Additional scan result of Farbar Recovery Scan Tool (x64) Version: 05-01-2014 Ran by Dominik at 2014-01-05 20:31:41 Running from C:\Users\Dominik\Downloads\LOGS Boot Mode: Normal ========================================================== ==================== Security Center ======================== AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AV: Avira Desktop (Enabled - Up to date) {F67B4DE5-C0B4-6C3F-0EFF-6C83BD5D0C2C} AS: Avira Desktop (Enabled - Up to date) {4D1AAC01-E68E-63B1-344F-57F1C6DA4691} AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} ==================== Installed Programs ====================== µTorrent (HKCU Version: 3.3.2.30416 - BitTorrent Inc.) 4 Elements II (x32 Version: 2.2.0.98 - WildTangent) Hidden 7-Zip 9.20 (x64 edition) (Version: 9.20.00.0 - Igor Pavlov) Adobe Flash Player 11 Plugin (x32 Version: 11.9.900.170 - Adobe Systems Incorporated) Adobe Shockwave Player 11.6 (x32 Version: 11.6.6.636 - Adobe Systems, Inc.) Airport Mania (x32 Version: 2.2.0.95 - WildTangent) Hidden AMD Accelerated Video Transcoding (Version: 12.10.100.30328 - Advanced Micro Devices, Inc.) Hidden AMD Catalyst Install Manager (Version: 8.0.911.0 - Advanced Micro Devices, Inc.) AMD Fuel (Version: 2013.0328.2218.38225 - Advanced Micro Devices, Inc.) Hidden AMD VISION Engine Control Center (x32 Version: 2013.0328.2218.38225 - Advanced Micro Devices, Inc.) Hidden Avira Free Antivirus (x32 Version: 14.0.2.286 - Avira) Azteca (x32 Version: 2.2.0.97 - WildTangent) Hidden Bejeweled 3 (x32 Version: 2.2.0.98 - WildTangent) Hidden Bounce Symphony (x32 Version: 2.2.0.97 - WildTangent) Hidden Brother MFL-Pro Suite HL-2280DW (x32 Version: 1.1.3.0 - Brother Industries, Ltd.) Build-a-lot (x32 Version: 2.2.0.98 - WildTangent) Hidden calibre (x32 Version: 1.9.0 - Kovid Goyal) Catalyst Control Center - Branding (x32 Version: 1.00.0000 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Graphics Previews Common (x32 Version: 2013.0328.2218.38225 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center InstallProxy (x32 Version: 2013.0328.2218.38225 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Localization All (x32 Version: 2013.0328.2218.38225 - Advanced Micro Devices, Inc.) Hidden CCC Help Chinese Standard (x32 Version: 2013.0328.2217.38225 - Advanced Micro Devices, Inc.) Hidden CCC Help Chinese Traditional (x32 Version: 2013.0328.2217.38225 - Advanced Micro Devices, Inc.) Hidden CCC Help Czech (x32 Version: 2013.0328.2217.38225 - Advanced Micro Devices, Inc.) Hidden CCC Help Danish (x32 Version: 2013.0328.2217.38225 - Advanced Micro Devices, Inc.) Hidden CCC Help Dutch (x32 Version: 2013.0328.2217.38225 - Advanced Micro Devices, Inc.) Hidden CCC Help English (x32 Version: 2013.0328.2217.38225 - Advanced Micro Devices, Inc.) Hidden CCC Help Finnish (x32 Version: 2013.0328.2217.38225 - Advanced Micro Devices, Inc.) Hidden CCC Help French (x32 Version: 2013.0328.2217.38225 - Advanced Micro Devices, Inc.) Hidden CCC Help German (x32 Version: 2013.0328.2217.38225 - Advanced Micro Devices, Inc.) Hidden CCC Help Greek (x32 Version: 2013.0328.2217.38225 - Advanced Micro Devices, Inc.) Hidden CCC Help Hungarian (x32 Version: 2013.0328.2217.38225 - Advanced Micro Devices, Inc.) Hidden CCC Help Italian (x32 Version: 2013.0328.2217.38225 - Advanced Micro Devices, Inc.) Hidden CCC Help Japanese (x32 Version: 2013.0328.2217.38225 - Advanced Micro Devices, Inc.) Hidden CCC Help Korean (x32 Version: 2013.0328.2217.38225 - Advanced Micro Devices, Inc.) Hidden CCC Help Norwegian (x32 Version: 2013.0328.2217.38225 - Advanced Micro Devices, Inc.) Hidden CCC Help Polish (x32 Version: 2013.0328.2217.38225 - Advanced Micro Devices, Inc.) Hidden CCC Help Portuguese (x32 Version: 