Rezultaty skanu uzupełniającego Farbar Recovery Scan Tool (x64) Wersja: 14-02-2021 Uruchomiony przez RAFONIX (16-02-2021 22:17:49) Uruchomiony z C:\Users\RAFONIX\Desktop\scan Windows 7 Professional Service Pack 1 (X64) (2020-10-27 11:20:34) Tryb startu: Normal ========================================================== ==================== Konta użytkowników: ============================= Administrator (S-1-5-21-2684602908-2750127974-2092376734-500 - Administrator - Disabled) Ania (S-1-5-21-2684602908-2750127974-2092376734-1000 - Administrator - Enabled) => C:\Users\Ania Gość (S-1-5-21-2684602908-2750127974-2092376734-501 - Limited - Disabled) HomeGroupUser$ (S-1-5-21-2684602908-2750127974-2092376734-1004 - Limited - Enabled) RAFONIX (S-1-5-21-2684602908-2750127974-2092376734-1006 - Administrator - Enabled) => C:\Users\RAFONIX wiktor (S-1-5-21-2684602908-2750127974-2092376734-1002 - Administrator - Enabled) => C:\Users\wiktor ==================== Centrum zabezpieczeń ======================== (Załączenie wejścia w fixlist spowoduje jego usunięcie.) AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} ==================== Zainstalowane programy ====================== (W fixlist dozwolone tylko załączanie programów adware z flagą "Hidden" w celu ich uwidocznienia. Programy adware powinny zostać w poprawny sposób odinstalowane.) 7-Zip 19.00 (x64) (HKLM\...\7-Zip) (Version: 19.00 - Igor Pavlov) ActivePresenter (HKLM\...\{A2A40277-D807-4754-95A3-2F294C2C51D3}_is1) (Version: 8.3.0 - Atomi Systems, Inc.) Adobe Acrobat Reader DC - Polish (HKLM-x32\...\{AC76BA86-7AD7-1045-7B44-AC0F074E4100}) (Version: 21.001.20138 - Adobe Systems Incorporated) Adobe Photoshop 2020 (HKLM-x32\...\PHSP_21_1) (Version: 21.1.0 - Adobe Systems Incorporated) Apple Application Support (32-bit) (HKLM-x32\...\{D4B07658-F443-4445-A261-E643996E139D}) (Version: 4.3.2 - Apple Inc.) Apple Mobile Device Support (HKLM\...\{F9CEF01A-3907-4614-824F-CF5D3E4675EF}) (Version: 14.1.0.35 - Apple Inc.) Apple Software Update (HKLM-x32\...\{A3985C05-7386-411F-A4BF-32A73F37EB44}) (Version: 2.6.3.1 - Apple Inc.) Blackmagic RAW Common Components (HKLM\...\{60461BA6-AFA0-4D54-AFE1-54EC717AA7D9}) (Version: 1.8.2 - Blackmagic Design) Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.) CPUID CPU-Z 1.95 (HKLM\...\CPUID CPU-Z_is1) (Version: 1.95 - CPUID, Inc.) CPUID HWMonitor 1.43 (HKLM\...\CPUID HWMonitor_is1) (Version: 1.43 - CPUID, Inc.) DaVinci Resolve (HKLM\...\{0C4A0EF3-6FE2-4F0D-AFAD-D3EA0297BDBE}) (Version: 16.2.8005 - Blackmagic Design) DaVinci Resolve Keyboards (HKLM\...\{04F776FB-37A2-4116-84F2-6CF3D731999D}) (Version: 1.0.0.0 - Blackmagic Design) DaVinci Resolve Panels (HKLM\...\{567706B7-1501-43BC-81AB-C7E306B40C73}) (Version: 1.3.2.0 - Blackmagic Design) Discord (HKU\S-1-5-21-2684602908-2750127974-2092376734-1002\...\Discord) (Version: 0.0.308 - Discord Inc.) Discord (HKU\S-1-5-21-2684602908-2750127974-2092376734-1006\...\Discord) (Version: 0.0.308 - Discord Inc.) Epic Games Launcher (HKLM-x32\...\{BE411926-37D4-45D5-9ED5-4132BEB8E9C5}) (Version: 1.1.298.0 - Epic Games, Inc.) Epic Games Launcher Prerequisites (x64) (HKLM\...\{F9C5C994-F6B9-4D75-B3E7-AD01B84073E9}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden EpocCam drivers 3.0.0 (HKLM-x32\...\EpocCam drivers) (Version: 3.0.0 - Elgato) Ezvid (HKLM-x32\...\{F96D619D-99D6-4C9C-A393-0CD22DE1CA66}_is1) (Version: 1.004 - Ezvid, inc.) FileZilla Client 3.51.0 (HKU\S-1-5-21-2684602908-2750127974-2092376734-1006\...\FileZilla Client) (Version: 3.51.0 - Tim Kosse) FileZilla Server (HKLM-x32\...\FileZilla Server) (Version: beta 0.9.60 - FileZilla Project) FiveM (HKU\S-1-5-21-2684602908-2750127974-2092376734-1006\...\CitizenFX_FiveM) (Version: - Cfx.re) Google Chrome (HKLM-x32\...\Google Chrome) (Version: 88.0.4324.150 - Google LLC) Grand Theft Auto V (HKLM-x32\...\{BEEFBEEF-6B87-43FC-9524-F9E967241741}) (Version: 1.0.1604.1 - Rockstar Games) Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.14.5067 - Intel Corporation) iTunes (HKLM\...\{A3BDA32E-9A0C-45E9-9B3D-26276414A755}) (Version: 12.10.10.2 - Apple Inc.) iVCam 6.1 (HKLM\...\iVCam_is1) (Version: 6.1.7 - e2eSoft) Java 8 Update 271 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F64180271F0}) (Version: 8.0.2710.9 - Oracle Corporation) KMSpico (HKLM\...\{8B29D47F-92E2-4C20-9EE0-F710991F5D7C}_is1) (Version: - ) Launcher Prerequisites (x64) (HKLM-x32\...\{43a03b9c-4770-409c-a999-587b60700b63}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden League of Legends (HKU\S-1-5-21-2684602908-2750127974-2092376734-1006\...\Riot Game league_of_legends.live) (Version: - Riot Games, Inc) LibreOffice 7.0.0.3 (HKLM\...\{7C7F19DA-6107-4284-9263-EC5C4792C8C7}) (Version: 7.0.0.3 - The Document Foundation) Lightworks (HKLM-x32\...\{E94DD4E4-7746-472c-AA7B-1242FED0CFC8}) (Version: 14.6.0.1 - EditShare) LogMeIn Hamachi (HKLM-x32\...\{ECC0FA07-863E-44BC-8B1D-DA22F96E5FB7}) (Version: 2.2.0.633 - LogMeIn, Inc.) Hidden LogMeIn Hamachi (HKLM-x32\...\LogMeIn Hamachi) (Version: 2.2.0.633 - LogMeIn, Inc.) Medal (HKU\S-1-5-21-2684602908-2750127974-2092376734-1006\...\Medal) (Version: 4.625.0 - Medal B.V.) Microsoft .NET Framework 4.5.2 (Polski) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1045) (Version: 4.5.51209 - Microsoft Corporation) Microsoft .NET Framework 4.8 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.8.03761 - Microsoft Corporation) Microsoft Teams (HKU\S-1-5-21-2684602908-2750127974-2092376734-1000\...\Teams) (Version: 1.3.00.26064 - Microsoft Corporation) Microsoft Teams (HKU\S-1-5-21-2684602908-2750127974-2092376734-1002\...