Rezultaty skanu uzupełniającego Farbar Recovery Scan Tool (x64) Wersja: 04.04.2024
Uruchomiony przez keramti (04-04-2024 20:16:30)
Uruchomiony z C:\Users\keramti\Downloads
Microsoft Windows 10 Pro Wersja 22H2 19045.4170 (X64) (2023-09-13 06:27:50)
Tryb startu: Normal
==========================================================


==================== Konta użytkowników: =============================


(Załączenie wejścia w fixlist spowoduje jego usunięcie.)

Administrator (S-1-5-21-3675876383-3003633198-259424462-500 - Administrator - Disabled)
Gość (S-1-5-21-3675876383-3003633198-259424462-501 - Limited - Disabled)
keramti (S-1-5-21-3675876383-3003633198-259424462-1000 - Administrator - Enabled) => C:\Users\keramti
Konto domyślne (S-1-5-21-3675876383-3003633198-259424462-503 - Limited - Disabled)
marek (S-1-5-21-3675876383-3003633198-259424462-1034 - Administrator - Enabled) => C:\Users\marek
WDAGUtilityAccount (S-1-5-21-3675876383-3003633198-259424462-504 - Limited - Disabled)

==================== Centrum zabezpieczeń ========================

(Załączenie wejścia w fixlist spowoduje jego usunięcie.)

AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Zainstalowane programy ======================

(W fixlist dozwolone tylko załączanie programów adware z flagą "Hidden" w celu ich uwidocznienia. Programy adware powinny zostać w poprawny sposób odinstalowane.)

