Rezultaty skanu uzupełniającego Farbar Recovery Scan Tool (x64) Wersja: 21-07-2022 Uruchomiony przez Krystian (21-07-2022 23:38:02) Uruchomiony z D:\Instalki Microsoft Windows 11 Home Wersja 21H2 22000.795 (X64) (2022-02-06 11:11:32) Tryb startu: Normal ========================================================== ==================== Konta użytkowników: ============================= (Załączenie wejścia w fixlist spowoduje jego usunięcie.) Administrator (S-1-5-21-3627326742-2376281256-4078815210-500 - Administrator - Disabled) Gość (S-1-5-21-3627326742-2376281256-4078815210-501 - Limited - Disabled) Konto domyślne (S-1-5-21-3627326742-2376281256-4078815210-503 - Limited - Disabled) Krystian (S-1-5-21-3627326742-2376281256-4078815210-1001 - Administrator - Enabled) => C:\Users\Krystian WDAGUtilityAccount (S-1-5-21-3627326742-2376281256-4078815210-504 - Limited - Disabled) ==================== Centrum zabezpieczeń ======================== (Załączenie wejścia w fixlist spowoduje jego usunięcie.) AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} ==================== Zainstalowane programy ====================== (W fixlist dozwolone tylko załączanie programów adware z flagą "Hidden" w celu ich uwidocznienia. Programy adware powinny zostać w poprawny sposób odinstalowane.) µTorrent (HKU\S-1-5-21-3627326742-2376281256-4078815210-1001\...\uTorrent) (Version: 3.5.5.46304 - BitTorrent Inc.) Adobe Acrobat DC (64-bit) (HKLM\...\{AC76BA86-1045-1033-7760-BC15014EA700}) (Version: 22.001.20169 - Adobe) Adobe Refresh Manager (HKLM-x32\...\{AC76BA86-0804-1033-1959-001824458876}) (Version: 1.8.0 - Adobe Systems Incorporated) Hidden Asystent instalacji systemu Windows 11 (HKLM-x32\...\{115DF11E-4B4C-4EA9-9A79-00DB0C7EF02D}) (Version: 1.4.19041.1401 - Microsoft Corporation) Chrome Remote Desktop Host (HKLM-x32\...\{E7E53EC0-2C01-48FA-B719-91D9F0C04021}) (Version: 103.0.5060.46 - Google LLC) Eye4 1.3.3.4 (HKLM-x32\...\{DE24BB52-3A46-4ED1-8E57-41E724F6BC74}_is1) (Version: - Shenzhen VStarcam Technology Co., Ltd) FireStorm version 2.0.0.026 (HKLM-x32\...\FireStorm_is1) (Version: 2.0.0.026 - ) Google Chrome (HKLM-x32\...\Google Chrome) (Version: 103.0.5060.134 - Google LLC) Icy Tower v1.5.1 (HKLM-x32\...\Icy Tower v1.5.1_is1) (Version: - Free Lunch Design) Intel(R) Extreme Tuning Utility (HKLM-x32\...\{11e0ea03-a9b1-45bb-8a43-4edef7e4d668}) (Version: 7.7.0.12 - Intel Corporation) IObit Uninstaller 11 (HKLM-x32\...\IObitUninstall) (Version: 11.5.0.3 - IObit) Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 103.0.1264.62 - Microsoft Corporation) Microsoft OneDrive (HKU\S-1-5-21-3627326742-2376281256-4078815210-1001\...\OneDriveSetup.exe) (Version: 22.131.0619.0001 - Microsoft Corporation) Microsoft Update Health Tools (HKLM\...\{6A2A8076-135F-4F55-BB02-DED67C8C6934}) (Version: 4.67.0.0 - Microsoft Corporation) Microsoft Visual C++ 2015-2019 Redistributable (x64) - 14.29.30133 (HKLM-x32\...\{295d1583-fdb9-414b-a4c8-da539362a26b}) (Version: 14.29.30133.0 - Microsoft Corporation) Microsoft Visual C++ 2015-2019 Redistributable (x86) - 14.29.30133 (HKLM-x32\...\{38b2c744-ad08-4d5b-91a2-3fb6f739ff3e}) (Version: 14.29.30133.0 - Microsoft Corporation) Microsoft Visual C++ 2019 X64 Additional Runtime - 14.29.30133 (HKLM\...\{E699E009-1C3C-4E50-9B57-2B39F0954C7F}) (Version: 14.29.30133 - Microsoft Corporation) Hidden Microsoft Visual C++ 2019 X64 Minimum Runtime - 14.29.30133 (HKLM\...\{6CD9E9ED-906D-4196-8DC3-F987D2F6615F}) (Version: 14.29.30133 - Microsoft Corporation) Hidden Microsoft Visual C++ 2019 X86 Additional Runtime - 14.29.30133 (HKLM-x32\...\{42667D2E-B054-46C1-9D46-2EE1332C14C1}) (Version: 14.29.30133 - Microsoft Corporation) Hidden Microsoft Visual C++ 2019 X86 Minimum Runtime - 14.29.30133 (HKLM-x32\...\{EC9807DE-B577-47B1-A024-0251805ACF24}) (Version: 14.29.30133 - Microsoft Corporation) Hidden NVIDIA FrameView SDK 1.2.7521.31103277 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_FrameViewSdk) (Version: 1.2.7521.31103277 - NVIDIA Corporation) NVIDIA GeForce Experience 3.25.1.27 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.25.1.27 - NVIDIA Corporation) NVIDIA Oprogramowanie systemu PhysX 9.21.0713 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.21.0713 - NVIDIA Corporation) NVIDIA Sterownik dźwięku HD 1.3.39.3 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.39.3 - NVIDIA Corporation) NVIDIA Sterownik graficzny 516.59 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 516.59 - NVIDIA Corporation) OpenAL (HKLM-x32\...