Rezultaty skanu uzupełniającego Farbar Recovery Scan Tool (x64) Wersja: 09-01-2021 Uruchomiony przez Attence (11-01-2021 23:15:20) Uruchomiony z C:\Users\Attence\Downloads Windows 10 Pro Wersja 1909 18363.1139 (X64) (2020-05-26 11:55:29) Tryb startu: Normal ========================================================== ==================== Konta użytkowników: ============================= Administrator (S-1-5-21-716577694-2690645057-2397799406-500 - Administrator - Disabled) Attence (S-1-5-21-716577694-2690645057-2397799406-1000 - Administrator - Enabled) => C:\Users\Attence Gość (S-1-5-21-716577694-2690645057-2397799406-501 - Limited - Disabled) HomeGroupUser$ (S-1-5-21-716577694-2690645057-2397799406-1002 - Limited - Enabled) Konto domyślne (S-1-5-21-716577694-2690645057-2397799406-503 - Limited - Disabled) WDAGUtilityAccount (S-1-5-21-716577694-2690645057-2397799406-504 - Limited - Disabled) ==================== Centrum zabezpieczeń ======================== (Załączenie wejścia w fixlist spowoduje jego usunięcie.) AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AV: Malwarebytes (Disabled - Up to date) {23007AD3-69FE-687C-2629-D584AFFAF72B} AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} ==================== Zainstalowane programy ====================== (W fixlist dozwolone tylko załączanie programów adware z flagą "Hidden" w celu ich uwidocznienia. Programy adware powinny zostać w poprawny sposób odinstalowane.) Advanced SystemCare (HKLM-x32\...\Advanced SystemCare_is1) (Version: 14.0.2 - IObit) Aktualizacje NVIDIA 38.0.5.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 38.0.5.0 - NVIDIA Corporation) Hidden AMD Catalyst Install Manager (HKLM\...\{66AFB595-BC05-2913-7696-6D58F9B733E1}) (Version: 8.0.916.0 - Advanced Micro Devices, Inc.) Asystent aktualizacji do systemu Windows 10 (HKLM-x32\...\{D5C69738-B486-402E-85AC-2456D98A64E4}) (Version: 1.4.9200.23192 - Microsoft Corporation) Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment) Call of Duty(R) - World at War(TM) (HKLM-x32\...\{D80A6A73-E58A-4673-AFF5-F12D7110661F}) (Version: 1.0 - Licomp EMPiK Multimedia) Hidden Call of Duty(R) - World at War(TM) (HKLM-x32\...\InstallShield_{D80A6A73-E58A-4673-AFF5-F12D7110661F}) (Version: 1.7 - Licomp EMPiK Multimedia) Call of Duty(R) - World at War(TM) 1.2 Patch (HKLM-x32\...\{2BF0AE92-C3BC-4112-9066-1546342B1FAE}) (Version: 1.2 - Activision) Hidden Call of Duty(R) - World at War(TM) 1.2 Patch (HKLM-x32\...\InstallShield_{2BF0AE92-C3BC-4112-9066-1546342B1FAE}) (Version: - ) Hidden Call of Duty(R) - World at War(TM) 1.4 Patch (HKLM-x32\...\{9F01A67B-7D67-482F-9D4F-D5980A440FD4}) (Version: 1.4 - Activision) Hidden Call of Duty(R) - World at War(TM) 1.4 Patch (HKLM-x32\...\InstallShield_{9F01A67B-7D67-482F-9D4F-D5980A440FD4}) (Version: - ) Hidden Call of Duty(R) - World at War(TM) 1.5 Patch (HKLM-x32\...\{C3DC2DF5-EFAC-4055-9010-31F7C545DD9E}) (Version: 1.5 - Activision) Hidden Call of Duty(R) - World at War(TM) 1.5 Patch (HKLM-x32\...\InstallShield_{C3DC2DF5-EFAC-4055-9010-31F7C545DD9E}) (Version: - ) Hidden Call of Duty(R) - World at War(TM) 1.6 Patch (HKLM-x32\...\{064DC64E-7A2F-4FDF-B598-E3C0747BBB9C}) (Version: 1.6 - Activision) Hidden Call of Duty(R) - World at War(TM) 1.6 Patch (HKLM-x32\...\InstallShield_{064DC64E-7A2F-4FDF-B598-E3C0747BBB9C}) (Version: - ) Hidden Call of Duty(R) - World at War(TM) 1.7 Patch (HKLM-x32\...\{750C87B8-AF19-4C3C-B791-50D9C83AE572}) (Version: 1.7 - Activision) Hidden Call of Duty(R) - World at War(TM) 1.7 Patch (HKLM-x32\...\InstallShield_{750C87B8-AF19-4C3C-B791-50D9C83AE572}) (Version: - ) Hidden CCleaner (HKLM\...\CCleaner) (Version: 5.75 - Piriform) Cheat Engine 7.2 (HKLM\...\Cheat Engine_is1) (Version: - Cheat Engine) Diablo III (HKLM-x32\...\Diablo III) (Version: - Blizzard Entertainment) ElfBot NG 4.5.4 (HKLM-x32\...\ElfBot NG_is1) (Version: - NGSoft, LLC) Epic Games Launcher (HKLM-x32\...\{9BDC8B60-A7CD-4554-B66A-C5FFC1E1437C}) (Version: 1.1.279.0 - Epic Games, Inc.) Epic Games Launcher Prerequisites (x64) (HKLM\...\{66C5838F-B854-4A55-89E6-A6138747A4DF}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden gdiview (HKLM-x32\...