Rezultaty skanu uzupełniającego Farbar Recovery Scan Tool (x64) Wersja: 04-09-2019 Uruchomiony przez Jola (08-09-2019 18:56:05) Uruchomiony z C:\Users\Jola\Documents\Nowy folder (2) Windows 10 Home Wersja 1903 18362.295 (X64) (2019-08-05 21:10:35) Tryb startu: Normal ========================================================== ==================== Konta użytkowników: ============================= Administrator (S-1-5-21-1146579958-381356915-3942461415-500 - Administrator - Disabled) Dawid (S-1-5-21-1146579958-381356915-3942461415-1002 - Administrator - Enabled) => C:\Users\Dawid Gość (S-1-5-21-1146579958-381356915-3942461415-501 - Limited - Disabled) Jola (S-1-5-21-1146579958-381356915-3942461415-1001 - Administrator - Enabled) => C:\Users\Jola Konto domyślne (S-1-5-21-1146579958-381356915-3942461415-503 - Limited - Disabled) WDAGUtilityAccount (S-1-5-21-1146579958-381356915-3942461415-504 - Limited - Disabled) ==================== Centrum zabezpieczeń ======================== (Załączenie wejścia w fixlist spowoduje jego usunięcie.) AV: Pakiet Bezpieczeństwa UPC by F-Secure (Disabled - Up to date) {8AC831E5-DF57-0DC0-D07B-4DE1A5FFFD9A} AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: Pakiet Bezpieczeństwa UPC by F-Secure (Enabled - Up to date) {31A9D001-F96D-024E-EACB-7693DE78B727} ==================== Zainstalowane programy ====================== (W fixlist dozwolone tylko załączanie programów adware z flagą "Hidden" w celu ich uwidocznienia. Programy adware powinny zostać w poprawny sposób odinstalowane.) 12 Labours of Hercules III: Girl Power (HKLM-x32\...\WTA-48a530bf-e0d2-4546-8ca9-330e01d1ed94) (Version: 3.0.2.118 - WildTangent) Hidden abFiles (HKLM-x32\...\{13885028-098C-4799-9B71-27DAC96502D5}) (Version: 2.03.2003 - Acer Incorporated) abPhoto (HKLM-x32\...\{B5AD89F2-03D3-4206-8487-018298007DD0}) (Version: 4.00.2001.1 - Acer Incorporated) Acer Portal (HKLM-x32\...\{A5AD0B17-F34D-49BE-A157-C8B3D52ACD13}) (Version: 3.12.2006 - Acer Incorporated) Acer UEIP Framework (HKLM\...\{12A718F2-2357-4D41-9E1F-18583A4745F7}) (Version: 3.01.3001 - Acer Incorporated) Adobe Acrobat Reader DC - Polish (HKLM-x32\...\{AC76BA86-7AD7-1045-7B44-AC0F074E4100}) (Version: 19.012.20040 - Adobe Systems Incorporated) Amazon Assistant (HKLM-x32\...\{0538B1C2-85C1-4ECC-BA77-61F537D81092}) (Version: 10.18.0221 - Amazon) <==== UWAGA Ansel (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Ansel) (Version: 382.05 - NVIDIA Corporation) Hidden AOP Framework (HKLM-x32\...\{4A37A114-702F-4055-A4B6-16571D4A5353}) (Version: 3.25.2001.0 - Acer Incorporated) App Explorer (HKU\S-1-5-21-1146579958-381356915-3942461415-1001\...\Host App Service) (Version: 0.273.3.622 - SweetLabs) <==== UWAGA BlueStacks 3 (HKLM-x32\...\BlueStacks) (Version: 3.7.18.2302 - BlueStack Systems, Inc.) Bonjour (HKLM\...\{B91110FB-33B4-468B-90C2-4D5E8AE3FAE1}) (Version: 2.0.2.0 - Apple Inc.) CCleaner (HKLM\...\CCleaner) (Version: 5.59 - Piriform) CyberLink PowerDVD 12 (HKLM-x32\...\InstallShield_{B46BEA36-0B71-4A4E-AE41-87241643FA0A}) (Version: 12.0.5917.02 - CyberLink Corp.) DAEMON Tools Lite (HKLM\...\DAEMON Tools Lite) (Version: 10.8.0.0466 - Disc Soft Ltd) Dashlane Upgrade Service (HKLM-x32\...\Dashlane Upgrade Service) (Version: 2.1.17.0 - Dashlane, Inc.) DriverSetupUtility (HKLM\...\{2B51C83A-465D-4EA9-9CDC-1ED95ED09AC6}) (Version: 1.00.3015 - Acer Incorporated) F-Secure Ultralight 1.0.5438.0 (release) (cc0c4f981bd2f23d1e5e325af11ed0a0ecf2a348) (HKLM-x32\...\{C75644E8-5FB5-4B8F-8FD2-08CC5D7ECD87}) (Version: 1.0.5438.0 - F-Secure Corporation) Hidden Game Explorer Categories - genres (HKLM-x32\...\WildTangentGameProvider-acer-genres) (Version: 13.0.0.6 - WildTangent, Inc.) Game Explorer Categories - main (HKLM-x32\...\WildTangentGameProvider-acer-main) (Version: 13.0.0.6 - WildTangent, Inc.) Google Chrome (HKLM-x32\...\Google Chrome) (Version: 76.0.3809.132 - Google LLC) Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.34.11 - Google LLC) Hidden Home Makeover (HKLM-x32\...\WTA-365bbc02-f8be-42a4-9d5b-abf6f80ab673) (Version: 3.0.2.59 - WildTangent) Hidden Intel(R) Chipset Device Software (HKLM-x32\...