Rezultaty skanu uzupełniającego Farbar Recovery Scan Tool (x64) Wersja: 30-09-2016 Uruchomiony przez Natalka (02-10-2016 13:36:43) Uruchomiony z C:\Users\Natalka\Desktop Windows 8.1 (Update) (X64) (2015-06-15 04:55:23) Tryb startu: Normal ========================================================== ==================== Konta użytkowników: ============================= Administrator (S-1-5-21-899261099-702920328-1542426104-500 - Administrator - Disabled) Gość (S-1-5-21-899261099-702920328-1542426104-501 - Limited - Disabled) Natalka (S-1-5-21-899261099-702920328-1542426104-1001 - Administrator - Enabled) => C:\Users\Natalka ==================== Centrum zabezpieczeń ======================== (Załączenie wejścia w fixlist spowoduje jego usunięcie.) AV: ESET Smart Security 8.0 (Enabled - Up to date) {19259FAE-8396-A113-46DB-15B0E7DFA289} AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: ESET Smart Security 8.0 (Enabled - Up to date) {A2447E4A-A5AC-AE9D-7C6B-2EC29C58E834} FW: Zapora osobista ESET (Enabled) {211E1E8B-C9F9-A04B-6D84-BC85190CE5F2} ==================== Zainstalowane programy ====================== (W fixlist dozwolone tylko załączanie programów adware z flagą "Hidden" w celu ich uwidocznienia. Programy adware powinny zostać w poprawny sposób odinstalowane.) µTorrent (HKU\S-1-5-21-899261099-702920328-1542426104-1001\...\uTorrent) (Version: 3.4.3.40298 - BitTorrent Inc.) Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 23.0.0.257 - Adobe Systems Incorporated) Adobe Flash Player 22 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 22.0.0.209 - Adobe Systems Incorporated) AMD Install Manager (HKLM\...\AMD Catalyst Install Manager) (Version: 9.0.000.4 - Advanced Micro Devices, Inc.) Catalyst Control Center Next Localization BR (Version: 2016.0718.1747.30147 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization CHS (Version: 2016.0718.1747.30147 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization CHT (Version: 2016.0718.1747.30147 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization CS (Version: 2016.0718.1747.30147 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization DA (Version: 2016.0718.1747.30147 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization DE (Version: 2016.0718.1747.30147 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization EL (Version: 2016.0718.1747.30147 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization ES (Version: 2016.0718.1747.30147 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization FI (Version: 2016.0718.1747.30147 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization FR (Version: 2016.0718.1747.30147 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization HU (Version: 2016.0718.1747.30147 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization IT (Version: 2016.0718.1747.30147 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization JA (Version: 2016.0718.1747.30147 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization KO (Version: 2016.0718.1747.30147 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization NL (Version: 2016.0718.1747.30147 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization NO (Version: 2016.0718.1747.30147 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization PL (Version: 2016.0718.1747.30147 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization RU (Version: 2016.0718.1747.30147 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization SV (Version: 2016.0718.1747.30147 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization TH (Version: 2016.0718.1747.30147 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization TR (Version: 2016.0718.1747.30147 - Advanced Micro Devices, Inc.) Hidden Conexant HD Audio (HKLM\...