Additional scan result of Farbar Recovery Scan Tool (x64) Version:17-08-2015 Ran by Ilona (2015-08-19 11:56:14) Running from C:\Users\Ilona\Downloads Boot Mode: Normal ========================================================== ==================== Accounts: ============================= Administrator (S-1-5-21-2456979592-2387919666-1884685256-500 - Administrator - Disabled) Gość (S-1-5-21-2456979592-2387919666-1884685256-501 - Limited - Disabled) HomeGroupUser$ (S-1-5-21-2456979592-2387919666-1884685256-1004 - Limited - Enabled) Ilona (S-1-5-21-2456979592-2387919666-1884685256-1002 - Administrator - Enabled) => C:\Users\Ilona UpdatusUser (S-1-5-21-2456979592-2387919666-1884685256-1001 - Limited - Enabled) => C:\Users\UpdatusUser ==================== Security Center ======================== (If an entry is included in the fixlist, it will be removed.) AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} ==================== Installed Programs ====================== (Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.) Adobe Flash Player 18 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 18.0.0.232 - Adobe Systems Incorporated) Aktualizacje NVIDIA 7.2.17 (Version: 7.2.17 - NVIDIA Corporation) Hidden ALPS Touch Pad Driver (HKLM\...\{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}) (Version: 8.100.1611.212 - Alps Electric) Apple Mobile Device Support (HKLM\...\{C4123106-B685-48E6-B9BD-E4F911841EB4}) (Version: 8.1.1.3 - Apple Inc.) Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.) Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.) CyberLink PhotoDirector 3 (HKLM-x32\...\InstallShield_{39337565-330E-4ab6-A9AE-AC81E0720B10}) (Version: 3.0.1.4107 - CyberLink Corp.) CyberLink PowerDirector 10 (HKLM-x32\...\InstallShield_{B0B4F6D2-F2AE-451A-9496-6F2F6A897B32}) (Version: 10.0.0.2810 - CyberLink Corp.) CyberLink PowerDirector 10 (Version: 10.0.0.2810 - Nazwa firmy) Hidden Dolby Digital Plus Home Theater (HKLM\...\{7E3D8FA1-6092-469A-955B-68FC4A2C67CA}) (Version: 7.5.1.1 - Dolby Laboratories Inc) Energy Manager (HKLM-x32\...\InstallShield_{AC768037-7079-4658-AC24-2897650E0ABE}) (Version: 1.0.0.31 - Lenovo) Energy Manager (x32 Version: 1.0.0.31 - Lenovo) Hidden Intel(R) Manageability Engine Firmware Recovery Agent (HKLM-x32\...\{0EC7F9CC-4741-45AE-9F55-6E9343F726F5}) (Version: 1.1.0.36960 - Intel Corporation) Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.5.13.1706 - Intel Corporation) Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3308 - Intel Corporation) Intel(R) PROSet/Wireless Software for Bluetooth(R) Technology(patch version 3.0.1337.1) (HKLM\...\{302600C1-6BDF-4FD1-1307-148929CC1385}) (Version: 3.1.1307.0362 - Intel Corporation) Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 12.8.0.1016 - Intel Corporation) iTunes (HKLM\...\{93F2A022-6C37-48B8-B241-FFABD9F60C30}) (Version: 12.1.2.27 - Apple Inc.) KMPlayer (remove only) (HKLM-x32\...\The KMPlayer) (Version: 3.9.1.133 - PandoraTV) Lenovo EasyCamera (HKLM-x32\...\{E0A7ED39-8CD6-4351-93C3-69CCA00D12B4}) (Version: 6.2.9200.10240 - Realtek Semiconductor Corp.) Lenovo OneKey Recovery (HKLM-x32\...\InstallShield_{46F4D124-20E5-4D12-BE52-EC177A7A4B42}) (Version: 8.0.0.2105 - CyberLink Corp.) Lenovo OneKey Recovery (Version: 8.0.0.2105 - CyberLink Corp.) Hidden Lenovo PowerDVD10 (HKLM-x32\...\InstallShield_{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}) (Version: 10.0.5630.52 - CyberLink Corp.) Lenovo PowerDVD10 (x32 Version: 10.0.5630.52 - CyberLink Corp.) Hidden Lenovo VeriFace (HKLM\...\Lenovo VeriFace) (Version: 5.0.13.5261 - Lenovo) Malwarebytes Anti-Malware wersja 2.1.8.1057 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.1.8.1057 - Malwarebytes Corporation) Maxthon Cloud Browser (HKLM-x32\...