Rezultaty skanu uzupełniającego Farbar Recovery Scan Tool (x64) Wersja: 14-05-2017 Uruchomiony przez Ben (16-05-2017 13:51:28) Uruchomiony z C:\Users\Ben\Desktop\FRST Windows 7 Professional Service Pack 1 (X64) (2017-02-10 12:37:53) Tryb startu: Normal ========================================================== ==================== Konta użytkowników: ============================= Administrator (S-1-5-21-1648149943-899210602-299422045-500 - Administrator - Disabled) Ben (S-1-5-21-1648149943-899210602-299422045-1001 - Administrator - Enabled) => C:\Users\Ben Gość (S-1-5-21-1648149943-899210602-299422045-501 - Limited - Disabled) HomeGroupUser$ (S-1-5-21-1648149943-899210602-299422045-1003 - Limited - Enabled) ==================== Centrum zabezpieczeń ======================== (Załączenie wejścia w fixlist spowoduje jego usunięcie.) AS: Spybot - Search and Destroy (Disabled - Out of date) {A16C3F68-9280-E053-1818-342707FECF4D} AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} ==================== Zainstalowane programy ====================== (W fixlist dozwolone tylko załączanie programów adware z flagą "Hidden" w celu ich uwidocznienia. Programy adware powinny zostać w poprawny sposób odinstalowane.) Adobe Acrobat Reader DC - Polish (HKLM-x32\...\{AC76BA86-7AD7-1045-7B44-AC0F074E4100}) (Version: 17.009.20044 - Adobe Systems Incorporated) Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 1.5.3.9120 - Adobe Systems Inc.) Adobe Community Help (HKLM-x32\...\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 3.0.0.400 - Adobe Systems Incorporated) Adobe Media Player (HKLM-x32\...\com.adobe.amp.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 1.8 - Adobe Systems Incorporated) Adobe Photoshop CS5 (HKLM-x32\...\{15FEDA5F-141C-4127-8D7E-B962D1742728}) (Version: 12.0 - Adobe Systems Incorporated) Ashampoo Burning Studio 9.03 (HKLM-x32\...\Ashampoo Burning Studio 9_is1) (Version: 9.0.3 - ashampoo GmbH & Co. KG) ChomikBox (HKLM-x32\...\{45B8131C-E239-4BE0-A92B-0E7FE1BBF83E}) (Version: 2.0.8.2 - Chomikuj.pl) Custom (Version: 01.00.00.002 - Wave Systems Corp.) Hidden Dell Backup and Recovery (HKLM-x32\...\{0ED7EE95-6A97-47AA-AD73-152C08A15B04}) (Version: 1.9.0.22 - Dell Inc.) Dell ControlVault Host Components Installer 64 bit (Version: 2.3.309.1625 - Broadcom Corporation) Hidden Dell Data Protection | Access (HKLM\...\{ABBA2EA4-740E-4052-902B-9CA70B081E3F}) (Version: 2.3.00003.072 - Dell Inc.) Dell Digital Delivery (HKLM-x32\...\{99B7C4B5-DC14-441D-A5B6-7340F682BC81}) (Version: 3.1.1117.0 - Dell Products, LP) Dell System Detect (HKU\S-1-5-21-1648149943-899210602-299422045-1001\...\58d94f3ce2c27db0) (Version: 7.11.0.6 - Dell) DellAccess (Version: 01.03.00.078 - Wave Systems Corp.) Hidden EMBASSY Client Core (Version: 01.03.00.123 - Wave Systems Corp.) Hidden ERAS Connector (Version: 02.09.05.0335 - Wave Systems Corp) Hidden Foxit PDF Editor (HKLM-x32\...\Foxit PDF Editor) (Version: - ) Gemalto (Version: 01.64.01.0010 - Wave Systems Corp) Hidden GemPcCCID (Version: 2.0.1 - Gemalto) Hidden Google Chrome (HKLM-x32\...\Google Chrome) (Version: 58.0.3029.81 - Google Inc.) Google Drive (HKLM-x32\...\{A1238426-ECDF-4639-BE2F-8D12A97AE23C}) (Version: 2.34.5075.1619 - Google, Inc.) Google Update Helper (x32 Version: 1.3.33.5 - Google Inc.) Hidden Image Resizer Powertoy Clone for Windows (64 bit) (HKLM\...\{80A620C1-B22C-4781-A351-B14B8A37BFE3}) (Version: 2.1 - Brice Lambson) InsERT GT 1.47 HF1 (HKLM-x32\...\{DF5FD382-FB20-4289-A844-3274C0DB416F}) (Version: 1.47.0.1 - InsERT) Intel(R) Network Connections Drivers (HKLM\...\PROSet) (Version: 18.1 - Intel) Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 9.17.10.3040 - Intel Corporation) Malwarebytes (wersja 3.0.6.1469) (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.0.6.1469 - Malwarebytes) MFP and Storage Server (HKLM-x32\...\InstallShield_{3BE2E558-7264-44F0-8CD3-8281E02669F8}) (Version: 0.11.1027.0053 - TP-LINK) MFP and Storage Server (Version: 0.11.1027.0053 - TP-LINK) Hidden Microsoft .NET Framework 4.6.