Additional scan result of Farbar Recovery Scan Tool (x64) Version:08-06-2015 Ran by Jasiek at 2015-06-13 14:44:56 Running from C:\Users\Jasiek\Downloads Boot Mode: Normal ========================================================== ==================== Accounts: ============================= Administrator (S-1-5-21-1808703716-2936164801-3057166833-500 - Administrator - Disabled) Gość (S-1-5-21-1808703716-2936164801-3057166833-501 - Limited - Disabled) Jasiek (S-1-5-21-1808703716-2936164801-3057166833-1001 - Administrator - Enabled) => C:\Users\Jasiek ==================== Security Center ======================== (If an entry is included in the fixlist, it will be removed.) AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AV: McAfee — ochrona antywirusowa i przed oprogramowaniem szpiegującym (Enabled - Up to date) {DA9F8ED0-D0DE-39CC-F55A-51AB4CC1B556} AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: McAfee — ochrona antywirusowa i przed oprogramowaniem szpiegującym (Enabled - Up to date) {61FE6F34-F6E4-3642-CFEA-6AD93746FFEB} FW: McAfee Firewall (Enabled) {E2A40FF5-9AB1-3894-DE05-F89EB212F22D} ==================== Installed Programs ====================== (Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.) Acer Docs (HKLM-x32\...\{CA4FE8B0-298C-4E5D-A486-F33B126D6A0A}) (Version: 1.03.2003 - Acer Incorporated) Acer Docs Office AddIn (HKLM-x32\...\{DCBF3379-246B-47E1-8173-639B63940838}) (Version: 2.04.2005 - Acer) Acer Explorer Agent (HKLM\...\{4D0F42CF-1693-43D9-BDC8-19141D023EE0}) (Version: 2.00.3000 - Acer Incorporated) Acer Launch Manager (HKLM\...\{C18D55BD-1EC6-466D-B763-8EEDDDA9100E}) (Version: 8.00.8105 - Acer Incorporated) Acer Media (HKLM-x32\...\{E9AF1707-3F3A-49E2-8345-4F2D629D0876}) (Version: 2.04.2006.0 - Acer Incorporated) Acer Photo (HKLM-x32\...\{B5AD89F2-03D3-4206-8487-018298007DD0}) (Version: 2.04.2006.0 - Acer Incorporated) Acer Portal (HKLM-x32\...\{A5AD0B17-F34D-49BE-A157-C8B3D52ACD13}) (Version: 2.04.2007 - Acer Incorporated) Acer Power Management (HKLM\...\{91F52DE4-B789-42B0-9311-A349F10E5479}) (Version: 7.00.8104 - Acer Incorporated) Acer Quick Access (HKLM\...\{C1FA525F-D701-4B31-9D32-504FC0CF0B98}) (Version: 1.01.3012 - Acer Incorporated) Acer Recovery Management (HKLM\...\{07F2005A-8CAC-4A4B-83A2-DA98A722CA61}) (Version: 6.00.8106 - Acer Incorporated) Acer Remote Files (HKLM\...\{13885028-098C-4799-9B71-27DAC96502D5}) (Version: 1.02.2003 - Acer Incorporated) Acer User Experience Improvement Program App Monitor Plugin (HKLM\...\{978724F6-1863-4DD5-9E66-FB77F5AB5613}) (Version: 1.01.3003 - Acer Incorporated) Acer User Experience Improvement Program Framework (HKLM\...\{12A718F2-2357-4D41-9E1F-18583A4745F7}) (Version: 1.01.3003 - Acer Incorporated) Acer Video Player (HKLM-x32\...\{B6846F20-4821-11E3-8F96-0800200C9A66}) (Version: 1.00.2001.4 - Acer Incorporated) Adobe Flash Player 17 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 17.0.0.188 - Adobe Systems Incorporated) Adobe Flash Player 17 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 17.0.0.188 - Adobe Systems Incorporated) Adobe Reader XI (11.0.11) MUI (HKLM-x32\...\{AC76BA86-7AD7-FFFF-7B44-AB0000000001}) (Version: 11.0.11 - Adobe Systems Incorporated) Badanie mające na celu poprawę produktów HP Deskjet 1510 series (HKLM\...\{30CA1CF4-A6BB-48D2-B531-2C96D2083BA3}) (Version: 30.0.1093.41190 - Hewlett-Packard Co.) CyberLink PhotoDirector 3 (HKLM-x32\...\InstallShield_{39337565-330E-4ab6-A9AE-AC81E0720B10}) (Version: 3.0.1.4917 - CyberLink Corp.) CyberLink PowerDirector 10 (HKLM-x32\...\InstallShield_{B0B4F6D2-F2AE-451A-9496-6F2F6A897B32}) (Version: 10.0.0.3721 - CyberLink Corp.) CyberLink PowerDVD 12 (HKLM-x32\...\InstallShield_{B46BEA36-0B71-4A4E-AE41-87241643FA0A}) (Version: 12.0.3914.57 - CyberLink Corp.) Dziobas Rar Player 0.009.52 (HKLM-x32\...\Dziobas Rar Player_is1) (Version: - Kamil Dzióbek) FormatFactory 3.6.0.0 (HKLM-x32\...\FormatFactory) (Version: 3.6.0.0 - Format Factory) HP Deskjet 1510 series — podstawowe oprogramowanie urządzenia (HKLM\...\{FE2C2D56-E00E-445C-8890-5DE30F7C1C0D}) (Version: 30.0.1093.41190 - Hewlett-Packard Co.) HP Deskjet 1510 series Pomoc (HKLM-x32\...\{065AAC3B-F0A7-4D13-A40B-3133D319E4EB}) (Version: 30.0.0 - Hewlett Packard) HP Photo Creations (HKU\S-1-5-21-1808703716-2936164801-3057166833-1001\...\HP Photo Creations) (Version: 1.0.0.17712 - HP) HP Update (HKLM-x32\...