Rezultaty skanu uzupełniającego Farbar Recovery Scan Tool (x64) Wersja: 08-05-2022 Uruchomiony przez yupii (09-05-2022 16:40:07) Uruchomiony z C:\Users\yupii\Downloads Microsoft Windows 11 Pro Wersja 21H2 22000.613 (X64) (2022-04-10 22:40:25) Tryb startu: Normal ========================================================== ==================== Konta użytkowników: ============================= (Załączenie wejścia w fixlist spowoduje jego usunięcie.) Administrator (S-1-5-21-2090396521-915510095-3609056533-500 - Administrator - Disabled) Gość (S-1-5-21-2090396521-915510095-3609056533-501 - Limited - Disabled) Konto domyślne (S-1-5-21-2090396521-915510095-3609056533-503 - Limited - Disabled) WDAGUtilityAccount (S-1-5-21-2090396521-915510095-3609056533-504 - Limited - Disabled) yupii (S-1-5-21-2090396521-915510095-3609056533-1001 - Administrator - Enabled) => C:\Users\yupii ==================== Centrum zabezpieczeń ======================== (Załączenie wejścia w fixlist spowoduje jego usunięcie.) AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} ==================== Zainstalowane programy ====================== (W fixlist dozwolone tylko załączanie programów adware z flagą "Hidden" w celu ich uwidocznienia. Programy adware powinny zostać w poprawny sposób odinstalowane.) 8GadgetPack (HKLM-x32\...\{9004136E-78D3-46A4-893C-C4E38D871243}) (Version: 34.0.0 - 8GadgetPack.net) Adobe Acrobat DC (64-bit) (HKLM\...\{AC76BA86-1045-1033-7760-BC15014EA700}) (Version: 22.001.20117 - Adobe) Adobe Creative Cloud (HKLM-x32\...\Adobe Creative Cloud) (Version: 5.7.1.1 - Adobe Inc.) Adobe Photoshop 2022 (HKLM-x32\...\PHSP_23_3_1) (Version: 23.3.1.426 - Adobe Inc.) AIDA64 Extreme v6.70 (HKLM-x32\...\AIDA64 Extreme_is1) (Version: 6.70 - FinalWire Ltd.) Aplikacje Microsoft 365 dla przedsiębiorstw - pl-pl (HKLM\...\O365ProPlusRetail - pl-pl) (Version: 16.0.15128.20178 - Microsoft Corporation) ARMOURY CRATE Lite Service (HKLM\...\{EF3944FF-2501-4568-B15C-5701E726719E}) (Version: 5.1.4 - ASUS) ASUS AIOFan HAL (HKLM\...\{EAE80DED-1A39-41C5-9F60-87CC947F6454}) (Version: 1.1.45.0 - ASUSTek COMPUTER INC.) Hidden ASUS AIOFan HAL (HKLM-x32\...\{e040e3dd-d66c-4bca-bc40-f9eac8080fee}) (Version: 1.1.45.0 - ASUSTek COMPUTER INC.) Hidden ASUS AURA Extension Card HAL (HKLM\...\{237E1CAC-1708-4940-AC34-DF15C079AB70}) (Version: 1.1.0.18 - ASUSTeK COMPUTER INC.) Hidden ASUS AURA Extension Card HAL (HKLM-x32\...\{4e2b05b0-eb08-41e5-9eb3-cdcc43d6bee0}) (Version: 1.1.0.18 - ASUSTeK COMPUTER INC.) Hidden ASUS AURA Motherboard HAL (HKLM\...\{4EBEAC95-76BC-46A8-8644-6E2F1C87CF70}) (Version: 1.3.0.0 - ASUSTeK COMPUTER INC.) Hidden ASUS AURA Motherboard HAL (HKLM-x32\...\{6085fcf6-a968-45bf-9f5a-ad97944d2cb4}) (Version: 1.3.0.0 - ASUSTeK COMPUTER INC.) Hidden ASUS Aura SDK (HKLM\...\{CF8E6E00-9C03-4440-81C0-21FACB921A6B}) (Version: 3.04.11 - ASUSTek COMPUTER INC.) Hidden ASUS AURA VGA Component (HKLM\...\{71BB96A6-EAC4-45AE-A17D-D3ED43FF1D14}) (Version: 0.0.4.3 - ASUSTek COMPUTER INC. ) Hidden ASUS AURA VGA Component (HKLM-x32\...\{7a0d5159-cb5e-4f66-91f8-bab46f864f14}) (Version: 0.0.4.3 - ASUSTek COMPUTER INC. ) Hidden ASUS Framework Service (HKLM-x32\...\{8bc53c84-d9aa-4cc6-b19c-261f445494dc}) (Version: 2.1.3.0 - ASUSTek COMPUTER INC.) ASUS Framework Service (HKLM-x32\...\{EA6A87BE-8AD3-40D2-944C-9DF5FBFF4332}) (Version: 2.1.3.0 - ASUSTek COMPUTER INC.) Hidden ASUS Motherboard (HKLM-x32\...\{93795eb8-bd86-4d4d-ab27-ff80f9467b37}) (Version: 3.00.20 - ASUSTek Computer Inc.) ASUS Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.107.79 - ASUSTeK Computer Inc.) Hidden Asystent instalacji systemu Windows 11 (HKLM-x32\...\{115DF11E-4B4C-4EA9-9A79-00DB0C7EF02D}) (Version: 1.4.19041.1610 - Microsoft Corporation) AURA DRAM Component (HKLM\...\{9AFE5429-866B-457D-A864-80BCF7672EE8}) (Version: 1.1.18 - ASUS) Hidden AURA DRAM Component (HKLM-x32\...\{c3ae9104-ed9b-4ab5-9eb1-569697f4514b}) (Version: 1.1.18 - ASUS) Hidden AURA lighting effect add-on (HKLM-x32\...\{1E2EA04B-FCA7-457E-B6F4-F33E1858E859}) (Version: 0.0.21 - ASUS) AURA lighting effect add-on x64 (HKLM\...\{C5A4A164-4428-4931-B728-96EEF0FA3C44}) (Version: 0.0.21 - ASUS) AURA Service (HKLM-x32\...\{0E536061-3B55-4D45-BF58-0BDA261C94B0}) (Version: 3.05.40 - ASUSTeK Computer Inc.) Hidden AURA Service (HKLM-x32\...\{a1318319-c95b-48da-beb8-63ed6e4d809a}) (Version: 3.05.40 - ASUSTeK Computer Inc.) Bing Wallpaper (HKLM-x32\...\{980089C2-9D7D-4438-8DAF-C695E82DF18D}) (Version: 1.0.9.8 - Microsoft Corporation) Brother MFL-Pro Suite DCP-7030 (HKLM-x32\...\{46E1B1F2-A279-4356-9B17-029F9CC72EAE}) (Version: 2.0.0.0 - Brother Industries, Ltd.) BUFFALO NAS Navigator2 (HKLM-x32\...\UN060501) (Version: 3.4 - Buffalo Inc.) Cheat Engine 7.4 (HKLM\...\Cheat Engine_is1) (Version: - Cheat Engine) Core Temp 1.17.1 (HKLM\...\{086D343F-8E78-4AFC-81AC-D6D414AFD8AC}_is1) (Version: 1.17.1 - ALCPU) CPUID ASUS CPU-Z 1.97 (HKLM\...\CPUID ASUS CPU-Z_is1) (Version: 1.97 - CPUID, Inc.) CrystalDiskInfo 8.16.4 Shizuku Edition (HKLM\...\CrystalDiskInfo_is1) (Version: 8.16.4 - Crystal Dew World) Discord (HKU\S-1-5-21-2090396521-915510095-3609056533-1001\...\Discord) (Version: 1.0.9004 - Discord Inc.) Dynamic Application Loader Host Interface Service (HKLM\...\{3FD9F3E6-059D-4E4D-8B5B-EBAE90CA882E}) (Version: 1.0.0.0 - Intel Corporation) Hidden ELEX II (HKLM-x32\...\1937944261_is1) (Version: 1.03 - GOG.com) ENE RGB HAL (HKLM\...\{E050E98C-5524-4AFB-9E53-97700BEF2C02}) (Version: 1.1.39.15 - Ene Tech.) Hidden ENE RGB HAL (HKLM-x32\...\{135617a1-0191-4ed9-a0f7-2786a4739018}) (Version: 1.1.39.15 - Ene Tech.) Hidden ENE_EHD_M2_HAL (HKLM\...\{37A48B7F-D4EA-4863-844E-A284E2AA3C5D}) (Version: 1.0.9.12 - ENE TECHNOLOGY INC.) Hidden ENE_EHD_M2_HAL (HKLM-x32\...\{97f3a665-a91b-4def-91e2-97fec9f22bfa}) (Version: 1.0.9.12 - ENE TECHNOLOGY INC.) Hidden Epic Games Launcher (HKLM-x32\...\{2903C323-896A-4129-A163-27DAC73A32B9}) (Version: 1.3.23.0 - Epic Games, Inc.) Epic Games Launcher Prerequisites (x64) (HKLM\...\{F9C5C994-F6B9-4D75-B3E7-AD01B84073E9}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden Epic Online Services (HKLM-x32\...\{758842D2-1538-4008-A8E3-66F65A061C52}) (Version: 2.0.33.0 - Epic Games, Inc.) GameSDK Service (HKLM-x32\...\{1a192f34-128f-43ed-a83d-f998b9d5f646}) (Version: 1.0.0.4 - ASUSTek COMPUTER INC.) GameSDK Service (HKLM-x32\...\{7160DA8D-3F25-4F6E-ABC8-F693551D82FA}) (Version: 1.0.0.4 - ASUSTek COMPUTER INC.) Hidden Intel Gaming Access (HKU\S-1-5-21-2090396521-915510095-3609056533-1001\...\Overwolf_acibipjmghoeafghadnbbjdpofabgdicbjppneee) (Version: 191.2.5 - Overwolf app) Intel Processor Diagnostic Tool 64bit (HKLM\...\{6E05E656-6ED8-49DE-AA9C-C4677F7086C5}) (Version: 4.1.5 - Intel Corporation) Intel(R) Chipset Device Software (HKLM-x32\...\{2d8d3782-0c02-4681-87f4-e004b3d4a8f6}) (Version: 10.1.18838.8284 - Intel(R) Corporation) Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 2149.16.0.2602 - Intel Corporation) Intel(R) Serial IO (HKLM\...\{9FD91C5C-44AE-4D9D-85BE-AE52816B0294}) (Version: 30.100.2131.26 - Intel Corporation) Intel® Processor Identification Utility (HKLM-x32\...\{A2B44755-FA65-450E-A7C2-ECDE9C998602}) (Version: 6.7.24.0211 - Intel Corporation) Kingston AURA DRAM Component (HKLM\...\{965CDF5F-901C-476F-B3A8-7396701B1129}) (Version: 1.1.12 - KINGSTON COMPONENTS INC.) Hidden Kingston AURA DRAM Component (HKLM-x32\...\{2237a879-7fa4-4e21-ae3b-00f6a649b9d9}) (Version: 1.1.12 - KINGSTON COMPONENTS INC.) Hidden Launcher Prerequisites (x64) (HKLM-x32\...