Guest User

Addition.txt

a guest
Jan 18th, 2022
24
Never
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
  1. Rezultaty skanu uzupełniającego Farbar Recovery Scan Tool (x64) Wersja: 15-01-2022
  2. Uruchomiony przez pc (18-01-2022 22:25:43)
  3. Uruchomiony z C:\Users\pc\Downloads
  4. Microsoft Windows 10 Home Wersja 21H1 19043.1466 (X64) (2020-09-27 07:03:55)
  5. Tryb startu: Normal
  6. ==========================================================
  7.  
  8.  
  9. ==================== Konta użytkowników: =============================
  10.  
  11.  
  12. (Załączenie wejścia w fixlist spowoduje jego usunięcie.)
  13.  
  14. Administrator (S-1-5-21-1789183414-2172948479-87873014-500 - Administrator - Disabled)
  15. Gość (S-1-5-21-1789183414-2172948479-87873014-501 - Limited - Disabled)
  16. Konto domyślne (S-1-5-21-1789183414-2172948479-87873014-503 - Limited - Disabled)
  17. pc (S-1-5-21-1789183414-2172948479-87873014-1001 - Administrator - Enabled) => C:\Users\pc
  18. WDAGUtilityAccount (S-1-5-21-1789183414-2172948479-87873014-504 - Limited - Disabled)
  19.  
  20. ==================== Centrum zabezpieczeń ========================
  21.  
  22. (Załączenie wejścia w fixlist spowoduje jego usunięcie.)
  23.  
  24. AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
  25. AV: Malwarebytes (Enabled - Up to date) {23007AD3-69FE-687C-2629-D584AFFAF72B}
  26.  
  27. ==================== Zainstalowane programy ======================
  28.  
  29. (W fixlist dozwolone tylko załączanie programów adware z flagą "Hidden" w celu ich uwidocznienia. Programy adware powinny zostać w poprawny sposób odinstalowane.)
  30.  
  31. µTorrent (HKU\S-1-5-21-1789183414-2172948479-87873014-1001\...\uTorrent) (Version: 3.5.5.46096 - BitTorrent Inc.)
  32. Adobe Acrobat DC (64-bit) (HKLM\...\{AC76BA86-1045-1033-7760-BC15014EA700}) (Version: 21.011.20039 - Adobe)
  33. ContentMod3.0 (HKLM-x32\...\ContentMod_3.0) (Version: - )
  34. DAEMON Tools Lite (HKLM\...\DAEMON Tools Lite) (Version: 11.0.0.1932 - Disc Soft Ltd)
  35. Discord (HKU\S-1-5-21-1789183414-2172948479-87873014-1001\...\Discord) (Version: 1.0.9003 - Discord Inc.)
  36. Epic Games Launcher (HKLM-x32\...\{30C7A3B1-644C-423F-AB2C-743E007A84EC}) (Version: 1.3.0.0 - Epic Games, Inc.)
  37. Epic Games Launcher Prerequisites (x64) (HKLM\...\{F9C5C994-F6B9-4D75-B3E7-AD01B84073E9}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
  38. Epic Online Services (HKLM-x32\...\{32C68D93-D32F-4B01-8250-61642BFC22F8}) (Version: 2.0.28.0 - Epic Games, Inc.)
  39. FACEIT (HKU\S-1-5-21-1789183414-2172948479-87873014-1001\...\FACEIT) (Version: 1.31.5 - FACEIT Ltd.)
  40. FACEIT Anti-Cheat (HKLM\...\{1419E44C-0EF4-4822-9194-9F1A4D43973D}_is1) (Version: 2.0 - FACEIT LTD)
  41. Gothic (HKLM-x32\...\{758A4269-70E5-4B11-B419-F692882408A9}) (Version: 1.08 - Piranha Bytes)
  42. Gothic 3 - Quest Pack 4 PL (HKLM-x32\...\Gothic 3 - Quest Pack 4 PL) (Version: 4.2.1.75 - RobeN & G3 Community)
  43. Gothic II Złota Edycja (HKLM-x32\...\{6FB6D550-DDC4-4996-9CDF-91C34F0A4C4A}) (Version: 2.6 - JoWood)
  44. Gothic III (HKLM-x32\...\{02B244A2-7F6A-42E8-A36F-8C385D7A1625}) (Version: 1.00.0000 - JoWooD Productions Software AG)
  45. Gothic_Patch (HKLM-x32\...\{302AC480-43D2-11D5-A818-00500435FC18}) (Version: - )
  46. GOTHIC1 - Wersja klasyczna - 'Pakiet systemowy' (HKLM-x32\...\GOTHIC1 - Wersja klasyczna - 'Pakiet systemowy') (Version: 1.8 - World of Gothic RU © 2019)
  47. GOTHIC2 - Noc Kruka - 'Pakiet systemowy' (HKLM-x32\...\GOTHIC2 - Noc Kruka - 'Pakiet systemowy') (Version: 1.8 - World of Gothic RU © 2019)
  48. GTA San Andreas (HKLM-x32\...\{D417C96A-FCC7-4590-A1BB-FAF73F5BC98E}) (Version: 1.00.00001 - Rockstar Games)
  49. IrfanView 4.58 (64-bit) (HKLM\...\IrfanView64) (Version: 4.58 - Irfan Skiljan)
  50. Jed's Half-Life Model Viewer 1.3.6 (HKLM-x32\...\Jed's Half-Life Model Viewer) (Version: 1.3.6 - wunderboy.org)
  51. Launcher Prerequisites (x64) (HKLM-x32\...\{43a03b9c-4770-409c-a999-587b60700b63}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
  52. Malwarebytes version 4.5.0.152 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 4.5.0.152 - Malwarebytes)
  53. Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 97.0.1072.62 - Microsoft Corporation)
  54. Microsoft Office Enterprise 2007 (HKLM-x32\...\ENTERPRISE) (Version: 12.0.4518.1014 - Microsoft Corporation)
  55. Microsoft Teams (HKU\S-1-5-21-1789183414-2172948479-87873014-1001\...\Teams) (Version: 1.4.00.32771 - Microsoft Corporation)
  56. Microsoft Update Health Tools (HKLM\...\{29B15818-E79F-4AB0-8938-9410C807AD76}) (Version: 2.84.0.0 - Microsoft Corporation)
  57. Microsoft Visual C++ 2005 Redistributable - x64 8.0.61000 (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
  58. Microsoft Visual C++ 2005 Redistributable - x86 8.0.61001 (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
  59. Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
  60. Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
  61. Microsoft Visual C++ 2010 Redistributable - x64 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
  62. Microsoft Visual C++ 2010 Redistributable - x86 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
  63. Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{a2199617-3609-410f-a8e8-e8806c73545b}) (Version: 11.0.61030.0 - Корпорация Майкрософт)
  64. Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{f0080ca2-80ae-4958-b6eb-e8fa916d744a}) (Version: 11.0.61030.0 - Корпорация Майкрософт)
  65. Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40660 (HKLM-x32\...\{0513c9cf-7191-45a7-ace9-ecdad03c93a4}) (Version: 12.0.40660.0 - Корпорация Майкрософт)
  66. Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40664 (HKLM-x32\...\{49e969a1-2990-464d-92b5-25f6f34573c6}) (Version: 12.0.40664.0 - Корпорация Майкрософт)
  67. Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.40660 (HKLM-x32\...\{10dc8dbf-d3d7-4e23-be07-120fe5c66b78}) (Version: 12.0.40660.0 - Корпорация Майкрософт)
  68. Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.40664 (HKLM-x32\...\{d2c8df0e-f15d-4426-9e51-f13f329f9cb4}) (Version: 12.0.40664.0 - Корпорация Майкрософт)
  69. Microsoft Visual C++ 2015-2019 Redistributable (x64) - 14.28.29334 (HKLM-x32\...\{a9cfe9c7-e54f-46cd-9c5c-542ff8e3e8c4}) (Version: 14.28.29334.0 - Microsoft Corporation)
  70. Microsoft Visual C++ 2015-2019 Redistributable (x86) - 14.29.30037 (HKLM-x32\...\{dfea0fad-88b2-4a1f-8536-3f8f9391f4ef}) (Version: 14.29.30037.0 - Microsoft Corporation)
  71. Mozilla Firefox (x64 pl) (HKLM\...\Mozilla Firefox 91.0.1 (x64 pl)) (Version: 91.0.1 - Mozilla)
  72. Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 91.0.1 - Mozilla)
  73. MP3Studio YouTube Downloader (HKLM-x32\...\{3AB59E5E-AADB-4F45-8741-DCA2BDF0F1DD}) (Version: 2.0.10.0 - MP3Studio/) Hidden
  74. MP3Studio YouTube Downloader (HKLM-x32\...\{a17fa95e-ee4e-4c87-b026-5a550246b3a2}) (Version: 2.0.10.0 - MP3Studio)
  75. NVIDIA FrameView SDK 1.2.4999.30397803 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_FrameViewSdk) (Version: 1.2.4999.30397803 - NVIDIA Corporation)
  76. NVIDIA GeForce Experience 3.24.0.126 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.24.0.126 - NVIDIA Corporation)
  77. NVIDIA Sterownik graficzny 457.51 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 457.51 - NVIDIA Corporation)
  78. OBS Studio (HKLM-x32\...\OBS Studio) (Version: 27.1.3 - OBS Project)
  79. Opera GX Stable 82.0.4227.50 (HKU\S-1-5-21-1789183414-2172948479-87873014-1001\...\Opera GX 82.0.4227.50) (Version: 82.0.4227.50 - Opera Software)
  80. Oprogramowanie mikroukładu Intel® (HKLM-x32\...\{44ded3eb-1686-46a6-9770-fd79096c29f7}) (Version: 10.1.1.45 - Intel(R) Corporation) Hidden
