Undetectable malware - Virus, Trojan, Spyware, and Malware Removal Help

 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Latest News:    LabHost phishing service with 40,000 domains disrupted, 37 arrested

Featured Deal: Add a 5G Android tablet to your gear with $130 off this TCL Tab 10

Latest Buyer's Guide:    Best VPNs for privacy in 2024: Protect yourself online

Generic User Avatar

Undetectable malware

Started by michalp , Dec 28 2021 01:12 PM

  • This topic is locked This topic is locked
12 replies to this topic

#1 michalp

michalp

  • Avatar image
  • Members
  • 16 posts
  • OFFLINE
    •  
  • Local time:02:21 PM

Posted 28 December 2021 - 01:12 PM

Hello. I have problem with undetected malware. My computer slow boot and slow close and i can't play games like counterstrike global offensive i have something like input lag. I try reinstall of my system windows 7 64 bit but it don't help me. My computer sometimes crash and i have black screen and hear fan loud working.


Edited by michalp, 28 December 2021 - 01:34 PM.

BC AdBot (Login to Remove)

 

#2 michalp

michalp
  • Topic Starter

  • Avatar image
  • Members
  • 16 posts
  • OFFLINE
    •  
  • Local time:02:21 PM

Posted 28 December 2021 - 01:59 PM

Rezultaty skanowania Farbar Recovery Scan Tool (FRST) (x64) Wersja: 27-12-2021
Uruchomiony przez mind (administrator)  MIND-KOMPUTER (Gigabyte Technology Co., Ltd. G1.Sniper B6) (28-12-2021 19:52:14)
Uruchomiony z C:\Users\mind\Desktop
Załadowane profile: mind
Platform: Microsoft Windows 7 Professional  Service Pack 1 (X64) Język: Polski (Polska)
Domyślna przeglądarka: Chrome
Tryb startu: Normal
 
==================== Procesy (filtrowane) =================
 
(Załączenie wejścia w fixlist spowoduje zamknięcie procesu. Powiązany plik nie zostanie przeniesiony.)
 
() [Brak podpisu cyfrowego] C:\Program Files (x86)\Brother\Brmfcmon\BrMfcWnd.exe
() [Brak podpisu cyfrowego] C:\Program Files (x86)\Gigabyte\AppCenter\AdjustService.exe
(Adobe Inc. -> ) C:\Program Files (x86)\Adobe\Adobe Sync\CoreSync\CoreSync.exe
(Adobe Inc. -> Adobe Inc) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\IPCBox\AdobeIPCBroker.exe
(Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ADS\Adobe Desktop Service.exe
(Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe
(Adobe Inc. -> Adobe Inc.) C:\Program Files\Adobe\Adobe Creative Cloud\ACC\Creative Cloud Helper.exe
(Adobe Inc. -> Adobe Inc.) C:\Program Files\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe
(Adobe Inc. -> Adobe Inc.) C:\Program Files\Common Files\Adobe\Adobe Desktop Common\HEX\Adobe CEF Helper.exe <3>
(Adobe Inc. -> Adobe Systems Incorporated) C:\Program Files\Adobe\Adobe Creative Cloud Experience\CCXProcess.exe
(Adobe Inc. -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe
(Adobe Inc. -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
(AMD) [Brak podpisu cyfrowego] C:\Windows\System32\atieclxx.exe
(AMD) [Brak podpisu cyfrowego] C:\Windows\System32\atiesrxx.exe
(Autodesk, Inc. -> Autodesk Inc.) C:\Program Files (x86)\Autodesk\Autodesk Desktop App\AdAppMgrSvc.exe
(Autodesk, Inc. -> Autodesk) C:\Program Files (x86)\Autodesk\Autodesk Desktop App\AcWebBrowser\AcWebBrowser.exe <3>
(Autodesk, Inc. -> Autodesk) C:\Program Files (x86)\Common Files\Autodesk Shared\AdskLicensing\11.0.0.4854\AdskLicensingService\AdskLicensingService.exe
(Autodesk, Inc. -> Autodesk, Inc.) C:\Program Files (x86)\Autodesk\Autodesk Desktop App\AutodeskDesktopApp.exe
(Bitdefender SRL -> Bitdefender) C:\Program Files\Bitdefender Agent\25.0.1.194\DiscoverySrv.exe
(Bitdefender SRL -> Bitdefender) C:\Program Files\Bitdefender Agent\ProductAgentService.exe
(Bitdefender SRL -> Bitdefender) C:\Program Files\Bitdefender Agent\redline\bdredline.exe
(Bitdefender SRL -> Bitdefender) C:\Program Files\Bitdefender\Bitdefender Security\bdagent.exe
(Bitdefender SRL -> Bitdefender) C:\Program Files\Bitdefender\Bitdefender Security\bdntwrk.exe
(Bitdefender SRL -> Bitdefender) C:\Program Files\Bitdefender\Bitdefender Security\bdservicehost.exe <2>
(Bitdefender SRL -> Bitdefender) C:\Program Files\Bitdefender\Bitdefender Security\bdtrackersnmh.exe
(Bitdefender SRL -> Bitdefender) C:\Program Files\Bitdefender\Bitdefender Security\updatesrv.exe
(Bitdefender SRL -> Bitdefender) C:\Program Files\Bitdefender\Bitdefender VPN\bdvpnapp.exe
(Bitdefender SRL -> Bitdefender) C:\Program Files\Bitdefender\Bitdefender VPN\BdVpnService.exe
(Bitdefender SRL -> Bitdefender) C:\Program Files\Common Files\Bitdefender\SetupInformation\Bitdefender RedLine\bdredline.exe
(Brother Industries, Ltd.) [Brak podpisu cyfrowego] C:\Program Files (x86)\Brother\Brmfcmon\BrMfcMon.exe
(Brother Industries, Ltd.) [Brak podpisu cyfrowego] C:\Program Files (x86)\Brother\ControlCenter3\BrccMCtl.exe
(Flexera Software LLC -> Flexera) C:\Program Files (x86)\Common Files\Macrovision Shared\FlexNet Publisher\FNPLicensingService.exe
(GIGA-BYTE TECHNOLOGY CO., LTD. -> ) C:\Program Files (x86)\Gigabyte\AmbientLED\LEDCtrl.exe
(GIGA-BYTE TECHNOLOGY CO., LTD. -> ) C:\Program Files (x86)\Gigabyte\AppCenter\ApCent.exe
(GOG Sp. z o.o. -> GOG.com) C:\ProgramData\GOG.com\Galaxy\redists\GalaxyCommunication.exe
(GOG Sp. z o.o. -> GOG.com) D:\Program Files (x86)\GOG Galaxy\GalaxyClient Helper.exe <2>
(GOG Sp. z o.o. -> GOG.com) D:\Program Files (x86)\GOG Galaxy\GalaxyClient.exe
(GOG Sp. z o.o. -> GOG.com) D:\Program Files (x86)\GOG Galaxy\GOG Galaxy Notifications Renderer.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe <12>
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.112\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.112\GoogleCrashHandler64.exe
(Intel Corporation - pGFX -> Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Intel Corporation - pGFX -> Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation - Rapid Storage Technology -> Intel Corporation) C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation - Rapid Storage Technology -> Intel Corporation) C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
(Intel Corporation - Software and Firmware Products -> Intel Corporation) C:\Program Files (x86)\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
(Intel Corporation -> Intel Corporation) C:\Windows\System32\IPROSetMonitor.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\cmd.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe <2>
(Microsoft Windows -> Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
(Node.js Foundation -> Node.js) C:\Program Files\Adobe\Adobe Creative Cloud Experience\libs\node.exe
(Nvidia Corporation -> Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe <2>
(Razer USA Ltd. -> ) C:\Program Files (x86)\Razer\Synapse3\UserProcess\Razer Synapse Service Process.exe
(Razer USA Ltd. -> Razer Inc) C:\Program Files (x86)\Razer\Razer Services\GMS\GameManagerService.exe
(Razer USA Ltd. -> Razer Inc.) C:\Program Files (x86)\Razer Chroma SDK\bin\RzChromaStreamServer.exe
(Razer USA Ltd. -> Razer Inc.) C:\Program Files (x86)\Razer Chroma SDK\bin\RzSDKServer.exe
(Razer USA Ltd. -> Razer Inc.) C:\Program Files (x86)\Razer Chroma SDK\bin\RzSDKService.exe
(Razer USA Ltd. -> Razer Inc.) C:\Program Files (x86)\Razer\Razer Services\Razer Central\Razer Central.exe
(Razer USA Ltd. -> Razer Inc.) C:\Program Files (x86)\Razer\Razer Services\Razer Central\RazerCentralService.exe
(Razer USA Ltd. -> Razer Inc.) C:\Program Files (x86)\Razer\Synapse3\Service\Razer Synapse Service.exe
(Razer USA Ltd. -> Razer Inc.) C:\Program Files (x86)\Razer\Synapse3\WPFUI\Framework\Razer Synapse 3 Host\Razer Synapse 3.exe
(Razer USA Ltd. -> The CefSharp Authors) C:\Program Files (x86)\Razer\Razer Services\Razer Central\CefSharp.BrowserSubprocess.exe <2>
(Valve -> Valve Corporation) C:\Program Files (x86)\Razer\Razer Services\GMS\SteamCmd\steamerrorreporter.exe
(Valve Corp. -> Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
(Valve Corp. -> Valve Corporation) D:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe <7>
(Valve Corp. -> Valve Corporation) D:\Program Files (x86)\Steam\steam.exe
 
==================== Rejestr (filtrowane) ===================
 
(Załączenie wejścia w fixlist spowoduje usunięcie obiektu z rejestru lub przywrócenie jego domyślnej postaci. Powiązany plik nie zostanie przeniesiony.)
 
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe [322472 2015-06-23] (Intel Corporation - Rapid Storage Technology -> Intel Corporation)
HKLM\...\Run: [BdVpnApp] => C:\Program Files\Bitdefender\Bitdefender VPN\BdVpnApp.exe [261224 2021-10-04] (Bitdefender SRL -> Bitdefender)
HKLM\...\Run: [Bdagent] => C:\Program Files\Bitdefender\Bitdefender Security\bdagent.exe [580696 2021-12-24] (Bitdefender SRL -> Bitdefender)
HKLM\...\Run: [AdobeGCInvoker-1.0] => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [3325520 2020-05-05] (Adobe Inc. -> Adobe Systems, Incorporated)
HKLM-x32\...\Run: [USB3MON] => C:\Program Files (x86)\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [292848 2014-02-21] (Intel Corporation - Software and Firmware Products -> Intel Corporation)
HKLM-x32\...\Run: [ControlCenter3] => C:\Program Files (x86)\Brother\ControlCenter3\brctrcen.exe [114688 2008-12-24] (Brother Industries, Ltd.) [Brak podpisu cyfrowego]
HKLM-x32\...\Run: [BrMfcWnd] => C:\Program Files (x86)\Brother\Brmfcmon\BrMfcWnd.exe [1163264 2012-09-25] () [Brak podpisu cyfrowego]
HKLM-x32\...\Run: [Autodesk Genuine Service ] => C:\ProgramData\Autodesk\Genuine Service\x64\GenuineService.exe [2913648 2021-05-10] (Autodesk, Inc. -> Autodesk)
HKLM-x32\...\Run: [Autodesk Desktop App] => C:\Program Files (x86)\Autodesk\Autodesk Desktop App\AutodeskDesktopApp.exe [668376 2021-05-11] (Autodesk, Inc. -> Autodesk, Inc.)
HKLM-x32\...\Run: [Adobe Creative Cloud] => C:\Program Files\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2091064 2021-04-27] (Adobe Inc. -> Adobe Inc.)
HKLM-x32\...\Run: [Adobe CCXProcess] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud Experience\CCXProcess.exe [129288 2021-01-25] (Adobe Inc. -> )
HKLM-x32\...\RunOnce: [PreRun] => C:\Program Files (x86)\Gigabyte\AppCenter\PreRun.exe [8192 2013-04-29] () [Brak podpisu cyfrowego]
HKU\S-1-5-21-2337610357-331856407-1874907210-1000\...\Run: [GalaxyClient] => [X]
HKU\S-1-5-21-2337610357-331856407-1874907210-1000\...\Run: [Synapse3] => C:\Program Files (x86)\Razer\Synapse3\WPFUI\Framework\Razer Synapse 3 Host\Razer Synapse 3.exe [3524216 2021-12-09] (Razer USA Ltd. -> Razer Inc.)
HKU\S-1-5-21-2337610357-331856407-1874907210-1000\...\Run: [Steam] => D:\Program Files (x86)\Steam\steam.exe [4267432 2021-12-16] (Valve Corp. -> Valve Corporation)
HKU\S-1-5-21-2337610357-331856407-1874907210-1000\...\Run: [GogGalaxy] => D:\Program Files (x86)\GOG Galaxy\GalaxyClient.exe [13799776 2021-12-21] (GOG Sp. z o.o. -> GOG.com)
HKU\S-1-5-21-2337610357-331856407-1874907210-1000\...\Run: [CCXProcess] => C:\Program Files\Adobe\Adobe Creative Cloud Experience\CCXProcess.exe [677512 2020-09-01] (Adobe Inc. -> Adobe Systems Incorporated)
HKU\S-1-5-18\...\Run: [Synapse3] => C:\Program Files (x86)\Razer\Synapse3\WPFUI\Framework\Razer Synapse 3 Host\Razer Synapse 3.exe [3524216 2021-12-09] (Razer USA Ltd. -> Razer Inc.)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\96.0.4664.110\Installer\chrmstp.exe [2021-12-14] (Google LLC -> Google LLC)
 
==================== Zaplanowane zadania (filtrowane) ============
 
(Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.)
 
Task: {01916669-F121-4039-912D-2256ADFB9CFC} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [649216 2021-12-08] (Nvidia Corporation -> NVIDIA Corporation)
Task: {049814ED-0A36-411D-A204-A6E92356C27A} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [3341312 2021-12-09] (Nvidia Corporation -> NVIDIA Corporation)
Task: {08996859-958B-4196-A5A3-14F594D0D95E} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe do-task "308046B0AF4A39CB"
Task: {08A395C9-C55A-46FA-B2C7-87F97D48D0C5} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156968 2019-02-12] (Google Inc -> Google Inc.)
Task: {10515DD0-D3E3-4FE4-9B74-80750CA5FF8A} - System32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1650384 2021-12-08] (Nvidia Corporation -> NVIDIA Corporation)
Task: {352212C6-F27A-4B69-8DA3-0CA8EABB39E3} - System32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1650384 2021-12-08] (Nvidia Corporation -> NVIDIA Corporation)
Task: {4239AA3F-2538-4EDB-A845-4E8278DD6D32} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [904904 2021-12-08] (Nvidia Corporation -> NVIDIA Corporation)
Task: {5D5CD07F-40B7-456C-9415-BF23AF144404} - System32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1650384 2021-12-08] (Nvidia Corporation -> NVIDIA Corporation)
Task: {5E195D51-0929-4A35-84AD-164A7905E0A5} - System32\Tasks\Bitdefender Agent WatchDog_65D6944A0EF74FDAB96E31112AD39864 => C:\Program Files\Bitdefender Agent\25.0.1.194\WatchDog.exe [937064 2021-08-10] (Bitdefender SRL -> Bitdefender)
Task: {77EE1766-3668-46DB-AB76-713688B75877} - System32\Tasks\AdobeGCInvoker-1.0 => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [3325520 2020-05-05] (Adobe Inc. -> Adobe Systems, Incorporated)
Task: {8042E887-0264-4B10-B758-00CDC9101497} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [903024 2021-11-16] (NVIDIA Corporation -> NVIDIA Corporation) -> -d "C:\Program Files\NVIDIA Corporation\NvDriverUpdateCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerDriverUpdateCheck.log
Task: {89EA5894-D332-4415-B23E-E4DE3F51485E} - System32\Tasks\GoogleUpdateTaskMachineCore1d5feee64f278b6 => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156968 2019-02-12] (Google Inc -> Google Inc.)
Task: {AB6CF592-1589-4106-B62B-17C5176AAF27} - System32\Tasks\AdobeAAMUpdater-1.0-mind-Komputer-mind => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe -mode=scheduled (Brak pliku)
Task: {B1C9F901-1F02-48F3-8CCD-6C13250810A1} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1562376 2021-08-16] (Adobe Inc. -> Adobe Inc.)
Task: {C67D83F2-008A-4672-AE55-5E4FD4C560E5} - System32\Tasks\Mozilla\Firefox Background Update 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\firefox.exe --MOZ_LOG sync,prependheader,timestamp,append,maxsize:1,Dump:5 --MOZ_LOG_FILE C:\ProgramData\Mozilla\updates\308046B0AF4A39CB\backgroundupdate.moz_log --backgroundtask backgroundupdate
Task: {E8C6FA8B-FA39-496C-A048-2BC7009D765D} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156968 2019-02-12] (Google Inc -> Google Inc.)
Task: {F8D54325-2DC7-4EE0-B1ED-608615BBF46B} - System32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1650384 2021-12-08] (Nvidia Corporation -> NVIDIA Corporation)
Task: {FE5FE8D5-829C-4F20-A042-B6E10FB0DE8F} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [904904 2021-12-08] (Nvidia Corporation -> NVIDIA Corporation)
 
(Załączenie wejścia w fixlist spowoduje przesunięcie pliku zadania (.job). Plik uruchamiany docelowo przez zadanie nie zostanie przeniesiony.)
 
Task: C:\Windows\Tasks\McAfee Remediation (Prepare).job => C:\Program Files\Common Files\AV\McAfee VirusScan\upgrade.exe
 
==================== Internet (filtrowane) ====================
 
(Załączenie wejścia w fixlist, w przypadku gdy jest to obiekt rejestru, spowoduje usunięcie go z rejestru lub przywrócenie jego domyślnej postaci.)
 
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 192.168.1.1
Tcpip\..\Interfaces\{6C911AF7-2843-47E8-8DF7-9F9D1ACE2CE2}: [DhcpNameServer] 192.168.1.1 192.168.1.1
Tcpip\..\Interfaces\{C746BE3D-6489-44C9-9F89-C5CBFC1F3043}: [DhcpNameServer] 192.168.1.1 192.168.1.1
 
Edge: 
=======
Edge DefaultProfile: Default
Edge Profile: C:\Users\mind\AppData\Local\Microsoft\Edge\User Data\Default [2021-12-26]
Edge HomePage: Default -> about:blank
 
FireFox:
========
FF DefaultProfile: mku9opac.default
FF ProfilePath: C:\Users\mind\AppData\Roaming\Mozilla\Firefox\Profiles\mku9opac.default [2021-12-28]
FF Notifications: Mozilla\Firefox\Profiles\mku9opac.default -> hxxps://poczta.interia.pl
FF HKLM\...\Firefox\Extensions: [bdwtwe@bitdefender.com] - C:\Program Files\Bitdefender\Bitdefender Security\bdwteff.xpi
FF Extension: (Bitdefender Wallet) - C:\Program Files\Bitdefender\Bitdefender Security\bdwteff.xpi [2021-08-16] [UpdateUrl:hxxps://download.bitdefender.com/windows/desktop/connect/wallet/updates.json ]
FF HKLM\...\Firefox\Extensions: [bdtbe@bitdefender.com] - C:\Program Files\Bitdefender\Bitdefender Security\bdtbef.xpi
FF Extension: (Bitdefender Anti-tracker) - C:\Program Files\Bitdefender\Bitdefender Security\bdtbef.xpi [2021-06-14] [UpdateUrl:hxxps://download.bitdefender.com/windows/desktop/connect/antitracker/updates.json ]
FF HKLM\...\Thunderbird\Extensions: [bdThunderbird@bitdefender.com] - C:\Program Files\Bitdefender\Bitdefender Security\bdtbext
FF Extension: (Bitdefender Antispam Toolbar) - C:\Program Files\Bitdefender\Bitdefender Security\bdtbext [2021-08-16] [Przestarzałe] [Brak podpisu cyfrowego]
FF HKLM-x32\...\Firefox\Extensions: [bdwtwe@bitdefender.com] - C:\Program Files\Bitdefender\Bitdefender Security\bdwteff.xpi
FF HKLM-x32\...\Firefox\Extensions: [bdtbe@bitdefender.com] - C:\Program Files\Bitdefender\Bitdefender Security\bdtbef.xpi
FF HKLM-x32\...\Thunderbird\Extensions: [bdThunderbird@bitdefender.com] - C:\Program Files\Bitdefender\Bitdefender Security\bdtbext
FF Plugin: @microsoft.com/GENUINE -> disabled [Brak pliku]
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [2021-04-27] (Adobe Inc. -> Adobe Systems)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [Brak pliku]
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2021-10-05] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [2021-04-27] (Adobe Inc. -> Adobe Systems)
FF ExtraCheck: C:\Program Files\mozilla firefox\defaults\pref\bd_js_config.js [2021-06-15] <==== UWAGA (Linkuje do pliku *.cfg)
FF ExtraCheck: C:\Program Files\mozilla firefox\bd_config.cfg [2021-06-15] <==== UWAGA
 
Chrome: 
=======
CHR Profile: C:\Users\mind\AppData\Local\Google\Chrome\User Data\Default [2021-12-28]
CHR Notifications: Default -> hxxps://bookmaster.com.pl; hxxps://designbundles.net; hxxps://fontbundles.net; hxxps://justentrepreneurship.com; hxxps://koszulkimichala1.cupsell.pl; hxxps://pizzahut.pl; hxxps://pl.pinterest.com; hxxps://pogoda.interia.pl; hxxps://www.autodesk.pl; hxxps://www.autoscout24.pl; hxxps://www.facebook.com; hxxps://www.faceit.com; hxxps://www.instagram.com; hxxps://www.komputronik.pl; hxxps://www.runmageddon.pl
CHR HomePage: Default -> hxxps://www.google.pl/
CHR StartupUrls: Default -> "hxxp://google.pl/"
CHR DefaultSearchURL: Default -> hxxps://pl.search.yahoo.com/search?fr=mcafee_uninternational&type=E211PL1485G0&p={searchTerms}
CHR DefaultSearchKeyword: Default -> mcafee
CHR Extension: (Bitdefender Wallet) - C:\Users\mind\AppData\Local\Google\Chrome\User Data\Default\Extensions\gannpgaobkkhmpomoijebaigcapoeebl [2021-06-14]
CHR Extension: (Bitdefender Anti-tracker) - C:\Users\mind\AppData\Local\Google\Chrome\User Data\Default\Extensions\khndhdhbebhaddchcgnalcjlaekbbeof [2021-06-14]
CHR Extension: (Płatności w sklepie Chrome Web Store) - C:\Users\mind\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-01-30]
CHR HKLM-x32\...\Chrome\Extension: [gannpgaobkkhmpomoijebaigcapoeebl]
CHR HKLM-x32\...\Chrome\Extension: [khndhdhbebhaddchcgnalcjlaekbbeof]
 
==================== Usługi (filtrowane) ===================
 
(Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.)
 
R2 AdAppMgrSvc; C:\Program Files (x86)\Autodesk\Autodesk Desktop App\AdAppMgrSvc.exe [1050920 2021-05-11] (Autodesk, Inc. -> Autodesk Inc.)
S3 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [169728 2021-08-16] (Adobe Inc. -> Adobe Inc.)
R2 AdobeUpdateService; C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe [844856 2021-04-27] (Adobe Inc. -> Adobe Inc.)
R2 AdskLicensingService; C:\Program Files (x86)\Common Files\Autodesk Shared\AdskLicensing\Current\AdskLicensingService\AdskLicensingService.exe [18673448 2020-11-17] (Autodesk, Inc. -> Autodesk)
S3 AfVpnService; C:\Program Files\Bitdefender\Bitdefender VPN\hydra.sdk.windows.service.exe [198256 2021-01-25] (Pango Inc. -> AnchorFree Inc.)
R2 AGMService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe [3673680 2020-05-05] (Adobe Inc. -> Adobe Systems, Incorporated)
R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [3406416 2020-05-05] (Adobe Inc. -> Adobe Systems, Incorporated)
R2 AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [203264 2009-08-18] (AMD) [Brak podpisu cyfrowego]
R2 BDAuxSrv; C:\Program Files\Bitdefender\Bitdefender Security\bdservicehost.exe [821896 2021-12-24] (Bitdefender SRL -> Bitdefender)
R2 bdredline; C:\Program Files\Common Files\Bitdefender\SetupInformation\Bitdefender RedLine\bdredline.exe [2195344 2018-03-22] (Bitdefender SRL -> Bitdefender)
R2 bdredline_agent; C:\Program Files\Bitdefender Agent\redline\bdredline.exe [1899112 2018-03-22] (Bitdefender SRL -> Bitdefender)
R2 BdVpnService; C:\Program Files\Bitdefender\Bitdefender VPN\bdvpnservice.exe [256616 2021-10-04] (Bitdefender SRL -> Bitdefender)
S4 clr_optimization_v2.0.50727_64; C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe [90776 2014-03-19] (Microsoft Corporation -> Microsoft Corporation)
S2 clr_optimization_v4.0.30319_64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [158912 2019-03-28] (Microsoft Dynamic Code Publisher -> Microsoft Corporation)
R2 gadjservice; C:\Program Files (x86)\Gigabyte\AppCenter\AdjustService.exe [16896 2015-04-14] () [Brak podpisu cyfrowego]
S3 GalaxyClientService; D:\Program Files (x86)\GOG Galaxy\GalaxyClientService.exe [1959776 2021-12-21] (GOG Sp. z o.o. -> GOG.com)
S3 GalaxyCommunication; C:\ProgramData\GOG.com\Galaxy\redists\GalaxyCommunication.exe [6484832 2021-09-30] (GOG Sp. z o.o. -> GOG.com)
R2 LEDCtrl; C:\Program Files (x86)\GIGABYTE\AmbientLED\LEDCtrl.exe [34624 2014-09-24] (GIGA-BYTE TECHNOLOGY CO., LTD. -> )
R2 ProductAgentService; C:\Program Files\Bitdefender Agent\ProductAgentService.exe [785512 2021-08-10] (Bitdefender SRL -> Bitdefender)
R2 Razer Chroma SDK Server; C:\Program Files (x86)\Razer Chroma SDK\bin\RzSDKServer.exe [1142808 2021-10-19] (Razer USA Ltd. -> Razer Inc.)
R2 Razer Chroma SDK Service; C:\Program Files (x86)\Razer Chroma SDK\bin\RzSDKService.exe [451608 2021-11-17] (Razer USA Ltd. -> Razer Inc.)
R2 Razer Chroma Stream Server; C:\Program Files (x86)\Razer Chroma SDK\bin\RzChromaStreamServer.exe [1347640 2021-10-19] (Razer USA Ltd. -> Razer Inc.)
R2 Razer Game Manager Service; C:\Program Files (x86)\Razer\Razer Services\GMS\GameManagerService.exe [254224 2021-10-19] (Razer USA Ltd. -> Razer Inc)
R2 Razer Synapse Service; C:\Program Files (x86)\Razer\Synapse3\Service\Razer Synapse Service.exe [294520 2021-12-09] (Razer USA Ltd. -> Razer Inc.)
R2 RzActionSvc; C:\Program Files (x86)\Razer\Razer Services\Razer Central\RazerCentralService.exe [533824 2021-10-21] (Razer USA Ltd. -> Razer Inc.)
R2 UPDATESRV; C:\Program Files\Bitdefender\Bitdefender Security\updatesrv.exe [284760 2021-12-24] (Bitdefender SRL -> Bitdefender)
R2 VSSERV; C:\Program Files\Bitdefender\Bitdefender Security\bdservicehost.exe [821896 2021-12-24] (Bitdefender SRL -> Bitdefender)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2016-03-25] (Microsoft Windows -> Microsoft Corporation)
 
===================== Sterowniki (filtrowane) ===================
 
(Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.)
 
