Rezultaty skanu uzupełniającego Farbar Recovery Scan Tool (x64) Wersja: 08-05-2017 Uruchomiony przez MateuszR (12-05-2017 22:35:44) Uruchomiony z C:\Users\MateuszR\Desktop\frb Windows 10 Home Wersja 1607 (X64) (2017-03-18 09:27:26) Tryb startu: Normal ========================================================== ==================== Konta użytkowników: ============================= Administrator (S-1-5-21-4060035999-110647326-3503328423-500 - Administrator - Disabled) Gość (S-1-5-21-4060035999-110647326-3503328423-501 - Limited - Disabled) HomeGroupUser$ (S-1-5-21-4060035999-110647326-3503328423-1005 - Limited - Enabled) Konto domyślne (S-1-5-21-4060035999-110647326-3503328423-503 - Limited - Disabled) MateuszR (S-1-5-21-4060035999-110647326-3503328423-1001 - Administrator - Enabled) => C:\Users\MateuszR ==================== Centrum zabezpieczeń ======================== (Załączenie wejścia w fixlist spowoduje jego usunięcie.) AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AV: Malwarebytes (Enabled - Up to date) {23007AD3-69FE-687C-2629-D584AFFAF72B} AS: Malwarebytes (Enabled - Up to date) {98619B37-4FC4-67F2-1C99-EEF6D47DBD96} AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} ==================== Zainstalowane programy ====================== (W fixlist dozwolone tylko załączanie programów adware z flagą "Hidden" w celu ich uwidocznienia. Programy adware powinny zostać w poprawny sposób odinstalowane.) µTorrent (HKU\S-1-5-21-4060035999-110647326-3503328423-1001\...\uTorrent) (Version: 3.5.0.43580 - BitTorrent Inc.) Action! (HKLM-x32\...\Mirillis Action!) (Version: 2.4.1 - Mirillis) Adobe Creative Cloud (HKLM-x32\...\Adobe Creative Cloud) (Version: 4.0.1.188 - Adobe Systems Incorporated) Adobe Flash Player 25 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 25.0.0.171 - Adobe Systems Incorporated) Adobe Flash Player 25 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 25.0.0.171 - Adobe Systems Incorporated) Adobe Media Encoder CC 2017 (HKLM-x32\...\AME_11_1_0) (Version: 11.1.0 - Adobe Systems Incorporated) Adobe Shockwave Player 12.2 (HKLM-x32\...\{A2116AF9-FA9D-41EA-9874-1E40B227D4DE}) (Version: 12.2.5.195 - Adobe Systems, Inc) AMD Install Manager (HKLM\...\AMD Catalyst Install Manager) (Version: 5.00 - Advanced Micro Devices, Inc.) Application Compatibility Toolkit (Version: 10.1.14295.1000 - Microsoft) Hidden Arma 3 (HKLM\...\Steam App 107410) (Version: - Bohemia Interactive) ArmA3Sync 1.6.91 (HKLM-x32\...\{F097E7D7-D093-4394-9EED-43AFCCD12B7A}_is1) (Version: 1.6.91 - The [S.o.E] team) ASIO4ALL (HKLM-x32\...\ASIO4ALL) (Version: 2.12 - Michael Tippach) Assessments on Client (x32 Version: 10.1.14295.1000 - Microsoft) Hidden Audacity 2.1.3 (HKLM-x32\...\Audacity®_is1) (Version: 2.1.3 - Audacity Team) Camtasia 9 (HKLM-x32\...\{357abfe9-0513-4326-9e53-3b7654e9819d}) (Version: 9.0.0.1306 - TechSmith Corporation) Camtasia 9 (Version: 9.0.0.1306 - TechSmith Corporation) Hidden Catalyst Control Center Next Localization BR (Version: 2016.0226.1531.27895 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization CHS (Version: 2016.0226.1531.27895 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization CHT (Version: 2016.0226.1531.27895 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization CS (Version: 2016.0226.1531.27895 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization DA (Version: 2016.0226.1531.27895 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization DE (Version: 2016.0226.1531.27895 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization EL (Version: 2016.0226.1531.27895 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization ES (Version: 2016.0226.1531.27895 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization FI (Version: 2016.0226.1531.27895 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization FR (Version: 2016.0226.1531.27895 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization HU (Version: 2016.0226.1531.27895 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization IT (Version: 2016.0226.1531.27895 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization JA (Version: 2016.0226.1531.27895 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization KO (Version: 2016.0226.1531.27895 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization NL (Version: 2016.0226.1531.27895 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization NO (Version: 2016.0226.1531.27895 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization PL (Version: 2016.0226.1531.27895 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization RU (Version: 2016.0226.1531.27895 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization SV (Version: 2016.0226.1531.27895 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization TH (Version: 2016.0226.1531.27895 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization TR (Version: 2016.0226.1531.27895 - Advanced Micro Devices, Inc.) Hidden Counter-Strike: Global Offensive (HKLM\...