Rezultaty skanu uzupełniającego Farbar Recovery Scan Tool (x64) Wersja: 13-06-2022 Uruchomiony przez Mati (13-06-2022 13:38:00) Uruchomiony z C:\Users\Mati\Downloads Microsoft Windows 10 Home Wersja 21H2 19044.1706 (X64) (2021-06-30 05:23:58) Tryb startu: Normal ========================================================== ==================== Konta użytkowników: ============================= (Załączenie wejścia w fixlist spowoduje jego usunięcie.) Administrator (S-1-5-21-2976811078-1773586296-1639784869-500 - Administrator - Disabled) Gość (S-1-5-21-2976811078-1773586296-1639784869-501 - Limited - Disabled) Konto domyślne (S-1-5-21-2976811078-1773586296-1639784869-503 - Limited - Disabled) Mati (S-1-5-21-2976811078-1773586296-1639784869-1001 - Administrator - Enabled) => C:\Users\Mati WDAGUtilityAccount (S-1-5-21-2976811078-1773586296-1639784869-504 - Limited - Disabled) ==================== Centrum zabezpieczeń ======================== (Załączenie wejścia w fixlist spowoduje jego usunięcie.) AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} ==================== Zainstalowane programy ====================== (W fixlist dozwolone tylko załączanie programów adware z flagą "Hidden" w celu ich uwidocznienia. Programy adware powinny zostać w poprawny sposób odinstalowane.) µTorrent (HKU\S-1-5-21-2976811078-1773586296-1639784869-1001\...\uTorrent) (Version: 3.5.5.46206 - BitTorrent Inc.) Adobe Acrobat DC (64-bit) (HKLM\...\{AC76BA86-1033-FFFF-7760-BC15014EA700}) (Version: 22.001.20117 - Adobe) AI Noise Cancelation Audio Software (HKLM-x32\...\{ab5f014e-883d-470d-bc2d-127ef91e5611}) (Version: 2.0.0 - ASUSTek Computer Inc.) AI Noise Cancelation Audio Software SDK (HKLM\...\{1D93BFB8-E73B-453E-829C-147666048421}) (Version: 1.0.5 - ASUSTeK COMPUTER INC.) Aplikacja na pulpit firmy Autodesk (HKLM-x32\...\Autodesk Desktop App) (Version: 8.3.0.71 - Autodesk) ARMOURY CRATE Service (HKLM\...\{01378DC3-088F-4F55-AAFA-DC6A9CCA292A}) (Version: 5.1.4 - ASUS) ASUS Aac_GmAcc HAL (HKLM\...\{998249B1-6913-447E-AA37-F445B8CA33D0}) (Version: 1.0.0.0 - ASUSTek COMPUTER INC.) Hidden ASUS Aac_GmAcc HAL (HKLM-x32\...\{fd4cf3d0-9937-417e-89b4-56658158819a}) (Version: 1.0.0.0 - ASUSTek COMPUTER INC.) Hidden ASUS Aac_NBDT HAL (HKLM\...\{01D3B7AA-D078-4506-B460-60877FCDDBD6}) (Version: 2.5.0.0 - ASUSTek COMPUTER INC.) Hidden ASUS Aac_NBDT HAL (HKLM-x32\...\{b6ec58cb-2684-4919-84c2-ee821b0c2842}) (Version: 2.5.0.0 - ASUSTek COMPUTER INC.) Hidden ASUS AURA Display Component (HKLM\...\{AFD1CF98-FE97-434C-A095-9F27C5BEA53C}) (Version: 1.1.29.0 - ASUSTek COMPUTER INC. ) Hidden ASUS AURA Display Component (HKLM-x32\...\{c5669622-d369-4e19-ae7b-d6b33d469f2d}) (Version: 1.1.29.0 - ASUSTek COMPUTER INC. ) Hidden ASUS AURA Headset Component (HKLM\...\{A3C4120D-8096-4307-91A2-FFE37EBD5A3D}) (Version: 1.3.22.0 - ASUSTek COMPUTER INC.) Hidden ASUS AURA Headset Component (HKLM-x32\...\{671e9491-8fe5-47d9-b305-432a72b26e9f}) (Version: 1.3.22.0 - ASUSTek COMPUTER INC.) Hidden ASUS Aura SDK (HKLM\...\{CF8E6E00-9C03-4440-81C0-21FACB921A6B}) (Version: 3.04.11 - ASUSTek COMPUTER INC.) Hidden ASUS Framework Service (HKLM-x32\...\{cf5b2f79-6f67-4543-b5d5-6f1fb9ad6d06}) (Version: 2.1.2.3 - ASUSTek COMPUTER INC.) ASUS Framework Service (HKLM-x32\...\{EA6A87BE-8AD3-40D2-944C-9DF5FBFF4332}) (Version: 2.1.2.3 - ASUSTek COMPUTER INC.) Hidden ASUS Keyboard HAL (HKLM\...\{0FA0CDEE-5DC8-421E-A97D-C74FA6E66FC3}) (Version: 1.1.44.0 - ASUSTek COMPUTER INC.) Hidden ASUS Keyboard HAL (HKLM-x32\...\{d7722ad6-d87a-4eaa-af74-17f8535a5110}) (Version: 1.1.44.0 - ASUSTek COMPUTER INC.) Hidden ASUS MB Peripheral Products (HKLM\...\{BFED9861-7D96-4528-89F1-B090ABBF11A7}) (Version: 1.0.35 - ASUSTeK Computer Inc.) Hidden ASUS MB Peripheral Products (HKLM-x32\...\{193a2068-8738-4276-ab1b-9133f9403487}) (Version: 1.0.35 - ASUSTeK Computer Inc.) Hidden ASUS Mouse HAL (HKLM\...\{B8F984F2-7887-4DD2-8D96-F9A4BC5A4AC5}) (Version: 1.1.0.34 - ASUSTek COMPUTER INC.) Hidden ASUS Mouse HAL (HKLM-x32\...\{68c8d933-6396-47f8-93fa-ad8a27c1ed54}) (Version: 1.1.0.34 - ASUSTek COMPUTER INC.) Hidden ASUS Smart Display Control (HKLM-x32\...\{8714A8D1-0F08-4681-9DF6-A8C4607A58B4}) (Version: 1.8.0 - ASUSTek COMPUTER INC.) ASUS Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.107.79 - ASUSTeK Computer Inc.) Hidden AURA lighting effect add-on (HKLM-x32\...\{1E2EA04B-FCA7-457E-B6F4-F33E1858E859}) (Version: 0.0.21 - ASUS) AURA lighting effect add-on x64 (HKLM\...\{C5A4A164-4428-4931-B728-96EEF0FA3C44}) (Version: 0.0.21 - ASUS) AURA Service (HKLM-x32\...\{0E536061-3B55-4D45-BF58-0BDA261C94B0}) (Version: 3.05.40 - ASUSTeK Computer Inc.) Hidden AURA Service (HKLM-x32\...\{a1318319-c95b-48da-beb8-63ed6e4d809a}) (Version: 3.05.40 - ASUSTeK Computer Inc.) AutoCAD Open in Desktop (HKLM\...\{1C66A0B0-784E-4777-97B3-93F843D1C8CF}) (Version: 1.0.20.0 - Autodesk) Autodesk App Manager (HKLM-x32\...\{9C2E49CB-F671-47EC-8093-CC1A8749A92A}) (Version: 3.2.1 - Autodesk) Autodesk AutoCAD 2022 — polski (Polish) (HKLM\...\{C935B0D9-434A-3A33-9645-7C012E6D37D4}) (Version: 24.1.51.0 - Autodesk, Inc.) Autodesk Featured Apps (HKLM-x32\...\{46EA8955-D629-4B3E-AAF0-D136031D7C95}) (Version: 3.2.1 - Autodesk) Autodesk Genuine Service (HKLM\...\{8AD048E5-9570-442E-A5A2-B12C2618977E}) (Version: 4.6.0.124 - Autodesk) Autodesk Material Library 2022 (HKLM-x32\...\{A9221A68-5AD0-4215-B54F-CB5DBA4FB27C}) (Version: 20.3.7.0 - Autodesk) Autodesk Material Library Base Resolution Image Library 2022 (HKLM-x32\...\{6256584F-B04B-41D4-8A59-44E70940C473}) (Version: 20.3.7.0 - Autodesk) Autodesk Save to Web & Mobile (HKLM\...\{192B349F-C3F7-4BBE-B49E-00DD4BD28373}) (Version: 3.0.29 - Autodesk) Hidden Autodesk Single Sign On Component (HKLM\...\{B9F5BDED-021C-4926-8518-4FA7114B7040}) (Version: 12.3.3.1803 - Autodesk) Discord (HKU\S-1-5-21-2976811078-1773586296-1639784869-1001\...\Discord) (Version: 1.0.9003 - Discord Inc.) Epic Games Launcher (HKLM-x32\...\{30C7A3B1-644C-423F-AB2C-743E007A84EC}) (Version: 1.3.0.0 - Epic Games, Inc.) Epic Games Launcher Prerequisites (x64) (HKLM\...\{F9C5C994-F6B9-4D75-B3E7-AD01B84073E9}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden Epic Online Services (HKLM-x32\...\{32C68D93-D32F-4B01-8250-61642BFC22F8}) (Version: 2.0.28.0 - Epic Games, Inc.) femm 4.2 21Apr2019 (HKLM-x32\...\FEMM_is1) (Version: - D. Meeker) GameSDK Service (HKLM-x32\...\{1a192f34-128f-43ed-a83d-f998b9d5f646}) (Version: 1.0.0.4 - ASUSTek COMPUTER INC.) GameSDK Service (HKLM-x32\...\{7160DA8D-3F25-4F6E-ABC8-F693551D82FA}) (Version: 1.0.0.4 - ASUSTek COMPUTER INC.) Hidden GeoGebra 5 (HKLM-x32\...\GeoGebra 5) (Version: 5.0.680.0 - International GeoGebra Institute) God of War (HKLM-x32\...\God of War_is1) (Version: 0.0.0 - DODI-Repacks) GOG GALAXY (HKLM-x32\...\{7258BA11-600C-430E-A759-27E2C691A335}_is1) (Version: - GOG.com) Google Chrome (HKLM-x32\...\Google Chrome) (Version: 102.0.5005.63 - Google LLC) Google Drive (HKLM\...\{6BBAE539-2232-434A-A4E5-9A33560C6283}) (Version: 58.0.3.0 - Google LLC) Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.31.5 - Google Inc.) Hidden Launcher Prerequisites (x64) (HKLM-x32\...\{43a03b9c-4770-409c-a999-587b60700b63}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden Microsoft .NET Core Host - 3.1.10 (x64) (HKLM\...\{52B42932-15C1-45D4-8904-FC3117EEE69B}) (Version: 24.104.29419 - Microsoft Corporation) Hidden Microsoft .NET Core Host FX Resolver - 3.1.10 (x64) (HKLM\...\{752B4412-A129-4CB2-AD96-B6D97EAD3090}) (Version: 24.104.29419 - Microsoft Corporation) Hidden Microsoft .NET Core Runtime - 3.1.10 (x64) (HKLM\...