Rezultaty skanu uzupełniającego Farbar Recovery Scan Tool (x86) Wersja:12-10-2015 Uruchomiony przez Lenovo (2015-10-13 08:31:59) Uruchomiony z C:\Users\Lenovo\Desktop Microsoft Windows 10 Home (X86) (2015-09-18 14:01:17) Tryb startu: Normal ========================================================== ==================== Konta użytkowników: ============================= Administrator (S-1-5-21-4144906793-159945770-2030462716-500 - Administrator - Disabled) Gość (S-1-5-21-4144906793-159945770-2030462716-501 - Limited - Disabled) HomeGroupUser$ (S-1-5-21-4144906793-159945770-2030462716-1002 - Limited - Enabled) Konto domyślne (S-1-5-21-4144906793-159945770-2030462716-503 - Limited - Disabled) Lenovo (S-1-5-21-4144906793-159945770-2030462716-1000 - Administrator - Enabled) => C:\Users\Lenovo ==================== Centrum zabezpieczeń ======================== (Załączenie wejścia w fixlist spowoduje jego usunięcie.) AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} ==================== Zainstalowane programy ====================== (W fixlist dozwolone tylko załączanie programów adware z flagą "Hidden" w celu ich uwidocznienia. Programy adware powinny zostać w poprawny sposób odinstalowane.) 7-Zip 9.20 (HKLM\...\7-Zip) (Version: - ) ABBYY FineReader 9.0 Sprint (HKLM\...\ABBYY FineReader 9.0 Sprint) (Version: 9.00.631.5823 - ABBYY) ABBYY FineReader 9.0 Sprint (Version: 9.00.631.5823 - ABBYY) Hidden Adobe Digital Editions 3.0 (HKLM\...\Adobe Digital Editions 3.0) (Version: 3.0.1 - Adobe Systems Incorporated) Adobe Flash Player 19 NPAPI (HKLM\...\Adobe Flash Player NPAPI) (Version: 19.0.0.209 - Adobe Systems Incorporated) Adobe Flash Player 19 PPAPI (HKLM\...\Adobe Flash Player PPAPI) (Version: 19.0.0.209 - Adobe Systems Incorporated) ALLPlayer V5.X (HKLM\...\ALLPlayer_is1) (Version: - ALLPlayer Group, Ltd.) ALLPlayer.TV (HKU\S-1-5-21-4144906793-159945770-2030462716-1000\...\2859361245.api.allplayer.nextplus.pl) (Version: - api.allplayer.nextplus.pl) AMD Catalyst Control Center (HKLM\...\WUCCCApp) (Version: 1.00.0000 - AMD) AMD Catalyst Install Manager (HKLM\...\{3A68C556-8FFA-86A9-10BD-7F032B055A66}) (Version: 8.0.916.0 - Advanced Micro Devices, Inc.) Atheros Communications Inc.(R) AR81Family Gigabit/Fast Ethernet Driver (HKLM\...\{3108C217-BE83-42E4-AE9E-A56A2A92E549}) (Version: 1.0.0.39 - Atheros Communications Inc.) ATI Uninstaller (HKLM\...\ATI Uninstaller) (Version: 8.981-120704a-156763C-Lenovo - Advanced Micro Devices, Inc.) Badanie mające na celu poprawę produktów HP ENVY 4500 series (HKLM\...\{FD2AA1A2-2C29-420C-9182-88E258FB65BA}) (Version: 32.3.198.49673 - Hewlett-Packard Co.) BitSpirit v3.5.0.275 Stable (HKLM\...\BitSpirit_is1) (Version: - LANSPIRIT.NET) calibre (HKLM\...\{AB116F72-C91A-40F2-A25A-949B5D065EBB}) (Version: 2.3.0 - Kovid Goyal) Cisco WebEx Meetings (HKU\S-1-5-21-4144906793-159945770-2030462716-1000\...\ActiveTouchMeetingClient) (Version: - Cisco WebEx LLC) Citrix Online Launcher (HKLM\...\{1EFF9E6C-76E1-43F9-81FB-BC8C037B0902}) (Version: 1.0.258 - Citrix) Download Navigator (HKLM\...\{E728441A-7820-4B1C-87C9-DE7BE37B2953}) (Version: 1.1.0 - SEIKO EPSON CORPORATION) Energy Management (HKLM\...\InstallShield_{D0956C11-0F60-43FE-99AD-524E833471BB}) (Version: 6.0.3.0 - Lenovo) Energy Management (Version: 6.0.3.0 - Lenovo) Hidden f.lux (HKU\S-1-5-21-4144906793-159945770-2030462716-1000\...\Flux) (Version: - ) FxPro - MetaTrader 4 (HKLM\...\FxPro - MetaTrader 4) (Version: 4.00 - MetaQuotes Software Corp.) Google Chrome (HKLM\...\Google Chrome) (Version: 45.0.2454.101 - Google Inc.) Google Update Helper (Version: 1.3.25.11 - Google Inc.) Hidden Google Update Helper (Version: 1.3.28.15 - Google Inc.) Hidden HitmanPro 3.7 (HKLM\...\HitmanPro37) (Version: 3.7.9.245 - SurfRight B.V.) HP ENVY 4500 series — podstawowe oprogramowanie urządzenia (HKLM\...\{6486AD7F-FFC2-48C3-8190-AD545C9EB1D5}) (Version: 32.3.198.49673 - Hewlett-Packard Co.) HP ENVY 4500 series Pomoc (HKLM\...