Rezultaty skanu uzupełniającego Farbar Recovery Scan Tool (x86) Wersja: 02-10-2025 Uruchomiony przez PM@home (02-10-2025 23:00:00) Uruchomiony z F:\2025.08.03 Filip P\Farbar Recovery Scan Tool Download FRST\32bit Microsoft Windows 10 Home Wersja 22H2 19045.6216 (X86) (2025-07-09 19:56:35) Tryb startu: Normal ========================================================== ==================== Konta użytkowników: ============================= (Załączenie wejścia w fixlist spowoduje jego usunięcie.) Administrator (S-1-5-21-1801404378-1369135006-3166364519-500 - Administrator - Disabled) Gość (S-1-5-21-1801404378-1369135006-3166364519-501 - Limited - Disabled) HomeGroupUser$ (S-1-5-21-1801404378-1369135006-3166364519-1007 - Limited - Enabled) Konto domyślne (S-1-5-21-1801404378-1369135006-3166364519-503 - Limited - Disabled) PM@home (S-1-5-21-1801404378-1369135006-3166364519-1003 - Administrator - Enabled) => C:\Users\PM@home WDAGUtilityAccount (S-1-5-21-1801404378-1369135006-3166364519-504 - Limited - Disabled) ==================== Centrum zabezpieczeń ======================== (Załączenie wejścia w fixlist spowoduje jego usunięcie.) AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AV: Avast Antivirus (Disabled - Up to date) {EB19B86E-3998-C706-90EF-92B41EB091AF} AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: Avast Antivirus (Enabled - Up to date) {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402} ==================== Zainstalowane programy ====================== (W fixlist dozwolone tylko załączanie programów adware z flagą "Hidden" w celu ich uwidocznienia. Programy adware powinny zostać w poprawny sposób odinstalowane.) Aktualizacje NVIDIA 10.4.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 10.4.0 - NVIDIA Corporation) Avast Free Antivirus (HKLM\...\Avast Antivirus) (Version: 25.9.10453.3120 - Gen Digital Inc.) Brave (HKLM\...\BraveSoftware Brave-Browser) (Version: 139.1.81.137 - Autorzy Brave) CCleaner (HKLM\...\CCleaner) (Version: 6.39 - Piriform) CCleaner Update Helper (HKLM\...\{E4EAC0E2-A80B-479F-BA45-DCDA595C9A93}) (Version: 1.8.1583.3 - Piriform Software) Hidden CPUID CPU-Z 2.15 (HKLM\...\CPUID CPU-Z_is1) (Version: 2.15 - CPUID, Inc.) CrystalDiskInfo 9.6.3 (HKLM\...\CrystalDiskInfo_is1) (Version: 9.6.3 - Crystal Dew World) Dropbox (HKLM\...\Dropbox) (Version: 233.4.4938 - Dropbox, Inc.) Dropbox Update Helper (HKLM\...\{099218A5-A723-43DC-8DB5-6173656A1E94}) (Version: 1.3.983.1 - Dropbox, Inc.) Hidden Goodgame Empire (HKU\S-1-5-21-1801404378-1369135006-3166364519-1003\...\Goodgame Empire) (Version: - ) <==== UWAGA Google Chrome (HKLM\...\Google Chrome) (Version: 140.0.7339.208 - Google LLC) Google Update Helper (HKLM\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.99.0 - Google Inc.) Hidden Honeyview (HKLM\...\Honeyview) (Version: 5.53 - Bandisoft.com) Malwarebytes version 5.4.1.215 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 5.4.1.215 - Malwarebytes) Microsoft Audio Enhancement Troubleshooter installer (HKLM\...\{6E0351FF-6A71-45C5-A041-D4D9D8067EAF}) (Version: 1.0.0.0 - Microsoft Corporation) Hidden Microsoft Edge (HKLM\...\Microsoft Edge) (Version: 140.0.3485.94 - Microsoft Corporation) Microsoft OneDrive (HKU\S-1-5-21-1801404378-1369135006-3166364519-1003\...\OneDriveSetup.exe) (Version: 22.176.0821.0003 - Microsoft Corporation) Microsoft SQL Server Compact 4.0 ENU (HKLM\...\{2F141715-E144-48C0-8562-D193B7AB85BC}) (Version: 4.0.8482.1 - Microsoft Corporation) Microsoft Update Health Tools (HKLM\...\{8F99DEF4-B09B-40D7-9EF5-58DB00C1E053}) (Version: 3.74.0.0 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation) Microsoft Visual C++ 2015 x86 Additional Runtime - 14.0.24215 (HKLM\...\{69BCE4AC-9572-3271-A2FB-9423BDA36A43}) (Version: 14.0.24215 - Microsoft Corporation) Hidden Microsoft Visual C++ 2015 x86 Minimum Runtime - 14.0.24215 (HKLM\...\{BBF2AC74-720C-3CB3-8291-5E34039232FA}) (Version: 14.0.24215 - Microsoft Corporation) Hidden Mozilla Firefox (x86 pl) (HKLM\...