Aktualizacja produktu Microsoft Office Excel 2007 Help (KB963678) (HKLM-x32\...\{90120000-0016-0415-0000-0000000FF1CE}_HOMESTUDENTR_{04E205D6-88B1-4652-B162-42DF2C3B1228}) (Version:  - Microsoft)
Aktualizacja produktu Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM-x32\...\{90120000-0018-0415-0000-0000000FF1CE}_HOMESTUDENTR_{442ECBCF-94A7-48CC-8CD9-D31FFFD5FA86}) (Version:  - Microsoft)
Aktualizacja produktu Microsoft Office Word 2007 Help (KB963665) (HKLM-x32\...\{90120000-001B-0415-0000-0000000FF1CE}_HOMESTUDENTR_{128A36ED-21BE-4547-9FFE-5B85AEC735DD}) (Version:  - Microsoft)
Audacity 3.3.3 (HKLM\...\Audacity_is1) (Version: 3.3.3 - Audacity Team)
CPUID CPU-Z 2.07 (HKLM\...\CPUID CPU-Z_is1) (Version: 2.07 - CPUID, Inc.)
Enlisted Launcher 1.0.3.121 (HKU\S-1-5-21-3675876383-3003633198-259424462-1000\...\{5fcad5a5-d0d8-4edf-a5ba-040b397eac31}}_is1) (Version:  - Gaijin Network)
IObit Uninstaller 13 (HKLM-x32\...\IObitUninstall) (Version: 13.4.0.2 - IObit)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 123.0.2420.65 - Microsoft Corporation)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0016-0415-0000-0000000FF1CE}_HOMESTUDENTR_{01CC3B2D-70DB-49DC-839A-A923D2A39EA4}) (Version:  - Microsoft) Hidden
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0018-0415-0000-0000000FF1CE}_HOMESTUDENTR_{01CC3B2D-70DB-49DC-839A-A923D2A39EA4}) (Version:  - Microsoft) Hidden
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-001B-0415-0000-0000000FF1CE}_HOMESTUDENTR_{01CC3B2D-70DB-49DC-839A-A923D2A39EA4}) (Version:  - Microsoft) Hidden
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-002A-0000-1000-0000000FF1CE}_HOMESTUDENTR_{664655D8-B9BB-455D-8A58-7EAF7B0B2862}) (Version:  - Microsoft) Hidden
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-002A-0415-1000-0000000FF1CE}_HOMESTUDENTR_{0C8AB602-A234-45AB-B355-4C863C1D2FA8}) (Version:  - Microsoft) Hidden
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-006E-0415-0000-0000000FF1CE}_HOMESTUDENTR_{0C8AB602-A234-45AB-B355-4C863C1D2FA8}) (Version:  - Microsoft) Hidden
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-00A1-0415-0000-0000000FF1CE}_HOMESTUDENTR_{01CC3B2D-70DB-49DC-839A-A923D2A39EA4}) (Version:  - Microsoft) Hidden
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version:  - Microsoft)
Microsoft Office Excel MUI (Polish) 2007 (HKLM-x32\...\{90120000-0016-0415-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Home and Student 2007 (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Home and Student 2007 (HKLM-x32\...\HOMESTUDENTR) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Office 64-bit Components 2007 (HKLM\...\{90120000-002A-0000-1000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office OneNote MUI (Polish) 2007 (HKLM-x32\...\{90120000-00A1-0415-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (Polish) 2007 (HKLM-x32\...\{90120000-0018-0415-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (English) 2007 (HKLM-x32\...\{90120000-001F-0409-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (German) 2007 (HKLM-x32\...\{90120000-001F-0407-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Polish) 2007 (HKLM-x32\...\{90120000-001F-0415-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proofing (Polish) 2007 (HKLM-x32\...\{90120000-002C-0415-0000-0000000FF1CE}) (Version: 12.0.4518.1020 - Microsoft Corporation) Hidden
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-001F-0407-0000-0000000FF1CE}_HOMESTUDENTR_{928D7B99-2BEA-49F9-83B8-20FA57860643}) (Version:  - Microsoft) Hidden
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-001F-0409-0000-0000000FF1CE}_HOMESTUDENTR_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}) (Version:  - Microsoft) Hidden
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-001F-0415-0000-0000000FF1CE}_HOMESTUDENTR_{9CC96D78-9E1D-46E0-AF4D-3EB440CD4619}) (Version:  - Microsoft) Hidden
Microsoft Office Shared 64-bit MUI (Polish) 2007 (HKLM\...\{90120000-002A-0415-1000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (Polish) 2007 (HKLM-x32\...\{90120000-006E-0415-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (Polish) 2007 (HKLM-x32\...\{90120000-001B-0415-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft OneDrive (HKU\S-1-5-21-3675876383-3003633198-259424462-1034\...\OneDriveSetup.exe) (Version: 21.220.1024.0005 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{1FC1A6C2-576E-489A-9B4A-92D21F542136}) (Version: 3.74.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x64) - 14.25.28508 (HKLM-x32\...\{6913e92a-b64e-41c9-a5e6-cef39207fe89}) (Version: 14.25.28508.3 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x86) - 14.25.28508 (HKLM-x32\...\{65e650ff-30be-469d-b63a-418d71ea1765}) (Version: 14.25.28508.3 - Microsoft Corporation)
Microsoft Visual C++ 2019 X64 Additional Runtime - 14.25.28508 (HKLM\...\{7D0B74C2-C3F8-4AF1-940F-CD79AB4B2DCE}) (Version: 14.25.28508 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2019 X64 Minimum Runtime - 14.25.28508 (HKLM\...\{EEA66967-97E2-4561-A999-5C22E3CDE428}) (Version: 14.25.28508 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2019 X86 Additional Runtime - 14.25.28508 (HKLM-x32\...\{0FA68574-690B-4B00-89AA-B28946231449}) (Version: 14.25.28508 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2019 X86 Minimum Runtime - 14.25.28508 (HKLM-x32\...\{2BC3BD4D-FABA-4394-93C7-9AC82A263FE2}) (Version: 14.25.28508 - Microsoft Corporation) Hidden
Mozilla Firefox (x64 pl) (HKLM\...\Mozilla Firefox 124.0.2 (x64 pl)) (Version: 124.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 117.0.1 - Mozilla)
Navitel DVR Player (HKLM-x32\...\Navitel DVR Player) (Version: 1.4.2.1132 - Navitel s.r.o)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.9071.1 - Realtek Semiconductor Corp.)
SpeedFan (remove only) (HKLM-x32\...\SpeedFan) (Version:  - )
Sprawdzanie kondycji komputera z systemem Windows (HKLM\...\{41E85393-7ED3-4C54-AC25-51F8CDF39CDF}) (Version: 3.6.2204.08001 - Microsoft Corporation)
Środowisko uruchomieniowe Microsoft Edge WebView2 (HKLM-x32\...\Microsoft EdgeWebView) (Version: 123.0.2420.65 - Microsoft Corporation)
TechPowerUp GPU-Z (HKLM-x32\...\TechPowerUp GPU-Z) (Version:  - TechPowerUp)
Uninstall MioMoreDesktop2 (HKLM\...\5236dd9f-6761-5dde-848b-43005cb55ef7) (Version: 1.4.1 - MiTAC)
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version:  - Microsoft)
Update for Windows 10 for x64-based Systems (KB5001716) (HKLM\...\{B9A7A138-BFD5-4C73-A269-F78CCA28150E}) (Version: 8.94.0.0 - Microsoft Corporation)
Wargaming.net Game Center (HKU\S-1-5-21-3675876383-3003633198-259424462-1000\...\Wargaming.net Game Center) (Version: 24.0.0.5034 - Wargaming.net)
World_of_Warships (HKU\S-1-5-21-3675876383-3003633198-259424462-1000\...\1128724943) (Version:  - Wargaming.net)

