Rezultaty skanu uzupełniającego Farbar Recovery Scan Tool (x64) Wersja:07-11-2015 Uruchomiony przez neonet (2015-11-13 10:40:47) Uruchomiony z C:\Users\neonet\Downloads Windows 10 Home (X64) (2015-09-26 13:33:05) Tryb startu: Normal ========================================================== ==================== Konta użytkowników: ============================= Administrator (S-1-5-21-1148755833-2698665270-1190731955-500 - Administrator - Disabled) Gość (S-1-5-21-1148755833-2698665270-1190731955-501 - Limited - Disabled) Konto domyślne (S-1-5-21-1148755833-2698665270-1190731955-503 - Limited - Disabled) neonet (S-1-5-21-1148755833-2698665270-1190731955-1001 - Administrator - Enabled) => C:\Users\neonet ==================== Centrum zabezpieczeń ======================== (Załączenie wejścia w fixlist spowoduje jego usunięcie.) AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} ==================== Zainstalowane programy ====================== (W fixlist dozwolone tylko załączanie programów adware z flagą "Hidden" w celu ich uwidocznienia. Programy adware powinny zostać w poprawny sposób odinstalowane.) µTorrent (HKU\S-1-5-21-1148755833-2698665270-1190731955-1001\...\uTorrent) (Version: 3.4.6.41322 - BitTorrent Inc.) Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 3.4.0.2710 - Adobe Systems Incorporated) AMD Catalyst Control Center (HKLM-x32\...\WUCCCApp) (Version: 1.00.0000 - AMD) AMD Catalyst Install Manager (HKLM\...\{E13CC139-F76A-FD1B-7348-7FF200715B65}) (Version: 8.0.916.0 - Advanced Micro Devices, Inc.) CCSDK (HKLM-x32\...\{AE75190B-11B4-4F90-8254-DAB275CF2557}_is1) (Version: 1.1.0.7 - Lenovo) Conexant HD Audio (HKLM\...\CNXT_AUDIO_HDA) (Version: 8.65.55.62 - Conexant) Dependency Package Update (Version: 1.6.29.00 - Lenovo Inc.) Hidden Dependency Package Update (Version: 1.6.36.00 - Lenovo Inc.) Hidden Dependency Package Update (x32 Version: 1.6.32.00 - Lenovo Group Limited) Hidden Dolby Digital Plus Advanced Audio (HKLM\...\{B0BFC63F-EA07-419E-960B-3FB2ED5DD0B2}) (Version: 7.5.1.1 - Dolby Laboratories Inc) Dropbox (HKLM-x32\...\Dropbox) (Version: 3.10.11 - Dropbox, Inc.) Dropbox Update Helper (x32 Version: 1.3.27.37 - Dropbox, Inc.) Hidden globalupdate Helper (x32 Version: 1.3.25.0 - globalupdate Inc.) Hidden <==== UWAGA Google Chrome (HKLM-x32\...\Google Chrome) (Version: 46.0.2490.86 - Google Inc.) Google Update Helper (x32 Version: 1.3.28.15 - Google Inc.) Hidden Instrukcje użytkownika (x32 Version: 3.0.0.3 - Lenovo) Hidden Intel(R) Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1008 - Intel Corporation) Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 10.0.28.1006 - Intel Corporation) Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.14.4062 - Intel Corporation) Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 13.5.0.1056 - Intel Corporation) Intel(R) Update Manager (HKLM-x32\...\{B991A1BC-DE0F-41B3-9037-B2F948F706EC}) (Version: 3.1.1228 - Intel Corporation) Lenovo Dependency Package (HKLM\...\Lenovo Dependency Package_is1) (Version: 1.6.36.00 - Lenovo Group Limited) Lenovo EasyCamera (HKLM-x32\...\{399C37FB-08AF-493B-BFED-20FBD85EDF7F}) (Version: 6.0.1324.7_WHQL - Sonix) Lenovo FusionEngine (HKLM-x32\...\Lenovo FusionEngine) (Version: 1.0.13.0 - Lenovo, Inc.) Lenovo OneKey Recovery (HKLM-x32\...\InstallShield_{46F4D124-20E5-4D12-BE52-EC177A7A4B42}) (Version: 8.1.0.2619 - CyberLink Corp.) Lenovo OneKey Recovery (Version: 8.1.0.2619 - CyberLink Corp.) Hidden Lenovo Patch Utility (x32 Version: 1.3.2.6 - Lenovo Group Limited) Hidden Lenovo Patch Utility 64 bit (Version: 1.3.2.6 - Lenovo Group Limited) Hidden Lenovo SHAREit (HKLM-x32\...\Lenovo SHAREit_is1) (Version: 2.0.5.0 - Lenovo Group Limited) LenovoUtility (HKLM-x32\...\InstallShield_{6ADA7E88-8D16-4D0D-BC90-2B93AC5E56DA}) (Version: 2.0.0.5 - Nazwa firmy) LenovoUtility (x32 Version: 2.0.0.5 - Nazwa firmy) Hidden Malwarebytes Anti-Malware wersja 2.2.0.1024 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.0.1024 - Malwarebytes) Maxthon Cloud Browser (HKLM-x32\...