Additional scan result of Farbar Recovery Scan Tool (x64) Version:28-06-2015 Ran by Morgana at 2015-06-28 13:19:07 Running from E:\ Boot Mode: Normal ========================================================== ==================== Accounts: ============================= Administrator (S-1-5-21-1818464453-2590412624-2668118778-500 - Administrator - Disabled) Gość (S-1-5-21-1818464453-2590412624-2668118778-501 - Limited - Disabled) HomeGroupUser$ (S-1-5-21-1818464453-2590412624-2668118778-1003 - Limited - Enabled) Morgana (S-1-5-21-1818464453-2590412624-2668118778-1001 - Administrator - Enabled) => C:\Users\Morgana ==================== Security Center ======================== (If an entry is included in the fixlist, it will be removed.) AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} ==================== Installed Programs ====================== (Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.) µTorrent (HKLM-x32\...\uTorrent) (Version: 2.0.3 - ) 7-Zip 9.20 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov) AC3Filter (remove only) (HKLM-x32\...\AC3Filter) (Version: - ) Adobe Acrobat Reader DC - Polish (HKLM-x32\...\{AC76BA86-7AD7-1045-7B44-AC0F074E4100}) (Version: 15.007.20033 - Adobe Systems Incorporated) Adobe Flash Player 17 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 17.0.0.190 - Adobe Systems Incorporated) A-PDF Page Crop (HKLM-x32\...\A-PDF Page Crop_is1) (Version: - A-PDF Solution) Avast Free Antivirus (HKLM-x32\...\Avast) (Version: 10.2.2218 - AVAST Software) AviSynth 2.5 (HKLM-x32\...\AviSynth) (Version: - ) CCleaner (HKLM\...\CCleaner) (Version: 5.05 - Piriform) ChomikBox (HKLM-x32\...\{C7B52FAF-58D8-438C-B810-F78C3C927504}) (Version: 2.0.8.0 - Chomikuj.pl) Cisco EAP-FAST Module (HKLM-x32\...\{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}) (Version: 2.2.14 - Cisco Systems, Inc.) Cisco LEAP Module (HKLM-x32\...\{AF312B06-5C5C-468E-89B3-BE6DE2645722}) (Version: 1.0.19 - Cisco Systems, Inc.) Cisco PEAP Module (HKLM-x32\...\{0A4EF0E6-A912-4CDE-A7F3-6E56E7C13A2F}) (Version: 1.1.6 - Cisco Systems, Inc.) Classic Shell (HKLM\...\{7C129CF8-199F-4269-AAEE-60B5D8D716E2}) (Version: 4.2.1 - IvoSoft) CutePDF Printer Setup (HKLM-x32\...\CutePDF Port Monitor) (Version: - ) CutePDF Writer 2.7 (HKLM\...\CutePDF Writer Installation) (Version: 3.0 - Acro Software Inc.) CyberLink PowerDirector 10 (HKLM-x32\...\InstallShield_{B0B4F6D2-F2AE-451A-9496-6F2F6A897B32}) (Version: 10.0.0.2810 - CyberLink Corp.) CyberLink PowerDirector 10 (Version: 10.0.0.2810 - Nazwa firmy) Hidden Dependency Package Update (Version: 1.6.25.00 - Lenovo Inc.) Hidden Dependency Package Update (Version: 1.6.29.00 - Lenovo Inc.) Hidden Dependency Package Update (Version: 1.6.36.00 - Lenovo Inc.) Hidden Dolby Digital Plus Advanced Audio (HKLM\...\{B0BFC63F-EA07-419E-960B-3FB2ED5DD0B2}) (Version: 7.5.1.1 - Dolby Laboratories Inc) Energy Manager (HKLM-x32\...\InstallShield_{AC768037-7079-4658-AC24-2897650E0ABE}) (Version: 1.5.0.20 - Lenovo) Energy Manager (x32 Version: 1.5.0.20 - Lenovo) Hidden FileViewPro, âĺđńč˙ 1.5.0.0 (HKLM-x32\...\{718207F0-E3DB-45C3-956D-0552629A08E8}_is1) (Version: 1.5.0.0 - Solvusoft Corporation Inc.) Genesys USB Mass Storage Device (HKLM-x32\...\{959B7F35-2819-40C5-A0CD-3C53B5FCC935}) (Version: 4.3.2.0 - Genesys Logic) Google Chrome (HKLM-x32\...\Google Chrome) (Version: 43.0.2357.130 - Google Inc.) Google Update Helper (x32 Version: 1.3.27.5 - Google Inc.) Hidden GPL Ghostscript 8.63 (HKLM-x32\...\GPL Ghostscript 8.63) (Version: - ) Heroes of Might and Magic 3 Complete (HKLM-x32\...\Heroes of Might and Magic 3 Complete_is1) (Version: - GOG.com) Hightail for Lenovo (HKLM\...\{2F10E937-F6D7-4174-8AB9-B299E8FC5CEC}) (Version: 2.4.97.2857 - Hightail, Inc.) Instrukcje użytkownika (x32 Version: 3.0.0.3 - Lenovo) Hidden Intel(R) Manageability Engine Firmware Recovery Agent (HKLM-x32\...\{0EC7F9CC-4741-45AE-9F55-6E9343F726F5}) (Version: 1.1.0.36960 - Intel Corporation) Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.5.14.1724 - Intel Corporation) Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3383 - Intel Corporation) Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 13.0.2.1000 - Intel Corporation) Lenovo Dependency Package (HKLM\...\Lenovo Dependency Package_is1) (Version: 1.6.25.00 - Lenovo Group Limited) Lenovo EasyCamera (HKLM-x32\...\{E0A7ED39-8CD6-4351-93C3-69CCA00D12B4}) (Version: 6.2.9200.10260 - Realtek Semiconductor Corp.) Lenovo Experience Improvement (HKLM\...\LenovoExperienceImprovement) (Version: 1.0.19.0 - Lenovo) Lenovo Flex 2 Demo (HKLM-x32\...