Rezultaty skanu uzupełniającego Farbar Recovery Scan Tool (x86) Wersja:30-09-2015 Uruchomiony przez Lenovo (2015-09-30 18:35:39) Uruchomiony z C:\Users\Lenovo\Desktop Microsoft Windows 10 Home (X86) (2015-09-18 14:01:17) Tryb startu: Normal ========================================================== ==================== Konta użytkowników: ============================= Administrator (S-1-5-21-4144906793-159945770-2030462716-500 - Administrator - Disabled) Gość (S-1-5-21-4144906793-159945770-2030462716-501 - Limited - Disabled) HomeGroupUser$ (S-1-5-21-4144906793-159945770-2030462716-1002 - Limited - Enabled) Konto domyślne (S-1-5-21-4144906793-159945770-2030462716-503 - Limited - Disabled) Lenovo (S-1-5-21-4144906793-159945770-2030462716-1000 - Administrator - Enabled) => C:\Users\Lenovo ==================== Centrum zabezpieczeń ======================== (Załączenie wejścia w fixlist spowoduje jego usunięcie.) AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} ==================== Zainstalowane programy ====================== (W fixlist dozwolone tylko załączanie programów adware z flagą "Hidden" w celu ich uwidocznienia. Programy adware powinny zostać w poprawny sposób odinstalowane.) 7-Zip 9.20 (HKLM\...\7-Zip) (Version: - ) ABBYY FineReader 9.0 Sprint (HKLM\...\ABBYY FineReader 9.0 Sprint) (Version: 9.00.631.5823 - ABBYY) ABBYY FineReader 9.0 Sprint (Version: 9.00.631.5823 - ABBYY) Hidden Adobe Digital Editions 3.0 (HKLM\...\Adobe Digital Editions 3.0) (Version: 3.0.1 - Adobe Systems Incorporated) Adobe Flash Player 19 NPAPI (HKLM\...\Adobe Flash Player NPAPI) (Version: 19.0.0.201 - Adobe Systems Incorporated) Adobe Flash Player 19 PPAPI (HKLM\...\Adobe Flash Player PPAPI) (Version: 19.0.0.201 - Adobe Systems Incorporated) Adobe Reader XI (11.0.12) - Polish (HKLM\...\{AC76BA86-7AD7-1045-7B44-AB0000000001}) (Version: 11.0.12 - Adobe Systems Incorporated) ALLPlayer V5.X (HKLM\...\ALLPlayer_is1) (Version: - ALLPlayer Group, Ltd.) ALLPlayer.TV (HKU\S-1-5-21-4144906793-159945770-2030462716-1000\...\2859361245.api.allplayer.nextplus.pl) (Version: - api.allplayer.nextplus.pl) AMD Catalyst Control Center (HKLM\...\WUCCCApp) (Version: 1.00.0000 - AMD) AMD Catalyst Install Manager (HKLM\...\{9B931181-D3E6-B7C8-6AC1-0415CAE8821F}) (Version: 8.0.881.0 - Advanced Micro Devices, Inc.) Amolto Call Recorder Premium for Skype (HKLM\...\{664E2405-B009-411B-ABDD-44233A77FD88}) (Version: 2.9.5 - Amolto) Atheros Communications Inc.(R) AR81Family Gigabit/Fast Ethernet Driver (HKLM\...\{3108C217-BE83-42E4-AE9E-A56A2A92E549}) (Version: 1.0.0.39 - Atheros Communications Inc.) ATI Uninstaller (HKLM\...\ATI Uninstaller) (Version: 8.981-120704a-156763C-Lenovo - Advanced Micro Devices, Inc.) Badanie mające na celu poprawę produktów HP ENVY 4500 series (HKLM\...\{FD2AA1A2-2C29-420C-9182-88E258FB65BA}) (Version: 32.3.198.49673 - Hewlett-Packard Co.) BitSpirit v3.5.0.275 Stable (HKLM\...\BitSpirit_is1) (Version: - LANSPIRIT.NET) calibre (HKLM\...\{AB116F72-C91A-40F2-A25A-949B5D065EBB}) (Version: 2.3.0 - Kovid Goyal) Cisco WebEx Meetings (HKU\S-1-5-21-4144906793-159945770-2030462716-1000\...\ActiveTouchMeetingClient) (Version: - Cisco WebEx LLC) Citrix Online Launcher (HKLM\...\{1EFF9E6C-76E1-43F9-81FB-BC8C037B0902}) (Version: 1.0.258 - Citrix) Download Navigator (HKLM\...\{E728441A-7820-4B1C-87C9-DE7BE37B2953}) (Version: 1.1.0 - SEIKO EPSON CORPORATION) Energy Management (HKLM\...\InstallShield_{D0956C11-0F60-43FE-99AD-524E833471BB}) (Version: 6.0.3.0 - Lenovo) Energy Management (Version: 6.0.3.0 - Lenovo) Hidden f.lux (HKU\S-1-5-21-4144906793-159945770-2030462716-1000\...\Flux) (Version: - ) FxPro - MetaTrader 4 (HKLM\...\FxPro - MetaTrader 4) (Version: 4.00 - MetaQuotes Software Corp.) Google Chrome (HKLM\...\Google Chrome) (Version: 45.0.2454.101 - Google Inc.) Google Update Helper (Version: 1.3.25.11 - Google Inc.) Hidden Google Update Helper (Version: 1.3.28.15 - Google Inc.) Hidden HitmanPro 3.7 (HKLM\...\HitmanPro37) (Version: 3.7.9.245 - SurfRight B.V.) HP ENVY 4500 series — podstawowe oprogramowanie urządzenia (HKLM\...\{6486AD7F-FFC2-48C3-8190-AD545C9EB1D5}) (Version: 32.3.198.49673 - Hewlett-Packard Co.) HP ENVY 4500 series Pomoc (HKLM\...\{BFD64EA9-055F-4B9E-9DD1-D3C547866E5E}) (Version: 30.0.0 - Hewlett Packard) HP Photo Creations (HKU\S-1-5-21-4144906793-159945770-2030462716-1000\...\HP Photo Creations) (Version: 1.0.0.19082 - HP) HP Update (HKLM\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard) Intel(R) Display Audio Driver (HKLM\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 6.14.00.3086 - Intel Corporation) Intel(R) Management Engine Components (HKLM\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 7.0.0.1118 - Intel Corporation) Java 8 Update 60 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83218060F0}) (Version: 8.0.600.27 - Oracle Corporation) Lenovo EasyCamera (HKLM\...\{ADE16A9D-FBDC-4ecc-B6BD-9C31E51D0332}) (Version: 3.15.0414.1 - Vimicro) Lenovo Service Bridge (HKU\S-1-5-21-4144906793-159945770-2030462716-1000\...\cbe8636f7dd0cf1d) (Version: 1.5.1.0 - Lenovo) Lenovo System Interface Foundation (HKLM\...\{884BAF97-AC8D-463E-846A-47DD41866A19}) (Version: 1.0.044.00 - Lenovo) Lenovo YouCam (HKLM\...\InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 3.1.3603 - CyberLink Corp.) Lenovo YouCam (Version: 3.1.3603 - CyberLink Corp.) Hidden Malwarebytes Anti-Malware wersja 2.1.8.1057 (HKLM\...\Malwarebytes Anti-Malware_is1) (Version: 2.1.8.1057 - Malwarebytes Corporation) Maxthon Cloud Browser (HKLM\...\Maxthon3) (Version: 4.4.1.2001 - Maxthon International Limited) Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.40728.0 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 (HKLM\...\{22154f09-719a-4619-bb71-5b3356999fbf}) (Version: 11.0.50727.1 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation) MultiCharts .NET for TWS (HKLM\...\MultiCharts .NET for TWS) (Version: 8.9.10290 - TS Support) MultiCharts .NET for TWS (Version: 8.9.10290 - TS Support) Hidden NapiProjekt 2.0.0 (build 2151) (HKLM\...