Rezultaty skanu uzupełniającego Farbar Recovery Scan Tool (x64) Wersja: 27-02-2025 Uruchomiony przez HARD PC (01-03-2025 16:42:03) Uruchomiony z C:\Users\HARD PC\Downloads Microsoft Windows 10 Home Wersja 22H2 19045.5487 (X64) (2024-04-08 11:46:26) Tryb startu: Normal ========================================================== ==================== Konta użytkowników: ============================= (Załączenie wejścia w fixlist spowoduje jego usunięcie.) Administrator (S-1-5-21-1478582838-2299231908-4051822859-500 - Administrator - Disabled) Gość (S-1-5-21-1478582838-2299231908-4051822859-501 - Limited - Disabled) HARD PC (S-1-5-21-1478582838-2299231908-4051822859-1001 - Administrator - Enabled) => C:\Users\HARD PC Konto domyślne (S-1-5-21-1478582838-2299231908-4051822859-503 - Limited - Disabled) WDAGUtilityAccount (S-1-5-21-1478582838-2299231908-4051822859-504 - Limited - Disabled) ==================== Centrum zabezpieczeń ======================== (Załączenie wejścia w fixlist spowoduje jego usunięcie.) AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} ==================== Zainstalowane programy ====================== (W fixlist dozwolone tylko załączanie programów adware z flagą "Hidden" w celu ich uwidocznienia. Programy adware powinny zostać w poprawny sposób odinstalowane.) µTorrent (HKU\S-1-5-21-1478582838-2299231908-4051822859-1001\...\uTorrent) (Version: 3.6.0.47084 - BitTorrent Limited) Adobe Acrobat (64-bit) (HKLM\...\{AC76BA86-1033-FFFF-7760-BC15014EA700}) (Version: 24.005.20399 - Adobe) Adobe Refresh Manager (HKLM-x32\...\{AC76BA86-0804-1033-1959-018244601108}) (Version: 1.8.0 - Adobe Systems Incorporated) Hidden Age of Mythology Retold - Premium Edition version 22.38.0 (HKLM-x32\...\Age of Mythology Retold - Premium Edition_is1) (Version: 22.38.0 - SkyBox Labs) AIMP (HKLM-x32\...\AIMP) (Version: 5.30.2541 - Artem Izmaylov) AMD Chipset Software (HKLM-x32\...\AMD_Chipset_IODrivers) (Version: 6.01.25.342 - Advanced Micro Devices, Inc.) AMD GPIO2 Driver (HKLM-x32\...\{E9DD399F-21A3-479E-A7DF-D6CF4B2ADBF3}) (Version: 2.2.0.130 - Advanced Micro Devices, Inc.) Hidden AMD PCI Driver (HKLM-x32\...\{80EC3CEE-2940-42A1-A776-B5D810D39F1E}) (Version: 1.0.0.90 - Advanced Micro Devices, Inc.) Hidden AMD Privacy View (HKLM\...\{D8E24EA6-807B-48D0-86D6-A9C5E74B8F2C}) (Version: 1.02.0001 - Eyeware Tech SA) AMD PSP Driver (HKLM-x32\...\{988F14B8-79A8-475D-BAC7-83F96AD3D821}) (Version: 5.26.0.0 - Advanced Micro Devices, Inc.) Hidden AMD Ryzen Balanced Driver (HKLM-x32\...\{A171D320-C42C-4F3B-A2D8-C6A09F6788CC}) (Version: 8.0.0.13 - Advanced Micro Devices, Inc.) Hidden AMD SBxxx SMBus Driver (HKLM-x32\...\{AAE0E27D-C88A-49BA-8715-77ADCD4286A3}) (Version: 5.12.0.38 - Advanced Micro Devices, Inc.) Hidden AMD Software (HKLM\...\AMD Catalyst Install Manager) (Version: 24.12.1 - Advanced Micro Devices, Inc.) AMD_Chipset_Drivers (HKLM-x32\...\{42e5a8d4-8fb0-48a1-9063-fc159c7566a0}) (Version: 6.01.25.342 - Advanced Micro Devices, Inc.) Hidden Aplikacje Microsoft 365 dla przedsiębiorstw - pl-pl (HKLM\...\O365ProPlusRetail - pl-pl) (Version: 16.0.18429.20132 - Microsoft Corporation) Badanie mające na celu poprawę produktów HP Deskjet 2540 series (HKLM\...\{6F4555FC-37BF-469C-8797-29E4A6199F8F}) (Version: 32.4.118.94128 - Hewlett-Packard Co.) Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment) Battlefield V Deluxe Edition MULTi14 - ElAmigos wersja 1.0 (HKLM-x32\...\{29C126D1-3FF1-4189-9A45-4EDBC19C22FA}_is1) (Version: 1.0 - EA Games) BitTorrent (HKU\S-1-5-21-1478582838-2299231908-4051822859-1001\...\BitTorrent) (Version: 7.11.0.47177 - BitTorrent Limited) BitTorrent Web (HKU\S-1-5-21-1478582838-2299231908-4051822859-1001\...\btweb) (Version: 1.4.0 - BitTorrent Limited) Brave (HKLM-x32\...\BraveSoftware Brave-Browser) (Version: 133.1.75.181 - Autorzy Brave) Cheat Engine 7.5 (HKLM\...\Cheat Engine_is1) (Version: - Cheat Engine) DAEMON Tools Lite (HKLM\...\DAEMON Tools Lite) (Version: 12.1.0.2197 - Disc Soft Ltd) Diablo IV (HKLM-x32\...\Diablo IV) (Version: - Blizzard Entertainment) Epic Games Launcher (HKLM-x32\...\{A662430E-6319-4082-8D9F-ABC0359B892A}) (Version: 1.3.93.0 - Epic Games, Inc.) Epic Games Launcher Prerequisites (x64) (HKLM\...\{F9C5C994-F6B9-4D75-B3E7-AD01B84073E9}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden Epic Online Services (HKLM-x32\...\{57A956AB-4BCC-45C6-9B40-957E4E125568}) (Version: 2.0.44.0 - Epic Games, Inc.) FMRTE 24.4.1-build37 (HKLM-x32\...\{9A6821E6-DE96-4FC6-899A-F84CEDC1AFBD}_is1) (Version: 24.4.1-build37 - FMRTE) Geeks3D FurMark 1.37.2.0 (HKLM-x32\...\{2397CAD4-2263-4CD0-96BE-E43A980B9C9A}_is1) (Version: 1.37.2.0 - Geeks3D) Google Chrome (HKLM-x32\...\Google Chrome) (Version: 133.0.6943.142 - Google LLC) Heroes III Armageddon's Blade (HKLM-x32\...\Heroes III Armageddon's Blade) (Version: - ) Heroes III The Restoration of Erathia (HKLM-x32\...\Heroes III The Restoration of Erathia) (Version: - ) Heroes III The Shadow of Death (HKLM-x32\...\Heroes III The Shadow of Death) (Version: - ) HP Deskjet 2540 series — podstawowe oprogramowanie urządzenia (HKLM\...\{B9FF9D98-71EE-4D7F-B8C9-484AEC4E0A0E}) (Version: 32.4.118.94128 - Hewlett-Packard Co.) HP Deskjet 2540 series Pomoc (HKLM-x32\...\{387813C9-5DFE-453E-95AE-142F2C6E929E}) (Version: 30.0.0 - Hewlett Packard) HP Update (HKLM-x32\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard) IObit Driver Booster 12.2.0.542 (HKLM-x32\...\IObit Driver Booster_is1) (Version: 12.2.0.542 - LRP) IObit Malware Fighter 12 (HKLM-x32\...\IObit Malware Fighter_is1) (Version: 12.2.0.1495 - IObit) Launcher Prerequisites (x64) (HKLM-x32\...\{43a03b9c-4770-409c-a999-587b60700b63}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden League of Legends (HKU\S-1-5-21-1478582838-2299231908-4051822859-1001\...