Additional scan result of Farbar Recovery Scan Tool (x64) Version: 23-04-2015 02 Ran by MattAwe at 2015-04-23 23:37:29 Running from C:\MattAwe\Pobierane Boot Mode: Normal ========================================================== ==================== Accounts: ============================= Administrator (S-1-5-21-266955175-3238178064-3006760222-500 - Administrator - Disabled) Guest (S-1-5-21-266955175-3238178064-3006760222-501 - Limited - Disabled) => C:\Users\Guest MattAwe (S-1-5-21-266955175-3238178064-3006760222-1002 - Administrator - Enabled) => C:\Users\Mateusz ==================== Security Center ======================== (If an entry is included in the fixlist, it will be removed.) AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} ==================== Installed Programs ====================== (Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.) «Alien - Isolation» 1.0.0.0 (HKLM-x32\...\«Alien - Isolation»_is1) (Version: 1.0.0.0 - SEGA) µTorrent (HKU\S-1-5-21-266955175-3238178064-3006760222-1002\...\uTorrent) (Version: 3.4.2.37754 - BitTorrent Inc.) 7-Zip 9.20 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov) Adobe Flash Player 17 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 17.0.0.169 - Adobe Systems Incorporated) Aktualizacje NVIDIA 2.4.1.21 (Version: 2.4.1.21 - NVIDIA Corporation) Hidden Assetto Corsa (HKLM-x32\...\Steam App 244210) (Version: - Kunos Simulazioni) Batman: Arkham Asylum GOTY Edition (HKLM-x32\...\Steam App 35140) (Version: - Rocksteady Studios) BOSS (HKLM-x32\...\BOSS) (Version: 2.1.1 - BOSS Development Team) Capsule (HKLM-x32\...\Capsule) (Version: 1.0.000 - Green Man Gaming Limited) Car Mechanic Simulator 2014 (HKLM-x32\...\Steam App 270850) (Version: - PlayWay S.A.) CCleaner (HKLM\...\CCleaner) (Version: 4.17 - Piriform) Cheat Engine 6.3 (HKLM-x32\...\Cheat Engine 6.3_is1) (Version: - Cheat Engine) Classic Shell (HKLM\...\{840C85B7-D3D6-4143-9AF9-DAE80FD54CFC}) (Version: 4.1.0 - IvoSoft) Counter-Strike (HKLM-x32\...\Steam App 10) (Version: - Valve) Counter-Strike: Global Offensive (HKLM-x32\...\Steam App 730) (Version: - Valve) DayZ (HKLM-x32\...\Steam App 221100) (Version: - Bohemia Interactive) Dependency Package Update (x32 Version: 1.6.32.00 - Lenovo Group Limited) Hidden EA SPORTS™ FIFA 15 (HKLM-x32\...\{3D4ADA2B-F028-4307-ADF4-6F9AA44725DA}) (Version: 1.4.0.0 - Electronic Arts) Energy Management (HKLM-x32\...\InstallShield_{D0956C11-0F60-43FE-99AD-524E833471BB}) (Version: 8.0.2.4 - Lenovo) Energy Management (x32 Version: 8.0.2.4 - Lenovo) Hidden Euro Truck Simulator 2 (HKLM-x32\...\Steam App 227300) (Version: - SCS Software) f.lux (HKU\S-1-5-21-266955175-3238178064-3006760222-1002\...\Flux) (Version: - ) F1 2014 (HKLM-x32\...\RjEyMDE0_is1) (Version: 1 - ) F1 2014 [Spolszczenie] - YaGo wersja 1.0 (HKLM-x32\...\{7F016825-1F1C-4EA6-801F-C22A8EFE3B3A}_is1) (Version: 1.0 - YaGo) Far Cry 3 (HKLM-x32\...\Uplay Install 46) (Version: - Ubisoft) Fraps (remove only) (HKLM-x32\...\Fraps) (Version: - ) Freemake Video Converter wersja 4.1.4 (HKLM-x32\...\Freemake Video Converter_is1) (Version: 4.1.4 - Ellora Assets Corporation) Full Combat Rebalance 2 version 1.2 (HKLM-x32\...\Full Combat Rebalance 2_is1) (Version: 1.2 - Andrzej Kwiatkowski) Garry's Mod (HKLM-x32\...\Steam App 4000) (Version: - Garry) Genesys USB Mass Storage Device (HKLM-x32\...\{959B7F35-2819-40C5-A0CD-3C53B5FCC935}) (Version: 4.3.0.3 - Genesys Logic) GOG.com Downloader version 3.5.8 (HKLM-x32\...\{456A5815-604D-4D72-94DF-346D2B978A59}_is1) (Version: 3.5.8 - GOG.com) Google Chrome (HKLM-x32\...\Google Chrome) (Version: 42.0.2311.90 - Google Inc.) Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden Google Update Helper (x32 Version: 1.3.26.9 - Google Inc.) Hidden Grand Theft Auto V (HKLM-x32\...