Rezultaty skanu uzupełniającego Farbar Recovery Scan Tool (x64) Wersja: 20.02.2019 02 Uruchomiony przez Krycha (24-02-2019 15:13:32) Uruchomiony z C:\Users\Krycha\Downloads Windows 7 Professional Service Pack 1 (X64) (2017-05-30 14:39:25) Tryb startu: Normal ========================================================== ==================== Konta użytkowników: ============================= Administrator (S-1-5-21-2362160193-1974665385-3926661770-500 - Administrator - Disabled) Gość (S-1-5-21-2362160193-1974665385-3926661770-501 - Limited - Disabled) HomeGroupUser$ (S-1-5-21-2362160193-1974665385-3926661770-1004 - Limited - Enabled) Krycha (S-1-5-21-2362160193-1974665385-3926661770-1001 - Administrator - Enabled) => C:\Users\Krycha ==================== Centrum zabezpieczeń ======================== (Załączenie wejścia w fixlist spowoduje jego usunięcie.) AV: ESET Security (Enabled - Up to date) {EC1D6F37-E411-475A-DF50-12FF7FE4AC70} AS: ESET Security (Enabled - Up to date) {577C8ED3-C22B-48D4-E5E0-298D0463E6CD} AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} FW: ESET Zapora (Enabled) {D426EE12-AE7E-4602-F40F-BBCA8137EB0B} ==================== Zainstalowane programy ====================== (W fixlist dozwolone tylko załączanie programów adware z flagą "Hidden" w celu ich uwidocznienia. Programy adware powinny zostać w poprawny sposób odinstalowane.) Adobe Flash Player 26 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 26.0.0.151 - Adobe Systems Incorporated) Adobe Reader XI (11.0.23) MUI (HKLM-x32\...\{AC76BA86-7AD7-FFFF-7B44-AB0000000001}) (Version: 11.0.23 - Adobe Systems Incorporated) ANT Drivers Installer x64 (HKLM\...\{1545D39F-D296-42D3-9E3A-D3DDC83FF45C}) (Version: 2.3.4 - Garmin Ltd or its subsidiaries) Hidden Apple Application Support (32-bit) (HKLM-x32\...\{543F829B-4591-4B2F-AF63-6E6E6AE59EB2}) (Version: 6.4 - Apple Inc.) Apple Application Support (64-bit) (HKLM\...\{0ECA3BB5-4410-414B-B226-241FF1C12CD0}) (Version: 6.4 - Apple Inc.) Apple Mobile Device Support (HKLM\...\{9E005AAA-81A3-478E-8944-532D350952EE}) (Version: 11.3.1.6 - Apple Inc.) Apple Software Update (HKLM-x32\...\{A30EA700-5515-48F0-88B0-9E99DC356B88}) (Version: 2.6.0.1 - Apple Inc.) Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.) CNXT Audio Dock (HKLM-x32\...\{47D475AC-1783-4AE3-9E7F-865739D88D6E}) (Version: 1.0.59.0 - Conexant) DAEMON Tools Lite (HKLM\...\DAEMON Tools Lite) (Version: 10.6.0.0283 - Disc Soft Ltd) Dell Backup and Recovery (HKLM-x32\...\{0ED7EE95-6A97-47AA-AD73-152C08A15B04}) (Version: 1.9.2.8 - Dell Inc.) Dell Command | Power Manager (HKLM\...\{DDDAF4A7-8B7D-4088-AECC-6F50E594B4F5}) (Version: 2.1.0 - Dell Inc.) Dell Command | Update (HKLM-x32\...\{EC542D5D-B608-4145-A8F7-749C02BE6D94}) (Version: 2.1.0 - Dell Inc.) Dell ControlVault Host Components Installer 64 bit (HKLM\...\{B85F1D8E-46D2-4A02-8941-DA82F39A2FFD}) (Version: 2.3.443.238 - Broadcom Corporation) Dell Digital Delivery (HKLM-x32\...\{693A23FB-F28B-4F7A-A720-4C1263F97F43}) (Version: 3.1.1002.0 - Dell Products, LP) Dell Edoc Viewer (HKLM\...\{8EBA8727-ADC2-477B-9D9A-1A1836BE4E05}) (Version: 1.0.0 - Dell Inc) Dell Foundation Services (HKLM\...\{BDB50421-E961-42F3-B803-6DAC6F173834}) (Version: 3.4.16100.0 - Dell Inc.) Dell Protected Workspace (HKLM-x32\...\{E2CAA395-66B3-4772-85E3-6134DBAB244E}) (Version: 4.0.18189 - Invincea, Inc.) Dell Touchpad (HKLM\...