Rezultaty skanu uzupełniającego Farbar Recovery Scan Tool (x64) Wersja: 30-06-2020 Uruchomiony przez greh2 (03-07-2020 21:06:59) Uruchomiony z C:\Users\greh2\Desktop Windows 10 Pro Wersja 1909 18363.900 (X64) (2019-12-30 17:16:51) Tryb startu: Normal ========================================================== ==================== Konta użytkowników: ============================= Administrator (S-1-5-21-2327329111-4195501157-308640029-500 - Administrator - Disabled) Gość (S-1-5-21-2327329111-4195501157-308640029-501 - Limited - Disabled) greh2 (S-1-5-21-2327329111-4195501157-308640029-1002 - Administrator - Enabled) => C:\Users\greh2 Konto domyślne (S-1-5-21-2327329111-4195501157-308640029-503 - Limited - Disabled) WDAGUtilityAccount (S-1-5-21-2327329111-4195501157-308640029-504 - Limited - Disabled) ==================== Centrum zabezpieczeń ======================== (Załączenie wejścia w fixlist spowoduje jego usunięcie.) AV: 360 Total Security (Enabled - Up to date) {2ACC6E6C-C52C-B3B4-DA13-A43E20B1E26D} AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AV: Malwarebytes (Enabled - Up to date) {23007AD3-69FE-687C-2629-D584AFFAF72B} ==================== Zainstalowane programy ====================== (W fixlist dozwolone tylko załączanie programów adware z flagą "Hidden" w celu ich uwidocznienia. Programy adware powinny zostać w poprawny sposób odinstalowane.) 360 Total Security (HKLM-x32\...\360TotalSecurity) (Version: 10.6.0.1354 - 360 Centro Sicurezza) Adobe Lightroom Classic CC (HKLM-x32\...\LTRM_8_2_1) (Version: 8.2.1 - Adobe Systems Incorporated) Adobe Photoshop CC 2019 (HKLM-x32\...\PHSP_20_0) (Version: 20.0.0 - Adobe Systems Incorporated) AIMP (HKLM-x32\...\AIMP) (Version: v4.60.2180, 25.03.2020 - AIMP DevTeam) Avidemux VC++ 64bits (HKU\S-1-5-21-2327329111-4195501157-308640029-1002\...\{41456c69-79e0-4095-9f98-bcb970f09adf}) (Version: 2.7.5 - Mean) CCleaner (HKLM\...\CCleaner) (Version: 5.63 - Piriform) Common Desktop Agent (HKLM\...\{031A0E14-0413-4C97-9772-2639B782F46F}) (Version: 1.62.0 - OEM) Hidden Conexant HD Audio (HKLM\...\CNXT_AUDIO_HDA) (Version: 8.66.16.50 - Conexant) Dolby Digital Plus Advanced Audio (HKLM\...\{B0BFC63F-EA07-419E-960B-3FB2ED5DD0B2}) (Version: 7.6.5.1 - Dolby Laboratories Inc) Foxit Reader (HKLM-x32\...\Foxit Reader_is1) (Version: 10.0.0.35798 - Foxit Software Inc.) GG (HKU\S-1-5-21-2327329111-4195501157-308640029-1002\...\GG) (Version: 12 - England Sp. z o.o.) GIMP 2.10.14 (HKU\S-1-5-21-2327329111-4195501157-308640029-1002\...\GIMP-2_is1) (Version: 2.10.14 - The GIMP Team) Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 20.19.15.4531 - Intel Corporation) Lenovo EasyCamera (HKLM-x32\...\{E399A5B3-ED53-4DEA-AF04-8011E1EB1EAC}) (Version: 6.3.9600.11103 - Realtek Semiconductor Corp.) Malwarebytes version 4.1.2.73 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 4.1.2.73 - Malwarebytes) Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 83.0.478.58 - Microsoft Corporation) Microsoft Edge Update (HKLM-x32\...\Microsoft Edge Update) (Version: 1.3.129.31 - ) Microsoft Office Professional Plus 2019 - pl-pl (HKLM\...\ProPlus2019Retail - pl-pl) (Version: 16.0.12827.20470 - Microsoft Corporation) Microsoft OneDrive (HKU\S-1-5-21-2327329111-4195501157-308640029-1002\...\OneDriveSetup.exe) (Version: 20.084.0426.0007 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40660 (HKLM-x32\...\{ef6b00ec-13e1-4c25-9064-b2f383cb8412}) (Version: 12.0.40660.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.40660 (HKLM-x32\...