• Ogłoszenie:

Długo się wszystko wczytuje 2 laptop

Bezpieczeństwo systemów, usuwanie wirusów, dobieranie programów antywirusowych. Obowiązkowe logi w tym dziale: trzy z FRST + Gmer.

Długo się wszystko wczytuje 2 laptop

Postprzez cinek_1111 23 Lip 2017, 09:36

reklama
Witam
Proszę o sprawdzenie logów jeszcze w 1 laptopie.
Laptop długo wszystko wczytuje i strasznie wolno chodzi.

Kod: Zaznacz wszystko
GMER 2.2.19882 - http://www.gmer.net
Rootkit scan 2017-07-23 09:20:25
Windows 6.2.9200  x64 \Device\Harddisk0\DR0 -> \Device\0000001e WDC_WD5000LPCX-24C6HT0 rev.02.01A02 465,76GB
Running: qcbgym89.exe; Driver: C:\Users\Ewa\AppData\Local\Temp\fxlyrpog.sys


---- Threads - GMER 2.2 ----

Thread  C:\WINDOWS\system32\csrss.exe [3448:1704]                                                                                           fffff960009322d0

---- Registry - GMER 2.2 ----

Reg     HKLM\SYSTEM\CurrentControlSet\Control\Diagnostics\Performance@ActiveShutdownDCL                                                     C:\WINDOWS\System32\WDI\LogFiles\WdiContextLog.etl.003
Reg     HKLM\SYSTEM\CurrentControlSet\Control\GraphicsDrivers\Configuration\AUO40EC0_29_07DD_EE^E337340A3037D6B019C760F80DD2E2C3@Timestamp  0xE8 0x10 0x9E 0xDD ...
Reg     HKLM\SYSTEM\CurrentControlSet\Control\Session Manager\Kernel\RNG@RNGAuxiliarySeed                                                   444168992
Reg     HKLM\SYSTEM\CurrentControlSet\Control\Session Manager\Power@POSTTime                                                                2391
Reg     HKLM\SYSTEM\CurrentControlSet\Control\Session Manager\Power@FwPOSTTime                                                              2396
Reg     HKLM\SYSTEM\CurrentControlSet\Control\Session Manager\Power@TotalResumeTime                                                         34331589
Reg     HKLM\SYSTEM\CurrentControlSet\Control\Session Manager\Power@ResumeBootMgrTime                                                       0
Reg     HKLM\SYSTEM\CurrentControlSet\Control\Session Manager\Power@ResumeAppTime                                                           0
Reg     HKLM\SYSTEM\CurrentControlSet\Control\Session Manager\Power@ResumeAppStartTimestamp                                                 0
Reg     HKLM\SYSTEM\CurrentControlSet\Control\Session Manager\Power@ResumeLibraryInitTime                                                   0
Reg     HKLM\SYSTEM\CurrentControlSet\Control\Session Manager\Power@ResumeInitTime                                                          0
Reg     HKLM\SYSTEM\CurrentControlSet\Control\Session Manager\Power@ResumeHiberFileTime                                                     0
Reg     HKLM\SYSTEM\CurrentControlSet\Control\Session Manager\Power@ResumeRestoreImageStartTimestamp                                        0
Reg     HKLM\SYSTEM\CurrentControlSet\Control\Session Manager\Power@ResumeIoTime                                                            0
Reg     HKLM\SYSTEM\CurrentControlSet\Control\Session Manager\Power@ResumeDecompressTime                                                    0
Reg     HKLM\SYSTEM\CurrentControlSet\Control\Session Manager\Power@ResumeMapTime                                                           0
Reg     HKLM\SYSTEM\CurrentControlSet\Control\Session Manager\Power@ResumeAllocateTime                                                      0
Reg     HKLM\SYSTEM\CurrentControlSet\Control\Session Manager\Power@ResumeKernelSwitchTimestamp                                             0
Reg     HKLM\SYSTEM\CurrentControlSet\Control\Session Manager\Power@KernelReturnFromHandlerTimestamp                                        34330320
Reg     HKLM\SYSTEM\CurrentControlSet\Control\Session Manager\Power@SleeperThreadEndTimestamp                                               34330320
Reg     HKLM\SYSTEM\CurrentControlSet\Control\Session Manager\Power@TimeStampCounterAtSwitchTime                                            0
Reg     HKLM\SYSTEM\CurrentControlSet\Control\Session Manager\Power@KernelReturnSystemPowerState                                            34331474
Reg     HKLM\SYSTEM\CurrentControlSet\Control\Session Manager\Power@HiberHiberFileTime                                                      0
Reg     HKLM\SYSTEM\CurrentControlSet\Control\Session Manager\Power@HiberInitTime                                                           0
Reg     HKLM\SYSTEM\CurrentControlSet\Control\Session Manager\Power@HiberSharedBufferTime                                                   0
Reg     HKLM\SYSTEM\CurrentControlSet\Control\Session Manager\Power@TotalHibernateTime                                                      0
Reg     HKLM\SYSTEM\CurrentControlSet\Control\Session Manager\Power@KernelResumeHiberFileTime                                               0
Reg     HKLM\SYSTEM\CurrentControlSet\Control\Session Manager\Power@KernelResumeInitTime                                                    0
Reg     HKLM\SYSTEM\CurrentControlSet\Control\Session Manager\Power@KernelResumeSharedBufferTime                                            0
Reg     HKLM\SYSTEM\CurrentControlSet\Control\Session Manager\Power@DeviceResumeTime                                                        1066
Reg     HKLM\SYSTEM\CurrentControlSet\Control\Session Manager\Power@KernelAnimationTime                                                     0
Reg     HKLM\SYSTEM\CurrentControlSet\Control\Session Manager\Power@KernelPagesProcessed                                                    0
Reg     HKLM\SYSTEM\CurrentControlSet\Control\Session Manager\Power@KernelPagesWritten                                                      0x00 0x00 0x00 0x00 ...
Reg     HKLM\SYSTEM\CurrentControlSet\Control\Session Manager\Power@BootPagesProcessed                                                      0
Reg     HKLM\SYSTEM\CurrentControlSet\Control\Session Manager\Power@BootPagesWritten                                                        0x00 0x00 0x00 0x00 ...
Reg     HKLM\SYSTEM\CurrentControlSet\Control\Session Manager\Power@HiberWriteRate                                                          0
Reg     HKLM\SYSTEM\CurrentControlSet\Control\Session Manager\Power@HiberCompressRate                                                       0
Reg     HKLM\SYSTEM\CurrentControlSet\Control\Session Manager\Power@ResumeReadRate                                                          0
Reg     HKLM\SYSTEM\CurrentControlSet\Control\Session Manager\Power@ResumeDecompressRate                                                    0
Reg     HKLM\SYSTEM\CurrentControlSet\Control\Session Manager\Power@FileRuns                                                                0
Reg     HKLM\SYSTEM\CurrentControlSet\Control\Session Manager\Power@MaxHuffRatio                                                            88
Reg     HKLM\SYSTEM\CurrentControlSet\Control\Session Manager\Power@KernelResumeIoCpuTime                                                   0
Reg     HKLM\SYSTEM\CurrentControlSet\Control\Session Manager\Power@HiberIoCpuTime                                                          0
Reg     HKLM\SYSTEM\CurrentControlSet\Control\Session Manager\Power@HybridBootAnimationTime                                                 3638
Reg     HKLM\SYSTEM\CurrentControlSet\Control\Session Manager\Power@ResumeCompleteTimestamp                                                 0x7D 0x16 0x47 0x17 ...
Reg     HKLM\SYSTEM\CurrentControlSet\Control\Terminal Server@GlassSessionId                                                                1
Reg     HKLM\SYSTEM\CurrentControlSet\Services\BTHPORT\Parameters\Keys\001500cc64b9                                                         
Reg     HKLM\SYSTEM\CurrentControlSet\Services\BTHPORT\Parameters\Keys\38b1dbb23368                                                         
Reg     HKLM\SYSTEM\CurrentControlSet\Services\iphlpsvc\Parameters\Isatap\{8EE90AC9-3FFD-446F-ACC0-D16550F7466B}@DefunctTimestamp           0xD5 0xA5 0x73 0x59 ...
Reg     HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Epoch@Epoch                                                                     11456
Reg     HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Epoch2@Epoch                                                                    10442
Reg     HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules@Collab-P2PHost-In-TCP                   v2.22|Action=Allow|Active=FALSE|Dir=In|Protocol=6|App=%SystemRoot%\system32\p2phost.exe|Name=@FirewallAPI.dll,-32003|Desc=@FirewallAPI.dll,-32006|EmbedCtxt=@FirewallAPI.dll,-32002|Edge=TRUE|Defer=App|
Reg     HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules@Collab-P2PHost-Out-TCP                  v2.22|Action=Allow|Active=FALSE|Dir=Out|Protocol=6|App=%SystemRoot%\system32\p2phost.exe|Name=@FirewallAPI.dll,-32007|Desc=@FirewallAPI.dll,-32010|EmbedCtxt=@FirewallAPI.dll,-32002|
Reg     HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules@Collab-P2PHost-WSD-In-UDP               v2.22|Action=Allow|Active=FALSE|Dir=In|Protocol=17|LPort=3702|RA4=LocalSubnet|RA6=LocalSubnet|App=%SystemRoot%\system32\p2phost.exe|Name=@FirewallAPI.dll,-32011|Desc=@FirewallAPI.dll,-32014|EmbedCtxt=@FirewallAPI.dll,-32002|
Reg     HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules@Collab-P2PHost-WSD-Out-UDP              v2.22|Action=Allow|Active=FALSE|Dir=Out|Protocol=17|RPort=3702|RA4=LocalSubnet|RA6=LocalSubnet|App=%SystemRoot%\system32\p2phost.exe|Name=@FirewallAPI.dll,-32015|Desc=@FirewallAPI.dll,-32018|EmbedCtxt=@FirewallAPI.dll,-32002|
Reg     HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules@NetPres-In-TCP-NoScope                  v2.22|Action=Allow|Active=FALSE|Dir=In|Protocol=6|Profile=Domain|App=%SystemRoot%\system32\netproj.exe|Name=@FirewallAPI.dll,-31761|Desc=@FirewallAPI.dll,-31764|EmbedCtxt=@FirewallAPI.dll,-31752|
Reg     HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules@NetPres-Out-TCP-NoScope                 v2.22|Action=Allow|Active=FALSE|Dir=Out|Protocol=6|Profile=Domain|App=%SystemRoot%\system32\netproj.exe|Name=@FirewallAPI.dll,-31765|Desc=@FirewallAPI.dll,-31768|EmbedCtxt=@FirewallAPI.dll,-31752|
Reg     HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules@NetPres-WSD-In-UDP                      v2.22|Action=Allow|Active=FALSE|Dir=In|Protocol=17|LPort=3702|RA4=LocalSubnet|RA6=LocalSubnet|App=%SystemRoot%\system32\netproj.exe|Name=@FirewallAPI.dll,-31753|Desc=@FirewallAPI.dll,-31756|EmbedCtxt=@FirewallAPI.dll,-31752|
Reg     HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules@NetPres-WSD-Out-UDP                     v2.22|Action=Allow|Active=FALSE|Dir=Out|Protocol=17|RPort=3702|RA4=LocalSubnet|RA6=LocalSubnet|App=%SystemRoot%\system32\netproj.exe|Name=@FirewallAPI.dll,-31757|Desc=@FirewallAPI.dll,-31760|EmbedCtxt=@FirewallAPI.dll,-31752|
Reg     HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules@NetPres-In-TCP                          v2.22|Action=Allow|Active=FALSE|Dir=In|Protocol=6|Profile=Private|Profile=Public|RA4=LocalSubnet|RA6=LocalSubnet|App=%SystemRoot%\system32\netproj.exe|Name=@FirewallAPI.dll,-31761|Desc=@FirewallAPI.dll,-31764|EmbedCtxt=@FirewallAPI.dll,-31752|
Reg     HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules@NetPres-Out-TCP                         v2.22|Action=Allow|Active=FALSE|Dir=Out|Protocol=6|Profile=Private|Profile=Public|RA4=LocalSubnet|RA6=LocalSubnet|App=%SystemRoot%\system32\netproj.exe|Name=@FirewallAPI.dll,-31765|Desc=@FirewallAPI.dll,-31768|EmbedCtxt=@FirewallAPI.dll,-31752|
Reg     HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules@MCX-In-TCP                              v2.22|Action=Allow|Active=FALSE|Dir=In|Protocol=6|LPort=554|LPort=8554|LPort=8555|LPort=8556|LPort=8557|LPort=8558|RA4=LocalSubnet|RA6=LocalSubnet|App=%SystemRoot%\ehome\ehshell.exe|Name=@FirewallAPI.dll,-30761|Desc=@FirewallAPI.dll,-30764|EmbedCtxt=@FirewallAPI.dll,-30752|
Reg     HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules@MCX-Out-TCP                             v2.22|Action=Allow|Active=FALSE|Dir=Out|Protocol=6|RA4=LocalSubnet|RA6=LocalSubnet|App=%SystemRoot%\ehome\ehshell.exe|Name=@FirewallAPI.dll,-30765|Desc=@FirewallAPI.dll,-30768|EmbedCtxt=@FirewallAPI.dll,-30752|
Reg     HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules@MCX-In-UDP                              v2.22|Action=Allow|Active=FALSE|Dir=In|Protocol=17|LPort=7777|LPort=7778|LPort=7779|LPort=7780|LPort=7781|LPort=5004|LPort=5005|LPort=50004|LPort=50005|LPort=50006|LPort=50007|LPort=50008|LPort=50009|LPort=50010|LPort=50011|LPort=50012|LPort=50013|RA4=LocalSubnet|RA6=LocalSubnet|App=%SystemRoot%\ehome\ehshell.exe|Name=@FirewallAPI.dll,-30801|Desc=@FirewallAPI.dll,-30804|EmbedCtxt=@FirewallAPI.dll,-30752|
Reg     HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules@MCX-Out-UDP                             v2.22|Action=Allow|Active=FALSE|Dir=Out|Protocol=17|RA4=LocalSubnet|RA6=LocalSubnet|App=%SystemRoot%\ehome\ehshell.exe|Name=@FirewallAPI.dll,-30805|Desc=@FirewallAPI.dll,-30808|EmbedCtxt=@FirewallAPI.dll,-30752|
Reg     HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules@MCX-Prov-Out-TCP                        v2.22|Action=Allow|Active=FALSE|Dir=Out|Protocol=6|App=%SystemRoot%\ehome\mcx2prov.exe|Name=@FirewallAPI.dll,-30812|Desc=@FirewallAPI.dll,-30813|EmbedCtxt=@FirewallAPI.dll,-30752|
Reg     HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules@MCX-McrMgr-Out-TCP                      v2.22|Action=Allow|Active=FALSE|Dir=Out|Protocol=6|App=%SystemRoot%\ehome\mcrmgr.exe|Name=@FirewallAPI.dll,-30818|Desc=@FirewallAPI.dll,-30819|EmbedCtxt=@FirewallAPI.dll,-30752|
Reg     HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules@{8431009C-601B-4845-9A69-887EA23FFF1A}  v2.22|Action=Allow|Active=TRUE|Dir=Out|Protocol=6|Profile=Domain|Profile=Private|Profile=Public|App=C:\Program Files\Lenovo PhotoMasterImport\PhotoMasterImport.exe|Name=Lenovo Mobile Phone Wireless Import|Desc=Allow outgoing network traffic for Fire Wall Test|EmbedCtxt=Lenovo Mobile Phone Wireless Import|
Reg     HKLM\SYSTEM\CurrentControlSet\Services\SynTP\Parameters@DetectTimeMS                                                                1431
Reg     HKLM\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{6F0E6A63-B76C-47E6-AA18-D2F707FEAD6C}@LeaseObtainedTime         1500753159
Reg     HKLM\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{6F0E6A63-B76C-47E6-AA18-D2F707FEAD6C}@T1                        1500754959
Reg     HKLM\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{6F0E6A63-B76C-47E6-AA18-D2F707FEAD6C}@T2                        1500756309
Reg     HKLM\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{6F0E6A63-B76C-47E6-AA18-D2F707FEAD6C}@LeaseTerminatesTime       1500756759
Reg     HKLM\SYSTEM\CurrentControlSet\Services\WpdUpFltr\Parameters\Wdf@TimeOfLastSqmLog                                                    0x9F 0xD8 0xE1 0xEC ...
Reg     HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\Shutdown@CleanShutdown                                                      1
Reg     HKCU\Software\Microsoft\Windows\CurrentVersion\Live\Roaming\PolicyData@WindowsBandwidthBucketCounter                                15893
Reg     HKCU\Software\Microsoft\Windows\CurrentVersion\Live\Roaming\PolicyData@LastWindowsBandwidthBucketDrainTime                          0x28 0xE2 0x47 0x8B ...
Reg     HKCU\Software\Microsoft\Windows\CurrentVersion\Live\Roaming\PolicyData@WindowsRequestBucketCounter                                  100
Reg     HKCU\Software\Microsoft\Windows\CurrentVersion\Live\Roaming\PolicyData@LastWindowsRequestBucketDrainTime                            0x72 0x62 0x95 0xC0 ...
Reg     HKCU\Software\Microsoft\Windows\CurrentVersion\Live\Roaming\PolicyData@LastWindowsLargeRequestBucketDrainTime                       0x72 0x62 0x95 0xC0 ...
Reg     HKCU\Software\Microsoft\Windows\CurrentVersion\Live\Roaming\PolicyData@OtherBandwidthBucketCounter                                  0
Reg     HKCU\Software\Microsoft\Windows\CurrentVersion\Live\Roaming\PolicyData@OtherRequestBucketCounter                                    0
Reg     HKCU\Software\Microsoft\Windows\CurrentVersion\Live\Roaming\PolicyData@LastOtherRequestBucketDrainTime                              0x72 0x62 0x95 0xC0 ...
Reg     HKCU\Software\Microsoft\Windows\CurrentVersion\Live\Roaming\PolicyData@GlobalBandwidthBucketCounter                                 24540
Reg     HKCU\Software\Microsoft\Windows\CurrentVersion\Live\Roaming\PolicyData@GlobalRequestBucketCounter                                   100
Reg     HKCU\Software\Microsoft\Windows\CurrentVersion\Live\Roaming\PolicyData@LastGlobalRequestBucketDrainTime                             0x72 0x62 0x95 0xC0 ...
Reg     HKCU\Software\Microsoft\Windows\CurrentVersion\Live\Roaming\PolicyData@RoamingSyncToken                                             LM%3d63636351544627%3bID%3dA324A5216B454876!107%3bLR%3d63636345049810%3bEP%3d16%3bSI%3d0%3bTD%3dTrue%3bSO%3d0%3bPI%3d49
Reg     HKCU\Software\Microsoft\Windows\CurrentVersion\Live\Roaming\PolicyData@LastUploadTime                                               0xBB 0xBF 0xCD 0xC1 ...
Reg     HKCU\Software\Microsoft\Windows\CurrentVersion\Live\Roaming\RegistrarData@LastRenewCollectionsInterest                              0x9D 0x54 0x6D 0x75 ...
Reg     HKCU\Software\Microsoft\Windows\CurrentVersion\UFH\SHC@1                                                                            C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner\CCleaner.lnk?C:\Program Files\CCleaner\CCleaner64.exe??

