Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

Annoying pop ups. [Closed]

Started by SawakoChan1 , Nov 12 2015 12:36 PM
#ads #opera #browser

  • This topic is locked This topic is locked

#1
SawakoChan1
Posted 12 November 2015 - 12:36 PM

SawakoChan1

    New Member

  • Member
  • Pip
  • 3 posts

Hello, recently while using opera browser there is one thing which annoys me especially - when I want to find something by writing it in google browser, suddenly it changes to sites called "http://home.searchpile.com"or "http://www.volunteercentre.org/search". I often download things like cracks, keygens for games or movies, games, music and mods for the sims 3. What's more the browser is way slower than before, it takes so long to open new site or load video on youtube. I hope someone can help me :) (sorry for my bad English)

 

Here are the logs:

 

Rezultaty skanowania Farbar Recovery Scan Tool (FRST) (x64) Wersja:07-11-2015
Uruchomiony przez Sawako (administrator)  LENOVO-PC (12-11-2015 19:19:35)
Uruchomiony z C:\Users\Ania\Desktop
Załadowane profile: Sawako (Dostępne profile: Sawako & Administrator)
Platform: Windows 10 Home (X64) Język: Polski (Polska)
Internet Explorer Wersja 11 (Domyślna przeglądarka: Opera)
Tryb startu: Normal
Instrukcja obsługi Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/
 
==================== Procesy (filtrowane) =================
 
(Załączenie wejścia w fixlist spowoduje zamknięcie procesu. Powiązany plik nie zostanie przeniesiony.)
 
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Pen\WTabletServiceCon.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Avast Software s.r.o.) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Intel® Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe
(Lenovo(beijing) Limited) C:\Program Files (x86)\Lenovo\Lenovo Updates\LUService.exe
(Lenovo(beijing) Limited) C:\Program Files (x86)\Lenovo\Lenovo Settings\LenovoSetSvr.exe
(LENOVO INCORPORATED.) C:\Program Files\Lenovo\iMController\SystemAgentService.exe
(Lenovo(beijing) Limited) C:\Windows\System32\LenovoWiFiHotspotSvr.exe
(PointGrab LTD) C:\Program Files (x86)\Lenovo\Motion Control\PGService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(PointGrab LTD) C:\Program Files (x86)\Lenovo\Motion Control\PG_Service_Launcher.exe
(Lenovo) C:\Program Files\Lenovo PhoneCompanion\PhoneCompanionPusher.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(DEVGURU Co., LTD.) C:\Program Files (x86)\Samsung\USB Drivers\25_escape\conn\ss_conn_service.exe
(PointGrab LTD) C:\Program Files (x86)\Lenovo\Motion Control\WebcamSplitterServer.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Pen\Pen_TabletUser.exe
(Wacom Technology) C:\Program Files\Tablet\Pen\WacomHost.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Pen\Pen_Tablet.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Pen\Pen_TouchUser.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Lenovo(beijing) Limited) C:\Program Files (x86)\Lenovo\Energy Manager\utility.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Avast Software s.r.o.) C:\Program Files\AVAST Software\Avast\avastui.exe
(Samsung Electronics Co., Ltd.) C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe
(Lenovo(beijing) Limited) C:\Program Files (x86)\Lenovo\Lenovo Updates\LU.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® ME FW Recovery Agent\bin\ismagent.exe
() C:\Program Files (x86)\Intel\Intel® ME FW Recovery Agent\bin\updateui.exe
(Opera Software) C:\Program Files (x86)\Opera\29.0.1795.60\opera.exe
() C:\Program Files (x86)\Opera\29.0.1795.60\opera_crashreporter.exe
(Opera Software) C:\Program Files (x86)\Opera\29.0.1795.60\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\29.0.1795.60\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\29.0.1795.60\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\29.0.1795.60\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\29.0.1795.60\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\29.0.1795.60\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\29.0.1795.60\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\29.0.1795.60\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\29.0.1795.60\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\29.0.1795.60\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\29.0.1795.60\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\29.0.1795.60\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\29.0.1795.60\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\29.0.1795.60\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\29.0.1795.60\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\29.0.1795.60\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\29.0.1795.60\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\29.0.1795.60\opera.exe
 
 
==================== Rejestr (filtrowane) ===========================
 
(Załączenie wejścia w fixlist spowoduje usunięcie obiektu z rejestru lub przywrócenie jego domyślnej postaci. Powiązany plik nie zostanie przeniesiony.)
 
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13885696 2015-06-24] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_Dolby] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1402624 2015-06-24] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_LENOVO_DOLBYDRAGON] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1402624 2015-06-24] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_LENOVO_MICPKEY] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1402624 2015-06-24] (Realtek Semiconductor)
HKLM\...\Run: [RtsFT] => C:\WINDOWS\RTFTrack.exe [5060864 2015-06-16] (Realtek semiconductor)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2234144 2014-01-21] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\WINDOWS\system32\rundll32.exe C:\WINDOWS\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [OnekeyStudio] => C:\Program Files\Lenovo\Onekey Theater\OnekeyStudio.exe [4196432 2012-09-14] (Lenovo)
HKLM\...\Run: [PhoneCompanion] => C:\Program Files\Lenovo PhoneCompanion\Phone Companion.exe [836592 2014-09-08] (Lenovo)
HKLM\...\Run: [Energy Manager] => C:\Program Files (x86)\Lenovo\Energy Manager\Energy Manager.exe [16094704 2014-09-08] (Lenovo(beijing) Limited)
HKLM\...\Run: [Lenovo Utility] => C:\Program Files (x86)\Lenovo\Energy Manager\Utility.exe [10841584 2014-09-08] (Lenovo(beijing) Limited)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [3947704 2015-09-10] (Synaptics Incorporated)
HKLM-x32\...\Run: [BambooCore] => C:\Program Files (x86)\Bamboo Dock\BambooCore.exe [646744 2012-10-16] ()
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [5515496 2015-06-06] (Avast Software s.r.o.)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [937920 2011-06-06] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [KiesTrayAgent] => C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe [311616 2015-07-27] (Samsung Electronics Co., Ltd.)
HKLM\...\Policies\Explorer: [NoFolderOptions] 0
HKLM\...\Policies\Explorer: [NoControlPanel] 0
HKU\S-1-5-21-2839323705-3564200330-1895575039-1001\...\Run: [SoftonicAssistant] => C:\Users\Ania\AppData\Local\SoftonicAssistant\SoftonicAssistant.exe [1829832 2014-11-11] ()
HKU\S-1-5-21-2839323705-3564200330-1895575039-1001\...\Run: [DAEMON Tools Lite] => C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3696912 2014-03-04] (Disc Soft Ltd)
HKU\S-1-5-21-2839323705-3564200330-1895575039-1001\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [53655680 2015-07-28] (Skype Technologies S.A.)
HKU\S-1-5-21-2839323705-3564200330-1895575039-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [3011152 2015-11-10] (Valve Corporation)
HKU\S-1-5-21-2839323705-3564200330-1895575039-1001\...\Run: [msnmsgr] => C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe [4272840 2014-03-31] (Microsoft Corporation)
HKU\S-1-5-21-2839323705-3564200330-1895575039-1001\...\Run: [uTorrent] => C:\Users\Ania\AppData\Roaming\uTorrent\uTorrent.exe [1822048 2015-10-08] (BitTorrent Inc.)
ShellIconOverlayIdentifiers: [00001LenovoSyncComplete] -> {1E9CED2C-E7B4-4C47-B07A-25416393B67B} => C:\Program Files\Hightail\Hightail for Lenovo\YSINSE64.dll [2014-06-23] (Hightail Inc.)
ShellIconOverlayIdentifiers: [00002LenovoSyncActive] -> {C1285F4D-918F-4EF2-BC94-CAD5B118C835} => C:\Program Files\Hightail\Hightail for Lenovo\YSINSE64.dll [2014-06-23] (Hightail Inc.)
ShellIconOverlayIdentifiers: [00003LenovoSyncError] -> {CE5633DA-1488-4D1D-9A9B-B500297D4A8C} => C:\Program Files\Hightail\Hightail for Lenovo\YSINSE64.dll [2014-06-23] (Hightail Inc.)
ShellIconOverlayIdentifiers: [00004LenovoLocalOnly] -> {C7362DA9-D3AC-4C17-B2F5-2F1823FA04C3} => C:\Program Files\Hightail\Hightail for Lenovo\YSINSE64.dll [2014-06-23] (Hightail Inc.)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2015-06-06] (Avast Software s.r.o.)
ShellIconOverlayIdentifiers-x32: [00001LenovoSyncComplete] -> {1E9CED2C-E7B4-4C47-B07A-25416393B67B} => C:\Program Files (x86)\Hightail\Hightail for Lenovo\YSINSE.dll [2014-06-23] (Hightail Inc.)
ShellIconOverlayIdentifiers-x32: [00002LenovoSyncActive] -> {C1285F4D-918F-4EF2-BC94-CAD5B118C835} => C:\Program Files (x86)\Hightail\Hightail for Lenovo\YSINSE.dll [2014-06-23] (Hightail Inc.)
ShellIconOverlayIdentifiers-x32: [00003LenovoSyncError] -> {CE5633DA-1488-4D1D-9A9B-B500297D4A8C} => C:\Program Files (x86)\Hightail\Hightail for Lenovo\YSINSE.dll [2014-06-23] (Hightail Inc.)
ShellIconOverlayIdentifiers-x32: [00004LenovoLocalOnly] -> {C7362DA9-D3AC-4C17-B2F5-2F1823FA04C3} => C:\Program Files (x86)\Hightail\Hightail for Lenovo\YSINSE.dll [2014-06-23] (Hightail Inc.)
GroupPolicy: Ograniczenia - Chrome <======= UWAGA
CHR HKLM\SOFTWARE\Policies\Google: Ograniczenia <======= UWAGA
CHR HKU\S-1-5-21-2839323705-3564200330-1895575039-1001\SOFTWARE\Policies\Google: Ograniczenia <======= UWAGA
 
==================== Internet (filtrowane) ====================
 
(Załączenie wejścia w fixlist, w przypadku gdy jest to obiekt rejestru, spowoduje usunięcie go z rejestru lub przywrócenie jego domyślnej postaci.)
 
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{b45659d5-0e56-4668-9ba0-803041b52e37}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{c8c033b9-ca08-4baa-a6d5-360b1b3a4999}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{e1eee559-802c-45ca-9e41-958b9f8f3438}: [DhcpNameServer] 169.254.224.91
 
Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.mystartsearch.com/web/?type=ds&ts=1424009907&from=wpc&uid=WDCXWD10S21X-24R1BT0-SSHD-8GB_WD-WX51A24Y5750Y5750&q={searchTerms}
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.mystartsearch.com/?type=hp&ts=1424009907&from=wpc&uid=WDCXWD10S21X-24R1BT0-SSHD-8GB_WD-WX51A24Y5750Y5750
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.mystartsearch.com/web/?type=ds&ts=1424009907&from=wpc&uid=WDCXWD10S21X-24R1BT0-SSHD-8GB_WD-WX51A24Y5750Y5750&q={searchTerms}
HKU\S-1-5-21-2839323705-3564200330-1895575039-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkID=617912&ResetID=130892338235290741&GUID=85F7429F-5084-4E74-8E04-CFE4F9E8D129
HKU\S-1-5-21-2839323705-3564200330-1895575039-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.mystartsearch.com/?type=hp&ts=1424009907&from=wpc&uid=WDCXWD10S21X-24R1BT0-SSHD-8GB_WD-WX51A24Y5750Y5750
HKU\S-1-5-21-2839323705-3564200330-1895575039-1001\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = hxxp://www.lenovo.com
SearchScopes: HKLM -> DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSERBM&pc=MSERT1
SearchScopes: HKLM -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSERBM&pc=MSERT1
SearchScopes: HKLM-x32 -> DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSERBM&pc=MSERT1
SearchScopes: HKLM-x32 -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSERBM&pc=MSERT1
SearchScopes: HKU\S-1-5-21-2839323705-3564200330-1895575039-1001 -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.mystartsearch.com/web/?type=ds&ts=1424009907&from=wpc&uid=WDCXWD10S21X-24R1BT0-SSHD-8GB_WD-WX51A24Y5750Y5750&q={searchTerms}
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll [2015-09-29] (Microsoft Corporation)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2015-06-06] (Avast Software s.r.o.)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL [2015-10-28] (Microsoft Corporation)
BHO-x32: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2011-06-06] (Adobe Systems Incorporated)
BHO-x32: High Stairs -> {45e60e41-85ee-4c01-9dac-1ecb9bf64179} -> C:\Program Files (x86)\High Stairs\Extensions\45e60e41-85ee-4c01-9dac-1ecb9bf64179.dll => Brak pliku
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2015-06-06] (Avast Software s.r.o.)
Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL [2015-02-03] (Microsoft Corporation)
 
FireFox:
========
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation)
FF Plugin: @wacom.com/wtPlugin,version=2.1.0.3 -> C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll [2012-12-25] (Wacom)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-09-16] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-09-16] (Intel Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL [2015-03-03] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation)
FF Plugin-x32: @wacom.com/wtPlugin,version=2.1.0.3 -> C:\Program Files (x86)\TabletPlugins\npWacomTabletPlugin.dll [2012-12-25] (Wacom)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll [2011-06-06] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-2839323705-3564200330-1895575039-1001: wacom.com/WacomTabletPlugin -> C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll [2012-12-25] (Wacom)
FF HKLM-x32\...\Firefox\Extensions: [[email protected]] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2015-06-06] [Brak podpisu cyfrowego]
 
Chrome: 
=======
CHR dev: Chrome dev build wykryto! <======= UWAGA
CHR Profile: C:\Users\Ania\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Slides) - C:\Users\Ania\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-04-19] [UpdateUrl: hxxps://epicunitscan.info/00service/update2/crx] <==== UWAGA
CHR Extension: (Google Docs) - C:\Users\Ania\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-04-19] [UpdateUrl: hxxps://epicunitscan.info/00service/update2/crx] <==== UWAGA
CHR Extension: (Google Drive) - C:\Users\Ania\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-04-19] [UpdateUrl: hxxps://epicunitscan.info/00service/update2/crx] <==== UWAGA
CHR Extension: (Vocabla: translate English words) - C:\Users\Ania\AppData\Local\Google\Chrome\User Data\Default\Extensions\bchnamjcpocgphheheekmchilaabjdnb [2015-05-05] [UpdateUrl: hxxps://epicunitscan.info/00service/update2/crx] <==== UWAGA
CHR Extension: (YouTube) - C:\Users\Ania\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-04-19]
CHR Extension: (Google Search) - C:\Users\Ania\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-04-19]
CHR Extension: (Share link via email) - C:\Users\Ania\AppData\Local\Google\Chrome\User Data\Default\Extensions\ejdbkikfbnnhmachnnomjfgjbgkcnjkb [2015-05-27] [UpdateUrl: hxxps://epicunitscan.info/00service/update2/crx] <==== UWAGA
CHR Extension: (Google Sheets) - C:\Users\Ania\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-04-19] [UpdateUrl: hxxps://epicunitscan.info/00service/update2/crx] <==== UWAGA
CHR Extension: (Słownik an-pl) - C:\Users\Ania\AppData\Local\Google\Chrome\User Data\Default\Extensions\gdimodggclcfachocbnfnciifajkmfpc [2015-04-21]
CHR Extension: (Bookmark Manager) - C:\Users\Ania\AppData\Local\Google\Chrome\User Data\Default\Extensions\gmlllbghnfkpflemihljekbapjopfjik [2015-04-21] [UpdateUrl: hxxps://epicunitscan.info/00service/update2/crx] <==== UWAGA
CHR Extension: (Lone Tree) - C:\Users\Ania\AppData\Local\Google\Chrome\User Data\Default\Extensions\hfmkllfplegemejikoabfpjdaoncphip [2015-04-21]
CHR Extension: (Double Trans) - C:\Users\Ania\AppData\Local\Google\Chrome\User Data\Default\Extensions\igkpinhkgghcbpmhokkfgjecjndmahle [2015-05-05] [UpdateUrl: hxxps://epicunitscan.info/00service/update2/crx] <==== UWAGA
CHR Extension: (Instant Translate) - C:\Users\Ania\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihmgiclibbndffejedjimfjmfoabpcke [2015-05-05] [UpdateUrl: hxxps://epicunitscan.info/00service/update2/crx] <==== UWAGA
CHR Extension: (No Cyrus) - C:\Users\Ania\AppData\Local\Google\Chrome\User Data\Default\Extensions\iongpbleobggjpbababalgpaabhhggaf [2015-07-27]
CHR Extension: (Instagram for Chrome Tabs  Instatabs) - C:\Users\Ania\AppData\Local\Google\Chrome\User Data\Default\Extensions\mipnjnddbpbdmbpjafflemfdefjlibod [2015-06-02] [UpdateUrl: hxxps://epicunitscan.info/00service/update2/crx] <==== UWAGA
CHR Extension: (Simply Block Ads) - C:\Users\Ania\AppData\Local\Google\Chrome\User Data\Default\Extensions\nhfjefnfnmmnkcckbjjcganphignempo [2015-07-16] [UpdateUrl: hxxps://mynamedomain.koko/00service/update2/crx] <==== UWAGA
CHR Extension: (Gmail) - C:\Users\Ania\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-04-19]
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChromeSp.crx [2015-06-06]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2015-06-06]
 
Opera: 
=======
OPR Extension: (High Stairs) - C:\Users\Ania\AppData\Roaming\Opera Software\Opera Stable\Extensions\ecnkeohpccckhnmnblcjopbdmeigbnmm [2015-08-22]
StartMenuInternet: (HKLM) Opera - C:\Program Files (x86)\Opera\Opera.exe hxxp://www.istartsurf.com/?type=sc&ts=1441642877&z=9b3d58a7753363c0c660068gezbz6geqaz0o0m9c8z&from=cornl&uid=WDCXWD10S21X-24R1BT0-SSHD-8GB_WD-WX51A24Y5750Y5750
 
==================== Usługi (filtrowane) ========================
 
(Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.)
 
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [343336 2015-06-06] (Avast Software s.r.o.)
R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [2780856 2015-10-07] (Microsoft Corporation)
R2 igfxCUIService2.0.0.0; C:\Windows\system32\igfxCUIService.exe [351120 2015-07-17] (Intel Corporation)
R2 Intel® Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [747520 2013-08-27] (Intel® Corporation) [Brak podpisu cyfrowego]
S3 Intel® Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [828376 2013-08-27] (Intel® Corporation)
R2 Intel® ME Service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe [131544 2013-09-16] (Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe [169432 2013-09-16] (Intel Corporation)
S3 Lenovo EasyPlus Hotspot; C:\Program Files (x86)\Common Files\lenovo\easyplussdk\bin\EPHotspot64.exe [533760 2014-06-03] (Lenovo)
R2 Lenovo System Agent Service; C:\Program Files\Lenovo\iMController\SystemAgentService.exe [584960 2014-05-21] (LENOVO INCORPORATED.)
R2 LenovoSetSvr; C:\Program Files (x86)\Lenovo\Lenovo Settings\LenovoSetSvr.exe [389680 2014-09-08] (Lenovo(beijing) Limited)
R2 LenovoWiFiHotspotSvr; C:\Windows\System32\LenovoWiFiHotspotSvr.exe [198192 2014-09-08] (Lenovo(beijing) Limited)
R2 LUService; C:\Program Files (x86)\Lenovo\Lenovo Updates\LUService.exe [38896 2014-02-17] (Lenovo(beijing) Limited)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1593632 2014-01-21] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [16939296 2014-01-21] (NVIDIA Corporation)
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [1910128 2015-02-08] (Electronic Arts)
R2 PGService; C:\Program Files (x86)\Lenovo\Motion Control\PGService.exe [167176 2014-02-25] (PointGrab LTD)
R2 PG_Service_Launcher; C:\Program Files (x86)\Lenovo\Motion Control\PG_Service_Launcher.exe [512776 2014-02-25] (PointGrab LTD)
R2 PhoneCompanionPusher; C:\Program Files\Lenovo PhoneCompanion\PhoneCompanionPusher.exe [288240 2014-09-08] (Lenovo)
S3 PhoneCompanionVap; C:\Program Files\Lenovo PhoneCompanion\PhoneCompanionVap.exe [308720 2014-09-08] (Lenovo)
R2 ss_conn_service; C:\Program Files (x86)\Samsung\USB Drivers\25_escape\conn\ss_conn_service.exe [743688 2015-05-21] (DEVGURU Co., LTD.)
S3 TESHelper; c:\Program Files\Common Files\Lenovo\Magic Transfer\x64\MagicTransferTESHelper.exe [104696 2014-09-08] (Lenovo)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [362928 2015-07-10] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [24864 2015-07-10] (Microsoft Corporation)
R2 WTabletServiceCon; C:\Program Files\Tablet\Pen\WTabletServiceCon.exe [627992 2014-01-13] (Wacom Technology, Corp.)
 
===================== Sterowniki (filtrowane) ==========================
 
(Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.)
 
R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29168 2015-06-06] ()
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [89944 2015-06-06] (Avast Software s.r.o.)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93528 2015-06-06] (Avast Software s.r.o.)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65736 2015-06-06] ()
S1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1047320 2015-06-06] (Avast Software s.r.o.)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [442264 2015-06-27] (Avast Software s.r.o.)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [137288 2015-06-06] (Avast Software s.r.o.)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [272248 2015-06-06] ()
S3 BthA2DP; C:\Windows\system32\drivers\BthA2DP.sys [165376 2015-07-10] (Microsoft Corporation)
S3 BthHFAud; C:\Windows\system32\DRIVERS\BthHfAud.sys [36864 2015-07-10] (Microsoft Corporation)
S3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [237568 2015-07-10] (Microsoft Corporation)
R3 ibtusb; C:\Windows\system32\DRIVERS\ibtusb.sys [263952 2015-07-14] (Intel Corporation)
R3 MEIx64; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [99288 2013-09-16] (Intel Corporation)
R3 NETwNb64; C:\Windows\System32\drivers\Netwbw02.sys [3496216 2015-07-10] (Intel Corporation)
R3 rt640x64; C:\Windows\System32\drivers\rt640x64.sys [886528 2015-07-22] (Realtek                                            )
R3 RTSPER; C:\Windows\system32\DRIVERS\RtsPer.sys [761600 2015-06-15] (Realsil Semiconductor Corporation)
R3 rtsuvc; C:\Windows\system32\DRIVERS\rtsuvc.sys [3068160 2015-06-16] (Realtek Semiconductor Corp.)
R3 SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [42696 2015-09-10] (Synaptics Incorporated)
S3 UdeCx; C:\Windows\System32\drivers\udecx.sys [44032 2015-07-10] ()
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44568 2015-07-10] (Microsoft Corporation)
R0 WdFilter; C:\Windows\System32\drivers\WdFilter.sys [291680 2015-07-10] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [119648 2015-07-10] (Microsoft Corporation)
S3 wsvd; C:\Windows\system32\DRIVERS\wsvd.sys [102376 2012-06-13] ("CyberLink)
S3 ew_usbenumfilter; \SystemRoot\System32\drivers\ew_usbenumfilter.sys [X]
S3 hwusb_cdcacm; \SystemRoot\system32\DRIVERS\ew_cdcacm.sys [X]
S3 hwusb_wwanecm; \SystemRoot\system32\DRIVERS\ew_wwanecm.sys [X]
S3 wfpcapture; \SystemRoot\System32\drivers\wfpcapture.sys [X]
 
==================== NetSvcs (filtrowane) ===================
 
(Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.)
 
 
==================== Jeden miesiąc - utworzone pliki i foldery ========
 
(Załączenie wejścia w fixlist spowoduje przeniesienie pliku/folderu.)
 
