Rezultaty skanu uzupełniającego Farbar Recovery Scan Tool (x64) Wersja: 17.03.2019 Uruchomiony przez Xantyr (05-04-2019 10:19:30) Uruchomiony z C:\Users\Xantyr\Downloads Windows 10 Pro Wersja 1809 17763.379 (X64) (2018-10-03 20:53:39) Tryb startu: Normal ========================================================== ==================== Konta użytkowników: ============================= Administrator (S-1-5-21-505315625-2391481160-2919946547-500 - Administrator - Disabled) Gość (S-1-5-21-505315625-2391481160-2919946547-501 - Limited - Disabled) Konto domyślne (S-1-5-21-505315625-2391481160-2919946547-503 - Limited - Disabled) WDAGUtilityAccount (S-1-5-21-505315625-2391481160-2919946547-504 - Limited - Disabled) Xantyr (S-1-5-21-505315625-2391481160-2919946547-1001 - Administrator - Enabled) => C:\Users\Xantyr ==================== Centrum zabezpieczeń ======================== (Załączenie wejścia w fixlist spowoduje jego usunięcie.) AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AV: ESET Security (Enabled - Up to date) {EC1D6F37-E411-475A-DF50-12FF7FE4AC70} AS: ESET Security (Enabled - Up to date) {577C8ED3-C22B-48D4-E5E0-298D0463E6CD} AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} ==================== Zainstalowane programy ====================== (W fixlist dozwolone tylko załączanie programów adware z flagą "Hidden" w celu ich uwidocznienia. Programy adware powinny zostać w poprawny sposób odinstalowane.) Adobe Acrobat Reader DC - Polish (HKLM-x32\...\{AC76BA86-7AD7-1045-7B44-AC0F074E4100}) (Version: 19.010.20098 - Adobe Systems Incorporated) Adobe Flash Player 32 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 32.0.0.156 - Adobe Systems Incorporated) AMD Software (HKLM\...\AMD Catalyst Install Manager) (Version: 18.12.3 - Advanced Micro Devices, Inc.) Android Studio (HKLM\...\Android Studio) (Version: 3.3 - Google LLC) BitTorrent (HKU\S-1-5-21-505315625-2391481160-2919946547-1001\...\BitTorrent) (Version: 7.10.5.44995 - BitTorrent Inc.) Branding64 (HKLM\...\{EE2AFCE4-0238-4DE0-A140-1647021627C1}) (Version: 1.00.0001 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization BR (HKLM\...\{55A4D3AB-C8DF-26B2-89A8-7E16E1E40700}) (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization CHS (HKLM\...\{365AEAB2-4CF3-7CBB-0DAC-E9E14B688E65}) (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization CHT (HKLM\...\{7ABC6D83-816E-6D48-E65D-B0CEDD294E4E}) (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization CS (HKLM\...\{C3EE628C-7394-FE2C-0C90-C05284EB528D}) (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization DA (HKLM\...\{2F544F46-5F6E-97BB-3550-A0242A3C5754}) (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization DE (HKLM\...\{FC4086D6-E345-5F43-08BB-280FB57DAF49}) (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization EL (HKLM\...\{F8EBE530-A4D5-BF51-F623-3787E6B8A878}) (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization ES (HKLM\...\{42FBD43F-DE53-6D4D-5134-E3C93B45CBEF}) (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization FI (HKLM\...\{AC85CF50-9A55-0103-ADBF-365C37603AA4}) (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization FR (HKLM\...\{B349892D-B015-033C-4CA8-3635E6B655D7}) (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization HU (HKLM\...\{BE8D6AB1-3049-2F0C-67FA-00C0A5D321A3}) (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization IT (HKLM\...\{26567561-DFB2-2B63-9BA8-6A490ED37016}) (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization JA (HKLM\...\{0809FEC1-EF86-51E9-8210-DC1B1BDB6745}) (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization KO (HKLM\...\{5FD706FF-6AD8-E372-A35A-879409982655}) (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization NL (HKLM\...\{A4E7CA0C-84EB-5E29-2F04-06C4E4790C2F}) (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization NO (HKLM\...\{59D2664C-949B-7FA7-9880-ECB993B6616A}) (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization PL (HKLM\...\{970A40CA-46AB-986C-1798-976ED0EA00FA}) (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization RU (HKLM\...\{4707CBFC-8ED4-463E-0FF9-DE86F4A743E9}) (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization SV (HKLM\...\{C14A3A5B-8A86-C239-37D7-158211778C54}) (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization TH (HKLM\...\{A50C89BC-8D8E-8828-824A-7171F6D583D5}) (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization TR (HKLM\...\{0B5633F0-C415-2F08-671E-4C9E2FAACD45}) (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden CCleaner (HKLM\...\CCleaner) (Version: 5.53 - Piriform) Discord (HKU\S-1-5-21-505315625-2391481160-2919946547-1001\...\Discord) (Version: 0.0.301 - Discord Inc.) Epic Games Launcher Prerequisites (x64) (HKLM\...\{66C5838F-B854-4A55-89E6-A6138747A4DF}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden ESET Security (HKLM\...