\{43a03b9c-4770-409c-a999-587b60700b63}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden Logitech G HUB (HKLM\...\{521c89be-637f-4274-a840-baaf7460c2b2}) (Version: 2022.4.250563 - Logitech) Mass Effect™: Andromeda (HKLM-x32\...\{72BBCA87-9350-48BC-9E2F-6DBC1E80C993}) (Version: 1.0.0.10 - Electronic Arts) Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 101.0.1210.39 - Microsoft Corporation) Microsoft Edge (HKU\S-1-5-21-2090396521-915510095-3609056533-1001\...\Microsoft Edge) (Version: 101.0.1210.39 - Microsoft Corporation) Microsoft OneDrive (HKLM\...\OneDriveSetup.exe) (Version: 22.077.0410.0007 - Microsoft Corporation) Microsoft Teams (HKU\S-1-5-21-2090396521-915510095-3609056533-1001\...\Teams) (Version: 1.4.00.32771 - Microsoft Corporation) Microsoft Update Health Tools (HKLM\...\{6A2A8076-135F-4F55-BB02-DED67C8C6934}) (Version: 4.67.0.0 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (HKLM-x32\...\{15134cb0-b767-4960-a911-f2d16ae54797}) (Version: 11.0.50727.1 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 (HKLM-x32\...\{22154f09-719a-4619-bb71-5b3356999fbf}) (Version: 11.0.50727.1 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40664 (HKLM-x32\...\{042d26ef-3dbe-4c25-95d3-4c1b11b235a7}) (Version: 12.0.40664.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.40664 (HKLM-x32\...\{9dff3540-fc85-4ed5-ac84-9e3c7fd8bece}) (Version: 12.0.40664.0 - Microsoft Corporation) Microsoft Visual C++ 2015-2019 Redistributable (x64) - 14.28.29913 (HKLM-x32\...\{855e31d2-9031-46e1-b06d-c9d7777deefb}) (Version: 14.28.29913.0 - Microsoft Corporation) Microsoft Visual C++ 2015-2019 Redistributable (x86) - 14.28.29334 (HKLM-x32\...\{b2d0f752-adc5-496e-8f70-8669de01f746}) (Version: 14.28.29334.0 - Microsoft Corporation) MPC-HC 1.9.21.2 (6167a9d8c) Nightly (64-bit) (HKLM\...\{2ACBF1FA-F5C3-4B19-A774-B22A31F231B9}_is1) (Version: 1.9.21.2 - MPC-HC Team) MSI Afterburner 4.6.4 (HKLM-x32\...\Afterburner) (Version: 4.6.4 - MSI Co., LTD) Notepad++ (64-bit x64) (HKLM\...\Notepad++) (Version: 8.3.3 - Notepad++ Team) NVIDIA FrameView SDK 1.2.7521.31103277 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_FrameViewSdk) (Version: 1.2.7521.31103277 - NVIDIA Corporation) NVIDIA GeForce Experience 3.25.1.27 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.25.1.27 - NVIDIA Corporation) NVIDIA Oprogramowanie systemu PhysX 9.21.0713 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.21.0713 - NVIDIA Corporation) NVIDIA Sterownik dźwięku HD 1.3.39.3 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.39.3 - NVIDIA Corporation) NVIDIA Sterownik graficzny 512.59 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 512.59 - NVIDIA Corporation) NZXT CAM 4.34.2 (HKLM\...\ac0666ae-ee66-5310-ac01-9d6348133b2d) (Version: 4.34.2 - NZXT, Inc.) Office 16 Click-to-Run Extensibility Component (HKLM\...\{90160000-008C-0000-1000-0000000FF1CE}) (Version: 16.0.15128.20146 - Microsoft Corporation) Hidden Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-007E-0000-1000-0000000FF1CE}) (Version: 16.0.15128.20178 - Microsoft Corporation) Hidden Office 16 Click-to-Run Localization Component (HKLM\...\{90160000-008C-0415-1000-0000000FF1CE}) (Version: 16.0.15128.20178 - Microsoft Corporation) Hidden Opera GX Stable 85.0.4341.72 (HKU\S-1-5-21-2090396521-915510095-3609056533-1001\...\Opera GX 85.0.4341.72) (Version: 85.0.4341.72 - Opera Software) Origin (HKLM-x32\...\Origin) (Version: 10.5.112.50486 - Electronic Arts, Inc.) Overwolf (HKLM-x32\...\Overwolf) (Version: 0.195.0.18 - Overwolf Ltd.) Patriot Viper DRAM RGB (HKLM\...\{1F9C282E-CCB4-4D8E-A5CB-7B74DFCD8C95}) (Version: 1.0.9.2 - Patriot Memory) Hidden Patriot Viper DRAM RGB (HKLM-x32\...\{fdc098ce-d76c-4e2e-a0a6-01a24e9a1f7d}) (Version: 1.0.9.2 - Patriot Memory) Patriot Viper M2 SSD RGB (HKLM\...\{8B4C0A3D-C135-4E1F-98D8-3926494B4D61}) (Version: 1.0.6.5 - Patriot Memory) Hidden Patriot Viper M2 SSD RGB (HKLM-x32\...\{387596e5-692e-4baf-bec2-3338d555df7a}) (Version: 1.0.6.5 - Patriot Memory) PHISON HAL (HKLM\...\{966E33F0-6786-4B38-AA29-C1B3F6C1955D}) (Version: 1.0.9.0 - PHISON Electronics Corp.) Hidden PHISON HAL (HKLM-x32\...\{549da357-1b81-456b-83f2-dcc47c41dfff}) (Version: 1.0.9.0 - PHISON Electronics Corp.) Hidden Realtek Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.9126.1 - Realtek Semiconductor Corp.) Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 10.50.511.2021 - Realtek) Remote System Monitor Server (HKLM-x32\...\RSMS) (Version: 3.66 - TRIGONE) RivaTuner Statistics Server 7.3.3 (HKLM-x32\...\RTSS) (Version: 7.3.3 - Unwinder) Rockstar Games Launcher (HKLM-x32\...\Rockstar Games Launcher) (Version: 1.0.57.785 - Rockstar Games) Rockstar Games Social Club (HKLM-x32\...\Rockstar Games Social Club) (Version: 2.1.3.2 - Rockstar Games) ROG FAN XPERT 4 (HKLM-x32\...\{2dfe216d-3481-4684-ad4d-2566bd7cfe4f}) (Version: 2.00.08 - ASUSTek Computer Inc.) ROG Live Service (HKLM-x32\...\{2D87BFB6-C184-4A59-9BBE-3E20CE797631}) (Version: 1.4.5.0 - ASUSTek COMPUTER INC.) spacedesk Windows DRIVER (HKLM\...\{D06EA7A6-EBC0-421F-A8B4-4CC648E9219E}) (Version: 0.9.1122.0 - datronicsoft Inc.) Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation) Środowisko uruchomieniowe Microsoft Edge WebView2 (HKLM-x32\...\Microsoft EdgeWebView) (Version: 101.0.1210.39 - Microsoft Corporation) Teams Machine-Wide Installer (HKLM-x32\...\{731F6BAA-A986-45A4-8936-7C3AAAAA760B}) (Version: 1.4.0.32771 - Microsoft Corporation) They Are Billions (HKLM-x32\...\1335738339_is1) (Version: 1.1.4.10 - GOG.com) Ubisoft Connect (HKLM-x32\...\Uplay) (Version: 130.1.10657 - Ubisoft) Universal Holtek RGB DRAM (HKLM\...\{826388E4-E31F-4514-948B-3BB954FB3EAF}) (Version: 1.0.0.2 - PD) Hidden Universal Holtek RGB DRAM (HKLM-x32\...\{6870588f-9f28-488b-a169-cf548ad6b393}) (Version: 1.0.0.2 - PD) UXP WebView Support (HKLM-x32\...\UXPW_1_1_0) (Version: 1.1.0 - Adobe Inc.) Vuze (HKLM\...\8461-7759-5462-8226) (Version: 5.7.7.0 - Azureus Software, Inc.) WD_BLACK AN1500 (HKLM\...\{085E2365-0A70-4230-B664-02D5E4FE7E9C}) (Version: 1.0.14.0 - ENE TECHNOLOGY INC.) Hidden WD_BLACK AN1500 (HKLM-x32\...\{e42c5874-37b0-4977-9e8d-70bf006e1f76}) (Version: 1.0.14.0 - ENE TECHNOLOGY INC.) Hidden WinRAR 5.61 (64-bitowy) (HKLM\...\WinRAR archiver) (Version: 5.61.0 - win.rar GmbH) XtremeTuner (HKLM-x32\...\XtremeTuner) (Version: 1.0.6.6 - Galaxy Microsystems Ltd.) Packages: ========= Adobe Notification Client -> C:\Program Files\WindowsApps\AdobeNotificationClient_3.0.1.1_x86__enpm4xejd91yc [2022-04-21] (Adobe Systems Incorporated) ARMOURY CRATE -> C:\Program Files\WindowsApps\B9ECED6F.ArmouryCrate_5.1.5.0_x64__qmba6cd70vzyy [2022-04-11] (ASUSTeK COMPUTER INC.) Dolby Access -> C:\Program Files\WindowsApps\DolbyLaboratories.DolbyAccess_3.12.419.0_x64__rz1tebttyb220 [2022-04-11] (Dolby Laboratories) Free Timer App -> C:\Program Files\WindowsApps\ComfortSoftwareGroup.FreeTimerApp_5.2.1.0_x64__2tsmkga83t66w [2022-04-13] (Comfort Software Group) [Startup Task] Intel® Optane™ Memory and Storage Management -> C:\Program Files\WindowsApps\AppUp.IntelOptaneMemoryandStorageManagement_19.0.1026.0_x64__8j3eq9eme6ctt [2022-04-25] (INTEL CORP) Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.12.3171.0_x64__8wekyb3d8bbwe [2022-04-25] (Microsoft Studios) [MS Ad] NVIDIA Control Panel -> C:\Program Files\WindowsApps\nvidiacorp.nvidiacontrolpanel_8.1.962.0_x64__56jybvy8sckqj [2022-04-27] (NVIDIA Corp.) Pantone Color of the Year 2022 -> C:\Program Files\WindowsApps\MicrosoftCorporationII.PantoneColoroftheYear2022_1.0.0.0_neutral__8wekyb3d8bbwe [2022-04-11] (Microsoft Corp.) Realtek