2015-11-12 19:19 - 2015-11-12 19:19 - 00027057 _____ C:\Users\Ania\Desktop\FRST.txt
2015-11-12 19:08 - 2015-11-12 19:19 - 00000000 ____D C:\FRST
2015-11-12 19:08 - 2015-11-12 19:09 - 00047000 _____ C:\Users\Ania\Downloads\FRST.txt
2015-11-12 19:08 - 2015-11-12 19:09 - 00046527 _____ C:\Users\Ania\Downloads\Addition.txt
2015-11-12 19:06 - 2015-11-12 19:06 - 02198528 _____ (Farbar) C:\Users\Ania\Desktop\FRST64.exe
2015-11-12 18:59 - 2015-11-12 18:59 - 00000000 ____D C:\Users\Ania\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Opera Software
2015-11-12 18:33 - 2015-11-12 18:33 - 00016148 _____ C:\WINDOWS\system32\LENOVO-PC_Sawako_HistoryPrediction.bin
2015-11-11 13:54 - 2015-11-11 13:57 - 26077080 _____ C:\Users\Ania\Downloads\Palm Shadows {2}.Sims3Pack
2015-11-11 13:53 - 2015-11-11 13:59 - 50843737 _____ C:\Users\Ania\Downloads\Geothermal lakes.Sims3Pack
2015-11-11 13:52 - 2015-11-11 14:00 - 120972225 _____ C:\Users\Ania\Downloads\Great Bear.Sims3Pack
2015-11-11 13:49 - 2015-11-11 14:01 - 122556653 _____ C:\Users\Ania\Downloads\Vice City.Sims3Pack
2015-11-10 23:53 - 2015-11-10 23:53 - 03800416 _____ C:\Users\Ania\Desktop\gdgdfgdfgdfg.psd
2015-11-10 21:11 - 2015-11-10 22:22 - 22652154 _____ C:\Users\Ania\Desktop\kawaiii.psd
2015-11-07 20:06 - 2015-11-07 20:07 - 08538465 _____ C:\Users\Ania\Desktop\sfsdfsdfasdfdssfd.psd
2015-11-06 22:21 - 2015-11-06 22:21 - 40870693 _____ C:\Users\Ania\Desktop\loffffff.psd
2015-11-03 20:21 - 2015-11-03 22:18 - 53523301 _____ C:\Users\Ania\Desktop\nbdskjfhkdsjhfdsfdsfdsgsdffdfgfdv.psd
2015-10-30 15:48 - 2015-10-28 00:38 - 21871616 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2015-10-30 15:48 - 2015-10-28 00:16 - 18801664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2015-10-30 15:48 - 2015-10-21 13:45 - 00541024 _____ (Microsoft Corporation) C:\WINDOWS\system32\mcupdate_GenuineIntel.dll
2015-10-30 15:48 - 2015-10-21 13:43 - 01392480 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicenseManager.dll
2015-10-30 15:48 - 2015-10-21 13:39 - 03621248 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2015-10-30 15:48 - 2015-10-21 13:00 - 24595968 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2015-10-30 15:48 - 2015-10-21 13:00 - 03248128 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll
2015-10-30 15:48 - 2015-10-21 12:57 - 02418688 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll
2015-10-30 15:48 - 2015-10-21 12:52 - 02987520 _____ (Microsoft Corporation) C:\WINDOWS\system32\esent.dll
2015-10-30 15:48 - 2015-10-21 12:48 - 01068032 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2015-10-30 15:48 - 2015-10-21 12:46 - 02179584 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2015-10-30 15:48 - 2015-10-21 12:46 - 01602560 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2015-10-30 15:48 - 2015-10-21 12:41 - 01795072 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.dll
2015-10-30 15:48 - 2015-10-21 06:53 - 00961376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LicenseManager.dll
2015-10-30 15:48 - 2015-10-21 06:49 - 02878512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2015-10-30 15:48 - 2015-10-21 06:13 - 19326464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2015-10-30 15:48 - 2015-10-21 06:11 - 02647040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll
2015-10-30 15:48 - 2015-10-21 06:08 - 01918976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll
2015-10-30 15:48 - 2015-10-21 06:05 - 02639872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\esent.dll
2015-10-30 15:47 - 2015-10-21 13:44 - 00459104 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\netio.sys
2015-10-30 15:47 - 2015-10-21 12:59 - 00076800 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserbroker.dll
2015-10-30 15:47 - 2015-10-21 12:50 - 00333312 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusUpdateHandlers.dll
2015-10-30 15:47 - 2015-10-21 12:47 - 00453120 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Usb.dll
2015-10-30 15:47 - 2015-10-21 12:44 - 00713216 _____ (Microsoft Corporation) C:\WINDOWS\system32\usermgr.dll
2015-10-30 15:47 - 2015-10-21 12:44 - 00579072 _____ (Microsoft Corporation) C:\WINDOWS\system32\winlogon.exe
2015-10-30 15:47 - 2015-10-21 12:43 - 02675200 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepository.dll
2015-10-30 15:47 - 2015-10-21 12:42 - 00627712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.dll
2015-10-30 15:47 - 2015-10-21 12:40 - 00145408 _____ (Microsoft Corporation) C:\WINDOWS\system32\dssvc.dll
2015-10-30 15:47 - 2015-10-21 12:38 - 00502272 _____ (Microsoft Corporation) C:\WINDOWS\system32\dlnashext.dll
2015-10-30 15:47 - 2015-10-21 06:03 - 01380864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2015-10-30 15:47 - 2015-10-21 06:03 - 00311296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Usb.dll
2015-10-30 15:47 - 2015-10-21 05:58 - 02049536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepository.dll
2015-10-30 15:47 - 2015-10-21 05:58 - 00464896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.dll
2015-10-30 15:47 - 2015-10-21 05:55 - 00441344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dlnashext.dll
2015-10-25 14:13 - 2015-10-25 23:21 - 24245698 _____ C:\Users\Ania\Desktop\sdasdsadasdasdasdasd OOOOKOOOO.psd
2015-10-21 21:33 - 2015-11-03 22:47 - 00001025 _____ C:\Users\Ania\Desktop\osu!.lnk
2015-10-21 21:33 - 2015-10-21 21:33 - 00001033 _____ C:\Users\Ania\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\osu!.lnk
2015-10-21 21:31 - 2015-10-22 12:25 - 00000000 ____D C:\Users\Ania\AppData\Local\osu!
2015-10-21 21:30 - 2015-10-21 21:30 - 00000000 ____D C:\Users\Ania\Downloads\Localisation
2015-10-21 21:26 - 2015-10-21 21:30 - 03282488 _____ (ppy) C:\Users\Ania\Downloads\osu!install.exe
2015-10-19 19:48 - 2015-10-19 19:48 - 28752573 _____ C:\Users\Ania\Desktop\KONKURS.psd
2015-10-16 18:18 - 2015-10-18 12:52 - 00000000 ____D C:\Users\Ania\AppData\Local\Warframe
2015-10-16 12:22 - 2015-10-16 12:22 - 00000222 _____ C:\Users\Ania\Desktop\Warframe.url
2015-10-16 12:05 - 2015-10-16 12:05 - 00000000 ____D C:\Users\Ania\AppData\Roaming\roi
2015-10-16 12:02 - 2015-10-16 12:02 - 00000000 ____D C:\Program Files (x86)\AGEIA Technologies
2015-10-13 19:04 - 2015-10-06 04:03 - 16708608 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2015-10-13 19:04 - 2015-09-25 03:59 - 00590336 _____ (Microsoft Corporation) C:\WINDOWS\system32\MessagingDataModel2.dll
2015-10-13 19:03 - 2015-10-10 08:12 - 00078528 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2015-10-13 19:03 - 2015-10-06 03:46 - 13027840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2015-10-13 19:03 - 2015-10-01 05:01 - 01294352 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2015-10-13 19:03 - 2015-10-01 05:01 - 01123400 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2015-10-13 19:03 - 2015-10-01 05:01 - 01018568 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2015-10-13 19:03 - 2015-10-01 05:01 - 00858408 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2015-10-13 19:03 - 2015-10-01 05:00 - 08020320 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2015-10-13 19:03 - 2015-10-01 04:03 - 00757760 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapi.dll
2015-10-13 19:03 - 2015-09-25 05:01 - 02573768 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml6.dll
2015-10-13 19:03 - 2015-09-25 05:01 - 00498016 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbhub.sys
2015-10-13 19:03 - 2015-09-25 04:56 - 22322624 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2015-10-13 19:03 - 2015-09-25 04:52 - 00980832 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi
2015-10-13 19:03 - 2015-09-25 04:33 - 01997336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml6.dll
2015-10-13 19:03 - 2015-09-25 04:26 - 20858360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2015-10-13 19:03 - 2015-09-25 04:11 - 00257024 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataAccountApis.dll
2015-10-13 19:03 - 2015-09-25 04:11 - 00223232 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhoneCallHistoryApis.dll
2015-10-13 19:03 - 2015-09-25 04:09 - 12504064 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2015-10-13 19:03 - 2015-09-25 04:07 - 01276416 _____ (Microsoft Corporation) C:\WINDOWS\system32\wifinetworkmanager.dll
2015-10-13 19:03 - 2015-09-25 04:04 - 00826880 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2015-10-13 19:03 - 2015-09-25 04:04 - 00771072 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2015-10-13 19:03 - 2015-09-25 04:03 - 00796160 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBroker.dll
2015-10-13 19:03 - 2015-09-25 04:03 - 00576000 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2015-10-13 19:03 - 2015-09-25 04:02 - 07523840 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2015-10-13 19:03 - 2015-09-25 04:02 - 00949248 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
2015-10-13 19:03 - 2015-09-25 04:02 - 00689152 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.Web.Core.dll
2015-10-13 19:03 - 2015-09-25 04:01 - 04792320 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2015-10-13 19:03 - 2015-09-25 04:01 - 03586560 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2015-10-13 19:03 - 2015-09-25 04:00 - 01423872 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataService.dll
2015-10-13 19:03 - 2015-09-25 04:00 - 01382400 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2015-10-13 19:03 - 2015-09-25 04:00 - 00856576 _____ (Microsoft Corporation) C:\WINDOWS\system32\ContactApis.dll
2015-10-13 19:03 - 2015-09-25 04:00 - 00752640 _____ (Microsoft Corporation) C:\WINDOWS\system32\ChatApis.dll
2015-10-13 19:03 - 2015-09-25 03:59 - 01205248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Unistore.dll
2015-10-13 19:03 - 2015-09-25 03:59 - 00720896 _____ (Microsoft Corporation) C:\WINDOWS\system32\EmailApis.dll
2015-10-13 19:03 - 2015-09-25 03:59 - 00685568 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppointmentApis.dll
2015-10-13 19:03 - 2015-09-25 03:59 - 00288256 _____ (Microsoft Corporation) C:\WINDOWS\system32\PimIndexMaintenance.dll
2015-10-13 19:03 - 2015-09-25 03:59 - 00163840 _____ (Microsoft Corporation) C:\WINDOWS\system32\CallHistoryClient.dll
2015-10-13 19:03 - 2015-09-25 03:58 - 01871360 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml3.dll
2015-10-13 19:03 - 2015-09-25 03:47 - 00195584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDataAccountApis.dll
2015-10-13 19:03 - 2015-09-25 03:47 - 00172032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PhoneCallHistoryApis.dll
2015-10-13 19:03 - 2015-09-25 03:38 - 03580416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2015-10-13 19:03 - 2015-09-25 03:38 - 00650240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2015-10-13 19:03 - 2015-09-25 03:38 - 00574464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakradiag.dll
2015-10-13 19:03 - 2015-09-25 03:38 - 00504320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2015-10-13 19:03 - 2015-09-25 03:37 - 00766976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll
2015-10-13 19:03 - 2015-09-25 03:37 - 00613376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TokenBroker.dll
2015-10-13 19:03 - 2015-09-25 03:37 - 00480256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Security.Authentication.Web.Core.dll
2015-10-13 19:03 - 2015-09-25 03:36 - 11262976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2015-10-13 19:03 - 2015-09-25 03:36 - 05454848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2015-10-13 19:03 - 2015-09-25 03:34 - 00928256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Unistore.dll
2015-10-13 19:03 - 2015-09-25 03:34 - 00625152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ContactApis.dll
2015-10-13 19:03 - 2015-09-25 03:34 - 00579584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppointmentApis.dll
2015-10-13 19:03 - 2015-09-25 03:34 - 00557568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ChatApis.dll
2015-10-13 19:03 - 2015-09-25 03:34 - 00525312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EmailApis.dll
2015-10-13 19:03 - 2015-09-25 03:33 - 00131072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CallHistoryClient.dll
2015-10-13 19:03 - 2015-09-25 03:32 - 01594368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml3.dll
2015-10-13 19:03 - 2015-09-25 03:32 - 00466432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MessagingDataModel2.dll
 
==================== Jeden miesiąc - zmodyfikowane pliki i foldery ========
 
(Załączenie wejścia w fixlist spowoduje przeniesienie pliku/folderu.)
 
2015-11-12 18:59 - 2015-09-07 17:21 - 00000000 ____D C:\Users\Ania\AppData\Roaming\istartsurf
2015-11-12 18:59 - 2015-02-08 11:33 - 00001625 _____ C:\Users\Public\Desktop\League of Legends.lnk
2015-11-12 18:58 - 2015-02-08 12:25 - 00000000 ____D C:\Program Files (x86)\Electronic Arts
2015-11-12 18:58 - 2014-09-08 07:37 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2015-11-12 18:57 - 2015-02-22 17:08 - 00000000 ____D C:\Program Files (x86)\Grupa IMAGE
2015-11-12 18:56 - 2015-04-16 13:15 - 00000000 ____D C:\ProgramData\DatacardService
2015-11-12 18:56 - 2015-03-22 16:21 - 00000000 ____D C:\Users\Ania\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2015-11-12 18:56 - 2015-03-22 15:49 - 00000000 ____D C:\Program Files (x86)\Steam
2015-11-12 18:54 - 2015-03-14 09:27 - 00000000 ____D C:\Users\Ania\AppData\Roaming\Opera
2015-11-12 18:54 - 2015-03-14 09:27 - 00000000 ____D C:\Users\Ania\AppData\Local\Opera
2015-11-12 18:54 - 2015-02-08 10:22 - 00000000 ____D C:\Program Files (x86)\Opera
2015-11-12 18:50 - 2015-07-10 12:04 - 00000000 ____D C:\WINDOWS\system32\sru
2015-11-12 18:40 - 2015-07-10 12:04 - 00000000 ____D C:\WINDOWS\AppReadiness
2015-11-12 18:40 - 2014-12-19 04:57 - 00000000 ____D C:\Users\Ania\AppData\Local\Packages
2015-11-12 18:37 - 2015-09-10 15:51 - 00950392 _____ C:\WINDOWS\system32\perfh011.dat
2015-11-12 18:37 - 2015-09-10 15:51 - 00558766 _____ C:\WINDOWS\system32\perfc011.dat
2015-11-12 18:37 - 2015-09-10 15:33 - 00005472 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2015-11-12 18:37 - 2015-07-10 17:30 - 02164236 _____ C:\WINDOWS\system32\perfh015.dat
2015-11-12 18:37 - 2015-07-10 17:30 - 00590192 _____ C:\WINDOWS\system32\perfc015.dat
2015-11-12 18:36 - 2015-07-09 19:52 - 00000000 ____D C:\Users\Ania\AppData\Roaming\uTorrent
2015-11-12 18:36 - 2015-02-08 11:08 - 00000376 _____ C:\WINDOWS\Tasks\DriverToolkit Autorun.job
2015-11-12 18:35 - 2015-06-06 08:19 - 00004280 _____ C:\WINDOWS\System32\Tasks\avast! Emergency Update
2015-11-12 18:34 - 2015-09-10 15:12 - 00000180 _____ C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2015-11-12 18:34 - 2015-07-10 13:22 - 00000275 _____ C:\WINDOWS\WindowsUpdate.log
2015-11-12 18:33 - 2015-09-10 15:16 - 00000000 ____D C:\Users\Ania
2015-11-12 18:33 - 2015-07-10 13:21 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2015-11-12 14:25 - 2015-02-08 10:30 - 00000930 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2015-11-12 07:16 - 2015-02-08 10:30 - 00000892 _____ C:\WINDOWS\Tasks\Adobe Flash Player PPAPI Notifier.job
2015-11-11 18:26 - 2015-02-08 10:30 - 00004032 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player PPAPI Notifier
2015-11-11 18:26 - 2015-02-08 10:30 - 00003916 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater
2015-11-11 13:38 - 2014-12-28 14:20 - 00000000 ____D C:\Users\Ania\Documents\Electronic Arts
2015-11-11 13:03 - 2015-07-10 11:55 - 00000000 ____D C:\WINDOWS\CbsTemp
2015-11-03 22:47 - 2015-09-26 19:59 - 00001412 _____ C:\Users\Ania\Desktop\TheForest.lnk
2015-11-03 22:47 - 2015-09-26 19:58 - 00001581 _____ C:\Users\Ania\Desktop\Stranded_Deep.lnk
2015-11-03 22:47 - 2015-09-26 19:57 - 00001722 _____ C:\Users\Ania\Desktop\TheSims4.lnk
2015-11-03 17:57 - 2015-07-10 12:04 - 00000000 ____D C:\WINDOWS\rescache
2015-10-31 18:28 - 2015-07-10 12:04 - 00000000 ____D C:\WINDOWS\system32\appraiser
2015-10-30 22:07 - 2015-07-10 10:05 - 00262144 ___SH C:\WINDOWS\system32\config\BBI
2015-10-30 19:04 - 2015-07-10 12:04 - 00000000 ____D C:\WINDOWS\LiveKernelReports
2015-10-28 22:35 - 2015-09-10 15:07 - 00014850 _____ C:\WINDOWS\PFRO.log
2015-10-28 19:21 - 2015-07-10 12:04 - 00000000 ____D C:\WINDOWS\system32\NDF
2015-10-28 16:36 - 2015-03-03 17:24 - 00000000 ____D C:\Program Files\Microsoft Office 15
2015-10-24 10:44 - 2015-09-07 17:21 - 00000000 ____D C:\Program Files (x86)\SFK
2015-10-19 18:59 - 2015-07-17 21:01 - 00000000 ____D C:\Users\Ania\Downloads\PaintToolSAI
2015-10-19 18:52 - 2015-07-10 13:20 - 00029174 _____ C:\WINDOWS\setupact.log
2015-10-17 14:31 - 2015-02-08 11:05 - 00000000 ____D C:\Users\Ania\AppData\Roaming\Skype
2015-10-16 18:22 - 2015-02-08 12:32 - 00081051 _____ C:\WINDOWS\DirectX.log
2015-10-16 18:18 - 2015-02-13 20:17 - 00000000 ____D C:\WINDOWS\system32\MRT
2015-10-16 12:02 - 2014-09-08 07:43 - 00000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2015-10-16 11:38 - 2015-09-24 12:49 - 00000000 ____D C:\Users\Ania\AppData\Local\MicrosoftEdge
2015-10-16 04:10 - 2015-10-05 17:28 - 00810488 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2015-10-16 04:10 - 2015-10-05 17:28 - 00176632 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2015-10-13 19:17 - 2015-07-27 22:43 - 00000000 ____D C:\Program Files (x86)\NewSaaveR
2015-10-13 19:14 - 2015-02-13 20:17 - 143481208 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
 
==================== Pliki w katalogu głównym wybranych folderów =======
 
2015-05-16 21:14 - 2015-05-19 14:47 - 0000024 _____ () C:\Users\Ania\AppData\Roaming\appdataFr25.bin
2015-09-10 15:13 - 2015-09-10 15:13 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
2015-09-07 17:21 - 2015-09-07 17:21 - 0000102 _____ () C:\ProgramData\{262E20B8-6E20-4CEF-B1FD-D022AB1085F5}.dat
 
Pliki do przeniesienia lub usunięcia:
====================
C:\ProgramData\{262E20B8-6E20-4CEF-B1FD-D022AB1085F5}.dat
 
 
==================== Bamital & volsnap =================
 
(Brak automatycznej naprawy dla plików które nie przeszły weryfikacji.)
 
C:\WINDOWS\system32\winlogon.exe => Plik podpisany cyfrowo
C:\WINDOWS\system32\wininit.exe => Plik podpisany cyfrowo
C:\WINDOWS\explorer.exe => Plik podpisany cyfrowo
C:\WINDOWS\SysWOW64\explorer.exe => Plik podpisany cyfrowo
C:\WINDOWS\system32\svchost.exe => Plik podpisany cyfrowo
C:\WINDOWS\SysWOW64\svchost.exe => Plik podpisany cyfrowo
C:\WINDOWS\system32\services.exe => Plik podpisany cyfrowo
C:\WINDOWS\system32\User32.dll => Plik podpisany cyfrowo
C:\WINDOWS\SysWOW64\User32.dll => Plik podpisany cyfrowo
C:\WINDOWS\system32\userinit.exe => Plik podpisany cyfrowo
C:\WINDOWS\SysWOW64\userinit.exe => Plik podpisany cyfrowo
C:\WINDOWS\system32\rpcss.dll => Plik podpisany cyfrowo
C:\WINDOWS\system32\dnsapi.dll => Plik podpisany cyfrowo
C:\WINDOWS\SysWOW64\dnsapi.dll => Plik podpisany cyfrowo
C:\WINDOWS\system32\Drivers\volsnap.sys => Plik podpisany cyfrowo
 
 
LastRegBack: 2015-11-07 17:56
 
==================== Koniec  FRST.txt ============================
 
 
Rezultaty skanu uzupełniającego Farbar Recovery Scan Tool (x64) Wersja:07-11-2015
Uruchomiony przez Sawako (2015-11-12 19:19:54)
Uruchomiony z C:\Users\Ania\Desktop
Windows 10 Home (X64) (2015-09-10 14:42:02)
Tryb startu: Normal
==========================================================
 
 
==================== Konta użytkowników: =============================
 
Administrator (S-1-5-21-2839323705-3564200330-1895575039-500 - Administrator - Disabled) => C:\Users\Administrator
Gość (S-1-5-21-2839323705-3564200330-1895575039-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-2839323705-3564200330-1895575039-1003 - Limited - Enabled)
Konto domyślne (S-1-5-21-2839323705-3564200330-1895575039-503 - Limited - Disabled)
Sawako (S-1-5-21-2839323705-3564200330-1895575039-1001 - Administrator - Enabled) => C:\Users\Ania
 
==================== Centrum zabezpieczeń ========================
 
(Załączenie wejścia w fixlist spowoduje jego usunięcie.)
 
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
 
==================== Zainstalowane programy ======================
 
(W fixlist dozwolone tylko załączanie programów adware z flagą "Hidden" w celu ich uwidocznienia. Programy adware powinny zostać w poprawny sposób odinstalowane.)
 
µTorrent (HKU\S-1-5-21-2839323705-3564200330-1895575039-1001\...\uTorrent) (Version: 3.4.5.41202 - BitTorrent Inc.)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 17.0.0.172 - Adobe Systems Incorporated)
Adobe Flash Player 19 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 19.0.0.245 - Adobe Systems Incorporated)
Adobe Reader X (10.1.0) - Polish (HKLM-x32\...\{AC76BA86-7AD7-1045-7B44-AA1000000001}) (Version: 10.1.0 - Adobe Systems Incorporated)
Aktualizacje NVIDIA 11.10.11 (Version: 11.10.11 - NVIDIA Corporation) Hidden
Avast Free Antivirus (HKLM-x32\...\Avast) (Version: 10.2.2218 - AVAST Software)
Bamboo Dock (HKLM-x32\...\Bamboo Dock) (Version: 4.1 - Wacom Co., Ltd.)
Bamboo Dock (x32 Version: 4.1.0 - Wacom Europe GmbH) Hidden
CyberLink MediaStory (HKLM-x32\...\InstallShield_{55762F9A-FCE3-45d5-817B-051218658423}) (Version: 1.0.1314 - CyberLink Corp.)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
DAEMON Tools Lite (HKLM-x32\...\DAEMON Tools Lite) (Version: 4.49.1.0356 - Disc Soft Ltd)
Dependency Package Update (Version: 1.6.25.00 - Lenovo Inc.) Hidden
Dependency Package Update (Version: 1.6.29.00 - Lenovo Inc.) Hidden
Dependency Package Update (Version: 1.6.36.00 - Lenovo Inc.) Hidden
Dolby Digital Plus Home Theater (HKLM\...\{7E3D8FA1-6092-469A-955B-68FC4A2C67CA}) (Version: 7.5.1.1 - Dolby Laboratories Inc)
DriverToolkit version 8.4.0.0 (HKLM-x32\...\{D66BF89F-B0A2-48F5-A2E4-242EB645AB76}_is1) (Version: 8.4.0.0 - Megaify Software)
Energy Manager (HKLM-x32\...\InstallShield_{AC768037-7079-4658-AC24-2897650E0ABE}) (Version: 1.5.0.20 - Lenovo)
Energy Manager (x32 Version: 1.5.0.20 - Lenovo) Hidden
Galeria fotografii (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
GeForce Experience NvStream Client Components (Version: 1.6.28 - NVIDIA Corporation) Hidden
GTA San Andreas (HKLM-x32\...\{19DEFF55-2E7D-4824-8E90-00892BF269BE}) (Version: 1.00.0001 - Rockstar Games)
Hightail for Lenovo (HKLM\...\{2F10E937-F6D7-4174-8AB9-B299E8FC5CEC}) (Version: 2.4.97.2857 - Hightail, Inc.)
Instrukcje użytkownika (x32 Version: 3.0.0.3 - Lenovo) Hidden
Intel® Manageability Engine Firmware Recovery Agent (HKLM-x32\...\{0EC7F9CC-4741-45AE-9F55-6E9343F726F5}) (Version: 1.1.0.36960 - Intel Corporation)
Intel® Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.5.15.1730 - Intel Corporation)
Intel® Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3540 - Intel Corporation)
Intel® Wireless Bluetooth® 4.0 (HKLM-x32\...\{D91E3947-528C-4AC3-B26F-A283F2B79983}) (Version: 3.0.1342.02 - Intel Corporation)
Junk Mail filter update (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
League of Legends (HKLM-x32\...\League of Legends 3.0.1) (Version: 3.0.1 - Riot Games)
League of Legends (x32 Version: 3.0.1 - Riot Games) Hidden
Left 4 Dead 2 (HKLM-x32\...\Steam App 550) (Version:  - Valve)
Lenovo Browser Guard (HKLM-x32\...\LenovoBrowserGuard) (Version: 2.16.60.37 - ClientConnect LTD) <==== UWAGA
Lenovo Dependency Package (HKLM\...\Lenovo Dependency Package_is1) (Version: 1.6.25.00 - Lenovo Group Limited)
Lenovo EasyCamera (HKLM-x32\...\{E0A7ED39-8CD6-4351-93C3-69CCA00D12B4}) (Version: 6.2.9200.10279 - Realtek Semiconductor Corp.)
Lenovo EasyCamera (HKLM-x32\...\{E399A5B3-ED53-4DEA-AF04-8011E1EB1EAC}) (Version: 6.3.9600.11105 - Realtek Semiconductor Corp.)
Lenovo FusionEngine  (HKLM-x32\...\Lenovo FusionEngine) (Version: 1.0.13.0 - Lenovo, Inc.)
Lenovo Mobile Phone Wireless Import (HKLM-x32\...\InstallShield_{DFB2E0D6-8DDE-49A4-B8F7-03C14DACCBA6}) (Version: 1.1.1.9 - Lenovo)
Lenovo Mobile Phone Wireless Import (x32 Version: 1.1.1.9 - Lenovo) Hidden
Lenovo Motion Control (HKLM-x32\...\InstallShield_{A60E1DE0-2AD1-4BD3-BBCC-4FBB22FB6F85}) (Version: 2.5.1.0225 - PointGrab)
Lenovo Motion Control (x32 Version: 2.5.1.0225 - PointGrab) Hidden
Lenovo OneKey Recovery (HKLM-x32\...\InstallShield_{46F4D124-20E5-4D12-BE52-EC177A7A4B42}) (Version: 8.1.0.2619 - CyberLink Corp.)
Lenovo OneKey Recovery (Version: 8.1.0.2619 - CyberLink Corp.) Hidden
Lenovo PhoneCompanion (HKLM-x32\...\InstallShield_{0F82EA83-B0C5-4AB9-9695-DFE92C5FD57B}) (Version: 1.2.0.2 - Lenovo)
Lenovo PhoneCompanion (x32 Version: 1.2.0.2 - Lenovo) Hidden
Lenovo Settings (HKLM-x32\...\InstallShield_{42F8AFC3-7944-46CC-9689-94FF9869D0A7}) (Version: 1.0.0.46 - Nazwa firmy)
Lenovo Settings (x32 Version: 1.0.0.46 - Nazwa firmy) Hidden
Lenovo SHAREit (HKLM-x32\...\Lenovo SHAREit_is1) (Version: 2.0.5.0 - Lenovo Group Limited)
Lenovo Updates (HKLM-x32\...\InstallShield_{A2E1E9F0-0B68-4166-8C7F-85B563B84DF4}) (Version: 1.1.0.61 - Lenovo)
Lenovo Updates (x32 Version: 1.1.0.61 - Lenovo) Hidden
Magic Transfer (HKLM\...\{AD2B2BD1-A1D7-4798-8FDD-B2A58FD94E68}) (Version: 1.1.1.11 - )
Magic Transfer (HKLM-x32\...\InstallShield_{AD2B2BD1-A1D7-4798-8FDD-B2A58FD94E68}) (Version: 1.1.1.11 - Lenovo)
Magic Transfer (x32 Version: 1.1.1.11 - Lenovo) Hidden
Metric Collection SDK 35 (x32 Version: 1.2.0001.00 - Lenovo Group Limited) Hidden
Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{832D9DE0-8AFC-4689-9819-4DBBDEBD3E4F}) (Version: 3.5.92.0 - Microsoft Corporation)
Microsoft Games for Windows Marketplace (HKLM-x32\...\{67F42018-F647-4D3C-BE62-F8CB4FE2FCD5}) (Version: 3.5.67.0 - Microsoft Corporation)
Microsoft Office 365 - pl-pl (HKLM\...\O365HomePremRetail - pl-pl) (Version: 15.0.4763.1003 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.40728.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{7f51bdb9-ee21-49ee-94d6-90afc321780e}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft WSE 3.0 Runtime (HKLM-x32\...\{E3E71D07-CD27-46CB-8448-16D4FB29AA13}) (Version: 3.0.5305.0 - Microsoft Corp.)
Movie Maker (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Nero 8 Lite 8.2.8.0 (HKLM-x32\...\Nero8Lite_is1) (Version: 8.2.8.0 - Updatepack.nl)
NVIDIA GeForce Experience 1.8.2 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 1.8.2 - NVIDIA Corporation)
NVIDIA PhysX (HKLM-x32\...\{8B922CF8-8A6C-41CE-A858-F1755D7F5D29}) (Version: 9.12.1031 - NVIDIA Corporation)
NVIDIA Sterownik graficzny 332.50 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 332.50 - NVIDIA Corporation)
NVIDIA Virtual Audio 1.2.20 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_VirtualAudio.Driver) (Version: 1.2.20 - NVIDIA Corporation)
Office 15 Click-to-Run Extensibility Component (x32 Version: 15.0.4763.1003 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Licensing Component (Version: 15.0.4763.1003 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Localization Component (x32 Version: 15.0.4763.1003 - Microsoft Corporation) Hidden
Onekey Theater (HKLM-x32\...\{91CC5BAE-A098-40D3-A43B-C0DC7CE263FE}) (Version: 3.0.1.2 - Lenovo)
Oprogramowanie Intel® PROSet/Wireless (HKLM-x32\...\{313c06de-4aa7-4a1f-930a-f10f80380426}) (Version: 17.14.0 - Intel Corporation)
Origin (HKLM-x32\...\Origin) (Version: 9.1.15.109 - Electronic Arts, Inc.)
osu! (HKLM-x32\...\{22274dbc-544e-4c94-96aa-101266eabbb1}) (Version: latest - ppy Pty Ltd)
Pakiet sterowników systemu Windows - Lenovo (ACPIVPC) System  (09/24/2013 19.29.2.34) (HKLM\...\EE9B1F2037C580F36D92FA431CC02BFF04C31F15) (Version: 09/24/2013 19.29.2.34 - Lenovo)
Pakiet sterowników systemu Windows - Lenovo (WUDFRd) LenovoVhid  (07/25/2013 10.30.0.288) (HKLM\...\6BCA401E9CBEED970D75F55FA5320F60D11984E9) (Version: 07/25/2013 10.30.0.288 - Lenovo)
Panel sterowania NVIDIA 353.62 (Version: 353.62 - NVIDIA Corporation) Hidden
Poczta usługi Windows Live (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Podstawowe programy Windows Live (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation)
Podstawowe programy Windows Live (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Polski pakiet językowy dla narzędzi Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - PLK) (Version: 10.0.50903 - Microsoft Corporation)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 6.2.9600.21243 - Realtek Semiconductor Corp.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.20.815.2013 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7535 - Realtek Semiconductor Corp.)
Samsung Kies (HKLM-x32\...\InstallShield_{758C8301-2696-4855-AF45-534B1200980A}) (Version: 2.6.3.15075.2 - Samsung Electronics Co., Ltd.)
Samsung Kies (x32 Version: 2.6.3.15075.2 - Samsung Electronics Co., Ltd.) Hidden
Samsung USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.55.0 - Samsung Electronics Co., Ltd.)
SHIELD Streaming (Version: 1.7.306 - NVIDIA Corporation) Hidden
Skype™ 7.7 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.7.103 - Skype Technologies S.A.)
Smart Switch (HKLM-x32\...\InstallShield_{74FA5314-85C8-4E2A-907D-D9ECCCB770A7}) (Version: 4.0.15082.16 - Samsung Electronics Co., Ltd.)
Smart Switch (x32 Version: 4.0.15082.16 - Samsung Electronics Co., Ltd.) Hidden
Softonic Assistant (HKU\S-1-5-21-2839323705-3564200330-1895575039-1001\...\SoftonicAssistant) (Version: 0.1.6 - Softonic International S.A.) <==== UWAGA
SoftwareFixer (HKLM-x32\...\{12DA0E6F-5543-440C-BAA2-28BF01070AFA}{229c2d9f}) (Version:  - SoftwareFixer) <==== UWAGA
Spooky's House of Jump Scares (HKLM-x32\...\Steam App 356670) (Version:  - Lag Studios)
StageLight (HKLM\...\StageLight) (Version: 1.3.0.4350 - Open Labs, LLC.)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 19.0.17.5 - Synaptics Incorporated)
SyncDroid version 1.2.5 (HKLM-x32\...\{BE7E35A4-59E5-412B-9B18-57B4938B8C0B}_is1) (Version: 1.2.5 - JunTu Software, Inc.)
The Sims 4 (HKLM-x32\...\VGhlU2ltczQ=_is1) (Version: 1 - )
The Sims™ 3 (HKLM-x32\...\{C05D8CDB-417D-4335-A38C-A0659EDFD6B8}) (Version: 1.54.95 - Electronic Arts)
The Sims™ 3 Cztery pory roku (HKLM-x32\...\{3DE92282-CB49-434F-81BF-94E5B380E889}) (Version: 16.0.136 - Electronic Arts)
The Sims™ 3 Pokolenia (HKLM-x32\...\{E6B88BD6-E4B2-4701-A648-B6DAC6E491CC}) (Version: 8.0.152 - Electronic Arts)
The Sims™ 3 Rajska Wyspa (HKLM-x32\...\{DB21639E-FE55-432C-BCA2-0C5249E3F79E}) (Version: 19.0.101 - Electronic Arts)
The Sims™ 3 Szalone Lata 70. 80. i 90. Akcesoria (HKLM-x32\...\{E1868CAE-E3B9-4099-8C18-AA8944D336FD}) (Version: 17.0.77 - Electronic Arts)
The Sims™ 3 Zwierzaki (HKLM-x32\...\{C12631C6-804D-4B32-B0DD-8A496462F106}) (Version: 10.0.96 - Electronic Arts)
The Sims™ 4 (HKLM-x32\...\{48EBEBBF-B9F8-4520-A3CF-89A730721917}) (Version: 1.0.732.20 - Electronic Arts Inc.)
Trove (HKLM-x32\...\Steam App 304050) (Version:  - Trion Worlds)
User Manuals (HKLM-x32\...\InstallShield_{F07C2CF8-4C53-4EC3-8162-A6221E36EB88}) (Version: 3.0.0.3 - Lenovo)
Vegas Pro 12.0 (64-bit) (HKLM\...\{A7500970-FE98-11E1-B560-F04DA23A5C58}) (Version: 12.0.367 - Sony)
Vimicro USB2.0 PC Camera (VC0323) (HKLM-x32\...\{36820BCA-FC55-452E-9085-6E6F1F55508D}) (Version: 2007.05.14 - Vimicro)
VLC media player (HKLM\...\VLC media player) (Version: 2.2.1 - VideoLAN)
Wacom (HKLM\...\Pen Tablet Driver) (Version: 5.3.3-3 - Wacom Technology Corp.)
War Thunder (HKLM-x32\...\Steam App 236390) (Version:  - Gaijin Entertainment)
Warframe (HKLM-x32\...\Steam App 230410) (Version:  - Digital Extremes)
WebTablet FB Plugin 32 bit (HKLM-x32\...\Wacom WebTabletPlugin for Internet Explorer and Netscape) (Version: 2.1.0.3 - Wacom Technology Corp.)
WebTablet FB Plugin 64 bit (HKLM\...\Wacom WebTabletPlugin for Internet Explorer and Netscape) (Version: 2.1.0.3 - Wacom Technology Corp.)
WinRAR 5.20 (64-bitowy) (HKLM\...\WinRAR archiver) (Version: 5.20.0 - win.rar GmbH)
 
