Rezultaty skanu uzupełniającego Farbar Recovery Scan Tool (x64) Wersja: 16-09-2024 Uruchomiony przez malag (27-10-2024 01:29:57) Uruchomiony z C:\Users\malag\Desktop Microsoft Windows 11 Home Wersja 23H2 22631.4317 (X64) (2024-09-04 22:31:39) Tryb startu: Normal ========================================================== ==================== Konta użytkowników: ============================= (Załączenie wejścia w fixlist spowoduje jego usunięcie.) Administrator (S-1-5-21-390577114-2622568144-1753551939-500 - Administrator - Disabled) Dominika (S-1-5-21-390577114-2622568144-1753551939-1004 - Limited - Enabled) => C:\Users\Dominika Gość (S-1-5-21-390577114-2622568144-1753551939-501 - Limited - Disabled) Konto domyślne (S-1-5-21-390577114-2622568144-1753551939-503 - Limited - Disabled) malag (S-1-5-21-390577114-2622568144-1753551939-1001 - Administrator - Enabled) => C:\Users\malag WDAGUtilityAccount (S-1-5-21-390577114-2622568144-1753551939-504 - Limited - Disabled) ==================== Centrum zabezpieczeń ======================== (Załączenie wejścia w fixlist spowoduje jego usunięcie.) AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AV: ESET Security (Enabled - Up to date) {26E0861C-6FB9-CEF9-E4F0-531986211ACE} FW: ESET Zapora (Enabled) {1EDB0739-25D6-CFA1-CFAF-FA2C78F25DB5} ==================== Zainstalowane programy ====================== (W fixlist dozwolone tylko załączanie programów adware z flagą "Hidden" w celu ich uwidocznienia. Programy adware powinny zostać w poprawny sposób odinstalowane.) Acer Configuration Manager (HKLM-x32\...\{83EE3016-BFF3-4249-9DB8-2FC92D6DE9E6}) (Version: 2.5.22250 - Acer) Acer Jumpstart (HKLM-x32\...\{0C5ED25A-B8D1-4E71-BFCB-6B370A4EA19C}) (Version: 3.5.22220.20 - Acer) ASIO4ALL (HKLM-x32\...\ASIO4ALL) (Version: 2.15 - tippach engineering) Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment) Care Center Service (HKLM\...\{AFB52E98-7597-4484-9202-58F0FD3512ED}) (Version: 4.00.3054 - Acer Incorporated) CPUID CPU-Z 2.10 (HKLM\...\CPUID CPU-Z_is1) (Version: 2.10 - CPUID, Inc.) Discord (HKU\S-1-5-21-390577114-2622568144-1753551939-1001\...\Discord) (Version: 1.0.9163 - Discord Inc.) EA app (HKLM\...\{C2622085-ABD2-49E5-8AB9-D3D6A642C091}) (Version: 13.301.0.5814 - Electronic Arts) Hidden EA app (HKLM-x32\...\{9dec46c0-34b3-4528-984d-8fd02d4d04cb}) (Version: 13.301.0.5814 - Electronic Arts) Epic Games Launcher (HKLM-x32\...\{A662430E-6319-4082-8D9F-ABC0359B892A}) (Version: 1.3.93.0 - Epic Games, Inc.) Epic Games Launcher Prerequisites (x64) (HKLM\...\{F9C5C994-F6B9-4D75-B3E7-AD01B84073E9}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden Epic Online Services (HKLM-x32\...\{57A956AB-4BCC-45C6-9B40-957E4E125568}) (Version: 2.0.44.0 - Epic Games, Inc.) ESET Premium Line Encryption (HKLM\...\{43C2B3A3-AAF7-401A-9049-5139EABE10F9}) (Version: 2.0.36.0 - ESET) Hidden ESET Security (HKLM\...\{6274C5F0-A338-4DBE-AAFA-7A26EE801401}) (Version: 18.0.11.0 - ESET, spol. s r.o.) FL Studio 21 (HKLM-x32\...\FL Studio 21) (Version: 21.2.3.4004 - Image-Line) FL Studio ASIO (HKLM-x32\...\FL Studio ASIO) (Version: - Image-Line) Intel Driver && Support Assistant (HKLM-x32\...\{FD1F89D7-58B0-4AEA-995D-72D07C5302A4}) (Version: 24.5.40.11 - Intel) Hidden Intel(R) Arc Software & Drivers (HKLM\...\Intel(R) Arc Software & Drivers) (Version: 1.0.962.4 - Intel(R) Corporation) Intel(R) Computing Improvement Program (HKLM\...\{89E7E64C-A30C-4D24-9D12-B354CA2335DE}) (Version: 2.4.10888 - Intel Corporation) Intel(R) Wireless Bluetooth(R) (HKLM-x32\...\{00000080-0230-1045-84C8-B8D95FA3C8C3}) (Version: 23.80.0.3 - Intel Corporation) Intel® Arc™ Control (HKLM\...\{108A94C8-470A-477B-88FA-61780CA2B1B6}) (Version: 1.80.5680.1 - Intel Corporation) Hidden Intel® Arc™ Control (HKLM-x32\...\{4048535b-8a3d-4790-8831-2a00927549ce}) (Version: 1.80.5680.1 - Intel Corporation) Intel® Driver & Support Assistant (HKLM-x32\...\{43826762-6E01-46B8-81D5-79BA90ABED2F}) (Version: 24.5.40.11 - Intel) Killer Performance Driver Suite UWD (HKLM\...\{7A0F4A6B-C8A1-4290-8B89-29398CB71989}) (Version: 36.24.831 - Rivet Networks) Launcher Prerequisites (x64) (HKLM-x32\...\{43a03b9c-4770-409c-a999-587b60700b63}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden League of Legends (HKU\S-1-5-21-390577114-2622568144-1753551939-1001\...\Riot Game league_of_legends.live) (Version: - Riot Games, Inc) Microsoft .NET Host - 8.0.6 (x64) (HKLM\...\{EAEDD1FB-8876-4FD8-98A6-3AF439887414}) (Version: 64.24.15199 - Microsoft Corporation) Hidden Microsoft .NET Host FX Resolver - 8.0.6 (x64) (HKLM\...\{59C4A6C5-E254-4819-B254-0B4FF17747EB}) (Version: 64.24.15199 - Microsoft Corporation) Hidden Microsoft .NET Runtime - 8.0.6 (x64) (HKLM\...\{F69305BE-6EFA-45D0-9635-752373304A1A}) (Version: 64.24.15199 - Microsoft Corporation) Hidden Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 130.0.2849.56 - Microsoft Corporation) Microsoft OneDrive (HKU\S-1-5-21-390577114-2622568144-1753551939-1004-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-0\...\OneDriveSetup.exe) (Version: 24.186.0915.0004 - Microsoft Corporation) Microsoft Update Health Tools (HKLM\...\{C6FD611E-7EFE-488C-A0E0-974C09EF6473}) (Version: 5.72.0.0 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.61030 (HKLM\...\{37B8F9C7-03FB-3253-8781-2517C99D7C00}) (Version: 11.0.61030 - Microsoft Corporation) Hidden Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.61030 (HKLM\...\{CF2BEA3C-26EA-32F8-AA9B-331F7E34BA97}) (Version: 11.0.61030 - Microsoft Corporation) Hidden Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61030 (HKLM-x32\...\{B175520C-86A2-35A7-8619-86DC379688B9}) (Version: 11.0.61030 - Microsoft Corporation) Hidden Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61030 (HKLM-x32\...\{BD95A8CD-1D9F-35AD-981A-3E7925026EBB}) (Version: 11.0.61030 - Microsoft Corporation) Hidden Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40664 (HKLM-x32\...\{042d26ef-3dbe-4c25-95d3-4c1b11b235a7}) (Version: 12.0.40664.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.40664 (HKLM-x32\...\{9dff3540-fc85-4ed5-ac84-9e3c7fd8bece}) (Version: 12.0.40664.0 - Microsoft Corporation) Microsoft Visual C++ 2013 x64 Additional Runtime - 12.0.40664 (HKLM\...\{010792BA-551A-3AC0-A7EF-0FAB4156C382}) (Version: 12.0.40664 - Microsoft Corporation) Hidden Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.40664 (HKLM\...\{53CF6934-A98D-3D84-9146-FC4EDF3D5641}) (Version: 12.0.40664 - Microsoft Corporation) Hidden Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.40664 (HKLM-x32\...\{D401961D-3A20-3AC7-943B-6139D5BD490A}) (Version: 12.0.40664 - Microsoft Corporation) Hidden Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.40664 (HKLM-x32\...\{8122DAB1-ED4D-3676-BB0A-CA368196543E}) (Version: 12.0.40664 - Microsoft Corporation) Hidden Microsoft Visual C++ 2015-2022 Redistributable (x64) - 14.40.33810 (HKLM-x32\...\{5af95fd8-a22e-458f-acee-c61bd787178e}) (Version: 14.40.33810.0 - Microsoft Corporation) Microsoft Visual C++ 2015-2022 Redistributable (x86) - 14.40.33810 (HKLM-x32\...\{47109d57-d746-4f8b-9618-ed6a17cc922b}) (Version: 14.40.33810.0 - Microsoft Corporation) Microsoft Visual C++ 2022 X64 Additional Runtime - 14.40.33810 (HKLM\...\{59CED48F-EBFE-480C-8A38-FC079C2BEC0F}) (Version: 14.40.33810 - Microsoft Corporation) Hidden Microsoft Visual C++ 2022 X64 Minimum Runtime - 14.40.33810 (HKLM\...