Rezultaty skanu uzupełniającego Farbar Recovery Scan Tool (x64) Wersja: 20-01-2023 Uruchomiony przez demyt (23-01-2023 22:15:39) Uruchomiony z C:\Users\demyt\Desktop Microsoft Windows 11 Pro Wersja 22H2 22621.1105 (X64) (2022-11-27 10:55:47) Tryb startu: Normal ========================================================== ==================== Konta użytkowników: ============================= (Załączenie wejścia w fixlist spowoduje jego usunięcie.) Administrator (S-1-5-21-1767245834-3219494416-4251626064-500 - Administrator - Disabled) demyt (S-1-5-21-1767245834-3219494416-4251626064-1001 - Administrator - Enabled) => C:\Users\demyt Gość (S-1-5-21-1767245834-3219494416-4251626064-501 - Limited - Disabled) Konto domyślne (S-1-5-21-1767245834-3219494416-4251626064-503 - Limited - Disabled) WDAGUtilityAccount (S-1-5-21-1767245834-3219494416-4251626064-504 - Limited - Disabled) ==================== Centrum zabezpieczeń ======================== (Załączenie wejścia w fixlist spowoduje jego usunięcie.) AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} ==================== Zainstalowane programy ====================== (W fixlist dozwolone tylko załączanie programów adware z flagą "Hidden" w celu ich uwidocznienia. Programy adware powinny zostać w poprawny sposób odinstalowane.) 7-Zip 21.07 (x64) (HKLM\...\7-Zip) (Version: 21.07 - Igor Pavlov) Adobe Flash Player 10 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 10.1.102.64 - Adobe Systems Incorporated) APP Center (HKLM-x32\...\{D50BEE9A-0EC6-4A58-BF90-35BDC6D6495D}) (Version: 3.22.1031.1 - Gigabyte) Hidden APP Center (HKLM-x32\...\InstallShield_{D50BEE9A-0EC6-4A58-BF90-35BDC6D6495D}) (Version: 3.22.1031.1 - Gigabyte) Apple Mobile Device Support (HKLM\...\{065D0CC8-C382-48AF-8A88-0DD3366EB26C}) (Version: 16.0.0.25 - Apple Inc.) Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment) Blur Busters Strobe Util (HKLM-x32\...\{57BDAE81-2BE7-4ABA-8B03-1520FBF41AF9}) (Version: 1.0.0 - Blur Busters) Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.) Burning Crusade Classic (HKLM-x32\...\Burning Crusade Classic) (Version: - Blizzard Entertainment) Call of Duty (HKLM-x32\...\Call of Duty) (Version: - Blizzard Entertainment) Canon IJ Printer Assistant Tool (HKLM-x32\...\Canon IJ Printer Assistant Tool) (Version: 1.30.1.52 - Canon Inc.) Canon IJ Scan Utility (HKLM-x32\...\Canon_IJ_Scan_Utility) (Version: 1.5.5.3 - Canon Inc.) Canon Inkjet Printer/Scanner/Fax Extended Survey Program (HKLM-x32\...\CANONIJPLM100) (Version: 6.4.0 - Canon Inc.) Canon TS3300 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_TS3300_series) (Version: 1.01 - Canon Inc.) CurseForge (HKU\S-1-5-21-1767245834-3219494416-4251626064-1001\...\Overwolf_cchhcaiapeikjbdbpfplgmpobbcdkdaphclbmkbj) (Version: 0.217.3.7928 - Overwolf app) Discord (HKU\S-1-5-21-1767245834-3219494416-4251626064-1001\...\Discord) (Version: 1.0.9004 - Discord Inc.) Dynamic Application Loader Host Interface Service (HKLM\...\{439E5170-CFC8-4944-8119-746ECF219399}) (Version: 1.0.0.0 - Intel Corporation) Hidden ENE_AIC_Marvell_HAL (HKLM\...\{085E2365-0A70-4230-B664-02D5E4FE7E9C}) (Version: 1.0.7.0 - ENE TECHNOLOGY INC.) Hidden ENE_AIC_Marvell_HAL (HKLM-x32\...\{887e18fb-6bc3-4cd4-b34e-32d9ff71bbae}) (Version: 1.0.7.0 - ENE TECHNOLOGY INC.) Hidden ENE_DRAM_RGB_AIO (HKLM\...\{1745D314-9077-46C9-8562-1C62BAE189B7}) (Version: 1.0.3.32 - Ene Tech.) Hidden ENE_DRAM_RGB_AIO (HKLM-x32\...\{acfd3daa-8cad-4514-bc73-64a154033052}) (Version: 1.0.3.32 - Ene Tech.) Hidden ENE_EHD_M2_HAL (HKLM\...\{37A48B7F-D4EA-4863-844E-A284E2AA3C5D}) (Version: 1.0.9.12 - ENE TECHNOLOGY INC.) Hidden ENE_EHD_M2_HAL (HKLM-x32\...\{97f3a665-a91b-4def-91e2-97fec9f22bfa}) (Version: 1.0.9.12 - ENE TECHNOLOGY INC.) Hidden ENE_MousePad_HAL (HKLM\...\{9E97178A-ADB8-4778-BE60-7E28E2A72721}) (Version: 1.0.1.8 - ENE TECHNOLOGY INC.) Hidden ENE_MousePad_HAL (HKLM-x32\...\{bf256b46-8ff7-48be-ab7f-5661e9a0651f}) (Version: 1.0.1.8 - ENE TECHNOLOGY INC.) Hidden ENE_X_AIC_HAL (HKLM\...\{CF703694-01C6-4062-B797-84DB215662BC}) (Version: 1.0.4.0 - ENE TECHNOLOGY INC.) Hidden ENE_X_AIC_HAL (HKLM-x32\...\{ec10ac91-2e61-460a-b493-33f794a07682}) (Version: 1.0.4.0 - ENE TECHNOLOGY INC.) Hidden ENE_X-JMI_HAL (HKLM\...\{2B8E611F-0B51-4FAC-87BB-AF50D82E7DDA}) (Version: 1.0.8.0 - ENE Tech) Hidden ENE_X-JMI_HAL (HKLM-x32\...\{7eeee667-b295-4acd-9a4e-1160421db765}) (Version: 1.0.8.0 - ENE Tech) Hidden GeeGeeClient (HKLM\...\{F30669A3-34F1-4C1C-94A4-D3EE837C7CB8}) (Version: 1.2.12.0 - WonderPeople) Google Chrome (HKLM-x32\...\Google Chrome) (Version: 109.0.5414.75 - Google LLC) iMazing 2.15.11.0 (HKLM\...\iMazing_is1) (Version: 2.15.11.0 - DigiDNA) Intel(R) Chipset Device Software (HKLM\...\{C6A1126A-6ED6-4231-BA48-4DA77986FA1C}) (Version: 10.1.18950.8298 - Intel Corporation) Hidden Intel(R) Chipset Device Software (HKLM-x32\...\{db747e10-c752-4e5a-b099-922800123b36}) (Version: 10.1.18950.8298 - Intel(R) Corporation) Intel(R) HID Event Filter (HKLM-x32\...\3FB06EEC-013D-4366-9918-71B97DFB84EB) (Version: 2.2.1.386 - Intel Corporation) Intel(R) LMS (HKLM\...\{DFFC9992-3A41-4155-A834-9831C6E58D98}) (Version: 1.0.0.0 - Intel Corporation) Hidden Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 2130.16.0.2387 - Intel Corporation) Intel(R) Management Engine Components (HKLM\...\{FA6E1882-F6C1-47E1-A6CB-FC1F5460E311}) (Version: 1.0.0.0 - Intel Corporation) Hidden Intel(R) Management Engine Driver (HKLM\...\{38F0D70E-8F07-4BF9-A5E0-6946C3D614D8}) (Version: 1.0.0.0 - Intel Corporation) Hidden Intel(R) Serial IO (HKLM\...\{8EC4CB19-850D-4BD4-B914-F63DF7DAD67D}) (Version: 30.100.2131.26 - Intel Corporation) Hidden Intel(R) Serial IO (HKLM\...\{9FD91C5C-44AE-4D9D-85BE-AE52816B0294}) (Version: 30.100.2131.26 - Intel Corporation) KMS_VL_ALL_AIO (HKLM-x32\...\{21498B56-B51C-4EB6-8846-0A7A5A62C93F}) (Version: 1.0.0 - KMS_VL_ALL_AIO) KMS_VL_ALL_AIO (HKLM-x32\...\{E2567B1F-1824-42A3-9ED3-C7145F6A0B49}) (Version: 1.0.0 - KMS_VL_ALL_AIO) Microsoft .NET 6.0 Templates 6.0.300 (x64) (HKLM\...\{D186E1E2-B13B-4C21-BE6F-95B3D3A9766A}) (Version: 24.5.59959 - Microsoft Corporation) Hidden Microsoft .NET AppHost Pack - 6.0.5 (x64) (HKLM\...\{DDF34AE7-3AFE-47E2-916D-FF5F75F8D14F}) (Version: 48.23.40665 - Microsoft Corporation) Hidden Microsoft .NET AppHost Pack - 6.0.5 (x64_arm) (HKLM\...\{F51205EB-A84E-47C4-B4EC-04D3083936EE}) (Version: 48.23.40665 - Microsoft Corporation) Hidden Microsoft .NET AppHost Pack - 6.0.5 (x64_arm64) (HKLM\...\{E01CEF22-178C-4406-BE98-1D8E949DB8D1}) (Version: 48.23.40665 - Microsoft Corporation) Hidden Microsoft .NET AppHost Pack - 6.0.5 (x64_x86) (HKLM\...\{6C26CE5C-D976-4D0E-A81D-09749CEAEB10}) (Version: 48.23.40665 - Microsoft Corporation) Hidden Microsoft .NET Host - 6.0.5 (x64) (HKLM\...\{F3B3A61B-DC16-429A-A260-DBAFE66741A9}) (Version: 48.23.40665 - Microsoft Corporation) Hidden Microsoft .NET Host FX Resolver - 6.0.5 (x64) (HKLM\...\{3E6CCD41-6B96-47BD-8E1E-D7B593CEE976}) (Version: 48.23.40665 - Microsoft Corporation) Hidden Microsoft .NET Runtime - 6.0.5 (x64) (HKLM\...