Additional scan result of Farbar Recovery Scan Tool (x64) Version: 28-01-2015 Ran by rwi at 2015-01-28 13:01:00 Running from C:\Users\rwi\Desktop\FRST-OlderVersion Boot Mode: Normal ========================================================== ==================== Security Center ======================== (If an entry is included in the fixlist, it will be removed.) AV: McAfee VirusScan Enterprise (Enabled - Out of date) {86355677-4064-3EA7-ABB3-1B136EB04637} AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: McAfee VirusScan Enterprise Antispyware Module (Enabled - Out of date) {3D54B793-665E-3129-9103-206115370C8A} ==================== Installed Programs ====================== (Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.) 64 Bit HP CIO Components Installer (Version: 8.2.4 - Hewlett-Packard) Hidden 7-Zip 9.20 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov) ActivClient x64 (HKLM\...\{86E45973-5352-439F-A115-2E8EE4D40140}) (Version: 6.2 - ActivIdentity) Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 15.0.0.293 - Adobe Systems Incorporated) Adobe Flash Player 16 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 16.0.0.296 - Adobe Systems Incorporated) Adobe Reader XI (11.0.10) - Polish (HKLM-x32\...\{AC76BA86-7AD7-1045-7B44-AB0000000001}) (Version: 11.0.10 - Adobe Systems Incorporated) Aktualizacje NVIDIA 11.10.11 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 11.10.11 - NVIDIA Corporation) Archiwizator WinRAR (HKLM-x32\...\WinRAR archiver) (Version: - ) Burn.Now 4.5 (x32 Version: 4.5.0 - Corel Corporation) Hidden Cisco Systems VPN Client 5.0.07.0440 (HKLM\...\{5FDC06BF-3D3D-4367-8FFB-4FAFCB61972D}) (Version: 5.0.7 - Cisco Systems, Inc.) Citrix Online Launcher (HKLM-x32\...\{AC7E7905-8C59-4806-A96D-30936A2B1FC5}) (Version: 1.0.168 - Citrix) Corel Burn.Now Lenovo Edition (HKLM-x32\...\InstallShield_{A3BE3F1E-2472-4211-8735-E8239BE49D9F}) (Version: 4.5.0 - Corel Corporation) D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden DHTML Editing Component (HKLM-x32\...\{2EA870FA-585F-4187-903D-CB9FFD21E2E0}) (Version: 6.02.0001 - Microsoft Corporation) Disable AMT Profile Synchronization Pop-up for Windows XP/Vista/7 (HKLM\...\DisableAMTPopup) (Version: 1.00 - ) Dolby Home Theater v4 (HKLM-x32\...\{B26438B4-BF51-49C3-9567-7F14A5E40CB9}) (Version: 7.2.8000.17 - Dolby Laboratories Inc) ECL Viewer (HKLM-x32\...\SAP_ECL) (Version: 6.0 - SAP AG) Electronic Card installation (HKLM-x32\...\{4DB41AE2-A059-4DE2-887E-26DCCC16CC62}) (Version: 1.00.0000 - Nazwa firmy) Extended Asian Language font pack for Adobe Reader XI (HKLM-x32\...\{AC76BA86-7AD7-2530-0000-A00000000049}) (Version: 11.0.09 - Adobe Systems Incorporated) fii WHD (HKLM-x32\...\{AECB77E1-A5A3-40E2-8E75-76533FCE4783}) (Version: 2.0.0.0 - fii WHD) Formant ActiveX programu Windows Live Mesh odpowiedzialny za obsługę połączeń zdalnych (HKLM-x32\...\{B04A0E2F-1E4C-4E61-B18E-3B2BD6779CA7}) (Version: 15.4.5722.2 - Microsoft Corporation) Galeria fotografii usługi Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Google Chrome (HKLM-x32\...\{38764777-9FDB-35BC-A8DB-FA324E5EAC4A}) (Version: 65.119.72 - Google, Inc.) Google Earth Plug-in (HKLM-x32\...\{4AB54F11-2F8C-11E3-B09F-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google) Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden GoToMeeting 6.4.11.2273 (HKU\S-1-5-21-2094431546-3998815993-849199213-6484\...\GoToMeeting) (Version: 6.4.11.2273 - CitrixOnline) Integrated Camera Driver Installer Package Ver.1.2.1.16 (HKLM-x32\...\{A78800AF-1779-4AE8-8EBE-16E1BE727C71}) (Version: 1.2.1.16 - RICOH) Intel AppUp(SM) center (HKLM-x32\...\Intel AppUp(SM) center 33057) (Version: 3.6.1.33057.10 - Intel) Intel(R) Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1007 - Intel Corporation) Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.0.3.1427 - Intel Corporation) Intel(R) Network Connections Drivers (HKLM\...