Rezultaty skanu uzupełniającego Farbar Recovery Scan Tool (x64) Wersja: 11-03-2017 01 Uruchomiony przez ŚwiunteG (12-03-2017 15:30:08) Uruchomiony z C:\Users\ŚwiunteG\Downloads Windows 10 Home Wersja 1607 (X64) (2016-09-22 04:20:06) Tryb startu: Normal ========================================================== ==================== Konta użytkowników: ============================= Administrator (S-1-5-21-856211863-3457804247-3980532556-500 - Administrator - Enabled) => C:\Users\Administrator Gość (S-1-5-21-856211863-3457804247-3980532556-501 - Limited - Disabled) Konto domyślne (S-1-5-21-856211863-3457804247-3980532556-503 - Limited - Disabled) ŚwiunteG (S-1-5-21-856211863-3457804247-3980532556-1001 - Administrator - Enabled) => C:\Users\ŚwiunteG ==================== Centrum zabezpieczeń ======================== (Załączenie wejścia w fixlist spowoduje jego usunięcie.) AV: Avast Antivirus (Enabled - Up to date) {8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF} AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: Avast Antivirus (Enabled - Up to date) {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402} ==================== Zainstalowane programy ====================== (W fixlist dozwolone tylko załączanie programów adware z flagą "Hidden" w celu ich uwidocznienia. Programy adware powinny zostać w poprawny sposób odinstalowane.) 64 Bit HP CIO Components Installer (Version: 7.2.8 - Hewlett-Packard) Hidden Assassin's Creed Unity (HKLM-x32\...\Uplay Install 720) (Version: - Ubisoft) ASUS Live Update (HKLM-x32\...\{FA540E67-095C-4A1B-97BA-4D547DEC9AF4}) (Version: 3.4.1 - ASUS) ASUS Power4Gear Hybrid (HKLM\...\{9B6239BF-4E85-4590-8D72-51E30DB1A9AA}) (Version: 3.0.8 - ASUS) ASUS Screen Saver (HKLM-x32\...\{0FBEEDF8-30FA-4FA3-B31F-C9C7E7E8DFA2}) (Version: 2.0.8 - ASUS) ASUS Smart Gesture (HKLM-x32\...\{4D3286A6-F6AB-498A-82A4-E4F040529F3D}) (Version: 4.0.12 - ASUS) ASUS Splendid Video Enhancement Technology (HKLM-x32\...\{0969AF05-4FF6-4C00-9406-43599238DE0D}) (Version: 3.01.0003 - ASUS) ASUS USB Charger Plus (HKLM-x32\...\{A859E3E5-C62F-4BFA-AF1D-2B95E03166AF}) (Version: 4.0.2 - ASUS) ATK Package (HKLM-x32\...\{AB5C933E-5C7D-4D30-B314-9C83A49B94BE}) (Version: 1.0.0035 - ASUS) Avast Free Antivirus (HKLM-x32\...\Avast Antivirus) (Version: 17.2.2288 - AVAST Software) Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment) BufferChm (x32 Version: 140.0.298.000 - Hewlett-Packard) Hidden CCleaner (HKLM\...\CCleaner) (Version: 5.27 - Piriform) CDBurnerXP (HKLM\...\{7E265513-8CDA-4631-B696-F40D983F3B07}_is1) (Version: 4.5.7.6389 - CDBurnerXP) Cisco EAP-FAST Module (HKLM-x32\...\{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}) (Version: 2.2.14 - Cisco Systems, Inc.) Cisco LEAP Module (HKLM-x32\...\{AF312B06-5C5C-468E-89B3-BE6DE2645722}) (Version: 1.0.19 - Cisco Systems, Inc.) Cisco PEAP Module (HKLM-x32\...\{0A4EF0E6-A912-4CDE-A7F3-6E56E7C13A2F}) (Version: 1.1.6 - Cisco Systems, Inc.) Conexant HD Audio (HKLM\...\CNXT_AUDIO_HDA) (Version: 8.66.4.60 - Conexant) Counter-Strike: Global Offensive (HKLM\...\Steam App 730) (Version: - Valve) CyberLink MediaStory (HKLM-x32\...\InstallShield_{55762F9A-FCE3-45d5-817B-051218658423}) (Version: 1.0.1314 - CyberLink Corp.) Destinations (x32 Version: 140.0.253.000 - Hewlett-Packard) Hidden Device Setup (HKLM-x32\...\{1F07F2C7-596F-4F34-B805-2C61A3E50E5A}) (Version: 1.0.18 - ASUSTek Computer Inc.) DeviceDiscovery (x32 Version: 140.0.298.000 - Hewlett-Packard) Hidden Foxit PhantomPDF (HKLM-x32\...\{FC76E6BB-7CBB-4CD6-8178-3BCADC0526C3}) (Version: 6.0.62.801 - Foxit Corporation) GeForce Experience NvStream Client Components (Version: 1.6.28 - NVIDIA Corporation) Hidden GOG Galaxy (HKLM-x32\...\{7258BA11-600C-430E-A759-27E2C691A335}_is1) (Version: - GOG.com) Google Chrome (HKLM-x32\...\Google Chrome) (Version: 57.0.2987.98 - Google Inc.) Google Update Helper (x32 Version: 1.3.32.7 - Google Inc.) Hidden GPBaseService2 (x32 Version: 140.0.297.000 - Hewlett-Packard) Hidden Grand Theft Auto V (HKLM-x32\...\{E01FA564-2094-4833-8F2F-1FFEC6AFCC46}) (Version: "1.00.0000" - Rockstar Games) H1Z1: King of the Kill (HKLM\...\Steam App 433850) (Version: - Daybreak Game Company) Hearthstone (HKLM-x32\...\Hearthstone) (Version: - Blizzard Entertainment) Hi-Rez Studios Authenticate and Update Service (HKLM-x32\...\{3C87E0FF-BC0A-4F5E-951B-68DC3F8DF1FC}) (Version: 3.0.0.0 - Hi-Rez Studios) HP Customer Participation Program 14.0 (HKLM\...\HPExtendedCapabilities) (Version: 14.0 - HP) HP Imaging Device Functions 14.0 (HKLM\...\HP Imaging Device Functions) (Version: 14.0 - HP) HP Photosmart Ink Adv K510 All-In-One Driver Software 14.0 Rel. 6 (HKLM\...\{E7A652E8-27C0-492B-9FC5-0713C0D7BFF3}) (Version: 14.0 - HP) HP Solution Center 14.0 (HKLM\...\HP Solution Center & Imaging Support Tools) (Version: 14.0 - HP) HP Support Solutions Framework (HKLM-x32\...\{B65BC649-C9D2-45F6-9DD6-D189BD91F02E}) (Version: 12.5.32.203 - HP) HP Update (HKLM-x32\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard) HPAppStudio (x32 Version: 140.0.95.000 - Hewlett-Packard) Hidden HPPhotoGadget (x32 Version: 140.0.524.000 - Hewlett-Packard) Hidden HPProductAssistant (x32 Version: 140.0.298.000 - Hewlett-Packard) Hidden HPSSupply (x32 Version: 140.0.297.000 - Hewlett-Packard) Hidden Innkeeper (HKU\S-1-5-21-856211863-3457804247-3980532556-1001\...\Innkeeper) (Version: 0.3.2 - Curse Inc.) Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.5.23.1766 - Intel Corporation) Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 20.19.15.4549 - Intel Corporation) Internet Manager (HKLM-x32\...\DT_Poland Estoril Internet Manager_is1) (Version: - DT_Poland) K510 (x32 Version: 140.0.353.000 - Hewlett-Packard) Hidden KHOLAT (HKLM\...\Steam App 343710) (Version: - IMGN.PRO) League of Legends (HKLM-x32\...\League of Legends 4.2.1) (Version: 4.2.1 - Riot Games) League of Legends (x32 Version: 4.2.1 - Riot Games) Hidden MarketResearch (x32 Version: 140.0.212.000 - Hewlett-Packard) Hidden McAfee WebAdvisor (HKLM-x32\...\{35ED3F83-4BDC-4c44-8EC6-6A8301C7413A}) (Version: 4.0.198 - McAfee, Inc.) Microsoft Office (HKLM-x32\...\{90150000-0138-0409-0000-0000000FF1CE}) (Version: 15.0.4641.3004 - Microsoft Corporation) Microsoft OneDrive (HKU\AvGeneric_S-1-5-21-856211863-3457804247-3980532556-500\...\OneDriveSetup.exe) (Version: 17.3.6720.1207 - Microsoft Corporation) Microsoft OneDrive (HKU\S-1-5-21-856211863-3457804247-3980532556-1001\...\OneDriveSetup.exe) (Version: 17.3.6798.0207 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24210 (HKLM-x32\...\{f144e08f-9cbe-4f09-9a8c-f2b858b7ee7f}) (Version: 14.0.24210.0 - Microsoft Corporation) Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24210 (HKLM-x32\...\{23658c02-145e-483d-ba6b-1eb82c580529}) (Version: 14.0.24210.0 - Microsoft Corporation) Minecraft (HKLM-x32\...\{1C16BCA3-EBC1-49F6-8623-8FBFB9CCC872}) (Version: 1.0.3.0 - Mojang) Network64 (Version: 140.0.306.000 - Hewlett-Packard) Hidden NVIDIA GeForce Experience 1.8.2 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 1.8.2 - NVIDIA Corporation) NVIDIA Graphics Driver 333.02 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 333.02 - NVIDIA Corporation) NVIDIA PhysX (HKLM-x32\...\{B455E95A-B804-439F-B533-336B1635AE97}) (Version: 9.14.0702 - NVIDIA Corporation) NVIDIA Virtual Audio 1.2.20 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_VirtualAudio.Driver) (Version: 1.2.20 - NVIDIA Corporation) OpenOffice 4.1.2 (HKLM-x32\...\{E0ED9630-38E3-418F-A615-A9B2B5758BE5}) (Version: 4.12.9782 - Apache Software Foundation) Overwolf (HKLM-x32\...