Rezultaty skanu uzupełniającego Farbar Recovery Scan Tool (x64) Wersja: 28-08-2023 Uruchomiony przez lenovo (04-09-2023 13:34:56) Uruchomiony z C:\Users\lenovo\Downloads Microsoft Windows 7 Professional Service Pack 1 (X64) (2017-09-01 09:56:05) Tryb startu: Normal ========================================================== ==================== Konta użytkowników: ============================= (Załączenie wejścia w fixlist spowoduje jego usunięcie.) Administrator (S-1-5-21-1251009114-750780493-2563925430-500 - Administrator - Disabled) Gość (S-1-5-21-1251009114-750780493-2563925430-501 - Limited - Disabled) HomeGroupUser$ (S-1-5-21-1251009114-750780493-2563925430-1003 - Limited - Enabled) lenovo (S-1-5-21-1251009114-750780493-2563925430-1000 - Administrator - Enabled) => C:\Users\lenovo ==================== Centrum zabezpieczeń ======================== (Załączenie wejścia w fixlist spowoduje jego usunięcie.) AV: Microsoft Security Essentials (Enabled - Up to date) {71A27EC9-3DA6-45FC-60A7-004F623C6189} AS: Microsoft Security Essentials (Enabled - Up to date) {CAC39F2D-1B9C-4A72-5A17-3B3D19BB2B34} AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} ==================== Zainstalowane programy ====================== (W fixlist dozwolone tylko załączanie programów adware z flagą "Hidden" w celu ich uwidocznienia. Programy adware powinny zostać w poprawny sposób odinstalowane.) 64 Bit HP CIO Components Installer (HKLM\...\{30689060-43BD-46E9-8A54-E6CDB18AAB88}) (Version: 20.2.1 - HP Inc.) Hidden Adobe Acrobat Reader - Polish (HKLM-x32\...\{AC76BA86-7AD7-1045-7B44-AC0F074E4100}) (Version: 23.003.20284 - Adobe Systems Incorporated) Adobe Refresh Manager (HKLM-x32\...\{AC76BA86-0804-1033-1959-018244601047}) (Version: 1.8.0 - Adobe Systems Incorporated) Hidden AMD Accelerated Video Transcoding (HKLM\...\{7634E241-D814-8C76-4C7E-FE98FDF92A3C}) (Version: 12.10.100.30322 - Advanced Micro Devices, Inc.) Hidden AMD Catalyst Install Manager (HKLM\...\{EB7F3D3C-1729-1743-FE07-6CA87F465500}) (Version: 8.0.911.0 - Advanced Micro Devices, Inc.) AMD Media Foundation Decoders (HKLM\...\{FF03C73D-372C-5361-0145-8725D5EED7D3}) (Version: 1.0.80322.0410 - Advanced Micro Devices, Inc.) Hidden AMD Quick Stream (HKLM\...\{E9EED4AE-682B-4501-9574-D09A21717599}_is1) (Version: 3.4.2.0 - AppEx Networks) AMD Steady Video Plug-In (HKLM\...\{408DD513-C71C-EF6C-1456-247DD8403E18}) (Version: 2.06.0000 - AMD) Hidden Catalyst Control Center - Branding (HKLM-x32\...\{C47BD14D-210F-4EC3-8B41-0149954C71D4}) (Version: 1.00.0000 - Advanced Micro Devices, Inc.) Hidden CCleaner (HKLM\...\CCleaner) (Version: 6.15 - Piriform) CCleaner Update Helper (HKLM-x32\...\{E4EAC0E2-A80B-479F-BA45-DCDA595C9A93}) (Version: 1.8.1583.3 - Piriform Software) Hidden Google Chrome (HKLM-x32\...\Google Chrome) (Version: 109.0.5414.120 - Google LLC) Huawei E3372 (HKLM-x32\...\Huawei E3372) (Version: 22.001.22.03.1202 - Huawei Technologies Co.,Ltd) Microsoft .NET Framework 4.8 (HKLM\...\{16735AF7-1D8D-3681-94A5-C578A61EC832}) (Version: 4.8.03761 - Microsoft Corporation) Hidden Microsoft .NET Framework 4.8 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.8.03761 - Microsoft Corporation) Microsoft .NET Framework 4.8 (PLK) (HKLM\...\{AC22E632-A884-3236-AF80-02676EB22001}) (Version: 4.8.03761 - Microsoft Corporation) Hidden Microsoft .NET Framework 4.8 (Polski) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1045) (Version: 4.8.03761 - Microsoft Corporation) Microsoft Security Client (HKLM\...\{2AA3C13E-0531-41B8-AE48-AE28C940A809}) (Version: 4.10.0209.0 - Microsoft Corporation) Hidden Microsoft Security Essentials (HKLM\...\Microsoft Security Client) (Version: 4.10.209.0 - Microsoft Corporation) OEM Application Profile (HKLM-x32\...\{C89A97B6-F991-EBB5-77B7-927BCF420EBE}) (Version: 1.00.0000 - Advanced Micro Devices, Inc.) OpenOffice 4.1.3 (HKLM-x32\...\{4D71C348-C964-442D-B2DB-5160E46FB664}) (Version: 4.13.9783 - Apache Software Foundation) Qualcomm Atheros Client Installation Program (HKLM-x32\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 10.0 - Qualcomm Atheros) Qualcomm Atheros Communications Inc.(R) AR81Family Gigabit/Fast Ethernet Driver (HKLM-x32\...