\{8300CA15-AD32-4C12-A6D4-121DEBCA11CC}) (Version: 1.0.0 - Lenovo) Lenovo FusionEngine (HKLM-x32\...\Lenovo FusionEngine) (Version: 1.0.13.0 - Lenovo, Inc.) Lenovo Mobile Phone Wireless Import (HKLM-x32\...\InstallShield_{DFB2E0D6-8DDE-49A4-B8F7-03C14DACCBA6}) (Version: 1.1.1.9 - Lenovo) Lenovo Mobile Phone Wireless Import (x32 Version: 1.1.1.9 - Lenovo) Hidden Lenovo Motion Control (HKLM-x32\...\InstallShield_{0D740B00-2307-44AC-B91B-F3E67444ECA6}) (Version: 2.0.1.0107 - PointGrab) Lenovo Motion Control (x32 Version: 2.0.1.0107 - PointGrab) Hidden Lenovo OneKey Recovery (HKLM-x32\...\InstallShield_{46F4D124-20E5-4D12-BE52-EC177A7A4B42}) (Version: 8.1.0.2326 - CyberLink Corp.) Lenovo OneKey Recovery (Version: 8.1.0.2326 - CyberLink Corp.) Hidden Lenovo PhoneCompanion (HKLM-x32\...\InstallShield_{0F82EA83-B0C5-4AB9-9695-DFE92C5FD57B}) (Version: 1.2.0.0 - Lenovo) Lenovo PhoneCompanion (x32 Version: 1.2.0.0 - Lenovo) Hidden Lenovo Photo Master (HKLM-x32\...\InstallShield_{BC94C56A-3649-420C-8756-2ADEBE399D33}) (Version: 1.0.1823.01 - CyberLink Corp.) Lenovo Photo Master (x32 Version: 1.0.1823.01 - CyberLink Corp.) Hidden Lenovo pointing device (HKLM\...\Elantech) (Version: 11.4.33.3 - ELAN Microelectronic Corp.) Lenovo Recommends (HKLM-x32\...\{267C8BA0-876B-4589-9F14-EFB84ABCEA7F}) (Version: 1.5.014.0211 - Lenovo) Lenovo SHAREit (HKLM-x32\...\Lenovo SHAREit_is1) (Version: 2.0.5.0 - Lenovo Group Limited) Lenovo Smart Voice (HKLM\...\Lenovo SmartVoice) (Version: 1.0.2.4 - Lenovo) Lenovo Transition (HKLM\...\Lenovo Transition) (Version: 2.1.14.1221 - Lenovo) Lenovo Updates (HKLM-x32\...\InstallShield_{A2E1E9F0-0B68-4166-8C7F-85B563B84DF4}) (Version: 1.1.0.59 - Lenovo) Lenovo Updates (x32 Version: 1.1.0.59 - Lenovo) Hidden Lenovo VeriFace Pro (HKLM\...\Lenovo VeriFace) (Version: 5.0.14.1061 - Lenovo) Magic Transfer (HKLM\...\{AD2B2BD1-A1D7-4798-8FDD-B2A58FD94E68}) (Version: 1.1.1.11 - ) Magic Transfer (HKLM-x32\...\InstallShield_{AD2B2BD1-A1D7-4798-8FDD-B2A58FD94E68}) (Version: 1.1.1.11 - Lenovo) Magic Transfer (x32 Version: 1.1.1.11 - Lenovo) Hidden Malwarebytes Anti-Malware wersja 2.1.6.1022 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.1.6.1022 - Malwarebytes Corporation) Metric Collection SDK 35 (x32 Version: 1.2.0001.00 - Lenovo Group Limited) Hidden Microsoft Office Professional Plus 2013 (HKLM\...\Office15.PROPLUS) (Version: 15.0.4420.1017 - Microsoft Corporation) Microsoft OneDrive (HKU\S-1-5-21-1818464453-2590412624-2668118778-1001\...\OneDriveSetup.exe) (Version: 17.3.5860.0512 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.51106 (HKLM-x32\...\{6e8f74e0-43bd-4dce-8477-6ff6828acc07}) (Version: 11.0.51106.1 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation) Mozilla Firefox 37.0.1 (x86 pl) (HKLM-x32\...\Mozilla Firefox 37.0.1 (x86 pl)) (Version: 37.0.1 - Mozilla) Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 37.0.1 - Mozilla) MPC-HC 1.7.8 (64-bit) (HKLM\...\{2ACBF1FA-F5C3-4B19-A774-B22A31F231B9}_is1) (Version: 1.7.8 - MPC-HC Team) NapiProjekt (2.2.0.2399) (HKLM-x32\...\NapiProjekt_is1) (Version: - ) Narzędzia sprawdzające pakietu Microsoft Office 2013 — polski (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden OpenOffice 4.1.1 (HKLM-x32\...\{B5373BA3-BAD7-4EAC-A9D2-B66B41B82C57}) (Version: 4.11.9775 - Apache Software Foundation) Pakiet sterowników systemu Windows - Lenovo (ACPIVPC) System (09/24/2013 19.29.2.34) (HKLM\...\EE9B1F2037C580F36D92FA431CC02BFF04C31F15) (Version: 09/24/2013 19.29.2.34 - Lenovo) Pakiet sterowników systemu Windows - Lenovo (WUDFRd) LenovoVhid (07/25/2013 10.30.0.288) (HKLM\...\6BCA401E9CBEED970D75F55FA5320F60D11984E9) (Version: 07/25/2013 10.30.0.288 - Lenovo) Panda Cloud Cleaner (HKLM-x32\...\{92B2B132-C7F0-43DC-921A-4493C04F78A4}_is1) (Version: 1.0.107 - Panda Security) PDFCreator PL 0.8.0 (HKLM-x32\...\{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}) (Version: - Frank Heindörfer, Philip Chinery) PhotoScape (HKLM-x32\...\PhotoScape) (Version: - ) REALTEK Bluetooth Driver (HKLM-x32\...\{9D3D8C60-A5EF-4123-B2B9-172095903AB}) (Version: 3.787.787.111213 - REALTEK Semiconductor Corp.) Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.24.1218.2013 - Realtek) Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7188 - Realtek Semiconductor Corp.) REALTEK Wireless LAN Driver (HKLM-x32\...\{9DAABC60-A5EF-41FF-B2B9-17329590CD5}) (Version: 1.00.0235 - REALTEK Semiconductor Corp.) Revo Uninstaller Pro 2.5.5 (HKLM\...