Rezultaty skanu uzupełniającego Farbar Recovery Scan Tool (x64) Wersja: 08-03-2020 Uruchomiony przez krzysztof (12-03-2020 20:24:39) Uruchomiony z C:\FRST64 Windows 7 Professional Service Pack 1 (X64) (2015-04-23 10:58:00) Tryb startu: Normal ========================================================== ==================== Konta użytkowników: ============================= Administrator (S-1-5-21-3927854613-2608156586-4117075644-500 - Administrator - Disabled) Gość (S-1-5-21-3927854613-2608156586-4117075644-501 - Limited - Disabled) HomeGroupUser$ (S-1-5-21-3927854613-2608156586-4117075644-1004 - Limited - Enabled) krzysztof (S-1-5-21-3927854613-2608156586-4117075644-1002 - Administrator - Enabled) => C:\Users\krzysztof Laptop (S-1-5-21-3927854613-2608156586-4117075644-1000 - Administrator - Enabled) => C:\Users\Laptop UpdatusUser (S-1-5-21-3927854613-2608156586-4117075644-1001 - Limited - Enabled) => C:\Users\UpdatusUser ==================== Centrum zabezpieczeń ======================== (Załączenie wejścia w fixlist spowoduje jego usunięcie.) AS: Windows Defender (Enabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} ==================== Zainstalowane programy ====================== (W fixlist dozwolone tylko załączanie programów adware z flagą "Hidden" w celu ich uwidocznienia. Programy adware powinny zostać w poprawny sposób odinstalowane.) 4K Stogram 2.7 (HKLM\...\{C6EEB66A-8573-4C0D-ACE8-3C936654A674}) (Version: 2.7.3.1805 - Open Media LLC) 7-Zip 9.20 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov) ACDSee (HKLM-x32\...\ACDSee) (Version: - ) Adobe Acrobat Reader DC - Polish (HKLM-x32\...\{AC76BA86-7AD7-1045-7B44-AC0F074E4100}) (Version: 20.006.20034 - Adobe Systems Incorporated) AsfTools 3.1 (remove only) (HKLM-x32\...\AsfTools 3.1) (Version: - ) Combined Community Codec Pack 2014-07-13 (HKLM-x32\...\Combined Community Codec Pack_is1) (Version: 2014.07.13.0 - CCCP Project) Conexant 20672 SmartAudio HD (HKLM\...\CNXT_AUDIO_HDA) (Version: 8.32.23.5 - Conexant) Foxit Cloud (HKLM-x32\...\{41914D8B-9D6E-4764-A1F9-BC43FB6782C1}_is1) (Version: 3.7.143.923 - Foxit Software Inc.) Foxit Reader (HKLM-x32\...\Foxit Reader_is1) (Version: 7.1.5.425 - Foxit Software Inc.) Google Chrome (HKLM-x32\...\Google Chrome) (Version: 80.0.3987.132 - Google LLC) Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.35.441 - Google LLC) Hidden HandBrake 0.10.5 (HKLM-x32\...\HandBrake) (Version: 0.10.5 - ) Integrated Camera Driver Installer Package Ver.1.1.0.1147 (HKLM-x32\...\{B2CA6F37-1602-4823-81B5-0384B6888AA6}) (Version: 1.1.0.1147 - RICOH) Integrated Camera TWAIN (HKLM-x32\...\{9CA0DEE4-E84B-466F-9B96-FC255F3A929F}) (Version: 1.0.11.1223 - Chicony Electronics Co.,Ltd.) Intel PROSet Wireless (HKLM-x32\...\ProInst) (Version: - ) Hidden Intel(R) Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1011 - Intel Corporation) Intel(R) Identity Protection Technology 1.2.32.0 (HKLM-x32\...\{2D793E41-F598-1014-9984-F3B169A93F79}) (Version: 1.2.32.0 - Intel Corporation) Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 7.1.80.1211 - Intel Corporation) Intel(R) Network Connections Drivers (HKLM\...\PROSet) (Version: 18.7 - Intel) Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 9.17.10.3347 - Intel Corporation) Intel(R) SDK for OpenCL - CPU Only Runtime Package (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 2.0.0.37149 - Intel Corporation) KMSpico (HKLM\...\{8B29D47F-92E2-4C20-9EE0-F710991F5D7C}_is1) (Version: - ) Lenovo Power Management Driver (HKLM\...\Power Management Driver) (Version: 1.67.12.16 - Lenovo) Hidden Lenovo System Interface Driver (HKLM\...\LENOVO.SMIIF) (Version: 1.05 - ) Lenovo System Update (HKLM-x32\...\TVSU_is1) (Version: 5.07.0092 - Lenovo) Metric Collection SDK (HKLM-x32\...\{DDAA788F-52E6-44EA-ADB8-92837B11BF26}) (Version: 1.1.0005.00 - Lenovo Group Limited) Hidden Microsoft .NET Framework 4.7 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.7.02053 - Microsoft Corporation) Microsoft .NET Framework 4.7 (Polski) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1045) (Version: 4.7.02053 - Microsoft Corporation) Microsoft Office 365 Small Business Premium - pl-pl (HKLM\...