Additional scan result of Farbar Recovery Scan Tool (x64) Version: 23-05-2022 Ran by piotr (23-05-2022 19:24:42) Running from C:\Users\piotr\Desktop Microsoft Windows 10 Home Version 21H2 19044.1706 (X64) (2022-04-26 21:11:13) Boot Mode: Normal ========================================================== ==================== Accounts: ============================= (If an entry is included in the fixlist, it will be removed.) Administrator (S-1-5-21-2035300265-1235846444-584982049-500 - Administrator - Disabled) Gość (S-1-5-21-2035300265-1235846444-584982049-501 - Limited - Disabled) Konto domyślne (S-1-5-21-2035300265-1235846444-584982049-503 - Limited - Disabled) piotr (S-1-5-21-2035300265-1235846444-584982049-1001 - Administrator - Enabled) => C:\Users\piotr WDAGUtilityAccount (S-1-5-21-2035300265-1235846444-584982049-504 - Limited - Disabled) ==================== Security Center ======================== (If an entry is included in the fixlist, it will be removed.) AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} ==================== Installed Programs ====================== (Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.) CCleaner (HKLM-x32\...\CCleaner) (Version: 6.00 - Piriform) Gadwin PrintScreen (64-Bit) (HKLM-x32\...\{A7F7D8AC-B7A2-4248-B2E2-C7DCAB0F9DB5}) (Version: 6.5.0.0 - Gadwin, Ltd.) Google Chrome (HKLM-x32\...\Google Chrome) (Version: 101.0.4951.64 - Google LLC) Intel(R) Chipset Device Software (HKLM-x32\...\{00C43022-CFDA-4942-9D3F-04199C91C939}) (Version: 10.1.18121.8164 - Intel Corporation) Hidden Intel(R) Dynamic Platform and Thermal Framework (HKLM-x32\...\{654EE65D-FAA4-4EA6-8C07-DC94E6A304D4}) (Version: 8.3.10209.6897 - Intel Corporation) Intel(R) Management Engine Components (HKLM-x32\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 2105.15.0.2157 - Intel Corporation) Intel(R) Management Engine Components (HKLM-x32\...\{A9B23394-82C4-4885-92F6-5C21D2AFAF14}) (Version: 1.0.0.0 - Intel Corporation) Hidden Intel(R) Management Engine Components (HKLM-x32\...\{AF5173C2-31A0-45CF-A5DF-F964F35B4034}) (Version: 1.0.0.0 - Intel Corporation) Hidden Intel(R) Management Engine Driver (HKLM-x32\...\{322B58FC-7AB5-43B6-B27C-1635DD3A573C}) (Version: 1.0.0.0 - Intel Corporation) Hidden Intel(R) Serial IO (HKLM-x32\...\{75000D29-0D43-467B-84AC-12EB33DA1F14}) (Version: 30.100.1943.2 - Intel Corporation) Hidden Intel(R) Serial IO (HKLM-x32\...\{9FD91C5C-44AE-4D9D-85BE-AE52816B0294}) (Version: 30.100.1943.2 - Intel Corporation) Intel(R) Trusted Connect Service Client x64 (HKLM-x32\...\{C9552825-7BF2-4344-BA91-D3CD46F4C442}) (Version: 1.62.321.1 - Intel Corporation) Hidden Intel(R) Trusted Connect Service Client x86 (HKLM-x32\...\{C9552825-7BF2-4344-BA91-D3CD46F4C441}) (Version: 1.62.321.1 - Intel Corporation) Hidden Intel(R) Trusted Connect Services Client (HKLM-x32\...\{c3964069-17c1-45dd-85a5-949576ceeaa3}) (Version: 1.62.321.1 - Intel Corporation) Hidden Intel(R) Wireless Bluetooth(R) (HKLM-x32\...\{00000110-0210-1045-84C8-B8D95FA3C8C3}) (Version: 21.110.0.3 - Intel Corporation) Intel® Software Installer (HKLM-x32\...\{4a50fa17-2911-43ed-a2a1-d3a34411e2bb}) (Version: 21.110.2.1 - Intel Corporation) Hidden Malwarebytes version 4.5.9.198 (HKLM-x32\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 4.5.9.198 - Malwarebytes) Maxx Audio Installer (x64) (HKLM-x32\...\{307032B2-6AF2-46D7-B933-62438DEB2B9A}) (Version: 2.7.12253.1 - Waves Audio Ltd.) Hidden Oprogramowanie Intel® PROSet/Wireless (HKLM-x32\...\{8431b7d7-59d1-4f45-8212-a2eac049528f}) (Version: 19.60.0 - Intel Corporation) Oprogramowanie mikroukładu Intel® (HKLM-x32\...\{37942a92-9e3f-4d70-9b5c-5955cbc54505}) (Version: 10.1.18121.8164 - Intel(R) Corporation) Realtek Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.8895.1 - Realtek Semiconductor Corp.) Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 10.0.18362.31252 - Realtek Semiconductor Corp.) Realtek Ethernet Controller All-In-One Windows Driver (HKLM-x32\...