Additional scan result of Farbar Recovery Scan Tool (x64) Version: 14-05-2015 01 Ran by Lenovo at 2015-05-14 12:57:13 Running from C:\Users\Lenovo\Desktop Boot Mode: Normal ========================================================== ==================== Accounts: ============================= Administrator (S-1-5-21-1539644446-1167898952-243856634-500 - Administrator - Disabled) Gość (S-1-5-21-1539644446-1167898952-243856634-501 - Limited - Disabled) HomeGroupUser$ (S-1-5-21-1539644446-1167898952-243856634-1003 - Limited - Enabled) Lenovo (S-1-5-21-1539644446-1167898952-243856634-1001 - Administrator - Enabled) => C:\Users\Lenovo ==================== Security Center ======================== (If an entry is included in the fixlist, it will be removed.) AV: Avira Antivirus (Enabled - Up to date) {4D041356-F94D-285F-8768-AAE50FA36859} AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: Avira Antivirus (Enabled - Up to date) {F665F2B2-DF77-27D1-BDD8-9197742422E4} AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} ==================== Installed Programs ====================== (Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.) 64 Bit HP CIO Components Installer (Version: 13.2.1 - Hewlett-Packard) Hidden Adobe Photoshop CS6 (HKLM-x32\...\{74EB3499-8B95-4B5C-96EB-7B342F3FD0C6}) (Version: 13.0 - Adobe Systems Incorporated) Aktualizacje NVIDIA 11.10.11 (Version: 11.10.11 - NVIDIA Corporation) Hidden Alcor Micro USB Card Reader (HKLM-x32\...\AmUStor) (Version: 20.2.1245.53580 - Alcor Micro Corp.) Alcor Micro USB Card Reader (x32 Version: 20.2.1245.53580 - Alcor Micro Corp.) Hidden Audacity 2.1.0 (HKLM-x32\...\Audacity_is1) (Version: 2.1.0 - Audacity Team) Avira (HKLM-x32\...\{b5675cc4-ab8b-4945-8c1d-4c5479556d6a}) (Version: 1.1.34.19732 - Avira Operations GmbH & Co. KG) Avira (x32 Version: 1.1.34.19732 - Avira Operations GmbH & Co. KG) Hidden Avira Antivirus (HKLM-x32\...\Avira Antivirus) (Version: 15.0.10.434 - Avira Operations GmbH & Co. KG) BitComet 1.38 64-bit (HKLM-x32\...\BitComet_x64) (Version: 1.38 - CometNetwork) BurnAware Free 8.1 (HKLM-x32\...\BurnAware Free_is1) (Version: - Burnaware) CyberLink MediaStory (HKLM-x32\...\InstallShield_{55762F9A-FCE3-45d5-817B-051218658423}) (Version: 1.0.1314 - CyberLink Corp.) CyberLink PhotoDirector 3 (HKLM-x32\...\InstallShield_{39337565-330E-4ab6-A9AE-AC81E0720B10}) (Version: 3.0.1.4107 - CyberLink Corp.) CyberLink PowerDirector 10 (HKLM-x32\...\InstallShield_{B0B4F6D2-F2AE-451A-9496-6F2F6A897B32}) (Version: 10.0.0.2810 - CyberLink Corp.) CyberLink PowerDirector 10 (Version: 10.0.0.2810 - Nazwa firmy) Hidden Dolby Digital Plus Home Theater (HKLM\...\{7E3D8FA1-6092-469A-955B-68FC4A2C67CA}) (Version: 7.3.2.2 - Dolby Laboratories Inc) Dropbox (HKU\S-1-5-21-1539644446-1167898952-243856634-1001\...\Dropbox) (Version: 3.4.6 - Dropbox, Inc.) Dropbox (HKU\S-1-5-21-1539644446-1167898952-243856634-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Dropbox) (Version: 3.4.6 - Dropbox, Inc.) Energy Manager (HKLM-x32\...\InstallShield_{AC768037-7079-4658-AC24-2897650E0ABE}) (Version: 1.0.0.35 - Lenovo) Energy Manager (x32 Version: 1.0.0.35 - Lenovo) Hidden FileZilla Client 3.10.3 (HKLM-x32\...\FileZilla Client) (Version: 3.10.3 - Tim Kosse) GeForce Experience NvStream Client Components (Version: 1.6.28 - NVIDIA Corporation) Hidden Google Chrome (HKLM-x32\...\Google Chrome) (Version: 42.0.2311.135 - Google Inc.) Google Update Helper (x32 Version: 1.3.26.9 - Google Inc.) Hidden IDT Audio (HKLM-x32\...\{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}) (Version: 1.0.6490.0 - IDT) Instrukcje użytkownika (x32 Version: 3.0.0.3 - Lenovo) Hidden Intel Collaborative Processor Performance Control (HKLM-x32\...