\PROSet) (Version: 18.7 - Intel) Intel(R) OpenCL CPU Runtime (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: - Intel Corporation) Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 8.15.10.2725 - Intel Corporation) Intel(R) USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 1.0.9.254 - Intel Corporation) Intel(R) WiDi (HKLM\...\{728985C5-A04B-457C-9D62-15360F3EAF85}) (Version: 3.1.29.0 - Intel Corporation) Intel(R) Wireless Display (HKLM\...\{28EF7372-9087-4AC3-9B9F-D9751FCDF830}) (Version: - ) Intel® Trusted Connect Service Client (HKLM\...\{09536BA1-E498-4CC3-B834-D884A67D7E34}) (Version: 1.23.605.1 - Intel Corporation) IPTInstaller (HKLM-x32\...\{08208143-777D-4A06-BB54-71BF0AD1BB70}) (Version: 4.0.8 - HTC) Java 8 Update 31 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218031F0}) (Version: 8.0.310 - Oracle Corporation) Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Lenovo Auto Scroll Utility (HKLM\...\LenovoAutoScrollUtility) (Version: 2.11 - ) Lenovo Communications Utility (HKLM\...\{88C6A6D9-324C-46E8-BA87-563D14021442}_is1) (Version: 3.1.10.0 - Lenovo) Lenovo Patch Utility (HKLM-x32\...\{6E6E7725-C7BC-4C39-8B3F-14B67331A120}) (Version: 1.3.0.9 - Lenovo Group Limited) Lenovo Patch Utility 64 bit (HKLM\...\{0369F866-2CE0-4EB9-B426-88FA122C6E82}) (Version: 1.3.0.9 - Lenovo Group Limited) Lenovo Patch Utility 64 bit (Version: 1.4.0.4 - Lenovo Group Limited) Hidden Lenovo Power Management Driver (HKLM\...\Power Management Driver) (Version: 1.67.04.05 - ) Lenovo Registration (HKLM-x32\...\{6707C034-ED6B-4B6A-B21F-969B3606FBDE}) (Version: 1.0.4 - Lenovo Inc.) Lenovo SHAREit (HKLM-x32\...\Lenovo SHAREit_is1) (Version: 2.0.4.0 - Lenovo Group Limited) Lenovo SimpleTap (HKLM\...\{BF601122-9F0A-41A9-BA06-3158D9FB4B80}) (Version: 3.2.0004.00 - Lenovo Group Limited) Lenovo Solution Center (HKLM\...\{4C2B6F96-3AED-4E3F-8DCE-917863D1E6B1}) (Version: 2.7.003.00 - Lenovo Group Limited) Lenovo System Update (HKLM-x32\...\{25C64847-B900-48AD-A164-1B4F9B774650}) (Version: 5.06.0016 - Lenovo) McAfee Agent (HKLM-x32\...\{1FDB8EC6-BAF1-42F9-8E09-4D9AB369F1B5}) (Version: 4.8.0.887 - McAfee, Inc.) McAfee VirusScan Enterprise (HKLM-x32\...\{CE15D1B6-19B6-4D4D-8F43-CF5D2C3356FF}) (Version: 8.8.00000 - McAfee, Inc.) Mesh Runtime (x32 Version: 15.4.5722.2 - Microsoft Corporation) Hidden Metric Collection SDK (x32 Version: 1.1.0005.00 - Lenovo Group Limited) Hidden Metric Collection SDK 35 (x32 Version: 1.2.0001.00 - Lenovo Group Limited) Hidden Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation) Microsoft Office Professional 2013 - en-us (HKLM\...\ProfessionalRetail - en-us) (Version: 15.0.4675.1003 - Microsoft Corporation) Microsoft redistributable runtime DLLs VS2005 SP1(x86) (HKLM-x32\...\{CEC7A786-A9C8-4EF7-BB59-6518E3B3C878}) (Version: 8.0.50727.4053 - SAP) Microsoft redistributable runtime DLLs VS2008 SP1(x86) (HKLM-x32\...\{A47A9101-6EB5-4314-BDA1-297880FBB908}) (Version: 9.0 - SAP AG) Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation) NVIDIA Sterownik 3D Vision 333.02 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 333.02 - NVIDIA Corporation) NVIDIA Sterownik dźwięku HD 1.3.30.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.30.1 - NVIDIA Corporation) NVIDIA Sterownik graficzny 333.02 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 333.02 - NVIDIA Corporation) NVIDIA WMI 2.16.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVWMI) (Version: 2.16.0 - NVIDIA Corporation) Office 15 Click-to-Run Extensibility Component (x32 Version: 15.0.4675.1003 - Microsoft Corporation) Hidden Office 15 Click-to-Run Licensing Component (Version: 15.0.4675.1003 - Microsoft Corporation) Hidden Office 15 Click-to-Run Localization Component (x32 Version: 15.0.4675.1003 - Microsoft Corporation) Hidden On Screen Display (HKLM\...\OnScreenDisplay) (Version: 8.42.20 - ) Oprogramowanie Intel® PROSet/Wireless (HKLM-x32\...\{75895d95-3e4b-42b6-8440-97a0e234aeb3}) (Version: 17.0.2 - Intel Corporation) Pakiet sterowników systemu Windows - Intel (e1cexpress) Net (01/11/2012 11.15.16.0) (HKLM\...