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.6.01055 - Microsoft Corporation) Microsoft .NET Framework 4.6.1 (Polski) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1045) (Version: 4.6.01055 - Microsoft Corporation) Microsoft ODBC Driver 11 for SQL Server (HKLM\...\{BF5ABBDB-D3AA-4BCB-8D10-FCD4A4BB7F93}) (Version: 12.1.4100.1 - Microsoft Corporation) Microsoft Office Professional Plus 2010 (HKLM\...\Office14.PROPLUS) (Version: 14.0.7015.1000 - Microsoft Corporation) Microsoft SQL Server 2005 Backward compatibility (HKLM\...\{8909B8A7-CEAB-4772-BF29-1892C4E6603B}) (Version: 8.05.2309 - Microsoft Corporation) Microsoft SQL Server 2008 R2 Command Line Utilities (HKLM\...\{D9F711D3-3C90-4D79-9292-47C90C722E2A}) (Version: 10.50.1600.1 - Microsoft Corporation) Microsoft SQL Server 2008 R2 Native Client (HKLM\...\{2180B33F-3225-423E-BBC1-7798CFD3CD1F}) (Version: 10.50.1600.1 - Microsoft Corporation) Microsoft SQL Server 2008 Setup Support Files (HKLM\...\{6292D514-17A4-403F-98F9-E150F10C043D}) (Version: 10.3.5500.0 - Microsoft Corporation) Microsoft SQL Server 2012 Native Client (HKLM\...\{49D665A2-4C2A-476E-9AB8-FCC425F526FC}) (Version: 11.0.2100.60 - Microsoft Corporation) Microsoft SQL Server 2014 (64-bit) (HKLM\...\Microsoft SQL Server SQLServer2014) (Version: - Microsoft Corporation) Microsoft SQL Server 2014 Setup (English) (HKLM\...\{C7E2483C-10A4-41E3-A2F6-240186FE3E41}) (Version: 12.1.4100.1 - Microsoft Corporation) Microsoft SQL Server 2014 Transact-SQL ScriptDom (HKLM\...\{FF7DDA05-6EA7-4C01-B44A-3E57F8B9B97B}) (Version: 12.1.4100.1 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft VSS Writer for SQL Server 2014 (HKLM\...\{366CD715-2FF4-40B4-A8B4-A05E5D21A945}) (Version: 12.1.4100.1 - Microsoft Corporation) Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 45.7.1 - Mozilla) Mozilla Thunderbird 45.7.1 (x86 pl) (HKLM-x32\...\Mozilla Thunderbird 45.7.1 (x86 pl)) (Version: 45.7.1 - Mozilla) Mozilla Thunderbird 45.8.0 (x86 pl) (HKU\S-1-5-21-1648149943-899210602-299422045-1001\...\Mozilla Thunderbird 45.8.0 (x86 pl)) (Version: 45.8.0 - Mozilla) MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation) MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation) NVIDIA nView 148.03 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NView) (Version: 148.03 - NVIDIA Corporation) NVIDIA Sterownik 3D Vision 375.63 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 375.63 - NVIDIA Corporation) NVIDIA Sterownik graficzny 375.63 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 375.63 - NVIDIA Corporation) NVIDIA Sterownik kontrolera 3D Vision 369.04 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 369.04 - NVIDIA Corporation) NVIDIA WMI 2.29.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVWMI) (Version: 2.29.0 - NVIDIA Corporation) Panel sterowania NVIDIA 375.63 (Version: 375.63 - NVIDIA Corporation) Hidden PBA Driver-x64 (Version: 1.0.1.8 - Dell Inc.) Hidden PDF Settings CS5 (x32 Version: 10.0 - Adobe Systems Incorporated) Hidden PDFill PDF Editor with FREE Writer and FREE Tools (HKLM\...\{D1399216-81B2-457C-A0F7-73B9A2EF6902}) (Version: 13.0 - PlotSoft LLC) Preboot Manager (Version: 03.05.00.043 - Wave Systems Corp.) Hidden Private Information Manager (Version: 07.03.00.032 - Wave Systems Corp.) Hidden Samsung Printer Live Update (HKLM-x32\...\Samsung Printer Live Update) (Version: 1.01.00:04(2013-04-22) - Samsung Electronics Co., Ltd.) ScreenShot (HKLM-x32\...\ScreenShot) (Version: 2.0.4 - Filseclab Corporation) Service Pack 1 for SQL Server 2014 (KB3058865) (64-bit) (HKLM\...\KB3058865) (Version: 12.1.4100.1 - Microsoft Corporation) Service Pack 2 for Microsoft Office 2010 (KB2687455) 64-Bit Edition (HKLM\...\{90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{A3364707-2F53-4C83-8F68-C9877A9080C7}) (Version: - Microsoft) Service Pack 2 for Microsoft Office 2010 (KB2687455) 64-Bit Edition (Version: - Microsoft) Hidden SI TSS (Version: 2.1.41 - Security Innovation) Hidden SPBA (WBF) 5.9 (Version: 5.9.7.7232 - Authentec Inc.) Hidden Spybot - Search & Destroy (HKLM-x32\...