Rezultaty skanu uzupełniającego Farbar Recovery Scan Tool (x64) Wersja: 06.04.2024 Uruchomiony przez 30pingu (09-04-2024 17:33:05) Uruchomiony z C:\Users\miete\Desktop Microsoft Windows 11 Home Wersja 23H2 22631.3374 (X64) (2024-04-07 09:28:28) Tryb startu: Normal ========================================================== ==================== Konta użytkowników: ============================= (Załączenie wejścia w fixlist spowoduje jego usunięcie.) 30pingu (S-1-5-21-3294184972-935576208-774461254-1001 - Administrator - Enabled) => C:\Users\miete Administrator (S-1-5-21-3294184972-935576208-774461254-500 - Administrator - Disabled) Gość (S-1-5-21-3294184972-935576208-774461254-501 - Limited - Disabled) Konto domyślne (S-1-5-21-3294184972-935576208-774461254-503 - Limited - Disabled) WDAGUtilityAccount (S-1-5-21-3294184972-935576208-774461254-504 - Limited - Disabled) ==================== Centrum zabezpieczeń ======================== (Załączenie wejścia w fixlist spowoduje jego usunięcie.) AV: Malwarebytes (Enabled - Up to date) {0D452135-A081-B000-D6B6-132E52638543} AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AV: Kaspersky Anti-Virus (Enabled - Up to date) {4F76F112-43EB-40E8-11D8-F7BD1853EA23} ==================== Zainstalowane programy ====================== (W fixlist dozwolone tylko załączanie programów adware z flagą "Hidden" w celu ich uwidocznienia. Programy adware powinny zostać w poprawny sposób odinstalowane.) Discord (HKU\S-1-5-21-3294184972-935576208-774461254-1001\...\Discord) (Version: 1.0.9003 - Discord Inc.) Feather Launcher (HKLM\...\cb3d390f-61d8-588c-9dbc-20097422bee3) (Version: 1.6.0 - Digital Ingot, Inc.) Java 8 Update 401 (HKLM-x32\...\{71024AE4-039E-4CA4-87B4-2F32180401F0}) (Version: 8.0.4010.10 - Oracle Corporation) Kaspersky Anti-Virus (HKLM-x32\...\{4FC79BE9-AD63-46C0-9626-E4F6BCE6A976}) (Version: 21.3.10.391 - Kaspersky) Hidden Kaspersky Anti-Virus (HKLM-x32\...\InstallWIX_{4FC79BE9-AD63-46C0-9626-E4F6BCE6A976}) (Version: 21.3.10.391 - Kaspersky) Kaspersky Password Manager (HKLM-x32\...\{5D66829D-D194-42F8-A27B-BB99BE9CD1F4}) (Version: 24.0.0.427 - Kaspersky) Hidden Kaspersky Password Manager (HKLM-x32\...\InstallWIX_{5D66829D-D194-42F8-A27B-BB99BE9CD1F4}) (Version: 24.0.0.427 - Kaspersky) liquidlauncher (HKLM\...\{5DD087FD-D007-452C-B5DA-E7C18D08CAC3}) (Version: 0.2.5 - CCBlueX) Malwarebytes version 5.1.2.109 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 5.1.2.109 - Malwarebytes) Microsoft .NET Host - 6.0.26 (x86) (HKLM-x32\...\{C912D2DF-06E9-49D2-9CBB-96AB945AC2DC}) (Version: 48.104.7000 - Microsoft Corporation) Hidden Microsoft .NET Host FX Resolver - 6.0.26 (x86) (HKLM-x32\...\{B69C5B6E-E6D4-4DF8-B71D-8BC56D025D9A}) (Version: 48.104.7000 - Microsoft Corporation) Hidden Microsoft .NET Runtime - 6.0.26 (x86) (HKLM-x32\...\{0E018729-7EC9-4539-BA27-7F010E3D4FDC}) (Version: 48.104.7000 - Microsoft Corporation) Hidden Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 123.0.2420.81 - Microsoft Corporation) Microsoft Update Health Tools (HKLM\...\{C6FD611E-7EFE-488C-A0E0-974C09EF6473}) (Version: 5.72.0.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40649 (HKLM-x32\...\{5d0723d3-cff7-4e07-8d0b-ada737deb5e6}) (Version: 12.0.40649.5 - Microsoft Corporation) Microsoft Visual C++ 2013 x64 Additional Runtime - 12.0.40649 (HKLM\...\{20C1086D-C843-36B1-B678-990089D1BD44}) (Version: 12.0.40649 - Microsoft Corporation) Hidden Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.40649 (HKLM\...\{ABB19BB4-838D-3082-BDA4-87C6604181A2}) (Version: 12.0.40649 - Microsoft Corporation) Hidden Microsoft Visual C++ 2015-2019 Redistributable (x86) - 14.28.29334 (HKLM-x32\...\{b2d0f752-adc5-496e-8f70-8669de01f746}) (Version: 14.28.29334.0 - Microsoft Corporation) Microsoft Visual C++ 2015-2022 Redistributable (x64) - 14.30.30708 (HKLM-x32\...\{ee198d9f-cfe1-4f8a-bf5f-7b1be355b63d}) (Version: 14.30.30708.0 - Microsoft Corporation) Microsoft Visual C++ 2019 X86 Additional Runtime - 14.28.29334 (HKLM-x32\...\{14C49FC8-3E9B-4F29-8526-26629B5CF30B}) (Version: 14.28.29334 - Microsoft Corporation) Hidden Microsoft Visual C++ 2019 X86 Minimum Runtime - 14.28.29334 (HKLM-x32\...