Rezultaty skanu uzupełniającego Farbar Recovery Scan Tool (x64) Wersja: 08-05-2017 Uruchomiony przez Grzegorz (13-05-2017 18:21:23) Uruchomiony z D:\Instalki Windows 7 Professional Service Pack 1 (X64) (2017-05-12 09:11:15) Tryb startu: Normal ========================================================== ==================== Konta użytkowników: ============================= Administrator (S-1-5-21-2218688497-3484540407-2543524471-500 - Administrator - Disabled) Gość (S-1-5-21-2218688497-3484540407-2543524471-501 - Limited - Disabled) Grzegorz (S-1-5-21-2218688497-3484540407-2543524471-1001 - Administrator - Enabled) => C:\Users\Grzegorz HomeGroupUser$ (S-1-5-21-2218688497-3484540407-2543524471-1002 - Limited - Enabled) ==================== Centrum zabezpieczeń ======================== (Załączenie wejścia w fixlist spowoduje jego usunięcie.) AV: Avast Antivirus (Enabled - Up to date) {8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF} AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: Avast Antivirus (Enabled - Up to date) {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402} ==================== Zainstalowane programy ====================== (W fixlist dozwolone tylko załączanie programów adware z flagą "Hidden" w celu ich uwidocznienia. Programy adware powinny zostać w poprawny sposób odinstalowane.) AMD Catalyst Install Manager (HKLM\...\{7E5DC2C5-115A-322B-976C-219237FAED66}) (Version: 8.0.916.0 - Advanced Micro Devices, Inc.) Avast Free Antivirus (HKLM-x32\...\Avast Antivirus) (Version: 17.4.2294 - AVAST Software) Brother MFL-Pro Suite DCP-J105 (HKLM-x32\...\{B742757A-7658-4E09-A51A-085CF0F7F4D3}) (Version: 1.0.0.0 - Brother Industries, Ltd.) CCleaner (HKLM\...\CCleaner) (Version: 5.04 - Piriform) DriverToolkit version 8.5.0.0 (HKLM-x32\...\{D66BF89F-B0A2-48F5-A2E4-242EB645AB76}_is1) (Version: 8.5.0.0 - Megaify Software) Microsoft .NET Framework 4.6.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.6.01055 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319 (HKLM\...\{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}) (Version: 10.0.30319 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319 (HKLM-x32\...\{196BB40D-1578-3D01-B289-BEFC77A11A1E}) (Version: 10.0.30319 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (HKLM-x32\...\{15134cb0-b767-4960-a911-f2d16ae54797}) (Version: 11.0.50727.1 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 (HKLM-x32\...\{22154f09-719a-4619-bb71-5b3356999fbf}) (Version: 11.0.50727.1 - Microsoft Corporation) Opera Stable 45.0.2552.635 (HKLM-x32\...\Opera 45.0.2552.635) (Version: 45.0.2552.635 - Opera Software) Platform (x32 Version: 1.42 - VIA Technologies, Inc.) Hidden VIA Platforma Menedżera urządzeń (HKLM-x32\...\InstallShield_{20D4A895-748C-4D88-871C-FDB1695B0169}) (Version: 1.42 - VIA Technologies, Inc.) WinZip (HKLM-x32\...\WinZip) (Version: 9.0 SR-1 (6224) - WinZip Computing, Inc.) ==================== Niestandardowe rejestracje CLSID (filtrowane): ========================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) ==================== Zaplanowane zadania (filtrowane) ============= (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) Task: {22EC262D-874A-4F3F-B00F-1E4952D31CA3} - System32\Tasks\Opera scheduled Autoupdate 1494580575 => C:\Program Files\Opera\launcher.exe [2017-05-08] (Opera Software) Task: {3C1EA345-B34C-4947-83AD-82D33D2786AD} - System32\Tasks\CCleanerSkipUAC => D:\Programy\CCleaner\CCleaner.exe [2015-03-13] (Piriform Ltd) Task: {4B17E59A-E9C8-4A77-A910-DF0EAC22F235} - System32\Tasks\AVAST Software\Avast settings backup => C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe [2017-05-12] (AVAST Software) Task: {A3B40713-1D5C-44D9-87A8-888BB243623C} - System32\Tasks\Avast Emergency Update => D:\Programy\AVAST Software\AvEmUpdate.exe [2017-05-12] (AVAST