\Riot Game league_of_legends.live) (Version: - Riot Games, Inc) LibreOffice 24.2.2.2 (HKLM\...\{6A2ACEC0-5875-4F4E-A2C8-F4479E3A7229}) (Version: 24.2.2.2 - The Document Foundation) Malware Hunter 1.177.0.797 (HKLM-x32\...\Malware Hunter) (Version: 1.177.0.797 - Glarysoft Ltd) Mi PC Suite (HKU\S-1-5-21-1478582838-2299231908-4051822859-1001\...\MiPhoneManager) (Version: - Xiaomi Inc.) Microsoft .NET Host - 6.0.26 (x64) (HKLM\...\{87EBA554-A002-4EF4-A612-4FFD06092B5B}) (Version: 48.104.7000 - Microsoft Corporation) Hidden Microsoft .NET Host FX Resolver - 6.0.26 (x64) (HKLM\...\{D81A418F-966D-4069-B3E8-5EE4843CA862}) (Version: 48.104.7000 - Microsoft Corporation) Hidden Microsoft .NET Runtime - 6.0.26 (x64) (HKLM\...\{1A02C1B1-05BB-49F7-9DFF-99A66C6877FC}) (Version: 48.104.7000 - Microsoft Corporation) Hidden Microsoft OneDrive (HKLM\...\OneDriveSetup.exe) (Version: 24.244.1204.0003 - Microsoft Corporation) Microsoft Update Health Tools (HKLM\...\{1FC1A6C2-576E-489A-9B4A-92D21F542136}) (Version: 3.74.0.0 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.61030 (HKLM\...\{37B8F9C7-03FB-3253-8781-2517C99D7C00}) (Version: 11.0.61030 - Microsoft Corporation) Hidden Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.61030 (HKLM\...\{CF2BEA3C-26EA-32F8-AA9B-331F7E34BA97}) (Version: 11.0.61030 - Microsoft Corporation) Hidden Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61030 (HKLM-x32\...\{B175520C-86A2-35A7-8619-86DC379688B9}) (Version: 11.0.61030 - Microsoft Corporation) Hidden Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61030 (HKLM-x32\...\{BD95A8CD-1D9F-35AD-981A-3E7925026EBB}) (Version: 11.0.61030 - Microsoft Corporation) Hidden Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40664 (HKLM-x32\...\{042d26ef-3dbe-4c25-95d3-4c1b11b235a7}) (Version: 12.0.40664.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.40664 (HKLM-x32\...\{9dff3540-fc85-4ed5-ac84-9e3c7fd8bece}) (Version: 12.0.40664.0 - Microsoft Corporation) Microsoft Visual C++ 2013 x64 Additional Runtime - 12.0.40664 (HKLM\...\{010792BA-551A-3AC0-A7EF-0FAB4156C382}) (Version: 12.0.40664 - Microsoft Corporation) Hidden Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.40664 (HKLM\...\{53CF6934-A98D-3D84-9146-FC4EDF3D5641}) (Version: 12.0.40664 - Microsoft Corporation) Hidden Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.40664 (HKLM-x32\...\{D401961D-3A20-3AC7-943B-6139D5BD490A}) (Version: 12.0.40664 - Microsoft Corporation) Hidden Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.40664 (HKLM-x32\...\{8122DAB1-ED4D-3676-BB0A-CA368196543E}) (Version: 12.0.40664 - Microsoft Corporation) Hidden Microsoft Visual C++ 2015-2019 Redistributable (x86) - 14.28.29334 (HKLM-x32\...\{b2d0f752-adc5-496e-8f70-8669de01f746}) (Version: 14.28.29334.0 - Microsoft Corporation) Microsoft Visual C++ 2015-2022 Redistributable (x64) - 14.40.33810 (HKLM-x32\...\{5af95fd8-a22e-458f-acee-c61bd787178e}) (Version: 14.40.33810.0 - Microsoft Corporation) Microsoft Visual C++ 2019 X86 Additional Runtime - 14.28.29334 (HKLM-x32\...\{14C49FC8-3E9B-4F29-8526-26629B5CF30B}) (Version: 14.28.29334 - Microsoft Corporation) Hidden Microsoft Visual C++ 2019 X86 Minimum Runtime - 14.28.29334 (HKLM-x32\...\{0D01A812-82A1-481F-8546-8E28E976F8DF}) (Version: 14.28.29334 - Microsoft Corporation) Hidden Microsoft Visual C++ 2022 X64 Additional Runtime - 14.40.33810 (HKLM\...\{59CED48F-EBFE-480C-8A38-FC079C2BEC0F}) (Version: 14.40.33810 - Microsoft Corporation) Hidden Microsoft Visual C++ 2022 X64 Minimum Runtime - 14.40.33810 (HKLM\...\{B8B3BB4A-A10D-4F51-91B7-A64FFAC31EA7}) (Version: 14.40.33810 - Microsoft Corporation) Hidden Microsoft Windows Desktop Runtime - 6.0.26 (x64) (HKLM\...\{1F0EB53C-BE30-436A-BC54-FA364227A870}) (Version: 48.104.6996 - Microsoft Corporation) Hidden Microsoft Windows Desktop Runtime - 6.0.26 (x64) (HKLM-x32\...\{b2476903-b8da-4dcc-903f-378730bb4c48}) (Version: 6.0.26.33205 - Microsoft Corporation) Microsoft XNA Framework Redistributable 4.0 Refresh (HKLM-x32\...\{D69C8EDE-BBC5-436B-8E0E-C5A6D311CF4F}) (Version: 4.0.30901.0 - Microsoft Corporation) NewGAN-Manager (HKLM\...\{807B8BE7-218E-4C17-AC3C-64DED8A3D5ED}) (Version: 1.4.0 - Maradonna (gestalt)) Norton 360 (HKLM-x32\...\NGC) (Version: 22.22.4.13 - NortonLifeLock Inc) NVIDIA PhysX (HKLM-x32\...\{B455E95A-B804-439F-B533-336B1635AE97}) (Version: 9.14.0702 - NVIDIA Corporation) Office 16 Click-to-Run Extensibility Component (HKLM\...\{90160000-008C-0000-1000-0000000FF1CE}) (Version: 16.0.18429.20044 - Microsoft Corporation) Hidden Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-007E-0000-1000-0000000FF1CE}) (Version: 16.0.18429.20132 - Microsoft Corporation) Hidden Office 16 Click-to-Run Localization Component (HKLM\...\{90160000-008C-0415-1000-0000000FF1CE}) (Version: 16.0.18429.20044 - Microsoft Corporation) Hidden OpenAL (HKLM-x32\...\OpenAL) (Version: - ) Promontory_GPIO Driver (HKLM-x32\...\{B5512BCC-F4CD-4159-86A4-B2AD7D38FFA9}) (Version: 3.0.0.0 - Advanced Micro Devices, Inc.) Hidden Ready or Not MULTi11 - ElAmigos wersja 56549 (HKLM-x32\...\{7764D045-2A5C-4410-8C1B-3FBC2D6F0F7C}_is1) (Version: 56549 - VOID Interactive) Realtek Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.9038.1 - Realtek Semiconductor Corp.) Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 10.42.526.2020 - Realtek) REDlauncher (HKU\S-1-5-21-1478582838-2299231908-4051822859-1001\...\{7258BA11-600C-430E-A759-27E2C691A335}-REDlauncher_is1) (Version: - CD Projekt RED) Riot Client (HKU\S-1-5-21-1478582838-2299231908-4051822859-1001\...