Rezultaty skanu uzupełniającego Farbar Recovery Scan Tool (x64) Wersja: 27-12-2021 Uruchomiony przez mmari (31-12-2021 18:38:29) Uruchomiony z F:\programy\frst Microsoft Windows 11 Pro Wersja 21H2 22000.376 (X64) (2021-11-23 14:02:39) Tryb startu: Normal ========================================================== ==================== Konta użytkowników: ============================= (Załączenie wejścia w fixlist spowoduje jego usunięcie.) Administrator (S-1-5-21-36516833-2863556059-2971446713-500 - Administrator - Disabled) Gość (S-1-5-21-36516833-2863556059-2971446713-501 - Limited - Disabled) Konto domyślne (S-1-5-21-36516833-2863556059-2971446713-503 - Limited - Disabled) mmari (S-1-5-21-36516833-2863556059-2971446713-1001 - Administrator - Enabled) => C:\Users\mmari WDAGUtilityAccount (S-1-5-21-36516833-2863556059-2971446713-504 - Limited - Disabled) ==================== Centrum zabezpieczeń ======================== (Załączenie wejścia w fixlist spowoduje jego usunięcie.) AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AV: Malwarebytes (Disabled - Out of date) {23007AD3-69FE-687C-2629-D584AFFAF72B} ==================== Zainstalowane programy ====================== (W fixlist dozwolone tylko załączanie programów adware z flagą "Hidden" w celu ich uwidocznienia. Programy adware powinny zostać w poprawny sposób odinstalowane.) AIDA64 Extreme v6.33 (HKLM-x32\...\AIDA64 Extreme_is1) (Version: 6.33 - FinalWire Ltd.) AIMP (HKLM-x32\...\AIMP) (Version: v4.60.2180, 25.03.2020 - AIMP DevTeam) Allgemeine Runtime Files (x86) (HKLM\...\{1F6D1DB5-82B5-41A4-85A2-0A382C142A35}_is1) (Version: 1.0.5.1 - Sereby Corporation) Battlefield 1 v.версия 1.0.u3 (HKLM-x32\...\Battlefield 1_is1) (Version: - ) CCleaner (HKLM\...\CCleaner) (Version: 5.87 - Piriform) Chrome Remote Desktop Host (HKLM-x32\...\{B9B27527-C019-411B-9813-3FC8724C88DA}) (Version: 96.0.4664.39 - Google LLC) CL-Eye Driver (HKLM-x32\...\CL-Eye Driver) (Version: 5.3.0.0341 - Code Laboratories, Inc.) CPUID CPU-Z 1.95 (HKLM\...\CPUID CPU-Z_is1) (Version: 1.95 - CPUID, Inc.) DAEMON Tools Lite (HKLM\...\DAEMON Tools Lite) (Version: 10.6.0.0283 - Disc Soft Ltd) Dirt 2 version 1.1.0.0 (HKLM-x32\...\Dirt 2_is1) (Version: 1.1.0.0 - Codemasters) DiRT 4 (HKLM-x32\...\DiRT 4_is1) (Version: - ) Farming Simulator 15 (HKLM-x32\...\Farming Simulator 15_is1) (Version: - ) FIFA18 version 1.0 (HKLM\...\FIFA18_is1) (Version: 1.0 - STEAMPUNKS) <==== UWAGA Google Chrome (HKLM-x32\...\Google Chrome) (Version: 96.0.4664.45 - Google LLC) Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.35.441 - Google LLC) Hidden Gothic III (HKLM-x32\...\{02B244A2-7F6A-42E8-A36F-8C385D7A1625}) (Version: 1.00.0000 - JoWooD Productions Software AG) Intel(R) Network Connections 20.1.2019.0 (HKLM\...\PROSetDX) (Version: 20.1.2019.0 - Intel) Intel® USB 3.1 Device Driver (HKLM\...\{7DFE2F7E-3154-45D6-A468-4725DE033AC8}) (Version: 15.2.30.280 - Intel Corporation) Internet Download Manager (HKLM-x32\...\Internet Download Manager) (Version: 6.39.2 - Tonec Inc.) Java 8 Update 311 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180311F0}) (Version: 8.0.3110.11 - Oracle Corporation) KMPlayer 64X (remove only) (HKLM\...\KMPlayer 64X) (Version: 2021.10.26.03 - PandoraTV) Logitech Gaming Software 5.10 (HKLM\...\{1444D2EE-C7AD-44A8-844F-2634B49353D1}) (Version: 5.10.127 - Logitech) MegaDownloader 1.8 (HKLM\...\{C12C2297-65A4-4E64-9AE1-29F0D947FDA0}}_is1) (Version: 1.8 - megadownloaderapp.blogspot.com) Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{F2508213-9989-4E85-A078-72BE483917EF}) (Version: 3.5.88.0 - Microsoft Corporation) Microsoft Games for Windows Marketplace (HKLM-x32\...