Rezultat naprawy Farbar Recovery Scan Tool (x64) Wersja: 30-08-2022 Uruchomiony przez Andman (07-09-2022 15:48:16) Run:6 Uruchomiony z C:\Users\Andman\Desktop Załadowane profile: Andman Tryb startu: Normal ============================================== fixlist - zawartość: ***************** START:: Reg: reg query HKLM\SYSTEM\CurrentControlSet\services\VSS /s END:: ***************** ========= reg query HKLM\SYSTEM\CurrentControlSet\services\VSS /s ========= HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\VSS DependOnService REG_MULTI_SZ RPCSS Description REG_SZ @%systemroot%\system32\vssvc.exe,-101 DisplayName REG_SZ @%systemroot%\system32\vssvc.exe,-102 ErrorControl REG_DWORD 0x1 ImagePath REG_EXPAND_SZ %systemroot%\system32\vssvc.exe ObjectName REG_SZ LocalSystem ServiceSidType REG_DWORD 0x1 Start REG_DWORD 0x3 Type REG_DWORD 0x10 HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\VSS\Diag HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\VSS\Diag\SPP SppGetSnapshots (Enter) REG_BINARY 4800000000000000AC10ADA3BAC2D8011410000050090000D20700000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000 SppGetSnapshots (Leave) REG_BINARY 480000000000000024B0CBA3BAC2D8011410000050090000D20700000100000000000000000000000000000000000000000000000000000000000000000000000000000000000000 SppEnumGroups (Enter) REG_BINARY 480000000000000024B0CBA3BAC2D8011410000050090000D10700000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000 SppEnumGroups (Leave) REG_BINARY 4800000000000000D4A4D1A3BAC2D8011410000050090000D10700000100000000000000010000000000000000000000000000000000000000000000000000000000000000000000 SppCreate (Enter) REG_BINARY 480000000000000079B2445FB8C2D801181400006C280000D00700000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000 SppGatherWriterMetadata (Enter) REG_BINARY 4800000000000000AC14475FB8C2D801181400006C280000D30700000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000 SppGatherWriterMetadata (Leave) REG_BINARY 48000000000000000EF7119DB8C2D801181400006C280000D30700000100000000000000000000000000000000000000000000000000000000000000000000000000000000000000 SppAddInterestingComponents (Enter) REG_BINARY 48000000000000000EF7119DB8C2D801181400006C280000D40700000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000 SppAddInterestingComponents (Leave) REG_BINARY 4800000000000000AC1C389DB8C2D801181400006C280000D40700000100000000000000000000000000000000000000000000000000000000000000000000000000000000000000 SppCreate (Leave) REG_BINARY 4800000000000000AE8FE5A6B8C2D801181400006C280000D00700000100000000000000000000000000000000000000000000000000000000000000000000000000000000000000 HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\VSS\Diag\SystemRestore SrCreateRp (Enter) REG_BINARY 480000000000000084A9EB5EB8C2D801980C000070240000D50700000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000 SrCreateRp (Leave) REG_BINARY 4800000000000000AE8FE5A6B8C2D801980C000070240000D50700000100000000000000000000000000000000000000000000000000000000000000000000000000000000000000 HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\VSS\Diag\ASR Writer HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\VSS\Diag\BITS Writer HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\VSS\Diag\COM+ REGDB Writer HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\VSS\Diag\Lovelace OPEN_VOLUME_HANDLE (Enter) REG_BINARY 48000000000000007040C191B9C2D801C419000004090000FD030000010000000000000000000000C0196B5BC059274B8285ADC56F31884D00000000000000000000000000000000 OPEN_VOLUME_HANDLE (Leave) REG_BINARY 4800000000000000CA228B9AB9C2D801C419000004090000FD030000000000000000000000000000C0196B5BC059274B8285ADC56F31884D00000000000000000000000000000000 IOCTL_FLUSH_AND_HOLD (Enter) REG_BINARY 