\Maxthon3) (Version: 4.1.2.4000 - Maxthon International Limited) Microsoft Office Professional Plus 2010 (HKLM\...\Office14.PROPLUS) (Version: 14.0.7015.1000 - Microsoft Corporation) Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.40728.0 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation) Mozilla Firefox 40.0.2 (x86 pl) (HKLM-x32\...\Mozilla Firefox 40.0.2 (x86 pl)) (Version: 40.0.2 - Mozilla) Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 40.0.2 - Mozilla) NVIDIA GeForce Experience 1.6 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 1.6 - NVIDIA Corporation) NVIDIA Oprogramowanie systemu PhysX 9.13.0725 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.13.0725 - NVIDIA Corporation) NVIDIA Sterownik graficzny 326.80 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 326.80 - NVIDIA Corporation) Obsługa programów Apple (32-bitowa) (HKLM-x32\...\{AFA1153A-F547-409B-B837-3A0D6C5A3FEC}) (Version: 3.1.3 - Apple Inc.) Obsługa programów Apple (64-bitowa) (HKLM\...\{D7B824DE-DA32-4772-9E5E-39C5158136A7}) (Version: 3.1.3 - Apple Inc.) Onekey Theater (HKLM-x32\...\{91CC5BAE-A098-40D3-A43B-C0DC7CE263FE}) (Version: 3.0.1.2 - Lenovo) Oprogramowanie Intel® PROSet/Wireless (HKLM-x32\...\{e1172fd4-a6d9-4cfa-8256-268f728fec31}) (Version: 16.5.3 - Intel Corporation) Pakiet sterowników systemu Windows - Lenovo (ACPIVPC) System (02/17/2013 9.52.0.776) (HKLM\...\35DD26BE48DAF4A9F35F969F3CB1E3E1435E661E) (Version: 02/17/2013 9.52.0.776 - Lenovo) Pakiet sterowników systemu Windows - Lenovo (WUDFRd) LenovoVhid (07/25/2013 10.30.0.288) (HKLM\...\6BCA401E9CBEED970D75F55FA5320F60D11984E9) (Version: 07/25/2013 10.30.0.288 - Lenovo) Panel sterowania NVIDIA 326.80 (Version: 326.80 - NVIDIA Corporation) Hidden Podatnik.info PIT pro 2014 wersja 2.1.6.16269 (HKLM-x32\...\{B239B43B-3E99-40B0-80BF-1B1BCA868D4E}_is1) (Version: 2.1.6.16269 - Podatnik.info Sp. z o.o.) Podręcznik użytkownika (x32 Version: 1.0.0.15 - Lenovo) Hidden Polski pakiet językowy dla narzędzi Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - PLK) (Version: 10.0.50903 - Microsoft Corporation) Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 6.2.9200.30164 - Realtek Semiconductor Corp.) Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.18.621.2013 - Realtek) Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7069 - Realtek Semiconductor Corp.) Service Pack 2 for Microsoft Office 2010 (KB2687455) 64-Bit Edition (HKLM\...\{90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{A3364707-2F53-4C83-8F68-C9877A9080C7}) (Version: - Microsoft) Service Pack 2 for Microsoft Office 2010 (KB2687455) 64-Bit Edition (Version: - Microsoft) Hidden UserGuide (HKLM-x32\...\InstallShield_{F07C2CF8-4C53-4EC3-8162-A6221E36EB88}) (Version: 1.0.0.15 - Lenovo) VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.1 - VideoLAN) ==================== Custom CLSID (Whitelisted): ========================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) ==================== Restore Points ========================= 28-07-2015 23:27:19 Windows Update 06-08-2015 22:21:42 Zaplanowany punkt kontrolny 11-08-2015 09:15:13 Installed Windows Movie Maker 2.6 18-08-2015 00:17:24 Windows Update ==================== Hosts content: =============================== (If needed Hosts: directive could be included in the fixlist to reset Hosts.) 