Rezultaty skanu uzupełniającego Farbar Recovery Scan Tool (x64) Wersja: 11-03-2025 Uruchomiony przez Kasia (11-03-2025 17:32:25) Uruchomiony z C:\Users\Dom\Downloads Microsoft Windows 10 Pro Wersja 22H2 19045.5555 (X64) (2020-08-04 03:47:19) Tryb startu: Normal ========================================================== ==================== Konta użytkowników: ============================= (Załączenie wejścia w fixlist spowoduje jego usunięcie.) Administrator (S-1-5-21-4202650918-750063722-353576276-500 - Administrator - Disabled) Gość (S-1-5-21-4202650918-750063722-353576276-501 - Limited - Disabled) Kasia (S-1-5-21-4202650918-750063722-353576276-1001 - Administrator - Enabled) => C:\Users\Dom Konto domyślne (S-1-5-21-4202650918-750063722-353576276-503 - Limited - Disabled) WDAGUtilityAccount (S-1-5-21-4202650918-750063722-353576276-504 - Limited - Disabled) ==================== Centrum zabezpieczeń ======================== (Załączenie wejścia w fixlist spowoduje jego usunięcie.) AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} ==================== Zainstalowane programy ====================== (W fixlist dozwolone tylko załączanie programów adware z flagą "Hidden" w celu ich uwidocznienia. Programy adware powinny zostać w poprawny sposób odinstalowane.) Adobe Flash Player 10 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 10.1.53.64 - Adobe Systems Incorporated) Adobe Illustrator 2022 (HKLM-x32\...\ILST_26_0) (Version: 26.0 - Adobe Inc.) Adobe Lightroom Classic (HKLM-x32\...\LTRM_11_4_1) (Version: 11.4.1 - Adobe Inc.) Adobe Photoshop 2022 (HKLM-x32\...\PHSP_23_0) (Version: 23.0.0.36 - Adobe Inc.) Brave (HKLM-x32\...\BraveSoftware Brave-Browser) (Version: 134.1.76.73 - Autorzy Brave) CCleaner (HKLM\...\CCleaner) (Version: 6.33 - Piriform) Construction Simulator 2 (HKLM\...\SKIDROW - Construction Simulator 2) (Version: - SKIDROW) DAEMON Tools Lite (HKLM\...\DAEMON Tools Lite) (Version: 12.2.0.2240 - Disc Soft Ltd) DDT2000 - RENAULT - 2.6.0.0 (HKLM-x32\...\DDT2000_is1) (Version: 2.6.0.0 - Renault) ddt4all (wersja 5.5.0) (HKLM-x32\...\ddt4all_is1) (Version: 5.5.0 - ) Dell Touchpad (HKLM\...\{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}) (Version: 10.3201.101.215 - ALPSALPINE CO., LTD.) Dell WLAN Radio Switch Driver (HKLM\...\{6C0524F9-D333-4349-8689-14B13105EB8E}) (Version: 1.0.0.6 - Dell Inc.) e-file [ID] wersja 1.5.16.0 (HKU\S-1-5-21-4202650918-750063722-353576276-1001\...\{EF9A27D3-62E7-473E-9D32-23653A0F6CBB}_is1) (Version: 1.5.16.0 - e-file sp. z o.o. sp. k.) Google Chrome (HKLM\...\{BD1AA4A7-50F4-39A0-8715-7C2148D661DD}) (Version: 134.0.6998.36 - Google LLC) Intel® Optane™ Pinning Explorer Extensions (HKLM\...\{A6961DC0-8F0E-4593-B336-FD3E7F27999C}) (Version: 16.8.4.1011 - Intel Corporation) LibreOffice 24.8.2.1 (HKLM\...\{2B5B0425-12C7-4D48-ACA8-38CCA3082A81}) (Version: 24.8.2.1 - The Document Foundation) Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 134.0.3124.51 - Microsoft Corporation) Microsoft OneDrive (HKU\S-1-5-21-4202650918-750063722-353576276-1001\...\OneDriveSetup.exe) (Version: 25.020.0202.0001 - Microsoft Corporation) Microsoft Update Health Tools (HKLM\...\{1FC1A6C2-576E-489A-9B4A-92D21F542136}) (Version: 3.74.0.0 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.61030 (HKLM\...\{37B8F9C7-03FB-3253-8781-2517C99D7C00}) (Version: 11.0.61030 - Microsoft Corporation) Hidden Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.61030 (HKLM\...\{CF2BEA3C-26EA-32F8-AA9B-331F7E34BA97}) (Version: 11.0.61030 - Microsoft Corporation) Hidden Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61030 (HKLM-x32\...\{B175520C-86A2-35A7-8619-86DC379688B9}) (Version: 11.0.61030 - Microsoft Corporation) Hidden Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61030 (HKLM-x32\...\{BD95A8CD-1D9F-35AD-981A-3E7925026EBB}) (Version: 11.0.61030 - Microsoft Corporation) Hidden Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40664 (HKLM-x32\...\{042d26ef-3dbe-4c25-95d3-4c1b11b235a7}) (Version: 12.0.40664.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.40664 (HKLM-x32\...