Rezultaty skanu uzupełniającego Farbar Recovery Scan Tool (x64) Wersja: 13-12-2023 Uruchomiony przez Rafał (14-12-2023 23:16:52) Uruchomiony z C:\Users\Rafał\Desktop Microsoft Windows 11 Home Wersja 22H2 22621.2861 (X64) (2023-02-11 22:12:35) Tryb startu: Normal ========================================================== ==================== Konta użytkowników: ============================= (Załączenie wejścia w fixlist spowoduje jego usunięcie.) Administrator (S-1-5-21-3670692212-2854756309-2392150526-500 - Administrator - Disabled) Gość (S-1-5-21-3670692212-2854756309-2392150526-501 - Limited - Disabled) Konto domyślne (S-1-5-21-3670692212-2854756309-2392150526-503 - Limited - Disabled) Rafał (S-1-5-21-3670692212-2854756309-2392150526-1001 - Administrator - Enabled) => C:\Users\Rafał WDAGUtilityAccount (S-1-5-21-3670692212-2854756309-2392150526-504 - Limited - Disabled) ==================== Centrum zabezpieczeń ======================== (Załączenie wejścia w fixlist spowoduje jego usunięcie.) AV: Malwarebytes (Enabled - Up to date) {0D452135-A081-B000-D6B6-132E52638543} AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AV: Kaspersky Internet Security (Enabled - Up to date) {4F76F112-43EB-40E8-11D8-F7BD1853EA23} FW: Kaspersky Internet Security (Disabled) {774D7037-0984-41B0-3A87-5E88E680AD58} ==================== Zainstalowane programy ====================== (W fixlist dozwolone tylko załączanie programów adware z flagą "Hidden" w celu ich uwidocznienia. Programy adware powinny zostać w poprawny sposób odinstalowane.) ACDSee Video Studio 3 (HKLM\...\{0D131D55-6F49-4E84-B4B7-33B8D291CFA5}) (Version: 3.0.0.219 - ACD Systems International Inc.) Canon IJ Network Scanner Selector EX2 (HKLM-x32\...\Canon_IJ_Network_Scanner_Selector_EX2) (Version: 2.0.15.2 - Canon Inc.) Canon IJ Printer Assistant Tool (HKLM-x32\...\Canon IJ Printer Assistant Tool) (Version: 1.45.2.51 - Canon Inc.) Canon IJ Scan Utility (HKLM-x32\...\Canon_IJ_Scan_Utility) (Version: 1.6.0.2 - Canon Inc.) Canon Inkjet Printer/Scanner/Fax Extended Survey Program (HKLM-x32\...\CANONIJPLM100) (Version: 6.4.0 - Canon Inc.) Canon TS3400 series Driver (HKLM\...\{1199FAD5-9546-44F3-81CF-FFDB8040B7BF}_Canon_TS3400_series) (Version: 1.01 - Canon Inc.) Fotosizer 3.12.0 (HKLM\...\Fotosizer) (Version: 3.12.0.576 - Fotosizer.com) GameRanger (HKU\S-1-5-21-3670692212-2854756309-2392150526-1001\...\GameRanger) (Version: - GameRanger Technologies) GIMP 2.10.22 (HKLM\...\GIMP-2_is1) (Version: 2.10.22 - The GIMP Team) GOG GALAXY (HKLM-x32\...\{7258BA11-600C-430E-A759-27E2C691A335}_is1) (Version: 2.0.60.2 - GOG.com) Google Chrome (HKLM-x32\...\Google Chrome) (Version: 120.0.6099.110 - Google LLC) GoTo Opener (HKLM-x32\...\{E69269DB-A77B-4BC1-8F39-241107B09F26}) (Version: 1.0.539 - LogMeIn, Inc.) GoToMeeting 10.19.0.19950 (HKU\S-1-5-21-3670692212-2854756309-2392150526-1001\...\GoToMeeting) (Version: 10.19.0.19950 - LogMeIn, Inc.) Heroes of Might and Magic 3 Complete (HKLM-x32\...\1207658787_is1) (Version: 4.0 - GOG.com) Heroes of Might and Magic® III: Horn of the Abyss (HKLM-x32\...\HotA + HD_is1) (Version: 1.6.1 - HotA Crew) HoMM III Compatibility Database (HKLM\...\{62a24b39-0106-4990-90ea-3a09e9dda7a6}.sdb) (Version: - ) IrfanView 4.54 (64-bit) (HKLM\...\IrfanView64) (Version: 4.54 - Irfan Skiljan) Ledger Live 2.62.2 (HKLM\...\c62032b2-0bca-5abc-b458-fd67cfc9e49b) (Version: 2.62.2 - Ledger Live Team) Lenovo Vantage Service (HKLM-x32\...\VantageSRV_is1) (Version: 3.13.72.0 - Lenovo Group Ltd.) Malwarebytes version 4.6.7.301 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 4.6.7.301 - Malwarebytes) Microsoft 365 - pl-pl (HKLM\...\O365HomePremRetail - pl-pl) (Version: 16.0.17029.20068 - Microsoft Corporation) Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 120.0.2210.61 - Microsoft Corporation) Microsoft ODBC Driver 11 for SQL Server (HKLM\...\{A22EED3F-6DB6-4987-8023-6C6B7030E554}) (Version: 12.2.5000.0 - Microsoft Corporation) Microsoft OneDrive (HKU\S-1-5-21-3670692212-2854756309-2392150526-1001\...\OneDriveSetup.exe) (Version: 22.191.0911.0001 - Microsoft Corporation) Microsoft SQL Server 2005 Backward compatibility (HKLM\...\{8909B8A7-CEAB-4772-BF29-1892C4E6603B}) (Version: 8.05.2309 - Microsoft Corporation) Microsoft SQL Server 2008 R2 Command Line Utilities (HKLM\...\{AE534339-202C-408F-B827-E520320E2329}) (Version: 10.53.6000.34 - Microsoft Corporation) Microsoft SQL Server 2008 R2 Native Client (HKLM\...\{E534493E-80D2-4E37-8020-3ECAC55D9DB5}) (Version: 10.53.6000.34 - Microsoft Corporation) Microsoft SQL Server 2008 Setup Support Files (HKLM\...\{6292D514-17A4-403F-98F9-E150F10C043D}) (Version: 10.3.5500.0 - Microsoft Corporation) Microsoft SQL Server 2012 Native Client (HKLM\...\{C20DACBE-19F2-47FF-AD22-BBB493499346}) (Version: 11.2.5643.3 - Microsoft Corporation) Microsoft SQL Server 2014 (64-bit) (HKLM\...\Microsoft SQL Server SQLServer2014) (Version: - Microsoft Corporation) Microsoft SQL Server 2014 RsFx Driver (HKLM\...\{27859BF7-ADC9-487E-A849-4C58D86B62E4}) (Version: 12.2.5000.0 - Microsoft Corporation) Hidden Microsoft SQL Server 2014 Setup (English) (HKLM\...