\{B8B3BB4A-A10D-4F51-91B7-A64FFAC31EA7}) (Version: 14.40.33810 - Microsoft Corporation) Hidden Microsoft Visual C++ 2022 X86 Additional Runtime - 14.40.33810 (HKLM-x32\...\{5EA6C998-D5AC-4ED9-89C3-9F25B17CCD3D}) (Version: 14.40.33810 - Microsoft Corporation) Hidden Microsoft Visual C++ 2022 X86 Minimum Runtime - 14.40.33810 (HKLM-x32\...\{0C3457A0-3DCE-4A33-BEF0-9B528C557771}) (Version: 14.40.33810 - Microsoft Corporation) Hidden Microsoft Windows Desktop Runtime - 8.0.6 (x64) (HKLM\...\{0EF5DD4D-EC49-4AE7-8C9A-F64FF8B3EA58}) (Version: 64.24.15241 - Microsoft Corporation) Hidden Microsoft Windows Desktop Runtime - 8.0.6 (x64) (HKLM-x32\...\{942f6911-1a02-4186-8c4c-b27eb2b9733d}) (Version: 8.0.6.33720 - Microsoft Corporation) NVIDIA FrameView SDK 1.3.8513.32290073 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_FrameViewSdk) (Version: 1.3.8513.32290073 - NVIDIA Corporation) NVIDIA GeForce Experience 3.28.0.417 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.28.0.417 - NVIDIA Corporation) NVIDIA Oprogramowanie systemu PhysX 9.23.1019 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.23.1019 - NVIDIA Corporation) NVIDIA Sterownik dźwięku HD 1.4.2.6 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.4.2.6 - NVIDIA Corporation) NVIDIA Sterownik graficzny 565.90 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 565.90 - NVIDIA Corporation) Opera GX Stable 114.0.5282.106 (HKU\S-1-5-21-390577114-2622568144-1753551939-1001\...\Opera GX 114.0.5282.106) (Version: 114.0.5282.106 - Opera Software) PredatorSense Config (HKLM\...\{96621502-61EC-4961-B7C3-BEB3513F4E59}) (Version: 5.0.1463 - ULIC Tek Inc.) PredatorSense Installer (HKLM-x32\...\{d482adb8-ab33-4c7c-bce2-e1d809039bc3}) (Version: 4.1.635 - ULIC Tek Inc.) PredatorSense Prerequisites (HKLM\...\{0D8DB400-6647-49AF-9E9A-6F7A8C4E1394}) (Version: 4.1.635 - ULIC Tek Inc.) Hidden REAPER (x64) (HKLM\...\REAPER) (Version: 7.24 - Cockos Incorporated) REDlauncher (HKLM-x32\...\{6C25C853-BFDE-43DB-B5C1-CCCB67BD9533}) (Version: 3.2.1.1 - CD Projekt RED) Hidden Riot Client (HKU\S-1-5-21-390577114-2622568144-1753551939-1001\...\Riot Game Riot_Client.) (Version: - Riot Games, Inc) Riot Vanguard (HKLM\...\Riot Vanguard) (Version: - Riot Games, Inc.) Rockstar Games Launcher (HKLM-x32\...\Rockstar Games Launcher) (Version: 1.0.96.2164 - Rockstar Games) Rockstar Games SDK (HKLM-x32\...\Rockstar Games Social Club) (Version: 2.3.7.1 - Rockstar Games) Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation) Środowisko uruchomieniowe Microsoft Edge WebView2 (HKLM-x32\...\Microsoft EdgeWebView) (Version: 129.0.2792.89 - Microsoft Corporation) User Experience Improvement Program Service (HKLM\...\{323EA05D-046D-449D-9D7C-89243C957CCE}) (Version: 5.00.3018 - Acer Incorporated) VALORANT (HKU\S-1-5-21-390577114-2622568144-1753551939-1001\...\Riot Game valorant.live) (Version: - Riot Games, Inc) WinRAR 7.01 (64-bitowy) (HKLM\...\WinRAR archiver) (Version: 7.01.0 - win.rar GmbH) Packages: ========= Acer Product Registration -> C:\Program Files\WindowsApps\AcerIncorporated.AcerRegistration_2.0.3044.0_x64__48frkmn4z8aw4 [2024-10-16] (Acer Incorporated) AppUp.IntelGraphicsExperience -> C:\Program Files\WindowsApps\AppUp.IntelGraphicsExperience_1.100.5635.0_x64__8j3eq9eme6ctt [2024-10-16] (INTEL CORP) [Startup Task] AppUp.ThunderboltControlCenter -> C:\Program Files\WindowsApps\AppUp.ThunderboltControlCenter_1.0.37.0_x64__8j3eq9eme6ctt [2024-10-16] (INTEL CORP) Care Center S -> C:\Program Files\WindowsApps\AcerIncorporated.AcerCareCenterS_4.0.3054.0_x64__48frkmn4z8aw4 [2024-10-16] (Acer Incorporated) Dropbox – promocja -> C:\Program Files\WindowsApps\C27EB4BA.DropboxOEM_23.4.27.0_x64__xbfy0k16fey96 [2024-10-16] (Dropbox Inc.) DTS Sound Unbound -> C:\Program Files\WindowsApps\DTSInc.DTSSoundUnbound_2024.3.69.0_x64__t5j2fzbtdg37r [2024-10-16] (DTS, Inc.) DTS:X Ultra -> C:\Program Files\WindowsApps\DTSInc.DTSXUltra_1.13.5.0_x64__t5j2fzbtdg37r [2024-10-19] (DTS, Inc.) ESET Context Menu -> C:\Program Files\ESET\ESET Security [2024-10-23] (Sparse Package) Intel® Optane™ Memory and Storage Management -> C:\Program Files\WindowsApps\AppUp.IntelOptaneMemoryandStorageManagement_20.0.1011.0_x64__8j3eq9eme6ctt [2024-10-16] (INTEL CORP) Intel® Unison™ -> C:\Program Files\WindowsApps\AppUp.IntelTechnologyMDE_20.24.9812.0_x64__8j3eq9eme6ctt [2024-10-16] (INTEL CORP) Killer Intelligence Center -> C:\Program Files\WindowsApps\RivetNetworks.KillerControlCenter_3.1624.813.0_x64__rh07ty8m5nkag [2024-10-23] (INTEL CORP) [Startup Task] Microsoft Family -> C:\Program Files\WindowsApps\MicrosoftCorporationII.MicrosoftFamily_0.2.40.0_x64__8wekyb3d8bbwe [2024-10-16] (Microsoft Corp.) Microsoft.AV1VideoExtension -> C:\Program Files\WindowsApps\Microsoft.AV1VideoExtension_1.2.2331.0_x64__8wekyb3d8bbwe [2024-10-16] (Microsoft Corporation) Microsoft.BingSearch -> C:\Program Files\WindowsApps\Microsoft.BingSearch_1.0.95.0_x64__8wekyb3d8bbwe [2024-10-16] (Microsoft Corporation) Microsoft.D3DMappingLayers -> C:\Program Files\WindowsApps\Microsoft.D3DMappingLayers_1.2409.2.0_x64__8wekyb3d8bbwe [2024-10-16] (Microsoft Corporation) Microsoft.StartExperiencesApp -> C:\Program Files\WindowsApps\Microsoft.StartExperiencesApp_1.1.168.0_x64__8wekyb3d8bbwe [2024-10-16] (Microsoft Corporation) [Startup Task] MicrosoftWindows.CrossDevice -> C:\Program Files\WindowsApps\MicrosoftWindows.CrossDevice_1.24092.24.0_x64__cw5n1h2txyewy [2024-10-22] (Microsoft Windows) [Startup Task] NVIDIA Control Panel -> C:\Program Files\WindowsApps\NVIDIACorp.NVIDIAControlPanel_8.1.966.0_x64__56jybvy8sckqj [2024-10-16] (NVIDIA Corp.) Overcooked! 2 -> C:\Program Files\WindowsApps\Team17DigitalLimited.Overcooked2Win10_1.0.249.0_x64__j5x4vj4y67jhc [2024-09-21] (Team17 Digital Limited) PredatorSense for Notebook -> C:\Program Files\WindowsApps\ULICTekInc.PredatorSenseforNotebook_5.0.1463.0_x64__nt9dgb7efx6bt [2024-10-16] (ULIC Tek Inc.) [Startup Task] Realtek Audio Control -> C:\Program Files\WindowsApps\RealtekSemiconductorCorp.RealtekAudioControl_1.51.325.0_x64__dt26b99r8h8gj [2024-10-16] (Realtek Semiconductor Corp) User Experience Improvement Program V5 -> C:\Program Files\WindowsApps\AcerIncorporated.UserExperienceImprovementProgramV_5.0.3018.0_x64__48frkmn4z8aw4 [2024-10-16] (Acer Incorporated) Widgets Platform Runtime -> C:\Program Files\WindowsApps\Microsoft.WidgetsPlatformRuntime_1.4.0.0_x64__8wekyb3d8bbwe [2024-10-16] (Microsoft Corporation) Windows Feature Experience Pack -> C:\WINDOWS\SystemApps\LKG\MicrosoftWindows.LKG.AccountsService_cw5n1h2txyewy [2024-10-12] (Microsoft Windows) Windows Feature Experience Pack -> C:\WINDOWS\SystemApps\LKG\MicrosoftWindows.LKG.DesktopSpotlight_cw5n1h2txyewy [2024-10-12] (Microsoft Windows) Windows Feature Experience Pack -> C:\WINDOWS\SystemApps\LKG\MicrosoftWindows.LKG.IrisService_cw5n1h2txyewy [2024-10-12] (Microsoft Windows) Windows Feature Experience Pack -> C:\WINDOWS\SystemApps\LKG\MicrosoftWindows.LKG.TwinSxS_cw5n1h2txyewy [2024-10-12] (Microsoft Windows) WinRAR -> C:\Program Files\WinRAR [2024-08-23] (win.rar GmbH) Zdjęcia -> C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2024.11070.31001.0_x64__8wekyb3d8bbwe [2024-10-16] (Microsoft Corporation) [Startup