\{396D7BC8-E3C8-4B3E-8C60-D50D94FDF09D}) (Version: 24.104.29419 - Microsoft Corporation) Hidden Microsoft .NET Core Runtime - 3.1.10 (x64) (HKLM-x32\...\{4714dd0a-ebab-4f59-a708-f8d7a793b3f5}) (Version: 3.1.10.29419 - Microsoft Corporation) Microsoft 365 - pl-pl (HKLM\...\O365HomePremRetail - pl-pl) (Version: 16.0.15225.20204 - Microsoft Corporation) Microsoft ASP.NET Core 3.1.10 - Shared Framework (HKLM-x32\...\{6efe3294-03d8-4977-9c67-9f57ab075130}) (Version: 3.1.10.20520 - Microsoft Corporation) Microsoft ASP.NET Core 3.1.10 Shared Framework (x64) (HKLM\...\{7BEAA207-E3EB-3948-BBB3-336B04D8A2F1}) (Version: 3.1.10.20520 - Microsoft Corporation) Hidden Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 102.0.1245.39 - Microsoft Corporation) Microsoft Excel 2021 - pl-pl (HKLM\...\Excel2021Retail - pl-pl) (Version: 16.0.15225.20204 - Microsoft Corporation) Microsoft GameInput (HKLM-x32\...\{A9CFD6A1-C0D3-7F37-C220-8B104867EF15}) (Version: 10.1.22621.1011 - Microsoft Corporation) Microsoft OneDrive (HKLM\...\OneDriveSetup.exe) (Version: 22.099.0508.0001 - Microsoft Corporation) Microsoft SQL Server Compact 3.5 SP2 ENU (HKLM-x32\...\{3A9FC03D-C685-4831-94CF-4EDFD3749497}) (Version: 3.5.8080.0 - Microsoft Corporation) Microsoft SQL Server Compact 3.5 SP2 x64 ENU (HKLM\...\{D4AD39AD-091E-4D33-BB2B-59F6FCB8ADC3}) (Version: 3.5.8080.0 - Microsoft Corporation) Microsoft Teams (HKU\S-1-5-21-2976811078-1773586296-1639784869-1001\...\Teams) (Version: 1.5.00.11163 - Microsoft Corporation) Microsoft Update Health Tools (HKLM\...\{7B1FCD52-8F6B-4F12-A143-361EA39F5E7C}) (Version: 3.67.0.0 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.61030 (HKLM\...\{37B8F9C7-03FB-3253-8781-2517C99D7C00}) (Version: 11.0.61030 - Microsoft Corporation) Hidden Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.61030 (HKLM\...\{CF2BEA3C-26EA-32F8-AA9B-331F7E34BA97}) (Version: 11.0.61030 - Microsoft Corporation) Hidden Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61030 (HKLM-x32\...\{B175520C-86A2-35A7-8619-86DC379688B9}) (Version: 11.0.61030 - Microsoft Corporation) Hidden Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61030 (HKLM-x32\...\{BD95A8CD-1D9F-35AD-981A-3E7925026EBB}) (Version: 11.0.61030 - Microsoft Corporation) Hidden Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual C++ 2013 x64 Additional Runtime - 12.0.21005 (HKLM\...\{929FBD26-9020-399B-9A7A-751D61F0B942}) (Version: 12.0.21005 - Microsoft Corporation) Hidden Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.21005 (HKLM\...\{A749D8E6-B613-3BE3-8F5F-045C84EBA29B}) (Version: 12.0.21005 - Microsoft Corporation) Hidden Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.21005 (HKLM-x32\...\{F8CFEB22-A2E7-3971-9EDA-4B11EDEFC185}) (Version: 12.0.21005 - Microsoft Corporation) Hidden Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.21005 (HKLM-x32\...\{13A4EE12-23EA-3371-91EE-EFB36DDFFF3E}) (Version: 12.0.21005 - Microsoft Corporation) Hidden Microsoft Visual C++ 2015-2019 Redistributable (x64) - 14.22.27821 (HKLM-x32\...\{6361b579-2795-4886-b2a8-53d5239b6452}) (Version: 14.22.27821.0 - Microsoft Corporation) Microsoft Visual C++ 2015-2019 Redistributable (x64) - 14.27.29016 (HKLM-x32\...\{40d3fee2-b257-46c2-bdc0-cb1088d97327}) (Version: 14.27.29016.0 - Microsoft Corporation) Microsoft Visual C++ 2015-2019 Redistributable (x64) - 14.29.30133 (HKLM-x32\...\{295d1583-fdb9-414b-a4c8-da539362a26b}) (Version: 14.29.30133.0 - Microsoft Corporation) Microsoft Visual C++ 2015-2019 Redistributable (x86) - 14.29.30133 (HKLM-x32\...\{38b2c744-ad08-4d5b-91a2-3fb6f739ff3e}) (Version: 14.29.30133.0 - Microsoft Corporation) Microsoft Visual C++ 2019 X64 Additional Runtime - 14.29.30133 (HKLM\...\{E699E009-1C3C-4E50-9B57-2B39F0954C7F}) (Version: 14.29.30133 - Microsoft Corporation) Hidden Microsoft Visual C++ 2019 X64 Minimum Runtime - 14.29.30133 (HKLM\...\{6CD9E9ED-906D-4196-8DC3-F987D2F6615F}) (Version: 14.29.30133 - Microsoft Corporation) Hidden Microsoft Visual C++ 2019 X86 Additional Runtime - 14.29.30133 (HKLM-x32\...\{42667D2E-B054-46C1-9D46-2EE1332C14C1}) (Version: 14.29.30133 - Microsoft Corporation) Hidden Microsoft Visual C++ 2019 X86 Minimum Runtime - 14.29.30133 (HKLM-x32\...\{EC9807DE-B577-47B1-A024-0251805ACF24}) (Version: 14.29.30133 - Microsoft Corporation) Hidden Microsoft Word 2021 - pl-pl (HKLM\...\Word2021Retail - pl-pl) (Version: 16.0.15225.20204 - Microsoft Corporation) MSI Afterburner 4.6.4 Beta 4 (HKLM-x32\...\Afterburner) (Version: 4.6.4 Beta 4 - MSI Co., LTD) NI Package Manager (HKLM\...\NI Package Manager) (Version: 21.8.0 - NI) NVIDIA FrameView SDK 1.1.4923.29968894 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_FrameViewSdk) (Version: 1.1.4923.29968894 - NVIDIA Corporation) NVIDIA GeForce Experience 3.23.0.74 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.23.0.74 - NVIDIA Corporation) NVIDIA Oprogramowanie systemu PhysX 9.21.0713 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.21.0713 - NVIDIA Corporation) NVIDIA Sterownik graficzny 511.69 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 511.69 - NVIDIA Corporation) OBS Studio (HKLM-x32\...\OBS Studio) (Version: 27.1.3 - OBS Project) Office 16 Click-to-Run Extensibility Component (HKLM\...\{90160000-008C-0000-1000-0000000FF1CE}) (Version: 16.0.15225.20150 - Microsoft Corporation) Hidden Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-007E-0000-1000-0000000FF1CE}) (Version: 16.0.15225.20194 - Microsoft Corporation) Hidden Office 16 Click-to-Run Localization Component (HKLM\...\{90160000-008C-0415-1000-0000000FF1CE}) (Version: 16.0.15128.20178 - Microsoft Corporation) Hidden Opera GX Stable 86.0.4363.70 (HKU\S-1-5-21-2976811078-1773586296-1639784869-1001\...\Opera GX 86.0.4363.70) (Version: 86.0.4363.70 - Opera Software) Pakiet sterowników systemu Windows - Ross-Tech HIDClass (01/05/2014 6.3.0.3) (HKLM\...\3A9B09BBD4F12A76FBBD3A428729660930BA5F13) (Version: 01/05/2014 6.3.0.3 - Ross-Tech) Pakiet sterowników systemu Windows - Ross-Tech USB Driver Package (05/12/2014 2.10.00) (HKLM\...\88B02C4BD09AA7910C55C4E74BE8F036244B5CF9) (Version: 05/12/2014 2.10.00 - Ross-Tech) R for Windows 4.2.0 (HKLM\...\R for Windows 4.2.0_is1) (Version: 4.2.0 - R Core Team) RefreshRateService (HKLM-x32\...\{7E5E84CB-B190-4658-A4DC-166779C329D1}) (Version: 2.1.0 - ASUSTeK COMPUTER INC.) RivaTuner Statistics Server 7.3.2 Beta 5 (HKLM-x32\...\RTSS) (Version: 7.3.2 Beta 5 - Unwinder) Rockstar Games Launcher (HKLM-x32\...\Rockstar Games Launcher) (Version: 1.0.49.529 - Rockstar Games) Rockstar Games Social Club (HKLM-x32\...\Rockstar Games Social Club) (Version: 2.0.9.3 - Rockstar Games) ROG Live Service (HKLM-x32\...\{2D87BFB6-C184-4A59-9BBE-3E20CE797631}) (Version: 1.4.10.0 - ASUSTek COMPUTER INC.) RStudio (HKLM-x32\...\RStudio) (Version: 2022.02.2+485 - RStudio) Rtools 4.2 (4.2.0.1) (HKLM\...\Rtools42_is1) (Version: 4.2 - The R Foundation) scilab-6.1.1 (64-bit) (HKLM\...\scilab-6.1.1 (64-bit)_is1) (Version: - Scilab Enterprises) Spotify (HKU\S-1-5-21-2976811078-1773586296-1639784869-1001\...\Spotify) (Version: 1.1.87.612.gf8d110e2 - Spotify AB) Sprawdzanie kondycji komputera z systemem Windows (HKLM\...\{41E85393-7ED3-4C54-AC25-51F8CDF39CDF}) (Version: 3.6.2204.08001 - Microsoft Corporation) Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation) SteelSeries GG 10.0.0 (HKLM\...\SteelSeries GG) (Version: 10.0.0 - SteelSeries ApS) Środowisko uruchomieniowe Microsoft Edge WebView2 (HKLM-x32\...\Microsoft EdgeWebView) (Version: 101.0.1210.53 - Microsoft Corporation) Telegram Desktop version 3.4.8 (HKU\S-1-5-21-2976811078-1773586296-1639784869-1001\...\{53F49750-6209-4FBF-9CA8-7A333C87D1ED}_is1) (Version: 3.4.8 - Telegram FZ-LLC) The Witcher 3: Wild Hunt - Game of the Year Edition (HKLM-x32\...