\{67579783-0FB7-4F7B-B881-E5BE47C9DBE0}_is1) (Version: 2.5.5 - VS Revo Group, Ltd.) TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.16 - TeamSpeak Systems GmbH) The KMPlayer (remove only) (HKLM-x32\...\The KMPlayer) (Version: 3.4.0.59 - KMP Media co., Ltd) UsbFix (HKLM-x32\...\Usbfix) (Version: 7.933 - El Desaparecido - www.usbfix.net - www.sosvirus.net) User Manuals (HKLM-x32\...\InstallShield_{F07C2CF8-4C53-4EC3-8162-A6221E36EB88}) (Version: 3.0.0.3 - Lenovo) ==================== Custom CLSID (Whitelisted): ========================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) CustomCLSID: HKU\S-1-5-21-1818464453-2590412624-2668118778-1001_Classes\CLSID\{F8071786-1FD0-4A66-81A1-3CBE29274458}\InprocServer32 -> C:\Users\Morgana\AppData\Local\Microsoft\OneDrive\17.3.5860.0512\amd64\FileSyncApi64.dll (Microsoft Corporation) ==================== Restore Points ========================= ATTENTION: System Restore is disabled 25-06-2015 20:25:36 avast! antivirus system restore point ==================== Hosts content: =============================== (If needed Hosts: directive could be included in the fixlist to reset Hosts.) 2013-08-22 15:25 - 2013-08-22 15:25 - 00000824 ____A C:\WINDOWS\system32\Drivers\etc\hosts ==================== Scheduled Tasks (Whitelisted) ============= (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) Task: {0413D57F-69AF-4C19-9A29-CD892A294D2C} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B => schtasks Task: {09A40000-2E1E-472D-BCC7-F2916DC73D63} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-06-12] (Adobe Systems Incorporated) Task: {09FD343E-D742-4723-806E-B69FEE7CE0B1} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-04-26] (Google Inc.) Task: {1B3192C2-BCD0-4AED-AB41-0A8BA533509C} - System32\Tasks\Microsoft OneDrive Auto Update Task-S-1-5-21-1818464453-2590412624-2668118778-1001 => %localappdata%\Microsoft\OneDrive\OneDrive.exe Task: {2673507E-ED6A-48AB-B2C9-55B855FDFC72} - System32\Tasks\Lenovo\Dependency Package Auto Update => C:\Program Files\Lenovo\iMController\AutoUpdate.exe [2014-05-21] () Task: {2A072D3E-0D00-4A4A-9418-2B02D5565FA2} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-06-23] (Adobe Systems Incorporated) Task: {2CFDCE89-DE69-4E81-9BE5-75072D021FFF} - System32\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d-Logon => C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\Bootstrap.exe [2013-03-07] (Intel Corporation) Task: {2EE0BA82-3127-48BA-981F-528736D47026} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office\Office15\msoia.exe [2012-10-01] (Microsoft Corporation) Task: {634F0E44-B105-4FD6-8F9F-339394973976} - System32\Tasks\Lenovo Smart Voice => C:\Program Files (x86)\Lenovo\Lenovo Smart Voice\LsvTrayLoad.exe [2014-09-10] (Lenovo) Task: {74D39DA3-5EE7-4DD7-A6BB-A8F2D5EA02AB} - System32\Tasks\GoogleUpdateTaskMachineUA1d07c6e2de07418 => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-04-26] (Google Inc.) Task: {75CBD69A-753C-4CB5-A86D-97CFB39276B1} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2015-06-16] (Microsoft Corporation) Task: {87212CB9-2A30-406A-8733-BA12E53634B9} - System32\Tasks\Lenovo\Experience Improvement => C:\Program Files\Lenovo\ExperienceImprovement\LenovoExperienceImprovement.exe [2015-04-16] (Lenovo) Task: {A23C46B7-12FA-449B-81B2-9165E5027FF3} - System32\Tasks\Lenovo\Lenovo Customer Feedback Program 64 35 => C:\Program Files (x86)\Lenovo\Customer Feedback Program 35\Lenovo.TVT.CustomerFeedback.Agent35.exe [2014-05-30] (Lenovo) Task: {A287B7EE-3829-464B-BAA1-03081D9F2DF2} - System32\Tasks\UMonitor Task => C:\WINDOWS\SysWOW64\UMonit64.exe [2014-02-26] () Task: {A35A3DC0-BF4A-4AFD-B2EC-3A78C82D5013} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe [2012-10-01] (Microsoft Corporation) Task: {BA8E405F-5452-4FAA-A312-E474E22B09F3} - System32\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d => C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\Bootstrap.exe [2013-03-07] (Intel Corporation) Task: {BD6804B0-225B-48B7-AD72-004C232E61F2} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2015-04-08] (Piriform Ltd) Task: {C8274CF7-F36E-4C78-990D-F90E599F19F5} - System32\Tasks\Microsoft Office 15 Sync Maintenance for Lenovo-PC-Morgana Lenovo-PC => C:\Program Files\Microsoft Office 15\Root\Office15\MsoSync.exe Task: {D8B60025-D298-47AA-A30B-8C792149654A} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2015-06-26] (Avast Software s.r.o.) Task: {DD209B19-636B-4A07-8EE0-9C3CF7A8DA9E} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-04-26] (Google Inc.) Task: {DF906687-01A0-4840-8E2E-085E296ADF41} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office\Office15\msoia.exe [2012-10-01] (Microsoft Corporation) Task: {E5357AF0-B974-4F23-8496-CE3A2B1DB77D} - \Bidaily Synchronize Task No Task File <==== ATTENTION Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe ==================== Loaded Modules (Whitelisted) ============== 2015-05-06 15:18 - 2007-07-12 22:37 - 00085504 _____ () C:\WINDOWS\System32\cpwmon64.dll 2014-09-10 06:52 - 2013-11-06 21:24 - 00066560 _____ () C:\Program Files (x86)\REALTEK\Realtek Bluetooth\BTDevMgr.exe 2014-09-10 07:19 - 2014-01-09 18:27 - 00019440 _____ () C:\Program Files (x86)\Lenovo\Lenovo Recommends\Service\x64\LenovoRecommends.AppService.exe 2014-09-10 07:25 - 2012-04-24 12:43 - 00390632 ____N () C:\Program Files\CyberLink\Shared files\RichVideo64.exe 2014-09-10 07:26 - 2014-09-10 07:26 - 00067856 _____ () C:\Program Files (x86)\Lenovo\Lenovo VeriFace Pro\VfConnectorService.exe 2014-09-10 07:26 - 2014-09-10 07:26 - 00672016 _____ () C:\Program Files (x86)\Lenovo\Lenovo VeriFace Pro\VfDataStorageInterface.dll 2014-09-10 07:20 - 2014-09-10 07:20 - 00061200 _____ () C:\ProgramData\LenovoTransition\Server\x64\dptf.dll 2014-09-10 06:50 - 2014-02-26 05:13 - 00053248 _____ () C:\WINDOWS\SysWOW64\UMonit64.exe 2014-09-10 07:20 - 2014-09-10 07:20 - 00294672 _____ () C:\Program Files (x86)\Lenovo\Lenovo Transition\Transition.exe 2014-09-10 07:20 - 2014-09-10 07:20 - 00109328 _____ () C:\Program Files (x86)\Lenovo\Lenovo Transition\TransitionServer.exe 2014-03-26 12:50 - 2014-09-10 07:31 - 00058864 _____ () C:\Program Files (x86)\Lenovo\Energy Manager\kbdhook.dll 2014-09-10 07:19 - 2014-01-09 18:30 - 00044016 _____ () C:\Program Files (x86)\Lenovo\Lenovo Recommends\Util.dll 2015-06-08 08:33 - 2015-06-08 08:33 - 00632320 _____ () C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\Windows.Security\c7f6d022c5d5aec4891cb6b3b9934336\Windows.Security.ni.dll 2015-04-24 12:12 - 2015-04-24 12:12 - 00207872 _____ () C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\Windows.System\a4efa88b742703220e527956d8ab4e84\Windows.System.ni.dll 2015-06-08 08:33 - 2015-06-08 08:33 - 01259520 _____ () C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\Windows.Networking\8f0dd293f95c402613c49fb2fac85bdd\Windows.Networking.ni.dll 2015-04-24 12:12 - 2015-04-24 12:12 - 00363520 _____ () C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\Windows.Foundation\6382e6f5ad8b7a9db4f5cd4817e70319\Windows.Foundation.ni.dll 2015-04-08 21:53 - 2015-04-08 21:53 - 00050688 _____ () C:\Program Files\CCleaner\lang\lang-1045.dll 2014-09-10 07:26 - 2014-09-10 07:26 - 00815104 _____ () C:\Program Files\Lenovo PhoneCompanion\adb.exe 2014-09-10 07:20 - 2014-09-10 07:20 - 00105744 _____ () C:\Program Files (x86)\Lenovo\Lenovo Transition\Config\1366\TransitionLib.dll 2014-09-10 07:20 - 2014-09-10 07:20 - 00102160 _____ () C:\Program Files (x86)\Lenovo\Lenovo Transition\LUpdatePackage.dll 2015-06-26 00:03 - 2015-06-26 00:03 - 40540672 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll 2015-06-26 00:03 - 2015-06-26 00:03 - 00104400 _____ () C:\Program Files\AVAST Software\Avast\log.dll 2015-06-26 00:03 - 2015-06-26 00:03 - 00081728 _____ () C:\Program Files\AVAST Software\Avast\JsonRpcServer.dll 2014-09-10 07:26 - 2014-09-10 07:26 - 00101648 _____ () C:\Program Files (x86)\Lenovo\Lenovo Smart Voice\LUpdatePackage.dll 2014-09-10 06:46 - 2013-09-04 01:53 - 01242584 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll ==================== Alternate Data Streams (Whitelisted) ========= (If an entry is included in the fixlist, only the ADS will be removed.) ==================== Safe Mode (Whitelisted) =================== (If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.) HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => ""="" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => ""="" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\VDWFP => ""="Driver" ==================== EXE Association (Whitelisted) =============== (If an entry is included in the fixlist, the registry item will be restored to default or removed.) ==================== Internet Explorer trusted/restricted =============== (If an entry is included in the fixlist, it will be removed from the registry.) ==================== Other Areas ============================ (Currently there is no automatic fix for this section.) HKU\S-1-5-21-1818464453-2590412624-2668118778-1001\Control Panel\Desktop\\Wallpaper -> C:\WINDOWS\Web\Wallpaper\Lenovo\LenovoWallPaper.jpg DNS Servers: 192.168.1.1 ==================== MSCONFIG/TASK MANAGER disabled items == (Currently there is no automatic fix for this section.) ==================== FirewallRules (Whitelisted) =============== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139 FirewallRules: [{BE7CF33B-664B-4BF5-9CE7-FE69CD9057E1}] => (Allow) C:\Program Files (x86)\Lenovo\SHAREit\SHAREit.exe FirewallRules: [{33A070E3-CD27-4541-B551-995D80656155}] => (Allow) C:\Program Files (x86)\Lenovo\SHAREit\SHAREit.exe FirewallRules: [{50F1459A-ECB4-42B1-8DAD-8E5EAC2DA5F7}] => (Allow) C:\Program Files\CyberLink\PowerDirector10\PDR10.EXE FirewallRules: [{E2A68EC4-E338-4015-B0DA-C79CA76F4410}] => (Allow) C:\Program Files (x86)\Lenovo\Lenovo Photo Master\PhotoPlus.exe FirewallRules: [{B9FD1247-A3CF-4397-BCA4-EA6F3A83927D}] => (Allow) C:\Program Files (x86)\Lenovo\Lenovo Photo Master\subsys\AdvPhotoEditor\PhotoDirector5.exe FirewallRules: [{70B74DCD-3087-4128-B427-0C85B346EC4D}] => (Allow) LPort=55100 FirewallRules: [{5146F4FF-2855-4FE8-8D25-4A62F8C65D72}] => (Allow) C:\Program Files\Lenovo PhotoMasterImport\PhotoMasterImport.exe FirewallRules: [{9C42AB91-CA89-499A-B85E-3EAE04AD499D}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe FirewallRules: [{84D20CAA-250F-4FE9-9E5D-F112219BB35B}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe FirewallRules: [{AE64811F-5B80-4621-A9A3-D446CE5E21D8}] => (Allow) C:\Users\Morgana\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe FirewallRules: [{6C93AC68-74C4-43D1-92F7-E92A65820D7A}] => (Allow) C:\Program Files (x86)\NapiProjekt\napisy.exe FirewallRules: [{1BA5549D-8241-40D8-961E-2A20DC7EED4D}] => (Allow) C:\Program Files (x86)\NapiProjekt\napisy.exe FirewallRules: [{CEAC490E-B781-46F9-8F9B-00F14FBD134F}] => (Allow) C:\Program Files (x86)\uTorrent\uTorrent.exe FirewallRules: [{E41019CC-40BC-4C32-BB9D-353A37B2D4FC}] => (Allow) C:\Program Files (x86)\uTorrent\uTorrent.exe FirewallRules: [{A4174ED1-85B9-463C-93DC-527D7018B218}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\Lync.exe FirewallRules: [{77F96350-E21C-4997-A09F-5C4ABEB77ADC}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\UcMapi.exe FirewallRules: [{B21F8276-6259-47FF-B86F-55009D7CE950}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe FirewallRules: [{74B43A89-4845-476D-B18C-4CC90DBA487C}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe FirewallRules: [{3720637E-2093-419F-9D26-75E96F7485F6}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe FirewallRules: [{4CE1BA8D-FFB3-4868-B71D-53ACB60C5098}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe FirewallRules: [{9712B2E5-B4F9-48A9-BDBF-F128EC0B2AA6}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe ==================== Faulty Device Manager Devices ============= Name: Rescue Disc Description: Flash Disk Class Guid: {eec5ad98-8080-425f-922a-dabf3de3f69a} Manufacturer: CBM Service: WUDFWpdFs Problem: : Windows has stopped this device because it has reported problems. (Code 43) Resolution: One of the drivers controlling the device notified the operating system that the device failed in some manner. For more information about how to diagnose the problem, see the hardware documentation. Name: Picks Device Description: Picks Device Class Guid: {78a1c341-4539-11d3-b88d-00c04fad5171} Manufacturer: Picks Service: WUDFRd Problem: : Windows has stopped this device because it has reported problems. (Code 43) Resolution: One of the drivers controlling the device notified the operating system that the device failed in some manner. For more information about how to diagnose the problem, see the hardware documentation. Name: Lenovo Primary iM Controller Description: Lenovo Primary iM Controller Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318} Manufacturer: Lenovo Corporation Service: WUDFRd Problem: : Windows has stopped this device because it has reported problems. (Code 43) Resolution: One of the drivers controlling the device notified the operating system that the device failed in some manner. For more information about how to diagnose the problem, see the hardware documentation. ==================== Event log errors: ========================= Application errors: ================== Error: (06/28/2015 01:12:55 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Nazwa aplikacji powodującej błąd: AUDIODG.EXE, wersja: 6.3.9600.17415, sygnatura czasowa: 0x54503ea8 Nazwa modułu powodującego błąd: FMAPO64.dll, wersja: 50.6.5.66, sygnatura czasowa: 0x53017fec Kod wyjątku: 0xc0000005 Przesunięcie błędu: 0x000000000009acd1 Identyfikator procesu powodującego błąd: 0x12cc Godzina uruchomienia aplikacji powodującej błąd: 