Rezultaty skanu uzupełniającego Farbar Recovery Scan Tool (x64) Wersja: 14-08-2021 Uruchomiony przez aroma (15-08-2021 15:04:14) Uruchomiony z C:\Users\aroma\Downloads Windows 10 Pro Wersja 21H1 19043.1151 (X64) (2021-07-04 21:03:34) Tryb startu: Normal ========================================================== ==================== Konta użytkowników: ============================= (Załączenie wejścia w fixlist spowoduje jego usunięcie.) Administrator (S-1-5-21-211347227-136503218-582360509-500 - Administrator - Disabled) aroma (S-1-5-21-211347227-136503218-582360509-1001 - Administrator - Enabled) => C:\Users\aroma Gość (S-1-5-21-211347227-136503218-582360509-501 - Limited - Disabled) Konto domyślne (S-1-5-21-211347227-136503218-582360509-503 - Limited - Disabled) shark (S-1-5-21-211347227-136503218-582360509-1003 - Limited - Enabled) => C:\Users\shark WDAGUtilityAccount (S-1-5-21-211347227-136503218-582360509-504 - Limited - Disabled) _ashbackup_ (S-1-5-21-211347227-136503218-582360509-1002 - Administrator - Enabled) => C:\Users\_ashbackup_ ==================== Centrum zabezpieczeń ======================== (Załączenie wejścia w fixlist spowoduje jego usunięcie.) AV: Bitdefender Antywirus (Enabled - Up to date) {BAD274F4-FA00-8560-1CDE-6C830442BEFA} AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} FW: Bitdefender Zapora Sieciowa (Enabled) {82E9F5D1-B06F-8438-3781-C5B6FA91F981} ==================== Zainstalowane programy ====================== (W fixlist dozwolone tylko załączanie programów adware z flagą "Hidden" w celu ich uwidocznienia. Programy adware powinny zostać w poprawny sposób odinstalowane.) AMD Chipset Software (HKLM-x32\...\AMD_Chipset_IODrivers) (Version: 2.15.07.2229 - Advanced Micro Devices, Inc.) AMD Ryzen Master SDK (HKLM\...\{DBD50508-5F75-416B-995D-C42433A00944}) (Version: 2.7.0.1725 - Advanced Micro Devices, Inc.) AMD_Chipset_Drivers (HKLM-x32\...\{c370a4bd-5e86-489d-b1a5-54ceee532d20}) (Version: 2.15.07.2229 - Advanced Micro Devices, Inc.) Hidden Ashampoo Backup 2021 (HKLM\...\{34B007AF-D99B-C055-E3AD-8BDE58435351}_is1) (Version: 15.03 - Ashampoo GmbH & Co. KG) Ashampoo WinOptimizer 17 (HKLM-x32\...\{4209F371-A288-7880-7A7F-D105477C7D11}_is1) (Version: 17.00.33 - Ashampoo GmbH & Co. KG) Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment) Bitdefender Agent (HKLM\...\Bitdefender Agent) (Version: 25.0.1.192 - Bitdefender) Bitdefender Internet Security (HKLM\...\Bitdefender) (Version: 25.0.23.81 - Bitdefender) Corsair LINK 4 (HKLM-x32\...\{42E978FD-3358-4461-9EA5-9C872979E2EA}) (Version: 4.9.9.3 - Corsair Components, Inc.) Hidden Corsair LINK 4 (HKLM-x32\...\{ab593f70-89d2-468d-8eb2-ed71ffa0eedb}) (Version: 4.9.9.3 - Corsair Components, Inc.) Creative ASIO (USB) (HKLM-x32\...\Creative_ASIO(USB)) (Version: 1.00 - Creative Technology Limited) Creative System Information (HKLM-x32\...\SysInfo) (Version: 1.10 - Creative Technology Limited) Cyberpunk 2077 (HKLM-x32\...\1423049311_is1) (Version: 1.23 - GOG.com) Discord (HKU\S-1-5-21-211347227-136503218-582360509-1001\...\Discord) (Version: 1.0.9002 - Discord Inc.) Discord (HKU\S-1-5-21-211347227-136503218-582360509-1002\...\Discord) (Version: 1.0.9002 - Discord Inc.) Discord (HKU\S-1-5-21-211347227-136503218-582360509-1003\...\Discord) (Version: 1.0.9002 - Discord Inc.) Documentation Manager (HKLM\...\{0203C24C-452D-4344-871F-DE3C7B49C328}) (Version: 22.40.0.7 - Intel Corporation) Hidden Driver Booster 8 (HKLM-x32\...\Driver Booster_is1) (Version: 8.4.0 - IObit) ENE_DRAM_RGB_AIO (HKLM\...\{1745D314-9077-46C9-8562-1C62BAE189B7}) (Version: 1.0.2.2 - Ene Tech.) Hidden ENE_DRAM_RGB_AIO (HKLM-x32\...\{c0cc7253-fa06-46c2-9ceb-f8641408262f}) (Version: 1.0.2.2 - Ene Tech.) Hidden ENE_EHD_M2_HAL (HKLM\...\{37A48B7F-D4EA-4863-844E-A284E2AA3C5D}) (Version: 1.0.8.13 - ENE TECHNOLOGY INC.) Hidden ENE_EHD_M2_HAL (HKLM-x32\...\{54d3d2b5-db16-446d-b6dd-f4964b166b3b}) (Version: 1.0.8.13 - ENE TECHNOLOGY INC.) Hidden ENE_MousePad_HAL (HKLM\...\{9E97178A-ADB8-4778-BE60-7E28E2A72721}) (Version: 1.0.2.0 - ENE TECHNOLOGY INC.) Hidden ENE_MousePad_HAL (HKLM-x32\...\{c2c794a4-7986-4c45-884d-d4ca43b88df9}) (Version: 1.0.2.0 - ENE TECHNOLOGY INC.) Hidden ENE_X-JMI_HAL (HKLM\...\{2B8E611F-0B51-4FAC-87BB-AF50D82E7DDA}) (Version: 1.0.5.1 - ENE Tech) Hidden ENE_X-JMI_HAL (HKLM-x32\...\{50ec3a07-291b-463e-be86-487eb8cbb71c}) (Version: 1.0.5.1 - ENE Tech) Hidden Epic Games Launcher Prerequisites (x64) (HKLM\...\{F9C5C994-F6B9-4D75-B3E7-AD01B84073E9}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden FIFA 21 (HKLM-x32\...\{A918ACE7-A83B-41F4-8746-AEF8DC821879}) (Version: 1.0.71.38728 - Electronic Arts) GOG GALAXY (HKLM-x32\...\{7258BA11-600C-430E-A759-27E2C691A335}_is1) (Version: - GOG.com) Google Chrome (HKLM-x32\...\Google Chrome) (Version: 92.0.4515.131 - Google LLC) Intel(R) Wireless Bluetooth(R) (HKLM-x32\...\{00000040-0220-1045-84C8-B8D95FA3C8C3}) (Version: 22.40.0.2 - Intel Corporation) Intel® Software Installer (HKLM-x32\...\{cc2553fe-0c12-40bb-8d08-969eacd8c686}) (Version: 22.40.0.7 - Intel Corporation) Hidden Launcher Prerequisites (x64) (HKLM-x32\...\{43a03b9c-4770-409c-a999-587b60700b63}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden Logitech G HUB (HKLM\...\{521c89be-637f-4274-a840-baaf7460c2b2}) (Version: 2021.8.792 - Logitech) Microsoft OneDrive (HKU\S-1-5-21-211347227-136503218-582360509-1003\...\OneDriveSetup.exe) (Version: 21.139.0711.0001 - Microsoft Corporation) Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50918.0 - Microsoft Corporation) Microsoft Update Health Tools (HKLM\...\{852D8FE5-BC66-4061-B1C4-CADF51E5B27D}) (Version: 2.82.0.0 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40660 (HKLM-x32\...\{ef6b00ec-13e1-4c25-9064-b2f383cb8412}) (Version: 12.0.40660.