\{61087a79-ac85-455c-934d-1fa22cc64f36}) (Version: 12.0.40660.0 - Microsoft Corporation) Microsoft Visual C++ 2017 Redistributable (x64) - 14.15.26706 (HKLM-x32\...\{95ac1cfa-f4fb-4d1b-8912-7f9d5fbb140d}) (Version: 14.15.26706.0 - Microsoft Corporation) Microsoft Visual C++ 2017 Redistributable (x86) - 14.15.26706 (HKLM-x32\...\{7e9fae12-5bbf-47fb-b944-09c49e75c061}) (Version: 14.15.26706.0 - Microsoft Corporation) Mozilla Firefox 77.0.1 (x64 pl) (HKLM\...\Mozilla Firefox 77.0.1 (x64 pl)) (Version: 77.0.1 - Mozilla) Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 71.0 - Mozilla) Office 16 Click-to-Run Extensibility Component (HKLM-x32\...\{90160000-008C-0000-0000-0000000FF1CE}) (Version: 16.0.12827.20160 - Microsoft Corporation) Hidden Office 16 Click-to-Run Extensibility Component 64-bit Registration (HKLM\...\{90160000-00DD-0000-1000-0000000FF1CE}) (Version: 16.0.12827.20160 - Microsoft Corporation) Hidden Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-008F-0000-1000-0000000FF1CE}) (Version: 16.0.12827.20470 - Microsoft Corporation) Hidden Office 16 Click-to-Run Localization Component (HKLM-x32\...\{90160000-008C-0415-0000-0000000FF1CE}) (Version: 16.0.12827.20160 - Microsoft Corporation) Hidden Opera Stable 68.0.3618.173 (HKU\S-1-5-21-2327329111-4195501157-308640029-1002\...\Opera 68.0.3618.173) (Version: 68.0.3618.173 - Opera Software) Picasa 3 (HKLM-x32\...\Picasa 3) (Version: 3.9.141.259 - Google, Inc.) Samsung Easy Printer Manager (HKLM-x32\...\Samsung Easy Printer Manager) (Version: 2.00.01.24 - HP Printing Korea Co., Ltd.) Samsung ML-2160 Series (HKLM-x32\...\Samsung ML-2160 Series) (Version: 1.26 (16.08.2017) - Samsung Electronics Co., Ltd.) Samsung Printer Diagnostics (HKLM-x32\...\Samsung Printer Diagnostics) (Version: 1.0.0.15 - Samsung Electronics Co., Ltd.) Samsung Printer Live Update (HKLM-x32\...\Samsung Printer Live Update) (Version: 1.01.00:04(2013-04-22) - Samsung Electronics Co., Ltd.) Samsung Scan Process Machine (HKLM-x32\...\Samsung Scan Process Machine) (Version: 1.03.05.28 - Samsung Electronics Co., Ltd.) Hidden SetIP (HKLM-x32\...\SetIP) (Version: 1.05.08.00 - Samsung Electronics Co., Ltd.) Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 19.0.9.5 - Synaptics Incorporated) Transmission 2.94 (d8e60ee44f) (x64) (HKLM\...\{F822870C-AD55-47D1-A705-21661A02386B}) (Version: 2.94.0 - Transmission Project) VdhCoApp 1.5.0 (HKLM\...\weh-iss-net.downloadhelper.coapp_is1) (Version: - DownloadHelper) VLC media player (HKLM\...\VLC media player) (Version: 3.0.10 - VideoLAN) WinRAR 5.71 (64-bitowy) (HKLM\...\WinRAR archiver) (Version: 5.71.0 - win.rar GmbH) Zoom (HKU\S-1-5-21-2327329111-4195501157-308640029-1002\...\ZoomUMX) (Version: 5.0 - Zoom Video Communications, Inc.) Packages: ========= Bubble Witch 3 Saga -> C:\Program Files\WindowsApps\king.com.BubbleWitch3Saga_6.10.5.0_x86__kgqvnymyfvs32 [2020-06-22] (king.com) Candy Crush Friends -> C:\Program Files\WindowsApps\king.com.CandyCrushFriends_1.38.4.0_x86__kgqvnymyfvs32 [2020-06-22] (king.com) HP Smart -> C:\Program Files\WindowsApps\AD2F1837.HPPrinterControl_115.1.152.0_x64__v10z8vjag6ke6 [2020-05-29] (HP Inc.) Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2020-01-02] (Microsoft Corporation) [MS Ad] Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2020-01-02] (Microsoft Corporation) [MS Ad] Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.7.5012.0_x64__8wekyb3d8bbwe [2020-05-04] (Microsoft Studios) [MS Ad] MSN Pogoda -> C:\Program Files\WindowsApps\Microsoft.BingWeather_4.36.20714.0_x64__8wekyb3d8bbwe [2020-03-24] (Microsoft Corporation) [MS Ad] Spotify Music -> C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.134.694.0_x86__zpdnekdrzrea0 [2020-06-03] (Spotify AB) [Startup Task] ==================== Niestandardowe rejestracje CLSID (filtrowane): ============== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2019-05-07] (win.rar GmbH -> Alexander Roshal) ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2019-05-07] (win.rar GmbH -> Alexander Roshal) ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2020-07-03] (Malwarebytes Corporation -> Malwarebytes) ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\Windows\system32\igfxDTCM.dll [2016-11-02] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation) ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2020-07-03] (Malwarebytes Corporation -> Malwarebytes) ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2019-05-07] (win.rar GmbH -> Alexander Roshal) ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2019-05-07] (win.rar GmbH -> Alexander Roshal) ==================== Codecs (filtrowane) ==================== ==================== Skróty & WMI ======================== ==================== Załadowane moduły (filtrowane) ============= 2017-11-08 08:35 - 2017-11-08 08:35 - 000123904 _____ (Samsung Electronics Co., Ltd.) [Brak podpisu cyfrowego] C:\Program Files (x86)\Samsung\Easy Printer Manager\SmartScreenPrint\CDAKEYMonitor64.dll ==================== Alternate Data Streams (filtrowane) ======== ==================== Tryb awaryjny (filtrowane) ================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Wartość "AlternateShell" zostanie przywrócona.) HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service" ==================== Powiązania plików (filtrowane) ================= ==================== Internet Explorer - Witryny zaufane i z ograniczeniami ========== ==================== Hosts - zawartość: ========================= (Użycie dyrektywy Hosts: w fixlist spowoduje reset pliku Hosts.) 2019-03-19 06:49 - 2019-03-19 06:49 - 000000824 _____ C:\Windows\system32\drivers\etc\hosts ==================== Inne obszary =========================== (Obecnie brak automatycznej naprawy dla tej sekcji.) HKU\S-1-5-21-2327329111-4195501157-308640029-1002\Control Panel\Desktop\\Wallpaper -> C:\Windows\web\wallpaper\Windows\img0.jpg DNS Servers: 31.11.202.254 - 37.8.214.2 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1) HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: ) Zapora systemu Windows [funkcja włączona] ==================== MSCONFIG/TASK MANAGER - Wyłączone elementy == ==================== Reguły Zapory systemu Windows (filtrowane) ================ (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) FirewallRules: [{E222D964-83A0-4944-B2A6-03FF18F5D4EB}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [{B6090085-67D7-4F10-B99A-96F4B39C11A0}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [{CA8B44EA-D7FB-440D-9F19-BC9D06C0A461}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [{627718CA-B836-4BCA-BFFE-91D18B068ACA}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [{ACEA67A4-E1F5-464C-BC41-C066737EB78C}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation) FirewallRules: [{5E7D54F2-DF41-4ACA-96C3-3D5FC298E1F9}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation) FirewallRules: [TCP Query User{C8B81E39-1AAB-463A-93DA-C283D0F43E79}C:\program files\transmission\transmission-qt.exe] => (Allow) C:\program files\transmission\transmission-qt.exe (Mike Gelfand -> Transmission Project) FirewallRules: [UDP Query User{67DB9487-E73F-4F97-AA90-28CDA3C27C9D}C:\program files\transmission\transmission-qt.exe] => (Allow) C:\program files\transmission\transmission-qt.exe (Mike Gelfand -> Transmission Project) FirewallRules: [TCP Query User{98568DE0-04F8-4BCC-9784-171915AE5E62}C:\program files\transmission\transmission-qt.exe] => (Block) C:\program files\transmission\transmission-qt.exe (Mike Gelfand -> Transmission Project) FirewallRules: [UDP Query User{892FE77E-F23B-4BDA-B4E6-A5483BA21EBC}C:\program files\transmission\transmission-qt.exe] => (Block) C:\program files\transmission\transmission-qt.exe (Mike Gelfand -> Transmission Project) FirewallRules: [{F16A6BDC-0414-45D9-A722-DD9669B7519A}] => (Allow) C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe (Samsung Electronics CO., LTD. -> ) FirewallRules: [{0BC23BB1-98AE-4AEC-AD8E-FBF533129CE2}] => (Allow) C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe (Samsung Electronics CO., LTD. -> ) FirewallRules: [{B5C0AC76-028B-4A21-8AE3-ED82F00D17EF}] => (Allow) C:\Program Files (x86)\Samsung\Easy Printer Manager\EasyPrinterManagerV2.exe (HP Inc. -> ) FirewallRules: [{E64936F7-FC36-403F-80FE-5970E6A23B4C}] => (Allow) C:\Program Files (x86)\Samsung\Easy Printer Manager\OrderSupplies.exe (HP Inc. -> HP Printing Korea Co., Ltd.) FirewallRules: [{95A7F9ED-B80E-4AA6-8A45-11CCC8E2C8E0}] => (Allow) C:\Program Files (x86)\Samsung\Easy Printer Manager\EPM2AlertList.exe (HP Inc. -> HP Printing Korea Co., Ltd.) FirewallRules: [{D076941D-0EB1-4873-AA23-D34CA28D5043}] => (Allow) C:\Program Files (x86)\Samsung\Easy Printer Manager\EPM2Migrator.exe (HP Inc. -> ) FirewallRules: [{8F7D034A-18D4-4633-821F-DF3B56648C0B}] => (Allow) C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe (Samsung Electronics CO., LTD. -> ) FirewallRules: [{D1C82C1C-2BFC-4C09-8561-4831D1D6D496}] => (Allow) C:\Users\greh2\AppData\Roaming\Zoom\bin\Zoom.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.) FirewallRules: [{583553AA-434C-4CB5-9E67-C50DECC00BB1}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [TCP Query User{3AAD3E40-A017-4964-BE9D-B70C3FB8B032}C:\program files\mozilla firefox\firefox.exe] => (Allow) C:\program files\mozilla firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation) FirewallRules: [UDP Query User{9C367011-0021-41D9-941A-9C249C71C0D6}C:\program files\mozilla firefox\firefox.exe] => (Allow) C:\program files\mozilla firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation) FirewallRules: [{E0743B7B-939D-4E84-A339-D00A2C35E2AB}] => (Allow) C:\Program Files (x86)\Samsung\Samsung Printer Diagnostics\SEInstall\SPD\ESM.exe (Samsung Electronics CO., LTD. -> ) FirewallRules: [{36ED8B94-3F9E-4B14-8C9D-A08F8D7389EE}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.134.694.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd) FirewallRules: [{6E1BF99C-A0CB-4CF1-A2A8-C25F792DE9BD}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.134.694.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd) FirewallRules: [{39F7208B-86CF-4522-BC3A-A489F9611756}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.134.694.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd) FirewallRules: [{DBB539F4-4807-46E0-AFF9-17873B5CD51D}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.134.694.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd) FirewallRules: [{36B6C6A2-CB78-4173-A49E-FBDE8AECB0D6}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.134.694.