Administrator - Enabled) => C:\Users\q WDAGUtilityAccount (S-1-5-21-1448178001-3530575419-1287885553-504 - Limited - Disabled) ==================== Centrum zabezpieczeń ======================== (Załączenie wejścia w fixlist spowoduje jego usunięcie.) AV: Avira Antivirus (Enabled - Up to date) {88AE6B46-DC3C-455A-A21B-085F285A3546} AV: Avast Antivirus (Enabled - Up to date) {8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF} AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AV: Norton Security (Disabled - Out of date) {30744133-1E94-7B35-F4A3-82A5AEF1CBAA} AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: Norton Security (Disabled - Out of date) {8B15A0D7-38AE-74BB-CE13-B9D7D5768117} AS: Avast Antivirus (Enabled - Up to date) {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402} ==================== Zainstalowane programy ====================== (W fixlist dozwolone tylko załączanie programów adware z flagą "Hidden" w celu ich uwidocznienia. Programy adware powinny zostać w poprawny sposób odinstalowane.) Adobe Acrobat Reader DC - Polish (HKLM-x32\...\{AC76BA86-7AD7-1045-7B44-AC0F074E4100}) (Version: 20.013.20074 - Adobe Systems Incorporated) Adobe Flash Player 32 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 32.0.0.223 - Adobe) Aktualizacje NVIDIA 2.11.3.5 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 2.11.3.5 - NVIDIA Corporation) Hidden Avira (HKLM-x32\...\{161e6084-b0f5-43e8-86d8-09eda5c0893d}) (Version: 1.2.153.30452 - Avira Operations GmbH & Co. KG) Hidden Avira (HKLM-x32\...\{426D1710-5DFD-45E9-B11D-464792C5AD35}) (Version: 1.2.153.30452 - Avira Operations GmbH & Co. KG) Hidden Avira Antivirus (HKLM-x32\...\Avira Antivirus) (Version: 15.0.2011.2057 - Avira Operations GmbH & Co. KG) Hidden Avira Security (HKLM-x32\...\Avira Security_is1) (Version: 1.0.41.13618 - Avira Operations GmbH & Co. KG) Hidden Avira Security (HKLM-x32\...\AviraSecurityUninstaller) (Version: - Avira Operations GmbH & Co. KG;) Avira Software Updater (HKLM-x32\...\{073825B9-FF06-4690-8CE4-3C0B72036122}) (Version: 2.0.6.37231 - Avira Operations GmbH & Co. KG) Hidden Avira System Speedup (HKLM-x32\...\Avira System Speedup_is1) (Version: 6.7.0.11017 - Avira Operations GmbH & Co. KG) Hidden Brave (HKLM-x32\...\BraveSoftware Brave-Browser) (Version: 87.1.18.70 - Autorzy Brave) Brave (HKU\S-1-5-21-1448178001-3530575419-1287885553-1001\...\Brave) (Version: 0.27.3 - Brave Software) CCleaner (HKLM\...\CCleaner) (Version: 5.59 - Piriform) CCSDK Customer Engagement Service (HKLM-x32\...\{AE75190B-11B4-4F90-8254-DAB275CF2557}_is1) (Version: 1.3.0.3 - Lenovo) Centrum obsługi urządzeń z systemem Windows Mobile (HKLM\...\{626672CD-BFCF-49A9-AEFE-AB0FED3BFC5B}) (Version: 6.1.6965.0 - Microsoft Corporation) Disk Drill 4.1.551.0 (HKLM-x32\...\{a3191359-c53e-459e-a364-bdb79ed35b57}) (Version: 4.1.551.0 - CleverFiles) Disk Drill 4.1.551.0 (x64) (HKLM\...\{E17DB604-AFC0-4B5E-916D-65D5BFF75774}) (Version: 4.1.551.0 - CleverFiles) Hidden Dokan Library 1.4.0.1000 (x64) (HKLM\...\{65A3A964-3DC3-0104-0000-200601191219}) (Version: 1.4.0.1000 - Dokany Project) Hidden Dokan Library 1.4.0.1000 Bundle (HKLM-x32\...\{97cfdb6c-2faa-43ba-afbc-469e01845e99}) (Version: 1.4.0.1000 - Dokany Project) Dolby Audio X2 Windows API SDK (HKLM\...\{6A478BF2-F67F-4ABC-A7F1-B6B5BA862371}) (Version: 0.6.3.44 - Dolby Laboratories, Inc.) Dolby Audio X2 Windows APP (HKLM\...\{7DA57EF8-9D20-4126-AF15-D0CC97D0C017}) (Version: 0.6.3.48 - Dolby Laboratories, Inc.) EaseUS Data Recovery Wizard (HKLM\...\EaseUS Data Recovery Wizard_is1) (Version: - EaseUS) Epic Games Launcher Prerequisites (x64) (HKLM\...\{66C5838F-B854-4A55-89E6-A6138747A4DF}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden EPSON L386 Series Printer Uninstall (HKLM\...\EPSON L386 Series) (Version: - Seiko Epson Corporation) Epson Printer Connection Checker (HKLM-x32\...\{189DE071-E0BC-4BA5-8E34-83D5ED12600B}) (Version: 3.2.0.0 - Seiko Epson Corporation) Epson Scan 2 (HKLM-x32\...\Epson Scan 2) (Version: - Seiko Epson Corporation) EPSON Scan OCR Component (HKLM-x32\...\{563B99D8-8895-4E3E-AE8D-15BE8C05F1C1}) (Version: 3.00.04 - SEIKO EPSON Corp.) Epson Software Updater (HKLM-x32\...\{28C66F35-69BF-4376-BC80-4D5F4808FF3C}) (Version: 4.6.1 - Seiko Epson Corporation) EpsonNet Print (HKLM\...\{96ED1D58-440C-4345-8FEE-C4781366C67F}) (Version: 3.1.4.0 - SEIKO EPSON Corporation) foobar2000 v1.3.14 (HKLM-x32\...\foobar2000) (Version: 1.3.14 - Peter Pawlowski) GG (HKU\S-1-5-21-1448178001-3530575419-1287885553-1001\...\GG) (Version: 12 - GG Network S.A.) Google Chrome (HKLM-x32\...\Google Chrome) (Version: 87.0.4280.88 - Google LLC) Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.36.51 - Google LLC) Hidden Google Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.21.169 - Google Inc.) Hidden HDD Raw Copy Tool v1.10 (HKLM-x32\...\HDD Raw Copy Tool_is1) (Version: - HDDGURU) Instrukcje użytkownika (HKLM-x32\...\{7042D952-EE42-4C09-A23D-E7AE4D047007}) (Version: 6.0.0.0 - Lenovo) Hidden Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 11.5.0.1015 - Intel Corporation) Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 22.20.16.4836 - Intel Corporation) Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 15.0.0.1039 - Intel Corporation) Intel(R) Serial IO (HKLM\...\{9FD91C5C-44AE-4D9D-85BE-AE52816B0294}) (Version: 30.63.1620.3 - Intel Corporation) Intel(R) Wireless Bluetooth(R) (HKLM-x32\...\{BBD9EA15-17D6-495A-B78D-25D7EAE7A61B}) (Version: 18.1.1613.3274 - Intel Corporation) IrfanView 4.53 (32-bit) (HKLM-x32\...