Rezultaty skanu uzupełniającego Farbar Recovery Scan Tool (x64) Wersja: 04-07-2021 Uruchomiony przez Patryk (04-07-2021 13:19:51) Uruchomiony z C:\Users\Patryk\Downloads\farbar Windows 7 Professional Service Pack 1 (X64) (2020-11-10 09:16:47) Tryb startu: Normal ========================================================== ==================== Konta użytkowników: ============================= (Załączenie wejścia w fixlist spowoduje jego usunięcie.) Administrator (S-1-5-21-3725637032-4102558920-3925882777-500 - Administrator - Disabled) Gość (S-1-5-21-3725637032-4102558920-3925882777-501 - Limited - Disabled) HomeGroupUser$ (S-1-5-21-3725637032-4102558920-3925882777-1002 - Limited - Enabled) Patryk (S-1-5-21-3725637032-4102558920-3925882777-1003 - Administrator - Enabled) => C:\Users\Patryk ==================== Centrum zabezpieczeń ======================== (Załączenie wejścia w fixlist spowoduje jego usunięcie.) AS: Windows Defender (Enabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} ==================== Zainstalowane programy ====================== (W fixlist dozwolone tylko załączanie programów adware z flagą "Hidden" w celu ich uwidocznienia. Programy adware powinny zostać w poprawny sposób odinstalowane.) 7-Zip 19.00 (x64) (HKLM\...\7-Zip) (Version: 19.00 - Igor Pavlov) Adobe Acrobat Reader DC - Polish (HKLM-x32\...\{AC76BA86-7AD7-1045-7B44-AC0F074E4100}) (Version: 21.005.20048 - Adobe Systems Incorporated) AIMP (HKLM-x32\...\AIMP) (Version: v4.70.2233, 08.10.2020 - AIMP DevTeam) AMD Catalyst Install Manager (HKLM\...\{5AF0B1A8-1EF7-0FF7-5504-4983FB76F914}) (Version: 3.0.847.0 - Advanced Micro Devices, Inc.) Audacity 2.4.1 (HKLM-x32\...\Audacity_is1) (Version: 2.4.1 - Audacity Team) AuthenTec Fingerprint Driver (HKLM\...\{89585C33-E934-463E-91E1-B0CF090FEC53}) (Version: 1.6.2.0350 - AuthenTec) Hidden AuthenTec WinBio FingerPrint Software 64-bit (HKLM\...\{F888B1E9-64E3-479D-91DB-2D9193C39535}) (Version: 3.4.2.1016 - AuthenTec, Inc.) Hidden Camtasia Studio 8 (HKLM-x32\...\{1B57499B-1BEB-426A-A406-D9D004A1D2CE}) (Version: 8.5.0.1954 - TechSmith Corporation) CubeDesktop 1.3.1 (HKLM-x32\...\CubeDesktop) (Version: 1.3.1 - Thinking Minds Building Bytes) Diablo wersja 1.09 (HKLM-x32\...\{6B8488BE-A69B-4E84-AFA7-06467063E217}_is1) (Version: 1.09 - kamil9489) EaseUS Partition Master 10.5 Trial Edition (HKLM-x32\...\EaseUS Partition Master Trial Edition_is1) (Version: - EaseUS) easySoft-Pro 6 Demo (HKLM-x32\...\{CF90BA6B-2DA4-4BED-9F55-629BE9B7EE00}) (Version: 6.90.5193 - Eaton Industries GmbH) e-file [ID] wersja 1.2.2.0 (HKU\S-1-5-21-3725637032-4102558920-3925882777-1003\...\{EF9A27D3-62E7-473E-9D32-23653A0F6CBB}_is1) (Version: 1.2.2.0 - e-file sp. z o.o. sp. k.) e-pity 12.2.1 za rok 2020 (HKLM-x32\...\{80D8170E-5590-218-B9ED-E24E4C99A11D}_is1) (Version: 12.2.1 - e-file sp. z o.o. sp.k.) Festo FluidSim 3.6 (HKLM-x32\...\Festo Fluidsim_is1) (Version: - My Company, Inc.) Fraps (remove only) (HKLM-x32\...\Fraps) (Version: - ) Git version 2.29.2.2 (HKLM\...\Git_is1) (Version: 2.29.2.2 - The Git Development Community) GitHub Desktop (HKU\S-1-5-21-3725637032-4102558920-3925882777-1003\...\GitHubDesktop) (Version: 2.6.1 - GitHub, Inc.) Google Chrome (HKLM\...\{86A338A7-D098-395A-AE9D-DB272367A329}) (Version: 88.0.4324.150 - Google LLC) Google Earth (HKLM-x32\...\{F6430171-B86B-4639-839E-374913E7911D}) (Version: 7.1.8.3036 - Google) IDT Audio (HKLM-x32\...\{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}) (Version: 1.0.6365.0 - IDT) Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 9.17.10.4229 - Intel Corporation) Intel(R) SDK for OpenCL - CPU Only Runtime Package (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 2.0.0.37149 - Intel Corporation) IrfanView 4.56 (32-bit) (HKLM-x32\...\IrfanView) (Version: 4.56 - Irfan Skiljan) ISO Workshop 5.2 (HKLM-x32\...