R3 aftap0901; C:\Windows\System32\DRIVERS\aftap0901.sys [48624 2020-02-20] (AnchorFree Inc -> The OpenVPN Project)
R3 AmdTools64; C:\Windows\System32\DRIVERS\AmdTools64.sys [58216 2018-03-23] (Advanced Micro Devices Inc. -> Advanced Micro Devices)
R1 atc; C:\Windows\System32\DRIVERS\atc.sys [3864480 2021-12-15] (Microsoft Windows Hardware Compatibility Publisher -> Bitdefender S.R.L. Bucharest, ROMANIA)
S3 atikmdag; C:\Windows\System32\DRIVERS\atikmdag.sys [6037504 2009-08-18] (ATI Technologies Inc.) [Brak podpisu cyfrowego]
R2 BdDci; C:\Windows\System32\DRIVERS\bddci.sys [800672 2021-12-15] (Microsoft Windows Hardware Compatibility Publisher -> Bitdefender)
R0 bdprivmon; C:\Windows\System32\DRIVERS\bdprivmon.sys [32152 2021-12-15] (Microsoft Windows Hardware Compatibility Publisher -> © Bitdefender SRL)
S3 bduefiscan; C:\Windows\System32\DRIVERS\bduefiscan.sys [55864 2021-11-13] (Bitdefender SRL -> Bitdefender)
R1 BDVEDISK; C:\Windows\System32\DRIVERS\bdvedisk.sys [96616 2020-04-27] (Bitdefender SRL -> BitDefender)
R3 gdrv; C:\Windows\gdrv.sys [26192 2021-12-28] (Giga-Byte Technology -> Windows ® Server 2003 DDK provider)
S3 gdrv2; C:\Windows\gdrv2.sys [32600 2020-05-20] (GIGA-BYTE Technology Co., Ltd. -> GIGA-BYTE TECHNOLOGY CO., LTD.)
R1 Gemma; C:\Windows\System32\DRIVERS\gemma.sys [1188744 2021-12-15] (Microsoft Windows Hardware Compatibility Publisher -> BitDefender S.R.L. Bucharest, ROMANIA)
S3 hidkmdf; C:\Windows\System32\DRIVERS\hidkmdf.sys [26968 2018-11-09] (SteelSeries ApS -> Windows ® Win 7 DDK provider)
R2 Ignis; C:\Windows\System32\DRIVERS\ignis.sys [185312 2021-06-14] (Bitdefender SRL -> Bitdefender)
R3 NVHDA; C:\Windows\System32\drivers\nvhda64v.sys [129960 2021-06-09] (Microsoft Windows Hardware Compatibility Publisher -> NVIDIA Corporation)
R3 nvlddmkm; C:\Windows\System32\DRIVERS\nvlddmkm.sys [38200744 2021-06-09] (Microsoft Windows Hardware Compatibility Publisher -> NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [48552 2021-11-01] (Microsoft Windows Hardware Compatibility Publisher -> NVIDIA Corporation)
R3 R0RazerSynapseService; C:\Program Files (x86)\Razer\Synapse3\Service\Razer Synapse Service.sys [14544 2021-12-28] (Noriyuki MIYAZAKI -> OpenLibSys.org)
R3 RzCommon; C:\Windows\System32\DRIVERS\RzCommon.sys [52040 2021-03-30] (Razer USA Ltd. -> Razer Inc)
R3 RzDev_006c; C:\Windows\System32\DRIVERS\RzDev_006c.sys [50568 2020-08-25] (Razer USA Ltd. -> Razer Inc)
R3 RzDev_0306; C:\Windows\System32\DRIVERS\RzDev_0306.sys [50584 2020-08-25] (Razer USA Ltd. -> Razer Inc)
S3 ssdevfactory; C:\Windows\System32\DRIVERS\ssdevfactory.sys [46408 2018-11-09] (SteelSeries ApS -> SteelSeries ApS)
S3 sshid; C:\Windows\System32\DRIVERS\sshid.sys [46520 2018-11-09] (SteelSeries ApS -> SteelSeries ApS)
R0 trufos; C:\Windows\System32\DRIVERS\trufos.sys [623008 2021-12-15] (Microsoft Windows Hardware Compatibility Publisher -> Bitdefender)
R0 vlflt; C:\Windows\System32\DRIVERS\vlflt.sys [483728 2021-12-15] (Microsoft Windows Hardware Compatibility Publisher -> Bitdefender)
S3 atillk64; \??\C:\Users\mind\Downloads\atiflash_284\atillk64.sys [X]
S3 cpuz149; \??\C:\Windows\temp\cpuz149\cpuz149_x64.sys [X]
S3 DIRECTIO; \??\C:\Program Files\PerformanceTest\DirectIo64.sys [X]
S3 GVCIDrv; \??\C:\Program Files (x86)\Gigabyte\AORUS ENGINE\GVCIDrv64.sys [X]
U3 aswMBR; \??\C:\Users\mind\AppData\Local\Temp\aswMBR.sys [X] <==== UWAGA
U3 aswVmm; \??\C:\Users\mind\AppData\Local\Temp\aswVmm.sys [X] <==== UWAGA
 
==================== NetSvcs (filtrowane) ===================
 
(Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.)
 
 
==================== Jeden miesiąc (utworzone) (filtrowane) =========
 
(Załączenie wejścia w fixlist spowoduje przeniesienie pliku/folderu.)
 
2021-12-28 19:52 - 2021-12-28 19:53 - 000028996 _____ C:\Users\mind\Desktop\FRST.txt
2021-12-28 19:51 - 2021-12-28 19:52 - 000000000 ____D C:\FRST
2021-12-28 19:51 - 2021-12-28 19:51 - 002311168 _____ (Farbar) C:\Users\mind\Desktop\FRST64.exe
2021-12-28 18:54 - 2021-12-28 18:54 - 005200384 _____ (AVAST Software) C:\Users\mind\Downloads\aswmbr (2).exe
2021-12-28 18:52 - 2021-12-28 18:52 - 000234272 _____ (AVAST Software) C:\Users\mind\Downloads\avast_free_antivirus_setup_online.exe
2021-12-28 17:33 - 2021-12-28 17:33 - 002650810 _____ C:\Users\mind\Downloads\ProcessExplorer (1).zip
2021-12-28 17:33 - 2021-12-28 17:33 - 000000000 ____D C:\Users\mind\Desktop\ProcessExplorer (1)
2021-12-28 17:31 - 2021-12-28 17:31 - 003411895 _____ C:\Users\mind\Downloads\ProcessMonitor.zip
2021-12-25 13:09 - 2021-11-01 04:00 - 000048552 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvvad64v.sys
2021-12-23 13:23 - 2021-12-23 13:23 - 000000784 _____ C:\Users\mind\Desktop\Easy GIF Animator.lnk
2021-12-23 13:22 - 2021-12-23 13:23 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Easy GIF Animator
2021-12-23 13:22 - 2021-12-23 13:22 - 024250200 _____ (Karlis Blumentals ) C:\Users\mind\Downloads\egifan7.exe
2021-12-22 21:30 - 2021-12-23 13:35 - 000000000 ____D C:\Users\mind\Desktop\render
2021-12-22 20:29 - 2021-12-22 21:20 - 012219392 _____ C:\Users\mind\Desktop\mp.avi
2021-12-22 12:18 - 2021-12-23 16:10 - 000888832 _____ C:\Users\mind\Desktop\mp.max
2021-12-22 12:18 - 2021-12-22 12:18 - 000000000 ____D C:\ProgramData\Reprise
2021-12-22 12:10 - 2021-12-22 12:10 - 000010688 _____ C:\Users\mind\Desktop\av.cdr
2021-12-20 14:26 - 2021-12-20 13:37 - 000014391 _____ C:\Users\mind\Desktop\Kopia_zapasowa_ans.cdr
2021-12-20 13:37 - 2021-12-20 14:26 - 000014547 _____ C:\Users\mind\Desktop\ans.cdr
2021-12-20 12:19 - 2021-12-20 21:25 - 000000000 ____D C:\Program Files\Mozilla Firefox
2021-12-11 19:07 - 2021-12-11 19:03 - 000008092 _____ C:\Users\mind\Desktop\Kopia_zapasowa_s.cdr
2021-12-11 19:03 - 2021-12-11 19:07 - 000008232 _____ C:\Users\mind\Desktop\s.cdr
2021-12-07 13:35 - 2021-12-13 14:30 - 000013027 _____ C:\Users\mind\Desktop\Kopia_zapasowa_bd.cdr
2021-12-07 13:28 - 2021-12-13 16:02 - 000013162 _____ C:\Users\mind\Desktop\bd.cdr
2021-12-06 14:14 - 2021-12-06 14:14 - 000010023 _____ C:\Users\mind\Desktop\bb.cdr
2021-12-02 04:47 - 2021-12-02 04:47 - 000190032 _____ (Razer Inc.) C:\Windows\system32\RzChromaConnectAPI64.dll
2021-12-02 04:47 - 2021-12-02 04:47 - 000168544 _____ (Razer Inc.) C:\Windows\system32\RzChromaBroadcastManager64.dll
2021-12-02 04:47 - 2021-12-02 04:47 - 000154192 _____ (Razer Inc.) C:\Windows\SysWOW64\RzChromaConnectAPI.dll
2021-12-02 04:47 - 2021-12-02 04:47 - 000135264 _____ (Razer Inc.) C:\Windows\SysWOW64\RzChromaBroadcastManager.dll
2021-12-02 04:47 - 2021-12-02 04:47 - 000044632 _____ (Razer Inc.) C:\Windows\system32\RzChromaBroadcastAPI64.dll
2021-12-02 04:47 - 2021-12-02 04:47 - 000035928 _____ (Razer Inc.) C:\Windows\SysWOW64\RzChromaBroadcastAPI.dll
 
==================== Jeden miesiąc (zmodyfikowane) ==================
 
(Załączenie wejścia w fixlist spowoduje przeniesienie pliku/folderu.)
 
2021-12-28 19:51 - 2019-02-12 13:23 - 000003982 _____ C:\Windows\system32\Tasks\User_Feed_Synchronization-{0B92B796-A443-4894-83BE-EDDD2B9BE0EF}
2021-12-28 19:47 - 2019-05-20 10:11 - 000000000 ____D C:\Users\mind\AppData\LocalLow\Mozilla
2021-12-28 19:22 - 2019-02-12 13:28 - 000000000 ____D C:\Program Files (x86)\Google
2021-12-28 18:57 - 2009-07-14 05:45 - 000042256 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2021-12-28 18:57 - 2009-07-14 05:45 - 000042256 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2021-12-28 18:35 - 2019-05-20 10:11 - 000000000 ____D C:\ProgramData\Mozilla
2021-12-28 18:35 - 2011-04-12 14:21 - 000741152 _____ C:\Windows\system32\perfh015.dat
2021-12-28 18:35 - 2011-04-12 14:21 - 000156224 _____ C:\Windows\system32\perfc015.dat
2021-12-28 18:35 - 2009-07-14 06:13 - 001672684 _____ C:\Windows\system32\PerfStringBackup.INI
2021-12-28 18:35 - 2009-07-14 04:20 - 000000000 ____D C:\Windows\inf
2021-12-28 18:31 - 2021-06-14 18:41 - 000003692 _____ C:\Windows\system32\Tasks\Bitdefender Agent WatchDog_65D6944A0EF74FDAB96E31112AD39864
2021-12-28 18:31 - 2019-05-12 19:08 - 000000000 ____D C:\ProgramData\Autodesk
2021-12-28 18:30 - 2019-02-25 16:43 - 000026192 _____ (Windows ® Server 2003 DDK provider) C:\Windows\gdrv.sys
2021-12-28 18:30 - 2019-02-12 16:20 - 000000000 __SHD C:\Users\mind\IntelGraphicsProfiles
2021-12-28 18:29 - 2019-09-10 15:47 - 000000000 ____D C:\ProgramData\NVIDIA
2021-12-28 18:29 - 2009-07-14 06:08 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2021-12-28 18:09 - 2019-09-10 15:50 - 000000000 ____D C:\Users\mind\AppData\Local\CrashDumps
2021-12-28 17:37 - 2019-02-27 21:18 - 000000000 ____D C:\Program Files\McAfee
2021-12-28 17:30 - 2019-03-02 17:57 - 000000000 ____D C:\ProgramData\McAfee
2021-12-28 16:03 - 2019-02-12 14:31 - 137938848 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2021-12-27 15:59 - 2019-05-29 17:26 - 000000000 ____D C:\Users\mind\AppData\Roaming\TS3Client
2021-12-25 13:10 - 2019-09-10 15:49 - 000003798 _____ C:\Windows\system32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2021-12-25 13:10 - 2019-09-10 15:49 - 000003790 _____ C:\Windows\system32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2021-12-25 13:10 - 2019-09-10 15:45 - 000000000 ____D C:\ProgramData\NVIDIA Corporation
2021-12-25 13:09 - 2019-09-11 12:47 - 000003704 _____ C:\Windows\system32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2021-12-25 13:09 - 2019-09-11 12:47 - 000003704 _____ C:\Windows\system32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2021-12-25 13:09 - 2019-09-11 12:47 - 000003704 _____ C:\Windows\system32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2021-12-25 13:09 - 2019-09-11 12:47 - 000003704 _____ C:\Windows\system32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2021-12-25 13:09 - 2019-09-11 12:19 - 000000000 ____D C:\Users\mind\AppData\Local\NVIDIA Corporation
2021-12-25 13:09 - 2019-09-10 15:48 - 000004146 _____ C:\Windows\system32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2021-12-25 13:09 - 2019-09-10 15:48 - 000003738 _____ C:\Windows\system32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2021-12-25 13:09 - 2019-09-10 15:48 - 000003494 _____ C:\Windows\system32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2021-12-25 13:09 - 2019-09-10 15:46 - 000000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2021-12-25 13:09 - 2019-09-10 15:44 - 000000000 ____D C:\Program Files\NVIDIA Corporation
2021-12-25 11:21 - 2019-02-14 17:58 - 000000000 ____D C:\Windows\Minidump
2021-12-25 11:12 - 2021-11-06 13:43 - 000668610 ____N C:\Windows\Minidump\122521-9906-01.dmp
2021-12-23 16:10 - 2021-04-27 10:57 - 000000000 ____D C:\Users\mind\AppData\Roaming\substancelinkopentcp
2021-12-23 16:10 - 2021-04-27 10:56 - 000000000 ____D C:\Users\mind\Documents\3ds Max 2022
2021-12-23 10:59 - 2009-07-14 05:45 - 001421296 _____ C:\Windows\system32\FNTCACHE.DAT
2021-12-22 12:11 - 2019-02-12 13:28 - 000149600 _____ C:\Users\mind\AppData\Local\GDIPFONTCACHEV1.DAT
2021-12-20 21:25 - 2019-05-20 10:11 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2021-12-20 13:58 - 2021-10-17 10:56 - 000000000 ____D C:\Windows\system32\Tasks\Mozilla
2021-12-19 12:45 - 2020-06-30 13:13 - 000002233 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2021-12-19 12:45 - 2020-06-30 13:13 - 000002192 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk
2021-12-17 12:23 - 2020-01-11 13:46 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Razer
2021-12-17 12:22 - 2020-01-11 13:43 - 000000000 ____D C:\Program Files (x86)\Razer Chroma SDK
2021-12-15 16:28 - 2021-06-14 18:45 - 003864480 _____ (Bitdefender S.R.L. Bucharest, ROMANIA) C:\Windows\system32\Drivers\atc.sys
2021-12-15 16:28 - 2021-06-14 18:45 - 000800672 _____ (Bitdefender) C:\Windows\system32\Drivers\bddci.sys
2021-12-15 16:28 - 2021-06-14 18:45 - 000032152 _____ (© Bitdefender SRL) C:\Windows\system32\Drivers\bdprivmon.sys
2021-12-15 16:27 - 2021-11-13 11:20 - 000483728 _____ (Bitdefender) C:\Windows\system32\Drivers\vlflt.sys
2021-12-15 16:27 - 2021-06-14 18:45 - 001188744 _____ (BitDefender S.R.L. Bucharest, ROMANIA) C:\Windows\system32\Drivers\gemma.sys
2021-12-15 16:27 - 2021-06-14 18:44 - 000623008 _____ (Bitdefender) C:\Windows\system32\Drivers\trufos.sys
2021-12-14 11:50 - 2019-02-12 13:29 - 000002230 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2021-12-09 11:05 - 2020-08-24 09:12 - 000003282 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore1d6583116adfd0a
2021-12-09 11:05 - 2020-06-30 13:12 - 000003410 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2021-12-08 08:19 - 2019-09-10 15:49 - 002851840 _____ (NVIDIA Corporation) C:\Windows\system32\nvspcap64.dll
2021-12-08 08:19 - 2019-09-10 15:49 - 002197504 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspcap.dll
2021-12-08 08:19 - 2019-09-10 15:49 - 001294024 _____ (NVIDIA Corporation) C:\Windows\system32\NvRtmpStreamer64.dll
2021-12-06 14:20 - 2020-11-18 22:02 - 000000000 ____D C:\Users\mind\Desktop\projekty
 
==================== Pliki w katalogu głównym wybranych folderów ========
 
2019-02-23 18:07 - 2021-01-23 14:08 - 000000040 _____ () C:\Users\mind\AppData\Roaming\cdr.ini
2019-03-02 17:57 - 2019-03-02 18:14 - 000000049 _____ () C:\Users\mind\AppData\Roaming\MCVi2UserDetail.ini
2019-04-21 14:01 - 2019-06-04 12:36 - 000010240 _____ () C:\Users\mind\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2019-02-12 17:12 - 2019-02-12 17:12 - 000000410 _____ () C:\Users\mind\AppData\Local\oobelibMkey.log
2021-05-15 14:40 - 2021-05-15 14:40 - 000000774 _____ () C:\Users\mind\AppData\Local\recently-used.xbel
2019-02-23 14:12 - 2019-02-23 14:12 - 000000000 _____ () C:\Users\mind\AppData\Local\{8873CD02-B275-4947-BEC2-3D17C6D2C236}
 
==================== SigCheck ============================
 
(Brak automatycznej naprawy dla plików które nie przeszły weryfikacji.)
 
 
LastRegBack: 2021-12-18 11:16
==================== Koniec  FRST.txt ========================

Rezultaty skanu uzupełniającego Farbar Recovery Scan Tool (x64) Wersja: 27-12-2021
Uruchomiony przez mind (28-12-2021 19:54:37)
Uruchomiony z C:\Users\mind\Desktop
Microsoft Windows 7 Professional  Service Pack 1 (X64) (2019-02-12 12:19:48)
Tryb startu: Normal
==========================================================
 
 
==================== Konta użytkowników: =============================
 
 
(Załączenie wejścia w fixlist spowoduje jego usunięcie.)
 
Administrator (S-1-5-21-2337610357-331856407-1874907210-500 - Administrator - Disabled)
Gość (S-1-5-21-2337610357-331856407-1874907210-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-2337610357-331856407-1874907210-1002 - Limited - Enabled)
mind (S-1-5-21-2337610357-331856407-1874907210-1000 - Administrator - Enabled) => C:\Users\mind
 
==================== Centrum zabezpieczeń ========================
 
(Załączenie wejścia w fixlist spowoduje jego usunięcie.)
 
AV: Bitdefender Antywirus (Enabled - Up to date) {BAD274F4-FA00-8560-1CDE-6C830442BEFA}
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Bitdefender Moduł Antyspyware (Enabled - Up to date) {01B39510-DC3A-8AEE-266E-57F17FC5F447}
FW: Bitdefender Zapora Sieciowa (Enabled) {82E9F5D1-B06F-8438-3781-C5B6FA91F981}
 
==================== Zainstalowane programy ======================
 
(W fixlist dozwolone tylko załączanie programów adware z flagą "Hidden" w celu ich uwidocznienia. Programy adware powinny zostać w poprawny sposób odinstalowane.)
 
@BIOS B15.0630.1 (HKLM-x32\...\{C9D46F25-5F9D-4E25-B24F-BC00E9EDF529}) (Version: 3.00.0000 - GIGABYTE) Hidden
@BIOS B15.0630.1 (HKLM-x32\...\InstallShield_{C9D46F25-5F9D-4E25-B24F-BC00E9EDF529}) (Version: 3.00.0000 - GIGABYTE)
Adobe Acrobat Reader DC - Polish (HKLM-x32\...\{AC76BA86-7AD7-1045-7B44-AC0F074E4100}) (Version: 21.007.20099 - Adobe Systems Incorporated)
Adobe Creative Cloud (HKLM-x32\...\Adobe Creative Cloud) (Version: 5.2.1.441 - Adobe Inc.)
Adobe Photoshop 2020 (HKLM-x32\...\PHSP_21_2_9) (Version: 21.2.9.67 - Adobe Inc.)
AmbientLED B15.0520.1 (HKLM-x32\...\{31D031E2-A5CC-47F2-BAAD-13B4494E8077}) (Version: 1.00.0000 - GIGABYTE) Hidden
AmbientLED B15.0520.1 (HKLM-x32\...\InstallShield_{31D031E2-A5CC-47F2-BAAD-13B4494E8077}) (Version: 1.00.0000 - GIGABYTE)
Aplikacja na pulpit firmy Autodesk (HKLM-x32\...\Autodesk Desktop App) (Version: 8.2.0.34 - Autodesk)
APP Center (HKLM-x32\...\{F3D47276-0E35-42CF-A677-B45118470E21}) (Version: 1.17.0801 - Gigabyte) Hidden
APP Center (HKLM-x32\...\InstallShield_{F3D47276-0E35-42CF-A677-B45118470E21}) (Version: 1.17.0801 - Gigabyte)
Audacity 2.3.2 (HKLM-x32\...\Audacity_is1) (Version: 2.3.2 - Audacity Team)
Autodesk 3ds Max 2022 (HKLM\...\{5AA8C753-7FE4-40A6-A253-6DC5605544D9}) (Version: 24.0.0.923 - Autodesk) Hidden
Autodesk 3ds Max 2022 (HKLM\...\{B2EF7E27-4824-3656-A115-BFF401F11F7C}) (Version: 24.0.0.923 - Autodesk, Inc.)
Autodesk 3ds Max 2022 CivilView 2022 1.0.0+0 64-bit (HKLM\...\{2421114A-05BF-4789-8175-102FCE8433F3}) (Version: 1.0.0 - Autodesk) Hidden
Autodesk Advanced Material Library Base Resolution Image Library 2022 (HKLM-x32\...\{7E78B513-B354-4833-8897-3ED5C515D30F}) (Version: 20.3.7.0 - Autodesk)
Autodesk Advanced Material Library Low Resolution Image Library 2022 (HKLM-x32\...\{EEAD8CC3-B6B7-4D4B-AF0D-4BBD3D93D67C}) (Version: 20.3.7.0 - Autodesk)
Autodesk Advanced Material Library Medium Resolution Image Library 2022 (HKLM-x32\...\{493ACC3C-3ABF-4CBB-8F6E-E4433090A589}) (Version: 20.3.7.0 - Autodesk)
Autodesk Genuine Service (HKLM\...\{1C5DB7B1-CE18-438C-B071-3AD6B8ADA5A0}) (Version: 4.4.0.85 - Autodesk)
Autodesk Inventor Server Engine for 3ds Max 2022 (HKLM\...\{327AB7C3-73CE-45F3-86DA-113D2AFB18A1}) (Version: 24.0 - Autodesk) Hidden
Autodesk Material Library 2022 (HKLM-x32\...\{A9221A68-5AD0-4215-B54F-CB5DBA4FB27C}) (Version: 20.3.7.0 - Autodesk)
Autodesk Material Library Base Resolution Image Library 2022 (HKLM-x32\...\{6256584F-B04B-41D4-8A59-44E70940C473}) (Version: 20.3.7.0 - Autodesk)
Autodesk Material Library Medium Resolution Image Library 2022 (HKLM-x32\...\{8300AA3F-6ADF-4233-A1FB-73B1894102F0}) (Version: 20.3.7.0 - Autodesk)
Autodesk Revit Engine 2022 (HKLM\...\{DA6E3B72-3088-2022-9993-45D9FF1AD8D0}) (Version: 22.0.1.367 - Autodesk) Hidden
Autodesk Revit Unit Schemas 2022 (HKLM\...\{CDCC6F31-2022-4900-8E9B-D562B70697B6}) (Version: 22.0.1.367 - Autodesk)
Autodesk Single Sign On Component (HKLM\...\{B9F5BDED-021C-4926-8518-4FA7114B7040}) (Version: 12.3.3.1803 - Autodesk)
Bitdefender Agent (HKLM\...\Bitdefender Agent) (Version: 25.0.1.194 - Bitdefender)
Bitdefender Total Security (HKLM\...\Bitdefender) (Version: 24.0.26.138 - Bitdefender)
Bitdefender VPN (HKLM\...\Bitdefender VPN) (Version: 25.4.4.44 - Bitdefender)
Brother MFL-Pro Suite DCP-195C (HKLM-x32\...\{6BF66AED-3EA4-4106-B240-5CE96C9B76B0}) (Version: 2.0.0.0 - Brother Industries, Ltd.)
CDBurnerXP (HKLM-x32\...\{7E265513-8CDA-4631-B696-F40D983F3B07}_is1) (Version: 4.5.8.7128 - CDBurnerXP)
CodeBlocks (HKU\S-1-5-21-2337610357-331856407-1874907210-1000\...\CodeBlocks) (Version: 17.12 - The Code::Blocks Team)
Corel Shell Extension - 64Bit (HKLM\...\{7F05E704-30A6-421A-97A7-8EEB1C7FF011}) (Version: 14.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X4 - Capture (HKLM-x32\...\{7F05E704-30A6-421A-97A7-8EEB1C7FF012}) (Version: 14.2 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X4 - Content (HKLM-x32\...\{7F05E704-30A6-421A-97A7-8EEB1C7FF016}) (Version: 14.2 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X4 - Draw (HKLM-x32\...\{7F05E704-30A6-421A-97A7-8EEB1C7FF013}) (Version: 14.2 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X4 - Extra Content (HKLM-x32\...\{80FDAE30-CDB6-4015-AFC7-86A762A5AD9B}) (Version: 14.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X4 - Filters (HKLM-x32\...\{7F05E704-30A6-421A-97A7-8EEB1C7FF017}) (Version: 14.2 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X4 - FontNav (HKLM-x32\...\{7F05E704-30A6-421A-97A7-8EEB1C7FF019}) (Version: 14.2 - Corel Corporation) Hidden
CorelDRAW Graphics SUite X4 - ICA (HKLM-x32\...\{7F05E704-30A6-421A-97A7-8EEB1C7FF010}) (Version: 14.2 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X4 - IPM (HKLM-x32\...\{9D0798D0-AF6C-4E62-94B1-AEBF1A43E00A}) (Version: 14.2 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X4 - Lang BR (HKLM-x32\...\{1A9DAB4D-46CD-4CBF-A9FC-28D8AA8D2FCF}) (Version: 14.2 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X4 - Lang CZ (HKLM-x32\...\{FFFE7261-2318-4227-B827-E9E05E16DFE5}) (Version: 14.2 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X4 - Lang DE (HKLM-x32\...\{AEFBAC58-2DDD-4CEF-BDFD-52A5A5F432ED}) (Version: 14.2 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X4 - Lang EN (HKLM-x32\...\{7F05E704-30A6-421A-97A7-8EEB1C7FF100}) (Version: 14.2 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X4 - Lang ES (HKLM-x32\...\{D2827848-7D2A-4547-9AD1-C965FB3E6344}) (Version: 14.2 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X4 - Lang FR (HKLM-x32\...\{9D306690-3173-42CD-94C6-9EF9318AF24B}) (Version: 14.2 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X4 - Lang IT (HKLM-x32\...\{D0160DD3-6F62-4F1E-B999-6C68D3AE7390}) (Version: 14.2 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X4 - Lang NL (HKLM-x32\...\{A6C27FFF-75EF-4B5B-A64E-F9E128994908}) (Version: 14.2 - Uw bedrijfsnaam) Hidden
CorelDRAW Graphics Suite X4 - Lang PL (HKLM-x32\...\{6834B8AE-D23B-4B26-A919-6515844CF2BA}) (Version: 14.2 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X4 - Lang SU (HKLM-x32\...\{40FC81EA-21F7-44FB-A6F2-A4D6328F4C4F}) (Version: 14.2 - Yrityksen nimi) Hidden
CorelDRAW Graphics Suite X4 - Lang SV (HKLM-x32\...\{9CDA415B-974B-4384-8CA6-9327D5B4270B}) (Version: 14.2 - Ditt företagsnamn) Hidden
CorelDRAW Graphics Suite X4 - PP (HKLM-x32\...\{7F05E704-30A6-421A-97A7-8EEB1C7FF014}) (Version: 14.2 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X4 - VBA (HKLM-x32\...\{BF439B41-0252-48DE-8B8B-0430CB26A181}) (Version: 14.2 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X4 (HKLM-x32\...\{7F05E704-30A6-421A-97A7-8EEB1C7FF000}) (Version: 14.2 - Corel Corporation) Hidden
CorelDRAW® Graphics Suite X4 - Extra Content (HKLM-x32\...\_{80FDAE30-CDB6-4015-AFC7-86A762A5AD9B}) (Version:  - Corel Corporation)
CorelDRAW® Graphics Suite X4 - Windows Shell Extension (HKLM-x32\...\_{CE2DA11A-917F-4CF5-AB55-755EC115DD10}) (Version:  - Corel Corporation)
CorelDRAW® Graphics Suite X4 - Windows Shell Extension (HKLM-x32\...\{CE2DA11A-917F-4CF5-AB55-755EC115DD10}) (Version: 1.1 - Corel Corporation) Hidden
CorelDRAW® Graphics Suite X4 (HKLM-x32\...\_{7F05E704-30A6-421A-97A7-8EEB1C7FF010}) (Version:  - Corel Corporation)
CPUID CPU-Z 1.94 (HKLM\...\CPUID CPU-Z_is1) (Version: 1.94 - CPUID, Inc.)
Discord (HKU\S-1-5-21-2337610357-331856407-1874907210-1000\...\Discord) (Version: 0.0.310 - Discord Inc.)
Easy GIF Animator 7.3 (HKLM-x32\...\Easy GIF Animator_is1) (Version: 7.0 - Karlis Blumentals)
Free CD to MP3 Converter (HKLM-x32\...\Free CD to MP3 Converter) (Version:  - Eusing Software)
GOG GALAXY (HKLM-x32\...\{7258BA11-600C-430E-A759-27E2C691A335}_is1) (Version:  - GOG.com)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 96.0.4664.110 - Google LLC)
Inkscape (HKLM-x32\...\Inkscape) (Version: 1.0.2--2 - Inkscape)
Intel® Network Connections 18.8.136.0 (HKLM\...\PROSetDX) (Version: 18.8.136.0 - Intel)
Intel® Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.14.4264 - Intel Corporation)
Intel® Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 14.5.0.1081 - Intel Corporation)
Intel® USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 3.0.0.16 - Intel Corporation)
Kingston SSD Manager version 1.1.2.5 (HKLM-x32\...\{9A5DD901-0B98-4F2B-9421-B5975014184F}_is1) (Version: 1.1.2.5 - Kingston Digital, Inc)
Mafia (HKLM-x32\...\Mafia_is1) (Version:  - )
Microsoft .NET Framework 4.8 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.8.03761 - Microsoft Corporation)
Microsoft .NET Framework 4.8 (Polski) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1045) (Version: 4.8.03761 - Microsoft Corporation)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 96.0.1054.62 - Microsoft Corporation)
Microsoft SQL Server 2014 Express LocalDB  (HKLM\...\{BAF67399-85CD-4555-9B49-1F80EB921C35}) (Version: 12.3.6024.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40660 (HKLM-x32\...\{ef6b00ec-13e1-4c25-9064-b2f383cb8412}) (Version: 12.0.40660.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.40660 (HKLM-x32\...\{61087a79-ac85-455c-934d-1fa22cc64f36}) (Version: 12.0.40660.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x64) - 14.28.29334 (HKLM-x32\...\{a9cfe9c7-e54f-46cd-9c5c-542ff8e3e8c4}) (Version: 14.28.29334.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x86) - 14.28.29914 (HKLM-x32\...\{1b5476d9-ab8e-4b0d-b004-059a1bd5568b}) (Version: 14.28.29914.0 - Microsoft Corporation)
Mozilla Firefox (x64 pl) (HKLM\...\Mozilla Firefox 95.0.2 (x64 pl)) (Version: 95.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 66.0.5 - Mozilla)
Notepad++ (64-bit x64) (HKLM\...\Notepad++) (Version: 7.9.5 - Notepad++ Team)
NVIDIA GeForce Experience 3.24.0.126 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.24.0.126 - NVIDIA Corporation)
NVIDIA Oprogramowanie systemu PhysX 9.19.0218 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.19.0218 - NVIDIA Corporation)
NVIDIA Sterownik dźwięku HD 1.3.38.60 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.38.60 - NVIDIA Corporation)
NVIDIA Sterownik graficzny 466.77 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 466.77 - NVIDIA Corporation)
OpenAL (HKLM-x32\...\OpenAL) (Version:  - )
OpenOffice 4.1.6 (HKLM-x32\...\{F03D2388-158B-4F8A-B195-CBCA5F459197}) (Version: 4.16.9790 - Apache Software Foundation)
Pivot Animator version 4.1.10 (HKLM-x32\...\Pivot Animator_is1) (Version: 4.1.10 - Motus Software Ltd)
Razer Synapse (HKLM-x32\...\Razer Synapse) (Version: 3.6.1215.121004 - Razer Inc.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7727 - Realtek Semiconductor Corp.)
Retopology Tools for 3ds Max 2022 (HKLM\...\{C21A2088-38CA-48FB-9707-1FC8AAC66FA9}) (Version: 1.1.0.050 - Autodesk, Inc.)
Skype (wersja 8.64) (HKLM-x32\...\Skype_is1) (Version: 8.64 - Skype Technologies S.A.)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Substance in 3ds Max 2022 (HKLM\...\{EAFD9CC5-E23B-44B8-8E45-4DC676B83542}) (Version: 2.4.3 - Allegorithmic)
TDU2 Unofficial Patch (HKLM-x32\...\TDU2 Unofficial Patch) (Version:  - )
TDU2 Unpacked (HKLM-x32\...\TDU2 Unpacker GUI) (Version:  - )
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.2.5 - TeamSpeak Systems GmbH)
Total Commander 64-bit (Remove or Repair) (HKLM\...\Totalcmd64) (Version: 9.22a - Ghisler Software GmbH)
Tree It version 1.1 (HKLM-x32\...\{62992DFF-C05F-4CB7-B66B-EAE796CA206D}_is1) (Version: 1.1 - EVOLVED Software)
Windows Driver Package - Microsoft (xusb21) XnaComposite  (08/13/2009 2.1.0.1349) (HKLM\...\0AEBEF6F936CFE16E003F7E141631FAB754D9816) (Version: 08/13/2009 2.1.0.1349 - Microsoft)
Windows Movie Maker 2.6 (HKLM-x32\...\{B3DAF54F-DB25-4586-9EF1-96D24BB14088}) (Version: 2.6.4037.0 - Microsoft Corporation)
WinRAR 5.70 (64-bitowy) (HKLM\...\WinRAR archiver) (Version: 5.70.0 - win.rar GmbH)
 
