Additional scan result of Farbar Recovery Scan Tool (x64) Version:24-06-2015 Ran by Artur19E68 at 2015-06-24 22:03:22 Running from C:\Users\Artur19E68\Desktop\Logi Boot Mode: Normal ========================================================== ==================== Accounts: ============================= Administrator (S-1-5-21-1166034103-2044418019-3407044678-500 - Administrator - Disabled) Artur19E68 (S-1-5-21-1166034103-2044418019-3407044678-1000 - Administrator - Enabled) => C:\Users\Artur19E68 Guest (S-1-5-21-1166034103-2044418019-3407044678-501 - Limited - Disabled) ==================== Security Center ======================== (If an entry is included in the fixlist, it will be removed.) AV: ESET NOD32 Antivirus 8.0 (Enabled - Up to date) {19259FAE-8396-A113-46DB-15B0E7DFA289} AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: ESET NOD32 Antivirus 8.0 (Enabled - Up to date) {A2447E4A-A5AC-AE9D-7C6B-2EC29C58E834} ==================== Installed Programs ====================== (Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.) µTorrent (HKU\S-1-5-21-1166034103-2044418019-3407044678-1000\...\uTorrent) (Version: 3.4.3.40298 - BitTorrent Inc.) Adobe Acrobat Reader DC - Polish (HKLM-x32\...\{AC76BA86-7AD7-1045-7B44-AC0F074E4100}) (Version: 15.007.20033 - Adobe Systems Incorporated) Adobe Flash Player 17 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 17.0.0.190 - Adobe Systems Incorporated) AIMP3 (HKLM-x32\...\AIMP3) (Version: v3.60.1492, 24.04.2015 - AIMP DevTeam) Aktualizacja produktu Microsoft Office Excel 2007 Help (KB963678) (HKLM-x32\...\{90120000-0016-0415-0000-0000000FF1CE}_ENTERPRISE_{04E205D6-88B1-4652-B162-42DF2C3B1228}) (Version: - Microsoft) Aktualizacja produktu Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM-x32\...\{90120000-0018-0415-0000-0000000FF1CE}_ENTERPRISE_{442ECBCF-94A7-48CC-8CD9-D31FFFD5FA86}) (Version: - Microsoft) Aktualizacja produktu Microsoft Office Word 2007 Help (KB963665) (HKLM-x32\...\{90120000-001B-0415-0000-0000000FF1CE}_ENTERPRISE_{128A36ED-21BE-4547-9FFE-5B85AEC735DD}) (Version: - Microsoft) ALLPlayer Pilot (HKLM-x32\...\{146BDBDD-ACD9-4B04-A286-C27471841E8E}_is1) (Version: 1.2 - ALLPlayer Group, Ltd.) ALLPlayer V6.X (HKLM-x32\...\ALLPlayer_is1) (Version: - ALLPlayer Group, Ltd.) ESET NOD32 Antivirus (HKLM\...\{4B14EC50-70A2-4973-BE68-50E546653134}) (Version: 8.0.312.4 - ESET, spol s r. o.) Evernote v. 5.8.6 (HKLM-x32\...\{FEDC7C10-EF67-11E4-9B07-00505695D7B0}) (Version: 5.8.6.7519 - Evernote Corp.) globalupdate Helper (x32 Version: 1.3.25.0 - globalupdate Inc.) Hidden <==== ATTENTION Google Chrome (HKLM-x32\...\Google Chrome) (Version: 43.0.2357.130 - Google Inc.) Google Update Helper (x32 Version: 1.3.27.5 - Google Inc.) Hidden Java 7 Update 25 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217025FF}) (Version: 7.0.250 - Oracle) K-Lite Codec Pack 11.2.0 Standard (HKLM-x32\...\KLiteCodecPack_is1) (Version: 11.2.0 - ) Malwarebytes Anti-Malware wersja 2.1.6.1022 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.1.6.1022 - Malwarebytes Corporation) Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation) Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft) Microsoft Office Enterprise 2007 (HKLM-x32\...\ENTERPRISE) (Version: 12.0.6612.1000 - Microsoft Corporation) Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.40416.0 - Microsoft Corporation) NapiProjekt 2.0.0 (build 2151) (HKLM-x32\...\NapiProjekt_is1) (Version: - ) Napisy24 (HKLM-x32\...\{D1985DBC-F09E-4317-91B8-932AD0FD4A27}_is1) (Version: 1.0 - Napisy24.pl) NVIDIA 3D Vision Driver 341.44 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 341.44 - NVIDIA Corporation) NVIDIA Graphics Driver 341.44 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 341.44 - NVIDIA Corporation) NVIDIA Update 10.4.