  81. Overwolf (HKLM-x32\...\Overwolf) (Version: 0.188.0.22 - Overwolf Ltd.)
  82. Prince of Persia The Two Thrones (HKLM-x32\...\GOGPACKPOPTTT_is1) (Version: 2.0.0.5 - GOG.com)
  83. RisingHUB (wersja 4.2) (HKLM-x32\...\{F1FAED2D-A70D-40E5-9C92-146F30F8E004}_is1) (Version: 4.2 - Risinghub | John)
  84. RocketDock 1.3.5 (HKLM-x32\...\RocketDock_is1) (Version: - Punk Software)
  85. Rockstar Games Launcher (HKLM-x32\...\Rockstar Games Launcher) (Version: 1.0.48.510 - Rockstar Games)
  86. Rockstar Games Social Club (HKLM-x32\...\Rockstar Games Social Club) (Version: 2.0.9.3 - Rockstar Games)
  87. Sprawdzanie kondycji komputera z systemem Windows (HKLM\...\{497ED226-5E88-4EC5-9340-373B1C56906F}) (Version: 3.2.2110.14001 - Microsoft Corporation)
  88. TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.5.6 - TeamSpeak Systems GmbH)
  89. U.GG (HKU\S-1-5-21-1789183414-2172948479-87873014-1001\...\Overwolf_edoaelkdajnifpnkdfillhjpaimimibflhkhjngh) (Version: 1.1.21 - Overwolf app)
  90. VALORANT (HKU\S-1-5-21-1789183414-2172948479-87873014-1001\...\Riot Game valorant.live) (Version: - Riot Games, Inc)
  91. VLC media player (HKLM\...\VLC media player) (Version: 3.0.16 - VideoLAN)
  92. WinRAR 6.02 (64-bitowy) (HKLM\...\WinRAR archiver) (Version: 6.02.0 - win.rar GmbH)
  93.  
  94. Packages:
  95. =========
  96. Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2021-08-18] (Microsoft Corporation) [MS Ad]
  97. Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2021-08-18] (Microsoft Corporation) [MS Ad]
  98. Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.12.1050.0_x64__8wekyb3d8bbwe [2022-01-08] (Microsoft Studios) [MS Ad]
  99. NVIDIA Control Panel -> C:\Program Files\WindowsApps\NVIDIACorp.NVIDIAControlPanel_8.1.962.0_x64__56jybvy8sckqj [2022-01-18] (NVIDIA Corp.)
  100.  
  101. ==================== Niestandardowe rejestracje CLSID (filtrowane): ==============
  102.  
  103. (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.)
  104.  
  105. CustomCLSID: HKU\S-1-5-21-1789183414-2172948479-87873014-1001_Classes\CLSID\{19A6E644-14E6-4A60-B8D7-DD20610A871D}\InprocServer32 -> C:\Users\pc\AppData\Local\Microsoft\TeamsMeetingAddin\1.0.21264.3\x64\Microsoft.Teams.AddinLoader.dll (Microsoft Corporation -> Microsoft Corporation)
  106. CustomCLSID: HKU\S-1-5-21-1789183414-2172948479-87873014-1001_Classes\CLSID\{1BF42E4C-4AF4-4CFD-A1A0-CF2960B8F63E}\InprocServer32 -> C:\Users\pc\AppData\Local\Microsoft\OneDrive\21.245.1128.0002\FileSyncShell64.dll => Brak pliku
  107. CustomCLSID: HKU\S-1-5-21-1789183414-2172948479-87873014-1001_Classes\CLSID\{20894375-46AE-46E2-BAFD-CB38975CDCE6}\InprocServer32 -> C:\Users\pc\AppData\Local\Microsoft\OneDrive\21.245.1128.0002\FileSyncShell64.dll => Brak pliku
  108. CustomCLSID: HKU\S-1-5-21-1789183414-2172948479-87873014-1001_Classes\CLSID\{47E6DCAF-41F8-441C-BD0E-A50D5FE6C4D1}\localserver32 -> "C:\Users\pc\AppData\Local\Microsoft\OneDrive\21.245.1128.0002\Microsoft.SharePoint.exe" => Brak pliku
  109. CustomCLSID: HKU\S-1-5-21-1789183414-2172948479-87873014-1001_Classes\CLSID\{7AFDFDDB-F914-11E4-8377-6C3BE50D980C}\InprocServer32 -> C:\Users\pc\AppData\Local\Microsoft\OneDrive\21.245.1128.0002\FileSyncShell64.dll => Brak pliku
  110. CustomCLSID: HKU\S-1-5-21-1789183414-2172948479-87873014-1001_Classes\CLSID\{82CA8DE3-01AD-4CEA-9D75-BE4C51810A9E}\InprocServer32 -> C:\Users\pc\AppData\Local\Microsoft\OneDrive\21.245.1128.0002\FileSyncShell64.dll => Brak pliku
  111. CustomCLSID: HKU\S-1-5-21-1789183414-2172948479-87873014-1001_Classes\CLSID\{917E8742-AA3B-7318-FA12-10485FB322A2}\localserver32 -> "C:\Users\pc\AppData\Local\Microsoft\OneDrive\21.245.1128.0002\Microsoft.SharePoint.exe" => Brak pliku
  112. ShellExecuteHooks-x32: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2210608 2006-10-26] (Microsoft Corporation -> Microsoft Corporation)
  113. ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2021-06-15] (win.rar GmbH -> Alexander Roshal)
  114. ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2021-06-15] (win.rar GmbH -> Alexander Roshal)
  115. ContextMenuHandlers2: [DaemonShellExtDriveLite] -> {C06369D6-E77D-4626-9656-1256312BD576} => C:\Program Files\DAEMON Tools Lite\dtshl64.dll [2021-12-08] (AVB Disc Soft, SIA -> Disc Soft Ltd)
  116. ContextMenuHandlers3: [DaemonShellExtImageLite] -> {1D1B5D7B-0FC9-452E-902C-12BACD4FBC20} => C:\Program Files\DAEMON Tools Lite\dtshl64.dll [2021-12-08] (AVB Disc Soft, SIA -> Disc Soft Ltd)
  117. ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2022-01-17] (Malwarebytes Corporation -> Malwarebytes)
  118. ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\Windows\System32\DriverStore\FileRepository\nvmd.inf_amd64_1408eaf9a25ed64f\nvshext.dll [2020-12-02] (NVIDIA Corporation -> NVIDIA Corporation)
  119. ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2022-01-17] (Malwarebytes Corporation -> Malwarebytes)
  120. ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2021-06-15] (win.rar GmbH -> Alexander Roshal)
  121. ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2021-06-15] (win.rar GmbH -> Alexander Roshal)
  122.  
  123. ==================== Codecs (filtrowane) ====================
  124.  
  125. ==================== Skróty & WMI ========================
  126.  
  127. ==================== Załadowane moduły (filtrowane) =============
  128.  
  129. 2021-08-19 17:40 - 2007-09-02 12:57 - 000069632 _____ () [Brak podpisu cyfrowego] C:\Program Files (x86)\RocketDock\RocketDock.dll
  130.  
  131. ==================== Alternate Data Streams (filtrowane) ========
  132.  