\Steam App 730) (Version: - Valve) Creative Live! Cam Chat HD (VF0700) (1.00.06.00) (HKLM\...\Creative VF0700) (Version: - Creative Technology Ltd.) GDR 5343 for SQL Server 2012 (KB3045321) (HKLM-x32\...\KB3045321) (Version: 11.2.5343.0 - Microsoft Corporation) GIMP 2.8.20 (HKLM\...\GIMP-2_is1) (Version: 2.8.20 - The GIMP Team) Google Chrome (HKLM-x32\...\Google Chrome) (Version: 58.0.3029.110 - Google Inc.) Google Update Helper (x32 Version: 1.3.33.5 - Google Inc.) Hidden Imaging And Configuration Designer (x32 Version: 10.1.14295.1000 - Microsoft) Hidden Imaging Designer (x32 Version: 10.1.14295.1000 - Microsoft) Hidden Imaging Tools Support (x32 Version: 10.1.14295.1000 - Microsoft) Hidden Java 8 Update 102 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F64180102F0}) (Version: 8.0.1020.14 - Oracle Corporation) Kits Configuration Installer (x32 Version: 10.1.14295.1000 - Microsoft) Hidden LAME v3.99.3 (for Windows) (HKLM-x32\...\LAME_is1) (Version: - ) Malwarebytes (wersja 3.1.2.1733) (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.1.2.1733 - Malwarebytes) Microsoft Office Professional Plus 2016 (HKLM-x32\...\Office16.PROPLUS) (Version: 16.0.4266.1001 - Microsoft Corporation) Microsoft OneDrive (HKU\S-1-5-21-4060035999-110647326-3503328423-1001\...\OneDriveSetup.exe) (Version: 17.3.6799.0327 - Microsoft Corporation) Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50709.0 - Microsoft Corporation) Microsoft SQL Server 2012 (HKLM-x32\...\Microsoft SQL Server SQLServer2012) (Version: - Microsoft Corporation) Microsoft SQL Server 2012 Setup (English) (HKLM-x32\...\{11778632-197C-4D05-8AF3-4C4626019712}) (Version: 11.2.5343.0 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61187 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61186 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.7523 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.7523 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.7523 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.7523 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 (HKLM-x32\...\{22154f09-719a-4619-bb71-5b3356999fbf}) (Version: 11.0.50727.1 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40660 (HKLM-x32\...\{82f2609e-68ba-408d-963f-530ad8809435}) (Version: 12.0.40660.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.40660 (HKLM-x32\...\{577ff5ba-39aa-4d8c-a3a9-f95012763438}) (Version: 12.0.40660.0 - Microsoft Corporation) Microsoft Visual C++ 2017 Redistributable (x64) - 14.10.25008 (HKLM-x32\...\{f1e7e313-06df-4c56-96a9-99fdfd149c51}) (Version: 14.10.25008.0 - Microsoft Corporation) Microsoft Visual C++ 2017 Redistributable (x86) - 14.10.25008 (HKLM-x32\...\{c239cea1-d49e-4e16-8e87-8c055765f7ec}) (Version: 14.10.25008.0 - Microsoft Corporation) Microsoft Visual J# 2.0 Redistributable Package - SE (x64) (HKLM\...\Microsoft Visual J# 2.0 Redistributable Package - SE (x64)) (Version: - Microsoft Corporation) Microsoft Visual Studio 2017 (HKLM-x32\...\{6F320B93-EE3C-4826-85E0-ADF79F8D4C61}) (Version: 1.9.30413.1 - Microsoft Corporation) Microsoft VSS Writer for SQL Server 2012 (HKLM\...\{3E0DD83F-BE4C-4478-86A0-AD0D79D1353E}) (Version: 11.2.5058.0 - Microsoft Corporation) Narzędzia sprawdzające pakietu Microsoft Office 2016 — polski (x32 Version: 16.0.4266.1001 - Microsoft Corporation) Hidden Notepad++ (32-bit x86) (HKLM-x32\...\Notepad++) (Version: 7.3.3 - Notepad++ Team) NVIDIA PhysX (HKLM-x32\...\{B455E95A-B804-439F-B533-336B1635AE97}) (Version: 9.14.0702 - NVIDIA Corporation) OBS Studio (HKLM-x32\...\OBS Studio) (Version: 18.0.1 - OBS Project) OpenAL (HKLM-x32\...\OpenAL) (Version: - ) Outlast 2 (HKLM-x32\...\Outlast 2_is1) (Version: - ) Paladins (HKLM\...\Steam App 444090) (Version: - Hi-Rez Studios) Raptr (HKLM-x32\...\Raptr) (Version: 5.2.9-r122712-release - Raptr, Inc) Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.8036 - Realtek Semiconductor Corp.) REAPER (x64) (HKLM\...\REAPER) (Version: - ) Rocket League (HKLM\...\Steam App 252950) (Version: - Psyonix, Inc.) Service Pack 2 for SQL Server 2012 (KB2958429) (HKLM-x32\...\KB2958429) (Version: 11.2.5058.0 - Microsoft Corporation) Spotify (HKU\S-1-5-21-4060035999-110647326-3503328423-1001\...