Rezultaty skanu uzupełniającego Farbar Recovery Scan Tool (x64) Wersja: 16-10-2022 Uruchomiony przez pszen (23-10-2022 10:29:27) Uruchomiony z C:\Users\pszen\Downloads Microsoft Windows 10 Home Wersja 21H1 19043.2130 (X64) (2022-03-29 14:37:20) Tryb startu: Normal ========================================================== ==================== Konta użytkowników: ============================= (Załączenie wejścia w fixlist spowoduje jego usunięcie.) Administrator (S-1-5-21-4099042752-900424334-1160265230-500 - Administrator - Disabled) defaultuser0 (S-1-5-21-4099042752-900424334-1160265230-1000 - Limited - Enabled) => C:\Users\defaultuser0 Gość (S-1-5-21-4099042752-900424334-1160265230-501 - Limited - Disabled) Konto domyślne (S-1-5-21-4099042752-900424334-1160265230-503 - Limited - Disabled) pszen (S-1-5-21-4099042752-900424334-1160265230-1001 - Administrator - Enabled) => C:\Users\pszen WDAGUtilityAccount (S-1-5-21-4099042752-900424334-1160265230-504 - Limited - Disabled) ==================== Centrum zabezpieczeń ======================== (Załączenie wejścia w fixlist spowoduje jego usunięcie.) AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} ==================== Zainstalowane programy ====================== (W fixlist dozwolone tylko załączanie programów adware z flagą "Hidden" w celu ich uwidocznienia. Programy adware powinny zostać w poprawny sposób odinstalowane.) µTorrent (HKU\S-1-5-21-4099042752-900424334-1160265230-1001\...\uTorrent) (Version: 3.5.5.46248 - BitTorrent Inc.) Adobe Acrobat (64-bit) (HKLM\...\{AC76BA86-1033-FF00-7760-BC15014EA700}) (Version: 22.003.20258 - Adobe) Adobe Refresh Manager (HKLM-x32\...\{AC76BA86-0804-1033-1959-018244601032}) (Version: 1.8.0 - Adobe Systems Incorporated) Hidden ANT Drivers Installer x64 (HKLM\...\{4F35B8FF-E00B-42BB-A6D4-6174BAB0404A}) (Version: 2.3.4 - Garmin Ltd or its subsidiaries) Hidden ASUS Device Activation (HKLM-x32\...\{9C4B0706-9F9A-47BF-B417-0A111FC52B04}) (Version: 1.0.4.0 - ASUSTeK COMPUTER INC.) ASUS Live Update (HKLM-x32\...\{FA540E67-095C-4A1B-97BA-4D547DEC9AF4}) (Version: 3.6.8 - ASUSTeK COMPUTER INC.) ASUS Smart Gesture (HKLM-x32\...\{4D3286A6-F6AB-498A-82A4-E4F040529F3D}) (Version: 4.0.17 - ASUS) ASUS Splendid Video Enhancement Technology (HKLM-x32\...\{0969AF05-4FF6-4C00-9406-43599238DE0D}) (Version: 3.19.0004 - ASUS) ASUS USB Charger Plus (HKLM-x32\...\{A859E3E5-C62F-4BFA-AF1D-2B95E03166AF}) (Version: 4.1.7 - ASUS) ATK Package (HKLM-x32\...\{AB5C933E-5C7D-4D30-B314-9C83A49B94BE}) (Version: 1.0.0043 - ASUS) AudioWizard (HKLM-x32\...\{57E770A2-2BAF-4CAA-BAA3-BD896E2254D3}) (Version: 1.0.2.9 - ICEpower a/s) Avaya one-X Agent - 2.5.14 (HKLM-x32\...\{58D3DB71-90EA-43DE-A89F-5FF4A3D88713}) (Version: 2.5.60411.0 - Avaya) Car MP3 Organizer 1.0 BETA (HKLM-x32\...\Car MP3 Organizer 1.0 BETA) (Version: 1.0 BETA - Tobias Croby) Cisco AnyConnect Diagnostics and Reporting Tool (HKLM-x32\...\{0FB3AC84-0C82-478F-BD1E-A2826FC8A9E0}) (Version: 4.10.03104 - Cisco Systems, Inc.) Cisco AnyConnect Posture Module (HKLM-x32\...\{19F4F0C0-8B20-44B8-B8AD-1FF3950D39C9}) (Version: 4.10.03104 - Cisco Systems, Inc.) Cisco AnyConnect Secure Mobility Client (HKLM-x32\...\Cisco AnyConnect Secure Mobility Client) (Version: 4.10.03104 - Cisco Systems, Inc.) Cisco AnyConnect Secure Mobility Client (HKLM-x32\...\{A4076314-DE10-4FEB-A977-A3AF859B4073}) (Version: 4.10.03104 - Cisco Systems, Inc.) Hidden Cisco AnyConnect Start Before Login Module (HKLM-x32\...\{C978387D-32B2-4A21-A7C3-49B6D36176F4}) (Version: 4.10.03104 - Cisco Systems, Inc.) Device Setup (HKLM-x32\...\{8D6B05E0-F457-408C-9D13-549334D8FAE1}) (Version: 2.2.5 - ASUSTek COMPUTER INC.) Elevated Installer (HKLM-x32\...\{5383BE8D-5852-4FE5-A290-1B231C4A322C}) (Version: 7.14.0.0 - Garmin Ltd or its subsidiaries) Hidden Garmin Express (HKLM-x32\...\{5bc116de-415f-4087-a55b-ffa07751c0d1}) (Version: 7.14.0.0 - Garmin Ltd or its subsidiaries) Garmin Express (HKLM-x32\...\{BB1DCEBC-FD41-4EA7-8F74-168B91D032F1}) (Version: 7.14.0.0 - Garmin Ltd or its subsidiaries) Hidden GG (HKU\S-1-5-21-4099042752-900424334-1160265230-1001\...\GG) (Version: 12 - England Sp. z o.o.) Google Chrome (HKLM-x32\...\Google Chrome) (Version: 106.0.5249.119 - Google LLC) Intel(R) Chipset Device Software (HKLM\...\{47DC837D-ECA6-49AF-9904-1427BB94EF4C}) (Version: 10.1.1.27 - Intel Corporation) Hidden Intel(R) Chipset Device Software (HKLM-x32\...\{61a0f1f5-c77e-4992-ba85-029f93cd8d18}) (Version: 10.1.1.27 - Intel(R) Corporation) Hidden Intel(R) Dynamic Platform and Thermal Framework (HKLM-x32\...\{654EE65D-FAA4-4EA6-8C07-DC94E6A304D4}) (Version: 8.2.10900.330 - Intel Corporation) Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 11.5.0.1015 - Intel Corporation) Intel(R) Management Engine Components (HKLM\...\{8E1338CD-2B65-47CB-94F1-8092443EC46B}) (Version: 1.0.0.0 - Intel Corporation) Hidden Intel(R) Management Engine Components (HKLM\...\{E04E7192-DD1D-4266-80F3-D5C94E264B9D}) (Version: 11.5.0.1015 - Intel Corporation) Hidden Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 21.20.16.4550 - Intel Corporation) Intel(R) Serial IO (HKLM\...\{958B0D39-70C4-4C0A-A09C-2DBC9DF499FF}) (Version: 30.63.1620.03 - Intel Corporation) Hidden Intel(R) Serial IO (HKLM\...\{9FD91C5C-44AE-4D9D-85BE-AE52816B0294}) (Version: 30.63.1620.3 - Intel Corporation) Intel® Security Assist (HKLM-x32\...\{8B08DDA1-FDE7-4897-8EB6-E0B048A6D88B}) (Version: 1.0.1.618 - Intel Corporation) Intel® Trusted Connect Service Client (HKLM\...