\O365SmallBusPremRetail - pl-pl) (Version: 15.0.4893.1002 - Microsoft Corporation) Microsoft Power Query dla programu Excel (HKLM-x32\...\{17784085-5ADB-464A-AFFE-C43356D3066F}) (Version: 2.54.4970.321 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319 (HKLM-x32\...\{196BB40D-1578-3D01-B289-BEFC77A11A1E}) (Version: 10.0.30319 - Microsoft Corporation) Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24212 (HKLM-x32\...\{323dad84-0974-4d90-a1c1-e006c7fdbb7d}) (Version: 14.0.24212.0 - Microsoft Corporation) Mobile Broadband Drivers (HKLM-x32\...\{EA9640BE-414E-4195-B53B-7905BF1A5A09}) (Version: 6.5.1.5 - Ericsson AB) Mozilla Firefox 56.0 (x86 pl) (HKLM-x32\...\Mozilla Firefox 56.0 (x86 pl)) (Version: 56.0 - Mozilla) Mozilla Firefox 62.0 (x64 pl) (HKLM\...\Mozilla Firefox 62.0 (x64 pl)) (Version: 62.0 - Mozilla) Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 62.0 - Mozilla) Mp3tagApp2 (HKU\S-1-5-21-3927854613-2608156586-4117075644-1002\...\Mp3tagApp2) (Version: - ) NVIDIA Sterownik 3D Vision 312.69 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 312.69 - NVIDIA Corporation) NVIDIA Sterownik dźwięku HD 1.3.24.2 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.24.2 - NVIDIA Corporation) NVIDIA Sterownik graficzny 312.69 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 312.69 - NVIDIA Corporation) Office 15 Click-to-Run Extensibility Component (HKLM-x32\...\{90150000-008C-0000-0000-0000000FF1CE}) (Version: 15.0.4893.1002 - Microsoft Corporation) Hidden Office 15 Click-to-Run Licensing Component (HKLM\...\{90150000-008F-0000-1000-0000000FF1CE}) (Version: 15.0.4893.1002 - Microsoft Corporation) Hidden Office 15 Click-to-Run Localization Component (HKLM-x32\...\{90150000-008C-0415-0000-0000000FF1CE}) (Version: 15.0.4893.1002 - Microsoft Corporation) Hidden Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-008F-0000-1000-0000000FF1CE}) (Version: 16.0.7030.1021 - Microsoft Corporation) Hidden On Screen Display (HKLM\...\OnScreenDisplay) (Version: 6.73.01 - ) Opera Stable 66.0.3515.115 (HKLM-x32\...\Opera 66.0.3515.115) (Version: 66.0.3515.115 - Opera Software) Oprogramowanie Intel(R) PROSet/Wireless WiFi (HKLM\...\{D61E4101-9E15-4D0E-ABD1-1ABD36B43330}) (Version: 14.03.0000 - Intel Corporation) Panel sterowania NVIDIA 312.69 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel) (Version: 312.69 - NVIDIA Corporation) Hidden Power Manager (HKLM-x32\...\{DAC01CEE-5BAE-42D5-81FC-B687E84E8405}) (Version: 6.68.10 - Lenovo Group Limited) Renesas Electronics USB 3.0 Host Controller Driver (HKLM-x32\...\{5442DAB8-7177-49E1-8B22-09A049EA5996}) (Version: 2.1.36.0 - Renesas Electronics Corporation) Hidden Renesas Electronics USB 3.0 Host Controller Driver (HKLM-x32\...\InstallShield_{5442DAB8-7177-49E1-8B22-09A049EA5996}) (Version: 2.1.36.0 - Renesas Electronics Corporation) RICOH_Media_Driver_v2.14.18.01 (HKLM-x32\...\{FE041B02-234C-4AAA-9511-80DF6482A458}) (Version: 2.14.18.01 - RICOH) Skype Meetings App (HKLM-x32\...\{893CD2E6-9458-4415-8934-A89C7E3AEA92}) (Version: 16.2.0.498 - Microsoft Corporation) SysTools Outlook PST Viewer v4.0 version SysTools Outlook PST Viewer v4.0 (HKLM-x32\...\{6D4F8DDE-707B-468F-A4FA-502A2A5FC3CE}_is1) (Version: SysTools Outlook PST Viewer v4.0 - SysTools Software) ThinkPad Bluetooth with Enhanced Data Rate Software (HKLM\...\{A1439D4F-FD46-47F2-A1D3-FEE097C29A09}) (Version: 6.5.1.4500 - Broadcom Corporation) ThinkPad FullScreen Magnifier (HKLM\...\ThinkPad FullScreen Magnifier) (Version: 2.42 - ) ThinkPad UltraNav Driver (HKLM\...\SynTPDeinstKey) (Version: 16.2.19.14 - ) ThinkVantage Access Connections (HKLM-x32\...\{8E537894-A559-4D60-B3CB-F4485E3D24E3}) (Version: 6.25.65 - Lenovo) ThinkVantage Fingerprint Software (HKLM\...\{F58DA859-016E-492D-A588-317D9BB28002}) (Version: 5.9.9.7282 - Authentec Inc.) Time Adjuster STANDARD 3.1 (HKU\S-1-5-21-3927854613-2608156586-4117075644-1002\...