\{B4092C6D-E886-4CB2-BA68-FE5A99D31DE7}_is1) (Version: 2.4.40 - Safer-Networking Ltd.) SQL Server 2014 Common Files (Version: 12.1.4100.1 - Microsoft Corporation) Hidden SQL Server 2014 Database Engine Services (Version: 12.1.4100.1 - Microsoft Corporation) Hidden SQL Server 2014 Database Engine Shared (Version: 12.1.4100.1 - Microsoft Corporation) Hidden SQL Server Browser for SQL Server 2014 (HKLM-x32\...\{3204DE95-97D2-4261-A286-98A262E171D4}) (Version: 12.1.4100.1 - Microsoft Corporation) Sql Server Customer Experience Improvement Program (Version: 12.1.4100.1 - Microsoft Corporation) Hidden Sterowniki firmy InsERT 5.30 (HKLM-x32\...\{99057C4F-8A95-405C-B58D-5832DD1F0698}) (Version: 5.30 - InsERT) Synchronizator vendero (x32 Version: 6.0.995.0 - InsERT) Hidden TeamViewer 12 (HKLM-x32\...\TeamViewer) (Version: 12.0.75813 - TeamViewer) toolkit32for64bit (x32 Version: 7.70.13.0001 - Wave Systems Corp) Hidden Trusted Drive Manager (Version: 5.0.2.24 - Wave Systems Corp.) Hidden Vulkan Run Time Libraries 1.0.26.0 (HKLM\...\VulkanRT1.0.26.0) (Version: 1.0.26.0 - LunarG, Inc.) Wave Crypto Runtime 2.0.9.0 x64 (Version: 02.00.09.0000 - Wave Systems Corp) Hidden Wave Crypto Runtime 2.0.9.0 x86 (x32 Version: 02.00.09.0000 - Wave Systems Corp) Hidden Wave Infrastructure Installer (Version: 07.70.13.0001 - Wave Systems Corp) Hidden Wave Support Software Installer (Version: 05.15.00.024 - Wave Systems Corp) Hidden WinRAR 5.20 (32-bitowy) (HKLM-x32\...\WinRAR archiver) (Version: 5.20.0 - win.rar GmbH) ==================== Niestandardowe rejestracje CLSID (filtrowane): ========================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) HKU\S-1-5-21-1648149943-899210602-299422045-1001\...\ChromeHTML: -> C:\Program Files (x86)\Footjane\Application\chrome.exe (Google Inc.) <==== UWAGA ==================== Zaplanowane zadania (filtrowane) ============= (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) Task: {1A5765C8-5E9C-4652-9171-A41D4F21E5C6} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-02-10] (Google Inc.) Task: {25121A51-B89C-4FA6-B6D7-4A379EC41C49} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Check for updates => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe [2014-06-27] (Safer-Networking Ltd.) Task: {52247D5C-A220-4192-911B-8319D955466E} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2017-04-25] (Adobe Systems Incorporated) Task: {6802DFDC-A8B9-4252-A6B4-CF6836BECAE0} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Refresh immunization => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDImmunize.exe [2016-03-21] (Safer-Networking Ltd.) Task: {A862ABCB-DA46-4DB5-88DB-A530253A1DB4} - System32\Tasks\WSCEAA => C:\Program Files\Dell\Dell Data Protection\Access\Advanced\Wave\RemoteManagement\WSCEAA.exe [2012-11-28] (Wave Systems Corp.) Task: {ACBE8C4F-BDB4-49F9-A4C9-B126053EC044} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Scan the system => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDScan.exe [2016-03-21] (Safer-Networking Ltd.) Task: {C81B664E-230E-4FF6-BEF0-1DC5155D91E7} - System32\Tasks\{5154C818-E797-4577-868F-23A962661849} => pcalua.exe -a "D:\Laptop 10.02.2017\Programy\Sterowniki drukarki Magda\ljP1000_P1500-HB-pnp-win32-pl\Setup.exe" -d "D:\Laptop 10.02.2017\Programy\Sterowniki drukarki Magda\ljP1000_P1500-HB-pnp-win32-pl" Task: {D0712D2D-18CC-4DF0-8FDC-1D66FAC19309} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-02-10] (Google Inc.) (Załączenie wejścia w fixlist spowoduje przesunięcie pliku zadania (.job). Plik uruchamiany docelowo przez zadanie nie zostanie przeniesiony.) ==================== Skróty ============================= (Wybrane wejścia mogą zostać załączone w celu ich zresetowania lub usunięcia.) Shortcut: C:\Users\Ben\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk -> C:\Program Files (x86)\Footjane\Application\chrome.exe (Google Inc.) Shortcut: C:\Users\Ben\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Google Chrome.lnk -> C:\Program Files (x86)\Footjane\Application\chrome.exe (Google Inc.) Shortcut: C:\Users\Ben\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\StartMenu\Google Chrome.lnk -> C:\Program Files (x86)\Footjane\Application\chrome.exe (Google Inc.) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk -> C:\Program Files (x86)\Footjane\Application\chrome.exe (Google Inc.) ShortcutWithArgument: C:\Users\Ben\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\StartMenu\BigFarm.