\IrfanView) (Version: 4.53 - Irfan Skiljan) Java 8 Update 141 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F64180141F0}) (Version: 8.0.1410.15 - Oracle Corporation) Java 8 Update 141 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180141F0}) (Version: 8.0.1410.15 - Oracle Corporation) Java 8 Update 201 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F64180201F0}) (Version: 8.0.2010.9 - Oracle Corporation) Java 8 Update 201 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180201F0}) (Version: 8.0.2010.9 - Oracle Corporation) Launcher Prerequisites (x64) (HKLM-x32\...\{c6c5a357-c7ca-4a5f-9789-3bb1af579253}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden Lenovo App Explorer (HKU\S-1-5-21-1448178001-3530575419-1287885553-1001\...\Host App Service) (Version: 0.273.4.172 - SweetLabs for Lenovo) <==== UWAGA Lenovo OneKey Recovery (HKLM\...\{46F4D124-20E5-4D12-BE52-EC177A7A4B42}) (Version: 8.1.0.4706 - CyberLink Corp.) Hidden Lenovo OneKey Recovery (HKLM-x32\...\InstallShield_{46F4D124-20E5-4D12-BE52-EC177A7A4B42}) (Version: 8.1.0.4706 - CyberLink Corp.) Lenovo Photo Master (HKLM-x32\...\{BC94C56A-3649-420C-8756-2ADEBE399D33}) (Version: 2.1.5222.01 - CyberLink Corp.) Lenovo Service Bridge (HKU\S-1-5-21-1448178001-3530575419-1287885553-1001\...\{2C74547D-EF88-47F4-85F5-BE46A31E26B7}_is1) (Version: 4.0.6.7 - Lenovo) Lenovo Vantage Service (HKLM-x32\...\VantageSRV_is1) (Version: 3.4.16.0 - Lenovo Group Ltd.) LYNX Trading (HKU\S-1-5-21-1448178001-3530575419-1287885553-1001\...\5556-0005-2700-0000) (Version: (979.4z) 20200722 12:02:49 - LYNX) Microsoft 365 - en-us (HKLM\...\O365HomePremRetail - en-us) (Version: 16.0.13426.20308 - Microsoft Corporation) Microsoft 365 - pl-pl (HKLM\...\O365HomePremRetail - pl-pl) (Version: 16.0.13426.20308 - Microsoft Corporation) Microsoft ASP.NET MVC 2 (HKLM-x32\...\{DD8FF2F3-0D97-4CF3-AF78-FA0E1B242244}) (Version: 2.0.60926.0 - Microsoft Corporation) Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 87.0.664.60 - Microsoft Corporation) Microsoft Edge Update (HKLM-x32\...\Microsoft Edge Update) (Version: 1.3.139.59 - ) Microsoft ODBC Driver 17 for SQL Server (HKLM\...\{5F9345E2-76B2-4639-AD3B-DB2ABC716930}) (Version: 17.1.0.1 - Microsoft Corporation) Microsoft Office Professional 2016 - en-us (HKLM\...\ProfessionalRetail - en-us) (Version: 16.0.13426.20308 - Microsoft Corporation) Microsoft Office Professional 2016 - pl-pl (HKLM\...\ProfessionalRetail - pl-pl) (Version: 16.0.13426.20308 - Microsoft Corporation) Microsoft OneDrive (HKU\S-1-5-21-1448178001-3530575419-1287885553-1001\...\OneDriveSetup.exe) (Version: 20.169.0823.0008 - Microsoft Corporation) Microsoft OneDrive 2013 dla firm - pl-pl (HKLM\...\GrooveRetail - pl-pl) (Version: 15.0.5293.1000 - Microsoft Corporation) Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50918.0 - Microsoft Corporation) Microsoft Teams (HKU\S-1-5-21-1448178001-3530575419-1287885553-1001\...\Teams) (Version: 1.3.00.21759 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.51106 (HKLM-x32\...\{8e70e4e1-06d7-470b-9f74-a51bef21088e}) (Version: 11.0.51106.1 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40649 (HKLM-x32\...\{5d0723d3-cff7-4e07-8d0b-ada737deb5e6}) (Version: 12.0.40649.5 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual C++ 2015-2019 Redistributable (x64) - 14.27.29016 (HKLM-x32\...\{40d3fee2-b257-46c2-bdc0-cb1088d97327}) (Version: 14.27.29016.0 - Microsoft Corporation) Microsoft Visual C++ 2015-2019 Redistributable (x86) - 14.27.29016 (HKLM-x32\...\{1aaa01ad-3069-4288-9c6f-37a140a8f6c7}) (Version: 14.27.29016.0 - Microsoft Corporation) Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation) Minimal ADB and Fastboot version 1.4 (HKLM-x32\...\{C5564379-582D-457A-9E68-A9E7C1F1C4EC}_is1) (Version: 1.4 - Sam Rodberg) Mozilla Firefox 83.0 (x64 pl) (HKLM\...\Mozilla Firefox 83.0 (x64 pl)) (Version: 83.0 - Mozilla) Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 78.3.1 - Mozilla) NVIDIA GeForce Experience 2.11.3.5 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.11.3.5 - NVIDIA Corporation) NVIDIA Oprogramowanie systemu PhysX 9.15.0428 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.15.0428 - NVIDIA Corporation) NVIDIA Sterownik 3D Vision 376.54 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 376.54 - NVIDIA Corporation) NVIDIA Sterownik graficzny 376.54 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 376.54 - NVIDIA Corporation) OANDA Desktop (HKLM-x32\...\{1DAF3BB8-E27F-4698-9D7C-270985AA3BCE}) (Version: 2.6.3 - OANDA) OBS Studio (HKLM-x32\...\OBS Studio) (Version: 25.0.8 - OBS Project) Office 15 Click-to-Run Extensibility Component (HKLM-x32\...\{90150000-008C-0000-0000-0000000FF1CE}) (Version: 15.0.5215.1000 - Microsoft Corporation) Hidden Office 15 Click-to-Run Localization Component (HKLM-x32\...\{90150000-008C-0415-0000-0000000FF1CE}) (Version: 15.0.5215.1000 - Microsoft Corporation) Hidden Office 16 Click-to-Run Extensibility Component (HKLM-x32\...\{90160000-008C-0000-0000-0000000FF1CE}) (Version: 16.0.13426.20294 - Microsoft Corporation) Hidden Office 16 Click-to-Run Extensibility Component 64-bit Registration (HKLM\...\{90160000-00DD-0000-1000-0000000FF1CE}) (Version: 16.0.13426.20294 - Microsoft Corporation) Hidden Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-008F-0000-1000-0000000FF1CE}) (Version: 16.0.13426.20308 - Microsoft Corporation) Hidden Office 16 Click-to-Run Localization Component (HKLM-x32\...\{90160000-008C-0409-0000-0000000FF1CE}) (Version: 16.0.13426.20294 - Microsoft Corporation) Hidden Office 16 Click-to-Run Localization Component (HKLM-x32\...