Rezultaty skanu uzupełniającego Farbar Recovery Scan Tool (x64) Wersja: 01-04-2025
Uruchomiony przez aszop (19-04-2025 12:20:54)
Uruchomiony z D:\aszop\Downloads
Microsoft Windows 11 Home Wersja 24H2 26100.3775 (X64) (2025-03-27 16:41:41)
Tryb startu: Normal
==========================================================


==================== Konta użytkowników: =============================

(Załączenie wejścia w fixlist spowoduje jego usunięcie.)

Administrator (S-1-5-21-2610349650-40441272-853533914-500 - Administrator - Disabled)
aszop (S-1-5-21-2610349650-40441272-853533914-1001 - Administrator - Enabled) => C:\Users\aszop
Gość (S-1-5-21-2610349650-40441272-853533914-501 - Limited - Disabled)
Konto domyślne (S-1-5-21-2610349650-40441272-853533914-503 - Limited - Disabled)
WDAGUtilityAccount (S-1-5-21-2610349650-40441272-853533914-504 - Limited - Disabled)

==================== Centrum zabezpieczeń ========================

(Załączenie wejścia w fixlist spowoduje jego usunięcie.)

AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Zainstalowane programy ======================

(W fixlist dozwolone tylko załączanie programów adware z flagą "Hidden" w celu ich uwidocznienia. Programy adware powinny zostać w poprawny sposób odinstalowane.)

