Rezultaty skanu uzupełniającego Farbar Recovery Scan Tool (x64) Wersja: 14-03-2021 Uruchomiony przez pati_ (16-03-2021 17:03:41) Uruchomiony z C:\Users\pati_\Downloads Windows 10 Home Wersja 2004 19041.867 (X64) (2020-10-22 13:15:43) Tryb startu: Normal ========================================================== ==================== Konta użytkowników: ============================= Administrator (S-1-5-21-4111564225-2441505280-3832451587-500 - Administrator - Disabled) DefaultAccount (S-1-5-21-4111564225-2441505280-3832451587-503 - Limited - Disabled) Guest (S-1-5-21-4111564225-2441505280-3832451587-501 - Limited - Disabled) pati_ (S-1-5-21-4111564225-2441505280-3832451587-1001 - Administrator - Enabled) => C:\Users\pati_ WDAGUtilityAccount (S-1-5-21-4111564225-2441505280-3832451587-504 - Limited - Disabled) ==================== Centrum zabezpieczeń ======================== (Załączenie wejścia w fixlist spowoduje jego usunięcie.) AV: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AV: AVG Antivirus (Enabled - Up to date) {4FC75CA5-1654-5411-7CFB-1893D506BCF4} AV: AVG Antivirus (Enabled - Up to date) {18A975F9-A60C-37D8-E30B-4BEF31AD3411} AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: AVG Antivirus (Enabled - Up to date) {F4A6BD41-306E-5B9F-464B-23E1AE81F649} ==================== Zainstalowane programy ====================== (W fixlist dozwolone tylko załączanie programów adware z flagą "Hidden" w celu ich uwidocznienia. Programy adware powinny zostać w poprawny sposób odinstalowane.) Aplikacje Microsoft 365 dla przedsiębiorstw - pl-pl (HKLM\...\O365ProPlusRetail - pl-pl) (Version: 16.0.13801.20294 - Microsoft Corporation) Apple Application Support (32-bit) (HKLM-x32\...\{9F7041CB-8398-4691-B8CB-0D52273BB3D9}) (Version: 7.4 - Apple Inc.) Apple Application Support (64-bit) (HKLM\...\{6E7DF4EE-1976-4215-9D81-755AFC95687D}) (Version: 7.4 - Apple Inc.) Apple Mobile Device Support (HKLM\...\{BA2A6DBB-B09A-43D8-84F3-21C1537B47D9}) (Version: 12.2.0.15 - Apple Inc.) Apple Software Update (HKLM-x32\...\{A30EA700-5515-48F0-88B0-9E99DC356B88}) (Version: 2.6.0.1 - Apple Inc.) AVG AntiVirus FREE (HKLM-x32\...\AVG Antivirus) (Version: 21.1.3164 - AVG Technologies) Build-a-lot (HKLM-x32\...\WTA-62ca4211-5803-444b-8dfd-04065d2aa4a1) (Version: 3.0.2.59 - WildTangent) Hidden Chromium (HKLM-x32\...\{3CCAD40A-6C4A-058A-DDCA-750A0D4AA68A}) (Version: - ) Crazy Chicken Soccer (HKLM-x32\...\WTA-fdca5ae6-5655-457b-8ea9-833f8f1bcac6) (Version: 2.2.0.110 - WildTangent) Hidden Dropbox 25 GB (HKLM-x32\...\{84D8451D-2ED6-3A59-ABA5-2A447F7C6310}) (Version: 4.1.2.0 - Dropbox, Inc.) Dropbox Update Helper (HKLM-x32\...\{099218A5-A723-43DC-8DB5-6173656A1E94}) (Version: 1.3.415.1 - Dropbox, Inc.) Hidden Google Chrome (HKLM-x32\...\Google Chrome) (Version: 88.0.4324.190 - Google LLC) Google Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.21.123 - Google Inc.) Hidden HP Audio Switch (HKLM-x32\...\{3A5141D4-47DB-4302-9B1C-272BE585BC8A}) (Version: 1.0.179.0 - HP Inc.) HP Documentation (HKLM\...\HP_Documentation) (Version: 1.0.0.1 - HP Inc.) HP ePrint SW (HKLM-x32\...\{54da9769-2364-4bd3-8139-6400500778b3}) (Version: 5.3.22034 - HP Inc.) HP JumpStart Launch (HKLM-x32\...\{81CA40FD-E11B-4DC1-AE33-A71EB044B8B7}) (Version: 1.1.275.0 - HP Inc.) HP Orbit (HKLM-x32\...\{82b971c1-85fa-4c53-ada1-4ec6be0c0c8a}) (Version: 3.5.171.271 - HP Inc.) HP System Event Utility (HKLM-x32\...\{29E20347-C62F-4657-938E-876A182B67F1}) (Version: 1.4.14 - HP Inc.) Intel(R) Chipset Device Software (HKLM-x32\...\{314d4c01-f54b-4125-a71f-1e2722c29050}) (Version: 10.1.1.40 - Intel(R) Corporation) Hidden Intel(R) Dynamic Platform and Thermal Framework (HKLM-x32\...\{654EE65D-FAA4-4EA6-8C07-DC94E6A304D4}) (Version: 8.2.11003.3588 - Intel Corporation) Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 11.7.0.1054 - Intel Corporation) Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 25.20.100.6518 - Intel Corporation) Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 15.2.12.1048 - Intel Corporation) Intel(R) Trusted Connect Service Client x86 (HKLM-x32\...\{C9552825-7BF2-4344-BA91-D3CD46F4C441}) (Version: 1.47.866.0 - Intel Corporation) Hidden Intel(R) Trusted Connect Services Client (HKLM-x32\...\{246c6cc0-9810-4728-9a29-28474de2eec5}) (Version: 1.47.866.0 - Intel Corporation) Hidden Intel(R) Wireless Bluetooth(R) (HKLM-x32\...\{559FA847-377D-4926-80A3-ED9E014D363A}) (Version: 19.60.0 - Intel Corporation) Intel® PROSet/Wireless Software (HKLM-x32\...\{05f918ac-9392-4f5d-8399-68c4c70550b0}) (Version: 19.60.1 - Intel Corporation) iTunes (HKLM\...\{02BC119C-5817-4851-B854-1A6FA5FA0F1B}) (Version: 12.9.4.102 - Apple Inc.) Magic Heroes: Save Our Park (HKLM-x32\...\WTA-f712e531-3c98-483b-95fe-350622bf0dd2) (Version: 3.0.2.59 - WildTangent) Hidden Microsoft 365 - en-us (HKLM\...\O365HomePremRetail - en-us) (Version: 16.0.13801.20294 - Microsoft Corporation) Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 89.0.774.45 - Microsoft Corporation) Microsoft ODBC Driver 11 for SQL Server (HKLM\...\{A22EED3F-6DB6-4987-8023-6C6B7030E554}) (Version: 12.2.5000.0 - Microsoft Corporation) Microsoft OneDrive (HKU\S-1-5-21-4111564225-2441505280-3832451587-1001\...\OneDriveSetup.exe) (Version: 20.169.0823.0008 - Microsoft Corporation) Microsoft SQL Server 2005 Backward compatibility (HKLM\...\{8909B8A7-CEAB-4772-BF29-1892C4E6603B}) (Version: 8.05.2309 - Microsoft Corporation) Microsoft SQL Server 2008 R2 Command Line Utilities (HKLM\...