\{90160000-008C-0415-0000-0000000FF1CE}) (Version: 16.0.13426.20294 - Microsoft Corporation) Hidden Oprogramowanie Intel® PROSet/Wireless (HKLM-x32\...\{1e9d8bcf-827c-4e01-a82f-86e201de2a84}) (Version: 20.50.3 - Intel Corporation) Oprogramowanie mikroukładu Intel® (HKLM-x32\...\{aaa7f0fb-02dc-4576-beef-7d24842c5fbe}) (Version: 10.1.1.32 - Intel(R) Corporation) Hidden Panel sterowania NVIDIA 376.54 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel) (Version: 376.54 - NVIDIA Corporation) Hidden Podręczniki firmy EPSON (HKLM-x32\...\{84CECC1B-21EF-41B1-9A91-3E724E5D99D3}) (Version: 1.57.0.0 - Seiko Epson Corporation) Polski pakiet językowy dla narzędzi Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - PLK) (Version: 10.0.50903 - Microsoft Corporation) psqlODBC_x64 (HKLM\...\{3F8971B0-061B-4163-9D3F-EA94151B2FCF}) (Version: 09.06.0504 - PostgreSQL Global Development Group) Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 10.0.10586.29092 - Realtek Semiconduct Corp.) Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7874 - Realtek Semiconductor Corp.) Recuva (HKLM\...\Recuva) (Version: 1.53 - Piriform) Skype dla firm Basic 2015 - pl-pl (HKLM\...\LyncEntryRetail - pl-pl) (Version: 15.0.5293.1000 - Microsoft Corporation) Skype Meetings App (HKLM-x32\...\{FB720DD1-D322-402A-8EAD-75DBD9287840}) (Version: 16.2.0.509 - Microsoft Corporation) Solid PDF Creator (HKLM-x32\...\{DFE70CCC-0ACB-45B7-94F4-9DC6F01B7928}_is1) (Version: 9.1.3048.1 - Solid Documents) Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation) SysInfoTools-PST-File-Viewer (HKLM-x32\...\{888663E6-87F6-46BA-A4A1-0ED8868B4DC9}_is1) (Version: 2.0.0.0 - SysInfoTools) Tableau 2020.2 (20202.20.0415.1946) (HKLM\...\{0CC50DD2-F08C-4D43-B25E-C1FF7D1B09B5}) (Version: 20.2.25003 - Tableau Software) Hidden Tableau 2020.2 (20202.20.0415.1946) (HKLM-x32\...\{b4aec78e-57ad-4ce6-b159-3acb94310b22}) (Version: 20.2.25003 - Tableau Software) Total Commander 64+32-bit (Remove or Repair) (HKLM\...\Totalcmd64) (Version: 9.51 - Ghisler Software GmbH) UltraISO Premium V9.66 (HKLM-x32\...\UltraISO_is1) (Version: - ) Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{F14FB68A-9188-4036-AD0D-D054BC9C9291}) (Version: 2.59.0.0 - Microsoft Corporation) User Manuals (HKLM-x32\...\InstallShield_{7042D952-EE42-4C09-A23D-E7AE4D047007}) (Version: 6.0.0.0 - Lenovo) VirtualCloneDrive (HKLM-x32\...\VirtualCloneDrive) (Version: 5.5.0.0 - Elaborate Bytes) VitalSource Bookshelf (HKLM-x32\...\{d25e882e-ebb7-4f14-b756-5fb52fe1d833}) (Version: 7.2.0003 - Nazwa firmy) VLC media player (HKLM\...\VLC media player) (Version: 3.0.8 - VideoLAN) Vulkan Run Time Libraries 1.0.26.0 (HKLM\...\VulkanRT1.0.26.0) (Version: 1.0.26.0 - LunarG, Inc.) Vulkan Run Time Libraries 1.0.54.1 (HKLM\...\VulkanRT1.0.54.1) (Version: 1.0.54.1 - Intel Corporation Inc.) Hidden Vulkan Run Time Libraries 1.0.54.1 (HKLM\...\VulkanRT1.0.54.1-3) (Version: 1.0.54.1 - Intel Corporation Inc.) Hidden Vulkan Run Time Libraries 1.0.54.1 (HKLM\...\VulkanRT1.0.54.1-4) (Version: 1.0.54.1 - Intel Corporation Inc.) WinRAR 5.71 (64-bitowy) (HKLM\...\WinRAR archiver) (Version: 5.71.0 - win.rar GmbH) Zoom (HKU\S-1-5-21-1448178001-3530575419-1287885553-1001\...\ZoomUMX) (Version: 4.6 - Zoom Video Communications, Inc.) Packages: ========= Autodesk SketchBook -> C:\Program Files\WindowsApps\89006A2E.AutodeskSketchBook_5.1.0.0_x64__tf1gferkr813w [2019-11-07] (Autodesk Inc.) Lenovo Settings -> C:\Program Files\WindowsApps\LenovoCorporation.LenovoSettings_3.177.0.0_x86__4642shxvsv8s2 [2017-12-19] (LENOVO INCORPORATED.) Lenovo Vantage -> C:\Program Files\WindowsApps\E046963F.LenovoCompanion_10.2011.20.0_x64__k1h2ywk1493x8 [2020-12-01] (LENOVO INC.) Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-01-19] (Microsoft Corporation) [MS Ad] Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-01-19] (Microsoft Corporation) [MS Ad] Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.7.10142.0_x64__8wekyb3d8bbwe [2020-10-26] (Microsoft Studios) [MS Ad] MSN Sport -> C:\Program Files\WindowsApps\Microsoft.BingSports_4.36.20714.0_x64__8wekyb3d8bbwe [2020-03-27] (Microsoft Corporation) [MS Ad] Portal kont Lenovo -> C:\Program Files\WindowsApps\LenovoCorporation.LenovoID_2.0.37.0_x86__4642shxvsv8s2 [2017-04-26] (LENOVO INCORPORATED.) Twitter -> C:\Program Files\WindowsApps\9E2F88E3.Twitter_6.1.4.1000_neutral__wgeqdkkx372wm [2018-09-09] (Twitter Inc.) Windows File Recovery -> C:\Program Files\WindowsApps\Microsoft.WindowsFileRecovery_0.0.11761.0_x64__8wekyb3d8bbwe [2020-12-15] (Microsoft Corporation) ==================== Niestandardowe rejestracje CLSID (filtrowane): ============== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) CustomCLSID: HKU\S-1-5-21-1448178001-3530575419-1287885553-1001_Classes\CLSID\{19A6E644-14E6-4A60-B8D7-DD20610A871D}\InprocServer32 -> C:\Users\q\AppData\Local\Microsoft\TeamsMeetingAddin\1.0.20130.1\x64\Microsoft.Teams.AddinLoader.dll (Microsoft Corporation -> Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-1448178001-3530575419-1287885553-1001_Classes\CLSID\{3E3AD4BD-346A-460A-80E8-90699B75C00B}\InprocServer32 -> C:\Users\q\AppData\Local\Microsoft\SkypeForBusinessPlugin\16.2.0.509\GatewayActiveX-x64.dll (Microsoft Corporation -> Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-1448178001-3530575419-1287885553-1001_Classes\CLSID\{CB965DF1-B8EA-49C7-BDAD-5457FDC1BF92}\InprocServer32 -> C:\Users\q\AppData\Local\Microsoft\TeamsMeetingAddin\1.0.20130.1\x64\Microsoft.Teams.AddinLoader.dll (Microsoft