\ISO Workshop_is1) (Version: - Glorylogic) LibreOffice 5.4.3.2 (HKLM-x32\...\{CAE1C579-A42B-4A1E-9765-9D6648EFBD25}) (Version: 5.4.3.2 - The Document Foundation) Lightspark (HKLM-x32\...\Lightspark) (Version: 0.8.4-git - The Lightspark Developers) Microsoft .NET Framework 4.8 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.8.03761 - Microsoft Corporation) Microsoft .NET Framework 4.8 (Polski) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1045) (Version: 4.8.03761 - Microsoft Corporation) Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 91.0.864.64 - Microsoft Corporation) Microsoft Virtual PC 2007 (HKLM\...\{8A7CAA24-7B23-410B-A7C3-F994B0944160}) (Version: 6.0.156.0 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) - KB2467175 (HKLM\...\{aac9fcc4-dd9e-4add-901c-b5496a07ab2e}) (Version: 8.0.51011 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{CA8A885F-E95B-3FC6-BB91-F4D9377C7686}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.51106 (HKLM-x32\...\{6e8f74e0-43bd-4dce-8477-6ff6828acc07}) (Version: 11.0.51106.1 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.51106 (HKLM-x32\...\{8e70e4e1-06d7-470b-9f74-a51bef21088e}) (Version: 11.0.51106.1 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24212 (HKLM-x32\...\{323dad84-0974-4d90-a1c1-e006c7fdbb7d}) (Version: 14.0.24212.0 - Microsoft Corporation) Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM-x32\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation) Microsoft Visual Studio Code (User) (HKU\S-1-5-21-3725637032-4102558920-3925882777-1003\...\{771FD6B0-FA20-440A-A002-3B3BAC16DC50}_is1) (Version: 1.52.1 - Microsoft Corporation) Mozilla Firefox 89.0.2 (x64 pl) (HKLM\...\Mozilla Firefox 89.0.2 (x64 pl)) (Version: 89.0.2 - Mozilla) Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 83.0 - Mozilla) O2Micro OZ776 SCR Driver (HKLM-x32\...\{171A512C-C62B-4C6B-8FAD-5BB340695C1A}) (Version: 1.1.4.223 - O2Micro International LTD.) Hidden O2Micro OZ776 SCR Driver (HKLM-x32\...\InstallShield_{171A512C-C62B-4C6B-8FAD-5BB340695C1A}) (Version: 1.1.4.223 - O2Micro International LTD.) Hidden Oprogramowanie mikroukładu Intel® (HKLM-x32\...\{b2573549-8593-4d8d-b795-d0eed7b6d412}) (Version: 10.1.1.45 - Intel(R) Corporation) Populous - The Beginning (HKLM-x32\...\Populous - The Beginning_is1) (Version: - GOG.com) PyCharm Community Edition 2020.1.2 (HKLM-x32\...\PyCharm Community Edition 2020.1.2) (Version: 201.7846.77 - JetBrains s.r.o.) Python 3.8.2 Core Interpreter (64-bit) (HKLM\...\{AD923240-0ACE-45C9-8749-05BF77AAE101}) (Version: 3.8.2150.0 - Python Software Foundation) Hidden Python 3.8.2 Development Libraries (64-bit) (HKLM\...\{BDFB7011-0AB2-440F-8F00-32AF7A9ED1ED}) (Version: 3.8.2150.0 - Python Software Foundation) Hidden Python 3.8.2 Documentation (64-bit) (HKLM\...\{65B0F976-5151-427E-95B4-2320DC64F91E}) (Version: 3.8.2150.0 - Python Software Foundation) Hidden Python 3.8.2 Executables (64-bit) (HKLM\...\{A36C1168-60E6-42E4-93DB-6BE8C6DD9DD6}) (Version: 3.8.2150.0 - Python Software Foundation) Hidden Python 3.8.2 pip Bootstrap (64-bit) (HKLM\...\{8EEE042B-6EAF-4171-BA6E-01319ED99DA8}) (Version: 3.8.2150.0 - Python Software Foundation) Hidden Python 3.8.2 Standard Library (64-bit) (HKLM\...\{33F9B46C-EB19-4BB7-ABFA-F8C71B73E9A4}) (Version: 3.8.2150.0 - Python Software Foundation) Hidden Python 3.8.2 Tcl/Tk Support (64-bit) (HKLM\...\{FCA1EB7D-2F62-4659-AA5F-42C37CE5D3CB}) (Version: 3.8.2150.0 - Python Software Foundation) Hidden Python 3.8.2 Test Suite (64-bit) (HKLM\...\{F6DA05CF-67B5-47D0-ABD4-371C80BA0717}) (Version: 3.8.2150.0 - Python Software Foundation) Hidden Python 3.8.2 Utility Scripts (64-bit) (HKLM\...\{52AB506A-EC3C-4060-9EBF-6A975994CB35}) (Version: 3.8.2150.0 - Python Software Foundation) Hidden Python 3.8.6 (64-bit) (HKU\S-1-5-21-3725637032-4102558920-3925882777-1003\...