Anonim / 2 lata, 11 miesięcy temu | Download | Plaintext | Odpowiedz |

  1
  2
  3
  4
  5
  6
  7
  8
  9
 10
 11
 12
 13
 14
 15
 16
 17
 18
 19
 20
 21
 22
 23
 24
 25
 26
 27
 28
 29
 30
 31
 32
 33
 34
 35
 36
 37
 38
 39
 40
 41
 42
 43
 44
 45
 46
 47
 48
 49
 50
 51
 52
 53
 54
 55
 56
 57
 58
 59
 60
 61
 62
 63
 64
 65
 66
 67
 68
 69
 70
 71
 72
 73
 74
 75
 76
 77
 78
 79
 80
 81
 82
 83
 84
 85
 86
 87
 88
 89
 90
 91
 92
 93
 94
 95
 96
 97
 98
 99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
357
358
359
360
361
362
363
364
365
366
367
368
369
370
371
372
373
374
375
376
377
378
379
380
381
382
383
384
385
386
387
388
389
390
391
392
393
394
395
396
397
398
399
400
401
402
403
404
405
406
407
408
409
410
411
412
413
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 11-03-2015
Ran by LENOVO at 2015-03-16 10:43:17
Running from G:\
Boot Mode: Normal
==========================================================


==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 3.1.0.4880 - Adobe Systems Incorporated)
Adobe Creative Suite 6 Master Collection (HKLM-x32\...\{E8AD3069-9EB7-4BA8-8BFE-83F4E69355C0}) (Version: 6 - Adobe Systems Incorporated)
Adobe Help Manager (HKLM-x32\...\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 4.0.244 - Adobe Systems Incorporated)
Adobe Photoshop CS (HKLM-x32\...\{EFB21DE7-8C19-4A88-BB28-A766E16493BC}) (Version: CS - Adobe Systems, Inc.)
Adobe Reader XI - Polish (HKLM-x32\...\{AC76BA86-7AD7-1045-7B44-AB0000000001}) (Version: 11.0.00 - Adobe Systems Incorporated)
ALLPlayer Pilot (HKLM-x32\...\{146BDBDD-ACD9-4B04-A286-C27471841E8E}_is1) (Version: 1.2 - ALLPlayer Group, Ltd.)
ALLPlayer V6.X (HKLM-x32\...\ALLPlayer_is1) (Version:  - ALLPlayer Group, Ltd.)
Angry Birds (HKLM-x32\...\{910D3FB9-E341-4DD9-B52A-3B3C0C340AF6}) (Version: 1.5.3 - Rovio)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
ApptoU (HKLM-x32\...\{01B91C29-337A-1FFD-7CFC-473451D2F861}) (Version:  - ApptoU) <==== ATTENTION
bl (x32 Version: 1.0.0 - Your Company Name) Hidden
BuzzSearch 2013.11.07.232809 (HKLM\...\BuzzSearch) (Version: 2013.11.07.232809 - BuzzSearch) <==== ATTENTION
Classic Shell (HKLM\...\{FEA1590B-540A-41FC-A95C-664493C82A21}) (Version: 3.6.8 - IvoSoft)
Delta Chrome Toolbar (HKLM-x32\...\Delta Chrome Toolbar) (Version:  - Visual Tools) <==== ATTENTION
Delta toolbar   (HKLM-x32\...\delta) (Version: 1.8.24.6 - Delta) <==== ATTENTION
Dolby Home Theater v4 (HKLM-x32\...\{B26438B4-BF51-49C3-9567-7F14A5E40CB9}) (Version: 7.2.8000.17 - Dolby Laboratories Inc)
Energy Management (HKLM-x32\...\InstallShield_{D0956C11-0F60-43FE-99AD-524E833471BB}) (Version: 8.0.2.4 - Lenovo)
Energy Management (x32 Version: 8.0.2.4 - Lenovo) Hidden
ETDWare PS/2-X64 11.4.8.1_WHQL (HKLM\...\Elantech) (Version: 11.4.8.1 - ELAN Microelectronic Corp.)
ExtraSHOipper (HKLM-x32\...\{7BCAC0EB-3993-2416-0531-848C39DF8B65}) (Version:  - "") <==== ATTENTION
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 39.0.2171.71 - Google Inc.)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Hitman: Absolution (HKLM-x32\...\Steam App 203140) (Version:  - IO Interactive)
