Długo nie sprawdzałem komputera ale dzis czas najwyzszy..
Zmartwilo mnie cos co sie wydarzylo dzisiaj po podlaczeniu internetu (mobilny) do komputera i polaczeniu z siecia.
Wyskoczylo 2 x czarne okno dialogowe i cos jakby sie zainstalowalo/aktualizowalo albo ktos cos zrobil na moim komputerze.. Nie wiem co to moglo byc bo nic nie klikalem .
Prosze sprawdzic logi, czy cos bylo instalowane,aktualizowane albo zmieniane w moim komputerze dzisiaj.. Martwie sie i nie chcialbym stracic hasel,dokumentow z komputera a naprawde dziwnie to wygladalo.
Zaraz wrzuce logi
Dodano 23.05.2017 11:00:22:
Dodano 23.05.2017 11:01:04:
- Kod: Zaznacz wszystko
GMER 2.2.19882 - http://www.gmer.net
Rootkit scan 2017-05-23 11:59:25
Windows 6.2.9200 x64
Running: q0fn1evs.exe
---- Services - GMER 2.2 ----
Service System32\Drivers\sptd2.sys (*** hidden *** ) [BOOT] sptd2 <-- ROOTKIT !!!
---- Registry - GMER 2.2 ----
Reg HKLM\SYSTEM\CurrentControlSet\Control\CMF\SqmData@SystemStartTime 0x78 0xD0 0x90 0xA3 ...
Reg HKLM\SYSTEM\CurrentControlSet\Control\CMF\SqmData@SystemLastStartTime 0xE4 0x50 0x20 0x65 ...
Reg HKLM\SYSTEM\CurrentControlSet\Control\CMF\SqmData@CMFStartTime 0x6D 0xF7 0x90 0xA3 ...
Reg HKLM\SYSTEM\CurrentControlSet\Control\CMF\SqmData@CMFLastStartTime 0x08 0x3A 0x2C 0x65 ...
Reg HKLM\SYSTEM\CurrentControlSet\Control\CMF\SqmData\BootLanguages@pl-PL 34
Reg HKLM\SYSTEM\CurrentControlSet\Control\GraphicsDrivers\Configuration\LEN40B00_00_07DC_A3^71D24FCFB31152D6B4723C3ED4370A20@Timestamp 0xAB 0x88 0x90 0xE6 ...
Reg HKLM\SYSTEM\CurrentControlSet\Control\Lsa@LsaPid 836
Reg HKLM\SYSTEM\CurrentControlSet\Control\Session Manager\Executive@UuidSequenceNumber 3900198
Reg HKLM\SYSTEM\CurrentControlSet\Control\Session Manager\kernel\RNG@RNGAuxiliarySeed 1319885010
Reg HKLM\SYSTEM\CurrentControlSet\Control\Session Manager\Memory Management\PrefetchParameters@BootId 35
Reg HKLM\SYSTEM\CurrentControlSet\Control\Session Manager\Memory Management\PrefetchParameters@BaseTime 504960562
Reg HKLM\SYSTEM\CurrentControlSet\Control\Session Manager\Power@POSTTime 5333
Reg HKLM\SYSTEM\CurrentControlSet\Control\Session Manager\Power@FwPOSTTime 5324
Reg HKLM\SYSTEM\CurrentControlSet\Control\Terminal Server@InstanceID 6e27e71f-6c79-4af4-960e-9980b23
Reg HKLM\SYSTEM\CurrentControlSet\Control\Terminal Server@GlassSessionId 3
Reg HKLM\SYSTEM\CurrentControlSet\Control\WDI\Config@ServerName \BaseNamedObjects\WDI_{4737da3a-bd6e-4e98-8b33-3a330630a4be}
Reg HKLM\SYSTEM\CurrentControlSet\Control\WMI\Autologger\AITEventLog@FileCounter 3
Reg HKLM\SYSTEM\CurrentControlSet\Control\WMI\Autologger\WdiContextLog@FileCounter 2
Reg HKLM\SYSTEM\CurrentControlSet\Services\aswbidsh\Parameters@Reboot 13
Reg HKLM\SYSTEM\CurrentControlSet\Services\aswRvrt\Parameters@BootCounter 3
Reg HKLM\SYSTEM\CurrentControlSet\Services\aswRvrt\Parameters\Instup_14944080592652294@SetupOperations ???1?????1?1?1?1?2?2????????????????????????????????????????????? ???????1???????????W???????????????????????????????W??? ???????1???????????1???????? ??????????????????????????1??????Commited?????1?1?1?1?1?1?????????????.?????tRU???????????(?????t:\???????1???e??????t ??????????????????????????????????????????????????? ???????1???????????1???????? ??????????????????????????1??????Commited?????1?1?1?1?1?1???????????????????t???????????????????t?????????1???????????????????????????????q???????????????????????????????????1???>??Commited?C???1??????????????MoveFile("\??\C:\Program Files\AVAST Software\Avast\avBA495.tmp","\??\C:\Program Files\AVAST Software\Avast\avBugReport.exe",TRUE)?MoveFile("\??\C:\Program Files\AVAST Software\Avast\AvDA514.tmp","\??\C:\Program Files\AVAST Software\Avast\AvDump32.exe",TRUE)?MoveFile("\??\C:\Program Files\AVAST Software\Avast\x64\AvDA593.tmp","\??\C:\Program Files\AVAST Software\Avast\x64\AvDump64.exe",TRUE)?DeleteFile("\??\C:\Program Files\AVAST Software\Avast\SafePrice\FF48
Reg HKLM\SYSTEM\CurrentControlSet\Services\aswRvrt\Parameters\Instup_14945804821712294@ Package
Reg HKLM\SYSTEM\CurrentControlSet\Services\aswRvrt\Parameters\Instup_14946691340002294@ Package
Reg HKLM\SYSTEM\CurrentControlSet\Services\aswRvrt\Parameters\Instup_14947958515312294@ Package
Reg HKLM\SYSTEM\CurrentControlSet\Services\aswRvrt\Parameters\Instup_14949311012962294@ Package
Reg HKLM\SYSTEM\CurrentControlSet\Services\aswRvrt\Parameters\Instup_14951210066252294@ Package
Reg HKLM\SYSTEM\CurrentControlSet\Services\aswRvrt\Parameters\Instup_14951355514682294@ Package
Reg HKLM\SYSTEM\CurrentControlSet\Services\aswRvrt\Parameters\Instup_14953065417502294@ Package
Reg HKLM\SYSTEM\CurrentControlSet\Services\aswRvrt\Parameters\Instup_14953768849682294@ Package
Reg HKLM\SYSTEM\CurrentControlSet\Services\aswRvrt\Parameters\Uupdate_149471055829601@ Package
Reg HKLM\SYSTEM\CurrentControlSet\Services\BTHPORT\Parameters\Keys\142d273a8a5c
Reg HKLM\SYSTEM\CurrentControlSet\Services\BTHPORT\Parameters\Keys\142d273a8a5c@9cd35ba524ef 0xB5 0x00 0x67 0x99 ...
Reg HKLM\SYSTEM\CurrentControlSet\Services\cdrom\Parameters\Wdf@TimeOfLastTelemetryLog 0x79 0x31 0xA8 0xA0 ...
Reg HKLM\SYSTEM\CurrentControlSet\Services\CompositeBus\Parameters\Wdf@TimeOfLastTelemetryLog 0x5E 0x82 0x78 0xA0 ...
Reg HKLM\SYSTEM\CurrentControlSet\Services\Fastboot\Parameters@Checksum 882257535
Reg HKLM\SYSTEM\CurrentControlSet\Services\HDAudBus\Parameters\Wdf@TimeOfLastTelemetryLog 0x31 0x5B 0x90 0xA0 ...
Reg HKLM\SYSTEM\CurrentControlSet\Services\huawei_enumerator\Parameters\Wdf@TimeOfLastTelemetryLog 0xA6 0xCF 0xA5 0xA0 ...
Reg HKLM\SYSTEM\CurrentControlSet\Services\IBMPMSVC\Parameters\Notification@Type2 0
Reg HKLM\SYSTEM\CurrentControlSet\Services\intelppm\Parameters\Wdf@TimeOfLastTelemetryLog 0xBA 0xE4 0x7A 0xA0 ...
Reg HKLM\SYSTEM\CurrentControlSet\Services\iwdbus\Parameters\Wdf@TimeOfLastTelemetryLog 0x79 0x31 0xA8 0xA0 ...
Reg HKLM\SYSTEM\CurrentControlSet\Services\Lenovo System Agent Service
Reg HKLM\SYSTEM\CurrentControlSet\Services\Lenovo System Agent Service@DisplayName Lenovo System Agent Service
Reg HKLM\SYSTEM\CurrentControlSet\Services\Lenovo System Agent Service@WOW64 1
Reg HKLM\SYSTEM\CurrentControlSet\Services\Lenovo System Agent Service@Description This service provides helper functions to monitor Active Domain policies, critical updates, and other activities.
Reg HKLM\SYSTEM\CurrentControlSet\Services\Lenovo System Agent Service@Type 16
Reg HKLM\SYSTEM\CurrentControlSet\Services\Lenovo System Agent Service@Start 2
Reg HKLM\SYSTEM\CurrentControlSet\Services\Lenovo System Agent Service@ErrorControl 1
Reg HKLM\SYSTEM\CurrentControlSet\Services\Lenovo System Agent Service@ImagePath "C:\Program Files\Lenovo\iMController\SystemAgentService.exe"
Reg HKLM\SYSTEM\CurrentControlSet\Services\Lenovo System Agent Service@ObjectName LocalSystem
Reg HKLM\SYSTEM\CurrentControlSet\Services\Lenovo System Agent Service
Reg HKLM\SYSTEM\CurrentControlSet\Services\MEIx64\Parameters\Wdf@TimeOfLastTelemetryLog 0xE0 0xD1 0x86 0xA0 ...
Reg HKLM\SYSTEM\CurrentControlSet\Services\monitor\Parameters\Wdf@TimeOfLastTelemetryLog 0xA3 0x88 0xA7 0xA4 ...
Reg HKLM\SYSTEM\CurrentControlSet\Services\msisadrv\Parameters\Wdf@TimeOfLastTelemetryLog 0x66 0x37 0x6F 0x95 ...
Reg HKLM\SYSTEM\CurrentControlSet\Services\NdisVirtualBus\Parameters\Wdf@TimeOfLastTelemetryLog 0xA6 0xCF 0xA5 0xA0 ...
Reg HKLM\SYSTEM\CurrentControlSet\Services\pla\Configuration@RPCEndPoint {2E173DB4-EDE2-4BBB-B584-24A0D4A76B14}
Reg HKLM\SYSTEM\CurrentControlSet\Services\rdyboost\Diagnostics@ReadyBootTrainingCountSinceLastServicing 5
Reg HKLM\SYSTEM\CurrentControlSet\Services\rdyboost\Parameters@LastBootPlanUserTime ?wt.?, ?maj ?23 ?17, 11:15:02?????????????????????????a????????
Reg HKLM\SYSTEM\CurrentControlSet\Services\rdyboost\Parameters@EffectivePends 256
Reg HKLM\SYSTEM\CurrentControlSet\Services\RtkBtFilter\Parameters\Wdf@TimeOfLastTelemetryLog 0x22 0x84 0x8F 0xA3 ...
Reg HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Epoch@Epoch 6391
Reg HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Epoch2@Epoch 1498
Reg HKLM\SYSTEM\CurrentControlSet\Services\SmbDrvI\Parameters\Wdf@TimeOfLastTelemetryLog 0x35 0xF6 0xAC 0xA0 ...
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd2@Start 0
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd2
Reg HKLM\SYSTEM\CurrentControlSet\Services\srvnet\Parameters@MajorSequence 33
Reg HKLM\SYSTEM\CurrentControlSet\Services\SynTP\Parameters@DetectTimeMS 1688
Reg HKLM\SYSTEM\CurrentControlSet\Services\SynTP\Parameters\Wdf@TimeOfLastTelemetryLog 0xA6 0xCF 0xA5 0xA0 ...
Reg HKLM\SYSTEM\CurrentControlSet\Services\Tcpip\Linkage@Bind \Device\{02CD17B4-4503-4FA7-9ABE-9062E5407B63}?\Device\{0BA7BAB2-F559-4998-8301-CB300EF0030F}?\Device\{20265AEC-D3FD-4F1D-8540-5AF401F54C87}?\Device\{859AA2A3-3AC6-487E-8B76-2B23071BFEC5}?\Device\{DFA18D8C-0771-4B6F-B877-B76B56DA823D}?\Device\{8718928D-CBEB-45EA-A621-800A9249001D}?\Device\{6EB78104-156B-4544-99A0-3720A74B57BA}?\Device\{7F332E55-E421-4E47-8A21-CCCDCEB84DA8}?
Reg HKLM\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{16F4E041-5312-42ED-8C90-441159F533B7}@DhcpIPAddress 0.0.0.0
Reg HKLM\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{16F4E041-5312-42ED-8C90-441159F533B7}@DhcpSubnetMask 0.0.0.0
Reg HKLM\SYSTEM\CurrentControlSet\Services\TPM@OsBootCount 207
Reg HKLM\SYSTEM\CurrentControlSet\Services\TPM\Parameters\Wdf@TimeOfLastTelemetryLog 0x4F 0x71 0x89 0x95 ...
Reg HKLM\SYSTEM\CurrentControlSet\Services\TPPWRIF@DisplayName TPPWRIF
Reg HKLM\SYSTEM\CurrentControlSet\Services\umbus\Parameters\Wdf@TimeOfLastTelemetryLog 0xBA 0xE4 0x7A 0xA0 ...
Reg HKLM\SYSTEM\CurrentControlSet\Services\USBHUB3\Parameters\Wdf@TimeOfLastTelemetryLog 0x98 0x9B 0x63 0xA3 ...
Reg HKLM\SYSTEM\CurrentControlSet\Services\USBXHCI\Parameters\Wdf@TimeOfLastTelemetryLog 0x19 0x34 0x89 0xA0 ...
Reg HKLM\SYSTEM\CurrentControlSet\Services\vdrvroot\Parameters\Wdf@TimeOfLastTelemetryLog 0xBC 0xD3 0x8B 0x95 ...
Reg HKLM\SYSTEM\CurrentControlSet\Services\vwifibus\Parameters\Wdf@TimeOfLastTelemetryLog 0x70 0x14 0x52 0xA3 ...
Reg HKLM\SYSTEM\CurrentControlSet\Services\W32Time\SecureTimeLimits@SecureTimeEstimated 0xAC 0x12 0xE5 0x6C ...
Reg HKLM\SYSTEM\CurrentControlSet\Services\W32Time\SecureTimeLimits@SecureTimeHigh 0xAC 0x7A 0xA9 0xCE ...
Reg HKLM\SYSTEM\CurrentControlSet\Services\W32Time\SecureTimeLimits@SecureTimeLow 0xAC 0xAA 0x20 0x0B ...
Reg HKLM\SYSTEM\CurrentControlSet\Services\Winmgmt\Parameters@ServiceDllUnloadOnStop 0
Reg HKLM\SYSTEM\CurrentControlSet\Services\WINUSB\Parameters\Wdf@TimeOfLastTelemetryLog 0x08 0xEE 0x7C 0xA5 ...
Reg HKLM\SYSTEM\CurrentControlSet\Services\WUDFRd@Owners oem44.inf?oem66.inf?oem72.inf?oem57.inf?oem99.inf?hidbthle.inf?ehstorpwddrv.inf?
Reg HKLM\SYSTEM\Setup\Upgrade\NsiMigrationRoot\60\0@Rw 0x64 0x62 0x03 0x00 ...
Reg HKLM\SYSTEM\Setup\Upgrade\NsiMigrationRoot\60\0@RwMask 0x64 0x62 0x03 0x00 ...
Reg HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Search\JumplistData@Chrome 0xDA 0xA4 0x2B 0xE8 ...
---- EOF - GMER 2.2 ----
Dodano 23.05.2017 11:40:34:
- Kod: Zaznacz wszystko
GMER 2.2.19882 - http://www.gmer.net
Rootkit scan 2017-05-23 12:40:15
Windows 6.2.9200 x64
Running: q0fn1evs.exe
---- Services - GMER 2.2 ----
Service System32\Drivers\sptd2.sys (*** hidden *** ) [BOOT] sptd2 <-- ROOTKIT !!!
---- Registry - GMER 2.2 ----
Reg HKLM\SYSTEM\CurrentControlSet\Control\Session Manager\kernel\RNG@RNGAuxiliarySeed 1462377540
Reg HKLM\SYSTEM\CurrentControlSet\Services\aswRvrt\Parameters\Instup_14944080592652294@SetupOperations ???1?????1?1?1?1?2?2????????????????????????????????????????????? ???????1???????????.???????? ??? ??????????????????W??? ???????1???????????1???????? ??????????????????????????1??????Commited?????1?1?1?1?1?1?????????????.?????tRU???????????(?????t:\???????1???e??????t ??????????????????????????????????????????????????? ???????1???????????1???????? ??????????????????????????1??????Commited?????1?1?1?1?1?1???????????????????t???????????????????t?????????1???????????????????????????????q???????????????????????????????????1???>??Commited?C???1??????????????MoveFile("\??\C:\Program Files\AVAST Software\Avast\avBA495.tmp","\??\C:\Program Files\AVAST Software\Avast\avBugReport.exe",TRUE)?MoveFile("\??\C:\Program Files\AVAST Software\Avast\AvDA514.tmp","\??\C:\Program Files\AVAST Software\Avast\AvDump32.exe",TRUE)?MoveFile("\??\C:\Program Files\AVAST Software\Avast\x64\AvDA593.tmp","\??\C:\Program Files\AVAST Software\Avast\x64\AvDump64.exe",TRUE)?DeleteFile("\??\C:\Program Files\AVAST Software\Avast\SafePrice\FF48
Reg HKLM\SYSTEM\CurrentControlSet\Services\BTHPORT\Parameters\Keys\142d273a8a5c
Reg HKLM\SYSTEM\CurrentControlSet\Services\BTHPORT\Parameters\Keys\142d273a8a5c@9cd35ba524ef 0xB5 0x00 0x67 0x99 ...
Reg HKLM\SYSTEM\CurrentControlSet\Services\W32Time\SecureTimeLimits@SecureTimeEstimated 0xFA 0x8B 0x01 0x83 ...
Reg HKLM\SYSTEM\CurrentControlSet\Services\W32Time\SecureTimeLimits@SecureTimeHigh 0xFA 0xF3 0xC5 0xE4 ...
