Rezultaty skanu uzupełniającego Farbar Recovery Scan Tool (x64) Wersja: 17-04-2021 Uruchomiony przez Madzia (23-04-2021 20:54:32) Uruchomiony z C:\Users\Madzia\Downloads Windows 10 Pro Wersja 20H2 19042.630 (X64) (2020-11-17 20:34:41) Tryb startu: Normal ========================================================== ==================== Konta użytkowników: ============================= Administrator (S-1-5-21-3189969117-2522396855-332772548-500 - Administrator - Disabled) Gość (S-1-5-21-3189969117-2522396855-332772548-501 - Limited - Disabled) Konto domyślne (S-1-5-21-3189969117-2522396855-332772548-503 - Limited - Disabled) Madzia (S-1-5-21-3189969117-2522396855-332772548-1001 - Administrator - Enabled) => C:\Users\Madzia Madzik (S-1-5-21-3189969117-2522396855-332772548-1002 - Limited - Enabled) => C:\Users\Madzik WDAGUtilityAccount (S-1-5-21-3189969117-2522396855-332772548-504 - Limited - Disabled) ==================== Centrum zabezpieczeń ======================== (Załączenie wejścia w fixlist spowoduje jego usunięcie.) AV: ESET Security (Enabled - Up to date) {89B55CC4-3881-78B2-11E2-479AE0371896} AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AV: ESET Security (Enabled - Up to date) {885D845F-AF19-0124-FECE-FFF49D00F440} AS: ESET Security (Disabled - Up to date) {333C65BB-8923-0EAA-C47E-C486E687BEFD} AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} FW: ESET Zapora (Enabled) {B066057A-E576-007C-D591-56C163D3B33B} FW: ESET Zapora (Enabled) {B18EDDE1-72EE-79EA-3ABD-EEAF1EE45FED} ==================== Zainstalowane programy ====================== (W fixlist dozwolone tylko załączanie programów adware z flagą "Hidden" w celu ich uwidocznienia. Programy adware powinny zostać w poprawny sposób odinstalowane.) Adobe Acrobat Reader DC - Polish (HKLM-x32\...\{AC76BA86-7AD7-1045-7B44-AC0F074E4100}) (Version: 21.001.20150 - Adobe Systems Incorporated) Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 32.0.0.125 - Adobe) AMD Software (HKLM\...\AMD Catalyst Install Manager) (Version: 21.2.2 - Advanced Micro Devices, Inc.) Arduino (HKLM-x32\...\Arduino) (Version: 1.8.10 - Arduino LLC) ASRock RapidStart v1.0.7 (HKLM\...\ASRock RapidStart_is1) (Version: - ASRock Inc.) Asystent aktualizacji do systemu Windows 10 (HKLM-x32\...\{D5C69738-B486-402E-85AC-2456D98A64E4}) (Version: 1.4.9200.23258 - Microsoft Corporation) Branding64 (HKLM\...\{856DA29A-EA4A-468B-BBC2-B5F60DD75BFE}) (Version: 1.00.0002 - Advanced Micro Devices, Inc.) Hidden CCleaner (HKLM\...\CCleaner) (Version: 5.76 - Piriform) Core Temp 1.15.1 (HKLM\...\{086D343F-8E78-4AFC-81AC-D6D414AFD8AC}_is1) (Version: 1.15.1 - ALCPU) Driver Booster 7 (HKLM-x32\...\Driver Booster_is1) (Version: 7.2.0 - IObit) EaseUS Partition Master 14.0 (HKLM-x32\...\EaseUS Partition Master_is1) (Version: - EaseUS) ESET Security (HKLM\...\{EC96F234-2A42-4D7D-9C33-443566F72BF5}) (Version: 14.0.22.0 - ESET, spol. s r.o.) FastStone Image Viewer 7.1 (HKLM-x32\...\FastStone Image Viewer) (Version: 7.1 - FastStone Soft) Intel(R) Network Connections 20.2.4001.0 (HKLM\...\PROSetDX) (Version: 20.2.4001.0 - Intel) Kaspersky Safe Kids (HKLM-x32\...\{2B7C9313-351F-4372-B4C6-921AED218652}) (Version: 1.0.5.1360 - Kaspersky) Hidden Kaspersky Safe Kids (HKLM-x32\...\InstallWIX_{2B7C9313-351F-4372-B4C6-921AED218652}) (Version: 1.0.5.1360 - Kaspersky) Malwarebytes version 4.3.0.98 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 4.3.0.98 - Malwarebytes) Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 90.0.818.42 - Microsoft Corporation) Microsoft Office Professional Plus 2019 - pl-pl (HKLM\...\ProPlus2019Retail - pl-pl) (Version: 16.0.13901.20400 - Microsoft Corporation) Microsoft OneDrive (HKU\S-1-5-21-3189969117-2522396855-332772548-1001\...\OneDriveSetup.exe) (Version: 21.052.0314.0001 - Microsoft Corporation) Microsoft OneDrive (HKU\S-1-5-21-3189969117-2522396855-332772548-1002\...\OneDriveSetup.exe) (Version: 21.052.0314.0001 - Microsoft Corporation) Microsoft Update Health Tools (HKLM\...