Rezultaty skanu uzupełniającego Farbar Recovery Scan Tool (x64) Wersja: 15-03-2017 Uruchomiony przez Komputer (17-03-2017 16:00:19) Uruchomiony z C:\Users\Komputer\Downloads Windows 7 Professional Service Pack 1 (X64) (2013-12-23 10:25:26) Tryb startu: Normal ========================================================== ==================== Konta użytkowników: ============================= Administrator (S-1-5-21-4219447721-3461528330-2681957728-500 - Administrator - Disabled) Komputer (S-1-5-21-4219447721-3461528330-2681957728-1000 - Administrator - Enabled) => C:\Users\Komputer Gość (S-1-5-21-4219447721-3461528330-2681957728-501 - Limited - Disabled) ==================== Centrum zabezpieczeń ======================== (Załączenie wejścia w fixlist spowoduje jego usunięcie.) AV: ESET Smart Security 10.0.390.0 (Enabled - Up to date) {EC1D6F37-E411-475A-DF50-12FF7FE4AC70} AS: ESET Smart Security 10.0.390.0 (Enabled - Up to date) {577C8ED3-C22B-48D4-E5E0-298D0463E6CD} AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} FW: Zapora osobista ESET (Enabled) {D426EE12-AE7E-4602-F40F-BBCA8137EB0B} ==================== Zainstalowane programy ====================== (W fixlist dozwolone tylko załączanie programów adware z flagą "Hidden" w celu ich uwidocznienia. Programy adware powinny zostać w poprawny sposób odinstalowane.) µTorrent (HKU\S-1-5-21-4219447721-3461528330-2681957728-1000\...\uTorrent) (Version: 3.4.1.31227 - BitTorrent Inc.) Adobe Acrobat Reader DC - Polish (HKLM-x32\...\{AC76BA86-7AD7-1045-7B44-AC0F074E4100}) (Version: 15.023.20070 - Adobe Systems Incorporated) Adobe Digital Editions 3.0 (HKLM-x32\...\Adobe Digital Editions 3.0) (Version: 3.0.1 - Adobe Systems Incorporated) Adobe Flash Player 24 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 24.0.0.221 - Adobe Systems Incorporated) Cisco EAP-FAST Module (HKLM-x32\...\{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}) (Version: 2.2.14 - Cisco Systems, Inc.) Cisco LEAP Module (HKLM-x32\...\{51C7AD07-C3F6-4635-8E8A-231306D810FE}) (Version: 1.0.19 - Cisco Systems, Inc.) Cisco PEAP Module (HKLM-x32\...\{ED5776D5-59B4-46B7-AF81-5F2D94D7C640}) (Version: 1.1.6 - Cisco Systems, Inc.) Common Desktop Agent (Version: 1.62.0 - OEM) Hidden Conexant HD Audio (HKLM-x32\...\{F0A37341-D692-11D4-A984-009027EC0A9C}) (Version: 1.0.50.0 - Conexant) Dell Wireless Driver Installation (HKLM-x32\...\{451517F1-7E41-400B-AA36-FB7E2563526D}) (Version: 9.0 - Dell) ESET Smart Security (HKLM\...\{0DAD1CE6-B5D7-44CA-B9FD-29DF26896887}) (Version: 10.0.390.0 - ESET, spol. s r.o.) Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.0.0.1351 - Intel Corporation) Intel(R) OpenCL CPU Runtime (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: - Intel Corporation) Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 8.15.10.2696 - Intel Corporation) Intel(R) PROSet/Wireless Software for Bluetooth(R) Technology (HKLM\...\{A10B1524-63B5-40F2-B272-D841CF671C16}) (Version: 2.2.0.0266 - Intel Corporation) Intel(R) USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 1.0.4.220 - Intel Corporation) Intel® Trusted Connect Service Client (HKLM\...\{6199B534-A1B6-46ED-873B-97B0ECF8F81E}) (Version: 1.23.216.0 - Intel Corporation) Microsoft .NET Framework 4.6.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.6.01590 - Microsoft Corporation) Microsoft Office Professional Plus 2007 (HKLM-x32\...\PROPLUS) (Version: 12.0.4518.1014 - Microsoft Corporation) Microsoft Silverlight (HKLM-x32\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 4.0.60310.0 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Mozilla Firefox 51.0.1 (x86 pl) (HKLM-x32\...