==================== Niestandardowe rejestracje CLSID (filtrowane): ==============
 
(Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.)
 
CustomCLSID: HKU\S-1-5-21-2337610357-331856407-1874907210-1000_Classes\CLSID\{073CB204-6B29-46FC-AB98-451F1D068741}\InprocServer32 -> D:\Program Files\Autodesk\3ds Max 2022\Inventor Server\Bin\TestServer.dll => Brak pliku
CustomCLSID: HKU\S-1-5-21-2337610357-331856407-1874907210-1000_Classes\CLSID\{820D63D5-8CFF-46DE-86AF-4997DEDD6DB5}\localserver32 -> C:\Windows\system32\igfxEM.exe (Intel Corporation - pGFX -> Intel Corporation)
CustomCLSID: HKU\S-1-5-21-2337610357-331856407-1874907210-1000_Classes\CLSID\{8C23B656-4E6E-4B45-9920-9617168D39A3}\InprocServer32 -> D:\Program Files\Autodesk\3ds Max 2022\Inventor Server\Bin\TestServer.dll => Brak pliku
CustomCLSID: HKU\S-1-5-21-2337610357-331856407-1874907210-1000_Classes\CLSID\{E5B0515D-48D2-4F04-906D-0192ED65A2DD}\InprocServer32 -> D:\Program Files\Autodesk\3ds Max 2022\Inventor Server\Bin\TestServer.dll => Brak pliku
CustomCLSID: HKU\S-1-5-21-2337610357-331856407-1874907210-1000_Classes\CLSID\{e8c77137-e224-5791-b6e9-ff0305797a13}\InprocServer32 -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Inc. -> Adobe Systems)
ShellIconOverlayIdentifiers: [   AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2021-05-24] (Adobe Inc. -> )
ShellIconOverlayIdentifiers: [   AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2021-05-24] (Adobe Inc. -> )
ShellIconOverlayIdentifiers: [   AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2021-05-24] (Adobe Inc. -> )
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} =>  -> Brak pliku
ContextMenuHandlers1: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2021-05-24] (Adobe Inc. -> )
ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} => C:\Program Files\Notepad++\NppShell_06.dll [2019-06-16] (Notepad++ -> )
ContextMenuHandlers1: [ArcabitShell] -> {D7824897-C8DC-49b4-B790-30F7ED16A5FD} => C:\Program Files\Arcabit\bin\arcashl.dll -> Brak pliku
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2019-03-13] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2019-03-13] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} =>  -> Brak pliku
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\Windows\system32\igfxDTCM.dll [2015-08-09] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\Windows\system32\nvshext.dll [2021-06-09] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2021-05-24] (Adobe Inc. -> )
ContextMenuHandlers6: [ArcabitShell] -> {D7824897-C8DC-49b4-B790-30F7ED16A5FD} => C:\Program Files\Arcabit\bin\arcashl.dll -> Brak pliku
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2019-03-13] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2019-03-13] (win.rar GmbH -> Alexander Roshal)
 
==================== Codecs (filtrowane) ====================
 
(Załączenie wejścia w fixlist spowoduje usunięcie obiektu z rejestru lub przywrócenie jego domyślnej postaci. Powiązany plik nie zostanie przeniesiony.)
 
HKLM\...\Drivers32: [vidc.iv31] => C:\Windows\SysWOW64\ir32_32.dll [197632 2016-03-25] (Microsoft Windows -> Intel® Corporation)
HKLM\...\Drivers32: [vidc.iv32] => C:\Windows\SysWOW64\ir32_32.dll [197632 2016-03-25] (Microsoft Windows -> Intel® Corporation)
HKLM\...\Drivers32: [vidc.iv41] => C:\Windows\SysWOW64\ir41_32.ax [839680 2009-07-14] (Microsoft Windows -> Intel Corporation)
HKLM\...\Drivers32: [vidc.iv50] => C:\Windows\SysWOW64\ir50_32.dll [746496 2009-07-14] (Microsoft Windows -> Intel Corporation)
HKLM\...\Drivers32: [msacm.iac2] => C:\Windows\SysWOW64\Iac25_32.ax [197632 2009-07-14] (Microsoft Windows -> Intel Corporation)
 
==================== Skróty & WMI ========================
 
(Wybrane wejścia mogą zostać załączone w celu ich zresetowania lub usunięcia.)
 
WMI:subscription\__FilterToConsumerBinding->CommandLineEventConsumer.Name=\"BVTConsumer\"",Filter="__EventFilter.Name=\"BVTFilter\"::
WMI:subscription\__EventFilter->BVTFilter::[Query => SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99]
WMI:subscription\CommandLineEventConsumer->BVTConsumer::[CommandLineTemplate => cscript KernCap.vbs][WorkingDirectory => C:\\tools\\kernrate]
 
==================== Załadowane moduły (filtrowane) =============
 
2019-03-05 17:18 - 2009-02-27 16:38 - 000139264 ____R () [Brak podpisu cyfrowego] C:\Program Files (x86)\Brother\BrUtilities\BrLogAPI.dll
2015-02-16 10:47 - 2015-02-16 10:47 - 000105472 _____ () [Brak podpisu cyfrowego] C:\Program Files (x86)\GIGABYTE\AmbientLED\ycc.dll
2014-01-22 13:53 - 2014-01-22 13:53 - 001607680 _____ () [Brak podpisu cyfrowego] C:\Program Files (x86)\Gigabyte\AppCenter\BDR_info.dll
2015-02-16 10:47 - 2015-02-16 10:47 - 000105472 _____ () [Brak podpisu cyfrowego] C:\Program Files (x86)\Gigabyte\AppCenter\ycc.dll
2019-01-09 11:25 - 2021-10-06 02:30 - 126961152 _____ () [Brak podpisu cyfrowego] D:\Program Files (x86)\Steam\bin\cef\cef.win7x64\libcef.dll
2019-01-09 11:25 - 2021-10-06 02:30 - 000384000 _____ () [Brak podpisu cyfrowego] D:\Program Files (x86)\Steam\bin\cef\cef.win7x64\libegl.dll
2019-01-09 11:25 - 2021-10-06 02:30 - 008006656 _____ () [Brak podpisu cyfrowego] D:\Program Files (x86)\Steam\bin\cef\cef.win7x64\libglesv2.dll
2009-08-18 01:52 - 2009-08-18 01:52 - 000251904 _____ (Advanced Micro Devices, Inc.) [Brak podpisu cyfrowego] C:\Windows\system32\atiadlxx.dll
2021-09-24 11:03 - 2021-09-24 11:03 - 001230336 _____ (Applied Informatics Software Engineering GmbH) [Brak podpisu cyfrowego] C:\Program Files (x86)\Razer Chroma SDK\bin\PocoFoundation.dll
2021-09-24 11:03 - 2021-09-24 11:03 - 000207872 _____ (Applied Informatics Software Engineering GmbH) [Brak podpisu cyfrowego] C:\Program Files (x86)\Razer Chroma SDK\bin\PocoJSON.dll
2021-09-24 11:03 - 2021-09-24 11:03 - 000810496 _____ (Applied Informatics Software Engineering GmbH) [Brak podpisu cyfrowego] C:\Program Files (x86)\Razer Chroma SDK\bin\PocoNet.dll
2021-09-24 11:03 - 2021-09-24 11:03 - 000238592 _____ (Applied Informatics Software Engineering GmbH) [Brak podpisu cyfrowego] C:\Program Files (x86)\Razer Chroma SDK\bin\PocoNetSSLWin.dll
2021-09-24 11:03 - 2021-09-24 11:03 - 000335360 _____ (Applied Informatics Software Engineering GmbH) [Brak podpisu cyfrowego] C:\Program Files (x86)\Razer Chroma SDK\bin\PocoUtil.dll
2021-09-24 11:03 - 2021-09-24 11:03 - 000455168 _____ (Applied Informatics Software Engineering GmbH) [Brak podpisu cyfrowego] C:\Program Files (x86)\Razer Chroma SDK\bin\PocoXML.dll
2019-03-05 17:18 - 2012-06-05 15:59 - 000025299 ____R (Brother Industries, Ltd) [Brak podpisu cyfrowego] C:\Program Files (x86)\Brother\Brmfcmon\brlm03a.dll
2019-03-05 17:18 - 2008-11-26 10:25 - 000208896 ____N (Brother Industries, Ltd.) [Brak podpisu cyfrowego] C:\Program Files (x86)\Brother\Brmfcmon\BrFirmUpdateCheck.dll
2019-03-05 17:18 - 2008-08-18 18:27 - 000122880 ____N (Brother Industries, Ltd.) [Brak podpisu cyfrowego] C:\Program Files (x86)\Brother\Brmfcmon\brlmw03a.dll
2019-03-05 17:18 - 2011-04-11 13:10 - 000163840 ____N (Brother Industries, Ltd.) [Brak podpisu cyfrowego] C:\Program Files (x86)\Brother\Brmfcmon\BRMFCWNDPol.dll
2019-03-05 17:18 - 2010-03-10 18:16 - 000770048 ____N (Brother Industries, Ltd.) [Brak podpisu cyfrowego] C:\Program Files (x86)\Brother\ControlCenter3\brccDCtl.dll
2019-03-05 17:18 - 2012-10-09 15:30 - 000372736 ____N (Brother Industries, Ltd.) [Brak podpisu cyfrowego] C:\Program Files (x86)\Brother\ControlCenter3\brccFCtl.dll
2019-03-05 17:18 - 2009-09-28 13:38 - 005390336 ____N (Brother Industries, Ltd.) [Brak podpisu cyfrowego] C:\Program Files (x86)\Brother\ControlCenter3\brccimg.dll
2019-03-05 17:18 - 2010-03-29 05:36 - 000155648 ____N (Brother Industries, Ltd.) [Brak podpisu cyfrowego] C:\Program Files (x86)\Brother\ControlCenter3\brccpol.dll
2015-06-23 16:00 - 2015-06-23 16:00 - 000285696 _____ (Intel Corporation) [Brak podpisu cyfrowego] [Plik w użyciu] C:\Program Files\Intel\Intel® Rapid Storage Technology\PsiData.dll
2019-02-12 13:33 - 2014-02-21 06:56 - 000074240 _____ (Intel Corporation) [Brak podpisu cyfrowego] C:\Program Files (x86)\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.dll
2015-06-23 16:00 - 2015-06-23 16:00 - 000562688 _____ (Intel Corporation) [Brak podpisu cyfrowego] C:\Program Files\Intel\Intel® Rapid Storage Technology\ISDI2.dll
2019-03-05 17:18 - 2003-06-30 00:00 - 000259584 ____N (LEAD Technologies, Inc.) [Brak podpisu cyfrowego] C:\Program Files (x86)\Brother\ControlCenter3\LTDIS12n.dll
2019-03-05 17:18 - 2005-07-05 00:00 - 000131584 ____N (LEAD Technologies, Inc.) [Brak podpisu cyfrowego] C:\Program Files (x86)\Brother\ControlCenter3\LTFIL12n.DLL
2019-03-05 17:18 - 2003-06-30 00:00 - 000406016 ____N (LEAD Technologies, Inc.) [Brak podpisu cyfrowego] C:\Program Files (x86)\Brother\ControlCenter3\LTKRN12n.dll
2019-03-27 22:48 - 2019-03-27 22:48 - 000115200 _____ (Microsoft Corporation) [Brak podpisu cyfrowego] [Plik w użyciu] C:\Windows\Microsoft.Net\assembly\GAC_32\System.EnterpriseServices\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.Wrapper.dll
2019-04-17 19:51 - 2019-04-17 19:51 - 000245760 _____ (Microsoft Corporation) [Brak podpisu cyfrowego] [Plik w użyciu] C:\Windows\WinSxS\amd64_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_08e61857a83bc251\msvcm90.dll
2019-01-09 11:25 - 2021-10-06 02:30 - 000983552 _____ (The Chromium Authors) [Brak podpisu cyfrowego] D:\Program Files (x86)\Steam\bin\cef\cef.win7x64\chrome_elf.dll
 
==================== Alternate Data Streams (filtrowane) ========
 
==================== Tryb awaryjny (filtrowane) ==================
 
(Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Wartość "AlternateShell" zostanie przywrócona.)
 
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
 
==================== Powiązania plików (filtrowane) =================
 
==================== Internet Explorer (Wersja 11) (filtrowane) ==========
 
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = 
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = 
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = 
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = 
HKU\S-1-5-21-2337610357-331856407-1874907210-1000\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
BHO: Bitdefender Trackers Blocking -> {159ff5d5-55f1-4d2f-b706-767a55f77abb} -> C:\Program Files\Bitdefender\Bitdefender Security\bdtbie.dll [2021-12-24] (Bitdefender SRL -> Bitdefender)
BHO: Portfel Bitdefender -> {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} -> C:\Program Files\Bitdefender\Bitdefender Security\pmbxie.dll [2021-12-24] (Bitdefender SRL -> Bitdefender)
BHO-x32: Bitdefender Trackers Blocking -> {159ff5d5-55f1-4d2f-b706-767a55f77abb} -> C:\Program Files\Bitdefender\Bitdefender Security\antispam32\bdtbie.dll [2021-12-24] (Bitdefender SRL -> Bitdefender)
BHO-x32: Portfel Bitdefender -> {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} -> C:\Program Files\Bitdefender\Bitdefender Security\Antispam32\pmbxie.dll [2021-12-24] (Bitdefender SRL -> Bitdefender)
Toolbar: HKLM - Portfel Bitdefender - {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} - C:\Program Files\Bitdefender\Bitdefender Security\pmbxie.dll [2021-12-24] (Bitdefender SRL -> Bitdefender)
Toolbar: HKLM-x32 - Portfel Bitdefender - {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} - C:\Program Files\Bitdefender\Bitdefender Security\Antispam32\pmbxie.dll [2021-12-24] (Bitdefender SRL -> Bitdefender)
Toolbar: HKU\S-1-5-21-2337610357-331856407-1874907210-1000 -> Brak nazwy - {C500C267-63BF-451F-8797-4D720C9A2ED9} -  Brak pliku
 
==================== Hosts - zawartość: =========================
 
(Użycie dyrektywy Hosts: w fixlist spowoduje reset pliku Hosts.)
 
2009-07-14 03:34 - 2021-12-28 19:29 - 000000824 _____ C:\Windows\system32\drivers\etc\hosts
 
==================== Inne obszary ===========================
 
(Obecnie brak automatycznej naprawy dla tej sekcji.)
 
HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Razer Chroma SDK\bin;C:\Program Files\Razer Chroma SDK\bin;C:\Program Files (x86)\Razer\ChromaBroadcast\bin;C:\Program Files\Razer\ChromaBroadcast\bin;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files\Common Files\Autodesk Shared\;C:\Program Files\Microsoft SQL Server\120\Tools\Binn\;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Program Files\NVIDIA Corporation\NVIDIA NvDLISR;
HKU\S-1-5-21-2337610357-331856407-1874907210-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\mind\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Zapora systemu Windows [funkcja włączona]
 
==================== MSCONFIG/TASK MANAGER - Wyłączone elementy ==
 
(Załączenie wejścia w fixlist spowoduje jego usunięcie.)
 
MSCONFIG\Services: AdAppMgrSvc => 2
MSCONFIG\Services: AdobeARMservice => 3
MSCONFIG\Services: AdobeUpdateService => 2
MSCONFIG\Services: AdskLicensingService => 2
MSCONFIG\Services: AfVpnService => 3
MSCONFIG\Services: AGMService => 2
MSCONFIG\Services: AGSService => 2
MSCONFIG\Services: AMD External Events Utility => 2
MSCONFIG\Services: bdredline_agent => 2
MSCONFIG\Services: BdVpnService => 2
MSCONFIG\Services: cphs => 3
MSCONFIG\Services: FlexNet Licensing Service => 2
MSCONFIG\Services: gadjservice => 2
MSCONFIG\Services: GalaxyClientService => 3
MSCONFIG\Services: GalaxyCommunication => 3
MSCONFIG\Services: GoogleChromeElevationService => 3
MSCONFIG\Services: gupdate => 3
MSCONFIG\Services: gupdatem => 3
MSCONFIG\Services: IAStorDataMgrSvc => 2
MSCONFIG\Services: igfxCUIService1.0.0.0 => 2
MSCONFIG\Services: Intel® PROSet Monitoring Service => 2
MSCONFIG\Services: LEDCtrl => 2
MSCONFIG\Services: MozillaMaintenance => 3
MSCONFIG\Services: NvContainerLocalSystem => 2
MSCONFIG\Services: NVDisplay.ContainerLocalSystem => 2
MSCONFIG\Services: ProductAgentService => 2
MSCONFIG\Services: Razer Chroma SDK Server => 2
MSCONFIG\Services: Razer Chroma SDK Service => 2
MSCONFIG\Services: Razer Chroma Stream Server => 2
MSCONFIG\Services: Razer Game Manager Service => 2
MSCONFIG\Services: Razer Synapse Service => 2
MSCONFIG\Services: RzActionSvc => 2
MSCONFIG\Services: Steam Client Service => 3
MSCONFIG\startupfolder: C:^Users^mind^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^GenuineService.lnk => C:\Windows\pss\GenuineService.lnk.Startup
 
==================== Reguły Zapory systemu Windows (filtrowane) ================
 
(Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.)
 
FirewallRules: [SPPSVC-In-TCP] => (Allow) C:\Windows\system32\sppsvc.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [SPPSVC-In-TCP-NoScope] => (Allow) C:\Windows\system32\sppsvc.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{1E35D3F4-2362-4197-BB28-281CF34C0CB1}] => (Allow) D:\Program Files (x86)\Steam\Steam.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{B52E7F41-63B4-4C36-B35D-C0C79613A20D}] => (Allow) D:\Program Files (x86)\Steam\Steam.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{FAFE880F-A743-4236-BD26-6357BE218FB1}] => (Allow) D:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{BBFB60F1-7B2D-455B-8EA7-D84EC95F5DB8}] => (Allow) D:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{07EE6B20-7C96-4924-9B07-E225B68AC22E}] => (Allow) C:\Program Files (x86)\McAfee\Supportability\MVT\MvtApp.exe => Brak pliku
FirewallRules: [{E4295618-28AB-4FB9-BF97-35260D635575}] => (Allow) C:\Program Files (x86)\McAfee\Supportability\MVT\MvtApp.exe => Brak pliku
FirewallRules: [{C68C3A9A-9F35-4825-A72B-AA58B837FD1A}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{453D1EAB-5C88-4630-91AF-3283A35DA87F}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{5D13AC2F-8C1F-4992-9AFD-DBDC685BA155}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{66C3021C-F572-4F4C-8EA1-046CF71BDE4E}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{683E33E3-9A7A-41B2-B36D-9D9CC2DB9BA3}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{0DB5B39F-9F5F-46EE-A193-761813DA480B}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{75D7A1F1-9965-46A8-B310-C017B219FF43}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\bin\SDKLauncher.exe => Brak pliku
FirewallRules: [{D657B643-25AA-46EC-9491-972EBD8F7305}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\bin\SDKLauncher.exe => Brak pliku
FirewallRules: [{DC5D9E04-EFDA-4D00-B073-D14EE7784C1E}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe (Valve Corp. -> )
FirewallRules: [{8D5C36B8-3EBF-4D13-B0FC-E8507A9ACEED}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe (Valve Corp. -> )
FirewallRules: [{181D38B9-5700-49F8-B2EC-BFCB27518936}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Test Drive Unlimited 2\UpLauncher.exe (Eden Games) [Brak podpisu cyfrowego]
FirewallRules: [{83360AAE-865F-4884-A38A-86D992EBAD41}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Test Drive Unlimited 2\UpLauncher.exe (Eden Games) [Brak podpisu cyfrowego]
FirewallRules: [{E248D665-BFF1-458A-A68F-DF6FA2294E9A}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{A9F06289-F9CB-4DBA-8808-AD384FC3C661}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{CFE58805-1291-4BFA-BBAD-6A9728F55649}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{CF0D48B4-05C2-46C6-AA63-774EA17AF13D}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (Nvidia Corporation -> NVIDIA Corporation)
FirewallRules: [{DC4D0437-6318-4455-A5E8-FE98F482B170}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (Nvidia Corporation -> NVIDIA Corporation)
 
==================== Punkty Przywracania systemu =========================
 
 
==================== Wadliwe urządzenia w Menedżerze urządzeń ============
 
Name: Kontroler Uniwersalnej magistrali szeregowej (USB)
Description: Kontroler Uniwersalnej magistrali szeregowej (USB)
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
 
Name: Urządzenie PCI
Description: Urządzenie PCI
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
 
 
==================== Błędy w Dzienniku zdarzeń: ========================
 
Dziennik Aplikacja:
==================
Error: (12/28/2021 06:29:11 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.
 
Error: (12/28/2021 06:24:14 PM) (Source: Brother BrLog) (EventID: 1001) (User: )
Description: WDLMW BrtWDLMW: [2021/12/28 18:24:14.387]: [00008092]: lperrcode->api = 3 , lperrcode->code = 31
 
Error: (12/28/2021 06:09:07 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nazwa aplikacji powodującej błąd: Razer Central.exe, wersja: 7.3.32.190, sygnatura czasowa: 0x61711ac3
Nazwa modułu powodującego błąd: KERNELBASE.dll, wersja: 6.1.7601.24545, sygnatura czasowa: 0x5e0eb7f5
Kod wyjątku: 0xe0434352
Przesunięcie błędu: 0x0000c5af
Identyfikator procesu powodującego błąd: 0x27bc
Godzina uruchomienia aplikacji powodującej błąd: 0x01d7fc0d9b2fe89b
Ścieżka aplikacji powodującej błąd: C:\Program Files (x86)\Razer\Razer Services\Razer Central\Razer Central.exe
Ścieżka modułu powodującego błąd: C:\Windows\syswow64\KERNELBASE.dll
Identyfikator raportu: dd4bb0b7-6800-11ec-8f01-888888888788
 
Error: (12/28/2021 06:09:05 PM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Aplikacja: Razer Central.exe
Wersja architektury: v4.0.30319
Opis: proces został przerwany z powodu nieobsłużonego wyjątku.
Informacje o wyjątku: System.Runtime.Remoting.RemotingException
 
Server stack trace: 
   w System.Runtime.Remoting.Channels.Ipc.IpcPort.Connect(String portName, Boolean secure, TokenImpersonationLevel impersonationLevel, Int32 timeout)
   w System.Runtime.Remoting.Channels.Ipc.ConnectionCache.GetConnection(String portName, Boolean secure, TokenImpersonationLevel level, Int32 timeout)
   w System.Runtime.Remoting.Channels.Ipc.IpcClientTransportSink.ProcessMessage(IMessage msg, ITransportHeaders requestHeaders, Stream requestStream, ITransportHeaders& responseHeaders, Stream& responseStream)
   w System.Runtime.Remoting.Channels.BinaryClientFormatterSink.SyncProcessMessage(IMessage msg)
   w System.Runtime.Remoting.Proxies.RealProxy.HandleReturnMessage(System.Runtime.Remoting.Messaging.IMessage, System.Runtime.Remoting.Messaging.IMessage)
   w System.Runtime.Remoting.Proxies.RealProxy.PrivateInvoke(System.Runtime.Remoting.Proxies.MessageData ByRef, Int32)
   w Microsoft.Shell.SingleInstance`1+IPCRemoteService[[System.__Canon, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089]].InvokeFirstInstance(System.Collections.Generic.IList`1<System.String>)
   w Microsoft.Shell.SingleInstance`1[[System.__Canon, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089]].SignalFirstInstance(System.String, System.Collections.Generic.IList`1<System.String>)
   w Microsoft.Shell.SingleInstance`1[[System.__Canon, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089]].InitializeAsFirstInstance(System.String)
   w RazerCentralApp.App.Main()
 
Error: (12/28/2021 06:07:28 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.
 
Error: (12/28/2021 06:06:04 PM) (Source: Brother BrLog) (EventID: 1001) (User: )
Description: WDLMW BrtWDLMW: [2021/12/28 18:06:04.091]: [00008072]: lperrcode->api = 1 , lperrcode->code = 2
 
Error: (12/28/2021 06:06:02 PM) (Source: Brother BrLog) (EventID: 1001) (User: )
Description: WDLMW BrtWDLMW: [2021/12/28 18:06:02.559]: [00008072]: lperrcode->api = 1 , lperrcode->code = 2
 
Error: (12/28/2021 06:06:01 PM) (Source: Brother BrLog) (EventID: 1001) (User: )
Description: WDLMW BrtWDLMW: [2021/12/28 18:06:01.055]: [00008072]: lperrcode->api = 1 , lperrcode->code = 2
 
 
Dziennik System:
=============
Error: (12/28/2021 07:58:01 PM) (Source: DCOM) (EventID: 10010) (User: )
Description: Serwer {BB6DF56B-CACE-11DC-9992-0019B93A3A84} nie zarejestrował się w modelu DCOM w wymaganym czasie.
 