2013.0328.2217.38225 - Advanced Micro Devices, Inc.) Hidden CCC Help Russian (x32 Version: 2013.0328.2217.38225 - Advanced Micro Devices, Inc.) Hidden CCC Help Spanish (x32 Version: 2013.0328.2217.38225 - Advanced Micro Devices, Inc.) Hidden CCC Help Swedish (x32 Version: 2013.0328.2217.38225 - Advanced Micro Devices, Inc.) Hidden CCC Help Thai (x32 Version: 2013.0328.2217.38225 - Advanced Micro Devices, Inc.) Hidden CCC Help Turkish (x32 Version: 2013.0328.2217.38225 - Advanced Micro Devices, Inc.) Hidden ccc-utility64 (Version: 2013.0328.2218.38225 - Advanced Micro Devices, Inc.) Hidden Cradle Of Egypt Collector's Edition (x32 Version: 2.2.0.110 - WildTangent) Hidden Cradle of Rome 2 (x32 Version: 2.2.0.98 - WildTangent) Hidden Curse at Twilight (x32 Version: 3.0.2.32 - WildTangent) Hidden Cyberlink PhotoDirector (x32 Version: 3.0.2.4128 - CyberLink Corp.) Cyberlink PhotoDirector (x32 Version: 3.0.2.4128 - CyberLink Corp.) Hidden CyberLink PowerDirector 10 (x32 Version: 10.0.3.2606 - CyberLink Corp.) CyberLink PowerDirector 10 (x32 Version: 10.0.3.2606 - CyberLink Corp.) Hidden CyberLink YouCam 5 (x32 Version: 5.0.1129 - CyberLink Corp.) CyberLink YouCam 5 (x32 Version: 5.0.1129 - CyberLink Corp.) Hidden D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden DAEMON Tools Lite (x32 Version: 4.48.1.0347 - Disc Soft Ltd) Delicious: Emily's Childhood Memories Premium Edition (x32 Version: 3.0.2.32 - WildTangent) Hidden Dragon NaturallySpeaking 12 (x32 Version: 12.00.100 - Nuance Communications Inc.) Elevated Installer (x32 Version: 2.3.14.0 - Garmin Ltd or its subsidiaries) Hidden Energy Star (x32 Version: 1.0.9 - Hewlett-Packard Company) Farm Frenzy (x32 Version: 2.2.0.98 - WildTangent) Hidden FlvPlayer (x32 Version: ${VERSION} - ) Garmin Communicator Plugin (x32 Version: 4.1.0 - Garmin Ltd or its subsidiaries) Garmin Communicator Plugin x64 (Version: 4.1.0 - Garmin Ltd or its subsidiaries) Garmin Express (x32 Version: 2.3.14.0 - Garmin Ltd or its subsidiaries) Hidden Garmin Express Tray (x32 Version: 2.3.14.0 - Garmin Ltd or its subsidiaries) Hidden Governor of Poker 2 Premium Edition (x32 Version: 2.2.0.110 - WildTangent) Hidden Hewlett-Packard ACLM.NET v1.2.1.1 (x32 Version: 1.00.0000 - Hewlett-Packard Company) Hidden House of 1000 Doors: Family Secrets (x32 Version: 2.2.0.98 - WildTangent) Hidden HP 3D DriveGuard (x32 Version: 6.0.15.1 - Hewlett-Packard Company) HP Connected Music (Meridian - installer) (x32 Version: 1.0 - Meridian Audio Ltd) HP Connected Music (Meridian - player) (HKCU Version: 1.1 (build 77) hp - Meridian Audio Ltd) HP CoolSense (x32 Version: 2.10.62 - Hewlett-Packard Company) HP Customer Experience Enhancements (x32 Version: 6.0.1.7 - Hewlett-Packard) Hidden HP Documentation (x32 Version: 1.2.0.0 - Hewlett-Packard) HP MyRoom (x32 Version: 9.0.0.0 - Hewlett-Packard Company) HP Postscript Converter (Version: 4.0.4100 - Hewlett-Packard) Hidden HP Recovery Manager (x32 Version: 9.00 - Hewlett-Packard) Hidden HP Registration Service (Version: 1.2.6317.4309 - Hewlett-Packard) HP Support Assistant (x32 Version: 7.0.39.15 - Hewlett-Packard Company) HP System Event Utility (x32 Version: 1.0.10 - Hewlett-Packard Company) HP Utility Center (Version: 2.1.5 - Hewlett-Packard Company) HP Wireless Button Driver (x32 Version: 1.1.2.1 - Hewlett-Packard Company) IDT Audio (x32 Version: 1.0.6491.0 - IDT) Java 7 Update 45 (x32 Version: 7.0.450 - Oracle) Java Auto Updater (x32 Version: 2.1.9.8 - Sun Microsystems, Inc.) Hidden Jewel Match 3 (x32 Version: 2.2.0.98 - WildTangent) Hidden Level Quality Watcher (x32 Version: 1.0.0.0 - Adpeak, Inc.) Hidden <==== ATTENTION Luxor Evolved (x32 Version: 2.2.0.98 - WildTangent) Hidden Mah Jong Medley (x32 Version: 2.2.0.95 - WildTangent) Hidden Mahjongg Dimensions Deluxe: Tiles in Time (x32 Version: 2.2.0.98 - WildTangent) Hidden Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden Microsoft SQL Server 2005 Compact Edition [ENU] (x32 Version: 3.1.0000 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.56336 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.59193 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.61001 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.59192 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.61000 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (Version: 9.0.21022 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (x32 Version: 9.0.21022 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (x32 Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (x32 Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319 (Version: 10.0.30319 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (x32 Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (x32 Version: 11.0.50727.1 - Microsoft Corporation) Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.50727 (Version: 11.0.50727 - Microsoft Corporation) Hidden Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.50727 (Version: 11.0.50727 - Microsoft Corporation) Hidden Microsoft WSE 3.0 Runtime (x32 Version: 3.0.5305.0 - Microsoft Corp.) Movie Maker (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden Mozilla Firefox 26.0 (x86 en-US) (x32 Version: 26.0 - Mozilla) Mozilla Maintenance Service (x32 Version: 26.0 - Mozilla) MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) Hidden MSVCRT110 (x32 Version: 16.4.1108.0727 - Microsoft) Hidden MSVCRT110_amd64 (Version: 16.4.1109.0912 - Microsoft) Hidden MSXML 4.0 SP2 Parser and SDK (x32 Version: 4.20.9818.0 - Microsoft Corporation) MSXML 4.0 SP3 Parser (KB2758694) (x32 Version: 4.30.2117.0 - Microsoft Corporation) MSXML 4.0 SP3 Parser (x32 Version: 4.30.2100.0 - Microsoft Corporation) Mystery P.I. - Curious Case of Counterfeit Cove (x32 Version: 2.2.0.98 - WildTangent) Hidden Nuance PaperPort 12 (x32 Version: 12.1.0000 - Nuance Communications, Inc.) Nuance PDF Viewer Plus (x32 Version: 5.30.3290 - Nuance Communications, Inc) OEM Application Profile (x32 Version: 1.00.0000 - Advanced Micro Devices, Inc.) PaperPort Image Printer 64-bit (Version: 1.00.0001 - Nuance Communications, Inc.) Peggle Nights (x32 Version: 2.2.0.98 - WildTangent) Hidden Photo Gallery (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden Plants vs. Zombies - Game of the Year (x32 Version: 2.2.0.98 - WildTangent) Hidden Polar Bowler (x32 Version: 2.2.0.97 - WildTangent) Hidden Ralink Bluetooth Stack64 (Version: 11.0.737.5 - Mediatek) Ralink RT3290 802.11bgn Wi-Fi Adapter (x32 Version: 5.0.34.0 - Mediatek) RealDownloader (x32 Version: 1.3.3 - RealNetworks, Inc.) Hidden RealNetworks - Microsoft Visual C++ 2008 Runtime (x32 Version: 9.0 - RealNetworks, Inc) Hidden RealNetworks - Microsoft Visual C++ 2010 Runtime (x32 Version: 10.0 - RealNetworks, Inc) Hidden RealPlayer (x32 Version: 16.0.3 - RealNetworks) Realtek Card Reader (x32 Version: 6.2.9200.29068 - Realtek Semiconductor Corp.) Realtek Ethernet Controller Driver (x32 Version: 8.13.314.2013 - Realtek) RealUpgrade 1.1 (x32 Version: 1.1.0 - RealNetworks, Inc.) Hidden Roads of Rome 3 (x32 Version: 2.2.0.98 - WildTangent) Hidden Royal Envoy 2 Collector's Edition (x32 Version: 3.0.2.32 - WildTangent) Hidden Scansoft PDF Professional (x32 Version: - ) Hidden Skype™ 6.11 (x32 Version: 6.11.102 - Skype Technologies S.A.) StarOffice 7 (HKCU Version: 7 - Sun Microsystems, Inc.) swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden Synaptics ClickPad Driver (Version: 17.0.8.0 - Synaptics Incorporated) Tales of Lagoona (x32 