Chrome apps:
============
Arkusze (HKU\S-1-5-21-3675876383-3003633198-259424462-1000\...\8d3927cedb65b90ad3363a3098376ecc) (Version: 1.0 - Google\Chrome)
Dokumenty (HKU\S-1-5-21-3675876383-3003633198-259424462-1000\...\cece15083b964f8ab34ed38917bab028) (Version: 1.0 - Google\Chrome)
Prezentacje (HKU\S-1-5-21-3675876383-3003633198-259424462-1000\...\8d1b38395466e5a0bab87257699f6f9f) (Version: 1.0 - Google\Chrome)
YouTube (HKU\S-1-5-21-3675876383-3003633198-259424462-1000\...\52f30ab28c6e528561ed14908ede1e61) (Version: 1.0 - Google\Chrome)

Packages:
=========

Dodatek Aparat multimediów dla aplikacji Zdjęcia -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2024-03-29] (Microsoft Corporation)
Microsoft Copilot -> C:\Program Files\WindowsApps\Microsoft.Windows.Ai.Copilot.Provider_1.0.3.0_neutral__8wekyb3d8bbwe [2024-03-29] (Microsoft Corporation)
Solitaire & Casual Games -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.19.1262.0_x64__8wekyb3d8bbwe [2024-03-29] (Microsoft Studios) [MS Ad]

==================== Niestandardowe rejestracje CLSID (filtrowane): ==============

(Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.)

ContextMenuHandlers1: [IObitUninstaller] -> {836AB26C-2DE4-41D3-AC24-4C6C2699B960} => H:\IObit Uninstaller\IUMenuRight.dll [2022-12-06] (IObit CO., LTD -> IObit)
ContextMenuHandlers4: [IObitUninstaller] -> {836AB26C-2DE4-41D3-AC24-4C6C2699B960} => H:\IObit Uninstaller\IUMenuRight.dll [2022-12-06] (IObit CO., LTD -> IObit)
ContextMenuHandlers5: [ACE] -> {5E2121EE-0300-11D4-8D3B-444553540000} => C:\WINDOWS\System32\atiacm64.dll [2021-12-25] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} =>  -> Brak pliku
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\system32\igfxDTCM.dll [2020-12-01] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers6: [IObitUninstaller] -> {836AB26C-2DE4-41D3-AC24-4C6C2699B960} => H:\IObit Uninstaller\IUMenuRight.dll [2022-12-06] (IObit CO., LTD -> IObit)

==================== Codecs (filtrowane) ====================

==================== Skróty & WMI ========================

==================== Załadowane moduły (filtrowane) =============


==================== Alternate Data Streams (filtrowane) ========

==================== Tryb awaryjny (filtrowane) ==================

==================== Powiązania plików (filtrowane) =================

==================== Internet Explorer (filtrowane) ==========


==================== Hosts - zawartość: =========================

(Użycie dyrektywy Hosts: w fixlist spowoduje reset pliku Hosts.)

2023-09-13 08:45 - 2023-09-13 08:43 - 000000824 ____C C:\WINDOWS\system32\drivers\etc\hosts

==================== Inne obszary ===========================

(Obecnie brak automatycznej naprawy dla tej sekcji.)

HKU\S-1-5-21-3675876383-3003633198-259424462-1000\Control Panel\Desktop\\Wallpaper -> c:\windows\web\wallpaper\theme1\img13.jpg
HKU\S-1-5-21-3675876383-3003633198-259424462-1034\Control Panel\Desktop\\Wallpaper -> C:\WINDOWS\web\wallpaper\Windows\img0.jpg
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: Warn)
Zapora systemu Windows [funkcja włączona]

==================== MSCONFIG/TASK MANAGER - Wyłączone elementy ==

==================== Reguły Zapory systemu Windows (filtrowane) ================

(Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.)