\{9dff3540-fc85-4ed5-ac84-9e3c7fd8bece}) (Version: 12.0.40664.0 - Microsoft Corporation) Microsoft Visual C++ 2013 x64 Additional Runtime - 12.0.40664 (HKLM\...\{010792BA-551A-3AC0-A7EF-0FAB4156C382}) (Version: 12.0.40664 - Microsoft Corporation) Hidden Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.40664 (HKLM\...\{53CF6934-A98D-3D84-9146-FC4EDF3D5641}) (Version: 12.0.40664 - Microsoft Corporation) Hidden Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.40664 (HKLM-x32\...\{D401961D-3A20-3AC7-943B-6139D5BD490A}) (Version: 12.0.40664 - Microsoft Corporation) Hidden Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.40664 (HKLM-x32\...\{8122DAB1-ED4D-3676-BB0A-CA368196543E}) (Version: 12.0.40664 - Microsoft Corporation) Hidden Microsoft Visual C++ 2015-2019 Redistributable (x64) - 14.27.29016 (HKLM-x32\...\{40d3fee2-b257-46c2-bdc0-cb1088d97327}) (Version: 14.27.29016.0 - Microsoft Corporation) Microsoft Visual C++ 2015-2019 Redistributable (x86) - 14.23.27820 (HKLM-x32\...\{45231ab4-69fd-486a-859d-7a59fcd11013}) (Version: 14.23.27820.0 - Microsoft Corporation) Microsoft Visual C++ 2019 X64 Additional Runtime - 14.27.29016 (HKLM\...\{F07B1E25-5670-4556-9C7F-5A1966C83269}) (Version: 14.27.29016 - Microsoft Corporation) Hidden Microsoft Visual C++ 2019 X64 Minimum Runtime - 14.27.29016 (HKLM\...\{E493B8F4-E300-43EC-95D0-BDF3711297EA}) (Version: 14.27.29016 - Microsoft Corporation) Hidden Microsoft Visual C++ 2019 X86 Additional Runtime - 14.23.27820 (HKLM-x32\...\{86BE78D9-65A1-4E69-86F8-C1F5281F8553}) (Version: 14.23.27820 - Microsoft Corporation) Hidden Microsoft Visual C++ 2019 X86 Minimum Runtime - 14.23.27820 (HKLM-x32\...\{00AC3934-26B4-406E-807C-1692AC7329EC}) (Version: 14.23.27820 - Microsoft Corporation) Hidden Mortyr: Operacja Sztorm (HKLM-x32\...\Operation Thunderstorm/PL-Polish_is1) (Version: - City Interactive) ON1 NoNoise AI 2022 (HKU\S-1-5-21-4202650918-750063722-353576276-1001\...\{5ddef3bc-5a5c-42ec-b8dc-ce68addc7a77}) (Version: 1600 - ON1) Quick Share (HKLM\...\{E8E4AB67-FD4E-4B36-A317-81EE323832E3}) (Version: 1.0.2113.1 - Google LLC) Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6127 - Realtek Semiconductor Corp.) Sprawdzanie kondycji komputera z systemem Windows (HKLM\...\{41E85393-7ED3-4C54-AC25-51F8CDF39CDF}) (Version: 3.6.2204.08001 - Microsoft Corporation) Symulator budowy 2012 (HKLM-x32\...\{AEF59382-3FF1-4EBF-A93E-CCC474DCEA3F}_is1) (Version: 1.0 - weltenbauer. Software Entwicklung GmbH) Symulator wózka widłowego (HKLM-x32\...\{E9432D26-84A1-447E-8A4A-B05A5E60D2A7}_is1) (Version: 1.0 - astragon) Środowisko uruchomieniowe Microsoft Edge WebView2 (HKLM-x32\...\Microsoft EdgeWebView) (Version: 133.0.3065.92 - Microsoft Corporation) Hidden The Sims 4 (HKLM-x32\...\The Sims 4_is1) (Version: - ) Update for x64-based Windows Systems (KB5001716) (HKLM\...\{DA80A019-4C3B-4DAA-ACA1-6937D7CAAF9E}) (Version: 8.94.0.0 - Microsoft Corporation) UXP WebView Support (HKLM-x32\...\UXPW_1_1_0) (Version: 1.1.0 - Adobe Inc.) WinRAR 6.22 (64-bitowy) (HKLM\...\WinRAR archiver) (Version: 6.22.0 - win.rar GmbH) Packages: ========= Centrum sterowania grafiką Intel® -> C:\Program Files\WindowsApps\AppUp.IntelGraphicsExperience_1.100.5688.0_x64__8j3eq9eme6ctt [2024-11-19] (INTEL CORP) [Startup Task] Dell Free Fall Data Protection -> C:\Program Files\WindowsApps\STMicroelectronicsMEMS.DellFreeFallDataProtection_1.0.27.0_x64__rp6h1c31mfy1y [2024-08-02] (STMICROELECTRONICS S.R.L.) Farming Simulator 16 -> C:\Program Files\WindowsApps\GIANTSSoftware.FarmingSimulator16_1.1.2.8_x86__fa8jxm5fj0esw [2025-01-11] (GIANTS Software) Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2023-06-18] (Microsoft Corporation) [MS Ad] Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2023-06-18] (Microsoft Corporation) [MS Ad] Pool Billiard Championship -> C:\Program Files\WindowsApps\27F33DE8.PoolBilliardChampionship_1.0.9.0_x64__qkrszzvb3v9nm [2025-01-11] (MOBIRIX Corporation) Quick Share -> C:\Program Files\Google\NearbyShare [2025-02-08] (Google LLC) Spotify – muzyka i podcasty -> C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.258.498.0_x64__zpdnekdrzrea0 [2025-03-06] (Spotify AB) [Startup Task] ==================== Niestandardowe rejestracje CLSID (filtrowane): ============== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) ShellIconOverlayIdentifiers: [ AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2021-09-15] (Adobe Inc. -> ) ShellIconOverlayIdentifiers: [ AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2021-09-15] (Adobe Inc. -> ) ShellIconOverlayIdentifiers: [ AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2021-09-15] (Adobe Inc. -> ) ShellIconOverlayIdentifiers: [ OptaneIconOverlay] -> {A3AF6F6C-8BED-3D93-8B5D-33427B5D38E9} => C:\Program Files\Intel\OptaneShellExtensions\OptaneShellExt.dll [2021-05-21] () [Brak podpisu cyfrowego] [Plik w użyciu] ContextMenuHandlers1: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2021-09-15] (Adobe Inc. -> ) ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2023-06-04] (win.rar GmbH -> Alexander Roshal) ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2023-06-04] (win.rar GmbH -> Alexander Roshal) ContextMenuHandlers2: [DaemonShellExtDriveLite] -> {C06369D6-E77D-4626-9656-1256312BD576} => C:\Program Files\DAEMON Tools Lite\dtshl64.dll [2024-12-17] (AVB Disc Soft, SIA -> Disc Soft FZE LLC) ContextMenuHandlers3: [DaemonShellExtImageLite] -> {1D1B5D7B-0FC9-452E-902C-12BACD4FBC20} => C:\Program Files\DAEMON Tools Lite\dtshl64.dll [2024-12-17] (AVB Disc Soft, SIA -> Disc Soft FZE LLC) ContextMenuHandlers3: [OptaneContextMenu] -> {AD7EBB13-617D-3270-8FA8-46583499C4FB} => C:\Program Files\Intel\OptaneShellExtensions\OptaneShellExt.dll [2021-05-21] () [Brak podpisu cyfrowego] [Plik w użyciu] ContextMenuHandlers6: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2021-09-15] (Adobe Inc. -> ) ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2023-06-04] (win.rar GmbH -> Alexander Roshal) ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2023-06-04] (win.rar GmbH -> Alexander Roshal) ==================== Codecs (filtrowane) ==================== ==================== Skróty & WMI ======================== (Wybrane wejścia mogą zostać załączone w celu ich zresetowania lub usunięcia.) ShortcutWithArgument: C:\Users\Dom\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\fa353a63e775dcce\Menedżer Haseł Bitwarden.lnk -> C:\Program Files\BraveSoftware\Brave-Browser\Application\chrome_proxy.exe (Brave Software, Inc.) -> --profile-directory=Default --app-id=nngceckbapebfimnlniiiahkandclblb ==================== Załadowane moduły (filtrowane) ============= 2021-05-21 14:43 - 2021-05-21 14:43 - 000126976 _____ (Intel Corporation) [Brak podpisu cyfrowego] C:\Program Files\Intel\OptaneShellExtensions\iaStorAfsServiceApi.dll ==================== Alternate Data Streams (filtrowane) ======== ==================== Tryb awaryjny (filtrowane) ================== ==================== Powiązania plików (filtrowane) ================= ==================== Internet Explorer (filtrowane) ============= ==================== Hosts - zawartość: ========================= (Użycie dyrektywy Hosts: w fixlist spowoduje reset pliku Hosts.) 2019-12-07 10:14 - 2024-07-19 23:07 - 000003200 _____ C:\Windows\system32\drivers\etc\hosts 109.94.209.70 fitgirlrepacks.in # Fake FitGirl site 109.94.209.70 www.fitgirlrepacks.in # Fake FitGirl site 109.94.209.70 fitgirlrepacks.co # Fake FitGirl site 109.94.209.70 fitgirl-repacks.cc # Fake FitGirl site 109.94.209.70 fitgirl-repacks.to # Fake FitGirl site 109.94.209.70 fitgirl-repack.com # Fake FitGirl site 109.94.209.70 fitgirl-repacks.website # Fake FitGirl site 109.94.209.70 www.fitgirlrepacks.co # Fake FitGirl site 109.94.209.70 www.fitgirl-repacks.cc # Fake FitGirl site 109.94.209.70 www.fitgirl-repacks.to # Fake FitGirl site 109.94.209.70 www.fitgirl-repack.com # Fake FitGirl site 109.94.209.70 www.fitgirl-repacks.website # Fake FitGirl site 109.94.209.70 ww9.fitgirl-repacks.xyz # Fake FitGirl site 109.94.209.70 *.fitgirl-repacks.xyz # Fake FitGirl site 109.94.209.70 fitgirl-repacks.xyz # Fake FitGirl site 109.94.209.70 fitgirl-repack.net # Fake FitGirl site 109.94.209.70 