Intel AppUp(SM) center (HKLM-x32\...\Intel AppUp(SM) center 33057) (Version: 3.6.1.33057.10 - Intel)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.1.0.1252 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 9.17.10.2932 - Intel Corporation)
Intel(R) PROSet/Wireless for Bluetooth(R) + High Speed (HKLM\...\{F13921D6-AE6D-41BF-807A-17BD99C0A4FD}) (Version: 15.5.5.0480 - Intel Corporation)
Intel(R) PROSet/Wireless Software for Bluetooth(R) Technology (HKLM\...\{0728A184-F899-4356-B93D-8228674F0DEB}) (Version: 2.6.1209.0268 - Motorola Solutions, Inc.)
Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 11.6.0.1030 - Intel Corporation)
Intel(R) SDK for OpenCL - CPU Only Runtime Package (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 2.0.0.37149 - Intel Corporation)
Lenovo EasyCamera (HKLM-x32\...\{E0A7ED39-8CD6-4351-93C3-69CCA00D12B4}) (Version: 6.2.9200.10192 - Realtek Semiconductor Corp.)
Lenovo OneKey Recovery (HKLM-x32\...\InstallShield_{46F4D124-20E5-4D12-BE52-EC177A7A4B42}) (Version: 8.0.0.1219 - CyberLink Corp.)
Lenovo OneKey Recovery (Version: 8.0.0.1219 - CyberLink Corp.) Hidden
Lenovo PowerDVD10 (HKLM-x32\...\InstallShield_{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}) (Version: 10.0.4331.52 - CyberLink Corp.)
Lenovo PowerDVD10 (x32 Version: 10.0.4331.52 - CyberLink Corp.) Hidden
Lenovo YouCam (HKLM-x32\...\InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 4.1.3423 - CyberLink Corp.)
Lenovo YouCam (x32 Version: 4.1.3423 - CyberLink Corp.) Hidden
LibreOffice 4.0.2.2 (HKLM-x32\...\{1062AD6C-80F4-4BC6-AB7C-A28892B497B8}) (Version: 4.0.2.2 - The Document Foundation)
LuckyCCoupoN (HKLM-x32\...\{BA5D43C9-D633-D0EC-CFEA-2ABA974B333D}) (Version:  - "") <==== ATTENTION
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.20513.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.51106 (HKLM-x32\...\{6e8f74e0-43bd-4dce-8477-6ff6828acc07}) (Version: 11.0.51106.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.51106 (HKLM-x32\...\{8e70e4e1-06d7-470b-9f74-a51bef21088e}) (Version: 11.0.51106.1 - Microsoft Corporation)
Mobogenie (HKLM-x32\...\Mobogenie) (Version:  - Mobogenie.com) <==== ATTENTION
Napisy24 (HKLM-x32\...\{D1985DBC-F09E-4317-91B8-932AD0FD4A27}_is1) (Version: 0.92 - Napisy24.pl)
Obsługa programów Apple (HKLM-x32\...\{46F044A5-CE8B-4196-984E-5BD6525E361D}) (Version: 2.3.6 - Apple Inc.)
Onekey Theater (HKLM-x32\...\{91CC5BAE-A098-40D3-A43B-C0DC7CE263FE}) (Version: 3.0.1.0 - Lenovo)
OnlineLowDeals (HKLM-x32\...\{37476589-E48E-439E-A706-56189E2ED4C4}_is1) (Version:  - OnlineLowDeals) <==== ATTENTION
Oprogramowanie Intel® PROSet/Wireless WiFi (HKLM\...\{962E1735-D2E0-4813-AB9F-C6CBA09E759A}) (Version: 15.05.7000.1709 - Intel Corporation)
Optimizer Pro v3.2 (HKLM-x32\...\Optimizer Pro_is1) (Version: 3.2.0.2 - PC Utilities Software Limited) <==== ATTENTION
Pakiet sterowników systemu Windows - Lenovo (ACPIVPC) System  (06/15/2012 8.1.0.1) (HKLM\...\71BC3FD63F450BA0A957AAECBDB4A000C4F2BE42) (Version: 06/15/2012 8.1.0.1 - Lenovo)