\Maxthon3) (Version: 4.4.2.2000 - Maxthon International Limited) Metric Collection SDK 35 (x32 Version: 1.2.0001.00 - Lenovo Group Limited) Hidden Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (HKLM-x32\...\{15134cb0-b767-4960-a911-f2d16ae54797}) (Version: 11.0.50727.1 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 (HKLM-x32\...\{22154f09-719a-4619-bb71-5b3356999fbf}) (Version: 11.0.50727.1 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation) NapiProjekt (2.2.0.2399) (HKLM-x32\...\NapiProjekt_is1) (Version: - ) OEM Application Profile (HKLM-x32\...\{B7A04A71-5DDD-9FA5-66ED-C3CC33152388}) (Version: 1.00.0000 - Advanced Micro Devices, Inc.) OneKey Optimizer (HKLM-x32\...\InstallShield_{D5D573DC-D989-4769-9B56-D6A7EA503D7F}) (Version: 1.1.20.16 - Lenovo) OneKey Optimizer (x32 Version: 1.1.20.16 - Lenovo) Hidden Opera Stable 32.0.1948.74 (HKLM-x32\...\Opera 32.0.1948.74) (Version: 32.0.1948.74 - Opera Software) Oprogramowanie mikroukładu Intel® (x32 Version: 10.0.22 - Intel(R) Corporation) Hidden Pakiet sterowników systemu Windows - Lenovo (ACPIVPC) System (09/24/2013 19.29.2.34) (HKLM\...\EE9B1F2037C580F36D92FA431CC02BFF04C31F15) (Version: 09/24/2013 19.29.2.34 - Lenovo) PokerStars.eu (HKLM-x32\...\PokerStars.eu) (Version: - PokerStars.eu) PX Profile Update (x32 Version: 1.00.1. - AMD) Hidden Qualcomm Atheros Bluetooth Suite (64) (HKLM\...\{A84A4FB1-D703-48DB-89E0-68B6499D2801}) (Version: 8.0.1.331 - Qualcomm Atheros Communications) Qualcomm Atheros Client Installation Program (HKLM-x32\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 10.0 - Qualcomm Atheros) Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 6.3.9600.39059 - Realtek Semiconductor Corp.) Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.33.529.2014 - Realtek) Skype™ 7.13 (HKLM-x32\...\{6A0549A9-1B96-498C-ACBC-3943001FEB19}) (Version: 7.13.101 - Skype Technologies S.A.) SopCast 4.0.0 (HKLM-x32\...\SopCast) (Version: 4.0.0 - www.sopcast.com) Spotify (HKU\S-1-5-21-1148755833-2698665270-1190731955-1001\...\Spotify) (Version: 1.0.16.104.g3b776c9e - Spotify AB) Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 19.0.16.0 - Synaptics Incorporated) User Manuals (HKLM-x32\...\InstallShield_{F07C2CF8-4C53-4EC3-8162-A6221E36EB88}) (Version: 3.0.0.3 - Lenovo) VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.1 - VideoLAN) WinRAR 5.21 (64-bitowy) (HKLM\...\WinRAR archiver) (Version: 5.21.0 - win.rar GmbH) wrzesien_2_2015_OG_v2 - Screen Saver (HKLM-x32\...\wrzesien_2_2015_OG_v2 - Screen Saver) (Version: - ) Xvid Video Codec (HKLM-x32\...\Xvid Video Codec 1.3.4) (Version: 1.3.4 - Xvid Team) ==================== Niestandardowe rejestracje CLSID (filtrowane): ========================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) ==================== Punkty Przywracania systemu ========================= 30-10-2015 18:33:16 Windows Update 06-11-2015 22:26:48 Zaplanowany punkt kontrolny 12-11-2015 12:44:44 Windows Update ==================== Hosts - zawartość: =============================== (Użycie dyrektywy Hosts: w fixlist spowoduje reset pliku Hosts.) 2013-08-22 14:25 - 2013-08-22 14:25 - 00000824 ____A C:\WINDOWS\system32\Drivers\etc\hosts ==================== Zaplanowane zadania (filtrowane) ============= (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) Task: {021C55BB-45A0-4606-B669-28DD42B18C5F} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> Brak pliku <==== UWAGA Task: {022D3F6B-557A-4313-B902-7EBFE76F15C6} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> Brak pliku <==== UWAGA Task: {038D21B4-D857-4421-9095-B639A15F7353} - System32\Tasks\eFyIMGaQfJ6D5IjmSmqMGHgyOke => C:\Users\neonet\AppData\Roaming\eFyIMGaQfJ6D5IjmSmqMGHgyOke.exe <==== UWAGA Task: {05BC3AA5-AF99-484D-A70E-70136528F717} - System32\Tasks\DropboxUpdateTaskMachineUA => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2015-09-26] (Dropbox, Inc.) Task: {0FB01C6D-DAE7-4F04-B607-025F3E154110} - \045046ba-99ea-4388-99ae-95274737524e-5 -> Brak pliku <==== UWAGA Task: {1389EF54-2F4F-4EF1-9B34-531C27D0185D} - System32\Tasks\Lenovo\Lenovo Customer Feedback Program 64 35 => C:\Program Files (x86)\Lenovo\Customer Feedback Program 35\Lenovo.TVT.CustomerFeedback.Agent35.exe [2014-05-30] (Lenovo) Task: {1B505AE3-BD17-4433-80C3-68CD5277D512} - \045046ba-99ea-4388-99ae-95274737524e-10_user -> Brak pliku <==== UWAGA Task: {1E9B1BDB-A39A-4322-B87C-0C3970882AF5} - \7944fab4-5f59-4fc6-a3dc-6e442d9a3c67-5_user -> Brak pliku <==== UWAGA Task: {211249A8-6DA8-4FE3-987E-3A8EF4930431} - \globalUpdateUpdateTaskMachineUA -> Brak pliku <==== UWAGA Task: {217226B7-0F97-462A-A91C-92A82E6C23B8} - \045046ba-99ea-4388-99ae-95274737524e-7 -> Brak pliku <==== UWAGA Task: {28FD3488-ACEB-4657-AD0C-83F616689630} - \7944fab4-5f59-4fc6-a3dc-6e442d9a3c67-11 -> Brak pliku <==== UWAGA Task: {29871219-CCB4-43EC-BCB8-501600844217} - \045046ba-99ea-4388-99ae-95274737524e-1-6 -> Brak pliku <==== UWAGA Task: {2E2FF472-F93B-489B-ADA0-4119A336C81A} - \7944fab4-5f59-4fc6-a3dc-6e442d9a3c67-3 -> Brak pliku <==== UWAGA Task: {304C2BF6-F4EF-4F27-AE72-E3A9EE5A36E7} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473-Logon => C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [2015-09-25] (Intel Corporation) Task: {3A894E66-A982-4B1D-8850-F996F1976E10} - System32\Tasks\Kit Rush => Rundll32.exe "C:\Users\neonet\AppData\Local\Kit Rush\xBin\KitRush.dll",#3 <==== UWAGA Task: {3EFB5C1D-BF8F-4E5E-AF41-08703C3FD08D} - \045046ba-99ea-4388-99ae-95274737524e-6 -> Brak pliku <==== UWAGA Task: {401FA033-7D8C-412A-92D8-5005380956C0} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> Brak pliku <==== UWAGA Task: {4685C283-69E9-454D-AA32-54C949279509} - \7944fab4-5f59-4fc6-a3dc-6e442d9a3c67-10_user -> Brak pliku <==== UWAGA Task: {46F2B8B5-7547-4A30-914D-BF70934A8CA1} - \globalUpdateUpdateTaskMachineCore -> Brak pliku <==== UWAGA Task: {4AF15C13-80AE-4692-ABEF-A6B60705818C} - System32\Tasks\Lenovo\Lenovo Customer Feedback Program 64 => C:\Program Files (x86)\Lenovo\Customer Feedback Program\Lenovo.TVT.CustomerFeedback.Agent.exe [2014-09-02] (Lenovo) Task: {5131790C-C880-4B6A-B678-8128A76D9491} - \045046ba-99ea-4388-99ae-95274737524e-11 -> Brak pliku <==== UWAGA Task: {56AF3BAE-4DBF-4CCE-B04A-FE5D0C265660} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-09-25] (Google Inc.) Task: {58CF0A75-3A62-42C6-BB50-4409DEB6F2AC} - \045046ba-99ea-4388-99ae-95274737524e-13 -> Brak pliku <==== UWAGA Task: {5FFBDB03-0298-49BC-8D6E-48C2BD6FC9C5} - \045046ba-99ea-4388-99ae-95274737524e-1-7 -> Brak pliku <==== UWAGA Task: {6A2AB691-8805-4D97-8D78-C050ED5ACE95} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473 => C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [2015-09-25] (Intel Corporation) Task: {6F297F76-A386-4ABD-AC86-AAB6BCEAEB57} - System32\Tasks\Opera scheduled Autoupdate 1443983093 => C:\Program Files (x86)\Opera\launcher.exe [2015-09-29] (Opera Software) Task: {71641CAC-2061-45EF-8172-7BEF214CD969} - \7944fab4-5f59-4fc6-a3dc-6e442d9a3c67-1-7 -> Brak pliku <==== UWAGA Task: {73F8A6F1-B5A7-480A-9007-5C4C2516A969} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> Brak pliku <==== UWAGA Task: {7513B110-6989-48BB-B057-1D3FC2D73FD4} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-09-25] (Google Inc.) Task: {78CF2B1F-E828-4EAC-8DE9-78F8420B0D0D} - System32\Tasks\PDVDServ Task => C:\Program Files (x86)\Lenovo\PowerDVD10\PDVD10Serv.EXE Task: {7C4EC84C-1FE4-4F07-A302-27C2A7C79CDC} - System32\Tasks\DropboxUpdateTaskMachineCore => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2015-09-26] (Dropbox, Inc.) Task: {81705234-A3FA-495E-A1C7-85FA5A41E064} - \7944fab4-5f59-4fc6-a3dc-6e442d9a3c67-6 -> Brak pliku <==== UWAGA Task: {8658FA01-D392-4C43-A8ED-F3495E9583D1} - \7944fab4-5f59-4fc6-a3dc-6e442d9a3c67-13 -> Brak