\{E01FA564-2094-4833-8F2F-1FFEC6AFCC46}) (Version: "1.00.0000" - Rockstar Games) Grand Theft Auto: Episodes from Liberty City (HKLM-x32\...\Steam App 12220) (Version: - Rockstar North / Toronto) HD Tune Pro 5.50 (HKLM-x32\...\HD Tune Pro_is1) (Version: - EFD Software) Hitman: Absolution (HKLM-x32\...\Steam App 203140) (Version: - IO Interactive) HTC Driver Installer (HKLM-x32\...\{4CEEE5D0-F905-4688-B9F9-ECC710507796}) (Version: 4.10.0.001 - HTC Corporation) Intel(R) Manageability Engine Firmware Recovery Agent (HKLM-x32\...\{A6C48A9F-694A-4234-B3AA-62590B668927}) (Version: 1.0.0.36702 - Intel Corporation) Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.0.0.1323 - Intel Corporation) Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.14.4156 - Intel Corporation) Intel(R) PROSet/Wireless Software for Bluetooth(R) Technology (HKLM\...\{302600C1-6BDF-4FD1-1309-148929CC1385}) (Version: 3.1.1309.0390 - Intel Corporation) Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 12.0.0.1083 - Intel Corporation) Intel(R) SDK for OpenCL - CPU Only Runtime Package (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 3.0.0.63463 - Intel Corporation) Java 8 Update 31 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218031F0}) (Version: 8.0.310 - Oracle Corporation) Lenovo EasyCamera (HKLM-x32\...\{E0A7ED39-8CD6-4351-93C3-69CCA00D12B4}) (Version: 6.2.9200.10223 - Realtek Semiconductor Corp.) Lenovo OneKey Recovery (HKLM-x32\...\InstallShield_{46F4D124-20E5-4D12-BE52-EC177A7A4B42}) (Version: 8.0.0.1519 - CyberLink Corp.) Lenovo OneKey Recovery (Version: 8.0.0.1519 - CyberLink Corp.) Hidden Lenovo YouCam (HKLM-x32\...\InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 4.1.3423 - CyberLink Corp.) Lenovo YouCam (x32 Version: 4.1.3423 - CyberLink Corp.) Hidden Logitech Gaming Software 8.55 (HKLM\...\Logitech Gaming Software) (Version: 8.55.137 - Logitech Inc.) Łatka polonizacyjna GTA IV: The Lost and Damned v1.1 oraz GTA IV: The Ballad of Gay Tony v1.0 (HKLM-x32\...\Łatka polonizacyjna GTA IV: The Lost and Damned v1.1 oraz GTA IV: The Ballad of Gay Tony v1.0) (Version: 1.2 - IRONSQUAD.PL) Mafia II (HKLM-x32\...\Steam App 50130) (Version: - 2K Czech) Mass Effect™ 3 (HKLM-x32\...\{534A31BD-20F4-46b0-85CE-09778379663C}) (Version: 1.05.0.0 - Electronic Arts) Metro: Last Light (HKLM-x32\...\Steam App 43160) (Version: - 4A Games) Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation) Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{42AA4CA8-DCD8-4308-BCAB-0B6D75856A9D}) (Version: 3.5.95.0 - Microsoft Corporation) Microsoft Games for Windows Marketplace (HKLM-x32\...\{67F42018-F647-4D3C-BE62-F8CB4FE2FCD5}) (Version: 3.5.67.0 - Microsoft Corporation) Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{A49F249F-0C91-497F-86DF-B2585E8E76B7}) (Version: 8.0.50727.42 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{6AFCA4E1-9B78-3640-8F72-A7BF33448200}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation) NapiProjekt (2.2.0.2399) (HKLM-x32\...\NapiProjekt_is1) (Version: - ) NBA 2K15 Update 3 (HKLM-x32\...\TkJBMksxNQ==_is1) (Version: 1 - ) Nexus Mod Manager (HKLM\...\6af12c54-643b-4752-87d0-8335503010de_is1) (Version: 0.50.3 - Black Tree Gaming) NVIDIA GeForce Experience 2.4.1.21 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.4.1.21 - NVIDIA Corporation) NVIDIA Oprogramowanie systemu PhysX 9.15.0324 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.15.0324 - NVIDIA Corporation) NVIDIA Sterownik graficzny 350.12 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 350.12 - NVIDIA Corporation) Onekey Theater (HKLM-x32\...\{91CC5BAE-A098-40D3-A43B-C0DC7CE263FE}) (Version: 3.0.1.0 - Lenovo) OpenOffice.org 3.4.1 (HKLM-x32\...\{18192D3F-5537-4560-AD89-D695F72AF91D}) (Version: 3.41.9593 - Apache Software Foundation) Oprogramowanie Intel® PROSet/Wireless (HKLM-x32\...