\{4CB0307C-565E-4441-86BE-0DF2E4FB828C}) (Version: 3.5.50.0 - Microsoft Corporation) Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50918.0 - Microsoft Corporation) Microsoft Update Health Tools (HKLM\...\{2FA9DAAC-895B-4E99-99D9-DC2965FBE79C}) (Version: 2.87.0.0 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61187 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61186 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.7523 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.7523 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.7523 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.7523 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.61135 (HKLM\...\{37B8F9C7-03FB-3253-8781-2517C99D7C00}) (Version: 11.0.61135 - Microsoft Corporation) Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.61135 (HKLM\...\{CF2BEA3C-26EA-32F8-AA9B-331F7E34BA97}) (Version: 11.0.61135 - Microsoft Corporation) Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61135 (HKLM-x32\...\{B175520C-86A2-35A7-8619-86DC379688B9}) (Version: 11.0.61135 - Microsoft Corporation) Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61135 (HKLM-x32\...\{BD95A8CD-1D9F-35AD-981A-3E7925026EBB}) (Version: 11.0.61135 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40660 (HKLM-x32\...\{ef6b00ec-13e1-4c25-9064-b2f383cb8412}) (Version: 12.0.40660.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24212 (HKLM-x32\...\{323dad84-0974-4d90-a1c1-e006c7fdbb7d}) (Version: 14.0.24212.0 - Microsoft Corporation) Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24212 (HKLM-x32\...\{462f63a8-6347-4894-a1b3-dbfe3a4c981d}) (Version: 14.0.24212.0 - Microsoft Corporation) Microsoft Visual J# 2.0 Redistributable Package - SE (x64) (HKLM\...\Microsoft Visual J# 2.0 Redistributable Package - SE (x64)) (Version: - Microsoft Corporation) Microsoft Visual Studio Installer (HKLM\...\{6F320B93-EE3C-4826-85E0-ADF79F8D4C61}) (Version: 3.0.4496.34889 - Microsoft Corporation) MSI Afterburner 4.6.4 Beta 3 (HKLM-x32\...\Afterburner) (Version: 4.6.4 Beta 3 - MSI Co., LTD) Need for Speed - The Run (HKLM-x32\...\Need for Speed - The Run_R.G. Mechanics_is1) (Version: - R.G. Mechanics, markfiter) NVIDIA Oprogramowanie systemu PhysX 9.21.0713 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.21.0713 - NVIDIA Corporation) NVIDIA Sterownik dźwięku HD 1.3.38.94 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.38.94 - NVIDIA Corporation) NVIDIA Sterownik graficzny 496.76 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 496.76 - NVIDIA Corporation) OpenAL (HKLM-x32\...\OpenAL) (Version: - ) PLAY ONLINE (HKLM-x32\...\PLAY ONLINE) (Version: 23.015.02.02.264 - Huawei Technologies Co.,Ltd) qBittorrent 4.3.9 (HKLM-x32\...\qBittorrent) (Version: 4.3.9 - The qBittorrent project) Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7848 - Realtek Semiconductor Corp.) RivaTuner Statistics Server 7.3.2 Beta 2 (HKLM-x32\...\RTSS) (Version: 7.3.2 Beta 2 - Unwinder) Sniper Ghost Warrior (HKLM-x32\...\Sniper Ghost Warrior_is1) (Version: - ) Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation) TechPowerUp GPU-Z (HKLM-x32\...\{8B0F211E-5846-4FB2-B0B9-4EB31546FDF9}}_is1) (Version: 2.41.0 - TechPowerUp) Test Drive Unlimited 2 (HKLM-x32\...\Test Drive Unlimited 2_R.G. Mechanics_is1) (Version: - R.G. Mechanics, markfiter) WinRAR 5.80 (64-bitowy) (HKLM\...\WinRAR archiver) (Version: 5.80.0 - win.rar GmbH) Wise Memory Optimizer 4.1.4 (HKLM-x32\...