\Overwolf) (Version: 0.103.32.0 - Overwolf Ltd.) Pakiet sterowników systemu Windows - ASUS (ATP) Mouse (11/11/2015 1.0.0.262) (HKLM\...\A044C5901003C24E6891688653ABA1068D04A1A0) (Version: 11/11/2015 1.0.0.262 - ASUS) Paladins (HKLM\...\Steam App 444090) (Version: - Hi-Rez Studios) Panel sterowania NVIDIA 369.09 (Version: 369.09 - NVIDIA Corporation) Hidden PlayReady PC Runtime x86 (HKLM-x32\...\{CCA5EAAD-92F4-4B7A-B5EE-14294C66AB61}) (Version: 1.3.0 - Microsoft Corporation) PS_AIO_07_K510_SW_Min (x32 Version: 140.0.365.000 - Hewlett-Packard) Hidden QuickTransfer (x32 Version: 140.0.98.000 - Hewlett-Packard) Hidden REALTEK Bluetooth Driver (HKLM-x32\...\{9D3D8C60-A5EF-4123-B2B9-172095903AB}) (Version: 3.833.833.101614 - REALTEK Semiconductor Corp.) Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 6.2.9600.21243 - Realtek Semiconductor Corp.) Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.29.314.2014 - Realtek) REALTEK Wireless LAN Driver (HKLM-x32\...\{9DAABC60-A5EF-41FF-B2B9-17329590CD5}) (Version: 1.20.243 - REALTEK Semiconductor Corp.) Rocket League (HKLM\...\Steam App 252950) (Version: - Psyonix, Inc.) Rockstar Games Social Club (HKLM-x32\...\Rockstar Games Social Club) (Version: 1.2.1.4 - Rockstar Games) SafeZone Stable 3.55.2393.561 (x32 Version: 3.55.2393.561 - Avast Software) Hidden Scan (x32 Version: 140.0.253.000 - Hewlett-Packard) Hidden SHIELD Streaming (Version: 1.7.306 - NVIDIA Corporation) Hidden Shop for HP Supplies (HKLM\...\Shop for HP Supplies) (Version: 14.0 - HP) Skype™ 7.32 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.32.104 - Skype Technologies S.A.) SolutionCenter (x32 Version: 140.0.299.000 - Hewlett-Packard) Hidden Status (x32 Version: 140.0.342.000 - Hewlett-Packard) Hidden Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation) TeamSpeak 3 Client (HKLM-x32\...\TeamSpeak 3 Client) (Version: 3.0.19 - TeamSpeak Systems GmbH) The Witcher 3 - Wild Hunt (HKLM-x32\...\1207664643_is1) (Version: 1.0.0.0 - GOG.com) Toolbox (x32 Version: 140.0.596.000 - Hewlett-Packard) Hidden TrayApp (x32 Version: 140.0.297.000 - Hewlett-Packard) Hidden Uplay (HKLM-x32\...\Uplay) (Version: 4.8 - Ubisoft) WebReg (x32 Version: 140.0.297.017 - Hewlett-Packard) Hidden WebStorage (HKLM-x32\...\WebStorage) (Version: 2.1.11.399 - ASUS Cloud Corporation) WinFlash (HKLM-x32\...\{8F21291E-0444-4B1D-B9F9-4370A73E346D}) (Version: 2.42.0 - ASUS) WinRAR 5.40 (32-bit) (HKLM-x32\...\WinRAR archiver) (Version: 5.40.0 - win.rar GmbH) World of Warcraft (HKLM-x32\...\World of Warcraft) (Version: - Blizzard Entertainment) ==================== Niestandardowe rejestracje CLSID (filtrowane): ========================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) CustomCLSID: HKU\S-1-5-21-856211863-3457804247-3980532556-1001_Classes\CLSID\{087B3AE3-E237-4467-B8DB-5A38AB959AC9}\InprocServer32 -> C:\Program Files (x86)\OpenOffice 4\program\shlxthdl\shlxthdl_x64.dll (Apache Software Foundation) CustomCLSID: HKU\S-1-5-21-856211863-3457804247-3980532556-1001_Classes\CLSID\{3B092F0C-7696-40E3-A80F-68D74DA84210}\InprocServer32 -> C:\Program Files (x86)\OpenOffice 4\program\shlxthdl\shlxthdl_x64.dll (Apache Software Foundation) CustomCLSID: HKU\S-1-5-21-856211863-3457804247-3980532556-1001_Classes\CLSID\{63542C48-9552-494A-84F7-73AA6A7C99C1}\InprocServer32 -> C:\Program Files (x86)\OpenOffice 4\program\shlxthdl\shlxthdl_x64.dll (Apache Software Foundation) CustomCLSID: HKU\S-1-5-21-856211863-3457804247-3980532556-1001_Classes\CLSID\{7BC0E710-5703-45BE-A29D-5D46D8B39262}\InprocServer32 -> C:\Program Files (x86)\OpenOffice 4\program\shlxthdl\ooofilt_x64.dll (Apache Software Foundation) CustomCLSID: HKU\S-1-5-21-856211863-3457804247-3980532556-1001_Classes\CLSID\{AE424E85-F6DF-4910-A6A9-438797986431}\InprocServer32 -> C:\Program Files (x86)\OpenOffice 4\program\shlxthdl\propertyhdl_x64.dll (Apache Software Foundation) CustomCLSID: HKU\S-1-5-21-856211863-3457804247-3980532556-1001_Classes\CLSID\{C52AF81D-F7A0-4AAB-8E87-F80A60CCD396}\InprocServer32 -> C:\Program Files (x86)\OpenOffice 4\program\shlxthdl\shlxthdl_x64.dll (Apache Software Foundation) CustomCLSID: HKU\S-1-5-21-856211863-3457804247-3980532556-1001_Classes\CLSID\{E68D0A55-3C40-4712-B90D-DCFA93FF2534}\InprocServer32 -> C:\Users\ŚwiunteG\AppData\Roaming\GG\ggdrive\ggdrive-menu.dll => Brak pliku ==================== Zaplanowane zadania (filtrowane) ============= (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) Task: {0A359BBE-A71F-4130-B7CF-9E73B7CD082E} - \Microsoft\Windows\Setup\gwx\rundetector -> Brak pliku <==== UWAGA Task: {0ECE2AD9-7427-4EEF-A104-96CC550A8D1D} - System32\Tasks\P4GIntlCtrl => C:\Program Files\ASUS\P4G\IntlDPST.exe [2014-02-11] () Task: {10B16A93-D2C2-45D5-9E06-4507524F8634} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe [2016-12-07] (HP Inc.) Task: {1C605E5C-1F4D-4D59-9587-C280E5EC1A99} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeTime -> Brak pliku <==== UWAGA Task: {23D7C00C-FDD0-4204-BE01-EB40A951A284} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> Brak pliku <==== UWAGA Task: {247C81F4-229E-4E42-8566-A8FF853561BD} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-03-12] (Google Inc.) Task: {261E7A93-F294-4C81-B3D4-3D77FEB9DDC2} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-03-12] (Google Inc.) Task: {2A370B6D-3D05-4DC4-8390-586B768193A9} - \Optimize Start Menu Cache Files-S-1-5-21-856211863-3457804247-3980532556-500 -> Brak pliku <==== UWAGA Task: {352E6CA0-7314-4DF4-89C4-682368D80D57} - System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join => %SystemRoot%\System32\AutoWorkplace.exe Task: {36AAD459-A5CE-4524-B4EB-E337E6D22983} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> Brak pliku <==== UWAGA Task: {3D838C46-5501-44A1-9300-78EA892576E8} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2017-02-08] (Piriform Ltd) Task: {428FA288-2F2B-427E-B521-2DE5DCC263A4} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> Brak pliku <==== UWAGA Task: {48DFA534-8EC1-4748-9EA3-0BE6C08867E7} - \Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Report -> Brak pliku <==== UWAGA Task: {4AC130CA-79EF-40F0-B9CD-B175C2ED004D} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> Brak pliku <==== UWAGA Task: {53F7A0EB-744C-44E3-AE07-4826EF5F4799} - \ASUS Live Update1 -> Brak pliku <==== UWAGA Task: {5A3DFFBA-47DF-4E60-9CA7-07F55F3314C6} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime -> Brak pliku <==== UWAGA Task: {6046FEE9-B722-43C3-9AC8-4D14799D777B} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> Brak pliku <==== UWAGA Task: {6DA30928-130F-473E-8776-AD799C09F6DD} - \ASUS\ASUS Product Register Service -> Brak pliku <==== UWAGA Task: {7501ADF3-4C81-44CE-8F4A-469909998746} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> Brak pliku <==== UWAGA Task: {77A92B24-12DB-451C-B877-A124AF92677E} - System32\Tasks\AVAST Software\Avast settings backup => C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe [2017-02-20] (AVAST Software) Task: {7A429671-C979-4213-B5BC-320CE70A928A} - \Optimize Start Menu Cache Files-S-1-5-21-856211863-3457804247-3980532556-1001 -> Brak pliku <==== UWAGA Task: {88FA91EC-099B-4228-810B-21F1C33E1DC3} - System32\Tasks\ASUS Smart Gesture Launcher => C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPLauncher.exe [2015-12-14] (AsusTek) Task: {8D6149B3-C568-4096-A544-61FA55CE9FE6} - System32\Tasks\SafeZone scheduled Autoupdate 1487614686 => C:\Program Files\AVAST Software\SZBrowser\launcher.exe [2017-02-15] (Avast Software) Task: {9123F01B-4FD6-4CCC-992E-4361DD01FDD4} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> Brak pliku <==== UWAGA Task: {AD605AB1-4A16-4155-BC46-6C9CA8ACBCE4} - System32\Tasks\Update Checker => C:\Program Files (x86)\ASUS\ASUS Live Update\UpdateChecker.exe [2016-06-03] () Task: {AE15FD33-0EA6-4FCF-803F-B967E5B94461} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> Brak pliku <==== UWAGA Task: {B4CE1D7D-1164-489E-840D-13AC93CA7A88} - \Microsoft\Windows\Setup\GWXTriggers\Time-Weekend -> Brak pliku <==== UWAGA Task: {B88F59C0-13A7-4EA2-94C0-74456A8DD870} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> Brak pliku <==== UWAGA Task: {C6451BCE-5888-4599-BD02-D00044215E29} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> Brak pliku <==== UWAGA Task: {C7C2D822-1317-4DE3-904D-A8528DB1E60C} - \McAfee\McAfee Idle Detection Task -> Brak pliku <==== UWAGA Task: {CA0E6A11-BFCA-4E24-82CB-44201A83A82F} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe [2017-03-11] (AVAST Software) Task: {E7B214CA-315A-4CBE-907C-874167C6E2C1} - \WPD\SqmUpload_S-1-5-21-856211863-3457804247-3980532556-1001 -> Brak pliku <==== UWAGA Task: {E7C06BF8-21A2-47F2-9B4D-05AFDF669A4D} - \Microsoft\Windows\Setup\GWXTriggers\OnIdle-5d -> Brak pliku <==== UWAGA (Załączenie wejścia w fixlist spowoduje przesunięcie pliku zadania (.job). Plik uruchamiany docelowo przez zadanie nie zostanie przeniesiony.) Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe Task: C:\WINDOWS\Tasks\WebReg HP Photosmart Ink Adv K510.job => C:\Program Files (x86)\HP\Digital Imaging\bin\hpqwrg.exe ==================== Skróty ============================= (Wybrane wejścia mogą zostać załączone w celu ich zresetowania lub usunięcia.) WMI_ActiveScriptEventConsumer_ASEC: <===== UWAGA ShortcutWithArgument: C:\Users\ŚwiunteG\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --load-extension="C:\Users\WIUNTE~1\AppData\Local\kemgadeojglibflomicgnfeopkdfflnk" hxxp://qtipr.com/ ShortcutWithArgument: C:\Users\ŚwiunteG\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --load-extension="C:\Users\WIUNTE~1\AppData\Local\kemgadeojglibflomicgnfeopkdfflnk" hxxp://qtipr.com/ ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --load-extension="C:\Users\WIUNTE~1\AppData\Local\kemgadeojglibflomicgnfeopkdfflnk" hxxp://qtipr.com/ ShortcutWithArgument: C:\Users\Public\Desktop\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --load-extension="C:\Users\WIUNTE~1\AppData\Local\kemgadeojglibflomicgnfeopkdfflnk" hxxp://qtipr.com/ ==================== Załadowane moduły (filtrowane) ============== 2016-07-16 12:42 - 2016-07-16 12:42 - 00231424 _____ () C:\WINDOWS\SYSTEM32\ism32k.dll 2016-12-15 11:02 - 2016-12-09 11:29 - 02681200 _____ () C:\WINDOWS\system32\CoreUIComponents.dll 2016-09-22 04:49 - 2016-08-01 13:54 - 00133056 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll 2016-12-15 11:02 - 2016-12-09 11:29 - 02681200 _____ () C:\WINDOWS\SYSTEM32\CoreUIComponents.dll 2016-09-22 05:41 - 2016-09-22 05:41 - 00134656 _____ () C:\Windows\ShellExperiences\Windows.UI.Shell.SharedUtilities.dll 2017-01-11 17:19 - 2016-12-21 08:09 - 00474112 _____ () C:\Windows\ShellExperiences\QuickActions.dll 2017-02-22 15:30 - 2017-02-22 15:30 - 00073728 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.11.110.0_x64__kzf8qxf38zg5c\SkypeHost.exe 2017-02-22 15:30 - 2017-02-22 15:30 - 00179712 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.11.110.0_x64__kzf8qxf38zg5c\SkypeBackgroundTasks.dll 2017-02-22 15:30 - 2017-02-22 15:30 - 42895360 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.11.110.0_x64__kzf8qxf38zg5c\SkyWrap.dll 2017-02-06 19:22 - 2017-02-06 19:22 - 02215424 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.11.110.0_x64__kzf8qxf38zg5c\roottools.dll 2016-07-13 11:48 - 2014-12-11 10:19 - 00159016 _____ () C:\Program Files (x86)\Internet Manager\L850_DT_Poland\BackgroundService\ModemListener.exe 2017-01-11 17:19 - 2016-12-21 07:54 - 09760768 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll 2017-01-11 17:19 - 2016-12-21 07:48 - 01401856 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll 2017-01-11 17:19 - 2016-12-21 07:48 - 00757248 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CSGSuggestLib.dll 2017-01-11 17:19 - 2016-12-21 07:48 - 02424320 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll 2017-01-11 17:19 - 2016-12-21 07:53 - 04853760 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll 2017-03-12 14:23 - 2017-03-09 06:26 - 02885464 _____ () C:\Program Files (x86)\Google\Chrome\Application\57.0.2987.98\libglesv2.dll 2017-03-12 14:23 - 2017-03-09 06:26 - 00099672 _____ () C:\Program Files (x86)\Google\Chrome\Application\57.0.2987.98\libegl.dll 2017-03-12 14:42 - 2017-02-02 12:38 - 31178840 _____ () C:\Users\ŚwiunteG\AppData\Local\Google\Chrome\User Data\PepperFlash\24.0.0.221\pepflashplayer.dll 2014-12-21 06:26 - 2013-12-09 16:26 - 01242584 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll 2017-03-11 16:48 - 2017-03-11 16:48 - 00170216 _____ () C:\Program Files\AVAST Software\Avast\JsonRpcServer.dll 2017-02-20 19:14 - 2017-02-20 19:14 - 48936448 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll 2017-03-11 16:47 - 2017-03-11 16:47 - 00290352 _____ () C:\Program Files\AVAST Software\Avast\gaming_mode_ui.dll 2017-03-11 16:48 - 2017-03-11 16:48 - 00655056 _____ () C:\Program Files\AVAST Software\Avast\ffl2.dll ==================== Alternate Data Streams (filtrowane) ========= (Załączenie wejścia w fixlist spowoduje usunięcie strumienia ADS.) ==================== Tryb awaryjny (filtrowane) =================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Wartość "AlternateShell" zostanie przywrócona.) HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\McMPFSvc => ""="Service" ==================== Powiązania plików (filtrowane) =============== (Załączenie wejścia w fixlist spowoduje usunięcie obiektu z rejestru lub przywrócenie jego domyślnej postaci.) ==================== Internet Explorer - Witryny zaufane i z ograniczeniami =============== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru.) ==================== Hosts - zawartość: =============================== (Użycie dyrektywy Hosts: w fixlist spowoduje reset pliku Hosts.) 2013-08-22 14:25 - 2017-02-20 19:03 - 00000824 ____A C:\WINDOWS\system32\Drivers\etc\hosts ==================== Inne obszary ============================ (Obecnie brak automatycznej naprawy dla tej sekcji.) HKU\AvGeneric_S-1-5-21-856211863-3457804247-3980532556-500\Control Panel\Desktop\\Wallpaper -> C:\WINDOWS\web\wallpaper\Windows\img0.jpg HKU\S-1-5-21-856211863-3457804247-3980532556-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\ŚwiunteG\AppData\Local\Packages\Microsoft.Windows.Photos_8wekyb3d8bbwe\LocalState\PhotosAppBackground\{e6693652-a4c6-4e38-9633-478a7d40d6b7}.jpg DNS Servers: 192.168.1.1 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1) Zapora systemu Windows [funkcja włączona] ==================== MSCONFIG/TASK MANAGER - Wyłączone elementy == ==================== Reguły Zapory systemu Windows (filtrowane) =============== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139 FirewallRules: [UDP Query User{A2D785C7-196A-40A7-9ABD-C3B3C8AFEE9A}C:\users\świunteg\appdata\roaming\spotify\spotify.exe] => (Block) C:\users\świunteg\appdata\roaming\spotify\spotify.exe FirewallRules: [TCP Query User{E4938BD5-B877-4E92-96BF-B0903DEAFF74}C:\users\świunteg\appdata\roaming\spotify\spotify.exe] => (Block) C:\users\świunteg\appdata\roaming\spotify\spotify.exe FirewallRules: [UDP Query User{C8E4EB49-53A7-4C60-BBC5-2B3ECADE3E06}C:\program