Corporation -> Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-1448178001-3530575419-1287885553-1001_Classes\CLSID\{E68D0A55-3C40-4712-B90D-DCFA93FF2534}\InprocServer32 -> C:\Users\q\AppData\Roaming\GG\ggdrive\ggdrive-menu.dll (GG Network S.A.) [Brak podpisu cyfrowego] ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> Brak pliku ContextMenuHandlers1: [Shell Extension for Malware scanning] -> {45AC2688-0253-4ED8-97DE-B5370FA7D48A} => C:\Program Files (x86)\Avira\Antivirus\shlext64.dll [2020-09-30] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) ContextMenuHandlers1: [SystemSpeedupFilesMenu] -> {14cb2bd0-2375-3d10-9b5d-5e18865c8959} => C:\Program Files (x86)\Avira\System Speedup\Avira.SystemSpeedup.UI.ShellExtension.DLL [2020-09-21] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) ContextMenuHandlers1: [VirtualCloneDrive] -> {B7056B8E-4F99-44f8-8CBD-282390FE5428} => C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\ElbyVCDShell.dll [2009-12-14] (Elaborate Bytes AG -> Elaborate Bytes AG) ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2019-05-07] (win.rar GmbH -> Alexander Roshal) ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2019-05-07] (win.rar GmbH -> Alexander Roshal) ContextMenuHandlers4: [RecuvaShellExt] -> {435E5DF5-2510-463C-B223-BDA47006D002} => C:\Program Files\Recuva\RecuvaShell64.dll [2020-08-03] (Piriform Software Ltd -> Piriform Software Ltd) ContextMenuHandlers4: [SystemSpeedupFoldersMenu] -> {700866bb-c8e9-3e71-b359-abb28baed0e8} => C:\Program Files (x86)\Avira\System Speedup\Avira.SystemSpeedup.UI.ShellExtension.DLL [2020-09-21] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) ContextMenuHandlers4: [UltraISO] -> {AD392E40-428C-459F-961E-9B147782D099} => C:\Program Files (x86)\UltraISO\isoshl64.dll [2015-10-08] (SHENZHEN YIBO DIGITAL SYSTEMS DEVELOPMENT CO. LTD. -> EZB Systems, Inc.) ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> Brak pliku ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\System32\DriverStore\FileRepository\igdlh64.inf_amd64_09afa4e14ee4fad2\igfxDTCM.dll [2017-11-24] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation) ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\system32\nvshext.dll [2016-12-29] (NVIDIA Corporation -> NVIDIA Corporation) ContextMenuHandlers5: [SystemSpeedupDesktopMenu] -> {0cab5786-30e8-3185-9b3b-ccefbf1b8afe} => C:\Program Files (x86)\Avira\System Speedup\Avira.SystemSpeedup.UI.ShellExtension.DLL [2020-09-21] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) ContextMenuHandlers6: [RecuvaShellExt] -> {435E5DF5-2510-463C-B223-BDA47006D002} => C:\Program Files\Recuva\RecuvaShell64.dll [2020-08-03] (Piriform Software Ltd -> Piriform Software Ltd) ContextMenuHandlers6: [Shell Extension for Malware scanning] -> {45AC2688-0253-4ED8-97DE-B5370FA7D48A} => C:\Program Files (x86)\Avira\Antivirus\shlext64.dll [2020-09-30] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2019-05-07] (win.rar GmbH -> Alexander Roshal) ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2019-05-07] (win.rar GmbH -> Alexander Roshal) ContextMenuHandlers1_S-1-5-21-1448178001-3530575419-1287885553-1001: [GGDriveMenu] -> {E68D0A55-3C40-4712-B90D-DCFA93FF2534} => C:\Users\q\AppData\Roaming\GG\ggdrive\ggdrive-menu.dll [2014-03-20] (GG Network S.A.) [Brak podpisu cyfrowego] ContextMenuHandlers4_S-1-5-21-1448178001-3530575419-1287885553-1001: [GGDriveMenu] -> {E68D0A55-3C40-4712-B90D-DCFA93FF2534} => C:\Users\q\AppData\Roaming\GG\ggdrive\ggdrive-menu.dll [2014-03-20] (GG Network S.A.) [Brak podpisu cyfrowego] ContextMenuHandlers5_S-1-5-21-1448178001-3530575419-1287885553-1001: [GGDriveMenu] -> {E68D0A55-3C40-4712-B90D-DCFA93FF2534} => C:\Users\q\AppData\Roaming\GG\ggdrive\ggdrive-menu.dll [2014-03-20] (GG Network S.A.) [Brak podpisu cyfrowego] ==================== Codecs (filtrowane) ==================== ==================== Skróty & WMI ======================== ==================== Załadowane moduły (filtrowane) ============= 2017-02-10 21:41 - 2014-03-20 15:18 - 001683456 _____ (GG Network S.A.) [Brak podpisu cyfrowego] C:\Users\q\AppData\Roaming\GG\ggdrive\ggdrive-menu.dll 2020-09-07 09:32 - 2016-12-29 13:29 - 000339072 _____ (NVIDIA Corporation PE Sign v2016 -> NVIDIA Corporation) [Brak podpisu cyfrowego] C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem\_nvstapisvr64.dll 2020-11-13 09:01 - 2020-05-30 19:58 - 001280000 _____ (Robert Simpson, et al.) [Brak podpisu cyfrowego] C:\ProgramData\Lenovo\iMController\Plugins\GenericMessagingPlugin\x86\SQLite.Interop.dll 2015-12-11 16:14 - 2015-12-11 16:14 - 004968448 _____ (Seiko Epson Corporation) [Brak podpisu cyfrowego] C:\Program Files\EpsonNet\EpsonNet Print\ENSTRMAPIe.dll 2016-09-14 14:31 - 2016-09-14 14:31 - 000500736 _____ (SEIKO EPSON CORPORATION) [Brak podpisu cyfrowego] C:\WINDOWS\System32\enppmon.dll 2020-06-23 08:09 - 2020-04-09 08:17 - 000944840 _____ (SQLite Development Team) [Brak podpisu cyfrowego] C:\ProgramData\Lenovo\iMController\Plugins\LenovoWiFiSecurityPlugin\x86\x86\e_sqlite3.dll ==================== Alternate Data Streams (filtrowane) ======== (Załączenie wejścia w fixlist spowoduje usunięcie strumienia ADS.) AlternateDataStreams: C:\WimMount:$WIMMOUNTDATA [594] AlternateDataStreams: C:\Users\Public\AppData:CSM [464] AlternateDataStreams: C:\Users\Public\Shared Files:VersionCache [470] ==================== Tryb awaryjny (filtrowane) ================== ==================== Powiązania plików (filtrowane) ================= ==================== Internet Explorer (filtrowane) ========== HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank HKU\S-1-5-21-1448178001-3530575419-1287885553-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.gazeta.pl/0,0.html?p=190 HKU\S-1-5-21-1448178001-3530575419-1287885553-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://lenovo17win10.msn.com/?pc=LCTE SearchScopes: HKU\S-1-5-21-1448178001-3530575419-1287885553-1001 -> DefaultScope {724BDF1C-F8C4-44C5-94CF-96E142549C08} URL = SearchScopes: HKU\S-1-5-21-1448178001-3530575419-1287885553-1001 -> {724BDF1C-F8C4-44C5-94CF-96E142549C08} URL = BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2020-09-16] (Microsoft Corporation -> Microsoft Corporation) BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_201\bin\ssv.dll [2019-07-02] (Oracle America, Inc. -> Oracle Corporation) BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_201\bin\jp2ssv.dll [2019-07-02] (Oracle America, Inc. -> Oracle Corporation) BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\Office15\OCHelper.dll [2020-06-18] (Microsoft Corporation -> Microsoft Corporation) BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_201\bin\ssv.dll [2019-07-02] (Oracle America, Inc. -> Oracle Corporation) BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\root\Office15\GROOVEEX.DLL [2020-08-20] (Microsoft Corporation -> Microsoft Corporation) BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_201\bin\jp2ssv.dll [2019-07-02] (Oracle America, Inc. -> Oracle Corporation) Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2020-12-07] (Microsoft Corporation -> Microsoft Corporation) Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2020-12-07] (Microsoft Corporation -> Microsoft Corporation) Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2020-12-07] (Microsoft Corporation -> Microsoft Corporation) Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2020-12-07] (Microsoft Corporation -> Microsoft Corporation) (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru.) IE trusted site: HKU\S-1-5-21-1448178001-3530575419-1287885553-1001\...\sharepoint.com -> hxxps://plpwconsulting-files.sharepoint.com ==================== Hosts - zawartość: ========================= (Użycie dyrektywy Hosts: w fixlist spowoduje reset pliku Hosts.) 2015-10-30 08:24 - 2015-10-30 08:21 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts ==================== Inne obszary =========================== (Obecnie brak automatycznej naprawy dla tej sekcji.) HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Common Files\Oracle\Java\javapath;C:\ProgramData\Oracle\Java\javapath;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;%SYSTEMROOT%\System32\OpenSSH\;C:\Program Files\Intel\WiFi\bin\;C:\Program Files\Common Files\Intel\WirelessCommon\ HKU\S-1-5-21-1448178001-3530575419-1287885553-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\q\AppData\Local\Microsoft\Windows\Themes\RoamedThemeFiles\DesktopBackground\acer01.jpg DNS Servers: 192.168.1.254 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1) HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin) Zapora systemu Windows [funkcja włączona] ==================== MSCONFIG/TASK MANAGER - Wyłączone elementy == (Załączenie wejścia w fixlist spowoduje jego usunięcie.) HKU\S-1-5-21-1448178001-3530575419-1287885553-1001\...\StartupApproved\Run: => "GG" HKU\S-1-5-21-1448178001-3530575419-1287885553-1001\...\StartupApproved\Run: => "EpicGamesLauncher" HKU\S-1-5-21-1448178001-3530575419-1287885553-1001\...\StartupApproved\Run: => "CCleaner Smart Cleaning" HKU\S-1-5-21-1448178001-3530575419-1287885553-1001\...\StartupApproved\Run: => "Steam" HKU\S-1-5-21-1448178001-3530575419-1287885553-1001\...\StartupApproved\Run: => "GoogleChromeAutoLaunch_912380A8932988DD38CA2E2787DA1B8E" HKU\S-1-5-21-1448178001-3530575419-1287885553-1001\...\StartupApproved\Run: => "com.squirrel.Teams.Teams" ==================== Reguły Zapory systemu Windows (filtrowane) ================ (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) FirewallRules: [UDP Query User{DED86CC3-02AD-4435-B966-C5B829BBF906}C:\users\q\appdata\local\alteryx\bin\alteryxgui.exe] => (Allow) C:\users\q\appdata\local\alteryx\bin\alteryxgui.exe => Brak pliku FirewallRules: [TCP Query User{FDED41C4-92C5-4471-9A20-705ADEAAC9F7}C:\users\q\appdata\local\alteryx\bin\alteryxgui.exe] => (Allow) C:\users\q\appdata\local\alteryx\bin\alteryxgui.exe => Brak pliku FirewallRules: [UDP Query User{1817D3E0-4936-400C-B4F4-8A6A441327F7}C:\users\q\appdata\local\microsoft\teams\current\teams.exe] => (Allow) C:\users\q\appdata\local\microsoft\teams\current\teams.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [TCP Query User{4A020509-7681-47DA-9EFC-F31EB630DC72}C:\users\q\appdata\local\microsoft\teams\current\teams.exe] => (Allow) C:\users\q\appdata\local\microsoft\teams\current\teams.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [{E65E1CA6-91D6-4512-8A17-E957E0DF8738}] => (Allow) C:\Users\q\AppData\Roaming\Zoom\bin\airhost.exe => Brak pliku FirewallRules: [{9334BFB7-9B42-4F17-AC92-8455CD6A34DE}] => (Allow) C:\Users\q\AppData\Roaming\Zoom\bin\Zoom.