Pakiet sterowników systemu Windows - Lenovo (WUDFRd) LenovoVhid  (06/19/2012 10.13.29.733) (HKLM\...\8A223E56FB1ED4F697B54E5BF96F1EB63B512684) (Version: 06/19/2012 10.13.29.733 - Lenovo)
PDF Settings CS6 (x32 Version: 11.0 - Adobe Systems Incorporated) Hidden
ph (x32 Version: 1.0.0 - Your Company Name) Hidden
Podręcznik użytkownika (x32 Version: 1.0.0.9 - Lenovo) Hidden
PokerStars.eu (HKLM-x32\...\PokerStars.eu) (Version:  - PokerStars.eu)
Power2Go (HKLM-x32\...\{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 5.6.0.9109 - CyberLink Corp.)
PriuniceCiouponn (HKLM-x32\...\{D86C82B0-1F02-816A-5F3D-6466F6A67566}) (Version:  - "") <==== ATTENTION
ProShoppPere (HKLM-x32\...\{8F213470-964F-4092-6B31-BC7570F31B5A}) (Version:  - ProShopper) <==== ATTENTION
QueennCoupona (HKLM-x32\...\{3DE8A1D7-C77F-E02A-70DD-31D29EC5B988}) (Version:  - "") <==== ATTENTION
QuickTime 7 (HKLM-x32\...\{111EE7DF-FC45-40C7-98A7-753AC46B12FB}) (Version: 7.75.80.95 - Apple Inc.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.2.612.2012 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6798 - Realtek Semiconductor Corp.)
Realtek USB 2.0 Card Reader (HKLM-x32\...\{96AE7E41-E34E-47D0-AC07-1091A8127911}) (Version: 6.1.8400.39029 - Realtek Semiconductor Corp.)
RoyaLCOuappon (HKLM-x32\...\{40DC4B27-4588-C56F-7737-D03A0ACE4383}) (Version:  - "") <==== ATTENTION
SalesCHeckEr (HKLM-x32\...\{CC17A332-9555-AD95-3985-0BDD9BF0EC71}) (Version:  - "") <==== ATTENTION
SaveerAddoNN (HKLM-x32\...\{10A0E600-D246-BD63-F465-4C849C688998}) (Version:  - SaverAddon) <==== ATTENTION
Search the current site (HKLM-x32\...\{E370F69F-ED3F-925F-31FC-14D1329A713B}) (Version:  - "")
Shared C Run-time for x64 (HKLM\...\{EF79C448-6946-4D71-8134-03407888C054}) (Version: 10.0.0 - McAfee)
ShopperiMiastoer (HKLM-x32\...\{35E0D123-1F22-9AE6-F973-B7ECA46E8BFE}) (Version:  - "") <==== ATTENTION
Skype Packages (HKU\S-1-5-21-1323097164-1352088236-3913986654-1001\...\Skype Packages) (Version:  - ) <==== ATTENTION
Skype 6.6 (HKLM-x32\...\{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}) (Version: 6.6.106 - Skype Technologies S.A.)
Spotify (HKU\S-1-5-21-1323097164-1352088236-3913986654-1001\...\Spotify) (Version: 1.0.1.1060.gc75ebdfd - Spotify AB)
Steam (HKLM-x32\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve Corporation)
SugarSync Manager (HKLM-x32\...\SugarSync) (Version: 1.9.61.90905 - SugarSync, Inc.)
Total Commander 64-bit (Remove or Repair) (HKLM\...\Totalcmd64) (Version: 8.50 - Ghisler Software GmbH)
Traffic Rank (HKLM-x32\...\{3119AFD3-545C-0955-573A-494F62E61990}) (Version:  - "") <==== ATTENTION
Unisales (HKLM-x32\...\{4CEE92A3-9F0C-51AB-ADC0-34EC24AD7B7E}) (Version:  - ) <==== ATTENTION
UserGuide (HKLM-x32\...\InstallShield_{F07C2CF8-4C53-4EC3-8162-A6221E36EB88}) (Version: 1.0.0.9 - Lenovo)
WinRAR 5.00 (64-bitowy) (HKLM\...\WinRAR archiver) (Version: 5.00.0 - win.rar GmbH)
Yahoo! Search (HKU\S-1-5-21-1323097164-1352088236-3913986654-1001\...\Yahoo! Search) (Version:  - Pay-By-Ads) <==== ATTENTION