\TimeAdjuster) (Version: - IrekSoftware.com) Total Commander 64-bit (Remove or Repair) (HKLM\...\Totalcmd64) (Version: 8.51a - Ghisler Software GmbH) ==================== Niestandardowe rejestracje CLSID (filtrowane): ============== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) CustomCLSID: HKU\S-1-5-21-3927854613-2608156586-4117075644-1002_Classes\CLSID\{3E3AD4BD-346A-460A-80E8-90699B75C00B}\InprocServer32 -> C:\Users\krzysztof\AppData\Local\Microsoft\SkypeForBusinessPlugin\16.2.0.498\GatewayActiveX-x64.dll (Microsoft Corporation -> Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-3927854613-2608156586-4117075644-1002_Classes\CLSID\{869C14C8-1830-491F-B575-5F9AB40D2B42}\InprocServer32 -> C:\kRS\soft\MediaInfo_GUI_0.7.70_Windows_i386_WithoutInstaller\MediaInfo_InfoTip.dll (MediaArea.net -> hxxp://MediaArea.net/MediaInfo) ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2010-11-18] (Igor Pavlov) [Brak podpisu cyfrowego] ContextMenuHandlers1: [Foxit_ConvertToPDF_Reader] -> {A94757A0-0226-426F-B4F1-4DF381C630D3} => C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\ConvertToPDFShellExtension_x64.dll [2015-04-24] (Foxit Software Incorporated -> Foxit Software Inc.) ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2010-11-18] (Igor Pavlov) [Brak podpisu cyfrowego] ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => C:\Windows\system32\igfxpph.dll [2013-11-01] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation) ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\Windows\system32\nvshext.dll [2013-10-29] (NVIDIA Corporation -> NVIDIA Corporation) ==================== Codecs (filtrowane) ==================== ==================== Skróty & WMI ======================== (Wybrane wejścia mogą zostać załączone w celu ich zresetowania lub usunięcia.) WMI:subscription\__FilterToConsumerBinding->CommandLineEventConsumer.Name=\"BVTConsumer\"",Filter="__EventFilter.Name=\"BVTFilter\":: WMI:subscription\__EventFilter->BVTFilter::[Query => SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99] WMI:subscription\CommandLineEventConsumer->BVTConsumer::[CommandLineTemplate => cscript KernCap.vbs][WorkingDirectory => C:\\tools\\kernrate] Shortcut: C:\Users\krzysztof\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Intеrnеt Ехрlоrеr.lnk -> C:\Program Files (x86)\Internet Explorer\iexplore.exe (Microsoft Corporation) <==== Cyrillic Shortcut: C:\Users\krzysztof\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Intеrnеt Ехрlоrеr (Nо Аdd-оns).lnk -> C:\Program Files (x86)\Internet Explorer\iexplore.exe (Microsoft Corporation) <==== Cyrillic Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Gооglе Сhrоmе.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) <==== Cyrillic Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Моzillа Firеfох.lnk -> C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation) <==== Cyrillic Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Рrzеglądаrkа Ореrа.lnk -> C:\Program Files (x86)\Opera\launcher.exe (Opera Software) <==== Cyrillic Shortcut: C:\Users\Public\Desktop\Gооglе Сhrоmе.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) <==== Cyrillic ==================== Załadowane moduły (filtrowane) ============= 2011-11-01 12:58 - 2011-11-01 12:58 - 001501696 _____ () [Brak podpisu cyfrowego] C:\Program Files\Common Files\Intel\WirelessCommon\Libeay32.dll 2007-04-27 15:18 - 2015-05-06 17:08 - 000015360 _____ () [Brak podpisu cyfrowego] C:\Windows\System32\KOBJCJ_L.dll 2010-01-27 13:59 - 2015-05-06 16:59 - 000015360 _____ () [Brak podpisu cyfrowego] C:\Windows\System32\KOBJUJ_L.dll 2015-04-23 14:44 - 2013-07-02 13:10 - 001892352 _____ (Apache Software Foundation) [Brak podpisu cyfrowego] C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\xerces-c_2_7.dll 2010-11-18 21:08 - 2010-11-18 21:08 - 000086016 _____ (Igor Pavlov) [Brak podpisu cyfrowego] C:\Program Files\7-Zip\7-zip.dll 2015-04-23 14:44 - 