\Mozilla Firefox 51.0.1 (x86 pl)) (Version: 51.0.1 - Mozilla) Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 51.0.1.6234 - Mozilla) Polski pakiet językowy dla programu Microsoft .NET Framework 4 Client Profile (HKLM\...\Microsoft .NET Framework 4 Client Profile PLK Language Pack) (Version: 4.0.30319 - Microsoft Corporation) Przegląd podręcznika użytkownika (HKLM-x32\...\View User Guide) (Version: 3.60.02.0 - ) Realtek Ethernet Controller All-In-One Windows Driver (HKLM-x32\...\{F7E7F0CB-AA41-4D5A-B6F2-8E6738EB063F}) (Version: 7.48.823.2011 - Realtek) Samsung C460 Series (HKLM-x32\...\Samsung C460 Series) (Version: 1.02 (2013-07-11) - Samsung Electronics Co., Ltd.) Samsung Easy Document Creator (HKLM-x32\...\Samsung Easy Document Creator) (Version: 1.05.61 (2013-04-10) - Samsung Electronics Co., Ltd.) Samsung Easy Printer Manager (HKLM-x32\...\Samsung Easy Printer Manager) (Version: 1.03.23.00(2013-05-03) - Samsung Electronics Co., Ltd.) Samsung Easy Wireless Setup (HKLM-x32\...\Easy Wireless Setup) (Version: 3.60.25 - Samsung Electronics Co., Ltd.) Samsung Network PC Fax (HKLM-x32\...\Samsung Network PC Fax) (Version: 1.09.14 (2013-02-05) - Samsung Electronics Co., Ltd.) Samsung Printer Live Update (HKLM-x32\...\Samsung Printer Live Update) (Version: 1.01.00:04(2013-04-22) - Samsung Electronics Co., Ltd.) Samsung Scan Process Machine (x32 Version: 1.00.56.01 - Samsung Electronics Co., Ltd.) Hidden SNS Upload for Easy Document Creator (HKLM-x32\...\{B6B5F07C-88D5-49D3-A1A7-A6D4BC37DCCC}) (Version: 1.0.0 - Samsung Electronics Co.,Ltd) UltraVnc (HKLM\...\Ultravnc2_is1) (Version: 1.2.0.3 - uvnc bvba) ==================== Niestandardowe rejestracje CLSID (filtrowane): ========================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) ==================== Zaplanowane zadania (filtrowane) ============= (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) Task: {5D94B76D-480A-4AC9-9A6D-984064FFEEC8} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2017-02-15] (Adobe Systems Incorporated) Task: {8F5F9EE3-03BE-48E1-8ADA-E28D8B1EC5F5} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2016-12-19] (Adobe Systems Incorporated) (Załączenie wejścia w fixlist spowoduje przesunięcie pliku zadania (.job). Plik uruchamiany docelowo przez zadanie nie zostanie przeniesiony.) Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe ==================== Skróty ============================= (Wybrane wejścia mogą zostać załączone w celu ich zresetowania lub usunięcia.) ==================== Załadowane moduły (filtrowane) ============== 2016-04-29 10:08 - 2013-05-06 07:03 - 00034304 _____ () C:\Windows\System32\sst9clm.dll 2013-12-23 11:42 - 2012-03-19 10:39 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll 2012-03-09 08:58 - 2012-03-09 08:58 - 00462712 _____ () C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe 2012-03-09 08:58 - 2012-03-09 08:58 - 00057208 _____ () C:\Program Files\Common Files\Common Desktop Agent\CDASrvPS.dll 2013-12-23 11:40 - 2011-12-16 16:39 - 01198872 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\ACE.dll ==================== Alternate Data Streams (filtrowane) ========= (Załączenie wejścia w fixlist spowoduje usunięcie strumienia ADS.) ==================== Tryb awaryjny (filtrowane) =================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Wartość "AlternateShell" zostanie przywrócona.) ==================== Powiązania plików (filtrowane) =============== (Załączenie wejścia w fixlist spowoduje usunięcie obiektu z rejestru lub przywrócenie jego domyślnej postaci.) ==================== Internet Explorer - Witryny zaufane i z ograniczeniami =============== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru.) ==================== Hosts - zawartość: =============================== (Użycie dyrektywy Hosts: w fixlist spowoduje reset pliku Hosts.) 