Additional scan result of Farbar Recovery Scan Tool (x64) Version: 28-09-2016 Ran by user (29-09-2016 17:01:17) Running from C:\Users\user\Downloads Windows 8 (X64) (2013-09-06 07:02:20) Boot Mode: Normal ========================================================== ==================== Accounts: ============================= Administrator (S-1-5-21-698474549-3661863871-719037460-500 - Administrator - Disabled) Guest (S-1-5-21-698474549-3661863871-719037460-501 - Limited - Disabled) UpdatusUser (S-1-5-21-698474549-3661863871-719037460-1001 - Limited - Enabled) => C:\Users\UpdatusUser user (S-1-5-21-698474549-3661863871-719037460-1002 - Administrator - Enabled) => C:\Users\user ==================== Security Center ======================== (If an entry is included in the fixlist, it will be removed.) AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} ==================== Installed Programs ====================== (Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.) µTorrent (HKU\S-1-5-21-698474549-3661863871-719037460-1002\...\uTorrent) (Version: 3.4.6.42094 - BitTorrent Inc.) 7 Sticky Notes (HKLM-x32\...\{2DB7DD8E-F17B-408A-B93B-92867EF7974D}_is1) (Version: - Fabio Martin) Adobe Acrobat Reader DC - Polish (HKLM-x32\...\{AC76BA86-7AD7-1045-7B44-AC0F074E4100}) (Version: 15.017.20053 - Adobe Systems Incorporated) Adobe Flash Player 23 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 23.0.0.181 - Adobe Systems Incorporated) AnyDesk (HKLM-x32\...\AnyDesk) (Version: ad 2.0.0 - philandro Software GmbH) Apple Mobile Device Support (HKLM\...\{B678797F-DF38-4556-8A31-8B818E261868}) (Version: 8.0.0.23 - Apple Inc.) Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.) Asystent Firma 2013 (v13.11.8) (HKLM-x32\...\Asystent Firma 2013_is1) (Version: 13.11.8 - Meteoryt.pl) Asystent Firma 2014 (v14.12.10) (HKLM-x32\...\Asystent Firma 2014_is1) (Version: 14.12.10 - Meteoryt.pl) Asystent Firma 2015 (v15.8.17.1659) (HKLM-x32\...\Asystent Firma 2015_is1) (Version: 15.8.17.1659 - Meteoryt.pl) Autodesk DWG TrueView 2014 (HKLM\...\DWG TrueView 2014) (Version: 19.1.18.0 - Autodesk) Bullzip PDF Printer 9.10.0.1629 (HKLM\...\Bullzip PDF Printer_is1) (Version: 9.10.0.1629 - Bullzip) Canon Inkjet Printer/Scanner/Fax Extended Survey Program (HKLM-x32\...\CANONIJPLM100) (Version: - ) Canon MP Navigator EX 4.0 (HKLM-x32\...\MP Navigator EX 4.0) (Version: - ) Canon Solution Menu EX (HKLM-x32\...\CanonSolutionMenuEX) (Version: - ) CanoScan LiDE 110 Scanner Driver (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_CNQ2414) (Version: - Canon Inc.) CCleaner (HKLM\...\CCleaner) (Version: 5.00 - Piriform) CDBurnerXP (HKLM\...\{7E265513-8CDA-4631-B696-F40D983F3B07}_is1) (Version: 4.5.6.5844 - CDBurnerXP) Classic Shell (HKLM\...\{FEA1590B-540A-41FC-A95C-664493C82A21}) (Version: 3.6.8 - IvoSoft) Custom (Version: 01.00.00.002 - Wave Systems Corp.) Hidden CyberLink Media Suite Essentials (HKLM-x32\...\InstallShield_{8F14AA37-5193-4A14-BD5B-BDF9B361AEF7}) (Version: 10.0 - CyberLink Corp.) Dell ControlVault Host Components Installer 64 bit (HKLM\...\{97308CC9-FAED-4A1C-9593-64B2F1FD852D}) (Version: 2.3.309.1625 - Broadcom Corporation) Dell Data Protection | Access (HKLM\...\{ABBA2EA4-740E-4052-902B-9CA70B081E3F}) (Version: 2.3.00001.021 - Dell Inc.) Dell Feature Enhancement Pack (HKLM\...\{992D1CE7-A20F-4AB0-9D9D-AFC3418844DA}) (Version: 2.2.1 - Dell) Dell System Detect (HKU\S-1-5-21-698474549-3661863871-719037460-1002\...\58d94f3ce2c27db0) (Version: 7.9.0.10 - Dell) Dell Touchpad (HKLM\...