Task] ==================== Niestandardowe rejestracje CLSID (filtrowane): ============== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) CustomCLSID: HKU\S-1-5-21-390577114-2622568144-1753551939-1001_Classes\CLSID\{6a27a1a9-7be8-1491-04ca-ee68a211c258}\localserver32 -> "C:\Program Files\Google\Play Games\current\service\Service.exe" -ToastActivated => Brak pliku ShellIconOverlayIdentifiers: [ESD Shell Icon Overlay Identifier] -> {AF106685-9C86-48AF-8524-8F485C459E17} => C:\Program Files\ESET\ESET Secure Data\esdovrly.dll [2023-06-27] (DESlock Limited -> DESlock Limited) ContextMenuHandlers1: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Security\shellExt.dll [2024-10-11] (ESET, spol. s r.o. -> ESET) ContextMenuHandlers2: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Security\shellExt.dll [2024-10-11] (ESET, spol. s r.o. -> ESET) ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\System32\DriverStore\FileRepository\nvaci.inf_amd64_caedca11358bfdf2\nvshext.dll [2024-09-28] (NVIDIA Corporation -> NVIDIA Corporation) ContextMenuHandlers6: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Security\shellExt.dll [2024-10-11] (ESET, spol. s r.o. -> ESET) ==================== Codecs (filtrowane) ==================== (Załączenie wejścia w fixlist spowoduje usunięcie obiektu z rejestru lub przywrócenie jego domyślnej postaci. Powiązany plik nie zostanie przeniesiony.) HKLM\...\Drivers32-x32: [vidc.VP60] => C:\Windows\system32\vp6vfw.dll HKLM\...\Drivers32-x32: [vidc.VP61] => C:\Windows\system32\vp6vfw.dll ==================== Skróty & WMI ======================== ==================== Załadowane moduły (filtrowane) ============= 2024-08-05 00:16 - 2024-08-05 00:16 - 003164160 _____ (SQLite Development Team) [Brak podpisu cyfrowego] C:\Program Files\Intel\SUR\QUEENCREEK\x64\sqlite3.dll ==================== Alternate Data Streams (filtrowane) ======== (Załączenie wejścia w fixlist spowoduje usunięcie strumienia ADS.) AlternateDataStreams: C:\ProgramData\mntemp:8EAD8B3507 [5154] AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\desktop.ini:B1DA6C571C [5154] AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\desktop.ini:41964AA945 [5154] AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Epic Games Launcher.lnk:BE32D07BC5 [5154] AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel Driver & Support Assistant.lnk:CE654E1443 [5154] ==================== Tryb awaryjny (filtrowane) ================== ==================== Powiązania plików (filtrowane) ================= ==================== Internet Explorer (filtrowane) ============= ==================== Hosts - zawartość: ========================= (Użycie dyrektywy Hosts: w fixlist spowoduje reset pliku Hosts.) 2022-05-07 07:24 - 2024-09-05 01:11 - 000000822 _____ C:\WINDOWS\system32\drivers\etc\hosts ==================== Inne obszary =========================== (Obecnie brak automatycznej naprawy dla tej sekcji.) HKU\S-1-5-21-390577114-2622568144-1753551939-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\malag\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper HKU\S-1-5-21-390577114-2622568144-1753551939-1004-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-0\Control Panel\Desktop\\Wallpaper -> C:\WINDOWS\web\wallpaper\Windows\img0.jpg DNS Servers: 192.168.2.254 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1) Zapora systemu Windows [funkcja włączona] Network Binding: ============= Ethernet: Killer E2600 Gigabit Ethernet Controller -> e2k68cx21x64.sys Wi-Fi: Killer(R) Wi-Fi 6 AX1650i 160MHz Wireless Network Adapter (201NGW) -> Netwtw14.sys vms_vsf: Hyper-V Virtual Switch Extension Filter vms_vsp: Hyper-V Virtual Switch Extension Protocol ==================== MSCONFIG/TASK MANAGER - Wyłączone elementy == (Załączenie wejścia w fixlist spowoduje jego usunięcie.) HKLM\...\StartupApproved\Run32: => "Intel® Arc™ Control" HKU\S-1-5-21-390577114-2622568144-1753551939-1001\...\StartupApproved\Run: => "MicrosoftEdgeAutoLaunch_A43E17AE839489EB37DAE5227EE444C8" HKU\S-1-5-21-390577114-2622568144-1753551939-1001\...\StartupApproved\Run: => "OneDrive" HKU\S-1-5-21-390577114-2622568144-1753551939-1001\...\StartupApproved\Run: => "EpicGamesLauncher" HKU\S-1-5-21-390577114-2622568144-1753551939-1001\...\StartupApproved\Run: => "Opera GX Stable" HKU\S-1-5-21-390577114-2622568144-1753551939-1001\...\StartupApproved\Run: => "Steam" HKU\S-1-5-21-390577114-2622568144-1753551939-1001\...\StartupApproved\Run: => "Discord" HKU\S-1-5-21-390577114-2622568144-1753551939-1001\...\StartupApproved\Run: => "Launcher" ==================== Reguły Zapory systemu Windows (filtrowane) ================ (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) FirewallRules: [{0542CDD7-11A0-4E45-98E3-2E4245592F4A}] => (Allow) C:\Windows\System32\DriverStore\FileRepository\predatorservice.inf_amd64_0305d86d2079f1a7\OpenRGB.exe => Brak pliku FirewallRules: [{32C5150D-9DC7-44CB-A394-F291D089E897}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warframe\Tools\RemoteCrashSender.exe => Brak pliku FirewallRules: [{83B2F7EF-2E33-403E-8ADE-6F12EBA7BE5B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warframe\Warframe.x64.exe => Brak pliku FirewallRules: [{A1DE1F2F-542E-4067-AFED-5B4EA3CD6069}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warframe\Warframe.x64.exe => Brak pliku FirewallRules: [{ACC6049E-02D3-4178-A8D0-07B771830031}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warframe\Tools\Launcher.exe => Brak pliku FirewallRules: [{BD1A3455-6485-4FCF-AEEC-41B3C069F771}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warframe\Tools\RemoteCrashSender.exe => Brak pliku FirewallRules: [{D7FAF6C1-3566-4F1A-8282-EA527ACAE823}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warframe\Warframe.x64.exe => Brak pliku FirewallRules: [{BC4E3D49-83CF-42E9-8B5F-B477335029E4}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warframe\Warframe.x64.exe => Brak pliku FirewallRules: [{8FEC9A02-2BAE-4992-B199-8A68397E22B6}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warframe\Tools\Launcher.exe => Brak pliku FirewallRules: [{AF3AE796-AF62-43BD-8A90-CAF3518B28FC}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation) FirewallRules: [{93BE35D2-0F74-436B-95D3-4DAD3674C750}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation) FirewallRules: [{68A1BC12-7F9F-40FE-879D-9D419D8DF0CB}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation) FirewallRules: [{58B1FB27-6AAD-4BFE-B773-7DA8175C6470}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation) FirewallRules: [{30A15390-C245-49CC-9DE4-E67AC03A1B9A}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation) FirewallRules: [{5589362A-949C-4347-BDEA-E5535DEBF409}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation) FirewallRules: [UDP Query User{28F2746C-83ED-4F25-BBB2-96A29CE052F5}C:\program files (x86)\steam\steamapps\common\blackmythwukong\b1\binaries\win64\b1-win64-shipping.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\blackmythwukong\b1\binaries\win64\b1-win64-shipping.exe (Game Science Interactive Technology Co., Ltd. -> Game Science Interactive Technology Co., Ltd) FirewallRules: [TCP Query User{C9A080EE-CE4E-47F1-91C6-44ACC01BAF02}C:\program files (x86)\steam\steamapps\common\blackmythwukong\b1\binaries\win64\b1-win64-shipping.