Rezultaty skanu uzupełniającego Farbar Recovery Scan Tool (x64) Wersja: 23-11-2017 Uruchomiony przez Paweł (24-11-2017 13:05:40) Uruchomiony z C:\Users\Paweł\Desktop Windows 10 Pro Wersja 1607 14393.187 (X64) (2016-12-12 16:34:43) Tryb startu: Normal ========================================================== ==================== Konta użytkowników: ============================= Administrator (S-1-5-21-762855376-3572002887-441578724-500 - Administrator - Disabled) defaultuser0 (S-1-5-21-762855376-3572002887-441578724-1000 - Limited - Disabled) => C:\Users\defaultuser0 Gość (S-1-5-21-762855376-3572002887-441578724-501 - Limited - Disabled) Konto domyślne (S-1-5-21-762855376-3572002887-441578724-503 - Limited - Disabled) Paweł (S-1-5-21-762855376-3572002887-441578724-1001 - Administrator - Enabled) => C:\Users\Paweł ==================== Centrum zabezpieczeń ======================== (Załączenie wejścia w fixlist spowoduje jego usunięcie.) AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} ==================== Zainstalowane programy ====================== (W fixlist dozwolone tylko załączanie programów adware z flagą "Hidden" w celu ich uwidocznienia. Programy adware powinny zostać w poprawny sposób odinstalowane.) 2007 Microsoft Office Suite Service Pack 2 (SP2) (HKLM-x32\...\{90120000-0015-0415-0000-0000000FF1CE}_ENTERPRISE_{79EB535E-76E4-4356-8146-A24EE55AB69D}) (Version: - Microsoft) Hidden 2007 Microsoft Office Suite Service Pack 2 (SP2) (HKLM-x32\...\{90120000-0016-0415-0000-0000000FF1CE}_ENTERPRISE_{79EB535E-76E4-4356-8146-A24EE55AB69D}) (Version: - Microsoft) Hidden 2007 Microsoft Office Suite Service Pack 2 (SP2) (HKLM-x32\...\{90120000-0018-0415-0000-0000000FF1CE}_ENTERPRISE_{79EB535E-76E4-4356-8146-A24EE55AB69D}) (Version: - Microsoft) Hidden 2007 Microsoft Office Suite Service Pack 2 (SP2) (HKLM-x32\...\{90120000-0019-0415-0000-0000000FF1CE}_ENTERPRISE_{79EB535E-76E4-4356-8146-A24EE55AB69D}) (Version: - Microsoft) Hidden 2007 Microsoft Office Suite Service Pack 2 (SP2) (HKLM-x32\...\{90120000-001A-0415-0000-0000000FF1CE}_ENTERPRISE_{79EB535E-76E4-4356-8146-A24EE55AB69D}) (Version: - Microsoft) Hidden 2007 Microsoft Office Suite Service Pack 2 (SP2) (HKLM-x32\...\{90120000-001B-0415-0000-0000000FF1CE}_ENTERPRISE_{79EB535E-76E4-4356-8146-A24EE55AB69D}) (Version: - Microsoft) Hidden 2007 Microsoft Office Suite Service Pack 2 (SP2) (HKLM-x32\...\{90120000-001F-0407-0000-0000000FF1CE}_ENTERPRISE_{A0516415-ED61-419A-981D-93596DA74165}) (Version: - Microsoft) Hidden 2007 Microsoft Office Suite Service Pack 2 (SP2) (HKLM-x32\...\{90120000-001F-0409-0000-0000000FF1CE}_ENTERPRISE_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}) (Version: - Microsoft) Hidden 2007 Microsoft Office Suite Service Pack 2 (SP2) (HKLM-x32\...\{90120000-001F-0415-0000-0000000FF1CE}_ENTERPRISE_{E9EA2604-8AC9-47D2-8F4B-6BF60787A357}) (Version: - Microsoft) Hidden 2007 Microsoft Office Suite Service Pack 2 (SP2) (HKLM-x32\...\{90120000-002A-0000-1000-0000000FF1CE}_ENTERPRISE_{E64BA721-2310-4B55-BE5A-2925F9706192}) (Version: - Microsoft) Hidden 2007 Microsoft Office Suite Service Pack 2 (SP2) (HKLM-x32\...\{90120000-002A-0415-1000-0000000FF1CE}_ENTERPRISE_{D45F91DE-F0FC-4D5F-9A0C-FDE5B251AAC6}) (Version: - Microsoft) Hidden 2007 Microsoft Office Suite Service Pack 2 (SP2) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}) (Version: - Microsoft) 2007 Microsoft Office Suite Service Pack 2 (SP2) (HKLM-x32\...\{90120000-0044-0415-0000-0000000FF1CE}_ENTERPRISE_{79EB535E-76E4-4356-8146-A24EE55AB69D}) (Version: - Microsoft) Hidden 2007 Microsoft Office Suite Service Pack 2 (SP2) (HKLM-x32\...\{90120000-006E-0415-0000-0000000FF1CE}_ENTERPRISE_{D45F91DE-F0FC-4D5F-9A0C-FDE5B251AAC6}) (Version: - Microsoft) Hidden 2007 Microsoft Office Suite Service Pack 2 (SP2) (HKLM-x32\...