\{97238E8A-4919-4A1E-965A-C6C36938F4CE}) (Version: 2.68.0.0 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40660 (HKLM-x32\...\{ef6b00ec-13e1-4c25-9064-b2f383cb8412}) (Version: 12.0.40660.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.40660 (HKLM-x32\...\{61087a79-ac85-455c-934d-1fa22cc64f36}) (Version: 12.0.40660.0 - Microsoft Corporation) Microsoft Visual C++ 2015-2019 Redistributable (x64) - 14.25.28508 (HKLM-x32\...\{6913e92a-b64e-41c9-a5e6-cef39207fe89}) (Version: 14.25.28508.3 - Microsoft Corporation) Microsoft Visual C++ 2015-2019 Redistributable (x86) - 14.21.27702 (HKLM-x32\...\{49697869-be8e-427d-81a0-c334d1d14950}) (Version: 14.21.27702.2 - Microsoft Corporation) Microsoft XNA Framework Redistributable 4.0 Refresh (HKLM-x32\...\{D69C8EDE-BBC5-436B-8E0E-C5A6D311CF4F}) (Version: 4.0.30901.0 - Microsoft Corporation) Mozilla Firefox 88.0 (x64 pl) (HKLM\...\Mozilla Firefox 88.0 (x64 pl)) (Version: 88.0 - Mozilla) Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 67.0.1 - Mozilla) MSI Afterburner 4.6.2 (HKLM-x32\...\Afterburner) (Version: 4.6.2 - MSI Co., LTD) MSI Kombustor 3.5.0 (HKLM\...\{9598DA62-2AE8-426D-9C86-BEA96AC6721E}_is1) (Version: - MSI Co., LTD) MSI Live Update 6 (HKLM-x32\...\{4F46CF54-47D2-41F4-B230-B0954C544420}}_is1) (Version: 6.2.0.69 - MSI) MSIRegister (HKLM-x32\...\{80B995A4-3A86-4690-98A6-563F1A788835}_is1) (Version: 2.0.0.19 - MSI) Need for Speed Most Wanted Limited Edition (HKLM-x32\...\Need for Speed Most Wanted Limited Edition_is1) (Version: - ) Need For Speed Payback Deluxe Edition MULTi10 - ElAmigos wersja 1.0 (HKLM-x32\...\{7FBF018C-83D4-432A-8F9A-123337B9366B}_is1) (Version: 1.0 - Electronic Arts) O&O DiskImage (HKLM\...\{9D22A4A4-B8EA-475E-89D8-94C170622BBD}) (Version: 16.1.191 - O&O Software GmbH) Office 16 Click-to-Run Extensibility Component (HKLM-x32\...\{90160000-008C-0000-0000-0000000FF1CE}) (Version: 16.0.13901.20400 - Microsoft Corporation) Hidden Office 16 Click-to-Run Extensibility Component 64-bit Registration (HKLM\...\{90160000-00DD-0000-1000-0000000FF1CE}) (Version: 16.0.13901.20336 - Microsoft Corporation) Hidden Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-008F-0000-1000-0000000FF1CE}) (Version: 16.0.13901.20400 - Microsoft Corporation) Hidden Office 16 Click-to-Run Localization Component (HKLM-x32\...\{90160000-008C-0415-0000-0000000FF1CE}) (Version: 16.0.13901.20336 - Microsoft Corporation) Hidden OpenAL (HKLM-x32\...\OpenAL) (Version: - ) Oprogramowanie Logitech Unifying 2.50 (HKLM\...\Logitech Unifying) (Version: 2.50.25 - Logitech) Oprogramowanie mikroukładu Intel® (HKLM-x32\...\{c7f54569-0018-439c-809a-48046a4d4ebc}) (Version: 10.1.1.9 - Intel(R) Corporation) Hidden Polar FlowSync wersja 3.0.0.1337 (HKLM-x32\...\{A1538F5C-7B65-4DB6-9FFB-FFC0DF2E85D8}_is1) (Version: 3.0.0.1337 - Polar Electro Oy) PotPlayer-64 bit (HKLM\...\PotPlayer64) (Version: 200616 - Kakao Corp.) Pure Farming 2018 Big Machines (HKLM-x32\...\Pure Farming 2018 Big Machines_is1) (Version: - ) RivaTuner Statistics Server 7.2.2 (HKLM-x32\...\RTSS) (Version: 7.2.2 - Unwinder) Scratch 2 Offline Editor (HKLM-x32\...\{6E988774-5309-E02E-7EA8-F19CB65C2063}) (Version: 255 - Massachusetts Institute of Technology) Hidden Scratch 2 Offline Editor (HKLM-x32\...\edu.media.mit.Scratch2Editor) (Version: 461 - Massachusetts Institute of Technology) Tux Paint 0.9.23 (HKLM-x32\...\Tux Paint_is1) (Version: - New Breed Software) WinRAR 5.71 (64-bitowy) (HKLM\...\WinRAR archiver) (Version: 5.71.0 - win.rar GmbH) Zoom (HKU\S-1-5-21-3189969117-2522396855-332772548-1002\...