Rezultat naprawy Farbar Recovery Scan Tool (x64) Wersja: 17-09-2017 01 Uruchomiony przez kuba pc (18-09-2017 14:43:23) Run:1 Uruchomiony z C:\Users\kuba pc\Downloads Załadowane profile: kuba pc (Dostępne profile: defaultuser0 & kuba pc) Tryb startu: Normal ============================================== fixlist - zawartość: ***************** CloseProcesses: CreateRestorePoint: R2 ibtsiva; %SystemRoot%\system32\ibtsiva [X] Task: {0D4F44C9-FCB8-42C5-9271-C1546C09EC1B} - \Lenovo\Lenovo Customer Feedback Program 64 35 -> Brak pliku <==== UWAGA Task: {33D6635C-A41D-4525-9965-CA9AB13A853C} - \Lenovo\Lenovo Solution Center Launcher -> Brak pliku <==== UWAGA Task: {361CB9DA-9518-4480-A0B2-7D664835BDBB} - \Nvbackend -> Brak pliku <==== UWAGA Task: {3A3B3D38-1EC8-4554-B67C-C01FBD845D83} - \PDVDServ12 Task -> Brak pliku <==== UWAGA Task: {4B689FEE-0FFA-43C8-A296-D5A395D53E1C} - \Lenovo\REACHit Agent Startup -> Brak pliku <==== UWAGA Task: {65981F53-D2B0-4C9C-B844-EDAE1DD63ECE} - System32\Tasks\Microsoft\Windows\rempl\shell => C:\Program Files\rempl\remsh.exe Task: {8E0E2668-637A-43E6-9B13-9F4E4E6FFDC4} - \Lenovo\LSC\LSCHardwareScan -> Brak pliku <==== UWAGA Task: {962A2D82-9148-452F-955F-0EA4EC9F1327} - System32\Tasks\Microsoft\Windows\rempl\shell-unlock => C:\Program Files\rempl\remsh.exe Task: {B84F46FF-32A2-4290-802B-296E012713E2} - \Lenovo\ImController\Plugins\LenovoSystemUpdatePlugin_TVSUUpdateTask -> Brak pliku <==== UWAGA Task: {BF8BF147-FE03-4894-A9A2-5FC73E11C059} - \Lenovo\REACHit Agent Update -> Brak pliku <==== UWAGA Task: {D1AF5157-085F-4559-9761-B25F82ECFF72} - \Microsoft\Windows\PLA\LSC Memory -> Brak pliku <==== UWAGA Task: {DB540296-5683-4E11-835D-F7B230B92D23} - \Lenovo\LSC\Lenovo Solution Center Notifications -> Brak pliku <==== UWAGA Task: {DC2F1AF6-D545-4000-B200-CC16AA5DB884} - \CyberLink\Photo Master Gadget startup -> Brak pliku <==== UWAGA Task: {EB3F35D1-0D54-4611-AFDF-1E40D59AB731} - \Lenovo\ImController\Lenovo iM Controller Scheduled Maintenance -> Brak pliku <==== UWAGA ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> Brak pliku DeleteKey: HKLM\SOFTWARE\MozillaPlugins DeleteKey: HKLM\SOFTWARE\Wow6432Node\Mozilla DeleteKey: HKLM\SOFTWARE\Wow6432Node\MozillaPlugins C:\ProgramData\WinSxA.exe C:\ProgramData\Temp C:\Users\kuba pc\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Gоogle Сhromе.lnk C:\Users\kuba pc\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Intеrnеt Exрlorеr.lnk C:\Users\kuba pc\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Lenovo App Explorer.lnk Folder: C:\Program Files\rempl Folder: C:\Windows\System32\Tasks\Microsoft\Windows\rempl Powershell: wevtutil el | Foreach-Object {wevtutil cl "$_"} EmptyTemp: ***************** Procesy zostały pomyślnie zamknięte. Punkt przywracania został pomyślnie utworzony. HKLM\System\CurrentControlSet\Services\ibtsiva => klucz pomyślnie usunięto ibtsiva => serwis pomyślnie usunięto HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{0D4F44C9-FCB8-42C5-9271-C1546C09EC1B} => klucz pomyślnie usunięto HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{0D4F44C9-FCB8-42C5-9271-C1546C09EC1B} => klucz pomyślnie usunięto HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Lenovo\Lenovo Customer Feedback Program 64 35 => klucz pomyślnie usunięto HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{33D6635C-A41D-4525-9965-CA9AB13A853C} => klucz pomyślnie usunięto HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{33D6635C-A41D-4525-9965-CA9AB13A853C} => klucz pomyślnie usunięto HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Lenovo\Lenovo Solution Center Launcher => klucz pomyślnie usunięto HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{361CB9DA-9518-4480-A0B2-7D664835BDBB} => klucz pomyślnie usunięto HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{361CB9DA-9518-4480-A0B2-7D664835BDBB} => klucz pomyślnie usunięto HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Nvbackend => klucz pomyślnie usunięto HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{3A3B3D38-1EC8-4554-B67C-C01FBD845D83} => klucz pomyślnie usunięto HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{3A3B3D38-1EC8-4554-B67C-C01FBD845D83} => klucz pomyślnie usunięto HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\PDVDServ12 Task => klucz pomyślnie usunięto HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{4B689FEE-0FFA-43C8-A296-D5A395D53E1C} => klucz pomyślnie usunięto HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{4B689FEE-0FFA-43C8-A296-D5A395D53E1C} => klucz pomyślnie usunięto HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Lenovo\REACHit Agent Startup => klucz pomyślnie usunięto HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{65981F53-D2B0-4C9C-B844-EDAE1DD63ECE} => klucz pomyślnie usunięto HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{65981F53-D2B0-4C9C-B844-EDAE1DD63ECE} => klucz pomyślnie usunięto C:\WINDOWS\System32\Tasks\Microsoft\Windows\rempl\shell => pomyślnie przeniesiono HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\rempl\shell => klucz pomyślnie usunięto HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{8E0E2668-637A-43E6-9B13-9F4E4E6FFDC4} => klucz pomyślnie usunięto HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{8E0E2668-637A-43E6-9B13-9F4E4E6FFDC4} => klucz pomyślnie usunięto HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Lenovo\LSC\LSCHardwareScan => klucz pomyślnie usunięto HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{962A2D82-9148-452F-955F-0EA4EC9F1327} => klucz pomyślnie usunięto HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{962A2D82-9148-452F-955F-0EA4EC9F1327} => klucz pomyślnie usunięto C:\WINDOWS\System32\Tasks\Microsoft\Windows\rempl\shell-unlock => pomyślnie przeniesiono HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\rempl\shell-unlock => klucz pomyślnie usunięto HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{B84F46FF-32A2-4290-802B-296E012713E2} => klucz pomyślnie usunięto HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{B84F46FF-32A2-4290-802B-296E012713E2} => klucz pomyślnie usunięto HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Lenovo\ImController\Plugins\LenovoSystemUpdatePlugin_TVSUUpdateTask => klucz pomyślnie usunięto HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{BF8BF147-FE03-4894-A9A2-5FC73E11C059} => klucz pomyślnie usunięto HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{BF8BF147-FE03-4894-A9A2-5FC73E11C059} => klucz pomyślnie usunięto HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Lenovo\REACHit Agent Update => klucz pomyślnie usunięto HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{D1AF5157-085F-4559-9761-B25F82ECFF72} => klucz pomyślnie usunięto HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{D1AF5157-085F-4559-9761-B25F82ECFF72} => klucz pomyślnie usunięto HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\PLA\LSC Memory => klucz pomyślnie usunięto HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{DB540296-5683-4E11-835D-F7B230B92D23} => klucz