\{90120000-00A1-0415-0000-0000000FF1CE}_ENTERPRISE_{79EB535E-76E4-4356-8146-A24EE55AB69D}) (Version: - Microsoft) Hidden 2007 Microsoft Office Suite Service Pack 2 (SP2) (HKLM-x32\...\{90120000-00BA-0415-0000-0000000FF1CE}_ENTERPRISE_{79EB535E-76E4-4356-8146-A24EE55AB69D}) (Version: - Microsoft) Hidden Adobe Flash Player 27 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 27.0.0.187 - Adobe Systems Incorporated) Adobe Reader 6.0.2 CE (HKLM-x32\...\{AC76BA86-7AD7-1038-7B44-CEA000000001}) (Version: 006.000.002 - Adobe Systems Incorporated) ATK Package (HKLM-x32\...\{AB5C933E-5C7D-4D30-B314-9C83A49B94BE}) (Version: 1.0.0041 - ASUS) CCleaner (HKLM\...\CCleaner) (Version: 5.26 - Piriform) Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 21.20.16.4678 - Intel Corporation) Malwarebytes (wersja 3.3.1.2183) (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.3.1.2183 - Malwarebytes) Microsoft Office Enterprise 2007 (HKLM-x32\...\ENTERPRISE) (Version: 12.0.6425.1000 - Microsoft Corporation) Microsoft OneDrive (HKU\S-1-5-21-762855376-3572002887-441578724-1001\...\OneDriveSetup.exe) (Version: 17.3.7076.1026 - Microsoft Corporation) Mozilla Firefox 57.0 (x64 pl) (HKLM\...\Mozilla Firefox 57.0 (x64 pl)) (Version: 57.0 - Mozilla) Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 56.0.2 - Mozilla) PLAY ONLINE (HKLM-x32\...\PLAY ONLINE) (Version: 23.015.05.00.264 - Huawei Technologies Co.,Ltd) Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 10.0.10586.31222 - Realtek Semiconduct Corp.) Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7673 - Realtek Semiconductor Corp.) WinCDEmu (HKLM-x32\...\WinCDEmu) (Version: 4.1 - Sysprogs) WinRAR 5.10 (64-bitowy) (HKLM\...\WinRAR archiver) (Version: 5.10.0 - win.rar GmbH) ==================== Niestandardowe rejestracje CLSID (filtrowane): ========================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) ContextMenuHandlers1: [WinCDEmu] -> {D0E37FD2-F675-426F-B09A-2CF37BA46FD5} => C:\Program Files (x86)\WinCDEmu\x64\WinCDEmuContextMenu.dll [2015-09-28] (Sysprogs OU) ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2014-06-13] (Alexander Roshal) ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2014-06-13] (Alexander Roshal) ContextMenuHandlers2: [WinCDEmu] -> {A9901FCD-B4DF-43A1-BD5D-6C9F88679497} => C:\Program Files (x86)\WinCDEmu\x64\WinCDEmuContextMenu.dll [2015-09-28] (Sysprogs OU) ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2017-11-01] (Malwarebytes) ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> Brak pliku ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_6d1fd205efa7f979\igfxDTCM.dll [2017-05-30] (Intel Corporation) ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2017-11-01] (Malwarebytes) ContextMenuHandlers6: [WinCDEmu] -> {A9901FCD-B4DF-43A1-BD5D-6C9F88679497} => C:\Program Files (x86)\WinCDEmu\x64\WinCDEmuContextMenu.dll [2015-09-28] (Sysprogs OU) ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2014-06-13] (Alexander Roshal) ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2014-06-13] (Alexander Roshal) ==================== Zaplanowane zadania (filtrowane) ============= (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) Task: {26CBD192-A932-40B8-90E9-16721ED10AFD} - System32\Tasks\ATK Package A22126881260 => C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\SimAppExec.exe [2015-03-10] (ASUSTek Computer Inc.) Task: {33A193A4-C901-483C-AD64-F6D4C1886672} - System32\Tasks\ATK Package 36D18D69AFC3 => C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\SimAppExec.exe [2015-03-10] (ASUSTek Computer Inc.) Task: {3B8C07AA-2CCB-46C6-8D09-1F79DBC8BC11} - System32\Tasks\Update-S-1-8-22 => C:\Windows\explorer.exe hxxp://ifmaxi.ru <==== UWAGA Task: {5C560BCC-C9E6-443C-AFC5-FCCCE211A310} - System32\Tasks\RtHDVBg_ListenToDevice => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2015-11-30] (Realtek Semiconductor) Task: {735472A3-83A0-48B8-BC48-4884FB27929E} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2016-12-21] (Piriform Ltd) Task: {D5293772-8BC7-41B0-853D-D816C925867B} - System32\Tasks\RTKCPL => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2015-11-30] (Realtek Semiconductor) Task: {DC1779FB-64C9-4D7F-8C62-DAB40375D474} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWoW64\Macromed\Flash\FlashPlayerUpdateService.exe [2017-11-15] (Adobe Systems Incorporated) (Załączenie wejścia w fixlist spowoduje przesunięcie pliku zadania (.job). Plik uruchamiany docelowo przez zadanie nie zostanie przeniesiony.) ==================== Skróty & WMI ======================== (Wybrane wejścia mogą zostać załączone w celu ich zresetowania lub usunięcia.) ==================== Załadowane moduły (filtrowane) ============== 2016-07-16 12:42 - 2016-07-16 12:42 - 000231424 _____ () C:\Windows\SYSTEM32\ism32k.dll 2016-09-13 20:12 - 2016-09-13 20:12 - 002681200 _____ () C:\Windows\system32\CoreUIComponents.dll 2017-11-04 19:21 - 2017-11-01 08:55 - 002299344 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\SelfProtectionSdk.dll 2016-12-12 17:48 - 2013-10-26 10:45 - 000651856 _____ () C:\ProgramData\PLAY ONLINE\OnlineUpdate\ouc.exe 2016-09-13 20:12 - 2016-09-13 20:12 - 000134656 _____ () C:\Windows\ShellExperiences\Windows.UI.Shell.SharedUtilities.dll 2016-09-13 20:12 - 2016-09-13 20:12 - 000474112 _____ () C:\Windows\ShellExperiences\QuickActions.dll 2016-12-12 17:48 - 2016-12-12 17:48 - 000515072 _____ () C:\Program Files (x86)\PLAY ONLINE\PLAY ONLINE.exe 2016-07-16 23:12 - 2016-07-16 23:12 - 000071168 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.4.86.0_x64__kzf8qxf38zg5c\SkypeHost.exe 2016-07-16 23:12 - 2016-07-16 23:12 - 000157184 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.4.86.0_x64__kzf8qxf38zg5c\SkypeBackgroundTasks.dll 2016-07-16 23:12 - 2016-07-16 23:12 - 029443072 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.4.86.0_x64__kzf8qxf38zg5c\SkyWrap.dll 2016-09-13 20:12 - 2016-09-13 20:12 - 009760256 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll 2016-09-13 20:12 - 2016-09-13 20:12 - 001401344 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll 2016-09-13 20:12 - 2016-09-13 20:12 - 000757248 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CSGSuggestLib.dll 2016-09-13 20:12 - 2016-09-13 20:12 - 002438144 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll 2016-09-13 20:12 - 2016-09-13 20:12 - 004853760 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll 2016-12-12 17:48 - 2013-08-31 06:44 - 002417152 _____ () C:\ProgramData\PLAY ONLINE\OnlineUpdate\QtCore4.dll 2016-12-12 17:48 - 2013-08-31 06:46 - 001148416 _____ () C:\ProgramData\PLAY ONLINE\OnlineUpdate\QtNetwork4.dll 2016-12-12 17:48 - 2009-01-10 19:32 - 000011362 _____ () C:\ProgramData\PLAY ONLINE\OnlineUpdate\mingwm10.dll 2016-12-12 17:48 - 2009-06-23 03:42 - 000043008 _____ () C:\ProgramData\PLAY ONLINE\OnlineUpdate\libgcc_s_dw2-1.dll 2016-12-12 17:48 - 2014-06-03 06:17 - 000562688 _____ () C:\Program Files (x86)\PLAY ONLINE\core.dll 2016-12-12 17:48 - 2014-02-28 03:45 - 000288768 _____ () C:\Program Files (x86)\PLAY ONLINE\sdk.dll 2016-12-12 17:48 - 2013-08-31 06:44 - 002417152 _____ () C:\Program Files (x86)\PLAY ONLINE\QtCore4.dll 2016-12-12 17:48 - 2013-08-31 06:59 - 009559040 _____ () C:\Program Files (x86)\PLAY ONLINE\QtGui4.dll 2016-12-12 17:48 - 2009-01-10 19:32 - 000011362 _____ () C:\Program Files (x86)\PLAY ONLINE\mingwm10.dll 2016-12-12 17:48 - 2009-06-23 03:42 - 000043008 _____ () C:\Program Files (x86)\PLAY ONLINE\libgcc_s_dw2-1.dll 2016-12-12 17:48 - 2013-08-31 23:11 - 015675904 _____ () C:\Program Files (x86)\PLAY ONLINE\QtWebKit4.DLL 