Error: (12/28/2021 06:40:43 PM) (Source: Schannel) (EventID: 4119) (User: ZARZĄDZANIE NT)
Description: Odebrano następujący alert krytyczny: 70.
 
Error: (12/28/2021 06:40:13 PM) (Source: Schannel) (EventID: 4119) (User: ZARZĄDZANIE NT)
Description: Odebrano następujący alert krytyczny: 70.
 
Error: (12/28/2021 06:39:43 PM) (Source: Schannel) (EventID: 4119) (User: ZARZĄDZANIE NT)
Description: Odebrano następujący alert krytyczny: 70.
 
Error: (12/28/2021 06:39:12 PM) (Source: Schannel) (EventID: 4119) (User: ZARZĄDZANIE NT)
Description: Odebrano następujący alert krytyczny: 70.
 
Error: (12/28/2021 06:38:42 PM) (Source: Schannel) (EventID: 4119) (User: ZARZĄDZANIE NT)
Description: Odebrano następujący alert krytyczny: 70.
 
Error: (12/28/2021 06:38:12 PM) (Source: Schannel) (EventID: 4119) (User: ZARZĄDZANIE NT)
Description: Odebrano następujący alert krytyczny: 70.
 
Error: (12/28/2021 06:37:56 PM) (Source: Schannel) (EventID: 4119) (User: ZARZĄDZANIE NT)
Description: Odebrano następujący alert krytyczny: 70.
 
 
Windows Defender:
================
Date: 2019-02-27 14:44:26.641
Description: 
Skanowanie produktu Windows Defender zostało zatrzymane przed ukończeniem.
Identyfikator skanowania:{87ADE8D6-C3AF-4B92-BBE0-716E89B35DC9}
Typ skanowania:Oprogramowanie antyszpiegowskie
Parametry skanowania:Szybkie skanowanie
Użytkownik:mind-Komputer\mind
 
Date: 2019-02-27 14:43:59.570
Description: 
Skanowanie produktu Windows Defender zostało zatrzymane przed ukończeniem.
Identyfikator skanowania:{F3082CFE-472B-4733-BBA6-C939C92DE94C}
Typ skanowania:Oprogramowanie antyszpiegowskie
Parametry skanowania:Pełne skanowanie
Użytkownik:mind-Komputer\mind
 
Date: 2019-02-27 14:42:09.137
Description: 
Skanowanie produktu Windows Defender zostało zatrzymane przed ukończeniem.
Identyfikator skanowania:{C3F1C997-06DC-49AC-8096-E89DB250BB93}
Typ skanowania:Oprogramowanie antyszpiegowskie
Parametry skanowania:Szybkie skanowanie
Użytkownik:mind-Komputer\mind
 
Date: 2019-02-27 14:42:00.938
Description: 
Skanowanie produktu Windows Defender zostało zatrzymane przed ukończeniem.
Identyfikator skanowania:{B001E838-F937-4EF5-9EAD-EBE79CDE39FB}
Typ skanowania:Oprogramowanie antyszpiegowskie
Parametry skanowania:Szybkie skanowanie
Użytkownik:mind-Komputer\mind
Event[0]:
 
Date: 2019-02-27 12:45:46.442
Description: 
Produkt Windows Defender napotkał błąd podczas próby aktualizacji aparatu.
Nowa wersja aparatu:1.1.15700.9
Poprzednia wersja aparatu:1.1.6402.0
Źródło aktualizacji:Użytkownik
Użytkownik:ZARZĄDZANIE NT\SYSTEM
Kod błędu:0x8050800c
Opis błędu:Wystąpił nieoczekiwany problem. Zainstaluj dostępne aktualizacje, a następnie spróbuj ponownie uruchomić program. Aby uzyskać informacje na temat instalowania aktualizacji, zobacz Pomoc i obsługę techniczną. 
 
Date: 2019-02-27 12:45:28.130
Description: 
Produkt Windows Defender napotkał błąd podczas próby aktualizacji aparatu.
Nowa wersja aparatu:1.1.15700.9
Poprzednia wersja aparatu:1.1.6402.0
Źródło aktualizacji:Użytkownik
Użytkownik:ZARZĄDZANIE NT\SYSTEM
Kod błędu:0x8050800c
Opis błędu:Wystąpił nieoczekiwany problem. Zainstaluj dostępne aktualizacje, a następnie spróbuj ponownie uruchomić program. Aby uzyskać informacje na temat instalowania aktualizacji, zobacz Pomoc i obsługę techniczną. 
 
Date: 2019-02-26 20:33:40.311
Description: 
Produkt Windows Defender napotkał błąd podczas próby aktualizacji aparatu.
Nowa wersja aparatu:1.1.15700.8
Poprzednia wersja aparatu:1.1.6402.0
Źródło aktualizacji:Użytkownik
Użytkownik:ZARZĄDZANIE NT\SYSTEM
Kod błędu:0x8050800c
Opis błędu:Wystąpił nieoczekiwany problem. Zainstaluj dostępne aktualizacje, a następnie spróbuj ponownie uruchomić program. Aby uzyskać informacje na temat instalowania aktualizacji, zobacz Pomoc i obsługę techniczną. 
 
Date: 2019-02-26 20:33:21.938
Description: 
Produkt Windows Defender napotkał błąd podczas próby aktualizacji aparatu.
Nowa wersja aparatu:1.1.15700.8
Poprzednia wersja aparatu:1.1.6402.0
Źródło aktualizacji:Użytkownik
Użytkownik:ZARZĄDZANIE NT\SYSTEM
Kod błędu:0x8050800c
Opis błędu:Wystąpił nieoczekiwany problem. Zainstaluj dostępne aktualizacje, a następnie spróbuj ponownie uruchomić program. Aby uzyskać informacje na temat instalowania aktualizacji, zobacz Pomoc i obsługę techniczną. 
 
Date: 2019-02-26 20:32:51.142
Description: 
Produkt Windows Defender napotkał błąd podczas próby aktualizacji aparatu.
Nowa wersja aparatu:1.1.15700.8
Poprzednia wersja aparatu:1.1.6402.0
Źródło aktualizacji:Użytkownik
Użytkownik:ZARZĄDZANIE NT\SYSTEM
Kod błędu:0x8050800c
Opis błędu:Wystąpił nieoczekiwany problem. Zainstaluj dostępne aktualizacje, a następnie spróbuj ponownie uruchomić program. Aby uzyskać informacje na temat instalowania aktualizacji, zobacz Pomoc i obsługę techniczną. 
 
==================== Statystyki pamięci =========================== 
 
BIOS: American Megatrends Inc. F3 08/20/2015
Płyta główna: Gigabyte Technology Co., Ltd. G1.Sniper B6-CF
Procesor: Intel® Core™ i5-4460 CPU @ 3.20GHz
Procent pamięci w użyciu: 83%
Całkowita pamięć fizyczna: 8083.27 MB
Dostępna pamięć fizyczna: 1335.77 MB
Całkowita pamięć wirtualna: 16164.69 MB
Dostępna pamięć wirtualna: 6386.16 MB
 
==================== Dyski ================================
 
Drive c: () (Fixed) (Total:111.79 GB) (Free:7.05 GB) NTFS
Drive d: () (Fixed) (Total:223.57 GB) (Free:61.19 GB) NTFS ==>[system z komponentami startowymi (pozyskano odczytując dysk)]
 
 
==================== MBR & Tablica partycji ====================
 
==========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 223.6 GB) (Disk ID: 1FE0FBAE)
Partition 1: (Active) - (Size=223.6 GB) - (Type=07 NTFS)
 
==========================================================
Disk: 1 (MBR Code: Windows 7/8/10) (Size: 111.8 GB) (Disk ID: 0A2D2557)
Partition 1: (Not Active) - (Size=111.8 GB) - (Type=07 NTFS)
 
==================== Koniec  Addition.txt =======================

#3 nasdaq

nasdaq

  • Avatar image
  • Malware Response Team
  • 48,328 posts
  • OFFLINE
    •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:08:21 AM

Posted 28 December 2021 - 03:31 PM

Hello, Welcome to BleepingComputer.
I'm nasdaq and will be helping you.
 
If you can please print this topic it will make it easier for you to follow the instructions and complete all of the necessary steps in the order listed.
===
 
Press the Windows key + r on your keyboard at the same time. This will open the RUN BOX.
Type Notepad and and click the OK key.
Please copy the entire contents of the code box below to the a new file.
 
start
 
Comment: For your security a new restore point will be created.
CreateRestorePoint:
Comment: We need to close all processes to complete the fix.
CloseProcesses:
 
Comment: Items from the FRST.TXT log that will be removed from the Registry.
 
HKU\S-1-5-21-2337610357-331856407-1874907210-1000\...\Run: [GalaxyClient] => [X]
Task: {08996859-958B-4196-A5A3-14F594D0D95E} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe do-task "308046B0AF4A39CB"
Task: {AB6CF592-1589-4106-B62B-17C5176AAF27} - System32\Tasks\AdobeAAMUpdater-1.0-mind-Komputer-mind => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe -mode=scheduled (Brak pliku)
FF Plugin: @microsoft.com/GENUINE -> disabled [Brak pliku]
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [Brak pliku]
S3 atillk64; \??\C:\Users\mind\Downloads\atiflash_284\atillk64.sys [X]
S3 cpuz149; \??\C:\Windows\temp\cpuz149\cpuz149_x64.sys [X]
S3 DIRECTIO; \??\C:\Program Files\PerformanceTest\DirectIo64.sys [X]
S3 GVCIDrv; \??\C:\Program Files (x86)\Gigabyte\AORUS ENGINE\GVCIDrv64.sys [X]
U3 aswMBR; \??\C:\Users\mind\AppData\Local\Temp\aswMBR.sys [X] <==== UWAGA
U3 aswVmm; \??\C:\Users\mind\AppData\Local\Temp\aswVmm.sys [X] <==== UWAGA
 
Comment: Items from the Addition.txt log that will be removed.
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} =>  -> Brak pliku
ContextMenuHandlers1: [ArcabitShell] -> {D7824897-C8DC-49b4-B790-30F7ED16A5FD} => C:\Program Files\Arcabit\bin\arcashl.dll -> Brak pliku
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} =>  -> Brak pliku
ContextMenuHandlers6: [ArcabitShell] -> {D7824897-C8DC-49b4-B790-30F7ED16A5FD} => C:\Program Files\Arcabit\bin\arcashl.dll -> Brak pliku
Toolbar: HKU\S-1-5-21-2337610357-331856407-1874907210-1000 -> Brak nazwy - {C500C267-63BF-451F-8797-4D720C9A2ED9} -  Brak pliku
FirewallRules: [{07EE6B20-7C96-4924-9B07-E225B68AC22E}] => (Allow) C:\Program Files (x86)\McAfee\Supportability\MVT\MvtApp.exe => Brak pliku
FirewallRules: [{E4295618-28AB-4FB9-BF97-35260D635575}] => (Allow) C:\Program Files (x86)\McAfee\Supportability\MVT\MvtApp.exe => Brak pliku
FirewallRules: [{75D7A1F1-9965-46A8-B310-C017B219FF43}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\bin\SDKLauncher.exe => Brak pliku
FirewallRules: [{D657B643-25AA-46EC-9491-972EBD8F7305}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\bin\SDKLauncher.exe => Brak pliku
 
Cmment: Will check the integrity of the Disk.
CMD: ECHO Y|CHKDSK C: /F
 
Comment: To rebuild the performance counter library values.
CMD: "%WINDIR%\SYSTEM32\lodctr.exe" /R
CMD: "%WINDIR%\SysWOW64\lodctr.exe" /R
CMD: "C:\Windows\SYSTEM32\lodctr.exe" /R
CMD: "C:\Windows\SysWOW64\lodctr.exe" /R
 
Comment: Use Farbar routine to delete temp files
C:\Windows\Temp\*.*
C:\WINDOWS\system32\*.tmp
C:\WINDOWS\syswow64\*.tmp
 
cmd: sfc /scannow
cmd: DISM.exe /Online /Cleanup-image /Scanhealth
cmd: DISM.exe /Online /Cleanup-image /Restorehealth
 
Reboot:
 
End
 
Save the file as fixlist.txt in the same folder where the Farbar tool is running from.
The location is listed in the 3rd line of the Farbar log you have submitted.
 
Run FRST and click Fix only once and wait.
 
The tool will create a log (Fixlog.txt) please post it to your reply.
===
 
 
Please post the Fixlog.txt and let me know what problem persists.

#4 michalp

michalp
  • Topic Starter

  • Avatar image
  • Members
  • 16 posts
  • OFFLINE
    •  
  • Local time:02:21 PM

Posted 29 December 2021 - 11:34 AM

Computer still slow boot.
 
Rezultat naprawy Farbar Recovery Scan Tool (x64) Wersja: 27-12-2021
Uruchomiony przez mind (29-12-2021 17:15:16) Run:1
Uruchomiony z C:\Users\mind\Desktop
Załadowane profile: mind
Tryb startu: Normal
==============================================
 
fixlist - zawartość:
*****************
start
 
Comment: For your security a new restore point will be created.
CreateRestorePoint:
Comment: We need to close all processes to complete the fix.
CloseProcesses:
 
Comment: Items from the FRST.TXT log that will be removed from the Registry.
 
HKU\S-1-5-21-2337610357-331856407-1874907210-1000\...\Run: [GalaxyClient] => [X]
Task: {08996859-958B-4196-A5A3-14F594D0D95E} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe do-task "308046B0AF4A39CB"
Task: {AB6CF592-1589-4106-B62B-17C5176AAF27} - System32\Tasks\AdobeAAMUpdater-1.0-mind-Komputer-mind => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe -mode=scheduled (Brak pliku)
FF Plugin: @microsoft.com/GENUINE -> disabled [Brak pliku]
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [Brak pliku]
S3 atillk64; \??\C:\Users\mind\Downloads\atiflash_284\atillk64.sys [X]
S3 cpuz149; \??\C:\Windows\temp\cpuz149\cpuz149_x64.sys [X]
S3 DIRECTIO; \??\C:\Program Files\PerformanceTest\DirectIo64.sys [X]
S3 GVCIDrv; \??\C:\Program Files (x86)\Gigabyte\AORUS ENGINE\GVCIDrv64.sys [X]
U3 aswMBR; \??\C:\Users\mind\AppData\Local\Temp\aswMBR.sys [X] <==== UWAGA
U3 aswVmm; \??\C:\Users\mind\AppData\Local\Temp\aswVmm.sys [X] <==== UWAGA
 
Comment: Items from the Addition.txt log that will be removed.
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} =>  -> Brak pliku
ContextMenuHandlers1: [ArcabitShell] -> {D7824897-C8DC-49b4-B790-30F7ED16A5FD} => C:\Program Files\Arcabit\bin\arcashl.dll -> Brak pliku
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} =>  -> Brak pliku
ContextMenuHandlers6: [ArcabitShell] -> {D7824897-C8DC-49b4-B790-30F7ED16A5FD} => C:\Program Files\Arcabit\bin\arcashl.dll -> Brak pliku
Toolbar: HKU\S-1-5-21-2337610357-331856407-1874907210-1000 -> Brak nazwy - {C500C267-63BF-451F-8797-4D720C9A2ED9} -  Brak pliku
FirewallRules: [{07EE6B20-7C96-4924-9B07-E225B68AC22E}] => (Allow) C:\Program Files (x86)\McAfee\Supportability\MVT\MvtApp.exe => Brak pliku
FirewallRules: [{E4295618-28AB-4FB9-BF97-35260D635575}] => (Allow) C:\Program Files (x86)\McAfee\Supportability\MVT\MvtApp.exe => Brak pliku
FirewallRules: [{75D7A1F1-9965-46A8-B310-C017B219FF43}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\bin\SDKLauncher.exe => Brak pliku
FirewallRules: [{D657B643-25AA-46EC-9491-972EBD8F7305}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\bin\SDKLauncher.exe => Brak pliku
 
Cmment: Will check the integrity of the Disk.
CMD: ECHO Y|CHKDSK C: /F
 
Comment: To rebuild the performance counter library values.
CMD: "%WINDIR%\SYSTEM32\lodctr.exe" /R
CMD: "%WINDIR%\SysWOW64\lodctr.exe" /R
CMD: "C:\Windows\SYSTEM32\lodctr.exe" /R
CMD: "C:\Windows\SysWOW64\lodctr.exe" /R
 
Comment: Use Farbar routine to delete temp files
C:\Windows\Temp\*.*
C:\WINDOWS\system32\*.tmp
C:\WINDOWS\syswow64\*.tmp
 
cmd: sfc /scannow
cmd: DISM.exe /Online /Cleanup-image /Scanhealth
cmd: DISM.exe /Online /Cleanup-image /Restorehealth
 
Reboot:
 
End
*****************
 
Punkt przywracania został pomyślnie utworzony.
Procesy zostały pomyślnie zamknięte.
"HKU\S-1-5-21-2337610357-331856407-1874907210-1000\Software\Microsoft\Windows\CurrentVersion\Run\\GalaxyClient" => pomyślnie usunięto
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{08996859-958B-4196-A5A3-14F594D0D95E}" => pomyślnie usunięto
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{08996859-958B-4196-A5A3-14F594D0D95E}" => pomyślnie usunięto
C:\Windows\System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => pomyślnie przeniesiono
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB" => pomyślnie usunięto
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{AB6CF592-1589-4106-B62B-17C5176AAF27}" => pomyślnie usunięto
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{AB6CF592-1589-4106-B62B-17C5176AAF27}" => pomyślnie usunięto
C:\Windows\System32\Tasks\AdobeAAMUpdater-1.0-mind-Komputer-mind => pomyślnie przeniesiono
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\AdobeAAMUpdater-1.0-mind-Komputer-mind" => pomyślnie usunięto
HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE => pomyślnie usunięto
HKLM\Software\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE => pomyślnie usunięto
HKLM\System\CurrentControlSet\Services\atillk64 => pomyślnie usunięto
atillk64 => serwis pomyślnie usunięto
HKLM\System\CurrentControlSet\Services\cpuz149 => pomyślnie usunięto
cpuz149 => serwis pomyślnie usunięto
HKLM\System\CurrentControlSet\Services\DIRECTIO => pomyślnie usunięto
DIRECTIO => serwis pomyślnie usunięto
HKLM\System\CurrentControlSet\Services\GVCIDrv => pomyślnie usunięto
GVCIDrv => serwis pomyślnie usunięto
aswMBR => serwis nie znaleziono.
aswVmm => serwis nie znaleziono.
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\00asw => pomyślnie usunięto
HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\ArcabitShell => pomyślnie usunięto
HKLM\Software\Classes\CLSID\{D7824897-C8DC-49b4-B790-30F7ED16A5FD} => pomyślnie usunięto
HKLM\Software\Classes\Directory\Background\ShellEx\ContextMenuHandlers\igfxcui => pomyślnie usunięto
HKLM\Software\Classes\Folder\ShellEx\ContextMenuHandlers\ArcabitShell => pomyślnie usunięto
"HKU\S-1-5-21-2337610357-331856407-1874907210-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{C500C267-63BF-451F-8797-4D720C9A2ED9}" => pomyślnie usunięto
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{07EE6B20-7C96-4924-9B07-E225B68AC22E}" => pomyślnie usunięto
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{E4295618-28AB-4FB9-BF97-35260D635575}" => pomyślnie usunięto
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{75D7A1F1-9965-46A8-B310-C017B219FF43}" => pomyślnie usunięto
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{D657B643-25AA-46EC-9491-972EBD8F7305}" => pomyślnie usunięto
Cmment: Will check the integrity of the Disk. => Błąd: Nie znaleziono automatycznej naprawy dla tego wejścia.
 
========= ECHO Y|CHKDSK C: /F =========
 
Typ systemu plik˘w to NTFS.
Nie moľna zablokowa† bieľĄcego dysku.
 
Program CHKDSK nie moľe dziaa†, poniewaľ wolumin jest uľywany przez inny
proces. Czy wolumin ten ma by† sprawdzany przy nast©pnym uruchomieniu
komputera? (T/N) Y
 
Program CHKDSK nie moľe dziaa†, poniewaľ wolumin jest uľywany przez inny
proces. Czy wolumin ten ma by† sprawdzany przy nast©pnym uruchomieniu
komputera? (T/N) 
Program CHKDSK nie moľe dziaa†, poniewaľ wolumin jest uľywany przez inny
proces. Czy wolumin ten ma by† sprawdzany przy nast©pnym uruchomieniu
komputera? (T/N) 
========= Koniec  CMD: =========
 
 
========= "%WINDIR%\SYSTEM32\lodctr.exe" /R =========
 
 
Informacje: Ustawienie licznika wydajnoci zostao odbudowane pomylnie z systemowego magazynu kopii zapasowych.
========= Koniec  CMD: =========
 
 
========= "%WINDIR%\SysWOW64\lodctr.exe" /R =========
 
 
Informacje: Ustawienie licznika wydajnoci zostao odbudowane pomylnie z systemowego magazynu kopii zapasowych.
========= Koniec  CMD: =========
 
 
========= "C:\Windows\SYSTEM32\lodctr.exe" /R =========
 
 
Informacje: Ustawienie licznika wydajnoci zostao odbudowane pomylnie z systemowego magazynu kopii zapasowych.
========= Koniec  CMD: =========
 
 
========= "C:\Windows\SysWOW64\lodctr.exe" /R =========
 
 
Informacje: Ustawienie licznika wydajnoci zostao odbudowane pomylnie z systemowego magazynu kopii zapasowych.
========= Koniec  CMD: =========
 
 
=========== "C:\Windows\Temp\*.*" ==========
 
C:\Windows\Temp\AdAppMgrUpdater.exe => pomyślnie przeniesiono
C:\Windows\Temp\AdobeARM.log => pomyślnie przeniesiono
C:\Windows\Temp\AdobeARM_Helper.log => pomyślnie przeniesiono
C:\Windows\Temp\adobegc.log => pomyślnie przeniesiono
C:\Windows\Temp\af397ef28e484961ba48646a5d38cf54.db => pomyślnie przeniesiono
C:\Windows\Temp\af397ef28e484961ba48646a5d38cf54.db.ses => pomyślnie przeniesiono
C:\Windows\Temp\ArmUI.ini => pomyślnie przeniesiono
C:\Windows\Temp\chrome_installer.log => pomyślnie przeniesiono
C:\Windows\Temp\dd_vcredist_amd64_20210904123829.log => pomyślnie przeniesiono
C:\Windows\Temp\dd_vcredist_amd64_20210910131156.log => pomyślnie przeniesiono
C:\Windows\Temp\dd_vcredist_amd64_20210930122924.log => pomyślnie przeniesiono
C:\Windows\Temp\dd_vcredist_amd64_20211016112011.log => pomyślnie przeniesiono
C:\Windows\Temp\dd_vcredist_amd64_20211030105348.log => pomyślnie przeniesiono
C:\Windows\Temp\dd_vcredist_amd64_20211120105956.log => pomyślnie przeniesiono
C:\Windows\Temp\dd_vcredist_amd64_20211202074717.log => pomyślnie przeniesiono
C:\Windows\Temp\dd_vcredist_amd64_20211217122213.log => pomyślnie przeniesiono
C:\Windows\Temp\dd_vcredist_x86_20210904123713.log => pomyślnie przeniesiono
C:\Windows\Temp\dd_vcredist_x86_20210904123713_000_vcRuntimeMinimum_x86.log => pomyślnie przeniesiono
C:\Windows\Temp\dd_vcredist_x86_20210904123713_001_vcRuntimeAdditional_x86.log => pomyślnie przeniesiono
C:\Windows\Temp\dd_vcredist_x86_20210904123738.log => pomyślnie przeniesiono
C:\Windows\Temp\dd_vcredist_x86_20210904123827.log => pomyślnie przeniesiono
C:\Windows\Temp\dd_vcredist_x86_20210910131154.log => pomyślnie przeniesiono
C:\Windows\Temp\dd_vcredist_x86_20210930122922.log => pomyślnie przeniesiono
C:\Windows\Temp\dd_vcredist_x86_20211016112009.log => pomyślnie przeniesiono
C:\Windows\Temp\dd_vcredist_x86_20211030105346.log => pomyślnie przeniesiono
C:\Windows\Temp\dd_vcredist_x86_20211120105953.log => pomyślnie przeniesiono
C:\Windows\Temp\dd_vcredist_x86_20211202074715.log => pomyślnie przeniesiono
C:\Windows\Temp\dd_vcredist_x86_20211203131922.log => pomyślnie przeniesiono
C:\Windows\Temp\dd_vcredist_x86_20211217122211.log => pomyślnie przeniesiono
C:\Windows\Temp\FXSAPIDebugLogFile.txt => pomyślnie przeniesiono
C:\Windows\Temp\FXSTIFFDebugLogFile.txt => pomyślnie przeniesiono
C:\Windows\Temp\iphttps.txt => pomyślnie przeniesiono
C:\Windows\Temp\mat-debug-10012.log => pomyślnie przeniesiono
C:\Windows\Temp\mat-debug-11328.log => pomyślnie przeniesiono
C:\Windows\Temp\mat-debug-11632.log => pomyślnie przeniesiono
C:\Windows\Temp\mat-debug-12152.log => pomyślnie przeniesiono
C:\Windows\Temp\mat-debug-12508.log => pomyślnie przeniesiono
C:\Windows\Temp\mat-debug-12872.log => pomyślnie przeniesiono
C:\Windows\Temp\mat-debug-12992.log => pomyślnie przeniesiono
C:\Windows\Temp\mat-debug-13748.log => pomyślnie przeniesiono
C:\Windows\Temp\mat-debug-14232.log => pomyślnie przeniesiono
C:\Windows\Temp\mat-debug-14396.log => pomyślnie przeniesiono
C:\Windows\Temp\mat-debug-14520.log => pomyślnie przeniesiono
C:\Windows\Temp\mat-debug-14544.log => pomyślnie przeniesiono
C:\Windows\Temp\mat-debug-14700.log => pomyślnie przeniesiono
C:\Windows\Temp\mat-debug-14752.log => pomyślnie przeniesiono
C:\Windows\Temp\mat-debug-14924.log => pomyślnie przeniesiono
C:\Windows\Temp\mat-debug-15044.log => pomyślnie przeniesiono
C:\Windows\Temp\mat-debug-15052.log => pomyślnie przeniesiono
C:\Windows\Temp\mat-debug-15228.log => pomyślnie przeniesiono
C:\Windows\Temp\mat-debug-16148.log => pomyślnie przeniesiono
C:\Windows\Temp\mat-debug-16380.log => pomyślnie przeniesiono
C:\Windows\Temp\mat-debug-17316.log => pomyślnie przeniesiono
C:\Windows\Temp\mat-debug-1904.log => pomyślnie przeniesiono
C:\Windows\Temp\mat-debug-2552.log => pomyślnie przeniesiono
C:\Windows\Temp\mat-debug-3172.log => pomyślnie przeniesiono
C:\Windows\Temp\mat-debug-3368.log => pomyślnie przeniesiono
C:\Windows\Temp\mat-debug-3564.log => pomyślnie przeniesiono
C:\Windows\Temp\mat-debug-3596.log => pomyślnie przeniesiono
C:\Windows\Temp\mat-debug-5436.log => pomyślnie przeniesiono
C:\Windows\Temp\mat-debug-5500.log => pomyślnie przeniesiono
C:\Windows\Temp\mat-debug-5532.log => pomyślnie przeniesiono
C:\Windows\Temp\mat-debug-6200.log => pomyślnie przeniesiono
C:\Windows\Temp\mat-debug-6760.log => pomyślnie przeniesiono
C:\Windows\Temp\mat-debug-6868.log => pomyślnie przeniesiono
C:\Windows\Temp\mat-debug-6956.log => pomyślnie przeniesiono
C:\Windows\Temp\mat-debug-7008.log => pomyślnie przeniesiono
C:\Windows\Temp\mat-debug-7172.log => pomyślnie przeniesiono
C:\Windows\Temp\mat-debug-7276.log => pomyślnie przeniesiono
C:\Windows\Temp\mat-debug-7476.log => pomyślnie przeniesiono
C:\Windows\Temp\mat-debug-7608.log => pomyślnie przeniesiono
C:\Windows\Temp\mat-debug-7720.log => pomyślnie przeniesiono
C:\Windows\Temp\mat-debug-7740.log => pomyślnie przeniesiono
C:\Windows\Temp\mat-debug-7784.log => pomyślnie przeniesiono
C:\Windows\Temp\mat-debug-7912.log => pomyślnie przeniesiono
C:\Windows\Temp\mat-debug-8044.log => pomyślnie przeniesiono
C:\Windows\Temp\mat-debug-8060.log => pomyślnie przeniesiono
C:\Windows\Temp\mat-debug-8120.log => pomyślnie przeniesiono
C:\Windows\Temp\mat-debug-8548.log => pomyślnie przeniesiono
C:\Windows\Temp\mat-debug-8732.log => pomyślnie przeniesiono
C:\Windows\Temp\mat-debug-8944.log => pomyślnie przeniesiono
C:\Windows\Temp\mat-debug-8952.log => pomyślnie przeniesiono
C:\Windows\Temp\mat-debug-9020.log => pomyślnie przeniesiono
C:\Windows\Temp\mat-debug-9404.log => pomyślnie przeniesiono
C:\Windows\Temp\mat-debug-9596.log => pomyślnie przeniesiono
C:\Windows\Temp\msedge_installer.log => pomyślnie przeniesiono
C:\Windows\Temp\SPLEB38.tmp => pomyślnie przeniesiono
C:\Windows\Temp\teredo.txt => pomyślnie przeniesiono
C:\Windows\Temp\update.ini => pomyślnie przeniesiono
C:\Windows\Temp\WER-10067072-0.sysdata.xml => pomyślnie przeniesiono
C:\Windows\Temp\WER-10631124-0.sysdata.xml => pomyślnie przeniesiono
C:\Windows\Temp\WER-1286197-0.sysdata.xml => pomyślnie przeniesiono
C:\Windows\Temp\WER-14685044-0.sysdata.xml => pomyślnie przeniesiono
C:\Windows\Temp\WER-1617262-0.sysdata.xml => pomyślnie przeniesiono
C:\Windows\Temp\WER-20017065-0.sysdata.xml => pomyślnie przeniesiono
C:\Windows\Temp\WER-20386226-0.sysdata.xml => pomyślnie przeniesiono
C:\Windows\Temp\WER-21028185-0.sysdata.xml => pomyślnie przeniesiono
C:\Windows\Temp\WER-4877090-0.sysdata.xml => pomyślnie przeniesiono
C:\Windows\Temp\WER-496270-0.sysdata.xml => pomyślnie przeniesiono
C:\Windows\Temp\WER-5662087-0.sysdata.xml => pomyślnie przeniesiono
C:\Windows\Temp\WER-578108-0.sysdata.xml => pomyślnie przeniesiono
C:\Windows\Temp\WER-857022-0.sysdata.xml => pomyślnie przeniesiono
C:\Windows\Temp\WER-893090-0.sysdata.xml => pomyślnie przeniesiono
C:\Windows\Temp\WER-9202093-0.sysdata.xml => pomyślnie przeniesiono
C:\Windows\Temp\WER-9992051-0.sysdata.xml => pomyślnie przeniesiono
C:\Windows\Temp\WERED1C.tmp.appcompat.txt => pomyślnie przeniesiono
C:\Windows\Temp\WEREE07.tmp.WERInternalMetadata.xml => pomyślnie przeniesiono
C:\Windows\Temp\WEREE17.tmp.hdmp => pomyślnie przeniesiono
 
========= Koniec -> "C:\Windows\Temp\*.*" ========
 
 
=========== "C:\WINDOWS\system32\*.tmp" ==========
 
nie znaleziono
 
========= Koniec -> "C:\WINDOWS\system32\*.tmp" ========
 
 
=========== "C:\WINDOWS\syswow64\*.tmp" ==========
 
C:\WINDOWS\syswow64\is-54A5G.tmp => pomyślnie przeniesiono
C:\WINDOWS\syswow64\is-BB04B.tmp => pomyślnie przeniesiono
 
========= Koniec -> "C:\WINDOWS\syswow64\*.tmp" ========
 
 
========= sfc /scannow =========
 
 
 
Rozpoczynanie skanowania systemu. Ten proces zajmie troch© czasu.
 