\{BFD64EA9-055F-4B9E-9DD1-D3C547866E5E}) (Version: 30.0.0 - Hewlett Packard) HP Photo Creations (HKU\S-1-5-21-4144906793-159945770-2030462716-1000\...\HP Photo Creations) (Version: 1.0.0.19082 - HP) HP Update (HKLM\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard) Intel(R) Display Audio Driver (HKLM\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 6.14.00.3086 - Intel Corporation) Intel(R) Management Engine Components (HKLM\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 7.0.0.1118 - Intel Corporation) Java 8 Update 60 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83218060F0}) (Version: 8.0.600.27 - Oracle Corporation) Kits Configuration Installer (Version: 10.0.26624 - Microsoft) Hidden Lenovo EasyCamera (HKLM\...\{ADE16A9D-FBDC-4ecc-B6BD-9C31E51D0332}) (Version: 3.15.0414.1 - Vimicro) Lenovo Service Bridge (HKU\S-1-5-21-4144906793-159945770-2030462716-1000\...\cbe8636f7dd0cf1d) (Version: 1.5.1.0 - Lenovo) Lenovo System Interface Foundation (HKLM\...\{884BAF97-AC8D-463E-846A-47DD41866A19}) (Version: 1.0.044.00 - Lenovo) Lenovo YouCam (HKLM\...\InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 3.1.3603 - CyberLink Corp.) Lenovo YouCam (Version: 3.1.3603 - CyberLink Corp.) Hidden Malwarebytes Anti-Malware wersja 2.1.8.1057 (HKLM\...\Malwarebytes Anti-Malware_is1) (Version: 2.1.8.1057 - Malwarebytes Corporation) Maxthon Cloud Browser (HKLM\...\Maxthon3) (Version: 4.4.1.2001 - Maxthon International Limited) Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.40728.0 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 (HKLM\...\{22154f09-719a-4619-bb71-5b3356999fbf}) (Version: 11.0.50727.1 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation) NapiProjekt 2.0.0 (build 2151) (HKLM\...\NapiProjekt_is1) (Version: - ) Network Recording Player (HKLM\...\{21706D5B-A09C-42F1-95B5-CBDFE20F9852}) (Version: 29.10.1.10115 - Cisco WebEx LLC) OpenOffice.org 3.4.1 (HKLM\...\{D90BC3B4-7EEE-41E3-B20C-0F8F9BAF4EA3}) (Version: 3.41.9593 - Apache Software Foundation) PX Profile Update (Version: 1.00.1. - AMD) Hidden Raptr (HKLM\...\Raptr) (Version: - ) Realtek USB 2.0 Card Reader (HKLM\...\{96AE7E41-E34E-47D0-AC07-1091A8127911}) (Version: 6.1.8400.39030 - Realtek Semiconductor Corp.) Revo Uninstaller 1.95 (HKLM\...\Revo Uninstaller) (Version: 1.95 - VS Revo Group) SaxoTrader 2 (HKLM\...\{024D66E9-D50C-44A7-92B4-2DFDDD95D228}) (Version: 2.110.25.0 - Saxo Bank) Skype Click to Call (HKLM\...\{6D1221A9-17BF-4EC0-81F2-27D30EC30701}) (Version: 7.4.0.9058 - Microsoft Corporation) Skype™ 7.10 (HKLM\...\{6A0549A9-1B96-498C-ACBC-3943001FEB19}) (Version: 7.10.101 - Skype Technologies S.A.) Sony Mobile Update Engine (HKLM\...\Update Engine) (Version: 2.14.14.201410081526 - Sony Mobile Communications AB) Sony PC Companion 2.10.281 (HKLM\...\{F09EF8F2-0976-42C1-8D9D-8DF78337C6E3}) (Version: 2.10.281 - Sony) Spotify (HKU\S-1-5-21-4144906793-159945770-2030462716-1000\...\Spotify) (Version: 1.0.9.133.gcedaee38 - Spotify AB) Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 19.0.19.1 - Synaptics Incorporated) Trader Workstation 4.0 (HKLM\...\Trader Workstation 4.0) (Version: - ) ViewRight Web PC 3.6.0.0 (HKLM\...\{27961C9F-1965-48D9-A579-40F8EBEA0603}) (Version: 3.6.0.0 - Verimatrix, Inc.) Winamp (HKLM\...\Winamp) (Version: 5.666 - Nullsoft, Inc) Windows Software Development Kit - Windows 10.0.26624 (HKLM\...\{e7a0c8b6-b0e9-41e2-8a0a-a6784f88d1d4}) (Version: 10.0.26624 - Microsoft Corporation) WinRAR 5.01 (32-bit) (HKLM\...