Software) (Załączenie wejścia w fixlist spowoduje przesunięcie pliku zadania (.job). Plik uruchamiany docelowo przez zadanie nie zostanie przeniesiony.) Task: C:\Windows\Tasks\DriverToolkit Autorun.job => F:\Programy\DriverToolkit\DriverToolkit.exe ==================== Skróty ============================= (Wybrane wejścia mogą zostać załączone w celu ich zresetowania lub usunięcia.) ==================== Załadowane moduły (filtrowane) ============== 2017-05-13 01:00 - 2005-04-22 06:36 - 00143360 ____R () C:\Windows\system32\BrSNMP64.dll 2017-05-12 20:36 - 2017-05-12 20:36 - 00162024 _____ () d:\Programy\AVAST Software\x64\vaarclient.dll 2017-05-12 20:36 - 2017-05-12 20:36 - 00825960 _____ () D:\Programy\AVAST Software\x64\ffl2.dll 2017-05-12 20:36 - 2017-05-12 20:36 - 00275776 _____ () d:\Programy\AVAST Software\x64\StreamBack.dll 2017-05-12 11:16 - 2017-05-08 10:58 - 90104920 _____ () C:\Program Files\Opera\45.0.2552.635\opera_browser.dll 2017-05-12 11:16 - 2017-05-08 10:57 - 03949144 _____ () C:\Program Files\Opera\45.0.2552.635\libglesv2.dll 2017-05-12 11:16 - 2017-05-08 10:57 - 00101464 _____ () C:\Program Files\Opera\45.0.2552.635\libegl.dll 2017-05-12 20:36 - 2017-05-12 20:36 - 00170216 _____ () D:\Programy\AVAST Software\JsonRpcServer.dll 2017-05-12 20:36 - 2017-05-12 20:36 - 00176992 _____ () D:\Programy\AVAST Software\event_routing_rpc.dll 2017-05-12 20:36 - 2017-05-12 20:36 - 00223224 _____ () D:\Programy\AVAST Software\tasks_core.dll 2017-05-13 01:07 - 2017-05-13 01:07 - 05978624 _____ () D:\Programy\AVAST Software\defs\17051208\algo.dll 2017-05-12 20:36 - 2017-05-12 20:36 - 00684656 _____ () D:\Programy\AVAST Software\ffl2.dll 2017-05-13 01:00 - 2009-02-27 16:38 - 00139264 ____R () C:\Program Files (x86)\Brother\BrUtilities\BrLogAPI.dll 2017-05-12 20:36 - 2017-05-12 20:36 - 00997896 _____ () D:\Programy\AVAST Software\AvChrome.dll 2017-05-12 20:36 - 2017-05-12 20:36 - 67717632 _____ () D:\Programy\AVAST Software\libcef.dll 2017-05-12 20:36 - 2017-05-12 20:36 - 00291824 _____ () D:\Programy\AVAST Software\gaming_mode_ui.dll ==================== Alternate Data Streams (filtrowane) ========= (Załączenie wejścia w fixlist spowoduje usunięcie strumienia ADS.) ==================== Tryb awaryjny (filtrowane) =================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Wartość "AlternateShell" zostanie przywrócona.) ==================== Powiązania plików (filtrowane) =============== (Załączenie wejścia w fixlist spowoduje usunięcie obiektu z rejestru lub przywrócenie jego domyślnej postaci.) ==================== Internet Explorer - Witryny zaufane i z ograniczeniami =============== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru.) ==================== Hosts - zawartość: =============================== (Użycie dyrektywy Hosts: w fixlist spowoduje reset pliku Hosts.) 2009-07-14 04:34 - 2009-06-10 23:00 - 00000824 _____ C:\Windows\system32\Drivers\etc\hosts ==================== Inne obszary ============================ (Obecnie brak automatycznej naprawy dla tej sekcji.) HKU\S-1-5-21-2218688497-3484540407-2543524471-1001\Control Panel\Desktop\\Wallpaper -> DNS Servers: 192.168.1.1 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1) Zapora systemu Windows [funkcja włączona] ==================== MSCONFIG/TASK MANAGER - Wyłączone elementy == MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^WinZip Quick Pick.lnk => C:\Windows\pss\WinZip Quick Pick.lnk.CommonStartup MSCONFIG\startupreg: CCleaner Monitoring => "D:\Programy\CCleaner\CCleaner64.exe" /MONITOR MSCONFIG\startupreg: ControlCenter4 => C:\Program Files (x86)\ControlCenter4\BrCcBoot.exe /autorun MSCONFIG\startupreg: StartCCC => "D:\Programy\ATI\ATI.ACE\Core-Static\amd64\CLIStart.exe" MSRun ==================== Reguły Zapory systemu Windows (filtrowane) =============== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) FirewallRules: [SPPSVC-In-TCP] => (Allow) %SystemRoot%\system32\sppsvc.exe FirewallRules: [SPPSVC-In-TCP-NoScope] => (Allow) %SystemRoot%\system32\sppsvc.exe FirewallRules: [{08DFF115-170E-4A0A-837D-E4C23757EB25}] => (Allow) C:\Program Files\Opera\45.0.2552.635\opera.exe FirewallRules: [{4B444D7A-D969-49D3-B4B8-5C8DC7D498A2}] => (Allow) LPort=54925 FirewallRules: [{17DD54C5-8BD3-4ECE-B613-906D30148AF4}] => (Allow) D:\Programy\Java\bin\javacpl.exe FirewallRules: [{AAC6A294-DF19-414A-8536-4B8EDC5FA7E5}] => (Allow) D:\Programy\Java\bin\javacpl.exe FirewallRules: [{3F04BBFC-33FE-4C98-95A1-291C6984F137}] => (Allow) D:\Programy\Java\bin\javacpl.exe FirewallRules: [{E18C12D9-62C0-4251-B795-699BC32AA9ED}] => (Allow) D:\Programy\Java\bin\javacpl.exe FirewallRules: [{0A81BF0E-1D7E-492A-8A6A-327C6F5F1E25}] => (Allow) D:\Programy\ATI\ATI.ACE\Core-Static\CCC.exe FirewallRules: [{8B214562-76B2-4D7C-9DBD-21809117FD6F}] => (Allow) D:\Programy\ATI\ATI.ACE\Core-Static\CCC.exe FirewallRules: [{502C33E0-765A-42A6-9705-6B253A3F6F48}] => (Allow) D:\Programy\ATI\ATI.ACE\Core-Static\CCC.exe FirewallRules: [{7AEE11B9-3903-4DE2-9284-662E088AD33A}] => (Allow) D:\Programy\ATI\ATI.ACE\Core-Static\CCC.exe ==================== Punkty Przywracania systemu ========================= 13-05-2017 14:52:00 Removed Java 8 Update 131 (64-bit) 13-05-2017 14:55:02 Removed Java 8 Update 131 (64-bit) ==================== Wadliwe urządzenia w Menedżerze urządzeń ============= Name: USB camera Description: USB camera Class Guid: Manufacturer: Service: Problem: : The drivers for this device are not installed. (Code 28) Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard. ==================== Błędy w Dzienniku zdarzeń: ========================= Dziennik Aplikacja: ================== Error: (05/13/2017 04:19:30 PM) (Source: WinMgmt) (EventID: 10) (User: ) Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected. Error: (05/13/2017 02:04:35 PM) (Source: WinMgmt) (EventID: 10) (User: ) Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected. Error: (05/13/2017 12:23:25 PM) (Source: WinMgmt) (EventID: 10) (User: ) Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected. Error: (05/13/2017 11:19:27 AM) (Source: WinMgmt) (EventID: 10) (User: ) Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected. Error: (05/13/2017 11:05:56 AM) (Source: WinMgmt) (EventID: 10) (User: ) Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected. Error: (05/13/2017 10:13:15 AM) (Source: WinMgmt) (EventID: 10) (User: ) Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected. Error: (05/13/2017 09:34:50 AM) (Source: WinMgmt) (EventID: 10) (User: ) Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected. Error: (05/13/2017 01:06:13 AM) (Source: WinMgmt) (EventID: 10) (User: ) Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected. Error: (05/13/2017 01:05:53 AM) (Source: Brother BrLog) (EventID: 1001) (User: ) Description: TWN BrtTWN: [2017/05/13 01:05:53.714]: [00001952]: Initialize TwdsMain Class failed! Error: (05/13/2017 01:05:53 AM) (Source: Brother BrLog) (EventID: 1001) (User: ) Description: TWN BrtTWN: [2017/05/13 01:05:53.714]: [00001952]: ##### Fatal ERROR!! Create STI-device failed! ##### Dziennik System: ============= Error: (05/13/2017 06:00:14 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10000) (User: ZARZĄDZANIE NT) Description: Uruchomienie modułu rozszerzalności sieci WLAN nie powiodło się. Ścieżka modułu: C:\Windows\system32\Rtlihvs.dll Kod błędu: 126 Error: (05/13/2017 04:20:08 PM) (Source: WMPNetworkSvc) (EventID: 14332) (User: ) Description: Nie można poprawnie uruchomić usługi „WMPNetworkSvc”, ponieważ funkcja CoCreateInstance(CLSID_UPnPDeviceFinder) napotkała błąd „0x80004005”. Sprawdź, czy usługa UPnPHost jest uruchomiona i czy składnik