 
 
Rozpoczynanie fazy weryfikacji w skanowaniu systemu.
 
Weryfikowanie ukoäczone w 0%.Weryfikowanie ukoäczone w 1%.Weryfikowanie ukoäczone w 1%.Weryfikowanie ukoäczone w 2%.Weryfikowanie ukoäczone w 3%.Weryfikowanie ukoäczone w 3%.Weryfikowanie ukoäczone w 4%.Weryfikowanie ukoäczone w 4%.Weryfikowanie ukoäczone w 5%.Weryfikowanie ukoäczone w 6%.Weryfikowanie ukoäczone w 6%.Weryfikowanie ukoäczone w 7%.Weryfikowanie ukoäczone w 7%.Weryfikowanie ukoäczone w 8%.Weryfikowanie ukoäczone w 9%.Weryfikowanie ukoäczone w 9%.Weryfikowanie ukoäczone w 10%.Weryfikowanie ukoäczone w 11%.Weryfikowanie ukoäczone w 11%.Weryfikowanie ukoäczone w 12%.Weryfikowanie ukoäczone w 12%.Weryfikowanie ukoäczone w 13%.Weryfikowanie ukoäczone w 14%.Weryfikowanie ukoäczone w 14%.Weryfikowanie ukoäczone w 15%.Weryfikowanie ukoäczone w 15%.Weryfikowanie ukoäczone w 16%.Weryfikowanie ukoäczone w 17%.Weryfikowanie ukoäczone w 17%.Weryfikowanie ukoäczone w 18%.Weryfikowanie ukoäczone w 18%.Weryfikowanie ukoäczone w 19%.Weryfikowanie ukoäczone w 20%.Weryfikowanie ukoäczone w 20%.Weryfikowanie ukoäczone w 21%.Weryfikowanie ukoäczone w 22%.Weryfikowanie ukoäczone w 22%.Weryfikowanie ukoäczone w 23%.Weryfikowanie ukoäczone w 23%.Weryfikowanie ukoäczone w 24%.Weryfikowanie ukoäczone w 25%.Weryfikowanie ukoäczone w 25%.Weryfikowanie ukoäczone w 26%.Weryfikowanie ukoäczone w 26%.Weryfikowanie ukoäczone w 27%.Weryfikowanie ukoäczone w 28%.Weryfikowanie ukoäczone w 28%.Weryfikowanie ukoäczone w 29%.Weryfikowanie ukoäczone w 29%.Weryfikowanie ukoäczone w 30%.Weryfikowanie ukoäczone w 31%.Weryfikowanie ukoäczone w 31%.Weryfikowanie ukoäczone w 32%.Weryfikowanie ukoäczone w 33%.Weryfikowanie ukoäczone w 33%.Weryfikowanie ukoäczone w 34%.Weryfikowanie ukoäczone w 34%.Weryfikowanie ukoäczone w 35%.Weryfikowanie ukoäczone w 36%.Weryfikowanie ukoäczone w 36%.Weryfikowanie ukoäczone w 37%.Weryfikowanie ukoäczone w 37%.Weryfikowanie ukoäczone w 38%.Weryfikowanie ukoäczone w 39%.Weryfikowanie ukoäczone w 39%.Weryfikowanie ukoäczone w 40%.Weryfikowanie ukoäczone w 40%.Weryfikowanie ukoäczone w 41%.Weryfikowanie ukoäczone w 42%.Weryfikowanie ukoäczone w 42%.Weryfikowanie ukoäczone w 43%.Weryfikowanie ukoäczone w 44%.Weryfikowanie ukoäczone w 44%.Weryfikowanie ukoäczone w 45%.Weryfikowanie ukoäczone w 45%.Weryfikowanie ukoäczone w 46%.Weryfikowanie ukoäczone w 47%.Weryfikowanie ukoäczone w 47%.Weryfikowanie ukoäczone w 48%.Weryfikowanie ukoäczone w 48%.Weryfikowanie ukoäczone w 49%.Weryfikowanie ukoäczone w 50%.Weryfikowanie ukoäczone w 50%.Weryfikowanie ukoäczone w 51%.Weryfikowanie ukoäczone w 51%.Weryfikowanie ukoäczone w 52%.Weryfikowanie ukoäczone w 53%.Weryfikowanie ukoäczone w 53%.Weryfikowanie ukoäczone w 54%.Weryfikowanie ukoäczone w 55%.Weryfikowanie ukoäczone w 55%.Weryfikowanie ukoäczone w 56%.Weryfikowanie ukoäczone w 56%.Weryfikowanie ukoäczone w 57%.Weryfikowanie ukoäczone w 58%.Weryfikowanie ukoäczone w 58%.Weryfikowanie ukoäczone w 59%.Weryfikowanie ukoäczone w 59%.Weryfikowanie ukoäczone w 60%.Weryfikowanie ukoäczone w 61%.Weryfikowanie ukoäczone w 61%.Weryfikowanie ukoäczone w 62%.Weryfikowanie ukoäczone w 62%.Weryfikowanie ukoäczone w 63%.Weryfikowanie ukoäczone w 64%.Weryfikowanie ukoäczone w 64%.Weryfikowanie ukoäczone w 65%.Weryfikowanie ukoäczone w 66%.Weryfikowanie ukoäczone w 66%.Weryfikowanie ukoäczone w 67%.Weryfikowanie ukoäczone w 67%.Weryfikowanie ukoäczone w 68%.Weryfikowanie ukoäczone w 69%.Weryfikowanie ukoäczone w 69%.Weryfikowanie ukoäczone w 70%.Weryfikowanie ukoäczone w 70%.Weryfikowanie ukoäczone w 71%.Weryfikowanie ukoäczone w 72%.Weryfikowanie ukoäczone w 72%.Weryfikowanie ukoäczone w 73%.Weryfikowanie ukoäczone w 73%.Weryfikowanie ukoäczone w 74%.Weryfikowanie ukoäczone w 75%.Weryfikowanie ukoäczone w 75%.Weryfikowanie ukoäczone w 76%.Weryfikowanie ukoäczone w 77%.Weryfikowanie ukoäczone w 77%.Weryfikowanie ukoäczone w 78%.Weryfikowanie ukoäczone w 78%.Weryfikowanie ukoäczone w 79%.Weryfikowanie ukoäczone w 80%.Weryfikowanie ukoäczone w 80%.Weryfikowanie ukoäczone w 81%.Weryfikowanie ukoäczone w 81%.Weryfikowanie ukoäczone w 82%.Weryfikowanie ukoäczone w 83%.Weryfikowanie ukoäczone w 83%.Weryfikowanie ukoäczone w 84%.Weryfikowanie ukoäczone w 84%.Weryfikowanie ukoäczone w 85%.Weryfikowanie ukoäczone w 86%.Weryfikowanie ukoäczone w 86%.Weryfikowanie ukoäczone w 87%.Weryfikowanie ukoäczone w 88%.Weryfikowanie ukoäczone w 88%.Weryfikowanie ukoäczone w 89%.Weryfikowanie ukoäczone w 89%.Weryfikowanie ukoäczone w 90%.Weryfikowanie ukoäczone w 91%.Weryfikowanie ukoäczone w 91%.Weryfikowanie ukoäczone w 92%.Weryfikowanie ukoäczone w 92%.Weryfikowanie ukoäczone w 93%.Weryfikowanie ukoäczone w 94%.Weryfikowanie ukoäczone w 94%.Weryfikowanie ukoäczone w 95%.Weryfikowanie ukoäczone w 95%.Weryfikowanie ukoäczone w 96%.Weryfikowanie ukoäczone w 97%.Weryfikowanie ukoäczone w 97%.Weryfikowanie ukoäczone w 98%.Weryfikowanie ukoäczone w 99%.Weryfikowanie ukoäczone w 99%.Weryfikowanie ukoäczone w 100%.
 
 
Funkcja Ochrona zasob˘w systemu Windows nie znalaza naruszeä integralnoci.
 
 
========= Koniec  CMD: =========
 
 
========= DISM.exe /Online /Cleanup-image /Scanhealth =========
 
 
Wersja narz©dzia do obsugi obrazu wdraľania
i zarzĄdzania nim: 6.1.7601.24499
 
Wersja obrazu: 6.1.7601.24499
 
.....................................................................................................................................................................................................................................................................................................................................................................................................................Ukoäczono wykonywanie operacji scanhealth, sprawd« dzienniki w lokalizacji %windir%\logs\CBS\Checksur.log
 
Operacja ukoäczona pomylnie.
Checking System Update Readiness.
 
Binary Version 6.1.7601.24499
 
 
 
Summary:
 
 Found 98 errors
 
 Fixed 98 errors
 
  CSI F Mark Bad Type Total count: 90
 
  Fixed: CSI F Mark Bad Type.  Total count: 90
 
  CSI Missing Winning Component Key Total count: 8
 
  Fixed: CSI Missing Winning Component Key.  Total count: 8
 
Details are found in C:\Windows\Logs\CBS\CheckSUR.log
 
 
========= Koniec  CMD: =========
 
 
========= DISM.exe /Online /Cleanup-image /Restorehealth =========
 
 
Wersja narz©dzia do obsugi obrazu wdraľania
i zarzĄdzania nim: 6.1.7601.24499
 
Wersja obrazu: 6.1.7601.24499
 
 
BĄd: 87
 
Opcja restorehealth nie zostaa rozpoznana w tym kontekcie.
Wi©cej informacji moľna znale«† w pomocy.
 
Plik dziennika narz©dzia DISM moľna znale«† w folderze C:\Windows\Logs\DISM\dism.log
 
========= Koniec  CMD: =========
 
 
 
System wymagał restartu.
 
==== Koniec  Fixlog 17:25:07 ====

#5 nasdaq

nasdaq

  • Avatar image
  • Malware Response Team
  • 48,328 posts
  • OFFLINE
    •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:08:21 AM

Posted 29 December 2021 - 03:15 PM

Hi,

Let's reset these services.

Press the Windows key + r on your keyboard at the same time. This will open the RUN BOX.
Type Notepad and and click the OK key.
Please copy the entire contents of the code box below to the a new file.
 
start

Comment: All processes will be force closed, System Protection will be enabled
Comment: New Restore Point will be created, All network proxies will be removed
CloseProcesses:
SystemRestore: On
CreateRestorePoint:
RemoveProxy:

Comment: Resetting of services and maintenance.

cmd: pushd\windows\system32
cmd: net stop bits
cmd: net stop cryptSvc
cmd: net stop wuauserv
cmd: net stop msiserver
cmd: del /s /q C:\Windows\SoftwareDistribution\download\*.*
cmd: net start cryptSvc
cmd: net start bits
cmd: net start wuauserv
cmd: net start msiserver

StartBatch:
del /s /q "%userprofile%\AppData\Local\Google\Chrome\User Data\Default\Cache\*.*"
del /s /q "%userprofile%\AppData\Local\Microsoft\Edge\User Data\Default\Cache\*.*"

NETSH winsock reset catalog
NETSH int ipv4 reset reset.log
NETSH int ipv6 reset reset.log
ipconfig /release
ipconfig /renew
ipconfig /flushdns
ipconfig /registerdns
net start sdrsvc
net start vss
net start rpcss
net start eventsystem
net start mpsdrv
net start bfe
net start MpsSvc
net start winmgmt
netsh winhttp reset proxy
Bitsadmin /Reset /Allusers
cmd: winmgmt /verifyrepository

Endbatch:
cmd: netsh advfirewall reset
cmd: netsh advfirewall set allprofiles state ON

Reboot

End

Save the file as fixlist.txt in the same folder where the Farbar tool is running from.
The location is listed in the 3rd line of the Farbar log you have submitted.

Run FRST and click Fix only once and wait.

The tool will create a log (Fixlog.txt) please post it to your reply.
===

Please post the Fixlog.txt and let me know what problem persists.

p.s.
If the problem persists I suggest you check with the Experts in the Windows forum.
This is not caused by malware and they should be able to help better than I can.

Windows 7 Forum:
https://www.bleepingcomputer.com/forums/f/167/windows-7/

#6 michalp

michalp
  • Topic Starter

  • Avatar image
  • Members
  • 16 posts
  • OFFLINE
    •  
  • Local time:02:21 PM

Posted 30 December 2021 - 06:10 AM

I am sure it's malware. It persist on clean windows installation. I have it long time. I think it's uefi or graphic card malware because it survive windows reinstallation. It's undetected by any software i tried everything.


Edited by michalp, 30 December 2021 - 07:35 AM.

#7 nasdaq

nasdaq

  • Avatar image
  • Malware Response Team
  • 48,328 posts
  • OFFLINE
    •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:08:21 AM

Posted 30 December 2021 - 08:11 AM

Hi,

 

Well I'm not sure.

 

Please execute the last fix I suggested.

 

Post the Fixlog.txt and let me know what problem you are dealing with.


#8 michalp

michalp
  • Topic Starter

  • Avatar image
  • Members
  • 16 posts
  • OFFLINE
    •  
  • Local time:02:21 PM

Posted 30 December 2021 - 08:26 AM

Rezultat naprawy Farbar Recovery Scan Tool (x64) Wersja: 27-12-2021
Uruchomiony przez mind (30-12-2021 14:18:43) Run:2
Uruchomiony z C:\Users\mind\Desktop
Załadowane profile: mind
Tryb startu: Normal
==============================================
 
fixlist - zawartość:
*****************
start
 
Comment: All processes will be force closed, System Protection will be enabled
Comment: New Restore Point will be created, All network proxies will be removed
CloseProcesses:
SystemRestore: On
CreateRestorePoint:
RemoveProxy:
 
Comment: Resetting of services and maintenance.
 
cmd: pushd\windows\system32
cmd: net stop bits
cmd: net stop cryptSvc
cmd: net stop wuauserv
cmd: net stop msiserver
cmd: del /s /q C:\Windows\SoftwareDistribution\download\*.*
cmd: net start cryptSvc
cmd: net start bits
cmd: net start wuauserv
cmd: net start msiserver
 
StartBatch:
del /s /q "%userprofile%\AppData\Local\Google\Chrome\User Data\Default\Cache\*.*"
del /s /q "%userprofile%\AppData\Local\Microsoft\Edge\User Data\Default\Cache\*.*"
 
NETSH winsock reset catalog
NETSH int ipv4 reset reset.log
NETSH int ipv6 reset reset.log
ipconfig /release
ipconfig /renew
ipconfig /flushdns
ipconfig /registerdns
net start sdrsvc
net start vss
net start rpcss
net start eventsystem
net start mpsdrv
net start bfe
net start MpsSvc
net start winmgmt
netsh winhttp reset proxy
Bitsadmin /Reset /Allusers
cmd: winmgmt /verifyrepository
 
Endbatch:
cmd: netsh advfirewall reset
cmd: netsh advfirewall set allprofiles state ON
 
Reboot
 
End
*****************
 
Procesy zostały pomyślnie zamknięte.
SystemRestore: On => Błąd -> 6%
Punkt przywracania został pomyślnie utworzony.
 
========= RemoveProxy: =========
 
 
 
========= Koniec  RemoveProxy: =========
 
 
========= pushd\windows\system32 =========
 
 
========= Koniec  CMD: =========
 
 
========= net stop bits =========
 
Usuga Usuga inteligentnego transferu w tle jest wanie zatrzymywana.
Usuga Usuga inteligentnego transferu w tle zostaa zatrzymana pomylnie.
 
 
========= Koniec  CMD: =========
 
 
========= net stop cryptSvc =========
 
Usuga Usugi kryptograficzne jest wanie zatrzymywana..
Usuga Usugi kryptograficzne zostaa zatrzymana pomylnie.
 
 
========= Koniec  CMD: =========
 
 
========= net stop wuauserv =========
 
Usuga Windows Update jest wanie zatrzymywana.
Usuga Windows Update zostaa zatrzymana pomylnie.
 
 
========= Koniec  CMD: =========
 
 
========= net stop msiserver =========
 
Usuga Instalator Windows nie zostaa uruchomiona.
 
Dost©pne sĄ dalsze informacje Pomocy; aby je uzyska†, wpisz NET HELPMSG 3521.
 
 
========= Koniec  CMD: =========
 
 
========= del /s /q C:\Windows\SoftwareDistribution\download\*.* =========
 
Usunięty plik - C:\Windows\SoftwareDistribution\download\1be2e4bcd9a91828f4de9463540d7cd7b7c4a629
 
========= Koniec  CMD: =========
 
 
========= net start cryptSvc =========
 
Usuga Usugi kryptograficzne jest wanie uruchamiana.
Pomylnie uruchomiono usug© Usugi kryptograficzne.
 
 
========= Koniec  CMD: =========
 
 
========= net start bits =========
 
Usuga Usuga inteligentnego transferu w tle jest wanie uruchamiana.
Pomylnie uruchomiono usug© Usuga inteligentnego transferu w tle.
 
 
========= Koniec  CMD: =========
 
 
========= net start wuauserv =========
 
Usuga Windows Update jest wanie uruchamiana.
Pomylnie uruchomiono usug© Windows Update.
 
 
========= Koniec  CMD: =========
 
 
========= net start msiserver =========
 
Usuga Instalator Windows jest wanie uruchamiana.
Pomylnie uruchomiono usug© Instalator Windows.
 
 
========= Koniec  CMD: =========
 
 
========= Batch: =========
 
========= Koniec  Batch: =========
 
 
========= netsh advfirewall reset =========
 
Ok.
 
 
========= Koniec  CMD: =========
 
 
========= netsh advfirewall set allprofiles state ON =========
 
Ok.
 
 
========= Koniec  CMD: =========
 
Reboot => Błąd: Nie znaleziono automatycznej naprawy dla tego wejścia.
 
 
System wymagał restartu.
 
==== Koniec  Fixlog 14:19:38 ====
 
Same problems still.

#9 michalp

michalp
  • Topic Starter

  • Avatar image
  • Members
  • 16 posts
  • OFFLINE
    •  
  • Local time:02:21 PM

Posted 30 December 2021 - 08:28 AM

I used aswMBR and it show it one time but it don't detect it now.

 

aswMBR version 1.0.1.2290 Copyright© 2014 AVAST Software
Run date: 2016-07-22 13:49:24
-----------------------------
13:49:24.792    OS Version: Windows x64 6.1.7601 Service Pack 1
13:49:24.792    Number of processors: 4 586 0x3C03
13:49:24.792    ComputerName: PC-KOMPUTER  UserName: pc
13:49:25.540    Initialize success
13:49:25.540    VM: initialized successfully
13:49:25.540    VM: Intel CPU supported 
13:49:26.348    VM: disk I/O iaStorA.sys
13:49:28.656    Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\00000064
13:49:28.656    Disk 0 Vendor: WDC_____ 01.0 Size: 476940MB BusType: 11
13:49:28.858    Disk 0 MBR read error 0
13:49:28.858    Disk 0 MBR scan
13:49:28.858    Disk 0 unknown MBR code
13:49:28.858    MBR BIOS signature not found 0
13:49:29.342    Disk 0 scanning C:\Windows\system32\drivers
13:49:32.758    Service scanning
13:49:40.153    Modules scanning
13:49:40.153    Disk 0 trace - called modules:
13:49:40.184    ntoskrnl.exe CLASSPNP.SYS disk.sys iaStorF.sys storport.sys hal.dll iaStorA.sys 
13:49:40.200    1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa8009b05060]
13:49:40.200    3 CLASSPNP.SYS[fffff880013c243f] -> nt!IofCallDriver -> [0xfffffa800994fc50]
13:49:40.200    5 iaStorF.sys[fffff8800161cf84] -> nt!IofCallDriver -> \Device\00000064[0xfffffa80072bd9c0]
13:49:40.200    Disk 0 statistics 97674/0/0 @ 203,81 MB/s
13:49:40.200    Scan finished successfully
13:49:42.680    Disk 0 MBR fix error
13:49:50.012    Disk 0 MBR has been saved successfully to "C:\Users\pc\Desktop\MBR.dat"

#10 nasdaq

nasdaq

  • Avatar image
  • Malware Response Team
  • 48,328 posts
  • OFFLINE
    •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:08:21 AM

Posted 30 December 2021 - 03:02 PM

Hi,

 

Can you please run a scan with the Farbar program and post fresh logs for my review.


#11 michalp

michalp
  • Topic Starter

  • Avatar image
  • Members
  • 16 posts
  • OFFLINE
    •  
  • Local time:02:21 PM

Posted 31 December 2021 - 04:47 AM

Rezultaty skanowania Farbar Recovery Scan Tool (FRST) (x64) Wersja: 27-12-2021
Uruchomiony przez mind (administrator)  MIND-KOMPUTER (Gigabyte Technology Co., Ltd. G1.Sniper B6) (31-12-2021 10:38:56)
Uruchomiony z C:\Users\mind\Desktop
Załadowane profile: mind
Platform: Microsoft Windows 7 Professional  Service Pack 1 (X64) Język: Polski (Polska)
Domyślna przeglądarka: Chrome
Tryb startu: Normal
 
==================== Procesy (filtrowane) =================
 
(Załączenie wejścia w fixlist spowoduje zamknięcie procesu. Powiązany plik nie zostanie przeniesiony.)
 
() [Brak podpisu cyfrowego] C:\Program Files (x86)\Brother\Brmfcmon\BrMfcWnd.exe
() [Brak podpisu cyfrowego] C:\Program Files (x86)\Gigabyte\AppCenter\AdjustService.exe
(Adobe Inc. -> ) C:\Program Files (x86)\Adobe\Adobe Sync\CoreSync\CoreSync.exe
(Adobe Inc. -> Adobe Inc) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\IPCBox\AdobeIPCBroker.exe
(Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ADS\Adobe Desktop Service.exe
(Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe
(Adobe Inc. -> Adobe Inc.) C:\Program Files\Adobe\Adobe Creative Cloud\ACC\Creative Cloud Helper.exe
(Adobe Inc. -> Adobe Inc.) C:\Program Files\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe
(Adobe Inc. -> Adobe Inc.) C:\Program Files\Common Files\Adobe\Adobe Desktop Common\HEX\Adobe CEF Helper.exe <3>
(Adobe Inc. -> Adobe Systems Incorporated) C:\Program Files\Adobe\Adobe Creative Cloud Experience\CCXProcess.exe
(Adobe Inc. -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe
(Adobe Inc. -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
(AMD) [Brak podpisu cyfrowego] C:\Windows\System32\atieclxx.exe
(AMD) [Brak podpisu cyfrowego] C:\Windows\System32\atiesrxx.exe
(Autodesk, Inc. -> Autodesk Inc.) C:\Program Files (x86)\Autodesk\Autodesk Desktop App\AdAppMgrSvc.exe
(Autodesk, Inc. -> Autodesk) C:\Program Files (x86)\Autodesk\Autodesk Desktop App\AcWebBrowser\AcWebBrowser.exe <3>
(Autodesk, Inc. -> Autodesk) C:\Program Files (x86)\Common Files\Autodesk Shared\AdskLicensing\11.0.0.4854\AdskLicensingService\AdskLicensingService.exe
(Autodesk, Inc. -> Autodesk, Inc.) C:\Program Files (x86)\Autodesk\Autodesk Desktop App\AutodeskDesktopApp.exe
(Autodesk, Inc. -> Autodesk, Inc.) C:\Users\mind\AppData\Roaming\Autodesk\ADPSDK\bin\ADPClientService.exe
(Bitdefender SRL -> Bitdefender) C:\Program Files\Bitdefender Agent\25.0.1.194\DiscoverySrv.exe
(Bitdefender SRL -> Bitdefender) C:\Program Files\Bitdefender Agent\ProductAgentService.exe
(Bitdefender SRL -> Bitdefender) C:\Program Files\Bitdefender\Bitdefender Security\bdagent.exe
(Bitdefender SRL -> Bitdefender) C:\Program Files\Bitdefender\Bitdefender Security\bdntwrk.exe
(Bitdefender SRL -> Bitdefender) C:\Program Files\Bitdefender\Bitdefender Security\bdservicehost.exe <2>
(Bitdefender SRL -> Bitdefender) C:\Program Files\Bitdefender\Bitdefender Security\updatesrv.exe
(Bitdefender SRL -> Bitdefender) C:\Program Files\Bitdefender\Bitdefender VPN\bdvpnapp.exe
(Bitdefender SRL -> Bitdefender) C:\Program Files\Bitdefender\Bitdefender VPN\BdVpnService.exe
(Brother Industries, Ltd.) [Brak podpisu cyfrowego] C:\Program Files (x86)\Brother\Brmfcmon\BrMfcMon.exe
(Brother Industries, Ltd.) [Brak podpisu cyfrowego] C:\Program Files (x86)\Brother\ControlCenter3\BrccMCtl.exe
(Flexera Software LLC -> Flexera) C:\Program Files (x86)\Common Files\Macrovision Shared\FlexNet Publisher\FNPLicensingService.exe
(GIGA-BYTE TECHNOLOGY CO., LTD. -> ) C:\Program Files (x86)\Gigabyte\AmbientLED\LEDCtrl.exe
(GIGA-BYTE TECHNOLOGY CO., LTD. -> ) C:\Program Files (x86)\Gigabyte\AppCenter\ApCent.exe
(GOG Sp. z o.o. -> GOG.com) C:\ProgramData\GOG.com\Galaxy\redists\GalaxyCommunication.exe
(GOG Sp. z o.o. -> GOG.com) D:\Program Files (x86)\GOG Galaxy\GalaxyClient Helper.exe <2>
(GOG Sp. z o.o. -> GOG.com) D:\Program Files (x86)\GOG Galaxy\GalaxyClient.exe
(GOG Sp. z o.o. -> GOG.com) D:\Program Files (x86)\GOG Galaxy\GalaxyClientService.exe
(GOG Sp. z o.o. -> GOG.com) D:\Program Files (x86)\GOG Galaxy\GOG Galaxy Notifications Renderer.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.112\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.112\GoogleCrashHandler64.exe
(Intel Corporation - pGFX -> Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Intel Corporation - pGFX -> Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation - Software and Firmware Products -> Intel Corporation) C:\Program Files (x86)\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
(Intel Corporation -> Intel Corporation) C:\Windows\System32\IPROSetMonitor.exe
(Intel Corporation) [Brak podpisu cyfrowego] C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorIconLaunch.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\msiexec.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\PrintIsolationHost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
(Node.js Foundation -> Node.js) C:\Program Files\Adobe\Adobe Creative Cloud Experience\libs\node.exe
(Nvidia Corporation -> Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe <2>
(Razer USA Ltd. -> ) C:\Program Files (x86)\Razer\Synapse3\UserProcess\Razer Synapse Service Process.exe
(Razer USA Ltd. -> Razer Inc) C:\Program Files (x86)\Razer\Razer Services\GMS\GameManagerService.exe
(Razer USA Ltd. -> Razer Inc.) C:\Program Files (x86)\Razer Chroma SDK\bin\RzChromaStreamServer.exe
(Razer USA Ltd. -> Razer Inc.) C:\Program Files (x86)\Razer Chroma SDK\bin\RzSDKServer.exe
(Razer USA Ltd. -> Razer Inc.) C:\Program Files (x86)\Razer Chroma SDK\bin\RzSDKService.exe
(Razer USA Ltd. -> Razer Inc.) C:\Program Files (x86)\Razer\Razer Services\Razer Central\Razer Central.exe
(Razer USA Ltd. -> Razer Inc.) C:\Program Files (x86)\Razer\Razer Services\Razer Central\RazerCentralService.exe
(Razer USA Ltd. -> Razer Inc.) C:\Program Files (x86)\Razer\Synapse3\Service\Razer Synapse Service.exe
(Razer USA Ltd. -> Razer Inc.) C:\Program Files (x86)\Razer\Synapse3\WPFUI\Framework\Razer Synapse 3 Host\Razer Synapse 3.exe
(Razer USA Ltd. -> The CefSharp Authors) C:\Program Files (x86)\Razer\Razer Services\Razer Central\CefSharp.BrowserSubprocess.exe <2>
(Valve -> Valve Corporation) C:\Program Files (x86)\Razer\Razer Services\GMS\SteamCmd\steamerrorreporter.exe
(Valve Corp. -> Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
(Valve Corp. -> Valve Corporation) D:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe <7>
(Valve Corp. -> Valve Corporation) D:\Program Files (x86)\Steam\steam.exe
 
==================== Rejestr (filtrowane) ===================
 
(Załączenie wejścia w fixlist spowoduje usunięcie obiektu z rejestru lub przywrócenie jego domyślnej postaci. Powiązany plik nie zostanie przeniesiony.)
 