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.) FirewallRules: [{0BEC0069-2E45-4F87-9CB1-373024C2DFDC}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office15\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [{300068AB-B320-4F5E-9E0D-D5A0DF4D07C0}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office15\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [UDP Query User{96DF6AFE-B205-4E2E-BDFB-9F3E10601F38}C:\users\q\desktop\portfele\gobyte_0.12.1.3_windows64\gobyte-qt.exe] => (Block) C:\users\q\desktop\portfele\gobyte_0.12.1.3_windows64\gobyte-qt.exe () [Brak podpisu cyfrowego] FirewallRules: [TCP Query User{0A5649D6-4DDA-46AB-ACBC-22F35391E4ED}C:\users\q\desktop\portfele\gobyte_0.12.1.3_windows64\gobyte-qt.exe] => (Block) C:\users\q\desktop\portfele\gobyte_0.12.1.3_windows64\gobyte-qt.exe () [Brak podpisu cyfrowego] FirewallRules: [UDP Query User{162F16B4-3454-4100-BF13-50D71F82FF52}C:\users\q\desktop\portfele\vivo\vivo-qt.exe] => (Allow) C:\users\q\desktop\portfele\vivo\vivo-qt.exe () [Brak podpisu cyfrowego] FirewallRules: [TCP Query User{E8FE9718-6B08-450C-81E7-A755F47A9DAC}C:\users\q\desktop\portfele\vivo\vivo-qt.exe] => (Allow) C:\users\q\desktop\portfele\vivo\vivo-qt.exe () [Brak podpisu cyfrowego] FirewallRules: [UDP Query User{18FC7678-F08E-4130-8769-8BCEEB68EB6C}C:\users\q\desktop\portfele\gobyte_0.12.1.3_windows64\gobyted.exe] => (Block) C:\users\q\desktop\portfele\gobyte_0.12.1.3_windows64\gobyted.exe () [Brak podpisu cyfrowego] FirewallRules: [TCP Query User{5B0A46F3-C95E-4CEC-9BE4-BA75A2E7D70F}C:\users\q\desktop\portfele\gobyte_0.12.1.3_windows64\gobyted.exe] => (Block) C:\users\q\desktop\portfele\gobyte_0.12.1.3_windows64\gobyted.exe () [Brak podpisu cyfrowego] FirewallRules: [UDP Query User{87E3909F-3482-4A65-BDEC-30F08F659B98}C:\users\q\desktop\portfele\vivo\vivo-qt.exe] => (Block) C:\users\q\desktop\portfele\vivo\vivo-qt.exe () [Brak podpisu cyfrowego] FirewallRules: [TCP Query User{A854CFC3-D3F0-4FA4-86CF-1F68A755A89B}C:\users\q\desktop\portfele\vivo\vivo-qt.exe] => (Block) C:\users\q\desktop\portfele\vivo\vivo-qt.exe () [Brak podpisu cyfrowego] FirewallRules: [UDP Query User{F8765578-A690-4FDE-A0FB-795409EC36B3}C:\users\q\desktop\portfele\luxcoin\lux-qt.exe] => (Block) C:\users\q\desktop\portfele\luxcoin\lux-qt.exe () [Brak podpisu cyfrowego] FirewallRules: [TCP Query User{5555E95F-DC38-49D3-A282-29570AA10F9A}C:\users\q\desktop\portfele\luxcoin\lux-qt.exe] => (Block) C:\users\q\desktop\portfele\luxcoin\lux-qt.exe () [Brak podpisu cyfrowego] FirewallRules: [UDP Query User{B51B8F32-2697-40E9-8600-2ED810C26B95}C:\users\q\desktop\portfele\gobyte_0.12.1.3_windows64\gobyte-qt.exe] => (Block) C:\users\q\desktop\portfele\gobyte_0.12.1.3_windows64\gobyte-qt.exe () [Brak podpisu cyfrowego] FirewallRules: [TCP Query User{0B53EDD4-08C2-49A5-99FE-5480D791B88E}C:\users\q\desktop\portfele\gobyte_0.12.1.3_windows64\gobyte-qt.exe] => (Block) C:\users\q\desktop\portfele\gobyte_0.12.1.3_windows64\gobyte-qt.exe () [Brak podpisu cyfrowego] FirewallRules: [{1D4719D7-6D74-42E3-B2A4-30AD30F68B8E}] => (Allow) C:\Program Files (x86)\Lenovo\Lenovo Photo Master\subsys\AdvPhotoEditor\PhotoDirector5.exe (CyberLink Corp. -> CyberLink Corp.) FirewallRules: [{44A04B1D-7D2F-4C30-BA4B-862358AEBE7A}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe (NVIDIA Corporation -> NVIDIA Corporation) FirewallRules: [{4EEA54FB-09D9-4BC4-98A9-CC237D749030}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe (NVIDIA Corporation -> NVIDIA Corporation) FirewallRules: [{76DAC093-9BAF-49B5-A109-FCAF85CAB0B7}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation) FirewallRules: [{FDA35E08-6DCE-444F-AEB4-77FCAEDC68B2}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation) FirewallRules: [TCP Query User{E16A03EE-AFE7-48AC-8B40-8730818F1D59}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation) FirewallRules: [UDP Query User{70053620-EA09-47B3-B6E3-70B612E8044B}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation) FirewallRules: [{47BD0FDC-9288-4314-B9EC-898033AD6EB4}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office15\Lync.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [{ECAC903A-68FE-4A18-8F74-BD8B48232CD6}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office15\Lync.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [TCP Query User{CC4BB018-0391-43D9-9FC2-220258DF39B8}C:\users\q\desktop\portfele\straks\straks-1.14.7.1-win64\straks-qt.exe] => (Allow) C:\users\q\desktop\portfele\straks\straks-1.14.7.1-win64\straks-qt.exe () [Brak podpisu cyfrowego] FirewallRules: [UDP Query User{050E924E-C55D-4A00-9FA6-594D056B29BC}C:\users\q\desktop\portfele\straks\straks-1.14.7.1-win64\straks-qt.exe] => (Allow) C:\users\q\desktop\portfele\straks\straks-1.14.7.1-win64\straks-qt.exe () [Brak podpisu cyfrowego] FirewallRules: [{3F46799F-28B1-4F26-91A3-86912BAD8801}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform Software Ltd) FirewallRules: [{8AC211BD-79B5-4F27-A9D4-E3C02CCEA3E5}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform Software Ltd) FirewallRules: [{2B553285-A5A3-48A9-9539-9F189B51AF3B}] => (Allow) C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe (Intel Corporation -> ) FirewallRules: [{4D82BFEF-ABDB-4E28-A934-2C77300E9001}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation) FirewallRules: [{E7A9666E-E2D7-48E8-A36F-9CD5788340A5}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation) FirewallRules: [{6676691E-BEA3-468A-A62E-A4B4D9C29D7F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\LEGO Lord of the Rings\LEGOLOTR.exe (Travellers Tales (UK) Ltd -> Warner Bros. Interactive Entertainment) FirewallRules: [{3A66A16F-C4F1-4758-AA63-3DCB7D5C80D9}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\LEGO Lord of the Rings\LEGOLOTR.exe (Travellers Tales (UK) Ltd -> Warner Bros. Interactive Entertainment) FirewallRules: [{CF45995E-10DB-4A2D-B923-6AC41A325C39}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation) FirewallRules: [{5435B0C3-1F7B-46D2-8BD9-113BCDF22DE5}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation) FirewallRules: [TCP Query User{289B8761-DC13-464C-AB51-01416F3ADBAA}C:\users\q\appdata\local\microsoft\skypeforbusinessplugin\16.2.0.509\pluginhost.exe] => (Allow) C:\users\q\appdata\local\microsoft\skypeforbusinessplugin\16.2.0.509\pluginhost.