\ZoomUMX) (Version: 5.4.9 (59931.0110) - Zoom Video Communications, Inc.) Packages: ========= Candy Crush Friends -> C:\Program Files\WindowsApps\king.com.CandyCrushFriends_1.57.2.0_x86__kgqvnymyfvs32 [2021-04-21] (king.com) Candy Crush Saga -> C:\Program Files\WindowsApps\king.com.CandyCrushSaga_1.2000.2.0_x86__kgqvnymyfvs32 [2021-04-16] (king.com) Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.9.4072.0_x64__8wekyb3d8bbwe [2021-04-16] (Microsoft Studios) [MS Ad] ==================== Niestandardowe rejestracje CLSID (filtrowane): ============== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) ShellIconOverlayIdentifiers: [OODIIcon] -> {14A94384-BBED-47ed-86C0-6BF63FD892D0} => C:\Program Files\OO Software\DiskImage\oodishi.dll [2021-02-10] (O&O Software GmbH -> O&O Software GmbH) ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => -> Brak pliku ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} => -> Brak pliku ContextMenuHandlers1: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} => -> Brak pliku ContextMenuHandlers1: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Security\shellExt.dll [2020-10-29] (ESET, spol. s r.o. -> ESET) ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2019-05-07] (win.rar GmbH -> Alexander Roshal) ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2019-05-07] (win.rar GmbH -> Alexander Roshal) ContextMenuHandlers2: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Security\shellExt.dll [2020-10-29] (ESET, spol. s r.o. -> ESET) ContextMenuHandlers2: [OODIDismount] -> {BF5F9978-5B95-4F2E-BB19-5D95234187EE} => C:\Program Files\OO Software\DiskImage\oodishd.dll [2021-02-10] (O&O Software GmbH -> O&O Software GmbH) ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2019-06-26] (Malwarebytes Corporation -> Malwarebytes) ContextMenuHandlers3: [{4A7C4306-57E0-4C0C-83A9-78C1528F618C}] -> {4A7C4306-57E0-4C0C-83A9-78C1528F618C} => -> Brak pliku ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => -> Brak pliku ContextMenuHandlers5: [ACE] -> {5E2121EE-0300-11D4-8D3B-444553540000} => C:\WINDOWS\System32\atiacm64.dll [2021-02-11] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.) ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> Brak pliku ContextMenuHandlers6: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} => -> Brak pliku ContextMenuHandlers6: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Security\shellExt.dll [2020-10-29] (ESET, spol. s r.o. -> ESET) ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2019-06-26] (Malwarebytes Corporation -> Malwarebytes) ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2019-05-07] (win.rar GmbH -> Alexander Roshal) ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2019-05-07] (win.rar GmbH -> Alexander Roshal) ==================== Codecs (filtrowane) ==================== (Załączenie wejścia w fixlist spowoduje usunięcie obiektu z rejestru lub przywrócenie jego domyślnej postaci. Powiązany plik nie zostanie przeniesiony.) HKLM\...\Drivers32: [vidc.i420] => C:\WINDOWS\system32\lvcod64.dll [175392 2012-10-26] (Logitech, Inc. -> Logitech Inc.) HKLM\...\Drivers32: [VIDC.RTV1] => C:\WINDOWS\system32\rtvcvfw64.dll [246272 2012-09-28] () [Brak podpisu cyfrowego] HKLM\...\Drivers32: [vidc.i420] => C:\Windows\SysWOW64\lvcodec2.dll [305000 2012-10-26] (Logitech, Inc. -> Logitech Inc.) HKLM\...\Drivers32: [VIDC.RTV1] => C:\Windows\SysWOW64\rtvcvfw32.dll [247296 2012-09-28] () [Brak podpisu cyfrowego] ==================== Skróty & WMI ======================== ==================== Załadowane moduły (filtrowane) ============= 2020-05-22 17:05 - 2005-07-18 13:43 - 000160256 _____ () [Brak podpisu cyfrowego] C:\Program Files (x86)\MSI\Live Update\unrar.dll 2021-01-06 12:59 - 2021-01-06 12:59 - 000017920 _____ () [Brak podpisu cyfrowego] C:\Program Files\AMD\CNext\CNext\libEGL.dll 2021-01-06 12:59 - 2021-01-06 12:59 - 003567616 _____ () [Brak podpisu cyfrowego] C:\Program Files\AMD\CNext\CNext\libGLESv2.dll 2021-02-05 01:05 - 2021-02-05 01:05 - 001470976 _____ (Advanced Micro Devices, Inc.) [Brak podpisu cyfrowego] C:\Program Files\AMD\WVR\OpenVR\bin\win64\driver_amdwvr.dll 2021-01-06 13:00 - 2021-01-06 13:00 - 000031744 _____ (The Qt Company Ltd.) [Brak podpisu cyfrowego] C:\Program Files\AMD\CNext\CNext\plugins\imageformats\qgif.dll 2021-01-06 13:00 - 2021-01-06 13:00 - 000039424 _____ (The Qt Company Ltd.) [Brak podpisu cyfrowego] C:\Program