Rezultaty skanu uzupełniającego Farbar Recovery Scan Tool (x64) Wersja: 05-03-2023 Uruchomiony przez divof (08-03-2023 19:21:30) Uruchomiony z D:\Pobrane Microsoft Windows 11 Home Wersja 22H2 22621.1265 (X64) (2022-10-11 19:41:16) Tryb startu: Normal ========================================================== ==================== Konta użytkowników: ============================= (Załączenie wejścia w fixlist spowoduje jego usunięcie.) Administrator (S-1-5-21-3658810115-1074333133-829773096-500 - Administrator - Disabled) divof (S-1-5-21-3658810115-1074333133-829773096-1001 - Administrator - Enabled) => C:\Users\divof Gość (S-1-5-21-3658810115-1074333133-829773096-501 - Limited - Disabled) Konto domyślne (S-1-5-21-3658810115-1074333133-829773096-503 - Limited - Disabled) WDAGUtilityAccount (S-1-5-21-3658810115-1074333133-829773096-504 - Limited - Disabled) ==================== Centrum zabezpieczeń ======================== (Załączenie wejścia w fixlist spowoduje jego usunięcie.) AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} ==================== Zainstalowane programy ====================== (W fixlist dozwolone tylko załączanie programów adware z flagą "Hidden" w celu ich uwidocznienia. Programy adware powinny zostać w poprawny sposób odinstalowane.) Adobe Photoshop 2021 (HKLM-x32\...\PHSP_22_0) (Version: 22.0.0.35 - Adobe Inc.) ANT Drivers Installer x64 (HKLM\...\{FFDE93F1-4C9B-41B5-973D-015467E0B59F}) (Version: 2.3.4 - Garmin Ltd or its subsidiaries) Hidden Asystent instalacji systemu Windows 11 (HKLM-x32\...\{115DF11E-4B4C-4EA9-9A79-00DB0C7EF02D}) (Version: 1.4.19041.1401 - Microsoft Corporation) Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment) Brave (HKLM-x32\...\BraveSoftware Brave-Browser) (Version: 110.1.48.171 - Autorzy Brave) Brother MFL-Pro Suite DCP-J315W (HKLM-x32\...\{FB83EAC4-E3F6-4666-B45B-44522F2344B6}) (Version: 2.0.0.0 - Brother Industries, Ltd.) DocBackupAP (HKLM-x32\...\DocBackupAP) (Version: - ) Documentation Manager (HKLM\...\{E80BFF97-B9A6-41B6-8686-7A7CC235AB91}) (Version: 22.100.1.1 - Intel Corporation) Hidden Elevated Installer (HKLM-x32\...\{F5AC76EB-5DB5-4A6D-B673-6D75B84948AC}) (Version: 7.16.1.0 - Garmin Ltd or its subsidiaries) Hidden Epic Games Launcher Prerequisites (x64) (HKLM\...\{F9C5C994-F6B9-4D75-B3E7-AD01B84073E9}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden FileZilla 3.63.1 (HKU\S-1-5-21-3658810115-1074333133-829773096-1001\...\FileZilla Client) (Version: 3.63.1 - Tim Kosse) Free Download Manager (HKLM\...\{0C1D4CF2-5575-4786-834C-B0FC977E9714}}_is1) (Version: 6.18.1.4920 - Softdeluxe) Garmin Express (HKLM-x32\...\{4143C81A-0FC9-430B-A58E-C9BF7D4915FA}) (Version: 7.16.1.0 - Garmin Ltd or its subsidiaries) Hidden Garmin Express (HKLM-x32\...\{c4a623d3-1300-440d-8664-b0105eab60d5}) (Version: 7.16.1.0 - Garmin Ltd or its subsidiaries) GIMP 2.10.32-1 (HKLM\...\GIMP-2_is1) (Version: 2.10.32 - The GIMP Team) Inkscape (HKLM-x32\...\Inkscape) (Version: 1.1.2- - Inkscape) Intel(R) Computing Improvement Program (HKLM\...\{88B98508-2D8F-46F1-90AD-557BE40C7067}) (Version: 2.4.07642 - Intel Corporation) Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 16.8.3.1003 - Intel Corporation) Intel(R) Rapid Storage Technology (HKLM\...\{F3514E47-5EA1-4BBE-8080-B3489086F64B}) (Version: 16.8.3.1003 - Intel Corporation) Hidden Intel(R) Wireless Bluetooth(R) (HKLM-x32\...\{00002110-0220-1045-84C8-B8D95FA3C8C3}) (Version: 22.110.2.1 - Intel Corporation) Intel® Optane™ Pinning Explorer Extensions (HKLM\...\{4B3C56AB-963E-4F48-9747-05297683DB3B}) (Version: 16.8.3.1003 - Intel Corporation) Intel® Software Installer (HKLM-x32\...\{84a8d138-a6e7-4326-b967-45bd6df40976}) (Version: 22.100.1.1 - Intel Corporation) Hidden Java 8 Update 361 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180361F0}) (Version: 8.0.3610.9 - Oracle Corporation) Launcher Prerequisites (x64) (HKLM-x32\...\{43a03b9c-4770-409c-a999-587b60700b63}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden LibreOffice 7.5.0.3 (HKLM\...