\{F26B2665-502A-4214-B336-BB723CF74E38}) (Version: 12.1.31.0 - ESET, spol. s r.o.) f.lux (HKU\S-1-5-21-505315625-2391481160-2919946547-1001\...\Flux) (Version: - f.lux Software LLC) GIMP 2.10.4 (HKLM\...\GIMP-2_is1) (Version: 2.10.4 - The GIMP Team) Google Chrome Beta (HKLM-x32\...\Google Chrome Beta) (Version: 74.0.3729.61 - Google Inc.) Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.34.7 - Google LLC) Hidden Grand Theft Auto V (HKLM\...\Grand Theft Auto V_is1) (Version: 1.0.877.1 - ) Intel® Hardware Accelerated Execution Manager (HKLM\...\{73250D12-B600-4ED6-AFC0-10D9D8EDA745}) (Version: 7.3.2 - Intel Corporation) Java 8 Update 201 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F64180201F0}) (Version: 8.0.2010.9 - Oracle Corporation) JDownloader 2 (HKLM\...\jdownloader2) (Version: 2.0 - AppWork GmbH) Launcher Prerequisites (x64) (HKLM-x32\...\{c6c5a357-c7ca-4a5f-9789-3bb1af579253}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden League of Legends (HKLM-x32\...\League of Legends 1.0) (Version: 1.0 - Riot Games, Inc) Microsoft Office 365 ProPlus - pl-pl (HKLM\...\O365ProPlusRetail - pl-pl) (Version: 16.0.11425.20202 - Microsoft Corporation) Microsoft OneDrive (HKU\S-1-5-21-505315625-2391481160-2919946547-1001\...\OneDriveSetup.exe) (Version: 19.043.0304.0005 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (HKLM-x32\...\{15134cb0-b767-4960-a911-f2d16ae54797}) (Version: 11.0.50727.1 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 (HKLM-x32\...\{22154f09-719a-4619-bb71-5b3356999fbf}) (Version: 11.0.50727.1 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual C++ 2017 Redistributable (x64) - 14.14.26429 (HKLM-x32\...\{80586c77-db42-44bb-bfc8-7aebbb220c00}) (Version: 14.14.26429.4 - Microsoft Corporation) Microsoft Visual C++ 2017 Redistributable (x86) - 14.14.26405 (HKLM-x32\...\{ec9c2282-a836-48a6-9e41-c2f0bf8d678b}) (Version: 14.14.26405.0 - Microsoft Corporation) OBS Studio (HKLM-x32\...\OBS Studio) (Version: 21.1.2 - OBS Project) Office 16 Click-to-Run Extensibility Component (HKLM-x32\...\{90160000-008C-0000-0000-0000000FF1CE}) (Version: 16.0.11425.20202 - Microsoft Corporation) Hidden Office 16 Click-to-Run Extensibility Component 64-bit Registration (HKLM\...\{90160000-00DD-0000-1000-0000000FF1CE}) (Version: 16.0.11425.20202 - Microsoft Corporation) Hidden Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-008F-0000-1000-0000000FF1CE}) (Version: 16.0.11425.20202 - Microsoft Corporation) Hidden Office 16 Click-to-Run Localization Component (HKLM-x32\...\{90160000-008C-0415-0000-0000000FF1CE}) (Version: 16.0.11425.20202 - Microsoft Corporation) Hidden Opera Stable 58.0.3135.127 (HKLM-x32\...\Opera 58.0.3135.127) (Version: 58.0.3135.127 - Opera Software) Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.8117 - Realtek Semiconductor Corp.) Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation) Streamlabs OBS 0.11.15 (HKLM\...\029c4619-0385-5543-9426-46f9987161d9) (Version: 0.11.15 - General Workings, Inc.) TmUnitedForever Update 2010-03-15 (HKLM-x32\...\TmUnitedForever_is1) (Version: - Nadeo) Vulkan Run Time Libraries 1.1.70.0 (HKLM\...\VulkanRT1.1.70.0) (Version: 1.1.70.0 - LunarG, Inc.) Hidden Vulkan Run Time Libraries 1.1.70.0 (HKLM\...\VulkanRT1.1.70.0-2) (Version: 1.1.70.0 - LunarG, Inc.) Hidden WinRAR 5.50 (64-bitowy) (HKLM\...\WinRAR archiver) (Version: 5.50.0 - win.rar GmbH) ==================== Niestandardowe rejestracje CLSID (filtrowane): ========================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) CustomCLSID: HKU\S-1-5-21-505315625-2391481160-2919946547-1001_Classes\CLSID\{018D5C66-4533-4307-9B53-224DE2ED1FE6} -> [OneDrive] => {a52bba46-e9e1-435f-b3d9-28daa648c0f6} ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => -> Brak pliku ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} => -> Brak pliku ContextMenuHandlers1: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} => -> Brak pliku ContextMenuHandlers1: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Security\shellExt.dll [2019-02-27] (ESET, spol. s r.o. -> ESET) ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2017-09-13] (win.rar GmbH -> Alexander Roshal) ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2017-09-13] (win.rar GmbH -> Alexander Roshal) ContextMenuHandlers2: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Security\shellExt.dll [2019-02-27] (ESET, spol. s r.o. -> ESET) ContextMenuHandlers3: [{4A7C4306-57E0-4C0C-83A9-78C1528F618C}] -> {4A7C4306-57E0-4C0C-83A9-78C1528F618C} => -> Brak pliku ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => -> Brak pliku ContextMenuHandlers5: [ACE] -> {5E2121EE-0300-11D4-8D3B-444553540000} => C:\Program Files\AMD\CNext\CNext\atiacm64.dll [2018-12-06] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.) ContextMenuHandlers6: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} => -> Brak