\Wise Memory Optimizer_is1) (Version: 4.1.4 - WiseCleaner.com, Inc.) Packages: ========= Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.6.3102.0_x64__8wekyb3d8bbwe [2021-12-15] (Microsoft Studios) [MS Ad] NVIDIA Control Panel -> C:\Program Files\WindowsApps\NVIDIACorp.NVIDIAControlPanel_8.1.961.0_x64__56jybvy8sckqj [2021-12-15] (NVIDIA Corp.) Simple Minesweeper -> C:\Program Files\WindowsApps\26720RandomSaladGamesLLC.SimpleMinesweeper_2.0.14.0_x64__kx24dqmazqk8j [2021-11-26] (Random Salad Games LLC) ==================== Niestandardowe rejestracje CLSID (filtrowane): ============== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) CustomCLSID: HKU\S-1-5-21-36516833-2863556059-2971446713-1001_Classes\CLSID\{86ca1aa0-34aa-4e8b-a509-50c905bae2a2}\InprocServer32 -> => Brak pliku ShellIconOverlayIdentifiers: [ IDM Shell Extension] -> {CDC95B92-E27C-4745-A8C5-64A52A78855D} => C:\Program Files (x86)\Internet Download Manager\IDMShellExt64.dll [2021-03-03] (Tonec Inc. -> Tonec FZE) ShellIconOverlayIdentifiers: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => -> Brak pliku ShellIconOverlayIdentifiers: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => -> Brak pliku ShellIconOverlayIdentifiers: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => -> Brak pliku ShellIconOverlayIdentifiers: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => -> Brak pliku ShellIconOverlayIdentifiers: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => -> Brak pliku ShellIconOverlayIdentifiers: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => -> Brak pliku ShellIconOverlayIdentifiers: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => -> Brak pliku ShellIconOverlayIdentifiers-x32: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => -> Brak pliku ShellIconOverlayIdentifiers-x32: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => -> Brak pliku ShellIconOverlayIdentifiers-x32: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => -> Brak pliku ShellIconOverlayIdentifiers-x32: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => -> Brak pliku ShellIconOverlayIdentifiers-x32: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => -> Brak pliku ShellIconOverlayIdentifiers-x32: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => -> Brak pliku ShellIconOverlayIdentifiers-x32: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => -> Brak pliku ContextMenuHandlers1: [AIMP] -> {1F77B17B-F531-44DB-ACA4-76ABB5010A28} => C:\Program Files (x86)\AIMP\System\aimp_menu64.dll [2021-11-23] (IP Izmaylov Artem Andreevich -> AIMP DevTeam) ContextMenuHandlers1: [cm_64bit] -> {69E19770-EA24-49e2-B997-405EDBEF4C05} => -> Brak pliku ContextMenuHandlers1: [UnLockerMenu] -> {410BF280-86EF-4E0F-8279-EC5848546AD3} => -> Brak pliku ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2019-12-25] (win.rar GmbH -> Alexander Roshal) ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2019-12-25] (win.rar GmbH -> Alexander Roshal) ContextMenuHandlers2: [cm_64bit] -> {69E19770-EA24-49e2-B997-405EDBEF4C05} => -> Brak pliku ContextMenuHandlers4: [AIMP] -> {1F77B17B-F531-44DB-ACA4-76ABB5010A28} => C:\Program Files (x86)\AIMP\System\aimp_menu64.dll [2021-11-23] (IP Izmaylov Artem Andreevich -> AIMP DevTeam) ContextMenuHandlers4: [cm_64bit] -> {69E19770-EA24-49e2-B997-405EDBEF4C05} => -> Brak pliku ContextMenuHandlers4: [UnLockerMenu] -> {410BF280-86EF-4E0F-8279-EC5848546AD3} => -> Brak pliku ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\Windows\System32\DriverStore\FileRepository\nvmoi.inf_amd64_0bbf4b02936bf7cd\nvshext.dll [2021-11-11] (Nvidia Corporation -> NVIDIA Corporation) ContextMenuHandlers6: [UnLockerMenu] -> {410BF280-86EF-4E0F-8279-EC5848546AD3} => -> Brak pliku ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2019-12-25] (win.rar GmbH -> Alexander Roshal) ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2019-12-25] (win.rar GmbH -> Alexander Roshal) ==================== Codecs (filtrowane) ==================== (Załączenie wejścia w fixlist spowoduje usunięcie obiektu z rejestru lub przywrócenie jego domyślnej postaci. Powiązany plik nie zostanie przeniesiony.) HKLM\...