files (x86)\hearthstone\hearthstone.exe] => (Allow) C:\program files (x86)\hearthstone\hearthstone.exe FirewallRules: [TCP Query User{5EC688EA-5DF2-4D37-9035-1BD198B8E760}C:\program files (x86)\hearthstone\hearthstone.exe] => (Allow) C:\program files (x86)\hearthstone\hearthstone.exe FirewallRules: [{82C63329-A8B7-4C6E-B362-BE35E09D48E2}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\KHOLAT\Kholat.exe FirewallRules: [{92289D5F-E0DB-4879-AEE4-A40338BE254D}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\KHOLAT\Kholat.exe FirewallRules: [{EDEE7A32-78E1-4819-AA55-899DD63781D5}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Rust\Rust.exe FirewallRules: [{D84ECF61-C66C-493D-82AE-5E2E05079BD6}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Rust\Rust.exe FirewallRules: [{62A453C7-2757-415A-8861-F73E29FD9181}] => (Allow) D:\Program Files\Assassin's Creed Unity\ACU.exe FirewallRules: [{D824952C-B0E2-4543-9B19-D58A1458AD77}] => (Allow) D:\Program Files\Assassin's Creed Unity\ACU.exe FirewallRules: [{3063FBB4-782B-4D22-9770-751E659FD706}] => (Allow) D:\Program Files\Rockstar Games\Grand Theft Auto V\GTA5.exe FirewallRules: [{288C0A38-6D5D-4EF2-8C73-1A9AD9321567}] => (Allow) D:\Program Files\Rockstar Games\Grand Theft Auto V\GTA5.exe FirewallRules: [{B0DBFC42-4C7F-4140-B133-557AC9546F78}] => (Allow) C:\Program Files (x86)\HP\hp software update\hpwucli.exe FirewallRules: [{668A4574-0EAC-41A8-9A0A-1A23526E1A95}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqusgh.exe FirewallRules: [{1290B4C3-F9ED-4442-88D1-830F11D566DF}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqusgm.exe FirewallRules: [{D2EAF333-B807-4655-A396-66D4DC4E74B9}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe FirewallRules: [{724BE365-F67E-466E-87F4-DA69E22E3EFF}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgplgtupl.exe FirewallRules: [{599981A2-A79C-40F4-830C-7F0C9A8CCD3D}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpiscnapp.exe FirewallRules: [{E2A91554-8B3C-4EAA-83F2-A3778E01AAE7}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpoews01.exe FirewallRules: [{37438338-9BAA-4AF9-B497-89A696BA5DDA}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpfccopy.exe FirewallRules: [{5AB2FCDC-426D-46DD-B46C-EC15761C9DDF}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqkygrp.exe FirewallRules: [{0350BBAF-AE1B-4FE4-80D9-552F4E9D8E37}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hposid01.exe FirewallRules: [{1D1554C3-1A00-475F-A0C8-8178B65DAB8C}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqste08.exe FirewallRules: [{5BB95495-B60E-49C3-BD7D-912CE1EB5778}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe FirewallRules: [{8BD58C02-0A06-412D-B34A-EE29D698183E}] => (Allow) C:\Users\ŚwiunteG\AppData\Local\Temp\7zS7456\setup\hpznui40.exe FirewallRules: [{9FF28AA5-8828-48D9-A89B-9DEDF7C73A7D}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe FirewallRules: [{20834D75-B6A3-4C01-892C-F0A2E8A0B7C4}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe FirewallRules: [{7F1781DA-5317-4B36-944C-BE3216AE92BD}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe FirewallRules: [{2E729540-F438-4692-AEC2-06B5CE25ED14}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe FirewallRules: [{882CF6E5-140A-4310-BCAA-549707A24699}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe FirewallRules: [{55E4939B-AE48-46D4-80FD-9438A849D1C9}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe FirewallRules: [{E19A6A82-0661-4F4B-B061-4F044ED12C74}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe FirewallRules: [{70A478E9-792D-451F-AA37-8DE621F9BCD0}] => (Allow) D:\Program Files (x86)\Steam\Steam.exe FirewallRules: [{D4DCF59D-8421-496C-894F-EE67B6EC93F6}] => (Allow) D:\Program Files (x86)\Steam\Steam.exe FirewallRules: [{E01A3178-2B1D-4B85-A6F5-F705545F8C84}] => (Allow) D:\Program Files (x86)\Steam\bin\steamwebhelper.exe FirewallRules: [{97482078-E37D-4774-97D7-73745E1659BD}] => (Allow) D:\Program Files (x86)\Steam\bin\steamwebhelper.exe FirewallRules: [{12C4C74F-0BA8-465B-B36E-03443A8C88BE}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe FirewallRules: [{DCC835AA-DA94-4464-A08F-9336C070AB1C}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe FirewallRules: [TCP Query User{B1C7DDF4-84B9-4526-BA63-F8FDD09336F9}D:\program files (x86)\steam\steamapps\common\paladins\binaries\win32\paladins.exe] => (Allow) D:\program files (x86)\steam\steamapps\common\paladins\binaries\win32\paladins.exe FirewallRules: [UDP Query User{C55EBF22-C70F-40D8-8053-77223D614D01}D:\program files (x86)\steam\steamapps\common\paladins\binaries\win32\paladins.exe] => (Allow) D:\program files (x86)\steam\steamapps\common\paladins\binaries\win32\paladins.exe FirewallRules: [TCP Query User{37D95487-5249-4DA4-B12F-BB021175BDCB}C:\program files (x86)\hearthstone\hearthstone.exe] => (Allow) C:\program files (x86)\hearthstone\hearthstone.exe FirewallRules: [UDP Query User{C6040DCA-2223-4A8B-BE14-54BDD699D3DE}C:\program files (x86)\hearthstone\hearthstone.exe] => (Allow) C:\program files (x86)\hearthstone\hearthstone.exe FirewallRules: [TCP Query User{D7643EBC-02D7-4A3D-A8B7-046078207C62}C:\users\świunteg\appdata\roaming\acestream\engine\ace_engine.exe] => (Allow) C:\users\świunteg\appdata\roaming\acestream\engine\ace_engine.exe FirewallRules: [UDP Query User{3A41AFE3-FAF6-4DC5-AFB8-EAABAFB35448}C:\users\świunteg\appdata\roaming\acestream\engine\ace_engine.exe] => (Allow) C:\users\świunteg\appdata\roaming\acestream\engine\ace_engine.exe FirewallRules: [TCP Query User{FC64A7EE-B282-457C-A8EC-3C54C7816BDD}C:\program files (x86)\battle.net\battle.net.8142\battle.net.exe] => (Allow) C:\program files (x86)\battle.net\battle.net.8142\battle.net.exe FirewallRules: [UDP Query User{4101803D-58C7-4937-91AB-8386EFD9EB32}C:\program files (x86)\battle.net\battle.net.8142\battle.net.exe] => (Allow) C:\program files (x86)\battle.net\battle.net.8142\battle.net.exe FirewallRules: [TCP Query User{1B8DF580-C3C7-497E-8201-7802E2662165}D:\program files (x86)\steam\steamapps\common\h1z1 king of the kill\h1z1.exe] => (Allow) D:\program files (x86)\steam\steamapps\common\h1z1 king of the kill\h1z1.exe FirewallRules: [UDP Query User{FE0E8898-1918-4FC5-AC63-D2E929ED180A}D:\program files (x86)\steam\steamapps\common\h1z1 king of the kill\h1z1.exe] => (Allow) D:\program files (x86)\steam\steamapps\common\h1z1 king of the kill\h1z1.exe FirewallRules: [{8808B758-4671-47EF-8F72-E0B2EC1733D7}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\H1Z1 King of the Kill\LaunchPad.exe FirewallRules: [{FC180957-3D12-48F6-B7A5-B4EC9056926B}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\H1Z1 King of the Kill\LaunchPad.exe FirewallRules: [TCP Query User{FF1E8633-71D8-4AAB-B2AC-2444CC4CC870}D:\program files (x86)\steam\steamapps\common\h1z1 king of the kill\h1z1.exe] => (Allow) D:\program files (x86)\steam\steamapps\common\h1z1 king of the kill\h1z1.exe FirewallRules: [UDP Query User{61EC919F-F343-4F68-9711-CA513ECD2341}D:\program files (x86)\steam\steamapps\common\h1z1 king of the kill\h1z1.exe] => (Allow) D:\program files (x86)\steam\steamapps\common\h1z1 king of the kill\h1z1.exe FirewallRules: [{CDC85A18-3C96-43B9-9437-AC0E2A805236}] => (Allow) D:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe FirewallRules: [{BE0A867C-6AF6-4153-95B1-1B3196C766DD}] => (Allow) D:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe FirewallRules: [TCP Query User{D54DBF81-8C04-48F4-8874-CAFF96787604}D:\program files\rockstar games\grand theft auto v\gta5.exe] => (Allow) D:\program files\rockstar