pliku ContextMenuHandlers6: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Security\shellExt.dll [2019-02-27] (ESET, spol. s r.o. -> ESET) ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2017-09-13] (win.rar GmbH -> Alexander Roshal) ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2017-09-13] (win.rar GmbH -> Alexander Roshal) ==================== Zaplanowane zadania (filtrowane) ============= (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) Task: {014A7B96-CFC2-483A-8CDF-D12AD330681D} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe (Adobe Systems, Incorporated -> Adobe Systems Incorporated) Task: {058E9EEF-C653-408E-823B-636FD65E84E5} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe (Google Inc -> Google Inc.) Task: {0ED24CD4-BF1D-4826-BA63-D2ACC5474F2B} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1902.2-0\MpCmdRun.exe (Microsoft Corporation -> Microsoft Corporation) Task: {11647DB2-2B87-47D6-A662-9217FA5AE94A} - System32\Tasks\Microsoft\Windows\Application Experience\StartupCheckLibrary => rundll32.exe StartupCheckLibrary.dll,DllMainRunLibrary Task: {166238BF-2F9E-42D7-B44C-14D1B37CDC32} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated -> Adobe Systems Incorporated) Task: {1BD50384-C573-4EA2-B1F2-57131D3ADB9B} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonx86\Microsoft Shared\Office16\OLicenseHeartbeat.exe (Microsoft Corporation -> Microsoft Corporation) Task: {27BEC64D-135F-4EE0-B9BD-37B6D36FE2A1} - System32\Tasks\AMDLinkUpdate => C:\Program Files\AMD\CIM\BIN64\InstallManagerApp.exe (Advanced Micro Devices, Inc.) [Brak podpisu cyfrowego] Task: {42222F72-91D6-43D9-9E50-1330DAC1A3B2} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe (Microsoft Corporation -> Microsoft Corporation) Task: {532F8EA2-7BCD-4D38-A41F-C6ECDB916C40} - System32\Tasks\StartDVR => C:\Program Files\AMD\CNext\CNext\dvrcmd.exe Task: {5A34049A-4AD9-41F5-8349-D2EF6D80622A} - System32\Tasks\ModifyLinkUpdate => C:\Program Files\AMD\CIM\Bin64\InstallManagerApp.exe (Advanced Micro Devices, Inc.) [Brak podpisu cyfrowego] Task: {69DACE9E-3AC5-455C-9159-47FC495321CC} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1902.2-0\MpCmdRun.exe (Microsoft Corporation -> Microsoft Corporation) Task: {6C7A9B5D-99B6-4E58-9DAD-3A1D53D80AE7} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe (Microsoft Corporation -> Microsoft Corporation) Task: {7285EB24-AA7A-4A25-86DD-258F35E7143F} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform Software Ltd) Task: {73CD4DD6-6932-4512-9760-9EA9BF60C834} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1902.2-0\MpCmdRun.exe (Microsoft Corporation -> Microsoft Corporation) Task: {7F896796-C773-4411-B5BE-7BCA89737A2E} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe (Google Inc -> Google Inc.) Task: {81DD8AD1-E454-4648-9D65-3B5620C34C5E} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerLogon => C:\Program Files (x86)\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe (Microsoft Corporation -> Microsoft Corporation) Task: {8327174B-1957-4378-B05C-AEC703D578BE} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_156_pepper.exe (Adobe Systems Incorporated -> Adobe Systems Incorporated) Task: {8E753874-EB4C-4EBB-8C19-29B21ED2D1F5} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1902.2-0\MpCmdRun.exe (Microsoft Corporation -> Microsoft Corporation) Task: {A469EB23-5E48-4F4E-9F12-2FC9915F28CB} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe (Microsoft Corporation -> Microsoft Corporation) Task: {B50E25F3-9FB2-45EF-B4D7-28B31A206DA2} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerRegistration => C:\Program Files (x86)\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe (Microsoft Corporation -> Microsoft Corporation) Task: {BBA2225B-73C9-4075-B405-4EB11F1B68BB} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesCommonX86\Microsoft Shared\Office16\sdxhelper.exe (Microsoft Corporation -> Microsoft Corporation) Task: {C063AB9F-7F7A-4B0A-ADED-091B5637AB54} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe (Piriform Software Ltd -> Piriform Software Ltd) Task: {D0024E67-811E-4C76-9399-7B47E6F2A168} - System32\Tasks\StartCN => C:\Program Files\AMD\CNext\CNext\cncmd.exe (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.) Task: {DB4F5231-A1D3-48E3-99CD-61E906009B19} - System32\Tasks\Microsoft\Windows\WDI\SrvHost => rundll32.exe winscomrssrv.dll,SrvMainHost Task: {DF414459-9D0B-45D2-B44C-7577D244D514} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesCommonX86\Microsoft Shared\Office16\sdxhelper.exe (Microsoft Corporation -> Microsoft Corporation) Task: {E3E2BCA0-BDDD-49EC-94CC-876F61F61A94} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe (Microsoft Corporation -> Microsoft Corporation) Task: {F2847774-FDD2-4166-BE09-BD6B3CF26685} - System32\Tasks\Opera scheduled Autoupdate 1529694336 => C:\Program Files\Opera\launcher.exe (Opera Software AS -> Opera Software) (Załączenie wejścia w fixlist spowoduje przesunięcie pliku zadania (.job). Plik uruchamiany docelowo przez zadanie nie zostanie przeniesiony.) Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe ==================== Skróty & WMI ======================== (Wybrane wejścia mogą zostać załączone w celu ich zresetowania lub usunięcia.) ==================== Załadowane moduły (filtrowane) ============== 2018-06-27 22:19 - 2018-06-27 22:19 - 000359936 _____ (The Qt Company Ltd.) [Brak podpisu cyfrowego] C:\Program Files\AMD\CNext\CNext\Qt5WebEngine.dll 2018-06-27 22:19 - 2018-06-27 22:19 - 003700224 _____ (The Qt Company Ltd.) [Brak podpisu cyfrowego] C:\Program Files\AMD\CNext\CNext\Qt5Quick.dll 2018-06-27 22:19 - 2018-06-27 22:19 - 076160000 _____ (The Qt Company Ltd.) [Brak podpisu cyfrowego] C:\Program Files\AMD\CNext\CNext\Qt5WebEngineCore.dll 2018-06-27 22:19 - 2018-06-27 22:19 - 005603840 _____ (The Qt Company Ltd.) [Brak podpisu cyfrowego] C:\Program Files\AMD\CNext\CNext\Qt5Widgets.dll 2018-06-27 22:19 - 2018-06-27 22:19 - 000461312 _____ (The Qt Company Ltd.) [Brak podpisu cyfrowego] C:\Program Files\AMD\CNext\CNext\Qt5WinExtras.dll 2018-06-27 22:19 - 2018-06-27 22:19 - 006321152 _____ (The Qt Company Ltd.) [Brak podpisu cyfrowego] C:\Program Files\AMD\CNext\CNext\Qt5Gui.dll 2018-06-27 22:19 - 2018-06-27 22:19 - 003559424 _____ (The Qt Company Ltd.) [Brak podpisu cyfrowego] C:\Program Files\AMD\CNext\CNext\Qt5Qml.dll 2018-12-06 20:46 - 2018-12-06 20:46 - 005812224 _____ (The Qt Company Ltd.) [Brak podpisu cyfrowego] C:\Program Files\AMD\CNext\CNext\Qt5Core.dll 2018-06-27 22:19 - 2018-06-27 22:19 - 000187904 _____ (The Qt Company Ltd.) [Brak podpisu cyfrowego] C:\Program Files\AMD\CNext\CNext\Qt5Xml.dll 2018-06-27 22:19 - 2018-06-27 22:19 - 001077248 _____ (The Qt Company Ltd.) [Brak podpisu cyfrowego] C:\Program Files\AMD\CNext\CNext\Qt5Network.dll 2018-06-27 22:19 - 2018-06-27 22:19 - 002822144 _____ (The Qt Company Ltd.) [Brak podpisu cyfrowego] C:\Program Files\AMD\CNext\CNext\Qt5XmlPatterns.dll 2018-06-27 22:19 - 2018-06-27 22:19 - 000113152 _____ (The Qt Company Ltd.) [Brak podpisu cyfrowego] C:\Program Files\AMD\CNext\CNext\Qt5WebChannel.dll 2018-06-27 22:19 - 2018-06-27 22:19 - 000323584 _____ (The Qt Company Ltd.) [Brak podpisu cyfrowego] C:\Program Files\AMD\CNext\CNext\Qt5Positioning.dll 2018-06-27 22:19 - 2018-06-27 22:19 - 001412608 _____ (The Qt Company Ltd.) [Brak podpisu cyfrowego] C:\Program Files\AMD\CNext\CNext\platforms\qwindows.dll 2018-06-27 22:19 - 2018-06-27 22:19 - 000135680 _____ (The Qt Company Ltd.) [Brak podpisu cyfrowego] C:\Program Files\AMD\CNext\CNext\styles\qwindowsvistastyle.dll 2018-06-27 22:19 - 2018-06-27 22:19 - 000014336 _____ () [Brak podpisu cyfrowego] C:\Program Files\AMD\CNext\CNext\libEGL.DLL 2018-06-27 22:19 - 2018-06-27 22:19 - 002552832 _____ () [Brak podpisu cyfrowego] C:\Program Files\AMD\CNext\CNext\libGLESv2.dll 2018-06-27 22:19 - 2018-06-27 22:19 - 000031744 _____ (The Qt Company Ltd.) [Brak podpisu cyfrowego] C:\Program Files\AMD\CNext\CNext\imageformats\qgif.dll 2018-06-27 22:19 - 2018-06-27 22:19 - 000040960 _____ (The Qt Company Ltd.) [Brak podpisu cyfrowego] C:\Program Files\AMD\CNext\CNext\imageformats\qicns.dll 2018-06-27 22:19 - 2018-06-27 22:19 - 000031744 _____ (The Qt Company Ltd.) [Brak podpisu cyfrowego] C:\Program Files\AMD\CNext\CNext\imageformats\qico.dll 2018-06-27 22:19 - 2018-06-27 22:19 - 000345600 _____ (The Qt Company Ltd.) [Brak podpisu cyfrowego] C:\Program Files\AMD\CNext\CNext\imageformats\qjpeg.dll 2018-06-27 22:19 - 2018-06-27 22:19 - 000024576 _____ (The Qt Company Ltd.) [Brak podpisu cyfrowego] C:\Program Files\AMD\CNext\CNext\imageformats\qsvg.dll 2018-06-27 22:19 - 2018-06-27 22:19 - 000330752 _____ (The Qt Company Ltd.) [Brak podpisu cyfrowego] C:\Program Files\AMD\CNext\CNext\Qt5Svg.dll 2018-06-27 22:19 - 2018-06-27 22:19 - 000024576 _____ (The Qt Company Ltd.) [Brak podpisu cyfrowego] C:\Program Files\AMD\CNext\CNext\imageformats\qtga.dll 2018-06-27 22:19 - 2018-06-27 22:19 - 000023552 _____ (The Qt Company Ltd.) [Brak podpisu cyfrowego] C:\Program Files\AMD\CNext\CNext\imageformats\qwbmp.dll 2018-06-27 22:19 - 2018-06-27 22:19 - 000502272 _____ (The Qt Company Ltd.) [Brak podpisu cyfrowego] C:\Program Files\AMD\CNext\CNext\imageformats\qwebp.dll 2018-06-27 22:19 - 2018-06-27 22:19 - 000017920 _____ (The Qt Company Ltd.) [Brak podpisu cyfrowego] C:\Program Files\AMD\CNext\CNext\QtQuick.2\qtquick2plugin.dll 2018-06-27 22:19 - 2018-06-27 22:19 - 000328192 _____ (The Qt Company Ltd.) [Brak podpisu cyfrowego] C:\Program Files\AMD\CNext\CNext\QtQuick\Controls\qtquickcontrolsplugin.dll 2018-06-27 22:19 - 2018-06-27 22:19 - 000059904 _____ (The Qt Company Ltd.) [Brak podpisu cyfrowego] C:\Program