\Spotify) (Version: 1.0.54.1079.g3809528e - Spotify AB) SQL Server 2012 Common Files (x32 Version: 11.2.5058.0 - Microsoft Corporation) Hidden SQL Server 2012 Database Engine Services (x32 Version: 11.2.5058.0 - Microsoft Corporation) Hidden SQL Server 2012 Database Engine Shared (x32 Version: 11.2.5058.0 - Microsoft Corporation) Hidden SQL Server Browser for SQL Server 2012 (HKLM-x32\...\{4B9E6EB0-0EED-4E74-9479-F982C3254F71}) (Version: 11.2.5058.0 - Microsoft Corporation) Sql Server Customer Experience Improvement Program (x32 Version: 11.2.5058.0 - Microsoft Corporation) Hidden Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation) TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.1.4 - TeamSpeak Systems GmbH) Toolkit Documentation (x32 Version: 10.1.14295.1000 - Microsoft) Hidden UEV Tools (Version: 10.1.14295.1000 - Microsoft) Hidden Update for Skype for Business 2016 (KB3128049) 32-Bit Edition (HKLM-x32\...\{90160000-0011-0000-0000-0000000FF1CE}_Office16.PROPLUS_{EC983A52-D05B-4563-9D0F-0E1814D737EA}) (Version: - Microsoft) Update for Skype for Business 2016 (KB3128049) 32-Bit Edition (HKLM-x32\...\{90160000-002A-0000-1000-0000000FF1CE}_Office16.PROPLUS_{EC983A52-D05B-4563-9D0F-0E1814D737EA}) (Version: - Microsoft) Update for Skype for Business 2016 (KB3128049) 32-Bit Edition (HKLM-x32\...\{90160000-012B-0415-0000-0000000FF1CE}_Office16.PROPLUS_{EC983A52-D05B-4563-9D0F-0E1814D737EA}) (Version: - Microsoft) User State Migration Tool (x32 Version: 10.1.14295.1000 - Microsoft) Hidden Volume Activation Management Tool (x32 Version: 10.1.14295.1000 - Microsoft) Hidden vs_communitymsi (x32 Version: 15.0.26323 - Microsoft Corporation) Hidden vs_communitymsires (x32 Version: 15.0.26228 - Microsoft Corporation) Hidden vs_devenvmsi (x32 Version: 15.0.26208 - Microsoft Corporation) Hidden vs_filehandler_amd64 (x32 Version: 15.0.26228 - Microsoft Corporation) Hidden vs_filehandler_x86 (x32 Version: 15.0.26228 - Microsoft Corporation) Hidden vs_FileTracker_Singleton (x32 Version: 15.0.26208 - Microsoft Corporation) Hidden vs_minshellinteropmsi (x32 Version: 15.0.26301 - Microsoft Corporation) Hidden vs_minshellmsi (x32 Version: 15.0.26315 - Microsoft Corporation) Hidden vs_minshellmsires (x32 Version: 15.0.26228 - Microsoft Corporation) Hidden Windows Assessment and Deployment Kit - Windows 10 (HKLM-x32\...\{b6b27e18-55be-4fa6-b0af-b011e1933cbc}) (Version: 10.1.14295.1000 - Microsoft Corporation) WinRAR 5.40 (32-bit) (HKLM-x32\...\WinRAR archiver) (Version: 5.40.0 - win.rar GmbH) WPT Redistributables (x32 Version: 10.1.14295.1000 - Microsoft) Hidden WPTx64 (x32 Version: 10.1.14295.1000 - Microsoft) Hidden X-G510 Gaming Mouse (HKLM-x32\...\{C202E04C-BD05-4F63-A81C-8FFF5E8521DA}}_is1) (Version: - ) ==================== Niestandardowe rejestracje CLSID (filtrowane): ========================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) CustomCLSID: HKU\S-1-5-21-4060035999-110647326-3503328423-1001_Classes\CLSID\{0E270DAA-1BE6-48F2-AC49-5E11DD169709}\InprocServer32 -> %%systemroot%%\system32\shell32.dll => Brak pliku CustomCLSID: HKU\S-1-5-21-4060035999-110647326-3503328423-1001_Classes\CLSID\{e8c77137-e224-5791-b6e9-ff0305797a13}\InprocServer32 -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Systems) ==================== Zaplanowane zadania (filtrowane) ============= (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) Task: {098E625A-863F-438D-B50E-B961BD8BE60A} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-03-18] (Google Inc.) Task: {121875AA-F886-4C6F-BBBF-80128DE64888} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-03-18] (Google Inc.) Task: {2E69760E-2579-4ACF-94F7-9FBCF911247C} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files\Microsoft Office\Office16\msoia.exe [2015-07-31] (Microsoft Corporation) Task: {338F64E6-5FF6-49A6-8ECA-8517E1B19469} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => %ProgramFiles%\Common Files\Microsoft Shared\Office16\OLicenseHeartbeat.exe Task: {33BD61F0-F1CA-4AB6-9CA3-0EBB1A9995CB} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2017-05-10] (Adobe Systems Incorporated) Task: {36938DAA-B31B-4F00-A47B-158A2728920C} - System32\Tasks\AMD Updater => C:\Program Files\AMD\CIM\\Bin64\InstallManagerApp.exe [2016-02-26] (Advanced Micro Devices, Inc.) Task: {6DEC6C7D-EB1D-444C-BC18-761970E61F62} - System32\Tasks\MSI => C:\Users\MateuszR\AppData\Roaming\Microsoft\msi.exe Task: {70E6B808-2151-4608-8BF5-415588F901F3} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_25_0_0_171_pepper.exe [2017-05-10] (Adobe Systems Incorporated) Task: {765F4961-2616-4260-B049-4DA8EEA7F18A} - System32\Tasks\{4C891899-D93D-40F6-82E5-65E93409D255} => pcalua.exe -a "C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\core\PDApp.exe" -c --appletID="DWA_UI" --appletVersion="2.0" --mode="Uninstall" --mediaSignature="{147EC100-14BE-45EF-AB42-35BAEE7D02F0}" Task: {971F68F9-0D48-4B41-9D05-38DFE375513D} - System32\Tasks\{55C2E675-BD3B-450E-B3CB-845880095637} => pcalua.exe -a "c:\Program Files (x86)\Microsoft SQL Server\110\Setup Bootstrap\SQLServer2012\x86\SetupARP.exe" -c /X86 Task: {B7EA257C-65A3-4BBF-A80E-C9A49E4B0DCC} - System32\Tasks\AdobeAAMUpdater-1.0-MicrosoftAccount-vevo9850@wp.pl => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2016-07-01] (Adobe Systems Incorporated) Task: {DF6C3C93-F7DB-4FFC-9A76-C77EFCABD1E4} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files\Microsoft Office\Office16\msoia.exe [2015-07-31] (Microsoft Corporation) Task: {F6E0EC56-4716-4B0E-B20C-1FB360EC8CC9} - \WPD\SqmUpload_S-1-5-21-4060035999-110647326-3503328423-1001 -> Brak pliku <==== UWAGA (Załączenie wejścia w fixlist spowoduje przesunięcie pliku zadania (.job). Plik uruchamiany docelowo przez zadanie nie zostanie przeniesiony.) ==================== Skróty ============================= (Wybrane wejścia mogą zostać załączone w celu ich zresetowania lub usunięcia.) ==================== Załadowane moduły (filtrowane) ============== 2016-07-16 13:42 - 2016-07-16 13:42 - 00231424 _____ () C:\WINDOWS\SYSTEM32\ism32k.dll 2017-05-10 18:34 - 2017-04-28 02:49 - 02681200 _____ () C:\WINDOWS\system32\CoreUIComponents.dll 2017-05-10 18:34 - 2017-04-28 02:49 - 02681200 _____ () C:\WINDOWS\SYSTEM32\CoreUIComponents.dll 2016-10-25 09:57 - 2016-10-25 09:57 - 00491184 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll 2017-03-08 04:42 - 2017-03-08 04:42 - 00230064 _____ () C:\Program Files (x86)\Notepad++\NppShell_06.dll 2017-03-18 16:03 - 2017-03-04 08:12 - 09760768 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll 2017-03-18 16:03 - 2017-03-04 08:05 - 01401856 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll 2017-03-18 16:03 - 2017-03-04 08:05 - 00757248 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CSGSuggestLib.dll 2017-05-10 18:34 - 2017-04-28 01:36 - 02424320 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll 2017-05-10 18:34 - 2017-04-28 01:37 - 04853760 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll 2017-05-12 18:24 - 2017-05-09 16:38 - 02270672 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\MwacLib.dll 2017-05-12 15:39 - 2017-05-12 15:39 - 00074752 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.16.556.0_x64__kzf8qxf38zg5c\SkypeHost.exe 2017-05-12 15:39 - 2017-05-12 15:39 - 00201728 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.16.556.0_x64__kzf8qxf38zg5c\SkypeBackgroundTasks.dll 2017-03-18 16:05 - 2016-09-07 06:56 - 00134656 _____ () C:\Windows\ShellExperiences\Windows.UI.Shell.SharedUtilities.dll 2017-03-18 16:05 - 2017-03-04 08:31 - 00474112 _____ () C:\Windows\ShellExperiences\QuickActions.dll 2017-05-10 18:34 - 2017-04-28 02:49 - 02681200 _____ () C:\WINDOWS\System32\CoreUIComponents.dll ==================== Alternate Data Streams (filtrowane) ========= (Załączenie wejścia w fixlist spowoduje usunięcie strumienia ADS.) ==================== Tryb awaryjny (filtrowane) =================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Wartość "AlternateShell" zostanie przywrócona.) HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service" ==================== Powiązania plików (filtrowane) =============== (Załączenie wejścia w fixlist spowoduje usunięcie obiektu z rejestru lub przywrócenie jego domyślnej postaci.) ==================== Internet Explorer - Witryny zaufane i z ograniczeniami =============== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru.) ==================== Hosts - zawartość: ========================== (Użycie dyrektywy Hosts: w fixlist spowoduje reset pliku Hosts.) 2012-07-26 07:26 - 2017-05-05 18:28 - 00000879 _____ C:\WINDOWS\system32\Drivers\etc\hosts 127.0.0.1 bandicam.com 127.0.0.1 ssl.bandisoft.com ==================== Inne obszary ============================ (Obecnie brak automatycznej naprawy dla tej sekcji.) HKU\S-1-5-21-4060035999-110647326-3503328423-1001\Control Panel\Desktop\\Wallpaper -> C:\WINDOWS\web\wallpaper\Windows\img0.jpg HKU\S-1-5-80-4287524181-3401991209-718407576-1481970793-3068686015\Control Panel\Desktop\\Wallpaper -> C:\Windows\Web\Wallpaper\Windows\img0.jpg DNS Servers: 8.8.4.4 - 213.241.79.37 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1) Zapora systemu Windows [funkcja włączona] ==================== MSCONFIG/TASK MANAGER - Wyłączone elementy == HKLM\...\StartupApproved\Run32: => "Adobe Creative Cloud" HKU\S-1-5-21-4060035999-110647326-3503328423-1001\...\StartupApproved\Run: => "Gaijin.Net Agent" HKU\S-1-5-21-4060035999-110647326-3503328423-1001\...