\{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}) (Version: 8.1200.101.124 - ALPS ELECTRIC CO., LTD.) DellAccess (Version: 01.03.00.046 - Wave Systems Corp.) Hidden doPDF 7.2 printer (HKLM\...\doPDF 7 printer_is1) (Version: - Softland) DWG TrueView 2014 (Version: 19.1.18.0 - Autodesk) Hidden EMBASSY Client Core (Version: 01.03.00.092 - Wave Systems Corp.) Hidden ERAS Connector (Version: 02.09.05.0330 - Wave Systems Corp) Hidden Firebird 2.0.7.13318 (win32) (HKLM-x32\...\FBDBServer_2_0_is1) (Version: 2.0.7.13318 - Firebird Project) Firma 2016 (v16.7.7.1917) (HKLM-x32\...\Asystent Firma 2016_is1) (Version: 16.7.7.1917 - Meteoryt.pl) Gemalto (Version: 01.64.01.0010 - Wave Systems Corp) Hidden GemCCIDWin8 (Version: 2.0.0 - Gemalto) Hidden Google Earth (HKLM-x32\...\{817750FA-EC6A-485D-9901-0683AE6FFDF1}) (Version: 7.1.5.1557 - Google) Google Earth Plug-in (HKLM-x32\...\{57BB4801-61C8-4E74-9672-2160728A461E}) (Version: 7.1.5.1557 - Google) Google Update Helper (x32 Version: 1.3.24.15 - Google Inc.) Hidden Google Update Helper (x32 Version: 1.3.31.5 - Google Inc.) Hidden HP LaserJet Professional M1130-M1210 MFP Series (HKLM\...\HP LaserJet Professional M1130-M1210 MFP Series) (Version: - ) HP LaserJet Professional M1210 MFP Series Fax Installer (HKLM\...\{E65099C4-9110-4C31-BD03-5C17EFB5FE92}) (Version: 1.1.0 - HP) HP Support Solutions Framework (HKLM-x32\...\{B65BC649-C9D2-45F6-9DD6-D189BD91F02E}) (Version: 12.5.32.37 - HP) IDT Audio (HKLM-x32\...\{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}) (Version: 1.0.6491.0 - IDT) Intel(R) Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1008 - Intel Corporation) Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.1.20.1337 - Intel Corporation) Intel(R) Network Connections 18.1.59.00 (HKLM\...\PROSetDX) (Version: 18.1.59.00 - Intel) Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 9.17.10.2867 - Intel Corporation) Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 11.7.4.1001 - Intel Corporation) Intel(R) SDK for OpenCL - CPU Only Runtime Package (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 2.0.0.37149 - Intel Corporation) Intel(R) WiDi (HKLM\...\{6097158B-0184-4140-BEC3-7885794D2571}) (Version: 3.5.40.0 - Intel Corporation) Internet Manager (HKLM\...\{27D28586-BEF1-4E06-8787-3B1FC3A41489}) (Version: 1.0.0.3 - ZTE CORPORATION) iTunes (HKLM\...\{F46AA0F1-E284-4878-A462-5F11B9166C0E}) (Version: 11.4.0.18 - Apple Inc.) K-Lite Codec Pack 10.0.2 Full (HKLM-x32\...\KLiteCodecPack_is1) (Version: 10.0.2 - ) LEGO MARVEL Super Heroes (HKLM-x32\...\LEGO MARVEL Super Heroes_is1) (Version: - Warner Bros. Games) Malwarebytes Anti-Malware wersja 2.2.1.1043 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.1.1043 - Malwarebytes) Microsoft Office 2010 dla Użytkowników Domowych i Małych Firm (HKLM-x32\...\Office14.SingleImage) (Version: 14.0.7015.1000 - Microsoft Corporation) Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.40728.0 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{7f51bdb9-ee21-49ee-94d6-90afc321780e}) (Version: 12.0.21005.1 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation) Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation) Microsoft WSE 3.0 Runtime (HKLM-x32\...\{E3E71D07-CD27-46CB-8448-16D4FB29AA13}) (Version: 3.0.5305.0 - Microsoft Corp.) Mozilla Firefox 49.0.1 (x86 pl) (HKLM-x32\...\Mozilla Firefox 49.0.1 (x86 pl)) (Version: 49.0.1 - Mozilla) Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 49.0.1 - Mozilla) NapiProjekt (2.1.1.2314) (HKLM-x32\...