\{3973721B-C2ED-4505-98B6-752897ECF2F1}) (Version: 1.42.680.1 - Intel Corporation) Hidden Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 106.0.1370.52 - Microsoft Corporation) Microsoft Office Professional Plus 2016 - en-us (HKLM\...\ProPlusRetail - en-us) (Version: 16.0.15629.20208 - Microsoft Corporation) Microsoft Office Professional Plus 2016 - pl-pl (HKLM\...\ProPlusRetail - pl-pl) (Version: 16.0.15629.20208 - Microsoft Corporation) Microsoft OneDrive (HKLM\...\OneDriveSetup.exe) (Version: 22.196.0918.0001 - Microsoft Corporation) Microsoft Update Health Tools (HKLM\...\{7B1FCD52-8F6B-4F12-A143-361EA39F5E7C}) (Version: 3.67.0.0 - Microsoft Corporation) Microsoft VC++ redistributables repacked. (HKLM\...\{4AF02DE3-3947-42DF-851B-DDC8D188F456}) (Version: 12.0.0.0 - Intel Corporation) Hidden Microsoft VC++ redistributables repacked. (HKLM-x32\...\{139E6421-AE9D-4D73-9DD5-F8E8B5E86FB4}) (Version: 12.0.0.0 - Intel Corporation) Hidden Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319 (HKLM-x32\...\{196BB40D-1578-3D01-B289-BEFC77A11A1E}) (Version: 10.0.30319 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{7f51bdb9-ee21-49ee-94d6-90afc321780e}) (Version: 12.0.21005.1 - Microsoft Corporation) Microsoft Visual C++ 2013 x64 Additional Runtime - 12.0.21005 (HKLM\...\{929FBD26-9020-399B-9A7A-751D61F0B942}) (Version: 12.0.21005 - Microsoft Corporation) Hidden Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.21005 (HKLM\...\{A749D8E6-B613-3BE3-8F5F-045C84EBA29B}) (Version: 12.0.21005 - Microsoft Corporation) Hidden Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.23506 (HKLM-x32\...\{3ee5e5bb-b7cc-4556-8861-a00a82977d6c}) (Version: 14.0.23506.0 - Microsoft Corporation) Microsoft Visual C++ 2015 x64 Additional Runtime - 14.0.23506 (HKLM\...\{B0B194F8-E0CE-33FE-AA11-636428A4B73D}) (Version: 14.0.23506 - Microsoft Corporation) Hidden Microsoft Visual C++ 2015 x64 Minimum Runtime - 14.0.23506 (HKLM\...\{A1C31BA5-5438-3A07-9EEE-A5FB2D0FDE36}) (Version: 14.0.23506 - Microsoft Corporation) Hidden Microsoft Visual C++ 2015-2019 Redistributable (x86) - 14.23.27820 (HKLM-x32\...\{45231ab4-69fd-486a-859d-7a59fcd11013}) (Version: 14.23.27820.0 - Microsoft Corporation) Microsoft Visual C++ 2019 X86 Additional Runtime - 14.23.27820 (HKLM-x32\...\{86BE78D9-65A1-4E69-86F8-C1F5281F8553}) (Version: 14.23.27820 - Microsoft Corporation) Hidden Microsoft Visual C++ 2019 X86 Minimum Runtime - 14.23.27820 (HKLM-x32\...\{00AC3934-26B4-406E-807C-1692AC7329EC}) (Version: 14.23.27820 - Microsoft Corporation) Hidden NapiProjekt (2.2.0.2399) (HKLM-x32\...\NapiProjekt_is1) (Version: - ) NVIDIA GeForce Experience 2.11.3.5 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.11.3.5 - NVIDIA Corporation) NVIDIA Graphics Driver 362.60 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 362.60 - NVIDIA Corporation) NVIDIA PhysX System Software 9.15.0428 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.15.0428 - NVIDIA Corporation) Office 16 Click-to-Run Extensibility Component (HKLM-x32\...\{90160000-008C-0000-0000-0000000FF1CE}) (Version: 16.0.15629.20118 - Microsoft Corporation) Hidden Office 16 Click-to-Run Extensibility Component 64-bit Registration (HKLM\...\{90160000-00DD-0000-1000-0000000FF1CE}) (Version: 16.0.15629.20118 - Microsoft Corporation) Hidden Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-008F-0000-1000-0000000FF1CE}) (Version: 16.0.15629.20156 - Microsoft Corporation) Hidden Office 16 Click-to-Run Localization Component (HKLM-x32\...\{90160000-008C-0415-0000-0000000FF1CE}) (Version: 16.0.15629.20118 - Microsoft Corporation) Hidden Opanda IExif 2.3 (HKLM-x32\...\Opanda IExif_is1) (Version: 2.3 - Opanda Studio) Pakiet sterowników systemu Windows - Dynastream Innovations, Inc. ANT LibUSB Drivers (04/11/2012 1.2.40.201) (HKLM\...\F9D2A789F9CFF8CEC36B544F53877C80F1F73C46) (Version: 04/11/2012 1.2.40.201 - Dynastream Innovations, Inc.) Pakiet sterowników systemu Windows - Silicon Labs Software (DSI_SiUSBXp_3_1) USB (02/06/2007 3.1) (HKLM\...\D1506E0025B5A3F9EB8270FE81C1EEDD9388B8A2) (Version: 02/06/2007 3.1 - Silicon Labs Software) Qualcomm Atheros 11ac Wireless LAN&Bluetooth Installer (HKLM-x32\...\{3241744A-BA36-41F0-B4AA-EF3946D00632}) (Version: 11.0.0.10373 - Qualcomm Atheros) Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 10.0.10586.31225 - Realtek Semiconduct Corp.) Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 10.9.422.2016 - Realtek) Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7824 - Realtek Semiconductor Corp.) Sprawdzanie kondycji komputera z systemem Windows (HKLM\...\{41E85393-7ED3-4C54-AC25-51F8CDF39CDF}) (Version: 3.6.2204.08001 - Microsoft Corporation) Środowisko uruchomieniowe Microsoft Edge WebView2 (HKLM-x32\...\Microsoft EdgeWebView) (Version: 106.0.1370.52 - Microsoft Corporation) TeamViewer 11 (HKLM-x32\...\TeamViewer) (Version: 11.0.59518 - TeamViewer) uTorrent Web (HKU\S-1-5-21-4099042752-900424334-1160265230-1001\...\utweb) (Version: 1.2.8 - Rainberry, Inc.) Windows Driver Package - ASUS (AsusSGDrv) Mouse (11/14/2016 8.0.0.26) (HKLM\...\F2F863C5091CD775A1EC34759959219D836FDA66) (Version: 11/14/2016 8.0.0.26 - ASUS) WinFlash (HKLM-x32\...\{8F21291E-0444-4B1D-B9F9-4370A73E346D}) (Version: 3.2.2 - ASUSTeK COMPUTER INC.) WinRAR 6.10 (64-bitowy) (HKLM\...\WinRAR archiver) (Version: 6.10.0 - win.rar GmbH) WPS Office for ASUS (HKLM-x32\...