\{089A177D-98AE-4195-A115-D3C45613B875}) (Version: 48.23.40665 - Microsoft Corporation) Hidden Microsoft .NET SDK 6.0.300 (x64) (HKLM-x32\...\{5b68978d-d3f9-49b8-bcf5-0f8aadee9c19}) (Version: 6.3.22.22103 - Microsoft Corporation) Microsoft .NET Standard Targeting Pack - 2.1.0 (x64) (HKLM\...\{A7036CFB-B403-4598-85FF-D397ABB88173}) (Version: 24.0.28113 - Microsoft Corporation) Hidden Microsoft .NET Targeting Pack - 6.0.5 (x64) (HKLM\...\{6FC7A320-9569-4734-96AE-C5FE6D15A95F}) (Version: 48.23.40665 - Microsoft Corporation) Hidden Microsoft .NET Toolset 6.0.300 (x64) (HKLM\...\{58C5A2D0-F591-48A9-AF8F-B9D34DB96C4A}) (Version: 24.4.59959 - Microsoft Corporation) Hidden Microsoft ASP.NET Core 6.0.5 Shared Framework (x64) (HKLM\...\{FBBCB9D0-A7C5-3132-A27B-B857F79A1377}) (Version: 6.0.5.22218 - Microsoft Corporation) Hidden Microsoft ASP.NET Core 6.0.5 Targeting Pack (x64) (HKLM\...\{94DBC1B2-429D-3445-B5A3-57221E1670FE}) (Version: 6.0.5.22218 - Microsoft Corporation) Hidden Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 109.0.1518.61 - Microsoft Corporation) Microsoft Office LTSC Professional Plus 2021 - en-us (HKLM\...\ProPlus2021Volume - en-us) (Version: 16.0.14332.20447 - Microsoft Corporation) Microsoft Office LTSC Professional Plus 2021 - pl-pl (HKLM\...\ProPlus2021Volume - pl-pl) (Version: 16.0.14332.20447 - Microsoft Corporation) Microsoft OneDrive (HKLM\...\OneDriveSetup.exe) (Version: 22.253.1204.0001 - Microsoft Corporation) Microsoft Teams (HKU\S-1-5-21-1767245834-3219494416-4251626064-1001\...\Teams) (Version: 1.4.00.19572 - Microsoft Corporation) Microsoft Update Health Tools (HKLM\...\{6A2A8076-135F-4F55-BB02-DED67C8C6934}) (Version: 4.67.0.0 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.61030 (HKLM\...\{37B8F9C7-03FB-3253-8781-2517C99D7C00}) (Version: 11.0.61030 - Microsoft Corporation) Hidden Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.61030 (HKLM\...\{CF2BEA3C-26EA-32F8-AA9B-331F7E34BA97}) (Version: 11.0.61030 - Microsoft Corporation) Hidden Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61030 (HKLM-x32\...\{B175520C-86A2-35A7-8619-86DC379688B9}) (Version: 11.0.61030 - Microsoft Corporation) Hidden Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61030 (HKLM-x32\...\{BD95A8CD-1D9F-35AD-981A-3E7925026EBB}) (Version: 11.0.61030 - Microsoft Corporation) Hidden Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual C++ 2013 x64 Additional Runtime - 12.0.21005 (HKLM\...\{929FBD26-9020-399B-9A7A-751D61F0B942}) (Version: 12.0.21005 - Microsoft Corporation) Hidden Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.21005 (HKLM\...\{A749D8E6-B613-3BE3-8F5F-045C84EBA29B}) (Version: 12.0.21005 - Microsoft Corporation) Hidden Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.21005 (HKLM-x32\...\{F8CFEB22-A2E7-3971-9EDA-4B11EDEFC185}) (Version: 12.0.21005 - Microsoft Corporation) Hidden Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.21005 (HKLM-x32\...\{13A4EE12-23EA-3371-91EE-EFB36DDFFF3E}) (Version: 12.0.21005 - Microsoft Corporation) Hidden Microsoft Visual C++ 2015-2019 Redistributable (x64) - 14.28.29334 (HKLM-x32\...\{a9cfe9c7-e54f-46cd-9c5c-542ff8e3e8c4}) (Version: 14.28.29334.0 - Microsoft Corporation) Microsoft Visual C++ 2015-2019 Redistributable (x86) - 14.28.29334 (HKLM-x32\...\{b2d0f752-adc5-496e-8f70-8669de01f746}) (Version: 14.28.29334.0 - Microsoft Corporation) Microsoft Visual C++ 2019 X64 Additional Runtime - 14.28.29334 (HKLM\...\{2E11EF4E-901F-4B2D-B68E-3DB2A566C857}) (Version: 14.28.29334 - Microsoft Corporation) Hidden Microsoft Visual C++ 2019 X64 Minimum Runtime - 14.28.29334 (HKLM\...\{8A3F7D5B-422D-49D9-84F7-8DC1B7782967}) (Version: 14.28.29334 - Microsoft Corporation) Hidden Microsoft Visual C++ 2019 X86 Additional Runtime - 14.28.29334 (HKLM-x32\...\{14C49FC8-3E9B-4F29-8526-26629B5CF30B}) (Version: 14.28.29334 - Microsoft Corporation) Hidden Microsoft Visual C++ 2019 X86 Minimum Runtime - 14.28.29334 (HKLM-x32\...\{0D01A812-82A1-481F-8546-8E28E976F8DF}) (Version: 14.28.29334 - Microsoft Corporation) Hidden Microsoft Windows Desktop Runtime - 6.0.5 (x64) (HKLM\...\{DE578B32-084A-49E7-8E55-6F58A37578C0}) (Version: 48.23.40699 - Microsoft Corporation) Hidden Microsoft Windows Desktop Targeting Pack - 6.0.5 (x64) (HKLM\...\{3A88D276-0686-41F8-851F-421F8A79C6AA}) (Version: 48.23.40699 - Microsoft Corporation) Hidden Microsoft.NET.Sdk.Android.Manifest-6.0.300 (HKLM\...\{052CDF8C-E534-462F-8D12-CCB3EA4FC3B3}) (Version: 128.75.4 - Microsoft Corporation) Hidden Microsoft.NET.Sdk.iOS.Manifest-6.0.300 (HKLM\...\{D6421A31-9594-4FE3-86C6-3F9E0D3FCE3C}) (Version: 60.89.125 - Microsoft Corporation) Hidden Microsoft.NET.Sdk.MacCatalyst.Manifest-6.0.300 (HKLM\...\{459CC7DE-B28A-445C-920D-794B37FF7D55}) (Version: 60.89.125 - Microsoft Corporation) Hidden Microsoft.NET.Sdk.macOS.Manifest-6.0.300 (HKLM\...\{2AB77B83-C379-404E-9652-4AB1B4980227}) (Version: 48.57.125 - Microsoft Corporation) Hidden Microsoft.NET.Sdk.Maui.Manifest-6.0.300 (HKLM\...\{A560FBB0-69A7-4797-8B25-869C30F7EDBB}) (Version: 24.75.5355 - Microsoft Corporation) Hidden Microsoft.NET.Sdk.tvOS.Manifest-6.0.300 (HKLM\...\{DAE08CB9-F109-4101-8C24-C648E1E7AD45}) (Version: 60.89.125 - Microsoft Corporation) Hidden Microsoft.NET.Workload.Emscripten.Manifest (HKLM\...\{7CBF3451-2A94-4DFD-8355-6B97C5EABB26}) (Version: 48.27.39026 - Microsoft Corporation) Hidden Microsoft.NET.Workload.Mono.Toolchain.Manifest (HKLM\...\{A626E240-C89F-45CD-BFD7-B263C3D33CAD}) (Version: 48.3.39076 - Microsoft Corporation) Hidden NVIDIA FrameView SDK 1.3.8107.31782123 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_FrameViewSdk) (Version: 1.3.8107.31782123 - NVIDIA Corporation) NVIDIA GeForce Experience 3.26.0.154 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.26.0.154 - NVIDIA Corporation) NVIDIA G-SYNC Pendulum Demo (HKLM-x32\...\G-SYNC) (Version: 1.13 - NVIDIA Corporation) NVIDIA Oprogramowanie systemu PhysX 9.21.0713 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.21.0713 - NVIDIA Corporation) NVIDIA Sterownik dźwięku HD 1.3.39.16 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.39.16 - NVIDIA Corporation) NVIDIA Sterownik graficzny 526.98 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 526.98 - NVIDIA Corporation) Obsługa iPoda (HKLM\...\{27298082-1578-47B9-ACF8-C9C0FBF49D50}) (Version: 12.11.3.7 - Apple Inc.) Office 16 Click-to-Run Extensibility Component (HKLM\...\{90160000-008C-0000-1000-0000000FF1CE}) (Version: 16.0.14332.20447 - Microsoft Corporation) Hidden Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-007E-0000-1000-0000000FF1CE}) (Version: 16.0.14332.20447 - Microsoft Corporation) Hidden Office 16 Click-to-Run Localization Component (HKLM\...\{90160000-008C-0415-1000-0000000FF1CE}) (Version: 16.0.14332.20375 - Microsoft Corporation) Hidden Overwolf (HKLM-x32\...\Overwolf) (Version: 0.216.0.26 - Overwolf Ltd.) Patriot Viper M2 SSD RGB (HKLM\...