\{0D01A812-82A1-481F-8546-8E28E976F8DF}) (Version: 14.28.29334 - Microsoft Corporation) Hidden Microsoft Visual C++ 2022 X64 Additional Runtime - 14.30.30708 (HKLM\...\{12A2980B-E47B-491B-92F5-0BC703841ED4}) (Version: 14.30.30708 - Microsoft Corporation) Hidden Microsoft Visual C++ 2022 X64 Minimum Runtime - 14.30.30708 (HKLM\...\{AE043016-3897-41D4-870B-1DAEE62CF152}) (Version: 14.30.30708 - Microsoft Corporation) Hidden Microsoft Windows Desktop Runtime - 6.0.26 (x86) (HKLM-x32\...\{185963d2-4c1e-4ef1-a6a4-5219e12fb512}) (Version: 6.0.26.33205 - Microsoft Corporation) Microsoft Windows Desktop Runtime - 6.0.26 (x86) (HKLM-x32\...\{1F64DDDC-3D6E-40FC-A0B2-FC5FD649ACD9}) (Version: 48.104.6996 - Microsoft Corporation) Hidden OBS Studio (HKLM-x32\...\OBS Studio) (Version: 30.1.2 - OBS Project) Opera GX Stable 107.0.5045.86 (HKU\S-1-5-21-3294184972-935576208-774461254-1001\...\Opera GX 107.0.5045.86) (Version: 107.0.5045.86 - Opera Software) Proton Drive (HKLM\...\{2EB4FA05-A7CB-481A-9977-33FACC79072A}) (Version: 1.5.1 - Proton AG) Hidden Proton Drive (HKLM\...\Proton Drive 1.5.1) (Version: 1.5.1 - Proton AG) Proton VPN (HKLM\...\Proton VPN_is1) (Version: 3.2.11 - Proton AG) Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation) Środowisko uruchomieniowe Microsoft Edge WebView2 (HKLM-x32\...\Microsoft EdgeWebView) (Version: 123.0.2420.81 - Microsoft Corporation) Packages: ========= Dev Home (Preview) -> C:\Program Files\WindowsApps\Microsoft.Windows.DevHome_0.1201.442.0_x64__8wekyb3d8bbwe [2024-04-07] (Microsoft Corporation) Microsoft Family -> C:\Program Files\WindowsApps\MicrosoftCorporationII.MicrosoftFamily_0.2.40.0_x64__8wekyb3d8bbwe [2024-04-07] (Microsoft Corp.) Microsoft.BingSearch -> C:\Program Files\WindowsApps\Microsoft.BingSearch_1.0.91.0_x64__8wekyb3d8bbwe [2024-04-09] (Microsoft Corporation) Microsoft.Windows.Ai.Copilot.Provider -> C:\Program Files\WindowsApps\microsoft.windows.ai.copilot.provider_1.0.3.0_neutral__8wekyb3d8bbwe [2024-04-07] (Microsoft Corporation) Microsoft.WindowsAppRuntime.CBS -> C:\Windows\SystemApps\Microsoft.WindowsAppRuntime.CBS_8wekyb3d8bbwe [2024-04-07] (Microsoft Corporation) MicrosoftWindows.CrossDevice -> C:\Program Files\WindowsApps\MicrosoftWindows.CrossDevice_1.24031.69.0_x64__cw5n1h2txyewy [2024-04-09] (Microsoft Windows) [Startup Task] NVIDIA Control Panel -> C:\Program Files\WindowsApps\nvidiacorp.nvidiacontrolpanel_8.1.965.0_x64__56jybvy8sckqj [2024-04-07] (NVIDIA Corp.) Power Automate -> C:\Program Files\WindowsApps\Microsoft.PowerAutomateDesktop_11.2403.237.0_x64__8wekyb3d8bbwe [2024-04-07] (Microsoft Corporation) [Startup Task] Realtek Audio Control -> C:\Program Files\WindowsApps\RealtekSemiconductorCorp.RealtekAudioControl_1.1.137.0_x64__dt26b99r8h8gj [2024-04-07] (Realtek Semiconductor Corp) Spotify Music -> C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.234.783.0_x64__zpdnekdrzrea0 [2024-04-07] (Spotify AB) [Startup Task] Windows Feature Experience Pack -> C:\Windows\SystemApps\MicrosoftWindows.Client.FileExp_cw5n1h2txyewy [2024-04-07] (Microsoft Corporation) ==================== Niestandardowe rejestracje CLSID (filtrowane): ============== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) CustomCLSID: HKU\S-1-5-21-3294184972-935576208-774461254-1001_Classes\CLSID\{1dcb280c-9699-aefe-803c-2007c35cbb5a}\localserver32 -> C:\Program Files\Proton\Drive\ProtonDrive.exe (Proton AG -> Proton AG) CustomCLSID: HKU\S-1-5-21-3294184972-935576208-774461254-1001_Classes\CLSID\{4e6f7264-5650-4e00-0000-000000000000}\localserver32 -> "C:\Program Files\NordVPN\NordVPN.exe" -ToastActivated => Brak pliku CustomCLSID: HKU\S-1-5-21-3294184972-935576208-774461254-1001_Classes\CLSID\{50726f74-6f6e-2e56-504e-000000000000}\localserver32 -> C:\Program Files\Proton\VPN\v3.2.11\ProtonVPN.exe (Proton AG -> ) CustomCLSID: HKU\S-1-5-21-3294184972-935576208-774461254-1001_Classes\CLSID\{C5DC3F2C-3BFE-4854-94CB-2018A0BDE534} -> [Proton Drive] => C:\Users\miete\Proton Drive\mieteq2009 [2024-04-08 