Files\AMD\CNext\CNext\QtGraphicalEffects\qtgraphicaleffectsplugin.dll 2018-06-27 22:19 - 2018-06-27 22:19 - 000017920 _____ (The Qt Company Ltd.) [Brak podpisu cyfrowego] C:\Program Files\AMD\CNext\CNext\QtQuick\Window.2\windowplugin.dll 2018-06-27 22:19 - 2018-06-27 22:19 - 000053248 _____ (The Qt Company Ltd.) [Brak podpisu cyfrowego] C:\Program Files\AMD\CNext\CNext\QtGraphicalEffects\private\qtgraphicaleffectsprivate.dll 2018-06-27 22:19 - 2018-06-27 22:19 - 000089088 _____ (The Qt Company Ltd.) [Brak podpisu cyfrowego] C:\Program Files\AMD\CNext\CNext\QtQuick\Layouts\qquicklayoutsplugin.dll 2018-06-27 22:19 - 2018-06-27 22:19 - 000137728 _____ (The Qt Company Ltd.) [Brak podpisu cyfrowego] C:\Program Files\AMD\CNext\CNext\QtQuick\Dialogs\dialogplugin.dll ==================== Alternate Data Streams (filtrowane) ========= (Załączenie wejścia w fixlist spowoduje usunięcie strumienia ADS.) AlternateDataStreams: C:\Users\Public\AppData:CSM [232] ==================== Tryb awaryjny (filtrowane) =================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Wartość "AlternateShell" zostanie przywrócona.) ==================== Powiązania plików (filtrowane) =============== (Załączenie wejścia w fixlist spowoduje usunięcie obiektu z rejestru lub przywrócenie jego domyślnej postaci.) ==================== Internet Explorer - Witryny zaufane i z ograniczeniami =============== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru.) IE trusted site: HKU\S-1-5-21-505315625-2391481160-2919946547-1001\...\localhost -> localhost ==================== Hosts - zawartość: =============================== (Użycie dyrektywy Hosts: w fixlist spowoduje reset pliku Hosts.) 2018-06-14 15:56 - 2018-06-14 15:55 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts 2018-09-10 01:58 - 2018-09-10 01:58 - 000000375 _____ C:\WINDOWS\system32\drivers\etc\hosts.ics ==================== Inne obszary ============================ (Obecnie brak automatycznej naprawy dla tej sekcji.) HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path: C:\Program Files (x86)\Common Files\Oracle\Java\javapath;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;%SYSTEMROOT%\System32\OpenSSH\ HKU\S-1-5-21-505315625-2391481160-2919946547-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Xantyr\AppData\Local\Packages\Microsoft.Windows.Photos_8wekyb3d8bbwe\LocalState\PhotosAppBackground\59694_landscape_dark_mountain_sea_scenery.jpg DNS Servers: 185.138.239.105 - 8.8.8.8 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1) HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: Warn) Zapora systemu Windows [funkcja włączona] ==================== MSCONFIG/TASK MANAGER - Wyłączone elementy == Załączenie wejścia w fixlist spowoduje jego usunięcie. HKU\S-1-5-21-505315625-2391481160-2919946547-1001\...\StartupApproved\Run: => "Discord" HKU\S-1-5-21-505315625-2391481160-2919946547-1001\...\StartupApproved\Run: => "Spotify" HKU\S-1-5-21-505315625-2391481160-2919946547-1001\...\StartupApproved\Run: => "Spotify Web Helper" HKU\S-1-5-21-505315625-2391481160-2919946547-1001\...\StartupApproved\Run: => "Steam" HKU\S-1-5-21-505315625-2391481160-2919946547-1001\...\StartupApproved\Run: => "uTorrent" ==================== Reguły Zapory systemu Windows (filtrowane) =============== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) FirewallRules: [OpenSSH-Server-In-TCP] => (Allow) %SystemRoot%\system32\OpenSSH\sshd.exe (Microsoft Windows -> ) FirewallRules: [{EAC1BDD6-AD27-4C0E-ABE0-D8C3D8622C97}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Half-Life\hl.exe (Valve -> Valve) FirewallRules: [{AAD09665-16B7-4B93-AFDE-10E671681A24}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Half-Life\hl.exe (Valve -> Valve) FirewallRules: [{7DFD1987-89EE-4049-B217-5B2EFACCF6D0}] => (Allow) %systemroot%\system32\alg.exe (Microsoft Windows -> Microsoft Corporation) FirewallRules: [{8FBDA2EC-898C-474C-A776-C40632D255D3}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [{C4A826E3-231B-48BC-88E1-CEFF9F01C987}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Broforce\Broforce_beta.exe () [Brak podpisu cyfrowego] FirewallRules: [{2A59283A-BCF0-4EA3-A615-F97E7795F89C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Broforce\Broforce_beta.exe () [Brak podpisu cyfrowego] FirewallRules: [{7D0A4DDB-759B-48B8-8DDE-13AA4992248B}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe (Valve -> Valve Corporation) FirewallRules: [{D7E74BA2-0266-4406-9FA2-D2459CE95EF8}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe (Valve -> Valve Corporation) FirewallRules: [{86E51A3B-6B84-45C7-BCC1-4ECDD3ADFA20}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation) FirewallRules: [{81562260-FB80-4DBE-B5D3-E6645AF2A7C5}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation) FirewallRules: [{02435B31-69C3-4E68-AD4E-97D32B083248}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform Software Ltd) FirewallRules: [{3F8F7B35-77CF-4DFD-9E21-288F5FF86DAC}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform Software Ltd) FirewallRules: [{3CFDF343-F3E7-4E09-B465-B2FC994F2F09}] => (Allow) D:\Steam\Steam.exe (Valve -> Valve Corporation) FirewallRules: [{324E8CEF-AF50-4990-AFE7-5D73110E9C9B}] => (Allow) D:\Steam\Steam.exe (Valve -> Valve Corporation) FirewallRules: [{DEDF5B5D-3F8F-4865-8099-EF4487AF8420}] => (Allow) D:\Steam\bin\cef\cef.win7\steamwebhelper.exe (Valve -> Valve Corporation) FirewallRules: [{C256EE43-18C7-4856-A673-2C946677661A}] => (Allow) D:\Steam\bin\cef\cef.win7\steamwebhelper.exe (Valve -> Valve Corporation) FirewallRules: [{6B838E31-D84E-48B5-B4B6-8E560D0AC881}] => (Allow) D:\Steam\steamapps\common\TrackMania Nations Forever\TmForever.exe () [Brak podpisu cyfrowego] FirewallRules: [{900744DA-092E-42FB-BA80-9B0B7838414D}] => (Allow) D:\Steam\steamapps\common\TrackMania Nations Forever\TmForever.exe () [Brak podpisu cyfrowego] FirewallRules: [{F6D4CF6C-4BB3-4F58-A47F-07678E1B6A2C}] => (Allow) D:\Steam\steamapps\common\TrackMania Nations Forever\TmForeverLauncher.exe () [Brak podpisu cyfrowego] FirewallRules: [{EAAA76D6-6B16-4C47-B52E-F96AB6E59125}] => (Allow) D:\Steam\steamapps\common\TrackMania Nations Forever\TmForeverLauncher.exe () [Brak podpisu cyfrowego] FirewallRules: [TCP Query User{2D881598-3CCD-4F5A-B30F-D5EBF9DBD223}D:\steam\steamapps\common\trackmania nations forever\testapp.exe] => (Allow) D:\steam\steamapps\common\trackmania nations forever\testapp.exe () [Brak podpisu cyfrowego] FirewallRules: [UDP Query User{D5C92984-F9CD-49F4-AFAA-39E9397F6229}D:\steam\steamapps\common\trackmania nations forever\testapp.exe] => (Allow) D:\steam\steamapps\common\trackmania nations forever\testapp.exe () [Brak podpisu cyfrowego] FirewallRules: [{5A56363F-530E-4B87-80C5-11541BE721F6}] => (Allow) D:\Steam\steamapps\common\OfGuardsAndThieves\OGAT.exe () [Brak podpisu cyfrowego] FirewallRules: [{BB139FEF-43E7-428A-BD53-612D866C13C8}] => (Allow) D:\Steam\steamapps\common\OfGuardsAndThieves\OGAT.exe () [Brak podpisu cyfrowego] FirewallRules: [TCP Query User{021D74BD-25C8-4223-8726-362D3D82FCF5}C:\program files\android\android studio\jre\bin\java.exe] => (Allow) C:\program files\android\android studio\jre\bin\java.exe FirewallRules: [UDP Query User{5C9F17E7-B032-4275-92DD-2131C2D0A795}C:\program files\android\android studio\jre\bin\java.exe] => (Allow) C:\program files\android\android studio\jre\bin\java.exe FirewallRules: [TCP Query User{F7795CF4-E475-4947-B128-869F6B536923}C:\program files\android\android studio\bin\studio64.exe] => (Allow) C:\program files\android\android studio\bin\studio64.exe (Google LLC -> JetBrains s.r.o.) FirewallRules: [UDP Query User{F50BEC15-CD40-4F9E-A6F2-0102FB547AAF}C:\program files\android\android studio\bin\studio64.exe] => (Allow) C:\program files\android\android studio\bin\studio64.exe (Google LLC -> JetBrains s.r.o.) FirewallRules: [TCP Query User{C98B5A97-FE2D-4426-975E-975CAA2A3621}C:\program files\java\jre1.8.0_201\bin\java.exe] => (Allow) C:\program files\java\jre1.8.0_201\bin\java.exe FirewallRules: [UDP Query User{9290A76E-52BE-4227-AB7F-95FD1FCA9FAE}C:\program files\java\jre1.8.0_201\bin\java.exe] => (Allow) C:\program files\java\jre1.8.0_201\bin\java.exe FirewallRules: [{FAE3F489-BC33-4C87-A2A7-185ECB0AE9D1}] => (Allow) C:\Users\Xantyr\AppData\Roaming\BitTorrent\BitTorrent.exe (BitTorrent Inc -> BitTorrent Inc.) FirewallRules: [{B79DC26D-EE69-47A5-B7F4-ED4B88C147DE}] => (Allow) C:\Users\Xantyr\AppData\Roaming\BitTorrent\BitTorrent.exe (BitTorrent Inc -> BitTorrent Inc.) FirewallRules: [{F52A2C63-9411-4879-8FD8-DD6644509064}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [{CA48820C-4A42-4500-90F5-1623EA23E5F4}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [{DA822E99-1051-4F4F-9099-08105D19C02E}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [{CD30B044-ADE5-4661-8704-02A41BF1C1D8}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [TCP Query User{A6BBD617-BC78-4223-92CF-5CE322C4E9CF}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.193\deploy\leagueclient.exe] => (Allow) C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.193\deploy\leagueclient.exe (Riot Games, Inc. -> ) FirewallRules: [UDP Query User{A70ADEE9-2D88-49F0-A1EB-DEFF2ADB622C}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.193\deploy\leagueclient.exe] => (Allow) C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.193\deploy\leagueclient.exe (Riot Games, Inc. -> ) FirewallRules: [TCP Query User{4B76D40D-090D-4E95-B9EE-6998795A615B}D:\grand theft auto v\gta5.exe] => (Allow) D:\grand theft auto v\gta5.exe (Rockstar Games) [Brak podpisu cyfrowego] FirewallRules: [UDP Query User{AEDD75FF-079C-4B50-9616-BCEF845105B8}D:\grand theft auto v\gta5.exe] => (Allow) D:\grand theft auto v\gta5.exe (Rockstar Games) [Brak podpisu cyfrowego] FirewallRules: [{CABACD68-BF56-4CE2-9193-22FA08F27618}] => (Allow) C:\Program Files\Opera\58.0.3135.118\opera.exe (Opera Software AS -> Opera Software) FirewallRules: [{E115D472-E841-4D90-BD25-F4ADE86786F1}] => (Allow) C:\Program Files\Opera\58.0.3135.127\opera.exe (Opera Software AS -> Opera Software) FirewallRules: [{91B52AF4-9E2D-490F-A4DE-4E3E9C6AA143}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.103.259.