Rezultaty skanu uzupełniającego Farbar Recovery Scan Tool (x64) Wersja: 27.01.2019 Uruchomiony przez T420 (28-01-2019 21:06:28) Uruchomiony z E:\download\mp3 Windows 7 Professional Service Pack 1 (X64) (2012-11-23 12:46:25) Tryb startu: Normal ========================================================== ==================== Konta użytkowników: ============================= Administrator (S-1-5-21-328812129-6731451-2985146762-500 - Administrator - Disabled) Gość (S-1-5-21-328812129-6731451-2985146762-501 - Limited - Disabled) HomeGroupUser$ (S-1-5-21-328812129-6731451-2985146762-1007 - Limited - Enabled) T420 (S-1-5-21-328812129-6731451-2985146762-1000 - Administrator - Enabled) => C:\Users\T420 ==================== Centrum zabezpieczeń ======================== (Załączenie wejścia w fixlist spowoduje jego usunięcie.) AV: Microsoft Security Essentials (Disabled - Up to date) {B140BF4E-23BB-4198-90AB-A51A4C60A69C} AS: Microsoft Security Essentials (Disabled - Up to date) {0A215EAA-0581-4E16-AA1B-9E6837E7EC21} AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} ==================== Zainstalowane programy ====================== (W fixlist dozwolone tylko załączanie programów adware z flagą "Hidden" w celu ich uwidocznienia. Programy adware powinny zostać w poprawny sposób odinstalowane.) µTorrent (HKU\S-1-5-21-328812129-6731451-2985146762-1000\...\uTorrent) (Version: 3.5.5.44994 - BitTorrent Inc.) ABBYY FineReader 11 (HKLM-x32\...\{F1100000-0011-0000-0001-074957833700}) (Version: 11.0.460 - ABBYY) Adobe Acrobat Reader DC - Polish (HKLM-x32\...\{AC76BA86-7AD7-1045-7B44-AC0F074E4100}) (Version: 19.010.20069 - Adobe Systems Incorporated) Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 21.0.0.215 - Adobe Systems Incorporated) Adobe Flash Player 18 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 18.0.0.209 - Adobe Systems Incorporated) Adobe Flash Player 18 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 18.0.0.209 - Adobe Systems Incorporated) Adobe Shockwave Player 12.1 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.1.9.160 - Adobe Systems, Inc.) Alcor Micro Smart Card Reader Driver (HKLM-x32\...\{F24F876B-7D71-4BD6-88E9-614D3BB84242}) (Version: 1.7.42.0 - Alcor Micro Corp.) Hidden Alcor Micro Smart Card Reader Driver (HKLM-x32\...\SZCCID) (Version: 1.7.45.1 - Alcor Micro Corp.) Apple Mobile Device Support (HKLM\...\{BDD99690-3541-4619-9D2A-3CDDB3E15F9E}) (Version: 8.0.5.6 - Apple Inc.) Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.) Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.) calibre (HKLM-x32\...\{EEFFE01E-F594-42EE-815D-50B8A17985B7}) (Version: 2.49.0 - Kovid Goyal) CCleaner (HKLM\...\CCleaner) (Version: 5.47 - Piriform) Citrix Receiver 4.4 LTSR (HKLM-x32\...\CitrixOnlinePluginPackWeb) (Version: 14.4.5000.8 - Citrix Systems, Inc.) Conexant 20672 SmartAudio HD (HKLM\...\CNXT_AUDIO_HDA) (Version: 8.32.23.5 - Conexant) D3DX10 (HKLM-x32\...\{E09C4DB7-630C-4F06-A631-8EA7239923AF}) (Version: 15.4.2368.0902 - Microsoft) Hidden Dungeon Keeper Gold PL (HKLM-x32\...\{1AF9A53F-61DB-4F40-B8B9-0C0E59777B6D}) (Version: 1.0.0 - Extragry.pl) Google Chrome (HKLM-x32\...\Google Chrome) (Version: 71.0.3578.98 - Google Inc.) Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.23 - Google Inc.) Hidden GoPro App (HKLM-x32\...\{FA856359-2B03-4ABC-AC82-E69AF9F405CE}) (Version: 5.6.509 - GoPro, Inc.) Hidden GoPro Studio 2.5.6 (HKLM-x32\...\{8850d4d9-a0fc-453f-ba03-ec084375d0c2}) (Version: 2.5.6.509 - GoPro, Inc.) IDGo 500 PKCS#11 Library for IDPrime .NET Smart Cards (HKLM-x32\...\{19699919-028B-4B2F-9290-558532122010}) (Version: 2.3.1.01 - Gemalto) Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 9.17.10.3347 - Intel Corporation) Intel(R) Wireless Display (HKLM\...\{28EF7372-9087-4AC3-9B9F-D9751FCDF830}) (Version: - ) iTunes (HKLM\...\{2ABBBD91-91E5-4AD7-929A-FE15D1DC0576}) (Version: 12.0.1.26 - Apple Inc.) Java 8 Update 161 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180161F0}) (Version: 8.0.1610.12 - Oracle Corporation) Krańcowa Ochrona firmy Trusteer (HKLM-x32\...\Rapport_msi) (Version: 3.5.1412.176 - Trusteer) Lenovo Auto Scroll Utility (HKLM\...\LenovoAutoScrollUtility) (Version: 1.11 - ) Lenovo Patch Utility (HKLM-x32\...\{C6FB6B4A-1378-4CD3-9CD3-42BA69FCBD43}) (Version: 1.4.0.4 - Lenovo Group Limited) Hidden Lenovo Patch Utility 64 bit (HKLM\...\{053ACA98-6B07-4DD0-9DB3-F51E3EB1780C}) (Version: 1.4.0.4 - Lenovo Group Limited) Hidden Lenovo Power Management Driver (HKLM\...\Power Management Driver) (Version: 1.67.12.16 - Lenovo) Hidden Lenovo Screen Reading Optimizer (HKLM-x32\...\{91A29166-4E1B-4664-B70B-4C4A3B6B3372}) (Version: 1.16 - Lenovo) Lenovo Solution Center (HKLM\...\{7BB9AAFD-3350-49C8-92D1-833AAFF9E74E}) (Version: 3.4.003.013 - Lenovo) Lenovo System Interface Driver (HKLM\...\LENOVO.SMIIF) (Version: 1.05 - ) Lenovo System Update (HKLM-x32\...\TVSU_is1) (Version: 5.07.0074 - Lenovo) LG Mobile Driver (HKLM-x32\...\{3F490D0E-3131-438C-BCF9-7549CB88DF41}) (Version: 4.2.0 - LG Electronics) Metric Collection SDK (HKLM-x32\...