\{D9F711D3-3C90-4D79-9292-47C90C722E2A}) (Version: 10.50.1600.1 - Microsoft Corporation) Microsoft SQL Server 2008 R2 Native Client (HKLM\...\{2180B33F-3225-423E-BBC1-7798CFD3CD1F}) (Version: 10.50.1600.1 - Microsoft Corporation) Microsoft SQL Server 2008 Setup Support Files (HKLM\...\{6292D514-17A4-403F-98F9-E150F10C043D}) (Version: 10.3.5500.0 - Microsoft Corporation) Microsoft SQL Server 2012 Native Client (HKLM\...\{C20DACBE-19F2-47FF-AD22-BBB493499346}) (Version: 11.2.5643.3 - Microsoft Corporation) Microsoft SQL Server 2014 (64-bit) (HKLM\...\Microsoft SQL Server SQLServer2014) (Version: - Microsoft Corporation) Microsoft SQL Server 2014 Setup (English) (HKLM\...\{E0AE1947-4991-475D-B972-15C90905915A}) (Version: 12.2.5000.0 - Microsoft Corporation) Microsoft SQL Server 2014 Transact-SQL ScriptDom (HKLM\...\{E8C99927-8E6E-4B6B-B80C-1B8B23B1767D}) (Version: 12.2.5000.0 - Microsoft Corporation) Microsoft Teams (HKU\S-1-5-21-4111564225-2441505280-3832451587-1001\...\Teams) (Version: 1.4.00.4167 - Microsoft Corporation) Microsoft Update Health Tools (HKLM\...\{99FAF70F-9B61-4AB0-9EC0-B31F98FFDC4A}) (Version: 2.75.0.0 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.23506 (HKLM-x32\...\{23daf363-3020-4059-b3ae-dc4ad39fed19}) (Version: 14.0.23506.0 - Microsoft Corporation) Microsoft Visual C++ 2015-2019 Redistributable (x64) - 14.25.28508 (HKLM-x32\...\{6913e92a-b64e-41c9-a5e6-cef39207fe89}) (Version: 14.25.28508.3 - Microsoft Corporation) Microsoft VSS Writer for SQL Server 2014 (HKLM\...\{366CD715-2FF4-40B4-A8B4-A05E5D21A945}) (Version: 12.2.5000.0 - Microsoft Corporation) Office 16 Click-to-Run Extensibility Component (HKLM-x32\...\{90160000-008C-0000-0000-0000000FF1CE}) (Version: 16.0.13801.20274 - Microsoft Corporation) Hidden Office 16 Click-to-Run Extensibility Component 64-bit Registration (HKLM\...\{90160000-00DD-0000-1000-0000000FF1CE}) (Version: 16.0.13801.20274 - Microsoft Corporation) Hidden Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-008F-0000-1000-0000000FF1CE}) (Version: 16.0.13801.20274 - Microsoft Corporation) Hidden Office 16 Click-to-Run Localization Component (HKLM-x32\...\{90160000-008C-0409-0000-0000000FF1CE}) (Version: 16.0.13801.20274 - Microsoft Corporation) Hidden Office 16 Click-to-Run Localization Component (HKLM-x32\...\{90160000-008C-0415-0000-0000000FF1CE}) (Version: 16.0.13801.20274 - Microsoft Corporation) Hidden Origin (HKLM-x32\...\Origin) (Version: 10.5.66.38849 - Electronic Arts, Inc.) Pakiet sterowników systemu Windows - Ross-Tech HIDClass (01/05/2014 6.3.0.3) (HKLM\...\3A9B09BBD4F12A76FBBD3A428729660930BA5F13) (Version: 01/05/2014 6.3.0.3 - Ross-Tech) Pakiet sterowników systemu Windows - Ross-Tech USB Driver Package (05/12/2014 2.10.00) (HKLM\...\88B02C4BD09AA7910C55C4E74BE8F036244B5CF9) (Version: 05/12/2014 2.10.00 - Ross-Tech) Polar Bowler 1st Frame (HKLM-x32\...\WTA-c6186b2d-9242-42d2-b93d-54198dc08853) (Version: 3.0.2.59 - WildTangent) Hidden Ranch Rush 2 - Premium Edition (HKLM-x32\...\WTA-456a8fe4-bc3d-420b-8237-f475d5d09067) (Version: 2.2.0.97 - WildTangent) Hidden Razer Cortex (HKLM-x32\...\Razer Cortex_is1) (Version: 9.13.18.1333 - Razer Inc.) Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 10.0.15063.31235 - Realtek Semiconductor Corp.) Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 10.16.323.2017 - Realtek) Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.8940.1 - Realtek Semiconductor Corp.) Runefall (HKLM-x32\...\WTA-2d3c8132-6659-4afa-a565-2cd24e2bf34e) (Version: 3.0.2.126 - WildTangent) Hidden SAP Crystal Reports runtime engine for .NET Framework (32-bit) (HKLM-x32\...\{FBAB5DC0-657B-424F-BE58-07DEFF68917C}) (Version: 13.0.5.891 - SAP) Search the Web (Yahoo) (HKLM-x32\...\{1503FDC3-4583-2C43-F403-5CC324838F43}) (Version: - ) <==== UWAGA Service Pack 2 for SQL Server 2014 (KB3171021) (64-bit) (HKLM\...\KB3171021) (Version: 12.2.5000.0 - Microsoft Corporation) Spotify (HKU\S-1-5-21-4111564225-2441505280-3832451587-1001\...\Spotify) (Version: 1.1.28.721.g5b5ee660 - Spotify AB) SQL Server 2014 Common Files (HKLM\...\{BD1CD96B-FE4B-4EAE-83D4-6EF55AB5779C}) (Version: 12.2.5000.0 - Microsoft Corporation) Hidden SQL Server 2014 Common Files (HKLM\...\{F7012F84-80F5-4C25-852E-B1BA03276FE6}) (Version: 12.2.5000.0 - Microsoft Corporation) Hidden SQL Server 2014 Database Engine Services (HKLM\...\{17531BCD-C627-46A2-9F1E-7CC920E0E94A}) (Version: 12.2.5000.0 - Microsoft Corporation) Hidden SQL Server 2014 Database Engine Services (HKLM\...\{5082A9F3-AEE5-4639-9BA7-C19661BA7331}) (Version: 12.2.5000.0 - Microsoft Corporation) Hidden SQL Server 2014 Database Engine Shared (HKLM\...\{ACC530B8-B6B4-40D6-B59B-152468CF47D0}) (Version: 12.2.5000.0 - Microsoft Corporation) Hidden SQL Server 2014 Database Engine Shared (HKLM\...\{D1B847A9-B06B-4264-9EF0-78E6E1571E65}) (Version: 12.2.5000.0 - Microsoft Corporation) Hidden SQL Server Browser for SQL Server 2014 (HKLM-x32\...\{3204DE95-97D2-4261-A286-98A262E171D4}) (Version: 12.2.5000.0 - Microsoft Corporation) Sql Server Customer Experience Improvement Program (HKLM\...\{6476DB81-F263-4C04-8574-AAD31136C304}) (Version: 12.2.5000.0 - Microsoft Corporation) Hidden Środowisko uruchomieniowe Microsoft Edge WebView2 (HKLM-x32\...\Microsoft EdgeWebView) (Version: 89.0.774.50 - Microsoft Corporation) Teams Machine-Wide Installer (HKLM-x32\...\{39AF0813-FA7B-4860-ADBE-93B9B214B914}) (Version: 1.3.0.4461 - Microsoft Corporation) The Sims™ 4 (HKLM-x32\...