2013-07-02 13:10 - 000069632 _____ (Intel Corporation) [Brak podpisu cyfrowego] C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\StatusStrings.dll 2011-11-01 13:22 - 2011-11-01 13:22 - 001077248 _____ (Intel(R) Corporation) [Brak podpisu cyfrowego] C:\Program Files\Common Files\Intel\WirelessCommon\PsRegApi.dll 2011-11-01 13:23 - 2011-11-01 13:23 - 001047552 _____ (Intel(R) Corporation) [Brak podpisu cyfrowego] C:\Program Files\Common Files\Intel\WirelessCommon\TraceApi.dll 2011-11-01 13:24 - 2011-11-01 13:24 - 003719168 _____ (Intel(R) Corporation) [Brak podpisu cyfrowego] C:\Program Files\Intel\WiFi\bin\AmtWsMan.dll 2011-11-01 13:22 - 2011-11-01 13:22 - 000846336 _____ (Intel(R) Corporation) [Brak podpisu cyfrowego] C:\Program Files\Intel\WiFi\bin\DbEngine.dll 2011-11-01 13:24 - 2011-11-01 13:24 - 000841728 _____ (Intel(R) Corporation) [Brak podpisu cyfrowego] C:\Program Files\Intel\WiFi\bin\IntStngs.dll 2011-11-01 13:24 - 2011-11-01 13:24 - 000336896 _____ (Intel(R) Corporation) [Brak podpisu cyfrowego] C:\Program Files\Intel\WiFi\bin\IWMSPROV.DLL 2011-11-01 13:28 - 2011-11-01 13:28 - 001278976 _____ (Intel(R) Corporation) [Brak podpisu cyfrowego] C:\Program Files\Intel\WiFi\bin\MurocApi.dll 2011-11-01 13:27 - 2011-11-01 13:27 - 002072576 _____ (Intel(R) Corporation) [Brak podpisu cyfrowego] C:\Program Files\Intel\WiFi\bin\PfMgrApi.dll 2011-11-01 13:22 - 2011-11-01 13:22 - 000177664 _____ (Intel(R) Corporation) [Brak podpisu cyfrowego] C:\Program Files\Intel\WiFi\bin\S24MUDLL.dll 2011-11-01 13:34 - 2011-11-01 13:34 - 002356224 _____ (Intel(R) Corporation) [Brak podpisu cyfrowego] C:\Windows\System32\IWMSSvc.dll 2015-09-01 09:30 - 2013-04-22 10:27 - 000016896 _____ (KONICA MINOLTA, INC.) [Brak podpisu cyfrowego] C:\Windows\System32\KOAYTA_L.DLL 2015-08-21 11:26 - 2013-04-22 10:27 - 000016896 _____ (KONICA MINOLTA, INC.) [Brak podpisu cyfrowego] C:\Windows\System32\KOAYTJ_L.DLL 2015-09-08 13:25 - 2014-04-09 04:01 - 000041472 _____ (KONICA MINOLTA, INC.) [Brak podpisu cyfrowego] C:\Windows\system32\spool\PRTPROCS\x64\KOAYTA_P.DLL 2003-03-18 21:12 - 2003-03-18 21:12 - 001047552 _____ (Microsoft Corporation) [Brak podpisu cyfrowego] C:\Program Files (x86)\Lenovo\Access Connections\MFC71U.DLL 2003-03-18 20:14 - 2003-03-18 20:14 - 000499712 _____ (Microsoft Corporation) [Brak podpisu cyfrowego] C:\Program Files (x86)\Lenovo\Access Connections\MSVCP71.dll 2003-02-21 04:42 - 2003-02-21 04:42 - 000348160 _____ (Microsoft Corporation) [Brak podpisu cyfrowego] C:\Program Files (x86)\Lenovo\Access Connections\MSVCR71.dll 2015-08-21 11:26 - 2013-05-21 08:21 - 000083968 _____ (Monotype Imaging Inc.) [Brak podpisu cyfrowego] C:\Windows\system32\spool\PRTPROCS\x64\KOAYTJ_P.DLL 2015-05-07 09:36 - 2015-02-11 20:12 - 000877104 _____ (捷而思股份有限公司 -> jrsys Inc. hxxp://www.jrsys.com.tw/) [Brak podpisu cyfrowego] C:\PROGRAM FILES (X86)\FOXIT SOFTWARE\FOXIT READER\plugins\jrsys\x86\jrsysCryptoDll.dll 2015-05-07 09:36 - 2015-02-11 20:12 - 000053808 _____ (捷而思股份有限公司 -> jrsys Inc. hxxp://www.jrsys.com.tw/) [Brak podpisu cyfrowego] C:\PROGRAM FILES (X86)\FOXIT SOFTWARE\FOXIT READER\plugins\jrsys\x86\jrsysMSCryptoDll.dll ==================== Alternate Data Streams (filtrowane) ======== ==================== Tryb awaryjny (filtrowane) ================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Wartość "AlternateShell" zostanie przywrócona.) HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service" ==================== Powiązania plików (filtrowane) ================= ==================== Internet Explorer - Witryny zaufane i z ograniczeniami ========== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru.) IE trusted site: HKU\S-1-5-21-3927854613-2608156586-4117075644-1002\...