Audio Control -> C:\Program Files\WindowsApps\RealtekSemiconductorCorp.RealtekAudioControl_1.25.245.0_x64__dt26b99r8h8gj [2022-04-11] (Realtek Semiconductor Corp) Spotify Music -> C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.184.716.0_x86__zpdnekdrzrea0 [2022-04-29] (Spotify AB) [Startup Task] ==================== Niestandardowe rejestracje CLSID (filtrowane): ============== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) CustomCLSID: HKU\S-1-5-21-2090396521-915510095-3609056533-1001_Classes\CLSID\{04271989-C4D2-29E7-85E5-6A96F1AD529E} -> [OneDrive - nwjdz.zfhyg] => F:\OneDrive - nwjdz.zfhyg [2020-07-17 08:54] CustomCLSID: HKU\S-1-5-21-2090396521-915510095-3609056533-1001_Classes\CLSID\{083f5ae0-2b0a-11dd-bd0b-0800200c9a66}\InprocServer32 -> C:\Users\yupii\AppData\Local\Microsoft\Windows Sidebar\Gadgets\All_CPU_Meter.gadget\CoreTempReader.dll (AddGadgets IT -> ) CustomCLSID: HKU\S-1-5-21-2090396521-915510095-3609056533-1001_Classes\CLSID\{0B7AD8D3-094A-44DE-A348-83C6C3FA347C}\InprocServer32 -> C:\Users\yupii\AppData\Local\Microsoft\Windows Sidebar\Gadgets\Clipboarder.gadget\Release\Clipboarder64.dll (Helmut Buhler) [Brak podpisu cyfrowego] CustomCLSID: HKU\S-1-5-21-2090396521-915510095-3609056533-1001_Classes\CLSID\{0E270DAA-1BE6-48F2-AC49-9F2501D7BE6A} -> [Creative Cloud Files] => C:\Users\yupii\Creative Cloud Files [2022-04-11 23:48] CustomCLSID: HKU\S-1-5-21-2090396521-915510095-3609056533-1001_Classes\CLSID\{0E7BE950-4ACC-47CB-834B-41A8B96BBFF9}\InprocServer32 -> C:\Users\yupii\AppData\Local\Microsoft\Windows Sidebar\Gadgets\Sidebar7.gadget\Release\Sidebar7.64.dll (Helmut Buhler) [Brak podpisu cyfrowego] CustomCLSID: HKU\S-1-5-21-2090396521-915510095-3609056533-1001_Classes\CLSID\{19A6E644-14E6-4A60-B8D7-DD20610A871D}\InprocServer32 -> C:\Users\yupii\AppData\Local\Microsoft\TeamsMeetingAddin\1.0.21264.3\x64\Microsoft.Teams.AddinLoader.dll (Microsoft Corporation -> Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-2090396521-915510095-3609056533-1001_Classes\CLSID\{25815CC0-43F4-3C75-8C3A-A139D9ADE740}\InprocServer32 -> C:\Users\yupii\AppData\Local\Microsoft\Windows Sidebar\Gadgets\Network_Meter_V8.4.gadget\netlib.dll (AddGadgets IT -> Jonathan Abbott) CustomCLSID: HKU\S-1-5-21-2090396521-915510095-3609056533-1001_Classes\CLSID\{2F81B25E-7507-4844-BFF2-77D2CC24CED4}\localserver32 -> C:\Program Files\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe (Adobe Inc. -> Adobe Inc.) CustomCLSID: HKU\S-1-5-21-2090396521-915510095-3609056533-1001_Classes\CLSID\{5b55a44a-d008-49aa-9234-86fb7709bc0a}\InprocServer32 -> C:\Users\yupii\AppData\Local\Microsoft\Windows Sidebar\Gadgets\GPU_Meter.gadget\GPUStatusReader.dll (AddGadgets IT -> Orbmu2k) CustomCLSID: HKU\S-1-5-21-2090396521-915510095-3609056533-1001_Classes\CLSID\{5EA43877-C6D8-4885-B77A-C0BB27E94372}\InprocServer32 -> C:\Users\yupii\AppData\Local\Microsoft\EdgeUpdate\1.3.161.35\psuser_64.dll (Microsoft Corporation -> Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-2090396521-915510095-3609056533-1001_Classes\CLSID\{71A728BB-0769-4F45-9880-2BABA2C6FD35}\InprocServer32 -> C:\Users\yupii\AppData\Local\Microsoft\EdgeUpdate\1.3.157.61\psuser_64.dll => Brak pliku CustomCLSID: HKU\S-1-5-21-2090396521-915510095-3609056533-1001_Classes\CLSID\{81093D63-7825-417B-BFC8-ADC63FA4E53D}\InprocServer32 -> C:\Users\yupii\AppData\Local\Microsoft\EdgeUpdate\1.3.161.35\psuser_64.dll (Microsoft Corporation -> Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-2090396521-915510095-3609056533-1001_Classes\CLSID\{9CCE22DC-79C6-42A2-B005-864842A35AF3}\InprocServer32 -> C:\Users\yupii\AppData\Local\Microsoft\EdgeUpdate\1.3.155.77\psuser_64.dll => Brak pliku CustomCLSID: HKU\S-1-5-21-2090396521-915510095-3609056533-1001_Classes\CLSID\{A4FEF2CE-E494-419e-ABCC-B2E993FB6BC0}\InprocServer32 -> C:\Users\yupii\AppData\Local\Microsoft\Windows Sidebar\Gadgets\GlassyCPUMonitor.gadget\Release\ProcessMonitor64.dll (TODO: ) [Brak podpisu cyfrowego] CustomCLSID: HKU\S-1-5-21-2090396521-915510095-3609056533-1001_Classes\CLSID\{AA0C8DF4-8EEB-489C-A922-5B6D264C19E8}\InprocServer32 -> C:\Users\yupii\AppData\Local\Microsoft\EdgeUpdate\1.3.161.35\psuser_64.dll (Microsoft Corporation -> Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-2090396521-915510095-3609056533-1001_Classes\CLSID\{e8c77137-e224-5791-b6e9-ff0305797a13}\InprocServer32 -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Inc. -> Adobe Systems) ShellIconOverlayIdentifiers: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Program Files\Microsoft OneDrive\22.077.0410.0007\FileSyncShell64.dll [2022-04-28] (Microsoft Corporation -> Microsoft Corporation) ShellIconOverlayIdentifiers: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => C:\Program Files\Microsoft OneDrive\22.077.0410.0007\FileSyncShell64.dll [2022-04-28] (Microsoft Corporation -> Microsoft Corporation) ShellIconOverlayIdentifiers: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => C:\Program Files\Microsoft OneDrive\22.077.0410.0007\FileSyncShell64.dll [2022-04-28] (Microsoft Corporation -> Microsoft Corporation) ShellIconOverlayIdentifiers: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Program Files\Microsoft OneDrive\22.077.0410.0007\FileSyncShell64.dll [2022-04-28] (Microsoft Corporation -> Microsoft Corporation) ShellIconOverlayIdentifiers: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Program Files\Microsoft OneDrive\22.077.0410.0007\FileSyncShell64.dll [2022-04-28] (Microsoft Corporation -> Microsoft Corporation) ShellIconOverlayIdentifiers: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => C:\Program Files\Microsoft OneDrive\22.077.0410.0007\FileSyncShell64.dll [2022-04-28] (Microsoft Corporation -> Microsoft Corporation) ShellIconOverlayIdentifiers: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => C:\Program Files\Microsoft OneDrive\22.077.0410.0007\FileSyncShell64.dll [2022-04-28] (Microsoft Corporation -> Microsoft Corporation) ShellIconOverlayIdentifiers: [ AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2022-03-28] (Adobe Inc. -> ) ShellIconOverlayIdentifiers: [ AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2022-03-28] (Adobe Inc. -> ) ShellIconOverlayIdentifiers: [ AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2022-03-28] (Adobe Inc. -> ) ShellIconOverlayIdentifiers-x32: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Program Files\Microsoft OneDrive\22.077.0410.0007\FileSyncShell64.dll [2022-04-28] (Microsoft Corporation -> Microsoft Corporation) ShellIconOverlayIdentifiers-x32: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => C:\Program Files\Microsoft OneDrive\22.077.0410.0007\FileSyncShell64.dll [2022-04-28] (Microsoft Corporation -> Microsoft Corporation) ShellIconOverlayIdentifiers-x32: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => C:\Program Files\Microsoft OneDrive\22.077.0410.0007\FileSyncShell64.dll [2022-04-28] (Microsoft Corporation -> Microsoft Corporation) ShellIconOverlayIdentifiers-x32: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Program Files\Microsoft OneDrive\22.077.0410.0007\FileSyncShell64.dll [2022-04-28] (Microsoft Corporation -> Microsoft Corporation) ShellIconOverlayIdentifiers-x32: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Program Files\Microsoft OneDrive\22.077.0410.0007\FileSyncShell64.dll [2022-04-28] (Microsoft Corporation -> Microsoft Corporation) ShellIconOverlayIdentifiers-x32: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => C:\Program Files\Microsoft OneDrive\22.077.0410.0007\FileSyncShell64.dll [2022-04-28] (Microsoft Corporation -> Microsoft Corporation) ShellIconOverlayIdentifiers-x32: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => C:\Program Files\Microsoft OneDrive\22.077.0410.0007\FileSyncShell64.dll [2022-04-28] (Microsoft Corporation -> Microsoft Corporation) ContextMenuHandlers1: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files\Microsoft OneDrive\22.077.0410.0007\FileSyncShell64.dll [2022-04-28] (Microsoft Corporation -> Microsoft Corporation) ContextMenuHandlers1: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2022-03-28] (Adobe Inc. -> ) ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} => C:\Program Files\Notepad++\NppShell_06.dll [2022-03-14] (Notepad++ -> ) ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2018-10-27] (win.rar GmbH -> Alexander Roshal) ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2018-10-27] (win.rar GmbH -> Alexander Roshal) ContextMenuHandlers4: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files\Microsoft OneDrive\22.077.0410.0007\FileSyncShell64.dll [2022-04-28] (Microsoft Corporation -> Microsoft Corporation) ContextMenuHandlers5: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files\Microsoft OneDrive\22.077.0410.0007\FileSyncShell64.dll [2022-04-28] (Microsoft Corporation -> Microsoft Corporation) ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_4d7400884d0d52e3\nvshext.dll [2022-04-21] (Nvidia Corporation -> NVIDIA Corporation) ContextMenuHandlers6: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2022-03-28] (Adobe Inc. -> ) ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2018-10-27] (win.rar GmbH -> Alexander Roshal) ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2018-10-27] (win.rar GmbH -> Alexander Roshal) ==================== Codecs (filtrowane) ==================== (Załączenie wejścia w fixlist spowoduje usunięcie obiektu z rejestru lub przywrócenie jego domyślnej postaci. Powiązany plik nie zostanie przeniesiony.) HKLM\...\Drivers32: [VIDC.RTV1] => C:\WINDOWS\system32\rtvcvfw64.dll [246272 2012-09-28] () [Brak podpisu cyfrowego] HKLM\...\Drivers32: [VIDC.RTV1] => C:\Windows\SysWOW64\rtvcvfw32.dll [247296 2012-09-28] () [Brak podpisu cyfrowego] ==================== Skróty & WMI ======================== ==================== Załadowane moduły (filtrowane) ============= 2022-04-27 11:44 - 2011-09-08 13:41 - 000008192 _____ () [Brak podpisu cyfrowego] [Plik w użyciu] C:\Program Files\Core Temp\plugins\CoreTempRemoteServer\SystemInfo.dll 2022-01-10 07:36 - 2022-01-10 07:36 - 000515584 _____ () [Brak podpisu cyfrowego] \\?\C:\Program Files (x86)\ASUS\ArmouryDevice\node_modules\ac_node_addon\prebuilds\win32-ia32\node.napi.node 2022-01-11 16:52 - 2022-01-11 16:52 - 000479744 _____ () [Brak podpisu cyfrowego] \\?\C:\Program Files (x86)\ASUS\ArmouryDevice\node_modules\ffi-napi\prebuilds\win32-ia32\node.napi.node 2022-01-11 16:52 - 2022-01-11 16:52 - 000470016 _____ () [Brak podpisu cyfrowego] \\?\C:\Program Files (x86)\ASUS\ArmouryDevice\node_modules\ref-napi\prebuilds\win32-ia32\node.napi.node 2022-01-10 07:36 - 2022-01-10 07:36 - 000832512 _____ () [Brak podpisu cyfrowego] \\?\C:\Program Files (x86)\ASUS\ArmouryDevice\node_modules\usb-detection\prebuilds\win32-ia32\node.napi.node 2022-04-15 10:59 - 2022-04-15 10:59 - 000151040 _____ () [Brak podpisu cyfrowego] \\?\C:\Program Files\LGHUB\resources\app.asar.unpacked\node_modules\keytar\build\Release\keytar.node 2022-04-23 01:57 - 2022-01-12 16:43 - 000093184 _____ () [Brak podpisu cyfrowego] C:\Program Files (x86)\ASUS\ArmouryDevice\dll\ArmourySocketServer\zlibwapi.dll 2021-12-23 15:51 - 2021-12-23 15:51 - 000081920 _____ () [Brak podpisu cyfrowego] C:\Program Files (x86)\ASUS\ArmouryDevice\dll\WindowID\WindowID.dll 2022-04-11 09:25 - 2009-02-27 16:38 - 000139264 ____R () [Brak podpisu cyfrowego] C:\Program Files (x86)\Brother\BrUtilities\BrLogAPI.dll 2022-04-26 11:20 - 2021-07-13 08:09 - 000014848 _____ () [Brak podpisu cyfrowego] C:\Users\yupii\AppData\Local\Microsoft\Windows Sidebar\Gadgets\Sidebar7.gadget\Release\AccentColor.64.dll 2022-04-27 11:44 - 2013-04-15 19:40 - 000013824 _____ (Alcpu) [Brak podpisu cyfrowego] [Plik w użyciu] C:\Program Files\Core Temp\plugins\CoreTempRemoteServer\CoreTempPluginProxy.dll 2022-04-27 11:44 - 2013-04-15 19:17 - 000112128 _____ (Alcpu) [Brak podpisu cyfrowego] C:\Program Files\Core Temp\plugins\CoreTempRemoteServer\PluginNetInterface-x64.dll 2020-05-26 17:08 - 2020-05-26 17:08 - 002831360 _____ (Apache Software Foundation) [Brak podpisu cyfrowego] C:\Program Files (x86)\LightingService\log4cxx.dll 2022-04-11 09:25 - 2008-08-18 18:27 - 000122880 _____ (Brother Industries, Ltd.) [Brak podpisu cyfrowego] C:\Program Files (x86)\Brother\Brmfcmon\brlmw03a.dll 2022-04-11 09:25 - 2011-04-08 11:11 - 000159744 _____ (Brother Industries, Ltd.) [Brak podpisu cyfrowego] C:\Program Files (x86)\Brother\Brmfcmon\BRMFCWNDEng.dll 2022-04-11 09:25 - 2010-03-10 18:16 - 000770048 _____ (Brother Industries, Ltd.) [Brak podpisu cyfrowego] C:\Program Files (x86)\Brother\ControlCenter3\brccDCtl.dll 2022-04-11 09:25 - 2010-03-29 01:01 - 000151552 _____ (Brother Industries, Ltd.) [Brak podpisu cyfrowego] C:\Program Files (x86)\Brother\ControlCenter3\brcceng.dll 2022-04-11 09:25 - 2012-10-09 15:30 - 000372736 _____ (Brother Industries, Ltd.) [Brak podpisu cyfrowego] C:\Program Files (x86)\Brother\ControlCenter3\brccFCtl.dll 2022-04-11 09:25 - 2009-09-28 13:38 - 005390336 _____ (Brother Industries, Ltd.) [Brak podpisu cyfrowego] C:\Program Files (x86)\Brother\ControlCenter3\brccimg.dll 2022-04-29 17:15 - 2019-09-04 15:18 - 000196608 ____N (BUFFALO INC.) [Brak podpisu cyfrowego] C:\Program Files (x86)\BUFFALO\NASNAVI\nasdmn.dll 2022-04-29 17:15 - 2019-09-04 15:18 - 000323584 ____N (BUFFALO INC.) [Brak podpisu cyfrowego] C:\Program Files (x86)\BUFFALO\NASNAVI\nasexo.dll 2022-04-26 11:20 - 2021-07-13 08:45 - 000662528 _____ (Helmut Buhler) [Brak podpisu cyfrowego] C:\Program Files\Windows Sidebar\dwmapi.dll 2022-04-26 11:20 - 2021-04-10 09:29 - 000485376 _____ (Helmut Buhler) [Brak podpisu cyfrowego] C:\Users\yupii\AppData\Local\Microsoft\Windows Sidebar\Gadgets\Sidebar7.gadget\Release\Sidebar7.64.dll 2022-04-11 09:25 - 2003-06-30 00:00 - 000259584 _____ (LEAD Technologies, Inc.) [Brak podpisu cyfrowego] C:\Program Files (x86)\Brother\ControlCenter3\LTDIS12n.dll 2022-04-11 09:25 - 2005-07-05 00:00 - 000131584 _____ (LEAD Technologies, Inc.) [Brak podpisu cyfrowego] C:\Program Files (x86)\Brother\ControlCenter3\LTFIL12n.DLL 2022-04-11 09:25 - 2003-06-30 00:00 - 000406016 _____ (LEAD Technologies, Inc.) [Brak podpisu cyfrowego] C:\Program Files (x86)\Brother\ControlCenter3\LTKRN12n.dll 2022-04-26 11:20 - 2012-05-19 06:16 - 000083456 _____ (Microsoft Corporation) [Brak podpisu cyfrowego] C:\Program Files\Windows Sidebar\sbdrop.dll 2022-04-27 11:44 - 2013-04-21 14:21 - 000026112 _____ (Microsoft) [Brak podpisu cyfrowego] [Plik w użyciu] C:\Program Files\Core Temp\plugins\CoreTempRemoteServer\CoreTempRemoteServer.dll 2022-04-27 11:44 - 2011-09-08 13:41 - 000011776 _____ (Microsoft) [Brak podpisu cyfrowego] [Plik w użyciu] C:\Program Files\Core Temp\plugins\CoreTempRemoteServer\Logger.dll 2022-04-27 11:44 - 2011-09-08 13:41 - 000013312 _____ (Microsoft) [Brak podpisu cyfrowego] [Plik w użyciu] C:\Program Files\Core Temp\plugins\CoreTempRemoteServer\TcpServer.dll 2022-04-23 01:57 - 2022-01-12 16:43 - 003394560 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [Brak podpisu cyfrowego] C:\Program Files (x86)\ASUS\ArmouryDevice\dll\ArmourySocketServer\libcrypto-1_1-x64.dll 2022-04-23 01:57 - 2022-01-12 16:43 - 000679424 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [Brak podpisu cyfrowego] C:\Program Files (x86)\ASUS\ArmouryDevice\dll\ArmourySocketServer\libssl-1_1-x64.dll 2022-04-14 19:38 - 2022-04-14 19:38 - 001282048 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [Brak podpisu cyfrowego] C:\Program Files (x86)\Origin\LIBEAY32.dll 2022-04-14 19:38 - 2022-04-14 19:38 - 000279040 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [Brak podpisu cyfrowego] C:\Program Files (x86)\Origin\ssleay32.dll 2022-04-14 19:38 - 2022-04-14 19:38 - 001611264 _____ (The Qt Company Ltd) [Brak podpisu cyfrowego] C:\Program Files (x86)\Origin\platforms\qwindows.dll 2022-04-14 19:38 - 2022-04-14 19:38 - 005487104 _____ (The Qt Company Ltd) [Brak podpisu cyfrowego] C:\Program Files (x86)\Origin\Qt5Core.dll 2022-04-14 19:38 - 2022-04-14 19:38 - 005841920 _____ (The Qt Company Ltd) [Brak podpisu cyfrowego] C:\Program Files (x86)\Origin\Qt5Gui.dll 2022-04-14 19:38 - 2022-04-14 19:38 - 001179136 _____ (The Qt Company Ltd) [Brak podpisu cyfrowego] C:\Program Files (x86)\Origin\Qt5Network.dll 2022-04-14 19:38 - 2022-04-14 19:38 - 000146432 _____ (The Qt Company Ltd) [Brak podpisu cyfrowego] C:\Program Files (x86)\Origin\Qt5WebSockets.dll 2022-04-14 19:38 - 2022-04-14 19:38 - 005089792 _____ (The Qt Company Ltd) [Brak podpisu cyfrowego] C:\Program Files (x86)\Origin\Qt5Widgets.dll 2022-04-14 19:38 - 2022-04-14 19:38 - 000184832 _____ (The Qt Company Ltd) [Brak podpisu cyfrowego] C:\Program Files (x86)\Origin\Qt5Xml.dll ==================== Alternate Data Streams (filtrowane) ======== ==================== Tryb awaryjny (filtrowane) ================== ==================== Powiązania plików (filtrowane) ================= ==================== Internet Explorer (filtrowane) ========== BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\Office16\OCHelper.dll [2022-04-11] (Microsoft Corporation -> Microsoft Corporation) BHO: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\root\Office16\GROOVEEX.DLL [2022-05-02] (Microsoft Corporation -> Microsoft Corporation) BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2022-04-11] (Microsoft Corporation -> Microsoft Corporation) BHO-x32: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\GROOVEEX.DLL [2022-05-02] (Microsoft Corporation -> Microsoft Corporation) Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2022-05-02] (Microsoft Corporation -> Microsoft Corporation) Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2022-05-02] (Microsoft Corporation -> Microsoft Corporation) Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2022-05-02] (Microsoft Corporation -> Microsoft Corporation) Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2022-05-02] (Microsoft Corporation -> Microsoft Corporation) Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2022-05-02] (Microsoft Corporation -> Microsoft Corporation) Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2022-05-02] (Microsoft Corporation -> Microsoft Corporation) Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2022-05-02] (Microsoft Corporation -> Microsoft Corporation) Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2022-05-02] (Microsoft Corporation -> Microsoft Corporation) (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru.) IE trusted site: HKU\S-1-5-21-2090396521-915510095-3609056533-1001\...\sharepoint.com -> hxxps://getyxh-files.sharepoint.com ==================== Hosts - zawartość: ========================= (Użycie dyrektywy Hosts: w fixlist spowoduje reset pliku Hosts.) 2022-04-11 01:30 - 2022-04-11 01:29 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts ==================== Inne obszary =========================== (Obecnie brak automatycznej naprawy dla tej sekcji.) HKU\S-1-5-21-2090396521-915510095-3609056533-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\yupii\AppData\Local\Microsoft\BingWallpaperApp\WPImages\20220509.jpg DNS Servers: 195.242.134.8 - 195.242.134.25 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1) HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: ) Zapora systemu Windows [funkcja włączona] ==================== MSCONFIG/TASK MANAGER - Wyłączone elementy == (Załączenie wejścia w fixlist spowoduje jego usunięcie.) HKLM\...\StartupApproved\StartupFolder: => "NAS Scheduler.lnk" HKLM\...\StartupApproved\StartupFolder: => "BUFFALO NAS Navigator2.lnk" HKLM\...\StartupApproved\Run: => "AdobeAAMUpdater-1.0" HKLM\...\StartupApproved\Run32: => "Adobe CCXProcess" HKLM\...\StartupApproved\Run32: => "Adobe Creative Cloud" HKLM\...\StartupApproved\Run32: => "TeamsMachineInstaller" HKU\S-1-5-21-2090396521-915510095-3609056533-1001\...\StartupApproved\StartupFolder: => "Intel® Processor Identification Utility.lnk" HKU\S-1-5-21-2090396521-915510095-3609056533-1001\...\StartupApproved\Run: => "Opera GX Stable" HKU\S-1-5-21-2090396521-915510095-3609056533-1001\...\StartupApproved\Run: => "Adobe Acrobat Synchronizer" HKU\S-1-5-21-2090396521-915510095-3609056533-1001\...\StartupApproved\Run: => "Opera GX Browser Assistant" HKU\S-1-5-21-2090396521-915510095-3609056533-1001\...\StartupApproved\Run: => "Discord" ==================== Reguły Zapory systemu Windows (filtrowane) ================ (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) FirewallRules: [{1E26B204-F4B8-4350-867E-79083D1BD13C}] => (Allow) C:\Program Files (x86)\ASUS\ROG Live Service\ROGLiveService.exe (ASUSTeK COMPUTER INC. -> ASUSTek COMPUTER INC.) FirewallRules: [{7A48F1FC-059C-473D-B071-8696BE81AD55}] => (Allow) C:\Program Files (x86)\ASUS\ROG Live Service\ROGLiveService.exe (ASUSTeK COMPUTER INC. -> ASUSTek COMPUTER INC.) FirewallRules: [{6F162939-D75A-4C3A-ACBD-AA3F57EEB63C}] => (Allow) C:\Program Files (x86)\ASUS\ArmouryDevice\asus_framework.exe (ASUSTeK COMPUTER INC. -> ASUSTek Computer Inc.) FirewallRules: [{8DB4F6B6-649F-44F9-850D-10319FA44DA2}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [{D4EAB421-DBE4-4F92-8468-F64A58238937}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [{A1846EF3-0FC9-497A-B32D-A204DDE19D1D}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [{18BE2774-EB4E-44C2-A758-E5C64CFEE6D3}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [{6923C7F1-9D01-4A73-8BB7-1A6B9F6756C1}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [{99DF5EA1-C200-4F04-BB23-C75463AA7D06}] => (Allow) C:\Program Files\Vuze\Azureus.exe (Azureus Software, Inc. -> Azureus Software, Inc) FirewallRules: [{2DE0ACDE-C7D2-45B0-8030-AB07D3D32C92}] => (Allow) C:\Program Files\Vuze\Azureus.exe (Azureus Software, Inc. -> Azureus Software, Inc) FirewallRules: [TCP Query User{EDA6C866-F490-4306-823F-E23D186D9E7A}C:\program files (x86)\xtremetuner\xtremetuner\xtreme tuner.exe] => (Allow) C:\program files (x86)\xtremetuner\xtremetuner\xtreme tuner.exe (Galaxy Microsystems Ltd. -> Galaxy Microsystems Ltd) FirewallRules: [UDP Query User{E6603FF5-2D5A-4AF5-965C-BED035A2ED6E}C:\program files (x86)\xtremetuner\xtremetuner\xtreme tuner.exe] => (Allow) C:\program files (x86)\xtremetuner\xtremetuner\xtreme tuner.exe (Galaxy Microsystems Ltd. -> Galaxy Microsystems Ltd) FirewallRules: [TCP Query User{0F9B9F24-E801-4394-8D5B-711574F5E61D}C:\users\yupii\appdata\local\programs\opera gx\opera.exe] => (Allow) C:\users\yupii\appdata\local\programs\opera gx\opera.exe (Opera Software AS -> Opera Software) FirewallRules: [UDP Query User{62A66968-5CB0-4EF2-80B3-B0A70A26D445}C:\users\yupii\appdata\local\programs\opera