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)


==================== Restore Points  =========================

02-02-2015 15:54:04 Zaplanowany punkt kontrolny
04-03-2015 11:02:55 Zaplanowany punkt kontrolny
13-03-2015 11:32:20 Zaplanowany punkt kontrolny
16-03-2015 09:54:26 ComboFix created restore point

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2012-07-26 06:26 - 2015-03-16 10:09 - 00000027 ____A C:\WINDOWS\system32\Drivers\etc\hosts
127.0.0.1       localhost

==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {26919A68-6AA7-48BB-A5BC-D7CBD13D5CAF} - System32\Tasks\StPrsSW => C:\Users\LENOVO\AppData\Roaming\StPrsSW\stprss.exe [2015-01-31] ()
Task: {6E30A669-9EE2-4B9B-932F-6F92764CE02F} - System32\Tasks\Optimizer Pro Schedule => C:\Program Files (x86)\Optimizer Pro\OptProLauncher.exe [2014-10-28] (PC Utilities Software Limited) <==== ATTENTION
Task: {8881FD1E-C8F1-416A-A60B-EB32A5A24B7E} - System32\Tasks\AdobeAAMUpdater-1.0-idea-PC-LENOVO => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2012-04-04] (Adobe Systems Incorporated)
Task: {9BE3C853-CD50-4D37-80C7-6DD72898EA1B} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-09-16] (Google Inc.)
Task: {ACA49A5D-C66B-4CA3-8203-6F448B4A241B} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-09-16] (Google Inc.)
Task: {B9E042C7-E5FF-45E9-82AC-B1F313297B37} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {CC216455-5DA1-45CC-B5B2-1A84C951D53D} - System32\Tasks\Dolby Selector => C:\Program Files (x86)\Dolby Home Theater v4\pcee4.exe [2012-08-31] (Dolby Laboratories Inc.)
Task: {DB4FFE97-82C8-4BC5-8692-A5340A4ADBD7} - System32\Tasks\Yahoo! Search => C:\Users\LENOVO\AppData\Local\Pay-By-Ads\Yahoo! Search\1.3.19.2\dsrlte.exe [2015-01-25] (Pay By Ads LTD) <==== ATTENTION
Task: {EB724BA0-5FA3-4731-A128-66F1C28212F9} - System32\Tasks\EPUpdater => C:\Users\LENOVO\AppData\Roaming\BabSolution\Shared\BabMaint.exe [2013-08-04] () <==== ATTENTION
Task: {FFE73065-A649-43FE-AC1A-13F813E3E084} - System32\Tasks\Yahoo! Search Updater => C:\Users\LENOVO\AppData\Local\Pay-By-Ads\Yahoo! Search\1.3.19.2\dsrsetup.exe [2015-01-25] (Pay By Ads LTD) <==== ATTENTION
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (whitelisted) ==============

