Rezultaty skanu uzupełniającego Farbar Recovery Scan Tool (x64) Wersja: 20-02-2021 01 Uruchomiony przez j_lis (20-02-2021 16:34:50) Uruchomiony z C:\Users\j_lis\Downloads Windows 10 Home Wersja 20H2 19042.746 (X64) (2021-01-12 23:20:01) Tryb startu: Normal ========================================================== ==================== Konta użytkowników: ============================= Administrator (S-1-5-21-277659420-183272958-4170811583-500 - Administrator - Disabled) Gość (S-1-5-21-277659420-183272958-4170811583-501 - Limited - Disabled) j_lis (S-1-5-21-277659420-183272958-4170811583-1001 - Administrator - Enabled) => C:\Users\j_lis Konto domyślne (S-1-5-21-277659420-183272958-4170811583-503 - Limited - Disabled) WDAGUtilityAccount (S-1-5-21-277659420-183272958-4170811583-504 - Limited - Disabled) ==================== Centrum zabezpieczeń ======================== (Załączenie wejścia w fixlist spowoduje jego usunięcie.) AV: ESET Security (Enabled - Up to date) {89B55CC4-3881-78B2-11E2-479AE0371896} AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AV: Malwarebytes (Disabled - Up to date) {23007AD3-69FE-687C-2629-D584AFFAF72B} FW: ESET Zapora (Enabled) {B18EDDE1-72EE-79EA-3ABD-EEAF1EE45FED} ==================== Zainstalowane programy ====================== (W fixlist dozwolone tylko załączanie programów adware z flagą "Hidden" w celu ich uwidocznienia. Programy adware powinny zostać w poprawny sposób odinstalowane.) µTorrent (HKU\S-1-5-21-277659420-183272958-4170811583-1001\...\uTorrent) (Version: 3.5.5.45852 - BitTorrent Inc.) AMD Software (HKLM\...\AMD Catalyst Install Manager) (Version: 20.11.2 - Advanced Micro Devices, Inc.) AMDVbFlash (HKLM-x32\...\AMDVbFlash) (Version: 3.04 - Advanced Micro Devices Inc.) ASRRGBLED v1.0.60 (HKLM-x32\...\ASRock RGB LED_is1) (Version: 1.0.60 - ASRock Inc.) ASUS DRAM_LIB (HKLM\...\{2F0D3D1A-1B75-4DFC-8C0E-C55C4EAB67F8}) (Version: 1.0.22 - ASUS COMPUTER INC.) Hidden ASUS DRAM_LIB (HKLM-x32\...\{6bd55e2a-f475-4183-b862-1dd70c1ce699}) (Version: 1.0.22 - ASUS COMPUTER INC.) Hidden ASUS GLCKIO2 Driver (HKLM-x32\...\{548dd834-70c5-4426-8065-fbeabdd2bb5d}) (Version: 1.0.10 - ASUSTeK Computer Inc.) Hidden ASUS GLCKIO2 Driver (HKLM-x32\...\{5960FD0F-BB3B-49AF-B175-F77DC91E995A}) (Version: 1.0.10 - ASUSTeK Computer Inc.) Hidden Asystent aktualizacji do systemu Windows 10 (HKLM-x32\...\{D5C69738-B486-402E-85AC-2456D98A64E4}) (Version: 1.4.9200.23258 - Microsoft Corporation) Audacity 2.4.2 (HKLM-x32\...\Audacity_is1) (Version: 2.4.2 - Audacity Team) Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment) Branding64 (HKLM\...\{856DA29A-EA4A-468B-BBC2-B5F60DD75BFE}) (Version: 1.00.0002 - Advanced Micro Devices, Inc.) Hidden Call of Duty Modern Warfare (HKLM-x32\...\Call of Duty Modern Warfare) (Version: - Blizzard Entertainment) CCleaner (HKLM\...\CCleaner) (Version: 5.77 - Piriform) CPUID CPU-Z 1.95 (HKLM\...\CPUID CPU-Z_is1) (Version: 1.95 - CPUID, Inc.) CPUID HWMonitor 1.43 (HKLM\...\CPUID HWMonitor_is1) (Version: 1.43 - CPUID, Inc.) CrystalDiskInfo 8.9.0 (HKLM\...\CrystalDiskInfo_is1) (Version: 8.9.0 - Crystal Dew World) Defraggler (HKLM\...\Defraggler) (Version: 2.22 - Piriform) Dev-C++ (HKLM-x32\...\Dev-C++) (Version: 5.11 - Bloodshed Software) Discord (HKU\S-1-5-21-277659420-183272958-4170811583-1001\...\Discord) (Version: 0.0.309 - Discord Inc.) Driver Easy 5.6.15 (HKLM\...\DriverEasy_is1) (Version: 5.6.15 - Easeware) ENE IO Driver (HKLM-x32\...\{D0512FFD-6194-4D2E-967E-25B82A3322FF}) (Version: 3.2.0 - ENE TECHNOLOGY INC.) Hidden ENE RGB HAL (HKLM\...\{2914DF72-932B-4DF2-9696-C2821EDA1CA9}) (Version: 1.00.09 - Ene Tech.) Hidden ENE RGB HAL (HKLM-x32\...\{546469ee-3f9d-4fe4-bf1c-893f79cf7327}) (Version: 1.00.09 - Ene Tech.) Hidden ENE_DRAM_RGB_AIO (HKLM\...\{1745D314-9077-46C9-8562-1C62BAE189B7}) (Version: 1.0.0.6 - Ene Tech.) Hidden ENE_DRAM_RGB_AIO (HKLM-x32\...\{16b5dfc0-13e7-4b5a-8e39-a60bc81827ca}) (Version: 1.0.0.6 - Ene Tech.) Hidden ENE_DRAM_RGB_AURA42 (HKLM\...\{BC5E0A82-C638-44CB-8129-20C8ED70DE7A}) (Version: 1.00.02 - Ene Tech.) Hidden ENE_DRAM_RGB_AURA42 (HKLM-x32\...\{f3d7fb09-b93f-4c01-a765-0b0adc5bc746}) (Version: 1.00.02 - Ene Tech.) Hidden ENE_EHD_HAL (HKLM\...\{F56EC5A0-3A93-492E-882A-E036F5897CC7}) (Version: 1.00.04 - ENE TECHNOLOGY INC.) Hidden ENE_EHD_HAL (HKLM-x32\...\{cc33eebd-777b-4177-8cd7-6ab9fd06ceed}) (Version: 1.00.04 - ENE TECHNOLOGY INC.) Hidden ENE_EHD_M2_HAL (HKLM\...\{37A48B7F-D4EA-4863-844E-A284E2AA3C5D}) (Version: 1.0.6.0 - ENE TECHNOLOGY INC.) Hidden ENE_EHD_M2_HAL (HKLM-x32\...\{d8516682-de60-4332-ad6f-49373754b677}) (Version: 1.0.6.0 - ENE TECHNOLOGY INC.) Hidden ENE_EHD_SSS_HAL (HKLM\...\{CF703694-01C6-4062-B797-84DB215662BC}) (Version: 1.00.00 - ENE TECHNOLOGY INC.) Hidden ENE_EHD_SSS_HAL (HKLM-x32\...\{b00e47a4-d642-402c-a060-8d959a0537db}) (Version: 1.00.00 - ENE TECHNOLOGY INC.) Hidden Epic Games Launcher (HKLM-x32\...\{9E23F6C0-880F-4A3D-B389-0E2DDF453A63}) (Version: 1.1.291.0 - Epic Games, Inc.) Epic Games Launcher Prerequisites (x64) (HKLM\...\{F9C5C994-F6B9-4D75-B3E7-AD01B84073E9}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden Epic Online Services (HKLM-x32\...\{6D70A161-C29B-441B-9AA5-2ABBAB3B4B4D}) (Version: 1.1.1.0 - Epic Games, Inc.) ESET Security (HKLM\...\{3B47BDC5-99BF-4F5C-A303-1F0F9DBC74F6}) (Version: 14.0.22.0 - ESET, spol. s r.o.) Far Cry: Primal (HKLM-x32\...\Far Cry: Primal_is1) (Version: - ) FIFA 19 (HKLM-x32\...\FIFA 19_is1) (Version: - ) GameInput Redistributable (HKLM-x32\...\{7E52156F-18FE-B953-BEA9-6BE6A77AFDFF}) (Version: 10.1.19041.3906 - Microsoft Corporation) GIMP 2.10.22 (HKLM\...\GIMP-2_is1) (Version: 2.10.22 - The GIMP Team) Google Chrome (HKLM-x32\...\Google Chrome) (Version: 88.0.4324.182 - Google LLC) gpedt.msc 1.0 (HKLM-x32\...\{10B9C608-BF7C-4CCF-A658-C01D969DCA21}_is1) (Version: - Richard) Hearthstone (HKLM-x32\...\Hearthstone) (Version: - Blizzard Entertainment) HP Deskjet 2540 series — podstawowe oprogramowanie urządzenia (HKLM\...\{642A855A-F7A6-429C-9818-DF41AE1982BE}) (Version: 32.2.188.47710 - Hewlett-Packard Co.) Java 8 Update 261 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F64180261F0}) (Version: 8.0.2610.12 - Oracle Corporation) Launcher Prerequisites (x64) (HKLM-x32\...\{43a03b9c-4770-409c-a999-587b60700b63}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden League of Legends (HKU\S-1-5-21-277659420-183272958-4170811583-1001\...