\Riot Game Riot_Client.) (Version: - Riot Games, Inc) Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation) Środowisko uruchomieniowe Microsoft Edge WebView2 (HKLM-x32\...\Microsoft EdgeWebView) (Version: 133.0.3065.92 - Microsoft Corporation) Hidden Tibia (HKU\S-1-5-21-1478582838-2299231908-4051822859-1001\...\Tibia) (Version: - CipSoft GmbH) Update for x64-based Windows Systems (KB5001716) (HKLM\...\{DA80A019-4C3B-4DAA-ACA1-6937D7CAAF9E}) (Version: 8.94.0.0 - Microsoft Corporation) VLC media player (HKLM\...\VLC media player) (Version: 3.0.20 - VideoLAN) Vortex (HKLM\...\57979c68-f490-55b8-8fed-8b017a5af2fe) (Version: 1.12.6 - Black Tree Gaming Ltd.) Wargaming.net Game Center (HKU\S-1-5-21-1478582838-2299231908-4051822859-1001\...\Wargaming.net Game Center) (Version: 24.5.0.6852 - Wargaming.net) Windows Manager (HKLM\...\{6EE1B1D9-ED6A-468F-B9FB-26D7A4D431C9}) (Version: 2.1.1 - Yamicsoft) Hidden <==== UWAGA Windows Manager (HKU\S-1-5-21-1478582838-2299231908-4051822859-1001\...\Windows Manager 2.1.1) (Version: 2.1.1 - Yamicsoft) <==== UWAGA WinRAR 7.00 (64-bitowy) (HKLM\...\WinRAR archiver) (Version: 7.00.0 - win.rar GmbH) World of Tanks EU (HKU\S-1-5-21-1478582838-2299231908-4051822859-1001\...\2314027414) (Version: - Wargaming.net) Packages: ========= Chivalry 2 -> C:\Program Files\WindowsApps\TripwireInteractiveLLC.Chivalry2_1.0.46.0_x64__237dqjpew1r3m [2024-07-31] (Tripwire Interactive LLC) Football Manager 2024 -> C:\Program Files\WindowsApps\SportsInteractive.FootballManager2024_0.9.445.0_x64__5w3tn6tb6stnm [2024-05-15] (Sports Interactive) Realtek Audio Control -> C:\Program Files\WindowsApps\RealtekSemiconductorCorp.RealtekAudioControl_1.1.137.0_x64__dt26b99r8h8gj [2024-04-09] (Realtek Semiconductor Corp) Spotify – muzyka i podcasty -> C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.257.463.0_x64__zpdnekdrzrea0 [2025-02-13] (Spotify AB) [Startup Task] ==================== Niestandardowe rejestracje CLSID (filtrowane): ============== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) CustomCLSID: HKU\S-1-5-21-1478582838-2299231908-4051822859-1001_Classes\CLSID\{38142727-3008-9161-1521-349515000000}\localserver32 -> C:\Program Files\Adobe\Acrobat DC\Acrobat\ADNotificationManager.exe (Adobe Inc. -> Adobe) SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\Windows\system32\wpdshserviceobj.dll (Microsoft Windows -> Microsoft Corporation) ShellIconOverlayIdentifiers: [ IMFSafeBox] -> {0BB81440-5F42-4480-A5F7-770A6F439FC8} => C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFShellExt.dll [2024-09-25] (IObit Information Technology -> IObit) ShellIconOverlayIdentifiers: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Program Files\Microsoft OneDrive\24.244.1204.0003\FileSyncShell64.dll [2025-01-21] (Microsoft Corporation -> Microsoft Corporation) ShellIconOverlayIdentifiers: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => C:\Program Files\Microsoft OneDrive\24.244.1204.0003\FileSyncShell64.dll [2025-01-21] (Microsoft Corporation -> Microsoft Corporation) ShellIconOverlayIdentifiers: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => C:\Program Files\Microsoft OneDrive\24.244.1204.0003\FileSyncShell64.dll [2025-01-21] (Microsoft Corporation -> Microsoft Corporation) ShellIconOverlayIdentifiers: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Program Files\Microsoft OneDrive\24.244.1204.0003\FileSyncShell64.dll [2025-01-21] (Microsoft Corporation -> Microsoft Corporation) ShellIconOverlayIdentifiers: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Program Files\Microsoft OneDrive\24.244.1204.0003\FileSyncShell64.dll [2025-01-21] (Microsoft Corporation -> Microsoft Corporation) ShellIconOverlayIdentifiers: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => C:\Program Files\Microsoft OneDrive\24.244.1204.0003\FileSyncShell64.dll [2025-01-21] (Microsoft Corporation -> Microsoft Corporation) ShellIconOverlayIdentifiers: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => C:\Program Files\Microsoft OneDrive\24.244.1204.0003\FileSyncShell64.dll [2025-01-21] (Microsoft Corporation -> Microsoft Corporation) ShellIconOverlayIdentifiers: [ OverlayExcluded] -> {4433A54A-1AC8-432F-90FC-85F045CF383C} => C:\Program Files\Norton Security\Engine\22.22.4.13\buShell.dll [2022-06-16] (NortonLifeLock Inc. -> NortonLifeLock Inc.) ShellIconOverlayIdentifiers: [ OverlayPending] -> {F17C0B1E-EF8E-4AD4-8E1B-7D7E8CB23225} => C:\Program Files\Norton Security\Engine\22.22.4.13\buShell.dll [2022-06-16] (NortonLifeLock Inc. -> NortonLifeLock Inc.) ShellIconOverlayIdentifiers: [ OverlayProtected] -> {476D0EA3-80F9-48B5-B70B-05E677C9C148} => C:\Program Files\Norton Security\Engine\22.22.4.13\buShell.dll [2022-06-16] (NortonLifeLock Inc. -> NortonLifeLock Inc.) ShellIconOverlayIdentifiers-x32: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Program Files\Microsoft OneDrive\24.244.1204.0003\FileSyncShell64.dll [2025-01-21] (Microsoft Corporation -> Microsoft Corporation) ShellIconOverlayIdentifiers-x32: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => C:\Program Files\Microsoft OneDrive\24.244.1204.0003\FileSyncShell64.dll [2025-01-21] (Microsoft Corporation -> Microsoft Corporation) ShellIconOverlayIdentifiers-x32: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => C:\Program Files\Microsoft OneDrive\24.244.1204.0003\FileSyncShell64.dll [2025-01-21] (Microsoft Corporation -> Microsoft Corporation) ShellIconOverlayIdentifiers-x32: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Program Files\Microsoft OneDrive\24.244.1204.0003\FileSyncShell64.dll [2025-01-21] (Microsoft Corporation -> Microsoft Corporation) ShellIconOverlayIdentifiers-x32: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Program Files\Microsoft