7-Zip 24.09 (x64) (HKLM\...\7-Zip) (Version: 24.09 - Igor Pavlov)
AARGB version 0.1.1.230710 (HKLM-x32\...\{339AD08D-FB33-4212-A368-4B087ABC6B86}_is1) (Version: 0.1.1.230710 - AARGB)
AMD Application Compatibility Database Driver (HKLM-x32\...\{7466773D-AE4B-48F6-8E12-D64B555C1BEA}) (Version: 1.0.0.3 - Advanced Micro Devices, Inc.) Hidden
AMD Chipset Software (HKLM-x32\...\AMD_Chipset_IODrivers) (Version: 7.03.21.2116 - Advanced Micro Devices, Inc.)
AMD GPIO2 Driver (HKLM-x32\...\{E9DD399F-21A3-479E-A7DF-D6CF4B2ADBF3}) (Version: 2.2.0.134 - Advanced Micro Devices, Inc.) Hidden
AMD I2C Driver (HKLM-x32\...\{B31D92D9-2914-46B0-9738-F668A563DE73}) (Version: 1.2.0.126 - Advanced Micro Devices, Inc.) Hidden
AMD Install Manager (HKLM\...\{64763D96-BC41-442A-A10F-4C9EF1783BCB}) (Version: 24.30.25071.1901 - Advanced Micro Devices, Inc.)
AMD PCI Driver (HKLM-x32\...\{80EC3CEE-2940-42A1-A776-B5D810D39F1E}) (Version: 1.0.0.9 - Advanced Micro Devices, Inc.) Hidden
AMD PPM Provisioning File Driver (HKLM-x32\...\{3665A5DE-D07C-46D7-9207-713E8E9FEF32}) (Version: 8.0.0.51 - Advanced Micro Devices, Inc.) Hidden
AMD PSP Driver (HKLM-x32\...\{988F14B8-79A8-475D-BAC7-83F96AD3D821}) (Version: 5.39.0.0 - Advanced Micro Devices, Inc.) Hidden
AMD SBxxx SMBus Driver (HKLM-x32\...\{AAE0E27D-C88A-49BA-8715-77ADCD4286A3}) (Version: 5.12.0.44 - Advanced Micro Devices, Inc.) Hidden
AMD Software (HKLM\...\AMD Catalyst Install Manager) (Version: 25.3.1 - Advanced Micro Devices, Inc.)
AMD_Chipset_Drivers (HKLM-x32\...\{99280239-9b64-482f-8fad-135b939a973b}) (Version: 7.03.21.2116 - Advanced Micro Devices, Inc.) Hidden
Branding64 (HKLM\...\{492AEFBE-1B81-4C20-A111-E6974BB98EC5}) (Version: 1.00.0009 - Advanced Micro Devices, Inc.) Hidden
EA app (HKLM\...\{C2622085-ABD2-49E5-8AB9-D3D6A642C091}) (Version: 12.0.0.0 - Electronic Arts) Hidden
EA app (HKLM-x32\...\{5d7078a4-7c9e-4ade-85bf-61c3856006ac}) (Version: 13.423.0.5936 - Electronic Arts)
EA SPORTS FC 24 (HKLM-x32\...\{D599A8A7-E083-496C-B891-5752CD4E04F3}) (Version: 1.0.120.18322 - Electronic Arts)
ENE_DRAM_RGB_AIO (HKLM\...\{B11E508E-972B-4AD2-93BE-C3843F567579}) (Version: 1.0.10.0 - Ene Tech.) Hidden
ENE_DRAM_RGB_AIO (HKLM-x32\...\{9844ccd4-745b-4ffe-959c-b438a09ab926}) (Version: 1.0.10.0 - Ene Tech.) Hidden
Hogwarts Legacy (HKLM-x32\...\Hogwarts Legacy_R.G. Mechanics_is1) (Version:  - R.G. Mechanics, Lazali)
HWiNFO® 64 (HKLM\...\HWiNFO® 64_is1) (Version: 8.22 - Martin Malik, REALiX s.r.o.)
IrfanView 4.70 (64-bit) (HKLM\...\IrfanView64) (Version: 4.70 - Irfan Skiljan)
LADMLauncherService (HKLM\...\{854B6F11-4B1A-4069-BD45-785B7D41DDEC}) (Version: 1.0.0843 - Lenovo)
Lenovo Accessories and Display Manager (HKLM\...\{E7564DE9-5392-4027-ABF6-3D26A0305918}_is1) (Version: 1.0.6.05 - Lenovo Group Ltd.)
Lenovo Professional Wireless Rechargeable Combo (HKLM\...\{909B2FCC-C04A-4F27-884B-D18686B25075}_is1) (Version: 1.0.0.8 - Lenovo)
Lexar RGB Sync (HKLM-x32\...\{97CD7AFC-0ED3-41B8-9CCD-22717E8631D0}_is1) (Version: 1.00.02 - ENG)
Microsoft .NET Host - 9.0.4 (x64) (HKLM\...\{9E5495E6-3E9B-41FD-8D4E-2BC1EA61A696}) (Version: 72.16.31125 - Microsoft Corporation) Hidden
Microsoft .NET Host FX Resolver - 9.0.4 (x64) (HKLM\...\{1B002B5C-8CD6-4633-B543-2CDD484064A8}) (Version: 72.16.31125 - Microsoft Corporation) Hidden
Microsoft .NET Runtime - 9.0.4 (x64) (HKLM\...\{8BAC55BB-CCAC-428E-BCB8-C00015D37D89}) (Version: 72.16.31125 - Microsoft Corporation) Hidden
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 135.0.3179.85 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-2610349650-40441272-853533914-1001\...\OneDriveSetup.exe) (Version: 25.051.0317.0003 - Microsoft Corporation)
Microsoft Teams Meeting Add-in for Microsoft Office (HKLM\...\{A7AB73A3-CB10-4AA5-9D38-6AEFFBDE4C91}) (Version: 1.24.31301 - Microsoft)
Microsoft Update Health Tools (HKLM\...\{C6FD611E-7EFE-488C-A0E0-974C09EF6473}) (Version: 5.72.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.60610 (HKLM\...\{764384C5-BCA9-307C-9AAC-FD443662686A}) (Version: 11.0.60610 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.60610 (HKLM\...\{2EDC2FA3-1F34-34E5-9085-588C9EFD1CC6}) (Version: 11.0.60610 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61030 (HKLM-x32\...\{B175520C-86A2-35A7-8619-86DC379688B9}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61030 (HKLM-x32\...\{BD95A8CD-1D9F-35AD-981A-3E7925026EBB}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40664 (HKLM-x32\...\{042d26ef-3dbe-4c25-95d3-4c1b11b235a7}) (Version: 12.0.40664.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.40664 (HKLM-x32\...\{9dff3540-fc85-4ed5-ac84-9e3c7fd8bece}) (Version: 12.0.40664.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 x64 Additional Runtime - 12.0.40664 (HKLM\...\{010792BA-551A-3AC0-A7EF-0FAB4156C382}) (Version: 12.0.40664 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.40664 (HKLM\...\{53CF6934-A98D-3D84-9146-FC4EDF3D5641}) (Version: 12.0.40664 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.40664 (HKLM-x32\...\{D401961D-3A20-3AC7-943B-6139D5BD490A}) (Version: 12.0.40664 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.40664 (HKLM-x32\...\{8122DAB1-ED4D-3676-BB0A-CA368196543E}) (Version: 12.0.40664 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2015-2022 Redistributable (x64) - 14.42.34438 (HKLM-x32\...\{b49c10dd-4d54-45f8-ad13-fa25704456a4}) (Version: 14.42.34438.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2022 Redistributable (x86) - 14.34.31938 (HKLM-x32\...\{4f84f2dc-3f70-433a-8f50-8293e0089b0f}) (Version: 14.34.31938.0 - Microsoft Corporation)
Microsoft Visual C++ 2022 X64 Additional Runtime - 14.42.34438 (HKLM\...\{E528AD94-12D7-42C4-91A3-908BE28E9BD2}) (Version: 14.42.34438 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X64 Minimum Runtime - 14.42.34438 (HKLM\...\{2E15F519-4FDA-4834-B4EE-7EFCE7D8D4EE}) (Version: 14.42.34438 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X86 Additional Runtime - 14.34.31938 (HKLM-x32\...\{080D8397-60F4-44B3-BB95-FBB950CB0B4E}) (Version: 14.34.31938 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X86 Minimum Runtime - 14.34.31938 (HKLM-x32\...\{8DE5B0D4-A6D8-4F72-B8EF-28776A2EE5D5}) (Version: 14.34.31938 - Microsoft Corporation) Hidden
Microsoft Windows Desktop Runtime - 9.0.4 (x64) (HKLM\...\{6D5792BF-708C-485A-A59C-E38806AE6EBB}) (Version: 72.16.31142 - Microsoft Corporation) Hidden
Microsoft Windows Desktop Runtime - 9.0.4 (x64) (HKLM-x32\...\{60b3bad7-1da1-4082-8348-dbac77899742}) (Version: 9.0.4.34714 - Microsoft Corporation)
MiniTool Partition Wizard 12.9 (HKLM\...\MiniTool Partition Wizard_is1) (Version: 12.9 - LR)
Opera GX Stable 117.0.5408.205 (HKU\S-1-5-21-2610349650-40441272-853533914-1001\...\Opera GX 117.0.5408.205) (Version: 117.0.5408.205 - Opera Software)
PotPlayer-64 bit (HKLM\...\PotPlayer64) (Version: 25.03.13.0 - Kakao Corp.)
Promontory_GPIO Driver (HKLM-x32\...\{B5512BCC-F4CD-4159-86A4-B2AD7D38FFA9}) (Version: 3.0.3.0 - Advanced Micro Devices, Inc.) Hidden
Realtek Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.9468.1 - Realtek Semiconductor Corp.)
RyzenMasterSDK (HKLM\...\{EA69F3F4-94A3-4B3D-8A87-08C1D6ED87B4}) (Version: 1.2.3.5 - Advanced Micro Devices, Inc.) Hidden
Środowisko uruchomieniowe Microsoft Edge WebView2 (HKLM-x32\...\Microsoft EdgeWebView) (Version: 135.0.3179.73 - Microsoft Corporation) Hidden
Wise Disk Cleaner (HKLM-x32\...\Wise Disk Cleaner_is1) (Version: 11.2.1 - Lespeed Technology Co., Ltd.)
Wise Game Booster (HKLM-x32\...\Wise Game Booster_is1) (Version: 1.5.7 - Lespeed Technology Co., Ltd)
Wise Memory Optimizer (HKLM\...\Wise Memory Optimizer_is1) (Version: 4.2.2 - Lespeed Technology Co., Ltd.)
Wise Registry Cleaner (HKLM-x32\...\Wise Registry Cleaner_is1) (Version: 11.1.10 - Lespeed Technology Co., Ltd.)