\Riot Game league_of_legends.live) (Version: - Riot Games, Inc) Lightshot-5.5.0.7 (HKLM-x32\...\{30A5B3C9-2084-4063-A32A-628A98DE512B}_is1) (Version: 5.5.0.7 - Skillbrains) Malwarebytes version 4.3.0.98 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 4.3.0.98 - Malwarebytes) Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 88.0.705.74 - Microsoft Corporation) Microsoft Edge Update (HKLM-x32\...\Microsoft Edge Update) (Version: 1.3.141.59 - ) Microsoft Office Professional Plus 2010 (HKLM\...\Office14.PROPLUS) (Version: 14.0.4763.1000 - Microsoft Corporation) Microsoft Update Health Tools (HKLM\...\{0BCA8FBE-0C1C-4C65-98A3-5D34AAF41737}) (Version: 2.70.0.0 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40660 (HKLM-x32\...\{ef6b00ec-13e1-4c25-9064-b2f383cb8412}) (Version: 12.0.40660.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.40660 (HKLM-x32\...\{61087a79-ac85-455c-934d-1fa22cc64f36}) (Version: 12.0.40660.0 - Microsoft Corporation) Microsoft Visual C++ 2015-2019 Redistributable (x64) - 14.27.29016 (HKLM-x32\...\{40d3fee2-b257-46c2-bdc0-cb1088d97327}) (Version: 14.27.29016.0 - Microsoft Corporation) Microsoft Visual C++ 2015-2019 Redistributable (x86) - 14.24.28127 (HKLM-x32\...\{e31cb1a4-76b5-46a5-a084-3fa419e82201}) (Version: 14.24.28127.4 - Microsoft Corporation) MSI Afterburner 4.6.2 (HKLM-x32\...\Afterburner) (Version: 4.6.2 - MSI Co., LTD) Nefarius Virtual Gamepad Emulation Bus Driver (HKLM\...\{01BD26F5-1CB9-4A1A-9554-E33C87959A9A}) (Version: 1.17.333.0 - Nefarius Software Solutions e.U.) Notepad++ (32-bit x86) (HKLM-x32\...\Notepad++) (Version: 7.9.1 - Notepad++ Team) OBS Studio (HKLM-x32\...\OBS Studio) (Version: 25.0.8 - OBS Project) Opera GX Stable 73.0.3856.400 (HKU\S-1-5-21-277659420-183272958-4170811583-1001\...\Opera GX 73.0.3856.400) (Version: 73.0.3856.400 - Opera Software) Patriot Viper M2 SSD RGB (HKLM\...\{8B4C0A3D-C135-4E1F-98D8-3926494B4D61}) (Version: 1.0.6.2 - Patriot Memory) Hidden Patriot Viper M2 SSD RGB (HKLM-x32\...\{1122cfaf-aa52-4ba0-af2e-1e252b647b5b}) (Version: 1.0.6.2 - Patriot Memory) Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 10.35.510.2019 - Realtek) Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.9057.1 - Realtek Semiconductor Corp.) REDlauncher (HKU\S-1-5-21-277659420-183272958-4170811583-1001\...\{7258BA11-600C-430E-A759-27E2C691A335}-REDlauncher_is1) (Version: - GOG.com) Rockstar Games Social Club (HKLM-x32\...\Rockstar Games Social Club) (Version: 2.0.7.5 - Rockstar Games) Sekiro: Shadows Die Twice (HKLM-x32\...\Sekiro: Shadows Die Twice_is1) (Version: - ) Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation) SteelSeries Engine 3.19.0 (HKLM\...\SteelSeries Engine 3) (Version: 3.19.0 - SteelSeries ApS) TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.5.3 - TeamSpeak Systems GmbH) TechPowerUp GPU-Z (HKLM-x32\...\{8B0F211E-5846-4FB2-B0B9-4EB31546FDF9}}_is1) (Version: - TechPowerUp) The Medium (HKLM-x32\...\The Medium_is1) (Version: - ) Uplay (HKLM-x32\...\Uplay) (Version: 113.0 - Ubisoft) VLC media player (HKLM-x32\...\VLC media player) (Version: 3.0.11 - VideoLAN) WinRAR 5.91 (64-bitowy) (HKLM\...\WinRAR archiver) (Version: 5.91.0 - win.rar GmbH) XAMPP (HKLM\...\xampp) (Version: 7.4.12-0 - Bitnami) Packages: ========= Among Us -> C:\Program Files\WindowsApps\Innersloth.AmongUs_2020.12.5.0_x64__fw5x688tam7rm [2021-01-19] (InnerSloth) Dodatek Aparat multimediów dla aplikacji Zdjęcia -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2020-12-04] (Microsoft Corporation) Forza Horizon 4 -> C:\Program Files\WindowsApps\Microsoft.SunriseBaseGame_1.463.590.2_x64__8wekyb3d8bbwe [2021-02-19] (Microsoft Studios) Golf With Your Friends -> C:\Program Files\WindowsApps\Team17DigitalLimited.GolfWithYourFriendsWin10_1.0.12.0_x64__j5x4vj4y67jhc [2021-01-13] (Team17 Digital Limited) Sea of Thieves -> C:\Program Files\WindowsApps\Microsoft.SeaofThieves_2.98.6160.2_x64__8wekyb3d8bbwe [2021-02-19] (ms-resource:PublisherDisplayName) Worms W.M.D -> C:\Program Files\WindowsApps\Team17DigitalLimited.WormsW.M.DWin10_1.0.352.0_x64__j5x4vj4y67jhc [2021-01-13] (Team17 Digital Limited) ==================== Niestandardowe rejestracje CLSID (filtrowane): ============== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) ShellExecuteHooks: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [6722448 2010-03-25] (Microsoft Corporation -> Microsoft Corporation) ShellExecuteHooks-x32: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL [4222864 2010-03-25] (Microsoft Corporation -> Microsoft Corporation) ShellIconOverlayIdentifiers: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => -> Brak pliku ShellIconOverlayIdentifiers: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => -> Brak pliku ShellIconOverlayIdentifiers: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => -> Brak pliku ShellIconOverlayIdentifiers: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => -> Brak pliku ShellIconOverlayIdentifiers: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => -> Brak pliku ShellIconOverlayIdentifiers: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => -> Brak pliku ShellIconOverlayIdentifiers: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => -> Brak pliku ShellIconOverlayIdentifiers-x32: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => -> Brak pliku ShellIconOverlayIdentifiers-x32: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => -> Brak pliku ShellIconOverlayIdentifiers-x32: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => -> Brak pliku ShellIconOverlayIdentifiers-x32: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => -> Brak pliku ShellIconOverlayIdentifiers-x32: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => -> Brak pliku ShellIconOverlayIdentifiers-x32: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => -> Brak pliku ShellIconOverlayIdentifiers-x32: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => -> Brak pliku ContextMenuHandlers1: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => -> Brak pliku ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => -> Brak pliku ContextMenuHandlers1: [AIMP] -> {1F77B17B-F531-44DB-ACA4-76ABB5010A28} => -> Brak pliku ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} => C:\Program