\{9A2A452C-3057-4F5E-8C7F-41B0D566B831}) (Version: 1.0.0 - gdiview) Genshin Impact (HKLM\...\Genshin Impact) (Version: 2.4.1.0 - miHoYo Co.,Ltd) GIMP 2.10.22 (HKLM\...\GIMP-2_is1) (Version: 2.10.22 - The GIMP Team) Google Chrome (HKLM-x32\...\Google Chrome) (Version: 87.0.4280.88 - Google LLC) Gyazo 4.1.4.0 (HKLM-x32\...\{6DB8C365-E719-4BA5-9594-10DFC244D3FD}_is1) (Version: - Nota Inc.) HP DeskJet 2130 series — podstawowe oprogramowanie urządzenia (HKLM\...\{A69F1024-5FCE-43BC-A860-427D8418435B}) (Version: 40.11.1124.17107 - HP Inc.) HP DeskJet 2130 series Pomoc (HKLM-x32\...\{EB0F877F-000D-4FCA-81E5-B7689B2CEB77}) (Version: 35.0.0 - Hewlett Packard) HP Dropbox Plugin (HKLM-x32\...\{8A3F1F3A-A88B-4090-83C6-3C4CBDE3F8CC}) (Version: 36.0.41.58587 - HP) HP Google Drive Plugin (HKLM-x32\...\{958F5926-D507-4C87-B83B-8D6CA34195D9}) (Version: 36.0.41.58587 - HP) Inner Space (HKLM\...\Inner Space) (Version: 1.16 Build 6715 - Lavish Software, LLC) Inner Space (HKLM-x32\...\Inner Space) (Version: 1.16 Build 6715 - Lavish Software, LLC) Java 8 Update 251 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F64180251F0}) (Version: 8.0.2510.8 - Oracle Corporation) Java 8 Update 261 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F64180261F0}) (Version: 8.0.2610.12 - Oracle Corporation) Launcher Prerequisites (x64) (HKLM-x32\...\{c6c5a357-c7ca-4a5f-9789-3bb1af579253}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden League of Legends (HKU\S-1-5-21-716577694-2690645057-2397799406-1000\...\Riot Game league_of_legends.live) (Version: - Riot Games, Inc) LibreOffice 6.4.4.2 (HKLM\...\{F00C391B-6092-40E7-9ECD-144933865571}) (Version: 6.4.4.2 - The Document Foundation) Malwarebytes (wersja 3.0.4.1269) (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.0.4.1269 - Malwarebytes) Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 87.0.664.75 - Microsoft Corporation) Microsoft Edge Update (HKLM-x32\...\Microsoft Edge Update) (Version: 1.3.139.59 - ) Microsoft OneDrive (HKU\S-1-5-21-716577694-2690645057-2397799406-1000\...\OneDriveSetup.exe) (Version: 20.201.1005.0009 - Microsoft Corporation) Microsoft Update Health Tools (HKLM\...\{0BCA8FBE-0C1C-4C65-98A3-5D34AAF41737}) (Version: 2.70.0.0 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (HKLM-x32\...\{15134cb0-b767-4960-a911-f2d16ae54797}) (Version: 11.0.50727.1 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 (HKLM-x32\...\{22154f09-719a-4619-bb71-5b3356999fbf}) (Version: 11.0.50727.1 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2015-2019 Redistributable (x64) - 14.22.27821 (HKLM-x32\...\{6361b579-2795-4886-b2a8-53d5239b6452}) (Version: 14.22.27821.0 - Microsoft Corporation) Microsoft Visual C++ 2015-2019 Redistributable (x86) - 14.21.27702 (HKLM-x32\...\{49697869-be8e-427d-81a0-c334d1d14950}) (Version: 14.21.27702.2 - Microsoft Corporation) Minecraft Launcher (HKLM-x32\...\{F6678473-0198-46D0-A88F-2A247E6FA03C}) (Version: 1.0.0.0 - Mojang) NoPing (HKLM\...\{E02BF8B3-81A8-43A4-A2AF-D283C12D9FA1}) (Version: 4.0.3.3 - NoPing) Notepad++ (32-bit x86) (HKLM-x32\...\Notepad++) (Version: 7.8.8 - Notepad++ Team) NVAPI Monitor plugin for NvContainer (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvContainer.NvapiMonitor) (Version: 1.27 - NVIDIA Corporation) Hidden NVIDIA FrameView SDK 1.1.4923.29214634 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_FrameViewSdk) (Version: 1.1.4923.29214634 - NVIDIA Corporation) NVIDIA GeForce Experience 3.20.5.70 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.20.5.70 - NVIDIA Corporation) NvModuleTracker (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvModuleTracker.Driver) (Version: 6.14.24033.38719 - NVIDIA Corporation) Hidden OEM Application Profile (HKLM-x32\...\{D9559CE2-9C58-F414-43EA-F908FEA13BB8}) (Version: 1.00.0000 - Advanced Micro Devices, Inc.) Hidden Opera Stable 73.0.3856.329 (HKU\S-1-5-21-716577694-2690645057-2397799406-1000\...\Opera 73.0.3856.329) (Version: 73.0.3856.329 - Opera Software) OTClientBot (HKLM-x32\...