Zawieszanie przegladarki - Zawieszanie na kilka sekund przeglądarki przy dodawan

Rezultaty skanowania Farbar Recovery Scan Tool (FRST) (x64) Wersja: 28-02-2021
Uruchomiony przez Wawa (administrator) DESKTOP-IHE1JE0 (LENOVO 81BJ) (03-03-2021 12:25:59)
Uruchomiony z C:\Users\Wawa\Desktop
Załadowane profile: Wawa
Platform: Windows 10 Pro Wersja 2004 19041.804 (X64) Język: Polski (Polska)
Domyślna przeglądarka: Chrome
Tryb startu: Normal

==================== Procesy (filtrowane) =================

(Załączenie wejścia w fixlist spowoduje zamknięcie procesu. Powiązany plik nie zostanie przeniesiony.)

() [Brak podpisu cyfrowego] C:\Users\Wawa\Desktop\platform-tools\adb.exe
(Adobe Inc. -> Adobe Inc) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\IPCBox\AdobeIPCBroker.exe
(Adobe Inc. -> Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Adobe Creative Cloud Experience\CCXProcess.exe
(BitTorrent Inc -> BitTorrent Inc.) C:\Users\Wawa\AppData\Roaming\uTorrent\helper\helper.exe
(BitTorrent Inc -> BitTorrent Inc.) C:\Users\Wawa\AppData\Roaming\uTorrent\updates\3.5.5_45852\utorrentie.exe <2>
(BitTorrent Inc -> BitTorrent Inc.) C:\Users\Wawa\AppData\Roaming\uTorrent\uTorrent.exe
(Dolby Laboratories, Inc. -> Dolby Laboratories, Inc.) C:\Program Files\Dolby\Dolby DAX2\DAX2_API\DolbyDAX2API.exe
(ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
(ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDService.exe
(Facebook, Inc. -> Facebook, Inc.) C:\Users\Wawa\AppData\Local\Programs\Messenger\Messenger.exe <6>
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.72\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.72\GoogleCrashHandler64.exe
(Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe <37>
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_1a33d2f73651d989\igfxCUIService.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_1a33d2f73651d989\igfxEM.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_1a33d2f73651d989\IntelCpHDCPSvc.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_1a33d2f73651d989\IntelCpHeciSvc.exe
(Learnpulse -> Learnpulse) C:\Users\Wawa\AppData\Local\Learnpulse\Screenpresso\Screenpresso.exe
(Lenovo -> Lenovo Group Ltd.) C:\Windows\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\root\Office16\EXCEL.EXE
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXE
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.2012.21.0_x64__8wekyb3d8bbwe\Calculator.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.ZuneMusic_10.20122.11121.0_x64__8wekyb3d8bbwe\Music.UI.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\splwow64.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <3>
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\oobe\UserOOBEBroker.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\SysWOW64\SearchProtocolHost.exe
(Microsoft Windows Hardware Compatibility Publisher -> Windows (R) Win 7 DDK provider) C:\Windows\System32\drivers\AdminService.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe <8>
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\plugin-container.exe
(Node.js Foundation -> Node.js) C:\Program Files (x86)\Adobe\Adobe Creative Cloud Experience\libs\node.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe <2>
(Piriform Software Ltd -> Piriform Software Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe <3>
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe

==================== Rejestr (filtrowane) ===================

(Załączenie wejścia w fixlist spowoduje usunięcie obiektu z rejestru lub przywrócenie jego domyślnej postaci. Powiązany plik nie zostanie przeniesiony.)

HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\System32\LogiLDA.dll [3942864 2018-06-11] (Logitech -> Logitech, Inc.)
HKLM\...\Policies\Explorer: [HideSCAHealth] 1
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Ograniczenia <==== UWAGA
HKU\S-1-5-21-1731083898-657694052-1010873457-1001\...\Run: [Screenpresso] => C:\Users\Wawa\AppData\Local\Learnpulse\Screenpresso\Screenpresso.exe [15660640 2021-02-10] (Learnpulse -> Learnpulse)
HKU\S-1-5-21-1731083898-657694052-1010873457-1001\...\Run: [CCXProcess] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud Experience\CCXProcess.exe [144008 2019-10-22] (Adobe Inc. -> Adobe Systems Incorporated)
HKU\S-1-5-21-1731083898-657694052-1010873457-1001\...\Run: [uTorrent] => C:\Users\Wawa\AppData\Roaming\uTorrent\uTorrent.exe [2142936 2020-12-21] (BitTorrent Inc -> BitTorrent Inc.)
HKU\S-1-5-21-1731083898-657694052-1010873457-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [32721976 2021-02-16] (Piriform Software Ltd -> Piriform Software Ltd)
HKU\S-1-5-21-1731083898-657694052-1010873457-1001\...\Run: [Facebook.MessengerDesktop] => C:\Users\Wawa\AppData\Local\Programs\Messenger\Messenger.exe messenger://openAtLogin
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\88.0.4324.190\Installer\chrmstp.exe [2021-02-24] (Google LLC -> Google LLC)
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Ograniczenia <==== UWAGA

==================== Zaplanowane zadania (filtrowane) ============

(Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.)

Task: {00E44CCC-5BD6-41FF-AB79-BF896B8E2762} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [115016 2021-02-22] (Microsoft Corporation -> Microsoft Corporation)
Task: {01660CB2-1DC0-49DE-85AA-59EB48026EC0} - System32\Tasks\Lenovo\BatteryGauge\BatteryGaugeMaintenance => C:\ProgramData\Lenovo\ImController\Plugins\LenovoBatteryGaugePackage\x64\BGHelper.exe [143888 2021-02-04] (Lenovo -> Lenovo Group Ltd.)
Task: {0365ADDD-B915-400F-8D34-95FE32709E7D} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [3993520 2021-02-12] (Microsoft Corporation -> Microsoft Corporation)
Task: {17C5D6D3-37C9-4BEF-BD04-7267A7AA1B2B} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [22993800 2021-02-15] (Microsoft Corporation -> Microsoft Corporation)
Task: {22E9364A-8834-4612-9906-131EF964B408} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2101.9-0\MpCmdRun.exe [562240 2021-02-10] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {354A8643-29D5-4382-BE3F-FE86A4427D8A} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [27165752 2021-02-16] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {385E3054-19D6-4388-8DEB-B382DD3E435E} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2101.9-0\MpCmdRun.exe [562240 2021-02-10] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {3FCC8E52-F742-405D-B343-1427BA338C4F} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\60bcee36-0f32-4c68-8c64-5561b94eccc7 => C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [81840 2021-01-11] (Lenovo -> Lenovo Group Ltd.)
Task: {40568D0D-BFEF-436B-8206-2F43E73EDF75} - System32\Tasks\RtHDVBg_Dolby => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1506376 2018-10-18] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
Task: {40ED2CF2-2AE6-467A-80DF-7156F1147B8D} - System32\Tasks\Lenovo\ImController\Lenovo iM Controller Scheduled Maintenance => "%windir%\system32\sc.exe" START ImControllerService
Task: {42447B08-C61A-487F-901A-36B565A2B571} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2101.9-0\MpCmdRun.exe [562240 2021-02-10] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {53C57EC7-215D-4ACF-BE2D-8BCFF9A6F2F4} - System32\Tasks\Microsoft\Windows\Application Experience\StartupCheckLibrary => rundll32.exe StartupCheckLibrary.dll,DllMainRunLibrary <==== UWAGA
Task: {7939B840-6578-49F2-A2DC-C61C48145613} - System32\Tasks\RTKCPL => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1506376 2018-10-18] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
Task: {7EF9418E-EE2D-482D-B02E-5EA6CFB3FAB4} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\7cbccf47-4ca9-4653-b6a9-fe7541e5c037 => C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [81840 2021-01-11] (Lenovo -> Lenovo Group Ltd.)
Task: {8FF2A91B-E92A-462C-A81C-88959F5AB254} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [155592 2020-11-24] (Google LLC -> Google LLC)
Task: {9DE30576-AB05-435E-BF50-83012E0E686E} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\c289f72d-0759-4803-ac3f-556219d921ac => C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [81840 2021-01-11] (Lenovo -> Lenovo Group Ltd.)
Task: {B0A71327-54C6-458B-B1A3-88D71132B9E3} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe [694752 2021-02-24] (Mozilla Corporation -> Mozilla Foundation)
Task: {B9D08BEC-0771-47DA-A83C-2669E5912CF8} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2101.9-0\MpCmdRun.exe [562240 2021-02-10] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {BB1585CE-EE4D-416C-8645-CFBF3ADAEA7B} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\5fc664d3-dac2-4bcf-9736-5d047df0bf48 => C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [81840 2021-01-11] (Lenovo -> Lenovo Group Ltd.)
Task: {C24E0F03-02D9-40BF-AE18-5D2DEA0803DE} - System32\Tasks\Lenovo\ImController\Plugins\LenovoSystemUpdatePlugin_WeeklyTask => %windir%\System32\reg.exe add hklm\SOFTWARE\Lenovo\SystemUpdatePlugin\scheduler /v start /t reg_dword /d 1 /f /reg:32
Task: {C85E203F-9B33-4178-B3B0-C2E39442E3F7} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [115016 2021-02-22] (Microsoft Corporation -> Microsoft Corporation)
Task: {CEB13D44-2149-44BD-B7B8-70C3C202E854} - System32\Tasks\Lenovo\ImController\Lenovo iM Controller Monitor => C:\WINDOWS\system32\ImController.InfInstaller.exe [61872 2021-01-11] (Lenovo -> Lenovo Group Ltd.)
Task: {D92A62FE-0B58-4ECC-8D51-BBD3A38876A5} - System32\Tasks\RtHDVBg_LENOVO_DOLBYDRAGON => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1506376 2018-10-18] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
Task: {DE639257-E40E-4D73-AEFE-A8FAACEEA762} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [3993520 2021-02-12] (Microsoft Corporation -> Microsoft Corporation)
Task: {E2571283-88B5-433A-AA5D-FAB557B2D82F} - System32\Tasks\Microsoft\Windows\Windows Error Reporting\winrmsrv => C:\WINDOWS\system32\winrmsrv.exe [731136 2021-02-11] (Microsoft Corporation) [Brak podpisu cyfrowego] <==== UWAGA
Task: {E4EC579F-6BA5-49D3-A122-25BC4A8CAB92} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [22993800 2021-02-15] (Microsoft Corporation -> Microsoft Corporation)
Task: {ED3DA429-15B7-4D56-B9FE-5EB4C65FE6BA} - System32\Tasks\Microsoft\Windows\Wininet\Winlogui => C:\WINDOWS\system32\winlogui.exe [750592 2021-02-11] (Microsoft Corporation) [Brak podpisu cyfrowego] <==== UWAGA
Task: {F1A466BD-0757-4F9B-93CE-19C0A7617A68} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [684976 2021-02-16] (Piriform Software Ltd -> Piriform)
Task: {F4108EA1-C4F5-447C-A42E-31A6C341C3F4} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [155592 2020-11-24] (Google LLC -> Google LLC)
Task: {F7579021-4032-4FCA-AD09-98783539500E} - System32\Tasks\Microsoft\Windows\WDI\SrvHost => rundll32.exe winscomrssrv.dll,SrvMainHost <==== UWAGA

