Rezultaty skanu uzupełniającego Farbar Recovery Scan Tool (x64) Wersja: 06.04.2024 Uruchomiony przez buli1 (06-04-2024 09:53:37) Uruchomiony z C:\Users\buli1\Downloads Microsoft Windows 11 Home Wersja 23H2 22631.3296 (X64) (2023-01-24 17:38:01) Tryb startu: Normal ========================================================== ==================== Konta użytkowników: ============================= (Załączenie wejścia w fixlist spowoduje jego usunięcie.) Administrator (S-1-5-21-3812395886-3388902121-4124880555-500 - Administrator - Disabled) buli1 (S-1-5-21-3812395886-3388902121-4124880555-1001 - Administrator - Enabled) => C:\Users\buli1 Gość (S-1-5-21-3812395886-3388902121-4124880555-501 - Limited - Disabled) Konto domyślne (S-1-5-21-3812395886-3388902121-4124880555-503 - Limited - Disabled) WDAGUtilityAccount (S-1-5-21-3812395886-3388902121-4124880555-504 - Limited - Disabled) ==================== Centrum zabezpieczeń ======================== (Załączenie wejścia w fixlist spowoduje jego usunięcie.) AV: Malwarebytes (Disabled - Up to date) {0D452135-A081-B000-D6B6-132E52638543} AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} ==================== Zainstalowane programy ====================== (W fixlist dozwolone tylko załączanie programów adware z flagą "Hidden" w celu ich uwidocznienia. Programy adware powinny zostać w poprawny sposób odinstalowane.) AMD Chipset Software (HKLM-x32\...\AMD_Chipset_IODrivers) (Version: 4.06.10.651 - Advanced Micro Devices, Inc.) AMD GPIO2 Driver (HKLM-x32\...\{E9DD399F-21A3-479E-A7DF-D6CF4B2ADBF3}) (Version: 2.2.0.130 - Advanced Micro Devices, Inc.) Hidden AMD I2C Driver (HKLM-x32\...\{B31D92D9-2914-46B0-9738-F668A563DE73}) (Version: 1.2.0.119 - Advanced Micro Devices, Inc.) Hidden AMD PSP Driver (HKLM-x32\...\{988F14B8-79A8-475D-BAC7-83F96AD3D821}) (Version: 5.19.0.0 - Advanced Micro Devices, Inc.) Hidden AMD Ryzen Balanced Driver (HKLM-x32\...\{A171D320-C42C-4F3B-A2D8-C6A09F6788CC}) (Version: 7.0.4.10 - Advanced Micro Devices, Inc.) Hidden AMD SBxxx SMBus Driver (HKLM-x32\...\{AAE0E27D-C88A-49BA-8715-77ADCD4286A3}) (Version: 5.12.0.38 - Advanced Micro Devices, Inc.) Hidden AMD_Chipset_Drivers (HKLM-x32\...\{c63a1907-428b-458b-935e-e61aad4aac6e}) (Version: 4.06.10.651 - Advanced Micro Devices, Inc.) Hidden Autodesk Fusion 360 (HKU\S-1-5-21-3812395886-3388902121-4124880555-1001\...\73e72ada57b7480280f7a6f4a289729f) (Version: 2.0.17954 - Autodesk, Inc.) CCleaner (HKLM\...\CCleaner) (Version: 6.22 - Piriform) CPUID CPU-Z 2.04 (HKLM\...\CPUID CPU-Z_is1) (Version: 2.04 - CPUID, Inc.) CPUID HWMonitor 1.50 (HKLM\...\CPUID HWMonitor_is1) (Version: 1.50 - CPUID, Inc.) CrystalDiskMark 8.0.4c (HKLM\...\CrystalDiskMark8_is1) (Version: 8.0.4c - Crystal Dew World) Discord (HKU\S-1-5-21-3812395886-3388902121-4124880555-1001\...\Discord) (Version: 1.0.9016 - Discord Inc.) EA app (HKLM\...\{C2622085-ABD2-49E5-8AB9-D3D6A642C091}) (Version: 13.121.0.5634 - Electronic Arts) Hidden EA app (HKLM-x32\...\{43e2863d-7b9d-458b-8a5a-b3d963699de5}) (Version: 13.121.0.5634 - Electronic Arts) Epic Games Launcher (HKLM-x32\...\{80C2CFE2-6446-4F61-9B7A-735738188D5A}) (Version: 1.3.67.0 - Epic Games, Inc.) Epic Games Launcher Prerequisites (x64) (HKLM\...\{F9C5C994-F6B9-4D75-B3E7-AD01B84073E9}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden Epic Online Services (HKLM-x32\...\{4757C19B-4CE3-418C-91D2-E15E938091FB}) (Version: 2.0.39.0 - Epic Games, Inc.) Futuremark SystemInfo (HKLM-x32\...\{2AB5AED3-CF11-4476-9F73-886C4AB10BDD}) (Version: 5.56.1143.0 - Futuremark) GOG GALAXY (HKLM-x32\...\{7258BA11-600C-430E-A759-27E2C691A335}_is1) (Version: - GOG.com) Google Chrome (HKLM-x32\...\Google Chrome) (Version: 123.0.6312.106 - Google LLC) HD Tune Pro 5.75 (HKLM-x32\...\HD Tune Pro_is1) (Version: - EFD Software) HWiNFO64 Version 7.42 (HKLM\...\HWiNFO64_is1) (Version: 7.42 - Martin Malik - REALiX) Launcher Prerequisites (x64) (HKLM-x32\...\{43a03b9c-4770-409c-a999-587b60700b63}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden Legion Arena (HKLM-x32\...\Legion Arena_is1) (Version: 1.9.0.26 - Lenovo Group Ltd.) Lenovo Service Bridge (HKU\S-1-5-21-3812395886-3388902121-4124880555-1001\...\{2C74547D-EF88-47F4-85F5-BE46A31E26B7}_is1) (Version: 5.0.2.14 - Lenovo) Lenovo System Update (HKLM-x32\...\TVSU_is1) (Version: 5.08.02.25 - Lenovo) Lenovo Vantage Service (HKLM-x32\...\VantageSRV_is1) (Version: 4.0.75.0 - Lenovo Group Ltd.) Logitech Gaming Software 9.04 (HKLM\...\Logitech Gaming Software) (Version: 9.04.49 - Logitech Inc.) Malwarebytes version 5.1.1.106 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 5.1.1.106 - Malwarebytes) Microsoft 365 - pl-pl (HKLM\...\O365HomePremRetail - pl-pl) (Version: 16.0.17425.20146 - Microsoft Corporation) Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 123.0.2420.65 - Microsoft Corporation) Microsoft GameInput (HKLM-x32\...\{1F2B6AF3-C260-8666-5950-E3FEDBC851D6}) (Version: 10.1.22621.3036 - Microsoft Corporation) Microsoft OneDrive (HKU\S-1-5-21-3812395886-3388902121-4124880555-1001\...\OneDriveSetup.exe) (Version: 24.050.0310.0001 - Microsoft Corporation) Microsoft Update Health Tools (HKLM\...\{C6FD611E-7EFE-488C-A0E0-974C09EF6473}) (Version: 5.72.0.0 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.61030 (HKLM\...\{37B8F9C7-03FB-3253-8781-2517C99D7C00}) (Version: 11.0.61030 - Microsoft Corporation) Hidden Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.61030 (HKLM\...\{CF2BEA3C-26EA-32F8-AA9B-331F7E34BA97}) (Version: 11.0.61030 - Microsoft Corporation) Hidden Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61030 (HKLM-x32\...\{B175520C-86A2-35A7-8619-86DC379688B9}) (Version: 11.0.61030 - Microsoft Corporation) Hidden Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61030 (HKLM-x32\...