2014-11-01 00:47 - 2015-03-16 09:50 - 00123632 _____ () C:\ProgramData\ce49ecae-5093-4cf0-9fba-68a2fc985aab\maintainer.exe
2013-11-08 00:28 - 2015-03-16 10:19 - 00408304 _____ () C:\Program Files (x86)\BuzzSearch\updateBuzzSearch.exe
2013-12-01 09:36 - 2015-03-16 10:18 - 00408304 _____ () C:\Program Files (x86)\BuzzSearch\bin\utilBuzzSearch.exe
2013-02-22 07:06 - 2012-12-13 01:38 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll
2013-11-30 18:11 - 2014-01-15 20:03 - 00766656 _____ () C:\Program Files (x86)\Mobogenie\DaemonProcess.exe
2015-01-29 19:41 - 2015-03-16 06:11 - 00105712 _____ () C:\Program Files (x86)\BuzzSearch\bin\BuzzSearch.BrowserAdapter.exe
2014-09-21 15:33 - 2015-03-16 06:11 - 00123120 _____ () C:\Program Files (x86)\BuzzSearch\bin\BuzzSearch.BrowserAdapter64.exe
2015-01-31 13:01 - 2015-03-15 22:12 - 00353520 _____ () C:\Program Files (x86)\BuzzSearch\bin\BuzzSearch.PurBrowse64.exe
2014-12-04 19:07 - 2015-03-15 20:16 - 00101616 _____ () C:\Program Files (x86)\BuzzSearch\bin\BuzzSearch.expext.exe
2014-10-16 22:24 - 2015-03-15 20:38 - 01649904 _____ () C:\Program Files (x86)\BuzzSearch\bin\BuzzSearch.BOASHelper.exe
2014-11-05 19:33 - 2014-11-05 19:33 - 03113040 _____ () c:\Program Files (x86)\Optimizer Pro\OptProCrash.dll
2013-12-01 11:41 - 2013-12-01 11:41 - 00337920 _____ () C:\Program Files (x86)\BuzzSearch\bin\sqlite3.DLL
2015-03-15 10:37 - 2015-03-15 10:37 - 40506936 _____ () C:\Users\LENOVO\AppData\Roaming\Spotify\libcef.dll
2014-01-15 21:42 - 2014-01-15 20:03 - 00061440 _____ () C:\Program Files (x86)\Mobogenie\Device.dll
2014-01-15 21:42 - 2014-01-15 20:03 - 00471040 _____ () C:\Program Files (x86)\Mobogenie\DCR.dll
2015-03-15 10:37 - 2015-03-15 10:37 - 01365560 _____ () C:\Users\LENOVO\AppData\Roaming\Spotify\libglesv2.dll
2015-03-15 10:37 - 2015-03-15 10:37 - 00219192 _____ () C:\Users\LENOVO\AppData\Roaming\Spotify\libegl.dll
2015-03-15 10:37 - 2015-03-15 10:37 - 09305656 _____ () C:\Users\LENOVO\AppData\Roaming\Spotify\pdf.dll
2015-03-15 10:37 - 2015-03-15 10:37 - 00990776 _____ () C:\Users\LENOVO\AppData\Roaming\Spotify\ffmpegsumo.dll
2013-10-24 09:45 - 2014-11-11 19:47 - 00774656 _____ () C:\Program Files (x86)\Steam\SDL2.dll
2015-01-27 18:17 - 2014-12-02 01:29 - 05002752 _____ () C:\Program Files (x86)\Steam\v8.dll
2014-09-22 19:32 - 2015-02-19 00:51 - 02360000 _____ () C:\Program Files (x86)\Steam\video.dll
2015-01-27 18:17 - 2014-12-02 01:29 - 01612800 _____ () C:\Program Files (x86)\Steam\icui18n.dll
2015-01-27 18:17 - 2014-12-02 01:29 - 01210368 _____ () C:\Program Files (x86)\Steam\icuuc.dll
2014-08-21 09:15 - 2014-12-01 22:31 - 02396672 _____ () C:\Program Files (x86)\Steam\libavcodec-56.dll
2014-08-21 09:15 - 2014-12-01 22:31 - 00479744 _____ () C:\Program Files (x86)\Steam\libavformat-56.dll
2014-08-21 09:15 - 2014-12-01 22:31 - 00332800 _____ () C:\Program Files (x86)\Steam\libavresample-2.dll
2014-08-21 09:15 - 2014-12-01 22:31 - 00442880 _____ () C:\Program Files (x86)\Steam\libavutil-54.dll
2014-08-21 09:15 - 2014-12-01 22:31 - 00485888 _____ () C:\Program Files (x86)\Steam\libswscale-3.dll
2014-10-16 19:55 - 2015-02-19 00:51 - 00702656 _____ () C:\Program Files (x86)\Steam\bin\chromehtml.DLL
2014-10-16 19:55 - 2015-01-28 02:30 - 34641288 _____ () C:\Program Files (x86)\Steam\bin\libcef.dll
2013-06-06 11:30 - 2012-06-25 09:41 - 01198912 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\ACE.dll
2014-12-04 19:07 - 2015-03-15 20:16 - 00081648 _____ () C:\Program Files (x86)\BuzzSearch\bin\BuzzSearch.expextdll.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)

AlternateDataStreams: C:\Users\LENOVO\Cookies:rVJVqGtRFeTqtX0Jas66Hdg9
AlternateDataStreams: C:\Users\LENOVO\AppData\Local\Temporary Internet Files:xlI7XgidMDGk2exSgNWr

==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== EXE Association (whitelisted) ===============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-1323097164-1352088236-3913986654-1001\Control Panel\Desktop\\Wallpaper -> C:\WINDOWS\Web\Wallpaper\Lenovo\LenovoWallPaper.jpg
DNS Servers: 192.168.0.1

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)


==================== Accounts: =============================

Administrator (S-1-5-21-1323097164-1352088236-3913986654-500 - Administrator - Disabled)
Gość (S-1-5-21-1323097164-1352088236-3913986654-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-1323097164-1352088236-3913986654-1003 - Limited - Enabled)
LENOVO (S-1-5-21-1323097164-1352088236-3913986654-1001 - Administrator - Enabled) => C:\Users\LENOVO

==================== Faulty Device Manager Devices =============

Name: Teredo Tunneling Pseudo-Interface
Description: Karta tunelowania Teredo firmy Microsoft
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.