==================== Niestandardowe rejestracje CLSID (filtrowane): ==========================
 
(Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.)
 
CustomCLSID: HKU\S-1-5-21-2839323705-3564200330-1895575039-1001_Classes\CLSID\{092dfa86-5807-5a94-bf3b-5a53ba9e5308}\InprocServer32 -> C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll (Wacom)
 
==================== Punkty Przywracania systemu =========================
 
20-10-2015 16:00:11 Windows Update
30-10-2015 20:35:11 Windows Update
07-11-2015 20:44:50 Zaplanowany punkt kontrolny
11-11-2015 13:36:29 Zainstalowane The Sims 3 Create A World
12-11-2015 18:57:46 Usunięte The Sims 3 Create A World
 
==================== Hosts - zawartość: ===============================
 
(Użycie dyrektywy Hosts: w fixlist spowoduje reset pliku Hosts.)
 
2013-08-22 14:25 - 2013-08-22 14:25 - 00000824 ____A C:\WINDOWS\system32\Drivers\etc\hosts
 
 
==================== Zaplanowane zadania (filtrowane) =============
 
(Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.)
 
Task: {0DD11396-F116-47AD-B362-ABDE7B4A0476} - System32\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d-Logon => C:\Program Files (x86)\Intel\Intel® ME FW Recovery Agent\bin\Bootstrap.exe [2013-03-07] (Intel Corporation)
Task: {15E1FDB0-531B-4690-B778-4F43C8E86A3E} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> Brak pliku <==== UWAGA
Task: {176B1076-FB17-4911-BDF5-0CFD16397AB2} - System32\Tasks\Synaptics TouchPad Enhancements => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2015-09-10] (Synaptics Incorporated)
Task: {19E78963-3F7D-49D1-A18E-F3587C48F02C} - System32\Tasks\Lenovo\Dependency Package Auto Update => C:\Program Files\Lenovo\iMController\AutoUpdate.exe [2014-05-21] ()
Task: {216F060D-1E79-4155-B945-73D08DD58E8C} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2015-06-18] (Avast Software s.r.o.)
Task: {258C344B-02EC-46A4-938D-2B9B2C9D7BCF} - System32\Tasks\DriverToolkit Autorun => C:\Program Files (x86)\DriverToolkit\DriverToolkit.exe [2014-09-20] (Megaify Software Co., Ltd.)
Task: {2CBD366F-D376-48CE-87DF-0D58A2539E38} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> Brak pliku <==== UWAGA
Task: {2DA7602E-58E4-4F9D-BC2E-DBA06FAFDB87} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2015-10-07] (Microsoft Corporation)
Task: {2E5E8AD3-23BC-4CA6-A7D1-2C78C44A6C0A} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2015-10-07] (Microsoft Corporation)
Task: {35C5D12B-A4CE-4E3A-910F-44D05AC47F8B} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> Brak pliku <==== UWAGA
Task: {7645EF54-49E8-46EC-A1FF-8E2699A3AD5A} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> Brak pliku <==== UWAGA
Task: {7D774763-A5EB-4FEF-8DB9-2F4F3AD6C543} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> Brak pliku <==== UWAGA
Task: {81ED0130-510F-4725-90EA-FDB4F0FFDDC2} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> Brak pliku <==== UWAGA
Task: {88AA31AA-F467-41EA-BC77-1A5CBAC3749F} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> Brak pliku <==== UWAGA
Task: {92F541E0-F7D2-4863-BE69-97EABE189904} - System32\Tasks\Lenovo\Lenovo Customer Feedback Program 64 35 => C:\Program Files (x86)\Lenovo\Customer Feedback Program 35\Lenovo.TVT.CustomerFeedback.Agent35.exe [2014-05-30] (Lenovo)
Task: {A4F2FBE7-6DDC-4E1A-96D8-CF510BF0E2B4} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> Brak pliku <==== UWAGA
Task: {A7D6105F-F915-4C34-8C27-6D00EBC865E9} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesCommonx86\Microsoft Shared\OFFICE15\OLicenseHeartbeat.exe [2015-10-28] (Microsoft Corporation)
Task: {AC12B841-B260-4FF9-B15B-D6967EB6A152} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> Brak pliku <==== UWAGA
Task: {B755B63E-E399-4A86-A7FB-E1BAB3B43DFB} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2015-10-13] (Microsoft Corporation)
Task: {B96DFAB5-77A1-4320-BB98-C3D56F158C6F} - System32\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d => C:\Program Files (x86)\Intel\Intel® ME FW Recovery Agent\bin\Bootstrap.exe [2013-03-07] (Intel Corporation)
Task: {C4C0D775-4882-416E-9CE3-83557B205DAE} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_19_0_0_245_pepper.exe [2015-11-11] (Adobe Systems Incorporated)
Task: {D5A88EE4-822E-4690-B027-6C12E1305993} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-11-11] (Adobe Systems Incorporated)
Task: {DDB95684-FE53-47D2-86D1-B41384B7A90F} - System32\Tasks\{1365FB68-70BA-49EA-BBCD-B4639C02F27A} => pcalua.exe -a "C:\Program Files (x86)\Rockstar Games\GTA San Andreas\gta_sa.exe" -d "C:\Program Files (x86)\Rockstar Games\GTA San Andreas"
Task: {E5C5825C-39F9-4C33-826B-735C09B487E8} - System32\Tasks\DolbySelectorTask => C:\Program Files\Dolby Digital Plus\ddp.exe
Task: {E871C77C-F4E2-4CAB-AEC2-FAA34368CD9F} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> Brak pliku <==== UWAGA
Task: {F8D4EA26-ECE6-43A3-B145-501FD0BE9006} - System32\Tasks\Opera scheduled Autoupdate 1426434333 => C:\Program Files (x86)\Opera\launcher.exe
Task: {FD82A229-6485-449A-A3CF-707F4615C02D} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> Brak pliku <==== UWAGA
 
(Załączenie wejścia w fixlist spowoduje przesunięcie pliku zadania (.job). Plik uruchamiany docelowo przez zadanie nie zostanie przeniesiony.)
 
Task: C:\WINDOWS\Tasks\Adobe Flash Player PPAPI Notifier.job => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_19_0_0_245_pepper.exe
Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\DriverToolkit Autorun.job => C:\Program Files (x86)\DriverToolkit\DriverToolkit.exe
 
==================== Załadowane moduły (filtrowane) ==============
 
2015-09-10 16:00 - 2015-09-10 16:00 - 00032768 _____ () C:\WINDOWS\SYSTEM32\licensemanagerapi.dll
2015-09-10 15:12 - 2015-07-23 02:10 - 00116552 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2015-09-11 14:12 - 2015-08-11 10:14 - 00404480 _____ () C:\WINDOWS\System32\diagtrack_wininternal.dll
2015-03-03 17:24 - 2015-10-07 19:28 - 00105640 _____ () C:\Program Files\Microsoft Office 15\ClientX64\ApiClient.dll
2015-10-01 17:09 - 2015-09-17 07:48 - 02494712 _____ () C:\WINDOWS\system32\CoreUIComponents.dll
2015-05-17 12:30 - 2014-01-13 07:24 - 01356568 _____ () C:\Program Files\Tablet\Pen\libxml2.dll
2015-10-01 17:09 - 2015-09-17 07:48 - 02494712 _____ () C:\WINDOWS\System32\CoreUIComponents.dll
2015-10-01 17:08 - 2015-09-17 06:48 - 00429056 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\QuickActions.dll
2015-07-10 11:59 - 2015-07-10 11:59 - 00143360 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\XamlTileRendering.dll
2015-10-01 17:09 - 2015-09-17 06:44 - 06569472 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2015-10-01 17:08 - 2015-09-17 06:42 - 00471040 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2015-10-01 17:08 - 2015-09-17 06:42 - 01808384 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2015-10-01 17:09 - 2015-09-17 06:43 - 02274816 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
2015-07-10 12:00 - 2015-07-10 17:34 - 00210432 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.ProxyStub.dll
2014-03-26 11:50 - 2014-09-08 08:26 - 00058864 _____ () C:\Program Files (x86)\Lenovo\Energy Manager\kbdhook.dll
2013-05-09 16:58 - 2013-05-09 16:58 - 00119808 _____ () C:\Program Files (x86)\Intel\Intel® ME FW Recovery Agent\bin\updateui.exe
2015-05-20 09:20 - 2015-05-20 09:20 - 00479352 _____ () C:\Program Files (x86)\Opera\29.0.1795.60\opera_crashreporter.exe
2015-06-06 08:18 - 2015-06-06 08:18 - 00104400 _____ () C:\Program Files\AVAST Software\Avast\log.dll
2015-06-06 08:18 - 2015-06-06 08:18 - 00081728 _____ () C:\Program Files\AVAST Software\Avast\JsonRpcServer.dll
2015-11-12 07:17 - 2015-11-12 07:17 - 02990592 _____ () C:\Program Files\AVAST Software\Avast\defs\15111102\algo.dll
2015-11-12 18:35 - 2015-11-12 18:35 - 02990592 _____ () C:\Program Files\AVAST Software\Avast\defs\15111200\algo.dll
2014-02-25 15:42 - 2014-02-25 15:42 - 00013576 _____ () C:\Program Files (x86)\Lenovo\Motion Control\PointGrabDeviceAPI.dll
2015-06-06 08:18 - 2015-06-06 08:18 - 40540672 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2010-12-17 11:56 - 2010-12-17 11:56 - 02603520 _____ () C:\Program Files (x86)\Intel\Intel® ME FW Recovery Agent\bin\QtCore4.dll
2013-03-07 11:53 - 2013-03-07 11:53 - 00015872 _____ () C:\Program Files (x86)\Intel\Intel® ME FW Recovery Agent\bin\featureController.dll
2010-12-17 11:56 - 2010-12-17 11:56 - 01006592 _____ () C:\Program Files (x86)\Intel\Intel® ME FW Recovery Agent\bin\QtNetwork4.dll
2010-12-17 11:56 - 2010-12-17 11:56 - 00382464 _____ () C:\Program Files (x86)\Intel\Intel® ME FW Recovery Agent\bin\QtXml4.dll
2010-01-12 15:55 - 2010-01-12 15:55 - 00322048 _____ () C:\Program Files (x86)\Intel\Intel® ME FW Recovery Agent\bin\log4cplus.dll
2010-01-12 15:55 - 2010-01-12 15:55 - 00400384 _____ () C:\Program Files (x86)\Intel\Intel® ME FW Recovery Agent\bin\sqlite3.dll
2010-12-16 11:16 - 2010-12-16 11:16 - 00195584 _____ () C:\Program Files (x86)\Intel\Intel® ME FW Recovery Agent\bin\libgsoap.dll
2010-01-17 22:34 - 2010-01-17 22:34 - 00062464 _____ () C:\Program Files (x86)\Intel\Intel® ME FW Recovery Agent\bin\zlib1.dll
2013-03-07 11:55 - 2013-03-07 11:55 - 00472576 _____ () C:\Program Files (x86)\Intel\Intel® ME FW Recovery Agent\bin\DeviceProfile.dll
2013-03-07 11:58 - 2013-03-07 11:58 - 00499488 _____ () C:\Program Files (x86)\Intel\Intel® ME FW Recovery Agent\bin\plugin\PServerPlugin.dll
2013-03-07 11:54 - 2013-03-07 11:54 - 00013824 _____ () C:\Program Files (x86)\Intel\Intel® ME FW Recovery Agent\bin\eventsSender.dll
2010-12-17 11:56 - 2010-12-17 11:56 - 09224704 _____ () C:\Program Files (x86)\Intel\Intel® ME FW Recovery Agent\bin\QtGui4.dll
2010-12-17 11:56 - 2010-12-17 11:56 - 14978048 _____ () C:\Program Files (x86)\Intel\Intel® ME FW Recovery Agent\bin\QtWebKit4.dll
2010-12-17 11:56 - 2010-12-17 11:56 - 00317952 _____ () C:\Program Files (x86)\Intel\Intel® ME FW Recovery Agent\bin\phonon4.dll
2015-05-20 09:20 - 2015-05-20 09:20 - 00157304 _____ () C:\Program Files (x86)\Opera\29.0.1795.60\message_center_win8.dll
2014-02-25 15:42 - 2014-02-25 15:42 - 02689800 _____ () C:\Program Files (x86)\Lenovo\Motion Control\WebcamSplitterFilter.ax
2015-05-20 09:20 - 2015-05-20 09:20 - 01576568 _____ () C:\Program Files (x86)\Opera\29.0.1795.60\libglesv2.dll
2015-05-20 09:20 - 2015-05-20 09:20 - 00081016 _____ () C:\Program Files (x86)\Opera\29.0.1795.60\libegl.dll
 
==================== Alternate Data Streams (filtrowane) =========
 
(Załączenie wejścia w fixlist spowoduje usunięcie strumienia ADS.)
 
 
==================== Tryb awaryjny (filtrowane) ===================
 
(Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Wartość "AlternateShell" zostanie przywrócona.)
 
 
==================== EXE - Powiązania (filtrowane) ===============
 
(Załączenie wejścia w fixlist spowoduje usunięcie obiektu z rejestru lub przywrócenie jego domyślnej postaci.)
 
 
==================== Internet Explorer - Witryny zaufane i z ograniczeniami ===============
 
(Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru.)
 
 
==================== Inne obszary ============================
 
(Obecnie brak automatycznej naprawy dla tej sekcji.)
 
HKU\S-1-5-21-2839323705-3564200330-1895575039-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Ania\Pictures\Obrazy\11816128_1514797608812092_3592493368307446300_o — kopia.jpg
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Zapora systemu Windows [funkcja włączona]
 
==================== MSCONFIG/TASK MANAGER - Wyłączone elementy ==
 
(Obecnie brak automatycznej naprawy dla tej sekcji.)
 
HKLM\...\StartupApproved\Run: => "Energy Manager"
HKLM\...\StartupApproved\Run: => "OnekeyStudio"
HKLM\...\StartupApproved\Run: => "PhoneCompanion"
HKLM\...\StartupApproved\Run: => "NvBackend"
HKLM\...\StartupApproved\Run: => "RtsFT"
HKLM\...\StartupApproved\Run32: => "Adobe Creative Cloud"
HKLM\...\StartupApproved\Run32: => "Adobe ARM"
HKLM\...\StartupApproved\Run32: => "BambooCore"
HKU\S-1-5-21-2839323705-3564200330-1895575039-1001\...\StartupApproved\Run: => "DAEMON Tools Lite"
HKU\S-1-5-21-2839323705-3564200330-1895575039-1001\...\StartupApproved\Run: => "Pokki"
HKU\S-1-5-21-2839323705-3564200330-1895575039-1001\...\StartupApproved\Run: => "Skype"
HKU\S-1-5-21-2839323705-3564200330-1895575039-1001\...\StartupApproved\Run: => "SoftonicAssistant"
HKU\S-1-5-21-2839323705-3564200330-1895575039-1001\...\StartupApproved\Run: => "Steam"
HKU\S-1-5-21-2839323705-3564200330-1895575039-1001\...\StartupApproved\Run: => "msnmsgr"
 
==================== Reguły Zapory systemu Windows (filtrowane) ===============
 
(Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.)
 
FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [{72CC712D-F89C-4D31-8A19-07B9BFFA5C86}] => (Allow) C:\Program Files (x86)\The Sims 4\Game\Bin\TS4.exe
FirewallRules: [{9D08CA07-3FB1-4FA7-958B-FA70E0F5BE91}] => (Allow) C:\Program Files (x86)\The Sims 4\Game\Bin\TS4.exe
FirewallRules: [UDP Query User{D265985E-7F1E-4EC5-8CCD-A01666038432}C:\program files (x86)\prototype 2\prototype2.exe] => (Allow) C:\program files (x86)\prototype 2\prototype2.exe
FirewallRules: [TCP Query User{8E0BC507-C476-4235-AE9A-CAFD92894C7B}C:\program files (x86)\prototype 2\prototype2.exe] => (Allow) C:\program files (x86)\prototype 2\prototype2.exe
FirewallRules: [{B95A760B-8CD1-449C-9815-367E20ACF7C3}] => (Allow) C:\Users\Ania\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{60184CBC-C4B4-4412-B577-2C04BEB3083B}] => (Allow) C:\Users\Ania\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{DA4F3F01-2DFE-4298-82E2-F8B7DE2D76A2}] => (Allow) C:\Users\Ania\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{BE48EEA2-EB2A-41DE-BB7C-409BA1662F3B}] => (Allow) C:\Users\Ania\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{6D380F8C-91AC-4EA8-A379-D126AF59A435}] => (Allow) C:\Users\Ania\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{3C1C105A-3952-4EF3-9DB0-BEBB68CC57F3}] => (Allow) C:\Users\Ania\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{368D86BB-3014-45AF-AD01-A8E4F33AD79E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Trove\GlyphClient.exe
FirewallRules: [{6BE06833-42EC-4958-93FC-B3E0D2698A5D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Trove\GlyphClient.exe
FirewallRules: [{07ECAF83-DDC4-4DFF-87B9-D2D7A01E2110}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Esenthel\Esenthel DX9.exe
FirewallRules: [{4D6AA62C-0750-4C5E-8DF4-6CDACDAADFC0}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Esenthel\Esenthel DX9.exe
FirewallRules: [{10BADABF-BB9A-46B6-A530-EDE94DA0EAFB}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Esenthel\Esenthel 64.exe
FirewallRules: [{E025F744-602D-41F2-82E1-D69F10B488FD}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Esenthel\Esenthel 64.exe
FirewallRules: [{A71A7341-6490-4499-93FE-EB60BDD5D12E}] => (Allow) C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
FirewallRules: [{571CAA23-E1E9-406F-B615-A3A862BAC0EC}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Spooky's House of Jump Scares\SPOOKY.exe
FirewallRules: [{F4EA67BF-E4B9-47AC-8924-BCB260EDA6FF}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Spooky's House of Jump Scares\SPOOKY.exe
FirewallRules: [{22C21030-CCF3-4788-8C7E-5C4810F95F3A}] => (Allow) C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
FirewallRules: [{1C452CAC-FC0F-4DC6-9DF5-78FAEB1E05C8}] => (Allow) LPort=1900
FirewallRules: [{46191318-DE7A-402D-A128-7D65CFD64CDE}] => (Allow) LPort=2869
FirewallRules: [{341B8996-0FAF-4846-9A0C-865C05BDF4DA}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{C0AAA777-CDEE-47C9-932F-196EA709E445}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\War Thunder\launcher.exe
FirewallRules: [{7479EC75-10E3-4A08-94A3-DCD617F6CBA5}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\War Thunder\launcher.exe
FirewallRules: [{94C51753-5325-4E14-9D01-9B142F4A0F66}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Left 4 Dead 2\left4dead2.exe
FirewallRules: [{0D695A80-D9FA-4EB0-94F4-8EEDD664228E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Left 4 Dead 2\left4dead2.exe
FirewallRules: [{5CE7667F-3F34-4F77-B39D-E0B9CC351F60}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{718E34E8-D986-46FE-A976-2E6404EABE3B}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{7FFDFA30-207D-4E82-B9EE-1918362211CA}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{B57A2BC7-472A-441A-9688-19B4090EC72C}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{3832318E-DE0D-479B-940E-F33913DE6BA2}] => (Allow) C:\Program Files (x86)\Opera\opera.exe
FirewallRules: [{106D17BB-8597-4EE1-806F-3BD4953B6DB6}] => (Allow) C:\Program Files (x86)\Opera\opera.exe
FirewallRules: [UDP Query User{93F39581-7F8F-402B-8A53-983FB5102433}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [TCP Query User{B291EAB6-D98C-4796-BD26-DB2B71FB8C79}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [{30142DAC-9A58-408C-A78F-481124A91F80}] => (Allow) C:\Users\Ania\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe
FirewallRules: [{7EE7DE0C-F0C8-423C-8DC0-2D85BF27BEDB}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\outlook.exe
FirewallRules: [{7BD6F4F9-0186-4016-B0CC-8348B5F28356}] => (Allow) C:\Program Files\Lenovo PhotoMasterImport\PhotoMasterImport.exe
FirewallRules: [{0D1E6F31-16AC-436E-9A89-0044DEC3B122}] => (Allow) LPort=55100
FirewallRules: [{4EE00CD4-28C5-4CF8-BEAA-A5766845E9EB}] => (Allow) C:\Program Files (x86)\Lenovo\SHAREit\SHAREit.exe
FirewallRules: [{60EE6556-C274-41BE-9C37-4A9BD97D0D58}] => (Allow) C:\Program Files (x86)\Lenovo\SHAREit\SHAREit.exe
FirewallRules: [{EA25AB17-F518-4196-B5A1-F060724D570C}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{900713F3-112B-4ED4-8BCC-9795531EA7CF}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{6D9104A9-244D-4838-B0B0-A8932900FDE2}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
FirewallRules: [{3088370C-7140-4F97-AC57-235448D54BA4}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
FirewallRules: [{E9871821-9006-4726-B25B-CB9168D09A17}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{6043DD37-BBD3-4515-8305-5D6A770E83C2}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{61EFAAA9-D0C6-48B2-98D7-528216665FC6}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Rise_of_Incarnates\exe\roi.exe
FirewallRules: [{6D5EAA69-0031-4442-9D76-EDA158CFAB12}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Rise_of_Incarnates\exe\roi.exe
FirewallRules: [{51CC612F-8E18-49A5-B5F7-5E85407F2BCC}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warframe\Warframe.exe
FirewallRules: [{A06755DC-7AFF-4B30-B9E0-CD6F85E8A387}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warframe\Warframe.x64.exe
FirewallRules: [{0757DEFC-2E92-488C-9E3D-4E4868C43CDD}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warframe\Warframe.exe
FirewallRules: [{7C921D1A-B789-44B6-8A46-2DED6844787D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warframe\Warframe.x64.exe
FirewallRules: [{92F3CD6B-F9C3-4568-AFD0-47B3DCD6F31D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warframe\Tools\Launcher.exe
FirewallRules: [{A96E4BEF-58A7-422E-AC15-53C22BA52310}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warframe\Tools\RemoteCrashSender.exe
FirewallRules: [{D575E926-E08E-4A6C-AE22-973CEC9199D0}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warframe\Warframe.exe
FirewallRules: [{D6757900-F2E6-4F3C-93F1-AC332DAC21F8}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warframe\Warframe.x64.exe
FirewallRules: [{6F97068D-78BE-4E7C-AAB7-82C74C878276}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warframe\Warframe.exe
FirewallRules: [{81F3FD01-7040-494A-845A-28F7C969B064}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warframe\Warframe.x64.exe
FirewallRules: [{625FAD66-0961-4C79-B786-CB011FE14037}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warframe\Tools\Launcher.exe
FirewallRules: [{4A2B831D-4B96-41EB-AD84-F0BCC7D1D779}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warframe\Tools\RemoteCrashSender.exe
 
==================== Wadliwe urządzenia w Menedżerze urządzeń =============
 
 
==================== Błędy w Dzienniku zdarzeń: =========================
 
Dziennik Aplikacja:
==================
Error: (11/12/2015 06:58:01 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Przetwarzanie wywołania OnIdentity() w obiekcie System Writer przez Usługi kryptograficzne nie powiodło się.
 
Details:
AddLegacyDriverFiles: Unable to back up image of binary Protokół LLDP (Link-Layer Discovery Protocol) firmy Microsoft.
 
System Error:
Odmowa dostępu.
.
 