  133. ==================== Tryb awaryjny (filtrowane) ==================
  134.  
  135. (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Wartość "AlternateShell" zostanie przywrócona.)
  136.  
  137. HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
  138. HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
  139.  
  140. ==================== Powiązania plików (filtrowane) =================
  141.  
  142. ==================== Internet Explorer (filtrowane) ==========
  143.  
  144. BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2006-10-26] (Microsoft Corporation -> Microsoft Corporation)
  145.  
  146. (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru.)
  147.  
  148. IE trusted site: HKU\S-1-5-21-1789183414-2172948479-87873014-1001\...\localhost -> localhost
  149. IE trusted site: HKU\S-1-5-21-1789183414-2172948479-87873014-1001\...\webcompanion.com -> hxxp://webcompanion.com
  150.  
  151. ==================== Hosts - zawartość: =========================
  152.  
  153. (Użycie dyrektywy Hosts: w fixlist spowoduje reset pliku Hosts.)
  154.  
  155. 2019-12-07 10:14 - 2022-01-18 02:17 - 000002820 _____ C:\Windows\system32\drivers\etc\hosts
  156. 0.0.0.0 choice.microsoft.com
  157. 0.0.0.0 choice.microsoft.com.nstac.net
  158. 0.0.0.0 df.telemetry.microsoft.com
  159. 0.0.0.0 oca.telemetry.microsoft.com
  160. 0.0.0.0 oca.telemetry.microsoft.com.nsatc.net
  161. 0.0.0.0 redir.metaservices.microsoft.com
  162. 0.0.0.0 reports.wes.df.telemetry.microsoft.com
  163. 0.0.0.0 services.wes.df.telemetry.microsoft.com
  164. 0.0.0.0 settings-sandbox.data.microsoft.com
  165. 0.0.0.0 settings-win.data.microsoft.com
  166. 0.0.0.0 sqm.df.telemetry.microsoft.com
  167. 0.0.0.0 sqm.telemetry.microsoft.com
  168. 0.0.0.0 sqm.telemetry.microsoft.com.nsatc.net
  169. 0.0.0.0 telecommand.telemetry.microsoft.com
  170. 0.0.0.0 telecommand.telemetry.microsoft.com.nsatc.net
  171. 0.0.0.0 telemetry.appex.bing.net
  172. 0.0.0.0 telemetry.microsoft.com
  173. 0.0.0.0 telemetry.urs.microsoft.com
  174. 0.0.0.0 vortex-sandbox.data.microsoft.com
  175. 0.0.0.0 vortex-win.data.microsoft.com
  176. 0.0.0.0 vortex.data.microsoft.com
  177. 0.0.0.0 watson.telemetry.microsoft.com
  178. 0.0.0.0 watson.telemetry.microsoft.com.nsatc.net
  179. 0.0.0.0 watson.ppe.telemetry.microsoft.com
  180. 0.0.0.0 wes.df.telemetry.microsoft.com
  181. 0.0.0.0 vortex-bn2.metron.live.com.nsatc.net
  182. 0.0.0.0 vortex-cy2.metron.live.com.nsatc.net
  183. 0.0.0.0 watson.live.com
  184. 0.0.0.0 watson.microsoft.com
  185. 0.0.0.0 feedback.search.microsoft.com
  186.  
  187. ==================== Inne obszary ===========================
  188.  
  189. (Obecnie brak automatycznej naprawy dla tej sekcji.)
  190.  
  191. HKU\S-1-5-21-1789183414-2172948479-87873014-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\pc\Desktop\cmaz.png.3d736a125192c67b4e352a62bf6d12c2.png.b5763efa0fb336ba785cb4389933b6e0.png
  192. DNS Servers: 192.168.1.1
  193. HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
  194. HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: )
  195. Zapora systemu Windows [funkcja włączona]
  196.  
  197. ==================== MSCONFIG/TASK MANAGER - Wyłączone elementy ==
  198.  
  199. ==================== Reguły Zapory systemu Windows (filtrowane) ================
  200.  
  201. (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.)
  202.  
  203. FirewallRules: [{8038827B-B531-4E7C-BC49-FD0B7094FCC2}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
  204. FirewallRules: [{6DB60B3F-951D-4960-923B-F972A708A4DB}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
  205. FirewallRules: [{D909EA27-6A0B-475C-A54E-8F8AF660E4F3}] => (Allow) F:\Gry\Steam\steam.exe (Valve Corp. -> Valve Corporation)
  206. FirewallRules: [{EFEC935F-983B-463A-97E7-7C68DED27800}] => (Allow) F:\Gry\Steam\steam.exe (Valve Corp. -> Valve Corporation)
  207. FirewallRules: [{EC8DCE81-73E8-40E9-870D-C341651AA8F4}] => (Allow) F:\Gry\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corp. -> Valve Corporation)
  208. FirewallRules: [{B29EB8AC-CFAB-4120-8BD8-5CA1296BCC22}] => (Allow) F:\Gry\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corp. -> Valve Corporation)
  209. FirewallRules: [{211EFA0C-75C4-4346-8C70-FF0D2DBA5D4A}] => (Allow) F:\Gry\Steam\steamapps\common\Team Fortress 2\hl2.exe (Valve -> )
  210. FirewallRules: [{0021CCFA-AF15-4B13-B074-9DF27FE48986}] => (Allow) F:\Gry\Steam\steamapps\common\Team Fortress 2\hl2.exe (Valve -> )
  211. FirewallRules: [{83748E7F-173D-4A01-A3C8-EC0F98CD2D61}] => (Allow) F:\Gry\Steam\steamapps\common\Half-Life\hl.exe (Valve -> Valve)
  212. FirewallRules: [{C4339A5C-1656-4665-93B5-4F78BAD2EE84}] => (Allow) F:\Gry\Steam\steamapps\common\Half-Life\hl.exe (Valve -> Valve)
  213. FirewallRules: [{3319AAEA-8ED2-4E45-A98F-040FB87B3957}] => (Allow) F:\Gry\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe (Valve Corp. -> )
  214. FirewallRules: [{A570767A-F6B0-4F0A-8210-83B8CA5C7BD4}] => (Allow) F:\Gry\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe (Valve Corp. -> )
  215. FirewallRules: [TCP Query User{76DDBA30-A009-4DCD-A191-4CFB0E9705D5}C:\users\pc\appdata\local\programs\opera gx\78.0.4093.153\opera.exe] => (Allow) C:\users\pc\appdata\local\programs\opera gx\78.0.4093.153\opera.exe => Brak pliku
  216. FirewallRules: [UDP Query User{45371DD2-9914-4EA7-9688-30BA077CA126}C:\users\pc\appdata\local\programs\opera gx\78.0.4093.153\opera.exe] => (Allow) C:\users\pc\appdata\local\programs\opera gx\78.0.4093.153\opera.exe => Brak pliku
  217. FirewallRules: [TCP Query User{B58B1759-F76B-4994-AEF7-3E0E3598BEEC}F:\gry\jowood\gothic ii\_work\tools\zspy\zspy.exe] => (Allow) F:\gry\jowood\gothic ii\_work\tools\zspy\zspy.exe => Brak pliku
  218. FirewallRules: [UDP Query User{5AD612E7-3EC6-4C2A-9D99-247BC513D701}F:\gry\jowood\gothic ii\_work\tools\zspy\zspy.exe] => (Allow) F:\gry\jowood\gothic ii\_work\tools\zspy\zspy.exe => Brak pliku
  219. FirewallRules: [TCP Query User{ABA14CBE-6FE5-45B2-B57B-A1AF1B4D5C3C}C:\users\pc\appdata\local\programs\opera gx\78.0.4093.186\opera.exe] => (Allow) C:\users\pc\appdata\local\programs\opera gx\78.0.4093.186\opera.exe => Brak pliku
  220. FirewallRules: [UDP Query User{8A3B13C2-1BA5-4F24-982D-ADC69C4124F1}C:\users\pc\appdata\local\programs\opera gx\78.0.4093.186\opera.exe] => (Allow) C:\users\pc\appdata\local\programs\opera gx\78.0.4093.186\opera.exe => Brak pliku
  221. FirewallRules: [{2E56A4A2-74E6-43E8-AD4C-020F09831C64}] => (Allow) C:\Users\pc\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
  222. FirewallRules: [{2143713E-BCAF-4D8E-A696-C4851474D356}] => (Allow) C:\Users\pc\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