Name: Intel(R) Centrino(R) Wireless Bluetooth(R) 4.0 + High Speed Adapter
Description: Intel(R) Centrino(R) Wireless Bluetooth(R) 4.0 + High Speed Adapter
Class Guid: {e0cbf06c-cd8b-4647-bb8a-263b43f0f974}
Manufacturer: Intel Corporation
Service: BTHUSB
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.


==================== Event log errors: =========================

Application errors:
==================
Error: (03/16/2015 10:28:07 AM) (Source: ESENT) (EventID: 489) (User: )
Description: taskhostex (1604) Próba otwarcia pliku "C:\Users\LENOVO\AppData\Local\Microsoft\Windows\WebCache\WebCacheV01.dat" w trybie tylko do odczytu zakończyła się niepomyślnie z błędem systemowym 32 (0x00000020): "Proces nie może uzyskać dostępu do pliku, ponieważ jest on używany przez inny proces. ". Operacja otwierania pliku zostanie zakończona z błędem -1032 (0xfffffbf8).

Error: (03/16/2015 10:08:43 AM) (Source: Customer Experience Improvement Program) (EventID: 1008) (User: )
Description: 80070005

Error: (03/13/2015 11:16:49 PM) (Source: Customer Experience Improvement Program) (EventID: 1008) (User: )
Description: 80070005

Error: (03/13/2015 08:09:02 AM) (Source: Customer Experience Improvement Program) (EventID: 1008) (User: )
Description: 80070005

Error: (03/12/2015 02:39:44 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Program HMA.exe w wersji 1.0.447.0 przestał współpracować z systemem Windows i został zamknięty. Aby sprawdzić, czy jest dostępnych więcej informacji na temat tego problemu, sprawdź historię problemu w aplecie Centrum akcji w Panelu sterowania.

Identyfikator procesu: fb8

Godzina rozpoczęcia: 01d05cbcf6dd4a3a

Godzina zakończenia: 4294967295

Ścieżka aplikacji: C:\Program Files (x86)\Steam\steamapps\common\Hitman Absolution\HMA.exe

Identyfikator raportu: 3ce9d4c6-c8bd-11e4-bec1-2089848f16a2

Pełna nazwa pakietu powodującego błąd: 

Identyfikator aplikacji względem pakietu powodującego błąd:

Error: (03/12/2015 09:12:59 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nazwa aplikacji powodującej błąd: SpotifyWebHelper.exe, wersja: 0.9.15.27, sygnatura czasowa: 0x54803b75
Nazwa modułu powodującego błąd: SpotifyWebHelper.exe, wersja: 0.9.15.27, sygnatura czasowa: 0x54803b75
Kod wyjątku: 0xc0000005
Przesunięcie błędu: 0x00062eef
Identyfikator procesu powodującego błąd: 0x12cc
Godzina uruchomienia aplikacji powodującej błąd: 0xSpotifyWebHelper.exe0
Ścieżka aplikacji powodującej błąd: SpotifyWebHelper.exe1
Ścieżka modułu powodującego błąd: SpotifyWebHelper.exe2
Identyfikator raportu: SpotifyWebHelper.exe3
Pełna nazwa pakietu powodującego błąd: SpotifyWebHelper.exe4
Identyfikator aplikacji względem pakietu powodującego błąd: SpotifyWebHelper.exe5

Error: (03/12/2015 09:06:24 AM) (Source: Customer Experience Improvement Program) (EventID: 1008) (User: )
Description: 80070005

Error: (03/12/2015 08:39:36 AM) (Source: ESENT) (EventID: 489) (User: )
Description: taskhostex (6196) Próba otwarcia pliku "C:\Users\LENOVO\AppData\Local\Microsoft\Windows\WebCache\WebCacheV01.dat" w trybie tylko do odczytu zakończyła się niepomyślnie z błędem systemowym 32 (0x00000020): "Proces nie może uzyskać dostępu do pliku, ponieważ jest on używany przez inny proces. ". Operacja otwierania pliku zostanie zakończona z błędem -1032 (0xfffffbf8).