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [UDP Query User{BC605E70-3803-4A35-84F4-79C32F9828EA}C:\users\q\appdata\local\microsoft\skypeforbusinessplugin\16.2.0.509\pluginhost.exe] => (Allow) C:\users\q\appdata\local\microsoft\skypeforbusinessplugin\16.2.0.509\pluginhost.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [{EDD4EA6E-2170-42F2-B896-7527EFF2A3DF}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.66.77.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.) FirewallRules: [{ED35C590-8728-4162-875B-3DFA7D874E42}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.66.77.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.) FirewallRules: [{F606DD84-5A14-49CB-94DC-2E425F354A4D}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.66.77.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.) FirewallRules: [{47D7A9CE-8B62-48D8-A8E6-AA5B8E29D821}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.66.77.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.) FirewallRules: [{326E40B4-8953-4093-B04F-521855D1CE93}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC) FirewallRules: [{B78A7AE5-FDD4-4531-96CE-2BEC478DDD64}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [{101063EA-C01B-4870-A69D-666EA9D6A70F}] => (Allow) C:\Program Files (x86)\BraveSoftware\Brave-Browser\Application\brave.exe (Brave Software, Inc. -> Brave Software, Inc.) FirewallRules: [{7551718F-B4AF-4B54-9DF0-2CB88C4A7BC0}] => (Block) C:\Program Files (x86)\Avira\SoftwareUpdater\avirasoftwareupdatertoastnotificationsbridge.exe (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) FirewallRules: [{F6090455-9409-49DE-BCAA-D476F62C74CB}] => (Allow) C:\Program Files (x86)\Avira\SoftwareUpdater\avirasoftwareupdatertoastnotificationsbridge.exe (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) FirewallRules: [{2AD74E8C-D913-4C91-9CE5-26AD161FBA73}] => (Allow) C:\Program Files (x86)\Avira\SoftwareUpdater\avirasoftwareupdatertoastnotificationsbridge.exe (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) ==================== Punkty Przywracania systemu ========================= 01-12-2020 12:45:23 Zaplanowany punkt kontrolny 10-12-2020 19:46:20 Zaplanowany punkt kontrolny 15-12-2020 12:52:22 Disk Drill 4.1.551.0 ==================== Wadliwe urządzenia w Menedżerze urządzeń ============ ==================== Błędy w Dzienniku zdarzeń: ======================== Dziennik Aplikacja: ================== Error: (12/15/2020 03:15:56 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Nazwa aplikacji powodującej błąd: DllHost.exe, wersja: 10.0.19041.546, sygnatura czasowa: 0xb850de5d Nazwa modułu powodującego błąd: combase.dll, wersja: 10.0.19041.662, sygnatura czasowa: 0x8f79024d Kod wyjątku: 0xc0000005 Przesunięcie błędu: 0x000aa7b2 Identyfikator procesu powodującego błąd: 0xd60 Godzina uruchomienia aplikacji powodującej błąd: 0x01d6d2ec1adeb355 Ścieżka aplikacji powodującej błąd: C:\WINDOWS\SysWOW64\DllHost.exe Ścieżka modułu powodującego błąd: C:\WINDOWS\System32\combase.dll Identyfikator raportu: ec7c85cb-fb62-419b-b7b9-fd94db71a43b Pełna nazwa pakietu powodującego błąd: Microsoft.SkypeApp_15.66.77.0_x86__kzf8qxf38zg5c Identyfikator aplikacji względem pakietu powodującego błąd: App Error: (12/15/2020 12:12:31 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Nazwa aplikacji powodującej błąd: wmiprvse.exe, wersja: 10.0.19041.546, sygnatura czasowa: 0x5da7ab91 Nazwa modułu powodującego błąd: ntdll.dll, wersja: 10.0.19041.662, sygnatura czasowa: 0x27bfa5f0 Kod wyjątku: 0xc0000005 Przesunięcie błędu: 0x000000000004bdfe Identyfikator procesu powodującego błąd: 0x1c9c Godzina uruchomienia aplikacji powodującej błąd: 0x01d6d2d0ffdaa7f5 Ścieżka aplikacji powodującej błąd: C:\WINDOWS\system32\wbem\wmiprvse.exe Ścieżka modułu powodującego błąd: C:\WINDOWS\SYSTEM32\ntdll.dll Identyfikator raportu: 19312dc1-7d56-4649-b87a-9ddde352c840 Pełna nazwa pakietu powodującego błąd: Identyfikator aplikacji względem pakietu powodującego błąd: Error: (12/14/2020 04:28:58 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Nazwa aplikacji powodującej błąd: wmiprvse.exe, wersja: 10.0.19041.546, sygnatura czasowa: 0x5da7ab91 Nazwa modułu powodującego błąd: ntdll.dll, wersja: 10.0.19041.662, sygnatura czasowa: 0x27bfa5f0 Kod wyjątku: 0xc0000005 Przesunięcie błędu: 0x0000000000016ca0 Identyfikator procesu powodującego błąd: 0x1e20 Godzina uruchomienia aplikacji powodującej błąd: 0x01d6d22bb07e3b76 Ścieżka aplikacji powodującej błąd: C:\WINDOWS\system32\wbem\wmiprvse.exe Ścieżka modułu powodującego błąd: C:\WINDOWS\SYSTEM32\ntdll.dll Identyfikator raportu: 1aac2a19-da5e-40d0-8f89-8e41d9abb883 Pełna nazwa pakietu powodującego błąd: Identyfikator aplikacji względem pakietu powodującego błąd: Error: (12/14/2020 04:14:02 PM) (Source: Microsoft-Windows-Perflib) (EventID: 1023) (User: ZARZĄDZANIE NT) Description: System Windows nie może załadować biblioteki DLL rozszerzalnego licznika „C:\WINDOWS\system32\sysmain.dll” (kod błędu systemu Win32: 126). Error: (12/14/2020 11:42:07 AM) (Source: VSS) (EventID: 8193) (User: ) Description: Błąd Usługi kopiowania woluminów w tle: nieoczekiwany błąd podczas wywoływania procedury CoCreateInstance. hr = 0x8007045b, Trwa proces