Reg HKLM\SYSTEM\CurrentControlSet\Services\W32Time\SecureTimeLimits@SecureTimeLow 0xFA 0x23 0x3D 0x21 ...
Reg HKLM\SYSTEM\Setup\Upgrade\NsiMigrationRoot\60\0@Rw 0x64 0x62 0x03 0x00 ...
Reg HKLM\SYSTEM\Setup\Upgrade\NsiMigrationRoot\60\0@RwMask 0x64 0x62 0x03 0x00 ...
Reg HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Search\JumplistData@Chrome 0x53 0x40 0xB4 0xBE ...
---- EOF - GMER 2.2 ----
Dodano 23.05.2017 11:46:29:
short
- Kod: Zaznacz wszystko
Rezultat skanowania skrótów użytkowników (x64) Wersja: 22-05-2017
Uruchomiony przez Adam (23-05-2017 12:44:37)
Uruchomiony z C:\Users\Adam\Downloads
Tryb startu: Normal
==================== Skróty =============================
(Wybrane wejścia mogą zostać załączone w celu ich zresetowania lub usunięcia.)
Shortcut: C:\Users\Adam\SkyDrive\Ten komputer — skrót.lnk -> System Folder
Shortcut: C:\Users\Adam\Pictures\Camera Roll\Ulubione — skrót.lnk -> System Folder
Shortcut: C:\Users\Adam\Links\Desktop.lnk -> C:\Users\Adam\Desktop ()
Shortcut: C:\Users\Adam\Links\Downloads.lnk -> C:\Users\Adam\Downloads ()
Shortcut: C:\Users\Adam\Links\RecentPlaces.lnk -> [::{22877A6D-37A1-461A-91B0-DBDA5AAEBC99}]
Shortcut: C:\Users\Adam\Documents\Lenovo Solution Center.lnk -> C:\Program Files\Lenovo\Lenovo Solution Center\LSC.exe ()
Shortcut: C:\Users\Adam\Documents\Mozilla Firefox.lnk -> C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
Shortcut: C:\Users\Adam\Desktop\GG.lnk -> C:\Users\Adam\AppData\Local\GG\Application\gghub.exe (GG Network S.A.)
Shortcut: C:\Users\Adam\Desktop\Ten komputer — skrót.lnk -> System Folder
Shortcut: C:\Users\Adam\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\GG.lnk -> C:\Users\Adam\AppData\Local\GG\Application\gghub.exe (GG Network S.A.)
Shortcut: C:\Users\Adam\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Grupa domowa.lnk -> [LF C?Be1SPSU(Ly9K-y 4{6EF20655-905C-4A43-83A6-733509F98DBD}\Grupa domowa]
Shortcut: C:\Users\Adam\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WarThunder.lnk -> C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
Shortcut: C:\Users\Adam\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell\Windows PowerShell (x86).lnk -> C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation)
Shortcut: C:\Users\Adam\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell\Windows PowerShell ISE (x86).lnk -> C:\Windows\SysWOW64\WindowsPowerShell\v1.0\PowerShell_ISE.exe (Microsoft Corporation)
Shortcut: C:\Users\Adam\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell\Windows PowerShell ISE.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\PowerShell_ISE.exe (Microsoft Corporation)
Shortcut: C:\Users\Adam\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell\Windows PowerShell.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation)
Shortcut: C:\Users\Adam\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Command Prompt.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation)
Shortcut: C:\Users\Adam\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\computer.lnk -> C:\Windows\explorer.exe,-30
Shortcut: C:\Users\Adam\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Control Panel.lnk -> C:\Windows\System32\imageres.dll (Microsoft Corporation)
Shortcut: C:\Users\Adam\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Default Apps (1).lnk -> C:\Windows\ImmersiveControlPanel\systemsettings.exe (Microsoft Corporation)
Shortcut: C:\Users\Adam\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Devices (1).lnk -> C:\Windows\ImmersiveControlPanel\systemsettings.exe (Microsoft Corporation)
Shortcut: C:\Users\Adam\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\File Explorer.lnk -> C:\Windows\explorer.exe (Microsoft Corporation)
Shortcut: C:\Users\Adam\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Run.lnk -> C:\Windows\System32\shell32.dll (Microsoft Corporation)
Shortcut: C:\Users\Adam\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam\Steam.lnk -> C:\Program Files (x86)\Steam\Steam.exe (Valve Corporation)
Shortcut: C:\Users\Adam\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Notepad.lnk -> C:\Windows\System32\notepad.exe (Microsoft Corporation)
Shortcut: C:\Users\Adam\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility\Magnify.lnk -> C:\Windows\System32\Magnify.exe (Microsoft Corporation)
Shortcut: C:\Users\Adam\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility\Narrator.lnk -> C:\Windows\System32\Narrator.exe (Microsoft Corporation)
Shortcut: C:\Users\Adam\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility\On-Screen Keyboard.lnk -> C:\Windows\System32\osk.exe (Microsoft Corporation)
Shortcut: C:\Users\Adam\AppData\Roaming\Microsoft\Windows\SendTo\Transfer plików Bluetooth.LNK -> C:\Windows\System32\fsquirt.exe (Microsoft Corporation)
Shortcut: C:\Users\Adam\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)
Shortcut: C:\Users\Adam\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -> C:\Windows\System32\imageres.dll (Microsoft Corporation)
Shortcut: C:\Users\Adam\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\WarThunder.lnk -> C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
Shortcut: C:\Users\Adam\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -> C:\Windows\explorer.exe (Microsoft Corporation)
Shortcut: C:\Users\Adam\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Bandizip.lnk -> C:\Program Files\Bandizip\Bandizip64.exe (Bandisoft.com)
Shortcut: C:\Users\Adam\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Downloads.lnk -> C:\Users\Adam\Downloads ()
Shortcut: C:\Users\Adam\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\File Explorer.lnk -> C:\Windows\explorer.exe (Microsoft Corporation)
Shortcut: C:\Users\Adam\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Google Chrome (2).lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)
Shortcut: C:\Users\Adam\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Internet Manager.lnk -> C:\Program Files (x86)\T-Mobile\InternetManager_H\Internet Manager.exe ()
Shortcut: C:\Users\Adam\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Malwarebytes Anti-Malware.lnk -> C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe (Malwarebytes)
Shortcut: C:\Users\Adam\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Mozilla Firefox.lnk -> C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
Shortcut: C:\Users\Adam\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Steam.lnk -> C:\Program Files (x86)\Steam\Steam.exe (Valve Corporation)
Shortcut: C:\Users\Adam\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Ten komputer - skrót.lnk -> [LF]
Shortcut: C:\Users\Adam\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Ten komputer — skrót.lnk -> System Folder
Shortcut: C:\Users\Adam\AppData\Local\Microsoft\Windows\WinX\Group3\01 - Command Prompt.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation)
Shortcut: C:\Users\Adam\AppData\Local\Microsoft\Windows\WinX\Group3\01a - Windows PowerShell.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation)
Shortcut: C:\Users\Adam\AppData\Local\Microsoft\Windows\WinX\Group3\02 - Command Prompt.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation)
Shortcut: C:\Users\Adam\AppData\Local\Microsoft\Windows\WinX\Group3\02a - Windows PowerShell.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation)
Shortcut: C:\Users\Adam\AppData\Local\Microsoft\Windows\WinX\Group3\03 - Computer Management.lnk -> C:\Windows\System32\compmgmt.msc ()
Shortcut: C:\Users\Adam\AppData\Local\Microsoft\Windows\WinX\Group3\04 - Disk Management.lnk -> C:\Windows\System32\diskmgmt.msc ()
Shortcut: C:\Users\Adam\AppData\Local\Microsoft\Windows\WinX\Group3\07 - Event Viewer.lnk -> C:\Windows\System32\eventvwr.exe (Microsoft Corporation)
Shortcut: C:\Users\Adam\AppData\Local\Microsoft\Windows\WinX\Group3\09 - Mobility Center.lnk -> C:\Windows\System32\mblctr.exe (Microsoft Corporation)
Shortcut: C:\Users\Adam\AppData\Local\Microsoft\Windows\WinX\Group2\4 - Control Panel.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation)
Shortcut: C:\Users\Adam\AppData\Local\Microsoft\Windows\Application Shortcuts\Windows.PurchaseDialog_cw5n1h2txyewy\Microsoft.Windows.PurchaseDialog.lnk -> Tile and icon assets
Shortcut: C:\Users\Adam\AppData\Local\Microsoft\Windows\Application Shortcuts\Windows.ContactSupport_cw5n1h2txyewy\App.lnk -> Tile and icon assets
Shortcut: C:\Users\Adam\AppData\Local\Microsoft\Windows\Application Shortcuts\txtr.txtrReaderLenovoEdition_g057jjhb9dtk6\App.lnk -> Tile and icon assets
Shortcut: C:\Users\Adam\AppData\Local\Microsoft\Windows\Application Shortcuts\SymantecCorporation.NortonStudio_v68kp9n051hdp\App.lnk -> Tile and icon assets
Shortcut: C:\Users\Adam\AppData\Local\Microsoft\Windows\Application Shortcuts\Microsoft.ZuneVideo_8wekyb3d8bbwe\Microsoft.ZuneVideo.lnk -> Tile and icon assets
Shortcut: C:\Users\Adam\AppData\Local\Microsoft\Windows\Application Shortcuts\Microsoft.ZuneMusic_8wekyb3d8bbwe\Microsoft.ZuneMusic.lnk -> Tile and icon assets
Shortcut: C:\Users\Adam\AppData\Local\Microsoft\Windows\Application Shortcuts\Microsoft.XboxIdentityProvider_cw5n1h2txyewy\Microsoft.XboxIdentityProvider.lnk -> Tile and icon assets
Shortcut: C:\Users\Adam\AppData\Local\Microsoft\Windows\Application Shortcuts\Microsoft.XboxGameCallableUI_cw5n1h2txyewy\Microsoft.XboxGameCallableUI.lnk -> Tile and icon assets
Shortcut: C:\Users\Adam\AppData\Local\Microsoft\Windows\Application Shortcuts\Microsoft.XboxApp_8wekyb3d8bbwe\Microsoft.XboxApp.lnk -> Tile and icon assets
Shortcut: C:\Users\Adam\AppData\Local\Microsoft\Windows\Application Shortcuts\Microsoft.WindowsStore_8wekyb3d8bbwe\App.lnk -> Tile and icon assets
Shortcut: C:\Users\Adam\AppData\Local\Microsoft\Windows\Application Shortcuts\Microsoft.WindowsSoundRecorder_8wekyb3d8bbwe\App.lnk -> Tile and icon assets
Shortcut: C:\Users\Adam\AppData\Local\Microsoft\Windows\Application Shortcuts\Microsoft.WindowsScan_8wekyb3d8bbwe\App.lnk -> Tile and icon assets
Shortcut: C:\Users\Adam\AppData\Local\Microsoft\Windows\Application Shortcuts\Microsoft.WindowsPhone_8wekyb3d8bbwe\CompanionApp.App.lnk -> Tile and icon assets
Shortcut: C:\Users\Adam\AppData\Local\Microsoft\Windows\Application Shortcuts\Microsoft.WindowsMaps_8wekyb3d8bbwe\App.lnk -> Tile and icon assets
Shortcut: C:\Users\Adam\AppData\Local\Microsoft\Windows\Application Shortcuts\Microsoft.WindowsFeedback_cw5n1h2txyewy\App.lnk -> Tile and icon assets
Shortcut: C:\Users\Adam\AppData\Local\Microsoft\Windows\Application Shortcuts\microsoft.windowscommunicationsapps_8wekyb3d8bbwe\microsoft.windowslive.calendar.lnk -> Tile and icon assets
Shortcut: C:\Users\Adam\AppData\Local\Microsoft\Windows\Application Shortcuts\microsoft.windowscommunicationsapps_8wekyb3d8bbwe\microsoft.windowslive.mail.lnk -> Tile and icon assets
Shortcut: C:\Users\Adam\AppData\Local\Microsoft\Windows\Application Shortcuts\Microsoft.WindowsCamera_8wekyb3d8bbwe\App.lnk -> Tile and icon assets
Shortcut: C:\Users\Adam\AppData\Local\Microsoft\Windows\Application Shortcuts\Microsoft.WindowsCalculator_8wekyb3d8bbwe\App.lnk -> Tile and icon assets
Shortcut: C:\Users\Adam\AppData\Local\Microsoft\Windows\Application Shortcuts\Microsoft.WindowsAlarms_8wekyb3d8bbwe\App.lnk -> Tile and icon assets
Shortcut: C:\Users\Adam\AppData\Local\Microsoft\Windows\Application Shortcuts\Microsoft.Windows.ShellExperienceHost_cw5n1h2txyewy\App.lnk -> Tile and icon assets
Shortcut: C:\Users\Adam\AppData\Local\Microsoft\Windows\Application Shortcuts\Microsoft.Windows.Photos_8wekyb3d8bbwe\App.lnk -> Tile and icon assets
Shortcut: C:\Users\Adam\AppData\Local\Microsoft\Windows\Application Shortcuts\Microsoft.Windows.ParentalControls_cw5n1h2txyewy\App.lnk -> Tile and icon assets
Shortcut: C:\Users\Adam\AppData\Local\Microsoft\Windows\Application Shortcuts\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaUI.lnk -> Tile and icon assets
Shortcut: C:\Users\Adam\AppData\Local\Microsoft\Windows\Application Shortcuts\Microsoft.Windows.ContentDeliveryManager_cw5n1h2txyewy\App.lnk -> Tile and icon assets
Shortcut: C:\Users\Adam\AppData\Local\Microsoft\Windows\Application Shortcuts\Microsoft.Windows.CloudExperienceHost_cw5n1h2txyewy\App.lnk -> Tile and icon assets
Shortcut: C:\Users\Adam\AppData\Local\Microsoft\Windows\Application Shortcuts\Microsoft.Reader_8wekyb3d8bbwe\Microsoft.Reader.lnk -> Tile and icon assets
Shortcut: C:\Users\Adam\AppData\Local\Microsoft\Windows\Application Shortcuts\Microsoft.People_8wekyb3d8bbwe\x4c7a3b7dy2188y46d4ya362y19ac5a5805e5x.lnk -> Tile and icon assets
Shortcut: C:\Users\Adam\AppData\Local\Microsoft\Windows\Application Shortcuts\Microsoft.Office.OneNote_8wekyb3d8bbwe\microsoft.onenoteim.lnk -> Tile and icon assets
Shortcut: C:\Users\Adam\AppData\Local\Microsoft\Windows\Application Shortcuts\Microsoft.MicrosoftSolitaireCollection_8wekyb3d8bbwe\App.lnk -> Tile and icon assets
Shortcut: C:\Users\Adam\AppData\Local\Microsoft\Windows\Application Shortcuts\Microsoft.MicrosoftOfficeHub_8wekyb3d8bbwe\Microsoft.MicrosoftOfficeHub.lnk -> Tile and icon assets
Shortcut: C:\Users\Adam\AppData\Local\Microsoft\Windows\Application Shortcuts\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.lnk -> Tile and icon assets
Shortcut: C:\Users\Adam\AppData\Local\Microsoft\Windows\Application Shortcuts\Microsoft.LockApp_cw5n1h2txyewy\WindowsDefaultLockScreen.lnk -> Tile and icon assets
Shortcut: C:\Users\Adam\AppData\Local\Microsoft\Windows\Application Shortcuts\Microsoft.Getstarted_8wekyb3d8bbwe\App.lnk -> Tile and icon assets
Shortcut: C:\Users\Adam\AppData\Local\Microsoft\Windows\Application Shortcuts\Microsoft.BioEnrollment_cw5n1h2txyewy\App.lnk -> Tile and icon assets
Shortcut: C:\Users\Adam\AppData\Local\Microsoft\Windows\Application Shortcuts\Microsoft.BingWeather_8wekyb3d8bbwe\App.lnk -> Tile and icon assets
Shortcut: C:\Users\Adam\AppData\Local\Microsoft\Windows\Application Shortcuts\Microsoft.BingSports_8wekyb3d8bbwe\AppexSports.lnk -> Tile and icon assets
Shortcut: C:\Users\Adam\AppData\Local\Microsoft\Windows\Application Shortcuts\Microsoft.BingNews_8wekyb3d8bbwe\AppexNews.lnk -> Tile and icon assets
Shortcut: C:\Users\Adam\AppData\Local\Microsoft\Windows\Application Shortcuts\Microsoft.BingFinance_8wekyb3d8bbwe\AppexFinance.lnk -> Tile and icon assets
Shortcut: C:\Users\Adam\AppData\Local\Microsoft\Windows\Application Shortcuts\Microsoft.Appconnector_8wekyb3d8bbwe\App.lnk -> Tile and icon assets
Shortcut: C:\Users\Adam\AppData\Local\Microsoft\Windows\Application Shortcuts\Microsoft.AccountsControl_cw5n1h2txyewy\App.lnk -> Tile and icon assets
Shortcut: C:\Users\Adam\AppData\Local\Microsoft\Windows\Application Shortcuts\Microsoft.AAD.BrokerPlugin_cw5n1h2txyewy\App.lnk -> Tile and icon assets
Shortcut: C:\Users\Adam\AppData\Local\Microsoft\Windows\Application Shortcuts\Microsoft.3DBuilder_8wekyb3d8bbwe\App.lnk -> Tile and icon assets
Shortcut: C:\Users\Adam\AppData\Local\Microsoft\Windows\Application Shortcuts\LenovoCorporation.LenovoSettings_4642shxvsv8s2\App.lnk -> Tile and icon assets
Shortcut: C:\Users\Adam\AppData\Local\Microsoft\Windows\Application Shortcuts\E046963F.LenovoSupport_k1h2ywk1493x8\App.lnk -> Tile and icon assets
Shortcut: C:\Users\Adam\AppData\Local\Microsoft\Windows\Application Shortcuts\E046963F.LenovoQuickCast_k1h2ywk1493x8\App.lnk -> Tile and icon assets
Shortcut: C:\Users\Adam\AppData\Local\Microsoft\Windows\Application Shortcuts\CyberLinkCorp.th.PowerDVDforLenovoThink_m916jedk64snt\App.lnk -> Tile and icon assets
Shortcut: C:\Users\Adam\AppData\Local\GG\Application\gg.lnk -> C:\Users\Adam\AppData\Local\GG\Application\gghub.exe (GG Network S.A.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu Places\01 - File Explorer.lnk -> C:\Windows\explorer.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu Places\03 - Documents.lnk -> C:\Users\Adam\Documents ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu Places\04 - Downloads.lnk -> C:\Users\Adam\Downloads ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu Places\05 - Music.lnk -> C:\Users\Adam\Music ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu Places\06 - Pictures.lnk -> C:\Users\Adam\Pictures ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu Places\07 - Videos.lnk -> C:\Users\Adam\Videos ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu Places\08 - Homegroup.lnk -> Microsoft.Windows.Homegroup
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu Places\09 - Network.lnk -> Microsoft.Windows.Network