\Drivers32: [VIDC.RTV1] => C:\Windows\system32\rtvcvfw64.dll [246272 2012-09-28] () [Brak podpisu cyfrowego] HKLM\...\Drivers32: [VIDC.FPS1] => C:\Windows\system32\frapsv64.dll [105984 2019-08-30] (Beepa P/L) [Brak podpisu cyfrowego] HKLM\...\Drivers32: [VIDC.RTV1] => C:\Windows\SysWOW64\rtvcvfw32.dll [247296 2012-09-28] () [Brak podpisu cyfrowego] HKLM\...\Drivers32: [VIDC.FPS1] => C:\Windows\SysWOW64\frapsvid.dll [94208 2019-08-30] (Beepa P/L) [Brak podpisu cyfrowego] ==================== Skróty & WMI ======================== (Wybrane wejścia mogą zostać załączone w celu ich zresetowania lub usunięcia.) ShortcutWithArgument: C:\Users\mmari\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplikacje Chrome\Chrome Remote Desktop (1).lnk -> C:\Program Files\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory=Default --app-id=efmjfjelnicpmdcmfikempdhlmainjcb ShortcutWithArgument: C:\Users\mmari\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplikacje Chrome\Chrome Remote Desktop (2).lnk -> C:\Program Files\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory=Default --app-id=efmjfjelnicpmdcmfikempdhlmainjcb ShortcutWithArgument: C:\Users\mmari\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplikacje Chrome\Chrome Remote Desktop.lnk -> C:\Program Files\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory=Default --app-id=efmjfjelnicpmdcmfikempdhlmainjcb ==================== Załadowane moduły (filtrowane) ============= 2021-12-06 07:58 - 2009-06-23 03:42 - 000043008 _____ () [Brak podpisu cyfrowego] C:\ProgramData\PLAY ONLINE\OnlineUpdate\libgcc_s_dw2-1.dll 2021-12-06 07:58 - 2009-01-10 19:32 - 000011362 _____ () [Brak podpisu cyfrowego] C:\ProgramData\PLAY ONLINE\OnlineUpdate\mingwm10.dll 2021-12-06 07:58 - 2013-08-31 06:44 - 002417152 _____ () [Brak podpisu cyfrowego] C:\ProgramData\PLAY ONLINE\OnlineUpdate\QtCore4.dll 2021-12-31 16:45 - 2013-08-31 06:46 - 001226695 _____ () [Brak podpisu cyfrowego] C:\ProgramData\PLAY ONLINE\OnlineUpdate\QtNetwork4.dll 2021-11-04 19:32 - 2021-11-04 19:32 - 025111839 _____ (Google LLC) [Brak podpisu cyfrowego] C:\Program Files (x86)\Google\Chrome Remote Desktop\96.0.4664.39\remoting_core.dll 2021-12-06 06:54 - 2021-12-31 16:55 - 000069337 _____ (Microsoft Corporation) [Brak podpisu cyfrowego] C:\Program Files\Common Files\System\symsrv.dll ==================== Alternate Data Streams (filtrowane) ======== ==================== Tryb awaryjny (filtrowane) ================== ==================== Powiązania plików (filtrowane) ================= ==================== Internet Explorer (filtrowane) ========== SearchScopes: HKU\S-1-5-21-36516833-2863556059-2971446713-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = BHO: IDM integration (IDMIEHlprObj Class) -> {0055C089-8582-441B-A0BF-17B458C2A3A8} -> C:\Program Files (x86)\Internet Download Manager\IDMIECC64.dll [2020-12-12] (Tonec Inc. -> Internet Download Manager, Tonec Inc.) BHO-x32: IDM integration (IDMIEHlprObj Class) -> {0055C089-8582-441B-A0BF-17B458C2A3A8} -> C:\Program Files (x86)\Internet Download Manager\IDMIECC.dll [2020-12-12] (Tonec Inc. -> Internet Download Manager, Tonec Inc.) BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> E:\Program Files\java\bin\ssv.dll [2021-12-06] (Oracle America, Inc. -> Oracle Corporation) BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> E:\Program Files\java\bin\jp2ssv.dll [2021-12-06] (Oracle America, Inc. -> Oracle Corporation) ==================== Hosts - zawartość: ========================= (Użycie dyrektywy Hosts: w fixlist spowoduje reset pliku Hosts.) 