2016-12-12 17:48 - 2013-08-31 06:46 - 001148416 _____ () C:\Program Files (x86)\PLAY ONLINE\QtNetwork4.dll 2016-12-12 17:48 - 2013-08-31 22:12 - 003962368 _____ () C:\Program Files (x86)\PLAY ONLINE\QtXmlPatterns4.dll 2016-12-12 17:48 - 2013-08-31 22:13 - 000306176 _____ () C:\Program Files (x86)\PLAY ONLINE\phonon4.dll 2016-12-12 17:48 - 2014-02-28 03:45 - 000407552 _____ () C:\Program Files (x86)\PLAY ONLINE\Proxy.DLL 2016-12-12 17:48 - 2014-02-28 03:45 - 000628224 _____ () C:\Program Files (x86)\PLAY ONLINE\Common.dll 2016-12-12 17:48 - 2014-02-28 03:45 - 000157696 _____ () C:\Program Files (x86)\PLAY ONLINE\Trace.dll 2016-12-12 17:48 - 2014-02-28 03:45 - 000583168 _____ () C:\Program Files (x86)\PLAY ONLINE\PluginContainer.dll 2016-12-12 17:48 - 2014-02-28 03:45 - 000646144 _____ () C:\Program Files (x86)\PLAY ONLINE\AtCodec.dll 2016-12-12 17:48 - 2014-02-28 03:45 - 000730112 _____ () C:\Program Files (x86)\PLAY ONLINE\DeviceSrvPlugin.dll 2016-12-12 17:48 - 2014-02-28 03:45 - 000195584 _____ () C:\Program Files (x86)\PLAY ONLINE\XCodec.dll 2016-12-12 17:48 - 2014-02-28 03:45 - 000253952 _____ () C:\Program Files (x86)\PLAY ONLINE\NetSrvPlugin.dll 2016-12-12 17:48 - 2014-02-28 03:45 - 000166912 _____ () C:\Program Files (x86)\PLAY ONLINE\OSDialup.dll 2016-12-12 17:48 - 2014-02-28 03:45 - 000155136 _____ () C:\Program Files (x86)\PLAY ONLINE\DataServicePlugin.dll 2016-12-12 17:48 - 2014-02-28 03:45 - 000672768 _____ () C:\Program Files (x86)\PLAY ONLINE\AddrBookSrvPlugin.dll 2016-12-12 17:48 - 2014-02-28 03:45 - 000220160 _____ () C:\Program Files (x86)\PLAY ONLINE\SmsSrvPlugin.dll 2016-12-12 17:48 - 2014-02-28 03:45 - 000142336 _____ () C:\Program Files (x86)\PLAY ONLINE\USSDSrvPlugin.dll 2016-12-12 17:48 - 2014-02-28 03:45 - 000157184 _____ () C:\Program Files (x86)\PLAY ONLINE\STKSrvPlugin.dll 2016-12-12 17:48 - 2014-02-28 03:45 - 000731136 _____ () C:\Program Files (x86)\PLAY ONLINE\DeviceAppPlugin.dll 2016-12-12 17:48 - 2014-02-28 03:45 - 000065536 _____ () C:\Program Files (x86)\PLAY ONLINE\OSPowerMgr.dll 2016-12-12 17:48 - 2013-09-25 01:50 - 000155648 _____ () C:\Program Files (x86)\PLAY ONLINE\Win7Support.dll 2016-12-12 17:48 - 2014-02-28 03:45 - 001124352 _____ () C:\Program Files (x86)\PLAY ONLINE\AddrBookPlugin.dll 2016-12-12 17:48 - 2014-02-28 03:45 - 000704000 _____ () C:\Program Files (x86)\PLAY ONLINE\SmsAppPlugin.dll 2016-12-12 17:48 - 2014-02-28 03:45 - 000158720 _____ () C:\Program Files (x86)\PLAY ONLINE\NetConnectSrvPlugin.dll 2016-12-12 17:48 - 2014-02-28 03:45 - 000236032 _____ () C:\Program Files (x86)\PLAY ONLINE\DialUpPlugin.dll 2016-12-12 17:48 - 2014-02-28 03:45 - 000102400 _____ () C:\Program Files (x86)\PLAY ONLINE\OSAdapt.dll 2016-12-12 17:48 - 2014-02-28 03:45 - 000201728 _____ () C:\Program Files (x86)\PLAY ONLINE\NDISPlugin.dll 2016-12-12 17:48 - 2014-02-28 03:45 - 000131584 _____ () C:\Program Files (x86)\PLAY ONLINE\OSNDIS.dll 2016-12-12 17:48 - 2013-10-26 02:41 - 001146880 _____ () C:\Program Files (x86)\PLAY ONLINE\NDISAPI.dll 2016-12-12 17:48 - 2014-02-28 03:45 - 000702464 _____ () C:\Program Files (x86)\PLAY ONLINE\NetInfoSrvPlugin.dll 2016-12-12 17:48 - 2014-02-28 03:46 - 000581120 _____ () C:\Program Files (x86)\PLAY ONLINE\DeviceMgrUIPlugin.dll 2016-12-12 17:48 - 2013-08-31 06:44 - 000398336 _____ () C:\Program Files (x86)\PLAY ONLINE\QtXml4.dll 2016-12-12 17:48 - 2014-02-28 03:45 - 000168960 _____ () C:\Program Files (x86)\PLAY ONLINE\ATR2SMgr.dll 2016-12-12 17:48 - 2014-06-05 08:03 - 000287744 _____ () C:\Program Files (x86)\PLAY ONLINE\XFramePlugin.dll 2016-12-12 17:48 - 2014-02-28 03:46 - 000323072 _____ () C:\Program Files (x86)\PLAY ONLINE\StatusBarMgrPlugin.dll 2016-12-12 17:48 - 2014-02-28 03:46 - 000394240 _____ () C:\Program Files (x86)\PLAY ONLINE\NetConnectPlugin.dll 2016-12-12 