\Mozilla Firefox 107.0.1 (x86 pl)) (Version: 107.0.1 - Mozilla) Mozilla Firefox 75.0 (x86 pl) (HKU\S-1-5-21-1801404378-1369135006-3166364519-1003\...\Mozilla Firefox 75.0 (x86 pl)) (Version: 75.0 - Mozilla) Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 107.0.1.8367 - Mozilla) NVIDIA Sterownik dźwięku HD 1.3.30.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.30.1 - NVIDIA Corporation) OpenOffice 4.1.7 (HKLM\...\{4440D601-AB49-4963-B728-BE0DCED42156}) (Version: 4.17.9800 - Apache Software Foundation) Opera Stable 90.0.4480.84 (HKU\S-1-5-21-1801404378-1369135006-3166364519-1003\...\Opera 90.0.4480.84) (Version: 90.0.4480.84 - Opera Software) osrss (HKLM\...\{1BA1133B-1C7A-41A0-8CBF-9B993E63D296}) (Version: 1.0.0 - Microsoft Corporation) Hidden Słownik Języka Polskiego GoNaomi 1.4 (HKLM\...\Słownik Języka Polskiego GoNaomi 1.4) (Version: - ) Środowisko uruchomieniowe Microsoft Edge WebView2 (HKLM\...\Microsoft EdgeWebView) (Version: 139.0.3405.125 - Microsoft Corporation) Hidden Update for Windows (KB5001716) (HKLM\...\{52B5CFE5-CACF-488D-96A6-D5C42B05B1FF}) (Version: 8.94.0.0 - Microsoft Corporation) Update for Windows 10 (KB4480730) (HKLM\...\{D2CA80BE-F97F-45C7-AEE6-87742793EF70}) (Version: 2.53.0.0 - Microsoft Corporation) UpdateAssistant (HKLM\...\{A8CB3AA1-4ED7-4E95-BA0A-3DC927739A0E}) (Version: 1.24.0.0 - Microsoft Corporation) Hidden Windows Setup Remediations (x86) (KB4023057) (HKLM\...\{49cd2afd-8679-48a5-90ab-e7044bee2465}.sdb) (Version: - ) World Of Warships (HKLM\...\World Of Warships) (Version: - ) Chrome apps: ============ Arkusze (HKU\S-1-5-21-1801404378-1369135006-3166364519-1003\...\ae29e3d6f9fcc204e816eb35e9a3c045) (Version: 1.0 - Google\Chrome) Dokumenty (HKU\S-1-5-21-1801404378-1369135006-3166364519-1003\...\91aeaa0e7b7c367b6192d6c80ec65cec) (Version: 1.0 - Google\Chrome) Dysk Google (HKU\S-1-5-21-1801404378-1369135006-3166364519-1003\...\be027ae6956759d77f5e911f45f478ab) (Version: 1.0 - Google\Chrome) Gmail (HKU\S-1-5-21-1801404378-1369135006-3166364519-1003\...\de4934514975d4af6c67cf5745e26c00) (Version: 1.0 - Google\Chrome) Prezentacje (HKU\S-1-5-21-1801404378-1369135006-3166364519-1003\...\fffe38c1a07faa68d9ed75e7f3ed0c80) (Version: 1.0 - Google\Chrome) YouTube (HKU\S-1-5-21-1801404378-1369135006-3166364519-1003\...\7f2e38e54006db036efad07b1ccb1033) (Version: 1.0 - Google\Chrome) Packages: ========= Dodatek Aparat multimediów dla aplikacji Zdjęcia -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x86__8wekyb3d8bbwe [2023-02-10] (Microsoft Corporation) Dropbox -> C:\Program Files\Dropbox\Client\PackageAssets [2025-09-28] (Dropbox Inc.) HP Smart -> C:\Program Files\WindowsApps\AD2F1837.HPPrinterControl_161.1.1087.0_x86__v10z8vjag6ke6 [2025-09-30] (HP Inc.) KYOCERA Print Center -> C:\Program Files\WindowsApps\A97ECD55.KYOCERAPrintCenter_4.4.11708.0_x86__kqmhh0ktdt7dg [2025-08-06] (KYOCERA Document Solutions Inc) Lenovo Vantage -> C:\Program Files\WindowsApps\E046963F.LenovoCompanion_4.28.13.0_x86__k1h2ywk1493x8 [2022-09-19] (LENOVO INC.) Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-10-30] (Microsoft Corporation) [MS Ad] MSN Sport -> C:\Program Files\WindowsApps\Microsoft.BingSports_4.31.11905.0_x86__8wekyb3d8bbwe [2019-11-13] (Microsoft Corporation) [MS Ad] ==================== Niestandardowe rejestracje CLSID (filtrowane): ============== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) CustomCLSID: HKU\S-1-5-21-1801404378-1369135006-3166364519-1003_Classes\CLSID\{087B3AE3-E237-4467-B8DB-5A38AB959AC9}\InprocServer32 -> C:\Program Files\OpenOffice 4\program\shlxthdl\shlxthdl.dll (Apache Software Foundation) [Brak podpisu cyfrowego] CustomCLSID: HKU\S-1-5-21-1801404378-1369135006-3166364519-1003_Classes\CLSID\{30A2652A-DDF7-45e7-ACA6-3EAB26FC8A4E}\localserver32 -> C:\Program Files\OpenOffice 4\program\soffice.exe (Apache Software Foundation) [Brak podpisu cyfrowego] CustomCLSID: HKU\S-1-5-21-1801404378-1369135006-3166364519-1003_Classes\CLSID\{3B092F0C-7696-40E3-A80F-68D74DA84210}\InprocServer32 -> C:\Program Files\OpenOffice 4\program\shlxthdl\shlxthdl.dll (Apache Software Foundation) [Brak podpisu cyfrowego] CustomCLSID: HKU\S-1-5-21-1801404378-1369135006-3166364519-1003_Classes\CLSID\{41662FC2-0D57-4aff-AB27-AD2E12E7C273}\localserver32 -> C:\Program Files\OpenOffice 4\program\soffice.exe (Apache Software Foundation) [Brak podpisu cyfrowego] CustomCLSID: HKU\S-1-5-21-1801404378-1369135006-3166364519-1003_Classes\CLSID\{448BB771-CFE2-47C4-BCDF-1FBF378E202C}\localserver32 -> C:\Program Files\OpenOffice 4\program\soffice.exe (Apache Software Foundation) [Brak podpisu cyfrowego] CustomCLSID: HKU\S-1-5-21-1801404378-1369135006-3166364519-1003_Classes\CLSID\{63542C48-9552-494A-84F7-73AA6A7C99C1}\InprocServer32 -> C:\Program Files\OpenOffice 4\program\shlxthdl\shlxthdl.dll (Apache Software Foundation) [Brak podpisu cyfrowego] CustomCLSID: HKU\S-1-5-21-1801404378-1369135006-3166364519-1003_Classes\CLSID\{7B342DC4-139A-4a46-8A93-DB0827CCEE9C}\localserver32 -> C:\Program Files\OpenOffice 4\program\soffice.exe (Apache Software Foundation) [Brak podpisu cyfrowego] CustomCLSID: HKU\S-1-5-21-1801404378-1369135006-3166364519-1003_Classes\CLSID\{7BC0E710-5703-45BE-A29D-5D46D8B39262}\InprocServer32 -> C:\Program Files\OpenOffice 4\program\shlxthdl\ooofilt.dll (Apache Software Foundation) [Brak podpisu cyfrowego] CustomCLSID: HKU\S-1-5-21-1801404378-1369135006-3166364519-1003_Classes\CLSID\{7FA8AE11-B3E3-4D88-AABF-255526CD1CE8}\localserver32 -> C:\Program Files\OpenOffice 4\program\soffice.exe (Apache Software Foundation) [Brak podpisu cyfrowego] CustomCLSID: HKU\S-1-5-21-1801404378-1369135006-3166364519-1003_Classes\CLSID\{82154420-0FBF-11d4-8313-005004526AB4}\localserver32 -> C:\Program Files\OpenOffice 4\program\soffice.exe (Apache Software Foundation) [Brak podpisu cyfrowego] CustomCLSID: HKU\S-1-5-21-1801404378-1369135006-3166364519-1003_Classes\CLSID\{9B6D38F3-8EF4-48A5-AD30-FFFFFFFFFFFF} -> [HVContext Class] => CustomCLSID: HKU\S-1-5-21-1801404378-1369135006-3166364519-1003_Classes\CLSID\{AE424E85-F6DF-4910-A6A9-438797986431}\InprocServer32 -> C:\Program Files\OpenOffice 4\program\shlxthdl\propertyhdl.dll (Apache Software Foundation) [Brak podpisu cyfrowego] CustomCLSID: HKU\S-1-5-21-1801404378-1369135006-3166364519-1003_Classes\CLSID\{C52AF81D-F7A0-4AAB-8E87-F80A60CCD396}\InprocServer32 -> C:\Program Files\OpenOffice 4\program\shlxthdl\shlxthdl.dll (Apache Software Foundation) [Brak podpisu cyfrowego] CustomCLSID: HKU\S-1-5-21-1801404378-1369135006-3166364519-1003_Classes\CLSID\{D0484DE6-AAEE-468a-991F-8D4B0737B57A}\localserver32 -> C:\Program Files\OpenOffice 4\program\soffice.exe (Apache Software Foundation) [Brak podpisu cyfrowego] CustomCLSID: HKU\S-1-5-21-1801404378-1369135006-3166364519-1003_Classes\CLSID\{D2D59CD1-0A6A-4D36-AE20-47817077D57C}\localserver32 -> C:\Program Files\OpenOffice 4\program\soffice.exe (Apache Software Foundation) [Brak podpisu cyfrowego] CustomCLSID: HKU\S-1-5-21-1801404378-1369135006-3166364519-1003_Classes\CLSID\{E31EA727-12ED-4702-820C-4B6445F28E1A} -> [Dropbox] => C:\Users\PM@home\Dropbox [2016-10-16 19:19] CustomCLSID: HKU\S-1-5-21-1801404378-1369135006-3166364519-1003_Classes\CLSID\{E5A0B632-DFBA-4549-9346-E414DA06E6F8}\localserver32 -> C:\Program Files\OpenOffice 4\program\soffice.exe (Apache Software Foundation) [Brak podpisu cyfrowego] CustomCLSID: HKU\S-1-5-21-1801404378-1369135006-3166364519-1003_Classes\CLSID\{E7629152-0A34-4487-B787-5D1144304455}\localserver32 -> c:\users\pm@home\appdata\local\programs\opera\90.0.4480.84\notification_helper.exe (Opera Norway AS -> The Chromium Authors) CustomCLSID: HKU\S-1-5-21-1801404378-1369135006-3166364519-1003_Classes\CLSID\{EE5D1EA4-D445-4289-B2FC-55FC93693917}\localserver32 -> C:\Program Files\OpenOffice 4\program\soffice.exe (Apache Software Foundation) [Brak podpisu cyfrowego] CustomCLSID: HKU\S-1-5-21-1801404378-1369135006-3166364519-1003_Classes\CLSID\{F616B81F-7BB8-4F22-B8A5-47428D59F8AD}\localserver32 -> C:\Program Files\OpenOffice 4\program\soffice.exe (Apache Software Foundation) [Brak podpisu cyfrowego] ShellIconOverlayIdentifiers: [ DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files\Dropbox\Client\DropboxExt.87.0.dll [2025-09-25] (Dropbox, Inc -> Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files\Dropbox\Client\DropboxExt.87.0.dll [2025-09-25] (Dropbox, Inc -> Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files\Dropbox\Client\DropboxExt.87.0.dll [2025-09-25] (Dropbox, Inc -> Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files\Dropbox\Client\DropboxExt.87.0.dll [2025-09-25] (Dropbox, Inc -> Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files\Dropbox\Client\DropboxExt.87.0.dll [2025-09-25] (Dropbox, Inc -> Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files\Dropbox\Client\DropboxExt.87.0.dll [2025-09-25] (Dropbox, Inc -> Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files\Dropbox\Client\DropboxExt.87.0.dll [2025-09-25] (Dropbox, Inc -> Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files\Dropbox\Client\DropboxExt.87.0.dll [2025-09-25] (Dropbox, Inc -> Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files\Dropbox\Client\DropboxExt.87.0.dll [2025-09-25] (Dropbox, Inc -> Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files\Dropbox\Client\DropboxExt.87.0.dll [2025-09-25] (Dropbox, Inc -> Dropbox, Inc.) ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2025-09-30] (Gen Digital Inc. -> Gen Digital Inc.) ContextMenuHandlers1: [0HVContext] -> {9B6D38F3-8EF4-48A5-AD30-FFFFFFFFFFFF} => C:\Program Files\Honeyview\HVShell32.dll [2024-06-20] (Bandisoft International Inc. -> Bandisoft.com) ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2025-09-30] (Gen Digital Inc. -> Gen Digital Inc.) ContextMenuHandlers1: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files\Dropbox\Client\DropboxExt.87.0.dll [2025-09-25] (Dropbox, Inc -> Dropbox, Inc.) ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2025-09-30] (Gen Digital Inc. -> Gen Digital Inc.) ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2025-10-02] (Malwarebytes Inc -> Malwarebytes) ContextMenuHandlers4: [0HVContext] -> {9B6D38F3-8EF4-48A5-AD30-FFFFFFFFFFFF} => C:\Program Files\Honeyview\HVShell32.dll [2024-06-20] (Bandisoft International Inc. -> Bandisoft.com) ContextMenuHandlers4: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files\Dropbox\Client\DropboxExt.87.0.dll [2025-09-25] (Dropbox, Inc -> Dropbox, Inc.) ContextMenuHandlers5: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files\Dropbox\Client\DropboxExt.87.0.dll [2025-09-25] (Dropbox, Inc -> Dropbox, Inc.) ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\system32\nvshext.dll [2016-11-14] (NVIDIA Corporation -> NVIDIA Corporation) ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2025-09-30] (Gen Digital Inc. -> Gen Digital Inc.) ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2025-10-02] (Malwarebytes Inc -> Malwarebytes) ContextMenuHandlers1_S-1-5-21-1801404378-1369135006-3166364519-1003: [0HVContext] -> {9B6D38F3-8EF4-48A5-AD30-FFFFFFFFFFFF} => C:\Program Files\Honeyview\HVShell32.dll [2024-06-20] (Bandisoft International Inc. -> Bandisoft.com) ContextMenuHandlers4_S-1-5-21-1801404378-1369135006-3166364519-1003: [0HVContext] -> {9B6D38F3-8EF4-48A5-AD30-FFFFFFFFFFFF} => C:\Program Files\Honeyview\HVShell32.dll [2024-06-20] (Bandisoft International Inc. -> Bandisoft.com) ==================== Codecs (filtrowane) ==================== ==================== Skróty & WMI ======================== (Wybrane wejścia mogą zostać załączone w celu ich zresetowania lub usunięcia.) ShortcutWithArgument: C:\Users\PM@home\Pictures\Desktop\- Chrome.lnk -> C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory="Default" ShortcutWithArgument: C:\Users\PM@home\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\World Of Warships\World Of Warships.lnk -> C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC) -> --app=hxxp://cpm.wargaming.net/dyief78m/?pub_id=107 --app-window-size=1366,768 ShortcutWithArgument: C:\Users\PM@home\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\World Of Warships.lnk -> C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC) -> --app=hxxp://cpm.wargaming.net/dyief78m/?pub_id=107 --app-window-size=1366,768 ShortcutWithArgument: C:\Users\PM@home\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\- Chrome — kopia.lnk -> C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory="Default" ==================== Załadowane moduły (filtrowane) ============= ==================== Alternate Data Streams (filtrowane) ======== (Załączenie wejścia w fixlist spowoduje usunięcie strumienia ADS.) AlternateDataStreams: C:\Users\PM@home\Pictures\Desktop\FILMY RELIGIJNE - YouTube.URL:com.dropbox.attributes [168] AlternateDataStreams: C:\Users\PM@home\Pictures\Desktop\Muzyka.lnk:com.dropbox.attributes [168] ==================== Tryb awaryjny (filtrowane) ================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Wartość "AlternateShell" zostanie przywrócona.) HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\aswSP.sys => ""="Driver" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HidSpiCx.sys => ""="Driver" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\aswSP.sys => ""="Driver" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\HidSpiCx.sys => ""="Driver" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service" ==================== Powiązania plików (filtrowane) ================= ==================== Internet Explorer (filtrowane) ============= HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://search.avast.com/AV772/ HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxps://search.avast.com/AV772/search/web?q={searchTerms} HKU\S-1-5-21-1801404378-1369135006-3166364519-1003\Software\Microsoft\Internet Explorer\Main,Search Page = hxxps://search.avast.com/AV772/search/web?q={searchTerms} HKU\S-1-5-21-1801404378-1369135006-3166364519-1003\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://search.avast.com/AV772/ SearchScopes: HKLM -> DefaultScope {8C31F27B-BE8A-4e4b-A478-17760AF1F5D9} URL = hxxps://search.avast.com/AV772/search/web?q={searchTerms} SearchScopes: HKLM -> {8C31F27B-BE8A-4e4b-A478-17760AF1F5D9} URL = hxxps://search.avast.com/AV772/search/web?q={searchTerms} SearchScopes: HKU\S-1-5-21-1801404378-1369135006-3166364519-1003 -> DefaultScope {8C31F27B-BE8A-4e4b-A478-17760AF1F5D9} URL = hxxps://search.avast.com/AV772/search/web?q={searchTerms} SearchScopes: HKU\S-1-5-21-1801404378-1369135006-3166364519-1003 -> {087B6495-B8CF-4677-907C-4ED6A2664202} URL = hxxp://www.nav-pl.com/search?q={searchTerms} SearchScopes: HKU\S-1-5-21-1801404378-1369135006-3166364519-1003 -> {8C31F27B-BE8A-4e4b-A478-17760AF1F5D9} URL = hxxps://search.avast.com/AV772/search/web?q={searchTerms} ==================== Hosts - zawartość: ========================= (Użycie dyrektywy Hosts: w fixlist spowoduje reset pliku Hosts.) 2016-09-25 22:12 - 2020-01-01 16:46 - 000002103 _____ C:\WINDOWS\system32\drivers\etc\hosts 0.0.0.0 0.0.0.0 # fix for traceroute and netstat display anomaly 0.0.0.0 tracking.opencandy.com.s3.amazonaws.com 0.0.0.0 media.opencandy.com 0.0.0.0 cdn.opencandy.com 0.0.0.0 tracking.opencandy.com 0.0.0.0 api.opencandy.com 0.0.0.0 api.recommendedsw.com 0.0.0.0 rp.yefeneri2.com 0.0.0.0 os.yefeneri2.com 0.0.0.0 os2.yefeneri2.com 0.0.0.0 installer.betterinstaller.com 0.0.0.0 installer.filebulldog.com 0.0.0.0 d3oxtn1x3b8d7i.cloudfront.net 0.0.0.0 inno.bisrv.com 0.0.0.0 nsis.bisrv.com 0.0.0.0 cdn.file2desktop.com 0.0.0.0 cdn.goateastcach.us 0.0.0.0 cdn.guttastatdk.us 0.0.0.0 cdn.inskinmedia.com 0.0.0.0 cdn.insta.oibundles2.com 0.0.0.0 cdn.insta.playbryte.com 0.0.0.0 cdn.llogetfastcach.us 0.0.0.0 cdn.montiera.com 0.0.0.0 cdn.msdwnld.com 0.0.0.0 cdn.mypcbackup.com 0.0.0.0 cdn.ppdownload.com 0.0.0.0 cdn.riceateastcach.us 0.0.0.0 cdn.shyapotato.us 0.0.0.0 cdn.solimba.com 