FirewallRules: [{7390A363-DE0C-4359-8690-D507034C4003}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{08E20788-49B1-4FCF-8D44-6336386733CB}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{7154A3CD-0104-4DC6-8DB4-2ADBF474144C}] => (Allow) H:\Office 2007\Office12\ONENOTE.EXE (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{01C992CC-B8CF-4C69-A59C-62A058E50DB3}] => (Allow) H:\Office 2007\Office12\ONENOTE.EXE (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [TCP Query User{69F878AE-04E3-4BFF-ABC6-731D66B0F09C}C:\program files\mozilla firefox\firefox.exe] => (Allow) C:\program files\mozilla firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [UDP Query User{B3B335F1-259B-4A64-8226-46CD11A7AD74}C:\program files\mozilla firefox\firefox.exe] => (Allow) C:\program files\mozilla firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [TCP Query User{A112B8F6-F2C7-41D7-BB79-81DAE0EAA34E}F:\warthunder\win64\aces.exe] => (Allow) F:\warthunder\win64\aces.exe (GAIJIN NETWORK LTD -> Gaijin Entertainment)
FirewallRules: [UDP Query User{5745DC58-5491-45E8-B01E-2286411F5853}F:\warthunder\win64\aces.exe] => (Allow) F:\warthunder\win64\aces.exe (GAIJIN NETWORK LTD -> Gaijin Entertainment)
FirewallRules: [TCP Query User{7982DC01-D216-42E0-9F78-EFDBFF2296E6}F:\warthunder\launcher.exe] => (Allow) F:\warthunder\launcher.exe (GAIJIN NETWORK LTD -> Gaijin)
FirewallRules: [UDP Query User{50DCE8E9-EBD7-477C-AE87-AFED7718157E}F:\warthunder\launcher.exe] => (Allow) F:\warthunder\launcher.exe (GAIJIN NETWORK LTD -> Gaijin)
FirewallRules: [TCP Query User{9F13B3E6-AC2A-4449-8392-6120583CDF39}C:\wargaming.net\gamecenter\wgc.exe] => (Allow) C:\wargaming.net\gamecenter\wgc.exe (Wargaming Group Limited -> Wargaming.net)
FirewallRules: [UDP Query User{EF6C0C15-6CA7-4E31-A6FA-7318436E3D5B}C:\wargaming.net\gamecenter\wgc.exe] => (Allow) C:\wargaming.net\gamecenter\wgc.exe (Wargaming Group Limited -> Wargaming.net)
FirewallRules: [TCP Query User{9D2668D9-DAEE-4BDC-B432-0929207A6DFA}C:\users\keramti\appdata\roaming\crystal-launcher\runtime\64\jdk-17.0.1+12\bin\javaw.exe] => (Allow) C:\users\keramti\appdata\roaming\crystal-launcher\runtime\64\jdk-17.0.1+12\bin\javaw.exe
FirewallRules: [UDP Query User{222F9109-F646-4AB1-9323-C93D1F3AA449}C:\users\keramti\appdata\roaming\crystal-launcher\runtime\64\jdk-17.0.1+12\bin\javaw.exe] => (Allow) C:\users\keramti\appdata\roaming\crystal-launcher\runtime\64\jdk-17.0.1+12\bin\javaw.exe
FirewallRules: [{8D86D19D-692D-46E1-A25B-D40D5DFDAB04}] => (Allow) F:\stem\steam.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{3E395E02-42FA-441D-8621-BC69C45B549A}] => (Allow) F:\stem\steam.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{862036DC-6C99-42D5-B9FF-6A6FD29584B5}] => (Allow) F:\stem\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{467F0A3D-B71D-4535-BB98-C007F3E716D1}] => (Allow) F:\stem\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [TCP Query User{C4240905-83FE-4E9A-BCA2-24A7D1D18E92}F:\stem\steamapps\common\enemy front\bin32\enemyfront.exe] => (Allow) F:\stem\steamapps\common\enemy front\bin32\enemyfront.exe (CI Games S.A.) [Brak podpisu cyfrowego]