\CNXT_AUDIO_HDA) (Version: 8.65.55.52 - Conexant) Crysis WARHEAD(R) (HKU\S-1-5-21-899261099-702920328-1542426104-1001\...\Crysis WARHEAD(R)) (Version: - Electronic Arts) Crysis WARHEAD(R) (x32 Version: 1.0 - Crytek) Hidden DAEMON Tools Pro (HKLM-x32\...\DAEMON Tools Pro) (Version: 6.0.0.0445 - Disc Soft Ltd) Dependency Package Update (Version: 1.6.29.00 - Lenovo Inc.) Hidden Dependency Package Update (Version: 1.6.38.00 - Lenovo Inc.) Hidden Dependency Package Update (x32 Version: 1.6.32.00 - Lenovo Group Limited) Hidden Dependency Package Update (x32 Version: 1.6.38.00 - Lenovo Group Limited) Hidden Dependency Package Update (x32 Version: 1.6.38.01 - Lenovo Group Limited) Hidden Dolby Digital Plus Advanced Audio (HKLM\...\{B0BFC63F-EA07-419E-960B-3FB2ED5DD0B2}) (Version: 7.5.1.1 - Dolby Laboratories Inc) Dota 2 (HKLM-x32\...\Steam App 570) (Version: - Valve) EAX Unified (HKLM-x32\...\EAX Unified) (Version: - ) ESET Smart Security (HKLM\...\{A9550052-52AD-414B-AB58-74F0D7DC8188}) (Version: 8.0.304.2 - ESET, spol s r. o.) Euro Truck Simulator 2 wersja 1.19.2.0 (HKLM-x32\...\Euro Truck Simulator 2_is1) (Version: 1.19.2.0 - GTX Box Team) Gameforge Live 2.0.11 (HKLM-x32\...\{9C98989A-3A15-42DA-A3B9-D20331437D67}}_is1) (Version: 2.0.11 - Gameforge) Grand Theft Auto IV (HKLM-x32\...\{579BA58C-F33D-4970-9953-B94B43768AC3}) (Version: 1.00.0000 - Rockstar Games) Grand Theft Auto IV (x32 Version: 1.0.0013.131 - Rockstar Games Inc.) Hidden Grand Theft Auto V (HKLM-x32\...\R3JhbmRUaGVmdEF1dG9W_is1) (Version: 1 - ) Grand Theft Auto Vice City Stories (HKLM-x32\...\Grand Theft Auto Vice City Stories_is1) (Version: Beta 3 v. 1163 - ) GTA San Andreas (HKLM-x32\...\{D417C96A-FCC7-4590-A1BB-FAF73F5BC98E}) (Version: 1.00.00001 - Rockstar Games) Hex Workshop v6.8 (HKLM\...\{A36AC685-4435-4C16-861F-221231DE165D}) (Version: 6.8.0.5419 - BreakPoint Software) Intel(R) Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1008 - Intel Corporation) Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 10.0.28.1006 - Intel Corporation) Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.14.4062 - Intel Corporation) Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 13.5.0.1056 - Intel Corporation) Intel(R) Update Manager (HKLM-x32\...\{84A2B59B-6A7B-4C01-8592-15C9BFE6AC36}) (Version: 2.4.3 - Intel Corporation) Lenovo Bluetooth with Enhanced Data Rate Software (HKLM\...\{C6D9ED03-6FCF-4410-9CB7-45CA285F9E11}) (Version: 12.0.0.9840 - Broadcom Corporation) Lenovo Dependency Package (HKLM\...\Lenovo Dependency Package_is1) (Version: 1.6.38.00 - Lenovo Group Limited) Lenovo EasyCamera (HKLM-x32\...\{E0A7ED39-8CD6-4351-93C3-69CCA00D12B4}) (Version: 6.2.9200.10292 - Realtek Semiconductor Corp.) Lenovo FusionEngine (HKLM-x32\...\Lenovo FusionEngine) (Version: 1.0.13.0 - Lenovo, Inc.) Lenovo OneKey Recovery (HKLM-x32\...\InstallShield_{46F4D124-20E5-4D12-BE52-EC177A7A4B42}) (Version: 8.1.0.2619 - CyberLink Corp.) Lenovo OneKey Recovery (Version: 8.1.0.2619 - CyberLink Corp.) Hidden Lenovo Patch Utility (x32 Version: 1.3.2.6 - Lenovo Group Limited) Hidden Lenovo Patch Utility 64 bit (Version: 1.3.2.6 - Lenovo Group Limited) Hidden Lenovo Photo Master (HKLM-x32\...\InstallShield_{BC94C56A-3649-420C-8756-2ADEBE399D33}) (Version: 1.0.1826.01 - CyberLink Corp.) Lenovo Photo Master (x32 Version: 1.0.1826.01 - CyberLink Corp.) Hidden Lenovo Service Bridge (HKU\S-1-5-21-899261099-702920328-1542426104-1001\...\dda9ca0b023f4c56) (Version: 1.6.3.5 - Lenovo) Lenovo Settings - Camera Audio (HKLM\...\{88C6A6D9-324C-46E8-BA87-563D14021442}_is1) (Version: 4.3.5.0 - Lenovo Corporation) Lenovo Settings (HKLM\...