Addition.txt

Prośba o sprawdzenie logów FRST z innego PC po trojanie.

Trojan pochodził z oryginalnej gry Far cry 3 blood dragon, niby został usunięty ale wole by ktoś sprawdził logi FRST. Sama gra też została usunięta.

Rezultaty skanu uzupełniającego Farbar Recovery Scan Tool (x64) Wersja: 21.01.2018
Uruchomiony przez Admin (26-01-2018 21:05:16)
Uruchomiony z C:\Users\Admin\Desktop\Nowy folder
Windows 7 Professional Service Pack 1 (X64) (2018-01-23 17:49:02)
Tryb startu: Normal
==========================================================


==================== Konta użytkowników: =============================

Admin (S-1-5-21-407032326-2938371251-3657122547-1001 - Administrator - Enabled) = & gt; C:\Users\Admin
Administrator (S-1-5-21-407032326-2938371251-3657122547-500 - Administrator - Disabled)
Gość (S-1-5-21-407032326-2938371251-3657122547-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-407032326-2938371251-3657122547-1002 - Limited - Enabled)

==================== Centrum zabezpieczeń ========================

(Załączenie wejścia w fixlist spowoduje jego usunięcie.)

AV: Avast Antivirus (Enabled - Up to date) {8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF}
AV: Malwarebytes (Disabled - Up to date) {23007AD3-69FE-687C-2629-D584AFFAF72B}
AS: Malwarebytes (Disabled - Up to date) {98619B37-4FC4-67F2-1C99-EEF6D47DBD96}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avast Antivirus (Enabled - Up to date) {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402}

==================== Zainstalowane programy ======================

(W fixlist dozwolone tylko załączanie programów adware z flagą " Hidden " w celu ich uwidocznienia. Programy adware powinny zostać w poprawny sposób odinstalowane.)

Adobe Flash Player 28 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 28.0.0.137 - Adobe Systems Incorporated)
Aktualizacje NVIDIA 31.0.1.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 31.0.1.0 - NVIDIA Corporation) Hidden
Avast Free Antivirus (HKLM-x32\...\Avast Antivirus) (Version: 17.9.2322 - AVAST Software)
DisplayDriverAnalyzer (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_DisplayDriverAnalyzer) (Version: 390.65 - NVIDIA Corporation) Hidden
Facebook Gameroom 1.20.6598.21896 (HKLM-x32\...\{C51FED78-02E5-4A80-B4D0-A4A474BB0CDD}) (Version: 1.20.6598.21896 - Facebook)
Java 8 Update 161 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F64180161F0}) (Version: 8.0.1610.12 - Oracle Corporation)
Malwarebytes (wersja 3.3.1.2183) (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.3.1.2183 - Malwarebytes)
Microsoft .NET Framework 4.7 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.7.02053 - Microsoft Corporation)
Microsoft .NET Framework 4.7 (Polski) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1045) (Version: 4.7.02053 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{7f51bdb9-ee21-49ee-94d6-90afc321780e}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
Mozilla Firefox 58.0 (x64 pl) (HKLM\...\Mozilla Firefox 58.0 (x64 pl)) (Version: 58.0 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 58.0 - Mozilla)
NVIDIA GeForce Experience 3.11.0.73 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.11.0.73 - NVIDIA Corporation)
NVIDIA Oprogramowanie systemu PhysX 9.17.0524 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.17.0524 - NVIDIA Corporation)
NVIDIA Sterownik dźwięku HD 1.3.36.6 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.36.6 - NVIDIA Corporation)
NVIDIA Sterownik graficzny 390.65 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 390.65 - NVIDIA Corporation)
Panel sterowania NVIDIA 390.65 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel) (Version: 390.65 - NVIDIA Corporation) Hidden
Roblox Player for Admin (HKU\S-1-5-21-407032326-2938371251-3657122547-1001\...\{373B1718-8CC5-4567-8EE2-9033AD08A680}) (Version: - Roblox Corporation)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Uplay (HKLM-x32\...\Uplay) (Version: 47.0 - Ubisoft)
Vulkan Run Time Libraries 1.0.65.0 (HKLM\...\VulkanRT1.0.65.0) (Version: 1.0.65.0 - LunarG, Inc.) Hidden
WinRAR 5.50 (64-bitowy) (HKLM\...\WinRAR archiver) (Version: 5.50.0 - win.rar GmbH)

==================== Niestandardowe rejestracje CLSID (filtrowane): ==========================

(Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.)

