Rezultaty skanu uzupełniającego Farbar Recovery Scan Tool (x64) Wersja: 23-10-2022 Uruchomiony przez Marcin (26-10-2022 10:39:34) Uruchomiony z C:\Users\Marcin\Desktop\Programy Microsoft Windows 10 Pro Wersja 21H2 19044.2130 (X64) (2022-06-29 02:52:31) Tryb startu: Normal ========================================================== ==================== Konta użytkowników: ============================= (Załączenie wejścia w fixlist spowoduje jego usunięcie.) Administrator (S-1-5-21-3584624621-2433745816-4293875090-500 - Administrator - Disabled) DefaultAccount (S-1-5-21-3584624621-2433745816-4293875090-503 - Limited - Disabled) Guest (S-1-5-21-3584624621-2433745816-4293875090-501 - Limited - Disabled) Marcin (S-1-5-21-3584624621-2433745816-4293875090-1002 - Administrator - Enabled) => C:\Users\Marcin WDAGUtilityAccount (S-1-5-21-3584624621-2433745816-4293875090-504 - Limited - Disabled) ==================== Centrum zabezpieczeń ======================== (Załączenie wejścia w fixlist spowoduje jego usunięcie.) AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} ==================== Zainstalowane programy ====================== (W fixlist dozwolone tylko załączanie programów adware z flagą "Hidden" w celu ich uwidocznienia. Programy adware powinny zostać w poprawny sposób odinstalowane.) 7-Zip 22.00 (x64) (HKLM\...\7-Zip) (Version: 22.00 - Igor Pavlov) Adobe Acrobat XI Pro (HKLM-x32\...\{AC76BA86-1033-FFFF-7760-000000000006}) (Version: 11.0.20 - Adobe Systems) Adobe Genuine Service (HKLM-x32\...\AdobeGenuineService) (Version: 8.0.0.11 - Adobe Inc.) Brave (HKLM-x32\...\BraveSoftware Brave-Browser) (Version: 107.1.45.113 - Brave Software Inc) Call of Duty 4 Modern Warfare wersja 1.7 (HKLM-x32\...\{FC6A85BF-52A3-4186-8BFC-1D9F1F2757A0}_is1) (Version: 1.7 - Activision) Eraser 6.2.0.2993 (HKLM\...\{82602EDA-27BE-4358-AB3A-BD09EA51A1E6}) (Version: 6.2.2993 - The Eraser Project) Factorio (HKLM-x32\...\1238653230_is1) (Version: 1.1.61 - GOG.com) Google Chrome (HKLM-x32\...\Google Chrome) (Version: 106.0.5249.119 - Google LLC) HP Deskjet 3050A J611 series Basic Device Software (HKLM\...\{DABA5133-071D-4D46-A696-806E6005BE20}) (Version: 28.1.1307.0 - Hewlett-Packard Co.) Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 20.19.15.4531 - Intel Corporation) Microsoft .NET 6.0 Templates 6.0.301 (x64) (HKLM\...\{F2DADB12-6DEF-4CE5-B152-35B9567F40A2}) (Version: 24.5.32792 - Microsoft Corporation) Hidden Microsoft .NET AppHost Pack - 6.0.6 (x64) (HKLM\...\{723332DF-FBC6-4912-A93C-6F9815798E29}) (Version: 48.27.42327 - Microsoft Corporation) Hidden Microsoft .NET AppHost Pack - 6.0.6 (x64_arm) (HKLM\...\{1A8223D5-6B69-4AB2-8082-59F7A48BAA3D}) (Version: 48.27.42327 - Microsoft Corporation) Hidden Microsoft .NET AppHost Pack - 6.0.6 (x64_arm64) (HKLM\...\{7CFC58A6-2C50-4DB7-9A9D-7E33E1D8CFE0}) (Version: 48.27.42327 - Microsoft Corporation) Hidden Microsoft .NET AppHost Pack - 6.0.6 (x64_x86) (HKLM\...\{E49DA4E3-198A-47F7-BC15-CFC05F40879D}) (Version: 48.27.42327 - Microsoft Corporation) Hidden Microsoft .NET Host - 6.0.6 (x64) (HKLM\...\{F48FB46C-3334-47AA-98ED-D5A47DED33F1}) (Version: 48.27.42327 - Microsoft Corporation) Hidden Microsoft .NET Host FX Resolver - 6.0.6 (x64) (HKLM\...\{089493D9-430B-4210-8A47-8F611288F461}) (Version: 48.27.42327 - Microsoft Corporation) Hidden Microsoft .NET Runtime - 6.0.6 (x64) (HKLM\...\{00478901-CD97-4A20-8FF3-3276865A2B44}) (Version: 48.27.42327 - Microsoft Corporation) Hidden Microsoft .NET SDK 6.0.301 (x64) (HKLM-x32\...\{466ee7aa-cb20-4072-baea-f88947334d78}) (Version: 6.3.122.27704 - Microsoft Corporation) Microsoft .NET Standard Targeting Pack - 2.1.0 (x64) (HKLM\...\{A7036CFB-B403-4598-85FF-D397ABB88173}) (Version: 24.0.28113 - Microsoft Corporation) Hidden Microsoft .NET Targeting Pack - 6.0.6 (x64) (HKLM\...\{AFF8B960-E63B-4609-AE1D-206B6BE45F70}) (Version: 48.27.42327 - Microsoft Corporation) Hidden Microsoft .NET Toolset 6.0.301 (x64) (HKLM\...\{550A4B5A-1101-412B-963C-450F457B461D}) (Version: 24.5.16408 - Microsoft Corporation) Hidden Microsoft ASP.NET Core 6.0.6 Shared Framework (x64) (HKLM\...