  223. FirewallRules: [TCP Query User{854AAF2B-3565-4232-A2F7-C447E7F7438D}C:\users\pc\appdata\local\programs\opera gx\78.0.4093.214\opera.exe] => (Block) C:\users\pc\appdata\local\programs\opera gx\78.0.4093.214\opera.exe => Brak pliku
  224. FirewallRules: [UDP Query User{D165A9B4-DCB5-4C12-815F-DAD880E9E134}C:\users\pc\appdata\local\programs\opera gx\78.0.4093.214\opera.exe] => (Block) C:\users\pc\appdata\local\programs\opera gx\78.0.4093.214\opera.exe => Brak pliku
  225. FirewallRules: [TCP Query User{81DA2C21-0B8C-489A-B006-920B5773AE47}C:\users\pc\appdata\local\programs\opera gx\opera.exe] => (Allow) C:\users\pc\appdata\local\programs\opera gx\opera.exe (Opera Software AS -> Opera Software)
  226. FirewallRules: [UDP Query User{8DF45099-03C2-4AE6-8DAA-D023DB0C2C4E}C:\users\pc\appdata\local\programs\opera gx\opera.exe] => (Allow) C:\users\pc\appdata\local\programs\opera gx\opera.exe (Opera Software AS -> Opera Software)
  227. FirewallRules: [TCP Query User{B2CABCBD-7224-4D71-B199-D9963C9BFEAF}D:\gry\epic games\gtav\gtav\gta5.exe] => (Block) D:\gry\epic games\gtav\gtav\gta5.exe (Rockstar Games, Inc. -> Rockstar Games)
  228. FirewallRules: [UDP Query User{FE6F57EF-6A05-4FDB-8A77-8D5795E8C23C}D:\gry\epic games\gtav\gtav\gta5.exe] => (Block) D:\gry\epic games\gtav\gtav\gta5.exe (Rockstar Games, Inc. -> Rockstar Games)
  229. FirewallRules: [TCP Query User{B15D4176-4BB1-4D96-B23B-030F3BE6D00A}C:\users\pc\appdata\local\programs\opera gx\opera.exe] => (Allow) C:\users\pc\appdata\local\programs\opera gx\opera.exe (Opera Software AS -> Opera Software)
  230. FirewallRules: [UDP Query User{25985752-7365-4895-9D26-B7CC131BE849}C:\users\pc\appdata\local\programs\opera gx\opera.exe] => (Allow) C:\users\pc\appdata\local\programs\opera gx\opera.exe (Opera Software AS -> Opera Software)
  231. FirewallRules: [TCP Query User{B42B154C-5F55-4251-B401-B83590D46544}D:\gry\epic games\gtav\gtav\gta5.exe] => (Allow) D:\gry\epic games\gtav\gtav\gta5.exe (Rockstar Games, Inc. -> Rockstar Games)
  232. FirewallRules: [UDP Query User{EC13A7F0-D409-4BFE-811F-E7F344CE7E56}D:\gry\epic games\gtav\gtav\gta5.exe] => (Allow) D:\gry\epic games\gtav\gtav\gta5.exe (Rockstar Games, Inc. -> Rockstar Games)
  233. FirewallRules: [TCP Query User{989F406F-BB75-4E7A-93C7-5A6550E0F134}D:\riot games\riot client\riotclientservices.exe] => (Block) D:\riot games\riot client\riotclientservices.exe (Riot Games, Inc. -> Riot Games, Inc.)
  234. FirewallRules: [UDP Query User{91B421CE-089D-4C5F-B103-7B0BBAEEE591}D:\riot games\riot client\riotclientservices.exe] => (Block) D:\riot games\riot client\riotclientservices.exe (Riot Games, Inc. -> Riot Games, Inc.)
  235. FirewallRules: [{D2BD1E6F-B314-4245-BB49-B8A19C6EDF96}] => (Allow) C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe => Brak pliku
  236. FirewallRules: [{E6AF91B9-F6F1-47DA-A41E-73BCBDAE3785}] => (Allow) C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe => Brak pliku
  237. FirewallRules: [{9528F4B1-F4CE-42D2-916F-2D7CDA2C2CDF}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.79.95.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
  238. FirewallRules: [{ABADB40E-F515-4E03-8D93-842FD9F4BE2E}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.79.95.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
  239. FirewallRules: [{8ECD221E-5A90-4EAC-80ED-4403972D4CBD}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.79.95.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
  240. FirewallRules: [{866FE8C6-1CF1-4F4B-8BFE-5AB08954055B}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.79.95.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
  241. FirewallRules: [{EBE5C434-4B7B-4D4A-9BAE-9AE5D8D523B4}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
  242. FirewallRules: [{AF83A933-9318-4463-9A16-A928A9DD0A51}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
  243. FirewallRules: [{8F4A6461-B083-400A-B3A9-CD7398AF31CA}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
  244. FirewallRules: [{9519FD33-4A5A-4ED8-991B-C9C4B655B88A}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
  245. FirewallRules: [{4C2EF2C9-19DF-4279-AB55-A187104BA648}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (Nvidia Corporation -> NVIDIA Corporation)
  246. FirewallRules: [{3E26275F-7B8C-4FBF-8C05-4D15B12340BE}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (Nvidia Corporation -> NVIDIA Corporation)
  247. FirewallRules: [TCP Query User{C8237A40-22C6-4214-A6B7-BCD788EAB3AA}C:\users\pc\appdata\local\microsoft\teams\current\teams.exe] => (Allow) C:\users\pc\appdata\local\microsoft\teams\current\teams.exe (Microsoft Corporation -> Microsoft Corporation)
  248. FirewallRules: [UDP Query User{E759511F-7F98-47C7-B820-864FB9ABB87F}C:\users\pc\appdata\local\microsoft\teams\current\teams.exe] => (Allow) C:\users\pc\appdata\local\microsoft\teams\current\teams.exe (Microsoft Corporation -> Microsoft Corporation)
  249. FirewallRules: [{48195D6F-B028-4B04-818E-38D5970DF772}] => (Allow) C:\Program Files (x86)\Overwolf\0.187.1.13\OverwolfBrowser.exe => Brak pliku
  250. FirewallRules: [{438DABC5-A30D-4776-B3BB-638AD50DD695}] => (Allow) C:\Program Files (x86)\Overwolf\0.187.1.13\OverwolfBrowser.exe => Brak pliku
  251. FirewallRules: [{EB524667-3898-4EA7-91BA-5DC22AF8445B}] => (Block) C:\Program Files (x86)\Overwolf\0.187.1.13\OverwolfBrowser.exe => Brak pliku
  252. FirewallRules: [{1F2FACE5-0B03-4B32-8625-D7CA583781A9}] => (Block) C:\Program Files (x86)\Overwolf\0.187.1.13\OverwolfBrowser.exe => Brak pliku
  253. FirewallRules: [{6F06451E-A2F6-49A8-8692-0AC1A58089C0}] => (Allow) C:\Program Files (x86)\Overwolf\0.185.0.12\OverwolfBrowser.exe (Overwolf Ltd -> Overwolf LTD)
  254. FirewallRules: [{584FB63D-8EB1-43F7-B00E-AB03CB2479A6}] => (Allow) C:\Program Files (x86)\Overwolf\0.185.0.12\OverwolfBrowser.exe (Overwolf Ltd -> Overwolf LTD)
  255. FirewallRules: [{0A4BEF30-AEAE-4D4F-B5E6-290DDF10DCE7}] => (Block) C:\Program Files (x86)\Overwolf\0.185.0.12\OverwolfBrowser.exe (Overwolf Ltd -> Overwolf LTD)
  256. FirewallRules: [{FD9829FF-7585-4316-9667-D9615CCCEBB2}] => (Block) C:\Program Files (x86)\Overwolf\0.185.0.12\OverwolfBrowser.exe (Overwolf Ltd -> Overwolf LTD)
  257. FirewallRules: [{D51A13BD-E9A5-4510-8346-306E66287E68}] => (Allow) C:\Program Files (x86)\Overwolf\0.188.0.22\OverwolfBrowser.exe (Overwolf Ltd -> Overwolf LTD)
  258. FirewallRules: [{4FACA84B-1586-4C89-9671-3B439C7CB24C}] => (Allow) C:\Program Files (x86)\Overwolf\0.188.0.22\OverwolfBrowser.exe (Overwolf Ltd -> Overwolf LTD)
  259. FirewallRules: [{EE4EA177-2092-4D13-92AB-BFAC1F24C213}] => (Block) C:\Program Files (x86)\Overwolf\0.188.0.22\OverwolfBrowser.exe (Overwolf Ltd -> Overwolf LTD)
  260. FirewallRules: [{6304AB8E-E85F-4AA2-A860-618EEABFEB91}] => (Block) C:\Program Files (x86)\Overwolf\0.188.0.22\OverwolfBrowser.exe (Overwolf Ltd -> Overwolf LTD)
  261.  