\NapiProjekt_is1) (Version: - ) Network Recording Player (HKLM\...\{21706D5B-A09C-42F1-95B5-CBDFE20F9852}) (Version: 29.10.1.10115 - Cisco WebEx LLC) OpenOffice.org 3.4.1 (HKLM\...\{D90BC3B4-7EEE-41E3-B20C-0F8F9BAF4EA3}) (Version: 3.41.9593 - Apache Software Foundation) PX Profile Update (Version: 1.00.1. - AMD) Hidden Realtek USB 2.0 Card Reader (HKLM\...\{96AE7E41-E34E-47D0-AC07-1091A8127911}) (Version: 6.1.8400.39030 - Realtek Semiconductor Corp.) Revo Uninstaller 1.95 (HKLM\...\Revo Uninstaller) (Version: 1.95 - VS Revo Group) SaxoTrader 2 (HKLM\...\{024D66E9-D50C-44A7-92B4-2DFDDD95D228}) (Version: 2.110.25.0 - Saxo Bank) Skype Click to Call (HKLM\...\{6D1221A9-17BF-4EC0-81F2-27D30EC30701}) (Version: 7.4.0.9058 - Microsoft Corporation) Skype™ 7.10 (HKLM\...\{6A0549A9-1B96-498C-ACBC-3943001FEB19}) (Version: 7.10.101 - Skype Technologies S.A.) Sony Mobile Update Engine (HKLM\...\Update Engine) (Version: 2.14.14.201410081526 - Sony Mobile Communications AB) Sony PC Companion 2.10.281 (HKLM\...\{F09EF8F2-0976-42C1-8D9D-8DF78337C6E3}) (Version: 2.10.281 - Sony) Spotify (HKU\S-1-5-21-4144906793-159945770-2030462716-1000\...\Spotify) (Version: 1.0.9.133.gcedaee38 - Spotify AB) Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 19.0.19.1 - Synaptics Incorporated) Trader Workstation 4.0 (HKLM\...\Trader Workstation 4.0) (Version: - ) ViewRight Web PC 3.6.0.0 (HKLM\...\{27961C9F-1965-48D9-A579-40F8EBEA0603}) (Version: 3.6.0.0 - Verimatrix, Inc.) Winamp (HKLM\...\Winamp) (Version: 5.666 - Nullsoft, Inc) WinRAR 5.01 (32-bit) (HKLM\...\WinRAR archiver) (Version: 5.01.0 - win.rar GmbH) ==================== Niestandardowe rejestracje CLSID (filtrowane): ========================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) CustomCLSID: HKU\S-1-5-21-4144906793-159945770-2030462716-1000_Classes\CLSID\{0002DF01-0000-0000-C000-000000000046}\localserver32 -> C:\Program Files\Maxthon\Bin\Maxthon.exe (Maxthon International ltd.) CustomCLSID: HKU\S-1-5-21-4144906793-159945770-2030462716-1000_Classes\CLSID\{10DD084E-A5AE-456F-A3BE-DA67EBE6B090}\InprocServer32 -> C:\Program Files\Amolto Call Recorder for Skype\Skype4COM.dll (Skype Technologies) CustomCLSID: HKU\S-1-5-21-4144906793-159945770-2030462716-1000_Classes\CLSID\{15B6FEE5-5FB3-4071-AC1F-7AEDC0E2A6BB}\InprocServer32 -> C:\Program Files\Amolto Call Recorder for Skype\Skype4COM.dll (Skype Technologies) CustomCLSID: HKU\S-1-5-21-4144906793-159945770-2030462716-1000_Classes\CLSID\{1BCA4635-F1FC-44C8-B829-48229AEB32E3}\InprocServer32 -> C:\Program Files\Amolto Call Recorder for Skype\Skype4COM.dll (Skype Technologies) CustomCLSID: HKU\S-1-5-21-4144906793-159945770-2030462716-1000_Classes\CLSID\{222C0F35-3D78-4570-9F6D-BAEE289D0304}\InprocServer32 -> C:\Program Files\Amolto Call Recorder for Skype\Skype4COM.dll (Skype Technologies) CustomCLSID: HKU\S-1-5-21-4144906793-159945770-2030462716-1000_Classes\CLSID\{29DCD339-D184-469B-8BFB-199A2CCF014E}\InprocServer32 -> C:\Program Files\Amolto Call Recorder for Skype\Skype4COM.dll (Skype Technologies) CustomCLSID: HKU\S-1-5-21-4144906793-159945770-2030462716-1000_Classes\CLSID\{2DBCDA9F-1248-400B-A382-A56D71BF7B15}\InprocServer32 -> C:\Program Files\Amolto Call Recorder for Skype\Skype4COM.dll (Skype Technologies) CustomCLSID: HKU\S-1-5-21-4144906793-159945770-2030462716-1000_Classes\CLSID\{2EEAB6D0-491E-4962-BBA1-FF1CCA6D4DD0}\InprocServer32 -> C:\Program Files\Amolto Call Recorder for Skype\Skype4COM.dll (Skype Technologies) CustomCLSID: HKU\S-1-5-21-4144906793-159945770-2030462716-1000_Classes\CLSID\{3506CDB7-8BC6-40C0-B108-CEA0B9480130}\InprocServer32 -> C:\Program Files\Amolto Call Recorder for Skype\Skype4COM.dll (Skype Technologies) CustomCLSID: HKU\S-1-5-21-4144906793-159945770-2030462716-1000_Classes\CLSID\{3D3E7C1B-79A7-4CC7-8925-41FA813E9913}\InprocServer32 -> C:\Program Files\Amolto Call Recorder for Skype\Skype4COM.dll (Skype Technologies) CustomCLSID: HKU\S-1-5-21-4144906793-159945770-2030462716-1000_Classes\CLSID\{3E01D8E0-A72B-4C9F-99BD-8A6E7B97A48D}\InprocServer32 -> C:\Program Files\Amolto Call Recorder for Skype\Skype4COM.dll (Skype Technologies) CustomCLSID: HKU\S-1-5-21-4144906793-159945770-2030462716-1000_Classes\CLSID\{42FE718B-A148-41D6-885B-01A0AFAE8723}\InprocServer32 -> C:\Program Files\Amolto Call Recorder for Skype\Skype4COM.dll (Skype Technologies) CustomCLSID: HKU\S-1-5-21-4144906793-159945770-2030462716-1000_Classes\CLSID\{452CCB69-6A95-4370-9E5A-B3EFB06A7651}\InprocServer32 -> C:\Program Files\Amolto Call Recorder for Skype\Skype4COM.dll (Skype Technologies) CustomCLSID: HKU\S-1-5-21-4144906793-159945770-2030462716-1000_Classes\CLSID\{4B42750B-57A1-47E7-B340-8EAE0E3126A4}\InprocServer32 -> C:\Program Files\Amolto Call Recorder for Skype\Skype4COM.dll (Skype Technologies) CustomCLSID: HKU\S-1-5-21-4144906793-159945770-2030462716-1000_Classes\CLSID\{52071016-E648-4D3B-B57E-2B46CC993CE0}\InprocServer32 -> C:\Program Files\Amolto Call Recorder for Skype\Skype4COM.dll (Skype Technologies) CustomCLSID: HKU\S-1-5-21-4144906793-159945770-2030462716-1000_Classes\CLSID\{5792FC7D-5E1D-4F1A-BD4F-A7A50F92BC6E}\InprocServer32 -> C:\Program Files\Amolto Call Recorder for Skype\Skype4COM.dll (Skype Technologies) CustomCLSID: HKU\S-1-5-21-4144906793-159945770-2030462716-1000_Classes\CLSID\{5E541E71-A474-4EAD-8FCB-24D400D023B7}\InprocServer32 -> C:\Program Files\Amolto Call Recorder for Skype\Skype4COM.dll (Skype Technologies) CustomCLSID: HKU\S-1-5-21-4144906793-159945770-2030462716-1000_Classes\CLSID\{61F8FAF0-82D0-407C-AE97-31441483AE40}\InprocServer32 -> C:\Program Files\Amolto Call Recorder for Skype\Skype4COM.dll (Skype Technologies) CustomCLSID: HKU\S-1-5-21-4144906793-159945770-2030462716-1000_Classes\CLSID\{6AC51E9C-7947-4B46-A978-0AD601C4EFC9}\InprocServer32 -> C:\Program Files\Amolto Call Recorder for Skype\Skype4COM.dll (Skype Technologies) CustomCLSID: HKU\S-1-5-21-4144906793-159945770-2030462716-1000_Classes\CLSID\{6FA10A39-4760-4C94-A210-2398848618EC}\InprocServer32 -> C:\Program Files\Amolto Call Recorder for Skype\Skype4COM.dll (Skype Technologies) CustomCLSID: HKU\S-1-5-21-4144906793-159945770-2030462716-1000_Classes\CLSID\{7ACDC5B4-76A1-4BDF-918D-6962FCABBAD3}\InprocServer32 -> C:\Program Files\Amolto Call Recorder for Skype\Skype4COM.dll (Skype Technologies) CustomCLSID: HKU\S-1-5-21-4144906793-159945770-2030462716-1000_Classes\CLSID\{7B030003-037D-490D-9169-A4F391B3D831}\InprocServer32 -> C:\Program Files\Amolto Call Recorder for Skype\Skype4COM.dll (Skype Technologies) CustomCLSID: HKU\S-1-5-21-4144906793-159945770-2030462716-1000_Classes\CLSID\{830690FC-BF2F-47A6-AC2D-330BCB402664}\InprocServer32 -> C:\Program Files\Amolto Call Recorder for Skype\Skype4COM.dll (Skype Technologies) CustomCLSID: HKU\S-1-5-21-4144906793-159945770-2030462716-1000_Classes\CLSID\{89DD2F9D-C325-48BF-A615-96BD039BBC83}\InprocServer32 -> C:\Program Files\Amolto Call Recorder for Skype\Skype4COM.dll (Skype Technologies) CustomCLSID: HKU\S-1-5-21-4144906793-159945770-2030462716-1000_Classes\CLSID\{9017071A-2E34-4C3A-9BBB-688CBB5A9FF2}\InprocServer32 -> C:\Program Files\Amolto Call Recorder for Skype\Skype4COM.dll (Skype Technologies) CustomCLSID: HKU\S-1-5-21-4144906793-159945770-2030462716-1000_Classes\CLSID\{9356e2bb-6c9a-43c0-a771-5cacbdab6afe}\InprocServer32 -> C:\Users\Lenovo\AppData\Roaming\HP Photo Creations\RLPNUpload.dll (RocketLife) CustomCLSID: HKU\S-1-5-21-4144906793-159945770-2030462716-1000_Classes\CLSID\{9D073235-D787-497D-8D1F-929559F1C621}\InprocServer32 -> C:\Program Files\Amolto Call Recorder for Skype\Skype4COM.dll (Skype Technologies) CustomCLSID: HKU\S-1-5-21-4144906793-159945770-2030462716-1000_Classes\CLSID\{A10E0335-AFCA-4E7E-975F-CA30235FB29A}\InprocServer32 -> C:\Users\Lenovo\AppData\Roaming\Visan\plugins\npRLSecurePluginLayer.dll (RocketLife, LLP) CustomCLSID: HKU\S-1-5-21-4144906793-159945770-2030462716-1000_Classes\CLSID\{A7DF2611-D752-4C9F-A90A-B56F18485EE9}\InprocServer32 -> C:\Program Files\Amolto Call Recorder for Skype\Skype4COM.dll (Skype Technologies) CustomCLSID: HKU\S-1-5-21-4144906793-159945770-2030462716-1000_Classes\CLSID\{A8109DB9-88E0-42FE-98EA-8A12BE5394C6}\InprocServer32 -> C:\Program Files\Amolto Call Recorder for Skype\Skype4COM.dll (Skype Technologies) CustomCLSID: HKU\S-1-5-21-4144906793-159945770-2030462716-1000_Classes\CLSID\{A983C9EC-D73E-4364-B89B-ACD1E405674F}\InprocServer32 -> C:\Program Files\Amolto Call Recorder for Skype\Skype4COM.dll (Skype Technologies) CustomCLSID: HKU\S-1-5-21-4144906793-159945770-2030462716-1000_Classes\CLSID\{B09AC3FF-0D5D-41C6-A34E-7C3F58A3127C}\InprocServer32 -> C:\Program Files\Amolto Call Recorder for Skype\Skype4COM.dll (Skype Technologies) CustomCLSID: HKU\S-1-5-21-4144906793-159945770-2030462716-1000_Classes\CLSID\{B0FE88F0-C92F-46D6-878F-31599BEA944C}\InprocServer32 -> C:\Program Files\Amolto Call Recorder for Skype\Skype4COM.dll (Skype Technologies) CustomCLSID: HKU\S-1-5-21-4144906793-159945770-2030462716-1000_Classes\CLSID\{cc05a616-ddb3-4cc0-9a21-dc0e9962b444}\InprocServer32 -> C:\Users\Lenovo\AppData\Roaming\HP Photo Creations\ContentMan.dll (RocketLife) CustomCLSID: HKU\S-1-5-21-4144906793-159945770-2030462716-1000_Classes\CLSID\{CC461FC3-C9BE-41FB-8E47-E0115CBC01CC}\InprocServer32 -> C:\Program Files\Amolto Call Recorder for Skype\Skype4COM.dll (Skype Technologies) CustomCLSID: HKU\S-1-5-21-4144906793-159945770-2030462716-1000_Classes\CLSID\{D1C8C854-223A-4716-B670-C21918E8207E}\InprocServer32 -> C:\Program Files\Amolto Call Recorder for Skype\Skype4COM.dll (Skype Technologies) CustomCLSID: HKU\S-1-5-21-4144906793-159945770-2030462716-1000_Classes\CLSID\{D26B1D42-9C42-4E7B-BB73-86384C4B4345}\InprocServer32 -> C:\Program Files\Amolto Call Recorder for Skype\Skype4COM.dll (Skype Technologies) CustomCLSID: HKU\S-1-5-21-4144906793-159945770-2030462716-1000_Classes\CLSID\{DD0E8ED5-1494-4B87-A35C-39F6ED4B1153}\InprocServer32 -> C:\Program Files\Amolto Call Recorder for Skype\Skype4COM.dll (Skype Technologies) CustomCLSID: HKU\S-1-5-21-4144906793-159945770-2030462716-1000_Classes\CLSID\{E1BC9147-C3E3-4E8A-8304-5E6B5C1C0774}\InprocServer32 -> C:\Program Files\Amolto Call Recorder for Skype\Skype4COM.dll (Skype Technologies) CustomCLSID: HKU\S-1-5-21-4144906793-159945770-2030462716-1000_Classes\CLSID\{F278D870-7AF7-4957-96EE-E6AC72D0B109}\InprocServer32 -> C:\Program Files\Amolto Call Recorder for Skype\Skype4COM.dll (Skype Technologies) CustomCLSID: HKU\S-1-5-21-4144906793-159945770-2030462716-1000_Classes\CLSID\{F3188CF3-EF22-4C5B-92CB-605964761C3B}\InprocServer32 -> C:\Program Files\Amolto Call Recorder for Skype\Skype4COM.dll (Skype Technologies) CustomCLSID: HKU\S-1-5-21-4144906793-159945770-2030462716-1000_Classes\CLSID\{ff280b55-14f1-49ae-b40f-15f5294ce630}\InprocServer32 -> C:\Users\Lenovo\AppData\Roaming\HP Photo Creations\RocketEngine.dll (Visan inc.) CustomCLSID: HKU\S-1-5-21-4144906793-159945770-2030462716-1000_Classes\CLSID\{FFC8B962-9B40-4DFF-9458-1830C7DD7F5D}\InprocServer32 -> C:\Program Files\Amolto Call Recorder for Skype\Skype4COM.dll (Skype Technologies) ==================== Punkty Przywracania systemu ========================= UWAGA: Przywracanie systemu jest wyłączone ==================== Hosts - zawartość: ========================== (Użycie dyrektywy Hosts: w fixlist spowoduje reset pliku Hosts.) 