\Teams) (Version: 1.3.00.28779 - Microsoft Corporation) Microsoft Teams (HKU\S-1-5-21-2684602908-2750127974-2092376734-1006\...\Teams) (Version: 1.3.00.34662 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40660 (HKLM-x32\...\{ef6b00ec-13e1-4c25-9064-b2f383cb8412}) (Version: 12.0.40660.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.40660 (HKLM-x32\...\{61087a79-ac85-455c-934d-1fa22cc64f36}) (Version: 12.0.40660.0 - Microsoft Corporation) Microsoft Visual C++ 2015-2019 Redistributable (x64) - 14.25.28508 (HKLM-x32\...\{6913e92a-b64e-41c9-a5e6-cef39207fe89}) (Version: 14.25.28508.3 - Microsoft Corporation) Microsoft Visual C++ 2015-2019 Redistributable (x86) - 14.28.29325 (HKLM-x32\...\{d7a6435f-ac9a-4af6-8fdc-ca130d13fac9}) (Version: 14.28.29325.2 - Microsoft Corporation) Minecraft Launcher (HKLM-x32\...\{27B34E47-68AE-4802-822A-9F0C187AF84A}) (Version: 1.0.0.0 - Mojang) Minecraft Pingwin Pack 4 - Ultimate wersja 4.1 Ultimate (HKLM-x32\...\{BE6516A2-1364-4769-B038-72FDC159C94A}_is1) (Version: 4.1 Ultimate - AvenisHD) Mine-imator 1.2.7 (HKLM-x32\...\{EF61A1AA-5F85-4E94-ACC6-D5650A312AE6}}_is1) (Version: 1.2.7 - David Norgren) Mozilla Firefox 84.0.1 (x64 pl) (HKLM\...\Mozilla Firefox 84.0.1 (x64 pl)) (Version: 84.0.1 - Mozilla) Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 84.0.1 - Mozilla) MTA:SA v1.5.8 (HKLM-x32\...\MTA:SA 1.5) (Version: v1.5.8 - Multi Theft Auto) NoxPlayer (HKLM-x32\...\Nox) (Version: 6.6.1.3 - Duodian Technology Co. Ltd.) NVIDIA GeForce NOW 2.0.26.116 (HKU\S-1-5-21-2684602908-2750127974-2092376734-1006\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_GeforceNOW) (Version: 2.0.26.116 - NVIDIA Corporation) NVIDIA Install Application (HKU\S-1-5-21-2684602908-2750127974-2092376734-1006\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer) (Version: 2.1002.344.0 - NVIDIA Corporation) Hidden NVIDIA Oprogramowanie systemu PhysX 9.19.0218 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.19.0218 - NVIDIA Corporation) NVIDIA Sterownik graficzny 430.86 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 430.86 - NVIDIA Corporation) OBS Studio (HKLM-x32\...\OBS Studio) (Version: 23.0.1 - OBS Project) Opera GX Stable 71.0.3770.310 (HKU\S-1-5-21-2684602908-2750127974-2092376734-1000\...\Opera GX 71.0.3770.310) (Version: 71.0.3770.310 - Opera Software) Opera GX Stable 71.0.3770.310 (HKU\S-1-5-21-2684602908-2750127974-2092376734-1002\...\Opera GX 71.0.3770.310) (Version: 71.0.3770.310 - Opera Software) Oprogramowanie mikroukładu Intel® (HKLM-x32\...\{c6cff78a-cccb-49d5-be68-ae0ec5f0d48a}) (Version: 10.1.1.8 - Intel(R) Corporation) Hidden Panel sterowania NVIDIA 430.86 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel) (Version: 430.86 - NVIDIA Corporation) Hidden PLAY INTERNET (HKLM-x32\...\PLAY INTERNET) (Version: 23.015.11.00.264 - Huawei Technologies Co.,Ltd) RAGE Multiplayer (HKLM-x32\...\RAGE Multiplayer) (Version: 0.0.1.1 - ) Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.8720.1 - Realtek Semiconductor Corp.) ReaPlugs/x64 (HKLM\...\ReaPlugs) (Version: - ) Revo Uninstaller 2.2.2 (HKLM\...\{A28DBDA2-3CC7-4ADC-8BFE-66D7743C6C97}_is1) (Version: 2.2.2 - VS Revo Group, Ltd.) Rockstar Games Launcher (HKLM-x32\...\Rockstar Games Launcher) (Version: 1.0.33.319 - Rockstar Games) Rockstar Games Social Club (HKLM-x32\...\Rockstar Games Social Club) (Version: 2.0.7.5 - Rockstar Games) SHINOBI (HKLM-x32\...\{890CE702-97DD-4E48-BA65-863CC872CE4A}_is1) (Version: 1.0.4 - MODECOM Polska SP z o.o.) Shotcut (HKLM\...\Shotcut) (Version: 20.11.28 - Meltytech, LLC) Special Uninstaller version 3.8 (HKLM-x32\...\{46744C87-EE41-4BA3-A444-C2DECC145FC0}_is1) (Version: 3.8 - hxxp://www.specialuninstaller.com/) Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation) TeamSpeak 3 Client (HKU\S-1-5-21-2684602908-2750127974-2092376734-1006\...\TeamSpeak 3 Client) (Version: 3.5.3 - TeamSpeak Systems GmbH) Vidiot (HKLM-x32\...\Vidiot) (Version: 0.3.32 - Eric Raijmakers) Voicemod (HKLM\...\{8435A407-F778-4647-9CDB-46E5EC50BAD0}_is1) (Version: 2.6.0.7 - Voicemod S.L.) WinDirStat 1.1.2 (HKU\S-1-5-21-2684602908-2750127974-2092376734-1006\...\WinDirStat) (Version: - ) WinRAR 5.91 (64-bitowy) (HKLM\...\WinRAR archiver) (Version: 5.91.0 - win.rar GmbH) WO Mic Client (HKLM-x32\...\WOMic) (Version: - ) XSplit Broadcaster (HKLM-x32\...\{27934DDC-05BC-4836-894A-AB948F3082E5}) (Version: 4.0.2007.2911 - SplitmediaLabs) ==================== Niestandardowe rejestracje CLSID (filtrowane): ============== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) CustomCLSID: HKU\S-1-5-21-2684602908-2750127974-2092376734-1006_Classes\CLSID\{00020420-0000-0000-C000-000000000046}\InprocServer32 -> C:\Windows\system32\oleaut32.dll (Microsoft Windows -> Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-2684602908-2750127974-2092376734-1006_Classes\CLSID\{00020421-0000-0000-C000-000000000046}\InprocServer32 -> C:\Windows\system32\oleaut32.dll (Microsoft Windows -> Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-2684602908-2750127974-2092376734-1006_Classes\CLSID\{00020422-0000-0000-C000-000000000046}\InprocServer32 -> C:\Windows\system32\oleaut32.dll (Microsoft Windows -> Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-2684602908-2750127974-2092376734-1006_Classes\CLSID\{00020423-0000-0000-C000-000000000046}\InprocServer32 -> C:\Windows\system32\oleaut32.dll (Microsoft Windows -> Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-2684602908-2750127974-2092376734-1006_Classes\CLSID\{00020424-0000-0000-C000-000000000046}\InprocServer32 -> C:\Windows\system32\oleaut32.dll (Microsoft Windows -> Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-2684602908-2750127974-2092376734-1006_Classes\CLSID\{00020425-0000-0000-C000-000000000046}\InprocServer32 -> C:\Windows\system32\oleaut32.dll (Microsoft Windows -> Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-2684602908-2750127974-2092376734-1006_Classes\CLSID\{19A6E644-14E6-4A60-B8D7-DD20610A871D}\InprocServer32 -> C:\Users\RAFONIX\AppData\Local\Microsoft\TeamsMeetingAddin\1.0.20289.5\x64\Microsoft.Teams.AddinLoader.dll (Microsoft Corporation -> Microsoft Corporation) ShellIconOverlayIdentifiers: [ AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2018-03-05] (Adobe Systems Incorporated -> ) ShellIconOverlayIdentifiers: [ AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2018-03-05] (Adobe Systems Incorporated -> ) ShellIconOverlayIdentifiers: [ AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2018-03-05] (Adobe Systems Incorporated -> ) ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2019-02-21] (Igor Pavlov) [Brak podpisu cyfrowego] ContextMenuHandlers1: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2018-03-05] (Adobe Systems Incorporated -> ) ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2020-08-25] (win.rar GmbH -> Alexander Roshal) ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2020-08-25] (win.rar GmbH -> Alexander Roshal) ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2019-02-21] (Igor Pavlov) [Brak podpisu cyfrowego] ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\Windows\system32\igfxDTCM.dll [2019-02-07] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation) ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\Windows\system32\nvshext.dll [2019-05-22] (NVIDIA Corporation -> NVIDIA Corporation) ContextMenuHandlers6: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2019-02-21] (Igor Pavlov) [Brak podpisu cyfrowego] ContextMenuHandlers6: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2018-03-05] (Adobe Systems Incorporated -> ) ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2020-08-25] (win.rar GmbH -> Alexander Roshal) ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2020-08-25] (win.rar GmbH -> Alexander Roshal) ==================== Codecs (filtrowane) ==================== (Załączenie wejścia w fixlist spowoduje usunięcie obiektu z rejestru lub przywrócenie jego domyślnej postaci. Powiązany plik nie zostanie przeniesiony.) HKLM\...\Drivers32: [VIDC.LAGS] => C:\Windows\system32\lagarith.dll [148992 2013-04-07] () [Brak podpisu cyfrowego] HKLM\...\Drivers32: [VIDC.LAGS] => C:\Windows\SysWOW64\lagarith.dll [216064 2013-04-07] () [Brak podpisu cyfrowego] ==================== Skróty & WMI ======================== (Wybrane wejścia mogą zostać załączone w celu ich zresetowania lub usunięcia.) WMI:subscription\__FilterToConsumerBinding->CommandLineEventConsumer.Name=\"BVTConsumer\"",Filter="__EventFilter.Name=\"BVTFilter\":: WMI:subscription\__EventFilter->BVTFilter::[Query => SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99] WMI:subscription\CommandLineEventConsumer->BVTConsumer::[CommandLineTemplate => cscript KernCap.vbs][WorkingDirectory => C:\\tools\\kernrate] ShortcutWithArgument: C:\Users\RAFONIX\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplikacje Chrome\TikTok.lnk -> C:\Program Files\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory=Default --app-id=ahoadnkmomodgfkfokbclmabbfdaejpe ==================== Załadowane moduły (filtrowane) ============= 2018-08-16 13:54 - 2018-08-16 13:54 - 001484800 _____ () [Brak podpisu cyfrowego] C:\Program Files (x86)\Elgato\EpocCam\avcodec-58.dll 2018-08-16 13:52 - 2018-08-16 13:52 - 000556544 _____ () [Brak podpisu cyfrowego] C:\Program Files (x86)\Elgato\EpocCam\avutil-56.dll 2018-08-16 13:54 - 2018-08-16 13:54 - 000190464 _____ () [Brak podpisu cyfrowego] C:\Program Files (x86)\Elgato\EpocCam\swresample-3.dll 2018-08-16 13:55 - 2018-08-16 13:55 - 000514048 _____ () [Brak podpisu cyfrowego] C:\Program Files (x86)\Elgato\EpocCam\swscale-5.dll 2020-11-16 20:38 - 2014-10-30 09:05 - 001124352 _____ () [Brak podpisu cyfrowego] C:\Program Files (x86)\PLAY INTERNET\AddrBookPlugin.dll 2020-11-16 20:38 - 2014-10-30 09:04 - 000672768 _____ () [Brak podpisu cyfrowego] C:\Program Files (x86)\PLAY INTERNET\AddrBookSrvPlugin.dll 2020-11-16 20:38 - 2014-10-30 09:13 - 000819712 _____ () [Brak podpisu cyfrowego] C:\Program Files (x86)\PLAY INTERNET\AddrBookUIPlugin.dll 2020-11-16 20:38 - 2014-10-30 09:02 - 000646144 _____ () [Brak podpisu cyfrowego] C:\Program Files (x86)\PLAY INTERNET\AtCodec.dll 2020-11-16 20:38 - 2014-10-30 09:07 - 000168960 _____ () [Brak podpisu cyfrowego] C:\Program Files (x86)\PLAY INTERNET\ATR2SMgr.dll 2020-11-16 20:38 - 2014-10-30 09:01 - 000628224 _____ () [Brak podpisu cyfrowego] C:\Program Files (x86)\PLAY INTERNET\Common.dll 2020-11-16 20:38 - 2014-10-30 09:27 - 000119296 _____ () [Brak podpisu cyfrowego] C:\Program Files (x86)\PLAY INTERNET\ConnectMgrUIPlugin.dll 2020-11-16 20:38 - 2014-12-10 13:05 - 000563200 _____ () [Brak podpisu cyfrowego] C:\Program Files (x86)\PLAY INTERNET\core.dll 2020-11-16 20:38 - 2014-10-30 09:03 - 000155136 _____ () [Brak podpisu cyfrowego] C:\Program Files (x86)\PLAY INTERNET\DataServicePlugin.dll 2020-11-16 20:38 - 2014-10-30 09:06 - 000731136 _____ () [Brak podpisu cyfrowego] C:\Program Files (x86)\PLAY INTERNET\DeviceAppPlugin.dll 2020-11-16 20:38 - 2014-10-30 09:14 - 000581120 _____ () [Brak podpisu cyfrowego] C:\Program Files (x86)\PLAY INTERNET\DeviceMgrUIPlugin.dll 