games\grand theft auto v\gta5.exe FirewallRules: [UDP Query User{F12ECE0F-8404-42F7-8C4F-0E7A51D7197A}D:\program files\rockstar games\grand theft auto v\gta5.exe] => (Allow) D:\program files\rockstar games\grand theft auto v\gta5.exe FirewallRules: [{5AE28A79-0F3B-4AFC-B022-EBA5BC9FDE33}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\rocketleague\Binaries\Win32\RocketLeague.exe FirewallRules: [{40D85765-8401-4670-8E43-74397F96F4A4}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\rocketleague\Binaries\Win32\RocketLeague.exe FirewallRules: [{449DC890-6710-4AB9-B9DF-ABD6A8EB062D}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\rocketleague\Binaries\Win32\RocketLeague.exe FirewallRules: [{977C4D66-0381-48E4-894A-DBC125148277}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\rocketleague\Binaries\Win32\RocketLeague.exe FirewallRules: [{1C7A1A36-197A-4CD8-A5A3-A6FD70F63058}] => (Allow) C:\Program Files\AVAST Software\SZBrowser\3.55.2393.590\SZBrowser.exe FirewallRules: [{AEC346A1-BF1A-467A-B916-2AB607CAE56D}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe FirewallRules: [{C6246B29-A47E-4D5E-BA90-BB8BB6363B17}] => (Allow) C:\Program Files\AVAST Software\SZBrowser\3.55.2393.561\SZBrowser.exe ==================== Punkty Przywracania systemu ========================= 22-02-2017 21:52:03 Windows Update 25-02-2017 22:20:41 Windows Update 05-03-2017 00:14:25 Zaplanowany punkt kontrolny 11-03-2017 21:14:59 UnHackMe Malware Removal ==================== Wadliwe urządzenia w Menedżerze urządzeń ============= Name: Photosmart Ink Adv K510 Description: Photosmart Ink Adv K510 Class Guid: {4d36e971-e325-11ce-bfc1-08002be10318} Manufacturer: HP Service: Problem: : This device is disabled. (Code 22) Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions. ==================== Błędy w Dzienniku zdarzeń: ========================= Dziennik Aplikacja: ================== Error: (03/12/2017 02:09:29 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: SWIUNTEG) Description: Aktywacja aplikacji Microsoft.Getstarted_4.5.6.0_x64__8wekyb3d8bbwe:App.AppX7mv0s3r0wanj0n66dy6vax24ps6avzvz.mca nie powiodła się. Błąd: -2144927149. Więcej informacji można znaleźć w dzienniku Microsoft-Windows-TWinUI/Działa. Error: (03/12/2017 02:01:26 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Nazwa aplikacji powodującej błąd: RzWizard.exe, wersja: 1.0.6.1000, sygnatura czasowa: 0x56f20403 Nazwa modułu powodującego błąd: KERNELBASE.dll, wersja: 10.0.14393.479, sygnatura czasowa: 0x58256d37 Kod wyjątku: 0xe0434352 Przesunięcie błędu: 0x000da832 Identyfikator procesu powodującego błąd: 0xa00 Godzina uruchomienia aplikacji powodującej błąd: 0x01d29b30aebdd1d6 Ścieżka aplikacji powodującej błąd: C:\Program Files (x86)\Razer\RzWizard\RzWizard.exe Ścieżka modułu powodującego błąd: C:\WINDOWS\System32\KERNELBASE.dll Identyfikator raportu: 7ae28b21-b0d3-4161-ba73-c53d4681e114 Pełna nazwa pakietu powodującego błąd: Identyfikator aplikacji względem pakietu powodującego błąd: Error: (03/12/2017 02:01:23 PM) (Source: .NET Runtime) (EventID: 1026) (User: ) Description: Aplikacja: RzWizard.exe Wersja architektury: v4.0.30319 Opis: proces został przerwany z powodu nieobsłużonego wyjątku. Informacje o wyjątku: System.Xml.XmlException w System.Xml.XmlTextReaderImpl.Throw(System.Exception) w System.Xml.XmlTextReaderImpl.Throw(System.String, System.String[]) w System.Xml.XmlTextReaderImpl.ParseText(Int32 ByRef, Int32 ByRef, Int32 ByRef) w System.Xml.XmlTextReaderImpl.ParseText() w System.Xml.XmlTextReaderImpl.ParseElementContent() w System.Xml.XmlTextReaderImpl.Read() w System.Xml.XmlTextReader.Read() w System.Configuration.XmlUtil.StrictReadToNextElement(System.Configuration.ExceptionAction) w System.Configuration.BaseConfigurationRecord.ScanSectionsRecursive(System.Configuration.XmlUtil, System.String, Boolean, System.String, System.Configuration.OverrideModeSetting, Boolean) w System.Configuration.BaseConfigurationRecord.ScanSectionsRecursive(System.Configuration.XmlUtil, System.String, Boolean, System.String, System.Configuration.OverrideModeSetting, Boolean) w System.Configuration.BaseConfigurationRecord.ScanSections(System.Configuration.XmlUtil) w System.Configuration.BaseConfigurationRecord.InitConfigFromFile() Informacje o wyjątku: System.Configuration.ConfigurationErrorsException w System.Configuration.ConfigurationSchemaErrors.ThrowIfErrors(Boolean) w System.Configuration.BaseConfigurationRecord.ThrowIfParseErrors(System.Configuration.ConfigurationSchemaErrors) w System.Configuration.BaseConfigurationRecord.ThrowIfInitErrors() w System.Configuration.ClientConfigurationSystem.OnConfigRemoved(System.Object, System.Configuration.Internal.InternalConfigEventArgs) Informacje o wyjątku: System.Configuration.ConfigurationErrorsException w System.Configuration.ClientConfigurationSystem.OnConfigRemoved(System.Object, System.Configuration.Internal.InternalConfigEventArgs) w System.Configuration.Internal.InternalConfigRoot.OnConfigRemoved(System.Configuration.Internal.InternalConfigEventArgs) w System.Configuration.Internal.InternalConfigRoot.RemoveConfigImpl(System.String, System.Configuration.BaseConfigurationRecord) w System.Configuration.BaseConfigurationRecord.GetSectionRecursive(System.String, Boolean, Boolean, Boolean, Boolean, System.Object ByRef, System.Object ByRef) w System.Configuration.BaseConfigurationRecord.GetSection(System.String) w System.Configuration.ClientConfigurationSystem.System.Configuration.Internal.IInternalConfigSystem.GetSection(System.String) w System.Configuration.ConfigurationManager.GetSection(System.String) w System.Configuration.ClientSettingsStore.ReadSettings(System.String, Boolean) w System.Configuration.LocalFileSettingsProvider.GetPropertyValues(System.Configuration.SettingsContext, System.Configuration.SettingsPropertyCollection) w System.Configuration.SettingsBase.GetPropertiesFromProvider(System.Configuration.SettingsProvider) w System.Configuration.SettingsBase.GetPropertyValueByName(System.String) w System.Configuration.SettingsBase.get_Item(System.String) w System.Configuration.ApplicationSettingsBase.GetPropertyValue(System.String) w System.Configuration.ApplicationSettingsBase.get_Item(System.String) w Razer.UpdateNInstallManagerUI.Properties.Settings.get_PopupWay() w Razer.UpdateNInstallManagerUI.MiniInstallerUI.MiniInstallerUI_Controller() w Razer.UpdateNInstallManagerUI.MiniInstallerUI..ctor(Boolean) w Razer.MiniInstaller.MiniInstallerVIewModel..ctor() w Razer.MiniInstaller.App.OnStartup(System.Windows.StartupEventArgs) w System.Windows.Application.