Rezultaty skanu uzupełniającego Farbar Recovery Scan Tool (x64) Wersja:30-09-2015 Uruchomiony przez Adrian (2015-09-30 20:55:19) Uruchomiony z C:\Users\Adrian\Desktop Windows 7 Home Premium Service Pack 1 (X64) (2015-08-04 07:39:52) Tryb startu: Normal ========================================================== ==================== Konta użytkowników: ============================= Administrator (S-1-5-21-3897384014-451766004-2844665667-500 - Administrator - Disabled) Adrian (S-1-5-21-3897384014-451766004-2844665667-1000 - Administrator - Enabled) => C:\Users\Adrian Gość (S-1-5-21-3897384014-451766004-2844665667-501 - Limited - Disabled) ==================== Centrum zabezpieczeń ======================== (Załączenie wejścia w fixlist spowoduje jego usunięcie.) AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} ==================== Zainstalowane programy ====================== (W fixlist dozwolone tylko załączanie programów adware z flagą "Hidden" w celu ich uwidocznienia. Programy adware powinny zostać w poprawny sposób odinstalowane.) µTorrent (HKU\S-1-5-21-3897384014-451766004-2844665667-1000\...\uTorrent) (Version: 3.4.3.40760 - BitTorrent Inc.) 7-Zip 9.20 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov) Action! (HKLM-x32\...\Mirillis Action!) (Version: 1.25.6 - Mirillis) Adobe Flash Player 19 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 19.0.0.185 - Adobe Systems Incorporated) Brother MFL-Pro Suite DCP-J125 (HKLM-x32\...\{FB83EAC4-E3F6-4666-B45B-44522F2344B6}) (Version: 2.0.0.0 - Brother Industries, Ltd.) Creative Live! Cam Video Chat or Video IM (VF0350) Driver (1.04.01.00) (HKLM\...\Creative VF0350) (Version: - ) CWK (Czasowy Wyłącznik Komputera) (HKLM-x32\...\CWK) (Version: 2.52.3.43 - Damian Pasternak) League of Legends (HKLM-x32\...\League of Legends 3.0.1) (Version: 3.0.1 - Riot Games) League of Legends (x32 Version: 3.0.1 - Riot Games) Hidden Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation) Microsoft .NET Framework 4.5.2 (Polski) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1045) (Version: 4.5.51209 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation) Mozilla Firefox 41.0 (x86 pl) (HKLM-x32\...\Mozilla Firefox 41.0 (x86 pl)) (Version: 41.0 - Mozilla) Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 41.0.0.5738 - Mozilla) NVIDIA Oprogramowanie systemu PhysX 9.13.1220 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.13.1220 - NVIDIA Corporation) NVIDIA Sterownik graficzny 341.44 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 341.44 - NVIDIA Corporation) Panel sterowania NVIDIA 341.44 (Version: 341.44 - NVIDIA Corporation) Hidden Pro Evolution Soccer 2016 (HKLM-x32\...\UHJvRXZvbHV0aW9uU29jY2VyMjAxNg==_is1) (Version: 1 - ) PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.993 - Even Balance, Inc.) Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6662 - Realtek Semiconductor Corp.) screenSHU - the fastest screen capture ever. (HKLM-x32\...\screenSHU) (Version: - ) Skype™ 7.8 (HKLM-x32\...\{6A0549A9-1B96-498C-ACBC-3943001FEB19}) (Version: 7.8.102 - Skype Technologies S.A.) TeamSpeak 3 Client (HKU\S-1-5-21-3897384014-451766004-2844665667-1000\...\TeamSpeak 3 Client) (Version: 3.0.17 - TeamSpeak Systems GmbH) ==================== Niestandardowe rejestracje CLSID (filtrowane): ========================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) ==================== Punkty Przywracania systemu ========================= 22-09-2015 20:55:38 Zainstalowany program DirectX 27-09-2015 22:45:39 Instalator modułów systemu Windows ==================== Hosts - zawartość: =============================== (Użycie dyrektywy Hosts: w fixlist spowoduje reset pliku Hosts.) 2009-07-14 04:34 - 2009-06-10 23:00 - 00000824 ____R C:\Windows\system32\Drivers\etc\hosts ==================== Zaplanowane zadania (filtrowane) ============= (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) Task: {6C7EA1E0-67E1-49FB-AB4C-B9B18E0F6D05} - System32\Tasks\Microsoft\Windows\Application Experience\ProgramDataUpdater => Rundll32.exe invagent.dll,RunUpdate -noappraiser Task: {8156E19D-7071-4810-AD80-5D9FDFC5111F} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-09-22] (Adobe Systems Incorporated) (Załączenie wejścia w fixlist spowoduje przesunięcie pliku zadania (.job). Plik uruchamiany docelowo przez zadanie nie zostanie przeniesiony.) Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe ==================== Załadowane moduły (filtrowane) ============== 2015-08-04 09:50 - 2015-02-04 04:21 - 00115400 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll 2015-08-09 23:23 - 2015-08-09 23:23 - 00076888 _____ () C:\Windows\SysWOW64\PnkBstrA.exe 2015-09-27 22:39 - 2015-09-27 22:39 - 00077824 _____ () C:\Users\Adrian\Desktop\FixMouseLMB.exe 2013-09-04 19:21 - 2013-09-04 19:21 - 02112000 _____ () C:\Program Files (x86)\screenSHU\screenSHU.exe 2011-06-08 09:32 - 2011-06-08 09:32 - 00011362 _____ () C:\Program Files (x86)\screenSHU\mingwm10.dll 2011-06-08 09:32 - 2011-06-08 09:32 - 00043008 _____ () C:\Program Files (x86)\screenSHU\libgcc_s_dw2-1.dll 2015-09-30 20:54 - 2015-09-30 20:54 - 00380416 _____ () C:\Users\Adrian\Desktop\gmer.exe ==================== Alternate Data Streams (filtrowane) ========= (Załączenie wejścia w fixlist spowoduje usunięcie strumienia ADS.) ==================== Tryb awaryjny (filtrowane) =================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Wartość "AlternateShell" zostanie przywrócona.) ==================== EXE - Powiązania (filtrowane) =============== (Załączenie wejścia w fixlist spowoduje usunięcie obiektu z rejestru lub przywrócenie jego domyślnej postaci.) ==================== Internet Explorer - Witryny zaufane i z ograniczeniami =============== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru.) ==================== Inne obszary ============================ (Obecnie brak automatycznej naprawy dla tej sekcji.) HKU\S-1-5-21-3897384014-451766004-2844665667-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Adrian\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg DNS Servers: 8.8.8.8 - 8.8.4.4 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 0) Zapora systemu Windows - funkcja włączona. ==================== MSCONFIG/TASK MANAGER - Wyłączone elementy == (Obecnie brak automatycznej naprawy dla tej sekcji.) MSCONFIG\startupreg: BrStsMon00 => C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe /AUTORUN MSCONFIG\startupreg: ControlCenter3 => C:\Program Files (x86)\Brother\ControlCenter3\brctrcen.exe /autorun MSCONFIG\startupreg: screenSHU => "C:\Program Files (x86)\screenSHU\screenSHU.exe" --hidden MSCONFIG\startupreg: Skype => "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun MSCONFIG\startupreg: uTorrent => "C:\Users\Adrian\AppData\Roaming\uTorrent\uTorrent.exe" /MINIMIZED ==================== Reguły Zapory systemu Windows (filtrowane) =============== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) FirewallRules: [{6F404FE0-997F-4812-8D07-C7F4D09611A2}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe FirewallRules: [{CFB7B7B2-5CE5-4E3A-B28A-E52166A82FDB}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe FirewallRules: [{E1F30537-4296-4CD1-80F7-F83978EA089D}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe FirewallRules: [{62CEDA21-C096-4962-B568-817429EC3B1E}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe FirewallRules: [{7183B12C-A1FA-4F2F-8695-9FCE5A46150B}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe FirewallRules: [{EDCBF682-64D4-4C78-BB84-77BDB1C85D0C}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe FirewallRules: [{9FABE82A-7ED0-4BA4-B911-8EE9844B2F92}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe FirewallRules: [TCP Query User{C4828432-A879-4277-A075-7B6C8E97C5CE}D:\games\fifa 13\game\fifa13.exe] => (Block) D:\games\fifa 13\game\fifa13.exe FirewallRules: [UDP Query User{3F21CF39-53FA-446A-95EA-BECF7F959F35}D:\games\fifa 13\game\fifa13.exe] => (Block) D:\games\fifa 13\game\fifa13.exe FirewallRules: [{9EBCD940-F7BD-48E4-A351-43C8B9D4B8C4}] => (Allow) C:\Users\Adrian\AppData\Roaming\uTorrent\uTorrent.exe FirewallRules: [{3B33EA98-6693-4B41-8974-9D07482CC641}] => (Allow) C:\Users\Adrian\AppData\Roaming\uTorrent\uTorrent.exe FirewallRules: [{FE402F20-3F81-4CFA-9C16-9487EB6DC19F}] => (Allow) C:\Users\Adrian\AppData\Roaming\uTorrent\uTorrent.exe FirewallRules: [{3AEDF340-5879-40EE-B7C5-99341E0A3392}] => (Allow) C:\Users\Adrian\AppData\Roaming\uTorrent\uTorrent.exe FirewallRules: [{BF514280-901C-420E-B098-5C7EA34F3B97}] => (Allow) C:\Users\Adrian\AppData\Roaming\uTorrent\uTorrent.exe FirewallRules: [{F09A0C6E-CD6F-4A31-88EA-CF01994CC431}] => (Allow) C:\Users\Adrian\AppData\Roaming\uTorrent\uTorrent.exe FirewallRules: [TCP Query User{A8036ADA-0BCC-4EB1-B3B5-6060A2E46ACF}D:\pro evolution soccer 2016\pes2016.exe] => (Allow) D:\pro evolution soccer 2016\pes2016.exe FirewallRules: [UDP Query User{2F24AAC6-ED7B-4AB0-B838-3AE60176FBCA}D:\pro evolution soccer 2016\pes2016.exe] => (Allow) D:\pro evolution soccer 2016\pes2016.exe ==================== Wadliwe urządzenia w Menedżerze urządzeń ============= ==================== Błędy w Dzienniku zdarzeń: ========================= Dziennik Aplikacja: ================== Error: (09/30/2015 04:07:52 PM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (09/29/2015 04:06:57 PM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (09/28/2015 04:27:11 