Rezultaty skanu uzupełniającego Farbar Recovery Scan Tool (x64) Wersja: 30-11-2017 Uruchomiony przez Dawid (06-12-2017 14:48:53) Uruchomiony z C:\Users\Cinal\Desktop Windows 10 Home Wersja 1703 15063.726 (X64) (2017-05-16 06:01:16) Tryb startu: Normal ========================================================== ==================== Konta użytkowników: ============================= 1at46 (S-1-5-21-1356687320-1589255964-2190068474-1002 - Limited - Disabled) Administrator (S-1-5-21-1356687320-1589255964-2190068474-500 - Administrator - Disabled) Dawid (S-1-5-21-1356687320-1589255964-2190068474-1001 - Administrator - Enabled) => C:\Users\Cinal Gość (S-1-5-21-1356687320-1589255964-2190068474-501 - Limited - Disabled) HomeGroupUser$ (S-1-5-21-1356687320-1589255964-2190068474-1004 - Limited - Enabled) Konto domyślne (S-1-5-21-1356687320-1589255964-2190068474-503 - Limited - Disabled) ==================== Centrum zabezpieczeń ======================== (Załączenie wejścia w fixlist spowoduje jego usunięcie.) AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} ==================== Zainstalowane programy ====================== (W fixlist dozwolone tylko załączanie programów adware z flagą "Hidden" w celu ich uwidocznienia. Programy adware powinny zostać w poprawny sposób odinstalowane.) .NET Reflector Desktop (HKLM-x32\...\{348E3E12-2F11-4AA4-8694-88222F3440F3}) (Version: 8.4.0.39 - Red Gate Software Ltd) µTorrent (HKU\S-1-5-21-1356687320-1589255964-2190068474-1001\...\uTorrent) (Version: 3.5.0.44090 - BitTorrent Inc.) Adobe Flash Player 25 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 25.0.0.148 - Adobe Systems Incorporated) AIMP (HKLM-x32\...\AIMP) (Version: v4.13.1897, 26.06.2017 - AIMP DevTeam) AMD Software (HKLM\...\AMD Catalyst Install Manager) (Version: 9.0.000.8 - Advanced Micro Devices, Inc.) Application Profiles (HKLM-x32\...\{DD538E0C-04CD-4F7E-E1E1-1900F5AF67D8}) (Version: 1.00.0000 - Advanced Micro Devices, Inc.) Hidden Bandicam (HKLM-x32\...\Bandicam) (Version: 3.3.0.1175 - Bandisoft.com) Bandisoft MPEG-1 Decoder (HKLM-x32\...\BandiMPEG1) (Version: - Bandisoft.com) Catalyst Control Center Next Localization BR (HKLM\...\{85EC2DC7-901A-C7A8-69CC-D14B5311C057}) (Version: 2017.0720.1902.32426 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization CHS (HKLM\...\{155ABE97-ABF9-EE58-3270-334EF950F3A9}) (Version: 2017.0720.1902.32426 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization CHT (HKLM\...\{44167DA6-B26A-A06B-213E-A481135FCBF0}) (Version: 2017.0720.1902.32426 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization CS (HKLM\...\{ED204021-2012-F4F3-E495-F4AFD74D66FF}) (Version: 2017.0720.1902.32426 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization DA (HKLM\...\{1D12B9AD-21F1-791A-6A85-47F27406282C}) (Version: 2017.0720.1902.32426 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization DE (HKLM\...\{0101153A-CA07-4E2C-EF5E-D411604CF036}) (Version: 2017.0720.1902.32426 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization EL (HKLM\...\{3BBAB5EA-62DA-2431-3A1F-3F89BBAE739D}) (Version: 2017.0720.1902.32426 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization ES (HKLM\...\{975476BF-784B-0C34-09B3-AE6DC25C2B3C}) (Version: 2017.0720.1902.32426 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization FI (HKLM\...\{2F028509-06B7-9869-5FD6-1F367A0B5827}) (Version: 2017.0720.1902.32426 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization FR (HKLM\...\{8A5107B8-9CC4-141F-141D-B1952B84A62A}) (Version: 2017.0720.1902.32426 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization HU (HKLM\...\{BFDF75E6-EBBE-FD30-7DED-A80A072A0452}) (Version: 2017.0720.1902.32426 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization IT (HKLM\...\{665B0E99-0560-6850-876C-259CC785D49A}) (Version: 2017.0720.1902.32426 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization JA (HKLM\...\{8191CEE4-C7AB-5A02-4587-9D12B6B443F2}) (Version: 2017.0720.1902.32426 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization KO (HKLM\...\{E3D88B8D-BB11-D376-C3C6-EF7D0F8DD725}) (Version: 2017.0720.1902.32426 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization NL (HKLM\...\{8831C53E-B6FA-3DE6-FB39-66BD5019F083}) (Version: 2017.0720.1902.32426 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization NO (HKLM\...\{CB203E05-4AAA-9076-7D8B-5D7CAD7F0D39}) (Version: 2017.0720.1902.32426 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization PL (HKLM\...\{4166E94C-7758-3D0E-1518-05BF181FBA21}) (Version: 2017.0720.1902.32426 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization RU (HKLM\...\{E2D25167-8913-E00E-6755-270D9010DF62}) (Version: 2017.0720.1902.32426 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization SV (HKLM\...\{4BE67694-29C6-6A69-85E4-D06EFCA12846}) (Version: 2017.0720.1902.32426 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization TH (HKLM\...\{7B1A228A-7D97-3209-B386-AA878D3555C5}) (Version: 2017.0720.1902.32426 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization TR (HKLM\...