Error: (11/12/2015 06:40:00 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nazwa aplikacji powodującej błąd: SystemSettings.exe, wersja: 10.0.10240.16384, sygnatura czasowa: 0x559f39ae
Nazwa modułu powodującego błąd: MusUpdateHandlers.dll, wersja: 10.0.10240.16566, sygnatura czasowa: 0x56277c1b
Kod wyjątku: 0xc0000005
Przesunięcie błędu: 0x000000000002c7a8
Identyfikator procesu powodującego błąd: 0x7c0
Godzina uruchomienia aplikacji powodującej błąd: 0xSystemSettings.exe0
Ścieżka aplikacji powodującej błąd: SystemSettings.exe1
Ścieżka modułu powodującego błąd: SystemSettings.exe2
Identyfikator raportu: SystemSettings.exe3
Pełna nazwa pakietu powodującego błąd: SystemSettings.exe4
Identyfikator aplikacji względem pakietu powodującego błąd: SystemSettings.exe5
 
Error: (11/12/2015 06:37:14 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3011) (User: ZARZĄDZANIE NT)
Description: Unloading the performance counter strings for service WmiApRpl (WmiApRpl) failed. The first DWORD in the Data section contains the error code.
 
Error: (11/12/2015 06:37:14 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3012) (User: ZARZĄDZANIE NT)
Description: The performance strings in the Performance registry value is corrupted when process Performance extension counter provider. The BaseIndex value from the Performance registry is the first DWORD in the Data section, LastCounter value is the second DWORD in the Data section, and LastHelp value is the third DWORD in the Data section.
 
Error: (11/12/2015 06:37:14 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3012) (User: ZARZĄDZANIE NT)
Description: The performance strings in the Performance registry value is corrupted when process Performance extension counter provider. The BaseIndex value from the Performance registry is the first DWORD in the Data section, LastCounter value is the second DWORD in the Data section, and LastHelp value is the third DWORD in the Data section.
 
Error: (11/12/2015 06:37:14 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3012) (User: ZARZĄDZANIE NT)
Description: The performance strings in the Performance registry value is corrupted when process Performance extension counter provider. The BaseIndex value from the Performance registry is the first DWORD in the Data section, LastCounter value is the second DWORD in the Data section, and LastHelp value is the third DWORD in the Data section.
 
Error: (11/12/2015 06:36:24 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Program opera.exe w wersji 29.0.1795.60 przestał współpracować z systemem Windows i został zamknięty. Aby sprawdzić, czy jest dostępnych więcej informacji na temat tego problemu, sprawdź historię problemu w oknie Zabezpieczenia i konserwacja w Panelu sterowania.
 
Identyfikator procesu: 1a88
 
Godzina rozpoczęcia: 01d11d7060f82683
 
Godzina zakończenia: 4
 
Ścieżka aplikacji: C:\Program Files (x86)\Opera\29.0.1795.60\opera.exe
 
Identyfikator raportu: df2ba46b-8963-11e5-8424-f0761c0d1154
 
Pełna nazwa pakietu powodującego błąd: 
 
Identyfikator aplikacji względem pakietu powodującego błąd:
 
Error: (11/12/2015 06:33:40 PM) (Source: NvStreamSvc) (EventID: 1) (User: )
Description: NvStreamSvcNvVAD initialization failed [0]
 
Error: (11/12/2015 06:33:40 PM) (Source: NvStreamSvc) (EventID: 1) (User: )
Description: NvStreamSvcFailed to load Audio DLL [126]
 
Error: (11/12/2015 07:26:07 AM) (Source: Office 2013 Licensing Service) (EventID: 0) (User: )
Description: Subscription licensing service failed: -1073422302
 
 
Dziennik System:
=============
Error: (11/12/2015 06:37:39 PM) (Source: DCOM) (EventID: 10016) (User: ZARZĄDZANIE NT)
Description: właściwe dla aplikacjiLokalnyAktywacja{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}ZARZĄDZANIE NTUSŁUGA LOKALNAS-1-5-19LocalHost (użycie LRPC)NiedostępnyNiedostępny
 
Error: (11/12/2015 06:37:38 PM) (Source: DCOM) (EventID: 10016) (User: ZARZĄDZANIE NT)
Description: właściwe dla aplikacjiLokalnyAktywacja{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}ZARZĄDZANIE NTUSŁUGA LOKALNAS-1-5-19LocalHost (użycie LRPC)NiedostępnyNiedostępny
 
Error: (11/12/2015 06:37:38 PM) (Source: DCOM) (EventID: 10016) (User: ZARZĄDZANIE NT)
Description: właściwe dla aplikacjiLokalnyAktywacja{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}ZARZĄDZANIE NTUSŁUGA LOKALNAS-1-5-19LocalHost (użycie LRPC)NiedostępnyNiedostępny
 
Error: (11/12/2015 06:37:37 PM) (Source: DCOM) (EventID: 10016) (User: ZARZĄDZANIE NT)
Description: właściwe dla aplikacjiLokalnyAktywacja{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}ZARZĄDZANIE NTUSŁUGA LOKALNAS-1-5-19LocalHost (użycie LRPC)NiedostępnyNiedostępny
 
Error: (11/12/2015 06:37:36 PM) (Source: DCOM) (EventID: 10016) (User: ZARZĄDZANIE NT)
Description: właściwe dla aplikacjiLokalnyAktywacja{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}ZARZĄDZANIE NTUSŁUGA LOKALNAS-1-5-19LocalHost (użycie LRPC)NiedostępnyNiedostępny
 
Error: (11/12/2015 06:37:34 PM) (Source: DCOM) (EventID: 10016) (User: ZARZĄDZANIE NT)
Description: właściwe dla aplikacjiLokalnyAktywacja{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}ZARZĄDZANIE NTUSŁUGA LOKALNAS-1-5-19LocalHost (użycie LRPC)NiedostępnyNiedostępny
 
Error: (11/12/2015 06:37:33 PM) (Source: DCOM) (EventID: 10016) (User: ZARZĄDZANIE NT)
Description: właściwe dla aplikacjiLokalnyAktywacja{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}ZARZĄDZANIE NTUSŁUGA LOKALNAS-1-5-19LocalHost (użycie LRPC)NiedostępnyNiedostępny
 
Error: (11/12/2015 06:37:32 PM) (Source: DCOM) (EventID: 10016) (User: ZARZĄDZANIE NT)
Description: właściwe dla aplikacjiLokalnyAktywacja{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}ZARZĄDZANIE NTUSŁUGA LOKALNAS-1-5-19LocalHost (użycie LRPC)NiedostępnyNiedostępny
 
Error: (11/12/2015 06:37:32 PM) (Source: DCOM) (EventID: 10016) (User: ZARZĄDZANIE NT)
Description: właściwe dla aplikacjiLokalnyAktywacja{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}ZARZĄDZANIE NTUSŁUGA LOKALNAS-1-5-19LocalHost (użycie LRPC)NiedostępnyNiedostępny
 
Error: (11/12/2015 06:37:31 PM) (Source: DCOM) (EventID: 10016) (User: ZARZĄDZANIE NT)
Description: właściwe dla aplikacjiLokalnyAktywacja{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}ZARZĄDZANIE NTUSŁUGA LOKALNAS-1-5-19LocalHost (użycie LRPC)NiedostępnyNiedostępny
 
 
==================== Statystyki pamięci =========================== 
 
Procesor: Intel® Core™ i5-4210H CPU @ 2.90GHz
Procent pamięci w użyciu: 36%
Całkowita pamięć fizyczna: 8104.27 MB
Dostępna pamięć fizyczna: 5153.36 MB
Całkowita pamięć wirtualna: 9384.27 MB
Dostępna pamięć wirtualna: 6050.98 MB
 
==================== Dyski ================================
 
Drive c: (Windows8_OS) (Fixed) (Total:889.12 GB) (Free:725.93 GB) NTFS ==>[system z komponentami startowymi (pozyskano odczytując dysk)]
Drive d: (LENOVO) (Fixed) (Total:25 GB) (Free:22.15 GB) NTFS
 
==================== MBR & Tablica partycji ==================
 
========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: 8D039C98)
 
Partition: GPT.
 
==================== Koniec  Addition.txt ============================

 


  • 0

Advertisements

#2
emeraldnzl
Posted 13 November 2015 - 12:41 AM

emeraldnzl

    GeekU Instructor

  • GeekU Moderator
  • 20,051 posts

Hello SawakoChan1,

Welcome to Geekstogo. :)

 

 

I often download things like cracks, keygens for games or movies, games, music and mods for the sims 3.


The use of Keygens and Cracks inevitably leads to infection. Further, it is contrary to this sites Terms of Use.

Go here to read Geekstogo Terms of Use and note in particular article 4 the items Illegal and Infringing of intellectual property rights (such as copyright and trademark rights).

If you continue to do this we will not be able to assist you.

Please confirm you have stopped doing this. Tell me when you return.

 

 

Meantime let's get started.

 

Firstly

 

I wonder if you can help us by uploading a file which will help us in the fight against malware:

 

Please navigate to:

C:\Users\Ania\AppData\Roaming\Opera Software\Opera Stable\Extensions\ecnkeohpccckhnmnblcjopbdmeigbnmm

Copy the file to your desktop, Zip it and attach it to you return post.

To attach a file, do the following:

* Click More Reply Options
* Under the reply panel is the Attachments Editor
* Browse to find the attachment file you want to upload, highlight the file by clicking once on it, then click the Attach This File button

After that

Open notepad.

Please copy the contents of the code box below.

To do this highlight (click in the box and press Ctrl + A) the contents of the box and right click on it. Paste this into the open notepad. Save it to the Desktop as fixlist.txt.

Alternatively type the contents of the box into notepad and save it to your desktop as fixlist.txt.

NOTE. It's important that both files, FRST and fixlist.txt are in the same location or the fix will not work.
 

HKLM\...\Policies\Explorer: [NoFolderOptions] 0
HKLM\...\Policies\Explorer: [NoControlPanel] 0
GroupPolicy: Ograniczenia - Chrome <======= UWAGA
CHR HKLM\SOFTWARE\Policies\Google: Ograniczenia <======= UWAGA
CHR HKU\S-1-5-21-2839323705-3564200330-1895575039-1001\SOFTWARE\Policies\Google: Ograniczenia <======= UWAGA
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.mystartsearch.com/web/?type=ds&ts=1424009907&from=wpc&uid=WDCXWD10S21X-24R1BT0-SSHD-8GB_WD-WX51A24Y5750Y5750&q={searchTerms}
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.mystartsearch.com/?type=hp&ts=1424009907&from=wpc&uid=WDCXWD10S21X-24R1BT0-SSHD-8GB_WD-WX51A24Y5750Y5750
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.mystartsearch.com/web/?type=ds&ts=1424009907&from=wpc&uid=WDCXWD10S21X-24R1BT0-SSHD-8GB_WD-WX51A24Y5750Y5750&q={searchTerms}
HKU\S-1-5-21-2839323705-3564200330-1895575039-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.mystartsearch.com/?type=hp&ts=1424009907&from=wpc&uid=WDCXWD10S21X-24R1BT0-SSHD-8GB_WD-WX51A24Y5750Y5750
HKU\S-1-5-21-2839323705-3564200330-1895575039-1001\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = hxxp://www.lenovo.com
SearchScopes: HKLM -> DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSERBM&pc=MSERT1
SearchScopes: HKLM -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSERBM&pc=MSERT1
SearchScopes: HKLM-x32 -> DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSERBM&pc=MSERT1
SearchScopes: HKLM-x32 -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSERBM&pc=MSERT1
SearchScopes: HKU\S-1-5-21-2839323705-3564200330-1895575039-1001 -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.mystartsearch.com/web/?type=ds&ts=1424009907&from=wpc&uid=WDCXWD10S21X-24R1BT0-SSHD-8GB_WD-WX51A24Y5750Y5750&q={searchTerms}
CHR dev: Chrome dev build wykryto! <======= UWAGA
CHR Extension: (Share link via email) - C:\Users\Ania\AppData\Local\Google\Chrome\User Data\Default\Extensions\ejdbkikfbnnhmachnnomjfgjbgkcnjkb [2015-05-27] [UpdateUrl: hxxps://epicunitscan.info/00service/update2/crx] <==== UWAGA
CHR Extension: (Google Sheets) - C:\Users\Ania\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-04-19] [UpdateUrl: hxxps://epicunitscan.info/00service/update2/crx] <==== UWAGA
CHR Extension: (Bookmark Manager) - C:\Users\Ania\AppData\Local\Google\Chrome\User Data\Default\Extensions\gmlllbghnfkpflemihljekbapjopfjik [2015-04-21] [UpdateUrl: hxxps://epicunitscan.info/00service/update2/crx] <==== UWAGA
CHR Extension: (Lone Tree) - C:\Users\Ania\AppData\Local\Google\Chrome\User Data\Default\Extensions\hfmkllfplegemejikoabfpjdaoncphip [2015-04-21]
CHR Extension: (Double Trans) - C:\Users\Ania\AppData\Local\Google\Chrome\User Data\Default\Extensions\igkpinhkgghcbpmhokkfgjecjndmahle [2015-05-05] [UpdateUrl: hxxps://epicunitscan.info/00service/update2/crx] <==== UWAGA
CHR Extension: (Instant Translate) - C:\Users\Ania\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihmgiclibbndffejedjimfjmfoabpcke [2015-05-05] [UpdateUrl: hxxps://epicunitscan.info/00service/update2/crx] <==== UWAGA
CHR Extension: (Instagram for Chrome Tabs  Instatabs) - C:\Users\Ania\AppData\Local\Google\Chrome\User Data\Default\Extensions\mipnjnddbpbdmbpjafflemfdefjlibod [2015-06-02] [UpdateUrl: hxxps://epicunitscan.info/00service/update2/crx] <==== UWAGA
CHR Extension: (Simply Block Ads) - C:\Users\Ania\AppData\Local\Google\Chrome\User Data\Default\Extensions\nhfjefnfnmmnkcckbjjcganphignempo [2015-07-16] [UpdateUrl: hxxps://mynamedomain.koko/00service/update2/crx] <==== UWAGA
OPR Extension: (High Stairs) - C:\Users\Ania\AppData\Roaming\Opera Software\Opera Stable\Extensions\ecnkeohpccckhnmnblcjopbdmeigbnmm [2015-08-22]
StartMenuInternet: (HKLM) Opera - C:\Program Files (x86)\Opera\Opera.exe hxxp://www.istartsurf.com/?type=sc&ts=1441642877&z=9b3d58a7753363c0c660068gezbz6geqaz0o0m9c8z&from=cornl&uid=WDCXWD10S21X-24R1BT0-SSHD-8GB_WD-WX51A24Y5750Y5750
RemoveProxy:
EmptyTemp:

This script is specifically written for the infection on this person's computer. It should NOT to be used on another machine. It may cause serious damage even to the point of rendering the computer unusable.

Run FRST/FRST64 and press the Fix button just once and wait.
The tool will make a log on the Desktop (Fixlog.txt). Please post it to your reply.

Next

Please download : ADWCleaner to your desktop  (use the Download Now @ BleepingComputer button)..

NOTE: If using Internet Explorer and get an alert that stops the program downloading, click on the warning and allow the download to complete.

Close all programs and click on the AdwCleaner icon. AdwCleaner will update itself and then open.

AdwCleaner.jpg

Click on Scan  and follow the prompts. It may appear not to be doing anything, please be patient and let it run unhindered. When the "Please uncheck elements you don't want to remove" appears just go ahead and click on the Clean button, and follow the prompts. Allow the system to reboot. You will then be presented with the report. Copy and paste back here. If a report doesn't appear, press the report button and Copy & Paste the contents on your next reply.

A copy of the report is also saved in the C:\AdwCleaner folder.

Finally in this post

Please run FRST again.

This time please right click on FRST and change the name to EnglishFRST64.exe  Also please tick the Addition.txt box and post back the two logs generated - FRST.txt and Addition.txt.

So when you return please post

  • Fixlog.txt
  • AdwCleaner log
  • FRST.txt
  • Addition.txt
  • and attach the file we would like to examine

  • 0

#3
SawakoChan1
Posted 15 November 2015 - 05:37 AM

SawakoChan1

    New Member

  • Topic Starter
  • Member
  • Pip
  • 3 posts

Hello, thank you so much for your reply!

I didn't know it's that bad thing, I will stop it then.

 

There is fixlog.txt:

 

 

Rezultat naprawy Farbar Recovery Scan Tool (x64) Wersja:07-11-2015
Uruchomiony przez Sawako (2015-11-15 12:24:36) Run:1
Uruchomiony z C:\Users\Ania\Desktop
Załadowane profile: Sawako (Dostępne profile: Sawako & Administrator)
Tryb startu: Normal
==============================================
 
fixlist - zawartość:
*****************
HKLM\...\Policies\Explorer: [NoFolderOptions] 0
HKLM\...\Policies\Explorer: [NoControlPanel] 0
GroupPolicy: Ograniczenia - Chrome <======= UWAGA
CHR HKLM\SOFTWARE\Policies\Google: Ograniczenia <======= UWAGA
CHR HKU\S-1-5-21-2839323705-3564200330-1895575039-1001\SOFTWARE\Policies\Google: Ograniczenia <======= UWAGA
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.mystartsearch.com/web/?type=ds&ts=1424009907&from=wpc&uid=WDCXWD10S21X-24R1BT0-SSHD-8GB_WD-WX51A24Y5750Y5750&q={searchTerms}
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.mystartsearch.com/?type=hp&ts=1424009907&from=wpc&uid=WDCXWD10S21X-24R1BT0-SSHD-8GB_WD-WX51A24Y5750Y5750
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.mystartsearch.com/web/?type=ds&ts=1424009907&from=wpc&uid=WDCXWD10S21X-24R1BT0-SSHD-8GB_WD-WX51A24Y5750Y5750&q={searchTerms}
HKU\S-1-5-21-2839323705-3564200330-1895575039-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.mystartsearch.com/?type=hp&ts=1424009907&from=wpc&uid=WDCXWD10S21X-24R1BT0-SSHD-8GB_WD-WX51A24Y5750Y5750
HKU\S-1-5-21-2839323705-3564200330-1895575039-1001\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = hxxp://www.lenovo.com
SearchScopes: HKLM -> DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSERBM&pc=MSERT1
SearchScopes: HKLM -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSERBM&pc=MSERT1
SearchScopes: HKLM-x32 -> DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSERBM&pc=MSERT1
SearchScopes: HKLM-x32 -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSERBM&pc=MSERT1
SearchScopes: HKU\S-1-5-21-2839323705-3564200330-1895575039-1001 -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.mystartsearch.com/web/?type=ds&ts=1424009907&from=wpc&uid=WDCXWD10S21X-24R1BT0-SSHD-8GB_WD-WX51A24Y5750Y5750&q={searchTerms}
CHR dev: Chrome dev build wykryto! <======= UWAGA
CHR Extension: (Share link via email) - C:\Users\Ania\AppData\Local\Google\Chrome\User Data\Default\Extensions\ejdbkikfbnnhmachnnomjfgjbgkcnjkb [2015-05-27] [UpdateUrl: hxxps://epicunitscan.info/00service/update2/crx] <==== UWAGA
CHR Extension: (Google Sheets) - C:\Users\Ania\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-04-19] [UpdateUrl: hxxps://epicunitscan.info/00service/update2/crx] <==== UWAGA
CHR Extension: (Bookmark Manager) - C:\Users\Ania\AppData\Local\Google\Chrome\User Data\Default\Extensions\gmlllbghnfkpflemihljekbapjopfjik [2015-04-21] [UpdateUrl: hxxps://epicunitscan.info/00service/update2/crx] <==== UWAGA
CHR Extension: (Lone Tree) - C:\Users\Ania\AppData\Local\Google\Chrome\User Data\Default\Extensions\hfmkllfplegemejikoabfpjdaoncphip [2015-04-21]
CHR Extension: (Double Trans) - C:\Users\Ania\AppData\Local\Google\Chrome\User Data\Default\Extensions\igkpinhkgghcbpmhokkfgjecjndmahle [2015-05-05] [UpdateUrl: hxxps://epicunitscan.info/00service/update2/crx] <==== UWAGA
CHR Extension: (Instant Translate) - C:\Users\Ania\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihmgiclibbndffejedjimfjmfoabpcke [2015-05-05] [UpdateUrl: hxxps://epicunitscan.info/00service/update2/crx] <==== UWAGA
CHR Extension: (Instagram for Chrome Tabs  Instatabs) - C:\Users\Ania\AppData\Local\Google\Chrome\User Data\Default\Extensions\mipnjnddbpbdmbpjafflemfdefjlibod [2015-06-02] [UpdateUrl: hxxps://epicunitscan.info/00service/update2/crx] <==== UWAGA
CHR Extension: (Simply Block Ads) - C:\Users\Ania\AppData\Local\Google\Chrome\User Data\Default\Extensions\nhfjefnfnmmnkcckbjjcganphignempo [2015-07-16] [UpdateUrl: hxxps://mynamedomain.koko/00service/update2/crx] <==== UWAGA
OPR Extension: (High Stairs) - C:\Users\Ania\AppData\Roaming\Opera Software\Opera Stable\Extensions\ecnkeohpccckhnmnblcjopbdmeigbnmm [2015-08-22]
StartMenuInternet: (HKLM) Opera - C:\Program Files (x86)\Opera\Opera.exe hxxp://www.istartsurf.com/?type=sc&ts=1441642877&z=9b3d58a7753363c0c660068gezbz6geqaz0o0m9c8z&from=cornl&uid=WDCXWD10S21X-24R1BT0-SSHD-8GB_WD-WX51A24Y5750Y5750
RemoveProxy:
EmptyTemp:
*****************
 
HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\NoFolderOptions => Wartość pomyślnie usunięto
HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\NoControlPanel => Wartość pomyślnie usunięto
C:\WINDOWS\system32\GroupPolicy\Machine => pomyślnie przeniesiono
C:\WINDOWS\system32\GroupPolicy\GPT.ini => pomyślnie przeniesiono
"HKLM\SOFTWARE\Policies\Google" => klucz pomyślnie usunięto
"HKU\S-1-5-21-2839323705-3564200330-1895575039-1001\SOFTWARE\Policies\Google" => klucz pomyślnie usunięto
HKLM\Software\\Microsoft\Internet Explorer\Main\\Search Page => Wartość pomyślnie przywrócono
HKLM\Software\\Microsoft\Internet Explorer\Main\\Default_Page_URL => Wartość pomyślnie przywrócono
HKLM\Software\\Microsoft\Internet Explorer\Main\\Default_Search_URL => Wartość pomyślnie przywrócono
HKU\S-1-5-21-2839323705-3564200330-1895575039-1001\Software\Microsoft\Internet Explorer\Main\\Default_Page_URL => Wartość pomyślnie przywrócono
HKU\S-1-5-21-2839323705-3564200330-1895575039-1001\Software\Microsoft\Internet Explorer\Main\\Default_Secondary_Page_URL => Wartość pomyślnie usunięto
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => Wartość pomyślnie przywrócono
"HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}" => klucz pomyślnie usunięto
HKCR\CLSID\{33BB0A4E-99AF-4226-BDF6-49120163DE86} => klucz nie znaleziono. 
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => Wartość pomyślnie przywrócono
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}" => klucz pomyślnie usunięto
HKCR\Wow6432Node\CLSID\{33BB0A4E-99AF-4226-BDF6-49120163DE86} => klucz nie znaleziono. 
"HKU\S-1-5-21-2839323705-3564200330-1895575039-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}" => klucz pomyślnie usunięto
HKCR\CLSID\{33BB0A4E-99AF-4226-BDF6-49120163DE86} => klucz nie znaleziono. 
CHR dev: Chrome dev build wykryto! <======= UWAGA => Błąd: Nie znaleziono automatycznej naprawy dla tego wejścia.
C:\Users\Ania\AppData\Local\Google\Chrome\User Data\Default\Extensions\ejdbkikfbnnhmachnnomjfgjbgkcnjkb <==== UWAGA => nie znaleziono
C:\Users\Ania\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap <==== UWAGA => nie znaleziono
C:\Users\Ania\AppData\Local\Google\Chrome\User Data\Default\Extensions\gmlllbghnfkpflemihljekbapjopfjik <==== UWAGA => nie znaleziono
C:\Users\Ania\AppData\Local\Google\Chrome\User Data\Default\Extensions\hfmkllfplegemejikoabfpjdaoncphip => pomyślnie przeniesiono
C:\Users\Ania\AppData\Local\Google\Chrome\User Data\Default\Extensions\igkpinhkgghcbpmhokkfgjecjndmahle <==== UWAGA => nie znaleziono
C:\Users\Ania\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihmgiclibbndffejedjimfjmfoabpcke <==== UWAGA => nie znaleziono
C:\Users\Ania\AppData\Local\Google\Chrome\User Data\Default\Extensions\mipnjnddbpbdmbpjafflemfdefjlibod <==== UWAGA => nie znaleziono
C:\Users\Ania\AppData\Local\Google\Chrome\User Data\Default\Extensions\nhfjefnfnmmnkcckbjjcganphignempo <==== UWAGA => nie znaleziono
C:\Users\Ania\AppData\Roaming\Opera Software\Opera Stable\Extensions\ecnkeohpccckhnmnblcjopbdmeigbnmm => pomyślnie przeniesiono
HKLM\SOFTWARE\Clients\StartMenuInternet\(HKLM) Opera\shell\open\command\\Default => Wartość pomyślnie przywrócono
 
========= RemoveProxy: =========
 
HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings => Wartość pomyślnie usunięto
HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings => Wartość pomyślnie usunięto
HKU\S-1-5-21-2839323705-3564200330-1895575039-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings => Wartość pomyślnie usunięto
HKU\S-1-5-21-2839323705-3564200330-1895575039-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings => Wartość pomyślnie usunięto
 
 
========= Koniec  RemoveProxy: =========
 
EmptyTemp: => 3.3 GB danych tymczasowych Usunięto.
 
 
System wymagał restartu.
 
