Rezultaty skanu uzupełniającego Farbar Recovery Scan Tool (x64) Wersja: 06-08-2017 Uruchomiony przez Krzysiek (07-08-2017 14:24:53) Uruchomiony z F:\Download Windows 7 Ultimate Service Pack 1 (X64) (2015-11-13 13:55:44) Tryb startu: Normal ========================================================== ==================== Konta użytkowników: ============================= Administrator (S-1-5-21-549369258-609413368-1550574506-500 - Administrator - Disabled) Gość (S-1-5-21-549369258-609413368-1550574506-501 - Limited - Enabled) Krzysiek (S-1-5-21-549369258-609413368-1550574506-1000 - Administrator - Enabled) => C:\Users\Krzysiek ==================== Centrum zabezpieczeń ======================== (Załączenie wejścia w fixlist spowoduje jego usunięcie.) AV: Malwarebytes (Enabled - Up to date) {23007AD3-69FE-687C-2629-D584AFFAF72B} AS: Malwarebytes (Enabled - Up to date) {98619B37-4FC4-67F2-1C99-EEF6D47DBD96} AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} ==================== Zainstalowane programy ====================== (W fixlist dozwolone tylko załączanie programów adware z flagą "Hidden" w celu ich uwidocznienia. Programy adware powinny zostać w poprawny sposób odinstalowane.) Adobe Acrobat Reader DC - Polish (HKLM-x32\...\{AC76BA86-7AD7-1045-7B44-AC0F074E4100}) (Version: 17.009.20058 - Adobe Systems Incorporated) Adobe Download Manager 2.2 (Remove Only) (HKLM-x32\...\AdobeESD) (Version: 2.2 - ) Adobe Flash Player 26 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 26.0.0.137 - Adobe Systems Incorporated) Aktualizacje NVIDIA 2.5.15.54 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 2.5.15.54 - NVIDIA Corporation) Hidden Asmedia ASM104x USB 3.0 Host Controller Driver (HKLM-x32\...\{E4FB0B39-C991-4EE7-95DD-1A1A7857D33D}) (Version: 1.10.1.0 - Asmedia Technology) Asmedia ASM106x SATA Host Controller Driver (HKLM-x32\...\{61942EF5-2CD8-47D4-869C-2E9A8BB085F1}) (Version: 1.1.9.000 - Asmedia Technology) Atheros Communications Inc.(R) AR81Family Gigabit/Fast Ethernet Driver (HKLM-x32\...\{3108C217-BE83-42E4-AE9E-A56A2A92E549}) (Version: 1.0.0.35 - Atheros Communications Inc.) Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment) Borderless Gaming (HKLM-x32\...\Borderless Gaming_is1) (Version: 8.4 - Codeusa Software) Brother MFL-Pro Suite DCP-J152W (HKLM-x32\...\{B742757A-7658-4E09-A51A-085CF0F7F4D3}) (Version: 1.0.0.0 - Brother Industries, Ltd.) CCleaner (HKLM\...\CCleaner) (Version: 5.11 - Piriform) Counter-Strike: Global Offensive (HKLM-x32\...\Steam App 730) (Version: - Valve) FIFA 17 (HKLM-x32\...\{8C0DD062-B659-409C-9AB7-8EBD1D64D2EB}) (Version: 1.0.48.30259 - Electronic Arts) Flashtool (HKLM-x32\...\Flashtool) (Version: 0.9.18.6 - Androxyde) foobar2000 v1.3.9 (HKLM-x32\...\foobar2000) (Version: 1.3.9 - Peter Pawlowski) GG (HKU\S-1-5-21-549369258-609413368-1550574506-1000\...\GG) (Version: 12 - GG Network S.A.) Hearthstone (HKLM-x32\...\Hearthstone) (Version: - Blizzard Entertainment) Java 8 Update 65 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218065F0}) (Version: 8.0.650.17 - Oracle Corporation) KMSpico (HKLM\...\{8B29D47F-92E2-4C20-9EE0-F710991F5D7C}_is1) (Version: - ) Logitech Gaming Software 5.10 (HKLM\...\{1444D2EE-C7AD-44A8-844F-2634B49353D1}) (Version: 5.10.127 - Logitech) Malwarebytes (wersja 3.1.2.1733) (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.1.2.1733 - Malwarebytes) Microsoft .NET Framework 4 Client Profile (HKLM\...\Microsoft .NET Framework 4 Client Profile) (Version: 4.0.30319 - Microsoft Corporation) Microsoft .NET Framework 4 Extended (HKLM\...\Microsoft .NET Framework 4 Extended) (Version: 4.0.30319 - Microsoft Corporation) Microsoft Office Professional Plus 2013 (HKLM\...\Office15.PROPLUSR) (Version: 15.0.4569.1506 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM-x32\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation) Mozilla Firefox 54.0.1 (x86 pl) (HKLM-x32\...\Mozilla Firefox 54.0.1 (x86 pl)) (Version: 54.0.1 - Mozilla) Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 54.0.1.6388 - Mozilla) Narzędzia sprawdzające pakietu Microsoft Office 2013 — polski (HKLM\...\{90150000-001F-0415-1000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden NVIDIA GeForce Experience 2.5.15.54 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.5.15.54 - NVIDIA Corporation) NVIDIA Oprogramowanie systemu PhysX 9.15.0428 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.15.0428 - NVIDIA Corporation) NVIDIA Sterownik 3D Vision 358.91 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 358.91 - NVIDIA Corporation) NVIDIA Sterownik dźwięku HD 1.3.34.4 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.34.4 - NVIDIA Corporation) NVIDIA Sterownik graficzny 358.91 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 358.91 - NVIDIA Corporation) NVIDIA Sterownik kontrolera 3D Vision 352.65 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 352.65 - NVIDIA Corporation) Opera Stable 33.0.1990.58 (HKLM-x32\...