\WinRAR archiver) (Version: 5.01.0 - win.rar GmbH) WPT Redistributables (Version: 10.0.26624 - Microsoft) Hidden WPTx86 (Version: 10.0.26624 - Microsoft) Hidden ==================== Niestandardowe rejestracje CLSID (filtrowane): ========================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) CustomCLSID: HKU\S-1-5-21-4144906793-159945770-2030462716-1000_Classes\CLSID\{0002DF01-0000-0000-C000-000000000046}\localserver32 -> C:\Program Files\Maxthon\Bin\Maxthon.exe (Maxthon International ltd.) CustomCLSID: HKU\S-1-5-21-4144906793-159945770-2030462716-1000_Classes\CLSID\{9356e2bb-6c9a-43c0-a771-5cacbdab6afe}\InprocServer32 -> C:\Users\Lenovo\AppData\Roaming\HP Photo Creations\RLPNUpload.dll (RocketLife) CustomCLSID: HKU\S-1-5-21-4144906793-159945770-2030462716-1000_Classes\CLSID\{A10E0335-AFCA-4E7E-975F-CA30235FB29A}\InprocServer32 -> C:\Users\Lenovo\AppData\Roaming\Visan\plugins\npRLSecurePluginLayer.dll (RocketLife, LLP) CustomCLSID: HKU\S-1-5-21-4144906793-159945770-2030462716-1000_Classes\CLSID\{cc05a616-ddb3-4cc0-9a21-dc0e9962b444}\InprocServer32 -> C:\Users\Lenovo\AppData\Roaming\HP Photo Creations\ContentMan.dll (RocketLife) CustomCLSID: HKU\S-1-5-21-4144906793-159945770-2030462716-1000_Classes\CLSID\{ff280b55-14f1-49ae-b40f-15f5294ce630}\InprocServer32 -> C:\Users\Lenovo\AppData\Roaming\HP Photo Creations\RocketEngine.dll (Visan inc.) ==================== Punkty Przywracania systemu ========================= UWAGA: Przywracanie systemu jest wyłączone ==================== Hosts - zawartość: =============================== (Użycie dyrektywy Hosts: w fixlist spowoduje reset pliku Hosts.) 2009-07-14 04:04 - 2009-06-10 23:39 - 00000824 ____A C:\WINDOWS\system32\Drivers\etc\hosts ==================== Zaplanowane zadania (filtrowane) ============= (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) Task: {0DECA2AC-3FE4-4A98-B0FB-921BAB9FBAB2} - System32\Tasks\MirageAgent => C:\Program Files\Lenovo\YouCam\YCMMirage.exe [2010-12-05] (CyberLink) Task: {41348EEE-DEA1-4F35-80B2-FCD38BA54D9E} - System32\Tasks\CreateChoiceProcessTask => C:\Windows\System32\browserchoice.exe Task: {69B5E128-3104-4440-92B4-7D4C10764C3B} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2015-08-31] (Google Inc.) Task: {6EA25F5C-5524-4462-A9C7-52E449EA8ACD} - System32\Tasks\Lenovo\Lenovo Service Bridge\S-1-5-21-4144906793-159945770-2030462716-1000 => Rundll32.exe dfshim.dll,ShOpenVerbShortcut C:\Users\Lenovo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Lenovo\Lenovo Service Bridge.appref-ms Task: {7AD64A8E-C427-45B6-BF51-BCED2EBC9C61} - System32\Tasks\HPCustParticipation HP ENVY 4500 series => C:\Program Files\HP\HP ENVY 4500 series\Bin\HPCustPartic.exe [2014-07-21] (Hewlett-Packard Development Company, LP) Task: {7E616D96-79B8-4DD5-B5E3-01FA8B421D19} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2015-08-31] (Google Inc.) Task: {8A18489C-3096-4F81-9DB1-4A22E271A828} - System32\Tasks\Maxthon Update => C:\Program Files\Maxthon\Bin\mxup.exe [2015-04-21] (Maxthon International ltd.) Task: {96F0194B-EF03-427F-AB5B-9E0823E18D6C} - System32\Tasks\Microsoft\Microsoft Antimalware\MpIdleTask => C:\Program Files\Microsoft Security Client\MpCmdRun.exe Task: {AAC2ACAB-C13F-4774-89FF-18E8B50C3AE2} - System32\Tasks\Lenovo\ImController\Plugins\LenovoSystemUpdatePlugin_TVSUUpdateTask => C:\WINDOWS\System32\reg.exe [2015-07-10] (Microsoft Corporation) Task: {AF9B9CAF-3674-46A6-A7B7-2747459C6D09} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2015-10-08] (Adobe Systems Incorporated) Task: {FA47213B-8A8E-4BC0-B2BD-68F20413D227} - System32\Tasks\Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan => C:\Program Files\Microsoft Security Client\MpCmdRun.exe (Załączenie wejścia w fixlist spowoduje przesunięcie pliku zadania (.job). Plik uruchamiany docelowo przez zadanie nie zostanie przeniesiony.) Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe ==================== Załadowane moduły (filtrowane) ============== 2015-09-10 06:02 - 2015-09-10 06:02 - 00025088 _____ () C:\WINDOWS\SYSTEM32\licensemanagerapi.dll 2015-09-18 17:48 - 2015-09-18 17:47 - 00216992 _____ () C:\Windows\System32\iMDriverHelper.dll 2015-09-10 06:02 - 2015-09-10 06:02 - 00301056 _____ () C:\WINDOWS\System32\diagtrack_wininternal.dll 2015-08-13 21:24 - 2015-08-13 21:24 - 00033696 _____ () C:\Program Files\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe 2015-10-04 09:54 - 2015-10-04 09:54 - 01232896 _____ () C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Windows.Networking\8a5953ebf860a6927ad426f1d263bd41\Windows.Networking.ni.dll 