\{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}) (Version: 8.1206.101.115 - ALPS ELECTRIC CO., LTD.) Dell Update (HKLM-x32\...\{D8AE5F9D-647C-49B4-A666-1C20B44EC0E1}) (Version: 2.1.3.0 - Dell Inc.) Elevated Installer (HKLM-x32\...\{22234FFC-C2DA-4662-8295-119232148609}) (Version: 6.12.0.0 - Garmin Ltd or its subsidiaries) Hidden ESET Security (HKLM\...\{0813F772-F554-4DA9-9CEA-ABCE6321BDFD}) (Version: 11.2.63.0 - ESET, spol. s r.o.) Fiszki plus Francuski dla początkujących 1 (HKLM-x32\...\francuski_dla_poczatkujacych_1_fiszki_plus_aktyw~CA1108F7_is1) (Version: - ) FoneLab 9.0.68 (HKLM-x32\...\{CA7ED0B0-3CD4-4254-A9D2-2D7F78C5E3C5}_is1) (Version: 9.0.68 - Aiseesoft Studio) Garmin Express (HKLM-x32\...\{39D2E3D2-3CCD-486E-9AFA-1B91C9B0AF76}) (Version: 6.12.0.0 - Garmin Ltd or its subsidiaries) Hidden Garmin Express (HKLM-x32\...\{e51e84de-2206-4ef2-91fb-8ae3f9cb68e2}) (Version: 6.12.0.0 - Garmin Ltd or its subsidiaries) Garmin USB Drivers (HKLM-x32\...\{3D5D6CFC-3097-425A-8D8F-7EAF5D57641D}) (Version: 2.3.1.0 - Garmin Ltd or its subsidiaries) Garmin WebUpdater (HKLM-x32\...\{5EF98E1C-3912-40EA-A8C1-25772D9F1762}) (Version: 2.5.6 - Garmin Ltd or its subsidiaries) Hidden Garmin WebUpdater (HKLM-x32\...\{f1c8f03d-88bd-432d-80d1-782d4fac96b2}) (Version: 2.5.7 - Garmin Ltd or its subsidiaries) Google Chrome (HKLM-x32\...\Google Chrome) (Version: 72.0.3626.109 - Google Inc.) Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.23 - Google Inc.) Hidden Intel(R) Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1011 - Intel Corporation) Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.5.15.1730 - Intel Corporation) Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3412 - Intel Corporation) Intel(R) PROSet/Wireless Software for Bluetooth(R) Technology(patch version 17.0.1423.2) (HKLM\...\{302600C1-6BDF-4FD1-1405-148929CC1385}) (Version: 17.0.1405.0466 - Intel Corporation) Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 13.1.0.1058 - Intel Corporation) Intel(R) Smart Connect Technology (HKLM\...\{C102C687-EA26-4E9A-82C3-DF6BEF30516D}) (Version: 5.0.10.2848 - Intel Corporation) Intel(R) Update Manager (HKLM-x32\...\{78091D68-706D-4893-B287-9F1DFB24F7AF}) (Version: 1.6.3.70 - Intel Corporation) Hidden Intel(R) USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 2.5.4.40 - Intel Corporation) Intel(R) WiDi (HKLM\...\{9C798E99-094E-4289-A6C8-1D5EE63AFFE3}) (Version: 4.2.29.0 - Intel Corporation) iTunes (HKLM\...\{2E21C2A8-4778-41F4-8DD9-DCEA1AEAD8D1}) (Version: 12.7.4.80 - Apple Inc.) Microsoft .NET Framework 4.7.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.7.03062 - Microsoft Corporation) Microsoft .NET Framework 4.7.2 (Polski) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1045) (Version: 4.7.03062 - Microsoft Corporation) Microsoft Office Access database engine 2007 (English) (HKLM-x32\...\{90120000-00D1-0409-0000-0000000FF1CE}) (Version: 12.0.4518.1031 - Microsoft Corporation) Microsoft Office Professional Plus 2010 (HKLM-x32\...\Office14.PROPLUS) (Version: 14.0.4763.1000 - Microsoft Corporation) Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50907.0 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM-x32\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation) Mouse Server (wersja 1.7.7.5) (HKLM-x32\...\{7AFAA880-BB05-4E38-9279-C53EECE1B7BE}_is1) (Version: 1.7.7.5 - Necta Inc.) NapiProjekt (2.2.0.2399) (HKLM-x32\...\NapiProjekt_is1) (Version: - ) Oprogramowanie Intel® PROSet/Wireless (HKLM-x32\...