Rezultaty skanu uzupełniającego Farbar Recovery Scan Tool (x64) Wersja: 15-08-2022 Uruchomiony przez Kotlet (21-08-2022 22:07:23) Uruchomiony z C:\Users\Kotlet\Desktop Microsoft Windows 10 Pro Wersja 21H2 19044.1889 (X64) (2021-07-31 09:14:36) Tryb startu: Normal ========================================================== ==================== Konta użytkowników: ============================= (Załączenie wejścia w fixlist spowoduje jego usunięcie.) Administrator (S-1-5-21-475056248-1176369030-3679479662-500 - Administrator - Disabled) Gość (S-1-5-21-475056248-1176369030-3679479662-501 - Limited - Disabled) Konto domyślne (S-1-5-21-475056248-1176369030-3679479662-503 - Limited - Disabled) Kotlet (S-1-5-21-475056248-1176369030-3679479662-1001 - Administrator - Enabled) => C:\Users\Kotlet WDAGUtilityAccount (S-1-5-21-475056248-1176369030-3679479662-504 - Limited - Disabled) ==================== Centrum zabezpieczeń ======================== (Załączenie wejścia w fixlist spowoduje jego usunięcie.) AV: ESET Security (Enabled - Up to date) {DF8BEACB-94C9-218A-73AD-A78362A8C516} AV: ESET Security (Enabled - Up to date) {89B55CC4-3881-78B2-11E2-479AE0371896} AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} ==================== Zainstalowane programy ====================== (W fixlist dozwolone tylko załączanie programów adware z flagą "Hidden" w celu ich uwidocznienia. Programy adware powinny zostać w poprawny sposób odinstalowane.) Adobe Acrobat DC (64-bit) (HKLM\...\{AC76BA86-1045-1033-7760-BC15014EA700}) (Version: 22.002.20191 - Adobe) Adobe Refresh Manager (HKLM-x32\...\{AC76BA86-0804-1033-1959-001824458876}) (Version: 1.8.0 - Adobe Systems Incorporated) Hidden Audacity 2.0 (HKLM-x32\...\Audacity_is1) (Version: - Audacity Team) Brother MFL-Pro Suite DCP-L2500D series (HKLM-x32\...\{F8ECC2FD-CE2B-4ED4-BDCC-90D0D34206FD}) (Version: 1.0.2.0 - Brother Industries, Ltd.) ChomikBox (HKLM-x32\...\{8E4185CC-4FF3-46B9-A4DB-5B850B71ABC4}) (Version: 2.0.8.2 - Chomikuj.pl) Desk Drive (HKLM-x32\...\{0F34A2F2-F248-41F0-8CAD-7711A4D24B82}) (Version: 2.1.2 - Mike Ward) ESET Security (HKLM\...\{6B1BBDBF-507A-4736-82B0-DE772C1D2AFE}) (Version: 15.2.11.0 - ESET, spol. s r.o.) Google Chrome (HKLM-x32\...\Google Chrome) (Version: 104.0.5112.101 - Google LLC) HP DeskJet Plus 6000 series — podstawowe oprogramowanie urządzenia (HKLM\...\{455528E8-EB56-49C7-A79A-19A56604449A}) (Version: 51.2.4771.2064 - HP Inc.) Icecream Screen Recorder wersja 5.90 (HKLM-x32\...\{7ADEC622-3230-4C9A-9DCE-9BD462B74095}_is1) (Version: 5.90 - Icecream Apps) iMeme 1.0 (HKLM-x32\...\{66CA7D93-1FDD-4152-B241-42971934D8E0}_is1) (Version: - Michael Fogleman) Intel(R) Chipset Device Software (HKLM\...\{368C1112-09E1-4EE3-A274-9118DF101CA9}) (Version: 10.1.18460.8229 - Intel Corporation) Hidden Intel(R) Chipset Device Software (HKLM-x32\...\{a2c684b7-4a4b-425f-a805-1e88940804b0}) (Version: 10.1.18460.8229 - Intel(R) Corporation) Intel(R) Graphics Driver Software (HKLM-x32\...\{7e58df71-ff1c-43fd-a618-5511b76c0dd9}) (Version: 3.11.1.0 - Intel) Hidden Intel(R) Graphics Driver Software (HKLM-x32\...\{9454a0e6-0762-48ec-b153-2a75b252d1fb}) (Version: 3.11.1.0 - Intel) Hidden Intel(R) Wireless Bluetooth(R) (HKLM-x32\...