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> hxxp://bigfarm.goodgamestudios.com/?w=239064 ShortcutWithArgument: C:\Users\Ben\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\StartMenu\big_bang_empire.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> hxxp://www.bigbangempire.com/?ref=281-000-000-005 ==================== Załadowane moduły (filtrowane) ============== 2012-05-11 10:47 - 2012-05-11 10:47 - 00003072 _____ () C:\Program Files (x86)\Security Innovation\SI TSS\bin\TspPopup_ENU.dll 2016-02-12 16:22 - 2016-10-22 09:20 - 00020536 _____ () C:\Program Files\NVIDIA Corporation\CoProcManager\detoured.dll 2016-11-16 14:32 - 2016-10-22 08:04 - 00134712 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll 2017-02-17 14:02 - 2013-04-15 12:50 - 00198144 _____ () C:\Windows\System32\HP1006LM.DLL 2014-12-22 12:18 - 2014-12-22 11:18 - 00029184 _____ () C:\Windows\System32\ssj2mlm.dll 2017-02-17 14:02 - 2013-04-15 12:50 - 00065024 _____ () C:\Windows\system32\spool\PRTPROCS\x64\HP1006PP.dll 2013-11-04 10:16 - 2013-04-15 12:49 - 04003328 _____ () C:\Windows\system32\spool\DRIVERS\x64\3\HP1006SU.DLL 2013-11-04 10:16 - 2013-04-15 12:49 - 01236992 _____ () C:\Windows\system32\spool\DRIVERS\x64\3\HP1006GC.dll 2013-03-11 11:05 - 2013-03-11 11:05 - 00231792 _____ () C:\Program Files\Dell\Dell Data Protection\Access\Advanced\Wave\EMBASSY Client Core\EmbassyServer.exe 2013-03-11 11:04 - 2013-03-11 11:04 - 00039280 _____ () C:\Program Files\Dell\Dell Data Protection\Access\Advanced\Wave\EMBASSY Client Core\DeviceStatus.dll 2013-04-04 02:09 - 2013-04-04 02:09 - 04300432 _____ () C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Cultures\OFFICE.ODF 2017-02-14 11:12 - 2016-10-22 09:20 - 00785976 _____ () C:\Program Files\NVIDIA Corporation\nview\nvshell.dll 2016-02-12 16:22 - 2014-06-19 19:26 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll 2017-04-24 13:04 - 2017-03-22 10:24 - 02271520 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\PoliciesControllerImpl.dll 2013-11-04 10:16 - 2013-04-15 12:50 - 00343552 _____ () C:\Windows\system32\spool\DRIVERS\x64\3\HP1006SD.DLL 2017-04-24 11:38 - 2014-05-13 12:04 - 00109400 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\snlThirdParty150.bpl 2017-04-24 11:38 - 2014-05-13 12:04 - 00416600 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\DEC150.bpl 2017-04-24 11:38 - 2014-05-13 12:04 - 00167768 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\snlFileFormats150.bpl 2017-04-24 11:38 - 2012-08-23 10:38 - 00574840 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\sqlite3.dll 2017-04-24 11:38 - 2012-04-03 17:06 - 00565640 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\av\BDSmartDB.dll 2017-02-14 11:11 - 2016-10-22 09:20 - 00018880 _____ () C:\Program Files (x86)\NVIDIA Corporation\CoProcManager\detoured.dll 2013-07-12 17:00 - 2013-07-12 17:00 - 00249856 _____ () C:\Program Files (x86)\TP-LINK\MFP and Storage Server\DCPDLL.dll 2013-07-12 17:00 - 2013-07-12 17:00 - 00090112 _____ () C:\Program Files (x86)\TP-LINK\MFP and Storage Server\ESTLogDLL.dll 2013-07-12 17:00 - 2013-07-12 17:00 - 00487424 _____ () C:\Program Files (x86)\TP-LINK\MFP and Storage Server\PSMDLL.dll 2013-07-12 17:00 - 2013-07-12 17:00 - 00106496 _____ () C:\Program Files (x86)\TP-LINK\MFP and Storage Server\UNTPDLL.dll 2017-05-16 07:04 - 2017-05-16 07:04 - 00098816 ____R () C:\Users\Ben\AppData\Local\Temp\_MEI32722\win32api.pyd 2017-05-16 07:04 - 2017-05-16 07:04 - 00110080 ____R () C:\Users\Ben\AppData\Local\Temp\_MEI32722\pywintypes27.dll 2017-05-16 07:04 - 2017-05-16 07:04 - 00364544 ____R () C:\Users\Ben\AppData\Local\Temp\_MEI32722\pythoncom27.dll 2017-05-16 07:04 - 2017-05-16 07:04 - 00320512 ____R () C:\Users\Ben\AppData\Local\Temp\_MEI32722\win32com.shell.shell.pyd 2017-05-16 07:04 - 2017-05-16 07:04 - 00914432 ____R () C:\Users\Ben\AppData\Local\Temp\_MEI32722\_hashlib.pyd 2017-05-16 07:04 - 2017-05-16 07:04 - 01176576 ____R () C:\Users\Ben\AppData\Local\Temp\_MEI32722\wx._core_.pyd 2017-05-16 07:04 - 2017-05-16 07:04 - 00806400 ____R () C:\Users\Ben\AppData\Local\Temp\_MEI32722\wx._gdi_.pyd 2017-05-16 07:04 - 2017-05-16 07:04 - 00816128 ____R () C:\Users\Ben\AppData\Local\Temp\_MEI32722\wx._windows_.pyd 2017-05-16 07:04 - 2017-05-16 07:04 - 01067008 ____R () C:\Users\Ben\AppData\Local\Temp\_MEI32722\wx._controls_.pyd 2017-05-16 07:04 - 2017-05-16 07:04 - 00733184 ____R () C:\Users\Ben\AppData\Local\Temp\_MEI32722\wx._misc_.pyd 2017-05-16 07:04 - 2017-05-16 07:04 - 00682496 ____R () C:\Users\Ben\AppData\Local\Temp\_MEI32722\pysqlite2._sqlite.pyd 2017-05-16 07:04 - 2017-05-16 07:04 - 00088064 ____R () C:\Users\Ben\AppData\Local\Temp\_MEI32722\_ctypes.pyd 2017-05-16 07:04 - 2017-05-16 07:04 - 00686080 ____R () C:\Users\Ben\AppData\Local\Temp\_MEI32722\unicodedata.pyd 2017-05-16 07:04 - 2017-05-16 07:04 - 00119808 ____R () C:\Users\Ben\AppData\Local\Temp\_MEI32722\win32file.pyd 2017-05-16 07:04 - 2017-05-16 07:04 - 00108544 ____R () C:\Users\Ben\AppData\Local\Temp\_MEI32722\win32security.pyd 2017-05-16 07:04 - 2017-05-16 07:04 - 00007168 ____R () C:\Users\Ben\AppData\Local\Temp\_MEI32722\hashobjs_ext.pyd 2017-05-16 07:04 - 2017-05-16 07:04 - 00017920 ____R () C:\Users\Ben\AppData\Local\Temp\_MEI32722\thumbnails_ext.pyd 2017-05-16 07:04 - 2017-05-16 07:04 - 00088064 ____R () C:\Users\Ben\AppData\Local\Temp\_MEI32722\usb_ext.pyd 2017-05-16 07:04 - 2017-05-16 07:04 - 00012800 ____R () C:\Users\Ben\AppData\Local\Temp\_MEI32722\common.time34.pyd 2017-05-16 07:04 - 2017-05-16 07:04 - 00018432 ____R () C:\Users\Ben\AppData\Local\Temp\_MEI32722\win32event.pyd 2017-05-16 07:04 - 2017-05-16 07:04 - 00167936 ____R () C:\Users\Ben\AppData\Local\Temp\_MEI32722\win32gui.pyd 2017-05-16 07:04 - 2017-05-16 07:04 - 00046080 ____R () C:\Users\Ben\AppData\Local\Temp\_MEI32722\_socket.pyd 2017-05-16 07:04 - 2017-05-16 07:04 - 01303552 ____R () C:\Users\Ben\AppData\Local\Temp\_MEI32722\_ssl.pyd 2017-05-16 07:04 - 2017-05-16 07:04 - 00128512 ____R () C:\Users\Ben\AppData\Local\Temp\_MEI32722\_elementtree.pyd 2017-05-16 07:04 - 2017-05-16 07:04 - 00127488 ____R () C:\Users\Ben\AppData\Local\Temp\_MEI32722\pyexpat.pyd 2017-05-16 07:04 - 2017-05-16 07:04 - 00038912 ____R () C:\Users\Ben\AppData\Local\Temp\_MEI32722\win32inet.pyd 2017-05-16 07:04 - 2017-05-16 07:04 - 00036864 ____R () C:\Users\Ben\AppData\Local\Temp\_MEI32722\_psutil_windows.pyd 2017-05-16 07:04 - 2017-05-16 07:04 - 00524248 ____R () C:\Users\Ben\AppData\Local\Temp\_MEI32722\windows._lib_cacheinvalidation.pyd 2017-05-16 07:04 - 2017-05-16 07:04 - 00011264 ____R () C:\Users\Ben\AppData\Local\Temp\_MEI32722\win32crypt.pyd 2017-05-16 07:04 - 2017-05-16 07:04 - 00123392 ____R () C:\Users\Ben\AppData\Local\Temp\_MEI32722\wx._wizard.pyd 2017-05-16 07:04 - 2017-05-16 07:04 - 00077312 ____R () C:\Users\Ben\AppData\Local\Temp\_MEI32722\wx._html2.pyd 2017-05-16 07:04 - 2017-05-16 07:04 - 00027648 ____R () C:\Users\Ben\AppData\Local\Temp\_MEI32722\_multiprocessing.pyd 2017-05-16 07:04 - 2017-05-16 07:04 - 00020480 ____R () C:\Users\Ben\AppData\Local\Temp\_MEI32722\_yappi.pyd 2017-05-16 07:04 - 2017-05-16 07:04 - 00035840 ____R () C:\Users\Ben\AppData\Local\Temp\_MEI32722\win32process.pyd 2017-05-16 07:04 - 2017-05-16 07:04 - 00078848 ____R () C:\Users\Ben\AppData\Local\Temp\_MEI32722\wx._animate.pyd 2017-05-16 07:04 - 2017-05-16 07:04 - 00024064 ____R () C:\Users\Ben\AppData\Local\Temp\_MEI32722\win32pipe.pyd 2017-05-16 07:04 - 2017-05-16 07:04 - 00010240 ____R () C:\Users\Ben\AppData\Local\Temp\_MEI32722\select.pyd 2017-05-16 07:04 - 2017-05-16 07:04 - 00025600 ____R () C:\Users\Ben\AppData\Local\Temp\_MEI32722\win32pdh.pyd 2017-05-16 07:04 - 2017-05-16 07:04 - 00017408 ____R () C:\Users\Ben\AppData\Local\Temp\_MEI32722\win32profile.pyd 2017-05-16 07:04 - 2017-05-16 07:04 - 00022528 ____R () C:\Users\Ben\AppData\Local\Temp\_MEI32722\win32ts.pyd 2016-05-02 15:46 - 2016-05-02 15:46 - 00134008 _____ () C:\Program Files (x86)\Dell Digital Delivery\ServiceTagPlusPlus.dll 2017-02-09 18:00 - 2015-07-31 16:58 - 01608432 ____N () C:\Program Files (x86)\Dell Backup and Recovery\Components\Restore\STRestoreAPI.dll 2017-02-09 18:00 - 2012-11-26 00:19 - 01153384 _____ () C:\Program