2020-11-16 20:38 - 2014-10-30 09:06 - 000731648 _____ () [Brak podpisu cyfrowego] C:\Program Files (x86)\PLAY INTERNET\DeviceSrvPlugin.dll 2020-11-16 20:38 - 2014-10-30 09:19 - 000303616 _____ () [Brak podpisu cyfrowego] C:\Program Files (x86)\PLAY INTERNET\DiagnosisPlugin.dll 2020-11-16 20:38 - 2014-10-30 09:04 - 000236032 _____ () [Brak podpisu cyfrowego] C:\Program Files (x86)\PLAY INTERNET\DialUpPlugin.dll 2020-11-16 20:38 - 2014-12-10 13:05 - 000606208 _____ () [Brak podpisu cyfrowego] C:\Program Files (x86)\PLAY INTERNET\DialupUIPlugin.dll 2020-11-16 20:38 - 2014-10-30 09:16 - 000117248 _____ () [Brak podpisu cyfrowego] C:\Program Files (x86)\PLAY INTERNET\LayoutPlugin.dll 2020-11-16 20:38 - 2009-06-23 03:42 - 000043008 _____ () [Brak podpisu cyfrowego] C:\Program Files (x86)\PLAY INTERNET\libgcc_s_dw2-1.dll 2020-11-16 20:38 - 2013-10-26 10:08 - 000692224 _____ () [Brak podpisu cyfrowego] C:\Program Files (x86)\PLAY INTERNET\LiveUpdateInterface.DLL 2020-11-16 20:38 - 2014-12-10 13:12 - 000103424 _____ () [Brak podpisu cyfrowego] C:\Program Files (x86)\PLAY INTERNET\MainpagePlugin.dll 2020-11-16 20:38 - 2014-12-10 13:10 - 000339456 _____ () [Brak podpisu cyfrowego] C:\Program Files (x86)\PLAY INTERNET\MenuMgrPlugin.dll 2020-11-16 20:38 - 2009-01-10 19:32 - 000011362 _____ () [Brak podpisu cyfrowego] C:\Program Files (x86)\PLAY INTERNET\mingwm10.dll 2020-11-16 20:38 - 2013-10-26 02:41 - 001146880 _____ () [Brak podpisu cyfrowego] C:\Program Files (x86)\PLAY INTERNET\NDISAPI.dll 2020-11-16 20:38 - 2014-10-30 09:04 - 000201728 _____ () [Brak podpisu cyfrowego] C:\Program Files (x86)\PLAY INTERNET\NDISPlugin.dll 2020-11-16 20:38 - 2014-12-10 13:10 - 000394240 _____ () [Brak podpisu cyfrowego] C:\Program Files (x86)\PLAY INTERNET\NetConnectPlugin.dll 2020-11-16 20:38 - 2014-10-30 09:03 - 000158720 _____ () [Brak podpisu cyfrowego] C:\Program Files (x86)\PLAY INTERNET\NetConnectSrvPlugin.dll 2020-11-16 20:38 - 2014-10-30 09:06 - 000702464 _____ () [Brak podpisu cyfrowego] C:\Program Files (x86)\PLAY INTERNET\NetInfoSrvPlugin.dll 2020-11-16 20:38 - 2014-10-30 09:19 - 000493568 _____ () [Brak podpisu cyfrowego] C:\Program Files (x86)\PLAY INTERNET\NetInfoUIExPlugin.dll 2020-11-16 20:38 - 2014-10-30 09:04 - 000253952 _____ () [Brak podpisu cyfrowego] C:\Program Files (x86)\PLAY INTERNET\NetSrvPlugin.dll 2020-11-16 20:38 - 2014-10-30 09:12 - 000097792 _____ () [Brak podpisu cyfrowego] C:\Program Files (x86)\PLAY INTERNET\NotifyServicePlugin.dll 2020-11-16 20:38 - 2014-10-30 09:03 - 000102400 _____ () [Brak podpisu cyfrowego] C:\Program Files (x86)\PLAY INTERNET\OSAdapt.dll 2020-11-16 20:38 - 2014-10-30 09:03 - 000166912 _____ () [Brak podpisu cyfrowego] C:\Program Files (x86)\PLAY INTERNET\OSDialup.dll 2020-11-16 20:38 - 2014-10-30 09:03 - 000131584 _____ () [Brak podpisu cyfrowego] C:\Program Files (x86)\PLAY INTERNET\OSNDIS.dll 2020-11-16 20:38 - 2014-10-30 09:03 - 000065536 _____ () [Brak podpisu cyfrowego] C:\Program Files (x86)\PLAY INTERNET\OSPowerMgr.dll 2020-11-16 20:38 - 2013-08-31 22:13 - 000306176 _____ () [Brak podpisu cyfrowego] C:\Program Files (x86)\PLAY INTERNET\phonon4.dll 2020-11-16 20:38 - 2014-10-30 09:02 - 000583168 _____ () [Brak podpisu cyfrowego] C:\Program Files (x86)\PLAY INTERNET\PluginContainer.dll 2020-11-16 20:38 - 2013-09-25 01:49 - 000082944 _____ () [Brak podpisu cyfrowego] C:\Program Files (x86)\PLAY INTERNET\plugins\imageformats\qgif4.dll 2020-11-16 20:38 - 2013-09-25 01:49 - 000081920 _____ () [Brak podpisu cyfrowego] C:\Program Files (x86)\PLAY INTERNET\plugins\imageformats\qico4.dll 2020-11-16 20:38 - 2013-09-25 01:49 - 000192000 _____ () [Brak podpisu cyfrowego] C:\Program Files (x86)\PLAY INTERNET\plugins\imageformats\qjpeg4.dll 2020-11-16 20:38 - 2013-09-25 01:49 - 000350720 _____ () [Brak podpisu cyfrowego] C:\Program Files (x86)\PLAY INTERNET\plugins\imageformats\qmng4.dll 2020-11-16 20:38 - 2013-09-25 01:49 - 000370176 _____ () [Brak podpisu cyfrowego] C:\Program Files (x86)\PLAY INTERNET\plugins\imageformats\qtiff4.dll 2020-11-16 20:38 - 2014-10-30 09:03 - 000408064 _____ () [Brak podpisu cyfrowego] C:\Program Files (x86)\PLAY INTERNET\Proxy.DLL 2020-11-16 20:38 - 2013-08-31 06:44 - 002417152 _____ () [Brak podpisu cyfrowego] C:\Program Files (x86)\PLAY INTERNET\QtCore4.dll 2020-11-16 20:38 - 2013-08-31 06:59 - 009559040 _____ () [Brak podpisu cyfrowego] C:\Program Files (x86)\PLAY INTERNET\QtGui4.dll 2020-11-16 20:38 - 2013-08-31 06:46 - 001148416 _____ () [Brak podpisu cyfrowego] C:\Program Files (x86)\PLAY INTERNET\QtNetwork4.dll 2020-11-16 20:38 - 2013-08-31 23:11 - 015675904 _____ () [Brak podpisu cyfrowego] C:\Program Files (x86)\PLAY INTERNET\QtWebKit4.DLL 2020-11-16 20:38 - 2013-08-31 06:44 - 000398336 _____ () [Brak podpisu cyfrowego] C:\Program Files (x86)\PLAY INTERNET\QtXml4.dll 2020-11-16 20:38 - 2013-08-31 22:12 - 003962368 _____ () [Brak podpisu cyfrowego] C:\Program Files (x86)\PLAY INTERNET\QtXmlPatterns4.dll 2020-11-16 20:38 - 2014-10-30 09:08 - 000289280 _____ () [Brak podpisu cyfrowego] C:\Program Files (x86)\PLAY INTERNET\sdk.dll 2020-11-16 20:38 - 2014-10-30 09:05 - 000704000 _____ () [Brak podpisu cyfrowego] C:\Program Files (x86)\PLAY INTERNET\SmsAppPlugin.dll 2020-11-16 20:38 - 2014-10-30 09:05 - 000220160 _____ () [Brak podpisu cyfrowego] C:\Program Files (x86)\PLAY INTERNET\SmsSrvPlugin.dll 2020-11-16 20:38 - 2014-12-10 13:07 - 000855552 _____ () [Brak podpisu cyfrowego] C:\Program Files (x86)\PLAY INTERNET\SMSUIPlugin.dll 2020-11-16 20:38 - 2014-10-30 09:15 - 000323072 _____ () [Brak podpisu cyfrowego] C:\Program