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.40660 (HKLM-x32\...\{61087a79-ac85-455c-934d-1fa22cc64f36}) (Version: 12.0.40660.0 - Microsoft Corporation) Microsoft Visual C++ 2015-2019 Redistributable (x64) - 14.29.30040 (HKLM-x32\...\{5c6cccca-61ec-4667-a8d9-e133a59a5a73}) (Version: 14.29.30040.0 - Microsoft Corporation) Microsoft Visual C++ 2015-2019 Redistributable (x86) - 14.29.30040 (HKLM-x32\...\{a8968509-65be-4c09-a460-fd1584b1cdbf}) (Version: 14.29.30040.0 - Microsoft Corporation) Microsoft XNA Framework Redistributable 4.0 Refresh (HKLM-x32\...\{D69C8EDE-BBC5-436B-8E0E-C5A6D311CF4F}) (Version: 4.0.30901.0 - Microsoft Corporation) MSI SDK (HKLM-x32\...\{EE7D557C-3AE7-4348-8DCA-3A89790D0002}}_is1) (Version: 2.2021.0428.01 - MSI) NVIDIA FrameView SDK 1.1.4923.29968894 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_FrameViewSdk) (Version: 1.1.4923.29968894 - NVIDIA Corporation) NVIDIA GeForce Experience 3.23.0.74 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.23.0.74 - NVIDIA Corporation) NVIDIA G-SYNC Pendulum Demo (HKLM-x32\...\G-SYNC) (Version: 1.13 - NVIDIA Corporation) NVIDIA Oprogramowanie systemu PhysX 9.19.0218 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.19.0218 - NVIDIA Corporation) NVIDIA Sterownik dźwięku HD 1.3.38.60 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.38.60 - NVIDIA Corporation) NVIDIA Sterownik graficzny 471.68 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 471.68 - NVIDIA Corporation) NVIDIA USBC Driver 1.46.831.832 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_USBC) (Version: 1.46.831.832 - NVIDIA Corporation) OpenAL (HKLM-x32\...\OpenAL) (Version: - ) Opera Stable 77.0.4054.277 (HKU\S-1-5-21-211347227-136503218-582360509-1002\...\Opera 77.0.4054.277) (Version: 77.0.4054.277 - Opera Software) Opera Stable 77.0.4054.277 (HKU\S-1-5-21-211347227-136503218-582360509-1003\...\Opera 77.0.4054.277) (Version: 77.0.4054.277 - Opera Software) Opera Stable 78.0.4093.147 (HKU\S-1-5-21-211347227-136503218-582360509-1001\...\Opera 78.0.4093.147) (Version: 78.0.4093.147 - Opera Software) Origin (HKLM-x32\...\Origin) (Version: 10.5.102.48654 - Electronic Arts, Inc.) Pakiet sterowników systemu Windows - Corsair Components, Inc. (SIUSBXP) USB (07/14/2017 3.3) (HKLM\...\A2206C09905C467F30CB24DCBB49F056D7F0A290) (Version: 07/14/2017 3.3 - Corsair Components, Inc.) PerformanceTest v10.1 (HKLM\...\PerformanceTest 10_is1) (Version: 10.1.1002.0 - Passmark Software) Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 10.46.1231.2020 - Realtek) Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.8186 - Realtek Semiconductor Corp.) Riot Vanguard (HKLM\...\Riot Vanguard) (Version: - Riot Games, Inc.) Samsung Magician (HKLM-x32\...\{29AE3F9F-7158-4ca7-B1ED-28A73ECDB215}_is1) (Version: 6.3.0.330 - Samsung Electronics) Samsung NVM Express Driver (HKLM-x32\...\{ff94c273-58d5-40b5-b03a-9bd41d5cff1e}) (Version: 3.3.0.2003 - Samsung Electronics) Samsung NVM Express Driver 3.3.0.2003 (HKLM\...\{89D55DD5-FE94-497B-B5E5-91915D52DBF2}) (Version: 3.3.0.2003 - Samsung Electronics Co., Ltd) Hidden Update for Windows 10 for x64-based Systems (KB5001716) (HKLM\...\{3800CCFC-4006-4B30-A103-416AF26A885C}) (Version: 2.71.0.0 - Microsoft Corporation) USB Sound Blaster HD (HKLM-x32\...\{3BE06146-8ADC-47D7-9AD5-E5CABF1FF90C}) (Version: 1.0 - Creative Technology Limited) VALORANT (HKU\S-1-5-21-211347227-136503218-582360509-1001\...\Riot Game valorant.live) (Version: - Riot Games, Inc) VALORANT (HKU\S-1-5-21-211347227-136503218-582360509-1002\...\Riot Game valorant.live) (Version: - Riot Games, Inc) VALORANT (HKU\S-1-5-21-211347227-136503218-582360509-1003\...\Riot Game valorant.live) (Version: - Riot Games, Inc) VLC media player (HKLM\...\VLC media player) (Version: 3.0.16 - VideoLAN) WD_BLACK AN1500 (HKLM\...\{085E2365-0A70-4230-B664-02D5E4FE7E9C}) (Version: 1.0.12.0 - ENE TECHNOLOGY INC.) Hidden WD_BLACK AN1500 (HKLM-x32\...\{9c94735f-73fd-4b0f-9ddb-8be7b3cc4681}) (Version: 1.0.12.0 - ENE TECHNOLOGY INC.) Hidden WD_BLACK D50 (HKLM\...\{BDE43F26-5917-44F8-B86A-F1D9A6B80B32}) (Version: 1.0.9.0 - ENE TECHNOLOGY INC.) Hidden WD_BLACK D50 (HKLM-x32\...\{a1d1ba00-92b7-4a99-8ebd-65b25c0e9e44}) (Version: 1.0.9.0 - ENE TECHNOLOGY INC.) Hidden Packages: ========= Dodatek Aparat multimediów dla aplikacji Zdjęcia -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2021-08-15] (Microsoft Corporation) DragonCenter -> C:\Program Files\WindowsApps\9426MICRO-STARINTERNATION.DragonCenter_2.0.109.0_x64__kzh8wxbdkxb8p [2021-08-15] (MICRO-STAR INTERNATIONAL CO., LTD) [Startup Task] Messenger -> C:\Program Files\WindowsApps\FACEBOOK.317180B0BB486_970.11.116.0_x64__8xx8rvfyw5nnt [2021-08-15] (Facebook Inc) [Startup Task] Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2021-08-15] (Microsoft Corporation) [MS Ad] Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2021-08-15] (Microsoft Corporation) [MS Ad] MSI Center -> C:\Program Files\WindowsApps\9426MICRO-STARINTERNATION.MSICenter_1.0.22.0_x64__kzh8wxbdkxb8p [2021-08-15] (MICRO-STAR INTERNATIONAL CO., LTD) [Startup Task] NVIDIA Control Panel -> C:\Program Files\WindowsApps\NVIDIACorp.NVIDIAControlPanel_8.1.961.0_x64__56jybvy8sckqj [2021-08-15] (NVIDIA Corp.) Spotify Music -> C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.165.643.0_x86__zpdnekdrzrea0 [2021-08-15] (Spotify AB) [Startup Task] ==================== Niestandardowe rejestracje CLSID (filtrowane): ============== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) CustomCLSID: HKU\S-1-5-21-211347227-136503218-582360509-1001_Classes\CLSID\{80172dde-4e20-4df0-81a2-0a48553e80bb}\localserver32 -> C:\Users\aroma\AppData\Local\NhNotifSys\nahimic\nahimicNotifSys.exe (A-Volute SAS -> A-Volute) ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => D:\Program Files\WinRAR\rarext.dll [2013-09-24] (win.rar GmbH -> Alexander Roshal) ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => D:\Program Files\WinRAR\rarext32.dll [2013-09-24] (win.rar GmbH -> Alexander Roshal) ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_253e24b785ea60ca\nvshext.dll [2021-08-06] (Nvidia Corporation -> NVIDIA Corporation) ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => D:\Program Files\WinRAR\rarext.dll [2013-09-24] (win.rar GmbH -> Alexander Roshal) ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => D:\Program Files\WinRAR\rarext32.dll [2013-09-24] (win.rar GmbH -> Alexander Roshal) ==================== Codecs (filtrowane) ==================== ==================== Skróty & WMI ======================== ==================== Załadowane moduły (filtrowane) ============= 2021-08-10 15:48 - 2021-08-10 07:39 - 000634880 _____ () [Brak podpisu cyfrowego] \\?\C:\Program Files\LGHUB\resources\app.asar.unpacked\node_modules\keytar\build\Release\keytar.node 2021-07-06 21:32 - 2021-07-06 21:32 - 054230528 _____ () [Brak podpisu cyfrowego] \\?\C:\Program Files\WindowsApps\FACEBOOK.317180B0BB486_970.11.116.0_x64__8xx8rvfyw5nnt\app\resources\app.asar.unpacked\build\addon.node 2021-07-06 21:32 - 2021-07-06 21:32 - 000763392 _____ () [Brak podpisu cyfrowego] \\?\C:\Program Files\WindowsApps\FACEBOOK.317180B0BB486_970.11.116.0_x64__8xx8rvfyw5nnt\app\resources\app.asar.unpacked\build\keytar.node 2021-07-06 21:32 - 2021-07-06 21:32 - 000750080 _____ () [Brak podpisu cyfrowego] \\?\C:\Program Files\WindowsApps\FACEBOOK.317180B0BB486_970.11.116.0_x64__8xx8rvfyw5nnt\app\resources\app.asar.unpacked\build\logging.node 2021-07-06 21:32 - 2021-07-06 21:32 - 001037824 _____ () [Brak podpisu cyfrowego] \\?\C:\Program Files\WindowsApps\FACEBOOK.317180B0BB486_970.11.116.0_x64__8xx8rvfyw5nnt\app\resources\app.asar.unpacked\build\spellchecker_win.node 2021-07-06 21:32 - 2021-07-06 21:32 - 001218560 _____ () [Brak podpisu cyfrowego] \\?\C:\Program Files\WindowsApps\FACEBOOK.317180B0BB486_970.11.116.0_x64__8xx8rvfyw5nnt\app\resources\app.asar.unpacked\build\systeminfo.node 2021-07-06 21:32 - 2021-07-06 21:32 - 000614912 _____ () [Brak podpisu cyfrowego] \\?\C:\Program Files\WindowsApps\FACEBOOK.317180B0BB486_970.11.116.0_x64__8xx8rvfyw5nnt\app\resources\app.asar.unpacked\build\windows.applicationmodel.node 2021-07-06 21:32 - 2021-07-06 21:32 - 000202240 _____ () [Brak podpisu cyfrowego] \\?\C:\Program Files\WindowsApps\FACEBOOK.317180B0BB486_970.11.116.0_x64__8xx8rvfyw5nnt\app\resources\app.asar.unpacked\build\windows.networking.pushnotifications.node 2021-07-06 21:32 - 2021-07-06 21:32 - 001144832 _____ () [Brak podpisu cyfrowego] \\?\C:\Program Files\WindowsApps\FACEBOOK.317180B0BB486_970.11.116.0_x64__8xx8rvfyw5nnt\app\resources\app.asar.unpacked\build\windows.storage.node 2021-07-06 21:32 - 2021-07-06 21:32 - 000681984 _____ () [Brak podpisu cyfrowego] \\?\C:\Program Files\WindowsApps\FACEBOOK.317180B0BB486_970.11.116.0_x64__8xx8rvfyw5nnt\app\resources\app.asar.unpacked\build\windows.ui.notifications.node 2021-07-09 23:19 - 2017-08-03 05:48 - 000237568 _____ () [Brak podpisu cyfrowego] C:\Program Files (x86)\MSI\One Dragon Center\Mystic_Light\LEDControl.dll 2021-07-08 21:43 - 2020-11-04 12:00 - 000064512 _____ () [Brak podpisu cyfrowego] c:\Program Files\Ashampoo\Ashampoo Backup 2021\bin\ashinetutil.dll 2021-07-08 21:43 - 2020-11-04 12:00 - 000225792 _____ () [Brak podpisu cyfrowego] c:\Program Files\Ashampoo\Ashampoo Backup 2021\bin\jsoncpp.dll 2021-07-08 21:43 - 2020-11-04 12:00 - 000056320 _____ () [Brak podpisu cyfrowego] c:\Program Files\Ashampoo\Ashampoo Backup 2021\bin\lzma.dll 2021-07-08 21:43 - 2020-11-04 12:00 - 000111616 _____ () [Brak podpisu cyfrowego] c:\Program Files\Ashampoo\Ashampoo Backup 2021\bin\minizip.dll 2021-07-08 21:43 - 2020-11-04 12:00 - 000226816 _____ () [Brak podpisu cyfrowego] c:\Program Files\Ashampoo\Ashampoo Backup 2021\bin\party.dll 2021-07-08 21:43 - 2020-11-04 12:00 - 000678912 _____ () [Brak podpisu cyfrowego] c:\Program Files\Ashampoo\Ashampoo Backup 2021\bin\sqlite.dll 2021-07-08 21:43 - 2020-11-04 12:00 - 001082368 _____ () [Brak podpisu cyfrowego] c:\Program Files\Ashampoo\Ashampoo Backup 2021\bin\webdave.dll 2021-07-08 21:43 - 2020-11-04 12:00 - 000082944 _____ () [Brak podpisu cyfrowego] c:\Program Files\Ashampoo\Ashampoo Backup 2021\bin\zdll.dll 2021-07-08 21:43 - 2020-11-04 12:00 - 000074240 _____ () [Brak podpisu cyfrowego] c:\Program Files\Ashampoo\Ashampoo Backup 2021\bin\ziputil.dll 2021-07-08 21:43 - 2020-11-04 12:00 - 000025088 _____ () [Brak podpisu cyfrowego] c:\Program Files\Ashampoo\Ashampoo Backup 2021\bin\zlibutil.dll 2019-04-06 10:53 - 2017-03-11 21:00 - 000391680 _____ () [Brak podpisu cyfrowego] D:\PROGRAMY - OBRAZY - INSTALKI\PODSTAWOWE\RocketDock\Docklets\StackDocklet\StackDocklet.dll 2019-04-06 10:53 - 2007-09-02 13:57 - 000069632 _____ () [Brak podpisu cyfrowego] D:\PROGRAMY - OBRAZY - INSTALKI\PODSTAWOWE\RocketDock\RocketDock.dll 2018-12-28 13:10 - 2018-12-28 13:10 - 001272832 _____ (CPUID) [Brak podpisu cyfrowego] D:\Program Files\cpuidsdk.dll 2021-07-09 23:19 - 2018-11-15 14:08 - 002200784 _____ (Dexin Corp -> MICRO-STAR INTERNATIONAL) [Brak podpisu cyfrowego] C:\Program Files (x86)\MSI\One Dragon Center\Mystic_Light\IcMSIDll.dll 2021-07-06 20:18 - 2021-07-06 20:18 - 002972368 _____ (Dexin Corp -> MICRO-STAR INTERNATIONAL) [Brak podpisu cyfrowego] C:\Program Files\WindowsApps\9426MICRO-STARINTERNATION.DragonCenter_2.0.109.0_x64__kzh8wxbdkxb8p\DCv2\Device\GM6070\IcMSIDll.dll 2021-07-09 23:19 - 2018-08-31 07:26 - 000053760 _____ (MS) [Brak podpisu cyfrowego] C:\Program Files (x86)\MSI\One Dragon Center\Mystic_Light\MsIo32_Galax.dll 2018-12-28 