13:47] ShellIconOverlayIdentifiers: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => -> Brak pliku ShellIconOverlayIdentifiers: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => -> Brak pliku ShellIconOverlayIdentifiers: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => -> Brak pliku ShellIconOverlayIdentifiers: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => -> Brak pliku ShellIconOverlayIdentifiers: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => -> Brak pliku ShellIconOverlayIdentifiers: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => -> Brak pliku ShellIconOverlayIdentifiers: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => -> Brak pliku ShellIconOverlayIdentifiers-x32: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => -> Brak pliku ShellIconOverlayIdentifiers-x32: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => -> Brak pliku ShellIconOverlayIdentifiers-x32: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => -> Brak pliku ShellIconOverlayIdentifiers-x32: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => -> Brak pliku ShellIconOverlayIdentifiers-x32: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => -> Brak pliku ShellIconOverlayIdentifiers-x32: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => -> Brak pliku ShellIconOverlayIdentifiers-x32: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => -> Brak pliku ContextMenuHandlers1: [Kaspersky Anti-Virus 21.3] -> {37303E08-14C9-4FC3-B1D9-7993682A4691} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 21.3\x64\shellex.dll [2024-04-07] (AO Kaspersky Lab -> AO Kaspersky Lab) ContextMenuHandlers2: [Kaspersky Anti-Virus 21.3] -> {37303E08-14C9-4FC3-B1D9-7993682A4691} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 21.3\x64\shellex.dll [2024-04-07] (AO Kaspersky Lab -> AO Kaspersky Lab) ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2024-04-09] (Malwarebytes Inc. -> Malwarebytes) ContextMenuHandlers4: [Kaspersky Anti-Virus 21.3] -> {37303E08-14C9-4FC3-B1D9-7993682A4691} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 21.3\x64\shellex.dll [2024-04-07] (AO Kaspersky Lab -> AO Kaspersky Lab) ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_268e85175aa9e991\nvshext.dll [2024-04-03] (NVIDIA Corporation -> NVIDIA Corporation) ContextMenuHandlers6: [Kaspersky Anti-Virus 21.3] -> {37303E08-14C9-4FC3-B1D9-7993682A4691} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 21.3\x64\shellex.dll [2024-04-07] (AO Kaspersky Lab -> AO Kaspersky Lab) ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2024-04-09] (Malwarebytes Inc. -> Malwarebytes) ==================== Codecs (filtrowane) ==================== ==================== Skróty & WMI ======================== ==================== Załadowane moduły (filtrowane) ============= ==================== Alternate Data Streams (filtrowane) ======== (Załączenie wejścia w fixlist spowoduje usunięcie strumienia ADS.) AlternateDataStreams: C:\Users\miete\Desktop\adwcleaner.exe:MBAM.Zone.Identifier [140] AlternateDataStreams: C:\Users\miete\Desktop\fabric-installer-1.0.0.exe:MBAM.Zone.Identifier [160] AlternateDataStreams: C:\Users\miete\Desktop\mb-support-1.9.10.1005.exe:MBAM.Zone.Identifier [205] AlternateDataStreams: C:\Users\miete\Desktop\sysinspector_nt64.exe:MBAM.Zone.Identifier [292] ==================== Tryb awaryjny (filtrowane) ================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Wartość "AlternateShell" zostanie przywrócona.) HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service" ==================== Powiązania plików (filtrowane) ================= ==================== Internet Explorer (filtrowane) ========== BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre-1.8\bin\ssv.dll [2023-12-19] (Oracle America, Inc. -> Oracle Corporation) BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre-1.8\bin\jp2ssv.dll [2023-12-19] (Oracle America, Inc. -> Oracle Corporation) ==================== Hosts - zawartość: ========================= (Użycie dyrektywy Hosts: w fixlist spowoduje reset pliku Hosts.) 