OneDrive\24.244.1204.0003\FileSyncShell64.dll [2025-01-21] (Microsoft Corporation -> Microsoft Corporation) ShellIconOverlayIdentifiers-x32: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => C:\Program Files\Microsoft OneDrive\24.244.1204.0003\FileSyncShell64.dll [2025-01-21] (Microsoft Corporation -> Microsoft Corporation) ShellIconOverlayIdentifiers-x32: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => C:\Program Files\Microsoft OneDrive\24.244.1204.0003\FileSyncShell64.dll [2025-01-21] (Microsoft Corporation -> Microsoft Corporation) ShellIconOverlayIdentifiers-x32: [ OverlayExcluded] -> {4433A54A-1AC8-432F-90FC-85F045CF383C} => C:\Program Files\Norton Security\Engine\22.22.4.13\buShell.dll [2022-06-16] (NortonLifeLock Inc. -> NortonLifeLock Inc.) ShellIconOverlayIdentifiers-x32: [ OverlayPending] -> {F17C0B1E-EF8E-4AD4-8E1B-7D7E8CB23225} => C:\Program Files\Norton Security\Engine\22.22.4.13\buShell.dll [2022-06-16] (NortonLifeLock Inc. -> NortonLifeLock Inc.) ShellIconOverlayIdentifiers-x32: [ OverlayProtected] -> {476D0EA3-80F9-48B5-B70B-05E677C9C148} => C:\Program Files\Norton Security\Engine\22.22.4.13\buShell.dll [2022-06-16] (NortonLifeLock Inc. -> NortonLifeLock Inc.) ContextMenuHandlers1: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files\Microsoft OneDrive\24.244.1204.0003\FileSyncShell64.dll [2025-01-21] (Microsoft Corporation -> Microsoft Corporation) ContextMenuHandlers1: [Adobe.Acrobat.ContextMenu] -> {A6595CD1-BF77-430A-A452-18696685F7C7} => C:\Program Files\Adobe\Acrobat DC\Acrobat Elements\ContextMenuShim64.dll [2025-01-29] (Adobe Inc. -> Adobe Systems Inc.) ContextMenuHandlers1: [AIMP] -> {1F77B17B-F531-44DB-ACA4-76ABB5010A28} => C:\Program Files (x86)\AIMP\System\aimp_menu64.dll [2024-04-08] (IP Izmaylov Artem Andreevich -> AIMP DevTeam) ContextMenuHandlers1: [BUContextMenu] -> {F7CAA2A1-67A2-44BB-B20F-202FD8EB1DAB} => C:\Program Files\Norton Security\Engine\22.22.4.13\buShell.dll [2022-06-16] (NortonLifeLock Inc. -> NortonLifeLock Inc.) ContextMenuHandlers1: [Glarysoft MalwareHunter] -> {EA847F47-97F1-4D78-AB99-C63CA1C327F0} => C:\Program Files (x86)\Glarysoft\Malware Hunter\x64\MHContextHandlerx64.dll [2023-03-03] (Glarysoft Ltd -> Glarysoft Ltd) ContextMenuHandlers1: [IObit Malware Fighter] -> {0BB81440-5F42-4480-A5F7-770A6F439FC8} => C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFShellExt.dll [2024-09-25] (IObit Information Technology -> IObit) ContextMenuHandlers1: [NortonLifeLock.Norton.Antivirus.IEContextMenu] -> {FAD61B3D-699D-49B2-BE16-7F82CB4C59CA} => -> Brak pliku ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2024-03-14] (win.rar GmbH -> Alexander Roshal) ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2024-03-14] (win.rar GmbH -> Alexander Roshal) ContextMenuHandlers2: [DaemonShellExtDriveLite] -> {C06369D6-E77D-4626-9656-1256312BD576} => C:\Program Files\DAEMON Tools Lite\dtshl64.dll [2024-09-13] (AVB Disc Soft, SIA -> Disc Soft FZE LLC) ContextMenuHandlers2: [Glarysoft MalwareHunter] -> {EA847F47-97F1-4D78-AB99-C63CA1C327F0} => C:\Program Files (x86)\Glarysoft\Malware Hunter\x64\MHContextHandlerx64.dll [2023-03-03] (Glarysoft Ltd -> Glarysoft Ltd) ContextMenuHandlers2: [NortonLifeLock.Norton.Antivirus.IEContextMenu] -> {FAD61B3D-699D-49B2-BE16-7F82CB4C59CA} => -> Brak pliku ContextMenuHandlers3: [DaemonShellExtImageLite] -> {1D1B5D7B-0FC9-452E-902C-12BACD4FBC20} => C:\Program Files\DAEMON Tools Lite\dtshl64.dll [2024-09-13] (AVB Disc Soft, SIA -> Disc Soft FZE LLC) ContextMenuHandlers4: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files\Microsoft OneDrive\24.244.1204.0003\FileSyncShell64.dll [2025-01-21] (Microsoft Corporation -> Microsoft Corporation) ContextMenuHandlers4: [AIMP] -> {1F77B17B-F531-44DB-ACA4-76ABB5010A28} => C:\Program Files (x86)\AIMP\System\aimp_menu64.dll [2024-04-08] (IP Izmaylov Artem Andreevich -> AIMP DevTeam) ContextMenuHandlers4: [IObit Malware Fighter] -> {0BB81440-5F42-4480-A5F7-770A6F439FC8} => C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFShellExt.dll [2024-09-25] (IObit Information Technology -> IObit) ContextMenuHandlers5: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files\Microsoft OneDrive\24.244.1204.0003\FileSyncShell64.dll [2025-01-21] (Microsoft Corporation -> Microsoft Corporation) ContextMenuHandlers5: [ACE] -> {5E2121EE-0300-11D4-8D3B-444553540000} => C:\Program Files\AMD\CNext\CNext\atiacm64.dll [2024-11-27] (Advanced Micro Devices -> Advanced Micro Devices, Inc.) ContextMenuHandlers6: [Adobe.Acrobat.ContextMenu] -> {A6595CD1-BF77-430A-A452-18696685F7C7} => C:\Program Files\Adobe\Acrobat DC\Acrobat Elements\ContextMenuShim64.dll [2025-01-29] (Adobe Inc. -> Adobe Systems Inc.) ContextMenuHandlers6: [BUContextMenu] -> {F7CAA2A1-67A2-44BB-B20F-202FD8EB1DAB} => C:\Program Files\Norton Security\Engine\22.22.4.13\buShell.dll [2022-06-16] (NortonLifeLock Inc. -> NortonLifeLock Inc.) ContextMenuHandlers6: [Glarysoft MalwareHunter] -> {EA847F47-97F1-4D78-AB99-C63CA1C327F0} => C:\Program Files (x86)\Glarysoft\Malware Hunter\x64\MHContextHandlerx64.dll [2023-03-03] (Glarysoft Ltd -> Glarysoft Ltd) ContextMenuHandlers6: [IObit Malware Fighter] -> {0BB81440-5F42-4480-A5F7-770A6F439FC8} => C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFShellExt.dll [2024-09-25] (IObit Information Technology -> IObit) ContextMenuHandlers6: [NortonLifeLock.Norton.Antivirus.IEContextMenu] -> {FAD61B3D-699D-49B2-BE16-7F82CB4C59CA} => -> Brak pliku ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2024-03-14] (win.rar GmbH -> Alexander Roshal) ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2024-03-14] (win.rar GmbH -> Alexander Roshal) ==================== Codecs (filtrowane) ==================== ==================== Skróty & WMI ======================== ==================== Załadowane moduły (filtrowane) ============= 2021-02-01 21:49 - 2021-02-01 21:49 - 000010240 _____ () [Brak podpisu cyfrowego] C:\Program Files\Adobe\Acrobat DC\Acrobat\locale\pl_pl\AcroTray.pol ==================== Alternate Data Streams (filtrowane) ======== ==================== Tryb awaryjny (filtrowane) ================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Wartość "AlternateShell" zostanie przywrócona.) HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\IMFservice => ""="Service" ==================== Powiązania plików (filtrowane) ================= ==================== Internet Explorer (filtrowane) ============= BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\Office16\OCHelper.dll [2024-12-07] (Microsoft Corporation -> Microsoft Corporation) BHO: Brak nazwy -> {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} -> Brak pliku BHO: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2025-01-29] (Adobe Inc. -> Adobe Systems Incorporated) BHO: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2025-01-29] (Adobe Inc. -> Adobe Systems Incorporated) BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2024-12-07] (Microsoft Corporation -> Microsoft Corporation) BHO-x32: Brak nazwy -> {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} -> Brak pliku BHO-x32: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2025-01-29] (Adobe Inc. -> Adobe Systems Incorporated) BHO-x32: IObit Surfing Protection -> {BA0C978D-D909-49B6-AFE2-8BDE245DC7E6} -> C:\Program Files (x86)\IObit\IObit Malware Fighter\Surfing Protection\BrowerProtect\ASCPlugin_Protection.dll [2024-09-25] (IObit CO., LTD -> IObit) BHO-x32: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2025-01-29] (Adobe Inc. -> Adobe Systems Incorporated) Toolbar: HKLM - Brak nazwy - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - Brak pliku Toolbar: HKLM - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2025-01-29] (Adobe Inc. -> Adobe Systems Incorporated) Toolbar: HKLM-x32 - Brak nazwy - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - Brak pliku Toolbar: HKLM-x32 - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2025-01-29] (Adobe Inc. -> Adobe Systems Incorporated) Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2025-02-06] (Microsoft Corporation -> Microsoft Corporation) Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2025-02-06] (Microsoft Corporation -> Microsoft Corporation) Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2025-02-06] (Microsoft Corporation -> Microsoft Corporation) Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2025-02-06] (Microsoft Corporation -> Microsoft Corporation) Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2025-02-06] (Microsoft Corporation -> Microsoft Corporation) Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2025-02-06] (Microsoft Corporation -> Microsoft Corporation) Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2025-02-06] (Microsoft Corporation -> Microsoft Corporation) Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2025-02-06] (Microsoft Corporation -> Microsoft Corporation) (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru.) IE trusted site: HKU\S-1-5-21-1478582838-2299231908-4051822859-1001\...\sharepoint.com -> hxxps://thurse1-files.sharepoint.com ==================== Hosts - zawartość: ========================= (Użycie dyrektywy Hosts: w fixlist spowoduje reset pliku Hosts.) 2019-12-07 10:14 - 2019-12-07 10:12 - 000000824 _____ C:\Windows\system32\drivers\etc\hosts ==================== Inne obszary =========================== (Obecnie brak automatycznej naprawy dla tej sekcji.) HKU\S-1-5-21-1478582838-2299231908-4051822859-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\HARD PC\Downloads\350786-admin.jpg DNS Servers: 1.1.1.1 - 1.0.0.1 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1) Zapora systemu Windows [funkcja włączona] Network Binding: ============= Ethernet: Realtek PCIe GbE Family Controller -> rt640x64.sys ==================== MSCONFIG/TASK MANAGER - Wyłączone elementy == (Załączenie wejścia w fixlist spowoduje jego usunięcie.) HKLM\...\StartupApproved\Run: => "SecurityHealth" HKLM\...\StartupApproved\Run32: => "HP Software Update" HKLM\...\StartupApproved\Run32: => "IObit Malware Fighter" HKU\S-1-5-21-1478582838-2299231908-4051822859-1001\...\StartupApproved\Run: => "OneDrive" HKU\S-1-5-21-1478582838-2299231908-4051822859-1001\...\StartupApproved\Run: => "EpicGamesLauncher" HKU\S-1-5-21-1478582838-2299231908-4051822859-1001\...\StartupApproved\Run: => "RiotClient" HKU\S-1-5-21-1478582838-2299231908-4051822859-1001\...\StartupApproved\Run: => "Steam" HKU\S-1-5-21-1478582838-2299231908-4051822859-1001\...\StartupApproved\Run: => "Wargaming.net Game Center" HKU\S-1-5-21-1478582838-2299231908-4051822859-1001\...\StartupApproved\Run: => "DAEMON Tools Lite Automount" HKU\S-1-5-21-1478582838-2299231908-4051822859-1001\...