Rezultaty skanu uzupełniającego Farbar Recovery Scan Tool (x64) Wersja: 21-12-2023 Uruchomiony przez Mateusz (22-12-2023 01:39:04) Uruchomiony z C:\Users\Mateusz\Downloads Microsoft Windows 10 Home Wersja 22H2 19045.2965 (X64) (2023-03-09 14:18:37) Tryb startu: Normal ========================================================== ==================== Konta użytkowników: ============================= (Załączenie wejścia w fixlist spowoduje jego usunięcie.) Administrator (S-1-5-21-1721148844-3383120758-2656744015-500 - Administrator - Disabled) Gość (S-1-5-21-1721148844-3383120758-2656744015-501 - Limited - Disabled) Konto domyślne (S-1-5-21-1721148844-3383120758-2656744015-503 - Limited - Disabled) Mateusz (S-1-5-21-1721148844-3383120758-2656744015-1001 - Administrator - Enabled) => C:\Users\Mateusz RemoteServer (S-1-5-21-1721148844-3383120758-2656744015-1008 - Limited - Enabled) => C:\Users\RemoteServer.MATOVO WDAGUtilityAccount (S-1-5-21-1721148844-3383120758-2656744015-504 - Limited - Disabled) ==================== Centrum zabezpieczeń ======================== (Załączenie wejścia w fixlist spowoduje jego usunięcie.) AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} ==================== Zainstalowane programy ====================== (W fixlist dozwolone tylko załączanie programów adware z flagą "Hidden" w celu ich uwidocznienia. Programy adware powinny zostać w poprawny sposób odinstalowane.) µTorrent (HKU\S-1-5-21-1721148844-3383120758-2656744015-1001\...\uTorrent) (Version: 3.6.0.46672 - BitTorrent Inc.) 7-Zip 19.00 (x64) (HKLM\...\7-Zip) (Version: 19.00 - Igor Pavlov) Adobe Acrobat (HKLM-x32\...\{AC76BA86-1033-FFFF-7760-0C0F074E4100}) (Version: 22.003.20310 - Adobe Systems Incorporated) Adobe Refresh Manager (HKLM-x32\...\{AC76BA86-0804-1033-1959-018244601053}) (Version: 1.8.0 - Adobe Systems Incorporated) Hidden Alcor Micro Smart Card Reader Driver (HKLM-x32\...\{F24F876B-7D71-4BD6-88E9-614D3B220043}) (Version: 1.7.43.2200 - Alcor Micro Corp.) Hidden Alcor Micro Smart Card Reader Driver (HKLM-x32\...\SZCCID) (Version: 1.7.43.2200 - Alcor Micro Corp.) Aplikacje Microsoft 365 dla przedsiębiorstw - pl-pl (HKLM\...\O365ProPlusRetail - pl-pl) (Version: 16.0.17029.20068 - Microsoft Corporation) Apple Mobile Device Support (HKLM\...\{74CC99EB-7DC0-4CB0-847A-F8C2FE39690C}) (Version: 14.5.0.7 - Apple Inc.) Apple Software Update (HKLM-x32\...\{A3985C05-7386-411F-A4BF-32A73F37EB44}) (Version: 2.6.3.1 - Apple Inc.) Auto Dark Mode (HKU\S-1-5-21-1721148844-3383120758-2656744015-1001\...\{470BC918-3740-4A97-9797-8570A7961130}_is1) (Version: 10.4.1.1 - Armin Osaj & Samuel Schiegg) BleachBit 4.4.2.2142 (current user) (HKU\S-1-5-21-1721148844-3383120758-2656744015-1001\...\BleachBit) (Version: 4.4.2.2142 - BleachBit) Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.) Broadcom Bluetooth Drivers (HKLM\...\{0A1B4690-E176-4533-8058-939480AEE1D0}) (Version: 12.0.0.9130 - Broadcom Corporation) CalDavSynchronizer (HKLM-x32\...\{4836FD75-D80F-41B6-8BEF-D14681D0D5E2}) (Version: 4.4.1 - Gerhard Zehetbauer) Canon IJ Scan Utility (HKLM-x32\...\Canon_IJ_Scan_Utility) (Version: - Canon Inc.) Canon MG2400 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MG2400_series) (Version: 1.03 - Canon Inc.) Canon My Printer (HKLM-x32\...\CanonMyPrinter) (Version: 3.3.0 - Canon Inc.) Discord (HKU\S-1-5-21-1721148844-3383120758-2656744015-1001\...\Discord) (Version: 1.0.9003 - Discord Inc.) DisplayLink Core Software (HKLM\...\{1A34DBB3-F824-4B48-B57A-CC377F444B65}) (Version: 7.9.296.0 - DisplayLink Corp.) FileZilla 3.62.2 (HKU\S-1-5-21-1721148844-3383120758-2656744015-1001\...\FileZilla Client) (Version: 3.62.2 - Tim Kosse) Google Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.101.0 - Google LLC) Hidden Hardwipe 5.2.1 (HKLM\...\{0F322F97-B3FB-4423-B23E-4E486693CD16}) (Version: 5.2.1 - Big Angry Dog) HP Hotkey Support (HKLM-x32\...\{6E7401DB-B722-4428-BE94-DD4740CF6464}) (Version: 5.0.28.1 - Hewlett-Packard Company) HP Port Replicator Software Installer (HKLM-x32\...\{6313BCDF-1109-4682-A19D-413189817787}) (Version: 1.3.46 - HP) HP Support Solutions Framework (HKLM-x32\...\{BDD1CF92-90B7-4803-A1DF-71942C799A64}) (Version: 12.19.53.13 - HP Inc.) HP USB Port Replicator (HKLM\...\{D7F83853-7D22-40B5-82E9-47FD785F562D}) (Version: 7.9.339.0 - Hewlett-Packard) HP Wireless Button Driver (HKLM-x32\...\{EFA01423-3857-468C-B7B6-F30AA08E50BC}) (Version: 1.1.5.1 - Hewlett-Packard Company) IDT Audio (HKLM-x32\...\{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}) (Version: 1.0.6499.0 - IDT) iTunes (HKLM\...\{8B7EB8C9-C74F-4CE6-ADC5-0EFB1A8ECAB9}) (Version: 12.10.11.2 - Apple Inc.) LenovoUsbDriver 1.1.33 (HKLM-x32\...\LenovoUsbDriver) (Version: 1.1.33 - Lenovo) LibUSB-Win32-1.2.6.0 (HKLM\...\LibUSB-Win32_is1) (Version: 1.2.6.0 - LibUSB-Win32) MediaTek SP Driver version 5.16.32.04 (HKLM\...\MediaTek SP Driver_is1) (Version: 5.16.32.04 - MediaTek.Inc.) Mi PC Suite (HKU\S-1-5-21-1721148844-3383120758-2656744015-1001\...\MiPhoneManager) (Version: - Xiaomi Inc.) Mi UBL Tool version v.23 (HKLM-x32\...