(Załączenie wejścia w fixlist spowoduje przesunięcie pliku zadania (.job). Plik uruchamiany docelowo przez zadanie nie zostanie przeniesiony.)


==================== Internet (filtrowane) ====================

(Załączenie wejścia w fixlist, w przypadku gdy jest to obiekt rejestru, spowoduje usunięcie go z rejestru lub przywrócenie jego domyślnej postaci.)

Tcpip\Parameters: [DhcpNameServer] 192.168.31.1
Tcpip\..\Interfaces\{315993d2-2c5a-40a2-999f-4f82e5009c01}: [DhcpNameServer] 192.168.31.1

Edge:
=======
Edge Profile: C:\Users\Wawa\AppData\Local\Microsoft\Edge\User Data\Default [2021-03-03]

FireFox:
========
FF DefaultProfile: 4rpihjmh.default
FF ProfilePath: C:\Users\Wawa\AppData\Roaming\Mozilla\Firefox\Profiles\4rpihjmh.default [2021-01-27]
FF ProfilePath: C:\Users\Wawa\AppData\Roaming\Mozilla\Firefox\Profiles\h57qlx0j.default-release-1611742092857 [2021-03-03]
FF DownloadDir: C:\Users\Wawa\Desktop
FF Homepage: Mozilla\Firefox\Profiles\h57qlx0j.default-release-1611742092857 -> hxxps://www.google.com
FF Notifications: Mozilla\Firefox\Profiles\h57qlx0j.default-release-1611742092857 -> hxxps://tvonline.vectra.pl
FF Extension: (Adblock Plus - darmowy adblocker) - C:\Users\Wawa\AppData\Roaming\Mozilla\Firefox\Profiles\h57qlx0j.default-release-1611742092857\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2021-01-29]
FF Extension: (DownThemAll!) - C:\Users\Wawa\AppData\Roaming\Mozilla\Firefox\Profiles\h57qlx0j.default-release-1611742092857\Extensions\{DDC359D1-844A-42a7-9AA1-88A850A938A8}.xpi [2021-01-27]
FF Plugin-x32: @Microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2021-02-03] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2021-02-03] (Microsoft Corporation -> Microsoft Corporation)

Chrome:
=======
CHR Profile: C:\Users\Wawa\AppData\Local\Google\Chrome\User Data\Default [2021-03-03]
CHR DownloadDir: C:\Users\Wawa\Desktop
CHR Notifications: Default -> hxxps://app.slack.com; hxxps://tvonline.vectra.pl; hxxps://www.facebook.com; hxxps://www.youtube.com
CHR DefaultSearchURL: Default -> hxxps://www.ramiz.pl/libraries/AdminPanel/Skins/mitra_shoper_rwd/Images/favicon-32x32.png
CHR Session Restore: Default -> [funkcja włączona]
CHR Extension: (Prezentacje) - C:\Users\Wawa\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2020-11-24]
CHR Extension: (SellPander) - C:\Users\Wawa\AppData\Local\Google\Chrome\User Data\Default\Extensions\agbflpkalbjfffobgpclklkdildfclmh [2021-02-23]
CHR Extension: (Dokumenty) - C:\Users\Wawa\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2020-11-24]
CHR Extension: (Dysk Google) - C:\Users\Wawa\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2020-11-24]
CHR Extension: (YouTube) - C:\Users\Wawa\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2020-11-24]
CHR Extension: (Adblock Plus - darmowy adblocker) - C:\Users\Wawa\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2021-01-30]
CHR Extension: (Shoper) - C:\Users\Wawa\AppData\Local\Google\Chrome\User Data\Default\Extensions\fbajkkglkiafekaejieoepjffokfipaj [2020-11-24]
CHR Extension: (Arkusze) - C:\Users\Wawa\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2020-11-24]
CHR Extension: (Dokumenty Google offline) - C:\Users\Wawa\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2021-02-28]
CHR Extension: (DownThemAll!) - C:\Users\Wawa\AppData\Local\Google\Chrome\User Data\Default\Extensions\nljkibfhlpcnanjgbnlnbjecgicbjkge [2021-02-05]
CHR Extension: (Płatności w sklepie Chrome Web Store) - C:\Users\Wawa\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-01-30]
CHR Extension: (Gmail) - C:\Users\Wawa\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2020-11-24]
CHR Extension: (Chrome Media Router) - C:\Users\Wawa\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2021-01-27]
CHR Extension: (BL EPlatforma) - C:\Users\Wawa\AppData\Local\Google\Chrome\User Data\Default\Extensions\pnjbpmpngfmohpebckjbkidgdbhloghb [2020-12-03]

==================== Usługi (filtrowane) ===================

(Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.)