2021-06-05 13:08 - 2021-12-30 15:21 - 000004232 ____R C:\Windows\system32\drivers\etc\hosts 0.0.0.0 analytics.ff.avast.com 0.0.0.0 ipm-provider.ff.avast.com 0.0.0.0 license.piriform.com 0.0.0.0 license-api.ccleaner.com 0.0.0.0 www.ccleaner.com 0.0.0.0 shepherd.ff.avast.concc.avast.com 0.0.0.0 ncc.avast.com.edgesuite.net 0.0.0.0 ip-info.ff.avast.com ==================== Inne obszary =========================== (Obecnie brak automatycznej naprawy dla tej sekcji.) HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Common Files\Oracle\Java\javapath;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Windows\System32\OpenSSH\;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common HKU\S-1-5-21-36516833-2863556059-2971446713-1001\Control Panel\Desktop\\Wallpaper -> C:\Windows\web\wallpaper\Windows\img0.jpg DNS Servers: 9.9.9.9 - 149.112.112.112 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1) HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: ) Zapora systemu Windows [funkcja włączona] ==================== MSCONFIG/TASK MANAGER - Wyłączone elementy == (Załączenie wejścia w fixlist spowoduje jego usunięcie.) HKLM\...\StartupApproved\Run: => "RTHDVCPL" HKLM\...\StartupApproved\Run: => "Start WingMan Profiler" HKLM\...\StartupApproved\Run32: => "SecurityHealth" HKU\S-1-5-21-36516833-2863556059-2971446713-1001\...\StartupApproved\Run: => "CCleaner Smart Cleaning" HKU\S-1-5-21-36516833-2863556059-2971446713-1001\...\StartupApproved\Run: => "DAEMON Tools Lite Automount" HKU\S-1-5-21-36516833-2863556059-2971446713-1001\...\StartupApproved\Run: => "IDMan" HKU\S-1-5-21-36516833-2863556059-2971446713-1001\...\StartupApproved\Run: => "Steam" HKU\S-1-5-21-36516833-2863556059-2971446713-1001\...\StartupApproved\Run: => "bt" HKU\S-1-5-21-36516833-2863556059-2971446713-1001\...\StartupApproved\Run: => "ut" HKU\S-1-5-21-36516833-2863556059-2971446713-1001\...\StartupApproved\Run: => "uTorrent" ==================== Reguły Zapory systemu Windows (filtrowane) ================ (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) FirewallRules: [{6C2CB640-58C6-4C6B-ADA9-BA62C9BB0DF7}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\96.0.1054.29\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [{5E37A74A-CE75-4633-9DAA-70C031306230}] => (Allow) C:\Program Files\WindowsApps\MicrosoftTeams_21302.202.1065.6968_x64__8wekyb3d8bbwe\msteams.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [{5A93D7E9-CA44-4672-8A2B-292A9390919F}] => (Allow) C:\Program Files\WindowsApps\MicrosoftTeams_21302.202.1065.6968_x64__8wekyb3d8bbwe\msteams.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [{FA3B2216-372C-4AC9-9D01-307DD940E6A8}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC) FirewallRules: [TCP Query User{C2DE24B3-AF48-4C31-8843-533ADFF00A85}F:\program files (x86)\winamp\winamp.exe] => (Allow) F:\program files (x86)\winamp\winamp.exe (Nullsoft Inc. -> Nullsoft, Inc.) FirewallRules: [UDP Query User{44B06793-5102-41A9-BBE9-94CB3F68BDDC}F:\program files (x86)\winamp\winamp.exe] => (Allow) F:\program files (x86)\winamp\winamp.exe (Nullsoft Inc. -> Nullsoft, Inc.) FirewallRules: [{4C69E60B-B775-42B4-9ACD-DE05AB6ACD39}] => (Allow) E:\Program Files (x86)\Steam\Steam.exe (Valve Corp. -> Valve Corporation) FirewallRules: [{F9F909CA-D061-472F-9A3B-7DB3DABB4DFC}] => (Allow) E:\Program Files (x86)\Steam\Steam.exe (Valve Corp. -> Valve Corporation) FirewallRules: [{384D29BA-CCBB-4057-AB64-DC8306584E30}] => (Allow) E:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corp. -> Valve Corporation) FirewallRules: [{9EE4CCE8-17E8-45D8-8394-C002459EA751}] => (Allow) E:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corp. -> Valve Corporation) FirewallRules: [{84387CE6-2FF7-4531-98A0-289008AA2E64}] => (Allow) E:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe () [Brak