\{DDAA788F-52E6-44EA-ADB8-92837B11BF26}) (Version: 1.1.0005.00 - Lenovo Group Limited) Hidden Microsoft .NET Framework 4.5.1 (Polski) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1045) (Version: 4.5.50938 - Microsoft Corporation) Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation) Microsoft Office Professional Plus 2013 (HKLM\...\Office15.PROPLUS) (Version: 15.0.4569.1506 - Microsoft Corporation) Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50901.0 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319 (HKLM\...\{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}) (Version: 10.0.30319 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft WSE 2.0 SP3 Runtime (HKLM-x32\...\{F3CA9611-CD42-4562-ADAB-A554CF8E17F1}) (Version: 2.0.5050.0 - Microsoft Corp.) Mozilla Firefox 47.0.2 (x86 pl) (HKLM-x32\...\Mozilla Firefox 47.0.2 (x86 pl)) (Version: 47.0.2 - Mozilla) NapiProjekt (2.2.0.2399) (HKLM-x32\...\NapiProjekt_is1) (Version: - ) Narzędzia sprawdzające pakietu Microsoft Office 2013 — polski (HKLM\...\{90150000-001F-0415-1000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden Obsługa programów Apple (HKLM-x32\...\{83CAF0DE-8D3B-4C37-A631-2B8F16EC3031}) (Version: 3.1 - Apple Inc.) On Screen Display (HKLM\...\OnScreenDisplay) (Version: 6.73.01 - ) Online Plug-in (HKLM-x32\...\{B141AD56-3074-4AB2-AF9D-10A02414ABC8}) (Version: 14.4.5000.8 - Citrix Systems, Inc.) Hidden Open XML SDK 2.0 for Microsoft Office (HKLM-x32\...\{171D8D76-3F05-455A-A8AF-C561C2679905}) (Version: 2.0.5022 - Microsoft Corporation) Oprogramowanie Intel® PROSet/Wireless (HKLM-x32\...\{a9888f41-68ae-43df-bd7d-d93405a44106}) (Version: 17.13.11 - Intel Corporation) Pakiet sterowników systemu Windows - Google, Inc. (WinUSB) AndroidUsbDeviceClass (02/02/2015 4.0.0000.00001) (HKLM\...\029888D43BFD3B5FB7FD31E690D4B4A42B9C2B80) (Version: 02/02/2015 4.0.0000.00001 - Google, Inc.) Podstawowe programy Windows Live (HKLM-x32\...\{FF3E88D8-F678-4622-86F6-36662C4A4167}) (Version: 16.4.3522.0110 - Microsoft Corporation) Hidden Podstawowe programy Windows Live (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3522.0110 - Microsoft Corporation) Power Manager (HKLM-x32\...\{DAC01CEE-5BAE-42D5-81FC-B687E84E8405}) (Version: 6.68.15 - Lenovo Group Limited) Rapport (HKLM-x32\...\{1DD81E7D-0D28-4CEB-87B2-C041A4FCB215}) (Version: 3.5.1412.176 - Trusteer) Hidden Rescue and Recovery (HKLM-x32\...\{BDB3E73F-5ECA-441D-96E1-F1CFCF3D427D}) (Version: 4.50.0025.00 - Lenovo Group Limited) RICOH_Media_Driver_v2.14.18.01 (HKLM-x32\...\{FE041B02-234C-4AAA-9511-80DF6482A458}) (Version: 2.14.18.01 - RICOH) SCR3xxx Smart Card Reader (HKLM-x32\...\{17B0906A-26ED-45D0-B51B-83EF1AADCCFE}) (Version: 8.52 - Identive) Self-service Plug-in (HKLM-x32\...\{1D348472-FD64-45EE-B79E-C46375261801}) (Version: 4.4.5000.16669 - Citrix Systems, Inc.) Hidden Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{D82063A8-7C8C-4C3B-A9BB-95138CA55D26}) (Version: - Microsoft) Skype™ 7.7 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.7.103 - Skype Technologies S.A.) swMSM (HKLM-x32\...\{612C34C7-5E90-47D8-9B5C-0F717DD82726}) (Version: 12.0.0.1 - Adobe Systems, Inc) Hidden Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 19.0.17.115 - Synaptics Incorporated) TeamViewer 11 (HKLM-x32\...\TeamViewer) (Version: 11.0.53254 - TeamViewer) ThinkPad FullScreen Magnifier (HKLM\...\ThinkPad FullScreen Magnifier) (Version: 2.42 - ) ThinkPad UltraNav Utility (HKLM-x32\...\{17CBC505-D1AE-459D-B445-3D2000A85842}) (Version: 2.13.0 - Lenovo) ThinkVantage Access Connections (HKLM-x32\...\{8E537894-A559-4D60-B3CB-F4485E3D24E3}) (Version: 6.26.88 - Lenovo) ThinkVantage Active Protection System (HKLM\...\{46A84694-59EC-48F0-964C-7E76E9F8A2ED}) (Version: 1.79.00.03 - Lenovo) ThinkVantage AutoLock (HKLM\...\{E224B44B-B5EB-4af3-A80A-A255358E241A}_is1) (Version: 1.07 - Lenovo) ThinkVantage Communications Utility (HKLM\...\{88C6A6D9-324C-46E8-BA87-563D14021442}_is1) (Version: 2.11.0.0 - Lenovo) ThinkVantage Password Manager (HKLM-x32\...\{70EE2BAA-F82A-4B8A-950E-649EFD64D5B9}) (Version: 4.60.4.0 - Lenovo Group Limited) UltraViewer version 6.1.0.6 (HKLM-x32\...\{E0FABD74-083B-47F4-AC5B-CA4237BF8913}_is1) (Version: 6.1.0.6 - DucFabulous) VFW_Codec32 (HKLM-x32\...\{AFEF72F3-EDEC-4B70-BB25-4CEA1FCBF425}) (Version: 0.1.160.0 - GoPro, Inc.) Hidden VFW_Codec64 (HKLM\...\{4C110871-BAC2-43D8-A892-C30FD0F58D83}) (Version: 0.1.160.0 - GoPro, Inc.) Hidden VLC media player (HKLM\...\VLC media player) (Version: 2.1.5 - VideoLAN) WinPcap 4.1.2 (HKLM-x32\...\WinPcapInst) (Version: 4.1.0.2001 - CACE Technologies) WinRAR 5.01 (32-bit) (HKLM-x32\...\WinRAR archiver) (Version: 5.01.0 - win.rar GmbH) WinUSB Drivers x64 (HKLM\...\{370C1839-B7D8-425E-8D3F-C79638E7D09C}) (Version: 2011.44.1.182 - Nokia) z3x shell 4.8.3 (HKLM-x32\...