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\blackmythwukong\b1\binaries\win64\b1-win64-shipping.exe (Game Science Interactive Technology Co., Ltd. -> Game Science Interactive Technology Co., Ltd) FirewallRules: [{079BC853-29E9-41E4-A459-B93E7C78DDF8}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\BlackMythWukong\b1.exe (Game Science Interactive Technology Co., Ltd. -> Epic Games, Inc.) FirewallRules: [{8B553FFD-BFA9-4E95-838E-8EE6D7E2C438}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\BlackMythWukong\b1.exe (Game Science Interactive Technology Co., Ltd. -> Epic Games, Inc.) FirewallRules: [{2DAB6292-5749-4A56-B891-836C421F18D4}] => (Allow) C:\Riot Games\Riot Client\RiotClientServices.exe (Riot Games, Inc. -> Riot Games, Inc.) FirewallRules: [{FF50BA98-B44E-4D31-B828-87C45A13196A}] => (Allow) C:\Riot Games\Riot Client\RiotClientServices.exe (Riot Games, Inc. -> Riot Games, Inc.) FirewallRules: [{982387BF-17F0-44AA-8C04-A6DAA992658E}] => (Allow) C:\Riot Games\Riot Client\RiotClientServices.exe (Riot Games, Inc. -> Riot Games, Inc.) FirewallRules: [UDP Query User{6704E019-43F8-4768-9986-1149EEA321FE}C:\users\malag\appdata\local\programs\opera gx\opera.exe] => (Block) C:\users\malag\appdata\local\programs\opera gx\opera.exe (Opera Norway AS -> Opera Software) FirewallRules: [TCP Query User{1D08850F-A00F-4EEA-A53A-53A9100447A2}C:\users\malag\appdata\local\programs\opera gx\opera.exe] => (Block) C:\users\malag\appdata\local\programs\opera gx\opera.exe (Opera Norway AS -> Opera Software) FirewallRules: [UDP Query User{C7E993D9-339C-4952-A582-8717CB5DE0C9}C:\riot games\riot client\riotclientelectron\riot client.exe] => (Block) C:\riot games\riot client\riotclientelectron\riot client.exe (Riot Games, Inc. -> Riot Games, Inc.) FirewallRules: [TCP Query User{5F464EA4-E9CC-40EF-8B15-C9A626995196}C:\riot games\riot client\riotclientelectron\riot client.exe] => (Block) C:\riot games\riot client\riotclientelectron\riot client.exe (Riot Games, Inc. -> Riot Games, Inc.) FirewallRules: [{6536872B-5A83-462E-9B32-2F6A3B0D35C1}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\game\bin\win64\cs2.exe (Valve Corp. -> ) FirewallRules: [{EC76C0B7-15C7-4836-B412-DCE11D60652B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\game\bin\win64\cs2.exe (Valve Corp. -> ) FirewallRules: [{54A06714-1B1A-43E7-9B53-824288716E90}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corp. -> Valve Corporation) FirewallRules: [{ECEF36AA-EC12-464C-B774-7425DC3D6F97}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corp. -> Valve Corporation) FirewallRules: [{4C1F62A1-D4AC-4B0E-8B23-032729E0D5FF}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve Corp. -> Valve Corporation) FirewallRules: [{3825D5B5-2304-4115-8F4D-1524320F68B7}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve Corp. -> Valve Corporation) FirewallRules: [{D155FAB7-6F0F-4E05-B689-80A174CC0E46}] => (Allow) C:\Program Files\WindowsApps\MicrosoftTeams_24124.2402.2858.5617_x64__8wekyb3d8bbwe\msteams.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [{78F61E1E-A38F-44CB-A9B6-DFB16AF2595D}] => (Allow) C:\Program Files\WindowsApps\MicrosoftTeams_24124.2402.2858.5617_x64__8wekyb3d8bbwe\msteams.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [{15A134E5-7A43-4873-ABD6-92BED22AE4B3}] => (Allow) C:\Windows\System32\DriverStore\FileRepository\predatorservice.inf_amd64_5c92d2b1cb6e4eb5\OpenRGB.exe (Acer Incorporated -> ) FirewallRules: [{10FFB847-D02B-4675-9ED3-F4FEDFD06555}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Cyberpunk 2077\REDprelauncher.exe (CD PROJEKT S.A. -> CD Projekt RED) FirewallRules: [{4AEF7D3C-5865-4E3B-8D70-E81A3A607868}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Cyberpunk 2077\REDprelauncher.exe (CD PROJEKT S.A. -> CD Projekt RED) FirewallRules: [TCP Query User{B5842790-7F22-40F5-B2A9-5E106108E4AD}C:\program files (x86)\steam\steamapps\common\cyberpunk 2077\bin\x64\cyberpunk2077.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\cyberpunk 2077\bin\x64\cyberpunk2077.exe (CD PROJEKT S.A. -> CD PROJEKT S.A.) FirewallRules: [UDP Query User{4B2FB867-3784-463D-A729-B5D22BE259D3}C:\program files (x86)\steam\steamapps\common\cyberpunk 2077\bin\x64\cyberpunk2077.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\cyberpunk 2077\bin\x64\cyberpunk2077.exe (CD PROJEKT S.A. -> CD PROJEKT S.A.) FirewallRules: [TCP Query User{A639E98E-AB8E-4213-90E1-255A28B42D65}C:\users\malag\appdata\local\discord\app-1.0.9163\discord.exe] => (Allow) C:\users\malag\appdata\local\discord\app-1.0.9163\discord.exe => Brak pliku FirewallRules: [UDP Query User{50CE83F5-756D-48E4-8309-4911125C4DAA}C:\users\malag\appdata\local\discord\app-1.0.9163\discord.exe] => (Allow) C:\users\malag\appdata\local\discord\app-1.0.9163\discord.exe => Brak pliku FirewallRules: [{1FBDEDD7-C37E-4C1B-882A-918062ED2D09}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Grand Theft Auto V\PlayGTAV.exe (Rockstar Games, Inc. -> Rockstar Games) FirewallRules: [{8430D3B4-E479-4F2E-920C-24B9C55F84D2}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Grand Theft Auto V\PlayGTAV.exe (Rockstar Games, Inc. -> Rockstar Games) FirewallRules: [TCP Query User{16256C18-713A-437B-8943-F0B922D2421B}C:\program files (x86)\steam\steamapps\common\grand theft auto v\gta5.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\grand theft auto v\gta5.exe (Rockstar Games, Inc. -> Rockstar Games) FirewallRules: [UDP Query User{B2DE184A-486F-4143-ADA8-D9915B9AF6A7}C:\program files (x86)\steam\steamapps\common\grand theft auto v\gta5.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\grand theft auto v\gta5.exe (Rockstar Games, Inc. -> Rockstar Games) FirewallRules: [{8C32117C-8C52-4B17-903D-1ADD2B3DA044}] => (Allow) C:\Program Files (x86)\BlueStacks X\BlueStacksWeb.exe => Brak pliku FirewallRules: [{1DF359EC-4836-47F1-B179-16DF90744C3B}] => (Allow) C:\Program Files (x86)\BlueStacks X\Cloud Game.exe => Brak pliku FirewallRules: [{A2C614AD-1137-4B35-A634-721315FC5112}] => (Allow) C:\Program Files\BlueStacks_nxt\HD-Player.exe => Brak pliku FirewallRules: [{D059B46C-B96F-4942-B467-00C1673EC414}] => (Allow) C:\Program Files\BlueStacks_nxt\BlueStacksAppplayerWeb.exe => Brak pliku FirewallRules: [{50B3BCF6-CB27-42C8-96D6-D4A180707945}] => (Allow) C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EABackgroundService.exe (Electronic Arts, Inc. -> Electronic Arts) FirewallRules: [{0A0B532D-9C39-4DC4-BBAE-ED7777F126A7}] => (Allow) C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EABackgroundService.exe (Electronic Arts, Inc. -> Electronic Arts) FirewallRules: [{48A550B6-CCEA-4F8B-9DF5-8E724117F014}] => (Allow) C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EAConnect_microsoft.exe (Electronic Arts, Inc. -> Electronic Arts) FirewallRules: [{D01BB400-3E7E-439E-B250-B72B8D195AD8}] => (Allow) C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EAConnect_microsoft.exe (Electronic Arts, Inc. -> Electronic Arts) FirewallRules: [{A4563ED0-686A-43F5-91D1-C3A1A502EC3B}] => (Allow) C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EADesktop.exe (Electronic Arts, Inc. -> Electronic Arts) FirewallRules: [{099A1343-A967-4D34-9D21-3001F770DEAC}] => (Allow) C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EADesktop.exe (Electronic