\{F7E7F0CB-AA41-4D5A-B6F2-8E6738EB063F}) (Version: 10.19.627.2017 - Realtek) Realtek PC Camera Driver (HKLM-x32\...\{E399A5B3-ED53-4DEA-AF04-8011E1EB1EAC}) (Version: 10.0.14393.11242 - Realtek Semiconductor Corp.) WinRAR 6.11 (64-bitowy) (HKLM-x32\...\WinRAR archiver) (Version: 6.11.0 - win.rar GmbH) Packages: ========= Centrum sterowania grafiką Intel® -> C:\Program Files\WindowsApps\AppUp.IntelGraphicsExperience_1.100.3408.0_x64__8j3eq9eme6ctt [2022-04-27] (INTEL CORP) [Startup Task] Dodatek Aparat multimediów dla aplikacji Zdjęcia -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2022-05-19] (Microsoft Corporation) ==================== Custom CLSID (Whitelisted): ============== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) CustomCLSID: HKU\S-1-5-21-2035300265-1235846444-584982049-1001_Classes\CLSID\{a9872fee-5a55-4ecb-9b0f-b06fedcf14d1}\localserver32 -> C:\Program Files\Waves\MaxxAudio\MaxxAudioPro.exe (Waves Inc -> Waves Audio Ltd) ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2022-03-14] (win.rar GmbH -> Alexander Roshal) ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2022-03-14] (win.rar GmbH -> Alexander Roshal) ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2022-05-23] (Malwarebytes Inc. -> Malwarebytes) ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2022-05-23] (Malwarebytes Inc. -> Malwarebytes) ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2022-03-14] (win.rar GmbH -> Alexander Roshal) ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2022-03-14] (win.rar GmbH -> Alexander Roshal) ==================== Codecs (Whitelisted) ==================== ==================== Shortcuts & WMI ======================== ==================== Loaded Modules (Whitelisted) ============= 2022-04-26 23:57 - 2022-04-26 23:57 - 042859520 _____ (Intel Corporation) [File not signed] C:\Program Files\WindowsApps\AppUp.IntelGraphicsExperience_1.100.3408.0_x64__8j3eq9eme6ctt\IGCC.dll ==================== Alternate Data Streams (Whitelisted) ======== ==================== Safe Mode (Whitelisted) ================== (If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.) HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service" ==================== Association (Whitelisted) ================= ==================== Internet Explorer (Whitelisted) ========== ==================== Hosts content: ========================= (If needed Hosts: directive could be included in the fixlist to reset Hosts.) 2019-12-07 11:14 - 2019-12-07 11:12 - 000000824 _____ C:\Windows\system32\drivers\etc\hosts ==================== Other Areas =========================== (Currently there is no automatic fix for this section.) HKU\S-1-5-21-2035300265-1235846444-584982049-1001\Control Panel\Desktop\\Wallpaper -> C:\Windows\web\wallpaper\Windows\img0.jpg DNS Servers: 192.168.0.1 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1) HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: ) Windows Firewall is enabled. ==================== MSCONFIG/TASK MANAGER disabled items == (If an entry is included in the fixlist, it will be removed.) HKLM\...\StartupApproved\Run32: => "IAStorIcon" HKU\S-1-5-21-2035300265-1235846444-584982049-1001\...\StartupApproved\Run: => "OneDriveSetup" HKU\S-1-5-21-2035300265-1235846444-584982049-1001\...\StartupApproved\Run: => "MicrosoftEdgeAutoLaunch_102D77BE86092CD11F3B00AB05EA0725" ==================== FirewallRules (Whitelisted) ================ (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) ==================== Restore Points ========================= 30-04-2022 12:16:07 Instalator modułów systemu Windows 09-05-2022 06:51:53 Zaplanowany punkt kontrolny 11-05-2022 12:17:54 Removed Quickset64. 