\Kingsoft Office) (Version: 10.1.0.5644 - Kingsoft Corp.) Packages: ========= Dodatek Aparat multimediów dla aplikacji Zdjęcia -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2022-04-27] (Microsoft Corporation) HP Smart -> C:\Program Files\WindowsApps\AD2F1837.HPPrinterControl_139.2.289.0_x64__v10z8vjag6ke6 [2022-09-21] (HP Inc.) iTunes -> C:\Program Files\WindowsApps\AppleInc.iTunes_12125.8.57037.0_x64__nzyj5cx40ttqa [2022-09-14] (Apple Inc.) [Startup Task] Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.14.9130.0_x64__8wekyb3d8bbwe [2022-09-18] (Microsoft Studios) [MS Ad] Rozszerzenie wideo MPEG-2 -> C:\Program Files\WindowsApps\Microsoft.MPEG2VideoExtension_1.0.50901.0_x64__8wekyb3d8bbwe [2022-06-02] (Microsoft Corporation) ==================== Niestandardowe rejestracje CLSID (filtrowane): ============== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) ShellIconOverlayIdentifiers: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Program Files\Microsoft OneDrive\22.196.0918.0001\FileSyncShell64.dll [2022-10-11] (Microsoft Corporation -> Microsoft Corporation) ShellIconOverlayIdentifiers: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => C:\Program Files\Microsoft OneDrive\22.196.0918.0001\FileSyncShell64.dll [2022-10-11] (Microsoft Corporation -> Microsoft Corporation) ShellIconOverlayIdentifiers: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => C:\Program Files\Microsoft OneDrive\22.196.0918.0001\FileSyncShell64.dll [2022-10-11] (Microsoft Corporation -> Microsoft Corporation) ShellIconOverlayIdentifiers: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Program Files\Microsoft OneDrive\22.196.0918.0001\FileSyncShell64.dll [2022-10-11] (Microsoft Corporation -> Microsoft Corporation) ShellIconOverlayIdentifiers: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Program Files\Microsoft OneDrive\22.196.0918.0001\FileSyncShell64.dll [2022-10-11] (Microsoft Corporation -> Microsoft Corporation) ShellIconOverlayIdentifiers: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => C:\Program Files\Microsoft OneDrive\22.196.0918.0001\FileSyncShell64.dll [2022-10-11] (Microsoft Corporation -> Microsoft Corporation) ShellIconOverlayIdentifiers: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => C:\Program Files\Microsoft OneDrive\22.196.0918.0001\FileSyncShell64.dll [2022-10-11] (Microsoft Corporation -> Microsoft Corporation) ShellIconOverlayIdentifiers-x32: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Program Files\Microsoft OneDrive\22.196.0918.0001\FileSyncShell64.dll [2022-10-11] (Microsoft Corporation -> Microsoft Corporation) ShellIconOverlayIdentifiers-x32: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => C:\Program Files\Microsoft OneDrive\22.196.0918.0001\FileSyncShell64.dll [2022-10-11] (Microsoft Corporation -> Microsoft Corporation) ShellIconOverlayIdentifiers-x32: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => C:\Program Files\Microsoft OneDrive\22.196.0918.0001\FileSyncShell64.dll [2022-10-11] (Microsoft Corporation -> Microsoft Corporation) ShellIconOverlayIdentifiers-x32: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Program Files\Microsoft OneDrive\22.196.0918.0001\FileSyncShell64.dll [2022-10-11] (Microsoft Corporation -> Microsoft Corporation) ShellIconOverlayIdentifiers-x32: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Program Files\Microsoft OneDrive\22.196.0918.0001\FileSyncShell64.dll [2022-10-11] (Microsoft Corporation -> Microsoft Corporation) ShellIconOverlayIdentifiers-x32: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => C:\Program Files\Microsoft OneDrive\22.196.0918.0001\FileSyncShell64.dll [2022-10-11] (Microsoft Corporation -> Microsoft Corporation) ShellIconOverlayIdentifiers-x32: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => C:\Program Files\Microsoft OneDrive\22.196.0918.0001\FileSyncShell64.dll [2022-10-11] (Microsoft Corporation -> Microsoft Corporation) ContextMenuHandlers1: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files\Microsoft OneDrive\22.196.0918.0001\FileSyncShell64.dll [2022-10-11] (Microsoft Corporation -> Microsoft Corporation) ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2022-02-02] (win.rar GmbH -> Alexander Roshal) ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2022-02-02] (win.rar GmbH -> Alexander Roshal) ContextMenuHandlers4: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files\Microsoft OneDrive\22.196.0918.0001\FileSyncShell64.dll [2022-10-11] (Microsoft Corporation -> Microsoft Corporation) ContextMenuHandlers5: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files\Microsoft OneDrive\22.196.0918.0001\FileSyncShell64.dll [2022-10-11] (Microsoft Corporation -> Microsoft Corporation) ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> Brak pliku ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\System32\DriverStore\FileRepository\igdlh64.inf_amd64_9f310939ec1eebf9\igfxDTCM.dll [2019-10-30] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation) ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\system32\nvshext.dll [2020-07-05] (NVIDIA Corporation -> NVIDIA Corporation) ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2022-02-02] (win.rar GmbH -> Alexander Roshal) ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2022-02-02] (win.rar GmbH -> Alexander Roshal) ==================== Codecs (filtrowane) ==================== ==================== Skróty & WMI ======================== ==================== Załadowane moduły (filtrowane) ============= 2020-11-27 04:38 - 2020-11-27 04:38 - 000961536 _____ () [Brak podpisu cyfrowego] [Plik w użyciu] C:\Program Files (x86)\Garmin\Express\CefSharp.BrowserSubprocess.Core.dll 2020-11-27 04:38 - 2020-11-27 04:38 - 001446400 _____ () [Brak podpisu cyfrowego] [Plik w użyciu] C:\Program Files (x86)\Garmin\Express\CefSharp.Core.dll 2022-09-20 09:35 - 2022-09-20 09:35 - 000073216 _____ () [Brak podpisu cyfrowego] [Plik w użyciu] C:\Program Files (x86)\Garmin\Express\FixBootSector.dll 2017-05-08 10:35 - 2017-05-08 10:35 - 000325632 _____ () [Brak podpisu cyfrowego] [Plik w użyciu] C:\Program Files (x86)\Garmin\Express\GpsImgWrapper.dll 2020-11-18 10:14 - 2020-11-18 10:14 - 117340672 _____ () [Brak podpisu cyfrowego] C:\Program Files (x86)\Garmin\Express\libcef.dll 2020-11-18 08:40 - 2020-11-18 08:40 - 000323072 _____ () [Brak podpisu cyfrowego] C:\Program Files (x86)\Garmin\Express\libegl.dll 2020-11-18 08:40 - 2020-11-18 08:40 - 005441536 _____ () [Brak podpisu cyfrowego] C:\Program Files (x86)\Garmin\Express\libglesv2.dll 2022-09-20 09:35 - 2022-09-20 09:35 - 001976832 _____ (Apache Software Foundation) [Brak podpisu cyfrowego] C:\Program Files (x86)\Garmin\Express\XercesLib.dll 2022-09-20 09:41 - 2022-09-20 09:41 - 000234496 _____ (Dynastream Innovations Inc.) [Brak podpisu cyfrowego] C:\Program Files (x86)\Garmin\Express\ANT_WrappedLib.dll 2022-09-20 09:35 - 2022-09-20 09:35 - 002711552 _____ (Garmin International) [Brak podpisu cyfrowego] [Plik w użyciu] C:\Program Files (x86)\Garmin\Express\legacyio.dll 2017-05-08 10:35 - 2017-05-08 10:35 - 000343552 _____ (Garmin International, Inc.) [Brak podpisu cyfrowego] C:\Program Files (x86)\Garmin\Express\IMG_GPSMAP.dll 2022-09-20 09:35 - 2022-09-20 09:35 - 000425472 _____ (Garmin) [Brak podpisu cyfrowego] C:\Program Files (x86)\Garmin\Express\XMLdll.dll 2022-03-29 18:35 - 2022-03-29 18:35 - 000000000 ____L (Microsoft Corporation) [simlink -> C:\Program Files\Common Files\Microsoft Shared\ClickToRun\AppvIsvSubsystems32.dll] C:\Program Files (x86)\Microsoft Office\root\Office16\AppVIsvSubsystems32.dll 2022-03-29 18:35 - 2022-03-29 18:35 - 000000000 ____L (Microsoft Corporation) [simlink -> C:\Program Files\Common Files\Microsoft Shared\ClickToRun\C2R32.dll] C:\Program Files (x86)\Microsoft Office\root\Office16\c2r32.dll 2017-03-30 16:26 - 2016-05-02 07:39 - 001298824 _____ (NVIDIA Corporation PE Sign v2014 -> NVIDIA Corporation) [Brak podpisu cyfrowego] C:\Program Files\NVIDIA Corporation\NvStreamSrv\rxinput.dll 2022-09-20 09:39 - 2022-09-20 09:39 - 000090112 _____ (Silicon Laboratories, Inc.) [Brak podpisu cyfrowego] C:\Program Files (x86)\Garmin\Express\DSI_SiUSBXp_3_1.DLL 2020-11-18 08:39 - 2020-11-18 08:39 - 000843264 _____ (The Chromium Authors) [Brak podpisu cyfrowego] C:\Program Files (x86)\Garmin\Express\chrome_elf.dll ==================== Alternate Data Streams (filtrowane) ======== ==================== Tryb awaryjny (filtrowane) ================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Wartość "AlternateShell" zostanie przywrócona.) HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\McMPFSvc => ""="Service" ==================== Powiązania plików (filtrowane) ================= ==================== Internet Explorer (filtrowane) ========== HKU\S-1-5-21-4099042752-900424334-1160265230-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://asus17win10.msn.com/?pc=ASTE HKU\S-1-5-21-4099042752-900424334-1160265230-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://asus17win10.msn.com/?pc=ASTE SearchScopes: HKU\S-1-5-21-4099042752-900424334-1160265230-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-21-4099042752-900424334-1160265230-1001 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2022-08-09] (Microsoft Corporation -> Microsoft Corporation) BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\Office16\OCHelper.dll [2022-08-09] (Microsoft Corporation -> Microsoft Corporation) BHO-x32: Brak nazwy -> {E6DF0B46-7D6F-407A-A6A2-62D17A021A9A} -> Brak pliku Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2022-09-29] (Microsoft Corporation -> Microsoft Corporation) Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2022-09-29] (Microsoft Corporation -> Microsoft Corporation) Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2022-09-29] (Microsoft Corporation -> Microsoft Corporation) Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2022-09-29] (Microsoft Corporation -> Microsoft Corporation) ==================== Hosts - zawartość: ========================= (Użycie dyrektywy Hosts: w fixlist spowoduje reset pliku Hosts.) 2016-07-16 13:47 - 2016-07-16 13:45 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts ==================== Inne obszary =========================== (Obecnie brak automatycznej naprawy dla tej sekcji.) HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Intel\iCLS Client\;C:\Program Files\Intel\iCLS Client\;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files\Intel\Intel(R) Management Engine Components\IPT;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;%SYSTEMROOT%\System32\OpenSSH\ HKU\S-1-5-21-4099042752-900424334-1160265230-1000\Control Panel\Desktop\\Wallpaper -> C:\Windows\Web\Wallpaper\Windows\img0.jpg HKU\S-1-5-21-4099042752-900424334-1160265230-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\pszen\AppData\Local\Microsoft\Windows\Themes\RoamedThemeFiles\DesktopBackground\{1750c9d0-526b-4fff-8a9a-728a85016506}.jpg DNS Servers: 192.168.0.1 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1) HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin) Zapora systemu Windows [funkcja włączona] ==================== MSCONFIG/TASK MANAGER - Wyłączone elementy == (Załączenie wejścia w fixlist spowoduje jego usunięcie.) HKU\S-1-5-21-4099042752-900424334-1160265230-1001\...