\{83501F7C-3E4B-3AF3-9AA6-0A9F5EB13A1F}) (Version: 6.0.6.22268 - Microsoft Corporation) Hidden Microsoft ASP.NET Core 6.0.6 Targeting Pack (x64) (HKLM\...\{21DC5DB1-ECFD-340F-B778-1C7D910F83E4}) (Version: 6.0.6.22268 - Microsoft Corporation) Hidden Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 106.0.1370.52 - Microsoft Corporation) Microsoft Edge WebView2 Runtime (HKLM-x32\...\Microsoft EdgeWebView) (Version: 106.0.1370.52 - Microsoft Corporation) Microsoft Office Professional Plus 2021 - en-us (HKLM\...\ProPlus2021Retail - en-us) (Version: 16.0.15629.20208 - Microsoft Corporation) Microsoft OneDrive (HKLM\...\OneDriveSetup.exe) (Version: 22.207.1002.0003 - Microsoft Corporation) Microsoft Update Health Tools (HKLM\...\{7B1FCD52-8F6B-4F12-A143-361EA39F5E7C}) (Version: 3.67.0.0 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.61030 (HKLM\...\{37B8F9C7-03FB-3253-8781-2517C99D7C00}) (Version: 11.0.61030 - Microsoft Corporation) Hidden Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.61030 (HKLM\...\{CF2BEA3C-26EA-32F8-AA9B-331F7E34BA97}) (Version: 11.0.61030 - Microsoft Corporation) Hidden Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61030 (HKLM-x32\...\{B175520C-86A2-35A7-8619-86DC379688B9}) (Version: 11.0.61030 - Microsoft Corporation) Hidden Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61030 (HKLM-x32\...\{BD95A8CD-1D9F-35AD-981A-3E7925026EBB}) (Version: 11.0.61030 - Microsoft Corporation) Hidden Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual C++ 2013 x64 Additional Runtime - 12.0.21005 (HKLM\...\{929FBD26-9020-399B-9A7A-751D61F0B942}) (Version: 12.0.21005 - Microsoft Corporation) Hidden Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.21005 (HKLM\...\{A749D8E6-B613-3BE3-8F5F-045C84EBA29B}) (Version: 12.0.21005 - Microsoft Corporation) Hidden Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.21005 (HKLM-x32\...\{F8CFEB22-A2E7-3971-9EDA-4B11EDEFC185}) (Version: 12.0.21005 - Microsoft Corporation) Hidden Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.21005 (HKLM-x32\...\{13A4EE12-23EA-3371-91EE-EFB36DDFFF3E}) (Version: 12.0.21005 - Microsoft Corporation) Hidden Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24210 (HKLM-x32\...\{f144e08f-9cbe-4f09-9a8c-f2b858b7ee7f}) (Version: 14.0.24210.0 - Microsoft Corporation) Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24210 (HKLM-x32\...\{23658c02-145e-483d-ba6b-1eb82c580529}) (Version: 14.0.24210.0 - Microsoft Corporation) Microsoft Visual C++ 2015 x64 Additional Runtime - 14.0.24210 (HKLM\...\{95265B86-188E-3F62-9CDB-60FCE59EC721}) (Version: 14.0.24210 - Microsoft Corporation) Hidden Microsoft Visual C++ 2015 x64 Minimum Runtime - 14.0.24210 (HKLM\...\{C0B2C673-ECAA-372D-94E5-E89440D087AD}) (Version: 14.0.24210 - Microsoft Corporation) Hidden Microsoft Visual C++ 2015 x86 Additional Runtime - 14.0.24210 (HKLM-x32\...\{D8C8656B-0BD8-39C3-B741-F889B7C144E5}) (Version: 14.0.24210 - Microsoft Corporation) Hidden Microsoft Visual C++ 2015 x86 Minimum Runtime - 14.0.24210 (HKLM-x32\...\{8FD71E98-EE44-3844-9DAD-9CB0BBBC603C}) (Version: 14.0.24210 - Microsoft Corporation) Hidden Microsoft Windows Desktop Runtime - 6.0.6 (x64) (HKLM\...\{B9E46F95-AC34-4943-AFE2-B72EFD56C6C0}) (Version: 48.27.42342 - Microsoft Corporation) Hidden Microsoft Windows Desktop Targeting Pack - 6.0.6 (x64) (HKLM\...\{259FACFD-87E7-40DB-BED3-EE725E623CAF}) (Version: 48.27.42342 - Microsoft Corporation) Hidden Microsoft.NET.Sdk.Android.Manifest-6.0.300 (HKLM\...\{052CDF8C-E534-462F-8D12-CCB3EA4FC3B3}) (Version: 128.75.4 - Microsoft Corporation) Hidden Microsoft.NET.Sdk.iOS.Manifest-6.0.300 (HKLM\...\{D6421A31-9594-4FE3-86C6-3F9E0D3FCE3C}) (Version: 60.89.125 - Microsoft Corporation) Hidden Microsoft.NET.Sdk.MacCatalyst.Manifest-6.0.300 (HKLM\...\{459CC7DE-B28A-445C-920D-794B37FF7D55}) (Version: 60.89.125 - Microsoft Corporation) Hidden Microsoft.NET.Sdk.macOS.Manifest-6.0.300 (HKLM\...\{2AB77B83-C379-404E-9652-4AB1B4980227}) (Version: 48.57.125 - Microsoft Corporation) Hidden Microsoft.NET.Sdk.Maui.Manifest-6.0.300 (HKLM\...\{A560FBB0-69A7-4797-8B25-869C30F7EDBB}) (Version: 24.75.5355 - Microsoft Corporation) Hidden Microsoft.NET.Sdk.tvOS.Manifest-6.0.300 (HKLM\...