\{BD95A8CD-1D9F-35AD-981A-3E7925026EBB}) (Version: 11.0.61030 - Microsoft Corporation) Hidden Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual C++ 2013 x64 Additional Runtime - 12.0.21005 (HKLM\...\{929FBD26-9020-399B-9A7A-751D61F0B942}) (Version: 12.0.21005 - Microsoft Corporation) Hidden Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.21005 (HKLM\...\{A749D8E6-B613-3BE3-8F5F-045C84EBA29B}) (Version: 12.0.21005 - Microsoft Corporation) Hidden Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.21005 (HKLM-x32\...\{F8CFEB22-A2E7-3971-9EDA-4B11EDEFC185}) (Version: 12.0.21005 - Microsoft Corporation) Hidden Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.21005 (HKLM-x32\...\{13A4EE12-23EA-3371-91EE-EFB36DDFFF3E}) (Version: 12.0.21005 - Microsoft Corporation) Hidden Microsoft Visual C++ 2015-2022 Redistributable (x64) - 14.38.33135 (HKLM-x32\...\{c649ede4-f16a-4486-a117-dcc2f2a35165}) (Version: 14.38.33135.0 - Microsoft Corporation) Microsoft Visual C++ 2015-2022 Redistributable (x86) - 14.38.33135 (HKLM-x32\...\{46c3b171-c15c-4137-8e1d-67eeb2985b44}) (Version: 14.38.33135.0 - Microsoft Corporation) Microsoft Visual C++ 2022 X64 Additional Runtime - 14.38.33135 (HKLM\...\{19AFE054-CA83-45D5-A9DB-4108EF4BD391}) (Version: 14.38.33135 - Microsoft Corporation) Hidden Microsoft Visual C++ 2022 X64 Minimum Runtime - 14.38.33135 (HKLM\...\{AA0C8AB5-7297-4D46-A0D9-08096FE59E46}) (Version: 14.38.33135 - Microsoft Corporation) Hidden Microsoft Visual C++ 2022 X86 Additional Runtime - 14.38.33135 (HKLM-x32\...\{9C19C103-7DB1-44D1-A039-2C076A633A38}) (Version: 14.38.33135 - Microsoft Corporation) Hidden Microsoft Visual C++ 2022 X86 Minimum Runtime - 14.38.33135 (HKLM-x32\...\{286DC39B-5FB7-4AFF-9DD4-22DB47664CD7}) (Version: 14.38.33135 - Microsoft Corporation) Hidden MSI Afterburner 4.6.5 (HKLM-x32\...\Afterburner) (Version: 4.6.5 - MSI Co., LTD) NVIDIA FrameView SDK 1.3.8513.32290073 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_FrameViewSdk) (Version: 1.3.8513.32290073 - NVIDIA Corporation) NVIDIA GeForce Experience 3.27.0.120 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.27.0.120 - NVIDIA Corporation) NVIDIA Oprogramowanie systemu PhysX 9.21.0713 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.21.0713 - NVIDIA Corporation) NVIDIA Sterownik dźwięku HD 1.3.40.14 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.40.14 - NVIDIA Corporation) NVIDIA Sterownik graficzny 545.84 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 545.84 - NVIDIA Corporation) NVIDIA USBC Driver 1.50.831.832 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_USBC) (Version: 1.50.831.832 - NVIDIA Corporation) Office 16 Click-to-Run Extensibility Component (HKLM\...\{90160000-008C-0000-1000-0000000FF1CE}) (Version: 16.0.17425.20146 - Microsoft Corporation) Hidden Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-007E-0000-1000-0000000FF1CE}) (Version: 16.0.17425.20146 - Microsoft Corporation) Hidden Office 16 Click-to-Run Localization Component (HKLM\...\{90160000-008C-0415-1000-0000000FF1CE}) (Version: 16.0.17425.20146 - Microsoft Corporation) Hidden Polonizacja Minerva's Den BioShock 2 Remastered (HKLM\...\Polonizacja Minerva's Den BioShock 2 Remastered) (Version: 1.2 - dzaggiel) RivaTuner Statistics Server 7.3.4 (HKLM-x32\...\RTSS) (Version: 7.3.4 - Unwinder) SOMA (HKLM-x32\...\1439487606_is1) (Version: 1.61 - GOG.com) SpeedFan (remove only) (HKLM-x32\...\SpeedFan) (Version: - ) Sprawdzanie kondycji komputera z systemem Windows (HKLM\...\{41E85393-7ED3-4C54-AC25-51F8CDF39CDF}) (Version: 3.6.2204.08001 - Microsoft Corporation) Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation) SteelSeries GG 60.0.0 (HKLM\...\SteelSeries GG) (Version: 60.0.0 - SteelSeries ApS) Środowisko uruchomieniowe Microsoft Edge WebView2 (HKLM-x32\...\Microsoft EdgeWebView) (Version: 123.0.2420.65 - Microsoft Corporation) TeamSpeak (HKLM\...\{EE883F28-D7AF-48E5-87B6-1F59D856362F}) (Version: 5.0.0 - TeamSpeak) TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.6.1 - TeamSpeak Systems GmbH) Ubisoft Connect (HKLM-x32\...\Uplay) (Version: 148.1.10975 - Ubisoft) WinDirStat 1.1.2 (HKU\S-1-5-21-3812395886-3388902121-4124880555-1001\...\WinDirStat) (Version: - ) WinRAR 7.00 (64-bitowy) (HKLM\...\WinRAR archiver) (Version: 7.00.0 - win.rar GmbH) Packages: ========= Dev Home -> C:\Program Files\WindowsApps\Microsoft.Windows.DevHome_0.1200.442.0_x64__8wekyb3d8bbwe [2024-03-20] (Microsoft Corporation) Lenovo Companion -> C:\Program Files\WindowsApps\E046963F.LenovoCompanion_10.2401.24.0_x64__k1h2ywk1493x8 [2024-02-09] (LENOVO INC.) Lenovo Hotkeys -> C:\Program Files\WindowsApps\E0469640.LenovoUtility_4.6.12.0_x64__5grkq8ppsgwt4 [2024-04-01] (LENOVO INC) [Startup Task] Microsoft Defender -> C:\Program Files\WindowsApps\Microsoft.6365217CE6EB4_102.2402.13002.0_x64__8wekyb3d8bbwe [2024-02-28] (Microsoft Corporation) [Startup Task] Microsoft Family -> C:\Program Files\WindowsApps\MicrosoftCorporationII.MicrosoftFamily_0.2.40.0_x64__8wekyb3d8bbwe [2023-09-15] (Microsoft Corp.) Microsoft.AV1VideoExtension -> C:\Program Files\WindowsApps\Microsoft.AV1VideoExtension_1.1.61781.0_x64__8wekyb3d8bbwe [2023-07-13] (Microsoft Corporation) Microsoft.BingSearch -> C:\Program Files\WindowsApps\Microsoft.BingSearch_1.0.91.0_x64__8wekyb3d8bbwe [2024-02-14] (Microsoft Corporation) Microsoft.MPEG2VideoExtension -> C:\Program Files\WindowsApps\Microsoft.MPEG2VideoExtension_1.0.61931.0_x64__8wekyb3d8bbwe [2023-08-23] (Microsoft Corporation) Microsoft.Windows.Ai.Copilot.Provider -> C:\Program Files\WindowsApps\Microsoft.Windows.Ai.Copilot.Provider_1.0.3.0_neutral__8wekyb3d8bbwe [2024-03-29] (Microsoft Corporation) Microsoft.WindowsAppRuntime.CBS -> C:\WINDOWS\SystemApps\Microsoft.WindowsAppRuntime.CBS_8wekyb3d8bbwe [2024-03-13] (Microsoft Corporation) Nahimic -> C:\Program Files\WindowsApps\A-Volute.Nahimic_1.9.22.0_x64__w2gh52qy24etm [2024-02-07] (A-Volute) NVIDIA Control Panel -> C:\Program Files\WindowsApps\NVIDIACorp.NVIDIAControlPanel_8.1.965.0_x64__56jybvy8sckqj [2024-03-27] (NVIDIA Corp.) Prime Video for Windows -> C:\Program Files\WindowsApps\AmazonVideo.PrimeVideo_1.0.153.0_x64__pwbj9vvecjh7j [2023-12-25] (Amazon Development Centre (London) Ltd) Real Office -> C:\Program Files\WindowsApps\36059XiaoyaStudio.RealOffice_2.1.10.0_x64__ngh7ertwt50re [2023-12-20] (Xiaoya Lab) Realtek Audio Control -> C:\Program Files\WindowsApps\RealtekSemiconductorCorp.RealtekAudioControl_1.36.273.0_x64__dt26b99r8h8gj [2024-03-31] (Realtek Semiconductor Corp) WhatsApp -> C:\Program Files\WindowsApps\5319275A.WhatsAppDesktop_2.2413.1.0_x64__cv1g1gvanyjgm [2024-04-04] (WhatsApp Inc.) [Startup Task] Windows Feature Experience Pack -> C:\WINDOWS\SystemApps\MicrosoftWindows.Client.FileExp_cw5n1h2txyewy [2024-03-13] (Microsoft Corporation) WinRAR -> C:\Program Files\WinRAR [2024-04-04] (win.rar GmbH) ==================== Niestandardowe rejestracje CLSID (filtrowane): ============== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) CustomCLSID: HKU\S-1-5-21-3812395886-3388902121-4124880555-1001_Classes\CLSID\{5C4D8D77-5B87-40CA-884E-F56858227E5C}\localserver32 -> C:\Users\buli1\AppData\Local\Programs\TeamSpeak\notification_helper.exe => Brak pliku CustomCLSID: HKU\S-1-5-21-3812395886-3388902121-4124880555-1001_Classes\CLSID\{80172dde-4e20-4df0-81a2-0a48553e80bb}\localserver32 -> C:\Users\buli1\AppData\Local\NhNotifSys\nahimic\nahimicNotifSys.exe (A-Volute SAS -> A-Volute) CustomCLSID: HKU\S-1-5-21-3812395886-3388902121-4124880555-1001_Classes\CLSID\{C4F0910E-E0B4-4E68-8086-452730C7A26A}\InprocServer32 -> C:\Users\buli1\AppData\Local\Autodesk\webdeploy\production\b0c303e70bd97cfdc195adab65922cfeffcb363a\NPreview10.dll (Autodesk, Inc. -> ) ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2024-04-04] (Malwarebytes Inc. -> Malwarebytes) ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\System32\DriverStore\FileRepository\nvlti.inf_amd64_b60353cec8fd00e3\nvshext.dll [2023-10-12] (NVIDIA Corporation -> NVIDIA Corporation) ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2024-04-04] (Malwarebytes Inc. -> Malwarebytes) ==================== Codecs (filtrowane) ==================== (Załączenie wejścia w fixlist spowoduje usunięcie obiektu z rejestru lub przywrócenie jego domyślnej postaci. Powiązany plik nie zostanie przeniesiony.) HKLM\...\Drivers32: [VIDC.RTV1] => C:\Windows\system32\rtvcvfw64.dll [246272 2012-09-28] () [Brak podpisu cyfrowego] HKLM\...\Drivers32: [VIDC.RTV1] => C:\Windows\SysWOW64\rtvcvfw32.dll [247296 2012-09-28] () [Brak podpisu cyfrowego] ==================== Skróty & WMI ======================== ==================== Załadowane moduły (filtrowane) ============= 2022-03-17 02:53 - 2022-03-17 02:53 - 000000000 ____L (Microsoft Corporation) [symlink -> C:\Program Files\Common Files\Microsoft Shared\ClickToRun\AppvIsvSubsystems64.dll] C:\Program Files\Microsoft Office\Root\Office16\AppVIsvSubsystems64.dll 2022-03-17 02:53 - 2022-03-17 02:53 - 000000000 ____L (Microsoft Corporation) [symlink -> C:\Program Files\Common Files\Microsoft Shared\ClickToRun\C2R64.dll] C:\Program Files\Microsoft Office\Root\Office16\c2r64.dll 2018-04-06 20:29 - 2018-04-06 20:29 - 002286747 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [Brak podpisu cyfrowego] C:\Program Files\Logitech Gaming Software\LIBEAY32.dll 2018-04-06 20:29 - 2018-04-06 20:29 - 000416627 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [Brak podpisu cyfrowego] C:\Program Files\Logitech Gaming Software\ssleay32.dll ==================== Alternate Data Streams (filtrowane) ======== (Załączenie wejścia w fixlist spowoduje usunięcie strumienia ADS.) AlternateDataStreams: C:\Users\buli1\AppData\Local\Temp:$DATA​ [16] ==================== Tryb awaryjny (filtrowane) ================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Wartość "AlternateShell" zostanie przywrócona.) HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service" ==================== Powiązania plików (filtrowane) ================= ==================== Internet Explorer (filtrowane) ========== HKU\S-1-5-21-3812395886-3388902121-4124880555-1001\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://mystart.lenovo.com/ BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2024-04-05] (Microsoft Corporation -> Microsoft Corporation) Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2024-04-05] (Microsoft Corporation -> Microsoft Corporation) Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2024-04-05] (Microsoft Corporation -> Microsoft Corporation) Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2024-04-05] (Microsoft Corporation -> Microsoft Corporation) Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2024-04-05] (Microsoft Corporation -> Microsoft Corporation) Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2024-04-05] (Microsoft Corporation -> Microsoft Corporation) Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2024-04-05] (Microsoft Corporation -> Microsoft Corporation) Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2024-04-05] (Microsoft Corporation -> Microsoft Corporation) Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2024-04-05] (Microsoft Corporation -> Microsoft Corporation) Filter: application/octet-stream - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\WINDOWS\System32\mscoree.dll [2022-05-07] (Lenovo -> Microsoft Corporation) Filter: application/x-complus - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\WINDOWS\System32\mscoree.dll [2022-05-07] (Lenovo -> Microsoft Corporation) Filter: application/x-msdownload - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\WINDOWS\System32\mscoree.dll [2022-05-07] (Lenovo -> Microsoft Corporation) ==================== Hosts - zawartość: ========================= (Użycie dyrektywy Hosts: w fixlist spowoduje reset pliku Hosts.) 