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 10.4.0 - NVIDIA Corporation) Picasa 3 (HKLM-x32\...\Picasa 3) (Version: 3.9 - Google, Inc.) Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7512 - Realtek Semiconductor Corp.) RocketDock 1.3.5 (HKLM-x32\...\RocketDock_is1) (Version: - Punk Software) Skype™ 7.5 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.5.102 - Skype Technologies S.A.) Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation) Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft) VLC media player 2.1.3 (HKLM-x32\...\VLC media player) (Version: 2.1.3 - VideoLAN) Warface (HKLM-x32\...\Steam App 291480) (Version: - Crytek) WinRAR 5.21 (64-bitowy) (HKLM\...\WinRAR archiver) (Version: 5.21.0 - win.rar GmbH) ==================== Custom CLSID (Whitelisted): ========================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) ==================== Restore Points ========================= 24-06-2015 13:03:21 Scheduled Checkpoint ==================== Hosts content: =============================== (If needed Hosts: directive could be included in the fixlist to reset Hosts.) 2009-07-14 04:34 - 2015-05-30 20:47 - 00000027 ____A C:\Windows\system32\Drivers\etc\hosts 127.0.0.1 localhost ==================== Scheduled Tasks (Whitelisted) ============= (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) Task: {2EC459FF-FDC1-480E-A8AC-8B856C1383E8} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B => schtasks Task: {49986001-6A32-4BF7-B710-7D37BF9E2CAC} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-05-30] (Google Inc.) Task: {597AB131-EA3E-449A-811B-535DF3E62FF8} - System32\Tasks\klcp_update => C:\Program Files (x86)\K-Lite Codec Pack\Tools\CodecTweakTool.exe [2015-05-31] () Task: {85DACE50-A7D9-402A-BA38-F49F69C0142A} - System32\Tasks\Microsoft\Windows\Windows Activation Technologies\ValidationTask => C:\Windows\system32\Wat\WatAdminSvc.exe [2015-04-16] (Microsoft Corporation) Task: {8AF7BC3B-1CF5-46E6-8C1C-7DE18D5157D9} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\OutOfIdle => C:\Windows\system32\GWX\GWX.exe [2015-05-07] (Microsoft Corporation) Task: {97174FF8-BF0E-471A-ABF1-905D84C15DBA} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-05-30] (Google Inc.) Task: {A7FB10C7-518B-41A4-83B9-682F49D81903} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-03-07] (Adobe Systems Incorporated) Task: {AEB0E017-38BA-4C4A-9CCA-E55AF6B1D11E} - System32\Tasks\YTAUpdate_logon => C:\PROGRA~2\YOUTUB~1\Updater.exe <==== ATTENTION Task: {C633D482-2755-4A4A-AB54-AAB8C3315AD5} - \SPBIW_UpdateTask_Time_333932383431383333382d7855236c575a4a5741415034 No Task File <==== ATTENTION Task: {EC5834B9-AEF0-4534-8BAA-161DDD10A971} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-06-23] (Adobe Systems Incorporated) Task: {EDA7D580-372D-4523-8639-64D6312CFAEF} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\Logon => C:\Windows\system32\GWX\GWX.exe [2015-05-07] (Microsoft Corporation) Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe ==================== Loaded Modules (Whitelisted) ============== 2015-06-03 00:18 - 2007-09-02 13:58 - 00495616 _____ () D:\Program Files (x86)\RocketDock\RocketDock.exe 2015-06-03 00:18 - 2007-09-02 13:57 - 00069632 _____ () D:\Program Files (x86)\RocketDock\RocketDock.dll 2015-06-20 16:00 - 2015-04-16 19:40 - 00776192 _____ () D:\Program Files (x86)\Steam\SDL2.dll 2015-06-20 16:00 - 2015-04-23 04:16 - 04962816 _____ () D:\Program Files (x86)\Steam\v8.dll 2015-06-20 16:00 - 2015-04-23 04:16 - 01556992 _____ () D:\Program Files (x86)\Steam\icui18n.dll 