Error: (03/11/2015 04:27:16 PM) (Source: Customer Experience Improvement Program) (EventID: 1008) (User: )
Description: 80070005

Error: (03/10/2015 11:51:39 AM) (Source: ESENT) (EventID: 489) (User: )
Description: taskhostex (1828) Próba otwarcia pliku "C:\Users\LENOVO\AppData\Local\Microsoft\Windows\WebCache\WebCacheV01.dat" w trybie tylko do odczytu zakończyła się niepomyślnie z błędem systemowym 32 (0x00000020): "Proces nie może uzyskać dostępu do pliku, ponieważ jest on używany przez inny proces. ". Operacja otwierania pliku zostanie zakończona z błędem -1032 (0xfffffbf8).


System errors:
=============
Error: (03/16/2015 10:09:11 AM) (Source: Service Control Manager) (EventID: 7030) (User: )
Description: Usługa PEVSystemStart jest oznaczona jako usługa interakcyjna. System jest jednak skonfigurowany tak, aby nie zezwalać na usługi interakcyjne, dlatego ta usługa może nie działać właściwie.

Error: (03/16/2015 10:03:30 AM) (Source: Application Popup) (EventID: 1060) (User: )
Description: \??\C:\ComboFix\catchme.sys

Error: (03/16/2015 10:03:23 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Usługa Optimizer Pro Crash Monitor niespodziewanie zakończyła pracę. Wystąpiło to razy: 1.

Error: (03/16/2015 10:00:18 AM) (Source: Service Control Manager) (EventID: 7030) (User: )
Description: Usługa PEVSystemStart jest oznaczona jako usługa interakcyjna. System jest jednak skonfigurowany tak, aby nie zezwalać na usługi interakcyjne, dlatego ta usługa może nie działać właściwie.

Error: (03/16/2015 09:54:01 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Usługa MaintainerSvc1.80.3844085 niespodziewanie zakończyła pracę. Wystąpiło to razy: 1.

Error: (03/15/2015 10:38:25 AM) (Source: DCOM) (EventID: 10016) (User: idea-PC)
Description: domyślne ustawienia komputeraLokalnyAktywacja{9BA05972-F6A8-11CF-A442-00A0C90A8F39}{9BA05972-F6A8-11CF-A442-00A0C90A8F39}idea-PCLENOVOS-1-5-21-1323097164-1352088236-3913986654-1001LocalHost (użycie LRPC)NiedostępnyNiedostępny

Error: (03/15/2015 10:38:24 AM) (Source: DCOM) (EventID: 10016) (User: idea-PC)
Description: domyślne ustawienia komputeraLokalnyAktywacja{9BA05972-F6A8-11CF-A442-00A0C90A8F39}{9BA05972-F6A8-11CF-A442-00A0C90A8F39}idea-PCLENOVOS-1-5-21-1323097164-1352088236-3913986654-1001LocalHost (użycie LRPC)NiedostępnyNiedostępny

Error: (03/15/2015 10:38:21 AM) (Source: DCOM) (EventID: 10016) (User: idea-PC)
Description: domyślne ustawienia komputeraLokalnyAktywacja{9BA05972-F6A8-11CF-A442-00A0C90A8F39}{9BA05972-F6A8-11CF-A442-00A0C90A8F39}idea-PCLENOVOS-1-5-21-1323097164-1352088236-3913986654-1001LocalHost (użycie LRPC)NiedostępnyNiedostępny

Error: (03/15/2015 10:38:21 AM) (Source: DCOM) (EventID: 10016) (User: idea-PC)
Description: domyślne ustawienia komputeraLokalnyAktywacja{9BA05972-F6A8-11CF-A442-00A0C90A8F39}{9BA05972-F6A8-11CF-A442-00A0C90A8F39}idea-PCLENOVOS-1-5-21-1323097164-1352088236-3913986654-1001LocalHost (użycie LRPC)NiedostępnyNiedostępny

Error: (03/12/2015 09:27:16 PM) (Source: DCOM) (EventID: 10010) (User: idea-PC)
Description: {078AEF33-C48A-49F7-AFF3-A0EE810BFE7C}


Microsoft Office Sessions:
=========================
Error: (03/16/2015 10:28:07 AM) (Source: ESENT) (EventID: 489) (User: )
Description: taskhostex1604C:\Users\LENOVO\AppData\Local\Microsoft\Windows\WebCache\WebCacheV01.dat-1032 (0xfffffbf8)32 (0x00000020)Proces nie może uzyskać dostępu do pliku, ponieważ jest on używany przez inny proces.