2015-09-30 20:51 - 2015-09-17 08:27 - 01766952 _____ () C:\WINDOWS\system32\CoreUIComponents.dll 2015-09-30 20:51 - 2015-09-17 08:27 - 01766952 _____ () C:\WINDOWS\System32\CoreUIComponents.dll 2015-07-10 10:24 - 2015-07-10 10:24 - 00288768 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\QuickActions.dll 2015-09-30 20:51 - 2015-09-17 07:28 - 04317696 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll 2015-09-30 20:51 - 2015-09-17 07:25 - 00377856 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll 2015-09-30 20:51 - 2015-09-17 07:25 - 01183232 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll 2015-09-30 20:51 - 2015-09-17 07:26 - 01425920 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll 2015-06-01 21:00 - 2015-06-01 21:00 - 00102912 _____ () C:\Windows\System32\IccLibDll.dll 2008-12-20 03:20 - 2008-12-20 03:20 - 00051016 _____ () C:\Program Files\Lenovo\Energy Management\HookLib.dll 2008-12-20 03:20 - 2008-12-20 03:20 - 00063304 _____ () C:\Program Files\Lenovo\Energy Management\kbdhook.dll 2010-11-23 00:56 - 2010-11-23 00:56 - 00087040 _____ () C:\Program Files\Raptr\_ctypes.pyd 2010-11-23 00:56 - 2010-11-23 00:56 - 00043008 _____ () C:\Program Files\Raptr\_socket.pyd 2010-11-23 00:56 - 2010-11-23 00:56 - 00805376 _____ () C:\Program Files\Raptr\_ssl.pyd 2014-05-14 01:26 - 2014-05-14 01:26 - 05812736 _____ () C:\Program Files\Raptr\PyQt4.QtGui.pyd 2014-05-14 01:26 - 2014-05-14 01:26 - 00067584 _____ () C:\Program Files\Raptr\sip.pyd 2014-05-14 01:26 - 2014-05-14 01:26 - 01662464 _____ () C:\Program Files\Raptr\PyQt4.QtCore.pyd 2014-05-14 01:26 - 2014-05-14 01:26 - 00494592 _____ () C:\Program Files\Raptr\PyQt4.QtNetwork.pyd 2010-11-23 00:57 - 2010-11-23 00:57 - 00096256 _____ () C:\Program Files\Raptr\win32api.pyd 2010-11-23 00:56 - 2010-11-23 00:56 - 00110592 _____ () C:\Program Files\Raptr\pywintypes26.dll 2010-11-23 00:56 - 2010-11-23 00:56 - 00010240 _____ () C:\Program Files\Raptr\select.pyd 2010-11-23 00:56 - 2010-11-23 00:56 - 00356864 _____ () C:\Program Files\Raptr\_hashlib.pyd 2010-11-23 00:57 - 2010-11-23 00:57 - 00036352 _____ () C:\Program Files\Raptr\win32process.pyd 2010-11-23 00:57 - 2010-11-23 00:57 - 00111104 _____ () C:\Program Files\Raptr\win32file.pyd 2010-11-23 00:56 - 2010-11-23 00:56 - 00044544 _____ () C:\Program Files\Raptr\_sqlite3.pyd 2011-02-15 20:17 - 2011-02-15 20:17 - 00417501 _____ () C:\Program Files\Raptr\sqlite3.dll 2010-11-23 00:57 - 2010-11-23 00:57 - 00167936 _____ () C:\Program Files\Raptr\win32gui.pyd 2014-05-14 01:26 - 2014-05-14 01:26 - 00313856 _____ () C:\Program Files\Raptr\PyQt4.QtWebKit.pyd 2010-11-23 00:56 - 2010-11-23 00:56 - 00127488 _____ () C:\Program Files\Raptr\pyexpat.pyd 2010-11-23 00:56 - 2010-11-23 00:56 - 00009216 _____ () C:\Program Files\Raptr\winsound.pyd 2014-08-14 02:37 - 2014-08-14 02:37 - 00113171 _____ () C:\Program Files\Raptr\libvlc.dll 2014-08-14 02:37 - 2014-08-14 02:37 - 02396691 _____ () C:\Program Files\Raptr\libvlccore.dll 2010-11-23 00:56 - 2010-11-23 00:56 - 00583680 _____ () C:\Program Files\Raptr\unicodedata.pyd 2010-11-23 00:56 - 2010-11-23 00:56 - 00354304 _____ () C:\Program Files\Raptr\pythoncom26.dll 2010-11-23 00:57 - 2010-11-23 00:57 - 00263168 _____ () C:\Program Files\Raptr\win32com.shell.shell.pyd 2010-11-23 00:56 - 2010-11-23 00:56 - 00324608 _____ () C:\Program Files\Raptr\PIL._imaging.pyd 2015-06-27 01:09 - 2015-06-27 01:09 - 00271872 _____ () C:\Program Files\Raptr\amd_ags.dll 2010-11-23 00:57 - 2010-11-23 00:57 - 00024064 _____ () C:\Program Files\Raptr\win32pipe.pyd 2010-11-23 00:57 - 2010-11-23 00:57 - 00141312 _____ () C:\Program Files\Raptr\gobject._gobject.pyd 2014-06-18 02:56 - 2014-06-18 02:56 - 02717595 _____ () C:\Program Files\Raptr\heliotrope._purple.pyd 2011-02-15 20:17 - 2011-02-15 20:17 - 01213633 _____ () C:\Program Files\Raptr\libxml2-2.dll 2010-11-23 01:06 - 2010-11-23 01:06 - 00055808 _____ () C:\Program Files\Raptr\zlib1.dll 2013-05-10 01:52 - 2013-05-10 01:52 - 