\OTClientBot) (Version: 2.0.0-beta12a - OTClientBot) Panel sterowania NVIDIA 451.67 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel) (Version: 451.67 - NVIDIA Corporation) Hidden Paragon Partition Manager™ 2014 Free (HKLM-x32\...\{47E5588F-C3A0-11DE-9857-005056C00008}) (Version: 90.00.0003 - Paragon Software) Process Hacker 2.39 (r124) (HKLM\...\Process_Hacker2_is1) (Version: 2.39.0.124 - wj32) ProtonVPN (HKLM-x32\...\{2E5B3FB1-FDCC-4BC8-AA99-E0EE5343CAF8}) (Version: 1.16.3 - Proton Technologies AG) Hidden ProtonVPN (HKLM-x32\...\ProtonVPN 1.16.3) (Version: 1.16.3 - Proton Technologies AG) ProtonVPNTap (HKLM-x32\...\{BCB82CD9-F514-4F93-A6D9-F898494DC927}) (Version: 1.1.0 - Proton Technologies AG) PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.986 - Even Balance, Inc.) PuTTY release 0.74 (64-bit) (HKLM\...\{127B996B-5308-4012-865B-9446451EA326}) (Version: 0.74.0.0 - Simon Tatham) Razer Cortex (HKLM-x32\...\Razer Cortex_is1) (Version: 9.11.9.1287 - Razer Inc.) Razer Synapse (HKLM-x32\...\Razer Synapse) (Version: 3.5.1030.101917 - Razer Inc.) Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 10.45.928.2020 - Realtek) Return of the Saiyans (wersja 1.5.5) (HKLM-x32\...\{6E33E84C-69CD-47DA-882C-8CAD6A04322E}_is1) (Version: 1.5.5 - Wizin S.C.) Roblox Player for Attence (HKU\S-1-5-21-716577694-2690645057-2397799406-1000\...\roblox-player) (Version: - Roblox Corporation) Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation) TeamSpeak 3 Client (HKU\S-1-5-21-716577694-2690645057-2397799406-1000\...\TeamSpeak 3 Client) (Version: 3.3.0 - TeamSpeak Systems GmbH) Tibia (HKLM-x32\...\Tibia_is1) (Version: 10.98 - CipSoft GmbH) Tibia (HKU\S-1-5-21-716577694-2690645057-2397799406-1000\...\Tibia) (Version: - CipSoft GmbH) Twitch (HKU\S-1-5-21-716577694-2690645057-2397799406-1000\...\{DEE70742-F4E9-44CA-B2B9-EE95DCF37295}) (Version: 8.0.0 - Twitch Interactive, Inc.) VALORANT (HKU\S-1-5-21-716577694-2690645057-2397799406-1000\...\Riot Game valorant.live) (Version: - Riot Games, Inc) VLC media player (HKLM\...\VLC media player) (Version: 3.0.11 - VideoLAN) Winamp (HKLM-x32\...\Winamp) (Version: 5.666 - Nullsoft, Inc) Window Title Changer version 1.0 (HKLM-x32\...\{F530C1D7-2F76-497A-934C-2C55F57BBB37}_is1) (Version: 1.0 - MurGee.com) Windows Packet Filter (64 bit) (HKLM\...\{6B811A29-2FB9-46D6-88D7-1275AC7AAE01}) (Version: 3.2.20.3 - NT Kernel Resources) WinRAR 5.90 (64-bitowy) (HKLM\...\WinRAR archiver) (Version: 5.90.0 - win.rar GmbH) World of Warcraft (HKLM-x32\...\World of Warcraft) (Version: - Blizzard Entertainment) Packages: ========= Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2020-05-28] (Microsoft Corporation) [MS Ad] Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2020-05-28] (Microsoft Corporation) [MS Ad] Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.7.10142.0_x64__8wekyb3d8bbwe [2020-10-23] (Microsoft Studios) [MS Ad] ==================== Niestandardowe rejestracje CLSID (filtrowane): ============== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) ContextMenuHandlers1: [Advanced SystemCare] -> {2803063F-4B8D-4dc6-8874-D1802487FE2D} => C:\Program Files (x86)\IObit\Advanced SystemCare\ASCExtMenu_64.dll [2020-07-21] (IObit Information Technology -> IObit) ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} => C:\Program Files (x86)\Notepad++\NppShell_06.dll [2020-06-24] (Notepad++ -> ) ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => D:\WRAR\rarext.dll [2020-03-30] (win.rar GmbH -> Alexander Roshal) ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => D:\WRAR\rarext32.dll [2020-03-30] (win.rar GmbH -> Alexander Roshal) ContextMenuHandlers2: [Advanced SystemCare] -> {2803063F-4B8D-4dc6-8874-D1802487FE2D} => C:\Program Files (x86)\IObit\Advanced SystemCare\ASCExtMenu_64.dll [2020-07-21] (IObit Information Technology -> IObit) ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files (x86)\Malwarebytes Anti-Malware\Anti-Malware\mbshlext.dll [2016-11-29] (Malwarebytes Corporation -> Malwarebytes) ContextMenuHandlers4: [Advanced SystemCare] -> {2803063F-4B8D-4dc6-8874-D1802487FE2D} => C:\Program Files (x86)\IObit\Advanced SystemCare\ASCExtMenu_64.dll [2020-07-21] (IObit Information Technology -> IObit) ContextMenuHandlers5: [ACE] -> {5E2121EE-0300-11D4-8D3B-444553540000} => D:\amd\ATI.ACE\Core-Static\atiacm64.dll [2015-08-04] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.) ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\system32\nvshext.dll [2020-07-05] (NVIDIA Corporation -> NVIDIA Corporation) ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files (x86)\Malwarebytes Anti-Malware\Anti-Malware\mbshlext.dll [2016-11-29] (Malwarebytes Corporation -> Malwarebytes) ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => D:\WRAR\rarext.dll [2020-03-30] (win.rar GmbH -> Alexander Roshal) ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => D:\WRAR\rarext32.dll [2020-03-30] (win.rar GmbH -> Alexander Roshal) ==================== Codecs (filtrowane) ==================== (Załączenie wejścia w fixlist spowoduje usunięcie obiektu z rejestru lub przywrócenie jego domyślnej postaci. Powiązany plik nie zostanie przeniesiony.) HKLM\...\Drivers32: [vidc.i420] => C:\WINDOWS\system32\lvcod64.dll [175392 2020-08-10] (Logitech, Inc. -> Logitech Inc.) HKLM\...\Drivers32: [vidc.i420] => C:\Windows\SysWOW64\lvcodec2.dll [305000 2020-08-10] (Logitech, Inc. -> Logitech Inc.) ==================== Skróty & WMI ======================== ==================== Załadowane moduły (filtrowane) ============= 2020-10-03 12:25 - 2020-10-03 12:25 - 000085504 _____ () [Brak podpisu cyfrowego] C:\WINDOWS\system32\zlib1.dll 2014-02-11 07:08 - 2014-02-11 07:08 - 000817152 _____ () [Brak podpisu cyfrowego] D:\amd\ATI.ACE\Fuel\Device.dll 2015-08-04 00:25 - 2015-08-04 00:25 - 000214528 _____ () [Brak podpisu cyfrowego] D:\amd\ATI.ACE\Fuel\Fuel.Container.PerformanceTuning.dll 2014-02-11 07:08 - 2014-02-11 07:08 - 003650560 _____ () [Brak podpisu cyfrowego] D:\amd\ATI.ACE\Fuel\Platform.dll 2015-08-04 00:14 - 2015-08-04 00:14 - 000004608 _____ (Advanced Micro Devices, Inc.) [Brak podpisu cyfrowego] D:\amd\ATI.ACE\Core-Static\atiamplk.dll 2020-10-03 12:25 - 2020-10-03 12:25 - 000466944 _____ (The curl library, hxxps://curl.haxx.se/) [Brak podpisu cyfrowego] C:\WINDOWS\system32\libcurl.dll ==================== Alternate Data Streams (filtrowane) ======== (Załączenie wejścia w fixlist spowoduje usunięcie strumienia ADS.) AlternateDataStreams: C:\ProgramData\TEMP:6BE50C2B [486] AlternateDataStreams: C:\Users\Attence\Desktop\dok better.png:3or4kl4x13tuuug3Byamue2s4b [93] AlternateDataStreams: C:\Users\Attence\Desktop\dok better.png:{4c8cc155-6c1e-11d1-8e41-00c04fb9386d} [0] AlternateDataStreams: C:\Users\Attence\Desktop\dok.png:3or4kl4x13tuuug3Byamue2s4b [93] AlternateDataStreams: C:\Users\Attence\Desktop\dok.png:{4c8cc155-6c1e-11d1-8e41-00c04fb9386d} [0] AlternateDataStreams: C:\Users\Attence\Desktop\umowa.png:3or4kl4x13tuuug3Byamue2s4b [93] AlternateDataStreams: C:\Users\Attence\Desktop\umowa.png:{4c8cc155-6c1e-11d1-8e41-00c04fb9386d} [0] ==================== Tryb awaryjny (filtrowane) ================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Wartość "AlternateShell" zostanie przywrócona.) HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service" ==================== Powiązania plików (filtrowane) ================= ==================== Internet Explorer (filtrowane) ========== BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_261\bin\ssv.dll [2020-08-10] (Oracle America, Inc. -> Oracle Corporation) [Brak podpisu cyfrowego] BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_261\bin\jp2ssv.dll [2020-08-10] (Oracle America, Inc. -> Oracle Corporation) ==================== Hosts - zawartość: ========================= (Użycie dyrektywy Hosts: w fixlist spowoduje reset pliku Hosts.) 