==== Koniec  Fixlog 12:26:49 ====
 
 
 

Attached Files


  • 0

#4
SawakoChan1
Posted 15 November 2015 - 06:01 AM

SawakoChan1

    New Member

  • Topic Starter
  • Member
  • Pip
  • 3 posts
From the AdwCleaner:
 
# AdwCleaner v5.021 - Utworzono raport 15/11/2015 o 12:49:40
# Ostatnia aktualizacja 14/11/2015 przez Xplode
# Baza danych : 2015-11-13.3 [Serwer]
# System operacyjny : Windows 10 Home  (x64)
# Nazwa użytkownika : Sawako - LENOVO-PC
# Lokalizacja programu : C:\Users\Ania\Downloads\AdwCleaner.exe
# Działanie : Usuń
 
***** [ Usługi ] *****
 
 
***** [ Foldery ] *****
 
[-] Folder usunięto : C:\Program Files (x86)\ExstraSavings
[-] Folder usunięto : C:\Program Files (x86)\RoboSaver
[-] Folder usunięto : C:\Program Files (x86)\LenovoBrowserGuard
[-] Folder usunięto : C:\Program Files (x86)\DriverToolkit
[-] Folder usunięto : C:\Program Files (x86)\SaveLots
[-] Folder usunięto : C:\Program Files (x86)\Emotee
[-] Folder usunięto : C:\Program Files (x86)\SFK
[-] Folder usunięto : C:\Program Files (x86)\AllCheappPrIcei
[-] Folder usunięto : C:\Program Files (x86)\bestadblocker
[-] Folder usunięto : C:\Program Files (x86)\CouatThuePrice
[-] Folder usunięto : C:\Program Files (x86)\DDowNSaaVe
[-] Folder usunięto : C:\Program Files (x86)\DealExpreses
[-] Folder usunięto : C:\Program Files (x86)\DigiCCoupooan
[-] Folder usunięto : C:\Program Files (x86)\DigiCoupion
[-] Folder usunięto : C:\Program Files (x86)\DigiSaveer
[-] Folder usunięto : C:\Program Files (x86)\DoownSAve
[-] Folder usunięto : C:\Program Files (x86)\DoownSSaaVe
[-] Folder usunięto : C:\Program Files (x86)\EXstraaCooUpon
[!] Folder Nie usunięto : C:\Program Files (x86)\ExstRaSaVinGs
[-] Folder usunięto : C:\Program Files (x86)\ExstraSavingsa
[-] Folder usunięto : C:\Program Files (x86)\ExsTTraaCoupon
[-] Folder usunięto : C:\Program Files (x86)\FINidBestDeal
[-] Folder usunięto : C:\Program Files (x86)\FunDDeAls
[-] Folder usunięto : C:\Program Files (x86)\FunDealS
[-] Folder usunięto : C:\Program Files (x86)\FUNDeAolss
[-] Folder usunięto : C:\Program Files (x86)\FuunDeaols
[-] Folder usunięto : C:\Program Files (x86)\Isaveru
[-] Folder usunięto : C:\Program Files (x86)\JoniCCoupoN
[-] Folder usunięto : C:\Program Files (x86)\JoniCouPon
[-] Folder usunięto : C:\Program Files (x86)\MInimuumPariice
[-] Folder usunięto : C:\Program Files (x86)\NewSaaveR
[-] Folder usunięto : C:\Program Files (x86)\NewSavveer
[-] Folder usunięto : C:\Program Files (x86)\RaandomPricee
[-] Folder usunięto : C:\Program Files (x86)\RanDomPrice
[!] Folder Nie usunięto : C:\Program Files (x86)\RoboSAver
[-] Folder usunięto : C:\Program Files (x86)\RRoboSavueRR
[-] Folder usunięto : C:\Program Files (x86)\SaaverEExtension
[-] Folder usunięto : C:\Program Files (x86)\SaeveerExtennsiuoon
[-] Folder usunięto : C:\Program Files (x86)\SaveerEExTTensiona
[!] Folder Nie usunięto : C:\Program Files (x86)\SaveLOts
[-] Folder usunięto : C:\Program Files (x86)\SaverEeXtenssion
[-] Folder usunięto : C:\Program Files (x86)\TiakeeThaeCoupon
[-] Folder usunięto : C:\Program Files (x86)\UniDeaLsee
[-] Folder usunięto : C:\Program Files (x86)\UnniDeaalsi
[-] Folder usunięto : C:\Program Files (x86)\UUniDealssa
[-] Folder usunięto : C:\ProgramData\11044183195865621832
[-] Folder usunięto : C:\ProgramData\6WdsManPro6
[-] Folder usunięto : C:\ProgramData\9944d21a1fe8a548
[-] Folder usunięto : C:\ProgramData\{08959091-03e6-d456-0895-5909103e4244}
[-] Folder usunięto : C:\ProgramData\{09fb6351-a768-9ddd-09fb-b6351a768d46}
[-] Folder usunięto : C:\ProgramData\{946407e4-db71-9bc9-9464-407e4db71f93}
[-] Folder usunięto : C:\ProgramData\plljnenphpihhmgmpkbmhlhlidijgakj
[-] Folder usunięto : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DriverToolkit
[-] Folder usunięto : C:\Users\Ania\AppData\Local\SoftonicAssistant
[-] Folder usunięto : C:\Users\Ania\AppData\Local\LenovoBrowserGuard
[-] Folder usunięto : C:\Users\Ania\AppData\Local\DriverToolkit
[!] Folder Nie usunięto : C:\Users\Ania\AppData\Local\SoftonicAssistant
[!] Folder Nie usunięto : C:\Users\Ania\AppData\Local\LenovoBrowserGuard
[!] Folder Nie usunięto : C:\Users\Ania\AppData\Local\DriverToolkit
[-] Folder usunięto : C:\Users\Ania\AppData\Local\Google\Chrome\User Data\Default\Extensions\ejdbkikfbnnhmachnnomjfgjbgkcnjkb
[-] Folder usunięto : C:\Users\Ania\AppData\Local\Google\Chrome\User Data\Default\Extensions\mipnjnddbpbdmbpjafflemfdefjlibod
[-] Folder usunięto : C:\Users\Ania\AppData\Local\Google\Chrome\User Data\Default\Extensions\nhfjefnfnmmnkcckbjjcganphignempo
[!] Folder Nie usunięto : C:\Users\Ania\AppData\Local\Google\Chrome\User Data\Default\Extensions\ejdbkikfbnnhmachnnomjfgjbgkcnjkb
[!] Folder Nie usunięto : C:\Users\Ania\AppData\Local\Google\Chrome\User Data\Default\Extensions\mipnjnddbpbdmbpjafflemfdefjlibod
[!] Folder Nie usunięto : C:\Users\Ania\AppData\Local\Google\Chrome\User Data\Default\Extensions\nhfjefnfnmmnkcckbjjcganphignempo
[!] Folder Nie usunięto : C:\Users\Ania\AppData\Local\Google\Chrome\User Data\Default\Extensions\ejdbkikfbnnhmachnnomjfgjbgkcnjkb
[!] Folder Nie usunięto : C:\Users\Ania\AppData\Local\Google\Chrome\User Data\Default\Extensions\mipnjnddbpbdmbpjafflemfdefjlibod
[!] Folder Nie usunięto : C:\Users\Ania\AppData\Local\Google\Chrome\User Data\Default\Extensions\nhfjefnfnmmnkcckbjjcganphignempo
[!] Folder Nie usunięto : C:\Users\Ania\AppData\Local\Google\Chrome\User Data\Default\Extensions\ejdbkikfbnnhmachnnomjfgjbgkcnjkb
[!] Folder Nie usunięto : C:\Users\Ania\AppData\Local\Google\Chrome\User Data\Default\Extensions\mipnjnddbpbdmbpjafflemfdefjlibod
[!] Folder Nie usunięto : C:\Users\Ania\AppData\Local\Google\Chrome\User Data\Default\Extensions\nhfjefnfnmmnkcckbjjcganphignempo
[-] Folder usunięto : C:\Users\Ania\AppData\Roaming\istartsurf
[!] Folder Nie usunięto : C:\Users\Ania\AppData\Roaming\istartsurf
 
***** [ Pliki ] *****
 
[-] Plik usunięto : C:\WINDOWS\SysNative\VisualDiscoveryOff.ini
[-] Plik usunięto : C:\WINDOWS\SysWOW64\VisualDiscovery.ini
[-] Plik usunięto : C:\WINDOWS\SysWOW64\VisualDiscoveryOff.ini
 
***** [ DLLs ] *****
 
 
***** [ Skróty ] *****
 
 
***** [ Zaplanowane zadania ] *****
 
 
***** [ Rejestr ] *****
 
[-] Klucz usunięto : HKCU\Software\Classes\pokki
[-] Klucz usunięto : HKLM\SOFTWARE\CLASSES\VISUALDISCOVERYLIB.WFPCONTROLLER.1
[-] Klucz usunięto : HKLM\SOFTWARE\CLASSES\VISUALDISCOVERYLIB.WFPCONTROLLER
[-] Klucz usunięto : HKLM\SOFTWARE\CLASSES\VISUALDISCOVERYLIB.READONLYMANAGER.1
[-] Klucz usunięto : HKLM\SOFTWARE\CLASSES\VISUALDISCOVERYLIB.READONLYMANAGER
[-] Klucz usunięto : HKLM\SOFTWARE\CLASSES\VISUALDISCOVERYLIB.LSPLOGIC.1
[-] Klucz usunięto : HKLM\SOFTWARE\CLASSES\VISUALDISCOVERYLIB.LSPLOGIC
[-] Klucz usunięto : HKLM\SOFTWARE\CLASSES\VISUALDISCOVERYLIB.DATATABLEHOLDER.1
[-] Klucz usunięto : HKLM\SOFTWARE\CLASSES\VISUALDISCOVERYLIB.DATATABLEHOLDER
[-] Klucz usunięto : HKLM\SOFTWARE\CLASSES\VISUALDISCOVERYLIB.DATATABLEFIELDS.1
[-] Klucz usunięto : HKLM\SOFTWARE\CLASSES\VISUALDISCOVERYLIB.DATATABLEFIELDS
[-] Klucz usunięto : HKLM\SOFTWARE\CLASSES\VISUALDISCOVERYLIB.DATATABLE.1
[-] Klucz usunięto : HKLM\SOFTWARE\CLASSES\VISUALDISCOVERYLIB.DATATABLE
[-] Klucz usunięto : HKLM\SOFTWARE\CLASSES\VISUALDISCOVERYLIB.DATACONTROLLER.1
[-] Klucz usunięto : HKLM\SOFTWARE\CLASSES\VISUALDISCOVERYLIB.DATACONTROLLER
[-] Klucz usunięto : HKLM\SOFTWARE\CLASSES\VISUALDISCOVERYLIB.DATACONTAINER.1
[-] Klucz usunięto : HKLM\SOFTWARE\CLASSES\VISUALDISCOVERYLIB.DATACONTAINER
[-] Klucz usunięto : HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\WdsManPro
[-] Klucz usunięto : HKLM\SOFTWARE\Classes\P1838BA68_A95E_4384_904F_D0B0DC465B86_.P1838BA68_A95E_4384_904F_D0B0DC465B86_
[-] Klucz usunięto : HKLM\SOFTWARE\Classes\P1838BA68_A95E_4384_904F_D0B0DC465B86_.P1838BA68_A95E_4384_904F_D0B0DC465B86_.9
[-] Klucz usunięto : HKLM\SOFTWARE\Classes\P2dd77035_851f_4a64_961d_daa78e0970a2_.P2dd77035_851f_4a64_961d_daa78e0970a2_
[-] Klucz usunięto : HKLM\SOFTWARE\Classes\P2dd77035_851f_4a64_961d_daa78e0970a2_.P2dd77035_851f_4a64_961d_daa78e0970a2_.9
[-] Klucz usunięto : HKLM\SOFTWARE\Classes\P30dd955c_608c_477a_b98c_df3e3a0cabdb_.P30dd955c_608c_477a_b98c_df3e3a0cabdb_
[-] Klucz usunięto : HKLM\SOFTWARE\Classes\P30dd955c_608c_477a_b98c_df3e3a0cabdb_.P30dd955c_608c_477a_b98c_df3e3a0cabdb_.9
[-] Klucz usunięto : HKLM\SOFTWARE\Classes\P330D08E9_7234_4CE6_A19B_496F962085D5_.P330D08E9_7234_4CE6_A19B_496F962085D5_
[-] Klucz usunięto : HKLM\SOFTWARE\Classes\P330D08E9_7234_4CE6_A19B_496F962085D5_.P330D08E9_7234_4CE6_A19B_496F962085D5_.9
[-] Klucz usunięto : HKLM\SOFTWARE\Classes\P367350da_7b1e_4787_bb95_8df5a8fa5907_.P367350da_7b1e_4787_bb95_8df5a8fa5907_
[-] Klucz usunięto : HKLM\SOFTWARE\Classes\P367350da_7b1e_4787_bb95_8df5a8fa5907_.P367350da_7b1e_4787_bb95_8df5a8fa5907_.9
[-] Klucz usunięto : HKLM\SOFTWARE\Classes\P417CA8C6_4801_4D87_8A89_A1360F68DB0B_.P417CA8C6_4801_4D87_8A89_A1360F68DB0B_
[-] Klucz usunięto : HKLM\SOFTWARE\Classes\P417CA8C6_4801_4D87_8A89_A1360F68DB0B_.P417CA8C6_4801_4D87_8A89_A1360F68DB0B_.9
[-] Klucz usunięto : HKLM\SOFTWARE\Classes\P62527409_7df7_4137_8292_e9786e233fa0_.P62527409_7df7_4137_8292_e9786e233fa0_
[-] Klucz usunięto : HKLM\SOFTWARE\Classes\P62527409_7df7_4137_8292_e9786e233fa0_.P62527409_7df7_4137_8292_e9786e233fa0_.9
[-] Klucz usunięto : HKLM\SOFTWARE\Classes\P7B47B4E5_78F3_4308_9FAA_4F9FC8411FAD_.P7B47B4E5_78F3_4308_9FAA_4F9FC8411FAD_
[-] Klucz usunięto : HKLM\SOFTWARE\Classes\P7B47B4E5_78F3_4308_9FAA_4F9FC8411FAD_.P7B47B4E5_78F3_4308_9FAA_4F9FC8411FAD_.9
[-] Klucz usunięto : HKLM\SOFTWARE\Classes\Pd7bb3d47_7724_43cc_96e0_90bbca2112f8_.Pd7bb3d47_7724_43cc_96e0_90bbca2112f8_
[-] Klucz usunięto : HKLM\SOFTWARE\Classes\Pd7bb3d47_7724_43cc_96e0_90bbca2112f8_.Pd7bb3d47_7724_43cc_96e0_90bbca2112f8_.9
[-] Klucz usunięto : HKLM\SOFTWARE\Classes\Pe6359f0a_1ee2_495a_9c86_ba0ec1999b65_.Pe6359f0a_1ee2_495a_9c86_ba0ec1999b65_
[-] Klucz usunięto : HKLM\SOFTWARE\Classes\Pe6359f0a_1ee2_495a_9c86_ba0ec1999b65_.Pe6359f0a_1ee2_495a_9c86_ba0ec1999b65_.9
[-] Klucz usunięto : HKLM\SOFTWARE\Classes\PF8091CD6_A547_41CE_8FBB_5F242C74573E_.PF8091CD6_A547_41CE_8FBB_5F242C74573E_
[-] Klucz usunięto : HKLM\SOFTWARE\Classes\PF8091CD6_A547_41CE_8FBB_5F242C74573E_.PF8091CD6_A547_41CE_8FBB_5F242C74573E_.9
[-] Klucz usunięto : HKLM\SOFTWARE\a3abdd8b-e885-e01b-e1c9-1dce732d5149
[-] Klucz usunięto : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{12DA0E6F-5543-440C-BAA2-28BF01070AFA}{229c2d9f}
[-] Klucz usunięto : HKLM\SOFTWARE\Classes\AppID\{4D076AB4-7562-427A-B5D2-BD96E19DEE56}
[-] Klucz usunięto : HKCU\Software\Classes\CLSID\{F28C2F70-47DE-4EA5-8F6D-7D1476CD1EF5}
[-] Klucz usunięto : HKLM\SOFTWARE\Classes\CLSID\{533403E2-6E21-4615-9E28-43F4E97E977B}
[-] Klucz usunięto : HKLM\SOFTWARE\Classes\CLSID\{826D7151-8D99-434B-8540-082B8C2AE556}
[-] Klucz usunięto : HKLM\SOFTWARE\Classes\CLSID\{F83D1872-D9FF-47F8-B5A0-49CC51E24EE8}
[-] Klucz usunięto : HKLM\SOFTWARE\Classes\CLSID\{02966FA9-C01A-47E7-A169-C83AEA1FB0BA}
[-] Klucz usunięto : HKLM\SOFTWARE\Classes\CLSID\{9AD5C084-B6E6-456A-8BA2-A559663780E5}
[-] Klucz usunięto : HKLM\SOFTWARE\Classes\CLSID\{70C7334A-66D9-46DE-A4E2-6B923C7DB94E}
[-] Klucz usunięto : HKLM\SOFTWARE\Classes\CLSID\{5780633B-414C-446F-8EB2-FF1C9A731C99}
[-] Klucz usunięto : HKLM\SOFTWARE\Classes\CLSID\{4EECDED2-40FB-4500-85B4-86FB0EBECA68}
[-] Klucz usunięto : HKLM\SOFTWARE\Classes\CLSID\{10A7F29D-4B00-40EC-B07D-8616DF8135E6}
[-] Klucz usunięto : HKLM\SOFTWARE\Classes\CLSID\{05FF6A00-76A3-4AA1-A9A4-A782152ABE60}
[-] Klucz usunięto : HKLM\SOFTWARE\Classes\CLSID\{45E60E41-85EE-4C01-9DAC-1ECB9BF64179}
[-] Klucz usunięto : HKLM\SOFTWARE\Classes\CLSID\{1838BA68-A95E-4384-904F-D0B0DC465B86}
[-] Klucz usunięto : HKLM\SOFTWARE\Classes\CLSID\{2dd77035-851f-4a64-961d-daa78e0970a2}
[-] Klucz usunięto : HKLM\SOFTWARE\Classes\CLSID\{30dd955c-608c-477a-b98c-df3e3a0cabdb}
[-] Klucz usunięto : HKLM\SOFTWARE\Classes\CLSID\{330D08E9-7234-4CE6-A19B-496F962085D5}
[-] Klucz usunięto : HKLM\SOFTWARE\Classes\CLSID\{367350da-7b1e-4787-bb95-8df5a8fa5907}
[-] Klucz usunięto : HKLM\SOFTWARE\Classes\CLSID\{417CA8C6-4801-4D87-8A89-A1360F68DB0B}
[-] Klucz usunięto : HKLM\SOFTWARE\Classes\CLSID\{62527409-7df7-4137-8292-e9786e233fa0}
[-] Klucz usunięto : HKLM\SOFTWARE\Classes\CLSID\{7B47B4E5-78F3-4308-9FAA-4F9FC8411FAD}
[-] Klucz usunięto : HKLM\SOFTWARE\Classes\CLSID\{d7bb3d47-7724-43cc-96e0-90bbca2112f8}
[-] Klucz usunięto : HKLM\SOFTWARE\Classes\CLSID\{e6359f0a-1ee2-495a-9c86-ba0ec1999b65}
[-] Klucz usunięto : HKLM\SOFTWARE\Classes\CLSID\{F8091CD6-A547-41CE-8FBB-5F242C74573E}
[-] Klucz usunięto : HKLM\SOFTWARE\Classes\Interface\{0FCE4F01-64EC-42F1-83E1-1E08D38605D2}
[-] Klucz usunięto : HKLM\SOFTWARE\Classes\Interface\{1A2A195A-A0F9-4006-AF02-3F05EEFDE792}
[-] Klucz usunięto : HKLM\SOFTWARE\Classes\Interface\{2D9DB233-DC4B-4677-946C-5FA5ABCF506B}
[-] Klucz usunięto : HKLM\SOFTWARE\Classes\Interface\{3AE76A17-C344-4A83-81CE-65EFEE41E42D}
[-] Klucz usunięto : HKLM\SOFTWARE\Classes\Interface\{4C0A69B0-CE97-42B7-86FC-08280C99C74D}
[-] Klucz usunięto : HKLM\SOFTWARE\Classes\Interface\{4E9EB4D5-C929-4005-AC62-1856B1DA5A24}
[-] Klucz usunięto : HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8FFE}
[-] Klucz usunięto : HKLM\SOFTWARE\Classes\Interface\{8FAF962C-3EDE-405E-B1D0-62B8235C6044}
[-] Klucz usunięto : HKLM\SOFTWARE\Classes\Interface\{C1F5E799-B218-4C32-B189-3C389BA140BB}
[-] Klucz usunięto : HKLM\SOFTWARE\Classes\Interface\{F60C9408-3110-4C98-A139-ABE1EE1111DD}
[-] Klucz usunięto : HKLM\SOFTWARE\Classes\Interface\{2E5FA7B4-61A2-4662-BBCE-62BBB20FC649}
[-] Klucz usunięto : HKLM\SOFTWARE\Classes\Interface\{5D7F05E3-075A-43AF-8BC7-21E2F7F38845}
[-] Klucz usunięto : HKLM\SOFTWARE\Classes\Interface\{617E26CE-E6E1-4C75-A68A-A001F2B98491}
[-] Klucz usunięto : HKLM\SOFTWARE\Classes\Interface\{79FBDBEA-A722-4ABD-BEC0-B7D463F6BA0E}
[-] Klucz usunięto : HKLM\SOFTWARE\Classes\Interface\{8128586C-DF69-4266-873F-CF4C6F705A7C}
[-] Klucz usunięto : HKLM\SOFTWARE\Classes\Interface\{C1F9CFCE-A7DC-4072-8B31-1DEA57004C86}
[-] Klucz usunięto : HKLM\SOFTWARE\Classes\Interface\{EA4AD895-2A7F-430E-B973-DEE6C4E743A9}
[-] Klucz usunięto : HKLM\SOFTWARE\Classes\Interface\{EBF4B60F-A863-426F-BE6F-5DFE83BC574F}
[-] Klucz usunięto : HKLM\SOFTWARE\Classes\Interface\{0347B640-EC8E-4F40-AFAE-E4B4285C61BE}
[-] Klucz usunięto : HKLM\SOFTWARE\Classes\Interface\{03FF7591-BAC2-4ECE-9B67-BB2AF2978B7D}
[-] Klucz usunięto : HKLM\SOFTWARE\Classes\Interface\{042283F9-E8DA-4ADC-B49F-70931EC3024D}
[-] Klucz usunięto : HKLM\SOFTWARE\Classes\Interface\{138E44EF-8988-4DC7-8F48-FBC4FCEF83D1}
[-] Klucz usunięto : HKLM\SOFTWARE\Classes\Interface\{14041915-01CF-49F0-B66B-D2F34A1C2F56}
[-] Klucz usunięto : HKLM\SOFTWARE\Classes\Interface\{308CC797-335F-40D4-9D94-16D78AE8FFB0}
[-] Klucz usunięto : HKLM\SOFTWARE\Classes\Interface\{30D9CA50-31B3-4A44-B5C5-57842CC47966}
[-] Klucz usunięto : HKLM\SOFTWARE\Classes\Interface\{4A3639A7-C0B4-49C2-AF0C-D0403F67F2FC}
[-] Klucz usunięto : HKLM\SOFTWARE\Classes\Interface\{5B7E6638-C2A1-456B-ADDF-DE9A57CDEC94}
[-] Klucz usunięto : HKLM\SOFTWARE\Classes\Interface\{60E253B6-E1B0-42EB-970F-3F579B23012F}
[-] Klucz usunięto : HKLM\SOFTWARE\Classes\Interface\{62D5037E-9580-4A49-B8A4-3E509C96FF7E}
[-] Klucz usunięto : HKLM\SOFTWARE\Classes\Interface\{6A756B02-6462-41A2-B0E9-E555AEF30750}
[-] Klucz usunięto : HKLM\SOFTWARE\Classes\TypeLib\{11549FE4-7C5A-4C17-9FC3-56FC5162A994}
[-] Klucz usunięto : HKLM\SOFTWARE\Classes\TypeLib\{CB6BF8B6-E12B-42FA-A478-91BCCDE475DC}
[-] Klucz usunięto : HKLM\SOFTWARE\Classes\TypeLib\{33B8CF8E-1B37-40DD-A652-F97EDFCA9565}
[-] Klucz usunięto : HKLM\SOFTWARE\Classes\TypeLib\{41F978F3-431A-4464-A789-5C0692D562FB}
[-] Klucz usunięto : HKLM\SOFTWARE\Classes\TypeLib\{803C743C-7D37-4334-8BB0-B7716237AED6}
[-] Klucz usunięto : HKLM\SOFTWARE\Classes\TypeLib\{89310413-97E0-4F09-AA75-390A7F4D4918}
[-] Klucz usunięto : HKLM\SOFTWARE\Classes\TypeLib\{917A80E3-C425-4F5F-B8D3-4804A0CCA924}
[-] Klucz usunięto : HKLM\SOFTWARE\Classes\TypeLib\{CC6F4F54-6EF8-4E84-BDC6-ABC6F83100BE}
[-] Klucz usunięto : HKLM\SOFTWARE\Classes\TypeLib\{C24945D5-6501-485A-93C0-ACDE4032585A}
[-] Klucz usunięto : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{45E60E41-85EE-4C01-9DAC-1ECB9BF64179}
[-] Klucz usunięto : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{45E60E41-85EE-4C01-9DAC-1ECB9BF64179}
[-] Klucz usunięto : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{2dd77035-851f-4a64-961d-daa78e0970a2}
[-] Klucz usunięto : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{367350da-7b1e-4787-bb95-8df5a8fa5907}
[-] Klucz usunięto : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{62527409-7df7-4137-8292-e9786e233fa0}
[-] Klucz usunięto : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{d7bb3d47-7724-43cc-96e0-90bbca2112f8}
[-] Klucz usunięto : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{45E60E41-85EE-4C01-9DAC-1ECB9BF64179}
[-] Klucz usunięto : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{2dd77035-851f-4a64-961d-daa78e0970a2}
[-] Klucz usunięto : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{367350da-7b1e-4787-bb95-8df5a8fa5907}
[-] Klucz usunięto : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{62527409-7df7-4137-8292-e9786e233fa0}
[-] Klucz usunięto : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{d7bb3d47-7724-43cc-96e0-90bbca2112f8}
[-] Klucz usunięto : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{1838BA68-A95E-4384-904F-D0B0DC465B86}
[-] Klucz usunięto : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{2dd77035-851f-4a64-961d-daa78e0970a2}
[-] Klucz usunięto : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{30dd955c-608c-477a-b98c-df3e3a0cabdb}
[-] Klucz usunięto : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{330D08E9-7234-4CE6-A19B-496F962085D5}
[-] Klucz usunięto : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{367350da-7b1e-4787-bb95-8df5a8fa5907}
[-] Klucz usunięto : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{417CA8C6-4801-4D87-8A89-A1360F68DB0B}
[-] Klucz usunięto : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{62527409-7df7-4137-8292-e9786e233fa0}
[-] Klucz usunięto : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{7B47B4E5-78F3-4308-9FAA-4F9FC8411FAD}
[-] Klucz usunięto : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{d7bb3d47-7724-43cc-96e0-90bbca2112f8}
[-] Klucz usunięto : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{e6359f0a-1ee2-495a-9c86-ba0ec1999b65}
[-] Klucz usunięto : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{F8091CD6-A547-41CE-8FBB-5F242C74573E}
[-] Wartość usunięto : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID [{1838BA68-A95E-4384-904F-D0B0DC465B86}]
[-] Wartość usunięto : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID [{30dd955c-608c-477a-b98c-df3e3a0cabdb}]
[-] Wartość usunięto : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID [{330D08E9-7234-4CE6-A19B-496F962085D5}]
[-] Wartość usunięto : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID [{417CA8C6-4801-4D87-8A89-A1360F68DB0B}]
[-] Wartość usunięto : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID [{7B47B4E5-78F3-4308-9FAA-4F9FC8411FAD}]
[-] Wartość usunięto : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID [{e6359f0a-1ee2-495a-9c86-ba0ec1999b65}]
[-] Wartość usunięto : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID [{F8091CD6-A547-41CE-8FBB-5F242C74573E}]
[-] Klucz usunięto : [x64] HKLM\SOFTWARE\Classes\CLSID\{1838BA68-A95E-4384-904F-D0B0DC465B86}
[-] Klucz usunięto : [x64] HKLM\SOFTWARE\Classes\CLSID\{30dd955c-608c-477a-b98c-df3e3a0cabdb}
[-] Klucz usunięto : [x64] HKLM\SOFTWARE\Classes\CLSID\{330D08E9-7234-4CE6-A19B-496F962085D5}
[-] Klucz usunięto : [x64] HKLM\SOFTWARE\Classes\CLSID\{417CA8C6-4801-4D87-8A89-A1360F68DB0B}
[-] Klucz usunięto : [x64] HKLM\SOFTWARE\Classes\CLSID\{62527409-7df7-4137-8292-e9786e233fa0}
[-] Klucz usunięto : [x64] HKLM\SOFTWARE\Classes\CLSID\{7B47B4E5-78F3-4308-9FAA-4F9FC8411FAD}
[-] Klucz usunięto : [x64] HKLM\SOFTWARE\Classes\CLSID\{e6359f0a-1ee2-495a-9c86-ba0ec1999b65}
[-] Klucz usunięto : [x64] HKLM\SOFTWARE\Classes\CLSID\{F8091CD6-A547-41CE-8FBB-5F242C74573E}
[-] Klucz usunięto : [x64] HKLM\SOFTWARE\Classes\Interface\{0FCE4F01-64EC-42F1-83E1-1E08D38605D2}
[-] Klucz usunięto : [x64] HKLM\SOFTWARE\Classes\Interface\{1A2A195A-A0F9-4006-AF02-3F05EEFDE792}
[-] Klucz usunięto : [x64] HKLM\SOFTWARE\Classes\Interface\{2D9DB233-DC4B-4677-946C-5FA5ABCF506B}
[-] Klucz usunięto : [x64] HKLM\SOFTWARE\Classes\Interface\{3AE76A17-C344-4A83-81CE-65EFEE41E42D}
[-] Klucz usunięto : [x64] HKLM\SOFTWARE\Classes\Interface\{4C0A69B0-CE97-42B7-86FC-08280C99C74D}
[-] Klucz usunięto : [x64] HKLM\SOFTWARE\Classes\Interface\{4E9EB4D5-C929-4005-AC62-1856B1DA5A24}
[-] Klucz usunięto : [x64] HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8FFE}
[-] Klucz usunięto : [x64] HKLM\SOFTWARE\Classes\Interface\{8FAF962C-3EDE-405E-B1D0-62B8235C6044}
[-] Klucz usunięto : [x64] HKLM\SOFTWARE\Classes\Interface\{C1F5E799-B218-4C32-B189-3C389BA140BB}
[-] Klucz usunięto : [x64] HKLM\SOFTWARE\Classes\Interface\{F60C9408-3110-4C98-A139-ABE1EE1111DD}
[-] Klucz usunięto : [x64] HKLM\SOFTWARE\Classes\Interface\{2E5FA7B4-61A2-4662-BBCE-62BBB20FC649}
[-] Klucz usunięto : [x64] HKLM\SOFTWARE\Classes\Interface\{5D7F05E3-075A-43AF-8BC7-21E2F7F38845}
[-] Klucz usunięto : [x64] HKLM\SOFTWARE\Classes\Interface\{617E26CE-E6E1-4C75-A68A-A001F2B98491}
[-] Klucz usunięto : [x64] HKLM\SOFTWARE\Classes\Interface\{79FBDBEA-A722-4ABD-BEC0-B7D463F6BA0E}
[-] Klucz usunięto : [x64] HKLM\SOFTWARE\Classes\Interface\{8128586C-DF69-4266-873F-CF4C6F705A7C}
[-] Klucz usunięto : [x64] HKLM\SOFTWARE\Classes\Interface\{C1F9CFCE-A7DC-4072-8B31-1DEA57004C86}
[-] Klucz usunięto : [x64] HKLM\SOFTWARE\Classes\Interface\{EA4AD895-2A7F-430E-B973-DEE6C4E743A9}
[-] Klucz usunięto : [x64] HKLM\SOFTWARE\Classes\Interface\{EBF4B60F-A863-426F-BE6F-5DFE83BC574F}
[-] Klucz usunięto : [x64] HKLM\SOFTWARE\Classes\Interface\{0347B640-EC8E-4F40-AFAE-E4B4285C61BE}
[-] Klucz usunięto : [x64] HKLM\SOFTWARE\Classes\Interface\{03FF7591-BAC2-4ECE-9B67-BB2AF2978B7D}
[-] Klucz usunięto : [x64] HKLM\SOFTWARE\Classes\Interface\{042283F9-E8DA-4ADC-B49F-70931EC3024D}
[-] Klucz usunięto : [x64] HKLM\SOFTWARE\Classes\Interface\{138E44EF-8988-4DC7-8F48-FBC4FCEF83D1}
[-] Klucz usunięto : [x64] HKLM\SOFTWARE\Classes\Interface\{14041915-01CF-49F0-B66B-D2F34A1C2F56}
[-] Klucz usunięto : [x64] HKLM\SOFTWARE\Classes\Interface\{308CC797-335F-40D4-9D94-16D78AE8FFB0}
[-] Klucz usunięto : [x64] HKLM\SOFTWARE\Classes\Interface\{30D9CA50-31B3-4A44-B5C5-57842CC47966}
[-] Klucz usunięto : [x64] HKLM\SOFTWARE\Classes\Interface\{4A3639A7-C0B4-49C2-AF0C-D0403F67F2FC}
[-] Klucz usunięto : [x64] HKLM\SOFTWARE\Classes\Interface\{5B7E6638-C2A1-456B-ADDF-DE9A57CDEC94}
[-] Klucz usunięto : [x64] HKLM\SOFTWARE\Classes\Interface\{60E253B6-E1B0-42EB-970F-3F579B23012F}
[-] Klucz usunięto : [x64] HKLM\SOFTWARE\Classes\Interface\{62D5037E-9580-4A49-B8A4-3E509C96FF7E}
[-] Klucz usunięto : [x64] HKLM\SOFTWARE\Classes\Interface\{6A756B02-6462-41A2-B0E9-E555AEF30750}
[-] Klucz usunięto : HKCU\Software\APN PIP
[-] Klucz usunięto : HKCU\Software\HomeTab
[-] Klucz usunięto : HKCU\Software\Myfree Codec
[-] Klucz usunięto : HKCU\Software\simplytech
[-] Klucz usunięto : HKCU\Software\Softonic
[-] Klucz usunięto : HKCU\Software\WajIntEnhance
[-] Klucz usunięto : HKCU\Software\DriverToolkit
[-] Klucz usunięto : HKCU\Software\SearchProtectWS
[-] Klucz usunięto : HKCU\Software\PRODUCTSETUP
[-] Klucz usunięto : HKCU\Software\Kromtech
[-] Klucz usunięto : HKCU\Software\WEBAPP
[-] Klucz usunięto : HKCU\Software\AppDataLow\{12DA0E6F-5543-440C-BAA2-28BF01070AFA}
[-] Klucz usunięto : HKLM\SOFTWARE\{3A7D3E19-1B79-4E4E-BD96-5467DA2C4EF0}
[-] Klucz usunięto : HKLM\SOFTWARE\AskPartnerNetwork
[-] Klucz usunięto : HKLM\SOFTWARE\Conduit
[-] Klucz usunięto : HKLM\SOFTWARE\Iminent
[-] Klucz usunięto : HKLM\SOFTWARE\Myfree Codec
[-] Klucz usunięto : HKLM\SOFTWARE\SearchProtect
[-] Klucz usunięto : HKLM\SOFTWARE\mystartsearchSoftware
[-] Klucz usunięto : HKLM\SOFTWARE\LenovoBrowserGuard
[-] Klucz usunięto : HKLM\SOFTWARE\VisualDiscovery
[-] Klucz usunięto : HKLM\SOFTWARE\Superfish Inc. VisualDiscovery
[-] Klucz usunięto : HKLM\SOFTWARE\{12A61307-94CD-4F8E-94BC-918E511FAA81}
[-] Klucz usunięto : HKLM\SOFTWARE\WajIntEnhance
[-] Klucz usunięto : HKLM\SOFTWARE\SpeedBit
[-] Klucz usunięto : HKLM\SOFTWARE\AIM Toolbar
[-] Klucz usunięto : HKLM\SOFTWARE\LENOVO\VisualDiscovery
[-] Klucz usunięto : HKLM\SOFTWARE\WdsManPro
[-] Klucz usunięto : HKLM\SOFTWARE\{12DA0E6F-5543-440C-BAA2-28BF01070AFA}
[-] Klucz usunięto : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\SoftonicAssistant
[-] Klucz usunięto : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\IMBoosterARP
[-] Klucz usunięto : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\IminentToolbar
[-] Klucz usunięto : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SearchProtect
[-] Klucz usunięto : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\LenovoBrowserGuard
[-] Klucz usunięto : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\WajIntEnhance
[-] Klucz usunięto : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{D66BF89F-B0A2-48F5-A2E4-242EB645AB76}_is1
[-] Klucz usunięto : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Vosteran.com
[-] Klucz usunięto : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{7304C9D1-98AD-55F0-636E-22D8DD57F176}
[-] Klucz usunięto : HKU\.DEFAULT\Software\AppDataLow\{12DA0E6F-5543-440C-BAA2-28BF01070AFA}
 