13:10 - 2018-12-28 13:10 - 000090112 _____ (Silicon Laboratories, Inc.) [Brak podpisu cyfrowego] D:\Program Files\SiUSBXp.dll 2021-07-08 21:43 - 2018-06-27 10:58 - 002135040 _____ (The curl library, hxxps://curl.haxx.se/) [Brak podpisu cyfrowego] c:\Program Files\Ashampoo\Ashampoo Backup 2021\bin\ash_libcurl.dll 2021-07-08 21:43 - 2020-11-04 12:00 - 000431616 _____ (The curl library, hxxps://curl.haxx.se/) [Brak podpisu cyfrowego] c:\Program Files\Ashampoo\Ashampoo Backup 2021\bin\libcurl.dll 2021-08-08 21:16 - 2021-07-11 15:45 - 001282048 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [Brak podpisu cyfrowego] C:\Program Files (x86)\Origin\LIBEAY32.dll 2021-08-08 21:16 - 2021-07-11 15:45 - 000279040 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [Brak podpisu cyfrowego] C:\Program Files (x86)\Origin\ssleay32.dll 2021-07-08 21:43 - 2020-11-04 12:00 - 003423744 _____ (The OpenSSL Project, hxxps://www.openssl.org/) [Brak podpisu cyfrowego] c:\Program Files\Ashampoo\Ashampoo Backup 2021\bin\libcrypto-1_1-x64.dll 2021-07-08 21:43 - 2020-11-04 12:00 - 000684032 _____ (The OpenSSL Project, hxxps://www.openssl.org/) [Brak podpisu cyfrowego] c:\Program Files\Ashampoo\Ashampoo Backup 2021\bin\libssl-1_1-x64.dll 2021-08-08 21:16 - 2021-07-11 15:45 - 001611264 _____ (The Qt Company Ltd) [Brak podpisu cyfrowego] C:\Program Files (x86)\Origin\platforms\qwindows.dll 2021-08-08 21:16 - 2021-07-11 15:45 - 005487104 _____ (The Qt Company Ltd) [Brak podpisu cyfrowego] C:\Program Files (x86)\Origin\Qt5Core.dll 2021-08-08 21:16 - 2021-07-11 15:45 - 005841920 _____ (The Qt Company Ltd) [Brak podpisu cyfrowego] C:\Program Files (x86)\Origin\Qt5Gui.dll 2021-08-08 21:16 - 2021-07-11 15:45 - 001179136 _____ (The Qt Company Ltd) [Brak podpisu cyfrowego] C:\Program Files (x86)\Origin\Qt5Network.dll 2021-08-08 21:16 - 2021-07-11 15:45 - 000146432 _____ (The Qt Company Ltd) [Brak podpisu cyfrowego] C:\Program Files (x86)\Origin\Qt5WebSockets.dll 2021-08-08 21:16 - 2021-07-11 15:45 - 005089792 _____ (The Qt Company Ltd) [Brak podpisu cyfrowego] C:\Program Files (x86)\Origin\Qt5Widgets.dll 2021-08-08 21:16 - 2021-07-11 15:45 - 000184832 _____ (The Qt Company Ltd) [Brak podpisu cyfrowego] C:\Program Files (x86)\Origin\Qt5Xml.dll 2021-07-09 23:19 - 2016-10-04 04:43 - 000399872 _____ (TODO: <公司名稱>) [Brak podpisu cyfrowego] C:\Program Files (x86)\MSI\One Dragon Center\Mystic_Light\Lib\SDKDLL.dll 2021-07-08 21:43 - 2020-11-04 12:00 - 000151552 _____ (wxWidgets development team) [Brak podpisu cyfrowego] c:\Program Files\Ashampoo\Ashampoo Backup 2021\bin\wxbase310u_net_vc_ox.dll 2021-07-08 21:43 - 2020-11-04 12:00 - 002172416 _____ (wxWidgets development team) [Brak podpisu cyfrowego] c:\Program Files\Ashampoo\Ashampoo Backup 2021\bin\wxbase310u_vc_ox.dll 2021-07-08 21:43 - 2020-11-04 12:00 - 000165888 _____ (wxWidgets development team) [Brak podpisu cyfrowego] c:\Program Files\Ashampoo\Ashampoo Backup 2021\bin\wxbase310u_xml_vc_ox.dll 2021-07-08 21:43 - 2020-11-04 12:00 - 001376768 _____ (wxWidgets development team) [Brak podpisu cyfrowego] c:\Program Files\Ashampoo\Ashampoo Backup 2021\bin\wxmsw310u_adv_vc_ox.dll 2021-07-08 21:43 - 2020-11-04 12:00 - 004942336 _____ (wxWidgets development team) [Brak podpisu cyfrowego] c:\Program Files\Ashampoo\Ashampoo Backup 2021\bin\wxmsw310u_core_vc_ox.dll 2021-07-08 21:43 - 2020-11-04 12:00 - 000642048 _____ (wxWidgets development team) [Brak podpisu cyfrowego] c:\Program Files\Ashampoo\Ashampoo Backup 2021\bin\wxmsw310u_html_vc_ox.dll 2021-07-08 21:43 - 2020-11-04 12:00 - 000764416 _____ (wxWidgets development team) [Brak podpisu cyfrowego] c:\Program Files\Ashampoo\Ashampoo Backup 2021\bin\wxmsw310u_xrc_vc_ox.dll ==================== Alternate Data Streams (filtrowane) ======== (Załączenie wejścia w fixlist spowoduje usunięcie strumienia ADS.) AlternateDataStreams: C:\Users\aroma\Dane aplikacji:00e481b5e22dbe1f649fcddd505d3eb7 [394] AlternateDataStreams: C:\Users\aroma\AppData\Roaming:00e481b5e22dbe1f649fcddd505d3eb7 [394] ==================== Tryb awaryjny (filtrowane) ================== ==================== Powiązania plików (filtrowane) ================= ==================== Internet Explorer (filtrowane) ========== HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Local Page = SearchScopes: HKU\S-1-5-21-211347227-136503218-582360509-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-21-211347227-136503218-582360509-1002 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-21-211347227-136503218-582360509-1003 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = BHO: Bitdefender Trackers Blocking -> {159ff5d5-55f1-4d2f-b706-767a55f77abb} -> C:\Program Files\Bitdefender\Bitdefender Security\bdtbie.dll [2021-06-10] (Bitdefender SRL -> Bitdefender) BHO: Portfel Bitdefender -> {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} -> C:\Program Files\Bitdefender\Bitdefender Security\pmbxie.dll [2021-06-10] (Bitdefender SRL -> Bitdefender) BHO-x32: Bitdefender Trackers Blocking -> {159ff5d5-55f1-4d2f-b706-767a55f77abb} -> C:\Program Files\Bitdefender\Bitdefender Security\antispam32\bdtbie.dll [2021-06-10] (Bitdefender SRL -> Bitdefender) BHO-x32: Portfel Bitdefender -> {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} -> C:\Program Files\Bitdefender\Bitdefender Security\Antispam32\pmbxie.dll [2021-06-10] (Bitdefender SRL -> Bitdefender) Toolbar: HKLM - Portfel Bitdefender - {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} - C:\Program Files\Bitdefender\Bitdefender Security\pmbxie.dll [2021-06-10] (Bitdefender SRL -> Bitdefender) Toolbar: HKLM-x32 - Portfel Bitdefender - {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} - C:\Program Files\Bitdefender\Bitdefender Security\Antispam32\pmbxie.dll [2021-06-10] (Bitdefender SRL -> Bitdefender) ==================== Hosts - zawartość: ========================= (Użycie dyrektywy Hosts: w fixlist spowoduje reset pliku Hosts.) 