\{61a0f1f5-c77e-4992-ba85-029f93cd8d18}) (Version: 10.1.1.27 - Intel(R) Corporation) Hidden Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 11.5.0.1015 - Intel Corporation) Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 24.20.100.6286 - Intel Corporation) Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 15.0.0.1039 - Intel Corporation) Intel(R) Serial IO (HKLM\...\{9FD91C5C-44AE-4D9D-85BE-AE52816B0294}) (Version: 30.63.1620.3 - Intel Corporation) Intel® Security Assist (HKLM-x32\...\{8B08DDA1-FDE7-4897-8EB6-E0B048A6D88B}) (Version: 1.0.1.618 - Intel Corporation) Jewel Match 3 (HKLM-x32\...\WTA-1eb7bcbe-d7ae-4c84-b301-409878b1952c) (Version: 2.2.0.97 - WildTangent) Hidden Jewel Match Snowscapes (HKLM-x32\...\WTA-70d2f668-a65b-4fab-80fc-b76c09de7465) (Version: 3.0.2.118 - WildTangent) Hidden K-Lite Mega Codec Pack 12.9.5 (HKLM-x32\...\KLiteCodecPack_is1) (Version: 12.9.5 - KLCP) Magic Academy (HKLM-x32\...\WTA-afbd2202-2653-4b86-9eab-e98c5437c6d6) (Version: 2.2.0.97 - WildTangent) Hidden Microsoft Office Professional Plus 2013 (HKLM\...\Office15.PROPLUS) (Version: 15.0.4420.1017 - Microsoft Corporation) Microsoft OneDrive (HKU\S-1-5-21-1146579958-381356915-3942461415-1001\...\OneDriveSetup.exe) (Version: 19.152.0801.0007 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319 (HKLM\...\{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}) (Version: 10.0.30319 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319 (HKLM-x32\...\{196BB40D-1578-3D01-B289-BEFC77A11A1E}) (Version: 10.0.30319 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{7f51bdb9-ee21-49ee-94d6-90afc321780e}) (Version: 12.0.21005.1 - Microsoft Corporation) Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.23506 (HKLM-x32\...\{3ee5e5bb-b7cc-4556-8861-a00a82977d6c}) (Version: 14.0.23506.0 - Microsoft Corporation) Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM-x32\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation) Mozilla Firefox 45.0 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 45.0 (x86 en-US)) (Version: 45.0 - Mozilla) Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 45.0 - Mozilla) Narzędzia sprawdzające pakietu Microsoft Office 2013 — polski (HKLM\...\{90150000-001F-0415-1000-0000000FF1CE}) (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden NVIDIA GeForce Experience 2.10.2.40 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.10.2.40 - NVIDIA Corporation) NVIDIA PhysX System Software 9.15.0428 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.15.0428 - NVIDIA Corporation) Pakiet Bezpieczeństwa UPC (HKLM-x32\...\{4DA7D88D-BAE1-4FC3-B268-B2E64E8334F1}) (Version: 17.6 - F-Secure Corporation) Panel sterowania NVIDIA 382.05 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel) (Version: 382.05 - NVIDIA Corporation) Hidden Polar Bowler 1st Frame (HKLM-x32\...\WTA-1c8e44d1-2249-482a-839e-fd2aadf099a5) (Version: 3.0.2.59 - WildTangent) Hidden Qualcomm Atheros 11ac Wireless LAN Installer (HKLM-x32\...\{20CA507E-24AA-4741-87CF-CC1B250790B7}) (Version: 11.0.10299 - Qualcomm Atheros) Qualcomm Atheros Bluetooth Installer (64) (HKLM\...\{628988B4-3FA5-4EA6-BAA3-DA640F6718BD}) (Version: 10.0.0.191 - Qualcomm Atheros) Rayman3 (HKLM-x32\...\{BAF5914B-5730-4373-B038-9F436AC6A0D6}) (Version: 1.00.0000 - Ubi Soft) Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 10.0.10586.21287 - Realtek Semiconduct Corp.) Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 10.6.1001.2015 - Realtek) Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.8569 - Realtek Semiconductor Corp.) Recuva (HKLM\...\Recuva) (Version: 1.53 - Piriform) Rory's Restaurant (HKLM-x32\...\WTA-0f3dd366-b9f5-4c36-98b1-11bf976c544f) (Version: 3.0.2.126 - WildTangent) Hidden Runefall (HKLM-x32\...\WTA-06d0ffa3-2868-4619-be80-8538fb874a1e) (Version: 3.0.2.126 - WildTangent) Hidden Samsung Printer Live Update (HKLM-x32\...\Samsung Printer Live Update) (Version: 1.01.00:04(2013-04-22) - Samsung Electronics Co., Ltd.) Samsung SCX-3400 Series (HKLM-x32\...\Samsung SCX-3400 Series) (Version: () - Samsung Electronics Co., Ltd.) Samsung Universal Print Driver 2 XPS (HKLM-x32\...