\{fef707d7-d438-4dd9-bb0f-5788ee658f4f}) (Version: 3.8.6150.0 - Python Software Foundation) Python 3.8.6 Add to Path (64-bit) (HKLM\...\{0CD35A78-6567-46C1-BC82-E258D6C3D66C}) (Version: 3.8.6150.0 - Python Software Foundation) Hidden Python 3.8.6 Core Interpreter (64-bit) (HKLM\...\{DE282FFC-F4AD-416A-8479-F3C72F94C967}) (Version: 3.8.6150.0 - Python Software Foundation) Hidden Python 3.8.6 Development Libraries (64-bit) (HKLM\...\{59704C10-77A1-4D72-A97B-8FB2A933985B}) (Version: 3.8.6150.0 - Python Software Foundation) Hidden Python 3.8.6 Documentation (64-bit) (HKLM\...\{558E2EFE-87D5-4E3F-B050-D4DEC548EA02}) (Version: 3.8.6150.0 - Python Software Foundation) Hidden Python 3.8.6 Executables (64-bit) (HKLM\...\{7F55BD37-4437-47EE-8C82-3103E19DB114}) (Version: 3.8.6150.0 - Python Software Foundation) Hidden Python 3.8.6 pip Bootstrap (64-bit) (HKLM\...\{28B1EC39-1C9F-482C-BFF7-4D347CE5ADED}) (Version: 3.8.6150.0 - Python Software Foundation) Hidden Python 3.8.6 Standard Library (64-bit) (HKLM\...\{04BA74DE-13BE-477C-8FE5-19F247C0D555}) (Version: 3.8.6150.0 - Python Software Foundation) Hidden Python 3.8.6 Tcl/Tk Support (64-bit) (HKLM\...\{79C40B8F-BC99-4FFF-8E1E-F05D246E772C}) (Version: 3.8.6150.0 - Python Software Foundation) Hidden Python 3.8.6 Test Suite (64-bit) (HKLM\...\{3968C4C7-904D-4571-BC22-1CD8B87549D7}) (Version: 3.8.6150.0 - Python Software Foundation) Hidden Python 3.8.6 Utility Scripts (64-bit) (HKLM\...\{0A041F8F-4124-46CC-B021-AB8E70A873EC}) (Version: 3.8.6150.0 - Python Software Foundation) Hidden Python Launcher (HKLM-x32\...\{3B82A91D-DB48-4160-94D2-0B8C6D2B1710}) (Version: 3.8.7205.0 - Python Software Foundation) Rayman Forever (HKLM-x32\...\Rayman Forever_is1) (Version: - GOG.com) Security Innovation TSS (HKLM\...\{0C11FE22-53F2-4C9B-9E79-824B10D0976E}) (Version: 2.1.42 - Security Innovation) Hidden ST Microelectronics 3 Axis Digital Accelerometer Solution (HKLM-x32\...\{9C24F411-9CA7-4A8A-91F3-F08A4A38EB31}) (Version: 4.10.0067 - ST Microelectronics) Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation) TI USB 3.0 Host Controller Driver (HKLM-x32\...\InstallShield_{355FBD67-5A4F-44DA-86A1-56EEC4C20EC0}) (Version: 1.12.18.0 - Texas Instruments Inc.) TI USB3 Host Driver (HKLM-x32\...\{355FBD67-5A4F-44DA-86A1-56EEC4C20EC0}) (Version: 1.12.18.0 - Texas Instruments Inc.) Hidden TI USB3 Host Driver (HKLM-x32\...\{B1EB7FFF-6E44-43D8-869D-B78E44CD3E0F}) (Version: 1.12.14.0 - Texas Instruments Inc.) Hidden Validity WBF DDK 495 (HKLM\...\{F622E82E-AFFA-4784-A08F-74311F5716CA}) (Version: 4.5.238.0 - Validity Sensors, Inc.) Virtual Plastic Surgery Software - VPSS v1.0 (HKLM-x32\...\Virtual Plastic Surgery Software - VPSS_is1) (Version: 1.0.0.1484 - Kaeria SARL) VLC media player (HKLM\...\VLC media player) (Version: 3.0.11 - VideoLAN) Windows 7 Games for Windows 10 and 8 (HKLM\...\Win7Games) (Version: 2.0 - hxxp://winaero.com) WinRAR 4.20 (32-bitowy) (HKLM-x32\...\WinRAR archiver) (Version: 4.20.0 - win.rar GmbH) ==================== Niestandardowe rejestracje CLSID (filtrowane): ============== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2019-02-21] (Igor Pavlov) [Brak podpisu cyfrowego] ContextMenuHandlers1: [AIMP] -> {1F77B17B-F531-44DB-ACA4-76ABB5010A28} => C:\Program Files (x86)\AIMP3\System\aimp_menu64.dll [2020-11-10] (IP Izmaylov Artem Andreevich -> AIMP DevTeam) ContextMenuHandlers1: [WinCDEmu] -> {D0E37FD2-F675-426F-B09A-2CF37BA46FD5} => C:\Program Files (x86)\WinCDEmu\x64\WinCDEmuContextMenu.dll [2015-09-28] (Sysprogs OU) [Brak podpisu cyfrowego] ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext64.dll [2012-06-30] (Alexander Roshal) [Brak podpisu cyfrowego] ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext.dll [2012-06-09] (Alexander