www.fitgirl-repack.net # Fake FitGirl site 109.94.209.70 fitgirlpack.site # Fake FitGirl site 109.94.209.70 www.fitgirlpack.site # Fake FitGirl site 109.94.209.70 fitgirl-repack.org # Fake FitGirl site 109.94.209.70 www.fitgirl-repack.org # Fake FitGirl site 109.94.209.70 fitgirlrepacks.pro # Fake FitGirl site 109.94.209.70 www.fitgirlrepacks.pro # Fake FitGirl site 109.94.209.70 fitgirlrepack.games # Fake FitGirl site 109.94.209.70 www.fitgirlrepack.games # Fake FitGirl site 109.94.209.70 fitgirl-repacks-site.org # Fake FitGirl site 109.94.209.70 www.fitgirl-repacks-site.org # Fake FitGirl site 109.94.209.70 fitgirls-repacks.com # Fake FitGirl site 109.94.209.70 fitgirlrepack.cc # Fake FitGirl site 109.94.209.70 fitgirlrepacks.org # Fake FitGirl site ==================== Inne obszary =========================== (Obecnie brak automatycznej naprawy dla tej sekcji.) HKU\S-1-5-21-4202650918-750063722-353576276-1001\Control Panel\Desktop\\Wallpaper -> C:\Kaktus\Zdjęcia\2024\09.09 Urlopik Tatry Wysokie\Nowy folder\_DSC7812a.jpg DNS Servers: 192.168.0.1 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1) Zapora systemu Windows [funkcja włączona] Network Binding: ============= Wi-Fi: Intel(R) Dual Band Wireless-AC 8260 -> Netwtw06.sys Połączenie sieciowe Bluetooth: Bluetooth Device (Personal Area Network) -> bthpan.sys Ethernet: Intel(R) Ethernet Connection (2) I219-LM -> e1d68x64.sys ==================== MSCONFIG/TASK MANAGER - Wyłączone elementy == (Załączenie wejścia w fixlist spowoduje jego usunięcie.) HKU\S-1-5-21-4202650918-750063722-353576276-1001\...\StartupApproved\StartupFolder: => "DDT2000 Quick Menu.lnk" HKU\S-1-5-21-4202650918-750063722-353576276-1001\...\StartupApproved\Run: => "DAEMON Tools Lite Automount" HKU\S-1-5-21-4202650918-750063722-353576276-1001\...\StartupApproved\Run: => "e-file [ID] - Asystent" ==================== Reguły Zapory systemu Windows (filtrowane) ================ (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) FirewallRules: [{5D34443E-6B33-4FC1-AA3D-328E0D84D9BC}] => (Block) C:\Program Files\Adobe\Adobe Photoshop 2022\Photoshop.exe (Adobe Inc. -> Adobe) [Brak podpisu cyfrowego] FirewallRules: [{73A0942A-5880-4BB7-891D-A90FD560D51C}] => (Block) C:\Program Files\Adobe\Adobe Photoshop 2022\Photoshop.exe (Adobe Inc. -> Adobe) [Brak podpisu cyfrowego] FirewallRules: [{38499BE0-85AE-49C8-AC1F-F2E801B6FBC7}] => (Block) C:\Program Files\Adobe\Adobe Lightroom Classic\Lightroom.exe (Adobe Inc.) [Brak podpisu cyfrowego] FirewallRules: [{2A1D879A-6D30-4325-A1D1-F45AEF4BAE85}] => (Block) C:\Program Files\Adobe\Adobe Lightroom Classic\Lightroom.exe (Adobe Inc.) [Brak podpisu cyfrowego] FirewallRules: [{A65CD6B1-FEE5-4D4E-8C0E-840C33E462F6}] => (Block) C:\Program Files\Adobe\Adobe Illustrator 2022\Support Files\Contents\Windows\Illustrator.exe (Adobe Inc. -> Adobe Inc.) [Brak podpisu cyfrowego] FirewallRules: [{B3BA7407-3B41-46C9-B6A7-7E34CF613FE4}] => (Block) C:\Program Files\Adobe\Adobe Illustrator 2022\Support Files\Contents\Windows\Illustrator.exe (Adobe Inc. -> Adobe Inc.) [Brak podpisu cyfrowego] FirewallRules: [{D2F71DC3-3101-4BCB-986E-30850EE37335}] => (Allow) C:\Program Files\ON1\ON1 NoNoise AI 2022\ON1 NoNoise AI 2022.exe (ON1, Inc.) [Brak podpisu cyfrowego] FirewallRules: [{0209CB4A-0E38-471B-99DC-EE73C1A87582}] => (Allow) C:\Program Files\ON1\ON1 NoNoise AI 2022\ON1 NoNoise AI 2022.exe (ON1, Inc.) [Brak podpisu cyfrowego] FirewallRules: [{B8781388-D29A-4036-BFFC-38F58345EA7E}] => (Allow) C:\Program Files\ON1\ON1 NoNoise AI 2022\on1sandbox.exe (ON1, Inc (Onone Software, Inc.) -> ) FirewallRules: [{80BC9BE1-2F81-4672-B5F1-95B8D73982E2}] => (Allow) C:\Program Files\ON1\ON1 NoNoise AI 2022\on1sandbox.exe (ON1, Inc (Onone Software, Inc.) -> ) FirewallRules: [{8A0AEEE8-1EB9-4896-962F-352C46E2F639}] => (Block) C:\Program Files\ON1\ON1 NoNoise AI 2022\ON1 NoNoise AI 2022.exe (ON1, Inc.) [Brak podpisu cyfrowego] FirewallRules: [{51E6B468-74F2-4159-AE80-CA658A08F615}] => (Block) C:\Program Files\ON1\ON1 NoNoise AI 2022\ON1 NoNoise AI 2022.exe (ON1, Inc.) [Brak podpisu cyfrowego] FirewallRules: [{A963D843-35E4-428B-8C5C-F6CF283CD8CF}] => (Allow) C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe (AVB Disc Soft, SIA -> Disc Soft FZE LLC) FirewallRules: [{5A36428E-4FD6-4369-8021-CE06695FD396}] => (Allow) C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe (AVB Disc Soft, SIA -> Disc Soft FZE LLC) FirewallRules: [{580774D9-1D08-4A17-9219-06C14AE7FA79}] => (Allow) C:\Program Files\Google\NearbyShare\nearby_share.exe (Google LLC -> Google) FirewallRules: [{B69DE4D4-754A-4B31-B716-F76F63D2B017}] => (Allow) C:\Program Files\Google\NearbyShare\nearby_share.exe (Google LLC -> Google) FirewallRules: [TCP Query User{2FC0AA23-1F0C-4157-AE1B-82947E1F0F61}C:\users\dom\documents\efile\efileid\bin\efileidasystent.exe] => (Allow) C:\users\dom\documents\efile\efileid\bin\efileidasystent.exe (e-file sp. z o.o. -> e-file sp. z o.o. sp. k.) FirewallRules: [UDP Query User{CE8F4D4A-E00E-4D54-8637-6BDCC1BD0210}C:\users\dom\documents\efile\efileid\bin\efileidasystent.exe] => (Allow) C:\users\dom\documents\efile\efileid\bin\efileidasystent.exe (e-file sp. z o.o. -> e-file sp. z o.o. sp. k.) FirewallRules: [{97B48780-057A-4199-9CDA-11BCDAC368F7}] => (Block) C:\users\dom\documents\efile\efileid\bin\efileidasystent.exe (e-file sp. z o.o. -> e-file sp. z o.o. sp. k.) FirewallRules: [{8A1DC474-7E54-471C-A511-8B4A0BCDD3B1}] => (Block) C:\users\dom\documents\efile\efileid\bin\efileidasystent.exe (e-file sp. z o.o. -> e-file sp. z o.o. sp. k.) FirewallRules: [{E7FB5427-71A8-43DF-913E-EB84281E885B}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\133.0.3065.92\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [{0B2ABF9E-79CD-41E7-9D25-910D614B5D89}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.258.498.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd) FirewallRules: [{7462D4C2-DEA5-4356-942C-9B61012F9765}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.258.498.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd) FirewallRules: [{840AEECE-ED1C-4EF0-B392-602C6EC0C73E}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.258.498.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd) FirewallRules: [{EDA53395-09E5-4EF0-918F-ACA764CEA315}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.258.498.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd) FirewallRules: [{3428582A-F4BA-4D09-B71F-94E23337B426}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.258.498.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd) FirewallRules: [{69A2C9C4-6AC2-4950-A0B0-8C6FA30DF0AB}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.258.498.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd) FirewallRules: [{0B5EEB39-7DC5-4607-BE8C-F7C8A1A12DBF}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.258.498.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd) FirewallRules: [{65C93D90-E72B-4EC1-AA7D-2F917F7A20B6}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.258.498.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd) FirewallRules: [{02EB54AF-08F3-4151-B833-A96DCB9E60A9}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.258.498.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd) FirewallRules: [{BA69BAD3-E025-4DAD-87E4-42824419BA38}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.258.498.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd) FirewallRules: [{515DF3FF-1C23-4E27-98BC-D4C90BC75F3B}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.137.3425.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.) FirewallRules: [{25DE4A13-7E06-46EB-BAF7-173978CA3E80}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.137.3425.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.) FirewallRules: [{FE03FFE6-9036-4BEB-8E85-B537D846027E}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.137.3425.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.) FirewallRules: [{7371041C-5BE8-49B2-98D4-31A1D6B120EB}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.137.3425.