2009-07-14 03:34 - 2017-03-17 15:22 - 00000027 ____A C:\Windows\system32\Drivers\etc\hosts 127.0.0.1 localhost ==================== Inne obszary ============================ (Obecnie brak automatycznej naprawy dla tej sekcji.) HKU\S-1-5-21-4219447721-3461528330-2681957728-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Komputer\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg DNS Servers: 192.168.55.1 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1) Zapora systemu Windows [funkcja włączona] ==================== MSCONFIG/TASK MANAGER - Wyłączone elementy == ==================== Reguły Zapory systemu Windows (filtrowane) =============== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) FirewallRules: [SPPSVC-In-TCP] => (Allow) %SystemRoot%\system32\sppsvc.exe FirewallRules: [SPPSVC-In-TCP-NoScope] => (Allow) %SystemRoot%\system32\sppsvc.exe FirewallRules: [TCP Query User{CBB489FF-BE3A-4F05-8090-3A2399A35A6A}C:\users\Komputer\appdata\roaming\utorrent\utorrent.exe] => (Block) C:\users\Komputer\appdata\roaming\utorrent\utorrent.exe FirewallRules: [UDP Query User{6E6B725A-6FFC-4EB9-BAC0-8D71D72453CE}C:\users\Komputer\appdata\roaming\utorrent\utorrent.exe] => (Block) C:\users\Komputer\appdata\roaming\utorrent\utorrent.exe FirewallRules: [{2E687FF0-3EFF-4815-9A85-313112BBD6CB}] => (Allow) C:\Program Files\uvnc bvba\UltraVNC\vncviewer.exe FirewallRules: [{F022AA24-EE81-47A5-B091-1ED6AD2EA370}] => (Allow) C:\Program Files\uvnc bvba\UltraVNC\vncviewer.exe FirewallRules: [{4698A992-A74C-4287-8739-E7CBD30B068A}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe FirewallRules: [{718DD26E-D8B5-479E-9325-199F61AB6E78}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe FirewallRules: [TCP Query User{B45BF75C-8F2A-4B4F-9FA5-AD2739E8E47E}C:\program files (x86)\mozilla firefox\firefox.exe] => (Allow) C:\program files (x86)\mozilla firefox\firefox.exe FirewallRules: [UDP Query User{AA256A9E-9200-494A-AE90-B91817F35291}C:\program files (x86)\mozilla firefox\firefox.exe] => (Allow) C:\program files (x86)\mozilla firefox\firefox.exe FirewallRules: [{7EA86DCF-DD7D-4672-9190-9B74713D128B}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe FirewallRules: [{426AB0DD-DE1C-46FA-B702-3617B4CFD33F}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe FirewallRules: [{292B000B-7620-4B06-9C7A-6E9A097E09FE}] => (Allow) E:\setup.exe FirewallRules: [{4504C584-88BA-4791-8F3C-9916E414A402}] => (Allow) C:\Windows\twain_32\Samsung\SLC460\ScanCDLM\ScanCDLM.exe FirewallRules: [{A72AE23C-7A91-4DAF-A960-B457A539B7D4}] => (Allow) C:\Windows\twain_32\Samsung\SLC460\ScanCDLM\ScanCDLM.exe FirewallRules: [{7A2CCE2A-A774-47B9-AB2E-4B5FC4F735C1}] => (Allow) C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe FirewallRules: [{3364507A-D66C-4B95-B578-DB0449D2BFFF}] => (Allow) C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe FirewallRules: [{5E2D7D13-8695-4091-8F4A-725614723D83}] => (Allow) C:\Program Files (x86)\Samsung\Easy Printer Manager\IDS.Application.exe FirewallRules: [{77BFD23E-1975-4BEB-9056-5BCDE14E075C}] => (Allow) C:\Program Files (x86)\Samsung\Easy Printer Manager\IDS.Application.exe FirewallRules: [{762B2565-EE40-4F00-A197-C25E5ABFA019}] => (Allow) C:\Program Files (x86)\Samsung\Easy Printer Manager\OrderSupplies.exe FirewallRules: [{6B3B6155-BC84-4870-AC0A-1D551555777C}] => (Allow) C:\Program Files (x86)\Samsung\Easy Printer Manager\OrderSupplies.exe FirewallRules: [{CF1F1B51-DB0A-4843-89E0-FE2889740EEB}] => (Allow) C:\Program Files (x86)\Samsung\Easy Printer