  262. ==================== Punkty Przywracania systemu =========================
  263.  
  264.  
  265. ==================== Wadliwe urządzenia w Menedżerze urządzeń ============
  266.  
  267. Name: Standardowa klawiatura PS/2
  268. Description: Standardowa klawiatura PS/2
  269. Class Guid: {4d36e96b-e325-11ce-bfc1-08002be10318}
  270. Manufacturer: (Klawiatury standardowe)
  271. Service: i8042prt
  272. Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
  273. Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
  274. Devices stay in this state if they have been prepared for removal.
  275. After you remove the device, this error disappears.Remove the device, and this error should be resolved.
  276.  
  277. Name: Mysz Microsoft PS/2
  278. Description: Mysz Microsoft PS/2
  279. Class Guid: {4d36e96f-e325-11ce-bfc1-08002be10318}
  280. Manufacturer: Microsoft
  281. Service: i8042prt
  282. Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
  283. Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
  284. Devices stay in this state if they have been prepared for removal.
  285. After you remove the device, this error disappears.Remove the device, and this error should be resolved.
  286.  
  287.  
  288. ==================== Błędy w Dzienniku zdarzeń: ========================
  289.  
  290. Dziennik Aplikacja:
  291. ==================
  292. Error: (01/18/2022 10:04:50 PM) (Source: Application Error) (EventID: 1000) (User: )
  293. Description: Nazwa aplikacji powodującej błąd: DTAgent.exe, wersja: 11.0.0.1932, sygnatura czasowa: 0x618e8339
  294. Nazwa modułu powodującego błąd: KERNELBASE.dll, wersja: 10.0.19041.1466, sygnatura czasowa: 0xe01c7650
  295. Kod wyjątku: 0xe0434352
  296. Przesunięcie błędu: 0x0000000000034f69
  297. Identyfikator procesu powodującego błąd: 0xb4c
  298. Godzina uruchomienia aplikacji powodującej błąd: 0x01d80caf07db9cbd
  299. Ścieżka aplikacji powodującej błąd: C:\Program Files\DAEMON Tools Lite\DTAgent.exe
  300. Ścieżka modułu powodującego błąd: C:\Windows\System32\KERNELBASE.dll
  301. Identyfikator raportu: d0ad40ed-d21b-4fc6-9a14-89a333d8e6e2
  302. Pełna nazwa pakietu powodującego błąd:
  303. Identyfikator aplikacji względem pakietu powodującego błąd:
  304.  
  305. Error: (01/18/2022 10:04:50 PM) (Source: .NET Runtime) (EventID: 1026) (User: )
  306. Description: Aplikacja: DTAgent.exe
  307. Wersja architektury: v4.0.30319
  308. Opis: proces został przerwany z powodu nieobsłużonego wyjątku.
  309. Informacje o wyjątku: System.IO.FileNotFoundException
  310. w System.RuntimeTypeHandle.CreateInstance(System.RuntimeType, Boolean, Boolean, Boolean ByRef, System.RuntimeMethodHandleInternal ByRef, Boolean ByRef)
  311. w System.RuntimeType.CreateInstanceSlow(Boolean, Boolean, Boolean, System.Threading.StackCrawlMark ByRef)
  312. w System.Activator.CreateInstance(System.Type, Boolean)
  313. w System.Activator.CreateInstance(System.Type)
  314. w DTAgent.App.TrayBaseApp.CreateDeviceManager()
  315. w DTAgent.App.TrayBaseApp.OnStartupAfterEngineInited()
  316. w DTAgent.App.TrayBaseApp.OnStartup(System.Windows.StartupEventArgs)
  317. w System.Windows.Application.<.ctor>b__1_0(System.Object)
  318. w System.Windows.Threading.ExceptionWrapper.InternalRealCall(System.Delegate, System.Object, Int32)
  319. w System.Windows.Threading.ExceptionWrapper.TryCatchWhen(System.Object, System.Delegate, System.Object, Int32, System.Delegate)
  320. w System.Windows.Threading.DispatcherOperation.InvokeImpl()
  321. w MS.Internal.CulturePreservingExecutionContext.CallbackWrapper(System.Object)
  322. w System.Threading.ExecutionContext.RunInternal(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
  323. w System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
  324. w System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object)
  325. w MS.Internal.CulturePreservingExecutionContext.Run(MS.Internal.CulturePreservingExecutionContext, System.Threading.ContextCallback, System.Object)
  326. w System.Windows.Threading.DispatcherOperation.Invoke()
  327. w System.Windows.Threading.Dispatcher.ProcessQueue()
  328. w System.Windows.Threading.Dispatcher.WndProcHook(IntPtr, Int32, IntPtr, IntPtr, Boolean ByRef)
  329. w MS.Win32.HwndWrapper.WndProc(IntPtr, Int32, IntPtr, IntPtr, Boolean ByRef)
  330. w MS.Win32.HwndSubclass.DispatcherCallbackOperation(System.Object)
  331. w System.Windows.Threading.ExceptionWrapper.InternalRealCall(System.Delegate, System.Object, Int32)
  332. w System.Windows.Threading.ExceptionWrapper.TryCatchWhen(System.Object, System.Delegate, System.Object, Int32, System.Delegate)
  333. w System.Windows.Threading.Dispatcher.LegacyInvokeImpl(System.Windows.Threading.DispatcherPriority, System.TimeSpan, System.Delegate, System.Object, Int32)
  334. w MS.Win32.HwndSubclass.SubclassWndProc(IntPtr, Int32, IntPtr, IntPtr)
  335. w MS.Win32.UnsafeNativeMethods.DispatchMessage(System.Windows.Interop.MSG ByRef)
  336. w System.Windows.Threading.Dispatcher.PushFrameImpl(System.Windows.Threading.DispatcherFrame)
  337. w System.Windows.Application.RunDispatcher(System.Object)
  338. w System.Windows.Application.RunInternal(System.Windows.Window)
  339. w DTAgent.App.TrayBaseApp+<>c.<Main>b__25_0()
  340. w System.Threading.ExecutionContext.RunInternal(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
  341. w System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
  342. w System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object)
  343. w System.Threading.ThreadHelper.ThreadStart()
  344.  
  345. Error: (01/18/2022 07:52:38 PM) (Source: Application Error) (EventID: 1000) (User: )
  346. Description: Nazwa aplikacji powodującej błąd: DTAgent.exe, wersja: 11.0.0.1932, sygnatura czasowa: 0x618e8339
  347. Nazwa modułu powodującego błąd: KERNELBASE.dll, wersja: 10.0.19041.1466, sygnatura czasowa: 0xe01c7650
  348. Kod wyjątku: 0xe0434352
  349. Przesunięcie błędu: 0x0000000000034f69
  350. Identyfikator procesu powodującego błąd: 0x1e54
  351. Godzina uruchomienia aplikacji powodującej błąd: 0x01d80c9c8fe3839a
  352. Ścieżka aplikacji powodującej błąd: C:\Program Files\DAEMON Tools Lite\DTAgent.exe
  353. Ścieżka modułu powodującego błąd: C:\Windows\System32\KERNELBASE.dll
  354. Identyfikator raportu: a5d6aa18-1090-4170-b65d-58a6acc416ba
  355. Pełna nazwa pakietu powodującego błąd:
  356. Identyfikator aplikacji względem pakietu powodującego błąd:
  357.  