\StartupApproved\Run: => "Spotify" HKU\S-1-5-21-4060035999-110647326-3503328423-1001\...\StartupApproved\Run: => "Spotify Web Helper" ==================== Reguły Zapory systemu Windows (filtrowane) =============== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) FirewallRules: [{41A71262-6C0E-4E67-8177-5FB4B03FA295}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe FirewallRules: [{BA41D168-43F6-472A-8143-877D5C15D210}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe FirewallRules: [{98A33E3C-E437-4BC7-AB4C-D8D38F39587F}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe FirewallRules: [{4D872949-4721-45A6-8D1A-74A227E24494}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe FirewallRules: [{9473F400-19D3-47BC-A0D5-EB51EF3BF7CF}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe FirewallRules: [{D475AB8B-99F1-4090-A55D-165E25741C88}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe FirewallRules: [{2175BCCB-FF58-4E8D-88D3-BCC5246C01A6}] => (Allow) C:\Users\MateuszR\AppData\Roaming\uTorrent\uTorrent.exe FirewallRules: [{93BAEA63-4C6D-4CEB-A997-6E904DACFAAA}] => (Allow) C:\Users\MateuszR\AppData\Roaming\uTorrent\uTorrent.exe FirewallRules: [{BA87B0BE-0737-4EC2-8A26-D3CE8D1578D0}] => (Allow) C:\Users\MateuszR\AppData\Roaming\uTorrent\uTorrent.exe FirewallRules: [{05F62F7D-6C6C-44F3-98F5-C27D5FECF076}] => (Allow) C:\Users\MateuszR\AppData\Roaming\uTorrent\uTorrent.exe FirewallRules: [{4853CD24-E37D-4B97-82AF-7E5C876E76CF}] => (Allow) C:\Users\MateuszR\AppData\Roaming\uTorrent\uTorrent.exe FirewallRules: [{8AC1E96F-9BE9-469B-AA78-3A33F211AEB0}] => (Allow) C:\Users\MateuszR\AppData\Roaming\uTorrent\uTorrent.exe FirewallRules: [TCP Query User{4C9ED7DB-3CF0-4E0C-A017-37A2DD0D41D9}C:\users\mateuszr\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\mateuszr\appdata\roaming\spotify\spotify.exe FirewallRules: [UDP Query User{73B570C7-CCEB-41E1-8166-F76FD17411A7}C:\users\mateuszr\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\mateuszr\appdata\roaming\spotify\spotify.exe FirewallRules: [{B346C750-1A68-4CED-862B-DC6D98202E54}] => (Allow) C:\Program Files (x86)\Microsoft Office\Office16\lync.exe FirewallRules: [{6A8CEF5E-E7F1-4C72-9814-D451F9FDECDD}] => (Allow) C:\Program Files (x86)\Microsoft Office\Office16\lync.exe FirewallRules: [{D82F6E78-1498-42DF-8827-0B5B78AD10A0}] => (Allow) C:\Program Files (x86)\Microsoft Office\Office16\UcMapi.exe FirewallRules: [{DCF6E7EF-F0B4-4091-94F0-CA348BFA8AFB}] => (Allow) C:\Program Files (x86)\Microsoft Office\Office16\UcMapi.exe FirewallRules: [{4E2E6C46-729E-4575-AB48-BBF66428C342}] => (Allow) C:\Program Files (x86)\Raptr Inc\PlaysTV\playstv.exe FirewallRules: [{BD1E36FC-0F08-43CA-B98D-F1186645ED46}] => (Allow) C:\Program Files (x86)\Raptr Inc\PlaysTV\playstv.exe FirewallRules: [TCP Query User{12F0E3DB-66E7-4221-AE7C-5DF88756B81A}C:\users\mateuszr\appdata\local\warthunder\launcher.exe] => (Allow) C:\users\mateuszr\appdata\local\warthunder\launcher.exe FirewallRules: [UDP Query User{C5E28845-983A-4C02-8B43-9DFC3DFEECB0}C:\users\mateuszr\appdata\local\warthunder\launcher.exe] => (Allow) C:\users\mateuszr\appdata\local\warthunder\launcher.exe FirewallRules: [{309EB9AF-CADD-469F-93F5-9A999C6CF284}] => (Allow) C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\AllShareDMS.exe FirewallRules: [{11A1B9C7-490E-42EE-8866-0E22D7381F2C}] => (Allow) C:\Program Files (x86)\Samsung\AllShare\AllShare.exe FirewallRules: [{07791785-3175-4A1D-B088-6D4ACFFC653B}] => (Allow) C:\Program Files (x86)\Samsung\AllShare\AllShareAgent.exe FirewallRules: [TCP Query User{AFA37398-120A-4AAF-8887-A1590819BEBE}C:\users\mateuszr\appdata\local\warthunder\win64\aces.exe] => (Allow) C:\users\mateuszr\appdata\local\warthunder\win64\aces.exe FirewallRules: [UDP Query User{237B5502-63DB-4CA7-A77A-592BAB2BB801}C:\users\mateuszr\appdata\local\warthunder\win64\aces.exe] => (Allow) C:\users\mateuszr\appdata\local\warthunder\win64\aces.exe FirewallRules: [TCP Query User{0FD80F01-56CC-4D36-82D7-6CAEDD86B965}C:\users\mateuszr\appdata\local\temp\i1492250927\windows\resource\jre\bin\javaw.exe] => (Allow) C:\users\mateuszr\appdata\local\temp\i1492250927\windows\resource\jre\bin\javaw.exe FirewallRules: [UDP Query User{77D2B543-E48F-48B6-8ED9-62AB0E53E22E}C:\users\mateuszr\appdata\local\temp\i1492250927\windows\resource\jre\bin\javaw.exe] => (Allow) C:\users\mateuszr\appdata\local\temp\i1492250927\windows\resource\jre\bin\javaw.exe FirewallRules: [TCP Query User{B922C312-9BBB-44AF-845A-AE879210DEA1}D:\games\outlast 2\binaries\win64\outlast2.exe] => (Allow) D:\games\outlast 2\binaries\win64\outlast2.exe FirewallRules: [UDP Query User{24CCA5D3-DAC5-4F7F-8046-36A79B78505F}D:\games\outlast 2\binaries\win64\outlast2.exe] => (Allow) D:\games\outlast 2\binaries\win64\outlast2.exe FirewallRules: [TCP Query User{EA55D97C-69D8-428A-B2E5-860E547E2480}C:\program files (x86)\steam\steamapps\common\theculling\victory\binaries\win64\victory.