FirewallRules: [UDP Query User{6EB5F68A-BFA6-42E2-9D6E-3A266FDF92EB}F:\stem\steamapps\common\enemy front\bin32\enemyfront.exe] => (Allow) F:\stem\steamapps\common\enemy front\bin32\enemyfront.exe (CI Games S.A.) [Brak podpisu cyfrowego]
FirewallRules: [{3305DA74-5BDE-4624-B73B-7990A7657C5A}] => (Allow) D:\SteamLibrary\steamapps\common\SniperGhostWarrior2\Bin32\SniperGhostWarrior2.exe (City Interactive S.A.) [Brak podpisu cyfrowego]
FirewallRules: [{C63A99FD-C4F0-4CBE-A399-206D7F5414D7}] => (Allow) D:\SteamLibrary\steamapps\common\SniperGhostWarrior2\Bin32\SniperGhostWarrior2.exe (City Interactive S.A.) [Brak podpisu cyfrowego]
FirewallRules: [{2070261C-D8C6-4BA9-B51D-20CA959121E6}] => (Allow) D:\Enlisted\launcher.exe (GAIJIN NETWORK LTD -> Gaijin)
FirewallRules: [{CC1DD767-EC94-43F0-849D-37EB3FD45E9B}] => (Allow) D:\Enlisted\launcher.exe (GAIJIN NETWORK LTD -> Gaijin)
FirewallRules: [{9CDDF7B3-815E-468C-B8B8-14F4B73E8B13}] => (Allow) D:\Enlisted\bpreport.exe (Gaijin Network LTD -> )
FirewallRules: [{0C7E4961-9BEC-4F09-A2F6-B9C2726BD70C}] => (Allow) D:\Enlisted\bpreport.exe (Gaijin Network LTD -> )
FirewallRules: [{A2A2ABAA-A5DE-4ED9-8D32-DB5296D497C6}] => (Allow) C:\Users\keramti\AppData\Local\Gaijin\Program Files (x86)\NetAgent\gjagent.exe (GAIJIN NETWORK LTD -> Gaijin)
FirewallRules: [{6B4E6ACF-573C-483C-9FF0-D7B12BEC7675}] => (Allow) C:\Users\keramti\AppData\Local\Gaijin\Program Files (x86)\NetAgent\gjagent.exe (GAIJIN NETWORK LTD -> Gaijin)
FirewallRules: [{CB8616B0-38CF-4DE3-AD7E-5DDD3A1EE5AF}] => (Allow) D:\Enlisted\gaijin_downloader.exe (Gaijin Network Ltd -> Gaijin)
FirewallRules: [{F8DC8DAE-8F88-45BE-93C0-15D3BF957B54}] => (Allow) D:\Enlisted\gaijin_downloader.exe (Gaijin Network Ltd -> Gaijin)
FirewallRules: [{D6DD5301-3ED7-46FE-BB2C-9C1E4EA5CEFC}] => (Allow) LPort=80
FirewallRules: [{3CA455D9-14C7-4C90-8045-E8CF84A1693E}] => (Allow) LPort=443
FirewallRules: [{50A8407C-35A3-4F59-ABD3-68FDB94327BA}] => (Allow) LPort=20010
FirewallRules: [{1B54044B-E85B-408A-8CCA-2406CCCACE1E}] => (Allow) LPort=3478
FirewallRules: [{9713AD7F-8D3F-4252-ABBE-6A03DBC93BD8}] => (Allow) LPort=7850
FirewallRules: [{2F800CC7-B4E3-405B-9591-BAA42CA4AE09}] => (Allow) LPort=7852
FirewallRules: [{53B6E02F-4282-4894-BDC6-D52CA46733F1}] => (Allow) LPort=7853
FirewallRules: [{40DD61E0-4CAA-4191-A0B2-F67D1DBFC7A6}] => (Allow) LPort=27022
FirewallRules: [{32BEA302-21F1-44FC-AFDF-55273F0CE41B}] => (Allow) LPort=6881
FirewallRules: [{D2421548-B011-4E2A-93F6-59ED8B7D427F}] => (Allow) LPort=33333
FirewallRules: [{C18CBE49-54BC-4080-B234-41E0FDC5F0FD}] => (Allow) LPort=20443
FirewallRules: [{3E69F856-829B-4279-89E3-401F1380A0C8}] => (Allow) LPort=8090
FirewallRules: [TCP Query User{41668535-23A1-4D78-89A8-F70E47F58FE5}D:\enlisted\win64\enlisted.exe] => (Allow) D:\enlisted\win64\enlisted.exe (GAIJIN NETWORK LTD -> Gaijin Entertainment)
FirewallRules: [UDP Query User{4EF2567F-4675-429F-BA93-22D5C4209FF5}D:\enlisted\win64\enlisted.exe] => (Allow) D:\enlisted\win64\enlisted.exe (GAIJIN NETWORK LTD -> Gaijin Entertainment)
FirewallRules: [{7A71A811-AEF2-4FD8-8377-BDA7E4271D20}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\123.0.2420.65\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation)