\Opera 33.0.1990.58) (Version: - ) Origin (HKLM-x32\...\Origin) (Version: 10.4.13.6637 - Electronic Arts, Inc.) Panel sterowania NVIDIA 358.91 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel) (Version: 358.91 - NVIDIA Corporation) Hidden PIT Format 2015 (HKLM-x32\...\PIT Format 2015_is1) (Version: - Biuro Informatyki Stosowanej FORMAT) PIT-Y.pl 2017 (HKLM-x32\...\{80DD5BD4-B34B-42EB-BE0A-321011C2DD19}}_is1) (Version: 5.0.0 - GP SOFT) Polski pakiet językowy dla programu Microsoft .NET Framework 4 Client Profile (HKLM\...\Microsoft .NET Framework 4 Client Profile PLK Language Pack) (Version: 4.0.30319 - Microsoft Corporation) Polski pakiet językowy dla programu Microsoft .NET Framework 4 Extended (HKLM\...\Microsoft .NET Framework 4 Extended PLK Language Pack) (Version: 4.0.30319 - Microsoft Corporation) Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6069 - Realtek Semiconductor Corp.) SHIELD Streaming (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_GFExperience.NvStreamSrv) (Version: 4.1.500 - NVIDIA Corporation) Hidden SHIELD Wireless Controller Driver (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_ShieldWirelessController) (Version: 2.5.15.54 - NVIDIA Corporation) Hidden Skype™ 7.38 (HKLM-x32\...\{3B7E914A-93D5-4A29-92BB-AF8C3F66C431}) (Version: 7.38.101 - Skype Technologies S.A.) Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation) TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.18 - TeamSpeak Systems GmbH) WinRAR 5.21 (32-bit) (HKLM-x32\...\WinRAR archiver) (Version: 5.21.0 - win.rar GmbH) Xperia Companion (HKLM-x32\...\{87971D31-1246-4141-8424-6ECC64D96E1D}) (Version: 1.2.8.0 - Sony) Hidden Xperia Companion (HKLM-x32\...\{8f4f39fa-087f-4e5c-84f3-1433ac7389e9}) (Version: 1.2.8.0 - Sony) ==================== Niestandardowe rejestracje CLSID (filtrowane): ========================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) CustomCLSID: HKU\S-1-5-21-549369258-609413368-1550574506-1000_Classes\CLSID\{E68D0A55-3C40-4712-B90D-DCFA93FF2534}\InprocServer32 -> C:\Users\Krzysiek\AppData\Roaming\GG\ggdrive\ggdrive-menu.dll (GGNetworkS.A.) ShellIconOverlayIdentifiers: [ SkyDrivePro1 (ErrorConflict)] -> {8BA85C75-763B-4103-94EB-9470F12FE0F7} => C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL [2015-01-21] (MicrosoftCorporation) ShellIconOverlayIdentifiers: [ SkyDrivePro2 (SyncInProgress)] -> {CD55129A-B1A1-438E-A425-CEBC7DC684EE} => C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL [2015-01-21] (MicrosoftCorporation) ShellIconOverlayIdentifiers: [ SkyDrivePro3 (InSync)] -> {E768CD3B-BDDC-436D-9C13-E1B39CA257B1} => C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL [2015-01-21] (MicrosoftCorporation) ShellIconOverlayIdentifiers: [EnhancedStorageShell] -> {D9144DCD-E998-4ECA-AB6A-DCD83CCBA16D} => C:\Windows\system32\EhStorShell.dll [2009-07-14] (MicrosoftCorporation) ShellIconOverlayIdentifiers: [GGDriveOverlay1] -> {E68D0A50-3C40-4712-B90D-DCFA93FF2534} => C:\ProgramData\GG\ggdrive\ggdrive-overlay.dll [2013-01-17] (GGNetworkS.A.) ShellIconOverlayIdentifiers: [GGDriveOverlay2] -> {E68D0A51-3C40-4712-B90D-DCFA93FF2534} => C:\ProgramData\GG\ggdrive\ggdrive-overlay.dll [2013-01-17] (GGNetworkS.A.) ShellIconOverlayIdentifiers: [GGDriveOverlay3] -> {E68D0A52-3C40-4712-B90D-DCFA93FF2534} => C:\ProgramData\GG\ggdrive\ggdrive-overlay.dll [2013-01-17] (GGNetworkS.A.) ShellIconOverlayIdentifiers: [GGDriveOverlay4] -> {E68D0A53-3C40-4712-B90D-DCFA93FF2534} => C:\ProgramData\GG\ggdrive\ggdrive-overlay.dll [2013-01-17] (GGNetworkS.A.) ShellIconOverlayIdentifiers: [Offline Files] -> {4E77131D-3629-431c-9818-C5679DC83E81} => C:\Windows\System32\cscui.dll [2010-11-21] (MicrosoftCorporation) ShellIconOverlayIdentifiers: [SharingPrivate] -> {08244EE6-92F0-47f2-9FC9-929BAA2E7235} => C:\Windows\system32\ntshrui.dll [2010-11-21] (MicrosoftCorporation) ShellIconOverlayIdentifiers-x32: [ SkyDrivePro1 (ErrorConflict)] -> {8BA85C75-763B-4103-94EB-9470F12FE0F7} => C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL [2015-01-21] (MicrosoftCorporation) ShellIconOverlayIdentifiers-x32: [ SkyDrivePro2 (SyncInProgress)] -> {CD55129A-B1A1-438E-A425-CEBC7DC684EE} => C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL [2015-01-21] (MicrosoftCorporation) ShellIconOverlayIdentifiers-x32: [ SkyDrivePro3 (InSync)] -> {E768CD3B-BDDC-436D-9C13-E1B39CA257B1} => C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL [2015-01-21] (MicrosoftCorporation) ShellIconOverlayIdentifiers-x32: [EnhancedStorageShell] -> {D9144DCD-E998-4ECA-AB6A-DCD83CCBA16D} => C:\Windows\system32\EhStorShell.dll [2009-07-14] (MicrosoftCorporation) ShellIconOverlayIdentifiers-x32: [SharingPrivate] -> {08244EE6-92F0-47f2-9FC9-929BAA2E7235} => C:\Windows\system32\ntshrui.dll [2010-11-21] (MicrosoftCorporation) ContextMenuHandlers1: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} => C:\Windows\system32\syncui.dll [2010-11-21] (MicrosoftCorporation) ContextMenuHandlers1: [Open With] -> {09799AFB-AD67-11d1-ABCD-00C04FC30936} => C:\Windows\system32\shell32.dll [2010-11-21] (MicrosoftCorporation) ContextMenuHandlers1: [Open With EncryptionMenu] -> {A470F8CF-A1E8-4f65-8335-227475AA5C46} => C:\Windows\system32\shell32.dll [2010-11-21] (MicrosoftCorporation) ContextMenuHandlers1: [Sharing] -> {f81e9010-6ea4-11ce-a7ff-00aa003ca9f6} => C:\Windows\system32\ntshrui.dll [2010-11-21] (MicrosoftCorporation) ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext64.dll [2015-02-15] (AlexanderRoshal) ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext.dll [2015-02-15] (AlexanderRoshal) ContextMenuHandlers2: [EnhancedStorageShell] -> {2854F705-3548-414C-A113-93E27C808C85} => C:\Windows\system32\EhStorShell.dll [2009-07-14] (MicrosoftCorporation) ContextMenuHandlers2: [Sharing] -> {f81e9010-6ea4-11ce-a7ff-00aa003ca9f6} => C:\Windows\system32\ntshrui.dll [2010-11-21] (MicrosoftCorporation) ContextMenuHandlers3: [CopyAsPathMenu] -> {f3d06e7c-1e45-4a26-847e-f9fcdee59be0} => C:\Windows\system32\shell32.dll [2010-11-21] (MicrosoftCorporation) ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2017-05-09] (Malwarebytes) ContextMenuHandlers3: [SendTo] -> {7BA4C740-9E81-11CF-99D3-00AA004AE837} => C:\Windows\system32\shell32.dll [2010-11-21] (MicrosoftCorporation) ContextMenuHandlers4: [EncryptionMenu] -> {A470F8CF-A1E8-4f65-8335-227475AA5C46} => C:\Windows\system32\shell32.dll [2010-11-21] (MicrosoftCorporation) ContextMenuHandlers4: [Offline Files] -> {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} => C:\Windows\System32\cscui.dll [2010-11-21] (MicrosoftCorporation) ContextMenuHandlers4: [Sharing] -> {f81e9010-6ea4-11ce-a7ff-00aa003ca9f6} => C:\Windows\system32\ntshrui.dll [2010-11-21] (MicrosoftCorporation) ContextMenuHandlers5: [Gadgets] -> {6B9228DA-9C15-419e-856C-19E768A13BDC} => C:\Program Files\Windows Sidebar\sbdrop.dll [2009-07-14] (MicrosoftCorporation) ContextMenuHandlers5: [New] -> {D969A300-E7FF-11d0-A93B-00A0C90F2719} => C:\Windows\system32\shell32.dll [2010-11-21] (MicrosoftCorporation) ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\Windows\system32\nvshext.dll [2015-11-05] (NVIDIACorporation) ContextMenuHandlers5: [Sharing] -> {f81e9010-6ea4-11ce-a7ff-00aa003ca9f6} => C:\Windows\system32\ntshrui.dll [2010-11-21] (MicrosoftCorporation) ContextMenuHandlers6: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} => C:\Windows\system32\syncui.dll [2010-11-21] (MicrosoftCorporation) ContextMenuHandlers6: [Library Location] -> {3dad6c5d-2167-4cae-9914-f99e41c12cfa} => C:\Windows\system32\shell32.dll [2010-11-21] (MicrosoftCorporation) ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2017-05-09] (Malwarebytes) ContextMenuHandlers6: [Offline Files] -> {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} => C:\Windows\System32\cscui.dll [2010-11-21] (MicrosoftCorporation) ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext64.dll [2015-02-15] (AlexanderRoshal) ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext.dll [2015-02-15] (AlexanderRoshal) ContextMenuHandlers1_S-1-5-21-549369258-609413368-1550574506-1000: [GGDriveMenu] -> {E68D0A55-3C40-4712-B90D-DCFA93FF2534} => C:\Users\Krzysiek\AppData\Roaming\GG\ggdrive\ggdrive-menu.dll [2014-03-20] (GGNetworkS.A.) ContextMenuHandlers4_S-1-5-21-549369258-609413368-1550574506-1000: [GGDriveMenu] -> {E68D0A55-3C40-4712-B90D-DCFA93FF2534} => C:\Users\Krzysiek\AppData\Roaming\GG\ggdrive\ggdrive-menu.dll [2014-03-20] (GGNetworkS.A.) ContextMenuHandlers5_S-1-5-21-549369258-609413368-1550574506-1000: [GGDriveMenu] -> {E68D0A55-3C40-4712-B90D-DCFA93FF2534} => C:\Users\Krzysiek\AppData\Roaming\GG\ggdrive\ggdrive-menu.dll [2014-03-20] (GGNetworkS.A.) ==================== Zaplanowane zadania (filtrowane) ============= (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) Task: {0909BC43-65C6-4B0C-8FD2-EC4C0E13B05A} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2017-07-12] (AdobeSystemsIncorporated) Task: {14526F09-CC8D-4BC7-8373-A7BD86D0F6CC} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office\Office15\msoia.exe [2014-01-23] (MicrosoftCorporation) Task: {25E5704D-F51A-4691-907F-6C1B15FE7142} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office\Office15\msoia.exe [2014-01-23] (MicrosoftCorporation) Task: {2F57269B-1E09-4E2D-AB1E-B0FDAC7D279C} - System32\Tasks\Microsoft\Windows\WindowsBackup\ConfigNotification => C:\Windows\System32\sdclt.exe [2010-11-21] (MicrosoftCorporation) Task: {30721F59-E370-4AE0-A5F2-61F262BB0E4C} - System32\Tasks\Hybrid2 => C:\Trial\IR7\IR7.vbs [2015-11-15] () Task: {315F916A-5F66-4BA0-8F39-575E641D1D63} - System32\Tasks\IR7 => "C:\Windows\system32\cmd.exe" /c cscript.exe /b C:\Windows\System32\slmgr.vbs /rearm && net stop sppsvc && net start sppsvc Task: {3D0908CF-8593-4C45-9F5B-1559CA4AE64C} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW1 => C:\Windows\ehome\ehPrivJob.exe [2010-11-21] (MicrosoftCorporation) Task: {3D8C6CD7-5D9E-4A10-8C5F-81BAB55E1E69} - System32\Tasks\Microsoft\Windows\Media Center\ObjectStoreRecoveryTask => C:\Windows\ehome\mcupdate.exe [2010-11-21] (MicrosoftCorporation) Task: {3E09F1DA-BAE0-4F83-B48F-899054D7162B} - System32\Tasks\Microsoft\Windows\Media Center\RecordingRestart => C:\Windows\ehome\ehrec.exe [2009-07-14] (MicrosoftCorporation) Task: {41B72627-106A-49E9-909F-077B38DE3F5D} - System32\Tasks\Microsoft\Windows\Media Center\ConfigureInternetTimeService => C:\Windows\ehome\ehPrivJob.exe [2010-11-21] (MicrosoftCorporation) Task: {4831B5EF-8B8E-485F-8CDE-98D49FB08F7E} - System32\Tasks\Microsoft\Windows\Media Center\MediaCenterRecoveryTask => C:\Windows\ehome\mcupdate.exe [2010-11-21] (MicrosoftCorporation) Task: {4B4CBD5B-3CD0-4195-9061-CAC2081B2321} - System32\Tasks\Microsoft\Windows\Media Center\PvrRecoveryTask => C:\Windows\ehome\mcupdate.exe [2010-11-21] (MicrosoftCorporation) Task: {4FC7FAF7-6848-48E9-8001-7683DF80CA79} - System32\Tasks\Microsoft\Windows\Media Center\OCURDiscovery => C:\Windows\ehome\ehPrivJob.exe [2010-11-21] (MicrosoftCorporation) Task: {55AD8FDE-4324-403D-A52F-21DC9A78C7DC} - System32\Tasks\Hybrid3 => taskkill [Argument = /f /im slui.exe] Task: {5C0AEEEA-C154-45BE-8499-BEA5F11BAFF6} - System32\Tasks\Microsoft\Windows\Defrag\ScheduledDefrag => C:\Windows\system32\defrag.exe [2009-07-14] (MicrosoftCorp.) Task: {5EF753EB-902E-40DC-B1F0-119C8B40DE85} - System32\Tasks\Microsoft\Windows\Media Center\PvrScheduleTask => C:\Windows\ehome\mcupdate.exe [2010-11-21] (MicrosoftCorporation) Task: {72DB7465-BC54-491B-A92A-4637A28C9BBF} - System32\Tasks\Microsoft\Windows\AppID\VerifiedPublisherCertStoreCheck => C:\Windows\system32\appidcertstorecheck.exe [2009-07-14] (MicrosoftCorporation) Task: {7396C034-5053-4959-9984-15551D473F29} - System32\Tasks\Microsoft\Windows\Media Center\ehDRMInit => C:\Windows\ehome\ehPrivJob.exe [2010-11-21] (MicrosoftCorporation) Task: {74F94289-A781-4772-8302-CD6A50BEFDB0} - System32\Tasks\Hybrid4 => taskkill [Argument = /f /im sppsvc.exe] Task: {753C47AE-EC5E-44B3-95A9-2C8E553F0E39} - System32\Tasks\Microsoft\Windows\Windows Media Sharing\UpdateLibrary => C:\Program Files\Windows Media Player\wmpnscfg.exe [2009-07-14] (MicrosoftCorporation) Task: {77C148E5-AEEE-4053-9E37-CDB078C0820C} - System32\Tasks\Microsoft\Windows\Media Center\RegisterSearch => C:\Windows\ehome\ehPrivJob.exe [2010-11-21] (MicrosoftCorporation) Task: {78AC3E6E-9F6C-40D5-9442-E05092B7C2CB} - System32\Tasks\Microsoft\Windows\Media Center\DispatchRecoveryTasks => C:\Windows\ehome\ehPrivJob.exe [2010-11-21] (MicrosoftCorporation) Task: {8329A66F-F334-4144-85AF-BAE6255473BB} - System32\Tasks\{94C07ABA-05F4-48B5-B283-93C1A7904240} => "c:\program files (x86)\mozilla firefox\firefox.exe" hxxps://ui.skype.com/ui/0/7.33.0.105/pl/abandoninstall?source=lightinstaller&page=tsBing Task: {849BAF83-47FE-48FE-B449-440D94A279F4} - System32\Tasks\Microsoft\Windows\Media Center\UpdateRecordPath => C:\Windows\ehome\ehPrivJob.exe [2010-11-21] (MicrosoftCorporation) Task: {8B254520-551D-46EC-8C69-4AE6323BAB78} - System32\Tasks\Microsoft\Windows\Media Center\InstallPlayReady => C:\Windows\ehome\ehPrivJob.exe [2010-11-21] (MicrosoftCorporation) Task: {8E2810FE-53FA-42E4-8E0F-76BB11AD7EF1} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2015-10-19] (PiriformLtd) Task: {A1553EE1-DC1B-49BB-8308-34471F9BA16D} - System32\Tasks\Microsoft\Windows\Media Center\ReindexSearchRoot => C:\Windows\ehome\ehPrivJob.exe [2010-11-21] (MicrosoftCorporation) Task: {A48CABBF-24C8-4B87-B00F-9261807C3B43} - System32\Tasks\Microsoft\Windows\AppID\PolicyConverter => C:\Windows\system32\appidpolicyconverter.exe [2009-07-14] (MicrosoftCorporation) Task: {A6AF9377-77CE-47AB-AD7D-EC32CAD0C82D} - System32\Tasks\Microsoft\Windows\Location\Notifications => C:\Windows\System32\LocationNotifications.exe [2009-07-14] (MicrosoftCorporation) Task: {A8E28069-339F-443E-B1BB-3519112F5109} - System32\Tasks\AutoPico Daily Restart => C:\Program Files\KMSpico\AutoPico.exe [2015-02-02] (@ByELDI) Task: {AC4E5ACF-89F7-4220-BA21-81EE183975E2} - System32\Tasks\Microsoft\Windows\Application Experience\AitAgent => C:\Windows\system32\aitagent.exe [2010-11-21] (MicrosoftCorporation) Task: {B1A7D9FE-721D-49F9-90C1-04D378335799} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW2 => C:\Windows\ehome\ehPrivJob.exe [2010-11-21] (MicrosoftCorporation) Task: {B4245B63-768B-490C-8E1E-0E49A303E334} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2017-07-19] (AdobeSystemsIncorporated) Task: {C016366B-7126-46CA-B36B-592A3D95A60B} - System32\Tasks\Microsoft\Windows\Customer Experience Improvement Program\Consolidator => C:\Windows\System32\wsqmcons.exe [2010-11-21] (MicrosoftCorporation) Task: {CB3D64BF-C0C9-45FF-BFB0-FF1A8F680186} - System32\Tasks\Microsoft\Windows\RemoteAssistance\RemoteAssistanceTask => C:\Windows\system32\RAServer.exe [2009-07-14] (MicrosoftCorporation) Task: {CF3A7474-85D4-4837-B6B2-DBAC24AEB7E6} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate => C:\Windows\ehome\mcupdate.exe [2010-11-21] (MicrosoftCorporation) Task: {D0250F3F-6480-484F-B719-42F659AC64D5} - System32\Tasks\Microsoft\Windows\Windows Error Reporting\QueueReporting => C:\Windows\system32\wermgr.exe [2009-07-14] (MicrosoftCorporation) Task: {D1F0FA39-4DD2-469C-8270-BFD239D0BD50} - System32\Tasks\Microsoft\Windows\Media Center\OCURActivate => C:\Windows\ehome\ehPrivJob.exe [2010-11-21] (MicrosoftCorporation) Task: {D43DD98D-A3EB-4942-BAB1-4627F4692611} - System32\Tasks\Microsoft\Windows\Media Center\PeriodicScanRetry => C:\Windows\ehome\MCUpdate.exe [2010-11-21] (MicrosoftCorporation) Task: {E1568BCB-8603-4933-A4BF-2F732D2235DC} - System32\Tasks\Microsoft\Windows\DiskDiagnostic\Microsoft-Windows-DiskDiagnosticResolver => C:\Windows\system32\DFDWiz.exe [2009-07-14] (MicrosoftCorporation) Task: {E3163C33-301D-4730-A266-5518C5ED3967} - System32\Tasks\Microsoft\Windows\Bluetooth\UninstallDeviceTask => C:\Windows\system32\BthUdTask.exe [2009-07-14] (MicrosoftCorporation) Task: {E8D1F800-A00D-42F8-B2DD-E5B671593277} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscovery => C:\Windows\ehome\ehPrivJob.exe [2010-11-21] (MicrosoftCorporation) Task: {E9507801-CFAB-47AB-8B27-2FFEBD9B6D29} - System32\Tasks\Microsoft\Windows\Media Center\ActivateWindowsSearch => C:\Windows\ehome\ehPrivJob.exe [2010-11-21] (MicrosoftCorporation) Task: {EB02381F-D652-4B1C-894A-712498C62C51} - System32\Tasks\Microsoft\Windows\MUI\LPRemove => C:\Windows\system32\lpremove.exe [2009-07-14] (MicrosoftCorporation) Task: {F0C46EA1-1BE8-45E5-A0F4-1C1D2345A734} - System32\Tasks\Opera scheduled Autoupdate 1447527222 => C:\Program Files (x86)\Opera\launcher.exe Task: {F58F694A-4EA6-44EC-9116-D276F016382B} - System32\Tasks\Microsoft\Windows\Media Center\SqlLiteRecoveryTask => C:\Windows\ehome\mcupdate.exe [2010-11-21] (MicrosoftCorporation) Task: {F77618D8-39D5-4888-B0BB-99CB2BA36390} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe [2014-01-23] (MicrosoftCorporation) Task: {FB3C354D-297A-4EB2-9B58-090F6361906B} - System32\Tasks\Microsoft\Windows\Power Efficiency Diagnostics\AnalyzeSystem => C:\Windows\System32\powercfg.exe [2009-07-14] (MicrosoftCorporation) (Załączenie wejścia w fixlist spowoduje przesunięcie pliku zadania (.job). Plik uruchamiany docelowo przez zadanie nie zostanie przeniesiony.) ==================== Skróty & WMI ======================== (Wybrane wejścia mogą zostać załączone w celu ich zresetowania lub usunięcia.) ==================== Załadowane moduły (filtrowane) ============== 2015-11-13 16:45 - 2015-11-05 17:13 - 000116528 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll 2015-10-19 22:00 - 2015-10-19 22:00 - 000061440 _____ () C:\Program Files\CCleaner\lang\lang-1045.dll 2017-08-07 10:54 - 2017-06-27 12:06 - 002260432 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\MwacLib.dll 2017-06-20 11:28 - 2017-06-20 11:28 - 001997792 ____R () C:\Program Files (x86)\Skype\Phone\skypert.dll 2015-11-23 20:10 - 2009-02-27 17:38 - 000139264 ____R () C:\Program Files (x86)\Brother\BrUtilities\BrLogAPI.dll 2015-11-13 16:45 - 2015-11-05 19:13 - 000013088 _____ () C:\Program Files (x86)\NVIDIA Corporation\Update Core\detoured.dll 2013-05-04 13:57 - 2013-05-04 13:57 - 000095712 _____ () F:\Programy\foobar2000\zlib1.dll 2015-11-02 15:34 - 2015-11-02 15:34 - 000160528 _____ () F:\Programy\foobar2000\shared.dll 2015-11-02 15:30 - 2015-11-02 15:30 - 000204800 _____ () F:\Programy\foobar2000\components\foo_dsp_eq.dll 