\{DAE08CB9-F109-4101-8C24-C648E1E7AD45}) (Version: 60.89.125 - Microsoft Corporation) Hidden Microsoft.NET.Workload.Emscripten.Manifest (HKLM\...\{7CBF3451-2A94-4DFD-8355-6B97C5EABB26}) (Version: 48.27.39026 - Microsoft Corporation) Hidden Microsoft.NET.Workload.Mono.Toolchain.Manifest (HKLM\...\{A626E240-C89F-45CD-BFD7-B263C3D33CAD}) (Version: 48.3.39076 - Microsoft Corporation) Hidden Office 16 Click-to-Run Extensibility Component (HKLM\...\{90160000-008C-0000-1000-0000000FF1CE}) (Version: 16.0.15629.20118 - Microsoft Corporation) Hidden Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-007E-0000-1000-0000000FF1CE}) (Version: 16.0.15629.20156 - Microsoft Corporation) Hidden PowerISO (HKLM-x32\...\PowerISO) (Version: 8.2 - Power Software Ltd) qBittorrent 4.4.3.1 (HKLM-x32\...\qBittorrent) (Version: 4.4.3.1 - The qBittorrent project) VLC media player (HKLM\...\VLC media player) (Version: 3.0.17.4 - VideoLAN) Windows PC Health Check (HKLM\...\{6798C408-2636-448C-8AC6-F4E341102D27}) (Version: 3.6.2204.08001 - Microsoft Corporation) Packages: ========= Disney+ -> C:\Program Files\WindowsApps\Disney.37853FC22B2CE_1.40.5.0_x64__6rarf9sa4v8jt [2022-10-22] (Disney) Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.14.9130.0_x64__8wekyb3d8bbwe [2022-09-17] (Microsoft Studios) [MS Ad] Spotify Music -> C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.196.785.0_x86__zpdnekdrzrea0 [2022-10-15] (Spotify AB) [Startup Task] ==================== Niestandardowe rejestracje CLSID (filtrowane): ============== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) CustomCLSID: HKU\S-1-5-21-3584624621-2433745816-4293875090-1002_Classes\CLSID\{04271989-C4D2-848D-851D-D4CFE8C25F8A} -> [OneDrive] => {a52bba46-e9e1-435f-b3d9-28daa648c0f6} ShellIconOverlayIdentifiers: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Program Files\Microsoft OneDrive\22.207.1002.0003\FileSyncShell64.dll [2022-10-25] (Microsoft Corporation -> Microsoft Corporation) ShellIconOverlayIdentifiers: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => C:\Program Files\Microsoft OneDrive\22.207.1002.0003\FileSyncShell64.dll [2022-10-25] (Microsoft Corporation -> Microsoft Corporation) ShellIconOverlayIdentifiers: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => C:\Program Files\Microsoft OneDrive\22.207.1002.0003\FileSyncShell64.dll [2022-10-25] (Microsoft Corporation -> Microsoft Corporation) ShellIconOverlayIdentifiers: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Program Files\Microsoft OneDrive\22.207.1002.0003\FileSyncShell64.dll [2022-10-25] (Microsoft Corporation -> Microsoft Corporation) ShellIconOverlayIdentifiers: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Program Files\Microsoft OneDrive\22.207.1002.0003\FileSyncShell64.dll [2022-10-25] (Microsoft Corporation -> Microsoft Corporation) ShellIconOverlayIdentifiers: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => C:\Program Files\Microsoft OneDrive\22.207.1002.0003\FileSyncShell64.dll [2022-10-25] (Microsoft Corporation -> Microsoft Corporation) ShellIconOverlayIdentifiers: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => C:\Program Files\Microsoft OneDrive\22.207.1002.0003\FileSyncShell64.dll [2022-10-25] (Microsoft Corporation -> Microsoft Corporation) ShellIconOverlayIdentifiers-x32: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Program Files\Microsoft OneDrive\22.207.1002.0003\FileSyncShell64.dll [2022-10-25] (Microsoft Corporation -> Microsoft Corporation) ShellIconOverlayIdentifiers-x32: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => C:\Program Files\Microsoft OneDrive\22.207.1002.0003\FileSyncShell64.dll [2022-10-25] (Microsoft Corporation -> Microsoft Corporation) ShellIconOverlayIdentifiers-x32: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => C:\Program Files\Microsoft OneDrive\22.207.1002.0003\FileSyncShell64.dll [2022-10-25] (Microsoft Corporation -> Microsoft Corporation) ShellIconOverlayIdentifiers-x32: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Program Files\Microsoft OneDrive\22.207.1002.0003\FileSyncShell64.dll [2022-10-25] (Microsoft Corporation -> Microsoft Corporation) ShellIconOverlayIdentifiers-x32: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Program Files\Microsoft OneDrive\22.207.1002.0003\FileSyncShell64.dll [2022-10-25] (Microsoft Corporation -> Microsoft Corporation) ShellIconOverlayIdentifiers-x32: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => C:\Program Files\Microsoft OneDrive\22.207.1002.0003\FileSyncShell64.dll [2022-10-25] (Microsoft Corporation -> Microsoft Corporation) ShellIconOverlayIdentifiers-x32: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => C:\Program Files\Microsoft OneDrive\22.207.1002.0003\FileSyncShell64.dll [2022-10-25] (Microsoft Corporation -> Microsoft Corporation) ContextMenuHandlers1: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files\Microsoft OneDrive\22.207.1002.0003\FileSyncShell64.dll [2022-10-25] (Microsoft Corporation -> Microsoft Corporation) ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2022-06-15] (Igor Pavlov) [Brak podpisu cyfrowego] ContextMenuHandlers1: [Adobe.Acrobat.ContextMenu] -> {A6595CD1-BF77-430A-A452-18696685F7C7} => C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat Elements\ContextMenuShim64.dll [2012-09-23] (Adobe Systems, Incorporated -> Adobe Systems Inc.) ContextMenuHandlers1: [Eraser] -> {BC9B776A-90D7-4476-A791-79D835F30650} => C:\Program Files\Eraser\Eraser.Shell.dll [2021-09-25] (Heidi Computers Ltd -> The Eraser Project) ContextMenuHandlers1: [PowerISO] -> {967B2D40-8B7D-4127-9049-61EA0C2C6DCE} => C:\Program Files\PowerISO\PWRISOSH.DLL [2022-04-11] (Power Software Limited -> Power Software Ltd) ContextMenuHandlers2: [Eraser] -> {BC9B776A-90D7-4476-A791-79D835F30650} => C:\Program Files\Eraser\Eraser.Shell.dll [2021-09-25] (Heidi Computers Ltd -> The Eraser Project) ContextMenuHandlers4: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files\Microsoft OneDrive\22.207.1002.0003\FileSyncShell64.dll [2022-10-25] (Microsoft Corporation -> Microsoft Corporation) ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2022-06-15] (Igor Pavlov) [Brak podpisu cyfrowego] ContextMenuHandlers4: [Eraser] -> {BC9B776A-90D7-4476-A791-79D835F30650} => C:\Program Files\Eraser\Eraser.Shell.dll [2021-09-25] (Heidi Computers Ltd -> The Eraser Project) ContextMenuHandlers4: [PowerISO] -> {967B2D40-8B7D-4127-9049-61EA0C2C6DCE} => C:\Program Files\PowerISO\PWRISOSH.DLL [2022-04-11] (Power Software Limited -> Power Software Ltd) ContextMenuHandlers5: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files\Microsoft OneDrive\22.207.1002.0003\FileSyncShell64.dll [2022-10-25] (Microsoft Corporation -> Microsoft Corporation) ContextMenuHandlers5: [Eraser] -> {BC9B776A-90D7-4476-A791-79D835F30650} => C:\Program Files\Eraser\Eraser.Shell.dll [2021-09-25] (Heidi Computers Ltd -> The Eraser Project) ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> Brak pliku ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\Windows\system32\igfxDTCM.dll [2016-11-02] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation) ContextMenuHandlers6: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2022-06-15] (Igor Pavlov) [Brak podpisu cyfrowego] ContextMenuHandlers6: [Adobe.Acrobat.ContextMenu] -> {A6595CD1-BF77-430A-A452-18696685F7C7} => C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat Elements\ContextMenuShim64.dll [2012-09-23] (Adobe Systems, Incorporated -> Adobe Systems Inc.) ContextMenuHandlers6: [Eraser] -> {BC9B776A-90D7-4476-A791-79D835F30650} => C:\Program Files\Eraser\Eraser.Shell.dll [2021-09-25] (Heidi Computers Ltd -> The Eraser Project) ContextMenuHandlers6: [PowerISO] -> {967B2D40-8B7D-4127-9049-61EA0C2C6DCE} => C:\Program Files\PowerISO\PWRISOSH.DLL [2022-04-11] (Power Software Limited -> Power Software Ltd) ==================== Codecs (filtrowane) ==================== ==================== Skróty & WMI ======================== ==================== Załadowane moduły (filtrowane) ============= 2012-09-23 20:44 - 2012-09-23 20:44 - 000010240 _____ (Adobe Systems Inc.) [Brak podpisu cyfrowego] C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\locale\pl_pl\Acrobat