2019-03-19 06:49 - 2021-08-15 14:12 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts 2021-08-14 20:48 - 2021-08-14 20:48 - 000000375 _____ C:\WINDOWS\system32\drivers\etc\hosts.ics ==================== Inne obszary =========================== (Obecnie brak automatycznej naprawy dla tej sekcji.) HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> %SystemRoot%\system32\WBEM;C:\WINDOWS\system32\WBEM;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Windows\System32\OpenSSH\;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Program Files\NVIDIA Corporation\NVIDIA NvDLISR;C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem;C:\WINDOWS\System32\WindowsPowerShell\v1.0\;C:\WINDOWS\System32\OpenSSH\;C:\Users\aroma\AppData\Local\Microsoft\WindowsApps; HKU\S-1-5-21-211347227-136503218-582360509-1001\Control Panel\Desktop\\Wallpaper -> E:\DANIEL - WAZNE\Wallpapers\q3.jpg HKU\S-1-5-21-211347227-136503218-582360509-1002\Control Panel\Desktop\\Wallpaper -> C:\Windows\Web\Wallpaper\Windows\img0.jpg HKU\S-1-5-21-211347227-136503218-582360509-1003\Control Panel\Desktop\\Wallpaper -> C:\WINDOWS\web\wallpaper\Windows\img0.jpg DNS Servers: 212.224.129.90 - 212.224.129.94 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1) HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: ) Zapora systemu Windows [funkcja włączona] ==================== MSCONFIG/TASK MANAGER - Wyłączone elementy == (Załączenie wejścia w fixlist spowoduje jego usunięcie.) HKLM\...\StartupApproved\Run: => "Ashampoo Backup" HKLM\...\StartupApproved\Run32: => "VolPanel" HKU\S-1-5-21-211347227-136503218-582360509-1001\...\StartupApproved\Run: => "Discord" HKU\S-1-5-21-211347227-136503218-582360509-1001\...\StartupApproved\Run: => "CTRegRun" ==================== Reguły Zapory systemu Windows (filtrowane) ================ (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) FirewallRules: [UDP Query User{3B4C0FF2-4E13-4818-8BD6-B1EAE3BAC399}C:\program files\lghub\lghub_agent.exe] => (Allow) C:\program files\lghub\lghub_agent.exe (Logitech Inc -> Logitech, Inc.) FirewallRules: [TCP Query User{151BD004-7135-4A09-B071-4550F297687E}C:\program files\lghub\lghub_agent.exe] => (Allow) C:\program files\lghub\lghub_agent.exe (Logitech Inc -> Logitech, Inc.) FirewallRules: [{763DEA66-2BD3-4B0B-8CC3-1EC80C96ADEE}] => (Allow) D:\GAMES\SteamLibrary\steamapps\common\Hacknet\Hacknet.exe () [Brak podpisu cyfrowego] FirewallRules: [{DEA0E87C-A0A8-46BE-AEC3-EBE7BD31BAD4}] => (Allow) D:\GAMES\SteamLibrary\steamapps\common\Hacknet\Hacknet.exe () [Brak podpisu cyfrowego] FirewallRules: [{D0B01480-E32D-49B3-B469-A342CDF4C260}] => (Allow) D:\GAMES\SteamLibrary\steamapps\common\Quake Live\quakelive_steam.exe (id Software Inc.) [Brak podpisu cyfrowego] FirewallRules: [{5CB2587F-420F-463B-A80F-87D34598E4D9}] => (Allow) D:\GAMES\SteamLibrary\steamapps\common\Quake Live\quakelive_steam.exe (id Software Inc.) [Brak podpisu cyfrowego] FirewallRules: [{D94B4AB8-9E91-47B1-8747-54657DD43CBD}] => (Allow) D:\GAMES\SteamLibrary\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation) FirewallRules: [{23308AF1-735C-4E9F-A09F-606C686277AF}] => (Allow) D:\GAMES\SteamLibrary\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation) FirewallRules: [{B9B6F49B-B93A-4783-B0EA-86D63FFC81D0}] => (Allow) D:\GAMES\SteamLibrary\steam.exe (Valve -> Valve Corporation) FirewallRules: [{826CDD4A-3203-42BA-B7E9-E74A047C3EE3}] => (Allow) D:\GAMES\SteamLibrary\steam.exe (Valve -> Valve Corporation) FirewallRules: [{E8BF6633-115E-4F3B-972F-001719872C53}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation) FirewallRules: [{E7D3DE47-B611-40AD-8A05-44707458F3BD}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation) FirewallRules: [{708FF558-E66C-4BE7-A6D1-F27AE8F96A8B}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation) FirewallRules: [{514C1271-8425-4B9F-8A24-6BACC0F9A288}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation) FirewallRules: [{798B561E-418A-4A48-B975-0F0A7A1E0B1E}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation) FirewallRules: [{6DCC4053-8C6F-4994-A316-A16E50AA9DB4}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation) FirewallRules: [{11DA9014-3793-409E-AFAB-F66C114F208D}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.72.94.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.) FirewallRules: [{C2BCAC8B-9E36-44D2-87A3-963798F49D21}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.72.94.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.) FirewallRules: [{6F6E0C8F-1860-4447-A60C-F85846D3C6B7}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.72.94.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.) FirewallRules: [{F69E5773-C2EC-47E4-B73E-A732B38944AC}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.72.94.