Files (x86)\Notepad++\NppShell_06.dll [2020-11-02] (Notepad++ -> ) ContextMenuHandlers1: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} => -> Brak pliku ContextMenuHandlers1: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Security\shellExt.dll [2020-10-26] (ESET, spol. s r.o. -> ESET) ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2020-08-25] (win.rar GmbH -> Alexander Roshal) ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2020-08-25] (win.rar GmbH -> Alexander Roshal) ContextMenuHandlers2: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Security\shellExt.dll [2020-10-26] (ESET, spol. s r.o. -> ESET) ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2021-02-19] (Malwarebytes Corporation -> Malwarebytes) ContextMenuHandlers3: [{4A7C4306-57E0-4C0C-83A9-78C1528F618C}] -> {4A7C4306-57E0-4C0C-83A9-78C1528F618C} => -> Brak pliku ContextMenuHandlers4: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => -> Brak pliku ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => -> Brak pliku ContextMenuHandlers4: [AIMP] -> {1F77B17B-F531-44DB-ACA4-76ABB5010A28} => -> Brak pliku ContextMenuHandlers4: [Offline Files] -> {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} => -> Brak pliku ContextMenuHandlers5: [ACE] -> {5E2121EE-0300-11D4-8D3B-444553540000} => C:\WINDOWS\System32\atiacm64.dll [2020-11-17] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.) ContextMenuHandlers6: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} => -> Brak pliku ContextMenuHandlers6: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Security\shellExt.dll [2020-10-26] (ESET, spol. s r.o. -> ESET) ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2021-02-19] (Malwarebytes Corporation -> Malwarebytes) ContextMenuHandlers6: [Offline Files] -> {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} => -> Brak pliku ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2020-08-25] (win.rar GmbH -> Alexander Roshal) ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2020-08-25] (win.rar GmbH -> Alexander Roshal) ==================== Codecs (filtrowane) ==================== ==================== Skróty & WMI ======================== ==================== Załadowane moduły (filtrowane) ============= 2020-07-27 14:14 - 2020-07-27 14:14 - 000017920 _____ () [Brak podpisu cyfrowego] C:\Program Files\AMD\CNext\CNext\libEGL.dll 2020-07-27 14:14 - 2020-07-27 14:14 - 003567616 _____ () [Brak podpisu cyfrowego] C:\Program Files\AMD\CNext\CNext\libGLESv2.dll 2020-11-13 14:48 - 2020-11-13 14:48 - 001470976 _____ (Advanced Micro Devices, Inc.) [Brak podpisu cyfrowego] C:\Program Files\AMD\WVR\OpenVR\bin\win64\driver_amdwvr.dll 2021-02-06 20:54 - 2021-02-06 20:54 - 000000000 ____L (Advanced Micro Devices, Inc.) C:\WINDOWS\System32\drivers\atikmdag-patched\amduve64.dll 2021-02-06 20:54 - 2021-02-06 20:54 - 000000000 ____L (Advanced Micro Devices, Inc.) C:\WINDOWS\System32\drivers\atikmdag-patched\atig6txx.dll 2021-02-06 20:54 - 2021-02-06 20:54 - 000000000 ____L (Advanced Micro Devices, Inc.) C:\WINDOWS\System32\drivers\atikmdag-patched\atiumd6a.dll 2020-07-27 14:15 - 2020-07-27 14:15 - 000031744 _____ (The Qt Company Ltd.) [Brak podpisu cyfrowego] C:\Program Files\AMD\CNext\CNext\plugins\imageformats\qgif.dll 2020-07-27 14:15 - 2020-07-27 14:15 - 000039424 _____ (The Qt Company Ltd.) [Brak podpisu cyfrowego] C:\Program Files\AMD\CNext\CNext\plugins\imageformats\qicns.dll 2020-07-27 14:15 - 2020-07-27 14:15 - 000031744 _____ (The Qt Company Ltd.) [Brak podpisu cyfrowego] C:\Program Files\AMD\CNext\CNext\plugins\imageformats\qico.dll 2020-07-27 14:15 - 2020-07-27 14:15 - 000414720 _____ (The Qt Company Ltd.) [Brak podpisu cyfrowego] C:\Program Files\AMD\CNext\CNext\plugins\imageformats\qjpeg.dll 2020-07-27 14:15 - 2020-07-27 14:15 - 000025088 _____ (The Qt Company Ltd.) [Brak podpisu cyfrowego] C:\Program Files\AMD\CNext\CNext\plugins\imageformats\qsvg.dll 2020-07-27 14:15 - 2020-07-27 14:15 - 000024576 _____ (The Qt Company Ltd.) [Brak podpisu cyfrowego] C:\Program Files\AMD\CNext\CNext\plugins\imageformats\qtga.dll 2020-07-27 14:15 - 2020-07-27 14:15 - 000023552 _____ (The Qt Company Ltd.) [Brak podpisu cyfrowego] C:\Program Files\AMD\CNext\CNext\plugins\imageformats\qwbmp.dll 2020-07-27 14:15 - 2020-07-27 14:15 - 000532992 _____ (The Qt Company Ltd.) [Brak podpisu cyfrowego] C:\Program Files\AMD\CNext\CNext\plugins\imageformats\qwebp.dll 2020-07-27 14:15 - 2020-07-27 14:15 - 001441792 _____ (The Qt Company Ltd.) [Brak podpisu cyfrowego] C:\Program Files\AMD\CNext\CNext\plugins\platforms\qwindows.dll 2020-07-27 14:15 - 2020-07-27 14:15 - 001189888 _____ (The Qt Company Ltd.) [Brak podpisu cyfrowego] C:\Program Files\AMD\CNext\CNext\plugins\sqldrivers\qsqlite.dll 2020-07-27 14:15 - 2020-07-27 14:15 - 000134656 _____ (The Qt Company Ltd.) [Brak podpisu cyfrowego] C:\Program Files\AMD\CNext\CNext\plugins\styles\qwindowsvistastyle.dll 2020-07-27 14:14 - 2020-07-27 14:14 - 006184448 _____ (The Qt Company Ltd.) [Brak podpisu cyfrowego] C:\Program Files\AMD\CNext\CNext\Qt5Core.dll 2020-07-27 14:14 - 2020-07-27 14:14 - 006867456 _____ (The Qt Company Ltd.) [Brak podpisu cyfrowego] C:\Program Files\AMD\CNext\CNext\Qt5Gui.dll 2020-07-27 14:14 - 2020-07-27 14:14 - 000735232 _____ (The Qt Company Ltd.) [Brak podpisu cyfrowego] C:\Program Files\AMD\CNext\CNext\Qt5Multimedia.dll 2020-07-27 14:14 - 2020-07-27 14:14 - 000120832 _____ (The Qt Company Ltd.) [Brak podpisu cyfrowego] C:\Program Files\AMD\CNext\CNext\Qt5MultimediaQuick.dll 2020-07-27 14:14 - 2020-07-27 14:14 - 001104896 _____ (The Qt Company Ltd.) [Brak podpisu cyfrowego] C:\Program Files\AMD\CNext\CNext\Qt5Network.dll 2020-07-27 14:14 - 2020-07-27 14:14 - 000325120 _____ (The Qt Company Ltd.) [Brak podpisu cyfrowego] C:\Program Files\AMD\CNext\CNext\Qt5Positioning.dll 2020-07-27 14:14 - 2020-07-27 14:14 - 003668480 _____ (The Qt Company Ltd.) [Brak podpisu cyfrowego] C:\Program Files\AMD\CNext\CNext\Qt5Qml.dll 2020-07-27 14:14 - 2020-07-27 14:14 - 000517120 _____ (The Qt Company Ltd.) [Brak podpisu cyfrowego] C:\Program Files\AMD\CNext\CNext\Qt5QmlModels.dll 2020-07-27 14:14 - 2020-07-27 14:14 - 000051712 _____ (The Qt Company Ltd.) [Brak podpisu cyfrowego] C:\Program Files\AMD\CNext\CNext\Qt5QmlWorkerScript.dll 2020-07-27 