Version: 2.2.0.110 - WildTangent) Hidden The Sims™ 3 (x32 Version: 1.0.632 - Electronic Arts) Update for Microsoft en-us Dictionary (Version: 16.1.669.1 - Microsoft Corporation) Hidden Update Installer for WildTangent Games App (x32 Version: - WildTangent) Hidden Vacation Quest™ - Australia (x32 Version: 3.0.2.32 - WildTangent) Hidden WildTangent Games (x32 Version: 1.0.4.0 - WildTangent) WildTangent Games App (HP Games) (x32 Version: 4.0.10.5 - WildTangent) Hidden Windows 8 Codec Pack 2.0.1 (x32 Version: 2.0.1 - Windows 8 Codec Pack) Windows Live Communications Platform (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden Windows Live Essentials (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Windows Live Essentials (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden Windows Live Installer (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden Windows Live Photo Common (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden Windows Live PIMT Platform (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden Windows Live SOXE (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden Windows Live SOXE Definitions (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden Windows Live UX Platform (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden Windows Live UX Platform Language Pack (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden Youda Jewel Shop (x32 Version: 3.0.2.32 - WildTangent) Hidden Zuma's Revenge (x32 Version: 2.2.0.98 - WildTangent) Hidden ==================== Restore Points ========================= 21-12-2013 18:29:44 Removed Java 2 Runtime Environment, SE v1.4.2 24-12-2013 18:18:43 Removed Bonjour 26-12-2013 20:55:47 Zainstalowane The Sims 3 03-01-2014 03:53:31 Scheduled Checkpoint ==================== Hosts content: ========================== 2013-08-22 08:25 - 2013-08-22 08:25 - 00000824 ____N C:\WINDOWS\system32\Drivers\etc\hosts ==================== Scheduled Tasks (whitelisted) ============= Task: {05293577-D647-4185-B859-C94839A0B2E3} - System32\Tasks\Microsoft\Windows\SettingSync\NetworkStateChangeTask Task: {0B545118-B563-42FC-8D07-B78F602FCF34} - System32\Tasks\Microsoft\Windows\WS\WSRefreshBannedAppsListTask => Rundll32.exe WSClient.dll,RefreshBannedAppsList Task: {2085BF56-520D-4951-B7C0-DF34AF90CC6A} - System32\Tasks\Microsoft\Windows\Sysmain\WsSwapAssessmentTask => Rundll32.exe sysmain.dll,PfSvWsSwapAssessmentTask Task: {2AB56BBA-9FAA-465E-8E6A-93A7D26C8E64} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2012-09-27] (Hewlett-Packard Company) Task: {2B0B7BC2-A670-423F-A613-48A5B8D7874B} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Update Check => C:\ProgramData\Hewlett-Packard\HP Support Framework\Resources\Updater\HPSFUpdater.exe Task: {2B3ECD20-0041-48B8-91E4-D4A11D7333F6} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2012-09-27] (Hewlett-Packard Company) Task: {2C9C0C6C-2A74-46F2-858A-4389D253EAD0} - System32\Tasks\Microsoft\Windows\Sysmain\HybridDriveCachePrepopulate Task: {352E6CA0-7314-4DF4-89C4-682368D80D57} - System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join => C:\Windows\System32\AutoWorkplace.exe [2013-08-22] (Microsoft Corporation) Task: {3B6D8A73-F20B-4C93-B8FB-56A154F172D2} - System32\Tasks\Microsoft\Windows\Time Zone\SynchronizeTimeZone => C:\Windows\System32\tzsync.exe [2013-08-22] (Microsoft Corporation) Task: {44950F50-C24F-42D2-8D39-BBB76858CCAE} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP SoftPaq Installer => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF_Tasks.exe [2012-09-27] (Hewlett-Packard Company) Task: {44E5A2B9-DCD8-437C-A00B-E03004099466} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\Windows\System32\MRT.exe [2013-12-19] (Microsoft