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd) FirewallRules: [{C77CA7F8-40E3-4BEA-9DBD-012BD2A33A6E}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.103.259.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd) FirewallRules: [{2C9762F6-C965-42B3-BA40-966054F2DB55}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.103.259.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd) FirewallRules: [{7DCB9F81-B761-4A9C-9D5F-7ACB4B7A9E8F}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.103.259.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd) FirewallRules: [{26AC74CC-CA28-41E8-A9E4-2D140B49CEA1}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.103.259.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd) FirewallRules: [{D45DB3BB-E8F0-481F-8744-B67539A6F547}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.103.259.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd) FirewallRules: [{494BA063-3AEF-445F-A2FD-ED357808218B}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.103.259.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd) FirewallRules: [{67FF0378-0ED1-4193-BB25-BBFBA1686010}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.103.259.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd) FirewallRules: [{2507395E-D718-455B-830E-8105F562C1AF}] => (Allow) C:\Program Files (x86)\Google\Chrome Beta\Application\chrome.exe (Google LLC -> Google Inc.) FirewallRules: [TCP Query User{635FE401-14CA-4549-BA53-553FB0D42781}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.194\deploy\leagueclient.exe] => (Allow) C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.194\deploy\leagueclient.exe (Riot Games, Inc. -> ) FirewallRules: [UDP Query User{4E866002-C77D-4E3E-85C7-2DFA81C2FECE}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.194\deploy\leagueclient.exe] => (Allow) C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.194\deploy\leagueclient.exe (Riot Games, Inc. -> ) ==================== Punkty Przywracania systemu ========================= 10-03-2019 18:07:51 Zaplanowany punkt kontrolny 19-03-2019 10:57:54 Windows Update 29-03-2019 10:47:51 Zaplanowany punkt kontrolny ==================== Wadliwe urządzenia w Menedżerze urządzeń ============= Name: Description: Class Guid: Manufacturer: Service: Problem: : The drivers for this device are not installed. (Code 28) Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard. ==================== Błędy w Dzienniku zdarzeń: ========================= Dziennik Aplikacja: ================== Error: (04/04/2019 01:18:05 PM) (Source: Office 2016 Licensing Service) (EventID: 0) (User: ) Description: Event-ID 0 Error: (04/03/2019 01:18:04 PM) (Source: Office 2016 Licensing Service) (EventID: 0) (User: ) Description: Event-ID 0 Error: (04/02/2019 01:18:04 PM) (Source: Office 2016 Licensing Service) (EventID: 0) (User: ) Description: Event-ID 0 Error: (04/01/2019 01:18:04 PM) (Source: Office 2016 Licensing Service) (EventID: 0) (User: ) Description: Event-ID 0 Error: (04/01/2019 11:46:35 AM) (Source: SideBySide) (EventID: 35) (User: ) Description: Nie można wygenerować kontekstu aktywacji dla "C:\Program Files (x86)\Microsoft Office\root\Office16\lync.exe.Manifest". Błąd w pliku manifestu lub w pliku zasad "C:\Program Files (x86)\Microsoft Office\root\Office16\UccApi.DLL" w wierszu 1. Tożsamość składnika znaleziona w manifeście nie odpowiada tożsamości składnika żądanego. Odwołanie to UccApi,processorArchitecture="AMD64",type="win32",version="16.0.0.0". Definicja to UccApi,processorArchitecture="x86",type="win32",version="16.0.0.0". Użyj narzędzia sxstrace.exe, aby uzyskać szczegółową diagnozę. Error: (03/31/2019 01:18:04 PM) (Source: Office 2016 Licensing Service) (EventID: 0) (User: ) Description: Event-ID 0 Error: (03/31/2019 02:12:13 AM) (Source: Application Error) (EventID: 1000) (User: ) Description: Nazwa aplikacji powodującej błąd: backgroundTaskHost.exe, wersja: 10.0.17763.1, sygnatura czasowa: 0x5c63a726 Nazwa modułu powodującego błąd: ntdll.dll, wersja: 10.0.17763.292, sygnatura czasowa: 0xf3450dbf Kod wyjątku: 0xc0000374 Przesunięcie błędu: 0x000e0e23 Identyfikator procesu powodującego błąd: 0x24d4 Godzina uruchomienia aplikacji powodującej błąd: 0x01d4e75664373ca4 Ścieżka aplikacji powodującej błąd: C:\WINDOWS\SysWOW64\backgroundTaskHost.exe Ścieżka modułu powodującego błąd: C:\WINDOWS\SYSTEM32\ntdll.dll Identyfikator raportu: c3355a12-1045-4ad2-9a09-de1791d9cb8f Pełna nazwa pakietu powodującego błąd: SpotifyAB.SpotifyMusic_1.103.259.0_x86__zpdnekdrzrea0 Identyfikator aplikacji względem pakietu powodującego błąd: Spotify Error: (03/30/2019 02:18:05 PM) (Source: Office 2016 Licensing Service) (EventID: 0) (User: ) Description: Event-ID 0 Dziennik System: ============= Error: (04/05/2019 10:18:40 AM) (Source: Service Control Manager) (EventID: 7023) (User: ) Description: Usługa wuauserv zakończyła działanie; wystąpił następujący błąd: Nie można odnaleźć określonego pliku. Error: (04/05/2019 10:18:40 AM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-NURIL69) Description: Serwer {E60687F7-01A1-40AA-86AC-DB1CBF673334} nie zarejestrował się w modelu DCOM w wymaganym czasie. Error: (04/05/2019 10:16:40 AM) (Source: Service Control Manager) (EventID: 7023) (User: ) Description: Usługa wuauserv zakończyła działanie; wystąpił następujący błąd: Nie można odnaleźć określonego pliku. Error: (04/05/2019 10:16:40 AM) (Source: DCOM) (EventID: 10010) (User: ZARZĄDZANIE NT) Description: Serwer {E60687F7-01A1-40AA-86AC-DB1CBF673334} nie zarejestrował się w modelu DCOM w wymaganym czasie. Error: (04/05/2019 10:14:40 AM) (Source: Service Control Manager) (EventID: 7023) (User: ) Description: Usługa wuauserv zakończyła działanie; wystąpił następujący błąd: Nie można odnaleźć określonego pliku. Error: (04/05/2019 10:14:40 AM) (Source: DCOM) (EventID: 10010) (User: ZARZĄDZANIE NT) Description: Serwer {E60687F7-01A1-40AA-86AC-DB1CBF673334} nie zarejestrował się w modelu DCOM w wymaganym czasie. Error: (04/05/2019 10:12:40 AM) (Source: Service Control Manager) (EventID: 7023) (User: ) Description: Usługa wuauserv zakończyła działanie; wystąpił następujący błąd: Nie można odnaleźć określonego pliku. Error: (04/05/2019 10:12:40 AM) (Source: DCOM) (EventID: 10010) (User: ZARZĄDZANIE NT) Description: Serwer {E60687F7-01A1-40AA-86AC-DB1CBF673334} nie zarejestrował się w modelu DCOM w wymaganym czasie. Windows Defender: =================================== Date: 2019-03-31 01:16:42.110 Description: Skanowanie produktu Program antywirusowy Windows Defender zostało zatrzymane przed ukończeniem. Identyfikator skanowania: {A7914F2F-D510-4838-ADF8-C7850EDFD57F} Typ skanowania: Narzędzia chroniące przed złośliwym oprogramowaniem Parametry skanowania: Szybkie skanowanie Użytkownik: ZARZĄDZANIE NT\SYSTEM Date: 2019-03-29 09:48:58.837 Description: Skanowanie produktu Program antywirusowy Windows Defender zostało zatrzymane przed ukończeniem. Identyfikator skanowania: {7C07E897-E301-4754-8C6C-153FC546613B} Typ skanowania: Narzędzia chroniące przed złośliwym oprogramowaniem Parametry skanowania: Szybkie skanowanie Użytkownik: ZARZĄDZANIE NT\SYSTEM Date: 2019-03-27 20:29:42.127 Description: Skanowanie produktu Program antywirusowy Windows Defender zostało zatrzymane przed ukończeniem. Identyfikator skanowania: {C80F46B5-D262-42DA-9BF9-8A82FC27EACC} Typ skanowania: Narzędzia chroniące przed złośliwym oprogramowaniem Parametry skanowania: Szybkie skanowanie Użytkownik: ZARZĄDZANIE NT\SYSTEM Date: 2019-03-27 19:22:18.379 Description: Skanowanie produktu Program antywirusowy Windows Defender zostało zatrzymane przed ukończeniem. Identyfikator skanowania: {0BD102EC-ED38-40F4-8BB5-C71859A7BAE1} Typ skanowania: Narzędzia chroniące przed złośliwym oprogramowaniem Parametry skanowania: Szybkie skanowanie Użytkownik: ZARZĄDZANIE NT\SYSTEM Date: 2019-03-27 19:15:34.272 Description: Skanowanie produktu Program antywirusowy Windows Defender zostało zatrzymane przed ukończeniem. Identyfikator skanowania: {8A353D0F-711E-4305-A822-EB6192E91855} Typ skanowania: Narzędzia chroniące przed złośliwym oprogramowaniem Parametry skanowania: Szybkie skanowanie Użytkownik: ZARZĄDZANIE NT\SYSTEM ==================== Statystyki pamięci =========================== Procesor: Intel(R) Core(TM) i5-4590 CPU @ 3.30GHz Procent pamięci w użyciu: 42% Całkowita pamięć fizyczna: 8136.02 MB Dostępna pamięć fizyczna: 4643.04 MB Całkowita pamięć wirtualna: 20424.02 MB Dostępna pamięć wirtualna: 16210.98 MB ==================== Dyski ================================ Drive c: () (Fixed) (Total:222.97 GB) (Free:127.39 GB) NTFS Drive d: () (Fixed) (Total:931.51 GB) (Free:758.8 GB) NTFS \\?\Volume{2acf97b7-bde5-4705-bead-97b9d8ede402}\ (Odzyskiwanie) (Fixed) (Total:0.49 GB) (Free:0.09 GB) NTFS \\?\Volume{686f69cd-fbcf-4dbb-a1fb-1021b7c6290d}\ () (Fixed) (Total:0.09 GB) (Free:0.07 GB) FAT32 ==================== MBR & Tablica partycji ================== ======================================================== Disk: 0 (Size: 223.6 GB) (Disk ID: 984397BF) Partition: GPT. ======================================================== Disk: 1 (Size: 931.5 GB) (Disk ID: 984397A1) Partition 1: (Not Active) - (Size=931.5 GB) - (Type=07 NTFS) ==================== Koniec Addition.txt ============================