\0E7DAF70-FB54-4B91-B192-7E771C25AEEB) (Version: 1.0.0.1013 - Intel Corporation) Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.5.14.1724 - Intel Corporation) Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3316 - Intel Corporation) Intel(R) PROSet/Wireless Software for Bluetooth(R) Technology(patch version 3.0.1337.1) (HKLM\...\{302600C1-6BDF-4FD1-1307-148929CC1385}) (Version: 3.1.1307.0362 - Intel Corporation) Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 12.8.5.1000 - Intel Corporation) IrfanView (remove only) (HKLM-x32\...\IrfanView) (Version: 4.38 - Irfan Skiljan) Java 8 Update 45 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218045F0}) (Version: 8.0.450 - Oracle Corporation) KeePass Password Safe 2.29 (HKLM-x32\...\KeePassPasswordSafe2_is1) (Version: 2.29 - Dominik Reichl) Lenovo EasyCamera (HKLM-x32\...\{ADE16A9D-FBDC-4ecc-B6BD-9C31E51D0332}) (Version: 3.13.829.1 - Vimicro) Lenovo Experience Improvement (HKLM\...\LenovoExperienceImprovement) (Version: 1.0.4.0 - Lenovo) Lenovo OneKey Recovery (HKLM-x32\...\InstallShield_{46F4D124-20E5-4D12-BE52-EC177A7A4B42}) (Version: 8.0.0.2105 - CyberLink Corp.) Lenovo OneKey Recovery (Version: 8.0.0.2105 - CyberLink Corp.) Hidden Lenovo pointing device (HKLM\...\Elantech) (Version: 11.4.25.1 - ELAN Microelectronic Corp.) Lenovo PowerDVD10 (HKLM-x32\...\InstallShield_{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}) (Version: 10.0.5630.52 - CyberLink Corp.) Lenovo PowerDVD10 (x32 Version: 10.0.5630.52 - CyberLink Corp.) Hidden Lenovo VeriFace (HKLM\...\Lenovo VeriFace) (Version: 5.0.13.5261 - Lenovo) Lenovo Web Start (HKU\S-1-5-21-1539644446-1167898952-243856634-1001\...\Pokki_04bb6df446330549a2cb8d67fbd1a745025b7bd1) (Version: 1.0.2.53457 - Pokki) Lenovo Web Start (HKU\S-1-5-21-1539644446-1167898952-243856634-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Pokki_04bb6df446330549a2cb8d67fbd1a745025b7bd1) (Version: 1.0.2.53457 - Pokki) Malwarebytes Anti-Malware wersja 2.1.6.1022 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.1.6.1022 - Malwarebytes Corporation) Microsoft Office Professional Plus 2013 (HKLM\...\Office15.PROPLUS) (Version: 15.0.4569.1506 - Microsoft Corporation) Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation) Mozilla Firefox 37.0.2 (x86 pl) (HKLM-x32\...\Mozilla Firefox 37.0.2 (x86 pl)) (Version: 37.0.2 - Mozilla) Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 37.0.2 - Mozilla) Narzędzia sprawdzające pakietu Microsoft Office 2013 — polski (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden NVIDIA GeForce Experience 1.8.2 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 1.8.2 - NVIDIA Corporation) NVIDIA Oprogramowanie systemu PhysX 9.13.0927 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.13.0927 - NVIDIA Corporation) NVIDIA Sterownik graficzny 333.04 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 333.04 - NVIDIA Corporation) NVIDIA Virtual Audio 1.2.20 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_VirtualAudio.Driver) (Version: 1.2.20 - NVIDIA Corporation) Onekey Theater (HKLM-x32\...\{91CC5BAE-A098-40D3-A43B-C0DC7CE263FE}) (Version: 3.0.1.2 - Lenovo) Oprogramowanie Intel® PROSet/Wireless (HKLM-x32\...\{eff1d9d1-41fa-49ef-a986-082bfe49c293}) (Version: 16.8.0 - Intel Corporation) Pakiet sterowników systemu Windows - Lenovo (ACPIVPC) System (02/17/2013 9.52.0.776) (HKLM\...\35DD26BE48DAF4A9F35F969F3CB1E3E1435E661E) (Version: 02/17/2013 9.52.0.776 - Lenovo) Pakiet sterowników systemu Windows - Lenovo (WUDFRd) LenovoVhid (07/25/2013 10.30.0.288) (HKLM\...\6BCA401E9CBEED970D75F55FA5320F60D11984E9) (Version: 07/25/2013 10.30.0.288 - Lenovo) Panel sterowania NVIDIA 333.04 (Version: 333.04 - NVIDIA Corporation) Hidden PDF Settings CS6 (x32 Version: 11.0 - Adobe Systems Incorporated) Hidden Polski pakiet językowy dla narzędzi Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - PLK) (Version: 10.0.50903 - Microsoft Corporation) Power2Go (HKLM-x32\...