Files\AMD\CNext\CNext\plugins\imageformats\qicns.dll 2021-01-06 13:00 - 2021-01-06 13:00 - 000031744 _____ (The Qt Company Ltd.) [Brak podpisu cyfrowego] C:\Program Files\AMD\CNext\CNext\plugins\imageformats\qico.dll 2021-01-06 13:00 - 2021-01-06 13:00 - 000414720 _____ (The Qt Company Ltd.) [Brak podpisu cyfrowego] C:\Program Files\AMD\CNext\CNext\plugins\imageformats\qjpeg.dll 2021-01-06 13:00 - 2021-01-06 13:00 - 000025088 _____ (The Qt Company Ltd.) [Brak podpisu cyfrowego] C:\Program Files\AMD\CNext\CNext\plugins\imageformats\qsvg.dll 2021-01-06 13:00 - 2021-01-06 13:00 - 000024576 _____ (The Qt Company Ltd.) [Brak podpisu cyfrowego] C:\Program Files\AMD\CNext\CNext\plugins\imageformats\qtga.dll 2021-01-06 13:00 - 2021-01-06 13:00 - 000023552 _____ (The Qt Company Ltd.) [Brak podpisu cyfrowego] C:\Program Files\AMD\CNext\CNext\plugins\imageformats\qwbmp.dll 2021-01-06 13:00 - 2021-01-06 13:00 - 000532992 _____ (The Qt Company Ltd.) [Brak podpisu cyfrowego] C:\Program Files\AMD\CNext\CNext\plugins\imageformats\qwebp.dll 2021-01-06 13:00 - 2021-01-06 13:00 - 001441792 _____ (The Qt Company Ltd.) [Brak podpisu cyfrowego] C:\Program Files\AMD\CNext\CNext\plugins\platforms\qwindows.dll 2021-01-06 13:00 - 2021-01-06 13:00 - 001189888 _____ (The Qt Company Ltd.) [Brak podpisu cyfrowego] C:\Program Files\AMD\CNext\CNext\plugins\sqldrivers\qsqlite.dll 2021-01-06 13:00 - 2021-01-06 13:00 - 000134656 _____ (The Qt Company Ltd.) [Brak podpisu cyfrowego] C:\Program Files\AMD\CNext\CNext\plugins\styles\qwindowsvistastyle.dll 2021-01-06 12:59 - 2021-01-06 12:59 - 006184448 _____ (The Qt Company Ltd.) [Brak podpisu cyfrowego] C:\Program Files\AMD\CNext\CNext\Qt5Core.dll 2021-01-06 12:59 - 2021-01-06 12:59 - 006867456 _____ (The Qt Company Ltd.) [Brak podpisu cyfrowego] C:\Program Files\AMD\CNext\CNext\Qt5Gui.dll 2021-01-06 12:59 - 2021-01-06 12:59 - 001104896 _____ (The Qt Company Ltd.) [Brak podpisu cyfrowego] C:\Program Files\AMD\CNext\CNext\Qt5Network.dll 2021-01-06 12:59 - 2021-01-06 12:59 - 000325120 _____ (The Qt Company Ltd.) [Brak podpisu cyfrowego] C:\Program Files\AMD\CNext\CNext\Qt5Positioning.dll 2021-01-06 12:59 - 2021-01-06 12:59 - 003668480 _____ (The Qt Company Ltd.) [Brak podpisu cyfrowego] C:\Program Files\AMD\CNext\CNext\Qt5Qml.dll 2021-01-06 12:59 - 2021-01-06 12:59 - 000517120 _____ (The Qt Company Ltd.) [Brak podpisu cyfrowego] C:\Program Files\AMD\CNext\CNext\Qt5QmlModels.dll 2021-01-06 12:59 - 2021-01-06 12:59 - 000051712 _____ (The Qt Company Ltd.) [Brak podpisu cyfrowego] C:\Program Files\AMD\CNext\CNext\Qt5QmlWorkerScript.dll 2021-01-06 12:59 - 2021-01-06 12:59 - 004228608 _____ (The Qt Company Ltd.) [Brak podpisu cyfrowego] C:\Program Files\AMD\CNext\CNext\Qt5Quick.dll 2021-01-06 12:59 - 2021-01-06 12:59 - 000171008 _____ (The Qt Company Ltd.) [Brak podpisu cyfrowego] C:\Program Files\AMD\CNext\CNext\Qt5QuickControls2.dll 2021-01-06 12:59 - 2021-01-06 12:59 - 001085440 _____ (The Qt Company Ltd.) [Brak podpisu cyfrowego] C:\Program Files\AMD\CNext\CNext\Qt5QuickTemplates2.dll 2021-01-06 12:59 - 2021-01-06 12:59 - 000205824 _____ (The Qt Company Ltd.) [Brak podpisu cyfrowego] C:\Program Files\AMD\CNext\CNext\Qt5Sql.dll 2021-01-06 12:59 - 2021-01-06 12:59 - 000329728 _____ (The Qt Company Ltd.) [Brak podpisu cyfrowego] C:\Program Files\AMD\CNext\CNext\Qt5Svg.dll 2021-01-06 12:59 - 2021-01-06 12:59 - 000127488 _____ (The Qt Company Ltd.) [Brak podpisu cyfrowego] C:\Program Files\AMD\CNext\CNext\Qt5WebChannel.dll 2021-01-06 12:59 - 2021-01-06 12:59 - 000390656 _____ (The Qt Company Ltd.) [Brak podpisu cyfrowego] C:\Program Files\AMD\CNext\CNext\Qt5WebEngine.dll 2021-01-06 12:59 - 2021-01-06 12:59 - 095598080 _____ (The Qt Company Ltd.) [Brak podpisu cyfrowego] C:\Program Files\AMD\CNext\CNext\Qt5WebEngineCore.dll 2021-01-06 12:59 - 2021-01-06 12:59 - 005587968 _____ (The Qt Company Ltd.) [Brak podpisu cyfrowego] C:\Program Files\AMD\CNext\CNext\Qt5Widgets.dll 2021-01-06 12:59 - 2021-01-06 12:59 - 000462848 _____ (The Qt Company Ltd.) [Brak