4800000000000000CA228B9AB9C2D801C419000004090000FE030000010000000000000000000000C0196B5BC059274B8285ADC56F31884D00000000000000000000000000000000 IOCTL_FLUSH_AND_HOLD (Leave) REG_BINARY 4800000000000000F1C28A9BB9C2D801C419000004090000FE030000000000000000000000000000C0196B5BC059274B8285ADC56F31884D00000000000000000000000000000000 IOCTL_RELEASE (Enter) REG_BINARY 48000000000000009E138D9BB9C2D801C419000004090000FF0300000100000000000000000000000000000000000000000000000000000000000000000000000000000000000000 IOCTL_RELEASE (Leave) REG_BINARY 48000000000000009E138D9BB9C2D801C419000004090000FF0300000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000 HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\VSS\Diag\Lovelace(__?_Volume{1b83b4d5-e9e3-4d7f-8abf-200cd215e606}_) OPEN_VOLUME_HANDLE (Enter) REG_BINARY 48000000000000007040C191B9C2D801C419000044210000FD030000010000000000000000000000C0196B5BC059274B8285ADC56F31884D00000000000000000000000000000000 OPEN_VOLUME_HANDLE (Leave) REG_BINARY 4800000000000000CA228B9AB9C2D801C419000044210000FD030000000000000000000000000000C0196B5BC059274B8285ADC56F31884D00000000000000000000000000000000 IOCTL_FLUSH_AND_HOLD (Enter) REG_BINARY 4800000000000000CA228B9AB9C2D801C419000044210000FE030000010000000000000000000000C0196B5BC059274B8285ADC56F31884D00000000000000000000000000000000 IOCTL_FLUSH_AND_HOLD (Leave) REG_BINARY 4800000000000000F1C28A9BB9C2D801C419000044210000FE030000000000000000000000000000C0196B5BC059274B8285ADC56F31884D00000000000000000000000000000000 IOCTL_RELEASE (Enter) REG_BINARY 48000000000000009E138D9BB9C2D801C419000044210000FF030000010000000000000000000000C0196B5BC059274B8285ADC56F31884D00000000000000000000000000000000 IOCTL_RELEASE (Leave) REG_BINARY 48000000000000009E138D9BB9C2D801C419000044210000FF030000000000000000000000000000C0196B5BC059274B8285ADC56F31884D00000000000000000000000000000000 HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\VSS\Diag\MSSearch Service Writer HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\VSS\Diag\Registry Writer HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\VSS\Diag\Shadow Copy Optimization Writer HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\VSS\Diag\SwProvider_{b5946137-7b9f-4925-af80-51abd60b20d5} PROVIDER_BEGINPREPARE (Enter) REG_BINARY 480000000000000011E9B38FB9C2D801C41900007C0E000001040000010000000000000000000000C0196B5BC059274B8285ADC56F31884D00000000000000000000000000000000 PROVIDER_BEGINPREPARE (Leave) REG_BINARY 480000000000000011E9B38FB9C2D801C41900007C0E000001040000000000000000000000000000C0196B5BC059274B8285ADC56F31884D00000000000000000000000000000000 PROVIDER_ENDPREPARE (Enter) REG_BINARY 480000000000000011E9B38FB9C2D801C41900000409000002040000010000000000000000000000C0196B5BC059274B8285ADC56F31884D00000000000000000000000000000000 PROVIDER_ENDPREPARE (Leave) REG_BINARY 48000000000000002F8DBC91B9C2D801C41900000409000002040000000000000000000000000000C0196B5BC059274B8285ADC56F31884D00000000000000000000000000000000 PROVIDER_PRECOMMIT (Enter) REG_BINARY 480000000000000007DEBE91B9C2D801C41900000409000003040000010000000000000000000000C0196B5BC059274B8285ADC56F31884D00000000000000000000000000000000 PROVIDER_PRECOMMIT (Leave) REG_BINARY 48000000000000007040C191B9C2D801C41900000409000003040000000000000000000000000000C0196B5BC059274B8285ADC56F31884D00000000000000000000000000000000 PROVIDER_COMMIT (Enter) REG_BINARY 48000000000000009E138D9BB9C2D801C4190000801A000004040000010000000000000000000000C0196B5BC059274B8285ADC56F31884D00000000000000000000000000000000 PROVIDER_COMMIT (Leave) REG_BINARY 48000000000000009E138D9BB9C2D801C4190000801A000004040000000000000000000000000000C0196B5BC059274B8285ADC56F31884D00000000000000000000000000000000 PROVIDER_POSTCOMMIT (Enter) REG_BINARY 48000000000000009E138D9BB9C2D801C41900000409000005040000010000000000000000000000C0196B5BC059274B8285ADC56F31884D00000000000000000000000000000000 