==================== Punkty Przywracania systemu =========================

16-01-2024 22:41:10 Instalator modułów systemu Windows
20-02-2024 23:46:44 Zaplanowany punkt kontrolny
29-02-2024 20:14:35 Zaplanowany punkt kontrolny
29-03-2024 23:08:47 Instalator modułów systemu Windows
30-03-2024 00:24:48 Instalator modułów systemu Windows
30-03-2024 00:25:57 Instalator modułów systemu Windows
30-03-2024 00:26:59 Instalator modułów systemu Windows
02-04-2024 17:14:55 Dysk Google restore point
02-04-2024 17:15:44 Google Chrome restore point
03-04-2024 20:29:12 Malwarebytes version 4.6.8.311 restore point
03-04-2024 20:52:12 Gmail restore point

==================== Wadliwe urządzenia w Menedżerze urządzeń ============

Name: Intel(R) HD Graphics 4600
Description: Intel(R) HD Graphics 4600
Class Guid: {4d36e968-e325-11ce-bfc1-08002be10318}
Manufacturer: Intel Corporation
Service: igfx
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.


==================== Błędy w Dzienniku zdarzeń: ========================

Dziennik Aplikacja:
==================

Dziennik System:
=============
Error: (04/04/2024 08:04:56 PM) (Source: DCOM) (EventID: 10005) (User: KERAMTI73)
Description: Model DCOM odebrał błąd 2 podczas próby uruchomienia usługi GoogleUpdaterInternalService124.0.6315.01da85f46eddc5f6 z argumentami --com-service w celu uruchomienia serwera:
{09E930CC-1089-5647-AAA5-9FCF17A520AD}

Error: (04/04/2024 08:04:56 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Nie można uruchomić usługi GoogleUpdater InternalService 124.0.6315.0 (GoogleUpdaterInternalService124.0.6315.01da85f46eddc5f6) z powodu następującego błędu: 
Nie można odnaleźć określonego pliku.

Error: (04/04/2024 08:04:56 PM) (Source: DCOM) (EventID: 10005) (User: KERAMTI73)
Description: Model DCOM odebrał błąd 2 podczas próby uruchomienia usługi GoogleUpdaterInternalService124.0.6315.01da85f46eddc5f6 z argumentami --com-service w celu uruchomienia serwera:
{09E930CC-1089-5647-AAA5-9FCF17A520AD}

Error: (04/04/2024 08:04:56 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Nie można uruchomić usługi GoogleUpdater InternalService 124.0.6315.0 (GoogleUpdaterInternalService124.0.6315.01da85f46eddc5f6) z powodu następującego błędu: 
Nie można odnaleźć określonego pliku.

Error: (04/04/2024 08:04:56 PM) (Source: DCOM) (EventID: 10005) (User: KERAMTI73)
Description: Model DCOM odebrał błąd 2 podczas próby uruchomienia usługi GoogleUpdaterInternalService124.0.6315.01da85f46eddc5f6 z argumentami --com-service w celu uruchomienia serwera:
{09E930CC-1089-5647-AAA5-9FCF17A520AD}

Error: (04/04/2024 08:04:56 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Nie można uruchomić usługi GoogleUpdater InternalService 124.0.6315.0 (GoogleUpdaterInternalService124.0.6315.01da85f46eddc5f6) z powodu następującego błędu: 
Nie można odnaleźć określonego pliku.

Error: (04/04/2024 08:04:56 PM) (Source: DCOM) (EventID: 10005) (User: KERAMTI73)
Description: Model DCOM odebrał błąd 2 podczas próby uruchomienia usługi GoogleUpdaterInternalService124.0.6315.01da85f46eddc5f6 z argumentami --com-service w celu uruchomienia serwera:
{09E930CC-1089-5647-AAA5-9FCF17A520AD}

Error: (04/04/2024 08:04:56 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Nie można uruchomić usługi GoogleUpdater InternalService 124.0.6315.0 (GoogleUpdaterInternalService124.0.6315.01da85f46eddc5f6) z powodu następującego błędu: 
Nie można odnaleźć określonego pliku.