\StartupApproved\Run: => "MiPhoneManager" ==================== Reguły Zapory systemu Windows (filtrowane) ================ (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) FirewallRules: [{E9631604-8CFA-4AB8-BA75-4D8426235383}] => (Allow) C:\Users\HARD PC\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc -> BitTorrent Limited) FirewallRules: [{BD6C6DF7-7045-4106-8290-6D2C05A5FF38}] => (Allow) C:\Users\HARD PC\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc -> BitTorrent Limited) FirewallRules: [TCP Query User{52774A5E-7920-4EBB-8664-3DCFE45FB673}C:\riot games\riot client\riotclientelectron\riot client.exe] => (Allow) C:\riot games\riot client\riotclientelectron\riot client.exe (Riot Games, Inc. -> Riot Games, Inc.) FirewallRules: [UDP Query User{D3610D61-FC1C-4A17-936A-85D5364A1432}C:\riot games\riot client\riotclientelectron\riot client.exe] => (Allow) C:\riot games\riot client\riotclientelectron\riot client.exe (Riot Games, Inc. -> Riot Games, Inc.) FirewallRules: [{0BCFA343-1F1A-44F5-BA87-3BA963593D3C}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve Corp. -> Valve Corporation) FirewallRules: [{B087F1C7-E3FC-44E3-A562-006F3AFC8CD5}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve Corp. -> Valve Corporation) FirewallRules: [{E37FCF66-C12B-490B-8911-75F70E76FADB}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corp. -> Valve Corporation) FirewallRules: [{FE741E6D-41B1-41A2-8539-3625536DB007}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corp. -> Valve Corporation) FirewallRules: [{CBA24141-9570-4DFB-AF48-89616A269A3C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Mount & Blade II Bannerlord\bin\Win64_Shipping_Client\TaleWorlds.MountAndBlade.Launcher.exe (TaleWorlds Entertainment -> TaleWorlds Entertainment) [Brak podpisu cyfrowego] FirewallRules: [{C4287F2C-F59E-4352-9B94-45A7114E1036}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Mount & Blade II Bannerlord\bin\Win64_Shipping_Client\TaleWorlds.MountAndBlade.Launcher.exe (TaleWorlds Entertainment -> TaleWorlds Entertainment) [Brak podpisu cyfrowego] FirewallRules: [{882771F8-D51D-46B7-928F-52047CB3DBD7}] => (Allow) C:\Users\HARD PC\AppData\Roaming\BitTorrent Web\btweb.exe (BitTorrent Inc -> BitTorrent Limited) FirewallRules: [{A054FFE5-7F9B-469D-B989-57C48F355833}] => (Allow) C:\Users\HARD PC\AppData\Roaming\BitTorrent Web\btweb.exe (BitTorrent Inc -> BitTorrent Limited) FirewallRules: [{CFED5AF6-0A95-4B5B-B5E7-B02E56E53C7E}] => (Allow) C:\Users\HARD PC\AppData\Roaming\BitTorrent\BitTorrent.exe (BitTorrent Inc -> BitTorrent Limited) FirewallRules: [{7E4C7232-43C9-4054-9467-4A3F997CD57B}] => (Allow) C:\Users\HARD PC\AppData\Roaming\BitTorrent\BitTorrent.exe (BitTorrent Inc -> BitTorrent Limited) FirewallRules: [{BFFF8C29-09E6-40D4-BC10-E9F22D98C09F}] => (Allow) C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe (AVB Disc Soft, SIA -> Disc Soft FZE LLC) FirewallRules: [{AFBCFECE-7A47-4584-80BB-DE3C3F9A49F6}] => (Allow) C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe (AVB Disc Soft, SIA -> Disc Soft FZE LLC) FirewallRules: [{8D2850E0-5B59-477D-AFE0-CB9C97342E74}] => (Allow) C:\Program Files\HP\HP Deskjet 2540 series\Bin\DeviceSetup.exe (HP Inc. -> Hewlett-Packard Development Company, LP) FirewallRules: [{31EB5228-CDB2-4BEA-981C-B256D69DE028}] => (Allow) LPort=5357 FirewallRules: [{F2BC75FF-B9A8-443B-8BAA-572BBAB10AC5}] => (Allow) C:\Program Files\HP\HP Deskjet 2540 series\Bin\HPNetworkCommunicatorCom.exe (HP Inc. -> Hewlett-Packard Development Company, LP) FirewallRules: [{A29BA8F1-43F8-4A11-ABAB-3EDFB7F4F56F}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [{7D467CAE-BB7D-4DA8-A749-F59EFA67C9C1}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [{9C43EC3B-4A12-457E-85C0-EA2F75767ACC}] => (Allow) C:\Users\HARD PC\AppData\Local\MiPhoneManager\main\MiPCSuite.exe (Xiaomi Technology Inc -> Xiaomi.Inc) FirewallRules: [{51C125AB-8D50-44F2-B905-0EDC781F8C40}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\The Witcher 3\REDprelauncher.exe (GOG sp. z o.o -> GOG.com) FirewallRules: [{DA5BD9B3-E97C-4CBA-9756-B622BA27959F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\The Witcher 3\REDprelauncher.exe (GOG sp. z o.o -> GOG.com) FirewallRules: [{8BC6CA4F-AB8B-46BA-A60D-408785C67ED6}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [{8B214B7F-C4DA-4388-B7BB-5FE3E0F946D5}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [{C642C0C9-57BE-405A-8C75-3FB91F464D2B}] => (Allow) C:\Program Files\WindowsApps\MSTeams_24295.605.3225.8804_x64__8wekyb3d8bbwe\ms-teams.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [{F7940EF8-B523-4E68-BCA3-744C4258ABB8}] => (Allow) C:\Program Files\WindowsApps\MSTeams_24295.605.3225.8804_x64__8wekyb3d8bbwe\ms-teams.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [{1764331A-871B-4288-AB45-44B8079A212F}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [{5D4E7DEF-7CA5-41F8-93F0-B606AFF484AF}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Santa Claus in Trouble\SantaClausInTrouble.exe (Joymania Development) [Brak podpisu cyfrowego] FirewallRules: [{E7A86EEA-A72A-44D0-BB91-CAF77DC7BA0F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Santa Claus in Trouble\SantaClausInTrouble.exe (Joymania Development) [Brak podpisu cyfrowego] FirewallRules: [{417E79C8-B986-4E0F-BFAE-31EA7AF39757}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.136.3203.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.) FirewallRules: [{E4FCBA18-AA4A-4EA2-A60D-BFE7EE566612}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.136.3203.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.) FirewallRules: [{6943E741-20B2-42F1-9DEE-482277E0FB2B}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.136.3203.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.) FirewallRules: [{7B338C08-1557-4956-BA0C-28A598F6E735}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.136.3203.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.) FirewallRules: [{5973B02C-3934-4C5F-B9AF-12FE2DFD2791}] => (Block) C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe (Adobe Inc. -> Adobe Systems Incorporated) FirewallRules: [{ECBE4516-16F1-4F99-BB8B-AF465FFB3510}] => (Block) C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef\AcroCEF.exe (Adobe Inc. -> Adobe Systems Incorporated) FirewallRules: [{F7EC2334-9CFB-4C83-A3DE-3E7AF1FFFD9E}] => (Block) C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe (Adobe Inc. -> Adobe Systems Incorporated) FirewallRules: [{8DF4168E-DD71-454E-98D8-F8688FBBBE92}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.257.463.