00495680 _____ () C:\Program Files\Raptr\plugins\libaim.dll 2013-05-10 01:52 - 2013-05-10 01:52 - 01183699 _____ () C:\Program Files\Raptr\liboscar.dll 2013-05-10 01:52 - 2013-05-10 01:52 - 00483306 _____ () C:\Program Files\Raptr\plugins\libicq.dll 2013-05-03 20:57 - 2013-05-03 20:57 - 00655356 _____ () C:\Program Files\Raptr\plugins\libirc.dll 2013-05-03 20:56 - 2013-05-03 20:56 - 01306387 _____ () C:\Program Files\Raptr\plugins\libmsn.dll 2013-05-03 20:56 - 2013-05-03 20:56 - 00565461 _____ () C:\Program Files\Raptr\plugins\libxmpp.dll 2013-05-03 20:57 - 2013-05-03 20:57 - 01640221 _____ () C:\Program Files\Raptr\libjabber.dll 2013-05-03 20:56 - 2013-05-03 20:56 - 00506276 _____ () C:\Program Files\Raptr\plugins\libyahoo.dll 2013-05-03 20:57 - 2013-05-03 20:57 - 01053730 _____ () C:\Program Files\Raptr\libymsg.dll 2013-05-03 20:57 - 2013-05-03 20:57 - 00497782 _____ () C:\Program Files\Raptr\plugins\libyahoojp.dll 2013-05-03 20:57 - 2013-05-03 20:57 - 00603326 _____ () C:\Program Files\Raptr\plugins\ssl-nss.dll 2013-05-03 20:57 - 2013-05-03 20:57 - 00474199 _____ () C:\Program Files\Raptr\plugins\ssl.dll 2014-05-20 13:06 - 2013-11-18 03:18 - 00258944 _____ () C:\Program Files\Maxthon\bin\Maxzlib.dll 2014-05-20 13:06 - 2014-05-29 04:40 - 00247096 _____ () C:\Program Files\Maxthon\Addons\Mobile\MxMobile.dll 2014-05-20 13:06 - 2013-11-18 03:18 - 00258944 _____ () C:\Program Files\Maxthon\Bin\maxzlib.dll 2014-05-20 13:06 - 2013-11-21 08:37 - 00887064 _____ () C:\Program Files\Maxthon\Core\Webkit\libglesv2.dll 2014-05-20 13:06 - 2013-11-21 08:37 - 00109336 _____ () C:\Program Files\Maxthon\Core\Webkit\libegl.dll 2014-05-20 13:06 - 2013-11-21 08:37 - 02128152 _____ () C:\Program Files\Maxthon\Core\Webkit\ffmpegsumo.dll ==================== Alternate Data Streams (filtrowane) ========= (Załączenie wejścia w fixlist spowoduje usunięcie strumienia ADS.) AlternateDataStreams: C:\Windows:nlsPreferences ==================== Tryb awaryjny (filtrowane) =================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Wartość "AlternateShell" zostanie przywrócona.) ==================== EXE - Powiązania (filtrowane) =============== (Załączenie wejścia w fixlist spowoduje usunięcie obiektu z rejestru lub przywrócenie jego domyślnej postaci.) ==================== Internet Explorer - Witryny zaufane i z ograniczeniami =============== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru.) IE trusted site: HKU\S-1-5-21-4144906793-159945770-2030462716-1000\...\iitech.dk -> iitech.dk IE trusted site: HKU\S-1-5-21-4144906793-159945770-2030462716-1000\...\onlinewebconnect.com -> onlinewebconnect.com ==================== Inne obszary ============================ (Obecnie brak automatycznej naprawy dla tej sekcji.) HKU\S-1-5-21-4144906793-159945770-2030462716-1000\Control Panel\Desktop\\Wallpaper -> C:\Windows\web\wallpaper\Windows\img0.jpg DNS Servers: 192.168.1.1 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1) Zapora systemu Windows - funkcja włączona. ==================== MSCONFIG/TASK MANAGER - Wyłączone elementy == (Obecnie brak automatycznej naprawy dla tej sekcji.) HKLM\...\StartupApproved\Run: => "HP Software Update" HKLM\...\StartupApproved\Run: => "SunJavaUpdateSched" HKLM\...\StartupApproved\Run: => "331BigDog" HKLM\...\StartupApproved\Run: => "YouCam Tray" HKLM\...\StartupApproved\Run: => "YouCam Mirage" HKU\S-1-5-21-4144906793-159945770-2030462716-1000\...\StartupApproved\StartupFolder: => "OpenOffice.org 3.4.1.lnk" HKU\S-1-5-21-4144906793-159945770-2030462716-1000\...\StartupApproved\Run: => "GoogleChromeAutoLaunch_332B101ED56858E0765C41199BCD4350" HKU\S-1-5-21-4144906793-159945770-2030462716-1000\...\StartupApproved\Run: => "OneDrive" HKU\S-1-5-21-4144906793-159945770-2030462716-1000\...\StartupApproved\Run: => "HP ENVY 4500 series (NET)" HKU\S-1-5-21-4144906793-159945770-2030462716-1000\...\StartupApproved\Run: => "Sony PC Companion" HKU\S-1-5-21-4144906793-159945770-2030462716-1000\...