pliku <==== UWAGA Task: {96BDD8F1-34E4-4C33-8475-90711506119C} - \7944fab4-5f59-4fc6-a3dc-6e442d9a3c67-14 -> Brak pliku <==== UWAGA Task: {98CD144A-F891-433D-85FB-A8BAE5DF8139} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> Brak pliku <==== UWAGA Task: {9A9EBCD5-0A74-4621-80D9-249225C9BBC9} - \7944fab4-5f59-4fc6-a3dc-6e442d9a3c67-7 -> Brak pliku <==== UWAGA Task: {9B8C8CFE-261B-494E-95E0-090CD26EDF9F} - System32\Tasks\Lenovo\Lenovo Customer Feedback Program => C:\Program Files\Lenovo\Customer Feedback Program\Lenovo.TVT.CustomerFeedback.Agent.exe Task: {A1252FC9-3AB6-4D75-B70B-2905969E1B4F} - \045046ba-99ea-4388-99ae-95274737524e-14 -> Brak pliku <==== UWAGA Task: {AA6E01F7-48CF-4375-85EC-0D97155D9F4B} - \SwiftSearch Auto Updater 1.10.0.25 Pending Update -> Brak pliku <==== UWAGA Task: {ACD08504-C192-4E0B-9A20-8D8BA0C41AFB} - \SwiftSearch Auto Updater 1.10.0.25 Core -> Brak pliku <==== UWAGA Task: {B2B283FB-5DAA-48F1-BB97-5EF7B9622117} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> Brak pliku <==== UWAGA Task: {B40417BD-4066-4BFA-B161-72CA2B9FB89E} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> Brak pliku <==== UWAGA Task: {B78831BC-9E2F-4791-94DF-2C794180D30F} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2015-11-12] (Microsoft Corporation) Task: {C17446ED-878F-4AE8-86AC-9890B7EDEC87} - System32\Tasks\Lenovo\Dependency Package Auto Update => C:\Program Files\Lenovo\iMController\AutoUpdate.exe [2015-03-06] () Task: {D655A0E9-687C-47C3-9B4B-136A9E6BADFE} - \045046ba-99ea-4388-99ae-95274737524e-5_user -> Brak pliku <==== UWAGA Task: {D7582635-CABC-4E6B-9758-5B529DDA4E0A} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> Brak pliku <==== UWAGA Task: {E62F65E0-47AA-44B2-B23E-46970CDA1D37} - \7944fab4-5f59-4fc6-a3dc-6e442d9a3c67-5 -> Brak pliku <==== UWAGA Task: {E93C6305-D9FB-4FFC-9521-1D422C1D9FA4} - System32\Tasks\Maxthon Update => C:\Program Files (x86)\Maxthon\Bin\Maxthon.exe [2014-09-11] (Maxthon International ltd.) Task: {EF5E5E83-D959-4ADA-886A-161D0DDAE70A} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> Brak pliku <==== UWAGA Task: {F0C2BC81-0C1E-4C0B-A566-4B7D4ADF54D7} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> Brak pliku <==== UWAGA Task: {FA9188F6-BC0F-43D0-96BD-7FABA1EE6F19} - \7944fab4-5f59-4fc6-a3dc-6e442d9a3c67-1-6 -> Brak pliku <==== UWAGA Task: {FC72ED8C-E3B4-4E64-9E30-5B75C443FA4B} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> Brak pliku <==== UWAGA Task: {FCAFA5BA-39F4-4C5A-8045-1B29D9340685} - \045046ba-99ea-4388-99ae-95274737524e-3 -> Brak pliku <==== UWAGA (Załączenie wejścia w fixlist spowoduje przesunięcie pliku zadania (.job). Plik uruchamiany docelowo przez zadanie nie zostanie przeniesiony.) Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe Task: C:\WINDOWS\Tasks\eFyIMGaQfJ6D5IjmSmqMGHgyOke.job => C:\Users\neonet\AppData\Roaming\eFyIMGaQfJ6D5IjmSmqMGHgyOke.exe <==== UWAGA Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe ==================== Załadowane moduły (filtrowane) ============== 2015-09-10 06:11 - 2015-09-10 06:11 - 00032768 _____ () C:\WINDOWS\SYSTEM32\licensemanagerapi.dll 2015-09-10 06:12 - 2015-09-10 06:12 - 00404480 _____ () C:\WINDOWS\System32\diagtrack_wininternal.dll 2015-10-01 18:23 - 2015-09-17 07:48 - 02494712 _____ () C:\WINDOWS\system32\CoreUIComponents.dll 2015-03-27 08:00 - 2014-11-17 15:35 - 00036632 _____ () C:\Program Files\Lenovo\OneKey Optimizer\bin\Metric.dll 2015-03-27 08:00 - 2014-11-17 15:35 - 00166680 _____ () C:\Program Files\Lenovo\OneKey Optimizer\bin\Lenovo.MetricCollectionMFCx64.dll 2015-10-01 18:23 - 2015-09-17 07:48 - 02494712 _____ () C:\WINDOWS\System32\CoreUIComponents.dll 2015-07-17 23:35 - 2015-07-17 23:35 - 00396688 _____ () C:\WINDOWS\system32\igfxTray.exe 2015-10-01 18:23 - 2015-09-17 06:48 - 00429056 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\QuickActions.dll 2015-10-01 18:24 - 2015-09-17 06:44 - 06569472 