\{7A5213F8-63C5-430A-93CF-831AAE0842EE}_is1) (Version: v.23 - Mi Instant UBL Team) Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 120.0.2210.77 - Microsoft Corporation) Microsoft Office Professional Plus 2021 - pl-pl (HKLM\...\ProPlus2021Retail - pl-pl) (Version: 16.0.17029.20068 - Microsoft Corporation) Microsoft OneDrive (HKLM\...\OneDriveSetup.exe) (Version: 23.246.1127.0002 - Microsoft Corporation) Microsoft Teams (HKU\S-1-5-21-1721148844-3383120758-2656744015-1001\...\Teams) (Version: 1.6.00.29964 - Microsoft Corporation) Microsoft Update Health Tools (HKLM\...\{BB052C53-34CB-42DE-AF41-66FDFCEEC868}) (Version: 3.72.0.0 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.61030 (HKLM\...\{37B8F9C7-03FB-3253-8781-2517C99D7C00}) (Version: 11.0.61030 - Microsoft Corporation) Hidden Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.61030 (HKLM\...\{CF2BEA3C-26EA-32F8-AA9B-331F7E34BA97}) (Version: 11.0.61030 - Microsoft Corporation) Hidden Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61030 (HKLM-x32\...\{B175520C-86A2-35A7-8619-86DC379688B9}) (Version: 11.0.61030 - Microsoft Corporation) Hidden Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61030 (HKLM-x32\...\{BD95A8CD-1D9F-35AD-981A-3E7925026EBB}) (Version: 11.0.61030 - Microsoft Corporation) Hidden Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40660 (HKLM-x32\...\{ef6b00ec-13e1-4c25-9064-b2f383cb8412}) (Version: 12.0.40660.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.40660 (HKLM-x32\...\{61087a79-ac85-455c-934d-1fa22cc64f36}) (Version: 12.0.40660.0 - Microsoft Corporation) Microsoft Visual C++ 2013 x64 Additional Runtime - 12.0.40660 (HKLM\...\{5740BD44-B58D-321A-AFC0-6D3D4556DD6C}) (Version: 12.0.40660 - Microsoft Corporation) Hidden Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.40660 (HKLM\...\{CB0836EC-B072-368D-82B2-D3470BF95707}) (Version: 12.0.40660 - Microsoft Corporation) Hidden Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.40660 (HKLM-x32\...\{7DAD0258-515C-3DD4-8964-BD714199E0F7}) (Version: 12.0.40660 - Microsoft Corporation) Hidden Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.40660 (HKLM-x32\...\{E30D8B21-D82D-3211-82CC-0F0A5D1495E8}) (Version: 12.0.40660 - Microsoft Corporation) Hidden Microsoft Visual C++ 2015-2022 Redistributable (x64) - 14.32.31332 (HKLM-x32\...\{3746f21b-c990-4045-bb33-1cf98cff7a68}) (Version: 14.32.31332.0 - Microsoft Corporation) Microsoft Visual C++ 2015-2022 Redistributable (x86) - 14.32.31332 (HKLM-x32\...\{a98dc6ff-d360-4878-9f0a-915eba86eaf3}) (Version: 14.32.31332.0 - Microsoft Corporation) Microsoft Visual C++ 2022 X64 Additional Runtime - 14.32.31332 (HKLM\...\{F4499EE3-A166-496C-81BB-51D1BCDC70A9}) (Version: 14.32.31332 - Microsoft Corporation) Hidden Microsoft Visual C++ 2022 X64 Minimum Runtime - 14.32.31332 (HKLM\...\{3407B900-37F5-4CC2-B612-5CD5D580A163}) (Version: 14.32.31332 - Microsoft Corporation) Hidden Microsoft Visual C++ 2022 X86 Additional Runtime - 14.32.31332 (HKLM-x32\...\{8972AC25-452E-4FFE-945A-EB9E28C20322}) (Version: 14.32.31332 - Microsoft Corporation) Hidden Microsoft Visual C++ 2022 X86 Minimum Runtime - 14.32.31332 (HKLM-x32\...\{AEAA18F7-9C96-4A43-BC07-8B88A4913EEB}) (Version: 14.32.31332 - Microsoft Corporation) Hidden Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\{C3600AE6-93A0-3DB7-B7AA-45BD58F133B5}) (Version: 10.0.31124 - Microsoft Corporation) Hidden Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.31119 - Microsoft Corporation) Microsoft XNA Framework Redistributable 4.0 Refresh (HKLM-x32\...\{D69C8EDE-BBC5-436B-8E0E-C5A6D311CF4F}) (Version: 4.0.30901.0 - Microsoft Corporation) MiFlashPro version 7.3.706.21 (HKLM-x32\...\{3618BC41-BC4C-4B60-8B52-8A24F4D61EC1}_is1) (Version: 7.3.706.21 - Xiaomi, Inc.) Minimal ADB and Fastboot version 1.1.3 (HKLM-x32\...\{DE46417A-9E9E-4BCD-BBDD-DA21943193BB}_is1) (Version: 1.1.3 - ) MiniTool Partition Wizard Free 12.8 (HKLM\...\{05D996FA-ADCB-4D23-BA3C-A7C184A8FAC6}_is1) (Version: 12.8 - MiniTool Software Limited) MiniTool ShadowMaker PW Edition (HKLM-x32\...\MT-75D7C412-925B-4AD0-90DC-5E4FEE22EAE1_is1) (Version: 4.2 - MiniTool Software Limited) Motorola Mobile Drivers Installation 6.4.0 (HKLM\...\{27986EDD-C9EC-4B52-B92F-06D073F0AA52}) (Version: 6.4.0 - Motorola Mobility LLC) Mozilla Firefox (x64 pl) (HKLM\...\Mozilla Firefox 121.0 (x64 pl)) (Version: 121.0 - Mozilla) Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 110.0.1 - Mozilla) Office 16 Click-to-Run Extensibility Component (HKLM\...\{90160000-008C-0000-1000-0000000FF1CE}) (Version: 16.0.17029.20000 - Microsoft Corporation) Hidden Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-007E-0000-1000-0000000FF1CE}) (Version: 16.0.17029.20068 - Microsoft Corporation) Hidden Office 16 Click-to-Run Localization Component (HKLM\...\{90160000-008C-0415-1000-0000000FF1CE}) (Version: 16.0.17029.20000 - Microsoft Corporation) Hidden Official Krunker.io Client 3.0.8 (HKLM\...\3a7cc3b8-0ea0-52d2-a196-7657f955507b) (Version: 3.0.8 - FRVR Limited) OpenAL (HKLM-x32\...\OpenAL) (Version: - ) OPPO售后驱动程序 2.0.1 (HKLM\...