2019-12-07 11:14 - 2024-04-05 12:33 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts ==================== Inne obszary =========================== (Obecnie brak automatycznej naprawy dla tej sekcji.) HKU\S-1-5-21-3812395886-3388902121-4124880555-1001\Control Panel\Desktop\\Wallpaper -> c:\windows\web\wallpaper\windows\img19.jpg DNS Servers: 192.168.100.1 - 192.168.68.1 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1) Zapora systemu Windows [funkcja włączona] ==================== MSCONFIG/TASK MANAGER - Wyłączone elementy == (Załączenie wejścia w fixlist spowoduje jego usunięcie.) HKU\S-1-5-21-3812395886-3388902121-4124880555-1001\...\StartupApproved\Run: => "OneDrive" HKU\S-1-5-21-3812395886-3388902121-4124880555-1001\...\StartupApproved\Run: => "MicrosoftEdgeAutoLaunch_368270105F89E43110F19D4F1E784B17" HKU\S-1-5-21-3812395886-3388902121-4124880555-1001\...\StartupApproved\Run: => "EADM" HKU\S-1-5-21-3812395886-3388902121-4124880555-1001\...\StartupApproved\Run: => "CCleaner Smart Cleaning" ==================== Reguły Zapory systemu Windows (filtrowane) ================ (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) FirewallRules: [{4D4C0E05-A4E2-48F9-BA70-B88CB08DCA62}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation) FirewallRules: [{DA369652-7562-4597-8CC9-8E65F45E5435}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation) FirewallRules: [{44DF26C4-BC8E-4C68-8C84-385D801B49BD}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve Corp. -> Valve Corporation) FirewallRules: [{59BA9CFE-17B4-44C6-8740-645A4B97EDDE}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve Corp. -> Valve Corporation) FirewallRules: [{F92705F0-1487-46CD-BA3F-64FA20C005A6}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corp. -> Valve Corporation) FirewallRules: [{94920017-2073-4110-BD12-7049F1C30622}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corp. -> Valve Corporation) FirewallRules: [{5D65033B-F300-43A0-95A6-C1945B17C832}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Mafia Definitive Edition\2KLauncher\LauncherPatcher.exe => Brak pliku FirewallRules: [{79BD4859-A91E-4334-A5A9-048B1788F741}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Mafia Definitive Edition\2KLauncher\LauncherPatcher.exe => Brak pliku FirewallRules: [{4001D0D7-4090-483C-8D03-FD8DDADD3B37}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe => Brak pliku FirewallRules: [{C71060FE-7B43-4218-A571-43A00FF4EFC1}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe => Brak pliku FirewallRules: [TCP Query User{F220D79F-C519-46FA-AC58-039FE8058FF0}C:\program files\logitech gaming software\lcore.exe] => (Allow) C:\program files\logitech gaming software\lcore.exe (Logitech Inc -> Logitech Inc.) FirewallRules: [UDP Query User{2C09823A-703B-4777-A585-7EBF6BA93139}C:\program files\logitech gaming software\lcore.exe] => (Allow) C:\program files\logitech gaming software\lcore.exe (Logitech Inc -> Logitech Inc.) FirewallRules: [{025385EE-D986-4AA7-93B3-5534EDB7AD59}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Mafia II Definitive Edition\2KLauncher\LauncherPatcher.exe => Brak pliku FirewallRules: [{D45CE505-F07E-4761-A659-AC49833184CF}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Mafia II Definitive Edition\2KLauncher\LauncherPatcher.exe => Brak pliku FirewallRules: [{747565EB-59BB-463A-BDE1-0B1BA6205542}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Destiny 2\destiny2launcher.exe (BattlEye Innovations e.K. -> BattlEye Innovations) FirewallRules: [{685D94D0-38F3-49A6-ABD9-600B20ACAA33}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Destiny 2\destiny2launcher.exe (BattlEye Innovations e.K. -> BattlEye Innovations) FirewallRules: [TCP Query User{AEBFDA56-66A0-4266-BC3B-98EED752B658}C:\program files (x86)\steam\steamapps\common\destiny 2\destiny2.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\destiny 2\destiny2.exe (Bungie Inc. -> Bungie) FirewallRules: [UDP Query User{ED652BB0-3F0F-43E3-8CB0-C1B2C6B527B3}C:\program files (x86)\steam\steamapps\common\destiny 2\destiny2.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\destiny 2\destiny2.exe (Bungie Inc. -> Bungie) FirewallRules: [{D63AB65C-703A-4CD9-9C43-78E64EBA8797}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Mafia III\2KLauncher\LauncherPatcher.exe => Brak pliku FirewallRules: [{AF9EE092-9A80-4D81-96E4-4CDE770FFBFD}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Mafia III\2KLauncher\LauncherPatcher.exe => Brak pliku FirewallRules: [TCP Query User{253BC218-F131-4F14-B226-0BBA9A66F701}C:\program files (x86)\epic games\launcher\engine\binaries\win64\epicwebhelper.exe] => (Allow) C:\program files (x86)\epic games\launcher\engine\binaries\win64\epicwebhelper.exe (Epic Games Inc. -> Epic Games, Inc.) FirewallRules: [UDP Query User{D24D579D-5BC1-4B87-81D0-C114A7C7AE39}C:\program files (x86)\epic games\launcher\engine\binaries\win64\epicwebhelper.exe] => (Allow) C:\program files (x86)\epic games\launcher\engine\binaries\win64\epicwebhelper.exe (Epic Games Inc. -> Epic Games, Inc.) FirewallRules: [TCP Query User{0902A4FA-8D9E-4B0B-8639-CD074FDE24D4}C:\users\buli1\appdata\local\unrealengine\common\unrealtrace\bin\0001000c\unrealtraceserver.exe] => (Allow) C:\users\buli1\appdata\local\unrealengine\common\unrealtrace\bin\0001000c\unrealtraceserver.exe (Epic Games Inc. -> Epic Games) FirewallRules: [UDP Query