Elements\ContextMenuShim64.pol 2022-07-04 18:41 - 2022-06-15 15:00 - 000094720 _____ (Igor Pavlov) [Brak podpisu cyfrowego] C:\Program Files\7-Zip\7-zip.dll ==================== Alternate Data Streams (filtrowane) ======== ==================== Tryb awaryjny (filtrowane) ================== ==================== Powiązania plików (filtrowane) ================= ==================== Internet Explorer (filtrowane) ========== BHO: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\x64\AcroIEFavClient.dll [2017-03-28] (Adobe Systems, Incorporated -> Adobe Systems Incorporated) BHO: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\x64\AcroIEFavClient.dll [2017-03-28] (Adobe Systems, Incorporated -> Adobe Systems Incorporated) BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2022-08-09] (Microsoft Corporation -> Microsoft Corporation) BHO-x32: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll [2017-03-28] (Adobe Systems, Incorporated -> Adobe Systems Incorporated) BHO-x32: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll [2017-03-28] (Adobe Systems, Incorporated -> Adobe Systems Incorporated) Toolbar: HKLM - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\x64\AcroIEFavClient.dll [2017-03-28] (Adobe Systems, Incorporated -> Adobe Systems Incorporated) Toolbar: HKLM-x32 - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll [2017-03-28] (Adobe Systems, Incorporated -> Adobe Systems Incorporated) Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2022-09-29] (Microsoft Corporation -> Microsoft Corporation) Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2022-09-29] (Microsoft Corporation -> Microsoft Corporation) Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2022-09-29] (Microsoft Corporation -> Microsoft Corporation) Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2022-09-29] (Microsoft Corporation -> Microsoft Corporation) Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2022-09-29] (Microsoft Corporation -> Microsoft Corporation) Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2022-09-29] (Microsoft Corporation -> Microsoft Corporation) Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2022-09-29] (Microsoft Corporation -> Microsoft Corporation) Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2022-09-29] (Microsoft Corporation -> Microsoft Corporation) ==================== Hosts - zawartość: ========================= (Użycie dyrektywy Hosts: w fixlist spowoduje reset pliku Hosts.) 2019-12-07 11:14 - 2019-12-07 11:12 - 000000824 _____ C:\Windows\system32\drivers\etc\hosts ==================== Inne obszary =========================== (Obecnie brak automatycznej naprawy dla tej sekcji.) HKU\S-1-5-21-3584624621-2433745816-4293875090-1002\Control Panel\Desktop\\Wallpaper -> C:\Windows\web\wallpaper\Windows\img0.jpg DNS Servers: 91.90.56.2 - 91.90.56.12 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1) HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: ) Zapora systemu Windows [funkcja wyłączona] ==================== MSCONFIG/TASK MANAGER - Wyłączone elementy == (Załączenie wejścia w fixlist spowoduje jego usunięcie.) HKLM\...\StartupApproved\Run: => "AdobeGCInvoker-1.0" HKLM\...\StartupApproved\Run: => "AdobeAAMUpdater-1.0" HKLM\...\StartupApproved\Run32: => "Adobe ARM" HKLM\...\StartupApproved\Run32: => "PWRISOVM.EXE" HKLM\...\StartupApproved\Run32: => "TeamsMachineInstaller" ==================== Reguły Zapory systemu Windows (filtrowane) ================ (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) FirewallRules: [{4BAE721D-C455-4751-9ED5-B3BFE1370DB1}] => (Allow) C:\Program Files\HP\HP Deskjet 3050A J611 series\Bin\DeviceSetup.exe (HP Inc. -> Hewlett-Packard Co.) FirewallRules: [{A2F691C2-5616-4B09-8665-52DFA8927677}] => (Allow) C:\Program Files\HP\HP Deskjet 3050A J611 series\Bin\HPNetworkCommunicator.exe (HP Inc. -> Hewlett-Packard Co.) FirewallRules: [{CE001826-4282-4F52-81E0-22766B4EE5F0}] => (Allow) C:\Program Files\HP\HP Deskjet 3050A J611 series\Bin\HPNetworkCommunicatorCom.exe (HP Inc. -> Hewlett-Packard Co.) FirewallRules: [{7C22450F-1816-4D8C-967B-B71AED09F05E}] => (Allow) C:\Program