Corporation) Task: {49754026-21E1-41FC-94FD-727AFE414FE7} - System32\Tasks\Microsoft\Windows\Sysmain\HybridDriveCacheRebalance Task: {561F1711-BF77-4444-8E80-40870FEFDBA2} - System32\Tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-3442084834-3400189357-3585569311-1002 => C:\Program Files (x86)\Real\RealUpgrade\realupgrade.exe [2013-08-14] (RealNetworks, Inc.) Task: {5779AF5F-5AA1-4BC1-8B50-D1BBBAFB83C4} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-12-20] (Adobe Systems Incorporated) Task: {60970770-2BBA-4EB6-BB5A-B15E3653672F} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Critical Actions Pending => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2012-09-27] (Hewlett-Packard Company) Task: {6AA91E8C-DDBD-4979-8464-4062F7681A19} - System32\Tasks\Microsoft\Windows\Plug and Play\Plug and Play Cleanup Task: {6B1C112D-0A5B-40C5-BDBE-5DB0BD2B3B49} - System32\Tasks\Synaptics TouchPad Enhancements => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2013-11-12] (Synaptics Incorporated) Task: {6DFCB649-0769-4F83-BB10-F60F235F6D3D} - System32\Tasks\Microsoft\Windows\SkyDrive\Idle Sync Maintenance Task Task: {73B1B253-CE67-4501-AE1A-377DD1D68B65} - System32\Tasks\Microsoft\Windows\Application Experience\StartupAppTask => Rundll32.exe Startupscan.dll,SusRunTask Task: {77F1D869-6E65-4079-A2A0-E2023408EF97} - System32\Tasks\Microsoft\Windows\ApplicationData\CleanupTemporaryState => Rundll32.exe Windows.Storage.ApplicationData.dll,CleanupTemporaryState Task: {872D0E53-FD2E-41E3-B431-698AF82882CE} - System32\Tasks\Microsoft\Windows\SkyDrive\Routine Maintenance Task Task: {8CC813C9-712A-41EF-9512-B233444FC669} - System32\Tasks\Microsoft\Windows\AppxDeploymentClient\Pre-staged app cleanup => Rundll32.exe %windir%\system32\AppxDeploymentClient.dll,AppxPreStageCleanupRunTask Task: {9FF4C139-5234-410C-B7FA-23EE2FD2AB53} - System32\Tasks\Microsoft\Windows\Work Folders\Work Folders Maintenance Work Task: {AACF97A6-2D1B-44AD-86DC-3F4433C1E1B8} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker_DeviceScan => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [2013-10-15] (Hewlett-Packard) Task: {C9FE9D22-72B1-48D7-9205-25D639B79789} - System32\Tasks\Hewlett-Packard\HP CoolSense\HP CoolSense Start at Logon => C:\Program Files (x86)\Hewlett-Packard\HP CoolSense\CoolSense.exe [2012-11-05] (Hewlett-Packard Development Company, L.P.) Task: {CE789A14-F5EC-484A-B4AA-48AAF1A23C55} - System32\Tasks\HPCeeScheduleForDominik => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2010-09-14] (Hewlett-Packard) Task: {CFD7C21A-808B-487B-A6EC-8A10E44E8360} - System32\Tasks\Microsoft\Windows\SettingSync\BackupTask Task: {D88FEC9E-A82A-46F9-87E2-B6B97B301C1A} - System32\Tasks\Microsoft\Windows\WS\License Validation => Rundll32.exe WSClient.dll,WSpTLR licensing Task: {DA46820F-FF8A-4B5E-A6B2-B12185DCFFFB} - System32\Tasks\Microsoft\Windows\Work Folders\Work Folders Logon Synchronization Task: {E6D378FA-E068-4BCB-80DE-56D43A249507} - System32\Tasks\Microsoft\Windows\RecoveryEnvironment\VerifyWinRE Task: {ED4FE021-E236-42F4-951E-35109CA5E74F} - System32\Tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-3442084834-3400189357-3585569311-1002 => C:\Program Files (x86)\Real\RealUpgrade\realupgrade.exe [2013-08-14] (RealNetworks, Inc.) Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe Task: C:\WINDOWS\Tasks\HPCeeScheduleForDominik.