Rezultaty skanu uzupełniającego Farbar Recovery Scan Tool (x64) Wersja: 22-04-2020 Uruchomiony przez igors (24-04-2020 10:04:52) Uruchomiony z C:\Users\igors\Downloads Windows 10 Home Wersja 1903 18362.778 (X64) (2019-09-25 04:01:36) Tryb startu: Normal ========================================================== ==================== Konta użytkowników: ============================= Administrator (S-1-5-21-3535477340-1024585370-1207032101-500 - Administrator - Disabled) Gość (S-1-5-21-3535477340-1024585370-1207032101-501 - Limited - Disabled) igore (S-1-5-21-3535477340-1024585370-1207032101-1002 - Administrator - Enabled) => C:\Users\igore igors (S-1-5-21-3535477340-1024585370-1207032101-1004 - Administrator - Enabled) => C:\Users\igors Konto domyślne (S-1-5-21-3535477340-1024585370-1207032101-503 - Limited - Disabled) WDAGUtilityAccount (S-1-5-21-3535477340-1024585370-1207032101-504 - Limited - Disabled) ==================== Centrum zabezpieczeń ======================== (Załączenie wejścia w fixlist spowoduje jego usunięcie.) AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AV: Avast Antivirus (Enabled - Up to date) {EB19B86E-3998-C706-90EF-92B41EB091AF} ==================== Zainstalowane programy ====================== (W fixlist dozwolone tylko załączanie programów adware z flagą "Hidden" w celu ich uwidocznienia. Programy adware powinny zostać w poprawny sposób odinstalowane.) Adobe Creative Cloud (HKLM-x32\...\Adobe Creative Cloud) (Version: 5.1.0.407 - Adobe Systems Incorporated) Aktualizacje NVIDIA 38.0.5.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 38.0.5.0 - NVIDIA Corporation) Hidden Audacity 2.3.3 (HKLM-x32\...\Audacity_is1) (Version: 2.3.3 - Audacity Team) AutoHotkey 1.1.32.00 (HKLM\...\AutoHotkey) (Version: 1.1.32.00 - Lexikos) Auto-Tune-8.1-vst3 (HKLM-x32\...\{417267F2-7228-4F20-B14B-0C3DC8A29E14}_is1) (Version: - Phúc Thái) Avast Free Antivirus (HKLM-x32\...\Avast Antivirus) (Version: 20.2.2401 - Avast Software) Avast Secure Browser (HKLM-x32\...\Avast Secure Browser) (Version: 80.1.3902.163 - AVAST Software) Avast Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.7.850.0 - AVAST Software) Hidden Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment) Blackmagic RAW Common Components (HKLM\...\{8F57BC8F-7DAC-4E4B-BD13-A55B1AC0DF43}) (Version: 1.6 - Blackmagic Design) Call of Duty Modern Warfare (HKLM-x32\...\Call of Duty Modern Warfare) (Version: - Blizzard Entertainment) CCleaner (HKLM\...\CCleaner) (Version: 5.63 - Piriform) DaVinci Resolve Panels (HKLM\...\{567706B7-1501-43BC-81AB-C7E306B40C73}) (Version: 1.3.2.0 - Blackmagic Design) Discord (HKU\S-1-5-21-3535477340-1024585370-1207032101-1004\...\Discord) (Version: 0.0.306 - Discord Inc.) Epic Games Launcher (HKLM-x32\...\{0B51E0DE-75C4-4C28-ABAB-AEBA1151708D}) (Version: 1.1.257.0 - Epic Games, Inc.) Epic Games Launcher Prerequisites (x64) (HKLM\...\{66C5838F-B854-4A55-89E6-A6138747A4DF}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden ESL Wire 1.20.0 (HKLM\...\ESL Wire_is1) (Version: - Turtle Entertainment GmbH) FACEIT AC version 2.0 (HKLM\...\{1419E44C-0EF4-4822-9194-9F1A4D43973D}_is1) (Version: 2.0 - FACEIT LTD) GIMP 2.10.14 (HKLM\...\GIMP-2_is1) (Version: 2.10.14 - The GIMP Team) Google Chrome (HKLM\...\{04DBEDAC-DFA9-3823-937A-FE754A7AD6F7}) (Version: 81.0.4044.122 - Google LLC) Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.35.451 - Google LLC) Hidden Grand Theft Auto V (HKLM-x32\...\{5EFC6C07-6B87-43FC-9524-F9E967241741}) (Version: 1.0.1868.0 - Rockstar Games) Icecream Video Editor (wersja 1.54) (HKLM-x32\...\{DB083527-50BE-4762-8CBE-30CB8E19E19C}_is1) (Version: 1.54 - Icecream Apps) Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 1922.12.0.1276 - Intel Corporation) Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 17.5.0.1017 - Intel Corporation) Intel(R) Trusted Connect Service Client x86 (HKLM-x32\...\{C9552825-7BF2-4344-BA91-D3CD46F4C441}) (Version: 1.55.66.0 - Intel Corporation) Hidden Intel(R) Trusted Connect Services Client (HKLM-x32\...\{1fec26b5-eeec-4604-877a-44f1843ae9d4}) (Version: 1.55.66.0 - Intel Corporation) Hidden Intel® Optane™ Pinning Explorer Extensions (HKLM\...\{7D4998B3-AC68-4815-AC47-5A1969D91E30}) (Version: 17.5.0.1017 - Intel Corporation) Java 8 Update 241 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180241F0}) (Version: 8.0.2410.7 - Oracle Corporation) kdenlive (HKLM-x32\...\kdenlive) (Version: 19.12.1 - KDE e.V.) Launcher Prerequisites (x64) (HKLM-x32\...\{c6c5a357-c7ca-4a5f-9789-3bb1af579253}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden LogMeIn Hamachi (HKLM-x32\...\{ECC0FA07-863E-44BC-8B1D-DA22F96E5FB7}) (Version: 2.2.0.633 - LogMeIn, Inc.) Hidden LogMeIn Hamachi (HKLM-x32\...\LogMeIn Hamachi) (Version: 2.2.0.633 - LogMeIn, Inc.) McAfee WebAdvisor (HKLM-x32\...\{35ED3F83-4BDC-4c44-8EC6-6A8301C7413A}) (Version: 4.1.1.92 - McAfee, LLC.) Microsoft Office Professional 2016 - pl-pl (HKLM\...\ProfessionalRetail - pl-pl) (Version: 16.0.12624.20466 - Microsoft Corporation) Microsoft OneDrive (HKU\S-1-5-21-3535477340-1024585370-1207032101-1004\...