\{3108C217-BE83-42E4-AE9E-A56A2A92E549}) (Version: 2.1.0.12 - Qualcomm Atheros Communications Inc.) Skype™ 7.40 (HKLM-x32\...\{3B7E914A-93D5-4A29-92BB-AF8C3F66C431}) (Version: 7.40.103 - Skype Technologies S.A.) TeamViewer 12 (HKLM-x32\...\TeamViewer) (Version: 12.0.259192 - TeamViewer) VLC media player (HKLM\...\VLC media player) (Version: 2.2.6 - VideoLAN) WinRAR 5.40 (64-bitowy) (HKLM\...\WinRAR archiver) (Version: 5.40.0 - win.rar GmbH) ==================== Niestandardowe rejestracje CLSID (filtrowane): ============== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) ContextMenuHandlers1: [EPP] -> {09A47860-11B0-4DA5-AFA5-26D86198A780} => C:\Program Files\Microsoft Security Client\shellext.dll [2016-11-14] (Microsoft Corporation -> Microsoft Corporation) ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2016-09-19] (win.rar GmbH -> Alexander Roshal) ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2016-09-19] (win.rar GmbH -> Alexander Roshal) ContextMenuHandlers2: [EPP] -> {09A47860-11B0-4DA5-AFA5-26D86198A780} => C:\Program Files\Microsoft Security Client\shellext.dll [2016-11-14] (Microsoft Corporation -> Microsoft Corporation) ContextMenuHandlers4: [EPP] -> {09A47860-11B0-4DA5-AFA5-26D86198A780} => C:\Program Files\Microsoft Security Client\shellext.dll [2016-11-14] (Microsoft Corporation -> Microsoft Corporation) ContextMenuHandlers5: [ACE] -> {5E2121EE-0300-11D4-8D3B-444553540000} => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\atiacm64.dll [2013-03-22] (Advanced Micro Devices, Inc.) [Brak podpisu cyfrowego] ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2016-09-19] (win.rar GmbH -> Alexander Roshal) ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2016-09-19] (win.rar GmbH -> Alexander Roshal) ==================== Codecs (filtrowane) ==================== ==================== Skróty & WMI ======================== (Wybrane wejścia mogą zostać załączone w celu ich zresetowania lub usunięcia.) WMI:subscription\__FilterToConsumerBinding->CommandLineEventConsumer.Name=\"BVTConsumer\"",Filter="__EventFilter.Name=\"BVTFilter\":: WMI:subscription\__EventFilter->BVTFilter::[Query => SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99] WMI:subscription\CommandLineEventConsumer->BVTConsumer::[CommandLineTemplate => cscript KernCap.vbs][WorkingDirectory => C:\\tools\\kernrate] ==================== Załadowane moduły (filtrowane) ============= 2015-10-30 07:34 - 2015-10-30 07:34 - 000050688 _____ (HP Inc.) [Brak podpisu cyfrowego] c:\windows\system32\hpzinw12.dll 2015-10-30 07:34 - 2015-10-30 07:34 - 000066048 _____ (HP Inc.) [Brak podpisu cyfrowego] c:\windows\system32\hpzipm12.dll ==================== Alternate Data Streams (filtrowane) ======== ==================== Tryb awaryjny (filtrowane) ================== ==================== Powiązania plików (filtrowane) ================= ==================== Internet Explorer (Wersja 11) (filtrowane) ========== BHO: SteadyVideoBHO Class -> {6C680BAE-655C-4E3D-8FC4-E6A520C3D928} -> C:\Program Files\AMD\SteadyVideo\SteadyVideo.dll [2012-02-14] (Advanced Micro Devices, Inc. -> Advanced Micro Devices) BHO-x32: SteadyVideoBHO Class -> {6C680BAE-655C-4E3D-8FC4-E6A520C3D928} -> C:\Program Files (x86)\amd\SteadyVideo\SteadyVideo.dll [2012-02-14] (Advanced Micro Devices, Inc. -> Advanced Micro Devices) Filter: video/mp4 - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files\AMD\SteadyVideo\VideoMIMEFilter.dll [2011-06-08] (Advanced Micro Devices, Inc. -> Advanced Micro Devices) Filter-x32: video/mp4 - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files (x86)\amd\SteadyVideo\VideoMIMEFilter.dll [2011-06-08] (Advanced Micro Devices, Inc. -> Advanced Micro Devices) Filter: video/x-flv - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files\AMD\SteadyVideo\VideoMIMEFilter.dll [2011-06-08] (Advanced Micro Devices, Inc. -> Advanced Micro Devices) Filter-x32: video/x-flv - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files (x86)\amd\SteadyVideo\VideoMIMEFilter.dll [2011-06-08] (Advanced Micro Devices, Inc. -> Advanced Micro Devices) ==================== Hosts - zawartość: ========================= (Użycie dyrektywy Hosts: w fixlist spowoduje reset pliku Hosts.) 