PROVIDER_POSTCOMMIT (Leave) REG_BINARY 48000000000000001F5DA79BB9C2D801C41900000409000005040000000000000000000000000000C0196B5BC059274B8285ADC56F31884D00000000000000000000000000000000 PROVIDER_PREFINALCOMMIT (Enter) REG_BINARY 48000000000000001F5DA79BB9C2D801C41900000409000006040000010000000000000000000000C0196B5BC059274B8285ADC56F31884D00000000000000000000000000000000 PROVIDER_PREFINALCOMMIT (Leave) REG_BINARY 48000000000000005755989CB9C2D801C41900000409000006040000000000000000000000000000C0196B5BC059274B8285ADC56F31884D00000000000000000000000000000000 PROVIDER_POSTFINALCOMMIT (Enter) REG_BINARY 48000000000000005755989CB9C2D801C41900000409000007040000010000000000000000000000C0196B5BC059274B8285ADC56F31884D00000000000000000000000000000000 PROVIDER_POSTFINALCOMMIT (Leave) REG_BINARY 48000000000000007F40A49CB9C2D801C41900000409000007040000000000000000000000000000C0196B5BC059274B8285ADC56F31884D00000000000000000000000000000000 HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\VSS\Diag\System Writer HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\VSS\Diag\VolSnap Volume{1b83b4d5-e9e3-4d7f-8abf-200cd215e606}DiscoverSnapshots (Enter) REG_BINARY 4800000000000000991594F1B8C2D8010000000000000000200000000100000000000000000000000000000000000000000000000000000000000000000000000000000000000000 Volume{1b83b4d5-e9e3-4d7f-8abf-200cd215e606}Activate (Enter) REG_BINARY 4800000000000000991594F1B8C2D8010000000000000000080000000100000000000000000000000000000000000000000000000000000000000000000000000000000000000000 Volume{1b83b4d5-e9e3-4d7f-8abf-200cd215e606}ActivateLoop (Enter) REG_BINARY 4800000000000000991594F1B8C2D80100000000000000001A0000000100000000000000000000000000000000000000000000000000000000000000000000000000000000000000 Volume{1b83b4d5-e9e3-4d7f-8abf-200cd215e606}ActivateLoop (Leave) REG_BINARY 48000000000000006F9E9DF1B8C2D80100000000000000001B0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000 Volume{1b83b4d5-e9e3-4d7f-8abf-200cd215e606}ComputeIgnorableProduct (Enter) REG_BINARY 4800000000000000852E8E9DB9C2D80100000000000000000C0000000100000000000000000000000000000000000000000000000000000000000000000000000000000000000000 Volume{1b83b4d5-e9e3-4d7f-8abf-200cd215e606}ComputeIgnorableProduct (Leave) REG_BINARY 4800000000000000E0B5B69DB9C2D80100000000000000000D0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000 Volume{1b83b4d5-e9e3-4d7f-8abf-200cd215e606}Activate (Leave) REG_BINARY 48000000000000007789A9F1B8C2D8010000000000000000090000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000 Volume{1b83b4d5-e9e3-4d7f-8abf-200cd215e606}DiscoverSnapshots (Leave) REG_BINARY 48000000000000007789A9F1B8C2D8010000000000000000210000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000 Volume{1b83b4d5-e9e3-4d7f-8abf-200cd215e606}DeleteProcess (Enter) REG_BINARY 4800000000000000B8E27F9DB9C2D8010000000000000000120000000100000000000000000000000000000000000000000000000000000000000000000000000000000000000000 Volume{1b83b4d5-e9e3-4d7f-8abf-200cd215e606}SetIgnorable (Enter) REG_BINARY 48000000000000001F5DA79BB9C2D80100000000000000000A0000000100000000000000000000000000000000000000000000000000000000000000000000000000000000000000 Volume{1b83b4d5-e9e3-4d7f-8abf-200cd215e606}SetIgnorable (Leave) REG_BINARY 4800000000000000295E5A9CB9C2D80100000000000000000B0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000 Volume{1b83b4d5-e9e3-4d7f-8abf-200cd215e606}AdjustBitmap (Enter) REG_BINARY 4800000000000000295E5A9CB9C2D8010000000000000000040000000100000000000000000000000000000000000000000000000000000000000000000000000000000000000000 Volume{1b83b4d5-e9e3-4d7f-8abf-200cd215e606}ValidateDiffAreaFiles (Enter) REG_BINARY 480000000000000000B9CEF2B8C2D80100000000000000001C0000000100000000000000000000000000000000000000000000000000000000000000000000000000000000000000 