14:14 - 2020-07-27 14:14 - 004228608 _____ (The Qt Company Ltd.) [Brak podpisu cyfrowego] C:\Program Files\AMD\CNext\CNext\Qt5Quick.dll 2020-07-27 14:14 - 2020-07-27 14:14 - 000171008 _____ (The Qt Company Ltd.) [Brak podpisu cyfrowego] C:\Program Files\AMD\CNext\CNext\Qt5QuickControls2.dll 2020-07-27 14:14 - 2020-07-27 14:14 - 001085440 _____ (The Qt Company Ltd.) [Brak podpisu cyfrowego] C:\Program Files\AMD\CNext\CNext\Qt5QuickTemplates2.dll 2020-07-27 14:14 - 2020-07-27 14:14 - 000205824 _____ (The Qt Company Ltd.) [Brak podpisu cyfrowego] C:\Program Files\AMD\CNext\CNext\Qt5Sql.dll 2020-07-27 14:14 - 2020-07-27 14:14 - 000329728 _____ (The Qt Company Ltd.) [Brak podpisu cyfrowego] C:\Program Files\AMD\CNext\CNext\Qt5Svg.dll 2020-07-27 14:14 - 2020-07-27 14:14 - 000127488 _____ (The Qt Company Ltd.) [Brak podpisu cyfrowego] C:\Program Files\AMD\CNext\CNext\Qt5WebChannel.dll 2020-07-27 14:14 - 2020-07-27 14:14 - 000390656 _____ (The Qt Company Ltd.) [Brak podpisu cyfrowego] C:\Program Files\AMD\CNext\CNext\Qt5WebEngine.dll 2020-07-27 14:14 - 2020-07-27 14:14 - 095598080 _____ (The Qt Company Ltd.) [Brak podpisu cyfrowego] C:\Program Files\AMD\CNext\CNext\Qt5WebEngineCore.dll 2020-07-27 14:14 - 2020-07-27 14:14 - 005587968 _____ (The Qt Company Ltd.) [Brak podpisu cyfrowego] C:\Program Files\AMD\CNext\CNext\Qt5Widgets.dll 2020-07-27 14:14 - 2020-07-27 14:14 - 000462848 _____ (The Qt Company Ltd.) [Brak podpisu cyfrowego] C:\Program Files\AMD\CNext\CNext\Qt5WinExtras.dll 2020-07-27 14:14 - 2020-07-27 14:14 - 000188928 _____ (The Qt Company Ltd.) [Brak podpisu cyfrowego] C:\Program Files\AMD\CNext\CNext\Qt5Xml.dll 2020-07-27 14:14 - 2020-07-27 14:14 - 002878464 _____ (The Qt Company Ltd.) [Brak podpisu cyfrowego] C:\Program Files\AMD\CNext\CNext\Qt5XmlPatterns.dll 2020-07-27 14:15 - 2020-07-27 14:15 - 000055808 _____ (The Qt Company Ltd.) [Brak podpisu cyfrowego] C:\Program Files\AMD\CNext\CNext\QtGraphicalEffects\private\qtgraphicaleffectsprivate.dll 2020-07-27 14:15 - 2020-07-27 14:15 - 000059392 _____ (The Qt Company Ltd.) [Brak podpisu cyfrowego] C:\Program Files\AMD\CNext\CNext\QtGraphicalEffects\qtgraphicaleffectsplugin.dll 2020-07-27 14:15 - 2020-07-27 14:15 - 000262144 _____ (The Qt Company Ltd.) [Brak podpisu cyfrowego] C:\Program Files\AMD\CNext\CNext\QtMultimedia\declarative_multimedia.dll 2020-07-27 14:15 - 2020-07-27 14:15 - 000017920 _____ (The Qt Company Ltd.) [Brak podpisu cyfrowego] C:\Program Files\AMD\CNext\CNext\QtQml\qmlplugin.dll 2020-07-27 14:15 - 2020-07-27 14:15 - 000017920 _____ (The Qt Company Ltd.) [Brak podpisu cyfrowego] C:\Program Files\AMD\CNext\CNext\QtQuick.2\qtquick2plugin.dll 2020-07-27 14:15 - 2020-07-27 14:15 - 000284160 _____ (The Qt Company Ltd.) [Brak podpisu cyfrowego] C:\Program Files\AMD\CNext\CNext\QtQuick\Controls.2\qtquickcontrols2plugin.dll 2020-07-27 14:15 - 2020-07-27 14:15 - 000333824 _____ (The Qt Company Ltd.) [Brak podpisu cyfrowego] C:\Program Files\AMD\CNext\CNext\QtQuick\Controls\qtquickcontrolsplugin.dll 2020-07-27 14:15 - 2020-07-27 14:15 - 000136704 _____ (The Qt Company Ltd.) [Brak podpisu cyfrowego] C:\Program Files\AMD\CNext\CNext\QtQuick\Dialogs\dialogplugin.dll 2020-07-27 14:15 - 2020-07-27 14:15 - 000090112 _____ (The Qt Company Ltd.) [Brak podpisu cyfrowego] C:\Program Files\AMD\CNext\CNext\QtQuick\Layouts\qquicklayoutsplugin.dll 2020-07-27 14:15 - 2020-07-27 14:15 - 000313856 _____ (The Qt Company Ltd.) [Brak podpisu cyfrowego] C:\Program Files\AMD\CNext\CNext\QtQuick\Templates.2\qtquicktemplates2plugin.dll 2020-07-27 14:15 - 2020-07-27 14:15 - 000017920 _____ (The Qt Company Ltd.) [Brak podpisu cyfrowego] C:\Program Files\AMD\CNext\CNext\QtQuick\Window.2\windowplugin.dll 2020-11-13 15:00 - 2020-11-13 15:00 - 000091648 _____ (The Qt Company Ltd.) [Brak podpisu cyfrowego] C:\Program Files\AMD\CNext\CNext\QtWebEngine\qtwebengineplugin.dll ==================== Alternate Data Streams (filtrowane) ======== ==================== Tryb awaryjny (filtrowane) ================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Wartość "AlternateShell" zostanie przywrócona.) HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service" ==================== Powiązania plików (filtrowane) ================= ==================== Internet Explorer (filtrowane) ========== HKU\S-1-5-21-277659420-183272958-4170811583-1001\Software\Microsoft\Internet Explorer\Main,Search Page = hxxps://www.google.pl HKU\S-1-5-21-277659420-183272958-4170811583-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://www.google.pl/ SearchScopes: HKU\S-1-5-21-277659420-183272958-4170811583-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [2010-03-25] (Microsoft Corporation -> Microsoft Corporation) BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_261\bin\ssv.dll [2020-09-23] (Oracle America, Inc. -> Oracle Corporation) BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2010-02-28] (Microsoft Corporation -> Microsoft Corporation) BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_261\bin\jp2ssv.dll [2020-09-23] (Oracle America, Inc. -> Oracle Corporation) BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL [2010-03-25] (Microsoft Corporation -> Microsoft Corporation) BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2010-02-28] (Microsoft Corporation -> Microsoft Corporation) Handler: ms-help - {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll [2008-05-23] (Microsoft Corporation) [Brak podpisu cyfrowego] ==================== Hosts - zawartość: ========================= (Użycie dyrektywy Hosts: w fixlist spowoduje reset pliku Hosts.) 2019-03-19 05:49 - 2021-01-12 21:23 - 000000836 ____R C:\WINDOWS\system32\drivers\etc\hosts ==================== Inne obszary =========================== (Obecnie brak automatycznej naprawy dla tej sekcji.) HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Common Files\Oracle\Java\javapath;C:\ProgramData\Oracle\Java\javapath;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;%SYSTEMROOT%\System32\OpenSSH\ HKU\S-1-5-21-277659420-183272958-4170811583-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\j_lis\AppData\Local\Packages\Microsoft.Windows.Photos_8wekyb3d8bbwe\LocalState\PhotosAppBackground\994479.png DNS Servers: 8.8.8.8 - 8.8.4.4 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 0) HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: OFF) Zapora systemu Windows [funkcja włączona] ==================== MSCONFIG/TASK MANAGER - Wyłączone elementy == (Załączenie wejścia w fixlist spowoduje jego usunięcie.) MSCONFIG\Services: Fax => 3 MSCONFIG\Services: Origin Client Service => 3 MSCONFIG\Services: Origin Web Helper Service => 2 MSCONFIG\Services: W32Time => 2 MSCONFIG\Services: WSearch => 2 MSCONFIG\Services: wuauserv => 2 HKLM\...