\{AE6E3BD6-832E-486F-B040-B06228F447F5}) (Version: 7.5.0.3 - The Document Foundation) Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 110.0.1587.63 - Microsoft Corporation) Microsoft Update Health Tools (HKLM\...\{EF9EBC42-6969-45CE-A8D2-B9249B00C838}) (Version: 5.69.0.0 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.61030 (HKLM\...\{37B8F9C7-03FB-3253-8781-2517C99D7C00}) (Version: 11.0.61030 - Microsoft Corporation) Hidden Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.61030 (HKLM\...\{CF2BEA3C-26EA-32F8-AA9B-331F7E34BA97}) (Version: 11.0.61030 - Microsoft Corporation) Hidden Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61030 (HKLM-x32\...\{B175520C-86A2-35A7-8619-86DC379688B9}) (Version: 11.0.61030 - Microsoft Corporation) Hidden Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61030 (HKLM-x32\...\{BD95A8CD-1D9F-35AD-981A-3E7925026EBB}) (Version: 11.0.61030 - Microsoft Corporation) Hidden Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40660 (HKLM-x32\...\{ef6b00ec-13e1-4c25-9064-b2f383cb8412}) (Version: 12.0.40660.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.40660 (HKLM-x32\...\{61087a79-ac85-455c-934d-1fa22cc64f36}) (Version: 12.0.40660.0 - Microsoft Corporation) Microsoft Visual C++ 2013 x64 Additional Runtime - 12.0.40660 (HKLM\...\{5740BD44-B58D-321A-AFC0-6D3D4556DD6C}) (Version: 12.0.40660 - Microsoft Corporation) Hidden Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.40660 (HKLM\...\{CB0836EC-B072-368D-82B2-D3470BF95707}) (Version: 12.0.40660 - Microsoft Corporation) Hidden Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.40660 (HKLM-x32\...\{7DAD0258-515C-3DD4-8964-BD714199E0F7}) (Version: 12.0.40660 - Microsoft Corporation) Hidden Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.40660 (HKLM-x32\...\{E30D8B21-D82D-3211-82CC-0F0A5D1495E8}) (Version: 12.0.40660 - Microsoft Corporation) Hidden Microsoft Visual C++ 2015-2019 Redistributable (x64) - 14.23.27820 (HKLM-x32\...\{852adda4-4c78-4a38-b583-c0b360a329d6}) (Version: 14.23.27820.0 - Microsoft Corporation) Microsoft Visual C++ 2015-2019 Redistributable (x64) - 14.28.29334 (HKLM-x32\...\{a9cfe9c7-e54f-46cd-9c5c-542ff8e3e8c4}) (Version: 14.28.29334.0 - Microsoft Corporation) Microsoft Visual C++ 2015-2019 Redistributable (x86) - 14.23.27820 (HKLM-x32\...\{45231ab4-69fd-486a-859d-7a59fcd11013}) (Version: 14.23.27820.0 - Microsoft Corporation) Microsoft Visual C++ 2015-2022 Redistributable (x64) - 14.31.31103 (HKLM-x32\...\{2aaf1df0-eb13-4099-9992-962bb4e596d1}) (Version: 14.31.31103.0 - Microsoft Corporation) Microsoft Visual C++ 2015-2022 Redistributable (x86) - 14.30.30704 (HKLM-x32\...\{4d8dcf8c-a72a-43e1-9833-c12724db736e}) (Version: 14.30.30704.0 - Microsoft Corporation) Microsoft Visual C++ 2022 X64 Additional Runtime - 14.31.31103 (HKLM\...\{A977984B-9244-49E3-BD24-43F0A8009667}) (Version: 14.31.31103 - Microsoft Corporation) Hidden Microsoft Visual C++ 2022 X64 Minimum Runtime - 14.31.31103 (HKLM\...\{A181A302-3F6D-4BAD-97A8-A426A6499D78}) (Version: 14.31.31103 - Microsoft Corporation) Hidden Microsoft Visual C++ 2022 X86 Additional Runtime - 14.30.30704 (HKLM-x32\...\{BF08E976-B92E-4336-B56F-2171179476C4}) (Version: 14.30.30704 - Microsoft Corporation) Hidden Microsoft Visual C++ 2022 X86 Minimum Runtime - 14.30.30704 (HKLM-x32\...\{F6080405-9FA8-4CAA-9982-14E95D1A3DAC}) (Version: 14.30.30704 - Microsoft Corporation) Hidden MX vs ATV All Out (HKLM-x32\...\MX vs ATV All Out_is1) (Version: - ) NVIDIA Oprogramowanie systemu PhysX 9.21.0713 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.21.0713 - NVIDIA Corporation) NVIDIA Sterownik dźwięku HD 1.3.39.3 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.39.3 - NVIDIA Corporation) NVIDIA Sterownik graficzny 511.79 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 511.79 - NVIDIA Corporation) OpenAL (HKLM-x32\...\OpenAL) (Version: - ) Opera Stable 95.0.4635.46 (HKU\S-1-5-21-3658810115-1074333133-829773096-1001\...\Opera 95.0.4635.46) (Version: 95.0.4635.46 - Opera Software) Pakiet sterowników systemu Windows - Adafruit Industries LLC (usbser) Ports (02/25/2016 6.2.2600.0) (HKLM\...