\NapiProjekt_is1) (Version: - ) NVIDIA nView 140.75 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NView) (Version: 140.75 - NVIDIA Corporation) NVIDIA PhysX System Software 9.12.1031 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.12.1031 - NVIDIA Corporation) NVIDIA Sterownik dźwięku HD 1.3.26.4 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.26.4 - NVIDIA Corporation) NVIDIA Sterownik graficzny 327.62 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 327.62 - NVIDIA Corporation) Obsługa programów Apple (HKLM-x32\...\{78002155-F025-4070-85B3-7C0453561701}) (Version: 3.0.6 - Apple Inc.) Opera Stable 39.0.2256.71 (HKLM-x32\...\Opera 39.0.2256.71) (Version: 39.0.2256.71 - Opera Software) Oprogramowanie Intel® PROSet/Wireless (HKLM-x32\...\{c9967fbd-e3c3-4ed0-992a-5b33260f2944}) (Version: 16.1.5 - Intel Corporation) Origin (HKLM-x32\...\Origin) (Version: 9.4.22.2815 - Electronic Arts, Inc.) Panel sterowania NVIDIA 327.62 (Version: 327.62 - NVIDIA Corporation) Hidden Pazera Free AVI to MP4 Converter 1.0 (HKLM-x32\...\{55F62293-FD7F-4CF0-8097-8DE29EF66DC8}_is1) (Version: 1.0 - Jacek Pazera) PBA Driver (Version: 1.0.1.7 - Dell Inc.) Hidden PDF Architect 3 (HKLM-x32\...\PDF Architect 3) (Version: 3.0.45.22485 - pdfforge GmbH) PDF Architect 3 Create Module (x32 Version: 3.0.13.22993 - pdfforge GmbH) Hidden PDF Architect 3 Edit Module (x32 Version: 3.0.13.22993 - pdfforge GmbH) Hidden PDF Architect 3 View Module (x32 Version: 3.0.13.22993 - pdfforge GmbH) Hidden PDF Editor 2 (HKLM-x32\...\PDF Editor 2) (Version: - ) PDFCreator (HKLM\...\{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}) (Version: 2.1.1 - pdfforge) Polski pakiet językowy dla narzędzi Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - PLK) (Version: 10.0.50903 - Microsoft Corporation) Preboot Manager (Version: 03.05.00.026 - Wave Systems Corp.) Hidden Private Information Manager (Version: 07.03.00.016 - Wave Systems Corp.) Hidden QuickTime 7 (HKLM-x32\...\{3D2CBC2C-65D4-4463-87AB-BB2C859C1F3E}) (Version: 7.76.80.95 - Apple Inc.) Rayman Origins (HKLM-x32\...\Rayman Origins_is1) (Version: - ) Scan To (HKLM\...\{E8A34AC8-0137-4515-A94B-0A0946DDC251}) (Version: 2.0.1 - HP) Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version: - Microsoft) Shrek 2 (HKLM-x32\...\InstallShield_{7774A6A9-CE0D-4544-9A29-84351BAE184A}) (Version: 1.00.0000 - Activision) Shrek 2 (x32 Version: 1.00.0000 - Activision) Hidden SI TSS (Version: 2.1.41 - Security Innovation) Hidden Smart Menu (HKU\S-1-5-21-698474549-3661863871-719037460-1002\...\Smart Menu) (Version: 4.10 - Smart Menu) SPBA (WBF) 5.9 (Version: 5.9.7.7232 - Authentec Inc.) Hidden ST Microelectronics 3 Axis Digital Accelerometer Solution (HKLM-x32\...\{9C24F411-9CA7-4A8A-91F3-F08A4A38EB31}) (Version: 4.10.0036 - ST Microelectronics) TeamViewer 9 Host (HKLM-x32\...\TeamViewer 9 Host) (Version: 9.0.41110 - TeamViewer) toolkit32for64bit (x32 Version: 7.68.85.0013 - Wave Systems Corp) Hidden Total Commander 64-bit (Remove or Repair) (HKLM-x32\...\Totalcmd64) (Version: 8.52a - Ghisler Software GmbH) Trusted Drive Manager (Version: 5.0.0.304 - Wave Systems Corp.) Hidden Wave Crypto Runtime 2.0.9.0 x64 (Version: 02.00.09.0000 - Wave Systems Corp) Hidden Wave Crypto Runtime 2.0.9.0 x86 (x32 Version: 02.00.09.0000 - Wave Systems Corp) Hidden Wave Infrastructure Installer (Version: 07.68.85.0014 - Wave Systems Corp) Hidden Wave Support Software Installer (Version: 05.15.00.021 - Wave Systems Corp) Hidden WIDCOMM Bluetooth Software (HKLM\...