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu Places\10 - UserProfile.lnk -> C:\Users\Adam ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk -> C:\Windows\Installer\{AC76BA86-7AD7-1045-7B44-AC0F074E4100}\SC_Reader.ico (Flexera Software LLC)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast Free Antivirus.lnk -> C:\Program Files\AVAST Software\Avast\AvastUI.exe (AVAST Software)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast SafeZone Browser.lnk -> C:\Program Files\AVAST Software\SZBrowser\launcher.exe (Avast Software)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Immersive Control Panel.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LenovoEMC Storage Connector Help.lnk -> C:\Program Files\LenovoEMC\StorageConnector\Help\lesc_help-en.chm ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LenovoEMCStorageConnector.lnk -> C:\Program Files\LenovoEMC\StorageConnector\StorageConnector.exe (LenovoEMC Products USA, LLC)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MiracastView.lnk -> C:\Windows\MiracastView\MiracastView.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk -> C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PrintDialog.lnk -> C:\Windows\PrintDialog\PrintDialog.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VT Niemiecki Kurs podstawowy mp3\Usuń VT Niemiecki Kurs podstawowy mp3.lnk -> C:\Edgard\VT Niemiecki Kurs podstawowy mp3\unins000.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VT Niemiecki Kurs podstawowy mp3\VT Niemiecki Kurs podstawowy mp3.lnk -> C:\Edgard\VT Niemiecki Kurs podstawowy mp3\vt.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\System Tools\Windows Defender.lnk -> C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam\Steam.lnk -> C:\Program Files (x86)\Steam\Steam.exe (Valve Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\StartUp\ThinkPad OneLink Dock Management.lnk -> C:\Program Files (x86)\Lenovo\OneLink Dock\onelinkpromgn.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype\Skype.lnk -> C:\Program Files (x86)\Skype\Phone\Skype.exe (Skype Technologies S.A.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PowerDVD Create\PowerDVD Create.lnk -> C:\Program Files (x86)\CyberLink\PowerDVD Create\PDVDCreate.exe (CyberLink Corp.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PowerDVD Create\PowerDVD.lnk -> C:\Program Files (x86)\CyberLink\PowerDVD10\PDVDLaunchPolicy.exe (CyberLink Corp.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PowerDVD Create\Power2Go\ISO Viewer.lnk -> C:\Program Files (x86)\CyberLink\Power2Go\IsoViewer.exe (CyberLink Corp.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PowerDVD Create\Power2Go\Power2Go.lnk -> C:\Program Files (x86)\CyberLink\Power2Go\Power2Go.exe (CyberLink Corp.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PowerDVD Create\CyberLink PowerProducer 5.5\CyberLink PowerProducer 5.5.lnk -> C:\Program Files (x86)\CyberLink\PowerProducer\Producer.exe (CyberLink Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OpenOffice.org 2.4\OpenOffice.org Base.lnk -> C:\Program Files (x86)\OpenOffice.org 2.4\program\sbase.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OpenOffice.org 2.4\OpenOffice.org Calc.lnk -> C:\Program Files (x86)\OpenOffice.org 2.4\program\scalc.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OpenOffice.org 2.4\OpenOffice.org Draw.lnk -> C:\Program Files (x86)\OpenOffice.org 2.4\program\sdraw.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OpenOffice.org 2.4\OpenOffice.org Impress.lnk -> C:\Program Files (x86)\OpenOffice.org 2.4\program\simpress.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OpenOffice.org 2.4\OpenOffice.org Math.lnk -> C:\Program Files (x86)\OpenOffice.org 2.4\program\smath.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OpenOffice.org 2.4\OpenOffice.org Writer.lnk -> C:\Program Files (x86)\OpenOffice.org 2.4\program\swriter.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight\Microsoft Silverlight.lnk -> C:\Program Files (x86)\Microsoft Silverlight\5.1.50906.0\Silverlight.Configuration.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware\Deinstalacja programu Malwarebytes Anti-Malware.lnk -> C:\Program Files (x86)\Malwarebytes Anti-Malware\unins000.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware\Malwarebytes Anti-Malware Notifications.lnk -> C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe (Malwarebytes)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware\Malwarebytes Anti-Malware.lnk -> C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe (Malwarebytes)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware\Tools\Malwarebytes Anti-Malware Chameleon.lnk -> C:\Program Files (x86)\Malwarebytes Anti-Malware\Chameleon\Windows\chameleon.chm ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lenovo ThinkVantage Tools\Active Protection System.lnk -> C:\Windows\System32\TpShCPL.cpl (Lenovo.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lenovo ThinkVantage Tools\Lenovo PC Experience.lnk -> D:\Windows\System32\Dxpserver.exe (Brak pliku)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lenovo ThinkVantage Tools\Lenovo Solution Center.lnk -> C:\Program Files\Lenovo\Lenovo Solution Center\LSC.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lenovo ThinkVantage Tools\Lenovo User Guide.lnk -> C:\ProgramData\Lenovo\userguides\viewer\LenovoUserGuide.exe (Lenovo)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lenovo ThinkVantage Tools\System Update.lnk -> C:\Program Files (x86)\Lenovo\System Update\tvsu.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lenovo ThinkVantage Tools\Warranty Information.lnk -> C:\Program Files (x86)\Lenovo\Warranty Viewer\WarrantyViewer.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lenovo\Lenovo QuickControl.lnk -> C:\Program Files (x86)\Lenovo\QuickControl\QuickControlUI.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lenovo\Lenovo Solutions for Small Business.lnk -> C:\Program Files\Intel\Intel(R) Small Business Advantage\UI\IntelSmallBusinessAdvantage.exe (Intel Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lenovo\System Update.lnk -> C:\Program Files (x86)\Lenovo\System Update\tvsu.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Internet Manager\Internet Manager.lnk -> C:\Program Files (x86)\T-Mobile\InternetManager_H\Internet Manager.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Internet Manager\Uninstall.lnk -> C:\Program Files (x86)\T-Mobile\InternetManager_H\uninst.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel\Intel(R) Management Engine Components\Intel(R) Management and Security Status.lnk -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PrivacyIconClient.exe (Intel Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dolby\Dolby Digital Plus.lnk -> C:\Program Files\Dolby Digital Plus\ddpe.exe (Dolby Laboratories Inc.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CyberLink PhotoDirector 3\CyberLink PhotoDirector 3.lnk -> C:\Program Files (x86)\CyberLink\PhotoDirector3\PhotoDirector3.exe (CyberLink Corp.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Conexant\SAII\SmartAudio.lnk -> C:\Program Files\CONEXANT\SAII\SmartAudio.exe (Conexant Systems, Inc)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bandizip\Bandizip.lnk -> C:\Program Files\Bandizip\Bandizip64.exe (Bandisoft.com)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bandizip\Odinstaluj.lnk -> C:\Program Files\Bandizip\Uninstall.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Component Services.lnk -> C:\Windows\System32\comexp.msc ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\dfrgui.lnk -> C:\Windows\System32\dfrgui.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Disk Cleanup.lnk -> C:\Windows\System32\cleanmgr.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\iSCSI Initiator.lnk -> C:\Windows\System32\iscsicpl.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Memory Diagnostics Tool.lnk -> C:\Windows\System32\MdSched.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\ODBC Data Sources (32-bit).lnk -> C:\Windows\SysWOW64\odbcad32.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\ODBC Data Sources (64-bit).lnk -> C:\Windows\System32\odbcad32.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\services.lnk -> C:\Windows\System32\services.msc ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\System Configuration.lnk -> C:\Windows\System32\msconfig.exe (Microsoft® Windows® Operating System)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\System Information.lnk -> C:\Windows\System32\msinfo32.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Windows Firewall with Advanced Security.lnk -> C:\Windows\System32\WF.msc ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Math Input Panel.lnk -> C:\Program Files\Common Files\Microsoft Shared\ink\mip.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Paint.lnk -> C:\Windows\System32\mspaint.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Quick Assist.lnk -> C:\Windows\System32\quickassist.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Remote Desktop Connection.lnk -> C:\Windows\System32\mstsc.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Snipping Tool.lnk -> C:\Windows\System32\SnippingTool.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Steps Recorder.lnk -> C:\Windows\System32\psr.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Windows Fax and Scan.lnk -> C:\Windows\System32\WFS.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Wordpad.lnk -> C:\Program Files\Windows NT\Accessories\wordpad.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\XPS Viewer.lnk -> C:\Windows\System32\xpsrchvw.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Character Map.lnk -> C:\Windows\System32\charmap.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Lenovo\SystemUpdate\Session\Repository\sushortcutfix01\tvsu_32.lnk -> C:\Program Files (x86)\Lenovo\System Update\tvsu.exe ()
Shortcut: C:\ProgramData\Lenovo\SystemUpdate\Session\Repository\sushortcutfix01\tvsu_64.lnk -> C:\Program Files (x86)\Lenovo\System Update\tvsu.exe ()
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell\Windows PowerShell (x86).lnk -> C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell\Windows PowerShell ISE (x86).lnk -> C:\Windows\SysWOW64\WindowsPowerShell\v1.0\PowerShell_ISE.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell\Windows PowerShell ISE.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\PowerShell_ISE.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell\Windows PowerShell.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Command Prompt.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\computer.lnk -> C:\Windows\explorer.exe,-30
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Control Panel.lnk -> C:\Windows\System32\imageres.dll (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\File Explorer.lnk -> C:\Windows\explorer.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Run.lnk -> C:\Windows\System32\shell32.dll (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Windows Defender.lnk -> C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Notepad.lnk -> C:\Windows\System32\notepad.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility\Magnify.lnk -> C:\Windows\System32\Magnify.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility\Narrator.lnk -> C:\Windows\System32\Narrator.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility\On-Screen Keyboard.lnk -> C:\Windows\System32\osk.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -> C:\Windows\System32\imageres.dll (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -> C:\Windows\explorer.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\01 - Command Prompt.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\01a - Windows PowerShell.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\02 - Command Prompt.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\02a - Windows PowerShell.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\03 - Computer Management.lnk -> C:\Windows\System32\compmgmt.msc ()
Shortcut: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\04 - Disk Management.lnk -> C:\Windows\System32\diskmgmt.msc ()
Shortcut: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\07 - Event Viewer.lnk -> C:\Windows\System32\eventvwr.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\09 - Mobility Center.lnk -> C:\Windows\System32\mblctr.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group2\4 - Control Panel.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation)
Shortcut: C:\Users\Public\Desktop\Avast Free Antivirus.lnk -> C:\Program Files\AVAST Software\Avast\AvastUI.exe (AVAST Software)
ShortcutWithArgument: C:\Users\Adam\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Default Apps.lnk -> C:\Windows\ImmersiveControlPanel\systemsettings.exe (Microsoft Corporation) -> page=SettingsPageAppsDefaults
ShortcutWithArgument: C:\Users\Adam\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Devices.lnk -> C:\Windows\ImmersiveControlPanel\systemsettings.exe (Microsoft Corporation) -> page=SettingsPagePCSystemDevices
ShortcutWithArgument: C:\Users\Adam\AppData\Roaming\Microsoft\Windows\SendTo\Fax Recipient.lnk -> C:\Windows\System32\WFS.exe (Microsoft Corporation) -> /SendTo
ShortcutWithArgument: C:\Users\Adam\AppData\Roaming\Microsoft\Windows\SendTo\Odbiorca faksu.lnk -> C:\Windows\System32\WFS.exe (Microsoft Corporation) -> /SendTo
ShortcutWithArgument: C:\Users\Adam\AppData\Roaming\Microsoft\Windows\SendTo\Skype.lnk -> C:\Program Files (x86)\Skype\Phone\Skype.exe (Skype Technologies S.A.) -> /sendto:
ShortcutWithArgument: C:\Users\Adam\AppData\Local\Microsoft\Windows\WinX\Group3\04-1 - Network Connections.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> ::{7007ACC7-3202-11D1-AAD2-00805FC1270E}
ShortcutWithArgument: C:\Users\Adam\AppData\Local\Microsoft\Windows\WinX\Group3\05 - Device Manager.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.DeviceManager
ShortcutWithArgument: C:\Users\Adam\AppData\Local\Microsoft\Windows\WinX\Group3\06 - System.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.System
ShortcutWithArgument: C:\Users\Adam\AppData\Local\Microsoft\Windows\WinX\Group3\08 - Power Options.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.PowerOptions
ShortcutWithArgument: C:\Users\Adam\AppData\Local\Microsoft\Windows\WinX\Group3\10 - Programs and Features.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.ProgramsAndFeatures
ShortcutWithArgument: C:\Users\Adam\AppData\Local\Microsoft\Windows\WinX\Group2\1 - Run.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> shell:::{2559a1f3-21d7-11d4-bdaf-00c04f60b9f0}
ShortcutWithArgument: C:\Users\Adam\AppData\Local\Microsoft\Windows\WinX\Group2\2 - Search.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> shell:::{2559a1f8-21d7-11d4-bdaf-00c04f60b9f0}
ShortcutWithArgument: C:\Users\Adam\AppData\Local\Microsoft\Windows\WinX\Group2\3 - Windows Explorer.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> /e,::{20D04FE0-3AEA-1069-A2D8-08002B30309D}
ShortcutWithArgument: C:\Users\Adam\AppData\Local\Microsoft\Windows\WinX\Group2\5 - Task Manager.lnk -> C:\Windows\System32\Taskmgr.exe (Microsoft® Windows® Operating System) -> /0
ShortcutWithArgument: C:\Users\Adam\AppData\Local\Microsoft\Windows\WinX\Group1\1 - Desktop.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> shell:::{3080F90D-D7AD-11D9-BD98-0000947B0257}
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mouse Properties (Touchpad Clickpad Trackpad TrackPoint Mouse Pointer Pointing Pad).lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> mouse
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk -> C:\Program Files (x86)\Windows Media Player\wmplayer.exe (Microsoft Corporation) -> /prefetch:1
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\System Tools\Task Manager.lnk -> C:\Windows\System32\Taskmgr.exe (Microsoft® Windows® Operating System) -> /7
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Computer Management.lnk -> C:\Windows\System32\compmgmt.msc () -> /s
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Event Viewer.lnk -> C:\Windows\System32\eventvwr.msc () -> /s
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Performance Monitor.lnk -> C:\Windows\System32\perfmon.msc () -> /s
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Resource Monitor.lnk -> C:\Windows\System32\perfmon.exe (Microsoft Corporation) -> /res
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Task Scheduler.lnk -> C:\Windows\System32\taskschd.msc () -> /s
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Windows Media Player.lnk -> C:\Program Files (x86)\Windows Media Player\wmplayer.exe (Microsoft Corporation) -> /prefetch:1
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessibility\Speech Recognition.lnk -> C:\Windows\Speech\Common\sapisvr.exe (Microsoft Corporation) -> -SpeechUX
ShortcutWithArgument: C:\ProgramData\Lenovo\LenovoTvtTools\Lenovo PC Experience.lnk -> C:\Windows\System32\Dxpserver.exe (Microsoft Corporation) -> /c
ShortcutWithArgument: C:\ProgramData\Lenovo\iMController\Plugins\ThinkTouchPadPlugin\x86\SynCPL.lnk -> C:\Windows\System32\rundll32.exe (Microsoft Corporation) -> "C:\Program Files\Synaptics\SynTP\SynTPCpl.dll",ShowDevicePropPage 1
ShortcutWithArgument: C:\ProgramData\Lenovo\iMController\Plugins\ThinkTouchPadPlugin\x64\SynCPL.lnk -> C:\Windows\System32\rundll32.exe (Microsoft Corporation) -> "C:\Program Files\Synaptics\SynTP\SynTPCpl.dll",ShowDevicePropPage 1
ShortcutWithArgument: C:\ProgramData\Lenovo\iMController\Plugins\LenovoBatteryGaugePackage\x86\HideBatteryGauge.lnk -> C:\Windows\System32\rundll32.exe (Microsoft Corporation) -> C:\ProgramData\Lenovo\ImController\Plugins\LenovoBatteryGaugePackage\x86\LenovoBatteryGaugePackage.dll,HideBatteryGauge
ShortcutWithArgument: C:\ProgramData\Lenovo\iMController\Plugins\LenovoBatteryGaugePackage\x86\ShowBatteryGauge.lnk -> C:\Windows\System32\rundll32.exe (Microsoft Corporation) -> C:\ProgramData\Lenovo\ImController\Plugins\LenovoBatteryGaugePackage\x86\LenovoBatteryGaugePackage.dll,ShowBatteryGauge
ShortcutWithArgument: C:\ProgramData\Lenovo\iMController\Plugins\LenovoBatteryGaugePackage\x86\UnloadBatteryGaugeFromExplorer.lnk -> C:\Windows\System32\rundll32.exe (Microsoft Corporation) -> C:\ProgramData\Lenovo\ImController\Plugins\LenovoBatteryGaugePackage\x86\LenovoBatteryGaugePackage.dll,UnloadBatteryGaugeFromExplorer
ShortcutWithArgument: C:\ProgramData\Lenovo\iMController\Plugins\LenovoBatteryGaugePackage\x86\UnpinFromTaskbar.lnk -> C:\Windows\System32\rundll32.exe (Microsoft Corporation) -> C:\ProgramData\Lenovo\ImController\Plugins\LenovoBatteryGaugePackage\x86\LenovoBatteryGaugePackage.dll,UnpinFromTaskbar