2015-11-02 15:30 - 2015-11-02 15:30 - 000536064 _____ () F:\Programy\foobar2000\components\foo_converter.dll 2015-11-02 15:31 - 2015-11-02 15:31 - 000375296 _____ () F:\Programy\foobar2000\components\foo_rgscan.dll 2015-11-02 15:30 - 2015-11-02 15:30 - 000250368 _____ () F:\Programy\foobar2000\components\foo_dsp_std.dll 2015-11-02 15:31 - 2015-11-02 15:31 - 000356352 _____ () F:\Programy\foobar2000\components\foo_albumlist.dll 2015-11-02 15:34 - 2015-11-02 15:34 - 001088296 _____ () F:\Programy\foobar2000\components\foo_ui_std.dll 2015-11-02 15:34 - 2015-11-02 15:34 - 001398048 _____ () F:\Programy\foobar2000\components\foo_input_std.dll 2015-11-02 15:30 - 2015-11-02 15:30 - 000309760 _____ () F:\Programy\foobar2000\components\foo_cdda.dll 2015-11-02 15:30 - 2015-11-02 15:30 - 000294912 _____ () F:\Programy\foobar2000\components\foo_fileops.dll 2015-11-02 15:30 - 2015-11-02 15:30 - 000263680 _____ () F:\Programy\foobar2000\components\foo_unpack.dll 2015-11-02 15:30 - 2015-11-02 15:30 - 000307200 _____ () F:\Programy\foobar2000\components\foo_freedb2.dll ==================== Alternate Data Streams (filtrowane) ========= (Załączenie wejścia w fixlist spowoduje usunięcie strumienia ADS.) ==================== Tryb awaryjny (filtrowane) =================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Wartość "AlternateShell" zostanie przywrócona.) HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service" ==================== Powiązania plików (filtrowane) =============== (Załączenie wejścia w fixlist spowoduje usunięcie obiektu z rejestru lub przywrócenie jego domyślnej postaci.) ==================== Internet Explorer - Witryny zaufane i z ograniczeniami =============== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru.) ==================== Hosts - zawartość: =============================== (Użycie dyrektywy Hosts: w fixlist spowoduje reset pliku Hosts.) 2009-07-14 04:34 - 2009-06-10 23:00 - 000000824 _____ C:\Windows\system32\Drivers\etc\hosts ==================== Inne obszary ============================ (Obecnie brak automatycznej naprawy dla tej sekcji.) HKU\S-1-5-21-549369258-609413368-1550574506-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Krzysiek\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg DNS Servers: 8.8.8.8 - 8.8.4.4 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 0) Zapora systemu Windows [funkcja włączona] ==================== MSCONFIG/TASK MANAGER - Wyłączone elementy == MSCONFIG\startupreg: CCleaner Monitoring => "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR MSCONFIG\startupreg: GG => "C:\Users\Krzysiek\AppData\Local\GG\Application\gghub.exe" MSCONFIG\startupreg: NvBackend => "C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe" MSCONFIG\startupreg: Start WingMan Profiler => C:\Program Files\Logitech\Gaming Software\LWEMon.exe /noui MSCONFIG\startupreg: SunJavaUpdateSched => "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" MSCONFIG\startupreg: XperiaCompanionAgent => "C:\Program Files (x86)\Sony\Xperia Companion\XperiaCompanionAgent.exe" ==================== Reguły Zapory systemu Windows (filtrowane) =============== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) FirewallRules: [{36F9BC28-FF05-4C75-9D54-64C965201067}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe FirewallRules: [{4A1DCE09-52A9-431F-9909-3E6D6C12F233}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe FirewallRules: [{D513128F-8367-484C-A7FA-C396EC1F7EE0}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe FirewallRules: [{C2BDEEA4-E47B-42E6-B7AB-E3E53900BAF3}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe FirewallRules: [{0EC6AC41-25E4-4A67-A3CF-067DC151683E}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe FirewallRules: [{C23765B1-4AA1-402D-B6CC-D630348137A6}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe FirewallRules: [{7BB87E82-9665-479A-A776-01C91667FF8D}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe FirewallRules: [{E58E7991-BAB0-45F1-8A8E-4AC657EAA08E}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe FirewallRules: [{E47B19E2-50CF-419E-9875-84EF445F50E2}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe FirewallRules: [{CF28C8FF-A5C2-492C-9E9E-8BED952BABC6}] => (Allow) E:\Steam\Steam.exe FirewallRules: [{4A321A57-786C-493B-8380-45D29FCA38BD}] => (Allow) E:\Steam\Steam.exe FirewallRules: [{66F6A08E-71F3-4813-A82B-F8429CAB424F}] => (Allow) E:\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe FirewallRules: [{118D8C64-F399-4A43-B20E-E28F3D8288E4}] => (Allow) E:\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe FirewallRules: [{85B8FDB7-69E4-4E85-878D-402C147C00F4}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe FirewallRules: [{E89143BB-8CAB-4AA2-AB7D-5EC9BF477187}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe FirewallRules: [{1615416B-1CD5-476E-BD13-AE2FEE74F196}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe FirewallRules: [{91F1C933-4CFD-4968-8FC8-0B4A292DAD34}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe FirewallRules: [{57AAFB29-BE45-4C5F-BAC1-54EB555BA3CD}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe FirewallRules: [{B2BB13BB-0600-49C9-882E-83CE55EC6664}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe FirewallRules: [TCP Query User{E92182F4-6EFE-4CBE-A534-33C6FC86A326}E:\hearthstone\hearthstone\hearthstone.exe] => (Allow) E:\hearthstone\hearthstone\hearthstone.exe FirewallRules: [UDP Query User{5E6965FA-200C-4D91-8095-F1441EF24B57}E:\hearthstone\hearthstone\hearthstone.exe] => (Allow) E:\hearthstone\hearthstone\hearthstone.exe FirewallRules: [{EDE85280-8F70-4700-8565-8F3CA52F9345}] => (Allow) C:\Program Files (x86)\Sony\Xperia Companion\XperiaCompanion.exe FirewallRules: [TCP Query User{048CE37E-44D1-4B4E-8AF0-2F7A0031B41F}E:\origin games\fifa 17\fifa17.exe] => (Allow) E:\origin games\fifa 17\fifa17.exe FirewallRules: [UDP Query User{3FD41799-9067-44AE-AD3A-C2AA41006BC5}E:\origin games\fifa 17\fifa17.exe] => (Allow) E:\origin games\fifa 17\fifa17.exe FirewallRules: [{9D1F8CCF-EA36-4953-A5ED-27F2477F086F}] => (Allow) E:\Steam\bin\cef\cef.win7\steamwebhelper.exe FirewallRules: [{AE47E61E-160D-4BF9-88A4-3A55D2997AE3}] => (Allow) E:\Steam\bin\cef\cef.win7\steamwebhelper.exe FirewallRules: [{595C160E-66F5-4D33-8D35-F61A12000545}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe FirewallRules: [{EDA2C835-EB1C-4F98-8A59-4F57E0271FCB}] => (Allow) E:\Origin Games\FIFA 17\FIFASetup\fifaconfig.exe FirewallRules: [{1F9A5CE3-A600-42B3-9C1D-7C4EAF823B84}] => (Allow) E:\Origin Games\FIFA 17\FIFASetup\fifaconfig.exe FirewallRules: [{F3E29742-5FDB-475B-93AE-D3F4FF88A00B}] => (Allow) LPort=1688 FirewallRules: [{ED5EF7F4-0B12-4F1A-8068-B1DB07DAC05E}] => (Allow) C:\Program Files\KMSpico\Service_KMS.exe FirewallRules: [{BA663F22-C034-4D7F-8C75-F13C83E898F6}] => (Allow) C:\Program Files\KMSpico\Service_KMS.exe ==================== Punkty Przywracania systemu ========================= 24-07-2017 20:47:01 Zaplanowany punkt kontrolny 31-07-2017 23:06:33 Zaplanowany punkt kontrolny ==================== Wadliwe urządzenia w Menedżerze urządzeń ============= Name: Unknown Device Description: Unknown Device Class Guid: {36fc9e60-c465-11cf-8056-444553540000} Manufacturer: (Standardowy kontroler hosta USB) Service: Problem: : Windows has stopped this device because it has reported problems. (Code 43) Resolution: One of the drivers controlling the device notified the operating system that the device failed in some manner. For more information about how to diagnose the problem, see the hardware documentation. ==================== Błędy w Dzienniku zdarzeń: ========================= Dziennik Aplikacja: ================== Error: (08/07/2017 02:03:14 PM) (Source: WinMgmt) (EventID: 10) (User: ) Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected. Error: (08/07/2017 12:23:53 PM) (Source: WinMgmt) (EventID: 10) (User: ) Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected. Error: (08/07/2017 11:02:43 AM) (Source: WinMgmt) (EventID: 10) (User: ) Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected. Error: (08/07/2017 10:54:41 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 4107) (User: ) Description: Nie można wyodrębnić listy głównej innych firm z pliku cab automatycznej aktualizacji z: , wystąpił błąd: Wymagany certyfikat jest poza okresem ważności, co wynika z weryfikacji bieżącego zegara systemowego lub sygnatury czasowej. . Error: (08/07/2017 10:54:41 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 4107) (User: ) Description: Nie można wyodrębnić listy głównej innych firm z pliku cab automatycznej aktualizacji z: , wystąpił błąd: Wymagany certyfikat jest poza okresem ważności, co wynika z weryfikacji bieżącego zegara systemowego lub sygnatury czasowej. . Error: (08/07/2017 10:52:53 AM) (Source: WinMgmt) (EventID: 10) (User: ) Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected. Error: (08/06/2017 05:16:42 PM) (Source: WinMgmt) (EventID: 10) (User: ) Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected. Error: (08/04/2017 02:42:02 PM) (Source: WinMgmt) (EventID: 10) (User: ) Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected. Error: (08/04/2017 11:36:44 AM) (Source: WinMgmt) (EventID: 10) (User: ) Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected. Error: (08/04/2017 12:36:41 