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd) FirewallRules: [{B1FAB752-A7D0-46EF-9701-DFA1B106A367}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.257.463.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd) FirewallRules: [{55A1FD43-3B6B-4AE4-A578-CB1C14991986}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.257.463.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd) FirewallRules: [{B59E900E-4DCF-4C2A-982E-C6D4AF701677}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.257.463.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd) FirewallRules: [{57A5532E-3ACD-4B05-9CB5-FE15CA54E924}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.257.463.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd) FirewallRules: [{AA428F99-5D4E-4649-92D9-8BD35EA251B0}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.257.463.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd) FirewallRules: [{7943A709-42E8-4E5B-8075-F0D63CFC5F13}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.257.463.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd) FirewallRules: [{B7364089-FCB3-4F8C-BCA5-497E7B1EF672}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.257.463.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd) FirewallRules: [{0630202C-8500-403B-95EF-983E8B0D13B6}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.257.463.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd) FirewallRules: [{7B067303-A446-45B3-B8EC-15E322292B79}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.257.463.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd) FirewallRules: [{8A055D8D-B64A-4960-8534-6DBE9F5D1131}] => (Allow) C:\Program Files\BraveSoftware\Brave-Browser\Application\brave.exe (Brave Software, Inc. -> Brave Software, Inc.) FirewallRules: [{13AAD223-4901-4312-AF01-81BB91345E0C}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC) FirewallRules: [{46B40421-5817-4E09-A2F9-BE8DB77E4A3E}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\133.0.3065.92\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation) ==================== Punkty Przywracania systemu ========================= 28-02-2025 07:33:14 Installed Windows Manager 28-02-2025 08:09:19 Driver Booster : AMD Radeon RX 6600 01-03-2025 16:01:43 DDU Restore Point ==================== Wadliwe urządzenia w Menedżerze urządzeń ============ ==================== Błędy w Dzienniku zdarzeń: ======================== Dziennik Aplikacja: ================== Error: (03/01/2025 04:42:01 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Nazwa aplikacji powodującej błąd: cmd.exe, wersja: 10.0.19041.4355, sygnatura czasowa: 0xa7cb0dc0 Nazwa modułu powodującego błąd: unknown, wersja: 0.0.0.0, sygnatura czasowa: 0x00000000 Kod wyjątku: 0xc0000005 Przesunięcie błędu: 0x000001ac102b44d0 Identyfikator procesu powodującego błąd: 0x34dc Godzina uruchomienia aplikacji powodującej błąd: 0x01db8ac07954caa2 Ścieżka aplikacji powodującej błąd: C:\Windows\system32\cmd.exe Ścieżka modułu powodującego błąd: unknown Identyfikator raportu: 6081b060-fec0-437a-97f1-c1b33611765a Pełna nazwa pakietu powodującego błąd: Identyfikator aplikacji względem pakietu powodującego błąd: Error: (03/01/2025 04:41:59 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Nazwa aplikacji powodującej błąd: cmd.exe, wersja: 10.0.19041.4355, sygnatura czasowa: 0xa7cb0dc0 Nazwa modułu powodującego błąd: unknown, wersja: 0.0.0.0, sygnatura czasowa: 0x00000000 Kod wyjątku: 0xc0000005 Przesunięcie błędu: 0x0000013d3ee844d0 Identyfikator procesu powodującego błąd: 0x39c8 Godzina uruchomienia aplikacji powodującej błąd: 0x01db8ac078301872 Ścieżka aplikacji powodującej błąd: C:\Windows\system32\cmd.exe Ścieżka modułu powodującego błąd: unknown Identyfikator raportu: 50ef50bb-449f-428b-b9a3-f34a86f2f09f Pełna nazwa pakietu powodującego błąd: Identyfikator aplikacji względem pakietu powodującego błąd: Error: (03/01/2025 04:34:55 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Nazwa aplikacji powodującej błąd: cmd.exe, wersja: 10.0.19041.4355, sygnatura czasowa: 0xa7cb0dc0 Nazwa modułu powodującego błąd: unknown, wersja: 0.0.0.0, sygnatura czasowa: 0x00000000 Kod wyjątku: 0xc0000005 Przesunięcie błędu: 0x000002503ce837ff Identyfikator procesu powodującego błąd: 0x2fe8 Godzina uruchomienia aplikacji powodującej błąd: 0x01db8abf7b5e17f5 Ścieżka aplikacji powodującej błąd: C:\Windows\system32\cmd.exe Ścieżka modułu powodującego błąd: unknown Identyfikator raportu: e6f2ee50-ce42-4e9e-b968-8544c4bb61e2 Pełna nazwa pakietu powodującego błąd: Identyfikator aplikacji względem pakietu powodującego błąd: Error: (03/01/2025 04:34:13 PM) (Source: Software Protection Platform Service) (EventID: 8198) (User: ) Description: Aktywacja licencji (slui.exe) nie powiodła się, kod błędu: hr=0x80004005 Argumenty wiersza polecenia: RuleId=502ff3ba-669a-4674-bbb1-601f34a3b968;Action=AutoActivateSilent;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=58e97c99-f377-4ef1-81d5-4ad5522b5fd8;NotificationInterval=1440;Trigger=NetworkAvailable Error: (03/01/2025 04:34:08 PM) (Source: Software Protection Platform Service) (EventID: 8198) (User: ) Description: Aktywacja licencji (slui.exe) nie powiodła się, kod błędu: hr=0x80004005 Argumenty wiersza polecenia: RuleId=502ff3ba-669a-4674-bbb1-601f34a3b968;Action=AutoActivateSilent;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=58e97c99-f377-4ef1-81d5-4ad5522b5fd8;NotificationInterval=1440;Trigger=UserLogon;SessionId=1 Error: (03/01/2025 