***** [ Przeglądarki internetowe ] *****
 
 
*************************
 
:: "Tracing" klucze usunięta
:: Zresetowano ustawienia Winsock
 
########## EOF - C:\AdwCleaner\AdwCleaner[C1].txt - [26306 bajty] ##########
 
 
 
 
 
FRST:
 
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:07-11-2015
Ran by Sawako (administrator) on LENOVO-PC (15-11-2015 12:58:00)
Running from C:\Users\Ania\Desktop
Loaded Profiles: Sawako (Available Profiles: Sawako & Administrator)
Platform: Windows 10 Home (X64) Language: Polski (Polska)
Internet Explorer Version 11 (Default browser: Opera)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/
 
==================== Processes (Whitelisted) =================
 
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Pen\WTabletServiceCon.exe
(Avast Software s.r.o.) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe
(Lenovo(beijing) Limited) C:\Program Files (x86)\Lenovo\Lenovo Updates\LUService.exe
(Intel® Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Lenovo(beijing) Limited) C:\Program Files (x86)\Lenovo\Lenovo Settings\LenovoSetSvr.exe
(Lenovo(beijing) Limited) C:\Windows\System32\LenovoWiFiHotspotSvr.exe
(LENOVO INCORPORATED.) C:\Program Files\Lenovo\iMController\SystemAgentService.exe
(PointGrab LTD) C:\Program Files (x86)\Lenovo\Motion Control\PG_Service_Launcher.exe
(PointGrab LTD) C:\Program Files (x86)\Lenovo\Motion Control\PGService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(Lenovo) C:\Program Files\Lenovo PhoneCompanion\PhoneCompanionPusher.exe
(DEVGURU Co., LTD.) C:\Program Files (x86)\Samsung\USB Drivers\25_escape\conn\ss_conn_service.exe
(PointGrab LTD) C:\Program Files (x86)\Lenovo\Motion Control\WebcamSplitterServer.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Pen\Pen_TabletUser.exe
(Wacom Technology) C:\Program Files\Tablet\Pen\WacomHost.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Pen\Pen_Tablet.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Pen\Pen_TouchUser.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
() C:\Program Files\Realtek\Audio\HDA\FMAPP.exe
() C:\Program Files\Realtek\Audio\HDA\FMAPP.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Lenovo(beijing) Limited) C:\Program Files (x86)\Lenovo\Energy Manager\utility.exe
(Avast Software s.r.o.) C:\Program Files\AVAST Software\Avast\avastui.exe
(Samsung Electronics Co., Ltd.) C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe
(Opera Software) C:\Program Files (x86)\Opera\29.0.1795.60\opera.exe
() C:\Program Files (x86)\Opera\29.0.1795.60\opera_crashreporter.exe
(Opera Software) C:\Program Files (x86)\Opera\29.0.1795.60\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\29.0.1795.60\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\29.0.1795.60\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\29.0.1795.60\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\29.0.1795.60\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\29.0.1795.60\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\29.0.1795.60\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\29.0.1795.60\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\29.0.1795.60\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\29.0.1795.60\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\29.0.1795.60\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\29.0.1795.60\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\29.0.1795.60\opera.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe
(Opera Software) C:\Program Files (x86)\Opera\29.0.1795.60\opera.exe
(Farbar) C:\Users\Ania\Desktop\EnglishFRST64.exe
 
 
==================== Registry (Whitelisted) ===========================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13885696 2015-06-24] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_Dolby] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1402624 2015-06-24] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_LENOVO_DOLBYDRAGON] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1402624 2015-06-24] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_LENOVO_MICPKEY] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1402624 2015-06-24] (Realtek Semiconductor)
HKLM\...\Run: [RtsFT] => C:\WINDOWS\RTFTrack.exe [5060864 2015-06-16] (Realtek semiconductor)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2234144 2014-01-21] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\WINDOWS\system32\rundll32.exe C:\WINDOWS\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [OnekeyStudio] => C:\Program Files\Lenovo\Onekey Theater\OnekeyStudio.exe [4196432 2012-09-14] (Lenovo)
HKLM\...\Run: [PhoneCompanion] => C:\Program Files\Lenovo PhoneCompanion\Phone Companion.exe [836592 2014-09-08] (Lenovo)
HKLM\...\Run: [Energy Manager] => C:\Program Files (x86)\Lenovo\Energy Manager\Energy Manager.exe [16094704 2014-09-08] (Lenovo(beijing) Limited)
HKLM\...\Run: [Lenovo Utility] => C:\Program Files (x86)\Lenovo\Energy Manager\Utility.exe [10841584 2014-09-08] (Lenovo(beijing) Limited)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [3947704 2015-09-10] (Synaptics Incorporated)
HKLM-x32\...\Run: [BambooCore] => C:\Program Files (x86)\Bamboo Dock\BambooCore.exe [646744 2012-10-16] ()
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [5515496 2015-06-06] (Avast Software s.r.o.)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [937920 2011-06-06] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [KiesTrayAgent] => C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe [311616 2015-07-27] (Samsung Electronics Co., Ltd.)
HKU\S-1-5-21-2839323705-3564200330-1895575039-1001\...\Run: [SoftonicAssistant] => "C:\Users\Ania\AppData\Local\SoftonicAssistant\SoftonicAssistant.exe"
HKU\S-1-5-21-2839323705-3564200330-1895575039-1001\...\Run: [DAEMON Tools Lite] => C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3696912 2014-03-04] (Disc Soft Ltd)
HKU\S-1-5-21-2839323705-3564200330-1895575039-1001\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [53655680 2015-07-28] (Skype Technologies S.A.)
HKU\S-1-5-21-2839323705-3564200330-1895575039-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [3011152 2015-11-10] (Valve Corporation)
HKU\S-1-5-21-2839323705-3564200330-1895575039-1001\...\Run: [msnmsgr] => C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe [4272840 2014-03-31] (Microsoft Corporation)
HKU\S-1-5-21-2839323705-3564200330-1895575039-1001\...\Run: [uTorrent] => C:\Users\Ania\AppData\Roaming\uTorrent\uTorrent.exe [1822048 2015-10-08] (BitTorrent Inc.)
ShellIconOverlayIdentifiers: [00001LenovoSyncComplete] -> {1E9CED2C-E7B4-4C47-B07A-25416393B67B} => C:\Program Files\Hightail\Hightail for Lenovo\YSINSE64.dll [2014-06-23] (Hightail Inc.)
ShellIconOverlayIdentifiers: [00002LenovoSyncActive] -> {C1285F4D-918F-4EF2-BC94-CAD5B118C835} => C:\Program Files\Hightail\Hightail for Lenovo\YSINSE64.dll [2014-06-23] (Hightail Inc.)
ShellIconOverlayIdentifiers: [00003LenovoSyncError] -> {CE5633DA-1488-4D1D-9A9B-B500297D4A8C} => C:\Program Files\Hightail\Hightail for Lenovo\YSINSE64.dll [2014-06-23] (Hightail Inc.)
ShellIconOverlayIdentifiers: [00004LenovoLocalOnly] -> {C7362DA9-D3AC-4C17-B2F5-2F1823FA04C3} => C:\Program Files\Hightail\Hightail for Lenovo\YSINSE64.dll [2014-06-23] (Hightail Inc.)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2015-06-06] (Avast Software s.r.o.)
ShellIconOverlayIdentifiers-x32: [00001LenovoSyncComplete] -> {1E9CED2C-E7B4-4C47-B07A-25416393B67B} => C:\Program Files (x86)\Hightail\Hightail for Lenovo\YSINSE.dll [2014-06-23] (Hightail Inc.)
ShellIconOverlayIdentifiers-x32: [00002LenovoSyncActive] -> {C1285F4D-918F-4EF2-BC94-CAD5B118C835} => C:\Program Files (x86)\Hightail\Hightail for Lenovo\YSINSE.dll [2014-06-23] (Hightail Inc.)
ShellIconOverlayIdentifiers-x32: [00003LenovoSyncError] -> {CE5633DA-1488-4D1D-9A9B-B500297D4A8C} => C:\Program Files (x86)\Hightail\Hightail for Lenovo\YSINSE.dll [2014-06-23] (Hightail Inc.)
ShellIconOverlayIdentifiers-x32: [00004LenovoLocalOnly] -> {C7362DA9-D3AC-4C17-B2F5-2F1823FA04C3} => C:\Program Files (x86)\Hightail\Hightail for Lenovo\YSINSE.dll [2014-06-23] (Hightail Inc.)
 
==================== Internet (Whitelisted) ====================
 
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{b45659d5-0e56-4668-9ba0-803041b52e37}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{c8c033b9-ca08-4baa-a6d5-360b1b3a4999}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{e1eee559-802c-45ca-9e41-958b9f8f3438}: [DhcpNameServer] 169.254.224.91
 
Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-2839323705-3564200330-1895575039-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkID=617912&ResetID=130892338235290741&GUID=85F7429F-5084-4E74-8E04-CFE4F9E8D129
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll [2015-09-29] (Microsoft Corporation)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2015-06-06] (Avast Software s.r.o.)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL [2015-10-28] (Microsoft Corporation)
BHO-x32: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2011-06-06] (Adobe Systems Incorporated)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2015-06-06] (Avast Software s.r.o.)
Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL [2015-02-03] (Microsoft Corporation)
 
FireFox:
========
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation)
FF Plugin: @wacom.com/wtPlugin,version=2.1.0.3 -> C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll [2012-12-25] (Wacom)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-09-16] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-09-16] (Intel Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL [2015-03-03] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation)
FF Plugin-x32: @wacom.com/wtPlugin,version=2.1.0.3 -> C:\Program Files (x86)\TabletPlugins\npWacomTabletPlugin.dll [2012-12-25] (Wacom)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll [2011-06-06] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-2839323705-3564200330-1895575039-1001: wacom.com/WacomTabletPlugin -> C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll [2012-12-25] (Wacom)
FF HKLM-x32\...\Firefox\Extensions: [[email protected]] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2015-06-06] [not signed]
 
Chrome: 
=======
CHR dev: Chrome dev build detected! <======= ATTENTION
CHR Profile: C:\Users\Ania\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Slides) - C:\Users\Ania\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-04-19] [UpdateUrl: hxxps://epicunitscan.info/00service/update2/crx] <==== ATTENTION
CHR Extension: (Google Docs) - C:\Users\Ania\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-04-19] [UpdateUrl: hxxps://epicunitscan.info/00service/update2/crx] <==== ATTENTION
CHR Extension: (Google Drive) - C:\Users\Ania\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-04-19] [UpdateUrl: hxxps://epicunitscan.info/00service/update2/crx] <==== ATTENTION
CHR Extension: (Vocabla: translate English words) - C:\Users\Ania\AppData\Local\Google\Chrome\User Data\Default\Extensions\bchnamjcpocgphheheekmchilaabjdnb [2015-05-05] [UpdateUrl: hxxps://epicunitscan.info/00service/update2/crx] <==== ATTENTION
CHR Extension: (YouTube) - C:\Users\Ania\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-04-19]
CHR Extension: (Google Search) - C:\Users\Ania\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-04-19]
CHR Extension: (Google Sheets) - C:\Users\Ania\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-04-19] [UpdateUrl: hxxps://epicunitscan.info/00service/update2/crx] <==== ATTENTION
CHR Extension: (Słownik an-pl) - C:\Users\Ania\AppData\Local\Google\Chrome\User Data\Default\Extensions\gdimodggclcfachocbnfnciifajkmfpc [2015-04-21]
CHR Extension: (Bookmark Manager) - C:\Users\Ania\AppData\Local\Google\Chrome\User Data\Default\Extensions\gmlllbghnfkpflemihljekbapjopfjik [2015-04-21] [UpdateUrl: hxxps://epicunitscan.info/00service/update2/crx] <==== ATTENTION
CHR Extension: (Double Trans) - C:\Users\Ania\AppData\Local\Google\Chrome\User Data\Default\Extensions\igkpinhkgghcbpmhokkfgjecjndmahle [2015-05-05] [UpdateUrl: hxxps://epicunitscan.info/00service/update2/crx] <==== ATTENTION
CHR Extension: (Instant Translate) - C:\Users\Ania\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihmgiclibbndffejedjimfjmfoabpcke [2015-05-05] [UpdateUrl: hxxps://epicunitscan.info/00service/update2/crx] <==== ATTENTION
CHR Extension: (No Cyrus) - C:\Users\Ania\AppData\Local\Google\Chrome\User Data\Default\Extensions\iongpbleobggjpbababalgpaabhhggaf [2015-07-27]
CHR Extension: (Gmail) - C:\Users\Ania\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-04-19]
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChromeSp.crx [2015-06-06]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2015-06-06]
 
Opera: 
=======
StartMenuInternet: (HKLM) Opera - C:\Program Files (x86)\Opera\Opera.exe hxxp://www.istartsurf.com/?type=sc&ts=1441642877&z=9b3d58a7753363c0c660068gezbz6geqaz0o0m9c8z&from=cornl&uid=WDCXWD10S21X-24R1BT0-SSHD-8GB_WD-WX51A24Y5750Y5750
 
==================== Services (Whitelisted) ========================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [343336 2015-06-06] (Avast Software s.r.o.)
R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [2780856 2015-10-07] (Microsoft Corporation)
R2 igfxCUIService2.0.0.0; C:\Windows\system32\igfxCUIService.exe [351120 2015-07-17] (Intel Corporation)
R2 Intel® Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [747520 2013-08-27] (Intel® Corporation) [File not signed]
S3 Intel® Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [828376 2013-08-27] (Intel® Corporation)
R2 Intel® ME Service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe [131544 2013-09-16] (Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe [169432 2013-09-16] (Intel Corporation)
S3 Lenovo EasyPlus Hotspot; C:\Program Files (x86)\Common Files\lenovo\easyplussdk\bin\EPHotspot64.exe [533760 2014-06-03] (Lenovo)
R2 Lenovo System Agent Service; C:\Program Files\Lenovo\iMController\SystemAgentService.exe [584960 2014-05-21] (LENOVO INCORPORATED.)
R2 LenovoSetSvr; C:\Program Files (x86)\Lenovo\Lenovo Settings\LenovoSetSvr.exe [389680 2014-09-08] (Lenovo(beijing) Limited)
R2 LenovoWiFiHotspotSvr; C:\Windows\System32\LenovoWiFiHotspotSvr.exe [198192 2014-09-08] (Lenovo(beijing) Limited)
R2 LUService; C:\Program Files (x86)\Lenovo\Lenovo Updates\LUService.exe [38896 2014-02-17] (Lenovo(beijing) Limited)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1593632 2014-01-21] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [16939296 2014-01-21] (NVIDIA Corporation)
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [1910128 2015-02-08] (Electronic Arts)
R2 PGService; C:\Program Files (x86)\Lenovo\Motion Control\PGService.exe [167176 2014-02-25] (PointGrab LTD)
R2 PG_Service_Launcher; C:\Program Files (x86)\Lenovo\Motion Control\PG_Service_Launcher.exe [512776 2014-02-25] (PointGrab LTD)
R2 PhoneCompanionPusher; C:\Program Files\Lenovo PhoneCompanion\PhoneCompanionPusher.exe [288240 2014-09-08] (Lenovo)
S3 PhoneCompanionVap; C:\Program Files\Lenovo PhoneCompanion\PhoneCompanionVap.exe [308720 2014-09-08] (Lenovo)
R2 ss_conn_service; C:\Program Files (x86)\Samsung\USB Drivers\25_escape\conn\ss_conn_service.exe [743688 2015-05-21] (DEVGURU Co., LTD.)
S3 TESHelper; c:\Program Files\Common Files\Lenovo\Magic Transfer\x64\MagicTransferTESHelper.exe [104696 2014-09-08] (Lenovo)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [362928 2015-07-10] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [24864 2015-07-10] (Microsoft Corporation)
R2 WTabletServiceCon; C:\Program Files\Tablet\Pen\WTabletServiceCon.exe [627992 2014-01-13] (Wacom Technology, Corp.)
 
===================== Drivers (Whitelisted) ==========================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29168 2015-06-06] ()
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [89944 2015-06-06] (Avast Software s.r.o.)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93528 2015-06-06] (Avast Software s.r.o.)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65736 2015-06-06] ()
S1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1047320 2015-06-06] (Avast Software s.r.o.)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [442264 2015-06-27] (Avast Software s.r.o.)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [137288 2015-06-06] (Avast Software s.r.o.)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [272248 2015-06-06] ()
S3 BthA2DP; C:\Windows\system32\drivers\BthA2DP.sys [165376 2015-07-10] (Microsoft Corporation)
S3 BthHFAud; C:\Windows\system32\DRIVERS\BthHfAud.sys [36864 2015-07-10] (Microsoft Corporation)
S3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [237568 2015-07-10] (Microsoft Corporation)
R3 ibtusb; C:\Windows\system32\DRIVERS\ibtusb.sys [263952 2015-07-14] (Intel Corporation)
R3 MEIx64; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [99288 2013-09-16] (Intel Corporation)
R3 NETwNb64; C:\Windows\System32\drivers\Netwbw02.sys [3496216 2015-07-10] (Intel Corporation)
R3 rt640x64; C:\Windows\System32\drivers\rt640x64.sys [886528 2015-07-22] (Realtek                                            )
R3 RTSPER; C:\Windows\system32\DRIVERS\RtsPer.sys [761600 2015-06-15] (Realsil Semiconductor Corporation)
R3 rtsuvc; C:\Windows\system32\DRIVERS\rtsuvc.sys [3068160 2015-06-16] (Realtek Semiconductor Corp.)
R3 SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [42696 2015-09-10] (Synaptics Incorporated)
S3 UdeCx; C:\Windows\System32\drivers\udecx.sys [44032 2015-07-10] ()
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44568 2015-07-10] (Microsoft Corporation)
R0 WdFilter; C:\Windows\System32\drivers\WdFilter.sys [291680 2015-07-10] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [119648 2015-07-10] (Microsoft Corporation)
S3 wsvd; C:\Windows\system32\DRIVERS\wsvd.sys [102376 2012-06-13] ("CyberLink)
S3 ew_usbenumfilter; \SystemRoot\System32\drivers\ew_usbenumfilter.sys [X]
S3 hwusb_cdcacm; \SystemRoot\system32\DRIVERS\ew_cdcacm.sys [X]
S3 hwusb_wwanecm; \SystemRoot\system32\DRIVERS\ew_wwanecm.sys [X]
S3 wfpcapture; \SystemRoot\System32\drivers\wfpcapture.sys [X]
 
==================== NetSvcs (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
 