0.0.0.0 cdn.tuto4pc.com ==================== Network =========================== (Obecnie brak automatycznej naprawy dla tej sekcji.) DNS Servers: 192.168.1.1 Zapora systemu Windows [funkcja włączona] Network Binding: ============= Ethernet: Broadcom NetLink (TM) Fast Ethernet -> b57nd60x.sys Wi-Fi: Broadcom 802.11g Network Adapter -> bcmwl63l.sys ==================== Inne obszary =========================== (Obecnie brak automatycznej naprawy dla tej sekcji.) HKU\S-1-5-21-1801404378-1369135006-3166364519-1003\Control Panel\Desktop\\Wallpaper -> c:\users\pm@home\appdata\local\packages\microsoft.windows.photos_8wekyb3d8bbwe\localstate\photosappbackground\maryjesus103 (1).jpg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1) HKLM\SOFTWARE\Microsoft\Windows Defender\Features => (TamperProtection: 1) (TamperProtectionSource: ) HKLM\SOFTWARE\Microsoft\Windows Defender\Real-Time Protection => (DpaDisabled: 0) ==================== MSCONFIG/TASK MANAGER - Wyłączone elementy == (Załączenie wejścia w fixlist spowoduje jego usunięcie.) HKU\S-1-5-21-1801404378-1369135006-3166364519-1003\...\StartupApproved\Run: => "Opera Browser Assistant" ==================== Reguły Zapory systemu Windows (filtrowane) ================ (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) FirewallRules: [{B57D19E4-ABE9-46BC-8FD4-5F5F7A843880}] => (Allow) c:\users\pm@home\appdata\local\programs\opera\90.0.4480.84\opera.exe (Opera Norway AS -> Opera Software) FirewallRules: [{EF4399EC-FE14-45A7-9807-A51CCFF44085}] => (Allow) C:\Program Files\AVAST Software\Avast\AvastUI.exe (Gen Digital Inc. -> Gen Digital Inc.) FirewallRules: [{4C8B208E-6C13-438A-BDA4-42A8B366B25F}] => (Allow) C:\Program Files\AVAST Software\Avast\AvastUI.exe (Gen Digital Inc. -> Gen Digital Inc.) FirewallRules: [{1CCC7460-44DE-4369-A307-4E210996DB04}] => (Allow) c:\users\pm@home\appdata\local\programs\opera\90.0.4480.54\opera.exe (Opera Norway AS -> Opera Software) FirewallRules: [UDP Query User{E3A566B2-C6C9-41DA-8CB4-7C8C07D14E51}C:\program files\avast software\avast\avastui.exe] => (Allow) C:\program files\avast software\avast\avastui.exe (Gen Digital Inc. -> Gen Digital Inc.) FirewallRules: [TCP Query User{A5C35F39-5C13-47DA-B0A5-BF88C3DF740D}C:\program files\avast software\avast\avastui.exe] => (Allow) C:\program files\avast software\avast\avastui.exe (Gen Digital Inc. -> Gen Digital Inc.) FirewallRules: [{18A6B3E5-A900-4608-B9A0-6E9AC15C4D9F}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation) FirewallRules: [{D9E98F9A-9E70-4204-B5D8-B87CF953990C}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation) FirewallRules: [{F207729A-F97D-4F77-955C-9A842E8A7508}] => (Allow) C:\Program Files\BraveSoftware\Brave-Browser\Application\brave.exe (Brave Software, Inc. -> Brave Software, Inc.) FirewallRules: [{790906CE-3059-478A-89F1-71A13A0C72F5}] => (Allow) C:\Program Files\Microsoft\EdgeWebView\Application\139.0.3405.125\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [{A83C9787-F9C4-448E-A386-A0B21E75CB61}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC) FirewallRules: [{C56511A6-5D0D-4221-9EBD-411911839B5A}] => (Allow) C:\Program Files\Dropbox\Client\Dropbox.exe (Dropbox, Inc -> Dropbox, Inc.) FirewallRules: [{35A57EF5-961F-4DB5-99FD-D81E8BBCC0AF}] => (Allow) C:\Program Files\Dropbox\Client\Dropbox.exe (Dropbox, Inc -> Dropbox, Inc.) FirewallRules: [{43917745-9C5B-4E2F-91BF-DC076EEADF12}] => (Allow) C:\WINDOWS\SystemApps\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\WindowsBackupClient.exe (Microsoft Windows -> Microsoft Corporation) FirewallRules: [{131DF147-DA30-4C65-A800-3EFCB643897B}] => (Allow) C:\WINDOWS\SystemApps\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\WindowsBackupClient.exe (Microsoft Windows -> Microsoft Corporation) FirewallRules: [{634143C3-D7C3-496D-B925-921F0B14EF0D}] => (Allow) C:\WINDOWS\SystemApps\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\WindowsBackupClient.exe (Microsoft Windows -> Microsoft