Rezultaty skanu uzupełniającego Farbar Recovery Scan Tool (x64) Wersja: 10.02.2019 01 Uruchomiony przez ASKE VRUND (12-02-2019 11:38:37) Uruchomiony z F:\frst Windows 10 Home Wersja 1803 17134.523 (X64) (2018-05-19 10:55:23) Tryb startu: Normal ========================================================== ==================== Konta użytkowników: ============================= Administrator (S-1-5-21-2328004621-2233120447-1436725526-500 - Administrator - Disabled) ASKE VRUND (S-1-5-21-2328004621-2233120447-1436725526-1001 - Administrator - Enabled) => C:\Users\ASKE VRUND Gość (S-1-5-21-2328004621-2233120447-1436725526-501 - Limited - Disabled) Konto domyślne (S-1-5-21-2328004621-2233120447-1436725526-503 - Limited - Disabled) WDAGUtilityAccount (S-1-5-21-2328004621-2233120447-1436725526-504 - Limited - Disabled) ==================== Centrum zabezpieczeń ======================== (Załączenie wejścia w fixlist spowoduje jego usunięcie.) AV: Avast Antivirus (Enabled - Up to date) {8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF} AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: Avast Antivirus (Enabled - Up to date) {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402} ==================== Zainstalowane programy ====================== (W fixlist dozwolone tylko załączanie programów adware z flagą "Hidden" w celu ich uwidocznienia. Programy adware powinny zostać w poprawny sposób odinstalowane.) Adobe Acrobat Reader DC - Polish (HKLM-x32\...\{AC76BA86-7AD7-1045-7B44-AC0F074E4100}) (Version: 19.010.20069 - Adobe Systems Incorporated) Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 30.0.0.107 - Adobe Systems Incorporated) Adobe Flash Player 32 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 32.0.0.114 - Adobe Systems Incorporated) Adobe Illustrator CC 2015 (HKLM-x32\...\{5680D629-B263-49CC-821E-3CEBD4507B51}) (Version: 19.2.1 - Adobe Systems Incorporated) Adobe Photoshop CC 2015 (HKLM-x32\...\{793C2BF7-A4FE-4608-91C9-9282C5801C21}) (Version: 16.1.2 - Adobe Systems Incorporated) Avast Free Antivirus (HKLM-x32\...\Avast Antivirus) (Version: 19.2.2364 - AVAST Software) CyberLink Power2Go 8 (HKLM-x32\...\InstallShield_{2A87D48D-3FDF-41fd-97CD-A1E370EFFFE2}) (Version: 8.0.0.7007 - CyberLink Corp.) CyberLink PowerDVD 14 (HKLM-x32\...\{32C8E300-BDB4-4398-92C2-E9B7D8A233DB}) (Version: 14.0.1.7417 - CyberLink Corp.) Dolby Audio X2 Windows API SDK (HKLM\...\{68B3293E-612B-48B4-BC0F-4CCFBF83AB96}) (Version: 0.8.2.76 - Dolby Laboratories, Inc.) Dolby Audio X2 Windows APP (HKLM\...\{9207D68E-666A-49C7-A900-9F5B2FF289E4}) (Version: 0.8.0.71 - Dolby Laboratories, Inc.) Google Chrome (HKLM-x32\...\Google Chrome) (Version: 72.0.3626.96 - Google Inc.) Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.23 - Google Inc.) Hidden Google Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.21.123 - Google Inc.) Hidden IBM SPSS Statistics 24 (HKLM\...\{4762AE15-E5A3-43BF-8822-1CFC70FB147A}) (Version: 24.0.0.0 - IBM Corp) Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 11.7.0.1028 - Intel Corporation) Lenovo Service Bridge (HKU\S-1-5-21-2328004621-2233120447-1436725526-1001\...\{2C74547D-EF88-47F4-85F5-BE46A31E26B7}_is1) (Version: 4.0.6.6 - Lenovo) Lenovo Utility (HKLM\...\{12ABAC82-7D83-4CB8-9DD2-434DC9AF2942}_is1) (Version: 3.0.0.20 - Lenovo) Lenovo Yoga Mode Control (Inf Install) (HKLM\...\ACPIVPC) (Version: 15.11.28.173 - Lenovo) LibreOffice 5.4 Help Pack (Polish) (HKLM\...\{99D3E665-6838-4D8C-BE8B-2C5F4C0F222D}) (Version: 5.4.4.2 - The Document Foundation) LibreOffice 6.0.6.2 (HKLM\...\{982E3D14-3F50-412B-A1C2-BC9262E8810F}) (Version: 6.0.6.2 - The Document Foundation) Microsoft Office 365 - pl-pl (HKLM\...