17:48 - 2014-06-03 06:17 - 000599552 _____ () C:\Program Files (x86)\PLAY ONLINE\DialupUIPlugin.dll 2016-12-12 17:48 - 2014-02-28 03:46 - 000097792 _____ () C:\Program Files (x86)\PLAY ONLINE\NotifyServicePlugin.dll 2016-12-12 17:48 - 2014-02-28 03:46 - 000117248 _____ () C:\Program Files (x86)\PLAY ONLINE\LayoutPlugin.dll 2016-12-12 17:48 - 2014-06-05 08:03 - 000103424 _____ () C:\Program Files (x86)\PLAY ONLINE\MainpagePlugin.dll 2016-12-12 17:48 - 2014-02-28 03:47 - 000119296 _____ () C:\Program Files (x86)\PLAY ONLINE\ConnectMgrUIPlugin.dll 2016-12-12 17:48 - 2014-06-03 06:18 - 000339456 _____ () C:\Program Files (x86)\PLAY ONLINE\MenuMgrPlugin.dll 2016-12-12 17:48 - 2014-02-28 03:46 - 000487424 _____ () C:\Program Files (x86)\PLAY ONLINE\USSDUIPlugin.dll 2016-12-12 17:48 - 2014-02-28 03:46 - 000303616 _____ () C:\Program Files (x86)\PLAY ONLINE\DiagnosisPlugin.dll 2016-12-12 17:48 - 2014-02-28 03:46 - 000493056 _____ () C:\Program Files (x86)\PLAY ONLINE\NetInfoUIExPlugin.dll 2016-12-12 17:48 - 2014-06-03 06:18 - 000855552 _____ () C:\Program Files (x86)\PLAY ONLINE\SMSUIPlugin.dll 2016-12-12 17:48 - 2014-02-28 03:46 - 000819712 _____ () C:\Program Files (x86)\PLAY ONLINE\AddrBookUIPlugin.dll 2016-12-12 17:48 - 2014-06-03 06:18 - 000224768 _____ () C:\Program Files (x86)\PLAY ONLINE\ToolBarMgrPlugin.dll 2016-12-12 17:48 - 2013-09-25 01:49 - 000082944 _____ () C:\Program Files (x86)\PLAY ONLINE\plugins\imageformats\qgif4.dll 2016-12-12 17:48 - 2013-09-25 01:49 - 000081920 _____ () C:\Program Files (x86)\PLAY ONLINE\plugins\imageformats\qico4.dll 2016-12-12 17:48 - 2013-09-25 01:49 - 000192000 _____ () C:\Program Files (x86)\PLAY ONLINE\plugins\imageformats\qjpeg4.dll 2016-12-12 17:48 - 2013-09-25 01:49 - 000350720 _____ () C:\Program Files (x86)\PLAY ONLINE\plugins\imageformats\qmng4.dll 2016-12-12 17:48 - 2013-09-25 01:49 - 000370176 _____ () C:\Program Files (x86)\PLAY ONLINE\plugins\imageformats\qtiff4.dll 2016-12-12 17:48 - 2013-10-26 10:08 - 000692224 _____ () C:\Program Files (x86)\PLAY ONLINE\LiveUpdateInterface.DLL ==================== Alternate Data Streams (filtrowane) ========= (Załączenie wejścia w fixlist spowoduje usunięcie strumienia ADS.) ==================== Tryb awaryjny (filtrowane) =================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Wartość "AlternateShell" zostanie przywrócona.) HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service" ==================== Powiązania plików (filtrowane) =============== (Załączenie wejścia w fixlist spowoduje usunięcie obiektu z rejestru lub przywrócenie jego domyślnej postaci.) ==================== Internet Explorer - Witryny zaufane i z ograniczeniami =============== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru.) ==================== Hosts - zawartość: =============================== (Użycie dyrektywy Hosts: w fixlist spowoduje reset pliku Hosts.) 2016-07-16 12:47 - 2016-07-16 12:45 - 000000824 _____ C:\Windows\system32\Drivers\etc\hosts ==================== Inne obszary ============================ (Obecnie brak automatycznej naprawy dla tej sekcji.) HKU\S-1-5-21-762855376-3572002887-441578724-1001\Control Panel\Desktop\\Wallpaper -> c:\windows\web\wallpaper\theme1\img1.jpg DNS Servers: 89.108.195.20 - 185.89.185.1 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1) HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: Off) Zapora systemu Windows [funkcja włączona] ==================== MSCONFIG/TASK MANAGER - Wyłączone elementy == MSCONFIG\Services: ASLDRService => 2 MSCONFIG\Services: HWDeviceService64.exe => 2 MSCONFIG\Services: igfxCUIService2.0.0.0 => 2 MSCONFIG\Services: MozillaMaintenance => 3 HKU\S-1-5-21-762855376-3572002887-441578724-1001\...