\{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 5.6.0.10525 - CyberLink Corp.) Qualcomm Atheros Inc.(R) AR81Family Gigabit/Fast Ethernet Driver (HKLM-x32\...\{3108C217-BE83-42E4-AE9E-A56A2A92E549}) (Version: 2.1.0.21 - Qualcomm Atheros Inc.) Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{D82063A8-7C8C-4C3B-A9BB-95138CA55D26}) (Version: - Microsoft) Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (Version: - Microsoft) Hidden SHIELD Streaming (Version: 1.7.306 - NVIDIA Corporation) Hidden SmartFTP Client (HKLM\...\{FE268E33-9710-4355-A86F-4D51AC1D6D22}) (Version: 6.0.2138.0 - SmartSoft Ltd.) Tux Paint 0.9.22 (HKLM-x32\...\Tux Paint_is1) (Version: - New Breed Software) Tux Paint Stamps 2014-08-23 (HKLM-x32\...\Tux Paint Stamps_is1) (Version: - New Breed Software) Ubiquiti UniFi (remove only) (HKLM-x32\...\Ubiquiti UniFi) (Version: - ) UltraISO Premium V9.62 (HKLM-x32\...\UltraISO_is1) (Version: - ) Update for Skype for Business 2015 (KB2889853) 64-Bit Edition (HKLM\...\{90150000-012B-0415-1000-0000000FF1CE}_Office15.PROPLUS_{CF394926-359E-48E1-AA25-E56B32FCB335}) (Version: - Microsoft) User Manuals (HKLM-x32\...\InstallShield_{F07C2CF8-4C53-4EC3-8162-A6221E36EB88}) (Version: 3.0.0.3 - Lenovo) WinRAR 5.20 (64-bitowy) (HKLM\...\WinRAR archiver) (Version: 5.20.0 - win.rar GmbH) ==================== Custom CLSID (selected items): ========================== (If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.) CustomCLSID: HKU\S-1-5-21-1539644446-1167898952-243856634-1001_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Lenovo\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-1539644446-1167898952-243856634-1001_Classes\CLSID\{ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C}\InprocServer32 -> C:\Users\Lenovo\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-1539644446-1167898952-243856634-1001_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Lenovo\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-1539644446-1167898952-243856634-1001_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Lenovo\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-1539644446-1167898952-243856634-1001_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Lenovo\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-1539644446-1167898952-243856634-1001_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Lenovo\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-1539644446-1167898952-243856634-1001_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Lenovo\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-1539644446-1167898952-243856634-1001_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Lenovo\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-1539644446-1167898952-243856634-1001_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Lenovo\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-1539644446-1167898952-243856634-1001_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Lenovo\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.) ==================== Restore Points ========================= 03-05-2015 17:11:58 Zaplanowany punkt kontrolny 08-05-2015 14:13:31 Windows Update ==================== Hosts content: ========================== (If needed Hosts: directive could be included in the fixlist to reset Hosts.) 