Rezultaty skanu uzupełniającego Farbar Recovery Scan Tool (x64) Wersja: 16.01.2024
Uruchomiony przez skill (18-01-2024 15:51:46)
Uruchomiony z C:\Users\skill\Downloads
Microsoft Windows 10 Pro Wersja 22H2 19045.3930 (X64) (2024-01-04 11:11:22)
Tryb startu: Normal
==========================================================


==================== Konta użytkowników: =============================


(Załączenie wejścia w fixlist spowoduje jego usunięcie.)

Administrator (S-1-5-21-2455803330-2812840290-1380293714-500 - Administrator - Disabled)
Gość (S-1-5-21-2455803330-2812840290-1380293714-501 - Limited - Disabled)
Konto domyślne (S-1-5-21-2455803330-2812840290-1380293714-503 - Limited - Disabled)
skill (S-1-5-21-2455803330-2812840290-1380293714-1001 - Administrator - Enabled) => C:\Users\skill
WDAGUtilityAccount (S-1-5-21-2455803330-2812840290-1380293714-504 - Limited - Disabled)

==================== Centrum zabezpieczeń ========================

(Załączenie wejścia w fixlist spowoduje jego usunięcie.)

AV: ESET Security (Enabled - Up to date) {DF8BEACB-94C9-218A-73AD-A78362A8C516}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: ESET Security (Enabled - Up to date) {26E0861C-6FB9-CEF9-E4F0-531986211ACE}
FW: ESET Zapora (Enabled) {E7B06BEE-DEA6-20D2-58F2-0EB69C7B826D}
FW: ESET Zapora (Enabled) {1EDB0739-25D6-CFA1-CFAF-FA2C78F25DB5}

==================== Zainstalowane programy ======================

(W fixlist dozwolone tylko załączanie programów adware z flagą "Hidden" w celu ich uwidocznienia. Programy adware powinny zostać w poprawny sposób odinstalowane.)