\StartupApproved\Run: => "OneDrive" ==================== Reguły Zapory systemu Windows (filtrowane) =============== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) FirewallRules: [{43C5CB8C-1BFF-419E-8809-2F3E7FD07A55}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe FirewallRules: [{70E2A6EB-F436-4D74-AB1F-7BF5859F646A}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe ==================== Punkty Przywracania systemu ========================= UWAGA: Przywracanie systemu jest wyłączone ==================== Wadliwe urządzenia w Menedżerze urządzeń ============= Name: Description: Class Guid: Manufacturer: Service: Problem: : The drivers for this device are not installed. (Code 28) Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard. Name: Description: Class Guid: Manufacturer: Service: Problem: : The drivers for this device are not installed. (Code 28) Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard. Name: Description: Class Guid: Manufacturer: Service: Problem: : The drivers for this device are not installed. (Code 28) Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard. Name: Description: Class Guid: Manufacturer: Service: Problem: : The drivers for this device are not installed. (Code 28) Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard. Name: Description: Class Guid: Manufacturer: Service: Problem: : The drivers for this device are not installed. (Code 28) Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard. Name: Kontroler pamięci PCI Description: Kontroler pamięci PCI Class Guid: Manufacturer: Service: Problem: : The drivers for this device are not installed. (Code 28) Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard. Name: Description: Class Guid: Manufacturer: Service: Problem: : The drivers for this device are not installed. (Code 28) Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard. Name: Kontroler magistrali zarządzania systemem Description: Kontroler magistrali zarządzania systemem Class Guid: Manufacturer: Service: Problem: : The drivers for this device are not installed. (Code 28) Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard. Name: Kontroler PCI gromadzenia danych i przetwarzania sygnałów Description: Kontroler PCI gromadzenia danych i przetwarzania sygnałów Class Guid: Manufacturer: Service: Problem: : The drivers for this device are not installed. (Code 28) Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard. Name: Kontroler PCI gromadzenia danych i przetwarzania sygnałów Description: Kontroler PCI gromadzenia danych i przetwarzania sygnałów Class Guid: Manufacturer: Service: Problem: : The drivers for this device are not installed. (Code 28) Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard. Name: Kontroler PCI Simple Communications Description: Kontroler PCI Simple Communications Class Guid: Manufacturer: Service: Problem: : The drivers for this device are not installed. (Code 28) Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard. ==================== Błędy w Dzienniku zdarzeń: ========================= Dziennik Aplikacja: ================== Error: (11/24/2017 08:57:57 AM) (Source: Software Protection Platform Service) (EventID: 8198) (User: ) Description: Aktywacja licencji (slui.exe) nie powiodła się, kod błędu: hr=0xC004F074 Argumenty wiersza polecenia: RuleId=502ff3ba-669a-4674-bbb1-601f34a3b968;Action=AutoActivateSilent;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=2de67392-b7a7-462a-b1ca-108dd189f588;NotificationInterval=1440;Trigger=NetworkAvailable Error: (11/24/2017 08:57:56 AM) (Source: Software Protection Platform Service) (EventID: 8198) (User: ) Description: Aktywacja licencji (slui.exe) nie powiodła się, kod błędu: hr=0xC004F074 Argumenty wiersza polecenia: RuleId=502ff3ba-669a-4674-bbb1-601f34a3b968;Action=AutoActivateSilent;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=2de67392-b7a7-462a-b1ca-108dd189f588;NotificationInterval=1440;Trigger=UserLogon;SessionId=1 