Files (x86)\PLAY INTERNET\StatusBarMgrPlugin.dll 2020-11-16 20:38 - 2014-10-30 09:05 - 000157184 _____ () [Brak podpisu cyfrowego] C:\Program Files (x86)\PLAY INTERNET\STKSrvPlugin.dll 2020-11-16 20:38 - 2014-12-10 13:10 - 000224768 _____ () [Brak podpisu cyfrowego] C:\Program Files (x86)\PLAY INTERNET\ToolBarMgrPlugin.dll 2020-11-16 20:38 - 2014-10-30 09:01 - 000157696 _____ () [Brak podpisu cyfrowego] C:\Program Files (x86)\PLAY INTERNET\Trace.dll 2020-11-16 20:38 - 2014-10-30 09:05 - 000142336 _____ () [Brak podpisu cyfrowego] C:\Program Files (x86)\PLAY INTERNET\USSDSrvPlugin.dll 2020-11-16 20:38 - 2014-10-30 09:21 - 000487424 _____ () [Brak podpisu cyfrowego] C:\Program Files (x86)\PLAY INTERNET\USSDUIPlugin.dll 2020-11-16 20:38 - 2013-09-25 01:50 - 000155648 _____ () [Brak podpisu cyfrowego] C:\Program Files (x86)\PLAY INTERNET\Win7Support.dll 2020-11-16 20:38 - 2014-10-30 09:02 - 000195584 _____ () [Brak podpisu cyfrowego] C:\Program Files (x86)\PLAY INTERNET\XCodec.dll 2020-11-16 20:38 - 2014-12-18 12:52 - 000287744 _____ () [Brak podpisu cyfrowego] C:\Program Files (x86)\PLAY INTERNET\XFramePlugin.dll 2020-11-16 20:39 - 2009-06-23 03:42 - 000043008 _____ () [Brak podpisu cyfrowego] C:\ProgramData\PLAY INTERNET\OnlineUpdate\libgcc_s_dw2-1.dll 2020-11-16 20:39 - 2009-01-10 19:32 - 000011362 _____ () [Brak podpisu cyfrowego] C:\ProgramData\PLAY INTERNET\OnlineUpdate\mingwm10.dll 2020-11-16 20:39 - 2013-08-31 06:44 - 002417152 _____ () [Brak podpisu cyfrowego] C:\ProgramData\PLAY INTERNET\OnlineUpdate\QtCore4.dll 2020-11-16 20:39 - 2013-08-31 06:46 - 001148416 _____ () [Brak podpisu cyfrowego] C:\ProgramData\PLAY INTERNET\OnlineUpdate\QtNetwork4.dll 2020-11-16 11:14 - 2019-02-21 17:00 - 000078336 _____ (Igor Pavlov) [Brak podpisu cyfrowego] C:\Program Files\7-Zip\7-zip.dll 2020-07-30 15:25 - 2020-02-16 21:37 - 000007168 _____ (IMI Kurwica) [Brak podpisu cyfrowego] C:\Windows\system32\sle.dll 2020-10-27 12:15 - 2021-02-15 20:21 - 002651136 _____ (Microsoft Corporation) [Brak podpisu cyfrowego] c:\windows\system32\wuaueng3.dll 2017-02-06 14:25 - 2017-02-06 14:25 - 001412608 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [Brak podpisu cyfrowego] C:\Program Files (x86)\FileZilla Server\libeay32.dll 2017-02-06 14:25 - 2017-02-06 14:25 - 000365056 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [Brak podpisu cyfrowego] C:\Program Files (x86)\FileZilla Server\ssleay32.dll 2020-11-16 20:38 - 2013-09-25 01:50 - 000176128 _____ (TODO: ) [Brak podpisu cyfrowego] C:\Program Files (x86)\PLAY INTERNET\mcciwin32.dll ==================== Alternate Data Streams (filtrowane) ======== ==================== Tryb awaryjny (filtrowane) ================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Wartość "AlternateShell" zostanie przywrócona.) HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Hamachi2Svc => ""="Service" ==================== Powiązania plików (filtrowane) ================= ==================== Internet Explorer (Wersja 11) (filtrowane) ========== BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_271\bin\ssv.dll [2020-11-04] (Oracle America, Inc. -> Oracle Corporation) BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_271\bin\jp2ssv.dll [2020-11-04] (Oracle America, Inc. -> Oracle Corporation) ==================== Hosts - zawartość: ========================= (Użycie dyrektywy Hosts: w fixlist spowoduje reset pliku Hosts.) 2009-07-14 03:34 - 2009-06-10 22:00 - 000000824 _____ C:\Windows\system32\drivers\etc\hosts 2020-11-16 20:44 - 2021-02-16 21:59 - 000000435 _____ C:\Windows\system32\drivers\etc\hosts.ics 192.168.137.1 pcdomAnia.mshome.net # 2026 2 0 1 22 51 34 80 ==================== Inne obszary =========================== (Obecnie brak automatycznej naprawy dla tej sekcji.) HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Common Files\Oracle\Java\javapath;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common HKU\S-1-5-21-2684602908-2750127974-2092376734-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Ania\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg HKU\S-1-5-21-2684602908-2750127974-2092376734-1002\Control Panel\Desktop\\Wallpaper -> HKU\S-1-5-21-2684602908-2750127974-2092376734-1006\Control Panel\Desktop\\Wallpaper -> C:\Users\RAFONIX\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg DNS Servers: 185.89.185.1 - 89.108.202.21 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 0) Zapora systemu Windows [funkcja włączona] ==================== MSCONFIG/TASK MANAGER - Wyłączone elementy == (Załączenie wejścia w fixlist spowoduje jego usunięcie.) MSCONFIG\Services: opiekun => 2 MSCONFIG\startupreg: com.squirrel.Teams.Teams => C:\Users\Ania\AppData\Local\Microsoft\Teams\Update.exe --processStart "Teams.exe" --process-start-args "--system-initiated" ==================== Reguły Zapory systemu Windows (filtrowane) ================ (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) FirewallRules: [{C53F09A8-EC02-44E8-82AF-1B7A76860ABA}] => (Allow) C:\Program Files (x86)\OpiekunWEB5\Agent\vnc\winvnc.exe => Brak pliku FirewallRules: [{8C237F2F-1284-4542-A8A5-C5FD9095EEC5}] => (Allow) C:\Program Files (x86)\OpiekunWEB5\Agent\vnc\winvnc.exe => Brak pliku FirewallRules: [{B8483AC3-EFB3-460F-AF0E-1DF1C31E3E48}] => (Allow) C:\Program Files (x86)\OpiekunWEB5\Agent\owagent.exe => Brak pliku FirewallRules: [{567F92DD-E67E-4DC2-9E8C-0024F5FBB59A}] => (Allow) C:\Program Files (x86)\OpiekunWEB5\Agent\owagent.exe => Brak pliku FirewallRules: [{BC4035FA-58A5-40BE-A48F-B39503BB0373}] => (Allow) C:\Users\Ania\AppData\Local\Programs\Opera GX\71.0.3770.310\opera.exe (Opera Software AS -> Opera Software) FirewallRules: [{C3BDC590-ECEF-467E-B189-EA9F54A7DFAA}] => (Allow) C:\Users\wiktor\AppData\Local\Programs\Opera GX\71.0.3770.310\opera.exe (Opera Software AS -> Opera Software) FirewallRules: [{5CEBA695-4D50-43EE-BF77-2BBAF3FAB0A9}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation) FirewallRules: [{C1F5C7FD-A9F4-4752-B894-C9A1BA966D1F}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation) FirewallRules: [TCP Query User{909D60C4-49CB-48AE-8253-7120C25E8A0B}C:\users\wiktor\appdata\local\microsoft\teams\current\teams.exe] => (Allow) C:\users\wiktor\appdata\local\microsoft\teams\current\teams.