Files\qBittorrent\qbittorrent.exe (The qBittorrent Project) [Brak podpisu cyfrowego] FirewallRules: [{EE9B2CA7-CD2A-4090-BD00-4CCF21AD9CAD}] => (Allow) C:\Program Files\qBittorrent\qbittorrent.exe (The qBittorrent Project) [Brak podpisu cyfrowego] FirewallRules: [{BB41CC34-A0B7-489B-9FBD-1DFDAB59E51B}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [{CB588B5A-273D-44AA-8A16-950628949D3D}] => (Allow) C:\Program Files (x86)\BlueStacks X\BlueStacksWeb.exe => Brak pliku FirewallRules: [{C76772D9-9CB9-451E-BE5B-922ADC5DF307}] => (Allow) C:\Program Files (x86)\BlueStacks X\Cloud Game.exe => Brak pliku FirewallRules: [{685506C3-C624-4612-AF65-4A63CEB8AC85}] => (Allow) C:\Program Files\BlueStacks_nxt\HD-Player.exe => Brak pliku FirewallRules: [TCP Query User{3147BC78-1545-434E-B6C7-6C78A850AD1B}C:\program files (x86)\call of duty 4 modern warfare\iw3mp.exe] => (Block) C:\program files (x86)\call of duty 4 modern warfare\iw3mp.exe () [Brak podpisu cyfrowego] FirewallRules: [UDP Query User{99F4EBCA-D8BF-48DA-8DE7-CFB5CEB797AE}C:\program files (x86)\call of duty 4 modern warfare\iw3mp.exe] => (Block) C:\program files (x86)\call of duty 4 modern warfare\iw3mp.exe () [Brak podpisu cyfrowego] FirewallRules: [{41F4A304-B9FA-464A-B573-F4B49F2BB952}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC) FirewallRules: [{41A4DEBE-FDAB-447D-AE23-B5FFA86DE009}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.89.3403.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.) FirewallRules: [{90E5F508-9017-4382-BC18-E0726D1BB25B}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.89.3403.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.) FirewallRules: [{E8C6A46B-D66E-407A-869B-A73525E91B0C}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.89.3403.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.) FirewallRules: [{5E7F24C8-4923-4CD1-BAD6-B31B9D63F32E}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.89.3403.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.) FirewallRules: [{CCB4A580-39F0-4FFD-BC0B-B5F431D89B3E}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.196.785.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd) FirewallRules: [{FDCCCC3A-EAC5-4301-9965-2743770D2291}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.196.785.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd) FirewallRules: [{B2A00C66-5A95-4E8A-B723-27BAF939BD28}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.196.785.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd) FirewallRules: [{2EAF9853-84A1-4B1F-B097-A95BBCA329B9}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.196.785.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd) FirewallRules: [{8E9C5022-336B-4363-A160-D9725E72D600}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.196.785.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd) FirewallRules: [{9F0D2652-3727-4B60-A6CE-73E343951FA0}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.196.785.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd) FirewallRules: [{4997B273-20C6-4577-BC55-4D54ED9F06B1}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.196.785.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd) FirewallRules: [{B7E124EF-2D31-45BE-A8A2-A6BCB65A394C}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.196.785.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd) FirewallRules: [{44BB332B-C153-42FB-BF05-341792383F7E}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\106.0.1370.52\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [{DBF1CC44-0E72-414E-8B0E-49B3FF608EC3}] => (Allow) C:\Program Files\BraveSoftware\Brave-Browser\Application\brave.exe (Brave Software, Inc. -> Brave Software, Inc.) ==================== Punkty Przywracania systemu ========================= 19-10-2022 18:39:45 Scheduled Checkpoint 26-10-2022 09:53:57 Removed Teams Machine-Wide Installer ==================== Wadliwe urządzenia w Menedżerze urządzeń ============ Name: Port szeregowy PCI Description: Port szeregowy PCI Class Guid: Manufacturer: Service: Problem: : The drivers for this device are