Packages:
=========
@{MicrosoftWindows.55182690.Taskbar_1000.26100.3624.0_x64__cw5n1h2txyewy?ms-resource://MicrosoftWindows.55182690.Taskbar/Resources/ProductPkgDisplayName} -> C:\WINDOWS\SystemApps\SxS\MicrosoftWindows.55182690.Taskbar_cw5n1h2txyewy [2025-04-09] (Microsoft Windows)
Akcesoria Xbox -> C:\Program Files\WindowsApps\Microsoft.XboxDevices_2502.2502.12001.0_x64__8wekyb3d8bbwe [2025-04-19] (Microsoft Corporation)
AMD Radeon Software -> C:\Program Files\AMD\CNext\CNext [2025-03-30] (Advanced Micro Devices Inc.)
Bluetooth Battery Level For Game Bar -> C:\Program Files\WindowsApps\53291ModernSoftware.BluetoothBatteryLevelForGameBa_1.0.15.0_x64__zpk82fggye8hp [2025-04-19] (Workstation Master)
Messenger -> C:\Program Files\WindowsApps\FACEBOOK.317180B0BB486_2250.1.0.0_x64__8xx8rvfyw5nnt [2025-04-19] (Meta)
Microsoft Family -> C:\Program Files\WindowsApps\MicrosoftCorporationII.MicrosoftFamily_0.2.40.0_x64__8wekyb3d8bbwe [2025-04-19] (Microsoft Corp.)
Microsoft.StartExperiencesApp -> C:\Program Files\WindowsApps\Microsoft.StartExperiencesApp_1.1.296.0_x64__8wekyb3d8bbwe [2025-04-19] (Microsoft Corporation)
My Family Tree -> C:\Program Files\WindowsApps\5864ChronoplexSoftware.MyFamilyTree_15.0.5.0_x64__cfn0exghkdxkm [2025-04-16] (Chronoplex Software)
Pakiet Windows Feature Experience -> C:\WINDOWS\SystemApps\SxS\MicrosoftWindows.55182690.Taskbar_cw5n1h2txyewy [2025-04-09] (Microsoft Windows)
Realtek Audio Control -> C:\Program Files\WindowsApps\RealtekSemiconductorCorp.RealtekAudioControl_1.40.287.0_x64__dt26b99r8h8gj [2025-04-19] (Realtek Semiconductor Corp)
WhatsApp -> C:\Program Files\WindowsApps\5319275A.WhatsAppDesktop_2.2515.7.0_x64__cv1g1gvanyjgm [2025-04-19] (WhatsApp Inc.) [Startup Task]

==================== Niestandardowe rejestracje CLSID (filtrowane): ==============

(Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.)

ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => D:\Program Files\7-Zip\7-zip.dll [2024-11-29] (Igor Pavlov) [Brak podpisu cyfrowego]
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => D:\Program Files\7-Zip\7-zip.dll [2024-11-29] (Igor Pavlov) [Brak podpisu cyfrowego]
ContextMenuHandlers6: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => D:\Program Files\7-Zip\7-zip.dll [2024-11-29] (Igor Pavlov) [Brak podpisu cyfrowego]