R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [8905608 2021-02-13] (Microsoft Corporation -> Microsoft Corporation)
R2 Dolby DAX2 API Service; C:\Program Files\Dolby\Dolby DAX2\DAX2_API\DolbyDAX2API.exe [189464 2018-09-25] (Dolby Laboratories, Inc. -> Dolby Laboratories, Inc.)
R2 ImControllerService; C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [81840 2021-01-11] (Lenovo -> Lenovo Group Ltd.)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2101.9-0\NisSrv.exe [2462960 2021-02-10] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 wuauserv; C:\WINDOWS\system32\svchost.exe [57360 2020-10-14] (Microsoft Windows Publisher -> Microsoft Corporation) <==== UWAGA (Brak ServiceDLL)
S3 wuauserv; C:\WINDOWS\SysWOW64\svchost.exe [47016 2020-10-14] (Microsoft Windows Publisher -> Microsoft Corporation) <==== UWAGA (Brak ServiceDLL)

===================== Sterowniki (filtrowane) ===================

(Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.)

S3 dot4; C:\WINDOWS\System32\drivers\Dot4.sys [146856 2018-06-11] (BoiseTest -> Windows (R) Win 7 DDK provider)
S3 dot4usb; C:\WINDOWS\System32\drivers\dot4usb.sys [43944 2018-06-11] (BoiseTest -> Microsoft Corporation)
S3 HPEWSFXBULK; C:\WINDOWS\system32\drivers\hpfx64bulk.sys [29240 2015-10-27] (Hewlett-Packard Company -> Hewlett Packard)
S3 mvusbews; C:\WINDOWS\System32\Drivers\mvusbews.sys [20480 2012-09-26] (Microsoft Windows Hardware Compatibility Publisher -> Marvell Semiconductor, Inc.)
S3 qcusbser; C:\WINDOWS\System32\drivers\qcusbser.sys [242688 2016-03-24] (Xiaomi Technology Inc -> QUALCOMM Incorporated)
S3 ssudqcfilter; C:\WINDOWS\System32\drivers\ssudqcfilter.sys [64880 2020-04-24] (Samsung Electronics Co., Ltd. -> QUALCOMM Incorporated)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [49552 2021-02-10] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [419040 2021-02-10] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [71912 2021-02-10] (Microsoft Windows -> Microsoft Corporation)

==================== NetSvcs (filtrowane) ===================

(Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.)


==================== Jeden miesiąc (utworzone) (filtrowane) =========

(Załączenie wejścia w fixlist spowoduje przeniesienie pliku/folderu.)

2021-03-03 12:25 - 2021-03-03 12:26 - 000021199 _____ C:\Users\Wawa\Desktop\FRST.txt
2021-03-03 12:25 - 2021-03-03 12:26 - 000000000 ____D C:\FRST
2021-03-03 12:25 - 2021-03-03 12:25 - 002301440 _____ (Farbar) C:\Users\Wawa\Desktop\FRST64.exe
2021-03-03 12:25 - 2021-03-03 12:25 - 000000000 ____D C:\Users\Wawa\Desktop\FRST-OlderVersion
2021-03-03 12:00 - 2021-03-03 12:00 - 000077378 _____ C:\Users\Wawa\Documents\DESKTOP-IHE1JE0.txt
2021-03-03 11:57 - 2021-03-03 12:16 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CPUID
2021-03-03 11:57 - 2021-03-03 12:16 - 000000000 ____D C:\Program Files\CPUID
2021-03-02 11:57 - 2021-03-02 11:57 - 000000165 ____H C:\Users\Wawa\Desktop\~$PLAN DOSTAW MARZEC 2021.xlsx
2021-03-01 13:13 - 2021-03-01 13:13 - 000000000 ____D C:\Users\Wawa\Desktop\platform-tools
2021-03-01 13:01 - 2021-03-01 13:01 - 000000000 ____D C:\Users\Wawa\AppData\Roaming\Xiaomi
2021-03-01 12:58 - 2021-03-01 13:01 - 000000000 ____D C:\Users\Wawa\Desktop\MIUNLPOCK
2021-02-25 22:59 - 2021-03-02 10:23 - 000021546 _____ C:\Users\Wawa\Desktop\PLAN DOSTAW MARZEC 2021.xlsx
2021-02-24 22:05 - 2021-02-24 22:05 - 000000202 _____ C:\Users\Wawa\Desktop\rssc.txt
2021-02-24 08:37 - 2021-02-24 08:37 - 000000000 ____D C:\WINDOWS\system32\Tasks\Mozilla
2021-02-24 00:47 - 2021-02-24 00:47 - 000000063 _____ C:\Users\Wawa\Desktop\1.txt
2021-02-23 20:49 - 2021-02-23 21:03 - 000000000 ____D C:\Users\Wawa\Desktop\Pojazd Perfecta PA.A021B
2021-02-15 20:12 - 2021-03-03 12:26 - 000000000 ____D C:\Users\Wawa\AppData\Local\Messenger
2021-02-15 20:12 - 2021-03-03 11:55 - 000000000 ____D C:\Users\Wawa\AppData\Roaming\Messenger
2021-02-15 20:12 - 2021-02-24 08:39 - 000002328 _____ C:\Users\Wawa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Messenger.lnk
2021-02-15 20:12 - 2021-02-15 20:22 - 000000000 ____D C:\Users\Wawa\AppData\Local\messenger-updater
2021-02-15 20:12 - 2021-02-15 20:12 - 000000000 ____D C:\Users\Wawa\AppData\LocalLow\Messenger
2021-02-15 11:30 - 2021-02-15 11:48 - 000000000 ____D C:\ESD
2021-02-15 11:26 - 2021-02-15 11:26 - 000000000 ___HD C:\$Windows.~WS
2021-02-15 11:26 - 2021-02-15 11:26 - 000000000 ____D C:\$WINDOWS.~BT
2021-02-11 14:56 - 2021-02-11 14:56 - 000731136 _____ (Microsoft Corporation) C:\WINDOWS\system32\winrmsrv.exe
2021-02-11 14:56 - 2021-02-11 14:56 - 000681472 _____ (Microsoft Corporation) C:\WINDOWS\system32\winscomrssrv.dll
2021-02-11 14:56 - 2021-02-11 14:56 - 000000024 _____ C:\WINDOWS\system32\WinUpdates105.dat
2021-02-11 14:56 - 2021-02-11 14:56 - 000000003 _____ C:\WINDOWS\system32\wdbcache.tmp
2021-02-11 14:56 - 2020-12-08 11:32 - 000024512 _____ C:\WINDOWS\system32\7B296FC0-376B-497d-B013-58F4D9633A22-5P-1.B5841A4C-A289-439d-8115-50AB69CD450
2021-02-11 09:40 - 2021-02-11 14:56 - 000750592 _____ (Microsoft Corporation) C:\WINDOWS\system32\winlogui.exe
2021-02-11 09:40 - 2021-02-11 09:40 - 002619392 _____ (Microsoft Corporation) C:\WINDOWS\system32\StartupCheckLibrary.dll
2021-02-10 21:42 - 2021-02-15 11:48 - 000000000 ____D C:\WINDOWS\Panther
2021-02-10 16:34 - 2021-02-10 16:34 - 002755584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.tlb
2021-02-10 16:34 - 2021-02-10 16:34 - 002755584 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.tlb
2021-02-10 16:34 - 2021-02-10 16:34 - 001314112 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi
2021-02-10 16:34 - 2021-02-10 16:34 - 000231232 _____ C:\WINDOWS\system32\containerdevicemanagement.dll
2021-02-10 16:34 - 2021-02-10 16:34 - 000010892 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim
2021-02-10 08:58 - 2021-03-01 21:07 - 000014534 _____ C:\Users\Wawa\Desktop\PLAN DOSTAW LUTY 2021.xlsx
2021-02-08 13:12 - 2021-02-08 13:13 - 000000000 ____D C:\Users\Wawa\Desktop\MUZYKA

==================== Jeden miesiąc (zmodyfikowane) ==================

(Załączenie wejścia w fixlist spowoduje przeniesienie pliku/folderu.)