PM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (09/27/2015 06:13:56 PM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (09/27/2015 09:54:28 AM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (09/26/2015 10:14:58 PM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (09/26/2015 03:14:36 PM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (09/26/2015 11:05:43 AM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (09/25/2015 08:16:38 PM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (09/25/2015 12:33:04 PM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Dziennik System: ============= Error: (09/29/2015 10:47:30 PM) (Source: DCOM) (EventID: 10010) (User: ) Description: {F9717507-6651-4EDB-BFF7-AE615179BCCF} Error: (09/27/2015 04:42:46 PM) (Source: Disk) (EventID: 11) (User: ) Description: Sterownik wykrył błąd kontrolera na \Device\Harddisk2\DR2. Error: (09/22/2015 05:16:12 PM) (Source: EventLog) (EventID: 6008) (User: ) Description: Poprzednie zamknięcie systemu przy 17:11:21 na ‎2015-‎09-‎22 było nieoczekiwane. Error: (09/21/2015 07:26:45 AM) (Source: Service Control Manager) (EventID: 7022) (User: ) Description: Usługa Windows Update zawiesiła się podczas uruchamiania. Error: (09/20/2015 11:10:43 AM) (Source: Service Control Manager) (EventID: 7022) (User: ) Description: Usługa Windows Update zawiesiła się podczas uruchamiania. Error: (09/14/2015 12:28:04 AM) (Source: NetBT) (EventID: 4300) (User: ) Description: Nie można utworzyć sterownika. Error: (09/14/2015 12:28:04 AM) (Source: NetBT) (EventID: 4300) (User: ) Description: Nie można utworzyć sterownika. Error: (09/13/2015 03:35:23 AM) (Source: DCOM) (EventID: 10010) (User: ) Description: {F9717507-6651-4EDB-BFF7-AE615179BCCF} Error: (09/12/2015 01:00:15 PM) (Source: EventLog) (EventID: 6008) (User: ) Description: Poprzednie zamknięcie systemu przy 12:59:02 na ‎2015-‎09-‎12 było nieoczekiwane. Error: (09/11/2015 04:20:00 PM) (Source: Schannel) (EventID: 4119) (User: ZARZĄDZANIE NT) Description: Odebrano następujący alert krytyczny: 20. CodeIntegrity: =================================== Date: 2015-09-12 14:05:34.219 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\CTAFX64.dll because the set of per-page image hashes could not be found on the system. Date: 2015-09-09 12:50:57.438 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\CTAFX64.dll because the set of per-page image hashes could not be found on the system. Date: 2015-09-09 12:50:49.253 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\CTAFX64.dll because the set of per-page image hashes could not be found on the system. Date: 2015-09-09 12:50:09.437 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\CTAFX64.dll because the set of per-page image hashes could not be found on the system. Date: 2015-09-09 11:17:48.479 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\CTAFX64.dll because the set of per-page image hashes could not be found on the system. Date: 2015-09-09 11:17:43.938 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\CTAFX64.dll because the set of per-page image hashes could not be found on the system. Date: 2015-09-09 11:17:41.110 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\CTAFX64.dll because the set of per-page image hashes could not be found on the system. Date: 2015-09-09 11:17:40.778 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\CTAFX64.dll because the set of per-page image hashes could not be found on the system. Date: 2015-09-01 21:45:56.459 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\CTAFX64.dll because the set of per-page image hashes could not be found on the system. Date: 2015-09-01 21:45:56.183 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\CTAFX64.dll because the set of per-page image hashes could not be found on the system. ==================== Statystyki pamięci =========================== Procesor: Pentium(R) Dual-Core CPU E5300 @ 2.60GHz Procent pamięci w użyciu: 48% Całkowita pamięć fizyczna: 4094.49 MB Dostępna pamięć fizyczna: 2106.24 MB Całkowita pamięć wirtualna: 8187.18 MB Dostępna pamięć wirtualna: 5836.57 MB ==================== Dyski ================================ Drive c: () (Fixed) (Total:53.62 GB) (Free:19.45 GB) NTFS Drive d: () (Fixed) (Total:412.04 GB) (Free:172.93 GB) NTFS ==================== MBR & Tablica partycji ================== ======================================================== Disk: 0 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: 09590958) Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS) Partition 2: (Not Active) - (Size=53.6 GB) - (Type=07 NTFS) Partition 3: (Not Active) - (Size=412 GB) - (Type=OF Extended) ==================== Koniec Addition.txt ============================