User{95798556-3040-4358-A843-0A104E72A79D}C:\users\buli1\appdata\local\unrealengine\common\unrealtrace\bin\0001000c\unrealtraceserver.exe] => (Allow) C:\users\buli1\appdata\local\unrealengine\common\unrealtrace\bin\0001000c\unrealtraceserver.exe (Epic Games Inc. -> Epic Games) FirewallRules: [TCP Query User{2DC352DC-2E56-40D5-AD94-573C8BDA4401}C:\program files\epic games\ue_5.1\engine\binaries\win64\unrealeditor.exe] => (Allow) C:\program files\epic games\ue_5.1\engine\binaries\win64\unrealeditor.exe => Brak pliku FirewallRules: [UDP Query User{14A5463A-B9A0-4AFE-A279-991BEE8D868F}C:\program files\epic games\ue_5.1\engine\binaries\win64\unrealeditor.exe] => (Allow) C:\program files\epic games\ue_5.1\engine\binaries\win64\unrealeditor.exe => Brak pliku FirewallRules: [TCP Query User{73E123CD-337D-4945-BB2E-3F36088E6E8A}C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe] => (Allow) C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe (Epic Games Inc. -> Epic Games, Inc.) FirewallRules: [UDP Query User{B564C66D-B8CD-446C-BF38-0F43D64C4D4E}C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe] => (Allow) C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe (Epic Games Inc. -> Epic Games, Inc.) FirewallRules: [{9D232492-CC63-4619-912B-71FAF0BFD4AC}] => (Allow) C:\Program Files\Common Files\Siemens\sws\almsrv\almsrv64x.exe => Brak pliku FirewallRules: [{BDB84A66-AF7F-48C2-92FF-A85EA5C9E146}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [{39CE4370-4150-468A-972D-75904DCEEE23}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\GenerationZero\GenerationZero_F.exe (Fatalist Development AB -> ) FirewallRules: [{177AEA7F-8226-4EAC-8D05-65D61D27DDBF}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\GenerationZero\GenerationZero_F.exe (Fatalist Development AB -> ) FirewallRules: [{88C1E488-E549-43D3-9B67-1215BB0B5375}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Metro Exodus Enhanced Edition\MetroExodus.exe (4A Games) [Brak podpisu cyfrowego] FirewallRules: [{853994DE-7A66-4D27-8890-A11F9CC4156F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Metro Exodus Enhanced Edition\MetroExodus.exe (4A Games) [Brak podpisu cyfrowego] FirewallRules: [TCP Query User{243A5960-D1CC-410B-8FA2-069FFFC25963}C:\users\buli1\appdata\local\discord\app-1.0.9016\discord.exe] => (Allow) C:\users\buli1\appdata\local\discord\app-1.0.9016\discord.exe (Discord Inc. -> Discord Inc.) FirewallRules: [UDP Query User{B72C57B9-122E-44EE-B5E2-54C8A0CC9E60}C:\users\buli1\appdata\local\discord\app-1.0.9016\discord.exe] => (Allow) C:\users\buli1\appdata\local\discord\app-1.0.9016\discord.exe (Discord Inc. -> Discord Inc.) FirewallRules: [{A25DD627-B9ED-48C8-A83A-CB46E0C44D6A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\RIDE 4\ride4.exe (Epic Games, Inc.) [Brak podpisu cyfrowego] FirewallRules: [{7959EB5C-2847-4626-8B1D-718C3ED39F75}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\RIDE 4\ride4.exe (Epic Games, Inc.) [Brak podpisu cyfrowego] FirewallRules: [{DCC8AB1F-D237-483F-A971-21E8244A1245}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Trine\_enchanted_edition_\trine1_launcher.exe () [Brak podpisu cyfrowego] FirewallRules: [{2A62D24C-9F7D-462F-A40C-D1757E4BB425}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Trine\_enchanted_edition_\trine1_launcher.exe () [Brak podpisu cyfrowego] FirewallRules: [TCP Query User{825B25B3-E829-4B5E-876E-DCF42EA8A473}C:\program files (x86)\steam\steamapps\common\counter-strike global offensive\game\bin\win64\cs2.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\counter-strike global offensive\game\bin\win64\cs2.exe (Valve Corp. -> ) FirewallRules: [UDP Query User{A15E2E43-9610-4C44-AE77-6C2FF44FA572}C:\program files (x86)\steam\steamapps\common\counter-strike global offensive\game\bin\win64\cs2.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\counter-strike global offensive\game\bin\win64\cs2.exe (Valve Corp. -> ) FirewallRules: [{6D8BD2D8-4839-46EC-959C-20E058B439E8}] => (Allow) C:\Program Files (x86)\Lenovo\System Update\uncserver.exe (Lenovo -> Lenovo) FirewallRules: [{CF991453-EF29-4A34-BC2C-B6F10F869A44}] => (Allow) C:\Program Files (x86)\Lenovo\System Update\uncserver.exe (Lenovo -> Lenovo) FirewallRules: [{9F356BD2-C133-48AF-849F-DC5954022897}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation) FirewallRules: [{6B7E0C6B-5B7B-4FCD-A8E6-D30B661CDF49}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation) FirewallRules: [{C69D37CA-494E-4BA1-8F1B-4284FB6D8E9E}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation) FirewallRules: [{85CF1C00-E406-4437-98DC-8923EBD76D26}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation) FirewallRules: [{4A440CDF-B936-4967-ADEC-B5283670D771}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\SnowRunner\Sources\Bin\SnowRunner.exe (Focus Entertainment SA -> Focus Home Interactive) FirewallRules: [{8E4C86D8-044A-46FD-A7F0-87149A068D87}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\SnowRunner\Sources\Bin\SnowRunner.exe (Focus Entertainment SA -> Focus Home Interactive) FirewallRules: [{D2DAE0F0-1208-4BDB-9C2C-973484EC0B09}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\GTFO\GTFO.exe () [Brak podpisu cyfrowego] FirewallRules: [{7B80F92F-FC7E-42C7-BBB3-F3062C861B6A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\GTFO\GTFO.exe () [Brak podpisu cyfrowego] FirewallRules: [TCP Query User{E9E23A67-20CB-4C40-AAF1-769B3CA97FB2}C:\program files\logitech gaming software\lcore.exe] => (Allow) C:\program files\logitech gaming software\lcore.exe (Logitech Inc -> Logitech Inc.) FirewallRules: [UDP Query User{2E72D619-B0C3-4DBD-90E5-EEDE1D921964}C:\program files\logitech gaming software\lcore.exe] => (Allow) C:\program files\logitech