Files (x86)\Dell Backup and Recovery\Components\Restore\libxml2.dll 2017-02-09 18:00 - 2014-02-18 16:12 - 00117568 _____ () C:\Program Files (x86)\Dell Backup and Recovery\Components\Restore\zlib1.dll 2013-04-04 02:09 - 2013-04-04 02:09 - 04300456 _____ () C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF 2017-01-24 12:16 - 2017-01-24 12:16 - 02393336 _____ () C:\Program Files (x86)\InsERT\InsERT GT\og1100as.dll 2017-05-16 07:08 - 2017-04-19 06:04 - 02864984 _____ () C:\Program Files (x86)\Footjane\Application\libglesv2.dll 2017-05-16 07:08 - 2017-04-19 06:04 - 00087384 _____ () C:\Program Files (x86)\Footjane\Application\libegl.dll 2017-05-16 07:45 - 2017-05-01 12:59 - 17779192 _____ () C:\Users\Ben\AppData\Local\Footjane\User Data\PepperFlash\25.0.0.171\pepflashplayer.dll ==================== Alternate Data Streams (filtrowane) ========= (Załączenie wejścia w fixlist spowoduje usunięcie strumienia ADS.) ==================== Tryb awaryjny (filtrowane) =================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Wartość "AlternateShell" zostanie przywrócona.) HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service" ==================== Powiązania plików (filtrowane) =============== (Załączenie wejścia w fixlist spowoduje usunięcie obiektu z rejestru lub przywrócenie jego domyślnej postaci.) ==================== Internet Explorer - Witryny zaufane i z ograniczeniami =============== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru.) IE trusted site: HKU\S-1-5-21-1648149943-899210602-299422045-1001\...\dell.com -> dell.com ==================== Hosts - zawartość: =============================== (Użycie dyrektywy Hosts: w fixlist spowoduje reset pliku Hosts.) 2009-07-14 04:34 - 2009-06-10 23:00 - 00000824 _____ C:\Windows\system32\Drivers\etc\hosts ==================== Inne obszary ============================ (Obecnie brak automatycznej naprawy dla tej sekcji.) HKU\S-1-5-21-1648149943-899210602-299422045-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Ben\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg DNS Servers: 20.20.20.1 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1) Zapora systemu Windows [funkcja wyłączona] ==================== MSCONFIG/TASK MANAGER - Wyłączone elementy == ==================== Reguły Zapory systemu Windows (filtrowane) =============== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) FirewallRules: [SPPSVC-In-TCP] => (Allow) %SystemRoot%\system32\sppsvc.exe FirewallRules: [SPPSVC-In-TCP-NoScope] => (Allow) %SystemRoot%\system32\sppsvc.exe FirewallRules: [{C70A9CB3-DF2E-4002-AD17-8D9D6E70C871}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe FirewallRules: [{EEE271E6-FB4B-4200-96C7-7B1A3F23F9D8}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe FirewallRules: [{5633DC2D-6ED2-403C-805C-11E94F94932A}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe FirewallRules: [{D91EF538-92D7-400D-9D07-35C17009847A}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe FirewallRules: [{DBEC1BB9-D594-4454-96FB-8C6E5E41D94D}] => (Allow) C:\Program Files (x86)\Firefox\Firefox.exe FirewallRules: [{E0D4A276-5E04-4613-960D-8DD796BA2ECF}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe FirewallRules: [{3567C494-B371-44EE-A8B6-9433F3F3BAE9}] => (Allow) C:\Program Files (x86)\Footjane\Application\chrome.exe StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe] => Enabled:Spybot - Search & Destroy tray access StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe] => Enabled:Spybot-S&D 2 Scanner Service StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe] => Enabled:Spybot-S&D 2 Updater StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe] => Enabled:Spybot-S&D 2 Background update service ==================== Punkty Przywracania systemu ========================= 08-05-2017 07:12:32 Windows Update 09-05-2017 07:15:26 Windows Update 11-05-2017 07:50:43 Windows Update 11-05-2017 16:52:08 Windows Update 16-05-2017 07:13:00 Windows Update ==================== Wadliwe urządzenia w Menedżerze urządzeń ============= Name: Zewnętrzne urządzenie Bluetooth Description: Zewnętrzne urządzenie Bluetooth Class Guid: Manufacturer: Service: Problem: : The drivers for this device are not installed. (Code 28) Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard. Name: HUAWEI GRA-L09 Description: HUAWEI GRA-L09 Class Guid: {eec5ad98-8080-425f-922a-dabf3de3f69a} Manufacturer: HUAWEI Service: WUDFRd Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31) Resolution: Update the driver Name: Control Vault w/ Fingerprint Swipe Sensor Description: Control Vault w/ Fingerprint Swipe Sensor Class Guid: {53d29ef7-377c-4d14-864b-eb3a85769359} Manufacturer: Broadcom Corporation Service: WUDFRd Problem: : Windows has stopped this device because it has reported problems. (Code 43) Resolution: One of the drivers controlling the device notified the operating system that the device failed in some manner. For more information about how to diagnose the problem, see the hardware documentation. Name: HUAWEI Description: HUAWEI Class Guid: Manufacturer: Service: Problem: : The drivers for this device are not installed. (Code 28) Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard. Name: HUAWEI Description: HUAWEI Class Guid: Manufacturer: Service: Problem: : The drivers for this device are not installed. (Code 28) Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard. Name: Zewnętrzne urządzenie Bluetooth Description: Zewnętrzne urządzenie Bluetooth Class Guid: Manufacturer: Service: Problem: : The drivers for this device are not installed. (Code 28) Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard. Name: Intel(R) 82579LM Gigabit Network Connection #2 Description: Intel(R) 82579LM Gigabit Network Connection Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318} Manufacturer: Intel Service: e1cexpress Problem: : This device is disabled. (Code 22) Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions. Name: Zewnętrzne urządzenie Bluetooth Description: Zewnętrzne urządzenie Bluetooth Class Guid: Manufacturer: Service: Problem: : The drivers for this device are not installed. (Code 28) Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard. ==================== Błędy w Dzienniku zdarzeń: ========================= Dziennik Aplikacja: ================== Error: (05/16/2017 08:23:35 AM) (Source: SDSSnapshotProcess) (EventID: 273) (User: ZARZĄDZANIE NT) Description: Snapshot database creation failed - 183 (000000B7) - Nie można utworzyć pliku, który już istnieje. . Error: (05/16/2017 08:19:24 AM) (Source: SDSSnapshotProcess) (EventID: 273) (User: ZARZĄDZANIE NT) Description: Snapshot database creation failed - 183 (000000B7) - Nie można utworzyć pliku, który już istnieje. . Error: (05/16/2017 07:20:09 AM) (Source: SideBySide) (EventID: 63) (User: ) Description: Nie można wygenerować kontekstu aktywacji dla "c:\program files (x86)\common files\adobe air\versions\1.0\Adobe AIR.dll". Błąd w pliku manifestu lub w pliku zasad "c:\program files (x86)\common files\adobe air\versions\1.0\Adobe AIR.dll" w wierszu 3. Wartość "MAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINOR" atrybutu "version" elementu "assemblyIdentity" jest nieprawidłowa. Error: (05/16/2017 07:06:28 AM) (Source: Wave Platform Security) (EventID: 1008) (User: ) Description: The NTRU TSS is not running, Wave Software is unable to communicate to TPM Error: (05/16/2017 07:04:48 AM) (Source: WinMgmt) (EventID: 10) (User: ) Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected. Error: (05/15/2017 07:04:48 AM) (Source: SideBySide) (EventID: 63) (User: ) Description: Nie można wygenerować kontekstu aktywacji dla "c:\program files (x86)\common files\adobe air\versions\1.0\Adobe AIR.dll". Błąd w pliku manifestu lub w pliku zasad "c:\program files (x86)\common files\adobe air\versions\1.0\Adobe AIR.dll" w wierszu 3. Wartość "MAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINOR" atrybutu "version" elementu "assemblyIdentity" jest nieprawidłowa. Error: (05/12/2017 04:01:00 PM) (Source: Wave Platform Security) (EventID: 1008) (User: ) Description: The NTRU TSS is not running, Wave Software is unable to communicate to TPM Error: (05/12/2017 03:59:33 PM) (Source: WinMgmt) (EventID: 10) (User: ) Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected. Error: (05/12/2017 08:14:38 AM) (Source: SDSSnapshotProcess) (EventID: 273) (User: ZARZĄDZANIE NT) Description: Snapshot database creation failed - 183 (000000B7) - Nie można utworzyć pliku, który już istnieje. . Error: (05/12/2017 08:13:33 AM) (Source: SDSSnapshotProcess) (EventID: 273) (User: ZARZĄDZANIE NT) Description: Snapshot database creation failed - 183 (000000B7) - Nie można utworzyć pliku, który już istnieje. . Dziennik System: ============= Error: (05/16/2017 01:22:45 PM) (Source: bowser) (EventID: 8003) (User: ) Description: Przeglądarka główna odebrała anons serwera z komputera PACKARDBELL. Komputer ten zachowuje się tak, jakby był przeglądarką główną dla domeny w transporcie NetBT_Tcpip_{B7FC5462-68F0-4E4C-B59B-B539F9887D2E}. Przeglądarka główna właśnie jest zatrzymywana albo wymuszany jest wybór. Error: (05/16/2017 09:49:46 AM) (Source: BROWSER) (EventID: 8032) (User: ) Description: Usługa przeglądarki zbyt wiele razy nie zdołała pobrać listy kopii zapasowych w transporcie \Device\NetBT_Tcpip_{B7FC5462-68F0-4E4C-B59B-B539F9887D2E}. Przeglądarka zapasowa jest zatrzymywana. Error: (05/16/2017 08:19:24 AM) (Source: SCardSvr) (EventID: 610) (User: ) Description: Czytnik kart inteligentnych „Broadcom Corp Contacted SmartCard 0” odrzucił żądanie IOCTL GET_STATE: Nieprawidłowe dojście.. Jeśli ten błąd będzie się powtarzać, może to oznaczać, że karta inteligentna lub czytnik nie działa poprawnie. Nagłówek polecenia: XX XX XX XX Error: (05/16/2017 07:07:38 AM) (Source: Service Control Manager) (EventID: 7023) (User: ) Description: Usługa Apple Cloud Service zakończyła działanie; wystąpił następujący błąd: Nie można odnaleźć określonego modułu. Error: (05/16/2017 07:03:53 AM) (Source: Service Control Manager) (EventID: 7003) (User: ) Description: Usługa WvPCR zależy od następującej usługi: TBS. Ta usługa może nie być zainstalowana. Error: (05/16/2017 07:03:53 AM) (Source: Service Control Manager) (EventID: 7003) (User: ) Description: Usługa SI TSS v1.2.1.41 TCS zależy od następującej usługi: TBS. Ta usługa może nie być zainstalowana. Error: (05/15/2017 03:06:16 PM) (Source: DCOM) (EventID: 10010) (User: ) Description: Serwer {995C996E-D918-4A8C-A302-45719A6F4EA7} nie zarejestrował się w modelu DCOM w wymaganym czasie. Error: (05/12/2017 04:01:26 PM) (Source: Service Control Manager) (EventID: 7023) (User: ) Description: Usługa Apple Cloud Service zakończyła działanie; wystąpił następujący błąd: Nie można odnaleźć określonego modułu. Error: (05/12/2017 03:59:51 PM) (Source: Schannel) (EventID: 4119) (User: ZARZĄDZANIE NT) Description: Odebrano następujący alert krytyczny: 70. Error: (05/12/2017 03:58:28 PM) (Source: Service Control Manager) (EventID: 7003) (User: ) Description: Usługa WvPCR zależy od następującej usługi: TBS. Ta usługa może nie być zainstalowana. ==================== Statystyki pamięci =========================== Procesor: Intel(R) Core(TM) i7-3840QM CPU @ 2.80GHz Procent pamięci w użyciu: 16% Całkowita pamięć fizyczna: 32641.76 MB Dostępna pamięć fizyczna: 27156.01 MB Całkowita pamięć wirtualna: 65281.7 MB Dostępna pamięć wirtualna: 59823.18 MB ==================== Dyski ================================ Drive c: () (Fixed) (Total:292.4 GB) (Free:161.04 GB) NTFS Drive d: () (Fixed) (Total:298.09 GB) (Free:179.58 GB) NTFS Drive f: (Winretools) (Fixed) (Total:5.59 GB) (Free:0.47 GB) NTFS Drive g: (我的光盘) (CDROM) (Total:0.01 GB) (Free:0 GB) CDFS Drive y: (Winretools) (Fixed) (Total:5.59 GB) (Free:0.47 GB) NTFS Drive z: () (Network) (Total:195.31 GB) (Free:137.49 GB) NTFS ==================== MBR & Tablica partycji ================== ======================================================== Disk: 0 (MBR Code: Windows 7 or 8) (Size: 298.1 GB) (Disk ID: 33AB5883) Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS) Partition 2: (Not Active) - (Size=292.4 GB) - (Type=07 NTFS) Partition 3: (Not Active) - (Size=5.6 GB) - (Type=27) ======================================================== Disk: 1 (Size: 298.1 GB) (Disk ID: 0004247A) Partition 1: (Not Active) - (Size=298.1 GB) - (Type=07 NTFS) ==================== Koniec Addition.txt ============================