\sharepoint.com -> hxxps://sanmarkos12.sharepoint.com ==================== Inne obszary =========================== (Obecnie brak automatycznej naprawy dla tej sekcji.) HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\ProgramData\Oracle\Java\javapath;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;C:\Program Files\Intel\WiFi\bin\;C:\Program Files\Common Files\Intel\WirelessCommon\;C:\Program Files (x86)\Intel\Services\IPT\;C:\Program Files\ThinkPad\Bluetooth Software\;C:\Program Files\ThinkPad\Bluetooth Software\syswow64;C:\Program Files (x86)\Lenovo\Access Connections\;C:\Program Files (x86)\Intel\OpenCL SDK\2.0\bin\x86;C:\Program Files (x86)\Intel\OpenCL SDK\2.0\bin\x64 HKU\S-1-5-21-3927854613-2608156586-4117075644-1002\Control Panel\Desktop\\Wallpaper -> C:\Users\krzysztof\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg DNS Servers: 192.168.8.1 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 0) Zapora systemu Windows [funkcja włączona] ==================== MSCONFIG/TASK MANAGER - Wyłączone elementy == ==================== Reguły Zapory systemu Windows (filtrowane) ================ (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) FirewallRules: [{26AD2556-8DA0-4CFC-A8F5-ADA021378495}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe (NVIDIA Corporation -> NVIDIA Corporation) FirewallRules: [{948BA2B7-1DB0-44C2-BC62-5722EF2053B0}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe (NVIDIA Corporation -> NVIDIA Corporation) FirewallRules: [{9B4EF2E7-9544-4D91-BE75-967506462E05}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\outlook.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [{A46C9D27-FA41-40C7-8CB6-D2DBF10A5CB8}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\Lync.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [{78628514-B9E7-4364-A57F-EEEC67210B93}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [{F8D4A26B-8DA6-4FEA-8764-907416535FD7}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation) FirewallRules: [{67EAB4DC-0C96-4443-8DE5-2A3823D9BB15}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation) FirewallRules: [{D2187B2E-EFC9-4270-AB5C-0BA7D5DE3769}] => (Allow) C:\Program Files (x86)\Opera\opera.exe Brak pliku FirewallRules: [{FE12B772-EB22-49F9-95B9-DA94A562277F}] => (Allow) C:\Program Files (x86)\Opera\opera.exe Brak pliku FirewallRules: [{8540205D-E7FC-4411-9374-8D1D899947AF}] => (Allow) C:\kRS\soft\utorrent 1.6.exe () [Brak podpisu cyfrowego] FirewallRules: [{CB71431B-39A6-424F-A6EE-7B30D164D177}] => (Allow) C:\kRS\soft\utorrent 1.6.exe () [Brak podpisu cyfrowego] FirewallRules: [{2C08DEBF-19B5-4741-B3B0-0957CB09679F}] => (Allow) C:\kRS\soft\utorrent 1.6.exe () [Brak podpisu cyfrowego] FirewallRules: [{80B32F1F-66D3-4CFF-BFF9-3CE7E377F57A}] => (Allow) C:\kRS\soft\utorrent 1.6.exe () [Brak podpisu cyfrowego] FirewallRules: [{DA7194BC-8B8E-47A8-810C-7914DABA9BD7}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\Lync.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [{95A7898F-DD28-44B6-8E6C-C9C172281BA1}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [{6186E8F0-C681-4B34-9C6F-80E23F6881CD}] => (Allow) C:\kRS\soft\utorrent_2.2.exe (BitTorrent Inc -> BitTorrent, Inc.) FirewallRules: [{ACF89D7B-79B7-4E7A-9D87-9972491582AA}] => (Allow) C:\kRS\soft\utorrent_2.2.exe (BitTorrent Inc -> BitTorrent, Inc.) FirewallRules: [{E940E892-2593-4C48-A0B3-5D8E10EF1EC3}] => (Allow) C:\Program Files\Xi\NetXfer\NetTransport.exe Brak pliku FirewallRules: [{D847569D-D3BF-432D-BA22-01263E3E64B0}] => (Allow) C:\Program Files\Xi\NetXfer\NetTransport.exe Brak pliku FirewallRules: [{B59A1297-2537-4DD8-8E95-F6CFF2189C67}] => (Allow) C:\Program Files\Xi\NetXfer\x86\NetTransport.exe Brak pliku FirewallRules: [{6205AE92-7F92-443A-8456-2ECC215B42B7}] => (Allow) C:\Program Files\Xi\NetXfer\x86\NetTransport.exe Brak pliku FirewallRules: [{DBDFF999-140E-46BB-880B-146A19EACBCB}] => (Allow) C:\Windows\system32\rundll32.exe (Microsoft Windows -> Microsoft Corporation) FirewallRules: [{5E45D7C9-57DA-4B00-8E9F-9F8B34790CB1}] => (Allow) C:\Windows\System32\rundll32.exe (Microsoft Windows -> Microsoft Corporation) FirewallRules: [{6A752B92-16FE-4C80-8F78-230B347E2F84}] => (Allow) C:\Windows\System32\rundll32.exe (Microsoft Windows -> Microsoft