2015-06-20 16:00 - 2015-04-23 04:16 - 01187840 _____ () D:\Program Files (x86)\Steam\icuuc.dll 2015-06-20 16:00 - 2015-06-04 20:56 - 02407104 _____ () D:\Program Files (x86)\Steam\video.dll 2015-06-20 16:00 - 2014-12-01 23:31 - 02396672 _____ () D:\Program Files (x86)\Steam\libavcodec-56.dll 2015-06-20 16:00 - 2014-12-01 23:31 - 00442880 _____ () D:\Program Files (x86)\Steam\libavutil-54.dll 2015-06-20 16:00 - 2014-12-01 23:31 - 00479744 _____ () D:\Program Files (x86)\Steam\libavformat-56.dll 2015-06-20 16:00 - 2014-12-01 23:31 - 00332800 _____ () D:\Program Files (x86)\Steam\libavresample-2.dll 2015-06-20 16:00 - 2014-12-01 23:31 - 00485888 _____ () D:\Program Files (x86)\Steam\libswscale-3.dll 2015-06-20 16:00 - 2015-06-04 20:56 - 00703168 _____ () D:\Program Files (x86)\Steam\bin\chromehtml.DLL 2015-06-20 16:00 - 2015-05-11 21:01 - 36302728 _____ () D:\Program Files (x86)\Steam\bin\libcef.dll ==================== Alternate Data Streams (Whitelisted) ========= (If an entry is included in the fixlist, only the ADS will be removed.) AlternateDataStreams: C:\ProgramData\TEMP:56E2E879 ==================== Safe Mode (Whitelisted) =================== (If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.) ==================== EXE Association (Whitelisted) =============== (If an entry is included in the fixlist, the registry item will be restored to default or removed.) ==================== Internet Explorer trusted/restricted =============== (If an entry is included in the fixlist, it will be removed from the registry.) ==================== Other Areas ============================ (Currently there is no automatic fix for this section.) HKU\S-1-5-21-1166034103-2044418019-3407044678-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Artur19E68\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg DNS Servers: 192.168.1.1 ==================== MSCONFIG/TASK MANAGER disabled items == (Currently there is no automatic fix for this section.) MSCONFIG\Services: globalUpdate => 2 MSCONFIG\Services: globalUpdatem => 3 MSCONFIG\Services: gupdate => 2 MSCONFIG\Services: gupdatem => 3 MSCONFIG\Services: IHProtect Service => 2 MSCONFIG\Services: insvc_1.10.0.14 => 2 MSCONFIG\Services: jokydeki => 2 MSCONFIG\Services: mofysilo => 2 MSCONFIG\Services: myroqole => 2 MSCONFIG\Services: nevetuhi => 2 MSCONFIG\Services: nvsvc => 2 MSCONFIG\Services: rilydoxy => 2 MSCONFIG\Services: SPBIUpd => 2 MSCONFIG\Services: Stereo Service => 2 MSCONFIG\Services: Update Edu App => 2 MSCONFIG\Services: Util Edu App => 2 MSCONFIG\Services: YouTubeAcceleratorService => 2 MSCONFIG\startupfolder: C:^Users^Artur19E68^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^crossbrowse.lnk => C:\Windows\pss\crossbrowse.lnk.Startup MSCONFIG\startupfolder: C:^Users^Artur19E68^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^SmartWeb.lnk => C:\Windows\pss\SmartWeb.lnk.Startup MSCONFIG\startupreg: ALLPlayer WiFi Remote => C:\Program Files (x86)\ALLPlayer Remote\ALLPlayerRemoteControl.exe MSCONFIG\startupreg: ALLUpdate => "D:\Program Files (x86)\ALLPlayer\ALLUpdate.exe" "sleep" MSCONFIG\startupreg: CoupSeek => C:\Users\Artur19E68\AppData\Roaming\CoupSeek\scpsk.exe MSCONFIG\startupreg: gmsd_pl_120 => "C:\Program Files (x86)\gmsd_pl_120\gmsd_pl_120.exe" MSCONFIG\startupreg: GoobzoYouTubeAccelerator => "C:\Program Files (x86)\YouTube Accelerator\YouTubeAccelerator.exe" /startup MSCONFIG\startupreg: GoogleChromeAutoLaunch_4C96C829E7A7B17638F6F88C3FC2DD86 => "C:\Program Files (x86)\Crossbrowse\Crossbrowse\Application\crossbrowse.exe" --no-startup-window MSCONFIG\startupreg: Napisy24Update => "C:\Program Files (x86)\Napisy24\Napisy24Update.exe" "sleep" MSCONFIG\startupreg: NvBackend => "C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe" MSCONFIG\startupreg: SmartWeb => C:\Users\Artur19E68\AppData\Local\SmartWeb\SmartWebHelper.exe MSCONFIG\startupreg: SunJavaUpdateSched => "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" MSCONFIG\startupreg: WinCheck => C:\Users\Artur19E68\AppData\Local\AD933280-1432947039-11DD-8A93-0023545E67A4\bnss5DCB.exe MSCONFIG\startupreg: Windesk Winsearch => C:\Program Files (x86)\WindeskWinsearch\Windesk Winsearch.exe ==================== FirewallRules (Whitelisted) =============== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) FirewallRules: [TCP Query User{5D3A5156-1DD9-414B-87C4-37457A5360C0}C:\program files (x86)\allplayer remote\allplayerremotecontrol.exe] => (Allow) C:\program files (x86)\allplayer remote\allplayerremotecontrol.exe FirewallRules: [UDP Query User{BE43FD33-0B68-476F-9914-12861826D088}C:\program files (x86)\allplayer remote\allplayerremotecontrol.exe] => (Allow) C:\program files (x86)\allplayer remote\allplayerremotecontrol.exe FirewallRules: [{1ED02E0A-5E86-4288-BF3B-ED745D7713AD}] => (Allow) C:\Users\Artur19E68\AppData\Roaming\uTorrent\uTorrent.exe FirewallRules: [{9A5BE049-1A5F-4E15-A7B6-8B02850E5585}] => (Allow) C:\Users\Artur19E68\AppData\Roaming\uTorrent\uTorrent.exe FirewallRules: [TCP Query User{E8761FB1-A0B3-489A-ACD8-F5B9626831A2}D:\games\the forest\theforest.exe] => (Allow) D:\games\the forest\theforest.exe FirewallRules: [UDP Query User{1A8881D0-CC48-420F-A54D-05F215D09A37}D:\games\the forest\theforest.exe] => (Allow) D:\games\the forest\theforest.exe FirewallRules: [{934EA006-062F-4C3D-B750-07C59EEC96E1}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe FirewallRules: [{C1552AF9-A9A2-4875-A435-C80E47B77746}] => (Allow) D:\Program Files (x86)\Steam\Steam.exe FirewallRules: [{85558725-D5A2-4BE6-AB3D-F7D954BFEBF4}] => (Allow) D:\Program Files (x86)\Steam\Steam.exe FirewallRules: [{470C3FEF-A614-4C45-8B2D-45C9E9CAA095}] => (Allow) D:\Program Files (x86)\Steam\bin\steamwebhelper.exe FirewallRules: [{5DC1885F-AE9E-4F07-9405-84C3107C5A06}] => (Allow) D:\Program Files (x86)\Steam\bin\steamwebhelper.exe FirewallRules: [{2BA962AC-DE0A-4646-AE65-B2DD1757DA51}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Warface\live\nw.exe FirewallRules: [{4B9D8F3F-B5CE-44EA-A3FC-6FC1FBA3B40B}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Warface\live\nw.exe FirewallRules: [{3B053B40-4503-4A0C-B066-C8B1E8875611}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe ==================== Faulty Device Manager Devices ============= ==================== Event log errors: ========================= Application errors: ================== Error: (06/24/2015 09:57:00 PM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (06/24/2015 00:28:33 PM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (06/24/2015 10:28:38 AM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (06/23/2015 09:57:59 PM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (06/23/2015 10:01:45 AM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (06/22/2015 09:47:01 PM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (06/22/2015 09:40:02 PM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (06/21/2015 04:25:21 PM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (06/21/2015 08:57:05 AM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (06/20/2015 09:44:29 PM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 System errors: ============= Error: (06/24/2015 01:00:29 PM) (Source: volsnap) (EventID: 36) (User: ) Description: Wykonywanie kopii w tle woluminu C: zostało przerwane, ponieważ nie można powiększyć magazynu kopii w