2009-07-14 03:34 - 2021-01-11 01:03 - 000000857 _____ C:\WINDOWS\system32\drivers\etc\hosts ==================== Inne obszary =========================== (Obecnie brak automatycznej naprawy dla tej sekcji.) HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Razer Chroma SDK\bin;C:\Program Files\Razer Chroma SDK\bin;C:\Program Files (x86)\Common Files\Oracle\Java\javapath;C:\Program Files (x86)\Razer\ChromaBroadcast\bin;C:\Program Files\Razer\ChromaBroadcast\bin;C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem;C:\WINDOWS\System32\WindowsPowerShell\v1.0\;C:\WINDOWS\System32\OpenSSH\;C:\WINDOWS\system32\config\systemprofile\AppData\Local\Microsoft\WindowsApps;C:\Program Files\PuTTY\但톡ͥ耀;D:\amd\ATI.ACE\Core-Static;C:\Program Files\NVIDIA Corporation\NVIDIA NvDLISR HKU\S-1-5-21-716577694-2690645057-2397799406-1000\Control Panel\Desktop\\Wallpaper -> C:\WINDOWS\web\wallpaper\Windows\img0.jpg DNS Servers: 172.20.10.1 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1) HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: ) HKLM\software\microsoft\Windows\CurrentVersion\Telephony\Providers => ProviderFileName2 -> ndptsp.tsp (Brak pliku) Zapora systemu Windows [funkcja włączona] Network Binding: ============= Wi-Fi: WinpkFilter LightWeight Filter -> nt_ndisrd (enabled) Połączenie lokalne 2: WinpkFilter LightWeight Filter -> nt_ndisrd (enabled) Ethernet: WinpkFilter LightWeight Filter -> nt_ndisrd (enabled) ==================== MSCONFIG/TASK MANAGER - Wyłączone elementy == (Załączenie wejścia w fixlist spowoduje jego usunięcie.) HKLM\...\StartupApproved\Run: => "SecurityHealth" HKLM\...\StartupApproved\Run: => "Riot Vanguard" HKLM\...\StartupApproved\Run32: => "RazerCortex" HKLM\...\StartupApproved\Run32: => "SunJavaUpdateSched" HKU\S-1-5-21-716577694-2690645057-2397799406-1000\...\StartupApproved\StartupFolder: => "Twitch.lnk" HKU\S-1-5-21-716577694-2690645057-2397799406-1000\...\StartupApproved\Run: => "OneDrive" HKU\S-1-5-21-716577694-2690645057-2397799406-1000\...\StartupApproved\Run: => "Opera Browser Assistant" HKU\S-1-5-21-716577694-2690645057-2397799406-1000\...\StartupApproved\Run: => "Steam" HKU\S-1-5-21-716577694-2690645057-2397799406-1000\...\StartupApproved\Run: => "Discord" HKU\S-1-5-21-716577694-2690645057-2397799406-1000\...\StartupApproved\Run: => "EpicGamesLauncher" HKU\S-1-5-21-716577694-2690645057-2397799406-1000\...\StartupApproved\Run: => "Synapse3" HKU\S-1-5-21-716577694-2690645057-2397799406-1000\...\StartupApproved\Run: => "Advanced SystemCare" HKU\S-1-5-21-716577694-2690645057-2397799406-1000\...\StartupApproved\Run: => "CCleaner Smart Cleaning" ==================== Reguły Zapory systemu Windows (filtrowane) ================ (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) FirewallRules: [{E8D29A1D-7273-491D-B842-16BFCE449EBE}] => (Allow) D:\Steam\Steam.exe (Valve -> Valve Corporation) FirewallRules: [{AAEE7A60-089A-4B1A-9B0C-C3145B146F5F}] => (Allow) D:\Steam\Steam.exe (Valve -> Valve Corporation) FirewallRules: [{D9FF375A-CC42-4404-ABC5-8793199ED214}] => (Allow) D:\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe (Valve -> ) FirewallRules: [{31925AEF-382B-4FF0-9B2F-6BB40DF0B3BD}] => (Allow) D:\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe (Valve -> ) FirewallRules: [{A173D0B2-2B0A-4007-8C4C-1943B6860C61}] => (Allow) C:\Program Files\HP\HP DeskJet 2130 series\Bin\USBSetup.exe (Hewlett Packard -> HP Inc.) FirewallRules: [{6197B473-248F-4D7E-936C-52AF831A4CA9}] => (Allow) C:\Program Files\HP\HP DeskJet 2130 series\Bin\HPNetworkCommunicatorCom.exe (Hewlett Packard -> HP Inc.) FirewallRules: [{C947B147-8D70-4E7F-81A6-5949204FB8D8}] => (Allow) D:\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation) FirewallRules: [{993AEA63-774A-4227-8F97-A4035AAA4DE8}] => (Allow) D:\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation) FirewallRules: [{64A6D626-529F-41E6-BFE5-F361C747165A}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe (Even Balance, Inc. -> ) FirewallRules: [{B4F93A25-32F4-4D5C-BAB4-A980BD28457D}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe (Even Balance, Inc. -> ) FirewallRules: [{D18CE36C-CC01-4981-A0F9-818294263684}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe (Even Balance, Inc. -> ) FirewallRules: [{C6207188-8769-4BB6-BE7C-295C90147F2C}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe (Even Balance, Inc. -> ) FirewallRules: [{80C1FE50-BDE0-4834-BA36-F4A3F4F3EAC2}] => (Allow) D:\Steam\steamapps\common\Call of Duty Modern Warfare 3\iw5mp.exe (Activision Publishing Inc -> ) FirewallRules: [{699A4922-2154-4957-81BC-C3594A389593}] => (Allow) D:\Steam\steamapps\common\Call of Duty Modern Warfare 3\iw5mp.exe (Activision Publishing Inc -> ) FirewallRules: [{72944118-D64C-4891-9583-9ACA424F10B9}] => (Allow) C:\Program Files (x86)\Winamp\winamp.exe (Nullsoft Inc. -> Nullsoft, Inc.) FirewallRules: [{EE94C746-A2F6-4E4E-8908-ED725B30E8F8}] => (Allow) C:\Program Files (x86)\Winamp\winamp.exe (Nullsoft Inc. -> Nullsoft, Inc.) FirewallRules: [TCP Query User{B2076874-34B5-46AB-84FF-3CCF632CC754}C:\users\attence\appdata\local\programs\opera\73.0.3856.284\opera.exe] => (Allow) C:\users\attence\appdata\local\programs\opera\73.0.3856.284\opera.exe (Opera Software AS -> Opera Software) FirewallRules: [UDP Query User{235DB80E-4512-43EF-8F2E-BD1E14300CE8}C:\users\attence\appdata\local\programs\opera\73.0.3856.284\opera.exe] => (Allow) C:\users\attence\appdata\local\programs\opera\73.0.3856.284\opera.exe (Opera Software AS -> Opera Software) FirewallRules: [{20776661-0AFC-4A20-9806-333211A5AFD4}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.67.99.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.) FirewallRules: [{E9831107-F548-42BF-B329-CE61B8094BFC}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.67.99.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.) FirewallRules: [{A9815E07-0DBE-45B2-8E96-589F9B34072E}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.67.99.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.) FirewallRules: [{A253BA1E-35B9-4EEB-BB59-B3EF8B716F35}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.67.99.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.) FirewallRules: [{1322F837-34EB-4949-A313-C11AC5E9C3A3}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC) FirewallRules: [TCP Query User{75F8C354-2F3C-4C90-A234-62A914848D2B}C:\users\attence\appdata\local\programs\opera\73.0.3856.329\opera.exe] => (Allow) C:\users\attence\appdata\local\programs\opera\73.0.3856.329\opera.exe (Opera Software AS -> Opera Software) FirewallRules: [UDP Query User{CD7DB5B7-C44F-4F8B-AC3C-FD83B2166B28}C:\users\attence\appdata\local\programs\opera\73.0.3856.329\opera.exe] => (Allow) C:\users\attence\appdata\local\programs\opera\73.0.3856.329\opera.exe (Opera Software AS -> Opera Software) FirewallRules: [{954B93C5-3ACE-4877-B119-159B20829354}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation) FirewallRules: [{42C55026-24F8-44D7-898F-62717020BCC5}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation) FirewallRules: [{072B86DF-3D6A-41B2-A6D9-EF0ECEA32F20}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation) FirewallRules: [{A3E51B55-F3FB-402A-AD71-A4EAE66AA09A}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation) FirewallRules: [{D26ED940-4B12-4059-8EB0-4EB086DDC115}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation) FirewallRules: [{008CDEE9-B134-4746-A1DB-29C8DE5EB497}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation) ==================== Punkty Przywracania systemu ========================= 11-01-2021 16:49:19 Zaplanowany punkt kontrolny ==================== Wadliwe urządzenia w Menedżerze urządzeń ============ Name: TAP-ProtonVPN Windows Adapter V9 Description: TAP-ProtonVPN Windows Adapter V9 Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318} Manufacturer: TAP-ProtonVPN Windows Provider V9 Service: tapprotonvpn Problem: : This device is disabled. (Code 22) Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions. Name: Kontroler wideo (zgodny z VGA) Description: Kontroler wideo (zgodny z VGA) Class Guid: Manufacturer: Service: Problem: : The drivers for this device are not installed. (Code 28) Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard. Name: D-Link DFE-528TX PCI Adapter Description: Karta PCI D-Link DFE-528TX Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318} Manufacturer: Realtek Semiconductor Corp. Service: RTL8023x64 Problem: : This device is disabled. (Code 22) Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions. Name: Kontroler Ethernet Description: Kontroler Ethernet Class Guid: Manufacturer: Service: Problem: : The drivers