\{57d6e5ea-c77c-4697-a9bb-e6048883e7ae}) (Version: 17.0.1 - Intel Corporation) Pakiet sterowników systemu Windows - Dynastream Innovations, Inc. ANT LibUSB Drivers (04/11/2012 1.2.40.201) (HKLM\...\F9D2A789F9CFF8CEC36B544F53877C80F1F73C46) (Version: 04/11/2012 1.2.40.201 - Dynastream Innovations, Inc.) Pakiet sterowników systemu Windows - Silicon Labs Software (DSI_SiUSBXp_3_1) USB (02/06/2007 3.1) (HKLM\...\D1506E0025B5A3F9EB8270FE81C1EEDD9388B8A2) (Version: 02/06/2007 3.1 - Silicon Labs Software) Profesor Pierre Słownictwo 6.0 - Demo (HKLM-x32\...\ppierreslow_60demo_is1) (Version: - ) Realtek Audio COM Components (HKLM-x32\...\{2355B503-9B11-4449-861D-1C1748B26320}) (Version: 1.0.2 - Realtek Semiconductor Corp.) Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6041 - Realtek Semiconductor Corp.) Sierra Wireless Dell Mobile Broadband Driver Package (HKLM-x32\...\SWIDellDrvInstaller) (Version: 6.9.4237.0501 - Sierra Wireless, Inc.) Sierra Wireless Skylight (HKLM\...\{4A44D0BC-E71B-46DF-B4C4-934187CED56F}) (Version: 6.0.4202.8201 - Sierra Wireless, Inc.) Skype (wersja 8.32) (HKLM-x32\...\Skype_is1) (Version: 8.32 - Skype Technologies S.A.) ST Microelectronics 3 Axis Digital Accelerometer Solution (HKLM-x32\...\{9C24F411-9CA7-4A8A-91F3-F08A4A38EB31}) (Version: 4.10.0051 - ST Microelectronics) VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.6 - VideoLAN) Windows 7 Codec Pack 4.1.7 (HKLM-x32\...\Windows 7 - Codec Pack) (Version: 4.1.7 - Windows 7 Codec Pack) Windows Driver Package - Garmin (grmnusb) GARMIN Devices (04/19/2012 2.3.1.0) (HKLM\...\98157A226B40B173301B0F53C8E98C47805D5152) (Version: 04/19/2012 2.3.1.0 - Garmin) WinRAR 5.40 (64-bitowy) (HKLM\...\WinRAR archiver) (Version: 5.40.0 - win.rar GmbH) ==================== Niestandardowe rejestracje CLSID (filtrowane): ========================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) ContextMenuHandlers1: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Security\shellExt.dll [2019-02-23] (ESET, spol. s r.o. -> ESET) ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2016-09-19] (win.rar GmbH -> Alexander Roshal) ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2016-09-19] (win.rar GmbH -> Alexander Roshal) ContextMenuHandlers2: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Security\shellExt.dll [2019-02-23] (ESET, spol. s r.o. -> ESET) ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => C:\Windows\system32\igfxpph.dll [2014-01-22] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation) ContextMenuHandlers6: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Security\shellExt.dll [2019-02-23] (ESET, spol. s r.o. -> ESET) ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2016-09-19] (win.rar GmbH -> Alexander Roshal) ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2016-09-19] (win.rar GmbH -> Alexander Roshal) ==================== Zaplanowane zadania (filtrowane) ============= (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) Task: {0AE1DC8D-09A5-4C5E-B301-98A316145EC4} - System32\Tasks\GarminUpdaterTask => C:\Program Files (x86)\Garmin\Express SelfUpdater\ExpressSelfUpdater.exe (Garmin International, Inc. -> ) Task: {2188D4ED-C730-4E89-BD4F-DF65E28A27FF} - System32\Tasks\RtHDVBg_PushButton => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe (Realtek Semiconductor Corp -> Realtek Semiconductor) Task: {2578713A-1543-44FA-9841-CFCF5FC7B384} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe (Adobe Systems, Incorporated -> Adobe Systems Incorporated) Task: {84A1044B-2008-4B71-8657-DC295DA36332} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe (Google Inc -> Google Inc.) Task: {9D751859-F36C-4C32-A8EF-EA0FEBCC0BDE} - System32\Tasks\ISM-UpdateService-e57b59e7-5862-4250-9ce0-76fb411dc0d2-Logon => C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\Bootstrap.exe (Intel® Services Manager -> Intel Corporation) Task: {D3976C7A-4E38-4FE1-9986-29CFB39DEA05} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe (Google Inc -> Google Inc.) Task: {D8FF5328-C672-4358-A7A7-5FD17A7F28BD} - System32\Tasks\ISM-UpdateService-e57b59e7-5862-4250-9ce0-76fb411dc0d2 => C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\Bootstrap.exe (Intel® Services Manager -> Intel Corporation) (Załączenie wejścia w fixlist spowoduje przesunięcie pliku zadania (.job). Plik uruchamiany docelowo przez zadanie nie zostanie przeniesiony.) ==================== Skróty & WMI ======================== (Wybrane wejścia mogą zostać załączone w celu ich zresetowania lub usunięcia.) WMI:subscription\__FilterToConsumerBinding->CommandLineEventConsumer.Name=\"BVTConsumer\"",Filter="__EventFilter.Name=\"BVTFilter\":: WMI:subscription\__FilterToConsumerBinding->\\.\root\subscription:ActiveScriptEventConsumer.Name=\"DellCommandPowerManagerPolicyChangeEventConsumer\"",Filter="\\.\root\subscription:__EventFilter.Name=\"DellCommandPowerManagerPolicyChangeEventFilter\":: WMI:subscription\__EventFilter->BVTFilter::[Query => SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99] WMI:subscription\__EventFilter->DellCommandPowerManagerPolicyChangeEventFilter::[Query => SELECT * FROM RegistryKeyChangeEvent WHERE Hive = 'HKEY_LOCAL_MACHINE' AND KeyPath = 'SOFTWARE\\Policies\\Dell\\CommandPowerManager' ] WMI:subscription\ActiveScriptEventConsumer->DellCommandPowerManagerPolicyChangeEventConsumer::[ScriptText => Set shell = CreateObject("WScript.Shell") On Error Resume Next installpath = shell.RegRead("HKEY_LOCAL_MACHINE\SOFTWARE\Dell\CommandPowerManager\InstallPath") If Err.Number <> 0 Then On Error Goto 0 progfiles = shell.ExpandEnvironmentStrings("%ProgramFiles%") shell.Run """" & progfiles & "\Dell\Com (dane wartości zawierają 318 znaków więcej).] WMI:subscription\CommandLineEventConsumer->BVTConsumer::[CommandLineTemplate => cscript KernCap.vbs][WorkingDirectory => C:\\tools\\kernrate] ==================== Załadowane moduły (filtrowane) ============== 2010-01-30 01:40 - 2010-01-30 01:40 - 004254560 _____ () C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Cultures\OFFICE.ODF 2018-03-16 11:49 - 2018-03-16 11:49 - 001356088 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll 2018-03-16 11:49 - 2018-03-16 11:49 - 000088888 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll 2014-06-25 22:25 - 2014-06-25 22:25 - 000304944 _____ () C:\Program Files\Sierra Wireless Inc\WebUpdater\WebUpdtAPI.dll 2018-04-08 04:34 - 2018-04-08 04:34 - 001356088 _____ () C:\Program Files\iTunes\libxml2.dll 2018-04-08 04:34 - 2018-04-08 04:34 - 000088888 _____ () C:\Program Files\iTunes\zlib1.dll 2016-08-16 01:15 - 2016-08-16 01:15 - 000897224 _____ () C:\Windows\SysWOW64\Codecs\TrayMenu.exe 2014-06-18 18:55 - 2014-06-18 18:55 - 000209712 _____ () C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe 2014-06-18 18:55 - 2014-06-18 18:55 - 