Corporation) FirewallRules: [{433CBB50-8BA3-4725-9849-3100B90C5EA4}] => (Allow) C:\WINDOWS\SystemApps\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\WindowsBackupClient.exe (Microsoft Windows -> Microsoft Corporation) FirewallRules: [{C57CD1D1-61C8-4C3E-BE5E-423720891638}] => (Allow) C:\WINDOWS\SystemApps\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\WindowsBackupClient.exe (Microsoft Windows -> Microsoft Corporation) FirewallRules: [{F7DF6E59-587E-4707-9285-06FE1B1DFEFA}] => (Allow) C:\WINDOWS\SystemApps\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\WindowsBackupClient.exe (Microsoft Windows -> Microsoft Corporation) FirewallRules: [{A23A05B9-4B43-46F1-A71E-7A2E934084FF}] => (Allow) C:\WINDOWS\SystemApps\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\WindowsBackupClient.exe (Microsoft Windows -> Microsoft Corporation) FirewallRules: [{4CB6E860-5457-4089-9415-EF5B6562BFB3}] => (Allow) C:\WINDOWS\SystemApps\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\WindowsBackupClient.exe (Microsoft Windows -> Microsoft Corporation) ==================== Punkty Przywracania systemu ========================= 15-08-2025 12:07:31 Zaplanowany punkt kontrolny 25-08-2025 15:22:10 Zaplanowany punkt kontrolny 07-09-2025 11:06:28 Instalator modułów systemu Windows 07-09-2025 11:12:59 Instalator modułów systemu Windows 07-09-2025 11:30:06 Instalator modułów systemu Windows 07-09-2025 11:33:59 Instalator modułów systemu Windows ==================== Wadliwe urządzenia w Menedżerze urządzeń ============ ==================== Błędy w Dzienniku zdarzeń: ======================== Dziennik Aplikacja: ================== Error: (09/28/2025 11:12:38 PM) (Source: Microsoft-Windows-Defrag) (EventID: 264) (User: ) Description: Optymalizator magazynów nie może zakończyć operacji ograniczenie ponowne na Lenovo (D:) z następującego powodu: Żądana operacja nie jest obsługiwana przez sprzęt obsługujący wolumin. (0x8900002A) Error: (09/28/2025 11:12:38 PM) (Source: Microsoft-Windows-Defrag) (EventID: 264) (User: ) Description: Optymalizator magazynów nie może zakończyć operacji ograniczenie ponowne na \\?\Volume{db4cfd6e-b900-11de-a07d-806e6f6e6963}\ z następującego powodu: Żądana operacja nie jest obsługiwana przez sprzęt obsługujący wolumin. (0x8900002A) Error: (09/07/2025 11:34:03 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: ) Description: Przetwarzanie wywołania OnIdentity() w obiekcie System Writer przez Usługi kryptograficzne nie powiodło się. Details: AddLegacyDriverFiles: Unable to back up image of binary Protokół LLDP (Link-Layer Discovery Protocol) firmy Microsoft. System Error: Odmowa dostępu.. Error: (09/07/2025 11:30:33 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: ) Description: Przetwarzanie wywołania OnIdentity() w obiekcie System Writer przez Usługi kryptograficzne nie powiodło się. Details: AddLegacyDriverFiles: Unable to back up image of binary Protokół LLDP (Link-Layer Discovery Protocol) firmy Microsoft. System Error: Odmowa dostępu.. Error: (09/07/2025 11:13:26 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: ) Description: Przetwarzanie wywołania OnIdentity() w obiekcie System Writer przez Usługi kryptograficzne nie powiodło się. Details: AddLegacyDriverFiles: Unable to back up image of binary Protokół LLDP (Link-Layer Discovery Protocol) firmy Microsoft. System Error: Odmowa dostępu.. Error: (09/07/2025 11:07:07 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: ) Description: Przetwarzanie wywołania OnIdentity() w obiekcie System Writer przez Usługi kryptograficzne nie powiodło się. Details: AddLegacyDriverFiles: Unable to back up image of binary Protokół LLDP (Link-Layer Discovery Protocol) firmy Microsoft. System Error: Odmowa dostępu.. Error: (09/07/2025 10:52:01 AM) (Source: DbxSvc) (EventID: 322) (User: ) Description: Failed to get driver message: (-2147024890) Nieprawidłowe dojście. Error: (09/02/2025 04:48:38 PM) (Source: DbxSvc) (EventID: 322) (User: ) Description: Failed to get driver message: (-2147024890) Nieprawidłowe dojście. Dziennik System: ============= Error: (10/01/2025 01:29:08 AM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Nie można uruchomić usługi Usługa Google Update (gupdate) z powodu następującego błędu: Usługa nie odpowiada na sygnał uruchomienia lub sygnał sterujący w oczekiwanym czasie. Error: (10/01/2025 01:29:08 AM) (Source: Service Control Manager) (EventID: 7009) (User: ) Description: Upłynął limit czasu (30000 ms) podczas oczekiwania na połączenie się z usługą Usługa Google Update (gupdate). Error: (10/01/2025 01:29:06 AM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Nie można uruchomić usługi Usługa Aktualizacja Dropbox (dbupdate) z powodu następującego błędu: Usługa nie odpowiada na sygnał uruchomienia lub sygnał sterujący w oczekiwanym czasie. Error: (10/01/2025 01:29:06 AM) (Source: Service Control Manager) (EventID: 7009) (User: ) Description: Upłynął limit czasu (30000 ms) podczas oczekiwania na połączenie się z usługą Usługa Aktualizacja Dropbox (dbupdate). Error: (10/01/2025 01:26:57 AM) (Source: Service Control Manager) (EventID: 7001) (User: ) Description: Usługa WMPNetworkSvc zależy od usługi WSearch, której nie można uruchomić z powodu następującego błędu: Nie można uruchomić określonej usługi, ponieważ jest ona wyłączona lub ponieważ nie są włączone skojarzone z nią urządzenia. Error: (10/01/2025 01:05:43 AM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Nie można uruchomić usługi Usługa Google Update (gupdate) z powodu następującego błędu: Usługa nie odpowiada na sygnał uruchomienia lub sygnał sterujący w oczekiwanym czasie. Error: (10/01/2025 01:05:43 AM) (Source: Service Control Manager) (EventID: 7009) (User: ) Description: Upłynął limit czasu (30000 ms) podczas oczekiwania na połączenie się z usługą Usługa Google Update (gupdate). Error: (10/01/2025 01:05:30 AM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Nie można uruchomić usługi Usługa Aktualizacja Dropbox (dbupdate) z powodu następującego błędu: Usługa nie odpowiada na sygnał uruchomienia lub sygnał sterujący w oczekiwanym czasie. CodeIntegrity: =============== Date: 2025-10-02 23:01:32 Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume2\Program Files\Malwarebytes\Anti-Malware\mbamsi32.dll that did not meet the Windows signing level requirements. Date: 2025-09-02 16:58:15 Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume2\Program Files\Malwarebytes\Anti-Malware\mbae.dll that did not meet the Microsoft signing level requirements. ==================== Statystyki pamięci =========================== BIOS: LENOVO 18CN37WW(V2.10) 09/18/2009 Płyta główna: LENOVO NITU1 Procesor: Intel(R) Core(TM)2 Duo CPU T6600 @ 2.20GHz Procent pamięci w użyciu: 70% Całkowita pamięć fizyczna: 3036.6 MB Dostępna pamięć fizyczna: 898.35 MB Całkowita pamięć wirtualna: 5418.61 MB Dostępna pamięć wirtualna: 2020.31 MB ==================== Dyski ================================ Drive c: () (Fixed) (Total:420.56 GB) (Free:369.94 GB) (Model: WDC WD5000BEVT-22ZAT0) NTFS Drive d: (Lenovo) (Fixed) (Total:30.25 GB) (Free:27.84 GB) (Model: WDC WD5000BEVT-22ZAT0) NTFS Drive f: () (Removable) (Total:28.64 GB) (Free:15 GB) NTFS \\?\Volume{db4cfd6e-b900-11de-a07d-806e6f6e6963}\ () (Fixed) (Total:0.2 GB) (Free:0.16 GB) NTFS ==================== MBR & Tablica partycji ==================== ========================================================== Disk: 0 (MBR Code: Windows 7/8/10) (Size: 465.8 GB) (Disk ID: 8F8A2C8C) Partition 1: (Active) - (Size=200 MB) - (Type=07 NTFS) Partition 2: (Not Active) - (Size=420.6 GB) - (Type=07 NTFS) Partition 3: (Not Active) - (Size=30.2 GB) - (Type=0F Extended) Partition 4: (Not Active) - (Size=14.8 GB) - (Type=12) ========================================================== Disk: 1 (Size: 28.6 GB) (Disk ID: 6C9311DC) Partition 1: (Not Active) - (Size=28.6 GB) - (Type=07 NTFS) ==================== Koniec Addition.txt =======================