2013-08-22 15:25 - 2013-08-22 15:25 - 00000824 ____N C:\WINDOWS\system32\Drivers\etc\hosts ==================== Scheduled Tasks (whitelisted) ============= (If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.) Task: {03FC9E90-18B5-43F0-87EC-88C018ADB588} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office\Office15\msoia.exe [2014-01-23] (Microsoft Corporation) Task: {1A0CD351-7656-4463-BCD1-82345D107B74} - System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxcontent => C:\Windows\system32\GWX\GWXConfigManager.exe [2015-03-24] (Microsoft Corporation) Task: {1BFFC4FB-B533-4172-A945-4A9D2AE51E22} - System32\Tasks\Microsoft\Windows\Setup\gwx\runappraiser => C:\Windows\system32\GWX\GWXConfigManager.exe [2015-03-24] (Microsoft Corporation) Task: {249B3D9B-3E0E-4B72-89D9-F0DEBF1485A6} - System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxconfig => C:\Windows\system32\GWX\GWXConfigManager.exe [2015-03-24] (Microsoft Corporation) Task: {3C881C68-6D8C-4322-B4C2-3FFC841B1C1D} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe [2014-01-23] (Microsoft Corporation) Task: {600B4513-ADB2-4E44-8543-416D7679707A} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-03-28] (Google Inc.) Task: {6768EAD5-F925-4D83-9367-A2E8FFE0F9D9} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-03-28] (Google Inc.) Task: {7DC24A52-207B-4538-A7D7-59481CE348B7} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office\Office15\msoia.exe [2014-01-23] (Microsoft Corporation) Task: {818063A2-4C09-4D5D-A618-EFB8141F2709} - System32\Tasks\Microsoft\Windows\Setup\gwx\launchtrayprocess => C:\Windows\system32\GWX\GWX.exe [2015-03-24] (Microsoft Corporation) Task: {ABADA334-A291-4A1B-BA59-7B2F89D1FF6E} - System32\Tasks\AdobeAAMUpdater-1.0-Lenovo-PC-Lenovo => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2012-04-04] (Adobe Systems Incorporated) Task: {D79AC729-C383-4332-AEB8-9CFAA5DA4F01} - System32\Tasks\OFFICE2013ACT => C:\ProgramData\Office2013\OFFICEICON.vbs [2013-06-04] () Task: {F050EB3D-8BDE-4D16-929F-9BE8C7709CBA} - System32\Tasks\Lenovo\Experience Improvement => C:\Program Files\Lenovo\ExperienceImprovement\LenovoExperienceImprovement.exe [2013-06-03] (Lenovo) Task: {F582D059-2AFB-4B1F-8BA9-6012714EF454} - System32\Tasks\PDVDServ Task => C:\Program Files (x86)\Lenovo\PowerDVD10\PDVD10Serv.EXE [2013-03-08] (CyberLink Corp.) Task: {FDB9557D-5166-40FF-AFE3-2C0F7A5429D0} - System32\Tasks\{0C13A93C-0403-45E8-9FFF-5098ACE82383} => pcalua.exe -a C:\Users\Lenovo\Desktop\UniFi-installer.exe -d C:\Users\Lenovo\Desktop Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe ==================== Loaded Modules (whitelisted) ============== 2014-10-11 06:49 - 2014-04-14 01:49 - 00116568 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll 2014-10-11 07:27 - 2012-04-25 04:43 - 00390632 ____N () C:\Program Files\CyberLink\Shared files\RichVideo64.exe 2014-10-11 07:30 - 2014-10-11 07:30 - 00068368 _____ () C:\Program Files (x86)\Lenovo\Lenovo VeriFace\VfConnectorService.exe 2014-10-11 07:30 - 2014-10-11 07:30 - 00669288 _____ () C:\Program Files (x86)\Lenovo\Lenovo VeriFace\VfDataStorageInterface.dll 2015-05-14 12:12 - 2015-05-14 12:12 - 00043008 _____ () c:\users\lenovo\appdata\local\temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpcfbqe6.dll 2015-03-04 23:45 - 2015-03-04 23:45 - 00750080 _____ () C:\Users\Lenovo\AppData\Roaming\Dropbox\bin\libGLESv2.dll 2015-03-04 23:45 - 2015-03-04 23:45 - 00047616 _____ () C:\Users\Lenovo\AppData\Roaming\Dropbox\bin\libEGL.dll 2015-03-04 23:45 - 2015-03-04 23:45 - 00865280 _____ () C:\Users\Lenovo\AppData\Roaming\Dropbox\bin\plugins\platforms\qwindows.dll 2015-03-04 23:45 - 2015-03-04 23:45 - 00200704 _____ () C:\Users\Lenovo\AppData\Roaming\Dropbox\bin\plugins\imageformats\qjpeg.dll 2014-10-11 06:51 - 2013-09-04 17:53 - 01242584 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll 2015-03-29 12:25 - 2015-03-29 12:25 - 00039384 _____ () C:\Program Files\FileZilla FTP Client\fzshellext.dll 2015-05-04 20:41 - 2015-04-28 04:07 - 01252680 _____ () C:\Program Files (x86)\Google\Chrome\Application\42.0.2311.135\libglesv2.dll 2015-05-04 20:41 - 2015-04-28 04:07 - 00080712 _____ () C:\Program Files (x86)\Google\Chrome\Application\42.0.2311.135\libegl.dll 2015-05-04 20:41 - 