\{D14CCBF5-1A3A-4C08-955B-BE6D519835C4}_is1) (Version: 2.0.0.4 - Lenovo) Lenovo Settings Dependency Package (HKLM\...\{3694BA2E-BE31-4B7E-886B-A0B559E69D4D}_is1) (Version: 2.3.1.28 - Lenovo Group Limited) Lenovo Settings Service (HKLM\...\{8C6F1EBA-17F1-4481-B688-9777E63E985F}_is1) (Version: 2.3.0.20 - Lenovo Group Limited) Lenovo Settings UMDF driver (HKLM\...\{2BDC7413-65EA-4B99-8C4B-02F11075BE6D}_is1) (Version: 1.2.0.6 - Lenovo Group Limited) Lenovo Settings WiFi (HKLM\...\{86045A6C-C156-4349-A3E2-47A88A42F5C2}_is1) (Version: 2.0.0.2 - Lenovo) Lenovo Solution Center (HKLM\...\{4C2B6F96-3AED-4E3F-8DCE-917863D1E6B1}) (Version: 2.7.003.00 - Lenovo Group Limited) Lenovo VeriFace Pro (HKLM\...\Lenovo VeriFace) (Version: 5.1.14.6181 - Lenovo) Lenovo_Wireless_Driver (HKLM-x32\...\{5D642A72-8194-4A22-80DA-11FE610CCA8E}) (Version: 6.30.223.201 - Lenovo) LenovoUtility (HKLM-x32\...\InstallShield_{6ADA7E88-8D16-4D0D-BC90-2B93AC5E56DA}) (Version: 2.0.0.5 - Nazwa firmy) LenovoUtility (x32 Version: 2.0.0.5 - Nazwa firmy) Hidden Mafia (HKLM-x32\...\Mafia) (Version: - ) Mafia II (HKLM-x32\...\Mafia II_is1) (Version: - ) Medal of Honor 2010 version 1.0.0 (HKLM-x32\...\Medal of Honor 2010_is1) (Version: 1.0.0 - GTX Box Team) Microsoft Office Enterprise 2007 (HKLM-x32\...\ENTERPRISE) (Version: 12.0.4518.1014 - Microsoft Corporation) Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.41212.0 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (HKLM-x32\...\{15134cb0-b767-4960-a911-f2d16ae54797}) (Version: 11.0.50727.1 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 (HKLM-x32\...\{22154f09-719a-4619-bb71-5b3356999fbf}) (Version: 11.0.50727.1 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation) Need for Speed Underground 2 wersja 1.2.0.0 (HKLM-x32\...\Need for Speed Underground 2_is1) (Version: 1.2.0.0 - GTX Box Team) Need For Speed Underground version 1.0.0.0 (HKLM-x32\...\Need For Speed Underground_is1) (Version: 1.0.0.0 - GTX Box Team) NVIDIA PhysX (HKLM-x32\...\{3F5C371F-8EA2-4F25-9D3D-D0B4526E3AEA}) (Version: 9.10.0513 - NVIDIA Corporation) OEM Application Profile (x32 Version: 1.00.0000 - Advanced Micro Devices, Inc.) Hidden OneKey Optimizer (HKLM-x32\...\InstallShield_{D5D573DC-D989-4769-9B56-D6A7EA503D7F}) (Version: 1.1.20.16 - Lenovo) OneKey Optimizer (x32 Version: 1.1.20.16 - Lenovo) Hidden OpenIV (HKU\S-1-5-21-899261099-702920328-1542426104-1001\...\OpenIV) (Version: 2.6.4.642 - .black/OpenIV Team) Opera Stable 40.0.2308.62 (HKLM-x32\...\Opera 40.0.2308.62) (Version: 40.0.2308.62 - Opera Software) Oprogramowanie mikroukładu Intel® (x32 Version: 10.0.22 - Intel(R) Corporation) Hidden Pakiet sterowników systemu Windows - Lenovo (ACPIVPC) System (09/24/2013 19.29.2.34) (HKLM\...\EE9B1F2037C580F36D92FA431CC02BFF04C31F15) (Version: 09/24/2013 19.29.2.34 - Lenovo) Pakiet sterowników systemu Windows - Lenovo (WUDFRd) LenovoVhid (07/25/2013 10.30.0.288) (HKLM\...\6BCA401E9CBEED970D75F55FA5320F60D11984E9) (Version: 07/25/2013 10.30.0.288 - Lenovo) Pakiet sterowników systemu Windows - MediaTek Inc. (usbser) Ports (01/05/2012 2.0000.0.1) (HKLM\...\49D9ABA9270C5BDFD7AE1BEB607D36B26BB90235) (Version: 01/05/2012 2.0000.0.1 - MediaTek Inc.) Pakiet sterowników systemu Windows - MediaTek Inc. (usbser) Ports (12/24/2011 2.0000.0.0) (HKLM\...\D0E6296D177F42BB31C0200E49412003DB6C4633) (Version: 12/24/2011 2.0000.0.0 - MediaTek Inc.) PAŃSTWOWE TESTY EGZAMINACYJNE NA PJ (HKLM-x32\...\PAŃSTWOWE TESTY EGZAMINACYJNE NA PJ) (Version: - ) PlayReady PC Runtime x86 (HKLM-x32\...\{CCA5EAAD-92F4-4B7A-B5EE-14294C66AB61}) (Version: 1.3.0 - Microsoft Corporation) PX Profile Update (x32 Version: 1.00.1. - AMD) Hidden Raptr (HKLM-x32\...