\{E0AE1947-4991-475D-B972-15C90905915A}) (Version: 12.2.5000.0 - Microsoft Corporation) Microsoft SQL Server 2014 Transact-SQL ScriptDom (HKLM\...\{E8C99927-8E6E-4B6B-B80C-1B8B23B1767D}) (Version: 12.2.5000.0 - Microsoft Corporation) Microsoft Update Health Tools (HKLM\...\{C6FD611E-7EFE-488C-A0E0-974C09EF6473}) (Version: 5.72.0.0 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.61030 (HKLM\...\{37B8F9C7-03FB-3253-8781-2517C99D7C00}) (Version: 11.0.61030 - Microsoft Corporation) Hidden Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.61030 (HKLM\...\{CF2BEA3C-26EA-32F8-AA9B-331F7E34BA97}) (Version: 11.0.61030 - Microsoft Corporation) Hidden Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61030 (HKLM-x32\...\{B175520C-86A2-35A7-8619-86DC379688B9}) (Version: 11.0.61030 - Microsoft Corporation) Hidden Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61030 (HKLM-x32\...\{BD95A8CD-1D9F-35AD-981A-3E7925026EBB}) (Version: 11.0.61030 - Microsoft Corporation) Hidden Microsoft Visual C++ 2015-2019 Redistributable (x64) - 14.28.29334 (HKLM-x32\...\{a9cfe9c7-e54f-46cd-9c5c-542ff8e3e8c4}) (Version: 14.28.29334.0 - Microsoft Corporation) Microsoft Visual C++ 2015-2019 Redistributable (x86) - 14.28.29334 (HKLM-x32\...\{b2d0f752-adc5-496e-8f70-8669de01f746}) (Version: 14.28.29334.0 - Microsoft Corporation) Microsoft Visual C++ 2019 X64 Additional Runtime - 14.28.29334 (HKLM\...\{2E11EF4E-901F-4B2D-B68E-3DB2A566C857}) (Version: 14.28.29334 - Microsoft Corporation) Hidden Microsoft Visual C++ 2019 X64 Minimum Runtime - 14.28.29334 (HKLM\...\{8A3F7D5B-422D-49D9-84F7-8DC1B7782967}) (Version: 14.28.29334 - Microsoft Corporation) Hidden Microsoft Visual C++ 2019 X86 Additional Runtime - 14.28.29334 (HKLM-x32\...\{14C49FC8-3E9B-4F29-8526-26629B5CF30B}) (Version: 14.28.29334 - Microsoft Corporation) Hidden Microsoft Visual C++ 2019 X86 Minimum Runtime - 14.28.29334 (HKLM-x32\...\{0D01A812-82A1-481F-8546-8E28E976F8DF}) (Version: 14.28.29334 - Microsoft Corporation) Hidden Microsoft VSS Writer for SQL Server 2014 (HKLM\...\{366CD715-2FF4-40B4-A8B4-A05E5D21A945}) (Version: 12.2.5000.0 - Microsoft Corporation) Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 95.0 - Mozilla) Mozilla Thunderbird 78.10.2 (x64 pl) (HKLM\...\Mozilla Thunderbird 78.10.2 (x64 pl)) (Version: 78.10.2 - Mozilla) Office 16 Click-to-Run Extensibility Component (HKLM\...\{90160000-008C-0000-1000-0000000FF1CE}) (Version: 16.0.17029.20000 - Microsoft Corporation) Hidden Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-007E-0000-1000-0000000FF1CE}) (Version: 16.0.17029.20068 - Microsoft Corporation) Hidden Office 16 Click-to-Run Localization Component (HKLM\...\{90160000-008C-0415-1000-0000000FF1CE}) (Version: 16.0.17029.20000 - Microsoft Corporation) Hidden OpenAL (HKLM-x32\...\OpenAL) (Version: - ) Rejestracja drukarki (HKLM-x32\...\Canon EISRegistration) (Version: 1.8.0 - Canon Inc.) Service Pack 2 for SQL Server 2014 (KB3171021) (64-bit) (HKLM\...\KB3171021) (Version: 12.2.5000.0 - Microsoft Corporation) Shoper (HKU\S-1-5-21-3670692212-2854756309-2392150526-1001\...\bd3e0ee7d341c9ffc4048a0d292fb0fe) (Version: 1.0 - Google\Chrome) Sprawdzanie kondycji komputera z systemem Windows (HKLM\...\{497ED226-5E88-4EC5-9340-373B1C56906F}) (Version: 3.2.2110.14001 - Microsoft Corporation) SQL Server 2014 Common Files (HKLM\...\{BD1CD96B-FE4B-4EAE-83D4-6EF55AB5779C}) (Version: 12.2.5000.0 - Microsoft Corporation) Hidden SQL Server 2014 Common Files (HKLM\...\{F7012F84-80F5-4C25-852E-B1BA03276FE6}) (Version: 12.2.5000.0 - Microsoft Corporation) Hidden SQL Server 2014 Database Engine Services (HKLM\...\{17531BCD-C627-46A2-9F1E-7CC920E0E94A}) (Version: 12.2.5000.0 - Microsoft Corporation) Hidden SQL Server 2014 Database Engine Services (HKLM\...\{5082A9F3-AEE5-4639-9BA7-C19661BA7331}) (Version: 12.2.5000.0 - Microsoft Corporation) Hidden SQL Server 2014 Database Engine Shared (HKLM\...\{ACC530B8-B6B4-40D6-B59B-152468CF47D0}) (Version: 12.2.5000.0 - Microsoft Corporation) Hidden SQL Server 2014 Database Engine Shared (HKLM\...\{D1B847A9-B06B-4264-9EF0-78E6E1571E65}) (Version: 12.2.5000.0 - Microsoft Corporation) Hidden SQL Server Browser for SQL Server 2014 (HKLM-x32\...\{3204DE95-97D2-4261-A286-98A262E171D4}) (Version: 12.2.5000.0 - Microsoft Corporation) Sql Server Customer Experience Improvement Program (HKLM\...\{6476DB81-F263-4C04-8574-AAD31136C304}) (Version: 12.2.5000.0 - Microsoft Corporation) Hidden Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation) Sterowniki firmy InsERT 5.61.16 (HKLM-x32\...\{5605864D-13B4-42AF-AA0C-EE51468A4088}) (Version: 5.61.16 - InsERT) SubLinker (HKLM-x32\...\{865474B1-333A-4E73-822A-13AD614E7528}_is1) (Version: 2.23.3.0 - Infologicbp Sp. z o.o.) Środowisko uruchomieniowe Microsoft Edge WebView2 (HKLM-x32\...\Microsoft EdgeWebView) (Version: 120.0.2210.61 - Microsoft Corporation) TeamViewer (HKLM\...\TeamViewer) (Version: 15.27.3 - TeamViewer) WinHTTrack Website Copier 3.49-2 (x64) (HKLM\...\WinHTTrack Website Copier_is1) (Version: 3.49.2 - HTTrack) WinRAR 6.00 (64-bitowy) (HKLM\...