Arts, Inc. -> Electronic Arts) FirewallRules: [{857899BB-ADE2-492E-8CA4-360E8FBCE934}] => (Allow) C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EAGEP.exe (Electronic Arts, Inc. -> Electronic Arts) FirewallRules: [{E83731D2-3D59-459C-9E41-3BBD433B0F2F}] => (Allow) C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EAGEP.exe (Electronic Arts, Inc. -> Electronic Arts) FirewallRules: [{D1CC6DA5-CBC2-4A67-9F1B-954266D9750D}] => (Allow) C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EALocalHostSvc.exe (Electronic Arts, Inc. -> Electronic Arts) FirewallRules: [{749299FE-B5B1-4FCC-9276-CC316E462D23}] => (Allow) C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EALocalHostSvc.exe (Electronic Arts, Inc. -> Electronic Arts) FirewallRules: [{1DC57A99-AB8E-4A5D-A8C7-65AC9DEBD171}] => (Allow) C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EALaunchHelper.exe (Electronic Arts, Inc. -> Electronic Arts) FirewallRules: [{6E256D3A-37D2-471A-8284-8FB5CE9B6518}] => (Allow) C:\Program Files\Rockstar Games\Launcher\Launcher.exe (Rockstar Games, Inc. -> Rockstar Games) FirewallRules: [{B4C4EF99-6FFE-4404-AA27-E9F48F68D5F1}] => (Allow) C:\Program Files\Rockstar Games\Launcher\Launcher.exe (Rockstar Games, Inc. -> Rockstar Games) FirewallRules: [{D723565B-E8D7-4D44-A06D-82BA3D1CAB1C}] => (Allow) C:\Program Files\Rockstar Games\Launcher\Launcher.exe (Rockstar Games, Inc. -> Rockstar Games) FirewallRules: [{66DB2378-4E66-4612-AD0A-764A72A7D34F}] => (Allow) C:\Program Files\Rockstar Games\Launcher\Launcher.exe (Rockstar Games, Inc. -> Rockstar Games) FirewallRules: [{EA1C42E0-9015-4A62-A12B-DC0FE43B7076}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\WormsWMD\Worms W.M.D.exe () [Brak podpisu cyfrowego] FirewallRules: [{78BBFFAF-F81B-401E-9C4A-74970F910424}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\WormsWMD\Worms W.M.D.exe () [Brak podpisu cyfrowego] FirewallRules: [{24B10622-88DE-4A37-8E25-240DB98FAD99}] => (Allow) C:\Program Files\WindowsApps\AppUp.IntelTechnologyMDE_20.24.9812.0_x64__8j3eq9eme6ctt\IntelUnison.exe (EB51A5DA-0E72-4863-82E4-EA21C1F8DFE3 -> Intel Corporation) FirewallRules: [{220BFD9D-9901-4184-8522-59BF161633A2}] => (Allow) C:\Program Files\WindowsApps\AppUp.IntelTechnologyMDE_20.24.9812.0_x64__8j3eq9eme6ctt\IntelUnison.exe (EB51A5DA-0E72-4863-82E4-EA21C1F8DFE3 -> Intel Corporation) FirewallRules: [{6B1B635E-8EB5-4D0A-94A7-8DF674E1A4BE}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Throne and Liberty\start_protected_game.exe (EasyAntiCheat Oy -> Epic Games, Inc.) FirewallRules: [{AE9D2C0D-8D23-4942-8498-9996388F43DE}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Throne and Liberty\start_protected_game.exe (EasyAntiCheat Oy -> Epic Games, Inc.) FirewallRules: [{8245AA8E-10BF-44ED-9EE8-57DFAA970E64}] => (Allow) C:\Program Files\WindowsApps\ULICTekInc.PredatorSenseforNotebook_5.0.1463.0_x64__nt9dgb7efx6bt\app\PredatorSense.exe (F5240129-3993-455E-8347-B5A9BDDF4B89 -> ULIC Tek) FirewallRules: [{8361065A-0620-4838-AC35-B67838544C59}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Half-Life\hl.exe (Valve Corp. -> Valve) FirewallRules: [{2B15EEF1-28A3-4377-976E-B00764B48784}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Half-Life\hl.exe (Valve Corp. -> Valve) FirewallRules: [{71352CA1-96DB-4B7A-B69D-B3BD85DA80BD}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\129.0.2792.89\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [TCP Query User{1F6F2DAB-C6F1-40ED-8D2D-AC9AC8EDFDF5}C:\program files\epic games\rocketleague\binaries\win64\rocketleague.exe] => (Block) C:\program files\epic games\rocketleague\binaries\win64\rocketleague.exe (Psyonix, LLC -> Psyonix, LLC) FirewallRules: [UDP Query User{D782AFA3-BDFA-4E46-B721-118F7DA3ECB3}C:\program files\epic games\rocketleague\binaries\win64\rocketleague.exe] => (Block) C:\program files\epic games\rocketleague\binaries\win64\rocketleague.exe (Psyonix, LLC -> Psyonix, LLC) FirewallRules: [{FB87674F-0308-4E01-9469-F5D59EFDE7B3}] => (Allow) C:\WINDOWS\System32\DriverStore\FileRepository\predatorservice.inf_amd64_438f22dfe1d5b109\OpenRGB.exe (Acer Incorporated -> ) FirewallRules: [{685F76F6-CFBD-4601-8E36-35A60955EDB4}] => (Allow) C:\WINDOWS\System32\DriverStore\FileRepository\predatorservice.inf_amd64_ec38587b71ef8108\OpenRGB.exe (Acer Incorporated -> ) ==================== Punkty Przywracania systemu ========================= 16-10-2024 05:33:57 Windows Update 19-10-2024 08:25:07 Windows Update 22-10-2024 22:53:34 Windows Update 27-10-2024 00:44:56 Malwarebytes Anti-Rootkit Restore Point ==================== Wadliwe urządzenia w Menedżerze urządzeń ============ Name: Główna kolejka wydruku Description: Lokalna kolejka wydruku Class Guid: {1ed2bbf9-11f0-4084-b21f-ad83a8e6dcdc} Manufacturer: Microsoft Service: Problem: : This device is disabled. (Code 22) Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions. Name: ACER HD User Facing Description: Urządzenie wideo USB Class Guid: {ca3e7ab9-b4c3-4ae6-8251-579ef933890f} Manufacturer: Microsoft Service: usbvideo Problem: : This device is disabled. (Code 22) Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions. Name: Killer E2600 Gigabit Ethernet Controller Description: Killer E2600 Gigabit Ethernet Controller Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318} Manufacturer: Killer Service: e2k68cx21x64 Problem: : This device is disabled. (Code 22) Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions. Name: APP Mode Description: Urządzenie WinUSB Class Guid: {88bae032-5a81-49f0-bc3d-a4ff138216d6} Manufacturer: Urządzenie WinUSB Service: WINUSB Problem: : This device is disabled. (Code 22) Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions. ==================== Błędy w Dzienniku zdarzeń: ======================== Dziennik Aplikacja: ================== Error: (10/27/2024 01:28:11 AM) (Source: Application Error) (EventID: 1000) (User: MLG420) Description: Nazwa aplikacji powodującej błąd: AcerRegistrationBackGroundTask.exe, wersja: 1.0.0.0, sygnatura czasowa: 0x64375ffb Nazwa modułu powodującego błąd: KERNELBASE.dll, wersja: 10.0.22621.4317, sygnatura czasowa: 0x9b6f2fe8 Kod wyjątku: 0xc000041d Przesunięcie błędu: 0x0014b282 Identyfikator procesu powodującego błąd: 0x0x25e8 Godzina uruchomienia aplikacji powodującej błąd: 0x0x1db27feb6ceefe3 Ścieżka aplikacji powodującej błąd: C:\Program Files\WindowsApps\AcerIncorporated.AcerRegistration_2.0.3044.0_x64__48frkmn4z8aw4\DesktopApp\AcerRegistrationBackGroundTask.exe Ścieżka modułu powodującego błąd: C:\WINDOWS\System32\KERNELBASE.dll Identyfikator raportu: b39bf688-28ea-4402-8c19-2c1e46e00b68 Pełna nazwa pakietu powodującego błąd: AcerIncorporated.AcerRegistration_2.0.3044.0_x64__48frkmn4z8aw4 Identyfikator aplikacji względem pakietu powodującego błąd: Acer.AcerRegistration Error: (10/27/2024 01:28:08 AM) (Source: Application Error) (EventID: 1000) (User: MLG420) Description: Nazwa aplikacji powodującej błąd: AcerRegistrationBackGroundTask.exe, wersja: 1.0.0.0, sygnatura czasowa: 0x64375ffb Nazwa modułu powodującego błąd: KERNELBASE.dll, wersja: 10.0.22621.4317, sygnatura czasowa: 0x9b6f2fe8 Kod wyjątku: 0xc0020001 Przesunięcie błędu: 0x0014b282 Identyfikator procesu powodującego błąd: 0x0x25e8 Godzina uruchomienia aplikacji powodującej błąd: 0x0x1db27feb6ceefe3 