Roshal) [Brak podpisu cyfrowego] ContextMenuHandlers2: [WinCDEmu] -> {A9901FCD-B4DF-43A1-BD5D-6C9F88679497} => C:\Program Files (x86)\WinCDEmu\x64\WinCDEmuContextMenu.dll [2015-09-28] (Sysprogs OU) [Brak podpisu cyfrowego] ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2019-02-21] (Igor Pavlov) [Brak podpisu cyfrowego] ContextMenuHandlers4: [AIMP] -> {1F77B17B-F531-44DB-ACA4-76ABB5010A28} => C:\Program Files (x86)\AIMP3\System\aimp_menu64.dll [2020-11-10] (IP Izmaylov Artem Andreevich -> AIMP DevTeam) ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => C:\Windows\system32\igfxpph.dll [2015-05-26] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation) ContextMenuHandlers6: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2019-02-21] (Igor Pavlov) [Brak podpisu cyfrowego] ContextMenuHandlers6: [WinCDEmu] -> {A9901FCD-B4DF-43A1-BD5D-6C9F88679497} => C:\Program Files (x86)\WinCDEmu\x64\WinCDEmuContextMenu.dll [2015-09-28] (Sysprogs OU) [Brak podpisu cyfrowego] ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext64.dll [2012-06-30] (Alexander Roshal) [Brak podpisu cyfrowego] ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext.dll [2012-06-09] (Alexander Roshal) [Brak podpisu cyfrowego] ==================== Codecs (filtrowane) ==================== (Załączenie wejścia w fixlist spowoduje usunięcie obiektu z rejestru lub przywrócenie jego domyślnej postaci. Powiązany plik nie zostanie przeniesiony.) HKLM\...\Drivers32: [VIDC.FPS1] => C:\Windows\system32\frapsv64.dll [105984 2019-08-30] (Beepa P/L) [Brak podpisu cyfrowego] HKLM\...\Drivers32: [VIDC.FPS1] => C:\Windows\SysWOW64\frapsvid.dll [94208 2019-08-30] (Beepa P/L) [Brak podpisu cyfrowego] ==================== Skróty & WMI ======================== (Wybrane wejścia mogą zostać załączone w celu ich zresetowania lub usunięcia.) WMI:subscription\__FilterToConsumerBinding->CommandLineEventConsumer.Name=\"BVTConsumer\"",Filter="__EventFilter.Name=\"BVTFilter\":: WMI:subscription\__EventFilter->BVTFilter::[Query => SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99] WMI:subscription\CommandLineEventConsumer->BVTConsumer::[CommandLineTemplate => cscript KernCap.vbs][WorkingDirectory => C:\\tools\\kernrate] ==================== Załadowane moduły (filtrowane) ============= 2020-11-10 14:21 - 2020-11-10 14:20 - 000068608 _____ (Andrea Electronics Corporation) [Brak podpisu cyfrowego] C:\Windows\system32\AESTAR64.dll 2020-11-10 14:21 - 2020-11-10 14:20 - 000874496 _____ (Creative Technology Ltd.) [Brak podpisu cyfrowego] C:\Windows\system32\imapo64.dll 2020-11-10 14:21 - 2020-11-10 14:20 - 000390656 _____ (Creative Technology Ltd.) [Brak podpisu cyfrowego] C:\Windows\system32\imthx64.dll 2021-01-16 14:04 - 2020-11-10 14:20 - 004113408 _____ (IDT, Inc.) [Brak podpisu cyfrowego] C:\Program Files\IDT\WDM\STLang64.dll 2020-11-10 14:20 - 2020-11-10 14:20 - 000655872 ____N (IDT, Inc.) [Brak podpisu cyfrowego] C:\Windows\system32\stapi64.dll 2020-11-10 14:20 - 2020-11-10 14:20 - 001966080 _____ (IDT, Inc.) [Brak podpisu cyfrowego] C:\Windows\system32\stapo64.dll 2013-04-23 16:49 - 2013-04-23 16:49 - 000402944 _____ (Motorola Solutions, Inc.) [Brak podpisu cyfrowego] C:\Windows\system32\mbtleapi.dll 2020-11-10 14:20 - 2020-11-10 14:20 - 000455168 _____ (SRS Labs, Inc.) [Brak podpisu cyfrowego] C:\Windows\system32\SRSLabs\{176F4E15-8F7C-4833-ADED-81FAE8CCD186}\slapoi64.dll 2017-11-19 09:05 - 2017-11-19 09:05 - 002122752 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [Brak podpisu cyfrowego] C:\Program Files (x86)\WinXT\blog\dezember\LIBEAY32.dll 2017-11-19 09:05 - 2017-11-19 09:05 - 000359936 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [Brak podpisu cyfrowego] C:\Program Files (x86)\WinXT\blog\dezember\SSLEAY32.dll ==================== Alternate Data Streams (filtrowane) ======== ==================== Tryb awaryjny (filtrowane) ================== ==================== Powiązania plików (filtrowane) ================= ==================== Internet Explorer (Wersja 11) (filtrowane) ========== HKU\S-1-5-21-3725637032-4102558920-3925882777-1003\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://securesearch.org/homepage?hp=2&pId=BC180101&iDate=2021-02-10 12:07:21&iid=dd3fccea-c12b-4ab4-a0f7-3f3931a0d5f4&bName= SearchScopes: HKU\S-1-5-21-3725637032-4102558920-3925882777-1003 -> {993F5746-4C15-42BC-99C1-064A1764271B} URL = hxxps://securesearch.org?q={searchTerms} (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru.) IE trusted site: HKU\S-1-5-21-3725637032-4102558920-3925882777-1003\...\localhost -> localhost IE trusted site: HKU\S-1-5-21-3725637032-4102558920-3925882777-1003\...\webcompanion.com -> hxxp://webcompanion.com ==================== Hosts - zawartość: ========================= (Użycie dyrektywy Hosts: w fixlist spowoduje reset pliku Hosts.) 2009-07-14 04:34 - 2009-06-10 23:00 - 000000824 _____ C:\Windows\system32\drivers\etc\hosts ==================== Inne obszary =========================== (Obecnie brak automatycznej naprawy dla tej sekcji.) HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> c:\Program Files (x86)\AMD APP\bin\x86_64;c:\Program Files (x86)\AMD APP\bin\x86;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\Intel\OpenCL SDK\2.0\bin\x86;C:\Program Files (x86)\Intel\OpenCL SDK\2.0\bin\x64;C:\Users\ADMIN.DELL-VOSTRO3550.001\AppData\Local\Programs\Python\Python38;C:\Users\ADMIN\AppData\Local\Programs\Python\Python38\Scripts;C:\Program Files\Git\cmd;C:\Program Files\Dell\Dell Data Protection\Drivers\TSS\bin\ HKU\S-1-5-21-3725637032-4102558920-3925882777-1003\Control Panel\Desktop\\Wallpaper -> C:\Users\Patryk\AppData\Roaming\Thinking Minds Budiling Bytes\CubeDesktop\Wallpapers\system.bmp DNS Servers: 192.168.1.1 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1) Zapora systemu Windows [funkcja włączona] ==================== MSCONFIG/TASK MANAGER - Wyłączone elementy == ==================== Reguły Zapory systemu Windows (filtrowane) ================ (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) FirewallRules: [SPPSVC-In-TCP] => (Allow) C:\Windows\system32\sppsvc.exe (Microsoft Windows -> Microsoft Corporation) FirewallRules: [SPPSVC-In-TCP-NoScope] => (Allow) C:\Windows\system32\sppsvc.exe (Microsoft Windows -> Microsoft Corporation) FirewallRules: [{3C641D0C-3715-41DD-8B67-B5597E449FBB}] => (Allow) LPort=53 FirewallRules: [{0F0496D2-EC88-44EE-978F-E324C640AE9C}] => (Allow) C:\PROGRA~2\REALTEK\USBWIR~2\RtWlan.exe => Brak pliku FirewallRules: [{94B92244-3B97-423E-AD51-86A32D4B76C8}] => (Allow) C:\PROGRA~2\REALTEK\USBWIR~2\Rtldhcp.exe => Brak pliku FirewallRules: [{1FEB91E9-A0CB-4A12-93AE-FDB250F96D79}] => (Allow) LPort=1542 FirewallRules: [{9026C819-EDB4-43F7-A37F-142065969FD3}] => (Allow) LPort=53 FirewallRules: [{D5AABED8-8984-4412-90F9-D2DBFB470B68}] => (Allow) LPort=1542 FirewallRules: [{D8C43474-631F-4299-A760-E94C45E19D7A}] => (Allow) C:\Program Files (x86)\Realtek\USB Wireless LAN Utility\RTLDHCP.exe => Brak pliku FirewallRules: [{0DF899A3-3996-4748-8EBA-D04A6539675C}] => (Allow) C:\Program Files (x86)\Realtek\USB Wireless LAN Utility\RTLDHCP.exe => Brak pliku FirewallRules: [{53E3B454-CFD7-44D3-A5C5-46C2845ED479}] => (Allow) C:\Program Files (x86)\Realtek\USB Wireless LAN Utility\RTLDHCP.exe => Brak pliku FirewallRules: [{0ED4C5CD-62A1-4A31-AF04-B2ED5B97EF5E}] => (Allow) C:\Program Files (x86)\Realtek\USB Wireless LAN Utility\RTLDHCP.exe => Brak pliku FirewallRules: [{025848D7-339A-4ECA-8A3B-35D064CB15A1}] => (Allow) C:\Users\ADMIN\AppData\Local\Temp\DriverPack-20201110122243\tools\aria2c.exe => Brak pliku FirewallRules: [{A2FD8610-8C5A-46CE-800F-ABE1E0AAF5F5}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation) FirewallRules: [{5256CD42-2CC5-4297-A469-0C4557FF50D2}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation) FirewallRules: [{E9DFD65B-AD87-4D65-A661-23BC5FED124F}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe (Valve -> Valve Corporation) FirewallRules: [{EBC376F4-445E-4457-9B5C-F9F2C23E8A57}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe (Valve -> Valve Corporation) FirewallRules: [{08652A53-0121-473C-8A56-4CA001204E74}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Cell to Singularity\CellToSingularity.exe () [Brak podpisu cyfrowego] FirewallRules: [{11DE2304-FB56-4766-8847-05B2E9FD4A44}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Cell to Singularity\CellToSingularity.exe () [Brak podpisu cyfrowego] FirewallRules: [TCP Query User{743DDEA0-0BC3-423F-941D-1F78B659FAE7}C:\program files\jetbrains\pycharm community edition 2020.1.2\bin\pycharm64.exe] => (Allow) C:\program files\jetbrains\pycharm community edition 2020.1.2\bin\pycharm64.exe (JetBrains s.r.o. -> JetBrains s.r.o.) FirewallRules: [UDP Query User{921E8C09-C834-4B50-9EC4-3DB7E2D8341B}C:\program files\jetbrains\pycharm community edition 2020.1.2\bin\pycharm64.exe] => (Allow) C:\program files\jetbrains\pycharm community edition 2020.1.2\bin\pycharm64.exe (JetBrains s.r.o. -> JetBrains s.r.o.) FirewallRules: [{31D88EE3-BA5A-4B40-BD05-6FF666548ACC}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation) FirewallRules: [{EA5C4049-BC52-4A35-86EE-AB40A0AF8AE5}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation) FirewallRules: [{6D526976-0F9B-4F55-B118-920F72C20198}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation) FirewallRules: [{36BF8C4C-8967-44C6-8CD4-0E4AE19A6C26}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation) FirewallRules: [{E297C5FC-C06D-4DFD-B570-7F2FF877B41C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Source\hl2.exe (Valve -> ) FirewallRules: [{2AD46929-3E3C-4250-A1AC-55FCAC3543EC}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Source\hl2.exe (Valve -> ) FirewallRules: [TCP Query User{6B9F08BC-4654-4E82-BFBC-EBC3767D287D}C:\program files (x86)\manycam\manycam.exe] => (Allow) C:\program files (x86)\manycam\manycam.exe => Brak pliku FirewallRules: [UDP Query User{7AE4CC3B-408E-40D2-AF28-47D09C4F242D}C:\program files (x86)\manycam\manycam.exe] => (Allow) C:\program files (x86)\manycam\manycam.exe => Brak pliku FirewallRules: [TCP Query User{894EE58F-40E2-47FF-9B66-41A998215AC4}C:\users\patryk\downloads\quake 3 - arena\quake 3 - arena\quake iii arena\quake3.exe] => (Block) C:\users\patryk\downloads\quake 3 - arena\quake 3 - arena\quake iii arena\quake3.exe () [Brak podpisu cyfrowego] FirewallRules: [UDP Query User{59E39038-CFA0-4067-AC23-7A1D83400055}C:\users\patryk\downloads\quake 3 - arena\quake 3 - arena\quake iii arena\quake3.exe] => (Block) C:\users\patryk\downloads\quake 3 - arena\quake 3 - arena\quake iii arena\quake3.exe () [Brak podpisu cyfrowego] FirewallRules: [{8764C125-331A-4124-AA41-6A272234D805}] => (Allow) LPort=8317 FirewallRules: [{120F68E1-59A5-4050-8966-C3D8D653521B}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC) FirewallRules: [TCP Query User{2DFA6DF3-8EF6-4855-9A62-69CB2CF911B8}C:\program files (x86)\hearthstone\hearthstone.exe] => (Allow) C:\program files (x86)\hearthstone\hearthstone.exe => Brak pliku FirewallRules: [UDP Query User{E3D39E18-AA9C-48E3-9065-850CC81C09AF}C:\program files (x86)\hearthstone\hearthstone.exe] => (Allow) C:\program files (x86)\hearthstone\hearthstone.exe => Brak pliku FirewallRules: [{859B1AE8-3D55-460B-A02B-A7F165A42326}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Zombidle\Zombidle.exe () [Brak podpisu cyfrowego] FirewallRules: [{E0F6A170-F338-407D-A2FA-92AFC3E873D1}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Zombidle\Zombidle.exe () [Brak podpisu cyfrowego] FirewallRules: [TCP Query User{2E21053C-6E7D-44ED-92E2-C2AD9AD5411B}C:\users\patryk\downloads\anydesk.exe] => (Allow) C:\users\patryk\downloads\anydesk.exe => Brak pliku FirewallRules: [UDP Query User{925F1F9E-4896-4F70-96FB-F3DFD3176091}C:\users\patryk\downloads\anydesk.exe] => (Allow) C:\users\patryk\downloads\anydesk.exe => Brak pliku FirewallRules: [TCP Query User{94D089A9-9F5D-4DB3-B482-581AD74A1BDF}C:\users\patryk\desktop\anydesk.exe] => (Allow) C:\users\patryk\desktop\anydesk.exe (philandro Software GmbH -> philandro Software GmbH) FirewallRules: [UDP Query User{D48C3BE5-B878-4223-8994-3247973554C7}C:\users\patryk\desktop\anydesk.exe] => (Allow) C:\users\patryk\desktop\anydesk.exe (philandro Software GmbH -> philandro Software GmbH) FirewallRules: [{A75AED49-5419-498A-B9FD-A27B850A1BEC}] => (Allow) C:\Users\Patryk\AppData\Local\Programs\Opera\75.0.3969.149\opera.exe => Brak pliku ==================== Punkty Przywracania systemu ========================= 29-06-2021 20:48:17 Windows Update 02-07-2021 21:56:30 Windows Update 02-07-2021 22:07:15 Operacja przywracania 02-07-2021 22:45:04 Windows Update 04-07-2021 02:54:20 SPTD setup V1.81 04-07-2021 12:47:15 Removed Apple Software Update 04-07-2021 12:52:47 Removed Obsługa programów Apple 04-07-2021 12:54:22 Windows Live Essentials 04-07-2021 12:54:42 WLSetup 04-07-2021 12:58:23 Removed QuickTime 7 ==================== Wadliwe urządzenia w Menedżerze urządzeń ============ Name: Description: Class Guid: Manufacturer: Service: Problem: : The drivers for this device are not installed. (Code 28) Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard. ==================== Błędy w Dzienniku zdarzeń: ======================== Dziennik Aplikacja: ================== Error: (07/04/2021 01:14:19 PM) (Source: WinMgmt) (EventID: 10) (User: ) Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected. Error: (07/04/2021 12:58:56 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Nazwa aplikacji powodującej błąd: MsiExec.exe, wersja: 5.0.7601.23593, sygnatura czasowa: 0x582346da Nazwa modułu powodującego błąd: QuickTime.qts_unloaded, wersja: 0.0.0.0, sygnatura czasowa: 0x5668a2c5 Kod wyjątku: 0xc0000005 Przesunięcie błędu: 0x6f4ecd89 Identyfikator procesu powodującego błąd: 0xe98 Godzina uruchomienia aplikacji powodującej błąd: 0x01d770c393d0791e Ścieżka aplikacji powodującej błąd: C:\Windows\syswow64\MsiExec.exe Ścieżka modułu powodującego błąd: QuickTime.qts Identyfikator raportu: d3a60e50-dcb6-11eb-8fc6-4c809385d8b9 Error: (07/04/2021 12:25:46 PM) (Source: WinMgmt) (EventID: 10) (User: ) Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected. Error: (07/04/2021 03:00:30 AM) (Source: WinMgmt) (EventID: 10) (User: ) Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected. Error: (07/04/2021 02:54:33 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: ) Description: Przetwarzanie wywołania OnIdentity() w obiekcie System Writer przez Usługi kryptograficzne nie powiodło się. Details: AddWin32ServiceFiles: Unable to back up image of service Avast Tools since QueryServiceConfig API failed System Error: Nie można odnaleźć określonego pliku. . Error: (07/04/2021 02:54:33 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: ) Description: Przetwarzanie wywołania OnIdentity() w obiekcie System Writer przez Usługi kryptograficzne nie powiodło się. Details: AddWin32ServiceFiles: Unable to back up image of service Avast Antivirus since QueryServiceConfig API failed System Error: Nie można odnaleźć określonego pliku. . Error: (07/04/2021 02:54:33 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: ) Description: Przetwarzanie wywołania OnIdentity() w obiekcie System Writer przez Usługi kryptograficzne nie powiodło