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.) FirewallRules: [TCP Query User{6F0A9358-BE71-49C4-915F-F80E41F99839}D:\games\steamlibrary\steamapps\common\quakechampions\client\bin\pc\quakechampions.exe] => (Allow) D:\games\steamlibrary\steamapps\common\quakechampions\client\bin\pc\quakechampions.exe (id Software) [Brak podpisu cyfrowego] FirewallRules: [UDP Query User{6CBF7975-D954-4621-913C-B8806D77ABC2}D:\games\steamlibrary\steamapps\common\quakechampions\client\bin\pc\quakechampions.exe] => (Allow) D:\games\steamlibrary\steamapps\common\quakechampions\client\bin\pc\quakechampions.exe (id Software) [Brak podpisu cyfrowego] FirewallRules: [{E103AEE1-9F08-47A6-9A82-5E16821B1042}] => (Allow) D:\GAMES\SteamLibrary\steamapps\common\PUBG\TslGame\Binaries\Win64\ExecPubg.exe (PUBG CORPORATION -> PUBG Corporation) FirewallRules: [{E92E3DBC-366C-48CF-A4D4-4773C9615786}] => (Allow) D:\GAMES\SteamLibrary\steamapps\common\PUBG\TslGame\Binaries\Win64\ExecPubg.exe (PUBG CORPORATION -> PUBG Corporation) FirewallRules: [TCP Query User{B8BD26E7-E54B-4426-BD9A-6FA63D400F1D}D:\games\steamlibrary\steamapps\common\pubg\tslgame\binaries\win64\tslgame.exe] => (Allow) D:\games\steamlibrary\steamapps\common\pubg\tslgame\binaries\win64\tslgame.exe (PUBG CORPORATION -> Bluehole GinnoGames, Inc.) FirewallRules: [UDP Query User{3FEDADA6-8370-40EC-9640-7DBFAEBD5A64}D:\games\steamlibrary\steamapps\common\pubg\tslgame\binaries\win64\tslgame.exe] => (Allow) D:\games\steamlibrary\steamapps\common\pubg\tslgame\binaries\win64\tslgame.exe (PUBG CORPORATION -> Bluehole GinnoGames, Inc.) FirewallRules: [{7E4E303A-1A08-46D0-8E3B-E4CC50C5588A}] => (Allow) F:\SteamLibrary\steamapps\common\Quake 3 Arena\quake3.exe () [Brak podpisu cyfrowego] FirewallRules: [{612135A8-164E-45C4-A1BA-40F42F738129}] => (Allow) F:\SteamLibrary\steamapps\common\Quake 3 Arena\quake3.exe () [Brak podpisu cyfrowego] FirewallRules: [{70630D04-2119-4AAF-AE50-03B3AD2D92CD}] => (Allow) F:\SteamLibrary\steamapps\common\Counter-Strike Global Offensive\csgo.exe (Valve -> ) FirewallRules: [{ED6FA2E3-7C30-422F-BBB4-18B0CBE8DD47}] => (Allow) F:\SteamLibrary\steamapps\common\Counter-Strike Global Offensive\csgo.exe (Valve -> ) FirewallRules: [TCP Query User{89DDD111-86B2-4FB4-A3A9-E80C80D1546D}C:\users\aroma\appdata\local\programs\opera\77.0.4054.203\opera.exe] => (Allow) C:\users\aroma\appdata\local\programs\opera\77.0.4054.203\opera.exe => Brak pliku FirewallRules: [UDP Query User{B1284A36-3829-4AD9-AEA4-2824EB4DFF50}C:\users\aroma\appdata\local\programs\opera\77.0.4054.203\opera.exe] => (Allow) C:\users\aroma\appdata\local\programs\opera\77.0.4054.203\opera.exe => Brak pliku FirewallRules: [TCP Query User{32ED8BD7-428B-4151-B927-BC95B79CB7F9}D:\games\riot games\riot client\riotclientservices.exe] => (Allow) D:\games\riot games\riot client\riotclientservices.exe (Riot Games, Inc. -> Riot Games, Inc.) FirewallRules: [UDP Query User{FEBA7B8B-601B-49B5-9654-C0E737224387}D:\games\riot games\riot client\riotclientservices.exe] => (Allow) D:\games\riot games\riot client\riotclientservices.exe (Riot Games, Inc. -> Riot Games, Inc.) FirewallRules: [{BA6A849C-0729-4EFE-8899-956AA4E5D65A}] => (Allow) LPort=26822 FirewallRules: [{B112C923-0F54-4DB2-A14C-2893E55085CE}] => (Allow) F:\SteamLibrary\steamapps\common\Business Tour\BusinessTour.exe () [Brak podpisu cyfrowego] FirewallRules: [{A7B7AE07-14DD-4F54-9149-9338C7BE8794}] => (Allow) F:\SteamLibrary\steamapps\common\Business Tour\BusinessTour.exe () [Brak podpisu cyfrowego] FirewallRules: [{8A45EE58-38BE-4328-BBB3-32727F8A496D}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.165.643.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd) FirewallRules: [{9CAEA5B7-30DA-4EB9-AA30-01959D2AE6C3}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.165.643.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd) FirewallRules: [{A366CA9F-051E-463F-945F-480F4B8801E3}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.165.643.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd) FirewallRules: [{6249A4A0-0277-4B68-9425-65AE46B4F289}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.165.643.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd) FirewallRules: [{4A35895F-EEA1-4D3E-A918-103C9FC3DD67}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.165.643.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd) FirewallRules: [{DAC581E0-BC58-422C-8572-39D43A525E34}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.165.643.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd) FirewallRules: [{A7A6F6FF-7ED8-44B2-A9AB-F001EB5F21AD}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.165.643.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd) FirewallRules: [{483AD125-A163-4291-A534-BE6BA53C4B88}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.165.643.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd) FirewallRules: [{B21200B5-88D9-4ED7-BBDE-1E5AF85B9048}] => (Allow) D:\GAMES\SteamLibrary\steamapps\common\Torque Drift\TorqueDrift.exe () [Brak podpisu cyfrowego] FirewallRules: [{0C02DE1E-7BEE-440A-AF39-FB14F4568B42}] => (Allow) D:\GAMES\SteamLibrary\steamapps\common\Torque Drift\TorqueDrift.exe () [Brak podpisu cyfrowego] FirewallRules: [{3633AB8E-CF01-4AD6-9E82-AB94790378CC}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC) FirewallRules: [{649D980F-D679-4339-BC5E-4AFF80A8528D}] => (Allow) D:\GAMES\Origin\FIFA 21\FIFASetup\fifaconfig.exe (Electronic Arts, Inc. -> Electronic Arts) FirewallRules: [{8D9FE764-8054-4013-88B2-4CD9BFD9FA63}] => (Allow) D:\GAMES\Origin\FIFA 21\FIFASetup\fifaconfig.exe (Electronic Arts, Inc. -> Electronic Arts) FirewallRules: [TCP Query User{0C6BAB79-D2C0-4C21-B008-AB660E565307}C:\program files\lghub\lghub_agent.exe] => (Allow) C:\program files\lghub\lghub_agent.exe (Logitech Inc -> Logitech, Inc.) FirewallRules: [UDP Query User{D2B2A457-5332-47BB-90D9-7384AA55E4F8}C:\program files\lghub\lghub_agent.exe] => (Allow) C:\program files\lghub\lghub_agent.exe (Logitech Inc -> Logitech, Inc.) FirewallRules: [TCP Query User{7E291A36-0935-40BA-89E5-5B05448BDC35}D:\program files\tc up\totalcmd64.exe] => (Allow) D:\program files\tc up\totalcmd64.exe (Ghisler Software GmbH -> Ghisler Software GmbH) FirewallRules: [UDP Query User{83F739B9-3995-455E-B56D-A19042DAB025}D:\program files\tc up\totalcmd64.exe] => (Allow) D:\program files\tc up\totalcmd64.exe (Ghisler Software GmbH -> Ghisler Software GmbH) FirewallRules: [TCP Query User{881B6D40-13E4-4307-9B0F-FEA2BCA6C96D}C:\users\aroma\appdata\local\programs\opera\77.0.4054.277\opera.exe] => (Allow) C:\users\aroma\appdata\local\programs\opera\77.0.4054.277\opera.exe (Opera Software AS -> Opera Software) FirewallRules: [UDP Query User{59655097-A624-405B-B6AC-2F9789EF2ADC}C:\users\aroma\appdata\local\programs\opera\77.0.4054.277\opera.exe] => (Allow) C:\users\aroma\appdata\local\programs\opera\77.0.4054.277\opera.exe (Opera Software AS -> Opera Software) FirewallRules: [TCP Query User{491EED9B-E459-4FD5-BA06-7993EFD1EA99}D:\games\origin\fifa 21\fifa21.exe] => (Allow) D:\games\origin\fifa 21\fifa21.exe (Electronic Arts, Inc. -> Electronic Arts) FirewallRules: [UDP Query User{BD588556-0F3A-40A6-82E3-0E578B9A55AA}D:\games\origin\fifa 21\fifa21.exe] => (Allow) D:\games\origin\fifa 21\fifa21.exe (Electronic Arts, Inc. -> Electronic Arts) FirewallRules: [TCP Query User{67C4A79D-2DCC-4461-A03F-82266206FC9E}C:\users\aroma\appdata\local\programs\opera\78.0.4093.147\opera.exe] => (Allow) C:\users\aroma\appdata\local\programs\opera\78.0.4093.147\opera.exe (Opera Software AS -> Opera Software) FirewallRules: [UDP Query User{B841E6EF-71D6-4A28-9FA1-38BAF876E188}C:\users\aroma\appdata\local\programs\opera\78.0.4093.147\opera.exe] => (Allow) C:\users\aroma\appdata\local\programs\opera\78.0.4093.147\opera.exe (Opera Software AS -> Opera Software) FirewallRules: [TCP Query User{966B412D-9D13-46E4-AAD4-50616DE8F69A}D:\games\steamlibrary\steamapps\common\red dead redemption 2\rdr2.exe] => (Allow) D:\games\steamlibrary\steamapps\common\red dead redemption 2\rdr2.exe (Rockstar Games) [Brak podpisu cyfrowego] FirewallRules: [UDP Query User{3F51CE06-B182-4148-9E12-562B47418293}D:\games\steamlibrary\steamapps\common\red dead redemption 2\rdr2.exe] => (Allow) D:\games\steamlibrary\steamapps\common\red dead redemption 2\rdr2.exe (Rockstar Games) [Brak podpisu cyfrowego] FirewallRules: [{11D8AB38-7EC2-4D01-B97E-412F74E1950A}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.75.140.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.) FirewallRules: [{4A1AC53B-40C6-4ADB-9A94-B861441A53E9}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.75.140.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.) FirewallRules: [{0C48604F-8DBB-46DC-AA04-30EA4E5E1D89}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.75.140.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.) FirewallRules: [{8E25EFAA-CF97-4F87-B80D-F0D12B411D80}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.75.140.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.) FirewallRules: [TCP Query User{EEE4FE51-FD39-4D6C-BE6A-1CE22F11D279}D:\games\gog.com\cyberpunk 2077\cyberpunk 2077\bin\x64\cyberpunk2077.exe] => (Allow) D:\games\gog.com\cyberpunk 2077\cyberpunk 2077\bin\x64\cyberpunk2077.exe (CD PROJEKT SPÓŁKA AKCYJNA -> CD PROJEKT S.A.) FirewallRules: [UDP Query User{744C7547-54BD-43DB-A8DD-B75B22D3024A}D:\games\gog.com\cyberpunk 2077\cyberpunk 2077\bin\x64\cyberpunk2077.exe] => (Allow) D:\games\gog.com\cyberpunk 2077\cyberpunk 2077\bin\x64\cyberpunk2077.exe (CD PROJEKT SPÓŁKA AKCYJNA -> CD PROJEKT S.A.) FirewallRules: [TCP Query User{9B6DC645-302C-419C-B969-B48E4F7270CD}C:\program files\performancetest\performancetest64.exe] => (Allow) C:\program files\performancetest\performancetest64.exe (PassMark Software Pty Ltd -> PassMark Software) FirewallRules: [UDP Query User{7A3CB80E-59AA-4B12-9260-DF4E74466BBA}C:\program files\performancetest\performancetest64.exe] => (Allow) C:\program files\performancetest\performancetest64.exe (PassMark Software Pty Ltd -> PassMark Software) FirewallRules: [TCP Query User{C4BCEECC-3F7E-4FF6-9144-82EF3661AF6E}D:\games\steamlibrary\steamapps\common\pubg\tslgame\binaries\win64\tslgame.exe] => (Allow) D:\games\steamlibrary\steamapps\common\pubg\tslgame\binaries\win64\tslgame.exe (PUBG CORPORATION -> Bluehole GinnoGames, Inc.) FirewallRules: [UDP Query User{9883645E-54A7-4715-867A-87E179947CE7}D:\games\steamlibrary\steamapps\common\pubg\tslgame\binaries\win64\tslgame.exe] => (Allow) D:\games\steamlibrary\steamapps\common\pubg\tslgame\binaries\win64\tslgame.exe (PUBG CORPORATION -> Bluehole GinnoGames, Inc.) FirewallRules: [{B136D6B3-5865-404A-B201-371728E50029}] => (Allow) LPort=32682 ==================== Punkty Przywracania systemu ========================= 14-08-2021 12:52:40 Removed Creative System Information 15-08-2021 13:30:26 dzis ==================== Wadliwe urządzenia w Menedżerze urządzeń ============ Name: Nahimic mirroring device Description: Nahimic mirroring device Class Guid: {4d36e96c-e325-11ce-bfc1-08002be10318} Manufacturer: Nahimic Service: Nahimic_Mirroring Problem: : Windows cannot load the device driver for this hardware. The driver may be corrupted or missing. (Code 39) Resolution: Reasons for this error include a driver that is not present; a binary file that is corrupt; a file I/O problem, or a driver that references an entry point in another binary file that could not be loaded. Uninstall the driver, and then click "Scan for hardware changes" to reinstall or upgrade the driver. ==================== Błędy w Dzienniku zdarzeń: ======================== Dziennik Aplikacja: ================== Error: (08/15/2021 02:12:48 PM) (Source: ESENT) (EventID: 455) (User: ) Description: svchost (5140,R,98) SRUJet: Wystąpił błąd -1811 (0xfffff8ed) podczas otwierania pliku dziennika C:\WINDOWS\system32\SRU\SRU0055F.log. Error: (08/15/2021 01:43:07 PM) (Source: VSS) (EventID: 8193) (User: ) Description: Błąd Usługi kopiowania woluminów w tle: nieoczekiwany błąd podczas wywoływania procedury CoCreateInstance. hr = 0x8007045b, Trwa proces zamykania systemu. . Error: (08/15/2021 01:43:07 PM) (Source: VSS) (EventID: 13) (User: ) Description: Informacje Usługi kopiowania woluminów w tle: nie można uruchomić serwera usługi COM z identyfikatorem CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} i nazwą CEventSystem. [0x8007045b, Trwa proces zamykania systemu. ] Error: (08/15/2021 01:50:47 AM) (Source: Microsoft-Windows-Spell-Checking) (EventID: 29) (User: MACHINE-AROMATE) Description: Nie można śledzić zmian opcji sprawdzania pisowni: -2147023878. Funkcja sprawdzania pisowni pozostanie dostępna, ale nie będzie działać raportowanie zmian. Error: (08/14/2021 11:06:49 PM) (Source: SecurityCenter) (EventID: 16) (User: ) Description: Błąd podczas aktualizowania stanu na wartość SECURITY_PRODUCT_STATE_SNOOZED. Error: (08/14/2021 03:10:19 PM) (Source: VSS) (EventID: 13) (User: ) Description: Informacje Usługi kopiowania woluminów w tle: nie można uruchomić serwera usługi COM z identyfikatorem CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} i nazwą CEventSystem. [0x8007045b, Trwa proces zamykania systemu. ] Error: (08/14/2021 01:21:50 PM) (Source: VSS) (EventID: 8193) (User: ) Description: Błąd Usługi kopiowania woluminów w tle: nieoczekiwany błąd podczas wywoływania procedury CoCreateInstance. hr = 0x8007045b, Trwa proces zamykania systemu. . Error: (08/14/2021 01:21:50 PM) (Source: VSS) (EventID: 13) (User: ) Description: Informacje Usługi kopiowania woluminów w tle: nie można uruchomić serwera usługi COM z identyfikatorem CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} i nazwą CEventSystem. [0x8007045b, Trwa proces zamykania systemu. ] Dziennik System: ============= Error: (08/15/2021 02:13:18 PM) (Source: Service Control Manager) (EventID: 7001) (User: ) Description: Usługa RasMan zależy od usługi SstpSvc, której nie można uruchomić z powodu następującego błędu: Operacja ukończona pomyślnie. Error: (08/15/2021 02:12:48 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Nie można uruchomić usługi CTAudSvcService z powodu następującego błędu: Nie można odnaleźć określonego pliku. Error: (08/15/2021 02:12:37 PM) (Source: Microsoft-Windows-EnhancedStorage-EhStorTcgDrv) (EventID: 10) (User: ZARZĄDZANIE NT) Description: A TCG Command has returned an error. Desc: AuthenticateSession Param1: 0x1 Param2: 0x60000001c Param3: 0x900000006 Param4: 0x0 Status: 0x1 Error: (08/15/2021 02:12:46 PM) (Source: EventLog) (EventID: 6008) (User: ) Description: Poprzednie zamknięcie systemu przy 13:30:32 na ‎15.‎08.‎2021 było nieoczekiwane. Error: (08/15/2021 02:03:56 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Nie można uruchomić usługi ashbackup z powodu następującego błędu: Usługa nie została uruchomiona z powodu nieudanego logowania. Error: (08/15/2021 02:03:56 PM) (Source: Service Control Manager) (EventID: 7038) (User: ) Description: Usługa ashbackup nie może zalogować się jako .\_ashbackup_ za pomocą obecnie skonfigurowanego hasła z powodu następującego błędu: Nazwa użytkownika lub hasło są niepoprawne. Aby upewnić się, że usługa jest skonfigurowana prawidłowo, użyj przystawki Usługi w programie Microsoft Management Console (MMC). Error: (08/15/2021 02:03:55 PM) (Source: Microsoft-Windows-DNS-Client) (EventID: 1012) (User: ZARZĄDZANIE NT) Description: Wystąpił błąd podczas próby odczytu lokalnego pliku hosts. Error: (08/15/2021 02:03:55 PM) (Source: Microsoft-Windows-DNS-Client) (EventID: 1012) (User: ZARZĄDZANIE NT) Description: Wystąpił błąd podczas próby odczytu lokalnego pliku hosts. Windows Defender: ================ Date: 2021-08-14 03:00:28 Description: Skanowanie produktu Program antywirusowy Microsoft Defender zostało zatrzymane przed ukończeniem. Identyfikator skanowania: {9E0BCD44-99A5-4EC5-9448-1CB6EADDDB76} Typ skanowania: Narzędzia chroniące przed złośliwym oprogramowaniem Parametry skanowania: Pełne skanowanie Użytkownik: DESKTOP-6AVCLPJ\aroma  CodeIntegrity: =============== Date: 2021-08-09 03:46:06 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume1\Program Files\ESET\ESET Security\eamsi.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. ==================== Statystyki pamięci =========================== BIOS: American Megatrends International, LLC. 1.E1 03/03/2021 Płyta główna: Micro-Star International Co., Ltd. MPG X570 GAMING EDGE WIFI (MS-7C37) Procesor: AMD Ryzen 5 3600 6-Core Processor Procent pamięci w użyciu: 52% Całkowita pamięć fizyczna: 16305.83 MB Dostępna pamięć fizyczna: 7719.37 MB Całkowita pamięć wirtualna: 19249.83 MB Dostępna pamięć wirtualna: 7555.73 MB ==================== Dyski ================================ Drive c: (Windows 10 Pro) (Fixed) (Total:232.37 GB) (Free:178.32 GB) NTFS Drive d: (SanDisk 1TB) (Fixed) (Total:931.51 GB) (Free:184.06 GB) NTFS ==>[system z komponentami startowymi (pozyskano odczytując dysk)] Drive e: (WD Blue 1TB) (Fixed) (Total:931.51 GB) (Free:649.94 GB) NTFS Drive f: (Crucial 110 GB) (Fixed) (Total:111.79 GB) (Free:46.81 GB) NTFS \\?\Volume{86b5dac2-0000-0000-0000-90173a000000}\ () (Fixed) (Total:0.52 GB) (Free:0.08 GB) NTFS ==================== MBR & Tablica partycji ==================== ========================================================== Disk: 0 (MBR Code: Windows 7/8/10) (Size: 931.5 GB) (Disk ID: 4E1D51D7) Partition 1: (Active) - (Size=931.5 GB) - (Type=07 NTFS) ========================================================== Disk: 1 (Size: 232.9 GB) (Disk ID: 86B5DAC2) Partition 1: (Not Active) - (Size=232.4 GB) - (Type=07 NTFS) Partition 2: (Not Active) - (Size=528 MB) - (Type=27) ========================================================== Disk: 2 (MBR Code: Windows 7/8/10) (Size: 931.5 GB) (Disk ID: 076A5ED4) Partition 1: (Active) - (Size=931.5 GB) - (Type=07 NTFS) ========================================================== Disk: 3 (MBR Code: Windows 7/8/10) (Size: 111.8 GB) (Disk ID: 40B417C8) Partition 1: (Not Active) - (Size=111.8 GB) - (Type=07 NTFS) ==================== Koniec Addition.txt =======================