2009-07-14 04:04 - 2009-06-10 23:39 - 00000824 ____A C:\WINDOWS\system32\Drivers\etc\hosts ==================== Zaplanowane zadania (filtrowane) ============= (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) Task: {03049AC9-C5C7-462B-A52A-9E3916E41BED} - System32\Tasks\Microsoft\Windows\Media Center\ActivateWindowsSearch => C:\WINDOWS\ehome\ehPrivJob.exe Task: {04A9EF09-8AFE-4872-B084-63F9079A665E} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> Brak pliku <==== UWAGA Task: {0A55E0DB-1071-4407-83C2-49531FD7BE27} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> Brak pliku <==== UWAGA Task: {0D0AAD4A-6894-454A-88E8-FB4944A682C2} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> Brak pliku <==== UWAGA Task: {0DECA2AC-3FE4-4A98-B0FB-921BAB9FBAB2} - System32\Tasks\MirageAgent => C:\Program Files\Lenovo\YouCam\YCMMirage.exe [2010-12-05] (CyberLink) Task: {10F3DD29-5A25-45CB-9D92-C8C19A578B42} - System32\Tasks\Microsoft\Windows\Media Center\ehDRMInit => C:\WINDOWS\ehome\ehPrivJob.exe Task: {14A7DBE3-82B4-4F61-9889-3E873B4D3243} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> Brak pliku <==== UWAGA Task: {1B270645-450D-4EE5-A061-10FD2D7A2906} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscovery => C:\WINDOWS\ehome\ehPrivJob.exe Task: {2C1FD48C-E11D-4340-B7A5-FCDE8CAC1C61} - System32\Tasks\Microsoft\Windows\Media Center\ObjectStoreRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe Task: {2F4E9471-0CBF-4672-8187-242E1BBF592F} - System32\Tasks\Microsoft\Windows\Media Center\RegisterSearch => C:\WINDOWS\ehome\ehPrivJob.exe Task: {39F9F858-DF5B-4688-86CB-9E9FF2E012F3} - System32\Tasks\Microsoft\Windows\Media Center\PeriodicScanRetry => C:\WINDOWS\ehome\MCUpdate.exe Task: {4053997B-2B66-4454-8A92-C79807990234} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> Brak pliku <==== UWAGA Task: {408B899B-B135-44CD-829C-ED52836F580E} - System32\Tasks\Microsoft\Windows\Media Center\ConfigureInternetTimeService => C:\WINDOWS\ehome\ehPrivJob.exe Task: {41348EEE-DEA1-4F35-80B2-FCD38BA54D9E} - System32\Tasks\CreateChoiceProcessTask => C:\Windows\System32\browserchoice.exe Task: {454C30E0-FD56-439A-BA03-4F90E63DA5EC} - System32\Tasks\Microsoft\Windows\Media Center\RecordingRestart => C:\WINDOWS\ehome\ehrec.exe Task: {4615FB73-4567-4E17-BB62-2845BC1D0825} - System32\Tasks\{E7E48FC4-8C69-4D9D-9704-111844F1DF5E} => pcalua.exe -a C:\Users\Lenovo\Downloads\IN3BTH50WW5.exe -d C:\Users\Lenovo\Downloads Task: {480F5A73-F99F-43E7-9BE3-38DB698C154A} - System32\Tasks\Microsoft\Windows\Media Center\InstallPlayReady => C:\WINDOWS\ehome\ehPrivJob.exe Task: {4FFFB0E7-2052-4A5A-BD1E-66E050E570F6} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> Brak pliku <==== UWAGA Task: {52441912-F2BB-4D3F-A148-61B2833EF5F6} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate => C:\WINDOWS\ehome\mcupdate.exe Task: {53E10AFA-8B88-47CE-AE07-D40D24EC6E1B} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> Brak pliku <==== UWAGA Task: {69B5E128-3104-4440-92B4-7D4C10764C3B} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2015-08-31] (Google Inc.) Task: {6EA25F5C-5524-4462-A9C7-52E449EA8ACD} - System32\Tasks\Lenovo\Lenovo Service Bridge\S-1-5-21-4144906793-159945770-2030462716-1000 => Rundll32.exe dfshim.dll,ShOpenVerbShortcut C:\Users\Lenovo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Lenovo\Lenovo Service Bridge.appref-ms Task: {7AD64A8E-C427-45B6-BF51-BCED2EBC9C61} - System32\Tasks\HPCustParticipation HP ENVY 4500 series => C:\Program Files\HP\HP ENVY 4500 series\Bin\HPCustPartic.exe [2014-07-21] (Hewlett-Packard Development Company, LP) Task: {7C4C0D11-EF5D-41D6-8797-E9B64F99A7CE} - System32\Tasks\Microsoft\Windows\Media Center\PvrRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe Task: {7E616D96-79B8-4DD5-B5E3-01FA8B421D19} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2015-08-31] (Google Inc.) Task: {83188AA0-0A4A-45F8-9966-16888B536A26} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-07-07] (Adobe Systems Incorporated) Task: {84B1D621-3BE1-4ADB-85FC-946DB31266BB} - System32\Tasks\Microsoft\Windows\Media Center\PvrScheduleTask => C:\WINDOWS\ehome\mcupdate.exe Task: {8A18489C-3096-4F81-9DB1-4A22E271A828} - System32\Tasks\Maxthon Update => C:\Program Files\Maxthon\Bin\mxup.exe [2015-04-21] (Maxthon International ltd.) Task: {91B116B1-A4A8-4A2B-8325-20646ECF4332} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> Brak pliku <==== UWAGA Task: {96F0194B-EF03-427F-AB5B-9E0823E18D6C} - System32\Tasks\Microsoft\Microsoft Antimalware\MpIdleTask => C:\Program Files\Microsoft Security Client\MpCmdRun.exe Task: {9B880284-3743-4F7D-971C-1AA736FB9407} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> Brak pliku <==== UWAGA Task: {A674B762-FE76-4352-BDFF-1A163D08DBBA} - System32\Tasks\Microsoft\Windows\Media Center\UpdateRecordPath => C:\WINDOWS\ehome\ehPrivJob.exe Task: {AAC2ACAB-C13F-4774-89FF-18E8B50C3AE2} - System32\Tasks\Lenovo\ImController\Plugins\LenovoSystemUpdatePlugin_TVSUUpdateTask => C:\WINDOWS\System32\reg.exe [2015-07-10] (Microsoft Corporation) Task: {AF9B9CAF-3674-46A6-A7B7-2747459C6D09} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2015-09-24] (Adobe Systems Incorporated) Task: {B8B2D600-AE5A-4A8C-9FB6-89B2084DD9C4} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> Brak pliku <==== UWAGA Task: {BC5E4159-B6BA-456D-A908-894756128775} - System32\Tasks\Microsoft\Windows\Media Center\ReindexSearchRoot => C:\WINDOWS\ehome\ehPrivJob.exe Task: {BC6A7D90-5F43-4D5E-9C3A-B62C290C23DD} - System32\Tasks\Microsoft\Windows\Media Center\OCURActivate => C:\WINDOWS\ehome\ehPrivJob.exe Task: {CC275262-53E4-4D03-B984-CF3C68DED830} - System32\Tasks\Microsoft\Windows\Media Center\SqlLiteRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe Task: {CE62F6CB-ABF2-47F7-8C60-5FB5C1498D4D} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW2 => C:\WINDOWS\ehome\ehPrivJob.exe Task: {DE7EE77A-A8EB-43D4-AABD-A2C6102087DF} - System32\Tasks\Microsoft\Windows\Media Center\DispatchRecoveryTasks => C:\WINDOWS\ehome\ehPrivJob.exe Task: {DE934161-AE0D-424F-8BE8-104222ECC021} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate_scheduled => C:\WINDOWS\ehome\mcupdate.exe Task: {DECA7856-D08C-4F61-BFF6-1896BE049B69} - System32\Tasks\Microsoft\Windows\Media Center\MediaCenterRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe Task: {E0755063-0F42-465C-9E54-EB64FF72CA5C} - System32\Tasks\Microsoft\Windows\Media Center\OCURDiscovery => C:\WINDOWS\ehome\ehPrivJob.exe Task: {E1464C37-79B1-4B76-BD05-B48C5361441D} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> Brak pliku <==== UWAGA Task: {E52B6485-EA40-4095-9028-9A5013D0C50F} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW1 => C:\WINDOWS\ehome\ehPrivJob.exe Task: {FA47213B-8A8E-4BC0-B2BD-68F20413D227} - System32\Tasks\Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan => C:\Program Files\Microsoft Security Client\MpCmdRun.exe (Załączenie wejścia w fixlist spowoduje przesunięcie pliku zadania (.job). Plik uruchamiany docelowo przez zadanie nie zostanie przeniesiony.) Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe ==================== Załadowane moduły (filtrowane) ============== 2015-09-10 06:02 - 2015-09-10 06:02 - 00025088 _____ () C:\WINDOWS\SYSTEM32\licensemanagerapi.dll 2015-09-18 17:48 - 2015-09-18 17:47 - 00216992 _____ () C:\Windows\System32\iMDriverHelper.dll 2015-08-13 21:24 - 2015-08-13 21:24 - 00033696 _____ () C:\Program Files\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe 2015-09-20 10:37 - 2015-09-20 10:37 - 01232896 _____ () C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Windows.Networking\ae6bc0916e3a947f5a252e4df6994579\Windows.Networking.ni.dll 2015-09-10 06:02 - 2015-09-10 06:02 - 00301056 _____ () C:\WINDOWS\System32\diagtrack_wininternal.dll 2014-08-01 15:21 - 2014-08-01 15:21 - 00392712 _____ () C:\Program Files\Nitro\Pro 9\Nitro_UpdateService.exe 2015-09-10 06:02 - 2015-09-10 06:02 - 01771592 _____ () C:\WINDOWS\system32\CoreUIComponents.dll 2015-09-10 06:02 - 2015-09-10 06:02 - 01771592 _____ () C:\WINDOWS\System32\CoreUIComponents.dll 2015-07-10 10:24 - 2015-07-10 10:24 - 00288768 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\QuickActions.dll 2015-07-10 10:24 - 2015-07-10 10:24 - 00111104 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\XamlTileRendering.dll 2015-06-01 21:00 - 2015-06-01 21:00 - 00102912 _____ () C:\Windows\System32\IccLibDll.dll 2008-12-20 03:20 - 2008-12-20 03:20 - 00051016 _____ () C:\Program Files\Lenovo\Energy Management\HookLib.dll 2008-12-20 03:20 - 2008-12-20 03:20 - 00063304 _____ () C:\Program Files\Lenovo\Energy Management\kbdhook.dll 2015-08-13 21:24 - 2015-08-13 21:24 - 00033696 _____ () C:\Program Files\Lenovo\iMController\PluginHost\Lenovo.Modern.ImController.PluginHost.exe 2015-09-20 10:38 - 2015-09-20 10:38 - 00101888 _____ () C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Windows.Management\c59c659e5813b2713fa611837d9d65b9\Windows.Management.ni.dll 2015-09-20 10:37 - 2015-09-20 10:37 - 02791424 _____ () C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Windows.App640a3541#\5ad06a6c4f46314970c17fffa77c2400\Windows.ApplicationModel.ni.dll 2015-09-20 10:38 - 2015-09-20 10:38 - 00798720 _____ () C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Windows.Storage\2515e93e59d72cc1e6d25a1e1447a07d\Windows.Storage.ni.dll 2015-09-20 10:37 - 2015-09-20 10:37 - 00335360 _____ () C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Windows.Foundation\9d8c2432e356ad887039781f675c8095\Windows.Foundation.ni.dll 2015-09-24 12:21 - 2015-09-24 12:22 - 00012800 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_15.922.11070.0_x86__8wekyb3d8bbwe\Microsoft.Photos.exe 2015-09-24 12:21 - 2015-09-24 12:22 - 08764416 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_15.922.11070.0_x86__8wekyb3d8bbwe\Microsoft.Photos.dll 2015-09-10 06:02 - 2015-09-10 06:02 - 04317696 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll 2015-07-10 10:25 - 2015-09-10 06:02 - 00377856 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll 2015-09-10 06:02 - 2015-09-10 06:02 - 01183232 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll 2015-09-10 06:02 - 2015-09-10 06:02 - 01425920 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll 2015-07-10 10:25 - 2015-09-10 06:02 - 00107520 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.ProxyStub.dll 2014-05-20 13:06 - 2013-11-18 03:18 - 00258944 _____ () C:\Program Files\Maxthon\bin\Maxzlib.dll 2014-05-20 13:06 - 2013-11-18 03:18 - 00258944 _____ () C:\Program Files\Maxthon\Bin\maxzlib.dll 2014-05-20 13:06 - 2014-05-29 04:40 - 00247096 _____ () C:\Program Files\Maxthon\Addons\Mobile\MxMobile.dll 2014-05-20 13:06 - 2013-11-21 08:37 - 00887064 _____ () C:\Program Files\Maxthon\Core\Webkit\libglesv2.dll 2014-05-20 13:06 - 2013-11-21 08:37 - 00109336 _____ () C:\Program Files\Maxthon\Core\Webkit\libegl.dll 2014-09-03 11:07 - 2014-05-29 04:40 - 04055504 _____ () C:\Program Files\Maxthon\Core\Webkit\pdf.dll 2015-09-24 20:24 - 2015-09-24 20:24 - 17599176 _____ () C:\WINDOWS\system32\Macromed\Flash\NPSWF32_19_0_0_201.dll 2014-05-20 13:06 - 2013-11-21 08:37 - 02128152 _____ () C:\Program Files\Maxthon\Core\Webkit\ffmpegsumo.dll 2015-09-18 16:05 - 2015-09-18 16:05 - 00686616 _____ () C:\WINDOWS\SYSTEM32\vmprp331.ax 2015-09-30 17:57 - 2015-09-24 04:34 - 01501512 _____ () C:\Program Files\Google\Chrome\Application\45.0.2454.101\libglesv2.dll 2015-09-30 17:57 - 2015-09-24 04:34 - 00081224 _____ () C:\Program Files\Google\Chrome\Application\45.0.2454.101\libegl.dll ==================== Alternate Data Streams (filtrowane) ========= (Załączenie wejścia w fixlist spowoduje usunięcie strumienia ADS.) ==================== Tryb awaryjny (filtrowane) =================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Wartość "AlternateShell" zostanie przywrócona.) ==================== EXE - Powiązania (filtrowane) =============== (Załączenie wejścia w fixlist spowoduje usunięcie obiektu z rejestru lub przywrócenie jego domyślnej postaci.) ==================== Internet Explorer - Witryny zaufane i z ograniczeniami =============== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru.) IE trusted site: HKU\S-1-5-21-4144906793-159945770-2030462716-1000\...\iitech.dk -> iitech.dk IE trusted site: HKU\S-1-5-21-4144906793-159945770-2030462716-1000\...