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe ==================== Loaded Modules (whitelisted) ============= 2013-01-10 15:30 - 2013-01-10 15:30 - 00022528 _____ () C:\Windows\system32\BsTrace.dll 2013-01-10 15:35 - 2013-01-10 15:35 - 00009728 _____ () C:\Windows\system32\BsHelpCSps.dll 2013-01-10 15:35 - 2013-01-10 15:35 - 00055296 _____ () C:\Windows\system32\BlueSoleilCSps.dll 2013-03-29 00:30 - 2013-03-29 00:30 - 00103424 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Proxy.Native.dll 2013-11-19 20:04 - 2013-11-19 20:05 - 00183808 _____ () C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20315_x64__8wekyb3d8bbwe\ErrorReporting.dll 2013-12-19 22:46 - 2013-12-09 11:37 - 00394808 _____ () C:\Program Files (x86)\Avira\AntiVir Desktop\sqlite3.dll 2013-01-10 15:30 - 2013-01-10 15:30 - 00022528 _____ () C:\WINDOWS\SYSTEM32\BsTrace.dll 2013-01-10 15:35 - 2013-01-10 15:35 - 00009728 _____ () C:\Windows\SYSTEM32\BsHelpCSps.dll 2013-01-10 15:35 - 2013-01-10 15:35 - 00055296 _____ () C:\Windows\SYSTEM32\BlueSoleilCSps.dll 2013-03-22 12:06 - 2013-03-22 12:06 - 00387936 _____ () C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\Driver\USB\tl_filter.dll 2011-07-05 12:53 - 2011-07-05 12:53 - 00012800 _____ () C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\Driver\AMP\IVTAMPRL.dll 2013-12-21 15:38 - 2013-12-05 14:36 - 03559024 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll ==================== Alternate Data Streams (whitelisted) ========= AlternateDataStreams: C:\Users\Dominik\SkyDrive:ms-properties ==================== Safe Mode (whitelisted) =================== ==================== Faulty Device Manager Devices ============= ==================== Event log errors: ========================= Application errors: ================== Error: (01/05/2014 06:12:08 PM) (Source: Microsoft-Windows-Immersive-Shell) (User: MALINKA) Description: Activation of app Microsoft.BingFinance_8wekyb3d8bbwe!AppexFinance failed with error: -2147009284 See the Microsoft-Windows-TWinUI/Operational log for additional information. Error: (01/05/2014 05:51:38 PM) (Source: Microsoft-Windows-Immersive-Shell) (User: MALINKA) Description: Activation of app Microsoft.BingFinance_8wekyb3d8bbwe!AppexFinance failed with error: -2147009284 See the Microsoft-Windows-TWinUI/Operational log for additional information. Error: (01/05/2014 05:44:25 PM) (Source: Customer Experience Improvement Program) (User: ) Description: 80070005 Error: (01/05/2014 02:10:37 PM) (Source: Microsoft-Windows-Immersive-Shell) (User: MALINKA) Description: Activation of app Microsoft.BingFinance_8wekyb3d8bbwe!AppexFinance failed with error: -2147009284 See the Microsoft-Windows-TWinUI/Operational log for additional information. Error: (01/05/2014 00:35:36 PM) (Source: Microsoft-Windows-Immersive-Shell) (User: MALINKA) Description: Activation of app Microsoft.BingFinance_8wekyb3d8bbwe!AppexFinance failed with error: -2147009284 See the Microsoft-Windows-TWinUI/Operational log for additional information. Error: (01/04/2014 02:17:06 PM) (Source: Microsoft-Windows-Immersive-Shell) (User: MALINKA) Description: Activation of app Microsoft.BingFinance_8wekyb3d8bbwe!AppexFinance failed with error: -2147009284 See the Microsoft-Windows-TWinUI/Operational log for additional information. Error: (01/04/2014 00:30:32 PM) (Source: Microsoft-Windows-Immersive-Shell) (User: MALINKA) Description: Activation of app Microsoft.BingFinance_8wekyb3d8bbwe!AppexFinance failed with error: -2147009284 See the Microsoft-Windows-TWinUI/Operational log for additional information. Error: (01/04/2014 11:55:35 AM) (Source: Customer Experience Improvement Program) (User: ) Description: 80070005 Error: (01/03/2014 07:45:30 PM) (Source: Application Hang) (User: ) Description: The program backgroundTaskHost.exe version 6.3.9600.16384 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel. Process ID: 10a0 Start Time: 01cf08e6294b45cf Termination Time: 4294967295 Application Path: C:\WINDOWS\system32\backgroundTaskHost.exe Report Id: 6b6fb492-74d9-11e3-be8f-8056f204740a