\{00000000-0220-1045-84C8-B8D95FA3C8C3}) (Version: 22.00.0.2 - Intel Corporation) IrfanView 4.51 (64-bit) (HKLM\...\IrfanView64) (Version: 4.51 - Irfan Skiljan) JDownloader 2 (HKLM-x32\...\jdownloader2) (Version: 2.0 - AppWork GmbH) K-Lite Codec Pack 16.3.5 Full (HKLM-x32\...\KLiteCodecPack_is1) (Version: 16.3.5 - KLCP) MediaInfo 21.03 (HKLM\...\MediaInfo) (Version: 21.03 - MediaArea.net) Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 104.0.1293.63 - Microsoft Corporation) Microsoft Office Professional Plus 2019 - pl-pl (HKLM\...\ProPlus2019Retail - pl-pl) (Version: 16.0.15427.20210 - Microsoft Corporation) Microsoft Teams (HKU\S-1-5-21-475056248-1176369030-3679479662-1001\...\Teams) (Version: 1.4.00.26376 - Microsoft Corporation) Microsoft Update Health Tools (HKLM\...\{7B1FCD52-8F6B-4F12-A143-361EA39F5E7C}) (Version: 3.67.0.0 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319 (HKLM\...\{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}) (Version: 10.0.30319 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319 (HKLM-x32\...\{196BB40D-1578-3D01-B289-BEFC77A11A1E}) (Version: 10.0.30319 - Microsoft Corporation) Microsoft Visual C++ 2015-2019 Redistributable (x64) - 14.24.28127 (HKLM-x32\...\{282975d8-55fe-4991-bbbb-06a72581ce58}) (Version: 14.24.28127.4 - Microsoft Corporation) Microsoft Visual C++ 2019 X64 Additional Runtime - 14.24.28127 (HKLM\...\{8678BA04-D161-45BE-ACA4-CC5D13073F35}) (Version: 14.24.28127 - Microsoft Corporation) Hidden Microsoft Visual C++ 2019 X64 Minimum Runtime - 14.24.28127 (HKLM\...\{7DC387B8-E6A2-480C-8EF9-A6E51AE81C19}) (Version: 14.24.28127 - Microsoft Corporation) Hidden MKVToolNix 60.0.0 (64-bit) (HKLM-x32\...\MKVToolNix) (Version: 60.0.0 - Moritz Bunkus) Mozilla Firefox (x64 pl) (HKLM\...\Mozilla Firefox 103.0.2 (x64 pl)) (Version: 103.0.2 - Mozilla) Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 90.0.2 - Mozilla) Napisy24 (HKLM\...\{D1985DBC-F09E-4317-91B8-932AD0FD4A27}_is1) (Version: 1.9.6 - Napisy24.pl) Office 16 Click-to-Run Extensibility Component (HKLM\...\{90160000-008C-0000-1000-0000000FF1CE}) (Version: 16.0.15427.20178 - Microsoft Corporation) Hidden Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-007E-0000-1000-0000000FF1CE}) (Version: 16.0.15427.20148 - Microsoft Corporation) Hidden Office 16 Click-to-Run Localization Component (HKLM\...\{90160000-008C-0415-1000-0000000FF1CE}) (Version: 16.0.15427.20178 - Microsoft Corporation) Hidden Realtek Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.9180.1 - Realtek Semiconductor Corp.) Sprawdzanie kondycji komputera z systemem Windows (HKLM\...\{41E85393-7ED3-4C54-AC25-51F8CDF39CDF}) (Version: 3.6.2204.08001 - Microsoft Corporation) Subtitle Edit 3.6.5 (HKLM\...\SubtitleEdit_is1) (Version: 3.6.5.0 - Nikse) uTorrent PRO v3.5.5 Build 45095 /Makso Repack (HKLM-x32\...\{DB76E6F6-9B78-448E-817D-97AA4DA76716}) (Version: 3.5.5 - BitTorrent, Inc.) VLC media player (HKLM\...\VLC media player) (Version: 3.0.16 - VideoLAN) Winamp (HKLM-x32\...\Winamp) (Version: 5.666 - Nullsoft, Inc) Windows Driver Package - Hewlett-Packard USB (09/08/2015 1.0.0.1) (HKLM\...\C9EDF507DA1B23454B1BF10495C79A1C34ADD79F) (Version: 09/08/2015 1.0.0.1 - Hewlett-Packard) WinRAR 6.00 (64-bitowy) (HKLM\...\WinRAR archiver) (Version: 6.00.0 - win.rar GmbH) Xilisoft Video Converter Ultimate (HKLM-x32\...