Corporation) FirewallRules: [TCP Query User{1B1B6F67-E7E1-49F8-A4C1-CED70BD65E1B}C:\program files (x86)\mozilla firefox\firefox.exe] => (Allow) C:\program files (x86)\mozilla firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation) FirewallRules: [UDP Query User{039CA983-5BCD-4968-9212-B601C271D650}C:\program files (x86)\mozilla firefox\firefox.exe] => (Allow) C:\program files (x86)\mozilla firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation) FirewallRules: [{5F08FBE0-9839-4FB2-8155-64348CCB45CB}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation) FirewallRules: [{7501E7FE-260B-4D5D-A498-C661115CD3BA}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation) FirewallRules: [{280AEEA6-DEE6-4109-B561-2F4CD6A7C2E4}] => (Allow) C:\Program Files (x86)\Lenovo\System Update\uncserver.exe (Lenovo -> ) FirewallRules: [{6FC5FA5C-F934-41DC-8E55-2EF17777E724}] => (Allow) C:\Program Files (x86)\Lenovo\System Update\uncserver.exe (Lenovo -> ) FirewallRules: [{A3A44357-469C-4C33-AB16-CF66CF03626B}] => (Allow) C:\Program Files (x86)\Opera\66.0.3515.103\opera.exe (Opera Software AS -> Opera Software) FirewallRules: [{4D4DAB62-EEBE-4306-85FB-5ED484C2EB3D}] => (Allow) C:\Program Files (x86)\Opera\66.0.3515.115\opera.exe (Opera Software AS -> Opera Software) FirewallRules: [{80C1D7D3-EBB8-4B06-B974-12C2C8D02A45}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC) ==================== Punkty Przywracania systemu ========================= ==================== Wadliwe urządzenia w Menedżerze urządzeń ============ Name: Teredo Tunneling Pseudo-Interface Description: Karta tunelowania Teredo firmy Microsoft Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318} Manufacturer: Microsoft Service: tunnel Problem: : This device cannot start. (Code10) Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device. On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard. Name: wfcre Description: wfcre Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1} Manufacturer: Service: wfcre Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24) Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed. Devices stay in this state if they have been prepared for removal. After you remove the device, this error disappears.Remove the device, and this error should be resolved. Name: ZAM Helper Driver Description: ZAM Helper Driver Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1} Manufacturer: Service: ZAM Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24) Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed. Devices stay in this state if they have been prepared for removal. After you remove the device, this error disappears.Remove the device, and this error should be resolved. Name: ZAM Guard Driver Description: ZAM Guard Driver Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1} Manufacturer: Service: ZAM_Guard Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24) Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed. Devices stay in this state if they have been prepared for removal. After you remove the device, this error disappears.Remove the device, and this error should be resolved. Name: WAN Miniport (IKEv2) Description: WAN Miniport (IKEv2) Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318} Manufacturer: Microsoft Service: RasAgileVpn Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31) Resolution: Update the driver Name: Miniport WAN (L2TP) Description: Miniport WAN (L2TP) Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318} Manufacturer: Microsoft Service: Rasl2tp Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31) Resolution: Update the driver Name: WAN Miniport (Network Monitor) Description: WAN Miniport (Network Monitor) Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318} Manufacturer: Microsoft Service: NdisWan Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31) Resolution: Update the driver Name: WAN Miniport (IP) Description: WAN Miniport (IP) Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318} Manufacturer: Microsoft Service: NdisWan Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31) Resolution: Update the driver Name: WAN Miniport (IPv6) Description: WAN Miniport (IPv6) Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318} Manufacturer: Microsoft Service: NdisWan Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31) Resolution: Update the driver Name: Miniport WAN (PPPOE) Description: Miniport WAN (PPPOE) Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318} Manufacturer: Microsoft Service: RasPppoe Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31) Resolution: Update the driver Name: Miniport WAN (PPTP) Description: Miniport WAN (PPTP) Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318} Manufacturer: Microsoft Service: PptpMiniport Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31) Resolution: Update the driver Name: Karta Microsoft ISATAP Description: Karta Microsoft ISATAP Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318} Manufacturer: Microsoft Service: tunnel Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31) Resolution: Update the driver Name: WAN Miniport (SSTP) Description: WAN Miniport (SSTP) Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318} Manufacturer: Microsoft Service: RasSstp Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31) Resolution: Update the driver Name: Karta Microsoft ISATAP #4 Description: Karta Microsoft ISATAP Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318} Manufacturer: Microsoft Service: tunnel Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31) Resolution: Update the driver Name: Teredo Tunneling Pseudo-Interface Description: Karta tunelowania Teredo firmy Microsoft Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318} Manufacturer: Microsoft Service: tunnel Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31) Resolution: Update the driver ==================== Błędy w Dzienniku zdarzeń: ======================== Dziennik Aplikacja: ================== Error: (02/27/2020 10:07:58 AM) (Source: WinMgmt) (EventID: 10) (User: ) Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected. Error: (02/27/2020 10:07:57 AM) (Source: Application Error) (EventID: 1000) (User: ) Description: Nazwa aplikacji powodującej błąd: FreemakeUtilsService.exe, wersja: 1.0.0.0, sygnatura czasowa: 0x5db2b8e8 Nazwa modułu powodującego błąd: KERNELBASE.dll, wersja: 6.1.7601.23915, sygnatura czasowa: 0x59b94abb Kod wyjątku: 0xe0434352 Przesunięcie błędu: 0x0000c54f Identyfikator procesu powodującego błąd: 0x920 Godzina uruchomienia aplikacji powodującej błąd: 0x01d5ed4d5d933a44 Ścieżka aplikacji powodującej błąd: C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe Ścieżka modułu powodującego błąd: C:\Windows\syswow64\KERNELBASE.dll Identyfikator raportu: a4776c72-5940-11ea-9e20-f0def1a9dee7 Error: (02/27/2020 10:07:41 AM) (Source: .NET Runtime) (EventID: 1026) (User: ) Description: Aplikacja: FreemakeUtilsService.exe Wersja architektury: v4.0.30319 Opis: proces został przerwany z powodu nieobsłużonego wyjątku. Informacje o wyjątku: System.IO.FileNotFoundException w FreemakeUtilsService.Program.Main(System.String[]) Error: (02/21/2020 01:14:51 AM) (Source: Application Error) (EventID: 1000) (User: ) Description: Nazwa aplikacji powodującej błąd: OUTLOOK.EXE, wersja: 15.0.4893.1000, sygnatura czasowa: 0x584f975d Nazwa modułu powodującego błąd: ntdll.dll, wersja: 6.1.7601.23915, sygnatura czasowa: 0x59b94a16 Kod wyjątku: 0xc0000374 Przesunięcie błędu: 0x000ce85b Identyfikator procesu powodującego błąd: 0x93c Godzina uruchomienia aplikacji powodującej błąd: 0x01d5e82b1f885dfa Ścieżka aplikacji powodującej błąd: C:\Program Files\Microsoft Office 15\root\office15\OUTLOOK.EXE Ścieżka modułu powodującego błąd: C:\Windows\SysWOW64\ntdll.dll Identyfikator raportu: 2d0bebf3-543f-11ea-982d-f0def1a9dee7 Error: (02/20/2020 08:50:03 PM) (Source: WinMgmt) (EventID: 10) (User: ) Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected. Error: (02/20/2020 