ShortcutWithArgument: C:\ProgramData\Lenovo\iMController\Plugins\LenovoBatteryGaugePackage\x64\HideBatteryGauge.lnk -> C:\Windows\System32\rundll32.exe (Microsoft Corporation) -> C:\ProgramData\Lenovo\ImController\Plugins\LenovoBatteryGaugePackage\x64\LenovoBatteryGaugePackage.dll,HideBatteryGauge
ShortcutWithArgument: C:\ProgramData\Lenovo\iMController\Plugins\LenovoBatteryGaugePackage\x64\ShowBatteryGauge.lnk -> C:\Windows\System32\rundll32.exe (Microsoft Corporation) -> C:\ProgramData\Lenovo\ImController\Plugins\LenovoBatteryGaugePackage\x64\LenovoBatteryGaugePackage.dll,ShowBatteryGauge
ShortcutWithArgument: C:\ProgramData\Lenovo\iMController\Plugins\LenovoBatteryGaugePackage\x64\UnloadBatteryGaugeFromExplorer.lnk -> C:\Windows\System32\rundll32.exe (Microsoft Corporation) -> C:\ProgramData\Lenovo\ImController\Plugins\LenovoBatteryGaugePackage\x64\LenovoBatteryGaugePackage.dll,UnloadBatteryGaugeFromExplorer
ShortcutWithArgument: C:\ProgramData\Lenovo\iMController\Plugins\LenovoBatteryGaugePackage\x64\UnpinFromTaskbar.lnk -> C:\Windows\System32\rundll32.exe (Microsoft Corporation) -> C:\ProgramData\Lenovo\ImController\Plugins\LenovoBatteryGaugePackage\x64\LenovoBatteryGaugePackage.dll,UnpinFromTaskbar
ShortcutWithArgument: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Default Apps.lnk -> C:\Windows\ImmersiveControlPanel\systemsettings.exe (Microsoft Corporation) -> page=SettingsPageAppsDefaults
ShortcutWithArgument: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Devices.lnk -> C:\Windows\ImmersiveControlPanel\systemsettings.exe (Microsoft Corporation) -> page=SettingsPagePCSystemDevices
ShortcutWithArgument: C:\Users\Default\AppData\Roaming\Microsoft\Windows\SendTo\Fax Recipient.lnk -> C:\Windows\System32\WFS.exe (Microsoft Corporation) -> /SendTo
ShortcutWithArgument: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\04-1 - Network Connections.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> ::{7007ACC7-3202-11D1-AAD2-00805FC1270E}
ShortcutWithArgument: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\05 - Device Manager.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.DeviceManager
ShortcutWithArgument: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\06 - System.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.System
ShortcutWithArgument: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\08 - Power Options.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.PowerOptions
ShortcutWithArgument: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\10 - Programs and Features.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.ProgramsAndFeatures
ShortcutWithArgument: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group2\1 - Run.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> shell:::{2559a1f3-21d7-11d4-bdaf-00c04f60b9f0}
ShortcutWithArgument: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group2\2 - Search.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> shell:::{2559a1f8-21d7-11d4-bdaf-00c04f60b9f0}
ShortcutWithArgument: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group2\3 - Windows Explorer.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> shell:::{52205fd8-5dfb-447d-801a-d0b52f2e83e1}
ShortcutWithArgument: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group2\5 - Task Manager.lnk -> C:\Windows\System32\Taskmgr.exe (Microsoft® Windows® Operating System) -> /0
ShortcutWithArgument: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group1\1 - Desktop.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> shell:::{3080F90D-D7AD-11D9-BD98-0000947B0257}
InternetURL: C:\Users\Adam\Favorites\Bing.url -> URL: hxxp://go.microsoft.com/fwlink/p/?LinkId=255142
InternetURL: C:\Users\Adam\Favorites\Lenovo Recommended Websites\Home.url -> URL: hxxp://www.lenovo.com/welcome/thinkpad
InternetURL: C:\Users\Adam\Favorites\Lenovo Recommended Websites\My Lenovo Cloud.url -> URL: hxxp://www.mylenovocloud.com/
InternetURL: C:\Users\Adam\Favorites\Lenovo Recommended Websites\News.url -> URL: hxxp://www.lenovo.com/news/us/en
InternetURL: C:\Users\Adam\Favorites\Lenovo Recommended Websites\Product Registration.url -> URL: hxxp://www.lenovo.com/register
InternetURL: C:\Users\Adam\Favorites\Lenovo Recommended Websites\Products.url -> URL: hxxp://www.lenovo.com/products/us/en
InternetURL: C:\Users\Adam\Favorites\Lenovo Recommended Websites\Services, Software, and Accessories.url -> URL: hxxp://www.lenovo.com/accessories
InternetURL: C:\Users\Adam\Favorites\Lenovo Recommended Websites\Support and Downloads.url -> URL: hxxp://www.lenovo.com/support
InternetURL: C:\Users\Adam\Favorites\Lenovo Recommended Websites\The Intel WiMAX website.url -> URL: hxxp://www.intel.com/go/getwimax
InternetURL: C:\Users\Adam\Favorites\Lenovo Recommended Websites\ThinkVantage Technologies.url -> URL: hxxp://www.lenovo.com/thinkvantage
InternetURL: C:\Users\Adam\Desktop\Counter-Strike.url -> URL: steam://rungameid/10
InternetURL: C:\Users\Adam\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam\Counter-Strike.url -> URL: steam://rungameid/10
InternetURL: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam\Steam Support Center.url -> URL: hxxp://support.steampowered.com/
==================== Koniec Shortcut.txt =============================
Dodano 23.05.2017 11:46:50:
- Kod: Zaznacz wszystko
Rezultaty skanu uzupełniającego Farbar Recovery Scan Tool (x64) Wersja: 22-05-2017
Uruchomiony przez Adam (23-05-2017 12:43:06)
Uruchomiony z C:\Users\Adam\Downloads
Windows 10 Home Wersja 1607 (X64) (2016-09-29 10:08:02)
Tryb startu: Normal
==========================================================
==================== Konta użytkowników: =============================
Adam (S-1-5-21-395553583-66053808-1738365731-1001 - Administrator - Enabled) => C:\Users\Adam
Administrator (S-1-5-21-395553583-66053808-1738365731-500 - Administrator - Disabled)
Gość (S-1-5-21-395553583-66053808-1738365731-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-395553583-66053808-1738365731-1003 - Limited - Enabled)
Konto domyślne (S-1-5-21-395553583-66053808-1738365731-503 - Limited - Disabled)
==================== Centrum zabezpieczeń ========================
(Załączenie wejścia w fixlist spowoduje jego usunięcie.)
AV: Avast Antivirus (Enabled - Up to date) {8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avast Antivirus (Enabled - Up to date) {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402}
==================== Zainstalowane programy ======================
(W fixlist dozwolone tylko załączanie programów adware z flagą "Hidden" w celu ich uwidocznienia. Programy adware powinny zostać w poprawny sposób odinstalowane.)
Adobe Acrobat Reader DC - Polish (HKLM-x32\...\{AC76BA86-7AD7-1045-7B44-AC0F074E4100}) (Version: 17.009.20044 - Adobe Systems Incorporated)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 25.0.0.134 - Adobe Systems Incorporated)
Adobe Flash Player 25 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 25.0.0.171 - Adobe Systems Incorporated)
Avast Free Antivirus (HKLM-x32\...\Avast Antivirus) (Version: 17.4.2294 - AVAST Software)
Bandizip (HKLM\...\Bandizip) (Version: 5.01 - Bandisoft.com)
Conexant HD Audio (HKLM\...\CNXT_AUDIO_HDA) (Version: 8.66.16.50 - Conexant)
Counter-Strike (HKLM\...\Steam App 10) (Version: - Valve)
CyberLink PhotoDirector 3 (HKLM-x32\...\InstallShield_{39337565-330E-4ab6-A9AE-AC81E0720B10}) (Version: 3.0.1.4107 - CyberLink Corp.)
CyberLink PowerDVD 10 (HKLM-x32\...\InstallShield_{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}) (Version: 10.0.5630.52 - CyberLink Corp.)
Dependency Package Update (x32 Version: 1.6.32.00 - Lenovo Group Limited) Hidden
Dependency Package Update (x32 Version: 1.6.38.00 - Lenovo Group Limited) Hidden
Dolby Digital Plus Advanced Audio (HKLM\...\{B0BFC63F-EA07-419E-960B-3FB2ED5DD0B2}) (Version: 7.6.5.1 - Dolby Laboratories Inc)
GG (HKU\S-1-5-21-395553583-66053808-1738365731-1001\...\GG) (Version: 12 - GG Network S.A.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 58.0.3029.110 - Google Inc.)
Google Update Helper (x32 Version: 1.3.21.169 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.33.5 - Google Inc.) Hidden
Integrated Camera (HKLM-x32\...\{E0A7ED39-8CD6-4351-93C3-69CCA00D12B4}) (Version: 6.2.9200.10236 - Realtek Semiconductor Corp.)
Intel Collaborative Processor Performance Control (HKLM-x32\...\0E7DAF70-FB54-4B91-B192-7E771C25AEEB) (Version: 1.0.0.1014 - Intel Corporation)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.5.15.1730 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 20.19.15.4531 - Intel Corporation)
Intel(R) Update Manager (x32 Version: 1.0.0.36888 - Intel Corporation) Hidden
Internet Manager (HKLM-x32\...\Internet Manager) (Version: 22.001.18.17.49 - Huawei Technologies Co.,Ltd)
Lenovo Auto Scroll Utility (HKLM\...\LenovoAutoScrollUtility) (Version: 2.10 - )
Lenovo Patch Utility (x32 Version: 1.3.2.6 - Lenovo Group Limited) Hidden
Lenovo Patch Utility 64 bit (Version: 1.4.0.4 - Lenovo Group Limited) Hidden
Lenovo Power Management Driver (HKLM\...\Power Management Driver) (Version: 1.67.10.17 - Lenovo)
Lenovo QuickControl (HKLM-x32\...\{4855C42F-5197-4AAD-A50D-5066D2CC4647}) (Version: 1.50 - Lenovo Group Limited)
Lenovo Settings - Camera Audio (HKLM\...\{88C6A6D9-324C-46E8-BA87-563D14021442}_is1) (Version: 4.1.12.100 - Lenovo Corporation)
Lenovo Settings - Location Awareness (HKLM-x32\...\{C79D4402-E622-4922-9C02-89F9080BF081}_is1) (Version: 1.3.0.8 - Lenovo Group Limited)
Lenovo Settings — Power (HKLM-x32\...\{A6CFC34A-56EE-4AF5-8C49-995F59E6A160}) (Version: 2.00.000 - Lenovo)
Lenovo Settings Dependency Package (HKLM\...\{3694BA2E-BE31-4B7E-886B-A0B559E69D4D}_is1) (Version: 2.0.0.9 - Lenovo Group Limited)
Lenovo Settings UMDF driver (HKLM\...\{2BDC7413-65EA-4B99-8C4B-02F11075BE6D}_is1) (Version: 1.1.0.2 - Lenovo Group Limited)
Lenovo Solution Center (HKLM\...\{49277B39-D2E8-4342-9CE8-FC080C3FA344}) (Version: 2.8.007.00 - Lenovo Group Limited)
Lenovo Solutions for Small Business (HKLM-x32\...\{6A6D86CD-B004-46b7-8951-7BB75A776F8C}) (Version: 2.2.42.8185 - Intel(R) Corporation)
Lenovo Solutions for Small Business Customizations (HKLM-x32\...\{AFD7B869-3B70-40C7-8983-769256BA3BD2}) (Version: 2.2.0003.00 - Lenovo Group Limited)
Lenovo System Interface Foundation (HKLM\...\{C2E5CA37-C862-4A69-AC6D-24F450A20C16}) (Version: 1.0.076.00 - Lenovo)
Lenovo System Update (HKLM-x32\...\{25C64847-B900-48AD-A164-1B4F9B774650}) (Version: 5.07.0053 - Lenovo)
Lenovo User Guide (HKLM-x32\...\{13F59938-C595-479C-B479-F171AB9AF64F}) (Version: 1.0.0012.00 - Lenovo Group Limited)
Lenovo Warranty Information (HKLM-x32\...\{FD4EC278-C1B1-4496-99ED-C0BE1B0AA521}) (Version: 1.0.0011.00 - Lenovo)
LenovoEMC Storage Connector (HKLM\...\LenovoEMC) (Version: 1.1.2.26394 - LenovoEMC)
Malwarebytes Anti-Malware wersja 2.2.0.1024 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.0.1024 - Malwarebytes)
Metric Collection SDK (x32 Version: 1.1.0012.00 - Lenovo Group Limited) Hidden
Microsoft Office 365 - pl-pl (HKLM\...\O365HomePremRetail - pl-pl) (Version: 15.0.4675.1003 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50906.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM-x32\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Mozilla Firefox 52.0 (x86 pl) (HKLM-x32\...\Mozilla Firefox 52.0 (x86 pl)) (Version: 52.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 48.0.2.6079 - Mozilla)
Office 15 Click-to-Run Extensibility Component (x32 Version: 15.0.4675.1003 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Licensing Component (Version: 15.0.4675.1003 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Localization Component (x32 Version: 15.0.4675.1003 - Microsoft Corporation) Hidden
On Screen Display (HKLM\...\OnScreenDisplay) (Version: 8.42.20 - )
OpenOffice.org 2.4 (HKLM-x32\...\{E33DB440-A008-4928-8A4E-5FC5ADDED608}) (Version: 2.4.9364 - OpenOffice.org)
Pakiet sterowników systemu Windows - Intel Corporation (iaStorA) HDC (08/01/2013 12.8.0.1016) (HKLM\...\C8A921233C0C441A4E4EAABC2AB08C872FD77A6E) (Version: 08/01/2013 12.8.0.1016 - Intel Corporation)
Pakiet sterowników systemu Windows - Lenovo 1.67.04.04 (11/07/2013 1.67.04.04) (HKLM\...\70FB73D983446AEE2932B0ED51A770D1BD1348DA) (Version: 11/07/2013 1.67.04.04 - Lenovo)
Polski pakiet językowy dla narzędzi Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - PLK) (Version: 10.0.50903 - Microsoft Corporation)
PowerDVD Create (HKLM-x32\...\InstallShield_{DE485075-8CD3-4A1E-9ABC-6412EBA44872}) (Version: 10.0 - CyberLink Corp.)
PowerDVD Create 10 (x32 Version: 10.0.1.2704 - CyberLink Corp.) Hidden
RapidBoot HDD Accelerator (HKLM-x32\...\Fastboot) (Version: 2.1.1.0 - Lenovo)
REALTEK Bluetooth Driver (HKLM-x32\...\{9D3D8C60-A5EF-4123-B2B9-172095903AB}) (Version: 3.769.773.101113 - REALTEK Semiconductor Corp.)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 6.2.9200.21234 - Realtek Semiconductor Corp.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.19.726.2013 - Realtek)
REALTEK Wireless LAN Driver (HKLM-x32\...\{9DAABC60-A5EF-41FF-B2B9-17329590CD5}) (Version: 1.00.0227 - REALTEK Semiconductor Corp.)
SafeZone Stable 1.48.2066.44 (x32 Version: 1.48.2066.44 - Avast Software) Hidden
SafeZone Stable 3.55.2393.596 (x32 Version: 3.55.2393.596 - Avast Software) Hidden
Skype Click to Call (HKLM-x32\...\{873F8E7C-10E6-449F-BD7E-5FBA7C8E1C9B}) (Version: 8.5.0.9167 - Microsoft Corporation)
Skype™ 7.36 (HKLM-x32\...\{3B7E914A-93D5-4A29-92BB-AF8C3F66C431}) (Version: 7.36.101 - Skype Technologies S.A.)
Steam (HKLM-x32\...\Steam) (Version: - Valve Corporation)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 19.0.17.27 - Synaptics Incorporated)
ThinkPad OneLink Dock (HKLM-x32\...\{8E1CACF5-2493-4950-9AD5-189903FE57E7}) (Version: 1.08.25 - Lenovo)
ThinkVantage Active Protection System (HKLM\...\{46A84694-59EC-48F0-964C-7E76E9F8A2ED}) (Version: 1.78.0.10 - Lenovo)
Validity WBF DDK 5011 (HKLM\...\{FF5E324F-1FFF-49D4-8F71-0D25EDF12764}) (Version: 4.5.240.0 - Validity Sensors, Inc.)
Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies)
Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
VT Niemiecki Kurs podstawowy mp3 (HKLM-x32\...\vt30niemmp3_is1) (Version: - )
WaveEditor (x32 Version: 1.0.1.4514 - CyberLink Corp.) Hidden
==================== Niestandardowe rejestracje CLSID (filtrowane): ==========================
(Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.)
CustomCLSID: HKU\S-1-5-21-395553583-66053808-1738365731-1001_Classes\CLSID\{5B69A6B4-393B-459C-8EBB-214237A9E7AC}\InprocServer32 -> C:\Program Files\Bandizip\bdzshl64.dll (Bandisoft.com)
CustomCLSID: HKU\S-1-5-21-395553583-66053808-1738365731-1001_Classes\CLSID\{E68D0A55-3C40-4712-B90D-DCFA93FF2534}\InprocServer32 -> C:\Users\Adam\AppData\Roaming\GG\ggdrive\ggdrive-menu.dll (GG Network S.A.)
==================== Zaplanowane zadania (filtrowane) =============
(Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.)
Task: {15E3A967-46D8-4271-84D5-205611B8619A} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2017-04-25] (Adobe Systems Incorporated)
Task: {20756577-2000-4FC6-AC44-32A1DBECF3D1} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-01-31] (Google Inc.)
Task: {21385C8D-A5E6-4482-961B-1EDADB24CFC7} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\3f321057-3ac5-429f-95e1-d4160bce1fdf => C:\Program Files\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [2017-04-25] (Lenovo Group Limited)
Task: {3435619E-12F7-4D13-B10D-7C87C112CB28} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesCommonx86\Microsoft Shared\OFFICE15\OLicenseHeartbeat.exe
Task: {352E6CA0-7314-4DF4-89C4-682368D80D57} - System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join => %SystemRoot%\System32\AutoWorkplace.exe
Task: {38ECD283-4C8C-4F9D-A0DE-434F78C57F5B} - System32\Tasks\Lenovo\ImController\Plugins\LenovoSystemUpdatePlugin_WeeklyTask => reg.exe add hklm\SOFTWARE\Lenovo\SystemUpdatePlugin\scheduler /v start /t reg_dword /d 1 /f /reg:32
Task: {3B135B0A-5E5E-4ED0-B851-18288CBC9B2C} - System32\Tasks\TVT\TVSUUpdateTask_UserLogOn => C:\Program Files (x86)\Lenovo\System Update\tvsuShim.exe [2017-05-09] ()
Task: {3C7DE913-3556-4184-A6A6-376FA0A1B5C8} - System32\Tasks\SafeZone scheduled Autoupdate 1458426270 => C:\Program Files\AVAST Software\SZBrowser\launcher.exe [2017-03-22] (Avast Software)
Task: {4A11B572-5056-4673-BDDB-7228827FD860} - System32\Tasks\AVAST Software\Avast settings backup => C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe [2017-04-16] (AVAST Software)
Task: {4DDAFC40-61A9-462A-A3B2-F4E7080AAF5D} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2014-11-04] (Microsoft Corporation)
Task: {5538CFF4-EB04-4017-8FF2-B37BE400C657} - System32\Tasks\Lenovo\ImController\Plugins\LenovoSystemUpdatePlugin_TVSUUpdateTask_Once => reg.exe add hklm\SOFTWARE\Lenovo\SystemUpdatePlugin\scheduler /v start /t reg_dword /d 2 /f /reg:32
Task: {58B180ED-D066-43A5-A240-3C220083A6BA} - System32\Tasks\Lenovo\LSC\Lenovo Solution Center Notifications => C:\Program Files\Lenovo\Lenovo Solution Center\LSCNotify.exe [2016-01-08] (Lenovo)
Task: {6B29A057-F7D6-4AE3-B6EC-AE409A3E716E} - System32\Tasks\Lenovo\LSC\LSCHardwareScanPostpone => C:\Program Files\Lenovo\Lenovo Solution Center\LSC.exe [2016-01-08] ()
Task: {6E933BB4-0396-47E5-9693-189E41898757} - System32\Tasks\Lenovo\Lenovo Customer Feedback Program 64 => C:\Program Files (x86)\Lenovo\Customer Feedback Program\Lenovo.TVT.CustomerFeedback.Agent.exe [2015-07-08] (Lenovo)
Task: {72BA38E3-3145-4387-928B-6FA5CEEFC22B} - System32\Tasks\StartPowerDVDService => C:\PROGRAM FILES (x86)\Cyberlink\PowerDVD10\PDVD10Serv.exe [2013-06-28] (CyberLink Corp.)