\{6F1C00D2-25C2-4CBA-8126-AE9A6E2E9CD5}) (Version: 5.003.003.001 - Hewlett-Packard) Huawei E3372 (HKLM-x32\...\Huawei E3372) (Version: 22.001.22.03.1202 - Huawei Technologies Co.,Ltd) Identity Card (HKLM-x32\...\{3D9CB654-99AD-4301-89C6-0D12A790767C}) (Version: 2.00.8101 - Acer Incorporated) Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3496 - Intel Corporation) Intel(R) Technology Access (HKLM-x32\...\{efc54997-dfa9-44b1-afac-3a7ac4f45730}) (Version: 1.3.6.1042 - Intel Corporation) Intel(R) Trusted Execution Engine (HKLM\...\{176E2755-0A17-42C6-88E2-192AB2131278}) (Version: 1.0.0.1064 - Intel Corporation) Intel(R) Update Manager (HKLM-x32\...\{43FA4AC8-46F8-423F-96FD-9A7D67048F1C}) (Version: 2.5.1634 - Intel Corporation) Java(TM) 7 Update 4 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217004FF}) (Version: 7.0.40 - Oracle) JavaFX 2.1.0 (HKLM-x32\...\{1111706F-666A-4037-7777-210328764D10}) (Version: 2.1.0 - Oracle Corporation) Live Updater (HKLM-x32\...\{EE26E302-876A-48D9-9058-3129E5B99999}) (Version: 2.00.8100 - Acer Incorporated) McAfee LiveSafe – Internet Security (HKLM-x32\...\MSC) (Version: 13.6.1599 - McAfee, Inc.) McAfee SafeKey(tylko odinstalowanie) (HKLM-x32\...\safekey) (Version: 2.2.3 - McAfee, Inc.) McAfee Security Scan Plus (HKLM\...\McAfee Security Scan) (Version: 3.8.150.1 - McAfee, Inc.) McAfee WebAdvisor (HKLM-x32\...\{35ED3F83-4BDC-4c44-8EC6-6A8301C7413A}) (Version: 4.0.316 - McAfee, Inc.) Microsoft OneDrive (HKU\S-1-5-21-1808703716-2936164801-3057166833-1001\...\OneDriveSetup.exe) (Version: 17.3.5860.0512 - Microsoft Corporation) Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.40416.0 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{7f51bdb9-ee21-49ee-94d6-90afc321780e}) (Version: 12.0.21005.1 - Microsoft Corporation) Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation) Nero 7 Essentials (HKLM-x32\...\{C1E544E5-EF3C-4103-A57B-3A499FD91045}) (Version: 7.02.4142 - Nero AG) Opera Stable 30.0.1835.59 (HKLM-x32\...\Opera 30.0.1835.59) (Version: 30.0.1835.59 - Opera Software) Polski pakiet językowy dla narzędzi Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - PLK) (Version: 10.0.50903 - Microsoft Corporation) Qualcomm Atheros Bluetooth Suite (64) (HKLM\...\{A84A4FB1-D703-48DB-89E0-68B6499D2801}) (Version: 8.0.1.318 - Qualcomm Atheros Communications) Qualcomm Atheros WLAN and Bluetooth Client Installation Program (HKLM-x32\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 12.29 - Qualcomm Atheros) Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 6.3.9600.21245 - Realtek Semiconductor Corp.) Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.24.1218.2013 - Realtek) Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7209 - Realtek Semiconductor Corp.) Unity Web Player (HKU\S-1-5-21-1808703716-2936164801-3057166833-1001\...\UnityWebPlayer) (Version: 4.6.2f1 - Unity Technologies ApS) ==================== Custom CLSID (Whitelisted): ========================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) CustomCLSID: HKU\S-1-5-21-1808703716-2936164801-3057166833-1001_Classes\CLSID\{820D63D5-8CFF-46DE-86AF-4997DEDD6DB5}\localserver32 -> C:\Windows\system32\igfxEM.exe (Intel Corporation) CustomCLSID: HKU\S-1-5-21-1808703716-2936164801-3057166833-1001_Classes\CLSID\{F8071786-1FD0-4A66-81A1-3CBE29274458}\InprocServer32 -> C:\Users\Jasiek\AppData\Local\Microsoft\OneDrive\17.3.5860.0512\amd64\FileSyncApi64.dll (Microsoft Corporation) ==================== Restore Points ========================= 01-06-2015 15:52:00 Usunięto: Microsoft Office Word Viewer 2003 05-06-2015 16:23:35 Windows Update 12-06-2015 11:53:31 Windows Update ==================== Hosts content: =============================== (If needed Hosts: directive could be included in the fixlist to reset Hosts.) 2013-08-22 15:25 - 2013-08-22 15:25 - 00000824 ____N C:\Windows\system32\Drivers\etc\hosts ==================== Scheduled Tasks (Whitelisted) ============= (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) Task: {0497F883-547A-4671-A53E-9EA41A4838D2} - System32\Tasks\Microsoft Office 15 Sync Maintenance for JAS-Jasiek Jaś => C:\Program Files\Microsoft Office 15\Root\Office15\MsoSync.exe Task: {15AD837A-A0CC-4CE3-99B3-961C5990E7FD} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473 => C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [2014-06-09] () Task: {1C5A5DA8-7321-4BF6-B147-61EA855C8846} - System32\Tasks\PITax reminder => C:\Program Files (x86)\PITax.pl\PITax.pl.exe Task: {26E73F6B-28B7-4483-9E9A-EAC4A6D698F4} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2014-12-19] (Adobe Systems Incorporated) Task: {30CA8CFE-EDC2-4733-999B-D1D92C5FAFA4} - System32\Tasks\UbtFrameworkService => C:\Program Files\Acer\User Experience Improvement Program\Framework\TriggerFramework.exe [2014-01-25] (TODO: ) Task: {3306509F-E403-4628-B552-DD45867CAFD4} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\Logon => C:\Windows\system32\GWX\GWX.exe [2015-05-06] (Microsoft Corporation) Task: {3563F7B9-FAA2-47D5-AB38-2C6875F05C2E} - System32\Tasks\{90398B91-1117-4A61-9FED-BFB1B18DD293} => pcalua.exe -a C:\ProgramData\EpicScale\0\EpicScale.exe -c EpicScale DoUninstall Task: {4DAC32C1-BD25-4F29-BB87-69F5ABD25A60} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473-Logon => C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [2014-06-09] () Task: {504F16A6-BB23-4E23-A19A-E46A07D42FB7} - System32\Tasks\Microsoft OneDrive Auto Update Task-S-1-5-21-1808703716-2936164801-3057166833-1001 => %localappdata%\Microsoft\OneDrive\OneDrive.exe Task: {58585057-47AF-4352-AEA4-07A1BD2D0F97} - System32\Tasks\Power Management => C:\Program Files\Acer\Acer Power Management\ePowerTrayLauncher.exe [2014-03-21] (Acer Incorporated) Task: {5E9776FC-AC58-4C67-B165-1EE71F5FEBB5} - System32\Tasks\AcerCloud => C:\Program Files (x86)\Acer\Acer Portal\acpanel_win.exe [2014-01-17] (Acer Incorporated) Task: {61AB31E9-02E6-4BBC-8FF7-7C0378C1C2CD} - System32\Tasks\Quick Access Quick Launcher => C:\Program Files\Acer\Acer Quick Access\QALauncher.exe [2014-03-22] (Acer Incorporate) Task: {68473316-09DC-425E-9624-443FC53A1A58} - System32\Tasks\Microsoft\Windows\Application Experience\Microsoft Compatibility Appraiser => C:\Windows\system32\compattel\DiagTrackRunner.exe [2015-03-16] (Microsoft Corporation) Task: {6CD970C7-7986-4651-85F0-F4113A2383C4} - System32\Tasks\ALU => C:\Program Files (x86)\Acer\Live Updater\updater.exe [2013-07-08] () Task: {6F53BC4C-6541-4B9D-9C79-ED1DD2357DDC} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B => schtasks Task: {71E152E5-D35D-4D2C-964F-189B702C63F3} - System32\Tasks\PITax rss checker => C:\Program Files (x86)\PITax.pl\PITax.pl.exe Task: {8CBF6904-460D-4F6D-A17E-C82D93B41A76} - System32\Tasks\Launch Manager => C:\Program Files\Acer\Acer Launch Manager\LMLauncher.exe [2014-03-17] (Acer Incorporate) Task: {8D089B4F-EA54-4F4D-B9AE-B33B13A46890} - System32\Tasks\Microsoft\Windows\Setup\gwx\launchtrayprocess => C:\Windows\system32\GWX\GWX.exe [2015-05-06] (Microsoft Corporation) Task: {8E8C19F5-FE61-446D-9780-900B333810BE} - System32\Tasks\Recovery Management\Notification => C:\Program Files\Acer\Acer Recovery Management\Notification\Notification.exe [2014-03-19] (Acer Incorporated) Task: {950DB65C-E133-416D-8FE2-D2FCDA845EE7} - System32\Tasks\e-pity2015_styczen => C:\Program Files (x86)\e-file\e-pity2014\Assets\signxml.exe Task: {9DBBC437-33B3-45A9-99F3-7EFF5AC9C510} - System32\Tasks\Quick Access => C:\Program Files\Acer\Acer Quick Access\QALauncher.exe [2014-03-22] (Acer Incorporate) Task: {AB40BC98-488D-4303-AD1E-7E3016899BDB} - System32\Tasks\Opera scheduled Autoupdate 1414141205 => C:\Program Files (x86)\Opera\launcher.exe [2015-06-10] (Opera Software) Task: {AC235EB0-3C1A-45AC-809B-B5D8C8FD5E92} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-06-12] (Adobe Systems Incorporated) Task: {C485AF5A-7689-418F-8D92-1D401F839EE9} - System32\Tasks\e-pity2015_kwiecien => C:\Program Files (x86)\e-file\e-pity2014\Assets\signxml.exe Task: {C618DF67-CE75-463E-9F73-7C0BF88ADEFA} - System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxconfig => C:\Windows\system32\GWX\GWXConfigManager.exe [2015-05-06] (Microsoft Corporation) Task: {C6D23FF0-B484-4FD2-B613-8C8F99E1BEFE} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\OutOfIdle => C:\Windows\system32\GWX\GWX.exe [2015-05-06] (Microsoft Corporation) Task: {C8D1584C-7261-4068-869E-1CA6AC5BF2AB} - System32\Tasks\ALUAgent => C:\Program Files (x86)\Acer\Live Updater\liveupdater_agent.exe [2013-01-22] () Task: {E1DBA4E0-41AE-4548-917D-1C50FF536FBA} - System32\Tasks\HPCustParticipation HP Deskjet 1510 series => C:\Program Files\HP\HP Deskjet 1510 series\Bin\HPCustPartic.exe [2013-02-08] (Hewlett-Packard Co.) Task: {E49735FC-D99C-4CCC-BC59-F970F0B87D07} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\Windows\system32\MRT.exe [2015-06-12] (Microsoft Corporation) Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe ==================== Loaded Modules (Whitelisted) ============== 2014-10-26 16:06 - 2014-03-07 03:41 - 00240720 _____ () C:\ProgramData\MobileBrServ\mbbservice.exe 2015-03-17 14:43 - 2015-03-17 14:43 - 00087552 _____ () C:\Program Files\Intel Corporation\Intel(R) Technology Access\libglog.dll 2015-02-08 12:20 - 2015-02-08 12:20 - 01793248 _____ () C:\Program Files\Intel Corporation\Intel(R) Technology Access\cpprest120_1_4.dll 2015-03-17 15:15 - 2015-03-17 15:15 - 00355040 _____ () C:\Program Files\Intel Corporation\Intel(R) Technology Access\JsonCpp.dll 2014-07-27 17:03 - 2012-04-24 12:43 - 00254512 ____N () C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe 2014-02-26 07:14 - 2014-02-26 07:14 - 00011264 _____ () C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\Modules\ActivateDesktopDebugger\ActivateDesktopDebugger.dll 2014-02-26 07:11 - 2014-02-26 07:11 - 00086016 _____ () C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\Modules\Map\MAP.dll 2014-02-26 07:17 - 2014-02-26 07:17 - 00012928 _____ () C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\ActivateDesktop.exe 2014-04-21 12:37 - 2014-03-07 18:21 - 00080312 _____ () C:\Windows\system32\igfxexps.dll 2015-06-12 07:31 - 2015-06-10 11:45 - 00157304 _____ () C:\Program Files (x86)\Opera\30.0.1835.59\message_center_win8.dll 2014-07-27 17:12 - 2014-01-03 23:13 - 00090368 _____ () C:\Program Files (x86)\Acer\clear.fi plug-in\Clearfishellext.dll 2015-06-12 07:31 - 2015-06-10 11:45 - 01649272 _____ () C:\Program Files (x86)\Opera\30.0.1835.59\libglesv2.dll 2015-06-12 07:31 - 2015-06-10 11:45 - 00081016 _____ () C:\Program Files (x86)\Opera\30.0.1835.59\libegl.dll ==================== Alternate Data Streams (Whitelisted) ========= (If an entry is included in the fixlist, only the ADS will be removed.) AlternateDataStreams: C:\Users\Jasiek\OneDrive:ms-properties ==================== Safe Mode (Whitelisted) =================== (If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.) HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\iaioi2ce.sys => ""="Driver" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS => ""="" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => ""="" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\McMPFSvc => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MCODS => ""="" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => ""="" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefire => ""="Driver" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek => ""="Driver" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek.sys => ""="Driver" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk => ""="Driver" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk.sys => ""="Driver" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfevtp => ""="Driver" ==================== EXE Association (Whitelisted) =============== (If an entry is included in the fixlist, the registry item will be restored to default or removed.) ==================== Internet Explorer trusted/restricted =============== (If an entry is included in the fixlist, it will be removed from the registry.) ==================== Other Areas ============================ (Currently there is no automatic fix for this section.) HKU\S-1-5-21-1808703716-2936164801-3057166833-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Jasiek\Pictures\zdięcia\zdięcia\jasiu\JAŚ 2015\luty 2015\CAM01773.jpg DNS Servers: 192.168.2.1 ==================== MSCONFIG/TASK MANAGER disabled items == (Currently there is no automatic fix for this section.) HKLM\...\StartupApproved\Run32: => "SunJavaUpdateSched" HKU\S-1-5-21-1808703716-2936164801-3057166833-1001\...\StartupApproved\Run: => "ares" HKU\S-1-5-21-1808703716-2936164801-3057166833-1001\...\StartupApproved\Run: => "Pokki" HKU\S-1-5-21-1808703716-2936164801-3057166833-1001\...