\StartupApproved\Run: => "MicrosoftEdgeAutoLaunch_1BE92F778BA5D780E6461ABE58FBFEA9" HKU\S-1-5-21-4099042752-900424334-1160265230-1001\...\StartupApproved\Run: => "OneDrive" HKU\S-1-5-21-4099042752-900424334-1160265230-1001\...\StartupApproved\Run: => "ut" HKU\S-1-5-21-4099042752-900424334-1160265230-1001\...\StartupApproved\Run: => "utweb" HKU\S-1-5-21-4099042752-900424334-1160265230-1001\...\StartupApproved\Run: => "GG" ==================== Reguły Zapory systemu Windows (filtrowane) ================ (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) FirewallRules: [{C1FDF6A0-BCF5-47AC-BF38-3BA3F8496AF7}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation) FirewallRules: [{0C8B7AA4-0580-4652-867A-ED036CA182F8}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation) FirewallRules: [{6FFDB3FF-0001-4E4B-B253-CD252F8BA592}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe (NVIDIA Corporation -> NVIDIA Corporation) FirewallRules: [{3B81CEE4-2B5F-4810-966C-9920713F3CF2}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe (NVIDIA Corporation -> NVIDIA Corporation) FirewallRules: [{78F43FC5-B6B0-4608-B2FD-FE106238EBC3}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe (NVIDIA Corporation -> NVIDIA Corporation) FirewallRules: [{FC9674E5-E37C-4841-8D64-097320152E5E}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe (NVIDIA Corporation -> NVIDIA Corporation) FirewallRules: [{250ADDB2-9CFE-44A4-A462-93878B63A5FE}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe (NVIDIA Corporation -> NVIDIA Corporation) FirewallRules: [{23D9C523-3687-4263-8562-1D7E55577FEB}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer -> TeamViewer GmbH) FirewallRules: [{29C8D9D1-A0FD-43E0-A83A-7C9D36E84DBB}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer -> TeamViewer GmbH) FirewallRules: [{EA6D6C7C-A29A-4324-BF2E-1F98C6FD41EF}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer -> TeamViewer GmbH) FirewallRules: [{0E2EE5A1-71F4-47AA-904B-CAE10D510B60}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer -> TeamViewer GmbH) FirewallRules: [TCP Query User{3BA73578-5F0E-4D29-BDC4-8CCC1F671CA1}C:\program files (x86)\avaya\avaya one-x agent\sparkemulator.exe] => (Allow) C:\program files (x86)\avaya\avaya one-x agent\sparkemulator.exe (Avaya, Inc.) [Brak podpisu cyfrowego] FirewallRules: [UDP Query User{ABFDFF7E-72FA-4D0F-A4F0-21C1802F2923}C:\program files (x86)\avaya\avaya one-x agent\sparkemulator.exe] => (Allow) C:\program files (x86)\avaya\avaya one-x agent\sparkemulator.exe (Avaya, Inc.) [Brak podpisu cyfrowego] FirewallRules: [{5AAC7A78-3F9E-4BC8-8F2E-8BF613533004}] => (Block) C:\program files (x86)\avaya\avaya one-x agent\sparkemulator.exe (Avaya, Inc.) [Brak podpisu cyfrowego] FirewallRules: [{B65E1837-5D20-423F-8008-79D543E2BD74}] => (Block) C:\program files (x86)\avaya\avaya one-x agent\sparkemulator.exe (Avaya, Inc.) [Brak podpisu cyfrowego] FirewallRules: [{42284E47-330F-4806-A282-6646A8FBB4F2}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [{F41A0AD1-DF80-46C8-98EC-6DD258D2D2CF}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [{E8926726-2208-4CDB-A71A-8850A13D0E71}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [{02E87EA1-4097-41E4-A5E3-FA8A87B65B10}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [{7660BD3C-AFC6-4F74-A57E-A04C41BE272E}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [TCP Query User{D22C75CB-96EB-440B-801C-0FC7D3430269}C:\program files (x86)\avaya\avaya one-x agent\winvnc.exe] => (Block) C:\program files (x86)\avaya\avaya one-x agent\winvnc.exe (uvnc bvba -> UltraVNC) FirewallRules: [UDP Query User{00A0F7B6-394D-4352-9CDF-AA383800B9AB}C:\program files (x86)\avaya\avaya one-x agent\winvnc.exe] => (Block) C:\program files (x86)\avaya\avaya one-x agent\winvnc.exe (uvnc bvba -> UltraVNC) FirewallRules: [{50C4DFB7-AD64-4194-BECD-73941957DF69}] => (Allow) C:\Program Files (x86)\NapiProjekt\napisy.exe () [Brak podpisu cyfrowego] FirewallRules: [{7E1CB67D-57DC-49DA-8164-BEC7543D4529}] => (Allow) C:\Program Files (x86)\NapiProjekt\napisy.exe () [Brak podpisu cyfrowego] FirewallRules: [{BE1E5F6F-95A7-44B4-9B56-5557A277B415}] => (Allow) C:\Users\pszen\AppData\Roaming\uTorrent Web\utweb.exe (BitTorrent Inc -> BitTorrent Inc.) FirewallRules: [{F15C67A4-614B-45FE-9B5F-76CE2504A435}] => (Allow) C:\Users\pszen\AppData\Roaming\uTorrent Web\utweb.exe (BitTorrent Inc -> BitTorrent Inc.) FirewallRules: [{E0CEC05E-8C52-43ED-835F-890A1C88679F}] => (Allow) C:\Users\pszen\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc -> BitTorrent Inc.) FirewallRules: [{1F38931C-359E-43CC-A6CF-28C9AD10696A}] => (Allow) C:\Users\pszen\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc -> BitTorrent Inc.) FirewallRules: [TCP Query User{3FC89B7A-540C-45A1-99E0-74AC0B52549E}C:\users\pszen\appdata\roaming\utorrent web\utweb.exe] => (Block) C:\users\pszen\appdata\roaming\utorrent web\utweb.exe (BitTorrent Inc -> BitTorrent Inc.) FirewallRules: [UDP Query User{A5190C12-73EE-4501-B06E-830B49DCDBA3}C:\users\pszen\appdata\roaming\utorrent web\utweb.exe] => (Block) C:\users\pszen\appdata\roaming\utorrent web\utweb.exe (BitTorrent Inc -> BitTorrent Inc.) FirewallRules: [{349095C2-9914-4F27-9067-CC1D1744BC12}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12125.8.57037.0_x64__nzyj5cx40ttqa\iTunes.exe (Apple Inc. -> Apple Inc.) FirewallRules: [{4594E38C-BF6C-4B0A-8869-E159B87A35A6}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12125.8.57037.0_x64__nzyj5cx40ttqa\iTunes.exe (Apple Inc. -> Apple Inc.) FirewallRules: [{8EDF2616-9B2E-4A4C-BCA5-323D0AB58873}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12125.8.57037.0_x64__nzyj5cx40ttqa\iTunes.exe (Apple Inc. -> Apple Inc.) FirewallRules: [{A4741B54-3DF9-4588-9524-ADCC836A0CEA}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12125.8.57037.0_x64__nzyj5cx40ttqa\iTunes.exe (Apple Inc. -> Apple Inc.) FirewallRules: [{0FFB5AA9-F58E-4B2A-B80B-DAB851C06513}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12125.8.57037.