\{54603A0D-55EB-44D8-0D79-4B7CB94AD6B7}) (Version: 2017.0720.1902.32426 - Advanced Micro Devices, Inc.) Hidden CodeBlocks (HKU\S-1-5-21-1356687320-1589255964-2190068474-1001\...\CodeBlocks) (Version: 16.01 - The Code::Blocks Team) Creative ASIO (USB) (HKLM-x32\...\Creative_ASIO(USB)) (Version: 1.00 - Creative Technology Limited) Discord (HKU\S-1-5-21-1356687320-1589255964-2190068474-1001\...\Discord) (Version: 0.0.298 - Discord Inc.) Epic Games Launcher Prerequisites (x64) (HKLM\...\{66C5838F-B854-4A55-89E6-A6138747A4DF}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden FileZilla Client 3.29.0 (HKLM-x32\...\FileZilla Client) (Version: 3.29.0 - Tim Kosse) GIMP 2.8.22 (HKLM\...\GIMP-2_is1) (Version: 2.8.22 - The GIMP Team) GOG Galaxy (HKLM-x32\...\{7258BA11-600C-430E-A759-27E2C691A335}_is1) (Version: - GOG.com) Google Chrome (HKLM-x32\...\Google Chrome) (Version: 62.0.3202.94 - Google Inc.) Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.7 - Google Inc.) Hidden HiPatch (HKLM-x32\...\{3C87E0FF-BC0A-4F5E-951B-68DC3F8DF000}) (Version: 5.1.6.2 - Hi-Rez Studios) Hi-Rez Studios Authenticate and Update Service (HKLM-x32\...\{3C87E0FF-BC0A-4F5E-951B-68DC3F8DF1FC}) (Version: 3.0.0.0 - Hi-Rez Studios) Informacje o systemie Creative (HKLM-x32\...\SysInfo) (Version: 1.10 - Creative Technology Limited) Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 20.19.15.4531 - Intel Corporation) Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 14.5.0.1081 - Intel Corporation) Internet Download Manager (HKLM-x32\...\Internet Download Manager) (Version: - Tonec Inc.) Java 8 Update 144 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180144F0}) (Version: 8.0.1440.1 - Oracle Corporation) Launcher Prerequisites (x64) (HKLM-x32\...\{c6c5a357-c7ca-4a5f-9789-3bb1af579253}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden Microsoft Office Professional Plus 2016 - pl-pl (HKLM\...\ProPlusRetail - pl-pl) (Version: 16.0.8625.2139 - Microsoft Corporation) Microsoft OneDrive (HKU\S-1-5-21-1356687320-1589255964-2190068474-1001\...\OneDriveSetup.exe) (Version: 17.3.7076.1026 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24212 (HKLM-x32\...\{323dad84-0974-4d90-a1c1-e006c7fdbb7d}) (Version: 14.0.24212.0 - Microsoft Corporation) Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24212 (HKLM-x32\...\{462f63a8-6347-4894-a1b3-dbfe3a4c981d}) (Version: 14.0.24212.0 - Microsoft Corporation) Microsoft Xbox 360 Accessories 1.2 (HKLM\...\{D9C50188-12D5-4D3E-8F00-682346C2AA5F}) (Version: 1.20.146.0 - Microsoft) MSI Gaming APP (HKLM-x32\...\{E0229316-E73B-484B-B9E0-45098AB38D8C}}_is1) (Version: 6.2.0.27 - MSI) Nmap 7.40 (HKLM-x32\...\Nmap) (Version: 7.40 - ) Notepad++ (32-bit x86) (HKLM-x32\...\Notepad++) (Version: 7.5.1 - Notepad++ Team) Npcap 0.78 r5 (HKLM-x32\...\NpcapInst) (Version: 0.78 r5 - Nmap Project) NVIDIA PhysX (HKLM-x32\...\{B455E95A-B804-439F-B533-336B1635AE97}) (Version: 9.14.0702 - NVIDIA Corporation) OBS Studio (HKLM-x32\...\OBS Studio) (Version: 18.0.0 - OBS Project) Office 16 Click-to-Run Extensibility Component (HKLM-x32\...\{90160000-008C-0000-0000-0000000FF1CE}) (Version: 16.0.8625.2139 - Microsoft Corporation) Hidden Office 16 Click-to-Run Extensibility Component 64-bit Registration (HKLM\...\{90160000-00DD-0000-1000-0000000FF1CE}) (Version: 16.0.8625.2139 - Microsoft Corporation) Hidden Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-008F-0000-1000-0000000FF1CE}) (Version: 16.0.8625.2139 - Microsoft Corporation) Hidden Office 16 Click-to-Run Localization Component (HKLM-x32\...\{90160000-008C-0415-0000-0000000FF1CE}) (Version: 16.0.8326.2107 - Microsoft Corporation) Hidden OpenAL (HKLM-x32\...\OpenAL) (Version: - ) OpenFM (HKU\S-1-5-21-1356687320-1589255964-2190068474-1001\...\OpenFM) (Version: 52.1.0.1 - Grupa Wirtualna Polska) Oprogramowanie mikroukładu Intel® (HKLM-x32\...\{619e726e-d2b4-4e28-9568-c964fd81ee6c}) (Version: 10.1.1.14 - Intel(R) Corporation) Hidden Origin (HKLM-x32\...\Origin) (Version: 10.5.8.12883 - Electronic Arts, Inc.) Paladins (HKLM-x32\...\{3C87E0FF-BC0A-4F5E-951B-68DC3F8DF402}) (Version: 0.63.2254.2 - Hi-Rez Studios) PlanetSide 2 (HKU\S-1-5-21-1356687320-1589255964-2190068474-1001\...\DG0-PlanetSide 2) (Version: - Sony Online Entertainment) Platform (HKLM-x32\...\{20D4A895-748C-4D88-871C-FDB1695B0169}) (Version: 1.42 - VIA Technologies, Inc.) Hidden Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 10.1.505.2015 - Realtek) Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7727 - Realtek Semiconductor Corp.) Samsung ML-2160 Series (HKLM-x32\...\Samsung ML-2160 Series) (Version: 1.25 (07.09.2015) - Samsung Electronics Co., Ltd.) Samsung Printer Diagnostics (HKLM-x32\...\Samsung Printer Diagnostics) (Version: 1.0.0.15 - Samsung Electronics Co., Ltd.) Samsung Printer Live Update (HKLM-x32\...\Samsung Printer Live Update) (Version: 1.01.00:04(2013-04-22) - Samsung Electronics Co., Ltd.) Smart View (HKLM-x32\...