\onlinewebconnect.com -> onlinewebconnect.com ==================== Inne obszary ============================ (Obecnie brak automatycznej naprawy dla tej sekcji.) HKU\S-1-5-21-4144906793-159945770-2030462716-1000\Control Panel\Desktop\\Wallpaper -> C:\Windows\web\wallpaper\Windows\img0.jpg DNS Servers: 193.162.153.164 - 194.239.134.83 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1) Zapora systemu Windows - funkcja włączona. ==================== MSCONFIG/TASK MANAGER - Wyłączone elementy == (Obecnie brak automatycznej naprawy dla tej sekcji.) MSCONFIG\startupfolder: C:^Users^Lenovo^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^OpenOffice.org 3.4.1.lnk => C:\Windows\pss\OpenOffice.org 3.4.1.lnk.Startup MSCONFIG\startupreg: ALLUpdate => "C:\Program Files\ALLPlayer\ALLUpdate.exe" "sleep" MSCONFIG\startupreg: EEventManager => "C:\Program Files\Epson Software\Event Manager\EEventManager.exe" MSCONFIG\startupreg: SmsDiscount => "C:\Program Files\SmsDiscount.com\SmsDiscount\SmsDiscount.exe" -nosplash -minimized MSCONFIG\startupreg: Spotify => "C:\Users\Lenovo\AppData\Roaming\Spotify\Spotify.exe" /uri spotify:autostart MSCONFIG\startupreg: Spotify Web Helper => "C:\Users\Lenovo\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe" HKLM\...\StartupApproved\Run: => "YouCam Tray" HKLM\...\StartupApproved\Run: => "YouCam Mirage" HKU\S-1-5-21-4144906793-159945770-2030462716-1000\...\StartupApproved\StartupFolder: => "OpenOffice.org 3.4.1.lnk" HKU\S-1-5-21-4144906793-159945770-2030462716-1000\...\StartupApproved\Run: => "GoogleChromeAutoLaunch_332B101ED56858E0765C41199BCD4350" HKU\S-1-5-21-4144906793-159945770-2030462716-1000\...\StartupApproved\Run: => "OneDrive" HKU\S-1-5-21-4144906793-159945770-2030462716-1000\...\StartupApproved\Run: => "Sony PC Companion" HKU\S-1-5-21-4144906793-159945770-2030462716-1000\...\StartupApproved\Run: => "Spotify" ==================== Reguły Zapory systemu Windows (filtrowane) =============== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139 FirewallRules: [MSMQ-In-TCP] => (Allow) %systemroot%\system32\mqsvc.exe FirewallRules: [MSMQ-Out-TCP] => (Allow) %systemroot%\system32\mqsvc.exe FirewallRules: [MSMQ-In-UDP] => (Allow) %systemroot%\system32\mqsvc.exe FirewallRules: [MSMQ-Out-UDP] => (Allow) %systemroot%\system32\mqsvc.exe FirewallRules: [WCF-NetTcpActivator-In-TCP-32bit] => (Allow) LPort=808 FirewallRules: [UDP Query User{D1856AC4-8C9A-4C3E-B127-527163611632}C:\program files\bitspirit\bitspirit.exe] => (Block) C:\program files\bitspirit\bitspirit.exe FirewallRules: [TCP Query User{E4FBFCA0-1C51-42CF-9AC0-899ED66E7923}C:\program files\bitspirit\bitspirit.exe] => (Block) C:\program files\bitspirit\bitspirit.exe FirewallRules: [UDP Query User{1F11117C-464C-4FAB-8127-5FA3A7FF0ECB}C:\program\voipconnect.exe] => (Block) C:\program\voipconnect.exe FirewallRules: [TCP Query User{AA51974E-5607-4924-81CE-52FFC5959CAE}C:\program\voipconnect.exe] => (Block) C:\program\voipconnect.exe FirewallRules: [{E4623BAD-D15F-43B3-947D-DDA57F53EB46}] => (Allow) C:\Program\VoipConnect.exe FirewallRules: [{380A74D3-CC8C-4316-8529-1320F4B4BCD3}] => (Allow) C:\Program\VoipConnect.exe FirewallRules: [UDP Query User{752746FC-043A-497B-AC1D-AB5A95DAC3F7}C:\program files\cqg\cqgnet\bin\cqgnetscore.exe] => (Allow) C:\program files\cqg\cqgnet\bin\cqgnetscore.exe FirewallRules: [TCP Query User{45239F14-7A59-43F6-8440-EB4EAC232D5A}C:\program files\cqg\cqgnet\bin\cqgnetscore.exe] => (Allow) C:\program files\cqg\cqgnet\bin\cqgnetscore.exe FirewallRules: [UDP Query User{9A43AEF4-58C2-41AD-975D-27E402A155C0}C:\program files\cqg\cqgnet\bin\cqg.exe] => (Allow) C:\program files\cqg\cqgnet\bin\cqg.exe FirewallRules: [TCP Query User{6245101A-1FC6-49D4-98D7-250E3EC95468}C:\program files\cqg\cqgnet\bin\cqg.exe] => (Allow) C:\program files\cqg\cqgnet\bin\cqg.exe FirewallRules: [UDP Query User{C1FE3247-3A64-4494-AFC3-72D8F31E45AE}C:\users\lenovo\appdata\local\logmein rescue applet\lmir0001.tmp\lmi_rescue.exe] => (Allow) C:\users\lenovo\appdata\local\logmein rescue applet\lmir0001.tmp\lmi_rescue.exe FirewallRules: [TCP Query User{4FB5C27E-C906-4ECC-98E5-BD7A0E43216E}C:\users\lenovo\appdata\local\logmein rescue applet\lmir0001.tmp\lmi_rescue.exe] => (Allow) C:\users\lenovo\appdata\local\logmein rescue applet\lmir0001.tmp\lmi_rescue.exe FirewallRules: [UDP Query User{BDDB6AD8-15B7-49F6-A0B5-5DDA4B582EC7}C:\program files\java\jre1.8.0_25\bin\java.exe] => (Block) C:\program files\java\jre1.8.0_25\bin\java.exe FirewallRules: [TCP Query User{3A5445D0-9AD3-4250-B00E-9CB16B7A9C9A}C:\program files\java\jre1.8.0_25\bin\java.exe] => (Block) C:\program files\java\jre1.8.0_25\bin\java.exe FirewallRules: [{3BBEDFC7-16CC-4A16-B96B-9BBD850E0C57}] => (Allow) C:\Program Files\Sony Mobile\Update Engine\Sony Mobile Update Engine.exe FirewallRules: [{FECA9343-9B76-4362-A6A1-8002166277EE}] => (Allow) C:\Program Files\Sony Mobile\Update Engine\Sony Mobile Update Engine.exe FirewallRules: [{3CD806BB-5442-44F0-B057-B62EA293C7C7}] => (Allow) C:\Program Files\Loca\bin\LocaProxy.exe FirewallRules: [{F0614C4B-EE2D-40D7-B5F2-16A27CB7BDA0}] => (Allow) C:\Program Files\Loca\bin\LocaProxy.exe FirewallRules: [UDP Query User{6B851C42-F5FE-4C17-9C8C-CA419CE78B0C}C:\program files\epson software\event manager\eeventmanager.exe] => (Block) C:\program files\epson software\event manager\eeventmanager.exe FirewallRules: [TCP Query User{6C075361-8166-482A-9135-BFF207DA560B}C:\program files\epson software\event manager\eeventmanager.exe] => (Block) C:\program files\epson software\event manager\eeventmanager.exe FirewallRules: [UDP Query User{F059C372-759A-43BC-B221-0491847BB091}C:\program files\epson software\event manager\eeventmanager.exe] => (Allow) C:\program files\epson software\event manager\eeventmanager.exe FirewallRules: [TCP Query User{779F4B2A-B439-4095-8A3F-94766E55B59A}C:\program files\epson software\event manager\eeventmanager.exe] => (Allow) C:\program files\epson software\event manager\eeventmanager.exe FirewallRules: [UDP Query User{7C718B36-D92C-4A6F-AEBA-6F5879465D15}C:\users\lenovo\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\lenovo\appdata\roaming\spotify\spotify.exe