podpisu cyfrowego] C:\Program Files\AMD\CNext\CNext\Qt5WinExtras.dll 2021-01-06 12:59 - 2021-01-06 12:59 - 000188928 _____ (The Qt Company Ltd.) [Brak podpisu cyfrowego] C:\Program Files\AMD\CNext\CNext\Qt5Xml.dll 2021-01-06 12:59 - 2021-01-06 12:59 - 002878464 _____ (The Qt Company Ltd.) [Brak podpisu cyfrowego] C:\Program Files\AMD\CNext\CNext\Qt5XmlPatterns.dll 2021-01-06 13:00 - 2021-01-06 13:00 - 000055808 _____ (The Qt Company Ltd.) [Brak podpisu cyfrowego] C:\Program Files\AMD\CNext\CNext\QtGraphicalEffects\private\qtgraphicaleffectsprivate.dll 2021-01-06 13:00 - 2021-01-06 13:00 - 000059392 _____ (The Qt Company Ltd.) [Brak podpisu cyfrowego] C:\Program Files\AMD\CNext\CNext\QtGraphicalEffects\qtgraphicaleffectsplugin.dll 2021-01-06 13:00 - 2021-01-06 13:00 - 000017920 _____ (The Qt Company Ltd.) [Brak podpisu cyfrowego] C:\Program Files\AMD\CNext\CNext\QtQml\qmlplugin.dll 2021-01-06 13:00 - 2021-01-06 13:00 - 000017920 _____ (The Qt Company Ltd.) [Brak podpisu cyfrowego] C:\Program Files\AMD\CNext\CNext\QtQuick.2\qtquick2plugin.dll 2021-01-06 13:00 - 2021-01-06 13:00 - 000284160 _____ (The Qt Company Ltd.) [Brak podpisu cyfrowego] C:\Program Files\AMD\CNext\CNext\QtQuick\Controls.2\qtquickcontrols2plugin.dll 2021-01-06 13:00 - 2021-01-06 13:00 - 000333824 _____ (The Qt Company Ltd.) [Brak podpisu cyfrowego] C:\Program Files\AMD\CNext\CNext\QtQuick\Controls\qtquickcontrolsplugin.dll 2021-01-06 13:00 - 2021-01-06 13:00 - 000136704 _____ (The Qt Company Ltd.) [Brak podpisu cyfrowego] C:\Program Files\AMD\CNext\CNext\QtQuick\Dialogs\dialogplugin.dll 2021-01-06 13:00 - 2021-01-06 13:00 - 000090112 _____ (The Qt Company Ltd.) [Brak podpisu cyfrowego] C:\Program Files\AMD\CNext\CNext\QtQuick\Layouts\qquicklayoutsplugin.dll 2021-01-06 13:00 - 2021-01-06 13:00 - 000313856 _____ (The Qt Company Ltd.) [Brak podpisu cyfrowego] C:\Program Files\AMD\CNext\CNext\QtQuick\Templates.2\qtquicktemplates2plugin.dll 2021-01-06 13:00 - 2021-01-06 13:00 - 000017920 _____ (The Qt Company Ltd.) [Brak podpisu cyfrowego] C:\Program Files\AMD\CNext\CNext\QtQuick\Window.2\windowplugin.dll 2021-02-05 01:16 - 2021-02-05 01:16 - 000091648 _____ (The Qt Company Ltd.) [Brak podpisu cyfrowego] C:\Program Files\AMD\CNext\CNext\QtWebEngine\qtwebengineplugin.dll ==================== Alternate Data Streams (filtrowane) ======== ==================== Tryb awaryjny (filtrowane) ================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Wartość "AlternateShell" zostanie przywrócona.) HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service" ==================== Powiązania plików (filtrowane) ================= ==================== Internet Explorer (filtrowane) ========== BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2021-03-07] (Microsoft Corporation -> Microsoft Corporation) BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\Office16\OCHelper.dll [2021-03-07] (Microsoft Corporation -> Microsoft Corporation) Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2021-04-09] (Microsoft Corporation -> Microsoft Corporation) Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2021-04-09] (Microsoft Corporation -> Microsoft Corporation) Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2021-04-09] (Microsoft Corporation -> Microsoft Corporation) Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2021-04-09] (Microsoft Corporation -> Microsoft Corporation) ==================== Hosts - zawartość: ========================= (Użycie dyrektywy Hosts: w fixlist spowoduje reset pliku Hosts.) 2018-09-15 09:31 - 2018-09-15 09:31 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts ==================== Inne obszary =========================== (Obecnie brak automatycznej naprawy dla tej sekcji.) HKU\S-1-5-21-3189969117-2522396855-332772548-1001\Control Panel\Desktop\\Wallpaper -> C:\Windows\web\wallpaper\Windows\img0.jpg HKU\S-1-5-21-3189969117-2522396855-332772548-1002\Control Panel\Desktop\\Wallpaper -> C:\Windows\web\wallpaper\Windows\img0.jpg DNS Servers: 192.168.1.1 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1) HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: ) Zapora systemu Windows [funkcja włączona] ==================== MSCONFIG/TASK MANAGER - Wyłączone elementy == (Załączenie wejścia w fixlist spowoduje jego usunięcie.) HKLM\...