for this device are not installed. (Code 28) Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard. ==================== Błędy w Dzienniku zdarzeń: ======================== Dziennik Aplikacja: ================== Error: (01/11/2021 11:18:30 PM) (Source: ESENT) (EventID: 454) (User: ) Description: taskhostw (5636,R,98) WebCacheLocal: Odzyskiwanie/przywracanie bazy danych nie powiodło się z powodu nieoczekiwanego błędu: -623. Error: (01/11/2021 11:18:30 PM) (Source: ESENT) (EventID: 333) (User: ) Description: taskhostw (5636,R,98) WebCacheLocal: The database [C:\Users\Attence\AppData\Local\Microsoft\Windows\WebCache\WebCacheV01.dat] version 1568.80.180 is higher than the maximum version configured by the application 1568.20.0. Current engine format version parameter setting: 0x40000001 (JET_efvUseEngineDefault) Error: (01/11/2021 11:18:29 PM) (Source: ESENT) (EventID: 454) (User: ) Description: taskhostw (5636,R,98) WebCacheLocal: Odzyskiwanie/przywracanie bazy danych nie powiodło się z powodu nieoczekiwanego błędu: -623. Error: (01/11/2021 11:18:29 PM) (Source: ESENT) (EventID: 333) (User: ) Description: taskhostw (5636,R,98) WebCacheLocal: The database [C:\Users\Attence\AppData\Local\Microsoft\Windows\WebCache\WebCacheV01.dat] version 1568.80.180 is higher than the maximum version configured by the application 1568.20.0. Current engine format version parameter setting: 0x40000001 (JET_efvUseEngineDefault) Error: (01/11/2021 11:18:29 PM) (Source: ESENT) (EventID: 454) (User: ) Description: taskhostw (5636,R,98) WebCacheLocal: Odzyskiwanie/przywracanie bazy danych nie powiodło się z powodu nieoczekiwanego błędu: -623. Error: (01/11/2021 11:18:29 PM) (Source: ESENT) (EventID: 333) (User: ) Description: taskhostw (5636,R,98) WebCacheLocal: The database [C:\Users\Attence\AppData\Local\Microsoft\Windows\WebCache\WebCacheV01.dat] version 1568.80.180 is higher than the maximum version configured by the application 1568.20.0. Current engine format version parameter setting: 0x40000001 (JET_efvUseEngineDefault) Error: (01/11/2021 11:18:26 PM) (Source: ESENT) (EventID: 454) (User: ) Description: taskhostw (5636,R,98) WebCacheLocal: Odzyskiwanie/przywracanie bazy danych nie powiodło się z powodu nieoczekiwanego błędu: -623. Error: (01/11/2021 11:18:26 PM) (Source: ESENT) (EventID: 333) (User: ) Description: taskhostw (5636,R,98) WebCacheLocal: The database [C:\Users\Attence\AppData\Local\Microsoft\Windows\WebCache\WebCacheV01.dat] version 1568.80.180 is higher than the maximum version configured by the application 1568.20.0. Current engine format version parameter setting: 0x40000001 (JET_efvUseEngineDefault) Dziennik System: ============= Error: (01/11/2021 11:18:05 PM) (Source: disk) (EventID: 7) (User: ) Description: W urządzeniu \Device\Harddisk0\DR0 wystąpił zły blok. Error: (01/11/2021 11:18:04 PM) (Source: disk) (EventID: 7) (User: ) Description: W urządzeniu \Device\Harddisk0\DR0 wystąpił zły blok. Error: (01/11/2021 11:18:03 PM) (Source: disk) (EventID: 7) (User: ) Description: W urządzeniu \Device\Harddisk0\DR0 wystąpił zły blok. Error: (01/11/2021 11:18:02 PM) (Source: disk) (EventID: 7) (User: ) Description: W urządzeniu \Device\Harddisk0\DR0 wystąpił zły blok. Error: (01/11/2021 11:18:01 PM) (Source: disk) (EventID: 7) (User: ) Description: W urządzeniu \Device\Harddisk0\DR0 wystąpił zły blok. Error: (01/11/2021 11:18:00 PM) (Source: disk) (EventID: 7) (User: ) Description: W urządzeniu \Device\Harddisk0\DR0 wystąpił zły blok. Error: (01/11/2021 11:17:59 PM) (Source: disk) (EventID: 7) (User: ) Description: W urządzeniu \Device\Harddisk0\DR0 wystąpił zły blok. Error: (01/11/2021 11:17:57 PM) (Source: disk) (EventID: 7) (User: ) Description: W urządzeniu \Device\Harddisk0\DR0 wystąpił zły blok. Windows Defender: =================================== Date: 2021-01-10 22:23:14.311 Description: Skanowanie produktu Program antywirusowy Windows Defender zostało zatrzymane przed ukończeniem. Identyfikator skanowania: {5CFB9899-B1D0-4091-A967-279C9EFB7C44} Typ skanowania: Narzędzia chroniące przed złośliwym oprogramowaniem Parametry skanowania: Szybkie