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 4107) (User: ) Description: Nie można wyodrębnić listy głównej innych firm z pliku cab automatycznej aktualizacji z: , wystąpił błąd: Wymagany certyfikat jest poza okresem ważności, co wynika z weryfikacji bieżącego zegara systemowego lub sygnatury czasowej. . Dziennik System: ============= Error: (08/07/2017 02:02:13 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Nie można uruchomić usługi Origin Web Helper Service z powodu następującego błędu: Usługa nie odpowiada na sygnał uruchomienia lub sygnał sterujący w oczekiwanym czasie. Error: (08/07/2017 02:02:13 PM) (Source: Service Control Manager) (EventID: 7009) (User: ) Description: Upłynął limit czasu (30000 ms) podczas oczekiwania na połączenie się z usługą Origin Web Helper Service. Error: (08/07/2017 12:23:23 PM) (Source: WMPNetworkSvc) (EventID: 14332) (User: ) Description: Nie można poprawnie uruchomić usługi „WMPNetworkSvc”, ponieważ funkcja CoCreateInstance(CLSID_UPnPDeviceFinder) napotkała błąd „0x80004005”. Sprawdź, czy usługa UPnPHost jest uruchomiona i czy składnik UPnPHost systemu Windows jest zainstalowany właściwie. Error: (08/07/2017 12:22:47 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Nie można uruchomić usługi Origin Web Helper Service z powodu następującego błędu: Usługa nie odpowiada na sygnał uruchomienia lub sygnał sterujący w oczekiwanym czasie. Error: (08/07/2017 12:22:47 PM) (Source: Service Control Manager) (EventID: 7009) (User: ) Description: Upłynął limit czasu (30000 ms) podczas oczekiwania na połączenie się z usługą Origin Web Helper Service. Error: (08/07/2017 11:18:47 AM) (Source: Disk) (EventID: 7) (User: ) Description: W urządzeniu \Device\Harddisk0\DR0 wystąpił zły blok. Error: (08/07/2017 11:18:46 AM) (Source: Disk) (EventID: 7) (User: ) Description: W urządzeniu \Device\Harddisk0\DR0 wystąpił zły blok. Error: (08/07/2017 11:18:44 AM) (Source: Disk) (EventID: 7) (User: ) Description: W urządzeniu \Device\Harddisk0\DR0 wystąpił zły blok. Error: (08/07/2017 11:18:43 AM) (Source: Disk) (EventID: 7) (User: ) Description: W urządzeniu \Device\Harddisk0\DR0 wystąpił zły blok. Error: (08/07/2017 11:18:41 AM) (Source: Disk) (EventID: 7) (User: ) Description: W urządzeniu \Device\Harddisk0\DR0 wystąpił zły blok. CodeIntegrity: =================================== Date: 2017-01-02 20:04:28.012 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\SysWOW64\drivers\REMOVE.SYS because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2017-01-02 20:04:28.012 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\SysWOW64\drivers\REMOVE.SYS because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2017-01-02 20:04:27.638 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\SysWOW64\drivers\REMOVE.SYS because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2017-01-02 20:04:27.622 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\SysWOW64\drivers\REMOVE.SYS because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2015-11-14 20:22:32.091 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files (x86)\Malwarebytes Anti-Malware\mbampt.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2015-11-14 20:22:32.070 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files (x86)\Malwarebytes Anti-Malware\mbampt.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2015-11-14 20:14:43.216 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2015-11-14 20:14:43.200 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2015-11-13 15:04:25.376 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\SysWOW64\drivers\REMOVE.SYS because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2015-11-13 15:04:25.360 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\SysWOW64\drivers\REMOVE.SYS because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. ==================== Statystyki pamięci =========================== Procesor: AMD Phenom(tm) II X4 955 Processor Procent pamięci w użyciu: 37% Całkowita pamięć fizyczna: 4091.93 MB Dostępna pamięć fizyczna: 2562.38 MB Całkowita pamięć wirtualna: 8182.06 MB Dostępna pamięć wirtualna: 6523.85 MB ==================== Dyski ================================ Drive c: () (Fixed) (Total:78.12 GB) (Free:26.7 GB) NTFS Drive e: (Gry) (Fixed) (Total:143.27 GB) (Free:87.66 GB) NTFS Drive f: (Dane) (Fixed) (Total:244.14 GB) (Free:199.85 GB) NTFS ==================== MBR & Tablica partycji ================== ======================================================== Disk: 0 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: 00000000) Partition: GPT. ==================== Koniec Addition.txt ============================