Faulting package full name: Microsoft.BingWeather_3.0.1.203_x64__8wekyb3d8bbwe Faulting package-relative application ID: App Error: (01/03/2014 07:44:57 PM) (Source: Application Hang) (User: ) Description: The program backgroundTaskHost.exe version 6.3.9600.16384 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel. Process ID: 193c Start Time: 01cf08e6294c1c92 Termination Time: 4294967295 Application Path: C:\WINDOWS\system32\backgroundTaskHost.exe Report Id: 6b878c03-74d9-11e3-be8f-8056f204740a Faulting package full name: Microsoft.BingTravel_3.0.1.202_x64__8wekyb3d8bbwe Faulting package-relative application ID: AppexTravel System errors: ============= Error: (01/05/2014 00:37:39 PM) (Source: DCOM) (User: NT AUTHORITY) Description: machine-defaultLocalActivation{C2F03A33-21F5-47FA-B4BB-156362A2F239}{316CDED5-E4AE-4B15-9113-7055D84DCC97}NT AUTHORITYLOCAL SERVICES-1-5-19LocalHost (Using LRPC)UnavailableUnavailable Error: (01/04/2014 11:34:59 AM) (Source: DCOM) (User: NT AUTHORITY) Description: machine-defaultLocalActivation{C2F03A33-21F5-47FA-B4BB-156362A2F239}{316CDED5-E4AE-4B15-9113-7055D84DCC97}NT AUTHORITYLOCAL SERVICES-1-5-19LocalHost (Using LRPC)UnavailableUnavailable Error: (01/03/2014 11:51:25 AM) (Source: DCOM) (User: NT AUTHORITY) Description: machine-defaultLocalActivation{C2F03A33-21F5-47FA-B4BB-156362A2F239}{316CDED5-E4AE-4B15-9113-7055D84DCC97}NT AUTHORITYLOCAL SERVICES-1-5-19LocalHost (Using LRPC)UnavailableUnavailable Error: (01/02/2014 00:16:30 PM) (Source: DCOM) (User: NT AUTHORITY) Description: machine-defaultLocalActivation{C2F03A33-21F5-47FA-B4BB-156362A2F239}{316CDED5-E4AE-4B15-9113-7055D84DCC97}NT AUTHORITYLOCAL SERVICES-1-5-19LocalHost (Using LRPC)UnavailableUnavailable Error: (12/31/2013 10:50:44 AM) (Source: DCOM) (User: NT AUTHORITY) Description: machine-defaultLocalActivation{C2F03A33-21F5-47FA-B4BB-156362A2F239}{316CDED5-E4AE-4B15-9113-7055D84DCC97}NT AUTHORITYLOCAL SERVICES-1-5-19LocalHost (Using LRPC)UnavailableUnavailable Error: (12/30/2013 00:56:03 PM) (Source: DCOM) (User: NT AUTHORITY) Description: machine-defaultLocalActivation{C2F03A33-21F5-47FA-B4BB-156362A2F239}{316CDED5-E4AE-4B15-9113-7055D84DCC97}NT AUTHORITYLOCAL SERVICES-1-5-19LocalHost (Using LRPC)UnavailableUnavailable Error: (12/29/2013 00:48:46 PM) (Source: DCOM) (User: NT AUTHORITY) Description: machine-defaultLocalActivation{C2F03A33-21F5-47FA-B4BB-156362A2F239}{316CDED5-E4AE-4B15-9113-7055D84DCC97}NT AUTHORITYLOCAL SERVICES-1-5-19LocalHost (Using LRPC)UnavailableUnavailable Error: (12/29/2013 00:46:18 PM) (Source: DCOM) (User: MALINKA) Description: AppexTravel.AppX1txy617paw32bwt6jvkgze7a08a7e8dv.mca Error: (12/29/2013 00:45:53 PM) (Source: Schannel) (User: NT AUTHORITY) Description: A fatal alert was generated and sent to the remote endpoint. This may result in termination of the connection. The TLS protocol defined fatal error code is 40. The Windows SChannel error state is 252. Error: (12/29/2013 00:45:53 PM) (Source: Schannel) (User: NT AUTHORITY) Description: A fatal alert was generated and sent to the remote endpoint. This may result in termination of the connection. The TLS protocol defined fatal error code is 40. The Windows SChannel error state is 252. Microsoft Office Sessions: ========================= Error: (01/05/2014 06:12:08 PM) (Source: Microsoft-Windows-Immersive-Shell)(User: MALINKA) Description: Microsoft.BingFinance_8wekyb3d8bbwe!AppexFinance-2147009284 Error: (01/05/2014 05:51:38 PM) (Source: Microsoft-Windows-Immersive-Shell)(User: MALINKA) Description: Microsoft.BingFinance_8wekyb3d8bbwe!AppexFinance-2147009284 Error: (01/05/2014 05:44:25 PM) (Source: Customer Experience Improvement Program)(User: ) Description: 80070005 Error: (01/05/2014 