\WinRAR archiver) (Version: 6.00.0 - win.rar GmbH) Wondershare Filmora 13(Build 13.0.51.4714) (HKU\S-1-5-21-3670692212-2854756309-2392150526-1001\...\Wondershare Filmora 13_is1) (Version: - Wondershare Software) Packages: ========= AppUp.IntelGraphicsExperience -> C:\Program Files\WindowsApps\AppUp.IntelGraphicsExperience_1.100.5287.0_x64__8j3eq9eme6ctt [2023-12-14] (INTEL CORP) [Startup Task] AppUp.ThunderboltControlCenter -> C:\Program Files\WindowsApps\AppUp.ThunderboltControlCenter_1.0.37.0_x64__8j3eq9eme6ctt [2023-10-17] (INTEL CORP) Dev Home -> C:\Program Files\WindowsApps\Microsoft.Windows.DevHome_0.800.344.0_x64__8wekyb3d8bbwe [2023-12-14] (Microsoft Corporation) Dodatek Aparat multimediów dla aplikacji Zdjęcia -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2021-08-12] (Microsoft Corporation) Dodatek Zdjęcia -> C:\Program Files\WindowsApps\Microsoft.Windows.Photos.DLC.Main_2021.39122.10110.0_x64__8wekyb3d8bbwe [2022-01-11] (Microsoft Corporation) Dolby Atmos Speaker System -> C:\Program Files\WindowsApps\dolbylaboratories.dolbyatmosspeakersystem_3.20402.409.0_x64__rz1tebttyb220 [2021-09-01] (Dolby Laboratories) Dolby Vision -> C:\Program Files\WindowsApps\DolbyLaboratories.DolbyVisionHDR_2.20301.388.0_x64__rz1tebttyb220 [2023-11-25] (Dolby Laboratories) Intel® Graphics Control Panel -> C:\Program Files\WindowsApps\appup.intelgraphicscontrolpanel_3.3.0.0_x64__8j3eq9eme6ctt [2020-12-29] (INTEL CORP) Lenovo Companion -> C:\Program Files\WindowsApps\E046963F.LenovoCompanion_10.2310.18.0_x64__k1h2ywk1493x8 [2023-11-12] (LENOVO INC.) Lenovo Hotkeys -> C:\Program Files\WindowsApps\E0469640.LenovoUtility_4.5.109.0_x64__5grkq8ppsgwt4 [2023-11-25] (LENOVO INC) [Startup Task] Microsoft Family -> C:\Program Files\WindowsApps\MicrosoftCorporationII.MicrosoftFamily_0.2.40.0_x64__8wekyb3d8bbwe [2023-09-16] (Microsoft Corp.) Microsoft.MPEG2VideoExtension -> C:\Program Files\WindowsApps\Microsoft.MPEG2VideoExtension_1.0.61931.0_x64__8wekyb3d8bbwe [2023-08-16] (Microsoft Corporation) Microsoft.WindowsAppRuntime.CBS -> C:\WINDOWS\SystemApps\Microsoft.WindowsAppRuntime.CBS_8wekyb3d8bbwe [2023-12-14] (Microsoft Corporation) Netflix -> C:\Program Files\WindowsApps\4DF9E0F8.Netflix_6.98.1805.0_x64__mcm4njqhnhss8 [2022-02-17] (Netflix, Inc.) Realtek Audio Control -> C:\Program Files\WindowsApps\RealtekSemiconductorCorp.RealtekAudioControl_1.3.181.0_x64__dt26b99r8h8gj [2020-12-29] (Realtek Semiconductor Corp) Spotify Music -> C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.226.1187.0_x64__zpdnekdrzrea0 [2023-12-12] (Spotify AB) [Startup Task] Windows Feature Experience Pack -> C:\WINDOWS\SystemApps\MicrosoftWindows.Client.FileExp_cw5n1h2txyewy [2023-12-14] (Microsoft Corporation) ==================== Niestandardowe rejestracje CLSID (filtrowane): ============== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) CustomCLSID: HKU\S-1-5-21-3670692212-2854756309-2392150526-1001_Classes\CLSID\{021E4F06-9DCC-49AD-88CF-ECC2DA314C8A}\localserver32 -> "C:\Users\Rafał\AppData\Local\Microsoft\OneDrive\22.191.0911.0001\FileCoAuth.exe" => Brak pliku CustomCLSID: HKU\S-1-5-21-3670692212-2854756309-2392150526-1001_Classes\CLSID\{0827D883-485C-4D62-BA2C-A332DBF3D4B0}\localserver32 -> "C:\Users\Rafał\AppData\Local\Microsoft\OneDrive\22.191.0911.0001\FileCoAuth.exe" => Brak pliku CustomCLSID: HKU\S-1-5-21-3670692212-2854756309-2392150526-1001_Classes\CLSID\{14100442-9664-1407-2647-000000000000}\localserver32 -> "C:\Users\Rafał\AppData\Local\Wondershare\Wondershare NativePush\WsToastNotification.exe" -ToastActivated => Brak pliku CustomCLSID: HKU\S-1-5-21-3670692212-2854756309-2392150526-1001_Classes\CLSID\{389510b7-9e58-40d7-98bf-60b911cb0ea9}\localserver32 -> "C:\Users\Rafał\AppData\Local\Microsoft\OneDrive\22.191.0911.0001\FileCoAuth.exe" => Brak pliku CustomCLSID: HKU\S-1-5-21-3670692212-2854756309-2392150526-1001_Classes\CLSID\{4410DC33-BC7C-496B-AA84-4AEA3EEE75F7}\InprocServer32 -> C:\Users\Rafał\AppData\Local\Microsoft\OneDrive\22.191.0911.0001\FileCoAuthLib64.dll => Brak pliku CustomCLSID: HKU\S-1-5-21-3670692212-2854756309-2392150526-1001_Classes\CLSID\{47E6DCAF-41F8-441C-BD0E-A50D5FE6C4D1}\localserver32 -> "C:\Users\Rafał\AppData\Local\Microsoft\OneDrive\22.191.0911.0001\Microsoft.SharePoint.exe" => Brak pliku CustomCLSID: HKU\S-1-5-21-3670692212-2854756309-2392150526-1001_Classes\CLSID\{71DCE5D6-4B57-496B-AC21-CD5B54EB93FD}\localserver32 -> "C:\Users\Rafał\AppData\Local\Microsoft\OneDrive\22.191.0911.0001\FileCoAuth.exe" => Brak pliku CustomCLSID: HKU\S-1-5-21-3670692212-2854756309-2392150526-1001_Classes\CLSID\{84B5A313-CD5D-4904-8BA2-AFDC81C1B309}\InprocServer32 -> C:\Users\Rafał\AppData\Local\GoToMeeting\19228\G2MOutlookAddin64.dll => Brak pliku CustomCLSID: HKU\S-1-5-21-3670692212-2854756309-2392150526-1001_Classes\CLSID\{917E8742-AA3B-7318-FA12-10485FB322A2}\localserver32 -> "C:\Users\Rafał\AppData\Local\Microsoft\OneDrive\22.191.0911.0001\Microsoft.SharePoint.exe" => Brak pliku CustomCLSID: HKU\S-1-5-21-3670692212-2854756309-2392150526-1001_Classes\CLSID\{94269C4E-071A-4116-90E6-52E557067E4E}\localserver32 -> "C:\Users\Rafał\AppData\Local\Microsoft\OneDrive\22.191.0911.0001\FileCoAuth.exe" => Brak