000057648 _____ () C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\NetworkHeuristic.dll 2014-06-18 18:55 - 2014-06-18 18:55 - 000037168 _____ () C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\ISCTNetMon.dll 2014-06-18 18:55 - 2014-06-18 18:55 - 000057648 _____ () C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\ISCTEncryptionCheck.dll 2017-06-26 18:57 - 2017-06-26 18:56 - 000008192 _____ () C:\Windows\SysWOW64\srvany.exe 2017-06-26 18:57 - 2017-06-26 18:56 - 000151552 _____ () C:\Windows\KMService.exe 2018-05-08 17:26 - 2017-11-30 08:27 - 000087800 _____ () C:\Program Files (x86)\Aiseesoft Studio\FoneLab\AppService.exe 2018-08-26 16:08 - 2018-01-24 08:46 - 000226816 _____ () C:\Program Files (x86)\Mouse Server\Mouse Server Luminati.exe 2019-02-15 19:18 - 2019-02-13 06:14 - 005186032 _____ () C:\Program Files (x86)\Google\Chrome\Application\72.0.3626.109\libglesv2.dll 2019-02-15 19:18 - 2019-02-13 06:14 - 000117232 _____ () C:\Program Files (x86)\Google\Chrome\Application\72.0.3626.109\libegl.dll 2018-05-08 17:26 - 2017-11-30 08:29 - 001026808 _____ () C:\Program Files (x86)\Aiseesoft Studio\FoneLab\Framework.dll 2018-05-08 17:26 - 2017-11-30 08:31 - 000027384 _____ () C:\Program Files (x86)\Aiseesoft Studio\FoneLab\Utility.dll 2018-05-08 17:26 - 2017-11-30 08:29 - 002766584 _____ () C:\Program Files (x86)\Aiseesoft Studio\FoneLab\iosdevice.dll 2018-05-08 17:26 - 2017-11-30 08:31 - 000091384 _____ () C:\Program Files (x86)\Aiseesoft Studio\FoneLab\zlib1.dll 2018-05-08 17:26 - 2017-11-30 08:30 - 001000696 _____ () C:\Program Files (x86)\Aiseesoft Studio\FoneLab\libxml2.dll 2018-05-08 17:26 - 2017-11-30 08:31 - 000575632 _____ () C:\Program Files (x86)\Aiseesoft Studio\FoneLab\SQLite3.dll 2015-11-26 14:11 - 2013-11-13 21:23 - 001242584 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll 2016-01-05 17:17 - 2015-12-18 23:52 - 001607920 _____ () C:\Program Files (x86)\Dell Backup and Recovery\Components\Restore\STRestoreAPI.dll 2015-11-26 14:15 - 2012-11-26 05:19 - 001153384 _____ () C:\Program Files (x86)\Dell Backup and Recovery\Components\Restore\libxml2.dll 2015-11-26 14:15 - 2014-02-18 21:12 - 000117568 _____ () C:\Program Files (x86)\Dell Backup and Recovery\Components\Restore\zlib1.dll 2018-08-26 16:08 - 2019-02-24 13:28 - 001400928 _____ () C:\Program Files (x86)\Mouse Server\lum_sdk32_clr.dll ==================== Alternate Data Streams (filtrowane) ========= (Załączenie wejścia w fixlist spowoduje usunięcie strumienia ADS.) AlternateDataStreams: C:\Windows\SysWOW64\MSIHANDLE:637 [0] AlternateDataStreams: C:\Windows\SysWOW64\MSIHANDLE:694 [0] AlternateDataStreams: C:\Windows\SysWOW64\MSIHANDLE:792 [0] ==================== Tryb awaryjny (filtrowane) =================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Wartość "AlternateShell" zostanie przywrócona.) HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys => ""="Driver" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Wdf01000.sys => ""="Driver" ==================== Powiązania plików (filtrowane) =============== (Załączenie wejścia w fixlist spowoduje usunięcie obiektu z rejestru lub przywrócenie jego domyślnej postaci.) ==================== Internet Explorer - Witryny zaufane i z ograniczeniami =============== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru.) ==================== Hosts - zawartość: =============================== (Użycie dyrektywy Hosts: w fixlist spowoduje reset pliku Hosts.) 