\1245A5961AC9D2C18ADF9EEC931D77E059B7F74E) (Version: 02/25/2016 6.2.2600.0 - Adafruit Industries LLC) Pakiet sterowników systemu Windows - Arduino LLC (www.arduino.cc) Arduino USB Driver (11/24/2015 1.2.3.0) (HKLM\...\8B585560B248755A6C5A24D5C0F50FA998310883) (Version: 11/24/2015 1.2.3.0 - Arduino LLC (www.arduino.cc)) Pakiet sterowników systemu Windows - Arduino LLC (www.arduino.cc) Genuino USB Driver (01/07/2016 1.0.3.0) (HKLM\...\EC414D98E2986DCA1628FAED2163CD1C9A4ED7EC) (Version: 01/07/2016 1.0.3.0 - Arduino LLC (www.arduino.cc)) Pakiet sterowników systemu Windows - Arduino Srl (www.arduino.org) Arduino USB Driver (03/19/2015 1.1.1.0) (HKLM\...\69E507459B453D69A453EFC9E461FAE1E073408A) (Version: 03/19/2015 1.1.1.0 - Arduino Srl (www.arduino.org)) Pakiet sterowników systemu Windows - Dynastream Innovations, Inc. ANT LibUSB Drivers (04/11/2012 1.2.40.201) (HKLM\...\F9D2A789F9CFF8CEC36B544F53877C80F1F73C46) (Version: 04/11/2012 1.2.40.201 - Dynastream Innovations, Inc.) Pakiet sterowników systemu Windows - libusb-win32 (libusb0) libusb-win32 devices (04/21/2015 1.0.0.0) (HKLM\...\28E91B69CA377EB48D6E1B92C37F897036E8A818) (Version: 04/21/2015 1.0.0.0 - libusb-win32) Pakiet sterowników systemu Windows - Linino (usbser) Ports (01/13/2014 1.0.0.0) (HKLM\...\A2C084AD4515675961A87E71B10E80E4FDCF7FAA) (Version: 01/13/2014 1.0.0.0 - Linino) Pakiet sterowników systemu Windows - Silicon Labs Software (DSI_SiUSBXp_3_1) USB (02/06/2007 3.1) (HKLM\...\D1506E0025B5A3F9EB8270FE81C1EEDD9388B8A2) (Version: 02/06/2007 3.1 - Silicon Labs Software) PDF24 Creator 11.0.1 (HKLM\...\{81A6F461-0DBA-4F12-B56F-0E977EC10576}_is1) (Version: 11.0.1 - PDF24.org) SEDREAP (HKLM-x32\...\SEDREAP) (Version: - ) Skater XL (HKLM-x32\...\Skater XL_is1) (Version: - ) Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation) Super Toy Cars Offroad (HKLM-x32\...\Super Toy Cars Offroad_is1) (Version: - ) Środowisko uruchomieniowe Microsoft Edge WebView2 (HKLM-x32\...\Microsoft EdgeWebView) (Version: 110.0.1587.63 - Microsoft Corporation) Tablet Wacom (HKLM\...\Wacom Tablet Driver) (Version: 6.4.0-11 - Wacom Technology Corp.) Telegram Desktop (HKU\S-1-5-21-3658810115-1074333133-829773096-1001\...\{53F49750-6209-4FBF-9CA8-7A333C87D1ED}_is1) (Version: 4.6.5 - Telegram FZ-LLC) Two Point Hospital (HKLM-x32\...\Two Point Hospital_is1) (Version: - ) Ultimaker Cura 5.2.1 (HKLM-x32\...\Ultimaker Cura 5.2.1-5.2.1) (Version: 5.2.1 - Ultimaker B.V.) VLC media player (HKLM\...\VLC media player) (Version: 3.0.18 - VideoLAN) Windows Driver Package - Arduino LLC (www.arduino.cc) Arduino USB Driver (01/04/2013 1.0.0.0) (HKLM\...\1E3EA5624DD04BEFECF3FFF6D3A21CCE9CD70A91) (Version: 01/04/2013 1.0.0.0 - Arduino LLC (www.arduino.cc)) Windstorm Duology (HKLM-x32\...\Windstorm Duology_is1) (Version: - ) Packages: ========= 7-Zip File Manager (Unofficial) -> C:\Program Files\WindowsApps\HaukeGtze.7-ZipFileManagerUnofficial_1.2107.2.0_x64__6bk20wvc8rfx2 [2022-01-16] (Hauke Hasselberg) Adobe Photoshop Express: edytor obrazów, regulacje, filtry, efekty, krawędzie -> C:\Program Files\WindowsApps\AdobeSystemsIncorporated.AdobePhotoshopExpress_3.5.381.0_x64__ynb6jyjzte8ga [2022-01-15] (Adobe Inc.) Clipchamp -> C:\Program Files\WindowsApps\Clipchamp.Clipchamp_2.2.8.0_neutral__yxz26nhyzhsrt [2022-10-11] (Microsoft Corp.) HP Audio Control -> C:\Program Files\WindowsApps\RealtekSemiconductorCorp.HPAudioControl_1.1.134.0_x64__dt26b99r8h8gj [2022-10-11] (Realtek Semiconductor Corp) HP Support Assistant -> C:\Program Files\WindowsApps\AD2F1837.HPSupportAssistant_9.13.85.0_x64__v10z8vjag6ke6 [2022-01-28] (HP Inc.) HP System Event Utility -> C:\Program Files\WindowsApps\AD2F1837.HPSystemEventUtility_1.2.15.0_x64__v10z8vjag6ke6 [2022-01-19] (HP Inc.) Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2023-01-11] (Microsoft Corporation) [MS Ad] Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2023-01-11] (Microsoft Corporation) [MS Ad] Microsoft Family -> C:\Program Files\WindowsApps\MicrosoftCorporationII.MicrosoftFamily_0.1.28.0_x64__8wekyb3d8bbwe [2022-10-11] (Microsoft Corp.) ms-resource:APP_WINDOW_NAME -> C:\Program Files\WindowsApps\MicrosoftCorporationII.QuickAssist_2.0.5.0_x64__8wekyb3d8bbwe [2022-10-11] (Microsoft Corp.) ms-resource:AppStoreName -> C:\Program Files\WindowsApps\Microsoft.RawImageExtension_2.1.30391.0_x64__8wekyb3d8bbwe [2022-10-11] (Microsoft Corporation) ms-resource:AppxManifest_DisplayName -> C:\Windows\SystemApps\Microsoft.Windows.PrintQueueActionCenter_cw5n1h2txyewy [2022-10-11] (Microsoft Corporation) ms-resource:ProductPkgDisplayName -> C:\WINDOWS\SystemApps\MicrosoftWindows.Client.Core_cw5n1h2txyewy [2023-01-12] (ms-resource:ProductPublisherDisplayName) NVIDIA Control Panel -> C:\Program Files\WindowsApps\NVIDIACorp.NVIDIAControlPanel_8.1.962.0_x64__56jybvy8sckqj [2022-02-26] (NVIDIA Corp.) OMEN Gaming Hub -> C:\Program Files\WindowsApps\AD2F1837.OMENCommandCenter_1101.2210.4.0_x64__v10z8vjag6ke6 [2022-10-30] (HP Inc.) [Startup Task] OMEN Light Studio -> C:\Program Files\WindowsApps\AD2F1837.OMENLightStudio_1.0.19.0_x64__v10z8vjag6ke6 [2022-12-09] (HP Inc.) [Startup Task] Skaner — szybkie i łatwe skanowanie dokumentów -> C:\Program Files\WindowsApps\9390SimonKnuth.ScannerforWindows10_3.0.6.0_x64__69n05hp4v3s90 [2022-01-17] (Simon Knuth) Synaptics TouchPad -> C:\Program Files\WindowsApps\SynapticsIncorporated.SynHPConsumerDApp_19005.35054.0.0_x64__807d65c4rvak2 [2022-01-15] (Synaptics Incorporated) ==================== Niestandardowe rejestracje CLSID (filtrowane): ============== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) ShellIconOverlayIdentifiers: [ OptaneIconOverlay] -> {A3AF6F6C-8BED-3D93-8B5D-33427B5D38E9} => C:\Program Files\Intel\OptaneShellExtensions\OptaneShellExt.dll [2019-07-15] () [Brak podpisu cyfrowego] [Plik w użyciu] ContextMenuHandlers3: [OptaneContextMenu] -> {AD7EBB13-617D-3270-8FA8-46583499C4FB} => C:\Program Files\Intel\OptaneShellExtensions\OptaneShellExt.dll [2019-07-15] () [Brak podpisu cyfrowego] [Plik w użyciu] ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\System32\DriverStore\FileRepository\cui_dc_comp.inf_amd64_16eb18b0e2526e57\igfxDTCM.dll [2018-12-04] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation) ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\System32\DriverStore\FileRepository\nvhmig.inf_amd64_02942c7e340ddcd3\nvshext.dll [2022-02-10] (Nvidia Corporation -> NVIDIA Corporation) ==================== Codecs (filtrowane) ==================== ==================== Skróty & WMI ======================== ==================== Załadowane moduły (filtrowane) ============= 2022-01-17 11:25 - 2005-04-22 05:36 - 000143360 _____ () [Brak podpisu cyfrowego] C:\WINDOWS\system32\BrSNMP64.dll 2022-01-17 11:25 - 2012-07-05 12:32 - 000084480 _____ (Brother Industries, Ltd.) [Brak podpisu cyfrowego] C:\WINDOWS\system32\BrNetSti.dll 2022-01-19 08:20 - 2022-01-19 08:20 - 000014336 _____ (HP Inc.) [Brak podpisu cyfrowego] C:\Program Files\WindowsApps\AD2F1837.HPSystemEventUtility_1.2.15.0_x64__v10z8vjag6ke6\SystemEventUtility\NativeRpcClient.DLL 2022-01-21 21:47 - 2022-01-21 21:47 - 000014848 _____ (HP Inc.) [Brak podpisu cyfrowego] C:\Program Files\WindowsApps\AD2F1837.OMENCommandCenter_1101.2210.4.0_x64__v10z8vjag6ke6\win32\NativeRpcClient.DLL 2019-07-15 10:20 - 2019-07-15 10:20 - 000126976 _____ (Intel Corporation) [Brak podpisu cyfrowego] C:\Program Files\Intel\OptaneShellExtensions\iaStorAfsServiceApi.dll 2022-10-26 18:29 - 2022-10-26 18:31 - 001662976 _____ (Robert Simpson, et al.) [Brak podpisu cyfrowego] C:\Program Files\WindowsApps\AD2F1837.OMENCommandCenter_1101.2210.4.0_x64__v10z8vjag6ke6\win32\SQLite.Interop.dll 2021-07-23 11:36 - 2021-07-23 11:36 - 002122240 _____ (SQLite Development Team) [Brak podpisu cyfrowego] C:\Program Files\Intel\SUR\QUEENCREEK\x64\sqlite3.dll ==================== Alternate Data Streams (filtrowane) ======== ==================== Tryb awaryjny (filtrowane) ================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Wartość "AlternateShell" zostanie przywrócona.) HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HidSpiCx.sys => ""="Driver" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TextInputManagementService => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{5099944A-F6B9-4057-A056-8C550228544C} => ""="Memory" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{5099944A-F6B9-4057-A056-8C550228544C} => "SafeBootDrivers"="1" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\HidSpiCx.sys => ""="Driver" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TextInputManagementService => ""="Service" ==================== Powiązania plików (filtrowane) ================= ==================== Internet Explorer (filtrowane) ========== BHO: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\HP\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll [2022-01-20] (HP Inc. -> HP Inc.) BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_361\bin\ssv.dll [2023-01-09] (Oracle America, Inc. -> Oracle Corporation) BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_361\bin\jp2ssv.dll [2023-01-09] (Oracle America, Inc. -> Oracle Corporation) BHO-x32: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\HP\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll [2022-01-20] (HP Inc. -> HP Inc.) ==================== Hosts - zawartość: ========================= (Użycie dyrektywy Hosts: w fixlist spowoduje reset pliku Hosts.) 2023-03-07 20:13 - 2023-03-07 20:13 - 000000027 _____ C:\WINDOWS\system32\drivers\etc\hosts 127.0.0.1 localhost ==================== Inne obszary =========================== (Obecnie brak automatycznej naprawy dla tej sekcji.) HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Common Files\Oracle\Java\javapath;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Windows\System32\OpenSSH\;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;%SYSTEMROOT%\System32\OpenSSH\ HKU\S-1-5-21-3658810115-1074333133-829773096-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\divof\AppData\Local\Packages\Microsoft.Windows.Photos_8wekyb3d8bbwe\LocalState\PhotosAppBackground\backgroundDefault.jpg DNS Servers: 192.168.8.1 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1) HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: Warn) Zapora systemu Windows [funkcja włączona] Network Binding: ============= Wi-Fi: Realtek LightWeight Filter (NDIS6.40) -> nt_rtf64 (enabled) Ethernet 2: Realtek LightWeight Filter (NDIS6.40) -> nt_rtf64 (enabled) ==================== MSCONFIG/TASK MANAGER - Wyłączone elementy == (Załączenie wejścia w fixlist spowoduje jego usunięcie.) HKLM\...\StartupApproved\Run: => "PDF24" HKLM\...\StartupApproved\Run32: => "ControlCenter3" HKLM\...\StartupApproved\Run32: => "BrStsMon00" HKU\S-1-5-21-3658810115-1074333133-829773096-1001\...\StartupApproved\Run: => "Steam" HKU\S-1-5-21-3658810115-1074333133-829773096-1001\...\StartupApproved\Run: => "EpicGamesLauncher" ==================== Reguły Zapory systemu Windows (filtrowane) ================ (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) FirewallRules: [UDP Query User{0A4ECA94-B1C8-4CD2-A2E7-6C827DDD7358}C:\users\divof\appdata\local\programs\opera\opera.exe] => (Allow) C:\users\divof\appdata\local\programs\opera\opera.exe (Opera Norway AS -> Opera Software) FirewallRules: [TCP Query User{A7852FFF-C955-4EAD-85F9-C1B2AB4C0FDF}C:\users\divof\appdata\local\programs\opera\opera.exe] => (Allow) C:\users\divof\appdata\local\programs\opera\opera.exe (Opera Norway AS -> Opera Software) FirewallRules: [{D2A5512C-E998-4C5C-8DB5-82DF4E8A796B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Heroes of Might & Magic III - HD Edition\HOMM3Launcher.exe () [Brak podpisu cyfrowego] FirewallRules: [{2F2CF314-78C5-448C-8CED-0BD21F8D3C4A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Heroes of Might & Magic III - HD Edition\HOMM3Launcher.exe () [Brak podpisu cyfrowego] FirewallRules: [UDP Query User{D76DD7DF-5AE9-46EE-BEFE-040B2470B6DA}C:\program files\filezilla ftp client\filezilla.exe] => (Allow) C:\program files\filezilla ftp client\filezilla.exe (Tim Kosse -> FileZilla Project) FirewallRules: [TCP Query User{56E2CA07-FEA2-4A84-ACC8-38A53672DA85}C:\program files\filezilla ftp client\filezilla.exe] => (Allow) C:\program files\filezilla ftp client\filezilla.exe (Tim Kosse -> FileZilla Project) FirewallRules: [UDP Query User{C5105869-9A21-414E-AED7-4A37E9AF3011}C:\users\divof\appdata\local\programs\opera\opera.exe] => (Allow) C:\users\divof\appdata\local\programs\opera\opera.exe (Opera Norway AS -> Opera Software) FirewallRules: [TCP Query User{ED34BF60-6958-4ADD-96FF-FFD9F6F5898F}C:\users\divof\appdata\local\programs\opera\opera.exe] => (Allow) C:\users\divof\appdata\local\programs\opera\opera.exe (Opera Norway AS -> Opera Software) FirewallRules: [{0D7B74BF-FF47-4FB7-B5F5-773E775725A8}] => (Allow) C:\Program Files\WindowsApps\MicrosoftTeams_21354.200.1118.3091_x64__8wekyb3d8bbwe\msteams.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [{9BF751BA-8C03-4F0A-BBE9-42EAED6D4748}] => (Allow) C:\Program Files\WindowsApps\MicrosoftTeams_21354.200.1118.3091_x64__8wekyb3d8bbwe\msteams.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [{1E6A75BA-3155-402F-9527-D5B14A4ED9C2}] => (Block) C:\Program Files\Intel\SUR\QUEENCREEK\x64\esrv_svc.exe (Intel Corporation -> ) FirewallRules: [{A60449A6-1FF6-44CE-B86D-3892037F1813}] => (Block) C:\Program Files\Intel\SUR\QUEENCREEK\x64\esrv_svc.exe (Intel Corporation -> ) FirewallRules: [{496EE2CB-137B-4EBE-80AF-1E2C662D2E92}] => (Allow) C:\Program Files\Intel\SUR\QUEENCREEK\x64\esrv_svc.exe (Intel Corporation -> ) FirewallRules: [{FC2AD015-F196-4248-93C9-F3FE334CE631}] => (Allow) C:\Program Files\Intel\SUR\QUEENCREEK\x64\esrv_svc.exe (Intel Corporation -> ) FirewallRules: [{4F96BD4D-2C62-4387-AD4F-EB096DD78506}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve Corp. -> Valve Corporation) FirewallRules: [{78F5C1B2-12DA-4C9E-B09B-C5900DE51ADA}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve Corp. -> Valve Corporation) FirewallRules: [{CE83D657-47D1-40D5-AE3E-6689908493D3}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corp. -> Valve Corporation) FirewallRules: [{CEE49B14-09F6-4B28-A9B4-B0C634A483F5}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corp. -> Valve Corporation) FirewallRules: [{540B4C06-311F-4130-902F-E17AA960BAE7}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe (Valve Corp. -> ) FirewallRules: [{E31E8562-42E5-4366-A816-4CCFEF6CAA2B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe (Valve Corp. -> ) FirewallRules: [{3B2B6741-DE72-4F8D-BE18-9DB6ECB229ED}] => (Allow) C:\Program Files\WindowsApps\AD2F1837.OMENCommandCenter_1101.2210.4.0_x64__v10z8vjag6ke6\win32\HP.Omen.OmenCommandCenter.exe (HP Inc. -> HP Inc.) FirewallRules: [{4EFE1AE0-6055-42CE-9BA7-11D9B77AC4B2}] => (Allow) C:\Program Files\WindowsApps\AD2F1837.OMENCommandCenter_1101.2210.4.0_x64__v10z8vjag6ke6\win32\HP.Omen.OmenCommandCenter.exe (HP Inc. -> HP Inc.) FirewallRules: [{C265EC5F-737A-49BC-B33F-CE22FA5ADEBD}] => (Allow) C:\Program Files\WindowsApps\AD2F1837.OMENCommandCenter_1101.2210.4.0_x64__v10z8vjag6ke6\win32\HP.Omen.OmenCommandCenter.exe (HP Inc. -> HP Inc.) FirewallRules: [{93B4B451-3553-406B-9C66-43447764D391}] => (Allow) C:\Program Files\WindowsApps\AD2F1837.OMENCommandCenter_1101.2210.4.0_x64__v10z8vjag6ke6\win32\HP.Omen.OmenCommandCenter.exe (HP Inc. -> HP Inc.) FirewallRules: [{2ACCD6E0-9482-4177-A655-7EAD79463284}] => (Allow) C:\Program Files\WindowsApps\AD2F1837.OMENCommandCenter_1101.2210.4.0_x64__v10z8vjag6ke6\win32\HP.Omen.OmenCommandCenter.exe (HP Inc. -> HP Inc.) FirewallRules: [{45F9EF90-23D5-4811-8548-02A4CE703A3F}] => (Allow) C:\Program Files\WindowsApps\AD2F1837.OMENCommandCenter_1101.2210.4.0_x64__v10z8vjag6ke6\win32\HP.Omen.OmenCommandCenter.exe (HP Inc. -> HP Inc.) FirewallRules: [{7C5B8714-C295-486D-B382-D9733CEED0B3}] => (Allow) C:\Program Files\WindowsApps\AD2F1837.OMENCommandCenter_1101.2210.4.0_x64__v10z8vjag6ke6\win32\HP.Omen.OmenCommandCenter.exe (HP Inc. -> HP Inc.) FirewallRules: [{20A80901-68E0-481C-9021-5840D2321A3B}] => (Allow) C:\Program Files\WindowsApps\AD2F1837.OMENCommandCenter_1101.2210.4.0_x64__v10z8vjag6ke6\win32\HP.Omen.OmenCommandCenter.exe (HP Inc. -> HP Inc.) FirewallRules: [{CC56394A-D9BE-4073-9FFA-8920466B26BA}] => (Allow) C:\Program