\1495134320_is1) (Version: 1.32 - GOG.com) uTorrent Web (HKU\S-1-5-21-2976811078-1773586296-1639784869-1001\...\utweb) (Version: 1.2.8 - Rainberry, Inc.) VCDS AKP 20.4.2 (HKLM-x32\...\VCDS AKP) (Version: 20.4.2 - ADAKO) WinRAR 6.02 (64-bitowy) (HKLM\...\WinRAR archiver) (Version: 6.02.0 - win.rar GmbH) Packages: ========= Acrobat Notification Client -> C:\Program Files\WindowsApps\AcrobatNotificationClient_1.0.4.0_x86__e1rzdqpraam7r [2022-06-12] (Adobe Systems Incorporated) ARMOURY CRATE -> C:\Program Files\WindowsApps\B9ECED6F.ArmouryCrate_5.1.5.0_x64__qmba6cd70vzyy [2022-05-22] (ASUSTeK COMPUTER INC.) Centrum sterowania grafiką Intel® -> C:\Program Files\WindowsApps\AppUp.IntelGraphicsExperience_1.100.3408.0_x64__8j3eq9eme6ctt [2022-06-13] (INTEL CORP) [Startup Task] Dodatek Aparat multimediów dla aplikacji Zdjęcia -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2021-12-15] (Microsoft Corporation) DTS:X Ultra -> C:\Program Files\WindowsApps\DTSInc.DTSXUltra_1.11.3.0_x64__t5j2fzbtdg37r [2022-06-13] (DTS, Inc.) McAfee® Personal Security -> C:\Program Files\WindowsApps\5A894077.McAfeeSecurity_2.1.68.0_x64__wafk5atnkzcwy [2022-06-13] (McAfee LLC.) Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.13.5310.0_x64__8wekyb3d8bbwe [2022-06-13] (Microsoft Studios) [MS Ad] Microsoft Whiteboard -> C:\Program Files\WindowsApps\Microsoft.Whiteboard_52.10427.388.0_x64__8wekyb3d8bbwe [2022-06-13] (Microsoft Corporation) MyASUS -> C:\Program Files\WindowsApps\B9ECED6F.ASUSPCAssistant_3.1.4.0_x64__qmba6cd70vzyy [2022-06-13] (ASUSTeK COMPUTER INC.) Netflix -> C:\Program Files\WindowsApps\4DF9E0F8.Netflix_6.98.1805.0_x64__mcm4njqhnhss8 [2022-04-07] (Netflix, Inc.) NVIDIA Control Panel -> C:\Program Files\WindowsApps\NVIDIACorp.NVIDIAControlPanel_8.1.962.0_x64__56jybvy8sckqj [2022-01-20] (NVIDIA Corp.) Realtek Audio Control -> C:\Program Files\WindowsApps\RealtekSemiconductorCorp.RealtekAudioControl_1.29.256.0_x64__dt26b99r8h8gj [2021-11-27] (Realtek Semiconductor Corp) Thunderbolt™ Control Center -> C:\Program Files\WindowsApps\AppUp.ThunderboltControlCenter_1.0.34.0_x64__8j3eq9eme6ctt [2021-10-11] (INTEL CORP) ==================== Niestandardowe rejestracje CLSID (filtrowane): ============== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) CustomCLSID: HKU\S-1-5-21-2976811078-1773586296-1639784869-1001_Classes\CLSID\{19A6E644-14E6-4A60-B8D7-DD20610A871D}\InprocServer32 -> C:\Users\Mati\AppData\Local\Microsoft\TeamsMeetingAddin\1.0.22062.1\x64\Microsoft.Teams.AddinLoader.dll (Microsoft Corporation -> Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-2976811078-1773586296-1639784869-1001_Classes\CLSID\{345D3165-3889-4694-AB75-A91A27B217E8}\localserver32 -> C:\Program Files\Autodesk\AutoCAD 2022\acad.exe (Autodesk, Inc. -> Autodesk, Inc.) CustomCLSID: HKU\S-1-5-21-2976811078-1773586296-1639784869-1001_Classes\CLSID\{8B4929F8-076F-4AEC-AFEE-8928747B7AE3}\localserver32 -> C:\Program Files\Autodesk\AutoCAD 2022\acad.exe (Autodesk, Inc. -> Autodesk, Inc.) CustomCLSID: HKU\S-1-5-21-2976811078-1773586296-1639784869-1001_Classes\CLSID\{AA46BA8A-9825-40FD-8493-0BA3C4D5CEB5}\localserver32 -> C:\Program Files\Autodesk\AutoCAD 2022\acad.exe (Autodesk, Inc. -> Autodesk, Inc.) CustomCLSID: HKU\S-1-5-21-2976811078-1773586296-1639784869-1001_Classes\CLSID\{E2C40589-DE61-11ce-BAE0-0020AF6D7005}\InprocServer32 -> C:\Program Files\Autodesk\AutoCAD 2022\pl-PL\acadficn.dll (Autodesk Asia Pte. Ltd. -> Autodesk, Inc.) ShellIconOverlayIdentifiers: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Program Files\Microsoft OneDrive\22.099.0508.0001\FileSyncShell64.dll [2022-06-02] (Microsoft Corporation -> Microsoft Corporation) ShellIconOverlayIdentifiers: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => C:\Program Files\Microsoft OneDrive\22.099.0508.0001\FileSyncShell64.dll [2022-06-02] (Microsoft Corporation -> Microsoft Corporation) ShellIconOverlayIdentifiers: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => C:\Program Files\Microsoft OneDrive\22.099.0508.0001\FileSyncShell64.dll [2022-06-02] (Microsoft Corporation -> Microsoft Corporation) ShellIconOverlayIdentifiers: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Program Files\Microsoft OneDrive\22.099.0508.0001\FileSyncShell64.dll [2022-06-02] (Microsoft Corporation -> Microsoft Corporation) ShellIconOverlayIdentifiers: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Program Files\Microsoft OneDrive\22.099.0508.0001\FileSyncShell64.dll [2022-06-02] (Microsoft Corporation -> Microsoft Corporation) ShellIconOverlayIdentifiers: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => C:\Program Files\Microsoft OneDrive\22.099.0508.0001\FileSyncShell64.dll [2022-06-02] (Microsoft Corporation -> Microsoft Corporation) ShellIconOverlayIdentifiers: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => C:\Program Files\Microsoft OneDrive\22.099.0508.0001\FileSyncShell64.dll [2022-06-02] (Microsoft Corporation -> Microsoft Corporation) ShellIconOverlayIdentifiers: [ GoogleDriveCloudOverlayIconHandler] -> {A8E52322-8734-481D-A7E2-27B309EF8D56} => C:\Program Files\Google\Drive File Stream\58.0.3.0\drivefsext.dll [2022-05-16] (Google LLC -> Google, Inc.) ShellIconOverlayIdentifiers: [ GoogleDriveMirrorBlacklistedOverlayIconHandler] -> {51EF1569-67EE-4AD6-9646-E726C3FFC8A2} => C:\Program Files\Google\Drive File Stream\58.0.3.0\drivefsext.dll [2022-05-16] (Google LLC -> Google, Inc.) ShellIconOverlayIdentifiers: [ GoogleDrivePinnedOverlayIconHandler] -> {CFE8B367-77A7-41D7-9C90-75D16D7DC6B6} => C:\Program Files\Google\Drive File Stream\58.0.3.0\drivefsext.dll [2022-05-16] (Google LLC -> Google, Inc.) ShellIconOverlayIdentifiers: [ GoogleDriveProgressOverlayIconHandler] -> {C973DA94-CBDF-4E77-81D1-E5B794FBD146} => C:\Program Files\Google\Drive File Stream\58.0.3.0\drivefsext.dll [2022-05-16] (Google LLC -> Google, Inc.) ShellIconOverlayIdentifiers: [AutoCAD Digital Signatures Icon Overlay Handler] -> {36A21736-36C2-4C11-8ACB-D4136F2B57BD} => C:\Windows\system32\AcSignIcon.dll [2021-01-29] (Autodesk, Inc. -> Autodesk, Inc.) ShellIconOverlayIdentifiers-x32: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Program Files\Microsoft OneDrive\22.099.0508.0001\FileSyncShell64.dll [2022-06-02] (Microsoft Corporation -> Microsoft Corporation) ShellIconOverlayIdentifiers-x32: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => C:\Program Files\Microsoft OneDrive\22.099.0508.0001\FileSyncShell64.dll [2022-06-02] (Microsoft Corporation -> Microsoft Corporation) ShellIconOverlayIdentifiers-x32: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => C:\Program Files\Microsoft OneDrive\22.099.0508.0001\FileSyncShell64.dll [2022-06-02] (Microsoft Corporation -> Microsoft Corporation) ShellIconOverlayIdentifiers-x32: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Program Files\Microsoft OneDrive\22.099.0508.0001\FileSyncShell64.dll [2022-06-02] (Microsoft Corporation -> Microsoft Corporation) ShellIconOverlayIdentifiers-x32: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Program Files\Microsoft OneDrive\22.099.0508.0001\FileSyncShell64.dll [2022-06-02] (Microsoft Corporation -> Microsoft Corporation) ShellIconOverlayIdentifiers-x32: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => C:\Program Files\Microsoft OneDrive\22.099.0508.0001\FileSyncShell64.dll [2022-06-02] (Microsoft Corporation -> Microsoft Corporation) ShellIconOverlayIdentifiers-x32: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => C:\Program Files\Microsoft OneDrive\22.099.0508.0001\FileSyncShell64.dll [2022-06-02] (Microsoft Corporation -> Microsoft Corporation) ContextMenuHandlers1: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files\Microsoft OneDrive\22.099.0508.0001\FileSyncShell64.dll [2022-06-02] (Microsoft Corporation -> Microsoft Corporation) ContextMenuHandlers1: [AcShellExtension.AcContextMenuHandler] -> {2E7A2C6C-B938-40a4-BA1C-C7EC982DC202} => C:\Program Files\Common Files\Autodesk Shared\AcShellEx\AcShellExtension.dll [2021-01-29] (Autodesk, Inc. -> Autodesk) ContextMenuHandlers1: [Adobe.Acrobat.ContextMenu] -> {A6595CD1-BF77-430A-A452-18696685F7C7} => C:\Program Files\Adobe\Acrobat DC\Acrobat Elements\ContextMenuShim64.dll [2022-04-07] (Adobe Inc. -> Adobe Systems Inc.) ContextMenuHandlers1: [DriveFS 28 or later] -> {EE15C2BD-CECB-49F8-A113-CA1BFC528F5B} => C:\Program Files\Google\Drive File Stream\58.0.3.0\drivefsext.dll [2022-05-16] (Google LLC -> Google, Inc.) ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2021-06-15] (win.rar GmbH -> Alexander Roshal) ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2021-06-15] (win.rar GmbH -> Alexander Roshal) ContextMenuHandlers4: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files\Microsoft OneDrive\22.099.0508.0001\FileSyncShell64.dll [2022-06-02] (Microsoft Corporation -> Microsoft Corporation) ContextMenuHandlers4: [DriveFS 28 or later] -> {EE15C2BD-CECB-49F8-A113-CA1BFC528F5B} => C:\Program Files\Google\Drive File Stream\58.0.3.0\drivefsext.dll [2022-05-16] (Google LLC -> Google, Inc.) ContextMenuHandlers5: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files\Microsoft OneDrive\22.099.0508.0001\FileSyncShell64.dll [2022-06-02] (Microsoft Corporation -> Microsoft Corporation) ContextMenuHandlers5: [DriveFS 28 or later] -> {EE15C2BD-CECB-49F8-A113-CA1BFC528F5B} => C:\Program Files\Google\Drive File Stream\58.0.3.0\drivefsext.dll [2022-05-16] (Google LLC -> Google, Inc.) ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\Windows\System32\DriverStore\FileRepository\nvam.inf_amd64_b0ff340d610a293e\nvshext.dll [2022-03-16] (Nvidia Corporation -> NVIDIA Corporation) ContextMenuHandlers6: [Adobe.Acrobat.ContextMenu] -> {A6595CD1-BF77-430A-A452-18696685F7C7} => C:\Program Files\Adobe\Acrobat DC\Acrobat Elements\ContextMenuShim64.dll [2022-04-07] (Adobe Inc. -> Adobe Systems Inc.) ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2021-06-15] (win.rar GmbH -> Alexander Roshal) ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2021-06-15] (win.rar GmbH -> Alexander Roshal) ==================== Codecs (filtrowane) ==================== (Załączenie wejścia w fixlist spowoduje usunięcie obiektu z rejestru lub przywrócenie jego domyślnej postaci. Powiązany plik nie zostanie przeniesiony.) HKLM\...\Drivers32: [VIDC.RTV1] => C:\Windows\system32\rtvcvfw64.dll [246272 2012-09-28] () [Brak podpisu cyfrowego] HKLM\...\Drivers32: [VIDC.RTV1] => C:\Windows\SysWOW64\rtvcvfw32.dll [247296 2012-09-28] () [Brak podpisu cyfrowego] ==================== Skróty & WMI ======================== (Wybrane wejścia mogą zostać załączone w celu ich zresetowania lub usunięcia.) Shortcut: C:\Users\Mati\Desktop\Google Drive.lnk -> C:\Program Files\Google\Drive File Stream\launch.bat () ==================== Załadowane moduły (filtrowane) ============= 2021-12-23 16:51 - 2021-12-23 16:51 - 000477696 _____ () [Brak podpisu cyfrowego] \\?\C:\Program Files (x86)\ASUS\ArmouryDevice\node_modules\ffi-napi\prebuilds\win32-ia32\node.napi.node 2021-12-23 16:51 - 2021-12-23 16:51 - 000471040 _____ () [Brak podpisu cyfrowego] \\?\C:\Program Files (x86)\ASUS\ArmouryDevice\node_modules\ref-napi\prebuilds\win32-ia32\node.napi.node 2021-12-23 16:51 - 2021-12-23 16:51 - 000454656 _____ () [Brak podpisu cyfrowego] \\?\C:\Program Files (x86)\ASUS\ArmouryDevice\node_modules\registry-js\prebuilds\win32-ia32\node.napi.node 2022-02-15 22:35 - 2021-12-10 18:55 - 000093184 _____ () [Brak podpisu cyfrowego] C:\Program Files (x86)\ASUS\ArmouryDevice\dll\ArmourySocketServer\zlibwapi.dll 2021-12-23 16:51 - 2021-12-23 16:51 - 000081920 _____ () [Brak podpisu cyfrowego] C:\Program Files (x86)\ASUS\ArmouryDevice\dll\WindowID\WindowID.dll 2021-02-01 21:49 - 2021-02-01 21:49 - 000010240 _____ () [Brak podpisu cyfrowego] C:\Program Files\Adobe\Acrobat DC\Acrobat\locale\pl_pl\acrotray.pol 2022-05-22 19:49 - 2022-05-22 19:49 - 080653824 _____ () [Brak podpisu cyfrowego] C:\Program Files\WindowsApps\B9ECED6F.ArmouryCrate_5.1.5.0_x64__qmba6cd70vzyy\ArmouryCrate.dll 2020-05-27 02:08 - 2020-05-27 02:08 - 002831360 _____ (Apache Software Foundation) [Brak podpisu cyfrowego] C:\Program Files (x86)\LightingService\log4cxx.dll 2022-04-21 16:21 - 2022-04-21 16:21 - 042859520 _____ (Intel Corporation) [Brak podpisu cyfrowego] C:\Program Files\WindowsApps\AppUp.IntelGraphicsExperience_1.100.3408.0_x64__8j3eq9eme6ctt\IGCC.dll 2022-02-15 22:35 - 2021-12-10 18:55 - 003394560 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [Brak podpisu cyfrowego] C:\Program Files (x86)\ASUS\ArmouryDevice\dll\ArmourySocketServer\libcrypto-1_1-x64.dll 2022-02-15 22:35 - 2021-12-10 18:55 - 000679424 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [Brak podpisu cyfrowego] C:\Program Files (x86)\ASUS\ArmouryDevice\dll\ArmourySocketServer\libssl-1_1-x64.dll ==================== Alternate Data Streams (filtrowane) ======== ==================== Tryb awaryjny (filtrowane) ================== ==================== Powiązania plików (filtrowane) ================= (Załączenie wejścia w fixlist spowoduje usunięcie obiektu z rejestru lub przywrócenie jego domyślnej postaci.) HKU\S-1-5-21-2976811078-1773586296-1639784869-1001\Software\Classes\.scr: AutoCADScriptFile => C:\Windows\system32\notepad.exe "%1" ==================== Internet Explorer (filtrowane) ========== SearchScopes: HKU\S-1-5-21-2976811078-1773586296-1639784869-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-21-2976811078-1773586296-1639784869-1001 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = BHO: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2022-04-07] (Adobe Inc. -> Adobe Systems Incorporated) BHO: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2022-04-07] (Adobe Inc. -> Adobe Systems Incorporated) BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2022-03-05] (Microsoft Corporation -> Microsoft Corporation) BHO-x32: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2022-04-07] (Adobe Inc. -> Adobe Systems Incorporated) BHO-x32: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2022-04-07] (Adobe Inc. -> Adobe Systems Incorporated) Toolbar: HKLM - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2022-04-07] (Adobe Inc. -> Adobe Systems Incorporated) Toolbar: HKLM-x32 - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2022-04-07] (Adobe Inc. -> Adobe Systems Incorporated) Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2022-05-30] (Microsoft Corporation -> Microsoft Corporation) Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2022-05-30] (Microsoft Corporation -> Microsoft Corporation) Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2022-05-30] (Microsoft Corporation -> Microsoft Corporation) Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2022-05-30] (Microsoft Corporation -> Microsoft Corporation) Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2022-05-30] (Microsoft Corporation -> Microsoft Corporation) Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2022-05-30] (Microsoft Corporation -> Microsoft Corporation) Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2022-05-30] (Microsoft Corporation -> Microsoft Corporation) Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2022-05-30] (Microsoft Corporation -> Microsoft Corporation) (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru.) IE trusted site: HKU\S-1-5-21-2976811078-1773586296-1639784869-1001\...