2009-07-14 03:34 - 2019-02-23 08:38 - 000000822 _____ C:\Windows\system32\drivers\etc\hosts ==================== Inne obszary ============================ (Obecnie brak automatycznej naprawy dla tej sekcji.) HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path: C:\Program Files (x86)\Intel\iCLS Client\;C:\Program Files\Intel\iCLS Client\;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;C:\Program Files\Intel\WiFi\bin\;C:\Program Files\Common Files\Intel\WirelessCommon\;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT HKU\S-1-5-21-2362160193-1974665385-3926661770-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Krycha\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg DNS Servers: 192.168.1.1 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1) Zapora systemu Windows [funkcja włączona] ==================== MSCONFIG/TASK MANAGER - Wyłączone elementy == Załączenie wejścia w fixlist spowoduje jego usunięcie. ==================== Reguły Zapory systemu Windows (filtrowane) =============== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) FirewallRules: [SPPSVC-In-TCP] => (Allow) %SystemRoot%\system32\sppsvc.exe (Microsoft Windows -> Microsoft Corporation) FirewallRules: [SPPSVC-In-TCP-NoScope] => (Allow) %SystemRoot%\system32\sppsvc.exe (Microsoft Windows -> Microsoft Corporation) FirewallRules: [{55657E59-46C4-4E6F-9EB7-CF5B6CE14E53}] => (Allow) C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe (Intel Corporation-Mobile Wireless Group -> ) FirewallRules: [{2FB9073C-14AF-444E-8F2E-5C38A7550BFB}] => (Allow) C:\Program Files\Intel Corporation\Intel WiDi\WiDiApp.exe (Intel Wireless Display -> Intel Corporation) FirewallRules: [{03B1132B-D726-474C-B1D2-7AAF864FA5DF}] => (Allow) C:\Program Files (x86)\NapiProjekt\napisy.exe () FirewallRules: [{80CE1D0E-6BAC-44B1-9845-9F94E62B7D22}] => (Allow) C:\Program Files (x86)\NapiProjekt\napisy.exe () FirewallRules: [{7C25D2A7-D4D3-40AA-A804-0206CA7D8773}] => (Allow) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc. -> Apple Inc.) FirewallRules: [{54D71B1E-E34C-4084-BFEF-139342827286}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.) FirewallRules: [{4A107CC9-FCC2-4947-BC3F-6AA3CFB68FA7}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.) FirewallRules: [{A8A81EF9-F39A-4957-B8C0-AD5CC0F96713}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.) FirewallRules: [{907F08BA-6C66-42B6-B30B-867DCF3CDDF1}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.) FirewallRules: [{97A3CC73-A763-43C5-A44F-8D40E66F0379}] => (Allow) C:\Program Files\iTunes\iTunes.exe (Apple Inc. -> Apple Inc.) FirewallRules: [{8AC7C6C7-507A-41CB-B090-C24FF2BA19DD}] => (Allow) LPort=1978 FirewallRules: [TCP Query User{D0C5B1C3-0521-491E-B9BA-F77384E32363}C:\program files (x86)\mouse server\mouseserver.exe] => (Allow) C:\program files (x86)\mouse server\mouseserver.exe (wifimouse.necta.us) FirewallRules: [UDP Query User{EF0445E0-D525-47DD-AF63-9AC27B1AC02A}C:\program files (x86)\mouse server\mouseserver.exe] => (Allow) C:\program files (x86)\mouse server\mouseserver.exe (wifimouse.necta.us) FirewallRules: [{B89DC4E3-A413-4489-8E9A-E112937FBD4C}] => (Block) C:\program files (x86)\mouse server\mouseserver.exe (wifimouse.necta.us) FirewallRules: [{6DC2F0E7-72B8-4D91-AEFF-B69E742E7CEC}] => (Block) C:\program files (x86)\mouse server\mouseserver.exe (wifimouse.necta.us) FirewallRules: [{8A18D7BA-1C30-48D9-9A18-CB6C528B785A}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.) FirewallRules: [{AFE5F48C-27E1-4977-B4EC-657B0CF9B3B3}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.) FirewallRules: [{9ED32C7F-F054-4C30-B878-6AF743588192}] => (Allow) LPort=1978 FirewallRules: [{848A02AA-9ADF-46A3-B1D8-7C09F91C66FD}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google Inc.) StandardProfile\AuthorizedApplications: [C:\Program Files\Sierra Wireless Inc\Skylight\TRUUpdater.exe] => C:\Program Files\Sierra Wireless Inc\WebUpdater\TRUUpdater.exe:*:Enabled:TRUUpdater ==================== Punkty Przywracania systemu ========================= 03-02-2019 19:28:04 Zaplanowany punkt kontrolny 12-02-2019 21:00:03 Zaplanowany punkt kontrolny 16-02-2019 12:01:53 Garmin Express 23-02-2019 09:05:52 Windows Update 23-02-2019 14:10:09 Windows Update ==================== Wadliwe urządzenia w Menedżerze urządzeń ============= Name: Intel(R) Wireless Bluetooth(R) 4.0 adapter Description: Intel(R) Wireless Bluetooth(R) 4.0 adapter Class Guid: {e0cbf06c-cd8b-4647-bb8a-263b43f0f974} Manufacturer: Intel Corporation Service: BTHUSB Problem: : This device is disabled. (Code 22) Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions. ==================== Błędy w Dzienniku zdarzeń: ========================= Dziennik Aplikacja: ================== Error: (02/24/2019 01:04:49 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Nazwa aplikacji powodującej błąd: IAStorDataMgrSvc.exe, wersja: 13.1.0.1058, sygnatura czasowa: 0x53642550 Nazwa modułu powodującego błąd: unknown, wersja: 0.0.0.0, sygnatura czasowa: 0x00000000 Kod wyjątku: 0xc0000005 Przesunięcie błędu: 0x02d56aed Identyfikator procesu powodującego błąd: 0x17e0 Godzina uruchomienia aplikacji powodującej błąd: 0x01d4cc39091a312d Ścieżka aplikacji powodującej błąd: C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe Ścieżka modułu powodującego błąd: unknown Identyfikator raportu: 61b95e08-382c-11e9-8aa3-dcfe072de63e Error: (02/24/2019 01:04:48 PM) (Source: .NET Runtime) (EventID: 1026) (User: ) Description: Aplikacja: IAStorDataMgrSvc.exe Wersja architektury: v4.0.30319 Opis: proces został przerwany z powodu nieobsłużonego wyjątku. Informacje o wyjątku: System.NullReferenceException w IAStorUtil.SystemDataModelListener.ProcessSystemDataModelChanges() w IAStorUtil.SystemDataModelListener.LoadSavedSystemState() w IAStorDataMgr.EventRelay.b__0(System.Object) w System.Threading.QueueUserWorkItemCallback.WaitCallback_Context(System.Object) w System.Threading.ExecutionContext.RunInternal(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean) w System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean) w System.Threading.QueueUserWorkItemCallback.System.Threading.IThreadPoolWorkItem.ExecuteWorkItem() w System.Threading.ThreadPoolWorkQueue.Dispatch() w System.Threading._ThreadPoolWaitCallback.PerformWaitCallback() Error: (02/24/2019 01:02:00 PM) (Source: WinMgmt) (EventID: 10) (User: ) Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected. Error: (02/23/2019 12:42:03 PM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: m->NextScheduledSPRetry 6022 Error: (02/23/2019 12:42:03 PM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: m->NextScheduledEvent 6022 Error: (02/23/2019 12:42:03 PM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: Continuously busy for more than a second Error: (02/23/2019 