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.) FirewallRules: [{82932A6A-0266-4374-9624-C069701B96CB}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC) FirewallRules: [{C18D4419-D938-44EB-B00F-A24966B7524B}] => (Allow) C:\Program Files\BraveSoftware\Brave-Browser\Application\brave.exe (Brave Software, Inc. -> Brave Software, Inc.) ==================== Punkty Przywracania systemu ========================= ==================== Wadliwe urządzenia w Menedżerze urządzeń ============ ==================== Błędy w Dzienniku zdarzeń: ======================== Dziennik Aplikacja: ================== Error: (03/11/2025 05:04:42 PM) (Source: Application Hang) (EventID: 1002) (User: ) Description: Program Autoruns.exe w wersji 14.11.0.0 przestał współpracować z systemem Windows i został zamknięty. Aby zobaczyć, czy jest dostępnych więcej informacji dotyczących tego problemu, sprawdź historię problemów w oknie Zabezpieczenia i konserwacja w Panelu sterowania. Identyfikator procesu: 1708 Godzina rozpoczęcia: 01db929ad5d50b4a Godzina zakończenia: 12 Ścieżka aplikacji: C:\Users\Dom\Downloads\Autoruns\Autoruns.exe Identyfikator raportu: 29efe62c-4b3b-495c-877f-d53f29f6502a Pełna nazwa pakietu powodującego błąd: Identyfikator aplikacji powiązanej z pakietem powodującym błąd: Typ zawieszenia: Unknown Error: (03/11/2025 04:32:44 PM) (Source: SideBySide) (EventID: 78) (User: ) Description: Nie można wygenerować kontekstu aktywacji dla „C:\Users\Dom\Downloads\Autoruns\Autoruns.exe”. Błąd w pliku manifestu lub w pliku zasad „” w wierszu . Wersja składnika wymagana przez aplikację powoduje konflikt z inną wersją składnika, która jest już aktywna. Składniki powodujące konflikt: Składnik 1: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.19041.4355_none_a865f0c28672571c.manifest. Składnik 2: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.19041.4355_none_60b8b9eb71f62e16.manifest. Error: (03/11/2025 04:32:38 PM) (Source: SideBySide) (EventID: 78) (User: ) Description: Nie można wygenerować kontekstu aktywacji dla „C:\Users\Dom\Downloads\Autoruns\Autoruns.exe”. Błąd w pliku manifestu lub w pliku zasad „” w wierszu . Wersja składnika wymagana przez aplikację powoduje konflikt z inną wersją składnika, która jest już aktywna. Składniki powodujące konflikt: Składnik 1: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.19041.4355_none_a865f0c28672571c.manifest. Składnik 2: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.19041.4355_none_60b8b9eb71f62e16.manifest. Error: (03/11/2025 04:26:51 PM) (Source: VSS) (EventID: 8193) (User: ) Description: Błąd Usługi kopiowania woluminów w tle: nieoczekiwany błąd podczas wywoływania procedury CoCreateInstance. hr = 0x8007045b, Trwa proces zamykania systemu.. Error: (03/11/2025 04:26:51 PM) (Source: VSS) (EventID: 13) (User: ) Description: Informacje Usługi kopiowania woluminów w tle: nie można uruchomić serwera usługi COM z identyfikatorem CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} i nazwą CEventSystem. [0x8007045b, Trwa proces zamykania systemu.] Error: (03/11/2025 04:26:51 PM) (Source: VSS) (EventID: 8193) (User: ) Description: Błąd Usługi kopiowania woluminów w tle: nieoczekiwany błąd podczas wywoływania procedury CoCreateInstance. hr = 0x8007045b, Trwa proces zamykania systemu.. Error: (03/11/2025 04:26:51 PM) (Source: VSS) (EventID: 13) (User: ) Description: Informacje Usługi kopiowania woluminów w tle: nie można uruchomić serwera usługi COM z identyfikatorem CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} i nazwą CEventSystem. [0x8007045b, Trwa proces zamykania systemu.] Error: (03/11/2025 03:54:39 PM) (Source: System Restore) (EventID: 8193) (User: ) Description: Nie można utworzyć punktu przywracania (Proces = C:\Windows\winsxs\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_10.0.19041.5547_none_7e02b5467c95ffef\TiWorker.exe -Embedding; Opis = Instalator modułów systemu Windows; Błąd = 0x80070422). Dziennik System: ============= Error: (03/11/2025 05:20:16 PM) (Source: Microsoft-Windows-TPM-WMI) (EventID: 1796) (User: ZARZĄDZANIE NT) Description: The Secure Boot update failed to update a Secure Boot variable with error (-2147020471 = Funkcja bezpiecznego rozruchu nie jest włączona na tym