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll 2015-10-01 18:22 - 2015-09-17 06:42 - 00471040 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll 2015-10-01 18:22 - 2015-09-17 06:42 - 01808384 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll 2015-10-01 18:23 - 2015-09-17 06:43 - 02274816 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll 2015-03-27 07:46 - 2014-10-22 10:15 - 00644080 _____ () C:\Program Files (x86)\Lenovo\CCSDK\CCSDK.exe 2015-03-27 07:46 - 2014-10-22 10:15 - 00410096 _____ () C:\Program Files (x86)\Lenovo\CCSDK\WinGather.exe 2015-09-26 11:13 - 2015-11-05 00:44 - 00166416 _____ () C:\Program Files (x86)\Dropbox\Client\EnterpriseDataAdapter.dll 2015-11-13 10:33 - 2015-11-13 10:33 - 00071168 _____ () c:\users\neonet\appdata\local\temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpowf4la.dll 2015-09-26 11:13 - 2015-09-03 01:11 - 00012800 _____ () C:\Program Files (x86)\Dropbox\Client\QtQuick.2\qtquick2plugin.dll 2015-09-26 11:13 - 2015-09-03 01:11 - 00779776 _____ () C:\Program Files (x86)\Dropbox\Client\QtQuick\Controls\qtquickcontrolsplugin.dll 2015-09-26 11:13 - 2015-09-03 01:11 - 00056320 _____ () C:\Program Files (x86)\Dropbox\Client\QtQuick\Layouts\qquicklayoutsplugin.dll 2015-09-26 11:13 - 2015-09-03 01:11 - 00012288 _____ () C:\Program Files (x86)\Dropbox\Client\QtQuick\Window.2\windowplugin.dll 2015-11-12 09:30 - 2015-11-07 05:36 - 01532744 _____ () C:\Program Files (x86)\Google\Chrome\Application\46.0.2490.86\libglesv2.dll 2015-11-12 09:30 - 2015-11-07 05:36 - 00081224 _____ () C:\Program Files (x86)\Google\Chrome\Application\46.0.2490.86\libegl.dll 2014-09-03 11:03 - 2014-09-03 11:03 - 01241560 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll ==================== Alternate Data Streams (filtrowane) ========= (Załączenie wejścia w fixlist spowoduje usunięcie strumienia ADS.) AlternateDataStreams: C:\Users\neonet\Documents\IMG_20150618_211635.jpg:com.dropbox.attributes ==================== Tryb awaryjny (filtrowane) =================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Wartość "AlternateShell" zostanie przywrócona.) ==================== EXE - Powiązania (filtrowane) =============== (Załączenie wejścia w fixlist spowoduje usunięcie obiektu z rejestru lub przywrócenie jego domyślnej postaci.) ==================== Internet Explorer - Witryny zaufane i z ograniczeniami =============== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru.) ==================== Inne obszary ============================ (Obecnie brak automatycznej naprawy dla tej sekcji.) HKU\S-1-5-21-1148755833-2698665270-1190731955-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\neonet\Pictures\sunset.jpg DNS Servers: 62.179.1.61 - 62.179.1.63 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1) Zapora systemu Windows [funkcja włączona] ==================== MSCONFIG/TASK MANAGER - Wyłączone elementy == (Obecnie brak automatycznej naprawy dla tej sekcji.) HKLM\...\StartupApproved\Run: => "ForteConfig" HKLM\...\StartupApproved\Run: => "LenovoUtility" HKLM\...\StartupApproved\Run: => "OneKeyOptimizer" HKU\S-1-5-21-1148755833-2698665270-1190731955-1001\...\StartupApproved\Run: => "Skype" HKU\S-1-5-21-1148755833-2698665270-1190731955-1001\...\StartupApproved\Run: => "Spotify" HKU\S-1-5-21-1148755833-2698665270-1190731955-1001\...\StartupApproved\Run: => "OneDrive" ==================== Reguły Zapory systemu Windows (filtrowane) =============== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139 FirewallRules: [UDP Query User{3E65DEE2-8054-49D0-A01E-ECE87BE56ED5}C:\users\neonet\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\neonet\appdata\roaming\spotify\spotify.exe FirewallRules: [TCP Query User{6F70E7C0-94A4-49AA-A1A9-DA2737079EB2}C:\users\neonet\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\neonet\appdata\roaming\spotify\spotify.exe FirewallRules: [UDP Query User{1726A10E-02D8-4783-86CB-3705A4074D44}C:\program