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe (Apple Inc. -> Apple Inc.) FirewallRules: [{B26BE253-C0FC-460E-90D3-6799AA2F3CC7}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12125.8.57037.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe (Apple Inc. -> Apple Inc.) FirewallRules: [{08C84502-5460-4BFE-990D-1F142D271BC7}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12125.8.57037.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe (Apple Inc. -> Apple Inc.) FirewallRules: [{515483B6-A070-407A-9F4F-4D75B57EB1B1}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12125.8.57037.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe (Apple Inc. -> Apple Inc.) FirewallRules: [{49F682D3-142F-4018-B970-60CC565AD800}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC) FirewallRules: [{3B9271D8-40C5-400A-9025-FE5CC78268C3}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.89.3403.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.) FirewallRules: [{041604F9-7ADD-4795-B38F-D2EB4A186D31}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.89.3403.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.) FirewallRules: [{2F348CB6-1130-411F-92AC-2749A26ECB47}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.89.3403.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.) FirewallRules: [{11D99DCC-103B-4E6F-A505-9FC84FA607A1}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.89.3403.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.) FirewallRules: [{AAE7260B-1DAC-4544-BACB-846865B3F09E}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\106.0.1370.52\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation) ==================== Punkty Przywracania systemu ========================= UWAGA: Przywracanie systemu jest wyłączone (Total:118.48 GB) (Free:31.51 GB) (27%) ==================== Wadliwe urządzenia w Menedżerze urządzeń ============ Name: Cisco AnyConnect Secure Mobility Client Virtual Miniport Adapter for Windows x64 Description: Cisco AnyConnect Secure Mobility Client Virtual Miniport Adapter for Windows x64 Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318} Manufacturer: Cisco Systems Service: vpnva Problem: : This device is disabled. (Code 22) Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions. ==================== Błędy w Dzienniku zdarzeń: ======================== Dziennik Aplikacja: ================== Error: (10/23/2022 10:30:24 AM) (Source: Software Protection Platform Service) (EventID: 16385) (User: ) Description: Nie można zaplanować restartu usługi ochrony oprogramowania o 2022-11-22T06:59:24Z. Kod błędu: 0x80070002. Error: (10/23/2022 10:29:54 AM) (Source: Software Protection Platform Service) (EventID: 16385) (User: ) Description: Nie można zaplanować restartu usługi ochrony oprogramowania o 2022-11-22T06:59:54Z. Kod błędu: 0x80070002. Error: (10/23/2022 10:29:24 AM) (Source: Software Protection Platform Service) (EventID: 16385) (User: ) Description: Nie można zaplanować restartu usługi ochrony oprogramowania o 2022-11-22T06:59:24Z. Kod błędu: 0x80070002. Error: (10/23/2022 10:28:54 AM) (Source: Software Protection Platform Service) (EventID: 16385) (User: ) Description: Nie można zaplanować restartu usługi ochrony oprogramowania o 2022-11-22T06:59:54Z. Kod błędu: 0x80070002. Error: (10/23/2022 10:28:24 AM) (Source: Software Protection Platform Service) (EventID: 16385) (User: ) Description: Nie można zaplanować restartu usługi ochrony oprogramowania o 2022-11-22T06:59:24Z. Kod błędu: 0x80070002. Error: (10/23/2022 10:27:54 AM) (Source: Software Protection Platform Service) (EventID: 16385) (User: ) Description: Nie można zaplanować restartu usługi ochrony oprogramowania o 2022-11-22T06:59:54Z. Kod błędu: 0x80070002. Error: (10/23/2022 10:27:24 AM) (Source: Software Protection Platform Service) (EventID: 16385) (User: ) Description: Nie można zaplanować restartu usługi ochrony oprogramowania o 2022-11-22T06:59:24Z. Kod błędu: 0x80070002. Error: (10/23/2022 10:26:54 AM) (Source: Software Protection Platform Service) (EventID: 16385) (User: ) Description: Nie można zaplanować restartu usługi ochrony oprogramowania o 2022-11-22T06:59:54Z. Kod błędu: 0x80070002. Dziennik System: ============= Error: (10/23/2022 10:10:09 AM) (Source: Service Control Manager) (EventID: 7009) (User: ) Description: Upłynął limit czasu (45000 ms) podczas oczekiwania na połączenie się z usługą NvStreamNetworkSvc. Error: (10/23/2022 10:10:08 AM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Nie można uruchomić usługi Kingsoft_WPS_UpdateService z powodu następującego błędu: Usługa nie odpowiada na sygnał uruchomienia lub sygnał sterujący w oczekiwanym czasie. Error: (10/23/2022 10:10:08 AM) (Source: Service Control Manager) (EventID: 7009) (User: ) Description: Upłynął limit czasu (45000 ms) podczas oczekiwania na połączenie się z usługą Kingsoft_WPS_UpdateService. Error: (10/23/2022 08:46:46 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: ZARZĄDZANIE NT) Description: Instalacja nie powiodła się: system Windows nie mógł zainstalować następującej aktualizacji, ponieważ wystąpił błąd 0x8024200b: Intel Corporation - Display - 