\O365HomePremRetail - pl-pl) (Version: 16.0.9330.2124 - Microsoft Corporation) Microsoft OneDrive (HKU\S-1-5-21-2328004621-2233120447-1436725526-1001\...\OneDriveSetup.exe) (Version: 19.002.0107.0008 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24215 (HKLM-x32\...\{d992c12e-cab2-426f-bde3-fb8c53950b0d}) (Version: 14.0.24215.1 - Microsoft Corporation) Mozilla Firefox 65.0 (x64 pl) (HKU\S-1-5-21-2328004621-2233120447-1436725526-1001\...\Mozilla Firefox 65.0 (x64 pl)) (Version: 65.0 - Mozilla) NVIDIA Oprogramowanie systemu PhysX 9.17.0516 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.17.0516 - NVIDIA Corporation) Office 16 Click-to-Run Extensibility Component (HKLM-x32\...\{90160000-008C-0000-0000-0000000FF1CE}) (Version: 16.0.9330.2124 - Microsoft Corporation) Hidden Office 16 Click-to-Run Extensibility Component 64-bit Registration (HKLM\...\{90160000-00DD-0000-1000-0000000FF1CE}) (Version: 16.0.9330.2124 - Microsoft Corporation) Hidden Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-008F-0000-1000-0000000FF1CE}) (Version: 16.0.9330.2124 - Microsoft Corporation) Hidden Office 16 Click-to-Run Localization Component (HKLM-x32\...\{90160000-008C-0415-0000-0000000FF1CE}) (Version: 16.0.9330.2124 - Microsoft Corporation) Hidden Oprogramowanie mikroukładu Intel® (HKLM-x32\...\{17408817-d415-4768-a160-ae6d46d6bdb0}) (Version: 10.1.1.44 - Intel(R) Corporation) Hidden Panel sterowania NVIDIA 388.75 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel) (Version: 388.75 - NVIDIA Corporation) Hidden PS Activator (HKLM\...\PSACTIVATOR) (Version: 4.0 - Predictive Solutions Sp. z o. o.) PS Desktop (HKLM\...\PSDESKTOP) (Version: 1.0.1 - Predictive Solutions Sp. z o. o.) PS IMAGO (HKLM\...\PSIMAGO) (Version: 4.0.0.1 - Predictive Solutions Sp. z o. o.) Rhinoceros 5 (64-bit) (HKLM\...\{A3E9AE83-7F6C-445C-A0FC-DF0BDD34609E}) (Version: 5.14.00522.08390 - Robert McNeel & Associates) Rhinoceros 5 (HKLM-x32\...\{76244827-3805-425F-9E42-28E18896484A}) (Version: 5.14.00522.08390 - Robert McNeel & Associates) Rhinoceros 5 Help Media (HKLM-x32\...\{552F40DE-871B-48D8-B07F-43ED512E9B7A}) (Version: 5.6.31022.16390 - Robert McNeel & Associates) Rhinoceros 5 Language Pack Installer (pl-PL) (HKLM-x32\...\{3F2095D7-4D09-4E36-BC55-504C5E166430}) (Version: 5.6.31022.16390 - Robert McNeel & Associates) SHU (HKLM-x32\...\{DF11DD92-DBB8-4F3F-9564-A8BBDBE986F5}_is1) (Version: 1.0 - ScreenShu Software) SketchUp 2017 (HKLM\...\{E59BD84C-169B-4F3F-AC5D-85127CF67051}) (Version: 17.2.2555 - Trimble, Inc.) Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{F814D094-197F-43C8-87FA-3210BB780486}) (Version: 2.53.0.0 - Microsoft Corporation) Vulkan Run Time Libraries 1.0.42.0 (HKLM\...\VulkanRT1.0.42.0) (Version: 1.0.42.0 - LunarG, Inc.) Vulkan Run Time Libraries 1.0.61.0 (HKLM\...\VulkanRT1.0.61.0) (Version: 1.0.61.0 - LunarG, Inc.) Hidden Vulkan Run Time Libraries 1.0.61.0 (HKLM\...\VulkanRT1.0.61.0-2) (Version: 1.0.61.0 - LunarG, Inc.) Hidden Vulkan Run Time Libraries 1.0.61.0 (HKLM\...\VulkanRT1.0.61.0-3) (Version: 1.0.61.0 - LunarG, Inc.) Hidden WinRAR 5.60 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.60.0 - win.rar GmbH) ==================== Niestandardowe rejestracje CLSID (filtrowane): ========================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-02-09] (AVAST Software s.r.o. -> AVAST Software) ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-02-09] (AVAST Software s.r.o. -> AVAST Software) ContextMenuHandlers1: [CLVDShellExt] -> {3E2A0A32-6E14-4BAD-AA87-BBB6A75EBFF2} => C:\Program Files (x86)\Common Files\CyberLink\ShellExtComponent\CLVDShellExt.dll [2016-10-07] (CyberLink Corp. -> Cyberlink) ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2018-06-24] (win.rar GmbH -> Alexander Roshal) ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2018-06-24] (win.rar