gx\opera.exe] => (Allow) C:\users\yupii\appdata\local\programs\opera gx\opera.exe (Opera Software AS -> Opera Software) FirewallRules: [{807E849B-2E67-4D80-8DB2-ECEDF51BEDD9}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve Corp. -> Valve Corporation) FirewallRules: [{4A072C45-CA92-40EE-8A30-5F8ADB50E025}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve Corp. -> Valve Corporation) FirewallRules: [{3C9632D2-1D04-43AE-A73C-C818952AC3CE}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corp. -> Valve Corporation) FirewallRules: [{30915B3A-B5D2-43E3-B6F5-78C673F484CD}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corp. -> Valve Corporation) FirewallRules: [TCP Query User{FDA7A90F-0EAA-45AE-A28D-7AA83228892E}C:\program files (x86)\epic games\launcher\engine\binaries\win64\epicwebhelper.exe] => (Allow) C:\program files (x86)\epic games\launcher\engine\binaries\win64\epicwebhelper.exe (Epic Games Inc. -> Epic Games, Inc.) FirewallRules: [UDP Query User{975CB67D-9E76-4BE8-93F8-B5561ECEC763}C:\program files (x86)\epic games\launcher\engine\binaries\win64\epicwebhelper.exe] => (Allow) C:\program files (x86)\epic games\launcher\engine\binaries\win64\epicwebhelper.exe (Epic Games Inc. -> Epic Games, Inc.) FirewallRules: [{6A2F5E30-EA30-43A0-AAC0-94B669771DEF}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (Nvidia Corporation -> NVIDIA Corporation) FirewallRules: [{7576BDBB-860D-4D2B-A33A-7922A5844EA8}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (Nvidia Corporation -> NVIDIA Corporation) FirewallRules: [{DE3693BD-2736-4F51-93E0-5AB4E5EC399B}] => (Allow) D:\Origin\Mass Effect Andromeda\MassEffectAndromedaTrial.exe (Electronic Arts - BioWare) [Brak podpisu cyfrowego] FirewallRules: [{39539404-D6D2-4D59-89F9-7A599D1E4E75}] => (Allow) D:\Origin\Mass Effect Andromeda\MassEffectAndromedaTrial.exe (Electronic Arts - BioWare) [Brak podpisu cyfrowego] FirewallRules: [{0B5E6F97-321D-4E91-91F2-BD7209F32D96}] => (Allow) D:\Origin\Mass Effect Andromeda\MassEffectAndromeda.exe (Electronic Arts -> Electronic Arts - BioWare) FirewallRules: [{21933D87-8658-4283-849E-B563EB64A8B9}] => (Allow) D:\Origin\Mass Effect Andromeda\MassEffectAndromeda.exe (Electronic Arts -> Electronic Arts - BioWare) FirewallRules: [TCP Query User{23DDA2C1-A4B6-4452-89FC-7B3085590A9B}C:\program files\lghub\lghub_agent.exe] => (Allow) C:\program files\lghub\lghub_agent.exe (Logitech Inc -> Logitech, Inc.) FirewallRules: [UDP Query User{DC5C6276-6AEF-4FCF-9A74-A02A1FF1293C}C:\program files\lghub\lghub_agent.exe] => (Allow) C:\program files\lghub\lghub_agent.exe (Logitech Inc -> Logitech, Inc.) FirewallRules: [TCP Query User{6EA9F4BA-C005-45C7-AF94-CE07E2F1087A}D:\program files\epic games\reddeadredemption2\rdr2.exe] => (Allow) D:\program files\epic games\reddeadredemption2\rdr2.exe (Rockstar Games, Inc. -> Rockstar Games) FirewallRules: [UDP Query User{9AD030A7-5B94-4364-9C28-97D2F6D3ED73}D:\program files\epic games\reddeadredemption2\rdr2.exe] => (Allow) D:\program files\epic games\reddeadredemption2\rdr2.exe (Rockstar Games, Inc. -> Rockstar Games) FirewallRules: [{2BC4BF55-E9A9-4054-BEF5-CF48BE571ACB}] => (Allow) D:\SteamLibrary\steamapps\common\New World\NewWorldLauncher.exe (Amazon.com Services LLC -> Epic Games, Inc) FirewallRules: [{23C935C5-D531-4938-9DE9-C0AC8E094133}] => (Allow) D:\SteamLibrary\steamapps\common\New World\NewWorldLauncher.exe (Amazon.com Services LLC -> Epic Games, Inc) FirewallRules: [TCP Query User{4617E145-659E-4276-AC58-6D74002B82DB}D:\steamlibrary\steamapps\common\new world\bin64\newworld.exe] => (Allow) D:\steamlibrary\steamapps\common\new world\bin64\newworld.exe (Amazon.com Services LLC -> Amazon.com, Inc.) FirewallRules: [UDP Query User{EE73C218-00D5-42AF-8BDE-303DD527B165}D:\steamlibrary\steamapps\common\new world\bin64\newworld.exe] => (Allow) D:\steamlibrary\steamapps\common\new world\bin64\newworld.exe (Amazon.com Services LLC -> Amazon.com, Inc.) FirewallRules: [{4ED014A5-6517-4DFF-9BC3-B980B3D72233}] => (Allow) C:\WINDOWS\system32\spacedeskService.exe (Datronicsoft Inc. -> ) FirewallRules: [{5EFD8402-D5BC-40FB-BCA9-F58965EEB66A}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (Nvidia Corporation -> NVIDIA Corporation) FirewallRules: [{1320E8C7-9ED4-47FA-AFE6-50DC3B69B9B5}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (Nvidia Corporation -> NVIDIA Corporation) FirewallRules: [{58151F3E-C186-4443-97E4-AE6A219D1EC0}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (Nvidia Corporation -> NVIDIA Corporation) FirewallRules: [{30983769-7647-4B8C-9C57-37CC81F63D81}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (Nvidia Corporation -> NVIDIA Corporation) FirewallRules: [{5CE6C0DF-F5DF-41D3-801D-6FFEAD62BC3F}] => (Allow) C:\Program Files (x86)\ASUS\ArmouryDevice\dll\ArmourySocketServer\ArmourySocketServer.exe (ASUSTeK COMPUTER INC. -> ASUS) FirewallRules: [{FB4E27FF-E8E7-4D14-8C51-464E0B810028}] => (Allow) C:\Program Files (x86)\ASUS\ArmouryDevice\dll\ArmourySocketServer\ArmouryHtmlDebugServer.exe (ASUSTeK COMPUTER INC. -> ASUS) FirewallRules: [{7F3F1EED-007F-4E35-9A40-AB039E3B900D}] => (Allow) C:\Program Files (x86)\ASUS\ArmouryDevice\asus_framework.exe (ASUSTeK COMPUTER INC. -> ASUSTek Computer Inc.) FirewallRules: [{EB45FCC9-FCB2-4DA8-8C27-5FD0E6F2ACE2}] => (Allow) C:\Program Files (x86)\TRIGONE\Remote System Monitor Server\RemoteSystemMonitorService.exe () [Brak podpisu cyfrowego] FirewallRules: [{38F723CE-3A02-4997-843D-911589522F8B}] => (Allow) C:\Program Files (x86)\TRIGONE\Remote System Monitor Server\RemoteSystemMonitorService.exe () [Brak podpisu cyfrowego] FirewallRules: [{A195EE2D-DD40-418A-9F95-74AF1F2D7ACB}] => (Allow) C:\Program Files (x86)\TRIGONE\Remote System Monitor Server\RemoteSystemMonitorService.exe () [Brak podpisu cyfrowego] FirewallRules: [{B9AA2E25-0EEE-4F79-A5DA-CF596EB2779E}] => (Allow) D:\SteamLibrary\steamapps\common\MonsterHunterRise\MonsterHunterRise.exe (CAPCOM CO., LTD. -> ) FirewallRules: [{9F727BED-25A5-4297-B9A9-E3A2A3338CC7}] => (Allow) D:\SteamLibrary\steamapps\common\MonsterHunterRise\MonsterHunterRise.exe (CAPCOM CO., LTD. -> ) FirewallRules: [{051BF513-79D6-4D9A-A9E5-12AF31591782}] => (Allow) D:\SteamLibrary\steamapps\common\wallpaper_engine\launcher.exe (Skutta, Kristjan -> ) FirewallRules: [{B60A8CC6-FC65-46F2-AA55-5A00B02A73C9}] => (Allow) D:\SteamLibrary\steamapps\common\wallpaper_engine\launcher.exe (Skutta, Kristjan -> ) FirewallRules: [{C31BFD82-BAF2-4DBB-97A6-3DFAF68493EA}] => (Allow) D:\SteamLibrary\steamapps\common\wallpaper_engine\bin\diagnostics32.exe (Skutta, Kristjan -> ) FirewallRules: [{549A06DD-34DD-459F-908E-EA84B1BBE21C}] => (Allow) D:\SteamLibrary\steamapps\common\wallpaper_engine\bin\diagnostics32.exe (Skutta, Kristjan -> ) FirewallRules: [{2E31398F-744E-4281-86A6-204653F0747E}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.83.408.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.) FirewallRules: [{75B8C0E2-99EE-4F03-B16B-F11B5872EED5}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.83.408.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.) FirewallRules: [{418CF86B-AEFF-4998-815F-9AC5513C0844}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.83.408.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.) FirewallRules: [{7600CDAE-C347-480B-A968-CD91D53E35C0}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.83.408.