\02F85D9C-E9D2-4019-86A6-2FE6780FC701_is1) (Version: - z3x-team) ==================== Niestandardowe rejestracje CLSID (filtrowane): ========================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) CustomCLSID: HKU\S-1-5-21-328812129-6731451-2985146762-1000_Classes\CLSID\{565EE4A3-D87B-E67A-D9FB-11DFFAB1BE20}\InprocServer32 -> C:\Windows\system32\ole32.dll (Microsoft Corporation) ContextMenuHandlers1: [Advanced SystemCare] -> {2803063F-4B8D-4dc6-8874-D1802487FE2D} => -> Brak pliku ContextMenuHandlers1: [EPP] -> {09A47860-11B0-4DA5-AFA5-26D86198A780} => -> Brak pliku ContextMenuHandlers1: [FineReader11ContextMenu] -> {79E48320-C6B5-49F1-992B-571D53586885} => C:\Program Files (x86)\ABBYY FineReader 11\FRIntegration.x64.dll [2012-01-19] (ABBYY.) ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext64.dll [2013-12-03] (Alexander Roshal) ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext.dll [2013-12-03] (Alexander Roshal) ContextMenuHandlers2: [Advanced SystemCare] -> {2803063F-4B8D-4dc6-8874-D1802487FE2D} => -> Brak pliku ContextMenuHandlers2-x32: [AlcoholShellEx] -> {32020A01-506E-484D-A2A8-BE3CF17601C3} => C:\Program Files (x86)\Alcohol Soft\Alcohol 120\AxShlex.dll [2013-09-17] (Alcohol Soft Development Team) ContextMenuHandlers2-x32: [AlcoholShellEx64] -> {AF67B665-D752-424E-9A03-C7C218F2844F} => C:\Program Files (x86)\Alcohol Soft\Alcohol 120\AxShlEx64.dll [2013-09-17] (Alcohol Soft Development Team) ContextMenuHandlers4: [Advanced SystemCare] -> {2803063F-4B8D-4dc6-8874-D1802487FE2D} => -> Brak pliku ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => C:\Windows\system32\igfxpph.dll [2013-11-01] (Intel Corporation) ContextMenuHandlers6: [FineReader11ContextMenu] -> {79E48320-C6B5-49F1-992B-571D53586885} => C:\Program Files (x86)\ABBYY FineReader 11\FRIntegration.x64.dll [2012-01-19] (ABBYY.) ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext64.dll [2013-12-03] (Alexander Roshal) ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext.dll [2013-12-03] (Alexander Roshal) ==================== Zaplanowane zadania (filtrowane) ============= (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) Task: {08EAF547-B9BD-407B-B1F9-48C69640F20D} - System32\Tasks\Lenovo\SROptimizer => C:\Program Files (x86)\Lenovo\Screen Reading Optimizer\\SRORest.exe [2012-03-05] (Lenovo Group Limited) Task: {0C72CCCA-98AC-42B4-AC42-B6806EBC2D2B} - System32\Tasks\{5EA5A30B-5A3A-4093-BA63-A7A9CE8290D2} => C:\Windows\system32\pcalua.exe -a E:\download\CopyToy\CopyToy.exe -d E:\download\CopyToy Task: {146CF0A6-8CC5-4F2E-99EF-A7FF12AB4C92} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office\Office15\msoia.exe [2014-01-23] (Microsoft Corporation) Task: {270D5923-4E36-4C97-9668-A082DC10E591} - System32\Tasks\Lenovo\Lenovo Customer Feedback Program => C:\Program Files\Lenovo\Customer Feedback Program\Lenovo.TVT.CustomerFeedback.Agent.exe Task: {27E878B5-2E30-4ABD-9BC2-CA4CC9EFED61} - System32\Tasks\PMTask => C:\Program Files (x86)\ThinkPad\Utilities\PwmIdTsv.exe [2018-05-16] (Lenovo Group Limited) Task: {492199C3-3D35-44E7-94D7-AF0D30035B7E} - System32\Tasks\TVT\ChangePWD => C:\Program Files (x86)\Lenovo\Rescue and Recovery\rrcmd.exe [2011-08-18] (Lenovo Limited Group Corporation) Task: {537D1C61-EDE6-4B56-A1F6-BD0801991CFB} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2018-09-19] (Piriform Ltd) Task: {5DDA603A-9646-4D75-806E-192DA293C6B5} - System32\Tasks\Lenovo\LSC\LSCHardwareScanPostpone => C:\Program Files\Lenovo\Lenovo Solution Center\LSC.exe [2017-02-14] (Lenovo) Task: {635C8659-9FE1-4214-B3AA-598CE1A3EE1D} - System32\Tasks\Driver Booster SkipUAC (T420) => C:\Program Files (x86)\IObit\Driver Booster\5.2.0\DriverBooster.exe Task: {6BC71441-967A-4E4C-9B7D-9EEA06041936} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-28] (Google Inc.) Task: {7168381A-A0D0-4E36-97D3-F0A4B5DC5928} - System32\Tasks\TVT\TVSUUpdateTask => C:\Program Files (x86)\Lenovo\System Update\tvsuShim.exe [2018-10-22] () Task: {7FAC71BF-5A47-40D5-B7B0-03E9B4B8128F} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [2018-09-19] (Piriform Ltd) Task: {8190D099-0B2B-42E6-A961-4E1D5A73AC17} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe [2014-01-23] (Microsoft Corporation) Task: {8A3AAD10-93AE-4842-9D8B-AD892418A43C} - System32\Tasks\Lenovo\LSC\Lenovo Solution Center Notifications => C:\Program Files\Lenovo\Lenovo Solution Center\LSCNotify.exe [2017-02-14] (Lenovo) Task: {8B7DA536-EAC3-4611-9291-F00F0D405594} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2018-08-13] (Adobe Systems Incorporated) Task: {8ECFBC3C-283A-4FB2-8AD2-97B60DAAE2CF} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-08-11] (Adobe Systems Incorporated) Task: {A0B4FC3E-9123-4F2D-9F00-EE9E55756E62} - System32\Tasks\Lenovo\Lenovo Solution Center Launcher => C:\Program Files\Lenovo\Lenovo Solution Center\App\LSC.Services.UpdateStatusService.exe [2017-02-14] () Task: {A0CF9FC1-533A-4E43-BB17-A17B41E3B7EB} - System32\Tasks\Lenovo\LSC\LSCHardwareScan => C:\Program Files\Lenovo\Lenovo Solution Center\LSC.exe [2017-02-14] (Lenovo) Task: {A1D2A3BB-EA4D-4A75-A06C-366145C5E71D} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office\Office15\msoia.exe [2014-01-23] (Microsoft Corporation) Task: {AE132D1C-F805-412C-AC23-47C2C8E6FA09} - System32\Tasks\Microsoft\Windows\Application Experience\ProgramDataUpdater => Command(1): %windir%\system32\rundll32.exe -> aepdu.dll,AePduRunUpdate Task: {AE132D1C-F805-412C-AC23-47C2C8E6FA09} - System32\Tasks\Microsoft\Windows\Application Experience\ProgramDataUpdater => Command(2): %windir%\system32\rundll32.exe -> invagent.dll,RunUpdate Task: {B812BF52-F470-4A70-B0EE-BFB5FEFE9038} - System32\Tasks\TVT\TVSUUpdateTask_UserLogOn => C:\Program Files (x86)\Lenovo\System Update\tvsuShim.exe [2018-10-22] () Task: {B8B7F759-FE9D-442A-8740-C9828D079F91} - System32\Tasks\Microsoft\Microsoft Antimalware\MpIdleTask => c:\Program Files\Microsoft Security Client\MpCmdRun.exe Task: {CFB1112D-22FC-4F5D-8F51-E0EFF0D2B19E} - System32\Tasks\TVT\LaunchRnR => C:\Program Files (x86)\Lenovo\Rescue and Recovery\rrcmd.exe [2011-08-18] (Lenovo Limited Group Corporation) Task: {D151B264-0EB2-4E26-B970-B7E2C1E34FBA} - System32\Tasks\Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan => c:\Program Files\Microsoft Security Client\MpCmdRun.exe Task: {D1DCC1F5-516A-4F54-95AD-7E784029F205} - System32\Tasks\TVT\UpdateRnR => C:\Program Files (x86)\Common Files\Lenovo\Scheduler\tvtsetsched.exe [2011-08-18] () Task: {D4BE9850-F335-464D-B4EB-1DEE4C6021FF} - System32\Tasks\Lenovo\Lenovo Customer Feedback Program 64 => C:\Program Files (x86)\Lenovo\Customer Feedback Program\Lenovo.TVT.CustomerFeedback.Agent.exe [2015-07-01] (Lenovo) Task: {D8D438C0-A055-4144-AB4B-9D9ACC0B30CF} - System32\Tasks\Microsoft\Windows\Application Experience\Microsoft Compatibility Appraiser => Command(1): %windir%\system32\rundll32.exe -> aepdu.dll,AePduRunUpdate -nolegacy Task: {D8D438C0-A055-4144-AB4B-9D9ACC0B30CF} - System32\Tasks\Microsoft\Windows\Application Experience\Microsoft Compatibility Appraiser => Command(2): %windir%\system32\rundll32.exe -> appraiser.dll,DoScheduledTelemetryRun Task: {DA8B9E32-41CC-48E7-90F5-B48440F97C84} - System32\Tasks\Lenovo\Lenovo Customer Feedback Program 64 35 => C:\Program Files (x86)\Lenovo\Customer Feedback Program 35\Lenovo.TVT.CustomerFeedback.Agent35.exe Task: {F273A610-38EF-45A7-B338-699C5C92E742} - System32\Tasks\{109B40DF-5AF1-4B87-8F14-BA4FBF90C813} => C:\Windows\system32\pcalua.exe -a "C:\ProgramData\Citrix\Citrix Receiver 4.4 LTSR\TrolleyExpress.exe" -c /uninstall /cleanup Task: {F46DB896-6CDC-447D-886C-27939A34FF78} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-28] (Google Inc.) Task: {F8F4DF96-97B8-49AA-BA14-8F4803DC81D3} - System32\Tasks\Microsoft\Windows\PLA\LSC Memory => C:\Windows\system32\rundll32.exe C:\Windows\system32\pla.dll,PlaHost "LSC Memory" "$(Arg0)" Task: {FFF09292-EA73-4F6E-81DE-2164A9E28FBC} - System32\Tasks\Lenovo\LSC\LSCTaskService => C:\Program Files\Lenovo\Lenovo Solution Center\App\LSCTaskService.exe (Załączenie wejścia w fixlist spowoduje przesunięcie pliku zadania (.job). Plik uruchamiany docelowo przez zadanie nie zostanie przeniesiony.) Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-328812129-6731451-2985146762-1000Core.job => C:\Users\T420\AppData\Local\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-328812129-6731451-2985146762-1000UA.job => C:\Users\T420\AppData\Local\Google\Update\GoogleUpdate.exe ==================== Skróty & WMI ======================== (Wybrane wejścia mogą zostać załączone w celu ich zresetowania lub usunięcia.) Shortcut: C:\Users\Public\Desktop\Dungeon Keeper Gold PL.lnk -> C:\Gry\Dungeon Keeper Gold PL\#start.bat () ==================== Załadowane moduły (filtrowane) ============== 2018-03-07 07:10 - 2018-01-03 15:14 - 000093696 _____ () C:\Program Files (x86)\UltraViewer\UltraViewer_Service.exe 2013-01-27 16:58 - 2010-09-22 20:20 - 000776704 _____ () C:\Program Files (x86)\Stardock\ObjectDockPlus2\Dock64.dll 2018-09-19 08:12 - 2018-09-19 08:12 - 000091520 _____ () C:\Program Files\CCleaner\lang\lang-1045.dll 2019-01-06 22:37 - 2019-01-06 22:37 - 000695808 _____ () C:\Users\T420\AppData\Roaming\Zerok\comdlg.exe 2012-11-23 14:05 - 2018-05-16 06:08 - 000113960 ____N () C:\Program Files (x86)\ThinkPad\Utilities\US\PWMRT64V.DLL 2019-01-06 22:37 - 2019-01-06 22:37 - 000695808 _____ () C:\Users\T420\AppData\Roaming\Zerok\zcomdlg.exe 2018-11-20 21:52 - 2018-10-22 19:38 - 000023880 _____ () C:\Program Files (x86)\Lenovo\System Update\SUService.exe 2018-12-18 19:31 - 2018-12-12 05:11 - 005237216 _____ () C:\Program Files (x86)\Google\Chrome\Application\71.0.3578.98\libglesv2.dll 2018-12-18 19:31 - 2018-12-12 05:11 - 000117216 _____ () C:\Program Files (x86)\Google\Chrome\Application\71.0.3578.98\libegl.dll 2013-01-27 16:58 - 2010-10-01 01:50 - 000675840 _____ () C:\Program Files (x86)\Stardock\ObjectDockPlus2\DockShellHook.dll 2013-01-27 16:58 - 2013-01-27 16:59 - 000807936 _____ () C:\Program Files (x86)\Stardock\ObjectDockPlus2\CrashRpt.dll 2013-01-27 16:58 - 2010-03-09 21:58 - 000053760 _____ () C:\Program Files (x86)\Stardock\ObjectDockPlus2\zlib.dll 2014-03-23 15:04 - 2014-03-23 15:04 - 000557056 _____ () C:\Program Files (x86)\Trusteer\Rapport\bin\js32.dll ==================== Alternate Data Streams (filtrowane) ========= (Załączenie wejścia w fixlist spowoduje usunięcie strumienia ADS.) AlternateDataStreams: C:\Windows:AB26240E422DBC5F [50] AlternateDataStreams: C:\Windows:netNLSPreferences [0] AlternateDataStreams: C:\Windows:nlsPreferences [0] AlternateDataStreams: C:\Users\T420\Downloads\TG9uZG9uLlxBMyBEZXNrdG9w.ica:icasource [217] ==================== Tryb awaryjny (filtrowane) =================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Wartość "AlternateShell" zostanie przywrócona.) ==================== Powiązania plików (filtrowane) =============== (Załączenie wejścia w fixlist spowoduje usunięcie obiektu z rejestru lub przywrócenie jego domyślnej postaci.) ==================== Internet Explorer - Witryny zaufane i z ograniczeniami =============== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru.) IE restricted site: HKU\S-1-5-21-328812129-6731451-2985146762-1000\...