2013-08-22 15:25 - 2013-08-22 15:25 - 00000824 ____N C:\WINDOWS\system32\Drivers\etc\hosts ==================== Scheduled Tasks (Whitelisted) ============= (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) Task: {1172F140-3D2B-4C11-AF23-DB856EBC2B5E} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-08-12] (Adobe Systems Incorporated) Task: {22F7AC39-31B2-47D9-B339-50AB1C3253B1} - System32\Tasks\Maxthon Update => C:\Program Files (x86)\Maxthon\Bin\mxup.exe [2013-08-01] (Maxthon International ltd.) Task: {4394CB9D-718C-4520-9F77-5388C37785F0} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.) Task: {4649F428-0A50-4FAB-BDD7-38CD44D72954} - System32\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d-Logon => C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\Bootstrap.exe [2013-03-07] (Intel Corporation) Task: {571D9061-DEC6-4BC1-97F1-DCC2FC1C7B68} - \snf -> No File <==== ATTENTION Task: {68750A6C-AB56-4CB8-95F0-CFF93B124E86} - System32\Tasks\PDVDServ Task => C:\Program Files (x86)\Lenovo\PowerDVD10\PDVD10Serv.EXE [2013-03-08] (CyberLink Corp.) Task: {852AF476-E5AA-4FDB-9185-87F46F862876} - \snp -> No File <==== ATTENTION Task: {8B39BB8B-B7FD-4B61-BE43-E66391997DBF} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2015-08-13] (Microsoft Corporation) Task: {A2D331AA-4CBB-4147-B85B-8F3996506E84} - System32\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d => C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\Bootstrap.exe [2013-03-07] (Intel Corporation) Task: {AE83189A-0537-49E3-B224-1D17476A08EF} - System32\Tasks\Microsoft\Windows\Application Experience\ProgramDataUpdater => Rundll32.exe invagent.dll,RunUpdate -noappraiser Task: {BCE6A675-A41A-4029-A77C-BB2CE726371F} - \APSnotifierPP1 -> No File <==== ATTENTION Task: {C4EE912F-3A69-47B3-9B46-74C2CA732C38} - System32\Tasks\{1D20848B-9FF4-4D69-ABF2-BF8599D68F2F} => pcalua.exe -a C:\Users\Ilona\AppData\Roaming\mystartsearch\UninstallManager.exe -c -ptid=cmi (If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.) Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe ==================== Loaded Modules (Whitelisted) ============== 2015-03-20 18:12 - 2015-03-20 18:12 - 00085832 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll 2015-03-20 18:12 - 2015-03-20 18:12 - 01346344 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll 2014-03-12 03:28 - 2012-04-24 12:43 - 00390632 _____ () C:\Program Files\CyberLink\Shared files\RichVideo64.exe 2015-08-18 13:34 - 2015-08-18 13:34 - 00034816 _____ () C:\ProgramData\Tristip\Tristip.exe 2014-03-12 03:31 - 2014-03-12 03:31 - 00068368 _____ () C:\Program Files (x86)\Lenovo\Lenovo VeriFace\VfConnectorService.exe 2014-03-12 03:31 - 2014-03-12 03:31 - 00669288 _____ () C:\Program Files (x86)\Lenovo\Lenovo VeriFace\VfDataStorageInterface.dll 2013-09-05 00:17 - 2013-09-05 00:17 - 04300456 _____ () C:\Program Files\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF 2015-08-19 09:57 - 2015-08-19 09:57 - 00143872 _____ () C:\ProgramData\Tristip\yjamyu3e.exe 2013-05-09 18:58 - 2013-05-09 18:58 - 00119808 _____ () C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\updateui.exe 2015-07-03 12:44 - 2015-07-03 12:44 - 00183296 _____ () C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20911_x64__8wekyb3d8bbwe\ErrorReporting.dll 2013-09-05 00:14 - 2013-09-05 00:14 - 04300456 _____ () C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Cultures\OFFICE.ODF 2015-08-19 09:57 - 2015-08-19 09:57 - 00087552 _____ () C:\ProgramData\Tristip\hbzuoa1d.dll 2014-03-12 03:01 - 2013-08-19 20:12 - 01242584 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll 2010-12-17 13:56 - 2010-12-17 13:56 - 02603520 _____ () C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\QtCore4.dll 2013-03-07 13:53 - 2013-03-07 13:53 - 00015872 _____ () C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\featureController.dll 2010-12-17 13:56 - 2010-12-17 13:56 - 01006592 _____ () C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\QtNetwork4.dll 