ShellIconOverlayIdentifiers: [00asw] - & gt; {472083B0-C522-11CF-8763-00608CC02F24} = & gt; C:\Program Files\AVAST Software\Avast\ashShA64.dll [2018-01-23] (AVAST Software)
ContextMenuHandlers1: [avast] - & gt; {472083B0-C522-11CF-8763-00608CC02F24} = & gt; C:\Program Files\AVAST Software\Avast\ashShA64.dll [2018-01-23] (AVAST Software)
ContextMenuHandlers1: [WinRAR] - & gt; {B41DB860-64E4-11D2-9906-E49FADC173CA} = & gt; C:\Program Files\WinRAR\rarext.dll [2017-09-13] (Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] - & gt; {B41DB860-8EE4-11D2-9906-E49FADC173CA} = & gt; C:\Program Files\WinRAR\rarext32.dll [2017-09-13] (Alexander Roshal)
ContextMenuHandlers3: [00asw] - & gt; {472083B0-C522-11CF-8763-00608CC02F24} = & gt; C:\Program Files\AVAST Software\Avast\ashShA64.dll [2018-01-23] (AVAST Software)
ContextMenuHandlers3: [MBAMShlExt] - & gt; {57CE581A-0CB6-4266-9CA0-19364C90A0B3} = & gt; C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2017-11-01] (Malwarebytes)
ContextMenuHandlers5: [NvCplDesktopContext] - & gt; {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} = & gt; C:\Windows\system32\nvshext.dll [2018-01-04] (NVIDIA Corporation)
ContextMenuHandlers6: [avast] - & gt; {472083B0-C522-11CF-8763-00608CC02F24} = & gt; C:\Program Files\AVAST Software\Avast\ashShA64.dll [2018-01-23] (AVAST Software)
ContextMenuHandlers6: [MBAMShlExt] - & gt; {57CE581A-0CB6-4266-9CA0-19364C90A0B3} = & gt; C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2017-11-01] (Malwarebytes)
ContextMenuHandlers6: [WinRAR] - & gt; {B41DB860-64E4-11D2-9906-E49FADC173CA} = & gt; C:\Program Files\WinRAR\rarext.dll [2017-09-13] (Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] - & gt; {B41DB860-8EE4-11D2-9906-E49FADC173CA} = & gt; C:\Program Files\WinRAR\rarext32.dll [2017-09-13] (Alexander Roshal)

==================== Zaplanowane zadania (filtrowane) =============

(Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.)

Task: {5245A176-6864-48E9-825D-D5EDB08CD0DF} - System32\Tasks\Avast Software\Overseer = & gt; C:\Program Files\Common Files\Avast Software\Overseer\overseer.exe [2018-01-23] (AVAST Software)
Task: {5395E667-2589-46C4-973C-A73442306634} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} = & gt; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [2018-01-04] (NVIDIA Corporation)
Task: {56CEAA95-729D-4C0D-9974-CCC7561DC3BB} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} = & gt; C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [2018-01-04] (NVIDIA Corporation)
Task: {70066CA5-7D41-4EA7-85AF-75E743F890F4} - System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} = & gt; C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2018-01-04] (NVIDIA Corporation)
Task: {735F90CB-032A-41B2-8CA0-2491C3222C9B} - System32\Tasks\NvTmRepOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} = & gt; C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2018-01-04] (NVIDIA Corporation)
Task: {88CD9A7B-2857-4B63-93FE-3727669812D6} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} = & gt; C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2018-01-04] (NVIDIA Corporation)
Task: {AB469E29-163F-4140-834B-CF264FE280A2} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} = & gt; C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [2018-01-04] (NVIDIA Corporation)
Task: {DB7695EC-857D-4AE1-ABCB-4A2D433EF749} - System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} = & gt; C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmMon.exe [2018-01-04] (NVIDIA Corporation)
Task: {DFD9B3F9-12F3-4788-872E-48013158B6FF} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} = & gt; C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2018-01-04] (NVIDIA Corporation)
Task: {E6A3E509-16AC-4728-8953-838938EC8552} - System32\Tasks\Avast Emergency Update = & gt; C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe [2018-01-23] (AVAST Software)

(Załączenie wejścia w fixlist spowoduje przesunięcie pliku zadania (.job). Plik uruchamiany docelowo przez zadanie nie zostanie przeniesiony.)


==================== Skróty & WMI ========================

(Wybrane wejścia mogą zostać załączone w celu ich zresetowania lub usunięcia.)