==================== Codecs (filtrowane) ====================

==================== Skróty & WMI ========================

==================== Załadowane moduły (filtrowane) =============

2025-03-23 20:28 - 2014-04-15 18:01 - 002147840 _____ () [Brak podpisu cyfrowego] D:\Program Files (x86)\AARGB\opencv_core249.dll
2025-03-23 20:28 - 2014-04-15 18:02 - 001919488 _____ () [Brak podpisu cyfrowego] D:\Program Files (x86)\AARGB\opencv_imgproc249.dll
2025-03-23 22:25 - 2024-11-08 11:17 - 000605184 _____ (The curl library, hxxps://curl.se/) [Brak podpisu cyfrowego] C:\Program Files\Lenovo\Lenovo Accessories and Display Manager\libcurl.dll
2025-03-23 22:25 - 2024-11-08 12:04 - 005066752 _____ (The OpenSSL Project, hxxps://www.openssl.org/) [Brak podpisu cyfrowego] C:\Program Files\Lenovo\Lenovo Accessories and Display Manager\libcrypto-3-x64.dll
2025-03-23 20:28 - 2019-03-08 03:49 - 001190912 _____ (The Qt Company Ltd.) [Brak podpisu cyfrowego] D:\Program Files (x86)\AARGB\platforms\qwindows.dll
2025-03-23 20:28 - 2019-03-08 03:48 - 000364032 _____ (The Qt Company Ltd.) [Brak podpisu cyfrowego] D:\Program Files (x86)\AARGB\plugins\imageformats\qjpeg-.dll
2025-03-23 20:28 - 2022-10-21 14:53 - 005087232 _____ (The Qt Company Ltd.) [Brak podpisu cyfrowego] D:\Program Files (x86)\AARGB\Qt5Core.dll
2025-03-23 20:28 - 2019-03-08 03:40 - 005342720 _____ (The Qt Company Ltd.) [Brak podpisu cyfrowego] D:\Program Files (x86)\AARGB\Qt5Gui.dll
2025-03-23 20:28 - 2019-03-08 03:40 - 001042432 _____ (The Qt Company Ltd.) [Brak podpisu cyfrowego] D:\Program Files (x86)\AARGB\Qt5Network.dll
2025-03-23 20:28 - 2019-03-08 04:08 - 000065536 _____ (The Qt Company Ltd.) [Brak podpisu cyfrowego] D:\Program Files (x86)\AARGB\Qt5SerialPort.dll
2025-03-23 20:28 - 2019-03-08 03:44 - 004532224 _____ (The Qt Company Ltd.) [Brak podpisu cyfrowego] D:\Program Files (x86)\AARGB\Qt5Widgets.dll
2025-03-23 20:28 - 2019-03-08 04:58 - 000444416 _____ (The Qt Company Ltd.) [Brak podpisu cyfrowego] D:\Program Files (x86)\AARGB\Qt5WinExtras.dll
2025-03-23 20:28 - 2019-03-08 03:47 - 000122880 _____ (The Qt Company Ltd.) [Brak podpisu cyfrowego] D:\Program Files (x86)\AARGB\styles\qwindowsvistastyle.dll

==================== Alternate Data Streams (filtrowane) ========

==================== Tryb awaryjny (filtrowane) ==================

==================== Powiązania plików (filtrowane) =================

==================== Internet Explorer (filtrowane) =============


==================== Hosts - zawartość: =========================

(Użycie dyrektywy Hosts: w fixlist spowoduje reset pliku Hosts.)

2022-05-07 07:24 - 2022-05-07 07:22 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts

==================== Inne obszary ===========================

(Obecnie brak automatycznej naprawy dla tej sekcji.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Windows\System32\AMD;C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem;C:\WINDOWS\System32\WindowsPowerShell\v1.0\;C:\WINDOWS\System32\OpenSSH\;C:\Program Files\dotnet\;C:\Users\aszop\AppData\Local\Microsoft\WindowsApps
HKU\S-1-5-21-2610349650-40441272-853533914-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\aszop\AppData\Local\Packages\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\LocalCache\Microsoft\IrisService\7333977696437564769\133889918175477439.jpg
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Zapora systemu Windows [funkcja włączona]

Network Binding:
=============
Ethernet: Realtek Gaming 2.5GbE Family Controller -> rt640x64.sys
Wi-Fi: RZ616 Wi-Fi 6E 160MHz -> mtkwl6ex.sys

==================== MSCONFIG/TASK MANAGER - Wyłączone elementy ==

(Załączenie wejścia w fixlist spowoduje jego usunięcie.)

HKU\S-1-5-21-2610349650-40441272-853533914-1001\...\StartupApproved\Run: => "MicrosoftEdgeAutoLaunch_FE3685048C96EEA68619512073F4ECD4"
HKU\S-1-5-21-2610349650-40441272-853533914-1001\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-2610349650-40441272-853533914-1001\...\StartupApproved\Run: => "Opera GX Stable"
HKU\S-1-5-21-2610349650-40441272-853533914-1001\...\StartupApproved\Run: => "UninstallT20"
HKU\S-1-5-21-2610349650-40441272-853533914-1001\...\StartupApproved\Run: => "EADM"

==================== Reguły Zapory systemu Windows (filtrowane) ================

(Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.)