---- Disk sectors - GMER 2.2 ----

Disk    \Device\Harddisk0\DR0                                                                                                               unknown MBR code

---- EOF - GMER 2.2 ----



Kod: Zaznacz wszystko
Rezultaty skanowania Farbar Recovery Scan Tool (FRST) (x64) Wersja: 18-07-2017
Uruchomiony przez Ewa (administrator)  LENOVO-PC (23-07-2017 09:20:56)
Uruchomiony z C:\Users\Ewa\Desktop
Załadowane profile: Ewa (Dostępne profile: Ewa)
Platform: Windows 8.1 (Update) (X64) Język: Polski (Polska)
Internet Explorer Wersja 11 (Domyślna przeglądarka: Chrome)
Tryb startu: Normal
Instrukcja obsługi Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Procesy (filtrowane) =================

(Załączenie wejścia w fixlist spowoduje zamknięcie procesu. Powiązany plik nie zostanie przeniesiony.)

(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
() C:\Program Files (x86)\Realtek\Realtek Bluetooth\BTDevMgr.exe
(Conexant Systems Inc.) C:\Windows\System32\CxAudMsg64.exe
(Intel(R) Corporation) C:\Program Files\Intel\TXE Components\TCS\HeciServer.exe
(Lenovo(beijing) Limited) C:\Windows\System32\LenovoWiFiHotspotSvr.exe
() C:\Program Files\CyberLink\Shared files\RichVideo64.exe
(Conexant Systems, Inc.) C:\Windows\SysWOW64\SASrv.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\NisSrv.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MpCmdRun.exe
(Realtek Semiconductor Corporation) C:\Program Files (x86)\Realtek\Realtek Bluetooth\BTServer.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
(Intel Corporation) C:\Windows\System32\igfxTray.exe
(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Conexant Systems, Inc.) C:\Program Files\CONEXANT\cAudioFilterAgent\CAudioFilterAgent64.exe
() C:\Program Files\CONEXANT\ForteConfig\fmapp.exe
(Realtek semiconductor) C:\Windows\RTFTrack.exe
(Lenovo(beijing) Limited) C:\Program Files (x86)\Lenovo\Energy Manager\Energy Manager.exe
(Lenovo(beijing) Limited) C:\Program Files (x86)\Lenovo\Energy Manager\utility.exe
(© 2015 Microsoft Corporation) C:\Users\Ewa\AppData\Local\Microsoft\BingSvc\BingSvc.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe

==================== Rejestr (filtrowane) ====================

(Załączenie wejścia w fixlist spowoduje usunięcie obiektu z rejestru lub przywrócenie jego domyślnej postaci. Powiązany plik nie zostanie przeniesiony.)

HKLM\...\Run: [cAudioFilterAgent] => C:\Program Files\Conexant\cAudioFilterAgent\cAudioFilterAgent64.exe [907480 2013-09-04] (Conexant Systems, Inc.)
HKLM\...\Run: [ForteConfig] => C:\Program Files\Conexant\ForteConfig\fmapp.exe [49056 2010-10-26] ()
HKLM\...\Run: [SmartAudio] => C:\Program Files\CONEXANT\SAII\SACpl.exe [1647616 2012-06-13] (Conexant Systems, Inc.)
HKLM\...\Run: [BtServer] => C:\Program Files (x86)\REALTEK\Realtek Bluetooth\BTServer.exe [216064 2014-01-06] (Realtek Semiconductor Corporation)
HKLM\...\Run: [RtsFT] => C:\WINDOWS\RTFTrack.exe [6340312 2014-02-27] (Realtek semiconductor)
HKLM\...\Run: [Energy Manager] => C:\Program Files (x86)\Lenovo\Energy Manager\Energy Manager.exe [16094704 2014-09-13] (Lenovo(beijing) Limited)
HKLM\...\Run: [Lenovo Utility] => C:\Program Files (x86)\Lenovo\Energy Manager\Utility.exe [10841584 2014-09-13] (Lenovo(beijing) Limited)
HKLM-x32\...\Run: [UpdateP2GShortCut] => C:\Program Files (x86)\Lenovo\Power2Go\MUITransfer\MUIStartMenu.exe [214312 2011-12-06] (CyberLink Corp.)
HKU\S-1-5-21-3907388033-1426799351-528811342-1001\...\Run: [BingSvc] => C:\Users\Ewa\AppData\Local\Microsoft\BingSvc\BingSvc.exe [144008 2015-11-12] (© 2015 Microsoft Corporation)
HKU\S-1-5-21-3907388033-1426799351-528811342-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [9818328 2017-06-30] (Piriform Ltd)
HKU\S-1-5-21-3907388033-1426799351-528811342-1001\...\MountPoints2: {0a2a103a-cb4b-11e6-82e7-28d244e866b8} - "F:\NokiaPCIA_Autorun.exe"
HKU\S-1-5-21-3907388033-1426799351-528811342-1001\...\MountPoints2: {b2b7a405-22d4-11e7-82ee-28d244e866b8} - "F:\startme.exe"
HKU\S-1-5-21-3907388033-1426799351-528811342-1001\...\MountPoints2: {e3322f92-2569-11e6-82d1-28d244e866b8} - "F:\iLinker.exe"
HKU\S-1-5-21-3907388033-1426799351-528811342-1001\...\MountPoints2: {ff9e343d-66ee-11e7-82f3-28d244e866b8} - "F:\startme.exe"

==================== Internet (filtrowane) ====================

(Załączenie wejścia w fixlist, w przypadku gdy jest to obiekt rejestru, spowoduje usunięcie go z rejestru lub przywrócenie jego domyślnej postaci.)

Tcpip\Parameters: [DhcpNameServer] 62.179.1.60 62.179.1.61
Tcpip\..\Interfaces\{6F0E6A63-B76C-47E6-AA18-D2F707FEAD6C}: [DhcpNameServer] 62.179.1.60 62.179.1.61
Tcpip\..\Interfaces\{EEF2958C-9440-4150-9168-8288CCE98B0B}: [DhcpNameServer] 150.206.1.2

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-3907388033-1426799351-528811342-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkID=617910&ResetID=130906860413000393&GUID=DADCE503-92DC-47F1-83DB-855F2D2746B3
HKU\S-1-5-21-3907388033-1426799351-528811342-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://lenovo13.msn.com/?pc=LCJB
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =

FireFox:
========
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-05-07] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-05-07] (Google Inc.)

Chrome:
=======
CHR DefaultProfile: Default
CHR HomePage: Default -> msn.com
CHR DefaultSearchURL: Default -> hxxp://www.bing.com/search?FORM=__PARAM__DF&PC=__PARAM__&q={searchTerms}
CHR DefaultSearchKeyword: Default -> bing.com
CHR DefaultSuggestURL: Default -> hxxp://www.bing.com/osjson.aspx?FORM=__PARAM__DF&PC=__PARAM__&query={searchTerms}
CHR Profile: C:\Users\Ewa\AppData\Local\Google\Chrome\User Data\Default [2017-07-22]
CHR Extension: (Prezentacje Google) - C:\Users\Ewa\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-02-04]
CHR Extension: (Dokumenty Google) - C:\Users\Ewa\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-02-04]
CHR Extension: (Dysk Google) - C:\Users\Ewa\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-21]
CHR Extension: (YouTube) - C:\Users\Ewa\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-25]
CHR Extension: (Adblock Plus) - C:\Users\Ewa\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2017-07-12]
CHR Extension: (Google Search) - C:\Users\Ewa\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-27]
CHR Extension: (Bing) - C:\Users\Ewa\AppData\Local\Google\Chrome\User Data\Default\Extensions\fcfenmboojpjinhpgggodefccipikbpd [2016-09-01]
CHR Extension: (Arkusze Google) - C:\Users\Ewa\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-02-04]
CHR Extension: (Dokumenty Google offline) - C:\Users\Ewa\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-03-16]
CHR Extension: (Skype) - C:\Users\Ewa\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2017-07-15]
CHR Extension: (Płatności w sklepie Chrome Web Store) - C:\Users\Ewa\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-03-10]
CHR Extension: (Adblock Pro) - C:\Users\Ewa\AppData\Local\Google\Chrome\User Data\Default\Extensions\ocifcklkibdehekfnmflempfgjhbedch [2016-05-24]
CHR Extension: (Gmail) - C:\Users\Ewa\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-03-29]
CHR Extension: (Chrome Media Router) - C:\Users\Ewa\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-07-14]
CHR HKU\S-1-5-21-3907388033-1426799351-528811342-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [fcfenmboojpjinhpgggodefccipikbpd] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - hxxps://clients2.google.com/service/update2/crx

==================== Usługi (filtrowane) ====================

(Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.)