\{48EBEBBF-B9F8-4520-A3CF-89A730721917}) (Version: 1.46.18.1020 - Electronic Arts Inc.) Trinklit Supreme (HKLM-x32\...\WTA-0799a92b-99de-4fb0-ad21-283ee8896725) (Version: 2.2.0.98 - WildTangent) Hidden Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{32DC821E-4A7D-4878-BEE8-337FA153D7F2}) (Version: 2.63.0.0 - Microsoft Corporation) Hidden Vulkan Run Time Libraries 1.0.33.0 (HKLM\...\VulkanRT1.0.33.0) (Version: 1.0.33.0 - LunarG, Inc.) WinRAR 5.91 (64-bitowy) (HKLM\...\WinRAR archiver) (Version: 5.91.0 - win.rar GmbH) World Of Warships (HKLM-x32\...\World Of Warships) (Version: - ) Zasady rachunkowoœci (HKLM-x32\...\Zasady rachunkowoœci_is1) (Version: - ) Packages: ========= Autodesk SketchBook -> C:\Program Files\WindowsApps\89006A2E.AutodeskSketchBook_5.1.0.0_x64__tf1gferkr813w [2019-11-05] (Autodesk Inc.) Dodatek Aparat multimediów dla aplikacji Zdjęcia -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2019-09-11] (Microsoft Corporation) HP Smart -> C:\Program Files\WindowsApps\AD2F1837.HPPrinterControl_122.3.838.0_x64__v10z8vjag6ke6 [2021-03-01] (HP Inc.) Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-02-13] (Microsoft Corporation) [MS Ad] Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-02-13] (Microsoft Corporation) [MS Ad] Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.9.1252.0_x64__8wekyb3d8bbwe [2021-02-01] (Microsoft Studios) [MS Ad] Netflix -> C:\Program Files\WindowsApps\4DF9E0F8.Netflix_6.97.752.0_x64__mcm4njqhnhss8 [2020-07-16] (Netflix, Inc.) Pasjans -> C:\Program Files\WindowsApps\26720RandomSaladGamesLLC.SimpleSolitaire_7.0.0.0_x64__kx24dqmazqk8j [2020-12-16] (Random Salad Games LLC) Synaptics TouchPad -> C:\Program Files\WindowsApps\SynapticsIncorporated.SynHPConsumerDApp_19005.35054.0.0_x64__807d65c4rvak2 [2020-03-14] (Synaptics Incorporated) ==================== Niestandardowe rejestracje CLSID (filtrowane): ============== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) CustomCLSID: HKU\S-1-5-21-4111564225-2441505280-3832451587-1001_Classes\CLSID\{19A6E644-14E6-4A60-B8D7-DD20610A871D}\InprocServer32 -> C:\Users\pati_\AppData\Local\Microsoft\TeamsMeetingAddin\1.0.20289.5\x64\Microsoft.Teams.AddinLoader.dll (Microsoft Corporation -> Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-4111564225-2441505280-3832451587-1001_Classes\CLSID\{CB965DF1-B8EA-49C7-BDAD-5457FDC1BF92}\InprocServer32 -> C:\Users\pati_\AppData\Local\Microsoft\TeamsMeetingAddin\1.0.20244.4\x64\Microsoft.Teams.AddinLoader.dll => Brak pliku ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> Brak pliku ShellIconOverlayIdentifiers: [00avg] -> {472083B1-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVG\Antivirus\ashShell.dll [2021-02-25] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.) ShellIconOverlayIdentifiers-x32: [00avg] -> {472083B1-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVG\Antivirus\ashShell.dll [2021-02-25] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.) ContextMenuHandlers1: [AVG] -> {472083B1-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVG\Antivirus\ashShell.dll [2021-02-25] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.) ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2020-08-25] (win.rar GmbH -> Alexander Roshal) ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2020-08-25] (win.rar GmbH -> Alexander Roshal) ContextMenuHandlers3: [00avg] -> {472083B1-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVG\Antivirus\ashShell.dll [2021-02-25] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.) ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> Brak pliku ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\System32\DriverStore\FileRepository\ki135422.inf_amd64_819df826076efbf4\igfxDTCM.dll [2020-03-16] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation) ContextMenuHandlers6: [AVG] -> {472083B1-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVG\Antivirus\ashShell.dll [2021-02-25] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.) ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2020-08-25] (win.rar GmbH -> Alexander Roshal) ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2020-08-25] (win.rar GmbH -> Alexander Roshal) ==================== Codecs (filtrowane) ==================== (Załączenie wejścia w fixlist spowoduje usunięcie obiektu z rejestru lub przywrócenie jego domyślnej postaci. Powiązany plik nie zostanie przeniesiony.) HKLM\...\Drivers32: [vidc.VP60] => C:\WINDOWS\SysWOW64\vp6vfw.dll [447752 2014-09-16] (Electronic Arts -> On2.com) HKLM\...\Drivers32: [vidc.VP61] => C:\WINDOWS\SysWOW64\vp6vfw.dll [447752 2014-09-16] (Electronic Arts -> On2.com) ==================== Skróty & WMI ======================== ==================== Załadowane moduły (filtrowane) ============= 2020-09-18 14:28 - 2020-09-18 14:28 - 000000000 ____L (Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\root\Office16\AppVIsvSubsystems32.dll 2020-09-18 14:28 - 2020-09-18 14:28 - 000000000 ____L (Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\root\Office16\c2r32.dll ==================== Alternate Data Streams (filtrowane) ======== ==================== Tryb awaryjny (filtrowane) ================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Wartość "AlternateShell" zostanie przywrócona.) HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\avgSP.sys => ""="Driver" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\avgSP.sys => ""="Driver" ==================== Powiązania plików (filtrowane) ================= ==================== Internet Explorer (filtrowane) ========== HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://us.search.yahoo.com/yhs/web?hspart=elm&hsimp=yhs-001&type=hdr_s_18_48_jny_soverj_00_00¶m1=1¶m2=f%3D1%26b%3DIE%26cc%3Dus%26pa%3Dhodor%26cd%3D2XzuyEtN2Y1L1Qzu0A0C0EtB0DtAtA0CyByD0D0A0E0CtA0DtN0D0TzutN1L2XzuyEtFtAtBtFtDtFtAtN1L1CzutN1L1G1B1V1N2Y1L1Qzu2SyDyCzz1R1P1QtA1QtGtB1P1Q1OtGyEtC1P1OtGzy1TtA1OtGyCtC1OtDzyyBtD1P1TyD1QyD2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyC0CyCyDtC0Fzz0AtGtDyB0EtAtGyEzytA0DtGzzzytDzytGyDzz0FtCtCyCzy0AtB0F0AtB2QtN0A0LzuyEtN1B2Z1V1T1S1NzutN1Q2Z1B1P1Rzu%26cr%3D1916465631%26a%3Dhdr_s_18_48_jny_soverj_00_00%26os_ver%3D10.0%26os%3DWindows%2B10%2BHome HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://hp17win10.msn.com/?pc=HCTE HKU\S-1-5-21-4111564225-2441505280-3832451587-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://hp17win10.msn.com/?pc=HCTE HKU\S-1-5-21-4111564225-2441505280-3832451587-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://securesearch.org/homepage?hp=2&pId=BT171101&iDate=2020-03-29 05:10:33&bName= SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxps://us.search.yahoo.com/yhs/search?hspart=elm&hsimp=yhs-001&type=hdr_s_18_48_jny_soverj_00_00¶m1=1¶m2=f%3D4%26b%3DIE%26cc%3Dus%26pa%3Dhodor%26cd%3D2XzuyEtN2Y1L1Qzu0A0C0EtB0DtAtA0CyByD0D0A0E0CtA0DtN0D0TzutN1L2XzuyEtFtAtBtFtDtFtAtN1L1CzutN1L1G1B1V1N2Y1L1Qzu2SyDyCzz1R1P1QtA1QtGtB1P1Q1OtGyEtC1P1OtGzy1TtA1OtGyCtC1OtDzyyBtD1P1TyD1QyD2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyC0CyCyDtC0Fzz0AtGtDyB0EtAtGyEzytA0DtGzzzytDzytGyDzz0FtCtCyCzy0AtB0F0AtB2QtN0A0LzuyEtN1B2Z1V1T1S1NzutN1Q2Z1B1P1Rzu%26cr%3D1916465631%26a%3Dhdr_s_18_48_jny_soverj_00_00%26os_ver%3D10.0%26os%3DWindows%2B10%2BHome&p={searchTerms} SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxps://us.search.yahoo.com/yhs/search?hspart=elm&hsimp=yhs-001&type=hdr_s_18_48_jny_soverj_00_00¶m1=1¶m2=f%3D4%26b%3DIE%26cc%3Dus%26pa%3Dhodor%26cd%3D2XzuyEtN2Y1L1Qzu0A0C0EtB0DtAtA0CyByD0D0A0E0CtA0DtN0D0TzutN1L2XzuyEtFtAtBtFtDtFtAtN1L1CzutN1L1G1B1V1N2Y1L1Qzu2SyDyCzz1R1P1QtA1QtGtB1P1Q1OtGyEtC1P1OtGzy1TtA1OtGyCtC1OtDzyyBtD1P1TyD1QyD2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyC0CyCyDtC0Fzz0AtGtDyB0EtAtGyEzytA0DtGzzzytDzytGyDzz0FtCtCyCzy0AtB0F0AtB2QtN0A0LzuyEtN1B2Z1V1T1S1NzutN1Q2Z1B1P1Rzu%26cr%3D1916465631%26a%3Dhdr_s_18_48_jny_soverj_00_00%26os_ver%3D10.0%26os%3DWindows%2B10%2BHome&p={searchTerms} SearchScopes: HKLM -> {DE86EBDF-85F9-493F-9680-BE7BB7D70DF8} URL = hxxp://www.amazon.co.uk/s/ref=azs_osd_ieauk?ie=UTF-8&tag=hp-uk1-vsb-21&link%5Fcode=qs&index=aps&field-keywords={searchTerms} SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxps://us.search.yahoo.com/yhs/search?hspart=elm&hsimp=yhs-001&type=hdr_s_18_48_jny_soverj_00_00¶m1=1¶m2=f%3D4%26b%3DIE%26cc%3Dus%26pa%3Dhodor%26cd%3D2XzuyEtN2Y1L1Qzu0A0C0EtB0DtAtA0CyByD0D0A0E0CtA0DtN0D0TzutN1L2XzuyEtFtAtBtFtDtFtAtN1L1CzutN1L1G1B1V1N2Y1L1Qzu2SyDyCzz1R1P1QtA1QtGtB1P1Q1OtGyEtC1P1OtGzy1TtA1OtGyCtC1OtDzyyBtD1P1TyD1QyD2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyC0CyCyDtC0Fzz0AtGtDyB0EtAtGyEzytA0DtGzzzytDzytGyDzz0FtCtCyCzy0AtB0F0AtB2QtN0A0LzuyEtN1B2Z1V1T1S1NzutN1Q2Z1B1P1Rzu%26cr%3D1916465631%26a%3Dhdr_s_18_48_jny_soverj_00_00%26os_ver%3D10.0%26os%3DWindows%2B10%2BHome&p={searchTerms} SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxps://us.search.yahoo.com/yhs/search?hspart=elm&hsimp=yhs-001&type=hdr_s_18_48_jny_soverj_00_00¶m1=1¶m2=f%3D4%26b%3DIE%26cc%3Dus%26pa%3Dhodor%26cd%3D2XzuyEtN2Y1L1Qzu0A0C0EtB0DtAtA0CyByD0D0A0E0CtA0DtN0D0TzutN1L2XzuyEtFtAtBtFtDtFtAtN1L1CzutN1L1G1B1V1N2Y1L1Qzu2SyDyCzz1R1P1QtA1QtGtB1P1Q1OtGyEtC1P1OtGzy1TtA1OtGyCtC1OtDzyyBtD1P1TyD1QyD2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyC0CyCyDtC0Fzz0AtGtDyB0EtAtGyEzytA0DtGzzzytDzytGyDzz0FtCtCyCzy0AtB0F0AtB2QtN0A0LzuyEtN1B2Z1V1T1S1NzutN1Q2Z1B1P1Rzu%26cr%3D1916465631%26a%3Dhdr_s_18_48_jny_soverj_00_00%26os_ver%3D10.0%26os%3DWindows%2B10%2BHome&p={searchTerms} SearchScopes: HKLM-x32 -> {DE86EBDF-85F9-493F-9680-BE7BB7D70DF8} URL = hxxp://www.amazon.co.uk/s/ref=azs_osd_ieauk?ie=UTF-8&tag=hp-uk1-vsb-21&link%5Fcode=qs&index=aps&field-keywords={searchTerms} SearchScopes: HKU\S-1-5-21-4111564225-2441505280-3832451587-1001 -> DefaultScope {BF61237C-1EAC-454C-B624-BB80E7E481D8} URL = hxxp://www.global-pl.com/search?q={searchTerms} SearchScopes: HKU\S-1-5-21-4111564225-2441505280-3832451587-1001 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxps://us.search.yahoo.com/yhs/search?hspart=elm&hsimp=yhs-001&type=hdr_s_18_48_jny_soverj_00_00¶m1=1¶m2=f%3D4%26b%3DIE%26cc%3Dus%26pa%3Dhodor%26cd%3D2XzuyEtN2Y1L1Qzu0A0C0EtB0DtAtA0CyByD0D0A0E0CtA0DtN0D0TzutN1L2XzuyEtFtAtBtFtDtFtAtN1L1CzutN1L1G1B1V1N2Y1L1Qzu2SyDyCzz1R1P1QtA1QtGtB1P1Q1OtGyEtC1P1OtGzy1TtA1OtGyCtC1OtDzyyBtD1P1TyD1QyD2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyC0CyCyDtC0Fzz0AtGtDyB0EtAtGyEzytA0DtGzzzytDzytGyDzz0FtCtCyCzy0AtB0F0AtB2QtN0A0LzuyEtN1B2Z1V1T1S1NzutN1Q2Z1B1P1Rzu%26cr%3D1916465631%26a%3Dhdr_s_18_48_jny_soverj_00_00%26os_ver%3D10.0%26os%3DWindows%2B10%2BHome&p={searchTerms} SearchScopes: HKU\S-1-5-21-4111564225-2441505280-3832451587-1001 -> {993F5746-4C15-42BC-99C1-064A1764271B} URL = hxxps://securesearch.org?q={searchTerms} SearchScopes: HKU\S-1-5-21-4111564225-2441505280-3832451587-1001 -> {BF61237C-1EAC-454C-B624-BB80E7E481D8} URL = hxxp://www.global-pl.com/search?q={searchTerms} SearchScopes: HKU\S-1-5-21-4111564225-2441505280-3832451587-1001 -> {DE86EBDF-85F9-493F-9680-BE7BB7D70DF8} URL = hxxp://www.amazon.co.uk/s/ref=azs_osd_ieauk?ie=UTF-8&tag=hp-uk1-vsb-21&link%5Fcode=qs&index=aps&field-keywords={searchTerms} BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2021-03-08] (Microsoft Corporation -> Microsoft Corporation) BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\Office16\OCHelper.dll [2021-03-08] (Microsoft Corporation -> Microsoft Corporation) Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2021-03-08] (Microsoft Corporation -> Microsoft Corporation) Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2021-03-08] (Microsoft Corporation -> Microsoft Corporation) Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2021-03-08] (Microsoft Corporation -> Microsoft Corporation) Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2021-03-08] (Microsoft Corporation -> Microsoft Corporation) Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll Brak pliku (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru.) IE trusted site: HKU\.DEFAULT\...\localhost -> localhost IE trusted site: HKU\.DEFAULT\...\webcompanion.com -> hxxp://webcompanion.com IE trusted site: HKU\S-1-5-21-4111564225-2441505280-3832451587-1001\...\localhost -> localhost IE trusted site: HKU\S-1-5-21-4111564225-2441505280-3832451587-1001\...\sharepoint.com -> hxxps://gpe-files.sharepoint.com IE trusted site: HKU\S-1-5-21-4111564225-2441505280-3832451587-1001\...\webcompanion.com -> hxxp://webcompanion.com ==================== Hosts - zawartość: ========================= (Użycie dyrektywy Hosts: w fixlist spowoduje reset pliku Hosts.) 2017-03-18 22:03 - 2019-06-16 17:09 - 000002103 _____ C:\WINDOWS\system32\drivers\etc\hosts 0.0.0.0 0.0.0.0 # fix for traceroute and netstat display anomaly 0.0.0.0 tracking.opencandy.com.s3.amazonaws.com 0.0.0.0 media.opencandy.com 0.0.0.0 cdn.opencandy.com 0.0.0.0 tracking.opencandy.com 0.0.0.0 api.opencandy.com 0.0.0.0 api.recommendedsw.com 0.0.0.0 rp.yefeneri2.com 0.0.0.0 os.yefeneri2.com 0.0.0.0 os2.yefeneri2.com 0.0.0.0 installer.betterinstaller.com 0.0.0.0 installer.filebulldog.com 0.0.0.0 d3oxtn1x3b8d7i.cloudfront.net 0.0.0.0 inno.bisrv.com 0.0.0.0 nsis.bisrv.com 0.0.0.0 cdn.file2desktop.com 0.0.0.0 cdn.goateastcach.us 0.0.0.0 cdn.guttastatdk.us 0.0.0.0 cdn.inskinmedia.com 0.0.0.0 cdn.insta.oibundles2.com 0.0.0.0 cdn.insta.playbryte.com 0.0.0.0 cdn.llogetfastcach.us 0.0.0.0 cdn.montiera.com 0.0.0.0 cdn.msdwnld.com 0.0.0.0 cdn.mypcbackup.com 0.0.0.0 cdn.ppdownload.com 0.0.0.0 cdn.riceateastcach.us 0.0.0.0 cdn.shyapotato.us 0.0.0.0 cdn.solimba.com 0.0.0.0 cdn.tuto4pc.com ==================== Inne obszary =========================== (Obecnie brak automatycznej naprawy dla tej sekcji.) HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Intel\iCLS Client\;C:\Program Files\Intel\iCLS Client\;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files\Intel\Intel(R) Management Engine Components\IPT;%SYSTEMROOT%\System32\OpenSSH\;C:\Program Files\Microsoft SQL Server\Client SDK\ODBC\110\Tools\Binn\;C:\Program Files (x86)\Microsoft SQL Server\120\Tools\Binn\;C:\Program Files\Microsoft SQL Server\120\Tools\Binn\;C:\Program Files\Microsoft SQL Server\120\DTS\Binn\;C:\Program Files (x86)\Microsoft SQL Server\80\Tools\Binn\ HKU\S-1-5-21-4111564225-2441505280-3832451587-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\pati_\AppData\Local\Packages\Microsoft.Windows.Photos_8wekyb3d8bbwe\LocalState\PhotosAppBackground\r8nHMaK.gif DNS Servers: 192.168.0.1 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1) HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: ) Zapora systemu Windows [funkcja włączona] ==================== MSCONFIG/TASK MANAGER - Wyłączone elementy == (Załączenie wejścia w fixlist spowoduje jego usunięcie.) HKLM\...\StartupApproved\Run: => "RTHDVCPL" HKLM\...\StartupApproved\Run: => "iTunesHelper" HKLM\...\StartupApproved\Run32: => "HPMessageService" HKU\S-1-5-21-4111564225-2441505280-3832451587-1001\...\StartupApproved\Run: => "OneDrive" HKU\S-1-5-21-4111564225-2441505280-3832451587-1001\...\StartupApproved\Run: => "GoogleChromeAutoLaunch_B5492418FA27518FCB5EFE897D445984" HKU\S-1-5-21-4111564225-2441505280-3832451587-1001\...\StartupApproved\Run: => "Spotify" HKU\S-1-5-21-4111564225-2441505280-3832451587-1001\...\StartupApproved\Run: => "EADM" HKU\S-1-5-21-4111564225-2441505280-3832451587-1001\...\StartupApproved\Run: => "Web Companion" ==================== Reguły Zapory systemu Windows (filtrowane) ================ (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) FirewallRules: [{DAD2FD7D-58FB-4D87-8DD2-7AC1D4C5EF18}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe => Brak pliku FirewallRules: [{080C8E36-60BE-414D-89FD-268EDBBBF6A3}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe => Brak pliku FirewallRules: [{79B2DD67-B578-419D-A2D4-91FD6C9BBE36}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe => Brak pliku FirewallRules: [{24887DC5-8350-4080-BAA8-FEA6A5FD1630}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe => Brak pliku FirewallRules: [UDP Query User{4EAA7F46-8232-41D6-B23B-46DFFE51DBED}C:\users\pati_\appdata\local\microsoft\teams\current\teams.exe] => (Block) C:\users\pati_\appdata\local\microsoft\teams\current\teams.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [TCP Query User{CD74B288-32D8-423B-AE79-B8379879E3F0}C:\users\pati_\appdata\local\microsoft\teams\current\teams.exe] => (Block) C:\users\pati_\appdata\local\microsoft\teams\current\teams.