\EC2A0F2B229770EC589265FCF2B4839A0C221993) (Version: 01/11/2012 11.15.16.0 - Intel) Pakiet sterowników systemu Windows - Intel System (01/11/2012 9.3.0.1020) (HKLM\...\09839A9B5EDA69DA2DCC34637B5140AAF8A53B44) (Version: 01/11/2012 9.3.0.1020 - Intel) Pakiet sterowników systemu Windows - Intel System (08/26/2011 9.3.0.1011) (HKLM\...\9D7CD466F7FC8B18FF1B84943B7BB8648D17FCE8) (Version: 08/26/2011 9.3.0.1011 - Intel) Pakiet sterowników systemu Windows - Intel System (08/26/2011 9.3.0.1011) (HKLM\...\D8EF6CACF49BD33CC1FACD124C8CC2B1A8E8AE35) (Version: 08/26/2011 9.3.0.1011 - Intel) Pakiet sterowników systemu Windows - Intel USB (08/26/2011 9.3.0.1011) (HKLM\...\97EE1802A0385A37DE6323FA39EC76BEB2D73E41) (Version: 08/26/2011 9.3.0.1011 - Intel) Pakiet sterowników systemu Windows - Lenovo (LenovoRd) SmartCardReader (05/11/2009 4.1.0.1) (HKLM\...\9B84710FFAE6C50914FCE568B59E426F1386E7F6) (Version: 05/11/2009 4.1.0.1 - Lenovo) Pakiet sterowników systemu Windows - Lenovo 1.65.05.20 (02/29/2012 1.65.05.20) (HKLM\...\E3535F123E7F666D573665142F90D3E5004DC326) (Version: 02/29/2012 1.65.05.20 - Lenovo) Pakiet sterowników systemu Windows - Synaptics (SynTP) Mouse (04/06/2012 16.1.1.0) (HKLM\...\64B3C27E4CF7B6AD920184EFFF6C488C55EF2892) (Version: 04/06/2012 16.1.1.0 - Synaptics) Panel sterowania NVIDIA 333.02 (Version: 333.02 - NVIDIA Corporation) Hidden PANTONE Color Calibrator 1.1.0 (HKLM-x32\...\PANTONE Color Calibrator_is1) (Version: - X-Rite) Plus Internet 2.4 (HKLM-x32\...\Plus Internet_is1) (Version: - Polkomtel S.A.) Poczta usługi Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Podstawowe programy Windows Live (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3555.0308 - Microsoft Corporation) Podstawowe programy Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Polski pakiet językowy dla programu Microsoft .NET Framework 4 Client Profile (HKLM\...\Microsoft .NET Framework 4 Client Profile PLK Language Pack) (Version: 4.0.30319 - Microsoft Corporation) Power Manager (HKLM-x32\...\{DAC01CEE-5BAE-42D5-81FC-B687E84E8405}) (Version: 6.65.1 - Lenovo Group Limited) RapidBoot HDD Accelerator (HKLM-x32\...\Fastboot) (Version: 1.00.0802 - Lenovo) Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7040 - Realtek Semiconductor Corp.) Registry Patch to Enable Maximum Power Saving on WiFi Adapters for Windows 7 (HKLM\...\EnablePS) (Version: 1.00 - ) RICOH_Media_Driver_v2.14.18.01 (HKLM-x32\...\{FE041B02-234C-4AAA-9511-80DF6482A458}) (Version: 2.14.18.01 - RICOH) Samsung Kies3 (HKLM-x32\...\InstallShield_{88547073-C566-4895-9005-EBE98EA3F7C7}) (Version: 3.2.14113.3 - Samsung Electronics Co., Ltd.) Samsung Kies3 (x32 Version: 3.2.14113.3 - Samsung Electronics Co., Ltd.) Hidden Samsung Story Album Viewer (HKLM-x32\...\InstallShield_{698BBAD8-B116-495D-B879-0F07A533E57F}) (Version: 1.0.0.13054_1 - Samsung Electronics Co., Ltd.) Samsung Story Album Viewer (x32 Version: 1.0.0.13054_1 - Samsung Electronics Co., Ltd.) Hidden SAMSUNG USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.49.0 - SAMSUNG Electronics Co., Ltd.) SAP Business Explorer (HKLM-x32\...\SAPBI) (Version: 7.20 - SAP AG) SAP GUI for Windows 7.20 (HKLM-x32\...\SAPGUI710) (Version: 7.20 Compilation 3 - SAP) ThinkPad Bluetooth with Enhanced Data Rate Software (HKLM\...\{A1439D4F-FD46-47F2-A1D3-FEE097C29A09}) (Version: 6.5.1.2700 - Broadcom Corporation) ThinkPad UltraNav Driver (HKLM\...\SynTPDeinstKey) (Version: 16.2.19.13 - ) ThinkVantage Access Connections (HKLM-x32\...\{8E537894-A559-4D60-B3CB-F4485E3D24E3}) (Version: 6.21 - Lenovo) ThinkVantage Active Protection System (HKLM\...\{46A84694-59EC-48F0-964C-7E76E9F8A2ED}) (Version: 1.79.00.03 - Lenovo) ThinkVantage Fingerprint Software (HKLM\...\{F58DA859-016E-492D-A588-317D9BB28002}) (Version: 5.9.9.7282 - Authentec Inc.) ThinkVantage Password Manager (HKLM-x32\...\{70EE2BAA-F82A-4B8A-950E-649EFD64D5B9}) (Version: 4.60.4.0 - Lenovo Group Limited) UHC Dicom Viewer (HKU\S-1-5-21-2094431546-3998815993-849199213-6484\...\UHC Dicom Viewer) (Version: - UHC sp. z o.o.) VIP Access (HKLM-x32\...