Asystent aktualizacji do systemu Windows 10 (HKLM-x32\...\{D5C69738-B486-402E-85AC-2456D98A64E4}) (Version: 1.4.19041.2183 - Microsoft Corporation)
Driver Booster 11 (HKLM-x32\...\Driver Booster_is1) (Version: 11.1.0 - IObit)
ELAN Touchpad 15.13.9.1_X64_WHQL (HKLM\...\Elantech) (Version: 15.13.9.1 - ELAN Microelectronic Corp.)
ESET Security (HKLM\...\{143DED2D-AF9F-4DEA-85E7-57AEB40E5C15}) (Version: 17.0.15.0 - ESET, spol. s r.o.)
ExitLag version 4.298.6 (HKLM-x32\...\{B3117F72-F22D-4DA7-B554-B3F4EDBB408F}_is1) (Version: 4.298.6 - ExitLag)
FASTCUP (HKU\S-1-5-21-2455803330-2812840290-1380293714-1001\...\bb84a88a-6444-5bfb-820c-093afc1448c8) (Version: 0.3.9 - Crystal Future OU)
GameGuard (HKLM-x32\...\{DB58A440-02BB-433B-AE99-D0B8AF31A839}) (Version: 1.0.0.0 -  GameGuard AntiCheat, OnMoon Company LLC)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 120.0.6099.224 - Google LLC)
HLTooLz (HKLM-x32\...\ST6UNST #1) (Version:  - )
Intel Driver && Support Assistant (HKLM-x32\...\{7D392FB7-64D5-4813-B7F7-8AA462D3968D}) (Version: 23.4.39.9 - Intel) Hidden
Intel(R) Computing Improvement Program (HKLM\...\{4DF8D37E-055A-49B8-9317-305ECD1B9D1F}) (Version: 2.4.10654 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.4358 - Intel Corporation)
Intel® Driver & Support Assistant (HKLM-x32\...\{b82e9573-04fb-4a9d-819f-6c358a1cf31a}) (Version: 23.4.39.9 - Intel)
Malwarebytes version 4.6.7.301 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 4.6.7.301 - Malwarebytes)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 120.0.2210.144 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-2455803330-2812840290-1380293714-1001\...\OneDriveSetup.exe) (Version: 23.246.1127.0002 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{1FC1A6C2-576E-489A-9B4A-92D21F542136}) (Version: 3.74.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.61030 (HKLM\...\{37B8F9C7-03FB-3253-8781-2517C99D7C00}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.61030 (HKLM\...\{CF2BEA3C-26EA-32F8-AA9B-331F7E34BA97}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61030 (HKLM-x32\...\{B175520C-86A2-35A7-8619-86DC379688B9}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61030 (HKLM-x32\...\{BD95A8CD-1D9F-35AD-981A-3E7925026EBB}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{7f51bdb9-ee21-49ee-94d6-90afc321780e}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40660 (HKLM-x32\...\{ef6b00ec-13e1-4c25-9064-b2f383cb8412}) (Version: 12.0.40660.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.40660 (HKLM-x32\...\{61087a79-ac85-455c-934d-1fa22cc64f36}) (Version: 12.0.40660.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 x64 Additional Runtime - 12.0.40660 (HKLM\...\{5740BD44-B58D-321A-AFC0-6D3D4556DD6C}) (Version: 12.0.40660 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.40660 (HKLM\...\{CB0836EC-B072-368D-82B2-D3470BF95707}) (Version: 12.0.40660 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.40660 (HKLM-x32\...\{7DAD0258-515C-3DD4-8964-BD714199E0F7}) (Version: 12.0.40660 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.40660 (HKLM-x32\...\{E30D8B21-D82D-3211-82CC-0F0A5D1495E8}) (Version: 12.0.40660 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2015-2022 Redistributable (x64) - 14.38.33130 (HKLM-x32\...\{1de5e707-82da-4db6-b810-5d140cc4cbb3}) (Version: 14.38.33130.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2022 Redistributable (x86) - 14.36.32532 (HKLM-x32\...\{410c0ee1-00bb-41b6-9772-e12c2828b02f}) (Version: 14.36.32532.0 - Microsoft Corporation)
Microsoft Visual C++ 2022 X64 Additional Runtime - 14.38.33130 (HKLM\...\{C31777DB-51C1-4B19-9F80-38EF5C1D7C89}) (Version: 14.38.33130 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X64 Minimum Runtime - 14.38.33130 (HKLM\...\{1CA7421F-A225-4A9C-B320-A36981A2B789}) (Version: 14.38.33130 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X86 Additional Runtime - 14.36.32532 (HKLM-x32\...\{C2C59CAB-8766-4ABD-A8EF-1151A36C41E5}) (Version: 14.36.32532 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X86 Minimum Runtime - 14.36.32532 (HKLM-x32\...\{73F77E4E-5A17-46E5-A5FC-8A061047725F}) (Version: 14.36.32532 - Microsoft Corporation) Hidden
Microsoft XNA Framework Redistributable 4.0 Refresh (HKLM-x32\...\{D69C8EDE-BBC5-436B-8E0E-C5A6D311CF4F}) (Version: 4.0.30901.0 - Microsoft Corporation)
NVIDIA Oprogramowanie systemu PhysX 9.21.0713 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.21.0713 - NVIDIA Corporation)
OpenAL (HKLM-x32\...\OpenAL) (Version:  - )
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.9239.1 - Realtek Semiconductor Corp.)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
SteelSeries Engine (HKLM\...\SteelSeries Engine) (Version: 2.9.2014.1 - SteelSeries)
Środowisko uruchomieniowe Microsoft Edge WebView2 (HKLM-x32\...\Microsoft EdgeWebView) (Version: 120.0.2210.133 - Microsoft Corporation)
TeamSpeak 3 Client (HKLM-x32\...\TeamSpeak 3 Client) (Version: 3.5.6 - TeamSpeak Systems GmbH)
TeamViewer (HKLM\...\TeamViewer) (Version: 15.49.2 - TeamViewer)
Update for Windows 10 for x64-based Systems (KB5001716) (HKLM\...\{7B63012A-4AC6-40C6-B6AF-B24A84359DD5}) (Version: 8.93.0.0 - Microsoft Corporation)
Vulkan Run Time Libraries 1.0.42.1 (HKLM\...\VulkanRT1.0.42.1) (Version: 1.0.42.1 - LunarG, Inc.)
WinRAR 6.24 (64-bitowy) (HKLM\...\WinRAR archiver) (Version: 6.24.0 - win.rar GmbH)

Packages:
=========
Spotify Music -> C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.226.1187.0_x64__zpdnekdrzrea0 [2024-01-04] (Spotify AB) [Startup Task]
WhatsApp -> C:\Program Files\WindowsApps\5319275A.WhatsAppDesktop_2.2349.2.0_x64__cv1g1gvanyjgm [2024-01-04] (WhatsApp Inc.) [Startup Task]

==================== Niestandardowe rejestracje CLSID (filtrowane): ==============

(Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.)