pliku CustomCLSID: HKU\S-1-5-21-3670692212-2854756309-2392150526-1001_Classes\CLSID\{9489FEB2-1925-4D01-B788-6D912C70F7F2}\localserver32 -> "C:\Users\Rafał\AppData\Local\Microsoft\OneDrive\22.191.0911.0001\FileCoAuth.exe" => Brak pliku CustomCLSID: HKU\S-1-5-21-3670692212-2854756309-2392150526-1001_Classes\CLSID\{A926714B-7BFC-4D08-A035-80021395FFA8}\localserver32 -> "C:\Users\Rafał\AppData\Local\Microsoft\OneDrive\22.191.0911.0001\FileCoAuth.exe" => Brak pliku ContextMenuHandlers1: [Fotosizer] -> {5A3797DB-AC5E-40CC-8F16-7245D2CED25D} => C:\Program Files\Fotosizer\FSShellExtension.dll [2020-08-31] (Fotosizer.com) [Brak podpisu cyfrowego] ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2020-12-21] (win.rar GmbH -> Alexander Roshal) ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2020-12-21] (win.rar GmbH -> Alexander Roshal) ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2023-12-14] (Malwarebytes Inc. -> Malwarebytes) ContextMenuHandlers4: [Fotosizer] -> {5A3797DB-AC5E-40CC-8F16-7245D2CED25D} => C:\Program Files\Fotosizer\FSShellExtension.dll [2020-08-31] (Fotosizer.com) [Brak podpisu cyfrowego] ContextMenuHandlers6: [Fotosizer] -> {5A3797DB-AC5E-40CC-8F16-7245D2CED25D} => C:\Program Files\Fotosizer\FSShellExtension.dll [2020-08-31] (Fotosizer.com) [Brak podpisu cyfrowego] ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2023-12-14] (Malwarebytes Inc. -> Malwarebytes) ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2020-12-21] (win.rar GmbH -> Alexander Roshal) ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2020-12-21] (win.rar GmbH -> Alexander Roshal) ==================== Codecs (filtrowane) ==================== ==================== Skróty & WMI ======================== ==================== Załadowane moduły (filtrowane) ============= 2021-09-16 20:04 - 2019-12-05 15:17 - 000104448 _____ (CANON INC.) [Brak podpisu cyfrowego] C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX2\CNS2_IMG.dll 2021-09-16 20:04 - 2019-12-05 15:17 - 000009216 _____ (CANON INC.) [Brak podpisu cyfrowego] C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX2\CNS2_PLK.DLL 2021-03-02 11:30 - 2020-03-04 16:08 - 000219648 _____ (CANON INC.) [Brak podpisu cyfrowego] C:\Program Files (x86)\Canon\IJPLM\CNMPU2.DLL 2019-09-18 21:30 - 2019-09-18 21:30 - 000000000 ____L (Microsoft Corporation) [symlink -> C:\Program Files\Common Files\Microsoft Shared\ClickToRun\AppvIsvSubsystems64.dll] C:\Program Files\Microsoft Office\Root\Office16\AppVIsvSubsystems64.dll 2019-09-18 21:30 - 2019-09-18 21:30 - 000000000 ____L (Microsoft Corporation) [symlink -> C:\Program Files\Common Files\Microsoft Shared\ClickToRun\C2R64.dll] C:\Program Files\Microsoft Office\Root\Office16\c2r64.dll ==================== Alternate Data Streams (filtrowane) ======== (Załączenie wejścia w fixlist spowoduje usunięcie strumienia ADS.) AlternateDataStreams: C:\Users\Rafał\Desktop\FRST.exe:MBAM.Zone.Identifier [238] AlternateDataStreams: C:\Users\Rafał\Desktop\FRST64.exe:MBAM.Zone.Identifier [240] ==================== Tryb awaryjny (filtrowane) ================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Wartość "AlternateShell" zostanie przywrócona.) HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service" ==================== Powiązania plików (filtrowane) ================= ==================== Internet Explorer (filtrowane) ========== HKU\S-1-5-21-3670692212-2854756309-2392150526-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://lenovo17win10.msn.com/?pc=LCTE HKU\S-1-5-21-3670692212-2854756309-2392150526-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://lenovo17win10.msn.com/?pc=LCTE HKU\S-1-5-21-3670692212-2854756309-2392150526-1001\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://mystart.lenovo.com/ SearchScopes: HKU\S-1-5-21-3670692212-2854756309-2392150526-1001 -> DefaultScope {BB440F77-E82D-4363-BDBC-766CCF063BC2} URL = SearchScopes: HKU\S-1-5-21-3670692212-2854756309-2392150526-1001 -> {BB440F77-E82D-4363-BDBC-766CCF063BC2} URL = BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2023-12-07] (Microsoft Corporation -> Microsoft Corporation) Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2023-12-07] (Microsoft Corporation -> Microsoft Corporation) Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2023-12-07] (Microsoft Corporation -> Microsoft Corporation) Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2023-12-07] (Microsoft Corporation -> Microsoft Corporation) Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2023-12-07] (Microsoft Corporation -> Microsoft Corporation) Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2023-12-07] (Microsoft Corporation -> Microsoft Corporation) Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2023-12-07] (Microsoft Corporation -> Microsoft Corporation) Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2023-12-07] (Microsoft Corporation -> Microsoft Corporation) Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2023-12-07] (Microsoft Corporation -> Microsoft Corporation) ==================== Hosts - zawartość: ========================= (Użycie dyrektywy Hosts: w fixlist spowoduje reset pliku Hosts.) 