\Samsung Universal Print Driver 2 XPS) (Version: 2.50.05.00 - Samsung Electronics Co., Ltd.) SHIELD Streaming (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_GFExperience.NvStreamSrv) (Version: 5.1.0270 - NVIDIA Corporation) Hidden SHIELD Wireless Controller Driver (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_ShieldWirelessController) (Version: 2.10.2.40 - NVIDIA Corporation) Hidden Skype™ 7.38 (HKLM-x32\...\{3B7E914A-93D5-4A29-92BB-AF8C3F66C431}) (Version: 7.38.101 - Skype Technologies S.A.) Spotify Weblink (HKLM-x32\...\{8CADF0CB-E834-4019-9B11-B84E051F2A8E}) (Version: 1.16.1210 - Acer) Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{16AD6161-2E47-4BF1-AA77-0946EFE93E08}) (Version: 2.61.0.0 - Microsoft Corporation) Update Installer for WildTangent Games App (HKLM-x32\...\{2FA94A64-C84E-49d1-97DD-7BF06C7BBFB2}.WildTangent Games App) (Version: - WildTangent) Hidden Vegas World (HKLM-x32\...\WildTangentGDF-acer-vegasworld) (Version: 13.0.0.6 - WildTangent) Hidden Villagers and Heroes (HKLM-x32\...\WildTangentGDF-acer-villagersandheroes) (Version: 13.0.0.6 - WildTangent) Hidden Vulkan Run Time Libraries 1.0.42.1 (HKLM\...\VulkanRT1.0.42.1) (Version: 1.0.42.1 - LunarG, Inc.) WildTangent Games (HKLM-x32\...\WildTangent wildgames Master Uninstall) (Version: 1.0.4.0 - WildTangent) WildTangent Games App (HKLM-x32\...\{70B446D1-E03B-4ab0-9B3C-0832142C9AA8}.WildTangent Games App-acer) (Version: 4.1.1.12 - WildTangent) Hidden WinRAR 5.40 (64-bitowy) (HKLM\...\WinRAR archiver) (Version: 5.40.0 - win.rar GmbH) Packages: ========= Candy Crush Soda Saga -> C:\Program Files\WindowsApps\king.com.CandyCrushSodaSaga_1.146.600.0_x86__kgqvnymyfvs32 [2019-08-28] (king.com) Dolby Access -> C:\Program Files\WindowsApps\DolbyLaboratories.DolbyAccess_3.0.3340.0_x64__rz1tebttyb220 [2019-08-31] (Dolby Laboratories) Kindle -> C:\Program Files\WindowsApps\AMZNMobileLLC.KindleforWindows8_2.1.0.2_neutral__stfe6vwa9jnbp [2017-03-05] (AMZN Mobile LLC) Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-01-20] (Microsoft Corporation) [MS Ad] Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-01-20] (Microsoft Corporation) [MS Ad] Microsoft News - Wiadomości -> C:\Program Files\WindowsApps\Microsoft.BingNews_4.31.12124.0_x64__8wekyb3d8bbwe [2019-08-08] (Microsoft Corporation) [MS Ad] Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.4.8204.0_x64__8wekyb3d8bbwe [2019-08-29] (Microsoft Studios) [MS Ad] MSN Finanse -> C:\Program Files\WindowsApps\Microsoft.BingFinance_4.31.11905.0_x64__8wekyb3d8bbwe [2019-07-19] (Microsoft Corporation) [MS Ad] MSN Pogoda -> C:\Program Files\WindowsApps\Microsoft.BingWeather_4.31.11905.0_x64__8wekyb3d8bbwe [2019-07-20] (Microsoft Corporation) [MS Ad] MSN Sport -> C:\Program Files\WindowsApps\Microsoft.BingSports_4.31.11905.0_x64__8wekyb3d8bbwe [2019-07-19] (Microsoft Corporation) [MS Ad] Music Maker Jam -> C:\Program Files\WindowsApps\MAGIX.MusicMakerJam_3.0.0.0_x64__a2t3txkz9j1jw [2019-07-26] (MAGIX) Netflix -> C:\Program Files\WindowsApps\4DF9E0F8.Netflix_6.93.478.0_x64__mcm4njqhnhss8 [2019-06-27] (Netflix, Inc.) Poczta i Kalendarz -> C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11901.20184.0_x64__8wekyb3d8bbwe [2019-08-02] (Microsoft Corporation) [MS Ad] Samsung Printer Experience -> C:\Program Files\WindowsApps\SAMSUNGELECTRONICSCO.LTD.SamsungPrinterExperience_1.3.15.0_x64__3c1yjt4zspk6g [2017-05-21] (Samsung Electronics Co. Ltd.) Twitter -> C:\Program Files\WindowsApps\9E2F88E3.Twitter_6.1.4.1000_neutral__wgeqdkkx372wm [2018-09-08] (Twitter Inc.) ==================== Niestandardowe rejestracje CLSID (filtrowane): ========================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) ShellIconOverlayIdentifiers: [ ACloudSynced] -> {5CCE71FA-9F61-4F24-9CD1-98D819B40D68} => C:\Program Files (x86)\Acer\shellext\x64\shellext_win.dll [2017-10-02] (Acer Incorporated -> Acer Incorporated) ShellIconOverlayIdentifiers: [ ACloudSyncing] -> {C1E1456F-C2D8-4C96-870D-35F1E13941EE} => C:\Program Files (x86)\Acer\shellext\x64\shellext_win.dll [2017-10-02] (Acer Incorporated -> Acer Incorporated) ShellIconOverlayIdentifiers: [ ACloudToBeSynced] -> {307523FA-DDC0-4068-983F-2A6B34627744} => C:\Program Files (x86)\Acer\shellext\x64\shellext_win.dll [2017-10-02] (Acer Incorporated -> Acer Incorporated) ShellIconOverlayIdentifiers: [F-Secure DataGuard Icon Overlay] -> {CA789262-D278-40F7-AC12-19C0395F9DD9} => C:\Program