\sharepoint.com -> hxxps://pollubpl-files.sharepoint.com ==================== Hosts - zawartość: ========================= (Użycie dyrektywy Hosts: w fixlist spowoduje reset pliku Hosts.) 2019-12-07 11:14 - 2022-02-22 00:47 - 000000822 _____ C:\Windows\system32\drivers\etc\hosts 2021-12-15 15:42 - 2021-12-15 15:42 - 000000446 _____ C:\Windows\system32\drivers\etc\hosts.ics ==================== Inne obszary =========================== (Obecnie brak automatycznej naprawy dla tej sekcji.) HKU\S-1-5-21-2976811078-1773586296-1639784869-1001\Control Panel\Desktop\\Wallpaper -> C:\Windows\asus\wallpapers\asus.jpg DNS Servers: 192.168.1.1 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1) HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: Off) Zapora systemu Windows [funkcja włączona] ==================== MSCONFIG/TASK MANAGER - Wyłączone elementy == (Załączenie wejścia w fixlist spowoduje jego usunięcie.) HKLM\...\StartupApproved\Run: => "SteelSeriesGG" HKLM\...\StartupApproved\Run32: => "Autodesk Desktop App" HKLM\...\StartupApproved\Run32: => "Autodesk Genuine Service " HKU\S-1-5-21-2976811078-1773586296-1639784869-1001\...\StartupApproved\StartupFolder: => "RT-Automatyczne aktualizacje-AKP.lnk" HKU\S-1-5-21-2976811078-1773586296-1639784869-1001\...\StartupApproved\Run: => "EpicGamesLauncher" HKU\S-1-5-21-2976811078-1773586296-1639784869-1001\...\StartupApproved\Run: => "GogGalaxy" HKU\S-1-5-21-2976811078-1773586296-1639784869-1001\...\StartupApproved\Run: => "OneDrive" HKU\S-1-5-21-2976811078-1773586296-1639784869-1001\...\StartupApproved\Run: => "Spotify" HKU\S-1-5-21-2976811078-1773586296-1639784869-1001\...\StartupApproved\Run: => "com.squirrel.Teams.Teams" HKU\S-1-5-21-2976811078-1773586296-1639784869-1001\...\StartupApproved\Run: => "Opera GX Browser Assistant" HKU\S-1-5-21-2976811078-1773586296-1639784869-1001\...\StartupApproved\Run: => "GoogleDriveFS" HKU\S-1-5-21-2976811078-1773586296-1639784869-1001\...\StartupApproved\Run: => "Steam" HKU\S-1-5-21-2976811078-1773586296-1639784869-1001\...\StartupApproved\Run: => "utweb" ==================== Reguły Zapory systemu Windows (filtrowane) ================ (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) FirewallRules: [{F1575A94-461A-461E-9B14-91CFA1A75E0B}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation) FirewallRules: [{2F6B1DEC-E08A-4EF4-AFB7-E3C750F1C592}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation) FirewallRules: [{8E1160FA-2771-4335-8D99-5B7DE17FAD01}] => (Allow) C:\Program Files (x86)\ASUS\ArmouryDevice\dll\ArmourySocketServer\ArmourySocketServer.exe (ASUSTeK Computer Inc. -> ASUS) FirewallRules: [{36372D08-BCFF-4C84-AAF3-15FB491E5864}] => (Allow) C:\Program Files (x86)\ASUS\ArmouryDevice\asus_framework.exe (ASUSTeK COMPUTER INC. -> ASUSTek Computer Inc.) FirewallRules: [{8EBD8996-2803-4C24-AAA6-B25C88969B61}] => (Allow) C:\Program Files (x86)\ASUS\ArmouryDevice\dll\ArmourySocketServer\ArmouryHtmlDebugServer.exe (ASUSTeK Computer Inc. -> ASUS) FirewallRules: [{1FC21B34-EA5C-40CF-855D-BE38E8A8F270}] => (Allow) C:\Program Files\ASUS\ARMOURY CRATE Service\MobilePlugin\AutoConnectHelper.exe (ASUSTeK COMPUTER INC. -> ) FirewallRules: [{B3F61726-E367-4B6B-86FA-34B0FA93AF77}] => (Allow) C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe => Brak pliku FirewallRules: [{0EC6A805-8546-4C71-914E-B27EF3CA14D4}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation) FirewallRules: [{75A68BA9-D0D5-4974-BF12-17BAC03784C5}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation) FirewallRules: [{20BBFB0C-9E5D-443C-9DAB-AB88D7B7FD98}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation) FirewallRules: [{AF99F433-0EDA-41ED-8D1B-9F27BBFF86CE}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation) FirewallRules: [TCP Query User{AC6CFBF0-E738-4EBF-AD4F-39FF7C0C552C}C:\users\mati\appdata\roaming\spotify\spotify.exe] => (Block) C:\users\mati\appdata\roaming\spotify\spotify.exe (Spotify AB -> Spotify Ltd) FirewallRules: [UDP Query User{A4D98B2E-1945-48F1-8142-30C308992B87}C:\users\mati\appdata\roaming\spotify\spotify.exe] => (Block) C:\users\mati\appdata\roaming\spotify\spotify.exe (Spotify AB -> Spotify Ltd) FirewallRules: [{B75875B0-5CAC-4AE8-B891-C1D69D413D83}] => (Allow) C:\Users\Mati\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc -> BitTorrent Inc.) FirewallRules: [{0CD0C64A-D034-4AE0-9B7B-4A7DF1CC5C47}] => (Allow) C:\Users\Mati\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc -> BitTorrent Inc.) FirewallRules: [TCP Query User{49C6AA17-1862-48ED-823F-B59E39922946}C:\users\mati\appdata\local\programs\opera gx\opera.exe] => (Block) C:\users\mati\appdata\local\programs\opera gx\opera.exe (Opera Software AS -> Opera Software) FirewallRules: [UDP Query User{1D16B973-1011-4F25-ADBD-397D4C91EA08}C:\users\mati\appdata\local\programs\opera gx\opera.exe] => (Block) C:\users\mati\appdata\local\programs\opera gx\opera.exe (Opera Software AS -> Opera Software) FirewallRules: [TCP Query User{14E9ECDA-6DAA-4BEB-9DF5-945E30E4A50A}C:\program files\epic games\gtav\gta5.exe] => (Block) C:\program files\epic games\gtav\gta5.exe (Rockstar Games, Inc. -> Rockstar Games) FirewallRules: [UDP Query User{1BB31032-72F7-4E24-84E5-1A6486475514}C:\program files\epic games\gtav\gta5.exe] => (Block) C:\program files\epic games\gtav\gta5.exe (Rockstar Games, Inc. -> Rockstar Games) FirewallRules: [TCP Query User{D771343B-0ACB-4092-A5C8-12AFCA5FE447}C:\users\mati\appdata\roaming\spotify\spotify.exe] => (Block) C:\users\mati\appdata\roaming\spotify\spotify.exe (Spotify AB -> Spotify Ltd) FirewallRules: [UDP Query User{62A6E966-E75D-4564-A20E-546B741B7571}C:\users\mati\appdata\roaming\spotify\spotify.exe] => (Block) C:\users\mati\appdata\roaming\spotify\spotify.exe (Spotify AB -> Spotify Ltd) FirewallRules: [TCP Query User{CA8D6240-33A7-4203-B4E1-251A038C585B}C:\users\mati\appdata\local\programs\opera gx\opera.exe] => (Block) C:\users\mati\appdata\local\programs\opera gx\opera.exe (Opera Software AS -> Opera Software) FirewallRules: [UDP Query User{5365A11B-1563-4E1A-A78E-890D383087DC}C:\users\mati\appdata\local\programs\opera gx\opera.exe] => (Block) C:\users\mati\appdata\local\programs\opera gx\opera.exe (Opera Software AS -> Opera Software) FirewallRules: [TCP Query User{C0B741D3-9786-4A59-AA2B-2EFEC83274DA}C:\program files (x86)\dodi-repacks\grand theft auto the trilogy the definitive edition\gta iii - definitive edition\gameface\binaries\win64\libertycity.exe] => (Block) C:\program files (x86)\dodi-repacks\grand theft auto the trilogy the definitive edition\gta iii - definitive edition\gameface\binaries\win64\libertycity.exe => Brak pliku FirewallRules: [UDP Query User{EE94697E-2BB8-4CDD-B6B1-5E5DCCBD0F62}C:\program files (x86)\dodi-repacks\grand theft auto the trilogy the definitive edition\gta iii - definitive edition\gameface\binaries\win64\libertycity.exe] => (Block) C:\program files (x86)\dodi-repacks\grand theft auto the trilogy the definitive edition\gta iii - definitive edition\gameface\binaries\win64\libertycity.exe => Brak pliku FirewallRules: [{257C125B-055F-4C0F-BFDA-8CA473AA3BBD}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve Corp. -> Valve Corporation) FirewallRules: [{8C594976-98DB-47E2-A85D-8FA3A59347A5}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve Corp. -> Valve Corporation) FirewallRules: [{97AB5E70-0C70-4D45-8B2A-EB5C31AC0856}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corp. -> Valve Corporation) FirewallRules: [{4054D5EE-35BD-47AA-841E-9E18074022E5}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corp. -> Valve Corporation) FirewallRules: [TCP Query User{DE1927AE-B90A-4619-A8D2-C3D1BD8F9C0A}C:\program files (x86)\dodi-repacks\farming simulator 22\x64\farmingsimulator2022game.exe] => (Allow) C:\program files (x86)\dodi-repacks\farming simulator 22\x64\farmingsimulator2022game.exe => Brak pliku FirewallRules: [UDP Query User{4CC047B3-11C5-4A92-90F2-F6DC291A03A6}C:\program files (x86)\dodi-repacks\farming simulator 22\x64\farmingsimulator2022game.exe] => (Allow) C:\program files (x86)\dodi-repacks\farming simulator 22\x64\farmingsimulator2022game.exe => Brak pliku FirewallRules: [TCP Query User{7E37CEF5-F980-4B7F-9137-4987908C5C87}C:\users\mati\appdata\local\microsoft\teams\current\teams.exe] => (Block) C:\users\mati\appdata\local\microsoft\teams\current\teams.