2019-03-19 05:49 - 2019-03-19 05:49 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts 2021-07-28 12:30 - 2021-11-02 12:17 - 000000509 _____ C:\WINDOWS\system32\drivers\etc\hosts.ics 192.168.137.1 LAPTOP-L2HFFVD4.mshome.net # 2026 11 0 1 11 17 49 836 168.137.1 LAPTOP-L2HFFVD4.mshome.net # 2026 9 2 15 19 3 15 335 ==================== Inne obszary =========================== (Obecnie brak automatycznej naprawy dla tej sekcji.) HKU\S-1-5-21-3670692212-2854756309-2392150526-1001\Control Panel\Desktop\\Wallpaper -> C:\WINDOWS\web\wallpaper\Windows\img19.jpg DNS Servers: 178.235.153.33 - 178.235.153.32 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1) HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\AppHost => (EnableWebContentEvaluation: 1) Zapora systemu Windows [funkcja włączona] ==================== MSCONFIG/TASK MANAGER - Wyłączone elementy == ==================== Reguły Zapory systemu Windows (filtrowane) ================ (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) FirewallRules: [{425E847E-F0EE-4399-900D-30BE388FC526}] => (Allow) C:\Program Files\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH) FirewallRules: [{B1CC3D8F-EDA8-48BA-B36A-9B5E19BFD1F1}] => (Allow) C:\Program Files\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH) FirewallRules: [{CEEDE53A-45E1-482C-847D-1F0C5465953B}] => (Allow) C:\Program Files\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH) FirewallRules: [{D923C57E-DDCF-4C9A-AA97-CD93907D7C09}] => (Allow) C:\Program Files\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH) FirewallRules: [{D3D1C01B-5E81-4CB2-97B9-D3B1C53E75C8}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corp. -> Valve Corporation) FirewallRules: [{E90BF309-3C9D-417C-9176-089D58A2F7C0}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corp. -> Valve Corporation) FirewallRules: [{FD7DE8E5-90B6-44B7-AC0A-B8CA76122E6E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Stronghold Crusader Extreme\Stronghold Crusader.exe => Brak pliku FirewallRules: [{77FE7E4B-D427-46EE-9631-8AD1049E961F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Stronghold Crusader Extreme\Stronghold Crusader.exe => Brak pliku FirewallRules: [{DA6F4386-BA4C-498C-BFEF-CE201A325E76}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe => Brak pliku FirewallRules: [{F2B9E024-7D4D-462D-8BE4-D5BF2D7FF920}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe => Brak pliku FirewallRules: [{B574E6AD-4B2D-4CFB-B996-284589B6B79C}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve Corp. -> Valve Corporation) FirewallRules: [{FE27CAA6-27C2-4DCA-AE76-94E0C9857F43}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve Corp. -> Valve Corporation) FirewallRules: [{3CCA1F2B-4E25-4554-B8A5-A942BB26B3A8}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.167.586.0_x86__zpdnekdrzrea0\Spotify.exe => Brak pliku FirewallRules: [{EC4BAA5A-D586-48BF-AF28-E3331670E8A5}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.167.586.0_x86__zpdnekdrzrea0\Spotify.exe => Brak pliku FirewallRules: [{FC499DFD-0A43-4FDE-9ABA-FC0DB24793DD}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.167.586.0_x86__zpdnekdrzrea0\Spotify.exe => Brak pliku FirewallRules: [{D6BA6750-B5BE-4A58-9C4B-F2671E11A206}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.167.586.0_x86__zpdnekdrzrea0\Spotify.exe => Brak pliku FirewallRules: [{0689E8B3-809A-4098-981F-C310D0786740}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.167.586.0_x86__zpdnekdrzrea0\Spotify.exe => Brak pliku FirewallRules: [{1BE8C79E-51DA-4BB6-959A-22B439FF6723}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.167.586.0_x86__zpdnekdrzrea0\Spotify.exe => Brak pliku FirewallRules: [{FC33554D-FF92-4B45-863E-79A0329FAF0C}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.167.586.0_x86__zpdnekdrzrea0\Spotify.exe => Brak pliku FirewallRules: [{F6136E09-E6FC-494E-87B4-39AC6EA0FA94}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.167.586.0_x86__zpdnekdrzrea0\Spotify.exe => Brak pliku FirewallRules: [{95D8CA04-9EEA-4764-93DF-6A366E3FFC28}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe => Brak pliku FirewallRules: [{54A5FD44-33BA-4C2A-8930-F744D24749C3}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [TCP Query User{2938CC05-FBF7-418F-9F80-E2D9F6CD5483}C:\users\rafał\appdata\roaming\gameranger\gameranger\gameranger.exe] => (Allow) C:\users\rafał\appdata\roaming\gameranger\gameranger\gameranger.exe (GameRanger Technologies -> GameRanger Pty Ltd) FirewallRules: [UDP Query User{DA9633F1-5AFE-44AB-84B1-03C84590FC77}C:\users\rafał\appdata\roaming\gameranger\gameranger\gameranger.exe] => (Allow) C:\users\rafał\appdata\roaming\gameranger\gameranger\gameranger.exe (GameRanger Technologies -> GameRanger Pty Ltd) FirewallRules: [TCP Query User{EF9C70D0-8309-4B90-8470-68CC414E3772}C:\windows\syswow64\dplaysvr.exe] => (Allow) C:\windows\syswow64\dplaysvr.exe (Microsoft Windows -> Microsoft Corporation) FirewallRules: [UDP Query User{4DF10F3D-FA74-4751-BA4B-A91BEABC202E}C:\windows\syswow64\dplaysvr.exe] => (Allow) C:\windows\syswow64\dplaysvr.exe (Microsoft Windows -> Microsoft Corporation) FirewallRules: [TCP Query User{0844E208-87B0-4EC5-8E3A-BFB9FD36D760}C:\users\rafał\desktop\stronghold crusader\stronghold crusader\stronghold crusader.exe] => (Allow) C:\users\rafał\desktop\stronghold crusader\stronghold crusader\stronghold crusader.exe => Brak pliku FirewallRules: [UDP Query User{CB4D783B-E6EA-4174-B0D3-4EDEE125E955}C:\users\rafał\desktop\stronghold crusader\stronghold crusader\stronghold crusader.exe] => (Allow) C:\users\rafał\desktop\stronghold crusader\stronghold crusader\stronghold crusader.exe => Brak pliku FirewallRules: [{1FE94705-E284-4402-92E1-675BDDC0082B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Catan Universe\CatanUniverse.exe () [Brak podpisu cyfrowego] FirewallRules: [{8C90A9D6-A550-44F7-80D5-C6F56D8805FD}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Catan Universe\CatanUniverse.exe () [Brak podpisu cyfrowego] FirewallRules: [TCP Query User{55157CAD-2C7E-45A2-B86B-3E5D68523A75}C:\users\rafał\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\rafał\appdata\roaming\utorrent\utorrent.exe => Brak pliku FirewallRules: [UDP Query User{0EAB76EB-A054-494B-9BB6-A7F0EBCFF04C}C:\users\rafał\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\rafał\appdata\roaming\utorrent\utorrent.exe => Brak pliku FirewallRules: [TCP Query User{D03C373D-FE2D-44DD-B753-9E167E97ADD3}C:\games\stronghold crusader hd\stronghold crusader.exe] => (Allow) C:\games\stronghold crusader hd\stronghold crusader.exe => Brak pliku FirewallRules: [UDP Query User{6B4F9E4E-F909-4D01-96D2-C76368B6D078}C:\games\stronghold crusader hd\stronghold crusader.exe] => (Allow) C:\games\stronghold crusader hd\stronghold crusader.exe => Brak pliku FirewallRules: [{B8A576E8-D925-4E10-AE37-1A9F3A19EC10}] => (Allow) C:\Program Files\WindowsApps\MicrosoftTeams_23306.3309.2530.1346_x64__8wekyb3d8bbwe\msteams.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [{94763339-B1DC-426F-A126-301098B3933B}] => (Allow) C:\Program Files\WindowsApps\MicrosoftTeams_23306.3309.2530.1346_x64__8wekyb3d8bbwe\msteams.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [{3865A9FD-9548-4C33-9050-ACD70EA35752}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.226.1187.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd) FirewallRules: [{6185EB61-EBCD-4193-904D-FC5ACD81CE33}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.226.1187.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd) FirewallRules: [{292A5A48-9432-4F3C-B7E7-9C13C480F5FD}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.226.1187.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd) FirewallRules: [{696BA447-9066-41ED-ACC4-56DE07206A3D}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.226.1187.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd) FirewallRules: [{06928B8B-23F6-46E8-A50F-F584A071F564}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.226.1187.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd) FirewallRules: [{7237CE6D-F8BA-48AC-9F61-E0D24464B0AC}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.226.1187.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd) FirewallRules: [{21CC9861-8F14-4791-AD82-B11D2191BD13}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.226.1187.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd) FirewallRules: [{00C8C536-A301-49A1-9013-8A7F974342B7}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.226.1187.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd) FirewallRules: [{FD72B9BC-1C68-4FF6-B975-E98FDEF481D7}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.226.1187.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd) FirewallRules: [{3F4C697D-A58E-4EEE-8C15-7F9BB9FA015E}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.226.1187.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd) FirewallRules: [{EC4069B7-616D-4981-9AD4-388F7AA4A7B0}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\120.0.2210.61\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [{ADBE4848-F3BF-40E5-BFE2-A42B90186746}] => (Allow) C:\Users\Rafał\AppData\Local\Wondershare\Wondershare NativePush\WsToastNotification.exe => Brak pliku FirewallRules: [{7EFEDE22-B46A-46B2-9056-94C4B90B842A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Stronghold Definitive Edition\Stronghold 1 Definitive Edition.exe () [Brak podpisu cyfrowego] FirewallRules: [{37E3FE15-5CF0-4785-B640-7381A48A1FE5}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Stronghold Definitive Edition\Stronghold 1 Definitive Edition.exe () [Brak podpisu cyfrowego] FirewallRules: [{1A74995A-04D9-4944-938A-4B31FAAD68AF}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.110.3218.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.) FirewallRules: [{C564BDC3-35E4-41EF-B51A-416065CF1518}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.110.3218.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.) FirewallRules: [{212B1DDD-350D-4A8C-A59B-1D951C4DC939}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.110.3218.