Task: {74674D36-D099-4BD3-BE0C-B2DD25271647} - System32\Tasks\Lenovo\Lenovo Customer Feedback Program 64 35 => C:\Program Files (x86)\Lenovo\Customer Feedback Program 35\Lenovo.TVT.CustomerFeedback.Agent35.exe [2016-01-08] (Lenovo)
Task: {7865321B-2C8E-4B23-A50E-1124C835D610} - System32\Tasks\Lenovo\Lenovo Settings Power => Rundll32.exe "C:\Program Files (x86)\ThinkPad\Utilities\PWMTR64V.dll",PwrMgrBkGndMonitor
Task: {8D8F56DA-6C34-47BB-8349-296977F68036} - \WPD\SqmUpload_S-1-5-21-395553583-66053808-1738365731-1001 -> Brak pliku <==== UWAGA
Task: {8F44FBE3-2EAB-42A9-B467-775053C546D3} - System32\Tasks\Lenovo\ImController\Lenovo iM Controller Scheduled Maintenance => Sc.exe START ImControllerService
Task: {9252FCB5-92F9-467B-BEAB-CFB094427673} - System32\Tasks\Microsoft\Windows\PLA\LSC Memory => Rundll32.exe C:\WINDOWS\system32\pla.dll,PlaHost "LSC Memory" "$(Arg0)"
Task: {9B8E8683-088E-4C11-9040-DD560B03109C} - System32\Tasks\SafeZone scheduled Autoupdate 1455553702 => C:\Program Files\AVAST Software\SZBrowser\launcher.exe [2017-03-22] (Avast Software)
Task: {9BE176B4-8945-44D2-BB5C-21A83C30B85F} - System32\Tasks\Lenovo\Lenovo Solution Center Launcher => C:\Program Files\lenovo\lenovo solution center\App\LSCService.exe [2016-01-08] (Lenovo)
Task: {A6BFD066-E8BF-4BD6-948B-1248DEDC94AB} - System32\Tasks\Synaptics TouchPad Enhancements => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2015-10-25] (Synaptics Incorporated)
Task: {BEDCBFC1-69D0-49E7-9907-631349931669} - System32\Tasks\TVT\TVSUUpdateTask => C:\Program Files (x86)\Lenovo\System Update\tvsuShim.exe [2017-05-09] ()
Task: {C0AE073A-80A2-46F6-A7ED-E9E8EFFA441B} - System32\Tasks\CLMLSvc => C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe [2013-03-06] (CyberLink)
Task: {DA4612D5-67C5-4047-AA8D-7D2DE12CDF29} - System32\Tasks\Lenovo\Lenovo Customer Feedback Program => %ProgramFiles%\Lenovo\Customer Feedback Program\Lenovo.TVT.CustomerFeedback.Agent.exe
Task: {DA84CB01-5AF7-461B-8379-9794FBA01BF8} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe [2017-05-10] (AVAST Software)
Task: {DBA2AD47-8DDD-4348-8C14-AE97728D1CFC} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2017-05-23] (Adobe Systems Incorporated)
Task: {ECE94F82-649E-4FBC-B3EC-C64125C27AA4} - System32\Tasks\Lenovo\LSC\LSCHardwareScan => C:\Program Files\Lenovo\Lenovo Solution Center\LSC.exe [2016-01-08] ()
Task: {F21D4E6A-9985-4042-A6A0-23666251E6AE} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-01-31] (Google Inc.)
Task: {F93CB995-2C98-48AA-905F-2DFC5B18A4DA} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\94277638-b426-4d88-9e93-b40681eaaf46 => C:\Program Files\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [2017-04-25] (Lenovo Group Limited)
(Załączenie wejścia w fixlist spowoduje przesunięcie pliku zadania (.job). Plik uruchamiany docelowo przez zadanie nie zostanie przeniesiony.)
==================== Skróty =============================
(Wybrane wejścia mogą zostać załączone w celu ich zresetowania lub usunięcia.)
==================== Załadowane moduły (filtrowane) ==============
2016-07-16 13:42 - 2016-07-16 13:42 - 00231424 _____ () C:\WINDOWS\SYSTEM32\ism32k.dll
2017-04-17 12:56 - 2017-03-28 08:22 - 02681200 _____ () C:\WINDOWS\system32\CoreUIComponents.dll
2014-09-25 23:16 - 2014-05-20 09:19 - 00105640 _____ () C:\Program Files\Microsoft Office 15\ClientX64\ApiClient.dll
2014-01-15 05:42 - 2014-01-15 05:42 - 00351824 _____ () C:\ProgramData\DatacardService\HWDeviceService64.exe
2016-05-15 20:29 - 2014-04-26 08:15 - 00682064 _____ () C:\ProgramData\Internet Manager\OnlineUpdate\ouc.exe
2017-04-17 12:56 - 2017-03-28 08:22 - 02681200 _____ () C:\WINDOWS\SYSTEM32\CoreUIComponents.dll
2016-09-29 12:14 - 2016-09-29 12:14 - 00134656 _____ () C:\Windows\ShellExperiences\Windows.UI.Shell.SharedUtilities.dll
2017-03-15 11:38 - 2017-03-04 08:31 - 00474112 _____ () C:\Windows\ShellExperiences\QuickActions.dll
2016-09-29 11:28 - 2010-10-26 12:40 - 00049056 _____ () C:\Program Files\CONEXANT\ForteConfig\fmapp.exe
2014-05-16 10:42 - 2013-10-28 16:48 - 00915968 _____ () C:\Program Files (x86)\Lenovo\OneLink Dock\onelinkpromgn.exe
2014-05-16 11:26 - 2013-11-01 17:16 - 00467720 _____ () C:\Program Files (x86)\Lenovo\LocationAware\loctaskmgr.exe
2014-05-16 11:26 - 2013-11-01 17:16 - 00013064 _____ () C:\Program Files (x86)\Lenovo\LocationAware\lpdagent.exe
2016-05-15 20:28 - 2014-08-13 11:16 - 00090704 _____ () C:\Program Files (x86)\T-Mobile\InternetManager_H\Internet Manager.exe
2017-05-09 23:14 - 2017-05-09 11:13 - 03767640 _____ () C:\Program Files (x86)\Google\Chrome\Application\58.0.3029.110\libglesv2.dll
2017-05-09 23:14 - 2017-05-09 11:13 - 00100696 _____ () C:\Program Files (x86)\Google\Chrome\Application\58.0.3029.110\libegl.dll
2017-05-23 11:44 - 2017-02-20 08:03 - 00204152 _____ () C:\Program Files (x86)\ThinkPad\Utilities\PL\PWMRT64V.DLL
2017-03-15 11:34 - 2017-03-04 08:12 - 09760768 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2017-03-15 11:34 - 2017-03-04 08:05 - 01401856 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2017-03-15 11:34 - 2017-03-04 08:05 - 00757248 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CSGSuggestLib.dll
2017-04-17 12:56 - 2017-03-28 07:08 - 02424320 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2017-04-17 12:57 - 2017-03-28 07:11 - 04853760 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
2014-05-16 11:14 - 2014-05-16 11:14 - 00033520 _____ () C:\Program Files (x86)\Lenovo\RapidBoot HDD Accelerator\FBServiceps.dll
2016-05-15 20:29 - 2013-08-16 08:53 - 00011362 _____ () C:\ProgramData\Internet Manager\OnlineUpdate\mingwm10.dll
2016-05-15 20:29 - 2013-08-16 08:53 - 00043008 _____ () C:\ProgramData\Internet Manager\OnlineUpdate\libgcc_s_dw2-1.dll
2016-05-15 20:29 - 2014-02-15 09:31 - 02416640 _____ () C:\ProgramData\Internet Manager\OnlineUpdate\QtCore4.dll
2016-05-15 20:29 - 2014-02-15 09:33 - 01148416 _____ () C:\ProgramData\Internet Manager\OnlineUpdate\QtNetwork4.dll
2013-03-06 21:49 - 2013-03-06 21:49 - 00626240 _____ () C:\Program Files (x86)\CyberLink\Power2Go\CLMediaLibrary.dll
2013-03-06 21:52 - 2013-03-06 21:52 - 00015424 _____ () C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvcPS.dll
2017-05-10 11:21 - 2017-05-10 11:21 - 00170216 _____ () C:\Program Files\AVAST Software\Avast\JsonRpcServer.dll
2017-05-10 11:21 - 2017-05-10 11:21 - 00997896 _____ () C:\Program Files\AVAST Software\Avast\AvChrome.dll
2017-05-10 11:21 - 2017-05-10 11:21 - 67717632 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2017-05-10 11:21 - 2017-05-10 11:21 - 00176992 _____ () C:\Program Files\AVAST Software\Avast\event_routing_rpc.dll
2017-05-10 11:21 - 2017-05-10 11:21 - 00223224 _____ () C:\Program Files\AVAST Software\Avast\tasks_core.dll
2017-05-10 11:21 - 2017-05-10 11:21 - 00291824 _____ () C:\Program Files\AVAST Software\Avast\gaming_mode_ui.dll
2017-05-10 11:21 - 2017-05-10 11:21 - 00684656 _____ () C:\Program Files\AVAST Software\Avast\ffl2.dll
2014-05-16 10:40 - 2013-09-16 05:19 - 01242584 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll
2016-05-15 20:28 - 2014-08-13 11:16 - 00457808 _____ () C:\Program Files (x86)\T-Mobile\InternetManager_H\core.dll
2016-05-15 20:28 - 2014-08-13 11:17 - 00282704 _____ () C:\Program Files (x86)\T-Mobile\InternetManager_H\sdk.dll
2016-05-15 20:28 - 2013-08-16 08:53 - 00011362 _____ () C:\Program Files (x86)\T-Mobile\InternetManager_H\mingwm10.dll
2016-05-15 20:28 - 2013-08-16 08:53 - 00043008 _____ () C:\Program Files (x86)\T-Mobile\InternetManager_H\libgcc_s_dw2-1.dll
2016-05-15 20:28 - 2014-02-15 09:31 - 02416640 _____ () C:\Program Files (x86)\T-Mobile\InternetManager_H\QtCore4.dll
2016-05-15 20:28 - 2014-02-15 09:44 - 09559040 _____ () C:\Program Files (x86)\T-Mobile\InternetManager_H\QtGui4.dll
2016-05-15 20:28 - 2014-08-13 11:17 - 00397392 _____ () C:\Program Files (x86)\T-Mobile\InternetManager_H\Proxy.DLL
2016-05-15 20:28 - 2014-08-13 11:16 - 00250448 _____ () C:\Program Files (x86)\T-Mobile\InternetManager_H\Common.dll
2016-05-15 20:28 - 2014-08-13 11:17 - 00164432 _____ () C:\Program Files (x86)\T-Mobile\InternetManager_H\Trace.dll
2016-05-15 20:28 - 2014-08-13 11:17 - 00553040 _____ () C:\Program Files (x86)\T-Mobile\InternetManager_H\PluginContainer.dll
2016-05-15 20:28 - 2014-08-13 11:16 - 00267344 _____ () C:\Program Files (x86)\T-Mobile\InternetManager_H\AtCodec.dll
2016-05-15 20:28 - 2014-08-13 11:16 - 00329296 _____ () C:\Program Files (x86)\T-Mobile\InternetManager_H\DeviceSrvPlugin.dll
2016-05-15 20:28 - 2014-08-13 11:16 - 00243792 _____ () C:\Program Files (x86)\T-Mobile\InternetManager_H\NetSrvPlugin.dll
2016-05-15 20:28 - 2014-08-13 11:17 - 00162896 _____ () C:\Program Files (x86)\T-Mobile\InternetManager_H\OSDialup.dll
2016-05-15 20:28 - 2014-08-13 11:17 - 00197200 _____ () C:\Program Files (x86)\T-Mobile\InternetManager_H\XCodec.dll
2016-05-15 20:28 - 2014-08-13 11:16 - 00161360 _____ () C:\Program Files (x86)\T-Mobile\InternetManager_H\DataServicePlugin.dll
2016-05-15 20:28 - 2014-08-13 11:16 - 00291408 _____ () C:\Program Files (x86)\T-Mobile\InternetManager_H\AddrBookSrvPlugin.dll
2016-05-15 20:28 - 2014-08-13 11:17 - 00225872 _____ () C:\Program Files (x86)\T-Mobile\InternetManager_H\SmsSrvPlugin.dll
2016-05-15 20:28 - 2014-08-13 11:17 - 00149072 _____ () C:\Program Files (x86)\T-Mobile\InternetManager_H\USSDSrvPlugin.dll
2016-05-15 20:28 - 2014-08-13 11:16 - 00345680 _____ () C:\Program Files (x86)\T-Mobile\InternetManager_H\DeviceAppPlugin.dll
2016-05-15 20:28 - 2014-08-13 11:17 - 00072272 _____ () C:\Program Files (x86)\T-Mobile\InternetManager_H\OSPowerMgr.dll
2016-05-15 20:28 - 2014-08-13 11:17 - 00121424 _____ () C:\Program Files (x86)\T-Mobile\InternetManager_H\Win7Support.dll
2016-05-15 20:28 - 2014-08-13 11:16 - 00174672 _____ () C:\Program Files (x86)\T-Mobile\InternetManager_H\ATR2SMgr.dll
2016-05-15 20:28 - 2014-08-13 11:16 - 01095248 _____ () C:\Program Files (x86)\T-Mobile\InternetManager_H\AddrBookPlugin.dll
2016-05-15 20:28 - 2014-08-13 11:17 - 00715344 _____ () C:\Program Files (x86)\T-Mobile\InternetManager_H\SmsAppPlugin.dll
2016-05-15 20:28 - 2014-08-13 11:16 - 00165456 _____ () C:\Program Files (x86)\T-Mobile\InternetManager_H\NetConnectSrvPlugin.dll
2016-05-15 20:28 - 2014-08-13 11:16 - 00240720 _____ () C:\Program Files (x86)\T-Mobile\InternetManager_H\DialUpPlugin.dll
2016-05-15 20:28 - 2014-08-13 11:17 - 00109136 _____ () C:\Program Files (x86)\T-Mobile\InternetManager_H\OSAdapt.dll
2016-05-15 20:28 - 2014-08-13 11:16 - 00206928 _____ () C:\Program Files (x86)\T-Mobile\InternetManager_H\NDISPlugin.dll
2016-05-15 20:28 - 2014-08-13 11:17 - 00138320 _____ () C:\Program Files (x86)\T-Mobile\InternetManager_H\OSNDIS.dll
2016-05-15 20:28 - 2014-08-13 11:16 - 01153616 _____ () C:\Program Files (x86)\T-Mobile\InternetManager_H\NDISAPI.dll
2016-05-15 20:28 - 2014-08-13 11:16 - 00324688 _____ () C:\Program Files (x86)\T-Mobile\InternetManager_H\NetInfoSrvPlugin.dll
2016-05-15 20:28 - 2014-08-13 11:16 - 00566864 _____ () C:\Program Files (x86)\T-Mobile\InternetManager_H\DeviceMgrUIPlugin.dll
2016-05-15 20:28 - 2014-08-13 11:17 - 00310864 _____ () C:\Program Files (x86)\T-Mobile\InternetManager_H\XFramePlugin.dll
2016-05-15 20:28 - 2014-08-13 11:16 - 00826448 _____ () C:\Program Files (x86)\T-Mobile\InternetManager_H\MiniFramePlugin.dll
2016-05-15 20:28 - 2014-02-15 09:32 - 00398336 _____ () C:\Program Files (x86)\T-Mobile\InternetManager_H\QtXml4.dll
2016-05-15 20:28 - 2014-08-13 11:16 - 00104016 _____ () C:\Program Files (x86)\T-Mobile\InternetManager_H\NotifyServicePlugin.dll
2016-05-15 20:28 - 2014-08-13 11:16 - 00338512 _____ () C:\Program Files (x86)\T-Mobile\InternetManager_H\NetConnectPlugin.dll
2016-05-15 20:28 - 2014-08-13 11:16 - 00426064 _____ () C:\Program Files (x86)\T-Mobile\InternetManager_H\DialupUIPlugin.dll
2016-05-15 20:28 - 2014-08-13 11:17 - 00325712 _____ () C:\Program Files (x86)\T-Mobile\InternetManager_H\StatusBarMgrPlugin.dll
2016-05-15 20:28 - 2014-08-13 11:16 - 00283216 _____ () C:\Program Files (x86)\T-Mobile\InternetManager_H\MenuMgrPlugin.dll
2016-05-15 20:28 - 2014-02-15 09:33 - 01148416 _____ () C:\Program Files (x86)\T-Mobile\InternetManager_H\QtNetwork4.dll
2016-05-15 20:28 - 2014-08-13 11:16 - 00123984 _____ () C:\Program Files (x86)\T-Mobile\InternetManager_H\LayoutPlugin.dll
2016-05-15 20:28 - 2014-08-13 11:17 - 00312912 _____ () C:\Program Files (x86)\T-Mobile\InternetManager_H\SettingUIPlugin.dll
2016-05-15 20:28 - 2014-08-13 11:16 - 00509520 _____ () C:\Program Files (x86)\T-Mobile\InternetManager_H\NetSettingPlugin.dll
2016-05-15 20:28 - 2014-08-13 11:16 - 00315472 _____ () C:\Program Files (x86)\T-Mobile\InternetManager_H\NetInfoRecordUIPlugin.dll
2016-05-15 20:28 - 2014-08-13 11:16 - 00107088 _____ () C:\Program Files (x86)\T-Mobile\InternetManager_H\CompressRatePlugin.dll
2016-05-15 20:28 - 2014-08-13 11:17 - 00155728 _____ () C:\Program Files (x86)\T-Mobile\InternetManager_H\VPNPlugin.dll
2016-05-15 20:28 - 2014-08-13 11:16 - 00525392 _____ () C:\Program Files (x86)\T-Mobile\InternetManager_H\NetInfoUIExPlugin.dll
2016-05-15 20:28 - 2014-08-13 11:17 - 00847952 _____ () C:\Program Files (x86)\T-Mobile\InternetManager_H\SMSUIPlugin.dll
2016-05-15 20:28 - 2014-08-13 11:17 - 00116816 _____ () C:\Program Files (x86)\T-Mobile\InternetManager_H\ServiceUIPlugin.dll
2016-05-15 20:28 - 2014-08-13 11:16 - 00419408 _____ () C:\Program Files (x86)\T-Mobile\InternetManager_H\DiagnosisPlugin.dll
2016-05-15 20:28 - 2014-08-13 11:16 - 00146512 _____ () C:\Program Files (x86)\T-Mobile\InternetManager_H\HelpUIPlugin.dll
2016-05-15 20:28 - 2014-08-13 11:17 - 00457296 _____ () C:\Program Files (x86)\T-Mobile\InternetManager_H\USSDUIPlugin.dll
2016-05-15 20:28 - 2014-08-13 11:16 - 00815184 _____ () C:\Program Files (x86)\T-Mobile\InternetManager_H\AddrBookUIPlugin.dll
2016-05-15 20:28 - 2014-02-15 10:49 - 00082944 _____ () C:\Program Files (x86)\T-Mobile\InternetManager_H\plugins\imageformats\qgif4.dll
2016-05-15 20:28 - 2014-02-15 10:49 - 00081920 _____ () C:\Program Files (x86)\T-Mobile\InternetManager_H\plugins\imageformats\qico4.dll
2016-05-15 20:28 - 2014-02-15 10:49 - 00192000 _____ () C:\Program Files (x86)\T-Mobile\InternetManager_H\plugins\imageformats\qjpeg4.dll
2016-05-15 20:28 - 2014-02-15 10:49 - 00350720 _____ () C:\Program Files (x86)\T-Mobile\InternetManager_H\plugins\imageformats\qmng4.dll
2016-05-15 20:28 - 2014-02-15 10:49 - 00370176 _____ () C:\Program Files (x86)\T-Mobile\InternetManager_H\plugins\imageformats\qtiff4.dll
2016-05-15 20:28 - 2014-08-13 11:16 - 00719952 _____ () C:\Program Files (x86)\T-Mobile\InternetManager_H\LiveUpdateInterface.dll
==================== Alternate Data Streams (filtrowane) =========
(Załączenie wejścia w fixlist spowoduje usunięcie strumienia ADS.)