2022-05-07 07:24 - 2024-04-08 22:31 - 000001056 _____ C:\WINDOWS\system32\drivers\etc\hosts 127.0.0.1 www.anticheat.ac 127.0.0.1 https://paladin.ac 127.0.0.1 https://status.anticheat.ac/incident/298150 127.0.0.1 https://buy.anticheat.ac/?$ 127.0.0.1 https://buy.anticheat.ac/?$ 127.0.0.1 https://anticheat.ac/dashboard/ ==================== Inne obszary =========================== (Obecnie brak automatycznej naprawy dla tej sekcji.) HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Common Files\Oracle\Java\javapath;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;%SYSTEMROOT%\System32\OpenSSH\ HKU\S-1-5-21-3294184972-935576208-774461254-1001\Control Panel\Desktop\\Wallpaper -> c:\windows\web\wallpaper\themea\img20.jpg DNS Servers: 8.8.8.8 - 8.8.4.4 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1) Zapora systemu Windows [funkcja włączona] ==================== MSCONFIG/TASK MANAGER - Wyłączone elementy == ==================== Reguły Zapory systemu Windows (filtrowane) ================ (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) FirewallRules: [{C4A2AA51-881D-4AC4-9E90-8D18206D88F3}] => (Allow) C:\Program Files\WindowsApps\microsoftteams_24047.202.2704.38_x64__8wekyb3d8bbwe\msteams.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [{773B2AF1-BD09-439E-9657-6A88006DEFD7}] => (Allow) C:\Program Files\WindowsApps\microsoftteams_24047.202.2704.38_x64__8wekyb3d8bbwe\msteams.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [{E9FB0AFE-6C35-4509-9FA4-6BF2DF9E1115}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\123.0.2420.81\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [{6F90A541-0F72-4914-8558-5147F8EA4043}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve Corp. -> Valve Corporation) FirewallRules: [{724013E7-BA32-4B38-8161-0AA3902CC6F7}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve Corp. -> Valve Corporation) FirewallRules: [{B2304997-D227-424C-8F4A-F4F010C86863}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corp. -> Valve Corporation) FirewallRules: [{00B3F5AF-49A3-44CB-8372-AE34E8B736E9}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corp. -> Valve Corporation) FirewallRules: [{C4E28A7A-8057-4F65-8A62-9AD33B1F1756}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.234.783.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd) FirewallRules: [{9E179EDF-FA53-49CE-8DAD-311A12BBAEDD}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.234.783.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd) FirewallRules: [{E66B7F11-846A-4F6C-BA29-7A20C2B1A862}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.234.783.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd) FirewallRules: [{B9425A56-EA47-4E32-9B18-BCAA398406BE}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.234.783.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd) FirewallRules: [{586A8821-AC13-4369-9809-256AB76FB31E}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.234.783.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd) FirewallRules: [{AB44FA21-C8D4-403F-ADB3-41060E2EFCE7}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.234.783.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd) FirewallRules: [{AB85B5C8-3252-4451-B936-8D8C446F2A7A}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.234.783.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd) FirewallRules: [{6156DAEA-241D-406A-A4EF-3FE695DCF3A6}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.234.783.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd) FirewallRules: [{B76B16B2-E10A-401E-81FE-4433D9D4BFE7}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.234.783.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd) FirewallRules: [{85613570-7DBC-412A-8887-0E2CD9258B15}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.234.783.