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd) FirewallRules: [{FCE9FE75-8422-4DB3-BB6B-E0CC71DE4948}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.134.694.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd) FirewallRules: [{ACB31020-7C81-477D-888E-6B40509414B0}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.134.694.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd) FirewallRules: [{04972F24-696D-4EAD-93B7-8D4B6DBB65F8}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.134.694.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd) FirewallRules: [TCP Query User{B5D67EDA-06C7-44BC-9C76-7832F1C9A34F}C:\users\greh2\appdata\local\programs\opera\68.0.3618.165\opera.exe] => (Allow) C:\users\greh2\appdata\local\programs\opera\68.0.3618.165\opera.exe (Opera Software AS -> Opera Software) FirewallRules: [UDP Query User{5AB8CC3F-5E2B-442B-AD3D-94CF66D4B1D3}C:\users\greh2\appdata\local\programs\opera\68.0.3618.165\opera.exe] => (Allow) C:\users\greh2\appdata\local\programs\opera\68.0.3618.165\opera.exe (Opera Software AS -> Opera Software) FirewallRules: [{19710CB8-B63B-4239-97AE-8BCA49C1C8E3}] => (Block) C:\users\greh2\appdata\local\programs\opera\68.0.3618.165\opera.exe (Opera Software AS -> Opera Software) FirewallRules: [{64DC9FC1-ADF4-4DB6-B9D9-4617E2F8651D}] => (Block) C:\users\greh2\appdata\local\programs\opera\68.0.3618.165\opera.exe (Opera Software AS -> Opera Software) FirewallRules: [TCP Query User{B56FCDA6-3AF9-40F2-828E-DC319B48626F}C:\users\greh2\appdata\local\programs\opera\68.0.3618.173\opera.exe] => (Allow) C:\users\greh2\appdata\local\programs\opera\68.0.3618.173\opera.exe (Opera Software AS -> Opera Software) FirewallRules: [UDP Query User{EA7E0F0A-EB4C-400D-9E96-62EC86286D3D}C:\users\greh2\appdata\local\programs\opera\68.0.3618.173\opera.exe] => (Allow) C:\users\greh2\appdata\local\programs\opera\68.0.3618.173\opera.exe (Opera Software AS -> Opera Software) FirewallRules: [{E2923E01-89EF-49AC-AA83-36F5D8EA961A}] => (Block) C:\users\greh2\appdata\local\programs\opera\68.0.3618.173\opera.exe (Opera Software AS -> Opera Software) FirewallRules: [{EEED6D0E-A39D-40AC-AFD7-F4B943109DFF}] => (Block) C:\users\greh2\appdata\local\programs\opera\68.0.3618.173\opera.exe (Opera Software AS -> Opera Software) FirewallRules: [{DFC1E2E7-AB46-426E-9A20-CE47364139E7}] => (Allow) C:\Windows\system32\winrmsrv.exe => Brak pliku ==================== Punkty Przywracania systemu ========================= 18-06-2020 17:19:46 Zaplanowany punkt kontrolny 29-06-2020 08:07:20 Zaplanowany punkt kontrolny 03-07-2020 20:04:27 Restore Point Created by FRST ==================== Wadliwe urządzenia w Menedżerze urządzeń ============ Name: Nieznane urządzenie USB (resetowanie portu nie powiodło się) Description: Nieznane urządzenie USB (resetowanie portu nie powiodło się) Class Guid: {36fc9e60-c465-11cf-8056-444553540000} Manufacturer: (Standardowy kontroler hosta USB) Service: Problem: : Windows has stopped this device because it has reported problems. (Code 43) Resolution: One of the drivers controlling the device notified the operating system that the device failed in some manner. For more information about how to diagnose the problem, see the hardware documentation. ==================== Błędy w Dzienniku zdarzeń: ======================== Dziennik Aplikacja: ================== Error: (07/03/2020 08:04:25 PM) (Source: VSS) (EventID: 8194) (User: ) Description: Błąd Usługi kopiowania woluminów w tle: nieoczekiwany błąd podczas badania interfejsu IVssWriterCallback. hr = 0x80070005, Odmowa dostępu. . To jest często spowodowane przez niepoprawne ustawienia zabezpieczeń w procesie zapisującym lub żądającym. Operacja: Zbieranie danych modułu zapisującego Kontekst: Identyfikator klasy modułu zapisującego: {e8132975-6f93-4464-a53e-1050253ae220} Nazwa modułu zapisującego: System Writer Identyfikator wystąpienia modułu zapisującego: {ede998d9-147a-4677-b232-5714bb4ab3fe} Error: (07/03/2020 02:04:58 PM) (Source: Application Hang) (EventID: 1002) (User: ) Description: Program HxOutlook.exe w wersji 16.0.12827.20398 przestał współpracować z systemem Windows i został zamknięty. Aby zobaczyć, czy jest dostępnych więcej informacji dotyczących tego problemu, sprawdź historię problemów w oknie Zabezpieczenia i konserwacja w Panelu sterowania. Identyfikator procesu: 1228 Godzina rozpoczęcia: 01d65123a33415b2 Godzina zakończenia: 4294967295 Ścieżka aplikacji: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.12827.20400.0_x64__8wekyb3d8bbwe\HxOutlook.exe Identyfikator raportu: 288a175b-11b2-4720-b67a-5c384d28494c Pełna nazwa pakietu powodującego błąd: microsoft.windowscommunicationsapps_16005.12827.20400.0_x64__8wekyb3d8bbwe Identyfikator aplikacji powiązanej z pakietem powodującym błąd: microsoft.windowslive.mail Typ zawieszenia: Quiesce Error: (07/01/2020 03:56:42 PM) (Source: VSS) (EventID: 8193) (User: ) Description: Błąd Usługi kopiowania woluminów w tle: nieoczekiwany błąd podczas wywoływania procedury CoCreateInstance. hr = 0x8007045b, Trwa proces zamykania systemu. . Error: (07/01/2020 03:56:42 PM) (Source: VSS) (EventID: 13) (User: ) Description: Informacje Usługi kopiowania woluminów w tle: nie można uruchomić serwera usługi COM z identyfikatorem CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} i nazwą CEventSystem. [0x8007045b, Trwa proces zamykania systemu. ] Error: (06/30/2020 05:02:37 PM) (Source: VSS) (EventID: 8193) (User: ) Description: Błąd Usługi kopiowania woluminów w tle: nieoczekiwany błąd podczas wywoływania procedury CoCreateInstance. hr = 0x8007045b, Trwa proces zamykania systemu. . Error: (06/30/2020 05:02:37 PM) (Source: VSS) (EventID: 13) (User: ) Description: Informacje Usługi kopiowania woluminów w tle: nie można uruchomić serwera usługi COM z identyfikatorem CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} i nazwą CEventSystem. [0x8007045b, Trwa proces zamykania systemu. ] Error: (06/29/2020 04:22:50 PM) (Source: VSS) (EventID: 8193) (User: ) Description: Błąd Usługi kopiowania woluminów w tle: nieoczekiwany błąd podczas wywoływania procedury CoCreateInstance. hr = 0x8007045b, Trwa proces zamykania systemu. . Error: (06/29/2020 04:22:50 PM) (Source: VSS) (EventID: 13) (User: ) Description: Informacje Usługi kopiowania woluminów w tle: nie można uruchomić serwera usługi COM z identyfikatorem CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} i nazwą CEventSystem. [0x8007045b, Trwa proces zamykania systemu. ] Dziennik System: ============= Error: (07/03/2020 08:41:52 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Nie można uruchomić usługi eapihdrv z powodu następującego błędu: Nastąpiło zablokowanie ładowania sterownika Error: (07/03/2020 08:41:52 PM) (Source: Application Popup) (EventID: 1060) (User: ) Description: \??\C:\Users\greh2\AppData\Local\Temp\ehdrv.sys Error: (07/03/2020 08:41:51 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Nie można uruchomić usługi eapihdrv z powodu następującego błędu: Nastąpiło zablokowanie ładowania sterownika Error: (07/03/2020 08:41:51 PM) (Source: Application Popup) (EventID: 1060) (User: ) Description: \??