\StartupApproved\Run: => "Skype" ==================== FirewallRules (Whitelisted) =============== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139 FirewallRules: [{8CD03BF3-19FA-4E45-83D4-225525FE3FFF}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDirector10\PDR10.EXE FirewallRules: [{D687CB3E-F073-4F1D-B293-20F9403783FD}] => (Allow) C:\Program Files (x86)\Spotify\spotify.exe FirewallRules: [{706D16DB-952B-4747-8758-46D9AE253720}] => (Allow) C:\Program Files (x86)\Spotify\spotify.exe FirewallRules: [{43852FF0-99B4-42FE-8250-C41543C4B423}] => (Allow) C:\Program Files (x86)\Spotify\Data\SpotifyWebHelper.exe FirewallRules: [{0705240F-16D3-4253-B21F-ACEA6EA2AEB5}] => (Allow) C:\Program Files (x86)\Spotify\Data\SpotifyWebHelper.exe FirewallRules: [{5CD99DC2-70E0-48AE-9F7A-CAF2573A1562}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\PowerDVD12.exe FirewallRules: [{7FD4DB42-5B65-4383-AD37-1C7DCED9DFA3}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMR\PowerDVD12DMREngine.exe FirewallRules: [{F2D2ED51-8A02-474A-8040-CF8A7BF9D0FF}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSServerPDVD12.exe FirewallRules: [{8214E304-A0A0-45BD-94BE-F3398B2CDAA7}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\PowerDVD12Agent.exe FirewallRules: [{28FF151A-9122-40F3-AABD-D666AC8DE900}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\PowerDVD12ML.exe FirewallRules: [{386507C2-149E-4A9E-AD78-F103C47ECC54}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\Movie\PowerDVD.exe FirewallRules: [{A5554F57-8A14-462C-8694-0612BD37D36E}] => (Allow) C:\Program Files (x86)\Acer\Acer Media\DMCDaemon.exe FirewallRules: [{E1F12FCE-2D0C-42AF-BBD2-DE21A50722BC}] => (Allow) C:\Program Files (x86)\Acer\Acer Media\DMCDaemon.exe FirewallRules: [{10E10808-F240-446F-B688-76505331B1FC}] => (Allow) C:\Program Files (x86)\Acer\Acer Media\WindowsUpnpMV.exe FirewallRules: [{84D2BA41-245D-4846-AE41-6D235B2EB6AD}] => (Allow) C:\Program Files (x86)\Acer\Acer Media\WindowsUpnpMV.exe FirewallRules: [{3A81E1B4-883F-4803-B189-D1A394B5276E}] => (Allow) C:\Program Files (x86)\Acer\Acer Media\DMCDaemon.exe FirewallRules: [{CABDC1D4-70B7-4072-8CEF-511202A74411}] => (Allow) C:\Program Files (x86)\Acer\Acer Media\DMCDaemon.exe FirewallRules: [{F9090A34-222F-4ABE-85A2-40261C31323A}] => (Allow) C:\Program Files (x86)\Acer\Acer Media\WindowsUpnpMV.exe FirewallRules: [{FFD2B6A9-D84A-4C76-82E3-08DDEED72F02}] => (Allow) C:\Program Files (x86)\Acer\Acer Media\WindowsUpnpMV.exe FirewallRules: [{CE6CCE14-A6D5-4C6D-A170-C506A508EBAA}] => (Allow) C:\Program Files (x86)\Acer\Acer Photo\DMCDaemon.exe FirewallRules: [{02F182C5-7D74-4C44-8990-530D9DC41836}] => (Allow) C:\Program Files (x86)\Acer\Acer Photo\DMCDaemon.exe FirewallRules: [{54FE59E6-C2C3-4E58-A0D9-4B5E7C8B2B30}] => (Allow) C:\Program Files (x86)\Acer\Acer Photo\WindowsUpnp.exe FirewallRules: [{A430FFE9-0565-44F5-A808-C182624FBD58}] => (Allow) C:\Program Files (x86)\Acer\Acer Photo\WindowsUpnp.exe FirewallRules: [{5EC7270D-DCF0-467A-BE36-E3D28AD19621}] => (Allow) C:\Program Files (x86)\Acer\Acer Photo\DMCDaemon.exe FirewallRules: [{C0C966C3-D408-41F1-8A09-17FF632592E8}] => (Allow) C:\Program Files (x86)\Acer\Acer Photo\DMCDaemon.exe FirewallRules: [{F50BB87E-E694-4E01-A9B7-55B0DED3544C}] => (Allow) C:\Program Files (x86)\Acer\Acer Photo\WindowsUpnp.exe FirewallRules: [{EEE3E03E-627F-4B17-BF46-8085838B3A94}] => (Allow) C:\Program Files (x86)\Acer\Acer Photo\WindowsUpnp.exe FirewallRules: [{52D5C5D8-FECC-42A7-B5CF-C7E770E7A915}] => (Allow) C:\Program Files (x86)\Acer\Acer Portal\ccd.exe FirewallRules: [{60AE0818-0D78-4559-B77E-A0DF84E86638}] => (Allow) C:\Program Files (x86)\Acer\Acer Portal\ccd.exe FirewallRules: [{93B93899-C1A3-4BEA-9BA5-7AAAAE72E1A6}] => (Allow) C:\Program Files (x86)\Acer\Acer Portal\Sdd.exe FirewallRules: [{96299B8A-79A0-41D7-B353-51D6ECAC49A3}] => (Allow) C:\Program Files (x86)\Acer\Acer Portal\Sdd.exe FirewallRules: [{E0B1EF24-26B3-402D-8FED-C44A079B62D1}] => (Allow) C:\Program Files (x86)\Acer\Acer Portal\virtualdrive.exe FirewallRules: [{452961E7-2AC3-440B-8D53-E39232C1BB59}] => (Allow) C:\Program Files (x86)\Acer\Acer Portal\virtualdrive.exe FirewallRules: [{FBF5ED3D-FE99-4136-94B5-0F9126E8F209}] => (Allow) C:\Program Files (x86)\Acer\Acer Portal\ccd.exe FirewallRules: [{2943CFAD-F635-4037-8168-4C69B6DD0C7F}] => (Allow) C:\Program Files (x86)\Acer\Acer Portal\ccd.exe FirewallRules: [{DDF014E7-371B-4724-A887-A5CD8BBF91C2}] => (Allow) C:\Program Files\HP\HP Deskjet 1510 series\Bin\USBSetup.exe FirewallRules: [{D9B0C784-EBE9-415B-B5FD-D91A3FE296EB}] => (Allow) C:\Program Files\HP\HP Deskjet 1510 series\Bin\HPNetworkCommunicatorCom.exe FirewallRules: [TCP Query User{00F9CD93-51E8-476E-B3BB-BCB1DF59F633}C:\program files (x86)\ares\ares.exe] => (Allow) C:\program files (x86)\ares\ares.exe FirewallRules: [UDP Query User{537D455D-F148-4BF6-8208-69D1B37AE0A6}C:\program files (x86)\ares\ares.exe] => (Allow) C:\program files (x86)\ares\ares.exe FirewallRules: [{9880A000-80AF-4329-970E-2435DEE767EF}] => (Allow) C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe FirewallRules: [{940507B5-A016-47CD-BA7A-7A88D897B970}] => (Allow) C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe FirewallRules: [{3B8B9E3B-B72F-48A8-92A2-ABA78A1769E0}] => (Allow) C:\Program Files (x86)\BearShare Applications\BearShare\BearShare.exe FirewallRules: [{80D8FE47-A076-4351-854F-AE2460B183B9}] => (Allow) C:\Users\Jasiek\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe ==================== Faulty Device Manager Devices ============= ==================== Event log errors: ========================= Application errors: ================== Error: (06/12/2015 07:29:17 AM) (Source: Software Protection Platform Service) (EventID: 16385) (User: ) Description: Nie można zaplanować restartu usługi ochrony oprogramowania o 2115-05-19T05:29:17Z. Kod błędu: 0x80071A90. Error: (06/10/2015 04:57:37 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: JAS) Description: Aktywacja aplikacji microsoft.windowscommunicationsapps_8wekyb3d8bbwe!Microsoft.WindowsLive.Calendar nie powiodła się. Błąd: -2144927141. Więcej informacji można znaleźć w dzienniku Microsoft-Windows-TWinUI/Działa. Error: (06/10/2015 04:57:37 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: JAS) Description: Aktywacja aplikacji microsoft.windowscommunicationsapps_8wekyb3d8bbwe!Microsoft.WindowsLive.Calendar nie powiodła się. Błąd: -2144927141. Więcej informacji można znaleźć w dzienniku Microsoft-Windows-TWinUI/Działa. Error: (06/10/2015 04:57:37 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: JAS) Description: Aktywacja aplikacji microsoft.windowscommunicationsapps_8wekyb3d8bbwe!Microsoft.WindowsLive.Calendar nie powiodła się. Błąd: -2144927141. Więcej informacji można znaleźć w dzienniku Microsoft-Windows-TWinUI/Działa. Error: (06/10/2015 04:57:37 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: JAS) Description: Aktywacja aplikacji microsoft.windowscommunicationsapps_8wekyb3d8bbwe!ppleae38af2e007f4358a809ac99a64a67c1 nie powiodła się. Błąd: -2144927141. Więcej informacji można znaleźć w dzienniku Microsoft-Windows-TWinUI/Działa. Error: (06/09/2015 05:07:38 AM) (Source: Application Hang) (EventID: 1002) (User: ) Description: Program LiveComm.exe w wersji 17.5.9600.20856 przestał współpracować z systemem Windows i został zamknięty. Aby sprawdzić, czy jest dostępnych więcej informacji na temat tego problemu, sprawdź historię problemu w aplecie Centrum akcji w Panelu sterowania. Identyfikator procesu: 192c Godzina rozpoczęcia: 01d0a2605fc79fc2 Godzina zakończenia: 4294967295 Ścieżka aplikacji: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20856_x64__8wekyb3d8bbwe\LiveComm.exe Identyfikator raportu: ace63110-0e54-11e5-8295-18cf5eef4da5 Pełna nazwa pakietu powodującego błąd: microsoft.windowscommunicationsapps_17.5.9600.20856_x64__8wekyb3d8bbwe Identyfikator aplikacji względem pakietu powodującego błąd: ppleae38af2e007f4358a809ac99a64a67c1 Error: (06/07/2015 03:09:04 PM) (Source: Application Hang) (EventID: 1002) (User: ) Description: Program HP.AiORemote.exe w wersji 50.1.223.0 przestał współpracować z systemem Windows i został zamknięty. Aby sprawdzić, czy jest dostępnych więcej informacji na temat tego problemu, sprawdź historię problemu w aplecie Centrum akcji w Panelu sterowania. Identyfikator procesu: 107c Godzina rozpoczęcia: 01d0a123062ca7b9 Godzina zakończenia: 4294967295 Ścieżka aplikacji: C:\Program Files\WindowsApps\AD2F1837.HPPrinterControl_50.1.223.0_x86__v10z8vjag6ke6\HP.AiORemote.exe Identyfikator raportu: 5515b96c-0d16-11e5-8295-18cf5eef4da5 Pełna nazwa pakietu powodującego błąd: AD2F1837.HPPrinterControl_50.1.223.0_x86__v10z8vjag6ke6 Identyfikator aplikacji względem pakietu powodującego błąd: AD2F1837.HPPrinterControl Error: (06/07/2015 03:08:46 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 2486) (User: JAS) Description: Aplikacja AD2F1837.HPPrinterControl_50.1.223.0_x86__v10z8vjag6ke6+AD2F1837.HPPrinterControl nie została uruchomiona w wyznaczonym czasie. Error: (06/04/2015 11:27:30 AM) (Source: Application Error) (EventID: 1000) (User: ) Description: Nazwa aplikacji powodującej błąd: Explorer.EXE, wersja: 6.3.9600.17667, sygnatura czasowa: 0x54c6f7c2 Nazwa modułu powodującego błąd: FolderViewImpl.dll_unloaded, wersja: 1.0.0.0, sygnatura czasowa: 0x530d84c5 Kod wyjątku: 0xc0000005 Przesunięcie błędu: 0x000000000000e693 Identyfikator procesu powodującego