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.) FirewallRules: [TCP Query User{68141E86-A58E-4F3F-92AC-C54B0A36D091}C:\users\yupii\appdata\local\programs\opera gx\opera.exe] => (Allow) C:\users\yupii\appdata\local\programs\opera gx\opera.exe (Opera Software AS -> Opera Software) FirewallRules: [UDP Query User{52B7A949-EFDD-4F56-9C83-F08EFF217A25}C:\users\yupii\appdata\local\programs\opera gx\opera.exe] => (Allow) C:\users\yupii\appdata\local\programs\opera gx\opera.exe (Opera Software AS -> Opera Software) FirewallRules: [TCP Query User{6E390422-7984-4751-98BC-06C97E2CD986}C:\program files\lghub\lghub_agent.exe] => (Allow) C:\program files\lghub\lghub_agent.exe (Logitech Inc -> Logitech, Inc.) FirewallRules: [UDP Query User{D283F64E-0B0E-4B71-8809-6AA64FE2F89D}C:\program files\lghub\lghub_agent.exe] => (Allow) C:\program files\lghub\lghub_agent.exe (Logitech Inc -> Logitech, Inc.) FirewallRules: [TCP Query User{7A9144C6-29FD-4067-B941-4938C5EC9E41}C:\program files\core temp\core temp.exe] => (Allow) C:\program files\core temp\core temp.exe (ALCPU -> ALCPU) FirewallRules: [UDP Query User{2C10B6F4-A418-42AA-A50B-F779DE057E60}C:\program files\core temp\core temp.exe] => (Allow) C:\program files\core temp\core temp.exe (ALCPU -> ALCPU) FirewallRules: [TCP Query User{BE8FB799-650E-4165-BECF-603BE167A890}C:\users\yupii\downloads\dune.spice.wars.v0.1.19.14499\d4x.exe] => (Block) C:\users\yupii\downloads\dune.spice.wars.v0.1.19.14499\d4x.exe => Brak pliku FirewallRules: [UDP Query User{3E38862F-37D1-4FF9-B862-727C2B2E37AD}C:\users\yupii\downloads\dune.spice.wars.v0.1.19.14499\d4x.exe] => (Block) C:\users\yupii\downloads\dune.spice.wars.v0.1.19.14499\d4x.exe => Brak pliku FirewallRules: [TCP Query User{AAF5F0AA-7A74-4F6D-9666-248434B493AB}D:\dune.spice.wars.v0.1.19.14499\d4x.exe] => (Block) D:\dune.spice.wars.v0.1.19.14499\d4x.exe () [Brak podpisu cyfrowego] FirewallRules: [UDP Query User{54119CC9-5E48-454B-BB06-AC88B6A67B2A}D:\dune.spice.wars.v0.1.19.14499\d4x.exe] => (Block) D:\dune.spice.wars.v0.1.19.14499\d4x.exe () [Brak podpisu cyfrowego] FirewallRules: [{5D9C30AC-B618-4562-AFA2-099EF3901299}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.184.716.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd) FirewallRules: [{E4440339-770B-43D6-9EB4-0BF40171267D}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.184.716.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd) FirewallRules: [{E000DEA8-EA7B-4AB9-BD41-9984EC502F11}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.184.716.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd) FirewallRules: [{816EB5EA-EA95-49C2-9DEC-854BE7756F88}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.184.716.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd) FirewallRules: [{6523883E-4ACD-42FC-AF6F-6D8659F55D04}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.184.716.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd) FirewallRules: [{512858E7-B472-49AC-A7C9-266F3C3A43A7}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.184.716.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd) FirewallRules: [{060EA671-A7AE-4776-996D-2A4A69414715}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.184.716.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd) FirewallRules: [{3DD3FC81-821E-4AA5-B138-CD1DCD2DBFB1}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.184.716.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd) FirewallRules: [{3CAAE131-5E3C-48BC-8DC6-8D68FF00223C}] => (Allow) C:\Program Files (x86)\BUFFALO\NASNAVI\NasNavi.exe (Buffalo Inc. -> Buffalo Inc.) FirewallRules: [{3838B3E6-11E5-415A-BFE2-1AA3E67EDFC7}] => (Allow) C:\Program Files (x86)\BUFFALO\NASNAVI\NasNavi.exe (Buffalo Inc. -> Buffalo Inc.) FirewallRules: [{F771E7E7-8C86-467C-9E41-CE77625835D9}] => (Allow) C:\Program Files (x86)\BUFFALO\NASNAVI\NasNavi.exe (Buffalo Inc. -> Buffalo Inc.) FirewallRules: [{EE62AF19-8D99-4C67-BAC7-0EADE2F27A6A}] => (Allow) C:\Program Files (x86)\Overwolf\0.195.0.17\OverwolfBrowser.exe => Brak pliku FirewallRules: [{DBFABB1A-DDE6-45E3-979E-2C50CCACE776}] => (Allow) C:\Program Files (x86)\Overwolf\0.195.0.17\OverwolfBrowser.exe => Brak pliku FirewallRules: [{DE7E1016-FFA9-4571-B9A3-8F93C69EF13A}] => (Block) C:\Program Files (x86)\Overwolf\0.195.0.17\OverwolfBrowser.exe => Brak pliku FirewallRules: [{F201EDC3-0C77-4AA4-8194-11DBB5C8FA7D}] => (Block) C:\Program Files (x86)\Overwolf\0.195.0.17\OverwolfBrowser.exe => Brak pliku FirewallRules: [{C4C2A7FA-45A5-451F-889B-A269998A0863}] => (Allow) C:\Program Files (x86)\Overwolf\0.194.0.16\OverwolfBrowser.exe (Overwolf Ltd -> Overwolf LTD) FirewallRules: [{05873CF6-CDE8-4B11-85FB-95452FF32B8E}] => (Allow) C:\Program Files (x86)\Overwolf\0.194.0.16\OverwolfBrowser.exe (Overwolf Ltd -> Overwolf LTD) FirewallRules: [{CC4D5B33-3F95-4635-A315-B6F043D7D032}] => (Block) C:\Program Files (x86)\Overwolf\0.194.0.16\OverwolfBrowser.exe (Overwolf Ltd -> Overwolf LTD) FirewallRules: [{D844FE84-568B-43C4-B460-9849EF8C100A}] => (Block) C:\Program Files (x86)\Overwolf\0.194.0.16\OverwolfBrowser.exe (Overwolf Ltd -> Overwolf LTD) FirewallRules: [{58530D79-CCEC-43F3-9907-5F8E4A3FB7BC}] => (Allow) C:\Program Files (x86)\Overwolf\0.195.0.18\OverwolfBrowser.exe (Overwolf Ltd -> Overwolf LTD) FirewallRules: [{5D6FDDD9-2342-450D-8CBC-DB7DBD67EB32}] => (Allow) C:\Program Files (x86)\Overwolf\0.195.0.18\OverwolfBrowser.exe (Overwolf Ltd -> Overwolf LTD) FirewallRules: [TCP Query User{DB8FCC1C-06DE-47A1-9B71-FD63355F9F1A}C:\program files\core temp\core temp.exe] => (Allow) C:\program files\core temp\core temp.exe (ALCPU -> ALCPU) FirewallRules: [UDP Query User{C6F815C6-A4A0-4E90-B4B4-37599ED1CC73}C:\program files\core temp\core temp.exe] => (Allow) C:\program files\core temp\core temp.exe (ALCPU -> ALCPU) FirewallRules: [TCP Query User{1C103A84-32D5-4C06-829F-D60165E1ABD3}D:\age.of.darkness.final.stand.enemy.inspection.early.access\achilles\binaries\win64\achilles-win64-shipping.exe] => (Block) D:\age.of.darkness.final.stand.enemy.inspection.early.access\achilles\binaries\win64\achilles-win64-shipping.exe (PlaySide Studios LTD) [Brak podpisu cyfrowego] FirewallRules: [UDP Query User{15EDA10B-6511-45ED-A93F-008D3B991805}D:\age.of.darkness.final.stand.enemy.inspection.early.access\achilles\binaries\win64\achilles-win64-shipping.exe] => (Block) D:\age.of.darkness.final.stand.enemy.inspection.early.access\achilles\binaries\win64\achilles-win64-shipping.exe (PlaySide Studios LTD) [Brak podpisu cyfrowego] FirewallRules: [TCP Query User{DF381938-67B5-445E-B3AE-575D8253AB82}D:\program files\translator++\translator++.exe] => (Allow) D:\program files\translator++\translator++.exe (Dreamsavior) [Brak podpisu cyfrowego] FirewallRules: [UDP Query User{7FBD8CB6-0195-4D00-8A96-64B93804803D}D:\program files\translator++\translator++.exe] => (Allow) D:\program files\translator++\translator++.exe (Dreamsavior) [Brak podpisu cyfrowego] FirewallRules: [{BACA132D-30B4-4381-8EBB-48549D0968D2}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\101.0.1210.39\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [{545DA38B-516F-4637-9D61-86E4A627C307}] => (Allow) C:\Program Files\WindowsApps\MicrosoftTeams_22115.300.1313.2464_x64__8wekyb3d8bbwe\msteams.