\OpenAL) (Version: - ) Overwolf (HKLM-x32\...\Overwolf) (Version: 0.201.0.23 - Overwolf Ltd.) Path of Building Community (HKU\S-1-5-21-3627326742-2376281256-4078815210-1001\...\Path of Building Community) (Version: 2.1.0 - Path of Building Community) PoE Overlay (HKU\S-1-5-21-3627326742-2376281256-4078815210-1001\...\Overwolf_cijcjjcjilpooaeppicpfibopeefaglkefjaeofl) (Version: 1.2.24 - Overwolf app) Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.9205.1 - Realtek Semiconductor Corp.) Riot Vanguard (HKLM\...\Riot Vanguard) (Version: - Riot Games, Inc.) RogueKiller version 15.5.3.0 (HKLM\...\8B3D7924-ED89-486B-8322-E8594065D5CB_is1) (Version: 15.5.3.0 - Adlice Software) Sound Blaster X-Fi Titanium HD (HKLM-x32\...\{0282C872-4B44-444B-9818-54FBD7D50ECD}) (Version: 1.0 - Creative Technology Limited) Sprawdzanie kondycji komputera z systemem Windows (HKLM\...\{497ED226-5E88-4EC5-9340-373B1C56906F}) (Version: 3.2.2110.14001 - Microsoft Corporation) Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation) SteelSeries GG 22.0.0 (HKLM\...\SteelSeries GG) (Version: 22.0.0 - SteelSeries ApS) Środowisko uruchomieniowe Microsoft Edge WebView2 (HKLM-x32\...\Microsoft EdgeWebView) (Version: 103.0.1264.62 - Microsoft Corporation) Środowisko uruchomieniowe Microsoft Edge WebView2 (HKU\S-1-5-21-3627326742-2376281256-4078815210-1001\...\Microsoft EdgeWebView) (Version: 103.0.1264.62 - Microsoft Corporation) VALORANT (HKU\S-1-5-21-3627326742-2376281256-4078815210-1001\...\Riot Game valorant.live) (Version: - Riot Games, Inc) WinRAR 6.02 (64-bitowy) (HKLM\...\WinRAR archiver) (Version: 6.02.0 - win.rar GmbH) Packages: ========= Centrum sterowania grafiką Intel® -> C:\Program Files\WindowsApps\AppUp.IntelGraphicsExperience_1.100.3408.0_x64__8j3eq9eme6ctt [2022-04-22] (INTEL CORP) [Startup Task] Facebook -> C:\Program Files\WindowsApps\FACEBOOK.FACEBOOK_2021.927.1.0_neutral__8xx8rvfyw5nnt [2022-07-21] (Facebook Inc) Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1808.3.0_x64__8wekyb3d8bbwe [2022-04-21] (Microsoft Corporation) [MS Ad] Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.13.7040.0_x64__8wekyb3d8bbwe [2022-07-13] (Microsoft Studios) [MS Ad] NVIDIA Control Panel -> C:\Program Files\WindowsApps\NVIDIACorp.NVIDIAControlPanel_8.1.962.0_x64__56jybvy8sckqj [2022-06-29] (NVIDIA Corp.) Spotify Music -> C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.190.859.0_x86__zpdnekdrzrea0 [2022-07-20] (Spotify AB) [Startup Task] TikTok -> C:\Program Files\WindowsApps\BytedancePte.Ltd.TikTok_1.0.5.0_neutral__6yccndn6064se [2022-07-15] (Bytedance Pte. Ltd.) WhatsApp Desktop -> C:\Program Files\WindowsApps\5319275A.WhatsAppDesktop_2.2222.12.0_x64__cv1g1gvanyjgm [2022-06-30] (WhatsApp Inc.) ==================== Niestandardowe rejestracje CLSID (filtrowane): ============== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) CustomCLSID: HKU\S-1-5-21-3627326742-2376281256-4078815210-1001_Classes\CLSID\{3f5d0051-61b8-0f45-6166-996cfb4f914f}\localserver32 -> "C:\Program Files\PowerToys\modules\launcher\PowerToys.PowerLauncher.exe" -ToastActivated => Brak pliku CustomCLSID: HKU\S-1-5-21-3627326742-2376281256-4078815210-1001_Classes\CLSID\{5EA43877-C6D8-4885-B77A-C0BB27E94372}\InprocServer32 -> C:\Users\Krystian\AppData\Local\Microsoft\EdgeUpdate\1.3.165.21\psuser_64.dll (Microsoft Corporation -> Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-3627326742-2376281256-4078815210-1001_Classes\CLSID\{81093D63-7825-417B-BFC8-ADC63FA4E53D}\InprocServer32 -> C:\Users\Krystian\AppData\Local\Microsoft\EdgeUpdate\1.3.165.21\psuser_64.dll (Microsoft Corporation -> Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-3627326742-2376281256-4078815210-1001_Classes\CLSID\{BFBE0943-74C5-40E0-9E80-0B808109E95D}\InprocServer32 -> C:\Users\Krystian\AppData\Local\Microsoft\EdgeUpdate\1.3.163.19\psuser_64.dll => Brak pliku CustomCLSID: HKU\S-1-5-21-3627326742-2376281256-4078815210-1001_Classes\CLSID\{D1CE12B0-2529-4B24-BE8E-189735EA0DC1}\InprocServer32 -> C:\Users\Krystian\AppData\Local\Microsoft\EdgeUpdate\1.3.165.21\psuser_64.dll (Microsoft Corporation -> Microsoft Corporation) ContextMenuHandlers1: [IObitUninstaller] -> {836AB26C-2DE4-41D3-AC24-4C6C2699B960} => C:\Program Files (x86)\IObit\IObit Uninstaller\IUMenuRight.dll [2021-12-14] (IObit CO., LTD -> IObit) ContextMenuHandlers1: [IObitUnstaler] -> {836AB26C-2DE4-41D3-AC24-4C6C2699B960} => C:\Program Files (x86)\IObit\IObit Uninstaller\IUMenuRight.dll [2021-12-14] (IObit CO., LTD -> IObit) ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2021-06-15] (win.rar GmbH -> Alexander Roshal) ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2021-06-15] (win.rar GmbH -> Alexander Roshal) ContextMenuHandlers4: [IObitUninstaller] -> {836AB26C-2DE4-41D3-AC24-4C6C2699B960} => C:\Program Files (x86)\IObit\IObit Uninstaller\IUMenuRight.dll [2021-12-14] (IObit CO., LTD -> IObit) ContextMenuHandlers4: [IObitUnstaler] -> {836AB26C-2DE4-41D3-AC24-4C6C2699B960} => C:\Program Files (x86)\IObit\IObit Uninstaller\IUMenuRight.dll [2021-12-14] (IObit CO., LTD -> IObit) ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_246e95e4066041ad\nvshext.dll [2022-06-24] (Nvidia Corporation -> NVIDIA Corporation) ContextMenuHandlers6: [IObitUninstaller] -> {836AB26C-2DE4-41D3-AC24-4C6C2699B960} => C:\Program Files (x86)\IObit\IObit Uninstaller\IUMenuRight.dll [2021-12-14] (IObit CO., LTD -> IObit) ContextMenuHandlers6: [IObitUnstaler] -> {836AB26C-2DE4-41D3-AC24-4C6C2699B960} => C:\Program Files (x86)\IObit\IObit Uninstaller\IUMenuRight.dll [2021-12-14] (IObit CO., LTD -> IObit) ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2021-06-15] (win.rar GmbH -> Alexander Roshal) ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2021-06-15] (win.rar GmbH -> Alexander Roshal) ==================== Codecs (filtrowane) ==================== ==================== Skróty & WMI ======================== (Wybrane wejścia mogą zostać załączone w celu ich zresetowania lub usunięcia.) ShortcutWithArgument: C:\Users\Krystian\Desktop\cmd — skrót.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation) -> /k ping www.google.com -t ShortcutWithArgument: C:\Users\Krystian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplikacje Chrome\Chrome Remote Desktop.lnk -> C:\Program Files\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory=Default --app-id=efmjfjelnicpmdcmfikempdhlmainjcb ShortcutWithArgument: C:\Users\Krystian\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\9501e18d7c2ab92e\Marta - Chrome.lnk -> C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory="Profile 2" ==================== Załadowane moduły (filtrowane) ============= 2021-10-23 01:02 - 2009-10-21 17:36 - 000163840 ____N (Creative Technology Ltd) [Brak podpisu cyfrowego] C:\Program Files (x86)\Creative\ShareDLL\CADI\ctcadi.dll 2021-10-23 01:02 - 2009-03-18 16:00 - 000151552 ____N (Creative Technology Ltd) [Brak podpisu cyfrowego] C:\Program Files (x86)\Creative\ShareDLL\CADI\CTCadiEP.dll 2021-10-23 01:02 - 2013-05-06 14:47 - 000573440 ____N (Creative Technology Ltd) [Brak podpisu cyfrowego] C:\Program Files (x86)\Creative\ShareDLL\CADI\CTRice.dll 2021-10-23 01:03 - 2020-03-05 05:08 - 000565248 ____N (Creative Technology Ltd) [Brak podpisu cyfrowego] C:\Program Files (x86)\Creative\Sound Blaster X-Fi\Volume Panel\CTAudEp.dll 2021-10-23 01:03 - 2008-08-07 14:20 - 000069632 ____N (Creative Technology Ltd) [Brak podpisu cyfrowego] C:\Program Files (x86)\Creative\Sound Blaster X-Fi\Volume Panel\CTAudSeu.dll 2021-10-23 01:03 - 2005-01-06 17:26 - 000053248 ____N (Creative Technology Ltd) [Brak podpisu cyfrowego] C:\Program Files (x86)\Creative\Sound Blaster X-Fi\Volume Panel\CTIniFu.dll 2021-10-23 01:03 - 2007-03-07 14:07 - 000176128 ____N (Creative Technology Ltd) [Brak podpisu cyfrowego] C:\Program Files (x86)\Creative\Sound Blaster X-Fi\Volume Panel\CTThemeU.dll 2021-10-23 01:03 - 2006-03-31 17:26 - 000335872 ____N (Creative Technology Ltd) [Brak podpisu cyfrowego] C:\Program Files (x86)\Creative\Sound Blaster X-Fi\Volume Panel\GDICtrl.sku 2021-10-23 01:03 - 2007-03-07 14:56 - 000151552 ____N (Creative Technology Ltd) [Brak podpisu cyfrowego] C:\Program Files (x86)\Creative\Sound Blaster X-Fi\Volume Panel\GDICtrl2.sku 2021-10-23 01:03 - 2006-05-04 17:11 - 000110592 ____N (Creative Technology Ltd) [Brak podpisu cyfrowego] C:\Program Files (x86)\Creative\Sound Blaster X-Fi\Volume Panel\GDICtrl3.sku 2021-10-23 01:03 - 2006-03-28 16:21 - 000114757 ____N (Creative Technology Ltd) [Brak podpisu cyfrowego] C:\Program Files (x86)\Creative\Sound Blaster X-Fi\Volume Panel\RtxCtrl.sku 2021-10-23 01:03 - 2008-12-29 11:25 - 000077824 ____N (Creative Technology Ltd) [Brak podpisu cyfrowego] C:\Program Files (x86)\Creative\Sound Blaster X-Fi\Volume Panel\VolPanel.crl 2021-10-23 01:03 - 2005-11-23 10:28 - 000040960 ____N (Creative Technology Ltd.) [Brak podpisu cyfrowego] C:\Program Files (x86)\Creative\Sound Blaster X-Fi\Volume Panel\CtrlSrcU.dll 2021-07-27 16:36 - 2022-07-19 18:23 - 002146304 _____ (Holtek Semiconductor Inc.) [Brak podpisu cyfrowego] C:\Program Files\SteelSeries\GG\HIDDLL.dll 2021-07-27 16:36 - 2022-07-19 18:23 - 002284032 _____ (Holtek) [Brak podpisu cyfrowego] C:\Program Files\SteelSeries\GG\ISPDLL.dll ==================== Alternate Data Streams (filtrowane) ======== (Załączenie wejścia w fixlist spowoduje usunięcie strumienia ADS.) AlternateDataStreams: C:\ProgramData\DP45977C.lfl:677104FCAA [3442] AlternateDataStreams: C:\ProgramData\mntemp:8EAD8B3507 [3442] AlternateDataStreams: C:\ProgramData\UDATHXD.ini:386922F0F3 [3442] AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\desktop.ini:B1DA6C571C [3442] AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\desktop.ini:41964AA945 [3442] AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IObit Uninstaller.lnk:0C48161B06 [3442] AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PC Health Check.lnk:F20EF51E1F [3442] ==================== Tryb awaryjny (filtrowane) ================== ==================== Powiązania plików (filtrowane) ================= (Załączenie wejścia w fixlist spowoduje usunięcie obiektu z rejestru lub przywrócenie jego domyślnej postaci.) HKU\S-1-5-21-3627326742-2376281256-4078815210-1001\Software\Classes\.bat: => <==== UWAGA HKU\S-1-5-21-3627326742-2376281256-4078815210-1001\Software\Classes\.cmd: => <==== UWAGA ==================== Internet Explorer (filtrowane) ========== BHO: ExplorerWnd Helper -> {10921475-03CE-4E04-90CE-E2E7EF20C814} -> C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallExplorer.dll [2020-01-31] (IObit Information Technology -> IObit) ==================== Hosts - zawartość: ========================= (Użycie dyrektywy Hosts: w fixlist spowoduje reset pliku Hosts.) 2019-12-07 11:14 - 2019-12-07 11:12 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts ==================== Inne obszary =========================== (Obecnie brak automatycznej naprawy dla tej sekcji.) HKU\S-1-5-21-3627326742-2376281256-4078815210-1001\Control Panel\Desktop\\Wallpaper -> d:\instalki\pexels-sam-kolder-2387873.jpg DNS Servers: 192.168.101.1 - 8.8.8.8 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1) HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: ) Zapora systemu Windows [funkcja włączona] ==================== MSCONFIG/TASK MANAGER - Wyłączone elementy == (Załączenie wejścia w fixlist spowoduje jego usunięcie.) HKLM\...\StartupApproved\Run: => "RTHDVCPL" HKLM\...\StartupApproved\Run: => "Riot Vanguard" HKU\S-1-5-21-3627326742-2376281256-4078815210-1001\...\StartupApproved\Run: => "OneDrive" HKU\S-1-5-21-3627326742-2376281256-4078815210-1001\...\StartupApproved\Run: => "Overwolf" HKU\S-1-5-21-3627326742-2376281256-4078815210-1001\...\StartupApproved\Run: => "Steam" ==================== Reguły Zapory systemu Windows (filtrowane) ================ (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) FirewallRules: [UDP Query User{73C06584-A81D-413A-835E-90A47A458BBF}C:\program files (x86)\zotacfirestorm\firestorm.exe] => (Allow) C:\program files (x86)\zotacfirestorm\firestorm.exe (PC Partner Co.Ltd) [Brak podpisu cyfrowego] FirewallRules: [TCP Query User{7D578885-F363-4017-9682-B2A19591CA0A}C:\program files (x86)\zotacfirestorm\firestorm.exe] => (Allow) C:\program files (x86)\zotacfirestorm\firestorm.exe (PC Partner Co.Ltd) [Brak podpisu cyfrowego] FirewallRules: [{72BD0DBC-058C-4D54-BBBD-E4A700E528A8}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Path of Exile\PathOfExileSteam.exe (Grinding Gear Games Limited -> ) FirewallRules: [{6CAABA31-E577-4F9C-8C87-C75725AFDB19}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Path of Exile\PathOfExileSteam.exe (Grinding Gear Games Limited -> ) FirewallRules: [{31867205-7C16-43B8-B05C-2FEFCB19E67B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe (Valve Corp. -> ) FirewallRules: [{49636539-D298-4ADD-B054-C7734471A004}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe (Valve Corp. -> ) FirewallRules: [{0EDC23D1-BE59-4E6D-8446-CDF0C72B185D}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corp. -> Valve Corporation) FirewallRules: [{4B98E7A5-889C-466B-AD41-9D6A7C804BE6}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corp. -> Valve Corporation) FirewallRules: [{4572A51B-89AE-44F2-AF91-AF4101D69707}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve Corp. -> Valve Corporation) FirewallRules: [{B9CAD64F-61FD-4AB6-AD94-651B9D6D20E9}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve Corp. -> Valve Corporation) FirewallRules: [{EC9FAAE1-CE90-4275-8681-D80988B098A2}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (Nvidia Corporation -> NVIDIA Corporation) FirewallRules: [{8ECE71B6-C0F8-400B-AE8B-2F627984F53C}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (Nvidia Corporation -> NVIDIA Corporation) FirewallRules: [{8D06D376-80C2-42BC-B700-589847F826B1}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\wallpaper_engine\launcher.exe (Skutta, Kristjan -> ) FirewallRules: [{F4350D42-E701-4792-A9AB-D08F24FA328C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\wallpaper_engine\launcher.exe (Skutta, Kristjan -> ) FirewallRules: [{47F8AF50-AE7E-41E5-9E1E-A327C0A41709}] => (Allow) D:\Gry\Gry Steam\SteamApps\common\Lost Ark\Binaries\Win64\Launch_Game.exe (EasyAntiCheat Oy -> Epic Games, Inc) FirewallRules: [{1F8C81A8-A053-4EDB-BD48-9462BB3C40D2}] => (Allow) D:\Gry\Gry Steam\SteamApps\common\Lost Ark\Binaries\Win64\Launch_Game.exe (EasyAntiCheat Oy -> Epic Games, Inc) FirewallRules: [TCP Query User{B0879A67-5014-48B5-B05C-91560411DB12}D:\gry\gry steam\steamapps\common\lost ark\binaries\win64\lostark.exe] => (Allow) D:\gry\gry steam\steamapps\common\lost ark\binaries\win64\lostark.exe (SmileGate RPG Inc. -> Smilegate RPG) FirewallRules: [UDP Query User{0295A481-0A74-417A-8B1A-D54ECBD227C2}D:\gry\gry steam\steamapps\common\lost ark\binaries\win64\lostark.exe] => (Allow) D:\gry\gry steam\steamapps\common\lost ark\binaries\win64\lostark.exe (SmileGate RPG Inc. -> Smilegate RPG) FirewallRules: [TCP Query User{5B55CE8D-22EC-4A85-A1C9-E3BE251D8329}C:\program files (x86)\eye4\superipcam.exe] => (Allow) C:\program files (x86)\eye4\superipcam.exe () [Brak podpisu cyfrowego] FirewallRules: [UDP Query User{9FD3CDC8-D8CB-48AA-A6A9-72190B9D9F6A}C:\program files (x86)\eye4\superipcam.exe] => (Allow) C:\program files (x86)\eye4\superipcam.exe () [Brak podpisu cyfrowego] FirewallRules: [{6251B1C7-3FAA-46B3-811D-A52369845F90}] => (Allow) C:\Users\Krystian\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc -> BitTorrent Inc.) FirewallRules: [{1642FA28-2B96-4E19-AD37-4DA6C60F5FC7}] => (Allow) C:\Users\Krystian\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc -> BitTorrent Inc.) FirewallRules: [{923CD510-1D57-4BD8-A446-3BBB69CDDA3B}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (Nvidia Corporation -> NVIDIA Corporation) FirewallRules: [{034D8E72-2CB5-48AD-BD22-B02A98EC4B1E}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (Nvidia Corporation -> NVIDIA Corporation) FirewallRules: [{E6F227F5-131A-4729-8B3C-55A272C948E4}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (Nvidia Corporation -> NVIDIA Corporation) FirewallRules: [{C622A230-85D5-46CC-A77C-5D2A32F8744A}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (Nvidia Corporation -> NVIDIA Corporation) FirewallRules: [{86AEC9BE-962A-4EFF-9CCB-26478F58009E}] => (Allow) D:\Gry\Gry Steam\SteamApps\common\Aim Lab\AimLab_tb.exe () [Brak podpisu cyfrowego] FirewallRules: [{65D0E594-31A2-42BE-8967-C9DD8CB4111D}] => (Allow) D:\Gry\Gry Steam\SteamApps\common\Aim Lab\AimLab_tb.exe () [Brak podpisu cyfrowego] FirewallRules: [{97F29591-D7FA-4F6A-BE8F-3BFE7E6BF874}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\wallpaper_engine\bin\diagnostics32.exe (Skutta, Kristjan -> ) FirewallRules: [{8E0EA375-9AFF-4040-B87E-5ED74EFDC6B5}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\wallpaper_engine\bin\diagnostics32.exe (Skutta, Kristjan -> ) FirewallRules: [{D9E97633-F46B-4EF1-801A-D6F0D310244D}] => (Allow) C:\Program Files (x86)\Google\Chrome Remote Desktop\103.0.5060.46\remoting_host.exe (Google LLC -> Google LLC) FirewallRules: [{A519F5BC-B99C-4B5F-843A-04EB70DF69C2}] => (Allow) C:\Program Files\WindowsApps\MicrosoftTeams_22168.200.1405.7434_x64__8wekyb3d8bbwe\msteams.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [{6EEF7F52-08FD-4A9C-8231-C0E64E278F0E}] => (Allow) C:\Program Files\WindowsApps\MicrosoftTeams_22168.200.1405.7434_x64__8wekyb3d8bbwe\msteams.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [{3C3E2F32-88B6-459B-952D-EDB1E2202ED7}] => (Allow) C:\Program Files (x86)\Overwolf\0.199.0.15\OverwolfBrowser.exe => Brak pliku FirewallRules: [{0CDB1761-7675-42BF-ADD5-06A64AD4FE66}] => (Allow) C:\Program Files (x86)\Overwolf\0.199.0.15\OverwolfBrowser.exe => Brak pliku FirewallRules: [{1280711D-4C1B-470B-91D9-F3967FAD0542}] => (Block) C:\Program Files (x86)\Overwolf\0.199.0.15\OverwolfBrowser.exe => Brak pliku FirewallRules: [{5D7730E9-C529-481A-9DEA-19EC898233EB}] => (Block) C:\Program Files (x86)\Overwolf\0.199.0.15\OverwolfBrowser.exe => Brak pliku FirewallRules: [{11232845-8949-42DA-B70F-FEC685487690}] => (Allow) C:\Program Files (x86)\Overwolf\0.190.0.13\OverwolfBrowser.exe (Overwolf Ltd -> Overwolf LTD) FirewallRules: [{7A61BDA8-91C6-4F69-BCBB-6ABD40E3BE39}] => (Allow) C:\Program Files (x86)\Overwolf\0.190.0.13\OverwolfBrowser.exe (Overwolf Ltd -> Overwolf LTD) FirewallRules: [{D248AD1C-EA71-459E-B87E-064262320A05}] => (Block) C:\Program Files (x86)\Overwolf\0.190.0.13\OverwolfBrowser.exe (Overwolf Ltd -> Overwolf LTD) FirewallRules: [{C493DA32-BBF5-4CC1-89A1-179CF17F8CE1}] => (Block) C:\Program Files (x86)\Overwolf\0.190.0.13\OverwolfBrowser.exe (Overwolf Ltd -> Overwolf LTD) FirewallRules: [{752323BA-6D19-4D04-B693-34EC1646B917}] => (Allow) C:\Program Files (x86)\Overwolf\0.201.0.23\OverwolfBrowser.exe (Overwolf Ltd -> Overwolf LTD) FirewallRules: [{EF8A2A9D-9C10-411E-9967-8E76143BF70F}] => (Allow) C:\Program Files (x86)\Overwolf\0.201.0.23\OverwolfBrowser.exe (Overwolf Ltd -> Overwolf LTD) FirewallRules: [{F35BB4C7-4E8B-4047-A1AA-505207410FDB}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\103.0.1264.62\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [{59CE500B-7F82-45E8-8869-A277F0B72980}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.86.3409.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.) FirewallRules: [{E51448B2-AF01-4003-8023-44E04A15CFCE}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.86.3409.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.) FirewallRules: [{5B5AA000-9455-4F9C-B0DE-86FD92720999}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.86.3409.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.) FirewallRules: [{FFFE4CD4-7804-49CE-B761-1853B67584F0}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.86.3409.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.) FirewallRules: [{415C907E-2364-4113-8D10-93C619B8A048}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.190.859.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd) FirewallRules: [{4A219914-0FDC-4CF2-BA7F-8167C5BE89D5}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.190.859.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd) FirewallRules: [{9C3022FD-0DF9-410E-AC90-4DD805468BC1}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.190.859.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd) FirewallRules: [{A430E214-BA91-4815-8C69-7E23C0DC6CBD}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.190.859.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd) FirewallRules: [{31998702-91F6-4B09-94B5-20A7FC671A52}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.190.859.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd) FirewallRules: [{9391176C-36D2-4EAD-9876-71AD8A43B1B5}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.190.859.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd) FirewallRules: [{8F165CED-13F8-402C-8EBC-43986D6E2163}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.190.859.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd) FirewallRules: [{BA875248-5D7E-4AC6-8423-8983D6EC24E8}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.190.859.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd) FirewallRules: [{0FF8EC62-92AE-497C-919E-1204ED1831E0}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC) ==================== Punkty Przywracania systemu ========================= 13-07-2022 12:28:26 Instalator modułów systemu Windows ==================== Wadliwe urządzenia w Menedżerze urządzeń ============ ==================== Błędy w Dzienniku zdarzeń: ======================== Dziennik Aplikacja: ================== Error: (07/21/2022 07:08:10 PM) (Source: Microsoft-Windows-User Profiles Service) (EventID: 1552) (User: ZARZĄDZANIE NT) Description: Gałąź użytkownika została załadowana przez inny proces (blokada rejestru). Nazwa procesu C:\Windows\System32\svchost.exe; identyfikator PID: 1780; identyfikator PID ProfSvc: 1700. Error: (07/21/2022 07:08:10 PM) (Source: Microsoft-Windows-User Profiles Service) (EventID: 1552) (User: ZARZĄDZANIE NT) Description: Gałąź użytkownika została załadowana przez inny proces (blokada rejestru). Nazwa procesu C:\Windows\System32\svchost.exe; identyfikator PID: 1020; identyfikator PID ProfSvc: 1700. Error: (07/21/2022 07:08:10 PM) (Source: Microsoft-Windows-User Profiles Service) (EventID: 1552) (User: ZARZĄDZANIE NT) Description: Gałąź użytkownika została załadowana przez inny proces (blokada rejestru). Nazwa procesu C:\Windows\System32\svchost.exe; identyfikator PID: 6872; identyfikator PID ProfSvc: 1700. Error: (07/21/2022 07:08:10 PM) (Source: Microsoft-Windows-User Profiles Service) (EventID: 1552) (User: ZARZĄDZANIE NT) Description: Gałąź użytkownika została załadowana przez inny proces (blokada rejestru). Nazwa procesu C:\Windows\System32\svchost.exe; identyfikator PID: 1780; identyfikator PID ProfSvc: 1700. Error: (07/21/2022 07:08:10 PM) (Source: Microsoft-Windows-User Profiles Service) (EventID: 1552) (User: ZARZĄDZANIE NT) Description: Gałąź użytkownika została załadowana przez inny proces (blokada rejestru). Nazwa procesu C:\Windows\System32\svchost.exe; identyfikator PID: 1780; identyfikator PID ProfSvc: 1700. Error: (07/21/2022 07:08:10 PM) (Source: Microsoft-Windows-User Profiles Service) (EventID: 1552) (User: ZARZĄDZANIE NT) Description: Gałąź użytkownika została załadowana przez inny proces (blokada rejestru). Nazwa procesu C:\Windows\System32\svchost.exe; identyfikator PID: 3488; identyfikator PID ProfSvc: 1700. Error: (07/21/2022 07:08:10 PM) (Source: Microsoft-Windows-User Profiles Service) (EventID: 1552) (User: ZARZĄDZANIE NT) Description: Gałąź użytkownika została załadowana przez inny proces (blokada rejestru). Nazwa procesu C:\Windows\System32\svchost.exe; identyfikator PID: 1780; identyfikator PID ProfSvc: 1700. Error: (07/21/2022 07:08:10 PM) (Source: Microsoft-Windows-User Profiles Service) (EventID: 1552) (User: ZARZĄDZANIE NT) Description: Gałąź użytkownika została załadowana przez inny proces (blokada rejestru). Nazwa procesu C:\Windows\System32\svchost.exe; identyfikator PID: 3488; identyfikator PID ProfSvc: 1700. Dziennik System: ============= Error: (07/21/2022 07:08:31 PM) (Source: DCOM) (EventID: 10010) (User: MOTABA) Description: Serwer {A28430CA-1EBF-48DD-AA17-9221B6F86A6C} nie zarejestrował się w modelu DCOM w wymaganym czasie. Error: (07/21/2022 07:08:12 PM) (Source: Server) (EventID: 2505) (User: ) Description: Serwer nie mógł utworzyć powiązania do transportu \Device\NetBT_Tcpip_{87122869-6399-46F3-9D55-6A9CCADB6807}, ponieważ inny komputer w sieci ma tę samą nazwę. Nie można uruchomić serwera. Error: (07/21/2022 03:41:51 PM) (Source: DCOM) (EventID: 10010) (User: ZARZĄDZANIE NT) Description: Serwer {470B9B9B-0E95-4963-B265-5D58E5808C3D} nie zarejestrował się w modelu DCOM w wymaganym czasie. Error: (07/21/2022 03:39:51 PM) (Source: DCOM) (EventID: 10010) (User: ZARZĄDZANIE NT) Description: Serwer {816A45F9-7406-42BB-B4FA-A655D96F2A8A} nie zarejestrował się w modelu DCOM w wymaganym czasie. Error: (07/21/2022 03:37:51 PM) (Source: DCOM) (EventID: 10010) (User: ZARZĄDZANIE NT) Description: Serwer {74FA5D1F-BBD3-4F3E-8776-41EDEFC608D9} nie zarejestrował się w modelu DCOM w wymaganym czasie. Error: (07/21/2022 03:35:51 PM) (Source: DCOM) (EventID: 10010) (User: ZARZĄDZANIE NT) Description: Serwer {8C9C0DB7-2CBA-40F1-AFE0-C55740DD91A0} nie zarejestrował się w modelu DCOM w wymaganym czasie. Error: (07/21/2022 03:33:51 PM) (Source: DCOM) (EventID: 10010) (User: ZARZĄDZANIE NT) Description: Serwer {CC66E708-C687-42EA-806E-83D41C9D1A5F} nie zarejestrował się w modelu DCOM w wymaganym czasie. Error: (07/21/2022 03:31:51 PM) (Source: DCOM) (EventID: 10010) (User: ZARZĄDZANIE NT) Description: Serwer {F99A566C-42AE-4DE2-AD4D-D297A04C5433} nie zarejestrował się w modelu DCOM w wymaganym czasie. Windows Defender: ================ Date: 2022-07-21 15:29:48 Description: Skanowanie produktu Program antywirusowy Microsoft Defender zostało zatrzymane przed ukończeniem. Identyfikator skanowania: {3CA0C2FF-5EED-4CB2-AE96-4EDDADD87B6C} Typ skanowania: Narzędzia chroniące przed złośliwym oprogramowaniem Parametry skanowania: Szybkie skanowanie Użytkownik: ZARZĄDZANIE NT\SYSTEM Date: 2022-07-20 20:27:28 Description: Skanowanie produktu Program antywirusowy Microsoft Defender zostało zatrzymane przed ukończeniem. Identyfikator skanowania: {86DA0497-3252-4B22-BFEB-05A481473DA1} Typ skanowania: Narzędzia chroniące przed złośliwym oprogramowaniem Parametry skanowania: Szybkie skanowanie Użytkownik: ZARZĄDZANIE NT\SYSTEM Date: 2022-07-19 16:07:10 Description: Skanowanie produktu Program antywirusowy Microsoft Defender zostało zatrzymane przed ukończeniem. Identyfikator skanowania: {A03C95F4-F132-40F8-92D4-AB8D92E74293} Typ skanowania: Narzędzia chroniące przed złośliwym oprogramowaniem Parametry skanowania: Szybkie skanowanie Użytkownik: ZARZĄDZANIE NT\SYSTEM Date: 2022-07-18 18:27:35 Description: Skanowanie produktu Program antywirusowy Microsoft Defender zostało zatrzymane przed ukończeniem. Identyfikator skanowania: {F3014967-5842-4F43-AE56-118CF59CAC92} Typ skanowania: Narzędzia chroniące przed złośliwym oprogramowaniem Parametry skanowania: Szybkie skanowanie Użytkownik: ZARZĄDZANIE NT\SYSTEM Date: 2022-07-18 12:11:40 Description: Skanowanie produktu Program antywirusowy Microsoft Defender zostało zatrzymane przed ukończeniem. Identyfikator skanowania: {DF4B448E-1F75-4377-84E3-B98E34370FF7} Typ skanowania: Narzędzia chroniące przed złośliwym oprogramowaniem Parametry skanowania: Szybkie skanowanie Użytkownik: ZARZĄDZANIE NT\SYSTEM  CodeIntegrity: =============== Date: 2022-07-21 23:31:09 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\ProgramData\Microsoft\Windows Defender\Platform\4.18.2205.7-0\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_653f80c82b05c61e\igd10iumd64.dll that did not meet the Custom 3 / Antimalware signing level requirements. ==================== Statystyki pamięci =========================== BIOS: American Megatrends Inc. F9d 03/09/2018 Płyta główna: Gigabyte Technology Co., Ltd. Z270-Gaming K3 Procesor: Intel(R) Core(TM) i5-7600K CPU @ 3.80GHz Procent pamięci w użyciu: 80% Całkowita pamięć fizyczna: 8077.28 MB Dostępna pamięć fizyczna: 1550.95 MB Całkowita pamięć wirtualna: 21901.28 MB Dostępna pamięć wirtualna: 11629.66 MB ==================== Dyski ================================ Drive c: () (Fixed) (Total:166.96 GB) (Free:33.83 GB) (Model: INTEL SSDSC2CW180A) NTFS Drive d: (Dysk Lokalny) (Fixed) (Total:931.51 GB) (Free:416.79 GB) (Model: ST1000DM003-1ER162) NTFS \\?\Volume{ece29ea0-58a2-48f1-8912-58a8be713519}\ () (Fixed) (Total:0.6 GB) (Free:0.08 GB) NTFS \\?\Volume{31fb0f13-6d11-42e9-abee-d7e5967e1a0a}\ () (Fixed) (Total:0.09 GB) (Free:0.07 GB) FAT32 ==================== MBR & Tablica partycji ==================== ========================================================== Disk: 0 (MBR Code: Windows 7/8/10) (Size: 931.5 GB) (Disk ID: 42956D32) Partition 1: (Not Active) - (Size=931.5 GB) - (Type=07 NTFS) ========================================================== Disk: 1 (Size: 167.7 GB) (Disk ID: C9D439AA) Partition: GPT. ==================== Koniec Addition.txt =======================