2015-04-28 04:07 - 14980424 _____ () C:\Program Files (x86)\Google\Chrome\Application\42.0.2311.135\PepperFlash\pepflashplayer.dll ==================== Alternate Data Streams (whitelisted) ========= (If an entry is included in the fixlist, only the Alternate Data Streams will be removed.) ==================== Safe Mode (whitelisted) =================== (If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.) HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => ""="" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => ""="" ==================== EXE Association (whitelisted) =============== (If an entry is included in the fixlist, the default will be restored. None default entries will be removed.) ==================== Internet Explorer trusted/restricted =============== (If an entry is included in the fixlist, the associated entry will be removed from the registry.) ==================== Other Areas ============================ (Currently there is no automatic fix for this section.) HKU\S-1-5-21-1539644446-1167898952-243856634-1001\Control Panel\Desktop\\Wallpaper -> C:\WINDOWS\web\wallpaper\Windows\img0.jpg HKU\S-1-5-21-1539644446-1167898952-243856634-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Control Panel\Desktop\\Wallpaper -> C:\WINDOWS\web\wallpaper\Windows\img0.jpg DNS Servers: 198.153.192.50 - 198.153.194.50 ==================== MSCONFIG/TASK MANAGER disabled items == (Currently there is no automatic fix for this section.) ==================== FirewallRules (whitelisted) =============== (If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.) FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139 FirewallRules: [{8B06EA28-604B-4384-8256-6AF7A82E6DEA}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe FirewallRules: [{9063444D-128A-4157-9B6B-F5FC10D61FC5}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe FirewallRules: [{75C82DF6-0B61-4891-A8C3-348A6BBD5221}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe FirewallRules: [{E6344967-2A9B-456E-A39B-12F262A0CBA1}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe FirewallRules: [{F3F68A54-83FE-4BAB-92D0-216C4844DD3B}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe FirewallRules: [{7C5AD3FE-3B8C-4076-8761-BF302BBA2DE7}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe FirewallRules: [{E69482AF-5791-4BAC-B099-8FDE8723F94F}] => (Allow) C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe FirewallRules: [{36372B95-A54B-41AB-8E51-8E9231B09FF2}] => (Allow) C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe FirewallRules: [{1BCD9C9C-37EF-4E2E-9A0F-77C24B74F5E4}] => (Allow) C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe FirewallRules: [{54A23CBF-CD68-4C33-A197-93F8ACE41925}] => (Allow) C:\Program Files\CyberLink\PowerDirector10\PDR10.EXE FirewallRules: [{35247BEB-7961-4264-9F7F-7846FAB12BF7}] => (Allow) C:\Program Files (x86)\Lenovo\PowerDVD10\PowerDVD Cinema\PowerDVDCinema10.exe FirewallRules: [{9B704BF6-1C0E-44C3-B6F1-7596E9EC9C8C}] => (Allow) C:\Program Files (x86)\Lenovo\PowerDVD10\PowerDVD10.EXE FirewallRules: [{966DC763-6998-4853-9514-E0DC1A15BEA8}] => (Allow) C:\Users\Lenovo\AppData\Roaming\Dropbox\bin\Dropbox.exe FirewallRules: [{C6F43A6D-C84A-480D-851C-A4DF47480FCA}] => (Allow) C:\Users\Lenovo\AppData\Roaming\Dropbox\bin\Dropbox.exe FirewallRules: [TCP Query User{8FF83554-F22E-4ACE-9205-9ACCBA26FAA2}C:\users\lenovo\appdata\roaming\dropbox\bin\dropbox.exe] => (Allow) C:\users\lenovo\appdata\roaming\dropbox\bin\dropbox.exe FirewallRules: [UDP Query User{936B9017-17C4-44B9-8C0A-77231CBF9F2C}C:\users\lenovo\appdata\roaming\dropbox\bin\dropbox.exe] => (Allow) C:\users\lenovo\appdata\roaming\dropbox\bin\dropbox.exe FirewallRules: [{B4CC0280-A254-45F0-B30A-1D0BB9C7967F}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe FirewallRules: [{B8EDE74C-B03D-4AD5-88D8-0BE42F19C601}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe FirewallRules: [{0D954EEF-6AFF-4B96-93F7-67FB58003C19}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe FirewallRules: [{3DD6383E-2F84-4F5B-A193-CCF375C7E0D6}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe FirewallRules: [TCP Query User{5AA7CFEB-A8B8-4D32-8273-4252C55F6D2A}C:\users\lenovo\appdata\local\temp\kmsnano\qemu-system-i386.exe] => (Block) C:\users\lenovo\appdata\local\temp\kmsnano\qemu-system-i386.exe FirewallRules: [UDP Query User{65AFE4BF-C4A0-4D09-A251-6BDB2A3AB310}C:\users\lenovo\appdata\local\temp\kmsnano\qemu-system-i386.exe] => (Block) C:\users\lenovo\appdata\local\temp\kmsnano\qemu-system-i386.exe FirewallRules: [{FD556613-3ACA-414C-892F-64489D2F4CB7}] => (Allow) C:\Program Files\SmartFTP Client\SmartFTP.exe FirewallRules: [{13166210-0E58-427C-A674-F139E38640E2}] => (Allow) C:\Program Files (x86)\Java\jre1.8.0_45\bin\java.exe FirewallRules: [{62F35D6E-35CB-4BB8-B0AD-364A139EBBED}] => (Allow) C:\Program Files (x86)\Java\jre1.8.0_45\bin\java.exe FirewallRules: [{96BBCCB8-A0C8-454D-A5FE-A521DCDD0BF9}] => (Allow) C:\Users\Lenovo\Ubiquiti UniFi\bin\mongod.exe FirewallRules: [{20234BE3-3716-4593-B883-32021800CEC6}] => (Allow) C:\Users\Lenovo\Ubiquiti UniFi\bin\mongod.exe FirewallRules: [TCP Query User{B2FD8861-2B90-4C76-8F3D-58539C0BF86F}C:\program files (x86)\java\jre1.8.0_45\bin\javaw.exe] => (Block) C:\program files (x86)\java\jre1.8.0_45\bin\javaw.exe FirewallRules: [UDP Query User{4C0BF126-32D8-4AF2-A12B-04485480978D}C:\program files (x86)\java\jre1.8.0_45\bin\javaw.exe] => (Block) C:\program files (x86)\java\jre1.8.0_45\bin\javaw.exe FirewallRules: [{31F29AE0-B941-44A6-87ED-B63DAC9D6986}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe FirewallRules: [{58E5A2B7-C6F0-4936-B60F-E146BCE332A7}] => (Allow) C:\Program Files\BitComet\BitComet.exe FirewallRules: [{05229290-3ADA-43EC-906A-85B36480B57E}] => (Allow) C:\Program Files\BitComet\BitComet.exe FirewallRules: [{07424AD3-74A1-467E-B489-E79EA7133263}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe FirewallRules: [{30983E95-1739-48CC-92E3-E6F45BC6538F}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe ==================== Faulty Device Manager Devices ============= ==================== Event log errors: ========================= Application errors: ================== Error: (05/14/2015 08:20:37 AM) (Source: Customer Experience Improvement Program) (EventID: 1008) (User: ) Description: 80070005 Error: (05/14/2015 08:17:00 AM) (Source: Office 2013 Licensing Service) (EventID: 0) (User: ) Description: Subscription licensing service failed: -1073418231 Error: (05/13/2015 09:24:52 AM) (Source: Software Protection Platform Service) (EventID: 1014) (User: ) Description: Pozyskanie licencji użytkowania nie powiodło się. hr=0xC004C003 Identyfikator SKU=2b88c4f2-ea8f-43cd-805e-4d41346e18a7 Error: (05/13/2015 09:24:52 AM) (Source: Software Protection Platform Service) (EventID: 8200) (User: ) Description: Szczegóły błędu pozyskiwania licencji. hr=0xC004C003 Error: (05/13/2015 07:30:30 AM) (Source: Customer Experience Improvement Program) (EventID: 1008) (User: ) Description: 80070005 Error: (05/13/2015 07:14:13 AM) (Source: Office 2013 Licensing Service) (EventID: 0) (User: ) Description: Subscription licensing service failed: -1073418231 Error: (05/12/2015 02:16:26 PM) (Source: Software Protection Platform Service) (EventID: 1014) (User: ) Description: Pozyskanie licencji użytkowania nie powiodło się. hr=0xC004C003 Identyfikator SKU=2b88c4f2-ea8f-43cd-805e-4d41346e18a7 Error: (05/12/2015 02:16:26 PM) (Source: Software Protection Platform Service) (EventID: 8200) (User: ) Description: Szczegóły błędu pozyskiwania licencji. hr=0xC004C003 Error: (05/12/2015 01:57:50 PM) (Source: Software