podpisu cyfrowego] FirewallRules: [{22A3D1BD-3033-486D-BDE1-7A6AFCCB6E1F}] => (Allow) E:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe () [Brak podpisu cyfrowego] FirewallRules: [{31111800-263A-46CE-AEBA-889201277F11}] => (Allow) E:\Program Files\qBittorrent\qbittorrent.exe (The qBittorrent Project) [Brak podpisu cyfrowego] FirewallRules: [{37403C7B-44F2-4B18-AD22-2B0E927CF0BC}] => (Allow) E:\Program Files\qBittorrent\qbittorrent.exe (The qBittorrent Project) [Brak podpisu cyfrowego] FirewallRules: [TCP Query User{1F120EEA-BE45-4EEA-B1FA-07C9839599A1}E:\program files (x86)\r.g. mechanics\test drive unlimited 2\uplauncher.exe] => (Allow) E:\program files (x86)\r.g. mechanics\test drive unlimited 2\uplauncher.exe (Eden Games) [Brak podpisu cyfrowego] FirewallRules: [UDP Query User{9FA741FE-9FE7-461F-8A6B-15E0CB13C40C}E:\program files (x86)\r.g. mechanics\test drive unlimited 2\uplauncher.exe] => (Allow) E:\program files (x86)\r.g. mechanics\test drive unlimited 2\uplauncher.exe (Eden Games) [Brak podpisu cyfrowego] FirewallRules: [TCP Query User{3C6A4216-F713-49E8-AC74-25143338F414}C:\users\mmari\onedrive\pulpit\offline-launcher.exe] => (Allow) C:\users\mmari\onedrive\pulpit\offline-launcher.exe (Eden Games) [Brak podpisu cyfrowego] FirewallRules: [UDP Query User{BB1E2620-CCBD-49A2-B3A9-007444111840}C:\users\mmari\onedrive\pulpit\offline-launcher.exe] => (Allow) C:\users\mmari\onedrive\pulpit\offline-launcher.exe (Eden Games) [Brak podpisu cyfrowego] FirewallRules: [TCP Query User{DF419B9F-0985-4025-89D7-DD342441FE8F}E:\program files (x86)\r.g. mechanics\test drive unlimited 2\testdrive2.exe] => (Allow) E:\program files (x86)\r.g. mechanics\test drive unlimited 2\testdrive2.exe (Eden Games) [Brak podpisu cyfrowego] FirewallRules: [UDP Query User{AC547423-EDB9-4A14-880F-1BAE9E4695F5}E:\program files (x86)\r.g. mechanics\test drive unlimited 2\testdrive2.exe] => (Allow) E:\program files (x86)\r.g. mechanics\test drive unlimited 2\testdrive2.exe (Eden Games) [Brak podpisu cyfrowego] FirewallRules: [TCP Query User{58B7D335-204A-43CE-A496-B420185C7FE7}E:\program files (x86)\r.g. mechanics\test drive unlimited 2\_uplauncher.exe] => (Allow) E:\program files (x86)\r.g. mechanics\test drive unlimited 2\_uplauncher.exe (Eden Games) [Brak podpisu cyfrowego] FirewallRules: [UDP Query User{3A7453CC-78E3-4034-998A-52514A906B57}E:\program files (x86)\r.g. mechanics\test drive unlimited 2\_uplauncher.exe] => (Allow) E:\program files (x86)\r.g. mechanics\test drive unlimited 2\_uplauncher.exe (Eden Games) [Brak podpisu cyfrowego] FirewallRules: [{6C50E4F2-8800-4E95-90CB-209159995981}] => (Allow) C:\Program Files\WindowsApps\MicrosoftTeams_21323.200.1078.109_x64__8wekyb3d8bbwe\msteams.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [{E85EE390-C105-4FC7-8359-512FEC7609E3}] => (Allow) C:\Program Files\WindowsApps\MicrosoftTeams_21323.200.1078.109_x64__8wekyb3d8bbwe\msteams.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [TCP Query User{6085037E-FE97-4778-B3B4-D14EA82CC2C2}D:\games\battlefield 1\bf1.exe] => (Allow) D:\games\battlefield 1\bf1.exe (EA Digital Illusions CE AB) [Brak podpisu cyfrowego] FirewallRules: [UDP Query User{702D01DB-6E06-4CC1-ACA7-F4FE35989986}D:\games\battlefield 1\bf1.exe] => (Allow) D:\games\battlefield 1\bf1.exe (EA Digital Illusions CE AB) [Brak podpisu cyfrowego] FirewallRules: [TCP Query User{5A7F7792-57B8-4A61-9CFA-AD468B74968D}D:\program files\fifa18\fifa18.exe] => (Allow) D:\program files\fifa18\fifa18.exe (Electronic Arts -> Electronic Arts) FirewallRules: [UDP Query User{AF439682-6597-46E5-B424-73B8122A442C}D:\program files\fifa18\fifa18.exe] => (Allow) D:\program files\fifa18\fifa18.exe (Electronic Arts -> Electronic Arts) FirewallRules: [{3BCFB05C-D832-4723-B23E-9F567DA11663}] => (Allow) C:\Program Files (x86)\Google\Chrome Remote Desktop\96.0.4664.39\remoting_host.exe (Google LLC -> Google LLC) ==================== Punkty Przywracania systemu ========================= UWAGA: Przywracanie systemu jest wyłączone (Total:49.38 GB) (Free:26.67 GB) (54%) ==================== Wadliwe urządzenia w Menedżerze urządzeń ============ ==================== Błędy w Dzienniku zdarzeń: ======================== Dziennik Aplikacja: ================== Error: (12/31/2021 06:21:23 PM) (Source: chromoting) (EventID: 3) (User: ) Description: Odmowa dostępu dla klienta: mmariiiusz@gmail.com/chromoting_ftl_5e448042-fdd3-44e5-a520-0820610acf8f. Error: (12/31/2021 06:21:04 PM) (Source: chromoting) (EventID: 3) (User: ) Description: Odmowa dostępu dla klienta: mmariiiusz@gmail.com/chromoting_ftl_04fece4e-aaf2-4c75-b29c-8ed14da28cec. Error: (12/31/2021 06:19:54 PM) (Source: chromoting) (EventID: 3) (User: ) Description: Odmowa dostępu dla klienta: mmariiiusz@gmail.com/chromoting_ftl_19e5b264-19ef-4147-a1b2-305dbe320c09. Error: (12/31/2021 06:19:30 PM) (Source: chromoting) (EventID: 3) (User: ) Description: Odmowa dostępu dla klienta: mmariiiusz@gmail.com/chromoting_ftl_d31a63fc-93fe-4fe0-808c-cde7f9ad7a5d. Error: (12/31/2021 06:17:41 PM) (Source: chromoting) (EventID: 3) (User: ) Description: Odmowa dostępu dla klienta: mmariiiusz@gmail.com/chromoting_ftl_b151a2e0-2013-40d1-b3d9-2cd3db6ccb88. Error: (12/31/2021 06:16:03 PM) (Source: chromoting) (EventID: 3) (User: ) Description: Odmowa dostępu dla klienta: mmariiiusz@gmail.com/chromoting_ftl_1187a044-9ea4-4a4c-b2e8-41fe7b20d970. Error: (12/31/2021 06:16:03 PM) (Source: chromoting) (EventID: 3) (User: ) Description: Odmowa dostępu dla klienta: mmariiiusz@gmail.com/chromoting_ftl_46f3c22a-2e0f-4f2c-b999-db558e477437. Error: (12/31/2021 06:16:03 PM) (Source: chromoting) (EventID: 3) (User: ) Description: Odmowa dostępu dla klienta: mmariiiusz@gmail.com/chromoting_ftl_4fc41141-12d1-4204-8afc-de2fb1b7e454. Dziennik System: ============= Error: (12/31/2021 06:33:26 PM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: Usługa Clean Master Core Service niespodziewanie zakończyła pracę. Wystąpiło to razy: 1. Error: (12/31/2021 06:32:58 PM) (Source: Service Control Manager) (EventID: 7030) (User: ) Description: Usługa Clean Master Core Service jest oznaczona jako usługa interakcyjna. System jest jednak skonfigurowany tak, aby nie zezwalać na usługi interakcyjne, dlatego ta usługa może nie działać właściwie. Error: (12/31/2021 06:02:06 PM) (Source: Service Control Manager) (EventID: 7009) (User: ) Description: Upłynął limit czasu (30000 ms) podczas oczekiwania na połączenie się z usługą Usługa Pulpitu zdalnego Chrome. Error: (12/31/2021 06:01:52 PM) (Source: Service Control Manager) (EventID: 7009) (User: ) Description: Upłynął limit czasu (30000 ms) podczas oczekiwania na połączenie się z usługą Usługa Pulpitu zdalnego Chrome. Error: (12/31/2021 05:50:38 PM) (Source: Service Control Manager) (EventID: 7009) (User: ) Description: Upłynął limit czasu (30000 ms) podczas oczekiwania na połączenie się z usługą Usługa Pulpitu zdalnego Chrome. Error: (12/31/2021 05:49:43 PM) (Source: Service Control Manager) (EventID: 7009) (User: ) Description: Upłynął limit czasu (30000 ms) podczas oczekiwania na połączenie się z usługą Usługa Pulpitu zdalnego Chrome. Error: (12/31/2021 04:55:27 PM) (Source: Service Control Manager) (EventID: 7023) (User: ) Description: Usługa Usługa wiadomości_6142c zakończyła działanie; wystąpił następujący błąd: Urządzenie nie jest gotowe. Error: (12/31/2021 04:55:21 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Nie można uruchomić usługi PLAY ONLINE. RunOuc z