gaming software\lcore.exe (Logitech Inc -> Logitech Inc.) FirewallRules: [TCP Query User{AC7FAA42-FABF-4478-B2A7-00A70C5C265C}C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe] => (Allow) C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe (Epic Games Inc. -> Epic Games, Inc.) FirewallRules: [UDP Query User{45CDD557-9D0D-4193-B53D-00F116AC0C2E}C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe] => (Allow) C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe (Epic Games Inc. -> Epic Games, Inc.) FirewallRules: [{2FA3EDF9-1B0E-40EB-8EFE-4A592C70A4E8}] => (Allow) C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EABackgroundService.exe (Electronic Arts, Inc. -> Electronic Arts) FirewallRules: [{AD830705-0630-4517-AF4F-10D053C97797}] => (Allow) C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EABackgroundService.exe (Electronic Arts, Inc. -> Electronic Arts) FirewallRules: [{289AF3FC-DD06-40FE-B71C-3830FB3F29D5}] => (Allow) C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EAConnect_microsoft.exe => Brak pliku FirewallRules: [{5F6A6150-F97F-4BBB-9FD6-73F60CA6C618}] => (Allow) C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EAConnect_microsoft.exe => Brak pliku FirewallRules: [{27EECC7A-E115-4723-B191-2BC9EFC5FF52}] => (Allow) C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EADesktop.exe => Brak pliku FirewallRules: [{5647E612-B2F0-475D-B404-BC8177492501}] => (Allow) C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EADesktop.exe => Brak pliku FirewallRules: [{87041ED2-B239-4C30-831C-FBDF491A6907}] => (Allow) C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EAGEP.exe => Brak pliku FirewallRules: [{E8D794A6-A9E2-4C80-A819-2D02E61934BA}] => (Allow) C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EAGEP.exe => Brak pliku FirewallRules: [{70E6862A-2B1C-4CF8-9D3F-033C5785C862}] => (Allow) C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EALocalHostSvc.exe => Brak pliku FirewallRules: [{3C0323A6-C703-48CC-83BD-2A241DDFDD4D}] => (Allow) C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EALocalHostSvc.exe => Brak pliku FirewallRules: [{D2E66137-C634-4231-AD20-8799DDF358AC}] => (Allow) C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EALaunchHelper.exe => Brak pliku FirewallRules: [{13B3675B-9AA5-460C-9943-E0849FD2D85B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Deep Rock Galactic\FSD.exe (Epic Games, Inc.) [Brak podpisu cyfrowego] FirewallRules: [{1FCEFD92-D699-497F-BA3E-5064C5C58DC0}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Deep Rock Galactic\FSD.exe (Epic Games, Inc.) [Brak podpisu cyfrowego] FirewallRules: [{AFE5B4E4-BBD4-4526-B0A7-953EF3BF8A66}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\BioShock Infinite\2KLauncher\LauncherPatcher.exe (Take-Two Interactive Software, Inc. -> Take-Two Interactive Software, Inc.) FirewallRules: [{04761287-F39E-4108-983F-DED6864AB80B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\BioShock Infinite\2KLauncher\LauncherPatcher.exe (Take-Two Interactive Software, Inc. -> Take-Two Interactive Software, Inc.) FirewallRules: [TCP Query User{F4CD9CAC-FFEE-414E-AE1C-2871A289C54A}C:\program files (x86)\steam\steamapps\common\bioshock infinite\binaries\win32\bioshockinfinite.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\bioshock infinite\binaries\win32\bioshockinfinite.exe (Irrational Games) [Brak podpisu cyfrowego] FirewallRules: [UDP Query User{8A21D4DF-7513-48BB-9F6A-8CF4D046AD7D}C:\program files (x86)\steam\steamapps\common\bioshock infinite\binaries\win32\bioshockinfinite.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\bioshock infinite\binaries\win32\bioshockinfinite.exe (Irrational Games) [Brak podpisu cyfrowego] FirewallRules: [{703E3CF3-928A-4269-9998-C17761666BDF}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Unreal Physics\UnrealPhysics.exe (Epic Games, Inc.) [Brak podpisu cyfrowego] FirewallRules: [{96EE42FC-1A4F-4C74-A2F0-F278CFB9ED69}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Unreal Physics\UnrealPhysics.exe (Epic Games, Inc.) [Brak podpisu cyfrowego] FirewallRules: [{F27E5F81-7F79-480F-99F0-4FEAC2D118A5}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\123.0.2420.65\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [{0D2F1F4C-F094-4B0E-BAAC-C44DC527AE0E}] => (Allow) C:\Program Files\WindowsApps\MicrosoftTeams_24060.3102.2733.5911_x64__8wekyb3d8bbwe\msteams.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [{58246B85-24FF-48AD-8FE0-10B699D6AC1C}] => (Allow) C:\Program Files\WindowsApps\MicrosoftTeams_24060.3102.2733.5911_x64__8wekyb3d8bbwe\msteams.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [{8D69D03D-8982-4505-A1A5-8B8649FF9A80}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC) ==================== Punkty Przywracania systemu ========================= 01-04-2024 21:53:33 Windows Update 04-04-2024 08:18:30 Zainstalowany program DirectX 05-04-2024 10:21:33 Zainstaluj TotalAV ==================== Wadliwe urządzenia w Menedżerze urządzeń ============ ==================== Błędy w Dzienniku zdarzeń: ======================== Dziennik Aplikacja: ================== Error: (04/06/2024 09:18:32 AM) (Source: CertEnroll) (EventID: 86) (User: ZARZĄDZANIE NT) Description: Inicjowanie rejestracji certyfikatu SCEP dla elementu WORKGROUP\LAPTOP-RQQSV0KV$ za pośrednictwem elementu https://AMD-KeyId-52fb59e29aa83a962fb9eef0fe5b4811de6b751e.microsoftaik.azure.net/templates/Aik/scep nie powiodło się: GetCACaps GetCACaps: Not Found {"Message":"The authority \"amd-keyid-52fb59e29aa83a962fb9eef0fe5b4811de6b751e.microsoftaik.azure.net\" does not exist."