2010-12-17 13:56 - 2010-12-17 13:56 - 00382464 _____ () C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\QtXml4.dll 2010-01-12 17:55 - 2010-01-12 17:55 - 00400384 _____ () C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\sqlite3.dll 2010-01-12 17:55 - 2010-01-12 17:55 - 00322048 _____ () C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\log4cplus.dll 2010-12-16 13:16 - 2010-12-16 13:16 - 00195584 _____ () C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\libgsoap.dll 2010-01-18 00:34 - 2010-01-18 00:34 - 00062464 _____ () C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\zlib1.dll 2013-03-07 13:55 - 2013-03-07 13:55 - 00472576 _____ () C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\DeviceProfile.dll 2013-03-07 13:58 - 2013-03-07 13:58 - 00499488 _____ () C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\plugin\PServerPlugin.dll 2013-03-07 13:54 - 2013-03-07 13:54 - 00013824 _____ () C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\eventsSender.dll 2010-12-17 13:56 - 2010-12-17 13:56 - 14978048 _____ () C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\QtWebKit4.dll 2010-12-17 13:56 - 2010-12-17 13:56 - 09224704 _____ () C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\QtGui4.dll 2010-12-17 13:56 - 2010-12-17 13:56 - 00317952 _____ () C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\phonon4.dll 2013-03-07 13:54 - 2013-03-07 13:54 - 00071680 _____ () C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\ServiceManagerStarter.dll ==================== Alternate Data Streams (Whitelisted) ========= (If an entry is included in the fixlist, only the ADS will be removed.) AlternateDataStreams: C:\Users\Ilona\OneDrive:ms-properties AlternateDataStreams: C:\Users\Ilona\SkyDrive:ms-properties ==================== Safe Mode (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.) HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => ""="" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys => ""="Driver" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => ""="" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Wdf01000.sys => ""="Driver" ==================== EXE Association (Whitelisted) =============== (If an entry is included in the fixlist, the registry item will be restored to default or removed.) ==================== Internet Explorer trusted/restricted =============== (If an entry is included in the fixlist, it will be removed from the registry.) ==================== Other Areas ============================ (Currently there is no automatic fix for this section.) HKU\S-1-5-21-2456979592-2387919666-1884685256-1002\Control Panel\Desktop\\Wallpaper -> C:\Users\Ilona\AppData\Roaming\Microsoft\Windows Photo Viewer\Tapeta z Przeglądarki fotografii systemu Windows.jpg DNS Servers: 192.168.1.1 - 8.8.8.8 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1) Windows Firewall is enabled. ==================== MSCONFIG/TASK MANAGER disabled items == (Currently there is no automatic fix for this section.) HKLM\...\StartupApproved\Run: => "BTMTrayAgent" HKLM\...\StartupApproved\Run: => "IAStorIcon" HKU\S-1-5-21-2456979592-2387919666-1884685256-1002\...