R2 BTDevManager; C:\Program Files (x86)\REALTEK\Realtek Bluetooth\BTDevMgr.exe [84992 2014-01-22] () [Brak podpisu cyfrowego]
R2 igfxCUIService1.0.0.0; C:\WINDOWS\system32\igfxCUIService.exe [282096 2014-03-12] (Intel Corporation)
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\TXE Components\TCS\HeciServer.exe [733696 2013-07-01] (Intel(R) Corporation) [Brak podpisu cyfrowego]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\TXE Components\TCS\SocketHeciServer.exe [822232 2013-07-01] (Intel(R) Corporation)
R2 LenovoWiFiHotspotSvr; C:\Windows\System32\LenovoWiFiHotspotSvr.exe [198192 2014-09-13] (Lenovo(beijing) Limited)
S2 LUService; C:\Program Files (x86)\Lenovo\Lenovo Updates\LUService.exe [37624 2014-04-21] (Lenovo(beijing) Limited)
R2 RichVideo64; C:\Program Files\CyberLink\Shared files\RichVideo64.exe [390632 2012-04-24] ()
R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [361824 2017-01-12] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [119872 2017-01-12] (Microsoft Corporation)

===================== Sterowniki (filtrowane) ======================

(Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.)

S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus.sys [131712 2016-09-05] (Samsung Electronics Co., Ltd.)
R0 MBI; C:\WINDOWS\System32\drivers\MBI.sys [29464 2013-10-10] (Intel Corporation)
R1 MpKsl4ef03748; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{CB3087B4-878D-49E0-B3AF-ED2E0FCCC1A5}\MpKsl4ef03748.sys [44928 2017-07-23] (Microsoft Corporation)
S3 NETwNe64; C:\WINDOWS\system32\DRIVERS\NETwew02.sys [4649440 2013-06-18] (Intel Corporation)
R3 RtkBtFilter; C:\WINDOWS\system32\DRIVERS\RtkBtfilter.sys [558296 2014-01-14] (Realtek Semiconductor Corporation)
R3 rtsuvc; C:\WINDOWS\system32\DRIVERS\rtsuvc.sys [9109720 2014-02-27] (Realtek Semiconductor Corp.)
R3 RTWlanE; C:\WINDOWS\system32\DRIVERS\rtwlane.sys [3593432 2014-10-07] (Realtek Semiconductor Corporation                           )
R3 SmbDrvI; C:\WINDOWS\system32\DRIVERS\Smb_driver_Intel.sys [34544 2013-12-24] (Synaptics Incorporated)
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [165504 2016-09-05] (Samsung Electronics Co., Ltd.)
R3 TXEIx64; C:\WINDOWS\System32\drivers\TXEIx64.sys [88592 2014-01-15] (Intel Corporation)
S0 WdBoot; C:\WINDOWS\System32\drivers\WdBoot.sys [46600 2017-02-10] (Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\WdFilter.sys [274776 2017-01-12] (Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [117592 2017-01-12] (Microsoft Corporation)
S3 wsvd; C:\WINDOWS\system32\DRIVERS\wsvd.sys [102376 2012-06-13] ("CyberLink)

==================== NetSvcs (filtrowane) ===================

(Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.)


==================== Jeden miesiąc - utworzone pliki i foldery ========

(Załączenie wejścia w fixlist spowoduje przeniesienie pliku/folderu.)

2017-07-23 09:20 - 2017-07-23 09:21 - 00012342 _____ C:\Users\Ewa\Desktop\FRST.txt
2017-07-23 09:20 - 2017-07-23 09:20 - 00000000 ____D C:\FRST
2017-07-23 07:13 - 2017-07-23 07:11 - 02382336 _____ (Farbar) C:\Users\Ewa\Desktop\FRST64.exe
2017-07-23 07:13 - 2017-07-23 07:10 - 00380928 _____ C:\Users\Ewa\Desktop\qcbgym89.exe
2017-07-22 22:14 - 2017-07-22 22:14 - 00002788 _____ C:\WINDOWS\System32\Tasks\CCleanerSkipUAC
2017-07-22 22:14 - 2017-07-22 22:14 - 00000845 _____ C:\Users\Public\Desktop\CCleaner.lnk
2017-07-22 22:14 - 2017-07-22 22:14 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2017-07-22 22:14 - 2017-07-22 22:14 - 00000000 ____D C:\Program Files\CCleaner
2017-07-22 22:11 - 2017-07-22 22:11 - 09747512 _____ (Piriform Ltd) C:\Users\Ewa\Downloads\ccsetup532.exe
2017-07-22 22:10 - 2017-07-22 22:10 - 01502831 _____ (Pef ) C:\Users\Ewa\Desktop\CCleaner-13061-AsystentPobierania_2340681738.exe
2017-07-22 20:49 - 2017-07-22 20:49 - 00002259 _____ C:\WINDOWS\epplauncher.mif
2017-07-15 23:11 - 2017-07-15 23:18 - 00000000 ____D C:\Users\Ewa\Desktop\jack
2017-07-12 16:23 - 2017-05-04 01:11 - 00103600 _____ (Microsoft Corporation) C:\WINDOWS\system32\CompatTelRunner.exe
2017-07-12 16:23 - 2017-05-03 15:43 - 01555968 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
2017-07-12 16:23 - 2017-05-03 15:43 - 01206272 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2017-07-12 16:23 - 2017-05-03 15:43 - 00620544 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll
2017-07-12 16:23 - 2017-05-03 15:43 - 00535552 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll
2017-07-12 16:23 - 2017-05-03 15:43 - 00325632 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll
2017-07-12 16:23 - 2017-05-03 15:43 - 00311296 _____ (Microsoft Corporation) C:\WINDOWS\system32\centel.dll
2017-07-12 16:23 - 2017-05-03 15:43 - 00217088 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepic.dll
2017-07-12 16:23 - 2017-05-03 15:43 - 00127488 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2017-07-12 12:14 - 2017-06-29 08:27 - 25734656 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2017-07-12 12:14 - 2017-06-29 07:44 - 05975552 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2017-07-12 12:14 - 2017-06-29 07:23 - 20270592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2017-07-12 12:14 - 2017-06-29 06:52 - 04549632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2017-07-12 12:13 - 2017-07-06 10:52 - 00119296 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthpan.sys
2017-07-12 12:13 - 2017-06-29 08:02 - 00576512 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2017-07-12 12:13 - 2017-06-29 07:50 - 00817664 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2017-07-12 12:13 - 2017-06-29 07:23 - 00499200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2017-07-12 12:13 - 2017-06-29 07:17 - 01033216 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcomm.dll
2017-07-12 12:13 - 2017-06-29 07:13 - 00663552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2017-07-12 12:13 - 2017-06-29 07:09 - 00806912 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2017-07-12 12:13 - 2017-06-29 06:58 - 15253504 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2017-07-12 12:13 - 2017-06-29 06:53 - 03240960 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2017-07-12 12:13 - 2017-06-29 06:51 - 00880640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcomm.dll
2017-07-12 12:13 - 2017-06-29 06:47 - 00693248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2017-07-12 12:13 - 2017-06-29 06:43 - 13663744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2017-07-12 12:13 - 2017-06-29 06:41 - 01545728 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2017-07-12 12:13 - 2017-06-29 06:29 - 00800768 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2017-07-12 12:13 - 2017-06-29 06:28 - 02767872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2017-07-12 12:13 - 2017-06-29 06:24 - 01314816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2017-07-12 12:13 - 2017-06-29 06:23 - 00710144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2017-07-12 12:13 - 2017-06-27 16:29 - 07796736 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
2017-07-12 12:13 - 2017-06-27 16:29 - 07077376 _____ (Microsoft Corporation) C:\WINDOWS\system32\glcndFilter.dll
2017-07-12 12:13 - 2017-06-27 16:26 - 05274112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\glcndFilter.dll
2017-07-12 12:13 - 2017-06-27 16:26 - 05268992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll
2017-07-12 12:13 - 2017-06-22 16:22 - 04169216 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2017-07-12 12:13 - 2017-06-17 18:45 - 03631616 _____ (Microsoft Corporation) C:\WINDOWS\system32\tquery.dll
2017-07-12 12:13 - 2017-06-17 18:34 - 02749952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tquery.dll
2017-07-12 12:13 - 2017-06-17 18:11 - 02551808 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssrch.dll
2017-07-12 12:13 - 2017-06-17 18:05 - 01920000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssrch.dll
2017-07-12 12:13 - 2017-06-16 00:02 - 00990040 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\http.sys
2017-07-12 12:13 - 2017-06-15 15:45 - 07440728 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2017-07-12 12:13 - 2017-06-15 15:45 - 01674520 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2017-07-12 12:13 - 2017-06-15 15:45 - 01534064 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2017-07-12 12:13 - 2017-06-15 15:45 - 01499920 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2017-07-12 12:13 - 2017-06-15 15:45 - 01370320 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2017-07-12 12:13 - 2017-06-15 15:45 - 00086360 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pdc.sys
2017-07-12 12:13 - 2017-06-12 02:06 - 00376672 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\clfs.sys
2017-07-12 12:13 - 2017-06-12 00:21 - 00590848 _____ (Microsoft Corporation) C:\WINDOWS\system32\wvc.dll
2017-07-12 12:13 - 2017-06-11 23:43 - 00371200 _____ (Microsoft Corporation) C:\WINDOWS\system32\msinfo32.exe
2017-07-12 12:13 - 2017-06-11 23:25 - 00478720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wvc.dll
2017-07-12 12:13 - 2017-06-11 23:15 - 01436672 _____ (Microsoft Corporation) C:\WINDOWS\system32\wdc.dll
2017-07-12 12:13 - 2017-06-11 23:08 - 00358912 _____ (Microsoft Corporation) C:\WINDOWS\system32\Wldap32.dll
2017-07-12 12:13 - 2017-06-11 23:07 - 00416256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sysmon.ocx
2017-07-12 12:13 - 2017-06-11 23:00 - 00962560 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
2017-07-12 12:13 - 2017-06-11 22:58 - 00334336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msinfo32.exe
2017-07-12 12:13 - 2017-06-11 22:40 - 01323008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wdc.dll
2017-07-12 12:13 - 2017-06-11 22:35 - 00325120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Wldap32.dll
2017-07-12 12:13 - 2017-06-11 22:31 - 00781312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll
2017-07-12 12:13 - 2017-06-11 17:15 - 02013528 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2017-07-12 12:13 - 2017-06-06 22:52 - 03120640 _____ (Microsoft Corporation) C:\WINDOWS\system32\ExplorerFrame.dll
2017-07-12 12:13 - 2017-06-06 22:42 - 00925696 _____ (Microsoft Corporation) C:\WINDOWS\system32\autoconv.exe
2017-07-12 12:13 - 2017-06-06 22:38 - 00039424 _____ (Microsoft Corporation) C:\WINDOWS\system32\cnvfat.dll
2017-07-12 12:13 - 2017-06-06 22:36 - 00168448 _____ (Microsoft Corporation) C:\WINDOWS\system32\uudf.dll
2017-07-12 12:13 - 2017-06-06 22:36 - 00020992 _____ (Microsoft Corporation) C:\WINDOWS\system32\convert.exe
2017-07-12 12:13 - 2017-06-06 22:35 - 00517120 _____ (Microsoft Corporation) C:\WINDOWS\system32\uReFS.dll
2017-07-12 12:13 - 2017-06-06 21:13 - 00177664 _____ (Microsoft Corporation) C:\WINDOWS\system32\ulib.dll
2017-07-12 12:13 - 2017-06-06 21:11 - 00557568 _____ (Microsoft Corporation) C:\WINDOWS\system32\untfs.dll
2017-07-12 12:13 - 2017-06-06 21:11 - 00220672 _____ (Microsoft Corporation) C:\WINDOWS\system32\ifsutil.dll
2017-07-12 12:13 - 2017-06-06 21:11 - 00131072 _____ (Microsoft Corporation) C:\WINDOWS\system32\ufat.dll
2017-07-12 12:13 - 2017-06-06 21:11 - 00088064 _____ (Microsoft Corporation) C:\WINDOWS\system32\uexfat.dll
2017-07-12 12:13 - 2017-06-06 21:08 - 02712576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ExplorerFrame.dll
2017-07-12 12:13 - 2017-06-06 21:03 - 00837632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\autoconv.exe
2017-07-12 12:13 - 2017-06-06 20:59 - 00034816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cnvfat.dll
2017-07-12 12:13 - 2017-06-06 20:57 - 00141824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\uudf.dll
2017-07-12 12:13 - 2017-06-06 20:56 - 00375296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\uReFS.dll
2017-07-12 12:13 - 2017-06-06 20:03 - 00143360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ulib.dll
2017-07-12 12:13 - 2017-06-06 20:02 - 00513536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\untfs.dll
2017-07-12 12:13 - 2017-06-06 20:02 - 00197120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ifsutil.dll
2017-07-12 12:13 - 2017-06-06 20:02 - 00106496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ufat.dll
2017-07-12 12:13 - 2017-06-06 20:02 - 00074240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\uexfat.dll
2017-07-12 12:13 - 2017-06-03 18:27 - 02346496 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml3.dll
2017-07-12 12:13 - 2017-06-03 18:03 - 01549312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml3.dll
2017-07-12 12:13 - 2017-05-31 23:20 - 00470360 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\netio.sys
2017-07-12 12:13 - 2017-05-16 00:09 - 00057688 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\stornvme.sys
2017-07-12 12:13 - 2017-05-15 22:03 - 00379744 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storport.sys
2017-07-12 12:13 - 2017-05-09 16:37 - 00658432 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSDApi.dll
2017-07-12 12:13 - 2017-05-09 16:35 - 00555520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WSDApi.dll
2017-07-12 12:13 - 2017-05-09 16:29 - 00025600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsdchngr.dll
2017-07-12 12:13 - 2017-05-09 16:29 - 00014848 _____ (Microsoft Corporation) C:\WINDOWS\system32\snmptrap.exe
2017-07-12 12:13 - 2017-05-09 16:28 - 00193024 _____ (Microsoft Corporation) C:\WINDOWS\system32\DAFWSD.dll
2017-07-12 12:13 - 2017-05-09 16:28 - 00030208 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsdchngr.dll
2017-07-12 12:13 - 2017-05-09 16:12 - 00448576 _____ C:\WINDOWS\system32\ApnDatabase.xml
2017-07-12 12:13 - 2017-05-06 18:45 - 01114624 _____ (Microsoft Corporation) C:\WINDOWS\system32\termsrv.dll
2017-07-12 12:13 - 2017-05-06 18:41 - 00056832 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdsdwmdr.dll
2017-07-12 12:13 - 2017-05-02 22:09 - 00686592 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv2.sys
2017-07-12 12:13 - 2017-05-02 22:08 - 00415744 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv.sys
2017-07-12 12:13 - 2017-05-02 22:08 - 00243200 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srvnet.sys
2017-07-12 12:13 - 2017-05-02 20:41 - 00044032 _____ (Microsoft Corporation) C:\WINDOWS\system32\sscore.dll
2017-07-12 12:13 - 2017-05-02 20:31 - 00329216 _____ (Microsoft Corporation) C:\WINDOWS\system32\srvsvc.dll
2017-07-12 12:13 - 2017-05-02 20:31 - 00207360 _____ (Microsoft Corporation) C:\WINDOWS\system32\smbwmiv2.dll
2017-07-12 12:13 - 2017-05-02 19:35 - 00031744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sscore.dll
2017-07-12 12:13 - 2017-04-30 18:48 - 00080078 _____ C:\WINDOWS\system32\normidna.nls
2017-07-12 12:13 - 2017-04-28 03:13 - 01292288 _____ (Microsoft Corporation) C:\WINDOWS\system32\certutil.exe
2017-07-12 12:13 - 2017-04-28 03:11 - 01060352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\certutil.exe