12:42:02 PM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: m->NextScheduledSPRetry 5023 Error: (02/23/2019 12:42:02 PM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: m->NextScheduledEvent 5023 Dziennik System: ============= Error: (02/24/2019 01:04:54 PM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: Usługa Intel(R) Rapid Storage Technology niespodziewanie zakończyła pracę. Wystąpiło to razy: 1. Error: (02/24/2019 01:02:01 PM) (Source: Service Control Manager) (EventID: 7026) (User: ) Description: Nie można załadować następujących sterowników startu rozruchowego lub systemowego: sptd Error: (02/24/2019 01:01:41 PM) (Source: sptd) (EventID: 4) (User: ) Description: Sterownik wykrył błąd wewnętrzny w swoich strukturach danych dla . Error: (02/23/2019 09:41:27 AM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: Usługa Intel(R) Rapid Storage Technology niespodziewanie zakończyła pracę. Wystąpiło to razy: 1. Error: (02/23/2019 09:38:30 AM) (Source: Service Control Manager) (EventID: 7026) (User: ) Description: Nie można załadować następujących sterowników startu rozruchowego lub systemowego: sptd Error: (02/23/2019 09:38:05 AM) (Source: sptd) (EventID: 4) (User: ) Description: Sterownik wykrył błąd wewnętrzny w swoich strukturach danych dla . Error: (02/23/2019 09:01:52 AM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: Usługa hide.me VPN Service niespodziewanie zakończyła pracę. Wystąpiło to razy: 1. Error: (02/23/2019 08:42:08 AM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: Usługa Intel(R) Rapid Storage Technology niespodziewanie zakończyła pracę. Wystąpiło to razy: 1. Windows Defender: =================================== Date: 2018-11-07 17:34:47.381 Description: Skanowanie produktu Windows Defender zostało zatrzymane przed ukończeniem. Identyfikator skanowania:{4EAF23FE-C367-424C-8519-92BA84C9FB0E} Typ skanowania:Oprogramowanie antyszpiegowskie Parametry skanowania:Szybkie skanowanie Użytkownik:ZARZĄDZANIE NT\USŁUGA SIECIOWA Date: 2018-10-17 04:00:24.294 Description: Skanowanie produktu Windows Defender zostało zatrzymane przed ukończeniem. Identyfikator skanowania:{B901F3B7-CF10-4E83-894B-8E03E47670AD} Typ skanowania:Oprogramowanie antyszpiegowskie Parametry skanowania:Szybkie skanowanie Użytkownik:ZARZĄDZANIE NT\USŁUGA SIECIOWA ==================== Statystyki pamięci =========================== Procesor: Intel(R) Core(TM) i7-4650U CPU @ 1.70GHz Procent pamięci w użyciu: 48% Całkowita pamięć fizyczna: 8097.4 MB Dostępna pamięć fizyczna: 4180.63 MB Całkowita pamięć wirtualna: 16192.94 MB Dostępna pamięć wirtualna: 12060.43 MB ==================== Dyski ================================ Drive c: (OS) (Fixed) (Total:128.62 GB) (Free:18.96 GB) NTFS Drive e: (Krycha) (Fixed) (Total:101.08 GB) (Free:25.31 GB) NTFS Drive y: (RECOVERY) (Fixed) (Total:8.73 GB) (Free:1.96 GB) NTFS ==>[system z komponentami startowymi (pozyskano odczytując dysk)] ==================== MBR & Tablica partycji ================== ======================================================== Disk: 0 (MBR Code: Windows 7 or Vista) (Size: 238.5 GB) (Disk ID: 565714BF) Partition 1: (Not Active) - (Size=39 MB) - (Type=DE) Partition 2: (Active) - (Size=8.7 GB) - (Type=27) Partition 3: (Not Active) - (Size=128.6 GB) - (Type=07 NTFS) Partition 4: (Not Active) - (Size=101.1 GB) - (Type=0F Extended) ==================== Koniec Addition.txt ============================