\StartupApproved\Run: => "Skype" ==================== FirewallRules (Whitelisted) =============== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139 FirewallRules: [{6519578A-D7B6-4B61-B7CF-F3685D85FAA5}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe FirewallRules: [{C0811FE6-D8BD-4726-AC47-1A204342D331}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe FirewallRules: [{5BD8B060-D83B-4626-80BE-8398075C6B5B}] => (Allow) C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe FirewallRules: [{492F8E1C-10DA-4EE8-B4A0-06A6B0650507}] => (Allow) C:\Program Files (x86)\Maxthon\Bin\MxUp.exe FirewallRules: [{4F43EB96-99D5-4741-8371-5ED9FC1951D7}] => (Allow) C:\Program Files (x86)\Maxthon\Bin\Maxthon.exe FirewallRules: [{81803671-1831-448B-AC21-655E99DA0082}] => (Allow) C:\Program Files (x86)\Maxthon\Bin\MxUp.exe FirewallRules: [{D834C19C-6266-43AF-88A8-89D5416A3148}] => (Allow) C:\Program Files (x86)\Maxthon\Bin\Maxthon.exe FirewallRules: [{D8BDDD60-24C1-47C4-ABAD-6146C4D457C4}] => (Allow) C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe FirewallRules: [{F1D0B67E-51C4-4F4A-A234-8E1F3D2A34E2}] => (Allow) C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe FirewallRules: [{613D215F-3A36-431A-9D02-360EF25BA2A0}] => (Allow) C:\Program Files\CyberLink\PowerDirector10\PDR10.EXE FirewallRules: [{6A49F884-CC1F-497D-9C68-7005CC5385DE}] => (Allow) C:\Program Files (x86)\Lenovo\PowerDVD10\PowerDVD Cinema\PowerDVDCinema10.exe FirewallRules: [{DE2D8BB1-FAD4-4C61-AAD7-4460F2E5C93C}] => (Allow) C:\Program Files (x86)\Lenovo\PowerDVD10\PowerDVD10.EXE FirewallRules: [{82F2CBA9-CC27-4B4D-9DBB-41EFA05A87E4}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe FirewallRules: [{95D75BBF-3B93-4717-98D0-EAFF47E381F0}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe FirewallRules: [{A1AF5E08-B20D-4E38-A4C3-7C9883C5414A}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe FirewallRules: [{9ABCC69B-D316-4907-AA4F-512F612291F2}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe FirewallRules: [{37EBD623-08CF-4248-AEE7-2EDEEA84CE2A}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe FirewallRules: [{D5339D2C-7FA3-46DA-9F04-57C12B6DB1E0}] => (Allow) C:\Program Files\iTunes\iTunes.exe ==================== Faulty Device Manager Devices ============= ==================== Event log errors: ========================= Application errors: ================== Error: (08/19/2015 11:56:24 AM) (Source: Application Hang) (EventID: 1002) (User: ) Description: Program LiveComm.exe w wersji 17.5.9600.20911 przestał współpracować z systemem Windows i został zamknięty. Aby sprawdzić, czy jest dostępnych więcej informacji na temat tego problemu, sprawdź historię problemu w aplecie Centrum akcji w Panelu sterowania. Identyfikator procesu: 1934 Godzina rozpoczęcia: 01d0da6498b5730b Godzina zakończenia: 4294967295 Ścieżka aplikacji: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20911_x64__8wekyb3d8bbwe\LiveComm.exe Identyfikator raportu: 8c2f3de7-4658-11e5-82bd-fcf8aecaac69 Pełna nazwa pakietu powodującego błąd: microsoft.windowscommunicationsapps_17.5.9600.20911_x64__8wekyb3d8bbwe Identyfikator aplikacji względem pakietu powodującego błąd: ppleae38af2e007f4358a809ac99a64a67c1 Error: (08/19/2015 11:41:48 AM) (Source: Application Hang) (EventID: 1002) (User: ) Description: Program LiveComm.exe w wersji 17.5.9600.20911 przestał współpracować z systemem Windows i został zamknięty. Aby sprawdzić, czy jest dostępnych więcej informacji na temat tego problemu, sprawdź historię problemu w aplecie Centrum akcji w Panelu sterowania. Identyfikator procesu: c48 Godzina rozpoczęcia: 01d0da628e076cb3 Godzina zakończenia: 4294967295 Ścieżka aplikacji: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20911_x64__8wekyb3d8bbwe\LiveComm.exe Identyfikator raportu: 8219af49-4656-11e5-82bd-fcf8aecaac69 Pełna nazwa pakietu powodującego błąd: microsoft.windowscommunicationsapps_17.5.9600.20911_x64__8wekyb3d8bbwe Identyfikator aplikacji względem pakietu powodującego błąd: ppleae38af2e007f4358a809ac99a64a67c1 Error: (08/19/2015 11:14:50 AM) (Source: Application Hang) (EventID: 1002) (User: ) Description: Program LiveComm.exe w wersji 17.5.9600.20911 przestał współpracować z systemem Windows i został