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.) FirewallRules: [{9D21E760-3E40-4114-9F3B-CE114F023B50}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.110.3218.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.) FirewallRules: [{DFC6549C-B181-4120-9ACB-C572B9471C2F}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC) ==================== Punkty Przywracania systemu ========================= 11-12-2023 16:03:22 Installed ACDSee Video Studio 3. 12-12-2023 20:43:35 Installed Hamachi ==================== Wadliwe urządzenia w Menedżerze urządzeń ============ ==================== Błędy w Dzienniku zdarzeń: ======================== Dziennik Aplikacja: ================== Error: (12/14/2023 11:01:35 PM) (Source: Microsoft-Windows-AppModel-State) (EventID: 13) (User: LAPTOP-L2HFFVD4) Description: C:\Users\Rafał\AppData\Local\Publishers\8wekyb3d8bbwe\TeamsSharedConfigMicrosoftTeams_8wekyb3d8bbwe-2147024894 Error: (12/14/2023 11:00:48 PM) (Source: VSS) (EventID: 13) (User: ) Description: Informacje Usługi kopiowania woluminów w tle: nie można uruchomić serwera usługi COM z identyfikatorem CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} i nazwą CEventSystem. [0x8007045b, Trwa proces zamykania systemu. ] Error: (12/14/2023 09:29:59 PM) (Source: Microsoft-Windows-AppModel-State) (EventID: 13) (User: LAPTOP-L2HFFVD4) Description: C:\Users\Rafał\AppData\Local\Publishers\8wekyb3d8bbwe\TeamsSharedConfigMicrosoftTeams_8wekyb3d8bbwe-2147024894 Error: (12/14/2023 09:14:01 PM) (Source: Microsoft-Windows-AppModel-State) (EventID: 13) (User: LAPTOP-L2HFFVD4) Description: C:\Users\Rafał\AppData\Local\Publishers\8wekyb3d8bbwe\TeamsSharedConfigMicrosoftTeams_8wekyb3d8bbwe-2147024894 Error: (12/14/2023 09:13:21 PM) (Source: VSS) (EventID: 13) (User: ) Description: Informacje Usługi kopiowania woluminów w tle: nie można uruchomić serwera usługi COM z identyfikatorem CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} i nazwą CEventSystem. [0x8007045b, Trwa proces zamykania systemu. ] Error: (12/14/2023 08:55:18 PM) (Source: Microsoft-Windows-AppModel-State) (EventID: 13) (User: LAPTOP-L2HFFVD4) Description: C:\Users\Rafał\AppData\Local\Publishers\8wekyb3d8bbwe\TeamsSharedConfigMicrosoftTeams_8wekyb3d8bbwe-2147024894 Error: (12/14/2023 08:50:48 PM) (Source: Microsoft-Windows-AppModel-State) (EventID: 13) (User: LAPTOP-L2HFFVD4) Description: C:\Users\Rafał\AppData\Local\Publishers\8wekyb3d8bbwe\TeamsSharedConfigMicrosoftTeams_8wekyb3d8bbwe-2147024894 Error: (12/14/2023 12:47:26 PM) (Source: DPTF) (EventID: 17) (User: ZARZĄDZANIE NT) Description: Event-ID 17 Dziennik System: ============= Error: (12/14/2023 11:03:00 PM) (Source: DCOM) (EventID: 10010) (User: LAPTOP-L2HFFVD4) Description: Serwer {8CFC164F-4BE5-4FDD-94E9-E2AF73ED4A19} nie zarejestrował się w modelu DCOM w wymaganym czasie. Error: (12/14/2023 11:01:07 PM) (Source: Service Control Manager) (EventID: 7023) (User: ) Description: Usługa HvHost zakończyła działanie; wystąpił następujący błąd: Nie można odnaleźć określonego pliku. Error: (12/14/2023 11:01:05 PM) (Source: Netwtw10) (EventID: 5010) (User: ) Description: Intel(R) Wireless-AC 9560 160MHz: karta sieciowa zwróciła do sterownika nieprawidłową wartość. 5010 - Driver DBG_ASSERT - instead of BSOD Error: (12/14/2023 09:54:49 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: ZARZĄDZANIE NT) Description: Instalacja nie powiodła się: system Windows nie mógł zainstalować następującej aktualizacji, ponieważ wystąpił błąd 0x80073d02: 9NMPJ99VJBWV-Microsoft.YourPhone. Error: (12/14/2023 09:53:55 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: ZARZĄDZANIE NT) Description: Instalacja nie powiodła się: system Windows nie mógł zainstalować następującej aktualizacji, ponieważ wystąpił błąd 0x80073d02: 9PLFNLNT3G5G-AppUp.IntelGraphicsExperience. Error: (12/14/2023 09:29:25 PM) (Source: Netwtw10) (EventID: 5010) (User: ) Description: Intel(R) Wireless-AC 9560 160MHz: karta sieciowa zwróciła do sterownika nieprawidłową wartość. 5010 - Driver DBG_ASSERT - instead of BSOD Error: (12/14/2023 09:29:11 PM) (Source: DCOM) (EventID: 10005) (User: ZARZĄDZANIE NT) Description: Model DCOM odebrał błąd 1115 podczas próby uruchomienia usługi UsoSvc z argumentami Niedostępny w celu uruchomienia serwera: {B91D5831-B1BD-4608-8198-D72E155020F7} Error: (12/14/2023 09:29:11 PM) (Source: DCOM) (EventID: 10005) (User: ZARZĄDZANIE NT) Description: Model DCOM odebrał błąd 1115 podczas próby uruchomienia usługi UsoSvc z argumentami Niedostępny w celu uruchomienia serwera: {B91D5831-B1BD-4608-8198-D72E155020F7} Windows Defender: ================ Date: 2023-12-12 17:48:20 Description: Produkt Program antywirusowy Microsoft Defender wykrył złośliwe oprogramowanie lub inne potencjalnie niechciane oprogramowanie. Aby uzyskać więcej informacji, zobacz: https://go.microsoft.com/fwlink/?linkid=37020&name=Trojan:Win32/Znyonm&threatid=2147890445&enterprise=0 Nazwa: Trojan:Win32/Znyonm Identyfikator: 2147890445 Ważność: Poważny Kategoria: Koń trojański Ścieżka: file:_C:\Users\RAFA~1\AppData\Local\Temp\qcesmfkqatoaf.exe; file:_C:\Users\RAFA~1\AppData\Local\Temp\vlcsagugmhcqu.exe; file:_C:\Users\Rafał\AppData\Local\Temp\vlcsagugmhcqu.exe