Ścieżka aplikacji powodującej błąd: C:\Program Files\WindowsApps\AcerIncorporated.AcerRegistration_2.0.3044.0_x64__48frkmn4z8aw4\DesktopApp\AcerRegistrationBackGroundTask.exe Ścieżka modułu powodującego błąd: C:\WINDOWS\System32\KERNELBASE.dll Identyfikator raportu: b49de230-664b-4628-be39-bfcfc9b0649e Pełna nazwa pakietu powodującego błąd: AcerIncorporated.AcerRegistration_2.0.3044.0_x64__48frkmn4z8aw4 Identyfikator aplikacji względem pakietu powodującego błąd: Acer.AcerRegistration Error: (10/27/2024 01:28:08 AM) (Source: .NET Runtime) (EventID: 1026) (User: ) Description: Aplikacja: AcerRegistrationBackGroundTask.exe Wersja architektury: v4.0.30319 Opis: proces został przerwany z powodu nieobsłużonego wyjątku. Informacje o wyjątku: kod wyjątku: c0020001, adres wyjątku: 76EBB282 Stos: w MS.Win32.UnsafeNativeMethods.CallWindowProc(IntPtr, IntPtr, Int32, IntPtr, IntPtr) w MS.Win32.HwndSubclass.SubclassWndProc(IntPtr, Int32, IntPtr, IntPtr) w System.Environment._Exit(Int32) w System.Environment.Exit(Int32) w AcerRegistrationBackGroundTask.MainWindow+d__24.MoveNext() w System.Runtime.CompilerServices.AsyncVoidMethodBuilder.Start[[AcerRegistrationBackGroundTask.MainWindow+d__24, AcerRegistrationBackGroundTask, Version=1.0.0.0, Culture=neutral, PublicKeyToken=null]](d__24 ByRef) w AcerRegistrationBackGroundTask.MainWindow.closeBackGroundTask() w AcerRegistrationBackGroundTask.MainWindow.Window_Loaded(System.Object, System.Windows.RoutedEventArgs) w System.Windows.RoutedEventHandlerInfo.InvokeHandler(System.Object, System.Windows.RoutedEventArgs) w System.Windows.EventRoute.InvokeHandlersImpl(System.Object, System.Windows.RoutedEventArgs, Boolean) w System.Windows.UIElement.RaiseEventImpl(System.Windows.DependencyObject, System.Windows.RoutedEventArgs) w System.Windows.UIElement.RaiseEvent(System.Windows.RoutedEventArgs) w System.Windows.BroadcastEventHelper.BroadcastEvent(System.Windows.DependencyObject, System.Windows.RoutedEvent) w System.Windows.BroadcastEventHelper.BroadcastLoadedEvent(System.Object) w MS.Internal.LoadedOrUnloadedOperation.DoWork() w System.Windows.Media.MediaContext.FireLoadedPendingCallbacks() w System.Windows.Media.MediaContext.FireInvokeOnRenderCallbacks() w System.Windows.Media.MediaContext.RenderMessageHandlerCore(System.Object) w System.Windows.Media.MediaContext.RenderMessageHandler(System.Object) w System.Windows.Media.MediaContext.Resize(System.Windows.Media.ICompositionTarget) w System.Windows.Interop.HwndTarget.OnResize() w System.Windows.Interop.HwndTarget.HandleMessage(MS.Internal.Interop.WindowMessage, IntPtr, IntPtr) w System.Windows.Interop.HwndSource.HwndTargetFilterMessage(IntPtr, Int32, IntPtr, IntPtr, Boolean ByRef) w MS.Win32.HwndWrapper.WndProc(IntPtr, Int32, IntPtr, IntPtr, Boolean ByRef) w MS.Win32.HwndSubclass.DispatcherCallbackOperation(System.Object) w System.Windows.Threading.ExceptionWrapper.InternalRealCall(System.Delegate, System.Object, Int32) w System.Windows.Threading.ExceptionWrapper.TryCatchWhen(System.Object, System.Delegate, System.Object, Int32, System.Delegate) w System.Windows.Threading.Dispatcher.LegacyInvokeImpl(System.Windows.Threading.DispatcherPriority, System.TimeSpan, System.Delegate, System.Object, Int32) w MS.Win32.HwndSubclass.SubclassWndProc(IntPtr, Int32, IntPtr, IntPtr) w MS.Win32.UnsafeNativeMethods.ShowWindow(System.Runtime.InteropServices.HandleRef, Int32) w System.Windows.Window.ShowHelper(System.Object) w System.Windows.Window.Show() w System.Windows.Application+<>c.b__105_0(System.Object) w System.Windows.Threading.ExceptionWrapper.InternalRealCall(System.Delegate, System.Object, Int32) w System.Windows.Threading.ExceptionWrapper.TryCatchWhen(System.Object, System.Delegate, System.Object, Int32, System.Delegate) w System.Windows.Threading.DispatcherOperation.InvokeImpl() w System.Windows.Threading.DispatcherOperation.InvokeInSecurityContext(System.Object) w MS.Internal.CulturePreservingExecutionContext.CallbackWrapper(System.Object) w System.Threading.ExecutionContext.RunInternal(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean) w System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean) w System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object) w MS.Internal.CulturePreservingExecutionContext.Run(MS.Internal.CulturePreservingExecutionContext, System.Threading.ContextCallback, System.Object) w System.Windows.Threading.DispatcherOperation.Invoke() w System.Windows.Threading.Dispatcher.ProcessQueue() w System.Windows.Threading.Dispatcher.WndProcHook(IntPtr, Int32, IntPtr, IntPtr, Boolean ByRef) w MS.Win32.HwndWrapper.WndProc(IntPtr, Int32, IntPtr, IntPtr, Boolean ByRef) w MS.Win32.HwndSubclass.DispatcherCallbackOperation(System.Object) w System.Windows.Threading.ExceptionWrapper.InternalRealCall(System.Delegate, System.Object, Int32) w System.Windows.Threading.ExceptionWrapper.TryCatchWhen(System.Object, System.Delegate, System.Object, Int32, System.Delegate) w System.Windows.Threading.Dispatcher.LegacyInvokeImpl(System.Windows.Threading.DispatcherPriority, System.TimeSpan, System.Delegate, System.Object, Int32) w MS.Win32.HwndSubclass.SubclassWndProc(IntPtr, Int32, IntPtr, IntPtr) w MS.Win32.UnsafeNativeMethods.DispatchMessage(System.Windows.Interop.MSG ByRef) w System.Windows.Threading.Dispatcher.PushFrameImpl(System.Windows.Threading.DispatcherFrame) w System.Windows.Threading.Dispatcher.PushFrame(System.Windows.Threading.DispatcherFrame) w System.Windows.Application.RunDispatcher(System.Object) w System.Windows.Application.RunInternal(System.Windows.Window) w System.Windows.Application.Run(System.Windows.Window) w AcerRegistrationBackGroundTask.Startup.Main(System.String[]) Error: (10/27/2024 12:39:44 AM) (Source: Application Error) (EventID: 1000) (User: MLG420) Description: Nazwa aplikacji powodującej błąd: AcerRegistrationBackGroundTask.exe, wersja: 1.0.0.0, sygnatura czasowa: 0x64375ffb Nazwa modułu powodującego błąd: KERNELBASE.dll, wersja: 10.0.22621.4317, sygnatura czasowa: 0x9b6f2fe8 Kod wyjątku: 0xc000041d Przesunięcie błędu: 0x0014b282 Identyfikator procesu powodującego błąd: 0x0x4220 Godzina uruchomienia aplikacji powodującej błąd: 0x0x1db27f7f1b49e3c Ścieżka aplikacji powodującej błąd: C:\Program Files\WindowsApps\AcerIncorporated.AcerRegistration_2.0.3044.0_x64__48frkmn4z8aw4\DesktopApp\AcerRegistrationBackGroundTask.exe Ścieżka modułu powodującego błąd: C:\WINDOWS\System32\KERNELBASE.dll Identyfikator raportu: 0adb41d3-dbd0-4dd5-9e76-b3f4265c222d Pełna nazwa pakietu powodującego błąd: AcerIncorporated.AcerRegistration_2.0.3044.0_x64__48frkmn4z8aw4 Identyfikator aplikacji względem pakietu powodującego błąd: Acer.AcerRegistration Error: (10/27/2024 12:39:40 AM) (Source: Application Error) (EventID: 1000) (User: MLG420) Description: Nazwa aplikacji powodującej błąd: AcerRegistrationBackGroundTask.exe, wersja: 1.0.0.0, sygnatura czasowa: 0x64375ffb Nazwa modułu powodującego błąd: KERNELBASE.dll, wersja: 10.0.22621.4317, sygnatura czasowa: 0x9b6f2fe8 Kod wyjątku: 0xc0020001 Przesunięcie błędu: 0x0014b282 Identyfikator procesu powodującego błąd: 0x0x4220 Godzina uruchomienia aplikacji powodującej błąd: 0x0x1db27f7f1b49e3c Ścieżka aplikacji powodującej błąd: C:\Program Files\WindowsApps\AcerIncorporated.AcerRegistration_2.0.3044.0_x64__48frkmn4z8aw4\DesktopApp\AcerRegistrationBackGroundTask.exe