Protection Platform Service) (EventID: 1014) (User: ) Description: Pozyskanie licencji użytkowania nie powiodło się. hr=0xC004C003 Identyfikator SKU=2b88c4f2-ea8f-43cd-805e-4d41346e18a7 Error: (05/12/2015 01:57:50 PM) (Source: Software Protection Platform Service) (EventID: 8200) (User: ) Description: Szczegóły błędu pozyskiwania licencji. hr=0xC004C003 System errors: ============= Error: (05/14/2015 00:52:35 PM) (Source: NetBT) (EventID: 4321) (User: ) Description: Nie można zarejestrować nazwy „LENOVO-PC :0” w interfejsie o adresie IP 192.168.0.139. Komputer o adresie IP 192.168.0.180 nie zezwolił na przejęcie tej nazwy przez ten komputer. Error: (05/14/2015 00:52:33 PM) (Source: NetBT) (EventID: 4321) (User: ) Description: Nie można zarejestrować nazwy „LENOVO-PC :0” w interfejsie o adresie IP 192.168.0.139. Komputer o adresie IP 192.168.0.180 nie zezwolił na przejęcie tej nazwy przez ten komputer. Error: (05/14/2015 00:52:29 PM) (Source: NetBT) (EventID: 4321) (User: ) Description: Nie można zarejestrować nazwy „LENOVO-PC :0” w interfejsie o adresie IP 192.168.0.139. Komputer o adresie IP 192.168.0.180 nie zezwolił na przejęcie tej nazwy przez ten komputer. Error: (05/14/2015 00:14:13 PM) (Source: Microsoft-Windows-Kernel-General) (EventID: 5) (User: Lenovo-PC) Description: 0x8000002a116\??\C:\ProgramData\Malwarebytes\Malwarebytes Anti-Malware\S-1-5-21-1539644446-1167898952-243856634-1001-1-ntuser.dat Error: (05/14/2015 00:13:42 PM) (Source: Microsoft-Windows-Kernel-General) (EventID: 5) (User: Lenovo-PC) Description: 0x8000002a116\??\C:\ProgramData\Malwarebytes\Malwarebytes Anti-Malware\S-1-5-21-1539644446-1167898952-243856634-1001-0-ntuser.dat Error: (05/14/2015 00:12:06 PM) (Source: NetBT) (EventID: 4321) (User: ) Description: Nie można zarejestrować nazwy „LENOVO-PC :0” w interfejsie o adresie IP 192.168.0.139. Komputer o adresie IP 192.168.0.180 nie zezwolił na przejęcie tej nazwy przez ten komputer. Error: (05/14/2015 00:11:56 PM) (Source: NetBT) (EventID: 4321) (User: ) Description: Nie można zarejestrować nazwy „LENOVO-PC :0” w interfejsie o adresie IP 192.168.0.139. Komputer o adresie IP 192.168.0.180 nie zezwolił na przejęcie tej nazwy przez ten komputer. Error: (05/14/2015 00:11:54 PM) (Source: NetBT) (EventID: 4321) (User: ) Description: Nie można zarejestrować nazwy „LENOVO-PC :0” w interfejsie o adresie IP 192.168.0.139. Komputer o adresie IP 192.168.0.180 nie zezwolił na przejęcie tej nazwy przez ten komputer. Error: (05/14/2015 00:11:19 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: ZARZĄDZANIE NT) Description: Nastąpiło nieoczekiwane zatrzymanie modułu rozszerzalności sieci WLAN. Ścieżka modułu: C:\WINDOWS\System32\IWMSSvc.dll Error: (05/14/2015 00:11:19 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: ZARZĄDZANIE NT) Description: Nastąpiło nieoczekiwane zatrzymanie modułu rozszerzalności sieci WLAN. Ścieżka modułu: C:\WINDOWS\System32\IWMSSvc.dll Microsoft Office Sessions: ========================= Error: (05/14/2015 08:20:37 AM) (Source: Customer Experience Improvement Program) (EventID: 1008) (User: ) Description: 80070005 Error: (05/14/2015 08:17:00 AM) (Source: Office 2013 Licensing Service) (EventID: 0) (User: ) Description: Subscription licensing service failed: -1073418231 Error: (05/13/2015 09:24:52 AM) (Source: Software Protection Platform Service) (EventID: 1014) (User: ) Description: hr=0xC004C0032b88c4f2-ea8f-43cd-805e-4d41346e18a7 Error: (05/13/2015 09:24:52 AM) (Source: Software Protection Platform Service) (EventID: 8200) (User: ) Description: hr=0xC004C00300010001(0x00000000, 09:24:49:334 - https://activation.sls.microsoft.com/SLActivateProduct/SLActivateProduct.asmx?configextension=o14) 00020001(0x00000000, 09:24:49:334) 00030001(0x00000000, 09:24:49:334 - https://activation.sls.microsoft.com) 