\{C6D9ED03-6FCF-4410-9CB7-45CA285F9E11}) (Version: 12.0.0.6300 - Broadcom Corporation) WinRAR 5.00 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.00.0 - win.rar GmbH) ==================== Custom CLSID (Whitelisted): ========================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) CustomCLSID: HKU\S-1-5-21-698474549-3661863871-719037460-1002_Classes\CLSID\{3faa4380-a399-11cf-a466-00805fe418f6}\InprocServer32 -> C:\Program Files\Autodesk\DWG TrueView 2014\en-US\dwgviewrficn.dll (Autodesk, Inc.) CustomCLSID: HKU\S-1-5-21-698474549-3661863871-719037460-1002_Classes\CLSID\{6A221957-2D85-42A7-8E19-BE33950D1DEB}\localserver32 -> C:\Program Files\Autodesk\DWG TrueView 2014\dwgviewr.exe (Autodesk, Inc.) ==================== Scheduled Tasks (Whitelisted) ============= (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) Task: {0D09343B-B06B-41E2-BCBD-98EE2C962379} - System32\Tasks\WSCEAA => C:\Program Files\Dell\Dell Data Protection\Access\Advanced\Wave\RemoteManagement\WSCEAA.exe [2012-10-18] (Wave Systems Corp.) Task: {23A5D8BE-9196-40EB-BD89-794398B2B073} - System32\Tasks\Microsoft\Windows\WS\WSRefreshBannedAppsListTask => Rundll32.exe WSClient.dll,RefreshBannedAppsList Task: {27853936-9C6A-4118-825C-B00C084FB3AF} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2016-09-16] (Adobe Systems Incorporated) Task: {40B2ABC1-C150-425A-922D-C5F9DB6603F5} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe [2016-08-03] (HP Inc.) Task: {485B530B-2705-423C-B007-B1383B491A7B} - System32\Tasks\Norton Security\Norton Error Processor => C:\Program Files (x86)\Norton Security\Engine\22.5.4.24\SymErr.exe Task: {5CA641E6-7200-49EB-8D51-962963FC05C0} - System32\Tasks\Opera scheduled Autoupdate 1432224798 => C:\Program Files (x86)\Opera\launcher.exe [2016-09-05] (Opera Software) Task: {6FF37527-E3A2-4EB7-97BC-5A2C7377C41C} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater – Install HPSA => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe [2016-08-03] (HP Inc.) Task: {761D5C18-A546-4A4B-BD02-5F47F9552A3E} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-10-28] (Google Inc.) Task: {78850A5F-ED45-41F0-BC90-00FFDE0A626E} - System32\Tasks\Norton Security\Norton Error Analyzer => C:\Program Files (x86)\Norton Security\Engine\22.5.4.24\SymErr.exe Task: {907E355D-0D4F-4442-B940-C41FC4CDCD46} - System32\Tasks\{6679448B-2717-4A4E-9399-EFEC4F32A4C2} => pcalua.exe -a D:\vp6install.exe -d D:\ Task: {B8DDA55E-1C1E-4219-B4E3-1E5B517DAB7A} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.) Task: {BB166D40-BEE7-4E41-8319-EB0A030AA575} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-09-29] (Adobe Systems Incorporated) Task: {C6047214-5AFE-433A-A19B-0896439AE365} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-11-21] (Piriform Ltd) Task: {F24CDF82-F28A-4EF7-9177-842A3334A32F} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Report => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSFReport.exe [2016-05-09] (Hewlett-Packard) Task: {F5668B41-91BE-4D3D-A0A1-46379D49D8FE} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-10-28] (Google Inc.) Task: {FEA3B099-0C0C-4525-B992-D443DC1C45E2} - System32\Tasks\Remediation\AntimalwareMigrationTask => C:\Program Files\Common Files\AV\Norton Security\Upgrade.exe [2016-01-06] (Symantec Corporation) (If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.) Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe ==================== Shortcuts ============================= (The entries could be listed to be restored or removed.) ==================== Loaded Modules (Whitelisted) ============== 2013-08-12 18:38 - 2013-10-29 01:38 - 00097568 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll 2013-09-16 17:31 - 2012-09-18 16:27 - 00192512 _____ () C:\Windows\System32\zlhp1020.dll 2015-05-19 08:42 - 2012-09-29 13:25 - 00409088 _____ () C:\Windows\System32\HPM1210LM.DLL 2013-09-16 17:31 - 2012-09-18 15:27 - 00065024 _____ () C:\Windows\system32\spool\PRTPROCS\x64\pphp1020.dll 2015-05-19 07:41 - 2012-09-29 13:25 - 00074240 _____ () C:\Windows\system32\spool\PRTPROCS\x64\HPM1210PP.dll 2015-08-21 10:08 - 2015-08-21 10:07 - 01403488 _____ () C:\Program Files (x86)\AnyDesk\AnyDesk.exe 2013-03-22 13:27 - 2013-03-22 13:27 - 00049368 _____ () C:\Program Files\WIDCOMM\Bluetooth Software\btwleapi.dll 2012-11-20 15:52 - 2012-11-20 15:52 - 00225720 _____ () C:\Program Files\Dell\Dell Data Protection\Access\Advanced\Wave\EMBASSY Client Core\EmbassyServer.exe 2012-11-20 15:51 - 2012-11-20 15:51 - 00038840 _____ () C:\Program Files\Dell\Dell Data Protection\Access\Advanced\Wave\EMBASSY Client Core\DeviceStatus.dll 2013-12-23 12:17 - 2010-04-05 21:55 - 00116104 _____ () C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE 2012-11-24 01:34 - 2012-11-24 01:34 - 00020480 _____ () C:\Program Files\Dell\Dell Data Protection\Access\Advanced\hapi64\pbadrvsvc.exe 2013-08-12 18:50 - 2012-04-25 04:43 - 00254512 ____N () C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe 2014-12-05 16:58 - 2014-12-05 16:58 - 00249432 _____ () C:\Program Files\Smart Menu\WinStartMenuLauncher.exe 2014-12-05 16:58 - 2014-12-05 16:58 - 02396248 _____ () C:\Program Files\Smart Menu\Smart Menu.exe 2014-12-05 16:20 - 2014-12-05 16:20 - 00035840 _____ () C:\Program Files\Smart Menu\ShowStartBtnHook.dll 2014-11-28 18:49 - 2014-11-28 18:49 - 00860160 _____ () C:\Program Files\Smart Menu\libGLESv2.dll 2014-11-28 18:49 - 2014-11-28 18:49 - 00052736 _____ () C:\Program Files\Smart Menu\libEGL.dll 2014-11-28 18:52 - 2014-11-28 18:52 - 01043968 _____ () C:\Program Files\Smart Menu\platforms\qwindows.dll 2014-11-28 18:50 - 2014-11-28 18:50 - 00030208 _____ () C:\Program Files\Smart Menu\imageformats\qgif.dll 2014-11-28 18:50 - 2014-11-28 18:50 - 00236032 _____ () C:\Program Files\Smart Menu\imageformats\qjpeg.dll 2014-07-31 12:16 - 2014-07-31 12:16 - 00073544 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll 2014-07-31 12:16 - 2014-07-31 12:16 - 01044776 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll 2015-10-04 14:29 - 2015-10-04 14:29 - 00016384 _____ () C:\Windows\assembly\NativeImages_v4.0.30319_32\PSIClient\76014f50e415eb3c364408dfa9fbd9d6\PSIClient.ni.dll 2013-08-12 18:37 - 2012-10-23 02:22 - 01199648 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\ACE.dll ==================== Alternate Data Streams (Whitelisted) ========= (If an entry is included in the fixlist, only the ADS will be removed.) AlternateDataStreams: C:\ProgramData\Temp:373E1720 [131] ==================== Safe Mode (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.) HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys => ""="Driver" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Wdf01000.sys => ""="Driver" ==================== Association (Whitelisted) =============== (If an entry is included in the fixlist, the registry item will be restored to default or removed.) HKU\S-1-5-21-698474549-3661863871-719037460-1002\Software\Classes\.scr: DWGTrueViewScriptFile => C:\Windows\system32\notepad.exe "%1" ==================== Internet Explorer trusted/restricted =============== (If an entry is included in the fixlist, it will be removed from the registry.) IE trusted site: HKU\S-1-5-21-698474549-3661863871-719037460-1002\...