2021-03-03 12:26 - 2020-11-27 14:16 - 000000000 ____D C:\Users\Wawa\Documents\Pliki programu Outlook
2021-03-03 12:25 - 2020-11-24 15:52 - 000000000 ____D C:\Users\Wawa\AppData\Roaming\uTorrent
2021-03-03 12:20 - 2020-08-20 00:17 - 000008192 ___SH C:\DumpStack.log.tmp
2021-03-03 12:06 - 2020-11-24 14:54 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2021-03-03 11:37 - 2020-11-25 09:56 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Autostart
2021-03-03 11:37 - 2020-11-25 09:56 - 000000000 ____D C:\Program Files (x86)\Kalendarz XP
2021-03-03 11:20 - 2021-01-27 11:49 - 000002296 _____ C:\WINDOWS\system32\Tasks\CCleanerSkipUAC
2021-03-03 11:20 - 2020-12-03 22:18 - 000003498 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2021-03-03 11:20 - 2020-12-03 22:18 - 000003274 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2021-03-03 11:20 - 2020-11-24 15:51 - 000003556 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA
2021-03-03 11:20 - 2020-11-24 15:51 - 000003332 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore
2021-03-03 11:20 - 2020-11-24 15:02 - 000002412 _____ C:\WINDOWS\system32\Tasks\RtHDVBg_LENOVO_DOLBYDRAGON
2021-03-03 11:20 - 2020-11-24 15:02 - 000002366 _____ C:\WINDOWS\system32\Tasks\RtHDVBg_Dolby
2021-03-03 11:20 - 2020-11-24 15:02 - 000002362 _____ C:\WINDOWS\system32\Tasks\RTKCPL
2021-03-03 11:19 - 2021-01-27 11:48 - 000000000 ____D C:\Program Files\CCleaner
2021-03-03 11:07 - 2020-11-24 16:15 - 000000000 ____D C:\Users\Wawa\AppData\Local\D3DSCache
2021-03-03 08:12 - 2020-11-24 15:02 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2021-03-03 06:21 - 2020-11-30 16:16 - 000004222 _____ C:\WINDOWS\system32\Tasks\User_Feed_Synchronization-{163FF7FE-5B64-4325-B2FA-E62392F66181}
2021-03-02 11:57 - 2020-01-15 10:26 - 000000000 ____D C:\Users\Wawa\Desktop\TYTUŁY AUKCJI
2021-03-01 15:29 - 2020-11-24 15:25 - 000000000 ____D C:\Users\Wawa\AppData\Local\Packages
2021-03-01 13:31 - 2020-11-24 14:53 - 000000000 ____D C:\WINDOWS\INF
2021-03-01 10:03 - 2020-11-24 15:46 - 000000000 ____D C:\ProgramData\Mozilla
2021-03-01 10:02 - 2018-06-09 14:43 - 000000000 ____D C:\Users\Wawa\AppData\LocalLow\Mozilla
2021-02-28 21:09 - 2020-11-24 15:10 - 001767980 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2021-02-28 21:09 - 2020-11-24 14:55 - 000785530 _____ C:\WINDOWS\system32\perfh015.dat
2021-02-28 21:09 - 2020-11-24 14:55 - 000152390 _____ C:\WINDOWS\system32\perfc015.dat
2021-02-28 21:02 - 2020-11-24 20:27 - 000000000 ____D C:\Users\Wawa\AppData\LocalLow\uTorrent
2021-02-28 21:02 - 2020-11-24 15:53 - 000000000 ____D C:\Users\Wawa\AppData\Local\BitTorrentHelper
2021-02-28 21:01 - 2020-11-24 15:03 - 000000000 ____D C:\ProgramData\NVIDIA
2021-02-28 21:01 - 2020-11-24 15:02 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2021-02-28 21:01 - 2020-11-24 14:54 - 000000000 ____D C:\WINDOWS\ServiceState
2021-02-28 21:01 - 2018-06-09 16:26 - 000000000 __SHD C:\Users\Wawa\IntelGraphicsProfiles
2021-02-28 02:15 - 2020-11-24 14:49 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2021-02-26 14:57 - 2020-12-03 22:18 - 000002448 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2021-02-26 14:57 - 2020-11-24 14:54 - 000000000 ___HD C:\Program Files\WindowsApps
2021-02-26 14:57 - 2020-11-24 14:54 - 000000000 ____D C:\WINDOWS\AppReadiness
2021-02-25 08:30 - 2021-01-27 11:05 - 000000000 ____D C:\Program Files\Mozilla Firefox
2021-02-25 08:30 - 2021-01-27 11:05 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2021-02-24 08:37 - 2021-01-27 11:05 - 000000965 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2021-02-24 08:37 - 2020-11-24 15:51 - 000002213 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2021-02-22 09:03 - 2020-11-27 13:06 - 000000000 ____D C:\Program Files (x86)\Microsoft Office
2021-02-19 08:53 - 2021-01-27 11:48 - 000003936 _____ C:\WINDOWS\system32\Tasks\CCleaner Update
2021-02-16 14:12 - 2020-11-24 14:54 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2021-02-11 09:40 - 2020-11-24 14:54 - 000000000 ___HD C:\WINDOWS\system32\GroupPolicy
2021-02-11 09:40 - 2020-11-24 14:54 - 000000000 ____D C:\Program Files\Windows Defender
2021-02-10 21:42 - 2020-11-24 15:02 - 000439272 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2021-02-10 21:41 - 2020-11-24 14:54 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2021-02-10 21:41 - 2020-11-24 14:54 - 000000000 ____D C:\WINDOWS\SysWOW64\Keywords
2021-02-10 21:41 - 2020-11-24 14:54 - 000000000 ____D C:\WINDOWS\SystemResources
2021-02-10 21:41 - 2020-11-24 14:54 - 000000000 ____D C:\WINDOWS\system32\oobe
2021-02-10 21:41 - 2020-11-24 14:54 - 000000000 ____D C:\WINDOWS\system32\Keywords
2021-02-10 21:41 - 2020-11-24 14:54 - 000000000 ____D C:\WINDOWS\system32\es-MX
2021-02-10 21:41 - 2020-11-24 14:54 - 000000000 ____D C:\WINDOWS\PolicyDefinitions
2021-02-10 21:41 - 2020-11-24 14:54 - 000000000 ____D C:\WINDOWS\bcastdvr
2021-02-10 21:41 - 2020-11-24 14:54 - 000000000 ____D C:\Program Files\Common Files\System
2021-02-10 21:41 - 2020-11-24 14:49 - 000000000 ____D C:\WINDOWS\servicing
2021-02-10 16:36 - 2020-11-24 14:50 - 000000000 ____D C:\WINDOWS\CbsTemp
2021-02-10 16:28 - 2020-12-08 07:40 - 000000000 ____D C:\WINDOWS\system32\MRT
2021-02-10 16:27 - 2020-12-08 07:39 - 130141752 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2021-02-10 14:32 - 2020-11-27 14:24 - 000000000 ____D C:\Users\Wawa\AppData\Local\CrashDumps
2021-02-10 10:23 - 2020-11-24 15:04 - 000000000 ____D C:\Users\Wawa
2021-02-10 10:12 - 2020-11-24 15:02 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2021-02-09 13:56 - 2020-11-24 14:54 - 000000000 ____D C:\WINDOWS\system32\NDF
2021-02-09 12:20 - 2021-01-26 10:35 - 000000000 ____D C:\Users\Wawa\Desktop\KRZYS
2021-02-04 09:59 - 2021-01-26 10:34 - 000000000 ____D C:\Users\Wawa\Desktop\Nowy folder (2)

==================== Pliki w katalogu głównym wybranych folderów ========

2020-11-25 12:17 - 2020-11-25 12:17 - 007603760 _____ (Adobe Inc.) C:\ProgramData\Setup.exe

==================== SigCheck ============================

(Brak automatycznej naprawy dla plików które nie przeszły weryfikacji.)

==================== Koniec FRST.txt ========================

Rezultaty skanu uzupełniającego Farbar Recovery Scan Tool (x64) Wersja: 28-02-2021
Uruchomiony przez Wawa (03-03-2021 12:27:14)
Uruchomiony z C:\Users\Wawa\Desktop
Windows 10 Pro Wersja 2004 19041.804 (X64) (2020-11-24 14:25:25)
Tryb startu: Normal
==========================================================


==================== Konta użytkowników: =============================

Administrator (S-1-5-21-1731083898-657694052-1010873457-500 - Administrator - Disabled)
Gość (S-1-5-21-1731083898-657694052-1010873457-501 - Limited - Disabled)
Konto domyślne (S-1-5-21-1731083898-657694052-1010873457-503 - Limited - Disabled)
Wawa (S-1-5-21-1731083898-657694052-1010873457-1001 - Administrator - Enabled) => C:\Users\Wawa
WDAGUtilityAccount (S-1-5-21-1731083898-657694052-1010873457-504 - Limited - Disabled)

==================== Centrum zabezpieczeń ========================

(Załączenie wejścia w fixlist spowoduje jego usunięcie.)

AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Zainstalowane programy ======================

(W fixlist dozwolone tylko załączanie programów adware z flagą "Hidden" w celu ich uwidocznienia. Programy adware powinny zostać w poprawny sposób odinstalowane.)

µTorrent (HKU\S-1-5-21-1731083898-657694052-1010873457-1001\...\uTorrent) (Version: 3.5.5.45852 - BitTorrent Inc.)
Adobe Photoshop 2020 (HKLM-x32\...\PHSP_21_0_2) (Version: 21.0.2 - Adobe Systems Incorporated)
CCleaner (HKLM\...\CCleaner) (Version: 5.77 - Piriform)
CPUID CPU-Z 1.95 (HKLM\...\CPUID CPU-Z_is1) (Version: 1.95 - CPUID, Inc.)
CPUID HWMonitor 1.43 (HKLM\...\CPUID HWMonitor_is1) (Version: 1.43 - CPUID, Inc.)
Dolby Audio X2 Windows API SDK (HKLM\...\{8738A898-221B-4279-BC87-FEF7938022C1}) (Version: 0.8.8.87 - Dolby Laboratories, Inc.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 88.0.4324.190 - Google LLC)
Messenger 94.3.119 (HKU\S-1-5-21-1731083898-657694052-1010873457-1001\...\c1b3adcf-2068-5e8d-b25d-30ce588e3a4c) (Version: 94.3.119 - Facebook, Inc.)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 88.0.705.81 - Microsoft Corporation)
Microsoft Edge Update (HKLM-x32\...\Microsoft Edge Update) (Version: 1.3.141.59 - )
Microsoft Office Professional Plus 2016 - en-us (HKLM\...\ProPlusRetail - en-us) (Version: 16.0.13628.20448 - Microsoft Corporation)
Microsoft Office Professional Plus 2016 - pl-pl (HKLM\...\ProPlusRetail - pl-pl) (Version: 16.0.13628.20448 - Microsoft Corporation)
Microsoft OneDrive (HKU\.DEFAULT\...\OneDriveSetup.exe) (Version: 18.151.0729.0013 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{143E35D3-F0A4-4E90-96C9-B1B72F11343A}) (Version: 2.70.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40660 (HKLM-x32\...\{ef6b00ec-13e1-4c25-9064-b2f383cb8412}) (Version: 12.0.40660.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.40660 (HKLM-x32\...\{61087a79-ac85-455c-934d-1fa22cc64f36}) (Version: 12.0.40660.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x64) - 14.15.26706 (HKLM-x32\...\{95ac1cfa-f4fb-4d1b-8912-7f9d5fbb140d}) (Version: 14.15.26706.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x86) - 14.15.26706 (HKLM-x32\...\{7e9fae12-5bbf-47fb-b944-09c49e75c061}) (Version: 14.15.26706.0 - Microsoft Corporation)
Mozilla Firefox 86.0 (x64 pl) (HKLM\...\Mozilla Firefox 86.0 (x64 pl)) (Version: 86.0 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 85.0 - Mozilla)
Office 16 Click-to-Run Extensibility Component (HKLM-x32\...\{90160000-008C-0000-0000-0000000FF1CE}) (Version: 16.0.13628.20274 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Extensibility Component 64-bit Registration (HKLM\...\{90160000-00DD-0000-1000-0000000FF1CE}) (Version: 16.0.13628.20274 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-008F-0000-1000-0000000FF1CE}) (Version: 16.0.13628.20330 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM-x32\...\{90160000-008C-0409-0000-0000000FF1CE}) (Version: 16.0.13628.20274 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM-x32\...\{90160000-008C-0415-0000-0000000FF1CE}) (Version: 16.0.13628.20274 - Microsoft Corporation) Hidden
Panel sterowania NVIDIA 391.25 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel) (Version: 391.25 - NVIDIA Corporation) Hidden
Screenpresso (HKU\S-1-5-21-1731083898-657694052-1010873457-1001\...\Screenpresso) (Version: 1.8.5.0 - Learnpulse)
Vulkan Run Time Libraries 1.0.65.1 (HKLM\...\VulkanRT1.0.65.1) (Version: 1.0.65.1 - LunarG, Inc.) Hidden
WinRAR 5.91 (64-bitowy) (HKLM\...\WinRAR archiver) (Version: 5.91.0 - win.rar GmbH)
Zoom (HKU\S-1-5-21-1731083898-657694052-1010873457-1001\...\ZoomUMX) (Version: 5.4.6 (59296.1207) - Zoom Video Communications, Inc.)

Packages:
=========
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.9.1252.0_x64__8wekyb3d8bbwe [2021-02-01] (Microsoft Studios) [MS Ad]

==================== Niestandardowe rejestracje CLSID (filtrowane): ==============

(Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.)

ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> Brak pliku
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2020-08-25] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2020-08-25] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> Brak pliku
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\System32\DriverStore\FileRepository\igdlh64.inf_amd64_1a33d2f73651d989\igfxDTCM.dll [2018-05-07] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\system32\nvshext.dll [2018-03-16] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2020-08-25] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2020-08-25] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1_.DEFAULT: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => -> Brak pliku
ContextMenuHandlers4_.DEFAULT: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => -> Brak pliku
ContextMenuHandlers5_.DEFAULT: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => -> Brak pliku

==================== Codecs (filtrowane) ====================

(Załączenie wejścia w fixlist spowoduje usunięcie obiektu z rejestru lub przywrócenie jego domyślnej postaci. Powiązany plik nie zostanie przeniesiony.)

HKU\S-1-5-21-1731083898-657694052-1010873457-1001\...\Drivers32: [vidc.spv1] => C:\Users\Wawa\AppData\Local\Learnpulse\Screenpresso\ScreenpressoCodec.dll [167656 2021-02-10] (Learnpulse -> LearnPulse)

==================== Skróty & WMI ========================

==================== Załadowane moduły (filtrowane) =============

2021-03-02 19:55 - 2021-03-02 18:21 - 054476288 _____ () [Brak podpisu cyfrowego] \\?\C:\Users\Wawa\AppData\Local\Programs\Messenger\resources\app.asar.unpacked\build\addon.node
2021-03-02 19:55 - 2021-03-02 18:21 - 000762368 _____ () [Brak podpisu cyfrowego] \\?\C:\Users\Wawa\AppData\Local\Programs\Messenger\resources\app.asar.unpacked\build\keytar.node
2021-03-02 19:55 - 2021-03-02 18:21 - 000749568 _____ () [Brak podpisu cyfrowego] \\?\C:\Users\Wawa\AppData\Local\Programs\Messenger\resources\app.asar.unpacked\build\logging.node
2021-03-02 19:55 - 2021-03-02 18:21 - 001037824 _____ () [Brak podpisu cyfrowego] \\?\C:\Users\Wawa\AppData\Local\Programs\Messenger\resources\app.asar.unpacked\build\spellchecker_win.node
2021-03-02 19:55 - 2021-03-02 18:21 - 001218048 _____ () [Brak podpisu cyfrowego] \\?\C:\Users\Wawa\AppData\Local\Programs\Messenger\resources\app.asar.unpacked\build\systeminfo.node
2021-03-02 19:55 - 2021-03-02 18:21 - 000523776 _____ () [Brak podpisu cyfrowego] \\?\C:\Users\Wawa\AppData\Local\Programs\Messenger\resources\app.asar.unpacked\build\windows.data.xml.dom.node
2021-03-02 19:55 - 2021-03-02 18:21 - 000681984 _____ () [Brak podpisu cyfrowego] \\?\C:\Users\Wawa\AppData\Local\Programs\Messenger\resources\app.asar.unpacked\build\windows.ui.notifications.node
2021-03-01 13:13 - 2021-01-29 10:37 - 000097792 _____ (Google, inc) [Brak podpisu cyfrowego] C:\Users\Wawa\Desktop\platform-tools\AdbWinApi.dll
2021-03-01 13:13 - 2021-01-29 10:37 - 000062976 _____ (Google, inc) [Brak podpisu cyfrowego] C:\Users\Wawa\Desktop\platform-tools\AdbWinUsbApi.dll
2020-11-27 13:06 - 2020-11-27 13:06 - 000000000 ____L (Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\root\Office16\AppVIsvSubsystems32.dll
2020-11-27 13:06 - 2020-11-27 13:06 - 000000000 ____L (Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\root\Office16\c2r32.dll