not installed. (Code 28) Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard. Name: Kontroler magistrali zarządzania systemem Description: Kontroler magistrali zarządzania systemem Class Guid: Manufacturer: Service: Problem: : The drivers for this device are not installed. (Code 28) Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard. ==================== Błędy w Dzienniku zdarzeń: ======================== Dziennik Aplikacja: ================== Error: (10/26/2022 10:02:08 AM) (Source: VSS) (EventID: 8193) (User: ) Description: Błąd Usługi kopiowania woluminów w tle: nieoczekiwany błąd podczas wywoływania procedury CoCreateInstance. hr = 0x8007045b, A system shutdown is in progress. . Error: (10/26/2022 10:02:08 AM) (Source: VSS) (EventID: 13) (User: ) Description: Informacje Usługi kopiowania woluminów w tle: nie można uruchomić serwera usługi COM z identyfikatorem CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} i nazwą CEventSystem. [0x8007045b, A system shutdown is in progress. ] Error: (10/26/2022 10:01:10 AM) (Source: VSS) (EventID: 8193) (User: ) Description: Błąd Usługi kopiowania woluminów w tle: nieoczekiwany błąd podczas wywoływania procedury QueryFullProcessImageNameW. hr = 0x80070006, The handle is invalid. . Operation: Executing Asynchronous Operation Context: Current State: DoSnapshotSet Error: (10/19/2022 11:49:38 PM) (Source: Microsoft-Windows-Defrag) (EventID: 264) (User: ) Description: Optymalizator magazynów nie może zakończyć operacji retrim na (C:) z następującego powodu: The operation requested is not supported by the hardware backing the volume. (0x8900002A) Error: (10/12/2022 09:57:39 PM) (Source: Microsoft-Windows-Defrag) (EventID: 264) (User: ) Description: Optymalizator magazynów nie może zakończyć operacji retrim na (C:) z następującego powodu: The operation requested is not supported by the hardware backing the volume. (0x8900002A) Error: (10/05/2022 09:19:44 PM) (Source: Microsoft-Windows-Defrag) (EventID: 264) (User: ) Description: Optymalizator magazynów nie może zakończyć operacji retrim na (C:) z następującego powodu: The operation requested is not supported by the hardware backing the volume. (0x8900002A) Error: (09/28/2022 09:15:57 PM) (Source: Microsoft-Windows-Defrag) (EventID: 264) (User: ) Description: Optymalizator magazynów nie może zakończyć operacji retrim na (C:) z następującego powodu: The operation requested is not supported by the hardware backing the volume. (0x8900002A) Error: (09/21/2022 09:16:35 PM) (Source: Microsoft-Windows-Defrag) (EventID: 264) (User: ) Description: Optymalizator magazynów nie może zakończyć operacji retrim na (C:) z następującego powodu: The operation requested is not supported by the hardware backing the volume. (0x8900002A) Dziennik System: ============= Error: (10/26/2022 10:32:46 AM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: Usługa Windows Modules Installer niespodziewanie zakończyła pracę. Wystąpiło to razy: 1. W przeciągu 120000 milisekund zostanie podjęta następująca czynność korekcyjna: Restart the service. Error: (10/26/2022 10:32:46 AM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: Usługa Microsoft Office Click-to-Run Service niespodziewanie zakończyła pracę. Wystąpiło to razy: 1. W przeciągu 0 milisekund zostanie podjęta następująca czynność korekcyjna: Restart the service. Error: (10/26/2022 10:32:46 AM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: Usługa Windows Security Service niespodziewanie zakończyła pracę. Wystąpiło to razy: 1. W przeciągu 60000 milisekund zostanie podjęta następująca czynność korekcyjna: Restart the service. Error: (10/26/2022 10:32:46 AM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: Usługa Windows Presentation Foundation Font Cache 3.0.0.0 niespodziewanie zakończyła pracę. Wystąpiło to razy: 1. W przeciągu 0 milisekund zostanie podjęta następująca czynność korekcyjna: Restart the service. Error: (10/26/2022 10:32:46 AM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: Usługa Adobe Genuine Software Integrity Service niespodziewanie zakończyła pracę. Wystąpiło to razy: 1. Error: (10/26/2022 