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [UDP Query User{0B21A822-F153-4DDD-9506-5DBCA515829D}C:\users\wiktor\appdata\local\microsoft\teams\current\teams.exe] => (Allow) C:\users\wiktor\appdata\local\microsoft\teams\current\teams.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [{21ECDD4A-831A-4A45-BEB5-C577B583D2E8}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe (Valve -> Valve Corporation) FirewallRules: [{D0E134FF-822A-473A-9FDE-47719A9C966A}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe (Valve -> Valve Corporation) FirewallRules: [{65317CEB-1442-4FF9-A032-D26E556DECE2}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe (Valve -> ) FirewallRules: [{ADAFDFB3-03E7-4D18-A53C-149F2CC2848B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe (Valve -> ) FirewallRules: [TCP Query User{C35CD07C-15EF-44EA-9F9B-69777DCA435D}C:\program files (x86)\minecraft launcher\runtime\jre-x64\bin\javaw.exe] => (Allow) C:\program files (x86)\minecraft launcher\runtime\jre-x64\bin\javaw.exe FirewallRules: [UDP Query User{810CD5E5-0E90-4297-8EC9-537AEE6D03DB}C:\program files (x86)\minecraft launcher\runtime\jre-x64\bin\javaw.exe] => (Allow) C:\program files (x86)\minecraft launcher\runtime\jre-x64\bin\javaw.exe FirewallRules: [TCP Query User{2406F47D-D308-4C3E-A52A-FC2F32F80FC4}C:\program files\java\jre1.8.0_271\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_271\bin\javaw.exe FirewallRules: [UDP Query User{FFA21CA9-C0EE-4271-823C-F1B7384CB01B}C:\program files\java\jre1.8.0_271\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_271\bin\javaw.exe FirewallRules: [{C7A05E81-8526-4A6B-BEAE-8336F531B6F1}] => (Allow) C:\Program Files (x86)\WOMic\womicclient.exe () [Brak podpisu cyfrowego] FirewallRules: [TCP Query User{5CD6AB08-9C7B-4A8C-B81E-2883B47217FE}C:\users\wiktor\desktop\among us 9.9s\among us.exe] => (Allow) C:\users\wiktor\desktop\among us 9.9s\among us.exe () [Brak podpisu cyfrowego] FirewallRules: [UDP Query User{14B19EE7-B82D-476E-A5E5-1E399D973799}C:\users\wiktor\desktop\among us 9.9s\among us.exe] => (Allow) C:\users\wiktor\desktop\among us 9.9s\among us.exe () [Brak podpisu cyfrowego] FirewallRules: [TCP Query User{C1D14594-614B-46CB-B58F-730E2009031E}C:\users\rafonix\appdata\local\microsoft\teams\current\teams.exe] => (Allow) C:\users\rafonix\appdata\local\microsoft\teams\current\teams.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [UDP Query User{957EAEC7-5C9F-4CFC-842D-77AEDEE7492D}C:\users\rafonix\appdata\local\microsoft\teams\current\teams.exe] => (Allow) C:\users\rafonix\appdata\local\microsoft\teams\current\teams.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [{8C5E81EB-A0C0-4D3D-87F6-7C54C8A6E8E1}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation) FirewallRules: [{D4FAEE1F-6959-4339-B137-D251D4EADC4A}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation) FirewallRules: [TCP Query User{8CF41D38-29F1-46F9-BA1C-635081308A77}C:\users\rafonix\appdata\local\nvidia corporation\geforcenow\cef\geforcenow.exe] => (Allow) C:\users\rafonix\appdata\local\nvidia corporation\geforcenow\cef\geforcenow.exe (NVIDIA Corporation -> NVIDIA Corporation) FirewallRules: [UDP Query User{3FDBFCAB-7EC0-4E5A-BE5F-FCF71EED098D}C:\users\rafonix\appdata\local\nvidia corporation\geforcenow\cef\geforcenow.exe] => (Allow) C:\users\rafonix\appdata\local\nvidia corporation\geforcenow\cef\geforcenow.exe (NVIDIA Corporation -> NVIDIA Corporation) FirewallRules: [TCP Query User{DCC81A35-009B-4F42-ACD2-62C385E76AFD}C:\program files\epic games\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe] => (Allow) C:\program files\epic games\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe (Epic Games Inc. -> Epic Games, Inc.) FirewallRules: [UDP Query User{E2CD3CC2-E1F4-4F24-997F-74CD1C114C8F}C:\program files\epic games\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe] => (Allow) C:\program files\epic games\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe (Epic Games Inc. -> Epic Games, Inc.) FirewallRules: [TCP Query User{B60841A7-3CB8-4C41-B633-2B4315B1F054}C:\users\rafonix\appdata\roaming\crystal-launcher\runtime\64\jre1.8.0_271\bin\javaw.exe] => (Allow) C:\users\rafonix\appdata\roaming\crystal-launcher\runtime\64\jre1.8.0_271\bin\javaw.exe FirewallRules: [UDP Query User{55F0D149-5A00-49FE-8C32-EE53C03A604A}C:\users\rafonix\appdata\roaming\crystal-launcher\runtime\64\jre1.8.0_271\bin\javaw.exe] => (Allow) C:\users\rafonix\appdata\roaming\crystal-launcher\runtime\64\jre1.8.0_271\bin\javaw.exe FirewallRules: [{B6FF6300-D9B1-4C14-A766-CF2B2BC5BAC3}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.) FirewallRules: [{786124D4-50C9-4843-8067-EEBB7539A4EF}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.) FirewallRules: [{121736CF-E380-41FD-A2B3-D03EC40601A1}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.) FirewallRules: [{98ABCE03-6D2A-40A5-A9FF-2AEE2C084593}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.) FirewallRules: [{616A3872-FC25-4C1B-9FC8-3A7A12748372}] => (Allow) C:\Program Files\iTunes\iTunes.exe (Apple Inc. -> Apple Inc.) FirewallRules: [TCP Query User{72F3D150-820C-408D-B3F3-A78705213058}C:\program files\filezilla ftp client\filezilla.exe] => (Allow) C:\program files\filezilla ftp client\filezilla.exe (Tim Kosse -> FileZilla Project) FirewallRules: [UDP Query User{A6F1DD11-9328-4B59-A26F-2D3277A6669A}C:\program files\filezilla ftp client\filezilla.exe] => (Allow) C:\program files\filezilla ftp client\filezilla.exe (Tim Kosse -> FileZilla Project) FirewallRules: [TCP Query User{7D57F84A-C027-416C-B8ED-FEF05A6C869A}C:\program files\e2esoft\ivcam\ivcam.exe] => (Allow) C:\program files\e2esoft\ivcam\ivcam.exe (Shanghai Yitu Information Technology Co., Ltd. -> ) FirewallRules: [UDP Query User{5E5F7D23-9D0C-4177-A66D-2343832E547F}C:\program files\e2esoft\ivcam\ivcam.exe] => (Allow) C:\program files\e2esoft\ivcam\ivcam.exe (Shanghai Yitu Information Technology Co., Ltd. -> ) FirewallRules: [{6927D853-C562-4E4D-AFD7-1E3E4593AE90}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation) FirewallRules: [{61A88533-6E31-4315-AD2A-66F77C11E6A8}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation) FirewallRules: [{C4D4F60E-E679-4B12-ABA0-00D340E87CD5}] => (Allow) C:\Program Files\Lightworks\lightworks.exe (EditShare EMEA (X-Edit Limited) -> ) FirewallRules: [{5B871EAF-1724-4686-9CDD-C262E42D76AF}] => (Allow) C:\Program Files\Lightworks\lightworks.exe (EditShare EMEA (X-Edit Limited) -> ) FirewallRules: [{02BBD0EE-7B7D-4DA3-A504-6D737081ECF2}] => (Allow) C:\Program Files\Lightworks\ntcardvt.exe (EditShare EMEA (X-Edit Limited) -> LWKS Software Ltd) FirewallRules: [{E392D0D5-6822-4622-BA08-968240EDFA51}] => (Allow) C:\Program Files\Lightworks\ntcardvt.exe (EditShare EMEA (X-Edit Limited) -> LWKS Software Ltd) FirewallRules: [TCP Query User{A8231244-4FB7-4978-B21F-E534D76B65F5}C:\users\rafonix\appdata\local\fivem\fivem.app\cache\subprocess\fivem_gtaprocess.exe] => (Allow) C:\users\rafonix\appdata\local\fivem\fivem.app\cache\subprocess\fivem_gtaprocess.exe (Intricus Software Limited -> Cfx.re) [Brak podpisu cyfrowego] FirewallRules: [UDP Query User{54A80F77-C07D-46F7-B024-B5C0EDDB3484}C:\users\rafonix\appdata\local\fivem\fivem.app\cache\subprocess\fivem_gtaprocess.exe] => (Allow) C:\users\rafonix\appdata\local\fivem\fivem.app\cache\subprocess\fivem_gtaprocess.exe (Intricus Software Limited -> Cfx.re) [Brak podpisu cyfrowego] FirewallRules: [{2E3018E3-B442-4BEA-ADB4-026FDCE71E56}] => (Allow) E:\Epic Games\GTAV\GTA5.exe (Rockstar Games, Inc. -> Rockstar Games) FirewallRules: [{DCE11995-EA14-41E1-A3BA-B3AB21D0FE11}] => (Allow) E:\Epic Games\GTAV\GTA5.exe (Rockstar Games, Inc. -> Rockstar Games) FirewallRules: [{8C2920C9-DBC9-4B02-B569-62DC874DEF15}] => (Allow) E:\Epic Games\GTAV\GTA5.exe (Rockstar Games, Inc. -> Rockstar Games) FirewallRules: [{75109D5E-1944-49BF-9632-164F3C5E77B2}] => (Allow) E:\Epic Games\GTAV\GTA5.exe (Rockstar Games, Inc. -> Rockstar Games) FirewallRules: [TCP Query User{677B3FEF-25DF-4EC7-ACEF-0BDB1A8F3A54}C:\users\rafonix\appdata\local\fivem\fivem.app\cache\subprocess\fivem_b2189_gtaprocess.exe] => (Allow) C:\users\rafonix\appdata\local\fivem\fivem.app\cache\subprocess\fivem_b2189_gtaprocess.exe (Intricus Software Limited -> Cfx.re) [Brak podpisu cyfrowego] FirewallRules: [UDP Query User{081DFE79-7517-4974-AA63-4FBAC9A27C18}C:\users\rafonix\appdata\local\fivem\fivem.app\cache\subprocess\fivem_b2189_gtaprocess.exe] => (Allow) C:\users\rafonix\appdata\local\fivem\fivem.app\cache\subprocess\fivem_b2189_gtaprocess.exe (Intricus Software Limited -> Cfx.re) [Brak podpisu cyfrowego] FirewallRules: [{34F44FB0-13BB-40F6-A05F-A097A4967D70}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC) ==================== Punkty Przywracania systemu ========================= 13-02-2021 21:20:02 Windows Update 14-02-2021 20:21:36 Kopia zapasowa systemu Windows 15-02-2021 19:28:35 Revo Uninstaller's restore point - OpiekunWEB (wersja 5.0.0.293) 15-02-2021 20:38:45 Restore Point Created by FRST 16-02-2021 22:15:45 Removed @BIOS B15.0630.1 ==================== Wadliwe urządzenia w Menedżerze urządzeń ============ Name: Hamachi Network Interface Description: Hamachi Network Interface Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318} Manufacturer: LogMeIn, Inc. Service: hamachi Problem: : This device is disabled. (Code 22) Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions. Name: Realtek PCIe GbE Family Controller Description: Realtek PCIe GbE Family Controller Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318} Manufacturer: Realtek Service: RTL8167 Problem: : This device is disabled. (Code 22) Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions. ==================== Błędy w Dzienniku zdarzeń: ======================== Dziennik Aplikacja: ================== Error: (02/16/2021 10:05:45 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3011) (User: ZARZĄDZANIE NT) Description: Nie można usunąć z pamięci ciągów licznika wydajności dla usługi WmiApRpl (WmiApRpl). Pierwszy wpis DWORD w sekcji danych (Data) zawiera kod błędu. Error: (02/16/2021 10:05:45 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3012) (User: ZARZĄDZANIE NT) Description: Ciągi wydajności w wartości rejestru wydajności są uszkodzone, kiedy proces wykonuje następującą operację na dostawcy licznika rozszerzeń: Performance. Wartość BaseIndex z rejestru wydajności to pierwszy wpis DWORD w sekcji danych