  358. Error: (01/18/2022 07:52:38 PM) (Source: .NET Runtime) (EventID: 1026) (User: )
  359. Description: Aplikacja: DTAgent.exe
  360. Wersja architektury: v4.0.30319
  361. Opis: proces został przerwany z powodu nieobsłużonego wyjątku.
  362. Informacje o wyjątku: System.IO.FileNotFoundException
  363. w System.RuntimeTypeHandle.CreateInstance(System.RuntimeType, Boolean, Boolean, Boolean ByRef, System.RuntimeMethodHandleInternal ByRef, Boolean ByRef)
  364. w System.RuntimeType.CreateInstanceSlow(Boolean, Boolean, Boolean, System.Threading.StackCrawlMark ByRef)
  365. w System.Activator.CreateInstance(System.Type, Boolean)
  366. w System.Activator.CreateInstance(System.Type)
  367. w DTAgent.App.TrayBaseApp.CreateDeviceManager()
  368. w DTAgent.App.TrayBaseApp.OnStartupAfterEngineInited()
  369. w DTAgent.App.TrayBaseApp.OnStartup(System.Windows.StartupEventArgs)
  370. w System.Windows.Application.<.ctor>b__1_0(System.Object)
  371. w System.Windows.Threading.ExceptionWrapper.InternalRealCall(System.Delegate, System.Object, Int32)
  372. w System.Windows.Threading.ExceptionWrapper.TryCatchWhen(System.Object, System.Delegate, System.Object, Int32, System.Delegate)
  373. w System.Windows.Threading.DispatcherOperation.InvokeImpl()
  374. w MS.Internal.CulturePreservingExecutionContext.CallbackWrapper(System.Object)
  375. w System.Threading.ExecutionContext.RunInternal(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
  376. w System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
  377. w System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object)
  378. w MS.Internal.CulturePreservingExecutionContext.Run(MS.Internal.CulturePreservingExecutionContext, System.Threading.ContextCallback, System.Object)
  379. w System.Windows.Threading.DispatcherOperation.Invoke()
  380. w System.Windows.Threading.Dispatcher.ProcessQueue()
  381. w System.Windows.Threading.Dispatcher.WndProcHook(IntPtr, Int32, IntPtr, IntPtr, Boolean ByRef)
  382. w MS.Win32.HwndWrapper.WndProc(IntPtr, Int32, IntPtr, IntPtr, Boolean ByRef)
  383. w MS.Win32.HwndSubclass.DispatcherCallbackOperation(System.Object)
  384. w System.Windows.Threading.ExceptionWrapper.InternalRealCall(System.Delegate, System.Object, Int32)
  385. w System.Windows.Threading.ExceptionWrapper.TryCatchWhen(System.Object, System.Delegate, System.Object, Int32, System.Delegate)
  386. w System.Windows.Threading.Dispatcher.LegacyInvokeImpl(System.Windows.Threading.DispatcherPriority, System.TimeSpan, System.Delegate, System.Object, Int32)
  387. w MS.Win32.HwndSubclass.SubclassWndProc(IntPtr, Int32, IntPtr, IntPtr)
  388. w MS.Win32.UnsafeNativeMethods.DispatchMessage(System.Windows.Interop.MSG ByRef)
  389. w System.Windows.Threading.Dispatcher.PushFrameImpl(System.Windows.Threading.DispatcherFrame)
  390. w System.Windows.Application.RunDispatcher(System.Object)
  391. w System.Windows.Application.RunInternal(System.Windows.Window)
  392. w DTAgent.App.TrayBaseApp+<>c.<Main>b__25_0()
  393. w System.Threading.ExecutionContext.RunInternal(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
  394. w System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
  395. w System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object)
  396. w System.Threading.ThreadHelper.ThreadStart()
  397.  
  398. Error: (01/18/2022 03:37:08 PM) (Source: Application Error) (EventID: 1000) (User: )
  399. Description: Nazwa aplikacji powodującej błąd: DTAgent.exe, wersja: 11.0.0.1932, sygnatura czasowa: 0x618e8339
  400. Nazwa modułu powodującego błąd: KERNELBASE.dll, wersja: 10.0.19041.1466, sygnatura czasowa: 0xe01c7650
  401. Kod wyjątku: 0xe0434352
  402. Przesunięcie błędu: 0x0000000000034f69
  403. Identyfikator procesu powodującego błąd: 0x2e10
  404. Godzina uruchomienia aplikacji powodującej błąd: 0x01d80c78de151d4c
  405. Ścieżka aplikacji powodującej błąd: C:\Program Files\DAEMON Tools Lite\DTAgent.exe
  406. Ścieżka modułu powodującego błąd: C:\Windows\System32\KERNELBASE.dll
  407. Identyfikator raportu: c8b8ca47-4f86-4f87-ac8d-ccb39b36b7b2
  408. Pełna nazwa pakietu powodującego błąd:
  409. Identyfikator aplikacji względem pakietu powodującego błąd:
  410.  
  411. Error: (01/18/2022 03:37:08 PM) (Source: .NET Runtime) (EventID: 1026) (User: )
  412. Description: Aplikacja: DTAgent.exe
  413. Wersja architektury: v4.0.30319
  414. Opis: proces został przerwany z powodu nieobsłużonego wyjątku.
  415. Informacje o wyjątku: System.IO.FileNotFoundException
  416. w System.RuntimeTypeHandle.CreateInstance(System.RuntimeType, Boolean, Boolean, Boolean ByRef, System.RuntimeMethodHandleInternal ByRef, Boolean ByRef)
  417. w System.RuntimeType.CreateInstanceSlow(Boolean, Boolean, Boolean, System.Threading.StackCrawlMark ByRef)
  418. w System.Activator.CreateInstance(System.Type, Boolean)
  419. w System.Activator.CreateInstance(System.Type)
  420. w DTAgent.App.TrayBaseApp.CreateDeviceManager()
  421. w DTAgent.App.TrayBaseApp.OnStartupAfterEngineInited()
  422. w DTAgent.App.TrayBaseApp.OnStartup(System.Windows.StartupEventArgs)
  423. w System.Windows.Application.<.ctor>b__1_0(System.Object)
  424. w System.Windows.Threading.ExceptionWrapper.InternalRealCall(System.Delegate, System.Object, Int32)
  425. w System.Windows.Threading.ExceptionWrapper.TryCatchWhen(System.Object, System.Delegate, System.Object, Int32, System.Delegate)
  426. w System.Windows.Threading.DispatcherOperation.InvokeImpl()
  427. w MS.Internal.CulturePreservingExecutionContext.CallbackWrapper(System.Object)
  428. w System.Threading.ExecutionContext.RunInternal(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
  429. w System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
  430. w System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object)
  431. w MS.Internal.CulturePreservingExecutionContext.Run(MS.Internal.CulturePreservingExecutionContext, System.Threading.ContextCallback, System.Object)
  432. w System.Windows.Threading.DispatcherOperation.Invoke()
  433. w System.Windows.Threading.Dispatcher.ProcessQueue()
  434. w System.Windows.Threading.Dispatcher.WndProcHook(IntPtr, Int32, IntPtr, IntPtr, Boolean ByRef)
  435. w MS.Win32.HwndWrapper.WndProc(IntPtr, Int32, IntPtr, IntPtr, Boolean ByRef)
  436. w MS.Win32.HwndSubclass.DispatcherCallbackOperation(System.Object)
  437. w System.Windows.Threading.ExceptionWrapper.InternalRealCall(System.Delegate, System.Object, Int32)
  438. w System.Windows.Threading.ExceptionWrapper.TryCatchWhen(System.Object, System.Delegate, System.Object, Int32, System.Delegate)
  439. w System.Windows.Threading.Dispatcher.LegacyInvokeImpl(System.Windows.Threading.DispatcherPriority, System.TimeSpan, System.Delegate, System.Object, Int32)
  440. w MS.Win32.HwndSubclass.SubclassWndProc(IntPtr, Int32, IntPtr, IntPtr)
  441. w MS.Win32.UnsafeNativeMethods.DispatchMessage(System.Windows.Interop.MSG ByRef)
  442. w System.Windows.Threading.Dispatcher.PushFrameImpl(System.Windows.Threading.DispatcherFrame)
  443. w System.Windows.Application.RunDispatcher(System.Object)
  444. w System.Windows.Application.RunInternal(System.Windows.Window)
  445. w DTAgent.App.TrayBaseApp+<>c.<Main>b__25_0()
  446. w System.Threading.ExecutionContext.RunInternal(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
  447. w System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
  448. w System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object)
  449. w System.Threading.ThreadHelper.ThreadStart()
  450.  
  451. Error: (01/18/2022 08:52:10 AM) (Source: Application Error) (EventID: 1000) (User: )
  452. Description: Nazwa aplikacji powodującej błąd: DTAgent.exe, wersja: 11.0.0.1932, sygnatura czasowa: 0x618e8339
  453. Nazwa modułu powodującego błąd: KERNELBASE.dll, wersja: 10.0.19041.1466, sygnatura czasowa: 0xe01c7650
  454. Kod wyjątku: 0xe0434352
  455. Przesunięcie błędu: 0x0000000000034f69
  456. Identyfikator procesu powodującego błąd: 0x2678
  457. Godzina uruchomienia aplikacji powodującej błąd: 0x01d80c404bbcf36d
  458. Ścieżka aplikacji powodującej błąd: C:\Program Files\DAEMON Tools Lite\DTAgent.exe
  459. Ścieżka modułu powodującego błąd: C:\Windows\System32\KERNELBASE.dll
  460. Identyfikator raportu: 552c297a-30b6-41be-8586-1747042d2c28
  461. Pełna nazwa pakietu powodującego błąd:
  462. Identyfikator aplikacji względem pakietu powodującego błąd:
  463.  