CustomCLSID: HKU\S-1-5-21-2455803330-2812840290-1380293714-1001_Classes\CLSID\{50726f74-6f6e-2e56-504e-000000000000}\localserver32 -> "E:\Program Files\Proton\VPN\v3.2.8\ProtonVPN.exe" -ToastActivated => Brak pliku
CustomCLSID: HKU\S-1-5-21-2455803330-2812840290-1380293714-1001_Classes\CLSID\{5EA43877-C6D8-4885-B77A-C0BB27E94372}\InprocServer32 -> C:\Users\skill\AppData\Local\Microsoft\EdgeUpdate\1.3.181.5\psuser_64.dll (Microsoft Corporation -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2455803330-2812840290-1380293714-1001_Classes\CLSID\{81093D63-7825-417B-BFC8-ADC63FA4E53D}\InprocServer32 -> C:\Users\skill\AppData\Local\Microsoft\EdgeUpdate\1.3.181.5\psuser_64.dll (Microsoft Corporation -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2455803330-2812840290-1380293714-1001_Classes\CLSID\{820D63D5-8CFF-46DE-86AF-4997DEDD6DB5}\localserver32 -> C:\WINDOWS\system32\igfxEM.exe (Intel(R) pGFX -> Intel Corporation)
CustomCLSID: HKU\S-1-5-21-2455803330-2812840290-1380293714-1001_Classes\CLSID\{E3D57E77-FE71-4D06-BD34-D48820074909}\InprocServer32 -> C:\Users\skill\AppData\Local\Microsoft\EdgeUpdate\1.3.181.5\psuser_64.dll (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers1: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Security\shellExt.dll [2024-01-17] (ESET, spol. s r.o. -> ESET)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => D:\Winrar\rarext.dll [2023-10-15] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => D:\Winrar\rarext32.dll [2023-10-15] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers2: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Security\shellExt.dll [2024-01-17] (ESET, spol. s r.o. -> ESET)
ContextMenuHandlers3: [Advanced SystemCare] -> {2803063F-4B8D-4dc6-8874-D1802487FE2D} =>  -> Brak pliku
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2023-11-27] (Malwarebytes Inc. -> Malwarebytes)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} =>  -> Brak pliku
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\system32\igfxDTCM.dll [2016-05-03] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\system32\nvshext.dll [2019-04-09] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Security\shellExt.dll [2024-01-17] (ESET, spol. s r.o. -> ESET)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2023-11-27] (Malwarebytes Inc. -> Malwarebytes)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => D:\Winrar\rarext.dll [2023-10-15] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => D:\Winrar\rarext32.dll [2023-10-15] (win.rar GmbH -> Alexander Roshal)

==================== Codecs (filtrowane) ====================

==================== Skróty & WMI ========================

==================== Załadowane moduły (filtrowane) =============

2024-01-17 21:54 - 2024-01-17 21:54 - 005855744 _____ (ESET, spol. s r.o. -> ESET) [Brak podpisu cyfrowego] C:\Program Files\ESET\ESET Security\Modules\em045_64\1087\em045_64.dll

==================== Alternate Data Streams (filtrowane) ========

(Załączenie wejścia w fixlist spowoduje usunięcie strumienia ADS.)

AlternateDataStreams: C:\Users\skill\Downloads\ExitLag (2).exe:MBAM.Zone.Identifier [628]

==================== Tryb awaryjny (filtrowane) ==================

==================== Powiązania plików (filtrowane) =================

==================== Internet Explorer (filtrowane) ==========


(Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru.)

IE trusted site: HKU\S-1-5-21-2455803330-2812840290-1380293714-1001\...\localhost -> localhost

==================== Hosts - zawartość: =========================

(Użycie dyrektywy Hosts: w fixlist spowoduje reset pliku Hosts.)