Files\WindowsApps\AD2F1837.OMENCommandCenter_1101.2210.4.0_x64__v10z8vjag6ke6\win32\HP.Omen.OmenCommandCenter.exe (HP Inc. -> HP Inc.) FirewallRules: [{43ABED95-76E9-45D5-9DCB-8724AE3F3511}] => (Allow) C:\Program Files\WindowsApps\AD2F1837.OMENCommandCenter_1101.2210.4.0_x64__v10z8vjag6ke6\win32\HP.Omen.OmenCommandCenter.exe (HP Inc. -> HP Inc.) FirewallRules: [{A14EF165-2314-4E86-8FDD-4489DDF63193}] => (Allow) C:\Program Files\WindowsApps\AD2F1837.OMENCommandCenter_1101.2210.4.0_x64__v10z8vjag6ke6\win32\HP.Omen.OmenCommandCenter.exe (HP Inc. -> HP Inc.) FirewallRules: [{F67CCF0B-05F5-4204-B4FA-649FBDA3E490}] => (Allow) C:\Program Files\WindowsApps\AD2F1837.OMENCommandCenter_1101.2210.4.0_x64__v10z8vjag6ke6\win32\HP.Omen.OmenCommandCenter.exe (HP Inc. -> HP Inc.) FirewallRules: [{972AF49B-B17B-47D5-BEC7-DE692404D6C8}] => (Allow) C:\Program Files\WindowsApps\AD2F1837.OMENCommandCenter_1101.2210.4.0_x64__v10z8vjag6ke6\win32\HP.Omen.OmenCommandCenter.exe (HP Inc. -> HP Inc.) FirewallRules: [{25A6456F-896B-49DA-A73C-636F86A0C7A0}] => (Allow) C:\Program Files\WindowsApps\AD2F1837.OMENCommandCenter_1101.2210.4.0_x64__v10z8vjag6ke6\win32\HP.Omen.OmenCommandCenter.exe (HP Inc. -> HP Inc.) FirewallRules: [{C2678E23-4461-4E31-BD42-C2BF7D71AEE0}] => (Allow) C:\Program Files\WindowsApps\AD2F1837.OMENCommandCenter_1101.2210.4.0_x64__v10z8vjag6ke6\win32\OmenCommandCenterBackground.exe (HP Inc. -> HP Inc.) FirewallRules: [{7C667FD5-288B-4D62-A18E-544C07CC9382}] => (Allow) C:\Program Files\WindowsApps\AD2F1837.OMENCommandCenter_1101.2210.4.0_x64__v10z8vjag6ke6\win32\OmenCommandCenterBackground.exe (HP Inc. -> HP Inc.) FirewallRules: [TCP Query User{0AB3DC3B-4892-4586-97FC-A5E8E4259615}C:\program files\ultimaker cura 3.2\cura.exe] => (Allow) C:\program files\ultimaker cura 3.2\cura.exe () [Brak podpisu cyfrowego] FirewallRules: [UDP Query User{919C4B79-8868-4B0E-A5EE-65806EAFC6AC}C:\program files\ultimaker cura 3.2\cura.exe] => (Allow) C:\program files\ultimaker cura 3.2\cura.exe () [Brak podpisu cyfrowego] FirewallRules: [TCP Query User{3FBD9907-BEDA-4AA3-ADAA-447C44AD62FF}C:\program files\ultimaker cura 5.2.1\ultimaker-cura.exe] => (Allow) C:\program files\ultimaker cura 5.2.1\ultimaker-cura.exe () [Brak podpisu cyfrowego] FirewallRules: [UDP Query User{D39BE6D7-F607-4BAD-957D-5340CEB8E31B}C:\program files\ultimaker cura 5.2.1\ultimaker-cura.exe] => (Allow) C:\program files\ultimaker cura 5.2.1\ultimaker-cura.exe () [Brak podpisu cyfrowego] FirewallRules: [TCP Query User{91482644-DB4D-408B-8E78-C165A16B5752}C:\program files (x86)\docbackupjre\j2re1.5.0_22\bin\javaw.exe] => (Allow) C:\program files (x86)\docbackupjre\j2re1.5.0_22\bin\javaw.exe FirewallRules: [UDP Query User{E714150D-8B6E-4A41-99DF-DDD261273663}C:\program files (x86)\docbackupjre\j2re1.5.0_22\bin\javaw.exe] => (Allow) C:\program files (x86)\docbackupjre\j2re1.5.0_22\bin\javaw.exe FirewallRules: [{24AC5AF2-B83F-4345-B213-F7C8CCF037CA}] => (Allow) C:\Program Files\Softdeluxe\Free Download Manager\fdm.exe (Softdeluxe) [Brak podpisu cyfrowego] FirewallRules: [{6B14B181-0C59-4D0C-A730-562AC7A46242}] => (Allow) C:\Program Files\Softdeluxe\Free Download Manager\fdm.exe (Softdeluxe) [Brak podpisu cyfrowego] FirewallRules: [{8543EA3D-646B-454C-827E-D266F491DCA0}] => (Allow) C:\Program Files\Softdeluxe\Free Download Manager\fdm.exe (Softdeluxe) [Brak podpisu cyfrowego] FirewallRules: [{AD540A97-5EAB-4DAB-A897-BDCF6BC3CFF7}] => (Allow) C:\Program Files\Softdeluxe\Free Download Manager\fdm.exe (Softdeluxe) [Brak podpisu cyfrowego] FirewallRules: [{8CA0B61A-66C3-4F24-8C7B-26338B467349}] => (Allow) C:\Program Files\Softdeluxe\Free Download Manager\fdm.exe (Softdeluxe) [Brak podpisu cyfrowego] FirewallRules: [{3567C512-C9E9-4F15-B903-9F8EC6F4D1D4}] => (Allow) C:\Program Files\Softdeluxe\Free Download Manager\fdm.exe (Softdeluxe) [Brak podpisu cyfrowego] FirewallRules: [{8B68711D-D725-4D35-ABD9-5B81A63B9045}] => (Allow) C:\Program Files\BraveSoftware\Brave-Browser\Application\brave.exe (Brave Software, Inc. -> Brave Software, Inc.) FirewallRules: [{69199BF4-7DA0-422F-90A1-CE88E9A501E3}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\110.0.1587.63\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation) ==================== Punkty Przywracania systemu ========================= 25-02-2023 10:14:42 Zaplanowany punkt kontrolny 05-03-2023 12:33:35 Zaplanowany punkt kontrolny 07-03-2023 17:35:41 JRT Pre-Junkware Removal ==================== Wadliwe urządzenia w Menedżerze urządzeń ============ ==================== Błędy w Dzienniku zdarzeń: ======================== Dziennik Aplikacja: ================== Error: (03/07/2023 08:13:45 PM) (Source: VSS) (EventID: 8193) (User: ) Description: Błąd Usługi kopiowania woluminów w tle: nieoczekiwany błąd podczas wywoływania procedury CoCreateInstance. hr = 0x8007045b, Trwa proces zamykania systemu. . Error: (03/07/2023 08:13:45 PM) (Source: VSS) (EventID: 13) (User: ) Description: Informacje Usługi kopiowania woluminów w tle: nie można uruchomić serwera usługi COM z identyfikatorem CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} i nazwą CEventSystem. [0x8007045b, Trwa proces zamykania systemu. ] Dziennik System: ============= Error: (03/08/2023 06:16:37 PM) (Source: Service Control Manager) (EventID: 7009) (User: ) Description: Upłynął limit czasu (30000 ms) podczas oczekiwania na połączenie się z usługą Intel(R) SUR QC Software Asset Manager. Error: (03/07/2023 08:24:36 PM) (Source: Service Control Manager) (EventID: 7009) (User: ) Description: Upłynął limit czasu (30000 ms) podczas oczekiwania na połączenie się z usługą Intel(R) SUR QC Software Asset Manager. Error: (03/07/2023 08:13:46 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: ZARZĄDZANIE NT) Description: Nastąpiło nieoczekiwane zatrzymanie modułu rozszerzalności sieci WLAN. Ścieżka modułu: C:\WINDOWS\system32\IntelIHVRouter08.dll Error: (03/07/2023 08:13:46 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: ZARZĄDZANIE NT) Description: Nastąpiło nieoczekiwane zatrzymanie modułu rozszerzalności sieci WLAN. Ścieżka modułu: C:\WINDOWS\system32\IntelIHVRouter08.dll Windows Defender: ================ Date: 2023-03-08 19:09:39 Description: Produkt Program antywirusowy Microsoft Defender wykrył złośliwe oprogramowanie lub inne potencjalnie niechciane oprogramowanie. Aby uzyskać więcej informacji, zobacz: https://go.microsoft.com/fwlink/?linkid=37020&name=Trojan:Win32/Wacatac.H!ml&threatid=2147814523&enterprise=0 Nazwa: Trojan:Win32/Wacatac.H!ml Identyfikator: 2147814523 Ważność: Poważny Kategoria: Koń trojański Ścieżka: file:_C:\Users\divof\AppData\Local\Temp\Joker Combo Leecher [v1.0].exe Pochodzenie wykrycia: Komputer lokalny Typ wykrycia: FastPath Źródło wykrycia: Ochrona w czasie rzeczywistym Użytkownik: DESKTOP-S9D4C4O\divof Nazwa procesu: D:\Dokumenty\SilverBullet\Joker Combo Leecher [v1.0]\JokerCombo Leecher[v1.0].exe Wersja analizy zabezpieczeń: AV: 1.383.1289.0, AS: 1.383.1289.0, NIS: 1.383.1289.0 Wersja aparatu: AM: 1.1.20000.2, NIS: 1.1.20000.2  ==================== Statystyki pamięci =========================== BIOS: AMI F.16 07/07/2021 Płyta główna: HP 84DA Procesor: Intel(R) Core(TM) i5-8300H CPU @ 2.30GHz Procent pamięci w użyciu: 34% Całkowita pamięć fizyczna: 16192.4 MB Dostępna pamięć fizyczna: 10545.15 MB Całkowita pamięć wirtualna: 17216.4 MB Dostępna pamięć wirtualna: 10122.38 MB ==================== Dyski ================================ Drive c: () (Fixed) (Total:464.96 GB) (Free:306.42 GB) (Model: WDC WDS500G2B0A-00SM50) NTFS Drive d: () (Fixed) (Total:931.51 GB) (Free:458.82 GB) (Model: WDC WDS100T2B0C-00PXH0) NTFS \\?\Volume{4be03f7f-1858-4b99-87d1-9532196f103a}\ () (Fixed) (Total:0.69 GB) (Free:0.11 GB) NTFS \\?\Volume{21b42088-647b-4e7b-aee2-228f3158be8e}\ () (Fixed) (Total:0.09 GB) (Free:0.02 GB) FAT32 ==================== MBR & Tablica partycji ==================== ========================================================== Disk: 0 (MBR Code: Windows 7/8/10) (Size: 465.8 GB) (Disk ID: C75C61EE) Partition: GPT. ========================================================== Disk: 1 (Protective MBR) (Size: 931.5 GB) (Disk ID: 00000000) Partition: GPT. ==================== Koniec Addition.txt =======================