GmbH -> Alexander Roshal) ContextMenuHandlers2: [CLVDShellExt] -> {3E2A0A32-6E14-4BAD-AA87-BBB6A75EBFF2} => C:\Program Files (x86)\Common Files\CyberLink\ShellExtComponent\CLVDShellExt.dll [2016-10-07] (CyberLink Corp. -> Cyberlink) ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-02-09] (AVAST Software s.r.o. -> AVAST Software) ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> Brak pliku ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\System32\DriverStore\FileRepository\igdlh64.inf_amd64_c552e4480cba79db\igfxDTCM.dll [2017-12-07] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation) ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\system32\nvshext.dll [2017-12-20] (NVIDIA Corporation -> NVIDIA Corporation) ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-02-09] (AVAST Software s.r.o. -> AVAST Software) ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2018-06-24] (win.rar GmbH -> Alexander Roshal) ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2018-06-24] (win.rar GmbH -> Alexander Roshal) ==================== Zaplanowane zadania (filtrowane) ============= (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) Task: {0460A70F-43BB-4865-AFBE-27E606F80905} - System32\Tasks\RtHDVBg_LENOVO_DOLBYDRAGON => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe (Realtek Semiconductor Corp. -> Realtek Semiconductor) Task: {15A6DB0E-A866-4A5E-BFE4-3A0ADC5AAC8D} - System32\Tasks\PDVDServ14 Task => C:\Program Files (x86)\CyberLink\PowerDVD14\PDVD14Serv.exe (CyberLink Corp. -> CyberLink Corp.) Task: {1CD402AD-4FBA-42C3-A970-03829C2B205B} - System32\Tasks\Lenovo\ImController\Lenovo iM Controller Scheduled Maintenance => %windir%\system32\sc.exe START ImControllerService Task: {1CE7876B-2C3A-4B16-8F07-F6708552D862} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerRegistration => C:\Program Files (x86)\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe (Microsoft Corporation -> Microsoft Corporation) Task: {29ED1A5F-FE1C-440D-BB90-3A416767B0E3} - System32\Tasks\CLVDLauncher => C:\Program Files (x86)\Lenovo\Power2Go\CLVDLauncher.exe (CyberLink Corp. -> CyberLink Corp.) Task: {2F669FBC-1E73-40A2-B6B2-4C3F6E00ECC2} - System32\Tasks\RtHDVBg_Dolby => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe (Realtek Semiconductor Corp. -> Realtek Semiconductor) Task: {3227F47D-C9B7-4156-B3DB-45349E76F7F2} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe (Microsoft Corporation -> Microsoft Corporation) Task: {32348239-921B-4268-ABE8-B68C8D4A814B} - System32\Tasks\AdobeAAMUpdater-1.0-LAPTOP-HS8SNGFL-ASKE VRUND => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe (Adobe Systems Incorporated -> Adobe Systems Incorporated) Task: {3234E949-41F2-4EC3-B2F1-90A97F1F575D} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe (Microsoft Corporation -> Microsoft Corporation) Task: {376572CF-174B-4087-838E-F9D39361E203} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerLogon => C:\Program Files (x86)\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe (Microsoft Corporation -> Microsoft Corporation) Task: {40916249-4661-47B8-ABD6-B62E44C41288} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\824e8318-ae6a-42c2-82c6-5928cb5188a5 => C:\Program Files\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe Task: {47FA2EAE-3117-4187-91AF-E1EC104CB25F} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe (AVAST Software s.r.o. -> AVAST Software) Task: {51F35EEA-8966-4A08-8BBD-3ACBBC32EFE6} - System32\Tasks\CLMLSvc_P2G8 => C:\Program Files (x86)\Lenovo\Power2Go\CLMLSvc_P2G8.exe (CyberLink Corp. -> CyberLink) Task: {924CD2B3-D008-4961-AECB-6415603C3A6A} - System32\Tasks\Lenovo\Lenovo Service Bridge\S-1-5-21-2328004621-2233120447-1436725526-1001 => C:\Users\ASKE VRUND\AppData\Local\Programs\Lenovo\Lenovo Service Bridge\LSBUpdater.exe (Lenovo (Beijing) Limited -> Lenovo Group Limited) Task: {9B3789DB-39F2-48B4-AC94-209967FBA7DF} - System32\Tasks\Lenovo\ImController\Plugins\LenovoSystemUpdatePlugin_WeeklyTask => %windir%\System32\reg.exe add hklm\SOFTWARE\Lenovo\SystemUpdatePlugin\scheduler /v start /t reg_dword /d 1 /f /reg:32 Task: {A2CEEB69-1831-44C4-8E21-C8ACFB4F9201} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\4b07c713-0911-414f-92c3-debb8d0d92a8 => C:\Program Files\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe Task: {AAFEFB27-2E1A-41AB-B33E-6DC76E81D4B6} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe (Google Inc -> Google Inc.) Task: {AEBEB6E6-90A7-4463-8379-C6CEFF943E18} - System32\Tasks\Microsoft\Office\OfficeOsfInstaller => C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesCommonX86\Microsoft Shared\Office16\osfinstaller.exe (Microsoft Corporation -> Microsoft Corporation) Task: {B5B10A47-A0FC-44CD-B53F-5B8FF888F6F7} - System32\Tasks\RtHDVBg_LENOVO_MICPKEY => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe (Realtek Semiconductor Corp. -> Realtek Semiconductor) Task: {BB0D6996-6A4C-44B7-87CC-FE51331B244A} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe (Adobe Systems, Incorporated -> Adobe Systems Incorporated) Task: {C5B28632-2926-4EB5-9312-316215E0386A} - System32\Tasks\RTKCPL => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe (Realtek Semiconductor Corp. -> Realtek Semiconductor) Task: {CED3389B-2264-4251-8531-8F56128BFC10} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated -> Adobe Systems Incorporated) Task: {D30D02DD-FA72-488F-90E9-BA488EA25489} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\Avast Software\Overseer\overseer.exe (AVAST Software s.r.o. -> AVAST Software) Task: {D635562D-DDFF-45A0-A596-BD1419BB443A} - System32\Tasks\Adobe Flash Player NPAPI Notifier => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_114_Plugin.exe (Adobe Systems Incorporated -> Adobe Systems Incorporated) Task: {D7BE4BDA-B005-4B46-83F8-E157F00D81A1} - System32\Tasks\AdobeGCInvoker-1.0-LAPTOP-HS8SNGFL-ASKE VRUND => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe (Adobe Systems Incorporated -> Adobe Systems, Incorporated) Task: {FDD4577C-C6AC-4E3B-86DC-B327179149EA} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe (Google Inc -> Google Inc.) (Załączenie wejścia w fixlist spowoduje przesunięcie pliku zadania (.job). Plik uruchamiany docelowo przez zadanie nie zostanie przeniesiony.) Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe ==================== Skróty & WMI ======================== (Wybrane wejścia mogą zostać załączone w celu ich zresetowania lub usunięcia.) ShortcutWithArgument: C:\Users\ASKE VRUND\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\69639df789022856\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory="Profile 1" ==================== Załadowane moduły (filtrowane) ============== 2018-04-04 17:03 - 2018-04-04 17:03 - 000173760 _____ () C:\WINDOWS\system32\IntelWifiIhv04.dll 2016-02-15 20:01 - 2016-02-15 20:01 - 000031256 _____ () C:\WINDOWS\System32\us008lm.dll 2018-04-12 00:34 - 2018-04-12 00:34 - 000491744 _____ () C:\WINDOWS\SYSTEM32\inputhost.dll 2018-04-12 00:34 - 2018-04-12 00:34 - 000472064 _____ () C:\Windows\ShellExperiences\TileControl.dll 2018-12-13 02:38 - 2018-11-09 03:17 - 002759680 _____ () C:\Windows\ShellComponents\TaskFlowUI.dll 2017-12-24 15:25 - 2017-12-24 15:27 - 000948736 _____ () C:\Program Files\WindowsApps\Microsoft.MicrosoftStickyNotes_3.1.46.0_x64__8wekyb3d8bbwe\e_sqlite3.dll 2018-10-05 19:06 - 2018-10-05 19:06 - 002974888 _____ () C:\Program