\OneDriveSetup.exe) (Version: 19.232.1124.0012 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40660 (HKLM-x32\...\{ef6b00ec-13e1-4c25-9064-b2f383cb8412}) (Version: 12.0.40660.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.40660 (HKLM-x32\...\{61087a79-ac85-455c-934d-1fa22cc64f36}) (Version: 12.0.40660.0 - Microsoft Corporation) Microsoft Visual C++ 2015-2019 Redistributable (x64) - 14.23.27820 (HKLM-x32\...\{852adda4-4c78-4a38-b583-c0b360a329d6}) (Version: 14.23.27820.0 - Microsoft Corporation) Microsoft Visual C++ 2015-2019 Redistributable (x86) - 14.23.27820 (HKLM-x32\...\{45231ab4-69fd-486a-859d-7a59fcd11013}) (Version: 14.23.27820.0 - Microsoft Corporation) Minecraft Launcher (HKLM-x32\...\{810F1419-7760-402E-8772-B4054FAA2B72}) (Version: 1.0.0.0 - Mojang) Mozilla Firefox 74.0 (x64 pl) (HKLM\...\Mozilla Firefox 74.0 (x64 pl)) (Version: 74.0 - Mozilla) Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 68.0.1 - Mozilla) NVAPI Monitor plugin for NvContainer (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvContainer.NvapiMonitor) (Version: 1.19 - NVIDIA Corporation) Hidden NVIDIA GeForce Experience 3.20.3.63 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.20.3.63 - NVIDIA Corporation) NVIDIA Oprogramowanie systemu PhysX 9.19.0218 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.19.0218 - NVIDIA Corporation) NVIDIA Sterownik dźwięku HD 1.3.38.21 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.38.21 - NVIDIA Corporation) NVIDIA Sterownik graficzny 442.59 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 442.59 - NVIDIA Corporation) NVIDIA USBC Driver 1.38.831.832 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_USBC) (Version: 1.38.831.832 - NVIDIA Corporation) OBS Studio (HKLM-x32\...\OBS Studio) (Version: 24.0.3 - OBS Project) Office 16 Click-to-Run Extensibility Component (HKLM\...\{90160000-008C-0000-1000-0000000FF1CE}) (Version: 16.0.12624.20442 - Microsoft Corporation) Hidden Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-007E-0000-1000-0000000FF1CE}) (Version: 16.0.12624.20466 - Microsoft Corporation) Hidden Office 16 Click-to-Run Localization Component (HKLM\...\{90160000-008C-0415-1000-0000000FF1CE}) (Version: 16.0.12624.20442 - Microsoft Corporation) Hidden Oprogramowanie mikroukładu Intel® (HKLM-x32\...\{eb0d4a41-3065-42b0-a868-c60d42d3ea98}) (Version: 10.1.17695.8086 - Intel(R) Corporation) Hidden Origin (HKLM-x32\...\Origin) (Version: 10.5.68.39605 - Electronic Arts, Inc.) Overwolf (HKLM-x32\...\Overwolf) (Version: 0.145.0.19 - Overwolf Ltd.) Paradox Launcher v2 (HKLM\...\{F0072197-FCF6-41BF-9D38-832B145922DC}) (Version: 2.0.0.0 - Paradox Interactive) Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7841 - Realtek Semiconductor Corp.) Rockstar Games Launcher (HKLM-x32\...\Rockstar Games Launcher) (Version: 1.0.19.234 - Rockstar Games) Rockstar Games Social Club (HKLM-x32\...\Rockstar Games Social Club) (Version: 2.0.5.2 - Rockstar Games) Skype (wersja 8.57) (HKLM-x32\...\Skype_is1) (Version: 8.57 - Skype Technologies S.A.) STAR WARS Jedi - Fallen Order™ (HKLM-x32\...\{D00A89F1-2D8C-4589-B1D1-73A6544E3B1F}) (Version: 1.0.7.0 - Electronic Arts, Inc.) Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation) Streamlabs OBS 0.20.2 (HKLM\...\029c4619-0385-5543-9426-46f9987161d9) (Version: 0.20.2 - General Workings, Inc.) Uplay (HKLM-x32\...\Uplay) (Version: 103.2 - Ubisoft) WebM Media Foundation Components (HKLM-x32\...\webmmf) (Version: 1.0.1.2 - WebM Project) WinRAR 5.71 (32-bitowy) (HKLM-x32\...\WinRAR archiver) (Version: 5.71.0 - win.rar GmbH) Wondershare Filmora9(Build 9.3.7) (HKLM\...\Wondershare Filmora9_is1) (Version: - Wondershare Software) Wondershare Helper Compact 2.6.0 (HKLM-x32\...\{5363CE84-5F09-48A1-8B6C-6BB590FFEDF2}_is1) (Version: 2.6.0 - Wondershare) Zoom Outlook Plugin (HKLM-x32\...\{1DCBB3EE-41E9-4B09-A3FB-4B1B409C18F5}) (Version: 4.8.19156 - Zoom) Packages: ========= Centrum sterowania grafiką Intel® -> C:\Program Files\WindowsApps\AppUp.IntelGraphicsExperience_1.100.2727.0_x64__8j3eq9eme6ctt [0000-00-00] (INTEL CORP) [Startup Task] Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [0000-00-00] (Microsoft Corporation) [MS Ad] Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [0000-00-00] (Microsoft Corporation) [MS Ad] Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.6.4030.0_x64__8wekyb3d8bbwe [0000-00-00] (Microsoft Studios) [MS Ad] MSN Pogoda -> C:\Program Files\WindowsApps\Microsoft.BingWeather_4.36.20714.0_x64__8wekyb3d8bbwe [0000-00-00] (Microsoft Corporation) [MS Ad] ==================== Niestandardowe rejestracje CLSID (filtrowane): ============== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) ShellIconOverlayIdentifiers: [ OptaneIconOverlay] -> {A3AF6F6C-8BED-3D93-8B5D-33427B5D38E9} => C:\Program Files\Intel\OptaneShellExtensions\OptaneShellExt.dll [2019-05-09] (Intel(R) Rapid Storage Technology -> ) ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2020-04-23] (Avast Software s.r.o. -> AVAST Software) ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => -> Brak