0xAUDIODG.EXE0 Ścieżka aplikacji powodującej błąd: AUDIODG.EXE1 Ścieżka modułu powodującego błąd: AUDIODG.EXE2 Identyfikator raportu: AUDIODG.EXE3 Pełna nazwa pakietu powodującego błąd: AUDIODG.EXE4 Identyfikator aplikacji względem pakietu powodującego błąd: AUDIODG.EXE5 Error: (06/26/2015 02:25:57 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Nazwa aplikacji powodującej błąd: PCloudCleaner.exe, wersja: 1.0.0.1533, sygnatura czasowa: 0x00000000 Nazwa modułu powodującego błąd: ntdll.dll, wersja: 6.3.9600.17736, sygnatura czasowa: 0x550f42c2 Kod wyjątku: 0xc0000005 Przesunięcie błędu: 0x0001df63 Identyfikator procesu powodującego błąd: 0x268 Godzina uruchomienia aplikacji powodującej błąd: 0xPCloudCleaner.exe0 Ścieżka aplikacji powodującej błąd: PCloudCleaner.exe1 Ścieżka modułu powodującego błąd: PCloudCleaner.exe2 Identyfikator raportu: PCloudCleaner.exe3 Pełna nazwa pakietu powodującego błąd: PCloudCleaner.exe4 Identyfikator aplikacji względem pakietu powodującego błąd: PCloudCleaner.exe5 Error: (06/25/2015 09:22:32 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Nazwa aplikacji powodującej błąd: ymc.exe, wersja: 1.0.0.0, sygnatura czasowa: 0x52de37ed Nazwa modułu powodującego błąd: KERNELBASE.dll, wersja: 6.3.9600.17415, sygnatura czasowa: 0x54505737 Kod wyjątku: 0xe0434352 Przesunięcie błędu: 0x0000000000008b9c Identyfikator procesu powodującego błąd: 0x874 Godzina uruchomienia aplikacji powodującej błąd: 0xymc.exe0 Ścieżka aplikacji powodującej błąd: ymc.exe1 Ścieżka modułu powodującego błąd: ymc.exe2 Identyfikator raportu: ymc.exe3 Pełna nazwa pakietu powodującego błąd: ymc.exe4 Identyfikator aplikacji względem pakietu powodującego błąd: ymc.exe5 Error: (06/25/2015 09:22:32 PM) (Source: .NET Runtime) (EventID: 1026) (User: ) Description: Aplikacja: ymc.exe Wersja architektury: v4.0.30319 Opis: proces został przerwany z powodu nieobsłużonego wyjątku. Informacje o wyjątku: System.Management.ManagementException Stos: w System.Management.ManagementException.ThrowWithExtendedInfo(System.Management.ManagementStatus) w System.Management.SinkForEventQuery.Cancel() w System.Management.ManagementEventWatcher.Stop() w System.Management.ManagementEventWatcher.Finalize() Error: (06/25/2015 09:09:44 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Nazwa aplikacji powodującej błąd: AUDIODG.EXE, wersja: 6.3.9600.17415, sygnatura czasowa: 0x54503ea8 Nazwa modułu powodującego błąd: ntdll.dll, wersja: 6.3.9600.17736, sygnatura czasowa: 0x550f4336 Kod wyjątku: 0xc0000005 Przesunięcie błędu: 0x000000000003d85e Identyfikator procesu powodującego błąd: 0xfc8 Godzina uruchomienia aplikacji powodującej błąd: 0xAUDIODG.EXE0 Ścieżka aplikacji powodującej błąd: AUDIODG.EXE1 Ścieżka modułu powodującego błąd: AUDIODG.EXE2 Identyfikator raportu: AUDIODG.EXE3 Pełna nazwa pakietu powodującego błąd: AUDIODG.EXE4 Identyfikator aplikacji względem pakietu powodującego błąd: AUDIODG.EXE5 Error: (06/25/2015 08:58:35 PM) (Source: Application Hang) (EventID: 1002) (User: ) Description: Program Explorer.EXE w wersji 6.3.9600.17667 przestał współpracować z systemem Windows i został zamknięty. Aby sprawdzić, czy jest dostępnych więcej informacji na temat tego problemu, sprawdź historię problemu w aplecie Centrum akcji w Panelu sterowania. Identyfikator procesu: 868 Godzina rozpoczęcia: 01d0af72a5ee15f2 Godzina zakończenia: 4294967295 Ścieżka aplikacji: C:\WINDOWS\Explorer.EXE Identyfikator raportu: 24cc5399-1b6c-11e5-827d-38b1dbaa0bae Pełna nazwa pakietu powodującego błąd: Identyfikator aplikacji względem pakietu powodującego błąd: Error: (06/25/2015 08:23:34 PM) (Source: SideBySide) (EventID: 78) (User: ) Description: Nie można wygenerować kontekstu aktywacji dla „C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17810_none_6240b9c7ecbd0bda.manifest1”. Błąd w pliku manifestu lub w pliku zasad „C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17810_none_6240b9c7ecbd0bda.manifest2” w wierszu C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17810_none_6240b9c7ecbd0bda.manifest3. Wersja składnika wymagana przez aplikację powoduje konflikt z inną wersją składnika, która jest już aktywna. Składniki powodujące konflikt: Składnik 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17810_none_6240b9c7ecbd0bda.manifest. Składnik 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17810_none_a9edf09f013934e0.manifest. Error: (06/25/2015 08:23:33 PM) (Source: SideBySide) (EventID: 78) (User: ) Description: Nie można wygenerować kontekstu aktywacji dla „C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17810_none_6240b9c7ecbd0bda.manifest1”. Błąd w pliku manifestu lub w pliku zasad „C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17810_none_6240b9c7ecbd0bda.manifest2” w wierszu C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17810_none_6240b9c7ecbd0bda.manifest3. Wersja składnika wymagana przez aplikację powoduje konflikt z inną wersją składnika, która jest już aktywna. Składniki powodujące konflikt: Składnik 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17810_none_6240b9c7ecbd0bda.manifest. Składnik 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17810_none_a9edf09f013934e0.manifest. Error: (06/25/2015 08:23:05 PM) (Source: SideBySide) (EventID: 78) (User: ) Description: Nie można wygenerować kontekstu aktywacji dla „C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17810_none_6240b9c7ecbd0bda.manifest1”. Błąd w pliku manifestu lub w pliku zasad „C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17810_none_6240b9c7ecbd0bda.manifest2” w wierszu C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17810_none_6240b9c7ecbd0bda.manifest3. Wersja składnika wymagana przez aplikację powoduje konflikt z inną wersją składnika, która jest już aktywna. Składniki powodujące konflikt: Składnik 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17810_none_6240b9c7ecbd0bda.manifest. Składnik 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17810_none_a9edf09f013934e0.manifest. Error: (06/25/2015 08:23:05 PM) (Source: SideBySide) (EventID: 78) (User: ) Description: Nie można wygenerować kontekstu aktywacji dla „C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17810_none_6240b9c7ecbd0bda.manifest1”. Błąd w pliku manifestu lub w pliku zasad „C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17810_none_6240b9c7ecbd0bda.manifest2” w wierszu C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17810_none_6240b9c7ecbd0bda.manifest3. Wersja składnika wymagana przez aplikację powoduje konflikt z inną wersją składnika, która jest już aktywna. Składniki powodujące konflikt: Składnik 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17810_none_6240b9c7ecbd0bda.manifest. Składnik 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17810_none_a9edf09f013934e0.manifest. System errors: ============= Error: (06/28/2015 01:10:34 PM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: Usługa Usługa Windows Defender niespodziewanie zakończyła pracę. Wystąpiło to razy: 3. Error: (06/28/2015 01:09:31 PM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: Usługa Usługa Windows Defender niespodziewanie zakończyła pracę. Wystąpiło to razy: 2. W przeciągu 60000 milisekund zostanie podjęta następująca czynność korekcyjna: Uruchom usługę ponownie. Error: (06/28/2015 01:08:31 PM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: Usługa Usługa Windows Defender niespodziewanie zakończyła pracę. Wystąpiło to razy: 1. W przeciągu 60000 milisekund zostanie podjęta następująca czynność korekcyjna: Uruchom usługę ponownie. Error: (06/28/2015 01:01:16 PM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: Usługa Usługa Windows Defender niespodziewanie zakończyła pracę. Wystąpiło to razy: 3. Error: (06/28/2015 01:00:13 PM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: Usługa Usługa Windows Defender niespodziewanie zakończyła pracę. Wystąpiło to razy: 2. W przeciągu 60000 milisekund zostanie podjęta następująca czynność korekcyjna: Uruchom usługę ponownie. Error: (06/28/2015 00:59:12 PM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: Usługa Usługa Windows Defender niespodziewanie zakończyła pracę. Wystąpiło to razy: 1. W przeciągu 60000 milisekund zostanie podjęta następująca czynność korekcyjna: Uruchom usługę ponownie. Error: (06/28/2015 00:58:36 PM) (Source: BugCheck) (EventID: 1001) (User: ) Description: 0x0000000a (0x0000000000000000, 0x0000000000000002, 0x0000000000000000, 0xfffff8011a3388f8)C:\WINDOWS\MEMORY.DMP062815-22250-01 Error: (06/28/2015 00:58:32 PM) (Source: EventLog) (EventID: 6008) (User: ) Description: Poprzednie zamknięcie systemu przy 12:37:00 na ‎2015-‎06-‎28 było nieoczekiwane. Error: (06/28/2015 00:54:13 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: ZARZĄDZANIE NT) Description: Instalacja nie powiodła się: system Windows nie mógł zainstalować następującej aktualizacji, ponieważ wystąpił błąd 0x80070643: Definition Update for Windows Defender - KB2267602 (Definition 1.201.341.0). Error: (06/28/2015 00:39:24 PM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: Usługa Usługa Windows Defender niespodziewanie zakończyła