\Raptr) (Version: 5.2.6-r115593-release - Raptr, Inc) Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 6.3.9600.39059 - Realtek Semiconductor Corp.) Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.33.529.2014 - Realtek) Rockstar Games Social Club (HKLM-x32\...\Rockstar Games Social Club) (Version: 1.1.5.8 - Rockstar Games) SDFormatter (HKLM-x32\...\{179324FF-7B16-4BA8-9836-055CAAEE4F08}) (Version: 4.0.0 - SD Association) Skype™ 7.26 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.26.101 - Skype Technologies S.A.) Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation) Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 18.0.7.132 - Synaptics Incorporated) The Sims 4 (HKLM-x32\...\VGhlU2ltczQ=_is1) (Version: 1 - ) The Sims™ 4 (HKLM-x32\...\{48EBEBBF-B9F8-4520-A3CF-89A730721917}) (Version: 1.0.732.20 - Electronic Arts Inc.) Twierdza (HKLM-x32\...\Stronghold_is1) (Version: - Cenega Poland Sp. z o.o.) Unity Web Player (HKU\S-1-5-21-899261099-702920328-1542426104-1001\...\UnityWebPlayer) (Version: 5.2.0f3 - Unity Technologies ApS) Visual Studio C++ 10.0 Runtime (HKLM-x32\...\{4412F224-3849-4461-A3E9-DEEF8D252790}) (Version: 10.0.0 - TomTom International B.V.) Vulkan Run Time Libraries 1.0.17.0 (HKLM\...\VulkanRT1.0.17.0-2) (Version: 1.0.17.0 - LunarG, Inc.) Vulkan Run Time Libraries 1.0.17.0 (Version: 1.0.17.0 - LunarG, Inc.) Hidden WinRAR 5.21 (64-bitowy) (HKLM\...\WinRAR archiver) (Version: 5.21.0 - win.rar GmbH) ==================== Niestandardowe rejestracje CLSID (filtrowane): ========================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) ==================== Zaplanowane zadania (filtrowane) ============= (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) Task: {0B545118-B563-42FC-8D07-B78F602FCF34} - System32\Tasks\Microsoft\Windows\WS\WSRefreshBannedAppsListTask => Rundll32.exe WSClient.dll,RefreshBannedAppsList Task: {1A1F30AB-7B5C-4A18-9095-CB6E822706A7} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473-Logon => C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [2014-04-09] () Task: {3FAE48D6-52F6-417A-AF9A-7A1B46910029} - System32\Tasks\Lenovo\LSC\Lenovo Solution Center Notifications => C:\Program Files\Lenovo\Lenovo Solution Center\LSCNotify.exe [2014-10-16] (Lenovo) Task: {455D7CC7-9BD5-472C-B4AA-6109FD9F022E} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_22_0_0_209_pepper.exe [2016-08-20] (Adobe Systems Incorporated) Task: {4BBE1116-ACA6-48B5-8B26-548672E583B4} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473 => C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [2014-04-09] () Task: {50DE655A-B0CC-4745-A179-FDC7E68F1324} - System32\Tasks\Microsoft\Windows\PLA\LSC Memory => Rundll32.exe C:\WINDOWS\system32\pla.dll,PlaHost "LSC Memory" "$(Arg0)" Task: {58D9E6FE-5CFB-4551-B598-3D40CF43418D} - System32\Tasks\Microsoft\Windows\Application Experience\Microsoft Compatibility Appraiser => Rundll32.exe aepdu.dll,AePduRunUpdate -nolegacy Task: {75F905F5-ED16-4D86-BF4D-9598D1370E63} - System32\Tasks\AMD Updater => C:\Program Files\AMD\CIM\\Bin64\InstallManagerApp.exe [2016-07-18] (Advanced Micro Devices, Inc.) Task: {A9F5A798-9F72-44D1-90E7-8B1F1CBD90C7} - System32\Tasks\PDVDServ Task => C:\Program Files (x86)\Lenovo\PowerDVD10\PDVD10Serv.EXE Task: {AD86AF9D-9029-494B-815B-F97C5D815281} - System32\Tasks\Lenovo\Dependency Package Auto Update => C:\Program Files\Lenovo\iMController\AutoUpdate.exe [2015-12-14] () Task: {B7B9AD9A-539F-4085-8127-EBD5370A25A9} - System32\Tasks\Lenovo\Lenovo Solution Center Launcher => C:\Program Files\lenovo\lenovo solution center\App\LSCService.exe [2014-10-16] (Lenovo) Task: {DC671D8F-02C2-4719-AE0A-CCC3E249215D} - System32\Tasks\Opera