Ścieżka modułu powodującego błąd: C:\WINDOWS\System32\KERNELBASE.dll Identyfikator raportu: 5c9e1578-9b94-421f-b50e-f29d979f7171 Pełna nazwa pakietu powodującego błąd: AcerIncorporated.AcerRegistration_2.0.3044.0_x64__48frkmn4z8aw4 Identyfikator aplikacji względem pakietu powodującego błąd: Acer.AcerRegistration Error: (10/27/2024 12:39:40 AM) (Source: .NET Runtime) (EventID: 1026) (User: ) Description: Aplikacja: AcerRegistrationBackGroundTask.exe Wersja architektury: v4.0.30319 Opis: proces został przerwany z powodu nieobsłużonego wyjątku. Informacje o wyjątku: kod wyjątku: c0020001, adres wyjątku: 756EB282 Stos: w MS.Win32.UnsafeNativeMethods.CallWindowProc(IntPtr, IntPtr, Int32, IntPtr, IntPtr) w MS.Win32.HwndSubclass.SubclassWndProc(IntPtr, Int32, IntPtr, IntPtr) w System.Environment._Exit(Int32) w System.Environment.Exit(Int32) w AcerRegistrationBackGroundTask.MainWindow+d__24.MoveNext() w System.Runtime.CompilerServices.AsyncVoidMethodBuilder.Start[[AcerRegistrationBackGroundTask.MainWindow+d__24, AcerRegistrationBackGroundTask, Version=1.0.0.0, Culture=neutral, PublicKeyToken=null]](d__24 ByRef) w AcerRegistrationBackGroundTask.MainWindow.closeBackGroundTask() w AcerRegistrationBackGroundTask.MainWindow.Window_Loaded(System.Object, System.Windows.RoutedEventArgs) w System.Windows.RoutedEventHandlerInfo.InvokeHandler(System.Object, System.Windows.RoutedEventArgs) w System.Windows.EventRoute.InvokeHandlersImpl(System.Object, System.Windows.RoutedEventArgs, Boolean) w System.Windows.UIElement.RaiseEventImpl(System.Windows.DependencyObject, System.Windows.RoutedEventArgs) w System.Windows.UIElement.RaiseEvent(System.Windows.RoutedEventArgs) w System.Windows.BroadcastEventHelper.BroadcastEvent(System.Windows.DependencyObject, System.Windows.RoutedEvent) w System.Windows.BroadcastEventHelper.BroadcastLoadedEvent(System.Object) w MS.Internal.LoadedOrUnloadedOperation.DoWork() w System.Windows.Media.MediaContext.FireLoadedPendingCallbacks() w System.Windows.Media.MediaContext.FireInvokeOnRenderCallbacks() w System.Windows.Media.MediaContext.RenderMessageHandlerCore(System.Object) w System.Windows.Media.MediaContext.RenderMessageHandler(System.Object) w System.Windows.Media.MediaContext.Resize(System.Windows.Media.ICompositionTarget) w System.Windows.Interop.HwndTarget.OnResize() w System.Windows.Interop.HwndTarget.HandleMessage(MS.Internal.Interop.WindowMessage, IntPtr, IntPtr) w System.Windows.Interop.HwndSource.HwndTargetFilterMessage(IntPtr, Int32, IntPtr, IntPtr, Boolean ByRef) w MS.Win32.HwndWrapper.WndProc(IntPtr, Int32, IntPtr, IntPtr, Boolean ByRef) w MS.Win32.HwndSubclass.DispatcherCallbackOperation(System.Object) w System.Windows.Threading.ExceptionWrapper.InternalRealCall(System.Delegate, System.Object, Int32) w System.Windows.Threading.ExceptionWrapper.TryCatchWhen(System.Object, System.Delegate, System.Object, Int32, System.Delegate) w System.Windows.Threading.Dispatcher.LegacyInvokeImpl(System.Windows.Threading.DispatcherPriority, System.TimeSpan, System.Delegate, System.Object, Int32) w MS.Win32.HwndSubclass.SubclassWndProc(IntPtr, Int32, IntPtr, IntPtr) w MS.Win32.UnsafeNativeMethods.ShowWindow(System.Runtime.InteropServices.HandleRef, Int32) w System.Windows.Window.ShowHelper(System.Object) w System.Windows.Window.Show() w System.Windows.Application+<>c.b__105_0(System.Object) w System.Windows.Threading.ExceptionWrapper.InternalRealCall(System.Delegate, System.Object, Int32) w System.Windows.Threading.ExceptionWrapper.TryCatchWhen(System.Object, System.Delegate, System.Object, Int32, System.Delegate) w System.Windows.Threading.DispatcherOperation.InvokeImpl() w System.Windows.Threading.DispatcherOperation.InvokeInSecurityContext(System.Object) w MS.Internal.CulturePreservingExecutionContext.CallbackWrapper(System.Object) w System.Threading.ExecutionContext.RunInternal(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean) w System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean) w System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object) w MS.Internal.CulturePreservingExecutionContext.Run(MS.Internal.CulturePreservingExecutionContext, System.Threading.ContextCallback, System.Object) w System.Windows.Threading.DispatcherOperation.Invoke() w System.Windows.Threading.Dispatcher.ProcessQueue() w System.Windows.Threading.Dispatcher.WndProcHook(IntPtr, Int32, IntPtr, IntPtr, Boolean ByRef) w MS.Win32.HwndWrapper.WndProc(IntPtr, Int32, IntPtr, IntPtr, Boolean ByRef) w MS.Win32.HwndSubclass.DispatcherCallbackOperation(System.Object) w System.Windows.Threading.ExceptionWrapper.InternalRealCall(System.Delegate, System.Object, Int32) w System.Windows.Threading.ExceptionWrapper.TryCatchWhen(System.Object, System.Delegate, System.Object, Int32, System.Delegate) w System.Windows.Threading.Dispatcher.LegacyInvokeImpl(System.Windows.Threading.DispatcherPriority, System.TimeSpan, System.Delegate, System.Object, Int32) w MS.Win32.HwndSubclass.SubclassWndProc(IntPtr, Int32, IntPtr, IntPtr) w MS.Win32.UnsafeNativeMethods.DispatchMessage(System.Windows.Interop.MSG ByRef) w System.Windows.Threading.Dispatcher.PushFrameImpl(System.Windows.Threading.DispatcherFrame) w System.Windows.Threading.Dispatcher.PushFrame(System.Windows.Threading.DispatcherFrame) w System.Windows.Application.RunDispatcher(System.Object) w System.Windows.Application.RunInternal(System.Windows.Window) w System.Windows.Application.Run(System.Windows.Window) w AcerRegistrationBackGroundTask.Startup.Main(System.String[]) Error: (10/23/2024 05:38:24 PM) (Source: Microsoft Security Client) (EventID: 3002) (User: ) Description: Event-ID 3002 Error: (10/23/2024 05:38:24 PM) (Source: Microsoft Security Client) (EventID: 2002) (User: ) Description: Event-ID 2002 Dziennik System: ============= Error: (10/27/2024 12:46:00 AM) (Source: DCOM) (EventID: 10010) (User: MLG420) Description: Serwer {69B7FE84-6361-4423-B948-1D64820B1E96} nie zarejestrował się w modelu DCOM w wymaganym czasie. Error: (10/26/2024 11:55:34 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Nie można uruchomić usługi mbamchameleon z powodu następującego błędu: Nie można odnaleźć określonego pliku. Error: (10/26/2024 11:55:34 PM) (Source: EventLog) (EventID: 6008) (User: ) Description: Poprzednie zamknięcie systemu przy 21:05:32 na ‎23.‎10.