\{fad118b4-798f-4755-9e67-a622eec95b62}) (Version: 15.6.1 - Intel Corporation) Oracle VM VirtualBox 4.3.16 (HKLM\...\{D7FAEA32-7CE3-4D9F-9139-F7B87BCC50AF}) (Version: 4.3.16 - Oracle Corporation) Origin (HKLM-x32\...\Origin) (Version: 9.3.1.4482 - Electronic Arts, Inc.) Panel sterowania NVIDIA 350.12 (Version: 350.12 - NVIDIA Corporation) Hidden PokerStars.eu (HKLM-x32\...\PokerStars.eu) (Version: - PokerStars.eu) Portal (HKLM-x32\...\Steam App 400) (Version: - Valve) Power2Go (HKLM-x32\...\{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 5.6.0.9109 - CyberLink Corp.) PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.993 - Even Balance, Inc.) Qualcomm Atheros Communications Inc.(R) AR81Family Gigabit/Fast Ethernet Driver (HKLM-x32\...\{3108C217-BE83-42E4-AE9E-A56A2A92E549}) (Version: 2.1.0.12 - Qualcomm Atheros Communications Inc.) Rainmeter (HKLM-x32\...\Rainmeter) (Version: 3.1 r2290 - ) Razer Comms (HKLM-x32\...\Razer Comms) (Version: 5.6 - Razer Inc.) Real Alternative 2.0.2 (HKLM-x32\...\RealAlt_is1) (Version: 2.0.2 - ) Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7404 - Realtek Semiconductor Corp.) Rockstar Games Social Club (HKLM-x32\...\Rockstar Games Social Club) (Version: 1.1.5.8 - Rockstar Games) Sandboxie 4.14 (64-bit) (HKLM\...\Sandboxie) (Version: 4.14 - Sandboxie Holdings, LLC) screenSHU - the fastest screen capture ever. (HKLM-x32\...\screenSHU) (Version: - ) Shared C Run-time for x64 (HKLM\...\{EF79C448-6946-4D71-8134-03407888C054}) (Version: 10.0.0 - McAfee) SHIELD Streaming (Version: 4.1.1000 - NVIDIA Corporation) Hidden SHIELD Wireless Controller Driver (Version: 2.4.1.21 - NVIDIA Corporation) Hidden Skype™ 7.1 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.1.105 - Skype Technologies S.A.) Spotify (HKU\S-1-5-21-266955175-3238178064-3006760222-1002\...\Spotify) (Version: 0.9.15.27.g87efe634 - Spotify AB) Steam (HKLM-x32\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve Corporation) Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 16.4.1.0 - Synaptics Incorporated) System Requirements Lab (HKLM-x32\...\{0F659036-14C7-4622-9505-35A0DC93526A}) (Version: 6.1.3.0 - Husdawg, LLC) TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.16 - TeamSpeak Systems GmbH) The Elder Scrolls V: Skyrim (HKLM-x32\...\Steam App 72850) (Version: - Bethesda Game Studios) The Walking Dead (HKLM-x32\...\Steam App 207610) (Version: - ) The Witcher 2 - Assassins of Kings Enhanced Edition (HKLM-x32\...\GOGPACKTHEWITCHER2EE_is1) (Version: 3.4.0.25 - GOG.com) Ubisoft Game Launcher (HKLM-x32\...\{888F1505-C2B3-4FDE-835D-36353EBD4754}) (Version: 1.0.0.0 - UBISOFT) Unity Web Player (HKU\S-1-5-21-266955175-3238178064-3006760222-1002\...\UnityWebPlayer) (Version: - Unity Technologies ApS) VLC media player (HKLM-x32\...\VLC media player) (Version: 2.1.5 - VideoLAN) Windows Driver Package - Lenovo (ACPIVPC) System (06/15/2012 8.1.0.1) (HKLM\...\71BC3FD63F450BA0A957AAECBDB4A000C4F2BE42) (Version: 06/15/2012 8.1.0.1 - Lenovo) Windows Driver Package - Lenovo (WUDFRd) LenovoVhid (06/19/2012 10.13.29.733) (HKLM\...\8A223E56FB1ED4F697B54E5BF96F1EB63B512684) (Version: 06/19/2012 10.13.29.733 - Lenovo) ==================== Custom CLSID (selected items): ========================== (If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.) CustomCLSID: HKU\S-1-5-21-266955175-3238178064-3006760222-1002_Classes\CLSID\{820D63D5-8CFF-46DE-86AF-4997DEDD6DB5}\localserver32 -> C:\WINDOWS\system32\igfxEM.exe (Intel Corporation) ==================== Restore Points ========================= 08-04-2015 13:53:47 Windows Update 13-04-2015 11:41:53 Windows Update 18-04-2015 03:47:27 Zainstalowany program DirectX 19-04-2015 12:03:10 Instalator modułów systemu Windows 20-04-2015 22:44:12 Instalator modułów systemu Windows ==================== Hosts content: ========================== (If needed Hosts: directive could be included in the fixlist to reset Hosts.) 