Files\WindowsApps\Microsoft.MicrosoftStickyNotes_3.1.46.0_x64__8wekyb3d8bbwe\Microsoft.Applications.Telemetry.Windows.dll 2018-10-05 19:06 - 2018-10-05 19:06 - 000355840 _____ () C:\Program Files\WindowsApps\Microsoft.MicrosoftStickyNotes_3.1.46.0_x64__8wekyb3d8bbwe\Microsoft.Notes.Upgrade.dll 2018-03-13 00:12 - 2018-03-13 00:12 - 000631296 _____ () C:\Program Files\WindowsApps\Microsoft.MicrosoftStickyNotes_3.1.46.0_x64__8wekyb3d8bbwe\RuntimeConfiguration.dll 2019-02-03 14:43 - 2019-02-03 14:43 - 000778752 _____ () C:\Program Files\WindowsApps\Microsoft.Services.Store.Engagement_10.0.19011.0_x64__8wekyb3d8bbwe\Microsoft.Services.Store.Engagement.dll 2019-01-08 22:27 - 2019-01-01 07:42 - 002185728 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll 2018-10-09 20:15 - 2018-10-09 20:15 - 004389888 _____ () C:\Program Files\WindowsApps\Microsoft.OneConnect_5.1809.2571.0_x64__8wekyb3d8bbwe\OneConnect.dll 2019-01-30 08:19 - 2019-01-30 08:19 - 000070144 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsStore_11811.1001.18.0_x64__8wekyb3d8bbwe\WinStoreTasksWrapper.dll 2019-01-30 08:19 - 2019-01-30 08:19 - 000282624 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsStore_11811.1001.18.0_x64__8wekyb3d8bbwe\WinStore.Preview.dll 2018-10-23 20:33 - 2018-10-23 20:33 - 000009216 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.38.138.0_x64__kzf8qxf38zg5c\ImagePipelineNative.dll 2019-01-30 08:18 - 2019-01-30 08:19 - 000060416 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.38.138.0_x64__kzf8qxf38zg5c\ChakraBridge.dll 2019-01-30 08:19 - 2019-01-30 08:19 - 000182272 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.38.138.0_x64__kzf8qxf38zg5c\SkypeBackgroundHost.exe 2018-10-05 19:06 - 2018-10-05 19:06 - 000165888 _____ () C:\Program Files\WindowsApps\Microsoft.MicrosoftStickyNotes_3.1.46.0_x64__8wekyb3d8bbwe\Microsoft.Notes.DesktopBridge.exe 2019-01-07 09:16 - 2019-01-07 09:16 - 093695912 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll 2019-02-09 11:59 - 2019-02-09 11:59 - 000321928 _____ () C:\Program Files\AVAST Software\Avast\serialization.dll 2019-02-09 11:59 - 2019-02-09 11:59 - 000654216 _____ () C:\Program Files\AVAST Software\Avast\streamback.dll 2017-09-08 20:53 - 2016-09-21 02:18 - 000763160 _____ () C:\Program Files (x86)\Lenovo\Power2Go\CLMediaLibrary.dll 2016-09-21 08:18 - 2016-09-21 08:18 - 000027416 _____ () C:\Program Files (x86)\Lenovo\Power2Go\CLMLSvcPS.dll ==================== Alternate Data Streams (filtrowane) ========= (Załączenie wejścia w fixlist spowoduje usunięcie strumienia ADS.) AlternateDataStreams: C:\ProgramData\Reprise:wupeogjxlctlfudivq`qsp`28hfm [0] ==================== Tryb awaryjny (filtrowane) =================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Wartość "AlternateShell" zostanie przywrócona.) ==================== Powiązania plików (filtrowane) =============== (Załączenie wejścia w fixlist spowoduje usunięcie obiektu z rejestru lub przywrócenie jego domyślnej postaci.) ==================== Internet Explorer - Witryny zaufane i z ograniczeniami =============== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru.) IE trusted site: HKU\S-1-5-21-2328004621-2233120447-1436725526-1001\...\localhost -> localhost IE trusted site: HKU\S-1-5-21-2328004621-2233120447-1436725526-1001\...\webcompanion.com -> hxxp://webcompanion.com ==================== Hosts - zawartość: ========================== (Użycie dyrektywy Hosts: w fixlist spowoduje reset pliku Hosts.) 