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [UDP Query User{1A4420C8-36B6-476D-85F0-7C5A8C0EDD2F}C:\users\mati\appdata\local\microsoft\teams\current\teams.exe] => (Block) C:\users\mati\appdata\local\microsoft\teams\current\teams.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [TCP Query User{11F1DF7B-C01B-49A3-9761-7156EB859302}C:\program files (x86)\dodi-repacks\farming simulator 22\x64\farmingsimulator2022game.exe] => (Block) C:\program files (x86)\dodi-repacks\farming simulator 22\x64\farmingsimulator2022game.exe => Brak pliku FirewallRules: [UDP Query User{0D4086D9-0AD7-47BD-8FC6-082492E7A78E}C:\program files (x86)\dodi-repacks\farming simulator 22\x64\farmingsimulator2022game.exe] => (Block) C:\program files (x86)\dodi-repacks\farming simulator 22\x64\farmingsimulator2022game.exe => Brak pliku FirewallRules: [TCP Query User{A0995819-3886-47EE-9041-28A4DB08F8E9}C:\program files (x86)\gog galaxy\games\the witcher 2\bin\witcher2.exe] => (Block) C:\program files (x86)\gog galaxy\games\the witcher 2\bin\witcher2.exe => Brak pliku FirewallRules: [UDP Query User{F1AD92CE-40F6-4EDB-9F64-BF56C58732BF}C:\program files (x86)\gog galaxy\games\the witcher 2\bin\witcher2.exe] => (Block) C:\program files (x86)\gog galaxy\games\the witcher 2\bin\witcher2.exe => Brak pliku FirewallRules: [{78373F73-4EBF-4BB5-B736-CBD6CAEDCF13}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [TCP Query User{143AB4D3-47FF-471C-8A33-290DBC7DB06F}C:\users\mati\appdata\local\microsoft\teams\current\teams.exe] => (Allow) C:\users\mati\appdata\local\microsoft\teams\current\teams.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [UDP Query User{982143BB-A25A-4984-8C7A-AA3E2FD25BB9}C:\users\mati\appdata\local\microsoft\teams\current\teams.exe] => (Allow) C:\users\mati\appdata\local\microsoft\teams\current\teams.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [{9DAC585F-3E70-411A-A355-83B421148E43}] => (Allow) C:\Program Files (x86)\ASUS\ArmouryDevice\asus_framework.exe (ASUSTeK COMPUTER INC. -> ASUSTek Computer Inc.) FirewallRules: [{78C20847-DAE1-4A22-BC63-B2290BE015EB}] => (Allow) C:\Program Files (x86)\ASUS\ArmouryDevice\dll\ArmourySocketServer\ArmouryHtmlDebugServer.exe (ASUSTeK Computer Inc. -> ASUS) FirewallRules: [{E6BF284B-C780-4D6A-8F32-19586DF730F0}] => (Allow) C:\Program Files (x86)\ASUS\ArmouryDevice\dll\ArmourySocketServer\ArmourySocketServer.exe (ASUSTeK Computer Inc. -> ASUS) FirewallRules: [TCP Query User{42AEF3AB-AFC4-468B-AAF1-C0D0ECDB9E73}C:\program files (x86)\gog galaxy\games\cyberpunk 2077\bin\x64\cyberpunk2077.exe] => (Allow) C:\program files (x86)\gog galaxy\games\cyberpunk 2077\bin\x64\cyberpunk2077.exe => Brak pliku FirewallRules: [UDP Query User{8C1BC723-B301-490F-AEE0-21C696A6FBE9}C:\program files (x86)\gog galaxy\games\cyberpunk 2077\bin\x64\cyberpunk2077.exe] => (Allow) C:\program files (x86)\gog galaxy\games\cyberpunk 2077\bin\x64\cyberpunk2077.exe => Brak pliku FirewallRules: [{3F95A3DA-E3C3-40F9-B3EB-565B872B5C9C}] => (Allow) C:\Users\Mati\AppData\Roaming\uTorrent Web\utweb.exe (BitTorrent Inc -> BitTorrent Inc.) FirewallRules: [{0DA5F580-D35C-4726-8A09-DC4DC84D5602}] => (Allow) C:\Users\Mati\AppData\Roaming\uTorrent Web\utweb.exe (BitTorrent Inc -> BitTorrent Inc.) FirewallRules: [TCP Query User{B18DF273-8FFF-403A-B95C-87A73138D36B}C:\users\mati\appdata\roaming\utorrent web\utweb.exe] => (Allow) C:\users\mati\appdata\roaming\utorrent web\utweb.exe (BitTorrent Inc -> BitTorrent Inc.) FirewallRules: [UDP Query User{B5D13AB7-AADE-4BBF-BFCF-1A3A6C6AA50C}C:\users\mati\appdata\roaming\utorrent web\utweb.exe] => (Allow) C:\users\mati\appdata\roaming\utorrent web\utweb.exe (BitTorrent Inc -> BitTorrent Inc.) FirewallRules: [{9F99DB10-3EA9-44CA-A354-DF7B6F53DC59}] => (Allow) C:\Program Files\WindowsApps\B9ECED6F.ASUSPCAssistant_3.1.4.0_x64__qmba6cd70vzyy\MyASUS\AsusMyASUS.exe (ASUSTeK COMPUTER INC.) [Brak podpisu cyfrowego] FirewallRules: [{BC2854C7-FF9F-40D2-9012-2654C75BB58F}] => (Allow) C:\Program Files\WindowsApps\B9ECED6F.ASUSPCAssistant_3.1.4.0_x64__qmba6cd70vzyy\MyASUS\AsusMyASUS.exe (ASUSTeK COMPUTER INC.) [Brak podpisu cyfrowego] FirewallRules: [{2E9A0658-C34E-4045-A1F8-2DCBE70E27CD}] => (Allow) C:\Program Files\WindowsApps\B9ECED6F.ASUSPCAssistant_3.1.4.0_x64__qmba6cd70vzyy\MyASUS\AsusMyASUS.exe (ASUSTeK COMPUTER INC.) [Brak podpisu cyfrowego] FirewallRules: [{E4DFB354-A9EF-4C64-91C7-75C026DEB944}] => (Allow) C:\Program Files\WindowsApps\B9ECED6F.ASUSPCAssistant_3.1.4.0_x64__qmba6cd70vzyy\MyASUS\AsusMyASUS.exe (ASUSTeK COMPUTER INC.) [Brak podpisu cyfrowego] FirewallRules: [TCP Query User{3BE64653-F505-43A8-B26C-BA0B30C24315}C:\program files\rstudio\bin\rsession-utf8.exe] => (Block) C:\program files\rstudio\bin\rsession-utf8.exe (RStudio, PBC) [Brak podpisu cyfrowego] FirewallRules: [UDP Query User{3141E321-7D12-46C5-8798-CAA5F2680DBB}C:\program files\rstudio\bin\rsession-utf8.exe] => (Block) C:\program files\rstudio\bin\rsession-utf8.exe (RStudio, PBC) [Brak podpisu cyfrowego] FirewallRules: [{8CE8508F-3ECC-4C00-B00F-ABB6E524BA0E}] => (Allow) C:\Ross-Tech\VCDS-AKP\VCDS.EXE => Brak pliku FirewallRules: [{1BF4C86E-0EB9-4ECD-9401-C500477E43A0}] => (Allow) C:\Ross-Tech\VCDS-AKP\VCIConfig.EXE (ADAKO Adam Kocisz -> Ross-Tech, LLC) FirewallRules: [{0468CE8D-684D-4665-990A-35AE31BFF912}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\101.0.1210.53\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [{D161570D-2060-41D1-9C5A-762A6971C5AB}] => (Allow) C:\Program Files (x86)\ASUS\ROG Live Service\ROGLiveService.exe (ASUSTeK COMPUTER INC. -> ASUSTek COMPUTER INC.) FirewallRules: [{73F4426E-7CDC-465F-8918-0E2E7B85F88D}] => (Allow) C:\Program Files (x86)\ASUS\ROG Live Service\ROGLiveService.exe (ASUSTeK COMPUTER INC. -> ASUSTek COMPUTER INC.) FirewallRules: [{C081B132-D42B-4912-B647-A163181A6972}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.83.3409.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.) FirewallRules: [{2BE8522D-69EC-4E90-9E92-EFAF70DD04EF}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.83.3409.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.) FirewallRules: [{8B365683-7392-414F-A9EB-D3DBA9A05A6D}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.83.3409.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.) FirewallRules: [{DF598EE9-FE05-4749-A1B3-30845644AC93}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.83.3409.