FirewallRules: [TCP Query User{D14699A0-91E6-461E-8AC5-DD9107872B80}C:\users\lenovo\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\lenovo\appdata\roaming\spotify\spotify.exe FirewallRules: [UDP Query User{3E9175A4-2493-4A34-82B4-957C293B0D16}C:\users\lenovo\appdata\roaming\spotify\spotify.exe] => (Block) C:\users\lenovo\appdata\roaming\spotify\spotify.exe FirewallRules: [TCP Query User{367D1349-4105-4D6D-9E76-A68881B35D61}C:\users\lenovo\appdata\roaming\spotify\spotify.exe] => (Block) C:\users\lenovo\appdata\roaming\spotify\spotify.exe FirewallRules: [{FD5793DC-520A-4CDF-8F38-0800CA664CC8}] => (Allow) C:\Program Files\Maxthon\Bin\MxUp.exe FirewallRules: [{62336B49-2623-4F9B-B9FF-4993AC953464}] => (Allow) C:\Program Files\Maxthon\Bin\Maxthon.exe FirewallRules: [{52864138-D775-4B80-96DF-F26180E47A4D}] => (Allow) C:\Program Files\Maxthon\Bin\MxUp.exe FirewallRules: [{8CBE15B4-DFE8-4BE4-8989-86250A748823}] => (Allow) C:\Program Files\Maxthon\Bin\Maxthon.exe FirewallRules: [UDP Query User{B73C7B17-96B6-4FCA-B858-51D3E69B53E5}C:\program files\maxthon\bin\maxthon.exe] => (Block) C:\program files\maxthon\bin\maxthon.exe FirewallRules: [TCP Query User{4FC386C2-ABB8-4CB8-8B32-A4DC4BD87FB6}C:\program files\maxthon\bin\maxthon.exe] => (Block) C:\program files\maxthon\bin\maxthon.exe FirewallRules: [{80C6D563-B0EA-49F4-A749-B4232338D429}] => (Allow) C:\Program Files\Winamp\winamp.exe FirewallRules: [{CAF95946-BE1D-44F4-9E7E-33CDB485C0D6}] => (Allow) C:\Program Files\Winamp\winamp.exe FirewallRules: [UDP Query User{73FF4E55-F0CD-4353-8753-65098BD0182A}C:\program files\smsdiscount.com\smsdiscount\smsdiscount.exe] => (Block) C:\program files\smsdiscount.com\smsdiscount\smsdiscount.exe FirewallRules: [TCP Query User{D885EE09-0398-48CC-A8A0-D7514205E619}C:\program files\smsdiscount.com\smsdiscount\smsdiscount.exe] => (Block) C:\program files\smsdiscount.com\smsdiscount\smsdiscount.exe FirewallRules: [{39027401-0113-44B1-93AF-128A3E61C8BC}] => (Allow) C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe FirewallRules: [{3812CC89-C137-4517-A548-09190A7972F2}] => (Allow) C:\Program Files\Skype\Phone\Skype.exe FirewallRules: [UDP Query User{0FD40C01-EED1-438B-931B-898EEC9F8044}C:\program files\smsdiscount.com\smsdiscount\smsdiscount.exe] => (Allow) C:\program files\smsdiscount.com\smsdiscount\smsdiscount.exe FirewallRules: [TCP Query User{B6B71C94-92FA-4451-A493-172014873801}C:\program files\smsdiscount.com\smsdiscount\smsdiscount.exe] => (Allow) C:\program files\smsdiscount.com\smsdiscount\smsdiscount.exe FirewallRules: [UDP Query User{D79C3084-F407-4C13-A731-E848C15E4E50}C:\program files\bitspirit\bitspirit.exe] => (Allow) C:\program files\bitspirit\bitspirit.exe FirewallRules: [TCP Query User{BB447B2B-9503-4662-8AE2-20706EEA978C}C:\program files\bitspirit\bitspirit.exe] => (Allow) C:\program files\bitspirit\bitspirit.exe FirewallRules: [{1D89F2CD-5F8E-4B42-9F5C-FCBAC7B1FC91}] => (Allow) C:\Program Files\HP\HP ENVY 4500 series\Bin\DeviceSetup.exe FirewallRules: [{90E4DB0C-AEB4-4F85-847D-615778C987A3}] => (Allow) LPort=5357 FirewallRules: [{CE338207-8E7A-4AA9-8FCD-1540146F7645}] => (Allow) C:\Program Files\HP\HP ENVY 4500 series\Bin\HPNetworkCommunicatorCom.exe FirewallRules: [{0D2114FA-7737-4AA2-8657-79ED0CA38BF6}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe ==================== Wadliwe urządzenia w Menedżerze urządzeń ============= ==================== Błędy w Dzienniku zdarzeń: ========================= Dziennik Aplikacja: ================== Error: (09/30/2015 05:57:52 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 2484) (User: LENOVO-KOMPUTER) Description: Działanie pakietu Microsoft.Windows.Cortana_1.4.8.176_neutral_neutral_cw5n1h2txyewy+CortanaUI zostało zakończone, ponieważ operacja wstrzymywania pakietu trwała zbyt długo. Error: (09/30/2015 05:57:24 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: LENOVO-KOMPUTER) Description: Aktywacja aplikacji 9E2F88E3.Twitter_wgeqdkkx372wm!App nie powiodła się. Błąd: -2144927142. Więcej informacji można znaleźć w dzienniku Microsoft-Windows-TWinUI/Działa. Error: (09/30/2015 05:57:24 PM) (Source: Application Hang) (EventID: 1002) (User: ) Description: Program Twitter.Windows.exe w wersji 1.0.0.0 przestał współpracować z systemem Windows i został zamknięty. Aby sprawdzić, czy jest dostępnych więcej informacji na temat tego problemu, sprawdź historię problemu w oknie Zabezpieczenia i konserwacja w Panelu sterowania. Identyfikator procesu: 11a4 Godzina rozpoczęcia: 01d0fb98a79d23b0 Godzina zakończenia: 4294967295 Ścieżka aplikacji: C:\Program Files\WindowsApps\9E2F88E3.Twitter_4.1.1.0_x86__wgeqdkkx372wm\Twitter.Windows.exe Identyfikator raportu: eee8cb54-678b-11e5-a06e-b870f448ed3f Pełna nazwa pakietu powodującego błąd: 9E2F88E3.Twitter_4.1.1.0_x86__wgeqdkkx372wm Identyfikator aplikacji względem pakietu powodującego błąd: App Error: (09/30/2015 05:51:34 PM) (Source: ESENT) (EventID: 413) (User: ) Description: SettingSyncHost (6060) Nie można utworzyć nowego pliku dziennika, ponieważ baza danych nie może dokonać zapisu na dysku dziennika. Dysk może być tylko do odczytu, zapełniony, niewłaściwie skonfigurowany lub uszkodzony. Błąd -1032. Error: (09/30/2015 05:51:34 PM) (Source: ESENT) (EventID: 488) (User: ) Description: SettingSyncHost (6060) Próba utworzenia pliku „C:\WINDOWS\system32\edbtmp.log” zakończyła się niepomyślnie z błędem systemowym 5 (0x00000005): „Odmowa dostępu. ”. Operacja tworzenia pliku zostanie zakończona z błędem -1032 (0xfffffbf8). Error: (09/30/2015 05:51:23 PM) (Source: ESENT) (EventID: 454) (User: ) Description: SettingSyncHost (6060) {7826877B-442D-4510-A9CA-BEC621ED9E79}: Odzyskiwanie/przywracanie bazy danych nie powiodło się z powodu nieoczekiwanego błędu: -1216. Error: (09/30/2015 05:51:23 PM) (Source: ESENT) (EventID: 494) (User: ) Description: SettingSyncHost (6060) {7826877B-442D-4510-A9CA-BEC621ED9E79}: Odzyskiwanie bazy danych zakończyło się