\StartupApproved\StartupFolder: => "SteelSeries Engine 3.lnk" HKLM\...\StartupApproved\Run: => "BCSSync" HKLM\...\StartupApproved\Run32: => "SunJavaUpdateSched" HKU\S-1-5-21-277659420-183272958-4170811583-1001\...\StartupApproved\Run: => "OneDrive" HKU\S-1-5-21-277659420-183272958-4170811583-1001\...\StartupApproved\Run: => "EpicGamesLauncher" HKU\S-1-5-21-277659420-183272958-4170811583-1001\...\StartupApproved\Run: => "uTorrent" HKU\S-1-5-21-277659420-183272958-4170811583-1001\...\StartupApproved\Run: => "Discord" HKU\S-1-5-21-277659420-183272958-4170811583-1001\...\StartupApproved\Run: => "CCleaner Smart Cleaning" HKU\S-1-5-21-277659420-183272958-4170811583-1001\...\StartupApproved\Run: => "GoogleChromeAutoLaunch_54B8FD4CA9DB45CDBCA65815B76D6C9B" HKU\S-1-5-21-277659420-183272958-4170811583-1001\...\StartupApproved\Run: => "FACEIT" HKU\S-1-5-21-277659420-183272958-4170811583-1001\...\StartupApproved\Run: => "SteamServerBrowser" ==================== Reguły Zapory systemu Windows (filtrowane) ================ (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) FirewallRules: [{A3502868-6491-499D-8C93-B95F5BA98E52}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\grid 2\grid2.exe (Valve Corp. -> Codemasters Software Company Limited) [Brak podpisu cyfrowego] FirewallRules: [{1FAE1DD8-48C0-4093-81C7-5FAD33423AC9}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\grid 2\grid2.exe (Valve Corp. -> Codemasters Software Company Limited) [Brak podpisu cyfrowego] FirewallRules: [UDP Query User{14F0C1E6-1DC2-40C5-9657-1B4A406C4F11}E:\steamlibrary\steamapps\common\cyberpunk 2077\bin\x64\cyberpunk2077.exe] => (Allow) E:\steamlibrary\steamapps\common\cyberpunk 2077\bin\x64\cyberpunk2077.exe => Brak pliku FirewallRules: [TCP Query User{48C53BC5-A0B8-4767-A03A-A804702CABDB}E:\steamlibrary\steamapps\common\cyberpunk 2077\bin\x64\cyberpunk2077.exe] => (Allow) E:\steamlibrary\steamapps\common\cyberpunk 2077\bin\x64\cyberpunk2077.exe => Brak pliku FirewallRules: [{689CB443-CFDC-45D7-AB03-C8CC1A3E2C97}] => (Allow) C:\Program Files\Easeware\DriverEasy\DriverEasy.exe (Easeware Technology Limited -> Easeware) FirewallRules: [UDP Query User{7D05E159-D0D9-454F-936A-B4DAE648E1BE}C:\gry\tekken 7\tekkengame\binaries\win64\tekkengame-win64-shipping.exe] => (Allow) C:\gry\tekken 7\tekkengame\binaries\win64\tekkengame-win64-shipping.exe => Brak pliku FirewallRules: [TCP Query User{8CFC181B-19E2-4ADB-A42D-E18BB245A39D}C:\gry\tekken 7\tekkengame\binaries\win64\tekkengame-win64-shipping.exe] => (Allow) C:\gry\tekken 7\tekkengame\binaries\win64\tekkengame-win64-shipping.exe => Brak pliku FirewallRules: [UDP Query User{C8983573-330D-4B76-A6F4-86253968A8B6}D:\gry\call of duty modern warfare\modernwarfare.exe] => (Allow) D:\gry\call of duty modern warfare\modernwarfare.exe (Activision Publishing Inc -> Activision) FirewallRules: [TCP Query User{76C26199-0553-4FF9-A522-F2A3779CA717}D:\gry\call of duty modern warfare\modernwarfare.exe] => (Allow) D:\gry\call of duty modern warfare\modernwarfare.exe (Activision Publishing Inc -> Activision) FirewallRules: [{BAEA3BE7-8B70-4653-A03E-F6CCDACC175C}] => (Allow) E:\SteamLibrary\steamapps\common\Ball 3D\Ball 3D.exe () [Brak podpisu cyfrowego] FirewallRules: [{F44EDB46-08A9-436D-A3AD-EDD6081AE595}] => (Allow) E:\SteamLibrary\steamapps\common\Ball 3D\Ball 3D.exe () [Brak podpisu cyfrowego] FirewallRules: [UDP Query User{0A26F06B-1D16-415F-9AFE-0A6C6CBBC089}C:\program files\java\jre1.8.0_261\bin\javaw.exe] => (Block) C:\program files\java\jre1.8.0_261\bin\javaw.exe FirewallRules: [TCP Query User{6753AAEE-D6A8-475D-B6F2-689C09D72167}C:\program files\java\jre1.8.0_261\bin\javaw.exe] => (Block) C:\program files\java\jre1.8.0_261\bin\javaw.exe FirewallRules: [UDP Query User{2B3164E6-1041-4AD0-AD37-3DB1E3A6FD00}E:\steamlibrary\steamapps\common\cyberpunk 2077\bin\x64\cyberpunk2077.exe] => (Allow) E:\steamlibrary\steamapps\common\cyberpunk 2077\bin\x64\cyberpunk2077.exe => Brak pliku FirewallRules: [TCP Query User{542BE1F1-AD82-4F1F-A0B5-58F1A32C24B6}E:\steamlibrary\steamapps\common\cyberpunk 2077\bin\x64\cyberpunk2077.exe] => (Allow) E:\steamlibrary\steamapps\common\cyberpunk 2077\bin\x64\cyberpunk2077.exe => Brak pliku FirewallRules: [{D399ED1B-CEC4-4B4B-8D4A-A66066D38759}] => (Allow) E:\SteamLibrary\steamapps\common\Timberman\Timberman.exe () [Brak podpisu cyfrowego] FirewallRules: [{FB6F653A-9E80-4504-979C-C8D50C30BBC9}] => (Allow) E:\SteamLibrary\steamapps\common\Timberman\Timberman.exe () [Brak podpisu cyfrowego] FirewallRules: [UDP Query User{FFD0938E-B49F-4835-BB01-66B72F0CB4F1}D:\epic game\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe] => (Allow) D:\epic game\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe => Brak pliku FirewallRules: [TCP Query User{C259056E-0E80-40CE-B1BC-47900DEA0741}D:\epic game\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe] => (Allow) D:\epic game\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe => Brak pliku FirewallRules: [{BB42ADE9-B5A1-4C5E-92BC-BB144EF072AF}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Spacewar\SteamworksExample.exe () [Brak podpisu cyfrowego] FirewallRules: [{7645AD24-3DE3-46BF-939C-36796E35CD04}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Spacewar\SteamworksExample.exe () [Brak podpisu cyfrowego] FirewallRules: [UDP Query User{39373EB5-2DBC-4CA8-8F62-534482E5B467}D:\gry\call of duty modern warfare\modernwarfare.exe] => (Allow) D:\gry\call of duty modern warfare\modernwarfare.exe (Activision Publishing Inc -> Activision) FirewallRules: [TCP Query User{2AD40F91-64F9-4F8D-B7C8-236D26376A5B}D:\gry\call of duty modern warfare\modernwarfare.exe] => (Allow) D:\gry\call of duty modern warfare\modernwarfare.exe (Activision Publishing Inc -> Activision) FirewallRules: [UDP Query User{6F9E7FDB-2A16-432E-8FB8-C64B70C4FB0F}C:\xampp\mysql\bin\mysqld.exe] => (Allow) C:\xampp\mysql\bin\mysqld.exe (MariaDB Corporation Ab -> ) FirewallRules: [TCP Query User{3A4DC9F6-56E2-40ED-8993-74746F27A93E}C:\xampp\mysql\bin\mysqld.exe] => (Allow) C:\xampp\mysql\bin\mysqld.exe (MariaDB Corporation Ab -> ) FirewallRules: [UDP Query User{B5322763-472F-438E-829B-390D7F2DF5D7}C:\xampp\apache\bin\httpd.exe] => (Allow) C:\xampp\apache\bin\httpd.exe (Apache Software Foundation) [Brak podpisu cyfrowego] FirewallRules: [TCP Query User{81EE473C-562B-4085-8440-21D0545E4E76}C:\xampp\apache\bin\httpd.exe] => (Allow) C:\xampp\apache\bin\httpd.exe (Apache Software Foundation) [Brak podpisu cyfrowego] FirewallRules: [{D8067FD8-99E5-4841-A51E-075AD83F2B69}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation) FirewallRules: [{C511E85B-B3CB-4F52-9DE8-5894741923E1}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation) FirewallRules: [UDP Query User{92AA7D04-F952-4A6F-A83A-76D7CC9BEE37}D:\gry\far cry - primal\bin\fcprimal.exe] => (Allow) D:\gry\far cry - primal\bin\fcprimal.exe (UBISOFT ENTERTAINMENT INC. -> Ubisoft Entertainment) FirewallRules: [TCP Query User{DD5DAFE7-E1CE-4408-ADFB-2937E3050206}D:\gry\far cry - primal\bin\fcprimal.exe] => (Allow) D:\gry\far cry - primal\bin\fcprimal.exe (UBISOFT ENTERTAINMENT INC. -> Ubisoft Entertainment) FirewallRules: [UDP Query User{70B41BFF-8484-4D75-83B1-D9EB03FF4991}C:\users\j_lis\appdata\roaming\crystal-launcher\runtime\64\jre1.8.0_211\bin\javaw.exe] => (Allow) C:\users\j_lis\appdata\roaming\crystal-launcher\runtime\64\jre1.8.0_211\bin\javaw.exe FirewallRules: [TCP Query User{1A59583D-9D18-4EB4-B3DB-BC97FD25EB11}C:\users\j_lis\appdata\roaming\crystal-launcher\runtime\64\jre1.8.0_211\bin\javaw.exe] => (Allow) C:\users\j_lis\appdata\roaming\crystal-launcher\runtime\64\jre1.8.0_211\bin\javaw.exe FirewallRules: [UDP Query User{5D15FDDD-05E1-4F6D-9B62-16C4C96E1E23}C:\program files\java\jre1.8.0_261\bin\javaw.exe] => (Block) C:\program files\java\jre1.8.0_261\bin\javaw.exe FirewallRules: [TCP Query User{1BF6C770-8487-44E9-9A2A-4456F578E505}C:\program files\java\jre1.8.0_261\bin\javaw.exe] => (Block) C:\program files\java\jre1.8.0_261\bin\javaw.exe FirewallRules: [UDP Query User{F7A3EB42-8068-4524-AC12-418AD9B1181D}C:\program files\epic games\gtav\gta5.exe] => (Allow) C:\program files\epic games\gtav\gta5.exe => Brak pliku FirewallRules: [TCP Query User{5D522459-D393-4E4B-8167-59914B72C4AC}C:\program files\epic games\gtav\gta5.exe] => (Allow) C:\program files\epic games\gtav\gta5.exe => Brak pliku FirewallRules: [UDP Query User{60C9AB25-E2C9-418F-AFE4-4E531EBFF48C}C:\program files\amd\cnext\cnext\radeonsoftware.exe] => (Allow) C:\program files\amd\cnext\cnext\radeonsoftware.exe (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.) FirewallRules: [TCP Query User{76AFBFD4-AFBE-4F5A-9622-30BAC2EA7DE1}C:\program files\amd\cnext\cnext\radeonsoftware.exe] => (Allow) C:\program files\amd\cnext\cnext\radeonsoftware.exe (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.) FirewallRules: [{119D9337-902A-43DD-A81C-2C6DEF5D0F89}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\The Witcher 3\bin\x64\witcher3.exe (CD Projekt Red) [Brak podpisu cyfrowego] FirewallRules: [{E2DB2F2A-EB28-470F-AB2F-57677F586509}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\The Witcher 3\bin\x64\witcher3.exe (CD Projekt Red) [Brak podpisu cyfrowego] FirewallRules: [{80A94BA3-51B7-4E57-8E39-38C6FB7A90A9}] => (Allow) C:\Users\j_lis\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc -> BitTorrent Inc.) FirewallRules: [{4922EBA6-85EA-4156-B6D6-E2376C43C525}] => (Allow) C:\Users\j_lis\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc -> BitTorrent Inc.) FirewallRules: [{3EC40026-ED73-4B60-AC49-F40B847B7CD4}] => (Allow) C:\Program Files\HP\HP Deskjet 2540 series\Bin\HPNetworkCommunicatorCom.exe (Hewlett Packard -> Hewlett-Packard Co.) FirewallRules: [{116A4DFF-B6D0-440B-9470-FC3B688DB424}] => (Allow) LPort=5357 FirewallRules: [{B3A94E01-A8F1-41D1-85B8-3F4691B16EB4}] => (Allow) C:\Program Files\HP\HP Deskjet 2540 series\Bin\DeviceSetup.exe (Hewlett Packard -> Hewlett-Packard Co.) FirewallRules: [{A7CE3FE2-4074-49F5-A16C-C2078ABC4FFC}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe (Valve -> ) FirewallRules: [{11AC7A8C-C654-4EC8-A36C-F97D29D6E3D5}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe (Valve -> ) FirewallRules: [{E0853B25-1FE8-4901-88E5-7B2E13E53B72}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.64.80.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.) FirewallRules: [{E7B5BAA8-A667-4B9C-89C9-D33005FD0287}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.64.80.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.) FirewallRules: [{50C5A7AE-2BF3-4196-9C07-ABA58821CC06}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.64.80.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.) FirewallRules: [{6C6162D3-BDC0-40BC-9A06-12058094D410}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.64.80.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.) FirewallRules: [{EF498D0D-1725-4AE5-AE36-2F51D21815D6}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation) FirewallRules: [{CF060B2D-E0E0-4A3C-A77E-148F7C801B86}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation) FirewallRules: [TCP Query User{DC07AB4C-A7BF-40D6-8D3B-82AEC0293A5A}C:\hearthstone\hearthstone.exe] => (Allow) C:\hearthstone\hearthstone.exe (Blizzard Entertainment, Inc. -> ) FirewallRules: [UDP Query User{C70AFAF6-E460-4629-AEBC-A76FA0152D3D}C:\hearthstone\hearthstone.exe] => (Allow) C:\hearthstone\hearthstone.exe (Blizzard Entertainment, Inc. -> ) FirewallRules: [{E91BD9D3-D402-4C7F-A8BD-328BE9AA73BE}] => (Allow) C:\Users\j_lis\AppData\Local\Programs\Opera GX\73.0.3856.396\opera.exe (Opera Software AS -> Opera Software) FirewallRules: [{B29A138D-EFF2-4757-AEA8-36C9732F37A9}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Valheim\valheim.exe () [Brak podpisu cyfrowego] FirewallRules: [{3C317CCA-4FE2-42C8-9A8A-7423ADE13080}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Valheim\valheim.exe () [Brak podpisu cyfrowego] FirewallRules: [{955A628D-AF29-40C4-9FAC-F91288030E7F}] => (Allow) C:\Users\j_lis\AppData\Local\Programs\Opera GX\73.0.3856.400\opera.exe (Opera Software AS -> Opera Software) FirewallRules: [{D4A1C832-43F1-4157-9954-7F8FC8BDE048}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC) ==================== Punkty Przywracania systemu ========================= 29-01-2021 10:46:22 Zainstalowany program DirectX 18-02-2021 13:30:35 Installed Microsoft Office Standard 2016 19-02-2021 22:31:51 Removed Hextech Repair Tool ==================== Wadliwe urządzenia w Menedżerze urządzeń ============ Name: Sterownik infrastruktury wirtualizacji funkcji Microsoft Hyper-V Description: Sterownik infrastruktury wirtualizacji funkcji Microsoft Hyper-V Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318} Manufacturer: Microsoft Service: Vid Problem: : A driver (service) for this device has been disabled. An alternate driver may be providing this functionality (Code 32) Resolution: The start type for this driver is set to disabled in the registry. Uninstall the driver from Device Manager, and then scan for new hardware to install the driver again. If this does not work, you might have to change the device start type parameter in the registry. Name: Microsoft Kernel Debug Network Adapter Description: Karta sieciowa debugowania jądra firmy Microsoft Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318} Manufacturer: Microsoft Service: kdnic Problem: : A driver (service) for this device has been disabled. An alternate driver may be providing this functionality (Code 32) Resolution: The start type for this driver is set to disabled in the registry. Uninstall the driver from Device Manager, and then scan for new hardware to install the driver again. If this does not work, you might have to change the device start type parameter in the registry. Name: Moduł wyliczający wirtualnej karty sieciowej NDIS Description: Moduł wyliczający wirtualnej karty sieciowej NDIS Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318} Manufacturer: Microsoft Service: NdisVirtualBus Problem: : A driver (service) for this device has been disabled. An alternate driver may be providing this functionality (Code 32) Resolution: The start type for this driver is set to disabled in the registry. Uninstall the driver from Device Manager, and then scan for new hardware to install the driver again. If this does not work, you might have to change the device start type parameter in the registry. ==================== Błędy w Dzienniku zdarzeń: ======================== Dziennik Aplikacja: ================== Error: (02/20/2021 11:00:21 AM) (Source: SecurityCenter) (EventID: 16) (User: ) Description: Błąd podczas aktualizowania stanu na wartość SECURITY_PRODUCT_STATE_ON. Error: (02/20/2021 11:00:16 AM) (Source: SecurityCenter) (EventID: 16) (User: ) Description: Błąd podczas aktualizowania stanu na wartość SECURITY_PRODUCT_STATE_ON. Error: (02/20/2021 11:00:11 AM) (Source: SecurityCenter) (EventID: 16) (User: ) Description: Błąd podczas aktualizowania stanu na wartość SECURITY_PRODUCT_STATE_ON. Error: (02/20/2021 11:00:06 AM) (Source: SecurityCenter) (EventID: 16) (User: ) Description: Błąd podczas aktualizowania stanu na wartość SECURITY_PRODUCT_STATE_ON. Error: (02/20/2021 11:00:01 AM) (Source: SecurityCenter) (EventID: 16) (User: ) Description: Błąd podczas aktualizowania stanu na wartość SECURITY_PRODUCT_STATE_ON. Error: (02/20/2021 10:59:56 AM) (Source: SecurityCenter) (EventID: 16) (User: ) Description: Błąd podczas aktualizowania stanu na wartość SECURITY_PRODUCT_STATE_ON. Error: (02/20/2021 10:59:51 AM) (Source: SecurityCenter) (EventID: 16) (User: ) Description: Błąd podczas aktualizowania stanu na wartość SECURITY_PRODUCT_STATE_ON. Error: (02/20/2021 10:59:46 AM) (Source: SecurityCenter) (EventID: 16) (User: ) Description: Błąd podczas aktualizowania stanu na wartość SECURITY_PRODUCT_STATE_ON. Dziennik System: ============= Error: (02/20/2021 01:22:03 PM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: Usługa Epic Online Services niespodziewanie zakończyła pracę. Wystąpiło to razy: 1. Error: (02/20/2021 10:52:00 AM) (Source: Service Control Manager) (EventID: 7023) (User: ) Description: Usługa WMPNetworkSvc zakończyła działanie; wystąpił następujący błąd: Wykonano próbę odwołania się do tokena, który nie istnieje. Error: (02/20/2021 10:51:58 AM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Nie można uruchomić usługi luafv z powodu następującego błędu: Nastąpiło zablokowanie ładowania sterownika Error: (02/19/2021 10:05:18 PM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: Usługa Epic Online Services niespodziewanie zakończyła pracę. Wystąpiło to razy: 1. Error: (02/19/2021 05:29:18 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: ZARZĄDZANIE NT) Description: Instalacja nie powiodła się: system Windows nie mógł zainstalować następującej aktualizacji, ponieważ wystąpił błąd 0x80073d02: 9MWPM2CQNLHN-Microsoft.GamingServices. Error: (02/19/2021 05:12:48 PM) (Source: Service Control Manager) (EventID: 7023) (User: ) Description: Usługa WMPNetworkSvc zakończyła działanie; wystąpił następujący błąd: Wykonano próbę odwołania się do tokena, który nie istnieje. Error: (02/19/2021 05:12:46 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Nie można uruchomić usługi luafv z powodu następującego błędu: Nastąpiło zablokowanie ładowania sterownika Error: (02/19/2021 02:38:55 PM) (Source: Service Control Manager) (EventID: 7023) (User: ) Description: Usługa WMPNetworkSvc zakończyła działanie; wystąpił następujący błąd: Wykonano próbę odwołania się do tokena, który nie istnieje. Windows Defender: ================ Date: 2021-02-19 11:03:11 Description: Produkt Program antywirusowy Microsoft Defender wykrył złośliwe oprogramowanie lub inne potencjalnie niechciane oprogramowanie. Aby uzyskać więcej informacji, zobacz: https://go.microsoft.com/fwlink/?linkid=37020&name=App:Utorrent_BundleInstaller&threatid=290703&enterprise=0 Nazwa: App:Utorrent_BundleInstaller Identyfikator: 290703 Ważność: Niski Kategoria: Potencjalnie niechciane oprogramowanie Ścieżka: file:_C:\Users\j_lis\AppData\Roaming\uTorrent\updates\3.5.5_45838.exe Pochodzenie wykrycia: Komputer lokalny Typ wykrycia: Konkretne Źródło wykrycia: Ochrona w czasie rzeczywistym Użytkownik: DESKTOP-P71V9FA\j_lis Nazwa procesu: C:\Program Files\Trojan Killer\tk64.exe Wersja analizy zabezpieczeń: AV: 1.331.1347.0, AS: 1.331.1347.0, NIS: 1.331.1347.0 Wersja aparatu: AM: 1.1.17800.5, NIS: 1.1.17800.5 Date: 