04:34:08 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Nazwa aplikacji powodującej błąd: AUEPMaster.exe, wersja: 2420.33.1.1127, sygnatura czasowa: 0x6747ad9f Nazwa modułu powodującego błąd: ucrtbase.dll, wersja: 10.0.19041.3636, sygnatura czasowa: 0x81cf5d89 Kod wyjątku: 0xc0000409 Przesunięcie błędu: 0x000000000007286e Identyfikator procesu powodującego błąd: 0x1c24 Godzina uruchomienia aplikacji powodującej błąd: 0x01db8abf5c43b3a4 Ścieżka aplikacji powodującej błąd: C:\Program Files\AMD\Performance Profile Client\AUEPMaster.exe Ścieżka modułu powodującego błąd: C:\Windows\System32\ucrtbase.dll Identyfikator raportu: 8f4a5103-1f5a-4e0b-9e91-8a259a3f6e82 Pełna nazwa pakietu powodującego błąd: Identyfikator aplikacji względem pakietu powodującego błąd: Error: (03/01/2025 04:31:33 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Nazwa aplikacji powodującej błąd: sc.exe, wersja: 10.0.19041.1, sygnatura czasowa: 0xb0ef2205 Nazwa modułu powodującego błąd: unknown, wersja: 0.0.0.0, sygnatura czasowa: 0x00000000 Kod wyjątku: 0xc0000005 Przesunięcie błędu: 0x00000246200a37ff Identyfikator procesu powodującego błąd: 0x2ab4 Godzina uruchomienia aplikacji powodującej błąd: 0x01db8abf0314c3cd Ścieżka aplikacji powodującej błąd: C:\Windows\system32\sc.exe Ścieżka modułu powodującego błąd: unknown Identyfikator raportu: 84b6e837-de15-4588-832e-ec1a259549a4 Pełna nazwa pakietu powodującego błąd: Identyfikator aplikacji względem pakietu powodującego błąd: Error: (03/01/2025 04:27:38 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Nazwa aplikacji powodującej błąd: clinfo.exe, wersja: 0.0.0.0, sygnatura czasowa: 0x67473a35 Nazwa modułu powodującego błąd: unknown, wersja: 0.0.0.0, sygnatura czasowa: 0x00000000 Kod wyjątku: 0xc0000005 Przesunięcie błędu: 0x00000258c05b37ff Identyfikator procesu powodującego błąd: 0x182c Godzina uruchomienia aplikacji powodującej błąd: 0x01db8abe76fefea7 Ścieżka aplikacji powodującej błąd: C:\Windows\system32\clinfo.exe Ścieżka modułu powodującego błąd: unknown Identyfikator raportu: 0e6d23bb-7a29-4c9c-b3a4-34f372b4ef90 Pełna nazwa pakietu powodującego błąd: Identyfikator aplikacji względem pakietu powodującego błąd: Dziennik System: ============= Error: (03/01/2025 04:36:17 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Nie można uruchomić usługi WinRing0_1_2_0 z powodu następującego błędu: System nie może odnaleźć określonej ścieżki. Error: (03/01/2025 04:36:03 PM) (Source: Service Control Manager) (EventID: 7023) (User: ) Description: Usługa Broker monitorów czasu wykonywania funkcji System Guard zakończyła działanie; wystąpił następujący błąd: %%3489660935 Error: (03/01/2025 04:36:03 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Nie można uruchomić usługi Usługa Google Update (gupdate) z powodu następującego błędu: Usługa nie odpowiada na sygnał uruchomienia lub sygnał sterujący w oczekiwanym czasie. Error: (03/01/2025 04:36:03 PM) (Source: Service Control Manager) (EventID: 7009) (User: ) Description: Upłynął limit czasu (30000 ms) podczas oczekiwania na połączenie się z usługą Usługa Google Update (gupdate). Error: (03/01/2025 04:36:02 PM) (Source: Microsoft-Windows-TPM-WMI) (EventID: 1796) (User: ZARZĄDZANIE NT) Description: The Secure Boot update failed to update a Secure Boot variable with error (-2147020471 = Funkcja bezpiecznego rozruchu nie jest włączona na tym komputerze.). For more information, please see https://go.microsoft.com/fwlink/?linkid=2169931 Error: (03/01/2025 04:35:52 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Nie można uruchomić usługi BattlEye Service z powodu następującego błędu: Odmowa dostępu. Error: (03/01/2025 04:35:17 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Nie można uruchomić usługi WinRing0_1_2_0 z powodu następującego błędu: System nie może odnaleźć określonej ścieżki. Error: (03/01/2025 04:34:07 PM) (Source: BugCheck) (EventID: 1001) (User: ) Description: Nastąpił ponowny rozruch komputera po operacji wykrywania błędów. Wyniki tej operacji były następujące: 0x000000ef (0xffffdb8f4ccc7080, 0x0000000000000000, 0x0000000000000000, 0x0000000000000000). Zrzut zapisano w: C:\Windows\MEMORY.DMP. Identyfikator raportu: 83b56270-d24f-4845-890d-a383b621dd5c. CodeIntegrity: =============== Date: 2025-03-01 16:36:03 Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Program Files\Norton Security\Engine\22.22.4.13\symamsi.dll that did not meet the Windows signing level requirements. Date: 2025-03-01 14:53:30 Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\SIHClient.exe) attempted to load \Device\HarddiskVolume3\Program Files\Norton Security\Engine\22.22.4.13\symamsi.dll that did not meet the Windows signing level requirements. ==================== Statystyki pamięci =========================== BIOS: American Megatrends Inc. P5.70 10/20/2022 Płyta główna: ASRock B450M Pro4 R2.0 Procesor: AMD Ryzen 5 5600 6-Core Processor Procent pamięci w użyciu: 53% Całkowita pamięć fizyczna: 16309.13 MB Dostępna pamięć fizyczna: 7665.24 MB Całkowita pamięć wirtualna: 24245.13 MB Dostępna pamięć wirtualna: 10149.63 MB ==================== Dyski ================================ Drive c: () (Fixed) (Total:953.21 GB) (Free:162.5 GB) (Model: Lexar SSD NM620 1TB) NTFS \\?\Volume{b5ceda0a-2270-4ae3-b00c-55258598fef1}\ () (Fixed) (Total:0.54 GB) (Free:0.08 GB) NTFS \\?\Volume{092da43e-e7fa-429c-b8ef-35503ec0471d}\ () (Fixed) (Total:0.09 GB) (Free:0.07 GB) FAT32 ==================== MBR & Tablica partycji ==================== ========================================================== Disk: 0 (Protective MBR) (Size: 953.9 GB) (Disk ID: 00000000) Partition: GPT. ==================== Koniec Addition.txt =======================