powodu następującego błędu: Usługa nie odpowiada na sygnał uruchomienia lub sygnał sterujący w oczekiwanym czasie. Windows Defender: ================ Date: 2021-12-30 14:59:19 Description: Produkt Program antywirusowy Microsoft Defender wykrył złośliwe oprogramowanie lub inne potencjalnie niechciane oprogramowanie. Aby uzyskać więcej informacji, zobacz: https://go.microsoft.com/fwlink/?linkid=37020&name=Trojan:Win32/Floxif.E&threatid=2147706431&enterprise=0 Nazwa: Trojan:Win32/Floxif.E Identyfikator: 2147706431 Ważność: Poważny Kategoria: Koń trojański Ścieżka: file:_C:\Program Files\Common Files\System\symsrv.dll Pochodzenie wykrycia: Komputer lokalny Typ wykrycia: Konkretne Źródło wykrycia: System Użytkownik: ZARZĄDZANIE NT\SYSTEM Nazwa procesu: C:\Windows\System32\PickerHost.exe Wersja analizy zabezpieczeń: AV: 1.355.1121.0, AS: 1.355.1121.0, NIS: 1.355.1121.0 Wersja aparatu: AM: 1.1.18800.4, NIS: 1.1.18800.4਍ Date: 2021-12-30 14:59:01 Description: N/A Date: 2021-12-30 14:58:53 Description: N/A Date: 2021-12-30 14:55:07 Description: N/A Date: 2021-12-28 21:14:03 Description: N/A Event[0] Date: 2021-12-28 21:24:09 Description: Produkt Program antywirusowy Microsoft Defender napotkał błąd podczas próby aktualizacji analizy zabezpieczeń. Nowa wersja analizy zabezpieczeń: Poprzednia wersja analizy zabezpieczeń: 1.355.1017.0 Źródło aktualizacji: Serwer usługi Microsoft Update Typ analizy zabezpieczeń: Oprogramowanie antywirusowe Typ aktualizacji: Pełne Użytkownik: ZARZĄDZANIE NT\SYSTEM Bieżąca wersja aparatu: Poprzednia wersja aparatu: 1.1.18800.4 Kod błędu: 0x80240022 Opis błędu: Program nie może sprawdzić, czy są dostępne aktualizacje definicji. ਍ Date: 2021-12-28 21:24:09 Description: N/A Date: 2021-12-18 07:28:36 Description: N/A Date: 2021-12-15 10:20:01 Description: N/A Date: 2021-12-15 00:45:03 Description: N/A CodeIntegrity: =============== Date: 2021-12-31 16:46:30 Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.਍ ==================== Statystyki pamięci =========================== BIOS: American Megatrends Inc. 2202 04/01/2015 Płyta główna: ASUSTeK COMPUTER INC. VANGUARD B85 Procesor: Intel(R) Core(TM) i5-4690K CPU @ 3.50GHz Procent pamięci w użyciu: 17% Całkowita pamięć fizyczna: 16289.18 MB Dostępna pamięć fizyczna: 13515.11 MB Całkowita pamięć wirtualna: 17696.18 MB Dostępna pamięć wirtualna: 14440.74 MB ==================== Dyski ================================ Drive c: () (Fixed) (Total:49.38 GB) (Free:26.67 GB) NTFS Drive d: (Nowy) (Fixed) (Total:188.47 GB) (Free:123.36 GB) NTFS Drive e: (Nowy) (Fixed) (Total:465.76 GB) (Free:131.39 GB) NTFS Drive f: (Nowy) (Fixed) (Total:465.76 GB) (Free:179.85 GB) NTFS \\?\Volume{45771328-0000-0000-0000-100000000000}\ () (Fixed) (Total:0.1 GB) (Free:0.07 GB) NTFS \\?\Volume{45771328-0000-0000-0000-805e0c000000}\ () (Fixed) (Total:0.52 GB) (Free:0.09 GB) NTFS ==================== MBR & Tablica partycji ==================== ========================================================== Disk: 0 (MBR Code: Windows 7/8/10) (Size: 238.5 GB) (Disk ID: 45771328) Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS) Partition 2: (Not Active) - (Size=49.4 GB) - (Type=07 NTFS) Partition 3: (Not Active) - (Size=536 MB) - (Type=27) Partition 4: (Not Active) - (Size=188.5 GB) - (Type=07 NTFS) ========================================================== Disk: 1 (MBR Code: Windows 7/8/10) (Size: 465.8 GB) (Disk ID: AD3A6718) Partition 1: (Not Active) - (Size=465.8 GB) - (Type=07 NTFS) ========================================================== Disk: 2 (MBR Code: Windows 7/8/10) (Size: 465.8 GB) (Disk ID: 4015251D) Partition 1: (Not Active) - (Size=465.8 GB) - (Type=07 NTFS) ==================== Koniec Addition.txt =======================