files (x86)\skype\phone\skype.exe] => (Block) C:\program files (x86)\skype\phone\skype.exe FirewallRules: [TCP Query User{EE2EB68A-7AEB-43AA-8171-C7C5150C36C6}C:\program files (x86)\skype\phone\skype.exe] => (Block) C:\program files (x86)\skype\phone\skype.exe FirewallRules: [UDP Query User{4B860EB3-BD9E-462D-ADE8-4D8B7E12EDEA}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe FirewallRules: [TCP Query User{7B5C8727-9EE9-411F-B4CB-ACCA10183EA9}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe FirewallRules: [UDP Query User{6655FD53-2949-46FE-92B1-BA30C0F7B626}C:\users\neonet\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\neonet\appdata\roaming\spotify\spotify.exe FirewallRules: [TCP Query User{B7015C92-EC06-4923-89A7-24BE5104A8C5}C:\users\neonet\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\neonet\appdata\roaming\spotify\spotify.exe FirewallRules: [{52A6F54F-BB30-4179-9AC3-26B77C3E6C81}] => (Allow) LPort=65396 FirewallRules: [{0103078A-E47B-4FC1-A46B-A5401ABD1346}] => (Allow) LPort=65396 FirewallRules: [{ACE5809B-9890-4560-9D5B-A1FC70F50332}] => (Allow) LPort=65395 FirewallRules: [{D7573067-7CAD-4E38-809B-5ACA467E23BB}] => (Allow) LPort=65395 FirewallRules: [{DF6A75BE-02B9-4BFE-AD46-F09A41C127E1}] => (Allow) LPort=65395 FirewallRules: [{3D1C7E50-D983-448B-8F70-12F36C64C197}] => (Allow) LPort=65395 FirewallRules: [{1B7F8673-7914-4C71-8CA1-E37B806F83EC}] => (Allow) LPort=65394 FirewallRules: [{F796AFA3-B157-4203-B40C-F0E72CB72729}] => (Allow) LPort=65394 FirewallRules: [{BF8835F8-9473-4B7F-8F4C-D30DA345EBC6}] => (Allow) LPort=65393 FirewallRules: [{B0B3C9FF-4C0A-43E6-99F7-EB1A4B820489}] => (Allow) LPort=65393 FirewallRules: [{BA1D1C38-2DE1-4113-9DF9-838C4C3B0FF9}] => (Allow) LPort=65389 FirewallRules: [{721AB186-5423-4F77-9F6B-0E3CF8B990E9}] => (Allow) LPort=65389 FirewallRules: [{74B283BD-2244-4793-ACCB-897D856EA54E}] => (Allow) LPort=65388 FirewallRules: [{B2D56103-226E-4D02-8F1D-8D451FDA72F4}] => (Allow) LPort=65388 FirewallRules: [{C468A682-C7DC-4661-A63C-E23152EF4B5C}] => (Allow) LPort=65387 FirewallRules: [{9269EEE5-8294-4C68-A9E3-ECDF977A2A4D}] => (Allow) LPort=65387 FirewallRules: [{04021738-1327-44CF-8812-F3C446A8C176}] => (Allow) C:\Program Files (x86)\Intel IPOS Cycle 1 2015\iPOS.exe FirewallRules: [{3005E562-EBB8-4466-BE9B-605B44EC0365}] => (Allow) C:\Program Files (x86)\Intel IPOS Cycle 1 2015\iPOS.exe FirewallRules: [{54F3880D-ACF3-4E3E-A785-DBA70530363A}] => (Allow) C:\ProgramData\TCE\Proj2171\ConnectedClient\iPOSConnected.ClientShell.exe FirewallRules: [{673F8220-E0E0-4330-A6CB-FF39FCFA89F1}] => (Allow) C:\ProgramData\TCE\Proj2171\ConnectedClient\iPOSConnected.ClientShell.exe FirewallRules: [{4E1F9837-0D77-40F2-B938-C629B154CF11}] => (Allow) C:\Program Files\Lenovo PhotoMasterImport\PhotoMasterImport.exe FirewallRules: [{0E86C0DD-B011-4EFD-8EEC-A8F9C8B0ABEE}] => (Allow) LPort=55100 FirewallRules: [{4CF983B2-90F4-4721-AB13-68499A748405}] => (Allow) C:\Program Files (x86)\Maxthon\Bin\MxUp.exe FirewallRules: [{EB4FA915-A360-4F1D-9714-2E6AA25CFBBE}] => (Allow) C:\Program Files (x86)\Maxthon\Bin\MxUp.exe FirewallRules: [{57613F8E-BA5C-4318-881C-8FA207EBC967}] => (Allow) C:\Program Files (x86)\Maxthon\Bin\Maxthon.exe FirewallRules: [{8ADD1955-E75A-415D-82A2-04E61594EBAB}] => (Allow) C:\Program Files (x86)\Maxthon\Bin\Maxthon.exe FirewallRules: [{98756760-733B-4E25-B099-915FA4E156C8}] => (Allow) C:\Program Files (x86)\Lenovo\SHAREit\SHAREit.exe FirewallRules: [{4F41018D-D072-46EE-8F35-270508A1C707}] => (Allow) C:\Program Files (x86)\Lenovo\SHAREit\SHAREit.exe FirewallRules: [{AA734312-F308-4DB1-B7B1-652FC772E670}] => (Allow) C:\Program Files (x86)\NapiProjekt\napisy.exe FirewallRules: [{2C6368AE-7E22-4B0C-9EDE-2A87772DDE3D}] => (Allow) C:\Program Files (x86)\NapiProjekt\napisy.exe FirewallRules: [TCP Query User{951EFD3E-A462-4222-A076-91DCF26F351A}C:\program files (x86)\sopcast\sopcast.exe] => (Allow) C:\program files (x86)\sopcast\sopcast.exe