\{E8D46836-CD55-453C-A107-A59EC51CB8DC}) (Version: 2.0.5.13 - VeriSign) ZTE LTE Device USB Driver (HKLM\...\{00C1EF09-B5B7-4082-B1F4-C35CE7A7FCA9}) (Version: - ZTE Corporation) ==================== Custom CLSID (selected items): ========================== (If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.) CustomCLSID: HKU\S-1-5-21-2094431546-3998815993-849199213-6484_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\rwi\AppData\Roaming\Dropbox\bin\Dropbox.exe /autoplay No File CustomCLSID: HKU\S-1-5-21-2094431546-3998815993-849199213-6484_Classes\CLSID\{84B5A313-CD5D-4904-8BA2-AFDC81C1B309}\InprocServer32 -> C:\Program Files (x86)\Citrix\GoToMeeting\2128\G2MOutlookAddin64.dll (Citrix Online, a division of Citrix Systems, Inc.) ==================== Restore Points ========================= 07-01-2015 09:29:23 Installed ActivClient x64. 07-01-2015 09:31:03 Zainstalowano Electronic Card installation . 07-01-2015 09:40:28 Removed Java(TM) 6 Update 21 08-01-2015 11:51:33 Kopia zapasowa systemu Windows 16-01-2015 10:42:39 Kopia zapasowa systemu Windows 23-01-2015 10:02:04 Kopia zapasowa systemu Windows 28-01-2015 11:23:54 Removed Java 8 Update 31 28-01-2015 12:39:18 Removed HTC Driver Installer. ==================== Hosts content: ========================== (If needed Hosts: directive could be included in the fixlist to reset Hosts.) 2009-07-14 03:34 - 2009-06-10 22:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts ==================== Scheduled Tasks (whitelisted) ============= (If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.) Task: {052C208E-2D9A-4217-8519-DF81D7063290} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2014-11-04] (Microsoft Corporation) Task: {06DC9D8C-853E-4B24-9A3D-09ECB30216A0} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2014-12-19] (Adobe Systems Incorporated) Task: {208634C2-FE7A-4720-AA8D-A2E10DF39CB9} - System32\Tasks\Lenovo\LSC\LSCHardwareScan => C:\Program Files\Lenovo\Lenovo Solution Center\LSC.exe [2014-10-16] () Task: {268E1FAD-956D-40C4-98EC-12239C61CA01} - System32\Tasks\Lenovo\Lenovo Customer Feedback Program 64 => C:\Program Files (x86)\Lenovo\Customer Feedback Program\Lenovo.TVT.CustomerFeedback.Agent.exe [2014-02-13] (Lenovo) Task: {2A125A17-5B9F-44EB-8238-80BE2A98FB04} - System32\Tasks\Lenovo\LSC\Lenovo Solution Center Notifications => C:\Program Files\Lenovo\Lenovo Solution Center\LSCNotify.exe [2014-10-16] (Lenovo) Task: {30F83B92-E55A-4B16-B151-091ACBC67894} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-01-26] (Adobe Systems Incorporated) Task: {3E0400CF-9F4A-48D4-9EB1-7EC16B87CE77} - System32\Tasks\Lenovo\SimpleTap\Start SimpleTap for fii.rwi => C:\Program Files\Lenovo\SimpleTap\SimpleTap.exe [2012-05-15] (Lenovo) Task: {4CD859D6-0C0E-4957-ADA3-7746841E5963} - System32\Tasks\Lenovo\Lenovo Customer Feedback Program 64 35 => C:\Program Files (x86)\Lenovo\Customer Feedback Program 35\Lenovo.TVT.CustomerFeedback.Agent35.exe [2014-05-30] (Lenovo) Task: {6784CBCB-AF86-4698-B505-3D65011EF8E9} - System32\Tasks\PMTask => C:\Program Files (x86)\ThinkPad\Utilities\PwmIdTsv.exe [2014-03-20] (Lenovo Group Limited) Task: {72FA17B5-613A-4C6A-B58C-491525D01E10} - System32\Tasks\G2MUpdateTask-S-1-5-21-2094431546-3998815993-849199213-6484 => C:\Program Files (x86)\Citrix\GoToMeeting\2273\g2mupdate.exe [2015-01-26] (Citrix Online, a division of Citrix Systems, Inc.) Task: {73684B5E-055F-47A2-9682-240E1AFEE85F} - System32\Tasks\Windows Update Check - 0x696D087B => C:\ProgramData\anjdfkhm.ru\bjrwzmzis.exe <==== ATTENTION Task: {7A8883A9-59F1-45BA-83AF-1FF3896ECCAE} - System32\Tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask => Sc.exe start osppsvc Task: {80B38D87-718E-4764-AC60-7B8AFE1CE745} - System32\Tasks\Windows Update Check - 0x5FF907D6 => C:\ProgramData\Winrar_Update\xegiwezhr.exe [] () <==== ATTENTION Task: {93568C7B-E3CE-49F6-BA4E-738454FE39E5} - System32\Tasks\Lenovo\LSC\LSCHardwareScanPostpone => C:\Program Files\Lenovo\Lenovo Solution Center\LSC.exe [2014-10-16] () Task: {95C86137-1084-4D72-8F23-B48AEFE5C304} - System32\Tasks\GoogleUpdateTaskMachineCore1ceb450ee58bbc8 => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-10-22] (Google Inc.) Task: {98464877-99DF-4070-B417-3903133D0E06} - System32\Tasks\Microsoft Office 15 Sync Maintenance for {8e43c547-af7c-495b-9f28-ccb3509326c7} F-M-F-R.fii.NET.PL => C:\Program Files\Microsoft Office 15\Root\Office15\MsoSync.exe [2014-11-04] (Microsoft Corporation) Task: {AF7B69B3-8E01-42B1-B0A5-775B1F56E47F} - System32\Tasks\Lenovo\Lenovo Solution Center Launcher => C:\Program Files\lenovo\lenovo solution center\App\LSCService.exe [2014-10-16] (Lenovo) Task: {B4B44716-FC74-4D83-BB2E-765C0F9F2EA6} - System32\Tasks\TVT\TVSUUpdateTask => C:\Program Files (x86)\Lenovo\System Update\tvsuShim.exe [2014-06-18] () Task: {B70D0759-86E5-4DC0-AE6F-2EA76982FBA6} - System32\Tasks\GoogleUpdateTaskMachineUA1ceb450ee77adac => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-10-22] (Google Inc.) Task: {BF94A35A-F0BB-45C1-A8B2-B8CB63813BC3} - System32\Tasks\Lenovo\Lenovo Customer Feedback Program => C:\Program Files\Lenovo\Customer Feedback Program\Lenovo.TVT.CustomerFeedback.Agent.exe [2013-09-25] (Lenovo) Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe Task: C:\Windows\Tasks\G2MUpdateTask-S-1-5-21-2094431546-3998815993-849199213-6484.job => C:\Program Files (x86)\Citrix\GoToMeeting\2273\g2mupdate.exe Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore1ceb450ee58bbc8.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA1ceb450ee77adac.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe ==================== Loaded Modules (whitelisted) ============= 2014-07-01 15:39 - 2014-04-09 07:11 - 02518984 _____ () C:\Windows\system32\nvwmi64.exe 2014-09-29 08:12 - 2014-05-20 08:19 - 00105640 _____ () C:\Program Files\Microsoft Office 15\ClientX64\ApiClient.dll 2013-07-28 15:26 - 2014-04-08 22:06 - 00117536 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll 2013-09-27 09:58 - 2012-12-07 16:26 - 00167424 _____ () C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe 2014-03-12 09:12 - 2014-09-23 14:36 - 08897696 _____ () C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\1033\GrooveIntlResource.dll 2013-07-28 15:29 - 2014-03-20 05:05 - 00104960 ____N () C:\Program Files (x86)\ThinkPad\Utilities\US\PWMRT64V.DLL 2013-09-24 14:53 - 2006-12-11 02:14 - 00043008 _____ () C:\Program Files (x86)\WinRAR\rarext64.dll 2014-08-18 08:07 - 2014-06-23 19:47 - 00601376 _____ () C:\Program Files\Lenovo\Password Manager\pwm_website_config.dll 2013-07-28 15:26 - 2012-04-09 00:54 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll 2011-03-04 11:49 - 2011-03-04 11:49 - 00202752 _____ () C:\Program Files (x86)\Cisco Systems\VPN Client\vpnapi.dll 2013-07-28 15:34 - 2012-01-17 07:29 - 00030512 ____N () C:\Program Files (x86)\Lenovo\RapidBoot HDD Accelerator\FBServiceps.dll 2013-07-28 15:29 - 2011-08-02 19:58 - 02201088 _____ () C:\Program Files\Lenovo\Communications Utility\cxcore210.dll 2013-07-28 15:29 - 2011-08-02 19:58 - 02085888 _____ () C:\Program Files\Lenovo\Communications Utility\cv210.dll 2014-03-14 17:47 - 2014-03-14 17:47 - 00092504 _____ () C:\Program Files (x86)\Lenovo\Access Connections\AcWrpc.dll 2013-07-28 15:24 - 2012-02-21 04:09 - 01198872 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\ACE.dll ==================== Alternate Data Streams (whitelisted) ========= (If an entry is included in the fixlist, only the Alternate Data Streams will be removed.) AlternateDataStreams: C:\Users\rwi:id ==================== Safe Mode (whitelisted) =================== (If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.) HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk => ""="Driver" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk.sys => ""="Driver" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfevtp => ""="Driver" ==================== EXE Association (whitelisted) ============= (If an entry is included in the fixlist, the default will be restored. None