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.) FirewallRules: [{A785D6DA-CE38-4662-9635-CA6B34BF58A8}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC) FirewallRules: [TCP Query User{3185A21B-8157-4191-B8FB-E383A28844B4}C:\program files\rstudio\bin\rsession-utf8.exe] => (Block) C:\program files\rstudio\bin\rsession-utf8.exe (RStudio, PBC) [Brak podpisu cyfrowego] FirewallRules: [UDP Query User{27F9AE59-ED51-4993-A81F-05740917E3D7}C:\program files\rstudio\bin\rsession-utf8.exe] => (Block) C:\program files\rstudio\bin\rsession-utf8.exe (RStudio, PBC) [Brak podpisu cyfrowego] FirewallRules: [TCP Query User{056EE980-6717-4E52-81F1-566C7CD69483}C:\users\mati\downloads\battle.realms.zen.edition.v1.56.3\battle.realms.zen.edition.v1.56.3\battle realms\battle_realms_ef.exe] => (Allow) C:\users\mati\downloads\battle.realms.zen.edition.v1.56.3\battle.realms.zen.edition.v1.56.3\battle realms\battle_realms_ef.exe () [Brak podpisu cyfrowego] FirewallRules: [UDP Query User{0EA6D95C-AEA3-430E-8B6B-72D907BF8330}C:\users\mati\downloads\battle.realms.zen.edition.v1.56.3\battle.realms.zen.edition.v1.56.3\battle realms\battle_realms_ef.exe] => (Allow) C:\users\mati\downloads\battle.realms.zen.edition.v1.56.3\battle.realms.zen.edition.v1.56.3\battle realms\battle_realms_ef.exe () [Brak podpisu cyfrowego] FirewallRules: [{4C845AA8-C119-4EDB-9D9B-A696B1182E7B}] => (Allow) C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_5e38ce8081e93b46\ASUSSwitch\AsusSwitchNet.exe (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.) FirewallRules: [{A8EBDDB1-6A50-4856-A478-48B4F08F3839}] => (Allow) C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_5e38ce8081e93b46\ASUSLinkNear\AsusLinkNear.exe (ASUSTeK COMPUTER INC. -> ASUSTek Computer Inc.) FirewallRules: [{EB81B9E5-EEE5-48E4-A5B1-3F3D911B527C}] => (Allow) C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_5e38ce8081e93b46\ASUSSwitch\AsusSwitchNetMDNS.exe (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.) FirewallRules: [{79C9D962-EA96-4BAD-A6F6-1DBBE090F48E}] => (Allow) C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_5e38ce8081e93b46\ASUSLinkRemote\AsusLinkRemoteAgent.exe (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.​) FirewallRules: [{02BA67F0-6CF1-403D-AF1A-2BE8F0B87500}] => (Allow) C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_5e38ce8081e93b46\ASUSLinkRemote\AsusLinkRemoteAgent.exe (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.​) FirewallRules: [{F29A24C6-B75E-4368-B8D5-BC89CA48673B}] => (Allow) C:\Program Files\ASUS\ARMOURY CRATE Service\MobilePlugin\AutoConnectHelper.exe (ASUSTeK COMPUTER INC. -> ) FirewallRules: [{AD29C5EE-E975-41C6-995F-3CCC9EECB9CC}] => (Allow) C:\Program Files\ASUS\ARMOURY CRATE Service\MobilePlugin\AutoConnectHelper.exe (ASUSTeK COMPUTER INC. -> ) ==================== Punkty Przywracania systemu ========================= 03-06-2022 07:24:09 Zaplanowany punkt kontrolny ==================== Wadliwe urządzenia w Menedżerze urządzeń ============ ==================== Błędy w Dzienniku zdarzeń: ======================== Dziennik Aplikacja: ================== Error: (06/13/2022 12:22:05 PM) (Source: Microsoft Security Client) (EventID: 3002) (User: ) Description: Event-ID 3002 Error: (06/13/2022 12:22:05 PM) (Source: Microsoft Security Client) (EventID: 2002) (User: ) Description: Event-ID 2002 Error: (06/13/2022 12:22:05 PM) (Source: Microsoft Security Client) (EventID: 2003) (User: ) Description: Event-ID 2003 Error: (06/13/2022 12:18:15 PM) (Source: VSS) (EventID: 8193) (User: ) Description: Błąd Usługi kopiowania woluminów w tle: nieoczekiwany błąd podczas wywoływania procedury CoCreateInstance. hr = 0x8007045b, Trwa proces zamykania systemu. . Error: (06/13/2022 12:18:15 PM) (Source: VSS) (EventID: 13) (User: ) Description: Informacje Usługi kopiowania woluminów w tle: nie można uruchomić serwera usługi COM z identyfikatorem CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} i nazwą CEventSystem. [0x8007045b, Trwa proces zamykania systemu. ] Error: (06/13/2022 11:15:18 AM) (Source: DPTF) (EventID: 17) (User: ZARZĄDZANIE NT) Description: Event-ID 17 Error: (06/13/2022 10:55:03 AM) (Source: Application Error) (EventID: 1000) (User: ) Description: Nazwa aplikacji powodującej błąd: SecHealthUI.exe, wersja: 10.0.19041.1566, sygnatura czasowa: 0x4461bc41 Nazwa modułu powodującego błąd: KERNELBASE.dll, wersja: 10.0.19041.1706, sygnatura czasowa: 0x458acb5b Kod wyjątku: 0xc000027b Przesunięcie błędu: 0x000000000010fa32 Identyfikator procesu powodującego błąd: 0x2c08 Godzina uruchomienia aplikacji powodującej błąd: 0x01d87f019ce6abfc Ścieżka aplikacji powodującej błąd: C:\Windows\SystemApps\Microsoft.Windows.SecHealthUI_cw5n1h2txyewy\SecHealthUI.exe Ścieżka modułu powodującego błąd: C:\Windows\System32\KERNELBASE.dll Identyfikator raportu: 4a50231f-c6c6-43e8-8582-2896024a936b Pełna nazwa pakietu powodującego błąd: Microsoft.Windows.SecHealthUI_10.0.19041.1682_neutral__cw5n1h2txyewy Identyfikator aplikacji względem pakietu powodującego błąd: SecHealthUI Error: (06/12/2022 10:22:17 PM) (Source: Microsoft-Windows-Perflib) (EventID: 1023) (User: ZARZĄDZANIE NT) Description: System Windows nie może załadować biblioteki DLL rozszerzalnego licznika „C:\Windows\system32\sysmain.dll” (kod błędu systemu Win32: 126). Dziennik System: ============= Error: (06/13/2022 01:36:13 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: ZARZĄDZANIE NT) Description: Nastąpiło nieoczekiwane zatrzymanie modułu rozszerzalności sieci WLAN. Ścieżka modułu: C:\Windows\system32\IntelIHVRouter08.dll Error: (06/13/2022 01:36:13 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: ZARZĄDZANIE NT) Description: Nastąpiło nieoczekiwane zatrzymanie modułu rozszerzalności sieci WLAN. Ścieżka modułu: C:\Windows\system32\IntelIHVRouter08.dll Error: (06/13/2022 01:36:13 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: ZARZĄDZANIE NT) Description: Nastąpiło nieoczekiwane zatrzymanie modułu rozszerzalności sieci WLAN. Ścieżka modułu: C:\Windows\system32\IntelIHVRouter08.dll Error: (06/13/2022 01:34:32 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Nie można uruchomić usługi Autodesk Desktop Licensing Service z powodu następującego błędu: Usługa nie została uruchomiona z powodu nieudanego logowania. Error: (06/13/2022 01:34:32 PM) (Source: Service Control Manager) (EventID: 7038) (User: ) Description: Usługa AdskLicensingService nie może zalogować się jako NT AUTHORITY\LocalService za pomocą obecnie skonfigurowanego hasła z powodu następującego błędu: Żądanie nie jest obsługiwane. Aby upewnić się, że usługa jest skonfigurowana prawidłowo, użyj przystawki Usługi w programie Microsoft Management Console (MMC). Error: (06/13/2022 01:34:31 PM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: Usługa Autodesk Desktop Licensing Service niespodziewanie zakończyła pracę. Wystąpiło to razy: 1. W przeciągu 1000 milisekund zostanie podjęta następująca czynność korekcyjna: Uruchom usługę ponownie. Error: (06/13/2022 01:27:43 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Nie można uruchomić usługi Autodesk Desktop Licensing Service z powodu następującego błędu: Usługa nie została uruchomiona z powodu nieudanego logowania. Error: (06/13/2022 01:27:43 PM) (Source: Service Control Manager) (EventID: 7038) (User: ) Description: Usługa AdskLicensingService nie może zalogować się jako NT AUTHORITY\LocalService za pomocą obecnie skonfigurowanego hasła z powodu następującego błędu: Żądanie nie jest obsługiwane. Aby upewnić się, że usługa jest skonfigurowana prawidłowo, użyj przystawki Usługi w programie Microsoft Management Console (MMC). Windows Defender: ================ Date: 2022-06-13 11:59:37 Description: Skanowanie produktu Program antywirusowy Microsoft Defender zostało zatrzymane przed ukończeniem. Identyfikator skanowania: {8CC582BA-A93B-40F3-8AA9-406A3446B279} Typ skanowania: Narzędzia chroniące przed złośliwym oprogramowaniem Parametry skanowania: Szybkie skanowanie