Files (x86)\Pakiet Bezpieczeństwa UPC\FsShellExtension64.dll [2019-03-25] (F-Secure Corporation -> F-Secure Corporation) ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2016-09-19] (win.rar GmbH -> Alexander Roshal) ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2016-09-19] (win.rar GmbH -> Alexander Roshal) ContextMenuHandlers2: [DaemonShellExtDriveLite] -> {C06369D6-E77D-4626-9656-1256312BD576} => C:\Program Files\DAEMON Tools Lite\DTShl64.dll [2018-06-20] (AVB Disc Soft, SIA -> Disc Soft Ltd) ContextMenuHandlers3: [DaemonShellExtImageLite] -> {1D1B5D7B-0FC9-452E-902C-12BACD4FBC20} => C:\Program Files\DAEMON Tools Lite\DTShl64.dll [2018-06-20] (AVB Disc Soft, SIA -> Disc Soft Ltd) ContextMenuHandlers4: [RecuvaShellExt] -> {435E5DF5-2510-463C-B223-BDA47006D002} => C:\Program Files\Recuva\RecuvaShell64.dll [2016-06-06] (Piriform Ltd -> Piriform Ltd) ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> Brak pliku ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\System32\DriverStore\FileRepository\igdlh64.inf_amd64_587befb80671fb38\igfxDTCM.dll [2018-10-14] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation) ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\system32\nvshext.dll [2017-05-01] (NVIDIA Corporation -> NVIDIA Corporation) ContextMenuHandlers6: [RecuvaShellExt] -> {435E5DF5-2510-463C-B223-BDA47006D002} => C:\Program Files\Recuva\RecuvaShell64.dll [2016-06-06] (Piriform Ltd -> Piriform Ltd) ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2016-09-19] (win.rar GmbH -> Alexander Roshal) ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2016-09-19] (win.rar GmbH -> Alexander Roshal) ==================== Skróty & WMI ======================== (Wybrane wejścia mogą zostać załączone w celu ich zresetowania lub usunięcia.) ShortcutWithArgument: C:\Users\Jola\Desktop\Facebook.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory=Default --app-id=celnaknmndcdcjcagffhbhciignkeokb ShortcutWithArgument: C:\Users\Jola\Desktop\Groupon.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory=Default --app-id=kkppdjhjafoajbkhnbmopbadhfgcmmch ShortcutWithArgument: C:\Users\Jola\Desktop\Poczta.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory=Default --app-id=bpidnlocdigmigganjfkmhjkpgigjecm ShortcutWithArgument: C:\Users\Jola\Desktop\Terapiamed Kraków - przychodnia zdrow.._.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory=Default --app-id=nofgekjmabjkfbfbenafmlmkjjllicoj ShortcutWithArgument: C:\Users\Jola\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplikacje Chrome\Allegro.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory=Default --app-id=jgdhjjnhpikfdmmhbgmgcnmadfoioafc ShortcutWithArgument: C:\Users\Jola\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplikacje Chrome\Facebook.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory=Default --app-id=celnaknmndcdcjcagffhbhciignkeokb ShortcutWithArgument: C:\Users\Jola\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplikacje Chrome\Groupon.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory=Default --app-id=kkppdjhjafoajbkhnbmopbadhfgcmmch ShortcutWithArgument: C:\Users\Jola\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplikacje Chrome\LIBRUS Synergia.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory=Default --app-id=enpnngfdkfdnfpagggmifgacmahpnnom ShortcutWithArgument: C:\Users\Jola\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplikacje Chrome\Poczta.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory=Default --app-id=bpidnlocdigmigganjfkmhjkpgigjecm ShortcutWithArgument: C:\Users\Jola\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplikacje Chrome\Terapiamed Kraków - przychodnia zdrow.._.