zamykania systemu. . Error: (12/14/2020 11:42:07 AM) (Source: VSS) (EventID: 13) (User: ) Description: Informacje Usługi kopiowania woluminów w tle: nie można uruchomić serwera usługi COM z identyfikatorem CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} i nazwą CEventSystem. [0x8007045b, Trwa proces zamykania systemu. ] Error: (12/13/2020 04:27:51 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Nazwa aplikacji powodującej błąd: wmiprvse.exe, wersja: 10.0.19041.546, sygnatura czasowa: 0x5da7ab91 Nazwa modułu powodującego błąd: ntdll.dll, wersja: 10.0.19041.662, sygnatura czasowa: 0x27bfa5f0 Kod wyjątku: 0xc0000005 Przesunięcie błędu: 0x0000000000016ca0 Identyfikator procesu powodującego błąd: 0x1d2c Godzina uruchomienia aplikacji powodującej błąd: 0x01d6d1625a705478 Ścieżka aplikacji powodującej błąd: C:\WINDOWS\system32\wbem\wmiprvse.exe Ścieżka modułu powodującego błąd: C:\WINDOWS\SYSTEM32\ntdll.dll Identyfikator raportu: 93daa774-a988-4adb-b5b1-94041ca00cf5 Pełna nazwa pakietu powodującego błąd: Identyfikator aplikacji względem pakietu powodującego błąd: Error: (12/13/2020 04:12:53 PM) (Source: Microsoft-Windows-Perflib) (EventID: 1023) (User: ZARZĄDZANIE NT) Description: System Windows nie może załadować biblioteki DLL rozszerzalnego licznika „C:\WINDOWS\system32\sysmain.dll” (kod błędu systemu Win32: 126). Dziennik System: ============= Error: (12/15/2020 12:53:46 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-O65UTF3) Description: Serwer microsoft.windowscommunicationsapps_16005.13426.20316.0_x64__8wekyb3d8bbwe!microsoft.windowslive.calendar.AppXwkn9j84yh1kvnt49k5r8h6y1ecsv09hs.mca nie zarejestrował się w modelu DCOM w wymaganym czasie. Error: (12/15/2020 10:01:55 AM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-O65UTF3) Description: Serwer Microsoft.Windows.ContentDeliveryManager_10.0.19041.423_neutral_neutral_cw5n1h2txyewy!App.AppXdca9rykvbm0qn1fw9m2dbx828p2w3h8p.mca nie zarejestrował się w modelu DCOM w wymaganym czasie. Error: (12/14/2020 11:43:43 AM) (Source: Service Control Manager) (EventID: 7011) (User: ) Description: Upłynął limit czasu (30000 ms) podczas oczekiwania na odpowiedź transakcji z usługi ImControllerService. Error: (12/14/2020 11:42:07 AM) (Source: DCOM) (EventID: 10005) (User: ZARZĄDZANIE NT) Description: Model DCOM odebrał błąd 1115 podczas próby uruchomienia usługi SecurityHealthService z argumentami Niedostępny w celu uruchomienia serwera: {8C9C0DB7-2CBA-40F1-AFE0-C55740DD91A0} Error: (12/14/2020 11:42:03 AM) (Source: Service Control Manager) (EventID: 7009) (User: ) Description: Upłynął limit czasu (30000 ms) podczas oczekiwania na połączenie się z usługą OneSyncSvc_35472. Error: (12/13/2020 04:33:04 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-O65UTF3) Description: Serwer Microsoft.AAD.BrokerPlugin_1000.19041.423.0_neutral_neutral_cw5n1h2txyewy!Windows.Security.Authentication.Web.Core.BackgroundGetTokenTask.ClassId.WebAccountProvider nie zarejestrował się w modelu DCOM w wymaganym czasie. Error: (12/13/2020 04:33:04 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-O65UTF3) Description: Serwer Microsoft.AAD.BrokerPlugin_1000.19041.423.0_neutral_neutral_cw5n1h2txyewy!Windows.Security.Authentication.Web.Core.BackgroundGetTokenTask.ClassId.WebAccountProvider nie zarejestrował się w modelu DCOM w wymaganym czasie. Error: (12/13/2020 04:32:37 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-O65UTF3) Description: Serwer {5F7F3F7B-1177-4D4B-B1DB-BC6F671B8F25} nie zarejestrował się w modelu DCOM w wymaganym czasie. CodeIntegrity: =================================== Date: 2020-09-30 16:18:06.5880000Z Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files (x86)\Avira\Antivirus\avirasecuritycenteragent.exe) attempted to load \Device\HarddiskVolume3\Program Files (x86)\Avira\Antivirus\libcurl.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2020-09-11 12:03:41.7390000Z Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files (x86)\Avira\Antivirus\avirasecuritycenteragent.exe) attempted to load \Device\HarddiskVolume3\Program Files (x86)\Avira\Antivirus\libcurl.dll that did not meet the Custom 3 / Antimalware signing level requirements. ==================== Statystyki pamięci =========================== BIOS: LENOVO 2XCN37WW(V2.11) 03/02/2018 Płyta główna: LENOVO LNVNB161216 Procesor: Intel(R) Core(TM) i5-7200U CPU @ 2.50GHz Procent pamięci w użyciu: 73% Całkowita pamięć fizyczna: 8001.51 MB Dostępna pamięć fizyczna: 2152.69 MB Całkowita pamięć wirtualna: 10049.51 MB Dostępna pamięć wirtualna: 3232.68 MB ==================== Dyski ================================ Drive c: (Windows) (Fixed) (Total:197.09 GB) (Free:66.36 GB) NTFS Drive d: (LENOVO) (Fixed) (Total:25 GB) (Free:22.32 GB) NTFS Drive f: () (Removable) (Total:3.74 GB) (Free:1 GB) FAT32 \\?\Volume{0a775350-5db7-4a08-82f6-331f78d5646f}\ (WINRE_DRV) (Fixed) (Total:0.98 GB) (Free:0.48 GB) NTFS \\?\Volume{d7cd85a2-108c-40a7-a80f-745a42406400}\ (LENOVO_PART) (Fixed) (Total:14.17 GB) (Free:1.7 GB) NTFS \\?\Volume{f4a17219-e598-49b3-8a86-df1b455af9e6}\ (SYSTEM_DRV) (Fixed) (Total:0.25 GB) (Free:0.21 GB) FAT32 ==================== MBR & Tablica partycji ==================== ========================================================== Disk: 0 (Size: 238.5 GB) (Disk ID: FFA64DEB) Partition: GPT. ========================================================== Disk: 1 (MBR Code: Windows 7/8/10) (Size: 3.8 GB) (Disk ID: 74DB7B43) Partition 1: (Active) - (Size=3.7 GB) - (Type=0C) ==================== Koniec Addition.txt =======================