FirewallRules: [UDP Query User{7104D4C0-FE39-4074-BDB3-C00C909D8F6D}D:\games\red dead redemption 2\red dead redemption 2\rdr2.exe] => (Allow) D:\games\red dead redemption 2\red dead redemption 2\rdr2.exe (Rockstar Games, Inc. -> Rockstar Games) [Brak podpisu cyfrowego]
FirewallRules: [TCP Query User{CD339969-0D28-4945-9844-F23D439517CF}D:\games\red dead redemption 2\red dead redemption 2\rdr2.exe] => (Allow) D:\games\red dead redemption 2\red dead redemption 2\rdr2.exe (Rockstar Games, Inc. -> Rockstar Games) [Brak podpisu cyfrowego]
FirewallRules: [UDP Query User{2CBC965E-250F-4736-81E0-9E51276DF8F1}D:\games\ea sports fc 24\fc24.exe] => (Allow) D:\games\ea sports fc 24\fc24.exe (Electronic Arts, Inc. -> Electronic Arts)
FirewallRules: [TCP Query User{706556A8-B972-458F-910E-F0D979E15780}D:\games\ea sports fc 24\fc24.exe] => (Allow) D:\games\ea sports fc 24\fc24.exe (Electronic Arts, Inc. -> Electronic Arts)
FirewallRules: [{0CEF8B7D-D8E8-49F4-870D-9F7E1E1A8DE6}] => (Allow) D:\Games\EA SPORTS FC 24\EAAntiCheat.GameServiceLauncher.exe (Electronic Arts, Inc. -> Electronic Arts)
FirewallRules: [{BB7C84B1-B9F5-46FF-9745-7B90BE443F41}] => (Allow) D:\Games\EA SPORTS FC 24\EAAntiCheat.GameServiceLauncher.exe (Electronic Arts, Inc. -> Electronic Arts)
FirewallRules: [{D8EE0136-07D7-4387-B569-2E574EEE37EB}] => (Allow) C:\Program Files\WindowsApps\MSTeams_25044.2208.3471.2155_x64__8wekyb3d8bbwe\ms-teams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{793A84D2-3F55-43B5-85EA-8F6EB3A91749}] => (Allow) C:\Program Files\WindowsApps\MSTeams_25044.2208.3471.2155_x64__8wekyb3d8bbwe\ms-teams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [UDP Query User{9BD6C5AA-DCB1-409F-9782-89749165762D}D:\program files\snappy driver\sdi_r2503.exe] => (Allow) D:\program files\snappy driver\sdi_r2503.exe (www.SamLab.ws) [Brak podpisu cyfrowego]
FirewallRules: [TCP Query User{C38CA645-1352-4DE4-9AB2-C68D81AB3BFB}D:\program files\snappy driver\sdi_r2503.exe] => (Allow) D:\program files\snappy driver\sdi_r2503.exe (www.SamLab.ws) [Brak podpisu cyfrowego]
FirewallRules: [UDP Query User{673E36A2-9A57-49BF-AC27-A57AB5FEFDB6}D:\program files\snappy driver\sdi_x64_r2503.exe] => (Allow) D:\program files\snappy driver\sdi_x64_r2503.exe (www.SamLab.ws) [Brak podpisu cyfrowego]
FirewallRules: [TCP Query User{DBED3C47-5820-436D-B20F-5F26796FF262}D:\program files\snappy driver\sdi_x64_r2503.exe] => (Allow) D:\program files\snappy driver\sdi_x64_r2503.exe (www.SamLab.ws) [Brak podpisu cyfrowego]
FirewallRules: [UDP Query User{A12198C9-1E77-43B6-AF8B-57F8CFB62AED}D:\program files\qbittorrent\qbittorrent.exe] => (Allow) D:\program files\qbittorrent\qbittorrent.exe (The qBittorrent Project) [Brak podpisu cyfrowego]
FirewallRules: [TCP Query User{9E5D37EA-A3E8-4F11-BF45-FA23B5674310}D:\program files\qbittorrent\qbittorrent.exe] => (Allow) D:\program files\qbittorrent\qbittorrent.exe (The qBittorrent Project) [Brak podpisu cyfrowego]
FirewallRules: [{60CE74E8-1850-4F34-9E4D-C102626B1397}] => (Allow) C:\Program Files\WindowsApps\MSTeams_25044.2208.3471.2155_x64__8wekyb3d8bbwe\ms-teams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{174714DF-07AF-403F-A7BB-179C9CE87E96}] => (Allow) C:\Program Files\WindowsApps\MSTeams_25044.2208.3471.2155_x64__8wekyb3d8bbwe\ms-teams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [TCP Query User{1C0FDDA4-658B-4A51-9F93-0BA18ED5D5D2}C:\users\aszop\appdata\local\programs\opera gx\opera.exe] => (Allow) C:\users\aszop\appdata\local\programs\opera gx\opera.exe (Opera Norway AS -> Opera Software)
FirewallRules: [UDP Query User{3138BEFA-30C8-4D4A-9F72-7D347064FF24}C:\users\aszop\appdata\local\programs\opera gx\opera.exe] => (Allow) C:\users\aszop\appdata\local\programs\opera gx\opera.exe (Opera Norway AS -> Opera Software)
FirewallRules: [TCP Query User{C7F6B062-9FBC-4310-A645-E74A34BDDC55}D:\games\hogwarts legacy\phoenix\binaries\win64\hogwartslegacy.exe] => (Allow) D:\games\hogwarts legacy\phoenix\binaries\win64\hogwartslegacy.exe (Warner Bros. Interactive) [Brak podpisu cyfrowego]
FirewallRules: [UDP Query User{4626A74B-9F2D-4654-94E5-887025C1776D}D:\games\hogwarts legacy\phoenix\binaries\win64\hogwartslegacy.exe] => (Allow) D:\games\hogwarts legacy\phoenix\binaries\win64\hogwartslegacy.exe (Warner Bros. Interactive) [Brak podpisu cyfrowego]
FirewallRules: [{62ED1773-961F-4ACF-A08E-87D9C60E9A3A}] => (Allow) C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EABackgroundService.exe (Electronic Arts, Inc. -> Electronic Arts)
FirewallRules: [{E6566B5A-EB10-4620-87B3-B7E5D52CE19B}] => (Allow) C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EABackgroundService.exe (Electronic Arts, Inc. -> Electronic Arts)
FirewallRules: [{34AA6108-DE46-45F0-AA82-2D2657866FFA}] => (Allow) C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EAConnect_microsoft.exe (Electronic Arts, Inc. -> Electronic Arts)
FirewallRules: [{C01977FB-132F-43B1-834F-7D8FFAB5C356}] => (Allow) C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EAConnect_microsoft.exe (Electronic Arts, Inc. -> Electronic Arts)
FirewallRules: [{C673505C-3EFE-4640-9134-289BC7661C1C}] => (Allow) C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EADesktop.exe (Electronic Arts, Inc. -> Electronic Arts)
FirewallRules: [{9E1AC507-E330-42BA-B135-C1569A026C7B}] => (Allow) C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EADesktop.exe (Electronic Arts, Inc. -> Electronic Arts)
FirewallRules: [{59B7AB6A-3D35-48C2-B9CE-8A73386B2B84}] => (Allow) C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EAGEP.exe (Electronic Arts, Inc. -> Electronic Arts)
FirewallRules: [{76C3B1A5-EB01-4B8B-922B-04F0C415A474}] => (Allow) C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EAGEP.exe (Electronic Arts, Inc. -> Electronic Arts)
FirewallRules: [{70F92060-7A2D-4801-B9AA-611BB863E044}] => (Allow) C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EALocalHostSvc.exe (Electronic Arts, Inc. -> Electronic Arts)
FirewallRules: [{B8660DE9-6530-4543-81D4-D4AFE69289D7}] => (Allow) C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EALocalHostSvc.exe (Electronic Arts, Inc. -> Electronic Arts)
FirewallRules: [{DFB45826-F33D-430D-BA20-0AB09B4A3FD8}] => (Allow) C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EALaunchHelper.exe (Electronic Arts, Inc. -> Electronic Arts)
FirewallRules: [FPS-SpoolWorker-In-TCP] => (Allow) C:\WINDOWS\system32\spoolsvworker.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [FPS-SpoolWorker-In-TCP-V2] => (Allow) C:\WINDOWS\system32\spoolsvworker.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [FPS-SpoolWorker-In-TCP-NoScope] => (Allow) C:\WINDOWS\system32\spoolsvworker.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{78CAC282-06B3-4EC5-A741-BD496F9FC7C3}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\135.0.3179.73\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{5EF6B894-D284-47D7-A6F0-FE27DB06C7B0}] => (Allow) C:\Program Files\WindowsApps\MicrosoftTeams_25072.1501.3493.5261_x64__8wekyb3d8bbwe\msteams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{C3A1DE4C-877A-443E-AAA4-7C351A9A0F77}] => (Allow) C:\Program Files\WindowsApps\MicrosoftTeams_25072.1501.3493.5261_x64__8wekyb3d8bbwe\msteams.exe (Microsoft Corporation -> Microsoft Corporation)