2021-02-19 10:56:05 Description: Produkt Program antywirusowy Microsoft Defender wykrył złośliwe oprogramowanie lub inne potencjalnie niechciane oprogramowanie. Aby uzyskać więcej informacji, zobacz: https://go.microsoft.com/fwlink/?linkid=37020&name=Trojan:Win32/Masson.A!rfn&threatid=2147746476&enterprise=0 Nazwa: Trojan:Win32/Masson.A!rfn Identyfikator: 2147746476 Ważność: Poważny Kategoria: Koń trojański Ścieżka: file:_C:\AdwCleaner\Quarantine\v1\20201217.135837\4\Smart Clock\SmartClock.exe#AF926A79E503A464 Pochodzenie wykrycia: Komputer lokalny Typ wykrycia: Konkretne Źródło wykrycia: Ochrona w czasie rzeczywistym Użytkownik: DESKTOP-P71V9FA\j_lis Nazwa procesu: C:\Program Files\Trojan Killer\tk64.exe Wersja analizy zabezpieczeń: AV: 1.331.1347.0, AS: 1.331.1347.0, NIS: 1.331.1347.0 Wersja aparatu: AM: 1.1.17800.5, NIS: 1.1.17800.5 Date: 2021-02-19 10:49:22 Description: Produkt Program antywirusowy Microsoft Defender wykrył złośliwe oprogramowanie lub inne potencjalnie niechciane oprogramowanie. Aby uzyskać więcej informacji, zobacz: https://go.microsoft.com/fwlink/?linkid=37020&name=Trojan:Win32/Gandcrab.AF&threatid=2147727324&enterprise=0 Nazwa: Trojan:Win32/Gandcrab.AF Identyfikator: 2147727324 Ważność: Poważny Kategoria: Koń trojański Ścieżka: file:_C:\Users\j_lis\AppData\LocalLow\IGDump\xqbleybafynkmftkcgtxccwnloqbfvwc\ukqpjdsepcbhmfdzwtiifjmwkpleyrno.ext Pochodzenie wykrycia: Komputer lokalny Typ wykrycia: Konkretne Źródło wykrycia: Ochrona w czasie rzeczywistym Użytkownik: DESKTOP-P71V9FA\j_lis Nazwa procesu: C:\Users\j_lis\AppData\LocalLow\IGDump\xqbleybafynkmftkcgtxccwnloqbfvwc\ig.exe Wersja analizy zabezpieczeń: AV: 1.331.1347.0, AS: 1.331.1347.0, NIS: 1.331.1347.0 Wersja aparatu: AM: 1.1.17800.5, NIS: 1.1.17800.5 Date: 2021-02-19 10:37:07 Description: Produkt Program antywirusowy Microsoft Defender wykrył złośliwe oprogramowanie lub inne potencjalnie niechciane oprogramowanie. Aby uzyskać więcej informacji, zobacz: https://go.microsoft.com/fwlink/?linkid=37020&name=Trojan:Script/Wacatac.C!ml&threatid=2147749377&enterprise=0 Nazwa: Trojan:Script/Wacatac.C!ml Identyfikator: 2147749377 Ważność: Poważny Kategoria: Koń trojański Ścieżka: file:_C:\Users\j_lis\AppData\Roaming\Smart Clock\SmartClock.exe Pochodzenie wykrycia: Komputer lokalny Typ wykrycia: FastPath Źródło wykrycia: System Użytkownik: ZARZĄDZANIE NT\SYSTEM Nazwa procesu: Unknown Wersja analizy zabezpieczeń: AV: 1.331.1347.0, AS: 1.331.1347.0, NIS: 1.331.1347.0 Wersja aparatu: AM: 1.1.17800.5, NIS: 1.1.17800.5 Date: 2021-02-19 10:37:07 Description: Produkt Program antywirusowy Microsoft Defender wykrył złośliwe oprogramowanie lub inne potencjalnie niechciane oprogramowanie. Aby uzyskać więcej informacji, zobacz: https://go.microsoft.com/fwlink/?linkid=37020&name=Trojan:Script/Wacatac.C!ml&threatid=2147749377&enterprise=0 Nazwa: Trojan:Script/Wacatac.C!ml Identyfikator: 2147749377 Ważność: Poważny Kategoria: Koń trojański Ścieżka: file:_C:\Users\j_lis\AppData\Local\Temp\New Feature\4_ico.exe; file:_C:\Users\j_lis\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\SmartClock.lnk; file:_C:\Users\j_lis\AppData\Roaming\Smart Clock\SmartClock.exe; file:_C:\Windows\System32\Tasks\Smart Clock->(UTF-16LE); process:_pid:7320,ProcessStart:132582010004214650; regkey:_HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{7D10571D-1D7C-4CEA-A45A-9E8462838A23}; regkey:_HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Smart Clock; startup:_C:\Users\j_lis\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\SmartClock.lnk; taskscheduler:_C:\Windows\System32\Tasks\Smart Clock Pochodzenie wykrycia: Komputer lokalny Typ wykrycia: FastPath Źródło wykrycia: System Użytkownik: ZARZĄDZANIE NT\SYSTEM Nazwa procesu: C:\Users\j_lis\AppData\Roaming\Smart Clock\SmartClock.exe Wersja analizy zabezpieczeń: AV: 1.331.1347.0, AS: 1.331.1347.0, NIS: 1.331.1347.0 Wersja aparatu: AM: 1.1.17800.5, NIS: 1.1.17800.5  CodeIntegrity: =============== Date: 2021-02-20 16:25:56 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Program Files\ESET\ESET Security\eamsi.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. ==================== Statystyki pamięci =========================== BIOS: American Megatrends Inc. P4.60 11/03/2020 Płyta główna: ASRock B450M Pro4 Procesor: AMD Ryzen 3 3100 4-Core Processor Procent pamięci w użyciu: 47% Całkowita pamięć fizyczna: 15555.21 MB Dostępna pamięć fizyczna: 8105.72 MB Całkowita pamięć wirtualna: 18627.21 MB Dostępna pamięć wirtualna: 8209.75 MB ==================== Dyski ================================ Drive c: () (Fixed) (Total:465.13 GB) (Free:136.02 GB) NTFS Drive d: () (Fixed) (Total:465.65 GB) (Free:257.75 GB) NTFS Drive e: (Nowy) (Fixed) (Total:183.63 GB) (Free:144.5 GB) NTFS Drive f: () (Fixed) (Total:49.25 GB) (Free:49.04 GB) NTFS \\?\Volume{b52c34e6-68af-4830-b2c5-1c1ced3ec3ea}\ (Odzyskiwanie) (Fixed) (Total:0.52 GB) (Free:0.07 GB) NTFS \\?\Volume{a29ad78c-b612-f5ee-129a-50671beed9db}\ () (Fixed) (Total:5 GB) (Free:0 GB) NTFS \\?\Volume{3186dcf0-b472-d2f0-208d-13ffab2faf58}\ () (Fixed) (Total:0.26 GB) (Free:0 GB) NTFS \\?\Volume{eaca5632-2c1b-ac1d-f709-31a4953839c1}\ () (Fixed) (Total:3.45 GB) (Free:0 GB) NTFS \\?\Volume{ffdbfae7-7385-4c50-b1f7-42c87f23aff2}\ () (Fixed) (Total:0.09 GB) (Free:0.07 GB) FAT32 \\?\Volume{07004ff6-f910-442c-bfd0-15a0158d32b1}\ () (Fixed) (Total:0.09 GB) (Free:0.07 GB) FAT32 ==================== MBR & Tablica partycji ==================== ========================================================== Disk: 0 (MBR Code: Windows 7/8/10) (Size: 465.8 GB) (Disk ID: 727FA4DC) Partition: GPT. ========================================================== Disk: 1 (MBR Code: Windows 7/8/10) (Size: 232.9 GB) (Disk ID: 4E2A4E29) Partition 1: (Not Active) - (Size=157.7 GB) - (Type=42) Partition 2: (Active) - (Size=49.3 GB) - (Type=42) Partition 3: (Not Active) - (Size=25.9 GB) - (Type=42) ========================================================== Disk: 2 (Protective MBR) (Size: 465.8 GB) (Disk ID: 00000000) Partition: GPT. Attempted reading MBR returned 0 bytes. Could not read MBR for disk 3. Attempted reading MBR returned 0 bytes. Could not read MBR for disk 4. Attempted reading MBR returned 0 bytes. Could not read MBR for disk 5. ==================== Koniec Addition.txt =======================