\StartupApproved\Run: => "Spotify" HKU\S-1-5-21-4144906793-159945770-2030462716-1000\...\StartupApproved\Run: => "Spotify Web Helper" HKU\S-1-5-21-4144906793-159945770-2030462716-1000\...\StartupApproved\Run: => "AmoltoRecorder" ==================== Reguły Zapory systemu Windows (filtrowane) =============== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139 FirewallRules: [MSMQ-In-TCP] => (Allow) %systemroot%\system32\mqsvc.exe FirewallRules: [MSMQ-Out-TCP] => (Allow) %systemroot%\system32\mqsvc.exe FirewallRules: [MSMQ-In-UDP] => (Allow) %systemroot%\system32\mqsvc.exe FirewallRules: [MSMQ-Out-UDP] => (Allow) %systemroot%\system32\mqsvc.exe FirewallRules: [WCF-NetTcpActivator-In-TCP-32bit] => (Allow) LPort=808 FirewallRules: [UDP Query User{D1856AC4-8C9A-4C3E-B127-527163611632}C:\program files\bitspirit\bitspirit.exe] => (Block) C:\program files\bitspirit\bitspirit.exe FirewallRules: [TCP Query User{E4FBFCA0-1C51-42CF-9AC0-899ED66E7923}C:\program files\bitspirit\bitspirit.exe] => (Block) C:\program files\bitspirit\bitspirit.exe FirewallRules: [UDP Query User{1F11117C-464C-4FAB-8127-5FA3A7FF0ECB}C:\program\voipconnect.exe] => (Block) C:\program\voipconnect.exe FirewallRules: [TCP Query User{AA51974E-5607-4924-81CE-52FFC5959CAE}C:\program\voipconnect.exe] => (Block) C:\program\voipconnect.exe FirewallRules: [{E4623BAD-D15F-43B3-947D-DDA57F53EB46}] => (Allow) C:\Program\VoipConnect.exe FirewallRules: [{380A74D3-CC8C-4316-8529-1320F4B4BCD3}] => (Allow) C:\Program\VoipConnect.exe FirewallRules: [UDP Query User{752746FC-043A-497B-AC1D-AB5A95DAC3F7}C:\program files\cqg\cqgnet\bin\cqgnetscore.exe] => (Allow) C:\program files\cqg\cqgnet\bin\cqgnetscore.exe FirewallRules: [TCP Query User{45239F14-7A59-43F6-8440-EB4EAC232D5A}C:\program files\cqg\cqgnet\bin\cqgnetscore.exe] => (Allow) C:\program files\cqg\cqgnet\bin\cqgnetscore.exe FirewallRules: [UDP Query User{9A43AEF4-58C2-41AD-975D-27E402A155C0}C:\program files\cqg\cqgnet\bin\cqg.exe] => (Allow) C:\program files\cqg\cqgnet\bin\cqg.exe FirewallRules: [TCP Query User{6245101A-1FC6-49D4-98D7-250E3EC95468}C:\program files\cqg\cqgnet\bin\cqg.exe] => (Allow) C:\program files\cqg\cqgnet\bin\cqg.exe FirewallRules: [UDP Query User{C1FE3247-3A64-4494-AFC3-72D8F31E45AE}C:\users\lenovo\appdata\local\logmein rescue applet\lmir0001.tmp\lmi_rescue.exe] => (Allow) C:\users\lenovo\appdata\local\logmein rescue applet\lmir0001.tmp\lmi_rescue.exe FirewallRules: [TCP Query User{4FB5C27E-C906-4ECC-98E5-BD7A0E43216E}C:\users\lenovo\appdata\local\logmein rescue applet\lmir0001.tmp\lmi_rescue.exe] => (Allow) C:\users\lenovo\appdata\local\logmein rescue applet\lmir0001.tmp\lmi_rescue.exe FirewallRules: [UDP Query User{BDDB6AD8-15B7-49F6-A0B5-5DDA4B582EC7}C:\program files\java\jre1.8.0_25\bin\java.exe] => (Block) C:\program files\java\jre1.8.0_25\bin\java.exe FirewallRules: [TCP Query User{3A5445D0-9AD3-4250-B00E-9CB16B7A9C9A}C:\program files\java\jre1.8.0_25\bin\java.exe] => (Block) C:\program files\java\jre1.8.0_25\bin\java.exe FirewallRules: [{3BBEDFC7-16CC-4A16-B96B-9BBD850E0C57}] => (Allow) C:\Program Files\Sony Mobile\Update Engine\Sony Mobile Update Engine.exe FirewallRules: [{FECA9343-9B76-4362-A6A1-8002166277EE}] => (Allow) C:\Program Files\Sony Mobile\Update Engine\Sony Mobile Update Engine.exe FirewallRules: [{3CD806BB-5442-44F0-B057-B62EA293C7C7}] => (Allow) C:\Program Files\Loca\bin\LocaProxy.exe FirewallRules: [{F0614C4B-EE2D-40D7-B5F2-16A27CB7BDA0}] => (Allow) C:\Program Files\Loca\bin\LocaProxy.exe FirewallRules: [UDP Query User{6B851C42-F5FE-4C17-9C8C-CA419CE78B0C}C:\program files\epson software\event manager\eeventmanager.exe] => (Block) C:\program files\epson software\event manager\eeventmanager.exe FirewallRules: [TCP Query User{6C075361-8166-482A-9135-BFF207DA560B}C:\program files\epson software\event manager\eeventmanager.exe] => (Block) C:\program files\epson software\event manager\eeventmanager.exe FirewallRules: [UDP Query User{F059C372-759A-43BC-B221-0491847BB091}C:\program files\epson software\event