2019-12-07 10:14 - 2023-12-11 21:55 - 000001334 _____ C:\WINDOWS\system32\drivers\etc\hosts
0.0.0.0	analytics.ff.avast.com
0.0.0.0	analytics.ns1.ff.avast.com
0.0.0.0	v7event.stats.avcdn.net
0.0.0.0	v7.stats.avcdn.net
0.0.0.0	flow.lavasoft.com
0.0.0.0	telemetry.malwarebytes.com
0.0.0.0	ws.mcafee.com
0.0.0.0	analytics.ccs.mcafee.com
0.0.0.0	analyticsdcs.ccs.mcafee.com
0.0.0.0	carcharodon.trendmicro.com

==================== Inne obszary ===========================

(Obecnie brak automatycznej naprawy dla tej sekcji.)

HKU\S-1-5-21-2455803330-2812840290-1380293714-1001\Control Panel\Desktop\\Wallpaper -> C:\Windows\web\wallpaper\Windows\img0.jpg
DNS Servers: 192.168.0.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Zapora systemu Windows [funkcja włączona]

Network Binding:
=============
Ethernet: ExitLag LightWeight Filter -> nt_ndextlag (enabled) 
Wi-Fi: ExitLag LightWeight Filter -> nt_ndextlag (enabled) 

==================== MSCONFIG/TASK MANAGER - Wyłączone elementy ==

(Załączenie wejścia w fixlist spowoduje jego usunięcie.)

HKU\S-1-5-21-2455803330-2812840290-1380293714-1001\...\StartupApproved\Run: => "Microsoft Edge Update"
HKU\S-1-5-21-2455803330-2812840290-1380293714-1001\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-2455803330-2812840290-1380293714-1001\...\StartupApproved\Run: => "MicrosoftEdgeAutoLaunch_D10BEFA51995C13B394E9D44B165F29B"

==================== Reguły Zapory systemu Windows (filtrowane) ================

(Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.)

