Rezultaty skanu uzupełniającego Farbar Recovery Scan Tool (x64) Wersja: 27.01.2024 01 Uruchomiony przez Tomaszu (03-02-2024 11:25:13) Uruchomiony z C:\Users\Tomaszu\Desktop Microsoft Windows 10 Pro Wersja 22H2 19045.3693 (X64) (2023-12-09 05:44:41) Tryb startu: Normal ========================================================== ==================== Konta użytkowników: ============================= (Załączenie wejścia w fixlist spowoduje jego usunięcie.) Administrator (S-1-5-21-2312281861-1873309523-1155339195-500 - Administrator - Disabled) Gość (S-1-5-21-2312281861-1873309523-1155339195-501 - Limited - Disabled) Konto domyślne (S-1-5-21-2312281861-1873309523-1155339195-503 - Limited - Disabled) Tomaszu (S-1-5-21-2312281861-1873309523-1155339195-1001 - Administrator - Enabled) => C:\Users\Tomaszu WDAGUtilityAccount (S-1-5-21-2312281861-1873309523-1155339195-504 - Limited - Disabled) ==================== Centrum zabezpieczeń ======================== (Załączenie wejścia w fixlist spowoduje jego usunięcie.) AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} ==================== Zainstalowane programy ====================== (W fixlist dozwolone tylko załączanie programów adware z flagą "Hidden" w celu ich uwidocznienia. Programy adware powinny zostać w poprawny sposób odinstalowane.) AMD Software (HKLM\...\AMD Catalyst Install Manager) (Version: 22.11.2 - Advanced Micro Devices, Inc.) AnyDesk (HKLM-x32\...\AnyDesk) (Version: ad 8.0.8 - AnyDesk Software GmbH) Aqua Clip 10.4.0 (HKLM-x32\...\Aqua Clip) (Version: 10.4.0 - Ace Thinker) Aria Maestosa 1.4.13 (HKLM-x32\...\Aria Maestosa_is1) (Version: - ) ASIO4ALL (HKLM-x32\...\ASIO4ALL) (Version: 2.14 - Michael Tippach) Audacity 3.2.4 (HKLM\...\Audacity_is1) (Version: 3.2.4 - Audacity Team) Branding64 (HKLM\...\{0DB6E0DC-607A-42C1-A3CE-7567A9F85AF4}) (Version: 1.00.0008 - Advanced Micro Devices, Inc.) Hidden Chatango Message Catcher (HKLM-x32\...\Chatango) (Version: - ) Counter-Strike 1.6 v43 (HKU\S-1-5-21-2312281861-1873309523-1155339195-1001\...\{1BD2212B-8287-4F33-A6DC-903D423AB814}_is1) (Version: v43 - CSSetti.pl) CPUID CPU-Z 2.08 (HKLM\...\CPUID CPU-Z_is1) (Version: 2.08 - CPUID, Inc.) Deluxe Ski Jump 4 (HKLM-x32\...\Deluxe Ski Jump 4_is1) (Version: 1.0.1 - Mediamond Tmi) Emergency 4 (HKLM-x32\...\{FDB2EB0C-1803-4367-B2F1-9B76C0CD4486}) (Version: 1.00.0000 - sixteen tons entertainment) Epic Games Launcher (HKLM-x32\...\{2C0E3917-7562-499B-A320-E3BD55DD6266}) (Version: 1.3.79.0 - Epic Games, Inc.) Epic Games Launcher Prerequisites (x64) (HKLM\...\{F9C5C994-F6B9-4D75-B3E7-AD01B84073E9}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden Epic Online Services (HKLM-x32\...\{35905844-0610-427D-86A0-2103FABE3D4D}) (Version: 2.0.42.0 - Epic Games, Inc.) EVEREST Home Edition v2.20 (HKLM-x32\...\EVEREST Home Edition_is1) (Version: 2.20 - Lavalys Inc) Everything 1.4.1.1022 (x64) (HKLM\...\Everything) (Version: 1.4.1.1022 - voidtools) FL Studio 20 (HKLM-x32\...\FL Studio 20) (Version: - Image-Line) FL Studio 21 (HKLM-x32\...\FL Studio 21) (Version: 21.2.2.3914 - Image-Line) FL Studio ASIO (HKLM-x32\...\FL Studio ASIO) (Version: - Image-Line) foobar2000 v1.6.16 (HKLM-x32\...\foobar2000) (Version: 1.6.16 - Peter Pawlowski) Foxit PDF Reader (HKLM-x32\...\Foxit Reader_is1) (Version: 2023.3.0.23028 - Foxit Software Inc.) GG (HKU\S-1-5-21-2312281861-1873309523-1155339195-1001\...