UPnPHost systemu Windows jest zainstalowany właściwie. Error: (05/13/2017 04:18:57 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10000) (User: ZARZĄDZANIE NT) Description: Uruchomienie modułu rozszerzalności sieci WLAN nie powiodło się. Ścieżka modułu: C:\Windows\system32\Rtlihvs.dll Kod błędu: 126 Error: (05/13/2017 02:14:16 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10000) (User: ZARZĄDZANIE NT) Description: Uruchomienie modułu rozszerzalności sieci WLAN nie powiodło się. Ścieżka modułu: C:\Windows\system32\Rtlihvs.dll Kod błędu: 126 Error: (05/13/2017 02:12:55 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10000) (User: ZARZĄDZANIE NT) Description: Uruchomienie modułu rozszerzalności sieci WLAN nie powiodło się. Ścieżka modułu: C:\Windows\system32\Rtlihvs.dll Kod błędu: 126 Error: (05/13/2017 02:03:31 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10000) (User: ZARZĄDZANIE NT) Description: Uruchomienie modułu rozszerzalności sieci WLAN nie powiodło się. Ścieżka modułu: C:\Windows\system32\Rtlihvs.dll Kod błędu: 126 Error: (05/13/2017 12:21:57 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10000) (User: ZARZĄDZANIE NT) Description: Uruchomienie modułu rozszerzalności sieci WLAN nie powiodło się. Ścieżka modułu: C:\Windows\system32\Rtlihvs.dll Kod błędu: 126 Error: (05/13/2017 12:15:08 PM) (Source: Tcpip) (EventID: 4199) (User: ) Description: System wykrył konflikt adresów między adresem IP 169.254.229.95 a komputerem o sieciowym adresie sprzętowym 70-77-81-7A-77-21. W rezultacie mogą być zakłócone operacje sieciowe na tym komputerze. Error: (05/13/2017 12:08:16 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10000) (User: ZARZĄDZANIE NT) Description: Uruchomienie modułu rozszerzalności sieci WLAN nie powiodło się. Ścieżka modułu: C:\Windows\system32\Rtlihvs.dll Kod błędu: 126 Error: (05/13/2017 12:03:44 PM) (Source: Schannel) (EventID: 4119) (User: ZARZĄDZANIE NT) Description: Odebrano następujący alert krytyczny: 20. CodeIntegrity: =================================== Date: 2017-05-12 19:18:41.409 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\AtihdW76.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2017-05-12 19:18:41.409 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\AtihdW76.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2017-05-12 13:51:53.949 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\AtihdW76.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2017-05-12 13:51:53.924 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\AtihdW76.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. ==================== Statystyki pamięci =========================== Procesor: Intel(R) Core(TM)2 Duo CPU E8400 @ 3.00GHz Procent pamięci w użyciu: 62% Całkowita pamięć fizyczna: 3071.05 MB Dostępna pamięć fizyczna: 1147.13 MB Całkowita pamięć wirtualna: 6140.29 MB Dostępna pamięć wirtualna: 3743.39 MB ==================== Dyski ================================ Drive c: () (Fixed) (Total:40.42 GB) (Free:12.03 GB) NTFS ==>[dysk z komponentami startowymi (pozyskano odczytując BCD)] Drive d: () (Fixed) (Total:34.1 GB) (Free:7.37 GB) NTFS Drive e: (BROTHER) (CDROM) (Total:0.39 GB) (Free:0 GB) CDFS Drive f: (TOSHIBA EXT) (Fixed) (Total:698.64 GB) (Free:296.08 GB) NTFS ==================== MBR & Tablica partycji ================== ======================================================== Disk: 0 (MBR Code: Windows 7 or 8) (Size: 74.5 GB) (Disk ID: 05910591) Partition 1: (Active) - (Size=40.4 GB) - (Type=07 NTFS) Partition 2: (Not Active) - (Size=34.1 GB) - (Type=OF Extended) ======================================================== Disk: 1 (Size: 698.6 GB) (Disk ID: 2FF80F08) Partition 1: (Active) - (Size=698.6 GB) - (Type=07 NTFS) ==================== Koniec Addition.txt ============================