==================== Załadowane moduły (filtrowane) ==============

2018-01-23 19:07 - 2018-01-04 02:39 - 000544056 _____ () C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem\DisplayDriverAnalyzer\_DisplayDriverCrashAnalyzer64.dll
2018-01-23 18:52 - 2018-01-23 18:52 - 000067920 _____ () c:\Program Files\AVAST Software\Avast\x64\module_lifetime.dll
2018-01-23 18:52 - 2018-01-23 18:52 - 000067984 _____ () C:\Program Files\AVAST Software\Avast\x64\dll_loader.dll
2018-01-23 18:52 - 2018-01-23 18:52 - 000236840 _____ () c:\Program Files\AVAST Software\Avast\x64\vaarclient.dll
2018-01-23 18:52 - 2018-01-23 18:52 - 000902824 _____ () C:\Program Files\AVAST Software\Avast\x64\ffl2.dll
2018-01-23 18:52 - 2018-01-23 18:52 - 000349568 _____ () c:\Program Files\AVAST Software\Avast\x64\StreamBack.dll
2018-01-23 18:52 - 2018-01-23 18:52 - 000058016 _____ () C:\Program Files\AVAST Software\Avast\module_lifetime.dll
2018-01-23 18:52 - 2018-01-23 18:52 - 000057504 _____ () C:\Program Files\AVAST Software\Avast\dll_loader.dll
2018-01-23 18:52 - 2018-01-23 18:52 - 000206152 _____ () C:\Program Files\AVAST Software\Avast\JsonRpcServer.dll
2018-01-23 18:52 - 2018-01-23 18:52 - 000289272 _____ () C:\Program Files\AVAST Software\Avast\tasks_core.dll
2018-01-23 18:52 - 2018-01-23 18:52 - 000196248 _____ () C:\Program Files\AVAST Software\Avast\network_notifications.dll
2018-01-26 16:09 - 2018-01-26 16:09 - 005779088 _____ () C:\Program Files\AVAST Software\Avast\defs\18012604\algo.dll
2018-01-23 18:52 - 2018-01-23 18:52 - 000745408 _____ () C:\Program Files\AVAST Software\Avast\ffl2.dll
2018-01-23 18:52 - 2018-01-23 18:52 - 000148936 _____ () C:\Program Files\AVAST Software\Avast\hns_tools.dll
2018-01-23 18:52 - 2018-01-23 18:52 - 000293944 _____ () C:\Program Files\AVAST Software\Avast\streamback.dll
2018-01-26 20:27 - 2018-01-26 20:27 - 005779088 _____ () C:\Program Files\AVAST Software\Avast\defs\18012606\algo.dll
2018-01-23 18:53 - 2018-01-23 18:53 - 067109376 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2018-01-23 18:52 - 2018-01-23 18:52 - 000282560 _____ () C:\Program Files\AVAST Software\Avast\gaming_mode_ui.dll

==================== Alternate Data Streams (filtrowane) =========

(Załączenie wejścia w fixlist spowoduje usunięcie strumienia ADS.)


==================== Tryb awaryjny (filtrowane) ===================

(Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Wartość " AlternateShell " zostanie przywrócona.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService = & gt; " " = " Service "
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService = & gt; " " = " Service "

==================== Powiązania plików (filtrowane) ===============

(Załączenie wejścia w fixlist spowoduje usunięcie obiektu z rejestru lub przywrócenie jego domyślnej postaci.)


==================== Internet Explorer - Witryny zaufane i z ograniczeniami ===============

(Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru.)


==================== Hosts - zawartość: ===============================

(Użycie dyrektywy Hosts: w fixlist spowoduje reset pliku Hosts.)

2009-07-14 03:34 - 2009-06-10 22:00 - 000000824 _____ C:\Windows\system32\Drivers\etc\hosts


==================== Inne obszary ============================

(Obecnie brak automatycznej naprawy dla tej sekcji.)

HKU\S-1-5-21-407032326-2938371251-3657122547-1001\Control Panel\Desktop\\Wallpaper - & gt; C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 37.8.214.2 - 31.11.202.254
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System = & gt; (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Zapora systemu Windows [funkcja włączona]

==================== MSCONFIG/TASK MANAGER - Wyłączone elementy ==


==================== Reguły Zapory systemu Windows (filtrowane) ===============

(Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.)