FirewallRules: [UDP Query User{5E713B5E-ECA1-4D98-8778-74C68AD241E6}C:\program files (x86)\sopcast\sopcast.exe] => (Allow) C:\program files (x86)\sopcast\sopcast.exe FirewallRules: [{9ED7FC80-04FA-470D-B8DC-4FBE1E2396A9}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe FirewallRules: [{5127DD87-10ED-4299-BFE9-2E4807810221}] => (Allow) C:\Users\neonet\AppData\Roaming\uTorrent\uTorrent.exe FirewallRules: [{435BBC74-3FB4-4338-8E36-58CCB4FBB49B}] => (Allow) C:\Users\neonet\AppData\Roaming\uTorrent\uTorrent.exe FirewallRules: [{A78BED30-A667-46A3-932E-3045B005B8FF}] => (Allow) C:\Users\neonet\AppData\Roaming\uTorrent\uTorrent.exe FirewallRules: [{F01FF0C1-7AA3-4E8B-9B43-86EC6E01DE51}] => (Allow) C:\Users\neonet\AppData\Roaming\uTorrent\uTorrent.exe FirewallRules: [{C103DBC7-AF23-4078-A728-AFCF2989810B}] => (Allow) C:\Users\neonet\AppData\Roaming\uTorrent\uTorrent.exe FirewallRules: [{3E92692F-B6F8-484A-8F59-297EC8BE5D4B}] => (Allow) C:\Users\neonet\AppData\Roaming\uTorrent\uTorrent.exe FirewallRules: [{28D197A4-72E8-493F-95F7-59A63C39A2E3}] => (Allow) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe ==================== Wadliwe urządzenia w Menedżerze urządzeń ============= ==================== Błędy w Dzienniku zdarzeń: ========================= Dziennik Aplikacja: ================== Error: (11/13/2015 10:37:09 AM) (Source: lupdate) (EventID: 0) (User: ) Description: lupdateloopTime is failed w/err 0x00000452 Error: (11/13/2015 09:33:20 AM) (Source: lupdate) (EventID: 0) (User: ) Description: lupdateloopTime is failed w/err 0x00002a94 Error: (11/13/2015 09:33:20 AM) (Source: lupdate) (EventID: 0) (User: ) Description: lupdateloopNum1++, loopNum1 is failed w/err 0x00000001 Error: (11/13/2015 09:22:30 AM) (Source: lupdate) (EventID: 0) (User: ) Description: lupdateloopTime is failed w/err 0x00000288 Error: (11/13/2015 09:13:53 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: Lenovo-PC) Description: Aktywacja aplikacji Microsoft.Windows.Cortana_cw5n1h2txyewy!CortanaUI nie powiodła się. Błąd: -2147023170. Więcej informacji można znaleźć w dzienniku Microsoft-Windows-TWinUI/Działa. Error: (11/13/2015 09:13:53 AM) (Source: Application Error) (EventID: 1000) (User: ) Description: Nazwa aplikacji powodującej błąd: SearchUI.exe, wersja: 10.0.10240.16515, sygnatura czasowa: 0x55fa5578 Nazwa modułu powodującego błąd: CortanaApi.dll, wersja: 0.0.0.0, sygnatura czasowa: 0x55fa5354 Kod wyjątku: 0x80000003 Przesunięcie błędu: 0x0000000000151a73 Identyfikator procesu powodującego błąd: 0x8 Godzina uruchomienia aplikacji powodującej błąd: 0xSearchUI.exe0 Ścieżka aplikacji powodującej błąd: SearchUI.exe1 Ścieżka modułu powodującego błąd: SearchUI.exe2 Identyfikator raportu: SearchUI.exe3 Pełna nazwa pakietu powodującego błąd: SearchUI.exe4 Identyfikator aplikacji względem pakietu powodującego błąd: SearchUI.exe5 Error: (11/13/2015 09:08:00 AM) (Source: lupdate) (EventID: 0) (User: ) Description: lupdateloopTime is failed w/err 0x00002d96 Error: (11/13/2015 09:08:00 AM) (Source: lupdate) (EventID: 0) (User: ) Description: lupdateloopNum1++, loopNum1 is failed w/err 0x00000001 Error: (11/13/2015 08:53:07 AM) (Source: lupdate) (EventID: 0) (User: ) Description: lupdateloopTime is failed w/err 0x0000037b Error: (11/13/2015 08:42:57 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: Lenovo-PC) Description: Aktywacja aplikacji Microsoft.Windows.Cortana_cw5n1h2txyewy!CortanaUI nie powiodła się. Błąd: -2144927141. Więcej informacji można znaleźć w dzienniku Microsoft-Windows-TWinUI/Działa. Dziennik System: ============= Error: (11/13/2015 10:31:33 AM) (Source: sptd) (EventID: 4) (User: ) Description: Sterownik wykrył błąd wewnętrzny w swoich strukturach danych dla . Error: (11/13/2015 10:31:21 AM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Nie można uruchomić usługi Windows Search z powodu następującego błędu: %%1069 Error: (11/13/2015 10:31:21 AM) (Source: Service Control Manager) (EventID: 7038) (User: ) Description: Usługa WSearch nie może zalogować się jako NT AUTHORITY\SYSTEM za pomocą obecnie skonfigurowanego hasła z powodu następującego błędu: %%50 Aby upewnić się, że usługa jest skonfigurowana prawidłowo, użyj przystawki Usługi w programie Microsoft Management Console (MMC). Error: (11/13/2015 10:31:11 AM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: Usługa Synchronizuj hosta_Session1 niespodziewanie zakończyła pracę. Wystąpiło to razy: 1. W przeciągu 10000 milisekund zostanie podjęta następująca czynność korekcyjna: Uruchom usługę ponownie. Error: (11/13/2015 10:30:52 AM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: Usługa lupdate niespodziewanie zakończyła pracę. Wystąpiło to razy: 1. Error: (11/13/2015 10:30:52 AM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: Usługa Intel(R) Dynamic Application Loader Host Interface Service niespodziewanie zakończyła pracę. Wystąpiło to razy: 1. Error: (11/13/2015 10:30:52 AM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: Usługa Intel® ME Service niespodziewanie zakończyła pracę. Wystąpiło to razy: 1. Error: (11/13/2015 10:30:52 AM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: Usługa Intel(R) Rapid Storage Technology niespodziewanie zakończyła pracę. Wystąpiło to razy: 1. Error: (11/13/2015 10:30:52 AM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: Usługa CCSDK niespodziewanie zakończyła pracę. Wystąpiło to razy: 1. Error: (11/13/2015 10:30:51 AM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: Usługa Windows Search niespodziewanie zakończyła pracę. Wystąpiło to razy: 1. W przeciągu 30000 milisekund zostanie podjęta następująca czynność korekcyjna: Uruchom usługę ponownie. CodeIntegrity: =================================== Date: 2015-11-12 16:31:57.471 Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Windows\System32\amdhdl64.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2015-11-12 12:10:12.060 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\amdhdl64.dll because the set of per-page image hashes could not be found on the system. Date: 2015-11-12 12:05:31.599 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\amdhdl64.dll because the set of per-page image hashes could not be found on the system. Date: 2015-11-06 21:54:43.161 Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Windows\System32\amdhdl64.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2015-10-04 11:05:48.644 Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Windows\System32\amdhdl64.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2015-10-03 14:28:33.392 Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Windows\System32\amdhdl64.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2015-09-28 19:54:35.690 Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Windows\System32\amdhdl64.dll that did not meet the Custom 3 / Antimalware signing level requirements. ==================== Statystyki pamięci =========================== Procesor: Intel(R) Core(TM) i7-5500U CPU @ 2.40GHz Procent pamięci w użyciu: 59% Całkowita pamięć fizyczna: 4010.45 MB Dostępna pamięć fizyczna: 1634.93 MB Całkowita pamięć wirtualna: 4778.45 MB Dostępna pamięć wirtualna: 1984.35 MB ==================== Dyski ================================ Drive c: (Windows8_OS) (Fixed) (Total:889.74 GB) (Free:858.5 GB) NTFS ==>[system z komponentami startowymi (pozyskano odczytując dysk)] Drive d: (Damian) (Fixed) (Total:25 GB) (Free:22.98 GB) NTFS Drive f: () (Removable) (Total:7.39 GB) (Free:1.26 GB) FAT32 ==================== MBR & Tablica partycji ================== ======================================================== Disk: 0 (Size: 931.5 GB) (Disk ID: C7098DAB) Partition: GPT. ======================================================== Disk: 1 (Size: 7.4 GB) (Disk ID: 00000000) Partition: GPT. ==================== Koniec Addition.txt ============================