\008i.com -> 008i.com IE restricted site: HKU\S-1-5-21-328812129-6731451-2985146762-1000\...\008k.com -> 008k.com IE restricted site: HKU\S-1-5-21-328812129-6731451-2985146762-1000\...\00hq.com -> 00hq.com IE restricted site: HKU\S-1-5-21-328812129-6731451-2985146762-1000\...\0190-dialers.com -> 0190-dialers.com IE restricted site: HKU\S-1-5-21-328812129-6731451-2985146762-1000\...\01i.info -> 01i.info IE restricted site: HKU\S-1-5-21-328812129-6731451-2985146762-1000\...\02pmnzy5eo29bfk4.com -> 02pmnzy5eo29bfk4.com IE restricted site: HKU\S-1-5-21-328812129-6731451-2985146762-1000\...\05p.com -> 05p.com IE restricted site: HKU\S-1-5-21-328812129-6731451-2985146762-1000\...\07ic5do2myz3vzpk.com -> 07ic5do2myz3vzpk.com IE restricted site: HKU\S-1-5-21-328812129-6731451-2985146762-1000\...\08nigbmwk43i01y6.com -> 08nigbmwk43i01y6.com IE restricted site: HKU\S-1-5-21-328812129-6731451-2985146762-1000\...\093qpeuqpmz6ebfa.com -> 093qpeuqpmz6ebfa.com IE restricted site: HKU\S-1-5-21-328812129-6731451-2985146762-1000\...\0calories.net -> 0calories.net IE restricted site: HKU\S-1-5-21-328812129-6731451-2985146762-1000\...\0cj.net -> 0cj.net IE restricted site: HKU\S-1-5-21-328812129-6731451-2985146762-1000\...\0scan.com -> 0scan.com IE restricted site: HKU\S-1-5-21-328812129-6731451-2985146762-1000\...\1-britney-spears-nude.com -> 1-britney-spears-nude.com IE restricted site: HKU\S-1-5-21-328812129-6731451-2985146762-1000\...\1-domains-registrations.com -> 1-domains-registrations.com IE restricted site: HKU\S-1-5-21-328812129-6731451-2985146762-1000\...\1-se.com -> 1-se.com IE restricted site: HKU\S-1-5-21-328812129-6731451-2985146762-1000\...\1001movie.com -> 1001movie.com IE restricted site: HKU\S-1-5-21-328812129-6731451-2985146762-1000\...\1001night.biz -> 1001night.biz IE restricted site: HKU\S-1-5-21-328812129-6731451-2985146762-1000\...\100gal.net -> 100gal.net IE restricted site: HKU\S-1-5-21-328812129-6731451-2985146762-1000\...\100sexlinks.com -> 100sexlinks.com Wykryto więcej niż wyliczono: 4788 witryn. ==================== Hosts - zawartość: =============================== (Użycie dyrektywy Hosts: w fixlist spowoduje reset pliku Hosts.) 2009-07-14 02:34 - 2009-06-10 21:00 - 000000824 _____ C:\Windows\system32\drivers\etc\hosts ==================== Inne obszary ============================ (Obecnie brak automatycznej naprawy dla tej sekcji.) HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path: C:\ProgramData\Oracle\Java\javapath;C:\Program Files\Common Files\Microsoft Shared\Windows Live;C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\Common Files\Lenovo;C:\Program Files (x86)\Lenovo\Access Connections\;C:\Program Files (x86)\Windows Live\Shared;C:\Program Files (x86)\Calibre2\;C:\Program Files (x86)\Skype\Phone\;C:\Program Files\Intel\WiFi\bin\;C:\Program Files\Common Files\Intel\WirelessCommon\ HKCU\Environment\\Path: C:\ProgramData\Oracle\Java\javapath;C:\Program Files\Common Files\Microsoft Shared\Windows Live;C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\Common Files\Lenovo;C:\Program Files (x86)\Lenovo\Access Connections\;C:\Program Files (x86)\Windows Live\Shared;C:\Program Files (x86)\Calibre2\;C:\Program Files (x86)\Skype\Phone\;C:\Program Files\Intel\WiFi\bin\;C:\Program Files\Common Files\Intel\WirelessCommon\ HKU\S-1-5-21-328812129-6731451-2985146762-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\T420\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg DNS Servers: 192.168.1.1 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 0) Zapora systemu Windows [funkcja wyłączona] ==================== MSCONFIG/TASK MANAGER - Wyłączone elementy == Załączenie wejścia w fixlist spowoduje jego usunięcie. MSCONFIG\Services: ABBYY.Licensing.FineReader.Professional.11.0 => 2 MSCONFIG\Services: AdobeARMservice => 2 MSCONFIG\Services: AdobeFlashPlayerUpdateSvc => 3 MSCONFIG\Services: Apple Mobile Device => 2 MSCONFIG\Services: AxAutoMntSrv => 2 MSCONFIG\Services: FreemakeVideoCapture => 2 MSCONFIG\Services: gupdate => 2 MSCONFIG\Services: gupdatem => 3 MSCONFIG\Services: IBMPMSVC => 2 MSCONFIG\Services: NalServ => 2 MSCONFIG\Services: nlsX86cc => 2 MSCONFIG\Services: SkypeUpdate => 2 MSCONFIG\startupreg: Adobe ARM => "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" MSCONFIG\startupreg: ALCKRESI.EXE => "C:\Program Files\Lenovo\AutoLock\ALCKRESI.EXE" MSCONFIG\startupreg: Bonus.SSR.FR11 => "C:\Program Files (x86)\ABBYY FineReader 