2013-08-22 15:25 - 2013-08-22 15:25 - 00000824 ____A C:\WINDOWS\system32\Drivers\etc\hosts ==================== Scheduled Tasks (whitelisted) ============= (If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.) Task: {0647A7D8-C55F-45C7-95AC-ED17A472C59A} - System32\Tasks\{4586760A-9FA8-4CD0-AFED-184E4B9E899D} => pcalua.exe -a G:\setup.exe -d G:\ -c /autorun Task: {075DD2B2-5F95-41BC-ADF5-7F385D7B46BE} - System32\Tasks\Adobe Flash Player Updater => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-04-14] (Adobe Systems Incorporated) Task: {0AAE217E-1AB0-4F78-BEB1-780375FD8FB2} - \Lenovo\Lenovo-30368 No Task File <==== ATTENTION Task: {2511C5CC-9779-45E1-92C4-F0AF1F3D5193} - System32\Tasks\MirageAgent => C:\Program Files (x86)\Lenovo\YouCam\YCMMirage.exe [2012-11-09] (CyberLink) Task: {28C20BCF-504F-4366-BC43-09BF45BD29FE} - System32\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d => C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\Bootstrap.exe [2012-06-14] (Intel Corporation) Task: {32CD69D6-F3AE-4E32-8546-80AE7C8EAB61} - System32\Tasks\{E2058F41-D24A-4D4F-885F-D04F7370A9A0} => pcalua.exe -a "C:\Program Files (x86)\DAEMON Tools Lite\uninst.exe" Task: {560360DE-B893-4E88-A195-85345E2919EC} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2015-04-18] (Microsoft Corporation) Task: {5806BE22-E0F9-4EA2-A115-2BA38F0F1ECA} - System32\Tasks\Microsoft\Windows\Setup\gwx\runappraiser => C:\Windows\system32\GWX\GWXConfigManager.exe [2015-03-24] (Microsoft Corporation) Task: {7B57994D-0C7E-4BFA-8CCE-7DF18A8C54D2} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-11-16] (Google Inc.) Task: {7F3C050F-EB33-45E6-BA26-00A96FBA0864} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-11-16] (Google Inc.) Task: {8F519126-F9C9-4D5E-96F5-D6ED3ED69171} - System32\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d-Logon => C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\Bootstrap.exe [2012-06-14] (Intel Corporation) Task: {9BA238B8-D016-4CFE-94F5-FE6F6DCFA4B8} - System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxconfig => C:\Windows\system32\GWX\GWXConfigManager.exe [2015-03-24] (Microsoft Corporation) Task: {A5606700-42AD-418D-86E1-03D984EDAB2B} - System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxcontent => C:\Windows\system32\GWX\GWXConfigManager.exe [2015-03-24] (Microsoft Corporation) Task: {ABD6AAA3-3DFE-4CE5-A171-027E0AC68378} - System32\Tasks\Microsoft\Windows\Setup\gwx\launchtrayprocess => C:\Windows\system32\GWX\GWX.exe [2015-03-24] (Microsoft Corporation) Task: {CCE68855-A9C1-47E5-A3C6-DFAC6BD228AA} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-08-21] (Piriform Ltd) Task: {D5F6E9AD-01E4-443C-A0F7-4AFFB291CDA2} - System32\Tasks\Synaptics TouchPad Enhancements => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2013-03-08] (Synaptics Incorporated) Task: {FE049FE1-E83E-4879-919D-57877B0EDC3C} - \Lenovo\Lenovo-30310 No Task File <==== ATTENTION Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: C:\WINDOWS\Tasks\Synaptics TouchPad Enhancements.job => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe ==================== Loaded Modules (whitelisted) ============== 2013-10-29 01:22 - 2015-04-08 23:30 - 00116552 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll 2014-02-27 20:27 - 2014-11-24 19:57 - 00076888 _____ () C:\WINDOWS\SysWOW64\PnkBstrA.exe 2015-02-05 02:24 - 2015-02-05 02:25 - 00187072 _____ () C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe 2013-07-20 06:21 - 2013-03-14 11:46 - 00040960 _____ () C:\Windows\SysWOW64\UMonit64.exe 2014-07-28 20:29 - 2014-07-28 20:29 - 00866584 _____ () C:\Program Files\Logitech Gaming Software\libGLESv2.dll 2014-07-28 20:32 - 2014-07-28 20:32 - 01050904 _____ () C:\Program Files\Logitech Gaming