pliku ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} => -> Brak pliku ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2020-04-23] (Avast Software s.r.o. -> AVAST Software) ContextMenuHandlers1: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} => -> Brak pliku ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext64.dll [2019-05-07] (win.rar GmbH -> Alexander Roshal) ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext.dll [2019-05-07] (win.rar GmbH -> Alexander Roshal) ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2020-04-23] (Avast Software s.r.o. -> AVAST Software) ContextMenuHandlers3: [OptaneContextMenu] -> {AD7EBB13-617D-3270-8FA8-46583499C4FB} => C:\Program Files\Intel\OptaneShellExtensions\OptaneShellExt.dll [2019-05-09] (Intel(R) Rapid Storage Technology -> ) ContextMenuHandlers3: [{4A7C4306-57E0-4C0C-83A9-78C1528F618C}] -> {4A7C4306-57E0-4C0C-83A9-78C1528F618C} => -> Brak pliku ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => -> Brak pliku ContextMenuHandlers4: [Offline Files] -> {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} => -> Brak pliku ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\Windows\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_87086da927dcdf63\nvshext.dll [2020-03-05] (NVIDIA Corporation -> NVIDIA Corporation) ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2020-04-23] (Avast Software s.r.o. -> AVAST Software) ContextMenuHandlers6: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} => -> Brak pliku ContextMenuHandlers6: [Offline Files] -> {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} => -> Brak pliku ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext64.dll [2019-05-07] (win.rar GmbH -> Alexander Roshal) ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext.dll [2019-05-07] (win.rar GmbH -> Alexander Roshal) ==================== Codecs (filtrowane) ==================== ==================== Skróty & WMI ======================== ==================== Załadowane moduły (filtrowane) ============= 2020-04-16 19:19 - 2016-07-21 10:54 - 000137728 _____ () [Brak podpisu cyfrowego] C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\CBSCreateVC.dll 2020-04-16 19:19 - 2017-09-12 10:34 - 001506304 _____ () [Brak podpisu cyfrowego] C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\DAQExp.dll 2020-04-16 19:19 - 2017-09-12 10:36 - 000708608 _____ (Wondershare) [Brak podpisu cyfrowego] C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\CBSProducstInfo.dll ==================== Alternate Data Streams (filtrowane) ======== (Załączenie wejścia w fixlist spowoduje usunięcie strumienia ADS.) AlternateDataStreams: C:\Users\Public\Shared Files:VersionCache [464] ==================== Tryb awaryjny (filtrowane) ================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Wartość "AlternateShell" zostanie przywrócona.) HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Hamachi2Svc => ""="Service" ==================== Powiązania plików (filtrowane) ================= ==================== Internet Explorer - Witryny zaufane i z ograniczeniami ========== ==================== Hosts - zawartość: ========================= (Użycie dyrektywy Hosts: w fixlist spowoduje reset pliku Hosts.) 2019-03-19 06:49 - 2020-03-20 16:13 - 000000824 _____ C:\Windows\system32\drivers\etc\hosts ==================== Inne obszary =========================== (Obecnie brak automatycznej naprawy dla tej sekcji.) HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Common Files\Oracle\Java\javapath;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Windows\System32\OpenSSH\;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Program Files\NVIDIA Corporation\NVIDIA NvDLISR HKU\S-1-5-21-3535477340-1024585370-1207032101-1004\Control Panel\Desktop\\Wallpaper -> c:\windows\web\wallpaper\theme1\img13.jpg DNS Servers: 188.117.188.117 - 89.25.182.14 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1) HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: Off) Zapora systemu Windows [funkcja włączona] ==================== MSCONFIG/TASK MANAGER - Wyłączone elementy == ==================== Reguły Zapory systemu Windows (filtrowane) ================ (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) FirewallRules: [{AE361DAB-C9DF-4B85-9EE3-743E89999980}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation) FirewallRules: [{BDD120B6-066B-4A0A-B39D-BC8C947246A1}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation) FirewallRules: [{5473E581-1A21-41C8-8688-B7A6B8C392CC}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation) FirewallRules: [{862DFBA7-B71D-4852-B550-FF0D6C611CFE}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation) FirewallRules: [{72754696-B042-448D-B67E-9CC6A537AE82}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe Brak pliku FirewallRules: [{805F1C87-A3C3-4CD5-93EB-024A0A7F7C5A}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe Brak pliku FirewallRules: [{E4736DA5-8BD0-456D-87CF-D5D7C581A78D}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe Brak pliku FirewallRules: [{A00E64BE-CEC1-4312-A494-6826C92A6B96}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe Brak pliku FirewallRules: [{23AC9F6F-A303-4F37-B7BF-18B2C7B368AD}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe Brak pliku FirewallRules: [{CCCA43BF-F6C7-4F97-8172-82ACBBA8A3AC}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe Brak pliku FirewallRules: [TCP Query User{93E96327-D6A9-4559-BA98-05E889A73C93}C:\program files\rockstar games\grand theft auto v\gta5.exe] => (Allow) C:\program files\rockstar games\grand theft auto v\gta5.exe Brak pliku FirewallRules: [UDP Query User{773F3806-7D22-463D-9239-496900839A9D}C:\program files\rockstar games\grand theft auto v\gta5.exe] => (Allow) C:\program files\rockstar games\grand theft auto v\gta5.exe Brak pliku FirewallRules: [{6B330F01-23C8-4E6E-880C-5B5838D63F38}] => (Allow) D:\Steam\Steam.exe (Valve -> Valve Corporation) FirewallRules: [{848A3413-70D1-47C0-847B-D0A320EB8EB9}] => (Allow) D:\Steam\Steam.exe (Valve -> Valve Corporation) FirewallRules: [{A317D1F7-94CE-418B-A78D-610F69271896}] => (Allow) D:\Steam\bin\cef\cef.win7\steamwebhelper.exe Brak pliku FirewallRules: [{82D35CC9-DFDF-43D1-A1AC-7E9E52520A3D}] => (Allow) D:\Steam\bin\cef\cef.win7\steamwebhelper.exe Brak pliku FirewallRules: [TCP Query User{71380BF6-326B-41BD-86F8-97A5E797CF91}C:\program files (x86)\minecraft launcher\runtime\jre-x64\bin\javaw.exe] => (Allow) C:\program files (x86)\minecraft launcher\runtime\jre-x64\bin\javaw.exe FirewallRules: [UDP Query User{1B123D28-D9CF-4C35-A85D-ED79DD6D8765}C:\program files (x86)\minecraft launcher\runtime\jre-x64\bin\javaw.exe] => (Allow) C:\program files (x86)\minecraft launcher\runtime\jre-x64\bin\javaw.exe FirewallRules: [{ABCF4FFD-6728-4469-909D-0492FA60F19E}] => (Allow) D:\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation) FirewallRules: [{0E1393CD-0329-4994-A658-A6E94581F007}] => (Allow) D:\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation) FirewallRules: [TCP Query User{7374C2E9-0A0B-4677-AF42-72DE40DE6ABB}D:\steam\steamapps\common\h1z1\h1z1.exe] => (Allow) D:\steam\steamapps\common\h1z1\h1z1.exe Brak pliku FirewallRules: [UDP Query User{0AF5C564-64A9-4E7D-8E91-FF6A1ABBE2DA}D:\steam\steamapps\common\h1z1\h1z1.exe] => (Allow) D:\steam\steamapps\common\h1z1\h1z1.exe Brak pliku FirewallRules: [TCP Query User{621BD1B4-6C60-4529-AC13-A7B0384D1809}D:\steam\steamapps\common\paladins\binaries\win64\paladins.exe] => (Allow) D:\steam\steamapps\common\paladins\binaries\win64\paladins.exe Brak pliku FirewallRules: [UDP Query User{599DE05E-3DBA-439B-B166-286AFD909FE9}D:\steam\steamapps\common\paladins\binaries\win64\paladins.exe] => (Allow) D:\steam\steamapps\common\paladins\binaries\win64\paladins.exe Brak pliku FirewallRules: [TCP Query User{2DD78018-6B5E-43DF-9D51-F0FD7A720C1A}C:\users\igore\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\igore\appdata\roaming\spotify\spotify.exe Brak pliku FirewallRules: [UDP Query User{DD7D2FDE-7092-4CB3-90E0-D3890B76B9B1}C:\users\igore\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\igore\appdata\roaming\spotify\spotify.exe Brak pliku FirewallRules: [TCP Query User{7D6BA432-7AFA-4866-8078-FACD6DD9ECE0}C:\riot games\league of legends\game\league of legends.exe] => (Allow) C:\riot games\league of legends\game\league of legends.exe Brak pliku FirewallRules: [UDP Query User{875239BB-C89E-42C5-8879-019425A99A08}C:\riot games\league of legends\game\league of legends.exe] => (Allow) C:\riot games\league of legends\game\league of legends.exe Brak pliku FirewallRules: [{1FE466BE-6902-4699-8755-5FD2F48B0B1D}] => (Allow) D:\Steam\steamapps\common\Assassins Creed Odyssey\ACOdyssey.exe Brak pliku FirewallRules: [{180AF909-002A-4C65-8C1F-29C5B0DA6936}] => (Allow) D:\Steam\steamapps\common\Assassins Creed Odyssey\ACOdyssey.exe Brak pliku FirewallRules: [{A4A4E7CB-2DF8-4AE1-9303-6BEB756B5BB7}] => (Allow) D:\Resolve.exe Brak pliku FirewallRules: [{628D3C98-003A-488E-B18C-A66EA155C2BC}] => (Allow) D:\bmdpaneld.exe Brak pliku FirewallRules: [{D102725C-5D87-4832-8B24-54049FF98D68}] => (Allow) D:\DaVinciPanelDaemon.exe Brak pliku FirewallRules: [{0F2BB17A-67F9-4A40-A971-CD05D41BA081}] => (Allow) D:\JLCooperPanelDaemon.exe Brak pliku FirewallRules: [{D2E04E3C-BD9C-416C-862A-BEA084CB06E0}] => (Allow) D:\EuphonixPanelDaemon.exe Brak pliku FirewallRules: [{DA0DFFB9-5F9B-4FEE-AF24-BA2FDA6370DB}] => (Allow) D:\TangentPanelDaemon.exe Brak pliku FirewallRules: [{6AC8CCCB-E89C-4013-996D-575A901F3391}] => (Allow) D:\ElementsPanelDaemon.exe Brak pliku FirewallRules: [{9A68EE99-EF09-43B1-9D21-66CCC61324C2}] => (Allow) D:\OxygenPanelDaemon.exe Brak pliku FirewallRules: [{C7D11E77-944F-4F7A-AD5F-E87A060140C1}] => (Allow) D:\DPDecoder.exe Brak pliku FirewallRules: [{66531FC2-2A22-4DC3-BEDD-EB3D2796EC81}] => (Allow) C:\ProgramData\Blackmagic Design\DaVinci Resolve\Support\QtDecoder\QTDecoder.exe Brak pliku FirewallRules: [TCP Query User{E2F5E3FC-F921-4460-8C5F-42DDBB6870A3}D:\resolve.exe] => (Allow) D:\resolve.exe Brak pliku FirewallRules: [UDP Query User{5AD0FA57-CBB9-489B-BBF1-FE71FCCCCBC1}D:\resolve.exe] => (Allow) D:\resolve.exe