08:50:02 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Nazwa aplikacji powodującej błąd: FreemakeUtilsService.exe, wersja: 1.0.0.0, sygnatura czasowa: 0x5db2b8e8 Nazwa modułu powodującego błąd: KERNELBASE.dll, wersja: 6.1.7601.23915, sygnatura czasowa: 0x59b94abb Kod wyjątku: 0xe0434352 Przesunięcie błędu: 0x0000c54f Identyfikator procesu powodującego błąd: 0x8ac Godzina uruchomienia aplikacji powodującej błąd: 0x01d5e826e7ca467f Ścieżka aplikacji powodującej błąd: C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe Ścieżka modułu powodującego błąd: C:\Windows\syswow64\KERNELBASE.dll Identyfikator raportu: 2ec15c9e-541a-11ea-982d-f0def1a9dee7 Error: (02/20/2020 08:49:47 PM) (Source: .NET Runtime) (EventID: 1026) (User: ) Description: Aplikacja: FreemakeUtilsService.exe Wersja architektury: v4.0.30319 Opis: proces został przerwany z powodu nieobsłużonego wyjątku. Informacje o wyjątku: System.IO.FileNotFoundException w FreemakeUtilsService.Program.Main(System.String[]) Error: (02/17/2020 11:56:22 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Nazwa aplikacji powodującej błąd: Explorer.EXE, wersja: 6.1.7601.23537, sygnatura czasowa: 0x57c44efe Nazwa modułu powodującego błąd: DUI70.dll, wersja: 6.1.7600.16385, sygnatura czasowa: 0x4a5bdf25 Kod wyjątku: 0xc0000005 Przesunięcie błędu: 0x0000000000001134 Identyfikator procesu powodującego błąd: 0x10d0 Godzina uruchomienia aplikacji powodującej błąd: 0x01d5e59b680e2dbf Ścieżka aplikacji powodującej błąd: C:\Windows\Explorer.EXE Ścieżka modułu powodującego błąd: C:\Windows\system32\DUI70.dll Identyfikator raportu: b75d824d-51d8-11ea-b21b-f0def1a9dee7 Dziennik System: ============= Error: (03/12/2020 08:24:08 PM) (Source: Microsoft-Windows-Kernel-General) (EventID: 5) (User: LENOVO) Description: 0x8000002a31\??\C:\FRST\n4Rl2Zl8Rq1R\system Error: (03/12/2020 08:09:55 PM) (Source: Microsoft-Windows-Kernel-General) (EventID: 5) (User: LENOVO) Description: 0x8000002a31\??\C:\FRST\x0Jr9Jk4Yz1Y\system Error: (03/12/2020 07:46:37 PM) (Source: Schannel) (EventID: 4119) (User: ZARZĄDZANIE NT) Description: Odebrano następujący alert krytyczny: 80. Error: (03/12/2020 07:46:30 PM) (Source: Schannel) (EventID: 4119) (User: ZARZĄDZANIE NT) Description: Odebrano następujący alert krytyczny: 80. Error: (03/12/2020 07:46:17 PM) (Source: Schannel) (EventID: 4119) (User: ZARZĄDZANIE NT) Description: Odebrano następujący alert krytyczny: 80. Error: (03/12/2020 07:34:37 PM) (Source: volsnap) (EventID: 36) (User: ) Description: Wykonywanie kopii w tle woluminu C: zostało przerwane, ponieważ nie można powiększyć magazynu kopii w tle z powodu limitu wprowadzonego przez użytkownika. Error: (03/12/2020 07:17:35 PM) (Source: Microsoft-Windows-DNS-Client) (EventID: 1012) (User: ZARZĄDZANIE NT) Description: Wystąpił błąd podczas próby odczytu lokalnego pliku hosts. Error: (03/12/2020 07:17:33 PM) (Source: Microsoft-Windows-DNS-Client) (EventID: 1012) (User: ZARZĄDZANIE NT) Description: Wystąpił błąd podczas próby odczytu lokalnego pliku hosts. ==================== Statystyki pamięci =========================== BIOS: LENOVO 8CET49WW (1.29 ) 09/14/2011 Płyta główna: LENOVO 4174CW8 Procesor: Intel(R) Core(TM) i5-2520M CPU @ 2.50GHz Procent pamięci w użyciu: 94% Całkowita pamięć fizyczna: 3978.23 MB Dostępna pamięć fizyczna: 224.68 MB Całkowita pamięć wirtualna: 10842.32 MB Dostępna pamięć wirtualna: 2430.85 MB ==================== Dyski ================================ Drive c: (Dysk lokalny) (Fixed) (Total:119.14 GB) (Free:2.82 GB) NTFS \\?\Volume{9218f943-e9ff-11e4-8cff-806e6f6e6963}\ (Zastrzeżone przez system) (Fixed) (Total:0.1 GB) (Free:0.07 GB) NTFS ==================== MBR & Tablica partycji ==================== ========================================================== Disk: 0 (Size: 119.2 GB) (Disk ID: 2FF92FF8) Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS) Partition 2: (Not Active) - (Size=119.1 GB) - (Type=07 NTFS) ==================== Koniec Addition.txt =======================