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [UDP Query User{E51FAAC4-9108-4427-9061-3A910D4BF1F0}C:\program files\the sims 4\game\bin\ts4_x64.exe] => (Block) C:\program files\the sims 4\game\bin\ts4_x64.exe (Electronic Arts Inc.) [Brak podpisu cyfrowego] FirewallRules: [TCP Query User{C3FB35DE-A1EB-4B51-9933-D56EDD51E20A}C:\program files\the sims 4\game\bin\ts4_x64.exe] => (Block) C:\program files\the sims 4\game\bin\ts4_x64.exe (Electronic Arts Inc.) [Brak podpisu cyfrowego] FirewallRules: [UDP Query User{0C409516-1A0E-4DF2-A8CE-D0A665A3C647}C:\users\pati_\appdata\local\microsoft\teams\current\teams.exe] => (Block) C:\users\pati_\appdata\local\microsoft\teams\current\teams.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [TCP Query User{07ABA530-264A-45BC-8095-CB1602073FC5}C:\users\pati_\appdata\local\microsoft\teams\current\teams.exe] => (Block) C:\users\pati_\appdata\local\microsoft\teams\current\teams.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [{7B35D594-4461-4063-8034-7B7C73D61A66}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [{14FC5D05-6356-4ACC-98B2-D4101B580909}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [{9648E715-6043-407E-A829-D0C53FC989D9}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [{ED323C15-AA93-4D93-A28C-8C6CB660D937}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [{6EAF6308-BE3B-49FB-B759-DABD948B128F}] => (Allow) C:\Program Files\The Sims 4\Game\Bin\TS4_x64.exe (Electronic Arts Inc.) [Brak podpisu cyfrowego] FirewallRules: [{55693D59-76B1-4BED-88A7-53430DC8F816}] => (Allow) C:\Program Files\The Sims 4\Game\Bin\TS4_x64.exe (Electronic Arts Inc.) [Brak podpisu cyfrowego] FirewallRules: [{3743DBE1-9BFB-40F5-B646-94249B7FE412}] => (Allow) C:\Program Files\The Sims 4\Game\Bin\TS4.exe (Electronic Arts Inc.) [Brak podpisu cyfrowego] FirewallRules: [{98DBCD66-9649-4463-90AB-7CA97D7174AE}] => (Allow) C:\Program Files\The Sims 4\Game\Bin\TS4.exe (Electronic Arts Inc.) [Brak podpisu cyfrowego] FirewallRules: [UDP Query User{3029B169-EFB7-4F60-A124-826B7F54E8B1}C:\users\pati_\appdata\roaming\utorrent web\utweb.exe] => (Block) C:\users\pati_\appdata\roaming\utorrent web\utweb.exe => Brak pliku FirewallRules: [TCP Query User{BF09DAE9-0F4B-4912-B51B-D2DA6C5A0545}C:\users\pati_\appdata\roaming\utorrent web\utweb.exe] => (Block) C:\users\pati_\appdata\roaming\utorrent web\utweb.exe => Brak pliku FirewallRules: [UDP Query User{CF68CCB6-C1B8-4E9D-B42D-E7E716BE2533}C:\users\pati_\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\pati_\appdata\roaming\spotify\spotify.exe (Spotify AB -> Spotify Ltd) FirewallRules: [TCP Query User{9AA5A4D4-F8B2-44E1-A333-A7BB000D6E01}C:\users\pati_\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\pati_\appdata\roaming\spotify\spotify.exe (Spotify AB -> Spotify Ltd) FirewallRules: [{B4A98538-A3A9-4F73-9F64-28D1906CA911}] => (Allow) C:\Users\pati_\AppData\Local\Programs\Opera\52.0.2871.40\opera.exe => Brak pliku FirewallRules: [{4FDFE447-332A-485C-AEC1-3C6245155994}] => (Allow) C:\Users\pati_\AppData\Local\Programs\Opera\51.0.2830.55\opera.exe => Brak pliku FirewallRules: [{87070CB9-C94B-4EE2-801B-1CD5FA0515C3}] => (Allow) LPort=13148 FirewallRules: [{5EEE5996-3453-4827-AAB0-5E2D655CAB29}] => (Allow) C:\Program Files\HP\HP Orbit Service\HPOrbitService.exe => Brak pliku FirewallRules: [{E162576D-AECA-4D7B-B22A-7A1673FDF397}] => (Allow) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc. -> Apple Inc.) FirewallRules: [{6B247683-D743-4FC7-BB93-3C823083F27C}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe => Brak pliku FirewallRules: [{0A471C7F-624B-4BDC-A8C1-D8C1112D32E1}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe => Brak pliku FirewallRules: [{FB46B7DD-2267-494D-9E6A-6982A2213BDE}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe => Brak pliku FirewallRules: [{F8F36016-9E4F-4B57-9AFB-5C3302B2FFB7}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe => Brak pliku FirewallRules: [{0BCC9771-6A96-452E-8095-E15BEBF80D74}] => (Allow) C:\Users\pati_\AppData\Local\Chromium\Application\chrome.exe (The Chromium Authors) [Brak podpisu cyfrowego] FirewallRules: [{767505BB-3F7A-43A2-B3C0-0CD5CBAE0A59}] => (Allow) C:\Program Files (x86)\Common Files\Mcafee\MMSSHost\MMSSHost.exe => Brak pliku FirewallRules: [{77C123EE-3870-499F-A413-BB116F2ABC35}] => (Allow) C:\Program Files\Common Files\McAfee\MMSSHost\MMSSHost.exe => Brak pliku FirewallRules: [{63591F09-341F-4814-8907-58EB75001130}] => (Allow) C:\Program Files (x86)\Origin Games\The Sims 4\Game\Bin\TS4.exe => Brak pliku FirewallRules: [{7A7B4EA8-D3D0-493E-BF28-12BFE1B63376}] => (Allow) C:\Program Files (x86)\Origin Games\The Sims 4\Game\Bin\TS4.exe => Brak pliku FirewallRules: [{A28F6B9A-9E82-42BE-BD79-80B9D4FE800F}] => (Allow) C:\Program Files (x86)\Origin Games\The Sims 4\Game\Bin\TS4_x64.exe => Brak pliku FirewallRules: [{2EA046C8-CBA0-480E-BDA1-7B8243C53803}] => (Allow) C:\Program Files (x86)\Origin Games\The Sims 4\Game\Bin\TS4_x64.exe => Brak pliku FirewallRules: [TCP Query User{3343E49D-1019-4DE1-AC39-8600ED652036}C:\users\pati_\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\pati_\appdata\roaming\spotify\spotify.exe (Spotify AB -> Spotify Ltd) FirewallRules: [UDP Query User{26958B43-118C-4EBC-9355-68D7974743BC}C:\users\pati_\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\pati_\appdata\roaming\spotify\spotify.exe (Spotify AB -> Spotify Ltd) FirewallRules: [{F3CA75E5-417D-417B-A5E6-274F2BFD5253}] => (Allow) C:\Program Files\iTunes\iTunes.exe (Apple Inc. -> Apple Inc.) FirewallRules: [{ADF2746F-7A4D-4681-A363-A7202FF1AD5E}] => (Allow) C:\Ross-Tech\VCDS\VCDS.EXE => Brak pliku FirewallRules: [{AC858E73-3EB4-4EC9-A175-F5652E3F8BA1}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [{EE992492-DB9E-4AAE-8946-7208E641DFF1}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.68.96.