\{1800D8A5-F7B2-4C20-868E-1CF55CBBDF21}) (Version: 1.0.0.0 - Samsung ) Sound Blaster E-Series (HKLM-x32\...\{82820EA6-99C2-4305-8F55-5DC9BF98DB42}) (Version: 1.00.12 - Creative Technology Limited) Sound Blaster E-Series Extras (HKLM-x32\...\{0282C872-C3B7-481B-9818-54FBD7D50ECD}) (Version: 1.0 - Creative Technology Limited) Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation) TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.19 - TeamSpeak Systems GmbH) The Sims 4 (HKLM-x32\...\The Sims 4_is1) (Version: - ) TruckersMP Launcher 1.0.0.4 (HKLM\...\{A227B892-C548-4490-9C5D-DB341F8194A6}_is1) (Version: 1.0.0.4 - TruckersMP Team) Uplay (HKLM-x32\...\Uplay) (Version: 26.1 - Ubisoft) VIA Platforma Menedżera urządzeń (HKLM-x32\...\InstallShield_{20D4A895-748C-4D88-871C-FDB1695B0169}) (Version: 1.42 - VIA Technologies, Inc.) VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.6 - VideoLAN) Vulkan Run Time Libraries 1.0.37.0 (HKLM\...\VulkanRT1.0.37.0) (Version: 1.0.37.0 - LunarG, Inc.) Hidden Vulkan Run Time Libraries 1.0.37.0 (HKLM\...\VulkanRT1.0.37.0-3) (Version: 1.0.37.0 - LunarG, Inc.) Vulkan Run Time Libraries 1.0.39.1 (HKLM\...\VulkanRT1.0.39.1) (Version: 1.0.39.1 - LunarG, Inc.) Hidden Vulkan Run Time Libraries 1.0.39.1 (HKLM\...\VulkanRT1.0.39.1-2) (Version: 1.0.39.1 - LunarG, Inc.) Vulkan Run Time Libraries 1.0.51.0 (HKLM\...\VulkanRT1.0.51.0) (Version: 1.0.51.0 - LunarG, Inc.) Windows 10 Update and Privacy Settings (HKLM\...\{293F2009-0145-450B-B4AA-063D43FB368C}) (Version: 1.0.13.0 - Microsoft Corporation) WinRAR 5.40 (32-bit) (HKLM-x32\...\WinRAR archiver) (Version: 5.40.0 - win.rar GmbH) ==================== Niestandardowe rejestracje CLSID (filtrowane): ========================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) ShellIconOverlayIdentifiers: [ IDM Shell Extension] -> {CDC95B92-E27C-4745-A8C5-64A52A78855D} => C:\Program Files (x86)\Internet Download Manager\IDMShellExt64.dll [2017-06-23] (Tonec Inc.) ContextMenuHandlers1: [AIMP] -> {1F77B17B-F531-44DB-ACA4-76ABB5010A28} => C:\Program Files (x86)\AIMP\System\aimp_menu64.dll [2017-07-01] (AIMP DevTeam) ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} => C:\Program Files (x86)\Notepad++\NppShell_06.dll [2017-08-29] () ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext64.dll [2016-08-14] (Alexander Roshal) ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext.dll [2016-08-14] (Alexander Roshal) ContextMenuHandlers4: [AIMP] -> {1F77B17B-F531-44DB-ACA4-76ABB5010A28} => C:\Program Files (x86)\AIMP\System\aimp_menu64.dll [2017-07-01] (AIMP DevTeam) ContextMenuHandlers5: [ACE] -> {5E2121EE-0300-11D4-8D3B-444553540000} => C:\Program Files\AMD\CNext\CNext\atiacm64.dll [2017-07-20] (Advanced Micro Devices, Inc.) ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> Brak pliku ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => -> Brak pliku ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext64.dll [2016-08-14] (Alexander Roshal) ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext.dll [2016-08-14] (Alexander Roshal) ==================== Zaplanowane zadania (filtrowane) ============= (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) Task: {11E1F492-109C-4568-A74D-6714F34E6849} - System32\Tasks\{9D08C6C9-6C71-4387-82FC-A243521F13E0} => C:\Windows\system32\pcalua.exe -a "C:\Program Files (x86)\Common Files\Scotottex\uninstall.exe" -d C:\Windows\ImmersiveControlPanel -c shuz -f "C:\Program Files (x86)\Common Files\Scotottex\uninstall.dat" -a uninstallme 1F037F1C-50E2-4D9B-A02B-864C7FFB6CC7 DeviceId=41f85ec7-60d4-17a8-5c58-7cf08596f062 BarcodeId=50027003 ChannelId (dane wartości zawierają 32 znaków więcej). Task: {1F0CD884-164E-4318-A939-C523DB6FB726} - System32\Tasks\MSIGH_Host => C:\Program Files (x86)\MSI\Gaming APP\GamingHotkey.exe [2017-06-23] (Micro-Star INT'L CO., LTD.) Task: {2FE0384E-4242-4A3A-95E1-7BA26E5CA995} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2017-11-22] (Microsoft Corporation) Task: {44043E26-81D1-43F4-B2E6-601FC8197F3A} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [2017-12-01] (Microsoft Corporation) Task: {4828814E-B46C-409C-9FB9-F5A65A203E01} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-10-05] (Google Inc.) Task: {73DCF29C-3E80-4BC9-B23D-7ABD5D6F26C9} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [2017-12-01] (Microsoft Corporation) Task: {7BEE196F-C8C9-4EAA-AF8A-8A9B8C8AA94A} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerLogon => C:\Program Files (x86)\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [2017-09-28] () Task: {7C09FFC5-800D-4EDC-9717-E9716A257AD8} - System32\Tasks\StartCN => C:\Program Files\AMD\CNext\CNext\cncmd.exe [2017-07-20] (Advanced Micro Devices, Inc.) Task: {86326E9C-F269-467C-9900-62B025CDA7DF} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-10-05] (Google Inc.) Task: {9171BA9B-5D2E-45F8-9909-D07ABA7E2070} - System32\Tasks\{E37AF629-E79C-4FD5-B5D0-74220DA7B2C3} => C:\Windows\system32\pcalua.exe -a "C:\Program Files (x86)\DPower\uninstaller.exe" Task: {C7E941B7-404A-4764-BF0E-B218ACDC91A8} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerRegistration => C:\Program Files (x86)\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [2017-09-28] () Task: {D0A8448C-5A50-4422-8A26-BBA923DB966F} - System32\Tasks\MSIOSDx64_Host => C:\Program Files (x86)\MSI\Gaming APP\OSD\x64\MsiGamingOSD_x64.exe [2016-07-28] (Micro-Star INT'L CO., LTD.) Task: {D8907805-E561-4C97-9A87-0AD1B7F35C99} - System32\Tasks\MSIOSDx86_Host => C:\Program Files (x86)\MSI\Gaming APP\OSD\x86\MsiGamingOSD_x86.exe [2016-07-28] (Micro-Star INT'L CO., LTD.) Task: {DE4B9757-1782-41B9-99FD-381BE0DCEE10} - System32\Tasks\MSISW_Host => C:\WINDOWS\SysWOW64\muachost.exe [2015-08-18] (MSI) Task: {E7CD6440-C7A1-4891-8CAF-E9DA13FA5F78} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2017-11-22] (Microsoft Corporation) Task: {ECA855DF-EDA7-451D-A2BF-FDFA8E927BEA} - System32\Tasks\CreateExplorerShellUnelevatedTask => C:\WINDOWS\explorer.exe /NOUACCHECK (Załączenie wejścia w fixlist spowoduje przesunięcie pliku zadania (.job). Plik uruchamiany docelowo przez zadanie nie zostanie przeniesiony.) ==================== Skróty & WMI ======================== (Wybrane wejścia mogą zostać załączone w celu ich zresetowania lub usunięcia.) ShortcutWithArgument: C:\Users\Cinal\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\360c22b137d62ce9\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory=ChromeDefaultData ==================== Załadowane moduły (filtrowane) ============== 2017-07-04 14:01 - 2015-03-18 16:12 - 000022528 _____ () C:\WINDOWS\System32\ssj1mlm.dll 2017-03-18 21:58 - 2017-03-18 21:58 - 000138000 _____ () C:\WINDOWS\SYSTEM32\inputhost.dll 2017-08-22 13:27 - 2016-06-14 15:35 - 000187392 _____ () C:\Program Files (x86)\MSI\Gaming APP\OSD\x64\D3D11FontDraw.dll 2016-09-12 22:43 - 2016-09-12 22:43 - 000014336 _____ () C:\Program Files\AMD\CNext\CNext\QtQuick.2\qtquick2plugin.dll 2016-09-12 22:43 - 2016-09-12 22:43 - 000739840 _____ () C:\Program Files\AMD\CNext\CNext\QtQuick\Controls\qtquickcontrolsplugin.dll 2016-09-12 22:43 - 2016-09-12 22:43 - 000014336 _____ () C:\Program Files\AMD\CNext\CNext\QtQuick\Window.2\windowplugin.dll 2016-09-12 22:43 - 2016-09-12 22:43 - 000071168 _____ () C:\Program Files\AMD\CNext\CNext\QtQuick\Layouts\qquicklayoutsplugin.dll 2016-09-12 22:42 - 2016-09-12 22:42 - 000011776 _____ () C:\Program Files\AMD\CNext\CNext\libEGL.dll 2016-09-12 22:42 - 2016-09-12 22:42 - 002013696 _____ () C:\Program Files\AMD\CNext\CNext\libGLESv2.dll 2016-09-12 22:43 - 2016-09-12 22:43 - 000191488 _____ () C:\Program Files\AMD\CNext\CNext\QtQuick\Dialogs\dialogplugin.dll 2017-03-18 21:59 - 2017-03-20 05:01 - 001731072 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll 2017-11-14 12:14 - 2017-11-10 10:57 - 004135768 _____ () C:\Program Files (x86)\Google\Chrome\Application\62.0.3202.94\libglesv2.dll 2017-11-14 12:14 - 2017-11-10 10:57 - 000100184 _____ () C:\Program Files (x86)\Google\Chrome\Application\62.0.3202.94\libegl.dll 2017-08-22 13:27 - 2016-06-14 15:35 - 000163328 _____ () C:\Program Files (x86)\MSI\Gaming APP\OSD\x86\D3D11FontDraw.dll ==================== Alternate Data Streams (filtrowane) ========= (Załączenie wejścia w fixlist spowoduje usunięcie strumienia ADS.) ==================== Tryb awaryjny (filtrowane) =================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Wartość "AlternateShell" zostanie przywrócona.) ==================== Powiązania plików (filtrowane) =============== (Załączenie wejścia w fixlist spowoduje usunięcie obiektu z rejestru lub przywrócenie jego domyślnej postaci.) HKU\S-1-5-21-1356687320-1589255964-2190068474-1001\Software\Classes\exefile: <==== UWAGA HKU\S-1-5-21-1356687320-1589255964-2190068474-1001\Software\Classes\.exe: exefile => <==== UWAGA ==================== Internet Explorer - Witryny zaufane i z ograniczeniami =============== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru.) ==================== Hosts - zawartość: ========================== (Użycie dyrektywy Hosts: w fixlist spowoduje reset pliku Hosts.) 2015-10-30 08:24 - 2017-04-23 09:34 - 000001128 _____ C:\WINDOWS\system32\Drivers\etc\hosts 127.0.0.1 down.baidu2016.com 127.0.0.1 123.sogou.com 127.0.0.1 www.czzsyzgm.com 127.0.0.1 www.czzsyzxl.com 127.0.0.1 union.baidu2019.com 127.0.0.1 down.baidu2016.com 127.0.0.1 123.sogou.com 127.0.0.1 www.czzsyzgm.com 127.0.0.1 www.czzsyzxl.com 127.0.0.1 union.baidu2019.com ==================== Inne obszary ============================ (Obecnie brak automatycznej naprawy dla tej sekcji.) HKU\S-1-5-21-1356687320-1589255964-2190068474-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Cinal\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper DNS Servers: 192.168.0.1 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1) HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: Off) Zapora systemu Windows [funkcja włączona] ==================== MSCONFIG/TASK MANAGER - Wyłączone elementy == HKLM\...\StartupApproved\Run32: => "win_en_77" HKLM\...