==================== Alternate Data Streams (filtrowane) ========

==================== Tryb awaryjny (filtrowane) ==================

==================== Powiązania plików (filtrowane) =================

==================== Internet Explorer (filtrowane) ==========

HKU\S-1-5-21-1731083898-657694052-1010873457-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://securesearch.org/homepage?hp=2&pId=BT170603&iDate=2020-11-24%2002:52:20&iid=c18b9928-8fec-4a31-bde5-e41aaaec7f3c&bName=
SearchScopes: HKU\S-1-5-21-1731083898-657694052-1010873457-1001 -> {993F5746-4C15-42BC-99C1-064A1764271B} URL = hxxps://securesearch.org?q={searchTerms}
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2021-02-03] (Microsoft Corporation -> Microsoft Corporation)
BHO: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\GROOVEEX.DLL [2021-02-12] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\Office16\OCHelper.dll [2021-02-03] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2021-02-03] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2021-02-03] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2021-02-03] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2021-02-03] (Microsoft Corporation -> Microsoft Corporation)

(Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru.)

IE trusted site: HKU\S-1-5-21-1731083898-657694052-1010873457-1001\...\localhost -> localhost
IE trusted site: HKU\S-1-5-21-1731083898-657694052-1010873457-1001\...\sharepoint.com -> hxxps://upcpl1136329-files.sharepoint.com
IE trusted site: HKU\S-1-5-21-1731083898-657694052-1010873457-1001\...\webcompanion.com -> hxxp://webcompanion.com

==================== Hosts - zawartość: =========================

(Użycie dyrektywy Hosts: w fixlist spowoduje reset pliku Hosts.)

2020-11-24 14:54 - 2020-11-24 14:52 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts

==================== Inne obszary ===========================

(Obecnie brak automatycznej naprawy dla tej sekcji.)

HKU\S-1-5-21-1731083898-657694052-1010873457-1001\Control Panel\Desktop\\Wallpaper ->
DNS Servers: 192.168.31.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: Off)
Zapora systemu Windows [funkcja włączona]

==================== MSCONFIG/TASK MANAGER - Wyłączone elementy ==

(Załączenie wejścia w fixlist spowoduje jego usunięcie.)

HKLM\...\StartupApproved\Run: => "Logitech Download Assistant"
HKLM\...\StartupApproved\Run32: => "SecurityHealth"
HKU\S-1-5-21-1731083898-657694052-1010873457-1001\...\StartupApproved\Run: => "uTorrent"
HKU\S-1-5-21-1731083898-657694052-1010873457-1001\...\StartupApproved\Run: => "CCleaner Smart Cleaning"
HKU\S-1-5-21-1731083898-657694052-1010873457-1001\...\StartupApproved\Run: => "CCXProcess"
HKU\S-1-5-21-1731083898-657694052-1010873457-1001\...\StartupApproved\Run: => "Facebook.MessengerDesktop"
HKU\S-1-5-21-1731083898-657694052-1010873457-1001\...\StartupApproved\Run: => "Screenpresso"
HKU\S-1-5-21-1731083898-657694052-1010873457-1001\...\StartupApproved\Run: => "CCleanerBrowserAutoLaunch_BE3776904916F5B945E267EECD824E18"

==================== Reguły Zapory systemu Windows (filtrowane) ================

(Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.)

FirewallRules: [{723B8FCA-19EC-4326-B8F3-4A2F31F750CD}] => (Allow) C:\Users\Wawa\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [{1633667A-3AA7-4686-B1DF-6E13645783F7}] => (Allow) C:\Users\Wawa\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [TCP Query User{6034B72B-9EBD-4760-B247-79EC1A28B148}C:\users\wawa\appdata\local\microsoft\teams\current\teams.exe] => (Allow) C:\users\wawa\appdata\local\microsoft\teams\current\teams.exe => Brak pliku
FirewallRules: [UDP Query User{29564665-61CC-473C-9EE8-FC6F8AEA3E09}C:\users\wawa\appdata\local\microsoft\teams\current\teams.exe] => (Allow) C:\users\wawa\appdata\local\microsoft\teams\current\teams.exe => Brak pliku
FirewallRules: [{54CEB1BD-E057-4D29-BE23-6E9016A4DEF0}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{0D3F6BE2-7E94-41B1-B366-1C926959B554}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{C09E379E-0172-4594-B8AD-A80500FB70ED}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{05C2DB5A-34C3-4DD1-92C3-A5E2CF9CE91E}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{9199880A-3521-4BE4-8532-14C5BC1E45FF}] => (Allow) C:\Users\Wawa\AppData\Roaming\Zoom\bin\Zoom.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)
FirewallRules: [{FCD24DAA-D1C0-4A69-8699-53EF07523E50}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{3BFF3915-34C2-441B-9709-79E0550A2A6C}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{B0D881FB-D541-4781-9EDC-686C4ABA4EC4}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{E786FC29-A1DD-4A55-978B-ECDBF162CF73}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.68.96.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{F6C0FBB8-184E-4795-A881-3851FD1B91F5}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.68.96.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{8E2E8403-502C-4DED-BBC8-1C1948E4BCC8}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.68.96.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{313E934A-E0FF-43C2-9C66-4C6EEDB67AED}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.68.96.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [TCP Query User{359D739E-9DAA-4C11-A980-2FA30DCF5DF2}C:\users\wawa\appdata\local\programs\messenger\messenger.exe] => (Allow) C:\users\wawa\appdata\local\programs\messenger\messenger.exe (Facebook, Inc. -> Facebook, Inc.)
FirewallRules: [UDP Query User{E959D500-C3AF-415E-846F-D1DB00CEB653}C:\users\wawa\appdata\local\programs\messenger\messenger.exe] => (Allow) C:\users\wawa\appdata\local\programs\messenger\messenger.exe (Facebook, Inc. -> Facebook, Inc.)
FirewallRules: [{63BAB0A2-F689-4790-B106-463602981F36}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{D9A134D9-0F9A-443D-9056-64E88C5442C9}] => (Allow) C:\WINDOWS\system32\winrmsrv.exe (Microsoft Corporation) [Brak podpisu cyfrowego]

==================== Punkty Przywracania systemu =========================


==================== Wadliwe urządzenia w Menedżerze urządzeń ============


==================== Błędy w Dzienniku zdarzeń: ========================

Dziennik Aplikacja:
==================
Error: (02/24/2021 12:49:04 AM) (Source: VSS) (EventID: 8193) (User: )
Description: Błąd Usługi kopiowania woluminów w tle: nieoczekiwany błąd podczas wywoływania procedury CoCreateInstance. hr = 0x8007045b, Trwa proces zamykania systemu.
.

Error: (02/24/2021 12:49:04 AM) (Source: VSS) (EventID: 13) (User: )
Description: Informacje Usługi kopiowania woluminów w tle: nie można uruchomić serwera usługi COM z identyfikatorem CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} i nazwą CEventSystem. [0x8007045b, Trwa proces zamykania systemu.
]

Error: (02/22/2021 10:58:39 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Błąd Usługi kopiowania woluminów w tle: nieoczekiwany błąd podczas wywoływania procedury CoCreateInstance. hr = 0x8007045b, Trwa proces zamykania systemu.
.

Error: (02/22/2021 10:58:39 PM) (Source: VSS) (EventID: 13) (User: )
Description: Informacje Usługi kopiowania woluminów w tle: nie można uruchomić serwera usługi COM z identyfikatorem CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} i nazwą CEventSystem. [0x8007045b, Trwa proces zamykania systemu.
]

Error: (02/19/2021 07:39:57 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Błąd Usługi kopiowania woluminów w tle: nieoczekiwany błąd podczas wywoływania procedury CoCreateInstance. hr = 0x8007045b, Trwa proces zamykania systemu.
.