\{F9CA1F0B-D4A8-41C5-99AD-D39FFA50B09B}_is1) (Version: 2.0.1.1 - 广东欧珀移动通信有限公司) Outlook4Gmail 5.3.0 (HKLM-x32\...\{6A53C42D-DCCD-46B7-9143-51071726A6F6}_is1) (Version: - Scand Ltd.) Outlook4Gmail 5.3.0.4920 (HKLM-x32\...\Outlook4Gmail 5.3.0.4920) (Version: 1.0.0 - Crackingpatching.com Team) Pakiet sterowników systemu Windows - MediaTek Inc. (wdm_usb) Ports (01/22/2015 3.0.1504.0) (HKLM\...\BD5E2A628C2263FAEC66A4BFF2E88B897427E4C3) (Version: 01/22/2015 3.0.1504.0 - MediaTek Inc.) PowerShell 7.3.4.0-x64 (HKLM-x32\...\{0c8df523-2e1e-44cf-a31a-7acf27a78596}) (Version: 7.3.4.0 - Microsoft Corporation) PowerShell 7.4.3.0-x64 (HKLM-x32\...\{096b98be-1da4-4dbb-922e-bc62d5033384}) (Version: 7.4.3.0 - Microsoft Corporation) PowerShell 7-preview-x64 (HKLM\...\{A2F91178-C857-4626-B091-E65CA68AD5C2}) (Version: 7.4.0.3 - Microsoft Corporation) Hidden PowerShell 7-x64 (HKLM\...\{11479679-5C7F-477F-869F-3ED956CE684D}) (Version: 7.3.4.0 - Microsoft Corporation) Hidden Rejestracja użytkownika drukarki Canon MG2400 series (HKLM-x32\...\Rejestracja użytkownika drukarki Canon MG2400 series) (Version: - ‭Canon Inc.) Rescue and Smart Assistant (HKLM-x32\...\Rescue and Smart Assistant) (Version: 6.7.3.19 - Lenovo) Revo Uninstaller 2.4.5 (HKLM\...\{A28DBDA2-3CC7-4ADC-8BFE-66D7743C6C97}_is1) (Version: 2.4.5 - VS Revo Group, Ltd.) Spotify (HKU\S-1-5-21-1721148844-3383120758-2656744015-1001\...\Spotify) (Version: 1.2.26.1187.g36b715a1 - Spotify AB) Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 19.0.19.69 - Synaptics Incorporated) Synaptics WBF Fingerprint Reader (HKLM\...\{0CDA14EC-A786-4A8B-9CDC-0B7D93AD9887}) (Version: 4.5.341.0 - Synaptics) Środowisko uruchomieniowe Microsoft Edge WebView2 (HKLM-x32\...\Microsoft EdgeWebView) (Version: 120.0.2210.77 - Microsoft Corporation) Teams Machine-Wide Installer (HKLM-x32\...\{731F6BAA-A986-45A4-8936-7C3AAAAA760B}) (Version: 1.5.0.8070 - Microsoft Corporation) TeamViewer (HKLM-x32\...\TeamViewer) (Version: 15.49.2 - TeamViewer) WinDirStat 1.1.2 (HKU\S-1-5-21-1721148844-3383120758-2656744015-1001\...\WinDirStat) (Version: - ) Windscribe (HKLM\...\{fa690e90-ddb0-4f0c-b3f1-136c084e5fc7}_is1) (Version: 2.6.14 - Windscribe Limited) Packages: ========= Canon Inkjet Print Utility -> C:\Program Files\WindowsApps\34791E63.CanonInkjetPrintUtility_3.1.0.0_neutral__6e5tt8cgb93ep [2023-10-30] (Canon Inc.) EasyMail - Email client -> C:\Program Files\WindowsApps\61545TimGrabinat.wAPPerforGmail_3.6.6.0_x64__rcb0qdgx4z9ca [2023-11-01] (Tim Grabinat) [Startup Task] HP Smart -> C:\Program Files\WindowsApps\AD2F1837.HPPrinterControl_146.2.1055.0_x64__v10z8vjag6ke6 [2023-10-30] (HP Inc.) Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\microsoft.advertising.xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2023-10-30] (Microsoft Corporation) [MS Ad] Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\microsoft.advertising.xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2023-10-30] (Microsoft Corporation) [MS Ad] Solitaire & Casual Games -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.16.3140.0_x64__8wekyb3d8bbwe [2023-10-30] (Microsoft Studios) [MS Ad] Telegram Desktop -> C:\Program Files\WindowsApps\TelegramMessengerLLP.TelegramDesktop_4.11.8.0_x64__t4vj0pshhgkwm [2023-12-15] (Telegram Messenger LLP) [Startup Task] The Grand Canyon National Park -> C:\Program Files\WindowsApps\Microsoft.TheGrandCanyonNationalPark_1.0.0.0_neutral__8wekyb3d8bbwe [2023-10-30] (Microsoft Corporation) WiFi Analyzer -> C:\Program Files\WindowsApps\19965MATTHAFNER.WIFIANALYZER_2.7.2.0_x64__gs5k5vmxr2ste [2023-12-15] (Matt Hafner) Windows Performance Analyzer -> C:\Program Files\WindowsApps\Microsoft.WindowsPerformanceAnalyzer_10.0.25398.0_x64__8wekyb3d8bbwe [2023-12-20] (Microsoft Corporation) ==================== Niestandardowe rejestracje CLSID (filtrowane): ============== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) CustomCLSID: HKU\S-1-5-21-1721148844-3383120758-2656744015-1001_Classes\CLSID\{04271989-C4D2-DE57-055F-50948AB92FB3} -> [OneDrive - MSFT] => C:\Users\Mateusz\OneDrive - MSFT [2023-12-06 13:54] CustomCLSID: HKU\S-1-5-21-1721148844-3383120758-2656744015-1001_Classes\CLSID\{19A6E644-14E6-4A60-B8D7-DD20610A871D}\InprocServer32 -> C:\Users\Mateusz\AppData\Local\Microsoft\TeamsMeetingAddin\1.0.23270.2\x64\Microsoft.Teams.AddinLoader.dll (Microsoft Corporation -> Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-1721148844-3383120758-2656744015-1001_Classes\CLSID\{7a00f557-e40c-e575-0ce7-63e1e075d970}\localserver32 -> C:\Users\Mateusz\AppData\Local\Programs\AutoDarkMode\adm-app\AutoDarkModeSvc.exe (Armin Osaj -> AutoDarkMode) CustomCLSID: HKU\S-1-5-21-1721148844-3383120758-2656744015-1001_Classes\CLSID\{820D63D5-8CFF-46DE-86AF-4997DEDD6DB5}\localserver32 -> "C:\WINDOWS\system32\igfxEM.exe" => Brak pliku CustomCLSID: HKU\S-1-5-21-1721148844-3383120758-2656744015-1001_Classes\CLSID\{d1b22d3d-8585-53a6-acb3-0e803c7e8d2a}\localserver32 -> C:\Users\Mateusz\AppData\Local\Microsoft\Teams\current\Teams.exe (Microsoft Corporation -> Microsoft Corporation) ShellIconOverlayIdentifiers: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Program Files\Microsoft OneDrive\23.246.1127.0002\FileSyncShell64.dll [2023-12-15] (Microsoft Corporation -> Microsoft Corporation) ShellIconOverlayIdentifiers: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => C:\Program Files\Microsoft OneDrive\23.246.1127.0002\FileSyncShell64.dll [2023-12-15] (Microsoft Corporation -> Microsoft Corporation) ShellIconOverlayIdentifiers: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => C:\Program Files\Microsoft OneDrive\23.246.1127.0002\FileSyncShell64.dll [2023-12-15] (Microsoft Corporation -> Microsoft Corporation) ShellIconOverlayIdentifiers: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Program Files\Microsoft OneDrive\23.246.1127.0002\FileSyncShell64.dll [2023-12-15] (Microsoft Corporation -> Microsoft Corporation) ShellIconOverlayIdentifiers: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Program Files\Microsoft OneDrive\23.246.1127.0002\FileSyncShell64.dll [2023-12-15] (Microsoft Corporation -> Microsoft Corporation) ShellIconOverlayIdentifiers: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => C:\Program Files\Microsoft OneDrive\23.246.1127.0002\FileSyncShell64.dll [2023-12-15] (Microsoft Corporation -> Microsoft Corporation) ShellIconOverlayIdentifiers: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => C:\Program Files\Microsoft OneDrive\23.246.1127.0002\FileSyncShell64.dll [2023-12-15] (Microsoft Corporation -> Microsoft Corporation) ShellIconOverlayIdentifiers-x32: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Program Files\Microsoft OneDrive\23.246.1127.0002\FileSyncShell64.dll [2023-12-15] (Microsoft Corporation -> Microsoft Corporation) ShellIconOverlayIdentifiers-x32: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => C:\Program Files\Microsoft OneDrive\23.246.1127.0002\FileSyncShell64.dll [2023-12-15] (Microsoft Corporation -> Microsoft Corporation) ShellIconOverlayIdentifiers-x32: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => C:\Program Files\Microsoft OneDrive\23.246.1127.0002\FileSyncShell64.dll [2023-12-15] (Microsoft Corporation -> Microsoft Corporation) ShellIconOverlayIdentifiers-x32: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Program Files\Microsoft OneDrive\23.246.1127.0002\FileSyncShell64.dll [2023-12-15] (Microsoft Corporation -> Microsoft Corporation) ShellIconOverlayIdentifiers-x32: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Program Files\Microsoft OneDrive\23.246.1127.0002\FileSyncShell64.dll [2023-12-15] (Microsoft Corporation -> Microsoft Corporation) ShellIconOverlayIdentifiers-x32: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => C:\Program Files\Microsoft OneDrive\23.246.1127.0002\FileSyncShell64.dll [2023-12-15] (Microsoft Corporation -> Microsoft Corporation) ShellIconOverlayIdentifiers-x32: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => C:\Program Files\Microsoft OneDrive\23.246.1127.0002\FileSyncShell64.dll [2023-12-15] (Microsoft Corporation -> Microsoft Corporation) ContextMenuHandlers1: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files\Microsoft OneDrive\23.246.1127.0002\FileSyncShell64.dll [2023-12-15] (Microsoft Corporation -> Microsoft Corporation) ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2019-02-21] (Igor Pavlov) [Brak podpisu cyfrowego] ContextMenuHandlers2: [BigAngryDog_HWipe] -> {B0FFE529-A5D3-4ECE-91C0-9E3585C373D8} => C:\Program Files\Hardwipe\hw-bin\hwshell.dll [2017-04-03] (Big Angry Dog Ltd -> Big Angry Dog) ContextMenuHandlers3: [BigAngryDog_HWipe] -> {8154B7C1-BB68-457C-931A-5BFABBA86CD9} => C:\Program Files\Hardwipe\hw-bin\hwshell.dll [2017-04-03] (Big Angry Dog Ltd -> Big Angry Dog) ContextMenuHandlers4: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files\Microsoft OneDrive\23.246.1127.0002\FileSyncShell64.dll [2023-12-15] (Microsoft Corporation -> Microsoft Corporation) ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2019-02-21] (Igor Pavlov) [Brak podpisu cyfrowego] ContextMenuHandlers5: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files\Microsoft OneDrive\23.246.1127.0002\FileSyncShell64.dll [2023-12-15] (Microsoft Corporation -> Microsoft Corporation) ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => C:\WINDOWS\system32\igfxpph.dll [2017-03-09] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation) ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\system32\igfxDTCM.dll -> Brak pliku ContextMenuHandlers6: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2019-02-21] (Igor Pavlov) [Brak podpisu cyfrowego] ==================== Codecs (filtrowane) ==================== ==================== Skróty & WMI ======================== ==================== Załadowane moduły (filtrowane) ============= 2023-12-06 14:22 - 2021-06-28 23:35 - 000220160 _____ () [Brak podpisu cyfrowego] [Plik w użyciu] C:\Users\Mateusz\AppData\Local\Programs\AutoDarkMode\adm-app\YamlDotNet.dll 2022-12-23 19:44 - 2022-12-23 19:44 - 000051712 _____ () [Brak podpisu cyfrowego] C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Locale\pl_pl\PDFMaker\PDFMOutlookAddin.POL 2023-10-08 14:11 - 2023-09-11 15:25 - 000083968 _____ () [Brak podpisu cyfrowego] C:\Program Files\MiniTool ShadowMaker\coresync.dll 2023-11-01 14:46 - 2023-10-20 17:38 - 000239104 _____ () [Brak podpisu cyfrowego] C:\Users\Mateusz\AppData\Roaming\Spotify\DPAPI.dll 2023-12-06 14:21 - 2023-09-24 16:29 - 000911872 _____ (AutoDarkMode) [Brak podpisu cyfrowego] [Plik w użyciu] C:\Users\Mateusz\AppData\Local\Programs\AutoDarkMode\adm-app\AutoDarkModeSvc.dll 2023-12-06 14:21 - 2023-09-24 16:29 - 000137216 _____ (AutoDarkModeLib) [Brak podpisu cyfrowego] [Plik w użyciu] C:\Users\Mateusz\AppData\Local\Programs\AutoDarkMode\adm-app\AutoDarkModeLib.dll 2023-12-06 14:22 - 2023-09-24 16:29 - 000037376 _____ (AutoDarkModeLib) [Brak podpisu cyfrowego] [Plik w użyciu] C:\Users\Mateusz\AppData\Local\Programs\AutoDarkMode\adm-app\pl\AutoDarkModeLib.resources.dll 2023-10-08 14:11 - 2023-09-11 15:25 - 000067584 _____ (Chengdu Speed Digital Technology Co..Ltd.) [Brak podpisu cyfrowego] C:\Program Files\MiniTool ShadowMaker\ChannelNetFileInfo.dll 2023-10-08 14:11 - 2023-09-11 15:25 - 000159744 _____ (Chengdu Speed Digital Technology Co..Ltd.) [Brak podpisu cyfrowego] C:\Program Files\MiniTool ShadowMaker\FileInfoCommon.dll 2023-04-24 16:53 - 2023-04-24 16:53 - 000000000 ____L (Microsoft Corporation) [symlink -> C:\Program Files\Common Files\Microsoft Shared\ClickToRun\AppvIsvSubsystems64.dll] C:\Program Files\Microsoft Office\root\Client\AppVIsvSubsystems64.dll 2023-04-24 16:53 - 2023-04-24 16:53 - 000000000 ____L (Microsoft Corporation) [symlink -> C:\Program Files\Common Files\Microsoft Shared\ClickToRun\AppvIsvSubsystems64.dll] C:\Program Files\Microsoft Office\root\Office16\AppVIsvSubsystems64.dll 2023-04-24 16:53 - 2023-04-24 16:53 - 000000000 ____L (Microsoft Corporation) [symlink -> C:\Program Files\Common Files\Microsoft Shared\ClickToRun\C2R64.dll] C:\Program Files\Microsoft Office\root\Office16\c2r64.dll 2023-04-24 16:53 - 2023-04-24 16:53 - 000000000 ____L (Microsoft Corporation) [symlink -> C:\Program Files\Common Files\Microsoft Shared\ClickToRun\C2R64.dll] C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\OFFICE16\c2r64.dll 2023-12-06 14:21 - 2022-09-01 23:27 - 000832512 _____ (NLog) [Brak podpisu cyfrowego] [Plik w użyciu] C:\Users\Mateusz\AppData\Local\Programs\AutoDarkMode\adm-app\NLog.dll 2023-12-20 11:54 - 2020-07-24 15:57 - 001799168 _____ (Robert Simpson, et al.) [Brak podpisu cyfrowego] [Plik w użyciu] C:\Program Files (x86)\Scand Ltd\Outlook4Gmail\x64\System.Data.SQLite.dll 2023-10-08 14:11 - 2023-09-11 15:25 - 001267200 _____ (TODO: ) [Brak podpisu cyfrowego] C:\Program Files\MiniTool ShadowMaker\core7z.dll ==================== Alternate Data Streams (filtrowane) ======== ==================== Tryb awaryjny (filtrowane) ================== ==================== Powiązania plików (filtrowane) ================= ==================== Internet Explorer (filtrowane) ========== BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\Office16\OCHelper.dll [2023-12-05] (Microsoft Corporation -> Microsoft Corporation) BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2023-12-05] (Microsoft Corporation -> Microsoft Corporation) Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2023-12-05] (Microsoft Corporation -> Microsoft Corporation) Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2023-12-05] (Microsoft Corporation -> Microsoft Corporation) Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2023-12-05] (Microsoft Corporation -> Microsoft Corporation) Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2023-12-05] (Microsoft Corporation -> Microsoft Corporation) Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2023-12-05] (Microsoft Corporation -> Microsoft Corporation) Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2023-12-05] (Microsoft Corporation -> Microsoft Corporation) Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2023-12-05] (Microsoft Corporation -> Microsoft Corporation) Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2023-12-05] (Microsoft Corporation -> Microsoft Corporation) (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru.) IE trusted site: HKU\S-1-5-21-1721148844-3383120758-2656744015-1001\...\download.microsoft.com -> hxxp://download.microsoft.com IE trusted site: HKU\S-1-5-21-1721148844-3383120758-2656744015-1001\...\download.windowsupdate.com -> hxxp://download.windowsupdate.com IE trusted site: HKU\S-1-5-21-1721148844-3383120758-2656744015-1001\...\download.windowsupdate.com -> hxxps://download.windowsupdate.com IE trusted site: HKU\S-1-5-21-1721148844-3383120758-2656744015-1001\...\microsoft.com -> hxxp://ntservicepack.microsoft.com IE trusted site: HKU\S-1-5-21-1721148844-3383120758-2656744015-1001\...\ntservicepack.microsoft.com -> hxxp://ntservicepack.microsoft.com IE trusted site: HKU\S-1-5-21-1721148844-3383120758-2656744015-1001\...\sharepoint.com -> hxxps://5r8yq5-files.sharepoint.com IE trusted site: HKU\S-1-5-21-1721148844-3383120758-2656744015-1001\...\update.microsoft.com -> hxxp://update.microsoft.com IE trusted site: HKU\S-1-5-21-1721148844-3383120758-2656744015-1001\...\update.microsoft.com -> hxxps://update.microsoft.com IE trusted site: HKU\S-1-5-21-1721148844-3383120758-2656744015-1001\...\windows.com -> hxxp://wustat.windows.com IE trusted site: HKU\S-1-5-21-1721148844-3383120758-2656744015-1001\...\windowsupdate.com -> hxxp://download.windowsupdate.com IE trusted site: HKU\S-1-5-21-1721148844-3383120758-2656744015-1001\...\windowsupdate.com -> hxxps://download.windowsupdate.com IE trusted site: HKU\S-1-5-21-1721148844-3383120758-2656744015-1001\...\windowsupdate.microsoft.com -> hxxp://windowsupdate.microsoft.com IE trusted site: HKU\S-1-5-21-1721148844-3383120758-2656744015-1001\...\ws.microsoft.com -> hxxp://ws.microsoft.com IE trusted site: HKU\S-1-5-21-1721148844-3383120758-2656744015-1001\...\ws.microsoft.com -> hxxps://ws.microsoft.com IE trusted site: HKU\S-1-5-21-1721148844-3383120758-2656744015-1001\...\wustat.windows.com -> hxxp://wustat.windows.com ==================== Hosts - zawartość: ========================= (Użycie dyrektywy Hosts: w fixlist spowoduje reset pliku Hosts.) 2023-04-20 22:19 - 2023-05-22 18:01 - 000001594 ____R C:\WINDOWS\system32\drivers\etc\hosts 127.0.0.1 lm.licenses.adobe.com 127.0.0.1 lmlicenses.wip4.adobe.com 127.0.0.1 activate.adobe.com 127.0.0.1 activate.wip4.adobe.com 127.0.0.1 practivate.adobe.com 127.0.0.1 practivate-da1.adobe.com 127.0.0.1 na1r.services.adobe.com 127.0.0.1 hlrcv.stage.adobe.com 127.0.0.1 uds.licenses.adobe.com 127.0.0.1 licenses.adobe.com 127.0.0.1 license.adobe.com 127.0.0.1 helpexamples.com 127.0.0.1 activate-sea.adobe.com 127.0.0.1 activate-sjc0.adobe.com 127.0.0.1 ereg.adobe.com 127.0.0.1 activate.adobe.com 127.0.0.1 na1r.services.adobe.com 127.0.0.1 activate.wip3.adobe.com 127.0.0.1 wip3.adobe.com 127.0.0.1 ereg.wip3.adobe.com 127.0.0.1 wwis-dubc1-vip60.adobe.com 127.0.0.1 genuine.adobe.com 127.0.0.1 prod.adobegenuine.com 2023-03-18 15:11 - 2023-07-01 12:46 - 000000499 _____ C:\WINDOWS\system32\drivers\etc\hosts.ics ==================== Inne obszary =========================== (Obecnie brak automatycznej naprawy dla tej sekcji.) HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files\Hardwipe\;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;%SYSTEMROOT%\System32\OpenSSH\;C:\Program Files\PowerShell\7\;C:\Program Files\PowerShell\7-preview\preview HKU\S-1-5-21-1721148844-3383120758-2656744015-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Mateusz\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper DNS Servers: 192.168.0.1 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1) Zapora systemu Windows [funkcja włączona] ==================== MSCONFIG/TASK MANAGER - Wyłączone elementy == (Załączenie wejścia w fixlist spowoduje jego usunięcie.) HKLM\...\StartupApproved\Run: => "SecurityHealth" HKLM\...\StartupApproved\Run: => "AdobeGCInvoker-1.0" HKLM\...\StartupApproved\Run: => "AdobeAAMUpdater-1.0" HKLM\...\StartupApproved\Run: => "iTunesHelper" HKLM\...\StartupApproved\Run: => "MTPW" HKLM\...\StartupApproved\Run32: => "TeamsMachineInstaller" HKLM\...\StartupApproved\Run32: => "QLBController" HKU\S-1-5-21-1721148844-3383120758-2656744015-1001\...\StartupApproved\Run: => "MicrosoftEdgeAutoLaunch_F502BC3D98577EA417432B54C307145D" HKU\S-1-5-21-1721148844-3383120758-2656744015-1001\...\StartupApproved\Run: => "OneDrive" ==================== Reguły Zapory systemu Windows (filtrowane) ================ (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) FirewallRules: [TCP Query User{EC306619-BF6F-437E-BF5B-86B10F4A6620}C:\users\mateusz\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\mateusz\appdata\roaming\spotify\spotify.exe (Spotify AB -> Spotify Ltd) FirewallRules: [UDP Query User{3F2593EC-627A-4836-AB6E-23A644EA5269}C:\users\mateusz\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\mateusz\appdata\roaming\spotify\spotify.exe (Spotify AB -> Spotify Ltd) FirewallRules: [TCP Query User{51C1141B-7A5E-41F0-ACF8-FAB33B02AA51}C:\users\mateusz\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\mateusz\appdata\roaming\spotify\spotify.exe (Spotify AB -> Spotify Ltd) FirewallRules: [UDP Query User{3A17D9F1-6424-4DFE-8310-2CF02A997753}C:\users\mateusz\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\mateusz\appdata\roaming\spotify\spotify.exe (Spotify AB -> Spotify Ltd) FirewallRules: [{4B2ECF5B-A91A-4000-84EB-BE1047E56358}] => (Allow) C:\Program Files\Rescue and Smart Assistant\Rescue and Smart Assistant.exe (Lenovo -> ) FirewallRules: [{0EC9E180-3D5E-4804-A8A7-B328D25D98E3}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\120.0.2210.77\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [TCP Query User{E36AFBFD-FE2C-4333-9679-287497C90975}C:\users\mateusz\appdata\local\microsoft\teams\current\teams.exe] => (Allow) C:\users\mateusz\appdata\local\microsoft\teams\current\teams.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [UDP Query User{165E5224-9A33-4B87-82EA-090887DEAE84}C:\users\mateusz\appdata\local\microsoft\teams\current\teams.exe] => (Allow) C:\users\mateusz\appdata\local\microsoft\teams\current\teams.