2017-03-18 22:03 - 2019-01-04 10:21 - 000001067 _____ C:\WINDOWS\system32\drivers\etc\hosts 127.0.0.1 lmlicenses.wip4.adobe.com 127.0.0.1 lm.licenses.adobe.com 127.0.0.1 na1r.services.adobe.com 127.0.0.1 hlrcv.stage.adobe.com 127.0.0.1 practivate.adobe.com 127.0.0.1 activate.adobe.com ==================== Inne obszary ============================ (Obecnie brak automatycznej naprawy dla tej sekcji.) HKU\S-1-5-21-2328004621-2233120447-1436725526-1001\Control Panel\Desktop\\Wallpaper -> c:\windows\web\wallpaper\theme1\img3.jpg DNS Servers: 192.168.0.1 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1) HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: ) Zapora systemu Windows [funkcja włączona] ==================== MSCONFIG/TASK MANAGER - Wyłączone elementy == Załączenie wejścia w fixlist spowoduje jego usunięcie. ==================== Reguły Zapory systemu Windows (filtrowane) =============== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) FirewallRules: [UDP Query User{4653E1A0-2188-4213-8EC0-1E3B9280AF5E}C:\users\aske vrund\appdata\local\mozilla firefox\firefox.exe] => (Block) C:\users\aske vrund\appdata\local\mozilla firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation) FirewallRules: [TCP Query User{718B1136-3A67-480D-8831-47AE1E1139F0}C:\users\aske vrund\appdata\local\mozilla firefox\firefox.exe] => (Block) C:\users\aske vrund\appdata\local\mozilla firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation) FirewallRules: [{6255814A-5BC2-4243-9A52-C543888D6906}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [{83539DBE-24D8-4494-AB1C-55B08FEBF3E8}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD14\PowerDVD.exe (CyberLink Corp. -> CyberLink Corp.) FirewallRules: [{250A1F5A-D6CB-4263-8E98-07AD3EEA797D}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD14\Kernel\DMS\CLMSServerPDVD14.exe Brak pliku FirewallRules: [{09FA0218-E66F-4A19-B688-462D574E99E1}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD14\PowerDVD14Agent.exe Brak pliku FirewallRules: [{EC1866DC-8455-47A8-B134-62793514FA78}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD14\Movie\PowerDVDMovie.exe (CyberLink Corp. -> CyberLink Corp.) FirewallRules: [{57A240E7-5C3B-4DDC-94E5-20AE703C05F7}] => (Allow) D:\PROGRAM FILES\Predictive Solutions\PS IMAGO\4\IBM\SPSS\Statistics\24\WinWrapIDE.exe (IBM -> IBM Corp.) FirewallRules: [{6337E6BD-7C57-45E1-A4D6-B32738A4FB28}] => (Allow) D:\PROGRAM FILES\Predictive Solutions\PS IMAGO\4\IBM\SPSS\Statistics\24\stats.com (IBM -> IBM Corp.) FirewallRules: [{E0FD95FE-B3C2-4F70-89F9-4B7694925111}] => (Allow) D:\PROGRAM FILES\Predictive Solutions\PS IMAGO\4\IBM\SPSS\Statistics\24\stats.exe (IBM -> IBM Corp.) FirewallRules: [{EA091599-A31C-4C04-868F-A8818242AF23}] => (Allow) D:\PROGRAM FILES\Predictive Solutions\PS IMAGO\4\IBM\SPSS\Statistics\24\WinWrapIDE.exe (IBM -> IBM Corp.) FirewallRules: [{FFE7A1DC-F064-4D07-B62A-C77563170C50}] => (Allow) D:\PROGRAM FILES\Predictive Solutions\PS IMAGO\4\IBM\SPSS\Statistics\24\stats.com (IBM -> IBM Corp.) FirewallRules: [{DC302856-8B60-4869-AE19-C0826B21C5D1}] => (Allow) D:\PROGRAM FILES\Predictive Solutions\PS IMAGO\4\IBM\SPSS\Statistics\24\stats.exe (IBM -> IBM Corp.) FirewallRules: [{BFFF638A-4E9C-459E-BA80-C8ED070CC0E7}] => (Allow) C:\WINDOWS\SysWOW64\svchost.exe (Microsoft Windows Publisher -> Microsoft Corporation) FirewallRules: [{3C235769-86A8-4E6E-8556-EA6BB589C99C}] => (Allow) C:\WINDOWS\SysWOW64\svchost.exe (Microsoft Windows Publisher -> Microsoft Corporation) FirewallRules: [{5B908732-1A97-4B34-9122-0610EA293A1F}] => (Allow) C:\WINDOWS\SysWOW64\svchost.exe (Microsoft Windows Publisher -> Microsoft Corporation) FirewallRules: [{2E615CA8-E54C-48AC-8037-85B1B06956FD}] => (Allow) C:\WINDOWS\SysWOW64\svchost.exe (Microsoft Windows Publisher -> Microsoft Corporation) FirewallRules: [{A7850ADD-D619-433F-8C2D-DDD4F29BF7C0}] => (Allow) C:\WINDOWS\SysWOW64\svchost.exe (Microsoft Windows Publisher -> Microsoft Corporation) FirewallRules: [{BB826597-D354-48C6-8352-5151311023DD}] => (Allow) C:\WINDOWS\SysWOW64\svchost.exe (Microsoft Windows Publisher -> Microsoft Corporation) FirewallRules: [{32063BED-0C3F-4EFF-8578-83A1857E74C1}] => (Allow) C:\WINDOWS\SysWOW64\svchost.exe (Microsoft Windows Publisher -> Microsoft Corporation) FirewallRules: [{5F742B16-3CA2-469C-B6B3-E91A5B436065}] => (Allow) C:\WINDOWS\SysWOW64\svchost.exe (Microsoft Windows Publisher -> Microsoft Corporation) FirewallRules: [{1D571542-2841-4678-9C0C-DF040F972A73}] => (Allow) C:\WINDOWS\SysWOW64\svchost.exe (Microsoft Windows Publisher -> Microsoft Corporation) FirewallRules: [{E2AE92AF-9F09-418C-8E88-FED2935EE202}] => (Allow) C:\WINDOWS\SysWOW64\svchost.exe (Microsoft Windows Publisher -> Microsoft Corporation) FirewallRules: [{66D9335F-A4B8-4869-9F1D-7A14EA69826A}] => (Allow) C:\WINDOWS\SysWOW64\svchost.exe (Microsoft Windows Publisher -> Microsoft Corporation) FirewallRules: [{1652E067-BD79-4549-A77A-AFA4FEB34D80}] => (Allow) C:\WINDOWS\SysWOW64\svchost.exe (Microsoft Windows Publisher -> Microsoft Corporation) FirewallRules: [{2B30661E-8D93-4FE1-AE10-D000759C7CF4}] => (Allow) C:\WINDOWS\SysWOW64\svchost.exe (Microsoft Windows Publisher -> Microsoft Corporation) FirewallRules: [{8A55C9E0-29E2-487B-9317-A169016FF48C}] => (Allow) C:\WINDOWS\SysWOW64\svchost.exe (Microsoft Windows Publisher -> Microsoft Corporation) FirewallRules: [{410C53CA-A068-49E4-87DD-45D65FD4CC1B}] => (Allow) C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe (AVAST Software s.r.o. -> AVAST Software) FirewallRules: [{B4F5175E-D98D-497F-8390-1BB101DCEFB7}] => (Allow) C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe (AVAST Software s.r.o. -> AVAST Software) FirewallRules: [{E48011A4-9BD0-4DB7-9753-78BC8D374036}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google Inc.) FirewallRules: [{F94E26FA-27B8-4D21-9AEA-92F5CA2FAE5C}] => (Allow) C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe (AVAST Software s.r.o. -> AVAST Software) FirewallRules: [{B9CCDE33-BF46-4C92-BD4C-E4FBCBEB6C8D}] => (Allow) C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe (AVAST Software s.r.o. -> AVAST Software) ==================== Punkty Przywracania systemu ========================= 26-01-2019 13:32:27 Zaplanowany punkt kontrolny 03-02-2019 11:55:59 Zaplanowany punkt kontrolny ==================== Wadliwe urządzenia w Menedżerze urządzeń ============= ==================== Błędy w Dzienniku zdarzeń: ========================= Dziennik Aplikacja: ================== Error: (02/12/2019 08:47:42 AM) (Source: Application Error) (EventID: 1000) (User: ) Description: Nazwa aplikacji powodującej błąd: svchost.exe_WpnUserService, wersja: 10.0.17134.1, sygnatura czasowa: 0xa38b9ab2 Nazwa modułu powodującego błąd: NotificationController.dll, wersja: 10.0.17134.165, sygnatura czasowa: 0xe0385185 Kod wyjątku: 0xc0000005 Przesunięcie błędu: 0x000000000007c686 Identyfikator procesu powodującego błąd: 0x34c8 Godzina uruchomienia aplikacji powodującej błąd: 0x01d4c2a009ea8099 Ścieżka aplikacji powodującej błąd: C:\WINDOWS\system32\svchost.exe Ścieżka modułu powodującego błąd: C:\Windows\System32\NotificationController.dll Identyfikator raportu: 8b95cca9-1690-43aa-bb5f-b8340c443a64 Pełna nazwa pakietu powodującego błąd: Identyfikator aplikacji względem pakietu powodującego błąd: Error: (02/11/2019 10:36:07 PM) (Source: EventSvc) (EventID: 0) (User: ) Description: Nie można uruchomić usługi. System.ComponentModel.Win32Exception: Nie można odnaleźć określonego pliku w System.Diagnostics.Process.StartWithCreateProcess(ProcessStartInfo startInfo) w winsw.Util.ProcessHelper.StartProcessAndCallbackForExit(Process processToStart, String executable, String arguments, Dictionary`2 envVars, String workingDirectory, Nullable`1 priority, ProcessCompletionCallback callback, Boolean