\Xilisoft Video Converter Ultimate) (Version: 5.1.20.0121 - Xilisoft) Packages: ========= Centrum sterowania grafiką Intel® -> C:\Program Files\WindowsApps\AppUp.IntelGraphicsExperience_1.100.3408.0_x64__8j3eq9eme6ctt [2022-04-21] (INTEL CORP) [Startup Task] Dodatek Aparat multimediów dla aplikacji Zdjęcia -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2021-10-01] (Microsoft Corporation) DTS Audio Processing -> C:\Program Files\WindowsApps\DTSInc.DTSAudioProcessing_1.10.9.0_x64__t5j2fzbtdg37r [2022-07-08] (DTS, Inc.) HP Smart -> C:\Program Files\WindowsApps\AD2F1837.HPPrinterControl_138.1.407.0_x64__v10z8vjag6ke6 [2022-08-19] (HP Inc.) Messenger -> C:\Program Files\WindowsApps\FACEBOOK.317180B0BB486_1560.21.216.0_x64__8xx8rvfyw5nnt [2022-07-20] (Meta) [Startup Task] Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2021-08-01] (Microsoft Corporation) [MS Ad] Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2021-08-01] (Microsoft Corporation) [MS Ad] Microsoft Midi gm.dls -> C:\Program Files\WindowsApps\Microsoft.Midi.GmDls_1.0.1.0_neutral__8wekyb3d8bbwe [2022-07-04] (Microsoft Platform Extensions) Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.13.7180.0_x64__8wekyb3d8bbwe [2022-07-28] (Microsoft Studios) [MS Ad] Netflix -> C:\Program Files\WindowsApps\4DF9E0F8.Netflix_6.98.1805.0_x64__mcm4njqhnhss8 [2022-07-04] (Netflix, Inc.) Realtek Audio Control -> C:\Program Files\WindowsApps\RealtekSemiconductorCorp.RealtekAudioControl_1.26.251.0_x64__dt26b99r8h8gj [2021-08-02] (Realtek Semiconductor Corp) Thunderbolt™ Control Center -> C:\Program Files\WindowsApps\AppUp.ThunderboltControlCenter_1.0.34.0_x64__8j3eq9eme6ctt [2021-08-06] (INTEL CORP) ==================== Niestandardowe rejestracje CLSID (filtrowane): ============== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) CustomCLSID: HKU\S-1-5-21-475056248-1176369030-3679479662-1001_Classes\CLSID\{19A6E644-14E6-4A60-B8D7-DD20610A871D}\InprocServer32 -> C:\Users\Kotlet\AppData\Local\Microsoft\TeamsMeetingAddin\1.0.21161.4\x64\Microsoft.Teams.AddinLoader.dll (Microsoft Corporation -> Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-475056248-1176369030-3679479662-1001_Classes\CLSID\{1BF42E4C-4AF4-4CFD-A1A0-CF2960B8F63E}\InprocServer32 -> C:\Users\Kotlet\AppData\Local\Microsoft\OneDrive\19.043.0304.0013\amd64\FileSyncShell64.dll => Brak pliku CustomCLSID: HKU\S-1-5-21-475056248-1176369030-3679479662-1001_Classes\CLSID\{7AFDFDDB-F914-11E4-8377-6C3BE50D980C}\InprocServer32 -> C:\Users\Kotlet\AppData\Local\Microsoft\OneDrive\19.043.0304.0013\amd64\FileSyncShell64.dll => Brak pliku CustomCLSID: HKU\S-1-5-21-475056248-1176369030-3679479662-1001_Classes\CLSID\{82CA8DE3-01AD-4CEA-9D75-BE4C51810A9E}\InprocServer32 -> C:\Users\Kotlet\AppData\Local\Microsoft\OneDrive\19.043.0304.0013\amd64\FileSyncShell64.dll => Brak pliku ShellIconOverlayIdentifiers: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => -> Brak pliku ShellIconOverlayIdentifiers: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => -> Brak pliku ShellIconOverlayIdentifiers: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => -> Brak pliku ShellIconOverlayIdentifiers: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => -> Brak pliku