‎2024 było nieoczekiwane. Error: (10/26/2024 11:55:08 PM) (Source: Microsoft-Windows-Kernel-Boot) (EventID: 29) (User: ZARZĄDZANIE NT) Description: 3221225684Wystąpił błąd krytyczny podczas przetwarzania danych przywracania. Error: (10/23/2024 07:05:23 PM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: Usługa Dostęp do danych użytkownika_125550 niespodziewanie zakończyła pracę. Wystąpiło to razy: 1. W przeciągu 10000 milisekund zostanie podjęta następująca czynność korekcyjna: Uruchom usługę ponownie. Error: (10/23/2024 07:05:23 PM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: Usługa Magazyn danych użytkownika_125550 niespodziewanie zakończyła pracę. Wystąpiło to razy: 1. W przeciągu 10000 milisekund zostanie podjęta następująca czynność korekcyjna: Uruchom usługę ponownie. Error: (10/23/2024 07:05:23 PM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: Usługa Dane kontaktowe_125550 niespodziewanie zakończyła pracę. Wystąpiło to razy: 1. W przeciągu 10000 milisekund zostanie podjęta następująca czynność korekcyjna: Uruchom usługę ponownie. Error: (10/23/2024 07:05:23 PM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: Usługa Synchronizuj hosta_125550 niespodziewanie zakończyła pracę. Wystąpiło to razy: 1. W przeciągu 10000 milisekund zostanie podjęta następująca czynność korekcyjna: Uruchom usługę ponownie. Windows Defender: ================ Date: 2024-09-21 19:41:18 Description: Skanowanie produktu Program antywirusowy Microsoft Defender zostało zatrzymane przed ukończeniem. Identyfikator skanowania: {4E8B0E8C-30BD-4694-8069-C505DFF3DE5C} Typ skanowania: Narzędzia chroniące przed złośliwym oprogramowaniem Parametry skanowania: Szybkie skanowanie Użytkownik: ZARZĄDZANIE NT\SYSTEM Date: 2024-09-20 00:59:40 Description: Funkcja Kontrolowany dostęp do folderu zablokowała aplikacji C:\Program Files\Rockstar Games\Social Club\SocialClubHelper.exe możliwość zmodyfikowania folderu %userprofile%\Documents. Godzina wykrycia: 2024-09-19T22:59:40.814Z Użytkownik: MLG420\malag Ścieżka: %userprofile%\Documents Nazwa procesu: C:\Program Files\Rockstar Games\Social Club\SocialClubHelper.exe Wersja analizy zabezpieczeń: 1.419.65.0 Wersja aparatu: 1.1.24080.9 Wersja produktu: 4.18.24080.9 Date: 2024-09-20 00:59:40 Description: Funkcja Kontrolowany dostęp do folderu zablokowała aplikacji C:\Program Files\Rockstar Games\Social Club\SocialClubHelper.exe możliwość zmodyfikowania folderu %userprofile%\Documents. Godzina wykrycia: 2024-09-19T22:59:40.814Z Użytkownik: MLG420\malag Ścieżka: %userprofile%\Documents Nazwa procesu: C:\Program Files\Rockstar Games\Social Club\SocialClubHelper.exe Wersja analizy zabezpieczeń: 1.419.65.0 Wersja aparatu: 1.1.24080.9 Wersja produktu: 4.18.24080.9 Date: 2024-09-20 00:59:34 Description: Funkcja Kontrolowany dostęp do folderu zablokowała aplikacji C:\Program Files\Rockstar Games\Social Club\SocialClubHelper.exe możliwość zmodyfikowania folderu %userprofile%\Documents. Godzina wykrycia: 2024-09-19T22:59:34.908Z Użytkownik: MLG420\malag Ścieżka: %userprofile%\Documents Nazwa procesu: C:\Program Files\Rockstar Games\Social Club\SocialClubHelper.exe Wersja analizy zabezpieczeń: 1.419.65.0 Wersja aparatu: 1.1.24080.9 Wersja produktu: 4.18.24080.9 Date: 2024-09-20 00:59:34 Description: Funkcja Kontrolowany dostęp do folderu zablokowała aplikacji C:\Program Files\Rockstar Games\Social Club\SocialClubHelper.exe możliwość zmodyfikowania folderu %userprofile%\Documents. Godzina wykrycia: 2024-09-19T22:59:34.868Z Użytkownik: MLG420\malag Ścieżka: %userprofile%\Documents Nazwa procesu: C:\Program Files\Rockstar Games\Social Club\SocialClubHelper.exe Wersja analizy zabezpieczeń: 1.419.65.0 Wersja aparatu: 1.1.24080.9 Wersja produktu: 4.18.24080.9 Event[0] Date: 2024-10-04 21:55:36 Description: Produkt Program antywirusowy Microsoft Defender napotkał błąd podczas próby aktualizacji analizy zabezpieczeń. Nowa wersja analizy zabezpieczeń: Poprzednia wersja analizy zabezpieczeń: 1.419.209.0 Źródło aktualizacji: Serwer usługi Microsoft Update Typ analizy zabezpieczeń: Oprogramowanie antywirusowe Typ aktualizacji: Pełne Użytkownik: ZARZĄDZANIE NT\SYSTEM Bieżąca wersja aparatu: Poprzednia wersja aparatu: 1.1.24080.9 Kod błędu: 0x8007045b Opis błędu: Trwa proces zamykania systemu. Date: 2024-09-28 13:43:00 Description: Produkt Program antywirusowy Microsoft Defender napotkał błąd podczas próby aktualizacji analizy zabezpieczeń i podejmie próbę powrotu do poprzedniej wersji. Analiza zabezpieczeń objęta próbą: Kopia zapasowa Kod błędu: 0x80004004 Opis błędu: Operacja przerwana. Wersja analizy zabezpieczeń: 1.419.209.0;1.419.209.0 Wersja aparatu: 1.1.24080.9 Date: 2024-09-28 13:43:00 Description: Produkt Program antywirusowy Microsoft Defender napotkał błąd podczas próby aktualizacji analizy zabezpieczeń i podejmie próbę powrotu do poprzedniej wersji. Analiza zabezpieczeń objęta próbą: Bieżące Kod błędu: 0x80501102 Opis błędu: Wystąpił nieoczekiwany problem. Zainstaluj dostępne aktualizacje, a następnie spróbuj ponownie uruchomić program. Aby uzyskać informacje na temat instalowania aktualizacji, zobacz Pomoc i obsługę techniczną. Wersja analizy zabezpieczeń: 1.419.242.0;1.419.242.0 Wersja aparatu: 1.1.24080.9 Date: 2024-09-04 18:22:19 Description: Produkt Program antywirusowy Microsoft Defender napotkał błąd podczas próby aktualizacji analizy zabezpieczeń i podejmie próbę powrotu do poprzedniej wersji. Analiza zabezpieczeń objęta próbą: Kopia zapasowa Kod błędu: 0x80070008 Opis błędu: Za mało zasobów pamięci, aby można było przetworzyć to polecenie. Wersja analizy zabezpieczeń: 1.417.317.0;1.417.317.0 Wersja aparatu: 1.1.24070.3 Date: 2024-09-04 18:22:19 Description: Produkt Program antywirusowy Microsoft Defender napotkał błąd podczas próby aktualizacji analizy zabezpieczeń i podejmie próbę powrotu do poprzedniej wersji. Analiza zabezpieczeń objęta próbą: Bieżące Kod błędu: 0x80501102 Opis błędu: Wystąpił nieoczekiwany problem. Zainstaluj dostępne aktualizacje, a następnie spróbuj ponownie uruchomić program. Aby uzyskać informacje na temat instalowania aktualizacji, zobacz Pomoc i obsługę techniczną. Wersja analizy zabezpieczeń: 1.417.483.0;1.417.483.0 Wersja aparatu: 1.1.24070.3 CodeIntegrity: =============== Date: 2024-10-27 00:58:25 Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Program Files\ESET\ESET Security\eamsi.dll that did not meet the Windows signing level requirements. Date: 2024-10-27 00:57:36 Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\SecurityHealthService.exe) attempted to load \Device\HarddiskVolume3\Program Files\ESET\ESET Security\eamsi.dll that did not meet the Windows signing level requirements. Date: 2024-10-27 00:53:59 Description: The driver \Device\HarddiskVolume3\Users\malag\AppData\Local\Temp\pwloypod.sys is blocked from loading as the driver has been revoked by Microsoft. Date: 2024-10-27 00:52:51 Description: Code Integrity determined that a process (System) attempted to load \Device\HarddiskVolume3\Users\malag\AppData\Local\Temp\aswMBR.sys that did not meet the Authenticode signing level requirements or violated code integrity policy (Policy ID:{d2bda982-ccf6-4344-ac5b-0b44427b6816}). Date: 2024-10-27 00:52:51 Description: The driver \Device\HarddiskVolume3\Users\malag\AppData\Local\Temp\aswMBR.sys is blocked from loading as the driver has been revoked by Microsoft. ==================== Statystyki pamięci =========================== BIOS: INSYDE Corp. V1.16 03/25/2024 Płyta główna: RPL Compass_RTX Procesor: 13th Gen Intel(R) Core(TM) i9-13900HX Procent pamięci w użyciu: 54% Całkowita pamięć fizyczna: 16103.87 MB Dostępna pamięć fizyczna: 7318.56 MB Całkowita pamięć wirtualna: 30439.87 MB Dostępna pamięć wirtualna: 17586.94 MB ==================== Dyski ================================ Drive c: (Acer) (Fixed) (Total:952.59 GB) (Free:133.53 GB) (Model: NVMe WD PC SN810 SDCQNRY-1T00-1014) NTFS \\?\Volume{71e038ed-c314-496b-9508-22a8847becdc}\ (Recovery) (Fixed) (Total:1 GB) (Free:0.31 GB) NTFS \\?\Volume{d359e5f0-2d74-4626-af29-13a77c48a13f}\ (ESP) (Fixed) (Total:0.25 GB) (Free:0.19 GB) FAT32 ==================== MBR & Tablica partycji ==================== ==================== Koniec Addition.txt =======================