00030002(0x00000000, 09:24:49:334 - 0) 00040001(0x00000000, 09:24:49:334 - https://activation.sls.microsoft.com) 00040002(0x00000000, 09:24:49:334 - 1, , , ) 00050002(0x80072F94, 09:24:49:334 - 0, 1) 00040006(0x00000001, 09:24:49:334 - 0, https://activation.sls.microsoft.com, , ) 00020005(0x00000000, 09:24:49:334 - 0) 0002000C(0x00000000, 09:24:52:012 - 500) 00010002(0x8004FC01, 09:24:52:012 - soap:ServerSoapException0xC004C003103 (Activation) - [PA Product key blocked. ---> Product key blocked]) 00010003(0x8004FC01, 09:24:52:028) Error: (05/13/2015 07:30:30 AM) (Source: Customer Experience Improvement Program) (EventID: 1008) (User: ) Description: 80070005 Error: (05/13/2015 07:14:13 AM) (Source: Office 2013 Licensing Service) (EventID: 0) (User: ) Description: Subscription licensing service failed: -1073418231 Error: (05/12/2015 02:16:26 PM) (Source: Software Protection Platform Service) (EventID: 1014) (User: ) Description: hr=0xC004C0032b88c4f2-ea8f-43cd-805e-4d41346e18a7 Error: (05/12/2015 02:16:26 PM) (Source: Software Protection Platform Service) (EventID: 8200) (User: ) Description: hr=0xC004C00300010001(0x00000000, 14:16:24:903 - https://activation.sls.microsoft.com/SLActivateProduct/SLActivateProduct.asmx?configextension=o14) 00020001(0x00000000, 14:16:24:907) 00030001(0x00000000, 14:16:24:909 - https://activation.sls.microsoft.com) 00030002(0x00000000, 14:16:24:909 - 0) 00040001(0x00000000, 14:16:24:909 - https://activation.sls.microsoft.com) 00040002(0x00000000, 14:16:24:912 - 1, , , ) 00050002(0x80072F94, 14:16:24:915 - 0, 1) 00040006(0x00000001, 14:16:24:915 - 0, https://activation.sls.microsoft.com, , ) 00020005(0x00000000, 14:16:24:915 - 0) 0002000C(0x00000000, 14:16:26:107 - 500) 00010002(0x8004FC01, 14:16:26:107 - soap:ServerSoapException0xC004C003103 (Activation) - [PA Product key blocked. ---> Product key blocked]) 00010003(0x8004FC01, 14:16:26:109) Error: (05/12/2015 01:57:50 PM) (Source: Software Protection Platform Service) (EventID: 1014) (User: ) Description: hr=0xC004C0032b88c4f2-ea8f-43cd-805e-4d41346e18a7 Error: (05/12/2015 01:57:50 PM) (Source: Software Protection Platform Service) (EventID: 8200) (User: ) Description: hr=0xC004C00300010001(0x00000000, 13:57:50:399 - https://activation.sls.microsoft.com/SLActivateProduct/SLActivateProduct.asmx?configextension=o14) 00020001(0x00000000, 13:57:50:399) 00030001(0x00000000, 13:57:50:399 - https://activation.sls.microsoft.com) 00030002(0x00000000, 13:57:50:399 - 0) 00040001(0x00000000, 13:57:50:399 - https://activation.sls.microsoft.com) 00040002(0x00000000, 13:57:50:401 - 1, , , ) 00050002(0x80072F94, 13:57:50:402 - 0, 1) 00040006(0x00000001, 13:57:50:402 - 0, https://activation.sls.microsoft.com, , ) 00020005(0x00000000, 13:57:50:402 - 0) 0002000C(0x00000000, 13:57:50:638 - 500) 00010002(0x8004FC01, 13:57:50:638 - soap:ServerSoapException0xC004C003103 (Activation) - [PA Product key blocked. ---> Product key blocked]) 00010003(0x8004FC01, 13:57:50:638) ==================== Memory info =========================== Processor: Intel(R) Core(TM) i7-4702MQ CPU @ 2.20GHz Percentage of memory in use: 18% Total physical RAM: 16308.27 MB Available physical RAM: 13247.67 MB Total Pagefile: 18740.27 MB Available Pagefile: 15865.83 MB Total Virtual: 131072 MB Available Virtual: 131071.76 MB ==================== Drives ================================ Drive c: (Windows8_OS) (Fixed) (Total:889.89 GB) (Free:655.57 GB) NTFS ==>[System with boot components (obtained from reading drive)] Drive d: (LENOVO) (Fixed) (Total:25 GB) (Free:22.02 GB) NTFS ==================== MBR & Partition Table ================== ======================================================== Disk: 0 (Size: 931.5 GB) (Disk ID: 93BF75D7) Partition: GPT Partition Type. ==================== End Of Log ============================