Data, wartość LastCounter to drugi wpis DWORD, a wartość LastHelp to trzeci wpis DWORD w sekcji Data. Error: (02/16/2021 10:05:45 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3012) (User: ZARZĄDZANIE NT) Description: Ciągi wydajności w wartości rejestru wydajności są uszkodzone, kiedy proces wykonuje następującą operację na dostawcy licznika rozszerzeń: Performance. Wartość BaseIndex z rejestru wydajności to pierwszy wpis DWORD w sekcji danych Data, wartość LastCounter to drugi wpis DWORD, a wartość LastHelp to trzeci wpis DWORD w sekcji Data. Error: (02/16/2021 10:01:44 PM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Client application bug: DNSServiceResolve(mobile._epoccam._tcp.local.) active for over two minutes. This places considerable burden on the network. Error: (02/16/2021 09:59:27 PM) (Source: WinMgmt) (EventID: 10) (User: ) Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected. Error: (02/16/2021 09:35:06 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3011) (User: ZARZĄDZANIE NT) Description: Nie można usunąć z pamięci ciągów licznika wydajności dla usługi WmiApRpl (WmiApRpl). Pierwszy wpis DWORD w sekcji danych (Data) zawiera kod błędu. Error: (02/16/2021 09:35:06 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3012) (User: ZARZĄDZANIE NT) Description: Ciągi wydajności w wartości rejestru wydajności są uszkodzone, kiedy proces wykonuje następującą operację na dostawcy licznika rozszerzeń: Performance. Wartość BaseIndex z rejestru wydajności to pierwszy wpis DWORD w sekcji danych Data, wartość LastCounter to drugi wpis DWORD, a wartość LastHelp to trzeci wpis DWORD w sekcji Data. Error: (02/16/2021 09:35:06 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3012) (User: ZARZĄDZANIE NT) Description: Ciągi wydajności w wartości rejestru wydajności są uszkodzone, kiedy proces wykonuje następującą operację na dostawcy licznika rozszerzeń: Performance. Wartość BaseIndex z rejestru wydajności to pierwszy wpis DWORD w sekcji danych Data, wartość LastCounter to drugi wpis DWORD, a wartość LastHelp to trzeci wpis DWORD w sekcji Data. Dziennik System: ============= Error: (02/16/2021 09:59:26 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Nie można uruchomić usługi PLAY INTERNET. OUC z powodu następującego błędu: Usługa nie odpowiada na sygnał uruchomienia lub sygnał sterujący w oczekiwanym czasie. Error: (02/16/2021 09:59:26 PM) (Source: Service Control Manager) (EventID: 7009) (User: ) Description: Upłynął limit czasu (30000 ms) podczas oczekiwania na połączenie się z usługą PLAY INTERNET. OUC. Error: (02/16/2021 09:59:24 PM) (Source: EventLog) (EventID: 6008) (User: ) Description: Poprzednie zamknięcie systemu przy 21:58:03 na ‎2021-‎02-‎16 było nieoczekiwane. Error: (02/16/2021 09:29:13 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Nie można uruchomić usługi PLAY INTERNET. OUC z powodu następującego błędu: Usługa nie odpowiada na sygnał uruchomienia lub sygnał sterujący w oczekiwanym czasie. Error: (02/16/2021 09:29:13 PM) (Source: Service Control Manager) (EventID: 7009) (User: ) Description: Upłynął limit czasu (30000 ms) podczas oczekiwania na połączenie się z usługą PLAY INTERNET. OUC. Error: (02/16/2021 09:29:11 PM) (Source: EventLog) (EventID: 6008) (User: ) Description: Poprzednie zamknięcie systemu przy 21:27:25 na ‎2021-‎02-‎16 było nieoczekiwane. Error: (02/16/2021 08:58:47 PM) (Source: ipnathlp) (EventID: 31004) (User: ) Description: Agent proxy DNS nie może przydzielić 0 bajtów pamięci. Może to wskazywać, że w systemie brakuje pamięci wirtualnej lub że menedżer pamięci napotkał błąd wewnętrzny. Error: (02/16/2021 08:58:33 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Nie można uruchomić usługi PLAY INTERNET. OUC z powodu następującego błędu: Usługa nie odpowiada na sygnał uruchomienia lub sygnał sterujący w oczekiwanym czasie. Windows Defender: ================ Date: 2021-02-13 21:17:45.174 Description: Produkt Windows Defender napotka� b��d podczas pr�by za�adowania podpis�w i podejmie pr�b� powrotu do znanego zestawu dobrych podpis�w. Podpisy obj�te pr�b�:Bie��ce Kod b��du:0x80070003 Opis b��du:System nie mo�e odnale�� okre�lonej �cie�ki. Wersja podpisu:0.0.0.0 Wersja aparatu:0.0.0.0 ==================== Statystyki pamięci =========================== BIOS: American Megatrends Inc. F15 08/20/2015 Płyta główna: Gigabyte Technology Co., Ltd. B85M-D3H Procesor: Intel(R) Core(TM) i5-4570 CPU @ 3.20GHz Procent pamięci w użyciu: 40% Całkowita pamięć fizyczna: 8173.73 MB Dostępna pamięć fizyczna: 4825.95 MB Całkowita pamięć wirtualna: 16345.61 MB Dostępna pamięć wirtualna: 12155.21 MB ==================== Dyski ================================ Drive c: (Win7x64) (Fixed) (Total:223.47 GB) (Free:19.13 GB) NTFS Drive e: (Backup) (Fixed) (Total:465.76 GB) (Free:326.47 GB) NTFS Drive f: (PLAY INTERNET) (CDROM) (Total:0.04 GB) (Free:0 GB) CDFS \\?\Volume{a3367fc3-1845-11eb-bed1-806e6f6e6963}\ (Zastrzeżone przez system) (Fixed) (Total:0.1 GB) (Free:0.04 GB) NTFS ==================== MBR & Tablica partycji ==================== ========================================================== Disk: 0 (MBR Code: Windows 7/8/10) (Size: 223.6 GB) (Disk ID: C0B232A0) Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS) Partition 2: (Not Active) - (Size=223.5 GB) - (Type=07 NTFS) ========================================================== Disk: 1 (MBR Code: Windows 7/8/10) (Size: 465.8 GB) (Disk ID: 040ECBF5) Partition 1: (Not Active) - (Size=465.8 GB) - (Type=07 NTFS) ==================== Koniec Addition.txt =======================