Software\platforms\qwindows.dll 2014-07-28 20:29 - 2014-07-28 20:29 - 00059160 _____ () C:\Program Files\Logitech Gaming Software\libEGL.dll 2014-07-28 20:31 - 2014-07-28 20:31 - 00242456 _____ () C:\Program Files\Logitech Gaming Software\imageformats\qjpeg.dll 2014-05-25 16:18 - 2014-05-25 16:18 - 00036536 _____ () C:\Program Files\Rainmeter\Rainmeter.exe 2014-05-25 16:18 - 2014-05-25 16:18 - 00747192 _____ () C:\Program Files\Rainmeter\Rainmeter.dll 2014-05-25 16:17 - 2014-05-25 16:17 - 00408064 _____ () C:\Program Files\Rainmeter\Plugins\NowPlaying.DLL 2014-05-25 16:17 - 2014-05-25 16:17 - 00023040 _____ () C:\Program Files\Rainmeter\Plugins\Win7AudioPlugin.DLL 2014-05-25 16:17 - 2014-05-25 16:17 - 00056832 _____ () C:\Program Files\Rainmeter\Plugins\WebParser.DLL 2014-05-25 16:17 - 2014-05-25 16:17 - 00011776 _____ () C:\Program Files\Rainmeter\Plugins\RecycleManager.DLL 2014-05-25 16:17 - 2014-05-25 16:17 - 00010752 _____ () C:\Program Files\Rainmeter\Plugins\Process.DLL 2014-05-25 16:18 - 2014-05-25 16:18 - 00022528 _____ () C:\Program Files\Rainmeter\Plugins\InputText.DLL 2014-05-25 16:17 - 2014-05-25 16:17 - 00011776 _____ () C:\Program Files\Rainmeter\Plugins\PowerPlugin.dll 2015-04-15 13:23 - 2015-04-13 23:55 - 01252680 _____ () C:\Program Files (x86)\Google\Chrome\Application\42.0.2311.90\libglesv2.dll 2015-04-15 13:23 - 2015-04-13 23:55 - 00080712 _____ () C:\Program Files (x86)\Google\Chrome\Application\42.0.2311.90\libegl.dll 2013-07-20 06:07 - 2013-03-12 22:19 - 01199576 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll ==================== Alternate Data Streams (whitelisted) ========= (If an entry is included in the fixlist, only the Alternate Data Streams will be removed.) AlternateDataStreams: C:\Users\Mateusz\SkyDrive:ms-properties ==================== Safe Mode (whitelisted) =================== (If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.) ==================== EXE Association (whitelisted) =============== (If an entry is included in the fixlist, the default will be restored. None default entries will be removed.) ==================== Internet Explorer trusted/restricted =============== (If an entry is included in the fixlist, the associated entry will be removed from the registry.) ==================== Other Areas ============================ (Currently there is no automatic fix for this section.) HKU\S-1-5-21-266955175-3238178064-3006760222-1002\Control Panel\Desktop\\Wallpaper -> C:\Users\Mateusz\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper DNS Servers: Media is not connected to internet. ==================== MSCONFIG/TASK MANAGER disabled items == (Currently there is no automatic fix for this section.) HKLM\...\StartupApproved\Run: => "SynLenovoGestureMgr" HKLM\...\StartupApproved\Run: => "OnekeyStudio" HKLM\...\StartupApproved\Run32: => "YouCam Tray" HKLM\...\StartupApproved\Run32: => "UpdateP2GShortCut" HKLM\...\StartupApproved\Run32: => "YouCam Mirage" HKLM\...\StartupApproved\Run32: => "ADSKAppManager" HKU\S-1-5-21-266955175-3238178064-3006760222-1002\...\StartupApproved\Run: => "Spotify Web Helper" HKU\S-1-5-21-266955175-3238178064-3006760222-1002\...\StartupApproved\Run: => "Akamai NetSession Interface" HKU\S-1-5-21-266955175-3238178064-3006760222-1002\...\StartupApproved\Run: => "SandboxieControl" HKU\S-1-5-21-266955175-3238178064-3006760222-1002\...