FirewallRules: [SPPSVC-In-TCP] = & gt; (Allow) %SystemRoot%\system32\sppsvc.exe
FirewallRules: [SPPSVC-In-TCP-NoScope] = & gt; (Allow) %SystemRoot%\system32\sppsvc.exe
FirewallRules: [{2A11E4E3-6203-49BD-9537-CA315DD65C9D}] = & gt; (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{E3ADFE4F-458A-49F9-BFC5-23C2FFA2037B}] = & gt; (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{DA66B6AA-3E9E-42AD-B670-C66AE6F858BD}] = & gt; (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
FirewallRules: [{04BDBECC-49E0-4C2A-B3DE-18A1EFC500CE}] = & gt; (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
FirewallRules: [{4F25DAAE-BE00-43CD-B05D-B4949CD3615B}] = & gt; (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
FirewallRules: [{8B2AFBBC-3C84-494C-8EAD-32AC830B75DA}] = & gt; (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{2803C467-7316-4201-B48A-BDA95BFCCD3D}] = & gt; (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{4768BE29-CFEF-423F-A1AD-3E86FFBA73B0}] = & gt; (Allow) D:\Steam\Steam.exe
FirewallRules: [{5D5C64E4-7061-4B18-9C7A-A394AAF48B3C}] = & gt; (Allow) D:\Steam\Steam.exe
FirewallRules: [{EBE83994-A708-4BD1-8396-488D0A6B9C4B}] = & gt; (Allow) D:\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{7D723ADB-530A-4FCC-8965-E14EF8DCB6C6}] = & gt; (Allow) D:\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{29566556-8618-4EBA-B53E-52F13B6939B3}] = & gt; (Allow) D:\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{2169882C-49F6-4C88-8CC1-5A15FF3BFB58}] = & gt; (Allow) D:\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{B01557F6-F48B-4082-8178-4479F65D175B}] = & gt; (Allow) D:\Ubisoft\Ubisoft Game Launcher\games\Far Cry 3 Blood Dragon\bin\fc3_blooddragon.exe
FirewallRules: [{A4AFE07F-0F2C-4B6F-9C90-9411012B18C2}] = & gt; (Allow) D:\Ubisoft\Ubisoft Game Launcher\games\Far Cry 3 Blood Dragon\bin\fc3_blooddragon.exe
FirewallRules: [{9835532C-0736-466B-9517-C12A76C18A69}] = & gt; (Allow) D:\Ubisoft\Ubisoft Game Launcher\games\Far Cry 3 Blood Dragon\bin\fc3_blooddragon_d3d11_b.exe
FirewallRules: [{B74E454C-6179-4CA5-8197-AC83C1F21C19}] = & gt; (Allow) D:\Ubisoft\Ubisoft Game Launcher\games\Far Cry 3 Blood Dragon\bin\fc3_blooddragon_d3d11_b.exe
FirewallRules: [{C55782FB-2AFC-4AC8-B23A-7D12F9D57CA4}] = & gt; (Allow) D:\Ubisoft\Ubisoft Game Launcher\games\Far Cry 3 Blood Dragon\bin\fc3_blooddragon_d3d11.exe
FirewallRules: [{B747664B-5122-4AEF-9C6F-EC0F750A35A2}] = & gt; (Allow) D:\Ubisoft\Ubisoft Game Launcher\games\Far Cry 3 Blood Dragon\bin\fc3_blooddragon_d3d11.exe

==================== Punkty Przywracania systemu =========================

23-01-2018 19:05:27 Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005
23-01-2018 19:05:50 Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005
23-01-2018 19:08:31 Zainstalowany program DirectX
23-01-2018 20:12:09 Zainstalowany program DirectX
24-01-2018 18:14:23 Zainstalowany program DirectX

==================== Wadliwe urządzenia w Menedżerze urządzeń =============


==================== Błędy w Dzienniku zdarzeń: =========================

Dziennik Aplikacja:
==================
Error: (01/26/2018 08:26:49 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query " SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA " Win32_Processor " AND TargetInstance.LoadPercentage & gt; 99 " could not be reactivated in namespace " //./root/CIMV2 " because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.

Error: (01/26/2018 08:09:01 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query " SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA " Win32_Processor " AND TargetInstance.LoadPercentage & gt; 99 " could not be reactivated in namespace " //./root/CIMV2 " because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.

Error: (01/25/2018 09:59:47 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query " SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA " Win32_Processor " AND TargetInstance.LoadPercentage & gt; 99 " could not be reactivated in namespace " //./root/CIMV2 " because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.