\{8B4C0A3D-C135-4E1F-98D8-3926494B4D61}) (Version: 1.1.0.1 - Patriot Memory) Hidden Patriot Viper M2 SSD RGB (HKLM-x32\...\{07236f40-ec25-4646-8cb6-b6aaf1597324}) (Version: 1.1.0.1 - Patriot Memory) Hidden Realtek Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.9257.1 - Realtek Semiconductor Corp.) Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 11.7.0318.2022 - Realtek) REDlauncher (HKU\S-1-5-21-1767245834-3219494416-4251626064-1001\...\{7258BA11-600C-430E-A759-27E2C691A335}-REDlauncher_is1) (Version: - GOG.com) Rejestracja drukarki (HKLM-x32\...\Canon EISRegistration) (Version: 1.9.0 - Canon Inc.) RGB Fusion (HKLM-x32\...\{FFA8F1FA-3C2C-4A94-AC0B-0DF47272C25F}) (Version: 3.22.0414.1 - Gigabyte) Rockstar Games Launcher (HKLM-x32\...\Rockstar Games Launcher) (Version: 1.0.57.785 - Rockstar Games) Rockstar Games Social Club (HKLM-x32\...\Rockstar Games Social Club) (Version: 2.1.3.2 - Rockstar Games) Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation) Środowisko uruchomieniowe Microsoft Edge WebView2 (HKLM-x32\...\Microsoft EdgeWebView) (Version: 109.0.1518.61 - Microsoft Corporation) Teams Machine-Wide Installer (HKLM-x32\...\{731F6BAA-A986-45A4-8936-7C3AAAAA760B}) (Version: 1.4.0.19572 - Microsoft Corporation) TP-Link UB500 Bluetooth Driver (HKLM-x32\...\{9D3D8C60-A5EF-4123-B2B9-172095903AB}) (Version: 1015.1016.1016.210427 - TP-LINK TECHNOLOGIES CO., LTD.) Warcraft Logs Companion (HKU\S-1-5-21-1767245834-3219494416-4251626064-1001\...\Overwolf_ecboebafnpgnolnpgppohegbpjbhffiahodgijdp) (Version: 2.2.8 - Overwolf app) World of Warcraft (HKLM-x32\...\World of Warcraft) (Version: - Blizzard Entertainment) World of Warcraft Public Test (HKLM-x32\...\World of Warcraft Public Test) (Version: - Blizzard Entertainment) Wrath of the Lich King Classic (HKLM-x32\...\Wrath of the Lich King Classic) (Version: - Blizzard Entertainment) Packages: ========= Canon Inkjet Print Utility -> C:\Program Files\WindowsApps\34791E63.CanonInkjetPrintUtility_3.1.0.0_neutral__6e5tt8cgb93ep [2022-07-15] (Canon Inc.) Instagram -> C:\Program Files\WindowsApps\Facebook.InstagramBeta_42.0.19.0_neutral__8xx8rvfyw5nnt [2023-01-13] (Instagram) ms-resource://MicrosoftCorporationII.QuickAssist/resources/APP_WINDOW_NAME -> C:\Program Files\WindowsApps\MicrosoftCorporationII.QuickAssist_2.0.15.0_x64__8wekyb3d8bbwe [2023-01-22] (Microsoft Corp.) ms-resource:AppStoreName -> C:\Program Files\WindowsApps\Microsoft.RawImageExtension_2.1.40041.0_x64__8wekyb3d8bbwe [2023-01-19] (Microsoft Corporation) ms-resource:AppxManifest_DisplayName -> C:\Windows\SystemApps\Microsoft.Windows.PrintQueueActionCenter_cw5n1h2txyewy [2022-11-27] (Microsoft Corporation) ms-resource:System_Item_Title_IntelGraphicsControlPanel -> C:\Program Files\WindowsApps\AppUp.IntelGraphicsExperience_1.100.4478.0_x64__8j3eq9eme6ctt [2023-01-16] (INTEL CORP) [Startup Task] NVIDIA Control Panel -> C:\Program Files\WindowsApps\NVIDIACorp.NVIDIAControlPanel_8.1.963.0_x64__56jybvy8sckqj [2022-11-27] (NVIDIA Corp.) Realtek Audio Control -> C:\Program Files\WindowsApps\RealtekSemiconductorCorp.RealtekAudioControl_1.30.258.0_x64__dt26b99r8h8gj [2022-11-27] (Realtek Semiconductor Corp) Solitaire & Casual Games -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.15.12020.0_x64__8wekyb3d8bbwe [2022-12-09] (Microsoft Studios) [MS Ad] Spotify Music -> C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.200.1165.0_x86__zpdnekdrzrea0 [2022-12-10] (Spotify AB) [Startup Task] Windows Feature Experience Pack -> C:\Windows\SystemApps\MicrosoftWindows.Client.Core_cw5n1h2txyewy [2023-01-13] (Microsoft Windows) ==================== Niestandardowe rejestracje CLSID (filtrowane): ============== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) CustomCLSID: HKU\S-1-5-21-1767245834-3219494416-4251626064-1001_Classes\CLSID\{19A6E644-14E6-4A60-B8D7-DD20610A871D}\InprocServer32 -> C:\Users\demyt\AppData\Local\Microsoft\TeamsMeetingAddin\1.0.21105.1\x64\Microsoft.Teams.AddinLoader.dll (Microsoft Corporation -> Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-1767245834-3219494416-4251626064-1001_Classes\CLSID\{D3E34B21-9D75-101A-8C3D-00AA001A1652}\localserver32 -> C:\Program Files\WindowsApps\Microsoft.Paint_11.2210.4.0_x64__8wekyb3d8bbwe\PaintApp\mspaint.exe () [Brak podpisu cyfrowego] ShellIconOverlayIdentifiers: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Program Files\Microsoft OneDrive\22.253.1204.0001\FileSyncShell64.dll [2023-01-18] (Microsoft Corporation -> Microsoft Corporation) ShellIconOverlayIdentifiers: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => C:\Program Files\Microsoft OneDrive\22.253.1204.0001\FileSyncShell64.dll [2023-01-18] (Microsoft Corporation -> Microsoft Corporation) ShellIconOverlayIdentifiers: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => C:\Program Files\Microsoft OneDrive\22.253.1204.0001\FileSyncShell64.dll [2023-01-18] (Microsoft Corporation -> Microsoft Corporation) ShellIconOverlayIdentifiers: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Program Files\Microsoft OneDrive\22.253.1204.0001\FileSyncShell64.dll [2023-01-18] (Microsoft Corporation -> Microsoft Corporation) ShellIconOverlayIdentifiers: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Program Files\Microsoft OneDrive\22.253.1204.0001\FileSyncShell64.dll [2023-01-18] (Microsoft Corporation -> Microsoft Corporation) ShellIconOverlayIdentifiers: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => C:\Program Files\Microsoft OneDrive\22.253.1204.0001\FileSyncShell64.dll [2023-01-18] (Microsoft Corporation -> Microsoft Corporation) ShellIconOverlayIdentifiers: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => C:\Program Files\Microsoft OneDrive\22.253.1204.0001\FileSyncShell64.dll [2023-01-18] (Microsoft Corporation -> Microsoft Corporation) ShellIconOverlayIdentifiers-x32: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Program Files\Microsoft OneDrive\22.253.1204.0001\FileSyncShell64.dll [2023-01-18] (Microsoft Corporation -> Microsoft Corporation) ShellIconOverlayIdentifiers-x32: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => C:\Program Files\Microsoft OneDrive\22.253.1204.0001\FileSyncShell64.dll [2023-01-18] (Microsoft Corporation -> Microsoft Corporation) ShellIconOverlayIdentifiers-x32: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => C:\Program Files\Microsoft OneDrive\22.253.1204.0001\FileSyncShell64.dll [2023-01-18] (Microsoft Corporation -> Microsoft Corporation) ShellIconOverlayIdentifiers-x32: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Program Files\Microsoft OneDrive\22.253.1204.0001\FileSyncShell64.dll [2023-01-18] (Microsoft Corporation -> Microsoft Corporation) ShellIconOverlayIdentifiers-x32: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Program Files\Microsoft OneDrive\22.253.1204.0001\FileSyncShell64.dll [2023-01-18] (Microsoft Corporation -> Microsoft Corporation) ShellIconOverlayIdentifiers-x32: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => C:\Program