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe [322472 2015-06-23] (Intel Corporation - Rapid Storage Technology -> Intel Corporation)
HKLM\...\Run: [BdVpnApp] => C:\Program Files\Bitdefender\Bitdefender VPN\BdVpnApp.exe [261224 2021-10-04] (Bitdefender SRL -> Bitdefender)
HKLM\...\Run: [Bdagent] => C:\Program Files\Bitdefender\Bitdefender Security\bdagent.exe [580696 2021-12-24] (Bitdefender SRL -> Bitdefender)
HKLM\...\Run: [AdobeGCInvoker-1.0] => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [3325520 2020-05-05] (Adobe Inc. -> Adobe Systems, Incorporated)
HKLM-x32\...\Run: [USB3MON] => C:\Program Files (x86)\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [292848 2014-02-21] (Intel Corporation - Software and Firmware Products -> Intel Corporation)
HKLM-x32\...\Run: [ControlCenter3] => C:\Program Files (x86)\Brother\ControlCenter3\brctrcen.exe [114688 2008-12-24] (Brother Industries, Ltd.) [Brak podpisu cyfrowego]
HKLM-x32\...\Run: [BrMfcWnd] => C:\Program Files (x86)\Brother\Brmfcmon\BrMfcWnd.exe [1163264 2012-09-25] () [Brak podpisu cyfrowego]
HKLM-x32\...\Run: [Autodesk Genuine Service ] => C:\ProgramData\Autodesk\Genuine Service\x64\GenuineService.exe [2913648 2021-05-10] (Autodesk, Inc. -> Autodesk)
HKLM-x32\...\Run: [Autodesk Desktop App] => C:\Program Files (x86)\Autodesk\Autodesk Desktop App\AutodeskDesktopApp.exe [668376 2021-05-11] (Autodesk, Inc. -> Autodesk, Inc.)
HKLM-x32\...\Run: [Adobe Creative Cloud] => C:\Program Files\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2091064 2021-04-27] (Adobe Inc. -> Adobe Inc.)
HKLM-x32\...\Run: [Adobe CCXProcess] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud Experience\CCXProcess.exe [129288 2021-01-25] (Adobe Inc. -> )
HKLM-x32\...\RunOnce: [PreRun] => C:\Program Files (x86)\Gigabyte\AppCenter\PreRun.exe [8192 2013-04-29] () [Brak podpisu cyfrowego]
HKU\S-1-5-21-2337610357-331856407-1874907210-1000\...\Run: [Synapse3] => C:\Program Files (x86)\Razer\Synapse3\WPFUI\Framework\Razer Synapse 3 Host\Razer Synapse 3.exe [3524216 2021-12-09] (Razer USA Ltd. -> Razer Inc.)
HKU\S-1-5-21-2337610357-331856407-1874907210-1000\...\Run: [Steam] => D:\Program Files (x86)\Steam\steam.exe [4267432 2021-12-16] (Valve Corp. -> Valve Corporation)
HKU\S-1-5-21-2337610357-331856407-1874907210-1000\...\Run: [GogGalaxy] => D:\Program Files (x86)\GOG Galaxy\GalaxyClient.exe [13799776 2021-12-21] (GOG Sp. z o.o. -> GOG.com)
HKU\S-1-5-21-2337610357-331856407-1874907210-1000\...\Run: [CCXProcess] => C:\Program Files\Adobe\Adobe Creative Cloud Experience\CCXProcess.exe [677512 2020-09-01] (Adobe Inc. -> Adobe Systems Incorporated)
HKU\S-1-5-21-2337610357-331856407-1874907210-1000\...\MountPoints2: {b389304d-5011-11ea-b7e6-806e6f6e6963} - E:\setup.exe
HKU\S-1-5-18\...\Run: [Synapse3] => C:\Program Files (x86)\Razer\Synapse3\WPFUI\Framework\Razer Synapse 3 Host\Razer Synapse 3.exe [3524216 2021-12-09] (Razer USA Ltd. -> Razer Inc.)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\96.0.4664.110\Installer\chrmstp.exe [2021-12-14] (Google LLC -> Google LLC)
 
==================== Zaplanowane zadania (filtrowane) ============
 
(Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.)
 
Task: {01916669-F121-4039-912D-2256ADFB9CFC} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [649216 2021-12-08] (Nvidia Corporation -> NVIDIA Corporation)
Task: {049814ED-0A36-411D-A204-A6E92356C27A} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [3341312 2021-12-09] (Nvidia Corporation -> NVIDIA Corporation)
Task: {08A395C9-C55A-46FA-B2C7-87F97D48D0C5} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156968 2019-02-12] (Google Inc -> Google Inc.)
Task: {10515DD0-D3E3-4FE4-9B74-80750CA5FF8A} - System32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1650384 2021-12-08] (Nvidia Corporation -> NVIDIA Corporation)
Task: {352212C6-F27A-4B69-8DA3-0CA8EABB39E3} - System32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1650384 2021-12-08] (Nvidia Corporation -> NVIDIA Corporation)
Task: {4239AA3F-2538-4EDB-A845-4E8278DD6D32} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [904904 2021-12-08] (Nvidia Corporation -> NVIDIA Corporation)
Task: {5D5CD07F-40B7-456C-9415-BF23AF144404} - System32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1650384 2021-12-08] (Nvidia Corporation -> NVIDIA Corporation)
Task: {5E195D51-0929-4A35-84AD-164A7905E0A5} - System32\Tasks\Bitdefender Agent WatchDog_65D6944A0EF74FDAB96E31112AD39864 => C:\Program Files\Bitdefender Agent\25.0.1.194\WatchDog.exe [937064 2021-08-10] (Bitdefender SRL -> Bitdefender)
Task: {77EE1766-3668-46DB-AB76-713688B75877} - System32\Tasks\AdobeGCInvoker-1.0 => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [3325520 2020-05-05] (Adobe Inc. -> Adobe Systems, Incorporated)
Task: {8042E887-0264-4B10-B758-00CDC9101497} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [903024 2021-11-16] (NVIDIA Corporation -> NVIDIA Corporation) -> -d "C:\Program Files\NVIDIA Corporation\NvDriverUpdateCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerDriverUpdateCheck.log
Task: {89EA5894-D332-4415-B23E-E4DE3F51485E} - System32\Tasks\GoogleUpdateTaskMachineCore1d5feee64f278b6 => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156968 2019-02-12] (Google Inc -> Google Inc.)
Task: {B1C9F901-1F02-48F3-8CCD-6C13250810A1} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1562376 2021-08-16] (Adobe Inc. -> Adobe Inc.)
Task: {C67D83F2-008A-4672-AE55-5E4FD4C560E5} - System32\Tasks\Mozilla\Firefox Background Update 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\firefox.exe --MOZ_LOG sync,prependheader,timestamp,append,maxsize:1,Dump:5 --MOZ_LOG_FILE C:\ProgramData\Mozilla\updates\308046B0AF4A39CB\backgroundupdate.moz_log --backgroundtask backgroundupdate
Task: {E8C6FA8B-FA39-496C-A048-2BC7009D765D} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156968 2019-02-12] (Google Inc -> Google Inc.)
Task: {F8D54325-2DC7-4EE0-B1ED-608615BBF46B} - System32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1650384 2021-12-08] (Nvidia Corporation -> NVIDIA Corporation)
Task: {FE5FE8D5-829C-4F20-A042-B6E10FB0DE8F} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [904904 2021-12-08] (Nvidia Corporation -> NVIDIA Corporation)
 
(Załączenie wejścia w fixlist spowoduje przesunięcie pliku zadania (.job). Plik uruchamiany docelowo przez zadanie nie zostanie przeniesiony.)
 
Task: C:\Windows\Tasks\McAfee Remediation (Prepare).job => C:\Program Files\Common Files\AV\McAfee VirusScan\upgrade.exe
 
==================== Internet (filtrowane) ====================
 
(Załączenie wejścia w fixlist, w przypadku gdy jest to obiekt rejestru, spowoduje usunięcie go z rejestru lub przywrócenie jego domyślnej postaci.)
 
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 192.168.1.1
Tcpip\..\Interfaces\{6C911AF7-2843-47E8-8DF7-9F9D1ACE2CE2}: [DhcpNameServer] 192.168.1.1 192.168.1.1
Tcpip\..\Interfaces\{C746BE3D-6489-44C9-9F89-C5CBFC1F3043}: [DhcpNameServer] 192.168.1.1 192.168.1.1
 
Edge: 
=======
Edge DefaultProfile: Default
Edge Profile: C:\Users\mind\AppData\Local\Microsoft\Edge\User Data\Default [2021-12-26]
Edge HomePage: Default -> about:blank
 
FireFox:
========
FF DefaultProfile: mku9opac.default
FF ProfilePath: C:\Users\mind\AppData\Roaming\Mozilla\Firefox\Profiles\mku9opac.default [2021-12-30]
FF Notifications: Mozilla\Firefox\Profiles\mku9opac.default -> hxxps://poczta.interia.pl
FF HKLM\...\Firefox\Extensions: [bdwtwe@bitdefender.com] - C:\Program Files\Bitdefender\Bitdefender Security\bdwteff.xpi
FF Extension: (Bitdefender Wallet) - C:\Program Files\Bitdefender\Bitdefender Security\bdwteff.xpi [2021-08-16] [UpdateUrl:hxxps://download.bitdefender.com/windows/desktop/connect/wallet/updates.json ]
FF HKLM\...\Firefox\Extensions: [bdtbe@bitdefender.com] - C:\Program Files\Bitdefender\Bitdefender Security\bdtbef.xpi
FF Extension: (Bitdefender Anti-tracker) - C:\Program Files\Bitdefender\Bitdefender Security\bdtbef.xpi [2021-06-14] [UpdateUrl:hxxps://download.bitdefender.com/windows/desktop/connect/antitracker/updates.json ]
FF HKLM\...\Thunderbird\Extensions: [bdThunderbird@bitdefender.com] - C:\Program Files\Bitdefender\Bitdefender Security\bdtbext
FF Extension: (Bitdefender Antispam Toolbar) - C:\Program Files\Bitdefender\Bitdefender Security\bdtbext [2021-08-16] [Przestarzałe] [Brak podpisu cyfrowego]
FF HKLM-x32\...\Firefox\Extensions: [bdwtwe@bitdefender.com] - C:\Program Files\Bitdefender\Bitdefender Security\bdwteff.xpi
FF HKLM-x32\...\Firefox\Extensions: [bdtbe@bitdefender.com] - C:\Program Files\Bitdefender\Bitdefender Security\bdtbef.xpi
FF HKLM-x32\...\Thunderbird\Extensions: [bdThunderbird@bitdefender.com] - C:\Program Files\Bitdefender\Bitdefender Security\bdtbext
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [2021-04-27] (Adobe Inc. -> Adobe Systems)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2021-10-05] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [2021-04-27] (Adobe Inc. -> Adobe Systems)
FF ExtraCheck: C:\Program Files\mozilla firefox\defaults\pref\bd_js_config.js [2021-06-15] <==== UWAGA (Linkuje do pliku *.cfg)
FF ExtraCheck: C:\Program Files\mozilla firefox\bd_config.cfg [2021-06-15] <==== UWAGA
 
Chrome: 
=======
CHR Profile: C:\Users\mind\AppData\Local\Google\Chrome\User Data\Default [2021-12-30]
CHR Notifications: Default -> hxxps://bookmaster.com.pl; hxxps://designbundles.net; hxxps://fontbundles.net; hxxps://justentrepreneurship.com; hxxps://koszulkimichala1.cupsell.pl; hxxps://pizzahut.pl; hxxps://pl.pinterest.com; hxxps://pogoda.interia.pl; hxxps://www.autodesk.pl; hxxps://www.autoscout24.pl; hxxps://www.facebook.com; hxxps://www.faceit.com; hxxps://www.instagram.com; hxxps://www.komputronik.pl; hxxps://www.runmageddon.pl
CHR HomePage: Default -> hxxps://www.google.pl/
CHR StartupUrls: Default -> "hxxp://google.pl/"
CHR DefaultSearchURL: Default -> hxxps://pl.search.yahoo.com/search?fr=mcafee_uninternational&type=E211PL1485G0&p={searchTerms}
CHR DefaultSearchKeyword: Default -> mcafee
CHR Extension: (Bitdefender Wallet) - C:\Users\mind\AppData\Local\Google\Chrome\User Data\Default\Extensions\gannpgaobkkhmpomoijebaigcapoeebl [2021-06-14]
CHR Extension: (Bitdefender Anti-tracker) - C:\Users\mind\AppData\Local\Google\Chrome\User Data\Default\Extensions\khndhdhbebhaddchcgnalcjlaekbbeof [2021-06-14]
CHR Extension: (Płatności w sklepie Chrome Web Store) - C:\Users\mind\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-01-30]
CHR HKLM-x32\...\Chrome\Extension: [gannpgaobkkhmpomoijebaigcapoeebl]
CHR HKLM-x32\...\Chrome\Extension: [khndhdhbebhaddchcgnalcjlaekbbeof]
 
==================== Usługi (filtrowane) ===================
 
(Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.)
 
R2 AdAppMgrSvc; C:\Program Files (x86)\Autodesk\Autodesk Desktop App\AdAppMgrSvc.exe [1050920 2021-05-11] (Autodesk, Inc. -> Autodesk Inc.)
S3 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [169728 2021-08-16] (Adobe Inc. -> Adobe Inc.)
R2 AdobeUpdateService; C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe [844856 2021-04-27] (Adobe Inc. -> Adobe Inc.)
R2 AdskLicensingService; C:\Program Files (x86)\Common Files\Autodesk Shared\AdskLicensing\Current\AdskLicensingService\AdskLicensingService.exe [18673448 2020-11-17] (Autodesk, Inc. -> Autodesk)
S3 AfVpnService; C:\Program Files\Bitdefender\Bitdefender VPN\hydra.sdk.windows.service.exe [198256 2021-01-25] (Pango Inc. -> AnchorFree Inc.)
R2 AGMService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe [3673680 2020-05-05] (Adobe Inc. -> Adobe Systems, Incorporated)
R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [3406416 2020-05-05] (Adobe Inc. -> Adobe Systems, Incorporated)
R2 AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [203264 2009-08-18] (AMD) [Brak podpisu cyfrowego]
R2 BDAuxSrv; C:\Program Files\Bitdefender\Bitdefender Security\bdservicehost.exe [821896 2021-12-24] (Bitdefender SRL -> Bitdefender)
S2 bdredline; C:\Program Files\Common Files\Bitdefender\SetupInformation\Bitdefender RedLine\bdredline.exe [2195344 2018-03-22] (Bitdefender SRL -> Bitdefender)
S2 bdredline_agent; C:\Program Files\Bitdefender Agent\redline\bdredline.exe [1899112 2018-03-22] (Bitdefender SRL -> Bitdefender)
R2 BdVpnService; C:\Program Files\Bitdefender\Bitdefender VPN\bdvpnservice.exe [256616 2021-10-04] (Bitdefender SRL -> Bitdefender)
S4 clr_optimization_v2.0.50727_64; C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe [90776 2014-03-19] (Microsoft Corporation -> Microsoft Corporation)
S2 clr_optimization_v4.0.30319_64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [158912 2019-03-28] (Microsoft Dynamic Code Publisher -> Microsoft Corporation)
R2 gadjservice; C:\Program Files (x86)\Gigabyte\AppCenter\AdjustService.exe [16896 2015-04-14] () [Brak podpisu cyfrowego]
S3 GalaxyClientService; D:\Program Files (x86)\GOG Galaxy\GalaxyClientService.exe [1959776 2021-12-21] (GOG Sp. z o.o. -> GOG.com)
S3 GalaxyCommunication; C:\ProgramData\GOG.com\Galaxy\redists\GalaxyCommunication.exe [6484832 2021-09-30] (GOG Sp. z o.o. -> GOG.com)
R2 LEDCtrl; C:\Program Files (x86)\GIGABYTE\AmbientLED\LEDCtrl.exe [34624 2014-09-24] (GIGA-BYTE TECHNOLOGY CO., LTD. -> )
R2 ProductAgentService; C:\Program Files\Bitdefender Agent\ProductAgentService.exe [785512 2021-08-10] (Bitdefender SRL -> Bitdefender)
R2 Razer Chroma SDK Server; C:\Program Files (x86)\Razer Chroma SDK\bin\RzSDKServer.exe [1142808 2021-10-19] (Razer USA Ltd. -> Razer Inc.)
R2 Razer Chroma SDK Service; C:\Program Files (x86)\Razer Chroma SDK\bin\RzSDKService.exe [451608 2021-11-17] (Razer USA Ltd. -> Razer Inc.)
R2 Razer Chroma Stream Server; C:\Program Files (x86)\Razer Chroma SDK\bin\RzChromaStreamServer.exe [1347640 2021-10-19] (Razer USA Ltd. -> Razer Inc.)
R2 Razer Game Manager Service; C:\Program Files (x86)\Razer\Razer Services\GMS\GameManagerService.exe [254224 2021-10-19] (Razer USA Ltd. -> Razer Inc)
R2 Razer Synapse Service; C:\Program Files (x86)\Razer\Synapse3\Service\Razer Synapse Service.exe [294520 2021-12-09] (Razer USA Ltd. -> Razer Inc.)
R2 RzActionSvc; C:\Program Files (x86)\Razer\Razer Services\Razer Central\RazerCentralService.exe [533824 2021-10-21] (Razer USA Ltd. -> Razer Inc.)
R2 UPDATESRV; C:\Program Files\Bitdefender\Bitdefender Security\updatesrv.exe [284760 2021-12-24] (Bitdefender SRL -> Bitdefender)
R2 VSSERV; C:\Program Files\Bitdefender\Bitdefender Security\bdservicehost.exe [821896 2021-12-24] (Bitdefender SRL -> Bitdefender)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2016-03-25] (Microsoft Windows -> Microsoft Corporation)
 
===================== Sterowniki (filtrowane) ===================
 
(Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.)
 
R3 aftap0901; C:\Windows\System32\DRIVERS\aftap0901.sys [48624 2020-02-20] (AnchorFree Inc -> The OpenVPN Project)
R3 AmdTools64; C:\Windows\System32\DRIVERS\AmdTools64.sys [58216 2018-03-23] (Advanced Micro Devices Inc. -> Advanced Micro Devices)
R1 atc; C:\Windows\System32\DRIVERS\atc.sys [3864480 2021-12-15] (Microsoft Windows Hardware Compatibility Publisher -> Bitdefender S.R.L. Bucharest, ROMANIA)
S3 atikmdag; C:\Windows\System32\DRIVERS\atikmdag.sys [6037504 2009-08-18] (ATI Technologies Inc.) [Brak podpisu cyfrowego]
R2 BdDci; C:\Windows\System32\DRIVERS\bddci.sys [800672 2021-12-15] (Microsoft Windows Hardware Compatibility Publisher -> Bitdefender)
R0 bdprivmon; C:\Windows\System32\DRIVERS\bdprivmon.sys [32152 2021-12-15] (Microsoft Windows Hardware Compatibility Publisher -> © Bitdefender SRL)
S3 bduefiscan; C:\Windows\System32\DRIVERS\bduefiscan.sys [55864 2021-11-13] (Bitdefender SRL -> Bitdefender)
R1 BDVEDISK; C:\Windows\System32\DRIVERS\bdvedisk.sys [96616 2020-04-27] (Bitdefender SRL -> BitDefender)
R3 gdrv; C:\Windows\gdrv.sys [26192 2021-12-31] (Giga-Byte Technology -> Windows ® Server 2003 DDK provider)
S3 gdrv2; C:\Windows\gdrv2.sys [32600 2020-05-20] (GIGA-BYTE Technology Co., Ltd. -> GIGA-BYTE TECHNOLOGY CO., LTD.)
R1 Gemma; C:\Windows\System32\DRIVERS\gemma.sys [1188744 2021-12-15] (Microsoft Windows Hardware Compatibility Publisher -> BitDefender S.R.L. Bucharest, ROMANIA)
S3 hidkmdf; C:\Windows\System32\DRIVERS\hidkmdf.sys [26968 2018-11-09] (SteelSeries ApS -> Windows ® Win 7 DDK provider)
R2 Ignis; C:\Windows\System32\DRIVERS\ignis.sys [185312 2021-06-14] (Bitdefender SRL -> Bitdefender)
R3 NVHDA; C:\Windows\System32\drivers\nvhda64v.sys [129960 2021-06-09] (Microsoft Windows Hardware Compatibility Publisher -> NVIDIA Corporation)
R3 nvlddmkm; C:\Windows\System32\DRIVERS\nvlddmkm.sys [38200744 2021-06-09] (Microsoft Windows Hardware Compatibility Publisher -> NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [48552 2021-11-01] (Microsoft Windows Hardware Compatibility Publisher -> NVIDIA Corporation)
R3 R0RazerSynapseService; C:\Program Files (x86)\Razer\Synapse3\Service\Razer Synapse Service.sys [14544 2021-12-31] (Noriyuki MIYAZAKI -> OpenLibSys.org)
R3 RzCommon; C:\Windows\System32\DRIVERS\RzCommon.sys [52040 2021-03-30] (Razer USA Ltd. -> Razer Inc)
R3 RzDev_006c; C:\Windows\System32\DRIVERS\RzDev_006c.sys [50568 2020-08-25] (Razer USA Ltd. -> Razer Inc)
R3 RzDev_0306; C:\Windows\System32\DRIVERS\RzDev_0306.sys [50584 2020-08-25] (Razer USA Ltd. -> Razer Inc)
S3 ssdevfactory; C:\Windows\System32\DRIVERS\ssdevfactory.sys [46408 2018-11-09] (SteelSeries ApS -> SteelSeries ApS)
S3 sshid; C:\Windows\System32\DRIVERS\sshid.sys [46520 2018-11-09] (SteelSeries ApS -> SteelSeries ApS)
R0 trufos; C:\Windows\System32\DRIVERS\trufos.sys [623008 2021-12-15] (Microsoft Windows Hardware Compatibility Publisher -> Bitdefender)
R0 vlflt; C:\Windows\System32\DRIVERS\vlflt.sys [483728 2021-12-15] (Microsoft Windows Hardware Compatibility Publisher -> Bitdefender)
 
==================== NetSvcs (filtrowane) ===================
 
(Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.)
 
 
==================== Jeden miesiąc (utworzone) (filtrowane) =========
 
(Załączenie wejścia w fixlist spowoduje przeniesienie pliku/folderu.)
 
2021-12-30 18:47 - 2021-12-30 18:47 - 000223908 _____ C:\TDSSKiller.3.1.0.28_30.12.2021_18.47.15_log.txt
2021-12-30 18:46 - 2021-12-30 18:46 - 005054744 _____ (AO Kaspersky Lab) C:\Users\mind\Downloads\tdsskiller (1).exe
2021-12-30 18:07 - 2021-12-30 18:07 - 008388608 _____ C:\Users\mind\Desktop\bios.bin
2021-12-29 17:15 - 2021-12-30 14:20 - 000004196 _____ C:\Users\mind\Desktop\Fixlog.txt
2021-12-28 19:54 - 2021-12-28 19:58 - 000048045 _____ C:\Users\mind\Desktop\Addition.txt
2021-12-28 19:52 - 2021-12-31 10:39 - 000027760 _____ C:\Users\mind\Desktop\FRST.txt
2021-12-28 19:51 - 2021-12-31 10:39 - 000000000 ____D C:\FRST
2021-12-28 19:51 - 2021-12-28 19:51 - 002311168 _____ (Farbar) C:\Users\mind\Desktop\FRST64.exe
2021-12-28 18:54 - 2021-12-28 18:54 - 005200384 _____ (AVAST Software) C:\Users\mind\Desktop\aswmbr.exe
2021-12-28 18:52 - 2021-12-28 18:52 - 000234272 _____ (AVAST Software) C:\Users\mind\Downloads\avast_free_antivirus_setup_online.exe
2021-12-28 17:33 - 2021-12-28 17:33 - 002650810 _____ C:\Users\mind\Downloads\ProcessExplorer (1).zip
2021-12-28 17:33 - 2021-12-28 17:33 - 000000000 ____D C:\Users\mind\Desktop\ProcessExplorer (1)
2021-12-28 17:31 - 2021-12-28 17:31 - 003411895 _____ C:\Users\mind\Downloads\ProcessMonitor.zip
2021-12-25 13:09 - 2021-11-01 04:00 - 000048552 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvvad64v.sys
2021-12-23 13:23 - 2021-12-23 13:23 - 000000784 _____ C:\Users\mind\Desktop\Easy GIF Animator.lnk
2021-12-23 13:22 - 2021-12-23 13:23 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Easy GIF Animator
2021-12-23 13:22 - 2021-12-23 13:22 - 024250200 _____ (Karlis Blumentals ) C:\Users\mind\Downloads\egifan7.exe
2021-12-22 21:30 - 2021-12-23 13:35 - 000000000 ____D C:\Users\mind\Desktop\render
2021-12-22 20:29 - 2021-12-22 21:20 - 012219392 _____ C:\Users\mind\Desktop\mp.avi
2021-12-22 12:18 - 2021-12-23 16:10 - 000888832 _____ C:\Users\mind\Desktop\mp.max
2021-12-22 12:18 - 2021-12-22 12:18 - 000000000 ____D C:\ProgramData\Reprise
2021-12-22 12:10 - 2021-12-22 12:10 - 000010688 _____ C:\Users\mind\Desktop\av.cdr
2021-12-20 14:26 - 2021-12-20 13:37 - 000014391 _____ C:\Users\mind\Desktop\Kopia_zapasowa_ans.cdr
2021-12-20 13:37 - 2021-12-20 14:26 - 000014547 _____ C:\Users\mind\Desktop\ans.cdr
2021-12-20 12:19 - 2021-12-20 21:25 - 000000000 ____D C:\Program Files\Mozilla Firefox
2021-12-11 19:07 - 2021-12-11 19:03 - 000008092 _____ C:\Users\mind\Desktop\Kopia_zapasowa_s.cdr
2021-12-11 19:03 - 2021-12-11 19:07 - 000008232 _____ C:\Users\mind\Desktop\s.cdr
2021-12-07 13:35 - 2021-12-13 14:30 - 000013027 _____ C:\Users\mind\Desktop\Kopia_zapasowa_bd.cdr
2021-12-07 13:28 - 2021-12-13 16:02 - 000013162 _____ C:\Users\mind\Desktop\bd.cdr
2021-12-06 14:14 - 2021-12-06 14:14 - 000010023 _____ C:\Users\mind\Desktop\bb.cdr
2021-12-02 04:47 - 2021-12-02 04:47 - 000190032 _____ (Razer Inc.) C:\Windows\system32\RzChromaConnectAPI64.dll
2021-12-02 04:47 - 2021-12-02 04:47 - 000168544 _____ (Razer Inc.) C:\Windows\system32\RzChromaBroadcastManager64.dll
2021-12-02 04:47 - 2021-12-02 04:47 - 000154192 _____ (Razer Inc.) C:\Windows\SysWOW64\RzChromaConnectAPI.dll
2021-12-02 04:47 - 2021-12-02 04:47 - 000135264 _____ (Razer Inc.) C:\Windows\SysWOW64\RzChromaBroadcastManager.dll
2021-12-02 04:47 - 2021-12-02 04:47 - 000044632 _____ (Razer Inc.) C:\Windows\system32\RzChromaBroadcastAPI64.dll
2021-12-02 04:47 - 2021-12-02 04:47 - 000035928 _____ (Razer Inc.) C:\Windows\SysWOW64\RzChromaBroadcastAPI.dll
 
==================== Jeden miesiąc (zmodyfikowane) ==================
 
(Załączenie wejścia w fixlist spowoduje przeniesienie pliku/folderu.)
 