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd) FirewallRules: [TCP Query User{67990CB1-05E1-4706-A89C-ECCC063E96BE}C:\users\miete\appdata\local\programs\opera gx\opera.exe] => (Allow) C:\users\miete\appdata\local\programs\opera gx\opera.exe (Opera Norway AS -> Opera Software) FirewallRules: [UDP Query User{301F73B8-EADF-4ECE-9AE6-655D16209994}C:\users\miete\appdata\local\programs\opera gx\opera.exe] => (Allow) C:\users\miete\appdata\local\programs\opera gx\opera.exe (Opera Norway AS -> Opera Software) FirewallRules: [{3EBCB77D-8D8C-45A4-B2AF-0DC1B51C845C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\game\bin\win64\cs2.exe (Valve Corp. -> ) FirewallRules: [{762E2A5C-A261-4E0E-BDFE-BF47884E792C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\game\bin\win64\cs2.exe (Valve Corp. -> ) FirewallRules: [{6B0FC822-2CD7-44C9-BABF-5A77D5C742D0}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Buckshot Roulette\Buckshot Roulette_windows\Buckshot Roulette.exe (Mike Klubnika) [Brak podpisu cyfrowego] FirewallRules: [{CF796E72-F1FB-4AE0-8C2F-15932E5A6DA0}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Buckshot Roulette\Buckshot Roulette_windows\Buckshot Roulette.exe (Mike Klubnika) [Brak podpisu cyfrowego] FirewallRules: [TCP Query User{F8102CF4-52C8-44F6-A22C-A9BAB158934A}C:\users\miete\curseforge\minecraft\install\runtime\java-runtime-gamma\windows-x64\java-runtime-gamma\bin\javaw.exe] => (Allow) C:\users\miete\curseforge\minecraft\install\runtime\java-runtime-gamma\windows-x64\java-runtime-gamma\bin\javaw.exe FirewallRules: [UDP Query User{FC9BB8AF-2C44-4A99-A027-E15F199D4C91}C:\users\miete\curseforge\minecraft\install\runtime\java-runtime-gamma\windows-x64\java-runtime-gamma\bin\javaw.exe] => (Allow) C:\users\miete\curseforge\minecraft\install\runtime\java-runtime-gamma\windows-x64\java-runtime-gamma\bin\javaw.exe FirewallRules: [TCP Query User{98418D3C-1199-4708-8EFD-E2A606F348D5}C:\users\miete\appdata\roaming\.minecraft\jre\openjdk17u-jre_x64_windows_hotspot_17.0.3_7\bin\javaw.exe] => (Allow) C:\users\miete\appdata\roaming\.minecraft\jre\openjdk17u-jre_x64_windows_hotspot_17.0.3_7\bin\javaw.exe FirewallRules: [UDP Query User{7E2D412F-2387-43D4-B85E-B8EB83F01640}C:\users\miete\appdata\roaming\.minecraft\jre\openjdk17u-jre_x64_windows_hotspot_17.0.3_7\bin\javaw.exe] => (Allow) C:\users\miete\appdata\roaming\.minecraft\jre\openjdk17u-jre_x64_windows_hotspot_17.0.3_7\bin\javaw.exe FirewallRules: [TCP Query User{88C7C9AD-115B-4DAD-AC95-2E8190F2FBF1}C:\users\miete\appdata\roaming\ccbluex\liquidlauncher\data\runtimes\temurin_17\jdk-17.0.10+7-jre\bin\javaw.exe] => (Allow) C:\users\miete\appdata\roaming\ccbluex\liquidlauncher\data\runtimes\temurin_17\jdk-17.0.10+7-jre\bin\javaw.exe FirewallRules: [UDP Query User{F2E0E88C-EADD-4E82-933C-9D9046CA47BF}C:\users\miete\appdata\roaming\ccbluex\liquidlauncher\data\runtimes\temurin_17\jdk-17.0.10+7-jre\bin\javaw.exe] => (Allow) C:\users\miete\appdata\roaming\ccbluex\liquidlauncher\data\runtimes\temurin_17\jdk-17.0.10+7-jre\bin\javaw.exe FirewallRules: [{559ADCC6-3EBF-40F7-95C9-E68B9142AE48}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.235.663.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd) FirewallRules: [{356F81B6-BE49-4D26-B45A-E3396F506E0C}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.235.663.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd) FirewallRules: [{42000ADF-0780-4551-BA6B-7CD8B67740EB}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.235.663.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd) FirewallRules: [{D6359D6A-3D43-4E28-A8A1-2F488AAA8EE2}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.235.663.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd) FirewallRules: [{0FC3F8E4-6663-4FEC-9618-22612BCA5101}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.235.663.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd) FirewallRules: [{EEB36CFC-C8BF-4F88-946A-346A2ECCCC0C}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.235.663.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd) FirewallRules: [{6EC011EE-1908-4092-A026-1CE04A1A4617}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.235.663.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd) FirewallRules: [{1DD7E556-506F-422F-9578-72A45AE6118F}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.235.663.