zamknięty. Aby sprawdzić, czy jest dostępnych więcej informacji na temat tego problemu, sprawdź historię problemu w aplecie Centrum akcji w Panelu sterowania. Identyfikator procesu: f98 Godzina rozpoczęcia: 01d0da5e7016c606 Godzina zakończenia: 4294967295 Ścieżka aplikacji: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20911_x64__8wekyb3d8bbwe\LiveComm.exe Identyfikator raportu: bd580b98-4652-11e5-82bc-28d24464f76e Pełna nazwa pakietu powodującego błąd: microsoft.windowscommunicationsapps_17.5.9600.20911_x64__8wekyb3d8bbwe Identyfikator aplikacji względem pakietu powodującego błąd: ppleae38af2e007f4358a809ac99a64a67c1 Error: (08/19/2015 10:58:49 AM) (Source: Application Hang) (EventID: 1002) (User: ) Description: Program LiveComm.exe w wersji 17.5.9600.20911 przestał współpracować z systemem Windows i został zamknięty. Aby sprawdzić, czy jest dostępnych więcej informacji na temat tego problemu, sprawdź historię problemu w aplecie Centrum akcji w Panelu sterowania. Identyfikator procesu: 12e4 Godzina rozpoczęcia: 01d0da5c8ca1c714 Godzina zakończenia: 4294967295 Ścieżka aplikacji: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20911_x64__8wekyb3d8bbwe\LiveComm.exe Identyfikator raportu: 80d6ad74-4650-11e5-82bc-28d24464f76e Pełna nazwa pakietu powodującego błąd: microsoft.windowscommunicationsapps_17.5.9600.20911_x64__8wekyb3d8bbwe Identyfikator aplikacji względem pakietu powodującego błąd: ppleae38af2e007f4358a809ac99a64a67c1 Error: (08/19/2015 10:38:12 AM) (Source: Application Hang) (EventID: 1002) (User: ) Description: Program LiveComm.exe w wersji 17.5.9600.20911 przestał współpracować z systemem Windows i został zamknięty. Aby sprawdzić, czy jest dostępnych więcej informacji na temat tego problemu, sprawdź historię problemu w aplecie Centrum akcji w Panelu sterowania. Identyfikator procesu: 4e0 Godzina rozpoczęcia: 01d0da59ac2bb69f Godzina zakończenia: 4294967295 Ścieżka aplikacji: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20911_x64__8wekyb3d8bbwe\LiveComm.exe Identyfikator raportu: 9fa6aee2-464d-11e5-82bb-28d24464f76e Pełna nazwa pakietu powodującego błąd: microsoft.windowscommunicationsapps_17.5.9600.20911_x64__8wekyb3d8bbwe Identyfikator aplikacji względem pakietu powodującego błąd: ppleae38af2e007f4358a809ac99a64a67c1 Error: (08/19/2015 10:29:21 AM) (Source: Application Hang) (EventID: 1002) (User: ) Description: Program LiveComm.exe w wersji 17.5.9600.20911 przestał współpracować z systemem Windows i został zamknięty. Aby sprawdzić, czy jest dostępnych więcej informacji na temat tego problemu, sprawdź historię problemu w aplecie Centrum akcji w Panelu sterowania. Identyfikator procesu: 1070 Godzina rozpoczęcia: 01d0da586ecee113 Godzina zakończenia: 4294967295 Ścieżka aplikacji: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20911_x64__8wekyb3d8bbwe\LiveComm.exe Identyfikator raportu: 627a290e-464c-11e5-82bb-28d24464f76e Pełna nazwa pakietu powodującego błąd: microsoft.windowscommunicationsapps_17.5.9600.20911_x64__8wekyb3d8bbwe Identyfikator aplikacji względem pakietu powodującego błąd: ppleae38af2e007f4358a809ac99a64a67c1 Error: (08/19/2015 10:10:27 AM) (Source: Application Hang) (EventID: 1002) (User: ) Description: Program LiveComm.exe w wersji 17.5.9600.20911 przestał współpracować z systemem Windows i został zamknięty. Aby sprawdzić, czy jest dostępnych więcej informacji na temat tego problemu, sprawdź historię problemu w aplecie Centrum akcji w Panelu sterowania. Identyfikator procesu: ce0 Godzina rozpoczęcia: 01d0da55cad496ec Godzina zakończenia: 4294967295 Ścieżka aplikacji: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20911_x64__8wekyb3d8bbwe\LiveComm.exe Identyfikator raportu: be639571-4649-11e5-82ba-fcf8aecaac65 