default entries will be removed.) ==================== MSCONFIG/TASK MANAGER disabled items ========= (Currently there is no automatic fix for this section.) ========================= Accounts: ========================== Admin (S-1-5-21-3144559650-1475759494-1347005504-1001 - Administrator - Enabled) FGAdmin (S-1-5-21-3144559650-1475759494-1347005504-500 - Administrator - Disabled) Gość (S-1-5-21-3144559650-1475759494-1347005504-501 - Limited - Disabled) UpdatusUser (S-1-5-21-3144559650-1475759494-1347005504-1000 - Limited - Enabled) ==================== Faulty Device Manager Devices ============= Name: Description: Class Guid: Manufacturer: Service: Problem: : The drivers for this device are not installed. (Code 28) Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard. Name: Cisco Systems VPN Adapter for 64-bit Windows Description: Cisco Systems VPN Adapter for 64-bit Windows Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318} Manufacturer: Cisco Systems Service: CVirtA Problem: : This device is disabled. (Code 22) Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions. Name: Kontroler zgodny ze standardem High Definition Audio Description: Kontroler zgodny ze standardem High Definition Audio Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318} Manufacturer: Microsoft Service: HDAudBus Problem: : This device is disabled. (Code 22) Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions. ==================== Event log errors: ========================= Application errors: ================== Error: (01/28/2015 00:59:42 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Nazwa aplikacji powodującej błąd: FRST64.exe, wersja: 28.1.2015.0, sygnatura czasowa: 0x54c8cc06 Nazwa modułu powodującego błąd: unknown, wersja: 0.0.0.0, sygnatura czasowa: 0x00000000 Kod wyjątku: 0xc0000005 Przesunięcie błędu: 0x0000000000000000 Identyfikator procesu powodującego błąd: 0x1350 Godzina uruchomienia aplikacji powodującej błąd: 0xFRST64.exe0 Ścieżka aplikacji powodującej błąd: FRST64.exe1 Ścieżka modułu powodującego błąd: FRST64.exe2 Identyfikator raportu: FRST64.exe3 Error: (01/28/2015 00:09:33 PM) (Source: dwmrcs) (EventID: 110) (User: ) Description: Error: DameWare Mini Remote Control Error setsockopt (IP_DROP_MEMBERSHIP) System Error: 10049 System Message: Żądany adres jest nieprawidłowy w tym kontekście. (srv 64 bit) Error: (01/28/2015 00:08:49 PM) (Source: McLogEvent) (EventID: 5022) (User: ZARZĄDZANIE NT) Description: MCSCAN32 Engine Initialisation failed. Engine returned error : 1 Error: (01/28/2015 00:08:49 PM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (01/28/2015 00:08:49 PM) (Source: dwmrcs) (EventID: 110) (User: ) Description: Error: DameWare Mini Remote Control Error setsockopt (IP_ADD_MEMBERSHIP) System Error: 10065 System Message: Próba przeprowadzenia operacji, wykonywanej przez gniazdo, na nieosiągalnym hoście. (srv 64 bit) Error: (01/28/2015 00:00:15 PM) (Source: MsiInstaller) (EventID: 1024) (User: fii) Description: Produkt: ActivClient x64 - nie można zainstalować aktualizacji 'ActivClient x64 6.2 - FIXS1003006 (6.2.0.75)'. Kod błędu 1603. Instalator Windows może tworzyć dzienniki, aby ułatwić rozwiązywanie problemów z instalowaniem pakietów oprogramowania. Użyj następującego łącza, aby uzyskać instrukcje dotyczące włączania obsługi rejestrowania: http://go.microsoft.com/fwlink/?LinkId=23127 Error: (01/28/2015 00:00:15 PM) (Source: MsiInstaller) (EventID: 10005) (User: fii) Description: Product: ActivClient x64 -- Error 2738.Could not access VBScript run time for custom action . Error: (01/28/2015 00:00:13 PM) (Source: MsiInstaller) (EventID: 10005) (User: fii) Description: Product: ActivClient x64 -- Error 2738.Could not access VBScript run time for custom action . Error: (01/28/2015 11:59:33 AM) (Source: dwmrcs) (EventID: 110) (User: ) Description: Error: DameWare Mini Remote Control Error setsockopt (IP_DROP_MEMBERSHIP) System Error: 10049 System Message: Żądany adres jest nieprawidłowy w tym kontekście. (srv 64 bit) Error: (01/28/2015 11:58:51 AM) (Source: McLogEvent) (EventID: 5022) (User: ZARZĄDZANIE NT) Description: MCSCAN32 Engine Initialisation failed. Engine returned error : 1 System errors: ============= Error: (01/28/2015 00:41:21 PM) (Source: SCardSvr) (EventID: 610) (User: ) Description: Operacja We/Wy została przerwana z powodu zakończenia wątku lub żądania aplikacji.ActivIdentity Activkey_Sim 0GET_STATEXX XX XX XX Error: (01/28/2015 00:34:33 PM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: Usługa NVIDIA Stereoscopic 3D Driver Service niespodziewanie zakończyła pracę. Wystąpiło to razy: 1. Error: (01/28/2015 00:32:33 PM) (Source: Microsoft-Windows-GroupPolicy) (EventID: 1129) (User: fii) Description: Przetwarzanie zasad grupy nie powiodło się z powodu braku łączności sieciowej z kontrolerem domeny. To może być stan przejściowy. Po połączeniu komputera z kontrolerem domeny i pomyślnym przetworzeniu zasad grupy powinien zostać wygenerowany komunikat o powodzeniu. Jeśli komunikat o powodzeniu nie zostanie wyświetlony w ciągu kilku godzin, skontaktuj się z administratorem. Error: (01/28/2015 00:10:50 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Nie można uruchomić usługi NVIDIA Update Service Daemon z powodu następującego błędu: %%1069 Error: (01/28/2015 00:10:50 PM) (Source: Service Control Manager) (EventID: 7038) (User: ) Description: Usługa nvUpdatusService nie może zalogować się jako .\UpdatusUser za pomocą obecnie skonfigurowanego hasła z powodu następującego błędu: %%1330 Aby upewnić się, że usługa jest skonfigurowana prawidłowo, użyj przystawki Usługi w programie Microsoft Management Console (MMC). Error: (01/28/2015 00:08:50 PM) (Source: Service Control Manager) (EventID: 7026) (User: ) Description: Nie można załadować następujących sterowników startu rozruchowego lub systemowego: cdrom Error: (01/28/2015 00:08:49 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Nie można uruchomić usługi McAfee Task Manager z powodu następującego błędu: %%2 Error: (01/28/2015 00:08:49 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Nie można uruchomić usługi Usługa McAfee Framework z powodu następującego błędu: %%5 Error: (01/28/2015 00:08:48 PM) (Source: NETLOGON) (EventID: 5719) (User: ) Description: Ten komputer nie może skonfigurować zabezpieczonej sesji z kontrolerem domeny w domenie fii z następującego powodu: %%1311 To może powodować problemy z uwierzytelnianiem. Upewnij się, że ten komputer jest podłączony do sieci. Jeżeli problem się nie rozwiąże, skontaktuj się z administratorem domeny. INFORMACJE DODATKOWE Jeżeli ten komputer jest kontrolerem domeny dla określonej domeny, konfiguruje zabezpieczoną sesję z emulatorem podstawowego kontrolera domeny w określonej domenie. W przeciwnym przypadku komputer może skonfigurować zabezpieczoną sesję z dowolnym kontrolerem domeny w określonej domenie. Error: (01/28/2015 00:08:47 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Nie można uruchomić usługi SMI Helper Driver (smihlp2) z powodu następującego błędu: %%2 Microsoft Office Sessions: ========================= Error: (01/28/2015 00:59:42 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: FRST64.exe28.1.2015.054c8cc06unknown0.0.0.000000000c00000050000000000000000135001d03af1e1eb00faC:\Users\rwi\Desktop\FRST64.exeunknown244744cc-a6e5-11e4-a831-3c970eb3897c Error: (01/28/2015 00:09:33 PM) (Source: dwmrcs) (EventID: 110) (User: ) Description: DameWare Mini Remote Control Error setsockopt (IP_DROP_MEMBERSHIP) System Error: 10049 System Message: Żądany adres jest nieprawidłowy w tym kontekście. (srv 64 bit) Error: (01/28/2015 00:08:49 PM) (Source: McLogEvent) (EventID: 5022) (User: ZARZĄDZANIE NT) Description: 1 Error: (01/28/2015 00:08:49 PM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (01/28/2015 00:08:49 PM) (Source: dwmrcs) (EventID: 110) (User: ) Description: DameWare Mini Remote Control Error setsockopt (IP_ADD_MEMBERSHIP) System Error: 10065 System Message: Próba przeprowadzenia operacji, wykonywanej przez gniazdo, na nieosiągalnym hoście. (srv 64 bit) Error: (01/28/2015 00:00:15 PM) (Source: MsiInstaller) (EventID: 1024) (User: fii) Description: ActivClient x64ActivClient x64 6.2 - FIXS1003006 (6.2.0.75)1603(NULL)(NULL)(NULL) Error: (01/28/2015 00:00:15 PM) (Source: MsiInstaller) (EventID: 10005) (User: fii) Description: Product: ActivClient x64 -- Error 2738.Could not access VBScript run time for custom action .