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd) FirewallRules: [{9F75D715-B237-4357-A98A-7D895CE28395}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.235.663.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd) FirewallRules: [{387097A5-AFE2-4098-849C-7850611207EA}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.235.663.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd) ==================== Punkty Przywracania systemu ========================= 09-04-2024 15:28:53 Windows Update ==================== Wadliwe urządzenia w Menedżerze urządzeń ============ ==================== Błędy w Dzienniku zdarzeń: ======================== Dziennik Aplikacja: ================== Error: (04/09/2024 03:11:35 PM) (Source: Application Error) (EventID: 1000) (User: PINGU) Description: Nazwa aplikacji powodującej błąd: PhoneExperienceHost.exe, wersja: 1.24022.87.0, sygnatura czasowa: 0x65a80000 Nazwa modułu powodującego błąd: KERNELBASE.dll, wersja: 10.0.22621.3374, sygnatura czasowa: 0x3069ce37 Kod wyjątku: 0xe0434352 Przesunięcie błędu: 0x00000000000653ac Identyfikator procesu powodującego błąd: 0x0x4da0 Godzina uruchomienia aplikacji powodującej błąd: 0x0x1da8a7f72d4c8aa Ścieżka aplikacji powodującej błąd: C:\Program Files\WindowsApps\Microsoft.YourPhone_1.24022.87.0_x64__8wekyb3d8bbwe\PhoneExperienceHost.exe Ścieżka modułu powodującego błąd: C:\WINDOWS\System32\KERNELBASE.dll Identyfikator raportu: 58ffb14d-1ca8-4f67-8cf8-1a9973721b5a Pełna nazwa pakietu powodującego błąd: Microsoft.YourPhone_1.24022.87.0_x64__8wekyb3d8bbwe Identyfikator aplikacji względem pakietu powodującego błąd: App Error: (04/09/2024 03:11:35 PM) (Source: .NET Runtime) (EventID: 1026) (User: ) Description: Application: PhoneExperienceHost.exe CoreCLR Version: 8.0.224.6711 .NET Version: 8.0.2 Description: The process was terminated due to an unhandled exception. Exception Info: System.TypeInitializationException: The type initializer for 'WinRT.ActivationFactory`1' threw an exception. ---> System.Runtime.InteropServices.COMException (0x80040154): Klasa niezarejestrowana. (0x80040154 (REGDB_E_CLASSNOTREG)) at System.Runtime.InteropServices.Marshal.ThrowExceptionForHR(Int32 errorCode) at WinRT.BaseActivationFactory..ctor(String typeNamespace, String typeFullName) at WinRT.ActivationFactory`1..cctor() --- End of inner exception stack trace --- at Microsoft.Windows.AppLifecycle.AppInstance.Make___objRef_global__Microsoft_Windows_AppLifecycle_IAppInstanceStatics() at Microsoft.Windows.AppLifecycle.AppInstance.GetCurrent() at YourPhone.Program.Main(String[] args) Error: (04/09/2024 03:10:53 PM) (Source: Application Error) (EventID: 1000) (User: PINGU) Description: Nazwa aplikacji powodującej błąd: PhoneExperienceHost.exe, wersja: 1.24022.87.0, sygnatura czasowa: 0x65a80000 Nazwa modułu powodującego błąd: KERNELBASE.dll, wersja: 10.0.22621.3374, sygnatura czasowa: 0x3069ce37 Kod wyjątku: 0xe0434352 Przesunięcie błędu: 0x00000000000653ac Identyfikator procesu powodującego błąd: 0x0x2db0 Godzina uruchomienia aplikacji powodującej błąd: 0x0x1da8a7f5983a611 Ścieżka aplikacji powodującej błąd: C:\Program Files\WindowsApps\Microsoft.YourPhone_1.24022.87.0_x64__8wekyb3d8bbwe\PhoneExperienceHost.exe Ścieżka modułu powodującego błąd: C:\WINDOWS\System32\KERNELBASE.dll Identyfikator raportu: 4f22e1f9-b561-4da8-af85-0b464c32e4df Pełna nazwa pakietu powodującego błąd: Microsoft.YourPhone_1.24022.87.0_x64__8wekyb3d8bbwe Identyfikator aplikacji względem pakietu powodującego błąd: App Error: (04/09/2024 03:10:52 PM) (Source: .NET Runtime) (EventID: 1026) (User: ) Description: Application: PhoneExperienceHost.exe CoreCLR Version: 8.0.224.6711 .NET Version: 8.0.2 Description: The process was terminated due to an unhandled exception. Exception Info: System.TypeInitializationException: The type initializer for 'WinRT.ActivationFactory`1' threw an exception. ---> System.Runtime.InteropServices.COMException (0x80040154): Klasa niezarejestrowana. (0x80040154 (REGDB_E_CLASSNOTREG)) at System.Runtime.InteropServices.Marshal.ThrowExceptionForHR(Int32 errorCode) at WinRT.BaseActivationFactory..ctor(String