FirewallRules: [{ECC9D9D5-94B9-4681-AE8C-8CE61431899B}] => (Allow) D:\Steam\steamapps\common\Half-Life\hl.exe (Valve -> Valve)
FirewallRules: [{7305CFDD-B9D3-4619-8D7C-B5CB69DAD177}] => (Allow) D:\Steam\steamapps\common\Half-Life\hl.exe (Valve -> Valve)
FirewallRules: [{8EF3E5C6-A9E4-43EF-93BB-77376B7E35F4}] => (Allow) C:\Users\skill\AppData\Local\Programs\Opera\106.0.4998.19\opera.exe => Brak pliku
FirewallRules: [{EB546E7D-1C4E-40A4-9A0F-3A02750E06A3}] => (Allow) E:\LagoFast\LagoFast.exe => Brak pliku
FirewallRules: [{3081378E-8804-4C1C-8356-E2F4FB655873}] => (Allow) E:\LagoFast\LagoFast.exe => Brak pliku
FirewallRules: [{EAB21E35-AE17-48A5-84FC-5F450A79762B}] => (Allow) D:\Steam\steamapps\common\GSClient 1.6\hl.exe => Brak pliku
FirewallRules: [{17CB2F0D-AC64-4239-9458-BA68D333F4B0}] => (Allow) D:\Steam\steamapps\common\GSClient 1.6\hl.exe => Brak pliku
FirewallRules: [{421955AB-D69D-43C9-A13C-F00721E29153}] => (Allow) D:\Steam\steamapps\common\GSClient 1.6\hl.exe => Brak pliku
FirewallRules: [{244D466A-F826-49CF-A860-715DDEB99D23}] => (Allow) D:\Steam\steamapps\common\GSClient 1.6\hl.exe => Brak pliku
FirewallRules: [{71A6746E-86A5-4629-B660-B4F0876D69F2}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.110.3218.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{64CAC5C7-C227-4BCC-827F-8D2C019B86A3}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.110.3218.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{BF766EB8-F7FA-4C3C-A06F-AC62E214E204}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.110.3218.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{57F72DFC-C79D-40C5-BFF8-439B68A20CCE}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.110.3218.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{B0900B54-9192-4E03-B1DE-10CF2AA0830A}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.226.1187.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{08823996-1C21-45B6-B553-E50747CE07E3}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.226.1187.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{210C66F2-F292-4B09-AF0E-43A754A202E1}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.226.1187.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{C09566C2-6156-421F-B14A-73C7C418743C}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.226.1187.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{F7AE2FC6-6DC4-4595-9B16-C6B81D43CFF0}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.226.1187.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{ADE7A723-8616-4CB3-BC3C-845863416471}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.226.1187.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{A5C9E6D8-3F79-4026-A3CE-A64AECF418E4}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.226.1187.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{397A9EEA-A525-4AB5-81FB-ED19825650DD}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.226.1187.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{107C928A-081F-44B5-A947-1A083C52B250}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.226.1187.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{20BAA8F8-B1DA-422E-9233-233F84A83393}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.226.1187.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [UDP Query User{3D2593D0-508E-42EC-BBAF-D30222B744CC}D:\dcc\dcc.exe] => (Allow) D:\dcc\dcc.exe (BernyR) [Brak podpisu cyfrowego]
FirewallRules: [TCP Query User{AEE081EE-9050-494A-88F5-FF706B64EC7E}D:\dcc\dcc.exe] => (Allow) D:\dcc\dcc.exe (BernyR) [Brak podpisu cyfrowego]
FirewallRules: [{529E7B92-4683-4307-BFC2-535EF2C69D47}] => (Allow) D:\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{7871BD13-BA7B-4E67-8B4C-B0F5EE421998}] => (Allow) D:\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{E0883258-CDD6-430E-BDDF-00D77DF0369D}] => (Allow) D:\Steam\steam.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{DF6038F4-8AFA-496B-9FB5-035C46D0B488}] => (Allow) D:\Steam\steam.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{47F236EE-5564-497E-8F35-F2F203FAFEFF}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.226.1187.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{B97F463F-DC04-4F46-93F4-E315536F20DE}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.226.1187.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{9CA9A52E-D79F-4A4C-81DA-083A19E3AFDE}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.226.1187.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{B4305CD5-C6B0-4490-8218-1CEA7C35891E}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.226.1187.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{DE543321-61F7-4C7A-92C7-A9BD7BA676EA}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.226.1187.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{468ADE8C-D884-4EE4-B620-FA7E9B8BCA6F}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.226.1187.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{AC6C813B-2A24-419E-8B7C-FC7B547DAA76}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.226.1187.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{A1FFEA5F-0F66-4CD9-8A3F-BF35EFA5DF90}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.226.1187.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{96E72948-8BE3-4A12-8DDB-818CEFD06129}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.226.1187.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{3EF2D5B7-B45F-4EE6-B4AA-CFDF640C3ABB}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.226.1187.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{06A017B9-A6F1-4A17-9359-E4E7A288086D}] => (Allow) C:\Program Files\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{E858B7CB-2E02-4142-BAA5-044738C360EA}] => (Allow) C:\Program Files\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{84AB4F8E-7D91-42E6-A233-2DF58A102585}] => (Allow) C:\Program Files\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{9766A404-51C8-4343-8C01-B3EA68BDF2F0}] => (Allow) C:\Program Files\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{8B5E94B1-E33B-4259-8BD0-1487DC4190E2}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\120.0.2210.121\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{5AC65ADF-2E91-44D6-BC68-AC79D0205306}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\120.0.2210.133\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{EC3CFB62-CB50-4A0C-A26D-3971DE3358A4}] => (Allow) e:\exitlag\exitlag.exe (Skowsand Tecnologia Ltda -> )
FirewallRules: [{84F9BFA6-A91D-419D-ABD7-813CEC59B1F2}] => (Allow) e:\exitlag\exitlag.exe (Skowsand Tecnologia Ltda -> )
FirewallRules: [{A122B18B-C405-4422-8D45-831FA6CFD88A}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)

==================== Punkty Przywracania systemu =========================

UWAGA: Przywracanie systemu jest wyłączone (Total:97.66 GB) (Free:32.96 GB) (34%)