Error: (11/24/2017 08:43:27 AM) (Source: Software Protection Platform Service) (EventID: 8198) (User: ) Description: Aktywacja licencji (slui.exe) nie powiodła się, kod błędu: hr=0xC004F074 Argumenty wiersza polecenia: RuleId=502ff3ba-669a-4674-bbb1-601f34a3b968;Action=AutoActivateSilent;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=2de67392-b7a7-462a-b1ca-108dd189f588;NotificationInterval=1440;Trigger=NetworkAvailable Error: (11/24/2017 08:43:25 AM) (Source: Software Protection Platform Service) (EventID: 8198) (User: ) Description: Aktywacja licencji (slui.exe) nie powiodła się, kod błędu: hr=0xC004F074 Argumenty wiersza polecenia: RuleId=502ff3ba-669a-4674-bbb1-601f34a3b968;Action=AutoActivateSilent;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=2de67392-b7a7-462a-b1ca-108dd189f588;NotificationInterval=1440;Trigger=UserLogon;SessionId=1 Error: (11/23/2017 09:54:49 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Nazwa aplikacji powodującej błąd: svchost.exe_MapsBroker, wersja: 10.0.14393.0, sygnatura czasowa: 0x57899b1c Nazwa modułu powodującego błąd: MosHostCore.dll, wersja: 10.0.14393.187, sygnatura czasowa: 0x57cf9ddf Kod wyjątku: 0x84000058 Przesunięcie błędu: 0x0000000000029462 Identyfikator procesu powodującego błąd: 0x670 Godzina uruchomienia aplikacji powodującej błąd: 0x01d3649be6af0d70 Ścieżka aplikacji powodującej błąd: C:\Windows\System32\svchost.exe Ścieżka modułu powodującego błąd: C:\Windows\SYSTEM32\MosHostCore.dll Identyfikator raportu: a751f4f4-12dd-4ba6-85ff-82789071051f Pełna nazwa pakietu powodującego błąd: Identyfikator aplikacji względem pakietu powodującego błąd: Error: (11/23/2017 06:23:54 PM) (Source: Software Protection Platform Service) (EventID: 8198) (User: ) Description: Aktywacja licencji (slui.exe) nie powiodła się, kod błędu: hr=0xC004F074 Argumenty wiersza polecenia: RuleId=502ff3ba-669a-4674-bbb1-601f34a3b968;Action=AutoActivateSilent;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=2de67392-b7a7-462a-b1ca-108dd189f588;NotificationInterval=1440;Trigger=NetworkAvailable Error: (11/23/2017 06:23:53 PM) (Source: Software Protection Platform Service) (EventID: 8198) (User: ) Description: Aktywacja licencji (slui.exe) nie powiodła się, kod błędu: hr=0xC004F074 Argumenty wiersza polecenia: RuleId=502ff3ba-669a-4674-bbb1-601f34a3b968;Action=AutoActivateSilent;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=2de67392-b7a7-462a-b1ca-108dd189f588;NotificationInterval=1440;Trigger=UserLogon;SessionId=1 Error: (11/23/2017 12:37:07 PM) (Source: Software Protection Platform Service) (EventID: 8198) (User: ) Description: Aktywacja licencji (slui.exe) nie powiodła się, kod błędu: hr=0xC004F074 Argumenty wiersza polecenia: RuleId=502ff3ba-669a-4674-bbb1-601f34a3b968;Action=AutoActivateSilent;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=2de67392-b7a7-462a-b1ca-108dd189f588;NotificationInterval=1440;Trigger=NetworkAvailable Error: (11/23/2017 12:37:04 PM) (Source: Software Protection Platform Service) (EventID: 8198) (User: ) Description: Aktywacja licencji (slui.exe) nie powiodła się, kod błędu: hr=0xC004F074 Argumenty wiersza polecenia: RuleId=502ff3ba-669a-4674-bbb1-601f34a3b968;Action=AutoActivateSilent;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=2de67392-b7a7-462a-b1ca-108dd189f588;NotificationInterval=1440;Trigger=UserLogon;SessionId=1 Error: (11/23/2017 08:57:30 AM) (Source: Software Protection Platform Service) (EventID: 8198) (User: ) Description: Aktywacja licencji (slui.exe) nie powiodła się, kod błędu: hr=0xC004F074 Argumenty wiersza polecenia: RuleId=502ff3ba-669a-4674-bbb1-601f34a3b968;Action=AutoActivateSilent;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=2de67392-b7a7-462a-b1ca-108dd189f588;NotificationInterval=1440;Trigger=NetworkAvailable