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory=Default --app-id=nofgekjmabjkfbfbenafmlmkjjllicoj ==================== Załadowane moduły (filtrowane) ============== 2016-12-09 20:40 - 2016-02-17 08:40 - 001249872 _____ (NVIDIA Corporation PE Sign v2014 -> NVIDIA Corporation) [Brak podpisu cyfrowego] C:\Program Files\NVIDIA Corporation\NvStreamSrv\rxinput.dll ==================== Alternate Data Streams (filtrowane) ========= (Załączenie wejścia w fixlist spowoduje usunięcie strumienia ADS.) ==================== Tryb awaryjny (filtrowane) =================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Wartość "AlternateShell" zostanie przywrócona.) ==================== Powiązania plików (filtrowane) =============== (Załączenie wejścia w fixlist spowoduje usunięcie obiektu z rejestru lub przywrócenie jego domyślnej postaci.) ==================== Internet Explorer - Witryny zaufane i z ograniczeniami =============== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru.) ==================== Hosts - zawartość: =============================== (Użycie dyrektywy Hosts: w fixlist spowoduje reset pliku Hosts.) 2015-10-30 09:24 - 2015-10-30 09:21 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts ==================== Inne obszary ============================ (Obecnie brak automatycznej naprawy dla tej sekcji.) HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Intel\iCLS Client\;C:\Program Files\Intel\iCLS Client\;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\Skype\Phone\;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;%SYSTEMROOT%\System32\OpenSSH\ HKU\S-1-5-21-1146579958-381356915-3942461415-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Jola\Pictures\g4.jpg DNS Servers: 62.179.1.62 - 62.179.1.63 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1) HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: Off) Zapora systemu Windows [funkcja włączona] ==================== MSCONFIG/TASK MANAGER - Wyłączone elementy == Załączenie wejścia w fixlist spowoduje jego usunięcie. HKLM\...\StartupApproved\Run: => "SecurityHealth" HKLM\...\StartupApproved\Run: => "NvBackend" HKLM\...\StartupApproved\Run: => "ShadowPlay" HKLM\...\StartupApproved\Run32: => "IAStorIcon" HKLM\...\StartupApproved\Run32: => "NvBackend" HKLM\...\StartupApproved\Run32: => "SecurityHealth" HKU\S-1-5-21-1146579958-381356915-3942461415-1001\...\StartupApproved\Run: => "OneDrive" HKU\S-1-5-21-1146579958-381356915-3942461415-1001\...\StartupApproved\Run: => "Skype" HKU\S-1-5-21-1146579958-381356915-3942461415-1001\...\StartupApproved\Run: => "CCleaner Monitoring" HKU\S-1-5-21-1146579958-381356915-3942461415-1001\...\StartupApproved\Run: => "CCleaner Smart Cleaning" ==================== Reguły Zapory systemu Windows (filtrowane) =============== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) FirewallRules: [{0AEE10E2-AB2A-42A1-8167-7DF5107BB8F6}] => (Allow) C:\Program Files\KMSpico\AutoPico.exe Brak pliku FirewallRules: [{EB4851F0-629E-4DD2-9DCA-B1CAFA8937F7}] => (Allow) C:\Program Files\KMSpico\AutoPico.exe Brak pliku FirewallRules: [{AC6D77B4-1181-4859-9403-F8B813C76B68}] => (Allow) C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe (AVB Disc Soft, SIA -> Disc Soft Ltd) FirewallRules: [{ABCF3A95-C833-434E-B9FD-D1342FDB13CC}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.) FirewallRules: [{F3F486F3-AD76-40ED-B6D8-37130A1DE164}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.) FirewallRules: [{929A7AB7-FAA4-46EE-A4F7-D915F17A12BA}] => (Allow) C:\Program Files (x86)\BlueStacks\HD-Plus-Service.exe (BlueStack Systems, Inc. -> BlueStack Systems, Inc.) FirewallRules: [{4AF55083-26A9-4FAE-BE87-DE8B5CFB4662}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.) FirewallRules: [{2BE73893-BFBD-457E-95E3-50DB9E939E7B}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\Movie\PowerDVD.exe (CyberLink Corp. -> CyberLink Corp.) FirewallRules: [{B15ED31B-9483-4386-8E32-0F421A90B6CD}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\PowerDVD12ML.exe (CyberLink Corp. -> CyberLink Corp.) FirewallRules: [{C59DB5D8-0165-41DE-8282-5AD40AF11A0D}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\PowerDVD12.exe (CyberLink Corp. -> CyberLink Corp.) FirewallRules: [{DEA66A9C-5A89-47A0-8810-542F1888D049}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation) FirewallRules: [{A0F8FF53-B658-4EE9-A296-4D18F6CB3729}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation) FirewallRules: [{C68EF013-4574-4A05-9937-69D005AA7AF2}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe (NVIDIA Corporation -> NVIDIA Corporation) FirewallRules: [{838BE081-0A1C-4445-8E32-A01CFF037DEF}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe (NVIDIA Corporation -> NVIDIA Corporation) FirewallRules: [{D34C67DF-3DA5-4BC5-902B-8406F6B28219}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe (NVIDIA Corporation -> NVIDIA Corporation) FirewallRules: [{78B9D49C-ECF2-4D85-B090-3E9A79E801DA}] => (Allow) C:\Program Files (x86)\Acer\abPhoto\WindowsUpnp.exe (Acer Incorporated -> acer) FirewallRules: [{4FBCDDD8-C04A-4986-BD2B-DC00A2443DE1}] => (Allow) C:\Program Files (x86)\Acer\abPhoto\WindowsUpnp.exe (Acer Incorporated -> acer) FirewallRules: [{A76AF19C-95BD-4659-B2FE-B5E2E23C6E3B}] => (Allow) C:\Program Files (x86)\Acer\abPhoto\DMCDaemon.exe (Acer Incorporated -> acer) FirewallRules: [{E7171E90-6D8C-47E8-9C77-E1BBE2ECB2E0}] => (Allow) C:\Program Files (x86)\Acer\abPhoto\DMCDaemon.exe (Acer Incorporated -> acer) FirewallRules: [{90F8E26B-FFAC-41AA-9EB1-FED13BC6A443}] => (Allow) C:\Program Files (x86)\Acer\AOP Framework\acer\ccd.exe (Acer Incorporated -> Acer Cloud Technology) FirewallRules: [{3C2C53B6-E8E1-4E28-9417-E9EC2D793987}] => (Allow) C:\Program Files (x86)\Acer\AOP Framework\acer\ccd.exe (Acer Incorporated -> Acer Cloud Technology) FirewallRules: [{9C35B053-0376-4B18-BE87-98ECC0964784}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation) FirewallRules: [{5885212C-9E2A-436F-BD66-E0DBFB01798E}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation) FirewallRules: [{BCDEA4F0-5B0B-499E-B185-7D45379AD569}] => (Allow) C:\Program Files (x86)\Samsung\Samsung Universal Print Driver 2 XPS\PrinterSelector\SUPDApp.exe (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.) FirewallRules: [{08DF5A40-CCD3-4C93-B1E3-61B5F239B9AB}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC) ==================== Punkty Przywracania systemu ========================= 19-08-2019 18:50:33 Zaplanowany punkt kontrolny 26-08-2019 20:42:42 Zaplanowany punkt kontrolny 04-09-2019 10:27:58 Windows Update ==================== Wadliwe urządzenia w Menedżerze urządzeń ============= ==================== Błędy w Dzienniku zdarzeń: ========================= Dziennik Aplikacja: ================== Error: (09/08/2019 06:22:36 PM) (Source: ESENT) (EventID: 455) (User: ) Description: svchost (157024,R,98) TILEREPOSITORYS-1-5-18: Wystąpił błąd -1023 (0xfffffc01) podczas otwierania pliku dziennika C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log. Error: (09/08/2019 05:56:51 PM) (Source: ESENT) (EventID: 455) (User: ) Description: svchost (110880,R,98) TILEREPOSITORYS-1-5-18: Wystąpił błąd -1023 (0xfffffc01) podczas otwierania pliku dziennika C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log. Error: (09/08/2019 05:43:33 PM) (Source: ESENT) (EventID: 455) (User: ) Description: svchost (30652,R,98) TILEREPOSITORYS-1-5-18: Wystąpił błąd -1023 (0xfffffc01) podczas otwierania pliku dziennika C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log. Error: (09/08/2019 04:41:59 PM) (Source: ESENT) (EventID: 455) (User: ) Description: svchost (163628,R,98) TILEREPOSITORYS-1-5-18: Wystąpił błąd -1023 (0xfffffc01) podczas otwierania pliku dziennika C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log. Error: (09/08/2019 04:31:57 PM) (Source: ESENT) (EventID: 455) (User: ) Description: svchost (154684,R,98) TILEREPOSITORYS-1-5-18: Wystąpił błąd -1023 (0xfffffc01) podczas otwierania pliku dziennika C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log. Error: (09/08/2019 03:31:41 PM) (Source: ESENT) (EventID: 455) (User: ) Description: svchost (183532,R,98) TILEREPOSITORYS-1-5-18: Wystąpił błąd -1023 (0xfffffc01) podczas otwierania pliku dziennika C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log. Error: (09/08/2019 03:09:27 PM) (Source: ESENT) (EventID: 455) (User: ) Description: svchost (50564,R,98) TILEREPOSITORYS-1-5-18: Wystąpił błąd -1023 (0xfffffc01) podczas otwierania pliku dziennika C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log. Error: (09/08/2019 01:13:44 PM) (Source: ESENT) (EventID: 455) (User: ) Description: svchost (127780,R,98) TILEREPOSITORYS-1-5-18: Wystąpił błąd -1023 (0xfffffc01) podczas otwierania pliku dziennika C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log. Dziennik System: ============= Error: (09/08/2019 06:54:59 PM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: Usługa Service KMSELDI niespodziewanie zakończyła pracę. Wystąpiło to razy: 1. Error: (09/02/2019 10:37:31 PM) (Source: DCOM) (EventID: 10010) (User: LAPTOP-SIDJI4VS) Description: Serwer {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5} nie zarejestrował się w modelu DCOM w wymaganym czasie. Error: (08/23/2019 10:29:38 PM) (Source: DCOM) (EventID: 10010) (User: LAPTOP-SIDJI4VS) Description: Serwer DolbyLaboratories.DolbyAccess_3.0.2002.0_x64__rz1tebttyb220!App.AppXtzbhf6k67jn9be72jwc3zje4rv3bb4am.mca nie zarejestrował się w modelu DCOM w wymaganym czasie. Error: (08/16/2019 09:43:21 PM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: Usługa F-Secure Hoster niespodziewanie zakończyła pracę. Wystąpiło to razy: 1. W przeciągu 10000 milisekund zostanie podjęta następująca czynność korekcyjna: Uruchom usługę ponownie. Error: (08/16/2019 01:45:03 PM) (Source: DCOM) (EventID: 10010) (User: ZARZĄDZANIE NT) Description: Serwer {354FF91B-5E49-4BDC-A8E6-1CB6C6877182} nie zarejestrował się w modelu DCOM w wymaganym czasie. Error: (08/16/2019 01:45:03 PM) (Source: DCOM) (EventID: 10010) (User: ZARZĄDZANIE NT) Description: Serwer {354FF91B-5E49-4BDC-A8E6-1CB6C6877182} nie zarejestrował się w modelu DCOM w wymaganym czasie. Error: (08/15/2019 08:19:09 AM) (Source: DCOM) (EventID: 10010) (User: LAPTOP-SIDJI4VS) Description: Serwer Microsoft.Windows.Cortana_1.12.3.18362_neutral_neutral_cw5n1h2txyewy!CortanaUI.AppXjytc7c0yvwb8n3cw0r82k4364sd1s7bv.mca nie zarejestrował się w modelu DCOM w wymaganym czasie. Error: (08/15/2019 08:19:09 AM) (Source: DCOM) (EventID: 10010) (User: LAPTOP-SIDJI4VS) Description: Serwer Microsoft.WindowsStore_11906.1001.24.0_x64__8wekyb3d8bbwe!App.AppX65azfy60a5wn91mcvdd3dr2y0wj02n39.mca nie zarejestrował się w modelu DCOM w wymaganym czasie. Windows Defender: =================================== Date: 2019-09-08 18:54:16.974 Description: Produkt Program antywirusowy Windows Defender wykrył złośliwe oprogramowanie lub inne potencjalnie niechciane oprogramowanie. Aby uzyskać więcej informacji, zobacz: https://go.microsoft.com/fwlink/?linkid=37020&name=HackTool:MSIL/AutoKMS&threatid=2147711767&enterprise=0 Nazwa: HackTool:MSIL/AutoKMS Identyfikator: 2147711767 Ważność: Wysoki Kategoria: Narzędzie Ścieżka: file:_C:\Program Files\KMSpico\AutoPico.exe Pochodzenie wykrycia: Komputer lokalny Typ wykrycia: Konkretne Źródło wykrycia: System Użytkownik: ZARZĄDZANIE NT\SYSTEM Nazwa procesu: C:\Program Files\KMSpico\Service_KMS.exe Wersja analizy zabezpieczeń: AV: 1.301.783.0, AS: 1.301.783.0, NIS: 1.301.783.0 Wersja aparatu: AM: 1.1.16300.1, NIS: 1.1.16300.1 Date: 2019-09-08 18:54:16.937 Description: Produkt Program antywirusowy Windows Defender wykrył złośliwe oprogramowanie lub inne potencjalnie niechciane oprogramowanie. Aby uzyskać więcej informacji, zobacz: https://go.microsoft.com/fwlink/?linkid=37020&name=HackTool:Win32/AutoKMS&threatid=2147685180&enterprise=0 Nazwa: HackTool:Win32/AutoKMS Identyfikator: 2147685180 Ważność: Wysoki Kategoria: Narzędzie Ścieżka: file:_C:\Program Files\KMSpico\scripts\Install_Service.cmd Pochodzenie wykrycia: Komputer lokalny Typ wykrycia: Konkretne Źródło wykrycia: System Użytkownik: ZARZĄDZANIE NT\SYSTEM Nazwa procesu: Unknown Wersja analizy zabezpieczeń: AV: 1.301.783.0, AS: 1.301.783.0, NIS: 1.301.783.0 Wersja aparatu: AM: 1.1.16300.1, NIS: 1.1.16300.1 Date: 2019-09-08 18:53:44.971 Description: Produkt Program antywirusowy Windows Defender wykrył złośliwe oprogramowanie lub inne potencjalnie niechciane oprogramowanie. Aby uzyskać więcej informacji, zobacz: https://go.microsoft.com/fwlink/?linkid=37020&name=HackTool:Win64/AutoKMS&threatid=2147723334&enterprise=0 Nazwa: HackTool:Win64/AutoKMS Identyfikator: 2147723334 Ważność: Wysoki Kategoria: Narzędzie Ścieżka: file:_C:\Windows\SECOH-QAD.dll; file:_C:\Windows\SECOH-QAD.exe Pochodzenie wykrycia: Komputer lokalny Typ wykrycia: Konkretne Źródło wykrycia: Ochrona w czasie rzeczywistym Użytkownik: LAPTOP-SIDJI4VS\Jola Nazwa procesu: C:\Users\Jola\Documents\Nowy folder (2)\FRST64.exe Wersja analizy zabezpieczeń: AV: 1.301.783.0, AS: 1.301.783.0, NIS: 1.301.783.0 Wersja aparatu: AM: 1.1.16300.1, NIS: 1.1.16300.1 Date: 2019-09-08 18:53:44.623 Description: Produkt