Manager\IDSAlert.exe FirewallRules: [{46CA50C0-7D71-4D7F-8D4C-CDBE78639436}] => (Allow) C:\Program Files (x86)\Samsung\Easy Printer Manager\IDSAlert.exe FirewallRules: [{9D7641E6-D901-433D-96A5-79E8211C8FFD}] => (Allow) C:\Program Files (x86)\Samsung\Easy Printer Manager\uninstall.exe FirewallRules: [{D6233CD6-F23C-4547-B3D9-CCB9C33059D3}] => (Allow) C:\Program Files (x86)\Samsung\Easy Printer Manager\uninstall.exe FirewallRules: [{38311C7F-2B98-4BA1-A2F0-A7026A75516B}] => (Allow) C:\Program Files (x86)\Samsung\Easy Printer Manager\CDAS2PC\CDAS2PC.exe FirewallRules: [{433A5BD5-4BEF-44CE-86D8-A1EF20FF66F4}] => (Allow) C:\Program Files (x86)\Samsung\Easy Printer Manager\CDAS2PC\CDAS2PC.exe FirewallRules: [{3C24D64B-68F6-438D-BF55-7F380EC1BFFA}] => (Allow) C:\Program Files (x86)\Samsung\Easy Document Creator\EDC.exe FirewallRules: [{8D628E66-EF0D-4C53-B772-04D41D1B08E5}] => (Allow) C:\Program Files (x86)\Samsung\Easy Document Creator\EDC.exe ==================== Punkty Przywracania systemu ========================= 16-03-2017 12:02:42 Windows Update 16-03-2017 12:28:02 Windows Update 16-03-2017 13:53:40 Windows Update 16-03-2017 13:59:53 Windows Update 16-03-2017 14:29:17 Windows Update 17-03-2017 09:10:57 Windows Update 17-03-2017 09:50:45 Windows Update 17-03-2017 15:11:39 Punkt przywracania utworzony przez HitmanPro ==================== Wadliwe urządzenia w Menedżerze urządzeń ============= ==================== Błędy w Dzienniku zdarzeń: ========================= Dziennik Aplikacja: ================== Error: (03/17/2017 03:26:28 PM) (Source: WinMgmt) (EventID: 10) (User: ) Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected. Error: (03/17/2017 02:08:18 PM) (Source: WinMgmt) (EventID: 10) (User: ) Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected. Error: (03/17/2017 10:17:05 AM) (Source: WinMgmt) (EventID: 10) (User: ) Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected. Error: (03/17/2017 09:58:27 AM) (Source: WinMgmt) (EventID: 10) (User: ) Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected. Error: (03/17/2017 09:17:54 AM) (Source: WinMgmt) (EventID: 10) (User: ) Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected. Error: (03/17/2017 09:08:39 AM) (Source: WinMgmt) (EventID: 10) (User: ) Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected. Error: (03/17/2017 08:47:49 AM) (Source: WinMgmt) (EventID: 10) (User: ) Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected. Error: (03/16/2017 03:42:50 PM) (Source: WinMgmt) (EventID: 10) (User: ) Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected. Error: (03/16/2017 03:35:51 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Nazwa aplikacji powodującej błąd: devmonsrv.exe, wersja: 2.2.0.212, sygnatura czasowa: 0x4fcc6a90 Nazwa modułu powodującego błąd: unknown, wersja: 0.0.0.0, sygnatura czasowa: 0x00000000 Kod wyjątku: 0xc0000005 Przesunięcie błędu: 0x00000000 Identyfikator procesu powodującego błąd: 0xc6c Godzina uruchomienia aplikacji powodującej błąd: 0x01d29e54f3f59397 Ścieżka aplikacji powodującej błąd: C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe Ścieżka modułu powodującego błąd: unknown Identyfikator raportu: da49b87e-0a55-11e7-8516-c81f6604260c Error: (03/16/2017 01:58:04 PM) (Source: WinMgmt) (EventID: 10) (User: ) Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected. Dziennik System: ============= Error: (03/17/2017 03:22:04 PM) (Source: Service Control Manager) (EventID: 7030) (User: ) Description: Usługa PEVSystemStart jest oznaczona jako usługa interakcyjna. System jest jednak skonfigurowany tak, aby nie zezwalać na usługi interakcyjne, dlatego ta usługa może nie działać właściwie. Error: (03/17/2017 03:21:40 PM) (Source: Application Popup) (EventID: 1060) (User: ) Description: Ładowanie sterownika \??