Pochodzenie wykrycia: Komputer lokalny Typ wykrycia: FastPath Źródło wykrycia: Ochrona w czasie rzeczywistym Użytkownik: LAPTOP-L2HFFVD4\Rafał Nazwa procesu: C:\Users\Rafał\AppData\Local\Wondershare\Wondershare Filmora (CPC)\Main_App.exe Wersja analizy zabezpieczeń: AV: 1.403.353.0, AS: 1.403.353.0, NIS: 1.403.353.0 Wersja aparatu: AM: 1.1.23110.2, NIS: 1.1.23110.2 Date: 2023-12-12 17:48:20 Description: Produkt Program antywirusowy Microsoft Defender wykrył złośliwe oprogramowanie lub inne potencjalnie niechciane oprogramowanie. Aby uzyskać więcej informacji, zobacz: https://go.microsoft.com/fwlink/?linkid=37020&name=Trojan:Win32/Znyonm&threatid=2147890445&enterprise=0 Nazwa: Trojan:Win32/Znyonm Identyfikator: 2147890445 Ważność: Poważny Kategoria: Koń trojański Ścieżka: file:_C:\Users\RAFA~1\AppData\Local\Temp\qcesmfkqatoaf.exe; file:_C:\Users\Rafał\AppData\Local\Temp\vlcsagugmhcqu.exe Pochodzenie wykrycia: Komputer lokalny Typ wykrycia: FastPath Źródło wykrycia: Ochrona w czasie rzeczywistym Użytkownik: LAPTOP-L2HFFVD4\Rafał Nazwa procesu: C:\Users\Rafał\AppData\Local\Wondershare\Wondershare Filmora (CPC)\Main_App.exe Wersja analizy zabezpieczeń: AV: 1.403.353.0, AS: 1.403.353.0, NIS: 1.403.353.0 Wersja aparatu: AM: 1.1.23110.2, NIS: 1.1.23110.2 Date: 2023-12-12 17:48:17 Description: Produkt Program antywirusowy Microsoft Defender wykrył złośliwe oprogramowanie lub inne potencjalnie niechciane oprogramowanie. Aby uzyskać więcej informacji, zobacz: https://go.microsoft.com/fwlink/?linkid=37020&name=Trojan:Win32/Znyonm&threatid=2147890445&enterprise=0 Nazwa: Trojan:Win32/Znyonm Identyfikator: 2147890445 Ważność: Poważny Kategoria: Koń trojański Ścieżka: file:_C:\Users\RAFA~1\AppData\Local\Temp\qcesmfkqatoaf.exe Pochodzenie wykrycia: Komputer lokalny Typ wykrycia: FastPath Źródło wykrycia: Ochrona w czasie rzeczywistym Użytkownik: LAPTOP-L2HFFVD4\Rafał Nazwa procesu: C:\Users\Rafał\AppData\Local\Wondershare\Wondershare Filmora (CPC)\Main_App.exe Wersja analizy zabezpieczeń: AV: 1.403.353.0, AS: 1.403.353.0, NIS: 1.403.353.0 Wersja aparatu: AM: 1.1.23110.2, NIS: 1.1.23110.2 Date: 2023-12-12 17:48:14 Description: Produkt Program antywirusowy Microsoft Defender wykrył złośliwe oprogramowanie lub inne potencjalnie niechciane oprogramowanie. Aby uzyskać więcej informacji, zobacz: https://go.microsoft.com/fwlink/?linkid=37020&name=Trojan:Win32/Wacatac.H!ml&threatid=2147814523&enterprise=0 Nazwa: Trojan:Win32/Wacatac.H!ml Identyfikator: 2147814523 Ważność: Poważny Kategoria: Koń trojański Ścieżka: file:_C:\Users\RAFA~1\AppData\Local\Temp\okpabthjil.exe; file:_C:\Users\Rafał\AppData\Local\Temp\okpabthjil.exe Pochodzenie wykrycia: Komputer lokalny Typ wykrycia: FastPath Źródło wykrycia: Ochrona w czasie rzeczywistym Użytkownik: LAPTOP-L2HFFVD4\Rafał Nazwa procesu: C:\Users\Rafał\AppData\Local\Wondershare\Wondershare Filmora (CPC)\Main_App.exe Wersja analizy zabezpieczeń: AV: 1.403.353.0, AS: 1.403.353.0, NIS: 1.403.353.0 Wersja aparatu: AM: 1.1.23110.2, NIS: 1.1.23110.2 Date: 2023-12-12 17:48:13 Description: Produkt Program antywirusowy Microsoft Defender wykrył złośliwe oprogramowanie lub inne potencjalnie niechciane oprogramowanie. Aby uzyskać więcej informacji, zobacz: https://go.microsoft.com/fwlink/?linkid=37020&name=Trojan:Win32/Wacatac.H!ml&threatid=2147814523&enterprise=0 Nazwa: Trojan:Win32/Wacatac.H!ml Identyfikator: 2147814523 Ważność: Poważny Kategoria: Koń trojański Ścieżka: file:_C:\Users\Rafał\AppData\Local\Temp\okpabthjil.exe Pochodzenie wykrycia: Komputer lokalny Typ wykrycia: FastPath Źródło wykrycia: Ochrona w czasie rzeczywistym Użytkownik: LAPTOP-L2HFFVD4\Rafał Nazwa procesu: C:\Users\Rafał\AppData\Local\Wondershare\Wondershare Filmora (CPC)\Main_App.exe Wersja analizy zabezpieczeń: AV: 1.403.353.0, AS: 1.403.353.0, NIS: 1.403.353.0 Wersja aparatu: AM: 1.1.23110.2, NIS: 1.1.23110.2  CodeIntegrity: =============== Date: 2023-12-14 23:18:12 Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume3\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Microsoft signing level requirements. ==================== Statystyki pamięci =========================== BIOS: LENOVO BRCN16WW 08/14/2019 Płyta główna: LENOVO LNVNB161216 Procesor: Intel(R) Core(TM) i7-10510U CPU @ 1.80GHz Procent pamięci w użyciu: 79% Całkowita pamięć fizyczna: 7994.18 MB Dostępna pamięć fizyczna: 1614.7 MB Całkowita pamięć wirtualna: 15418.18 MB Dostępna pamięć wirtualna: 7826.19 MB ==================== Dyski ================================ Drive c: (Windows-SSD) (Fixed) (Total:475.69 GB) (Free:356.23 GB) (Model: SAMSUNG MZVLB512HBJQ-000L2) NTFS \\?\Volume{21bb8318-0fff-47ec-ba08-b8884329f7fb}\ (WINRE_DRV) (Fixed) (Total:0.98 GB) (Free:0.07 GB) NTFS \\?\Volume{2b91729e-4a1b-4da1-a91a-d78f9b9d1628}\ (SYSTEM_DRV) (Fixed) (Total:0.25 GB) (Free:0.22 GB) FAT32 ==================== MBR & Tablica partycji ==================== ========================================================== Disk: 0 (Size: 476.9 GB) (Disk ID: E2E368CF) Partition: GPT. ==================== Koniec Addition.txt =======================