Files\Microsoft OneDrive\22.253.1204.0001\FileSyncShell64.dll [2023-01-18] (Microsoft Corporation -> Microsoft Corporation) ShellIconOverlayIdentifiers-x32: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => C:\Program Files\Microsoft OneDrive\22.253.1204.0001\FileSyncShell64.dll [2023-01-18] (Microsoft Corporation -> Microsoft Corporation) ContextMenuHandlers1: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files\Microsoft OneDrive\22.253.1204.0001\FileSyncShell64.dll [2023-01-18] (Microsoft Corporation -> Microsoft Corporation) ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2021-12-26] (Igor Pavlov) [Brak podpisu cyfrowego] ContextMenuHandlers4: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files\Microsoft OneDrive\22.253.1204.0001\FileSyncShell64.dll [2023-01-18] (Microsoft Corporation -> Microsoft Corporation) ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2021-12-26] (Igor Pavlov) [Brak podpisu cyfrowego] ContextMenuHandlers5: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files\Microsoft OneDrive\22.253.1204.0001\FileSyncShell64.dll [2023-01-18] (Microsoft Corporation -> Microsoft Corporation) ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_009debfbd2e1619b\nvshext.dll [2022-11-15] (Nvidia Corporation -> NVIDIA Corporation) ContextMenuHandlers6: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2021-12-26] (Igor Pavlov) [Brak podpisu cyfrowego] ==================== Codecs (filtrowane) ==================== ==================== Skróty & WMI ======================== ==================== Załadowane moduły (filtrowane) ============= 2022-10-25 18:25 - 2022-10-25 18:25 - 001868800 _____ () [Brak podpisu cyfrowego] C:\Program Files (x86)\Gigabyte\AppCenter\BDR_info.dll 2022-08-24 11:45 - 2022-08-24 11:45 - 000242176 _____ (GIGA-BYTE TECHNOLOGY CO., LTD.) [Brak podpisu cyfrowego] C:\Program Files (x86)\Gigabyte\AppCenter\yccV3.dll 2022-04-27 18:44 - 2021-12-26 15:00 - 000093696 _____ (Igor Pavlov) [Brak podpisu cyfrowego] C:\Program Files\7-Zip\7-zip.dll 2015-10-14 01:15 - 2015-10-14 01:15 - 002042368 _____ (TODO: ) [Brak podpisu cyfrowego] C:\Program Files (x86)\Gigabyte\AppCenter\osvi.dll ==================== Alternate Data Streams (filtrowane) ======== ==================== Tryb awaryjny (filtrowane) ================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Wartość "AlternateShell" zostanie przywrócona.) HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HidSpiCx.sys => ""="Driver" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TextInputManagementService => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{5099944A-F6B9-4057-A056-8C550228544C} => ""="Memory" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{5099944A-F6B9-4057-A056-8C550228544C} => "SafeBootDrivers"="1" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\HidSpiCx.sys => ""="Driver" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TextInputManagementService => ""="Service" ==================== Powiązania plików (filtrowane) ================= ==================== Internet Explorer (filtrowane) ========== BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\Office16\OCHelper.dll [2023-01-23] (Microsoft Corporation -> Microsoft Corporation) BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2023-01-23] (Microsoft Corporation -> Microsoft Corporation) Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2023-01-23] (Microsoft Corporation -> Microsoft Corporation) Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2023-01-23] (Microsoft Corporation -> Microsoft Corporation) Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2023-01-23] (Microsoft Corporation -> Microsoft Corporation) Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2023-01-23] (Microsoft Corporation -> Microsoft Corporation) Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2023-01-23] (Microsoft Corporation -> Microsoft Corporation) Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2023-01-23] (Microsoft Corporation -> Microsoft Corporation) Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2023-01-23] (Microsoft Corporation -> Microsoft Corporation) Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2023-01-23] (Microsoft Corporation -> Microsoft Corporation) ==================== Hosts - zawartość: ========================= (Użycie dyrektywy Hosts: w fixlist spowoduje reset pliku Hosts.) 2021-06-05 13:08 - 2021-06-05 13:08 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts ==================== Inne obszary =========================== (Obecnie brak automatycznej naprawy dla tej sekcji.) HKU\S-1-5-21-1767245834-3219494416-4251626064-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\demyt\AppData\Local\Packages\Microsoft.Windows.Photos_8wekyb3d8bbwe\LocalState\PhotosAppBackground\tapeta_wow.jpg DNS Servers: 89.228.4.126 - 31.11.173.2 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1) HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: ) Zapora systemu Windows [funkcja włączona] ==================== MSCONFIG/TASK MANAGER - Wyłączone elementy == (Załączenie wejścia w fixlist spowoduje jego usunięcie.) HKU\S-1-5-21-1767245834-3219494416-4251626064-1001\...\StartupApproved\Run: => "OneDrive" HKU\S-1-5-21-1767245834-3219494416-4251626064-1001\...\StartupApproved\Run: => "Overwolf" HKU\S-1-5-21-1767245834-3219494416-4251626064-1001\...\StartupApproved\Run: => "Steam" HKU\S-1-5-21-1767245834-3219494416-4251626064-1001\...\StartupApproved\Run: => "com.squirrel.Teams.Teams" HKU\S-1-5-21-1767245834-3219494416-4251626064-1001\...\StartupApproved\Run: => "utweb" HKU\S-1-5-21-1767245834-3219494416-4251626064-1001\...\StartupApproved\Run: => "Opera Browser Assistant" ==================== Reguły Zapory systemu Windows (filtrowane) ================ (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) FirewallRules: [{724A7DA7-7AC0-425A-8316-3476ABBFC127}] => (Allow) C:\Program Files (x86)\GIGABYTE\AppCenter\gcupd.exe (GIGA-BYTE TECHNOLOGY CO., LTD. -> ) FirewallRules: [{0E90DA3B-9DFA-4B01-9B21-CCF6401A2D8E}] => (Allow) C:\Program Files (x86)\GIGABYTE\AppCenter\ApCent.exe (GIGA-BYTE TECHNOLOGY CO., LTD. -> ) FirewallRules: [{5782723F-7A17-4A6B-B898-0218121DD63A}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (Nvidia Corporation -> NVIDIA Corporation) FirewallRules: [{236F1BB0-2757-4B44-A3A3-155F32C0C778}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (Nvidia Corporation -> NVIDIA Corporation) FirewallRules: [{045BD917-12F8-4B1D-9CC4-7F2960CD7A4E}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (Nvidia Corporation -> NVIDIA Corporation) FirewallRules: [{C075D678-3393-4271-BB3F-20EF28635FA7}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (Nvidia Corporation -> NVIDIA Corporation) FirewallRules: [UDP Query User{8E14A50F-B9C1-440F-AF5A-0749FBADC6B2}C:\gry\steam\steamapps\common\pubg\tslgame\binaries\win64\tslgame.exe] => (Allow) C:\gry\steam\steamapps\common\pubg\tslgame\binaries\win64\tslgame.exe (PUBG CORPORATION -> Bluehole GinnoGames, Inc.) FirewallRules: [TCP Query User{2A3BC8FC-D480-4EB0-BAF6-54ABD2698C75}C:\gry\steam\steamapps\common\pubg\tslgame\binaries\win64\tslgame.exe] => (Allow) C:\gry\steam\steamapps\common\pubg\tslgame\binaries\win64\tslgame.exe (PUBG CORPORATION -> Bluehole GinnoGames, Inc.) FirewallRules: [{E03B6508-123C-4519-A8DC-79ADED5393D2}] => (Allow) C:\Gry\Steam\steamapps\common\Apex Legends\EasyAntiCheat_launcher.exe (EasyAntiCheat Oy -> EasyAntiCheat Ltd) FirewallRules: [{6A42A642-2071-405B-865F-C7C5ECC8049B}] => (Allow) C:\Gry\Steam\steamapps\common\Apex Legends\EasyAntiCheat_launcher.exe (EasyAntiCheat Oy -> EasyAntiCheat Ltd) FirewallRules: [UDP Query User{A9B75C2F-BB8B-4A10-A5FD-6D628182DBBB}C:\gry\steam\steamapps\common\super people\bravohotelgame\binaries\win64\bravohotelclient-win64-shipping.protected.exe] => (Allow) C:\gry\steam\steamapps\common\super people\bravohotelgame\binaries\win64\bravohotelclient-win64-shipping.protected.exe (Wonder People Co., Ltd. -> Wonder People Co.,Ltd) FirewallRules: [TCP Query User{368BF4AD-A9ED-4E1A-A594-AE5796773A56}C:\gry\steam\steamapps\common\super people\bravohotelgame\binaries\win64\bravohotelclient-win64-shipping.protected.exe] => (Allow) C:\gry\steam\steamapps\common\super people\bravohotelgame\binaries\win64\bravohotelclient-win64-shipping.protected.exe (Wonder People Co., Ltd. -> Wonder People Co.,Ltd) FirewallRules: [{22D6E600-64BE-4D84-AA42-109452D06554}] => (Allow) C:\Gry\Steam\steamapps\common\SUPER PEOPLE\geegeerun.exe (Wonder People Co., Ltd. -> Wonder People Co.,Ltd.) FirewallRules: [{F14BFB60-FC3A-4932-ABE4-88DA6EA8F49B}] => (Allow) C:\Gry\Steam\steamapps\common\SUPER PEOPLE\geegeerun.exe (Wonder People Co., Ltd. -> Wonder People Co.,Ltd.) FirewallRules: [{6AB0719E-6BEE-4883-A9DB-98B391DB9E3E}] => (Allow) C:\Gry\Steam\steamapps\common\PUBG\TslGame\Binaries\Win64\ExecPubg.exe (PUBG CORPORATION -> KRAFTON, Inc.) FirewallRules: [{9FE7D937-7A4E-479B-81F5-72AD9E3B0767}] => (Allow) C:\Gry\Steam\steamapps\common\PUBG\TslGame\Binaries\Win64\ExecPubg.exe (PUBG CORPORATION -> KRAFTON, Inc.) FirewallRules: [{898738AE-51CC-4DEE-8FF9-EBA12CE16C6C}] => (Allow) C:\Program Files (x86)\GIGABYTE\AppCenter\gcupd.exe (GIGA-BYTE TECHNOLOGY CO., LTD. -> ) FirewallRules: [{9224CB06-E64D-4E65-A8D4-A9392367EA16}] => (Allow) C:\Program Files (x86)\GIGABYTE\AppCenter\ApCent.exe (GIGA-BYTE TECHNOLOGY CO., LTD. -> ) FirewallRules: [{F94037BD-E7B2-4EB3-98D0-1B3689995437}] => (Allow) C:\Program Files (x86)\GIGABYTE\AppCenter\gcupd.exe (GIGA-BYTE TECHNOLOGY CO., LTD. -> ) FirewallRules: [{E9489C0C-038D-45AD-BC46-61EC307DC098}] => (Allow) C:\Program Files (x86)\GIGABYTE\AppCenter\ApCent.exe (GIGA-BYTE TECHNOLOGY CO., LTD. -> ) FirewallRules: [{5CFF4AE8-364B-46A2-9F2A-3E0486C785EF}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.) FirewallRules: [{1C54D613-5233-4516-A7EA-1634346319AC}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.) FirewallRules: [{37D0B0BF-1ED2-4DE6-B55C-314026207B2A}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.) FirewallRules: [{EEF41B0D-AD3D-4B98-B460-EEE38E25CF5C}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.) FirewallRules: [UDP Query User{C069032D-FD18-46EF-BF9B-D35233E8E3D6}C:\gry\call of duty\_beta_\cod.exe] => (Allow) C:\gry\call of duty\_beta_\cod.exe => Brak pliku FirewallRules: [TCP Query User{0336D61C-1434-4A0D-B466-D4B2A8620D4D}C:\gry\call of duty\_beta_\cod.exe] => (Allow) C:\gry\call of duty\_beta_\cod.exe => Brak pliku FirewallRules: [{8CC48707-9A64-427B-B555-08C2176680CD}] => (Allow) C:\Program Files (x86)\GIGABYTE\AppCenter\gcupd.exe (GIGA-BYTE TECHNOLOGY CO., LTD. -> ) FirewallRules: [{2E6CE1BD-D5E4-4DA5-8D3C-DC54260EEB95}] => (Allow) C:\Program Files (x86)\GIGABYTE\AppCenter\ApCent.exe (GIGA-BYTE TECHNOLOGY CO., LTD. -> ) FirewallRules: [{6BF0A111-002F-4CD0-A31D-82D97FC967A1}] => (Allow) C:\Program Files (x86)\GIGABYTE\AppCenter\gcupd.exe (GIGA-BYTE TECHNOLOGY CO., LTD. -> ) FirewallRules: [{7E496422-5A40-419E-85F0-932DF595EF56}] => (Allow) C:\Program Files (x86)\GIGABYTE\AppCenter\ApCent.exe (GIGA-BYTE TECHNOLOGY CO., LTD. -> ) FirewallRules: [{3A18568E-CFE8-4FC0-BB6A-785578A757FB}] => (Allow) C:\Program Files (x86)\GIGABYTE\AppCenter\gcupd.exe (GIGA-BYTE TECHNOLOGY CO., LTD. -> ) FirewallRules: [{F42B3DAB-E9B2-4D39-B62C-A1DBD7E1DF00}] => (Allow) C:\Program Files (x86)\GIGABYTE\AppCenter\ApCent.exe (GIGA-BYTE TECHNOLOGY CO., LTD. -> ) FirewallRules: [{030CFA02-E70C-442F-96AB-C1D766A72A74}] => (Allow) C:\Gry\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe (Valve Corp. -> ) FirewallRules: [{58FA14F4-2136-4800-8B03-D52A283AFB01}] => (Allow) C:\Gry\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe (Valve Corp. -> ) FirewallRules: [UDP Query User{69845CD2-68BC-4632-816B-69C0971F94A5}C:\gry\world of warcraft\_retail_\utils\wowvoiceproxy.exe] => (Allow) C:\gry\world of warcraft\_retail_\utils\wowvoiceproxy.exe (Blizzard Entertainment, Inc. -> Blizzard Entertainment) FirewallRules: [TCP Query User{65332330-EF5D-4F28-B7D1-6BCCFF757E2F}C:\gry\world of warcraft\_retail_\utils\wowvoiceproxy.exe] => (Allow) C:\gry\world of warcraft\_retail_\utils\wowvoiceproxy.exe (Blizzard Entertainment, Inc. -> Blizzard Entertainment) FirewallRules: [{351F2E68-27DB-435D-8540-9AA560E0946C}] => (Allow) C:\Program Files (x86)\GIGABYTE\AppCenter\gcupd.exe (GIGA-BYTE TECHNOLOGY CO., LTD. -> ) FirewallRules: [{535AD9EB-0455-4DED-933B-268387876FEC}] => (Allow) C:\Program Files (x86)\GIGABYTE\AppCenter\ApCent.exe (GIGA-BYTE TECHNOLOGY CO., LTD. -> ) FirewallRules: [UDP Query User{60EE2D46-70E2-467D-B435-822AF97B5776}C:\gry\steam\steamapps\common\red dead redemption 2\rdr2.exe] => (Allow) C:\gry\steam\steamapps\common\red dead redemption 2\rdr2.exe (Rockstar Games, Inc. -> Rockstar Games) FirewallRules: [TCP Query User{158EFD31-61B9-469E-A224-10DB4998FCB5}C:\gry\steam\steamapps\common\red dead redemption 2\rdr2.exe] => (Allow) C:\gry\steam\steamapps\common\red dead redemption 2\rdr2.exe (Rockstar Games, Inc. -> Rockstar Games) FirewallRules: [{CB39BD3E-45B7-4E54-A0F7-267989F21200}] => (Allow) C:\Program Files (x86)\GIGABYTE\AppCenter\gcupd.exe (GIGA-BYTE TECHNOLOGY CO., LTD. -> ) FirewallRules: [{08AD64AA-34DC-42A7-8C50-A0CF04514804}] => (Allow) C:\Program Files (x86)\GIGABYTE\AppCenter\ApCent.exe (GIGA-BYTE TECHNOLOGY CO., LTD. -> ) FirewallRules: [UDP Query User{2EEC82D3-7322-445A-9D4D-08A01CAF6DB1}C:\gry\steam\steamapps\common\cyberpunk 2077\bin\x64\cyberpunk2077.exe] => (Allow) C:\gry\steam\steamapps\common\cyberpunk 2077\bin\x64\cyberpunk2077.exe (CD PROJEKT SPÓŁKA AKCYJNA -> CD PROJEKT S.A.) FirewallRules: [TCP Query User{1048C34D-C87F-4AE3-9FAF-540998683AA7}C:\gry\steam\steamapps\common\cyberpunk 2077\bin\x64\cyberpunk2077.exe] => (Allow) C:\gry\steam\steamapps\common\cyberpunk 2077\bin\x64\cyberpunk2077.exe (CD PROJEKT SPÓŁKA AKCYJNA -> CD PROJEKT S.A.) FirewallRules: [{09376C2F-BFE7-4D09-8A38-121DBC4561D6}] => (Allow) C:\Gry\Steam\steamapps\common\Red Dead Redemption 2\PlayRDR2.exe (Rockstar Games, Inc. -> Rockstar Games) FirewallRules: [{CB0CC92F-FCEC-4FC0-B748-21F2159E9B1C}] => (Allow) C:\Gry\Steam\steamapps\common\Red Dead Redemption 2\PlayRDR2.exe (Rockstar Games, Inc. -> Rockstar Games) FirewallRules: [{D7DB3398-3CF8-4D23-8862-D164E47722CA}] => (Allow) C:\Gry\Steam\steamapps\common\Cyberpunk 2077\REDprelauncher.exe (GOG Sp. z o.o. -> GOG.com) FirewallRules: [{A73303FE-7DB1-4804-8D33-290E393CDE27}] => (Allow) C:\Gry\Steam\steamapps\common\Cyberpunk 2077\REDprelauncher.exe (GOG Sp. z o.o. -> GOG.com) FirewallRules: [{FA800CA6-DB45-4A49-8BF7-C61149D84B4C}] => (Allow) C:\Gry\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corp. -> Valve Corporation) FirewallRules: [{9CBECBA8-7C26-4FA7-9B73-5856929812B0}] => (Allow) C:\Gry\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corp. -> Valve Corporation) FirewallRules: [{9592AF96-7805-4F1B-B05F-5F6A0E5B1598}] => (Allow) C:\Gry\Steam\Steam.exe (Valve Corp. -> Valve Corporation) FirewallRules: [{7744F88D-3180-4AF1-9AC7-128D0C3D8D06}] => (Allow) C:\Gry\Steam\Steam.exe (Valve Corp. -> Valve Corporation) FirewallRules: [{89428DF1-17BA-4553-ACAB-16B9F1CB6C2F}] => (Block) C:\program files\lghub\lghub_agent.exe => Brak pliku FirewallRules: [{AD9FF798-CC3F-48B0-AFB7-7BE6C9C0D950}] => (Block) C:\program files\lghub\lghub_agent.exe => Brak pliku FirewallRules: [UDP Query User{8E14EA09-9949-4C7D-A142-27000B144B35}C:\program files\lghub\lghub_agent.exe] => (Allow) C:\program files\lghub\lghub_agent.exe => Brak pliku FirewallRules: [TCP Query User{4B949E4C-3BE2-44C8-89B8-4CABFC66F579}C:\program files\lghub\lghub_agent.exe] => (Allow) C:\program files\lghub\lghub_agent.exe => Brak pliku FirewallRules: [{FB4B0B48-7845-44A1-A7EE-75C1B0CE2613}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (Nvidia Corporation -> NVIDIA Corporation) FirewallRules: [{DF65942B-6556-47E8-B17A-A5109AB2082D}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (Nvidia Corporation -> NVIDIA Corporation) FirewallRules: [{9F28B8F2-36CE-436C-A075-AEEE5E0B5CC1}] => (Allow) C:\Program Files (x86)\GIGABYTE\AppCenter\gcupd.exe (GIGA-BYTE TECHNOLOGY CO., LTD. -> ) FirewallRules: [{251EDE3B-9802-468E-9647-5C5F082FB3F2}] => (Allow) C:\Program Files (x86)\GIGABYTE\AppCenter\ApCent.exe (GIGA-BYTE TECHNOLOGY CO., LTD. -> ) FirewallRules: [{46314CD9-8E61-4F40-933D-9D14B526DDC3}] => (Allow) C:\Program Files\WindowsApps\MicrosoftTeams_22042.702.1226.2352_x64__8wekyb3d8bbwe\msteams.exe => Brak pliku FirewallRules: [{CC837BB7-D475-4A27-88A9-1CAAF37A3EC6}] => (Allow) C:\Program Files\WindowsApps\MicrosoftTeams_22042.702.1226.2352_x64__8wekyb3d8bbwe\msteams.exe => Brak pliku FirewallRules: [{7E00CB63-EF97-44E0-A429-79B2C30B135C}] => (Allow) C:\Program Files\WindowsApps\MicrosoftTeams_22287.702.1670.9453_x64__8wekyb3d8bbwe\msteams.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [{8EBE2C9A-6787-4808-A301-A4B26E7B3A97}] => (Allow) C:\Program Files\WindowsApps\MicrosoftTeams_22287.702.1670.9453_x64__8wekyb3d8bbwe\msteams.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [TCP Query User{B96135A2-2F64-41FD-994F-19848BC5F8EE}C:\gry\call of duty\_retail_\cod.exe] => (Allow) C:\gry\call of duty\_retail_\cod.exe (Activision Publishing Inc -> Activision) FirewallRules: [UDP Query User{68640833-167A-4B0E-AAC4-80F08C37CD82}C:\gry\call of duty\_retail_\cod.exe] => (Allow) C:\gry\call of duty\_retail_\cod.exe (Activision Publishing Inc -> Activision) FirewallRules: [{48948C80-9070-4615-851C-3520AB4A44B6}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.200.1165.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd) FirewallRules: [{A0E4E41C-DCA1-4BFB-9F02-628153DC4502}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.200.1165.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd) FirewallRules: [{B88623AB-96AB-4932-B818-10F1FF42CC6C}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.200.1165.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd) FirewallRules: [{923493B0-48C7-47E7-8460-7C5DFF65768D}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.200.1165.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd) FirewallRules: [{7BB9DA6B-ADC4-4681-8680-3794F45108CD}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.200.1165.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd) FirewallRules: [{01AA6BAA-5E2F-454E-B747-29ED67257F6D}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.200.1165.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd) FirewallRules: [{B8073AAB-2BA7-4FCB-ABE7-EE386E51B43D}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.200.1165.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd) FirewallRules: [{2562F212-6274-4AAA-A272-6DDE7BE6F0FF}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.200.1165.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd) FirewallRules: [TCP Query User{0552AEE8-EF35-4868-96A8-421FB0728212}C:\users\demyt\appdata\local\programs\opera\opera.exe] => (Allow) C:\users\demyt\appdata\local\programs\opera\opera.exe => Brak pliku FirewallRules: [UDP Query User{9E50DCCB-2D09-4C95-8B49-8DC4FA9245AD}C:\users\demyt\appdata\local\programs\opera\opera.exe] => (Allow) C:\users\demyt\appdata\local\programs\opera\opera.exe => Brak pliku FirewallRules: [{F8116278-9262-4D1F-8F96-D95C8F473246}] => (Allow) C:\Program Files (x86)\Overwolf\0.215.0.15\OverwolfBrowser.exe => Brak pliku FirewallRules: [{565C9D2F-B66E-4F8A-B156-C790421B993C}] => (Allow) C:\Program Files (x86)\Overwolf\0.215.0.15\OverwolfBrowser.exe => Brak pliku FirewallRules: [{EBFE3845-82AA-4030-9A98-02FC24997DCF}] => (Block) C:\Program Files (x86)\Overwolf\0.215.0.15\OverwolfBrowser.exe => Brak pliku FirewallRules: [{F1CDBDC1-970F-40F5-A0CD-FD0F0507163D}] => (Block) C:\Program Files (x86)\Overwolf\0.215.0.15\OverwolfBrowser.exe => Brak pliku FirewallRules: [{F6A2680A-21F2-40DD-9177-484598982873}] => (Allow) C:\Program Files (x86)\Overwolf\0.216.0.26\OverwolfBrowser.exe (Overwolf Ltd -> Overwolf LTD) FirewallRules: [{1E6FDC7F-9ED0-46D9-86EF-E902921955A5}] => (Allow) C:\Program Files (x86)\Overwolf\0.216.0.26\OverwolfBrowser.exe (Overwolf Ltd -> Overwolf LTD) FirewallRules: [{67459971-93AA-4190-BE46-C7B8DE3FE2A0}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC) FirewallRules: [TCP Query User{DAC374BC-DEEC-4AF3-859E-6EBE54DDC644}C:\users\demyt\appdata\roamingproquota.exe] => (Block) C:\users\demyt\appdata\roamingproquota.exe (Microsoft Corporation) [Brak podpisu cyfrowego] FirewallRules: [UDP Query User{39B4555F-FEB5-44C0-ACC9-667A4109ABE7}C:\users\demyt\appdata\roamingproquota.exe] => (Block) C:\users\demyt\appdata\roamingproquota.exe (Microsoft Corporation) [Brak podpisu cyfrowego] FirewallRules: [{58D43EBC-0D77-46DD-9C63-021C5F5BEFEF}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.203.1115.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd) FirewallRules: [{6DB06628-665A-44BA-9034-159555A399C9}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.203.1115.