Dziennik System: ============= Error: (11/24/2017 08:57:48 AM) (Source: Service Control Manager) (EventID: 7023) (User: ) Description: Usługa CDPUserSvc_2aff2 zakończyła działanie; wystąpił następujący błąd: Nieokreślony błąd. Error: (11/24/2017 08:57:48 AM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Nie można uruchomić usługi PLAY ONLINE. RunOuc z powodu następującego błędu: Usługa nie odpowiada na sygnał uruchomienia lub sygnał sterujący w oczekiwanym czasie. Error: (11/24/2017 08:57:48 AM) (Source: Service Control Manager) (EventID: 7009) (User: ) Description: Upłynął limit czasu (30000 ms) podczas oczekiwania na połączenie się z usługą PLAY ONLINE. RunOuc. Error: (11/24/2017 08:57:47 AM) (Source: Service Control Manager) (EventID: 7023) (User: ) Description: Usługa cphs zakończyła działanie; wystąpił następujący błąd: %%2147942659 = Brak dalszych danych. Error: (11/24/2017 08:57:20 AM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: Usługa Intel(R) Content Protection HDCP Service niespodziewanie zakończyła pracę. Wystąpiło to razy: 1. Error: (11/24/2017 08:43:17 AM) (Source: Service Control Manager) (EventID: 7023) (User: ) Description: Usługa CDPUserSvc_2b97a zakończyła działanie; wystąpił następujący błąd: Nieokreślony błąd. Error: (11/24/2017 08:43:17 AM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Nie można uruchomić usługi PLAY ONLINE. RunOuc z powodu następującego błędu: Usługa nie odpowiada na sygnał uruchomienia lub sygnał sterujący w oczekiwanym czasie. Error: (11/24/2017 08:43:17 AM) (Source: Service Control Manager) (EventID: 7009) (User: ) Description: Upłynął limit czasu (30000 ms) podczas oczekiwania na połączenie się z usługą PLAY ONLINE. RunOuc. Error: (11/24/2017 08:43:16 AM) (Source: Service Control Manager) (EventID: 7023) (User: ) Description: Usługa cphs zakończyła działanie; wystąpił następujący błąd: %%2147942659 = Brak dalszych danych. Error: (11/23/2017 09:54:49 PM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: Usługa Menedżer pobranych map niespodziewanie zakończyła pracę. Wystąpiło to razy: 1. CodeIntegrity: =================================== Date: 2017-11-23 22:23:25.554 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2017-11-21 18:00:35.028 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2017-11-12 15:14:13.773 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2017-11-08 15:22:27.750 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2017-11-06 00:24:36.526 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2017-11-03 16:54:16.136 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2017-11-02 11:01:48.554 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2017-11-01 14:24:07.419 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2017-10-30 08:10:33.735 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2017-10-29 13:08:09.305 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements. ==================== Statystyki pamięci =========================== Procesor: Intel(R) Core(TM) i5-7200U CPU @ 2.50GHz Procent pamięci w użyciu: 26% Całkowita pamięć fizyczna: 8072.71 MB Dostępna pamięć fizyczna: 5918.4 MB Całkowita pamięć wirtualna: 9352.71 MB Dostępna pamięć wirtualna: 7323.18 MB ==================== Dyski ================================ Drive c: () (Fixed) (Total:97.1 GB) (Free:79.01 GB) NTFS Drive d: () (Fixed) (Total:140.82 GB) (Free:129.82 GB) NTFS Drive g: (PLAY ONLINE) (CDROM) (Total:0.03 GB) (Free:0 GB) CDFS ==================== MBR & Tablica partycji ================== ======================================================== Disk: 0 (MBR Code: Windows 7 or 8) (Size: 238.5 GB) (Disk ID: 00000000) Partition: GPT. ==================== Koniec Addition.txt ============================