Error: (01/25/2018 03:06:17 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nazwa aplikacji powodującej błąd: FacebookGameroom.exe, wersja: 1.12.6582.35661, sygnatura czasowa: 0x5a543b9a
Nazwa modułu powodującego błąd: libcef.dll, wersja: 3.2987.1601.0, sygnatura czasowa: 0x5984c1cd
Kod wyjątku: 0xc0000005
Przesunięcie błędu: 0x01afeb06
Identyfikator procesu powodującego błąd: 0x6f0
Godzina uruchomienia aplikacji powodującej błąd: 0x01d395bba813aabe
Ścieżka aplikacji powodującej błąd: C:\Users\Admin\AppData\Local\Facebook\Games\FacebookGameroom.exe
Ścieżka modułu powodującego błąd: C:\Users\Admin\AppData\Local\Facebook\Games\libcef.dll
Identyfikator raportu: e9081a06-01d8-11e8-9a2f-bc5ff4035197

Error: (01/25/2018 03:06:15 PM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Aplikacja: FacebookGameroom.exe
Wersja architektury: v4.0.30319
Opis: proces został przerwany z powodu nieobsłużonego wyjątku.
Informacje o wyjątku: kod wyjątku: c0000005, adres wyjątku: 56B3EB06
Stos:

Error: (01/25/2018 10:06:09 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query " SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA " Win32_Processor " AND TargetInstance.LoadPercentage & gt; 99 " could not be reactivated in namespace " //./root/CIMV2 " because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.

Error: (01/25/2018 09:20:03 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query " SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA " Win32_Processor " AND TargetInstance.LoadPercentage & gt; 99 " could not be reactivated in namespace " //./root/CIMV2 " because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.

Error: (01/24/2018 07:02:09 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query " SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA " Win32_Processor " AND TargetInstance.LoadPercentage & gt; 99 " could not be reactivated in namespace " //./root/CIMV2 " because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.

Error: (01/24/2018 01:47:49 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query " SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA " Win32_Processor " AND TargetInstance.LoadPercentage & gt; 99 " could not be reactivated in namespace " //./root/CIMV2 " because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.

Error: (01/24/2018 09:02:41 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query " SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA " Win32_Processor " AND TargetInstance.LoadPercentage & gt; 99 " could not be reactivated in namespace " //./root/CIMV2 " because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.


Dziennik System:
=============
Error: (01/25/2018 09:57:29 PM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: Upłynął limit czasu (30000 ms) podczas oczekiwania na odpowiedź transakcji z usługi MBAMService.

Error: (01/25/2018 04:41:05 PM) (Source: Schannel) (EventID: 4119) (User: ZARZĄDZANIE NT)
Description: Odebrano następujący alert krytyczny: 70.

Error: (01/25/2018 04:41:05 PM) (Source: Schannel) (EventID: 4119) (User: ZARZĄDZANIE NT)
Description: Odebrano następujący alert krytyczny: 70.

Error: (01/25/2018 10:05:22 AM) (Source: EventLog) (EventID: 6008) (User: )
Description: Poprzednie zamknięcie systemu przy 10:04:05 na ‎2018-‎01-‎25 było nieoczekiwane.

Error: (01/24/2018 11:17:56 PM) (Source: Schannel) (EventID: 4119) (User: ZARZĄDZANIE NT)
Description: Odebrano następujący alert krytyczny: 70.

Error: (01/24/2018 11:17:56 PM) (Source: Schannel) (EventID: 4119) (User: ZARZĄDZANIE NT)
Description: Odebrano następujący alert krytyczny: 70.

Error: (01/24/2018 09:13:51 PM) (Source: Schannel) (EventID: 4119) (User: ZARZĄDZANIE NT)
Description: Odebrano następujący alert krytyczny: 70.

Error: (01/24/2018 09:13:51 PM) (Source: Schannel) (EventID: 4119) (User: ZARZĄDZANIE NT)
Description: Odebrano następujący alert krytyczny: 70.

Error: (01/24/2018 07:07:07 PM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: Usługa Windows Update zawiesiła się podczas uruchamiania.

Error: (01/24/2018 03:15:25 PM) (Source: cdrom) (EventID: 11) (User: )
Description: Sterownik wykrył błąd kontrolera na \Device\CdRom1.


==================== Statystyki pamięci ===========================

Procesor: Intel(R) Core(TM)2 Quad CPU Q8200 @ 2.33GHz
Procent pamięci w użyciu: 41%
Całkowita pamięć fizyczna: 4061.09 MB
Dostępna pamięć fizyczna: 2375.51 MB
Całkowita pamięć wirtualna: 8120.36 MB
Dostępna pamięć wirtualna: 6205.4 MB

==================== Dyski ================================

Drive c: () (Fixed) (Total:171.87 GB) (Free:142.07 GB) NTFS
Drive d: () (Fixed) (Total:293.79 GB) (Free:269.18 GB) NTFS

==================== MBR & Tablica partycji ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: F0745BAA)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=293.8 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=171.9 GB) - (Type=07 NTFS)

==================== Koniec Addition.txt ============================