\dell.com -> dell.com ==================== Hosts content: =============================== (If needed Hosts: directive could be included in the fixlist to reset Hosts.) 2012-07-26 07:26 - 2012-07-26 07:26 - 00000824 ____N C:\Windows\system32\Drivers\etc\hosts ==================== Other Areas ============================ (Currently there is no automatic fix for this section.) HKU\S-1-5-21-698474549-3661863871-719037460-1002\Control Panel\Desktop\\Wallpaper -> C:\Users\user\AppData\Roaming\Microsoft\Windows Photo Viewer\Tapeta z Przeglądarki fotografii systemu Windows.jpg DNS Servers: 62.179.1.62 - 62.179.1.63 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1) Windows Firewall is enabled. ==================== MSCONFIG/TASK MANAGER disabled items == HKLM\...\StartupApproved\StartupFolder: => "mcserver.lnk" HKLM\...\StartupApproved\Run: => "SysTrayApp" HKLM\...\StartupApproved\Run: => "DFEPApplication" HKLM\...\StartupApproved\Run: => "TdmNotify" HKLM\...\StartupApproved\Run32: => "CLMLServer_For_P2G8" HKLM\...\StartupApproved\Run32: => "RemoteControl10" HKLM\...\StartupApproved\Run32: => "APSDaemon" HKLM\...\StartupApproved\Run32: => "iTunesHelper" HKLM\...\StartupApproved\Run32: => "CanonSolutionMenuEx" HKLM\...\StartupApproved\Run32: => "QuickTime Task" HKLM\...\StartupApproved\Run32: => "BackupPCFiles.Agent" HKLM\...\StartupApproved\Run32: => "Tv-Plug-In" HKLM\...\StartupApproved\Run32: => "VirtualCloneDrive" HKU\S-1-5-21-698474549-3661863871-719037460-1002\...\StartupApproved\StartupFolder: => "Smart Settings.lnk" HKU\S-1-5-21-698474549-3661863871-719037460-1002\...\StartupApproved\Run: => "uTorrent" ==================== FirewallRules (Whitelisted) =============== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139 FirewallRules: [{7A31E449-D7EC-4E0E-877E-F104D30DDE51}] => (Allow) C:\Program Files\Intel Corporation\Intel WiDi\WiDiApp.exe FirewallRules: [{2A201A6D-9338-48AC-9030-B8B98EE6A7F4}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDirector10\PDR10.EXE FirewallRules: [{321717BE-8B29-431A-89F4-2C1D4B095D31}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD10\PowerDVD Cinema\PowerDVDCinema10.exe FirewallRules: [{45B74F85-9912-49D3-9AE0-C37E185CCCD8}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD10\PowerDVD10.EXE FirewallRules: [{FC0C4BF0-4571-48E4-B2B2-528BD9B3C63C}] => (Allow) C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe FirewallRules: [{918DE773-3D43-4B15-96BB-A17024A1FDE1}] => (Allow) C:\Users\user\AppData\Roaming\uTorrent\uTorrent.exe FirewallRules: [{A22043CA-B73D-4F90-844B-5826CFB197ED}] => (Allow) C:\Users\user\AppData\Roaming\uTorrent\uTorrent.exe FirewallRules: [TCP Query User{CB8851DC-6A02-4F9D-A1B6-A81F82D81E9A}F:\gry\rayman origins\rayman origins.exe] => (Allow) F:\gry\rayman origins\rayman origins.exe FirewallRules: [UDP Query User{C65BBF05-ED53-4780-908C-35419BE27D2F}F:\gry\rayman origins\rayman origins.exe] => (Allow) F:\gry\rayman origins\rayman origins.exe FirewallRules: [{DC05045C-7298-4C1B-AA11-A154CF7B048D}] => (Allow) C:\Users\user\AppData\Roaming\uTorrent\uTorrent.exe FirewallRules: [{7CDE8D4E-A881-405E-BB74-85CA04166AE0}] => (Allow) C:\Users\user\AppData\Roaming\uTorrent\uTorrent.exe FirewallRules: [{4667CA22-5907-4644-BFE1-C707E748CE9B}] => (Allow) C:\Program Files (x86)\iTunes\iTunes.exe FirewallRules: [{A936DAB1-1FD6-44ED-BC58-BA54A341A3B9}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe FirewallRules: [{3D5A7A6A-60E7-40C4-A3D0-42DFA2A926AB}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe FirewallRules: [{223C3CC9-4A32-4777-BC28-6C058A6E2B90}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe FirewallRules: [{57501769-D28B-4B16-ADF1-BAC14E0135EB}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe FirewallRules: [{735712C5-E709-48DE-B9F1-EC455981EE46}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe FirewallRules: [{6BEE11A2-C41B-426F-B223-5B33609DAA8C}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe FirewallRules: [{84698F29-55FA-4676-928C-A606D1B7F620}] => (Allow) C:\Program Files (x86)\AnyDesk\AnyDesk.exe FirewallRules: [{3075C620-087E-434D-9A45-3748BD28BA7E}] => (Allow) C:\Program Files (x86)\AnyDesk\AnyDesk.exe FirewallRules: [{8067A926-2170-41A9-BE8B-A362E33F3A0C}] => (Allow) C:\Program Files (x86)\AnyDesk\AnyDesk.exe FirewallRules: [{35D45533-EF60-4554-9629-7AD35E6DB4D0}] => (Allow) C:\Program Files (x86)\AnyDesk\AnyDesk.exe FirewallRules: [{3B9AE404-4952-427C-A14C-06406A924D08}] => (Allow) C:\Program Files (x86)\AnyDesk\AnyDesk.exe FirewallRules: [{E6045E45-C140-4DA9-9613-6B3265780CC7}] => (Allow) C:\Program Files (x86)\AnyDesk\AnyDesk.exe FirewallRules: [{63EF3AAA-C350-4F76-BEC1-910A8EF2F9DD}] => (Allow) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer.exe FirewallRules: [{9555DD5B-0EF0-4FF8-9AD9-CEBE7B91D32B}] => (Allow) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer.exe FirewallRules: [{798C472D-A613-4F51-828E-AE56396DB1A2}] => (Allow) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe FirewallRules: [{BCD2AFBB-3E64-4979-BA83-D2B345D8762E}] => (Allow) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe ==================== Restore Points ========================= 07-09-2016 13:45:03 07092016 14-09-2016 14:22:45 Windows Update 14-09-2016 15:32:03 po wymianie dysku 22-09-2016 10:45:22 22092016 26-09-2016 10:37:25 Windows Update 26-09-2016 11:31:49 26092016 26-09-2016 17:05:03 260920162 28-09-2016 10:58:32 Zainstalowane Suite 28-09-2016 23:42:06 Operacja przywracania ==================== Faulty Device Manager Devices ============= Name: Teredo Tunneling Pseudo-Interface Description: Karta tunelowania Teredo firmy Microsoft Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318} Manufacturer: Microsoft Service: tunnel Problem: : This device cannot start. (Code10) Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device. On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard. Name: Control Vault w/ Fingerprint Swipe Sensor Description: Control Vault w/ Fingerprint Swipe Sensor Class Guid: {53d29ef7-377c-4d14-864b-eb3a85769359} Manufacturer: Broadcom Corporation Service: WUDFRd Problem: : Windows has stopped this device because it has reported problems. (Code 43) Resolution: One of the drivers controlling the device notified the operating system that the device failed in some manner. For more information about how to diagnose the problem, see the hardware documentation. ==================== Event log errors: ========================= Application errors: ================== Error: (09/29/2016 10:31:21 AM) (Source: .NET Runtime) (EventID: 1022) (User: ) Description: .NET Runtime version 4.0.30319.34209 - Wystąpił błąd podczas inicjacji infrastruktury dołączania interfejsu API profilowania. Ten proces nie zezwoli na dołączenie profilera. HRESULT: 0x80004005. Identyfikator procesu (liczba dziesiętna): 6600. Identyfikator komunikatu: [0x2509]. Error: (09/29/2016 10:22:31 AM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: m->NextScheduledSPRetry 89328 Error: (09/29/2016 10:22:31 AM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: m->NextScheduledEvent 89328 Error: (09/29/2016 10:22:31 AM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: Continuously busy