komputerze.). For more information, please see https://go.microsoft.com/fwlink/?linkid=2169931 Error: (03/11/2025 05:17:19 PM) (Source: Service Control Manager) (EventID: 7023) (User: ) Description: Usługa Broker monitorów czasu wykonywania funkcji System Guard zakończyła działanie; wystąpił następujący błąd: %%3489660935 Error: (03/11/2025 05:17:18 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Nie można uruchomić usługi Usługa Google Update (gupdate) z powodu następującego błędu: Usługa nie odpowiada na sygnał uruchomienia lub sygnał sterujący w oczekiwanym czasie. Error: (03/11/2025 05:17:18 PM) (Source: Service Control Manager) (EventID: 7009) (User: ) Description: Upłynął limit czasu (30000 ms) podczas oczekiwania na połączenie się z usługą Usługa Google Update (gupdate). Error: (03/11/2025 05:11:41 PM) (Source: Microsoft-Windows-TPM-WMI) (EventID: 1796) (User: ZARZĄDZANIE NT) Description: The Secure Boot update failed to update a Secure Boot variable with error (-2147020471 = Funkcja bezpiecznego rozruchu nie jest włączona na tym komputerze.). For more information, please see https://go.microsoft.com/fwlink/?linkid=2169931 Error: (03/11/2025 05:08:44 PM) (Source: Service Control Manager) (EventID: 7023) (User: ) Description: Usługa Broker monitorów czasu wykonywania funkcji System Guard zakończyła działanie; wystąpił następujący błąd: %%3489660935 Error: (03/11/2025 05:08:44 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Nie można uruchomić usługi Usługa Google Update (gupdate) z powodu następującego błędu: Usługa nie odpowiada na sygnał uruchomienia lub sygnał sterujący w oczekiwanym czasie. Error: (03/11/2025 05:08:44 PM) (Source: Service Control Manager) (EventID: 7009) (User: ) Description: Upłynął limit czasu (30000 ms) podczas oczekiwania na połączenie się z usługą Usługa Google Update (gupdate). Windows Defender: ================ Date: 2025-03-11 15:36:18 Description: Program antywirusowy Microsoft Defender has detected malware or other potentially unwanted software. For more information please see the following: https://go.microsoft.com/fwlink/?linkid=37020&name=Program:Win32/Wacapew.C!ml&threatid=265744&enterprise=0 Name: Program:Win32/Wacapew.C!ml Severity: High Category: Settings Modifier Path: file:_C:\Users\Dom\AppData\Local\Temp\UV3DJVZT8BEG1JUO76ROZ4\cpfe.dll; file:_C:\Users\Dom\AppData\Local\Temp\YS95DLHBGNXP09WGA7LE\cpfe.dll Detection Origin: Local machine Detection Type: FastPath Detection Source: Real-Time Protection Process Name: C:\Program Files\CCleaner\CCleaner64.exe Security intelligence Version: AV: 1.423.343.0, AS: 1.423.343.0, NIS: 1.423.343.0 Engine Version: AM: 1.1.25010.7, NIS: 1.1.25010.7 Date: 2025-03-11 15:35:53 Description: Program antywirusowy Microsoft Defender has detected malware or other potentially unwanted software. For more information please see the following: https://go.microsoft.com/fwlink/?linkid=37020&name=Program:Win32/Wacapew.C!ml&threatid=265744&enterprise=0 Name: Program:Win32/Wacapew.C!ml Severity: High Category: Settings Modifier Path: file:_C:\Users\Dom\AppData\Local\Temp\YS95DLHBGNXP09WGA7LE\cpfe.dll Detection Origin: Local machine Detection Type: FastPath Detection Source: Real-Time Protection Process Name: C:\Program Files\CCleaner\CCleaner64.exe Security intelligence Version: AV: 1.423.343.0, AS: 1.423.343.0, NIS: 1.423.343.0 Engine Version: AM: 1.1.25010.7, NIS: 1.1.25010.7 Date: 2025-03-11 15:34:59 Description: Program antywirusowy Microsoft Defender has detected malware or other potentially unwanted software. For more information please see the following: https://go.microsoft.com/fwlink/?linkid=37020&name=Program:Win32/Wacapew.C!ml&threatid=265744&enterprise=0 Name: Program:Win32/Wacapew.C!ml Severity: High Category: Settings Modifier Path: file:_C:\Users\Dom\AppData\Local\Temp\KLGWY7YO4TXXQ9581O1JPJDCO\cpfe.dll; file:_C:\Users\Dom\AppData\Local\Temp\UV3DJVZT8BEG1JUO76ROZ4\cpfe.dll; file:_C:\Users\Dom\AppData\Local\Temp\YS95DLHBGNXP09WGA7LE\cpfe.dll Detection Origin: Local machine Detection Type: FastPath Detection Source: Real-Time Protection Process