<.ctor>b__1_0(System.Object) w System.Windows.Threading.ExceptionWrapper.InternalRealCall(System.Delegate, System.Object, Int32) w System.Windows.Threading.ExceptionWrapper.TryCatchWhen(System.Object, System.Delegate, System.Object, Int32, System.Delegate) w System.Windows.Threading.DispatcherOperation.InvokeImpl() w System.Windows.Threading.DispatcherOperation.InvokeInSecurityContext(System.Object) w System.Threading.ExecutionContext.RunInternal(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean) w System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean) w System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object) w MS.Internal.CulturePreservingExecutionContext.Run(MS.Internal.CulturePreservingExecutionContext, System.Threading.ContextCallback, System.Object) w System.Windows.Threading.DispatcherOperation.Invoke() w System.Windows.Threading.Dispatcher.ProcessQueue() w System.Windows.Threading.Dispatcher.WndProcHook(IntPtr, Int32, IntPtr, IntPtr, Boolean ByRef) w MS.Win32.HwndWrapper.WndProc(IntPtr, Int32, IntPtr, IntPtr, Boolean ByRef) w MS.Win32.HwndSubclass.DispatcherCallbackOperation(System.Object) w System.Windows.Threading.ExceptionWrapper.InternalRealCall(System.Delegate, System.Object, Int32) w System.Windows.Threading.ExceptionWrapper.TryCatchWhen(System.Object, System.Delegate, System.Object, Int32, System.Delegate) w System.Windows.Threading.Dispatcher.LegacyInvokeImpl(System.Windows.Threading.DispatcherPriority, System.TimeSpan, System.Delegate, System.Object, Int32) w MS.Win32.HwndSubclass.SubclassWndProc(IntPtr, Int32, IntPtr, IntPtr) w MS.Win32.UnsafeNativeMethods.DispatchMessage(System.Windows.Interop.MSG ByRef) w System.Windows.Threading.Dispatcher.PushFrameImpl(System.Windows.Threading.DispatcherFrame) w System.Windows.Threading.Dispatcher.PushFrame(System.Windows.Threading.DispatcherFrame) w System.Windows.Application.RunDispatcher(System.Object) w System.Windows.Application.RunInternal(System.Windows.Window) w System.Windows.Application.Run(System.Windows.Window) w Razer.MiniInstaller.App.Main() Error: (03/12/2017 01:49:48 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Nazwa aplikacji powodującej błąd: RzWizard.exe, wersja: 1.0.6.1000, sygnatura czasowa: 0x56f20403 Nazwa modułu powodującego błąd: KERNELBASE.dll, wersja: 10.0.14393.479, sygnatura czasowa: 0x58256d37 Kod wyjątku: 0xe0434352 Przesunięcie błędu: 0x000da832 Identyfikator procesu powodującego błąd: 0x22a0 Godzina uruchomienia aplikacji powodującej błąd: 0x01d29b2f147a257c Ścieżka aplikacji powodującej błąd: C:\Program Files (x86)\Razer\RzWizard\RzWizard.exe Ścieżka modułu powodującego błąd: C:\WINDOWS\System32\KERNELBASE.dll Identyfikator raportu: 698131f4-c1de-4084-8f34-6786988acc42 Pełna nazwa pakietu powodującego błąd: Identyfikator aplikacji względem pakietu powodującego błąd: Error: (03/12/2017 01:49:47 PM) (Source: .NET Runtime) (EventID: 1026) (User: ) Description: Aplikacja: RzWizard.exe Wersja architektury: v4.0.30319 Opis: proces został przerwany z powodu nieobsłużonego wyjątku. Informacje o wyjątku: System.Xml.XmlException w System.Xml.XmlTextReaderImpl.Throw(System.Exception) w System.Xml.XmlTextReaderImpl.Throw(System.String, System.String[]) w System.Xml.XmlTextReaderImpl.ParseText(Int32 ByRef, Int32 ByRef, Int32 ByRef) w System.Xml.XmlTextReaderImpl.ParseText() w System.Xml.XmlTextReaderImpl.ParseElementContent() w System.Xml.XmlTextReaderImpl.Read() w System.Xml.XmlTextReader.Read() w System.Configuration.XmlUtil.StrictReadToNextElement(System.Configuration.ExceptionAction) w System.Configuration.BaseConfigurationRecord.ScanSectionsRecursive(System.Configuration.XmlUtil, System.String, Boolean, System.String, System.Configuration.OverrideModeSetting, Boolean) w System.Configuration.BaseConfigurationRecord.ScanSectionsRecursive(System.Configuration.XmlUtil, System.String, Boolean, System.String, System.Configuration.OverrideModeSetting, Boolean) w System.Configuration.BaseConfigurationRecord.ScanSections(System.Configuration.XmlUtil) w System.Configuration.BaseConfigurationRecord.InitConfigFromFile() Informacje o wyjątku: System.Configuration.ConfigurationErrorsException w System.Configuration.ConfigurationSchemaErrors.ThrowIfErrors(Boolean) w System.Configuration.BaseConfigurationRecord.ThrowIfParseErrors(System.Configuration.ConfigurationSchemaErrors) w System.Configuration.BaseConfigurationRecord.ThrowIfInitErrors() w System.Configuration.ClientConfigurationSystem.OnConfigRemoved(System.Object, System.Configuration.Internal.InternalConfigEventArgs) Informacje o wyjątku: System.Configuration.ConfigurationErrorsException w System.Configuration.ClientConfigurationSystem.OnConfigRemoved(System.Object, System.Configuration.Internal.InternalConfigEventArgs) w System.Configuration.Internal.InternalConfigRoot.OnConfigRemoved(System.Configuration.Internal.InternalConfigEventArgs) w System.Configuration.Internal.InternalConfigRoot.RemoveConfigImpl(System.String, System.Configuration.BaseConfigurationRecord) w System.Configuration.BaseConfigurationRecord.GetSectionRecursive(System.String, Boolean, Boolean, Boolean, Boolean, System.Object ByRef, System.Object ByRef) w System.Configuration.BaseConfigurationRecord.GetSection(System.String) w System.Configuration.ClientConfigurationSystem.System.Configuration.Internal.IInternalConfigSystem.GetSection(System.String) w System.Configuration.ConfigurationManager.GetSection(System.String) w System.Configuration.ClientSettingsStore.ReadSettings(System.String, Boolean) w System.Configuration.LocalFileSettingsProvider.GetPropertyValues(System.Configuration.SettingsContext, System.Configuration.SettingsPropertyCollection) w System.Configuration.SettingsBase.GetPropertiesFromProvider(System.Configuration.SettingsProvider) w System.Configuration.SettingsBase.GetPropertyValueByName(System.String) w System.Configuration.SettingsBase.get_Item(System.String) w System.Configuration.ApplicationSettingsBase.GetPropertyValue(System.String) w System.Configuration.ApplicationSettingsBase.get_Item(System.String) w Razer.UpdateNInstallManagerUI.Properties.Settings.get_PopupWay() w Razer.UpdateNInstallManagerUI.MiniInstallerUI.MiniInstallerUI_Controller() w Razer.UpdateNInstallManagerUI.MiniInstallerUI..ctor(Boolean) w Razer.MiniInstaller.MiniInstallerVIewModel..ctor() w Razer.MiniInstaller.App.OnStartup(System.Windows.StartupEventArgs) w System.Windows.Application.<.ctor>b__1_0(System.Object) w System.Windows.Threading.ExceptionWrapper.InternalRealCall(System.Delegate, System.Object, Int32) w System.Windows.Threading.ExceptionWrapper.TryCatchWhen(System.Object, System.Delegate, System.Object, Int32, System.Delegate) w System.Windows.Threading.DispatcherOperation.InvokeImpl() w System.Windows.Threading.DispatcherOperation.InvokeInSecurityContext(System.Object) w System.Threading.ExecutionContext.RunInternal(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean) w System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean) w System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object) w MS.Internal.CulturePreservingExecutionContext.Run(MS.Internal.CulturePreservingExecutionContext, System.Threading.ContextCallback, System.Object) w System.Windows.Threading.DispatcherOperation.Invoke() w System.Windows.Threading.Dispatcher.ProcessQueue() w System.Windows.Threading.Dispatcher.WndProcHook(IntPtr, Int32, IntPtr, IntPtr, Boolean ByRef) w MS.Win32.HwndWrapper.WndProc(IntPtr, Int32, IntPtr, IntPtr, Boolean ByRef) w MS.Win32.HwndSubclass.DispatcherCallbackOperation(System.Object) w System.Windows.Threading.ExceptionWrapper.InternalRealCall(System.Delegate, System.Object, Int32) w System.Windows.Threading.ExceptionWrapper.TryCatchWhen(System.Object, System.Delegate, System.Object, Int32, System.Delegate) w System.Windows.Threading.Dispatcher.LegacyInvokeImpl(System.Windows.Threading.DispatcherPriority, System.TimeSpan, System.Delegate, System.Object, Int32) w MS.Win32.HwndSubclass.SubclassWndProc(IntPtr, Int32, IntPtr, IntPtr) w MS.Win32.UnsafeNativeMethods.DispatchMessage(System.Windows.Interop.MSG ByRef) w System.Windows.Threading.Dispatcher.PushFrameImpl(System.Windows.Threading.DispatcherFrame) w System.Windows.Threading.Dispatcher.PushFrame(System.Windows.Threading.DispatcherFrame) w System.Windows.Application.RunDispatcher(System.Object) w System.Windows.Application.RunInternal(System.Windows.Window) w System.Windows.Application.Run(System.Windows.Window) w Razer.MiniInstaller.App.Main() Error: (03/12/2017 01:48:22 