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [{48CB8445-67CD-4270-962E-058AA48F59A6}] => (Allow) C:\Program Files\WindowsApps\MicrosoftTeams_22115.300.1313.2464_x64__8wekyb3d8bbwe\msteams.exe (Microsoft Corporation -> Microsoft Corporation) ==================== Punkty Przywracania systemu ========================= 05-05-2022 00:47:19 Zaplanowany punkt kontrolny ==================== Wadliwe urządzenia w Menedżerze urządzeń ============ ==================== Błędy w Dzienniku zdarzeń: ======================== Dziennik Aplikacja: ================== Error: (05/09/2022 04:40:35 PM) (Source: Brother BrLog) (EventID: 1001) (User: ) Description: WDLMW BrtWDLMW: [2022/05/09 16:40:35.621]: [00021148]: lperrcode->api = 1 , lperrcode->code = 2 Error: (05/09/2022 04:40:34 PM) (Source: Brother BrLog) (EventID: 1001) (User: ) Description: WDLMW BrtWDLMW: [2022/05/09 16:40:34.094]: [00021148]: lperrcode->api = 1 , lperrcode->code = 2 Error: (05/09/2022 04:40:32 PM) (Source: Brother BrLog) (EventID: 1001) (User: ) Description: WDLMW BrtWDLMW: [2022/05/09 16:40:32.550]: [00021148]: lperrcode->api = 1 , lperrcode->code = 2 Error: (05/09/2022 04:40:31 PM) (Source: Brother BrLog) (EventID: 1001) (User: ) Description: WDLMW BrtWDLMW: [2022/05/09 16:40:31.006]: [00021148]: lperrcode->api = 1 , lperrcode->code = 2 Error: (05/09/2022 04:40:29 PM) (Source: Brother BrLog) (EventID: 1001) (User: ) Description: WDLMW BrtWDLMW: [2022/05/09 16:40:29.478]: [00021148]: lperrcode->api = 1 , lperrcode->code = 2 Error: (05/09/2022 04:40:27 PM) (Source: Brother BrLog) (EventID: 1001) (User: ) Description: WDLMW BrtWDLMW: [2022/05/09 16:40:27.938]: [00021148]: lperrcode->api = 1 , lperrcode->code = 2 Error: (05/09/2022 04:40:26 PM) (Source: Brother BrLog) (EventID: 1001) (User: ) Description: WDLMW BrtWDLMW: [2022/05/09 16:40:26.400]: [00021148]: lperrcode->api = 1 , lperrcode->code = 2 Error: (05/09/2022 04:40:24 PM) (Source: Brother BrLog) (EventID: 1001) (User: ) Description: WDLMW BrtWDLMW: [2022/05/09 16:40:24.887]: [00021148]: lperrcode->api = 1 , lperrcode->code = 2 Dziennik System: ============= Error: (05/09/2022 09:49:28 AM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Nie można uruchomić usługi WinRing0_1_2_0 z powodu następującego błędu: System nie może odnaleźć określonej ścieżki. Error: (05/09/2022 09:46:55 AM) (Source: DCOM) (EventID: 10010) (User: YUPII-STACJONAR) Description: Serwer {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5} nie zarejestrował się w modelu DCOM w wymaganym czasie. Error: (05/09/2022 09:46:55 AM) (Source: DCOM) (EventID: 10010) (User: YUPII-STACJONAR) Description: Serwer {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5} nie zarejestrował się w modelu DCOM w wymaganym czasie. Error: (05/09/2022 09:46:55 AM) (Source: DCOM) (EventID: 10010) (User: YUPII-STACJONAR) Description: Serwer {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5} nie zarejestrował się w modelu DCOM w wymaganym czasie. Error: (05/09/2022 09:46:55 AM) (Source: DCOM) (EventID: 10010) (User: YUPII-STACJONAR) Description: Serwer {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5} nie zarejestrował się w modelu DCOM w wymaganym czasie. Error: (05/09/2022 09:46:55 AM) (Source: DCOM) (EventID: 10010) (User: YUPII-STACJONAR) Description: Serwer {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5} nie zarejestrował się w modelu DCOM w wymaganym czasie. Error: (05/09/2022 09:46:55 AM) (Source: DCOM) (EventID: 10010) (User: YUPII-STACJONAR) Description: Serwer {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5} nie zarejestrował się w modelu DCOM w wymaganym czasie. Error: (05/09/2022 09:46:55 AM) (Source: DCOM) (EventID: 10010) (User: YUPII-STACJONAR) Description: Serwer {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5} nie zarejestrował się w modelu DCOM w wymaganym czasie. Windows Defender: ================ Date: 2022-05-08 11:55:42 Description: Produkt Program antywirusowy Microsoft Defender wykrył złośliwe oprogramowanie lub inne potencjalnie niechciane oprogramowanie. Aby uzyskać więcej informacji, zobacz: https://go.microsoft.com/fwlink/?linkid=37020&name=Ransom:Win32/Cobra&threatid=2147768033&enterprise=0 Nazwa: Ransom:Win32/Cobra Identyfikator: 2147768033 Ważność: Poważny Kategoria: Oprogramowanie wymuszające okup Ścieżka: file:_I:\$RECYCLE.BIN\S-1-5-21-38027222-1044614800-2543683805-1001\$RLZZJGI.exe Pochodzenie wykrycia: Komputer lokalny Typ wykrycia: Konkretne Źródło wykrycia: Ochrona w czasie rzeczywistym Użytkownik: YUPII-STACJONAR\yupii Nazwa procesu: C:\Users\yupii\AppData\Local\ESET\ESETOnlineScanner\ESETOnlineScanner.exe Wersja analizy zabezpieczeń: AV: 1.363.1613.0, AS: 1.363.1613.0, NIS: 1.363.1613.0 Wersja aparatu: AM: 1.1.19200.5, NIS: 1.1.19200.5 Date: 2022-05-08 10:46:25 Description: Produkt Program antywirusowy Microsoft Defender wykrył złośliwe oprogramowanie lub inne potencjalnie niechciane oprogramowanie. Aby uzyskać więcej informacji, zobacz: https://go.microsoft.com/fwlink/?linkid=37020&name=Backdoor:Win32/Bladabindi!ml&threatid=2147748148&enterprise=0 Nazwa: Backdoor:Win32/Bladabindi!ml Identyfikator: 2147748148 Ważność: Poważny Kategoria: Tylne wejście Ścieżka: file:_F:\oko 02.06\17.5.9.0\Kalendarz.exe Pochodzenie wykrycia: Komputer lokalny Typ wykrycia: FastPath Źródło wykrycia: Ochrona w czasie rzeczywistym Użytkownik: YUPII-STACJONAR\yupii Nazwa procesu: C:\Users\yupii\AppData\Local\ESET\ESETOnlineScanner\ESETOnlineScanner.exe Wersja analizy zabezpieczeń: AV: 1.363.1589.0, AS: 1.363.1589.0, NIS: 1.363.1589.0 Wersja aparatu: AM: 1.1.19200.5, NIS: 1.1.19200.5  CodeIntegrity: =============== Date: 2022-05-09 11:26:36 Description: Code Integrity determined that a process (\Device\HarddiskVolume3\ProgramData\Microsoft\Windows Defender\Platform\4.18.2203.5-0\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\OFFICE16\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2022-04-14 21:34:40 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\fcon.dll because the set of per-page image hashes could not be found on the system. ==================== Statystyki pamięci =========================== BIOS: American Megatrends Inc. 0418 10/13/2021 Płyta główna: ASUSTeK COMPUTER INC. PRIME B660-PLUS D4 Procesor: 12th Gen Intel(R) Core(TM) i5-12600K Procent pamięci w użyciu: 43% Całkowita pamięć fizyczna: 32509.42 MB Dostępna pamięć fizyczna: 18212.91 MB Całkowita pamięć wirtualna: 37373.42 MB Dostępna pamięć wirtualna: 19238.21 MB ==================== Dyski ================================ Drive c: (Windows 11) (Fixed) (Total:476.19 GB) (Free:350.05 GB) NTFS Drive d: (Gry) (Fixed) (Total:953.86 GB) (Free:509.48 GB) NTFS Drive e: (Transferowy) (Fixed) (Total:223.46 GB) (Free:65.48 GB) NTFS Drive f: (Magazyn 3) (Fixed) (Total:931.39 GB) (Free:404.95 GB) NTFS Drive i: (INTERNET) (Fixed) (Total:111.66 GB) (Free:54.83 GB) NTFS \\?\Volume{1375c367-5d23-4abd-bc25-41dc593baa67}\ () (Fixed) (Total:0.64 GB) (Free:0.07 GB) NTFS \\?\Volume{24ec22c6-3659-4b41-ab43-4b159744f76d}\ () (Fixed) (Total:0.09 GB) (Free:0.07 GB) FAT32 \\?\Volume{d1b25818-8808-411e-812b-61faa5c56491}\ () (Fixed) (Total:0.09 GB) (Free:0.07 GB) FAT32 ==================== MBR & Tablica partycji ==================== ========================================================== Disk: 0 (Protective MBR) (Size: 111.8 GB) (Disk ID: 00000000) Partition: GPT. ========================================================== Disk: 1 (Size: 223.6 GB) (Disk ID: FE24D269) Partition: GPT. ========================================================== Disk: 2 (Protective MBR) (Size: 931.5 GB) (Disk ID: 00000000) Partition: GPT. ========================================================== Disk: 3 (Protective MBR) (Size: 476.9 GB) (Disk ID: 00000000) Partition: GPT. ========================================================== Disk: 4 (Size: 953.9 GB) (Disk ID: 0E2A17AF) Partition 1: (Not Active) - (Size=953.9 GB) - (Type=07 NTFS) ==================== Koniec Addition.txt =======================