błąd: 0xcc0 Godzina uruchomienia aplikacji powodującej błąd: 0xExplorer.EXE0 Ścieżka aplikacji powodującej błąd: Explorer.EXE1 Ścieżka modułu powodującego błąd: Explorer.EXE2 Identyfikator raportu: Explorer.EXE3 Pełna nazwa pakietu powodującego błąd: Explorer.EXE4 Identyfikator aplikacji względem pakietu powodującego błąd: Explorer.EXE5 Error: (06/04/2015 11:22:42 AM) (Source: Software Protection Platform Service) (EventID: 16385) (User: ) Description: Nie można zaplanować restartu usługi ochrony oprogramowania o 2115-05-11T09:22:42Z. Kod błędu: 0x80071A90. System errors: ============= Error: (06/12/2015 04:30:50 AM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Nie można uruchomić usługi McAfee Boot Delay Start Service z powodu następującego błędu: %%1053 Error: (06/12/2015 04:30:50 AM) (Source: Service Control Manager) (EventID: 7009) (User: ) Description: Upłynął limit czasu (30000 ms) podczas oczekiwania na połączenie się z usługą McAfee Boot Delay Start Service. Error: (06/12/2015 04:30:50 AM) (Source: Service Control Manager) (EventID: 7023) (User: ) Description: Usługa Wykrywanie usług interakcyjnych zakończyła działanie; wystąpił następujący błąd: %%1 Error: (06/11/2015 02:29:00 PM) (Source: DCOM) (EventID: 10016) (User: JAS) Description: domyślne ustawienia komputeraLokalnyAktywacja{C2F03A33-21F5-47FA-B4BB-156362A2F239}{316CDED5-E4AE-4B15-9113-7055D84DCC97}JASJasiekS-1-5-21-1808703716-2936164801-3057166833-1001LocalHost (użycie LRPC)Microsoft.MicrosoftSolitaireCollection_2.6.1502.901_x86__8wekyb3d8bbweS-1-15-2-1985198343-3186790915-4047221937-1969271670-3792558349-1325541827-400269725 Error: (06/11/2015 02:29:00 PM) (Source: DCOM) (EventID: 10016) (User: JAS) Description: domyślne ustawienia komputeraLokalnyAktywacja{C2F03A33-21F5-47FA-B4BB-156362A2F239}{316CDED5-E4AE-4B15-9113-7055D84DCC97}JASJasiekS-1-5-21-1808703716-2936164801-3057166833-1001LocalHost (użycie LRPC)Microsoft.MicrosoftSolitaireCollection_2.6.1502.901_x86__8wekyb3d8bbweS-1-15-2-1985198343-3186790915-4047221937-1969271670-3792558349-1325541827-400269725 Error: (06/10/2015 09:46:18 PM) (Source: Microsoft-Windows-Kernel-General) (EventID: 5) (User: ZARZĄDZANIE NT) Description: 0x8000002a42\SystemRoot\System32\Config\RegBack\SYSTEM Error: (06/10/2015 09:34:05 PM) (Source: DCOM) (EventID: 10016) (User: JAS) Description: domyślne ustawienia komputeraLokalnyAktywacja{C2F03A33-21F5-47FA-B4BB-156362A2F239}{316CDED5-E4AE-4B15-9113-7055D84DCC97}JASJasiekS-1-5-21-1808703716-2936164801-3057166833-1001LocalHost (użycie LRPC)Microsoft.MicrosoftSolitaireCollection_2.6.1502.901_x86__8wekyb3d8bbweS-1-15-2-1985198343-3186790915-4047221937-1969271670-3792558349-1325541827-400269725 Error: (06/10/2015 09:34:05 PM) (Source: DCOM) (EventID: 10016) (User: JAS) Description: domyślne ustawienia komputeraLokalnyAktywacja{C2F03A33-21F5-47FA-B4BB-156362A2F239}{316CDED5-E4AE-4B15-9113-7055D84DCC97}JASJasiekS-1-5-21-1808703716-2936164801-3057166833-1001LocalHost (użycie LRPC)Microsoft.MicrosoftSolitaireCollection_2.6.1502.901_x86__8wekyb3d8bbweS-1-15-2-1985198343-3186790915-4047221937-1969271670-3792558349-1325541827-400269725 Error: (06/10/2015 09:33:34 PM) (Source: DCOM) (EventID: 10016) (User: JAS) Description: domyślne ustawienia komputeraLokalnyAktywacja{C2F03A33-21F5-47FA-B4BB-156362A2F239}{316CDED5-E4AE-4B15-9113-7055D84DCC97}JASJasiekS-1-5-21-1808703716-2936164801-3057166833-1001LocalHost (użycie LRPC)Microsoft.MicrosoftSolitaireCollection_2.6.1502.901_x86__8wekyb3d8bbweS-1-15-2-1985198343-3186790915-4047221937-1969271670-3792558349-1325541827-400269725 Error: (06/10/2015 09:33:34 PM) (Source: DCOM) (EventID: 10016) (User: JAS) Description: domyślne ustawienia komputeraLokalnyAktywacja{C2F03A33-21F5-47FA-B4BB-156362A2F239}{316CDED5-E4AE-4B15-9113-7055D84DCC97}JASJasiekS-1-5-21-1808703716-2936164801-3057166833-1001LocalHost (użycie LRPC)Microsoft.MicrosoftSolitaireCollection_2.6.1502.901_x86__8wekyb3d8bbweS-1-15-2-1985198343-3186790915-4047221937-1969271670-3792558349-1325541827-400269725 Microsoft Office: ========================= Error: (06/12/2015 07:29:17 AM) (Source: Software Protection Platform Service) (EventID: 16385) (User: ) Description: 0x80071A902115-05-19T05:29:17Z Error: (06/10/2015 04:57:37 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: JAS) Description: microsoft.windowscommunicationsapps_8wekyb3d8bbwe!Microsoft.WindowsLive.Calendar-2144927141 Error: (06/10/2015 04:57:37 