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [{F0F30A6C-9197-48BB-A262-5E524F99AF7F}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation) FirewallRules: [{672944C8-CACA-4A20-9E65-9272C329C609}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation) FirewallRules: [{2D368079-0621-4BB4-B6E3-093236351125}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC) FirewallRules: [{8BC1B751-1D55-40AD-A504-F1B01C938038}] => (Allow) C:\Program Files\MiniTool ShadowMaker\AgentService.exe (MiniTool Software Limited -> ) FirewallRules: [{3529ABC1-8E21-42B5-AD1D-CCFB4A0DDE45}] => (Allow) C:\Program Files\MiniTool ShadowMaker\AgentService.exe (MiniTool Software Limited -> ) FirewallRules: [{350582BF-D091-4392-AECB-3821F24035E0}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH) FirewallRules: [{A8F3499B-26D4-4297-8D05-E24972262C10}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH) FirewallRules: [{DED0B3DC-986D-4185-848D-7E0FC67CE2CA}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH) FirewallRules: [{C9F68C46-84B0-4FC7-B6BB-BF0D404FC90C}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH) ==================== Punkty Przywracania systemu ========================= 06-12-2023 00:01:36 Revo Uninstaller's restore point - Outlook4Gmail 5.4.0 13-12-2023 21:30:20 Installed Motorola Mobile Drivers Installation 6.4.0 15-12-2023 21:55:08 Installed Hardwipe 5.2.1 ==================== Wadliwe urządzenia w Menedżerze urządzeń ============ Name: HP Mobile Data Protection Sensor Description: HP Mobile Data Protection Sensor Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318} Manufacturer: Hewlett-Packard Service: Accelerometer Problem: : The software for this device has been blocked from starting because it is known to have problems with Windows. Contact the hardware vendor for a new driver. (Code 48) Resolution: Download the latest drivers from the manufacturer, uninstall the current driver, and then install the latest drivers. ==================== Błędy w Dzienniku zdarzeń: ======================== Dziennik Aplikacja: ================== Error: (12/21/2023 07:27:23 PM) (Source: Microsoft-Windows-User Profiles Service) (EventID: 1500) (User: Font Driver Host) Description: System Windows nie może wykonać logowania, ponieważ nie można załadować Twojego profilu. Sprawdź, czy masz połączenie z siecią i czy sieć działa poprawnie. SZCZEGÓŁY - Odmowa dostępu. Error: (12/21/2023 07:27:23 PM) (Source: Microsoft-Windows-User Profiles Service) (EventID: 1533) (User: ZARZĄDZANIE NT) Description: System Windows nie może usunąć katalogu profilów C:\Users\TEMP. Przyczyną błędu może być to, że pliki w tym katalogu są używane przez inny program. SZCZEGÓŁY — Odmowa dostępu. Error: (12/21/2023 07:27:23 PM) (Source: Microsoft-Windows-User Profiles Service) (EventID: 1511) (User: Font Driver Host) Description: System Windows nie może znaleźć profilu lokalnego i loguje użytkownika przy użyciu profilu tymczasowego. Zmiany wprowadzone w profilu zostaną utracone po wylogowaniu. Error: (12/21/2023 07:27:23 PM) (Source: Microsoft-Windows-User Profiles Service) (EventID: 1533) (User: ZARZĄDZANIE NT) Description: System Windows nie może usunąć katalogu profilów C:\Users\UMFD-0. Przyczyną błędu może być to, że pliki w tym katalogu są używane przez inny program. SZCZEGÓŁY — Odmowa dostępu. Error: (12/21/2023 07:21:09 PM) (Source: Firefox Default Browser Agent) (EventID: 2) (User: ) Description: Event-ID 2 Error: (12/21/2023 07:18:48 PM) (Source: CertEnroll) (EventID: 87) (User: ZARZĄDZANIE NT) Description: Rejestracja certyfikatu SCEP dla elementu WORKGROUP\MATOVO$ za pośrednictwem elementu https://IFX-KeyId-4c4b4d648908e45bfe5a10d36387a688aec1cf78.microsoftaik.azure.net/templates/Aik/scep nie powiodła się: SubmitDone Submit(Request): Bad Request {"Message":"No valid TPM EK/Platform certificate provided in the TPM identity request message."} HTTP/1.1 400 Bad Request Date: Thu, 21 Dec 2023 18:18:48 GMT Content-Length: 96 Content-Type: application/json; charset=utf-8 X-Content-Type-Options: nosniff Strict-Transport-Security: max-age=31536000;includeSubDomains x-ms-request-id: 2e470b23-ed38-4168-9482-dcd0bdba14c0 Metoda: POST(8047ms) Etap: SubmitDone Nieprawidłowe żądanie (400). 0x80190190 (-2145844848 HTTP_E_STATUS_BAD_REQUEST) Error: (12/20/2023 11:06:31 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Nazwa aplikacji powodującej błąd: MBAMService.exe, wersja: 3.2.0.1265, sygnatura czasowa: 0x6564640b Nazwa modułu powodującego błąd: mbae-api-na.dll_unloaded, wersja: 1.13.4.568, sygnatura czasowa: 0x653fca22 Kod wyjątku: 0xc0000005 Przesunięcie błędu: 0x0000000000038b62 Identyfikator procesu powodującego błąd: 0x1278 Godzina uruchomienia aplikacji powodującej błąd: 0x01da338e94350844 Ścieżka aplikacji powodującej błąd: C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe Ścieżka modułu powodującego błąd: mbae-api-na.dll Identyfikator raportu: 393c11b4-ab6d-4e8e-a36f-f46455664053 Pełna nazwa pakietu powodującego błąd: Identyfikator aplikacji względem pakietu powodującego błąd: Error: (12/20/2023 11:06:19 PM) (Source: SecurityCenter) (EventID: 17) (User: ) Description: Centrum