==================== Punkty Przywracania systemu =========================

09-04-2025 18:13:19 Instalator modułów systemu Windows
16-04-2025 11:20:36 Windows Update
16-04-2025 11:20:37 Windows Update
16-04-2025 11:20:38 Windows Update
16-04-2025 11:20:41 Windows Update
19-04-2025 08:56:13 Installed AMD_Chipset_Drivers.
19-04-2025 09:15:37 Operacja przywracania

==================== Wadliwe urządzenia w Menedżerze urządzeń ============
Name: Nieznane urządzenie USB (żądanie deskryptora urządzenia nie powiodło się)
Description: Nieznane urządzenie USB (żądanie deskryptora urządzenia nie powiodło się)
Class Guid: {36fc9e60-c465-11cf-8056-444553540000}
Manufacturer: (Standardowy kontroler hosta USB)
Service: 
Problem: : Windows has stopped this device because it has reported problems. (Code 43)
Resolution: One of the drivers controlling the device notified the operating system that the device failed in some manner. For more information about how to diagnose the problem, see the hardware documentation. 


==================== Błędy w Dzienniku zdarzeń: ========================

Dziennik Aplikacja:
==================
Error: (04/19/2025 09:25:46 AM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (4716,R,98,0) SRUJet: Wystąpił błąd -1811 (0xfffff8ed) podczas otwierania pliku dziennika C:\WINDOWS\system32\SRU\SRU0056B.log.

Error: (04/19/2025 07:28:19 AM) (Source: VSS) (EventID: 8193) (User: )
Description: Błąd Usługi kopiowania woluminów w tle: nieoczekiwany błąd podczas wywoływania procedury CoCreateInstance.  hr = 0x8007045b, Trwa proces zamykania systemu..

Error: (04/19/2025 07:28:19 AM) (Source: VSS) (EventID: 13) (User: )
Description: Informacje Usługi kopiowania woluminów w tle: nie można uruchomić serwera usługi COM z identyfikatorem CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} i nazwą CEventSystem. [0x8007045b, Trwa proces zamykania systemu.]

Error: (04/19/2025 07:28:19 AM) (Source: VSS) (EventID: 8193) (User: )
Description: Błąd Usługi kopiowania woluminów w tle: nieoczekiwany błąd podczas wywoływania procedury CoCreateInstance.  hr = 0x8007045b, Trwa proces zamykania systemu..

Error: (04/19/2025 07:28:19 AM) (Source: VSS) (EventID: 13) (User: )
Description: Informacje Usługi kopiowania woluminów w tle: nie można uruchomić serwera usługi COM z identyfikatorem CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} i nazwą CEventSystem. [0x8007045b, Trwa proces zamykania systemu.]