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: JAS) Description: microsoft.windowscommunicationsapps_8wekyb3d8bbwe!Microsoft.WindowsLive.Calendar-2144927141 Error: (06/10/2015 04:57:37 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: JAS) Description: microsoft.windowscommunicationsapps_8wekyb3d8bbwe!Microsoft.WindowsLive.Calendar-2144927141 Error: (06/10/2015 04:57:37 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: JAS) Description: microsoft.windowscommunicationsapps_8wekyb3d8bbwe!ppleae38af2e007f4358a809ac99a64a67c1-2144927141 Error: (06/09/2015 05:07:38 AM) (Source: Application Hang) (EventID: 1002) (User: ) Description: LiveComm.exe17.5.9600.20856192c01d0a2605fc79fc24294967295C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20856_x64__8wekyb3d8bbwe\LiveComm.exeace63110-0e54-11e5-8295-18cf5eef4da5microsoft.windowscommunicationsapps_17.5.9600.20856_x64__8wekyb3d8bbweppleae38af2e007f4358a809ac99a64a67c1 Error: (06/07/2015 03:09:04 PM) (Source: Application Hang) (EventID: 1002) (User: ) Description: HP.AiORemote.exe50.1.223.0107c01d0a123062ca7b94294967295C:\Program Files\WindowsApps\AD2F1837.HPPrinterControl_50.1.223.0_x86__v10z8vjag6ke6\HP.AiORemote.exe5515b96c-0d16-11e5-8295-18cf5eef4da5AD2F1837.HPPrinterControl_50.1.223.0_x86__v10z8vjag6ke6AD2F1837.HPPrinterControl Error: (06/07/2015 03:08:46 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 2486) (User: JAS) Description: AD2F1837.HPPrinterControl_50.1.223.0_x86__v10z8vjag6ke6+AD2F1837.HPPrinterControl Error: (06/04/2015 11:27:30 AM) (Source: Application Error) (EventID: 1000) (User: ) Description: Explorer.EXE6.3.9600.1766754c6f7c2FolderViewImpl.dll_unloaded1.0.0.0530d84c5c0000005000000000000e693cc001d09e9625593d3eC:\Windows\Explorer.EXEFolderViewImpl.dlleb6d9c80-0a9b-11e5-8295-18cf5eef4da5 Error: (06/04/2015 11:22:42 AM) (Source: Software Protection Platform Service) (EventID: 16385) (User: ) Description: 0x80071A902115-05-11T09:22:42Z CodeIntegrity Errors: =================================== Date: 2015-04-17 14:32:56.992 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Elex-tech\YAC\iSafeSrvMon64.dll that did not meet the Windows signing level requirements. Date: 2015-04-17 14:32:56.485 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Elex-tech\YAC\iSafeSrvMon64.dll that did not meet the Windows signing level requirements. Date: 2015-04-17 14:32:56.471 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Elex-tech\YAC\iSafeSrvMon64.dll that did not meet the Windows signing level requirements. Date: 2015-04-17 14:32:56.451 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Elex-tech\YAC\iSafeSrvMon64.dll that did not meet the Windows signing level requirements. Date: 2015-04-17 11:16:12.152 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Elex-tech\YAC\iSafeSrvMon64.dll that did not meet the Windows signing level requirements. Date: 2015-04-17 11:15:37.351 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Elex-tech\YAC\iSafeSrvMon64.dll that did not meet the Windows signing level requirements. Date: 2015-04-17 05:08:08.005 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Elex-tech\YAC\iSafeSrvMon64.dll that did not meet the Windows signing level requirements. Date: 2015-04-16 19:50:48.676 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Elex-tech\YAC\iSafeSrvMon64.dll that did not meet the Windows signing level requirements. Date: 2015-04-16 16:45:31.768 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Elex-tech\YAC\iSafeSrvMon64.dll that did not meet the Windows signing level requirements. Date: 2015-04-16 16:45:31.043 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Elex-tech\YAC\iSafeSrvMon64.dll that did not meet the Windows signing level requirements. ==================== Memory info =========================== Processor: Intel(R) Pentium(R) CPU N3530 @ 2.16GHz Percentage of memory in use: 46% Total physical RAM: 3979.2 MB Available physical RAM: 2113.55 MB Total Pagefile: 4683.2 MB Available Pagefile: 2250.5 MB Total Virtual: 131072 MB Available Virtual: 131071.85 MB ==================== Drives ================================ Drive c: (Acer) (Fixed) (Total:448.71 GB) (Free:337.55 GB) NTFS ==================== MBR & Partition Table ================== ======================================================== Disk: 0 (Size: 465.8 GB) (Disk ID: 48EA3384) Partition: GPT Partition Type. ==================== End of log ============================