2009-07-14 04:34 - 2023-02-22 23:40 - 000000935 _____ C:\Windows\system32\drivers\etc\hosts 0.0.0.1 mssplus.mcafee.com ==================== Inne obszary =========================== (Obecnie brak automatycznej naprawy dla tej sekcji.) HKU\S-1-5-21-1251009114-750780493-2563925430-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\lenovo\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg DNS Servers: 192.168.31.1 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 0) Zapora systemu Windows [funkcja włączona] ==================== MSCONFIG/TASK MANAGER - Wyłączone elementy == ==================== Reguły Zapory systemu Windows (filtrowane) ================ (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) FirewallRules: [SPPSVC-In-TCP] => (Allow) C:\Windows\system32\sppsvc.exe (Microsoft Windows -> Microsoft Corporation) FirewallRules: [SPPSVC-In-TCP-NoScope] => (Allow) C:\Windows\system32\sppsvc.exe (Microsoft Windows -> Microsoft Corporation) FirewallRules: [{56E1AF73-58E3-4AA2-B4C9-17D3054B1DB4}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.) FirewallRules: [{F8AB0CE7-77F2-4E5D-ABA7-96FC17F8B67B}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH) FirewallRules: [{CA8D0F80-D293-445B-BB32-A085416C7AB5}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH) FirewallRules: [{6A62A59E-4B5E-44F4-BF44-9448DDFB42BD}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH) FirewallRules: [{469817E6-AFE2-4BD5-9494-9BE7A16D6D98}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH) FirewallRules: [{7CE8C509-8186-4AE9-AFC2-6D3525E4CA9D}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC) ==================== Punkty Przywracania systemu ========================= 19-08-2023 21:04:14 Kopia zapasowa systemu Windows 19-08-2023 21:07:58 Windows Update 20-08-2023 19:00:40 Kopia zapasowa systemu Windows 22-08-2023 21:32:41 Windows Update 30-08-2023 19:38:00 Kopia zapasowa systemu Windows 30-08-2023 19:40:56 Windows Update 03-09-2023 11:56:44 Windows Update 03-09-2023 19:00:37 Kopia zapasowa systemu Windows 04-09-2023 12:09:54 Kopia zapasowa systemu Windows 04-09-2023 12:29:17 Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 04-09-2023 12:30:47 Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24212 04-09-2023 12:32:13 Removed Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319 04-09-2023 12:33:05 Removed Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319 04-09-2023 12:34:28 Removed Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 04-09-2023 12:35:21 Removed Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 ==================== Wadliwe urządzenia w Menedżerze urządzeń ============ Name: Description: Class Guid: Manufacturer: Service: Problem: : The drivers for this device are not installed. (Code 28) Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard. Name: adgnetworktdidrv Description: adgnetworktdidrv Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1} Manufacturer: Service: adgnetworktdidrv Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24) Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed. Devices stay in this state if they have been prepared for removal. After you remove the device, this error disappears.Remove the device, and this error should be resolved. Name: USB2.0-CRW Description: USB2.0-CRW Class Guid: Manufacturer: Service: Problem: : The drivers for this device are not installed. (Code 28) Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard. ==================== Błędy w Dzienniku zdarzeń: ======================== Dziennik Aplikacja: ================== Error: (09/04/2023 01:16:07 PM) (Source: WinMgmt) (EventID: 10) (User: ) Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected. Error: (09/04/2023 01:07:01 PM) (Source: WinMgmt) (EventID: 10) (User: ) Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected. Error: (09/04/2023 12:00:40 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Nazwa aplikacji powodującej błąd: TeamViewer_Service.exe, wersja: 12.3.62584.0, sygnatura czasowa: 0x6077f0d4 Nazwa modułu powodującego błąd: unknown, wersja: 