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Nazwa aplikacji powodującej błąd: Explorer.EXE, wersja: 10.0.14393.479, sygnatura czasowa: 0x58258a90 Nazwa modułu powodującego błąd: windows.immersiveshell.serviceprovider.dll, wersja: 10.0.14393.0, sygnatura czasowa: 0x57899873 Kod wyjątku: 0x80270233 Przesunięcie błędu: 0x0000000000033c25 Identyfikator procesu powodującego błąd: 0x700 Godzina uruchomienia aplikacji powodującej błąd: 0x01d29b2edaacd109 Ścieżka aplikacji powodującej błąd: C:\WINDOWS\Explorer.EXE Ścieżka modułu powodującego błąd: C:\Windows\System32\windows.immersiveshell.serviceprovider.dll Identyfikator raportu: 900037e9-d215-4473-97f0-fe4aea73cb70 Pełna nazwa pakietu powodującego błąd: Identyfikator aplikacji względem pakietu powodującego błąd: Error: (03/12/2017 01:41:55 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Nazwa aplikacji powodującej błąd: RzWizard.exe, wersja: 1.0.6.1000, sygnatura czasowa: 0x56f20403 Nazwa modułu powodującego błąd: KERNELBASE.dll, wersja: 10.0.14393.479, sygnatura czasowa: 0x58256d37 Kod wyjątku: 0xe0434352 Przesunięcie błędu: 0x000da832 Identyfikator procesu powodującego błąd: 0x1a08 Godzina uruchomienia aplikacji powodującej błąd: 0x01d29b2df2b9f13d Ścieżka aplikacji powodującej błąd: C:\Program Files (x86)\Razer\RzWizard\RzWizard.exe Ścieżka modułu powodującego błąd: C:\WINDOWS\System32\KERNELBASE.dll Identyfikator raportu: e7f25a01-f222-415b-86b3-fadb10f4eafb Pełna nazwa pakietu powodującego błąd: Identyfikator aplikacji względem pakietu powodującego błąd: Error: (03/12/2017 01:41:51 PM) (Source: .NET Runtime) (EventID: 1026) (User: ) Description: Aplikacja: RzWizard.exe Wersja architektury: v4.0.30319 Opis: proces został przerwany z powodu nieobsłużonego wyjątku. Informacje o wyjątku: System.Xml.XmlException w System.Xml.XmlTextReaderImpl.Throw(System.Exception) w System.Xml.XmlTextReaderImpl.Throw(System.String, System.String[]) w System.Xml.XmlTextReaderImpl.ParseText(Int32 ByRef, Int32 ByRef, Int32 ByRef) w System.Xml.XmlTextReaderImpl.ParseText() w System.Xml.XmlTextReaderImpl.ParseElementContent() w System.Xml.XmlTextReaderImpl.Read() w System.Xml.XmlTextReader.Read() w System.Configuration.XmlUtil.StrictReadToNextElement(System.Configuration.ExceptionAction) w System.Configuration.BaseConfigurationRecord.ScanSectionsRecursive(System.Configuration.XmlUtil, System.String, Boolean, System.String, System.Configuration.OverrideModeSetting, Boolean) w System.Configuration.BaseConfigurationRecord.ScanSectionsRecursive(System.Configuration.XmlUtil, System.String, Boolean, System.String, System.Configuration.OverrideModeSetting, Boolean) w System.Configuration.BaseConfigurationRecord.ScanSections(System.Configuration.XmlUtil) w System.Configuration.BaseConfigurationRecord.InitConfigFromFile() Informacje o wyjątku: System.Configuration.ConfigurationErrorsException w System.Configuration.ConfigurationSchemaErrors.ThrowIfErrors(Boolean) w System.Configuration.BaseConfigurationRecord.ThrowIfParseErrors(System.Configuration.ConfigurationSchemaErrors) w System.Configuration.BaseConfigurationRecord.ThrowIfInitErrors() w System.Configuration.ClientConfigurationSystem.OnConfigRemoved(System.Object, System.Configuration.Internal.InternalConfigEventArgs) Informacje o wyjątku: System.Configuration.ConfigurationErrorsException w System.Configuration.ClientConfigurationSystem.OnConfigRemoved(System.Object, System.Configuration.Internal.InternalConfigEventArgs) w System.Configuration.Internal.InternalConfigRoot.OnConfigRemoved(System.Configuration.Internal.InternalConfigEventArgs) w System.Configuration.Internal.InternalConfigRoot.RemoveConfigImpl(System.String, System.Configuration.BaseConfigurationRecord) w System.Configuration.BaseConfigurationRecord.GetSectionRecursive(System.String, Boolean, Boolean, Boolean, Boolean, System.Object ByRef, System.Object ByRef) w System.Configuration.BaseConfigurationRecord.GetSection(System.String) w System.Configuration.ClientConfigurationSystem.System.Configuration.Internal.IInternalConfigSystem.GetSection(System.String) w System.Configuration.ConfigurationManager.GetSection(System.String) w System.Configuration.ClientSettingsStore.ReadSettings(System.String, Boolean) w System.Configuration.LocalFileSettingsProvider.GetPropertyValues(System.Configuration.SettingsContext, System.Configuration.SettingsPropertyCollection) w System.Configuration.SettingsBase.GetPropertiesFromProvider(System.Configuration.SettingsProvider) w System.Configuration.SettingsBase.GetPropertyValueByName(System.String) w System.Configuration.SettingsBase.get_Item(System.String) w System.Configuration.ApplicationSettingsBase.GetPropertyValue(System.String) w System.Configuration.ApplicationSettingsBase.get_Item(System.String) w Razer.UpdateNInstallManagerUI.Properties.Settings.get_PopupWay() w Razer.UpdateNInstallManagerUI.MiniInstallerUI.MiniInstallerUI_Controller() w Razer.UpdateNInstallManagerUI.MiniInstallerUI..ctor(Boolean) w Razer.MiniInstaller.MiniInstallerVIewModel..ctor() w Razer.MiniInstaller.App.OnStartup(System.Windows.StartupEventArgs) w System.Windows.Application.<.ctor>b__1_0(System.Object) w System.Windows.Threading.ExceptionWrapper.InternalRealCall(System.Delegate, System.Object, Int32) w System.Windows.Threading.ExceptionWrapper.TryCatchWhen(System.Object, System.Delegate, System.Object, Int32, System.Delegate) w System.Windows.Threading.DispatcherOperation.InvokeImpl() w System.Windows.Threading.DispatcherOperation.InvokeInSecurityContext(System.Object) w System.Threading.ExecutionContext.RunInternal(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean) w System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean) w System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object) w MS.Internal.CulturePreservingExecutionContext.Run(MS.Internal.CulturePreservingExecutionContext, System.Threading.ContextCallback, System.Object) w System.Windows.Threading.DispatcherOperation.Invoke() w System.Windows.Threading.Dispatcher.ProcessQueue() w System.Windows.Threading.Dispatcher.WndProcHook(IntPtr, Int32, IntPtr, IntPtr, Boolean ByRef) w MS.Win32.HwndWrapper.WndProc(IntPtr, Int32, IntPtr, IntPtr, Boolean ByRef) w MS.Win32.HwndSubclass.DispatcherCallbackOperation(System.Object) w System.Windows.Threading.ExceptionWrapper.InternalRealCall(System.Delegate, System.Object, Int32) w System.Windows.Threading.ExceptionWrapper.TryCatchWhen(System.Object, System.Delegate, System.Object, Int32, System.Delegate) w System.Windows.Threading.Dispatcher.LegacyInvokeImpl(System.Windows.Threading.DispatcherPriority, System.TimeSpan, System.Delegate, System.Object, Int32) w MS.Win32.HwndSubclass.SubclassWndProc(IntPtr, Int32, IntPtr, IntPtr) w MS.Win32.UnsafeNativeMethods.DispatchMessage(System.Windows.Interop.MSG ByRef) w System.Windows.Threading.Dispatcher.PushFrameImpl(System.Windows.Threading.DispatcherFrame) w System.Windows.Threading.Dispatcher.PushFrame(System.Windows.Threading.DispatcherFrame) w System.Windows.Application.RunDispatcher(System.Object) w System.Windows.Application.RunInternal(System.Windows.Window) w System.Windows.Application.Run(System.Windows.Window) w Razer.MiniInstaller.App.Main() Error: (03/12/2017 01:24:18 PM) (Source: Application Hang) (EventID: 1002) (User: ) Description: Program AdwCleaner.exe w wersji 6.0.4.4 przestał współpracować z systemem Windows i został zamknięty. Aby sprawdzić, czy jest dostępnych więcej informacji na temat tego problemu, sprawdź historię problemu w oknie Zabezpieczenia i konserwacja w Panelu sterowania. Identyfikator procesu: 