==================== Wadliwe urządzenia w Menedżerze urządzeń ============


==================== Błędy w Dzienniku zdarzeń: ========================

Dziennik Aplikacja:
==================
Error: (01/18/2024 03:42:02 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nazwa aplikacji powodującej błąd: wmiprvse.exe, wersja: 10.0.19041.3636, sygnatura czasowa: 0x71c3372a
Nazwa modułu powodującego błąd: unknown, wersja: 0.0.0.0, sygnatura czasowa: 0x00000000
Kod wyjątku: 0x80131623
Przesunięcie błędu: 0x00007fff157c200f
Identyfikator procesu powodującego błąd: 0x15f8
Godzina uruchomienia aplikacji powodującej błąd: 0x01da4a1c7f579de6
Ścieżka aplikacji powodującej błąd: C:\WINDOWS\system32\wbem\wmiprvse.exe
Ścieżka modułu powodującego błąd: unknown
Identyfikator raportu: ab91da75-8565-4f3e-b01b-0579958e80a5
Pełna nazwa pakietu powodującego błąd: 
Identyfikator aplikacji względem pakietu powodującego błąd:

Error: (01/18/2024 03:42:02 PM) (Source: .NET Runtime) (EventID: 1025) (User: )
Description: Application: wmiprvse.exe
Framework Version: v4.0.30319
Description: The application requested process termination through System.Environment.FailFast(string message).
Message: Nieoczekiwany wyjątek zgłoszony przez dostawcę:
 System.IO.FileLoadException: 
File name: 'Microsoft.AppV.AppvClientComConsumer, Version=10.0.0.0, Culture=neutral, PublicKeyToken=31bf3856ad364e35'
   at Microsoft.AppV.AppvPublishingServerWMI.AppvPublishingServer.EnumeratePublishingServers()


Stack:
   at System.Environment.FailFast(System.String)
   at WmiNative.WbemProvider.WmiNative.IWbemServices.CreateInstanceEnumAsync(System.String, Int32, WmiNative.IWbemContext, WmiNative.IWbemObjectSink)

Error: (01/18/2024 03:42:01 PM) (Source: Microsoft Security Client) (EventID: 3002) (User: )
Description: Event-ID 3002

Error: (01/18/2024 03:42:01 PM) (Source: Microsoft Security Client) (EventID: 2002) (User: )
Description: Event-ID 2002

Error: (01/18/2024 03:42:01 PM) (Source: Microsoft Security Client) (EventID: 2003) (User: )
Description: Event-ID 2003

Error: (01/18/2024 02:07:11 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nazwa aplikacji powodującej błąd: wmiprvse.exe, wersja: 10.0.19041.3636, sygnatura czasowa: 0x71c3372a
Nazwa modułu powodującego błąd: unknown, wersja: 0.0.0.0, sygnatura czasowa: 0x00000000
Kod wyjątku: 0x80131623
Przesunięcie błędu: 0x00007ffee4be200f
Identyfikator procesu powodującego błąd: 0x1014
Godzina uruchomienia aplikacji powodującej błąd: 0x01da4a0f3f1d30d6
Ścieżka aplikacji powodującej błąd: C:\WINDOWS\system32\wbem\wmiprvse.exe
Ścieżka modułu powodującego błąd: unknown
Identyfikator raportu: 3a832afe-17e7-4a24-a0ba-b19e384e61ec
Pełna nazwa pakietu powodującego błąd: 
Identyfikator aplikacji względem pakietu powodującego błąd:

Error: (01/18/2024 02:07:11 PM) (Source: .NET Runtime) (EventID: 1025) (User: )
Description: Application: wmiprvse.exe
Framework Version: v4.0.30319
Description: The application requested process termination through System.Environment.FailFast(string message).
Message: Nieoczekiwany wyjątek zgłoszony przez dostawcę:
 System.IO.FileLoadException: 
File name: 'Microsoft.AppV.AppvClientComConsumer, Version=10.0.0.0, Culture=neutral, PublicKeyToken=31bf3856ad364e35'
   at Microsoft.AppV.AppvPublishingServerWMI.AppvPublishingServer.EnumeratePublishingServers()


Stack:
   at System.Environment.FailFast(System.String)
   at WmiNative.WbemProvider.WmiNative.IWbemServices.CreateInstanceEnumAsync(System.String, Int32, WmiNative.IWbemContext, WmiNative.IWbemObjectSink)

Error: (01/18/2024 02:07:10 PM) (Source: Microsoft Security Client) (EventID: 3002) (User: )
Description: Event-ID 3002


Dziennik System:
=============
Error: (01/18/2024 11:51:36 AM) (Source: EventLog) (EventID: 6008) (User: )
Description: Poprzednie zamknięcie systemu przy 22:46:43 na ‎17.‎01.‎2024 było nieoczekiwane.