26.20.100.7325. Error: (10/22/2022 09:17:19 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: ZARZĄDZANIE NT) Description: Instalacja nie powiodła się: system Windows nie mógł zainstalować następującej aktualizacji, ponieważ wystąpił błąd 0x80073d02: 9NMPJ99VJBWV-Microsoft.YourPhone. Error: (10/21/2022 02:06:21 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: ZARZĄDZANIE NT) Description: Instalacja nie powiodła się: system Windows nie mógł zainstalować następującej aktualizacji, ponieważ wystąpił błąd 0x8024200b: Intel Corporation - Display - 26.20.100.7325. Error: (10/20/2022 07:37:03 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: ZARZĄDZANIE NT) Description: Instalacja nie powiodła się: system Windows nie mógł zainstalować następującej aktualizacji, ponieważ wystąpił błąd 0x8024200b: Intel Corporation - Display - 26.20.100.7325. Error: (10/18/2022 02:04:30 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: ZARZĄDZANIE NT) Description: Instalacja nie powiodła się: system Windows nie mógł zainstalować następującej aktualizacji, ponieważ wystąpił błąd 0x8024200b: Intel Corporation - Display - 26.20.100.7325. Windows Defender: ================ Date: 2022-10-23 10:04:42 Description: Produkt Program antywirusowy Microsoft Defender wykrył złośliwe oprogramowanie lub inne potencjalnie niechciane oprogramowanie. Aby uzyskać więcej informacji, zobacz: https://go.microsoft.com/fwlink/?linkid=37020&name=HackTool:Win32/AutoKMS&threatid=2147685180&enterprise=0 Nazwa: HackTool:Win32/AutoKMS Identyfikator: 2147685180 Ważność: Wysoki Kategoria: Narzędzie Ścieżka: containerfile:_C:\Users\pszen\Downloads\Aktywator KMSpico.zip; file:_C:\Users\pszen\Downloads\Aktywator KMSpico.zip->KMSpico_setup.exe->(inno#000003)->(inno#000000)->[MSILRES:AutoPico.SECOH-QAD.x86.dll]; file:_C:\Users\pszen\Downloads\Aktywator KMSpico.zip->KMSpico_setup.exe->(inno#000003)->(inno#000000)->[MSILRES:AutoPico.SECOH-QAD.x86.exe]; file:_C:\Users\pszen\Downloads\Aktywator KMSpico.zip->KMSpico_setup.exe->(inno#000003)->(inno#000003)->[MSILRES:KMSELDI.SECOH-QAD.x86.dll]; file:_C:\Users\pszen\Downloads\Aktywator KMSpico.zip->KMSpico_setup.exe->(inno#000003)->(inno#000003)->[MSILRES:KMSELDI.SECOH-QAD.x86.exe]; file:_C:\Users\pszen\Downloads\Aktywator KMSpico.zip->KMSpico_setup.exe->(inno#000003)->(inno#000004)->[MSILRES:Service_KMS.SECOH-QAD.x86.dll]; file:_C:\Users\pszen\Downloads\Aktywator KMSpico.zip->KMSpico_setup.exe->(inno#000003)->(inno#000004)->[MSILRES:Service_KMS.SECOH-QAD.x86.exe]; file:_C:\Users\pszen\Downloads\Aktywator KMSpico.zip->KMSpico_setup.exe->(inno#000003)->(inno#000359); file:_C Pochodzenie wykrycia: Internet Typ wykrycia: Konkretne Źródło wykrycia: System Użytkownik: ZARZĄDZANIE NT\SYSTEM Nazwa procesu: Unknown Wersja analizy zabezpieczeń: AV: 1.377.658.0, AS: 1.377.658.0, NIS: 1.377.658.0 Wersja aparatu: AM: 1.1.19700.3, NIS: 1.1.19700.3 Date: 2022-10-23 10:04:42 Description: Produkt Program antywirusowy Microsoft Defender wykrył złośliwe oprogramowanie lub inne potencjalnie niechciane oprogramowanie. Aby uzyskać więcej informacji, zobacz: https://go.microsoft.com/fwlink/?linkid=37020&name=HackTool:Win64/AutoKMS&threatid=2147723334&enterprise=0 Nazwa: HackTool:Win64/AutoKMS Identyfikator: 2147723334 Ważność: Wysoki Kategoria: Narzędzie Ścieżka: containerfile:_C:\Users\pszen\Downloads\Aktywator KMSpico.zip; file:_C:\Users\pszen\Downloads\Aktywator KMSpico.zip->KMSpico_setup.exe->(inno#000003)->(inno#000000)->[MSILRES:AutoPico.SECOH-QAD.x64.dll]; file:_C:\Users\pszen\Downloads\Aktywator KMSpico.zip->KMSpico_setup.exe->(inno#000003)->(inno#000000)->[MSILRES:AutoPico.SECOH-QAD.x64.exe]; file:_C:\Users\pszen\Downloads\Aktywator KMSpico.zip->KMSpico_setup.exe->(inno#000003)->(inno#000003)->[MSILRES:KMSELDI.SECOH-QAD.x64.dll]; file:_C:\Users\pszen\Downloads\Aktywator KMSpico.zip->KMSpico_setup.exe->(inno#000003)->(inno#000003)->[MSILRES:KMSELDI.SECOH-QAD.x64.exe]; file:_C:\Users\pszen\Downloads\Aktywator KMSpico.zip->KMSpico_setup.exe->(inno#000003)->(inno#000004)->[MSILRES:Service_KMS.SECOH-QAD.x64.dll]; file:_C:\Users\pszen\Downloads\Aktywator KMSpico.zip->KMSpico_setup.exe->(inno#000003)->(inno#000004)->[MSILRES:Service_KMS.SECOH-QAD.x64.exe]; webfile:_C:\Users\pszen\Downloads\Aktywator KMSpico.zip|http://s9588.chomikuj.pl/File.aspx?e=JSNr5bX70yn9k8WzK Pochodzenie wykrycia: Internet Typ wykrycia: Konkretne Źródło wykrycia: Użytkownik Użytkownik: DESKTOP-PKO5OE2\pszen Nazwa procesu: Unknown Wersja analizy zabezpieczeń: AV: 1.377.658.0, AS: 1.377.658.0, NIS: 1.377.658.0 Wersja aparatu: AM: 1.1.19700.3, NIS: 1.1.19700.3 Date: 2022-10-23 10:04:27 Description: Produkt Program antywirusowy Microsoft Defender wykrył złośliwe oprogramowanie lub inne potencjalnie niechciane oprogramowanie. Aby uzyskać więcej informacji, zobacz: https://go.microsoft.com/fwlink/?linkid=37020&name=HackTool:Win32/AutoKMS&threatid=2147685180&enterprise=0 Nazwa: HackTool:Win32/AutoKMS Identyfikator: 2147685180 Ważność: Wysoki Kategoria: Narzędzie Ścieżka: containerfile:_C:\Users\pszen\Downloads\Aktywator KMSpico.zip; file:_C:\Users\pszen\Downloads\Aktywator KMSpico.zip->KMSpico_setup.exe->(inno#000003)->(inno#000000)->[MSILRES:AutoPico.SECOH-QAD.x86.dll]; file:_C:\Users\pszen\Downloads\Aktywator KMSpico.zip->KMSpico_setup.exe->(inno#000003)->(inno#000000)->[MSILRES:AutoPico.SECOH-QAD.x86.exe]; file:_C:\Users\pszen\Downloads\Aktywator KMSpico.zip->KMSpico_setup.exe->(inno#000003)->(inno#000003)->[MSILRES:KMSELDI.SECOH-QAD.x86.dll]; file:_C:\Users\pszen\Downloads\Aktywator