Error: (02/19/2021 07:39:57 PM) (Source: VSS) (EventID: 13) (User: )
Description: Informacje Usługi kopiowania woluminów w tle: nie można uruchomić serwera usługi COM z identyfikatorem CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} i nazwą CEventSystem. [0x8007045b, Trwa proces zamykania systemu.
]

Error: (02/19/2021 07:39:57 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Błąd Usługi kopiowania woluminów w tle: nieoczekiwany błąd podczas wywoływania procedury CoCreateInstance. hr = 0x8007045b, Trwa proces zamykania systemu.
.

Error: (02/19/2021 07:39:57 PM) (Source: VSS) (EventID: 13) (User: )
Description: Informacje Usługi kopiowania woluminów w tle: nie można uruchomić serwera usługi COM z identyfikatorem CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} i nazwą CEventSystem. [0x8007045b, Trwa proces zamykania systemu.
]


Dziennik System:
=============
Error: (03/03/2021 12:16:30 PM) (Source: volsnap) (EventID: 36) (User: )
Description: Wykonywanie kopii w tle woluminu C: zostało przerwane, ponieważ nie można powiększyć magazynu kopii w tle z powodu limitu wprowadzonego przez użytkownika.

Error: (03/03/2021 12:10:30 PM) (Source: DCOM) (EventID: 10010) (User: ZARZĄDZANIE NT)
Description: Serwer {E60687F7-01A1-40AA-86AC-DB1CBF673334} nie zarejestrował się w modelu DCOM w wymaganym czasie.

Error: (03/03/2021 12:08:30 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Usługa wuauserv zakończyła działanie; wystąpił następujący błąd:
Nie można odnaleźć określonego pliku.

Error: (03/03/2021 12:08:30 PM) (Source: DCOM) (EventID: 10010) (User: ZARZĄDZANIE NT)
Description: Serwer {E60687F7-01A1-40AA-86AC-DB1CBF673334} nie zarejestrował się w modelu DCOM w wymaganym czasie.

Error: (03/03/2021 12:06:30 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Usługa wuauserv zakończyła działanie; wystąpił następujący błąd:
Nie można odnaleźć określonego pliku.

Error: (03/03/2021 11:52:15 AM) (Source: DCOM) (EventID: 10010) (User: ZARZĄDZANIE NT)
Description: Serwer {E60687F7-01A1-40AA-86AC-DB1CBF673334} nie zarejestrował się w modelu DCOM w wymaganym czasie.

Error: (03/03/2021 11:50:15 AM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Usługa wuauserv zakończyła działanie; wystąpił następujący błąd:
Nie można odnaleźć określonego pliku.

Error: (03/03/2021 11:50:15 AM) (Source: DCOM) (EventID: 10010) (User: ZARZĄDZANIE NT)
Description: Serwer {E60687F7-01A1-40AA-86AC-DB1CBF673334} nie zarejestrował się w modelu DCOM w wymaganym czasie.


Windows Defender:
================
Date: 2021-02-09 09:07:58
Description:
Skanowanie produktu Program antywirusowy Microsoft Defender zostało zatrzymane przed ukończeniem.
Identyfikator skanowania: {6A728CB0-5FDB-46C9-9E62-2B6B2485B1C7}
Typ skanowania: Narzędzia chroniące przed złośliwym oprogramowaniem
Parametry skanowania: Szybkie skanowanie
Użytkownik: ZARZĄDZANIE NT\SYSTEM

Date: 2021-02-07 08:57:59
Description:
Skanowanie produktu Program antywirusowy Microsoft Defender zostało zatrzymane przed ukończeniem.
Identyfikator skanowania: {45802297-3B32-48F7-A615-C180C9EA8105}
Typ skanowania: Narzędzia chroniące przed złośliwym oprogramowaniem
Parametry skanowania: Szybkie skanowanie
Użytkownik: ZARZĄDZANIE NT\SYSTEM

Date: 2021-02-06 08:58:52
Description:
Skanowanie produktu Program antywirusowy Microsoft Defender zostało zatrzymane przed ukończeniem.
Identyfikator skanowania: {94E0B1C3-D126-4B79-9B8C-7A859508CCC3}
Typ skanowania: Narzędzia chroniące przed złośliwym oprogramowaniem
Parametry skanowania: Szybkie skanowanie
Użytkownik: ZARZĄDZANIE NT\SYSTEM

Date: 2021-02-05 08:13:05
Description:
Skanowanie produktu Program antywirusowy Microsoft Defender zostało zatrzymane przed ukończeniem.
Identyfikator skanowania: {DA8532B5-178B-4B11-BC93-6CF96483458B}
Typ skanowania: Narzędzia chroniące przed złośliwym oprogramowaniem
Parametry skanowania: Szybkie skanowanie
Użytkownik: ZARZĄDZANIE NT\SYSTEM

Date: 2021-02-02 11:31:59
Description:
Skanowanie produktu Program antywirusowy Microsoft Defender zostało zatrzymane przed ukończeniem.
Identyfikator skanowania: {330BA30A-7DA2-4EC5-A85F-31D10894131C}
Typ skanowania: Narzędzia chroniące przed złośliwym oprogramowaniem
Parametry skanowania: Szybkie skanowanie
Użytkownik: ZARZĄDZANIE NT\SYSTEM

Date: 2021-02-11 09:40:42
Description:
Agent ochrony w czasie rzeczywistym produktu Program antywirusowy Microsoft Defender wykrył błąd i jego uruchomienie nie powiodło się.
Funkcja: Przy dostępie
Kod błędu: 0x8007043c
Opis błędu: Tej usługi nie można uruchomić w trybie awaryjnym
Przyczyna: Analiza zabezpieczeń dla oprogramowania chroniącego przed złośliwym kodem przestała działać z nieznanej przyczyny. W niektórych przypadkach problem można rozwiązać, uruchamiając ponownie usługę.

CodeIntegrity:
===============
Date: 2020-11-24 15:53:47
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Avast Software\Avast\aswAMSI.dll that did not meet the Microsoft signing level requirements.

Date: 2020-11-24 15:53:46
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MpCmdRun.exe) attempted to load \Device\HarddiskVolume4\Program Files\Avast Software\Avast\aswAMSI.dll that did not meet the Microsoft signing level requirements.


==================== Statystyki pamięci ===========================

BIOS: LENOVO 6JCN33WW 06/30/2020
Płyta główna: LENOVO LNVNB161216
Procesor: Intel(R) Core(TM) i5-8250U CPU @ 1.60GHz
Procent pamięci w użyciu: 85%
Całkowita pamięć fizyczna: 8066.64 MB
Dostępna pamięć fizyczna: 1145.2 MB
Całkowita pamięć wirtualna: 18818.64 MB
Dostępna pamięć wirtualna: 6984.29 MB

==================== Dyski ================================

Drive c: () (Fixed) (Total:139.75 GB) (Free:71.4 GB) NTFS
Drive d: (Nowy) (Fixed) (Total:97.66 GB) (Free:47.17 GB) NTFS

\\?\Volume{5da19331-40ba-4ac5-a181-19a648122dc3}\ () (Fixed) (Total:0.44 GB) (Free:0.42 GB) NTFS
\\?\Volume{9e0bb31d-81e7-48f4-a656-10c31bf5792c}\ () (Fixed) (Total:0.51 GB) (Free:0.07 GB) NTFS
\\?\Volume{22a4ea6d-41f3-4218-9f47-f38320973b1a}\ () (Fixed) (Total:0.09 GB) (Free:0.07 GB) FAT32

==================== MBR & Tablica partycji ====================

==========================================================
Disk: 0 (Size: 238.5 GB) (Disk ID: BE303FA9)

Partition: GPT.