\StartupApproved\Run32: => "SunJavaUpdateSched" HKU\S-1-5-21-1356687320-1589255964-2190068474-1001\...\StartupApproved\StartupFolder: => "ShinraMeter — skrót.lnk" HKU\S-1-5-21-1356687320-1589255964-2190068474-1001\...\StartupApproved\Run: => "OIQ2BUYX7H" HKU\S-1-5-21-1356687320-1589255964-2190068474-1001\...\StartupApproved\Run: => "OscarEditor" HKU\S-1-5-21-1356687320-1589255964-2190068474-1001\...\StartupApproved\Run: => "OscarKeyboard" HKU\S-1-5-21-1356687320-1589255964-2190068474-1001\...\StartupApproved\Run: => "36A8DRDWOU" HKU\S-1-5-21-1356687320-1589255964-2190068474-1001\...\StartupApproved\Run: => "2E9AWX1M08" HKU\S-1-5-21-1356687320-1589255964-2190068474-1001\...\StartupApproved\Run: => "Steam" HKU\S-1-5-21-1356687320-1589255964-2190068474-1001\...\StartupApproved\Run: => "ALLUpdate" HKU\S-1-5-21-1356687320-1589255964-2190068474-1001\...\StartupApproved\Run: => "Napisy24Update" HKU\S-1-5-21-1356687320-1589255964-2190068474-1001\...\StartupApproved\Run: => "Discord" ==================== Reguły Zapory systemu Windows (filtrowane) =============== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) FirewallRules: [{4B547610-F243-4288-8890-FEBB459BFF62}] => (Allow) C:\Users\Cinal\Desktop\ShinraMeterV1.82\ShinraMeterV1.82\ShinraMeter.exe FirewallRules: [{E9EAECB1-4486-4BDB-9441-F1546E35E6DB}] => (Allow) C:\Users\Cinal\Desktop\ShinraMeterV1.82\ShinraMeterV1.82\ShinraMeter.exe FirewallRules: [{7BA6349F-09D4-400E-A35A-4DEFC82FE14D}] => (Allow) %USERPROFILE%\Desktop\ShinraMeterV1.82\ShinraMeterV1.82\ShinraMeter.exe FirewallRules: [{14E37AE1-1C81-44DB-870D-8E3446EB2082}] => (Allow) C:\Users\Cinal\AppData\Roaming\uTorrent\uTorrent.exe FirewallRules: [{D33C53FC-9BF6-4A0F-9605-25B4DB604D3F}] => (Allow) C:\Users\Cinal\AppData\Roaming\uTorrent\uTorrent.exe FirewallRules: [{CE6B13D6-8E4A-4128-8344-A4B07E1E78E1}] => (Allow) C:\Users\Cinal\AppData\Roaming\uTorrent\uTorrent.exe FirewallRules: [{97E15892-2FE8-4BD1-AF54-3E70A2C56632}] => (Allow) C:\Users\Cinal\AppData\Roaming\uTorrent\uTorrent.exe FirewallRules: [{7993557B-2298-4F5B-87AE-044F083CE57D}] => (Allow) C:\Users\Cinal\AppData\Roaming\uTorrent\uTorrent.exe FirewallRules: [{904A26EE-6C48-4E24-8F7C-DA1BE89B9390}] => (Allow) C:\Users\Cinal\AppData\Roaming\uTorrent\uTorrent.exe FirewallRules: [UDP Query User{95EB59F8-5429-49B5-9528-5F293C0CF573}C:\program files (x86)\aimp\aimp.exe] => (Allow) C:\program files (x86)\aimp\aimp.exe FirewallRules: [TCP Query User{47BC7E44-0AA8-4BD7-8B98-8AC55F536713}C:\program files (x86)\aimp\aimp.exe] => (Allow) C:\program files (x86)\aimp\aimp.exe FirewallRules: [{68693A05-3678-462D-BE59-AE347E8C093B}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe FirewallRules: [{4FF369A6-41B8-402F-A5CB-B19062E6679D}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe FirewallRules: [{C0EBBD45-174C-46F0-957F-C09C1D403FA5}] => (Allow) D:\steam\bin\cef\cef.win7\steamwebhelper.exe FirewallRules: [{463C8DDB-BDB7-4ECF-B650-6DC271596D1D}] => (Allow) D:\steam\bin\cef\cef.win7\steamwebhelper.exe FirewallRules: [{93725848-FF32-4A89-BFA4-D571A895DBF3}] => (Allow) D:\steam\steamapps\common\Euro Truck Simulator 2\bin\win_x64\eurotrucks2.exe FirewallRules: [{F7A1621A-4A89-4317-9A12-4C4D8634EAD0}] => (Allow) D:\steam\steamapps\common\Euro Truck Simulator 2\bin\win_x64\eurotrucks2.exe FirewallRules: [{5025A976-1D09-4687-8429-AE5CE6352BE5}] => (Allow) D:\steam\steamapps\common\Euro Truck Simulator 2\bin\win_x86\eurotrucks2.exe FirewallRules: [{9F742EBE-1F1A-4D02-B30C-AA7C6E281D04}] => (Allow) D:\steam\steamapps\common\Euro Truck Simulator 2\bin\win_x86\eurotrucks2.exe FirewallRules: [{9D45F276-D12A-4491-B1B6-9A8B5763FBB5}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe FirewallRules: [{4FB7EB11-6C43-4286-A6EA-6DEE9758A75C}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe FirewallRules: [{23BA8C9E-261C-493A-86D8-24ABD6F66C8B}] => (Allow) D:\steam\steamapps\common\rocketleague\Binaries\Win32\RocketLeague.exe FirewallRules: [{EE7896E9-DFC7-4BB1-9FDC-60F6454A9CF6}] => (Allow) D:\steam\steamapps\common\rocketleague\Binaries\Win32\RocketLeague.exe FirewallRules: [{86B5402D-57A4-4A78-BCF6-09297F381024}] => (Allow) D:\steam\Steam.exe FirewallRules: [{8E8CAC75-41F8-47A1-AF24-272368CAFED4}] => (Allow) D:\steam\Steam.exe FirewallRules: [TCP Query User{CF0831CA-E93C-43CD-876A-D0A7EA4C9741}D:\bdo\bin64\blackdesert64.exe] => (Allow) D:\bdo\bin64\blackdesert64.exe FirewallRules: [UDP Query User{DF3E9FDD-9D6D-4865-B135-4E12C7625A74}D:\bdo\bin64\blackdesert64.exe] => (Allow) D:\bdo\bin64\blackdesert64.exe FirewallRules: [TCP Query User{BCF75908-C744-4AB8-93FF-113D2C7CE723}D:\steam\steamapps\common\cloud pirates\mycomgames\mycomgames.exe] => (Allow) D:\steam\steamapps\common\cloud pirates\mycomgames\mycomgames.exe FirewallRules: [UDP Query User{8CE69C34-9CD8-481D-BAF9-1117233F1F89}D:\steam\steamapps\common\cloud pirates\mycomgames\mycomgames.exe] => (Allow) D:\steam\steamapps\common\cloud pirates\mycomgames\mycomgames.exe FirewallRules: [TCP Query User{26C845A5-278F-4985-AB38-D62024081C72}C:\program