zabezpieczeń nie może zweryfikować obiektu wywołującego z powodu błędu %1. Dziennik System: ============= Error: (12/22/2023 01:37:15 AM) (Source: Service Control Manager) (EventID: 7023) (User: ) Description: Usługa wuauserv zakończyła działanie; wystąpił następujący błąd: Nie można odnaleźć określonego pliku. Error: (12/22/2023 01:37:10 AM) (Source: Service Control Manager) (EventID: 7023) (User: ) Description: Usługa wuauserv zakończyła działanie; wystąpił następujący błąd: Nie można odnaleźć określonego pliku. Error: (12/22/2023 01:37:07 AM) (Source: DCOM) (EventID: 10010) (User: MATOVO) Description: Serwer {B91D5831-B1BD-4608-8198-D72E155020F7} nie zarejestrował się w modelu DCOM w wymaganym czasie. Error: (12/22/2023 01:35:07 AM) (Source: Service Control Manager) (EventID: 7023) (User: ) Description: Usługa UsoSvc zakończyła działanie; wystąpił następujący błąd: Nie można odnaleźć określonego pliku. Error: (12/22/2023 01:29:57 AM) (Source: DCOM) (EventID: 10010) (User: ZARZĄDZANIE NT) Description: Serwer {E60687F7-01A1-40AA-86AC-DB1CBF673334} nie zarejestrował się w modelu DCOM w wymaganym czasie. Error: (12/22/2023 01:27:57 AM) (Source: Service Control Manager) (EventID: 7023) (User: ) Description: Usługa wuauserv zakończyła działanie; wystąpił następujący błąd: Nie można odnaleźć określonego pliku. Error: (12/22/2023 01:27:36 AM) (Source: DCOM) (EventID: 10010) (User: ZARZĄDZANIE NT) Description: Serwer {E60687F7-01A1-40AA-86AC-DB1CBF673334} nie zarejestrował się w modelu DCOM w wymaganym czasie. Error: (12/22/2023 01:25:36 AM) (Source: Service Control Manager) (EventID: 7023) (User: ) Description: Usługa wuauserv zakończyła działanie; wystąpił następujący błąd: Nie można odnaleźć określonego pliku. Windows Defender: ================ Date: 2023-03-18 14:13:21 Description: Skanowanie produktu Program antywirusowy Microsoft Defender zostało zatrzymane przed ukończeniem. Identyfikator skanowania: {D3FB88B7-9A4C-409B-BEEE-4F14726682E3} Typ skanowania: Narzędzia chroniące przed złośliwym oprogramowaniem Parametry skanowania: Szybkie skanowanie Użytkownik: ZARZĄDZANIE NT\SYSTEM Date: 2023-03-15 22:33:00 Description: Skanowanie produktu Program antywirusowy Microsoft Defender zostało zatrzymane przed ukończeniem. Identyfikator skanowania: {C4DDFEE7-621C-4751-B3D0-168ED840CA99} Typ skanowania: Narzędzia chroniące przed złośliwym oprogramowaniem Parametry skanowania: Szybkie skanowanie Użytkownik: ZARZĄDZANIE NT\SYSTEM Date: 2023-03-14 21:04:41 Description: Skanowanie produktu Program antywirusowy Microsoft Defender zostało zatrzymane przed ukończeniem. Identyfikator skanowania: {945823D1-2BD5-4795-95CA-5482A883E886} Typ skanowania: Narzędzia chroniące przed złośliwym oprogramowaniem Parametry skanowania: Szybkie skanowanie Użytkownik: ZARZĄDZANIE NT\SYSTEM Date: 2023-03-10 17:01:14 Description: Skanowanie produktu Program antywirusowy Microsoft Defender zostało zatrzymane przed ukończeniem. Identyfikator skanowania: {385589E2-ABFE-4B1B-8B0F-5833032BF65B} Typ skanowania: Narzędzia chroniące przed złośliwym oprogramowaniem Parametry skanowania: Szybkie skanowanie Użytkownik: ZARZĄDZANIE NT\SYSTEM Date: 2023-03-09 20:48:03 Description: Produkt Program antywirusowy Microsoft Defender wykrył złośliwe oprogramowanie lub inne potencjalnie niechciane oprogramowanie. Aby uzyskać więcej informacji, zobacz: https://go.microsoft.com/fwlink/?linkid=37020&name=Trojan:Win64/ThemidaPacked&threatid=2147832058&enterprise=0 Nazwa: Trojan:Win64/ThemidaPacked Identyfikator: 2147832058 Ważność: Poważny Kategoria: Koń trojański Ścieżka: file:_C:\Ross-Tech\VCDS-Lite\VCDSLite.exe Pochodzenie wykrycia: Komputer lokalny Typ wykrycia: FastPath Źródło wykrycia: Ochrona w czasie rzeczywistym Użytkownik: MATOVO\Mateusz Nazwa procesu: C:\Windows\explorer.exe Wersja analizy zabezpieczeń: AV: 1.383.1379.0, AS: 1.383.1379.0, NIS: 1.383.1379.0 Wersja aparatu: AM: 1.1.20000.2, NIS: 1.1.20000.2  CodeIntegrity: =============== Date: 2023-12-22 01:34:42 Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements. ==================== Statystyki pamięci =========================== BIOS: Hewlett-Packard 68IBD Ver. F.73 04/12/2019 Płyta główna: Hewlett-Packard 18DF Procesor: Intel(R) Core(TM) i5-3427U CPU @ 1.80GHz Procent pamięci w użyciu: 68% Całkowita pamięć fizyczna: 8055.27 MB Dostępna pamięć fizyczna: 2513.45 MB Całkowita pamięć wirtualna: 14199.27 MB Dostępna pamięć wirtualna: 7549.04 MB ==================== Dyski ================================ Drive c: () (Fixed) (Total:449.47 GB) (Free:165.59 GB) (Model: SSDPR-CX400-512) NTFS Drive d: () (Fixed) (Total:0 GB) (Free:0 GB) (Model: SSDPR-CX400-512) \\?\Volume{ca115d1c-67ec-4188-8cd6-d3f9e851e18c}\ () (Fixed) (Total:0 GB) (Free:0 GB) \\?\Volume{aa5165da-7abc-4673-a4ce-e5b1d52103f4}\ () (Fixed) (Total:0.09 GB) (Free:0.06 GB) FAT32 ==================== MBR & Tablica partycji ==================== ========================================================== Disk: 0 (Protective MBR) (Size: 476.9 GB) (Disk ID: 00000000) Partition: GPT. ==================== Koniec Addition.txt =======================