Brak pliku FirewallRules: [TCP Query User{8E72F533-3FAA-439E-8F10-ECEAEBB861DF}D:\steam\steamapps\common\hearts of iron iv\hoi4.exe] => (Block) D:\steam\steamapps\common\hearts of iron iv\hoi4.exe Brak pliku FirewallRules: [UDP Query User{22095318-54C9-479D-915B-B3A1A7F7AE09}D:\steam\steamapps\common\hearts of iron iv\hoi4.exe] => (Block) D:\steam\steamapps\common\hearts of iron iv\hoi4.exe Brak pliku FirewallRules: [TCP Query User{ECF03415-E593-4552-8442-D3D60C15710F}D:\origin\fifa 20\fifa20.exe] => (Block) D:\origin\fifa 20\fifa20.exe Brak pliku FirewallRules: [UDP Query User{4FB21E8A-EDDB-4A84-A22A-3A7B6502A09B}D:\origin\fifa 20\fifa20.exe] => (Block) D:\origin\fifa 20\fifa20.exe Brak pliku FirewallRules: [{7BDEADA0-206D-4628-98AD-0A05446DE76C}] => (Allow) D:\Steam\steamapps\common\The Witcher 3\bin\x64\witcher3.exe (CD Projekt Red) [Brak podpisu cyfrowego] FirewallRules: [{744CB03C-C4AD-4070-92BD-B68C17A3AE53}] => (Allow) D:\Steam\steamapps\common\The Witcher 3\bin\x64\witcher3.exe (CD Projekt Red) [Brak podpisu cyfrowego] FirewallRules: [{E81B6E96-CD48-412E-95F5-ACCD5AE684B9}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.) FirewallRules: [{483E5B37-51B1-4FDD-A630-61FDAE7A978A}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.) FirewallRules: [TCP Query User{4A4B4210-6805-4096-8C1A-3A0AC95DE617}C:\users\igore\appdata\local\programs\opera\67.0.3575.53\opera.exe] => (Block) C:\users\igore\appdata\local\programs\opera\67.0.3575.53\opera.exe Brak pliku FirewallRules: [UDP Query User{622EF218-AD7D-4BA2-8920-5DA0734833A9}C:\users\igore\appdata\local\programs\opera\67.0.3575.53\opera.exe] => (Block) C:\users\igore\appdata\local\programs\opera\67.0.3575.53\opera.exe Brak pliku FirewallRules: [TCP Query User{6A475693-7BF1-4F8F-B96E-61E193AD2DA7}C:\program files (x86)\call of duty modern warfare\modernwarfare.exe] => (Allow) C:\program files (x86)\call of duty modern warfare\modernwarfare.exe (Activision Publishing Inc -> Activision) FirewallRules: [UDP Query User{8ED382BD-0D8C-4A17-B5BE-02B1DAC0DB04}C:\program files (x86)\call of duty modern warfare\modernwarfare.exe] => (Allow) C:\program files (x86)\call of duty modern warfare\modernwarfare.exe (Activision Publishing Inc -> Activision) FirewallRules: [{59D9FC1E-4E08-45B1-8019-27D134ACE95C}] => (Allow) D:\Steam\steamapps\common\Timberman\Timberman.exe () [Brak podpisu cyfrowego] FirewallRules: [{AB6E8E5C-A4CF-4965-826A-A7B7C3741FE0}] => (Allow) D:\Steam\steamapps\common\Timberman\Timberman.exe () [Brak podpisu cyfrowego] FirewallRules: [{E05CE971-FEC3-41A3-92D3-E6CB21FAB4A5}] => (Allow) C:\Users\igore\AppData\Roaming\Zoom\bin\Zoom.exe Brak pliku FirewallRules: [{F52F0DF9-0F19-47C1-913A-AD4144F2B36A}] => (Allow) C:\Users\igore\AppData\Roaming\Zoom\bin\airhost.exe Brak pliku FirewallRules: [{0B77CFA8-4B51-4ABF-8265-F265EECBC0AC}] => (Allow) C:\Program Files\EslWire\wire.exe (Turtle Entertainment GmbH) [Brak podpisu cyfrowego] FirewallRules: [{5B0BAAB1-00B6-4E63-8BF9-F57B2FF33191}] => (Allow) C:\Program Files\EslWire\wire.exe (Turtle Entertainment GmbH) [Brak podpisu cyfrowego] FirewallRules: [TCP Query User{84B9BE86-3BEA-44D5-A4CF-263454CE48F5}D:\rockstar games\grand theft auto v\gta5.exe] => (Allow) D:\rockstar games\grand theft auto v\gta5.exe (Rockstar Games, Inc. -> Rockstar Games) FirewallRules: [UDP Query User{5B7E458C-665F-4617-B879-8B65FADEE825}D:\rockstar games\grand theft auto v\gta5.exe] => (Allow) D:\rockstar games\grand theft auto v\gta5.exe (Rockstar Games, Inc. -> Rockstar Games) FirewallRules: [TCP Query User{E98BA883-2AD5-4C0B-B2E0-C2AB1CE7EEDC}C:\program files (x86)\minecraft launcher\runtime\jre-x64\bin\javaw.exe] => (Block) C:\program files (x86)\minecraft launcher\runtime\jre-x64\bin\javaw.exe FirewallRules: [UDP Query User{1EA3E859-2FF7-46D8-939E-5EEB86C9FCCF}C:\program files (x86)\minecraft launcher\runtime\jre-x64\bin\javaw.exe] => (Block) C:\program files (x86)\minecraft launcher\runtime\jre-x64\bin\javaw.exe FirewallRules: [{ECD245D8-1BE7-4927-B008-C78D2D94DDC1}] => (Allow) D:\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe (Valve -> ) FirewallRules: [{AD5998C2-F201-4A45-961F-191DD1409E8B}] => (Allow) D:\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe (Valve -> ) FirewallRules: [{8A3AB6E1-FD07-43BB-9C40-711643993015}] => (Allow) D:\Steam\steamapps\common\Dirty Bomb\DirtyBombLauncher.exe (EasyAntiCheat Oy -> EasyAntiCheat Ltd) FirewallRules: [{FECC32F8-B24C-4449-9BA6-9FE648090654}] => (Allow) D:\Steam\steamapps\common\Dirty Bomb\DirtyBombLauncher.exe (EasyAntiCheat Oy -> EasyAntiCheat Ltd) FirewallRules: [TCP Query User{211BCCB0-329C-4CB8-B6C6-D139F6FFF2B9}D:\steam\steamapps\common\dirty bomb\binaries\win64\shootergame-win32-shipping.exe] => (Allow) D:\steam\steamapps\common\dirty bomb\binaries\win64\shootergame-win32-shipping.exe (WarChest Limited) [Brak podpisu cyfrowego] FirewallRules: [UDP Query User{FDD00762-8C2A-4621-A574-F183534AE6C6}D:\steam\steamapps\common\dirty bomb\binaries\win64\shootergame-win32-shipping.exe] => (Allow) D:\steam\steamapps\common\dirty