Windows Defender:
================
Date: 2024-04-03 00:00:09
Description: 
Skanowanie produktu Program antywirusowy Microsoft Defender zostało zatrzymane przed ukończeniem.
Identyfikator skanowania: {29920912-4066-4DAC-AC6F-98D9441FAF3A}
Typ skanowania: Narzędzia chroniące przed złośliwym oprogramowaniem
Parametry skanowania: Pełne skanowanie
Użytkownik: keramti73\keramti

Date: 2024-04-03 00:00:09
Description: 
Produkt Program antywirusowy Microsoft Defender wykrył złośliwe oprogramowanie lub inne potencjalnie niechciane oprogramowanie.
Aby uzyskać więcej informacji, zobacz:
https://go.microsoft.com/fwlink/?linkid=37020&name=HackTool:AndroidOS/Multiverze&threatid=2147788600&enterprise=0
Nazwa: HackTool:AndroidOS/Multiverze
Identyfikator: 2147788600
Ważność: Wysoki
Kategoria: Narzędzie
Ścieżka: file:_C:\Users\marek\OneDrive\Documents\kmsauto-net-portable-zip; file:_C:\Windows.old\Users\TEMP\OneDrive\Documents\kmsauto-net-portable-zip
Pochodzenie wykrycia: Komputer lokalny
Typ wykrycia: Konkretne
Źródło wykrycia: Użytkownik
Użytkownik: keramti73\keramti
Nazwa procesu: Unknown
Wersja analizy zabezpieczeń: AV: 1.407.907.0, AS: 1.407.907.0, NIS: 1.407.907.0
Wersja aparatu: AM: 1.1.24020.9, NIS: 1.1.24020.9

Date: 2024-04-03 00:00:09
Description: 
Produkt Program antywirusowy Microsoft Defender wykrył złośliwe oprogramowanie lub inne potencjalnie niechciane oprogramowanie.
Aby uzyskać więcej informacji, zobacz:
https://go.microsoft.com/fwlink/?linkid=37020&name=Trojan:Script/Wacatac.H!ml&threatid=2147814524&enterprise=0
Nazwa: Trojan:Script/Wacatac.H!ml
Identyfikator: 2147814524
Ważność: Poważny
Kategoria: Koń trojański
Ścieżka: file:_C:\Users\keramti\Downloads\retry.js
Pochodzenie wykrycia: Komputer lokalny
Typ wykrycia: FastPath
Źródło wykrycia: Użytkownik
Użytkownik: keramti73\keramti
Nazwa procesu: Unknown
Wersja analizy zabezpieczeń: AV: 1.407.907.0, AS: 1.407.907.0, NIS: 1.407.907.0
Wersja aparatu: AM: 1.1.24020.9, NIS: 1.1.24020.9

Date: 2024-04-02 23:34:05
Description: 
Produkt Program antywirusowy Microsoft Defender wykrył złośliwe oprogramowanie lub inne potencjalnie niechciane oprogramowanie.
Aby uzyskać więcej informacji, zobacz:
https://go.microsoft.com/fwlink/?linkid=37020&name=Trojan:Script/Wacatac.H!ml&threatid=2147814524&enterprise=0
Nazwa: Trojan:Script/Wacatac.H!ml
Identyfikator: 2147814524
Ważność: Poważny
Kategoria: Koń trojański
Ścieżka: file:_C:\Users\keramti\Downloads\retry.js
Pochodzenie wykrycia: Komputer lokalny
Typ wykrycia: FastPath
Źródło wykrycia: Ochrona w czasie rzeczywistym
Użytkownik: keramti73\keramti
Nazwa procesu: C:\Windows\explorer.exe
Wersja analizy zabezpieczeń: AV: 1.407.907.0, AS: 1.407.907.0, NIS: 1.407.907.0
Wersja aparatu: AM: 1.1.24020.9, NIS: 1.1.24020.9

Date: 2024-04-02 23:18:40
Description: 
Produkt Program antywirusowy Microsoft Defender wykrył złośliwe oprogramowanie lub inne potencjalnie niechciane oprogramowanie.
Aby uzyskać więcej informacji, zobacz:
https://go.microsoft.com/fwlink/?linkid=37020&name=Trojan:Script/Wacatac.H!ml&threatid=2147814524&enterprise=0
Nazwa: Trojan:Script/Wacatac.H!ml
Identyfikator: 2147814524
Ważność: Poważny
Kategoria: Koń trojański
Ścieżka: file:_C:\Users\keramti\Downloads\retry.js
Pochodzenie wykrycia: Komputer lokalny
Typ wykrycia: FastPath
Źródło wykrycia: Ochrona w czasie rzeczywistym
Użytkownik: keramti73\keramti
Nazwa procesu: C:\Windows\explorer.exe
Wersja analizy zabezpieczeń: AV: 1.407.907.0, AS: 1.407.907.0, NIS: 1.407.907.0
Wersja aparatu: AM: 1.1.24020.9, NIS: 1.1.24020.9
Event[0]:

Date: 2024-04-03 00:00:09
Description: 
Podczas skanowania produktu Program antywirusowy Microsoft Defender napotkano błąd. Skanowanie zostało przerwane.
Identyfikator skanowania: {1F8C7ECE-672E-44B8-A0EC-D3F87D4E54A8}
Typ skanowania: Narzędzia chroniące przed złośliwym oprogramowaniem
Parametry skanowania: Skanowanie niestandardowe
Użytkownik: keramti73\keramti
Kod błędu: 0x80508023
Opis błędu: Program nie znalazł na tym urządzeniu złośliwego oprogramowania ani innego potencjalnie niechcianego oprogramowania. 