  464. Error: (01/18/2022 08:52:10 AM) (Source: .NET Runtime) (EventID: 1026) (User: )
  465. Description: Aplikacja: DTAgent.exe
  466. Wersja architektury: v4.0.30319
  467. Opis: proces został przerwany z powodu nieobsłużonego wyjątku.
  468. Informacje o wyjątku: System.IO.FileNotFoundException
  469. w System.RuntimeTypeHandle.CreateInstance(System.RuntimeType, Boolean, Boolean, Boolean ByRef, System.RuntimeMethodHandleInternal ByRef, Boolean ByRef)
  470. w System.RuntimeType.CreateInstanceSlow(Boolean, Boolean, Boolean, System.Threading.StackCrawlMark ByRef)
  471. w System.Activator.CreateInstance(System.Type, Boolean)
  472. w System.Activator.CreateInstance(System.Type)
  473. w DTAgent.App.TrayBaseApp.CreateDeviceManager()
  474. w DTAgent.App.TrayBaseApp.OnStartupAfterEngineInited()
  475. w DTAgent.App.TrayBaseApp.OnStartup(System.Windows.StartupEventArgs)
  476. w System.Windows.Application.<.ctor>b__1_0(System.Object)
  477. w System.Windows.Threading.ExceptionWrapper.InternalRealCall(System.Delegate, System.Object, Int32)
  478. w System.Windows.Threading.ExceptionWrapper.TryCatchWhen(System.Object, System.Delegate, System.Object, Int32, System.Delegate)
  479. w System.Windows.Threading.DispatcherOperation.InvokeImpl()
  480. w MS.Internal.CulturePreservingExecutionContext.CallbackWrapper(System.Object)
  481. w System.Threading.ExecutionContext.RunInternal(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
  482. w System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
  483. w System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object)
  484. w MS.Internal.CulturePreservingExecutionContext.Run(MS.Internal.CulturePreservingExecutionContext, System.Threading.ContextCallback, System.Object)
  485. w System.Windows.Threading.DispatcherOperation.Invoke()
  486. w System.Windows.Threading.Dispatcher.ProcessQueue()
  487. w System.Windows.Threading.Dispatcher.WndProcHook(IntPtr, Int32, IntPtr, IntPtr, Boolean ByRef)
  488. w MS.Win32.HwndWrapper.WndProc(IntPtr, Int32, IntPtr, IntPtr, Boolean ByRef)
  489. w MS.Win32.HwndSubclass.DispatcherCallbackOperation(System.Object)
  490. w System.Windows.Threading.ExceptionWrapper.InternalRealCall(System.Delegate, System.Object, Int32)
  491. w System.Windows.Threading.ExceptionWrapper.TryCatchWhen(System.Object, System.Delegate, System.Object, Int32, System.Delegate)
  492. w System.Windows.Threading.Dispatcher.LegacyInvokeImpl(System.Windows.Threading.DispatcherPriority, System.TimeSpan, System.Delegate, System.Object, Int32)
  493. w MS.Win32.HwndSubclass.SubclassWndProc(IntPtr, Int32, IntPtr, IntPtr)
  494. w MS.Win32.UnsafeNativeMethods.DispatchMessage(System.Windows.Interop.MSG ByRef)
  495. w System.Windows.Threading.Dispatcher.PushFrameImpl(System.Windows.Threading.DispatcherFrame)
  496. w System.Windows.Application.RunDispatcher(System.Object)
  497. w System.Windows.Application.RunInternal(System.Windows.Window)
  498. w DTAgent.App.TrayBaseApp+<>c.<Main>b__25_0()
  499. w System.Threading.ExecutionContext.RunInternal(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
  500. w System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
  501. w System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object)
  502. w System.Threading.ThreadHelper.ThreadStart()
  503.  
  504.  
  505. Dziennik System:
  506. =============
  507. Error: (01/18/2022 10:04:50 PM) (Source: DCOM) (EventID: 10005) (User: DESKTOP-M2GTJR5)
  508. Description: Model DCOM odebrał błąd 2 podczas próby uruchomienia usługi Disc Soft Lite Bus Service z argumentami Niedostępny w celu uruchomienia serwera:
  509. {1BB2CAF7-8881-4CE8-B16A-3CA37C7C6F33}
  510.  
  511. Error: (01/18/2022 10:04:50 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
  512. Description: Nie można uruchomić usługi Disc Soft Lite Bus Service z powodu następującego błędu:
  513. Nie można odnaleźć określonego pliku.
  514.  
  515. Error: (01/18/2022 08:35:17 PM) (Source: DCOM) (EventID: 10005) (User: DESKTOP-M2GTJR5)
  516. Description: Model DCOM odebrał błąd 2 podczas próby uruchomienia usługi Disc Soft Lite Bus Service z argumentami Niedostępny w celu uruchomienia serwera:
  517. {1BB2CAF7-8881-4CE8-B16A-3CA37C7C6F33}
  518.  
  519. Error: (01/18/2022 08:35:17 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
  520. Description: Nie można uruchomić usługi Disc Soft Lite Bus Service z powodu następującego błędu:
  521. Nie można odnaleźć określonego pliku.
  522.  
  523. Error: (01/18/2022 07:52:38 PM) (Source: DCOM) (EventID: 10005) (User: DESKTOP-M2GTJR5)
  524. Description: Model DCOM odebrał błąd 2 podczas próby uruchomienia usługi Disc Soft Lite Bus Service z argumentami Niedostępny w celu uruchomienia serwera:
  525. {1BB2CAF7-8881-4CE8-B16A-3CA37C7C6F33}
  526.  
  527. Error: (01/18/2022 07:52:38 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
  528. Description: Nie można uruchomić usługi Disc Soft Lite Bus Service z powodu następującego błędu:
  529. Nie można odnaleźć określonego pliku.
  530.  
  531. Error: (01/18/2022 03:37:07 PM) (Source: DCOM) (EventID: 10005) (User: DESKTOP-M2GTJR5)
  532. Description: Model DCOM odebrał błąd 2 podczas próby uruchomienia usługi Disc Soft Lite Bus Service z argumentami Niedostępny w celu uruchomienia serwera:
  533. {1BB2CAF7-8881-4CE8-B16A-3CA37C7C6F33}
  534.  
  535. Error: (01/18/2022 03:37:07 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
  536. Description: Nie można uruchomić usługi Disc Soft Lite Bus Service z powodu następującego błędu:
  537. Nie można odnaleźć określonego pliku.
  538.  
  539.  
  540. Windows Defender:
  541. ================
  542. Date: 2022-01-17 20:21:28
  543. Description:
  544. Skanowanie produktu Program antywirusowy Microsoft Defender zostało zatrzymane przed ukończeniem.
  545. Identyfikator skanowania: {E8BD2EBA-AFCB-46E8-8795-28ACA01504F7}
  546. Typ skanowania: Narzędzia chroniące przed złośliwym oprogramowaniem
  547. Parametry skanowania: Pełne skanowanie
  548. Użytkownik: DESKTOP-M2GTJR5\pc
  549.  
  550. Date: 2022-01-17 20:13:35
  551. Description:
  552. Produkt Program antywirusowy Microsoft Defender wykrył złośliwe oprogramowanie lub inne potencjalnie niechciane oprogramowanie.
  553. Aby uzyskać więcej informacji, zobacz:
  554. https://go.microsoft.com/fwlink/?linkid=37020&name=Trojan:Script/Phonzy.C!ml&threatid=2147772968&enterprise=0
  555. Nazwa: Trojan:Script/Phonzy.C!ml
  556. Identyfikator: 2147772968
  557. Ważność: Poważny
  558. Kategoria: Koń trojański
  559. Ścieżka: file:_C:\$Recycle.Bin\S-1-5-21-1789183414-2172948479-87873014-1001\$RRFWZYJ.exe
  560. Pochodzenie wykrycia: Komputer lokalny
  561. Typ wykrycia: Konkretne
  562. Źródło wykrycia: Ochrona w czasie rzeczywistym
  563. Użytkownik: DESKTOP-M2GTJR5\pc
  564. Nazwa procesu: C:\Windows\explorer.exe
  565. Wersja analizy zabezpieczeń: AV: 1.355.2072.0, AS: 1.355.2072.0, NIS: 1.355.2072.0
  566. Wersja aparatu: AM: 1.1.18800.4, NIS: 1.1.18800.4
  567.  