AlternateDataStreams: C:\ProgramData\Temp:157E1AD3 [129]
==================== Tryb awaryjny (filtrowane) ===================
(Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Wartość "AlternateShell" zostanie przywrócona.)
==================== Powiązania plików (filtrowane) ===============
(Załączenie wejścia w fixlist spowoduje usunięcie obiektu z rejestru lub przywrócenie jego domyślnej postaci.)
==================== Internet Explorer - Witryny zaufane i z ograniczeniami ===============
(Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru.)
==================== Hosts - zawartość: ===============================
(Użycie dyrektywy Hosts: w fixlist spowoduje reset pliku Hosts.)
2013-08-22 15:25 - 2016-05-15 10:36 - 00000027 _____ C:\WINDOWS\system32\Drivers\etc\hosts
127.0.0.1 localhost
==================== Inne obszary ============================
(Obecnie brak automatycznej naprawy dla tej sekcji.)
HKU\S-1-5-21-395553583-66053808-1738365731-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Adam\AppData\Local\Microsoft\Windows\Themes\RoamedThemeFiles\DesktopBackground\img13.jpg
DNS Servers: 213.158.199.1 - 213.158.199.5
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 2) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Zapora systemu Windows [funkcja włączona]
==================== MSCONFIG/TASK MANAGER - Wyłączone elementy ==
MSCONFIG\Services: AdobeARMservice => 2
MSCONFIG\Services: AdobeFlashPlayerUpdateSvc => 3
MSCONFIG\Services: SkypeUpdate => 2
MSCONFIG\Services: Steam Client Service => 3
HKLM\...\StartupApproved\Run: => "HotKeysCmds"
HKLM\...\StartupApproved\Run: => "Persistence"
HKLM\...\StartupApproved\Run32: => "SunJavaUpdateSched"
HKU\S-1-5-21-395553583-66053808-1738365731-1001\...\StartupApproved\Run: => "Skype"
HKU\S-1-5-21-395553583-66053808-1738365731-1001\...\StartupApproved\Run: => "CCleaner Monitoring"
==================== Reguły Zapory systemu Windows (filtrowane) ===============
(Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.)
FirewallRules: [UDP Query User{15D63003-B870-4060-8DED-920709D78624}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [TCP Query User{75971BBC-F91D-4BAC-9298-A1AEE9ED12C0}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [{9852149A-3786-4190-AABF-F863F0EA4037}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Warface\live\nw.exe
FirewallRules: [{92E106AD-31E2-4736-8000-A85B404FA6DE}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Warface\live\nw.exe
FirewallRules: [UDP Query User{A45CACD5-C548-46F3-BDBE-31FA8BE3C181}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [TCP Query User{5CDCE01F-E7C2-43E7-A049-DA060AFEC946}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [{43662A0E-0489-49C2-B8D6-EF615600BD7C}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{34B61DD0-BA4B-4B01-A2B5-27C48308FD9C}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{6994BF53-1D9F-4914-8A82-A6966E03A732}] => (Allow) C:\Program Files (x86)\Maxthon\Bin\MxUp.exe
FirewallRules: [{4BD3BB6C-2B7F-4398-BDFE-B082BB1E5E6D}] => (Allow) C:\Program Files (x86)\Maxthon\Bin\MxUp.exe
FirewallRules: [{2D0001DA-2DAD-4B8A-BD04-CA6477F8BDD6}] => (Allow) C:\Program Files (x86)\Maxthon\Bin\Maxthon.exe
FirewallRules: [{E0ECF072-4D31-4471-A117-C4F1C2A1D52F}] => (Allow) C:\Program Files (x86)\Maxthon\Bin\Maxthon.exe
FirewallRules: [{FE82692A-C40F-4358-ADC6-E4A42ADA3B8F}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{3D9DDA88-6ADE-40F5-BEF0-F1E214ECD37E}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{B6F31C27-288A-4554-A63C-05BF710E86FF}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{75EE30EC-4422-4936-9A02-326C14435D76}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{C7E10971-5514-4886-9C5B-C3B906A756B4}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD10\PowerDVD10.EXE
FirewallRules: [{2D625DDE-8148-4750-B0CB-6EC4E4E0EBD6}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD10\PowerDVD Cinema\PowerDVDCinema10.exe
FirewallRules: [{83C58653-9C9E-4083-8ACC-106DC8FBAC20}] => (Allow) C:\Program Files (x86)\Lenovo\QuickControl\QuickControlService.exe
FirewallRules: [{E2B1EB03-809D-48F7-906E-83A170DFFCD6}] => (Allow) C:\Program Files (x86)\Lenovo\QuickControl\QuickControlService.exe
FirewallRules: [{3F77D2D4-8D4B-4E48-B37E-44E4D11D272A}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{066D0E4C-3B5F-4A0A-BCFF-8590841DA280}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{A6CAB9EC-2566-488C-89C5-7FB6523C7708}] => (Allow) C:\Program Files (x86)\AVG\Av\avgmfapx.exe
FirewallRules: [{B1EE66ED-D7E9-4380-B41E-19C3AF3BE54F}] => (Allow) C:\Program Files (x86)\AVG\Av\avgmfapx.exe
FirewallRules: [{17BA495A-C291-42DC-A20F-31BE3418BAB7}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{90EF1D51-12FB-4539-A742-BC27FCA19F43}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{7BD2C2E4-4E6F-4B9C-86E7-ABDE98C20F54}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Half-Life\hl.exe
FirewallRules: [{447D4B31-A386-4CD9-BB4D-D5EE66925296}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Half-Life\hl.exe
FirewallRules: [{C3A9FE90-4A0B-43EF-9871-EB6F1A52A5FE}] => (Allow) C:\Program Files\AVAST Software\SZBrowser\3.55.2393.596\SZBrowser.exe
FirewallRules: [{9EAD6DE5-175C-4108-908F-0111D5496D67}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{543DCD82-BE30-48DF-BAF7-E186801A35DE}] => (Allow) C:\Program Files\AVAST Software\SZBrowser\3.55.2393.596_0\SZBrowser.exe
FirewallRules: [{D6519783-167F-4265-808C-7B0EB2D86445}] => (Allow) C:\Program Files (x86)\Lenovo\System Update\uncserver.exe
FirewallRules: [{DA768AC3-E9EF-43BF-A12F-351BB5FEB03C}] => (Allow) C:\Program Files (x86)\Lenovo\System Update\uncserver.exe
==================== Punkty Przywracania systemu =========================
01-05-2017 10:33:20 Zaplanowany punkt kontrolny
07-05-2017 16:16:29 Windows Update
18-05-2017 18:29:16 Zaplanowany punkt kontrolny
23-05-2017 11:12:02 SPTD setup V2.12
==================== Wadliwe urządzenia w Menedżerze urządzeń =============
Name: avast! SecureLine TAP Adapter v3
Description: avast! SecureLine TAP Adapter v3
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: TAP-Windows Provider V9
Service: aswTap
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
==================== Błędy w Dzienniku zdarzeń: =========================
Dziennik Aplikacja:
==================
Error: (05/23/2017 11:31:28 AM) (Source: Microsoft-Windows-RestartManager) (EventID: 10007) (User: ADAM-PC)
Description: Nie można ponownie uruchomić aplikacji lub usługi Lenovo System Agent Service.
Error: (05/23/2017 11:12:26 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Przetwarzanie wywołania OnIdentity() w obiekcie System Writer przez Usługi kryptograficzne nie powiodło się.
Details:
AddLegacyDriverFiles: Unable to back up image of binary Protokół LLDP (Link-Layer Discovery Protocol) firmy Microsoft.
System Error:
Odmowa dostępu.
.
Error: (05/23/2017 11:12:02 AM) (Source: VSS) (EventID: 8194) (User: )
Description: Błąd Usługi kopiowania woluminów w tle: nieoczekiwany błąd podczas badania interfejsu IVssWriterCallback. hr = 0x80070005, Odmowa dostępu.
.
To jest często spowodowane przez niepoprawne ustawienia zabezpieczeń w procesie zapisującym lub żądającym.
Operacja:
Zbieranie danych modułu zapisującego
Kontekst:
Identyfikator klasy modułu zapisującego: {e8132975-6f93-4464-a53e-1050253ae220}
Nazwa modułu zapisującego: System Writer
Identyfikator wystąpienia modułu zapisującego: {d0b9b58d-9451-4e8f-a40f-74210aa309ab}
Error: (05/22/2017 12:12:15 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: ADAM-PC)
Description: Aktywacja aplikacji Microsoft.Windows.ContentDeliveryManager_cw5n1h2txyewy!App nie powiodła się. Błąd: -2144927141. Więcej informacji można znaleźć w dzienniku Microsoft-Windows-TWinUI/Działa.
Error: (05/21/2017 07:12:43 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: ADAM-PC)
Description: Aktywacja aplikacji Microsoft.Windows.ContentDeliveryManager_cw5n1h2txyewy!App nie powiodła się. Błąd: -2144927141. Więcej informacji można znaleźć w dzienniku Microsoft-Windows-TWinUI/Działa.
Error: (05/18/2017 06:29:33 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Przetwarzanie wywołania OnIdentity() w obiekcie System Writer przez Usługi kryptograficzne nie powiodło się.
Details:
AddLegacyDriverFiles: Unable to back up image of binary Protokół LLDP (Link-Layer Discovery Protocol) firmy Microsoft.
System Error:
Odmowa dostępu.
.
Error: (05/11/2017 11:26:07 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nazwa aplikacji powodującej błąd: GameBarPresenceWriter.exe, wersja: 10.0.14393.0, sygnatura czasowa: 0x57899bd6
Nazwa modułu powodującego błąd: ntdll.dll, wersja: 10.0.14393.479, sygnatura czasowa: 0x5825887f
Kod wyjątku: 0xc0000374
Przesunięcie błędu: 0x00000000000f8283
Identyfikator procesu powodującego błąd: 0x17fc
Godzina uruchomienia aplikacji powodującej błąd: 0x01d2ca9d2f6328f1
Ścieżka aplikacji powodującej błąd: C:\Windows\System32\GameBarPresenceWriter.exe
Ścieżka modułu powodującego błąd: C:\WINDOWS\SYSTEM32\ntdll.dll
Identyfikator raportu: 1818b2eb-72b7-476f-955f-472c416a8621
Pełna nazwa pakietu powodującego błąd:
Identyfikator aplikacji względem pakietu powodującego błąd:
Error: (05/10/2017 12:06:36 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: ADAM-PC)
Description: Aktywacja aplikacji Microsoft.Windows.ContentDeliveryManager_cw5n1h2txyewy!App nie powiodła się. Błąd: -2144927141. Więcej informacji można znaleźć w dzienniku Microsoft-Windows-TWinUI/Działa.
Error: (05/07/2017 04:16:55 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Przetwarzanie wywołania OnIdentity() w obiekcie System Writer przez Usługi kryptograficzne nie powiodło się.
Details:
AddLegacyDriverFiles: Unable to back up image of binary Protokół LLDP (Link-Layer Discovery Protocol) firmy Microsoft.
System Error:
Odmowa dostępu.
.
Error: (05/06/2017 09:37:01 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: ADAM-PC)
Description: Aktywacja aplikacji Microsoft.Windows.ContentDeliveryManager_cw5n1h2txyewy!App nie powiodła się. Błąd: -2144927141. Więcej informacji można znaleźć w dzienniku Microsoft-Windows-TWinUI/Działa.
Dziennik System:
=============
Error: (05/23/2017 11:22:46 AM) (Source: DCOM) (EventID: 10010) (User: ZARZĄDZANIE NT)
Description: Serwer {784E29F4-5EBE-4279-9948-1E8FE941646D} nie zarejestrował się w modelu DCOM w wymaganym czasie.
Error: (05/23/2017 11:19:07 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Nie można uruchomić usługi Internet Manager. RunOuc z powodu następującego błędu:
Usługa nie odpowiada na sygnał uruchomienia lub sygnał sterujący w oczekiwanym czasie.
Error: (05/23/2017 11:19:07 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Upłynął limit czasu (30000 ms) podczas oczekiwania na połączenie się z usługą Internet Manager. RunOuc.
Error: (05/23/2017 11:19:07 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Nie można uruchomić usługi SAService z powodu następującego błędu:
Nie można odnaleźć określonego pliku.
Error: (05/23/2017 11:17:39 AM) (Source: DCOM) (EventID: 10016) (User: ZARZĄDZANIE NT)
Description: Zgodnie z ustawieniami uprawnienia właściwe dla aplikacji nie jest udzielane uprawnienie Lokalny Aktywacja do aplikacji serwera COM z identyfikatorem klasy CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
i identyfikatorem aplikacji APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
użytkownikowi ZARZĄDZANIE NT\SYSTEM o identyfikatorze zabezpieczeń SID (S-1-5-18) z adresu LocalHost (użycie LRPC) działającemu w kontenerze aplikacji o identyfikatorze SID Niedostępny (Niedostępny). To uprawnienie zabezpieczeń można modyfikować przy użyciu narzędzia administracyjnego Usługi składowe.
Error: (05/23/2017 10:46:12 AM) (Source: DCOM) (EventID: 10016) (User: ZARZĄDZANIE NT)
Description: Zgodnie z ustawieniami uprawnienia właściwe dla aplikacji nie jest udzielane uprawnienie Lokalny Aktywacja do aplikacji serwera COM z identyfikatorem klasy CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
i identyfikatorem aplikacji APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
użytkownikowi ZARZĄDZANIE NT\SYSTEM o identyfikatorze zabezpieczeń SID (S-1-5-18) z adresu LocalHost (użycie LRPC) działającemu w kontenerze aplikacji o identyfikatorze SID Niedostępny (Niedostępny). To uprawnienie zabezpieczeń można modyfikować przy użyciu narzędzia administracyjnego Usługi składowe.
Error: (05/23/2017 10:36:46 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Usługa System Update niespodziewanie zakończyła pracę. Wystąpiło to razy: 1.
Error: (05/23/2017 10:34:39 AM) (Source: DCOM) (EventID: 10010) (User: ZARZĄDZANIE NT)
Description: Serwer {784E29F4-5EBE-4279-9948-1E8FE941646D} nie zarejestrował się w modelu DCOM w wymaganym czasie.
Error: (05/23/2017 10:31:42 AM) (Source: DCOM) (EventID: 10016) (User: ZARZĄDZANIE NT)
Description: Zgodnie z ustawieniami uprawnienia właściwe dla aplikacji nie jest udzielane uprawnienie Lokalny Aktywacja do aplikacji serwera COM z identyfikatorem klasy CLSID
{8D8F4F83-3594-4F07-8369-FC3C3CAE4919}
i identyfikatorem aplikacji APPID
{F72671A9-012C-4725-9D2F-2A4D32D65169}
użytkownikowi ZARZĄDZANIE NT\SYSTEM o identyfikatorze zabezpieczeń SID (S-1-5-18) z adresu LocalHost (użycie LRPC) działającemu w kontenerze aplikacji o identyfikatorze SID Niedostępny (Niedostępny). To uprawnienie zabezpieczeń można modyfikować przy użyciu narzędzia administracyjnego Usługi składowe.
Error: (05/22/2017 12:12:15 PM) (Source: DCOM) (EventID: 10010) (User: ADAM-PC)
Description: Serwer App.AppXwdz8g2fxr36xz0tdtagygnvemf85s7gg.mca nie zarejestrował się w modelu DCOM w wymaganym czasie.
CodeIntegrity:
===================================
Date: 2016-09-29 11:30:19.467
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe because the set of per-page image hashes could not be found on the system.