Date: 2024-03-29 21:52:46
Description: 
Produkt Program antywirusowy Microsoft Defender napotkał błąd podczas próby aktualizacji analizy zabezpieczeń i podejmie próbę powrotu do poprzedniej wersji.
Analiza zabezpieczeń objęta próbą: Bieżące
Kod błędu: 0x80070003
Opis błędu: System nie może odnaleźć określonej ścieżki. 
Wersja analizy zabezpieczeń: 0.0.0.0;0.0.0.0
Wersja aparatu: 0.0.0.0

Date: 2024-01-16 20:25:06
Description: 
aparat Program antywirusowy Microsoft Defender został zakończony z powodu nieoczekiwanego błędu.
Typ błędu: Awaria
Kod wyjątku: 0xc0000005
Zasób: 
Kod aparatu: 0

CodeIntegrity:
===============
Date: 2024-03-29 17:24:23
Description: 
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\SystemSettings.DataModel.dll because the set of per-page image hashes could not be found on the system.

Date: 2024-03-29 17:24:19
Description: 
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\aepic.dll because the set of per-page image hashes could not be found on the system.

Date: 2024-03-13 21:49:18
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume2\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Microsoft signing level requirements.


==================== Statystyki pamięci =========================== 

BIOS: American Megatrends Inc. F3 08/12/2014
Płyta główna: Gigabyte Technology Co., Ltd. Z87-DS3H
Procesor: Intel(R) Core(TM) i5-4440 CPU @ 3.10GHz
Procent pamięci w użyciu: 61%
Całkowita pamięć fizyczna: 8062.64 MB
Dostępna pamięć fizyczna: 3067.96 MB
Całkowita pamięć wirtualna: 12414.64 MB
Dostępna pamięć wirtualna: 6021.49 MB

==================== Dyski ================================

Drive c: (System WIN 10) (Fixed) (Total:237.54 GB) (Free:170.47 GB) (Model: Patriot P210 256GB) NTFS
Drive d: (ADAM) (Fixed) (Total:904.87 GB) (Free:712.48 GB) (Model: Microsoft Storage Space Device) NTFS
Drive e: () (Fixed) (Total:300 GB) (Free:187.15 GB) (Model: TOSHIBA DT01ACA100) NTFS
Drive f: (GRY) (Fixed) (Total:300 GB) (Free:35.28 GB) (Model: TOSHIBA DT01ACA100) NTFS
Drive g: (MP3 I ZDJĘCIA) (Fixed) (Total:231.51 GB) (Free:72.45 GB) (Model: TOSHIBA DT01ACA100) NTFS
Drive h: (PROGRAMY) (Fixed) (Total:100 GB) (Free:33.72 GB) (Model: TOSHIBA DT01ACA100) NTFS
Drive i: (Miejsce do magazynowania) (Fixed) (Total:904.87 GB) (Free:490.97 GB) (Model: Microsoft Storage Space Device) NTFS

\\?\Volume{c60cdb46-afde-11e5-bb23-806e6f6e6963}\ () (Fixed) (Total:0.1 GB) (Free:0.03 GB) NTFS
\\?\Volume{b4ddfa6a-0000-0000-0000-d0683b000000}\ () (Fixed) (Total:0.84 GB) (Free:0.36 GB) NTFS

==================== MBR & Tablica partycji ====================

==========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 238.5 GB) (Disk ID: B4DDFA6A)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=237.5 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=857 MB) - (Type=27)

==========================================================
Disk: 1 (MBR Code: Windows 7/8/10) (Size: 931.5 GB) (Disk ID: 9048626C)
Partition 1: (Not Active) - (Size=931.5 GB) - (Type=42)

==========================================================
Disk: 2 (Protective MBR) (Size: 1863 GB) (Disk ID: 00000000)

Partition: GPT.
Attempted reading MBR returned 0 bytes.
 Could not read MBR for disk 3.
Attempted reading MBR returned 0 bytes.
 Could not read MBR for disk 4.

==================== Koniec  Addition.txt =======================