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd) FirewallRules: [{83037D5E-83B7-4DB0-9C77-72116079CED5}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.203.1115.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd) FirewallRules: [{A60752AC-9019-4625-83E8-B123F95D1F37}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.203.1115.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd) FirewallRules: [{3C4BE884-8797-4279-8955-2930052ED68F}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.203.1115.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd) FirewallRules: [{F6ACE5FA-2B67-45E6-9C13-CA5DC51FE33B}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.203.1115.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd) FirewallRules: [{70F03676-9284-4EAB-AE4B-14FA72C52B8B}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.203.1115.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd) FirewallRules: [{592DBC11-4E4E-4EA9-8F62-0A5266DCE56A}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.203.1115.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd) FirewallRules: [{CF03A85B-AF8F-4691-AB91-D25CC2CBE88F}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\109.0.1518.61\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [{4B8863E8-70D8-447D-B532-C48FB781BDE3}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [{29F72D23-76CF-45E4-9FA0-3B158F1C2460}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [{3BF25A2D-B109-482E-A403-5862AE6E3090}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [{9B2053B6-CD92-4C49-A713-952C3ED06DE0}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [{9512F19B-2EF3-4B59-9546-7E03E3E6AE72}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation) ==================== Punkty Przywracania systemu ========================= 27-12-2022 18:08:42 Zainstalowane TP-Link UB500 Bluetooth Driver 07-01-2023 12:14:20 Zaplanowany punkt kontrolny 12-01-2023 23:18:33 Instalator modułów systemu Windows 19-01-2023 22:51:30 Installed KMS_VL_ALL_AIO ==================== Wadliwe urządzenia w Menedżerze urządzeń ============ ==================== Błędy w Dzienniku zdarzeń: ======================== Dziennik Aplikacja: ================== Error: (01/23/2023 10:15:37 PM) (Source: Application Error) (EventID: 1000) (User: DEMYT-PC) Description: Nazwa aplikacji powodującej błąd: cmd.exe, wersja: 10.0.22621.608, sygnatura czasowa: 0x43111367 Nazwa modułu powodującego błąd: unknown, wersja: 0.0.0.0, sygnatura czasowa: 0x00000000 Kod wyjątku: 0xc0000005 Przesunięcie błędu: 0x000002225fe345b0 Identyfikator procesu powodującego błąd: 0x0x844 Godzina uruchomienia aplikacji powodującej błąd: 0x0x1d92f6fd6b0934a Ścieżka aplikacji powodującej błąd: C:\WINDOWS\system32\cmd.exe Ścieżka modułu powodującego błąd: unknown Identyfikator raportu: d1a2418d-f939-4350-b09e-1fc935917fa5 Pełna nazwa pakietu powodującego błąd: Identyfikator aplikacji względem pakietu powodującego błąd: Error: (01/23/2023 09:47:59 PM) (Source: Application Error) (EventID: 1000) (User: ZARZĄDZANIE NT) Description: Nazwa aplikacji powodującej błąd: MicrosoftEdgeUpdate.exe, wersja: 1.3.143.57, sygnatura czasowa: 0x60848942 Nazwa modułu powodującego błąd: unknown, wersja: 0.0.0.0, sygnatura czasowa: 0x00000000 Kod wyjątku: 0xc00001a5 Przesunięcie błędu: 0x010b7320 Identyfikator procesu powodującego błąd: 0x0x1d78 Godzina uruchomienia aplikacji powodującej błąd: 0x0x1d92f6bfa8455ef Ścieżka aplikacji powodującej błąd: C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe Ścieżka modułu powodującego błąd: unknown Identyfikator raportu: 690f0789-9801-4a0f-92f7-f4361027c952 Pełna nazwa pakietu powodującego błąd: Identyfikator aplikacji względem pakietu powodującego błąd: Error: (01/23/2023 09:30:03 PM) (Source: Application Error) (EventID: 1000) (User: DEMYT-PC) Description: Nazwa aplikacji powodującej błąd: vjivsai, wersja: 4.8.9032.0, sygnatura czasowa: 0x6250a7ed Nazwa modułu powodującego błąd: unknown, wersja: 0.0.0.0, sygnatura czasowa: 0x00000000 Kod wyjątku: 0xc0000005 Przesunięcie błędu: 0x015b3960 Identyfikator procesu powodującego błąd: 0x0x168 Godzina uruchomienia aplikacji powodującej błąd: 0x0x1d92f6977dea7f0 Ścieżka aplikacji powodującej błąd: C:\Users\demyt\AppData\Roaming\vjivsai Ścieżka modułu powodującego błąd: unknown Identyfikator raportu: 965a5985-adff-44ab-9e75-1157ff794dc9 Pełna nazwa pakietu powodującego błąd: Identyfikator aplikacji względem pakietu powodującego błąd: Error: (01/23/2023 09:30:01 PM) (Source: Application Error) (EventID: 1000) (User: DEMYT-PC) Description: Nazwa aplikacji powodującej błąd: vjivsai, wersja: 4.8.9032.0, sygnatura czasowa: 0x6250a7ed Nazwa modułu powodującego błąd: unknown, wersja: 0.0.0.0, sygnatura czasowa: 0x00000000 Kod wyjątku: 0xc00001a5 Przesunięcie błędu: 0x015b7320 Identyfikator procesu powodującego błąd: 0x0x168 Godzina uruchomienia aplikacji powodującej błąd: 0x0x1d92f6977dea7f0 Ścieżka aplikacji powodującej błąd: C:\Users\demyt\AppData\Roaming\vjivsai Ścieżka modułu powodującego błąd: unknown Identyfikator raportu: bc1c4d60-a605-42df-bf31-c8594e33e45b Pełna nazwa pakietu powodującego błąd: Identyfikator aplikacji względem pakietu powodującego błąd: Error: (01/23/2023 09:00:06 PM) (Source: Application Error) (EventID: 1000) (User: ZARZĄDZANIE NT) Description: Nazwa aplikacji powodującej błąd: OfficeC2RClient.exe, wersja: 16.0.14332.20102, sygnatura czasowa: 0x6137d0c5 Nazwa modułu powodującego błąd: unknown, wersja: 0.0.0.0, sygnatura czasowa: 0x00000000 Kod wyjątku: 0xc0000005 Przesunięcie błędu: 0x000001a9b51a45b0 Identyfikator procesu powodującego błąd: 0x0xa44 Godzina uruchomienia aplikacji powodującej błąd: 0x0x1d92f6549abbfba Ścieżka aplikacji powodującej błąd: C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe Ścieżka modułu powodującego błąd: unknown Identyfikator raportu: 01c56eb7-7673-40f7-a4a4-96c7d8cd2fb5 Pełna nazwa pakietu powodującego błąd: Identyfikator aplikacji względem pakietu powodującego błąd: Error: (01/23/2023 08:54:34 PM) (Source: VSS) (EventID: 8193) (User: ) Description: Błąd Usługi kopiowania woluminów w tle: nieoczekiwany błąd podczas wywoływania procedury CoCreateInstance. hr = 0x8007045b, Trwa proces zamykania systemu. . Error: (01/23/2023 08:54:34 PM) (Source: VSS) (EventID: 13) (User: ) Description: Informacje Usługi kopiowania woluminów w tle: nie można uruchomić serwera usługi COM z identyfikatorem CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} i nazwą CEventSystem. [0x8007045b, Trwa proces zamykania systemu. ] Error: (01/23/2023 08:54:34 PM) (Source: VSS) (EventID: 8193) (User: ) Description: Błąd Usługi kopiowania woluminów w tle: nieoczekiwany błąd podczas wywoływania procedury CoCreateInstance. hr = 0x8007045b, Trwa proces zamykania systemu. . Dziennik System: ============= Error: (01/23/2023 08:54:56 PM) (Source: Application Popup) (EventID: 56) (User: ) Description: ACPI2 