files (x86)\smart view\smart view.exe] => (Allow) C:\program files (x86)\smart view\smart view.exe FirewallRules: [UDP Query User{8C327898-E8B7-46AB-AC7C-26A9E93D8F2A}C:\program files (x86)\smart view\smart view.exe] => (Allow) C:\program files (x86)\smart view\smart view.exe FirewallRules: [TCP Query User{9401712B-F2BD-4260-BE6B-5A9DE8FF6114}C:\program files (x86)\java\jre1.8.0_144\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_144\bin\javaw.exe FirewallRules: [UDP Query User{35F16B1C-9A17-44D2-9480-1B581DA1670D}C:\program files (x86)\java\jre1.8.0_144\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_144\bin\javaw.exe FirewallRules: [{84E3F6E7-183A-4CA6-A3BF-98D0EA58B897}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\outlook.exe FirewallRules: [{CA67BA65-8F24-46E2-8AFD-C250EFA547A1}] => (Allow) LPort=26789 FirewallRules: [TCP Query User{A9DA912E-F74F-4DBC-9D0B-61EAAB98B0C6}D:\steam\steamapps\common\paladins pts\binaries\win32\paladins.exe] => (Allow) D:\steam\steamapps\common\paladins pts\binaries\win32\paladins.exe FirewallRules: [UDP Query User{3A8B52FC-E588-4BCF-9ACD-5396EE39B67F}D:\steam\steamapps\common\paladins pts\binaries\win32\paladins.exe] => (Allow) D:\steam\steamapps\common\paladins pts\binaries\win32\paladins.exe FirewallRules: [TCP Query User{3DEDE769-51D1-45AD-9A48-34161B5FE68A}D:\program files (x86)\hi-rez studios\hirezgames\paladins\binaries\win32\paladins.exe] => (Allow) D:\program files (x86)\hi-rez studios\hirezgames\paladins\binaries\win32\paladins.exe FirewallRules: [UDP Query User{73E9B15A-B3B0-4FDA-B4FA-B2D1537401FB}D:\program files (x86)\hi-rez studios\hirezgames\paladins\binaries\win32\paladins.exe] => (Allow) D:\program files (x86)\hi-rez studios\hirezgames\paladins\binaries\win32\paladins.exe FirewallRules: [{80265F8E-1ACF-4FDF-BF91-493F2545B9E0}] => (Allow) 㩃啜敳獲䍜湩污䅜灰慄慴剜慯業杮獜湳獜湳攮數 FirewallRules: [{E4D21BD1-4EE6-4170-B7BA-6E756CF63204}] => (Allow) 㩃啜敳獲䍜湩污䅜灰慄慴剜慯業杮獜湳獜癡略⹰硥e FirewallRules: [{19C56B8A-C04B-4DA7-86C6-A9AC51563673}] => (Allow) D:\DarknessAndFlame\Darkness and Flame Missing Memories Collectors Edition\DarknessAndFlame_MissingMemories_CE.exe FirewallRules: [TCP Query User{FA8BFB76-E6B7-4A06-99AA-A41BFF512868}D:\life is strange\life is strange before the storm episode 2\life is strange - before the storm.exe] => (Allow) D:\life is strange\life is strange before the storm episode 2\life is strange - before the storm.exe FirewallRules: [UDP Query User{8603B131-5E0F-4D73-9F83-BD571EB417B8}D:\life is strange\life is strange before the storm episode 2\life is strange - before the storm.exe] => (Allow) D:\life is strange\life is strange before the storm episode 2\life is strange - before the storm.exe FirewallRules: [TCP Query User{6388C6F8-932E-443E-B340-3DF8B0B9A8C8}D:\thehunter\thehunter - call of the wild\thehuntercotw_f.exe] => (Allow) D:\thehunter\thehunter - call of the wild\thehuntercotw_f.exe FirewallRules: [UDP Query User{621B2323-8C55-4A04-B680-4C6B26A2BCA4}D:\thehunter\thehunter - call of the wild\thehuntercotw_f.exe] => (Allow) D:\thehunter\thehunter - call of the wild\thehuntercotw_f.exe FirewallRules: [TCP Query User{A6F07B5C-1397-4F39-9263-853710E100E2}D:\fortnite\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe] => (Allow) D:\fortnite\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe FirewallRules: [UDP Query User{8FC83A13-FA49-4134-A648-93CC91B469ED}D:\fortnite\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe] => (Allow) D:\fortnite\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe FirewallRules: [TCP Query User{B920E834-963E-4623-ABF3-8F72598862C5}D:\fortnite\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe] => (Allow) D:\fortnite\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe FirewallRules: [UDP Query User{79F6B295-2E74-40F1-8C13-2DBA652062CF}D:\fortnite\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe] => (Allow) D:\fortnite\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe FirewallRules: [TCP Query User{8993BD36-224B-4B8C-88C9-8D52B6051427}D:\fortnite\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe] => (Allow) D:\fortnite\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe FirewallRules: [UDP Query User{329E9B60-788F-4A78-A8AC-37D4E31603A6}D:\fortnite\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe] => (Allow) D:\fortnite\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe FirewallRules: [{AF3AB668-5E13-4798-9CB7-B33179679520}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe FirewallRules: [{2660BD98-A811-407A-866D-59D065D860DF}] => (Allow) D:\steam\steamapps\common\Euro Truck Simulator 2\bin\win_x86\eurotrucks2.exe FirewallRules: [{D4DD5BB4-B0DE-4167-B471-72B8DBDCF399}] => (Allow) D:\steam\steamapps\common\Euro Truck Simulator 2\bin\win_x86\eurotrucks2.exe FirewallRules: [{7C909634-4147-44B3-9F71-7BF67B3A6D5C}] => (Allow) D:\steam\steamapps\common\Euro Truck Simulator 2\bin\win_x64\eurotrucks2.exe FirewallRules: [{111C04F2-CDD6-4316-831F-68B1B9C2A91F}] => (Allow) D:\steam\steamapps\common\Euro