Date: 2016-09-29 11:30:19.450
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe because the set of per-page image hashes could not be found on the system.
Date: 2016-09-29 11:30:19.433
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe because the set of per-page image hashes could not be found on the system.
Date: 2016-09-29 11:30:19.416
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe because the set of per-page image hashes could not be found on the system.
==================== Statystyki pamięci ===========================
Procesor: Intel(R) Core(TM) i3-4000M CPU @ 2.40GHz
Procent pamięci w użyciu: 54%
Całkowita pamięć fizyczna: 3986.65 MB
Dostępna pamięć fizyczna: 1822.35 MB
Całkowita pamięć wirtualna: 5394.65 MB
Dostępna pamięć wirtualna: 2889.3 MB
==================== Dyski ================================
Drive c: (Windows8_OS) (Fixed) (Total:451.25 GB) (Free:403.4 GB) NTFS ==>[system z komponentami startowymi (pozyskano odczytując dysk)]
Drive e: (Internet Manager) (CDROM) (Total:0.05 GB) (Free:0 GB) CDFS
==================== MBR & Tablica partycji ==================
========================================================
Disk: 0 (Size: 465.8 GB) (Disk ID: 5E855232)
Partition: GPT.
==================== Koniec Addition.txt ============================
Dodano 23.05.2017 11:47:04:
- Kod: Zaznacz wszystko
Rezultaty skanowania Farbar Recovery Scan Tool (FRST) (x64) Wersja: 22-05-2017
Uruchomiony przez Adam (administrator) ADAM-PC (23-05-2017 12:41:19)
Uruchomiony z C:\Users\Adam\Downloads
Załadowane profile: Adam (Dostępne profile: Adam)
Platform: Windows 10 Home Wersja 1607 (X64) Język: Polski (Polska)
Internet Explorer Wersja 11 (Domyślna przeglądarka: Chrome)
Tryb startu: Normal
Instrukcja obsługi Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Procesy (filtrowane) =================
(Załączenie wejścia w fixlist spowoduje zamknięcie procesu. Powiązany plik nie zostanie przeniesiony.)
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Lenovo.) C:\Windows\System32\ibmpmsvc.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe
(Conexant Systems Inc.) C:\Windows\System32\CxAudMsg64.exe
(Lenovo) C:\Program Files (x86)\Lenovo\RapidBoot HDD Accelerator\FBService.exe
() C:\ProgramData\DatacardService\HWDeviceService64.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Synaptics Incorporated) C:\Windows\System32\valWBFPolicyService.exe
(Synaptics Incorporated) C:\Windows\System32\valWbioSyncSvc.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\SettingsDependency\SettingsService.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\micmute.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\VIRTSCRL\lvvsst.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\tphkload.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
() C:\ProgramData\Internet Manager\OnlineUpdate\ouc.exe
(AVAST Software s.r.o.) C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe
(Lenovo Group Limited) C:\Program Files (x86)\Lenovo\QuickControl\QuickControlService.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynFP\Shared\SensorDBSynch.exe
(Lenovo Group Limited) C:\Program Files (x86)\Lenovo\QuickControl\QuickControl.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\VIRTSCRL\virtscrl.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\tpnumlkd.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\tposd.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\shtctky.exe
(Huawei Technologies Co., Ltd.) C:\ProgramData\DatacardService\DCSHelper.exe
(CyberLink Corp.) C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe
(CyberLink) C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
(Synaptics) C:\Program Files\Synaptics\SynTP\SynLenovoHelper.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
() C:\Program Files\CONEXANT\ForteConfig\fmapp.exe
(Conexant Systems, Inc.) C:\Program Files\CONEXANT\cAudioFilterAgent\CAudioFilterAgent64.exe
(Realtek Semiconductor Corp.) C:\Windows\RtsCM64.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\extapsup.exe
(Lenovo.) C:\Windows\System32\TpShocks.exe
(Lenovo Corporation) C:\Program Files\Lenovo\Communications Utility\TpKnrres.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
() C:\Program Files (x86)\Lenovo\OneLink Dock\onelinkpromgn.exe
(Lenovo) C:\Program Files (x86)\Lenovo\RapidBoot HDD Accelerator\FBConsole.exe
(Lenovo) C:\Program Files\Lenovo\Lenovo Solution Center\LSCNotify.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(LenovoEMC Products USA, LLC) C:\Program Files\LenovoEMC\StorageConnector\LenovoEMCDiscovery.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
() C:\Program Files (x86)\Lenovo\LocationAware\loctaskmgr.exe
() C:\Program Files (x86)\Lenovo\LocationAware\lpdagent.exe
() C:\Program Files (x86)\T-Mobile\InternetManager_H\Internet Manager.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Lenovo) C:\Program Files (x86)\ThinkPad\Utilities\PWMDBSVC.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\iMController\Service\Lenovo.Modern.ImController.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\iMController\PluginHost\Lenovo.Modern.ImController.PluginHost.SettingsApp.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\iMController\PluginHost\Lenovo.Modern.ImController.PluginHost.Device.exe
(Lenovo Group Limited) C:\Program Files (x86)\Lenovo\iMController\PluginHost\Lenovo.Modern.ImController.PluginHost.SettingsApp.exe
(Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Corporation) C:\Windows\System32\CompatTelRunner.exe
(Farbar) C:\Users\Adam\Downloads\FRST64 (1).exe
==================== Rejestr (filtrowane) ====================
(Załączenie wejścia w fixlist spowoduje usunięcie obiektu z rejestru lub przywrócenie jego domyślnej postaci. Powiązany plik nie zostanie przeniesiony.)
HKLM\...\Run: [ForteConfig] => C:\Program Files\Conexant\ForteConfig\fmapp.exe [49056 2010-10-26] ()
HKLM\...\Run: [cAudioFilterAgent] => C:\Program Files\Conexant\cAudioFilterAgent\cAudioFilterAgent64.exe [935104 2014-11-25] (Conexant Systems, Inc.)
HKLM\...\Run: [SmartAudio] => C:\Program Files\CONEXANT\SAII\SACpl.exe [1830616 2014-04-10] (Conexant Systems, Inc.)
HKLM\...\Run: [RtsCM] => C:\WINDOWS\RTSCM64.EXE [147160 2013-06-19] (Realtek Semiconductor Corp.)
HKLM\...\Run: [LenovoOptMouseUpdate] => C:\Program Files\Lenovo\HOTKEY\extapsup.exe [255480 2013-06-20] (Lenovo Group Limited)
HKLM\...\Run: [TpShocks] => C:\WINDOWS\system32\TpShocks.exe [384296 2013-10-28] (Lenovo.)
HKLM\...\Run: [LENOVO.TPKNRRES] => C:\Program Files\Lenovo\Communications Utility\TPKNRRES.exe [600568 2013-11-05] (Lenovo Corporation)
HKLM\...\Run: [IgfxTray] => C:\WINDOWS\system32\igfxtray.exe [401896 2016-11-02] ()
HKLM\...\Run: [SynLenovoHelper] => C:\Program Files\Synaptics\SynTP\SynLenovoHelper.exe [163960 2015-10-25] (Synaptics)
HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [213824 2017-05-10] (AVAST Software)
HKLM-x32\...\Run: [IMSS] => C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PIconStartup.exe [134616 2013-09-16] (Intel Corporation)
HKLM-x32\...\Run: [Fastboot] => C:\Program Files (x86)\Lenovo\RapidBoot HDD Accelerator\FBConsole.exe [750320 2014-05-16] (Lenovo)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [596504 2016-04-01] (Oracle Corporation)
HKU\S-1-5-21-395553583-66053808-1738365731-1001\...\Run: [OneDrive] => "C:\Users\Adam\AppData\Local\Microsoft\OneDrive\OneDrive.exe" /background
HKU\S-1-5-21-395553583-66053808-1738365731-1001\...\Run: [GG] => C:\Users\Adam\AppData\Local\GG\Application\gghub.exe [4078144 2016-07-04] (GG Network S.A.)
HKU\S-1-5-21-395553583-66053808-1738365731-1001\...\MountPoints2: {90682801-1c97-11e7-831f-28d24482f56a} - "E:\AutoRun.exe"
HKU\S-1-5-21-395553583-66053808-1738365731-1001\...\MountPoints2: {a6fbe367-dcd3-11e3-8251-806e6f6e6963} - "D:\LoaderPrawkoS.exe"
HKU\S-1-5-21-395553583-66053808-1738365731-1001\...\MountPoints2: {a734a6bd-1a78-11e6-82f7-28d24482f56a} - "E:\AutoRun.exe"
HKU\S-1-5-21-395553583-66053808-1738365731-1001\...\MountPoints2: {cd6eb6db-1b39-11e6-82f9-28d24482f56a} - "E:\AutoRun.exe"
ShellIconOverlayIdentifiers: [ SkyDrive1] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Users\Adam\AppData\Local\Microsoft\OneDrive\17.3.6281.1202\amd64\FileSyncShell64.dll [2015-12-12] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [ SkyDrive2] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Users\Adam\AppData\Local\Microsoft\OneDrive\17.3.6281.1202\amd64\FileSyncShell64.dll [2015-12-12] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [ SkyDrive3] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Users\Adam\AppData\Local\Microsoft\OneDrive\17.3.6281.1202\amd64\FileSyncShell64.dll [2015-12-12] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2017-05-10] (AVAST Software)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2017-05-10] (AVAST Software)
ShellIconOverlayIdentifiers-x32: [ SkyDrive1] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Users\Adam\AppData\Local\Microsoft\OneDrive\17.3.6517.0809\FileSyncShell.dll [2016-08-23] (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ SkyDrive2] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Users\Adam\AppData\Local\Microsoft\OneDrive\17.3.6517.0809\FileSyncShell.dll [2016-08-23] (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ SkyDrive3] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Users\Adam\AppData\Local\Microsoft\OneDrive\17.3.6517.0809\FileSyncShell.dll [2016-08-23] (Microsoft Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\ThinkPad OneLink Dock Management.lnk [2015-11-09]
ShortcutTarget: ThinkPad OneLink Dock Management.lnk -> C:\Program Files (x86)\Lenovo\OneLink Dock\onelinkpromgn.exe ()
==================== Internet (filtrowane) ====================
(Załączenie wejścia w fixlist, w przypadku gdy jest to obiekt rejestru, spowoduje usunięcie go z rejestru lub przywrócenie jego domyślnej postaci.)
Tcpip\..\Interfaces\{16F4E041-5312-42ED-8C90-441159F533B7}: [NameServer] 213.158.199.1 213.158.199.5
Tcpip\..\Interfaces\{859aa2a3-3ac6-487e-8b76-2b23071bfec5}: [NameServer] 77.234.40.79
Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkID=617910&ResetID=130876740676272479&GUID=A30B73EC-CDF7-48AA-A8BB-2AF559D23CDA
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com/
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Local Page =
HKU\S-1-5-21-395553583-66053808-1738365731-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkID=617910&ResetID=130876740676467617&GUID=A30B73EC-CDF7-48AA-A8BB-2AF559D23CDA
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - Brak pliku
FireFox:
========
FF ProfilePath: C:\Users\Adam\AppData\Roaming\Mozilla\Firefox\Profiles\bav199lt.default-1423070591943 [2017-05-11]
FF NewTab: Mozilla\Firefox\Profiles\bav199lt.default-1423070591943 -> about:newtab
FF DefaultSearchEngine: Mozilla\Firefox\Profiles\bav199lt.default-1423070591943 -> Google
FF DefaultSearchUrl: Mozilla\Firefox\Profiles\bav199lt.default-1423070591943 -> hxxps://www.google.com/search?bcutc=sp-006
FF SearchEngineOrder.1: Mozilla\Firefox\Profiles\bav199lt.default-1423070591943 -> Google
FF SelectedSearchEngine: Mozilla\Firefox\Profiles\bav199lt.default-1423070591943 -> Google
FF Homepage: Mozilla\Firefox\Profiles\bav199lt.default-1423070591943 -> hxxps://www.google.com/?bcutc=sp-006
FF Keyword.URL: Mozilla\Firefox\Profiles\bav199lt.default-1423070591943 -> hxxps://www.google.com/search?bcutc=sp-006
FF Extension: (Flashlight) - C:\Users\Adam\AppData\Roaming\Mozilla\Firefox\Profiles\bav199lt.default-1423070591943\Extensions\flashlight@stephennolan.com.au [2016-04-28]
FF Extension: (Avast SafePrice) - C:\Users\Adam\AppData\Roaming\Mozilla\Firefox\Profiles\bav199lt.default-1423070591943\Extensions\sp@avast.com.xpi [2017-05-10]
FF Extension: (Avast Online Security) - C:\Users\Adam\AppData\Roaming\Mozilla\Firefox\Profiles\bav199lt.default-1423070591943\Extensions\wrc@avast.com.xpi [2017-05-10]
FF Extension: (Facebook Phishing Protector) - C:\Users\Adam\AppData\Roaming\Mozilla\Firefox\Profiles\bav199lt.default-1423070591943\Extensions\{023e9ca0-63f3-47b1-bcb2-9badf9d9ef28}.xpi [2016-04-27]
FF SearchPlugin: C:\Users\Adam\AppData\Roaming\Mozilla\Firefox\Profiles\bav199lt.default-1423070591943\searchplugins\google-avast.xml [2017-03-17]
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_25_0_0_171.dll [2017-05-23] ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.50906.0\npctrl.dll [2017-03-09] ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_25_0_0_171.dll [2017-05-23] ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-09-16] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-09-16] (Intel Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.50906.0\npctrl.dll [2017-03-09] ( Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-04-28] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-04-28] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2017-04-05] (Adobe Systems Inc.)
Chrome:
=======
CHR StartupUrls: Default -> "hxxp://www.google.com/","hxxps://trafficmonsoon.com/?ref=SuperMan777"
CHR Profile: C:\Users\Adam\AppData\Local\Google\Chrome\User Data\Default [2017-05-23]
CHR Extension: (Prezentacje Google) - C:\Users\Adam\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2016-01-31]
CHR Extension: (Dokumenty Google) - C:\Users\Adam\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2016-01-31]
CHR Extension: (Dysk Google) - C:\Users\Adam\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-01-31]
CHR Extension: (YouTube) - C:\Users\Adam\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-01-31]
CHR Extension: (Google Search) - C:\Users\Adam\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2016-01-31]
CHR Extension: (Adobe Acrobat) - C:\Users\Adam\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2017-04-21]
CHR Extension: (Avast SafePrice) - C:\Users\Adam\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck [2017-03-17]
CHR Extension: (Arkusze Google) - C:\Users\Adam\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2016-01-31]
CHR Extension: (Dokumenty Google offline) - C:\Users\Adam\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-05-15]
CHR Extension: (Avast Online Security) - C:\Users\Adam\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2017-05-18]
CHR Extension: (Płatności w sklepie Chrome Web Store) - C:\Users\Adam\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-03-09]
CHR Extension: (Gmail) - C:\Users\Adam\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-01-31]
CHR Extension: (Chrome Media Router) - C:\Users\Adam\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-05-13]
CHR HKU\S-1-5-21-395553583-66053808-1738365731-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx <nie znaleziono>
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - hxxps://clients2.google.com/service/update2/crx
==================== Usługi (filtrowane) ====================
(Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.)
R3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe [7346208 2017-05-10] (AVAST Software s.r.o.)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [263304 2017-05-10] (AVAST Software)
S3 AVControlCenter; C:\Program Files\Lenovo\Communications Utility\AVControlCenter32.exe [573432 2013-11-05] (Lenovo Corporation)
R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [2449592 2014-11-12] (Microsoft Corporation)
R2 FastbootService; C:\Program Files (x86)\Lenovo\RapidBoot HDD Accelerator\FBService.exe [140016 2014-05-16] (Lenovo)
R2 HWDeviceService64.exe; C:\ProgramData\DatacardService\HWDeviceService64.exe [351824 2014-01-15] ()
R2 igfxCUIService2.0.0.0; C:\WINDOWS\system32\igfxCUIService.exe [373744 2016-11-02] (Intel Corporation)
R2 ImControllerService; C:\Program Files\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [57160 2017-04-25] (Lenovo Group Limited)
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [747520 2013-08-27] (Intel(R) Corporation) [Brak podpisu cyfrowego]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [828376 2013-08-27] (Intel(R) Corporation)
S3 intelsba; C:\Program Files\Intel\Intel(R) Small Business Advantage\Service\Intel.SmallBusinessAdvantage.WindowsService.exe [54976 2013-09-24] (Intel Corporation)
S2 Internet Manager. RunOuc; C:\Program Files (x86)\T-Mobile\InternetManager_H\UpdateDog\ouc.exe [682064 2014-04-26] ()
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-09-16] (Intel Corporation)
R2 Lenovo Settings Service; C:\Program Files\Lenovo\SettingsDependency\SettingsService.exe [2083592 2013-11-06] (Lenovo Group Limited)
S3 LENOVO.TVTVCAM; C:\Program Files\Lenovo\Communications Utility\vcamsvc.exe [695800 2013-11-05] (Lenovo Corporation)
R2 Lenovo.VIRTSCRLSVC; C:\Program Files\LENOVO\VIRTSCRL\lvvsst.exe [136288 2012-08-10] (Lenovo Group Limited)
R2 LenovoEMCDiscovery; C:\Program Files\LenovoEMC\StorageConnector\LenovoEMCDiscovery.exe [1410888 2014-04-08] (LenovoEMC Products USA, LLC)
R2 LocationTaskManager; C:\Program Files (x86)\Lenovo\LocationAware\loctaskmgr.exe [467720 2013-11-01] ()
S3 LSCWinService; C:\Program Files\Lenovo\Lenovo Solution Center\App\LSCWinService.exe [272864 2016-01-08] (Lenovo)
S2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1135416 2015-10-05] (Malwarebytes)
S2 QuickControlMasterSvc; C:\Program Files (x86)\Lenovo\QuickControl\QuickControlMasterSvc.exe [58360 2013-10-08] (Lenovo Group Limited)
R3 QuickControlService; C:\Program Files (x86)\Lenovo\QuickControl\QuickControlService.exe [140280 2013-10-08] (Lenovo Group Limited)
S3 SUService; C:\Program Files (x86)\Lenovo\System Update\SUService.exe [23416 2017-05-09] ()
R2 SynTPEnhService; C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe [255096 2015-10-25] (Synaptics Incorporated)
R2 valWBFPolicyService; C:\WINDOWS\system32\valWBFPolicyService.exe [86544 2016-07-13] (Synaptics Incorporated)
R2 valWbioSyncSvc; C:\WINDOWS\system32\valWbioSyncSvc.exe [56848 2016-07-13] (Synaptics Incorporated)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347328 2017-03-28] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [103720 2017-03-28] (Microsoft Corporation)
===================== Sterowniki (filtrowane) ======================
(Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.)