VolumesSafeForWrite (Enter) REG_BINARY 4800000000000000B0BBD8FEB8C2D80100000000000000001E0000000100000000000000000000000000000000000000000000000000000000000000000000000000000000000000 VolumesSafeForWrite (Leave) REG_BINARY 4800000000000000EC325100B9C2D80100000000000000001F0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000 Volume{1b83b4d5-e9e3-4d7f-8abf-200cd215e606}ValidateDiffAreaFiles (Leave) REG_BINARY 4800000000000000EC325100B9C2D80100000000000000001D0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000 Volume{1b83b4d5-e9e3-4d7f-8abf-200cd215e606}AdjustBitmap (Leave) REG_BINARY 480000000000000065C9AD9CB9C2D8010000000000000000050000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000 Volume{1b83b4d5-e9e3-4d7f-8abf-200cd215e606}DeleteProcess (Leave) REG_BINARY 4800000000000000852E8E9DB9C2D8010000000000000000130000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000 Volume{1b83b4d5-e9e3-4d7f-8abf-200cd215e606}PrepareForSnapshot (Enter) REG_BINARY 4800000000000000B5A88591B9C2D8014005000000000000000000000100000000000000000000000000000000000000000000000000000000000000000000000000000000000000 Volume{1b83b4d5-e9e3-4d7f-8abf-200cd215e606}PreExposure (Enter) REG_BINARY 48000000000000002F8DBC91B9C2D8014005000000000000020000000100000000000000000000000000000000000000000000000000000000000000000000000000000000000000 Volume{1b83b4d5-e9e3-4d7f-8abf-200cd215e606}PreExposure (Leave) REG_BINARY 48000000000000002F8DBC91B9C2D8014005000000000000030000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000 Volume{1b83b4d5-e9e3-4d7f-8abf-200cd215e606}PrepareForSnapshot (Leave) REG_BINARY 48000000000000002F8DBC91B9C2D8014005000000000000010000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000 Volume{1b83b4d5-e9e3-4d7f-8abf-200cd215e606}EndCommit (Enter) REG_BINARY 48000000000000001F5DA79BB9C2D8010400000000000000060000000100000000000000000000000000000000000000000000000000000000000000000000000000000000000000 Volume{1b83b4d5-e9e3-4d7f-8abf-200cd215e606}EndCommit (Leave) REG_BINARY 4800000000000000A6AFA99BB9C2D8010400000000000000070000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000 HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\VSS\Diag\VssapiPublisher HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\VSS\Diag\VssvcPublisher FREEZE (Enter) REG_BINARY 480000000000000007DEBE91B9C2D801C419000004090000EB030000010000000000000000000000C0196B5BC059274B8285ADC56F31884D00000000000000000000000000000000 FREEZE (Leave) REG_BINARY 480000000000000007DEBE91B9C2D801C419000004090000EB030000000000000000000000000000C0196B5BC059274B8285ADC56F31884D00000000000000000000000000000000 HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\VSS\Diag\WMI Writer HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\VSS\Providers HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\VSS\Providers\{b5946137-7b9f-4925-af80-51abd60b20d5} (Default) REG_SZ Microsoft Software Shadow Copy provider 1.0 Type REG_DWORD 0x1 Version REG_SZ 1.0.0.7 VersionId REG_SZ {00000001-0000-0000-0007-000000000001} HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\VSS\Providers\{b5946137-7b9f-4925-af80-51abd60b20d5}\CLSID (Default) REG_SZ {65EE1DBA-8FF4-4a58-AC1C-3470EE2F376A} HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\VSS\Settings HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\VSS\Settings\WritersBlockingRevert TornComponentsBlockRevert REG_DWORD 0x1 {2707761B-2324-473D-88EB-EB007A359533} REG_SZ DFS-R Writer {B2014C9E-8711-4C5C-A5A9-3CF384484757} REG_SZ AD Writer {D76F5A28-3092-4589-BA48-2958FB88CE29} REG_SZ FRS Writer {DD846AAA-A1B6-42a8-AAF8-03DCB6114BFD} REG_SZ ADAM Writer HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\VSS\VssAccessControl NT Authority\NetworkService REG_DWORD 0x1 ========= Koniec Reg: ========= ==== Koniec Fixlog 15:48:16 ====