bomb\binaries\win64\shootergame-win32-shipping.exe (WarChest Limited) [Brak podpisu cyfrowego] FirewallRules: [{100A861D-FF3D-4CD2-A390-BFFEA979DF76}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [{F2C84542-06BC-4703-92BF-3FAAB4A3B6B2}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation) FirewallRules: [{742FD3E4-4F86-47FE-8AF7-84EA23B24397}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation) FirewallRules: [{820C2D33-D2B0-4EF1-8D1A-2993B3743FDE}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation) FirewallRules: [{2F30B451-AA72-441E-99B1-75A6469D1036}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation) FirewallRules: [TCP Query User{39BEE1F8-866B-413D-8305-37125012C5E6}C:\users\igore\appdata\local\programs\opera\67.0.3575.137\opera.exe] => (Block) C:\users\igore\appdata\local\programs\opera\67.0.3575.137\opera.exe Brak pliku FirewallRules: [UDP Query User{BD4E5495-1BE4-4B7E-A5CD-2390606905AC}C:\users\igore\appdata\local\programs\opera\67.0.3575.137\opera.exe] => (Block) C:\users\igore\appdata\local\programs\opera\67.0.3575.137\opera.exe Brak pliku FirewallRules: [{D8975022-7C01-42CC-8F53-20B482036D3B}] => (Allow) D:\Steam\steamapps\common\Jedi Fallen Order\SwGame\Binaries\Win64\starwarsjedifallenorder.exe (Electronic Arts, Inc. -> Respawn Entertainment) FirewallRules: [{130ED02B-A837-4E76-A0D4-28C20C073365}] => (Allow) D:\Steam\steamapps\common\Jedi Fallen Order\SwGame\Binaries\Win64\starwarsjedifallenorder.exe (Electronic Arts, Inc. -> Respawn Entertainment) FirewallRules: [{D00A3C55-A776-46EF-B124-B5C18E709204}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC) FirewallRules: [{BBBC0DDC-998D-4961-BB93-46AA74B0E6A2}] => (Allow) C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe (Avast Software s.r.o. -> AVAST Software) FirewallRules: [TCP Query User{E5DF6CD6-1699-4E72-8F8D-D15A23915B89}C:\users\igore\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\igore\appdata\roaming\spotify\spotify.exe Brak pliku FirewallRules: [UDP Query User{0C767C37-4FC9-4701-87E6-B0FEB66A2F60}C:\users\igore\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\igore\appdata\roaming\spotify\spotify.exe Brak pliku FirewallRules: [{0D788DF5-8C37-4537-8B5D-1C9CB6C4C320}] => (Allow) C:\Program Files (x86)\Overwolf\0.145.0.19\OverwolfBrowser.exe (Overwolf Ltd -> Overwolf LTD) FirewallRules: [{578F0427-18B3-44AC-AC09-C1C3F83082B4}] => (Allow) C:\Program Files (x86)\Overwolf\0.145.0.19\OverwolfBrowser.exe (Overwolf Ltd -> Overwolf LTD) FirewallRules: [{CB6AFB6E-88F1-476F-B6A4-133402250F54}] => (Block) C:\Program Files (x86)\Overwolf\0.145.0.19\OverwolfBrowser.exe (Overwolf Ltd -> Overwolf LTD) FirewallRules: [{AF3E059B-1923-4A26-8964-2B476809CB11}] => (Block) C:\Program Files (x86)\Overwolf\0.145.0.19\OverwolfBrowser.exe (Overwolf Ltd -> Overwolf LTD) ==================== Punkty Przywracania systemu ========================= UWAGA: Przywracanie systemu jest wyłączone (Total:237.91 GB) (Free:25.23 GB) (11%) Sprawdź usługę "VSS" ==================== Wadliwe urządzenia w Menedżerze urządzeń ============ Name: HID-compliant headset Description: HID-compliant headset Class Guid: {745a17a0-74d3-11d0-b6fe-00a0c90f57da} Manufacturer: Microsoft Service: WUDFRd Problem: : This device cannot start. (Code10) Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device. On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard. ==================== Błędy w Dzienniku zdarzeń: ======================== Dziennik Aplikacja: ================== Error: (04/24/2020 02:11:11 AM) (Source: Application Hang) (EventID: 1002) (User: ) Description: Program ShellExperienceHost.exe w wersji 10.0.18362.752 przestał współpracować z systemem Windows i został zamknięty. Aby zobaczyć, czy jest dostępnych więcej informacji dotyczących tego problemu, sprawdź historię problemów w oknie Zabezpieczenia i konserwacja w Panelu sterowania. Identyfikator procesu: a98 Godzina rozpoczęcia: 01d619cccec8f618 Godzina zakończenia: 4294967295 Ścieżka aplikacji: C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe Identyfikator raportu: 294c7c84-a58d-42a1-ac49-1f257a43eea3 Pełna nazwa pakietu powodującego błąd: Microsoft.Windows.ShellExperienceHost_10.0.18362.449_neutral_neutral_cw5n1h2txyewy Identyfikator aplikacji powiązanej z pakietem powodującym błąd: App Typ zawieszenia: Quiesce Error: (04/24/2020 02:10:19 AM) (Source: Microsoft-Windows-PerfNet) (EventID: 2004) (User: DESKTOP-3JC3NJ1) Description: Nie można otworzyć obiektu wydajności Usługa serwera. Pierwsze cztery bajty (DWORD) sekcji danych zawierają kod stanu. Error: (04/24/2020 02:06:45 AM) (Source: Microsoft-Windows-PerfNet) (EventID: 2004) (User: DESKTOP-3JC3NJ1) Description: Nie można otworzyć obiektu wydajności Usługa serwera. Pierwsze cztery bajty (DWORD) sekcji danych zawierają kod stanu. Error: (04/24/2020 01:56:56 AM) (Source: Microsoft-Windows-Perflib) (EventID: 1020) (User: ZARZĄDZANIE NT) Description: Wymagany rozmiar buforu jest większy niż rozmiar buforu przekazany do funkcji zbierania danych w bibliotece DLL rozszerzalnego licznika „C:\Windows\System32\perfts.dll” dla