==================== Jeden miesiąc - zmodyfikowane pliki i foldery ========

(Załączenie wejścia w fixlist spowoduje przeniesienie pliku/folderu.)

2017-07-23 08:36 - 2014-12-17 23:04 - 00003598 _____ C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-3907388033-1426799351-528811342-1001
2017-07-23 08:27 - 2014-12-17 23:12 - 00001076 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2017-07-23 07:18 - 2013-08-22 15:36 - 00000000 ____D C:\WINDOWS\Inf
2017-07-23 07:16 - 2014-12-17 23:05 - 00003980 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{EE60FE06-EC79-4D0E-B02A-BF86C5649E88}
2017-07-23 07:14 - 2014-09-13 20:00 - 00807160 _____ C:\WINDOWS\system32\perfh015.dat
2017-07-23 07:14 - 2014-09-13 20:00 - 00163478 _____ C:\WINDOWS\system32\perfc015.dat
2017-07-23 07:14 - 2014-03-18 11:53 - 01825074 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2017-07-23 07:13 - 2014-12-19 12:38 - 00000000 ___DO C:\Users\Ewa\OneDrive
2017-07-22 22:24 - 2014-04-03 21:15 - 00000000 ____D C:\WINDOWS\Panther
2017-07-22 22:24 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\ModemLogs
2017-07-22 21:33 - 2014-09-13 11:33 - 00000000 ____D C:\ProgramData\LU
2017-07-22 21:32 - 2015-06-21 14:37 - 00001279 _____ C:\Users\Ewa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Wi-FiHotspotChgToast.lnk
2017-07-22 21:22 - 2013-08-22 16:45 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2017-07-22 21:21 - 2014-12-24 22:51 - 00000000 ____D C:\Users\Ewa\AppData\Roaming\Skype
2017-07-22 21:15 - 2014-12-17 23:23 - 00000000 ____D C:\Users\Ewa\AppData\Roaming\GG
2017-07-22 21:13 - 2014-09-13 11:08 - 00000000 ____D C:\Program Files (x86)\Lenovo
2017-07-22 21:13 - 2013-08-22 15:25 - 00262144 ___SH C:\WINDOWS\system32\config\BBI
2017-07-22 21:09 - 2014-09-13 11:22 - 00000000 ____D C:\ProgramData\CyberLink
2017-07-22 21:09 - 2014-09-13 11:08 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lenovo
2017-07-22 21:09 - 2014-09-13 10:28 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2017-07-22 21:05 - 2014-09-13 11:09 - 00000000 ____D C:\Program Files\Lenovo
2017-07-22 21:04 - 2015-01-11 19:06 - 00000000 ____D C:\Users\Ewa\AppData\Roaming\Lenovo
2017-07-22 21:04 - 2014-09-13 11:10 - 00000000 ____D C:\ProgramData\Lenovo
2017-07-22 21:04 - 2014-09-13 11:08 - 00000000 ____D C:\WINDOWS\System32\Tasks\Lenovo
2017-07-22 21:01 - 2014-09-13 11:23 - 00041472 _____ C:\WINDOWS\system32\VfService.trf
2017-07-22 21:00 - 2014-09-13 11:22 - 00000000 ____D C:\Program Files\Lenovo PhoneCompanion
2017-07-22 20:58 - 2014-12-18 15:36 - 00000000 ____D C:\Users\Ewa\AppData\Local\Lenovo
2017-07-22 20:57 - 2014-12-18 17:51 - 00000000 ____D C:\Users\Ewa\AppData\Local\CyberLink
2017-07-22 20:57 - 2014-09-13 11:27 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lenovo Photo Master
2017-07-22 20:42 - 2014-09-13 11:11 - 00000000 ____D C:\ProgramData\McAfee
2017-07-22 20:40 - 2013-08-22 17:36 - 00000000 ___HD C:\WINDOWS\ELAMBKUP
2017-07-21 20:36 - 2013-08-22 17:36 - 00000000 ___HD C:\Program Files\WindowsApps
2017-07-21 20:36 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\AppReadiness
2017-07-18 07:52 - 2014-12-20 08:32 - 00000000 ____D C:\WINDOWS\system32\appraiser
2017-07-13 18:06 - 2014-12-19 23:45 - 00000000 ____D C:\WINDOWS\system32\MRT
2017-07-13 18:04 - 2014-12-19 23:45 - 135225752 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2017-07-13 18:04 - 2013-08-22 17:20 - 00000000 ____D C:\WINDOWS\CbsTemp
2017-07-12 23:13 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\rescache
2017-07-12 12:47 - 2013-08-22 15:25 - 00262144 ___SH C:\WINDOWS\system32\config\ELAM
2017-07-12 12:46 - 2013-08-22 16:44 - 00348080 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2017-07-10 20:48 - 2017-04-09 11:43 - 00000000 ___RD C:\Program Files (x86)\Skype
2017-07-10 20:48 - 2014-12-24 17:06 - 00000000 ____D C:\ProgramData\Skype
2017-06-30 02:27 - 2017-05-11 15:57 - 00835576 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2017-06-30 02:27 - 2017-05-11 15:57 - 00177656 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2017-06-29 14:06 - 2014-12-17 23:13 - 00002232 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2017-06-29 14:05 - 2014-12-17 23:13 - 00002220 _____ C:\Users\Public\Desktop\Google Chrome.lnk

==================== Pliki w katalogu głównym wybranych folderów =======

2014-12-17 22:59 - 2017-07-23 07:13 - 4870630 _____ () C:\Users\Ewa\AppData\Local\BTServer.log
2014-09-13 10:29 - 2014-09-13 10:29 - 0000000 ____H () C:\ProgramData\DP45977C.lfl

Niektóre pliki w TEMP:
====================
2017-07-22 20:40 - 2014-11-21 17:18 - 0098824 _____ (McAfee Inc.) C:\Users\Ewa\AppData\Local\Temp\mccspuninstall.exe
2015-05-06 14:14 - 2015-05-06 14:14 - 0191901 _____ (ClientConnect LTD) C:\Users\Ewa\AppData\Local\Temp\nshA9D9.exe

==================== Bamital & volsnap ======================

(Brak automatycznej naprawy dla plików które nie przeszły weryfikacji.)

C:\WINDOWS\system32\winlogon.exe => Plik podpisany cyfrowo
C:\WINDOWS\system32\wininit.exe => Plik podpisany cyfrowo
C:\WINDOWS\explorer.exe => Plik podpisany cyfrowo
C:\WINDOWS\SysWOW64\explorer.exe => Plik podpisany cyfrowo
C:\WINDOWS\system32\svchost.exe => Plik podpisany cyfrowo
C:\WINDOWS\SysWOW64\svchost.exe => Plik podpisany cyfrowo
C:\WINDOWS\system32\services.exe => Plik podpisany cyfrowo
C:\WINDOWS\system32\User32.dll => Plik podpisany cyfrowo
C:\WINDOWS\SysWOW64\User32.dll => Plik podpisany cyfrowo
C:\WINDOWS\system32\userinit.exe => Plik podpisany cyfrowo
C:\WINDOWS\SysWOW64\userinit.exe => Plik podpisany cyfrowo
C:\WINDOWS\system32\rpcss.dll => Plik podpisany cyfrowo
C:\WINDOWS\system32\dnsapi.dll => Plik podpisany cyfrowo
C:\WINDOWS\SysWOW64\dnsapi.dll => Plik podpisany cyfrowo
C:\WINDOWS\system32\Drivers\volsnap.sys => Plik podpisany cyfrowo

LastRegBack: 2017-07-12 16:37

==================== Koniec  FRST.txt ============================



Kod: Zaznacz wszystko
Rezultaty skanu uzupełniającego Farbar Recovery Scan Tool (x64) Wersja: 18-07-2017
Uruchomiony przez Ewa (23-07-2017 09:22:38)
Uruchomiony z C:\Users\Ewa\Desktop
Windows 8.1 (Update) (X64) (2014-12-17 20:58:05)
Tryb startu: Normal
==========================================================


==================== Konta użytkowników: =============================

Administrator (S-1-5-21-3907388033-1426799351-528811342-500 - Administrator - Disabled)
Ewa (S-1-5-21-3907388033-1426799351-528811342-1001 - Administrator - Enabled) => C:\Users\Ewa
Gość (S-1-5-21-3907388033-1426799351-528811342-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-3907388033-1426799351-528811342-1003 - Limited - Enabled)

==================== Centrum zabezpieczeń ========================

(Załączenie wejścia w fixlist spowoduje jego usunięcie.)

AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Zainstalowane programy ======================

(W fixlist dozwolone tylko załączanie programów adware z flagą "Hidden" w celu ich uwidocznienia. Programy adware powinny zostać w poprawny sposób odinstalowane.)

Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 18.0.0.180 - Adobe Systems Incorporated)
CCleaner (HKLM\...\CCleaner) (Version: 5.32 - Piriform)
Cisco EAP-FAST Module (HKLM-x32\...\{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}) (Version: 2.2.14 - Cisco Systems, Inc.)
Cisco LEAP Module (HKLM-x32\...\{AF312B06-5C5C-468E-89B3-BE6DE2645722}) (Version: 1.0.19 - Cisco Systems, Inc.)
Cisco PEAP Module (HKLM-x32\...\{0A4EF0E6-A912-4CDE-A7F3-6E56E7C13A2F}) (Version: 1.1.6 - Cisco Systems, Inc.)
Conexant HD Audio (HKLM\...\CNXT_AUDIO_HDA) (Version: 8.65.28.50 - Conexant)
CyberLink PowerDirector 10 (HKLM\...\{B0B4F6D2-F2AE-451A-9496-6F2F6A897B32}) (Version: 10.0.0.2810 - Nazwa firmy) Hidden
CyberLink PowerDirector 10 (HKLM-x32\...\InstallShield_{B0B4F6D2-F2AE-451A-9496-6F2F6A897B32}) (Version: 10.0.0.2810 - CyberLink Corp.)
Dolby Digital Plus Advanced Audio (HKLM\...\{B0BFC63F-EA07-419E-960B-3FB2ED5DD0B2}) (Version: 7.5.1.1 - Dolby Laboratories Inc)
Energy Manager (HKLM-x32\...\{AC768037-7079-4658-AC24-2897650E0ABE}) (Version: 1.5.0.21 - Lenovo) Hidden
Energy Manager (HKLM-x32\...\InstallShield_{AC768037-7079-4658-AC24-2897650E0ABE}) (Version: 1.5.0.21 - Lenovo)
GG (HKU\S-1-5-21-3907388033-1426799351-528811342-1001\...\GG) (Version: 12 - GG Network S.A.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 59.0.3071.115 - Google Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.5 - Google Inc.) Hidden
Google Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.25.11 - Google Inc.) Hidden
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3496 - Intel Corporation)
Intel(R) Sideband Fabric Device Driver (HKLM-x32\...\C5A8BC6E-723A-4C0F-96E1-C426D1A4BCA9) (Version: 1.0.0.1002 - Intel Corporation)
Intel(R) Trusted Execution Engine (HKLM\...\{176E2755-0A17-42C6-88E2-192AB2131278}) (Version: 1.0.0.1064 - Intel Corporation)
Lenovo EasyCamera (HKLM-x32\...\{E0A7ED39-8CD6-4351-93C3-69CCA00D12B4}) (Version: 6.2.9200.10264 - Realtek Semiconductor Corp.)
Lenovo OneKey Recovery (HKLM\...\{46F4D124-20E5-4D12-BE52-EC177A7A4B42}) (Version: 8.1.0.2326 - CyberLink Corp.) Hidden
Lenovo OneKey Recovery (HKLM-x32\...\InstallShield_{46F4D124-20E5-4D12-BE52-EC177A7A4B42}) (Version: 8.1.0.2326 - CyberLink Corp.)
Lenovo Updates (HKLM-x32\...\{A2E1E9F0-0B68-4166-8C7F-85B563B84DF4}) (Version: 1.3.0.6 - Lenovo) Hidden
Lenovo Updates (HKLM-x32\...\InstallShield_{A2E1E9F0-0B68-4166-8C7F-85B563B84DF4}) (Version: 1.3.0.6 - Lenovo)
Metric Collection SDK 35 (HKLM-x32\...\{C2B5B5B0-2545-4E94-B4BA-548D4BF0B196}) (Version: 1.2.0001.00 - Lenovo Group Limited) Hidden
Microsoft Office (HKLM-x32\...\{90150000-0138-0409-0000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.51106 (HKLM-x32\...\{6e8f74e0-43bd-4dce-8477-6ff6828acc07}) (Version: 11.0.51106.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM-x32\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation)
OpenFM (HKU\S-1-5-21-3907388033-1426799351-528811342-1001\...\OpenFM) (Version: 2 - GG Network S.A.)
Pakiet sterowników systemu Windows - Lenovo (ACPIVPC) System  (09/24/2013 19.29.2.34) (HKLM\...\EE9B1F2037C580F36D92FA431CC02BFF04C31F15) (Version: 09/24/2013 19.29.2.34 - Lenovo)
Pakiet sterowników systemu Windows - Lenovo (WUDFRd) LenovoVhid  (07/25/2013 10.30.0.288) (HKLM\...\6BCA401E9CBEED970D75F55FA5320F60D11984E9) (Version: 07/25/2013 10.30.0.288 - Lenovo)
Power2Go (HKLM-x32\...\{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 5.6.0.10525 - CyberLink Corp.)
REALTEK Bluetooth Driver (HKLM-x32\...\{9D3D8C60-A5EF-4123-B2B9-172095903AB}) (Version: 3.805.806.012214 - REALTEK Semiconductor Corp.)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 6.2.9600.39053 - Realtek Semiconductor Corp.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.20.815.2013 - Realtek)
REALTEK Wireless LAN Driver (HKLM-x32\...\{9DAABC60-A5EF-41FF-B2B9-17329590CD5}) (Version: 1.20.243 - REALTEK Semiconductor Corp.)
Skype Click to Call (HKLM-x32\...\{873F8E7C-10E6-449F-BD7E-5FBA7C8E1C9B}) (Version: 8.5.0.9167 - Microsoft Corporation)
Skype™ 7.38 (HKLM-x32\...\{3B7E914A-93D5-4A29-92BB-AF8C3F66C431}) (Version: 7.38.101 - Skype Technologies S.A.)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 17.0.14.74 - Synaptics Incorporated)

==================== Niestandardowe rejestracje CLSID (filtrowane): ==========================

(Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.)

CustomCLSID: HKU\S-1-5-21-3907388033-1426799351-528811342-1001_Classes\CLSID\{820D63D5-8CFF-46DE-86AF-4997DEDD6DB5}\localserver32 -> C:\WINDOWS\system32\igfxEM.exe (Intel Corporation)
CustomCLSID: HKU\S-1-5-21-3907388033-1426799351-528811342-1001_Classes\CLSID\{E68D0A55-3C40-4712-B90D-DCFA93FF2534}\InprocServer32 -> C:\Users\Ewa\AppData\Roaming\GG\ggdrive\ggdrive-menu.dll (GG Network S.A.)
ContextMenuHandlers01: [BtSendToMenuEx] -> {CF24E6B8-F148-4BCB-9108-ADF313966E80} => C:\Program Files (x86)\REALTEK\Realtek Bluetooth\DevMenuExt.dll [2014-01-06] (Realtek Semiconductor Corporation)
ContextMenuHandlers01: [SHAREit.FileContextMenuExt] -> {430BD134-576D-4E75-87CD-0F5C6221A82B} =>  -> Brak pliku
ContextMenuHandlers04: [SHAREit.FileContextMenuExt] -> {430BD134-576D-4E75-87CD-0F5C6221A82B} =>  -> Brak pliku
ContextMenuHandlers05: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} =>  -> Brak pliku
ContextMenuHandlers05: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\system32\igfxDTCM.dll [2014-03-07] (Intel Corporation)
ContextMenuHandlers05: [igfxOSP] -> {FA507C3F-30C6-4DCA-9EE5-2656072EEC14} => C:\WINDOWS\system32\igfxOSP.dll [2014-03-07] (Intel Corporation)
ContextMenuHandlers1_S-1-5-21-3907388033-1426799351-528811342-1001: [GGDriveMenu] -> {E68D0A55-3C40-4712-B90D-DCFA93FF2534} => C:\Users\Ewa\AppData\Roaming\GG\ggdrive\ggdrive-menu.dll [2014-03-20] (GG Network S.A.)
ContextMenuHandlers4_S-1-5-21-3907388033-1426799351-528811342-1001: [GGDriveMenu] -> {E68D0A55-3C40-4712-B90D-DCFA93FF2534} => C:\Users\Ewa\AppData\Roaming\GG\ggdrive\ggdrive-menu.dll [2014-03-20] (GG Network S.A.)
ContextMenuHandlers5_S-1-5-21-3907388033-1426799351-528811342-1001: [GGDriveMenu] -> {E68D0A55-3C40-4712-B90D-DCFA93FF2534} => C:\Users\Ewa\AppData\Roaming\GG\ggdrive\ggdrive-menu.dll [2014-03-20] (GG Network S.A.)

==================== Zaplanowane zadania (filtrowane) =============

(Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.)

Task: {07C6EDC7-2923-4D6D-A89E-D4499BB008A7} - System32\Tasks\Pokki => C:\Users\Ewa\AppData\Local\Pokki\Engine\ServiceHostAppUpdater.exe
Task: {0977A343-77E4-48B1-AE3C-BDA731CA3A4D} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2017-07-13] (Microsoft Corporation)
Task: {2EFC1370-4C50-4FCD-A5FF-9E05F11727EB} - System32\Tasks\{0228AFBA-AE93-4635-A0BB-9FADC912313F} => "c:\program files (x86)\google\chrome\application\chrome.exe" hxxp://ui.skype.com/ui/0/7.7.64.102/pl/eula
Task: {3AA1A267-AF2E-4363-8844-E9AFB2B6AA3F} - System32\Tasks\Lenovo\Lenovo Customer Feedback Program 64 35 => C:\Program Files (x86)\Lenovo\Customer Feedback Program 35\Lenovo.TVT.CustomerFeedback.Agent35.exe [2015-12-10] (Lenovo)
Task: {43BED79C-F597-4B5A-91DB-0481606B7397} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-28] (Google Inc.)
Task: {447CEA9D-2CC4-4CDC-9982-CF9F25160A25} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-28] (Google Inc.)
Task: {7F4E2735-7A64-4054-BB7F-5777BD198953} - System32\Tasks\GoogleUpdateTaskMachineUA1d092fffecfc819 => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-28] (Google Inc.)
Task: {8F02CA4A-EF8B-4B66-A43F-F2E54B99A045} - System32\Tasks\GenericSettingsHandler\Windows-Credentials\RetrySyncTask_for_S-1-5-21-3907388033-1426799351-528811342-1001
Task: {98DD6B21-79CA-48FC-8079-F471B2791108} - System32\Tasks\OFFICE2013ACT => C:\ProgramData\Office2013\OFFICEICON.vbs [2013-06-03] ()
Task: {B0C740F2-8119-4545-A6F4-ACDA20F60850} - System32\Tasks\PDVDServ Task => C:\Program Files (x86)\Lenovo\PowerDVD10\PDVD10Serv.EXE
Task: {B2174719-DE9A-45B3-A5B3-B7BFC7DE6F82} - System32\Tasks\Lenovo\Lenovo Customer Feedback Program => C:\Program Files\Lenovo\Customer Feedback Program\Lenovo.TVT.CustomerFeedback.Agent.exe
Task: {CD597AA7-137F-45D8-8602-562520277CD8} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2017-06-30] (Piriform Ltd)
Task: {D1A46F52-2188-481B-BB4C-C39D50800EA9} - System32\Tasks\Microsoft\Windows\PLA\LSC Memory => C:\WINDOWS\system32\rundll32.exe C:\WINDOWS\system32\pla.dll,PlaHost "LSC Memory" "$(Arg0)"
Task: {D6B338FB-BAE0-4BC4-BA0F-D316765D7321} - System32\Tasks\Synaptics TouchPad Enhancements => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2013-12-24] (Synaptics Incorporated)

(Załączenie wejścia w fixlist spowoduje przesunięcie pliku zadania (.job). Plik uruchamiany docelowo przez zadanie nie zostanie przeniesiony.)

Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Skróty & WMI ========================

(Wybrane wejścia mogą zostać załączone w celu ich zresetowania lub usunięcia.)


==================== Załadowane moduły (filtrowane) ==============

2014-09-13 10:33 - 2014-01-22 14:04 - 00084992 _____ () C:\Program Files (x86)\REALTEK\Realtek Bluetooth\BTDevMgr.exe
2014-09-13 11:16 - 2012-04-24 12:43 - 00390632 _____ () C:\Program Files\CyberLink\Shared files\RichVideo64.exe
2014-09-13 10:30 - 2010-10-26 06:40 - 00049056 _____ () C:\Program Files\CONEXANT\ForteConfig\fmapp.exe
2014-03-26 12:50 - 2014-09-13 11:28 - 00058864 _____ () C:\Program Files (x86)\Lenovo\Energy Manager\kbdhook.dll
2017-06-30 13:22 - 2017-06-30 13:22 - 00073728 _____ () C:\Program Files\CCleaner\lang\lang-1045.dll

==================== Alternate Data Streams (filtrowane) =========

(Załączenie wejścia w fixlist spowoduje usunięcie strumienia ADS.)


==================== Tryb awaryjny (filtrowane) ===================

(Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Wartość "AlternateShell" zostanie przywrócona.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\VDWFP => ""="Driver"

==================== Powiązania plików (filtrowane) ===============

(Załączenie wejścia w fixlist spowoduje usunięcie obiektu z rejestru lub przywrócenie jego domyślnej postaci.)


==================== Internet Explorer - Witryny zaufane i z ograniczeniami ===============

(Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru.)


==================== Hosts - zawartość: ===============================

(Użycie dyrektywy Hosts: w fixlist spowoduje reset pliku Hosts.)

2013-08-22 15:25 - 2013-08-22 15:25 - 00000824 _____ C:\WINDOWS\system32\Drivers\etc\hosts


==================== Inne obszary ============================

(Obecnie brak automatycznej naprawy dla tej sekcji.)

HKU\S-1-5-21-3907388033-1426799351-528811342-1001\Control Panel\Desktop\\Wallpaper -> C:\WINDOWS\Web\Wallpaper\Lenovo\LenovoWallPaper.jpg
DNS Servers: 62.179.1.60 - 62.179.1.61
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
Zapora systemu Windows [funkcja włączona]

==================== MSCONFIG/TASK MANAGER - Wyłączone elementy ==


==================== Reguły Zapory systemu Windows (filtrowane) ===============

(Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.)

FirewallRules: [{AEFC632E-0C64-4557-A0A4-83E3522697B4}] => (Allow) C:\Program Files\CyberLink\PowerDirector10\PDR10.EXE
FirewallRules: [{515AD4B3-B0D6-4BD0-8F31-5A960A64E5DA}] => (Allow) LPort=55100
FirewallRules: [{7E7B7962-1B50-4266-948B-8B144D3BF160}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [TCP Query User{CAE53079-12A8-4374-8C25-E20FC668D840}C:\program files (x86)\skype\phone\skype.exe] => (Block) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [UDP Query User{5F96A88A-9D62-4D1D-ABAA-5279A8B4A911}C:\program files (x86)\skype\phone\skype.exe] => (Block) C:\program files (x86)\skype\phone\skype.exe

==================== Punkty Przywracania systemu =========================

24-06-2017 20:41:01 Zaplanowany punkt kontrolny
12-07-2017 12:30:20 Windows Update
22-07-2017 20:53:59 Usunięte Lenovo Mobile Phone Wireless Import

==================== Wadliwe urządzenia w Menedżerze urządzeń =============


==================== Błędy w Dzienniku zdarzeń: =========================

Dziennik Aplikacja:
==================
Error: (07/22/2017 08:49:44 PM) (Source: Microsoft Security Client Setup) (EventID: 100) (User: LENOVO-PC)
Description: HRESULT:0x8004FF6F
Description:You don’t need to install Microsoft Security Essentials. Your version of Windows includes an updated version of Windows Defender that provides the same level of protection as Microsoft Security Essentials, along with other significant improvements.  <a>For more information on the differences and improvements, see online Help</a>. Error code:0x8004FF6F.

Error: (07/22/2017 11:46:39 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nazwa aplikacji powodującej błąd: MCUPDA~1.EXE, wersja: 4.0.4017.0, sygnatura czasowa: 0x58ac5dc3
Nazwa modułu powodującego błąd: McRtMui.dll_unloaded, wersja: 4.6.111.0, sygnatura czasowa: 0x52a4bd73
Kod wyjątku: 0xc0000005
Przesunięcie błędu: 0x00000000000037f7
Identyfikator procesu powodującego błąd: 0x780
Godzina uruchomienia aplikacji powodującej błąd: 0x01d302cf66435497
Ścieżka aplikacji powodującej błąd: c:\PROGRA~1\COMMON~1\mcafee\updmgr\404017~1.4\MCUPDA~1.EXE
Ścieżka modułu powodującego błąd: McRtMui.dll
Identyfikator raportu: a88ea0b1-6ec2-11e7-82f4-28d244e866b8
Pełna nazwa pakietu powodującego błąd:
Identyfikator aplikacji względem pakietu powodującego błąd:

Error: (07/22/2017 07:57:35 AM) (Source: Customer Experience Improvement Program) (EventID: 1008) (User: )
Description: Z powodu wystąpienia problemu dane Programu poprawy jakości obsługi klienta nie zostały wysłane do firmy Microsoft. (Błąd 80070005).