} HTTP/1.1 404 Not Found Date: Sat, 06 Apr 2024 07:18:33 GMT Content-Length: 121 Content-Type: application/json; charset=utf-8 X-Content-Type-Options: nosniff Strict-Transport-Security: max-age=31536000;includeSubDomains x-ms-request-id: d616f3d4-ec1d-45d9-b219-2bace0c55359 Metoda: GET(344ms) Etap: GetCACaps Nieznaleziony (404). 0x80190194 (-2145844844 HTTP_E_STATUS_NOT_FOUND) Error: (04/06/2024 09:18:31 AM) (Source: CertEnroll) (EventID: 86) (User: ZARZĄDZANIE NT) Description: Inicjowanie rejestracji certyfikatu SCEP dla elementu System lokalny za pośrednictwem elementu https://AMD-KeyId-52fb59e29aa83a962fb9eef0fe5b4811de6b751e.microsoftaik.azure.net/templates/Aik/scep nie powiodło się: GetCACaps GetCACaps: Not Found {"Message":"The authority \"amd-keyid-52fb59e29aa83a962fb9eef0fe5b4811de6b751e.microsoftaik.azure.net\" does not exist."} HTTP/1.1 404 Not Found Date: Sat, 06 Apr 2024 07:18:32 GMT Content-Length: 121 Content-Type: application/json; charset=utf-8 X-Content-Type-Options: nosniff Strict-Transport-Security: max-age=31536000;includeSubDomains x-ms-request-id: f822dc9f-20f1-40b5-8de8-aad40a582aa2 Metoda: GET(390ms) Etap: GetCACaps Nieznaleziony (404). 0x80190194 (-2145844844 HTTP_E_STATUS_NOT_FOUND) Error: (04/06/2024 09:14:47 AM) (Source: VSS) (EventID: 8193) (User: ) Description: Błąd Usługi kopiowania woluminów w tle: nieoczekiwany błąd podczas wywoływania procedury CoCreateInstance. hr = 0x8007045b, Trwa proces zamykania systemu.. Error: (04/06/2024 09:14:47 AM) (Source: VSS) (EventID: 13) (User: ) Description: Informacje Usługi kopiowania woluminów w tle: nie można uruchomić serwera usługi COM z identyfikatorem CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} i nazwą CEventSystem. [0x8007045b, Trwa proces zamykania systemu.] Error: (04/06/2024 12:36:37 AM) (Source: Application Error) (EventID: 1000) (User: LAPTOP-RQQSV0KV) Description: Nazwa aplikacji powodującej błąd: explorer.exe, wersja: 10.0.22621.3296, sygnatura czasowa: 0x64f630ce Nazwa modułu powodującego błąd: nvopencl64.dll, wersja: 31.0.15.4584, sygnatura czasowa: 0x65270951 Kod wyjątku: 0xc0000005 Przesunięcie błędu: 0x00000000000df5f0 Identyfikator procesu powodującego błąd: 0x0x2ad8 Godzina uruchomienia aplikacji powodującej błąd: 0x0x1da879dd759c55e Ścieżka aplikacji powodującej błąd: C:\WINDOWS\explorer.exe Ścieżka modułu powodującego błąd: C:\WINDOWS\System32\DriverStore\FileRepository\nvlti.inf_amd64_b60353cec8fd00e3\nvopencl64.dll Identyfikator raportu: 134da64f-af0b-408c-9574-3e4122a87616 Pełna nazwa pakietu powodującego błąd: Identyfikator aplikacji względem pakietu powodującego błąd: Error: (04/05/2024 12:34:20 PM) (Source: CertEnroll) (EventID: 86) (User: ZARZĄDZANIE NT) Description: Inicjowanie rejestracji certyfikatu SCEP dla elementu WORKGROUP\LAPTOP-RQQSV0KV$ za pośrednictwem elementu https://AMD-KeyId-52fb59e29aa83a962fb9eef0fe5b4811de6b751e.microsoftaik.azure.net/templates/Aik/scep nie powiodło się: GetCACaps GetCACaps: Not Found {"Message":"The authority \"amd-keyid-52fb59e29aa83a962fb9eef0fe5b4811de6b751e.microsoftaik.azure.net\" does not exist."} HTTP/1.1 404 Not Found Date: Fri, 05 Apr 2024 10:34:20 GMT Content-Length: 121 Content-Type: application/json; charset=utf-8 X-Content-Type-Options: nosniff Strict-Transport-Security: max-age=31536000;includeSubDomains x-ms-request-id: 43e9b557-bda1-4e33-ade8-3a1da213b8d7 Metoda: GET(328ms) Etap: GetCACaps Nieznaleziony (404). 0x80190194 (-2145844844 HTTP_E_STATUS_NOT_FOUND) Error: (04/05/2024 12:34:19 PM) (Source: CertEnroll) (EventID: 86) (User: ZARZĄDZANIE NT) Description: Inicjowanie rejestracji certyfikatu SCEP dla elementu System lokalny za pośrednictwem elementu https://AMD-KeyId-52fb59e29aa83a962fb9eef0fe5b4811de6b751e.microsoftaik.azure.net/templates/Aik/scep nie powiodło się: GetCACaps GetCACaps: Not Found {"Message":"The authority \"amd-keyid-52fb59e29aa83a962fb9eef0fe5b4811de6b751e.microsoftaik.azure.net\" does not exist."} HTTP/1.1 404 Not Found Date: Fri, 05 Apr 2024 10:34:19 GMT Content-Length: 121 Content-Type: application/json; charset=utf-8 X-Content-Type-Options: nosniff Strict-Transport-Security: max-age=31536000;includeSubDomains x-ms-request-id: 68bbd244-ef1a-4041-ae4b-5e0f719aa318 Metoda: GET(375ms) Etap: GetCACaps Nieznaleziony (404). 0x80190194 (-2145844844 HTTP_E_STATUS_NOT_FOUND) Error: (04/05/2024 11:52:02 AM) (Source: .NET Runtime) (EventID: 1000) (User: ) Description: Category: Grpc.AspNetCore.Server.ServerCallHandler EventId: 6 SpanId: 432a385481a7ca71 TraceId: 352723b1f892595c478dcdd4edf26355 ParentId: 0000000000000000 ConnectionId: 0HN2L9UEPO9OR RequestId: 0HN2L9UEPO9OR:00000001 RequestPath: /Ipc.SSApp.SSApp/Subscribe Error when executing service method 'Subscribe'. Exception: System.InvalidOperationException: Can't write the message because the request is complete. at Grpc.AspNetCore.Server.Internal.HttpContextStreamWriter`1.WriteCoreAsync(TResponse message, CancellationToken cancellationToken) at SecurityService.Services.SSAppService.Subscribe(SubscribeRequest request, IServerStreamWriter`1 responseStream, ServerCallContext context) at Grpc.Shared.Server.ServerStreamingServerMethodInvoker`3.Invoke(HttpContext httpContext, ServerCallContext serverCallContext, TRequest request, IServerStreamWriter`1 streamWriter) at Grpc.Shared.Server.ServerStreamingServerMethodInvoker`3.Invoke(HttpContext httpContext, ServerCallContext serverCallContext, TRequest request, IServerStreamWriter`1 streamWriter) at Grpc.AspNetCore.Server.Internal.CallHandlers.ServerStreamingServerCallHandler`3.HandleCallAsyncCore(HttpContext httpContext, HttpContextServerCallContext serverCallContext) at Grpc.AspNetCore.Server.Internal.CallHandlers.ServerCallHandlerBase`3.g__AwaitHandleCall|8_0(HttpContextServerCallContext serverCallContext, Method`2 method, Task handleCall) Dziennik System: ============= Error: (04/06/2024 09:22:45 