02:10:37 PM) (Source: Microsoft-Windows-Immersive-Shell)(User: MALINKA) Description: Microsoft.BingFinance_8wekyb3d8bbwe!AppexFinance-2147009284 Error: (01/05/2014 00:35:36 PM) (Source: Microsoft-Windows-Immersive-Shell)(User: MALINKA) Description: Microsoft.BingFinance_8wekyb3d8bbwe!AppexFinance-2147009284 Error: (01/04/2014 02:17:06 PM) (Source: Microsoft-Windows-Immersive-Shell)(User: MALINKA) Description: Microsoft.BingFinance_8wekyb3d8bbwe!AppexFinance-2147009284 Error: (01/04/2014 00:30:32 PM) (Source: Microsoft-Windows-Immersive-Shell)(User: MALINKA) Description: Microsoft.BingFinance_8wekyb3d8bbwe!AppexFinance-2147009284 Error: (01/04/2014 11:55:35 AM) (Source: Customer Experience Improvement Program)(User: ) Description: 80070005 Error: (01/03/2014 07:45:30 PM) (Source: Application Hang)(User: ) Description: backgroundTaskHost.exe6.3.9600.1638410a001cf08e6294b45cf4294967295C:\WINDOWS\system32\backgroundTaskHost.exe6b6fb492-74d9-11e3-be8f-8056f204740aMicrosoft.BingWeather_3.0.1.203_x64__8wekyb3d8bbweApp Error: (01/03/2014 07:44:57 PM) (Source: Application Hang)(User: ) Description: backgroundTaskHost.exe6.3.9600.16384193c01cf08e6294c1c924294967295C:\WINDOWS\system32\backgroundTaskHost.exe6b878c03-74d9-11e3-be8f-8056f204740aMicrosoft.BingTravel_3.0.1.202_x64__8wekyb3d8bbweAppexTravel CodeIntegrity Errors: =================================== Date: 2013-12-27 11:57:06.249 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\drivers\BtL2caScoIf.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2013-12-25 10:35:09.217 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\drivers\BtL2caScoIf.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2013-12-24 13:53:06.683 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\drivers\BtL2caScoIf.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2013-12-24 13:44:08.065 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\drivers\BtL2caScoIf.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2013-12-24 13:25:16.894 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\drivers\BtL2caScoIf.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2013-12-21 14:56:57.515 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\drivers\BtL2caScoIf.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2013-12-21 14:15:53.484 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\drivers\BtL2caScoIf.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2013-12-21 13:32:08.399 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\drivers\BtL2caScoIf.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2013-12-21 13:24:58.045 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\drivers\BtL2caScoIf.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2013-12-21 12:10:40.535 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\drivers\BtL2caScoIf.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. ==================== Memory info =========================== Percentage of memory in use: 51% Total physical RAM: 5336.25 MB Available physical RAM: 2597.47 MB Total Pagefile: 10712.25 MB Available Pagefile: 6215.98 MB Total Virtual: 131072 MB Available Virtual: 131071.82 MB ==================== Drives ================================ Drive c: (Windows) (Fixed) (Total:669.19 GB) (Free:595.25 GB) NTFS ==>[System with boot components (obtained from reading drive)] Drive d: (RECOVERY) (Fixed) (Total:28.33 GB) (Free:2.8 GB) NTFS ==>[System with boot components (obtained from reading drive)] ==================== MBR & Partition Table ================== ======================================================== Disk: 0 (Size: 699 GB) (Disk ID: 44766419) Partition: GPT Partition Type ==================== End Of Log ============================