ShellIconOverlayIdentifiers: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => -> Brak pliku ShellIconOverlayIdentifiers: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => -> Brak pliku ShellIconOverlayIdentifiers: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => -> Brak pliku ShellIconOverlayIdentifiers-x32: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => -> Brak pliku ShellIconOverlayIdentifiers-x32: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => -> Brak pliku ShellIconOverlayIdentifiers-x32: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => -> Brak pliku ShellIconOverlayIdentifiers-x32: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => -> Brak pliku ShellIconOverlayIdentifiers-x32: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => -> Brak pliku ShellIconOverlayIdentifiers-x32: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => -> Brak pliku ShellIconOverlayIdentifiers-x32: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => -> Brak pliku ContextMenuHandlers1: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Security\shellExt.dll [2022-07-01] (ESET, spol. s r.o. -> ESET) ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2020-12-21] (win.rar GmbH -> Alexander Roshal) ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2020-12-21] (win.rar GmbH -> Alexander Roshal) ContextMenuHandlers2: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Security\shellExt.dll [2022-07-01] (ESET, spol. s r.o. -> ESET) ContextMenuHandlers6: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Security\shellExt.dll [2022-07-01] (ESET, spol. s r.o. -> ESET) ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2020-12-21] (win.rar GmbH -> Alexander Roshal) ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2020-12-21] (win.rar GmbH -> Alexander Roshal) ==================== Codecs (filtrowane) ==================== ==================== Skróty & WMI ======================== ==================== Załadowane moduły (filtrowane) ============= 2021-07-31 11:29 - 2021-07-31 11:29 - 000000000 ____L (Microsoft Corporation) [simlink -> C:\Program Files\Common Files\Microsoft Shared\ClickToRun\AppvIsvSubsystems64.dll] C:\Program Files\Microsoft Office\Root\Office16\AppVIsvSubsystems64.dll 2021-07-31 11:29 - 2021-07-31 11:29 - 000000000 ____L (Microsoft Corporation) [simlink -> C:\Program Files\Common Files\Microsoft Shared\ClickToRun\C2R64.dll] C:\Program Files\Microsoft Office\Root\Office16\c2r64.dll ==================== Alternate Data Streams (filtrowane) ======== ==================== Tryb awaryjny (filtrowane) ================== ==================== Powiązania plików (filtrowane) ================= ==================== Internet Explorer (filtrowane) ========== BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\Office16\OCHelper.dll [2022-08-09] (Microsoft Corporation -> Microsoft Corporation) BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2022-08-09] (Microsoft Corporation -> Microsoft Corporation) Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2022-08-09] (Microsoft Corporation -> Microsoft Corporation) Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2022-08-09] (Microsoft Corporation -> Microsoft Corporation) Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2022-08-09] (Microsoft