  568. Date: 2022-01-17 20:13:22
  569. Description:
  570. Produkt Program antywirusowy Microsoft Defender wykrył złośliwe oprogramowanie lub inne potencjalnie niechciane oprogramowanie.
  571. Aby uzyskać więcej informacji, zobacz:
  572. https://go.microsoft.com/fwlink/?linkid=37020&name=Trojan:Script/Phonzy.C!ml&threatid=2147772968&enterprise=0
  573. Nazwa: Trojan:Script/Phonzy.C!ml
  574. Identyfikator: 2147772968
  575. Ważność: Poważny
  576. Kategoria: Koń trojański
  577. Ścieżka: file:_C:\$Recycle.Bin\S-1-5-21-1789183414-2172948479-87873014-1001\$RRFWZYJ.exe
  578. Pochodzenie wykrycia: Komputer lokalny
  579. Typ wykrycia: FastPath
  580. Źródło wykrycia: Ochrona w czasie rzeczywistym
  581. Użytkownik: DESKTOP-M2GTJR5\pc
  582. Nazwa procesu: C:\Windows\explorer.exe
  583. Wersja analizy zabezpieczeń: AV: 1.355.2072.0, AS: 1.355.2072.0, NIS: 1.355.2072.0
  584. Wersja aparatu: AM: 1.1.18800.4, NIS: 1.1.18800.4
  585.  
  586. Date: 2022-01-17 19:42:38
  587. Description:
  588. Produkt Program antywirusowy Microsoft Defender wykrył złośliwe oprogramowanie lub inne potencjalnie niechciane oprogramowanie.
  589. Aby uzyskać więcej informacji, zobacz:
  590. https://go.microsoft.com/fwlink/?linkid=37020&name=Behavior:Win32/DefenseEvasion.A!ml&threatid=2147738096&enterprise=0
  591. Nazwa: Behavior:Win32/DefenseEvasion.A!ml
  592. Identyfikator: 2147738096
  593. Ważność: Poważny
  594. Kategoria: Podejrzane zachowanie
  595. Ścieżka: file:_C:\Users\pc\AppData\Roaming\Microsoft\RegHost.exe; regkey:_HKCU@S-1-5-21-1789183414-2172948479-87873014-1001\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN\\RegHost; regkey:_HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN\\RegHost; runkey:_HKCU@S-1-5-21-1789183414-2172948479-87873014-1001\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN\\RegHost; runkey:_HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN\\RegHost
  596. Pochodzenie wykrycia: Komputer lokalny
  597. Typ wykrycia: FastPath
  598. Źródło wykrycia: Użytkownik
  599. Użytkownik: DESKTOP-M2GTJR5\pc
  600. Nazwa procesu: Unknown
  601. Wersja analizy zabezpieczeń: AV: 1.355.2057.0, AS: 1.355.2057.0, NIS: 1.355.2057.0
  602. Wersja aparatu: AM: 1.1.18800.4, NIS: 1.1.18800.4
  603.  
  604. Date: 2022-01-17 19:38:17
  605. Description:
  606. Produkt Program antywirusowy Microsoft Defender wykrył złośliwe oprogramowanie lub inne potencjalnie niechciane oprogramowanie.
  607. Aby uzyskać więcej informacji, zobacz:
  608. https://go.microsoft.com/fwlink/?linkid=37020&name=Behavior:Win32/Wovdnut.C!sms&threatid=2147797725&enterprise=0
  609. Nazwa: Behavior:Win32/Wovdnut.C!sms
  610. Identyfikator: 2147797725
  611. Ważność: Poważny
  612. Kategoria: Podejrzane zachowanie
  613. Ścieżka: behavior:_pid:14232:72237234448271; file:_C:\Users\pc\AppData\Roaming\services32.exe; file:_C:\Windows\System32\Tasks\services32->(UTF-16LE); regkey:_HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{33D34AED-47BC-4F9C-98F1-0060A540E498}; regkey:_HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\services32; taskscheduler:_C:\Windows\System32\Tasks\services32
  614. Pochodzenie wykrycia: Komputer lokalny
  615. Typ wykrycia: Konkretne
  616. Źródło wykrycia: System
  617. Użytkownik: ZARZĄDZANIE NT\SYSTEM
  618. Nazwa procesu: Unknown
  619. Wersja analizy zabezpieczeń: AV: 1.355.2057.0, AS: 1.355.2057.0, NIS: 1.355.2057.0
  620. Wersja aparatu: AM: 1.1.18800.4, NIS: 1.1.18800.4
  621. 
  622. CodeIntegrity:
  623. ===============
  624. Date: 2022-01-17 20:39:55
  625. Description:
  626. Windows blocked file \Device\HarddiskVolume3\Windows\System32\scrobj.dll which has been disallowed for protected processes.
  627.  
  628. Date: 2022-01-17 20:05:40
  629. Description:
  630. Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Avast Software\Avast\AvastSvc.exe) attempted to load \Device\HarddiskVolume3\Program Files\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.
  631.  
  632. Date: 2022-01-17 19:59:37
  633. Description:
  634. Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Program Files\Avast Software\Avast\aswAMSI.dll that did not meet the Windows signing level requirements.
  635.  
  636. Date: 2022-01-17 19:59:25
  637. Description:
  638. Code Integrity determined that a process (\Device\HarddiskVolume3\ProgramData\Microsoft\Windows Defender\Platform\4.18.2111.5-0\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\Avast Software\Avast\aswAMSI.dll that did not meet the Microsoft signing level requirements.
  639.  
  640.  
  641. ==================== Statystyki pamięci ===========================
  642.  
  643. BIOS: American Megatrends Inc. 2.E0 08/11/2017
  644. Płyta główna: MSI H110M PRO-D (MS-7996)
  645. Procesor: Intel(R) Core(TM) i5-7500 CPU @ 3.40GHz
  646. Procent pamięci w użyciu: 72%
  647. Całkowita pamięć fizyczna: 8156.16 MB
  648. Dostępna pamięć fizyczna: 2249.73 MB
  649. Całkowita pamięć wirtualna: 13532.16 MB
  650. Dostępna pamięć wirtualna: 5447.38 MB
  651.  
  652. ==================== Dyski ================================
  653.  
  654. Drive c: () (Fixed) (Total:111.18 GB) (Free:38.32 GB) NTFS
  655. Drive d: () (Fixed) (Total:491.13 GB) (Free:160.14 GB) NTFS
  656. Drive e: (Nowy) (Fixed) (Total:117.21 GB) (Free:19.06 GB) NTFS
  657. Drive f: () (Fixed) (Total:322.03 GB) (Free:62.29 GB) NTFS
  658.  
  659. \\?\Volume{ff027284-03fc-4c7b-bed5-865253475184}\ () (Fixed) (Total:0.5 GB) (Free:0.08 GB) NTFS
  660. \\?\Volume{21441eb4-0c56-4847-8f36-9a49f78d51b3}\ (Odzyskiwanie) (Fixed) (Total:0.49 GB) (Free:0.47 GB) NTFS
  661. \\?\Volume{7b5f911b-f51c-4cc3-a758-cad58738245c}\ () (Fixed) (Total:0.53 GB) (Free:0.08 GB) NTFS
  662. \\?\Volume{ec2a0a07-d02f-4b6c-afc2-b15dd337a77c}\ () (Fixed) (Total:0.09 GB) (Free:0.07 GB) FAT32
  663. \\?\Volume{655b65c5-107e-446c-9647-79f0dc70bb12}\ () (Fixed) (Total:0.09 GB) (Free:0.07 GB) FAT32
  664.  
  665. ==================== MBR & Tablica partycji ====================
  666.  
  667. ==========================================================
  668. Disk: 0 (MBR Code: Windows 7/8/10) (Size: 111.8 GB) (Disk ID: F38F0737)
  669.  
  670. Partition: GPT.
  671.  
  672. ==========================================================
  673. Disk: 1 (Size: 931.5 GB) (Disk ID: 0009C6CD)
  674.  
  675. Partition: GPT.
  676.  
  677. ==================== Koniec Addition.txt =======================
RAW Paste Data Copied