Error: (01/17/2024 09:31:31 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: Poprzednie zamknięcie systemu przy 15:11:55 na ‎17.‎01.‎2024 było nieoczekiwane.

Error: (01/16/2024 04:04:47 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: Poprzednie zamknięcie systemu przy 15:10:26 na ‎16.‎01.‎2024 było nieoczekiwane.

Error: (01/16/2024 02:18:00 PM) (Source: Schannel) (EventID: 4103) (User: ZARZĄDZANIE NT)
Description: Wystąpił błąd krytyczny podczas tworzenia poświadczeń TLS klient. Stan błędu wewnętrznego: 10013.

Error: (01/16/2024 12:15:22 PM) (Source: VBoxNetLwf) (EventID: 12) (User: )
Description: Sterownik wykrył błąd wewnętrzny sterownika na \Device\VBoxNetLwf.

Error: (01/16/2024 12:15:22 PM) (Source: VBoxNetLwf) (EventID: 12) (User: )
Description: Sterownik wykrył błąd wewnętrzny sterownika na \Device\VBoxNetLwf.

Error: (01/16/2024 12:15:22 PM) (Source: VBoxNetLwf) (EventID: 12) (User: )
Description: Sterownik wykrył błąd wewnętrzny sterownika na \Device\VBoxNetLwf.

Error: (01/16/2024 12:01:18 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Usługa NVIDIA Display Container LS niespodziewanie zakończyła pracę. Wystąpiło to razy: 1. W przeciągu 6000 milisekund zostanie podjęta następująca czynność korekcyjna: Uruchom usługę ponownie.


Windows Defender:
================
Date: 2024-01-13 16:41:45
Description: 
Skanowanie produktu Program antywirusowy Microsoft Defender zostało zatrzymane przed ukończeniem.
Identyfikator skanowania: {3256C966-3D7C-4E29-9799-3169179136EA}
Typ skanowania: Narzędzia chroniące przed złośliwym oprogramowaniem
Parametry skanowania: Szybkie skanowanie
Użytkownik: ZARZĄDZANIE NT\SYSTEM

Date: 2024-01-09 18:49:25
Description: 
Skanowanie produktu Program antywirusowy Microsoft Defender zostało zatrzymane przed ukończeniem.
Identyfikator skanowania: {060A6950-256D-4753-B0A1-F60F7FC2E50B}
Typ skanowania: Narzędzia chroniące przed złośliwym oprogramowaniem
Parametry skanowania: Szybkie skanowanie
Użytkownik: ZARZĄDZANIE NT\SYSTEM

CodeIntegrity:
===============
Date: 2024-01-18 15:42:04
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\ESET\ESET Security\ekrn.exe) attempted to load \Device\HarddiskVolume2\Program Files\ESET\ESET Security\eamsi.dll that did not meet the Custom 3 / Antimalware signing level requirements.


==================== Statystyki pamięci =========================== 

BIOS: American Megatrends Inc. E16GBIMS.A09 05/14/2013
Płyta główna: Micro-Star International Co., Ltd. MS-16GB
Procesor: Intel(R) Core(TM) i5-3230M CPU @ 2.60GHz
Procent pamięci w użyciu: 59%
Całkowita pamięć fizyczna: 8084.64 MB
Dostępna pamięć fizyczna: 3271.05 MB
Całkowita pamięć wirtualna: 9364.64 MB
Dostępna pamięć wirtualna: 4105.6 MB

==================== Dyski ================================

Drive c: () (Fixed) (Total:97.66 GB) (Free:32.95 GB) (Model: PLEXTOR PX-512M8VC ATA Device) NTFS
Drive d: () (Fixed) (Total:183.87 GB) (Free:181.76 GB) (Model: PLEXTOR PX-512M8VC ATA Device) NTFS
Drive e: () (Fixed) (Total:195.31 GB) (Free:194.53 GB) (Model: PLEXTOR PX-512M8VC ATA Device) NTFS

\\?\Volume{698588b8-0000-0000-0000-100000000000}\ (Zastrzeżone przez system) (Fixed) (Total:0.1 GB) (Free:0.07 GB) NTFS

==================== MBR & Tablica partycji ====================

==========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 476.9 GB) (Disk ID: 698588B8)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=97.7 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=183.9 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=195.3 GB) - (Type=07 NTFS)

==================== Koniec  Addition.txt =======================