11\Bonus.ScreenshotReader.exe" /autorun MSCONFIG\startupreg: CitrixReceiver => "C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Citrix\Receiver Updater.lnk" MSCONFIG\startupreg: CloneCDTray => MSCONFIG\startupreg: ConnectionCenter => "C:\Program Files (x86)\Citrix\ICA Client\concentr.exe" /startup MSCONFIG\startupreg: ForteConfig => C:\Program Files\Conexant\ForteConfig\fmapp.exe MSCONFIG\startupreg: GoPro Studio Importer => C:\Program Files (x86)\GoPro\Tools\Importer\GoPro Importer.exe MSCONFIG\startupreg: iTunesHelper => "C:\Program Files (x86)\iTunes\iTunesHelper.exe" MSCONFIG\startupreg: LENOVO.TPKNRRES => C:\Program Files\Lenovo\Communications Utility\TPKNRRES.exe MSCONFIG\startupreg: PasswordManager => "C:\Program Files\Lenovo\Password Manager\password_manager.exe" MSCONFIG\startupreg: PWMTRV => rundll32 "C:\Program Files (x86)\ThinkPad\Utilities\PWMTR64V.DLL",PwrMgrBkGndMonitor MSCONFIG\startupreg: QuickTime Task => MSCONFIG\startupreg: Redirector => "C:\Program Files (x86)\Citrix\ICA Client\redirector.exe" /startup MSCONFIG\startupreg: RIMBBLaunchAgent.exe => C:\Program Files (x86)\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe MSCONFIG\startupreg: Skype => "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun MSCONFIG\startupreg: Spotify Web Helper => MSCONFIG\startupreg: SunJavaUpdateSched => "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" MSCONFIG\startupreg: Syncios device service => C:\Program Files (x86)\Syncios\SynciosDeviceService.exe MSCONFIG\startupreg: TpShocks => TpShocks.exe MSCONFIG\startupreg: uTorrent => "C:\Users\T420\AppData\Roaming\uTorrent\uTorrent.exe" /MINIMIZED ==================== Reguły Zapory systemu Windows (filtrowane) =============== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) FirewallRules: [SPPSVC-In-TCP] => (Allow) %SystemRoot%\system32\sppsvc.exe (Microsoft Corporation) FirewallRules: [SPPSVC-In-TCP-NoScope] => (Allow) %SystemRoot%\system32\sppsvc.exe (Microsoft Corporation) FirewallRules: [{C8D2AF4F-AF61-4B90-896C-EE476B5D9AC6}] => (Allow) C:\Users\T420\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc.) FirewallRules: [{F4F9B118-E55F-45C7-AB10-0385571F3E75}] => (Allow) C:\Users\T420\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc.) FirewallRules: [TCP Query User{62EA20A3-3BF0-47DA-83B1-4334FCA79137}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe (Skype Technologies S.A.) FirewallRules: [UDP Query User{5CD93324-2745-4EAC-93A1-DD445E6287A3}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe (Skype Technologies S.A.) FirewallRules: [{A6B079B4-387A-44E3-80F3-D947B745981D}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe (Skype Technologies S.A.) FirewallRules: [{E8B7CE77-9A23-4284-B9A8-1058B6D2CCBB}] => (Allow) C:\Program Files (x86)\NapiProjekt\napisy.exe () FirewallRules: [{E78224EF-3B3A-4F9B-97C8-5E30E0DDB835}] => (Allow) C:\Program Files (x86)\NapiProjekt\napisy.exe () FirewallRules: [{E8BD755F-CB2C-44EF-9E56-5F3ACF42D189}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc.) FirewallRules: [{61A2A514-14F9-49A0-BE98-3F26E965D827}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc.) FirewallRules: [{9400E20A-29BA-480B-8A50-540CC034FFA0}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc.) FirewallRules: [{F66A9162-F9D2-41D3-BBBA-3248C8EA355C}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc.) FirewallRules: [{D579D8FF-F8CD-4402-88D3-88E386DC3BE6}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe (Microsoft Corporation) FirewallRules: [{E888002B-0D9C-4C82-8CBD-C8A2C8518E3B}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe (Microsoft Corporation) FirewallRules: [{1F3DAA0C-CBE9-4BF2-9C09-D667F45A787B}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe (Microsoft Corporation) FirewallRules: [{F11F9736-4786-498A-B8E6-9F2419089664}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe (Microsoft Corporation) FirewallRules: [{E39F6C15-D2C6-40B4-BBEA-1678079E4796}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe (Microsoft Corporation) FirewallRules: [{7A0C717E-90AF-4EBB-A147-162F6FAEE2FC}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe (Microsoft Corporation) FirewallRules: [{60F52692-C31B-49DE-AD56-0471BAC43989}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe (Microsoft Corporation) FirewallRules: [{15B6A114-81F2-4E59-A2E4-275267E112EC}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe (Microsoft Corporation) FirewallRules: [{16B9623D-DA05-41CF-94D8-D58B6CCF965F}] => (Allow) LPort=1689 FirewallRules: [{C4478ADF-EBEB-406E-BAAE-2B5897C8FD23}] => (Allow) LPort=1690 FirewallRules: [{569EE1CC-6EAB-44FE-80E4-D182B6F9D771}] => (Allow) C:\Program Files (x86)\iTunes\iTunes.exe (Apple Inc.) FirewallRules: [{4EFAE954-AA0B-40E4-BCB9-770329B9ACD5}] => (Allow) LPort=1688 FirewallRules: [{90C98E0C-B96C-4007-B0DE-CDF9F3BD4E08}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation) FirewallRules: [{317E8FE4-8DB2-4A32-87E1-53A34C30CAE3}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation) FirewallRules: [{E7D5F540-1430-4F42-B9B6-6F30F3074832}] => (Allow) C:\Users\T420\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc.) FirewallRules: [{E8ADAC82-C4BA-4855-9C29-3892EDD82919}] => (Allow) C:\Users\T420\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc.) FirewallRules: [{1DC0CCEC-628D-4DB9-ACBA-A88622DF5062}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer GmbH) FirewallRules: [{1107EA20-EECB-47B9-A592-91E009EBF47C}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer GmbH) FirewallRules: [{C818352E-5299-4C49-BAFA-E044E0CEAF24}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer GmbH) FirewallRules: [{379C0F19-5BCD-455B-BD5A-2371F70A2415}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer GmbH) FirewallRules: [{BADD15F7-BC17-408E-97C9-8E971819F322}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Ltd) FirewallRules: [{2875495F-695B-4EBB-BE12-3A75CB5C7B22}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Ltd) FirewallRules: [{4D3B575A-E9B1-4AA1-8A3D-5328394DCA79}] => (Allow) C:\Program Files (x86)\Lenovo\System Update\uncserver.exe () FirewallRules: [{4155A6C8-1218-42C2-9F39-8492DFB2EA8D}] => (Allow) C:\Program Files (x86)\Lenovo\System Update\uncserver.exe () FirewallRules: [{78A0B12E-70C0-4DED-A144-616A5FB84839}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) ==================== Punkty Przywracania systemu ========================= 17-01-2019 18:36:03 Installed Rapport 21-01-2019 12:57:39 Installed Rapport 22-01-2019 22:48:26 Installed Rapport 23-01-2019 20:23:34 Installed Rapport 24-01-2019 22:49:17 Installed Rapport 25-01-2019 21:45:00 Installed Rapport 27-01-2019 15:16:28 Installed Rapport 28-01-2019 20:03:56 Installed Rapport 28-01-2019 20:17:20 Installed Rapport 28-01-2019 20:40:29 Installed Rapport 28-01-2019 20:40:58 Removed IDGo 500 PKCS#11 Library for IDPrime .NET Smart Cards. 28-01-2019 20:41:38 Xperia Companion 28-01-2019 20:53:45 Installed Rapport ==================== Wadliwe urządzenia w Menedżerze urządzeń ============= Name: Teredo Tunneling Pseudo-Interface Description: Karta tunelowania Teredo firmy Microsoft Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318} Manufacturer: Microsoft Service: tunnel Problem: : This device cannot start. (Code10) Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device. On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard. ==================== Błędy w Dzienniku zdarzeń: ========================= Dziennik Aplikacja: ================== Error: (01/28/2019 08:58:52 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3011) (User: ZARZĄDZANIE NT) Description: Nie można usunąć z pamięci ciągów licznika wydajności dla usługi WmiApRpl (WmiApRpl). Pierwszy wpis DWORD w sekcji danych (Data) zawiera kod błędu. Error: (01/28/2019 08:58:52 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3012) (User: ZARZĄDZANIE NT) Description: Ciągi wydajności w wartości rejestru wydajności są uszkodzone, kiedy proces wykonuje następującą operację na dostawcy licznika rozszerzeń: Performance. Wartość BaseIndex z rejestru wydajności to pierwszy wpis DWORD w sekcji danych Data, wartość LastCounter to drugi wpis DWORD, a wartość LastHelp to trzeci wpis DWORD w sekcji Data. Error: (01/28/2019 08:58:52 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3012) (User: ZARZĄDZANIE NT) Description: Ciągi wydajności w wartości rejestru wydajności są uszkodzone, kiedy proces wykonuje następującą operację na dostawcy licznika rozszerzeń: Performance. Wartość BaseIndex z rejestru wydajności to pierwszy wpis DWORD w sekcji danych Data, wartość LastCounter to drugi wpis DWORD, a wartość LastHelp to trzeci wpis DWORD w sekcji Data. Error: (01/28/2019 08:55:43 PM) (Source: Windows Search Service) (EventID: 7010) (User: ) Description: Nie można zainicjować indeksu. Szczegóły: Wykaz indeksów zawartości jest uszkodzony. (HRESULT : 0xc0041801) (0xc0041801) Error: (01/28/2019 08:55:43 PM) (Source: Windows Search Service) (EventID: 3058) (User: ) Description: Nie można zainicjować aplikacji. Kontekst: aplikacja Windows Szczegóły: Wykaz indeksów zawartości jest uszkodzony. (HRESULT : 0xc0041801) (0xc0041801) Error: (01/28/2019 08:55:43 PM) (Source: Windows Search Service) (EventID: 3028) (User: ) Description: Nie można zainicjować obiektu programu zbierającego. Kontekst: aplikacja Windows, wykaz SystemIndex Szczegóły: Wykaz indeksów zawartości jest uszkodzony. (HRESULT : 0xc0041801) (0xc0041801) Error: (01/28/2019 08:55:43 PM) (Source: Windows Search Service) (EventID: 3029) (User: ) Description: Nie można zainicjować dodatku typu plug-in w . Kontekst: aplikacja Windows, wykaz SystemIndex Szczegóły: Nie można odnaleźć elementu. (HRESULT : 0x80070490) (0x80070490) Error: (01/28/2019 08:55:43 PM) (Source: Windows Search Service) (EventID: 3029) (User: ) Description: Nie można zainicjować dodatku typu plug-in w . Kontekst: aplikacja Windows, wykaz SystemIndex Szczegóły: Wykaz indeksów zawartości jest uszkodzony. (HRESULT : 0xc0041801) (0xc0041801) Dziennik System: ============= Error: (01/28/2019 09:06:43 PM) (Source: Schannel) (EventID: 4119) (User: ZARZĄDZANIE NT) Description: Odebrano następujący alert krytyczny: 40. Error: (01/28/2019 09:06:43 PM) (Source: Schannel) (EventID: 