11-05-2022 12:23:58 Instalator modułów systemu Windows 11-05-2022 12:49:34 Removed Sprawdzanie kondycji komputera z systemem Windows 13-05-2022 19:58:36 Instalator modułów systemu Windows 13-05-2022 20:03:14 Instalator modułów systemu Windows 14-05-2022 07:02:31 Instalator modułów systemu Windows 14-05-2022 07:19:53 Instalator modułów systemu Windows 14-05-2022 07:40:12 Instalator modułów systemu Windows 15-05-2022 08:39:44 Installed Intel(R) Wireless Bluetooth(R) 15-05-2022 10:56:15 Intel(R) Trusted Connect Services Client 15-05-2022 11:25:59 Removed Intel(R) Wireless Bluetooth(R) 15-05-2022 11:35:46 Removed Intel(R) Wireless Bluetooth(R) 15-05-2022 11:54:17 Installed Intel(R) Wireless Bluetooth(R) 23-05-2022 05:45:39 Installed Gadwin PrintScreen (64-Bit) 23-05-2022 18:35:36 AdwCleaner_BeforeCleaning_23/05/2022_18:35:30 ==================== Faulty Device Manager Devices ============ ==================== Event log errors: ======================== Application errors: ================== Error: (05/23/2022 12:43:55 PM) (Source: DPTF) (EventID: 17) (User: ZARZĄDZANIE NT) Description: ESIF(8.6.10401.9906) TYPE: ERROR MODULE: DPTF TIME 12745435 ms DPTF Build Version: 8.6.10401.9906 DPTF Build Date: Jun 14 2019 17:55:37 Source File: c:\jenkins\workspace\dptf\src\dptf\sources\manager\domainworkitem.cpp @ line 79 Executing Function: DomainWorkItem::writeDomainWorkItemErrorMessagePolicy Message: Unhandled exception caught during execution of work item Framework Event: DomainPowerControlCapabilityChanged [25] Participant: TCPU [2] Domain: Invalid [0] Policy: Passive Policy 2 [3] Exception Function: Policy::executeDomainPowerControlCapabilityChanged Exception Text: invalid map key System errors: ============= Error: (05/23/2022 06:36:18 PM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: Usługa Waves Audio Services niespodziewanie zakończyła pracę. Wystąpiło to razy: 1. Error: (05/23/2022 06:36:18 PM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: Usługa Intel Bluetooth Service niespodziewanie zakończyła pracę. Wystąpiło to razy: 1. Error: (05/23/2022 06:36:17 PM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: Usługa Intel(R) HD Graphics Control Panel Service niespodziewanie zakończyła pracę. Wystąpiło to razy: 1. Error: (05/23/2022 06:36:17 PM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: Usługa Intel(R) Content Protection HECI Service niespodziewanie zakończyła pracę. Wystąpiło to razy: 1. Error: (05/23/2022 06:36:17 PM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: Usługa Intel(R) Content Protection HDCP Service niespodziewanie zakończyła pracę. Wystąpiło to razy: 1. Error: (05/23/2022 12:05:44 AM) (Source: Schannel) (EventID: 4103) (User: ZARZĄDZANIE NT) Description: Wystąpił błąd krytyczny podczas tworzenia poświadczeń TLS klient. Stan błędu wewnętrznego: 10013. Error: (05/22/2022 09:51:06 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Nie można uruchomić usługi eapihdrv z powodu następującego błędu: Nastąpiło zablokowanie ładowania sterownika Error: (05/22/2022 09:51:06 PM) (Source: Application Popup) (EventID: 1060) (User: ) Description: \??\C:\Users\piotr\AppData\Local\Temp\ehdrv.sys ==================== Memory info =========================== BIOS: Dell Inc. 1.5.0 06/11/2021 Motherboard: Dell Inc. 01W6F7 Processor: Intel(R) Core(TM) i5-7200U CPU @ 2.50GHz Percentage of memory in use: 20% Total physical RAM: 16282.52 MB Available physical RAM: 13006.01 MB Total Virtual: 18714.52 MB Available Virtual: 15596.34 MB ==================== Drives ================================ Drive c: () (Fixed) (Total:222.95 GB) (Free:164.93 GB) (Model: SPCC Solid State Disk) NTFS \\?\Volume{cd8bc7eb-d363-47c1-853d-1916856d529d}\ () (Fixed) (Total:0.51 GB) (Free:0.08 GB) NTFS \\?\Volume{043f18fe-73db-41b5-8af5-571cbb676e6b}\ () (Fixed) (Total:0.09 GB) (Free:0.07 GB) FAT32 ==================== MBR & Partition Table ==================== ========================================================== Disk: 0 (Protective MBR) (Size: 223.6 GB) (Disk ID: 00000000) Partition: GPT. ==================== End of Addition.txt =======================