pomyślnie usunięto HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{DB540296-5683-4E11-835D-F7B230B92D23} => klucz pomyślnie usunięto HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Lenovo\LSC\Lenovo Solution Center Notifications => klucz pomyślnie usunięto HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{DC2F1AF6-D545-4000-B200-CC16AA5DB884} => klucz pomyślnie usunięto HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{DC2F1AF6-D545-4000-B200-CC16AA5DB884} => klucz pomyślnie usunięto HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\CyberLink\Photo Master Gadget startup => klucz pomyślnie usunięto HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{EB3F35D1-0D54-4611-AFDF-1E40D59AB731} => klucz pomyślnie usunięto HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{EB3F35D1-0D54-4611-AFDF-1E40D59AB731} => klucz pomyślnie usunięto HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Lenovo\ImController\Lenovo iM Controller Scheduled Maintenance => klucz pomyślnie usunięto HKLM\Software\Classes\Directory\Background\ShellEx\ContextMenuHandlers\igfxcui => klucz pomyślnie usunięto HKLM\Software\Classes\CLSID\{3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => klucz nie znaleziono. HKLM\SOFTWARE\MozillaPlugins => klucz pomyślnie usunięto HKLM\SOFTWARE\Wow6432Node\Mozilla => klucz pomyślnie usunięto HKLM\SOFTWARE\Wow6432Node\MozillaPlugins => klucz pomyślnie usunięto C:\ProgramData\WinSxA.exe => pomyślnie przeniesiono C:\ProgramData\Temp => pomyślnie przeniesiono C:\Users\kuba pc\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Gоogle Сhromе.lnk => pomyślnie przeniesiono C:\Users\kuba pc\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Intеrnеt Exрlorеr.lnk => pomyślnie przeniesiono C:\Users\kuba pc\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Lenovo App Explorer.lnk => pomyślnie przeniesiono ========================= Folder: C:\Program Files\rempl ======================== 2017-09-15 16:04 - 2017-09-18 12:22 - 000000000 ____D () C:\Program Files\rempl\Logs 2017-09-15 16:04 - 2017-09-18 12:22 - 000131072 _____ () C:\Program Files\rempl\Logs\Remediation.001.etl 2017-09-15 16:04 - 2017-09-17 12:16 - 000131072 _____ () C:\Program Files\rempl\Logs\Remediation.002.etl 2017-09-15 16:04 - 2017-09-16 13:12 - 000131072 _____ () C:\Program Files\rempl\Logs\Remediation.003.etl 2017-09-15 16:04 - 2017-09-15 21:41 - 000131072 _____ () C:\Program Files\rempl\Logs\Remediation.004.etl 2017-09-15 16:04 - 2017-09-15 16:14 - 000131072 _____ () C:\Program Files\rempl\Logs\Remediation.005.etl ====== Koniec Folder: ====== ========================= Folder: C:\Windows\System32\Tasks\Microsoft\Windows\rempl ======================== ====== Koniec Folder: ====== ========= wevtutil el | Foreach-Object {wevtutil cl "$_"} ========= ========= Koniec Powershell: ========= =========== EmptyTemp: ========== BITS transfer queue => 583648 B DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 6488060 B Java, Flash, Steam htmlcache => 931 B Windows/system/drivers => 457468044 B Edge => 21811671 B Chrome => 410785436 B Firefox => 0 B Opera => 0 B Temp, IE cache, history, cookies, recent: Default => 0 B Users => 0 B ProgramData => 0 B Public => 0 B systemprofile => 202 B systemprofile32 => 128 B LocalService => 9964 B NetworkService => 9786 B defaultuser0 => 549890 B kuba pc => 119642037 B RecycleBin => 2820158 B EmptyTemp: => 972.9 MB danych tymczasowych Usunięto. ================================ System wymagał restartu. ==== Koniec Fixlog 14:49:56 ====