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.) FirewallRules: [{913F50A8-E151-444F-A51B-AA716EE384E6}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.68.96.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.) FirewallRules: [{A24F0229-F85C-4985-AE0E-9A6BB3087824}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.68.96.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.) FirewallRules: [{93CC1199-48E5-4559-A5BB-3F98A4C143FA}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.68.96.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.) FirewallRules: [{56A01632-DF9E-42C2-9699-C90B0D644217}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC) FirewallRules: [{07505DA3-E79A-4DB7-BB9D-4A2491BB4119}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\89.0.774.50\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation) ==================== Punkty Przywracania systemu ========================= 11-03-2021 16:07:02 Instalator modułów systemu Windows 16-03-2021 16:23:10 Removed Energy Star 16-03-2021 16:28:19 Removed Neighbours From Hell 16-03-2021 16:29:43 Removed Neighbours From Hell Online Demo ==================== Wadliwe urządzenia w Menedżerze urządzeń ============ ==================== Błędy w Dzienniku zdarzeń: ======================== Dziennik Aplikacja: ================== Error: (03/16/2021 04:34:03 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Nazwa aplikacji powodującej błąd: utweb.exe, wersja: 1.1.4.3435, sygnatura czasowa: 0x601b599f Nazwa modułu powodującego błąd: ntdll.dll, wersja: 10.0.19041.844, sygnatura czasowa: 0xa9ac4e88 Kod wyjątku: 0xc0000005 Przesunięcie błędu: 0x0005f653 Identyfikator procesu powodującego błąd: 0x25d0 Godzina uruchomienia aplikacji powodującej błąd: 0x01d71a7711b06161 Ścieżka aplikacji powodującej błąd: C:\Users\pati_\AppData\Roaming\uTorrent Web\utweb.exe Ścieżka modułu powodującego błąd: C:\WINDOWS\SYSTEM32\ntdll.dll Identyfikator raportu: 09279af7-2d62-4248-beb3-5b0a91b73373 Pełna nazwa pakietu powodującego błąd: Identyfikator aplikacji względem pakietu powodującego błąd: Error: (03/16/2021 04:29:57 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: ) Description: Przetwarzanie wywołania OnIdentity() w obiekcie System Writer przez Usługi kryptograficzne nie powiodło się. Details: AddLegacyDriverFiles: Unable to back up image of binary MsQuic. System Error: The resource loader failed to find MUI file. . Error: (03/16/2021 04:28:26 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: ) Description: Przetwarzanie wywołania OnIdentity() w obiekcie System Writer przez Usługi kryptograficzne nie powiodło się. Details: AddLegacyDriverFiles: Unable to back up image of binary MsQuic. System Error: The resource loader failed to find MUI file. . Error: (03/16/2021 04:24:57 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Nazwa aplikacji powodującej błąd: Microsoft.Photos.exe, wersja: 2020.20120.4004.0, sygnatura czasowa: 0x5fcaab3d Nazwa modułu powodującego błąd: KERNELBASE.dll, wersja: 10.0.19041.804, sygnatura czasowa: 0x0e9c5eae Kod wyjątku: 0x80131623 Przesunięcie błędu: 0x000000000010bd5c Identyfikator procesu powodującego błąd: 0x470 Godzina uruchomienia aplikacji powodującej błąd: 0x01d71a7866803c8a Ścieżka aplikacji powodującej błąd: C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2020.20120.4004.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe Ścieżka modułu powodującego błąd: C:\WINDOWS\System32\KERNELBASE.dll Identyfikator raportu: 58898ba5-73f4-4d68-866b-025220afa7e0 Pełna nazwa pakietu powodującego błąd: Microsoft.Windows.Photos_2020.20120.4004.0_x64__8wekyb3d8bbwe Identyfikator aplikacji względem pakietu powodującego błąd: App Error: (03/16/2021 04:24:27 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: ) Description: Przetwarzanie wywołania OnIdentity() w obiekcie System Writer przez Usługi kryptograficzne nie powiodło się. Details: AddLegacyDriverFiles: Unable to back up image of binary MsQuic. System Error: The resource loader failed to find MUI file. . Error: (03/14/2021 06:26:54 PM) (Source: Microsoft-Windows-Defrag) (EventID: 264) (User: ) Description: Optymalizator magazynów nie może zakończyć operacji ograniczenie ponowne na RECOVERY (D:) z następującego powodu: Żądana operacja nie jest obsługiwana przez sprzęt obsługujący wolumin. (0x8900002A) Error: (03/14/2021 06:26:53 PM) (Source: Microsoft-Windows-Defrag) (EventID: 264) (User: ) Description: Optymalizator magazynów nie może zakończyć operacji ograniczenie ponowne na Windows (C:) z następującego powodu: Żądana operacja nie jest obsługiwana przez sprzęt obsługujący wolumin. (0x8900002A) Error: (03/11/2021 11:38:36 PM) (Source: VSS) (EventID: 8193) (User: ) Description: Błąd Usługi kopiowania woluminów w tle: nieoczekiwany błąd podczas wywoływania procedury CoCreateInstance. hr = 0x8007045b, A system shutdown is in progress. . Dziennik System: ============= Error: (03/12/2021 12:00:33 