Truck Simulator 2\bin\win_x64\eurotrucks2.exe FirewallRules: [{AE6EDA84-D680-4D4D-8A9B-50C54B14E0C9}] => (Allow) D:\steam\steamapps\common\rocketleague\Binaries\Win32\RocketLeague.exe FirewallRules: [{5DB2B27A-0DD4-4364-A47F-D507EEDEA965}] => (Allow) D:\steam\steamapps\common\rocketleague\Binaries\Win32\RocketLeague.exe ==================== Punkty Przywracania systemu ========================= 16-11-2017 15:26:28 Windows Update 22-11-2017 11:04:07 Windows Update 02-12-2017 01:13:00 Zaplanowany punkt kontrolny ==================== Wadliwe urządzenia w Menedżerze urządzeń ============= ==================== Błędy w Dzienniku zdarzeń: ========================= Dziennik Aplikacja: ================== Error: (12/06/2017 08:14:00 AM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3001) (User: ZARZĄDZANIE NT) Description: The performance counter name string value in the registry is not formatted correctly. The malformed string is 84200. The first DWORD in the Data section contains the index value to the malformed string while the second and third DWORDs in the Data section contain the last valid index values. Error: (12/06/2017 08:14:00 AM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3001) (User: ZARZĄDZANIE NT) Description: The performance counter name string value in the registry is not formatted correctly. The malformed string is 84200. The first DWORD in the Data section contains the index value to the malformed string while the second and third DWORDs in the Data section contain the last valid index values. Error: (12/05/2017 04:07:49 PM) (Source: Application Hang) (EventID: 1002) (User: ) Description: Program Microsoft.Photos.exe w wersji 2017.39091.16340.0 przestał współpracować z systemem Windows i został zamknięty. Aby sprawdzić, czy jest dostępnych więcej informacji na temat tego problemu, sprawdź historię problemu w oknie Zabezpieczenia i konserwacja w Panelu sterowania. Identyfikator procesu: 25ac Godzina rozpoczęcia: 01d36ddacf0326a0 Godzina zakończenia: 4294967295 Ścieżka aplikacji: C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2017.39091.16340.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe Identyfikator raportu: 9587e4ae-9085-42a9-a0e8-6033adf7819f Pełna nazwa pakietu powodującego błąd: Microsoft.Windows.Photos_2017.39091.16340.0_x64__8wekyb3d8bbwe Identyfikator aplikacji względem pakietu powodującego błąd: App Error: (12/05/2017 04:07:47 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: KOMPUTER) Description: Aktywacja aplikacji Microsoft.Windows.Photos_8wekyb3d8bbwe!App nie powiodła się. Błąd: -2144927142. Więcej informacji można znaleźć w dzienniku Microsoft-Windows-TWinUI/Działa. Error: (12/05/2017 04:07:42 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 2484) (User: KOMPUTER) Description: Działanie pakietu Microsoft.Windows.Photos_2017.39091.16340.0_x64__8wekyb3d8bbwe+App zostało zakończone, ponieważ operacja wstrzymywania pakietu trwała zbyt długo. Error: (12/05/2017 03:53:24 PM) (Source: Perflib) (EventID: 1023) (User: ) Description: System Windows nie może załadować biblioteki DLL licznika rozszerzalnego rdyboost. Pierwsze cztery bajty (DWORD) sekcji danych Data zawierają kod błędu systemu Windows. Error: (12/05/2017 03:53:23 PM) (Source: Perflib) (EventID: 1008) (User: ) Description: Nie powiodło się wykonanie procedury otwierania dla usługi „BITS” w bibliotece DLL „C:\Windows\System32\bitsperf.dll”. Dane wydajności dla tej usługi nie będą dostępne. Pierwsze cztery bajty (DWORD) sekcji danych Data zawierają kod błędu. Error: (12/05/2017 03:02:45 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: KOMPUTER) Description: Aktywacja aplikacji microsoft.windowscommunicationsapps_8wekyb3d8bbwe!ppleae38af2e007f4358a809ac99a64a67c1 nie powiodła się. Błąd: -2144927141. Więcej informacji można znaleźć w dzienniku Microsoft-Windows-TWinUI/Działa. Error: (12/05/2017 03:02:44 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: KOMPUTER) Description: Aktywacja aplikacji Microsoft.Windows.ContentDeliveryManager_cw5n1h2txyewy!App nie powiodła się. Błąd: -2144927141. Więcej informacji można znaleźć w dzienniku Microsoft-Windows-TWinUI/Działa. Error: (12/05/2017 03:02:44 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: KOMPUTER) Description: Aktywacja aplikacji Microsoft.Windows.Cortana_cw5n1h2txyewy!CortanaUI nie powiodła się. Błąd: -2147024865. Więcej informacji można znaleźć w dzienniku Microsoft-Windows-TWinUI/Działa. Dziennik System: ============= Error: (12/06/2017 02:30:18 PM) (Source: DCOM) (EventID: 10016) (User: ZARZĄDZANIE NT) Description: Zgodnie z ustawieniami uprawnienia właściwe dla aplikacji nie jest udzielane uprawnienie Lokalny Aktywacja do aplikacji serwera COM z identyfikatorem klasy CLSID {D63B10C5-BB46-4990-A94F-E40B9D520160} i identyfikatorem aplikacji APPID {9CA88EE3-ACB7-47C8-AFC4-AB702511C276} użytkownikowi ZARZĄDZANIE NT\SYSTEM o identyfikatorze zabezpieczeń SID (S-1-5-18) z adresu LocalHost (użycie LRPC) działającemu w kontenerze