4119) (User: ZARZĄDZANIE NT) Description: Odebrano następujący alert krytyczny: 70. Error: (01/28/2019 09:06:42 PM) (Source: Schannel) (EventID: 4119) (User: ZARZĄDZANIE NT) Description: Odebrano następujący alert krytyczny: 40. Error: (01/28/2019 09:06:42 PM) (Source: Schannel) (EventID: 4119) (User: ZARZĄDZANIE NT) Description: Odebrano następujący alert krytyczny: 70. Error: (01/28/2019 09:06:33 PM) (Source: Schannel) (EventID: 4119) (User: ZARZĄDZANIE NT) Description: Odebrano następujący alert krytyczny: 40. Error: (01/28/2019 09:06:30 PM) (Source: Schannel) (EventID: 4119) (User: ZARZĄDZANIE NT) Description: Odebrano następujący alert krytyczny: 40. Error: (01/28/2019 09:06:30 PM) (Source: Schannel) (EventID: 4119) (User: ZARZĄDZANIE NT) Description: Odebrano następujący alert krytyczny: 70. Error: (01/28/2019 09:05:41 PM) (Source: Schannel) (EventID: 4119) (User: ZARZĄDZANIE NT) Description: Odebrano następujący alert krytyczny: 40. Windows Defender: =================================== Date: 2013-09-13 02:23:55.928 Description: Skanowanie produktu Windows Defender zostało zatrzymane przed ukończeniem. Identyfikator skanowania:{977A5806-EB2D-4164-9E4D-1363601953D6} Typ skanowania:Oprogramowanie antyszpiegowskie Parametry skanowania:Szybkie skanowanie Użytkownik:ZARZĄDZANIE NT\USŁUGA SIECIOWA Date: 2014-03-01 14:55:56.390 Description: Produkt Windows Defender napotkał błąd podczas próby załadowania podpisów i podejmie próbę powrotu do znanego zestawu dobrych podpisów. Podpisy objęte próbą:Kopia zapasowa Kod błędu:0x8050a004 Opis błędu:Ten pakiet nie zawiera aktualnych plików definicji dla tego programu. Aby uzyskać więcej informacji, zobacz Pomoc i obsługę techniczną. Wersja podpisu:1.167.317.0 Wersja aparatu:1.1.9002.0 Date: 2014-03-01 08:45:40.927 Description: Produkt Windows Defender napotkał błąd podczas próby załadowania podpisów i podejmie próbę powrotu do znanego zestawu dobrych podpisów. Podpisy objęte próbą:Kopia zapasowa Kod błędu:0x8050a004 Opis błędu:Ten pakiet nie zawiera aktualnych plików definicji dla tego programu. Aby uzyskać więcej informacji, zobacz Pomoc i obsługę techniczną. Wersja podpisu:1.167.317.0 Wersja aparatu:1.1.9002.0 Date: 2014-02-26 20:46:54.398 Description: Produkt Windows Defender napotkał błąd podczas próby załadowania podpisów i podejmie próbę powrotu do znanego zestawu dobrych podpisów. Podpisy objęte próbą:Kopia zapasowa Kod błędu:0x8050a004 Opis błędu:Ten pakiet nie zawiera aktualnych plików definicji dla tego programu. Aby uzyskać więcej informacji, zobacz Pomoc i obsługę techniczną. Wersja podpisu:1.167.317.0 Wersja aparatu:1.1.9002.0 Date: 2014-02-26 16:15:27.718 Description: Produkt Windows Defender napotkał błąd podczas próby załadowania podpisów i podejmie próbę powrotu do znanego zestawu dobrych podpisów. Podpisy objęte próbą:Kopia zapasowa Kod błędu:0x8050a004 Opis błędu:Ten pakiet nie zawiera aktualnych plików definicji dla tego programu. Aby uzyskać więcej informacji, zobacz Pomoc i obsługę techniczną. Wersja podpisu:1.167.317.0 Wersja aparatu:1.1.9002.0 Date: 2014-02-26 09:36:17.925 Description: Produkt Windows Defender napotkał błąd podczas próby załadowania podpisów i podejmie próbę powrotu do znanego zestawu dobrych podpisów. Podpisy objęte próbą:Kopia zapasowa Kod błędu:0x8050a004 Opis błędu:Ten pakiet nie zawiera aktualnych plików definicji dla tego programu. Aby uzyskać więcej informacji, zobacz Pomoc i obsługę techniczną. Wersja podpisu:1.167.317.0 Wersja aparatu:1.1.9002.0 CodeIntegrity: =================================== Date: 2014-03-08 07:15:45.474 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\igdkmd64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2014-03-08 07:15:44.928 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\igdkmd64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2014-03-08 07:13:22.427 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\igdkmd64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2014-03-08 07:13:21.897 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\igdkmd64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. ==================== Statystyki pamięci =========================== Procesor: Intel(R) Core(TM) i5-2520M CPU @ 2.50GHz Procent pamięci w użyciu: 67% Całkowita pamięć fizyczna: 3979.23 MB Dostępna pamięć fizyczna: 1299.17 MB Całkowita pamięć wirtualna: 7956.68 MB Dostępna pamięć wirtualna: 5200.64 MB ==================== Dyski ================================ Drive c: () (Fixed) (Total:104.26 GB) (Free:12.6 GB) NTFS Drive e: (Nowy) (Fixed) (Total:14.88 GB) (Free:5.41 GB) NTFS \\?\Volume{6e6dd244-356b-11e2-9e47-806e6f6e6963}\ (Zastrzeżone przez system) (Fixed) (Total:0.1 GB) (Free:0.07 GB) NTFS ==================== MBR & Tablica partycji ================== ======================================================== Disk: 0 (Size: 119.2 GB) (Disk ID: CA3CD795) Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS) Partition 2: (Not Active) - (Size=104.3 GB) - (Type=07 NTFS) Partition 3: (Not Active) - (Size=14.9 GB) - (Type=07 NTFS) ==================== Koniec Addition.txt ============================