pracę. Wystąpiło to razy: 3. Microsoft Office: ========================= Error: (06/28/2015 01:12:55 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: AUDIODG.EXE6.3.9600.1741554503ea8FMAPO64.dll50.6.5.6653017fecc0000005000000000009acd112cc01d0b19308d13c56C:\WINDOWS\system32\AUDIODG.EXEC:\WINDOWS\system32\FMAPO64.dll9fbd588a-1d86-11e5-8294-38b1dbaa0bae Error: (06/26/2015 02:25:57 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: PCloudCleaner.exe1.0.0.153300000000ntdll.dll6.3.9600.17736550f42c2c00000050001df6326801d0b00b2dee25bbC:\Program Files (x86)\Panda Security\Panda Cloud Cleaner\PCloudCleaner.exeC:\WINDOWS\SYSTEM32\ntdll.dll7ebec6b6-1bfe-11e5-8291-38b1dbaa0bae Error: (06/25/2015 09:22:32 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: ymc.exe1.0.0.052de37edKERNELBASE.dll6.3.9600.1741554505737e04343520000000000008b9c87401d0af7a3104f6e3C:\ProgramData\LenovoTransition\Server\x64\ymc.exeC:\WINDOWS\system32\KERNELBASE.dll8664c3e3-1b6f-11e5-8282-38b1dbaa0bae Error: (06/25/2015 09:22:32 PM) (Source: .NET Runtime) (EventID: 1026) (User: ) Description: Aplikacja: ymc.exe Wersja architektury: v4.0.30319 Opis: proces został przerwany z powodu nieobsłużonego wyjątku. Informacje o wyjątku: System.Management.ManagementException Stos: w System.Management.ManagementException.ThrowWithExtendedInfo(System.Management.ManagementStatus) w System.Management.SinkForEventQuery.Cancel() w System.Management.ManagementEventWatcher.Stop() w System.Management.ManagementEventWatcher.Finalize() Error: (06/25/2015 09:09:44 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: AUDIODG.EXE6.3.9600.1741554503ea8ntdll.dll6.3.9600.17736550f4336c0000005000000000003d85efc801d0af7a34f62bcaC:\WINDOWS\system32\AUDIODG.EXEC:\WINDOWS\SYSTEM32\ntdll.dllbc954f4c-1b6d-11e5-8282-38b1dbaa0bae Error: (06/25/2015 08:58:35 PM) (Source: Application Hang) (EventID: 1002) (User: ) Description: Explorer.EXE6.3.9600.1766786801d0af72a5ee15f24294967295C:\WINDOWS\Explorer.EXE24cc5399-1b6c-11e5-827d-38b1dbaa0bae Error: (06/25/2015 08:23:34 PM) (Source: SideBySide) (EventID: 78) (User: ) Description: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17810_none_6240b9c7ecbd0bda.manifestC:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17810_none_a9edf09f013934e0.manifestC:\Users\Morgana\AppData\Local\Microsoft\Windows\INetCache\IE\6JBBE023\esetsmartinstaller_plk.exe Error: (06/25/2015 08:23:33 PM) (Source: SideBySide) (EventID: 78) (User: ) Description: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17810_none_6240b9c7ecbd0bda.manifestC:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17810_none_a9edf09f013934e0.manifestC:\Users\Morgana\AppData\Local\Microsoft\Windows\INetCache\IE\6JBBE023\esetsmartinstaller_plk.exe Error: (06/25/2015 08:23:05 PM) (Source: SideBySide) (EventID: 78) (User: ) Description: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17810_none_6240b9c7ecbd0bda.manifestC:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17810_none_a9edf09f013934e0.manifestC:\Users\Morgana\AppData\Local\Microsoft\Windows\INetCache\IE\6JBBE023\esetsmartinstaller_plk.exe Error: (06/25/2015 08:23:05 PM) (Source: SideBySide) (EventID: 78) (User: ) Description: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17810_none_6240b9c7ecbd0bda.manifestC:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17810_none_a9edf09f013934e0.manifestC:\Users\Morgana\AppData\Local\Microsoft\Windows\INetCache\IE\6JBBE023\esetsmartinstaller_plk.exe ==================== Memory info =========================== Processor: Intel(R) Core(TM) i3-4030U CPU @ 1.90GHz Percentage of memory in use: 41% Total physical RAM: 4003.94 MB Available physical RAM: 2355.29 MB Total Pagefile: 8611.94 MB Available Pagefile: 6969.9 MB Total Virtual: 131072 MB Available Virtual: 131071.79 MB ==================== Drives ================================ Drive c: (Windows8_OS) (Fixed) (Total:423.54 GB) (Free:274.35 GB) NTFS ==>[System with boot components (obtained from reading drive)] Drive d: (LENOVO) (Fixed) (Total:25 GB) (Free:21.76 GB) NTFS Drive e: (Rescue Disc) (Removable) (Total:3.78 GB) (Free:3.73 GB) NTFS ==================== MBR & Partition Table ================== ======================================================== Disk: 0 (Size: 465.8 GB) (Disk ID: 2D234343) Partition: GPT Partition Type. ======================================================== Disk: 1 (MBR Code: Windows 7 or 8) (Size: 3.8 GB) (Disk ID: 0281637E) Partition 1: (Active) - (Size=3.8 GB) - (Type=07 NTFS) ==================== End of log ============================