Corporation -> Microsoft Corporation) Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2022-08-09] (Microsoft Corporation -> Microsoft Corporation) Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2022-08-09] (Microsoft Corporation -> Microsoft Corporation) Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2022-08-09] (Microsoft Corporation -> Microsoft Corporation) Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2022-08-09] (Microsoft Corporation -> Microsoft Corporation) Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2022-08-09] (Microsoft Corporation -> Microsoft Corporation) ==================== Hosts - zawartość: ========================= (Użycie dyrektywy Hosts: w fixlist spowoduje reset pliku Hosts.) 2019-12-07 11:14 - 2019-12-07 11:12 - 000000824 _____ C:\Windows\system32\drivers\etc\hosts ==================== Inne obszary =========================== (Obecnie brak automatycznej naprawy dla tej sekcji.) HKCU\Environment\\Path -> %USERPROFILE%\AppData\Local\Microsoft\WindowsApps HKU\S-1-5-21-475056248-1176369030-3679479662-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Kotlet\AppData\Local\Packages\Microsoft.Windows.Photos_8wekyb3d8bbwe\LocalState\PhotosAppBackground\wallpapersden.com_windows-10-clean-dark_2560x1440.jpg DNS Servers: 192.168.31.1 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1) HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: ) Zapora systemu Windows [funkcja włączona] ==================== MSCONFIG/TASK MANAGER - Wyłączone elementy == (Załączenie wejścia w fixlist spowoduje jego usunięcie.) HKLM\...\StartupApproved\Run32: => "ControlCenter4" HKU\S-1-5-21-475056248-1176369030-3679479662-1001\...\StartupApproved\Run: => "Napisy24.pl" HKU\S-1-5-21-475056248-1176369030-3679479662-1001\...\StartupApproved\Run: => "Napisy24Update" ==================== Reguły Zapory systemu Windows (filtrowane) ================ (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) FirewallRules: [{1F89C538-DD91-463D-96F2-CC1E0612CCC0}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [{662D6376-86E5-49DE-9DCA-A73498405B14}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [{D3FC13F1-64EF-44B0-9B08-07D28306C2A4}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation) FirewallRules: [{32628C3E-F7A6-4027-9CC6-FE35AFB45FC5}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation) FirewallRules: [TCP Query User{70E53ED2-E1B2-4FC9-B0D1-D6CAC01D35E3}C:\users\kotlet\appdata\roaming\utorrent pro v3.5.5 build 45095\utorrent.exe] => (Allow) C:\users\kotlet\appdata\roaming\utorrent pro v3.5.5 build 45095\utorrent.exe => Brak pliku FirewallRules: [UDP Query User{789BE82E-37C3-4F58-84E1-E7FB7FA84772}C:\users\kotlet\appdata\roaming\utorrent pro v3.5.5 build 45095\utorrent.exe] => (Allow) C:\users\kotlet\appdata\roaming\utorrent pro v3.5.5 build 45095\utorrent.exe => Brak pliku FirewallRules: [{7111E557-CFF2-41DC-9481-135A105EACF4}] => (Allow) C:\Program Files (x86)\Winamp\winamp.exe (Nullsoft Inc. -> Nullsoft, Inc.) FirewallRules: [{2855ED58-B8B2-4565-BCB5-9675464A3634}] => (Allow) C:\Program Files (x86)\Winamp\winamp.exe (Nullsoft Inc. -> Nullsoft, Inc.) FirewallRules: [TCP Query User{EB2A331B-91F5-4938-B7A0-ADCB2B9FC6C3}D:\programy\file & image upload\fileuploader.exe] => (Allow) D:\programy\file & image upload\fileuploader.exe (z_o_o_m's corp.) [Brak podpisu cyfrowego] FirewallRules: [UDP Query User{DABA3A49-5D53-446E-8C3F-F5C1A2224599}D:\programy\file & image upload\fileuploader.exe] => (Allow) D:\programy\file & image upload\fileuploader.exe (z_o_o_m's corp.) [Brak podpisu cyfrowego] FirewallRules: [{4F50D3AD-9D8C-460B-BE77-2D036D4461CD}] => (Allow) C:\Users\Kotlet\AppData\Local\Temp\7zS29AC\HP.EasyStart.exe => Brak pliku FirewallRules: [{793D08FF-0A00-4FE4-AA86-064391F168AC}] => (Allow) C:\Users\Kotlet\AppData\Local\Temp\7zS2B90\HPEasyStart\HP.EasyStart.exe => Brak pliku FirewallRules: [TCP Query User{07EA27B9-87DD-4B2F-A180-6151B40419E9}C:\users\kotlet\appdata\local\temp\7zs4d89\enterprisedu.exe] => (Allow) C:\users\kotlet\appdata\local\temp\7zs4d89\enterprisedu.exe => Brak pliku FirewallRules: [UDP Query User{67B68261-9C23-4A3E-92DE-E1D36E494057}C:\users\kotlet\appdata\local\temp\7zs4d89\enterprisedu.exe] => (Allow) C:\users\kotlet\appdata\local\temp\7zs4d89\enterprisedu.exe => Brak pliku FirewallRules: [{FE878F5E-6D8F-45CE-8B71-CD2D01C6716C}] => (Allow) C:\HP\Diagnostics\PSDR\HPDiagnosticCoreUI.exe (HP Inc. -> HP Development Company, L.P.) FirewallRules: [{BF83C3D9-B3D0-4996-BB5E-46A20586B38E}] => (Allow) C:\HP\Diagnostics\PSDR\HPDiagnosticCoreUI.exe (HP Inc. -> HP Development Company, L.P.) FirewallRules: [{29D984D6-5830-417A-BFCA-F81345FCC888}] => (Allow) C:\Users\Kotlet\AppData\Local\Temp\7zS4499\HP.EasyStart.exe => Brak pliku FirewallRules: [{5D0E7555-1FE5-4B5F-8956-A23469ECFA3A}] => (Allow) C:\Program Files\HP\HP DeskJet Plus 6000 series\Bin\DeviceSetup.exe (HP Inc -> HP Inc.) FirewallRules: [{CBCC1978-FAE0-4BA9-A653-9BDB8DE7D064}] => (Allow) LPort=5357 FirewallRules: [{A1F6D855-2DB6-4CA5-ADAA-89D70577E5FD}] => (Allow) C:\Program Files\HP\HP DeskJet Plus 6000 series\Bin\HPNetworkCommunicatorCom.exe (HP Inc -> HP Inc.) FirewallRules: [{A26AE07E-A620-4D75-AC96-E2D0A6BC8DCB}] => (Allow) C:\Users\Kotlet\AppData\Local\Temp\7zS2EC3\HP.EasyStart.exe => Brak pliku FirewallRules: [TCP Query User{B49A896D-EDCA-45E2-A11D-A2CE2338FE4F}C:\users\kotlet\appdata\roaming\utorrent pro v3.5.5 build 45095\utorrent.exe] => (Allow) C:\users\kotlet\appdata\roaming\utorrent pro v3.5.5 build 45095\utorrent.exe => Brak pliku FirewallRules: [UDP Query User{38344812-D0D6-4ADF-A186-52584C7652AF}C:\users\kotlet\appdata\roaming\utorrent pro v3.5.5 build 45095\utorrent.exe] => (Allow) C:\users\kotlet\appdata\roaming\utorrent pro v3.5.5 build 45095\utorrent.exe => Brak pliku FirewallRules: [{4ABBE400-6180-414C-B37B-68C9EFBB3DF8}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [{09876B5B-3120-4DA5-974C-5098413B3830}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [{D668E1F7-11C4-4931-836E-D5AB162E7E60}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [TCP Query User{6B6398F6-EFF6-4F46-9182-E94E882B280B}D:\efootball pes 2021\pes2021.exe] => (Allow) D:\efootball pes 2021\pes2021.exe => Brak pliku FirewallRules: [UDP Query User{4A7C7F76-0982-411D-B0C9-0286A148A33D}D:\efootball pes 2021\pes2021.exe] => (Allow) D:\efootball pes 2021\pes2021.exe => Brak pliku FirewallRules: [TCP Query User{EB3DC9A5-115A-4E32-9E9E-6FE6109B4AC4}D:\efootball pes 2021\pes2021.exe] => (Allow) D:\efootball pes 2021\pes2021.exe => Brak pliku FirewallRules: [UDP Query User{76C9F04A-E55B-415F-91B2-C065EB58612C}D:\efootball pes 2021\pes2021.exe] => (Allow) D:\efootball pes 2021\pes2021.exe => Brak pliku FirewallRules: [{2BD265AE-48A7-438E-974D-6BAC5C1C2A18}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC) ==================== Punkty Przywracania systemu ========================= 03-08-2022 22:25:57 Zaplanowany punkt kontrolny 11-08-2022 19:13:59 Instalator modułów systemu Windows 19-08-2022 12:22:35 Zaplanowany punkt kontrolny ==================== Wadliwe urządzenia w Menedżerze urządzeń ============ ==================== Błędy w Dzienniku zdarzeń: ======================== Dziennik Aplikacja: ================== Error: (08/21/2022 09:07:17 PM) (Source: Software Protection Platform Service) (EventID: 8198) (User: ) Description: Aktywacja licencji (slui.exe) nie powiodła się, kod błędu: hr=0xC004F074 Argumenty wiersza polecenia: RuleId=502ff3ba-669a-4674-bbb1-601f34a3b968;Action=AutoActivateSilent;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=2de67392-b7a7-462a-b1ca-108dd189f588;NotificationInterval=1440;Trigger=NetworkAvailable Error: (08/21/2022 09:06:50 PM) (Source: Software Protection Platform Service) (EventID: 8198) (User: ) Description: Aktywacja licencji (slui.exe) nie powiodła się, kod błędu: hr=0xC004F074 Argumenty wiersza polecenia: RuleId=502ff3ba-669a-4674-bbb1-601f34a3b968;Action=AutoActivateSilent;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=2de67392-b7a7-462a-b1ca-108dd189f588;NotificationInterval=1440;Trigger=NetworkAvailable Error: (08/21/2022 05:23:57 PM) (Source: Software Protection Platform Service) (EventID: 8198) (User: ) Description: Aktywacja licencji (slui.exe) nie powiodła się, kod błędu: hr=0xC004F074 Argumenty wiersza polecenia: RuleId=502ff3ba-669a-4674-bbb1-601f34a3b968;Action=AutoActivateSilent;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=2de67392-b7a7-462a-b1ca-108dd189f588;NotificationInterval=1440;Trigger=NetworkAvailable Error: (08/21/2022 05:23:31 PM) (Source: Software Protection Platform Service) (EventID: 8198) (User: ) Description: Aktywacja licencji (slui.exe) nie powiodła się, kod błędu: hr=0xC004F074 Argumenty wiersza polecenia: RuleId=502ff3ba-669a-4674-bbb1-601f34a3b968;Action=AutoActivateSilent;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=2de67392-b7a7-462a-b1ca-108dd189f588;NotificationInterval=1440;Trigger=UserLogon;SessionId=2 Error: (08/21/2022 05:22:19 PM) (Source: Software Protection Platform Service) (EventID: 8198) (User: ) Description: Aktywacja licencji (slui.exe) nie powiodła się, kod błędu: hr=0x80004005 Argumenty wiersza polecenia: RuleId=502ff3ba-669a-4674-bbb1-601f34a3b968;Action=AutoActivateSilent;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=2de67392-b7a7-462a-b1ca-108dd189f588;NotificationInterval=1440;Trigger=UserLogon;SessionId=1 Error: (08/21/2022 04:31:06 PM) (Source: Software Protection Platform Service) (EventID: 8198) (User: ) Description: Aktywacja licencji (slui.exe) nie powiodła się, kod błędu: hr=0xC004F074 Argumenty wiersza polecenia: RuleId=502ff3ba-669a-4674-bbb1-601f34a3b968;Action=AutoActivateSilent;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=2de67392-b7a7-462a-b1ca-108dd189f588;NotificationInterval=1440;Trigger=NetworkAvailable