\C:\ComboFix\catchme.sys zostało zablokowane z powodu niezgodności z tym systemem. Skontaktuj się z dostawcą oprogramowania w celu uzyskania zgodnej wersji sterownika. Error: (03/17/2017 03:20:04 PM) (Source: Service Control Manager) (EventID: 7030) (User: ) Description: Usługa PEVSystemStart jest oznaczona jako usługa interakcyjna. System jest jednak skonfigurowany tak, aby nie zezwalać na usługi interakcyjne, dlatego ta usługa może nie działać właściwie. Error: (03/17/2017 02:06:45 PM) (Source: BugCheck) (EventID: 1001) (User: ) Description: Nastąpił ponowny rozruch komputera po operacji wykrywania błędów. Wyniki tej operacji były następujące: 0x00000109 (0xa3a039d89dab76c6, 0xb3b7465ef029b3a4, 0xfffff88002f705c0, 0x0000000000000002). Zrzut zapisano w: C:\Windows\MEMORY.DMP. Identyfikator raportu: 031717-19936-01. Error: (03/17/2017 02:06:44 PM) (Source: EventLog) (EventID: 6008) (User: ) Description: Poprzednie zamknięcie systemu przy 14:05:36 na ‎2017-‎03-‎17 było nieoczekiwane. Error: (03/17/2017 10:03:44 AM) (Source: Disk) (EventID: 11) (User: ) Description: Sterownik wykrył błąd kontrolera na \Device\Harddisk1\DR1. Error: (03/17/2017 10:03:43 AM) (Source: Disk) (EventID: 11) (User: ) Description: Sterownik wykrył błąd kontrolera na \Device\Harddisk1\DR1. Error: (03/17/2017 10:03:43 AM) (Source: Disk) (EventID: 11) (User: ) Description: Sterownik wykrył błąd kontrolera na \Device\Harddisk1\DR1. Error: (03/17/2017 09:56:04 AM) (Source: Microsoft-Windows-LanguagePackSetup) (EventID: 1000) (User: ZARZĄDZANIE NT) Description: Inicjacja klienta CBS nie powiodła się. Ostatni błąd: 0x8007045b Error: (03/16/2017 04:30:03 PM) (Source: Service Control Manager) (EventID: 7043) (User: ) Description: Usługa Diagnostics Tracking Service nie została poprawnie zamknięta po odebraniu kodu sterującego przed zamknięciem. CodeIntegrity: =================================== Date: 2017-03-17 15:21:40.830 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2017-03-17 15:21:40.799 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2015-10-12 12:30:08.931 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\drivers\e52417.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2015-10-12 12:30:08.900 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\drivers\e52417.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. ==================== Statystyki pamięci =========================== Procesor: Intel(R) Core(TM) i3-3240 CPU @ 3.40GHz Procent pamięci w użyciu: 50% Całkowita pamięć fizyczna: 3970.02 MB Dostępna pamięć fizyczna: 1967.91 MB Całkowita pamięć wirtualna: 7938.22 MB Dostępna pamięć wirtualna: 5920.71 MB ==================== Dyski ================================ Drive c: () (Fixed) (Total:218.75 GB) (Free:177.78 GB) NTFS Drive d: () (Fixed) (Total:229.87 GB) (Free:229.75 GB) NTFS Drive f: (USB DISK) (Removable) (Total:7.45 GB) (Free:4.13 GB) FAT32 ==================== MBR & Tablica partycji ================== ======================================================== Disk: 0 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: 284BF014) Partition 1: (Not Active) - (Size=39 MB) - (Type=DE) Partition 2: (Active) - (Size=17.1 GB) - (Type=07 NTFS) Partition 3: (Not Active) - (Size=218.8 GB) - (Type=07 NTFS) Partition 4: (Not Active) - (Size=229.9 GB) - (Type=07 NTFS) ======================================================== Disk: 1 (MBR Code: Windows XP) (Size: 7.5 GB) (Disk ID: C3072E18) Partition 1: (Not Active) - (Size=7.5 GB) - (Type=0B) ==================== Koniec Addition.txt ============================