Error: (07/21/2017 03:54:04 PM) (Source: Customer Experience Improvement Program) (EventID: 1008) (User: )
Description: Z powodu wystąpienia problemu dane Programu poprawy jakości obsługi klienta nie zostały wysłane do firmy Microsoft. (Błąd 80070005).

Error: (07/18/2017 09:10:21 PM) (Source: Customer Experience Improvement Program) (EventID: 1008) (User: )
Description: Z powodu wystąpienia problemu dane Programu poprawy jakości obsługi klienta nie zostały wysłane do firmy Microsoft. (Błąd 80070005).

Error: (07/18/2017 09:53:08 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Program backgroundTaskHost.exe w wersji 6.3.9600.17415 przestał współpracować z systemem Windows i został zamknięty. Aby sprawdzić, czy jest dostępnych więcej informacji na temat tego problemu, sprawdź historię problemu w aplecie Centrum akcji w Panelu sterowania.

Identyfikator procesu: 1724

Godzina rozpoczęcia: 01d2ff9a2772a021

Godzina zakończenia: 4294967295

Ścieżka aplikacji: C:\WINDOWS\syswow64\backgroundTaskHost.exe

Identyfikator raportu: 1b7603b4-6b8e-11e7-82f4-28d244e866b8

Pełna nazwa pakietu powodującego błąd: E046963F.LenovoSupport_2.0.5.0_x86__k1h2ywk1493x8

Identyfikator aplikacji względem pakietu powodującego błąd: App

Error: (07/17/2017 06:09:19 PM) (Source: Customer Experience Improvement Program) (EventID: 1008) (User: )
Description: Z powodu wystąpienia problemu dane Programu poprawy jakości obsługi klienta nie zostały wysłane do firmy Microsoft. (Błąd 80070005).

Error: (07/15/2017 09:09:29 AM) (Source: Customer Experience Improvement Program) (EventID: 1008) (User: )
Description: Z powodu wystąpienia problemu dane Programu poprawy jakości obsługi klienta nie zostały wysłane do firmy Microsoft. (Błąd 80070005).

Error: (07/14/2017 09:39:26 PM) (Source: Desktop Window Manager) (EventID: 9020) (User: )
Description: Menedżer okien pulpitu napotkał błąd krytyczny (0x8898008d).

Error: (07/14/2017 10:44:35 AM) (Source: Customer Experience Improvement Program) (EventID: 1008) (User: )
Description: Z powodu wystąpienia problemu dane Programu poprawy jakości obsługi klienta nie zostały wysłane do firmy Microsoft. (Błąd 80070005).


Dziennik System:
=============
Error: (07/22/2017 09:22:37 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Nie można uruchomić usługi VDWFP z powodu następującego błędu:
Nie można odnaleźć określonego pliku.

Error: (07/22/2017 09:22:30 PM) (Source: ACPI) (EventID: 13) (User: )
Description: : Kontroler osadzony nie odpowiedział przed upływem limitu czasu. Może to wskazywać, że wystąpił błąd w sprzęcie lub oprogramowaniu układowym kontrolera osadzonego albo że system BIOS uzyskuje dostęp do kontrolera osadzonego w niepoprawny sposób. Należy skontaktować się z producentem komputera w sprawie uaktualnionego systemu BIOS. W niektórych sytuacjach ten błąd może spowodować niepoprawne funkcjonowanie komputera.

Error: (07/22/2017 09:14:05 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Nie można uruchomić usługi VDWFP z powodu następującego błędu:
Nie można odnaleźć określonego pliku.

Error: (07/22/2017 08:42:20 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Nie można uruchomić usługi VDWFP z powodu następującego błędu:
Nie można odnaleźć określonego pliku.

Error: (07/22/2017 08:39:32 PM) (Source: DCOM) (EventID: 10010) (User: LENOVO-PC)
Description: Serwer {209500FC-6B45-4693-8871-6296C4843751} nie zarejestrował się w modelu DCOM w wymaganym czasie.

Error: (07/22/2017 08:39:02 PM) (Source: DCOM) (EventID: 10010) (User: LENOVO-PC)
Description: Serwer {209500FC-6B45-4693-8871-6296C4843751} nie zarejestrował się w modelu DCOM w wymaganym czasie.

Error: (07/18/2017 09:49:05 AM) (Source: DCOM) (EventID: 10010) (User: ZARZĄDZANIE NT)
Description: Serwer {209500FC-6B45-4693-8871-6296C4843751} nie zarejestrował się w modelu DCOM w wymaganym czasie.

Error: (07/18/2017 07:57:22 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Nie można uruchomić usługi VDWFP z powodu następującego błędu:
Nie można odnaleźć określonego pliku.

Error: (07/18/2017 07:56:22 AM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: Upłynął limit czasu (30000 ms) podczas oczekiwania na odpowiedź transakcji z usługi FontCache3.0.0.0.

Error: (07/16/2017 08:58:11 PM) (Source: DCOM) (EventID: 10010) (User: LENOVO-PC)
Description: Serwer {3EEF301F-B596-4C0B-BD92-013BEAFCE793} nie zarejestrował się w modelu DCOM w wymaganym czasie.


==================== Statystyki pamięci ===========================

Procesor: Intel(R) Celeron(R) CPU N2840 @ 2.16GHz
Procent pamięci w użyciu: 56%
Całkowita pamięć fizyczna: 3979.21 MB
Dostępna pamięć fizyczna: 1737.32 MB
Całkowita pamięć wirtualna: 4747.21 MB
Dostępna pamięć wirtualna: 2732.35 MB

==================== Dyski ================================

Drive c: (Windows8_OS) (Fixed) (Total:424.2 GB) (Free:382.17 GB) NTFS ==>[system z komponentami startowymi (pozyskano odczytując dysk)]
Drive d: (LENOVO) (Fixed) (Total:25 GB) (Free:24.93 GB) NTFS

==================== MBR & Tablica partycji ==================

========================================================
Disk: 0 (Size: 465.8 GB) (Disk ID: D5C6B1D1)

Partition: GPT.

==================== Koniec  Addition.txt ============================


Kod: Zaznacz wszystko
Rezultat skanowania skrótów użytkowników (x64) Wersja: 18-07-2017
Uruchomiony przez Ewa (23-07-2017 09:23:24)
Uruchomiony z C:\Users\Ewa\Desktop
Tryb startu: Normal

==================== Skróty =============================

(Wybrane wejścia mogą zostać załączone w celu ich zresetowania lub usunięcia.)