Pełna nazwa pakietu powodującego błąd: microsoft.windowscommunicationsapps_17.5.9600.20911_x64__8wekyb3d8bbwe Identyfikator aplikacji względem pakietu powodującego błąd: ppleae38af2e007f4358a809ac99a64a67c1 Error: (08/19/2015 09:58:12 AM) (Source: Perflib) (EventID: 1023) (User: ) Description: rdyboost4 Error: (08/19/2015 09:58:11 AM) (Source: Perflib) (EventID: 1017) (User: ) Description: Outlook Error: (08/19/2015 09:58:11 AM) (Source: Perflib) (EventID: 1022) (User: ) Description: Outlook4 System errors: ============= Error: (08/19/2015 11:36:23 AM) (Source: BugCheck) (EventID: 1001) (User: ) Description: 0x0000009f (0x0000000000000004, 0x000000000000012c, 0xffffe000ac61c040, 0xffffd001af86b980)C:\WINDOWS\MEMORY.DMP081915-10921-01 Error: (08/19/2015 11:30:22 AM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: ZARZĄDZANIE NT) Description: Nastąpiło nieoczekiwane zatrzymanie modułu rozszerzalności sieci WLAN. Ścieżka modułu: C:\WINDOWS\System32\IWMSSvc.dll Error: (08/19/2015 11:30:11 AM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: Usługa Intel(R) PROSet/Wireless Registry Service niespodziewanie zakończyła pracę. Wystąpiło to razy: 1. Error: (08/19/2015 11:30:11 AM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: Usługa Intel(R) Rapid Storage Technology niespodziewanie zakończyła pracę. Wystąpiło to razy: 1. Error: (08/19/2015 11:30:11 AM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: Usługa Instalator modułów systemu Windows niespodziewanie zakończyła pracę. Wystąpiło to razy: 1. W przeciągu 120000 milisekund zostanie podjęta następująca czynność korekcyjna: Uruchom usługę ponownie. Error: (08/19/2015 11:30:11 AM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: Usługa Intel(R) ME Service niespodziewanie zakończyła pracę. Wystąpiło to razy: 1. Error: (08/19/2015 11:30:11 AM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: Usługa Usługa udostępniania w sieci programu Windows Media Player niespodziewanie zakończyła pracę. Wystąpiło to razy: 1. W przeciągu 30000 milisekund zostanie podjęta następująca czynność korekcyjna: Uruchom usługę ponownie. Error: (08/19/2015 11:30:11 AM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: Usługa Intel(R) Dynamic Application Loader Host Interface Service niespodziewanie zakończyła pracę. Wystąpiło to razy: 1. Error: (08/19/2015 11:30:11 AM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: Usługa Bluetooth OBEX Service niespodziewanie zakończyła pracę. Wystąpiło to razy: 1. Error: (08/19/2015 11:30:11 AM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: Usługa Usługa iPod niespodziewanie zakończyła pracę. Wystąpiło to razy: 1. Microsoft Office: ========================= Error: (08/19/2015 11:56:24 AM) (Source: Application Hang) (EventID: 1002) (User: ) Description: LiveComm.exe17.5.9600.20911193401d0da6498b5730b4294967295C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20911_x64__8wekyb3d8bbwe\LiveComm.exe8c2f3de7-4658-11e5-82bd-fcf8aecaac69microsoft.windowscommunicationsapps_17.5.9600.20911_x64__8wekyb3d8bbweppleae38af2e007f4358a809ac99a64a67c1 Error: (08/19/2015 11:41:48 AM) (Source: Application Hang) (EventID: 1002) (User: ) Description: LiveComm.exe17.5.9600.20911c4801d0da628e076cb34294967295C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20911_x64__8wekyb3d8bbwe\LiveComm.exe8219af49-4656-11e5-82bd-fcf8aecaac69microsoft.windowscommunicationsapps_17.5.9600.20911_x64__8wekyb3d8bbweppleae38af2e007f4358a809ac99a64a67c1 Error: (08/19/2015 11:14:50 AM) (Source: Application Hang) (EventID: 1002) (User: ) Description: LiveComm.exe17.5.9600.20911f9801d0da5e7016c6064294967295C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20911_x64__8wekyb3d8bbwe\LiveComm.exebd580b98-4652-11e5-82bc-28d24464f76emicrosoft.windowscommunicationsapps_17.5.9600.20911_x64__8wekyb3d8bbweppleae38af2e007f4358a809ac99a64a67c1 Error: (08/19/2015 10:58:49 AM) (Source: Application Hang) (EventID: 1002) (User: ) Description: LiveComm.exe17.5.9600.2091112e401d0da5c8ca1c7144294967295C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20911_x64__8wekyb3d8bbwe\LiveComm.exe80d6ad74-4650-11e5-82bc-28d24464f76emicrosoft.windowscommunicationsapps_17.5.9600.20911_x64__8wekyb3d8bbweppleae38af2e007f4358a809ac99a64a67c1 Error: (08/19/2015 10:38:12 AM) (Source: Application Hang) (EventID: 1002) (User: ) Description: LiveComm.exe17.5.9600.209114e001d0da59ac2bb69f4294967295C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20911_x64__8wekyb3d8bbwe\LiveComm.exe9fa6aee2-464d-11e5-82bb-28d24464f76emicrosoft.windowscommunicationsapps_17.5.9600.20911_x64__8wekyb3d8bbweppleae38af2e007f4358a809ac99a64a67c1 Error: (08/19/2015 10:29:21 AM) (Source: Application Hang) (EventID: 1002) (User: ) Description: LiveComm.exe17.5.9600.20911107001d0da586ecee1134294967295C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20911_x64__8wekyb3d8bbwe\LiveComm.exe627a290e-464c-11e5-82bb-28d24464f76emicrosoft.windowscommunicationsapps_17.5.9600.20911_x64__8wekyb3d8bbweppleae38af2e007f4358a809ac99a64a67c1 Error: (08/19/2015 10:10:27 AM) (Source: Application Hang) (EventID: 1002) (User: ) Description: LiveComm.exe17.5.9600.20911ce001d0da55cad496ec4294967295C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20911_x64__8wekyb3d8bbwe\LiveComm.exebe639571-4649-11e5-82ba-fcf8aecaac65microsoft.windowscommunicationsapps_17.5.9600.20911_x64__8wekyb3d8bbweppleae38af2e007f4358a809ac99a64a67c1 Error: (08/19/2015 09:58:12 AM) (Source: Perflib) (EventID: 1023) (User: ) Description: rdyboost4 Error: (08/19/2015 09:58:11 AM) (Source: Perflib) (EventID: 1017) (User: ) Description: Outlook Error: (08/19/2015 09:58:11 AM) (Source: Perflib) (EventID: 1022) (User: ) Description: Outlook4 CodeIntegrity: =================================== Date: 2015-08-19 11:40:38.302 Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2015-08-19 11:40:38.114 Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2015-08-19 11:03:33.735 Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2015-08-19 11:03:33.500 Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2015-08-19 11:03:33.250 Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2015-08-19 11:03:32.969 Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2015-08-19 11:03:32.391 Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2015-08-19 10:49:57.605 Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2015-08-19 10:49:57.401 Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2015-08-19 10:38:30.229 Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Windows\System32\nvinitx.dll that did not meet the Custom 3 / Antimalware signing level requirements. ==================== Memory info =========================== Processor: Intel(R) Core(TM) i5-4200M CPU @ 2.50GHz Percentage of memory in use: 57% Total physical RAM: 4008.27 MB Available physical RAM: 1697.75 MB Total Virtual: 8104.27 MB Available Virtual: 5672.63 MB ==================== Drives ================================ Drive c: (Windows8_OS) (Fixed) (Total:891.54 GB) (Free:318.53 GB) NTFS ==>[system with boot components (obtained from reading drive)] Drive d: (LENOVO) (Fixed) (Total:25 GB) (Free:21.48 GB) NTFS ==================== MBR & Partition Table ================== ======================================================== Disk: 0 (Size: 931.5 GB) (Disk ID: 053F81BB) Partition: GPT. ==================== End of log ============================