==================== One Month Created files and folders ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2015-11-15 12:52 - 2015-11-15 12:52 - 00000000 ____D C:\Users\Ania\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Opera Software
2015-11-15 12:50 - 2015-11-15 12:50 - 00016148 _____ C:\WINDOWS\system32\LENOVO-PC_Sawako_HistoryPrediction.bin
2015-11-15 12:48 - 2015-11-15 12:49 - 00000000 ____D C:\AdwCleaner
2015-11-15 12:47 - 2015-11-15 12:48 - 01732096 _____ C:\Users\Ania\Downloads\AdwCleaner.exe
2015-11-15 12:41 - 2015-11-15 12:42 - 00952307 _____ C:\Users\Ania\Downloads\AdwCleaner (1).exe.opdownload
2015-11-15 12:25 - 2015-11-15 12:25 - 00000000 _____ C:\Users\Ania\Desktop\jsadasdas.txt
2015-11-15 12:22 - 2015-11-15 12:22 - 00000000 _____ C:\Users\Ania\Desktop\Nowy dokument tekstowy.txt
2015-11-15 12:18 - 2015-11-15 12:18 - 00004558 _____ C:\Users\Ania\Desktop\ecnkeohpccckhnmnblcjopbdmeigbnmm.rar
2015-11-15 12:18 - 2015-11-15 12:18 - 00000000 ____D C:\Users\Ania\Desktop\ecnkeohpccckhnmnblcjopbdmeigbnmm
2015-11-12 19:19 - 2015-11-15 12:58 - 00023129 _____ C:\Users\Ania\Desktop\FRST.txt
2015-11-12 19:19 - 2015-11-12 19:20 - 00046525 _____ C:\Users\Ania\Desktop\Addition.txt
2015-11-12 19:08 - 2015-11-15 12:58 - 00000000 ____D C:\FRST
2015-11-12 19:08 - 2015-11-12 19:09 - 00047000 _____ C:\Users\Ania\Downloads\FRST.txt
2015-11-12 19:08 - 2015-11-12 19:09 - 00046527 _____ C:\Users\Ania\Downloads\Addition.txt
2015-11-12 19:06 - 2015-11-12 19:06 - 02198528 _____ (Farbar) C:\Users\Ania\Desktop\EnglishFRST64.exe
2015-11-11 13:54 - 2015-11-11 13:57 - 26077080 _____ C:\Users\Ania\Downloads\Palm Shadows {2}.Sims3Pack
2015-11-11 13:53 - 2015-11-11 13:59 - 50843737 _____ C:\Users\Ania\Downloads\Geothermal lakes.Sims3Pack
2015-11-11 13:52 - 2015-11-11 14:00 - 120972225 _____ C:\Users\Ania\Downloads\Great Bear.Sims3Pack
2015-11-11 13:49 - 2015-11-11 14:01 - 122556653 _____ C:\Users\Ania\Downloads\Vice City.Sims3Pack
2015-11-11 13:11 - 2015-11-05 06:15 - 08020832 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2015-11-11 13:11 - 2015-11-05 06:15 - 00541024 _____ (Microsoft Corporation) C:\WINDOWS\system32\mcupdate_GenuineIntel.dll
2015-11-11 13:11 - 2015-11-05 06:14 - 00459104 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\netio.sys
2015-11-11 13:11 - 2015-11-05 06:13 - 00577888 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\afd.sys
2015-11-11 13:11 - 2015-11-05 06:11 - 01392480 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicenseManager.dll
2015-11-11 13:11 - 2015-11-05 06:06 - 03621248 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2015-11-11 13:11 - 2015-11-05 06:06 - 00966416 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinapi.appcore.dll
2015-11-11 13:11 - 2015-11-05 06:01 - 00607408 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe
2015-11-11 13:11 - 2015-11-05 05:56 - 01083072 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
2015-11-11 13:11 - 2015-11-05 05:56 - 00116064 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tdx.sys
2015-11-11 13:11 - 2015-11-05 05:56 - 00025280 _____ (Microsoft Corporation) C:\WINDOWS\system32\CompatTelRunner.exe
2015-11-11 13:11 - 2015-11-05 05:30 - 00961376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LicenseManager.dll
2015-11-11 13:11 - 2015-11-05 05:24 - 02878512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2015-11-11 13:11 - 2015-11-05 05:23 - 00762888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinapi.appcore.dll
2015-11-11 13:11 - 2015-11-05 05:23 - 00076800 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserbroker.dll
2015-11-11 13:11 - 2015-11-05 05:20 - 21873664 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2015-11-11 13:11 - 2015-11-05 05:18 - 24597504 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2015-11-11 13:11 - 2015-11-05 05:18 - 03248128 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll
2015-11-11 13:11 - 2015-11-05 05:18 - 00539728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontdrvhost.exe
2015-11-11 13:11 - 2015-11-05 05:17 - 02418688 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll
2015-11-11 13:11 - 2015-11-05 05:12 - 00515072 _____ (Microsoft Corporation) C:\WINDOWS\system32\internetmail.dll
2015-11-11 13:11 - 2015-11-05 05:11 - 00333312 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusUpdateHandlers.dll
2015-11-11 13:11 - 2015-11-05 05:10 - 12504064 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2015-11-11 13:11 - 2015-11-05 05:10 - 02987520 _____ (Microsoft Corporation) C:\WINDOWS\system32\esent.dll
2015-11-11 13:11 - 2015-11-05 05:07 - 01068032 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2015-11-11 13:11 - 2015-11-05 05:06 - 00453120 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Usb.dll
2015-11-11 13:11 - 2015-11-05 05:05 - 01602560 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2015-11-11 13:11 - 2015-11-05 05:05 - 00826880 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2015-11-11 13:11 - 2015-11-05 05:03 - 02180608 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2015-11-11 13:11 - 2015-11-05 05:03 - 01015808 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXService.dll
2015-11-11 13:11 - 2015-11-05 05:01 - 00949760 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
2015-11-11 13:11 - 2015-11-05 05:01 - 00713216 _____ (Microsoft Corporation) C:\WINDOWS\system32\usermgr.dll
2015-11-11 13:11 - 2015-11-05 05:01 - 00579072 _____ (Microsoft Corporation) C:\WINDOWS\system32\winlogon.exe
2015-11-11 13:11 - 2015-11-05 04:59 - 03587072 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2015-11-11 13:11 - 2015-11-05 04:59 - 02675200 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepository.dll
2015-11-11 13:11 - 2015-11-05 04:58 - 01383936 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2015-11-11 13:11 - 2015-11-05 04:58 - 00627712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.dll
2015-11-11 13:11 - 2015-11-05 04:56 - 01795072 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.dll
2015-11-11 13:11 - 2015-11-05 04:55 - 00145408 _____ (Microsoft Corporation) C:\WINDOWS\system32\dssvc.dll
2015-11-11 13:11 - 2015-11-05 04:54 - 00502272 _____ (Microsoft Corporation) C:\WINDOWS\system32\dlnashext.dll
2015-11-11 13:11 - 2015-11-05 04:47 - 19326464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2015-11-11 13:11 - 2015-11-05 04:42 - 02647040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll
2015-11-11 13:11 - 2015-11-05 04:40 - 01918976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll
2015-11-11 13:11 - 2015-11-05 04:35 - 18803712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2015-11-11 13:11 - 2015-11-05 04:35 - 02639872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\esent.dll
2015-11-11 13:11 - 2015-11-05 04:34 - 00311296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Usb.dll
2015-11-11 13:11 - 2015-11-05 04:33 - 01380864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2015-11-11 13:11 - 2015-11-05 04:33 - 00650240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2015-11-11 13:11 - 2015-11-05 04:30 - 00767488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll
2015-11-11 13:11 - 2015-11-05 04:28 - 11262976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2015-11-11 13:11 - 2015-11-05 04:27 - 02049536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepository.dll
2015-11-11 13:11 - 2015-11-05 04:27 - 00464896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.dll
2015-11-11 13:11 - 2015-11-05 04:23 - 00441344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dlnashext.dll
2015-11-10 23:53 - 2015-11-10 23:53 - 03800416 _____ C:\Users\Ania\Desktop\gdgdfgdfgdfg.psd
2015-11-10 21:11 - 2015-11-10 22:22 - 22652154 _____ C:\Users\Ania\Desktop\kawaiii.psd
2015-11-07 20:06 - 2015-11-07 20:07 - 08538465 _____ C:\Users\Ania\Desktop\sfsdfsdfasdfdssfd.psd
2015-11-06 22:21 - 2015-11-06 22:21 - 40870693 _____ C:\Users\Ania\Desktop\loffffff.psd
2015-11-03 20:21 - 2015-11-03 22:18 - 53523301 _____ C:\Users\Ania\Desktop\nbdskjfhkdsjhfdsfdsfdsgsdffdfgfdv.psd
2015-10-25 14:13 - 2015-10-25 23:21 - 24245698 _____ C:\Users\Ania\Desktop\sdasdsadasdasdasdasd OOOOKOOOO.psd
2015-10-21 21:33 - 2015-11-03 22:47 - 00001025 _____ C:\Users\Ania\Desktop\osu!.lnk
2015-10-21 21:33 - 2015-10-21 21:33 - 00001033 _____ C:\Users\Ania\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\osu!.lnk
2015-10-21 21:31 - 2015-10-22 12:25 - 00000000 ____D C:\Users\Ania\AppData\Local\osu!
2015-10-21 21:30 - 2015-10-21 21:30 - 00000000 ____D C:\Users\Ania\Downloads\Localisation
2015-10-21 21:26 - 2015-10-21 21:30 - 03282488 _____ (ppy) C:\Users\Ania\Downloads\osu!install.exe
2015-10-19 19:48 - 2015-10-19 19:48 - 28752573 _____ C:\Users\Ania\Desktop\KONKURS.psd
2015-10-16 18:18 - 2015-10-18 12:52 - 00000000 ____D C:\Users\Ania\AppData\Local\Warframe
2015-10-16 12:22 - 2015-10-16 12:22 - 00000222 _____ C:\Users\Ania\Desktop\Warframe.url
2015-10-16 12:05 - 2015-10-16 12:05 - 00000000 ____D C:\Users\Ania\AppData\Roaming\roi
2015-10-16 12:02 - 2015-10-16 12:02 - 00000000 ____D C:\Program Files (x86)\AGEIA Technologies
 
==================== One Month Modified files and folders ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2015-11-15 12:54 - 2015-09-10 15:51 - 00968240 _____ C:\WINDOWS\system32\perfh011.dat
2015-11-15 12:54 - 2015-09-10 15:51 - 00575846 _____ C:\WINDOWS\system32\perfc011.dat
2015-11-15 12:54 - 2015-09-10 15:33 - 00005472 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2015-11-15 12:54 - 2015-07-10 17:30 - 02218884 _____ C:\WINDOWS\system32\perfh015.dat
2015-11-15 12:54 - 2015-07-10 17:30 - 00607808 _____ C:\WINDOWS\system32\perfc015.dat
2015-11-15 12:52 - 2015-07-09 19:52 - 00000000 ____D C:\Users\Ania\AppData\Roaming\uTorrent
2015-11-15 12:51 - 2015-07-10 13:22 - 00000275 _____ C:\WINDOWS\WindowsUpdate.log
2015-11-15 12:50 - 2015-09-10 15:12 - 00000180 _____ C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2015-11-15 12:50 - 2015-07-10 13:21 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2015-11-15 12:50 - 2015-07-10 12:04 - 00000000 ____D C:\WINDOWS\system32\sru
2015-11-15 12:50 - 2015-07-10 10:05 - 00262144 ___SH C:\WINDOWS\system32\config\BBI
2015-11-15 12:50 - 2015-02-08 11:08 - 00000376 _____ C:\WINDOWS\Tasks\DriverToolkit Autorun.job
2015-11-15 12:29 - 2015-09-10 18:44 - 00000008 __RSH C:\ProgramData\ntuser.pol
2015-11-15 12:28 - 2015-09-10 15:07 - 00019654 _____ C:\WINDOWS\PFRO.log
2015-11-15 12:27 - 2015-09-10 15:16 - 00000000 ____D C:\Users\Ania
2015-11-15 12:27 - 2015-07-10 12:04 - 00000000 ____D C:\WINDOWS\system32\appraiser
2015-11-15 12:25 - 2015-02-08 10:30 - 00000930 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2015-11-15 12:24 - 2013-08-22 16:36 - 00000000 ____D C:\WINDOWS\system32\GroupPolicy
2015-11-15 12:01 - 2015-07-10 11:55 - 00000000 ____D C:\WINDOWS\CbsTemp
2015-11-15 11:34 - 2015-06-06 08:19 - 00004280 _____ C:\WINDOWS\System32\Tasks\avast! Emergency Update
2015-11-14 19:28 - 2015-02-08 10:30 - 00000892 _____ C:\WINDOWS\Tasks\Adobe Flash Player PPAPI Notifier.job
2015-11-14 17:49 - 2015-07-10 12:04 - 00000000 ____D C:\WINDOWS\AppReadiness
2015-11-12 18:59 - 2015-02-08 11:33 - 00001625 _____ C:\Users\Public\Desktop\League of Legends.lnk
2015-11-12 18:58 - 2015-02-08 12:25 - 00000000 ____D C:\Program Files (x86)\Electronic Arts
2015-11-12 18:58 - 2014-09-08 07:37 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2015-11-12 18:57 - 2015-02-22 17:08 - 00000000 ____D C:\Program Files (x86)\Grupa IMAGE
2015-11-12 18:56 - 2015-04-16 13:15 - 00000000 ____D C:\ProgramData\DatacardService
2015-11-12 18:56 - 2015-03-22 16:21 - 00000000 ____D C:\Users\Ania\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2015-11-12 18:56 - 2015-03-22 15:49 - 00000000 ____D C:\Program Files (x86)\Steam
2015-11-12 18:54 - 2015-03-14 09:27 - 00000000 ____D C:\Users\Ania\AppData\Roaming\Opera
2015-11-12 18:54 - 2015-03-14 09:27 - 00000000 ____D C:\Users\Ania\AppData\Local\Opera
2015-11-12 18:54 - 2015-02-08 10:22 - 00000000 ____D C:\Program Files (x86)\Opera
2015-11-12 18:40 - 2014-12-19 04:57 - 00000000 ____D C:\Users\Ania\AppData\Local\Packages
2015-11-11 18:26 - 2015-02-08 10:30 - 00004032 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player PPAPI Notifier
2015-11-11 18:26 - 2015-02-08 10:30 - 00003916 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater
2015-11-11 13:38 - 2014-12-28 14:20 - 00000000 ____D C:\Users\Ania\Documents\Electronic Arts
2015-11-03 22:47 - 2015-09-26 19:59 - 00001412 _____ C:\Users\Ania\Desktop\TheForest.lnk
2015-11-03 22:47 - 2015-09-26 19:58 - 00001581 _____ C:\Users\Ania\Desktop\Stranded_Deep.lnk
2015-11-03 22:47 - 2015-09-26 19:57 - 00001722 _____ C:\Users\Ania\Desktop\TheSims4.lnk
2015-11-03 19:20 - 2015-10-05 17:28 - 00810488 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2015-11-03 19:20 - 2015-10-05 17:28 - 00176632 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2015-11-03 17:57 - 2015-07-10 12:04 - 00000000 ____D C:\WINDOWS\rescache
2015-10-30 19:04 - 2015-07-10 12:04 - 00000000 ____D C:\WINDOWS\LiveKernelReports
2015-10-28 19:21 - 2015-07-10 12:04 - 00000000 ____D C:\WINDOWS\system32\NDF
2015-10-28 16:36 - 2015-03-03 17:24 - 00000000 ____D C:\Program Files\Microsoft Office 15
2015-10-19 18:59 - 2015-07-17 21:01 - 00000000 ____D C:\Users\Ania\Downloads\PaintToolSAI
2015-10-19 18:52 - 2015-07-10 13:20 - 00029174 _____ C:\WINDOWS\setupact.log
2015-10-17 14:31 - 2015-02-08 11:05 - 00000000 ____D C:\Users\Ania\AppData\Roaming\Skype
2015-10-16 18:22 - 2015-02-08 12:32 - 00081051 _____ C:\WINDOWS\DirectX.log
2015-10-16 18:18 - 2015-02-13 20:17 - 00000000 ____D C:\WINDOWS\system32\MRT
2015-10-16 12:02 - 2014-09-08 07:43 - 00000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2015-10-16 11:38 - 2015-09-24 12:49 - 00000000 ____D C:\Users\Ania\AppData\Local\MicrosoftEdge
 
==================== Files in the root of some directories =======
 
2015-05-16 21:14 - 2015-05-19 14:47 - 0000024 _____ () C:\Users\Ania\AppData\Roaming\appdataFr25.bin
2015-09-10 15:13 - 2015-09-10 15:13 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
2015-09-07 17:21 - 2015-09-07 17:21 - 0000102 _____ () C:\ProgramData\{262E20B8-6E20-4CEF-B1FD-D022AB1085F5}.dat
 
Files to move or delete:
====================
C:\ProgramData\{262E20B8-6E20-4CEF-B1FD-D022AB1085F5}.dat
 
 
Some files in TEMP:
====================
C:\Users\Ania\AppData\Local\Temp\sqlite3.dll
 
 
==================== Bamital & volsnap =================
 
(There is no automatic fix for files that do not pass verification.)
 
C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed
 
 
LastRegBack: 2015-11-07 17:56
 
==================== End of FRST.txt ============================
 
 
 
 
 
 
Additional scan result of Farbar Recovery Scan Tool (x64) Version:07-11-2015
Ran by Sawako (2015-11-15 12:58:44)
Running from C:\Users\Ania\Desktop
Windows 10 Home (X64) (2015-09-10 14:42:02)
Boot Mode: Normal
==========================================================
 
 
==================== Accounts: =============================
 
Administrator (S-1-5-21-2839323705-3564200330-1895575039-500 - Administrator - Disabled) => C:\Users\Administrator
Gość (S-1-5-21-2839323705-3564200330-1895575039-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-2839323705-3564200330-1895575039-1003 - Limited - Enabled)
Konto domyślne (S-1-5-21-2839323705-3564200330-1895575039-503 - Limited - Disabled)
Sawako (S-1-5-21-2839323705-3564200330-1895575039-1001 - Administrator - Enabled) => C:\Users\Ania
 
==================== Security Center ========================
 
(If an entry is included in the fixlist, it will be removed.)
 
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
 
==================== Installed Programs ======================
 
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
 
µTorrent (HKU\S-1-5-21-2839323705-3564200330-1895575039-1001\...\uTorrent) (Version: 3.4.5.41202 - BitTorrent Inc.)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 17.0.0.172 - Adobe Systems Incorporated)
Adobe Flash Player 19 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 19.0.0.245 - Adobe Systems Incorporated)
Adobe Reader X (10.1.0) - Polish (HKLM-x32\...\{AC76BA86-7AD7-1045-7B44-AA1000000001}) (Version: 10.1.0 - Adobe Systems Incorporated)
Aktualizacje NVIDIA 11.10.11 (Version: 11.10.11 - NVIDIA Corporation) Hidden
Avast Free Antivirus (HKLM-x32\...\Avast) (Version: 10.2.2218 - AVAST Software)
Bamboo Dock (HKLM-x32\...\Bamboo Dock) (Version: 4.1 - Wacom Co., Ltd.)
Bamboo Dock (x32 Version: 4.1.0 - Wacom Europe GmbH) Hidden
CyberLink MediaStory (HKLM-x32\...\InstallShield_{55762F9A-FCE3-45d5-817B-051218658423}) (Version: 1.0.1314 - CyberLink Corp.)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
DAEMON Tools Lite (HKLM-x32\...\DAEMON Tools Lite) (Version: 4.49.1.0356 - Disc Soft Ltd)
Dependency Package Update (Version: 1.6.25.00 - Lenovo Inc.) Hidden
Dependency Package Update (Version: 1.6.29.00 - Lenovo Inc.) Hidden
Dependency Package Update (Version: 1.6.36.00 - Lenovo Inc.) Hidden
Dolby Digital Plus Home Theater (HKLM\...\{7E3D8FA1-6092-469A-955B-68FC4A2C67CA}) (Version: 7.5.1.1 - Dolby Laboratories Inc)
Energy Manager (HKLM-x32\...\InstallShield_{AC768037-7079-4658-AC24-2897650E0ABE}) (Version: 1.5.0.20 - Lenovo)
Energy Manager (x32 Version: 1.5.0.20 - Lenovo) Hidden
Galeria fotografii (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
GeForce Experience NvStream Client Components (Version: 1.6.28 - NVIDIA Corporation) Hidden
GTA San Andreas (HKLM-x32\...\{19DEFF55-2E7D-4824-8E90-00892BF269BE}) (Version: 1.00.0001 - Rockstar Games)
Hightail for Lenovo (HKLM\...\{2F10E937-F6D7-4174-8AB9-B299E8FC5CEC}) (Version: 2.4.97.2857 - Hightail, Inc.)
Instrukcje użytkownika (x32 Version: 3.0.0.3 - Lenovo) Hidden
Intel® Manageability Engine Firmware Recovery Agent (HKLM-x32\...\{0EC7F9CC-4741-45AE-9F55-6E9343F726F5}) (Version: 1.1.0.36960 - Intel Corporation)
Intel® Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.5.15.1730 - Intel Corporation)
Intel® Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3540 - Intel Corporation)
Intel® Wireless Bluetooth® 4.0 (HKLM-x32\...\{D91E3947-528C-4AC3-B26F-A283F2B79983}) (Version: 3.0.1342.02 - Intel Corporation)
Junk Mail filter update (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
League of Legends (HKLM-x32\...\League of Legends 3.0.1) (Version: 3.0.1 - Riot Games)
League of Legends (x32 Version: 3.0.1 - Riot Games) Hidden
Left 4 Dead 2 (HKLM-x32\...\Steam App 550) (Version:  - Valve)
Lenovo Dependency Package (HKLM\...\Lenovo Dependency Package_is1) (Version: 1.6.25.00 - Lenovo Group Limited)
Lenovo EasyCamera (HKLM-x32\...\{E0A7ED39-8CD6-4351-93C3-69CCA00D12B4}) (Version: 6.2.9200.10279 - Realtek Semiconductor Corp.)
Lenovo EasyCamera (HKLM-x32\...\{E399A5B3-ED53-4DEA-AF04-8011E1EB1EAC}) (Version: 6.3.9600.11105 - Realtek Semiconductor Corp.)
Lenovo FusionEngine  (HKLM-x32\...\Lenovo FusionEngine) (Version: 1.0.13.0 - Lenovo, Inc.)
Lenovo Mobile Phone Wireless Import (HKLM-x32\...\InstallShield_{DFB2E0D6-8DDE-49A4-B8F7-03C14DACCBA6}) (Version: 1.1.1.9 - Lenovo)
Lenovo Mobile Phone Wireless Import (x32 Version: 1.1.1.9 - Lenovo) Hidden
Lenovo Motion Control (HKLM-x32\...\InstallShield_{A60E1DE0-2AD1-4BD3-BBCC-4FBB22FB6F85}) (Version: 2.5.1.0225 - PointGrab)
Lenovo Motion Control (x32 Version: 2.5.1.0225 - PointGrab) Hidden
Lenovo OneKey Recovery (HKLM-x32\...\InstallShield_{46F4D124-20E5-4D12-BE52-EC177A7A4B42}) (Version: 8.1.0.2619 - CyberLink Corp.)
Lenovo OneKey Recovery (Version: 8.1.0.2619 - CyberLink Corp.) Hidden
Lenovo PhoneCompanion (HKLM-x32\...\InstallShield_{0F82EA83-B0C5-4AB9-9695-DFE92C5FD57B}) (Version: 1.2.0.2 - Lenovo)
Lenovo PhoneCompanion (x32 Version: 1.2.0.2 - Lenovo) Hidden
Lenovo Settings (HKLM-x32\...\InstallShield_{42F8AFC3-7944-46CC-9689-94FF9869D0A7}) (Version: 1.0.0.46 - Nazwa firmy)
Lenovo Settings (x32 Version: 1.0.0.46 - Nazwa firmy) Hidden
Lenovo SHAREit (HKLM-x32\...\Lenovo SHAREit_is1) (Version: 2.0.5.0 - Lenovo Group Limited)
Lenovo Updates (HKLM-x32\...\InstallShield_{A2E1E9F0-0B68-4166-8C7F-85B563B84DF4}) (Version: 1.1.0.61 - Lenovo)
Lenovo Updates (x32 Version: 1.1.0.61 - Lenovo) Hidden
Magic Transfer (HKLM\...\{AD2B2BD1-A1D7-4798-8FDD-B2A58FD94E68}) (Version: 1.1.1.11 - )
Magic Transfer (HKLM-x32\...\InstallShield_{AD2B2BD1-A1D7-4798-8FDD-B2A58FD94E68}) (Version: 1.1.1.11 - Lenovo)
Magic Transfer (x32 Version: 1.1.1.11 - Lenovo) Hidden
Metric Collection SDK 35 (x32 Version: 1.2.0001.00 - Lenovo Group Limited) Hidden
Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{832D9DE0-8AFC-4689-9819-4DBBDEBD3E4F}) (Version: 3.5.92.0 - Microsoft Corporation)
Microsoft Games for Windows Marketplace (HKLM-x32\...\{67F42018-F647-4D3C-BE62-F8CB4FE2FCD5}) (Version: 3.5.67.0 - Microsoft Corporation)
Microsoft Office 365 - pl-pl (HKLM\...\O365HomePremRetail - pl-pl) (Version: 15.0.4763.1003 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.40728.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{7f51bdb9-ee21-49ee-94d6-90afc321780e}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft WSE 3.0 Runtime (HKLM-x32\...\{E3E71D07-CD27-46CB-8448-16D4FB29AA13}) (Version: 3.0.5305.0 - Microsoft Corp.)
Movie Maker (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Nero 8 Lite 8.2.8.0 (HKLM-x32\...\Nero8Lite_is1) (Version: 8.2.8.0 - Updatepack.nl)
NVIDIA GeForce Experience 1.8.2 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 1.8.2 - NVIDIA Corporation)
NVIDIA PhysX (HKLM-x32\...\{8B922CF8-8A6C-41CE-A858-F1755D7F5D29}) (Version: 9.12.1031 - NVIDIA Corporation)
NVIDIA Sterownik graficzny 332.50 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 332.50 - NVIDIA Corporation)
NVIDIA Virtual Audio 1.2.20 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_VirtualAudio.Driver) (Version: 1.2.20 - NVIDIA Corporation)
Office 15 Click-to-Run Extensibility Component (x32 Version: 15.0.4763.1003 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Licensing Component (Version: 15.0.4763.1003 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Localization Component (x32 Version: 15.0.4763.1003 - Microsoft Corporation) Hidden
Onekey Theater (HKLM-x32\...\{91CC5BAE-A098-40D3-A43B-C0DC7CE263FE}) (Version: 3.0.1.2 - Lenovo)
Oprogramowanie Intel® PROSet/Wireless (HKLM-x32\...\{313c06de-4aa7-4a1f-930a-f10f80380426}) (Version: 17.14.0 - Intel Corporation)
Origin (HKLM-x32\...\Origin) (Version: 9.1.15.109 - Electronic Arts, Inc.)
osu! (HKLM-x32\...\{22274dbc-544e-4c94-96aa-101266eabbb1}) (Version: latest - ppy Pty Ltd)
Pakiet sterowników systemu Windows - Lenovo (ACPIVPC) System  (09/24/2013 19.29.2.34) (HKLM\...\EE9B1F2037C580F36D92FA431CC02BFF04C31F15) (Version: 09/24/2013 19.29.2.34 - Lenovo)
Pakiet sterowników systemu Windows - Lenovo (WUDFRd) LenovoVhid  (07/25/2013 10.30.0.288) (HKLM\...\6BCA401E9CBEED970D75F55FA5320F60D11984E9) (Version: 07/25/2013 10.30.0.288 - Lenovo)
Panel sterowania NVIDIA 353.62 (Version: 353.62 - NVIDIA Corporation) Hidden
Poczta usługi Windows Live (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Podstawowe programy Windows Live (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation)
Podstawowe programy Windows Live (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Polski pakiet językowy dla narzędzi Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - PLK) (Version: 10.0.50903 - Microsoft Corporation)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 6.2.9600.21243 - Realtek Semiconductor Corp.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.20.815.2013 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7535 - Realtek Semiconductor Corp.)
Samsung Kies (HKLM-x32\...\InstallShield_{758C8301-2696-4855-AF45-534B1200980A}) (Version: 2.6.3.15075.2 - Samsung Electronics Co., Ltd.)
Samsung Kies (x32 Version: 2.6.3.15075.2 - Samsung Electronics Co., Ltd.) Hidden
Samsung USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.55.0 - Samsung Electronics Co., Ltd.)
SHIELD Streaming (Version: 1.7.306 - NVIDIA Corporation) Hidden
Skype™ 7.7 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.7.103 - Skype Technologies S.A.)
Smart Switch (HKLM-x32\...\InstallShield_{74FA5314-85C8-4E2A-907D-D9ECCCB770A7}) (Version: 4.0.15082.16 - Samsung Electronics Co., Ltd.)
Smart Switch (x32 Version: 4.0.15082.16 - Samsung Electronics Co., Ltd.) Hidden
Spooky's House of Jump Scares (HKLM-x32\...\Steam App 356670) (Version:  - Lag Studios)
StageLight (HKLM\...\StageLight) (Version: 1.3.0.4350 - Open Labs, LLC.)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 19.0.17.5 - Synaptics Incorporated)
SyncDroid version 1.2.5 (HKLM-x32\...\{BE7E35A4-59E5-412B-9B18-57B4938B8C0B}_is1) (Version: 1.2.5 - JunTu Software, Inc.)
The Sims 4 (HKLM-x32\...\VGhlU2ltczQ=_is1) (Version: 1 - )
The Sims™ 3 (HKLM-x32\...\{C05D8CDB-417D-4335-A38C-A0659EDFD6B8}) (Version: 1.54.95 - Electronic Arts)
The Sims™ 3 Cztery pory roku (HKLM-x32\...\{3DE92282-CB49-434F-81BF-94E5B380E889}) (Version: 16.0.136 - Electronic Arts)
The Sims™ 3 Pokolenia (HKLM-x32\...\{E6B88BD6-E4B2-4701-A648-B6DAC6E491CC}) (Version: 8.0.152 - Electronic Arts)
The Sims™ 3 Rajska Wyspa (HKLM-x32\...\{DB21639E-FE55-432C-BCA2-0C5249E3F79E}) (Version: 19.0.101 - Electronic Arts)
The Sims™ 3 Szalone Lata 70. 80. i 90. Akcesoria (HKLM-x32\...\{E1868CAE-E3B9-4099-8C18-AA8944D336FD}) (Version: 17.0.77 - Electronic Arts)
The Sims™ 3 Zwierzaki (HKLM-x32\...\{C12631C6-804D-4B32-B0DD-8A496462F106}) (Version: 10.0.96 - Electronic Arts)
The Sims™ 4 (HKLM-x32\...\{48EBEBBF-B9F8-4520-A3CF-89A730721917}) (Version: 1.0.732.20 - Electronic Arts Inc.)
Trove (HKLM-x32\...\Steam App 304050) (Version:  - Trion Worlds)
User Manuals (HKLM-x32\...\InstallShield_{F07C2CF8-4C53-4EC3-8162-A6221E36EB88}) (Version: 3.0.0.3 - Lenovo)
Vegas Pro 12.0 (64-bit) (HKLM\...\{A7500970-FE98-11E1-B560-F04DA23A5C58}) (Version: 12.0.367 - Sony)
Vimicro USB2.0 PC Camera (VC0323) (HKLM-x32\...\{36820BCA-FC55-452E-9085-6E6F1F55508D}) (Version: 2007.05.14 - Vimicro)
VLC media player (HKLM\...\VLC media player) (Version: 2.2.1 - VideoLAN)
Wacom (HKLM\...\Pen Tablet Driver) (Version: 5.3.3-3 - Wacom Technology Corp.)
War Thunder (HKLM-x32\...\Steam App 236390) (Version:  - Gaijin Entertainment)
Warframe (HKLM-x32\...\Steam App 230410) (Version:  - Digital Extremes)
WebTablet FB Plugin 32 bit (HKLM-x32\...\Wacom WebTabletPlugin for Internet Explorer and Netscape) (Version: 2.1.0.3 - Wacom Technology Corp.)
WebTablet FB Plugin 64 bit (HKLM\...\Wacom WebTabletPlugin for Internet Explorer and Netscape) (Version: 2.1.0.3 - Wacom Technology Corp.)
WinRAR 5.20 (64-bitowy) (HKLM\...\WinRAR archiver) (Version: 5.20.0 - win.rar GmbH)
 
