Rezultaty skanu uzupełniającego Farbar Recovery Scan Tool (x64) Wersja: 24-02-2021 Uruchomiony przez endri (27-02-2021 12:28:55) Uruchomiony z C:\Users\endri\AppData\Local\Temp\scoped_dir8064_198651095 Windows 10 Home Wersja 20H2 19042.804 (X64) (2021-01-20 20:26:58) Tryb startu: Normal ========================================================== ==================== Konta użytkowników: ============================= Administrator (S-1-5-21-4095845365-3530508356-3032322834-500 - Administrator - Disabled) endri (S-1-5-21-4095845365-3530508356-3032322834-1001 - Administrator - Enabled) => C:\Users\endri Gość (S-1-5-21-4095845365-3530508356-3032322834-501 - Limited - Disabled) Konto domyślne (S-1-5-21-4095845365-3530508356-3032322834-503 - Limited - Disabled) WDAGUtilityAccount (S-1-5-21-4095845365-3530508356-3032322834-504 - Limited - Disabled) ==================== Centrum zabezpieczeń ======================== (Załączenie wejścia w fixlist spowoduje jego usunięcie.) AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AV: ESET Security (Enabled - Up to date) {EC1D6F37-E411-475A-DF50-12FF7FE4AC70} AS: ESET Security (Enabled - Up to date) {577C8ED3-C22B-48D4-E5E0-298D0463E6CD} AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} ==================== Zainstalowane programy ====================== (W fixlist dozwolone tylko załączanie programów adware z flagą "Hidden" w celu ich uwidocznienia. Programy adware powinny zostać w poprawny sposób odinstalowane.) Aktualizacje NVIDIA 38.0.6.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 38.0.6.0 - NVIDIA Corporation) Hidden Apex Legends (HKLM-x32\...\{D7FBF176-382D-484E-863A-DFD1124A2A1C}) (Version: 1.0.5.4 - Electronic Arts, Inc.) Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment) CCleaner (HKLM\...\CCleaner) (Version: 5.76 - Piriform) CCleaner Browser (HKLM-x32\...\CCleaner Browser) (Version: 88.1.8016.153 - Autorzy CCleaner Browser) CCleaner Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.8.1067.0 - Piriform Software) Hidden Dolby Atmos Windows API SDK (HKLM\...\{139C7F29-696B-4EEA-B4AF-2990C2ECF7AD}) (Version: 1.1.7.32 - Dolby Laboratories, Inc.) Dolby Atmos Windows APP (HKLM\...\{3FC92273-FEF4-4C0B-9AF4-F38D747EB765}) (Version: 1.0.0.10 - Dolby Laboratories, Inc.) GOG Galaxy (HKLM-x32\...\{7258BA11-600C-430E-A759-27E2C691A335}_is1) (Version: - GOG.com) Google Chrome (HKLM-x32\...\Google Chrome) (Version: 88.0.4324.190 - Google LLC) Heroes of Might and Magic 3 Complete (HKLM-x32\...\1207658787_is1) (Version: 4.0 - GOG.com) HIDKB 1.0.7.7 (HKLM\...\HIDKB_is1) (Version: 1.0.7.7 - ITE, Inc.) Intel(R) Chipset Device Software (HKLM-x32\...\{bb0592a7-5772-4736-9d55-2402740085db}) (Version: 10.1.1.38 - Intel(R) Corporation) Hidden Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 11.6.0.1045 - Intel Corporation) K-Lite Codec Pack 13.6.5 Basic (HKLM-x32\...\KLiteCodecPack_is1) (Version: 13.6.5 - KLCP) League of Legends (HKU\S-1-5-21-4095845365-3530508356-3032322834-1001\...\Riot Game league_of_legends.live) (Version: - Riot Games, Inc) Lenovo App Explorer (HKU\S-1-5-21-4095845365-3530508356-3032322834-1001\...\Host App Service) (Version: 0.273.2.977 - SweetLabs for Lenovo) <==== UWAGA Lenovo Entertainment Hub (HKLM-x32\...\{2994AD9D-6FB9-411E-9D88-C009DE04DC51}_is1) (Version: 1.1.2 - Beyond Media) Lenovo Nerve Sense (HKLM\...\{DCB4DFB5-93CA-4BDD-9D08-CE880626B46E}_is1) (Version: 2.6.11.8 - Lenovo) Lenovo System Interface Foundation Driver (HKLM\...\{C2E5CA37-C862-4A69-AC6D-24F450A20C16}) (Version: 1.1.17.1 - Lenovo) Lenovo Vantage Service (HKLM-x32\...\VantageSRV_is1) (Version: 3.5.27.0 - Lenovo Group Ltd.) Microsoft 365 - en-us (HKLM\...\O365HomePremRetail - en-us) (Version: 16.0.13628.20448 - Microsoft Corporation) Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 88.0.705.81 - Microsoft Corporation) Microsoft Edge Update (HKLM-x32\...\Microsoft Edge Update) (Version: 1.3.141.59 - ) Microsoft OneDrive (HKU\S-1-5-21-4095845365-3530508356-3032322834-1001\...\OneDriveSetup.exe) (Version: 21.016.0124.0003 - Microsoft Corporation) Microsoft Update Health Tools (HKLM\...\{99FAF70F-9B61-4AB0-9EC0-B31F98FFDC4A}) (Version: 2.75.0.0 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual C++ 2017 Redistributable (x64) - 14.13.26020 (HKLM-x32\...\{7474cd6e-76cc-4257-837e-5b9261e526af}) (Version: 14.13.26020.0 - Microsoft Corporation) Microsoft Visual C++ 2017 Redistributable (x86) - 14.13.26020 (HKLM-x32\...\{5c045b7f-e561-4794-91f8-c6cda0893107}) (Version: 14.13.26020.0 - Microsoft Corporation) Mozilla Firefox 86.0 (x64 pl) (HKLM\...\Mozilla Firefox 86.0 (x64 pl)) (Version: 86.0 - Mozilla) Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 69.0.3 - Mozilla) NVAPI Monitor plugin for NvContainer (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvContainer.NvapiMonitor) (Version: 1.27 - NVIDIA Corporation) Hidden NVIDIA FrameView SDK 1.1.4923.29548709 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_FrameViewSdk) (Version: 1.1.4923.29548709 - NVIDIA Corporation) NVIDIA GeForce Experience 3.21.0.36 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.21.0.36 - NVIDIA Corporation) NVIDIA Oprogramowanie systemu PhysX 9.19.0218 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.19.0218 - NVIDIA Corporation) NVIDIA Sterownik dźwięku HD 1.3.38.40 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.38.40 - NVIDIA Corporation) NVIDIA Sterownik graficzny 461.72 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 461.72 - NVIDIA Corporation) NvModuleTracker (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvModuleTracker.Driver) (Version: 6.14.24033.38719 - NVIDIA Corporation) Hidden Office 16 Click-to-Run Extensibility Component (HKLM-x32\...\{90160000-008C-0000-0000-0000000FF1CE}) (Version: 16.0.13628.20274 - Microsoft Corporation) Hidden Office 16 Click-to-Run Extensibility Component 64-bit Registration (HKLM\...\{90160000-00DD-0000-1000-0000000FF1CE}) (Version: 16.0.13628.20274 - Microsoft Corporation) Hidden Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-008F-0000-1000-0000000FF1CE}) (Version: 16.0.13628.20330 - Microsoft Corporation) Hidden Office 16 Click-to-Run Localization Component (HKLM-x32\...\{90160000-008C-0409-0000-0000000FF1CE}) (Version: 16.0.13628.20274 - Microsoft Corporation) Hidden OpenAL (HKLM-x32\...\OpenAL) (Version: - ) Opera GX Stable 73.0.3856.400 (HKU\S-1-5-21-4095845365-3530508356-3032322834-1001\...\Opera GX 73.0.3856.400) (Version: 73.0.3856.400 - Opera Software) Origin (HKLM-x32\...\Origin) (Version: 10.5.93.46608 - Electronic Arts, Inc.) Panel sterowania NVIDIA 461.72 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel) (Version: 461.72 - NVIDIA Corporation) Hidden Razer Chroma SDK Core Components (HKLM-x32\...\Razer Chroma SDK) (Version: 2.10.6 - Razer Inc.) Razer Synapse (HKLM-x32\...\{0D78BEE2-F8FF-4498-AF1A-3FF81CED8AC6}) (Version: 2.21.24.34 - Razer Inc.) StarCraft II (HKLM-x32\...\StarCraft II) (Version: - Blizzard Entertainment) Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation) Thunderbolt(TM) Software (HKLM-x32\...\{F55C97BF-D9B2-4BB6-B16A-25A621BC50E9}) (Version: 16.2.52.250 - Intel Corporation) Total Commander 64-bit (Remove or Repair) (HKLM\...\Totalcmd64) (Version: 9.50 - Ghisler Software GmbH) Vulkan Run Time Libraries 1.0.33.0 (HKLM\...\VulkanRT1.0.33.0) (Version: 1.0.33.0 - LunarG, Inc.) Hidden Vulkan Run Time Libraries 1.0.33.0 (HKLM\...\VulkanRT1.0.33.0-2) (Version: 1.0.33.0 - LunarG, Inc.) WhatsApp (HKU\S-1-5-21-4095845365-3530508356-3032322834-1001\...\WhatsApp) (Version: 2.2049.10 - WhatsApp) Packages: ========= Dolby Access -> C:\Program Files\WindowsApps\DolbyLaboratories.DolbyAccess_3.7.1129.0_x64__rz1tebttyb220 [2021-02-18] (Dolby Laboratories) Lenovo Settings -> C:\Program Files\WindowsApps\LenovoCorporation.LenovoSettings_3.177.0.0_x86__4642shxvsv8s2 [2021-02-09] (LENOVO INCORPORATED.) Lenovo Vantage -> C:\Program Files\WindowsApps\E046963F.LenovoCompanion_10.2101.29.0_x64__k1h2ywk1493x8 [2021-02-12] (LENOVO INC.) Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.9.1252.0_x64__8wekyb3d8bbwe [2021-02-04] (Microsoft Studios) [MS Ad] Phototastic Collage -> C:\Program Files\WindowsApps\ThumbmunkeysLtd.PhototasticCollage_3.27.1.0_x64__nfy108tqq3p12 [2021-02-21] (Thumbmunkeys Ltd) Portal kont Lenovo -> C:\Program Files\WindowsApps\lenovocorporation.lenovoid_2.0.37.0_x86__4642shxvsv8s2 [2019-01-11] (LENOVO INCORPORATED.) ==================== Niestandardowe rejestracje CLSID (filtrowane): ============== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> Brak pliku ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => -> Brak pliku ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} => -> Brak pliku ContextMenuHandlers1: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} => -> Brak pliku ContextMenuHandlers3: [{4A7C4306-57E0-4C0C-83A9-78C1528F618C}] -> {4A7C4306-57E0-4C0C-83A9-78C1528F618C} => -> Brak pliku ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => -> Brak pliku ContextMenuHandlers4: [Offline Files] -> {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} => -> Brak pliku ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> Brak pliku ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\System32\DriverStore\FileRepository\igdlh64.inf_amd64_ba34b5e302b5992f\igfxDTCM.dll [2019-05-21] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation) ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\system32\nvshext.dll [2021-02-23] (NVIDIA Corporation -> NVIDIA Corporation) ContextMenuHandlers6: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} => -> Brak pliku ContextMenuHandlers6: [Offline Files] -> {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} => -> Brak pliku ==================== Codecs (filtrowane) ==================== ==================== Skróty & WMI ======================== ==================== Załadowane moduły (filtrowane) ============= 2021-02-18 18:02 - 2021-02-18 18:02 - 000168960 _____ () [Brak podpisu cyfrowego] C:\Program Files\WindowsApps\DolbyLaboratories.DolbyAccess_3.7.1129.0_x64__rz1tebttyb220\DAXRPCClient.dll 2021-02-18 18:02 - 2021-02-18 18:02 - 037931520 _____ () [Brak podpisu cyfrowego] C:\Program Files\WindowsApps\DolbyLaboratories.DolbyAccess_3.7.1129.0_x64__rz1tebttyb220\DolbyAccess.dll 2020-04-18 23:16 - 2020-04-18 23:16 - 001165824 _____ () [Brak podpisu cyfrowego] C:\Program Files\WindowsApps\DolbyLaboratories.DolbyAccess_3.7.1129.0_x64__rz1tebttyb220\e_sqlite3.dll 2020-12-31 23:53 - 2020-12-31 23:53 - 001144320 _____ (Dolby Laboratories, Inc.) [Brak podpisu cyfrowego] C:\Program Files\WindowsApps\DolbyLaboratories.DolbyAccess_3.7.1129.0_x64__rz1tebttyb220\DLLs\x64\DolbyAudioProcessing.dll 2021-02-07 17:29 - 2020-05-30 15:04 - 001638912 _____ (Robert Simpson, et al.) [Brak podpisu cyfrowego] C:\Program Files (x86)\Lenovo\VantageService\3.5.27.0\x64\SQLite.Interop.dll 2020-12-31 22:03 - 2020-05-30 14:58 - 001280000 _____ (Robert Simpson, et al.) [Brak podpisu cyfrowego] C:\ProgramData\Lenovo\iMController\Plugins\GenericMessagingPlugin\x86\x86\SQLite.Interop.dll 2020-06-21 13:10 - 2020-04-09 08:17 - 000944840 _____ (SQLite Development Team) [Brak podpisu cyfrowego] C:\ProgramData\Lenovo\iMController\Plugins\LenovoWiFiSecurityPlugin\x86\x86\e_sqlite3.dll 2021-01-23 18:10 - 2021-02-17 18:58 - 001282048 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [Brak podpisu cyfrowego] C:\Program Files (x86)\Origin\LIBEAY32.dll 2021-01-23 18:10 - 2021-02-17 18:58 - 000279040 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [Brak podpisu cyfrowego] C:\Program Files (x86)\Origin\ssleay32.dll 2021-01-23 18:10 - 2021-02-17 18:58 - 001611264 _____ (The Qt Company Ltd) [Brak podpisu cyfrowego] C:\Program Files (x86)\Origin\platforms\qwindows.dll 2021-02-17 18:58 - 2021-02-17 18:58 - 005487104 _____ (The Qt Company Ltd) [Brak podpisu cyfrowego] C:\Program Files (x86)\Origin\Qt5Core.dll 2021-02-17 18:58 - 2021-02-17 18:58 - 005841920 _____ (The Qt Company Ltd) [Brak podpisu cyfrowego] C:\Program Files (x86)\Origin\Qt5Gui.dll 2021-02-17 18:58 - 2021-02-17 18:58 - 001179136 _____ (The Qt Company Ltd) [Brak podpisu cyfrowego] C:\Program Files (x86)\Origin\Qt5Network.dll 2021-02-17 18:59 - 2021-02-17 18:58 - 000146432 _____ (The Qt Company Ltd) [Brak podpisu cyfrowego] C:\Program Files (x86)\Origin\Qt5WebSockets.dll 2021-02-17 18:59 - 2021-02-17 18:58 - 005089792 _____ (The Qt Company Ltd) [Brak podpisu cyfrowego] C:\Program Files (x86)\Origin\Qt5Widgets.dll 2021-02-17 18:59 - 2021-02-17 18:58 - 000184832 _____ (The Qt Company Ltd) [Brak podpisu cyfrowego] C:\Program Files (x86)\Origin\Qt5Xml.dll ==================== Alternate Data Streams (filtrowane) ======== ==================== Tryb awaryjny (filtrowane) ================== ==================== Powiązania plików (filtrowane) ================= ==================== Internet Explorer (filtrowane) ========== HKU\S-1-5-21-4095845365-3530508356-3032322834-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://lenovo17win10.msn.com/?pc=LCTE HKU\S-1-5-21-4095845365-3530508356-3032322834-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://lenovo17win10.msn.com/?pc=LCTE HKU\S-1-5-21-4095845365-3530508356-3032322834-1001\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://mystart.lenovo.com SearchScopes: HKU\S-1-5-21-4095845365-3530508356-3032322834-1001 -> DefaultScope {A4D17731-8BA1-476C-9A97-BA77C8AA9F8F} URL = SearchScopes: HKU\S-1-5-21-4095845365-3530508356-3032322834-1001 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-21-4095845365-3530508356-3032322834-1001 -> {A4D17731-8BA1-476C-9A97-BA77C8AA9F8F} URL = BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2021-02-02] (Microsoft Corporation -> Microsoft Corporation) Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2021-02-02] (Microsoft Corporation -> Microsoft Corporation) Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2021-02-02] (Microsoft Corporation -> Microsoft Corporation) Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2021-02-02] (Microsoft Corporation -> Microsoft Corporation) Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2021-02-02] (Microsoft Corporation -> Microsoft Corporation) (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru.) IE trusted site: HKU\S-1-5-21-4095845365-3530508356-3032322834-1001\...\hola.org -> hxxp://hola.org ==================== Hosts - zawartość: ========================= (Użycie dyrektywy Hosts: w fixlist spowoduje reset pliku Hosts.) 2017-03-18 22:03 - 2017-03-18 22:01 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts ==================== Inne obszary =========================== (Obecnie brak automatycznej naprawy dla tej sekcji.) HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Razer Chroma SDK\bin;C:\Program Files\Razer Chroma SDK\bin;C:\Program Files (x86)\Intel\iCLS Client\;C:\Program Files\Intel\iCLS Client\;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Windows\System32\OpenSSH\;C:\Users\endri\AppData\Local\Microsoft\WindowsApps;C:\Program Files\NVIDIA Corporation\NVIDIA NvDLISR;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;%SYSTEMROOT%\System32\OpenSSH\ HKU\S-1-5-21-4095845365-3530508356-3032322834-1001\Control Panel\Desktop\\Wallpaper -> c:\users\endri\appdata\local\packages\microsoft.windows.photos_8wekyb3d8bbwe\localstate\photosappbackground\tuscany-autumn-italy-sunset-nature-wallpaper-5120x3200.jpg DNS Servers: 192.168.1.1 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1) HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: ) Zapora systemu Windows [funkcja włączona] ==================== MSCONFIG/TASK MANAGER - Wyłączone elementy == (Załączenie wejścia w fixlist spowoduje jego usunięcie.) HKLM\...\StartupApproved\Run: => "hola" HKLM\...\StartupApproved\Run: => "Logitech Download Assistant" HKU\S-1-5-21-4095845365-3530508356-3032322834-1001\...\StartupApproved\Run: => "OneDrive" HKU\S-1-5-21-4095845365-3530508356-3032322834-1001\...\StartupApproved\Run: => "CCleaner Smart Cleaning" HKU\S-1-5-21-4095845365-3530508356-3032322834-1001\...\StartupApproved\Run: => "com.blitz.app" HKU\S-1-5-21-4095845365-3530508356-3032322834-1001\...\StartupApproved\Run: => "Steam" HKU\S-1-5-21-4095845365-3530508356-3032322834-1001\...\StartupApproved\Run: => "Discord" HKU\S-1-5-21-4095845365-3530508356-3032322834-1001\...\StartupApproved\Run: => "Flvto Youtube Downloader" HKU\S-1-5-21-4095845365-3530508356-3032322834-1001\...\StartupApproved\Run: => "TinyTake by MangoApps" HKU\S-1-5-21-4095845365-3530508356-3032322834-1001\...\StartupApproved\Run: => "launchOnStartup" HKU\S-1-5-21-4095845365-3530508356-3032322834-1001\...\StartupApproved\Run: => "ProductAuthenticationService" HKU\S-1-5-21-4095845365-3530508356-3032322834-1001\...\StartupApproved\Run: => "vidnotifier.exe" HKU\S-1-5-21-4095845365-3530508356-3032322834-1001\...\StartupApproved\Run: => "CCleanerBrowserAutoLaunch_8FE581A9260AD6C3CEA0DE19F059645D" ==================== Reguły Zapory systemu Windows (filtrowane) ================ (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) FirewallRules: [{2219D706-5D2E-4AFE-BF4C-8AC91FF0D880}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [UDP Query User{A845EDBF-B890-47F9-84D0-2FAC9A820F85}D:\steamlibrary\steamapps\common\dirty bomb\binaries\win64\shootergame-win32-shipping.exe] => (Allow) D:\steamlibrary\steamapps\common\dirty bomb\binaries\win64\shootergame-win32-shipping.exe (WarChest Limited) [Brak podpisu cyfrowego] FirewallRules: [TCP Query User{530B04C8-2F1A-4FD4-8ACC-3BD5BBCD0D30}D:\steamlibrary\steamapps\common\dirty bomb\binaries\win64\shootergame-win32-shipping.exe] => (Allow) D:\steamlibrary\steamapps\common\dirty bomb\binaries\win64\shootergame-win32-shipping.exe (WarChest Limited) [Brak podpisu cyfrowego] FirewallRules: [{B21922FB-2913-415C-8782-943559A0D54A}] => (Allow) D:\SteamLibrary\steamapps\common\Dirty Bomb\DirtyBombLauncher.exe (EasyAntiCheat Oy -> EasyAntiCheat Ltd) FirewallRules: [{5B348D97-8551-4A01-AD2A-EC97E8796EC1}] => (Allow) D:\SteamLibrary\steamapps\common\Dirty Bomb\DirtyBombLauncher.exe (EasyAntiCheat Oy -> EasyAntiCheat Ltd) FirewallRules: [{A9D1D0DC-9AA4-427F-BB28-D621A8060CDB}] => (Allow) D:\SteamLibrary\steamapps\common\Among Us\Among Us.exe () [Brak podpisu cyfrowego] FirewallRules: [{07F55435-931C-43CC-BD83-5A78545D9999}] => (Allow) D:\SteamLibrary\steamapps\common\Among Us\Among Us.exe () [Brak podpisu cyfrowego] FirewallRules: [{70B1B22D-36CB-413B-BB08-9FC9C54F74FB}] => (Allow) D:\SteamLibrary\steamapps\common\Fall Guys\FallGuys_client.exe (EasyAntiCheat Oy -> Epic Games, Inc) FirewallRules: [{00258B69-B29E-4CC3-AF8D-CB235ED3A738}] => (Allow) D:\SteamLibrary\steamapps\common\Fall Guys\FallGuys_client.exe (EasyAntiCheat Oy -> Epic Games, Inc) FirewallRules: [{DCB94514-423E-4DEC-B2EE-A502595FD0E7}] => (Allow) D:\SteamLibrary\steamapps\common\Counter-Strike Global Offensive\csgo.exe (Valve -> ) FirewallRules: [{C6A53F73-EDF3-48E7-AA93-3C0096736937}] => (Allow) D:\SteamLibrary\steamapps\common\Counter-Strike Global Offensive\csgo.exe (Valve -> ) FirewallRules: [{280A7FB8-2635-41B4-9F09-BCCE0ED94A35}] => (Allow) D:\SteamLibrary\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe (Valve -> ) FirewallRules: [{CEC3F12C-DB88-4E28-B818-DCFE54E8EEA8}] => (Allow) D:\SteamLibrary\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe (Valve -> ) FirewallRules: [{AFE7E5B1-C534-4A13-85D0-C6B56B360F57}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation) FirewallRules: [{FB14216D-171F-44FD-93D7-89EBAEB59939}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation) FirewallRules: [{787F63F0-BD29-4DED-A4EA-5A26DB65EB19}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation) FirewallRules: [{F8B746C5-D6E6-43DF-B30A-FB3D18D7C9D8}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation) FirewallRules: [UDP Query User{E6D15854-6DF5-4316-A556-CD1AF2ECC28A}C:\riot games\league of legends\game\league of legends.exe] => (Allow) C:\riot games\league of legends\game\league of legends.exe (Riot Games, Inc. -> Riot Games, Inc.) FirewallRules: [TCP Query User{A3265254-B963-4B38-BAED-911D627F5A0B}C:\riot games\league of legends\game\league of legends.exe] => (Allow) C:\riot games\league of legends\game\league of legends.exe (Riot Games, Inc. -> Riot Games, Inc.) FirewallRules: [{D00B62CB-1CF7-4CFD-BB3A-AA3DB103CD1E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Universe Sandbox 2\Universe Sandbox x64.exe () [Brak podpisu cyfrowego] FirewallRules: [{0C1AF0EB-C51F-4B87-B6DD-62E59F771700}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Universe Sandbox 2\Universe Sandbox x64.exe () [Brak podpisu cyfrowego] FirewallRules: [{DF95ED78-43E8-4B45-9765-CF301B6CEB2F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Half-Life\hl.exe (Valve -> Valve) FirewallRules: [{E0563CC9-2B6C-432F-A097-E30E54BD5328}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Half-Life\hl.exe (Valve -> Valve) FirewallRules: [{A659D8FD-3B69-49AE-A5C5-775B2E10934D}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation) FirewallRules: [{D9A7CC96-1487-4110-855C-B00D38593708}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation) FirewallRules: [UDP Query User{96E8FA4A-B533-4305-85A5-E33DC033CE54}C:\program files (x86)\origin games\apex\r5apex.exe] => (Allow) C:\program files (x86)\origin games\apex\r5apex.exe (Electronic Arts, Inc. -> Respawn Entertainment) FirewallRules: [TCP Query User{06CA8B56-6BE5-4631-8B8B-DA69620C4BC9}C:\program files (x86)\origin games\apex\r5apex.exe] => (Allow) C:\program files (x86)\origin games\apex\r5apex.exe (Electronic Arts, Inc. -> Respawn Entertainment) FirewallRules: [UDP Query User{2648EB45-7AA3-41EC-A932-F0B9AA28020C}C:\program files (x86)\starcraft ii\versions\base75689\sc2_x64.exe] => (Allow) C:\program files (x86)\starcraft ii\versions\base75689\sc2_x64.exe (Blizzard Entertainment, Inc. -> Blizzard Entertainment, Inc.) FirewallRules: [TCP Query User{4410E99B-D1BC-4B47-AF2F-4512A2190560}C:\program files (x86)\starcraft ii\versions\base75689\sc2_x64.exe] => (Allow) C:\program files (x86)\starcraft ii\versions\base75689\sc2_x64.exe (Blizzard Entertainment, Inc. -> Blizzard