Error: (01/23/2023 08:53:30 PM) (Source: DCOM) (EventID: 10010) (User: DEMYT-PC) Description: Serwer {9F156763-7844-4DC4-B2B1-901F640F5155} nie zarejestrował się w modelu DCOM w wymaganym czasie. Error: (01/23/2023 08:53:14 PM) (Source: DCOM) (EventID: 10010) (User: DEMYT-PC) Description: Serwer {9F156763-7844-4DC4-B2B1-901F640F5155} nie zarejestrował się w modelu DCOM w wymaganym czasie. Error: (01/23/2023 08:50:38 PM) (Source: DCOM) (EventID: 10010) (User: DEMYT-PC) Description: Serwer {9F156763-7844-4DC4-B2B1-901F640F5155} nie zarejestrował się w modelu DCOM w wymaganym czasie. Error: (01/23/2023 08:42:33 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Nie można uruchomić usługi Microsoft Office Click-to-Run Service z powodu następującego błędu: Usługa nie odpowiada na sygnał uruchomienia lub sygnał sterujący w oczekiwanym czasie. Error: (01/23/2023 08:42:33 PM) (Source: Service Control Manager) (EventID: 7009) (User: ) Description: Upłynął limit czasu (30000 ms) podczas oczekiwania na połączenie się z usługą Microsoft Office Click-to-Run Service. Error: (01/23/2023 04:53:01 PM) (Source: Application Popup) (EventID: 56) (User: ) Description: ACPI2 Error: (01/22/2023 12:33:19 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: ZARZĄDZANIE NT) Description: Instalacja nie powiodła się: system Windows nie mógł zainstalować następującej aktualizacji, ponieważ wystąpił błąd 0x80073d02: 9NMPJ99VJBWV-Microsoft.YourPhone. Windows Defender: ================ Date: 2023-01-20 22:39:35 Description: Produkt Program antywirusowy Microsoft Defender wykrył złośliwe oprogramowanie lub inne potencjalnie niechciane oprogramowanie. Aby uzyskać więcej informacji, zobacz: https://go.microsoft.com/fwlink/?linkid=37020&name=VirTool:Win32/DefenderTamperingRestore&threatid=2147741622&enterprise=0 Nazwa: VirTool:Win32/DefenderTamperingRestore Identyfikator: 2147741622 Ważność: Poważny Kategoria: Narzędzie Ścieżka: regkeyvalue:_hklm\software\microsoft\windows defender\spynet\\DisableBlockAtFirstSeen Pochodzenie wykrycia: Nieznane Typ wykrycia: Konkretne Źródło wykrycia: System Użytkownik: ZARZĄDZANIE NT\SYSTEM Nazwa procesu: Unknown Wersja analizy zabezpieczeń: AV: 1.381.2475.0, AS: 1.381.2475.0, NIS: 1.381.2475.0 Wersja aparatu: AM: 1.1.19900.2, NIS: 1.1.19900.2 Date: 2023-01-20 14:28:02 Description: Produkt Program antywirusowy Microsoft Defender wykrył złośliwe oprogramowanie lub inne potencjalnie niechciane oprogramowanie. Aby uzyskać więcej informacji, zobacz: https://go.microsoft.com/fwlink/?linkid=37020&name=Trojan:Win32/Evotob.A!reg&threatid=2147696763&enterprise=0 Nazwa: Trojan:Win32/Evotob.A!reg Identyfikator: 2147696763 Ważność: Poważny Kategoria: Koń trojański Ścieżka: regkeyvalue:_HKLM\SOFTWARE\Microsoft\Windows Defender\Exclusions\Extensions\\.dll Pochodzenie wykrycia: Nieznane Typ wykrycia: Konkretne Źródło wykrycia: Użytkownik Użytkownik: demyt-pc\demyt Nazwa procesu: Unknown Wersja analizy zabezpieczeń: AV: 1.381.2461.0, AS: 1.381.2461.0, NIS: 1.381.2461.0 Wersja aparatu: AM: 1.1.19900.2, NIS: 1.1.19900.2 Date: 2023-01-20 14:28:02 Description: Produkt Program antywirusowy Microsoft Defender wykrył złośliwe oprogramowanie lub inne potencjalnie niechciane oprogramowanie. Aby uzyskać więcej informacji, zobacz: https://go.microsoft.com/fwlink/?linkid=37020&name=VirTool:Win32/DefenderTamperingRestore&threatid=2147741622&enterprise=0 Nazwa: VirTool:Win32/DefenderTamperingRestore Identyfikator: 2147741622 Ważność: Poważny Kategoria: Narzędzie Ścieżka: regkeyvalue:_hklm\software\microsoft\windows defender\spynet\\DisableBlockAtFirstSeen Pochodzenie wykrycia: Nieznane Typ wykrycia: Konkretne Źródło wykrycia: Użytkownik Użytkownik: demyt-pc\demyt Nazwa procesu: Unknown Wersja analizy zabezpieczeń: AV: 1.381.2461.0, AS: 1.381.2461.0, NIS: 1.381.2461.0 Wersja aparatu: AM: 1.1.19900.2, NIS: 1.1.19900.2 Date: 2023-01-19 22:56:59 Description: Produkt Program antywirusowy Microsoft Defender wykrył złośliwe oprogramowanie lub inne potencjalnie niechciane oprogramowanie. Aby uzyskać więcej informacji, zobacz: https://go.microsoft.com/fwlink/?linkid=37020&name=Trojan:MSIL/AveMariaRAT.A!MTB&threatid=2147838649&enterprise=0 Nazwa: Trojan:MSIL/AveMariaRAT.A!MTB Identyfikator: 2147838649 Ważność: Poważny Kategoria: Koń trojański Ścieżka: amsi:_\Device\HarddiskVolume3\Users\demyt\AppData\Roaming\WindowsServices\WindowsServices.exe Pochodzenie wykrycia: Nieznane Typ wykrycia: Konkretne Źródło wykrycia: AMSI Użytkownik: demyt-pc\demyt Nazwa procesu: C:\Users\demyt\AppData\Roaming\WindowsServices\WindowsServices.exe Wersja analizy zabezpieczeń: AV: 1.381.2428.0, AS: 1.381.2428.0, NIS: 1.381.2428.0 Wersja aparatu: AM: 1.1.19900.2, NIS: 1.1.19900.2 Date: 2023-01-19 22:47:07 Description: Produkt Program antywirusowy Microsoft Defender wykrył złośliwe oprogramowanie lub inne potencjalnie niechciane oprogramowanie. Aby uzyskać więcej informacji, zobacz: https://go.microsoft.com/fwlink/?linkid=37020&name=HackTool:Win32/AutoKMS&threatid=2147685180&enterprise=0 Nazwa: HackTool:Win32/AutoKMS Identyfikator: 2147685180 Ważność: Wysoki Kategoria: Narzędzie Ścieżka: file:_C:\Users\demyt\Downloads\Microsoft Office 2021 Pro Plus [16.0.14332.20238] [x64]\Activation\KMS_VL_ALL_AIO.exe Pochodzenie wykrycia: Komputer lokalny Typ wykrycia: FastPath Źródło wykrycia: Ochrona w czasie rzeczywistym Użytkownik: Nazwa procesu: Unknown Wersja analizy zabezpieczeń: AV: 1.381.2428.0, AS: 1.381.2428.0, NIS: 1.381.2428.0 Wersja aparatu: AM: 1.1.19900.2, NIS: 1.1.19900.2  CodeIntegrity: =============== Date: 2023-01-19 09:49:00 Description: Code Integrity determined that a process (\Device\HarddiskVolume3\ProgramData\Microsoft\Windows Defender\Platform\4.18.2211.5-0\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\OFFICE16\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements. ==================== Statystyki pamięci =========================== BIOS: American Megatrends International, LLC. F3 11/10/2021 Płyta główna: Gigabyte Technology Co., Ltd. B660M DS3H DDR4 Procesor: 12th Gen Intel(R) Core(TM) i5-12400 Procent pamięci w użyciu: 19% Całkowita pamięć fizyczna: 32541.93 MB Dostępna pamięć fizyczna: 26298.54 MB Całkowita pamięć wirtualna: 34589.93 MB Dostępna pamięć wirtualna: 26210.08 MB ==================== Dyski ================================ Drive c: () (Fixed) (Total:930.28 GB) (Free:375.45 GB) (Model: KIOXIA-EXCERIA SSD) NTFS \\?\Volume{160b625a-2343-4f06-87e8-04b1e0d72896}\ () (Fixed) (Total:0.61 GB) (Free:0.08 GB) NTFS \\?\Volume{e3a534aa-65a0-42d5-8064-a8868c12d0ae}\ () (Fixed) (Total:0.51 GB) (Free:0.08 GB) NTFS \\?\Volume{d2257025-8fcb-4fce-9e8e-63eb40658a4d}\ () (Fixed) (Total:0.09 GB) (Free:0.06 GB) FAT32 ==================== MBR & Tablica partycji ==================== ========================================================== Disk: 0 (Protective MBR) (Size: 931.5 GB) (Disk ID: 00000000) Partition: GPT. ==================== Koniec Addition.txt =======================