==================== Koniec Addition.txt =======================

Rezultat naprawy Farbar Recovery Scan Tool (x64) Wersja: 28-02-2021
Uruchomiony przez Wawa (03-03-2021 12:50:49) Run:1
Uruchomiony z C:\Users\Wawa\Desktop
Załadowane profile: Wawa
Tryb startu: Normal
==============================================

fixlist - zawartość:
*****************
CloseProcesses:
HKU\S-1-5-21-1731083898-657694052-1010873457-1001\...\Run: [uTorrent] => C:\Users\Wawa\AppData\Roaming\uTorrent\uTorrent.exe [2142936 2020-12-21] (BitTorrent Inc -> BitTorrent Inc.)
HKU\S-1-5-21-1731083898-657694052-1010873457-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [32721976 2021-02-16] (Piriform Software Ltd -> Piriform Software Ltd)
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Ograniczenia <==== UWAGA
Task: {354A8643-29D5-4382-BE3F-FE86A4427D8A} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [27165752 2021-02-16] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {53C57EC7-215D-4ACF-BE2D-8BCFF9A6F2F4} - System32\Tasks\Microsoft\Windows\Application Experience\StartupCheckLibrary => rundll32.exe StartupCheckLibrary.dll,DllMainRunLibrary <==== UWAGA
Task: {B0A71327-54C6-458B-B1A3-88D71132B9E3} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe [694752 2021-02-24] (Mozilla Corporation -> Mozilla Foundation)
Task: {B9D08BEC-0771-47DA-A83C-2669E5912CF8} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2101.9-0\MpCmdRun.exe [562240 2021-02-10] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {E2571283-88B5-433A-AA5D-FAB557B2D82F} - System32\Tasks\Microsoft\Windows\Windows Error Reporting\winrmsrv => C:\WINDOWS\system32\winrmsrv.exe [731136 2021-02-11] (Microsoft Corporation) [Brak podpisu cyfrowego] <==== UWAGA
Task: {ED3DA429-15B7-4D56-B9FE-5EB4C65FE6BA} - System32\Tasks\Microsoft\Windows\Wininet\Winlogui => C:\WINDOWS\system32\winlogui.exe [750592 2021-02-11] (Microsoft Corporation) [Brak podpisu cyfrowego] <==== UWAGA
Task: {F1A466BD-0757-4F9B-93CE-19C0A7617A68} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [684976 2021-02-16] (Piriform Software Ltd -> Piriform)
Task: {F7579021-4032-4FCA-AD09-98783539500E} - System32\Tasks\Microsoft\Windows\WDI\SrvHost => rundll32.exe winscomrssrv.dll,SrvMainHost <==== UWAGA
C:\Users\Wawa\AppData\Local\Google\Chrome\User Data\Default\Extensions\fbajkkglkiafekaejieoepjffokfipaj
CHR Extension: (Shoper) - C:\Users\Wawa\AppData\Local\Google\Chrome\User Data\Default\Extensions\fbajkkglkiafekaejieoepjffokfipaj [2020-11-24]
S3 wuauserv; C:\WINDOWS\system32\svchost.exe [57360 2020-10-14] (Microsoft Windows Publisher -> Microsoft Corporation) <==== UWAGA (Brak ServiceDLL)
S3 wuauserv; C:\WINDOWS\SysWOW64\svchost.exe [47016 2020-10-14] (Microsoft Windows Publisher -> Microsoft Corporation) <==== UWAGA (Brak ServiceDLL)
2021-03-03 12:25 - 2021-03-03 12:25 - 000000000 ____D C:\Users\Wawa\Desktop\FRST-OlderVersion
2021-02-11 14:56 - 2021-02-11 14:56 - 000731136 _____ (Microsoft Corporation) C:\WINDOWS\system32\winrmsrv.exe
2021-02-11 14:56 - 2021-02-11 14:56 - 000681472 _____ (Microsoft Corporation) C:\WINDOWS\system32\winscomrssrv.dll
2021-02-11 14:56 - 2021-02-11 14:56 - 000000024 _____ C:\WINDOWS\system32\WinUpdates105.dat
2021-02-11 14:56 - 2021-02-11 14:56 - 000000003 _____ C:\WINDOWS\system32\wdbcache.tmp
2020-11-25 12:17 - 2020-11-25 12:17 - 007603760 _____ (Adobe Inc.) C:\ProgramData\Setup.exe
*****************

Procesy zostały pomyślnie zamknięte.
"HKU\S-1-5-21-1731083898-657694052-1010873457-1001\Software\Microsoft\Windows\CurrentVersion\Run\\uTorrent" => pomyślnie usunięto
"HKU\S-1-5-21-1731083898-657694052-1010873457-1001\Software\Microsoft\Windows\CurrentVersion\Run\\CCleaner Smart Cleaning" => nie znaleziono
HKLM\SOFTWARE\Policies\Mozilla => pomyślnie usunięto
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{354A8643-29D5-4382-BE3F-FE86A4427D8A}" => nie znaleziono
"C:\WINDOWS\System32\Tasks\CCleanerSkipUAC" => nie znaleziono
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\CCleanerSkipUAC" => nie znaleziono
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{53C57EC7-215D-4ACF-BE2D-8BCFF9A6F2F4}" => pomyślnie usunięto
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{53C57EC7-215D-4ACF-BE2D-8BCFF9A6F2F4}" => pomyślnie usunięto
C:\WINDOWS\System32\Tasks\Microsoft\Windows\Application Experience\StartupCheckLibrary => pomyślnie przeniesiono
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Application Experience\StartupCheckLibrary" => pomyślnie usunięto
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{B0A71327-54C6-458B-B1A3-88D71132B9E3}" => pomyślnie usunięto
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{B0A71327-54C6-458B-B1A3-88D71132B9E3}" => pomyślnie usunięto
C:\WINDOWS\System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => pomyślnie przeniesiono
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB" => pomyślnie usunięto
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{B9D08BEC-0771-47DA-A83C-2669E5912CF8}" => pomyślnie usunięto
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{B9D08BEC-0771-47DA-A83C-2669E5912CF8}" => pomyślnie usunięto
C:\WINDOWS\System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => pomyślnie przeniesiono
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance" => pomyślnie usunięto
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{E2571283-88B5-433A-AA5D-FAB557B2D82F}" => pomyślnie usunięto
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{E2571283-88B5-433A-AA5D-FAB557B2D82F}" => pomyślnie usunięto
C:\WINDOWS\System32\Tasks\Microsoft\Windows\Windows Error Reporting\winrmsrv => pomyślnie przeniesiono
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Windows Error Reporting\winrmsrv" => pomyślnie usunięto
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{ED3DA429-15B7-4D56-B9FE-5EB4C65FE6BA}" => pomyślnie usunięto
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{ED3DA429-15B7-4D56-B9FE-5EB4C65FE6BA}" => pomyślnie usunięto
C:\WINDOWS\System32\Tasks\Microsoft\Windows\Wininet\Winlogui => pomyślnie przeniesiono
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Wininet\Winlogui" => pomyślnie usunięto
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{F1A466BD-0757-4F9B-93CE-19C0A7617A68}" => nie znaleziono
"C:\WINDOWS\System32\Tasks\CCleaner Update" => nie znaleziono
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\CCleaner Update" => nie znaleziono
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{F7579021-4032-4FCA-AD09-98783539500E}" => pomyślnie usunięto
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{F7579021-4032-4FCA-AD09-98783539500E}" => pomyślnie usunięto
C:\WINDOWS\System32\Tasks\Microsoft\Windows\WDI\SrvHost => pomyślnie przeniesiono
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\WDI\SrvHost" => pomyślnie usunięto
C:\Users\Wawa\AppData\Local\Google\Chrome\User Data\Default\Extensions\fbajkkglkiafekaejieoepjffokfipaj => pomyślnie przeniesiono
CHR Extension: (Shoper) - C:\Users\Wawa\AppData\Local\Google\Chrome\User Data\Default\Extensions\fbajkkglkiafekaejieoepjffokfipaj [2020-11-24] => Błąd: Nie znaleziono automatycznej naprawy dla tego wejścia.
HKLM\System\CurrentControlSet\Services\wuauserv => pomyślnie usunięto
wuauserv => serwis pomyślnie usunięto
wuauserv => serwis nie znaleziono.
"C:\Users\Wawa\Desktop\FRST-OlderVersion" => nie znaleziono
C:\WINDOWS\system32\winrmsrv.exe => pomyślnie przeniesiono
C:\WINDOWS\system32\winscomrssrv.dll => pomyślnie przeniesiono
C:\WINDOWS\system32\WinUpdates105.dat => pomyślnie przeniesiono
C:\WINDOWS\system32\wdbcache.tmp => pomyślnie przeniesiono
C:\ProgramData\Setup.exe => pomyślnie przeniesiono


System wymagał restartu.

==== Koniec Fixlog 12:50:50 ====