usługi „LSM”. Dany rozmiar buforu wynosił 113624, a wymagany rozmiar wynosił 836200. Error: (04/24/2020 01:48:31 AM) (Source: Microsoft-Windows-PerfNet) (EventID: 2004) (User: DESKTOP-3JC3NJ1) Description: Nie można otworzyć obiektu wydajności Usługa serwera. Pierwsze cztery bajty (DWORD) sekcji danych zawierają kod stanu. Error: (04/24/2020 01:42:14 AM) (Source: Microsoft-Windows-PerfNet) (EventID: 2004) (User: DESKTOP-3JC3NJ1) Description: Nie można otworzyć obiektu wydajności Usługa serwera. Pierwsze cztery bajty (DWORD) sekcji danych zawierają kod stanu. Error: (04/24/2020 01:35:52 AM) (Source: Application Hang) (EventID: 1002) (User: ) Description: Program Creative_Cloud_Set-Up.exe w wersji 5.0.1.381 przestał współpracować z systemem Windows i został zamknięty. Aby zobaczyć, czy jest dostępnych więcej informacji dotyczących tego problemu, sprawdź historię problemów w oknie Zabezpieczenia i konserwacja w Panelu sterowania. Identyfikator procesu: c681c Godzina rozpoczęcia: 01d619c65084ef29 Godzina zakończenia: 4294967295 Ścieżka aplikacji: C:\Users\igore\Downloads\Creative_Cloud_Set-Up.exe Identyfikator raportu: 9438f267-0669-45bb-bff4-1303d94310f5 Pełna nazwa pakietu powodującego błąd: Identyfikator aplikacji powiązanej z pakietem powodującym błąd: Typ zawieszenia: Top level window is idle Error: (04/23/2020 11:18:45 PM) (Source: Microsoft-Windows-PerfNet) (EventID: 2004) (User: DESKTOP-3JC3NJ1) Description: Nie można otworzyć obiektu wydajności Usługa serwera. Pierwsze cztery bajty (DWORD) sekcji danych zawierają kod stanu. Dziennik System: ============= Error: (04/24/2020 02:22:36 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: ZARZĄDZANIE NT) Description: Instalacja nie powiodła się: system Windows nie mógł zainstalować następującej aktualizacji, ponieważ wystąpił błąd 0x80246010: 9PKRS2FVRWBT-Microsoft.UI.Xaml.2.3. Error: (04/24/2020 02:22:24 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: ZARZĄDZANIE NT) Description: Instalacja nie powiodła się: system Windows nie mógł zainstalować następującej aktualizacji, ponieważ wystąpił błąd 0x80246010: 9NBLGGH1QWGC-Microsoft.Advertising.Xaml. Error: (04/24/2020 02:16:20 AM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Nie można uruchomić usługi eapihdrv z powodu następującego błędu: Nastąpiło zablokowanie ładowania sterownika Error: (04/24/2020 02:16:20 AM) (Source: Application Popup) (EventID: 1060) (User: ) Description: \??\C:\Users\igore\AppData\Local\Temp\ehdrv.sys Error: (04/24/2020 02:16:20 AM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Nie można uruchomić usługi eapihdrv z powodu następującego błędu: Nastąpiło zablokowanie ładowania sterownika Error: (04/24/2020 02:16:20 AM) (Source: Application Popup) (EventID: 1060) (User: ) Description: \??\C:\Users\igore\AppData\Local\Temp\ehdrv.sys Error: (04/24/2020 02:16:20 AM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Nie można uruchomić usługi eapihdrv z powodu następującego błędu: Nastąpiło zablokowanie ładowania sterownika Error: (04/24/2020 02:16:20 AM) (Source: Application Popup) (EventID: 1060) (User: ) Description: \??\C:\Users\igore\AppData\Local\Temp\ehdrv.sys Windows Defender: =================================== Date: 2020-01-04 00:32:34.884 Description: Produkt Program antywirusowy Windows Defender wykrył złośliwe oprogramowanie lub inne potencjalnie niechciane oprogramowanie. Aby uzyskać więcej informacji, zobacz: https://go.microsoft.com/fwlink/?linkid=37020&name=Trojan:Win32/Occamy.C!ctv&threatid=2147748709&enterprise=0 Nazwa: Trojan:Win32/Occamy.C!ctv Identyfikator: 2147748709 Ważność: Severe Kategoria: Trojan Ścieżka: file:_C:\Users\igore\Downloads\cshSkins (1).dll; webfile:_C:\Users\igore\Downloads\cshSkins (1).dll|https://www.cshacked.pl/applications/core/interface/file/attachment.php?id=46292|pid:13340,ProcessStart:132225668302319420 Pochodzenie wykrycia: Internet Typ wykrycia: Konkretne Źródło wykrycia: Pobrania i załączniki Użytkownik: DESKTOP-3JC3NJ1\igore Nazwa procesu: Unknown Wersja analizy zabezpieczeń: AV: 1.307.1649.0, AS: 1.307.1649.0, NIS: 1.307.1649.0 Wersja aparatu: AM: 1.1.16600.7, NIS: 1.1.16600.7 Date: 2020-01-04 00:14:42.195 Description: Produkt Program antywirusowy Windows Defender wykrył złośliwe oprogramowanie lub inne potencjalnie niechciane oprogramowanie. Aby uzyskać więcej informacji, zobacz: https://go.microsoft.com/fwlink/?linkid=37020&name=Trojan:Win32/Occamy.C!ctv&threatid=2147748709&enterprise=0 Nazwa: Trojan:Win32/Occamy.C!ctv Identyfikator: 2147748709 Ważność: Severe Kategoria: Trojan Ścieżka: file:_C:\Users\igore\Downloads\cshSkins (1).dll; webfile:_C:\Users\igore\Downloads\cshSkins (1).dll|https://www.cshacked.pl/applications/core/interface/file/attachment.php?id=46292|pid:13340,ProcessStart:132225668302319420 Pochodzenie wykrycia: Internet Typ wykrycia: Konkretne Źródło wykrycia: Pobrania i załączniki Użytkownik: DESKTOP-3JC3NJ1\igore Nazwa procesu: Unknown Wersja analizy zabezpieczeń: AV: 1.307.1649.0, AS: 1.307.1649.0, NIS: 1.307.1649.0 Wersja aparatu: AM: 1.1.16600.7, NIS: 1.1.16600.7 