for more than a second Error: (09/29/2016 10:20:51 AM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: m->NextScheduledSPRetry 9515 Error: (09/29/2016 10:20:51 AM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: m->NextScheduledEvent 9515 Error: (09/29/2016 10:20:51 AM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: Continuously busy for more than a second Error: (09/29/2016 10:20:50 AM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: m->NextScheduledSPRetry 8484 Error: (09/29/2016 10:20:50 AM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: m->NextScheduledEvent 8484 Error: (09/29/2016 10:20:50 AM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: Continuously busy for more than a second System errors: ============= Error: (09/29/2016 04:53:53 PM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: Usługa BackupPCFilesService niespodziewanie zakończyła pracę. Wystąpiło to razy: 1. Error: (09/29/2016 02:21:43 PM) (Source: Microsoft-Windows-Kernel-General) (EventID: 5) (User: dell6430) Description: 0x8000002a115\??\C:\ProgramData\Malwarebytes\Malwarebytes Anti-Malware\S-1-5-21-698474549-3661863871-719037460-1002-0-ntuser.dat Error: (09/29/2016 02:21:24 PM) (Source: Microsoft-Windows-Kernel-General) (EventID: 5) (User: dell6430) Description: 0x8000002a115\??\C:\ProgramData\Malwarebytes\Malwarebytes Anti-Malware\S-1-5-21-698474549-3661863871-719037460-1002-0-ntuser.dat Error: (09/29/2016 10:23:20 AM) (Source: Service Control Manager) (EventID: 7011) (User: ) Description: Upłynął limit czasu (30000 ms) podczas oczekiwania na odpowiedź transakcji z usługi WinStartMenuLauncher. Error: (09/29/2016 09:28:40 AM) (Source: DCOM) (EventID: 10010) (User: dell6430) Description: Serwer {C28FEC82-2151-4DFA-8BB8-95551376BC8B} nie zarejestrował się w modelu DCOM w wymaganym czasie. Error: (09/29/2016 09:28:10 AM) (Source: DCOM) (EventID: 10010) (User: dell6430) Description: Serwer {C28FEC82-2151-4DFA-8BB8-95551376BC8B} nie zarejestrował się w modelu DCOM w wymaganym czasie. Error: (09/29/2016 09:27:40 AM) (Source: DCOM) (EventID: 10010) (User: dell6430) Description: Serwer {C28FEC82-2151-4DFA-8BB8-95551376BC8B} nie zarejestrował się w modelu DCOM w wymaganym czasie. Error: (09/29/2016 09:27:10 AM) (Source: DCOM) (EventID: 10010) (User: dell6430) Description: Serwer {C28FEC82-2151-4DFA-8BB8-95551376BC8B} nie zarejestrował się w modelu DCOM w wymaganym czasie. Error: (09/29/2016 09:26:40 AM) (Source: DCOM) (EventID: 10010) (User: dell6430) Description: Serwer {C28FEC82-2151-4DFA-8BB8-95551376BC8B} nie zarejestrował się w modelu DCOM w wymaganym czasie. Error: (09/29/2016 09:26:09 AM) (Source: DCOM) (EventID: 10010) (User: dell6430) Description: Serwer {C28FEC82-2151-4DFA-8BB8-95551376BC8B} nie zarejestrował się w modelu DCOM w wymaganym czasie. ==================== Memory info =========================== Processor: Intel(R) Core(TM) i7-3740QM CPU @ 2.70GHz Percentage of memory in use: 20% Total physical RAM: 16325.51 MB Available physical RAM: 12974.34 MB Total Virtual: 18629.51 MB Available Virtual: 15463.54 MB ==================== Drives ================================ Drive c: (OS) (Fixed) (Total:235.08 GB) (Free:87.34 GB) NTFS Drive d: (SKYFALL) (CDROM) (Total:7.89 GB) (Free:0 GB) UDF Drive f: (New Volume) (Fixed) (Total:229.55 GB) (Free:76.58 GB) NTFS ==================== MBR & Partition Table ================== ======================================================== Disk: 0 (Size: 465.8 GB) (Disk ID: BDF178CE) Partition: GPT. ==================== End of Addition.txt ============================