\StartupApproved\Run: => "f.lux" ==================== Faulty Device Manager Devices ============= Name: VirtualBox Host-Only Ethernet Adapter Description: VirtualBox Host-Only Ethernet Adapter Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318} Manufacturer: Oracle Corporation Service: VBoxNetAdp Problem: : This device is disabled. (Code 22) Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions. Name: Qualcomm Atheros AR8171/8175 PCI-E Gigabit Ethernet Controller (NDIS 6.30) Description: Kontroler Qualcomm Atheros AR8171/8175 PCI-E Gigabit Ethernet Controller (NDIS 6.30) Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318} Manufacturer: Qualcomm Atheros Service: L1C Problem: : This device is disabled. (Code 22) Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions. Name: StorLib bus (virtual storages support) Description: StorLib bus (virtual storages support) Class Guid: Manufacturer: Service: Problem: : The drivers for this device are not installed. (Code 28) Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard. ==================== Event log errors: ========================= Application errors: ================== Error: (04/23/2015 10:53:25 PM) (Source: Application Hang) (EventID: 1002) (User: ) Description: Program Explorer.EXE w wersji 6.3.9600.17667 przestał współpracować z systemem Windows i został zamknięty. Aby sprawdzić, czy jest dostępnych więcej informacji na temat tego problemu, sprawdź historię problemu w aplecie Centrum akcji w Panelu sterowania. Identyfikator procesu: e5c Godzina rozpoczęcia: 01d07e0725627492 Godzina zakończenia: 0 Ścieżka aplikacji: C:\WINDOWS\Explorer.EXE Identyfikator raportu: 8abc8ffc-e9fa-11e4-bef6-68172947aaa3 Pełna nazwa pakietu powodującego błąd: Identyfikator aplikacji względem pakietu powodującego błąd: Error: (04/23/2015 04:31:36 PM) (Source: SideBySide) (EventID: 9) (User: ) Description: Nie można wygenerować kontekstu aktywacji dla "1". Błąd w pliku manifestu lub w pliku zasad "2" w wierszu 3. Element główny pliku manifestu musi być zmontowany. Error: (04/23/2015 02:35:25 PM) (Source: SideBySide) (EventID: 9) (User: ) Description: Nie można wygenerować kontekstu aktywacji dla "1". Błąd w pliku manifestu lub w pliku zasad "2" w wierszu 3. Element główny pliku manifestu musi być zmontowany. Error: (04/23/2015 00:29:45 PM) (Source: SideBySide) (EventID: 9) (User: ) Description: Nie można wygenerować kontekstu aktywacji dla "1". Błąd w pliku manifestu lub w pliku zasad "2" w wierszu 3. Element główny pliku manifestu musi być zmontowany. Error: (04/23/2015 00:26:15 PM) (Source: SideBySide) (EventID: 9) (User: ) Description: Nie można wygenerować kontekstu aktywacji dla "1". Błąd w pliku manifestu lub w pliku zasad "2" w wierszu 3. Element główny pliku manifestu musi być zmontowany. Error: (04/23/2015 00:19:23 PM) (Source: SideBySide) (EventID: 9) (User: ) Description: Nie można wygenerować kontekstu aktywacji dla "1". Błąd w pliku manifestu lub w pliku zasad "2" w wierszu 3. Element główny pliku manifestu musi być zmontowany. Error: (04/23/2015 00:10:10 PM) (Source: SideBySide) (EventID: 9) (User: ) Description: Nie można wygenerować kontekstu aktywacji dla "1". Błąd w pliku manifestu lub w pliku zasad "2" w wierszu 3. Element główny pliku manifestu musi być zmontowany. Error: (04/22/2015 07:07:50 PM) (Source: SideBySide) (EventID: 9) (User: ) Description: Nie można wygenerować kontekstu aktywacji dla "1". Błąd w pliku manifestu lub w pliku zasad "2" w wierszu 3. Element główny pliku manifestu musi być zmontowany. Error: (04/22/2015 06:59:40 PM) (Source: SideBySide) (EventID: 9) (User: ) Description: Nie można wygenerować kontekstu aktywacji dla "1". Błąd w pliku manifestu lub w pliku zasad "2" w wierszu 3. Element główny pliku manifestu musi być zmontowany. Error: (04/22/2015 10:53:11 AM) (Source: SideBySide) (EventID: 9) (User: ) Description: Nie można wygenerować kontekstu aktywacji dla "1". Błąd w pliku manifestu lub w pliku zasad "2" w wierszu 3. Element główny pliku manifestu musi być zmontowany. System errors: ============= Error: (04/23/2015 11:06:25 PM) (Source: Microsoft-Windows-Kernel-General) (EventID: 5) (User: ZARZĄDZANIE NT) Description: 0x8000002a42\SystemRoot\System32\Config\RegBack\SYSTEM Error: (04/22/2015 09:15:42 AM) (Source: Ntfs) (EventID: 138) (User: ) Description: Menedżer zasobów transakcji w C:\ napotkał błąd krytyczny i został zamknięty. Dane zawierają kod błędu. Error: (04/21/2015 08:15:26 PM) (Source: bowser) (EventID: 8003) (User: ) Description: Przeglądarka główna odebrała anons serwera z komputera AM. Komputer ten zachowuje się tak, jakby był przeglądarką główną dla domeny w transporcie NetBT_Tcpip_{80C09B1A-21F2-4389-8C90-84E846DF92D1}. Przeglądarka główna właśnie jest zatrzymywana albo wymuszany jest wybór. Error: (04/21/2015 03:00:01 PM) (Source: Microsoft-Windows-Kernel-General) (EventID: 5) (User: ZARZĄDZANIE NT) Description: 0x8000002a42\SystemRoot\System32\Config\RegBack\SYSTEM Error: (04/20/2015 11:44:53 PM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: Usługa Freemake Improver niespodziewanie zakończyła pracę. Wystąpiło to razy: 1. Error: (04/20/2015 09:20:02 PM) (Source: NetBT) (EventID: 4321) (User: ) Description: Nie można zarejestrować nazwy „WORKGROUP :1d” w interfejsie o adresie IP 192.168.100.23. Komputer o adresie IP 192.168.100.53 nie zezwolił na przejęcie tej nazwy przez ten komputer. Error: (04/20/2015 02:33:24 AM) (Source: bowser) (EventID: 8003) (User: ) Description: Przeglądarka główna odebrała anons serwera z komputera AM-TOSH. Komputer ten zachowuje się tak, jakby był przeglądarką główną dla domeny w transporcie NetBT_Tcpip_{80C09B1A-21F2-4389-8C90-84E846DF92D1}. Przeglądarka główna właśnie jest zatrzymywana albo wymuszany jest wybór. Error: (04/19/2015 11:05:30 PM) (Source: bowser) (EventID: 8003) (User: ) Description: Przeglądarka główna odebrała anons serwera z komputera AM-TOSH. Komputer ten zachowuje się tak, jakby był przeglądarką główną dla domeny w transporcie NetBT_Tcpip_{80C09B1A-21F2-4389-8C90-84E846DF92D1}. Przeglądarka główna właśnie jest zatrzymywana albo wymuszany jest wybór. Error: (04/18/2015 07:57:41 PM) (Source: Microsoft-Windows-Kernel-General) (EventID: 5) (User: ZARZĄDZANIE NT) Description: 0x8000002a42\SystemRoot\System32\Config\RegBack\SYSTEM Error: (04/18/2015 07:19:22 PM) (Source: DCOM) (EventID: 10016) (User: ZARZĄDZANIE NT) Description: właściwe dla aplikacjiLokalnyAktywacja{135FD325-45B7-4C30-89F8-4386961669F0}{135FD325-45B7-4C30-89F8-4386961669F0}ZARZĄDZANIE NTUSŁUGA SIECIOWAS-1-5-20LocalHost (użycie LRPC)NiedostępnyNiedostępny Microsoft Office Sessions: ========================= Error: (04/23/2015 10:53:25 PM) (Source: Application Hang) (EventID: 1002) (User: ) Description: Explorer.EXE6.3.9600.17667e5c01d07e07256274920C:\WINDOWS\Explorer.EXE8abc8ffc-e9fa-11e4-bef6-68172947aaa3 Error: (04/23/2015 04:31:36 PM) (Source: SideBySide) (EventID: 9) (User: ) Description: c:\program files\windowsapps\c59ad0af.lenovocloudstoragebysugarsync_1.2.0.890_neutral__m3tnjedffpfhj\SugarSyncWin8.exec:\program files\windowsapps\c59ad0af.lenovocloudstoragebysugarsync_1.2.0.890_neutral__m3tnjedffpfhj\SugarSyncWin8.exe2 Error: (04/23/2015 02:35:25 PM) (Source: SideBySide) (EventID: 9) (User: ) Description: c:\program files\windowsapps\c59ad0af.lenovocloudstoragebysugarsync_1.2.0.890_neutral__m3tnjedffpfhj\SugarSyncWin8.exec:\program files\windowsapps\c59ad0af.lenovocloudstoragebysugarsync_1.2.0.890_neutral__m3tnjedffpfhj\SugarSyncWin8.exe2 Error: (04/23/2015 00:29:45 PM) (Source: SideBySide) (EventID: 9) (User: ) Description: c:\program files\windowsapps\c59ad0af.lenovocloudstoragebysugarsync_1.2.0.890_neutral__m3tnjedffpfhj\SugarSyncWin8.exec:\program files\windowsapps\c59ad0af.lenovocloudstoragebysugarsync_1.2.0.890_neutral__m3tnjedffpfhj\SugarSyncWin8.exe2 Error: (04/23/2015 00:26:15 PM) (Source: SideBySide) (EventID: 9) (User: ) Description: c:\program files\windowsapps\c59ad0af.lenovocloudstoragebysugarsync_1.2.0.890_neutral__m3tnjedffpfhj\SugarSyncWin8.exec:\program files\windowsapps\c59ad0af.lenovocloudstoragebysugarsync_1.2.0.890_neutral__m3tnjedffpfhj\SugarSyncWin8.exe2 Error: (04/23/2015 00:19:23 PM) (Source: SideBySide) (EventID: 9) (User: ) Description: c:\program files\windowsapps\c59ad0af.lenovocloudstoragebysugarsync_1.2.0.890_neutral__m3tnjedffpfhj\SugarSyncWin8.exec:\program files\windowsapps\c59ad0af.lenovocloudstoragebysugarsync_1.2.0.890_neutral__m3tnjedffpfhj\SugarSyncWin8.exe2 Error: (04/23/2015 00:10:10 PM) (Source: SideBySide) (EventID: 9) (User: ) Description: c:\program files\windowsapps\c59ad0af.lenovocloudstoragebysugarsync_1.2.0.890_neutral__m3tnjedffpfhj\SugarSyncWin8.exec:\program files\windowsapps\c59ad0af.lenovocloudstoragebysugarsync_1.2.0.890_neutral__m3tnjedffpfhj\SugarSyncWin8.exe2 Error: (04/22/2015 07:07:50 PM) (Source: SideBySide) (EventID: 9) (User: ) Description: c:\program files\windowsapps\c59ad0af.lenovocloudstoragebysugarsync_1.2.0.890_neutral__m3tnjedffpfhj\SugarSyncWin8.exec:\program files\windowsapps\c59ad0af.lenovocloudstoragebysugarsync_1.2.0.890_neutral__m3tnjedffpfhj\SugarSyncWin8.exe2 Error: (04/22/2015 06:59:40 PM) (Source: SideBySide) (EventID: 9) (User: ) Description: c:\program files\windowsapps\c59ad0af.lenovocloudstoragebysugarsync_1.2.0.890_neutral__m3tnjedffpfhj\SugarSyncWin8.exec:\program files\windowsapps\c59ad0af.lenovocloudstoragebysugarsync_1.2.0.890_neutral__m3tnjedffpfhj\SugarSyncWin8.exe2 Error: (04/22/2015 10:53:11 AM) (Source: SideBySide) (EventID: 9) (User: ) Description: c:\program files\windowsapps\c59ad0af.lenovocloudstoragebysugarsync_1.2.0.890_neutral__m3tnjedffpfhj\SugarSyncWin8.exec:\program files\windowsapps\c59ad0af.lenovocloudstoragebysugarsync_1.2.0.890_neutral__m3tnjedffpfhj\SugarSyncWin8.exe2 CodeIntegrity Errors: =================================== Date: 2015-04-21 01:45:21.066 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\dsound.dll because the set of per-page image hashes could not be found on the system. Date: 2015-04-21 00:04:00.536 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\dsound.dll because the set of per-page image hashes could not be found on the system. Date: 2015-04-19 16:14:39.231 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\dsound.dll because the set of per-page image hashes could not be found on the system. Date: 2015-04-18 04:01:28.017 Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2015-04-18 04:01:26.353 Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2015-04-17 16:17:05.730 Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2015-04-16 17:11:27.385 Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2015-04-16 17:11:27.220 Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2015-04-16 17:11:27.054 Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2015-04-16 17:11:26.867 Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements. ==================== Memory info =========================== Processor: Intel(R) Core(TM) i7-4700MQ CPU @ 2.40GHz Percentage of memory in use: 23% Total physical RAM: 7912.27 MB Available physical RAM: 6073.51 MB Total Pagefile: 15848.27 MB Available Pagefile: 13830.71 MB Total Virtual: 131072 MB Available Virtual: 131071.78 MB ==================== Drives ================================ Drive c: (Dysk twardy) (Fixed) (Total:883.84 GB) (Free:292.19 GB) NTFS ==>[System with boot components (obtained from reading drive)] Drive d: (Dysk twardy) (Fixed) (Total:25 GB) (Free:22.14 GB) NTFS Drive g: (USB DISK) (Removable) (Total:3.6 GB) (Free:3.6 GB) FAT32 ==================== MBR & Partition Table ================== ======================================================== Disk: 0 (Size: 931.5 GB) (Disk ID: 66CFCDEA) Partition: GPT Partition Type. ======================================================== Disk: 1 (Size: 3.6 GB) (Disk ID: 2C6B7369) No partition Table on disk 1. ==================== End Of Log ============================