Date: 2020-01-04 00:14:23.723 Description: Produkt Program antywirusowy Windows Defender wykrył złośliwe oprogramowanie lub inne potencjalnie niechciane oprogramowanie. Aby uzyskać więcej informacji, zobacz: https://go.microsoft.com/fwlink/?linkid=37020&name=Trojan:Win32/Occamy.C!ctv&threatid=2147748709&enterprise=0 Nazwa: Trojan:Win32/Occamy.C!ctv Identyfikator: 2147748709 Ważność: Severe Kategoria: Trojan Ścieżka: file:_C:\Users\igore\Downloads\cshSkins (2).dll; webfile:_C:\Users\igore\Downloads\cshSkins (2).dll|https://www.cshacked.pl/applications/core/interface/file/attachment.php?id=46292|pid:13340,ProcessStart:132225668302319420 Pochodzenie wykrycia: Internet Typ wykrycia: Konkretne Źródło wykrycia: Pobrania i załączniki Użytkownik: DESKTOP-3JC3NJ1\igore Nazwa procesu: Unknown Wersja analizy zabezpieczeń: AV: 1.307.1649.0, AS: 1.307.1649.0, NIS: 1.307.1649.0 Wersja aparatu: AM: 1.1.16600.7, NIS: 1.1.16600.7 Date: 2020-01-04 00:14:13.176 Description: Produkt Program antywirusowy Windows Defender wykrył złośliwe oprogramowanie lub inne potencjalnie niechciane oprogramowanie. Aby uzyskać więcej informacji, zobacz: https://go.microsoft.com/fwlink/?linkid=37020&name=Trojan:Win32/Occamy.C!ctv&threatid=2147748709&enterprise=0 Nazwa: Trojan:Win32/Occamy.C!ctv Identyfikator: 2147748709 Ważność: Severe Kategoria: Trojan Ścieżka: file:_C:\Users\igore\Downloads\cshSkins (1).dll Pochodzenie wykrycia: Komputer lokalny Typ wykrycia: Konkretne Źródło wykrycia: Ochrona w czasie rzeczywistym Użytkownik: DESKTOP-3JC3NJ1\igore Nazwa procesu: C:\Windows\explorer.exe Wersja analizy zabezpieczeń: AV: 1.307.1649.0, AS: 1.307.1649.0, NIS: 1.307.1649.0 Wersja aparatu: AM: 1.1.16600.7, NIS: 1.1.16600.7 Date: 2020-01-04 00:14:11.279 Description: Produkt Program antywirusowy Windows Defender wykrył złośliwe oprogramowanie lub inne potencjalnie niechciane oprogramowanie. Aby uzyskać więcej informacji, zobacz: https://go.microsoft.com/fwlink/?linkid=37020&name=Trojan:Win32/Occamy.C!ctv&threatid=2147748709&enterprise=0 Nazwa: Trojan:Win32/Occamy.C!ctv Identyfikator: 2147748709 Ważność: Severe Kategoria: Trojan Ścieżka: file:_C:\Users\igore\Downloads\cshSkins (1).dll Pochodzenie wykrycia: Komputer lokalny Typ wykrycia: Konkretne Źródło wykrycia: Ochrona w czasie rzeczywistym Użytkownik: DESKTOP-3JC3NJ1\igore Nazwa procesu: C:\Windows\explorer.exe Wersja analizy zabezpieczeń: AV: 1.307.1649.0, AS: 1.307.1649.0, NIS: 1.307.1649.0 Wersja aparatu: AM: 1.1.16600.7, NIS: 1.1.16600.7 CodeIntegrity: =================================== Date: 2020-04-24 09:43:48.698 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume4\PROGRAM FILES\AVAST SOFTWARE\Avast\aswhook.dll that did not meet the Microsoft signing level requirements. Date: 2020-04-24 09:43:48.697 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume4\Program Files\Avast Software\Avast\snxhk.dll that did not meet the Microsoft signing level requirements. Date: 2020-04-24 09:43:46.936 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume4\PROGRAM FILES\AVAST SOFTWARE\Avast\aswhook.dll that did not meet the Microsoft signing level requirements. Date: 2020-04-24 09:43:46.935 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume4\Program Files\Avast Software\Avast\snxhk.dll that did not meet the Microsoft signing level requirements. Date: 2020-04-24 09:38:01.920 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe) attempted to load \Device\HarddiskVolume4\Program Files\Avast Software\Avast\aswhook.dll that did not meet the Microsoft signing level requirements. Date: 2020-04-24 09:38:01.892 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe) attempted to load \Device\HarddiskVolume4\Program Files\Avast Software\Avast\aswhook.dll that did not meet the Microsoft signing level requirements. Date: 2020-04-24 09:38:01.864 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe) attempted to load \Device\HarddiskVolume4\Program Files\Avast Software\Avast\aswhook.dll that did not meet the Microsoft signing level requirements. Date: 2020-04-24 09:38:01.837 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe) attempted to load \Device\HarddiskVolume4\Program Files\Avast Software\Avast\aswhook.dll that did not meet the Microsoft signing level requirements. ==================== Statystyki pamięci =========================== BIOS: American Megatrends Inc. 2417 06/03/2019 Płyta główna: ASUSTeK COMPUTER INC. PRIME Z390-P Procesor: Intel(R) Core(TM) i7-9700K CPU @ 3.60GHz Procent pamięci w użyciu: 69% Całkowita pamięć fizyczna: 16303.74 MB Dostępna pamięć fizyczna: 4928.51 MB Całkowita pamięć wirtualna: 45506.1 MB Dostępna pamięć wirtualna: 1947.93 MB ==================== Dyski ================================ Drive c: (Windows) (Fixed) (Total:237.91 GB) (Free:25.23 GB) NTFS Drive d: (DATA) (Fixed) (Total:931.51 GB) (Free:523.87 GB) NTFS \\?\Volume{7d14975d-be53-47bd-a5c2-22e2b224c8f2}\ (SYSTEM) (Fixed) (Total:0.44 GB) (Free:0.41 GB) FAT32 ==================== MBR & Tablica partycji ==================== ==================== Koniec Addition.txt =======================