scheduled Autoupdate 1453027716 => C:\Program Files (x86)\Opera\launcher.exe [2016-09-21] (Opera Software) Task: {F2A1F556-DA20-4FF7-A84B-FFDF415F440B} - System32\Tasks\Lenovo\Lenovo Service Bridge\S-1-5-21-899261099-702920328-1542426104-1001 => Rundll32.exe dfshim.dll,ShOpenVerbShortcut C:\Users\Natalka\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Lenovo\Lenovo Service Bridge.appref-ms Task: {F4E46E96-F575-4270-8CC5-5484866446BB} - System32\Tasks\ESET Windows 10 upgrade – Refresh settings => C:\Program Files\Common Files\AV\ESET Smart Security 8.0\upgrade.exe [2016-09-20] (ESET) (Załączenie wejścia w fixlist spowoduje przesunięcie pliku zadania (.job). Plik uruchamiany docelowo przez zadanie nie zostanie przeniesiony.) Task: C:\WINDOWS\Tasks\Adobe Flash Player PPAPI Notifier.job => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_22_0_0_209_pepper.exe ==================== Skróty ============================= (Wybrane wejścia mogą zostać załączone w celu ich zresetowania lub usunięcia.) ==================== Załadowane moduły (filtrowane) ============== 2014-07-10 17:33 - 2014-07-10 17:33 - 00049408 _____ () C:\Program Files\Lenovo\Bluetooth Software\btwleapi.dll 2015-03-13 05:11 - 2014-11-17 16:35 - 00036632 _____ () C:\Program Files\Lenovo\OneKey Optimizer\bin\Metric.dll 2015-03-13 05:11 - 2014-11-17 16:35 - 00166680 _____ () C:\Program Files\Lenovo\OneKey Optimizer\bin\Lenovo.MetricCollectionMFCx64.dll 2015-03-13 04:11 - 2010-10-26 06:40 - 00049056 _____ () C:\Program Files\CONEXANT\ForteConfig\fmapp.exe 2016-09-01 00:44 - 2014-12-03 07:12 - 00002048 _____ () C:\Program Files (x86)\DAEMON Tools Pro\MSIMG32.dll 2016-09-22 22:52 - 2016-09-22 22:52 - 62461208 _____ () C:\Program Files (x86)\Opera\40.0.2308.62\opera.dll 2016-09-22 22:52 - 2016-09-22 22:52 - 01812760 _____ () C:\Program Files (x86)\Opera\40.0.2308.62\libglesv2.dll 2016-09-22 22:52 - 2016-09-22 22:52 - 00095000 _____ () C:\Program Files (x86)\Opera\40.0.2308.62\libegl.dll 2014-09-03 12:03 - 2014-09-03 12:03 - 01241560 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll ==================== Alternate Data Streams (filtrowane) ========= (Załączenie wejścia w fixlist spowoduje usunięcie strumienia ADS.) ==================== Tryb awaryjny (filtrowane) =================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Wartość "AlternateShell" zostanie przywrócona.) ==================== Powiązania plików (filtrowane) =============== (Załączenie wejścia w fixlist spowoduje usunięcie obiektu z rejestru lub przywrócenie jego domyślnej postaci.) ==================== Internet Explorer - Witryny zaufane i z ograniczeniami =============== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru.) ==================== Hosts - zawartość: ========================== (Użycie dyrektywy Hosts: w fixlist spowoduje reset pliku Hosts.) 2013-08-22 15:25 - 2016-08-24 17:46 - 00003961 ____A C:\WINDOWS\system32\Drivers\etc\hosts 0.0.0.0 choice.microsoft.com 0.0.0.0 choice.microsoft.com.nstac.net 0.0.0.0 df.telemetry.microsoft.com 0.0.0.0 oca.telemetry.microsoft.com 0.0.0.0 oca.telemetry.microsoft.com.nsatc.net 0.0.0.0 redir.metaservices.microsoft.com 0.0.0.0 reports.wes.df.telemetry.microsoft.com 0.0.0.0 services.wes.df.telemetry.microsoft.com 0.0.0.0 settings-sandbox.data.microsoft.com 0.0.0.0 settings-win.data.microsoft.com 0.0.0.0 sqm.df.telemetry.microsoft.com 0.0.0.0 sqm.telemetry.microsoft.com 0.0.0.0 sqm.telemetry.microsoft.com.nsatc.net 0.0.0.0 telecommand.telemetry.microsoft.com 0.0.0.0 telecommand.telemetry.microsoft.com.nsatc.net 0.0.0.0 telemetry.appex.bing.net 0.0.0.0 telemetry.microsoft.com 0.0.0.0 telemetry.urs.microsoft.com 0.0.0.0 