redirectStdin, LogHandler logHandler) w winsw.WrapperService.StartProcess(Process processToStart, String arguments, String executable, LogHandler logHandler, Boolean redirectStdin) w winsw.WrapperService.OnStart(String[] _) w System.ServiceProcess.ServiceBase.ServiceQueuedMainCallback(Object state) Error: (02/11/2019 10:36:00 PM) (Source: EventSvc) (EventID: 0) (User: ) Description: Failed to download https://service.vlc-mediaplayer.com/files/ntv1_1008.docx to C:/Users/ASKE VRUND/AppData/Local/NtvHost/n/nup.zip Dziennik System: ============= Error: (02/12/2019 11:35:42 AM) (Source: Service Control Manager) (EventID: 7022) (User: ) Description: Usługa Menedżer pobranych map zawiesiła się podczas uruchamiania. Error: (02/12/2019 11:31:40 AM) (Source: DCOM) (EventID: 10016) (User: ZARZĄDZANIE NT) Description: Zgodnie z ustawieniami uprawnienia właściwe dla aplikacji nie jest udzielane uprawnienie Lokalny Aktywacja do aplikacji serwera COM z identyfikatorem klasy CLSID {D63B10C5-BB46-4990-A94F-E40B9D520160} i identyfikatorem aplikacji APPID {9CA88EE3-ACB7-47C8-AFC4-AB702511C276} użytkownikowi ZARZĄDZANIE NT\USŁUGA LOKALNA o identyfikatorze zabezpieczeń SID (S-1-5-19) z adresu LocalHost (użycie LRPC) działającemu w kontenerze aplikacji o identyfikatorze SID Niedostępny (Niedostępny). To uprawnienie zabezpieczeń można modyfikować przy użyciu narzędzia administracyjnego Usługi składowe. Error: (02/12/2019 11:27:59 AM) (Source: DCOM) (EventID: 10010) (User: LAPTOP-HS8SNGFL) Description: Serwer {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5} nie zarejestrował się w modelu DCOM w wymaganym czasie. Error: (02/12/2019 11:27:59 AM) (Source: DCOM) (EventID: 10010) (User: LAPTOP-HS8SNGFL) Description: Serwer {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5} nie zarejestrował się w modelu DCOM w wymaganym czasie. Error: (02/12/2019 11:27:59 AM) (Source: DCOM) (EventID: 10010) (User: LAPTOP-HS8SNGFL) Description: Serwer {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5} nie zarejestrował się w modelu DCOM w wymaganym czasie. Error: (02/12/2019 11:27:59 AM) (Source: DCOM) (EventID: 10010) (User: LAPTOP-HS8SNGFL) Description: Serwer {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5} nie zarejestrował się w modelu DCOM w wymaganym czasie. Error: (02/12/2019 11:27:59 AM) (Source: DCOM) (EventID: 10010) (User: LAPTOP-HS8SNGFL) Description: Serwer {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5} nie zarejestrował się w modelu DCOM w wymaganym czasie. Error: (02/12/2019 11:27:59 AM) (Source: DCOM) (EventID: 10010) (User: LAPTOP-HS8SNGFL) Description: Serwer {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5} nie zarejestrował się w modelu DCOM w wymaganym czasie. ==================== Statystyki pamięci =========================== Procesor: Intel(R) Core(TM) i5-8250U CPU @ 1.60GHz Procent pamięci w użyciu: 50% Całkowita pamięć fizyczna: 8066.72 MB Dostępna pamięć fizyczna: 3987.85 MB Całkowita pamięć wirtualna: 16770.72 MB Dostępna pamięć wirtualna: 11640.83 MB ==================== Dyski ================================ Drive c: (Windows) (Fixed) (Total:200 GB) (Free:137.98 GB) NTFS Drive d: (LENOVO) (Fixed) (Total:25 GB) (Free:17.26 GB) NTFS Drive f: (DATA) (Fixed) (Total:705.26 GB) (Free:544.74 GB) NTFS \\?\Volume{9e76fbaa-f941-43fc-b1a0-a277f3443fbb}\ (WINRE_DRV) (Fixed) (Total:0.98 GB) (Free:0.54 GB) NTFS \\?\Volume{d8db6a70-9c43-4bc8-be3b-ff0271d5aa7d}\ (SYSTEM_DRV) (Fixed) (Total:0.25 GB) (Free:0.21 GB) FAT32 ==================== MBR & Tablica partycji ================== ======================================================== Disk: 0 (Size: 931.5 GB) (Disk ID: 2909E68C) Partition: GPT. ==================== Koniec Addition.txt ============================