typeNamespace, String typeFullName) at WinRT.ActivationFactory`1..cctor() --- End of inner exception stack trace --- at Microsoft.Windows.AppLifecycle.AppInstance.Make___objRef_global__Microsoft_Windows_AppLifecycle_IAppInstanceStatics() at Microsoft.Windows.AppLifecycle.AppInstance.GetCurrent() at YourPhone.Program.Main(String[] args) Error: (04/09/2024 03:10:38 PM) (Source: Application Error) (EventID: 1000) (User: PINGU) Description: Nazwa aplikacji powodującej błąd: PhoneExperienceHost.exe, wersja: 1.24022.87.0, sygnatura czasowa: 0x65a80000 Nazwa modułu powodującego błąd: KERNELBASE.dll, wersja: 10.0.22621.3374, sygnatura czasowa: 0x3069ce37 Kod wyjątku: 0xe0434352 Przesunięcie błędu: 0x00000000000653ac Identyfikator procesu powodującego błąd: 0x0x1820 Godzina uruchomienia aplikacji powodującej błąd: 0x0x1da8a7f50d1f30a Ścieżka aplikacji powodującej błąd: C:\Program Files\WindowsApps\Microsoft.YourPhone_1.24022.87.0_x64__8wekyb3d8bbwe\PhoneExperienceHost.exe Ścieżka modułu powodującego błąd: C:\WINDOWS\System32\KERNELBASE.dll Identyfikator raportu: d74e05b3-89f3-4a85-a1a4-75e2abd8622e Pełna nazwa pakietu powodującego błąd: Microsoft.YourPhone_1.24022.87.0_x64__8wekyb3d8bbwe Identyfikator aplikacji względem pakietu powodującego błąd: App Error: (04/09/2024 03:10:38 PM) (Source: .NET Runtime) (EventID: 1026) (User: ) Description: Application: PhoneExperienceHost.exe CoreCLR Version: 8.0.224.6711 .NET Version: 8.0.2 Description: The process was terminated due to an unhandled exception. Exception Info: System.TypeInitializationException: The type initializer for 'WinRT.ActivationFactory`1' threw an exception. ---> System.Runtime.InteropServices.COMException (0x80040154): Klasa niezarejestrowana. (0x80040154 (REGDB_E_CLASSNOTREG)) at System.Runtime.InteropServices.Marshal.ThrowExceptionForHR(Int32 errorCode) at WinRT.BaseActivationFactory..ctor(String typeNamespace, String typeFullName) at WinRT.ActivationFactory`1..cctor() --- End of inner exception stack trace --- at Microsoft.Windows.AppLifecycle.AppInstance.Make___objRef_global__Microsoft_Windows_AppLifecycle_IAppInstanceStatics() at Microsoft.Windows.AppLifecycle.AppInstance.GetCurrent() at YourPhone.Program.Main(String[] args) Error: (04/09/2024 03:10:21 PM) (Source: CertEnroll) (EventID: 86) (User: ZARZĄDZANIE NT) Description: Inicjowanie rejestracji certyfikatu SCEP dla elementu WORKGROUP\PINGU$ za pośrednictwem elementu https://AMD-KeyId-52fb59e29aa83a962fb9eef0fe5b4811de6b751e.microsoftaik.azure.net/templates/Aik/scep nie powiodło się: GetCACaps GetCACaps: Not Found {"Message":"The authority \"amd-keyid-52fb59e29aa83a962fb9eef0fe5b4811de6b751e.microsoftaik.azure.net\" does not exist."} HTTP/1.1 404 Not Found Date: Tue, 09 Apr 2024 13:10:21 GMT Content-Length: 121 Content-Type: application/json; charset=utf-8 X-Content-Type-Options: nosniff Strict-Transport-Security: max-age=31536000;includeSubDomains x-ms-request-id: 244c3b06-76fb-4524-b728-3c6f855248ce Metoda: GET(281ms) Etap: GetCACaps Nieznaleziony (404). 0x80190194 (-2145844844 HTTP_E_STATUS_NOT_FOUND) Error: (04/09/2024 03:10:20 PM) (Source: CertEnroll) (EventID: 86) (User: ZARZĄDZANIE NT) Description: Inicjowanie rejestracji certyfikatu SCEP dla elementu System lokalny za pośrednictwem elementu https://AMD-KeyId-52fb59e29aa83a962fb9eef0fe5b4811de6b751e.microsoftaik.azure.net/templates/Aik/scep nie powiodło się: GetCACaps GetCACaps: Not Found {"Message":"The authority \"amd-keyid-52fb59e29aa83a962fb9eef0fe5b4811de6b751e.microsoftaik.azure.net\" does not exist."} HTTP/1.1 404 Not Found Date: Tue, 09 Apr 2024 13:10:21 GMT Content-Length: 121 Content-Type: application/json; charset=utf-8 X-Content-Type-Options: nosniff Strict-Transport-Security: max-age=31536000;includeSubDomains x-ms-request-id: 0ab02ccb-8397-45b7-a4d1-c8c306498e9e Metoda: GET(469ms) Etap: GetCACaps Nieznaleziony (404). 