R1 aswbidsdriver; C:\WINDOWS\system32\drivers\aswbidsdrivera.sys [311808 2017-05-10] (AVAST Software s.r.o.)
R0 aswbidsh; C:\WINDOWS\system32\drivers\aswbidsha.sys [190256 2017-05-10] (AVAST Software s.r.o.)
R0 aswblog; C:\WINDOWS\system32\drivers\aswbloga.sys [334576 2017-05-10] (AVAST Software s.r.o.)
R0 aswbuniv; C:\WINDOWS\system32\drivers\aswbuniva.sys [49016 2017-05-10] (AVAST Software s.r.o.)
S3 aswHwid; C:\WINDOWS\system32\drivers\aswHwid.sys [38296 2017-05-10] (AVAST Software)
R1 aswKbd; C:\WINDOWS\system32\drivers\aswKbd.sys [32600 2017-05-10] (AVAST Software)
R2 aswMonFlt; C:\WINDOWS\system32\drivers\aswMonFlt.sys [128648 2017-05-10] (AVAST Software)
R1 aswRdr; C:\WINDOWS\system32\drivers\aswRdr2.sys [101152 2017-05-10] (AVAST Software)
R0 aswRvrt; C:\WINDOWS\system32\drivers\aswRvrt.sys [75704 2017-05-10] (AVAST Software)
R1 aswSnx; C:\WINDOWS\system32\drivers\aswSnx.sys [1007160 2017-05-10] (AVAST Software)
R1 aswSP; C:\WINDOWS\system32\drivers\aswSP.sys [569192 2017-05-10] (AVAST Software)
R2 aswStm; C:\WINDOWS\system32\drivers\aswStm.sys [158880 2017-05-13] (AVAST Software)
S3 aswTap; C:\WINDOWS\System32\drivers\aswTap.sys [44640 2015-12-17] (The OpenVPN Project)
R0 aswVmm; C:\WINDOWS\system32\drivers\aswVmm.sys [339696 2017-05-10] (AVAST Software)
R0 Fastboot; C:\WINDOWS\System32\DRIVERS\fastboot.sys [65928 2014-05-16] (Windows (R) Win 7 DDK provider)
R3 hwusb_cdcacm; C:\WINDOWS\system32\DRIVERS\ew_cdcacm.sys [124800 2014-06-11] (Huawei Technologies Co., Ltd.)
R3 hwusb_wwanecm; C:\WINDOWS\System32\drivers\ew_wwanecm.sys [379392 2014-05-04] (Huawei Technologies Co., Ltd.)
R0 IntelHSWPcc; C:\WINDOWS\System32\drivers\IntelPcc.sys [77456 2013-08-19] (Intel Corporation)
S3 LGSHidFilt; C:\WINDOWS\system32\DRIVERS\LGSHidFilt.Sys [64280 2013-05-30] (Logitech Inc.)
S3 LGSUsbFilt; C:\WINDOWS\system32\DRIVERS\LGSUsbFilt.Sys [41752 2013-05-30] (Logitech Inc.)
R3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [25816 2015-10-05] (Malwarebytes)
S3 MBAMWebAccessControl; C:\WINDOWS\system32\drivers\mwac.sys [64216 2015-10-05] (Malwarebytes Corporation)
R3 MEIx64; C:\WINDOWS\system32\DRIVERS\TeeDriverx64.sys [99288 2013-09-16] (Intel Corporation)
S3 NetAdapterCx; C:\WINDOWS\System32\drivers\NetAdapterCx.sys [90624 2016-07-16] ()
R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [895256 2015-06-18] (Realtek )
R3 RtkBtFilter; C:\WINDOWS\system32\DRIVERS\RtkBtfilter.sys [593624 2015-11-19] (Realtek Semiconductor Corporation)
R3 RTSPER; C:\WINDOWS\system32\DRIVERS\RtsPer.sys [761600 2015-06-15] (Realsil Semiconductor Corporation)
R3 rtsuvc; C:\WINDOWS\system32\DRIVERS\rtsuvc.sys [8244312 2013-06-19] (Realtek Semiconductor Corp.)
R3 RTWlanE; C:\WINDOWS\System32\drivers\rtwlane.sys [5144064 2016-07-16] (Realtek Semiconductor Corporation )
R3 SmbDrvI; C:\WINDOWS\system32\DRIVERS\Smb_driver_Intel.sys [51320 2015-10-25] (Synaptics Incorporated)
R1 SMIDriver; C:\WINDOWS\system32\DRIVERS\smi.sys [39488 2016-07-13] (Synaptics Incorporated)
S3 SWIX64; C:\Program Files (x86)\Lenovo\System Update\tvsuhd64.sys [42168 2017-05-09] (Lenovo Group Limited)
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [44056 2016-07-16] (Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [290144 2016-07-16] (Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [123232 2016-07-16] (Microsoft Corporation)
R4 sptd2; System32\Drivers\sptd2.sys [X]
U3 kxtdrpod; \??\C:\Users\Adam\AppData\Local\Temp\kxtdrpod.sys [X] <==== UWAGA
==================== NetSvcs (filtrowane) ===================
(Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.)
==================== Jeden miesiąc - utworzone pliki i foldery ========
(Załączenie wejścia w fixlist spowoduje przeniesienie pliku/folderu.)
2017-05-23 11:53 - 2017-05-23 11:54 - 00000940 _____ C:\WINDOWS\system32\InstallUtil.InstallLog
2017-05-23 11:36 - 2017-05-23 12:40 - 02429952 _____ (Farbar) C:\Users\Adam\Downloads\FRST64 (1).exe
2017-05-23 11:33 - 2017-05-23 11:33 - 02365296 _____ (Microsoft Corporation) C:\WINDOWS\system32\WudfUpdate_01011.dll
2017-05-23 11:23 - 2017-05-23 11:24 - 00380928 _____ C:\Users\Adam\Downloads\q0fn1evs.exe
2017-05-23 11:20 - 2017-05-23 11:20 - 00000000 ____D C:\ProgramData\SWCUTemp
2017-05-23 11:17 - 2017-05-23 11:17 - 00360696 _____ (Duplex Secure Ltd) C:\Users\Adam\Downloads\SPTD2inst-v212-x64 (2).exe
2017-05-23 11:13 - 2017-05-23 11:13 - 00360696 _____ (Duplex Secure Ltd) C:\Users\Adam\Downloads\SPTD2inst-v212-x64 (1).exe
2017-05-23 11:11 - 2017-05-23 11:11 - 00360696 _____ (Duplex Secure Ltd) C:\Users\Adam\Downloads\SPTD2inst-v212-x64.exe
2017-05-18 18:50 - 2017-05-18 18:50 - 00219810 _____ C:\Users\Adam\Downloads\pasek_201704.PDF
2017-05-18 18:50 - 2017-05-18 18:50 - 00219810 _____ C:\Users\Adam\Downloads\pasek_201704 (1).PDF
2017-05-11 14:35 - 2017-05-11 14:37 - 00413308 _____ C:\WINDOWS\Minidump\051117-47734-01.dmp
2017-05-10 11:21 - 2017-05-10 11:21 - 00400456 _____ (AVAST Software) C:\WINDOWS\system32\aswBoot.exe
2017-05-07 13:17 - 2017-05-07 13:17 - 00327680 _____ C:\Users\Adam\Downloads\KGB189302578.PDF
2017-04-25 16:54 - 2017-04-25 16:54 - 00257856 _____ (Lenovo Group Limited) C:\WINDOWS\system32\iMDriverHelper.dll
==================== Jeden miesiąc - zmodyfikowane pliki i foldery ========
(Załączenie wejścia w fixlist spowoduje przeniesienie pliku/folderu.)
2017-05-23 12:42 - 2016-05-15 23:55 - 00025826 _____ C:\Users\Adam\Downloads\FRST.txt
2017-05-23 12:41 - 2015-11-09 00:08 - 00000000 ____D C:\FRST
2017-05-23 11:48 - 2016-09-29 12:02 - 00000000 ____D C:\WINDOWS\System32\Tasks\Lenovo
2017-05-23 11:44 - 2016-07-16 13:47 - 00000000 __RSD C:\WINDOWS\Media
2017-05-23 11:43 - 2014-05-16 11:26 - 00000000 ____D C:\Program Files (x86)\ThinkPad
2017-05-23 11:43 - 2014-05-16 10:42 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2017-05-23 11:33 - 2016-07-16 13:45 - 00000000 ____D C:\WINDOWS\INF
2017-05-23 11:32 - 2014-05-16 10:47 - 00000000 ____D C:\ProgramData\Package Cache
2017-05-23 11:31 - 2016-09-29 11:28 - 00000000 ____D C:\ProgramData\Lenovo
2017-05-23 11:31 - 2014-05-16 11:11 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lenovo
2017-05-23 11:31 - 2014-05-16 10:42 - 00000000 ____D C:\Program Files (x86)\Lenovo
2017-05-23 11:22 - 2017-03-13 23:44 - 00000000 ____D C:\Users\Adam\AppData\Roaming\GG
2017-05-23 11:21 - 2014-05-16 11:14 - 833163264 ___SH C:\WINDOWS\lenovo_fastboot.img
2017-05-23 11:20 - 2016-09-29 11:27 - 00000180 _____ C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2017-05-23 11:20 - 2015-08-06 10:07 - 00000000 __SHD C:\Users\Adam\IntelGraphicsProfiles
2017-05-23 11:19 - 2016-09-29 12:02 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2017-05-23 11:19 - 2016-09-29 11:27 - 00000000 ____D C:\ProgramData\Synaptics
2017-05-23 11:18 - 2016-07-16 08:04 - 00786432 _____ C:\WINDOWS\system32\config\BBI
2017-05-23 11:03 - 2016-09-29 12:02 - 00004486 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater
2017-05-23 11:03 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\SysWOW64\Macromed
2017-05-23 11:03 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\system32\Macromed
2017-05-23 10:40 - 2016-09-29 12:02 - 00000000 ____D C:\WINDOWS\System32\Tasks\TVT
2017-05-23 10:37 - 2014-05-16 11:12 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lenovo ThinkVantage Tools
2017-05-23 10:32 - 2017-02-09 16:12 - 00004268 _____ C:\WINDOWS\System32\Tasks\Avast Emergency Update
2017-05-22 10:49 - 2016-09-29 11:23 - 00000000 ____D C:\WINDOWS\system32\SleepStudy
2017-05-22 02:02 - 2016-09-29 11:33 - 00000000 ____D C:\Users\Adam
2017-05-22 01:36 - 2014-09-07 00:15 - 00000000 ____D C:\Program Files (x86)\Steam
2017-05-13 23:22 - 2015-12-17 00:01 - 00158880 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswstm.sys
2017-05-11 23:24 - 2016-07-16 13:47 - 00000000 ___HD C:\Program Files\WindowsApps
2017-05-11 23:24 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\AppReadiness
2017-05-11 23:24 - 2014-07-17 22:51 - 00000000 ____D C:\Users\Adam\AppData\Local\Packages
2017-05-11 23:08 - 2017-03-13 13:44 - 05761596 _____ C:\WINDOWS\NGIPacket.KTL
2017-05-11 23:08 - 2017-03-13 13:44 - 01498740 _____ C:\WINDOWS\ProcessedPackets.KTL
2017-05-11 23:08 - 2017-03-13 13:44 - 00288105 _____ C:\WINDOWS\SentOSPackets.KTL
2017-05-11 23:08 - 2017-03-13 13:44 - 00108446 _____ C:\WINDOWS\Control.KTL
2017-05-11 23:08 - 2015-08-06 10:27 - 00290566 _____ C:\WINDOWS\NGIControl.KTL
2017-05-11 14:41 - 2016-07-17 00:05 - 00745128 _____ C:\WINDOWS\system32\perfh015.dat
2017-05-11 14:41 - 2016-07-17 00:05 - 00159868 _____ C:\WINDOWS\system32\perfc015.dat
2017-05-11 14:41 - 2015-08-06 09:51 - 01978148 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2017-05-11 14:35 - 2017-01-12 22:57 - 00000000 ____D C:\WINDOWS\Minidump
2017-05-11 14:35 - 2015-12-16 14:53 - 747648143 _____ C:\WINDOWS\MEMORY.DMP
2017-05-11 12:47 - 2017-03-16 00:41 - 00000000 ___RD C:\Program Files (x86)\Skype
2017-05-11 12:47 - 2015-04-19 12:55 - 00000000 ____D C:\ProgramData\Skype
2017-05-10 11:23 - 2016-09-29 12:02 - 00004074 _____ C:\WINDOWS\System32\Tasks\SafeZone scheduled Autoupdate 1458426270
2017-05-10 11:23 - 2016-03-20 00:24 - 00001099 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast SafeZone Browser.lnk
2017-05-10 11:21 - 2017-02-09 16:12 - 00334576 _____ (AVAST Software s.r.o.) C:\WINDOWS\system32\Drivers\aswbloga.sys
2017-05-10 11:21 - 2017-02-09 16:12 - 00049016 _____ (AVAST Software s.r.o.) C:\WINDOWS\system32\Drivers\aswbuniva.sys
2017-05-10 11:21 - 2016-03-20 00:24 - 00032600 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswKbd.sys
2017-05-10 11:21 - 2015-12-17 00:01 - 01007160 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSnx.sys
2017-05-10 11:21 - 2015-12-17 00:01 - 00569192 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSP.sys
2017-05-10 11:21 - 2015-12-17 00:01 - 00339696 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswVmm.sys
2017-05-10 11:21 - 2015-12-17 00:01 - 00128648 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswMonFlt.sys
2017-05-10 11:21 - 2015-12-17 00:01 - 00101152 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRdr2.sys
2017-05-10 11:21 - 2015-12-17 00:01 - 00075704 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRvrt.sys
2017-05-10 11:21 - 2015-12-17 00:01 - 00038296 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswHwid.sys
2017-05-10 11:20 - 2017-02-09 16:12 - 00311808 _____ (AVAST Software s.r.o.) C:\WINDOWS\system32\Drivers\aswbidsdrivera.sys
2017-05-10 11:20 - 2017-02-09 16:12 - 00190256 _____ (AVAST Software s.r.o.) C:\WINDOWS\system32\Drivers\aswbidsha.sys
2017-05-09 23:14 - 2016-01-31 12:09 - 00002249 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2017-05-07 18:07 - 2016-09-29 12:02 - 00004562 _____ C:\WINDOWS\System32\Tasks\Adobe Acrobat Update Task
2017-05-07 16:17 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\system32\appraiser
2017-05-07 16:17 - 2016-07-16 13:36 - 00000000 ____D C:\WINDOWS\CbsTemp
2017-05-02 21:41 - 2016-09-29 11:29 - 01388432 _____ C:\Users\Public\VOIP.dat
2017-04-28 00:13 - 2016-09-29 12:02 - 00003566 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2017-04-28 00:13 - 2016-09-29 12:02 - 00003442 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
==================== Pliki w katalogu głównym wybranych folderów =======
2015-03-21 16:22 - 2015-08-06 08:47 - 0333528 _____ () C:\Users\Adam\AppData\Local\BTServer.log
2014-07-17 22:52 - 2014-07-17 20:58 - 0000193 _____ () C:\Users\Adam\AppData\Local\RegisteredPackageInformation.xml
2014-07-18 23:48 - 2016-05-14 23:57 - 0007657 _____ () C:\Users\Adam\AppData\Local\Resmon.ResmonCfg
2016-09-29 11:28 - 2016-09-29 11:28 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
2014-05-16 11:21 - 2014-05-16 11:21 - 0000107 _____ () C:\ProgramData\{324F76CC-D8DD-4D87-B77D-D4AF5E1AA7B3}.log
2014-05-16 11:18 - 2014-05-16 11:19 - 0000105 _____ () C:\ProgramData\{40BF1E83-20EB-11D8-97C5-0009C5020658}.log
2014-05-16 11:19 - 2014-05-16 11:20 - 0000110 _____ () C:\ProgramData\{B7A0CE06-068E-11D6-97FD-0050BACBF861}.log
2014-05-16 11:20 - 2014-05-16 11:21 - 0000115 _____ () C:\ProgramData\{D6E853EC-8960-4D44-AF03-7361BB93227C}.log
Pliki do przeniesienia lub usunięcia:
====================
C:\Users\Public\VOIP.dat
Niektóre pliki w TEMP:
====================
2016-03-28 17:13 - 2016-05-09 07:08 - 2458672 _____ (The OpenSSL Project, http://www.openssl.org/) C:\Users\Adam\AppData\Local\Temp\libeay32.dll
2016-03-28 17:13 - 2013-10-05 02:38 - 0970912 _____ (Microsoft Corporation) C:\Users\Adam\AppData\Local\Temp\msvcr120.dll
2016-03-03 11:50 - 2016-05-09 07:08 - 0772672 _____ () C:\Users\Adam\AppData\Local\Temp\sqlite3.dll
==================== Bamital & volsnap ======================
(Brak automatycznej naprawy dla plików które nie przeszły weryfikacji.)
C:\WINDOWS\system32\winlogon.exe => Plik podpisany cyfrowo
C:\WINDOWS\system32\wininit.exe => Plik podpisany cyfrowo
C:\WINDOWS\explorer.exe => Plik podpisany cyfrowo
C:\WINDOWS\SysWOW64\explorer.exe => Plik podpisany cyfrowo
C:\WINDOWS\system32\svchost.exe => Plik podpisany cyfrowo
C:\WINDOWS\SysWOW64\svchost.exe => Plik podpisany cyfrowo
C:\WINDOWS\system32\services.exe => Plik podpisany cyfrowo
C:\WINDOWS\system32\User32.dll => Plik podpisany cyfrowo
C:\WINDOWS\SysWOW64\User32.dll => Plik podpisany cyfrowo
C:\WINDOWS\system32\userinit.exe => Plik podpisany cyfrowo
C:\WINDOWS\SysWOW64\userinit.exe => Plik podpisany cyfrowo
C:\WINDOWS\system32\rpcss.dll => Plik podpisany cyfrowo
C:\WINDOWS\system32\dnsapi.dll => Plik podpisany cyfrowo
C:\WINDOWS\SysWOW64\dnsapi.dll => Plik podpisany cyfrowo
C:\WINDOWS\system32\Drivers\volsnap.sys => Plik podpisany cyfrowo
LastRegBack: 2017-05-22 12:07
==================== Koniec FRST.txt ============================
skróty w ogole nie odpowiadaja.