niepomyślnie z błędem -1216, ponieważ napotkano odwołania do bazy danych „C:\Users\Lenovo\AppData\Local\Microsoft\Windows\SettingSync\metastore\meta.edb”, której już nie ma. Baza danych nie została doprowadzona do stanu Zamknięcie czyste, zanim została usunięta (możliwe też, że ją przeniesiono lub zmieniono jej nazwę). Aparat bazy danych nie pozwoli na dokończenie odzyskiwania w przypadku tego wystąpienia, dopóki brakująca baza danych nie zostanie przywrócona na miejsce. Jeśli baza danych faktycznie nie jest już dostępna ani wymagana, procedury dotyczące odzyskiwania sprawności po tym błędzie są dostępne w bazie wiedzy Microsoft Knowledge Base. Można też do nich dotrzeć, używając linku „więcej informacji” na dole tego komunikatu. Error: (09/30/2015 05:51:23 PM) (Source: ESENT) (EventID: 490) (User: ) Description: SettingSyncHost (6060) {7826877B-442D-4510-A9CA-BEC621ED9E79}: Próba otwarcia pliku „C:\Users\Lenovo\AppData\Local\Microsoft\Windows\SettingSync\metastore\meta.edb” w trybie odczytu lub zapisu zakończyła się niepomyślnie z błędem systemowym 32 (0x00000020): „Proces nie może uzyskać dostępu do pliku, ponieważ jest on używany przez inny proces. ”. Operacja otwierania pliku zostanie zakończona z błędem -1032 (0xfffffbf8). Error: (09/30/2015 05:44:13 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: LENOVO-KOMPUTER) Description: Aktywacja aplikacji Microsoft.Windows.ShellExperienceHost_cw5n1h2txyewy!App nie powiodła się. Błąd: -2144927141. Więcej informacji można znaleźć w dzienniku Microsoft-Windows-TWinUI/Działa. Error: (09/30/2015 05:44:11 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: LENOVO-KOMPUTER) Description: Aktywacja aplikacji Microsoft.Windows.Cortana_cw5n1h2txyewy!CortanaUI nie powiodła się. Błąd: -2144927141. Więcej informacji można znaleźć w dzienniku Microsoft-Windows-TWinUI/Działa. Dziennik System: ============= Error: (09/30/2015 05:54:20 PM) (Source: DCOM) (EventID: 10016) (User: ZARZĄDZANIE NT) Description: właściwe dla aplikacjiLokalnyAktywacja{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}ZARZĄDZANIE NTUSŁUGA LOKALNAS-1-5-19LocalHost (użycie LRPC)NiedostępnyNiedostępny Error: (09/30/2015 05:50:05 PM) (Source: Service Control Manager) (EventID: 7009) (User: ) Description: Upłynął limit czasu (30000 ms) podczas oczekiwania na połączenie się z usługą Synchronizuj hosta_Session1. Error: (09/30/2015 05:47:14 PM) (Source: Service Control Manager) (EventID: 7001) (User: ) Description: Usługa Adapter odbiornika Net.Tcp zależy od usługi Usługa udostępniania portów Net.Tcp, której nie można uruchomić z powodu następującego błędu: %%1058 Error: (09/30/2015 05:44:51 PM) (Source: Service Control Manager) (EventID: 7043) (User: ) Description: Usługa Usługa śledzenia diagnostyki nie została poprawnie zamknięta po odebraniu kodu sterującego przed zamknięciem. Error: (09/30/2015 05:44:13 PM) (Source: DCOM) (EventID: 10010) (User: LENOVO-KOMPUTER) Description: App Error: (09/30/2015 05:44:11 PM) (Source: DCOM) (EventID: 10010) (User: LENOVO-KOMPUTER) Description: CortanaUI.AppXd4tad4d57t4wtdbnnmb8v2xtzym8c1n8.mca Error: (09/30/2015 05:44:10 PM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: Usługa Dostęp do danych użytkownika_Session8 niespodziewanie zakończyła pracę. Wystąpiło to razy: 1. W przeciągu 10000 milisekund zostanie podjęta następująca czynność korekcyjna: Uruchom usługę ponownie. Error: (09/30/2015 05:44:10 PM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: Usługa Magazyn danych użytkownika_Session8 niespodziewanie zakończyła pracę. Wystąpiło to razy: 1. W przeciągu 10000 milisekund zostanie podjęta następująca czynność korekcyjna: Uruchom usługę ponownie. Error: (09/30/2015 05:44:10 PM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: Usługa Dane kontaktowe_Session8 niespodziewanie zakończyła pracę. Wystąpiło to razy: 1. W przeciągu 10000 milisekund zostanie podjęta następująca czynność korekcyjna: Uruchom usługę ponownie. Error: (09/30/2015 05:44:10 PM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: Usługa Synchronizuj hosta_Session8 niespodziewanie zakończyła pracę. Wystąpiło to razy: 1. W przeciągu 10000 milisekund zostanie podjęta następująca czynność korekcyjna: Uruchom usługę ponownie. CodeIntegrity: =================================== Date: 2015-09-29 15:52:55.809 Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2015-09-29 15:52:55.799 Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2015-09-29 15:52:55.713 Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2015-09-22 19:17:17.178 Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2015-09-22 19:17:17.053 Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2015-09-22 19:17:16.943 Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2015-09-22 19:17:16.787 Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2015-09-22 19:17:16.662 Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2015-09-22 19:17:16.490 Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2015-09-22 19:17:16.333 Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements. ==================== Statystyki pamięci =========================== Procesor: Intel(R) Core(TM) i3-2330M CPU @ 2.20GHz Procent pamięci w użyciu: 55% Całkowita pamięć fizyczna: 3017.86 MB Dostępna pamięć fizyczna: 1339.2 MB Całkowita pamięć wirtualna: 6089.86 MB Dostępna pamięć wirtualna: 3758.14 MB ==================== Dyski ================================ Drive c: () (Fixed) (Total:47.75 GB) (Free:9.06 GB) NTFS Drive d: () (Fixed) (Total:101.2 GB) (Free:71.11 GB) NTFS ==================== MBR & Tablica partycji ================== ======================================================== Disk: 0 (MBR Code: Windows 7 or 8) (Size: 149.1 GB) (Disk ID: 46827CAC) Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS) Partition 2: (Not Active) - (Size=47.8 GB) - (Type=07 NTFS) Partition 3: (Not Active) - (Size=101.2 GB) - (Type=07 NTFS) ==================== Koniec Addition.txt ============================