Program antywirusowy Windows Defender wykrył złośliwe oprogramowanie lub inne potencjalnie niechciane oprogramowanie. Aby uzyskać więcej informacji, zobacz: https://go.microsoft.com/fwlink/?linkid=37020&name=HackTool:Win64/AutoKMS&threatid=2147723334&enterprise=0 Nazwa: HackTool:Win64/AutoKMS Identyfikator: 2147723334 Ważność: Wysoki Kategoria: Narzędzie Ścieżka: file:_C:\Windows\SECOH-QAD.dll Pochodzenie wykrycia: Komputer lokalny Typ wykrycia: Konkretne Źródło wykrycia: Ochrona w czasie rzeczywistym Użytkownik: LAPTOP-SIDJI4VS\Jola Nazwa procesu: C:\Users\Jola\Documents\Nowy folder (2)\FRST64.exe Wersja analizy zabezpieczeń: AV: 1.301.783.0, AS: 1.301.783.0, NIS: 1.301.783.0 Wersja aparatu: AM: 1.1.16300.1, NIS: 1.1.16300.1 Date: 2019-09-08 18:51:53.557 Description: Produkt Program antywirusowy Windows Defender wykrył złośliwe oprogramowanie lub inne potencjalnie niechciane oprogramowanie. Aby uzyskać więcej informacji, zobacz: https://go.microsoft.com/fwlink/?linkid=37020&name=HackTool:MSIL/AutoKMS&threatid=2147711767&enterprise=0 Nazwa: HackTool:MSIL/AutoKMS Identyfikator: 2147711767 Ważność: Wysoki Kategoria: Narzędzie Ścieżka: file:_C:\Program Files\KMSpico\AutoPico.exe Pochodzenie wykrycia: Komputer lokalny Typ wykrycia: Konkretne Źródło wykrycia: Ochrona w czasie rzeczywistym Użytkownik: LAPTOP-SIDJI4VS\Jola Nazwa procesu: C:\Users\Jola\Documents\Nowy folder (2)\FRST64.exe Wersja analizy zabezpieczeń: AV: 1.301.783.0, AS: 1.301.783.0, NIS: 1.301.783.0 Wersja aparatu: AM: 1.1.16300.1, NIS: 1.1.16300.1 CodeIntegrity: =================================== Date: 2019-09-08 18:55:02.971 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files (x86)\Pakiet Bezpieczeństwa UPC\apps\Ultralight\ulcore\1567597108\fsamsi64.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2019-09-08 18:54:43.436 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files (x86)\Pakiet Bezpieczeństwa UPC\apps\Ultralight\ulcore\1567597108\fsamsi64.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2019-09-08 18:54:43.421 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files (x86)\Pakiet Bezpieczeństwa UPC\apps\Ultralight\ulcore\1567597108\fsamsi64.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2019-09-08 18:54:43.408 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files (x86)\Pakiet Bezpieczeństwa UPC\apps\Ultralight\ulcore\1567597108\fsamsi64.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2019-09-08 18:54:29.642 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files (x86)\Pakiet Bezpieczeństwa UPC\apps\Ultralight\ulcore\1567597108\fsamsi64.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2019-09-08 18:54:21.015 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files (x86)\Pakiet Bezpieczeństwa UPC\apps\Ultralight\ulcore\1567597108\fsamsi64.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2019-09-08 18:54:19.001 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files (x86)\Pakiet Bezpieczeństwa UPC\apps\Ultralight\ulcore\1567597108\fsamsi64.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2019-09-08 18:53:55.594 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files (x86)\Pakiet Bezpieczeństwa UPC\apps\Ultralight\ulcore\1567597108\fsamsi64.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. ==================== Statystyki pamięci =========================== BIOS: Insyde Corp. V1.18 10/21/2016 Motherboard: Acer Ironman_SK Procesor: Intel(R) Core(TM) i5-7200U CPU @ 2.50GHz Procent pamięci w użyciu: 42% Całkowita pamięć fizyczna: 8060.22 MB Dostępna pamięć fizyczna: 4613.15 MB Całkowita pamięć wirtualna: 13246.98 MB Dostępna pamięć wirtualna: 9183.1 MB ==================== Dyski ================================ Drive c: (Acer) (Fixed) (Total:930.4 GB) (Free:792.41 GB) NTFS \\?\Volume{f74ede40-d7e9-4a01-a6b5-eb71c97c7c84}\ (Recovery) (Fixed) (Total:1 GB) (Free:0.57 GB) NTFS \\?\Volume{a22f77fd-2a0d-4bc1-afa4-b5b3e9c84048}\ (ESP) (Fixed) (Total:0.09 GB) (Free:0.05 GB) FAT32 ==================== MBR & Tablica partycji ================== ======================================================== Disk: 0 (Size: 931.5 GB) (Disk ID: 28D5EA80) Partition: GPT. ==================== Koniec Addition.txt ============================