==================== Custom CLSID (Whitelisted): ==========================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
CustomCLSID: HKU\S-1-5-21-2839323705-3564200330-1895575039-1001_Classes\CLSID\{092dfa86-5807-5a94-bf3b-5a53ba9e5308}\InprocServer32 -> C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll (Wacom)
 
==================== Restore Points =========================
 
20-10-2015 16:00:11 Windows Update
30-10-2015 20:35:11 Windows Update
07-11-2015 20:44:50 Zaplanowany punkt kontrolny
11-11-2015 13:36:29 Zainstalowane The Sims 3 Create A World
12-11-2015 18:57:46 Usunięte The Sims 3 Create A World
 
==================== Hosts content: ===============================
 
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
 
2013-08-22 14:25 - 2013-08-22 14:25 - 00000824 ____A C:\WINDOWS\system32\Drivers\etc\hosts
 
 
==================== Scheduled Tasks (Whitelisted) =============
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
Task: {0DD11396-F116-47AD-B362-ABDE7B4A0476} - System32\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d-Logon => C:\Program Files (x86)\Intel\Intel® ME FW Recovery Agent\bin\Bootstrap.exe [2013-03-07] (Intel Corporation)
Task: {15E1FDB0-531B-4690-B778-4F43C8E86A3E} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> No File <==== ATTENTION
Task: {176B1076-FB17-4911-BDF5-0CFD16397AB2} - System32\Tasks\Synaptics TouchPad Enhancements => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2015-09-10] (Synaptics Incorporated)
Task: {19E78963-3F7D-49D1-A18E-F3587C48F02C} - System32\Tasks\Lenovo\Dependency Package Auto Update => C:\Program Files\Lenovo\iMController\AutoUpdate.exe [2014-05-21] ()
Task: {216F060D-1E79-4155-B945-73D08DD58E8C} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2015-06-18] (Avast Software s.r.o.)
Task: {258C344B-02EC-46A4-938D-2B9B2C9D7BCF} - System32\Tasks\DriverToolkit Autorun => C:\Program Files (x86)\DriverToolkit\DriverToolkit.exe
Task: {2CBD366F-D376-48CE-87DF-0D58A2539E38} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION
Task: {2DA7602E-58E4-4F9D-BC2E-DBA06FAFDB87} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2015-10-07] (Microsoft Corporation)
Task: {2E5E8AD3-23BC-4CA6-A7D1-2C78C44A6C0A} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2015-10-07] (Microsoft Corporation)
Task: {35C5D12B-A4CE-4E3A-910F-44D05AC47F8B} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> No File <==== ATTENTION
Task: {7645EF54-49E8-46EC-A1FF-8E2699A3AD5A} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION
Task: {7D774763-A5EB-4FEF-8DB9-2F4F3AD6C543} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION
Task: {81ED0130-510F-4725-90EA-FDB4F0FFDDC2} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> No File <==== ATTENTION
Task: {88AA31AA-F467-41EA-BC77-1A5CBAC3749F} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> No File <==== ATTENTION
Task: {92F541E0-F7D2-4863-BE69-97EABE189904} - System32\Tasks\Lenovo\Lenovo Customer Feedback Program 64 35 => C:\Program Files (x86)\Lenovo\Customer Feedback Program 35\Lenovo.TVT.CustomerFeedback.Agent35.exe [2014-05-30] (Lenovo)
Task: {A4F2FBE7-6DDC-4E1A-96D8-CF510BF0E2B4} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> No File <==== ATTENTION
Task: {A7D6105F-F915-4C34-8C27-6D00EBC865E9} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesCommonx86\Microsoft Shared\OFFICE15\OLicenseHeartbeat.exe [2015-10-28] (Microsoft Corporation)
Task: {AC12B841-B260-4FF9-B15B-D6967EB6A152} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION
Task: {B755B63E-E399-4A86-A7FB-E1BAB3B43DFB} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2015-10-13] (Microsoft Corporation)
Task: {B96DFAB5-77A1-4320-BB98-C3D56F158C6F} - System32\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d => C:\Program Files (x86)\Intel\Intel® ME FW Recovery Agent\bin\Bootstrap.exe [2013-03-07] (Intel Corporation)
Task: {C4C0D775-4882-416E-9CE3-83557B205DAE} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_19_0_0_245_pepper.exe [2015-11-11] (Adobe Systems Incorporated)
Task: {D5A88EE4-822E-4690-B027-6C12E1305993} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-11-11] (Adobe Systems Incorporated)
Task: {DDB95684-FE53-47D2-86D1-B41384B7A90F} - System32\Tasks\{1365FB68-70BA-49EA-BBCD-B4639C02F27A} => pcalua.exe -a "C:\Program Files (x86)\Rockstar Games\GTA San Andreas\gta_sa.exe" -d "C:\Program Files (x86)\Rockstar Games\GTA San Andreas"
Task: {E5C5825C-39F9-4C33-826B-735C09B487E8} - System32\Tasks\DolbySelectorTask => C:\Program Files\Dolby Digital Plus\ddp.exe
Task: {E871C77C-F4E2-4CAB-AEC2-FAA34368CD9F} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> No File <==== ATTENTION
Task: {F8D4EA26-ECE6-43A3-B145-501FD0BE9006} - System32\Tasks\Opera scheduled Autoupdate 1426434333 => C:\Program Files (x86)\Opera\launcher.exe
Task: {FD82A229-6485-449A-A3CF-707F4615C02D} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION
 
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
 
Task: C:\WINDOWS\Tasks\Adobe Flash Player PPAPI Notifier.job => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_19_0_0_245_pepper.exe
Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\DriverToolkit Autorun.job => C:\Program Files (x86)\DriverToolkit\DriverToolkit.exe
 
==================== Loaded Modules (Whitelisted) ==============
 
2015-09-10 16:00 - 2015-09-10 16:00 - 00032768 _____ () C:\WINDOWS\SYSTEM32\licensemanagerapi.dll
2015-09-10 15:12 - 2015-07-23 02:10 - 00116552 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2015-09-11 14:12 - 2015-08-11 10:14 - 00404480 _____ () C:\WINDOWS\System32\diagtrack_wininternal.dll
2015-03-03 17:24 - 2015-10-07 19:28 - 00105640 _____ () C:\Program Files\Microsoft Office 15\ClientX64\ApiClient.dll
2015-10-01 17:09 - 2015-09-17 07:48 - 02494712 _____ () C:\WINDOWS\system32\CoreUIComponents.dll
2015-10-01 17:09 - 2015-09-17 07:48 - 02494712 _____ () C:\WINDOWS\System32\CoreUIComponents.dll
2015-05-17 12:30 - 2014-01-13 07:24 - 01356568 _____ () C:\Program Files\Tablet\Pen\libxml2.dll
2015-10-01 17:08 - 2015-09-17 06:48 - 00429056 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\QuickActions.dll
2015-10-01 17:09 - 2015-09-17 06:44 - 06569472 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2015-10-01 17:08 - 2015-09-17 06:42 - 00471040 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2015-10-01 17:08 - 2015-09-17 06:42 - 01808384 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2015-10-01 17:09 - 2015-09-17 06:43 - 02274816 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
2015-06-24 21:57 - 2015-06-24 21:57 - 00133184 _____ () C:\Program Files\Realtek\Audio\HDA\FMAPP.exe
2014-03-26 11:50 - 2014-09-08 08:26 - 00058864 _____ () C:\Program Files (x86)\Lenovo\Energy Manager\kbdhook.dll
2015-05-20 09:20 - 2015-05-20 09:20 - 00479352 _____ () C:\Program Files (x86)\Opera\29.0.1795.60\opera_crashreporter.exe
2015-06-06 08:18 - 2015-06-06 08:18 - 00104400 _____ () C:\Program Files\AVAST Software\Avast\log.dll
2015-06-06 08:18 - 2015-06-06 08:18 - 00081728 _____ () C:\Program Files\AVAST Software\Avast\JsonRpcServer.dll
2015-11-15 11:35 - 2015-11-15 11:35 - 02991104 _____ () C:\Program Files\AVAST Software\Avast\defs\15111500\algo.dll
2014-02-25 15:42 - 2014-02-25 15:42 - 00013576 _____ () C:\Program Files (x86)\Lenovo\Motion Control\PointGrabDeviceAPI.dll
2015-06-06 08:18 - 2015-06-06 08:18 - 40540672 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2015-05-20 09:20 - 2015-05-20 09:20 - 00157304 _____ () C:\Program Files (x86)\Opera\29.0.1795.60\message_center_win8.dll
2014-02-25 15:42 - 2014-02-25 15:42 - 02689800 _____ () C:\Program Files (x86)\Lenovo\Motion Control\WebcamSplitterFilter.ax
2015-05-20 09:20 - 2015-05-20 09:20 - 01576568 _____ () C:\Program Files (x86)\Opera\29.0.1795.60\libglesv2.dll
2015-05-20 09:20 - 2015-05-20 09:20 - 00081016 _____ () C:\Program Files (x86)\Opera\29.0.1795.60\libegl.dll
 
==================== Alternate Data Streams (Whitelisted) =========
 
(If an entry is included in the fixlist, only the ADS will be removed.)
 
 
==================== Safe Mode (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
 
 
==================== EXE Association (Whitelisted) ===============
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
 
 
==================== Internet Explorer trusted/restricted ===============
 
(If an entry is included in the fixlist, it will be removed from the registry.)
 
 
==================== Other Areas ============================
 
(Currently there is no automatic fix for this section.)
 
HKU\S-1-5-21-2839323705-3564200330-1895575039-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Ania\Pictures\Obrazy\11816128_1514797608812092_3592493368307446300_o — kopia.jpg
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.
 
==================== MSCONFIG/TASK MANAGER disabled items ==
 
(Currently there is no automatic fix for this section.)
 
HKLM\...\StartupApproved\Run: => "Energy Manager"
HKLM\...\StartupApproved\Run: => "OnekeyStudio"
HKLM\...\StartupApproved\Run: => "PhoneCompanion"
HKLM\...\StartupApproved\Run: => "NvBackend"
HKLM\...\StartupApproved\Run: => "RtsFT"
HKLM\...\StartupApproved\Run32: => "Adobe Creative Cloud"
HKLM\...\StartupApproved\Run32: => "Adobe ARM"
HKLM\...\StartupApproved\Run32: => "BambooCore"
HKU\S-1-5-21-2839323705-3564200330-1895575039-1001\...\StartupApproved\Run: => "DAEMON Tools Lite"
HKU\S-1-5-21-2839323705-3564200330-1895575039-1001\...\StartupApproved\Run: => "Pokki"
HKU\S-1-5-21-2839323705-3564200330-1895575039-1001\...\StartupApproved\Run: => "Skype"
HKU\S-1-5-21-2839323705-3564200330-1895575039-1001\...\StartupApproved\Run: => "SoftonicAssistant"
HKU\S-1-5-21-2839323705-3564200330-1895575039-1001\...\StartupApproved\Run: => "Steam"
HKU\S-1-5-21-2839323705-3564200330-1895575039-1001\...\StartupApproved\Run: => "msnmsgr"
 
==================== FirewallRules (Whitelisted) ===============
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [{72CC712D-F89C-4D31-8A19-07B9BFFA5C86}] => (Allow) C:\Program Files (x86)\The Sims 4\Game\Bin\TS4.exe
FirewallRules: [{9D08CA07-3FB1-4FA7-958B-FA70E0F5BE91}] => (Allow) C:\Program Files (x86)\The Sims 4\Game\Bin\TS4.exe
FirewallRules: [UDP Query User{D265985E-7F1E-4EC5-8CCD-A01666038432}C:\program files (x86)\prototype 2\prototype2.exe] => (Allow) C:\program files (x86)\prototype 2\prototype2.exe
FirewallRules: [TCP Query User{8E0BC507-C476-4235-AE9A-CAFD92894C7B}C:\program files (x86)\prototype 2\prototype2.exe] => (Allow) C:\program files (x86)\prototype 2\prototype2.exe
FirewallRules: [{B95A760B-8CD1-449C-9815-367E20ACF7C3}] => (Allow) C:\Users\Ania\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{60184CBC-C4B4-4412-B577-2C04BEB3083B}] => (Allow) C:\Users\Ania\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{DA4F3F01-2DFE-4298-82E2-F8B7DE2D76A2}] => (Allow) C:\Users\Ania\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{BE48EEA2-EB2A-41DE-BB7C-409BA1662F3B}] => (Allow) C:\Users\Ania\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{6D380F8C-91AC-4EA8-A379-D126AF59A435}] => (Allow) C:\Users\Ania\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{3C1C105A-3952-4EF3-9DB0-BEBB68CC57F3}] => (Allow) C:\Users\Ania\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{368D86BB-3014-45AF-AD01-A8E4F33AD79E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Trove\GlyphClient.exe
FirewallRules: [{6BE06833-42EC-4958-93FC-B3E0D2698A5D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Trove\GlyphClient.exe
FirewallRules: [{07ECAF83-DDC4-4DFF-87B9-D2D7A01E2110}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Esenthel\Esenthel DX9.exe
FirewallRules: [{4D6AA62C-0750-4C5E-8DF4-6CDACDAADFC0}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Esenthel\Esenthel DX9.exe
FirewallRules: [{10BADABF-BB9A-46B6-A530-EDE94DA0EAFB}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Esenthel\Esenthel 64.exe
FirewallRules: [{E025F744-602D-41F2-82E1-D69F10B488FD}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Esenthel\Esenthel 64.exe
FirewallRules: [{A71A7341-6490-4499-93FE-EB60BDD5D12E}] => (Allow) C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
FirewallRules: [{571CAA23-E1E9-406F-B615-A3A862BAC0EC}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Spooky's House of Jump Scares\SPOOKY.exe
FirewallRules: [{F4EA67BF-E4B9-47AC-8924-BCB260EDA6FF}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Spooky's House of Jump Scares\SPOOKY.exe
FirewallRules: [{22C21030-CCF3-4788-8C7E-5C4810F95F3A}] => (Allow) C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
FirewallRules: [{1C452CAC-FC0F-4DC6-9DF5-78FAEB1E05C8}] => (Allow) LPort=1900
FirewallRules: [{46191318-DE7A-402D-A128-7D65CFD64CDE}] => (Allow) LPort=2869
FirewallRules: [{341B8996-0FAF-4846-9A0C-865C05BDF4DA}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{C0AAA777-CDEE-47C9-932F-196EA709E445}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\War Thunder\launcher.exe
FirewallRules: [{7479EC75-10E3-4A08-94A3-DCD617F6CBA5}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\War Thunder\launcher.exe
FirewallRules: [{94C51753-5325-4E14-9D01-9B142F4A0F66}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Left 4 Dead 2\left4dead2.exe
FirewallRules: [{0D695A80-D9FA-4EB0-94F4-8EEDD664228E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Left 4 Dead 2\left4dead2.exe
FirewallRules: [{5CE7667F-3F34-4F77-B39D-E0B9CC351F60}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{718E34E8-D986-46FE-A976-2E6404EABE3B}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{7FFDFA30-207D-4E82-B9EE-1918362211CA}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{B57A2BC7-472A-441A-9688-19B4090EC72C}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{3832318E-DE0D-479B-940E-F33913DE6BA2}] => (Allow) C:\Program Files (x86)\Opera\opera.exe
FirewallRules: [{106D17BB-8597-4EE1-806F-3BD4953B6DB6}] => (Allow) C:\Program Files (x86)\Opera\opera.exe
FirewallRules: [UDP Query User{93F39581-7F8F-402B-8A53-983FB5102433}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [TCP Query User{B291EAB6-D98C-4796-BD26-DB2B71FB8C79}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [{30142DAC-9A58-408C-A78F-481124A91F80}] => (Allow) C:\Users\Ania\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe
FirewallRules: [{7EE7DE0C-F0C8-423C-8DC0-2D85BF27BEDB}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\outlook.exe
FirewallRules: [{7BD6F4F9-0186-4016-B0CC-8348B5F28356}] => (Allow) C:\Program Files\Lenovo PhotoMasterImport\PhotoMasterImport.exe
FirewallRules: [{0D1E6F31-16AC-436E-9A89-0044DEC3B122}] => (Allow) LPort=55100
FirewallRules: [{4EE00CD4-28C5-4CF8-BEAA-A5766845E9EB}] => (Allow) C:\Program Files (x86)\Lenovo\SHAREit\SHAREit.exe
FirewallRules: [{60EE6556-C274-41BE-9C37-4A9BD97D0D58}] => (Allow) C:\Program Files (x86)\Lenovo\SHAREit\SHAREit.exe
FirewallRules: [{EA25AB17-F518-4196-B5A1-F060724D570C}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{900713F3-112B-4ED4-8BCC-9795531EA7CF}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{6D9104A9-244D-4838-B0B0-A8932900FDE2}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
FirewallRules: [{3088370C-7140-4F97-AC57-235448D54BA4}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
FirewallRules: [{E9871821-9006-4726-B25B-CB9168D09A17}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{6043DD37-BBD3-4515-8305-5D6A770E83C2}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{61EFAAA9-D0C6-48B2-98D7-528216665FC6}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Rise_of_Incarnates\exe\roi.exe
FirewallRules: [{6D5EAA69-0031-4442-9D76-EDA158CFAB12}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Rise_of_Incarnates\exe\roi.exe
FirewallRules: [{51CC612F-8E18-49A5-B5F7-5E85407F2BCC}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warframe\Warframe.exe
FirewallRules: [{A06755DC-7AFF-4B30-B9E0-CD6F85E8A387}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warframe\Warframe.x64.exe
FirewallRules: [{0757DEFC-2E92-488C-9E3D-4E4868C43CDD}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warframe\Warframe.exe
FirewallRules: [{7C921D1A-B789-44B6-8A46-2DED6844787D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warframe\Warframe.x64.exe
FirewallRules: [{92F3CD6B-F9C3-4568-AFD0-47B3DCD6F31D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warframe\Tools\Launcher.exe
FirewallRules: [{A96E4BEF-58A7-422E-AC15-53C22BA52310}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warframe\Tools\RemoteCrashSender.exe
FirewallRules: [{D575E926-E08E-4A6C-AE22-973CEC9199D0}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warframe\Warframe.exe
FirewallRules: [{D6757900-F2E6-4F3C-93F1-AC332DAC21F8}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warframe\Warframe.x64.exe
FirewallRules: [{6F97068D-78BE-4E7C-AAB7-82C74C878276}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warframe\Warframe.exe
FirewallRules: [{81F3FD01-7040-494A-845A-28F7C969B064}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warframe\Warframe.x64.exe
FirewallRules: [{625FAD66-0961-4C79-B786-CB011FE14037}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warframe\Tools\Launcher.exe
FirewallRules: [{4A2B831D-4B96-41EB-AD84-F0BCC7D1D779}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warframe\Tools\RemoteCrashSender.exe
 
==================== Faulty Device Manager Devices =============
 
 
==================== Event log errors: =========================
 
Application errors:
==================
Error: (11/15/2015 12:54:44 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3011) (User: ZARZĄDZANIE NT)
Description: Unloading the performance counter strings for service WmiApRpl (WmiApRpl) failed. The first DWORD in the Data section contains the error code.
 
Error: (11/15/2015 12:54:44 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3012) (User: ZARZĄDZANIE NT)
Description: The performance strings in the Performance registry value is corrupted when process Performance extension counter provider. The BaseIndex value from the Performance registry is the first DWORD in the Data section, LastCounter value is the second DWORD in the Data section, and LastHelp value is the third DWORD in the Data section.
 
Error: (11/15/2015 12:54:44 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3012) (User: ZARZĄDZANIE NT)
Description: The performance strings in the Performance registry value is corrupted when process Performance extension counter provider. The BaseIndex value from the Performance registry is the first DWORD in the Data section, LastCounter value is the second DWORD in the Data section, and LastHelp value is the third DWORD in the Data section.
 
Error: (11/15/2015 12:54:43 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3012) (User: ZARZĄDZANIE NT)
Description: The performance strings in the Performance registry value is corrupted when process Performance extension counter provider. The BaseIndex value from the Performance registry is the first DWORD in the Data section, LastCounter value is the second DWORD in the Data section, and LastHelp value is the third DWORD in the Data section.
 
Error: (11/15/2015 12:50:46 PM) (Source: NvStreamSvc) (EventID: 1) (User: )
Description: NvStreamSvcNvVAD initialization failed [0]
 
Error: (11/15/2015 12:50:46 PM) (Source: NvStreamSvc) (EventID: 1) (User: )
Description: NvStreamSvcFailed to load Audio DLL [126]
 
Error: (11/15/2015 12:33:14 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3011) (User: ZARZĄDZANIE NT)
Description: Unloading the performance counter strings for service WmiApRpl (WmiApRpl) failed. The first DWORD in the Data section contains the error code.
 
Error: (11/15/2015 12:33:14 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3012) (User: ZARZĄDZANIE NT)
Description: The performance strings in the Performance registry value is corrupted when process Performance extension counter provider. The BaseIndex value from the Performance registry is the first DWORD in the Data section, LastCounter value is the second DWORD in the Data section, and LastHelp value is the third DWORD in the Data section.
 
Error: (11/15/2015 12:33:14 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3012) (User: ZARZĄDZANIE NT)
Description: The performance strings in the Performance registry value is corrupted when process Performance extension counter provider. The BaseIndex value from the Performance registry is the first DWORD in the Data section, LastCounter value is the second DWORD in the Data section, and LastHelp value is the third DWORD in the Data section.
 
Error: (11/15/2015 12:33:14 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3012) (User: ZARZĄDZANIE NT)
Description: The performance strings in the Performance registry value is corrupted when process Performance extension counter provider. The BaseIndex value from the Performance registry is the first DWORD in the Data section, LastCounter value is the second DWORD in the Data section, and LastHelp value is the third DWORD in the Data section.
 
 
System errors:
=============
Error: (11/15/2015 12:53:21 PM) (Source: DCOM) (EventID: 10010) (User: ZARZĄDZANIE NT)
Description: {784E29F4-5EBE-4279-9948-1E8FE941646D}
 
Error: (11/15/2015 12:53:21 PM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: Upłynął limit czasu (30000 ms) podczas oczekiwania na odpowiedź transakcji z usługi wuauserv.
 
Error: (11/15/2015 12:52:35 PM) (Source: DCOM) (EventID: 10010) (User: Lenovo-PC)
Description: {5DC4F9AD-3A2B-4DF4-AC39-3FF5A19FCF4C}
 
Error: (11/15/2015 12:50:10 PM) (Source: Service Control Manager) (EventID: 7032) (User: )
Description: Menedżer sterowania usługami próbował podjąć akcję korekcyjną (Uruchom usługę ponownie) po nieoczekiwanym zakończeniu usługi Windows Search, ale ta akcja nie powiodła się przy następującym błędzie: 
%%1056.
 
Error: (11/15/2015 12:50:08 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Usługa Dostęp do danych użytkownika_Session1 niespodziewanie zakończyła pracę. Wystąpiło to razy: 1. W przeciągu 10000 milisekund zostanie podjęta następująca czynność korekcyjna: Uruchom usługę ponownie.
 
Error: (11/15/2015 12:50:08 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Usługa Magazyn danych użytkownika_Session1 niespodziewanie zakończyła pracę. Wystąpiło to razy: 1. W przeciągu 10000 milisekund zostanie podjęta następująca czynność korekcyjna: Uruchom usługę ponownie.
 
Error: (11/15/2015 12:50:08 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Usługa Dane kontaktowe_Session1 niespodziewanie zakończyła pracę. Wystąpiło to razy: 1. W przeciągu 10000 milisekund zostanie podjęta następująca czynność korekcyjna: Uruchom usługę ponownie.
 
Error: (11/15/2015 12:50:08 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Usługa Synchronizuj hosta_Session1 niespodziewanie zakończyła pracę. Wystąpiło to razy: 1. W przeciągu 10000 milisekund zostanie podjęta następująca czynność korekcyjna: Uruchom usługę ponownie.
 
Error: (11/15/2015 12:49:40 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Usługa Intel® Dynamic Application Loader Host Interface Service niespodziewanie zakończyła pracę. Wystąpiło to razy: 1.
 
Error: (11/15/2015 12:49:40 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Usługa Intel® ME Service niespodziewanie zakończyła pracę. Wystąpiło to razy: 1.
 
 
==================== Memory info =========================== 
 
Processor: Intel® Core™ i5-4210H CPU @ 2.90GHz
Percentage of memory in use: 27%
Total physical RAM: 8104.27 MB
Available physical RAM: 5883.94 MB
Total Virtual: 9384.27 MB
Available Virtual: 6996.14 MB
 
==================== Drives ================================
 
Drive c: (Windows8_OS) (Fixed) (Total:889.12 GB) (Free:728.52 GB) NTFS ==>[system with boot components (obtained from drive)]
Drive d: (LENOVO) (Fixed) (Total:25 GB) (Free:22.15 GB) NTFS
 
==================== MBR & Partition Table ==================
 
========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: 8D039C98)
 
Partition: GPT.
 
==================== End of Addition.txt ============================
 
 
 
 
Now I noticed that I didn't change fixlog and Cleaner into English, sorry (^^'')

  • 0

#5
emeraldnzl
Posted 15 November 2015 - 02:27 PM

emeraldnzl

    GeekU Instructor

  • GeekU Moderator
  • 20,051 posts

Hello again SawakoChan1,

Thank you for that file. :)

Now
 

CHR dev: Chrome dev build detected! <======= ATTENTION

The FRST scan shows that you have the dev: build version of Chrome. Replacing your browser with the development build is a technique used by malware to gain access to your browser.

If you haven't installed the dev: build then your Chrome browser has a nasty infection. It's quite recent and to fix it we need to uninstall and reinstall Chrome. Depending on how long you have had the infection we may need further work after the reinstall.

If you installed dev build yourself and want to keep it, tell me. Otherwise follow the instructions below:

Firstly

You might like to backup your bookmarks. Go to the link below to learn how to export Chrome's bookmarks. You can save them somewhere you can find them and import them back to Chrome when you reinstall.

https://support.goog...wer/96816?hl=en

Step 2

Go to the link below for instructions to uninstall Google Chrome. Use the Windows instructions for Windows Vista/ Windows 7/ Windows 8

https://support.goog...wer/95319?hl=en

Note: To remove this infection properly you must remove your profile information so make sure you tick the "Also delete your browsing data" check box.

Step 3

Download and reinstall [url=http://www.google.com/intl/en_uk/chrome/browser/]Google Chrome.

After that

Please run another FRST scan with the Addition.txt box ticked and post back the two logs generated - FRST.txt and Addition.txt.


  • 0

#6
emeraldnzl
Posted 25 November 2015 - 05:47 PM

emeraldnzl

    GeekU Instructor

  • GeekU Moderator
  • 20,051 posts

Due to lack of feedback, this topic has been closed.

If you need this topic reopened, please contact a staff member. This applies only to the original topic starter. Everyone else please begin a New Topic.


  • 0
Back to Virus, Spyware, Malware Removal · Next Unread Topic →




Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

  1. Geeks to Go Community
  2. Security
  3. Virus, Spyware, Malware Removal

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP