Additional scan result of Farbar Recovery Scan Tool (x64) Version:05-07-2015 Ran by Andrzej at 2015-07-08 15:56:22 Running from C:\Users\User\Downloads Boot Mode: Normal ========================================================== ==================== Accounts: ============================= Administrator (S-1-5-21-4290222556-2955140376-1757130449-500 - Administrator - Disabled) Andrzej (S-1-5-21-4290222556-2955140376-1757130449-1001 - Administrator - Enabled) => C:\Users\User Gość (S-1-5-21-4290222556-2955140376-1757130449-501 - Limited - Disabled) ==================== Security Center ======================== (If an entry is included in the fixlist, it will be removed.) AV: ESET Smart Security 8.0 (Enabled - Up to date) {19259FAE-8396-A113-46DB-15B0E7DFA289} AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: ESET Smart Security 8.0 (Enabled - Up to date) {A2447E4A-A5AC-AE9D-7C6B-2EC29C58E834} FW: Zapora osobista ESET (Enabled) {211E1E8B-C9F9-A04B-6D84-BC85190CE5F2} ==================== Installed Programs ====================== (Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.) 7-Zip 9.20 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov) Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 16.0.0.245 - Adobe Systems Incorporated) Adobe Flash Player 17 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 17.0.0.188 - Adobe Systems Incorporated) Adobe Reader XI (11.0.11) - Polish (HKLM-x32\...\{AC76BA86-7AD7-1045-7B44-AB0000000001}) (Version: 11.0.11 - Adobe Systems Incorporated) Aktualizacje NVIDIA 11.10.11 (Version: 11.10.11 - NVIDIA Corporation) Hidden Canon Easy-PhotoPrint EX (HKLM-x32\...\Easy-PhotoPrint EX) (Version: - ) Canon MG5100 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MG5100_series) (Version: - Canon Inc.) Canon MP Navigator EX 4.0 (HKLM-x32\...\MP Navigator EX 4.0) (Version: - ) Canon Solution Menu EX (HKLM-x32\...\CanonSolutionMenuEX) (Version: - ) Dependency Package Update (Version: 1.6.25.00 - Lenovo Inc.) Hidden Dependency Package Update (Version: 1.6.29.00 - Lenovo Inc.) Hidden Dependency Package Update (Version: 1.6.36.00 - Lenovo Inc.) Hidden Dolby Digital Plus Home Theater (HKLM\...\{7E3D8FA1-6092-469A-955B-68FC4A2C67CA}) (Version: 7.5.1.1 - Dolby Laboratories Inc) Energy Manager (HKLM-x32\...\InstallShield_{AC768037-7079-4658-AC24-2897650E0ABE}) (Version: 1.5.0.20 - Lenovo) Energy Manager (x32 Version: 1.5.0.20 - Lenovo) Hidden ESET Smart Security (HKLM\...\{F3D78BA2-A8C6-40A3-AEBB-25D8FA49BB9A}) (Version: 8.0.312.4 - ESET, spol s r. o.) GeForce Experience NvStream Client Components (Version: 1.6.28 - NVIDIA Corporation) Hidden Google Chrome (HKLM-x32\...\Google Chrome) (Version: 43.0.2357.132 - Google Inc.) Google Update Helper (x32 Version: 1.3.27.5 - Google Inc.) Hidden Instrukcje użytkownika (x32 Version: 3.0.0.3 - Lenovo) Hidden Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.5.15.1730 - Intel Corporation) Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3540 - Intel Corporation) Intel(R) Update Manager (HKLM-x32\...\{12914061-EB9B-4AE7-AC7E-0B8A607C7DF4}) (Version: 2.3.1338 - Intel Corporation) Intel(R) Wireless Bluetooth(R) (HKLM-x32\...\{1E946C42-6954-45D4-B40F-7FBB40D354F7}) (Version: 17.1.1450.0402 - Intel Corporation) IrfanView (remove only) (HKLM-x32\...\IrfanView) (Version: 4.38 - Irfan Skiljan) Java 8 Update 40 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218040F0}) (Version: 8.0.400 - Oracle Corporation) Lenovo Dependency Package (HKLM\...\Lenovo Dependency Package_is1) (Version: 1.6.25.00 - Lenovo Group Limited) Lenovo EasyCamera (HKLM-x32\...\{E0A7ED39-8CD6-4351-93C3-69CCA00D12B4}) (Version: 6.2.9200.10279 - Realtek Semiconductor Corp.) Lenovo FusionEngine (HKLM-x32\...\Lenovo FusionEngine) (Version: 1.0.13.0 - Lenovo, Inc.) Lenovo Mobile Phone Wireless Import (HKLM-x32\...\InstallShield_{DFB2E0D6-8DDE-49A4-B8F7-03C14DACCBA6}) (Version: 1.1.1.9 - Lenovo) Lenovo Mobile Phone Wireless Import (x32 Version: 1.1.1.9 - Lenovo) Hidden Lenovo Settings (HKLM-x32\...\InstallShield_{42F8AFC3-7944-46CC-9689-94FF9869D0A7}) (Version: 1.0.0.46 - Nazwa firmy) Lenovo Settings (x32 Version: 1.0.0.46 - Nazwa firmy) Hidden Lenovo Updates (HKLM-x32\...\InstallShield_{A2E1E9F0-0B68-4166-8C7F-85B563B84DF4}) (Version: 1.3.0.6 - Lenovo) Lenovo Updates (x32 Version: 1.3.0.6 - Lenovo) Hidden Magic Transfer (HKLM\...\{AD2B2BD1-A1D7-4798-8FDD-B2A58FD94E68}) (Version: 1.1.1.11 - ) Malwarebytes Anti-Malware wersja 2.0.4.1028 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.4.1028 - Malwarebytes Corporation) Metric Collection SDK 35 (x32 Version: 1.2.0001.00 - Lenovo Group Limited) Hidden Microsoft Office 2013 dla Użytkowników Domowych i Uczniów - pl-pl (HKLM\...\HomeStudentRetail - pl-pl) (Version: 15.0.4727.1003 - Microsoft Corporation) Microsoft OneDrive (HKU\S-1-5-21-4290222556-2955140376-1757130449-1001\...\OneDriveSetup.exe) (Version: 17.3.5860.0512 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation) NVIDIA GeForce Experience 1.8.2 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 1.8.2 - NVIDIA Corporation) NVIDIA Oprogramowanie systemu PhysX 9.13.0927 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.13.0927 - NVIDIA Corporation) NVIDIA Sterownik graficzny 332.50 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 332.50 - NVIDIA Corporation) NVIDIA Virtual Audio 1.2.20 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_VirtualAudio.Driver) (Version: 1.2.20 - NVIDIA Corporation) Odkurzacz (HKLM-x32\...\Odkurzacz 13.5_is1) (Version: 13.5.0.1911 - FranmoSoftware - Maciej Opaliński) Office 15 Click-to-Run Extensibility Component (x32 Version: 15.0.4727.1003 - Microsoft Corporation) Hidden Office 15 Click-to-Run Licensing Component (Version: 15.0.4727.1003 - Microsoft Corporation) Hidden Office 15 Click-to-Run Localization Component (x32 Version: 15.0.4727.1003 - Microsoft Corporation) Hidden Onekey Theater (HKLM-x32\...\{91CC5BAE-A098-40D3-A43B-C0DC7CE263FE}) (Version: 3.0.1.2 - Lenovo) Opera 12.15 (HKLM-x32\...\Opera 12.15.1748) (Version: 12.15.1748 - Opera Software ASA) Oprogramowanie Intel® PROSet/Wireless (HKLM-x32\...\{85b9d34f-7397-4e39-8600-07942ef6ca04}) (Version: 17.0.5 - Intel Corporation) Pakiet sterowników systemu Windows - Lenovo (ACPIVPC) System (09/24/2013 19.29.2.34) (HKLM\...\EE9B1F2037C580F36D92FA431CC02BFF04C31F15) (Version: 09/24/2013 19.29.2.34 - Lenovo) Pakiet sterowników systemu Windows - Lenovo (WUDFRd) LenovoVhid (07/25/2013 10.30.0.288) (HKLM\...\6BCA401E9CBEED970D75F55FA5320F60D11984E9) (Version: 07/25/2013 10.30.0.288 - Lenovo) Panel sterowania NVIDIA 332.50 (Version: 332.50 - NVIDIA Corporation) Hidden Pokki (HKU\S-1-5-21-4290222556-2955140376-1757130449-1001\...\Pokki) (Version: 0.269.5.339 - Pokki) Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 6.2.9600.21243 - Realtek Semiconductor Corp.) Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.20.815.2013 - Realtek) Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7195 - Realtek Semiconductor Corp.) RegCure Pro (HKLM-x32\...\{C547F361-5750-4CD1-9FB6-BC93827CB6C1}) (Version: 3.2.16.0 - ParetoLogic, Inc.) <==== ATTENTION! Revo Uninstaller 1.95 (HKLM-x32\...\Revo Uninstaller) (Version: 1.95 - VS Revo Group) SHIELD Streaming (Version: 1.7.306 - NVIDIA Corporation) Hidden Skype™ 7.6 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.6.105 - Skype Technologies S.A.) Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 17.0.14.81 - Synaptics Incorporated) TeamViewer 10 (HKLM-x32\...\TeamViewer) (Version: 10.0.36897 - TeamViewer) User Manuals (HKLM-x32\...\InstallShield_{F07C2CF8-4C53-4EC3-8162-A6221E36EB88}) (Version: 3.0.0.3 - Lenovo) VLC media player (HKLM-x32\...\VLC media player) (Version: 2.1.5 - VideoLAN) ==================== Custom CLSID (Whitelisted): ========================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) CustomCLSID: HKU\S-1-5-21-4290222556-2955140376-1757130449-1001_Classes\CLSID\{820D63D5-8CFF-46DE-86AF-4997DEDD6DB5}\localserver32 -> C:\WINDOWS\system32\igfxEM.exe (Intel Corporation) CustomCLSID: HKU\S-1-5-21-4290222556-2955140376-1757130449-1001_Classes\CLSID\{C3BC25C0-FCD3-4F01-AFDD-41373F017C9A}\InprocServer32 -> C:\Users\User\AppData\Local\Google\Update\1.3.26.9\psuser_64.dll No File CustomCLSID: HKU\S-1-5-21-4290222556-2955140376-1757130449-1001_Classes\CLSID\{D0336C0B-7919-4C04-8CCE-2EBAE2ECE8C9}\InprocServer32 -> C:\Users\User\AppData\Local\Google\Update\1.3.25.11\psuser_64.dll No File CustomCLSID: HKU\S-1-5-21-4290222556-2955140376-1757130449-1001_Classes\CLSID\{F8071786-1FD0-4A66-81A1-3CBE29274458}\InprocServer32 -> C:\Users\User\AppData\Local\Microsoft\OneDrive\17.3.5860.0512\amd64\FileSyncApi64.dll (Microsoft Corporation) ==================== Restore Points ========================= 12-06-2015 06:45:55 Windows Update 24-06-2015 08:38:57 Windows Update 01-07-2015 07:01:06 Skonfigurowane Lenovo Updates 07-07-2015 10:13:52 Punkt przywracania stworzony przez HitmanPro 08-07-2015 15:50:57 RegCure Pro Restore Point ==================== Hosts content: =============================== (If needed Hosts: directive could be included in the fixlist to reset Hosts.) 2013-08-22 15:25 - 2013-08-22 15:25 - 00000824 ____A C:\WINDOWS\system32\Drivers\etc\hosts ==================== Scheduled Tasks (Whitelisted) ============= (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) Task: {1515EBD6-9865-473C-B472-FC888D58091E} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473 => C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [2014-02-28] () Task: {22C0698E-23C2-4496-8DEE-B5D2066522A4} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-07-07] (Google Inc.) Task: {2C853A41-0B16-469E-9413-9E8383076419} - System32\Tasks\RegCure Pro_sch_FD93BBE9-24C3-11E5-8279-303A64D732A9 => C:\Program Files (x86)\ParetoLogic\RegCure Pro\RegCurePro.exe [2015-05-21] (ParetoLogic, Inc.) <==== ATTENTION Task: {35DD70EE-3765-49A8-AC8F-699A6713473B} - System32\Tasks\ParetoLogic Update Version3 => c:\program files (x86)\common files\paretologic\uus3\Pareto_Update3.exe [2015-05-21] () Task: {36776DFD-A58D-4D33-BBBE-2C42844EFB77} - System32\Tasks\{797B425F-34D7-4489-A552-3E99A48ECFE3} => Chrome.exe http://ui.skype.com/ui/0/6.21.0.104/pl/abandoninstall?source=lightinstaller&page=tsMain Task: {3C984E85-C7D3-4F30-B9C7-2F24C7BFF4E3} - System32\Tasks\Odkurzacz => C:\Program Files (x86)\Odkurzacz\odkurzacz.exe [2015-03-13] (FranmoSoftware) Task: {478820A7-5CA2-4BE3-A349-983BF2F7C666} - System32\Tasks\Microsoft OneDrive Auto Update Task-S-1-5-21-4290222556-2955140376-1757130449-1001 => %localappdata%\Microsoft\OneDrive\OneDrive.exe Task: {607BDC09-05A7-4FCF-BC33-0E866A74C6DC} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2015-06-24] (Microsoft Corporation) Task: {6A9C8536-11E8-4F7D-99B7-6CF4DB4FCF23} - System32\Tasks\ParetoLogic Registration3 => Rundll32.exe "C:\Program Files (x86)\Common Files\ParetoLogic\UUS3\UUS3.dll" RunUns Task: {6E75474D-86D8-4B16-A3FB-5301EA8C2AB5} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473-Logon => C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [2014-02-28] () Task: {7BF3540A-D479-4BA1-9654-3036FE2E18C8} - System32\Tasks\Microsoft Office 15 Sync Maintenance for LENOVO-PC-Andrzej Lenovo-PC => C:\Program Files\Microsoft Office 15\Root\Office15\MsoSync.exe [2015-07-07] (Microsoft Corporation) Task: {89BC284D-F096-4020-AD52-BB84BD2CD574} - System32\Tasks\ParetoLogic Update Version3_triggeronce => c:\program files (x86)\common files\paretologic\uus3\Pareto_Update3.exe [2015-05-21] () Task: {970F639F-3ED0-410C-BE3F-FF88D74F9985} - System32\Tasks\DolbySelectorTask => C:\Program Files\Dolby Digital Plus\ddp.exe Task: {9FF6E86C-7A08-4B0E-AD53-6CE53513D63B} - System32\Tasks\RegCure Pro Startup => C:\Program Files (x86)\ParetoLogic\RegCure Pro\RegCurePro.exe [2015-05-21] (ParetoLogic, Inc.) Task: {A44A1624-C719-4A46-8833-AA65471469C9} - System32\Tasks\Microsoft\Windows\SystemRestore\SR => C:\Windows\system32\srtasks.exe [2014-10-29] () Task: {A4640296-24E9-4C0C-B561-A9FB55D19EA6} - System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxconfig => C:\Windows\system32\GWX\GWXConfigManager.exe [2015-05-06] () Task: {A9CC4152-BA23-416D-B090-29D9463DA77D} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2015-05-19] (Microsoft Corporation) Task: {B5D9945E-54FC-467C-A90A-1CC7B816579B} - System32\Tasks\Synaptics TouchPad Enhancements => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2014-03-07] (Synaptics Incorporated) Task: {BAF8BD66-EA1A-461D-8321-7D42FEF5A0E3} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-06-02] (Adobe Systems Incorporated) Task: {BDD57CD1-76ED-4740-9991-9FD356D4FA67} - System32\Tasks\{27DD346F-0595-49A6-A886-C9276CFCAD77} => Chrome.exe http://ui.skype.com/ui/0/6.21.0.104/pl/abandoninstall?source=lightinstaller&page=tsMain Task: {C06B5713-9815-4D32-9B37-66E9AF03913C} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-07-07] (Google Inc.) Task: {C9D263EC-EDDD-4CAE-9448-E64E9DA298DB} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2015-05-19] (Microsoft Corporation) Task: {F2F0ED45-DD8F-4791-A11F-85CB19481F44} - System32\Tasks\Lenovo\Lenovo Customer Feedback Program 64 35 => C:\Program Files (x86)\Lenovo\Customer Feedback Program 35\Lenovo.TVT.CustomerFeedback.Agent35.exe [2014-05-30] (Lenovo) Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: C:\WINDOWS\Tasks\ParetoLogic Registration3.job => C:\WINDOWS\system32\rundll32.exeGC:\Program Files (x86)\Common Files\ParetoLogic\UUS3\UUS3.dll Task: C:\WINDOWS\Tasks\ParetoLogic Update Version3.job => c:\program files (x86)\common files\paretologic\uus3\Pareto_Update3.exe Task: C:\WINDOWS\Tasks\ParetoLogic Update Version3_triggeronce.job => c:\program files (x86)\common files\paretologic\uus3\Pareto_Update3.exe Task: C:\WINDOWS\Tasks\RegCure Pro Startup.job => C:\Program Files (x86)\ParetoLogic\RegCure Pro\RegCurePro.exe C:\Program Files (x86)\ParetoLogic\RegCure Pro\RegCurePro.exe Task: C:\WINDOWS\Tasks\RegCure Pro_sch_FD93BBE9-24C3-11E5-8279-303A64D732A9.job => C:\Program Files (x86)\ParetoLogic\RegCure Pro\RegCurePro.exe <==== ATTENTION ==================== Loaded Modules (Whitelisted) ============== 2015-07-07 17:27 - 2014-05-20 09:19 - 00105640 _____ () C:\Program Files\Microsoft Office 15\ClientX64\ApiClient.dll 2014-09-05 11:57 - 2014-01-24 08:27 - 00117536 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll 2014-06-17 07:47 - 2014-04-16 10:28 - 00080312 _____ () C:\WINDOWS\system32\igfxexps.dll 2014-03-26 12:50 - 2014-09-05 12:55 - 00058864 _____ () C:\Program Files (x86)\Lenovo\Energy Manager\kbdhook.dll 2014-09-05 12:06 - 2013-10-01 11:09 - 00078880 _____ () C:\Program Files\Realtek\Audio\HDA\FMAPP.exe 2015-07-08 07:20 - 2015-07-07 06:12 - 01670472 _____ () C:\Program Files (x86)\Google\Chrome\Application\43.0.2357.132\libglesv2.dll 2015-07-08 07:20 - 2015-07-07 06:12 - 00093000 _____ () C:\Program Files (x86)\Google\Chrome\Application\43.0.2357.132\libegl.dll ==================== Alternate Data Streams (Whitelisted) ========= (If an entry is included in the fixlist, only the ADS will be removed.) AlternateDataStreams: C:\Users\User\OneDrive:ms-properties ==================== Safe Mode (Whitelisted) =================== (If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.) HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => ""="" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => ""="" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\VDWFP => ""="Driver" ==================== EXE Association (Whitelisted) =============== (If an entry is included in the fixlist, the registry item will be restored to default or removed.) ==================== Internet Explorer trusted/restricted =============== (If an entry is included in the fixlist, it will be removed from the registry.) ==================== Other Areas ============================ (Currently there is no automatic fix for this section.) HKU\S-1-5-21-4290222556-2955140376-1757130449-1001\Control Panel\Desktop\\Wallpaper -> DNS Servers: 192.168.10.1 - 10.0.0.4 ==================== MSCONFIG/TASK MANAGER disabled items == (Currently there is no automatic fix for this section.) MSCONFIG\Services: AdobeARMservice => 3 HKLM\...\StartupApproved\Run: => "RtHDVBg_LENOVO_MICPKEY" HKLM\...\StartupApproved\Run: => "RtHDVBg_LENOVO_DOLBYDRAGON" ==================== FirewallRules (Whitelisted) =============== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139 FirewallRules: [{05E74CE3-D2F3-4B38-B6C9-E3929B7D4489}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe FirewallRules: [{55EAC84D-4E24-4B8B-B94E-96D7F6722ADC}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe FirewallRules: [{A412B461-2063-4797-B0A8-60D8EEA122C2}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe FirewallRules: [{82124555-B5A7-4A9D-9384-D011D30032F7}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe FirewallRules: [{4FD3BE4F-0163-4F4A-807C-EBD99A639173}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe FirewallRules: [{D3387E50-E194-4972-B2AE-7C74D6CCBAE0}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe FirewallRules: [{8B11F9EB-3141-43FC-8985-B329530E4BBB}] => (Allow) C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe FirewallRules: [{DEC9ABCF-3D55-4F6C-8062-66429C889676}] => (Allow) LPort=55100 FirewallRules: [{6FE6FECC-BB93-4CDB-BBEE-5717D1397401}] => (Allow) C:\Program Files\Lenovo PhotoMasterImport\PhotoMasterImport.exe FirewallRules: [{1693388D-DF5B-4976-BBCF-F333A5EACE1F}] => (Allow) C:\Users\User\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe FirewallRules: [{46ED9257-05B3-47CC-BF17-0B5123CD0AB9}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe FirewallRules: [{FF433E6F-FFBD-4B3A-85FA-3449CF8CA30E}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe FirewallRules: [{EBC5E4B8-FBED-4A9E-B9C9-DDD6EAB9D3C6}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe FirewallRules: [{5E0DEE14-737C-44D4-B32E-3DE443EDED97}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe FirewallRules: [{0326E9DB-9BEB-49CE-B0E2-0327A1998297}] => (Allow) C:\Program Files (x86)\Opera\opera.exe FirewallRules: [{AABD81EC-AD8C-4961-848A-2E869BB1E2E1}] => (Allow) C:\Program Files (x86)\Opera\opera.exe FirewallRules: [{FA903E82-6EC4-47F5-B498-D9AB96BD6943}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe FirewallRules: [{1E1C68ED-0F64-4192-BA1E-B8E74A06A170}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe FirewallRules: [{1B91290C-8D3F-42E7-B8B7-0DE59945E8E5}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe FirewallRules: [{FB1ABDF2-0947-4B56-B9D6-97104403FFB4}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe FirewallRules: [{18888F50-C795-40BA-BF56-D2991B9BC8FE}] => (Allow) C:\Users\User\AppData\Local\Microsoft\OneDrive\OneDrive.exe FirewallRules: [{BDAE035C-6B4F-4CE1-B12F-8842C311671E}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe ==================== Faulty Device Manager Devices ============= ==================== Event log errors: ========================= Application errors: ================== Error: (07/08/2015 03:52:09 PM) (Source: Application Hang) (EventID: 1002) (User: ) Description: Program odkurzacz.exe w wersji 13.5.4.1971 przestał współpracować z systemem Windows i został zamknięty. Aby sprawdzić, czy jest dostępnych więcej informacji na temat tego problemu, sprawdź historię problemu w aplecie Centrum akcji w Panelu sterowania. Identyfikator procesu: 18a0 Godzina rozpoczęcia: 01d0b984123d2402 Godzina zakończenia: 12 Ścieżka aplikacji: C:\Program Files (x86)\Odkurzacz\odkurzacz.exe Identyfikator raportu: 820e3c07-2578-11e5-8279-303a64d732a9 Pełna nazwa pakietu powodującego błąd: Identyfikator aplikacji względem pakietu powodującego błąd: Error: (07/08/2015 03:52:07 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Nazwa aplikacji powodującej błąd: schtasks.exe, wersja: 6.3.9600.17415, sygnatura czasowa: 0x545042a3 Nazwa modułu powodującego błąd: ntdll.dll, wersja: 6.3.9600.17736, sygnatura czasowa: 0x550f42c2 Kod wyjątku: 0xc0000020 Przesunięcie błędu: 0x0009d4f2 Identyfikator procesu powodującego błąd: 0x1774 Godzina uruchomienia aplikacji powodującej błąd: 0xschtasks.exe0 Ścieżka aplikacji powodującej błąd: schtasks.exe1 Ścieżka modułu powodującego błąd: schtasks.exe2 Identyfikator raportu: schtasks.exe3 Pełna nazwa pakietu powodującego błąd: schtasks.exe4 Identyfikator aplikacji względem pakietu powodującego błąd: schtasks.exe5 Error: (07/08/2015 03:44:37 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Nazwa aplikacji powodującej błąd: schtasks.exe, wersja: 6.3.9600.17415, sygnatura czasowa: 0x545042a3 Nazwa modułu powodującego błąd: ntdll.dll, wersja: 6.3.9600.17736, sygnatura czasowa: 0x550f42c2 Kod wyjątku: 0xc0000020 Przesunięcie błędu: 0x0009d4f2 Identyfikator procesu powodującego błąd: 0xdc0 Godzina uruchomienia aplikacji powodującej błąd: 0xschtasks.exe0 Ścieżka aplikacji powodującej błąd: schtasks.exe1 Ścieżka modułu powodującego błąd: schtasks.exe2 Identyfikator raportu: schtasks.exe3 Pełna nazwa pakietu powodującego błąd: schtasks.exe4 Identyfikator aplikacji względem pakietu powodującego błąd: schtasks.exe5 Error: (07/08/2015 03:44:25 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Nazwa aplikacji powodującej błąd: schtasks.exe, wersja: 6.3.9600.17415, sygnatura czasowa: 0x545042a3 Nazwa modułu powodującego błąd: ntdll.dll, wersja: 6.3.9600.17736, sygnatura czasowa: 0x550f42c2 Kod wyjątku: 0xc0000020 Przesunięcie błędu: 0x0009d4f2 Identyfikator procesu powodującego błąd: 0xd94 Godzina uruchomienia aplikacji powodującej błąd: 0xschtasks.exe0 Ścieżka aplikacji powodującej błąd: schtasks.exe1 Ścieżka modułu powodującego błąd: schtasks.exe2 Identyfikator raportu: schtasks.exe3 Pełna nazwa pakietu powodującego błąd: schtasks.exe4 Identyfikator aplikacji względem pakietu powodującego błąd: schtasks.exe5 Error: (07/08/2015 03:44:18 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Nazwa aplikacji powodującej błąd: schtasks.exe, wersja: 6.3.9600.17415, sygnatura czasowa: 0x545042a3 Nazwa modułu powodującego błąd: ntdll.dll, wersja: 6.3.9600.17736, sygnatura czasowa: 0x550f42c2 Kod wyjątku: 0xc0000020 Przesunięcie błędu: 0x0009d4f2 Identyfikator procesu powodującego błąd: 0x14d4 Godzina uruchomienia aplikacji powodującej błąd: 0xschtasks.exe0 Ścieżka aplikacji powodującej błąd: schtasks.exe1 Ścieżka modułu powodującego błąd: schtasks.exe2 Identyfikator raportu: schtasks.exe3 Pełna nazwa pakietu powodującego błąd: schtasks.exe4 Identyfikator aplikacji względem pakietu powodującego błąd: schtasks.exe5 Error: (07/08/2015 03:44:05 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Nazwa aplikacji powodującej błąd: schtasks.exe, wersja: 6.3.9600.17415, sygnatura czasowa: 0x545042a3 Nazwa modułu powodującego błąd: ntdll.dll, wersja: 6.3.9600.17736, sygnatura czasowa: 0x550f42c2 Kod wyjątku: 0xc0000020 Przesunięcie błędu: 0x0009d4f2 Identyfikator procesu powodującego błąd: 0x1980 Godzina uruchomienia aplikacji powodującej błąd: 0xschtasks.exe0 Ścieżka aplikacji powodującej błąd: schtasks.exe1 Ścieżka modułu powodującego błąd: schtasks.exe2 Identyfikator raportu: schtasks.exe3 Pełna nazwa pakietu powodującego błąd: schtasks.exe4 Identyfikator aplikacji względem pakietu powodującego błąd: schtasks.exe5 Error: (07/08/2015 03:39:23 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: LENOVO-PC) Description: Aktywacja aplikacji windows.immersivecontrolpanel_cw5n1h2txyewy!microsoft.windows.immersivecontrolpanel nie powiodła się. Błąd: -2144927141. Więcej informacji można znaleźć w dzienniku Microsoft-Windows-TWinUI/Działa. Error: (07/08/2015 03:27:50 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: LENOVO-PC) Description: Aktywacja aplikacji windows.immersivecontrolpanel_cw5n1h2txyewy!microsoft.windows.immersivecontrolpanel nie powiodła się. Błąd: -2144927141. Więcej informacji można znaleźć w dzienniku Microsoft-Windows-TWinUI/Działa. Error: (07/08/2015 03:26:59 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: LENOVO-PC) Description: Aktywacja aplikacji windows.immersivecontrolpanel_cw5n1h2txyewy!microsoft.windows.immersivecontrolpanel nie powiodła się. Błąd: -2144927141. Więcej informacji można znaleźć w dzienniku Microsoft-Windows-TWinUI/Działa. Error: (07/08/2015 03:26:51 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: LENOVO-PC) Description: Aktywacja aplikacji windows.immersivecontrolpanel_cw5n1h2txyewy!microsoft.windows.immersivecontrolpanel nie powiodła się. Błąd: -2144927141. Więcej informacji można znaleźć w dzienniku Microsoft-Windows-TWinUI/Działa. System errors: ============= Error: (07/08/2015 03:42:21 PM) (Source: DCOM) (EventID: 10010) (User: LENOVO-PC) Description: {1B1F472E-3221-4826-97DB-2C2324D389AE} Error: (07/08/2015 03:39:23 PM) (Source: DCOM) (EventID: 10010) (User: LENOVO-PC) Description: microsoft.windows.immersivecontrolpanel Error: (07/08/2015 03:27:50 PM) (Source: DCOM) (EventID: 10010) (User: LENOVO-PC) Description: microsoft.windows.immersivecontrolpanel Error: (07/08/2015 03:26:59 PM) (Source: DCOM) (EventID: 10010) (User: LENOVO-PC) Description: microsoft.windows.immersivecontrolpanel Error: (07/08/2015 03:26:51 PM) (Source: DCOM) (EventID: 10010) (User: LENOVO-PC) Description: microsoft.windows.immersivecontrolpanel Error: (07/08/2015 03:12:21 PM) (Source: DCOM) (EventID: 10010) (User: LENOVO-PC) Description: {1B1F472E-3221-4826-97DB-2C2324D389AE} Error: (07/08/2015 06:48:25 AM) (Source: DCOM) (EventID: 10010) (User: LENOVO-PC) Description: {1B1F472E-3221-4826-97DB-2C2324D389AE} Error: (07/07/2015 06:47:06 PM) (Source: NetBT) (EventID: 4321) (User: ) Description: Nie można zarejestrować nazwy „WORKGROUP :1d” w interfejsie o adresie IP 192.168.1.103. Komputer o adresie IP 192.168.1.101 nie zezwolił na przejęcie tej nazwy przez ten komputer. Error: (07/07/2015 06:31:27 PM) (Source: Tcpip) (EventID: 4199) (User: ) Description: System wykrył konflikt adresów między adresem IP 192.168.1.100 a komputerem o sieciowym adresie sprzętowym 50-2D-1D-6F-12-CF. W rezultacie mogą być zakłócone operacje sieciowe na tym komputerze. Error: (07/07/2015 05:22:10 PM) (Source: DCOM) (EventID: 10010) (User: LENOVO-PC) Description: {1B1F472E-3221-4826-97DB-2C2324D389AE} Microsoft Office: ========================= Error: (07/08/2015 03:52:09 PM) (Source: Application Hang) (EventID: 1002) (User: ) Description: odkurzacz.exe13.5.4.197118a001d0b984123d240212C:\Program Files (x86)\Odkurzacz\odkurzacz.exe820e3c07-2578-11e5-8279-303a64d732a9 Error: (07/08/2015 03:52:07 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: schtasks.exe6.3.9600.17415545042a3ntdll.dll6.3.9600.17736550f42c2c00000200009d4f2177401d0b984b9dd02ebC:\WINDOWS\SysWOW64\schtasks.exeC:\WINDOWS\SYSTEM32\ntdll.dll85748f47-2578-11e5-8279-303a64d732a9 Error: (07/08/2015 03:44:37 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: schtasks.exe6.3.9600.17415545042a3ntdll.dll6.3.9600.17736550f42c2c00000200009d4f2dc001d0b9843751fd3fC:\WINDOWS\SysWOW64\schtasks.exeC:\WINDOWS\SYSTEM32\ntdll.dll78e37ac7-2577-11e5-8279-303a64d732a9 Error: (07/08/2015 03:44:25 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: schtasks.exe6.3.9600.17415545042a3ntdll.dll6.3.9600.17736550f42c2c00000200009d4f2d9401d0b98432575680C:\WINDOWS\SysWOW64\schtasks.exeC:\WINDOWS\SYSTEM32\ntdll.dll71a4f006-2577-11e5-8279-303a64d732a9 Error: (07/08/2015 03:44:18 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: schtasks.exe6.3.9600.17415545042a3ntdll.dll6.3.9600.17736550f42c2c00000200009d4f214d401d0b9842ed51aa6C:\WINDOWS\SysWOW64\schtasks.exeC:\WINDOWS\SYSTEM32\ntdll.dll6d6b9f43-2577-11e5-8279-303a64d732a9 Error: (07/08/2015 03:44:05 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: schtasks.exe6.3.9600.17415545042a3ntdll.dll6.3.9600.17736550f42c2c00000200009d4f2198001d0b98413943979C:\WINDOWS\SysWOW64\schtasks.exeC:\WINDOWS\SYSTEM32\ntdll.dll65ef4064-2577-11e5-8279-303a64d732a9 Error: (07/08/2015 03:39:23 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: LENOVO-PC) Description: windows.immersivecontrolpanel_cw5n1h2txyewy!microsoft.windows.immersivecontrolpanel-2144927141 Error: (07/08/2015 03:27:50 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: LENOVO-PC) Description: windows.immersivecontrolpanel_cw5n1h2txyewy!microsoft.windows.immersivecontrolpanel-2144927141 Error: (07/08/2015 03:26:59 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: LENOVO-PC) Description: windows.immersivecontrolpanel_cw5n1h2txyewy!microsoft.windows.immersivecontrolpanel-2144927141 Error: (07/08/2015 03:26:51 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: LENOVO-PC) Description: windows.immersivecontrolpanel_cw5n1h2txyewy!microsoft.windows.immersivecontrolpanel-2144927141 CodeIntegrity Errors: =================================== Date: 2015-07-07 16:22:56.317 Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Windows\SysWOW64\backgroundTaskHost.exe) attempted to load \Device\HarddiskVolume5\Program Files\WindowsApps\E046963F.LenovoCompanion_2.2.16.0_x86__k1h2ywk1493x8\Lenovo_Components_MetricCollection.winmd that did not meet the Store signing level requirements. Date: 2015-07-07 16:22:56.253 Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Windows\SysWOW64\backgroundTaskHost.exe) attempted to load \Device\HarddiskVolume5\Program Files\WindowsApps\E046963F.LenovoCompanion_2.2.16.0_x86__k1h2ywk1493x8\BackgroundTasks_Notifications.winmd that did not meet the Store signing level requirements. ==================== Memory info =========================== Processor: Intel(R) Core(TM) i7-4710HQ CPU @ 2.50GHz Percentage of memory in use: 30% Total physical RAM: 8104.27 MB Available physical RAM: 5655.42 MB Total Virtual: 16296.27 MB Available Virtual: 13695.49 MB ==================== Drives ================================ Drive c: (Windows8_OS) (Fixed) (Total:889.12 GB) (Free:840.11 GB) NTFS ==>[System with boot components (obtained from reading drive)] Drive d: (LENOVO) (Fixed) (Total:25 GB) (Free:22.18 GB) NTFS ==================== MBR & Partition Table ================== ======================================================== Disk: 0 (Size: 931.5 GB) (Disk ID: 0FCA4718) Partition: GPT Partition Type. ==================== End of log ============================