\C:\Users\greh2\AppData\Local\Temp\ehdrv.sys Error: (07/03/2020 08:41:51 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Nie można uruchomić usługi eapihdrv z powodu następującego błędu: Nastąpiło zablokowanie ładowania sterownika Error: (07/03/2020 08:41:51 PM) (Source: Application Popup) (EventID: 1060) (User: ) Description: \??\C:\Users\greh2\AppData\Local\Temp\ehdrv.sys Error: (07/03/2020 08:41:51 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Nie można uruchomić usługi eapihdrv z powodu następującego błędu: Nastąpiło zablokowanie ładowania sterownika Error: (07/03/2020 08:41:51 PM) (Source: Application Popup) (EventID: 1060) (User: ) Description: \??\C:\Users\greh2\AppData\Local\Temp\ehdrv.sys CodeIntegrity: =================================== Date: 2020-02-17 08:04:12.711 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\360\Total Security\I18N64.dll that did not meet the Store signing level requirements. Date: 2020-02-10 07:56:01.065 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\360\Total Security\I18N64.dll that did not meet the Store signing level requirements. Date: 2020-02-07 08:03:47.771 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\360\Total Security\I18N64.dll that did not meet the Store signing level requirements. Date: 2020-02-06 08:02:36.580 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\360\Total Security\I18N64.dll that did not meet the Store signing level requirements. Date: 2020-02-05 08:11:33.872 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\360\Total Security\I18N64.dll that did not meet the Store signing level requirements. Date: 2020-02-03 07:59:38.512 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\360\Total Security\I18N64.dll that did not meet the Store signing level requirements. Date: 2020-01-31 07:59:18.104 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\360\Total Security\I18N64.dll that did not meet the Store signing level requirements. Date: 2020-01-30 08:01:23.047 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\360\Total Security\I18N64.dll that did not meet the Store signing level requirements. ==================== Statystyki pamięci =========================== BIOS: LENOVO 79CN49WW(V3.08) 08/06/2014 Płyta główna: LENOVO INVALID Procesor: Intel(R) Core(TM) i3-4000M CPU @ 2.40GHz Procent pamięci w użyciu: 49% Całkowita pamięć fizyczna: 8104.27 MB Dostępna pamięć fizyczna: 4090.88 MB Całkowita pamięć wirtualna: 9384.27 MB Dostępna pamięć wirtualna: 5402.96 MB ==================== Dyski ================================ Drive c: () (Fixed) (Total:222.94 GB) (Free:167.39 GB) NTFS Drive d: (Dane) (Fixed) (Total:488.28 GB) (Free:476.02 GB) NTFS Drive f: (Inne) (Fixed) (Total:443.23 GB) (Free:441.87 GB) NTFS \\?\Volume{654a5915-0db7-4ab6-b947-58157edb2dcc}\ (Odzyskiwanie) (Fixed) (Total:0.52 GB) (Free:0.08 GB) NTFS \\?\Volume{582aa091-e28a-467e-a02c-3f178b5a808d}\ () (Fixed) (Total:0.09 GB) (Free:0.07 GB) FAT32 ==================== MBR & Tablica partycji ==================== ========================================================== Disk: 0 (Size: 223.6 GB) (Disk ID: A83C5B3C) Partition: GPT. ========================================================== Disk: 1 (MBR Code: Windows 7/8/10) (Size: 931.5 GB) (Disk ID: 0004CF83) Partition 1: (Not Active) - (Size=488.3 GB) - (Type=07 NTFS) Partition 2: (Not Active) - (Size=443.2 GB) - (Type=07 NTFS) ==================== Koniec Addition.txt =======================