Error: (04/11/2025 10:56:59 PM) (Source: .NET Runtime) (EventID: 1023) (User: )
Description: Description: A .NET application failed.
Application: MyFamilyTree.exe
Path: C:\Program Files\WindowsApps\5864ChronoplexSoftware.MyFamilyTree_15.0.1.0_x64__cfn0exghkdxkm\MyFamilyTree.exe
Message: You must install .NET to run this application.

App: C:\Program Files\WindowsApps\5864ChronoplexSoftware.MyFamilyTree_15.0.1.0_x64__cfn0exghkdxkm\MyFamilyTree.exe
Architecture: x64
App host version: 9.0.3
.NET location: Not found

Learn more:
https://aka.ms/dotnet/app-launch-failed

Download the .NET runtime:
https://aka.ms/dotnet-core-applaunch?missing_runtime=true&arch=x64&rid=win-x64&os=win10&apphost_version=9.0.3

Error: (04/09/2025 06:17:27 PM) (Source: Application Error) (EventID: 1000) (User: ZARZĄDZANIE NT)
Description: Nazwa aplikacji powodującej błąd: svchost.exe_wuauserv, wersja: 10.0.26100.1150, sygnatura czasowa: 0xfdace0d9
Nazwa modułu powodującego błąd: combase.dll, wersja: 10.0.26100.3624, sygnatura czasowa: 0xab214fdb
Kod wyjątku: 0xc0000005
Przesunięcie błędu: 0x00000000000f6d88
Identyfikator procesu błędu:  0x2e0c
Czas uruchomienia aplikacji powodującej błąd: 0x1dba71c9d163d12
Faulting ścieżka aplikacji: C:\WINDOWS\system32\svchost.exe
Faulting ścieżka modułu: C:\WINDOWS\System32\combase.dll
Report Id: dcadfc21-d219-408c-a8e4-5b5439d7a210
Faulting pełna nazwa pakietu: 
Faulting identyfikator aplikacji względnej dla pakietu:

Error: (04/02/2025 11:37:42 AM) (Source: Application Error) (EventID: 1000) (User: SZOPEN)
Description: Nazwa aplikacji powodującej błąd: Explorer.EXE, wersja: 10.0.26100.3624, sygnatura czasowa: 0x42353d5a
Nazwa modułu powodującego błąd: twinui.pcshell.dll, wersja: 10.0.26100.3624, sygnatura czasowa: 0x33e78440
Kod wyjątku: 0xc0000005
Przesunięcie błędu: 0x0000000000033112
Identyfikator procesu błędu:  0x2260
Czas uruchomienia aplikacji powodującej błąd: 0x1dba3af3a7ad701
Faulting ścieżka aplikacji: C:\WINDOWS\Explorer.EXE
Faulting ścieżka modułu: C:\WINDOWS\system32\twinui.pcshell.dll
Report Id: 2bb28025-2fd1-487d-b6bf-0dbe1eb88645
Faulting pełna nazwa pakietu: 
Faulting identyfikator aplikacji względnej dla pakietu:


Dziennik System:
=============
Error: (04/19/2025 11:57:51 AM) (Source: Microsoft-Windows-TPM-WMI) (EventID: 1796) (User: ZARZĄDZANIE NT)
Description: The Secure Boot update failed to update a Secure Boot variable with error (-2147020471 = Funkcja bezpiecznego rozruchu nie jest włączona na tym komputerze.). For more information, please see https://go.microsoft.com/fwlink/?linkid=2169931

Error: (04/19/2025 11:41:57 AM) (Source: Microsoft-Windows-TPM-WMI) (EventID: 1796) (User: ZARZĄDZANIE NT)
Description: The Secure Boot update failed to update a Secure Boot variable with error (-2147020471 = Funkcja bezpiecznego rozruchu nie jest włączona na tym komputerze.). For more information, please see https://go.microsoft.com/fwlink/?linkid=2169931

Error: (04/19/2025 11:09:56 AM) (Source: Microsoft-Windows-TPM-WMI) (EventID: 1796) (User: ZARZĄDZANIE NT)
Description: The Secure Boot update failed to update a Secure Boot variable with error (-2147020471 = Funkcja bezpiecznego rozruchu nie jest włączona na tym komputerze.). For more information, please see https://go.microsoft.com/fwlink/?linkid=2169931

Error: (04/19/2025 11:03:33 AM) (Source: Microsoft-Windows-DeviceAssociationService) (EventID: 3503) (User: ZARZĄDZANIE NT)
Description: Usługa kojarzenia urządzeń wykryła błąd odnajdywania punktów końcowych.

Error: (04/19/2025 10:53:36 AM) (Source: Microsoft-Windows-TPM-WMI) (EventID: 1796) (User: ZARZĄDZANIE NT)
Description: The Secure Boot update failed to update a Secure Boot variable with error (-2147020471 = Funkcja bezpiecznego rozruchu nie jest włączona na tym komputerze.). For more information, please see https://go.microsoft.com/fwlink/?linkid=2169931

Error: (04/19/2025 10:48:35 AM) (Source: EventLog) (EventID: 6008) (User: )
Description: Poprzednie zamknięcie systemu przy 10:47:31 na ‎19.‎04.‎2025 było nieoczekiwane.