Użytkownik: ZARZĄDZANIE NT\SYSTEM Date: 2022-06-13 10:43:04 Description: Produkt Program antywirusowy Microsoft Defender wykrył złośliwe oprogramowanie lub inne potencjalnie niechciane oprogramowanie. Aby uzyskać więcej informacji, zobacz: https://go.microsoft.com/fwlink/?linkid=37020&name=Trojan:Win32/Esulat.A!rfn&threatid=2147745898&enterprise=0 Nazwa: Trojan:Win32/Esulat.A!rfn Identyfikator: 2147745898 Ważność: Poważny Kategoria: Koń trojański Ścieżka: file:_C:\$Recycle.Bin\S-1-5-21-2976811078-1773586296-1639784869-1001\$R504WHK.exe Pochodzenie wykrycia: Komputer lokalny Typ wykrycia: Konkretne Źródło wykrycia: Ochrona w czasie rzeczywistym Użytkownik: LAPTOP-EFFTFAAK\Mati Nazwa procesu: C:\Windows\explorer.exe Wersja analizy zabezpieczeń: AV: 1.367.1486.0, AS: 1.367.1486.0, NIS: 1.367.1486.0 Wersja aparatu: AM: 1.1.19200.6, NIS: 1.1.19200.6 Date: 2022-06-12 22:40:35 Description: Produkt Program antywirusowy Microsoft Defender wykrył złośliwe oprogramowanie lub inne potencjalnie niechciane oprogramowanie. Aby uzyskać więcej informacji, zobacz: https://go.microsoft.com/fwlink/?linkid=37020&name=Trojan:Win32/Stealer.ER!MTB&threatid=2147820463&enterprise=0 Nazwa: Trojan:Win32/Stealer.ER!MTB Identyfikator: 2147820463 Ważność: Poważny Kategoria: Koń trojański Ścieżka: process:_pid:21076,ProcessStart:132995400291629806 Pochodzenie wykrycia: Nieznane Typ wykrycia: Konkretne Źródło wykrycia: System Użytkownik: ZARZĄDZANIE NT\SYSTEM Nazwa procesu: C:\Users\Mati\Downloads\Main_Setup_Pass_1234\Setup.exe Wersja analizy zabezpieczeń: AV: 1.367.1460.0, AS: 1.367.1460.0, NIS: 1.367.1460.0 Wersja aparatu: AM: 1.1.19200.6, NIS: 1.1.19200.6 Date: 2022-06-12 22:37:45 Description: Produkt Program antywirusowy Microsoft Defender wykrył złośliwe oprogramowanie lub inne potencjalnie niechciane oprogramowanie. Aby uzyskać więcej informacji, zobacz: https://go.microsoft.com/fwlink/?linkid=37020&name=Trojan:Win32/Stealer.ER!MTB&threatid=2147820463&enterprise=0 Nazwa: Trojan:Win32/Stealer.ER!MTB Identyfikator: 2147820463 Ważność: Poważny Kategoria: Koń trojański Ścieżka: process:_pid:9932,ProcessStart:132995398602553964 Pochodzenie wykrycia: Nieznane Typ wykrycia: Konkretne Źródło wykrycia: System Użytkownik: ZARZĄDZANIE NT\SYSTEM Nazwa procesu: C:\Users\Mati\Downloads\Main_Setup_Pass_1234\Setup.exe Wersja analizy zabezpieczeń: AV: 1.367.1460.0, AS: 1.367.1460.0, NIS: 1.367.1460.0 Wersja aparatu: AM: 1.1.19200.6, NIS: 1.1.19200.6 Date: 2022-06-12 22:36:33 Description: Produkt Program antywirusowy Microsoft Defender wykrył złośliwe oprogramowanie lub inne potencjalnie niechciane oprogramowanie. Aby uzyskać więcej informacji, zobacz: https://go.microsoft.com/fwlink/?linkid=37020&name=Trojan:Win32/Formbook!ml&threatid=2147760507&enterprise=0 Nazwa: Trojan:Win32/Formbook!ml Identyfikator: 2147760507 Ważność: Poważny Kategoria: Koń trojański Ścieżka: file:_C:\Users\Mati\Downloads\JuneuInstaller\Installer.exe Pochodzenie wykrycia: Komputer lokalny Typ wykrycia: FastPath Źródło wykrycia: Ochrona w czasie rzeczywistym Użytkownik: LAPTOP-EFFTFAAK\Mati Nazwa procesu: C:\Windows\explorer.exe Wersja analizy zabezpieczeń: AV: 1.367.1460.0, AS: 1.367.1460.0, NIS: 1.367.1460.0 Wersja aparatu: AM: 1.1.19200.6, NIS: 1.1.19200.6 Event[0]: Date: 2022-06-13 11:13:19 Description: Agent ochrony w czasie rzeczywistym produktu Program antywirusowy Microsoft Defender wykrył błąd i jego uruchomienie nie powiodło się. Funkcja: Przy dostępie Kod błędu: 0x8007043c Opis błędu: Tej usługi nie można uruchomić w trybie awaryjnym Przyczyna: Analiza zabezpieczeń dla oprogramowania chroniącego przed złośliwym kodem przestała działać z nieznanej przyczyny. W niektórych przypadkach problem można rozwiązać, uruchamiając ponownie usługę. Date: 2022-06-13 11:11:59 Description: Agent ochrony w czasie rzeczywistym produktu Program antywirusowy Microsoft Defender wykrył błąd i jego uruchomienie nie powiodło się. Funkcja: Przy dostępie Kod błędu: 0x8007043c Opis błędu: Tej usługi nie można uruchomić w trybie awaryjnym Przyczyna: Analiza zabezpieczeń dla oprogramowania chroniącego przed złośliwym kodem przestała działać z nieznanej przyczyny. W niektórych przypadkach problem można rozwiązać, uruchamiając ponownie usługę. Date: 2022-06-13 11:08:58 Description: Agent ochrony w czasie rzeczywistym produktu Program antywirusowy Microsoft Defender wykrył błąd i jego uruchomienie nie powiodło się. Funkcja: Przy dostępie Kod błędu: 0x8007043c Opis błędu: Tej usługi nie można uruchomić w trybie awaryjnym Przyczyna: Analiza zabezpieczeń dla oprogramowania chroniącego przed złośliwym kodem przestała działać z nieznanej przyczyny. W niektórych przypadkach problem można rozwiązać, uruchamiając ponownie usługę. Date: 2022-06-13 11:07:49 Description: Agent ochrony w czasie rzeczywistym produktu Program antywirusowy Microsoft Defender wykrył błąd i jego uruchomienie nie powiodło się. Funkcja: Przy dostępie Kod błędu: 0x8007043c Opis błędu: Tej usługi nie można uruchomić w trybie awaryjnym Przyczyna: Analiza zabezpieczeń dla oprogramowania chroniącego przed złośliwym kodem przestała działać z nieznanej przyczyny. W niektórych przypadkach problem można rozwiązać, uruchamiając ponownie usługę. Date: 2022-04-07 20:10:12 Description: Produkt Program antywirusowy Microsoft Defender napotkał błąd podczas próby aktualizacji analizy zabezpieczeń. Nowa wersja analizy zabezpieczeń: Poprzednia wersja analizy zabezpieczeń: 1.361.1491.0 Źródło aktualizacji: Serwer usługi Microsoft Update Typ analizy zabezpieczeń: Oprogramowanie antywirusowe Typ aktualizacji: Pełne Użytkownik: ZARZĄDZANIE NT\SYSTEM Bieżąca wersja aparatu: Poprzednia wersja aparatu: 1.1.19000.8 Kod błędu: 0x80240438 Opis błędu: Podczas sprawdzania aktualizacji wystąpił nieoczekiwany problem. Aby uzyskać informacje na temat instalowania aktualizacji i rozwiązywania problemów z nimi, zobacz Pomoc i obsługę techniczną. CodeIntegrity: =============== Date: 2022-06-13 13:35:03 Description: Code Integrity determined that a process (\Device\HarddiskVolume3\ProgramData\Microsoft\Windows Defender\Platform\4.18.2203.5-0\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_034e16382545a6a5\igd10iumd64.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2022-06-13 13:34:07 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files\ESET\ESET Security\eamsi.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. ==================== Statystyki pamięci =========================== BIOS: American Megatrends International, LLC. FX506HM.312 03/01/2022 Płyta główna: ASUSTeK COMPUTER INC. FX506HM Procesor: 11th Gen Intel(R) Core(TM) i5-11400H @ 2.70GHz Procent pamięci w użyciu: 40% Całkowita pamięć fizyczna: 16106.84 MB Dostępna pamięć fizyczna: 9628.88 MB Całkowita pamięć wirtualna: 32213.68 MB Dostępna pamięć wirtualna: 24128.94 MB ==================== Dyski ================================ Drive c: (OS) (Fixed) (Total:456 GB) (Free:22.91 GB) (Model: NVMe HFM512GD3JX013N) (Protected) NTFS \\?\Volume{b993af32-546d-4808-a953-c1c71a47ed2f}\ (RECOVERY) (Fixed) (Total:0.98 GB) (Free:0.13 GB) NTFS \\?\Volume{838a7299-a010-4b1c-bf36-c523573cb51a}\ (RESTORE) (Fixed) (Total:19.5 GB) (Free:3.41 GB) NTFS \\?\Volume{ffbaecd7-3d29-4f31-a1c6-0c960ed7f7cf}\ (MYASUS) (Fixed) (Total:0.19 GB) (Free:0.13 GB) FAT32 \\?\Volume{3a9f2da0-e95e-4ca2-9003-8370647073b4}\ (SYSTEM) (Fixed) (Total:0.25 GB) (Free:0.22 GB) FAT32 ==================== MBR & Tablica partycji ==================== ========================================================== Disk: 0 (Size: 476.9 GB) (Disk ID: D83123B3) Partition: GPT. ==================== Koniec Addition.txt =======================