\StartupApproved\Run: => "Logitech Download Assistant" HKLM\...\StartupApproved\Run: => "OODITRAY.EXE" HKLM\...\StartupApproved\Run32: => "Live Update" HKLM\...\StartupApproved\Run32: => "MSIRegister" HKU\S-1-5-21-3189969117-2522396855-332772548-1001\...\StartupApproved\Run: => "CCleaner Smart Cleaning" HKU\S-1-5-21-3189969117-2522396855-332772548-1001\...\StartupApproved\Run: => "OneDrive" HKU\S-1-5-21-3189969117-2522396855-332772548-1002\...\StartupApproved\Run: => "CCleaner Smart Cleaning" HKU\S-1-5-21-3189969117-2522396855-332772548-1002\...\StartupApproved\Run: => "OneDrive" HKU\S-1-5-21-3189969117-2522396855-332772548-1002\...\StartupApproved\Run: => "Polar FlowSync" ==================== Reguły Zapory systemu Windows (filtrowane) ================ (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) FirewallRules: [{7F9711F3-0594-43F9-9807-714C7AD3D87D}] => (Allow) LPort=5354 FirewallRules: [{6EC35960-FAC5-462E-A08E-1612924515AD}] => (Allow) LPort=5354 FirewallRules: [{66993F51-EED3-41B2-B93A-C4788EFA5F2D}] => (Allow) LPort=5354 FirewallRules: [{B0BFBBF1-D0A9-46E8-AA0C-A2581B73F281}] => (Allow) LPort=5354 FirewallRules: [UDP Query User{8E71CC59-BB16-488F-8CDF-B4F1D2801A0B}C:\games\farming simulator 19\x64\farmingsimulator2019game.exe] => (Block) C:\games\farming simulator 19\x64\farmingsimulator2019game.exe (GIANTS Software GmbH) [Brak podpisu cyfrowego] FirewallRules: [TCP Query User{573B035E-A208-400B-9FA9-21164177FA2E}C:\games\farming simulator 19\x64\farmingsimulator2019game.exe] => (Block) C:\games\farming simulator 19\x64\farmingsimulator2019game.exe (GIANTS Software GmbH) [Brak podpisu cyfrowego] FirewallRules: [{D1A57FA4-028A-493D-9286-AB17BA22903F}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation) FirewallRules: [{8F2F05D5-08D4-4D71-8027-6E2C190ABE19}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation) FirewallRules: [{46A482A2-EBB4-46E2-BBD7-51FC19053197}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [{07F65FE7-BA2B-4CF5-8060-6B490EE1076A}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [{D451F3FA-8499-49B0-A133-917F7BD92057}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [{5E1445AA-7CAC-4C7B-9F5A-36792ABB6387}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [TCP Query User{10AEDA31-4076-4F32-8196-9B8E2734F73E}C:\games\the sims 4\game\bin\ts4_x64.exe] => (Allow) C:\games\the sims 4\game\bin\ts4_x64.exe (Electronic Arts, Inc. -> Electronic Arts Inc.) [Brak podpisu cyfrowego] FirewallRules: [UDP Query User{7FB4AC92-C733-482D-9DE3-B3C6E72C53A9}C:\games\the sims 4\game\bin\ts4_x64.exe] => (Allow) C:\games\the sims 4\game\bin\ts4_x64.exe (Electronic Arts, Inc. -> Electronic Arts Inc.) [Brak podpisu cyfrowego] FirewallRules: [TCP Query User{6D78E832-E843-4657-8E16-BB4C77DECEC3}C:\program files (x86)\need for speed most wanted limited edition\nfs13.exe] => (Allow) C:\program files (x86)\need for speed most wanted limited edition\nfs13.exe (Electronic Arts) [Brak podpisu cyfrowego] FirewallRules: [UDP Query User{DEE68BAA-4EEC-472B-B838-7CFC77B8E64E}C:\program files (x86)\need for speed most wanted limited edition\nfs13.exe] => (Allow) C:\program files (x86)\need for speed most wanted limited edition\nfs13.exe (Electronic Arts) [Brak podpisu cyfrowego] FirewallRules: [TCP Query User{F5962DBC-4DAC-4E98-9D31-4585D473083D}C:\program files (x86)\arduino\java\bin\javaw.exe] => (Allow) C:\program files (x86)\arduino\java\bin\javaw.exe FirewallRules: [UDP Query User{A4217F74-5B3B-4587-B485-DAAB10D1DBCB}C:\program files (x86)\arduino\java\bin\javaw.exe] => (Allow) C:\program files (x86)\arduino\java\bin\javaw.exe FirewallRules: [{42C427A0-B5E4-4F61-A9F0-5CAB142F7ED0}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [{D79AD028-114B-4E24-8700-8705AB6E5409}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.68.96.