vortex-sandbox.data.microsoft.com 0.0.0.0 vortex-win.data.microsoft.com 0.0.0.0 vortex.data.microsoft.com 0.0.0.0 watson.telemetry.microsoft.com 0.0.0.0 watson.telemetry.microsoft.com.nsatc.net 0.0.0.0 watson.ppe.telemetry.microsoft.com 0.0.0.0 wes.df.telemetry.microsoft.com 0.0.0.0 vortex-bn2.metron.live.com.nsatc.net 0.0.0.0 vortex-cy2.metron.live.com.nsatc.net 0.0.0.0 watson.live.com 0.0.0.0 watson.microsoft.com 0.0.0.0 feedback.search.microsoft.com Wykryto więcej niż wyliczono: 75 linii. ==================== Inne obszary ============================ (Obecnie brak automatycznej naprawy dla tej sekcji.) HKU\S-1-5-21-899261099-702920328-1542426104-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Natalka\AppData\Roaming\Microsoft\Windows Photo Viewer\Tapeta z Przeglądarki fotografii systemu Windows.jpg DNS Servers: 208.67.222.222 - 208.67.222.220 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1) Zapora systemu Windows [funkcja włączona] ==================== MSCONFIG/TASK MANAGER - Wyłączone elementy == MSCONFIG\Services: Fax => 3 MSCONFIG\Services: Lenovo OKO Service => 2 MSCONFIG\Services: Lenovo Settings Service => 2 MSCONFIG\Services: Lenovo System Agent Service => 2 MSCONFIG\Services: RasAuto => 3 MSCONFIG\Services: RasMan => 3 MSCONFIG\Services: SessionEnv => 3 MSCONFIG\Services: TabletInputService => 3 MSCONFIG\Services: VeriFaceSrv => 2 MSCONFIG\Services: wuauserv => 3 HKLM\...\StartupApproved\Run: => "PhoneCompanion" HKLM\...\StartupApproved\Run: => "LenovoUtility" HKLM\...\StartupApproved\Run: => "OneKeyOptimizer" HKLM\...\StartupApproved\Run32: => "SunJavaUpdateSched" HKLM\...\StartupApproved\Run32: => "Raptr" HKLM\...\StartupApproved\Run32: => "PlaysTV" HKU\S-1-5-21-899261099-702920328-1542426104-1001\...\StartupApproved\Run: => "DAEMON Tools Lite Automount" ==================== Reguły Zapory systemu Windows (filtrowane) =============== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) FirewallRules: [{1CDAD806-4E08-4769-9CBA-94AC707D273C}] => (Allow) C:\Program Files\GTX Box Team\Need for Speed Underground 2\SPEED2.EXE FirewallRules: [{1114F210-C266-46BB-B1F2-D70659615C6D}] => (Allow) C:\Program Files\GTX Box Team\Need for Speed Underground 2\SPEED2.EXE FirewallRules: [{4453E591-D8C3-4A8A-9A30-12855BC01D68}] => (Allow) C:\Program Files (x86)\Raptr Inc\PlaysTV\playstv.exe FirewallRules: [{13663D48-28EF-4F9D-A117-2C82E46B60B5}] => (Allow) C:\Program Files (x86)\Raptr Inc\PlaysTV\playstv.exe FirewallRules: [{587B7CE9-FE16-4657-82D7-387FA079DD30}] => (Allow) C:\Program Files (x86)\GameforgeLive\gfl_client.exe FirewallRules: [{9569F74E-7AA2-4063-B7CF-1D8B1DCD2617}] => (Allow) C:\Program Files (x86)\Remote Mouse\RemoteMouse.exe FirewallRules: [{7796D804-1ED0-4967-A7D1-52E54FBE65E7}] => (Allow) C:\Program Files (x86)\Remote Mouse\RemoteMouse.exe FirewallRules: [{37272010-D78E-4E67-BC0E-DFEE3A3E4800}] => (Allow) C:\Program Files (x86)\Remote Mouse\RemoteMouseCore.exe FirewallRules: [{F4EF70D5-7E70-4569-A9AF-8329C4BC2618}] => (Allow) C:\Program Files (x86)\Remote Mouse\RemoteMouseCore.exe FirewallRules: [{56966A69-B329-4327-8DF9-8391BFBBDE61}] => (Allow) C:\Program Files (x86)\Raptr Inc\Raptr\raptr.exe FirewallRules: [{734619BD-D1BA-45DB-895C-F2B56BE92D3A}] => (Allow) C:\Program Files (x86)\Raptr Inc\Raptr\raptr.exe FirewallRules: [{005C86E7-81B6-484F-A66B-A55F9511F20F}] => (Allow) C:\Program Files (x86)\Raptr Inc\Raptr\raptr_im.exe FirewallRules: [{04E1B436-47EE-44AF-8018-3E19AF9ADC9A}] => (Allow) C:\Program Files (x86)\Raptr Inc\Raptr\raptr_im.exe ==================== Punkty Przywracania systemu ========================= 24-09-2016 17:19:51 Windows Assessment and Deployment Kit - Windows 10 26-09-2016 11:44:43 Skonfigurowane PowerDVD 26-09-2016 11:56:26 Removed System Requirements Lab Detection 27-09-2016 12:46:07 Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 27-09-2016 12:46:45 Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 28-09-2016 13:51:25 Zainstalowany program DirectX 29-09-2016 11:50:11 Installed Grand Theft Auto IV 02-10-2016 13:22:48 Restore Point Created by FRST ==================== Wadliwe urządzenia w Menedżerze urządzeń ============= ==================== Błędy w Dzienniku zdarzeń: ========================= Dziennik Aplikacja: ================== Error: (10/02/2016 01:28:49 PM) (Source: lupdate) (EventID: 0) (User: ) Description: Event-ID 0 Error: (10/02/2016 01:26:21 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Nazwa aplikacji powodującej błąd: RadeonSettings.exe, wersja: 10.1.1.1641, sygnatura czasowa: 0x578d4d34 Nazwa modułu powodującego błąd: atiadlxx.dll, wersja: 7.16.10.1301, sygnatura czasowa: 0x564be878 Kod wyjątku: 0xc0000005 Przesunięcie błędu: 0x000000000008e5f7 Identyfikator procesu powodującego błąd: 0x600 Godzina uruchomienia aplikacji powodującej błąd: 0x01d21c9fc4db187f Ścieżka aplikacji powodującej błąd: C:\Program Files\AMD\CNext\CNext\RadeonSettings.exe Ścieżka modułu powodującego błąd: C:\WINDOWS\SYSTEM32\atiadlxx.dll Identyfikator raportu: 0a9e87ca-8893-11e6-82ac-acd1b8e75c98 Pełna nazwa pakietu powodującego błąd: Identyfikator aplikacji względem pakietu powodującego błąd: Error: (10/02/2016 01:22:46 PM) (Source: VSS) (EventID: 8194) (User: ) Description: Błąd Usługi kopiowania woluminów w tle: nieoczekiwany błąd podczas badania interfejsu IVssWriterCallback. hr = 0x80070005, Odmowa dostępu. . To jest często spowodowane przez niepoprawne ustawienia zabezpieczeń w procesie zapisującym lub żądającym. Operacja: Zbieranie danych modułu zapisującego Kontekst: Identyfikator klasy modułu zapisującego: {e8132975-6f93-4464-a53e-1050253ae220} Nazwa modułu zapisującego: System Writer Identyfikator wystąpienia modułu zapisującego: {b2f95b07-4d25-4553-bb2a-8caa51ead6e1} Error: (10/02/2016 12:26:02 PM) (Source: lupdate) (EventID: 0) (User: ) Description: Event-ID 0 Error: (10/02/2016 12:26:02 PM) (Source: lupdate) (EventID: 0) (User: ) Description: Event-ID 0 Error: (10/01/2016 11:28:40 PM) (Source: lupdate) (EventID: 0) (User: ) Description: Event-ID 0 Error: (10/01/2016 11:28:40 PM) (Source: lupdate) (EventID: 0) (User: ) Description: Event-ID 0 Error: (10/01/2016 06:43:17 PM) (Source: lupdate) (EventID: 0) (User: ) Description: Event-ID 0 Error: (10/01/2016 06:43:17 PM) (Source: lupdate) (EventID: 0) (User: ) Description: Event-ID 0 Error: (10/01/2016 02:45:12 PM) (Source: lupdate) (EventID: 0) (User: ) Description: Event-ID 0 Dziennik System: ============= Error: (10/02/2016 01:24:44 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: ZARZĄDZANIE NT) Description: Nastąpiło nieoczekiwane zatrzymanie modułu rozszerzalności sieci WLAN. Ścieżka modułu: C:\WINDOWS\System32\bcmihvsrv64.dll Error: (10/02/2016 01:24:44 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: ZARZĄDZANIE NT) Description: Nastąpiło nieoczekiwane zatrzymanie modułu rozszerzalności sieci WLAN. Ścieżka modułu: C:\WINDOWS\System32\bcmihvsrv64.dll Error: (10/02/2016 01:24:41 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: ZARZĄDZANIE NT) Description: Nastąpiło nieoczekiwane zatrzymanie modułu rozszerzalności sieci WLAN. Ścieżka modułu: C:\WINDOWS\System32\bcmihvsrv64.dll Error: (10/02/2016 01:23:15 PM) (Source: Service Control Manager) (EventID: 7032) (User: ) Description: Menedżer sterowania usługami próbował podjąć akcję korekcyjną (Uruchom usługę ponownie) po nieoczekiwanym zakończeniu usługi Windows Search, ale ta