2021-12-31 10:38 - 2021-06-14 18:41 - 000003692 _____ C:\Windows\system32\Tasks\Bitdefender Agent WatchDog_65D6944A0EF74FDAB96E31112AD39864
2021-12-31 10:38 - 2019-05-12 19:08 - 000000000 ____D C:\ProgramData\Autodesk
2021-12-31 10:38 - 2019-02-25 16:43 - 000026192 _____ (Windows ® Server 2003 DDK provider) C:\Windows\gdrv.sys
2021-12-31 10:38 - 2019-02-12 16:20 - 000000000 __SHD C:\Users\mind\IntelGraphicsProfiles
2021-12-31 10:37 - 2019-09-10 15:47 - 000000000 ____D C:\ProgramData\NVIDIA
2021-12-31 10:36 - 2019-02-12 13:28 - 000000000 ____D C:\Program Files (x86)\Google
2021-12-31 10:36 - 2009-07-14 06:08 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2021-12-30 20:20 - 2019-02-12 13:23 - 000003982 _____ C:\Windows\system32\Tasks\User_Feed_Synchronization-{0B92B796-A443-4894-83BE-EDDD2B9BE0EF}
2021-12-30 18:08 - 2009-07-14 05:45 - 000042256 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2021-12-30 18:08 - 2009-07-14 05:45 - 000042256 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2021-12-30 18:05 - 2011-04-12 14:21 - 000709540 _____ C:\Windows\system32\perfh015.dat
2021-12-30 18:05 - 2011-04-12 14:21 - 000143272 _____ C:\Windows\system32\perfc015.dat
2021-12-30 18:05 - 2009-07-14 06:13 - 001586088 _____ C:\Windows\system32\PerfStringBackup.INI
2021-12-30 18:05 - 2009-07-14 04:20 - 000000000 ____D C:\Windows\inf
2021-12-30 17:53 - 2019-05-20 10:11 - 000000000 ____D C:\Users\mind\AppData\LocalLow\Mozilla
2021-12-30 17:46 - 2019-05-20 10:11 - 000000000 ____D C:\ProgramData\Mozilla
2021-12-30 16:02 - 2019-09-10 15:50 - 000000000 ____D C:\Users\mind\AppData\Local\CrashDumps
2021-12-29 17:15 - 2021-10-17 10:56 - 000000000 ____D C:\Windows\system32\Tasks\Mozilla
2021-12-28 17:37 - 2019-02-27 21:18 - 000000000 ____D C:\Program Files\McAfee
2021-12-28 17:30 - 2019-03-02 17:57 - 000000000 ____D C:\ProgramData\McAfee
2021-12-28 16:03 - 2019-02-12 14:31 - 137938848 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2021-12-27 15:59 - 2019-05-29 17:26 - 000000000 ____D C:\Users\mind\AppData\Roaming\TS3Client
2021-12-25 13:10 - 2019-09-10 15:49 - 000003798 _____ C:\Windows\system32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2021-12-25 13:10 - 2019-09-10 15:49 - 000003790 _____ C:\Windows\system32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2021-12-25 13:10 - 2019-09-10 15:45 - 000000000 ____D C:\ProgramData\NVIDIA Corporation
2021-12-25 13:09 - 2019-09-11 12:47 - 000003704 _____ C:\Windows\system32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2021-12-25 13:09 - 2019-09-11 12:47 - 000003704 _____ C:\Windows\system32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2021-12-25 13:09 - 2019-09-11 12:47 - 000003704 _____ C:\Windows\system32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2021-12-25 13:09 - 2019-09-11 12:47 - 000003704 _____ C:\Windows\system32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2021-12-25 13:09 - 2019-09-11 12:19 - 000000000 ____D C:\Users\mind\AppData\Local\NVIDIA Corporation
2021-12-25 13:09 - 2019-09-10 15:48 - 000004146 _____ C:\Windows\system32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2021-12-25 13:09 - 2019-09-10 15:48 - 000003738 _____ C:\Windows\system32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2021-12-25 13:09 - 2019-09-10 15:48 - 000003494 _____ C:\Windows\system32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2021-12-25 13:09 - 2019-09-10 15:46 - 000000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2021-12-25 13:09 - 2019-09-10 15:44 - 000000000 ____D C:\Program Files\NVIDIA Corporation
2021-12-25 11:21 - 2019-02-14 17:58 - 000000000 ____D C:\Windows\Minidump
2021-12-25 11:12 - 2021-11-06 13:43 - 000668610 ____N C:\Windows\Minidump\122521-9906-01.dmp
2021-12-23 16:10 - 2021-04-27 10:57 - 000000000 ____D C:\Users\mind\AppData\Roaming\substancelinkopentcp
2021-12-23 16:10 - 2021-04-27 10:56 - 000000000 ____D C:\Users\mind\Documents\3ds Max 2022
2021-12-23 10:59 - 2009-07-14 05:45 - 001421296 _____ C:\Windows\system32\FNTCACHE.DAT
2021-12-22 12:11 - 2019-02-12 13:28 - 000149600 _____ C:\Users\mind\AppData\Local\GDIPFONTCACHEV1.DAT
2021-12-20 21:25 - 2019-05-20 10:11 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2021-12-19 12:45 - 2020-06-30 13:13 - 000002233 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2021-12-19 12:45 - 2020-06-30 13:13 - 000002192 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk
2021-12-17 12:23 - 2020-01-11 13:46 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Razer
2021-12-17 12:22 - 2020-01-11 13:43 - 000000000 ____D C:\Program Files (x86)\Razer Chroma SDK
2021-12-15 16:28 - 2021-06-14 18:45 - 003864480 _____ (Bitdefender S.R.L. Bucharest, ROMANIA) C:\Windows\system32\Drivers\atc.sys
2021-12-15 16:28 - 2021-06-14 18:45 - 000800672 _____ (Bitdefender) C:\Windows\system32\Drivers\bddci.sys
2021-12-15 16:28 - 2021-06-14 18:45 - 000032152 _____ (© Bitdefender SRL) C:\Windows\system32\Drivers\bdprivmon.sys
2021-12-15 16:27 - 2021-11-13 11:20 - 000483728 _____ (Bitdefender) C:\Windows\system32\Drivers\vlflt.sys
2021-12-15 16:27 - 2021-06-14 18:45 - 001188744 _____ (BitDefender S.R.L. Bucharest, ROMANIA) C:\Windows\system32\Drivers\gemma.sys
2021-12-15 16:27 - 2021-06-14 18:44 - 000623008 _____ (Bitdefender) C:\Windows\system32\Drivers\trufos.sys
2021-12-14 11:50 - 2019-02-12 13:29 - 000002230 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2021-12-09 11:05 - 2020-08-24 09:12 - 000003282 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore1d6583116adfd0a
2021-12-09 11:05 - 2020-06-30 13:12 - 000003410 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2021-12-08 08:19 - 2019-09-10 15:49 - 002851840 _____ (NVIDIA Corporation) C:\Windows\system32\nvspcap64.dll
2021-12-08 08:19 - 2019-09-10 15:49 - 002197504 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspcap.dll
2021-12-08 08:19 - 2019-09-10 15:49 - 001294024 _____ (NVIDIA Corporation) C:\Windows\system32\NvRtmpStreamer64.dll
2021-12-06 14:20 - 2020-11-18 22:02 - 000000000 ____D C:\Users\mind\Desktop\projekty
 
==================== Pliki w katalogu głównym wybranych folderów ========
 
2019-02-23 18:07 - 2021-01-23 14:08 - 000000040 _____ () C:\Users\mind\AppData\Roaming\cdr.ini
2019-03-02 17:57 - 2019-03-02 18:14 - 000000049 _____ () C:\Users\mind\AppData\Roaming\MCVi2UserDetail.ini
2019-04-21 14:01 - 2019-06-04 12:36 - 000010240 _____ () C:\Users\mind\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2019-02-12 17:12 - 2019-02-12 17:12 - 000000410 _____ () C:\Users\mind\AppData\Local\oobelibMkey.log
2021-05-15 14:40 - 2021-05-15 14:40 - 000000774 _____ () C:\Users\mind\AppData\Local\recently-used.xbel
2019-02-23 14:12 - 2019-02-23 14:12 - 000000000 _____ () C:\Users\mind\AppData\Local\{8873CD02-B275-4947-BEC2-3D17C6D2C236}
 
==================== SigCheck ============================
 
(Brak automatycznej naprawy dla plików które nie przeszły weryfikacji.)
 
 
LastRegBack: 2021-12-28 21:07
==================== Koniec  FRST.txt ========================

Rezultaty skanu uzupełniającego Farbar Recovery Scan Tool (x64) Wersja: 27-12-2021
Uruchomiony przez mind (31-12-2021 10:41:21)
Uruchomiony z C:\Users\mind\Desktop
Microsoft Windows 7 Professional  Service Pack 1 (X64) (2019-02-12 12:19:48)
Tryb startu: Normal
==========================================================
 
 
==================== Konta użytkowników: =============================
 
 
(Załączenie wejścia w fixlist spowoduje jego usunięcie.)
 
Administrator (S-1-5-21-2337610357-331856407-1874907210-500 - Administrator - Disabled)
Gość (S-1-5-21-2337610357-331856407-1874907210-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-2337610357-331856407-1874907210-1002 - Limited - Enabled)
mind (S-1-5-21-2337610357-331856407-1874907210-1000 - Administrator - Enabled) => C:\Users\mind
 
==================== Centrum zabezpieczeń ========================
 
(Załączenie wejścia w fixlist spowoduje jego usunięcie.)
 
AV: Bitdefender Antywirus (Enabled - Up to date) {BAD274F4-FA00-8560-1CDE-6C830442BEFA}
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Bitdefender Moduł Antyspyware (Enabled - Up to date) {01B39510-DC3A-8AEE-266E-57F17FC5F447}
FW: Bitdefender Zapora Sieciowa (Enabled) {82E9F5D1-B06F-8438-3781-C5B6FA91F981}
 
==================== Zainstalowane programy ======================
 
(W fixlist dozwolone tylko załączanie programów adware z flagą "Hidden" w celu ich uwidocznienia. Programy adware powinny zostać w poprawny sposób odinstalowane.)
 
@BIOS B15.0630.1 (HKLM-x32\...\{C9D46F25-5F9D-4E25-B24F-BC00E9EDF529}) (Version: 3.00.0000 - GIGABYTE) Hidden
@BIOS B15.0630.1 (HKLM-x32\...\InstallShield_{C9D46F25-5F9D-4E25-B24F-BC00E9EDF529}) (Version: 3.00.0000 - GIGABYTE)
Adobe Acrobat Reader DC - Polish (HKLM-x32\...\{AC76BA86-7AD7-1045-7B44-AC0F074E4100}) (Version: 21.007.20099 - Adobe Systems Incorporated)
Adobe Creative Cloud (HKLM-x32\...\Adobe Creative Cloud) (Version: 5.2.1.441 - Adobe Inc.)
Adobe Photoshop 2020 (HKLM-x32\...\PHSP_21_2_9) (Version: 21.2.9.67 - Adobe Inc.)
AmbientLED B15.0520.1 (HKLM-x32\...\{31D031E2-A5CC-47F2-BAAD-13B4494E8077}) (Version: 1.00.0000 - GIGABYTE) Hidden
AmbientLED B15.0520.1 (HKLM-x32\...\InstallShield_{31D031E2-A5CC-47F2-BAAD-13B4494E8077}) (Version: 1.00.0000 - GIGABYTE)
Aplikacja na pulpit firmy Autodesk (HKLM-x32\...\Autodesk Desktop App) (Version: 8.2.0.34 - Autodesk)
APP Center (HKLM-x32\...\{F3D47276-0E35-42CF-A677-B45118470E21}) (Version: 1.17.0801 - Gigabyte) Hidden
APP Center (HKLM-x32\...\InstallShield_{F3D47276-0E35-42CF-A677-B45118470E21}) (Version: 1.17.0801 - Gigabyte)
Audacity 2.3.2 (HKLM-x32\...\Audacity_is1) (Version: 2.3.2 - Audacity Team)
Autodesk 3ds Max 2022 (HKLM\...\{5AA8C753-7FE4-40A6-A253-6DC5605544D9}) (Version: 24.0.0.923 - Autodesk) Hidden
Autodesk 3ds Max 2022 (HKLM\...\{B2EF7E27-4824-3656-A115-BFF401F11F7C}) (Version: 24.0.0.923 - Autodesk, Inc.)
Autodesk 3ds Max 2022 CivilView 2022 1.0.0+0 64-bit (HKLM\...\{2421114A-05BF-4789-8175-102FCE8433F3}) (Version: 1.0.0 - Autodesk) Hidden
Autodesk Advanced Material Library Base Resolution Image Library 2022 (HKLM-x32\...\{7E78B513-B354-4833-8897-3ED5C515D30F}) (Version: 20.3.7.0 - Autodesk)
Autodesk Advanced Material Library Low Resolution Image Library 2022 (HKLM-x32\...\{EEAD8CC3-B6B7-4D4B-AF0D-4BBD3D93D67C}) (Version: 20.3.7.0 - Autodesk)
Autodesk Advanced Material Library Medium Resolution Image Library 2022 (HKLM-x32\...\{493ACC3C-3ABF-4CBB-8F6E-E4433090A589}) (Version: 20.3.7.0 - Autodesk)
Autodesk Genuine Service (HKLM\...\{1C5DB7B1-CE18-438C-B071-3AD6B8ADA5A0}) (Version: 4.4.0.85 - Autodesk)
Autodesk Inventor Server Engine for 3ds Max 2022 (HKLM\...\{327AB7C3-73CE-45F3-86DA-113D2AFB18A1}) (Version: 24.0 - Autodesk) Hidden
Autodesk Material Library 2022 (HKLM-x32\...\{A9221A68-5AD0-4215-B54F-CB5DBA4FB27C}) (Version: 20.3.7.0 - Autodesk)
Autodesk Material Library Base Resolution Image Library 2022 (HKLM-x32\...\{6256584F-B04B-41D4-8A59-44E70940C473}) (Version: 20.3.7.0 - Autodesk)
Autodesk Material Library Medium Resolution Image Library 2022 (HKLM-x32\...\{8300AA3F-6ADF-4233-A1FB-73B1894102F0}) (Version: 20.3.7.0 - Autodesk)
Autodesk Revit Engine 2022 (HKLM\...\{DA6E3B72-3088-2022-9993-45D9FF1AD8D0}) (Version: 22.0.1.367 - Autodesk) Hidden
Autodesk Revit Unit Schemas 2022 (HKLM\...\{CDCC6F31-2022-4900-8E9B-D562B70697B6}) (Version: 22.0.1.367 - Autodesk)
Autodesk Single Sign On Component (HKLM\...\{B9F5BDED-021C-4926-8518-4FA7114B7040}) (Version: 12.3.3.1803 - Autodesk)
Bitdefender Agent (HKLM\...\Bitdefender Agent) (Version: 25.0.1.194 - Bitdefender)
Bitdefender Total Security (HKLM\...\Bitdefender) (Version: 24.0.26.138 - Bitdefender)
Bitdefender VPN (HKLM\...\Bitdefender VPN) (Version: 25.4.4.44 - Bitdefender)
Brother MFL-Pro Suite DCP-195C (HKLM-x32\...\{6BF66AED-3EA4-4106-B240-5CE96C9B76B0}) (Version: 2.0.0.0 - Brother Industries, Ltd.)
CDBurnerXP (HKLM-x32\...\{7E265513-8CDA-4631-B696-F40D983F3B07}_is1) (Version: 4.5.8.7128 - CDBurnerXP)
CodeBlocks (HKU\S-1-5-21-2337610357-331856407-1874907210-1000\...\CodeBlocks) (Version: 17.12 - The Code::Blocks Team)
Corel Shell Extension - 64Bit (HKLM\...\{7F05E704-30A6-421A-97A7-8EEB1C7FF011}) (Version: 14.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X4 - Capture (HKLM-x32\...\{7F05E704-30A6-421A-97A7-8EEB1C7FF012}) (Version: 14.2 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X4 - Content (HKLM-x32\...\{7F05E704-30A6-421A-97A7-8EEB1C7FF016}) (Version: 14.2 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X4 - Draw (HKLM-x32\...\{7F05E704-30A6-421A-97A7-8EEB1C7FF013}) (Version: 14.2 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X4 - Extra Content (HKLM-x32\...\{80FDAE30-CDB6-4015-AFC7-86A762A5AD9B}) (Version: 14.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X4 - Filters (HKLM-x32\...\{7F05E704-30A6-421A-97A7-8EEB1C7FF017}) (Version: 14.2 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X4 - FontNav (HKLM-x32\...\{7F05E704-30A6-421A-97A7-8EEB1C7FF019}) (Version: 14.2 - Corel Corporation) Hidden
CorelDRAW Graphics SUite X4 - ICA (HKLM-x32\...\{7F05E704-30A6-421A-97A7-8EEB1C7FF010}) (Version: 14.2 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X4 - IPM (HKLM-x32\...\{9D0798D0-AF6C-4E62-94B1-AEBF1A43E00A}) (Version: 14.2 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X4 - Lang BR (HKLM-x32\...\{1A9DAB4D-46CD-4CBF-A9FC-28D8AA8D2FCF}) (Version: 14.2 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X4 - Lang CZ (HKLM-x32\...\{FFFE7261-2318-4227-B827-E9E05E16DFE5}) (Version: 14.2 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X4 - Lang DE (HKLM-x32\...\{AEFBAC58-2DDD-4CEF-BDFD-52A5A5F432ED}) (Version: 14.2 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X4 - Lang EN (HKLM-x32\...\{7F05E704-30A6-421A-97A7-8EEB1C7FF100}) (Version: 14.2 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X4 - Lang ES (HKLM-x32\...\{D2827848-7D2A-4547-9AD1-C965FB3E6344}) (Version: 14.2 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X4 - Lang FR (HKLM-x32\...\{9D306690-3173-42CD-94C6-9EF9318AF24B}) (Version: 14.2 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X4 - Lang IT (HKLM-x32\...\{D0160DD3-6F62-4F1E-B999-6C68D3AE7390}) (Version: 14.2 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X4 - Lang NL (HKLM-x32\...\{A6C27FFF-75EF-4B5B-A64E-F9E128994908}) (Version: 14.2 - Uw bedrijfsnaam) Hidden
CorelDRAW Graphics Suite X4 - Lang PL (HKLM-x32\...\{6834B8AE-D23B-4B26-A919-6515844CF2BA}) (Version: 14.2 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X4 - Lang SU (HKLM-x32\...\{40FC81EA-21F7-44FB-A6F2-A4D6328F4C4F}) (Version: 14.2 - Yrityksen nimi) Hidden
CorelDRAW Graphics Suite X4 - Lang SV (HKLM-x32\...\{9CDA415B-974B-4384-8CA6-9327D5B4270B}) (Version: 14.2 - Ditt företagsnamn) Hidden
CorelDRAW Graphics Suite X4 - PP (HKLM-x32\...\{7F05E704-30A6-421A-97A7-8EEB1C7FF014}) (Version: 14.2 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X4 - VBA (HKLM-x32\...\{BF439B41-0252-48DE-8B8B-0430CB26A181}) (Version: 14.2 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X4 (HKLM-x32\...\{7F05E704-30A6-421A-97A7-8EEB1C7FF000}) (Version: 14.2 - Corel Corporation) Hidden
CorelDRAW® Graphics Suite X4 - Extra Content (HKLM-x32\...\_{80FDAE30-CDB6-4015-AFC7-86A762A5AD9B}) (Version:  - Corel Corporation)
CorelDRAW® Graphics Suite X4 - Windows Shell Extension (HKLM-x32\...\_{CE2DA11A-917F-4CF5-AB55-755EC115DD10}) (Version:  - Corel Corporation)
CorelDRAW® Graphics Suite X4 - Windows Shell Extension (HKLM-x32\...\{CE2DA11A-917F-4CF5-AB55-755EC115DD10}) (Version: 1.1 - Corel Corporation) Hidden
CorelDRAW® Graphics Suite X4 (HKLM-x32\...\_{7F05E704-30A6-421A-97A7-8EEB1C7FF010}) (Version:  - Corel Corporation)
CPUID CPU-Z 1.94 (HKLM\...\CPUID CPU-Z_is1) (Version: 1.94 - CPUID, Inc.)
Discord (HKU\S-1-5-21-2337610357-331856407-1874907210-1000\...\Discord) (Version: 0.0.310 - Discord Inc.)
Easy GIF Animator 7.3 (HKLM-x32\...\Easy GIF Animator_is1) (Version: 7.0 - Karlis Blumentals)
Free CD to MP3 Converter (HKLM-x32\...\Free CD to MP3 Converter) (Version:  - Eusing Software)
GOG GALAXY (HKLM-x32\...\{7258BA11-600C-430E-A759-27E2C691A335}_is1) (Version:  - GOG.com)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 96.0.4664.110 - Google LLC)
Inkscape (HKLM-x32\...\Inkscape) (Version: 1.0.2--2 - Inkscape)
Intel® Network Connections 18.8.136.0 (HKLM\...\PROSetDX) (Version: 18.8.136.0 - Intel)
Intel® Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.14.4264 - Intel Corporation)
Intel® Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 14.5.0.1081 - Intel Corporation)
Intel® USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 3.0.0.16 - Intel Corporation)
Kingston SSD Manager version 1.1.2.5 (HKLM-x32\...\{9A5DD901-0B98-4F2B-9421-B5975014184F}_is1) (Version: 1.1.2.5 - Kingston Digital, Inc)
Mafia (HKLM-x32\...\Mafia_is1) (Version:  - )
Microsoft .NET Framework 4.8 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.8.03761 - Microsoft Corporation)
Microsoft .NET Framework 4.8 (Polski) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1045) (Version: 4.8.03761 - Microsoft Corporation)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 96.0.1054.62 - Microsoft Corporation)
Microsoft SQL Server 2014 Express LocalDB  (HKLM\...\{BAF67399-85CD-4555-9B49-1F80EB921C35}) (Version: 12.3.6024.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40660 (HKLM-x32\...\{ef6b00ec-13e1-4c25-9064-b2f383cb8412}) (Version: 12.0.40660.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.40660 (HKLM-x32\...\{61087a79-ac85-455c-934d-1fa22cc64f36}) (Version: 12.0.40660.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x64) - 14.28.29334 (HKLM-x32\...\{a9cfe9c7-e54f-46cd-9c5c-542ff8e3e8c4}) (Version: 14.28.29334.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x86) - 14.28.29914 (HKLM-x32\...\{1b5476d9-ab8e-4b0d-b004-059a1bd5568b}) (Version: 14.28.29914.0 - Microsoft Corporation)
Mozilla Firefox (x64 pl) (HKLM\...\Mozilla Firefox 95.0.2 (x64 pl)) (Version: 95.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 66.0.5 - Mozilla)
Notepad++ (64-bit x64) (HKLM\...\Notepad++) (Version: 7.9.5 - Notepad++ Team)
NVIDIA GeForce Experience 3.24.0.126 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.24.0.126 - NVIDIA Corporation)
NVIDIA Oprogramowanie systemu PhysX 9.19.0218 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.19.0218 - NVIDIA Corporation)
NVIDIA Sterownik dźwięku HD 1.3.38.60 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.38.60 - NVIDIA Corporation)
NVIDIA Sterownik graficzny 466.77 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 466.77 - NVIDIA Corporation)
OpenAL (HKLM-x32\...\OpenAL) (Version:  - )
OpenOffice 4.1.6 (HKLM-x32\...\{F03D2388-158B-4F8A-B195-CBCA5F459197}) (Version: 4.16.9790 - Apache Software Foundation)
Pivot Animator version 4.1.10 (HKLM-x32\...\Pivot Animator_is1) (Version: 4.1.10 - Motus Software Ltd)
Razer Synapse (HKLM-x32\...\Razer Synapse) (Version: 3.6.1215.121004 - Razer Inc.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7727 - Realtek Semiconductor Corp.)
Retopology Tools for 3ds Max 2022 (HKLM\...\{C21A2088-38CA-48FB-9707-1FC8AAC66FA9}) (Version: 1.1.0.050 - Autodesk, Inc.)
Skype (wersja 8.64) (HKLM-x32\...\Skype_is1) (Version: 8.64 - Skype Technologies S.A.)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Substance in 3ds Max 2022 (HKLM\...\{EAFD9CC5-E23B-44B8-8E45-4DC676B83542}) (Version: 2.4.3 - Allegorithmic)
TDU2 Unofficial Patch (HKLM-x32\...\TDU2 Unofficial Patch) (Version:  - )
TDU2 Unpacked (HKLM-x32\...\TDU2 Unpacker GUI) (Version:  - )
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.2.5 - TeamSpeak Systems GmbH)
Total Commander 64-bit (Remove or Repair) (HKLM\...\Totalcmd64) (Version: 9.22a - Ghisler Software GmbH)
Tree It version 1.1 (HKLM-x32\...\{62992DFF-C05F-4CB7-B66B-EAE796CA206D}_is1) (Version: 1.1 - EVOLVED Software)
Windows Driver Package - Microsoft (xusb21) XnaComposite  (08/13/2009 2.1.0.1349) (HKLM\...\0AEBEF6F936CFE16E003F7E141631FAB754D9816) (Version: 08/13/2009 2.1.0.1349 - Microsoft)
Windows Movie Maker 2.6 (HKLM-x32\...\{B3DAF54F-DB25-4586-9EF1-96D24BB14088}) (Version: 2.6.4037.0 - Microsoft Corporation)
WinRAR 5.70 (64-bitowy) (HKLM\...\WinRAR archiver) (Version: 5.70.0 - win.rar GmbH)
 
==================== Niestandardowe rejestracje CLSID (filtrowane): ==============
 
(Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.)
 
CustomCLSID: HKU\S-1-5-21-2337610357-331856407-1874907210-1000_Classes\CLSID\{073CB204-6B29-46FC-AB98-451F1D068741}\InprocServer32 -> D:\Program Files\Autodesk\3ds Max 2022\Inventor Server\Bin\TestServer.dll => Brak pliku
CustomCLSID: HKU\S-1-5-21-2337610357-331856407-1874907210-1000_Classes\CLSID\{820D63D5-8CFF-46DE-86AF-4997DEDD6DB5}\localserver32 -> C:\Windows\system32\igfxEM.exe (Intel Corporation - pGFX -> Intel Corporation)
CustomCLSID: HKU\S-1-5-21-2337610357-331856407-1874907210-1000_Classes\CLSID\{8C23B656-4E6E-4B45-9920-9617168D39A3}\InprocServer32 -> D:\Program Files\Autodesk\3ds Max 2022\Inventor Server\Bin\TestServer.dll => Brak pliku
CustomCLSID: HKU\S-1-5-21-2337610357-331856407-1874907210-1000_Classes\CLSID\{E5B0515D-48D2-4F04-906D-0192ED65A2DD}\InprocServer32 -> D:\Program Files\Autodesk\3ds Max 2022\Inventor Server\Bin\TestServer.dll => Brak pliku
CustomCLSID: HKU\S-1-5-21-2337610357-331856407-1874907210-1000_Classes\CLSID\{e8c77137-e224-5791-b6e9-ff0305797a13}\InprocServer32 -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Inc. -> Adobe Systems)
ShellIconOverlayIdentifiers: [   AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2021-05-24] (Adobe Inc. -> )
ShellIconOverlayIdentifiers: [   AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2021-05-24] (Adobe Inc. -> )
ShellIconOverlayIdentifiers: [   AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2021-05-24] (Adobe Inc. -> )
ContextMenuHandlers1: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2021-05-24] (Adobe Inc. -> )
ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} => C:\Program Files\Notepad++\NppShell_06.dll [2019-06-16] (Notepad++ -> )
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2019-03-13] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2019-03-13] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\Windows\system32\igfxDTCM.dll [2015-08-09] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\Windows\system32\nvshext.dll [2021-06-09] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2021-05-24] (Adobe Inc. -> )
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2019-03-13] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2019-03-13] (win.rar GmbH -> Alexander Roshal)
 
==================== Codecs (filtrowane) ====================
 
(Załączenie wejścia w fixlist spowoduje usunięcie obiektu z rejestru lub przywrócenie jego domyślnej postaci. Powiązany plik nie zostanie przeniesiony.)
 
HKLM\...\Drivers32: [vidc.iv31] => C:\Windows\SysWOW64\ir32_32.dll [197632 2016-03-25] (Microsoft Windows -> Intel® Corporation)
HKLM\...\Drivers32: [vidc.iv32] => C:\Windows\SysWOW64\ir32_32.dll [197632 2016-03-25] (Microsoft Windows -> Intel® Corporation)
HKLM\...\Drivers32: [vidc.iv41] => C:\Windows\SysWOW64\ir41_32.ax [839680 2009-07-14] (Microsoft Windows -> Intel Corporation)
HKLM\...\Drivers32: [vidc.iv50] => C:\Windows\SysWOW64\ir50_32.dll [746496 2009-07-14] (Microsoft Windows -> Intel Corporation)
HKLM\...\Drivers32: [msacm.iac2] => C:\Windows\SysWOW64\Iac25_32.ax [197632 2009-07-14] (Microsoft Windows -> Intel Corporation)
 
==================== Skróty & WMI ========================
 
(Wybrane wejścia mogą zostać załączone w celu ich zresetowania lub usunięcia.)
 