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.) FirewallRules: [{49CB427B-07B1-43C3-9E49-6ED0AE5994F0}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.68.96.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.) FirewallRules: [{606843EE-7E67-410C-88A9-68494DB4FFF5}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.68.96.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.) FirewallRules: [{8F546F4B-0C09-4EF9-B34A-8119BD4AA998}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.68.96.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.) ==================== Punkty Przywracania systemu ========================= 07-04-2021 08:44:39 Zaplanowany punkt kontrolny 14-04-2021 09:38:17 Zaplanowany punkt kontrolny 23-04-2021 10:25:45 Zaplanowany punkt kontrolny ==================== Wadliwe urządzenia w Menedżerze urządzeń ============ ==================== Błędy w Dzienniku zdarzeń: ======================== Dziennik Aplikacja: ================== Error: (04/23/2021 09:45:49 AM) (Source: System Restore) (EventID: 8211) (User: ) Description: Nie można utworzyć zaplanowanego punktu przywracania. Informacje dodatkowe: (0x80042319). Error: (04/23/2021 09:45:49 AM) (Source: System Restore) (EventID: 8193) (User: ) Description: Nie można utworzyć punktu przywracania (Proces = C:\WINDOWS\system32\srtasks.exe ExecuteScheduledSPPCreation; Opis = Zaplanowany punkt kontrolny; Błąd = 0x80042319). Error: (04/23/2021 09:45:49 AM) (Source: SPP) (EventID: 16387) (User: ) Description: Moduł zapisujący MSSearch Service Writer napotkał błąd podczas tworzenia migawki. Więcej informacji: . Error: (04/23/2021 08:17:02 AM) (Source: Microsoft-Windows-Defrag) (EventID: 264) (User: ) Description: Optymalizator magazynów nie może zakończyć operacji ograniczenie ponowne na Nowy (E:) z następującego powodu: Żądana operacja nie jest obsługiwana przez sprzęt obsługujący wolumin. (0x8900002A) Error: (04/23/2021 08:11:35 AM) (Source: Microsoft-Windows-Defrag) (EventID: 264) (User: ) Description: Optymalizator magazynów nie może zakończyć operacji ograniczenie ponowne na Nowy (E:) z następującego powodu: Żądana operacja nie jest obsługiwana przez sprzęt obsługujący wolumin. (0x8900002A) Error: (04/22/2021 08:15:36 PM) (Source: Microsoft-Windows-Defrag) (EventID: 264) (User: ) Description: Optymalizator magazynów nie może zakończyć operacji ograniczenie ponowne na Nowy (E:) z następującego powodu: Żądana operacja nie jest obsługiwana przez sprzęt obsługujący wolumin. (0x8900002A) Error: (04/22/2021 08:01:55 PM) (Source: Microsoft-Windows-Defrag) (EventID: 264) (User: ) Description: Optymalizator magazynów nie może zakończyć operacji ograniczenie ponowne na Nowy (E:) z następującego powodu: Żądana operacja nie jest obsługiwana przez sprzęt obsługujący wolumin. (0x8900002A) Error: (04/22/2021 07:55:11 PM) (Source: Microsoft-Windows-Defrag) (EventID: 264) (User: ) Description: Optymalizator magazynów nie może zakończyć operacji ograniczenie ponowne na Nowy (E:) z następującego powodu: Żądana operacja nie jest obsługiwana przez sprzęt obsługujący wolumin. (0x8900002A) Dziennik System: ============= Error: (04/23/2021 08:39:21 PM) (Source: DCOM) (EventID: 10000) (User: ZARZĄDZANIE NT) Description: Nie można uruchomić serwera DCOM: {0823B6F8-F499-4D5E-B885-EA9CB4F43B24}. Błąd: 2147943792 Błąd wystąpił podczas uruchamiania polecenia: C:\WINDOWS\winsxs\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_10.0.19041.680_none_e72768c3263f99bc\TiWorker.exe -Embedding Error: (04/23/2021 08:39:20 PM) (Source: DCOM) (EventID: 10000) (User: ZARZĄDZANIE NT) Description: Nie można uruchomić serwera DCOM: {0823B6F8-F499-4D5E-B885-EA9CB4F43B24}. Błąd: 2147943792 Błąd wystąpił podczas uruchamiania polecenia: C:\WINDOWS\winsxs\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_10.0.19041.680_none_e72768c3263f99bc\TiWorker.exe -Embedding Error: (04/23/2021 08:39:19 PM) (Source: DCOM) (EventID: 10000) (User: ZARZĄDZANIE NT) Description: Nie można uruchomić serwera DCOM: {0823B6F8-F499-4D5E-B885-EA9CB4F43B24}. Błąd: 2147943792 Błąd wystąpił podczas uruchamiania polecenia: C:\WINDOWS\winsxs\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_10.0.19041.680_none_e72768c3263f99bc\TiWorker.exe -Embedding Error: (04/23/2021 08:39:18 PM) (Source: DCOM) (EventID: 10000) (User: ZARZĄDZANIE NT) Description: Nie można uruchomić serwera DCOM: {0823B6F8-F499-4D5E-B885-EA9CB4F43B24}. Błąd: 2147943792 Błąd wystąpił podczas uruchamiania polecenia: C:\WINDOWS\winsxs\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_10.0.19041.680_none_e72768c3263f99bc\TiWorker.exe -Embedding Error: (04/23/2021 08:39:17 PM) (Source: DCOM) (EventID: 10000) (User: ZARZĄDZANIE NT) Description: Nie można uruchomić serwera DCOM: {0823B6F8-F499-4D5E-B885-EA9CB4F43B24}. Błąd: 2147943792 Błąd wystąpił podczas uruchamiania polecenia: C:\WINDOWS\winsxs\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_10.0.19041.680_none_e72768c3263f99bc\TiWorker.exe -Embedding Error: (04/23/2021 08:39:15 PM) (Source: DCOM) (EventID: 10000) (User: ZARZĄDZANIE NT) Description: Nie można uruchomić serwera DCOM: {0823B6F8-F499-4D5E-B885-EA9CB4F43B24}. Błąd: 2147943792 Błąd wystąpił podczas uruchamiania polecenia: C:\WINDOWS\winsxs\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_10.0.19041.680_none_e72768c3263f99bc\TiWorker.exe -Embedding Error: (04/23/2021 08:39:14 PM) (Source: DCOM) (EventID: 10000) (User: ZARZĄDZANIE NT) Description: Nie można uruchomić serwera DCOM: {0823B6F8-F499-4D5E-B885-EA9CB4F43B24}. Błąd: 2147943792 Błąd wystąpił podczas uruchamiania polecenia: C:\WINDOWS\winsxs\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_10.0.19041.680_none_e72768c3263f99bc\TiWorker.exe -Embedding Error: (04/23/2021 08:39:13 PM) (Source: DCOM) (EventID: 10000) (User: ZARZĄDZANIE NT) Description: Nie można uruchomić serwera DCOM: {0823B6F8-F499-4D5E-B885-EA9CB4F43B24}. Błąd: 2147943792 Błąd wystąpił podczas uruchamiania polecenia: C:\WINDOWS\winsxs\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_10.0.19041.680_none_e72768c3263f99bc\TiWorker.exe -Embedding CodeIntegrity: =============== Date: 2021-04-23 20:03:50 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\ESET\ESET Security\ecmds.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2021-04-23 20:03:50 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\ESET\ESET Security\eamsi.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. ==================== Statystyki pamięci =========================== BIOS: American Megatrends Inc. P2.60 03/07/2018 Płyta główna: ASRock Z97 Pro4 Procesor: Intel(R) Core(TM) i7-4790K CPU @ 4.00GHz Procent pamięci w użyciu: 16% Całkowita pamięć fizyczna: 32718.68 MB Dostępna pamięć fizyczna: 27204.04 MB Całkowita pamięć wirtualna: 37582.68 MB Dostępna pamięć wirtualna: 29344.34 MB ==================== Dyski ================================ Drive c: () (Fixed) (Total:222.51 GB) (Free:51.77 GB) NTFS Drive e: (Nowy) (Fixed) (Total:1863.01 GB) (Free:1240.9 GB) NTFS Drive f: (Zastrzeżone przez system) (Fixed) (Total:0.54 GB) (Free:0.5 GB) NTFS ==>[system z komponentami startowymi (pozyskano odczytując dysk)] \\?\Volume{a9d17743-0000-0000-0000-d0c237000000}\ () (Fixed) (Total:0.52 GB) (Free:0.09 GB) NTFS ==================== MBR & Tablica partycji ==================== ========================================================== Disk: 0 (MBR Code: Windows 7/8/10) (Size: 223.6 GB) (Disk ID: A9D17743) Partition 1: (Active) - (Size=549 MB) - (Type=07 NTFS) Partition 2: (Not Active) - (Size=222.5 GB) - (Type=07 NTFS) Partition 3: (Not Active) - (Size=537 MB) - (Type=27) ========================================================== Disk: 1 (MBR Code: Windows 7/8/10) (Size: 1863 GB) (Disk ID: 833466D2) Partition 1: (Not Active) - (Size=1863 GB) - (Type=07 NTFS) ==================== Koniec Addition.txt =======================