PM) (Source: DCOM) (EventID: 10010) (User: LAPTOP-N93U0AA1) Description: Serwer microsoft.windowscommunicationsapps_16005.13426.20688.0_x64__8wekyb3d8bbwe!microsoft.windowslive.calendar.AppXwkn9j84yh1kvnt49k5r8h6y1ecsv09hs.mca nie zarejestrował się w modelu DCOM w wymaganym czasie. Error: (03/12/2021 12:02:59 AM) (Source: DCOM) (EventID: 10010) (User: ZARZĄDZANIE NT) Description: Serwer {E60687F7-01A1-40AA-86AC-DB1CBF673334} nie zarejestrował się w modelu DCOM w wymaganym czasie. Error: (03/11/2021 11:48:49 PM) (Source: Service Control Manager) (EventID: 7022) (User: ) Description: Usługa Usługa koordynatora aktualizacji zawiesiła się podczas uruchamiania. Error: (03/11/2021 11:48:19 PM) (Source: DCOM) (EventID: 10010) (User: LAPTOP-N93U0AA1) Description: Serwer Microsoft.549981C3F5F10_2.2102.8653.0_x64__8wekyb3d8bbwe!App.AppXsaksz8g893wmfxp53kxywv7nedj5wtfh.mca nie zarejestrował się w modelu DCOM w wymaganym czasie. Error: (03/11/2021 11:41:28 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Nie można uruchomić usługi Origin Web Helper Service z powodu następującego błędu: Usługa nie odpowiada na sygnał uruchomienia lub sygnał sterujący w oczekiwanym czasie. Error: (03/11/2021 11:41:28 PM) (Source: Service Control Manager) (EventID: 7009) (User: ) Description: Upłynął limit czasu (45000 ms) podczas oczekiwania na połączenie się z usługą Origin Web Helper Service. Error: (03/07/2021 03:59:39 PM) (Source: DCOM) (EventID: 10010) (User: ZARZĄDZANIE NT) Description: Serwer {E60687F7-01A1-40AA-86AC-DB1CBF673334} nie zarejestrował się w modelu DCOM w wymaganym czasie. Error: (03/07/2021 03:57:39 PM) (Source: DCOM) (EventID: 10010) (User: ZARZĄDZANIE NT) Description: Serwer {E60687F7-01A1-40AA-86AC-DB1CBF673334} nie zarejestrował się w modelu DCOM w wymaganym czasie. Windows Defender: ================ Date: 2021-03-11 23:41:28 Description: Agent ochrony w czasie rzeczywistym produktu Program antywirusowy Microsoft Defender wykrył błąd i jego uruchomienie nie powiodło się. Funkcja: Monitorowanie zachowania Kod błędu: 0x80004005 Opis błędu: Nieokreślony błąd. Przyczyna: Do działania sterownika filtru jest wymagany aktualny aparat. W celu włączenia ochrony w czasie rzeczywistym musisz zainstalować najnowsze aktualizacje analiz zabezpieczeń. Date: 2021-02-28 21:13:39 Description: Agent ochrony w czasie rzeczywistym produktu Program antywirusowy Microsoft Defender wykrył błąd i jego uruchomienie nie powiodło się. Funkcja: Monitorowanie zachowania Kod błędu: 0x80004005 Opis błędu: Nieokreślony błąd. Przyczyna: Do działania sterownika filtru jest wymagany aktualny aparat. W celu włączenia ochrony w czasie rzeczywistym musisz zainstalować najnowsze aktualizacje analiz zabezpieczeń. Date: 2021-02-26 00:08:11 Description: Agent ochrony w czasie rzeczywistym produktu Program antywirusowy Microsoft Defender wykrył błąd i jego uruchomienie nie powiodło się. Funkcja: Monitorowanie zachowania Kod błędu: 0x80004005 Opis błędu: Nieokreślony błąd. Przyczyna: Do działania sterownika filtru jest wymagany aktualny aparat. W celu włączenia ochrony w czasie rzeczywistym musisz zainstalować najnowsze aktualizacje analiz zabezpieczeń. Date: 2021-02-15 09:35:32 Description: Agent ochrony w czasie rzeczywistym produktu Program antywirusowy Microsoft Defender wykrył błąd i jego uruchomienie nie powiodło się. Funkcja: Monitorowanie zachowania Kod błędu: 0x80004005 Opis błędu: Nieokreślony błąd. Przyczyna: Do działania sterownika filtru jest wymagany aktualny aparat. W celu włączenia ochrony w czasie rzeczywistym musisz zainstalować najnowsze aktualizacje analiz zabezpieczeń. Date: 2021-02-15 00:34:07 Description: Agent ochrony w czasie rzeczywistym produktu Program antywirusowy Microsoft Defender wykrył błąd i jego uruchomienie nie powiodło się. Funkcja: Monitorowanie zachowania Kod błędu: 0x80004005 Opis błędu: Nieokreślony błąd. Przyczyna: Do działania sterownika filtru jest wymagany aktualny aparat. W celu włączenia ochrony w czasie rzeczywistym musisz zainstalować najnowsze aktualizacje analiz zabezpieczeń. CodeIntegrity: =============== Date: 2021-03-16 17:07:12 Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Program Files\AVG\Antivirus\aswAMSI.dll that did not meet the Windows signing level requirements. Date: 2021-03-16 17:04:06 Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume3\Program Files\AVG\Antivirus\aswhook.dll that did not meet the Microsoft signing level requirements. ==================== Statystyki pamięci =========================== BIOS: Insyde F.24 09/25/2017 Płyta główna: HP 8328 Procesor: Intel(R) Core(TM) i3-6006U CPU @ 2.00GHz Procent pamięci w użyciu: 73% Całkowita pamięć fizyczna: 8108.91 MB Dostępna pamięć fizyczna: 2108.87 MB Całkowita pamięć wirtualna: 10668.91 MB Dostępna pamięć wirtualna: 3206.95 MB ==================== Dyski ================================ Drive c: (Windows) (Fixed) (Total:915.82 GB) (Free:787.33 GB) NTFS Drive d: (RECOVERY) (Fixed) (Total:14.46 GB) (Free:14.39 GB) NTFS \\?\Volume{fefbab92-21e6-4e7e-8a8a-9c11ad339671}\ (Windows RE tools) (Fixed) (Total:0.96 GB) (Free:0.36 GB) NTFS \\?\Volume{eb8848f9-f507-453a-b681-560fad9fa56c}\ () (Fixed) (Total:0.25 GB) (Free:0.16 GB) FAT32 ==================== MBR & Tablica partycji ==================== ========================================================== Disk: 0 (Size: 931.5 GB) (Disk ID: 834607F1) Partition: GPT. ==================== Koniec Addition.txt =======================