tle z powodu limitu wprowadzonego przez użytkownika. Error: (06/23/2015 11:18:01 AM) (Source: volsnap) (EventID: 36) (User: ) Description: Wykonywanie kopii w tle woluminu C: zostało przerwane, ponieważ nie można powiększyć magazynu kopii w tle z powodu limitu wprowadzonego przez użytkownika. Error: (06/22/2015 09:44:02 PM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: Usługa Software Protection niespodziewanie zakończyła pracę. Wystąpiło to razy: 1. W przeciągu 120000 milisekund zostanie podjęta następująca czynność korekcyjna: Restart the service. Error: (06/22/2015 09:44:02 PM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: Usługa Windows Search niespodziewanie zakończyła pracę. Wystąpiło to razy: 1. W przeciągu 30000 milisekund zostanie podjęta następująca czynność korekcyjna: Restart the service. Error: (06/22/2015 09:44:02 PM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: Usługa Windows Media Player Network Sharing Service niespodziewanie zakończyła pracę. Wystąpiło to razy: 1. W przeciągu 30000 milisekund zostanie podjęta następująca czynność korekcyjna: Restart the service. Error: (06/22/2015 09:44:02 PM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: Usługa Windows Modules Installer niespodziewanie zakończyła pracę. Wystąpiło to razy: 1. W przeciągu 120000 milisekund zostanie podjęta następująca czynność korekcyjna: Restart the service. Error: (06/22/2015 09:44:02 PM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: Usługa Adobe Acrobat Update Service niespodziewanie zakończyła pracę. Wystąpiło to razy: 1. Error: (06/22/2015 09:44:02 PM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: Usługa Print Spooler niespodziewanie zakończyła pracę. Wystąpiło to razy: 1. W przeciągu 60000 milisekund zostanie podjęta następująca czynność korekcyjna: Restart the service. Error: (06/21/2015 04:24:48 PM) (Source: volsnap) (EventID: 36) (User: ) Description: Wykonywanie kopii w tle woluminu C: zostało przerwane, ponieważ nie można powiększyć magazynu kopii w tle z powodu limitu wprowadzonego przez użytkownika. Error: (06/20/2015 08:53:29 PM) (Source: Service Control Manager) (EventID: 7032) (User: ) Description: Menedżer sterowania usługami próbował podjąć akcję korekcyjną (Restart the service) po nieoczekiwanym zakończeniu usługi Windows Search, ale ta akcja nie powiodła się przy następującym błędzie: %%1056. Microsoft Office: ========================= CodeIntegrity Errors: =================================== Date: 2015-05-30 20:39:21.085 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2015-05-30 20:39:21.054 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. ==================== Memory info =========================== Processor: Intel(R) Core(TM)2 Duo CPU E7300 @ 2.66GHz Percentage of memory in use: 23% Total physical RAM: 4095.11 MB Available physical RAM: 3116.7 MB Total Pagefile: 8188.43 MB Available Pagefile: 6919.81 MB Total Virtual: 8192 MB Available Virtual: 8191.83 MB ==================== Drives ================================ Drive c: () (Fixed) (Total:39.9 GB) (Free:9.45 GB) NTFS Drive d: () (Fixed) (Total:130 GB) (Free:119.73 GB) NTFS Drive e: () (Fixed) (Total:127.99 GB) (Free:127.33 GB) NTFS ==================== MBR & Partition Table ================== ======================================================== Disk: 0 (MBR Code: Windows 7 or 8) (Size: 298.1 GB) (Disk ID: AD04AD04) Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS) Partition 2: (Not Active) - (Size=39.9 GB) - (Type=07 NTFS) Partition 3: (Not Active) - (Size=130 GB) - (Type=07 NTFS) Partition 4: (Not Active) - (Size=128 GB) - (Type=07 NTFS) ==================== End of log ============================