akcja nie powiodła się przy następującym błędzie: Jedno wystąpienie usługi już działa. . Error: (10/02/2016 01:22:45 PM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: Usługa FastbootService niespodziewanie zakończyła pracę. Wystąpiło to razy: 1. Error: (10/02/2016 01:22:45 PM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: Usługa ESET Service niespodziewanie zakończyła pracę. Wystąpiło to razy: 1. W przeciągu 0 milisekund zostanie podjęta następująca czynność korekcyjna: Uruchom usługę ponownie. Error: (10/02/2016 01:22:45 PM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: Usługa Intel(R) Rapid Storage Technology niespodziewanie zakończyła pracę. Wystąpiło to razy: 1. Error: (10/02/2016 01:22:45 PM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: Usługa Intel(R) Dynamic Application Loader Host Interface Service niespodziewanie zakończyła pracę. Wystąpiło to razy: 1. Error: (10/02/2016 01:22:45 PM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: Usługa Intel(R) Management and Security Application Local Management Service niespodziewanie zakończyła pracę. Wystąpiło to razy: 1. Error: (10/02/2016 01:22:45 PM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: Usługa AVControlCenter niespodziewanie zakończyła pracę. Wystąpiło to razy: 1. CodeIntegrity: =================================== Date: 2016-04-30 16:45:56.173 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\d3d10_1.dll because the set of per-page image hashes could not be found on the system. Date: 2016-04-30 16:45:56.115 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\d3d10_1.dll because the set of per-page image hashes could not be found on the system. Date: 2016-04-30 16:45:56.057 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\amdhdl64.dll because the set of per-page image hashes could not be found on the system. Date: 2016-04-30 16:31:39.969 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\d3d10_1.dll because the set of per-page image hashes could not be found on the system. Date: 2016-04-30 16:31:39.890 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\d3d10_1.dll because the set of per-page image hashes could not be found on the system. Date: 2016-04-30 16:31:39.823 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\amdhdl64.dll because the set of per-page image hashes could not be found on the system. Date: 2016-04-30 16:08:04.136 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\d3d10_1.dll because the set of per-page image hashes could not be found on the system. Date: 2016-04-30 16:08:04.083 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\d3d10_1.dll because the set of per-page image hashes could not be found on the system. Date: 2016-04-30 16:08:03.996 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\amdhdl64.dll because the set of per-page image hashes could not be found on the system. ==================== Statystyki pamięci =========================== Procesor: Intel(R) Core(TM) i7-5500U CPU @ 2.40GHz Procent pamięci w użyciu: 27% Całkowita pamięć fizyczna: 8106.45 MB Dostępna pamięć fizyczna: 5850.16 MB Całkowita pamięć wirtualna: 16298.45 MB Dostępna pamięć wirtualna: 13795.52 MB ==================== Dyski ================================ Drive c: (Windows8_OS) (Fixed) (Total:889.74 GB) (Free:342.91 GB) NTFS ==>[system z komponentami startowymi (pozyskano odczytując dysk)] Drive d: (LENOVO) (Fixed) (Total:25 GB) (Free:21.92 GB) NTFS ==================== MBR & Tablica partycji ================== ======================================================== Disk: 0 (Size: 931.5 GB) (Disk ID: BEF2C006) Partition: GPT. ==================== Koniec Addition.txt ============================