10:32:46 AM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: Usługa Adobe Genuine Monitor Service niespodziewanie zakończyła pracę. Wystąpiło to razy: 1. Error: (10/26/2022 10:32:46 AM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: Usługa Adobe Acrobat Update Service niespodziewanie zakończyła pracę. Wystąpiło to razy: 1. Error: (10/26/2022 10:32:46 AM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: Usługa Intel(R) HD Graphics Control Panel Service niespodziewanie zakończyła pracę. Wystąpiło to razy: 1. Windows Defender: ================ Date: 2022-10-26 10:15:01 Description: Skanowanie produktu Microsoft Defender Antivirus zostało zatrzymane przed ukończeniem. Identyfikator skanowania: {0F356889-26A9-4A57-8645-8FCF613EE648} Typ skanowania: Antimalware Parametry skanowania: Quick Scan Użytkownik: NT AUTHORITY\SYSTEM Date: 2022-10-25 10:34:21 Description: Skanowanie produktu Microsoft Defender Antivirus zostało zatrzymane przed ukończeniem. Identyfikator skanowania: {D0764651-B457-45DE-A003-0B7E5B95E708} Typ skanowania: Antimalware Parametry skanowania: Quick Scan Użytkownik: NT AUTHORITY\SYSTEM Date: 2022-10-24 11:05:21 Description: Skanowanie produktu Microsoft Defender Antivirus zostało zatrzymane przed ukończeniem. Identyfikator skanowania: {0D90A0E6-2362-415F-9CFB-3E8D31307BB7} Typ skanowania: Antimalware Parametry skanowania: Quick Scan Użytkownik: NT AUTHORITY\SYSTEM Date: 2022-10-22 11:43:56 Description: Skanowanie produktu Microsoft Defender Antivirus zostało zatrzymane przed ukończeniem. Identyfikator skanowania: {4973C7F2-2D8A-4CBF-A976-E2B03EB75149} Typ skanowania: Antimalware Parametry skanowania: Quick Scan Użytkownik: NT AUTHORITY\SYSTEM Date: 2022-10-21 10:59:50 Description: Skanowanie produktu Microsoft Defender Antivirus zostało zatrzymane przed ukończeniem. Identyfikator skanowania: {1E476742-FFE6-460A-B7F1-0B290A536E0C} Typ skanowania: Antimalware Parametry skanowania: Quick Scan Użytkownik: NT AUTHORITY\SYSTEM  CodeIntegrity: =============== Date: 2022-10-26 10:13:48 Description: Code Integrity determined that a process (\Device\HarddiskVolume1\ProgramData\Microsoft\Windows Defender\Platform\4.18.2209.7-0\MsMpEng.exe) attempted to load \Device\HarddiskVolume1\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\OFFICE16\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2022-10-08 11:24:03 Description: Code Integrity determined that a process (\Device\HarddiskVolume1\ProgramData\Microsoft\Windows Defender\Platform\4.18.2207.7-0\MsMpEng.exe) attempted to load \Device\HarddiskVolume1\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\OFFICE16\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2022-09-04 11:27:48 Description: Code Integrity determined that a process (\Device\HarddiskVolume1\ProgramData\Microsoft\Windows Defender\Platform\4.18.2205.7-0\MsMpEng.exe) attempted to load \Device\HarddiskVolume1\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\OFFICE16\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2022-09-04 10:58:20 Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume1\Program Files\ESET\ESET Security\eamsi.dll that did not meet the Windows signing level requirements. ==================== Statystyki pamięci =========================== BIOS: American Megatrends Inc. F9 08/13/2015 Płyta główna: Gigabyte Technology Co., Ltd. G1.Sniper B5-CF Procesor: Intel(R) Core(TM) i7-4790 CPU @ 3.60GHz Procent pamięci w użyciu: 22% Całkowita pamięć fizyczna: 16259.09 MB Dostępna pamięć fizyczna: 12652.89 MB Całkowita pamięć wirtualna: 18691.09 MB Dostępna pamięć wirtualna: 15264.7 MB ==================== Dyski ================================ Drive c: () (Fixed) (Total:931.51 GB) (Free:857.22 GB) (Model: TOSHIBA HDWD110) NTFS ==>[dysk z komponentami startowymi (pozyskano odczytując BCD)] ==================== MBR & Tablica partycji ==================== ========================================================== Disk: 0 (MBR Code: Windows 7/8/10) (Size: 931.5 GB) (Disk ID: 2256CF59) Partition 1: (Active) - (Size=931.5 GB) - (Type=07 NTFS) ==================== Koniec Addition.txt =======================