Entertainment, Inc.) FirewallRules: [UDP Query User{B6DD4FB1-4A16-4FAC-B9E7-D9E2768C61B5}C:\program files (x86)\starcraft ii\versions\base75025\sc2_x64.exe] => (Allow) C:\program files (x86)\starcraft ii\versions\base75025\sc2_x64.exe (Blizzard Entertainment, Inc. -> Blizzard Entertainment, Inc.) FirewallRules: [TCP Query User{38C1DBF7-FC56-4288-9206-EC989CFDD79F}C:\program files (x86)\starcraft ii\versions\base75025\sc2_x64.exe] => (Allow) C:\program files (x86)\starcraft ii\versions\base75025\sc2_x64.exe (Blizzard Entertainment, Inc. -> Blizzard Entertainment, Inc.) FirewallRules: [{7BB0203E-AE88-4098-8E18-1FC5CC54AAA7}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation) FirewallRules: [{14F20633-B6BB-4ABD-B859-F71E67927A19}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation) FirewallRules: [{6B3B8E49-54B6-438F-8D91-E568C2FAE421}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform Software Ltd) FirewallRules: [{AFB0C0AE-A8AF-46A7-B4BD-B1D1F970177C}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform Software Ltd) FirewallRules: [TCP Query User{F638F695-1C41-4D11-A88E-FB195A7E41F3}C:\program files (x86)\starcraft ii\versions\base74071\sc2_x64.exe] => (Allow) C:\program files (x86)\starcraft ii\versions\base74071\sc2_x64.exe (Blizzard Entertainment, Inc. -> Blizzard Entertainment, Inc.) FirewallRules: [UDP Query User{226F2660-F011-4337-8983-435816874814}C:\program files (x86)\starcraft ii\versions\base74071\sc2_x64.exe] => (Allow) C:\program files (x86)\starcraft ii\versions\base74071\sc2_x64.exe (Blizzard Entertainment, Inc. -> Blizzard Entertainment, Inc.) FirewallRules: [{BC914F27-9FF6-44DE-8677-384F5EFAD620}] => (Allow) C:\Program Files (x86)\Origin Games\Apex\EasyAntiCheat_launcher.exe (EasyAntiCheat Oy -> EasyAntiCheat Ltd) FirewallRules: [{7B8C7148-E92C-44D9-864D-3527594482E8}] => (Allow) C:\Program Files (x86)\Origin Games\Apex\EasyAntiCheat_launcher.exe (EasyAntiCheat Oy -> EasyAntiCheat Ltd) FirewallRules: [TCP Query User{DF09F261-EB67-4479-970A-B26463C98F1C}C:\program files (x86)\starcraft ii\versions\base83830\sc2_x64.exe] => (Allow) C:\program files (x86)\starcraft ii\versions\base83830\sc2_x64.exe (Blizzard Entertainment, Inc. -> Blizzard Entertainment, Inc.) FirewallRules: [UDP Query User{7330AB56-8D81-4C20-A1AC-0172014CE34B}C:\program files (x86)\starcraft ii\versions\base83830\sc2_x64.exe] => (Allow) C:\program files (x86)\starcraft ii\versions\base83830\sc2_x64.exe (Blizzard Entertainment, Inc. -> Blizzard Entertainment, Inc.) FirewallRules: [TCP Query User{74507F7D-EF52-4871-9F01-B39E68863FE7}C:\users\endri\appdata\local\programs\opera gx\73.0.3856.400\opera.exe] => (Block) C:\users\endri\appdata\local\programs\opera gx\73.0.3856.400\opera.exe (Opera Software AS -> Opera Software) FirewallRules: [UDP Query User{F9DCE083-EFA3-47B2-A36B-09B1BE37CD27}C:\users\endri\appdata\local\programs\opera gx\73.0.3856.400\opera.exe] => (Block) C:\users\endri\appdata\local\programs\opera gx\73.0.3856.400\opera.exe (Opera Software AS -> Opera Software) FirewallRules: [{136138E8-50E3-4471-A130-98CF60A398E3}] => (Allow) C:\Program Files (x86)\CCleaner Browser\Application\CCleanerBrowser.exe (Piriform Software Ltd -> Piriform Software) FirewallRules: [{6B73E1C1-31A1-49A4-A7C1-B22DB34B3B35}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation) FirewallRules: [{DC55412D-F4E5-477E-8ECD-7C5EC53C789B}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation) FirewallRules: [{1AD2F8F5-6C30-46D4-AD43-20E13D04E5D6}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation) FirewallRules: [{34C8250C-3B69-4152-BCB8-38DE92998BA2}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation) FirewallRules: [{6A0EB0F9-5F13-47C3-8406-DA8781873D7C}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC) ==================== Punkty Przywracania systemu ========================= 20-02-2021 20:35:42 Instalator modułów systemu Windows 27-02-2021 06:35:15 Instalator modułów systemu Windows ==================== Wadliwe urządzenia w Menedżerze urządzeń ============ ==================== Błędy w Dzienniku zdarzeń: ======================== Dziennik Aplikacja: ================== Error: (02/27/2021 11:14:47 AM) (Source: VSS) (EventID: 8193) (User: ) Description: Błąd Usługi kopiowania woluminów w tle: nieoczekiwany błąd podczas wywoływania procedury CoCreateInstance. hr = 0x8007045b, Trwa proces zamykania systemu. . Error: (02/27/2021 11:14:47 AM) (Source: VSS) (EventID: 13) (User: ) Description: Informacje Usługi kopiowania woluminów w tle: nie można uruchomić serwera usługi COM z identyfikatorem CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} i nazwą CEventSystem. [0x8007045b, Trwa proces zamykania systemu. ] Error: (02/27/2021 11:14:47 AM) (Source: VSS) (EventID: 8193) (User: ) Description: Błąd Usługi kopiowania woluminów w tle: nieoczekiwany błąd podczas wywoływania procedury CoCreateInstance. hr = 0x8007045b, Trwa proces zamykania systemu. . Error: (02/27/2021 11:14:47 AM) (Source: VSS) (EventID: 13) (User: ) Description: Informacje Usługi kopiowania woluminów w tle: nie można uruchomić serwera usługi COM z identyfikatorem CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} i nazwą CEventSystem. [0x8007045b, Trwa proces zamykania systemu. ] Error: (02/27/2021 11:14:47 AM) (Source: VSS) (EventID: 8193) (User: ) Description: Błąd Usługi kopiowania woluminów w tle: nieoczekiwany błąd podczas wywoływania procedury CoCreateInstance. hr = 0x8007045b, Trwa proces zamykania systemu. . Error: (02/27/2021 11:14:47 AM) (Source: VSS) (EventID: 13) (User: ) Description: Informacje Usługi kopiowania woluminów w tle: nie można uruchomić serwera usługi COM z identyfikatorem CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} i nazwą CEventSystem. [0x8007045b, Trwa proces zamykania systemu. ] Error: (02/27/2021 11:14:47 AM) (Source: VSS) (EventID: 8193) (User: ) Description: Błąd Usługi kopiowania woluminów w tle: nieoczekiwany błąd podczas wywoływania procedury CoCreateInstance. hr = 0x8007045b, Trwa proces zamykania systemu. . Error: (02/27/2021 11:14:47 AM) (Source: VSS) (EventID: 13) (User: ) Description: Informacje Usługi kopiowania woluminów w tle: nie można uruchomić serwera usługi COM z identyfikatorem CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} i nazwą CEventSystem. [0x8007045b, Trwa proces zamykania systemu. ] Dziennik System: ============= Error: (02/27/2021 11:14:38 AM) (Source: DCOM) (EventID: 10010) (User: ZARZĄDZANIE NT) Description: Serwer {924DC564-16A6-42EB-929A-9A61FA7DA06F} nie zarejestrował się w modelu DCOM w wymaganym czasie. Error: (02/27/2021 11:14:38 AM) (Source: DCOM) (EventID: 10010) (User: ZARZĄDZANIE NT) Description: Serwer {924DC564-16A6-42EB-929A-9A61FA7DA06F} nie zarejestrował się w modelu DCOM w wymaganym czasie. Error: (02/25/2021 09:24:25 PM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: Usługa NVIDIA LocalSystem Container niespodziewanie zakończyła pracę. Wystąpiło to razy: 1. W przeciągu 6000 milisekund zostanie podjęta następująca czynność korekcyjna: Uruchom usługę ponownie. Error: (02/25/2021 09:24:25 PM) (Source: Service Control Manager) (EventID: 7023) (User: ) Description: Usługa NVIDIA LocalSystem Container zakończyła działanie; wystąpił następujący błąd: Plik wykonywalny polecenia rodzajowego zwrócił wynik wskazujący błąd. Error: (02/25/2021 09:20:38 PM) (Source: DCOM) (EventID: 10000) (User: LAPTOP-A0T0NOL2) Description: Nie można uruchomić serwera DCOM: {0358B920-0AC7-461F-98F4-58E32CD89148}. Błąd: 2147942767 Błąd wystąpił podczas uruchamiania polecenia: C:\WINDOWS\system32\DllHost.exe /Processid:{3EB3C877-1F16-487C-9050-104DBCD66683} Error: (02/24/2021 07:52:30 PM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: Usługa Origin Web Helper Service niespodziewanie zakończyła pracę. Wystąpiło to razy: 1. Error: (02/24/2021 07:52:20 PM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: Usługa Microsoft Office-Klick-und-Los-Dienst niespodziewanie zakończyła pracę. Wystąpiło to razy: 2. W przeciągu 0 milisekund zostanie podjęta następująca czynność korekcyjna: Uruchom usługę ponownie. Error: (02/24/2021 07:51:52 PM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: Usługa Microsoft Office-Klick-und-Los-Dienst niespodziewanie zakończyła pracę. Wystąpiło to razy: 1. W przeciągu 0 milisekund zostanie podjęta następująca czynność korekcyjna: Uruchom usługę ponownie. Windows Defender: ================ Date: 2021-02-27 12:28:55 Description: Produkt Program antywirusowy Microsoft Defender wykrył złośliwe oprogramowanie lub inne potencjalnie niechciane oprogramowanie. Aby uzyskać więcej informacji, zobacz: https://go.microsoft.com/fwlink/?linkid=37020&name=App:Utorrent_BundleInstaller&threatid=290703&enterprise=0 Nazwa: App:Utorrent_BundleInstaller Identyfikator: 290703 Ważność: Niski Kategoria: Potencjalnie niechciane oprogramowanie Ścieżka: file:_C:\Users\endri\Downloads\uTorrent(1).exe Pochodzenie wykrycia: Komputer lokalny Typ wykrycia: Konkretne Źródło wykrycia: Ochrona w czasie rzeczywistym Użytkownik: LAPTOP-A0T0NOL2\endri Nazwa procesu: C:\Users\endri\AppData\Local\Temp\scoped_dir8064_198651095\FRST64.exe Wersja analizy zabezpieczeń: AV: 1.331.1939.0, AS: 1.331.1939.0, NIS: 1.331.1939.0 Wersja aparatu: AM: 1.1.17800.5, NIS: 1.1.17800.5 Date: 2021-02-26 19:54:03 Description: Skanowanie produktu Program antywirusowy Microsoft Defender zostało zatrzymane przed ukończeniem. Identyfikator skanowania: {835101C8-F15F-4B73-9515-6D1FDD1F1A8F} Typ skanowania: Narzędzia chroniące przed złośliwym oprogramowaniem Parametry skanowania: Szybkie skanowanie Użytkownik: ZARZĄDZANIE NT\SYSTEM Date: 2021-02-25 03:48:25 Description: Produkt Program antywirusowy Microsoft Defender wykrył złośliwe oprogramowanie lub inne potencjalnie niechciane oprogramowanie. Aby uzyskać więcej informacji, zobacz: https://go.microsoft.com/fwlink/?linkid=37020&name=App:Utorrent_BundleInstaller&threatid=290703&enterprise=0 Nazwa: App:Utorrent_BundleInstaller Identyfikator: 290703 Ważność: Niski Kategoria: Potencjalnie niechciane oprogramowanie Ścieżka: file:_C:\Users\endri\Downloads\uTorrent(4).exe Pochodzenie wykrycia: Komputer lokalny Typ wykrycia: Konkretne Źródło wykrycia: Ochrona w czasie rzeczywistym Użytkownik: LAPTOP-A0T0NOL2\endri Nazwa procesu: C:\Windows\explorer.exe Wersja analizy zabezpieczeń: AV: 1.331.1768.0, AS: 1.331.1768.0, NIS: 1.331.1768.0 Wersja aparatu: AM: 1.1.17800.5, NIS: 1.1.17800.5 Date: 2021-02-25 01:51:28 Description: Skanowanie produktu Program antywirusowy Microsoft Defender zostało zatrzymane przed ukończeniem. Identyfikator skanowania: {CC354A3C-CBB9-4B1C-955B-475D8D9B8CC5} Typ skanowania: Narzędzia chroniące przed złośliwym oprogramowaniem Parametry skanowania: Szybkie skanowanie Użytkownik: ZARZĄDZANIE NT\SYSTEM Date: 2021-02-23 23:32:18 Description: Produkt Program antywirusowy Microsoft Defender wykrył złośliwe oprogramowanie lub inne potencjalnie niechciane oprogramowanie. Aby uzyskać więcej informacji, zobacz: https://go.microsoft.com/fwlink/?linkid=37020&name=PUA:Win32/PiriformBundler&threatid=277517&enterprise=0 Nazwa: PUA:Win32/PiriformBundler Identyfikator: 277517 Ważność: Niski Kategoria: Potencjalnie niechciane oprogramowanie Ścieżka: containerfile:_C:\Users\endri\Downloads\ccsetup552.exe; file:_C:\Users\endri\Downloads\ccsetup552.exe; file:_C:\Users\endri\Downloads\ccsetup552.exe->(nsis-instdata) Pochodzenie wykrycia: Komputer lokalny Typ wykrycia: FastPath Źródło wykrycia: Ochrona w czasie rzeczywistym Użytkownik: LAPTOP-A0T0NOL2\endri Nazwa procesu: C:\Windows\explorer.exe Wersja analizy zabezpieczeń: AV: 1.331.1650.0, AS: 1.331.1650.0, NIS: 1.331.1650.0 Wersja aparatu: AM: 1.1.17800.5, NIS: 1.1.17800.5 Date: 2021-02-15 19:45:07 Description: Agent ochrony w czasie rzeczywistym produktu Program antywirusowy Microsoft Defender wykrył błąd i jego uruchomienie nie powiodło się. Funkcja: Przy dostępie Kod błędu: 0x80004005 Opis błędu: Nieokreślony błąd. Przyczyna: Sterownik filtru pominął skanowanie elementów i pracuje w trybie przekazywania. Może to być spowodowane niskim stanem zasobów. ==================== Statystyki pamięci =========================== BIOS: LENOVO 4GCN24WW 04/14/2017 Płyta główna: LENOVO Provence-75I Procesor: Intel(R) Core(TM) i7-7700HQ CPU @ 2.80GHz Procent pamięci w użyciu: 33% Całkowita pamięć fizyczna: 16227.16 MB Dostępna pamięć fizyczna: 10765.22 MB Całkowita pamięć wirtualna: 18659.16 MB Dostępna pamięć wirtualna: 11492.01 MB ==================== Dyski ================================ Drive c: (Windows) (Fixed) (Total:212.23 GB) (Free:37.14 GB) NTFS Drive d: (DATA) (Fixed) (Total:931.39 GB) (Free:843.57 GB) NTFS Drive e: (LENOVO) (Fixed) (Total:25 GB) (Free:24.94 GB) NTFS \\?\Volume{176a0d07-e383-43a8-a7b1-cc7d09e0f69f}\ (WINRE_DRV) (Fixed) (Total:0.98 GB) (Free:0.43 GB) NTFS \\?\Volume{abd6fab4-2c49-4533-b977-11ea3f52ecb9}\ (SYSTEM_DRV) (Fixed) (Total:0.25 GB) (Free:0.22 GB) FAT32 ==================== MBR & Tablica partycji ==================== ========================================================== Disk: 0 (Size: 931.5 GB) (Disk ID: 87FD3954) Partition: GPT. ========================================================== Disk: 1 (Size: 238.5 GB) (Disk ID: B8CF82AD) Partition: GPT. ==================== Koniec Addition.txt =======================