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\theculling\victory\binaries\win64\victory.exe FirewallRules: [UDP Query User{BA797E96-54DA-4577-8D85-6812C3661466}C:\program files (x86)\steam\steamapps\common\theculling\victory\binaries\win64\victory.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\theculling\victory\binaries\win64\victory.exe FirewallRules: [{EDCEE3DC-BD4A-406E-9E59-021DB1F40E32}] => (Allow) C:\Program Files\Lightworks\ntcardvt.exe FirewallRules: [{CFD0E9F0-2E63-4762-A932-0FB760F84C54}] => (Allow) C:\Program Files\Lightworks\ntcardvt.exe FirewallRules: [{E049B74D-328F-4206-9C89-B9978E326F5D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Paladins\Binaries\Win32\HirezBridge.exe FirewallRules: [{B52788C8-C89F-427A-9F75-D760831FA7AD}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Paladins\Binaries\Win32\HirezBridge.exe FirewallRules: [{F3BF3A76-DB5A-42D5-A9D5-D83F56E668BC}] => (Allow) LPort=8318 FirewallRules: [{FEB35CF4-967D-4D01-B87A-BA71328026E3}] => (Allow) C:\Program Files (x86)\Raptr Inc\Raptr\raptr.exe FirewallRules: [{2E947D93-1B18-4197-B4C8-D0872D9A2E09}] => (Allow) C:\Program Files (x86)\Raptr Inc\Raptr\raptr.exe FirewallRules: [{9FFEF94E-193A-4118-B5DF-9C69A1BAFB60}] => (Allow) C:\Program Files (x86)\Raptr Inc\Raptr\raptr_im.exe FirewallRules: [{ED324873-ACBA-43F9-BE2F-0757B9327390}] => (Allow) C:\Program Files (x86)\Raptr Inc\Raptr\raptr_im.exe FirewallRules: [{BA9849DD-2AA4-49C9-8FFF-08A7A7089542}] => (Block) %ProgramFiles% (x86)\Mirillis\Action!\Action.exe FirewallRules: [{80329B45-3C61-4B46-984D-FA07A1A4C42D}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe FirewallRules: [{4DEBD567-4F79-4459-A19E-E10F4397CF80}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\rocketleague\Binaries\Win32\RocketLeague.exe FirewallRules: [{0E1C8B0F-7E00-448B-8A97-DC42C83F8F18}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\rocketleague\Binaries\Win32\RocketLeague.exe FirewallRules: [{9D34E345-5D90-438F-87F7-11CEEC5B96CA}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Arma 3\arma3launcher.exe FirewallRules: [{487A2251-B1A7-4BA7-8805-9C6D12BCBF4E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Arma 3\arma3launcher.exe FirewallRules: [{C22191CD-1894-4E78-A10C-9C4565DB2613}] => (Block) %ProgramFiles% (x86)\Mirillis\Action!\Action.exe FirewallRules: [TCP Query User{39B8BA58-2C91-4477-ABF3-C7119337A70B}C:\program files (x86)\steam\steamapps\common\arma 3\arma3_x64.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\arma 3\arma3_x64.exe FirewallRules: [UDP Query User{B99ACA3B-50D8-4ADF-A3E5-B6986D2C141C}C:\program files (x86)\steam\steamapps\common\arma 3\arma3_x64.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\arma 3\arma3_x64.exe ==================== Punkty Przywracania systemu ========================= 12-05-2017 18:56:14 Removed Hi-Rez Studios Games ==================== Wadliwe urządzenia w Menedżerze urządzeń ============= ==================== Błędy w Dzienniku zdarzeń: ========================= Dziennik Aplikacja: ================== Error: (05/12/2017 10:16:46 PM) (Source: VSS) (EventID: 8193) (User: ) Description: Błąd Usługi kopiowania woluminów w tle: nieoczekiwany błąd podczas wywoływania procedury QueryFullProcessImageNameW. hr = 0x80070006, Nieprawidłowe dojście. . Operacja: Wykonywanie operacji asynchronicznej Kontekst: Stan bieżący: DoSnapshotSet Error: (05/12/2017 10:15:54 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: ) Description: Przetwarzanie wywołania OnIdentity() w obiekcie System Writer przez Usługi kryptograficzne nie powiodło się. Details: AddLegacyDriverFiles: Unable to back up image of binary Protokół LLDP (Link-Layer Discovery Protocol) firmy Microsoft. System Error: Odmowa dostępu. . Error: (05/12/2017 10:15:51 PM) (Source: VSS) (EventID: 8194) (User: ) Description: Błąd Usługi kopiowania woluminów w tle: nieoczekiwany błąd podczas badania interfejsu IVssWriterCallback. hr = 0x80070005, Odmowa dostępu. . To jest często spowodowane przez niepoprawne ustawienia zabezpieczeń w procesie zapisującym lub żądającym. Operacja: Zbieranie danych modułu zapisującego Kontekst: Identyfikator klasy modułu zapisującego: {e8132975-6f93-4464-a53e-1050253ae220} Nazwa modułu zapisującego: System Writer Identyfikator wystąpienia modułu zapisującego: {12523d4d-ef00-4eb5-aae2-1ee3e6cdce91} Error: (05/12/2017 10:04:04 PM) (Source: SideBySide) (EventID: 33) (User: ) Description: Nie można wygenerować kontekstu aktywacji dla "C:\Program Files (x86)\Windows Kits\10\Assessment and Deployment Kit\Windows Assessment Toolkit\Memory Assessments\arm64\memoryfp.exe". Nie można odnaleźć zestawu zależnego Microsoft.Windows.Common-Controls,language="*",processorArchitecture="arm64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0". Użyj narzędzia sxstrace.exe, aby uzyskać szczegółową diagnozę. Error: (05/12/2017 10:04:04 PM) (Source: SideBySide) (EventID: 33) (User: ) Description: Nie można wygenerować kontekstu aktywacji dla "C:\Program Files (x86)\Windows Kits\10\Assessment and Deployment Kit\Windows Assessment Toolkit\Fundamental Assessments\arm\fas.exe". Nie można odnaleźć zestawu zależnego Microsoft.Windows.Common-Controls,language="*",processorArchitecture="arm",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0". Użyj narzędzia sxstrace.exe, aby uzyskać szczegółową diagnozę. Error: (05/12/2017 10:04:03 PM) (Source: SideBySide) (EventID: 33) (User: ) Description: Nie można wygenerować kontekstu aktywacji dla "C:\Program Files (x86)\Windows Kits\10\Assessment and Deployment Kit\Windows Assessment Toolkit\Memory Assessments\arm\memoryfp.exe". Nie można odnaleźć zestawu zależnego Microsoft.Windows.Common-Controls,language="*",processorArchitecture="arm",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0". Użyj narzędzia sxstrace.exe, aby uzyskać szczegółową diagnozę. Error: (05/12/2017 10:04:03 PM) (Source: SideBySide) (EventID: 33) (User: ) Description: Nie można wygenerować kontekstu aktywacji dla "C:\Program Files (x86)\Windows Kits\10\Assessment and Deployment Kit\Windows Assessment Toolkit\Fundamental Assessments\arm64\fas.exe". Nie można odnaleźć zestawu zależnego Microsoft.Windows.Common-Controls,language="*",processorArchitecture="arm64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0". Użyj narzędzia sxstrace.exe, aby uzyskać szczegółową diagnozę. Error: (05/12/2017 10:04:03 PM) (Source: SideBySide) (EventID: 33) (User: ) Description: Nie można wygenerować kontekstu aktywacji dla "C:\Program Files (x86)\Windows Kits\10\Assessment and Deployment Kit\Windows Assessment Toolkit\Energy\arm\energy.exe". Nie można odnaleźć zestawu zależnego Microsoft.Windows.Common-Controls,language="*",processorArchitecture="arm",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0". Użyj narzędzia sxstrace.exe, aby uzyskać szczegółową diagnozę. Error: (05/12/2017 10:04:03 PM) (Source: SideBySide) (EventID: 33) (User: ) Description: Nie można wygenerować kontekstu aktywacji dla "C:\Program Files (x86)\Windows Kits\10\Assessment and Deployment Kit\Windows Assessment Toolkit\Energy\arm64\energy.exe". Nie można odnaleźć zestawu zależnego Microsoft.Windows.Common-Controls,language="*",processorArchitecture="arm64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0". Użyj narzędzia sxstrace.exe, aby uzyskać szczegółową diagnozę. Error: (05/12/2017 10:03:25 PM) (Source: SideBySide) (EventID: 35) (User: ) Description: Nie można wygenerować kontekstu aktywacji dla "C:\Program Files (x86)\Microsoft Office\Office16\lync.exe.Manifest". Błąd w pliku manifestu lub w pliku zasad "C:\Program Files (x86)\Microsoft Office\Office16\UccApi.DLL" w wierszu 1. Tożsamość składnika znaleziona w manifeście nie odpowiada tożsamości składnika żądanego. Odwołanie to UccApi,processorArchitecture="AMD64",type="win32",version="16.0.0.0". Definicja to UccApi,processorArchitecture="x86",type="win32",version="16.0.0.0". Użyj narzędzia sxstrace.exe, aby uzyskać szczegółową diagnozę. Dziennik System: ============= Error: (05/12/2017 10:33:53 PM) (Source: DCOM) (EventID: 10016) (User: ZARZĄDZANIE NT) Description: Zgodnie z ustawieniami uprawnienia właściwe dla aplikacji nie jest udzielane uprawnienie Lokalny Aktywacja do aplikacji serwera COM z identyfikatorem klasy CLSID {D63B10C5-BB46-4990-A94F-E40B9D520160} i identyfikatorem aplikacji APPID {9CA88EE3-ACB7-47C8-AFC4-AB702511C276} użytkownikowi ZARZĄDZANIE NT\SYSTEM o identyfikatorze zabezpieczeń SID (S-1-5-18) z adresu LocalHost (użycie LRPC) działającemu w kontenerze aplikacji o identyfikatorze SID Niedostępny (Niedostępny). To uprawnienie zabezpieczeń można modyfikować przy użyciu narzędzia administracyjnego Usługi składowe. Error: (05/12/2017 10:16:20 PM) (Source: Service Control Manager) (EventID: 7032) (User: ) Description: Menedżer sterowania usługami próbował podjąć akcję korekcyjną (Uruchom usługę ponownie) po nieoczekiwanym zakończeniu usługi Windows Search, ale ta akcja nie powiodła się przy następującym błędzie: Jedno wystąpienie usługi już działa. . Error: (05/12/2017 10:15:50 PM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: Usługa SQL Server (ADK) niespodziewanie zakończyła pracę. Wystąpiło