aplikacji o identyfikatorze SID Niedostępny (Niedostępny). To uprawnienie zabezpieczeń można modyfikować przy użyciu narzędzia administracyjnego Usługi składowe. Error: (12/06/2017 02:28:04 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Nie można uruchomić usługi CldFlt z powodu następującego błędu: Żądanie nie jest obsługiwane. Error: (12/06/2017 08:08:27 AM) (Source: DCOM) (EventID: 10016) (User: ZARZĄDZANIE NT) Description: Zgodnie z ustawieniami uprawnienia właściwe dla aplikacji nie jest udzielane uprawnienie Lokalny Aktywacja do aplikacji serwera COM z identyfikatorem klasy CLSID {D63B10C5-BB46-4990-A94F-E40B9D520160} i identyfikatorem aplikacji APPID {9CA88EE3-ACB7-47C8-AFC4-AB702511C276} użytkownikowi ZARZĄDZANIE NT\SYSTEM o identyfikatorze zabezpieczeń SID (S-1-5-18) z adresu LocalHost (użycie LRPC) działającemu w kontenerze aplikacji o identyfikatorze SID Niedostępny (Niedostępny). To uprawnienie zabezpieczeń można modyfikować przy użyciu narzędzia administracyjnego Usługi składowe. Error: (12/06/2017 08:07:23 AM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Nie można uruchomić usługi CldFlt z powodu następującego błędu: Żądanie nie jest obsługiwane. Error: (12/06/2017 08:06:59 AM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Nie można uruchomić usługi Origin Web Helper Service z powodu następującego błędu: Potok został zakończony. Error: (12/06/2017 08:06:56 AM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Nie można uruchomić usługi CldFlt z powodu następującego błędu: Żądanie nie jest obsługiwane. Error: (12/06/2017 08:05:02 AM) (Source: DCOM) (EventID: 10005) (User: ZARZĄDZANIE NT) Description: Model DCOM odebrał błąd 1084 podczas próby uruchomienia usługi UsoSvc z argumentami Niedostępny w celu uruchomienia serwera: {B91D5831-B1BD-4608-8198-D72E155020F7} Error: (12/06/2017 08:00:59 AM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Nie można uruchomić usługi CldFlt z powodu następującego błędu: Żądanie nie jest obsługiwane. Error: (12/06/2017 08:00:53 AM) (Source: volmgr) (EventID: 46) (User: ) Description: Inicjowanie zrzutu awaryjnego nie powiodło się! Error: (12/06/2017 07:59:58 AM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Nie można uruchomić usługi CldFlt z powodu następującego błędu: Żądanie nie jest obsługiwane. CodeIntegrity: =================================== Date: 2017-12-01 07:49:55.931 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume4\Windows\System32\amdihk64.dll that did not meet the Store signing level requirements. Date: 2017-11-28 17:42:44.202 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume4\Windows\System32\amdihk64.dll that did not meet the Store signing level requirements. Date: 2017-11-25 13:09:13.006 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume4\Windows\System32\amdihk64.dll that did not meet the Store signing level requirements. Date: 2017-11-20 22:14:05.532 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume4\Windows\System32\amdihk64.dll that did not meet the Store signing level requirements. Date: 2017-11-19 12:08:30.666 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume4\Windows\System32\amdihk64.dll that did not meet the Store signing level requirements. Date: 2017-11-19 10:28:34.643 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume4\Windows\System32\amdihk64.dll that did not meet the Store signing level requirements. Date: 2017-11-19 10:26:23.400 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume4\Windows\System32\amdihk64.dll that did not meet the Store signing level requirements. Date: 2017-11-18 15:52:40.969 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume4\Windows\System32\amdihk64.dll that did not meet the Store signing level requirements. Date: 2017-11-18 15:52:22.426 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume4\Windows\System32\amdihk64.dll that did not meet the Store signing level requirements. Date: 2017-11-17 14:41:49.638 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume4\Windows\System32\amdihk64.dll that did not meet the Store signing level requirements. ==================== Statystyki pamięci =========================== Procesor: Intel(R) Core(TM) i5-4590 CPU @ 3.30GHz Procent pamięci w użyciu: 24% Całkowita pamięć fizyczna: 16341.13 MB Dostępna pamięć fizyczna: 12399.25 MB Całkowita pamięć wirtualna: 18389.13 MB Dostępna pamięć wirtualna: 13600.66 MB ==================== Dyski ================================ Drive c: () (Fixed) (Total:223.02 GB) (Free:171.16 GB) NTFS Drive d: (Dysk na dane/gry) (Fixed) (Total:931.39 GB) (Free:780.04 GB) NTFS ==================== MBR & Tablica partycji ================== ======================================================== Disk: 0 (MBR Code: Windows 7 or 8) (Size: 223.6 GB) (Disk ID: 00000000) Partition: GPT. ======================================================== Disk: 1 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: 00000000) Partition: GPT. ==================== Koniec Addition.txt ============================