0.0.0.0, sygnatura czasowa: 0x00000000 Kod wyjątku: 0xc0000005 Przesunięcie błędu: 0xf005c600 Identyfikator procesu powodującego błąd: 0xd68 Godzina uruchomienia aplikacji powodującej błąd: 0x01d9df15ad337360 Ścieżka aplikacji powodującej błąd: C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe Ścieżka modułu powodującego błąd: unknown Identyfikator raportu: e6a03222-4b09-11ee-bc3d-48d224ed8734 Error: (09/04/2023 11:53:50 AM) (Source: WinMgmt) (EventID: 10) (User: ) Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected. Error: (09/03/2023 07:06:11 PM) (Source: Windows Backup) (EventID: 4104) (User: ) Description: Wykonanie kopii zapasowej nie powiodło się. Błąd: Na tym dysku jest za mało miejsca, aby zapisać kopię zapasową. Zwolnij miejsce, usuwając starsze kopie zapasowe albo niepotrzebne dane, lub zmień ustawienia kopii zapasowej. (0x81000005). Error: (09/03/2023 05:52:58 PM) (Source: WinMgmt) (EventID: 10) (User: ) Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected. Error: (09/03/2023 11:36:42 AM) (Source: WinMgmt) (EventID: 10) (User: ) Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected. Error: (09/02/2023 08:09:27 PM) (Source: WinMgmt) (EventID: 10) (User: ) Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected. Dziennik System: ============= Error: (09/04/2023 01:39:05 PM) (Source: DCOM) (EventID: 10010) (User: ) Description: Serwer {BB6DF56B-CACE-11DC-9992-0019B93A3A84} nie zarejestrował się w modelu DCOM w wymaganym czasie. Error: (09/04/2023 01:17:06 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Nie można uruchomić usługi Usługa CCleaner Browser Update (ccleaner) z powodu następującego błędu: Nie można odnaleźć określonego pliku. Error: (09/04/2023 01:14:56 PM) (Source: Service Control Manager) (EventID: 7026) (User: ) Description: Nie można załadować następujących sterowników startu rozruchowego lub systemowego: adgnetworktdidrv Error: (09/04/2023 01:14:49 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Nie można uruchomić usługi AMD FUEL Service z powodu następującego błędu: Usługa nie odpowiada na sygnał uruchomienia lub sygnał sterujący w oczekiwanym czasie. Error: (09/04/2023 01:14:49 PM) (Source: Service Control Manager) (EventID: 7009) (User: ) Description: Upłynął limit czasu (120000 ms) podczas oczekiwania na połączenie się z usługą AMD FUEL Service. Error: (09/04/2023 01:11:11 PM) (Source: Schannel) (EventID: 4119) (User: ZARZĄDZANIE NT) Description: Odebrano następujący alert krytyczny: 70. Error: (09/04/2023 01:08:38 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Nie można uruchomić usługi Usługa CCleaner Browser Update (ccleaner) z powodu następującego błędu: Nie można odnaleźć określonego pliku. Error: (09/04/2023 01:06:33 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Nie można uruchomić usługi AMD FUEL Service z powodu następującego błędu: Usługa nie odpowiada na sygnał uruchomienia lub sygnał sterujący w oczekiwanym czasie. ==================== Statystyki pamięci =========================== BIOS: LENOVO 82CN24WW(V2.04) 11/05/2013 Płyta główna: LENOVO Lenovo G505 Procesor: AMD A4-5000 APU with Radeon(TM) HD Graphics Procent pamięci w użyciu: 86% Całkowita pamięć fizyczna: 3533.36 MB Dostępna pamięć fizyczna: 480.65 MB Całkowita pamięć wirtualna: 7064.87 MB Dostępna pamięć wirtualna: 2559.18 MB ==================== Dyski ================================ Drive c: () (Fixed) (Total:172.69 GB) (Free:109 GB) (Model: WDC WD50 00LPCX-22VHAT0 SATA Disk Device) NTFS Drive d: () (Fixed) (Total:292.97 GB) (Free:213.95 GB) (Model: WDC WD50 00LPCX-22VHAT0 SATA Disk Device) NTFS \\?\Volume{d726f197-8ef9-11e7-985c-806e6f6e6963}\ (Zastrzeżone przez system) (Fixed) (Total:0.1 GB) (Free:0.07 GB) NTFS ==================== MBR & Tablica partycji ==================== ========================================================== Disk: 0 (MBR Code: Windows 7/8/10) (Size: 465.8 GB) (Disk ID: 598F8567) Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS) Partition 2: (Not Active) - (Size=172.7 GB) - (Type=07 NTFS) Partition 3: (Not Active) - (Size=293 GB) - (Type=07 NTFS) ==================== Koniec Addition.txt =======================