(NULL)(NULL)(NULL)(NULL)(NULL) Error: (01/28/2015 00:00:13 PM) (Source: MsiInstaller) (EventID: 10005) (User: fii) Description: Product: ActivClient x64 -- Error 2738.Could not access VBScript run time for custom action .(NULL)(NULL)(NULL)(NULL)(NULL) Error: (01/28/2015 11:59:33 AM) (Source: dwmrcs) (EventID: 110) (User: ) Description: DameWare Mini Remote Control Error setsockopt (IP_DROP_MEMBERSHIP) System Error: 10049 System Message: Żądany adres jest nieprawidłowy w tym kontekście. (srv 64 bit) Error: (01/28/2015 11:58:51 AM) (Source: McLogEvent) (EventID: 5022) (User: ZARZĄDZANIE NT) Description: 1 CodeIntegrity Errors: =================================== Date: 2015-01-14 15:08:59.129 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\dsound.dll because the set of per-page image hashes could not be found on the system. Date: 2015-01-14 15:08:58.007 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\dsound.dll because the set of per-page image hashes could not be found on the system. Date: 2014-09-11 19:12:47.524 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\dsound.dll because the set of per-page image hashes could not be found on the system. Date: 2014-08-19 11:26:18.741 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\dsound.dll because the set of per-page image hashes could not be found on the system. Date: 2014-08-19 11:26:17.596 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\dsound.dll because the set of per-page image hashes could not be found on the system. Date: 2014-08-19 11:26:16.316 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\dsound.dll because the set of per-page image hashes could not be found on the system. Date: 2014-06-10 17:41:22.828 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\dsound.dll because the set of per-page image hashes could not be found on the system. Date: 2014-06-10 17:41:22.731 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\dsound.dll because the set of per-page image hashes could not be found on the system. Date: 2014-06-10 17:41:22.216 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\dsound.dll because the set of per-page image hashes could not be found on the system. Date: 2014-06-10 17:41:22.072 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\dsound.dll because the set of per-page image hashes could not be found on the system. ==================== Memory info =========================== Processor: Intel(R) Core(TM) i7-3630QM CPU @ 2.40GHz Percentage of memory in use: 9% Total physical RAM: 32334.79 MB Available physical RAM: 29148.67 MB Total Pagefile: 80833.97 MB Available Pagefile: 77544.21 MB Total Virtual: 8192 MB Available Virtual: 8191.82 MB ==================== Drives ================================ Drive c: (Windows7_OS) (Fixed) (Total:99.81 GB) (Free:44.23 GB) NTFS ==>[System with boot components (obtained from reading drive)] Drive d: () (Fixed) (Total:465.76 GB) (Free:279.17 GB) NTFS Drive q: (Lenovo_Recovery) (Fixed) (Total:11.25 GB) (Free:0.01 GB) NTFS ==================== MBR & Partition Table ================== ======================================================== Disk: 0 (Size: 111.8 GB) (Disk ID: 243D928F) Partition 1: (Active) - (Size=744 MB) - (Type=07 NTFS) Partition 2: (Not Active) - (Size=99.8 GB) - (Type=07 NTFS) Partition 3: (Not Active) - (Size=11.2 GB) - (Type=07 NTFS) ======================================================== Disk: 1 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: 3D97B8B0) Partition 1: (Not Active) - (Size=465.8 GB) - (Type=OF Extended) ==================== End Of Log ============================