Error: (04/19/2025 10:38:10 AM) (Source: Microsoft-Windows-TPM-WMI) (EventID: 1796) (User: ZARZĄDZANIE NT)
Description: The Secure Boot update failed to update a Secure Boot variable with error (-2147020471 = Funkcja bezpiecznego rozruchu nie jest włączona na tym komputerze.). For more information, please see https://go.microsoft.com/fwlink/?linkid=2169931

Error: (04/19/2025 10:21:20 AM) (Source: Microsoft-Windows-TPM-WMI) (EventID: 1796) (User: ZARZĄDZANIE NT)
Description: The Secure Boot update failed to update a Secure Boot variable with error (-2147020471 = Funkcja bezpiecznego rozruchu nie jest włączona na tym komputerze.). For more information, please see https://go.microsoft.com/fwlink/?linkid=2169931


Windows Defender:
================
Date: 2025-04-18 18:33:00
Description: 
Microsoft Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan

Date: 2025-04-17 18:17:07
Description: 
Microsoft Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan

Date: 2025-04-09 21:00:56
Description: 
Microsoft Defender Antivirus has detected malware or other potentially unwanted software.
For more information please see the following:
https://go.microsoft.com/fwlink/?linkid=37020&name=HackTool:Win32/crack&threatid=2147734096&enterprise=0
Name: HackTool:Win32/crack
Severity: High
Category: Tool
Path: file:_D:\Games\Hogwarts Legacy\Phoenix\Binaries\Win64\EMP.dll
Detection Origin: Local machine
Detection Type: Concrete
Detection Source: Real-Time Protection
Process Name: D:\Games\Hogwarts Legacy\Phoenix\Binaries\Win64\HogwartsLegacy.exe
Security intelligence Version: AV: 1.427.152.0, AS: 1.427.152.0, NIS: 1.427.152.0
Engine Version: AM: 1.1.25030.1, NIS: 1.1.25030.1 

Date: 2025-04-04 20:28:04
Description: 
Microsoft Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan

Date: 2025-04-02 11:43:17
Description: 
Microsoft Defender Antivirus has detected malware or other potentially unwanted software.
For more information please see the following:
https://go.microsoft.com/fwlink/?linkid=37020&name=HackTool:Win32/crack&threatid=2147734096&enterprise=0
Name: HackTool:Win32/crack
Severity: High
Category: Tool
Path: file:_D:\Games\Hogwarts Legacy\Phoenix\Binaries\Win64\EMP.dll
Detection Origin: Local machine
Detection Type: Concrete
Detection Source: Real-Time Protection
Process Name: D:\Games\Hogwarts Legacy\Phoenix\Binaries\Win64\HogwartsLegacy.exe
Security intelligence Version: AV: 1.427.8.0, AS: 1.427.8.0, NIS: 1.427.8.0
Engine Version: AM: 1.1.25030.1, NIS: 1.1.25030.1 
﻿Event[0]

Date: 2025-04-19 09:25:50
Description: 
Microsoft Defender Antivirus has encountered an error trying to update security intelligence and will attempt to revert to a previous version.
Security intelligence Attempted: Current
Error Code: 0x80070003
Error description: System nie może odnaleźć określonej ścieżki. 
Security intelligence Version: 0.0.0.0;0.0.0.0
Engine Version: 0.0.0.0 

Date: 2025-03-27 17:41:35
Description: 
Microsoft Defender Antivirus Real-Time Protection feature has encountered an error and failed.
Feature: On Access
Error Code: 0x8007051a
Error description: Wskazuje, że dwa poziomy wydania są niezgodne. 
Reason: Antimalware security intelligence has stopped functioning for an unknown reason. In some instances, restarting the service may resolve the problem. 

CodeIntegrity:
===============
Date: 2025-04-19 12:05:07
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\WindowsApps\53291ModernSoftware.BluetoothBatteryLevelForGameBa_1.0.15.0_x64__zpk82fggye8hp\GameBarBluetoothBatteryLevel.exe) attempted to load \Device\HarddiskVolume3\Users\aszop\AppData\Local\Packages\53291ModernSoftware.BluetoothBatteryLevelForGameBa_zpk82fggye8hp\TempState\SystemDevicesWatcher-x64.exe that did not meet the Store signing level requirements. 


==================== Statystyki pamięci =========================== 

BIOS: American Megatrends International, LLC. 3.20 02/21/2025
Płyta główna: ASRock B650M Pro RS WiFi
Procesor: AMD Ryzen 5 7500F 6-Core Processor 
Procent pamięci w użyciu: 22%
Całkowita pamięć fizyczna: 32343.91 MB
Dostępna pamięć fizyczna: 25061.08 MB
Całkowita pamięć wirtualna: 34391.91 MB
Dostępna pamięć wirtualna: 24521.95 MB

==================== Dyski ================================

Drive c: () (Fixed) (Total:196.92 GB) (Free:118.93 GB) (Model: Lexar SSD NM710 2TB) NTFS
Drive d: () (Fixed) (Total:1655.92 GB) (Free:1322.2 GB) (Model: Lexar SSD NM710 2TB) NTFS

\\?\Volume{ca4a2efa-b452-404c-97c3-38c0bbe7d9e7}\ () (Fixed) (Total:10.07 GB) (Free:9.43 GB) NTFS
\\?\Volume{dce75b24-99ec-459d-b5e3-9b8d090c60ac}\ () (Fixed) (Total:0.09 GB) (Free:0.06 GB) FAT32

==================== MBR & Tablica partycji ====================

==========================================================
Disk: 0 (Size: 1863 GB) (Disk ID: 0BBB2775)

Partition: GPT.

==================== Koniec  Addition.txt =======================