się. Details: AddWin32ServiceFiles: Unable to back up image of service aswbIDSAgent since QueryServiceConfig API failed System Error: Nie można odnaleźć określonego pliku. . Error: (07/04/2021 02:54:32 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: ) Description: Przetwarzanie wywołania OnIdentity() w obiekcie System Writer przez Usługi kryptograficzne nie powiodło się. Details: AddLegacyDriverFiles: Unable to back up image of binary aswSP. System Error: Nie można odnaleźć określonego pliku. . Dziennik System: ============= Error: (07/04/2021 01:12:45 PM) (Source: Service Control Manager) (EventID: 7026) (User: ) Description: Nie można załadować następujących sterowników startu rozruchowego lub systemowego: UimBus Uim_DEVIM Error: (07/04/2021 01:12:37 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Nie można uruchomić usługi RealtekWlanU z powodu następującego błędu: Nie można odnaleźć określonego pliku. Error: (07/04/2021 01:12:37 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Nie można uruchomić usługi Freemake Improver z powodu następującego błędu: Nie można odnaleźć określonego pliku. Error: (07/04/2021 01:12:36 PM) (Source: Service Control Manager) (EventID: 7003) (User: ) Description: Usługa Security Innovation TCS zależy od następującej usługi: TBS. Ta usługa może nie być zainstalowana. Error: (07/04/2021 01:12:33 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Nie można uruchomić usługi AvastWscReporter z powodu następującego błędu: Nie można odnaleźć określonego pliku. Error: (07/04/2021 12:27:03 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Nie można uruchomić usługi Usługa Aktualizacja programu Microsoft Edge (edgeupdate) z powodu następującego błędu: Usługa nie odpowiada na sygnał uruchomienia lub sygnał sterujący w oczekiwanym czasie. Error: (07/04/2021 12:27:03 PM) (Source: Service Control Manager) (EventID: 7009) (User: ) Description: Upłynął limit czasu (30000 ms) podczas oczekiwania na połączenie się z usługą Usługa Aktualizacja programu Microsoft Edge (edgeupdate). Error: (07/04/2021 12:24:24 PM) (Source: Service Control Manager) (EventID: 7026) (User: ) Description: Nie można załadować następujących sterowników startu rozruchowego lub systemowego: UimBus Uim_DEVIM Windows Defender: ================ Date: 2020-11-10 15:09:28.612 Description: Produkt Windows Defender napotkał błąd podczas próby aktualizacji aparatu. Nowa wersja aparatu:1.1.17600.5 Poprzednia wersja aparatu:1.1.6402.0 Źródło aktualizacji:Użytkownik Użytkownik:ZARZĄDZANIE NT\SYSTEM Kod błędu:0x8050800c Opis błędu:Wystąpił nieoczekiwany problem. Zainstaluj dostępne aktualizacje, a następnie spróbuj ponownie uruchomić program. Aby uzyskać informacje na temat instalowania aktualizacji, zobacz Pomoc i obsługę techniczną. ==================== Statystyki pamięci =========================== BIOS: Dell Inc. A12 02/18/2014 Płyta główna: Dell Inc. Procesor: Intel(R) Core(TM) i5-2450M CPU @ 2.50GHz Procent pamięci w użyciu: 93% Całkowita pamięć fizyczna: 4002.05 MB Dostępna pamięć fizyczna: 271.84 MB Całkowita pamięć wirtualna: 8002.25 MB Dostępna pamięć wirtualna: 2330.21 MB ==================== Dyski ================================ Drive c: () (Fixed) (Total:436.87 GB) (Free:281.14 GB) NTFS \\?\Volume{882f39c3-2334-11eb-9010-806e6f6e6963}\ (Zastrzeżone przez system) (Fixed) (Total:0.1 GB) (Free:0.07 GB) NTFS ==================== MBR & Tablica partycji ==================== ========================================================== Disk: 0 (MBR Code: Windows 7/8/10) (Size: 465.8 GB) (Disk ID: 229D4ECE) Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS) Partition 2: (Not Active) - (Size=436.9 GB) - (Type=07 NTFS) Partition 3: (Not Active) - (Size=28.8 GB) - (Type=05) ==================== Koniec Addition.txt =======================