1280 Godzina rozpoczęcia: 01d29b2b7c64f135 Godzina zakończenia: 4294967295 Ścieżka aplikacji: C:\Users\ŚwiunteG\Desktop\AdwCleaner.exe Identyfikator raportu: ce54c363-071e-11e7-82b8-40e23079f13e Pełna nazwa pakietu powodującego błąd: Identyfikator aplikacji względem pakietu powodującego błąd: Error: (03/12/2017 01:22:57 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Nazwa aplikacji powodującej błąd: RzWizard.exe, wersja: 1.0.6.1000, sygnatura czasowa: 0x56f20403 Nazwa modułu powodującego błąd: KERNELBASE.dll, wersja: 10.0.14393.479, sygnatura czasowa: 0x58256d37 Kod wyjątku: 0xe0434352 Przesunięcie błędu: 0x000da832 Identyfikator procesu powodującego błąd: 0x19d4 Godzina uruchomienia aplikacji powodującej błąd: 0x01d29b2b48f7a4f5 Ścieżka aplikacji powodującej błąd: C:\Program Files (x86)\Razer\RzWizard\RzWizard.exe Ścieżka modułu powodującego błąd: C:\WINDOWS\System32\KERNELBASE.dll Identyfikator raportu: 6ea44547-5b10-4044-873b-4ee28f31c0cc Pełna nazwa pakietu powodującego błąd: Identyfikator aplikacji względem pakietu powodującego błąd: Dziennik System: ============= Error: (03/12/2017 02:20:37 PM) (Source: DCOM) (EventID: 10016) (User: ZARZĄDZANIE NT) Description: Zgodnie z ustawieniami uprawnienia właściwe dla aplikacji nie jest udzielane uprawnienie Lokalny Aktywacja do aplikacji serwera COM z identyfikatorem klasy CLSID {6B3B8D23-FA8D-40B9-8DBD-B950333E2C52} i identyfikatorem aplikacji APPID {4839DDB7-58C2-48F5-8283-E1D1807D0D7D} użytkownikowi ZARZĄDZANIE NT\USŁUGA LOKALNA o identyfikatorze zabezpieczeń SID (S-1-5-19) z adresu LocalHost (użycie LRPC) działającemu w kontenerze aplikacji o identyfikatorze SID Niedostępny (Niedostępny). To uprawnienie zabezpieczeń można modyfikować przy użyciu narzędzia administracyjnego Usługi składowe. Error: (03/12/2017 02:20:37 PM) (Source: DCOM) (EventID: 10016) (User: ZARZĄDZANIE NT) Description: Zgodnie z ustawieniami uprawnienia właściwe dla aplikacji nie jest udzielane uprawnienie Lokalny Aktywacja do aplikacji serwera COM z identyfikatorem klasy CLSID {6B3B8D23-FA8D-40B9-8DBD-B950333E2C52} i identyfikatorem aplikacji APPID {4839DDB7-58C2-48F5-8283-E1D1807D0D7D} użytkownikowi ZARZĄDZANIE NT\USŁUGA LOKALNA o identyfikatorze zabezpieczeń SID (S-1-5-19) z adresu LocalHost (użycie LRPC) działającemu w kontenerze aplikacji o identyfikatorze SID Niedostępny (Niedostępny). To uprawnienie zabezpieczeń można modyfikować przy użyciu narzędzia administracyjnego Usługi składowe. Error: (03/12/2017 02:20:37 PM) (Source: Service Control Manager) (EventID: 7023) (User: ) Description: Usługa CDPUserSvc_1a6352 zakończyła działanie; wystąpił następujący błąd: Nieokreślony błąd. Error: (03/12/2017 02:12:57 PM) (Source: DCOM) (EventID: 10005) (User: ZARZĄDZANIE NT) Description: Model DCOM odebrał błąd 1084 podczas próby uruchomienia usługi dps z argumentami Niedostępny w celu uruchomienia serwera: {DDCFD26B-FEED-44CD-B71D-79487D2E5E5A} Error: (03/12/2017 02:12:57 PM) (Source: DCOM) (EventID: 10005) (User: ZARZĄDZANIE NT) Description: Model DCOM odebrał błąd 1084 podczas próby uruchomienia usługi dps z argumentami Niedostępny w celu uruchomienia serwera: {DDCFD26B-FEED-44CD-B71D-79487D2E5E5A} Error: (03/12/2017 02:12:56 PM) (Source: DCOM) (EventID: 10005) (User: ZARZĄDZANIE NT) Description: Model DCOM odebrał błąd 1084 podczas próby uruchomienia usługi dps z argumentami Niedostępny w celu uruchomienia serwera: {DDCFD26B-FEED-44CD-B71D-79487D2E5E5A} Error: (03/12/2017 02:12:56 PM) (Source: DCOM) (EventID: 10005) (User: ZARZĄDZANIE NT) Description: Model DCOM odebrał błąd 1084 podczas próby uruchomienia usługi dps z argumentami Niedostępny w celu uruchomienia serwera: {DDCFD26B-FEED-44CD-B71D-79487D2E5E5A} Error: (03/12/2017 02:12:55 PM) (Source: DCOM) (EventID: 10016) (User: ZARZĄDZANIE NT) Description: Zgodnie z ustawieniami uprawnienia właściwe dla aplikacji nie jest udzielane uprawnienie Lokalny Aktywacja do aplikacji serwera COM z identyfikatorem klasy CLSID {D63B10C5-BB46-4990-A94F-E40B9D520160} i identyfikatorem aplikacji APPID {9CA88EE3-ACB7-47C8-AFC4-AB702511C276} użytkownikowi ZARZĄDZANIE NT\SYSTEM o identyfikatorze zabezpieczeń SID (S-1-5-18) z adresu LocalHost (użycie LRPC) działającemu w kontenerze aplikacji o identyfikatorze SID Niedostępny (Niedostępny). To uprawnienie zabezpieczeń można modyfikować przy użyciu narzędzia administracyjnego Usługi składowe. Error: (03/12/2017 02:12:53 PM) (Source: DCOM) (EventID: 10005) (User: SWIUNTEG) Description: Model DCOM odebrał błąd 1084 podczas próby uruchomienia usługi WSearch z argumentami Niedostępny w celu uruchomienia serwera: {7D096C5F-AC08-4F1F-BEB7-5C22C517CE39} Error: (03/12/2017 02:12:52 PM) (Source: DCOM) (EventID: 10005) (User: SWIUNTEG) Description: Model DCOM odebrał błąd 1084 podczas próby uruchomienia usługi BITS z argumentami Niedostępny w celu uruchomienia serwera: {4991D34B-80A1-4291-83B6-3328366B9097} CodeIntegrity: =================================== Date: 2017-03-12 13:54:14.832 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Overwolf\0.103.32.0\x64\OWExplorer.dll that did not meet the Store signing level requirements. Date: 2017-03-12 13:43:56.030 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Overwolf\0.103.32.0\x64\OWExplorer.dll that did not meet the Store signing level requirements. Date: 2017-03-07 20:24:41.938 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Overwolf\0.102.217.0\x64\OWExplorer.dll that did not meet the Store signing level requirements. Date: 2017-03-07 20:24:00.151 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Overwolf\0.102.217.0\x64\OWExplorer.dll that did not meet the Store signing level requirements. Date: 2017-03-06 15:31:13.829 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Overwolf\0.102.217.0\x64\OWExplorer.dll that did not meet the Store signing level requirements. Date: 2017-03-06 15:29:32.261 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Overwolf\0.102.217.0\x64\OWExplorer.dll that did not meet the Store signing level requirements. Date: 2017-02-12 19:49:34.963 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Overwolf\0.102.213.0\x64\OWExplorer.dll that did not meet the Store signing level requirements. Date: 2017-02-12 19:49:04.490 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Overwolf\0.102.213.0\x64\OWExplorer.dll that did not meet the Store signing level requirements. Date: 2017-02-10 11:50:46.353 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Windows\System32\DriverStore\FileRepository\nvamwu.inf_amd64_d4715679184092a8\nvinitx.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2017-02-09 18:06:56.298 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Overwolf\0.102.213.0\x64\OWExplorer.dll that did not meet the Store signing level requirements. ==================== Statystyki pamięci =========================== Procesor: Intel(R) Core(TM) i7-4710HQ CPU @ 2.50GHz Procent pamięci w użyciu: 43% Całkowita pamięć fizyczna: 8075.01 MB Dostępna pamięć fizyczna: 4547.46 MB Całkowita pamięć wirtualna: 9355.01 MB Dostępna pamięć wirtualna: 5714.38 MB ==================== Dyski ================================ Drive c: (OS) (Fixed) (Total:372.6 GB) (Free:282.75 GB) NTFS ==>[system z komponentami startowymi (pozyskano odczytując dysk)] Drive d: () (Fixed) (Total:537.8 GB) (Free:334.31 GB) NTFS ==================== MBR & Tablica partycji ================== ======================================================== Disk: 0 (Size: 931.5 GB) (Disk ID: 53CC8339) Partition: GPT. ==================== Koniec Addition.txt ============================