Error: (08/21/2022 04:30:17 PM) (Source: Software Protection Platform Service) (EventID: 8198) (User: ) Description: Aktywacja licencji (slui.exe) nie powiodła się, kod błędu: hr=0xC004F074 Argumenty wiersza polecenia: RuleId=502ff3ba-669a-4674-bbb1-601f34a3b968;Action=AutoActivateSilent;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=2de67392-b7a7-462a-b1ca-108dd189f588;NotificationInterval=1440;Trigger=UserLogon;SessionId=1 Error: (08/21/2022 04:28:48 PM) (Source: VSS) (EventID: 8193) (User: ) Description: Błąd Usługi kopiowania woluminów w tle: nieoczekiwany błąd podczas wywoływania procedury CoCreateInstance. hr = 0x8007045b, Trwa proces zamykania systemu. . Dziennik System: ============= Error: (08/21/2022 10:00:13 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Nie można uruchomić usługi eapihdrv z powodu następującego błędu: Nastąpiło zablokowanie ładowania sterownika Error: (08/21/2022 10:00:13 PM) (Source: Application Popup) (EventID: 1060) (User: ) Description: \??\C:\Users\Kotlet\AppData\Local\Temp\ehdrv.sys Error: (08/21/2022 10:00:12 PM) (Source: Application Popup) (EventID: 1060) (User: ) Description: \??\C:\Users\Kotlet\AppData\Local\Temp\ehdrv.sys Error: (08/21/2022 10:00:12 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Nie można uruchomić usługi eapihdrv z powodu następującego błędu: Nastąpiło zablokowanie ładowania sterownika Error: (08/21/2022 10:00:12 PM) (Source: Application Popup) (EventID: 1060) (User: ) Description: \??\C:\Users\Kotlet\AppData\Local\Temp\ehdrv.sys Error: (08/21/2022 10:00:12 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Nie można uruchomić usługi eapihdrv z powodu następującego błędu: Nastąpiło zablokowanie ładowania sterownika Error: (08/21/2022 10:00:12 PM) (Source: Application Popup) (EventID: 1060) (User: ) Description: \??\C:\Users\Kotlet\AppData\Local\Temp\ehdrv.sys Error: (08/21/2022 10:00:12 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Nie można uruchomić usługi eapihdrv z powodu następującego błędu: Nastąpiło zablokowanie ładowania sterownika CodeIntegrity: =============== Date: 2022-08-21 17:23:54 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files\ESET\ESET Security\eamsi.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. ==================== Statystyki pamięci =========================== BIOS: Insyde Corp. V1.09 03/29/2021 Płyta główna: TGL Kona_TL Procesor: 11th Gen Intel(R) Core(TM) i7-1165G7 @ 2.80GHz Procent pamięci w użyciu: 40% Całkowita pamięć fizyczna: 16179.3 MB Dostępna pamięć fizyczna: 9627.66 MB Całkowita pamięć wirtualna: 18611.3 MB Dostępna pamięć wirtualna: 11448.3 MB ==================== Dyski ================================ Drive c: (WiNDOWS) (Fixed) (Total:149.98 GB) (Free:82.93 GB) (Model: NVMe Micron_2210_MTFDHBA1T0QFD) NTFS Drive d: (DANE) (Fixed) (Total:803.77 GB) (Free:531.98 GB) (Model: NVMe Micron_2210_MTFDHBA1T0QFD) NTFS \\?\Volume{3d23f099-80a0-4492-8554-9e2b11f7b2e6}\ () (Fixed) (Total:0.09 GB) (Free:0.07 GB) FAT32 ==================== MBR & Tablica partycji ==================== ========================================================== Disk: 0 (Size: 953.9 GB) (Disk ID: FA0F89BB) Partition: GPT. ==================== Koniec Addition.txt =======================