to razy: 1. Error: (05/12/2017 10:15:50 PM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: Usługa Windows Search niespodziewanie zakończyła pracę. Wystąpiło to razy: 1. W przeciągu 30000 milisekund zostanie podjęta następująca czynność korekcyjna: Uruchom usługę ponownie. Error: (05/12/2017 10:15:49 PM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: Usługa Steam Client Service niespodziewanie zakończyła pracę. Wystąpiło to razy: 1. Error: (05/12/2017 10:15:49 PM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: Usługa Usługa udostępniania w sieci programu Windows Media Player niespodziewanie zakończyła pracę. Wystąpiło to razy: 1. W przeciągu 30000 milisekund zostanie podjęta następująca czynność korekcyjna: Uruchom usługę ponownie. Error: (05/12/2017 10:15:48 PM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: Usługa SQL Server VSS Writer niespodziewanie zakończyła pracę. Wystąpiło to razy: 1. Error: (05/12/2017 10:15:48 PM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: Usługa Bonjour Service niespodziewanie zakończyła pracę. Wystąpiło to razy: 1. W przeciągu 500 milisekund zostanie podjęta następująca czynność korekcyjna: Uruchom usługę ponownie. Error: (05/12/2017 10:15:48 PM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: Usługa AdobeUpdateService niespodziewanie zakończyła pracę. Wystąpiło to razy: 1. Error: (05/12/2017 10:15:48 PM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: Usługa Adobe Genuine Software Integrity Service niespodziewanie zakończyła pracę. Wystąpiło to razy: 1. CodeIntegrity: =================================== Date: 2017-05-12 22:12:21.626 Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume2\Program Files (x86)\Raptr Inc\Raptr\ltc_help64-119906.dll that did not meet the Store signing level requirements. Date: 2017-05-12 22:12:20.955 Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume2\Program Files (x86)\Raptr Inc\Raptr\ltc_help64-119906.dll that did not meet the Store signing level requirements. Date: 2017-05-12 20:03:33.277 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\Windows Kits\10\Assessment and Deployment Kit\Deployment Tools\amd64\DISM\wimmount.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2017-05-12 15:51:18.125 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\Windows Kits\10\Assessment and Deployment Kit\Deployment Tools\amd64\DISM\wimmount.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2017-05-10 19:05:15.326 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\Windows Kits\10\Assessment and Deployment Kit\Deployment Tools\amd64\DISM\wimmount.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2017-05-09 12:14:52.607 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\Windows Kits\10\Assessment and Deployment Kit\Deployment Tools\amd64\DISM\wimmount.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2017-05-06 20:30:37.499 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\Windows Kits\10\Assessment and Deployment Kit\Deployment Tools\amd64\DISM\wimmount.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2017-05-06 20:20:00.123 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\Windows Kits\10\Assessment and Deployment Kit\Deployment Tools\amd64\DISM\wimmount.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2017-05-05 19:31:45.618 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\Windows Kits\10\Assessment and Deployment Kit\Deployment Tools\amd64\DISM\wimmount.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2017-05-05 18:11:02.896 Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume2\Program Files (x86)\Raptr Inc\Raptr\ltc_help64-119906.dll that did not meet the Store signing level requirements. ==================== Statystyki pamięci =========================== Procesor: Intel(R) Core(TM) i7-3770 CPU @ 3.40GHz Procent pamięci w użyciu: 20% Całkowita pamięć fizyczna: 16330.13 MB Dostępna pamięć fizyczna: 12959.71 MB Całkowita pamięć wirtualna: 18762.13 MB Dostępna pamięć wirtualna: 15348.61 MB ==================== Dyski ================================ Drive c: () (Fixed) (Total:625.71 GB) (Free:454.48 GB) NTFS Drive d: () (Fixed) (Total:305.02 GB) (Free:269.65 GB) NTFS ==================== MBR & Tablica partycji ================== ======================================================== Disk: 0 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: 63413D79) Partition 1: (Active) - (Size=350 MB) - (Type=07 NTFS) Partition 2: (Not Active) - (Size=625.7 GB) - (Type=07 NTFS) Partition 3: (Not Active) - (Size=450 MB) - (Type=27) Partition 4: (Not Active) - (Size=305 GB) - (Type=07 NTFS) ==================== Koniec Addition.txt ============================