\GG) (Version: 12 - England Sp. z o.o.) Google Earth Pro (HKLM-x32\...\Google Earth Pro) (Version: 7.3.6.9326 - Google Earth Pro) Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.23 - Google Inc.) Hidden IL Download Manager (HKLM-x32\...\IL Download Manager) (Version: - Image-Line) IrfanView 4.62 (64-bit) (HKLM\...\IrfanView64) (Version: 4.62 - Irfan Skiljan) Key Signatures verification 0.2.0.1 (HKLM-x32\...\Key Signatures verification_is1) (Version: 0.2.0.1 - ) Launcher Prerequisites (x64) (HKLM-x32\...\{43a03b9c-4770-409c-a999-587b60700b63}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden Malwarebytes version 4.6.8.311 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 4.6.8.311 - Malwarebytes) Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 121.0.2277.83 - Microsoft Corporation) Microsoft OneDrive (HKU\S-1-5-21-2312281861-1873309523-1155339195-1001\...\OneDriveSetup.exe) (Version: 24.010.0114.0003 - Microsoft Corporation) Microsoft Update Health Tools (HKLM\...\{1FC1A6C2-576E-489A-9B4A-92D21F542136}) (Version: 3.74.0.0 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61187 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61186 - Microsoft Corporation) Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.61135 (HKLM\...\{37B8F9C7-03FB-3253-8781-2517C99D7C00}) (Version: 11.0.61135 - Microsoft Corporation) Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.61135 (HKLM\...\{CF2BEA3C-26EA-32F8-AA9B-331F7E34BA97}) (Version: 11.0.61135 - Microsoft Corporation) Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61135 (HKLM-x32\...\{B175520C-86A2-35A7-8619-86DC379688B9}) (Version: 11.0.61135 - Microsoft Corporation) Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61135 (HKLM-x32\...\{BD95A8CD-1D9F-35AD-981A-3E7925026EBB}) (Version: 11.0.61135 - Microsoft Corporation) Microsoft Visual C++ 2015-2019 Redistributable (x64) - 14.29.30133 (HKLM-x32\...\{295d1583-fdb9-414b-a4c8-da539362a26b}) (Version: 14.29.30133.0 - Microsoft Corporation) Microsoft Visual C++ 2019 X64 Additional Runtime - 14.29.30133 (HKLM\...\{E699E009-1C3C-4E50-9B57-2B39F0954C7F}) (Version: 14.29.30133 - Microsoft Corporation) Hidden Microsoft Visual C++ 2019 X64 Minimum Runtime - 14.29.30133 (HKLM\...\{6CD9E9ED-906D-4196-8DC3-F987D2F6615F}) (Version: 14.29.30133 - Microsoft Corporation) Hidden Mjuice Components (HKLM-x32\...\MjuiceWinamp) (Version: - ) Mozilla Firefox (x64 pl) (HKLM\...\Mozilla Firefox 122.0 (x64 pl)) (Version: 122.0 - Mozilla) Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 122.0 - Mozilla) MTA:SA v1.5.9 (HKLM-x32\...\MTA:SA 1.5) (Version: v1.5.9 - Multi Theft Auto) MTA:SA v1.6.0 (HKLM-x32\...\MTA:SA 1.6) (Version: v1.6.0 - Multi Theft Auto) MultitrackStudio Lite (HKLM\...\MultitrackStudio64_is1) (Version: 10.5.1 - Bremmers Audio Design) Mumble (client) (HKLM\...\{7668CA93-7D82-43E5-AA6D-BCA352951877}) (Version: 1.4.287 - Mumble VoIP) Need for Speed Underground 2 (HKLM-x32\...\{909F8EBC-EC7F-48FF-0085-475D818F0F31}) (Version: - ) NetTraffic (HKU\S-1-5-21-2312281861-1873309523-1155339195-1001\...\NetTraffic) (Version: 1.64.0.0 - VENEA.NET) Notepad++ (64-bit x64) (HKLM\...\Notepad++) (Version: 8.5.2 - Notepad++ Team) Opera Stable 106.0.4998.66 (HKU\S-1-5-21-2312281861-1873309523-1155339195-1001\...\Opera 106.0.4998.66) (Version: 106.0.4998.66 - Opera Software) PDF-XChange Editor (HKLM\...\{CB2D36B8-991B-4009-AD34-D6B740E65A48}) (Version: 10.1.2.382 - Tracker Software Products (Canada) Ltd.) Python Numeric abstract base classes 0.1.2.7 (HKLM-x32\...\Python Numeric abstract base classes_is1) (Version: 0.1.2.7 - ) Radmin VPN 1.4.1 (HKLM-x32\...\{DE542597-6FA9-4131-9E1F-28B217C20E8F}) (Version: 1.4.4642.1 - Famatech) reFX Nexus VSTi RTAS v2.2.0 (HKLM-x32\...\reFX Nexus_is1) (Version: - ) Roland Cloud ZENOLOGY (HKLM\...\Roland Cloud ZENOLOGY_is1) (Version: 2.0.1 - Roland Cloud) RyzenMasterSDK (HKLM\...\{85A2A688-4A95-4298-9FEC-F18F42B8EB7E}) (Version: 1.2.3.5 - Advanced Micro Devices, Inc.) Hidden Signal 6.22.0 (HKU\S-1-5-21-2312281861-1873309523-1155339195-1001\...\7d96caee-06e6-597c-9f2f-c7bb2e0948b4) (Version: 6.22.0 - Signal Messenger, LLC) SoulseekQt (wersja 2019.7.22) (HKLM-x32\...\{8A4E1646-488C-4E5B-AC31-F784400E8D2D}_is1) (Version: 2019.7.22 - Soulseek LLC) Środowisko uruchomieniowe Microsoft Edge WebView2 (HKLM-x32\...\Microsoft EdgeWebView) (Version: 120.0.2210.144 - Microsoft Corporation) TeamViewer (HKLM\...\TeamViewer) (Version: 15.44.4 - TeamViewer) Ubisoft Connect (HKLM-x32\...\Uplay) (Version: 139.2.10843 - Ubisoft) Update for Windows 10 for x64-based Systems (KB5001716) (HKLM\...\{7B63012A-4AC6-40C6-B6AF-B24A84359DD5}) (Version: 8.93.0.0 - Microsoft Corporation) VLC media player (HKLM\...\VLC media player) (Version: 3.0.18 - VideoLAN) Winamp (remove only) (HKLM-x32\...\Winamp) (Version: - ) WinRAR 6.11 (64-bitowy) (HKLM\...\WinRAR archiver) (Version: 6.11.0 - win.rar GmbH) Packages: ========= Dodatek Aparat multimediów dla aplikacji Zdjęcia -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2023-04-29] (Microsoft Corporation) FURY CTRL -> C:\Program Files\WindowsApps\KingstonTechnologyCompany.FURYCTRL_2.0.49.0_x64__5myjd26we8sq4 [2024-01-11] (Kingston Technology Company, Inc.) [Startup Task] Solitaire & Casual Games -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.18.11020.0_x64__8wekyb3d8bbwe [2023-11-07] (Microsoft Studios) [MS Ad] WhatsApp -> C:\Program Files\WindowsApps\5319275A.WhatsAppDesktop_2.2401.5.0_x64__cv1g1gvanyjgm [2024-01-30] (WhatsApp Inc.) [Startup Task] ==================== Niestandardowe rejestracje CLSID (filtrowane): ============== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) ContextMenuHandlers1: [PDFXChange Editor Context menu] -> {2ACD35AB-F74A-4C20-AA9B-2DE80081626D} => C:\Program Files\Tracker Software\Shell Extensions\XCShellMenu.x64.dll [2023-10-23] (TRACKER SOFTWARE PRODUCTS (CANADA) LIMITED -> Tracker Software Products (Canada) Ltd.) ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2022-03-14] (win.rar GmbH -> Alexander Roshal) ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2022-03-14] (win.rar GmbH -> Alexander Roshal) ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2024-02-01] (Malwarebytes Inc. -> Malwarebytes) ContextMenuHandlers5: [ACE] -> {5E2121EE-0300-11D4-8D3B-444553540000} => C:\Program Files\AMD\CNext\CNext\atiacm64.dll [2022-11-30] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.) ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2024-02-01] (Malwarebytes Inc. -> Malwarebytes) ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2022-03-14] (win.rar GmbH -> Alexander Roshal) ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2022-03-14] (win.rar GmbH -> Alexander Roshal) ==================== Codecs (filtrowane) ==================== ==================== Skróty & WMI ======================== ==================== Załadowane moduły (filtrowane) ============= ==================== Alternate Data Streams (filtrowane) ======== (Załączenie wejścia w fixlist spowoduje usunięcie strumienia ADS.) AlternateDataStreams: C:\ProgramData:0849ff6b [710] AlternateDataStreams: C:\ProgramData:NT [40] AlternateDataStreams: C:\Users\All Users:0849ff6b [710] AlternateDataStreams: C:\Users\All Users:NT [40] AlternateDataStreams: C:\ProgramData\Dane aplikacji:0849ff6b [710] AlternateDataStreams: C:\ProgramData\Dane aplikacji:NT [40] AlternateDataStreams: C:\ProgramData\MTA San Andreas All:0849ff6b [710] AlternateDataStreams: C:\ProgramData\MTA San Andreas All:NT [40] AlternateDataStreams: C:\Users\Tomaszu\Dane aplikacji:0849ff6b [710] AlternateDataStreams: C:\Users\Tomaszu\Dane aplikacji:NT [40] AlternateDataStreams: C:\Users\Tomaszu\AppData\Roaming:0849ff6b [710] AlternateDataStreams: C:\Users\Tomaszu\AppData\Roaming:NT [40] AlternateDataStreams: C:\Users\Tomaszu\Documents\GTA San Andreas User Files:0849ff6b [710] ==================== Tryb awaryjny (filtrowane) ================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Wartość "AlternateShell" zostanie przywrócona.) HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service" ==================== Powiązania plików (filtrowane) ================= ==================== Internet Explorer (filtrowane) ========== ==================== Hosts - zawartość: ========================= (Użycie dyrektywy Hosts: w fixlist spowoduje reset pliku Hosts.) 2019-03-19 05:49 - 2019-03-19 05:49 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts ==================== Inne obszary =========================== (Obecnie brak automatycznej naprawy dla tej sekcji.) HKU\S-1-5-21-2312281861-1873309523-1155339195-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Tomaszu\AppData\Local\Packages\Microsoft.Windows.Photos_8wekyb3d8bbwe\LocalState\PhotosAppBackground\darkspace.jpg DNS Servers: 192.168.1.1 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 0) HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: Off) Zapora systemu Windows [funkcja włączona] ==================== MSCONFIG/TASK MANAGER - Wyłączone elementy == ==================== Reguły Zapory systemu Windows (filtrowane) ================ (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) FirewallRules: [UDP Query User{E81A4136-6DBC-42EB-B00C-408BC460461F}E:\różne rzeczy\gry\counter-strike 1.6 v43\hl.exe] => (Block) E:\różne rzeczy\gry\counter-strike 1.6 v43\hl.exe (Valve) [Brak podpisu cyfrowego] FirewallRules: [TCP Query User{8E22A01E-C1DE-4626-9CE2-D43326200D68}E:\różne rzeczy\gry\counter-strike 1.6 v43\hl.exe] => (Block) E:\różne rzeczy\gry\counter-strike 1.6 v43\hl.exe (Valve) [Brak podpisu cyfrowego] FirewallRules: [{3A46EFCA-030F-4544-B47B-51E2529B2942}] => (Allow) C:\Program Files (x86)\Radmin VPN\RvControlSvc.exe (Famatech Corp. -> Famatech Corp.) FirewallRules: [{12F8E9A9-AE30-447A-8680-A59EDE6033E1}] => (Allow) C:\Program Files\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH) FirewallRules: [{BC28F223-1941-455E-8C6C-F03CE111E7B5}] => (Allow) C:\Program Files\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH) FirewallRules: [{2CB43BA9-3A9F-41BF-98F5-F7A1B1EC6F51}] => (Allow) C:\Program Files\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH) FirewallRules: [{FDE6F5F7-29A0-4F41-A658-30D88A8FD8E2}] => (Allow) C:\Program Files\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH) FirewallRules: [UDP Query User{F49BBCE7-4D6E-4D74-A5D2-3B034A635373}C:\program files\videolan\vlc\vlc.exe] => (Allow) C:\program files\videolan\vlc\vlc.exe (VideoLAN -> VideoLAN) FirewallRules: [TCP Query User{91D82608-B5CC-43C5-9A27-22E25F1DB361}C:\program files\videolan\vlc\vlc.exe] => (Allow) C:\program files\videolan\vlc\vlc.exe (VideoLAN -> VideoLAN) FirewallRules: [UDP Query User{CB4FAC2A-CFE7-4F25-86E8-7A6D6DFB05BD}C:\program files (x86)\soulseekqt\soulseekqt.exe] => (Allow) C:\program files (x86)\soulseekqt\soulseekqt.exe () [Brak podpisu cyfrowego] FirewallRules: [TCP Query User{D767C4CA-F01C-48B2-92B3-AE7BA6D7F65B}C:\program files (x86)\soulseekqt\soulseekqt.exe] => (Allow) C:\program files (x86)\soulseekqt\soulseekqt.exe () [Brak podpisu cyfrowego] FirewallRules: [{C40A3D10-86C0-49FA-9AA7-51D260D33272}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.110.3218.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.) FirewallRules: [{7E39A2D0-4F91-456C-B9B6-4E031923ACA1}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.110.3218.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.) FirewallRules: [{9F67E95F-445F-44CA-BB50-133390A1F0F4}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.110.3218.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.) FirewallRules: [{5DAECFF3-233B-4DBF-A753-0FA620DB552E}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.110.3218.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.) FirewallRules: [TCP Query User{2C3A426D-1E3C-47D2-A2FF-58624DC13D67}E:\program files\image-line\fl studio 20\fl64.exe] => (Block) E:\program files\image-line\fl studio 20\fl64.exe (Image Line -> Image-Line) [Brak podpisu cyfrowego] FirewallRules: [UDP Query User{8B7CE8D2-29AB-4664-B75E-3E42797DDF6A}E:\program files\image-line\fl studio 20\fl64.exe] => (Block) E:\program files\image-line\fl studio 20\fl64.exe (Image Line -> Image-Line) [Brak podpisu cyfrowego] FirewallRules: [TCP Query User{7C7C9DEC-E0C0-472E-8410-49B7CB60F585}C:\program files\videolan\vlc\vlc.exe] => (Block) C:\program files\videolan\vlc\vlc.exe (VideoLAN -> VideoLAN) FirewallRules: [UDP Query User{1F822DD1-28F4-4D57-8A47-66DA7E5B54DB}C:\program files\videolan\vlc\vlc.exe] => (Block) C:\program files\videolan\vlc\vlc.exe (VideoLAN -> VideoLAN) FirewallRules: [{7DFEE327-2B2D-41F1-9A0A-4BD29C9D4C20}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\120.0.2210.144\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [{C15A74CD-2E83-40CE-A702-674A6441401A}] => (Allow) C:\Users\Tomaszu\AppData\Local\Programs\Opera\106.0.4998.52\opera.exe (Opera Norway AS -> Opera Software) FirewallRules: [TCP Query User{DE5F7F8B-6773-48CE-9723-D0FF067CD5EB}C:\program files (x86)\soulseekqt\soulseekqt.exe] => (Allow) C:\program files (x86)\soulseekqt\soulseekqt.exe () [Brak podpisu cyfrowego] FirewallRules: [UDP Query User{8D7C36C9-D3BF-4B77-9571-85A3FE153D7E}C:\program files (x86)\soulseekqt\soulseekqt.exe] => (Allow) C:\program files (x86)\soulseekqt\soulseekqt.exe () [Brak podpisu cyfrowego] FirewallRules: [{E55B33F8-344E-405B-9D11-27EA9E5796F7}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation) FirewallRules: [{CC9044BC-1291-45BE-812A-42040A0329CB}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation) FirewallRules: [{55B2CAE9-CB6F-4D1A-9D93-AFFFAE7FD0CF}] => (Allow) C:\Users\Tomaszu\AppData\Local\Programs\Opera\106.0.4998.66\opera.exe (Opera Norway AS -> Opera Software) FirewallRules: [TCP Query User{1AAE0D48-D428-47C6-9D97-84C13D3BF639}C:\users\tomaszu\appdata\local\programs\opera\opera.exe] => (Block) C:\users\tomaszu\appdata\local\programs\opera\opera.exe (Opera Norway AS -> Opera Software) FirewallRules: [UDP Query User{078A42B4-698D-40CB-A5D4-72A47F879FF8}C:\users\tomaszu\appdata\local\programs\opera\opera.exe] => (Block) C:\users\tomaszu\appdata\local\programs\opera\opera.exe (Opera Norway AS -> Opera Software) FirewallRules: [{454AE815-8093-4915-A08F-2CFF43E7D33D}] => (Allow) C:\Program Files (x86)\AnyDesk\AnyDesk.exe (AnyDesk Software GmbH -> AnyDesk Software GmbH) FirewallRules: [{48A193A8-511E-4671-8F2F-F2A7AF31DB80}] => (Allow) C:\Program Files (x86)\AnyDesk\AnyDesk.exe (AnyDesk Software GmbH -> AnyDesk Software GmbH) FirewallRules: [{B2455941-5037-402B-902B-EFC10910C417}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.111.3607.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.) FirewallRules: [{DAD44B99-A88A-4571-865C-7C4FEAD8208C}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.111.3607.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.) FirewallRules: [{75F21DF9-3AFA-4EBB-95D5-5DA30ED4E3AD}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.111.3607.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.) FirewallRules: [{4C653F83-CB18-4846-9A10-1DD51A3474BE}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.111.3607.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.) FirewallRules: [{DA250CCA-E190-44B9-B099-6296FC28CAFD}] => (Allow) C:\Program Files (x86)\AnyDesk\AnyDesk.exe (AnyDesk Software GmbH -> AnyDesk Software GmbH) FirewallRules: [{771D869D-A0E1-4470-8109-51DA424F4269}] => (Allow) C:\Program Files (x86)\AnyDesk\AnyDesk.exe (AnyDesk Software GmbH -> AnyDesk Software GmbH) FirewallRules: [{A4F312E3-47F8-437A-97E4-FA9C01FA08E4}] => (Allow) C:\Program Files (x86)\AnyDesk\AnyDesk.exe (AnyDesk Software GmbH -> AnyDesk Software GmbH) FirewallRules: [{D4F2DE5D-F328-42F8-A2EF-8F53E44244DC}] => (Allow) C:\Program Files (x86)\AnyDesk\AnyDesk.exe (AnyDesk Software GmbH -> AnyDesk Software GmbH) ==================== Punkty Przywracania systemu ========================= 01-02-2024 09:47:13 Instalator modułów systemu Windows 01-02-2024 18:26:49 Restore Point Created by FRST 01-02-2024 20:12:18 KpRm 02-02-2024 16:52:13 Instalator modułów systemu Windows ==================== Wadliwe urządzenia w Menedżerze urządzeń ============ ==================== Błędy w Dzienniku zdarzeń: ======================== Dziennik Aplikacja: ================== Error: (02/02/2024 04:56:55 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Nazwa aplikacji powodującej błąd: wuauclt.exe, wersja: 10.0.19041.3693, sygnatura czasowa: 0x35946a52 Nazwa modułu powodującego błąd: ntdll.dll, wersja: 10.0.19041.3636, sygnatura czasowa: 0x9b64aa6f Kod wyjątku: 0xc0000005 Przesunięcie błędu: 0x00000000000634f6 Identyfikator procesu powodującego błąd: 0x399c Godzina uruchomienia aplikacji powodującej błąd: 0x01da55efc8b601c7 Ścieżka aplikacji powodującej błąd: C:\WINDOWS\system32\wuauclt.exe Ścieżka modułu powodującego błąd: C:\WINDOWS\SYSTEM32\ntdll.dll Identyfikator raportu: e9b864a4-f02c-4cd2-bc62-92b91454ddf0 Pełna nazwa pakietu powodującego błąd: Identyfikator aplikacji względem pakietu powodującego błąd: Dziennik System: ============= Error: (02/03/2024 10:39:37 AM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Nie można uruchomić usługi eapihdrv z powodu następującego błędu: Nastąpiło zablokowanie ładowania sterownika Error: (02/03/2024 10:39:37 AM) (Source: Application Popup) (EventID: 1060) (User: ) Description: \??\C:\Users\Tomaszu\AppData\Local\Temp\ehdrv.sys Error: (02/03/2024 10:39:36 AM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Nie można uruchomić usługi eapihdrv z powodu następującego błędu: Nastąpiło zablokowanie ładowania sterownika Error: (02/03/2024 10:39:36 AM) (Source: Application Popup) (EventID: 1060) (User: ) Description: \??\C:\Users\Tomaszu\AppData\Local\Temp\ehdrv.sys Error: (02/03/2024 10:39:36 AM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Nie można uruchomić usługi eapihdrv z powodu następującego błędu: Nastąpiło zablokowanie ładowania sterownika Error: (02/03/2024 10:39:36 AM) (Source: Application Popup) (EventID: 1060) (User: ) Description: \??\C:\Users\Tomaszu\AppData\Local\Temp\ehdrv.sys Error: (02/03/2024 10:39:36 AM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Nie można uruchomić usługi eapihdrv z powodu następującego błędu: Nastąpiło zablokowanie ładowania sterownika Error: (02/03/2024 10:39:36 AM) (Source: Application Popup) (EventID: 1060) (User: ) Description: \??\C:\Users\Tomaszu\AppData\Local\Temp\ehdrv.sys CodeIntegrity: =============== Date: 2024-02-03 10:18:50 Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume2\Program Files\AVG\Antivirus\aswAMSI.dll that did not meet the Windows signing level requirements. Date: 2024-02-03 10:17:19 Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\SIHClient.exe) attempted to load \Device\HarddiskVolume2\Program Files\AVG\Antivirus\aswAMSI.dll that did not meet the Windows signing level requirements. ==================== Statystyki pamięci =========================== BIOS: American Megatrends Inc. P4.90 10/08/2018 Płyta główna: ASRock AB350 Gaming-ITX/ac Procesor: AMD Ryzen 5 2600 Six-Core Processor Procent pamięci w użyciu: 29% Całkowita pamięć fizyczna: 20412.63 MB Dostępna pamięć fizyczna: 14400.85 MB Całkowita pamięć wirtualna: 23484.63 MB Dostępna pamięć wirtualna: 13526.7 MB ==================== Dyski ================================ Drive c: () (Fixed) (Total:233.27 GB) (Free:103.04 GB) (Model: Samsung SSD 980 500GB) NTFS Drive e: () (Fixed) (Total:231.39 GB) (Free:51.03 GB) (Model: Samsung SSD 980 500GB) NTFS \\?\Volume{87ce1712-0000-0000-0000-100000000000}\ (Zastrzeżone przez system) (Fixed) (Total:0.57 GB) (Free:0.53 GB) NTFS \\?\Volume{87ce1712-0000-0000-0000-c0753a000000}\ () (Fixed) (Total:0.53 GB) (Free:0.08 GB) NTFS ==================== MBR & Tablica partycji ==================== ========================================================== Disk: 0 (MBR Code: Windows 7/8/10) (Size: 465.8 GB) (Disk ID: 87CE1712) Partition 1: (Active) - (Size=579 MB) - (Type=07 NTFS) Partition 2: (Not Active) - (Size=233.3 GB) - (Type=07 NTFS) Partition 3: (Not Active) - (Size=547 MB) - (Type=27) Partition 4: (Not Active) - (Size=231.4 GB) - (Type=07 NTFS) ==================== Koniec Addition.txt =======================