Error: (03/16/2015 10:08:43 AM) (Source: Customer Experience Improvement Program) (EventID: 1008) (User: )
Description: 80070005

Error: (03/13/2015 11:16:49 PM) (Source: Customer Experience Improvement Program) (EventID: 1008) (User: )
Description: 80070005

Error: (03/13/2015 08:09:02 AM) (Source: Customer Experience Improvement Program) (EventID: 1008) (User: )
Description: 80070005

Error: (03/12/2015 02:39:44 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: HMA.exe1.0.447.0fb801d05cbcf6dd4a3a4294967295C:\Program Files (x86)\Steam\steamapps\common\Hitman Absolution\HMA.exe3ce9d4c6-c8bd-11e4-bec1-2089848f16a2

Error: (03/12/2015 09:12:59 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: SpotifyWebHelper.exe0.9.15.2754803b75SpotifyWebHelper.exe0.9.15.2754803b75c000000500062eef12cc01d05c97b781a471C:\Users\LENOVO\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exeC:\Users\LENOVO\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe97fbe976-c88f-11e4-bec1-2089848f16a2

Error: (03/12/2015 09:06:24 AM) (Source: Customer Experience Improvement Program) (EventID: 1008) (User: )
Description: 80070005

Error: (03/12/2015 08:39:36 AM) (Source: ESENT) (EventID: 489) (User: )
Description: taskhostex6196C:\Users\LENOVO\AppData\Local\Microsoft\Windows\WebCache\WebCacheV01.dat-1032 (0xfffffbf8)32 (0x00000020)Proces nie może uzyskać dostępu do pliku, ponieważ jest on używany przez inny proces.

Error: (03/11/2015 04:27:16 PM) (Source: Customer Experience Improvement Program) (EventID: 1008) (User: )
Description: 80070005

Error: (03/10/2015 11:51:39 AM) (Source: ESENT) (EventID: 489) (User: )
Description: taskhostex1828C:\Users\LENOVO\AppData\Local\Microsoft\Windows\WebCache\WebCacheV01.dat-1032 (0xfffffbf8)32 (0x00000020)Proces nie może uzyskać dostępu do pliku, ponieważ jest on używany przez inny proces.


CodeIntegrity Errors:
===================================
  Date: 2015-03-16 10:03:30.461
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume5\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2015-03-03 21:10:29.897
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\dsound.dll because the set of per-page image hashes could not be found on the system.

  Date: 2015-03-03 21:07:54.855
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\dsound.dll because the set of per-page image hashes could not be found on the system.

  Date: 2015-03-03 21:06:15.322
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\dsound.dll because the set of per-page image hashes could not be found on the system.

  Date: 2013-09-18 15:54:20.925
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\dsound.dll because the set of per-page image hashes could not be found on the system.

  Date: 2013-09-16 20:47:09.149
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\dsound.dll because the set of per-page image hashes could not be found on the system.

  Date: 2013-09-16 20:47:08.066
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\dsound.dll because the set of per-page image hashes could not be found on the system.


==================== Memory info =========================== 

Processor: Intel(R) Pentium(R) CPU 2020M @ 2.40GHz
Percentage of memory in use: 39%
Total physical RAM: 3951.52 MB
Available physical RAM: 2401.37 MB
Total Pagefile: 7919.52 MB
Available Pagefile: 6157.35 MB
Total Virtual: 8192 MB
Available Virtual: 8191.77 MB

==================== Drives ================================

Drive c: (Windows8_OS) (Fixed) (Total:447.4 GB) (Free:373.68 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive d: (LENOVO) (Fixed) (Total:25 GB) (Free:22.22 GB) NTFS
Drive f: (Nowy) (Fixed) (Total:444.62 GB) (Free:160.13 GB) NTFS
Drive g: (KINGSTON) (Removable) (Total:7.44 GB) (Free:5.95 GB) FAT32

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: C3994153)

Partition: GPT Partition Type.

========================================================
Disk: 1 (MBR Code: Windows XP) (Size: 7.5 GB) (Disk ID: C3072E18)
Partition 1: (Not Active) - (Size=7.5 GB) - (Type=0B)

==================== End Of Log ============================