skanowanie Użytkownik: ZARZĄDZANIE NT\SYSTEM Date: 2021-01-10 06:19:35.055 Description: Skanowanie produktu Program antywirusowy Windows Defender zostało zatrzymane przed ukończeniem. Identyfikator skanowania: {04F3158A-C05E-42C4-947C-C5D094C350CD} Typ skanowania: Narzędzia chroniące przed złośliwym oprogramowaniem Parametry skanowania: Szybkie skanowanie Użytkownik: ZARZĄDZANIE NT\USŁUGA SIECIOWA Date: 2021-01-09 02:55:43.524 Description: Skanowanie produktu Program antywirusowy Windows Defender zostało zatrzymane przed ukończeniem. Identyfikator skanowania: {EB04391C-20C2-4F06-B004-C82EDD2566B7} Typ skanowania: Narzędzia chroniące przed złośliwym oprogramowaniem Parametry skanowania: Szybkie skanowanie Użytkownik: ZARZĄDZANIE NT\USŁUGA SIECIOWA Date: 2021-01-08 15:47:23.184 Description: Skanowanie produktu Program antywirusowy Windows Defender zostało zatrzymane przed ukończeniem. Identyfikator skanowania: {08BB1A34-673B-45CE-8A26-8C4826E3EAFB} Typ skanowania: Narzędzia chroniące przed złośliwym oprogramowaniem Parametry skanowania: Szybkie skanowanie Użytkownik: ZARZĄDZANIE NT\USŁUGA SIECIOWA Date: 2021-01-06 03:40:38.688 Description: Skanowanie produktu Program antywirusowy Windows Defender zostało zatrzymane przed ukończeniem. Identyfikator skanowania: {E2CD5553-23B2-43A7-8FDE-4BA5A79ABB38} Typ skanowania: Narzędzia chroniące przed złośliwym oprogramowaniem Parametry skanowania: Szybkie skanowanie Użytkownik: ZARZĄDZANIE NT\SYSTEM Date: 2021-01-09 13:39:16.123 Description: Produkt Program antywirusowy Windows Defender napotkał błąd podczas próby aktualizacji analizy zabezpieczeń. Nowa wersja analizy zabezpieczeń: Poprzednia wersja analizy zabezpieczeń: 1.329.1891.0 Źródło aktualizacji: Serwer usługi Microsoft Update Typ analizy zabezpieczeń: Oprogramowanie antywirusowe Typ aktualizacji: Pełne Użytkownik: ZARZĄDZANIE NT\SYSTEM Bieżąca wersja aparatu: Poprzednia wersja aparatu: 1.1.17700.4 Kod błędu: 0x80240438 Opis błędu: Podczas sprawdzania aktualizacji wystąpił nieoczekiwany problem. Aby uzyskać informacje na temat instalowania aktualizacji i rozwiązywania problemów z nimi, zobacz Pomoc i obsługę techniczną. CodeIntegrity: =================================== Date: 2021-01-11 01:09:05.051 Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Users\Attence\AppData\Local\Programs\Opera\73.0.3856.329\opera.exe) attempted to load \Device\HarddiskVolume2\Program Files (x86)\Malwarebytes Anti-Malware\Anti-Malware\mbae64.dll that did not meet the Microsoft signing level requirements. Date: 2021-01-11 01:09:05.051 Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Users\Attence\AppData\Local\Programs\Opera\73.0.3856.329\opera.exe) attempted to load \Device\HarddiskVolume2\Program Files (x86)\Malwarebytes Anti-Malware\Anti-Malware\mbae64.dll that did not meet the Microsoft signing level requirements. ==================== Statystyki pamięci =========================== BIOS: American Megatrends Inc. P2.10 01/17/2014 Płyta główna: ASRock FM2A88M-HD+ Procesor: AMD A8-6600K APU with Radeon(tm) HD Graphics Procent pamięci w użyciu: 38% Całkowita pamięć fizyczna: 12210.15 MB Dostępna pamięć fizyczna: 7453.57 MB Całkowita pamięć wirtualna: 24498.15 MB Dostępna pamięć wirtualna: 19952.19 MB ==================== Dyski ================================ Drive c: () (Fixed) (Total:86.87 GB) (Free:38.15 GB) NTFS Drive d: () (Fixed) (Total:210.65 GB) (Free:59.46 GB) NTFS \\?\Volume{729df4f8-9ecd-11ea-8c5f-806e6f6e6963}\ (Zastrzeżone przez system) (Fixed) (Total:0.1 GB) (Free:0.06 GB) NTFS \\?\Volume{a1ddc78d-0000-0000-0000-20be15000000}\ () (Fixed) (Total:0.46 GB) (Free:0 GB) NTFS ==================== MBR & Tablica partycji ==================== ========================================================== Disk: 0 (MBR Code: Windows 7/8/10) (Size: 298.1 GB) (Disk ID: A1DDC78D) Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS) Partition 2: (Not Active) - (Size=86.9 GB) - (Type=07 NTFS) Partition 3: (Not Active) - (Size=474 MB) - (Type=27) Partition 4: (Not Active) - (Size=210.7 GB) - (Type=07 NTFS) ==================== Koniec Addition.txt =======================