KMSpico.zip->KMSpico_setup.exe->(inno#000003)->(inno#000003)->[MSILRES:KMSELDI.SECOH-QAD.x86.exe]; file:_C:\Users\pszen\Downloads\Aktywator KMSpico.zip->KMSpico_setup.exe->(inno#000003)->(inno#000004)->[MSILRES:Service_KMS.SECOH-QAD.x86.dll]; file:_C:\Users\pszen\Downloads\Aktywator KMSpico.zip->KMSpico_setup.exe->(inno#000003)->(inno#000004)->[MSILRES:Service_KMS.SECOH-QAD.x86.exe] Pochodzenie wykrycia: Komputer lokalny Typ wykrycia: Konkretne Źródło wykrycia: System Użytkownik: ZARZĄDZANIE NT\SYSTEM Nazwa procesu: Unknown Wersja analizy zabezpieczeń: AV: 1.377.658.0, AS: 1.377.658.0, NIS: 1.377.658.0 Wersja aparatu: AM: 1.1.19700.3, NIS: 1.1.19700.3 Date: 2022-10-23 10:04:00 Description: Produkt Program antywirusowy Microsoft Defender wykrył złośliwe oprogramowanie lub inne potencjalnie niechciane oprogramowanie. Aby uzyskać więcej informacji, zobacz: https://go.microsoft.com/fwlink/?linkid=37020&name=HackTool:Win32/AutoKMS&threatid=2147685180&enterprise=0 Nazwa: HackTool:Win32/AutoKMS Identyfikator: 2147685180 Ważność: Wysoki Kategoria: Narzędzie Ścieżka: containerfile:_C:\Users\pszen\Downloads\Aktywator KMSpico.zip; file:_C:\Users\pszen\Downloads\Aktywator KMSpico.zip->KMSpico_setup.exe->(inno#000003)->(inno#000000)->[MSILRES:AutoPico.SECOH-QAD.x86.dll]; file:_C:\Users\pszen\Downloads\Aktywator KMSpico.zip->KMSpico_setup.exe->(inno#000003)->(inno#000000)->[MSILRES:AutoPico.SECOH-QAD.x86.exe]; file:_C:\Users\pszen\Downloads\Aktywator KMSpico.zip->KMSpico_setup.exe->(inno#000003)->(inno#000003)->[MSILRES:KMSELDI.SECOH-QAD.x86.dll]; file:_C:\Users\pszen\Downloads\Aktywator KMSpico.zip->KMSpico_setup.exe->(inno#000003)->(inno#000003)->[MSILRES:KMSELDI.SECOH-QAD.x86.exe]; file:_C:\Users\pszen\Downloads\Aktywator KMSpico.zip->KMSpico_setup.exe->(inno#000003)->(inno#000004)->[MSILRES:Service_KMS.SECOH-QAD.x86.dll]; file:_C:\Users\pszen\Downloads\Aktywator KMSpico.zip->KMSpico_setup.exe->(inno#000003)->(inno#000004)->[MSILRES:Service_KMS.SECOH-QAD.x86.exe]; file:_C:\Users\pszen\Downloads\Aktywator KMSpico.zip->KMSpico_setup.exe->(inno#000003)->(inno#000359); file:_C Pochodzenie wykrycia: Komputer lokalny Typ wykrycia: Konkretne Źródło wykrycia: Użytkownik Użytkownik: DESKTOP-PKO5OE2\pszen Nazwa procesu: Unknown Wersja analizy zabezpieczeń: AV: 1.377.658.0, AS: 1.377.658.0, NIS: 1.377.658.0 Wersja aparatu: AM: 1.1.19700.3, NIS: 1.1.19700.3 Date: 2022-10-23 10:04:00 Description: Produkt Program antywirusowy Microsoft Defender wykrył złośliwe oprogramowanie lub inne potencjalnie niechciane oprogramowanie. Aby uzyskać więcej informacji, zobacz: https://go.microsoft.com/fwlink/?linkid=37020&name=HackTool:Win64/AutoKMS&threatid=2147723334&enterprise=0 Nazwa: HackTool:Win64/AutoKMS Identyfikator: 2147723334 Ważność: Wysoki Kategoria: Narzędzie Ścieżka: containerfile:_C:\Users\pszen\Downloads\Aktywator KMSpico.zip; file:_C:\Users\pszen\Downloads\Aktywator KMSpico.zip->KMSpico_setup.exe->(inno#000003)->(inno#000000)->[MSILRES:AutoPico.SECOH-QAD.x64.dll]; file:_C:\Users\pszen\Downloads\Aktywator KMSpico.zip->KMSpico_setup.exe->(inno#000003)->(inno#000000)->[MSILRES:AutoPico.SECOH-QAD.x64.exe]; file:_C:\Users\pszen\Downloads\Aktywator KMSpico.zip->KMSpico_setup.exe->(inno#000003)->(inno#000003)->[MSILRES:KMSELDI.SECOH-QAD.x64.dll]; file:_C:\Users\pszen\Downloads\Aktywator KMSpico.zip->KMSpico_setup.exe->(inno#000003)->(inno#000003)->[MSILRES:KMSELDI.SECOH-QAD.x64.exe]; file:_C:\Users\pszen\Downloads\Aktywator KMSpico.zip->KMSpico_setup.exe->(inno#000003)->(inno#000004)->[MSILRES:Service_KMS.SECOH-QAD.x64.dll]; file:_C:\Users\pszen\Downloads\Aktywator KMSpico.zip->KMSpico_setup.exe->(inno#000003)->(inno#000004)->[MSILRES:Service_KMS.SECOH-QAD.x64.exe] Pochodzenie wykrycia: Komputer lokalny Typ wykrycia: Konkretne Źródło wykrycia: Użytkownik Użytkownik: DESKTOP-PKO5OE2\pszen Nazwa procesu: Unknown Wersja analizy zabezpieczeń: AV: 1.377.658.0, AS: 1.377.658.0, NIS: 1.377.658.0 Wersja aparatu: AM: 1.1.19700.3, NIS: 1.1.19700.3  CodeIntegrity: =============== Date: 2022-10-23 10:10:20 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\ProgramData\Microsoft\Windows Defender\Platform\4.18.2209.7-0\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_9f310939ec1eebf9\igd10iumd64.dll that did not meet the Custom 3 / Antimalware signing level requirements. ==================== Statystyki pamięci =========================== BIOS: American Megatrends Inc. X556UQK.317 04/16/2019 Płyta główna: ASUSTeK COMPUTER INC. X556UQK Procesor: Intel(R) Core(TM) i5-7200U CPU @ 2.50GHz Procent pamięci w użyciu: 60% Całkowita pamięć fizyczna: 8076.28 MB Dostępna pamięć fizyczna: 3194.37 MB Całkowita pamięć wirtualna: 14988.28 MB Dostępna pamięć wirtualna: 9532.02 MB ==================== Dyski ================================ Drive c: (OS) (Fixed) (Total:118.48 GB) (Free:31.51 GB) (Model: HFS128G32TND-N210A) NTFS ==>[system z komponentami startowymi (pozyskano odczytując dysk)] Drive d: (DATA) (Fixed) (Total:931.51 GB) (Free:714.67 GB) (Model: TOSHIBA MQ01ABD100) NTFS \\?\Volume{40811be3-7586-4c69-ab56-d91b1bdfe80e}\ () (Fixed) (Total:0.49 GB) (Free:0.05 GB) NTFS \\?\Volume{9a25ea33-f097-44f0-b266-be68b2a0ab00}\ (SYSTEM) (Fixed) (Total:0.25 GB) (Free:0.22 GB) FAT32 ==================== MBR & Tablica partycji ==================== ========================================================== Disk: 0 (Size: 931.5 GB) (Disk ID: F2D85C98) Partition: GPT. ========================================================== Disk: 1 (Size: 119.2 GB) (Disk ID: D1B1E1BB) Partition: GPT. ==================== Koniec Addition.txt =======================