AM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Nie można uruchomić usługi WinRing0_1_2_0 z powodu następującego błędu: System nie może odnaleźć określonej ścieżki. Error: (04/06/2024 09:20:27 AM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Nie można uruchomić usługi Microsoft Update Health Service z powodu następującego błędu: Usługa nie odpowiada na sygnał uruchomienia lub sygnał sterujący w oczekiwanym czasie. Error: (04/06/2024 09:20:27 AM) (Source: Service Control Manager) (EventID: 7009) (User: ) Description: Upłynął limit czasu (30000 ms) podczas oczekiwania na połączenie się z usługą Microsoft Update Health Service. Error: (04/06/2024 09:18:29 AM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: Usługa GameInput Service niespodziewanie zakończyła pracę. Wystąpiło to razy: 6. Error: (04/06/2024 09:18:29 AM) (Source: Service Control Manager) (EventID: 7023) (User: ) Description: Usługa GameInput Service zakończyła działanie; wystąpił następujący błąd: Plik złożony GameInput Service został utworzony za pomocą nowszej wersji magazynu. Error: (04/06/2024 09:18:28 AM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: Usługa GameInput Service niespodziewanie zakończyła pracę. Wystąpiło to razy: 5. W przeciągu 1000 milisekund zostanie podjęta następująca czynność korekcyjna: Uruchom usługę ponownie. Error: (04/06/2024 09:18:28 AM) (Source: Service Control Manager) (EventID: 7023) (User: ) Description: Usługa GameInput Service zakończyła działanie; wystąpił następujący błąd: Plik złożony GameInput Service został utworzony za pomocą nowszej wersji magazynu. Error: (04/06/2024 09:18:27 AM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: Usługa GameInput Service niespodziewanie zakończyła pracę. Wystąpiło to razy: 4. W przeciągu 1000 milisekund zostanie podjęta następująca czynność korekcyjna: Uruchom usługę ponownie. Windows Defender: ================ Date: 2024-04-04 12:09:13 Description: Skanowanie produktu Program antywirusowy Microsoft Defender zostało zatrzymane przed ukończeniem. Identyfikator skanowania: {61ACEBEA-95CA-4011-B3A5-76EE0210DDFA} Typ skanowania: Narzędzia chroniące przed złośliwym oprogramowaniem Parametry skanowania: Szybkie skanowanie Użytkownik: ZARZĄDZANIE NT\SYSTEM Date: 2024-04-04 11:43:53 Description: Skanowanie produktu Program antywirusowy Microsoft Defender zostało zatrzymane przed ukończeniem. Identyfikator skanowania: {AD4D7EE4-FD7E-456A-96A4-6971A4CC2FAC} Typ skanowania: Narzędzia chroniące przed złośliwym oprogramowaniem Parametry skanowania: Pełne skanowanie Użytkownik: LAPTOP-RQQSV0KV\buli1 Date: 2024-04-04 10:08:27 Description: Skanowanie produktu Program antywirusowy Microsoft Defender zostało zatrzymane przed ukończeniem. Identyfikator skanowania: {ACC0D073-C95F-46FD-A82C-5EC9E0D38B53} Typ skanowania: Narzędzia chroniące przed złośliwym oprogramowaniem Parametry skanowania: Szybkie skanowanie Użytkownik: ZARZĄDZANIE NT\SYSTEM Date: 2024-04-03 09:32:46 Description: Skanowanie produktu Program antywirusowy Microsoft Defender zostało zatrzymane przed ukończeniem. Identyfikator skanowania: {A907892B-AE1B-4F1B-9E55-D901FE6A123B} Typ skanowania: Narzędzia chroniące przed złośliwym oprogramowaniem Parametry skanowania: Szybkie skanowanie Użytkownik: ZARZĄDZANIE NT\SYSTEM Date: 2024-04-02 09:48:18 Description: Skanowanie produktu Program antywirusowy Microsoft Defender zostało zatrzymane przed ukończeniem. Identyfikator skanowania: {3FC1EA03-6B0D-4E8A-BCFE-970EA6E17789} Typ skanowania: Narzędzia chroniące przed złośliwym oprogramowaniem Parametry skanowania: Szybkie skanowanie Użytkownik: ZARZĄDZANIE NT\SYSTEM Event[0] Date: 2024-04-04 11:20:52 Description: Produkt Program antywirusowy Microsoft Defender napotkał błąd podczas próby aktualizacji analizy zabezpieczeń i podejmie próbę powrotu do poprzedniej wersji. Analiza zabezpieczeń objęta próbą: Bieżące Kod błędu: 0x80501102 Opis błędu: Wystąpił nieoczekiwany problem. Zainstaluj dostępne aktualizacje, a następnie spróbuj ponownie uruchomić program. Aby uzyskać informacje na temat instalowania aktualizacji, zobacz Pomoc i obsługę techniczną. Wersja analizy zabezpieczeń: 1.409.19.0;1.409.19.0 Wersja aparatu: 1.1.24030.4 CodeIntegrity: =============== Date: 2024-04-06 09:21:24 Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files (x86)\Microsoft\EdgeWebView\Application\123.0.2420.65\msedgewebview2.exe) attempted to load \Device\HarddiskVolume3\ProgramData\A-Volute\A-Volute.Nahimic\Modules\Scheduled\x64\AudioDevProps2.dll that did not meet the Microsoft signing level requirements. Date: 2024-04-05 12:21:04 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files (x86)\TotalAV\Endpoint Protection SDK\amsi\x64\avamsi.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. ==================== Statystyki pamięci =========================== BIOS: LENOVO GKCN64WW 12/07/2023 Płyta główna: LENOVO LNVNB161216 Procesor: AMD Ryzen 7 5800H with Radeon Graphics Procent pamięci w użyciu: 43% Całkowita pamięć fizyczna: 16236.06 MB Dostępna pamięć fizyczna: 9220.93 MB Całkowita pamięć wirtualna: 17260.06 MB Dostępna pamięć wirtualna: 7433.8 MB ==================== Dyski ================================ Drive c: (Windows-SSD) (Fixed) (Total:952.62 GB) (Free:317.18 GB) (Model: SKHynix_HFS001TDE9X084N) NTFS \\?\Volume{0be02ee1-3111-47b9-bc7d-ac130ed47ab4}\ (WINRE_DRV) (Fixed) (Total:0.98 GB) (Free:0.27 GB) NTFS \\?\Volume{6fca86dc-6339-4a8f-ab45-e899bbb4fc3f}\ (SYSTEM_DRV) (Fixed) (Total:0.25 GB) (Free:0.22 GB) FAT32 ==================== MBR & Tablica partycji ==================== ========================================================== Disk: 0 (Size: 953.9 GB) (Disk ID: 337EC8D7) Partition: GPT. ==================== Koniec Addition.txt =======================