manager\eeventmanager.exe] => (Allow) C:\program files\epson software\event manager\eeventmanager.exe FirewallRules: [TCP Query User{779F4B2A-B439-4095-8A3F-94766E55B59A}C:\program files\epson software\event manager\eeventmanager.exe] => (Allow) C:\program files\epson software\event manager\eeventmanager.exe FirewallRules: [UDP Query User{7C718B36-D92C-4A6F-AEBA-6F5879465D15}C:\users\lenovo\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\lenovo\appdata\roaming\spotify\spotify.exe FirewallRules: [TCP Query User{D14699A0-91E6-461E-8AC5-DD9107872B80}C:\users\lenovo\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\lenovo\appdata\roaming\spotify\spotify.exe FirewallRules: [UDP Query User{3E9175A4-2493-4A34-82B4-957C293B0D16}C:\users\lenovo\appdata\roaming\spotify\spotify.exe] => (Block) C:\users\lenovo\appdata\roaming\spotify\spotify.exe FirewallRules: [TCP Query User{367D1349-4105-4D6D-9E76-A68881B35D61}C:\users\lenovo\appdata\roaming\spotify\spotify.exe] => (Block) C:\users\lenovo\appdata\roaming\spotify\spotify.exe FirewallRules: [{FD5793DC-520A-4CDF-8F38-0800CA664CC8}] => (Allow) C:\Program Files\Maxthon\Bin\MxUp.exe FirewallRules: [{62336B49-2623-4F9B-B9FF-4993AC953464}] => (Allow) C:\Program Files\Maxthon\Bin\Maxthon.exe FirewallRules: [{52864138-D775-4B80-96DF-F26180E47A4D}] => (Allow) C:\Program Files\Maxthon\Bin\MxUp.exe FirewallRules: [{8CBE15B4-DFE8-4BE4-8989-86250A748823}] => (Allow) C:\Program Files\Maxthon\Bin\Maxthon.exe FirewallRules: [UDP Query User{B73C7B17-96B6-4FCA-B858-51D3E69B53E5}C:\program files\maxthon\bin\maxthon.exe] => (Block) C:\program files\maxthon\bin\maxthon.exe FirewallRules: [TCP Query User{4FC386C2-ABB8-4CB8-8B32-A4DC4BD87FB6}C:\program files\maxthon\bin\maxthon.exe] => (Block) C:\program files\maxthon\bin\maxthon.exe FirewallRules: [{80C6D563-B0EA-49F4-A749-B4232338D429}] => (Allow) C:\Program Files\Winamp\winamp.exe FirewallRules: [{CAF95946-BE1D-44F4-9E7E-33CDB485C0D6}] => (Allow) C:\Program Files\Winamp\winamp.exe FirewallRules: [UDP Query User{73FF4E55-F0CD-4353-8753-65098BD0182A}C:\program files\smsdiscount.com\smsdiscount\smsdiscount.exe] => (Block) C:\program files\smsdiscount.com\smsdiscount\smsdiscount.exe FirewallRules: [TCP Query User{D885EE09-0398-48CC-A8A0-D7514205E619}C:\program files\smsdiscount.com\smsdiscount\smsdiscount.exe] => (Block) C:\program files\smsdiscount.com\smsdiscount\smsdiscount.exe FirewallRules: [{39027401-0113-44B1-93AF-128A3E61C8BC}] => (Allow) C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe FirewallRules: [{3812CC89-C137-4517-A548-09190A7972F2}] => (Allow) C:\Program Files\Skype\Phone\Skype.exe FirewallRules: [UDP Query User{0FD40C01-EED1-438B-931B-898EEC9F8044}C:\program files\smsdiscount.com\smsdiscount\smsdiscount.exe] => (Allow) C:\program files\smsdiscount.com\smsdiscount\smsdiscount.exe FirewallRules: [TCP Query User{B6B71C94-92FA-4451-A493-172014873801}C:\program files\smsdiscount.com\smsdiscount\smsdiscount.exe] => (Allow) C:\program files\smsdiscount.com\smsdiscount\smsdiscount.exe FirewallRules: [UDP Query User{D79C3084-F407-4C13-A731-E848C15E4E50}C:\program files\bitspirit\bitspirit.exe] => (Allow) C:\program files\bitspirit\bitspirit.exe FirewallRules: [TCP Query User{BB447B2B-9503-4662-8AE2-20706EEA978C}C:\program files\bitspirit\bitspirit.exe] => (Allow) C:\program files\bitspirit\bitspirit.exe FirewallRules: [{1D89F2CD-5F8E-4B42-9F5C-FCBAC7B1FC91}] => (Allow) C:\Program Files\HP\HP ENVY 4500 series\Bin\DeviceSetup.exe FirewallRules: [{90E4DB0C-AEB4-4F85-847D-615778C987A3}] => (Allow) LPort=5357 FirewallRules: [{CE338207-8E7A-4AA9-8FCD-1540146F7645}] => (Allow) C:\Program Files\HP\HP ENVY 4500 series\Bin\HPNetworkCommunicatorCom.exe FirewallRules: [{0D2114FA-7737-4AA2-8657-79ED0CA38BF6}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe FirewallRules: [{ECE49C66-3847-41E6-A7DE-05802BE7D8FD}] => (Allow) C:\Program Files\Raptr\raptr.exe FirewallRules: [{42D0CDF1-2DA8-4E68-99AE-9BE1F3396446}] => (Allow) C:\Program Files\Raptr\raptr.exe FirewallRules: [{64CB515F-D742-4F61-9063-5AE1026BB53E}] => (Allow) C:\Program Files\Raptr\raptr_im.exe FirewallRules: [{45411032-FF0F-44EB-8823-76B740D77791}] => (Allow) C:\Program Files\Raptr\raptr_im.exe ==================== Wadliwe urządzenia w Menedżerze urządzeń ============= ==================== Błędy w Dzienniku zdarzeń: ========================= Dziennik Aplikacja: ================== Error: (10/13/2015 08:23:20 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: LENOVO-KOMPUTER) Description: Aktywacja aplikacji Microsoft.Windows.Cortana_cw5n1h2txyewy!CortanaUI nie powiodła się. Błąd: -2144927141. Więcej informacji można znaleźć w dzienniku Microsoft-Windows-TWinUI/Działa. Dziennik System: ============= Error: (10/13/2015 08:25:22 AM) (Source: Service Control Manager) (EventID: 7001) (User: ) Description: Usługa Adapter odbiornika Net.Tcp zależy od usługi Usługa udostępniania portów Net.Tcp, której nie można uruchomić z powodu następującego błędu: %%1058 Error: (10/13/2015 08:23:20 AM) (Source: DCOM) (EventID: 10010) (User: LENOVO-KOMPUTER) Description: CortanaUI.AppXtpp90jhw9p0njjb85kvhxpppgrqfp117.mca Error: (10/13/2015 08:23:15 AM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: Usługa Dostęp do danych użytkownika_Session2 niespodziewanie zakończyła pracę. Wystąpiło to razy: 1. W przeciągu 10000 milisekund zostanie podjęta następująca czynność korekcyjna: Uruchom usługę ponownie. Error: (10/13/2015 08:23:15 AM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: Usługa Magazyn danych użytkownika_Session2 niespodziewanie zakończyła pracę. Wystąpiło to razy: 1. W przeciągu 10000 milisekund zostanie podjęta następująca czynność korekcyjna: Uruchom usługę ponownie. Error: (10/13/2015 08:23:15 AM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: Usługa Dane kontaktowe_Session2 niespodziewanie zakończyła pracę. Wystąpiło to razy: 1. W przeciągu 10000 milisekund zostanie podjęta następująca czynność korekcyjna: Uruchom usługę ponownie. Error: (10/13/2015 08:23:15 AM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: Usługa Synchronizuj hosta_Session2 niespodziewanie zakończyła pracę. Wystąpiło to razy: 1. W przeciągu 10000 milisekund zostanie podjęta następująca czynność korekcyjna: Uruchom usługę ponownie. CodeIntegrity: =================================== Date: 2015-10-09 11:16:25.527 Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2015-10-09 11:16:25.511 Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2015-10-09 11:16:24.579 Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2015-10-09 11:16:24.526 Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2015-10-08 11:59:26.151 Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2015-10-08 11:59:26.141 Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2015-10-08 11:59:26.129 Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2015-10-08 11:59:09.449 Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2015-10-08 11:59:09.380 Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2015-10-08 11:59:09.245 Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements. ==================== Statystyki pamięci =========================== Procesor: Intel(R) Core(TM) i3-2330M CPU @ 2.20GHz Procent pamięci w użyciu: 50% Całkowita pamięć fizyczna: 3017.86 MB Dostępna pamięć fizyczna: 1479.46 MB Całkowita pamięć wirtualna: 6089.86 MB Dostępna pamięć wirtualna: 4084.04 MB ==================== Dyski ================================ Drive c: () (Fixed) (Total:47.75 GB) (Free:5.65 GB) NTFS Drive d: () (Fixed) (Total:101.2 GB) (Free:71.14 GB) NTFS ==================== MBR & Tablica partycji ================== ======================================================== Disk: 0 (MBR Code: Windows 7 or 8) (Size: 149.1 GB) (Disk ID: 46827CAC) Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS) Partition 2: (Not Active) - (Size=47.8 GB) - (Type=07 NTFS) Partition 3: (Not Active) - (Size=101.2 GB) - (Type=07 NTFS) ==================== Koniec Addition.txt ============================