WMI:subscription\__FilterToConsumerBinding->CommandLineEventConsumer.Name=\"BVTConsumer\"",Filter="__EventFilter.Name=\"BVTFilter\"::
WMI:subscription\__EventFilter->BVTFilter::[Query => SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99]
WMI:subscription\CommandLineEventConsumer->BVTConsumer::[CommandLineTemplate => cscript KernCap.vbs][WorkingDirectory => C:\\tools\\kernrate]
 
==================== Załadowane moduły (filtrowane) =============
 
2019-03-05 17:18 - 2009-02-27 16:38 - 000139264 ____R () [Brak podpisu cyfrowego] C:\Program Files (x86)\Brother\BrUtilities\BrLogAPI.dll
2015-02-16 10:47 - 2015-02-16 10:47 - 000105472 _____ () [Brak podpisu cyfrowego] C:\Program Files (x86)\GIGABYTE\AmbientLED\ycc.dll
2014-01-22 13:53 - 2014-01-22 13:53 - 001607680 _____ () [Brak podpisu cyfrowego] C:\Program Files (x86)\Gigabyte\AppCenter\BDR_info.dll
2015-02-16 10:47 - 2015-02-16 10:47 - 000105472 _____ () [Brak podpisu cyfrowego] C:\Program Files (x86)\Gigabyte\AppCenter\ycc.dll
2019-01-09 11:25 - 2021-10-06 02:30 - 126961152 _____ () [Brak podpisu cyfrowego] D:\Program Files (x86)\Steam\bin\cef\cef.win7x64\libcef.dll
2019-01-09 11:25 - 2021-10-06 02:30 - 000384000 _____ () [Brak podpisu cyfrowego] D:\Program Files (x86)\Steam\bin\cef\cef.win7x64\libegl.dll
2019-01-09 11:25 - 2021-10-06 02:30 - 008006656 _____ () [Brak podpisu cyfrowego] D:\Program Files (x86)\Steam\bin\cef\cef.win7x64\libglesv2.dll
2009-08-18 01:52 - 2009-08-18 01:52 - 000251904 _____ (Advanced Micro Devices, Inc.) [Brak podpisu cyfrowego] C:\Windows\system32\atiadlxx.dll
2021-09-24 11:03 - 2021-09-24 11:03 - 001230336 _____ (Applied Informatics Software Engineering GmbH) [Brak podpisu cyfrowego] C:\Program Files (x86)\Razer Chroma SDK\bin\PocoFoundation.dll
2021-09-24 11:03 - 2021-09-24 11:03 - 000207872 _____ (Applied Informatics Software Engineering GmbH) [Brak podpisu cyfrowego] C:\Program Files (x86)\Razer Chroma SDK\bin\PocoJSON.dll
2021-09-24 11:03 - 2021-09-24 11:03 - 000810496 _____ (Applied Informatics Software Engineering GmbH) [Brak podpisu cyfrowego] C:\Program Files (x86)\Razer Chroma SDK\bin\PocoNet.dll
2021-09-24 11:03 - 2021-09-24 11:03 - 000238592 _____ (Applied Informatics Software Engineering GmbH) [Brak podpisu cyfrowego] C:\Program Files (x86)\Razer Chroma SDK\bin\PocoNetSSLWin.dll
2021-09-24 11:03 - 2021-09-24 11:03 - 000335360 _____ (Applied Informatics Software Engineering GmbH) [Brak podpisu cyfrowego] C:\Program Files (x86)\Razer Chroma SDK\bin\PocoUtil.dll
2021-09-24 11:03 - 2021-09-24 11:03 - 000455168 _____ (Applied Informatics Software Engineering GmbH) [Brak podpisu cyfrowego] C:\Program Files (x86)\Razer Chroma SDK\bin\PocoXML.dll
2019-03-05 17:18 - 2012-06-05 15:59 - 000025299 ____R (Brother Industries, Ltd) [Brak podpisu cyfrowego] C:\Program Files (x86)\Brother\Brmfcmon\brlm03a.dll
2019-03-05 17:18 - 2008-11-26 10:25 - 000208896 ____N (Brother Industries, Ltd.) [Brak podpisu cyfrowego] C:\Program Files (x86)\Brother\Brmfcmon\BrFirmUpdateCheck.dll
2019-03-05 17:18 - 2008-08-18 18:27 - 000122880 ____N (Brother Industries, Ltd.) [Brak podpisu cyfrowego] C:\Program Files (x86)\Brother\Brmfcmon\brlmw03a.dll
2019-03-05 17:18 - 2011-04-11 13:10 - 000163840 ____N (Brother Industries, Ltd.) [Brak podpisu cyfrowego] C:\Program Files (x86)\Brother\Brmfcmon\BRMFCWNDPol.dll
2019-03-05 17:18 - 2010-03-10 18:16 - 000770048 ____N (Brother Industries, Ltd.) [Brak podpisu cyfrowego] C:\Program Files (x86)\Brother\ControlCenter3\brccDCtl.dll
2019-03-05 17:18 - 2012-10-09 15:30 - 000372736 ____N (Brother Industries, Ltd.) [Brak podpisu cyfrowego] C:\Program Files (x86)\Brother\ControlCenter3\brccFCtl.dll
2019-03-05 17:18 - 2009-09-28 13:38 - 005390336 ____N (Brother Industries, Ltd.) [Brak podpisu cyfrowego] C:\Program Files (x86)\Brother\ControlCenter3\brccimg.dll
2019-03-05 17:18 - 2010-03-29 05:36 - 000155648 ____N (Brother Industries, Ltd.) [Brak podpisu cyfrowego] C:\Program Files (x86)\Brother\ControlCenter3\brccpol.dll
2015-06-23 16:00 - 2015-06-23 16:00 - 000285696 _____ (Intel Corporation) [Brak podpisu cyfrowego] [Plik w użyciu] C:\Program Files\Intel\Intel® Rapid Storage Technology\PsiData.dll
2019-02-12 13:33 - 2014-02-21 06:56 - 000074240 _____ (Intel Corporation) [Brak podpisu cyfrowego] C:\Program Files (x86)\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.dll
2015-06-23 16:00 - 2015-06-23 16:00 - 000562688 _____ (Intel Corporation) [Brak podpisu cyfrowego] C:\Program Files\Intel\Intel® Rapid Storage Technology\ISDI2.dll
2019-03-05 17:18 - 2003-06-30 00:00 - 000259584 ____N (LEAD Technologies, Inc.) [Brak podpisu cyfrowego] C:\Program Files (x86)\Brother\ControlCenter3\LTDIS12n.dll
2019-03-05 17:18 - 2005-07-05 00:00 - 000131584 ____N (LEAD Technologies, Inc.) [Brak podpisu cyfrowego] C:\Program Files (x86)\Brother\ControlCenter3\LTFIL12n.DLL
2019-03-05 17:18 - 2003-06-30 00:00 - 000406016 ____N (LEAD Technologies, Inc.) [Brak podpisu cyfrowego] C:\Program Files (x86)\Brother\ControlCenter3\LTKRN12n.dll
2019-03-27 22:48 - 2019-03-27 22:48 - 000115200 _____ (Microsoft Corporation) [Brak podpisu cyfrowego] [Plik w użyciu] C:\Windows\Microsoft.Net\assembly\GAC_32\System.EnterpriseServices\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.Wrapper.dll
2019-04-17 19:51 - 2019-04-17 19:51 - 000245760 _____ (Microsoft Corporation) [Brak podpisu cyfrowego] [Plik w użyciu] C:\Windows\WinSxS\amd64_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_08e61857a83bc251\msvcm90.dll
2019-01-09 11:25 - 2021-10-06 02:30 - 000983552 _____ (The Chromium Authors) [Brak podpisu cyfrowego] D:\Program Files (x86)\Steam\bin\cef\cef.win7x64\chrome_elf.dll
 
==================== Alternate Data Streams (filtrowane) ========
 
==================== Tryb awaryjny (filtrowane) ==================
 
(Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Wartość "AlternateShell" zostanie przywrócona.)
 
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
 
==================== Powiązania plików (filtrowane) =================
 
==================== Internet Explorer (Wersja 11) (filtrowane) ==========
 
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = 
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = 
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = 
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = 
HKU\S-1-5-21-2337610357-331856407-1874907210-1000\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
BHO: Bitdefender Trackers Blocking -> {159ff5d5-55f1-4d2f-b706-767a55f77abb} -> C:\Program Files\Bitdefender\Bitdefender Security\bdtbie.dll [2021-12-24] (Bitdefender SRL -> Bitdefender)
BHO: Portfel Bitdefender -> {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} -> C:\Program Files\Bitdefender\Bitdefender Security\pmbxie.dll [2021-12-24] (Bitdefender SRL -> Bitdefender)
BHO-x32: Bitdefender Trackers Blocking -> {159ff5d5-55f1-4d2f-b706-767a55f77abb} -> C:\Program Files\Bitdefender\Bitdefender Security\antispam32\bdtbie.dll [2021-12-24] (Bitdefender SRL -> Bitdefender)
BHO-x32: Portfel Bitdefender -> {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} -> C:\Program Files\Bitdefender\Bitdefender Security\Antispam32\pmbxie.dll [2021-12-24] (Bitdefender SRL -> Bitdefender)
Toolbar: HKLM - Portfel Bitdefender - {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} - C:\Program Files\Bitdefender\Bitdefender Security\pmbxie.dll [2021-12-24] (Bitdefender SRL -> Bitdefender)
Toolbar: HKLM-x32 - Portfel Bitdefender - {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} - C:\Program Files\Bitdefender\Bitdefender Security\Antispam32\pmbxie.dll [2021-12-24] (Bitdefender SRL -> Bitdefender)
 
==================== Hosts - zawartość: =========================
 
(Użycie dyrektywy Hosts: w fixlist spowoduje reset pliku Hosts.)
 
2009-07-14 03:34 - 2021-12-31 10:36 - 000000824 _____ C:\Windows\system32\drivers\etc\hosts
 
==================== Inne obszary ===========================
 
(Obecnie brak automatycznej naprawy dla tej sekcji.)
 
HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Razer Chroma SDK\bin;C:\Program Files\Razer Chroma SDK\bin;C:\Program Files (x86)\Razer\ChromaBroadcast\bin;C:\Program Files\Razer\ChromaBroadcast\bin;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files\Common Files\Autodesk Shared\;C:\Program Files\Microsoft SQL Server\120\Tools\Binn\;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Program Files\NVIDIA Corporation\NVIDIA NvDLISR;
HKU\S-1-5-21-2337610357-331856407-1874907210-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\mind\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Zapora systemu Windows [funkcja włączona]
 
==================== MSCONFIG/TASK MANAGER - Wyłączone elementy ==
 
(Załączenie wejścia w fixlist spowoduje jego usunięcie.)
 
MSCONFIG\Services: AdAppMgrSvc => 2
MSCONFIG\Services: AdobeARMservice => 3
MSCONFIG\Services: AdobeUpdateService => 2
MSCONFIG\Services: AdskLicensingService => 2
MSCONFIG\Services: AfVpnService => 3
MSCONFIG\Services: AGMService => 2
MSCONFIG\Services: AGSService => 2
MSCONFIG\Services: AMD External Events Utility => 2
MSCONFIG\Services: bdredline_agent => 2
MSCONFIG\Services: BdVpnService => 2
MSCONFIG\Services: cphs => 3
MSCONFIG\Services: FlexNet Licensing Service => 2
MSCONFIG\Services: gadjservice => 2
MSCONFIG\Services: GalaxyClientService => 3
MSCONFIG\Services: GalaxyCommunication => 3
MSCONFIG\Services: GoogleChromeElevationService => 3
MSCONFIG\Services: gupdate => 3
MSCONFIG\Services: gupdatem => 3
MSCONFIG\Services: IAStorDataMgrSvc => 2
MSCONFIG\Services: igfxCUIService1.0.0.0 => 2
MSCONFIG\Services: Intel® PROSet Monitoring Service => 2
MSCONFIG\Services: LEDCtrl => 2
MSCONFIG\Services: MozillaMaintenance => 3
MSCONFIG\Services: NvContainerLocalSystem => 2
MSCONFIG\Services: NVDisplay.ContainerLocalSystem => 2
MSCONFIG\Services: ProductAgentService => 2
MSCONFIG\Services: Razer Chroma SDK Server => 2
MSCONFIG\Services: Razer Chroma SDK Service => 2
MSCONFIG\Services: Razer Chroma Stream Server => 2
MSCONFIG\Services: Razer Game Manager Service => 2
MSCONFIG\Services: Razer Synapse Service => 2
MSCONFIG\Services: RzActionSvc => 2
MSCONFIG\Services: Steam Client Service => 3
MSCONFIG\startupfolder: C:^Users^mind^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^GenuineService.lnk => C:\Windows\pss\GenuineService.lnk.Startup
 
==================== Reguły Zapory systemu Windows (filtrowane) ================
 
(Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.)
 
FirewallRules: [SPPSVC-In-TCP-NoScope] => (Allow) C:\Windows\system32\sppsvc.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [SPPSVC-In-TCP] => (Allow) C:\Windows\system32\sppsvc.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{75ADD39C-07A3-4494-B821-667A71606904}] => (Allow) D:\Program Files (x86)\Steam\steam.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{35F50C82-D465-4E6B-81E8-C03A47838C62}] => (Allow) D:\Program Files (x86)\Steam\steam.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{9FEA66FE-5BB2-4292-A387-567AF58F8DFE}] => (Allow) D:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{3745FCCE-64AF-4446-A8E2-094EFE958CE7}] => (Allow) D:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corp. -> Valve Corporation)
 
==================== Punkty Przywracania systemu =========================
 
 
==================== Wadliwe urządzenia w Menedżerze urządzeń ============
 
Name: Kontroler Uniwersalnej magistrali szeregowej (USB)
Description: Kontroler Uniwersalnej magistrali szeregowej (USB)
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
 
Name: Urządzenie PCI
Description: Urządzenie PCI
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
 
 
==================== Błędy w Dzienniku zdarzeń: ========================
 
Dziennik Aplikacja:
==================
Error: (12/31/2021 10:38:10 AM) (Source: Windows Search Service) (EventID: 10021) (User: )
Description: Nie można uzyskać informacji rejestru licznika wydajności dla elementu WSearchIdxPi w wystąpieniu   z powodu następującego błędu: Operacja ukończona pomyślnie.   0x0.
 
Error: (12/31/2021 10:38:09 AM) (Source: Windows Search Service) (EventID: 3007) (User: )
Description: Nie można zainicjować monitorowania wydajności dla obiektu programu zbierającego, ponieważ liczniki nie są załadowane lub nie można otworzyć obiektu pamięci współużytkowanej. Wpływa to tylko na dostępność liczników monitora wydajności. Uruchom ponownie komputer.
 
Kontekst: aplikacja , wykaz SystemIndex
 
Error: (12/31/2021 10:38:09 AM) (Source: Windows Search Service) (EventID: 3006) (User: )
Description: Nie można zainicjować monitorowania wydajności dla usługi zbierającej, ponieważ liczniki nie są załadowane lub nie można otworzyć obiektu pamięci współużytkowanej. Wpływa to tylko na dostępność liczników monitora wydajności. Uruchom ponownie komputer.
 
Error: (12/31/2021 10:36:40 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.
 
Error: (12/30/2021 06:01:01 PM) (Source: Windows Search Service) (EventID: 10021) (User: )
Description: Nie można uzyskać informacji rejestru licznika wydajności dla elementu WSearchIdxPi w wystąpieniu   z powodu następującego błędu: Operacja ukończona pomyślnie.   0x0.
 
Error: (12/30/2021 06:00:59 PM) (Source: Windows Search Service) (EventID: 3007) (User: )
Description: Nie można zainicjować monitorowania wydajności dla obiektu programu zbierającego, ponieważ liczniki nie są załadowane lub nie można otworzyć obiektu pamięci współużytkowanej. Wpływa to tylko na dostępność liczników monitora wydajności. Uruchom ponownie komputer.
 
Kontekst: aplikacja , wykaz SystemIndex
 
Error: (12/30/2021 06:00:59 PM) (Source: Windows Search Service) (EventID: 3006) (User: )
Description: Nie można zainicjować monitorowania wydajności dla usługi zbierającej, ponieważ liczniki nie są załadowane lub nie można otworzyć obiektu pamięci współużytkowanej. Wpływa to tylko na dostępność liczników monitora wydajności. Uruchom ponownie komputer.
 
Error: (12/30/2021 05:59:30 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.
 
 
Dziennik System:
=============
Error: (12/31/2021 10:44:52 AM) (Source: DCOM) (EventID: 10010) (User: )
Description: Serwer {BB6DF56B-CACE-11DC-9992-0019B93A3A84} nie zarejestrował się w modelu DCOM w wymaganym czasie.
 
Error: (12/31/2021 10:44:39 AM) (Source: Schannel) (EventID: 4119) (User: ZARZĄDZANIE NT)
Description: Odebrano następujący alert krytyczny: 70.
 
Error: (12/31/2021 10:44:09 AM) (Source: Schannel) (EventID: 4119) (User: ZARZĄDZANIE NT)
Description: Odebrano następujący alert krytyczny: 70.
 
Error: (12/31/2021 10:43:39 AM) (Source: Schannel) (EventID: 4119) (User: ZARZĄDZANIE NT)
Description: Odebrano następujący alert krytyczny: 70.
 
Error: (12/31/2021 10:43:09 AM) (Source: Schannel) (EventID: 4119) (User: ZARZĄDZANIE NT)
Description: Odebrano następujący alert krytyczny: 70.
 
Error: (12/31/2021 10:42:38 AM) (Source: Schannel) (EventID: 4119) (User: ZARZĄDZANIE NT)
Description: Odebrano następujący alert krytyczny: 70.
 
Error: (12/31/2021 10:42:08 AM) (Source: Schannel) (EventID: 4119) (User: ZARZĄDZANIE NT)
Description: Odebrano następujący alert krytyczny: 70.
 
Error: (12/31/2021 10:41:38 AM) (Source: Schannel) (EventID: 4119) (User: ZARZĄDZANIE NT)
Description: Odebrano następujący alert krytyczny: 70.
 
 
Windows Defender:
================
Date: 2019-02-27 14:44:26.641
Description: 
Skanowanie produktu Windows Defender zostało zatrzymane przed ukończeniem.
Identyfikator skanowania:{87ADE8D6-C3AF-4B92-BBE0-716E89B35DC9}
Typ skanowania:Oprogramowanie antyszpiegowskie
Parametry skanowania:Szybkie skanowanie
Użytkownik:mind-Komputer\mind
 
Date: 2019-02-27 14:43:59.570
Description: 
Skanowanie produktu Windows Defender zostało zatrzymane przed ukończeniem.
Identyfikator skanowania:{F3082CFE-472B-4733-BBA6-C939C92DE94C}
Typ skanowania:Oprogramowanie antyszpiegowskie
Parametry skanowania:Pełne skanowanie
Użytkownik:mind-Komputer\mind
 
Date: 2019-02-27 14:42:09.137
Description: 
Skanowanie produktu Windows Defender zostało zatrzymane przed ukończeniem.
Identyfikator skanowania:{C3F1C997-06DC-49AC-8096-E89DB250BB93}
Typ skanowania:Oprogramowanie antyszpiegowskie
Parametry skanowania:Szybkie skanowanie
Użytkownik:mind-Komputer\mind
 
Date: 2019-02-27 14:42:00.938
Description: 
Skanowanie produktu Windows Defender zostało zatrzymane przed ukończeniem.
Identyfikator skanowania:{B001E838-F937-4EF5-9EAD-EBE79CDE39FB}
Typ skanowania:Oprogramowanie antyszpiegowskie
Parametry skanowania:Szybkie skanowanie
Użytkownik:mind-Komputer\mind
Event[0]:
 
Date: 2019-02-27 12:45:46.442
Description: 
Produkt Windows Defender napotkał błąd podczas próby aktualizacji aparatu.
Nowa wersja aparatu:1.1.15700.9
Poprzednia wersja aparatu:1.1.6402.0
Źródło aktualizacji:Użytkownik
Użytkownik:ZARZĄDZANIE NT\SYSTEM
Kod błędu:0x8050800c
Opis błędu:Wystąpił nieoczekiwany problem. Zainstaluj dostępne aktualizacje, a następnie spróbuj ponownie uruchomić program. Aby uzyskać informacje na temat instalowania aktualizacji, zobacz Pomoc i obsługę techniczną. 
 
Date: 2019-02-27 12:45:28.130
Description: 
Produkt Windows Defender napotkał błąd podczas próby aktualizacji aparatu.
Nowa wersja aparatu:1.1.15700.9
Poprzednia wersja aparatu:1.1.6402.0
Źródło aktualizacji:Użytkownik
Użytkownik:ZARZĄDZANIE NT\SYSTEM
Kod błędu:0x8050800c
Opis błędu:Wystąpił nieoczekiwany problem. Zainstaluj dostępne aktualizacje, a następnie spróbuj ponownie uruchomić program. Aby uzyskać informacje na temat instalowania aktualizacji, zobacz Pomoc i obsługę techniczną. 
 
Date: 2019-02-26 20:33:40.311
Description: 
Produkt Windows Defender napotkał błąd podczas próby aktualizacji aparatu.
Nowa wersja aparatu:1.1.15700.8
Poprzednia wersja aparatu:1.1.6402.0
Źródło aktualizacji:Użytkownik
Użytkownik:ZARZĄDZANIE NT\SYSTEM
Kod błędu:0x8050800c
Opis błędu:Wystąpił nieoczekiwany problem. Zainstaluj dostępne aktualizacje, a następnie spróbuj ponownie uruchomić program. Aby uzyskać informacje na temat instalowania aktualizacji, zobacz Pomoc i obsługę techniczną. 
 
Date: 2019-02-26 20:33:21.938
Description: 
Produkt Windows Defender napotkał błąd podczas próby aktualizacji aparatu.
Nowa wersja aparatu:1.1.15700.8
Poprzednia wersja aparatu:1.1.6402.0
Źródło aktualizacji:Użytkownik
Użytkownik:ZARZĄDZANIE NT\SYSTEM
Kod błędu:0x8050800c
Opis błędu:Wystąpił nieoczekiwany problem. Zainstaluj dostępne aktualizacje, a następnie spróbuj ponownie uruchomić program. Aby uzyskać informacje na temat instalowania aktualizacji, zobacz Pomoc i obsługę techniczną. 
 
Date: 2019-02-26 20:32:51.142
Description: 
Produkt Windows Defender napotkał błąd podczas próby aktualizacji aparatu.
Nowa wersja aparatu:1.1.15700.8
Poprzednia wersja aparatu:1.1.6402.0
Źródło aktualizacji:Użytkownik
Użytkownik:ZARZĄDZANIE NT\SYSTEM
Kod błędu:0x8050800c
Opis błędu:Wystąpił nieoczekiwany problem. Zainstaluj dostępne aktualizacje, a następnie spróbuj ponownie uruchomić program. Aby uzyskać informacje na temat instalowania aktualizacji, zobacz Pomoc i obsługę techniczną. 
 
==================== Statystyki pamięci =========================== 
 
BIOS: American Megatrends Inc. F3 08/20/2015
Płyta główna: Gigabyte Technology Co., Ltd. G1.Sniper B6-CF
Procesor: Intel® Core™ i5-4460 CPU @ 3.20GHz
Procent pamięci w użyciu: 71%
Całkowita pamięć fizyczna: 8083.27 MB
Dostępna pamięć fizyczna: 2304.91 MB
Całkowita pamięć wirtualna: 16164.69 MB
Dostępna pamięć wirtualna: 9306.04 MB
 
==================== Dyski ================================
 
Drive c: () (Fixed) (Total:111.79 GB) (Free:7.01 GB) NTFS
Drive d: () (Fixed) (Total:223.57 GB) (Free:61.19 GB) NTFS ==>[system z komponentami startowymi (pozyskano odczytując dysk)]
 
 
==================== MBR & Tablica partycji ====================
 
==========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 223.6 GB) (Disk ID: 1FE0FBAE)
Partition 1: (Active) - (Size=223.6 GB) - (Type=07 NTFS)
 
==========================================================
Disk: 1 (MBR Code: Windows 7/8/10) (Size: 111.8 GB) (Disk ID: 0A2D2557)
Partition 1: (Not Active) - (Size=111.8 GB) - (Type=07 NTFS)
 
==================== Koniec  Addition.txt =======================

#12 michalp

michalp
  • Topic Starter

  • Avatar image
  • Members
  • 16 posts
  • OFFLINE
    •  
  • Local time:02:21 PM

Posted 31 December 2021 - 05:09 AM

On clean boot slow boot still. 


#13 nasdaq

nasdaq

  • Avatar image
  • Malware Response Team
  • 48,328 posts
  • OFFLINE
    •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:08:21 AM

Posted 31 December 2021 - 10:08 AM

Hi,
 
Press the Windows key + r on your keyboard at the same time. This will open the RUN BOX.
Type Notepad and and click the OK key.
Please copy the entire contents of the code box below to the a new file.
 
start
 
Comment: For your security a new restore point will be created.
CreateRestorePoint:
Comment: We need to close all processes to complete the fix.
CloseProcesses:
 
Comment: Items from the FRST.TXT log that will be removed from the Registry.
 
Task: {C67D83F2-008A-4672-AE55-5E4FD4C560E5} - System32\Tasks\Mozilla\Firefox Background Update 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\firefox.exe --MOZ_LOG sync,prependheader,timestamp,append,maxsize:1,Dump:5 --MOZ_LOG_FILE C:\ProgramData\Mozilla\updates\308046B0AF4A39CB\backgroundupdate.moz_log --backgroundtask backgroundupdate
 
Comment: Items from the Addition.txt log that will be removed from the Registry.
 
CustomCLSID: HKU\S-1-5-21-2337610357-331856407-1874907210-1000_Classes\CLSID\{073CB204-6B29-46FC-AB98-451F1D068741}\InprocServer32 -> D:\Program Files\Autodesk\3ds Max 2022\Inventor Server\Bin\TestServer.dll => Brak pliku
CustomCLSID: HKU\S-1-5-21-2337610357-331856407-1874907210-1000_Classes\CLSID\{8C23B656-4E6E-4B45-9920-9617168D39A3}\InprocServer32 -> D:\Program Files\Autodesk\3ds Max 2022\Inventor Server\Bin\TestServer.dll => Brak pliku
CustomCLSID: HKU\S-1-5-21-2337610357-331856407-1874907210-1000_Classes\CLSID\{E5B0515D-48D2-4F04-906D-0192ED65A2DD}\InprocServer32 -> D:\Program Files\Autodesk\3ds Max 2022\Inventor Server\Bin\TestServer.dll => Brak pliku
 
Comment: Files/Folders that will be deleted.
 
2019-04-21 14:01 - 2019-06-04 12:36 - 000010240 _____ () C:\Users\mind\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2019-02-23 14:12 - 2019-02-23 14:12 - 000000000 _____ () C:\Users\mind\AppData\Local\{8873CD02-B275-4947-BEC2-3D17C6D2C236}
 
Comment: To rebuild the performance counter library values.
CMD: "%WINDIR%\SYSTEM32\lodctr.exe" /R
CMD: "%WINDIR%\SysWOW64\lodctr.exe" /R
CMD: "C:\Windows\SYSTEM32\lodctr.exe" /R
CMD: "C:\Windows\SysWOW64\lodctr.exe" /R
 
Comment: The system will restart.
Reboot:
 
End
 
Save the file as fixlist.txt in the same folder where the Farbar tool is running from.
The location is listed in the 3rd line of the Farbar log you have submitted.
 
Run FRST and click Fix only once and wait.
 
The tool will create a log (Fixlog.txt) please post it to your reply.
===
 
This error is seen in your addition.txt log.
 

Error: (12/31/2021 10:44:39 AM) (Source: Schannel) (EventID: 4119) (User: ZARZADZANIE NT)
Description: Odebrano nastepujacy alert krytyczny: 70. tranlated too : The following critical alert was received
 
I would like you to read these links and let me know if you previously had to deal with something like this.
 
 
Let me know.
---
 
Your primary Security program is Bitdefender.
How ever I see traces of McAfee and I'm wondering if the two are conflicting.
Either you disable McAfee or remove it completely using their uninstaller.
McAfee
Download and run their uninstaller tool from this site.
 
Restart the computer when the removal is completed.
 
It's you call if with to reinstall the application later.
------
 
If the problem persists I suggest you start a new topic in the Windows 7 program.
And have an expert help you.
This Operating system is no longer supported by Microsoft and there is nothing we can do any more in this Malware Forum
 
Please post the Fixlog.txt and let me know what problem persists.

Back to Virus, Trojan, Spyware, and Malware Removal Help · Next Unread Topic →


0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users


  1. BleepingComputer Forums
  2. Security
  3. Virus, Trojan, Spyware, and Malware Removal Help
  4. Privacy Policy
  5. Rules ·