Shortcut: C:\ProgramData\Pokki\PC App Store.lnk -> C:\Users\Ewa\AppData\Local\Pokki\Engine\HostAppService.exe (Brak pliku)
Shortcut: C:\ProgramData\Pokki\Start Menu.lnk -> C:\Users\Ewa\AppData\Local\Pokki\Engine\HostAppService.exe (Brak pliku)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Camera.lnk -> C:\Windows\Camera\Camera.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Desktop.lnk -> C:\Windows\System32\imageres.dll (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FileManager.lnk -> C:\Windows\FileManager\FileManager.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Immersive Control Panel.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PhotosApp.lnk -> C:\Windows\FileManager\PhotosApp.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Store.lnk -> C:\Windows\WinStore\WinStore.htm ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\System Tools\Windows Easy Transfer.lnk -> C:\Windows\System32\migwiz\migwiz.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\System Tools\Windows PowerShell.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype\Skype.lnk -> C:\Program Files (x86)\Skype\Phone\Skype.exe (Skype Technologies S.A.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lenovo\Power2Go\Plik Readme.lnk -> C:\Program Files (x86)\Lenovo\Power2Go\Language\Plk\Readme.htm ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lenovo\Power2Go\Pomoc online dla Power2Go.lnk -> C:\Program Files (x86)\Lenovo\Power2Go\Language\Plk\Power2Go.chm ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lenovo\Power2Go\Power2Go Express.lnk -> C:\Program Files (x86)\Lenovo\Power2Go\Power2GoExpress.exe (Cyberlink)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lenovo\Power2Go\Power2Go.lnk -> C:\Program Files (x86)\Lenovo\Power2Go\Power2Go.exe (Cyberlink)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lenovo\OneKey Recovery\OneKey Recovery.lnk -> C:\Program Files\Lenovo\OneKey App\OneKey Recovery\OneKey Recovery.exe (CyberLink)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lenovo\Lenovo Updates\Lenovo Updates.lnk -> C:\Program Files (x86)\Lenovo\Lenovo Updates\LU.exe (Lenovo(beijing) Limited)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dolby\Dolby Digital Plus.lnk -> C:\Program Files\Dolby Digital Plus\ddpe.exe (Dolby Laboratories Inc.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CyberLink PowerDirector 10\PowerDirector 10.lnk -> C:\Program Files\CyberLink\PowerDirector10\PDR10.exe (CyberLink Corp.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner\CCleaner.lnk -> C:\Program Files\CCleaner\CCleaner64.exe (Piriform Ltd)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Component Services.lnk -> C:\Windows\System32\comexp.msc ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\dfrgui.lnk -> C:\Windows\System32\dfrgui.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Disk Cleanup.lnk -> C:\Windows\System32\cleanmgr.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\iSCSI Initiator.lnk -> C:\Windows\System32\iscsicpl.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Memory Diagnostics Tool.lnk -> C:\Windows\System32\MdSched.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\ODBC Data Sources (32-bit).lnk -> C:\Windows\SysWOW64\odbcad32.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\ODBC Data Sources (64-bit).lnk -> C:\Windows\System32\odbcad32.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\services.lnk -> C:\Windows\System32\services.msc ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\System Configuration.lnk -> C:\Windows\System32\msconfig.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\System Information.lnk -> C:\Windows\System32\msinfo32.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Windows Firewall with Advanced Security.lnk -> C:\Windows\System32\WF.msc ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Windows PowerShell (x86).lnk -> C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Windows PowerShell ISE (x86).lnk -> C:\Windows\SysWOW64\WindowsPowerShell\v1.0\PowerShell_ISE.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Windows PowerShell ISE.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\PowerShell_ISE.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Calculator.lnk -> C:\Windows\System32\calc.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Math Input Panel.lnk -> C:\Program Files\Common Files\Microsoft Shared\ink\mip.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Paint.lnk -> C:\Windows\System32\mspaint.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Remote Desktop Connection.lnk -> C:\Windows\System32\mstsc.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Snipping Tool.lnk -> C:\Windows\System32\SnippingTool.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Sound Recorder.lnk -> C:\Windows\System32\SoundRecorder.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Steps Recorder.lnk -> C:\Windows\System32\psr.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Sticky Notes.lnk -> C:\Windows\System32\StikyNot.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Windows Fax and Scan.lnk -> C:\Windows\System32\WFS.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Wordpad.lnk -> C:\Program Files\Windows NT\Accessories\wordpad.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\XPS Viewer.lnk -> C:\Windows\System32\xpsrchvw.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Character Map.lnk -> C:\Windows\System32\charmap.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Documents.lnk -> C:\Users\Ewa\Documents ()
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Pictures.lnk -> C:\Users\Ewa\Pictures ()
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Command Prompt.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\computer.lnk -> C:\Windows\explorer.exe,-30
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Control Panel.lnk -> C:\Windows\System32\imageres.dll (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\File Explorer.lnk -> C:\Windows\explorer.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Help.lnk -> C:\Windows\HelpPane.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Run.lnk -> C:\Windows\System32\shell32.dll (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Windows.Defender.lnk -> C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Notepad.lnk -> C:\Windows\System32\notepad.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility\Magnify.lnk -> C:\Windows\System32\Magnify.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility\Narrator.lnk -> C:\Windows\System32\Narrator.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility\On-Screen Keyboard.lnk -> C:\Windows\System32\osk.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -> C:\Windows\System32\imageres.dll (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -> C:\Windows\explorer.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\01 - Command Prompt.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\01a - Windows PowerShell.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\02 - Command Prompt.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\02a - Windows PowerShell.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\03 - Computer Management.lnk -> C:\Windows\System32\compmgmt.msc ()
Shortcut: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\04 - Disk Management.lnk -> C:\Windows\System32\diskmgmt.msc ()
Shortcut: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\07 - Event Viewer.lnk -> C:\Windows\System32\eventvwr.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\09 - Mobility Center.lnk -> C:\Windows\System32\mblctr.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group2\4 - Control Panel.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation)
Shortcut: C:\Users\Ewa\Links\Desktop.lnk -> C:\Users\Ewa\Desktop ()
Shortcut: C:\Users\Ewa\Links\Downloads.lnk -> C:\Users\Ewa\Downloads ()
Shortcut: C:\Users\Ewa\Links\GG dysk.lnk -> C:\Users\Ewa\GG dysk ()
Shortcut: C:\Users\Ewa\Links\RecentPlaces.lnk -> [::{22877A6D-37A1-461A-91B0-DBDA5AAEBC99}]
Shortcut: C:\Users\Ewa\Favorites\GG dysk.lnk -> C:\Users\Ewa\GG dysk ()
Shortcut: C:\Users\Ewa\Desktop\GG dysk.lnk -> C:\Users\Ewa\GG dysk ()
Shortcut: C:\Users\Ewa\Desktop\GG.lnk -> C:\Users\Ewa\AppData\Local\GG\Application\gghub.exe (GG Network S.A.)
Shortcut: C:\Users\Ewa\Desktop\OpenFM.lnk -> C:\Users\Ewa\AppData\Local\OpenFM\Application\openfm.exe ()
Shortcut: C:\Users\Ewa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BTServer Toasts App.lnk -> C:\Program Files (x86)\Realtek\Realtek Bluetooth\BTServer.exe (Realtek Semiconductor Corporation)
Shortcut: C:\Users\Ewa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Documents.lnk -> C:\Users\Ewa\Documents ()
Shortcut: C:\Users\Ewa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\GG.lnk -> C:\Users\Ewa\AppData\Local\GG\Application\gghub.exe (GG Network S.A.)
Shortcut: C:\Users\Ewa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
Shortcut: C:\Users\Ewa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Lenovo Web Start.lnk -> C:\Users\Ewa\AppData\Local\Pokki\Engine\ServiceHostApp.exe (Brak pliku)
Shortcut: C:\Users\Ewa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OpenFM.lnk -> C:\Users\Ewa\AppData\Local\OpenFM\Application\openfm.exe ()
Shortcut: C:\Users\Ewa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Pictures.lnk -> C:\Users\Ewa\Pictures ()
Shortcut: C:\Users\Ewa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Start Menu.lnk -> C:\Users\Ewa\AppData\Local\Pokki\Engine\ServiceHostApp.exe (Brak pliku)
Shortcut: C:\Users\Ewa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Wi-FiHotspotChgToast.lnk -> C:\Program Files (x86)\Lenovo\Lenovo Updates\PopToastProcess.exe (Lenovo(beijing) Limited)
Shortcut: C:\Users\Ewa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Command Prompt.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation)
Shortcut: C:\Users\Ewa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\computer.lnk -> C:\Windows\explorer.exe,-30
Shortcut: C:\Users\Ewa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Control Panel.lnk -> C:\Windows\System32\imageres.dll (Microsoft Corporation)
Shortcut: C:\Users\Ewa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\File Explorer.lnk -> C:\Windows\explorer.exe (Microsoft Corporation)
Shortcut: C:\Users\Ewa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Help.lnk -> C:\Windows\HelpPane.exe (Microsoft Corporation)
Shortcut: C:\Users\Ewa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Run.lnk -> C:\Windows\System32\shell32.dll (Microsoft Corporation)
Shortcut: C:\Users\Ewa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Windows.Defender.lnk -> C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
Shortcut: C:\Users\Ewa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Lenovo\Energy Manager\Energy Manager.Lnk -> C:\Program Files (x86)\Lenovo\Energy Manager\Energy Manager.exe (Lenovo(beijing) Limited)
Shortcut: C:\Users\Ewa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Notepad.lnk -> C:\Windows\System32\notepad.exe (Microsoft Corporation)
Shortcut: C:\Users\Ewa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility\Magnify.lnk -> C:\Windows\System32\Magnify.exe (Microsoft Corporation)
Shortcut: C:\Users\Ewa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility\Narrator.lnk -> C:\Windows\System32\Narrator.exe (Microsoft Corporation)
Shortcut: C:\Users\Ewa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility\On-Screen Keyboard.lnk -> C:\Windows\System32\osk.exe (Microsoft Corporation)
Shortcut: C:\Users\Ewa\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)
Shortcut: C:\Users\Ewa\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
Shortcut: C:\Users\Ewa\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -> C:\Windows\System32\imageres.dll (Microsoft Corporation)
Shortcut: C:\Users\Ewa\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -> C:\Windows\explorer.exe (Microsoft Corporation)
Shortcut: C:\Users\Ewa\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\File Explorer.lnk -> C:\Windows\explorer.exe (Microsoft Corporation)
Shortcut: C:\Users\Ewa\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\GG.lnk -> C:\Users\Ewa\AppData\Local\GG\Application\ggapp.exe (GG Network S.A.)
Shortcut: C:\Users\Ewa\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)
Shortcut: C:\Users\Ewa\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\OpenFM.lnk -> C:\Users\Ewa\AppData\Local\OpenFM\Application\openfm.exe ()
Shortcut: C:\Users\Ewa\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Windows.Defender.lnk -> C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
Shortcut: C:\Users\Ewa\AppData\Local\OpenFM\Application\openfm.lnk -> C:\Users\Ewa\AppData\Local\OpenFM\Application\openfm.exe ()
Shortcut: C:\Users\Ewa\AppData\Local\Microsoft\Windows\WinX\Group3\01 - Command Prompt.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation)
Shortcut: C:\Users\Ewa\AppData\Local\Microsoft\Windows\WinX\Group3\01a - Windows PowerShell.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation)
Shortcut: C:\Users\Ewa\AppData\Local\Microsoft\Windows\WinX\Group3\02 - Command Prompt.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation)
Shortcut: C:\Users\Ewa\AppData\Local\Microsoft\Windows\WinX\Group3\02a - Windows PowerShell.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation)
Shortcut: C:\Users\Ewa\AppData\Local\Microsoft\Windows\WinX\Group3\03 - Computer Management.lnk -> C:\Windows\System32\compmgmt.msc ()
Shortcut: C:\Users\Ewa\AppData\Local\Microsoft\Windows\WinX\Group3\04 - Disk Management.lnk -> C:\Windows\System32\diskmgmt.msc ()
Shortcut: C:\Users\Ewa\AppData\Local\Microsoft\Windows\WinX\Group3\07 - Event Viewer.lnk -> C:\Windows\System32\eventvwr.exe (Microsoft Corporation)
Shortcut: C:\Users\Ewa\AppData\Local\Microsoft\Windows\WinX\Group3\09 - Mobility Center.lnk -> C:\Windows\System32\mblctr.exe (Microsoft Corporation)
Shortcut: C:\Users\Ewa\AppData\Local\Microsoft\Windows\WinX\Group2\4 - Control Panel.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation)
Shortcut: C:\Users\Ewa\AppData\Local\Microsoft\Windows\Application Shortcuts\ZinioLLC.Zinio_0q6dqzpp40p2e\App.lnk -> Tile and icon assets
Shortcut: C:\Users\Ewa\AppData\Local\Microsoft\Windows\Application Shortcuts\YouSendIt.HighTailForLenovo_069rkrpjefrbc\App.lnk -> Tile and icon assets
Shortcut: C:\Users\Ewa\AppData\Local\Microsoft\Windows\Application Shortcuts\Weather.TheWeatherChannelforLenovo_t3yemqpq4kp7p\App.lnk -> Tile and icon assets
Shortcut: C:\Users\Ewa\AppData\Local\Microsoft\Windows\Application Shortcuts\TripAdvisorLLC.TripAdvisorHotelsFlightsRestaurants_qj0v5chwq8f2g\App.lnk -> Tile and icon assets
Shortcut: C:\Users\Ewa\AppData\Local\Microsoft\Windows\Application Shortcuts\Microsoft.ZuneVideo_8wekyb3d8bbwe\Microsoft.ZuneVideo.lnk -> Tile and icon assets
Shortcut: C:\Users\Ewa\AppData\Local\Microsoft\Windows\Application Shortcuts\Microsoft.ZuneMusic_8wekyb3d8bbwe\Microsoft.ZuneMusic.lnk -> Tile and icon assets
Shortcut: C:\Users\Ewa\AppData\Local\Microsoft\Windows\Application Shortcuts\Microsoft.XboxLIVEGames_8wekyb3d8bbwe\Microsoft.XboxLIVEGames.lnk -> Tile and icon assets
Shortcut: C:\Users\Ewa\AppData\Local\Microsoft\Windows\Application Shortcuts\Microsoft.WindowsSoundRecorder_8wekyb3d8bbwe\App.lnk -> Tile and icon assets
Shortcut: C:\Users\Ewa\AppData\Local\Microsoft\Windows\Application Shortcuts\Microsoft.WindowsScan_8wekyb3d8bbwe\App.lnk -> Tile and icon assets
Shortcut: C:\Users\Ewa\AppData\Local\Microsoft\Windows\Application Shortcuts\Microsoft.WindowsReadingList_8wekyb3d8bbwe\Microsoft.WindowsReadingList.lnk -> Tile and icon assets
Shortcut: C:\Users\Ewa\AppData\Local\Microsoft\Windows\Application Shortcuts\microsoft.windowscommunicationsapps_8wekyb3d8bbwe\Microsoft.WindowsLive.Calendar.lnk -> [LFz1SPSU(Ly9K-u2microsoft.windowscommunicationsapps_8wekyb3d8bbweGmicrosoft.windowscommunicationsapps_17.5.9600.20911_x64__8wekyb3d8bbweQmicrosoft.windowscommunicationsapps_8wekyb3d8bbwe!Microsoft.WindowsLive.CalendardC:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20911_x64__8wekyb3d8bbwe1SPSMԆi<D*TQ ModernCalendar\CalendarLogo.pngU!ModernCalendar\CalendarBadge.png]%ModernCalendar\CalendarSmallLogo.pngY$ModernCalendar\CalendarWideLogo.pngQ3]%ModernCalendar\CalendarLargeLogo.pngMms-resource:calendarAppTitleY$ModernCalendar\CalendarTinyLogo.pngi1SPS0%G`Mms-resource:calendarAppTitle-1SPSwlE[([8װY1SPSOYMGm=Microsoft Corporation] (Brak pliku)
Shortcut: C:\Users\Ewa\AppData\Local\Microsoft\Windows\Application Shortcuts\microsoft.windowscommunicationsapps_8wekyb3d8bbwe\Microsoft.WindowsLive.Mail.lnk -> [LF1SPSU(Ly9K-u2microsoft.windowscommunicationsapps_8wekyb3d8bbweGmicrosoft.windowscommunicationsapps_17.5.9600.20911_x64__8wekyb3d8bbweMmicrosoft.windowscommunicationsapps_8wekyb3d8bbwe!Microsoft.WindowsLive.MaildC:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20911_x64__8wekyb3d8bbwev1SPSMԆi<D*TIModernMail\Res\MailLogo.pngMModernMail\Res\MailBadge.pngU!ModernMail\Res\MailSmallLogo.pngQ ModernMail\Res\MailWideLogo.pngrU!ModernMail\Res\MailLargeLogo.pngEms-resource:mailAppTitleQ ModernMail\Res\MailTinyLogo.pnga1SPS0%G`Ems-resource:mailAppTitleq1SPS}@H1U!ms-resource:mailShareDescription-1SPSwlE[([8װY1SPSOYMGm=Microsoft Corporation] (Brak pliku)
Shortcut: C:\Users\Ewa\AppData\Local\Microsoft\Windows\Application Shortcuts\microsoft.windowscommunicationsapps_8wekyb3d8bbwe\Microsoft.WindowsLive.People.lnk -> [LFr1SPSU(Ly9K-u2microsoft.windowscommunicationsapps_8wekyb3d8bbweGmicrosoft.windowscommunicationsapps_17.5.9600.20911_x64__8wekyb3d8bbweOmicrosoft.windowscommunicationsapps_8wekyb3d8bbwe!Microsoft.WindowsLive.PeopledC:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20911_x64__8wekyb3d8bbwe1SPSMԆi<D*TAModernPeople\People.pngMModernPeople\PeopleSmall.pngIModernPeople\PeopleWide.pngG&MModernPeople\PeopleLarge.png]%ms-resource:///strings/peopleAppNameIModernPeople\PeopleTiny.pngy1SPS0%G`]%ms-resource:///strings/peopleAppName1SPS}@H1e*ms-resource:///strings/raShareDescription-1SPSwlE[([8װY1SPSOYMGm=Microsoft Corporation] (Brak pliku)
Shortcut: C:\Users\Ewa\AppData\Local\Microsoft\Windows\Application Shortcuts\Microsoft.WindowsCalculator_8wekyb3d8bbwe\App.lnk -> Tile and icon assets
Shortcut: C:\Users\Ewa\AppData\Local\Microsoft\Windows\Application Shortcuts\Microsoft.WindowsAlarms_8wekyb3d8bbwe\App.lnk -> Tile and icon assets
Shortcut: C:\Users\Ewa\AppData\Local\Microsoft\Windows\Application Shortcuts\Microsoft.SkypeApp_kzf8qxf38zg5c\App.lnk -> Tile and icon assets
Shortcut: C:\Users\Ewa\AppData\Local\Microsoft\Windows\Application Shortcuts\Microsoft.Reader_8wekyb3d8bbwe\Microsoft.Reader.lnk -> Tile and icon assets
Shortcut: C:\Users\Ewa\AppData\Local\Microsoft\Windows\Application Shortcuts\Microsoft.Office.OneNote_8wekyb3d8bbwe\microsoft.onenoteim.lnk -> Tile and icon assets
Shortcut: C:\Users\Ewa\AppData\Local\Microsoft\Windows\Application Shortcuts\Microsoft.HelpAndTips_8wekyb3d8bbwe\HelpAndTips.lnk -> Tile and icon assets
Shortcut: C:\Users\Ewa\AppData\Local\Microsoft\Windows\Application Shortcuts\Microsoft.BingWeather_8wekyb3d8bbwe\App.lnk -> Tile and icon assets
Shortcut: C:\Users\Ewa\AppData\Local\Microsoft\Windows\Application Shortcuts\Microsoft.BingTravel_8wekyb3d8bbwe\AppexTravel.lnk -> Tile and icon assets
Shortcut: C:\Users\Ewa\AppData\Local\Microsoft\Windows\Application Shortcuts\Microsoft.BingTranslator_8wekyb3d8bbwe\App.lnk -> Tile and icon assets
Shortcut: C:\Users\Ewa\AppData\Local\Microsoft\Windows\Application Shortcuts\Microsoft.BingSports_8wekyb3d8bbwe\AppexSports.lnk -> Tile and icon assets
Shortcut: C:\Users\Ewa\AppData\Local\Microsoft\Windows\Application Shortcuts\Microsoft.BingNews_8wekyb3d8bbwe\AppexNews.lnk -> Tile and icon assets
Shortcut: C:\Users\Ewa\AppData\Local\Microsoft\Windows\Application Shortcuts\Microsoft.BingMaps_8wekyb3d8bbwe\AppexMaps.lnk -> Tile and icon assets
Shortcut: C:\Users\Ewa\AppData\Local\Microsoft\Windows\Application Shortcuts\Microsoft.BingHealthAndFitness_8wekyb3d8bbwe\AppexHealthAndFitness.lnk -> Tile and icon assets
Shortcut: C:\Users\Ewa\AppData\Local\Microsoft\Windows\Application Shortcuts\Microsoft.BingFoodAndDrink_8wekyb3d8bbwe\AppexFoodAndDrink.lnk -> Tile and icon assets
Shortcut: C:\Users\Ewa\AppData\Local\Microsoft\Windows\Application Shortcuts\Microsoft.BingFinance_8wekyb3d8bbwe\AppexFinance.lnk -> Tile and icon assets
Shortcut: C:\Users\Ewa\AppData\Local\Microsoft\Windows\Application Shortcuts\McAfeeInc.06.McAfeeSecurityAdvisorforLenovo_bq6yxensn79aw\McAfeeCentral.lnk -> Tile and icon assets
Shortcut: C:\Users\Ewa\AppData\Local\Microsoft\Windows\Application Shortcuts\FilmOnLiveTVFree.FilmOnLiveTVFree_zx03kxexxb716\App.lnk -> Tile and icon assets
Shortcut: C:\Users\Ewa\AppData\Local\Microsoft\Windows\Application Shortcuts\Evernote.Evernote_q4d96b2w5wcc2\App.lnk -> Tile and icon assets
Shortcut: C:\Users\Ewa\AppData\Local\Microsoft\Windows\Application Shortcuts\E0469640.DeviceCollaboration_5grkq8ppsgwt4\App.lnk -> Tile and icon assets
Shortcut: C:\Users\Ewa\AppData\Local\Microsoft\Windows\Application Shortcuts\E046963F.LenovoSupport_k1h2ywk1493x8\App.lnk -> Tile and icon assets
Shortcut: C:\Users\Ewa\AppData\Local\Microsoft\Windows\Application Shortcuts\E046963F.LenovoCompanion_k1h2ywk1493x8\App.lnk -> Tile and icon assets
Shortcut: C:\Users\Ewa\AppData\Local\Microsoft\Windows\Application Shortcuts\DailymotionSA.Dailymotion_6dqnvyezrysvy\App.lnk -> Tile and icon assets
Shortcut: C:\Users\Ewa\AppData\Local\Microsoft\Windows\Application Shortcuts\CyberLinkCorp.id.PowerDVDforLenovoIdea_hgg5mn3xps74a\App.lnk -> Tile and icon assets
Shortcut: C:\Users\Ewa\AppData\Local\GG\Application\gg.lnk -> C:\Users\Ewa\AppData\Local\GG\Application\gghub.exe (GG Network S.A.)
Shortcut: C:\Users\Public\Desktop\CCleaner.lnk -> C:\Program Files\CCleaner\CCleaner64.exe (Piriform Ltd)
Shortcut: C:\Users\Public\Desktop\Cyberlink Power2Go.lnk -> C:\Program Files (x86)\Lenovo\Power2Go\Power2Go.exe (Cyberlink)
Shortcut: C:\Users\Public\Desktop\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)
Shortcut: C:\Users\Public\Desktop\Lenovo Updates.lnk -> C:\Program Files (x86)\Lenovo\Lenovo Updates\LU.exe (Lenovo(beijing) Limited)
Shortcut: C:\Users\Public\Desktop\OneKey Recovery.lnk -> C:\Program Files\Lenovo\OneKey App\OneKey Recovery\OneKey Recovery.exe (CyberLink)
Shortcut: C:\Users\Public\Desktop\Skype.lnk -> C:\Windows\Installer\{3B7E914A-93D5-4A29-92BB-AF8C3F66C431}\SkypeIcon.exe ()


ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office.lnk -> C:\Program Files (x86)\Microsoft Office\Office15\FIRSTRUN.EXE (Microsoft Corporation) -> /OEM
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Search.lnk -> C:\Windows\System32\rundll32.exe (Microsoft Corporation) -> -sta {C90FB8CA-3295-4462-A721-2935E83694BA}
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\System Tools\Default Programs.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.DefaultPrograms
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\System Tools\Task Manager.lnk -> C:\Windows\System32\Taskmgr.exe (Microsoft Corporation) -> /7
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Computer Management.lnk -> C:\Windows\System32\compmgmt.msc () -> /s
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Event Viewer.lnk -> C:\Windows\System32\eventvwr.msc () -> /s
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Performance Monitor.lnk -> C:\Windows\System32\perfmon.msc () -> /s
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Resource Monitor.lnk -> C:\Windows\System32\perfmon.exe (Microsoft Corporation) -> /res
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Task Scheduler.lnk -> C:\Windows\System32\taskschd.msc () -> /s
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Windows Media Player.lnk -> C:\Program Files (x86)\Windows Media Player\wmplayer.exe (Microsoft Corporation) -> /prefetch:1
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessibility\Speech Recognition.lnk -> C:\Windows\Speech\Common\sapisvr.exe (Microsoft Corporation) -> -SpeechUX
ShortcutWithArgument: C:\Users\Default\AppData\Roaming\Microsoft\Windows\SendTo\Fax Recipient.lnk -> C:\Windows\System32\WFS.exe (Microsoft Corporation) -> /SendTo
ShortcutWithArgument: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\04-1 - Network Connections.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> ::{7007ACC7-3202-11D1-AAD2-00805FC1270E}
ShortcutWithArgument: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\05 - Device Manager.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.DeviceManager
ShortcutWithArgument: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\06 - System.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.System
ShortcutWithArgument: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\08 - Power Options.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.PowerOptions
ShortcutWithArgument: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\10 - Programs and Features.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.ProgramsAndFeatures
ShortcutWithArgument: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group2\1 - Run.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> shell:::{2559a1f3-21d7-11d4-bdaf-00c04f60b9f0}
ShortcutWithArgument: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group2\2 - Search.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> shell:::{2559a1f8-21d7-11d4-bdaf-00c04f60b9f0}
ShortcutWithArgument: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group2\3 - Windows Explorer.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> /e,::{20D04FE0-3AEA-1069-A2D8-08002B30309D}
ShortcutWithArgument: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group2\5 - Task Manager.lnk -> C:\Windows\System32\Taskmgr.exe (Microsoft Corporation) -> /0
ShortcutWithArgument: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group1\1 - Desktop.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> shell:::{3080F90D-D7AD-11D9-BD98-0000947B0257}
ShortcutWithArgument: C:\Users\Ewa\AppData\Roaming\Microsoft\Windows\SendTo\Fax Recipient.lnk -> C:\Windows\System32\WFS.exe (Microsoft Corporation) -> /SendTo
ShortcutWithArgument: C:\Users\Ewa\AppData\Roaming\Microsoft\Windows\SendTo\Skype.lnk -> C:\Program Files (x86)\Skype\Phone\Skype.exe (Skype Technologies S.A.) -> /sendto:
ShortcutWithArgument: C:\Users\Ewa\AppData\Local\Microsoft\Windows\WinX\Group3\04-1 - Network Connections.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> ::{7007ACC7-3202-11D1-AAD2-00805FC1270E}
ShortcutWithArgument: C:\Users\Ewa\AppData\Local\Microsoft\Windows\WinX\Group3\05 - Device Manager.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.DeviceManager
ShortcutWithArgument: C:\Users\Ewa\AppData\Local\Microsoft\Windows\WinX\Group3\06 - System.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.System
ShortcutWithArgument: C:\Users\Ewa\AppData\Local\Microsoft\Windows\WinX\Group3\08 - Power Options.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.PowerOptions
ShortcutWithArgument: C:\Users\Ewa\AppData\Local\Microsoft\Windows\WinX\Group3\10 - Programs and Features.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.ProgramsAndFeatures
ShortcutWithArgument: C:\Users\Ewa\AppData\Local\Microsoft\Windows\WinX\Group2\1 - Run.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> shell:::{2559a1f3-21d7-11d4-bdaf-00c04f60b9f0}
ShortcutWithArgument: C:\Users\Ewa\AppData\Local\Microsoft\Windows\WinX\Group2\2 - Search.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> shell:::{2559a1f8-21d7-11d4-bdaf-00c04f60b9f0}
ShortcutWithArgument: C:\Users\Ewa\AppData\Local\Microsoft\Windows\WinX\Group2\3 - Windows Explorer.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> /e,::{20D04FE0-3AEA-1069-A2D8-08002B30309D}
ShortcutWithArgument: C:\Users\Ewa\AppData\Local\Microsoft\Windows\WinX\Group2\5 - Task Manager.lnk -> C:\Windows\System32\Taskmgr.exe (Microsoft Corporation) -> /0
ShortcutWithArgument: C:\Users\Ewa\AppData\Local\Microsoft\Windows\WinX\Group1\1 - Desktop.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> shell:::{3080F90D-D7AD-11D9-BD98-0000947B0257}
ShortcutWithArgument: C:\Users\Public\Desktop\Microsoft Office 2013 Activation.lnk -> C:\Program Files (x86)\Microsoft Office\Office15\FIRSTRUN.EXE (Microsoft Corporation) -> /OEM


InternetURL: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner\CCleaner Homepage.url -> URL: hxxp://www.piriform.com/ccleaner
InternetURL: C:\Users\Default\Favorites\AmazonBrowserBar.url -> URL: hxxp://www.amazon.com/gp/BIT/AmazonBrowserBar/ref=bit_lnv_fav?tag=lenovo-abb-bm-us-ie-20
InternetURL: C:\Users\Default\Favorites\Voxox Free Calls.url -> URL: hxxp://www.voxox.com/lenovo
InternetURL: C:\Users\Default\Favorites\Lenovo\Lenovo Support.url -> URL: hxxp://support.lenovo.com/
InternetURL: C:\Users\Default\Favorites\Lenovo\Lenovo.url -> URL: hxxp://www.lenovo.com/
InternetURL: C:\Users\Default\Desktop\Adobe Photo Offer.url -> URL: "hxxp://adobe.com/go/LenovoPhotoOffer"
InternetURL: C:\Users\Default\Desktop\FREE CALLS with Voxox.url -> URL: hxxp://www.voxox.com/lenovo
InternetURL: C:\Users\Default\Desktop\Google Play Music.url -> URL: "hxxps://play.google.com/music/listen?signup=1&coupontype=VANITY&coupon=LEN90SMHVW4D6OAHS4JOP2M"
InternetURL: C:\Users\Ewa\Favorites\AmazonBrowserBar.url -> URL: hxxp://www.amazon.com/gp/BIT/AmazonBrowserBar/ref=bit_lnv_fav?tag=lenovo-abb-bm-us-ie-20
InternetURL: C:\Users\Ewa\Favorites\Bing.url -> URL: hxxp://go.microsoft.com/fwlink/p/?LinkId=255142
InternetURL: C:\Users\Ewa\Favorites\Voxox Free Calls.url -> URL: hxxp://www.voxox.com/lenovo
InternetURL: C:\Users\Ewa\Favorites\Lenovo\Lenovo Support.url -> URL: hxxp://support.lenovo.com/
InternetURL: C:\Users\Ewa\Favorites\Lenovo\Lenovo.url -> URL: hxxp://www.lenovo.com/
InternetURL: C:\Users\Ewa\Desktop\Adobe Photo Offer.url -> URL: "hxxp://adobe.com/go/LenovoPhotoOffer"
InternetURL: C:\Users\Ewa\Desktop\download.url -> URL: javascript:

==================== Koniec  Shortcut.txt =============================
Intel Core i5 6500, Mushkin Silverline DDR4 16GB, Radeon RX 470 4GB, Seagate ST1000DM003 1 TB,Segate baracude 500GB, Lg L227WT 22''
Awatar użytkownika
cinek_1111
~user
 
Posty: 1385
Dołączenie: 10 Wrz 2006, 19:51
Pochwały: 56



Długo się wszystko wczytuje 2 laptop

Postprzez ordynat 23 Lip 2017, 12:01

Nie widzę tu żadnej infekcji.

Tylko drobna kosmetyka:
Uruchom FRST. NA klawiaturze naciśnij jednocześnie CTRL+Y.Otworzy się Notatnik - wklej do niego:
ContextMenuHandlers01: [SHAREit.FileContextMenuExt] -> {430BD134-576D-4E75-87CD-0F5C6221A82B} => -> Brak pliku
ContextMenuHandlers04: [SHAREit.FileContextMenuExt] -> {430BD134-576D-4E75-87CD-0F5C6221A82B} => -> Brak pliku
ContextMenuHandlers05: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> Brak pliku
EmptyTemp:

Na klawiaturze naciśnij jednocześnie CTRL+S. W FRST kliknij na Fix (NAPRAW).
.

Autor postu otrzymał pochwałę
ordynat
~user
 
Posty: 4765
Dołączenie: 02 Kwi 2010, 11:18
Pochwały: 866



Długo się wszystko wczytuje 2 laptop

Postprzez cinek_1111 23 Lip 2017, 18:01

Wielkie dzięki
Intel Core i5 6500, Mushkin Silverline DDR4 16GB, Radeon RX 470 4GB, Seagate ST1000DM003 1 TB,Segate baracude 500GB, Lg L227WT 22''
Awatar użytkownika
cinek_1111
~user
 
Posty: 1385
Dołączenie: 10 Wrz 2006, 19:51
Pochwały: 56




Powróć do Bezpieczeństwo

Kto jest na forum

Użytkownicy przeglądający to forum: Brak zarejestrowanych użytkowników oraz 8 gości