Name: C:\Program Files\CCleaner\CCleaner64.exe Security intelligence Version: AV: 1.423.343.0, AS: 1.423.343.0, NIS: 1.423.343.0 Engine Version: AM: 1.1.25010.7, NIS: 1.1.25010.7 Date: 2025-03-11 15:34:52 Description: Program antywirusowy Microsoft Defender has detected malware or other potentially unwanted software. For more information please see the following: https://go.microsoft.com/fwlink/?linkid=37020&name=Program:Win32/Wacapew.C!ml&threatid=265744&enterprise=0 Name: Program:Win32/Wacapew.C!ml Severity: High Category: Settings Modifier Path: file:_C:\Users\Dom\AppData\Local\Temp\UV3DJVZT8BEG1JUO76ROZ4\cpfe.dll; file:_C:\Users\Dom\AppData\Local\Temp\YS95DLHBGNXP09WGA7LE\cpfe.dll Detection Origin: Local machine Detection Type: FastPath Detection Source: Real-Time Protection Process Name: C:\Program Files\CCleaner\CCleaner64.exe Security intelligence Version: AV: 1.423.343.0, AS: 1.423.343.0, NIS: 1.423.343.0 Engine Version: AM: 1.1.25010.7, NIS: 1.1.25010.7 Date: 2025-03-11 15:34:37 Description: Program antywirusowy Microsoft Defender has detected malware or other potentially unwanted software. For more information please see the following: https://go.microsoft.com/fwlink/?linkid=37020&name=Program:Win32/Wacapew.C!ml&threatid=265744&enterprise=0 Name: Program:Win32/Wacapew.C!ml Severity: High Category: Settings Modifier Path: file:_C:\Users\Dom\AppData\Local\Temp\UV3DJVZT8BEG1JUO76ROZ4\cpfe.dll; file:_C:\Users\Dom\AppData\Local\Temp\YS95DLHBGNXP09WGA7LE\cpfe.dll Detection Origin: Local machine Detection Type: FastPath Detection Source: Real-Time Protection Process Name: C:\Program Files\CCleaner\CCleaner64.exe Security intelligence Version: AV: 1.423.343.0, AS: 1.423.343.0, NIS: 1.423.343.0 Engine Version: AM: 1.1.25010.7, NIS: 1.1.25010.7 Event[0]: Date: 2019-12-07 10:15:22 Description: Program antywirusowy Microsoft Defender has encountered an error trying to update security intelligence and will attempt to revert to a previous version. Security intelligence Attempted: Kopia zapasowa Error Code: 0x80004004 Error description: Operacja przerwana. Security intelligence Version: 1.303.25.0;1.303.25.0 Engine Version: 1.1.16400.2 Date: 2019-12-07 10:15:21 Description: Program antywirusowy Microsoft Defender has encountered an error trying to update security intelligence and will attempt to revert to a previous version. Security intelligence Attempted: Bieżące Error Code: 0x80004004 Error description: Operacja przerwana. Security intelligence Version: 1.391.1817.0;1.391.1817.0 Engine Version: 1.1.23050.3 CodeIntegrity: =============== Date: 2023-06-18 10:10:00 Description: Code Integrity determined that a process (\Device\HarddiskVolume3\ProgramData\Microsoft\Windows Defender\Platform\4.18.23050.5-0\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_d0b39b11619fd0c4\igd10iumd64.dll that did not meet the Custom 3 / Antimalware signing level requirements. ==================== Statystyki pamięci =========================== BIOS: Dell Inc. 1.34.3 11/20/2022 Płyta główna: Dell Inc. 0GF89W Procesor: Intel(R) Core(TM) i5-6440HQ CPU @ 2.60GHz Procent pamięci w użyciu: 18% Całkowita pamięć fizyczna: 32659.42 MB Dostępna pamięć fizyczna: 26706.74 MB Całkowita pamięć wirtualna: 37523.42 MB Dostępna pamięć wirtualna: 31901.81 MB ==================== Dyski ================================ Drive c: () (Fixed) (Total:475.71 GB) (Free:187.04 GB) (Model: INTEL SSDPEKKF512G8L) NTFS Drive d: (NIKON D5100) (Removable) (Total:29.72 GB) (Free:24.11 GB) FAT32 \\?\Volume{0f8b132c-ffab-4da1-9ef7-42579670a7c0}\ () (Fixed) (Total:1.01 GB) (Free:0.52 GB) NTFS \\?\Volume{6222e373-cdb6-468b-bf84-816a1febe0a6}\ () (Fixed) (Total:0.19 GB) (Free:0.14 GB) FAT32 ==================== MBR & Tablica partycji ==================== ========================================================== Disk: 0 (Protective MBR) (Size: 476.9 GB) (Disk ID: 00000000) Partition: GPT. ========================================================== Disk: 1 (Protective MBR) (Size: 29.7 GB) (Disk ID: 00000000) Partition: GPT. ==================== Koniec Addition.txt =======================