0x80190194 (-2145844844 HTTP_E_STATUS_NOT_FOUND) Dziennik System: ============= Error: (04/09/2024 03:29:02 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: ZARZĄDZANIE NT) Description: Instalacja nie powiodła się: system Windows nie mógł zainstalować następującej aktualizacji, ponieważ wystąpił błąd 0x80073d02: 9NCBCSZSJRSB-SpotifyAB.SpotifyMusic. Error: (04/09/2024 03:27:20 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: ZARZĄDZANIE NT) Description: Instalacja nie powiodła się: system Windows nie mógł zainstalować następującej aktualizacji, ponieważ wystąpił błąd 0x80073d02: 9NCBCSZSJRSB-SpotifyAB.SpotifyMusic. Error: (04/09/2024 03:12:07 PM) (Source: DCOM) (EventID: 10010) (User: PINGU) Description: Serwer {283EDD52-69B2-473D-BEB6-2C0B4C01FD73} nie zarejestrował się w modelu DCOM w wymaganym czasie. Error: (04/09/2024 03:11:24 PM) (Source: DCOM) (EventID: 10010) (User: PINGU) Description: Serwer {283EDD52-69B2-473D-BEB6-2C0B4C01FD73} nie zarejestrował się w modelu DCOM w wymaganym czasie. Error: (04/09/2024 03:10:52 PM) (Source: DCOM) (EventID: 10010) (User: PINGU) Description: Serwer {283EDD52-69B2-473D-BEB6-2C0B4C01FD73} nie zarejestrował się w modelu DCOM w wymaganym czasie. Error: (04/08/2024 10:53:11 PM) (Source: DCOM) (EventID: 10005) (User: PINGU) Description: Model DCOM odebrał błąd 1053 podczas próby uruchomienia usługi BcastDVRUserService_58baa z argumentami Niedostępny w celu uruchomienia serwera: Windows.Media.Capture.Internal.AppCaptureShell Error: (04/08/2024 10:53:11 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Nie można uruchomić usługi Usługa użytkownika DVR z gry i transmisja_58baa z powodu następującego błędu: Usługa nie odpowiada na sygnał uruchomienia lub sygnał sterujący w oczekiwanym czasie. Error: (04/08/2024 10:53:11 PM) (Source: Service Control Manager) (EventID: 7009) (User: ) Description: Upłynął limit czasu (30000 ms) podczas oczekiwania na połączenie się z usługą Usługa użytkownika DVR z gry i transmisja_58baa. Windows Defender: ================ Date: 2024-04-09 15:30:02 Description: Skanowanie produktu Program antywirusowy Microsoft Defender zostało zatrzymane przed ukończeniem. Identyfikator skanowania: {FA87F6BD-75BA-4C76-88C9-C2A7BA8DB5E9} Typ skanowania: Narzędzia chroniące przed złośliwym oprogramowaniem Parametry skanowania: Szybkie skanowanie Użytkownik: ZARZĄDZANIE NT\SYSTEM Date: 2024-04-08 21:58:38 Description: Skanowanie produktu Program antywirusowy Microsoft Defender zostało zatrzymane przed ukończeniem. Identyfikator skanowania: {7EBC19D8-DFA4-45E1-B409-F163E0E48AFE} Typ skanowania: Narzędzia chroniące przed złośliwym oprogramowaniem Parametry skanowania: Szybkie skanowanie Użytkownik: ZARZĄDZANIE NT\SYSTEM  CodeIntegrity: =============== Date: 2024-04-09 17:25:59 Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\SecurityHealthService.exe) attempted to load \Device\HarddiskVolume3\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 21.3\x64\antimalware_provider.dll that did not meet the Windows signing level requirements. Date: 2024-04-09 17:25:28 Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 21.3\x64\antimalware_provider.dll that did not meet the Windows signing level requirements. ==================== Statystyki pamięci =========================== BIOS: American Megatrends International, LLC. F63a 02/17/2022 Płyta główna: Gigabyte Technology Co., Ltd. B450 AORUS PRO-CF Procesor: AMD Ryzen 5 5500 Procent pamięci w użyciu: 39% Całkowita pamięć fizyczna: 16251.44 MB Dostępna pamięć fizyczna: 9885.32 MB Całkowita pamięć wirtualna: 19195.44 MB Dostępna pamięć wirtualna: 9448.5 MB ==================== Dyski ================================ Drive c: () (Fixed) (Total:757.64 GB) (Free:661.86 GB) (Model: IR-SSDPR-P34B-01T-80) NTFS \\?\Volume{3d4ac4cf-0468-4b03-96ac-2ecd43c0d334}\ () (Fixed) (Total:0.8 GB) (Free:0.08 GB) NTFS \\?\Volume{6c042dd1-ec36-4ca6-aadc-c59b702f493a}\ () (Fixed) (Total:0 GB) (Free:0 GB) \\?\Volume{0af4db1a-163a-4fda-b511-e4b3f22451e5}\ () (Fixed) (Total:0.09 GB) (Free:0.07 GB) FAT32 ==================== MBR & Tablica partycji ==================== ========================================================== Disk: 0 (Protective MBR) (Size: 953.9 GB) (Disk ID: 00000000) Partition: GPT. ==================== Koniec Addition.txt =======================